From: Mart Frauenlob <mart.frauenlob@chello.at>
To: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH] iptables manpage: Update SNAT target
Date: Wed, 10 Apr 2013 18:49:57 +0200 [thread overview]
Message-ID: <51659835.9050103@chello.at> (raw)
In-Reply-To: <516593CC.1010908@chello.at>
[-- Attachment #1: Type: text/plain, Size: 326 bytes --]
On 10.04.2013 18:32, netfilter-devel-owner@vger.kernel.org wrote:
> Hello,
>
> this patch renames libipt_SNAT.man to libxt_SNAT.man thus informing
> about the IPv6 version.
> Also the list of valid protocols for port mapping is updated to:
> tcp, udp, dccp and sctp.
I'm very sorry, I messed up the author lines, resending.
[-- Attachment #2: manpage-Rename-libipt_SNAT.man-to-libxt_SNAT.man.patch --]
[-- Type: text/plain, Size: 4087 bytes --]
>From 8136feb4b69ac27cb50d8f1db95bf2d03e9ba8a9 Mon Sep 17 00:00:00 2001
From: Mart Frauenlob <mart.frauenlob@chello.at>
Date: Wed, 10 Apr 2013 16:44:49 +0200
Subject: [PATCH] manpage: Rename libipt_SNAT.man to libxt_SNAT.man.
Update list of protocols valid for port mapping.
---
extensions/libipt_SNAT.man | 37 -------------------------------------
extensions/libxt_SNAT.man | 34 ++++++++++++++++++++++++++++++++++
2 files changed, 34 insertions(+), 37 deletions(-)
delete mode 100644 extensions/libipt_SNAT.man
create mode 100644 extensions/libxt_SNAT.man
diff --git a/extensions/libipt_SNAT.man b/extensions/libipt_SNAT.man
deleted file mode 100644
index 626b592..0000000
--- a/extensions/libipt_SNAT.man
+++ /dev/null
@@ -1,37 +0,0 @@
-This target is only valid in the
-.B nat
-table, in the
-.B POSTROUTING
-chain. It specifies that the source address of the packet should be
-modified (and all future packets in this connection will also be
-mangled), and rules should cease being examined. It takes one type
-of option:
-.TP
-\fB\-\-to\-source\fP [\fIipaddr\fP[\fB\-\fP\fIipaddr\fP]][\fB:\fP\fIport\fP[\fB\-\fP\fIport\fP]]
-which can specify a single new source IP address, an inclusive range
-of IP addresses, and optionally, a port range (which is only valid if
-the rule also specifies
-\fB\-p tcp\fP
-or
-\fB\-p udp\fP).
-If no port range is specified, then source ports below 512 will be
-mapped to other ports below 512: those between 512 and 1023 inclusive
-will be mapped to ports below 1024, and other ports will be mapped to
-1024 or above. Where possible, no port alteration will occur.
-
-In Kernels up to 2.6.10, you can add several \-\-to\-source options. For those
-kernels, if you specify more than one source address, either via an address
-range or multiple \-\-to\-source options, a simple round-robin (one after another
-in cycle) takes place between these addresses.
-Later Kernels (>= 2.6.11-rc1) don't have the ability to NAT to multiple ranges
-anymore.
-.TP
-\fB\-\-random\fP
-If option
-\fB\-\-random\fP
-is used then port mapping will be randomized (kernel >= 2.6.21).
-.TP
-\fB\-\-persistent\fP
-Gives a client the same source-/destination-address for each connection.
-This supersedes the SAME target. Support for persistent mappings is available
-from 2.6.29-rc2.
diff --git a/extensions/libxt_SNAT.man b/extensions/libxt_SNAT.man
new file mode 100644
index 0000000..d1e6f0d
--- /dev/null
+++ b/extensions/libxt_SNAT.man
@@ -0,0 +1,34 @@
+This target is only valid in the
+.B nat
+table, in the
+.B POSTROUTING
+chain. It specifies that the source address of the packet should be
+modified (and all future packets in this connection will also be
+mangled), and rules should cease being examined. It takes the
+following options:
+.TP
+\fB\-\-to\-source\fP [\fIipaddr\fP[\fB\-\fP\fIipaddr\fP]][\fB:\fP\fIport\fP[\fB\-\fP\fIport\fP]]
+which can specify a single new source IP address, an inclusive range
+of IP addresses. Optionally a port range,
+if the rule also specifies one of the following protocols:
+\fBtcp\fP, \fBudp\fP, \fBdccp\fP or \fBsctp\fP.
+If no port range is specified, then source ports below 512 will be
+mapped to other ports below 512: those between 512 and 1023 inclusive
+will be mapped to ports below 1024, and other ports will be mapped to
+1024 or above. Where possible, no port alteration will occur.
+In Kernels up to 2.6.10, you can add several \-\-to\-source options. For those
+kernels, if you specify more than one source address, either via an address
+range or multiple \-\-to\-source options, a simple round-robin (one after another
+in cycle) takes place between these addresses.
+Later Kernels (>= 2.6.11-rc1) don't have the ability to NAT to multiple ranges
+anymore.
+.TP
+\fB\-\-random\fP
+If option
+\fB\-\-random\fP
+is used then port mapping will be randomized (kernel >= 2.6.21).
+.TP
+\fB\-\-persistent\fP
+Gives a client the same source-/destination-address for each connection.
+This supersedes the SAME target. Support for persistent mappings is available
+from 2.6.29-rc2.
--
1.7.2.5
next prev parent reply other threads:[~2013-04-10 16:50 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-10 16:31 [PATCH] iptables manpage: Update SNAT target Mart Frauenlob
2013-04-10 16:49 ` Mart Frauenlob [this message]
2013-04-19 0:56 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51659835.9050103@chello.at \
--to=mart.frauenlob@chello.at \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.