diff --git a/.gitignore b/.gitignore index 8795af9..ded564f 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,4 @@ Makefile.in /ltmain.sh /missing /stamp-h1 +/xtables-addons.8 diff --git a/Makefile.am b/Makefile.am index ee3fa49..425c3a2 100644 --- a/Makefile.am +++ b/Makefile.am @@ -3,6 +3,14 @@ AUTOMAKE_OPTIONS = foreign subdir-objects SUBDIRS = extensions +man_MANS := xtables-addons.8 + +xtables-addons.8: ${srcdir}/xtables-addons.8.in extensions/matches.man extensions/targets.man + ${AM_VERBOSE_GEN} sed -e '/@MATCHES@/ r extensions/matches.man' -e '/@TARGET@/ r extensions/targets.man' $< >$@; + +extensions/%: + ${MAKE} ${AM_MAKEFLAGS} -C $(@D) $(@F) + .PHONY: tarball tarball: rm -Rf /tmp/xtables-addons-${PACKAGE_VERSION}; diff --git a/extensions/.gitignore b/extensions/.gitignore index 1181677..9993d00 100644 --- a/extensions/.gitignore +++ b/extensions/.gitignore @@ -1,5 +1,6 @@ .*.cmd .*.d +.manpages.lst .tmp_versions *.ko *.mod.c @@ -8,3 +9,5 @@ GNUmakefile Module.symvers modules.order +matches.man +targets.man diff --git a/extensions/GNUmakefile.in b/extensions/GNUmakefile.in index 8c98cf9..646c6e9 100644 --- a/extensions/GNUmakefile.in +++ b/extensions/GNUmakefile.in @@ -58,7 +58,7 @@ targets_install := ${obj-m} .PHONY: all install clean distclean FORCE -all: modules ${targets} +all: modules ${targets} matches.man targets.man install: modules_install ${targets_install} @mkdir -p "${DESTDIR}${xtlibdir}"; @@ -68,7 +68,7 @@ clean: clean_modules rm -f *.oo *.so; distclean: clean - rm -f .*.d; + rm -f .*.d .manpages.lst; -include .*.d @@ -96,3 +96,34 @@ lib%.so: lib%.oo lib%.oo: ${srcdir}/lib%.c ${AM_VERBOSE_CC} ${CC} ${AM_DEPFLAGS} ${AM_CFLAGS} -D_INIT=lib$*_init -DPIC -fPIC ${CFLAGS} -o $@ -c $<; + + +# +# Manpages +# +wcman_matches := $(wildcard ${srcdir}/libxt_[a-z]*.man) +wcman_targets := $(wildcard ${srcdir}/libxt_[A-Z]*.man) +wlist_matches := $(patsubst ${srcdir}/libxt_%.man,%,${wcman_matches}) +wlist_targets := $(patsubst ${srcdir}/libxt_%.man,%,${wcman_targets}) + +.manpages.lst: FORCE + @echo "${wlist_targets} ${wlist_matches}" >$@.tmp; \ + cmp -s $@ $@.tmp || mv $@.tmp $@; \ + rm -f $@.tmp; + +man_run = \ + ${AM_VERBOSE_GEN} \ + for ext in $(1); do \ + f="${srcdir}/libxt_$$ext.man"; \ + if [ -f "$$f" ]; then \ + echo ".SS $$ext"; \ + cat "$$f"; \ + continue; \ + fi; \ + done >$@; + +matches.man: .manpages.lst ${wcman_matches} + $(call man_run,${wlist_matches}) + +targets.man: .manpages.lst ${wcman_targets} + $(call man_run,${wlist_targets}) diff --git a/extensions/libxt_IPMARK.man b/extensions/libxt_IPMARK.man index 8ab0334..34eba24 100644 --- a/extensions/libxt_IPMARK.man +++ b/extensions/libxt_IPMARK.man @@ -2,11 +2,10 @@ Allows you to mark a received packet basing on its IP address. This can replace many mangle/mark entries with only one, if you use firewall based classifier. -This target is to be used inside the mangle table, in the PREROUTING, -POSTROUTING or FORWARD hooks. +This target is to be used inside the \fBmangle\fP table. .TP -.BI "--addr " "src/dst" -Use source or destination IP address. +\fB--addr\fP {\fBsrc\fP|\fBdst\fP} +Select source or destination IP address as a basis for the mark. .TP .BI "--and-mask " "mask" Perform bitwise `and' on the IP address and this mask. diff --git a/extensions/libxt_TARPIT.man b/extensions/libxt_TARPIT.man index a5cc727..891aeb3 100644 --- a/extensions/libxt_TARPIT.man +++ b/extensions/libxt_TARPIT.man @@ -21,7 +21,7 @@ the Linux box, and add: -A FORWARD -p tcp -j TARPIT .IP -A FORWARD -j DROP -.TP +.PP NOTE: If you use the conntrack module while you are using TARPIT, you should also use the NOTRACK target, or the kernel will unnecessarily allocate resources for diff --git a/extensions/libxt_ipp2p.man b/extensions/libxt_ipp2p.man index da34514..cdaf3c3 100644 --- a/extensions/libxt_ipp2p.man +++ b/extensions/libxt_ipp2p.man @@ -35,9 +35,6 @@ Matches some WinMX packets. Considered as beta, use careful! .B "--ares " Matches Ares and AresLite packets. Use together with -j DROP only. .TP -.B "--ipp2p " -Short hand for: --edk --kazaa --gnu --dc -.TP .B "--debug " Prints some information about each hit into kernel logfile. May produce huge logfiles so beware! diff --git a/xtables-addons.8.in b/xtables-addons.8.in new file mode 100644 index 0000000..2e6ce92 --- /dev/null +++ b/xtables-addons.8.in @@ -0,0 +1,13 @@ +.TH xtables-addons 8 2008-04-09 +.SH NAME +Xtables-addons - additional extensions for iptables, ip6tables, etc. +.SH TARGETS +.\" @TARGET@ +.SH MATCHES +.\" @MATCHES@ +.SH "SEE ALSO" +\fBiptables\fP(8), \fBip6tables\fP(8) +.PP +For developers, the book "Writing your own Netfilter modules" at +http://jengelh.medozas.de/documents/Netfilter_Modules.pdf provides detailed +information on how to write such modules/extensions.