#!/usr/sbin/nft -f

{% if first_install is not vyos_defined %}
delete table ip6 vyos_nat
{% endif %}
table ip6 vyos_nat {
    #
    # Destination NAT66 rules build up here
    #
    chain PREROUTING {
        type nat hook prerouting priority -100; policy accept;
        counter jump VYOS_DNPT_HOOK
{% if destination.rule is vyos_defined %}
{%     for rule, config in destination.rule.items() if config.disable is not vyos_defined %}
        {{ config | nat_rule(rule, 'destination', ipv6=True) }}
{%     endfor %}
{% endif %}
    }

    #
    # Source NAT66 rules build up here
    #
    chain POSTROUTING {
        type nat hook postrouting priority 100; policy accept;
        counter jump VYOS_SNPT_HOOK
{% if source.rule is vyos_defined %}
{%     for rule, config in source.rule.items() if config.disable is not vyos_defined %}
        {{ config | nat_rule(rule, 'source', ipv6=True) }}
{%     endfor %}
{% endif %}
    }

    chain VYOS_DNPT_HOOK {
        return
    }

    chain VYOS_SNPT_HOOK {
        return
    }
}