diff --git a/manual/iptables/original/man3/libipq.3 b/manual/iptables/original/man3/libipq.3 index 1a0984d..a2dfbfb 100644 --- a/manual/iptables/original/man3/libipq.3 +++ b/manual/iptables/original/man3/libipq.3 @@ -48,9 +48,9 @@ and queued for userspace processing via the QUEUE target. For example, running the following commands: .PP # modprobe iptable_filter -.br +.br # modprobe ip_queue -.br +.br # iptables -A OUTPUT -p icmp -j QUEUE .PP will cause any locally generated ICMP packets (e.g. ping output) to diff --git a/manual/iptables/original/man8/ip6tables-restore.8 b/manual/iptables/original/man8/ip6tables-restore.8 index 43c1268..55e82ce 100644 --- a/manual/iptables/original/man8/ip6tables-restore.8 +++ b/manual/iptables/original/man8/ip6tables-restore.8 @@ -33,7 +33,6 @@ I/O redirection provided by your shell to read from a file restore the values of all packet and byte counters .TP \fB\-n\fR, \fB\-\-noflush\fR -.TP don't flush the previous contents of the table. If not specified, .B ip6tables-restore flushes (deletes) all previous contents of the respective IPv6 Table. diff --git a/manual/iptables/original/man8/ip6tables-save.8 b/manual/iptables/original/man8/ip6tables-save.8 index c8b3e96..48c70a6 100644 --- a/manual/iptables/original/man8/ip6tables-save.8 +++ b/manual/iptables/original/man8/ip6tables-save.8 @@ -33,7 +33,6 @@ to STDOUT. Use I/O-redirection provided by your shell to write to a file. include the current values of all packet and byte counters in the output .TP \fB\-t\fR, \fB\-\-table\fR \fBtablename\fR -.TP restrict output to only one table. If not specified, output includes all available tables. .SH BUGS diff --git a/manual/iptables/original/man8/iptables-restore.8 b/manual/iptables/original/man8/iptables-restore.8 index e2649e5..e80d943 100644 --- a/manual/iptables/original/man8/iptables-restore.8 +++ b/manual/iptables/original/man8/iptables-restore.8 @@ -33,7 +33,6 @@ I/O redirection provided by your shell to read from a file restore the values of all packet and byte counters .TP \fB\-n\fR, \fB\-\-noflush\fR -.TP don't flush the previous contents of the table. If not specified, .B iptables-restore flushes (deletes) all previous contents of the respective IP Table. diff --git a/manual/iptables/original/man8/iptables-save.8 b/manual/iptables/original/man8/iptables-save.8 index f9c7d65..152e4db 100644 --- a/manual/iptables/original/man8/iptables-save.8 +++ b/manual/iptables/original/man8/iptables-save.8 @@ -33,7 +33,6 @@ to STDOUT. Use I/O-redirection provided by your shell to write to a file. include the current values of all packet and byte counters in the output .TP \fB\-t\fR, \fB\-\-table\fR \fBtablename\fR -.TP restrict output to only one table. If not specified, output includes all available tables. .SH BUGS diff --git a/manual/iptables/original/man8/iptables.8 b/manual/iptables/original/man8/iptables.8 index b79f1ec..258fce3 100644 --- a/manual/iptables/original/man8/iptables.8 +++ b/manual/iptables/original/man8/iptables.8 @@ -589,8 +589,8 @@ interface which begins with this name will match. Note that in the chains one cannot match on the bridge output port, however one can in the .B "filter OUTPUT" chain. If the packet won't leave by a bridge device or it is yet unknown what -the output device will be, then the packet won't match this option, unless -'!' is used. +the output device will be, then the packet won't match this option, +unless '!' is used. .TP .B --physdev-is-in Matches if the packet has entered through a bridge interface. @@ -883,7 +883,8 @@ TCP RST packet to be sent back. This is mainly useful for blocking .I ident (113/tcp) probes which frequently occur when sending mail to broken mail hosts (which won't accept your mail otherwise). -.TP +.RS +.PP (*) Using icmp-admin-prohibited with kernels that do not support it will result in a plain DROP instead of REJECT .SS SNAT This target is only valid in the @@ -1021,7 +1022,8 @@ refers to the output interface, and both are available for packets entering the .B FORWARD chain. -.PP The various forms of NAT have been separated out; +.PP +The various forms of NAT have been separated out; .B iptables is a pure packet filter when using the default `filter' table, with optional extension modules. This should simplify much of the previous