nat: T6371: fix op mode display of configured ports when comma separa…

…ted list of ports/ranges exists Before: Issuing the op mode command "show nat source rules" will throw an exception if the user has configured NAT rules using a list of ports as a comma-separated list (e.g. '!22,telnet,http,123,1001-1005'). Also there was no handling for the "!" rule and so '!53' would display as '53'. With this PR: Introduced iteration to capture all configured ports and append to the appropriate string for display to the user as well as handling of '!' if present in user's configuration.
vyos · May 29, 2024 · b7595ee · b7595ee
1 parent a234384
commit b7595ee
Showing 1 changed file with 19 additions and 14 deletions.
diff --git a/src/op_mode/nat.py b/src/op_mode/nat.py
@@ -99,6 +99,23 @@ def _get_raw_translation(direction, family, address=None):
 
 
 def _get_formatted_output_rules(data, direction, family):
+    def _get_ports_for_output(my_dict):
+        # Get and insert all configured ports or port ranges into output string
+        for index, port in enumerate(my_dict['set']):
+            if 'range' in str(my_dict['set'][index]):
+                output = my_dict['set'][index]['range']
+                output = '-'.join(map(str, output))
+            else:
+                output = str(port)
+            if index == 0:
+                output = str(output)
+            else:
+                output = ','.join([output,output])
+        # Handle case where configured ports are a negated list
+        if my_dict['op'] == '!=':
+            output = '!' + output
+        return(output)
+
     # Add default values before loop
     sport, dport, proto = 'any', 'any', 'any'
     saddr = '::/0' if family == 'inet6' else '0.0.0.0/0'
@@ -126,21 +143,9 @@ def _get_formatted_output_rules(data, direction, family):
                     elif my_dict['field'] == 'daddr':
                         daddr = f'{op}{my_dict["prefix"]["addr"]}/{my_dict["prefix"]["len"]}'
                     elif my_dict['field'] == 'sport':
-                        # Port range or single port
-                        if jmespath.search('set[*].range', my_dict):
-                            sport = my_dict['set'][0]['range']
-                            sport = '-'.join(map(str, sport))
-                        else:
-                            sport = my_dict.get('set')
-                            sport = ','.join(map(str, sport))
+                        sport = _get_ports_for_output(my_dict)
                     elif my_dict['field'] == 'dport':
-                        # Port range or single port
-                        if jmespath.search('set[*].range', my_dict):
-                            dport = my_dict["set"][0]["range"]
-                            dport = '-'.join(map(str, dport))
-                        else:
-                            dport = my_dict.get('set')
-                            dport = ','.join(map(str, dport))
+                        dport = _get_ports_for_output(my_dict)
                 else:
                     field = jmespath.search('left.payload.field', match)
                     if field == 'saddr':