<?xml version="1.0"?> <interfaceDefinition> <node name="nat" owner="${vyos_conf_scripts_dir}/nat.py"> <properties> <help>Network Address Translation (NAT) parameters</help> <priority>220</priority> </properties> <children> <node name="destination"> <properties> <help>Destination NAT settings</help> </properties> <children> #include <include/nat-rule.xml.i> <tagNode name="rule"> <children> <leafNode name="inbound-interface"> <properties> <help>Inbound interface of NAT traffic</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> </properties> </leafNode> <node name="translation"> <properties> <help>Inside NAT IP (destination NAT only)</help> </properties> <children> <leafNode name="address"> <properties> <help>IP address, subnet, or range</help> <valueHelp> <format>ipv4</format> <description>IPv4 address to match</description> </valueHelp> <valueHelp> <format>ipv4net</format> <description>IPv4 prefix to match</description> </valueHelp> <valueHelp> <format>ipv4range</format> <description>IPv4 address range to match</description> </valueHelp> <constraint> <validator name="ipv4-prefix"/> <validator name="ipv4-address"/> <validator name="ipv4-range"/> </constraint> </properties> </leafNode> #include <include/nat-translation-port.xml.i> </children> </node> </children> </tagNode> </children> </node> <node name="nptv6"> <properties> <help>IPv6-to-IPv6 Network Prefix Translation Settings</help> </properties> <children> <tagNode name="rule"> <properties> <help>NPTv6 rule number</help> <valueHelp> <format>1-999999</format> <description>Number for this rule</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-999999"/> </constraint> <constraintErrorMessage>NAT rule number must be between 1 and 999999</constraintErrorMessage> </properties> <children> <leafNode name="description"> <properties> <help>Rule description</help> </properties> </leafNode> <leafNode name="disable"> <properties> <help>Disable NAT rule</help> <valueless/> </properties> </leafNode> #include <include/nat-interface.xml.i> <node name="source"> <properties> <help>IPv6 source prefix options</help> </properties> <children> <leafNode name="prefix"> <properties> <help>IPv6 prefix to be translated</help> <valueHelp> <format>ipv6net</format> <description>IPv6 prefix</description> </valueHelp> <constraint> <validator name="ipv6-prefix"/> </constraint> </properties> </leafNode> </children> </node> <node name="translation"> <properties> <help>Translated IPv6 prefix options</help> </properties> <children> <leafNode name="prefix"> <properties> <help>IPv6 prefix to translate to</help> <valueHelp> <format>ipv6net</format> <description>IPv6 prefix</description> </valueHelp> <constraint> <validator name="ipv6-prefix"/> </constraint> </properties> </leafNode> </children> </node> </children> </tagNode> </children> </node> <node name="source"> <properties> <help>Source NAT settings</help> </properties> <children> #include <include/nat-rule.xml.i> <tagNode name="rule"> <children> #include <include/nat-interface.xml.i> <node name="translation"> <properties> <help>Outside NAT IP (source NAT only)</help> </properties> <children> <leafNode name="address"> <properties> <help>IP address, subnet, or range</help> <completionHelp> <list>masquerade</list> </completionHelp> <valueHelp> <format>ipv4</format> <description>IPv4 address to match</description> </valueHelp> <valueHelp> <format>ipv4net</format> <description>IPv4 prefix to match</description> </valueHelp> <valueHelp> <format>ipv4range</format> <description>IPv4 address range to match</description> </valueHelp> <valueHelp> <format>masquerade</format> <description>NAT to the primary address of outbound-interface</description> </valueHelp> <constraint> <validator name="ipv4-prefix"/> <validator name="ipv4-address"/> <validator name="ipv4-range"/> <regex>(masquerade)</regex> </constraint> </properties> </leafNode> #include <include/nat-translation-port.xml.i> </children> </node> </children> </tagNode> </children> </node> </children> </node> </interfaceDefinition>