We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Example partition:
partition 'x' do label 'd', :address => '10.243.4.97' label 's', :address => '172.17.7.9' label 'n', :address => '10.243.4.3' rewrite 'wow' do from 's' to 'd' snat 's' => 'n' end end
Produces:
# x-58816d iptables --table nat --new-chain x-d58816d iptables --table nat --new-chain x-s58816d iptables --table filter --new-chain x-a58816d iptables --table nat --append x-s58816d --source 172.17.7.9 --jump SNAT --to-source 10.243.4.3 iptables --table filter --append x-a58816d --source 172.17.7.9 --jump ACCEPT iptables --table nat --insert partition-s --source 172.17.7.9 --jump x-s58816d iptables --table filter --insert partition-a --source 172.17.7.9 --jump x-a58816d
Where as I would have expect something more like:
# x-58816d ... iptables --table nat --append x-s58816d --source 172.17.7.9 --destination 10.243.4.97 --jump SNAT --to-source 10.243.4.3 iptables --table filter --append x-a58816d --source 172.17.7.9 --destination 10.243.4.97 --jump ACCEPT ...
The same is true (but flipped) for DNAT. Sometimes you want to DNAT/SNAT on specific sources and destinations to a specific IP.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Example partition:
Produces:
# x-58816d iptables --table nat --new-chain x-d58816d iptables --table nat --new-chain x-s58816d iptables --table filter --new-chain x-a58816d iptables --table nat --append x-s58816d --source 172.17.7.9 --jump SNAT --to-source 10.243.4.3 iptables --table filter --append x-a58816d --source 172.17.7.9 --jump ACCEPT iptables --table nat --insert partition-s --source 172.17.7.9 --jump x-s58816d iptables --table filter --insert partition-a --source 172.17.7.9 --jump x-a58816dWhere as I would have expect something more like:
# x-58816d ... iptables --table nat --append x-s58816d --source 172.17.7.9 --destination 10.243.4.97 --jump SNAT --to-source 10.243.4.3 iptables --table filter --append x-a58816d --source 172.17.7.9 --destination 10.243.4.97 --jump ACCEPT ...The same is true (but flipped) for DNAT. Sometimes you want to DNAT/SNAT on specific sources and destinations to a specific IP.
The text was updated successfully, but these errors were encountered: