Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | extensions: change expected output for new format | Florian Westphal | 2022-11-30 | 1 | -10/+10 |
| | | | | | | | | Now that xtables-translate encloses the entire command line in ', update the test cases accordingly. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Phil Sutter <phil@nwl.cc> | ||||
* | extensions: *NAT: Drop NF_NAT_RANGE_PROTO_RANDOM* flag checks | Phil Sutter | 2022-11-11 | 1 | -0/+3 |
| | | | | | | | | | | | | | | | SNAT, DNAT and REDIRECT extensions tried to prevent NF_NAT_RANGE_PROTO_RANDOM flag from being set if no port or address was also given. With SNAT and DNAT, this is not possible as the respective --to-destination or --to-source parameters are mandatory anyway. Looking at the kernel code, doing so with REDIRECT seems harmless. Moreover, nftables supports 'redirect random' without specifying a port-range. Signed-off-by: Phil Sutter <phil@nwl.cc> | ||||
* | extensions: Merge REDIRECT into DNAT | Phil Sutter | 2022-04-08 | 1 | -0/+26 |
Code is very similar, join them to reuse parsing code at least. As a side-effect, this enables parsing of service names for ports in DNAT as well as using port number 0 as that's what REDIRECT allows. Signed-off-by: Phil Sutter <phil@nwl.cc> |