extensions: libip[6]t_REDIRECT: use new nft syntax when do xlate

After commit "parser_bison: redirect to :port for consistency with
nat/masq statement" in nftables tree, we should recommend the end
user to use the new syntax.

Before this patch:
  # iptables-translate -t nat -A PREROUTING -p tcp -j REDIRECT --to-ports 1
  nft add rule ip nat PREROUTING ip protocol tcp counter redirect to 1

Apply this patch:
  # iptables-translate -t nat -A PREROUTING -p tcp -j REDIRECT --to-ports 1
  nft add rule ip nat PREROUTING ip protocol tcp counter redirect to :1

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/extensions/libip6t_REDIRECT.c b/extensions/libip6t_REDIRECT.c
index 32f85b969a4f4f433654c47cc53b0e9af6266b28..8e04d2cd33d507b7125fc49dd920cba17b94c314 100644 (file)
--- a/extensions/libip6t_REDIRECT.c
+++ b/extensions/libip6t_REDIRECT.c
@@ -138,7 +138,7 @@ static int REDIRECT_xlate(struct xt_xlate *xl,
        const struct nf_nat_range *range = (const void *)params->target->data;
 
        if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-               xt_xlate_add(xl, "redirect to %hu",
+               xt_xlate_add(xl, "redirect to :%hu",
                           ntohs(range->min_proto.tcp.port));
                if (range->max_proto.tcp.port != range->min_proto.tcp.port)
                        xt_xlate_add(xl, "-%hu ",

diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 31ca88c3ea937deb4652d2c9659a9ad7f65ad276..7850306f5fe25e06c5e51d74d861bf04fe7142f7 100644 (file)
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -143,7 +143,7 @@ static int REDIRECT_xlate(struct xt_xlate *xl,
        const struct nf_nat_ipv4_range *r = &mr->range[0];
 
        if (r->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-               xt_xlate_add(xl, "redirect to %hu", ntohs(r->min.tcp.port));
+               xt_xlate_add(xl, "redirect to :%hu", ntohs(r->min.tcp.port));
                if (r->max.tcp.port != r->min.tcp.port)
                        xt_xlate_add(xl, "-%hu ", ntohs(r->max.tcp.port));
                if (mr->range[0].flags & NF_NAT_RANGE_PROTO_RANDOM)