blob: fd289372df18d93565aeaf477112768710156da0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
#!/bin/bash
# NFT_TEST_REQUIRES(NFT_TEST_HAVE_catchall_element)
set -e
RULESET="table ip x {
map y {
type ipv4_addr : ipv4_addr
elements = { 10.141.0.1 : 192.168.0.2, * : 192.168.0.3 }
}
map z {
type ipv4_addr : ipv4_addr
flags interval
elements = { 10.141.0.0/24 : 192.168.0.2, * : 192.168.0.3 }
}
}"
$NFT -f - <<< $RULESET
$NFT delete element x y { \* : 192.168.0.3 }
$NFT add element x y { \* : 192.168.0.4 }
$NFT add chain x y
$NFT add rule x y snat to ip saddr map @z
$NFT 'add rule x y snat to ip saddr map { 10.141.0.0/24 : 192.168.0.2, * : 192.168.0.3 }'
$NFT 'add rule x y snat to ip saddr . ip daddr map { 10.141.0.0/24 . 10.0.0.0/8 : 192.168.0.2, 192.168.9.0/24 . 192.168.10.0/24 : 192.168.0.4, * : 192.168.0.3 }'
|