[netfilter-cvslog] r7447 - trunk/iptables/extensions
kaber at trash.net
kaber at trash.net
Sun Apr 6 18:39:24 CEST 2008
Author: kaber at trash.net
Date: 2008-04-06 18:39:24 +0200 (Sun, 06 Apr 2008)
New Revision: 7447
Modified:
trunk/iptables/extensions/libxt_owner.man
Log:
[PATCH 08/24] Update the libxt_owner manpage with the UID/GID-range feature
Modified: trunk/iptables/extensions/libxt_owner.man
===================================================================
--- trunk/iptables/extensions/libxt_owner.man 2008-04-06 15:43:13 UTC (rev 7446)
+++ trunk/iptables/extensions/libxt_owner.man 2008-04-06 16:39:24 UTC (rev 7447)
@@ -3,14 +3,17 @@
POSTROUTING chains. Forwarded packets do not have any socket associated with
them. Packets from kernel threads do have a socket, but usually no owner.
.TP
-\fB--uid-owner\fR \fIuserid\fR
+\fB--uid-owner\fR \fIusername\fR
+.TP
+\fB--uid-owner\fR \fIuserid\fR[\fB-\fR\fIuserid\fR]
Matches if the packet socket's file structure (if it has one) is owned by the
-given user ID. A user name may be specified in place of \fIuserid\fR, in which
-case iptables will try to look it up.
+given user. You may also specify a numerical UID, or an UID range.
.TP
-\fB--gid-owner\fR \fIgroupid\fR
-Matches if the packet socket's file structure is owned by the given group ID.
-A group name may be specified in place of \fIgroupid\fR.
+\fB--gid-owner\fR \fIgroupname\fR
.TP
+\fB--gid-owner\fR \fIgroupid\fR[\fB-\fR\fIgroupid\fR]
+Matches if the packet socket's file structure is owned by the given group.
+You may also specify a numerical GID, or a GID range.
+.TP
\fB--socket-exists\fR
Matches if the packet is associated with a socket.
More information about the netfilter-cvslog
mailing list