@@ -1442,7 +1442,7 @@ static void netlink_parse_masq(struct netlink_parse_ctx *ctx,
const struct location *loc,
const struct nftnl_expr *nle)
{
- enum nft_registers reg1, reg2;
+ enum nft_registers reg1, reg2, reg3;
struct expr *proto;
struct stmt *stmt;
uint32_t flags = 0;
@@ -1477,6 +1477,20 @@ static void netlink_parse_masq(struct netlink_parse_ctx *ctx,
if (stmt->nat.proto != NULL)
proto = range_expr_alloc(loc, stmt->nat.proto, proto);
stmt->nat.proto = proto;
+
+ reg3 = netlink_parse_register(nle, NFTNL_EXPR_MASQ_REG_PROTO_BASE);
+ if (reg3) {
+ proto = netlink_get_register(ctx, loc, reg3);
+ if (proto == NULL) {
+ netlink_error(ctx, loc,
+ "MASQUERADE statement has no base proto expression");
+ goto out_err;
+ }
+
+ expr_set_type(proto, &inet_service_type,
+ BYTEORDER_BIG_ENDIAN);
+ stmt->nat.proto_base = proto;
+ }
}
ctx->stmt = stmt;
@@ -1219,8 +1219,9 @@ static void netlink_gen_nat_stmt(struct netlink_linearize_ctx *ctx,
nle = alloc_nft_expr("masq");
nftnl_flag_attr = NFTNL_EXPR_MASQ_FLAGS;
- nftnl_reg_pmin = NFTNL_EXPR_MASQ_REG_PROTO_MIN;
- nftnl_reg_pmax = NFTNL_EXPR_MASQ_REG_PROTO_MAX;
+ nftnl_reg_pmin = NFTNL_EXPR_MASQ_REG_PROTO_MIN;
+ nftnl_reg_pmax = NFTNL_EXPR_MASQ_REG_PROTO_MAX;
+ nftnl_reg_pbase = NFTNL_EXPR_MASQ_REG_PROTO_BASE;
break;
case NFT_NAT_REDIR:
nle = alloc_nft_expr("redir");
@@ -3928,11 +3928,22 @@ masq_stmt_args : TO COLON stmt_expr
{
$<stmt>0->nat.proto = $3;
}
+ | TO COLON range_stmt_expr SLASH primary_stmt_expr
+ {
+ $<stmt>0->nat.proto = $3;
+ $<stmt>0->nat.proto_base = $5;
+ }
| TO COLON stmt_expr nf_nat_flags
{
$<stmt>0->nat.proto = $3;
$<stmt>0->nat.flags = $4;
}
+ | TO COLON range_stmt_expr SLASH primary_stmt_expr nf_nat_flags
+ {
+ $<stmt>0->nat.proto = $3;
+ $<stmt>0->nat.proto_base = $5;
+ $<stmt>0->nat.flags = $6;
+ }
| nf_nat_flags
{
$<stmt>0->nat.flags = $1;
Support for shifted port-ranges was recently added for nat statements. Extend this to masq statements. Signed-off-by: Jeremy Sowden <jeremy@azazel.net> --- src/netlink_delinearize.c | 16 +++++++++++++++- src/netlink_linearize.c | 5 +++-- src/parser_bison.y | 11 +++++++++++ 3 files changed, 29 insertions(+), 3 deletions(-)