table inet firewall {

	map port_forwarding_tcp {
		type inet_proto . inet_service: verdict
		elements = {
			tcp . 23456: jump fwd_yann_minecraft,
			tcp . 22222: jump fwd_fabien_pathier,
		}
	}

	chain fwd_yann_minecraft{
		# Serveur minecraft Yann
		dnat to 10.2.4.29:23456
	}

	chain fwd_fabien_pathier{
		# Machine de Fabien Pathier accessible en SSH depuis l'extérieur
		dnat to 10.2.4.105:22 
	}

	chain dnat_nerim {
		ip protocol . th dport vmap @port_forwarding_tcp
	}

	chain to_nerim {
		accept
	}

	chain from_nerim {
		accept
	}

	chain snat_nerim {
		masquerade log prefix "masquerade:"
	}
}