Commit cb9a3c04 authored by nanahira's avatar nanahira

fix masq

parent 27802c5a
...@@ -57,7 +57,7 @@ handle_gateway {{gateway.id}} {{gateway.address}} {% if gateway.mac is defined a ...@@ -57,7 +57,7 @@ handle_gateway {{gateway.id}} {{gateway.address}} {% if gateway.mac is defined a
{% if br.masq is defined and br.masq %} {% if br.masq is defined and br.masq %}
# Masquerade # Masquerade
iptables -t nat -A POSTROUTING -o "$BRIDGE_NAME" -m set --match-set localnet src -j MASQUERADE iptables -t nat -A POSTROUTING -o "$BRIDGE_NAME" -m set --match-set localnet src -m set ! --match-set localnet dst -j MASQUERADE
{% endif %} {% endif %}
{% if br.dhcpv6Client is defined and br.dhcpv6Client %} {% if br.dhcpv6Client is defined and br.dhcpv6Client %}
......
...@@ -46,6 +46,7 @@ handle_gateway {{gateway.id}} {{gateway.address}} {% if gateway.mac is defined a ...@@ -46,6 +46,7 @@ handle_gateway {{gateway.id}} {{gateway.address}} {% if gateway.mac is defined a
# Masquerade # Masquerade
iptables -t nat -D POSTROUTING -o "$BRIDGE_NAME" -j MASQUERADE iptables -t nat -D POSTROUTING -o "$BRIDGE_NAME" -j MASQUERADE
iptables -t nat -D POSTROUTING -o "$BRIDGE_NAME" -m set --match-set localnet src -j MASQUERADE iptables -t nat -D POSTROUTING -o "$BRIDGE_NAME" -m set --match-set localnet src -j MASQUERADE
iptables -t nat -D POSTROUTING -o "$BRIDGE_NAME" -m set --match-set localnet src -m set ! --match-set localnet dst -j MASQUERADE
{% endif %} {% endif %}
{% if br.down is defined and br.down %} {% if br.down is defined and br.down %}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment