From cf8e0db8aacbafac5acb1f42afd62d8215ca5863 Mon Sep 17 00:00:00 2001
From: Shivani Bhardwaj <shivanib134@gmail.com>
Date: Sat, 23 Jan 2016 02:25:55 +0530
Subject: src: Add support for masquerade port selection

Provide full support for masquerading by allowing port range selection, eg.

 # nft add rule nat postrouting ip protocol tcp masquerade to :1024-10024

Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/statement.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'src/statement.c')

diff --git a/src/statement.c b/src/statement.c
index ca924410..2a6f19f8 100644
--- a/src/statement.c
+++ b/src/statement.c
@@ -385,13 +385,24 @@ static void masq_stmt_print(const struct stmt *stmt)
 {
 	printf("masquerade");
 
+	if (stmt->masq.proto) {
+		printf(" to :");
+		expr_print(stmt->masq.proto);
+	}
+
 	print_nf_nat_flags(stmt->masq.flags);
 }
 
+static void masq_stmt_destroy(struct stmt *stmt)
+{
+	expr_free(stmt->masq.proto);
+}
+
 static const struct stmt_ops masq_stmt_ops = {
 	.type		= STMT_MASQ,
 	.name		= "masq",
 	.print		= masq_stmt_print,
+	.destroy	= masq_stmt_destroy,
 };
 
 struct stmt *masq_stmt_alloc(const struct location *loc)
-- 
cgit v1.2.3