[NETFILTER]: NAT: optional source port randomization support

This patch adds support to NAT to randomize source ports. Signed-off-by: Eric Leblond <eric@inl.fr> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Eric Leblond <eric@inl.fr> 2007-02-07 18:10:09 -0500
committer: David S. Miller <davem@sunset.davemloft.net> 2007-02-08 15:39:17 -0500
commit: 41f4689a7c8cd76b77864461b3c58fde8f322b2c (patch)
tree: 29be7597bc02158ca41261f365ebcbd8047dd56f /net/ipv4/netfilter/nf_nat_rule.c
parent: cdd289a2f833b93e65b9a09a02c37f47a58140a8 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/nf_nat_rule.c b/net/ipv4/netfilter/nf_nat_rule.c
index b868ee0195d..3745efe7030 100644
--- a/net/ipv4/netfilter/nf_nat_rule.c
+++ b/net/ipv4/netfilter/nf_nat_rule.c
@@ -226,6 +226,10 @@ static int ipt_dnat_checkentry(const char *tablename,
                printk("DNAT: multiple ranges no longer supported\n");
                return 0;
        }
+        if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM) {
+                printk("DNAT: port randomization not supported\n");
+                return 0;
+        }
        return 1;
 }
author	Eric Leblond <eric@inl.fr>	2007-02-07 18:10:09 -0500
committer	David S. Miller <davem@sunset.davemloft.net>	2007-02-08 15:39:17 -0500
commit	41f4689a7c8cd76b77864461b3c58fde8f322b2c (patch)
tree	29be7597bc02158ca41261f365ebcbd8047dd56f /net/ipv4/netfilter/nf_nat_rule.c
parent	cdd289a2f833b93e65b9a09a02c37f47a58140a8 (diff)