From 5f75ecc0e207ee5c04b956e12b65c5846bb7b9be Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sun, 14 Jun 2020 11:46:15 +0200
Subject: nat: T2593: fix for SNAT translation port when using masquerade

The "to" qualifier did not get rendered when using source ports in masquerade
targets. This case was totally missed out when porting.
---
 data/templates/firewall/nftables-nat.tmpl | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/data/templates/firewall/nftables-nat.tmpl b/data/templates/firewall/nftables-nat.tmpl
index 35b2c1232..8108d5e0f 100644
--- a/data/templates/firewall/nftables-nat.tmpl
+++ b/data/templates/firewall/nftables-nat.tmpl
@@ -52,9 +52,13 @@ add rule ip raw NAT_CONNTRACK counter accept
 {%     set trns_addr = "dnat to " + rule.translation_address %}
 {%   elif chain == "POSTROUTING" %}
 {%     set interface = " oifname \"" + rule.interface_out + "\"" %}
-{%     set trns_addr = rule.translation_address %}
-{%     if rule.translation_address != 'masquerade' %}
-{%       set trns_addr = "snat to " + trns_addr %}
+{%     if rule.translation_address == 'masquerade' %}
+{%       set trns_addr = rule.translation_address %}
+{%       if rule.translation_port %}
+{%         set trns_addr = trns_addr + " to " %}
+{%       endif %}
+{%     else %}
+{%       set trns_addr = "snat to " + rule.translation_address %}
 {%     endif %}
 {%   endif %}
 {%   set trns_port = ":" + rule.translation_port if rule.translation_port %}
-- 
cgit v1.2.3