Update the libxt_owner manpage with the UID/GID-range feature. Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx> --- extensions/libxt_owner.man | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) Index: iptables/extensions/libxt_owner.man =================================================================== --- iptables.orig/extensions/libxt_owner.man +++ iptables/extensions/libxt_owner.man @@ -3,14 +3,17 @@ for locally generated packets. This matc POSTROUTING chains. Forwarded packets do not have any socket associated with them. Packets from kernel threads do have a socket, but usually no owner. .TP -\fB--uid-owner\fR \fIuserid\fR +\fB--uid-owner\fR \fIusername\fR +.TP +\fB--uid-owner\fR \fIuserid\fR[\fB-\fR\fIuserid\fR] Matches if the packet socket's file structure (if it has one) is owned by the -given user ID. A user name may be specified in place of \fIuserid\fR, in which -case iptables will try to look it up. +given user. You may also specify a numerical UID, or an UID range. +.TP +\fB--gid-owner\fR \fIgroupname\fR .TP -\fB--gid-owner\fR \fIgroupid\fR -Matches if the packet socket's file structure is owned by the given group ID. -A group name may be specified in place of \fIgroupid\fR. +\fB--gid-owner\fR \fIgroupid\fR[\fB-\fR\fIgroupid\fR] +Matches if the packet socket's file structure is owned by the given group. +You may also specify a numerical GID, or a GID range. .TP \fB--socket-exists\fR Matches if the packet is associated with a socket. - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html