netfilter buglog - May 2019 - [Bug 1339] New: NETMAP feature, using a displaced mask fail.

https://bugzilla.netfilter.org/show_bug.cgi?id=1339

            Bug ID: 1339
           Summary: NETMAP feature, using a displaced mask fail.
           Product: netfilter/iptables
           Version: unspecified
          Hardware: All
                OS: Debian GNU/Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: unknown
          Assignee: netfilter-buglog at lists.netfilter.org
          Reporter: gperezbrun at gmail.com

Members:
    Repeating this issue (Bug 1337), because did not receive response.
    Trying to map displaced masks. In particular, this example fail.

Original destination Subnets.
FROM  10.10.0.232/29   00001010.00001010.00000000.11101 000
TO    10.10.255.232/29 00001010.00001010.11111111.11101 000
MASK  255.255.0.248    11111111.11111111.00000000.11111 000

Translated destination Subnets.
FROM 172.28.0.0/29     10101100.00011100.00000000.00000 000
TO   172.28.7.248/29   10101100.00011100.00000111.11111 000
MASK 255.255.248.0     11111111.11111111.11111000.00000 000

     Realice that NETMAP only support bit count for MASK, because runing this:
# iptables -t nat -A PREROUTING -d 172.28.0.0/29 -j NETMAP --to
10.10.0.232/255.255.0.248

    IPTABLES shows another destination MASK:
# iptables -t nat -L -nv
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 NETMAP     all  --  *      *       0.0.0.0/0           
172.28.0.0/29       10.10.0.232/32

    This was run on many linux distros with same result. Can be fix this
module? It's the correct behavior?
    Thanks a lot.
    Regards.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190521/0a1bbc08/attachment.html>