summaryrefslogtreecommitdiff
path: root/data/templates/firewall/nftables-nat.tmpl
diff options
context:
space:
mode:
authorEsa Varemo <esa@kuivanto.fi>2021-02-12 23:42:47 +0200
committerEsa Varemo <esa@kuivanto.fi>2021-02-12 23:42:47 +0200
commit4a0504a96cf0f3078e964ed201f196fb55172e00 (patch)
treed64c28667f5597011b00b3555bfe97823789489c /data/templates/firewall/nftables-nat.tmpl
parent8a39f15242ef0596a7d93001f7d413702f1ad7f5 (diff)
downloadvyos-1x-4a0504a96cf0f3078e964ed201f196fb55172e00.tar.gz
vyos-1x-4a0504a96cf0f3078e964ed201f196fb55172e00.zip
nat: T3307: fix destination nat generation
Fix destination NAT template trying to map source->translation instead of destination->translation. Fixes https://phabricator.vyos.net/T3307
Diffstat (limited to 'data/templates/firewall/nftables-nat.tmpl')
-rw-r--r--data/templates/firewall/nftables-nat.tmpl6
1 files changed, 3 insertions, 3 deletions
diff --git a/data/templates/firewall/nftables-nat.tmpl b/data/templates/firewall/nftables-nat.tmpl
index 499733225..b80fc1968 100644
--- a/data/templates/firewall/nftables-nat.tmpl
+++ b/data/templates/firewall/nftables-nat.tmpl
@@ -24,9 +24,9 @@
{% if config.translation is defined and config.translation.address is defined and config.translation.address is not none %}
{# support 1:1 network translation #}
{% if config.translation.address | is_ip_network %}
-{% set trns_addr = 'dnat ip prefix to ip daddr map { ' + config.source.address + ' : ' + config.translation.address + ' }' %}
-{# we can now clear out the src_addr part as it's already covered in aboves map #}
-{% set src_addr = '' %}
+{% set trns_addr = 'dnat ip prefix to ip daddr map { ' + config.destination.address + ' : ' + config.translation.address + ' }' %}
+{# we can now clear out the dst_addr part as it's already covered in aboves map #}
+{% set dst_addr = '' %}
{% else %}
{% set trns_addr = 'dnat to ' + config.translation.address %}
{% endif %}