[iptables] doc: mention maximum mark size in manpages
Harald Welte
netfilter-cvslog-bounces at lists.netfilter.org
Sun Oct 25 10:51:33 CET 2009
Gitweb: http://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=bc57906530df924324efef494a4fcff65d25e4ce
commit bc57906530df924324efef494a4fcff65d25e4ce
Author: Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Mon Oct 5 13:24:02 2009 +0200
Commit: Harald Welte <laforge at gnumonks.org>
CommitDate: Sun Oct 25 10:48:03 2009 +0100
doc: mention maximum mark size in manpages
via bc57906530df924324efef494a4fcff65d25e4ce (commit)
from 2463f7dcee97efe7dfc4b2e1f6a3c552f23a8d8c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bc57906530df924324efef494a4fcff65d25e4ce
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon Oct 5 13:24:02 2009 +0200
doc: mention maximum mark size in manpages
-----------------------------------------------------------------------
extensions/libxt_CONNMARK.man | 3 ++-
extensions/libxt_MARK.man | 3 ++-
extensions/libxt_SECMARK.man | 2 +-
3 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/extensions/libxt_CONNMARK.man b/extensions/libxt_CONNMARK.man
index 571ce37..13c6b4b 100644
--- a/extensions/libxt_CONNMARK.man
+++ b/extensions/libxt_CONNMARK.man
@@ -1,4 +1,5 @@
-This module sets the netfilter mark value associated with a connection.
+This module sets the netfilter mark value associated with a connection. The
+mark is 32 bits wide.
.TP
\fB\-\-set\-xmark\fP \fIvalue\fP[\fB/\fP\fImask\fP]
Zero out the bits given by \fImask\fR and XOR \fIvalue\fR into the ctmark.
diff --git a/extensions/libxt_MARK.man b/extensions/libxt_MARK.man
index 7bb05be..98be812 100644
--- a/extensions/libxt_MARK.man
+++ b/extensions/libxt_MARK.man
@@ -1,6 +1,7 @@
This target is used to set the Netfilter mark value associated with the packet.
The target can only be used in the \fBmangle\fR table. It can, for example, be
-used in conjunction with routing based on fwmark (needs iproute2).
+used in conjunction with routing based on fwmark (needs iproute2). The mark
+field is 32 bits wide.
.TP
\fB\-\-set\-xmark\fP \fIvalue\fP[\fB/\fP\fImask\fP]
Zeroes out the bits given by \fImask\fR and XORs \fIvalue\fR into the packet
diff --git a/extensions/libxt_SECMARK.man b/extensions/libxt_SECMARK.man
index f58bb43..e44efce 100644
--- a/extensions/libxt_SECMARK.man
+++ b/extensions/libxt_SECMARK.man
@@ -2,6 +2,6 @@ This is used to set the security mark value associated with the
packet for use by security subsystems such as SELinux. It is only
valid in the
.B mangle
-table.
+table. The mark is 32 bits wide.
.TP
\fB\-\-selctx\fP \fIsecurity_context\fP
More information about the netfilter-cvslog
mailing list