diff options
| author | Igor Melnyk <igor_melnyk@ukr.net> | 2021-06-26 10:48:54 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-06-26 09:48:54 +0200 |
| commit | 166d44b32813c9dd64c3857beaf5eac8382b2d6d (patch) | |
| tree | 3e4b7bd63ada6ff76c40d12e576d8b163e1017d0 /interface-definitions | |
| parent | 3ffe114e8e8916d142b82657bd982122e57d17ed (diff) | |
| download | vyos-1x-166d44b32813c9dd64c3857beaf5eac8382b2d6d.tar.gz vyos-1x-166d44b32813c9dd64c3857beaf5eac8382b2d6d.zip | |
nat: T1083: add translation options for persistent/random mapping of address and port
Tested using:
set destination rule 100 inbound-interface 'eth0'
set destination rule 100 translation address '19.13.23.42'
set destination rule 100 translation options address-mapping 'random'
set destination rule 100 translation options port-mapping 'none'
set source rule 1000 outbound-interface 'eth0'
set source rule 1000 translation address '122.233.231.12'
set source rule 1000 translation options address-mapping 'persistent'
set source rule 1000 translation options port-mapping 'fully-random'
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/include/nat-translation-options.xml.i | 51 | ||||
| -rw-r--r-- | interface-definitions/nat.xml.in | 2 |
2 files changed, 53 insertions, 0 deletions
diff --git a/interface-definitions/include/nat-translation-options.xml.i b/interface-definitions/include/nat-translation-options.xml.i new file mode 100644 index 000000000..defc8c0d5 --- /dev/null +++ b/interface-definitions/include/nat-translation-options.xml.i @@ -0,0 +1,51 @@ +<!-- include start from nat-translation-options.xml.i --> +<node name="options"> + <properties> + <help>Translation options</help> + </properties> + <children> + <leafNode name="address-mapping"> + <properties> + <help>Address mapping options</help> + <completionHelp> + <list>persistent random</list> + </completionHelp> + <valueHelp> + <format>persistent</format> + <description>Gives a client the same source or destination-address for each connection</description> + </valueHelp> + <valueHelp> + <format>random</format> + <description>Random source or destination address allocation for each connection (defaut)</description> + </valueHelp> + <constraint> + <regex>^(persistent|random)$</regex> + </constraint> + </properties> + </leafNode> + <leafNode name="port-mapping"> + <properties> + <help>Port mapping options</help> + <completionHelp> + <list>random fully-random none</list> + </completionHelp> + <valueHelp> + <format>random</format> + <description>Randomize source port mapping</description> + </valueHelp> + <valueHelp> + <format>fully-random</format> + <description>Full port randomization</description> + </valueHelp> + <valueHelp> + <format>none</format> + <description>Do not apply port randomization (default)</description> + </valueHelp> + <constraint> + <regex>^(random|fully-random|none)$</regex> + </constraint> + </properties> + </leafNode> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/nat.xml.in b/interface-definitions/nat.xml.in index 9862f49b2..3cf3ba6aa 100644 --- a/interface-definitions/nat.xml.in +++ b/interface-definitions/nat.xml.in @@ -50,6 +50,7 @@ </properties> </leafNode> #include <include/nat-translation-port.xml.i> + #include <include/nat-translation-options.xml.i> </children> </node> </children> @@ -101,6 +102,7 @@ </properties> </leafNode> #include <include/nat-translation-port.xml.i> + #include <include/nat-translation-options.xml.i> </children> </node> </children> |