From 12c938c379e714129de60fef7051a0d3337c5e92 Mon Sep 17 00:00:00 2001
From: Hugo Levy-Falk <klafyvel@klafyvel.me>
Date: Mon, 14 Sep 2020 20:26:26 +0200
Subject: [PATCH] Fix radius federez

---
 archi.nft | 1 -
 nat.nft   | 8 ++++----
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/archi.nft b/archi.nft
index 47ef1c2..f9e07cf 100644
--- a/archi.nft
+++ b/archi.nft
@@ -40,5 +40,4 @@ define range_public = 193.48.225.0/24
 
 define ip_self_public = 193.48.225.254
 
-define ip_radius = 10.7.0.124
 define monitoring = 10.7.0.114
diff --git a/nat.nft b/nat.nft
index 82a86fd..d4670ca 100644
--- a/nat.nft
+++ b/nat.nft
@@ -25,8 +25,8 @@ table ip nat {
 	chain prerouting {
 		type nat hook prerouting priority 0;
 		ip saddr $range_prerezotage ip daddr != { $intranet, $comnpay, $website } tcp dport {http,https} dnat $bounce_server;
-		ip saddr @radius_federez ip daddr $ip_self_public tcp dport { 636, 389 } dnat $ip_radius;
-		ip saddr @radius_federez ip daddr $ip_self_public udp dport { 636, 1812 } dnat $ip_radius;
+		#ip saddr @radius_federez ip daddr $ip_self_public tcp dport { 636, 389 } dnat $ip_radius;
+		#ip saddr @radius_federez ip daddr $ip_self_public udp dport { 636, 1812 } dnat $ip_radius;
 	}
 
 
@@ -35,8 +35,8 @@ table ip nat {
 
 		meta oifname != $if_supelec return
 
-		ip saddr $ip_radius ip daddr @radius_federez tcp dport { 636, 389} snat to $ip_self_public
-		ip saddr $ip_radius ip daddr @radius_federez udp dport { 636, 1812 } snat to $ip_self_public
+		#ip saddr $ip_radius ip daddr @radius_federez tcp dport { 636, 389} snat to $ip_self_public
+		#ip saddr $ip_radius ip daddr @radius_federez udp dport { 636, 1812 } snat to $ip_self_public
 
 		ip daddr != {10.0.0.0/8, $range_public} ip saddr vmap {
 			$range_adherent : goto adherent_nat,