From bb6b243c481f90f7dc4a0bd89187ee2bb823f1f6 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 31 Jan 2023 22:28:24 +0100 Subject: extensions: libebt_redirect: Fix target translation While EBT_ACCEPT is the default verdict for ebtables targets, omitting it from translation implicitly converts it into 'continue'. Omit the non-default EBT_CONTINUE instead. Fixes: 24ce7465056ae ("ebtables-compat: add redirect match extension") Signed-off-by: Phil Sutter --- extensions/libebt_redirect.txlate | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 extensions/libebt_redirect.txlate (limited to 'extensions/libebt_redirect.txlate') diff --git a/extensions/libebt_redirect.txlate b/extensions/libebt_redirect.txlate new file mode 100644 index 00000000..f0dd5dea --- /dev/null +++ b/extensions/libebt_redirect.txlate @@ -0,0 +1,8 @@ +ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect +nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta set pkttype host accept' + +ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect --redirect-target RETURN +nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta set pkttype host return' + +ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect --redirect-target CONTINUE +nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta set pkttype host' -- cgit v1.2.3