Add nat table support for iptables.

Add nat table support for Prerouting hook with Redirect option. Add tests to check redirect of ports.
author: Nayana Bidari <nybidari@google.com> 2020-02-18 11:30:42 -0800
committer: Nayana Bidari <nybidari@google.com> 2020-02-18 11:30:42 -0800
commit: b30b7f3422202232ad1c385a7ac0d775151fee2f (patch)
tree: 3b8de1ccfc8e6abbe7ccb5e35b3fc5832acad0ca /pkg/tcpip/iptables/iptables.go
parent: fae3de21af7f50266565643c6283912b087b0f5a (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/pkg/tcpip/iptables/iptables.go b/pkg/tcpip/iptables/iptables.go
index 75a433a3b..c00d012c0 100644
--- a/pkg/tcpip/iptables/iptables.go
+++ b/pkg/tcpip/iptables/iptables.go
@@ -135,6 +135,27 @@ func EmptyFilterTable() Table {
 	}
 }
 
+// EmptyNatTable returns a Table with no rules and the filter table chains
+// mapped to HookUnset.
+func EmptyNatTable() Table {
+	return Table{
+		Rules: []Rule{},
+		BuiltinChains: map[Hook]int{
+			Prerouting:  HookUnset,
+			Input:       HookUnset,
+			Output:      HookUnset,
+			Postrouting: HookUnset,
+		},
+		Underflows: map[Hook]int{
+			Prerouting:  HookUnset,
+			Input:       HookUnset,
+			Output:      HookUnset,
+			Postrouting: HookUnset,
+		},
+		UserChains: map[string]int{},
+	}
+}
+
 // Check runs pkt through the rules for hook. It returns true when the packet
 // should continue traversing the network stack and false when it should be
 // dropped.
author	Nayana Bidari <nybidari@google.com>	2020-02-18 11:30:42 -0800
committer	Nayana Bidari <nybidari@google.com>	2020-02-18 11:30:42 -0800
commit	b30b7f3422202232ad1c385a7ac0d775151fee2f (patch)
tree	3b8de1ccfc8e6abbe7ccb5e35b3fc5832acad0ca /pkg/tcpip/iptables/iptables.go
parent	fae3de21af7f50266565643c6283912b087b0f5a (diff)