From fd3827bc74b6d9e5acb7f5fcf79e6e1cb326640d Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Thu, 1 Jul 2010 16:34:17 +0200 Subject: conntrack: fix `conntrack --any-nat 1.1.1.1' filtering This patch adds the missing bits to allow to filter with --any-nat based on the IP address. Signed-off-by: Pablo Neira Ayuso --- src/conntrack.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/conntrack.c') diff --git a/src/conntrack.c b/src/conntrack.c index 93844c5..82fe844 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -843,9 +843,9 @@ nat_parse(char *arg, int portok, struct nf_conntrack *obj, int type) if (parse_addr(arg, &parse) == AF_UNSPEC) return; - if (type == CT_OPT_SRC_NAT) + if (type == CT_OPT_SRC_NAT || type == CT_OPT_ANY_NAT) nfct_set_attr_u32(obj, ATTR_SNAT_IPV4, parse.v4); - else if (type == CT_OPT_DST_NAT) + else if (type == CT_OPT_DST_NAT || type == CT_OPT_ANY_NAT) nfct_set_attr_u32(obj, ATTR_DNAT_IPV4, parse.v4); } -- cgit v1.2.3