role_nftables/templates/table.conf.j2

56 lines
1.1 KiB
Plaintext
Raw Permalink Normal View History

{% if
item.ipv4_rules.prerouting | length > 0
or
item.ipv4_rules.postrouting | length > 0
%}
table ip {{ item.name }} {
{% if item.ipv4_rules.prerouting | length > 0 %}
chain prerouting {
type nat hook prerouting priority 0;
{% for rule in item.ipv4_rules.prerouting %}
{{ rule }}
{% endfor %}
}
{% endif %}
{% if item.ipv4_rules.postrouting | length > 0 %}
chain postrouting {
type nat hook postrouting priority 100; policy accept;
{% for rule in item.ipv4_rules.postrouting %}
{{ rule }}
{% endfor %}
}
{% endif %}
}
{% endif %}
{% if
item.ipv6_rules.prerouting | length > 0
or
item.ipv6_rules.postrouting | length > 0
%}
table ip6 {{ item.name }} {
{% if item.ipv6_rules.prerouting | length > 0 %}
chain prerouting {
type nat hook prerouting priority 0;
{% for rule in item.ipv6_rules.prerouting %}
{{ rule }}
{% endfor %}
}
{% endif %}
{% if item.ipv6_rules.postrouting | length > 0 %}
chain postrouting {
type nat hook postrouting priority 100; policy accept;
{% for rule in item.ipv6_rules.postrouting %}
{{ rule }}
{% endfor %}
}
{% endif %}
}
{% endif %}