diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-06-11 16:54:00 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2020-06-11 16:54:00 +0200 |
commit | 927c054d9236c2c34ca43c1cbfff10fcfd7f5077 (patch) | |
tree | c80416b77d79ca26d9af2f904fc0e24bcf292da2 | |
parent | 4d40d5f85c156507bdca4e605eeef6570f34bede (diff) | |
download | vyos-1x-927c054d9236c2c34ca43c1cbfff10fcfd7f5077.tar.gz vyos-1x-927c054d9236c2c34ca43c1cbfff10fcfd7f5077.zip |
nat: T2571: fix negated port definitions
-rw-r--r-- | data/templates/firewall/nftables-nat.tmpl | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/data/templates/firewall/nftables-nat.tmpl b/data/templates/firewall/nftables-nat.tmpl index abb32ddc6..0a3dfa369 100644 --- a/data/templates/firewall/nftables-nat.tmpl +++ b/data/templates/firewall/nftables-nat.tmpl @@ -29,9 +29,9 @@ add rule ip raw NAT_CONNTRACK counter accept {% macro nat_rule(rule, chain) %} {% set src_addr = "ip saddr " + rule.source_address if rule.source_address %} -{% set src_port = "sport { " + rule.source_port +" }" if rule.source_port %} +{% set src_port = "sport " + rule.source_port if rule.source_port %} {% set dst_addr = "ip daddr " + rule.dest_address if rule.dest_address %} -{% set dst_port = "dport { " + rule.dest_port +" }" if rule.dest_port %} +{% set dst_port = "dport " + rule.dest_port if rule.dest_port %} {% set comment = "DST-NAT-" + rule.number %} {% if chain == "PREROUTING" %} |