| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | extensions: *NAT: Drop NF_NAT_RANGE_PROTO_RANDOM* flag checks | Phil Sutter | 2022-11-11 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | SNAT, DNAT and REDIRECT extensions tried to prevent NF_NAT_RANGE_PROTO_RANDOM flag from being set if no port or address was also given. With SNAT and DNAT, this is not possible as the respective --to-destination or --to-source parameters are mandatory anyway. Looking at the kernel code, doing so with REDIRECT seems harmless. Moreover, nftables supports 'redirect random' without specifying a port-range. Signed-off-by: Phil Sutter <phil@nwl.cc> | ||||
| * | extensions: Merge REDIRECT into DNAT | Phil Sutter | 2022-04-08 | 1 | -0/+16 |
| Code is very similar, join them to reuse parsing code at least. As a side-effect, this enables parsing of service names for ports in DNAT as well as using port number 0 as that's what REDIRECT allows. Signed-off-by: Phil Sutter <phil@nwl.cc> | |||||
 |
index : iptables | |
| iptables tree | pablo@netfilter.org |
| summaryrefslogtreecommitdiffstats |