diff options
-rw-r--r-- | data/templates/firewall/nftables-nat66.tmpl | 2 | ||||
-rw-r--r-- | interface-definitions/nat66.xml.in | 1 | ||||
-rwxr-xr-x | src/conf_mode/nat66.py | 2 |
3 files changed, 3 insertions, 2 deletions
diff --git a/data/templates/firewall/nftables-nat66.tmpl b/data/templates/firewall/nftables-nat66.tmpl index 1a739cbe2..80150c7a4 100644 --- a/data/templates/firewall/nftables-nat66.tmpl +++ b/data/templates/firewall/nftables-nat66.tmpl @@ -15,7 +15,7 @@ {% endif %} {% set trns_address = dnat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} {% elif chain == "POSTROUTING" %} -{% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined and config.outbound_interface != 'any' else '' %} +{% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined else '' %} {% set trns_prefix = "snat prefix to " + config.translation.prefix if config.translation is defined and config.translation.prefix is defined and config.translation.prefix is not none %} {% endif %} {% set comment = "NPT-NAT-" + rule %} diff --git a/interface-definitions/nat66.xml.in b/interface-definitions/nat66.xml.in index 36b55f658..b56a76b4c 100644 --- a/interface-definitions/nat66.xml.in +++ b/interface-definitions/nat66.xml.in @@ -130,6 +130,7 @@ <properties> <help>Inbound interface of NAT traffic</help> <completionHelp> + <list>any</list> <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> </properties> diff --git a/src/conf_mode/nat66.py b/src/conf_mode/nat66.py index 69373c054..a5c74259f 100755 --- a/src/conf_mode/nat66.py +++ b/src/conf_mode/nat66.py @@ -117,7 +117,7 @@ def verify(nat): raise ConfigError(f'{err_msg}\n' \ 'outbound-interface not specified') else: - if config['outbound_interface'] not in 'any' and config['outbound_interface'] not in interfaces(): + if config['outbound_interface'] not in interfaces(): print(f'WARNING: rule "{rule}" interface "{config["outbound_interface"]}" does not exist on this system') |