forked from FF-RGB/ansible
exit_ip: add support for NAT pools
This commit is contained in:
parent
ad4b92cc7a
commit
44fc0e626e
@ -18,3 +18,5 @@ fastd_port: 10030
|
|||||||
gateway_id: 31
|
gateway_id: 31
|
||||||
|
|
||||||
site_code: ffrgb_tst
|
site_code: ffrgb_tst
|
||||||
|
|
||||||
|
nat_pool: 194.156.22.32-194.156.22.33
|
||||||
|
@ -2,3 +2,4 @@
|
|||||||
|
|
||||||
conntrack_max: 131072
|
conntrack_max: 131072
|
||||||
fastd_instances: 3
|
fastd_instances: 3
|
||||||
|
nat_pool: "{{ ansible_default_ipv4.address }}"
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
:INPUT ACCEPT [1:136]
|
:INPUT ACCEPT [1:136]
|
||||||
:OUTPUT ACCEPT [2:472]
|
:OUTPUT ACCEPT [2:472]
|
||||||
:POSTROUTING ACCEPT [0:0]
|
:POSTROUTING ACCEPT [0:0]
|
||||||
-A POSTROUTING -o {{ ansible_default_ipv4.interface }} -j MASQUERADE
|
-A POSTROUTING -o {{ ansible_default_ipv4.interface }} -j SNAT --to-source {{ nat_pool }}
|
||||||
COMMIT
|
COMMIT
|
||||||
*filter
|
*filter
|
||||||
:INPUT ACCEPT [1124:131621]
|
:INPUT ACCEPT [1124:131621]
|
||||||
|
Loading…
Reference in New Issue
Block a user