summaryrefslogtreecommitdiff
path: root/data/templates/firewall
diff options
context:
space:
mode:
authorjack9603301 <jack9603301@163.com>2021-01-20 16:38:36 +0800
committerjack9603301 <jack9603301@163.com>2021-01-23 21:45:31 +0800
commit35e89dcc0311514c0388b7ccab51b379113bf104 (patch)
tree9a882ef3e3301cd46b69e009fd5654eef843a661 /data/templates/firewall
parentaf6a647bfecbc601b5c5dd7077f496b933228fce (diff)
downloadvyos-1x-35e89dcc0311514c0388b7ccab51b379113bf104.tar.gz
vyos-1x-35e89dcc0311514c0388b7ccab51b379113bf104.zip
nptv6: T2518: Support many to many DNPT(DNAT66)
Diffstat (limited to 'data/templates/firewall')
-rw-r--r--data/templates/firewall/nftables-nat66.tmpl8
1 files changed, 7 insertions, 1 deletions
diff --git a/data/templates/firewall/nftables-nat66.tmpl b/data/templates/firewall/nftables-nat66.tmpl
index af533812e..1a739cbe2 100644
--- a/data/templates/firewall/nftables-nat66.tmpl
+++ b/data/templates/firewall/nftables-nat66.tmpl
@@ -7,7 +7,13 @@
{% if chain == "PREROUTING" %}
{% set interface = " iifname \"" + config.inbound_interface + "\"" if config.inbound_interface is defined and config.inbound_interface != 'any' else '' %}
-{% set trns_address = "dnat to " + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %}
+{% if config.translation.address | is_ip_network %}
+{# support 1:1 network translation #}
+{% set dnat_type = "dnat prefix to " %}
+{% else %}
+{% set dnat_type = "dnat to " %}
+{% endif %}
+{% set trns_address = dnat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %}
{% elif chain == "POSTROUTING" %}
{% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined and config.outbound_interface != 'any' else '' %}
{% set trns_prefix = "snat prefix to " + config.translation.prefix if config.translation is defined and config.translation.prefix is defined and config.translation.prefix is not none %}