git.ipfire.org Git - thirdparty/iptables.git/commit

author	Shivani Bhardwaj <shivanib134@gmail.com>
	Wed, 30 Dec 2015 08:41:26 +0000 (14:11 +0530)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 16 Feb 2016 18:30:23 +0000 (19:30 +0100)
commit	ce14561a0b005b7a7993bf0113cdf5dd8b1b53ca
tree	ca46207c2081b7fb116139f72883e0184c4422c6	tree \| snapshot
parent	1e1c582ff0b502c49a87c945da351fbd5c0c6fe9	commit \| diff

extensions: libip6t_DNAT: Add translation to nft

Add translation for target DNAT to nftables.

Examples:

$ sudo ip6tables-translate -t nat -A prerouting -i eth1 -p tcp --dport 8080 -j DNAT --to-destination [fec0::1234]:80
nft add rule ip6 nat prerouting iifname eth1 tcp dport 8080 counter dnat fec0::1234 :80

$ sudo ip6tables-translate -t nat -A prerouting -p tcp -j DNAT --to-destination [fec0::1234]:1-20
nft add rule ip6 nat prerouting ip6 nexthdr tcp counter dnat fec0::1234 :1-20

$ sudo ip6tables-translate -t nat -A prerouting -p tcp -j DNAT --to-destination [fec0::1234]:80 --persistent
nft add rule ip6 nat prerouting ip6 nexthdr tcp counter dnat fec0::1234 :80 persistent

$ sudo ip6tables-translate -t nat -A prerouting -p tcp -j DNAT --to-destination [fec0::1234]:80 --random --persistent
nft add rule ip6 nat prerouting ip6 nexthdr tcp counter dnat fec0::1234 :80 random,persistent

Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>