diff options
| author | jack9603301 <jack9603301@163.com> | 2021-03-09 14:08:38 +0800 |
|---|---|---|
| committer | jack9603301 <jack9603301@163.com> | 2021-03-09 14:12:48 +0800 |
| commit | 988be4157422975bec75122e875b722f7c933966 (patch) | |
| tree | c59c76f488d4c59ce24df24246e536bc7f674926 /data/templates/firewall | |
| parent | 4c8d882e9125fb45977f74a217e9d716138d6291 (diff) | |
| download | vyos-1x-988be4157422975bec75122e875b722f7c933966.tar.gz vyos-1x-988be4157422975bec75122e875b722f7c933966.zip | |
nptv6: T2518: Support masquerade and cancel new migrators
Diffstat (limited to 'data/templates/firewall')
| -rw-r--r-- | data/templates/firewall/nftables-nat66.tmpl | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/data/templates/firewall/nftables-nat66.tmpl b/data/templates/firewall/nftables-nat66.tmpl index 9f5d49ba7..cdaeaad6a 100644 --- a/data/templates/firewall/nftables-nat66.tmpl +++ b/data/templates/firewall/nftables-nat66.tmpl @@ -13,14 +13,20 @@ {% endif %} {% set trns_address = dnat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} {% elif chain == "POSTROUTING" %} -{% if config.translation.address | is_ip_network %} -{# support 1:1 network translation #} -{% set snat_type = "snat prefix to " %} -{% else %} -{% set snat_type = "snat to " %} -{% endif %} +{% if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} +{% if config.translation.address == 'masquerade' %} +{% set trns_address = config.translation.address %} +{% else %} +{% if config.translation.address | is_ip_network %} +{# support 1:1 network translation #} +{% set snat_type = "snat prefix to " %} +{% else %} +{% set snat_type = "snat to " %} +{% endif %} +{% set trns_address = snat_type + config.translation.address %} +{% endif %} +{% endif %} {% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined else '' %} -{% set trns_address = snat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} {% endif %} {% set comment = "NPT-NAT-" + rule %} {% if rule.log %} |