mirror of https://github.com/mkerrisk/man-pages
ip.7: Document IP_TRANSPARENT
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
7199373b28
commit
e85dc06262
28
man7/ip.7
28
man7/ip.7
|
@ -716,12 +716,31 @@ The priority can also be set in a protocol independent way by the
|
|||
.RB ( SOL_SOCKET ", " SO_PRIORITY )
|
||||
socket option (see
|
||||
.BR socket (7)).
|
||||
.\" FIXME Document IP_TRANSPARENT
|
||||
.\" Needs CAP_NET_ADMIN
|
||||
.\" Boolean
|
||||
.\" Since Linux 2.6.27
|
||||
.\" commit f5715aea4564f233767ea1d944b2637a5fd7cd2e
|
||||
.\" Author: KOVACS Krisztian <hidden@sch.bme.hu>
|
||||
.\" http://lwn.net/Articles/252545/
|
||||
.TP
|
||||
.BR IP_TTL " (since Linux 2.6.24)"
|
||||
.\" commit f5715aea4564f233767ea1d944b2637a5fd7cd2e
|
||||
.\" This patch introduces the IP_TRANSPARENT socket option: enabling that
|
||||
.\" will make the IPv4 routing omit the non-local source address check on
|
||||
.\" output. Setting IP_TRANSPARENT requires NET_ADMIN capability.
|
||||
.\" http://lwn.net/Articles/252545/
|
||||
Setting this boolean option enables transparent proxying on this socket.
|
||||
This socket option allows
|
||||
the calling application to bind to a nonlocal IP address and operate
|
||||
both as a client and a server with the foreign address as the local endpoint.
|
||||
NOTE: this requires that routing be set up in a way that
|
||||
packets going to the foreign address are routed through the TProxy box.
|
||||
Enabling this socket option requires superuser privileges
|
||||
(the
|
||||
.BR CAP_NET_ADMIN
|
||||
capability).
|
||||
.IP
|
||||
TProxy redirection with the iptables TPROXY target also requires that
|
||||
this option be set on the redirected socket.
|
||||
.TP
|
||||
.BR IP_TTL " (since Linux 1.0)"
|
||||
Set or retrieve the current time-to-live field that is used in every packet
|
||||
|
@ -966,9 +985,10 @@ and
|
|||
.BR IP_MTU ,
|
||||
.BR IP_MTU_DISCOVER ,
|
||||
.BR IP_PKTINFO ,
|
||||
.B IP_RECVERR
|
||||
.BR IP_RECVERR ,
|
||||
.BR IP_ROUTER_ALERT ,
|
||||
and
|
||||
.B IP_ROUTER_ALERT
|
||||
.BR IP_TRANSPARENT
|
||||
are Linux-specific.
|
||||
.\" IP_PASSSEC is Linux-specific
|
||||
.\" IP_XFRM_POLICY is Linux-specific
|
||||
|
|
Loading…
Reference in New Issue