Merge pull request #674 from NethServer/mwan-optional-addresses

Allowing optional addresses in mwan rules

packages/ns-api/README.md

@@ -6134,23 +6134,27 @@ Example response:
 
 ```json
 {
-   "values": [
-      {
-         "label": "Default Rule",
-         "name": "ns_default_rule",
-         "policy": {
-            "label": "Default",
-            "name": "ns_default"
-         },
-         "protocol": "all",
-         "source_address": "1.1.1.1/30",
-         "destination_address": "10.0.0.1/20",
-         "sticky": false
-      }
-   ]
+  "values": [
+    {
+      "label": "Default Rule",
+      "name": "ns_default_rule",
+      "policy": {
+        "label": "Default",
+        "name": "ns_default"
+      },
+      "protocol": "all",
+      "source_address": "1.1.1.1/30",
+      "destination_address": "10.0.0.1/20",
+      "sticky": false
+    }
+  ]
 }
 ```
 
+Beware, additional field `ns_src` and `ns_dst` with a `id` representing the firewall object might be present in the
+response, they are the object replacement of `source_address` and `destination_address` respectively, consider them with
+higher priority over the other fields.
+
 Note: field `protocol`, `source_address` and `destination_address` can be missing from the response, in that case
 consider them to be set as `any`.
 
@@ -6171,6 +6175,8 @@ Parameters:
 - `destination_address`: destination address to be used, can be a single IP, a CIDR or empty for `any`
 - `destination_port`: destination port to be used, can be a single port, a range or empty for `any`
 - `sticky`: Allow traffic from the same source IP address within the timeout limit to use same wan interface as prior session (Boolean default false)
+- `ns_src`: source address object id, will override `source_address`
+- `ns_dst`: destination address object id, will override `destination_address`
 
 Example response:
 
@@ -6236,6 +6242,8 @@ Parameters:
 - `destination_address`: destination address to be used, can be a single IP, a CIDR or empty for `any`
 - `destination_port`: destination port to be used, can be a single port, a range or empty for `any`
 - `sticky`: Allow traffic from the same source IP address within the timeout limit to use same wan interface as prior session (Boolean default false)
+- `ns_src`: source address object id, will override `source_address`
+- `ns_dst`: destination address object id, will override `destination_address`
 
 Example response:
 

packages/ns-api/files/ns.mwan

@@ -98,9 +98,9 @@ elif cmd == 'call':
                 data['name'],
                 data['policy'],
                 data['protocol'],
-                data['source_address'],
+                data.get('source_address'),
                 data['source_port'],
-                data['destination_address'],
+                data.get('destination_address'),
                 data['destination_port'],
                 data['sticky'],
                 data.get('ns_src'),
@@ -123,9 +123,9 @@ elif cmd == 'call':
                 data['policy'],
                 data['label'],
                 data['protocol'],
-                data['source_address'],
+                data.get('source_address'),
                 data['source_port'],
-                data['destination_address'],
+                data.get('destination_address'),
                 data['destination_port'],
                 data['sticky'],
                 data.get('ns_src'),

packages/ns-api/files/ns.objects

@@ -54,7 +54,7 @@ elif cmd == 'call':
     e_uci = EUci()
     try:
         if action == 'list-domain-sets':
-            print(json.dumps({'values': objects.list_domain_sets(e_uci)}))
+            print(json.dumps({'values': objects.list_objects(e_uci, include_host_sets=False, expand=True)}))
         elif action == 'list-hosts':
             print(json.dumps({'values': objects.list_objects(e_uci, include_domain_sets=False, expand=True)}))
         else:

packages/python3-nethsec/Makefile

@@ -6,7 +6,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=python3-nethsec
-PKG_VERSION:=0.0.70
+PKG_VERSION:=0.0.71
 PKG_RELEASE:=1
 
 PKG_MAINTAINER:=Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>