Package: iptables Version: 1.4.14-3 Severity: minor Tags: patch File: /usr/share/man/man8/iptables.8.gz
1. Make the states list more apparent 2. A few slight modifications, like replacing commas with periods, while visiting that text. --- iptables.8 2013-01-05 02:37:47.262723326 +0200 +++ iptables.8.mod 2013-01-05 02:32:35.000000000 +0200 @@ -1459,25 +1459,40 @@ the connection tracking state for this p .TP [\fB!\fP] \fB\-\-state\fP \fIstate\fP Where state is a comma separated list of the connection states to -match. Possible states are +match. Possible states are: +.RS +.TP .B INVALID meaning that the packet could not be identified for some reason which includes running out of memory and ICMP errors which don't correspond to any -known connection, +known connection. +.RE +.RS +.TP .B ESTABLISHED meaning that the packet is associated with a connection which has seen -packets in both directions, +packets in both directions. +.RE +.RS +.TP .B NEW meaning that the packet has started a new connection, or otherwise associated with a connection which has not seen packets in both -directions, and +directions. +.RE +.RS +.TP .B RELATED meaning that the packet is starting a new connection, but is associated with an existing connection, such as an FTP data transfer, or an ICMP error. +.RE +.RS +.TP .B UNTRACKED meaning that the packet is not tracked at all, which happens if you use the NOTRACK target in raw table. +.RE .SS statistic This module matches packets based on some statistic condition. It supports two distinct modes settable with the -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
