1 files changed, 19 insertions, 0 deletions

diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index c94bb59..6b38716 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -8,6 +8,9 @@
 #include <linux/netfilter_ipv4/ip_tables.h>
 #include <linux/netfilter/nf_nat.h>
 
+#define IPT_REDIRECT_OPT_DEST	0x01
+#define IPT_REDIRECT_OPT_RANDOM	0x02
+
 /* Function which prints out usage message. */
 static void
 help(void)
@@ -21,6 +24,7 @@ IPTABLES_VERSION);
 
 static struct option opts[] = {
 	{ "to-ports", 1, 0, '1' },
+	{ "random", 1, 0, '2' },
 	{ 0 }
 };
 
@@ -101,6 +105,17 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 				   "Unexpected `!' after --to-ports");
 
 		parse_ports(optarg, mr);
+		if (*flags & IPT_REDIRECT_OPT_RANDOM)
+			mr->range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
+		*flags |= IPT_REDIRECT_OPT_DEST;
+		return 1;
+
+	case '2':
+		if (*flags & IPT_REDIRECT_OPT_DEST) {
+			mr->range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
+			*flags |= IPT_REDIRECT_OPT_RANDOM;
+		} else
+			*flags |= IPT_REDIRECT_OPT_RANDOM;
 		return 1;
 
 	default:
@@ -129,6 +144,8 @@ print(const struct ipt_ip *ip,
 		if (r->max.tcp.port != r->min.tcp.port)
 			printf("-%hu", ntohs(r->max.tcp.port));
 		printf(" ");
+		if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM)
+			printf("random ");
 	}
 }
 
@@ -146,6 +163,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
 		if (r->max.tcp.port != r->min.tcp.port)
 			printf("-%hu", ntohs(r->max.tcp.port));
 		printf(" ");
+		if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM)
+			printf("--random ");
 	}
 }