ip6tables: redirect support

Adds support for the IPv6-compatible redirect target. Redirection is a limited form of DNAT, where the destination is always the localhost. Updates #3549. PiperOrigin-RevId: 334698344
author: Kevin Krakauer <krakauer@google.com> 2020-09-30 16:02:46 -0700
committer: gVisor bot <gvisor-bot@google.com> 2020-09-30 16:04:26 -0700
commit: 6f8d64f4229be58814319003a397b971ca9b4e1b (patch)
tree: 5ce3e40ad5e76617e288bbd89fa385b8fddcfdd1 /pkg/tcpip/stack/iptables.go
parent: 7f9e13053e84b82c67c12a4964fa4703ebaa571f (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/pkg/tcpip/stack/iptables.go b/pkg/tcpip/stack/iptables.go
index faa503b00..8d6d9a7f1 100644
--- a/pkg/tcpip/stack/iptables.go
+++ b/pkg/tcpip/stack/iptables.go
@@ -502,11 +502,11 @@ func (it *IPTables) checkRule(hook Hook, pkt *PacketBuffer, table Table, ruleIdx
 
 // OriginalDst returns the original destination of redirected connections. It
 // returns an error if the connection doesn't exist or isn't redirected.
-func (it *IPTables) OriginalDst(epID TransportEndpointID) (tcpip.Address, uint16, *tcpip.Error) {
+func (it *IPTables) OriginalDst(epID TransportEndpointID, netProto tcpip.NetworkProtocolNumber) (tcpip.Address, uint16, *tcpip.Error) {
 	it.mu.RLock()
 	defer it.mu.RUnlock()
 	if !it.modified {
 		return "", 0, tcpip.ErrNotConnected
 	}
-	return it.connections.originalDst(epID)
+	return it.connections.originalDst(epID, netProto)
 }
author	Kevin Krakauer <krakauer@google.com>	2020-09-30 16:02:46 -0700
committer	gVisor bot <gvisor-bot@google.com>	2020-09-30 16:04:26 -0700
commit	6f8d64f4229be58814319003a397b971ca9b4e1b (patch)
tree	5ce3e40ad5e76617e288bbd89fa385b8fddcfdd1 /pkg/tcpip/stack/iptables.go
parent	7f9e13053e84b82c67c12a4964fa4703ebaa571f (diff)