* [PATCH] iptables manpage: Update protocol list for MASQUERADE and REDIRECT
@ 2013-04-08 11:30 Mart Frauenlob
0 siblings, 0 replies; only message in thread
From: Mart Frauenlob @ 2013-04-08 11:30 UTC (permalink / raw)
To: netfilter-devel
[-- Attachment #1: Type: text/plain, Size: 404 bytes --]
Hello,
this patch updates the list of protocols valid for the --to-ports option
of the MASQUERADE and REDIRECT targets.
If I read the source correctly (no C programmer), icmp is also valid.
In that case the error message for !portok is missing icmp.
What does one specify, what is mapped with --to-ports and -p icmp?
Best regards
Mart
P.S. Is it ok to base on master, or should I use stable/next?
[-- Attachment #2: manpage-Update-protocol-list-for-MASQUERADE-and-REDIRECT.patch --]
[-- Type: text/plain, Size: 2324 bytes --]
>From 8e78fab467dbca6d1e27218cc4db091545a49027 Mon Sep 17 00:00:00 2001
From: Mart Frauenlob <mart.frauenlob@chello.at>
Date: Mon, 8 Apr 2013 13:11:49 +0200
Subject: [PATCH] manpage: Update protocol list for MASQUERADE and REDIRET.
---
extensions/libip6t_MASQUERADE.man | 6 +++---
extensions/libipt_MASQUERADE.man | 6 +++---
extensions/libipt_REDIRECT.man | 6 +++---
3 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/extensions/libip6t_MASQUERADE.man b/extensions/libip6t_MASQUERADE.man
index c63d826..b5b7677 100644
--- a/extensions/libip6t_MASQUERADE.man
+++ b/extensions/libip6t_MASQUERADE.man
@@ -16,10 +16,10 @@ any established connections are lost anyway).
This specifies a range of source ports to use, overriding the default
.B SNAT
source port-selection heuristics (see above). This is only valid
-if the rule also specifies
-\fB\-p tcp\fP
+if the rule also specifies one of the following protocols:
+.B tcp, udp, dccp, sctp
or
-\fB\-p udp\fP.
+.B icmp.
.TP
\fB\-\-random\fP
Randomize source port mapping
diff --git a/extensions/libipt_MASQUERADE.man b/extensions/libipt_MASQUERADE.man
index 2dae964..807ddbd 100644
--- a/extensions/libipt_MASQUERADE.man
+++ b/extensions/libipt_MASQUERADE.man
@@ -16,10 +16,10 @@ any established connections are lost anyway).
This specifies a range of source ports to use, overriding the default
.B SNAT
source port-selection heuristics (see above). This is only valid
-if the rule also specifies
-\fB\-p tcp\fP
+if the rule also specifies one of the following protocols:
+.B tcp, udp, dccp, sctp
or
-\fB\-p udp\fP.
+.B icmp.
.TP
\fB\-\-random\fP
Randomize source port mapping
diff --git a/extensions/libipt_REDIRECT.man b/extensions/libipt_REDIRECT.man
index 90ab19d..635ddd4 100644
--- a/extensions/libipt_REDIRECT.man
+++ b/extensions/libipt_REDIRECT.man
@@ -12,10 +12,10 @@ destination IP to the primary address of the incoming interface
\fB\-\-to\-ports\fP \fIport\fP[\fB\-\fP\fIport\fP]
This specifies a destination port or range of ports to use: without
this, the destination port is never altered. This is only valid
-if the rule also specifies
-\fB\-p tcp\fP
+if the rule also specifies one of the following protocols:
+.B tcp, udp, dccp, sctp
or
-\fB\-p udp\fP.
+.B icmp.
.TP
\fB\-\-random\fP
If option
--
1.7.2.5
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2013-04-08 11:31 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-04-08 11:30 [PATCH] iptables manpage: Update protocol list for MASQUERADE and REDIRECT Mart Frauenlob
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).