summaryrefslogtreecommitdiffstats
path: root/extensions/libip6t_DNAT.c
Commit message (Collapse)AuthorAgeFilesLines
* src: introduce struct xt_xlate_{mt,tg}_paramsPablo Neira Ayuso2016-07-251-3/+3
| | | | | | | | This structure is an extensible containers of parameters, so we don't need to propagate interface updates in every extension file in case we need to add new parameters in the future. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* iptables-translate: pass ipt_entry and ip6t_entry to ->xlate()Pablo Neira Ayuso2016-03-091-1/+1
| | | | | | | The multiport match needs it, this basically leaves ->xlate() indirection with almost the same interface as ->print(). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extensions: rename xt_buf to xt_xlatePablo Neira Ayuso2016-02-161-10/+10
| | | | | | | Use a more generic name for this object to prepare the introduction of other translation specific fields. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extensions: libip6t_DNAT: Add translation to nftShivani Bhardwaj2016-02-161-0/+44
| | | | | | | | | | | | | | | | | | | | | Add translation for target DNAT to nftables. Examples: $ sudo ip6tables-translate -t nat -A prerouting -i eth1 -p tcp --dport 8080 -j DNAT --to-destination [fec0::1234]:80 nft add rule ip6 nat prerouting iifname eth1 tcp dport 8080 counter dnat fec0::1234 :80 $ sudo ip6tables-translate -t nat -A prerouting -p tcp -j DNAT --to-destination [fec0::1234]:1-20 nft add rule ip6 nat prerouting ip6 nexthdr tcp counter dnat fec0::1234 :1-20 $ sudo ip6tables-translate -t nat -A prerouting -p tcp -j DNAT --to-destination [fec0::1234]:80 --persistent nft add rule ip6 nat prerouting ip6 nexthdr tcp counter dnat fec0::1234 :80 persistent $ sudo ip6tables-translate -t nat -A prerouting -p tcp -j DNAT --to-destination [fec0::1234]:80 --random --persistent nft add rule ip6 nat prerouting ip6 nexthdr tcp counter dnat fec0::1234 :80 random,persistent Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extensions: libip6t_DNAT: set IPv6 DNAT --to-destinationUlrich Weber2013-01-041-5/+5
| | | | | | | as in IPv4 and fixes DNAT_save Signed-off-by: Ulrich Weber <ulrich.weber@sophos.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extension: libip6t_DNAT: allow port DNAT without addressUlrich Weber2013-01-041-3/+8
| | | | | | | | | | | | | | | | | | | | | | | correct parsing of IPv6 port NAT without address NAT, assume one colon as port information. Allows: * address only: -j DNAT --to affe::1 -j DNAT --to [affe::1] * port only -j DNAT --to :80 -j DNAT --to :80-110 -j DNAT --to []:80 -j DNAT --to []:80-110 * address and port -j DNAT --to [affe::1]:80 -j DNAT --to [affe::1]:80-110 Signed-off-by: Ulrich Weber <ulrich.weber@sophos.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extensions: add IPv6 DNAT targetPatrick McHardy2012-09-101-0/+247
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>