From 69bcdb9a680b33422d041fd03e70c25094bfa6a2 Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Sat, 13 Aug 2022 00:07:41 +0000
Subject: nat: T538: Add static NAT one-to-one

Ability to set static NAT (one-to-one) in one rule

set nat static rule 10 destination address '203.0.113.0/24'
set nat static rule 10 inbound-interface 'eth0'
set nat static rule 10 translation address '192.0.2.0/24'

It will be enough for PREROUTING and POSTROUTING rules
Use a separate table 'vyos_static_nat' as SRC/DST rules and
STATIC rules can have the same rule number
---
 interface-definitions/nat.xml.in | 53 +++++++++++++++++++++++++++++++++-------
 1 file changed, 44 insertions(+), 9 deletions(-)

(limited to 'interface-definitions/nat.xml.in')

diff --git a/interface-definitions/nat.xml.in b/interface-definitions/nat.xml.in
index 9295b631f..501ff05d3 100644
--- a/interface-definitions/nat.xml.in
+++ b/interface-definitions/nat.xml.in
@@ -14,15 +14,7 @@
           #include <include/nat-rule.xml.i>
           <tagNode name="rule">
             <children>
-              <leafNode name="inbound-interface">
-                <properties>
-                  <help>Inbound interface of NAT traffic</help>
-                  <completionHelp>
-                    <list>any</list>
-                    <script>${vyos_completion_dir}/list_interfaces.py</script>
-                  </completionHelp>
-                </properties>
-              </leafNode>
+              #include <include/inbound-interface.xml.i>
               <node name="translation">
                 <properties>
                   <help>Inside NAT IP (destination NAT only)</help>
@@ -65,6 +57,17 @@
         <children>
           #include <include/nat-rule.xml.i>
           <tagNode name="rule">
+            <properties>
+              <help>Rule number for NAT</help>
+              <valueHelp>
+                <format>u32:1-999999</format>
+                <description>Number of NAT rule</description>
+              </valueHelp>
+              <constraint>
+                <validator name="numeric" argument="--range 1-999999"/>
+              </constraint>
+              <constraintErrorMessage>NAT rule number must be between 1 and 999999</constraintErrorMessage>
+            </properties>
             <children>
               #include <include/nat-interface.xml.i>
               <node name="translation">
@@ -110,6 +113,38 @@
           </tagNode>
         </children>
       </node>
+      <node name="static">
+        <properties>
+          <help>Static NAT (one-to-one)</help>
+        </properties>
+        <children>
+          <tagNode name="rule">
+            <properties>
+              <help>Rule number for NAT</help>
+            </properties>
+            <children>
+              #include <include/generic-description.xml.i>
+              <node name="destination">
+                <properties>
+                  <help>NAT destination parameters</help>
+                </properties>
+                <children>
+                  #include <include/ipv4-address-prefix.xml.i>
+                </children>
+              </node>
+              #include <include/inbound-interface.xml.i>
+              <node name="translation">
+                <properties>
+                  <help>Translation address or prefix</help>
+                </properties>
+                <children>
+                  #include <include/ipv4-address-prefix.xml.i>
+                </children>
+              </node>
+            </children>
+          </tagNode>
+        </children>
+      </node>
     </children>
   </node>
 </interfaceDefinition>
-- 
cgit v1.2.3