Skip to content

Commit

Permalink
r/security: add nat_source block argument
Browse files Browse the repository at this point in the history
to declare static configuration in "security nat source"
Fix #458
  • Loading branch information
jeremmfr committed Apr 28, 2023
1 parent 5009426 commit 8a9318f
Show file tree
Hide file tree
Showing 4 changed files with 383 additions and 0 deletions.
1 change: 1 addition & 0 deletions .changes/issue-458.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,4 @@ ENHANCEMENTS:

* **resource/junos_security**:
* resource now use new [terraform-plugin-framework](https://github.com/hashicorp/terraform-plugin-framework) and some of config errors are now sent during Plan instead of during Apply (optional boolean attributes doesn't accept value *false*, optional string attributes doesn't accept *empty* value, the resource schema has been upgraded to have one-blocks in single mode instead of list)
* add `nat_source` block argument (Fix [#458](https://github.com/jeremmfr/terraform-provider-junos/issues/458))
33 changes: 33 additions & 0 deletions docs/resources/security.md
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,39 @@ The following arguments are supported:
- **log** (Optional, Block)
Declare `log` configuration.
See [below for nested schema](#log-arguments).
- **nat_source** (Optional, Block)
Declare `nat source` configuration.
- **address_persistent** (Optional, Boolean)
Allow source address to maintain same translation.
- **interface_port_overloading_factor** (Optional, Number)
Port overloading factor for interface NAT.
Conflict with `interface_port_overloading_off`.
- **interface_port_overloading_off** (Optional, Boolean)
Turn off interface port over-loading.
Conflict with `interface_port_overloading_factor`.
- **pool_default_port_range** (Optional, Number)
Configure Source NAT default port range lower limit.
`pool_default_port_range_to` must also be specified.
- **pool_default_port_range_to** (Optional, Number)
Configure Source NAT default port range upper limit.
`pool_default_port_range` must also be specified.
- **pool_default_twin_port_range** (Optional, Number)
Configure Source NAT default twin port range lower limit.
`pool_default_twin_port_range_to` must also be specified.
- **pool_default_twin_port_range_to** (Optional, Number)
Configure Source NAT default twin port range upper limit.
`pool_default_twin_port_range` must also be specified.
- **pool_utilization_alarm_clear_threshold** (Optional, Number)
Clear threshold for pool utilization alarm (40..100).
`pool_utilization_alarm_raise_threshold` must also be specified.
- **pool_utilization_alarm_raise_threshold** (Optional, Number)
Raise threshold for pool utilization alarm (50..100).
- **port_randomization_disable** (Optional, Boolean)
Disable Source NAT port randomization.
- **session_drop_hold_down** (Optional, Number)
Session drop hold down time (30..28800).
- **session_persistence_scan** (Optional, Boolean)
Allow source to maintain session when session scan.
- **policies** (Optional, Block)
Declare `policies` configuration.
- **policy_rematch** (Optional, Boolean)
Expand Down
Loading

0 comments on commit 8a9318f

Please sign in to comment.