From b395d0d2581c0c376efca81440dfbc3c53963c07 Mon Sep 17 00:00:00 2001
From: Hugo LEVY-FALK <me@klafyvel.me>
Date: Sun, 12 May 2019 11:58:09 +0200
Subject: [PATCH] =?UTF-8?q?Ne=20NAT=20pas=20le=20traffic=20vers=20l'int?=
 =?UTF-8?q?=C3=A9rieur?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 archi.nft | 2 +-
 nat.nft   | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/archi.nft b/archi.nft
index d9cc885..e472e84 100644
--- a/archi.nft
+++ b/archi.nft
@@ -22,5 +22,5 @@ define range_aloes = 10.66.0.0/27
 define range_prerezotage = 10.68.0.0/16
 define range_public = 193.48.225.0/24
 
-define ip_self_public = 193.48.225.254
+define ip_self_public = 193.48.225.2
 define ip_radius = 10.7.0.124
diff --git a/nat.nft b/nat.nft
index 0a22db6..60ab593 100644
--- a/nat.nft
+++ b/nat.nft
@@ -18,6 +18,7 @@ table ip nat {
 	chain postrouting {
 		type nat hook postrouting priority 100
 
+		meta oifname != $if_supelec return
 
 		ip daddr != {10.0.0.0/8, $range_public} ip saddr vmap {
 			$range_adherent : goto adherent_nat,