diff --git a/miniupnpd/netfilter_nft/nftnlrdr.c b/miniupnpd/netfilter_nft/nftnlrdr.c index 7ad72bc..2d3749a 100644 --- a/miniupnpd/netfilter_nft/nftnlrdr.c +++ b/miniupnpd/netfilter_nft/nftnlrdr.c @@ -191,7 +191,7 @@ add_redirect_rule2(const char * ifname, d_printf(("add redirect rule2(%s, %s, %u, %s, %u, %d, %s)!\n", ifname, rhost, eport, iaddr, iport, proto, desc)); - r = rule_set_dnat(NFPROTO_INET, ifname, proto, + r = rule_set_dnat(NFPROTO_IPV4, ifname, proto, 0, eport, inet_addr(iaddr), iport, desc, NULL); @@ -220,7 +220,7 @@ add_peer_redirect_rule2(const char * ifname, d_printf(("add peer redirect rule2()!\n")); - r = rule_set_snat(NFPROTO_INET, proto, + r = rule_set_snat(NFPROTO_IPV4, proto, inet_addr(rhost), rport, inet_addr(eaddr), eport, inet_addr(iaddr), iport, desc, NULL); @@ -249,7 +249,7 @@ add_filter_rule2(const char * ifname, if (rhost != NULL && strcmp(rhost, "") != 0 && strcmp(rhost, "*") != 0) { rhost_addr = inet_addr(rhost); } - r = rule_set_filter(NFPROTO_INET, ifname, proto, + r = rule_set_filter(NFPROTO_IPV4, ifname, proto, rhost_addr, inet_addr(iaddr), eport, iport, 0, desc, 0); diff --git a/miniupnpd/netfilter_nft/nftnlrdr_misc.c b/miniupnpd/netfilter_nft/nftnlrdr_misc.c index 6574611..64208c5 100644 --- a/miniupnpd/netfilter_nft/nftnlrdr_misc.c +++ b/miniupnpd/netfilter_nft/nftnlrdr_misc.c @@ -628,7 +628,7 @@ int refresh_nft_cache_filter(void) { if (rule_list_filter_validate != RULE_CACHE_VALID) { - if (refresh_nft_cache(&head_filter, nft_table, nft_forward_chain, NFPROTO_INET, RULE_FILTER) < 0) + if (refresh_nft_cache(&head_filter, nft_table, nft_forward_chain, NFPROTO_IPV4, RULE_FILTER) < 0) return -1; rule_list_filter_validate = RULE_CACHE_VALID; } @@ -639,7 +639,7 @@ int refresh_nft_cache_peer(void) { if (rule_list_peer_validate != RULE_CACHE_VALID) { - if (refresh_nft_cache(&head_peer, nft_nat_table, nft_postrouting_chain, NFPROTO_INET, RULE_NAT) < 0) + if (refresh_nft_cache(&head_peer, nft_nat_table, nft_postrouting_chain, NFPROTO_IPV4, RULE_NAT) < 0) return -1; rule_list_peer_validate = RULE_CACHE_VALID; } @@ -650,7 +650,7 @@ int refresh_nft_cache_redirect(void) { if (rule_list_redirect_validate != RULE_CACHE_VALID) { - if (refresh_nft_cache(&head_redirect, nft_nat_table, nft_prerouting_chain, NFPROTO_INET, RULE_NAT) < 0) + if (refresh_nft_cache(&head_redirect, nft_nat_table, nft_prerouting_chain, NFPROTO_IPV4, RULE_NAT) < 0) return -1; rule_list_redirect_validate = RULE_CACHE_VALID; } @@ -1164,15 +1164,9 @@ rule_del_handle(rule_t *rule) return NULL; } - if (rule->type == RULE_NAT) { - // NAT Family is not chain/rule family - nftnl_rule_set_u32(r, NFTNL_RULE_FAMILY, NFPROTO_INET); - } else { - nftnl_rule_set_u32(r, NFTNL_RULE_FAMILY, rule->family); - } - nftnl_rule_set_str(r, NFTNL_RULE_TABLE, rule->table); nftnl_rule_set_str(r, NFTNL_RULE_CHAIN, rule->chain); + nftnl_rule_set_u32(r, NFTNL_RULE_FAMILY, rule->family); nftnl_rule_set_u64(r, NFTNL_RULE_HANDLE, rule->handle); return r; diff --git a/miniupnpd/netfilter_nft/nftpinhole.c b/miniupnpd/netfilter_nft/nftpinhole.c index 95cf5b5..1879de9 100644 --- a/miniupnpd/netfilter_nft/nftpinhole.c +++ b/miniupnpd/netfilter_nft/nftpinhole.c @@ -97,7 +97,7 @@ int add_pinhole(const char * ifname, snprintf(comment, NFT_DESCR_SIZE, PINEHOLE_LABEL_FORMAT, uid, timestamp, desc); - r = rule_set_filter6(NFPROTO_INET, ifname, proto, + r = rule_set_filter6(NFPROTO_IPV6, ifname, proto, rhost_addr_p, &ihost_addr, 0, int_port, rem_port, comment, 0); @@ -304,7 +304,7 @@ update_pinhole(unsigned short uid, unsigned int timestamp) d_printf(("update add_pinhole(%s, %s, %s, %d, %d, %d, %s)\n", ifname, raddr, inet_ntop(AF_INET6, &ihost_addr, iaddr, INET6_ADDRSTRLEN), rport, iport, proto, comment)); - r = rule_set_filter6(NFPROTO_INET, ifname, proto, + r = rule_set_filter6(NFPROTO_IPV6, ifname, proto, rhost_addr_p, &ihost_addr, 0, iport, rport, comment, 0);