Revert "nat: T2571: fix negated port definitions"

This reverts commit 927c054d9236c2c34ca43c1cbfff10fcfd7f5077.
author: Christian Poessinger <christian@poessinger.com> 2020-06-12 00:22:58 +0200
committer: Christian Poessinger <christian@poessinger.com> 2020-06-12 00:22:58 +0200
commit: d41903ff8082164719296cbef46d07d036241c2c (patch)
tree: adab2d98990801d7c7864a214ad398a6b78ae631 /data/templates/firewall
parent: f79646e08b2158e4b792c2e98997a72a73a75f10 (diff)
download: vyos-1x-d41903ff8082164719296cbef46d07d036241c2c.tar.gz
vyos-1x-d41903ff8082164719296cbef46d07d036241c2c.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/data/templates/firewall/nftables-nat.tmpl b/data/templates/firewall/nftables-nat.tmpl
index 0a3dfa369..abb32ddc6 100644
--- a/data/templates/firewall/nftables-nat.tmpl
+++ b/data/templates/firewall/nftables-nat.tmpl
@@ -29,9 +29,9 @@ add rule ip raw NAT_CONNTRACK counter accept
 
 {% macro nat_rule(rule, chain) %}
 {%   set src_addr  = "ip saddr " + rule.source_address if rule.source_address %}
-{%   set src_port  = "sport " + rule.source_port if rule.source_port %}
+{%   set src_port  = "sport { " + rule.source_port +" }" if rule.source_port %}
 {%   set dst_addr  = "ip daddr " + rule.dest_address if rule.dest_address %}
-{%   set dst_port  = "dport " + rule.dest_port if rule.dest_port %}
+{%   set dst_port  = "dport { " + rule.dest_port +" }" if rule.dest_port %}
 {%   set comment   = "DST-NAT-" + rule.number %}
 
 {%   if chain == "PREROUTING" %}
author	Christian Poessinger <christian@poessinger.com>	2020-06-12 00:22:58 +0200
committer	Christian Poessinger <christian@poessinger.com>	2020-06-12 00:22:58 +0200
commit	d41903ff8082164719296cbef46d07d036241c2c (patch)
tree	adab2d98990801d7c7864a214ad398a6b78ae631 /data/templates/firewall
parent	f79646e08b2158e4b792c2e98997a72a73a75f10 (diff)
download	vyos-1x-d41903ff8082164719296cbef46d07d036241c2c.tar.gz vyos-1x-d41903ff8082164719296cbef46d07d036241c2c.zip