From: Liping Zhang <liping.zhang@xxxxxxxxxxxxxx>
For example:
# iptables-translate -t raw -A PREROUTING -j TRACE
nft add rule ip raw PREROUTING counter nftrace set 1
Signed-off-by: Liping Zhang <liping.zhang@xxxxxxxxxxxxxx>
---
extensions/libxt_TRACE.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/extensions/libxt_TRACE.c b/extensions/libxt_TRACE.c
index 0282e6f..7cb3585 100644
--- a/extensions/libxt_TRACE.c
+++ b/extensions/libxt_TRACE.c
@@ -7,12 +7,20 @@
#include <xtables.h>
#include <linux/netfilter/x_tables.h>
+static int trace_xlate(const void *ip, const struct xt_entry_target *target,
+ struct xt_xlate *xl, int numeric)
+{
+ xt_xlate_add(xl, "nftrace set 1");
+ return 1;
+}
+
static struct xtables_target trace_target = {
.family = NFPROTO_UNSPEC,
.name = "TRACE",
.version = XTABLES_VERSION,
.size = XT_ALIGN(0),
.userspacesize = XT_ALIGN(0),
+ .xlate = trace_xlate,
};
void _init(void)
--
2.5.5
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
