ip6tables-translate: Fix libip6t_mh.txlate test

Layer 4 protocol name "mobility-header" is not known by nft, so it's neither printed nor accepted on input. Hence fix the test instead of code. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2018-08-23 17:43:29 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2018-08-24 10:05:51 +0200
commit: 0800d9b46b377bc24f15af2c6ae22550b954b6e2 (patch)
tree: 24c3418a47ee262e9a05be318965de0a4effdf66 /extensions
parent: 4cf650c4276540a8405e53b3f29d759c080465b5 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/extensions/libip6t_mh.txlate b/extensions/libip6t_mh.txlate
index f5d638c0..ccc07c3d 100644
--- a/extensions/libip6t_mh.txlate
+++ b/extensions/libip6t_mh.txlate
@@ -1,5 +1,5 @@
 ip6tables-translate -A INPUT -p mh --mh-type 1 -j ACCEPT
-nft add rule ip6 filter INPUT meta l4proto mobility-header mh type 1 counter accept
+nft add rule ip6 filter INPUT meta l4proto 135 mh type 1 counter accept
 
 ip6tables-translate -A INPUT -p mh --mh-type 1:3 -j ACCEPT
-nft add rule ip6 filter INPUT meta l4proto mobility-header mh type 1-3 counter accept
+nft add rule ip6 filter INPUT meta l4proto 135 mh type 1-3 counter accept
author	Phil Sutter <phil@nwl.cc>	2018-08-23 17:43:29 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2018-08-24 10:05:51 +0200
commit	0800d9b46b377bc24f15af2c6ae22550b954b6e2 (patch)
tree	24c3418a47ee262e9a05be318965de0a4effdf66 /extensions
parent	4cf650c4276540a8405e53b3f29d759c080465b5 (diff)