extensions: libip[6]t_REDIRECT: use new nft syntax when do xlate

After commit "parser_bison: redirect to :port for consistency with
nat/masq statement" in nftables tree, we should recommend the end
user to use the new syntax.

Before this patch:
  # iptables-translate -t nat -A PREROUTING -p tcp -j REDIRECT --to-ports 1
  nft add rule ip nat PREROUTING ip protocol tcp counter redirect to 1

Apply this patch:
  # iptables-translate -t nat -A PREROUTING -p tcp -j REDIRECT --to-ports 1
  nft add rule ip nat PREROUTING ip protocol tcp counter redirect to :1

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

2 files changed, 2 insertions, 2 deletions

diff --git a/extensions/libip6t_REDIRECT.c b/extensions/libip6t_REDIRECT.c
index 32f85b96..8e04d2cd 100644
--- a/extensions/libip6t_REDIRECT.c
+++ b/extensions/libip6t_REDIRECT.c
@@ -138,7 +138,7 @@ static int REDIRECT_xlate(struct xt_xlate *xl,
 	const struct nf_nat_range *range = (const void *)params->target->data;
 
 	if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-		xt_xlate_add(xl, "redirect to %hu",
+		xt_xlate_add(xl, "redirect to :%hu",
 			   ntohs(range->min_proto.tcp.port));
 		if (range->max_proto.tcp.port != range->min_proto.tcp.port)
 			xt_xlate_add(xl, "-%hu ",
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 31ca88c3..7850306f 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -143,7 +143,7 @@ static int REDIRECT_xlate(struct xt_xlate *xl,
 	const struct nf_nat_ipv4_range *r = &mr->range[0];
 
 	if (r->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-		xt_xlate_add(xl, "redirect to %hu", ntohs(r->min.tcp.port));
+		xt_xlate_add(xl, "redirect to :%hu", ntohs(r->min.tcp.port));
 		if (r->max.tcp.port != r->min.tcp.port)
 			xt_xlate_add(xl, "-%hu ", ntohs(r->max.tcp.port));
 		if (mr->range[0].flags & NF_NAT_RANGE_PROTO_RANDOM)