diff options
| author | Ryan Zuwala <ryanzuwala@gmail.com> | 2025-04-29 00:53:53 -0400 |
|---|---|---|
| committer | Ryan Zuwala <ryanzuwala@gmail.com> | 2025-04-29 19:31:09 -0400 |
| commit | 43554efc27fcea6703b3b31674a38252434a0f2f (patch) | |
| tree | bb81daf3feb59d3c43846243dc3c1bd5418fca92 /src | |
| parent | e6909ffe8fc474e181e9b711f1b08974e152a0a7 (diff) | |
| download | vyos-1x-43554efc27fcea6703b3b31674a38252434a0f2f.tar.gz vyos-1x-43554efc27fcea6703b3b31674a38252434a0f2f.zip | |
nat66: T7051: add group config node
Add CLI config node for "group" when configuring NAT66 source
Ensure there is only one group in NAT66 source rule config
Add smoketest to cover new group usage in source NAT66 rules
Diffstat (limited to 'src')
| -rwxr-xr-x | src/conf_mode/nat66.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/conf_mode/nat66.py b/src/conf_mode/nat66.py index 95dfae3a5..c65950c9e 100755 --- a/src/conf_mode/nat66.py +++ b/src/conf_mode/nat66.py @@ -92,6 +92,10 @@ def verify(nat): if prefix != None: if not is_ipv6(prefix): raise ConfigError(f'{err_msg} source-prefix not specified') + + if 'destination' in config and 'group' in config['destination']: + if len({'address_group', 'network_group', 'domain_group'} & set(config['destination']['group'])) > 1: + raise ConfigError('Only one address-group, network-group or domain-group can be specified') if dict_search('destination.rule', nat): for rule, config in dict_search('destination.rule', nat).items(): |