On Wed, 21 Sep 2016, Khawar wrote: > I want to implement following using C programming > > "ip6tables -t nat -j postrouting -d <ipv6-address-in-destination-field> -m > set --match-set xyz -j snat --to-source <ipv6-address>" I assumne by "implement following using C programming" you mean to call exec() from your code. If not, the stop in your project and rethink: libiptables from the iptables package was never meant to be used by third party projects, check out nftables. > What should I take into account? There's nothing fancy there: - create the sets before you refer them in i[6]ptables rules - use proper syntax (the flag parameter is missing from the set match) > I have already installed the ipset userspace and kernel modules. I can > easily use ipset specific socket options etc which mean my compilation > and installation is somewhat ok. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
