diff options
| author | Christian Poessinger <christian@poessinger.com> | 2020-05-19 21:54:13 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2020-05-19 21:54:53 +0200 |
| commit | bc060277ab553a1971054b4990a70c7476cae62f (patch) | |
| tree | 97eade32d58ede25215e92fd28a1a717359093ce | |
| parent | 1ea95a96cfbc6709f04b2690d8984f8dabea04eb (diff) | |
| download | vyos-1x-bc060277ab553a1971054b4990a70c7476cae62f.tar.gz vyos-1x-bc060277ab553a1971054b4990a70c7476cae62f.zip | |
nat: do not report unassigned IP address for DNAT
That warning made no sense as the destination address where we forward a port
to is by design not locally connected.
| -rwxr-xr-x | src/conf_mode/nat.py | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/src/conf_mode/nat.py b/src/conf_mode/nat.py index 406ec1caf..d491395ac 100755 --- a/src/conf_mode/nat.py +++ b/src/conf_mode/nat.py @@ -78,10 +78,6 @@ def verify_rule(rule, err_msg): if not rule['translation_address']: raise ConfigError(f'{err_msg} translation address not specified') - else: - addr = rule['translation_address'] - if addr != 'masquerade' and not is_addr_assigned(addr): - print(f'Warning: IP address {addr} does not exist on the system!') def parse_source_destination(conf, source_dest): @@ -225,6 +221,11 @@ def verify(nat): if not rule['interface_out']: raise ConfigError(f'{err_msg} outbound-interface not specified') + if rule['translation_address']: + addr = rule['translation_address'] + if addr != 'masquerade' and not is_addr_assigned(addr): + print(f'Warning: IP address {addr} does not exist on the system!') + # common rule verification verify_rule(rule, err_msg) |