Leave forwarding UDP for another time

This commit is contained in:
Wojciech Kozlowski 2023-10-22 09:39:25 +02:00
parent 1bcd445dc6
commit ffe65032db

View File

@ -14,7 +14,7 @@ table ip ${IFACE}_ipv4 {
chain prerouting {
type nat hook prerouting priority -100;
{% for forward in vpn_bridge_dnat %}
iif {{ ansible_default_ipv4.interface | default(ansible_default_ipv6.interface) }} meta l4proto { tcp, udp } th dport { {{ forward.ports | join(", ") }} } dnat to {{ forward.inet_address }};
iif {{ ansible_default_ipv4.interface | default(ansible_default_ipv6.interface) }} tcp dport { {{ forward.ports | join(", ") }} } dnat to {{ forward.inet_address }};
{% endfor %}
}
@ -37,7 +37,7 @@ table ip6 ${IFACE}_ipv6 {
chain prerouting {
type nat hook prerouting priority -100;
{% for forward in vpn_bridge_dnat %}
iif {{ ansible_default_ipv6.interface | default(ansible_default_ipv4.interface) }} meta l4proto { tcp, udp } th dport { {{ forward.ports | join(", ") }} } dnat to {{ forward.inet6_address }};
iif {{ ansible_default_ipv6.interface | default(ansible_default_ipv4.interface) }} tcp dport { {{ forward.ports | join(", ") }} } dnat to {{ forward.inet6_address }};
{% endfor %}
}