flush handlers and rerun setup to get new IP addresses as facts before proceeding
Change-Id: Icc0031ff8c88968ed6bec3118474b702a1f9b152
diff --git a/templates/nftables.conf.j2 b/templates/nftables.conf.j2
index d24b47f..95c1439 100644
--- a/templates/nftables.conf.j2
+++ b/templates/nftables.conf.j2
@@ -8,25 +8,28 @@
# Primary rules
table inet filter {
- chain input {
- type filter hook input priority 0;
- }
- chain forward {
- type filter hook forward priority 0;
- }
- chain output {
- type filter hook output priority 0;
- }
+ chain input {
+ type filter hook input priority 0;
+ }
+ chain forward {
+ type filter hook forward priority 0;
+ }
+ chain output {
+ type filter hook output priority 0;
+ }
}
# NAT
table ip nat {
- chain prerouting {
- type nat hook prerouting priority -100;
- }
+ chain prerouting {
+ type nat hook prerouting priority -100;
+ }
- chain postrouting {
- type nat hook postrouting priority 100;
- oifname "{{ netprep_nat_if }}" masquerade;
- }
+ chain postrouting {
+ type nat hook postrouting priority 100;
+ oifname "{{ netprep_nat_if }}" masquerade;
+{% if netprep_nftables_nat_postrouting %}
+{{ netprep_nftables_nat_postrouting | indent(width=4) }}
+{% endif %}
+ }
}