diff options
| author | Roberto García <rodanber@gmail.com> | 2016-06-21 22:08:24 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-06-22 19:58:41 +0200 |
| commit | afefc7a134ca0d4277a6f3848f8ae5788fac3252 (patch) | |
| tree | 65cd3d88e5325751f15268ab20f9d04f60e2e674 /extensions | |
| parent | 4dd742ed19840490c59b85fa1ac4eb0510a8c78f (diff) | |
extensions: libxt_MARK: Add translation for revision 1 to nft
Add translation for revision 1 of the MARK target to nft.
Examples:
# iptables-translate -t mangle -A PREROUTING -j MARK --set-mark 0x64
nft add rule ip mangle PREROUTING counter meta mark set 0x64
# iptables-translate -t mangle -A PREROUTING -j MARK --and-mark 0x64
nft add rule ip mangle PREROUTING counter meta mark set mark and 0x64
# iptables-translate -t mangle -A PREROUTING -j MARK --or-mark 0x64
nft add rule ip mangle PREROUTING counter meta mark set mark or 0x64
Signed-off-by: Roberto García <rodanber@gmail.com>
Acked-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions')
| -rw-r--r-- | extensions/libxt_MARK.c | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c index ec1ed056..8bd4d410 100644 --- a/extensions/libxt_MARK.c +++ b/extensions/libxt_MARK.c @@ -195,7 +195,7 @@ static void MARK_print_v1(const void *ip, const struct xt_entry_target *target, case XT_MARK_AND: printf(" MARK and"); break; - case XT_MARK_OR: + case XT_MARK_OR: printf(" MARK or"); break; } @@ -231,7 +231,7 @@ static void MARK_save_v1(const void *ip, const struct xt_entry_target *target) case XT_MARK_AND: printf(" --and-mark"); break; - case XT_MARK_OR: + case XT_MARK_OR: printf(" --or-mark"); break; } @@ -267,6 +267,29 @@ static int mark_tg_xlate(const void *ip, const struct xt_entry_target *target, return 1; } +static int MARK_xlate(const void *ip, const struct xt_entry_target *target, + struct xt_xlate *xl, int numeric) +{ + const struct xt_mark_target_info_v1 *markinfo = + (const struct xt_mark_target_info_v1 *)target->data; + + xt_xlate_add(xl, "meta mark set "); + + switch(markinfo->mode) { + case XT_MARK_SET: + xt_xlate_add(xl, "0x%x ", markinfo->mark); + break; + case XT_MARK_AND: + xt_xlate_add(xl, "mark and 0x%x ", markinfo->mark); + break; + case XT_MARK_OR: + xt_xlate_add(xl, "mark or 0x%x ", markinfo->mark); + break; + } + + return 1; +} + static struct xtables_target mark_tg_reg[] = { { .family = NFPROTO_UNSPEC, @@ -295,6 +318,7 @@ static struct xtables_target mark_tg_reg[] = { .x6_parse = MARK_parse_v1, .x6_fcheck = MARK_check, .x6_options = MARK_opts, + .xlate = MARK_xlate, }, { .version = XTABLES_VERSION, |