diff options
author | darrenr <darrenr@FreeBSD.org> | 2002-04-25 03:34:26 +0000 |
---|---|---|
committer | darrenr <darrenr@FreeBSD.org> | 2002-04-25 03:34:26 +0000 |
commit | 49c8a23224d88e6d6d3be39c5024f4a7ba105108 (patch) | |
tree | 7e0ea7d4592339dca2c60043b1aadcbb907385b8 /contrib/ipfilter/man | |
parent | 8753e713f5f6f2bf2f467e1e43dc252d2d31b389 (diff) | |
download | FreeBSD-src-49c8a23224d88e6d6d3be39c5024f4a7ba105108.zip FreeBSD-src-49c8a23224d88e6d6d3be39c5024f4a7ba105108.tar.gz |
Import IPFilter 3.4.26
Diffstat (limited to 'contrib/ipfilter/man')
-rw-r--r-- | contrib/ipfilter/man/ipmon.8 | 3 | ||||
-rw-r--r-- | contrib/ipfilter/man/ipnat.5 | 9 |
2 files changed, 9 insertions, 3 deletions
diff --git a/contrib/ipfilter/man/ipmon.8 b/contrib/ipfilter/man/ipmon.8 index 386f3a2..0ec7854 100644 --- a/contrib/ipfilter/man/ipmon.8 +++ b/contrib/ipfilter/man/ipmon.8 @@ -46,7 +46,8 @@ long). 4. The group and rule number of the rule, e.g., \fB@0:17\fP. These can be viewed with \fBipfstat -n\fP. .LP -5. The action: \fBp\fP for passed or \fBb\fP for blocked. +5. The action: \fBp\fP for passed, \fBb\fP for blocked, \fB\fP for a short +packet, \fBn\fP did not match any rules or \fBL\fP for a log rule. .LP 6. The addresses. This is actually three fields: the source address and port diff --git a/contrib/ipfilter/man/ipnat.5 b/contrib/ipfilter/man/ipnat.5 index 7fb2e90..16c1752 100644 --- a/contrib/ipfilter/man/ipnat.5 +++ b/contrib/ipfilter/man/ipnat.5 @@ -7,8 +7,8 @@ The format for files accepted by ipnat is described by the following grammar: .nf ipmap :: = mapblock | redir | map . -map ::= mapit ifname ipmask "->" ipmask [ mapport ] . -map ::= mapit ifname fromto "->" ipmask [ mapport ] . +map ::= mapit ifname ipmask "->" dstipmask [ mapport ] . +map ::= mapit ifname fromto "->" dstipmask [ mapport ] . mapblock ::= "map-block" ifname ipmask "->" ipmask [ ports ] . redir ::= "rdr" ifname ipmask dport "->" ip [ "," ip ] rdrport options . @@ -18,6 +18,7 @@ rdrport ::= "port" portnum . mapit ::= "map" | "bimap" . fromto ::= "from" object "to" object . ipmask ::= ip "/" bits | ip "/" mask | ip "netmask" mask . +dstipmask ::= ipmask | "range" ip "-" ip . mapport ::= "portmap" tcpudp portnumber ":" portnumber . options ::= [ tcpudp ] [ rr ] . @@ -34,6 +35,10 @@ ifname ::= 'A' - 'Z' { 'A' - 'Z' } numbers . numbers ::= '0' | '1' | '2' | '3' | '4' | '5' | '6' | '7' | '8' | '9' . .fi .PP +In addition to this, # is used to mark the start of a comment and may +appear at the end of a line with a NAT rule (as described above) or on its +own lines. Blank lines are ignored. +.PP For standard NAT functionality, a rule should start with \fBmap\fP and then proceeds to specify the interface for which outgoing packets will have their source address rewritten. |