diff options
| author | Nicolas Fort <nicolasfort1988@gmail.com> | 2022-11-19 15:46:31 +0000 |
|---|---|---|
| committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2022-11-19 19:32:46 +0000 |
| commit | ad27ccbe68bd0f926259c18e51d85e40bb72eb7b (patch) | |
| tree | 7ed9f7e005be6e61f04655b67022207f7cd21424 | |
| parent | 0cec72de1716e5dcad5074be8c5de03464577364 (diff) | |
| download | vyos-1x-ad27ccbe68bd0f926259c18e51d85e40bb72eb7b.tar.gz vyos-1x-ad27ccbe68bd0f926259c18e51d85e40bb72eb7b.zip | |
T4830: nat66: fix how nat66 rules are written in nftables, so translation works as expected
| -rw-r--r-- | python/vyos/nat.py | 4 | ||||
| -rwxr-xr-x | smoketest/scripts/cli/test_nat66.py | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/python/vyos/nat.py b/python/vyos/nat.py index 3d01829a7..e1dfff541 100644 --- a/python/vyos/nat.py +++ b/python/vyos/nat.py @@ -16,6 +16,8 @@ from vyos.template import is_ip_network from vyos.util import dict_search_args +from vyos.template import bracketize_ipv6 + def parse_nat_rule(rule_conf, rule_id, nat_type, ipv6=False): output = [] @@ -69,6 +71,8 @@ def parse_nat_rule(rule_conf, rule_id, nat_type, ipv6=False): else: translation_output.append('to') if addr: + if ipv6: + addr = bracketize_ipv6(addr) translation_output.append(addr) options = [] diff --git a/smoketest/scripts/cli/test_nat66.py b/smoketest/scripts/cli/test_nat66.py index 6cf7ca0a1..50806b3e8 100755 --- a/smoketest/scripts/cli/test_nat66.py +++ b/smoketest/scripts/cli/test_nat66.py @@ -136,7 +136,7 @@ class TestNAT66(VyOSUnitTestSHIM.TestCase): self.cli_commit() nftables_search = [ - ['iifname "eth1"', 'tcp dport 4545', 'ip6 saddr 2001:db8:2222::/64', 'tcp sport 8080', 'dnat to 2001:db8:1111::1:5555'] + ['iifname "eth1"', 'tcp dport 4545', 'ip6 saddr 2001:db8:2222::/64', 'tcp sport 8080', 'dnat to [2001:db8:1111::1]:5555'] ] self.verify_nftables(nftables_search, 'ip6 vyos_nat') @@ -208,7 +208,7 @@ class TestNAT66(VyOSUnitTestSHIM.TestCase): self.cli_commit() nftables_search = [ - ['oifname "eth1"', 'ip6 saddr 2001:db8:2222::/64', 'tcp dport 9999', 'tcp sport 8080', 'snat to 2001:db8:1111::1:80'] + ['oifname "eth1"', 'ip6 saddr 2001:db8:2222::/64', 'tcp dport 9999', 'tcp sport 8080', 'snat to [2001:db8:1111::1]:80'] ] self.verify_nftables(nftables_search, 'ip6 vyos_nat') |