Blame extensions/libxt_TPROXY.man
|
Packit Service |
d1fe03 |
This target is only valid in the \fBmangle\fP table, in the \fBPREROUTING\fP
|
|
Packit Service |
d1fe03 |
chain and user-defined chains which are only called from this chain. It
|
|
Packit Service |
d1fe03 |
redirects the packet to a local socket without changing the packet header in
|
|
Packit Service |
d1fe03 |
any way. It can also change the mark value which can then be used in advanced
|
|
Packit Service |
d1fe03 |
routing rules.
|
|
Packit Service |
d1fe03 |
It takes three options:
|
|
Packit Service |
d1fe03 |
.TP
|
|
Packit Service |
d1fe03 |
\fB\-\-on\-port\fP \fIport\fP
|
|
Packit Service |
d1fe03 |
This specifies a destination port to use. It is a required option, 0 means the
|
|
Packit Service |
d1fe03 |
new destination port is the same as the original. This is only valid if the
|
|
Packit Service |
d1fe03 |
rule also specifies \fB\-p tcp\fP or \fB\-p udp\fP.
|
|
Packit Service |
d1fe03 |
.TP
|
|
Packit Service |
d1fe03 |
\fB\-\-on\-ip\fP \fIaddress\fP
|
|
Packit Service |
d1fe03 |
This specifies a destination address to use. By default the address is the IP
|
|
Packit Service |
d1fe03 |
address of the incoming interface. This is only valid if the rule also
|
|
Packit Service |
d1fe03 |
specifies \fB\-p tcp\fP or \fB\-p udp\fP.
|
|
Packit Service |
d1fe03 |
.TP
|
|
Packit Service |
d1fe03 |
\fB\-\-tproxy\-mark\fP \fIvalue\fP[\fB/\fP\fImask\fP]
|
|
Packit Service |
d1fe03 |
Marks packets with the given value/mask. The fwmark value set here can be used
|
|
Packit Service |
d1fe03 |
by advanced routing. (Required for transparent proxying to work: otherwise
|
|
Packit Service |
d1fe03 |
these packets will get forwarded, which is probably not what you want.)
|