git.ipfire.org Git - thirdparty/iptables.git/commit

author	Shivani Bhardwaj <shivanib134@gmail.com>
	Thu, 31 Dec 2015 17:25:28 +0000 (22:55 +0530)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 16 Feb 2016 18:30:24 +0000 (19:30 +0100)
commit	b74a255a1e408dfe3590a1a45b0ba5e57e840971
tree	2b66e13337813ee3a0e3c677e575b65c02f3acd4	tree
parent	95a7a9df945790f92237e4d2e91f3d372d6a2ad5	commit \| diff

extensions: libip6t_ah: Add translation to nft

Add translation for AH to nftables.

Examples:

$ sudo ip6tables-translate -A INPUT -m ah --ahspi 500 -j DROP
nft add rule ip6 filter INPUT ah spi 500 counter drop

$ sudo ip6tables-translate -A INPUT -m ah --ahspi 500:550 -j DROP
nft add rule ip6 filter INPUT ah spi 500-550 counter drop

$ sudo ip6tables-translate -A INPUT -m ah ! --ahlen 120
nft add rule ip6 filter INPUT ah hdrlength != 120 counter

$ sudo ip6tables-translate -A INPUT -m ah --ahres
nft add rule ip6 filter INPUT ah reserved 1 counter

Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>