Page MenuHomeVyOS Platform
Create Task
Maniphest T1999

support for ip groups in nat
Resolved (N/A)PublicFEATURE REQUEST
Actions

Description

Hi,

Would it be possible to add support for address groups in nat, so I could do something like this:

set nat source rule 10 destination address-group 'some-group'

It would be a great feature.

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Feature (new functionality)

Related Objects

Event Timeline

danielpo created this task.Jan 30 2020, 6:02 AM
Viacheslav added a subscriber: Viacheslav.Feb 1 2020, 2:50 PM
jjakob added a subscriber: jjakob.Mar 31 2020, 9:32 AM
jjakob added a comment.Mar 31 2020, 9:37 AM

I vote for this as well. I have a lot of addresses I need to add to a nat source address so I need to create one rule per IP. Because I have a specific rule numbering scheme, I'm running out of space in it so I had to break the scheme. The ability to use groups in nat source and destination addresses would greatly help.

vindenesen added a subscriber: vindenesen.Mar 31 2020, 1:02 PM
pasik added a subscriber: pasik.Mar 31 2020, 3:48 PM
jjakob mentioned this in T2198: Rewrite NAT in new XML/Python style.May 1 2020, 11:06 AM
Unknown Object (User) added a subscriber: Unknown Object (User).May 20 2020, 10:55 AM

Note: When we migrate NAT to nftables, we need to use nftables sets instead of ipset

erkin set Issue type to Feature (new functionality).Aug 31 2021, 5:48 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Nov 6 2021, 11:25 AM
Viacheslav added a project: VyOS 1.4 Sagitta.Nov 7 2021, 9:56 AM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus (1.3.0).Aug 29 2022, 7:05 AM
tioan added a subscriber: tioan.Oct 30 2022, 11:28 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.3).Jul 12 2023, 9:43 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus (1.3.4).Aug 25 2023, 9:30 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.6); removed VyOS 1.3 Equuleus (1.3.5).Dec 17 2023, 11:38 PM
dmbaturin closed this task as Resolved N/A.Jan 9 2024, 4:16 PM
dmbaturin added a subscriber: dmbaturin.

Already supported in the current nftables-based implementation.

dmbaturin removed projects: VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta.Jan 9 2024, 4:17 PM