Closed a-ilin closed 3 months ago
The current implementation of NAT lacks the flag for specified ranges: https://github.com/torvalds/linux/blob/master/net/netfilter/nf_nat_core.c#L525
Example nft command: meta l4proto tcp dnat to 10.200.45.6:9080
meta l4proto tcp dnat to 10.200.45.6:9080
[ meta load l4proto => reg 1 ] [ cmp eq reg 1 0x00000006 ] [ immediate reg 1 0x062dc80a ] [ immediate reg 2 0x00007823 ] [ nat dnat ip addr_min reg 1 proto_min reg 2 flags 0x2 ]
This PR adds specified ranges parameter in NAT.
The current implementation of NAT lacks the flag for specified ranges: https://github.com/torvalds/linux/blob/master/net/netfilter/nf_nat_core.c#L525
Example nft command:
meta l4proto tcp dnat to 10.200.45.6:9080This PR adds specified ranges parameter in NAT.