diff options
Diffstat (limited to 'awall')
-rw-r--r-- | awall/modules/nat.lua | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/awall/modules/nat.lua b/awall/modules/nat.lua index abe2630..9dffaad 100644 --- a/awall/modules/nat.lua +++ b/awall/modules/nat.lua @@ -46,8 +46,12 @@ function NATRule:chain() return self.params.chain end function NATRule:target() if self.action then return model.Rule.target(self) end - if not self['ip-range'] then self:error('IP range not defined for NAT rule') end - local target = self.params.target..' --to-'..self.params.subject..' '..self['ip-range'] + + local target + if self['ip-range'] then + target = self.params.target..' --to-'..self.params.subject..' '..self['ip-range'] + else target = self.params.deftarget end + if self['port-range'] then target = target..':'..self['port-range'] end return target end @@ -58,7 +62,7 @@ local DNATRule = model.class(NATRule) function DNATRule:init(...) NATRule.init(self, unpack(arg)) self.params = {forbidif='out', subject='destination', - chain='PREROUTING', target='DNAT'} + chain='PREROUTING', target='DNAT', deftarget='REDIRECT'} end @@ -67,12 +71,7 @@ local SNATRule = model.class(NATRule) function SNATRule:init(...) NATRule.init(self, unpack(arg)) self.params = {forbidif='in', subject='source', - chain='POSTROUTING', target='SNAT'} -end - -function SNATRule:target() - if self.action or self['ip-range'] then return NATRule.target(self) end - return 'MASQUERADE'..(self['port-range'] and ' --to-ports '..self['port-range'] or '') + chain='POSTROUTING', target='SNAT', deftarget='MASQUERADE'} end |