From 3aad7e75112d6e065d72d79dbdf61902cf19b63f Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Wed, 6 Dec 2023 07:10:46 +0000 Subject: T160: Rebase and fixes for NAT64 - Update the base (rebase) - Move include/nat64-protocol.xml.i => include/nat64/protocol.xml.i - Delete unwanted `write_json`, use `write_file` instead - Remove unnecessary deleting of default values for tagNodes T2665 - Add smoketest Example: ``` set interfaces ethernet eth0 address '192.168.122.14/24' set interfaces ethernet eth0 address '192.168.122.10/24' set interfaces ethernet eth2 address '2001:db8::1/64' set nat64 source rule 100 source prefix '64:ff9b::/96' set nat64 source rule 100 translation pool 10 address '192.168.122.10' set nat64 source rule 100 translation pool 10 port '1-65535' ``` (cherry picked from commit 336bb5a071b59264679be4f4f9bedbdecdbe2834) --- src/conf_mode/nat64.py | 25 ++++--------------------- 1 file changed, 4 insertions(+), 21 deletions(-) (limited to 'src/conf_mode/nat64.py') diff --git a/src/conf_mode/nat64.py b/src/conf_mode/nat64.py index d4df479ac..a8b90fb11 100755 --- a/src/conf_mode/nat64.py +++ b/src/conf_mode/nat64.py @@ -21,6 +21,7 @@ import os import re from ipaddress import IPv6Network +from json import dumps as json_write from vyos import ConfigError from vyos import airbag @@ -28,7 +29,7 @@ from vyos.config import Config from vyos.configdict import dict_merge from vyos.configdict import is_node_changed from vyos.utils.dict import dict_search -from vyos.utils.file import write_json +from vyos.utils.file import write_file from vyos.utils.kernel import check_kmod from vyos.utils.process import cmd from vyos.utils.process import run @@ -40,27 +41,12 @@ JOOL_CONFIG_DIR = "/run/jool" def get_config(config: Config | None = None) -> None: - """ """ if config is None: config = Config() base = ["nat64"] nat64 = config.get_config_dict(base, key_mangling=("-", "_"), get_first_key=True) - # T2665: we must add the tagNode defaults individually until this is - # moved to the base class - for direction in ["source"]: - if direction in nat64: - default_values = defaults(base + [direction, "rule"]) - if "rule" in nat64[direction]: - for rule in nat64[direction]["rule"]: - nat64[direction]["rule"][rule] = dict_merge( - default_values, nat64[direction]["rule"][rule] - ) - - # Only support netfilter for now - nat64[direction]["rule"][rule]["mode"] = "netfilter" - base_src = base + ["source", "rule"] # Load in existing instances so we can destroy any unknown @@ -95,7 +81,6 @@ def get_config(config: Config | None = None) -> None: def verify(nat64) -> None: - """ """ if not nat64: # no need to verify the CLI as nat64 is going to be deactivated return @@ -103,7 +88,7 @@ def verify(nat64) -> None: if dict_search("source.rule", nat64): # Ensure only 1 netfilter instance per namespace nf_rules = filter( - lambda i: "deleted" not in i and i["mode"] == "netfilter", + lambda i: "deleted" not in i and i.get('mode') == "netfilter", nat64["source"]["rule"].values(), ) next(nf_rules, None) # Discard the first element @@ -138,7 +123,6 @@ def verify(nat64) -> None: def generate(nat64) -> None: - """ """ os.makedirs(JOOL_CONFIG_DIR, exist_ok=True) if dict_search("source.rule", nat64): @@ -183,11 +167,10 @@ def generate(nat64) -> None: if pool4: config["pool4"] = pool4 - write_json(f"{JOOL_CONFIG_DIR}/{name}.json", config) + write_file(f'{JOOL_CONFIG_DIR}/{name}.json', json_write(config, indent=2)) def apply(nat64) -> None: - """ """ if not nat64: return -- cgit v1.2.3