From patchwork Wed Apr 10 16:45:08 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mart Frauenlob <mart.frauenlob@chello.at>
X-Patchwork-Id: 235424
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id B8EDA2C00CA
	for <incoming@patchwork.ozlabs.org>;
	Thu, 11 Apr 2013 02:45:59 +1000 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S935753Ab3DJQp6 (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Wed, 10 Apr 2013 12:45:58 -0400
Received: from fep32.mx.upcmail.net ([62.179.121.50]:53506 "EHLO
	fep32.mx.upcmail.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1763998Ab3DJQp5 (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Wed, 10 Apr 2013 12:45:57 -0400
Received: from edge03.upcmail.net ([192.168.13.238])
	by viefep32-int.chello.at
	(InterMail vM.8.01.05.05 201-2260-151-110-20120111) with ESMTP id
	<20130410164556.TXEV12904.viefep32-int.chello.at@edge03.upcmail.net>
	for <netfilter-devel@vger.kernel.org>;
	Wed, 10 Apr 2013 18:45:56 +0200
Received: from [192.168.13.66] ([80.108.253.46])
	by edge03.upcmail.net with edge
	id NGlv1l01X10poxs03Glv5N; Wed, 10 Apr 2013 18:45:56 +0200
X-SourceIP: 80.108.253.46
X-Authenticated-Sender: mart.frauenlob@chello.at
Message-ID: <51659714.3010806@chello.at>
Date: Wed, 10 Apr 2013 18:45:08 +0200
From: Mart Frauenlob <mart.frauenlob@chello.at>
Reply-To: mart.frauenlob@chello.at
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64;
	rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH] iptables manpage: Update MASQUERADE target
References: <51659353.6080704@chello.at>
In-Reply-To: <51659353.6080704@chello.at>
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

On 10.04.2013 18:30, netfilter-devel-owner@vger.kernel.org wrote:
> Hello,
>
> this patch on the man page unifies the IPv4 and IPv6 entries of the
> MASQUERADE target and updates the list of protocols valid for port mapping.
>
> Though there's no error thrown, if -p is used with --to-ports,
> the !portok error message does not talk about icmp,
> and I got no definite answer yet, and I don't think it does icmp type
> conversion, I choose to not put the icmp protocol into the list.
> Please correct me on that subject, if I'm wrong.
>
> Also please ignore the previous patch for MASQUERADE and REDIRECT.

I'm very sorry, I messed up the author lines, resending.
From 8e0f5f1ddbd851c05d711fcdaad12dce1b00c1dc Mon Sep 17 00:00:00 2001
From: Mart Frauenlob <mart.frauenlob@chello.at>
Date: Wed, 10 Apr 2013 16:53:58 +0200
Subject: [PATCH] manpage: Add libxt_MASQUERADE.man remove libipt and libipt6 version.
 Update list of protocols valid for port mapping.
---
 extensions/libip6t_MASQUERADE.man |   30 ------------------------------
 extensions/libipt_MASQUERADE.man  |   30 ------------------------------
 extensions/libxt_MASQUERADE.man   |   28 ++++++++++++++++++++++++++++
 3 files changed, 28 insertions(+), 60 deletions(-)
 delete mode 100644 extensions/libip6t_MASQUERADE.man
 delete mode 100644 extensions/libipt_MASQUERADE.man
 create mode 100644 extensions/libxt_MASQUERADE.man

diff --git a/extensions/libip6t_MASQUERADE.man b/extensions/libip6t_MASQUERADE.man
deleted file mode 100644
index c63d826..0000000
--- a/extensions/libip6t_MASQUERADE.man
+++ /dev/null
@@ -1,30 +0,0 @@
-This target is only valid in the
-.B nat
-table, in the
-.B POSTROUTING
-chain.  It should only be used with dynamically assigned IPv6 (dialup)
-connections: if you have a static IP address, you should use the SNAT
-target.  Masquerading is equivalent to specifying a mapping to the IP
-address of the interface the packet is going out, but also has the
-effect that connections are
-.I forgotten
-when the interface goes down.  This is the correct behavior when the
-next dialup is unlikely to have the same interface address (and hence
-any established connections are lost anyway).
-.TP
-\fB\-\-to\-ports\fP \fIport\fP[\fB\-\fP\fIport\fP]
-This specifies a range of source ports to use, overriding the default
-.B SNAT
-source port-selection heuristics (see above).  This is only valid
-if the rule also specifies
-\fB\-p tcp\fP
-or
-\fB\-p udp\fP.
-.TP
-\fB\-\-random\fP
-Randomize source port mapping
-If option
-\fB\-\-random\fP
-is used then port mapping will be randomized.
-.RS
-.PP
diff --git a/extensions/libipt_MASQUERADE.man b/extensions/libipt_MASQUERADE.man
deleted file mode 100644
index 2dae964..0000000
--- a/extensions/libipt_MASQUERADE.man
+++ /dev/null
@@ -1,30 +0,0 @@
-This target is only valid in the
-.B nat
-table, in the
-.B POSTROUTING
-chain.  It should only be used with dynamically assigned IP (dialup)
-connections: if you have a static IP address, you should use the SNAT
-target.  Masquerading is equivalent to specifying a mapping to the IP
-address of the interface the packet is going out, but also has the
-effect that connections are
-.I forgotten
-when the interface goes down.  This is the correct behavior when the
-next dialup is unlikely to have the same interface address (and hence
-any established connections are lost anyway).
-.TP
-\fB\-\-to\-ports\fP \fIport\fP[\fB\-\fP\fIport\fP]
-This specifies a range of source ports to use, overriding the default
-.B SNAT
-source port-selection heuristics (see above).  This is only valid
-if the rule also specifies
-\fB\-p tcp\fP
-or
-\fB\-p udp\fP.
-.TP
-\fB\-\-random\fP
-Randomize source port mapping
-If option
-\fB\-\-random\fP
-is used then port mapping will be randomized (kernel >= 2.6.21).
-.RS
-.PP
diff --git a/extensions/libxt_MASQUERADE.man b/extensions/libxt_MASQUERADE.man
new file mode 100644
index 0000000..efcb91b
--- /dev/null
+++ b/extensions/libxt_MASQUERADE.man
@@ -0,0 +1,28 @@
+This target is only valid in the
+.B nat
+table, in the
+.B POSTROUTING
+chain.  It should only be used with dynamically assigned IP (dialup)
+connections: if you have a static IP address, you should use the SNAT
+target.  Masquerading is equivalent to specifying a mapping to the IP
+address of the interface the packet is going out, but also has the
+effect that connections are
+.I forgotten
+when the interface goes down.  This is the correct behavior when the
+next dialup is unlikely to have the same interface address (and hence
+any established connections are lost anyway).
+.TP
+\fB\-\-to\-ports\fP \fIport\fP[\fB\-\fP\fIport\fP]
+This specifies a range of source ports to use, overriding the default
+.B SNAT
+source port-selection heuristics (see above).  This is only valid
+if the rule also specifies one of the following protocols:
+\fBtcp\fP, \fBudp\fP, \fBdccp\fP or \fBsctp\fP.
+.TP
+\fB\-\-random\fP
+Randomize source port mapping
+If option
+\fB\-\-random\fP
+is used then port mapping will be randomized (kernel >= 2.6.21).
+.RS
+.PP