"DNAT: Multiple --to-destination not supported");
}
*cb->target = parse_to(cb->arg, portok, info);
- /* WTF do we need this for?? */
- if (cb->xflags & F_RANDOM)
- info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
cb->xflags |= F_X_TO_DEST;
break;
- case O_RANDOM:
- if (cb->xflags & F_TO_DEST)
- info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
- break;
case O_PERSISTENT:
info->mr.range[0].flags |= IP_NAT_RANGE_PERSISTENT;
break;
}
}
+static void DNAT_fcheck(struct xt_fcheck_call *cb)
+{
+ static const unsigned int f = F_TO_DEST | F_RANDOM;
+ struct nf_nat_multi_range *mr = cb->data;
+
+ if ((cb->xflags & f) == f)
+ mr->range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
+}
+
static void print_range(const struct nf_nat_range *r)
{
if (r->flags & IP_NAT_RANGE_MAP_IPS) {
.userspacesize = XT_ALIGN(sizeof(struct nf_nat_multi_range)),
.help = DNAT_help,
.x6_parse = DNAT_parse,
+ .x6_fcheck = DNAT_fcheck,
.print = DNAT_print,
.save = DNAT_save,
.x6_options = DNAT_opts,
O_TO_ADDR = 0,
O_NODST,
O_RANDOM,
- F_RANDOM = 1 << O_RANDOM,
+ F_TO_ADDR = 1 << O_TO_ADDR,
+ F_RANDOM = 1 << O_RANDOM,
};
static void SAME_help(void)
static void SAME_parse(struct xt_option_call *cb)
{
struct ipt_same_info *mr = cb->data;
- unsigned int count;
xtables_option_parse(cb);
switch (cb->entry->id) {
"is %i ranges.\n",
IPT_SAME_MAX_RANGE);
parse_to(cb->arg, &mr->range[mr->rangesize]);
- /* WTF do we need this for? */
- if (cb->xflags & F_RANDOM)
- mr->range[mr->rangesize].flags
- |= IP_NAT_RANGE_PROTO_RANDOM;
mr->rangesize++;
break;
case O_NODST:
mr->info |= IPT_SAME_NODST;
break;
- case O_RANDOM:
- for (count=0; count < mr->rangesize; count++)
- mr->range[count].flags |= IP_NAT_RANGE_PROTO_RANDOM;
- break;
}
}
+static void SAME_fcheck(struct xt_fcheck_call *cb)
+{
+ static const unsigned int f = F_TO_ADDR | F_RANDOM;
+ struct ipt_same_info *mr = cb->data;
+ unsigned int count;
+
+ if ((cb->xflags & f) == f)
+ for (count = 0; count < mr->rangesize; ++count)
+ mr->range[count].flags |= IP_NAT_RANGE_PROTO_RANDOM;
+}
+
static void SAME_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
.userspacesize = XT_ALIGN(sizeof(struct ipt_same_info)),
.help = SAME_help,
.x6_parse = SAME_parse,
+ .x6_fcheck = SAME_fcheck,
.print = SAME_print,
.save = SAME_save,
.x6_options = SAME_opts,
"SNAT: Multiple --to-source not supported");
}
*cb->target = parse_to(cb->arg, portok, info);
- /* WTF do we need this for?? */
- if (cb->xflags & F_RANDOM)
- info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
cb->xflags |= F_X_TO_SRC;
break;
- case O_RANDOM:
- if (cb->xflags & F_TO_SRC)
- info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
- break;
case O_PERSISTENT:
info->mr.range[0].flags |= IP_NAT_RANGE_PERSISTENT;
break;
}
}
+static void SNAT_fcheck(struct xt_fcheck_call *cb)
+{
+ static const unsigned int f = F_TO_SRC | F_RANDOM;
+ struct nf_nat_multi_range *mr = cb->data;
+
+ if ((cb->xflags & f) == f)
+ mr->range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
+}
+
static void print_range(const struct nf_nat_range *r)
{
if (r->flags & IP_NAT_RANGE_MAP_IPS) {
.userspacesize = XT_ALIGN(sizeof(struct nf_nat_multi_range)),
.help = SNAT_help,
.x6_parse = SNAT_parse,
+ .x6_fcheck = SNAT_fcheck,
.print = SNAT_print,
.save = SNAT_save,
.x6_options = SNAT_opts,
projects / thirdparty / iptables.git / commitdiff
