gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-05 19:34:27 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1544 from gravitl/bugfix_v0.15.2_dual_stack_internet_gateway

Browse source 
add check in nft rules for dual stack internet gateway
This commit is contained in:
Alex Feiszli 2022-09-12 15:42:21 -04:00 committed by GitHub
commit fe1f754e37
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
logic/gateway.go
View file

@ -4,6 +4,7 @@ import (
"encoding/json"
"errors"
"fmt"
"net"
"strings"
"time"
@ -334,6 +335,9 @@ func firewallNFTCommandsCreateEgress(networkInterface string, gatewayInterface s
postUp += "nft 'add chain ip nat prerouting { type nat hook prerouting priority 0 ;}' ; "
postUp += "nft 'add chain ip nat postrouting { type nat hook postrouting priority 0 ;}' ; "
for _, networkCIDR := range gatewayranges {
if net.ParseIP(networkCIDR).To16() != nil {
continue
}
postUp += "nft add rule nat postrouting iifname " + networkInterface + " oifname " + gatewayInterface + " ip saddr " + networkCIDR + " masquerade ; "
}