diff options
author | Daniil Baturin <daniil@vyos.io> | 2024-09-30 15:48:56 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-09-30 15:48:56 +0100 |
commit | eb55965347e53ac1dc336fe836b370a1f3e10a85 (patch) | |
tree | a076141622ec1e41133ef998076b21ce1b2abaac /smoketest/scripts | |
parent | 0195aa1b0e99b6e886168c89fd2d018181918125 (diff) | |
parent | 4c3d037f036e84c77333a400b35bb1a628a1a118 (diff) | |
download | vyos-1x-eb55965347e53ac1dc336fe836b370a1f3e10a85.tar.gz vyos-1x-eb55965347e53ac1dc336fe836b370a1f3e10a85.zip |
Merge pull request #4024 from nicolas-fort/T6687
T6687: add fqdn support to nat rules.
Diffstat (limited to 'smoketest/scripts')
-rwxr-xr-x | smoketest/scripts/cli/test_nat.py | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_nat.py b/smoketest/scripts/cli/test_nat.py index 5161e47fd..0beafcc6c 100755 --- a/smoketest/scripts/cli/test_nat.py +++ b/smoketest/scripts/cli/test_nat.py @@ -304,5 +304,31 @@ class TestNAT(VyOSUnitTestSHIM.TestCase): self.verify_nftables(nftables_search, 'ip vyos_nat') + def test_nat_fqdn(self): + source_domain = 'vyos.dev' + destination_domain = 'vyos.io' + + self.cli_set(src_path + ['rule', '1', 'outbound-interface', 'name', 'eth0']) + self.cli_set(src_path + ['rule', '1', 'source', 'fqdn', source_domain]) + self.cli_set(src_path + ['rule', '1', 'translation', 'address', 'masquerade']) + + self.cli_set(dst_path + ['rule', '1', 'destination', 'fqdn', destination_domain]) + self.cli_set(dst_path + ['rule', '1', 'source', 'fqdn', source_domain]) + self.cli_set(dst_path + ['rule', '1', 'destination', 'port', '5122']) + self.cli_set(dst_path + ['rule', '1', 'protocol', 'tcp']) + self.cli_set(dst_path + ['rule', '1', 'translation', 'address', '198.51.100.1']) + self.cli_set(dst_path + ['rule', '1', 'translation', 'port', '22']) + + + self.cli_commit() + + nftables_search = [ + ['set FQDN_nat_destination_1_d'], + ['set FQDN_nat_source_1_s'], + ['oifname "eth0"', 'ip saddr @FQDN_nat_source_1_s', 'masquerade', 'comment "SRC-NAT-1"'], + ['tcp dport 5122', 'ip saddr @FQDN_nat_destination_1_s', 'ip daddr @FQDN_nat_destination_1_d', 'dnat to 198.51.100.1:22', 'comment "DST-NAT-1"'] + ] + + self.verify_nftables(nftables_search, 'ip vyos_nat') if __name__ == '__main__': unittest.main(verbosity=2) |