add support for masquerading

3 files changed, 8 insertions, 0 deletions

diff --git a/src/expr/immediate.rs b/src/expr/immediate.rs
index 2fd9bd5..47c9478 100644
--- a/src/expr/immediate.rs
+++ b/src/expr/immediate.rs
@@ -32,6 +32,7 @@ impl Immediate {
             VerdictKind::Jump { .. } => VerdictType::Jump,
             VerdictKind::Goto { .. } => VerdictType::Goto,
             VerdictKind::Return => VerdictType::Return,
+            VerdictKind::Masquerade => VerdictType::Goto,
         };
         let mut data = Verdict::default().with_code(code);
         if let VerdictKind::Jump { chain } | VerdictKind::Goto { chain } = kind {
diff --git a/src/expr/verdict.rs b/src/expr/verdict.rs
index c42ad32..609c21d 100644
--- a/src/expr/verdict.rs
+++ b/src/expr/verdict.rs
@@ -47,4 +47,5 @@ pub enum VerdictKind {
         chain: String,
     },
     Return,
+    Masquerade,
 }
diff --git a/src/rule_methods.rs b/src/rule_methods.rs
index 4ee3a16..161c2a4 100644
--- a/src/rule_methods.rs
+++ b/src/rule_methods.rs
@@ -218,6 +218,12 @@ impl Rule {
         self.add_expr(Immediate::new_verdict(VerdictKind::Drop));
         self
     }
+    /// Adds the `Masquerade` verdict to the rule. The packet will have its
+    /// source address rewritten.
+    pub fn masquerade(mut self) -> Self {
+        self.add_expr(Immediate::new_verdict(VerdictKind::Masquerade));
+        self
+    }
 }
 
 /// Looks up the interface index for a given interface name.