X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;ds=sidebyside;f=extensions%2Flibip6t_LOG.man;fp=extensions%2Flibip6t_LOG.man;h=9d51fd410486e77dbd79f41276990b26cb04f071;hb=6afea0b41dfbc3824956d11d960ad80097218feb;hp=0000000000000000000000000000000000000000;hpb=f7b70cf9e00324b89b02de213bcd0dde7044d035;p=iptables.git

diff --git a/extensions/libip6t_LOG.man b/extensions/libip6t_LOG.man
new file mode 100644
index 0000000..9d51fd4
--- /dev/null
+++ b/extensions/libip6t_LOG.man
@@ -0,0 +1,31 @@
+Turn on kernel logging of matching packets.  When this option is set
+for a rule, the Linux kernel will print some information on all
+matching packets (like most IPv6 IPv6-header fields) via the kernel log
+(where it can be read with
+.I dmesg
+or 
+.IR syslogd (8)).
+This is a "non-terminating target", i.e. rule traversal continues at
+the next rule.  So if you want to LOG the packets you refuse, use two
+separate rules with the same matching criteria, first using target LOG
+then DROP (or REJECT).
+.TP
+.BI "--log-level " "level"
+Level of logging (numeric or see \fIsyslog.conf\fP(5)).
+.TP
+.BI "--log-prefix " "prefix"
+Prefix log messages with the specified prefix; up to 29 letters long,
+and useful for distinguishing messages in the logs.
+.TP
+.B --log-tcp-sequence
+Log TCP sequence numbers. This is a security risk if the log is
+readable by users.
+.TP
+.B --log-tcp-options
+Log options from the TCP packet header.
+.TP
+.B --log-ip-options
+Log options from the IPv6 packet header.
+.TP
+.B --log-uid
+Log the userid of the process which generated the packet.