From cf8c90ea9985c9019b002037629ee362b5c50343 Mon Sep 17 00:00:00 2001 From: Arturo Borrero Date: Mon, 6 Oct 2014 21:51:24 +0200 Subject: src: add masquerade support This patch adds masquerade support for nft. The syntax is: % nft add rule nat postrouting masquerade [flags] Currently, flags are: random, random-fully, persistent Example: % nft add rule nat postrouting masquerade random,persistent Signed-off-by: Arturo Borrero Gonzalez Signed-off-by: Pablo Neira Ayuso --- src/parser.y | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'src/parser.y') diff --git a/src/parser.y b/src/parser.y index e813b258..9e9a8393 100644 --- a/src/parser.y +++ b/src/parser.y @@ -374,6 +374,7 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token SNAT "snat" %token DNAT "dnat" +%token MASQUERADE "masquerade" %token RANDOM "random" %token RANDOM_FULLY "random-fully" %token PERSISTENT "persistent" @@ -439,8 +440,8 @@ static void location_update(struct location *loc, struct location *rhs, int n) %type time_unit %type reject_stmt reject_stmt_alloc %destructor { stmt_free($$); } reject_stmt reject_stmt_alloc -%type nat_stmt nat_stmt_alloc -%destructor { stmt_free($$); } nat_stmt nat_stmt_alloc +%type nat_stmt nat_stmt_alloc masq_stmt masq_stmt_alloc +%destructor { stmt_free($$); } nat_stmt nat_stmt_alloc masq_stmt masq_stmt_alloc %type nf_nat_flags nf_nat_flag %type queue_stmt queue_stmt_alloc %destructor { stmt_free($$); } queue_stmt queue_stmt_alloc @@ -1184,6 +1185,7 @@ stmt : verdict_stmt | nat_stmt | queue_stmt | ct_stmt + | masq_stmt ; verdict_stmt : verdict_expr @@ -1407,6 +1409,17 @@ nat_stmt_args : expr } ; +masq_stmt : masq_stmt_alloc + | masq_stmt_alloc nf_nat_flags + { + $$ = $1; + $$->masq.flags = $2; + } + ; + +masq_stmt_alloc : MASQUERADE { $$ = masq_stmt_alloc(&@$); } + ; + nf_nat_flags : nf_nat_flag | nf_nat_flags COMMA nf_nat_flag { -- cgit v1.2.3