summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--data/templates/firewall/nftables-nat66.tmpl2
-rw-r--r--interface-definitions/nat66.xml.in1
-rwxr-xr-xsrc/conf_mode/nat66.py2
3 files changed, 3 insertions, 2 deletions
diff --git a/data/templates/firewall/nftables-nat66.tmpl b/data/templates/firewall/nftables-nat66.tmpl
index 1a739cbe2..80150c7a4 100644
--- a/data/templates/firewall/nftables-nat66.tmpl
+++ b/data/templates/firewall/nftables-nat66.tmpl
@@ -15,7 +15,7 @@
{% endif %}
{% set trns_address = dnat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %}
{% elif chain == "POSTROUTING" %}
-{% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined and config.outbound_interface != 'any' else '' %}
+{% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined else '' %}
{% set trns_prefix = "snat prefix to " + config.translation.prefix if config.translation is defined and config.translation.prefix is defined and config.translation.prefix is not none %}
{% endif %}
{% set comment = "NPT-NAT-" + rule %}
diff --git a/interface-definitions/nat66.xml.in b/interface-definitions/nat66.xml.in
index 36b55f658..b56a76b4c 100644
--- a/interface-definitions/nat66.xml.in
+++ b/interface-definitions/nat66.xml.in
@@ -130,6 +130,7 @@
<properties>
<help>Inbound interface of NAT traffic</help>
<completionHelp>
+ <list>any</list>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
diff --git a/src/conf_mode/nat66.py b/src/conf_mode/nat66.py
index 69373c054..a5c74259f 100755
--- a/src/conf_mode/nat66.py
+++ b/src/conf_mode/nat66.py
@@ -117,7 +117,7 @@ def verify(nat):
raise ConfigError(f'{err_msg}\n' \
'outbound-interface not specified')
else:
- if config['outbound_interface'] not in 'any' and config['outbound_interface'] not in interfaces():
+ if config['outbound_interface'] not in interfaces():
print(f'WARNING: rule "{rule}" interface "{config["outbound_interface"]}" does not exist on this system')