T166: Changed NPTv6 to use NETMAP

author: Merijn Evertse <merijn@trans-ix.nl> 2019-01-29 14:21:29 +0100
committer: Merijn Evertse <merijn@trans-ix.nl> 2019-01-29 14:21:29 +0100
commit: bbaca18568d905f7151c5f30e274f9dbdb096ee8 (patch)
tree: ec4191bd44a639505df122deae7785fd2ce4c601
parent: 5248dbcc34eb6b041af928a0451ea866fc77488d (diff)
download: vyatta-cfg-firewall-bbaca18568d905f7151c5f30e274f9dbdb096ee8.tar.gz
vyatta-cfg-firewall-bbaca18568d905f7151c5f30e274f9dbdb096ee8.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in
index 30614bf..5d3d22f 100644
--- a/scripts/firewall/firewall.init.in
+++ b/scripts/firewall/firewall.init.in
@@ -150,6 +150,12 @@ start () {
         ip6tables -t mangle -N VYOS_SNPT_HOOK
         ip6tables -t mangle -A VYOS_SNPT_HOOK -j RETURN
         ip6tables -t mangle -A POSTROUTING -j VYOS_SNPT_HOOK
+        ip6tables -t nat -N VYOS_DNPT_HOOK
+        ip6tables -t nat -A VYOS_DNPT_HOOK -j RETURN
+        ip6tables -t nat -A PREROUTING -j VYOS_DNPT_HOOK
+        ip6tables -t nat -N VYOS_SNPT_HOOK
+        ip6tables -t nat -A VYOS_SNPT_HOOK -j RETURN
+        ip6tables -t nat -A POSTROUTING -j VYOS_SNPT_HOOK
         # NOTRACK hook : not needed, since every v6 connection is NOTRACK'ed for now (see a few lines up)
         # ip6tables -t raw -N VYOS_NPT_HOOK
         # ip6tables -t raw -A PREROUTING -j VYOS_NPT_HOOK
author	Merijn Evertse <merijn@trans-ix.nl>	2019-01-29 14:21:29 +0100
committer	Merijn Evertse <merijn@trans-ix.nl>	2019-01-29 14:21:29 +0100
commit	bbaca18568d905f7151c5f30e274f9dbdb096ee8 (patch)
tree	ec4191bd44a639505df122deae7785fd2ce4c601
parent	5248dbcc34eb6b041af928a0451ea866fc77488d (diff)
download	vyatta-cfg-firewall-bbaca18568d905f7151c5f30e274f9dbdb096ee8.tar.gz vyatta-cfg-firewall-bbaca18568d905f7151c5f30e274f9dbdb096ee8.zip