netfilter: xt_nat: fix DNAT target for shifted portmap ranges
[ Upstream commit cb20f2d2c0507d60d94ef896991e95708f051dd1 ] The commit2eb0f624b7
("netfilter: add NAT support for shifted portmap ranges") did not set the checkentry/destroy callbacks for the newly added DNAT target. As a result, rulesets using only such nat targets are not effective, as the relevant conntrack hooks are not enabled. The above affect also nft_compat rulesets. Fix the issue adding the missing initializers. Fixes:2eb0f624b7
("netfilter: add NAT support for shifted portmap ranges") Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
117d5fbddd
commit
703acc3265
1 changed files with 2 additions and 0 deletions
|
@ -216,6 +216,8 @@ static struct xt_target xt_nat_target_reg[] __read_mostly = {
|
|||
{
|
||||
.name = "DNAT",
|
||||
.revision = 2,
|
||||
.checkentry = xt_nat_checkentry,
|
||||
.destroy = xt_nat_destroy,
|
||||
.target = xt_dnat_target_v2,
|
||||
.targetsize = sizeof(struct nf_nat_range2),
|
||||
.table = "nat",
|
||||
|
|
Loading…
Add table
Reference in a new issue