Package: iptables Version: 1.4.12-1 Severity: normal Tags: patch I tried to debug a NAT setup reading the man page (around line 440). If I understand the sources correctly, this is (mostly) in extensions/libxt_state.man, although I cannot find SNAT/DNAT there (though I haven't yet used them).
Looking at the list the entry for NEW has a (stray?) "and" (though I
think it probably was meant as an "list and") and the issue for
RELATED is unclear, though I think I figured the meaning. Further
given that the file is assembled, I guess using commas and full stops
(and "and"s) might not be a good idea. Summarizing, please check the
following patch and apply it for your next upload:
--- extensions/libxt_state.man 2012-01-02 18:19:09.000000000 +0100
+++ /tmp/libxt_state.man.new 2012-01-07 18:20:04.000000000 +0100
@@ -3,21 +3,21 @@
.TP
[\fB!\fP] \fB\-\-state\fP \fIstate\fP
Where state is a comma separated list of the connection states to
-match. Possible states are
+match. Possible states are:
.B INVALID
meaning that the packet could not be identified for some reason which
includes running out of memory and ICMP errors which don't correspond to any
-known connection,
+known connection.
.B ESTABLISHED
meaning that the packet is associated with a connection which has seen
-packets in both directions,
+packets in both directions.
.B NEW
meaning that the packet has started a new connection, or otherwise
associated with a connection which has not seen packets in both
-directions, and
+directions.
.B RELATED
-meaning that the packet is starting a new connection, but is
-associated with an existing connection, such as an FTP data transfer,
+meaning that the packet is not starting a new connection but is
+associated with an existing connection, such as an FTP data transfer
or an ICMP error.
.B UNTRACKED
meaning that the packet is not tracked at all, which happens if you use
--
Dr. Helge Kreutzmann [email protected]
Dipl.-Phys. http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
Help keep free software "libre": http://www.ffii.de/
signature.asc
Description: Digital signature
