From 6dd02b7270b18917ecd8b0255b4a752db8ef7142 Mon Sep 17 00:00:00 2001
From: Karl Grube <karl@hudlergrube.com>
Date: Mon, 30 Oct 2023 12:58:50 +0100
Subject: [PATCH] added support for nat servers

---
 templates/frr_conf.j2 | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/templates/frr_conf.j2 b/templates/frr_conf.j2
index ef3c4d6..f1685e7 100644
--- a/templates/frr_conf.j2
+++ b/templates/frr_conf.j2
@@ -55,7 +55,7 @@ router bgp {{bgp_asn}}
   neighbor firewall4s prefix-list my-networks in
   neighbor nat activate
   neighbor nat prefix-list all out
-  neighbor nat prefix-list my-networks in
+  neighbor nat prefix-list nat in
 {% for neighbor in internet_connections %}
 {%   for ip in neighbor.peer_ips %}
 {%     if ip|ansible.utils.ipv4 %}
@@ -163,6 +163,13 @@ ip prefix-list internet seq {{(loop.index|int)*10+170}} permit any
 {%   endif %}
 {% endfor %}
 !
+{% for range in dc4_ranges %}
+ip prefix-list nat seq {{(loop.index|int)*20-10}} permit {{range}}
+ip prefix-list nat seq {{(loop.index|int)*20}} permit {{range}} ge {{((range|regex_replace('.*/',''))|int)+1}}
+{%   if loop.last %}
+ip prefix-list nat seq {{(loop.index|int)*20+10}} deny any
+{%   endif %}
+{% endfor %}
 {% for range in dc4_ranges + anycast4_ranges %}
 ip prefix-list my-networks seq {{(loop.index|int)*10}} permit {{range}}
 {%   if loop.last %}
-- 
GitLab