On Monday 05 January 2004 10:33 pm, Tobias Hintze wrote: > hi, > > i think i just noticed a mistake in your NAT-howto... > (http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO.html) > > section 5.2 Finer Points Of Selecting What Packets To Mangle > > 4th paragraph: > > "These options must follow the `-p' option (which has a side-effect of > loading the shared library extension for that protocol). You can use > port numbers, or a name from the /etc/services file." > > we talk about protocols here. not ports! so /etc/protocols is the right > reference not /etc/services. No, /etc/services is correct. What the phrase you have quoted is saying is "These options must follow the '-p' option [which specifies which protocol is in use, eg -p tcp, -p udp etc] (which has a side-effect of loading the shared library extension for that protocol). [It is this shared library extension which allows the further specification of port numbers; without it, you cannot specify a port number] You can use port number, or a name from the /etc/services file [as an argument to the --sport or --dport options]." You are correct in thinking that after -p you can use a protocol number or a name from /etc/protocols, however the above paragraph is talking about --sport and --dport as referenced in the preceding two paragraphs of section 5.2. Hope this clarifies things, Antony. -- Never write it in Perl if you can do it in Awk. Never do it in Awk if sed can handle it. Never use sed when tr can do the job. Never invoke tr when cat is sufficient. Avoid using cat whenever possible. Please reply to the list; please don't CC me.
