Commit f1762cdc authored by Jocelyn Delalande's avatar Jocelyn Delalande

router: Add dst_port optional arg to redirections

Allow dest port and source port to be different, optionaly.
parent 15654d12
......@@ -24,3 +24,5 @@ Related roles are *radvd*, *dnsmasq*, *haproxy-ip4-proxy*.
- {proto: tcp, port: 80, host: 192.168.0.3}
roles:
- {role: router, tags: ['router']}
port redirections take an optional `dst_port` attribute when destination port is different from incomming port.
......@@ -5,7 +5,7 @@
:OUTPUT ACCEPT [10935:1902427]
{% for rule in ip4_port_redirections %}
-A PREROUTING -i {{ vpn_iface }} -p {{ rule.proto }} --dport {{ rule.port }} -j DNAT --to {{ rule.host }}:{{ rule.port }}
-A PREROUTING -i {{ vpn_iface }} -p {{ rule.proto }} --dport {{ rule.port }} -j DNAT --to {{ rule.host }}:{{ rule.dst_port | default(rule.port) }}
{% endfor %}
-A POSTROUTING -s {{ dmz_ip4 }} -o {{ vpn_iface }} -j MASQUERADE
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment