From 4374a27342e58fea1ac5928805e688d6d127fd04 Mon Sep 17 00:00:00 2001
From: Abhishek Safui <abhishek.safui@cdot.in>
Date: Wed, 2 Jul 2025 23:18:17 +0530
Subject: wan-load-balancing: T7584: Default SNAT behaviour fixed to effect
 load balanced packets only

Matched the out iface name in wan load balancer default SNAT rule
so that SNAT is performed to load balanced packets only
---
 data/templates/load-balancing/nftables-wlb.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/templates/load-balancing/nftables-wlb.j2 b/data/templates/load-balancing/nftables-wlb.j2
index b3d7c3376..8afd0c162 100644
--- a/data/templates/load-balancing/nftables-wlb.j2
+++ b/data/templates/load-balancing/nftables-wlb.j2
@@ -9,7 +9,7 @@ table ip vyos_wanloadbalance {
 {% for ifname, health_conf in interface_health.items() if health_state[ifname].if_addr %}
 {%     if disable_source_nat is not vyos_defined %}
 {%         set state = health_state[ifname] %}
-        ct mark {{ state.mark }} counter snat to {{ state.if_addr }}
+        ct mark {{ state.mark }} oifname {{ ifname }} counter snat to {{ state.if_addr }}
 {%     endif %}
 {% endfor %}
     }
-- 
cgit v1.2.3


From 5b0751423c3b2713d9a7f212e6c0c260ba53f0ce Mon Sep 17 00:00:00 2001
From: Abhishek Safui <abhishek.safui@cdot.in>
Date: Sat, 5 Jul 2025 13:46:32 +0530
Subject: wan-load-balancing: T7584: Default SNAT behaviour fixed to effect
 load balanced packets only

Updated smoketest to match the updated nftable rule
---
 smoketest/scripts/cli/test_load-balancing_wan.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/smoketest/scripts/cli/test_load-balancing_wan.py b/smoketest/scripts/cli/test_load-balancing_wan.py
index 32e5f6915..20e0003da 100755
--- a/smoketest/scripts/cli/test_load-balancing_wan.py
+++ b/smoketest/scripts/cli/test_load-balancing_wan.py
@@ -171,8 +171,8 @@ class TestLoadBalancingWan(VyOSUnitTestSHIM.TestCase):
         nat_wanloadbalance = """table ip vyos_wanloadbalance {
 	chain wlb_nat_postrouting {
 		type nat hook postrouting priority srcnat - 1; policy accept;
-		ct mark 0x000000c9 counter snat to 203.0.113.10
-		ct mark 0x000000ca counter snat to 192.0.2.10
+		ct mark 0x000000c9 oifname "veth1" counter snat to 203.0.113.10
+		ct mark 0x000000ca oifname "veth2" counter snat to 192.0.2.10
 	}
 }"""
 
-- 
cgit v1.2.3