summaryrefslogtreecommitdiff
path: root/src/op_mode/show_nat_rules.py
diff options
context:
space:
mode:
authorKim <kim.sidney@gmail.com>2021-10-07 16:52:56 +0200
committerGitHub <noreply@github.com>2021-10-07 16:52:56 +0200
commit2274dbf9047493a00a6f30346b38dacd8cfcf965 (patch)
treef431f5f6f1b2770c98ed9047e1cec9209e536366 /src/op_mode/show_nat_rules.py
parent2acfffab8b98238e7d869673a858a4ae21651f0b (diff)
parentadc7ef387d40e92bd7163ee6b401e99e554394a3 (diff)
downloadvyos-1x-2274dbf9047493a00a6f30346b38dacd8cfcf965.tar.gz
vyos-1x-2274dbf9047493a00a6f30346b38dacd8cfcf965.zip
Merge branch 'current' into 2fa
Diffstat (limited to 'src/op_mode/show_nat_rules.py')
-rwxr-xr-xsrc/op_mode/show_nat_rules.py84
1 files changed, 46 insertions, 38 deletions
diff --git a/src/op_mode/show_nat_rules.py b/src/op_mode/show_nat_rules.py
index 0f40ecabe..d68def26a 100755
--- a/src/op_mode/show_nat_rules.py
+++ b/src/op_mode/show_nat_rules.py
@@ -67,46 +67,54 @@ if args.source or args.destination:
continue
interface = dict_search('match.right', data['expr'][0])
srcdest = ''
- for i in [1, 2]:
- srcdest_json = dict_search('match.right', data['expr'][i])
- if not srcdest_json:
- continue
-
- if isinstance(srcdest_json,str):
- srcdest += srcdest_json + ' '
- elif 'prefix' in srcdest_json:
- addr_tmp = dict_search('match.right.prefix.addr', data['expr'][i])
- len_tmp = dict_search('match.right.prefix.len', data['expr'][i])
- if addr_tmp and len_tmp:
- srcdest = addr_tmp + '/' + str(len_tmp) + ' '
- elif 'set' in srcdest_json:
- if isinstance(srcdest_json['set'][0],str):
- srcdest += 'port ' + str(srcdest_json['set'][0]) + ' '
- else:
- port_range = srcdest_json['set'][0]['range']
- srcdest += 'port ' + str(port_range[0]) + '-' + str(port_range[1]) + ' '
-
+ srcdests = []
tran_addr = ''
- tran_addr_json = dict_search('snat.addr' if args.source else 'dnat.addr', data['expr'][3])
- if tran_addr_json:
- if isinstance(tran_addr_json,str):
- tran_addr = tran_addr_json
- elif 'prefix' in tran_addr_json:
- addr_tmp = dict_search('snat.addr.prefix.addr' if args.source else 'dnat.addr.prefix.addr', data['expr'][3])
- len_tmp = dict_search('snat.addr.prefix.len' if args.source else 'dnat.addr.prefix.len', data['expr'][3])
- if addr_tmp and len_tmp:
- tran_addr = addr_tmp + '/' + str(len_tmp)
- else:
- if 'masquerade' in data['expr'][3]:
- tran_addr = 'masquerade'
- elif 'log' in data['expr'][3]:
- continue
-
- tran_port = dict_search('snat.port' if args.source else 'dnat.port', data['expr'][3])
- if tran_port:
- tran_addr += ' port ' + str(tran_port)
+ for i in range(1,len(data['expr']) ):
+ srcdest_json = dict_search('match.right', data['expr'][i])
+ if srcdest_json:
+ if isinstance(srcdest_json,str):
+ if srcdest != '':
+ srcdests.append(srcdest)
+ srcdest = ''
+ srcdest = srcdest_json + ' '
+ elif 'prefix' in srcdest_json:
+ addr_tmp = dict_search('match.right.prefix.addr', data['expr'][i])
+ len_tmp = dict_search('match.right.prefix.len', data['expr'][i])
+ if addr_tmp and len_tmp:
+ srcdest = addr_tmp + '/' + str(len_tmp) + ' '
+ elif 'set' in srcdest_json:
+ if isinstance(srcdest_json['set'][0],int):
+ srcdest += 'port ' + str(srcdest_json['set'][0]) + ' '
+ else:
+ port_range = srcdest_json['set'][0]['range']
+ srcdest += 'port ' + str(port_range[0]) + '-' + str(port_range[1]) + ' '
+
+ tran_addr_json = dict_search('snat' if args.source else 'dnat', data['expr'][i])
+ if tran_addr_json:
+ if isinstance(tran_addr_json['addr'],str):
+ tran_addr += tran_addr_json['addr'] + ' '
+ elif 'prefix' in tran_addr_json['addr']:
+ addr_tmp = dict_search('snat.addr.prefix.addr' if args.source else 'dnat.addr.prefix.addr', data['expr'][3])
+ len_tmp = dict_search('snat.addr.prefix.len' if args.source else 'dnat.addr.prefix.len', data['expr'][3])
+ if addr_tmp and len_tmp:
+ tran_addr += addr_tmp + '/' + str(len_tmp) + ' '
+
+ if isinstance(tran_addr_json['port'],int):
+ tran_addr += 'port ' + tran_addr_json['port']
+
+ else:
+ if 'masquerade' in data['expr'][i]:
+ tran_addr = 'masquerade'
+ elif 'log' in data['expr'][i]:
+ continue
- print(format_nat_rule.format(rule, srcdest, tran_addr, interface))
+ if srcdest != '':
+ srcdests.append(srcdest)
+ srcdest = ''
+ print(format_nat_rule.format(rule, srcdests[0], tran_addr, interface))
+
+ for i in range(1, len(srcdests)):
+ print(format_nat_rule.format(' ', srcdests[i], ' ', ' '))
exit(0)
else: