From 7caf1568bbb6be59e5f13693c31f23ade9349daa Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 1 May 2020 15:40:18 +0200 Subject: nat: T2198: destination nat template for iptables-restore --- data/templates/nat/nat-destination.tmpl | 13 +++++++++++++ data/templates/nat/nat-source.tmpl | 4 ++++ 2 files changed, 17 insertions(+) create mode 100644 data/templates/nat/nat-destination.tmpl create mode 100644 data/templates/nat/nat-source.tmpl (limited to 'data') diff --git a/data/templates/nat/nat-destination.tmpl b/data/templates/nat/nat-destination.tmpl new file mode 100644 index 000000000..ccd585264 --- /dev/null +++ b/data/templates/nat/nat-destination.tmpl @@ -0,0 +1,13 @@ +### Autogenerated by nat.py ### + +*nat +-A PREROUTING -j VYATTA_PRE_DNAT_HOOK +{% for r in destination -%} +{% if (',' in r.dest_port) or ('-' in r.dest_port) %} +-A PREROUTING -i {{ r.interface_in }} -p {{ r.protocol }} -m multiport --dports {{ r.dest_port | replace('-', ':') }} -m comment --comment "DST-NAT-{{ r.number }} {{ r.protocol }}" -j DNAT --to-destination {{ r.translation_address }}{{ ":" + r.translation_port if r.translation_port }} +{% else %} +-A PREROUTING -i {{ r.interface_in }} -p {{ r.protocol }} -m tcp --dport {{ r.dest_port }} -m comment --comment "DST-NAT-{{ r.number }} {{ r.protocol }}" -j DNAT --to-destination {{ r.translation_address }}{{ ":" + r.translation_port if r.translation_port }} +{% endif %} +{% endfor %} +-A VYATTA_PRE_DNAT_HOOK -j RETURN +COMMIT diff --git a/data/templates/nat/nat-source.tmpl b/data/templates/nat/nat-source.tmpl new file mode 100644 index 000000000..41179ae9c --- /dev/null +++ b/data/templates/nat/nat-source.tmpl @@ -0,0 +1,4 @@ +### Autogenerated by nat.py ### +{% for r in source -%} +# {{ r.description }} +{% endfor %} -- cgit v1.2.3