src: add nat persistent and random options

This patch adds more configuration options to the nat expression. The syntax is as follow: % nft add rule nat postrouting <snat|dnat> <nat_arguments> [flags] Flags are: random, persistent, random-fully. Example: % nft add rule nat postrouting dnat 1.1.1.1 random,persistent A requirement is to cache some [recent] copies of kernel headers. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Arturo Borrero <arturo.borrero.glez@gmail.com> 2014-10-03 14:46:41 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-10-09 14:09:28 +0200
commit: fc53d1b6b93d9ca194334c43931753e19bcb127b (patch)
tree: 170218b0e392d7e123748d15396739ca05bb74e6 /src/netlink_delinearize.c
parent: 5fdd0b6a0600e66f9ff6d9a1d6b749aa68a3ba99 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 397b65c0..4bb4697c 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -501,6 +501,10 @@ static void netlink_parse_nat(struct netlink_parse_ctx *ctx,
 
 	family = nft_rule_expr_get_u32(nle, NFT_EXPR_NAT_FAMILY);
 
+	if (nft_rule_expr_is_set(nle, NFT_EXPR_NAT_FLAGS))
+		stmt->nat.flags = nft_rule_expr_get_u32(nle,
+							NFT_EXPR_NAT_FLAGS);
+
 	reg1 = nft_rule_expr_get_u32(nle, NFT_EXPR_NAT_REG_ADDR_MIN);
 	if (reg1) {
 		addr = netlink_get_register(ctx, loc, reg1);
author	Arturo Borrero <arturo.borrero.glez@gmail.com>	2014-10-03 14:46:41 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-10-09 14:09:28 +0200
commit	fc53d1b6b93d9ca194334c43931753e19bcb127b (patch)
tree	170218b0e392d7e123748d15396739ca05bb74e6 /src/netlink_delinearize.c
parent	5fdd0b6a0600e66f9ff6d9a1d6b749aa68a3ba99 (diff)