summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-01-11 19:42:04 +0100
committerChristian Poessinger <christian@poessinger.com>2021-01-11 19:43:17 +0100
commit8d239aa739776e6ddf37cf7266933e414422893f (patch)
tree3616ba4374c4f1ebcad06bb8eaa283ffddb5e838
parentc736516e65d280eed74e4756fa89004c3cde21a3 (diff)
downloadvyos-1x-8d239aa739776e6ddf37cf7266933e414422893f.tar.gz
vyos-1x-8d239aa739776e6ddf37cf7266933e414422893f.zip
nat: T3206: unable to delete only rules but keep destination node
(cherry picked from commit 9db4dbc4a84ff1a110617cb3c7849d7c9d4a62e7)
-rwxr-xr-xsmoketest/scripts/cli/test_nat.py12
-rwxr-xr-xsrc/conf_mode/nat.py2
2 files changed, 12 insertions, 2 deletions
diff --git a/smoketest/scripts/cli/test_nat.py b/smoketest/scripts/cli/test_nat.py
index 7ca82f86f..b82805661 100755
--- a/smoketest/scripts/cli/test_nat.py
+++ b/smoketest/scripts/cli/test_nat.py
@@ -138,7 +138,6 @@ class TestNAT(unittest.TestCase):
else:
self.assertEqual(iface, inbound_iface_200)
-
def test_snat_required_translation_address(self):
# T2813: Ensure translation address is specified
rule = '5'
@@ -156,5 +155,16 @@ class TestNAT(unittest.TestCase):
self.session.set(src_path + ['rule', rule, 'translation', 'address', 'masquerade'])
self.session.commit()
+ def test_nat_no_rules(self):
+ # T3206: deleting all rules but keep the direction 'destination' or
+ # 'source' resulteds in KeyError: 'rule'.
+ #
+ # Test that both 'nat destination' and 'nat source' nodes can exist
+ # without any rule
+ self.session.set(src_path)
+ self.session.set(dst_path)
+ self.session.commit()
+
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/src/conf_mode/nat.py b/src/conf_mode/nat.py
index 1ccec3d2e..2d98cb11b 100755
--- a/src/conf_mode/nat.py
+++ b/src/conf_mode/nat.py
@@ -88,7 +88,7 @@ def get_config(config=None):
for direction in ['source', 'destination']:
if direction in nat:
default_values = defaults(base + [direction, 'rule'])
- for rule in nat[direction]['rule']:
+ for rule in dict_search(f'{direction}.rule', nat) or []:
nat[direction]['rule'][rule] = dict_merge(default_values,
nat[direction]['rule'][rule])