T5159: nat: add option to map network and ports. Feature used for large deployments in cgnat. (#2694)

(cherry picked from commit 3fc76505d0642c32a3eae9c0ce6ab3dd2ec32dbd)
author: Nicolás Fort <95703796+nicolas-fort@users.noreply.github.com> 2024-01-04 12:49:39 -0300
committer: Mergify <37929162+mergify[bot]@users.noreply.github.com> 2024-01-04 17:46:12 +0000
commit: 76109e22d03a18286fc5d4b2b5ed879030f9222c (patch)
tree: 994eeb7b4d05c51abb0850475190fc6eb04e0670 /python
parent: 4f34e19e062e1609a48b62311c51cdf1b5acc084 (diff)
download: vyos-1x-76109e22d03a18286fc5d4b2b5ed879030f9222c.tar.gz
vyos-1x-76109e22d03a18286fc5d4b2b5ed879030f9222c.zip
1 files changed, 8 insertions, 2 deletions
diff --git a/python/vyos/nat.py b/python/vyos/nat.py
index 392d38772..7215aac88 100644
--- a/python/vyos/nat.py
+++ b/python/vyos/nat.py
@@ -89,7 +89,10 @@ def parse_nat_rule(rule_conf, rule_id, nat_type, ipv6=False):
             if addr and is_ip_network(addr):
                 if not ipv6:
                     map_addr =  dict_search_args(rule_conf, nat_type, 'address')
-                    translation_output.append(f'{ip_prefix} prefix to {ip_prefix} {translation_prefix}addr map {{ {map_addr} : {addr} }}')
+                    if port:
+                        translation_output.append(f'{ip_prefix} prefix to {ip_prefix} {translation_prefix}addr map {{ {map_addr} : {addr} . {port} }}')
+                    else:
+                        translation_output.append(f'{ip_prefix} prefix to {ip_prefix} {translation_prefix}addr map {{ {map_addr} : {addr} }}')
                     ignore_type_addr = True
                 else:
                     translation_output.append(f'prefix to {addr}')
@@ -112,7 +115,10 @@ def parse_nat_rule(rule_conf, rule_id, nat_type, ipv6=False):
         if port_mapping and port_mapping != 'none':
             options.append(port_mapping)
 
-        translation_str = " ".join(translation_output) + (f':{port}' if port else '')
+        if ((not addr) or (addr and not is_ip_network(addr))) and port:
+            translation_str = " ".join(translation_output) + (f':{port}')
+        else:
+            translation_str = " ".join(translation_output)
 
         if options:
             translation_str += f' {",".join(options)}'
author	Nicolás Fort <95703796+nicolas-fort@users.noreply.github.com>	2024-01-04 12:49:39 -0300
committer	Mergify <37929162+mergify[bot]@users.noreply.github.com>	2024-01-04 17:46:12 +0000
commit	76109e22d03a18286fc5d4b2b5ed879030f9222c (patch)
tree	994eeb7b4d05c51abb0850475190fc6eb04e0670 /python
parent	4f34e19e062e1609a48b62311c51cdf1b5acc084 (diff)
download	vyos-1x-76109e22d03a18286fc5d4b2b5ed879030f9222c.tar.gz vyos-1x-76109e22d03a18286fc5d4b2b5ed879030f9222c.zip