From patchwork Mon Apr  8 11:30:30 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mart Frauenlob <mart.frauenlob@chello.at>
X-Patchwork-Id: 234743
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id B22D52C00C2
	for <incoming@patchwork.ozlabs.org>;
	Mon,  8 Apr 2013 21:31:19 +1000 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S934980Ab3DHLbS (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Mon, 8 Apr 2013 07:31:18 -0400
Received: from fep23.mx.upcmail.net ([62.179.121.43]:38841 "EHLO
	fep23.mx.upcmail.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S934906Ab3DHLbR (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Mon, 8 Apr 2013 07:31:17 -0400
Received: from edge02.upcmail.net ([192.168.13.237])
	by viefep23-int.chello.at
	(InterMail vM.8.01.05.05 201-2260-151-110-20120111) with ESMTP id
	<20130408113115.MWDV17478.viefep23-int.chello.at@edge02.upcmail.net>
	for <netfilter-devel@vger.kernel.org>;
	Mon, 8 Apr 2013 13:31:15 +0200
Received: from [192.168.13.66] ([80.108.253.46])
	by edge02.upcmail.net with edge
	id MPXE1l02E10poxs01PXEqH; Mon, 08 Apr 2013 13:31:14 +0200
X-SourceIP: 80.108.253.46
X-Authenticated-Sender: mart.frauenlob@chello.at
Message-ID: <5162AA56.70008@chello.at>
Date: Mon, 08 Apr 2013 13:30:30 +0200
From: Mart Frauenlob <mart.frauenlob@chello.at>
Reply-To: mart.frauenlob@chello.at
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64;
	rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: netfilter-devel@vger.kernel.org
Subject: [PATCH] iptables manpage: Update protocol list for MASQUERADE and
	REDIRECT
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

Hello,

this patch updates the list of protocols valid for the --to-ports option 
of the MASQUERADE and REDIRECT targets.

If I read the source correctly (no C programmer), icmp is also valid.
In that case the error message for !portok is missing icmp.

What does one specify, what is mapped with --to-ports and -p icmp?

Best regards

Mart

P.S. Is it ok to base on master, or should I use stable/next?
From 8e78fab467dbca6d1e27218cc4db091545a49027 Mon Sep 17 00:00:00 2001
From: Mart Frauenlob <mart.frauenlob@chello.at>
Date: Mon, 8 Apr 2013 13:11:49 +0200
Subject: [PATCH] manpage: Update protocol list for MASQUERADE and REDIRET.
---
 extensions/libip6t_MASQUERADE.man |    6 +++---
 extensions/libipt_MASQUERADE.man  |    6 +++---
 extensions/libipt_REDIRECT.man    |    6 +++---
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/extensions/libip6t_MASQUERADE.man b/extensions/libip6t_MASQUERADE.man
index c63d826..b5b7677 100644
--- a/extensions/libip6t_MASQUERADE.man
+++ b/extensions/libip6t_MASQUERADE.man
@@ -16,10 +16,10 @@ any established connections are lost anyway).
 This specifies a range of source ports to use, overriding the default
 .B SNAT
 source port-selection heuristics (see above).  This is only valid
-if the rule also specifies
-\fB\-p tcp\fP
+if the rule also specifies one of the following protocols:
+.B tcp, udp, dccp, sctp
 or
-\fB\-p udp\fP.
+.B icmp.
 .TP
 \fB\-\-random\fP
 Randomize source port mapping
diff --git a/extensions/libipt_MASQUERADE.man b/extensions/libipt_MASQUERADE.man
index 2dae964..807ddbd 100644
--- a/extensions/libipt_MASQUERADE.man
+++ b/extensions/libipt_MASQUERADE.man
@@ -16,10 +16,10 @@ any established connections are lost anyway).
 This specifies a range of source ports to use, overriding the default
 .B SNAT
 source port-selection heuristics (see above).  This is only valid
-if the rule also specifies
-\fB\-p tcp\fP
+if the rule also specifies one of the following protocols:
+.B tcp, udp, dccp, sctp
 or
-\fB\-p udp\fP.
+.B icmp.
 .TP
 \fB\-\-random\fP
 Randomize source port mapping
diff --git a/extensions/libipt_REDIRECT.man b/extensions/libipt_REDIRECT.man
index 90ab19d..635ddd4 100644
--- a/extensions/libipt_REDIRECT.man
+++ b/extensions/libipt_REDIRECT.man
@@ -12,10 +12,10 @@ destination IP to the primary address of the incoming interface
 \fB\-\-to\-ports\fP \fIport\fP[\fB\-\fP\fIport\fP]
 This specifies a destination port or range of ports to use: without
 this, the destination port is never altered.  This is only valid
-if the rule also specifies
-\fB\-p tcp\fP
+if the rule also specifies one of the following protocols:
+.B tcp, udp, dccp, sctp
 or
-\fB\-p udp\fP.
+.B icmp.
 .TP
 \fB\-\-random\fP
 If option