From a8a4f5ddfc32f21ade344dcec0fc2e3623634f55 Mon Sep 17 00:00:00 2001
From: Patrick McHardyYasuyuki KOZAKAI <kaber@trash.netyasuyuki@netfilter.org>
Date: Mon, 16 Jul 2007 15:27:38 +0000
Subject: Adds missing explanations about FIN in mask part of '--syn' in
 libip[6]_tcp.c and libip6t_tcp.man.

---
 extensions/libip6t_tcp.c   | 2 +-
 extensions/libip6t_tcp.man | 2 +-
 extensions/libipt_tcp.c    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'extensions')

diff --git a/extensions/libip6t_tcp.c b/extensions/libip6t_tcp.c
index c2a84e14..8af65ea8 100644
--- a/extensions/libip6t_tcp.c
+++ b/extensions/libip6t_tcp.c
@@ -16,7 +16,7 @@ help(void)
 " --tcp-flags [!] mask comp	match when TCP flags & mask == comp\n"
 "				(Flags: SYN ACK FIN RST URG PSH ALL NONE)\n"
 "[!] --syn			match when only SYN flag set\n"
-"				(equivalent to --tcp-flags SYN,RST,ACK SYN)\n"
+"				(equivalent to --tcp-flags SYN,RST,ACK,FIN SYN)\n"
 " --source-port [!] port[:port]\n"
 " --sport ...\n"
 "				match source port(s)\n"
diff --git a/extensions/libip6t_tcp.man b/extensions/libip6t_tcp.man
index 31cc493d..41b89a40 100644
--- a/extensions/libip6t_tcp.man
+++ b/extensions/libip6t_tcp.man
@@ -32,7 +32,7 @@ will only match packets with the SYN flag set, and the ACK, FIN and
 RST flags unset.
 .TP
 .B "[!] --syn"
-Only match TCP packets with the SYN bit set and the ACK and RST bits
+Only match TCP packets with the SYN bit set and the ACK,RST and FIN bits
 cleared.  Such packets are used to request TCP connection initiation;
 for example, blocking such packets coming in an interface will prevent
 incoming TCP connections, but outgoing TCP connections will be
diff --git a/extensions/libipt_tcp.c b/extensions/libipt_tcp.c
index c712b927..412b6cfc 100644
--- a/extensions/libipt_tcp.c
+++ b/extensions/libipt_tcp.c
@@ -16,7 +16,7 @@ help(void)
 " --tcp-flags [!] mask comp	match when TCP flags & mask == comp\n"
 "				(Flags: SYN ACK FIN RST URG PSH ALL NONE)\n"
 "[!] --syn			match when only SYN flag set\n"
-"				(equivalent to --tcp-flags SYN,RST,ACK SYN)\n"
+"				(equivalent to --tcp-flags SYN,RST,ACK,FIN SYN)\n"
 " --source-port [!] port[:port]\n"
 " --sport ...\n"
 "				match source port(s)\n"
-- 
cgit v1.2.3