Re: [PATCH] docs: tproxy: fix formatting for nft code block
From: Simon Horman
Date: Mon Apr 07 2025 - 10:50:00 EST
+ Pablo, Jozsef, netfilter-devel, coreteam
On Mon, Apr 07, 2025 at 11:17:27AM +0800, Chen Linxuan wrote:
Hi Chen,
A description of why this change is being made should go here.
As this is a patch for Netfilter documentation, it should probably be
targeted at nf-next like this:
Subject: [PATCH nf-next] ...
And Pablo, Jozsef, netfilter-devel and coreteam should be CCed.
If you do post a follow-up, please do allow 24h between it and your
original post as per:
https://docs.kernel.org/process/maintainer-netdev.html
The documentation update itself looks good to me.
Pablo and Jozef,
Should we add tproxy.rst to the MAINTAINERS entry for NETFILTER
so that get_maintainer.pl does the right thing?
> Signed-off-by: Chen Linxuan <chenlinxuan@xxxxxxxxxxxxx>
> ---
> Documentation/networking/tproxy.rst | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/Documentation/networking/tproxy.rst b/Documentation/networking/tproxy.rst
> index 7f7c1ff6f159..75e4990cc3db 100644
> --- a/Documentation/networking/tproxy.rst
> +++ b/Documentation/networking/tproxy.rst
> @@ -69,9 +69,9 @@ add rules like this to the iptables ruleset above::
> # iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY \
> --tproxy-mark 0x1/0x1 --on-port 50080
>
> -Or the following rule to nft:
> +Or the following rule to nft::
>
> -# nft add rule filter divert tcp dport 80 tproxy to :50080 meta mark set 1 accept
> + # nft add rule filter divert tcp dport 80 tproxy to :50080 meta mark set 1 accept
>
> Note that for this to work you'll have to modify the proxy to enable (SOL_IP,
> IP_TRANSPARENT) for the listening socket.
> --
> 2.48.1
>