commit 90ad68485fbe94e5efe4d6685215eaa03603305e
author Zack Williams <zdw@opennetworking.org> Tue Sep 14 15:06:45 2021 -0700
committer Zack Williams <zdw@opennetworking.org> Tue Sep 14 15:06:45 2021 -0700
tree 1daca8a375345e0ee755b6002209b8fe05fce96e
parent e5fb4778dd856184710365e013340411b569b837

Resolve issue with reversed internal/external ports

Change-Id: I782e14ee1bcc9b855fe931ba78f264b1daab7f93

templates/nftables.conf.j2

diff --git a/templates/nftables.conf.j2 b/templates/nftables.conf.j2
index ce9ea23..fda523a 100644
--- a/templates/nftables.conf.j2
+++ b/templates/nftables.conf.j2
@@ -21,7 +21,7 @@
     ## The service present on this server
     {% for item in netprep_nftables["services"] %}
     # For service {{ item["name"] }}
-    iif "{{ netprep_nftables["external_if"] }}" {{ item["protocol"] }} dport {{ item["port"]}} accept
+    iif "{{ netprep_nftables["internal_if"] }}" {{ item["protocol"] }} dport {{ item["port"]}} accept
     {% endfor %}
     {% endif %}
 
@@ -53,7 +53,7 @@
 
   chain postrouting {
     type nat hook postrouting priority 100;
-    oifname "{{ netprep_nftables["internal_if"] }}" masquerade;
+    oifname "{{ netprep_nftables["external_if"] }}" masquerade;
     {% if "ue_routing" in netprep_nftables %}
     {% for src_subnet in netprep_nftables["ue_routing"]["src_subnets"] %}
       {% for ue_subnet in netprep_nftables["ue_routing"]["ue_subnets"] %}