diff options
| author | Christian Poessinger <christian@poessinger.com> | 2020-05-15 23:01:27 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2020-05-16 18:25:58 +0200 |
| commit | 9cec8471dae531072946daf5dcb74a0a9fe1e86c (patch) | |
| tree | 52d041a00aea99e7b6789fd33a498ed468e3eadd /src/conf_mode/nat.py | |
| parent | f75db67c495c0e9e251bebba46b75e9d085dece0 (diff) | |
| download | vyos-1x-9cec8471dae531072946daf5dcb74a0a9fe1e86c.tar.gz vyos-1x-9cec8471dae531072946daf5dcb74a0a9fe1e86c.zip | |
nat: T2198: sync generated DNAT rules with VyOS 1.2
The generated NAT rules in VyOS 1.2 are compared to the generated nftables
ruleset in VyOS 1.3 this was done by converting the 1.2 iptables ruleset to
nftables and then do the diff. To convert from iptables to nftables use the
following command:
$ iptables-save -t nat > /tmp/tmp.iptables
$ iptables-restore-translate -f /tmp/tmp.iptables
The following CLI options have been used for testing:
set nat destination rule 10 description 'foo-10'
set nat destination rule 10 destination address '1.1.1.1'
set nat destination rule 10 destination port '1111'
set nat destination rule 10 exclude
set nat destination rule 10 inbound-interface 'eth0.202'
set nat destination rule 10 log
set nat destination rule 10 protocol 'tcp_udp'
set nat destination rule 10 translation address '192.0.2.10'
set nat destination rule 15 description 'foo-10'
set nat destination rule 15 destination address '1.1.1.1'
set nat destination rule 15 exclude
set nat destination rule 15 inbound-interface 'eth0.202'
set nat destination rule 15 log
set nat destination rule 15 protocol 'tcp_udp'
set nat destination rule 15 translation address '192.0.2.10'
set nat destination rule 20 description 'foo-20'
set nat destination rule 20 destination address '2.2.2.2'
set nat destination rule 20 inbound-interface 'eth0.201'
set nat destination rule 20 log
set nat destination rule 20 protocol 'tcp'
set nat destination rule 20 translation address '192.0.2.10'
Diffstat (limited to 'src/conf_mode/nat.py')
| -rwxr-xr-x | src/conf_mode/nat.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/conf_mode/nat.py b/src/conf_mode/nat.py index 4d739068f..13edca846 100755 --- a/src/conf_mode/nat.py +++ b/src/conf_mode/nat.py @@ -94,7 +94,7 @@ def parse_source_destination(conf, source_dest): 'description': '', 'dest_address': '', 'dest_port': '', - 'disable': False, + 'disabled': False, 'exclude': False, 'interface_in': '', 'interface_out': '', @@ -118,7 +118,7 @@ def parse_source_destination(conf, source_dest): rule['dest_port'] = conf.return_value(['destination', 'port']) if conf.exists(['disable']): - rule['disable'] = True + rule['disabled'] = True if conf.exists(['exclude']): rule['exclude'] = True |