nat fixes

2025-04-26 16:00:47 -05:00 · 2025-04-26 16:00:47 -05:00 · d2c19248f2
commit d2c19248f2
parent c408c346a4
4 changed files with 19 additions and 3 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -8,8 +8,8 @@ wifi:
  channel: 6           # Wi-Fi channel (2.4 GHz band, e.g., 6 is common)

 network:
-  lan_subnet: 192.168.7.0/24
-  lan_gateway: 192.168.7.1/24
+  lan_subnet: 192.168.73.0/24
+  lan_gateway: 192.168.73.1/24
  lan_dns: 8.8.8.8
  lan_domain: hamhotspot.internal

--- a/ansible/roles/ax25/templates/ax.network.j2
+++ b/ansible/roles/ax25/templates/ax.network.j2
@ -2,4 +2,4 @@
 Name={{ radio.ax_iface }}

 [Network]
-Address={{ radio.ip_address }}
+Address={{ radio.ip_address }}
--- a/ansible/roles/networking/tasks/main.yml
+++ b/ansible/roles/networking/tasks/main.yml
@ -28,3 +28,11 @@
    name: hostapd
    enabled: true
    state: started
+
+# Set up NAT
+- name: Install custom NAT masquerading rule
+  ansible.builtin.copy:
+    dest: /etc/nftables.d/10-ham-hotspot.nft
+    src: nftables/ham-hotspot.nft.j2
+    mode: "0644"
+  notify: Restart nftables
--- a/ansible/roles/networking/templates/ham-hotspot-nat.nft.j2
+++ b/ansible/roles/networking/templates/ham-hotspot-nat.nft.j2
@ -0,0 +1,8 @@
+table ip nat {
+  chain postrouting {
+    type nat hook postrouting priority srcnat; policy accept;
+    {% for radio in radios %}
+    oif "{{ radio.ax_iface }}" masquerade
+    {% endfor %}
+  }
+}