summaryrefslogtreecommitdiff
path: root/data/templates/firewall/nftables.j2
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-09-01 19:35:15 +0200
committerGitHub <noreply@github.com>2022-09-01 19:35:15 +0200
commit735767f09f891c438e43565f935b927e6f1b317d (patch)
tree81daee7b244db6fea41f76bd70a45e02fce0334b /data/templates/firewall/nftables.j2
parent5c20eac6cd62f9145bc27041db9145b8ba231fa0 (diff)
parent3489089000a43a533fcd89282b0ced2434851c03 (diff)
downloadvyos-1x-735767f09f891c438e43565f935b927e6f1b317d.tar.gz
vyos-1x-735767f09f891c438e43565f935b927e6f1b317d.zip
Merge pull request #1466 from sever-sever/T538
nat: T538: Add static NAT one-to-one
Diffstat (limited to 'data/templates/firewall/nftables.j2')
-rw-r--r--data/templates/firewall/nftables.j220
1 files changed, 20 insertions, 0 deletions
diff --git a/data/templates/firewall/nftables.j2 b/data/templates/firewall/nftables.j2
index b91fed615..5971e1bbc 100644
--- a/data/templates/firewall/nftables.j2
+++ b/data/templates/firewall/nftables.j2
@@ -181,6 +181,26 @@ table ip nat {
}
}
+table ip vyos_static_nat {
+ chain PREROUTING {
+ type nat hook prerouting priority -100; policy accept;
+ counter jump VYOS_PRE_DNAT_HOOK
+ }
+
+ chain POSTROUTING {
+ type nat hook postrouting priority 100; policy accept;
+ counter jump VYOS_PRE_SNAT_HOOK
+ }
+
+ chain VYOS_PRE_DNAT_HOOK {
+ return
+ }
+
+ chain VYOS_PRE_SNAT_HOOK {
+ return
+ }
+}
+
table ip6 nat {
chain PREROUTING {
type nat hook prerouting priority -100; policy accept;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-16 16:15:36 +0000