diff options
| author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-08-13 00:07:41 +0000 |
|---|---|---|
| committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-08-17 10:53:26 +0000 |
| commit | 69bcdb9a680b33422d041fd03e70c25094bfa6a2 (patch) | |
| tree | 845bd5bce027e72fd9dfba8f713c1e799bbdf9de /interface-definitions/nat.xml.in | |
| parent | 466e3b192d15563bc21fc308fa7916eb5aae8664 (diff) | |
| download | vyos-1x-69bcdb9a680b33422d041fd03e70c25094bfa6a2.tar.gz vyos-1x-69bcdb9a680b33422d041fd03e70c25094bfa6a2.zip | |
nat: T538: Add static NAT one-to-one
Ability to set static NAT (one-to-one) in one rule
set nat static rule 10 destination address '203.0.113.0/24'
set nat static rule 10 inbound-interface 'eth0'
set nat static rule 10 translation address '192.0.2.0/24'
It will be enough for PREROUTING and POSTROUTING rules
Use a separate table 'vyos_static_nat' as SRC/DST rules and
STATIC rules can have the same rule number
Diffstat (limited to 'interface-definitions/nat.xml.in')
| -rw-r--r-- | interface-definitions/nat.xml.in | 53 |
1 files changed, 44 insertions, 9 deletions
diff --git a/interface-definitions/nat.xml.in b/interface-definitions/nat.xml.in index 9295b631f..501ff05d3 100644 --- a/interface-definitions/nat.xml.in +++ b/interface-definitions/nat.xml.in @@ -14,15 +14,7 @@ #include <include/nat-rule.xml.i> <tagNode name="rule"> <children> - <leafNode name="inbound-interface"> - <properties> - <help>Inbound interface of NAT traffic</help> - <completionHelp> - <list>any</list> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - </properties> - </leafNode> + #include <include/inbound-interface.xml.i> <node name="translation"> <properties> <help>Inside NAT IP (destination NAT only)</help> @@ -65,6 +57,17 @@ <children> #include <include/nat-rule.xml.i> <tagNode name="rule"> + <properties> + <help>Rule number for NAT</help> + <valueHelp> + <format>u32:1-999999</format> + <description>Number of NAT rule</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-999999"/> + </constraint> + <constraintErrorMessage>NAT rule number must be between 1 and 999999</constraintErrorMessage> + </properties> <children> #include <include/nat-interface.xml.i> <node name="translation"> @@ -110,6 +113,38 @@ </tagNode> </children> </node> + <node name="static"> + <properties> + <help>Static NAT (one-to-one)</help> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Rule number for NAT</help> + </properties> + <children> + #include <include/generic-description.xml.i> + <node name="destination"> + <properties> + <help>NAT destination parameters</help> + </properties> + <children> + #include <include/ipv4-address-prefix.xml.i> + </children> + </node> + #include <include/inbound-interface.xml.i> + <node name="translation"> + <properties> + <help>Translation address or prefix</help> + </properties> + <children> + #include <include/ipv4-address-prefix.xml.i> + </children> + </node> + </children> + </tagNode> + </children> + </node> </children> </node> </interfaceDefinition> |