diff options
Diffstat (limited to 'extensions/libxt_time.man')
-rw-r--r-- | extensions/libxt_time.man | 71 |
1 files changed, 50 insertions, 21 deletions
diff --git a/extensions/libxt_time.man b/extensions/libxt_time.man index 83625a2..4c0cae0 100644 --- a/extensions/libxt_time.man +++ b/extensions/libxt_time.man @@ -1,10 +1,10 @@ This matches if the packet arrival time/date is within a given range. All -options are optional, but are ANDed when specified. +options are optional, but are ANDed when specified. All times are interpreted +as UTC by default. .TP \fB\-\-datestart\fP \fIYYYY\fP[\fB\-\fP\fIMM\fP[\fB\-\fP\fIDD\fP[\fBT\fP\fIhh\fP[\fB:\fP\fImm\fP[\fB:\fP\fIss\fP]]]]] .TP \fB\-\-datestop\fP \fIYYYY\fP[\fB\-\fP\fIMM\fP[\fB\-\fP\fIDD\fP[\fBT\fP\fIhh\fP[\fB:\fP\fImm\fP[\fB:\fP\fIss\fP]]]]] -.IP Only match during the given time, which must be in ISO 8601 "T" notation. The possible time range is 1970-01-01T00:00:00 to 2038-01-19T04:17:07. .IP @@ -14,34 +14,55 @@ and 2038-01-19, respectively. \fB\-\-timestart\fP \fIhh\fP\fB:\fP\fImm\fP[\fB:\fP\fIss\fP] .TP \fB\-\-timestop\fP \fIhh\fP\fB:\fP\fImm\fP[\fB:\fP\fIss\fP] -.IP Only match during the given daytime. The possible time range is 00:00:00 to 23:59:59. Leading zeroes are allowed (e.g. "06:03") and correctly interpreted as base-10. .TP -[\fB!\fR] \fB\-\-monthdays\fP \fIday\fP[\fB,\fP\fIday\fP...] -.IP -Only match on the given days of the month. Possible values are \fB1\fR -to \fB31\fR. Note that specifying \fB31\fR will of course not match +[\fB!\fP] \fB\-\-monthdays\fP \fIday\fP[\fB,\fP\fIday\fP...] +Only match on the given days of the month. Possible values are \fB1\fP +to \fB31\fP. Note that specifying \fB31\fP will of course not match on months which do not have a 31st day; the same goes for 28- or 29-day February. .TP -[\fB!\fR] \fB\-\-weekdays\fP \fIday\fP[\fB,\fP\fIday\fP...] -.IP -Only match on the given weekdays. Possible values are \fBMon\fR, \fBTue\fR, -\fBWed\fR, \fBThu\fR, \fBFri\fR, \fBSat\fR, \fBSun\fR, or values from \fB1\fR -to \fB7\fR, respectively. You may also use two-character variants (\fBMo\fP, -\fBTu\fR, etc.). +[\fB!\fP] \fB\-\-weekdays\fP \fIday\fP[\fB,\fP\fIday\fP...] +Only match on the given weekdays. Possible values are \fBMon\fP, \fBTue\fP, +\fBWed\fP, \fBThu\fP, \fBFri\fP, \fBSat\fP, \fBSun\fP, or values from \fB1\fP +to \fB7\fP, respectively. You may also use two-character variants (\fBMo\fP, +\fBTu\fP, etc.). .TP -\fB\-\-utc\fP -.IP -Interpret the times given for \fB\-\-datestart\fP, \fB\-\-datestop\fP, -\fB\-\-timestart\fP and \fB\-\-timestop\fP to be UTC. +\fB\-\-contiguous\fP +When \fB\-\-timestop\fP is smaller than \fB\-\-timestart\fP value, match +this as a single time period instead distinct intervals. See EXAMPLES. .TP -\fB\-\-localtz\fP -.IP -Interpret the times given for \fB\-\-datestart\fP, \fB\-\-datestop\fP, -\fB\-\-timestart\fP and \fB\-\-timestop\fP to be local kernel time. (Default) +\fB\-\-kerneltz\fP +Use the kernel timezone instead of UTC to determine whether a packet meets the +time regulations. +.PP +About kernel timezones: Linux keeps the system time in UTC, and always does so. +On boot, system time is initialized from a referential time source. Where this +time source has no timezone information, such as the x86 CMOS RTC, UTC will be +assumed. If the time source is however not in UTC, userspace should provide the +correct system time and timezone to the kernel once it has the information. +.PP +Local time is a feature on top of the (timezone independent) system time. Each +process has its own idea of local time, specified via the TZ environment +variable. The kernel also has its own timezone offset variable. The TZ +userspace environment variable specifies how the UTC-based system time is +displayed, e.g. when you run date(1), or what you see on your desktop clock. +The TZ string may resolve to different offsets at different dates, which is +what enables the automatic time-jumping in userspace. when DST changes. The +kernel's timezone offset variable is used when it has to convert between +non-UTC sources, such as FAT filesystems, to UTC (since the latter is what the +rest of the system uses). +.PP +The caveat with the kernel timezone is that Linux distributions may ignore to +set the kernel timezone, and instead only set the system time. Even if a +particular distribution does set the timezone at boot, it is usually does not +keep the kernel timezone offset - which is what changes on DST - up to date. +ntpd will not touch the kernel timezone, so running it will not resolve the +issue. As such, one may encounter a timezone that is always +0000, or one that +is wrong half of the time of the year. As such, \fBusing \-\-kerneltz is highly +discouraged.\fP .PP EXAMPLES. To match on weekends, use: .IP @@ -67,3 +88,11 @@ The fourth Friday in the month: (Note that this exploits a certain mathematical property. It is not possible to say "fourth Thursday OR fourth Friday" in one rule. It is possible with multiple rules, though.) +.PP +Matching across days might not do what is expected. For instance, +.IP +\-m time \-\-weekdays Mo \-\-timestart 23:00 \-\-timestop 01:00 +Will match Monday, for one hour from midnight to 1 a.m., and then +again for another hour from 23:00 onwards. If this is unwanted, e.g. if you +would like 'match for two hours from Montay 23:00 onwards' you need to also specify +the \-\-contiguous option in the example above. |