"restore",
};
+static const char *reflection_sources[] = {
+ "internal",
+ "external",
+};
+
bool
fw3_parse_bool(void *ptr, const char *val)
FW3_INC_TYPE_SCRIPT, FW3_INC_TYPE_RESTORE);
}
+bool
+fw3_parse_reflection_source(void *ptr, const char *val)
+{
+ return parse_enum(ptr, val, reflection_sources,
+ FW3_REFLECTION_INTERNAL, FW3_REFLECTION_EXTERNAL);
+}
+
void
fw3_parse_options(void *s, const struct fw3_option *opts,
FW3_INC_TYPE_RESTORE = 1,
};
+enum fw3_reflection_source
+{
+ FW3_REFLECTION_INTERNAL = 0,
+ FW3_REFLECTION_EXTERNAL = 1,
+};
+
struct fw3_ipset_datatype
{
struct list_head list;
const char *extra;
bool reflection;
+ enum fw3_reflection_source reflection_src;
};
struct fw3_forward
bool fw3_parse_ipset_datatype(void *ptr, const char *val);
bool fw3_parse_include_type(void *ptr, const char *val);
+bool fw3_parse_reflection_source(void *ptr, const char *val);
bool fw3_parse_date(void *ptr, const char *val);
bool fw3_parse_time(void *ptr, const char *val);
FW3_OPT("monthdays", monthdays, redirect, time.monthdays),
FW3_OPT("reflection", bool, redirect, reflection),
+ FW3_OPT("reflection_src", reflection_source,
+ redirect, reflection_src),
FW3_OPT("target", target, redirect, target),
struct fw3_redirect *redir, int num)
{
struct list_head *ext_addrs, *int_addrs;
- struct fw3_address *ext_addr, *int_addr;
+ struct fw3_address *ext_addr, *int_addr, ref_addr;
struct fw3_device *ext_net, *int_net;
struct fw3_protocol *proto;
struct fw3_mac *mac;
if (!proto || (proto->protocol != 6 && proto->protocol != 17))
continue;
+ if (redir->reflection_src == FW3_REFLECTION_INTERNAL)
+ ref_addr = *int_addr;
+ else
+ ref_addr = *ext_addr;
+
+ ref_addr.mask = 32;
ext_addr->mask = 32;
if (table == FW3_TABLE_NAT)
fw3_format_sport_dport(NULL, &redir->port_redir);
fw3_format_time(&redir->time);
fw3_format_comment(redir->name, " (reflection)");
- print_snat_dnat(FW3_FLAG_SNAT, ext_addr, NULL);
+ print_snat_dnat(FW3_FLAG_SNAT, &ref_addr, NULL);
}
else if (table == FW3_TABLE_FILTER)
{
projects / oweals / firewall3.git / commitdiff