diff options
Diffstat (limited to 'src')
| -rwxr-xr-x | src/conf_mode/nat.py | 18 | 
1 files changed, 13 insertions, 5 deletions
| diff --git a/src/conf_mode/nat.py b/src/conf_mode/nat.py index 4cd9b570d..f74bb217e 100755 --- a/src/conf_mode/nat.py +++ b/src/conf_mode/nat.py @@ -17,7 +17,6 @@  import os  from sys import exit -from netifaces import interfaces  from vyos.base import Warning  from vyos.config import Config @@ -30,6 +29,7 @@ from vyos.utils.dict import dict_search_args  from vyos.utils.process import cmd  from vyos.utils.process import run  from vyos.utils.network import is_addr_assigned +from vyos.utils.network import interface_exists  from vyos import ConfigError  from vyos import airbag @@ -149,8 +149,12 @@ def verify(nat):                  if 'name' in config['outbound_interface'] and 'group' in config['outbound_interface']:                      raise ConfigError(f'{err_msg} cannot specify both interface group and interface name for nat source rule "{rule}"')                  elif 'name' in config['outbound_interface']: -                    if config['outbound_interface']['name'] not in 'any' and config['outbound_interface']['name'] not in interfaces(): -                        Warning(f'NAT interface "{config["outbound_interface"]["name"]}" for source NAT rule "{rule}" does not exist!') +                    interface_name = config['outbound_interface']['name'] +                    if interface_name not in 'any': +                        if interface_name.startswith('!'): +                            interface_name = interface_name[1:] +                        if not interface_exists(interface_name): +                            Warning(f'Interface "{interface_name}" for source NAT rule "{rule}" does not exist!')                  else:                      group_name = config['outbound_interface']['group']                      if group_name[0] == '!': @@ -182,8 +186,12 @@ def verify(nat):                  if 'name' in config['inbound_interface'] and 'group' in config['inbound_interface']:                      raise ConfigError(f'{err_msg} cannot specify both interface group and interface name for destination nat rule "{rule}"')                  elif 'name' in config['inbound_interface']: -                    if config['inbound_interface']['name'] not in 'any' and config['inbound_interface']['name'] not in interfaces(): -                        Warning(f'NAT interface "{config["inbound_interface"]["name"]}" for destination NAT rule "{rule}" does not exist!') +                    interface_name = config['inbound_interface']['name'] +                    if interface_name not in 'any': +                        if interface_name.startswith('!'): +                            interface_name = interface_name[1:] +                        if not interface_exists(interface_name): +                            Warning(f'Interface "{interface_name}" for destination NAT rule "{rule}" does not exist!')                  else:                      group_name = config['inbound_interface']['group']                      if group_name[0] == '!': | 
