From f38ed1e59f8d3b62e322563401cabc6dbac5fca5 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Wed, 18 Apr 2018 00:09:05 +0200 Subject: xt-translate: quote interface names in translated output it its good practice as interface names can be virtually any identifier and could clash with nft keywords. Signed-off-by: Florian Westphal --- extensions/libip6t_SNAT.txlate | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'extensions/libip6t_SNAT.txlate') diff --git a/extensions/libip6t_SNAT.txlate b/extensions/libip6t_SNAT.txlate index 9793f8d5..44f2fcea 100644 --- a/extensions/libip6t_SNAT.txlate +++ b/extensions/libip6t_SNAT.txlate @@ -1,11 +1,11 @@ ip6tables-translate -t nat -A postrouting -o eth0 -p tcp -j SNAT --to [fec0::1234]:80 -nft add rule ip6 nat postrouting oifname eth0 meta l4proto tcp counter snat to [fec0::1234]:80 +nft add rule ip6 nat postrouting oifname "eth0" meta l4proto tcp counter snat to [fec0::1234]:80 ip6tables-translate -t nat -A postrouting -o eth0 -p tcp -j SNAT --to [fec0::1234]:1-20 -nft add rule ip6 nat postrouting oifname eth0 meta l4proto tcp counter snat to [fec0::1234]:1-20 +nft add rule ip6 nat postrouting oifname "eth0" meta l4proto tcp counter snat to [fec0::1234]:1-20 ip6tables-translate -t nat -A postrouting -o eth0 -p tcp -j SNAT --to [fec0::1234]:123 --random -nft add rule ip6 nat postrouting oifname eth0 meta l4proto tcp counter snat to [fec0::1234]:123 random +nft add rule ip6 nat postrouting oifname "eth0" meta l4proto tcp counter snat to [fec0::1234]:123 random ip6tables-translate -t nat -A postrouting -o eth0 -p tcp -j SNAT --to [fec0::1234]:123 --random-fully --persistent -nft add rule ip6 nat postrouting oifname eth0 meta l4proto tcp counter snat to [fec0::1234]:123 fully-random,persistent +nft add rule ip6 nat postrouting oifname "eth0" meta l4proto tcp counter snat to [fec0::1234]:123 fully-random,persistent -- cgit v1.2.3