"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "go/testdata/nat.t" between
Netspoc-6.025.tar.gz and Netspoc-6.026.tar.gz

About: NetSPoC is a network security policy compiler (using its own description language) to manage all the packet filter devices inside your network topology.

nat.t  (Netspoc-6.025):nat.t  (Netspoc-6.026)
skipping to change at line 593 skipping to change at line 593
user = interface:r1.[all]; user = interface:r1.[all];
permit src = user; dst = network:n2; prt = udp 123; permit src = user; dst = network:n2; prt = udp 123;
} }
=END= =END=
=ERROR= =ERROR=
Error: interface:r1.n1.2 needs static translation for nat:x at router:filter to be valid in rule Error: interface:r1.n1.2 needs static translation for nat:x at router:filter to be valid in rule
permit src=interface:r1.n1.2; dst=network:n2; prt=udp 123; of service:s permit src=interface:r1.n1.2; dst=network:n2; prt=udp 123; of service:s
=END= =END=
############################################################ ############################################################
=TITLE=NAT tag without effect =TITLE=NAT tag without effect (1)
=INPUT= =INPUT=
network:n1 = { ip = 10.1.1.0/24; nat:x = { ip = 10.9.9.0/24; } } network:n1 = { ip = 10.1.1.0/24; nat:x = { ip = 10.9.9.0/24; } }
router:r1 = { router:r1 = {
interface:n1 = { bind_nat = x; } interface:n1 = { bind_nat = x; }
interface:n2 = { bind_nat = x; } interface:n2 = { bind_nat = x; }
} }
network:n2 = { ip = 10.1.2.0/24; } network:n2 = { ip = 10.1.2.0/24; }
=END= =END=
=WARNING= =WARNING=
Warning: Ignoring nat:x without effect, bound at every interface of router:r1 Warning: Ignoring nat:x without effect, bound at every interface of router:r1
=END= =END=
############################################################ ############################################################
=TITLE=NAT tag without effect (2)
=INPUT=
network:n1 = { ip = 10.1.1.0/24; nat:n1 = { ip = 10.9.1.0/24; } }
router:u = {
interface:n1;
interface:n2 = { bind_nat = n1; }
}
network:n2 = { ip = 10.1.2.0/24; nat:n2 = { ip = 10.9.2.0/24; } }
router:r1 = {
interface:n2 = { bind_nat = n1; }
interface:n3 = { bind_nat = n1, n2; }
}
network:n3 = { ip = 10.1.3.0/24; }
=END=
=WARNING=
Warning: Ignoring nat:n1 without effect, bound at every interface of router:r1
=END=
############################################################
=TITLE=Check rule with host and dynamic NAT (managed) =TITLE=Check rule with host and dynamic NAT (managed)
=VAR=input =VAR=input
network:Test = { network:Test = {
ip = 10.9.1.0/24; ip = 10.9.1.0/24;
nat:C = { ip = 1.9.2.0/24; dynamic;} nat:C = { ip = 1.9.2.0/24; dynamic;}
host:h3 = { ip = 10.9.1.3; } host:h3 = { ip = 10.9.1.3; }
host:h4 = { ip = 10.9.1.4; } host:h4 = { ip = 10.9.1.4; }
host:h5 = { ip = 10.9.1.5; nat:C = { ip = 1.9.2.55; } } host:h5 = { ip = 10.9.1.5; nat:C = { ip = 1.9.2.55; } }
} }
router:C = { router:C = {
skipping to change at line 2445 skipping to change at line 2464
router:r2 = { router:r2 = {
interface:a; interface:a;
interface:t; interface:t;
interface:b; interface:b;
} }
network:b = {ip = 10.156.5.160/28;} network:b = {ip = 10.156.5.160/28;}
=END= =END=
=ERROR= =ERROR=
Error: Inconsistent NAT in loop at router:r1: Error: Inconsistent NAT in loop at router:r1:
nat:(none) vs. nat:h nat:(none) vs. nat:h
Error: network:a is translated by nat:h,
but is located inside the translation domain of h.
Probably h was bound to wrong interface at
- router:r1
=END= =END=
############################################################ ############################################################
=TITLE=Inconsistent NAT in loop (2) =TITLE=Inconsistent NAT in loop (2)
=INPUT= =INPUT=
network:n1 = { ip = 10.1.1.0/24; } network:n1 = { ip = 10.1.1.0/24; }
network:n2 = { ip = 10.1.2.0/24; } network:n2 = { ip = 10.1.2.0/24; }
network:n3 = { ip = 10.1.3.0/24; nat:x = { ip = 10.9.3.0/24; } } network:n3 = { ip = 10.1.3.0/24; nat:x = { ip = 10.9.3.0/24; } }
network:n4 = { ip = 10.1.4.0/24; } network:n4 = { ip = 10.1.4.0/24; }
router:r1 = { router:r1 = {
skipping to change at line 2478 skipping to change at line 2493
interface:n1 = { bind_nat = x; } interface:n1 = { bind_nat = x; }
interface:n3; interface:n3;
interface:n4 = { bind_nat = x; } interface:n4 = { bind_nat = x; }
} }
=END= =END=
=ERROR= =ERROR=
Error: Inconsistent NAT in loop at router:r2: Error: Inconsistent NAT in loop at router:r2:
nat:(none) vs. nat:x nat:(none) vs. nat:x
Error: Inconsistent NAT in loop at router:r3: Error: Inconsistent NAT in loop at router:r3:
nat:(none) vs. nat:x nat:(none) vs. nat:x
Error: network:n3 is translated by nat:x,
but is located inside the translation domain of x.
Probably x was bound to wrong interface at
- router:r2
- router:r3
=END= =END=
############################################################ ############################################################
=TITLE=Check recursive NAT in loop =TITLE=Check recursive NAT in loop
=INPUT= =INPUT=
network:n1 = { ip = 10.1.1.0/24; nat:n1 = { ip = 10.9.1.0/24; } } network:n1 = { ip = 10.1.1.0/24; nat:n1 = { ip = 10.9.1.0/24; } }
router:r1 = { router:r1 = {
interface:n1; interface:n1;
interface:t1 = { bind_nat = n1; } interface:t1 = { bind_nat = n1; }
interface:t2 = { bind_nat = n2; } interface:t2 = { bind_nat = n2; }
 End of changes. 4 change blocks. 
10 lines changed or deleted 20 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)