summaryrefslogtreecommitdiffstats
path: root/tests/shell/testcases/maps/dumps/nat_addr_port.nft
blob: c8493b3adbf26943a39b73bac74b134b6df49df6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
table ip ipfoo {
	map t1 {
		typeof numgen inc mod 2 : ip daddr
	}

	map t2 {
		typeof numgen inc mod 2 : ip daddr . tcp dport
	}

	map x {
		type ipv4_addr : ipv4_addr
	}

	map y {
		type ipv4_addr : ipv4_addr . inet_service
		elements = { 192.168.7.2 : 10.1.1.1 . 4242 }
	}

	map z {
		type ipv4_addr . inet_service : ipv4_addr . inet_service
		elements = { 192.168.7.2 . 42 : 10.1.1.1 . 4242 }
	}

	chain c {
		type nat hook prerouting priority dstnat; policy accept;
		iifname != "foobar" accept
		dnat to ip daddr map @x
		ip saddr 10.1.1.1 dnat to 10.2.3.4
		ip saddr 10.1.1.2 tcp dport 42 dnat to 10.2.3.4:4242
		meta l4proto tcp dnat ip to ip saddr map @y
		dnat ip to ip saddr . tcp dport map @z
		dnat to numgen inc mod 2 map @t1
		meta l4proto tcp dnat ip to numgen inc mod 2 map @t2
	}
}
table ip6 ip6foo {
	map t1 {
		typeof numgen inc mod 2 : ip6 daddr
	}

	map t2 {
		typeof numgen inc mod 2 : ip6 daddr . tcp dport
	}

	map x {
		type ipv6_addr : ipv6_addr
	}

	map y {
		type ipv6_addr : ipv6_addr . inet_service
	}

	map z {
		type ipv6_addr . inet_service : ipv6_addr . inet_service
	}

	chain c {
		type nat hook prerouting priority dstnat; policy accept;
		iifname != "foobar" accept
		dnat to ip6 daddr map @x
		ip6 saddr dead::1 dnat to feed::1
		ip6 saddr dead::2 tcp dport 42 dnat to [c0::1a]:4242
		meta l4proto tcp dnat ip6 to ip6 saddr map @y
		dnat ip6 to ip6 saddr . tcp dport map @z
		dnat to numgen inc mod 2 map @t1
		meta l4proto tcp dnat ip6 to numgen inc mod 2 map @t2
	}
}
table inet inetfoo {
	map t1v4 {
		typeof numgen inc mod 2 : ip daddr
	}

	map t2v4 {
		typeof numgen inc mod 2 : ip daddr . tcp dport
	}

	map t1v6 {
		typeof numgen inc mod 2 : ip6 daddr
	}

	map t2v6 {
		typeof numgen inc mod 2 : ip6 daddr . tcp dport
	}

	map x4 {
		type ipv4_addr : ipv4_addr
	}

	map y4 {
		type ipv4_addr : ipv4_addr . inet_service
	}

	map z4 {
		type ipv4_addr . inet_service : ipv4_addr . inet_service
		elements = { 192.168.7.2 . 42 : 10.1.1.1 . 4242 }
	}

	map x6 {
		type ipv6_addr : ipv6_addr
	}

	map y6 {
		type ipv6_addr : ipv6_addr . inet_service
	}

	map z6 {
		type ipv6_addr . inet_service : ipv6_addr . inet_service
	}

	chain c {
		type nat hook prerouting priority dstnat; policy accept;
		iifname != "foobar" accept
		dnat ip to ip daddr map @x4
		ip saddr 10.1.1.1 dnat ip to 10.2.3.4
		ip saddr 10.1.1.2 tcp dport 42 dnat ip to 10.2.3.4:4242
		meta l4proto tcp dnat ip to ip saddr map @y4
		dnat ip to ip saddr . tcp dport map @z4
		dnat ip to numgen inc mod 2 map @t1v4
		meta l4proto tcp dnat ip to numgen inc mod 2 map @t2v4
		dnat ip6 to ip6 daddr map @x6
		ip6 saddr dead::1 dnat ip6 to feed::1
		ip6 saddr dead::2 tcp dport 42 dnat ip6 to [c0::1a]:4242
		meta l4proto tcp dnat ip6 to ip6 saddr map @y6
		dnat ip6 to ip6 saddr . tcp dport map @z6
		dnat ip6 to numgen inc mod 2 map @t1v6
		meta l4proto tcp dnat ip6 to numgen inc mod 2 map @t2v6
	}
}