fix allowed chains for NAT rules

2 files changed, 17 insertions, 9 deletions

diff --git a/awall-cli b/awall-cli
index bef522c..c06daaf 100755
--- a/awall-cli
+++ b/awall-cli
@@ -2,7 +2,7 @@
 
 --[[
 Alpine Wall
-Copyright (C) 2012-2014 Kaarle Ritvanen
+Copyright (C) 2012-2015 Kaarle Ritvanen
 See LICENSE file for license details
 ]]--
 
@@ -20,7 +20,7 @@ if not table.unpack then table.unpack = unpack end
 function help()
    io.stderr:write([[
 Alpine Wall
-Copyright (C) 2012-2014 Kaarle Ritvanen
+Copyright (C) 2012-2015 Kaarle Ritvanen
 This is free software with ABSOLUTELY NO WARRANTY,
 available under the terms of the GNU General Public License, version 2
 
diff --git a/awall/modules/nat.lua b/awall/modules/nat.lua
index c628e36..198b28a 100644
--- a/awall/modules/nat.lua
+++ b/awall/modules/nat.lua
@@ -1,6 +1,6 @@
 --[[
 NAT module for Alpine Wall
-Copyright (C) 2012-2014 Kaarle Ritvanen
+Copyright (C) 2012-2015 Kaarle Ritvanen
 See LICENSE file for license details
 ]]--
 
@@ -60,9 +60,13 @@ local DNATRule = class(NATRule)
 
 function DNATRule:init(...)
    DNATRule.super(self):init(...)
-   self.params = {forbidif='out', subject='destination',
-		  chains={'INPUT', 'PREROUTING'},
-		  target='DNAT', deftarget='REDIRECT'}
+   self.params = {
+      forbidif='out',
+      subject='destination',
+      chains={'OUTPUT', 'PREROUTING'},
+      target='DNAT',
+      deftarget='REDIRECT'
+   }
 end
 
 
@@ -70,9 +74,13 @@ local SNATRule = class(NATRule)
 
 function SNATRule:init(...)
    SNATRule.super(self):init(...)
-   self.params = {forbidif='in', subject='source',
-		  chains={'OUTPUT', 'POSTROUTING'},
-		  target='SNAT', deftarget='MASQUERADE'}
+   self.params = {
+      forbidif='in',
+      subject='source',
+      chains={'INPUT', 'POSTROUTING'},
+      target='SNAT',
+      deftarget='MASQUERADE'
+   }
 end