Handle DNAT with no port correctly.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2025-01-03 20:19:19 +01:00 · 2013-03-01 07:58:58 -08:00 · 2013-03-01 07:58:58 -08:00 · 8960f72532
commit 8960f72532
parent 252dd9b676
2 changed files with 12 additions and 2 deletions
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@ -634,7 +634,7 @@ sub handle_nat_rule( $$$$$$$$$$$$ ) {
    #
    # Isolate server port
    #
-    if ( $dest =~ /^(.*)(?::(.+))$/ ) {
+    if ( ( $family == F_IPV4 && $dest =~ /^(.*)(?::(.+))$/ ) || ( $family == F_IPV6 && $dest =~ /^\[(.*)]:(.+)$/ ) ) {
 	#
 	# Server IP and Port
 	#
--- a/Shorewall6/manpages/shorewall6-rules.xml
+++ b/Shorewall6/manpages/shorewall6-rules.xml
@ -882,7 +882,7 @@

          <variablelist>
            <varlistentry>
-              <term>Example:</term>
+              <term>Example 1:</term>

              <listitem>
                <para><emphasis
@ -891,6 +891,16 @@
                on port 3128.</para>
              </listitem>
            </varlistentry>
+
+            <varlistentry>
+              <term>Example 2:</term>
+
+              <listitem>
+                <para><emphasis role="bold">loc:[]:3128</emphasis> specifies
+                that the destination port should be changed to 3128 but the IP
+                address should remain the same.</para>
+              </listitem>
+            </varlistentry>
          </variablelist>

          <para>The <emphasis>port</emphasis> may be specified as a service