Commit 4ea6839a authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

support for ACCEPT rules in NAT chains

parent ad677b62
...@@ -45,6 +45,7 @@ function NATRule:table() return 'nat' end ...@@ -45,6 +45,7 @@ function NATRule:table() return 'nat' end
function NATRule:chain() return self.params.chain end function NATRule:chain() return self.params.chain end
function NATRule:target() function NATRule:target()
if self.action then return model.Rule.target(self) end
if not self['ip-range'] then error('IP range not defined for NAT rule') end if not self['ip-range'] then error('IP range not defined for NAT rule') end
local target = self.params.target..' --to-'..self.params.subject..' '..self['ip-range'] local target = self.params.target..' --to-'..self.params.subject..' '..self['ip-range']
if self['port-range'] then target = target..':'..self['port-range'] end if self['port-range'] then target = target..':'..self['port-range'] end
...@@ -70,7 +71,7 @@ function SNATRule:init(context) ...@@ -70,7 +71,7 @@ function SNATRule:init(context)
end end
function SNATRule:target() function SNATRule:target()
if self['ip-range'] then return NATRule.target(self) end if self.action or self['ip-range'] then return NATRule.target(self) end
return 'MASQUERADE'..(self['port-range'] and ' --to-ports '..self['port-range'] or '') return 'MASQUERADE'..(self['port-range'] and ' --to-ports '..self['port-range'] or '')
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment