summaryrefslogtreecommitdiff
path: root/data/templates
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2024-09-30 15:48:56 +0100
committerGitHub <noreply@github.com>2024-09-30 15:48:56 +0100
commiteb55965347e53ac1dc336fe836b370a1f3e10a85 (patch)
treea076141622ec1e41133ef998076b21ce1b2abaac /data/templates
parent0195aa1b0e99b6e886168c89fd2d018181918125 (diff)
parent4c3d037f036e84c77333a400b35bb1a628a1a118 (diff)
downloadvyos-1x-eb55965347e53ac1dc336fe836b370a1f3e10a85.tar.gz
vyos-1x-eb55965347e53ac1dc336fe836b370a1f3e10a85.zip
Merge pull request #4024 from nicolas-fort/T6687
T6687: add fqdn support to nat rules.
Diffstat (limited to 'data/templates')
-rw-r--r--data/templates/firewall/nftables-nat.j213
1 files changed, 13 insertions, 0 deletions
diff --git a/data/templates/firewall/nftables-nat.j2 b/data/templates/firewall/nftables-nat.j2
index 4254f6a0e..8c8dd3a8b 100644
--- a/data/templates/firewall/nftables-nat.j2
+++ b/data/templates/firewall/nftables-nat.j2
@@ -19,6 +19,12 @@ table ip vyos_nat {
{% endfor %}
{% endif %}
}
+{% for set_name in ip_fqdn %}
+ set FQDN_nat_{{ set_name }} {
+ type ipv4_addr
+ flags interval
+ }
+{% endfor %}
#
# Source NAT rules build up here
@@ -31,7 +37,14 @@ table ip vyos_nat {
{{ config | nat_rule(rule, 'source') }}
{% endfor %}
{% endif %}
+
+ }
+{% for set_name in ip_fqdn %}
+ set FQDN_nat_{{ set_name }} {
+ type ipv4_addr
+ flags interval
}
+{% endfor %}
chain VYOS_PRE_DNAT_HOOK {
return