T1083: add port and address mapping options

2 files changed, 51 insertions, 1 deletions

diff --git a/lib/Vyatta/DstNatRule.pm b/lib/Vyatta/DstNatRule.pm
index aa419e5..98ebd56 100644
--- a/lib/Vyatta/DstNatRule.pm
+++ b/lib/Vyatta/DstNatRule.pm
@@ -91,6 +91,10 @@ sub setup {
   }
   $self->{_inside_addr}->{_port}
     = $config->returnValue("translation port");
+
+  $self->{_address_mapping} = $config->returnValue("translation options address-mapping");
+  $self->{_port_mapping} = $config->returnValue("translation options port-mapping");
+
   $src->setup("$level source");
   $dst->setup("$level destination");
 
@@ -122,6 +126,9 @@ sub setupOrig {
   }
   $self->{_inside_addr}->{_port}
     = $config->returnOrigValue("translation port");
+
+  $self->{_address_mapping} = $config->returnOrigValue("translation options address-mapping");
+  $self->{_port_mapping} = $config->returnOrigValue("translation options port-mapping");
     
   $src->setupOrig("$level source");
   $dst->setupOrig("$level destination");
@@ -248,7 +255,18 @@ sub rule_str {
          $jump_target = 'NETMAP';
          $jump_param .= " $to_dst";
        } else {
-           $jump_param .= " $to_dst";
+         $jump_param .= " $to_dst";
+
+         my $addr_mapping = $self->{_address_mapping};
+         if(defined($addr_mapping)) {
+           if($addr_mapping eq "persistent") {
+             $jump_param .= " --persistent";
+           } elsif ($addr_mapping eq "random") {
+             # random is the default, do nothing
+           } else {
+             return ('address-mapping must be either "persistent" or "random"', undef);
+           }
+         }
        }
    } else {
      return ("translation address not specified", undef);
diff --git a/lib/Vyatta/SrcNatRule.pm b/lib/Vyatta/SrcNatRule.pm
index dfb6f28..dac868e 100644
--- a/lib/Vyatta/SrcNatRule.pm
+++ b/lib/Vyatta/SrcNatRule.pm
@@ -94,6 +94,9 @@ sub setup {
   $self->{_outside_addr}->{_port}
     = $config->returnValue("translation port");
 
+  $self->{_address_mapping} = $config->returnValue("translation options address-mapping");
+  $self->{_port_mapping} = $config->returnValue("translation options port-mapping");
+
   $src->setup("$level source");
   $dst->setup("$level destination");
 
@@ -129,6 +132,9 @@ sub setupOrig {
   $self->{_outside_addr}->{_port}
     = $config->returnOrigValue("translation port");
 
+  $self->{_address_mapping} = $config->returnOrigValue("translation options address-mapping");
+  $self->{_port_mapping} = $config->returnOrigValue("translation options port-mapping");
+
   $src->setupOrig("$level source");
   $dst->setupOrig("$level destination");
 
@@ -268,13 +274,39 @@ sub rule_str {
     } elsif ($to_src ne '') {
       if (defined($self->{_is_masq})) {
         $jump_param .= " --to-ports $to_src";
+
+        my $port_mapping = $self->{_port_mapping};
+        if(defined($port_mapping)) {
+          if($port_mapping eq "random") {
+            $jump_param .= " --random-fully";
+          } elsif ($port_mapping eq "none") {
+            # none is the deault, do nothing
+          } else {
+            return ('port-mapping must be either "random" or "none"', undef);
+          }
+        }
       } else {
+        if(defined($self->{_port_mapping})) {
+          return ('port-mapping option is only valid for masquerade rules', undef);
+        }
+
         if ($use_netmap) {
          # replace "SNAT" with "NETMAP"
          $jump_target = 'NETMAP';
          $jump_param .= " --to $to_src";
         } else {
            $jump_param .= " --to-source $to_src";
+
+           my $addr_mapping = $self->{_address_mapping};
+           if(defined($addr_mapping)) {
+             if($addr_mapping eq "persistent") {
+               $jump_param .= " --persistent";
+             } elsif ($addr_mapping eq "random") {
+               # random is the default, do nothing
+             } else {
+               return ('address-mapping must be either "persistent" or "random"', undef);
+             }
+           }
         }
       }
     } elsif (!defined($self->{_is_masq})) {