diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-01-12 23:22:21 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-01-12 23:22:21 +0100 |
| commit | 806b1cb6eebce4a11a5d2496b062a93d5899746e (patch) | |
| tree | 6caa12158875a35d339d4e8bf2b5d3e8daca1e2f /smoketest/scripts/cli/test_nat.py | |
| parent | 6dadc1900d29788035a3bce5bb42eaf499ca2a83 (diff) | |
| download | vyos-1x-806b1cb6eebce4a11a5d2496b062a93d5899746e.tar.gz vyos-1x-806b1cb6eebce4a11a5d2496b062a93d5899746e.zip | |
nat: T3186: fix negated addresses not applied from CLI
Diffstat (limited to 'smoketest/scripts/cli/test_nat.py')
| -rwxr-xr-x | smoketest/scripts/cli/test_nat.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_nat.py b/smoketest/scripts/cli/test_nat.py index b82805661..b5702d691 100755 --- a/smoketest/scripts/cli/test_nat.py +++ b/smoketest/scripts/cli/test_nat.py @@ -155,6 +155,18 @@ class TestNAT(unittest.TestCase): self.session.set(src_path + ['rule', rule, 'translation', 'address', 'masquerade']) self.session.commit() + def test_dnat_negated_addresses(self): + # T3186: negated addresses are not accepted by nftables + rule = '1000' + self.session.set(dst_path + ['rule', rule, 'destination', 'address', '!192.0.2.1']) + self.session.set(dst_path + ['rule', rule, 'destination', 'port', '53']) + self.session.set(dst_path + ['rule', rule, 'inbound-interface', 'eth0']) + self.session.set(dst_path + ['rule', rule, 'protocol', 'tcp_udp']) + self.session.set(dst_path + ['rule', rule, 'source', 'address', '!192.0.2.1']) + self.session.set(dst_path + ['rule', rule, 'translation', 'address', '192.0.2.1']) + self.session.set(dst_path + ['rule', rule, 'translation', 'port', '53']) + self.session.commit() + def test_nat_no_rules(self): # T3206: deleting all rules but keep the direction 'destination' or # 'source' resulteds in KeyError: 'rule'. |