diff options
Diffstat (limited to 'data/templates')
-rw-r--r-- | data/templates/firewall/nftables-nat66.tmpl | 17 | ||||
-rw-r--r-- | data/templates/frr/bgp.frr.tmpl | 27 |
2 files changed, 17 insertions, 27 deletions
diff --git a/data/templates/firewall/nftables-nat66.tmpl b/data/templates/firewall/nftables-nat66.tmpl index b1a8f7a16..cdaeaad6a 100644 --- a/data/templates/firewall/nftables-nat66.tmpl +++ b/data/templates/firewall/nftables-nat66.tmpl @@ -13,8 +13,20 @@ {% endif %} {% set trns_address = dnat_type + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} {% elif chain == "POSTROUTING" %} +{% if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} +{% if config.translation.address == 'masquerade' %} +{% set trns_address = config.translation.address %} +{% else %} +{% if config.translation.address | is_ip_network %} +{# support 1:1 network translation #} +{% set snat_type = "snat prefix to " %} +{% else %} +{% set snat_type = "snat to " %} +{% endif %} +{% set trns_address = snat_type + config.translation.address %} +{% endif %} +{% endif %} {% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined else '' %} -{% set trns_prefix = "snat prefix to " + config.translation.prefix if config.translation is defined and config.translation.prefix is defined and config.translation.prefix is not none %} {% endif %} {% set comment = "NPT-NAT-" + rule %} {% if rule.log %} @@ -35,9 +47,6 @@ {% if dest_address %} {% set output = output + " " + dest_address %} {% endif %} -{% if trns_prefix %} -{% set output = output + " " + trns_prefix %} -{% endif %} {% if trns_address %} {% set output = output + " " + trns_address %} {% endif %} diff --git a/data/templates/frr/bgp.frr.tmpl b/data/templates/frr/bgp.frr.tmpl index b7abbff5c..3101de7ea 100644 --- a/data/templates/frr/bgp.frr.tmpl +++ b/data/templates/frr/bgp.frr.tmpl @@ -208,11 +208,11 @@ router bgp {{ asn }} aggregate-address {{ ip }}{{ ' as-set' if afi_config.aggregate_address[ip].as_set is defined }}{{ ' summary-only' if afi_config.aggregate_address[ip].summary_only is defined }} {% endfor %} {% endif %} -{% if afi_config.maximum_paths is defined and afi_config.maximum_paths is not none %} - maximum-paths {{ afi_config.maximum_paths }} +{% if afi_config.maximum_paths is defined and afi_config.maximum_paths.ebgp is defined and afi_config.maximum_paths.ebgp is not none %} + maximum-paths {{ afi_config.maximum_paths.ebgp }} {% endif %} -{% if afi_config.maximum_paths_ibgp is defined and afi_config.maximum_paths_ibgp is not none %} - maximum-paths ibgp {{ afi_config.maximum_paths_ibgp }} +{% if afi_config.maximum_paths is defined and afi_config.maximum_paths.ibgp is defined and afi_config.maximum_paths.ibgp is not none %} + maximum-paths ibgp {{ afi_config.maximum_paths.ibgp }} {% endif %} {% if afi_config.redistribute is defined and afi_config.redistribute is not none %} {% for protocol in afi_config.redistribute %} @@ -287,25 +287,6 @@ router bgp {{ asn }} {% endfor %} {% endif %} ! -{# set protocols bgp xxxx maximum-paths ibgp x, Generated by default for afi_4 #} -{# We don't have this parameter in afi_6. But this is supported in FRR #} -{% if maximum_paths is defined and maximum_paths is not none %} -{% if maximum_paths.ebgp is defined and maximum_paths.ebgp is not none %} - ! - address-family ipv4 unicast - maximum-paths {{ maximum_paths.ebgp }} - exit-address-family - ! -{% endif %} -{% if maximum_paths.ibgp is defined and maximum_paths.ibgp is not none %} - ! - address-family ipv4 unicast - maximum-paths ibgp {{ maximum_paths.ibgp }} - exit-address-family - ! -{% endif %} -{% endif %} - ! {% if peer_group is defined and peer_group is not none %} {% for peer, config in peer_group.items() %} {{ bgp_neighbor(peer, config, true) }} |