On Thursday 2012-08-09 22:11, kaber@xxxxxxxxx wrote:
>+static void MASQUERADE_help(void)
>+{
>+ printf(
>+"MASQUERADE target options:\n"
>+" --to-ports <port>[-<port>]\n"
>+" Port (range) to map to.\n"
>+" --random\n"
>+" Randomize source port.\n");
>+}
>+
>+static const struct xt_option_entry MASQUERADE_opts[] = {
>+ {.name = "to-ports", .id = O_TO_PORTS, .type = XTTYPE_STRING},
>+ {.name = "random", .id = O_RANDOM, .type = XTTYPE_NONE},
>+ XTOPT_TABLEEND,
>+};
You could use .type = XTTYPE_PORTRC (port range)...
though arguably iptables already did a bad job at selecting
a suitable syntax for ranges.
>+/* Parses ports */
I don't think such a comment is needed ;)
>+static struct xtables_target masquerade_tg_reg = {
>+ .name = "MASQUERADE",
>+ .version = XTABLES_VERSION,
>+ .family = NFPROTO_IPV6,
>+ .size = XT_ALIGN(sizeof(struct nf_nat_range)),
>+ .userspacesize = XT_ALIGN(sizeof(struct nf_nat_range)),
>+ .help = MASQUERADE_help,
>+ .x6_parse = MASQUERADE_parse,
>+ .print = MASQUERADE_print,
>+ .save = MASQUERADE_save,
>+ .x6_options = MASQUERADE_opts,
>+};
Is it perhaps feasible to rename libipt_DNAT.c to libxt_DNAT.c
and thus have the v4 and v6 parts in the same file? In userspace
we do not have to fear depending on ipv6.ko like for kernel modules.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
