@@ -1,4 +1,4 @@
-.TH ARPTABLES-RESTORE 8 "Nov 07, 2013" "" ""
+.TH ARPTABLES-RESTORE 8 "March 2019" "" ""
.\"
.\" Man page written by Jesper Dangaard Brouer <brouer@redhat.com> based on a
.\" Man page written by Harald Welte <laforge@gnumonks.org>
@@ -20,7 +20,7 @@
.\"
.\"
.SH NAME
-arptables-restore \(em Restore ARP Tables
+arptables-restore \- Restore ARP Tables (nft-based)
.SH SYNOPSIS
\fBarptables\-restore
.SH DESCRIPTION
@@ -32,8 +32,6 @@ Use I/O redirection provided by your shell to read from a file
.TP
.B arptables-restore
flushes (deletes) all previous contents of the respective ARP Table.
-.SH BUGS
-None known as of arptables-0.0.4 release
.SH AUTHOR
Jesper Dangaard Brouer <brouer@redhat.com>
.SH SEE ALSO
@@ -1,4 +1,4 @@
-.TH ARPTABLES-SAVE 8 "Nov 07, 2013" "" ""
+.TH ARPTABLES-SAVE 8 "March 2019" "" ""
.\"
.\" Man page written by Jesper Dangaard Brouer <brouer@redhat.com> based on a
.\" Man page written by Harald Welte <laforge@gnumonks.org>
@@ -20,16 +20,26 @@
.\"
.\"
.SH NAME
-arptables-save \(em dump arptables rules to stdout
+arptables-save \- dump arptables rules to stdout (nft-based)
.SH SYNOPSIS
-\fBarptables\-save
+\fBarptables\-save\fP [\fB\-M\fP \fImodprobe\fP] [\fB\-c\fP]
+.P
+\fBarptables\-save\fP [\fB\-V\fP]
.SH DESCRIPTION
.PP
.B arptables-save
is used to dump the contents of an ARP Table in easily parseable format
to STDOUT. Use I/O-redirection provided by your shell to write to a file.
-.SH BUGS
-None known as of arptables-0.0.4 release
+.TP
+\fB\-M\fR, \fB\-\-modprobe\fR \fImodprobe_program\fP
+Specify the path to the modprobe program. By default, arptables-save will
+inspect /proc/sys/kernel/modprobe to determine the executable's path.
+.TP
+\fB\-c\fR, \fB\-\-counters\fR
+Include the current values of all packet and byte counters in the output.
+.TP
+\fB\-V\fR, \fB\-\-version\fR
+Print version information and exit.
.SH AUTHOR
Jesper Dangaard Brouer <brouer@redhat.com>
.SH SEE ALSO
@@ -1,4 +1,4 @@
-.TH ARPTABLES 8 "June 2018"
+.TH ARPTABLES 8 "March 2019"
.\"
.\" Man page originally written by Jochen Friedrich <jochen@scram.de>,
.\" maintained by Bart De Schuymer.
@@ -22,7 +22,7 @@
.\"
.\"
.SH NAME
-arptables \- ARP table administration (legacy)
+arptables \- ARP table administration (nft-based)
.SH SYNOPSIS
.BR "arptables " [ "-t table" ] " -" [ AD ] " chain rule-specification " [ options ]
.br
@@ -38,17 +38,6 @@ arptables \- ARP table administration (legacy)
.br
.BR "arptables " [ "-t table" ] " -P chain target " [ options ]
-.SH LEGACY
-This tool uses the old xtables/setsockopt framework, and is a legacy version
-of arptables. That means that a new, more modern tool exists with the same
-functionality using the nf_tables framework and you are encouraged to migrate now.
-The new binaries (formerly known as -compat) uses the same syntax and
-semantics than this legacy one.
-
-You can still use this legacy tool. You should probably get some specific
-information from your Linux distribution or vendor.
-More docs are available at https://wiki.nftables.org
-
.SH DESCRIPTION
.B arptables
is a user space tool, it is used to set up and maintain the
@@ -106,15 +95,11 @@ first argument on the arptables command line, if used.
.B "-t, --table"
.br
.BR filter ,
-is the only table and contains two (Linux kernels 2.4.X) or three (Linux kernels 2.6.0 and later) built-in chains:
+is the only table and contains two built-in chains:
.B INPUT
-(for frames destined for the host),
+(for frames destined for the host) and
.B OUTPUT
-(for locally-generated frames) and
-.B FORWARD
-(for frames being forwarded by the bridge code). The
-.B FORWARD
-chain doesn't exist in Linux 2.4.X kernels.
+(for locally-generated frames).
.br
.br
.SH ARPTABLES COMMAND LINE ARGUMENTS
@@ -258,15 +243,15 @@ numbers separated by colons.
.TP
.BR "-i, --in-interface " "[!] \fIname\fP"
The interface via which a frame is received (for the
-.BR INPUT " and " FORWARD
-chains). The flag
+.B INPUT
+chain). The flag
.B --in-if
is an alias for this option.
.TP
.BR "-o, --out-interface " "[!] \fIname\fP"
The interface via which a frame is going to be sent (for the
-.BR OUTPUT " and " FORWARD
-chains). The flag
+.B OUTPUT
+chain). The flag
.B --out-if
is an alias for this option.
.TP
@@ -344,9 +329,20 @@ Binary AND the mark with bits.
.BR "--or-mark mark"
Binary OR the mark with bits.
+.SH NOTES
+In this nft-based version of
+.BR arptables ,
+support for
+.B FORWARD
+chain has not been implemented. Since ARP packets are "forwarded" only by Linux
+bridges, the same may be achieved using
+.B FORWARD
+chain in
+.BR ebtables .
+
.SH MAILINGLISTS
.BR "" "See " http://netfilter.org/mailinglists.html
.SH SEE ALSO
-.BR iptables "(8), " ebtables "(8), " arp "(8), " rarp "(8), " ifconfig "(8), " route (8)
+.BR xtables-nft "(8), " iptables "(8), " ebtables "(8), " ip (8)
.PP
-.BR "" "See " http://ebtables.sf.net
+.BR "" "See " https://wiki.nftables.org
Change content to suit the shipped nft-based variant. Most relevant changes: * FORWARD chain is not supported * arptables-nft-save supports a few parameters Signed-off-by: Phil Sutter <phil@nwl.cc> --- iptables/arptables-nft-restore.8 | 6 ++-- iptables/arptables-nft-save.8 | 20 +++++++++---- iptables/arptables-nft.8 | 48 +++++++++++++++----------------- 3 files changed, 39 insertions(+), 35 deletions(-)