summaryrefslogtreecommitdiff
path: root/python/vyos/nat.py
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-08-08 06:38:41 +0200
committerGitHub <noreply@github.com>2023-08-08 06:38:41 +0200
commit69f983d45716683d0ce41bf094cf53548395717f (patch)
tree207ca6c97864aebd5dd4fdd4906cbfdf8734a522 /python/vyos/nat.py
parentf651b61d45a7500711d2f058faf1e2ce48179e0d (diff)
parent657a566df58478c2f5d4bccad952bfcb7991e847 (diff)
downloadvyos-1x-69f983d45716683d0ce41bf094cf53548395717f.tar.gz
vyos-1x-69f983d45716683d0ce41bf094cf53548395717f.zip
Merge pull request #2119 from nicolas-fort/T5014-dnat
T5014: nat: add source and destination nat options for configuring lo…
Diffstat (limited to 'python/vyos/nat.py')
-rw-r--r--python/vyos/nat.py33
1 files changed, 33 insertions, 0 deletions
diff --git a/python/vyos/nat.py b/python/vyos/nat.py
index 603fedb9b..418efe649 100644
--- a/python/vyos/nat.py
+++ b/python/vyos/nat.py
@@ -94,6 +94,39 @@ def parse_nat_rule(rule_conf, rule_id, nat_type, ipv6=False):
if options:
translation_str += f' {",".join(options)}'
+ if 'backend' in rule_conf['load_balance']:
+ hash_input_items = []
+ current_prob = 0
+ nat_map = []
+
+ for trans_addr, addr in rule_conf['load_balance']['backend'].items():
+ item_prob = int(addr['weight'])
+ upper_limit = current_prob + item_prob - 1
+ hash_val = str(current_prob) + '-' + str(upper_limit)
+ element = hash_val + " : " + trans_addr
+ nat_map.append(element)
+ current_prob = current_prob + item_prob
+
+ elements = ' , '.join(nat_map)
+
+ if 'hash' in rule_conf['load_balance'] and 'random' in rule_conf['load_balance']['hash']:
+ translation_str += ' numgen random mod 100 map ' + '{ ' + f'{elements}' + ' }'
+ else:
+ for input_param in rule_conf['load_balance']['hash']:
+ if input_param == 'source-address':
+ param = 'ip saddr'
+ elif input_param == 'destination-address':
+ param = 'ip daddr'
+ elif input_param == 'source-port':
+ prot = rule_conf['protocol']
+ param = f'{prot} sport'
+ elif input_param == 'destination-port':
+ prot = rule_conf['protocol']
+ param = f'{prot} dport'
+ hash_input_items.append(param)
+ hash_input = ' . '.join(hash_input_items)
+ translation_str += f' jhash ' + f'{hash_input}' + ' mod 100 map ' + '{ ' + f'{elements}' + ' }'
+
for target in ['source', 'destination']:
if target not in rule_conf:
continue