extensions: libxt_helper: Add translation to nft

Add translation for helper module to nftables.

Examples:

$ sudo iptables-translate -A FORWARD -m helper --helper sip
nft add rule ip filter FORWARD ct helper \"sip\" counter

$ sudo iptables-translate -A FORWARD -m helper ! --helper ftp
nft add rule ip filter FORWARD ct helper != \"ftp\" counter

Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index c9f9435ecd2eb0a023775f0eb967fa003589ecbc..971ce4ab7e9fca54a1edde53646bd4141aa97d7c 100644 (file)
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -45,6 +45,17 @@ static void helper_save(const void *ip, const struct xt_entry_match *match)
        xtables_save_string(info->name);
 }
 
+static int helper_xlate(const struct xt_entry_match *match,
+                       struct xt_buf *buf, int numeric)
+{
+       const struct xt_helper_info *info = (const void *)match->data;
+
+       xt_buf_add(buf, "ct helper%s \\\"%s\\\" ",
+                  info->invert ? " !=" : "", info->name);
+
+       return 1;
+}
+
 static struct xtables_match helper_match = {
        .family         = NFPROTO_UNSPEC,
        .name           = "helper",
@@ -55,6 +66,7 @@ static struct xtables_match helper_match = {
        .save           = helper_save,
        .x6_parse       = helper_parse,
        .x6_options     = helper_opts,
+       .xlate          = helper_xlate,
 };
 
 void _init(void)