extensions: libebt_redirect: Fix target translation

While EBT_ACCEPT is the default verdict for ebtables targets, omitting it from translation implicitly converts it into 'continue'. Omit the non-default EBT_CONTINUE instead. Fixes: 24ce7465056ae ("ebtables-compat: add redirect match extension") Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2023-01-31 22:28:24 +0100
committer: Phil Sutter <phil@nwl.cc> 2023-02-17 18:18:48 +0100
commit: bb6b243c481f90f7dc4a0bd89187ee2bb823f1f6 (patch)
tree: 7b175dc2537fcbab332a3852e2d9cd11614e2a56 /extensions/libebt_redirect.txlate
parent: 7e63a66e3f02e127895cfc82415219241e3ff6b3 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/extensions/libebt_redirect.txlate b/extensions/libebt_redirect.txlate
new file mode 100644
index 00000000..f0dd5dea
--- /dev/null
+++ b/extensions/libebt_redirect.txlate
@@ -0,0 +1,8 @@
+ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect
+nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta set pkttype host accept'
+
+ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect --redirect-target RETURN
+nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta set pkttype host return'
+
+ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect --redirect-target CONTINUE
+nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta set pkttype host'
author	Phil Sutter <phil@nwl.cc>	2023-01-31 22:28:24 +0100
committer	Phil Sutter <phil@nwl.cc>	2023-02-17 18:18:48 +0100
commit	bb6b243c481f90f7dc4a0bd89187ee2bb823f1f6 (patch)
tree	7b175dc2537fcbab332a3852e2d9cd11614e2a56 /extensions/libebt_redirect.txlate
parent	7e63a66e3f02e127895cfc82415219241e3ff6b3 (diff)