]> git.ipfire.org Git - thirdparty/iptables.git/commit
projects / thirdparty / iptables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 545310d) | patch
ebtables-nft: add broute table emulation
authorFlorian Westphal <fw@strlen.de>
Tue, 4 Apr 2023 09:45:44 +0000 (11:45 +0200)
committerPhil Sutter <phil@nwl.cc>
Tue, 4 Apr 2023 19:22:46 +0000 (21:22 +0200)
commit73611d5582e72367a698faf1b5301c836e981465
tree26cadc917f59dc503459ceab03287cc863fa4eaetree
parent545310d9ed412f895a8aad757f6f6324b66d062fcommit | diff
ebtables-nft: add broute table emulation

Use new 'meta broute set 1' to emulate -t broute.  If '-t broute' is given,
automatically translate -j DROP to 'meta broute set 1 accept' internally.

Reverse translation zaps the broute and pretends verdict was DROP.

Note that BROUTING is internally handled via PREROUTING, i.e. 'redirect'
and 'nat' targets are not available, they will need to be emulated via
nft expressions.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Phil Sutter <phil@nwl.cc>
iptables/ebtables-nft.8 diff | blob | blame | history
iptables/nft-bridge.c diff | blob | blame | history
iptables/nft-shared.c diff | blob | blame | history
iptables/nft-shared.h diff | blob | blame | history
iptables/nft.c diff | blob | blame | history
iptables/nft.h diff | blob | blame | history
iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0 diff | blob | blame | history
Mirror of git://git.netfilter.org/iptables