extensions: man: Add a note about route_localnet sysctl

See ip_route_input_slow() in net/ipv4/route.c in the Linux
kernel sources.

Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/extensions/libxt_DNAT.man b/extensions/libxt_DNAT.man
index 090ecb42c02a324b7e809ddab26e147b8ba399a8..cbfa5478cbff02d1dcdb42ce75bb9096d6fc97ec 100644 (file)
--- a/extensions/libxt_DNAT.man
+++ b/extensions/libxt_DNAT.man
@@ -23,6 +23,10 @@ its value is used as offset into the mapping port range. This allows one to crea
 shifted portmap ranges and is available since kernel version 4.18.
 For a single port or \fIbaseport\fP, a service name as listed in
 \fB/etc/services\fP may be used.
+If \fIipaddr\fP is an IPv4 loopback address (i.e. 127.0.0.0/8) the
+"net.ipv4.conf.*.route_localnet" sysctl for the input interface needs
+to be set to 1. Otherwise packets will be dropped by the routing code
+as "martians".
 .TP
 \fB\-\-random\fP
 Randomize source port mapping (kernel >= 2.6.22).