diff --git a/man/sysctl.d.xml b/man/sysctl.d.xml
index 8a131791a5..e5b2bc0ac9 100644
--- a/man/sysctl.d.xml
+++ b/man/sysctl.d.xml
@@ -123,11 +123,12 @@
- Disable packet filter on bridged packets (method one)
+ Apply settings available only when a certain module is loaded (method one)
/etc/udev/rules.d/99-bridge.rules:
- ACTION=="add", SUBSYSTEM=="module", KERNEL=="bridge", RUN+="/usr/lib/systemd/systemd-sysctl --prefix=/net/bridge"
+ ACTION=="add", SUBSYSTEM=="module", KERNEL=="br_netfilter", \
+ RUN+="/usr/lib/systemd/systemd-sysctl --prefix=/net/bridge"
/etc/sysctl.d/bridge.conf:
@@ -137,14 +138,20 @@
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
+
+ This method applies settings when the module is
+ loaded. Please note that unless the br_netfilter
+ module is loaded, bridged packets will not be filtered by
+ netfilter (starting with kernel 3.18), so simply not loading the
+ module is suffient to avoid filtering.
- Disable packet filter on bridged packets (method two)
+ Apply settings available only when a certain module is loaded (method two)
/etc/modules-load.d/bridge.conf:
- bridge
+ br_netfilter
/etc/sysctl.d/bridge.conf:
@@ -153,6 +160,12 @@ net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
+
+ This method forces the module to be always loaded. Please
+ note that unless the br_netfilter module is
+ loaded, bridged packets will not be filtered with netfilter
+ (starting with kernel 3.18), so simply not loading the module is
+ suffient to avoid filtering.
diff --git a/man/systemctl.xml b/man/systemctl.xml
index e18ef6f898..66a090049d 100644
--- a/man/systemctl.xml
+++ b/man/systemctl.xml
@@ -114,12 +114,30 @@
When showing unit/job/manager properties with the
- show command, limit display to certain
- properties as specified as argument. If not specified, all
- set properties are shown. The argument should be a
+ show command, limit display to properties
+ specified in the argument. The argument should be a
comma-separated list of property names, such as
- MainPID. If specified more than once, all
- properties with the specified names are shown.
+ MainPID. Unless specified, all known
+ properties are shown. If specified more than once, all
+ properties with the specified names are shown. Shell
+ completion is implemented for property names.
+
+ For the manager itself,
+ systemctl show will show all available
+ properties. Those properties are documented in
+ systemd-system.conf5.
+
+
+ Properties for units vary by unit type, so showing any
+ unit (even a non-existent one) is a way to list properties
+ pertaining to this type. Similarly showing any job will list
+ properties pertaining to all jobs. Properties for units are
+ documented in
+ systemd.unit5,
+ and the pages for individual unit types
+ systemd.service5,
+ systemd.socket5,
+ etc.