mirror of https://github.com/mkerrisk/man-pages
ip.7: Document IP_TRANSPARENT
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
7199373b28
commit
e85dc06262
28
man7/ip.7
28
man7/ip.7
|
@ -716,12 +716,31 @@ The priority can also be set in a protocol independent way by the
|
||||||
.RB ( SOL_SOCKET ", " SO_PRIORITY )
|
.RB ( SOL_SOCKET ", " SO_PRIORITY )
|
||||||
socket option (see
|
socket option (see
|
||||||
.BR socket (7)).
|
.BR socket (7)).
|
||||||
.\" FIXME Document IP_TRANSPARENT
|
|
||||||
.\" Needs CAP_NET_ADMIN
|
.\" Needs CAP_NET_ADMIN
|
||||||
.\" Boolean
|
.\" Boolean
|
||||||
.\" Since Linux 2.6.27
|
.\" Since Linux 2.6.27
|
||||||
.\" commit f5715aea4564f233767ea1d944b2637a5fd7cd2e
|
|
||||||
.\" Author: KOVACS Krisztian <hidden@sch.bme.hu>
|
.\" Author: KOVACS Krisztian <hidden@sch.bme.hu>
|
||||||
|
.\" http://lwn.net/Articles/252545/
|
||||||
|
.TP
|
||||||
|
.BR IP_TTL " (since Linux 2.6.24)"
|
||||||
|
.\" commit f5715aea4564f233767ea1d944b2637a5fd7cd2e
|
||||||
|
.\" This patch introduces the IP_TRANSPARENT socket option: enabling that
|
||||||
|
.\" will make the IPv4 routing omit the non-local source address check on
|
||||||
|
.\" output. Setting IP_TRANSPARENT requires NET_ADMIN capability.
|
||||||
|
.\" http://lwn.net/Articles/252545/
|
||||||
|
Setting this boolean option enables transparent proxying on this socket.
|
||||||
|
This socket option allows
|
||||||
|
the calling application to bind to a nonlocal IP address and operate
|
||||||
|
both as a client and a server with the foreign address as the local endpoint.
|
||||||
|
NOTE: this requires that routing be set up in a way that
|
||||||
|
packets going to the foreign address are routed through the TProxy box.
|
||||||
|
Enabling this socket option requires superuser privileges
|
||||||
|
(the
|
||||||
|
.BR CAP_NET_ADMIN
|
||||||
|
capability).
|
||||||
|
.IP
|
||||||
|
TProxy redirection with the iptables TPROXY target also requires that
|
||||||
|
this option be set on the redirected socket.
|
||||||
.TP
|
.TP
|
||||||
.BR IP_TTL " (since Linux 1.0)"
|
.BR IP_TTL " (since Linux 1.0)"
|
||||||
Set or retrieve the current time-to-live field that is used in every packet
|
Set or retrieve the current time-to-live field that is used in every packet
|
||||||
|
@ -966,9 +985,10 @@ and
|
||||||
.BR IP_MTU ,
|
.BR IP_MTU ,
|
||||||
.BR IP_MTU_DISCOVER ,
|
.BR IP_MTU_DISCOVER ,
|
||||||
.BR IP_PKTINFO ,
|
.BR IP_PKTINFO ,
|
||||||
.B IP_RECVERR
|
.BR IP_RECVERR ,
|
||||||
|
.BR IP_ROUTER_ALERT ,
|
||||||
and
|
and
|
||||||
.B IP_ROUTER_ALERT
|
.BR IP_TRANSPARENT
|
||||||
are Linux-specific.
|
are Linux-specific.
|
||||||
.\" IP_PASSSEC is Linux-specific
|
.\" IP_PASSSEC is Linux-specific
|
||||||
.\" IP_XFRM_POLICY is Linux-specific
|
.\" IP_XFRM_POLICY is Linux-specific
|
||||||
|
|
Loading…
Reference in New Issue