T6687: add fqdn support to nat rules.

(cherry picked from commit 4c3d037f036e84c77333a400b35bb1a628a1a118)
author: Nicolas Fort <nicolasfort1988@gmail.com> 2024-08-30 17:54:17 +0000
committer: Christian Breunig <christian@breunig.cc> 2024-09-30 17:26:24 +0200
commit: 8dcb042bb2352717395ba3c17bc5437534c83af5 (patch)
tree: 79c296ca3b938da5437d930ec5b0cebc4c1a1dbb /python/vyos/nat.py
parent: 4d63611ea56389b8344efb97251a79c2d41bd565 (diff)
download: vyos-1x-8dcb042bb2352717395ba3c17bc5437534c83af5.tar.gz
vyos-1x-8dcb042bb2352717395ba3c17bc5437534c83af5.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/python/vyos/nat.py b/python/vyos/nat.py
index e54548788..4fe21ef13 100644
--- a/python/vyos/nat.py
+++ b/python/vyos/nat.py
@@ -236,6 +236,13 @@ def parse_nat_rule(rule_conf, rule_id, nat_type, ipv6=False):
 
                 output.append(f'{proto} {prefix}port {operator} @P_{group_name}')
 
+        if 'fqdn' in side_conf:
+            fqdn = side_conf['fqdn']
+            operator = ''
+            if fqdn[0] == '!':
+                operator = '!='
+            output.append(f' ip {prefix}addr {operator} @FQDN_nat_{nat_type}_{rule_id}_{prefix}')
+
     output.append('counter')
 
     if 'log' in rule_conf:
author	Nicolas Fort <nicolasfort1988@gmail.com>	2024-08-30 17:54:17 +0000
committer	Christian Breunig <christian@breunig.cc>	2024-09-30 17:26:24 +0200
commit	8dcb042bb2352717395ba3c17bc5437534c83af5 (patch)
tree	79c296ca3b938da5437d930ec5b0cebc4c1a1dbb /python/vyos/nat.py
parent	4d63611ea56389b8344efb97251a79c2d41bd565 (diff)
download	vyos-1x-8dcb042bb2352717395ba3c17bc5437534c83af5.tar.gz vyos-1x-8dcb042bb2352717395ba3c17bc5437534c83af5.zip