Page MenuHomeVyOS Platform
Create Task
Maniphest T1877

Feature Request: Allow NAT to use network and address groups
Closed, ResolvedPublic
Actions

Description

This is one of the things that's bugged me for a while. I want to create an address, or network group of networks and hosts NOT to NAT.

For example:

set nat source rule 10 source address-group nonat
set nat source rule 10 exclude
set nat source rule 11 source network-group nonat
set nat source rule 11 exclude

But for some reason this isn't available 8-(

Details

Version
current
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Feature (new functionality)

Related Objects

Event Timeline

xrobau created this task.Dec 15 2019, 8:53 AM
xrobau created this object in space S1 VyOS Public.
Viacheslav subscribed.Dec 15 2019, 1:26 PM
pasik subscribed.Dec 15 2019, 8:46 PM
jjakob mentioned this in T2198: Rewrite NAT in new XML/Python style.May 1 2020, 11:06 AM
dmbaturin added a project: VyOS 1.3 Equuleus.Jun 18 2020, 10:12 PM
dmbaturin subscribed.

With migration to nftables this is a very real possibiliy.

mpueschel subscribed.Feb 5 2021, 3:43 PM
Viacheslav added a project: VyOS 1.4 Sagitta.Jun 23 2021, 5:06 PM
eronlloyd subscribed.Aug 30 2021, 11:00 AM
erkin set Issue type to Feature (new functionality).Aug 31 2021, 6:06 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Nov 6 2021, 11:24 AM
dmbaturin removed a project: VyOS 1.3 Equuleus (1.3.0).Nov 9 2021, 5:06 AM
Viacheslav mentioned this in T4079: Source/Destination NAT GROUP.Dec 16 2021, 9:04 AM
jmbwell subscribed.Feb 23 2022, 4:33 PM
marvin subscribed.Apr 5 2022, 8:06 PM
sarthurdev changed the task status from Open to In progress.Oct 31 2022, 8:15 PM
sarthurdev claimed this task.
sarthurdev moved this task from Open to In Progress on the VyOS 1.4 Sagitta board.
sarthurdev changed the task status from In progress to Needs testing.Nov 1 2022, 12:48 PM

PR: https://github.com/vyos/vyos-1x/pull/1633

Restricted Repository Identity mentioned this in rVYOSONEX36e54927217d: Merge pull request #1633 from sarthurdev/fqdn.Nov 3 2022, 8:11 PM
sarthurdev mentioned this in rVYOSONEXb4b491d424fb: nat: T1877: T970: Add firewall groups to NAT.Nov 3 2022, 8:11 PM
n.fort closed this task as Resolved.Jul 11 2023, 11:32 AM
sarthurdev mentioned this in rVYOSONEX2c88d01697ee: nat: T1877: Fix typo in nat ConfigError.Sep 6 2023, 6:26 PM