From 38423fae4ba0f116ae7b5853b1c459202fe2c9a4 Mon Sep 17 00:00:00 2001
From: Stijn Tintel <stijn@linux-ipv6.be>
Date: Tue, 22 Mar 2022 21:20:40 +0200
Subject: [PATCH] test: unconditionally allow ct status dnat

---
 root/usr/share/firewall4/templates/ruleset.uc | 4 ----
 1 file changed, 4 deletions(-)

--- a/root/usr/share/firewall4/templates/ruleset.uc
+++ b/root/usr/share/firewall4/templates/ruleset.uc
@@ -224,9 +224,7 @@ table inet fw4 {
 {%  for (let rule in fw4.rules(`input_${zone.name}`)): %}
 		{%+ include("rule.uc", { fw4, zone, rule }) %}
 {%  endfor %}
-{%  if (zone.dflags.dnat): %}
 		ct status dnat accept comment "!fw4: Accept port redirections"
-{%  endif %}
 {%  fw4.includes('chain-append', `input_${zone.name}`) %}
 		jump {{ zone.input }}_from_{{ zone.name }}
 	}
@@ -245,9 +243,7 @@ table inet fw4 {
 {%  for (let rule in fw4.rules(`forward_${zone.name}`)): %}
 		{%+ include("rule.uc", { fw4, zone, rule }) %}
 {%  endfor %}
-{%  if (zone.dflags.dnat): %}
 		ct status dnat accept comment "!fw4: Accept port forwards"
-{%  endif %}
 {%  fw4.includes('chain-append', `forward_${zone.name}`) %}
 		jump {{ zone.forward }}_to_{{ zone.name }}
 {%  if (fw4.forward_policy() != "accept" && (zone.log & 1)): %}