diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-04-29 14:11:13 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-04-30 14:01:30 +0200 |
commit | ee4391d0ac1e7af57e4c707be81e83fc59002272 (patch) | |
tree | d199956dbe66fd6e4cc73cc101cff68785b62f15 /src/netlink_delinearize.c | |
parent | 12467ee9379ee16cf0e9a943ded8054710097134 (diff) |
nat: transform range to prefix expression when possible
This patch transform a range of IP addresses to prefix when listing the
ruleset.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink_delinearize.c')
-rw-r--r-- | src/netlink_delinearize.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index 772559c8..f721d15c 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -1103,8 +1103,10 @@ static void netlink_parse_nat(struct netlink_parse_ctx *ctx, else expr_set_type(addr, &ip6addr_type, BYTEORDER_BIG_ENDIAN); - if (stmt->nat.addr != NULL) + if (stmt->nat.addr != NULL) { addr = range_expr_alloc(loc, stmt->nat.addr, addr); + addr = range_expr_to_prefix(addr); + } stmt->nat.addr = addr; } @@ -2296,6 +2298,8 @@ static void expr_postprocess(struct rule_pp_ctx *ctx, struct expr **exprp) case EXPR_RANGE: expr_postprocess(ctx, &expr->left); expr_postprocess(ctx, &expr->right); + case EXPR_PREFIX: + expr_postprocess(ctx, &expr->prefix); break; case EXPR_SET_ELEM: expr_postprocess(ctx, &expr->key); |