Older versions of iptables allowed for negative realm values by accident (they would be cast to unsigned). While this was clearly a bug, document the fixed behaviour. Signed-off-by: Phil Sutter <phil@xxxxxx> --- extensions/libipt_realm.man | 2 ++ 1 file changed, 2 insertions(+) diff --git a/extensions/libipt_realm.man b/extensions/libipt_realm.man index a40b1adc72ba2..72dff9b2e4212 100644 --- a/extensions/libipt_realm.man +++ b/extensions/libipt_realm.man @@ -5,3 +5,5 @@ setups involving dynamic routing protocols like BGP. Matches a given realm number (and optionally mask). If not a number, value can be a named realm from /etc/iproute2/rt_realms (mask can not be used in that case). +Both value and mask are four byte unsigned integers and may be specified in +decimal, hex (by prefixing with "0x") or octal (if a leading zero is given). -- 2.19.0
