+print_reflection(struct fw3_ipt_handle *h, struct fw3_state *state,
+ struct fw3_redirect *redir, int num,
+ struct fw3_protocol *proto, struct fw3_address *ra,
+ struct fw3_address *ia, struct fw3_address *ea)
+{
+ struct fw3_ipt_rule *r;
+
+ switch (h->table)
+ {
+ case FW3_TABLE_NAT:
+ r = fw3_ipt_rule_create(h, proto, NULL, NULL, ia, ea);
+ fw3_ipt_rule_sport_dport(r, NULL, &redir->port_dest);
+ fw3_ipt_rule_limit(r, &redir->limit);
+ fw3_ipt_rule_time(r, &redir->time);
+ set_comment(r, redir->name, num, true);
+ set_snat_dnat(r, FW3_FLAG_DNAT, &redir->ip_redir, &redir->port_redir);
+ fw3_ipt_rule_replace(r, "zone_%s_prerouting", redir->dest.name);
+
+ r = fw3_ipt_rule_create(h, proto, NULL, NULL, ia, &redir->ip_redir);
+ fw3_ipt_rule_sport_dport(r, NULL, &redir->port_redir);
+ fw3_ipt_rule_limit(r, &redir->limit);
+ fw3_ipt_rule_time(r, &redir->time);
+ set_comment(r, redir->name, num, true);
+ set_snat_dnat(r, FW3_FLAG_SNAT, ra, NULL);
+ fw3_ipt_rule_replace(r, "zone_%s_postrouting", redir->dest.name);
+ break;
+
+ default:
+ break;
+ }
+}
+
+static void
+expand_redirect(struct fw3_ipt_handle *handle, struct fw3_state *state,
+ struct fw3_redirect *redir, int num)