Bug 13951

Summary: ip6tables nft build does not include MASQUERADE target options
Product: buildroot Reporter: mbuil
Component: OtherAssignee: unassigned
Status: RESOLVED DUPLICATE    
Severity: normal CC: buildroot
Priority: P5    
Version: 2021.02.3   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Host: Target:
Build:

Description mbuil 2021-07-08 15:29:44 UTC 
Since 1.6, iptables supports the MASQUERADE target options:

MASQUERADE target options:
 --to-ports <port>[-<port>]
				Port (range) to map to.
 --random
				Randomize source port.
 --random-fully
				Fully randomize source port.

When building iptables-nft, the MASQUERADE target options are included in the iptables-nft binary, however, they are not in the ip6tables-nft:

sudo ./output/target/usr/sbin/iptables-nft -A POSTROUTING -s 10.244.0.0/16 ! -d 224.0.0.0/4 -j MASQUERADE --help | grep random
 --random
 --random-fully
				Fully randomize source port.
sudo ./output/target/usr/sbin/ip6tables-nft -A POSTROUTING -s 10.244.0.0/16 ! -d 224.0.0.0/4 -j MASQUERADE --help | grep random
$>

Those targets come from the files libipt_MASQUERADE.c and libip6t_MASQUERADE.c in https://git.netfilter.org/iptables/tree/extensions but for some reason the ip6 one does not get included in the binary
Comment 1 Thomas Petazzoni 2021-11-02 20:13:20 UTC 

*** This bug has been marked as a duplicate of bug 13971 ***