VyOS configuration:
set nat source rule 10 description 'Masquerade to NAT' set nat source rule 10 outbound-interface 'eth0' set nat source rule 10 translation address 'masquerade' set nat source rule 20 destination address '192.0.2.0/24' set nat source rule 20 exclude set nat source rule 20 outbound-interface 'any' set nat source rule 20 protocol 'all' set nat source rule 30 destination address '192.0.2.0/24' set nat source rule 30 outbound-interface 'any' set nat source rule 30 protocol 'tcp' set nat source rule 30 source address '203.0.113.0/24' set nat source rule 30 translation address '100.64.0.5' set nat source rule 40 destination address '192.0.2.85/32' set nat source rule 40 destination port '22001-22005' set nat source rule 40 outbound-interface 'eth0' set nat source rule 40 protocol 'tcp_udp' set nat source rule 40 source port '65001-65005' set nat source rule 40 translation address 'masquerade'
Show statistics:
vyos@r14:~$ show nat source statistics
rule pkts bytes interface
---- ---- ----- ---------
10 79 5956 eth0
20 3 434 {'prefix': {'addr': '192.0.2.0', 'len': 24}}
30 0 0 tcp
40 0 0 eth0
40 0 0 eth0
vyos@r14:~$Unexpected tcp and dict