nptv6: T2518: Support masquerade and cancel new migrators

4 files changed, 15 insertions, 56 deletions

diff --git a/data/templates/firewall/nftables-nat66.tmpl b/data/templates/firewall/nftables-nat66.tmpl
index 9f5d49ba7..cdaeaad6a 100644
--- a/data/templates/firewall/nftables-nat66.tmpl
+++ b/data/templates/firewall/nftables-nat66.tmpl
@@ -13,14 +13,20 @@
 {%     endif %}
 {%     set trns_address = dnat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none  %}
 {%   elif chain == "POSTROUTING" %}
-{%     if config.translation.address | is_ip_network %}
-{#       support 1:1 network translation #}
-{%       set snat_type = "snat prefix to " %}
-{%     else   %}
-{%       set snat_type = "snat to " %}
-{%     endif %}
+{%     if config.translation is defined and config.translation.address is defined and config.translation.address is not none  %}
+{%         if config.translation.address == 'masquerade' %}
+{%             set trns_address = config.translation.address %}
+{%         else   %}
+{%             if config.translation.address | is_ip_network %}
+{#                 support 1:1 network translation #}
+{%                 set snat_type = "snat prefix to " %}
+{%             else   %}
+{%                 set snat_type = "snat to " %}
+{%             endif %}
+{%             set trns_address = snat_type + config.translation.address %}
+{%         endif %}
+{%     endif   %}
 {%     set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined else '' %}
-{%     set trns_address = snat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %}
 {%   endif %}
 {%   set comment   = "NPT-NAT-" + rule %}
 {%   if rule.log %}
diff --git a/smoketest/scripts/cli/test_nat66.py b/smoketest/scripts/cli/test_nat66.py
index d2cb60025..4838fb8d8 100755
--- a/smoketest/scripts/cli/test_nat66.py
+++ b/smoketest/scripts/cli/test_nat66.py
@@ -157,7 +157,6 @@ class TestNAT66(unittest.TestCase):
         # T2813: Ensure translation address is specified
         rule = '5'
         source_prefix = 'fc00::/64'
-        translation_prefix = 'fc00:2::/64'
         self.session.set(src_path + ['rule', rule, 'source', 'prefix', source_prefix])
 
         # check validate() - outbound-interface must be defined
@@ -169,7 +168,7 @@ class TestNAT66(unittest.TestCase):
         with self.assertRaises(ConfigSessionError):
             self.session.commit()
 
-        self.session.set(src_path + ['rule', rule, 'translation', 'address', translation_prefix])
+        self.session.set(src_path + ['rule', rule, 'translation', 'address', 'masquerade'])
         self.session.commit()
 
     def test_nat66_no_rules(self):
diff --git a/src/migration-scripts/nat66/0-to-1 b/src/migration-scripts/nat66/0-to-1
index 74d64c07b..83b421926 100755
--- a/src/migration-scripts/nat66/0-to-1
+++ b/src/migration-scripts/nat66/0-to-1
@@ -49,7 +49,7 @@ def merge_npt(config,base,rule):
 
     if config.exists(base + ['translation','prefix']):
         tmp = config.return_value(base + ['translation','prefix'])
-        config.set(merge_base + ['translation','prefix'],value=tmp)
+        config.set(merge_base + ['translation','address'],value=tmp)
 
 if not config.exists(['nat', 'nptv6']):
     # Nothing to do
diff --git a/src/migration-scripts/nat66/1-to-2 b/src/migration-scripts/nat66/1-to-2
deleted file mode 100755
index 9c3998ec1..000000000
--- a/src/migration-scripts/nat66/1-to-2
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/env python3
-#
-# Copyright (C) 2020 VyOS maintainers and contributors
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version 2 or later as
-# published by the Free Software Foundation.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-from sys import argv,exit
-from vyos.configtree import ConfigTree
-
-if (len(argv) < 1):
-    print("Must specify file name!")
-    exit(1)
-
-file_name = argv[1]
-
-with open(file_name, 'r') as f:
-    config_file = f.read()
-
-config = ConfigTree(config_file)
-
-base = ['nat66', 'source']
-
-if not config.exists(base):
-    # Nothing to do
-    exit(0)
-
-for rule in config.list_nodes(base + ['rule']):
-    rule_base = base + ['rule', rule]
-    config.rename(rule_base + ['translation', 'prefix'], 'address')
-    
-try:
-    with open(file_name, 'w') as f:
-        f.write(config.to_string())
-except OSError as e:
-    print("Failed to save the modified config: {}".format(e))
-    exit(1)