anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-08 13:44:56 +02:00
Code Issues Releases Wiki Activity

doc: replace NOTRACK by CT-notrack

Browse Source
This commit is contained in:
Jan Engelhardt
2011-05-31 22:58:34 +02:00
parent fa1348455d
commit d057f6d6f0
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
extensions/libxt_TARPIT.man
View File

@@ -48,11 +48,11 @@ the Linux box, and add:
.PP .PP
NOTE: NOTE:
If you use the conntrack module while you are using TARPIT, you should also use If you use the conntrack module while you are using TARPIT, you should also use
the NOTRACK target, or the kernel will unnecessarily allocate resources for unset tracking on the packet, or the kernel will unnecessarily allocate
each TARPITted connection. To TARPIT incoming connections to the standard IRC resources for each TARPITted connection. To TARPIT incoming connections to the
port while using conntrack, you could: standard IRC port while using conntrack, you could:
.IP .IP
\-t raw \-A PREROUTING \-p tcp \-\-dport 6667 \-j NOTRACK \-t raw \-A PREROUTING \-p tcp \-\-dport 6667 \-j CT \-\-notrack
.IP .IP
\-A INPUT \-p tcp \-\-dport 6667 \-j NFLOG \-A INPUT \-p tcp \-\-dport 6667 \-j NFLOG
.IP .IP