@@ -134,6 +134,22 @@ MASQUERADE_save(const void *ip, const struct xt_entry_target *target)
printf(" --random");
}
+static int
+MASQUERADE_xlate(const struct xt_entry_target *target,
+ struct xt_xlate *xl, int numeric)
+{
+ const struct nf_nat_ipv4_multi_range_compat *mr =
+ (const void *)target->data;
+ const struct nf_nat_ipv4_range *r = &mr->range[0];
+
+ xt_xlate_add(xl, "masquerade ");
+
+ if (r->flags & NF_NAT_RANGE_PROTO_RANDOM)
+ xt_xlate_add(xl, "random ");
+
+ return 1;
+}
+
static struct xtables_target masquerade_tg_reg = {
.name = "MASQUERADE",
.version = XTABLES_VERSION,
@@ -146,6 +162,7 @@ static struct xtables_target masquerade_tg_reg = {
.print = MASQUERADE_print,
.save = MASQUERADE_save,
.x6_options = MASQUERADE_opts,
+ .xlate = MASQUERADE_xlate,
};
void _init(void)
Add translation for target MASQUERADE to nftables. Full translation of this target awaits the support for --to-ports option. Examples: $ sudo iptables-translate -t nat -A POSTROUTING -o eth0 -j MASQUERADE nft add rule ip nat POSTROUTING oifname eth0 counter masquerade $ sudo iptables-translate -t nat -A POSTROUTING -j MASQUERADE --random nft add rule ip nat POSTROUTING counter masquerade random Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com> --- extensions/libipt_MASQUERADE.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+)