Age | Commit message (Collapse) | Author |
|
|
|
>=5.0
random - In kernel 5.0 and newer this is the same as fully-random. In earlier
kernels the port mapping will be randomized using a seeded MD5 hash mix using
source and destination address and destination port.
https://git.netfilter.org/nftables/commit/?id=fbe27464dee4588d906492749251454
|
|
Added NAT migration from IP/Netmask to Network/Netmask.
In 1.3 allowed using IP/Netmask in Nat rules.
In 1.4 and 1.5 it is prohibited. Allowed Network/Netmask.
|
|
The current migration drop interface name for NAT where not should
```
nat {
source {
rule 100 {
outbound-interface {
name "eth0"
...
}
}
}
```
After migration we lost interface:
/home/vyos# /opt/vyatta/etc/config-migrate/migrate/nat/5-to-6 tmp.conf
/home/vyos#
/home/vyos# cat tmp.conf | grep "nat {" -A 10
nat {
source {
rule 100 {
outbound-interface {
interface-name ""
...
}
}
}
```
This commit fixes it.
|
|
was set to <any>.
|
|
(valid for interfaces and groups) in firewal, nat and nat66.
|
|
interface-name|interface-group as in firewall.
|
|
The script's name is always provided as the first argument sys.argv[0]
Expected length for argv is 2 (script itself + config file)
Change: 'if (len(argv) < 1)' to 'if len(argv) < 2'
|
|
|
|
|