summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-05-19 21:54:13 +0200
committerChristian Poessinger <christian@poessinger.com>2020-05-19 21:54:53 +0200
commitbc060277ab553a1971054b4990a70c7476cae62f (patch)
tree97eade32d58ede25215e92fd28a1a717359093ce
parent1ea95a96cfbc6709f04b2690d8984f8dabea04eb (diff)
downloadvyos-1x-bc060277ab553a1971054b4990a70c7476cae62f.tar.gz
vyos-1x-bc060277ab553a1971054b4990a70c7476cae62f.zip
nat: do not report unassigned IP address for DNAT
That warning made no sense as the destination address where we forward a port to is by design not locally connected.
-rwxr-xr-xsrc/conf_mode/nat.py9
1 files changed, 5 insertions, 4 deletions
diff --git a/src/conf_mode/nat.py b/src/conf_mode/nat.py
index 406ec1caf..d491395ac 100755
--- a/src/conf_mode/nat.py
+++ b/src/conf_mode/nat.py
@@ -78,10 +78,6 @@ def verify_rule(rule, err_msg):
if not rule['translation_address']:
raise ConfigError(f'{err_msg} translation address not specified')
- else:
- addr = rule['translation_address']
- if addr != 'masquerade' and not is_addr_assigned(addr):
- print(f'Warning: IP address {addr} does not exist on the system!')
def parse_source_destination(conf, source_dest):
@@ -225,6 +221,11 @@ def verify(nat):
if not rule['interface_out']:
raise ConfigError(f'{err_msg} outbound-interface not specified')
+ if rule['translation_address']:
+ addr = rule['translation_address']
+ if addr != 'masquerade' and not is_addr_assigned(addr):
+ print(f'Warning: IP address {addr} does not exist on the system!')
+
# common rule verification
verify_rule(rule, err_msg)