+ Pablo, Jozsef, netfilter-devel, coreteam On Mon, Apr 07, 2025 at 11:17:27AM +0800, Chen Linxuan wrote: Hi Chen, A description of why this change is being made should go here. As this is a patch for Netfilter documentation, it should probably be targeted at nf-next like this: Subject: [PATCH nf-next] ... And Pablo, Jozsef, netfilter-devel and coreteam should be CCed. If you do post a follow-up, please do allow 24h between it and your original post as per: https://docs.kernel.org/process/maintainer-netdev.html The documentation update itself looks good to me. Pablo and Jozef, Should we add tproxy.rst to the MAINTAINERS entry for NETFILTER so that get_maintainer.pl does the right thing? > Signed-off-by: Chen Linxuan <chenlinxuan@xxxxxxxxxxxxx> > --- > Documentation/networking/tproxy.rst | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/Documentation/networking/tproxy.rst b/Documentation/networking/tproxy.rst > index 7f7c1ff6f159..75e4990cc3db 100644 > --- a/Documentation/networking/tproxy.rst > +++ b/Documentation/networking/tproxy.rst > @@ -69,9 +69,9 @@ add rules like this to the iptables ruleset above:: > # iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY \ > --tproxy-mark 0x1/0x1 --on-port 50080 > > -Or the following rule to nft: > +Or the following rule to nft:: > > -# nft add rule filter divert tcp dport 80 tproxy to :50080 meta mark set 1 accept > + # nft add rule filter divert tcp dport 80 tproxy to :50080 meta mark set 1 accept > > Note that for this to work you'll have to modify the proxy to enable (SOL_IP, > IP_TRANSPARENT) for the listening socket. > -- > 2.48.1 >
