InlineNatRule1
{
"match_destination_network": "string",
"translated_network": "string",
"rule_priority": 0,
"match_service": {
"resource_type": "string"
},
"applied_tos": [
{
"target_display_name": "string",
"is_valid": false,
"target_id": "string",
"target_type": "string"
}
],
"enabled": false,
"logical_router_id": "string",
"translated_ports": "string",
"action": "string",
"logging": false,
"nat_pass": false,
"match_source_network": "string"
}IP Address | CIDR | (null implies Any)
IP Address | IP Range | CIDR
Ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.
Holds the list of LogicalRouterPort Ids that a NAT rule can be applied to. The LogicalRouterPort used must belong to the same LogicalRouter for which the NAT Rule is created. As of now a NAT rule can only have a single LogicalRouterPort as applied_tos. When applied_tos is not set, the NAT rule is applied to all LogicalRouterPorts beloging to the LogicalRouter.
enable/disable the rule
Logical router id
port number or port range. DNAT only
valid actions: SNAT, DNAT, NO_SNAT, NO_DNAT, REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, can NOT be supported when the logical router is running at active-active HA mode; REFLEXIVE is stateless. NO_SNAT and NO_DNAT have no translated_fields, only match fields are supported.
enable/disable the logging of rule
Default is true. If the nat_pass is set to true, the following firewall stage will be skipped. Please note, if action is NO_NAT, then nat_pass must be set to true or omitted.
IP Address | CIDR | (null implies Any)