diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-05-01 15:40:18 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2020-05-16 15:30:26 +0200 |
commit | 7caf1568bbb6be59e5f13693c31f23ade9349daa (patch) | |
tree | 86dcb17e927251a802a82e517d4f182db8cfc114 /data | |
parent | 40e8938667b06615e0a1a26271a30e00f8cff2c6 (diff) | |
download | vyos-1x-7caf1568bbb6be59e5f13693c31f23ade9349daa.tar.gz vyos-1x-7caf1568bbb6be59e5f13693c31f23ade9349daa.zip |
nat: T2198: destination nat template for iptables-restore
Diffstat (limited to 'data')
-rw-r--r-- | data/templates/nat/nat-destination.tmpl | 13 | ||||
-rw-r--r-- | data/templates/nat/nat-source.tmpl | 4 |
2 files changed, 17 insertions, 0 deletions
diff --git a/data/templates/nat/nat-destination.tmpl b/data/templates/nat/nat-destination.tmpl new file mode 100644 index 000000000..ccd585264 --- /dev/null +++ b/data/templates/nat/nat-destination.tmpl @@ -0,0 +1,13 @@ +### Autogenerated by nat.py ###
+
+*nat
+-A PREROUTING -j VYATTA_PRE_DNAT_HOOK
+{% for r in destination -%}
+{% if (',' in r.dest_port) or ('-' in r.dest_port) %}
+-A PREROUTING -i {{ r.interface_in }} -p {{ r.protocol }} -m multiport --dports {{ r.dest_port | replace('-', ':') }} -m comment --comment "DST-NAT-{{ r.number }} {{ r.protocol }}" -j DNAT --to-destination {{ r.translation_address }}{{ ":" + r.translation_port if r.translation_port }}
+{% else %}
+-A PREROUTING -i {{ r.interface_in }} -p {{ r.protocol }} -m tcp --dport {{ r.dest_port }} -m comment --comment "DST-NAT-{{ r.number }} {{ r.protocol }}" -j DNAT --to-destination {{ r.translation_address }}{{ ":" + r.translation_port if r.translation_port }}
+{% endif %}
+{% endfor %}
+-A VYATTA_PRE_DNAT_HOOK -j RETURN
+COMMIT
diff --git a/data/templates/nat/nat-source.tmpl b/data/templates/nat/nat-source.tmpl new file mode 100644 index 000000000..41179ae9c --- /dev/null +++ b/data/templates/nat/nat-source.tmpl @@ -0,0 +1,4 @@ +### Autogenerated by nat.py ###
+{% for r in source -%}
+# {{ r.description }}
+{% endfor %}
|