summaryrefslogtreecommitdiffstats
path: root/awall
diff options
context:
space:
mode:
Diffstat (limited to 'awall')
-rw-r--r--awall/modules/nat.lua17
1 files changed, 8 insertions, 9 deletions
diff --git a/awall/modules/nat.lua b/awall/modules/nat.lua
index abe2630..9dffaad 100644
--- a/awall/modules/nat.lua
+++ b/awall/modules/nat.lua
@@ -46,8 +46,12 @@ function NATRule:chain() return self.params.chain end
function NATRule:target()
if self.action then return model.Rule.target(self) end
- if not self['ip-range'] then self:error('IP range not defined for NAT rule') end
- local target = self.params.target..' --to-'..self.params.subject..' '..self['ip-range']
+
+ local target
+ if self['ip-range'] then
+ target = self.params.target..' --to-'..self.params.subject..' '..self['ip-range']
+ else target = self.params.deftarget end
+
if self['port-range'] then target = target..':'..self['port-range'] end
return target
end
@@ -58,7 +62,7 @@ local DNATRule = model.class(NATRule)
function DNATRule:init(...)
NATRule.init(self, unpack(arg))
self.params = {forbidif='out', subject='destination',
- chain='PREROUTING', target='DNAT'}
+ chain='PREROUTING', target='DNAT', deftarget='REDIRECT'}
end
@@ -67,12 +71,7 @@ local SNATRule = model.class(NATRule)
function SNATRule:init(...)
NATRule.init(self, unpack(arg))
self.params = {forbidif='in', subject='source',
- chain='POSTROUTING', target='SNAT'}
-end
-
-function SNATRule:target()
- if self.action or self['ip-range'] then return NATRule.target(self) end
- return 'MASQUERADE'..(self['port-range'] and ' --to-ports '..self['port-range'] or '')
+ chain='POSTROUTING', target='SNAT', deftarget='MASQUERADE'}
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-22 04:26:23 +0000