summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/nat.py19
1 files changed, 9 insertions, 10 deletions
diff --git a/src/conf_mode/nat.py b/src/conf_mode/nat.py
index dea833cf1..fa6fe9bb6 100755
--- a/src/conf_mode/nat.py
+++ b/src/conf_mode/nat.py
@@ -125,17 +125,17 @@ def verify_rule(config, err_msg, groups_dict):
if config['protocol'] not in ['tcp', 'udp', 'tcp_udp']:
raise ConfigError('Protocol must be tcp, udp, or tcp_udp when specifying a port-group')
- if 'balance' in config:
+ if 'load_balance' in config:
for item in ['source-port', 'destination-port']:
- if item in config['balance']['hash'] and config['protocol'] not in ['tcp', 'udp']:
+ if item in config['load_balance']['hash'] and config['protocol'] not in ['tcp', 'udp']:
raise ConfigError('Protocol must be tcp or udp when specifying hash ports')
count = 0
- if 'member' in config['balance']:
- for member in config['balance']['member']:
- weight = config['balance']['member'][member]['weight']
+ if 'backend' in config['load_balance']:
+ for member in config['load_balance']['backend']:
+ weight = config['load_balance']['backend'][member]['weight']
count = count + int(weight)
if count != 100:
- Warning(f'Sum of weight for nat balance rule is not 100. You may get unexpected behaviour')
+ Warning(f'Sum of weight for nat load balance rule is not 100. You may get unexpected behaviour')
def get_config(config=None):
if config:
@@ -210,7 +210,7 @@ def verify(nat):
Warning(f'rule "{rule}" interface "{config["outbound_interface"]}" does not exist on this system')
if not dict_search('translation.address', config) and not dict_search('translation.port', config):
- if 'exclude' not in config and 'member' not in config['balance']:
+ if 'exclude' not in config and 'backend' not in config['load_balance']:
raise ConfigError(f'{err_msg} translation requires address and/or port')
addr = dict_search('translation.address', config)
@@ -222,7 +222,6 @@ def verify(nat):
# common rule verification
verify_rule(config, err_msg, nat['firewall_group'])
-
if dict_search('destination.rule', nat):
for rule, config in dict_search('destination.rule', nat).items():
err_msg = f'Destination NAT configuration error in rule {rule}:'
@@ -233,8 +232,8 @@ def verify(nat):
elif config['inbound_interface'] not in 'any' and config['inbound_interface'] not in interfaces():
Warning(f'rule "{rule}" interface "{config["inbound_interface"]}" does not exist on this system')
- if not dict_search('translation.address', config) and not dict_search('translation.port', config):
- if 'exclude' not in config and 'member' not in config['balance']:
+ if not dict_search('translation.address', config) and not dict_search('translation.port', config) and not dict_search('translation.redirect.port', config):
+ if 'exclude' not in config and 'backend' not in config['load_balance']:
raise ConfigError(f'{err_msg} translation requires address and/or port')
# common rule verification