diff options
| author | Daniil Baturin <daniil@baturin.org> | 2019-03-26 01:34:06 +0100 |
|---|---|---|
| committer | Daniil Baturin <daniil@baturin.org> | 2019-03-26 01:34:06 +0100 |
| commit | aecd3f92362ffa2c7e5a4b048cd0139f52784dcd (patch) | |
| tree | 91c298146cd33af690fcbddb5f1c2a1bbf2c02a9 | |
| parent | c3f6eb7bc159dcc8850b4b2c37f38e9e018c126a (diff) | |
| parent | 683d3cb328ce371748567e1e2354cd0c82a16966 (diff) | |
| download | vyatta-nat-aecd3f92362ffa2c7e5a4b048cd0139f52784dcd.tar.gz vyatta-nat-aecd3f92362ffa2c7e5a4b048cd0139f52784dcd.zip | |
Merge branch 'current' into crux
| -rw-r--r-- | lib/VyOS/Nptv6Rule.pm | 14 | ||||
| -rwxr-xr-x | scripts/vyos-update-nptv6.pl | 4 |
2 files changed, 8 insertions, 10 deletions
diff --git a/lib/VyOS/Nptv6Rule.pm b/lib/VyOS/Nptv6Rule.pm index d469020..d753e93 100644 --- a/lib/VyOS/Nptv6Rule.pm +++ b/lib/VyOS/Nptv6Rule.pm @@ -69,7 +69,7 @@ sub setup { # Make SNPT ip6tables string # POSTROUTING -# ip6tables -t mangle -I VYOS_NPT_HOOK -s inside-pfx -o outside-if -j SNPT --src-pfx inside-pfx --dst-pfx outside-pfx +# ip6tables -t nat -I VYOS_SNPT_HOOK -s inside-pfx -o outside-if -j NETMAP --to outside-pfx sub make_snpt_string { my ($self) = @_; my $snpt_str = ""; @@ -82,9 +82,8 @@ sub make_snpt_string { $snpt_str .= " -o "; $snpt_str .= $self->{_outside_if}; } - $snpt_str .= " -j SNPT --src-pfx "; - $snpt_str .= $self->{_inside_pfx}; - $snpt_str .= " --dst-pfx "; + $snpt_str .= " -j NETMAP "; + $snpt_str .= " --to "; $snpt_str .= $self->{_outside_pfx}; return $snpt_str; @@ -92,7 +91,7 @@ sub make_snpt_string { # Make DNPT ip6tables string # PREROUTING -# ip6tables -t mangle -I VYOS_NPT_HOOK -d outside-pfx -i outside-if -j DNPT --src-pfx outside-pfx --dst-pfx inside-pfx +# ip6tables -t nat -I VYOS_DNPT_HOOK -d outside-pfx -i outside-if -j NETMAP --to inside-pfx sub make_dnpt_string { my ($self) = @_; my $dnpt_str = ""; @@ -105,9 +104,8 @@ sub make_dnpt_string { $dnpt_str .= " -i "; $dnpt_str .= $self->{_outside_if}; } - $dnpt_str .= " -j DNPT --src-pfx "; - $dnpt_str .= $self->{_outside_pfx}; - $dnpt_str .= " --dst-pfx "; + $dnpt_str .= " -j NETMAP "; + $dnpt_str .= " --to "; $dnpt_str .= $self->{_inside_pfx}; return $dnpt_str; diff --git a/scripts/vyos-update-nptv6.pl b/scripts/vyos-update-nptv6.pl index 5079a66..ed1d9da 100755 --- a/scripts/vyos-update-nptv6.pl +++ b/scripts/vyos-update-nptv6.pl @@ -53,7 +53,7 @@ if ($debug) { # Send rule to iptables sub send_iptables { my @cmds = @_; - my $prepend = $IPTABLES . " -t mangle "; + my $prepend = $IPTABLES . " -t nat "; my $cmd; for $cmd (@cmds) { @@ -84,7 +84,7 @@ my @cmds; # Loop through all loops, sorted numerically for $rule (@rule_keys) { print OUT "$rule: $rules{$rule}\n"; - my $tmp = `ip6tables -L -nv --line -t mangle`; + my $tmp = `ip6tables -L -nv --line -t nat`; print OUT "iptables before:\n$tmp\n"; my $nrule = new VyOS::Nptv6Rule; |