summaryrefslogtreecommitdiff
path: root/data/templates/firewall
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/firewall')
-rw-r--r--data/templates/firewall/nftables-nat66.tmpl20
1 files changed, 13 insertions, 7 deletions
diff --git a/data/templates/firewall/nftables-nat66.tmpl b/data/templates/firewall/nftables-nat66.tmpl
index 9f5d49ba7..cdaeaad6a 100644
--- a/data/templates/firewall/nftables-nat66.tmpl
+++ b/data/templates/firewall/nftables-nat66.tmpl
@@ -13,14 +13,20 @@
{% endif %}
{% set trns_address = dnat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %}
{% elif chain == "POSTROUTING" %}
-{% if config.translation.address | is_ip_network %}
-{# support 1:1 network translation #}
-{% set snat_type = "snat prefix to " %}
-{% else %}
-{% set snat_type = "snat to " %}
-{% endif %}
+{% if config.translation is defined and config.translation.address is defined and config.translation.address is not none %}
+{% if config.translation.address == 'masquerade' %}
+{% set trns_address = config.translation.address %}
+{% else %}
+{% if config.translation.address | is_ip_network %}
+{# support 1:1 network translation #}
+{% set snat_type = "snat prefix to " %}
+{% else %}
+{% set snat_type = "snat to " %}
+{% endif %}
+{% set trns_address = snat_type + config.translation.address %}
+{% endif %}
+{% endif %}
{% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined else '' %}
-{% set trns_address = snat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %}
{% endif %}
{% set comment = "NPT-NAT-" + rule %}
{% if rule.log %}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 08:50:52 +0000