From b7825f1f2b9b3ff7d25e8e072d60db7b70fa250a Mon Sep 17 00:00:00 2001
From: Nicolas Fort <nicolasfort1988@gmail.com>
Date: Fri, 28 Jul 2023 20:29:01 +0000
Subject: T5014: nat: add source and destination nat options for configuring
 load balance within a single rule.

---
 .../firewall/firewall-hashing-parameters.xml.i     | 35 ++++++++++++++++++++++
 .../include/firewall/nat-balance.xml.i             | 28 +++++++++++++++++
 interface-definitions/include/nat-rule.xml.i       |  9 ++++++
 3 files changed, 72 insertions(+)
 create mode 100644 interface-definitions/include/firewall/firewall-hashing-parameters.xml.i
 create mode 100644 interface-definitions/include/firewall/nat-balance.xml.i

(limited to 'interface-definitions/include')

diff --git a/interface-definitions/include/firewall/firewall-hashing-parameters.xml.i b/interface-definitions/include/firewall/firewall-hashing-parameters.xml.i
new file mode 100644
index 000000000..7f34de3ba
--- /dev/null
+++ b/interface-definitions/include/firewall/firewall-hashing-parameters.xml.i
@@ -0,0 +1,35 @@
+<!-- include start from firewall/firewall-hashing-parameters.xml.i -->
+<leafNode name="hash">
+  <properties>
+    <help>Define the parameters of the packet header to apply the hashing</help>
+    <completionHelp>
+      <list>source-address destination-address source-port destination-port random</list>
+    </completionHelp>
+    <valueHelp>
+      <format>source-address</format>
+      <description>Use source IP address for hashing</description>
+    </valueHelp>
+    <valueHelp>
+      <format>destination-address</format>
+      <description>Use destination IP address for hashing</description>
+    </valueHelp>
+    <valueHelp>
+      <format>source-port</format>
+      <description>Use source port for hashing</description>
+    </valueHelp>
+    <valueHelp>
+      <format>destination-port</format>
+      <description>Use destination port for hashing</description>
+    </valueHelp>
+    <valueHelp>
+      <format>random</format>
+      <description>Do not use information from ip header. Use random value.</description>
+    </valueHelp>
+    <constraint>
+      <regex>(source-address|destination-address|source-port|destination-port|random)</regex>
+    </constraint>
+    <multi/>
+  </properties>
+  <defaultValue>random</defaultValue>
+</leafNode>
+<!-- include end -->
\ No newline at end of file
diff --git a/interface-definitions/include/firewall/nat-balance.xml.i b/interface-definitions/include/firewall/nat-balance.xml.i
new file mode 100644
index 000000000..ac60a2545
--- /dev/null
+++ b/interface-definitions/include/firewall/nat-balance.xml.i
@@ -0,0 +1,28 @@
+<!-- include start from firewall/nat-balance.xml.i -->
+<tagNode name="member">
+  <properties>
+    <help>Translated IP address</help>
+    <valueHelp>
+      <format>ipv4</format>
+      <description>IPv4 address to match</description>
+    </valueHelp>
+    <constraint>
+      <validator name="ipv4-address"/>
+    </constraint>
+  </properties>
+  <children>
+    <leafNode name="weight">
+      <properties>
+        <help>Set probability for this output value</help>
+        <valueHelp>
+          <format>u32:1-100</format>
+          <description>Set probability for this output value</description>
+        </valueHelp>
+        <constraint>
+          <validator name="numeric" argument="--allow-range --range 1-100"/>
+        </constraint>
+      </properties>
+    </leafNode>
+  </children>
+</tagNode>
+<!-- include end -->
\ No newline at end of file
diff --git a/interface-definitions/include/nat-rule.xml.i b/interface-definitions/include/nat-rule.xml.i
index 7b3b8804e..fa7625c7d 100644
--- a/interface-definitions/include/nat-rule.xml.i
+++ b/interface-definitions/include/nat-rule.xml.i
@@ -25,6 +25,15 @@
     </node>
     #include <include/generic-disable-node.xml.i>
     #include <include/nat-exclude.xml.i>
+    <node name="balance">
+      <properties>
+        <help>Apply NAT balance</help>
+      </properties>
+      <children>
+        #include <include/firewall/firewall-hashing-parameters.xml.i>
+        #include <include/firewall/nat-balance.xml.i>
+      </children>
+    </node>
     <leafNode name="log">
       <properties>
         <help>NAT rule logging</help>
-- 
cgit v1.2.3