firewall/nat.nft

#! /sbin/nft -f

table ip nat {
	chain prerouting {
		type nat hook prerouting priority 0;
		meta iifname $if_prerezotage ip daddr != { $intranet, $comnpay, $website } tcp dport {http,https} dnat $bounce_server;
	}


	chain postrouting {
		type nat hook postrouting priority 100

		# ip saddr 10.0.0.0/8 snat to 193.48.225.3
		meta oifname $if_supelec snat to 193.48.225.3

	}

}
bases du nat 2019-01-07 22:48:42 +00:00			`#! /sbin/nft -f`

SNAT 2019-02-09 09:23:05 +00:00			`table ip nat {`
bases du nat 2019-01-07 22:48:42 +00:00			`chain prerouting {`
			`type nat hook prerouting priority 0;`
SNAT 2019-02-09 09:23:05 +00:00			`meta iifname $if_prerezotage ip daddr != { $intranet, $comnpay, $website } tcp dport {http,https} dnat $bounce_server;`
bases du nat 2019-01-07 22:48:42 +00:00			`}`


			`chain postrouting {`
			`type nat hook postrouting priority 100`
SNAT 2019-02-09 09:23:05 +00:00
MAC-IP table 2019-03-12 21:06:21 +00:00			`# ip saddr 10.0.0.0/8 snat to 193.48.225.3`
			`meta oifname $if_supelec snat to 193.48.225.3`
bases du nat 2019-01-07 22:48:42 +00:00
			`}`

			`}`