I really need proper hairpin NATting so that I can use the same URL (including port) to access a server that's DNAT port-forwarded both inside and outside my LAN, but VyOS doesn't really quite have that if the external IP is dynamic. Specifically, the problem is that VyOS doesn't implement a way to create a NAT dest rule that matches destination address IP_OF_ETH0 for instance without explicitly entering the address. There exists a task for this here: https://vyos.dev/T2196

In order to add the above, we should dynamically create an address group for each DHCP interface that contains the WAN addresses. Then, the DNAT rule can be set to filter for destination = wan_address_group

In order to do _that_, we need a hook that runs upon renewing a DHCP lease. This hook probably should be shipped with VyOS, but in order to help me develop it and just make things more extensible in general I think it would be a good idea to have a user-writable hooks directory for the DHCP client.

I wrote a simple script here that just calls a directory's worth of scripts in the same format and such as /config/scripts/commit/post-hooks.d called /config/scripts/dhcp-client/post-hooks.d. I haven't tested this on my own router yet — only just began building :) https://github.com/b-/vyos-build-action/actions

But I'm confident enough in it that I'm developing on my live production router, so wish me luck ;)

I don't intend on testing this on Equuleus because I don't really use it, but it appears that Equuleus has the same DHCP hooks directory and so backporting this should be as simple as putting the file in that tree as well.