From 69bcdb9a680b33422d041fd03e70c25094bfa6a2 Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Sat, 13 Aug 2022 00:07:41 +0000 Subject: nat: T538: Add static NAT one-to-one Ability to set static NAT (one-to-one) in one rule set nat static rule 10 destination address '203.0.113.0/24' set nat static rule 10 inbound-interface 'eth0' set nat static rule 10 translation address '192.0.2.0/24' It will be enough for PREROUTING and POSTROUTING rules Use a separate table 'vyos_static_nat' as SRC/DST rules and STATIC rules can have the same rule number --- .../include/inbound-interface.xml.i | 11 +++++ .../include/ipv4-address-prefix.xml.i | 19 ++++++++ interface-definitions/nat.xml.in | 53 ++++++++++++++++++---- 3 files changed, 74 insertions(+), 9 deletions(-) create mode 100644 interface-definitions/include/inbound-interface.xml.i create mode 100644 interface-definitions/include/ipv4-address-prefix.xml.i (limited to 'interface-definitions') diff --git a/interface-definitions/include/inbound-interface.xml.i b/interface-definitions/include/inbound-interface.xml.i new file mode 100644 index 000000000..3289bbf8f --- /dev/null +++ b/interface-definitions/include/inbound-interface.xml.i @@ -0,0 +1,11 @@ + + + + Inbound interface of NAT traffic + + any + + + + + diff --git a/interface-definitions/include/ipv4-address-prefix.xml.i b/interface-definitions/include/ipv4-address-prefix.xml.i new file mode 100644 index 000000000..f5be6f1fe --- /dev/null +++ b/interface-definitions/include/ipv4-address-prefix.xml.i @@ -0,0 +1,19 @@ + + + + IP address, prefix + + ipv4 + IPv4 address to match + + + ipv4net + IPv4 prefix to match + + + + + + + + diff --git a/interface-definitions/nat.xml.in b/interface-definitions/nat.xml.in index 9295b631f..501ff05d3 100644 --- a/interface-definitions/nat.xml.in +++ b/interface-definitions/nat.xml.in @@ -14,15 +14,7 @@ #include - - - Inbound interface of NAT traffic - - any - - - - + #include Inside NAT IP (destination NAT only) @@ -65,6 +57,17 @@ #include + + Rule number for NAT + + u32:1-999999 + Number of NAT rule + + + + + NAT rule number must be between 1 and 999999 + #include @@ -110,6 +113,38 @@ + + + Static NAT (one-to-one) + + + + + Rule number for NAT + + + #include + + + NAT destination parameters + + + #include + + + #include + + + Translation address or prefix + + + #include + + + + + + -- cgit v1.2.3