From 4b0c168a7b50032ba64f75565f73340fc447bfab Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Mon, 13 Nov 2023 11:17:35 +0100 Subject: man: more backslash-encoding of characters "-" is the dash, "\-" is minus as we know, but groff lists some more characters: "^" is "modifier circumflex" and "~" is "modifier tilde", which, too, need to be escaped for our use. Signed-off-by: Jan Engelhardt --- iptables/xtables-translate.8 | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'iptables/xtables-translate.8') diff --git a/iptables/xtables-translate.8 b/iptables/xtables-translate.8 index a048e8c9..ba16c525 100644 --- a/iptables/xtables-translate.8 +++ b/iptables/xtables-translate.8 @@ -38,15 +38,15 @@ ruleset from \fBiptables(8)\fP, \fBip6tables(8)\fP and \fBebtables(8)\fP to The available commands are: .IP \[bu] 2 -iptables-translate +iptables\-translate .IP \[bu] -iptables-restore-translate +iptables\-restore\-translate .IP \[bu] 2 -ip6tables-translate +ip6tables\-translate .IP \[bu] -ip6tables-restore-translate +ip6tables\-restore\-translate .IP \[bu] 2 -ebtables-translate +ebtables\-translate .SH USAGE They take as input the original @@ -69,38 +69,38 @@ Basic operation examples. Single command translation: .nf -root@machine:~# iptables-translate -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT +root@machine:\~# iptables\-translate \-A INPUT \-p tcp \-\-dport 22 \-m conntrack \-\-ctstate NEW \-j ACCEPT nft add rule ip filter INPUT tcp dport 22 ct state new counter accept -root@machine:~# ip6tables-translate -A FORWARD -i eth0 -o eth3 -p udp -m multiport --dports 111,222 -j ACCEPT +root@machine:\~# ip6tables\-translate \-A FORWARD \-i eth0 \-o eth3 \-p udp \-m multiport \-\-dports 111,222 \-j ACCEPT nft add rule ip6 filter FORWARD iifname eth0 oifname eth3 meta l4proto udp udp dport { 111,222} counter accept .fi Whole ruleset translation: .nf -root@machine:~# iptables-save > save.txt -root@machine:~# cat save.txt -# Generated by iptables-save v1.6.0 on Sat Dec 24 14:26:40 2016 +root@machine:\~# iptables\-save > save.txt +root@machine:\~# cat save.txt +# Generated by iptables\-save v1.6.0 on Sat Dec 24 14:26:40 2016 *filter :INPUT ACCEPT [5166:1752111] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [5058:628693] --A FORWARD -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT +\-A FORWARD \-p tcp \-m tcp \-\-dport 22 \-m conntrack \-\-ctstate NEW \-j ACCEPT COMMIT # Completed on Sat Dec 24 14:26:40 2016 -root@machine:~# iptables-restore-translate -f save.txt -# Translated by iptables-restore-translate v1.6.0 on Sat Dec 24 14:26:59 2016 +root@machine:\~# iptables\-restore\-translate \-f save.txt +# Translated by iptables\-restore\-translate v1.6.0 on Sat Dec 24 14:26:59 2016 add table ip filter add chain ip filter INPUT { type filter hook input priority 0; } add chain ip filter FORWARD { type filter hook forward priority 0; } add chain ip filter OUTPUT { type filter hook output priority 0; } add rule ip filter FORWARD tcp dport 22 ct state new counter accept -root@machine:~# iptables-restore-translate -f save.txt > ruleset.nft -root@machine:~# nft -f ruleset.nft -root@machine:~# nft list ruleset +root@machine:\~# iptables\-restore\-translate \-f save.txt > ruleset.nft +root@machine:\~# nft \-f ruleset.nft +root@machine:\~# nft list ruleset table ip filter { chain INPUT { type filter hook input priority 0; policy accept; -- cgit v1.2.3