diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-01-12 23:22:21 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-01-13 19:30:05 +0100 |
| commit | 65f66d73d56006779d4bd698b2ce039374614548 (patch) | |
| tree | a0d66f1c2e6e269cc3bb494b940f51667343c5e4 /smoketest | |
| parent | 0377085171f83b5ca6f4099350eb2e849c496945 (diff) | |
| download | vyos-1x-65f66d73d56006779d4bd698b2ce039374614548.tar.gz vyos-1x-65f66d73d56006779d4bd698b2ce039374614548.zip | |
nat: T3186: fix negated addresses not applied from CLI
(cherry picked from commit 806b1cb6eebce4a11a5d2496b062a93d5899746e)
Diffstat (limited to 'smoketest')
| -rwxr-xr-x | smoketest/scripts/cli/test_nat.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_nat.py b/smoketest/scripts/cli/test_nat.py index b82805661..b5702d691 100755 --- a/smoketest/scripts/cli/test_nat.py +++ b/smoketest/scripts/cli/test_nat.py @@ -155,6 +155,18 @@ class TestNAT(unittest.TestCase): self.session.set(src_path + ['rule', rule, 'translation', 'address', 'masquerade']) self.session.commit() + def test_dnat_negated_addresses(self): + # T3186: negated addresses are not accepted by nftables + rule = '1000' + self.session.set(dst_path + ['rule', rule, 'destination', 'address', '!192.0.2.1']) + self.session.set(dst_path + ['rule', rule, 'destination', 'port', '53']) + self.session.set(dst_path + ['rule', rule, 'inbound-interface', 'eth0']) + self.session.set(dst_path + ['rule', rule, 'protocol', 'tcp_udp']) + self.session.set(dst_path + ['rule', rule, 'source', 'address', '!192.0.2.1']) + self.session.set(dst_path + ['rule', rule, 'translation', 'address', '192.0.2.1']) + self.session.set(dst_path + ['rule', rule, 'translation', 'port', '53']) + self.session.commit() + def test_nat_no_rules(self): # T3206: deleting all rules but keep the direction 'destination' or # 'source' resulteds in KeyError: 'rule'. |