- if (redir->target == FW3_FLAG_UNSPEC)
- {
- warn_elem(e, "has no target specified, defaulting to DNAT");
- redir->target = FW3_FLAG_DNAT;
- }
- else if (redir->target < FW3_FLAG_DNAT)
- {
- warn_elem(e, "has invalid target specified, defaulting to DNAT");
- redir->target = FW3_FLAG_DNAT;
- }
-
- if (redir->target == FW3_FLAG_DNAT)
- {
- if (redir->src.any)
- warn_elem(e, "must not have source '*' for DNAT target");
- else if (!redir->_src)
- warn_elem(e, "has no source specified");
- else
- {
- set(redir->_src->flags, FW3_FAMILY_V4, redir->target);
- redir->_src->conntrack = true;
- valid = true;
- }
-
- if (!check_local(e, redir, state) && !redir->dest.set &&
- resolve_dest(e, redir, state))
- {
- warn_elem(e, "does not specify a destination, assuming '%s'",
- redir->dest.name);
- }
-
- if (redir->reflection && redir->_dest && redir->_src->masq)
- {
- set(redir->_dest->flags, FW3_FAMILY_V4, FW3_FLAG_ACCEPT);
- set(redir->_dest->flags, FW3_FAMILY_V4, FW3_FLAG_DNAT);
- set(redir->_dest->flags, FW3_FAMILY_V4, FW3_FLAG_SNAT);
- }
- }
- else
- {
- if (redir->dest.any)
- warn_elem(e, "must not have destination '*' for SNAT target");
- else if (!redir->_dest)
- warn_elem(e, "has no destination specified");
- else if (!redir->ip_dest.set)
- warn_elem(e, "has no src_dip option specified");
- else if (!list_empty(&redir->mac_src))
- warn_elem(e, "must not use 'src_mac' option for SNAT target");
- else
- {
- set(redir->_dest->flags, FW3_FAMILY_V4, redir->target);
- redir->_dest->conntrack = true;
- valid = true;
- }
- }
-
- if (list_empty(&redir->proto))
- {
- warn_elem(e, "does not specify a protocol, assuming TCP+UDP");
- fw3_parse_protocol(&redir->proto, "tcpudp", true);
- }
-
- if (!valid)
- {