58 lines
1.1 KiB
Plaintext
58 lines
1.1 KiB
Plaintext
|
# {{ ansible_managed }}
|
||
|
|
|
||
|
|
{% if
|
||
|
|
item.ipv4_rules.prerouting | length > 0
|
||
|
|
or
|
||
|
|
item.ipv4_rules.postrouting | length > 0
|
||
|
|
%}
|
||
|
|
table ip {{ item.filename }} {
|
||
|
|
{% if item.ipv4_rules.prerouting | length > 0 %}
|
||
|
|
chain prerouting {
|
||
|
|
type nat hook prerouting priority 0;
|
||
|
|
|
||
|
|
{% for rule in item.ipv4_rules.prerouting %}
|
||
|
|
{{ rule }}
|
||
|
|
{% endfor %}
|
||
|
|
}
|
||
|
|
{% endif %}
|
||
|
|
|
||
|
|
{% if item.ipv4_rules.postrouting | length > 0 %}
|
||
|
|
chain postrouting {
|
||
|
|
type nat hook postrouting priority 100; policy accept;
|
||
|
|
|
||
|
|
{% for rule in item.ipv4_rules.postrouting %}
|
||
|
|
{{ rule }}
|
||
|
|
{% endfor %}
|
||
|
|
}
|
||
|
|
{% endif %}
|
||
|
|
}
|
||
|
|
{% endif %}
|
||
|
|
|
||
|
|
{% if
|
||
|
|
item.ipv6_rules.prerouting | length > 0
|
||
|
|
or
|
||
|
|
item.ipv6_rules.postrouting | length > 0
|
||
|
|
%}
|
||
|
|
table ip6 {{ item.filename }} {
|
||
|
|
{% if item.ipv6_rules.prerouting | length > 0 %}
|
||
|
|
chain prerouting {
|
||
|
|
type nat hook prerouting priority 0;
|
||
|
|
|
||
|
|
{% for rule in item.ipv6_rules.prerouting %}
|
||
|
|
{{ rule }}
|
||
|
|
{% endfor %}
|
||
|
|
}
|
||
|
|
{% endif %}
|
||
|
|
|
||
|
|
{% if item.ipv6_rules.postrouting | length > 0 %}
|
||
|
|
chain postrouting {
|
||
|
|
type nat hook postrouting priority 100; policy accept;
|
||
|
|
|
||
|
|
{% for rule in item.ipv6_rules.postrouting %}
|
||
|
|
{{ rule }}
|
||
|
|
{% endfor %}
|
||
|
|
}
|
||
|
|
{% endif %}
|
||
|
|
}
|
||
|
|
{% endif %}
|