diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-03-09 08:59:02 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-09 08:59:02 +0100 |
commit | 370d2d817f87418be15952af15e686badef4f687 (patch) | |
tree | 45ba1048455c81ed1540bc7e7f28673652a5332b /data/templates | |
parent | ab6ef466c128ba48f85b13ba8d4be1476e844726 (diff) | |
parent | 988be4157422975bec75122e875b722f7c933966 (diff) | |
download | vyos-1x-370d2d817f87418be15952af15e686badef4f687.tar.gz vyos-1x-370d2d817f87418be15952af15e686badef4f687.zip |
Merge pull request #762 from jack9603301/T2518
nptv6: T2518: Support IPv6 address translation
Diffstat (limited to 'data/templates')
-rw-r--r-- | data/templates/firewall/nftables-nat66.tmpl | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/data/templates/firewall/nftables-nat66.tmpl b/data/templates/firewall/nftables-nat66.tmpl index b1a8f7a16..cdaeaad6a 100644 --- a/data/templates/firewall/nftables-nat66.tmpl +++ b/data/templates/firewall/nftables-nat66.tmpl @@ -13,8 +13,20 @@ {% endif %} {% set trns_address = dnat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} {% elif chain == "POSTROUTING" %} +{% if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} +{% if config.translation.address == 'masquerade' %} +{% set trns_address = config.translation.address %} +{% else %} +{% if config.translation.address | is_ip_network %} +{# support 1:1 network translation #} +{% set snat_type = "snat prefix to " %} +{% else %} +{% set snat_type = "snat to " %} +{% endif %} +{% set trns_address = snat_type + config.translation.address %} +{% endif %} +{% endif %} {% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined else '' %} -{% set trns_prefix = "snat prefix to " + config.translation.prefix if config.translation is defined and config.translation.prefix is defined and config.translation.prefix is not none %} {% endif %} {% set comment = "NPT-NAT-" + rule %} {% if rule.log %} @@ -35,9 +47,6 @@ {% if dest_address %} {% set output = output + " " + dest_address %} {% endif %} -{% if trns_prefix %} -{% set output = output + " " + trns_prefix %} -{% endif %} {% if trns_address %} {% set output = output + " " + trns_address %} {% endif %} |