ansible/roles/nftables_infra/templates/nftables.d/70-nat.conf.j2

{{ ansible_managed | comment }}

table ip nat {

	chain postrouting {
		type nat hook postrouting priority srcnat
		policy accept

		iif lo return

		# Is there any other way to do that?
		meta pkttype { multicast, broadcast } return
		ip daddr 224.0.0.0/24 return

		ip saddr $need_nat_ipv4 ip daddr != $aurore_ipv4 \
			snat $nat_public_ipv4 persistent
	}

}