[Bug 1764] mapping IPv4 interval to IPv4 interval works for anonymous maps, but not for named maps
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Aug 15 23:45:03 CEST 2024
https://bugzilla.netfilter.org/show_bug.cgi?id=1764
--- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> ---
TLDR; Try this:
table ip t {
map m {
type ipv4_addr : interval ipv4_addr
flags interval
elements = { 192.0.2.0 : 198.51.100.0/24 }
}
chain c {
type nat hook postrouting priority srcnat; policy accept;
snat to ip saddr map @m persistent
}
}
I can post a patch to improve error reporting, to provide a hint.
===
Now looking further at this issue... Maybe this syntax can be revisited while
retaining backwards compatibility, I can propose this instead:
table ip t {
map m {
type ipv4_addr : ipv4_addr
flags interval : interval
elements = { 192.0.2.0/24 : 198.51.100.0/24 }
}
chain c {
type nat hook postrouting priority srcnat; policy accept;
snat to ip saddr map @m persistent
}
}
however, if lhs is singleton, then I will need syntatic sugar like this
'singleton' keyword (which does not exist):
table ip t {
map m {
type ipv4_addr : ipv4_addr
flags singleton : interval
elements = { 192.0.2.0 : 198.51.100.0/24 }
}
chain c {
type nat hook postrouting priority srcnat; policy accept;
snat to ip saddr map @m persistent
}
}
otherwise this would need to print:
flags : interval
because no flags in the left hand side (ie. singleton values only)
Another possibility is to push both interval flags to the type
type interval lipv4_addr : interval ipv4_addr
thanks.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240815/251f2302/attachment.html>
More information about the netfilter-buglog
mailing list