Merge branch 'devel' into markdown_rendering

aristanetworks · Jun 20, 2024 · deb1854 · deb1854
2 parents 97a6637 + abf7650
commit deb1854
Show file tree

Hide file tree

Showing 10 changed files with 45 additions and 0 deletions.
diff --git a/...collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/acl.md b/...collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/acl.md
@@ -139,6 +139,7 @@ ACL has counting mode `counters per-entry` enabled!
 | 10 | remark ACL to restrict access RFC1918 addresses |
 | 20 | permit ip 10.0.0.0/8 any |
 | 30 | permit ip 192.0.2.0/24 any |
+| - | permit response traffic nat |
 
 ##### ACL-03
 
@@ -167,6 +168,7 @@ ip access-list ACL-02
    10 remark ACL to restrict access RFC1918 addresses
    20 permit ip 10.0.0.0/8 any
    30 permit ip 192.0.2.0/24 any
+   permit response traffic nat
 !
 ip access-list ACL-03
    10 remark ACL to restrict access RFC1918 addresses

diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/acl.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/acl.cfg
@@ -27,6 +27,7 @@ ip access-list ACL-02
    10 remark ACL to restrict access RFC1918 addresses
    20 permit ip 10.0.0.0/8 any
    30 permit ip 192.0.2.0/24 any
+   permit response traffic nat
 !
 ip access-list ACL-03
    10 remark ACL to restrict access RFC1918 addresses

diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/acl.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/acl.yml
@@ -10,6 +10,7 @@ access_lists:
         action: "permit ip 192.0.2.0/24 any"
   - name: ACL-02
     counters_per_entry: true
+    permit_response_traffic: nat
     sequence_numbers:
       - sequence: 10
         action: "remark ACL to restrict access RFC1918 addresses"

diff --git a/...ble_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/access-lists.md b/...ble_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/access-lists.md
@@ -10,6 +10,7 @@
     | [<samp>access_lists</samp>](## "access_lists") | List, items: Dictionary |  |  |  |  |
     | [<samp>&nbsp;&nbsp;-&nbsp;name</samp>](## "access_lists.[].name") | String | Required, Unique |  |  | Access-list Name. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;counters_per_entry</samp>](## "access_lists.[].counters_per_entry") | Boolean |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;permit_response_traffic</samp>](## "access_lists.[].permit_response_traffic") | String |  |  | Valid Values:<br>- <code>nat</code> | Permit response traffic automatically based on NAT translations.<br>Minimum EOS version requirement 4.32.2F. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;sequence_numbers</samp>](## "access_lists.[].sequence_numbers") | List, items: Dictionary | Required |  |  |  |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;sequence</samp>](## "access_lists.[].sequence_numbers.[].sequence") | Integer | Required, Unique |  |  | Sequence ID. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;action</samp>](## "access_lists.[].sequence_numbers.[].action") | String | Required |  |  | Action as string.<br>Example: "deny ip any any"<br> |
@@ -22,6 +23,10 @@
         # Access-list Name.
       - name: <str; required; unique>
         counters_per_entry: <bool>
+
+        # Permit response traffic automatically based on NAT translations.
+        # Minimum EOS version requirement 4.32.2F.
+        permit_response_traffic: <str; "nat">
         sequence_numbers: # required
 
             # Sequence ID.

diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/access-lists.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/access-lists.j2
@@ -22,6 +22,9 @@ ACL has counting mode `counters per-entry` enabled!
 {%         for sequence in access_list.sequence_numbers | arista.avd.natural_sort('sequence') %}
 | {{ sequence.sequence }} | {{ sequence.action }} |
 {%         endfor %}
+{%         if access_list.permit_response_traffic is arista.avd.defined %}
+| - | permit response traffic {{ access_list.permit_response_traffic }} |
+{%         endif %}
 
 {%     endfor %}
 #### Extended Access-lists Device Configuration

diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/access-lists.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/access-lists.j2
@@ -15,4 +15,7 @@ ip access-list {{ access_list.name }}
    {{ sequence.sequence }} {{ sequence.action }}
 {%         endif %}
 {%     endfor %}
+{%     if access_list.permit_response_traffic is arista.avd.defined %}
+   permit response traffic {{ access_list.permit_response_traffic }}
+{%     endif %}
 {% endfor %}
diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.jsonschema.json b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.jsonschema.json
@@ -538,6 +538,14 @@
             "type": "boolean",
             "title": "Counters Per Entry"
           },
+          "permit_response_traffic": {
+            "type": "string",
+            "enum": [
+              "nat"
+            ],
+            "description": "Permit response traffic automatically based on NAT translations.\nMinimum EOS version requirement 4.32.2F.",
+            "title": "Permit Response Traffic"
+          },
           "sequence_numbers": {
             "type": "array",
             "items": {

diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
@@ -338,6 +338,13 @@ keys:
           - int
         counters_per_entry:
           type: bool
+        permit_response_traffic:
+          type: str
+          valid_values:
+          - nat
+          description: 'Permit response traffic automatically based on NAT translations.
+
+            Minimum EOS version requirement 4.32.2F.'
         sequence_numbers:
           type: list
           required: true

diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/access_lists.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/access_lists.schema.yml
@@ -21,6 +21,13 @@ keys:
           convert_types: [ int ]
         counters_per_entry:
           type: bool
+        permit_response_traffic:
+          type: str
+          valid_values:
+            - nat
+          description: |-
+            Permit response traffic automatically based on NAT translations.
+            Minimum EOS version requirement 4.32.2F.
         sequence_numbers:
           type: list
           required: true

diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.jsonschema.json b/python-avd/pyavd/_eos_designs/schema/eos_designs.jsonschema.json
@@ -18397,6 +18397,14 @@
                       "type": "boolean",
                       "title": "Counters Per Entry"
                     },
+                    "permit_response_traffic": {
+                      "type": "string",
+                      "enum": [
+                        "nat"
+                      ],
+                      "description": "Permit response traffic automatically based on NAT translations.\nMinimum EOS version requirement 4.32.2F.",
+                      "title": "Permit Response Traffic"
+                    },
                     "sequence_numbers": {
                       "type": "array",
                       "items": {