doc: Document notrack statement

Merely a stub, but better to mention it explicitly instead of having it
appear in synproxy examples and letting users guess as to what it does.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Reviewed-by: Florian Westphal <fw@strlen.de>

diff --git a/doc/statements.txt b/doc/statements.txt
index ced311cb8d175ffe1ced871b25750f39e5a4a644..607aee133a993cd9ddd4df0aefc8daed6587dbaa 100644 (file)
--- a/doc/statements.txt
+++ b/doc/statements.txt
@@ -263,6 +263,20 @@ table inet raw {
 ct event set new,related,destroy
 --------------------------------------
 
+NOTRACK STATEMENT
+~~~~~~~~~~~~~~~~~
+The notrack statement allows to disable connection tracking for certain
+packets.
+
+[verse]
+*notrack*
+
+Note that for this statement to be effective, it has to be applied to packets
+before a conntrack lookup happens. Therefore, it needs to sit in a chain with
+either prerouting or output hook and a hook priority of -300 or less.
+
+See SYNPROXY STATEMENT for an example usage.
+
 META STATEMENT
 ~~~~~~~~~~~~~~
 A meta statement sets the value of a meta expression. The existing meta fields