summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-02-22 07:53:30 +0100
committerChristian Poessinger <christian@poessinger.com>2022-02-22 07:53:30 +0100
commite22b8a31536e44b807aa285cf6e0164b35b4abb4 (patch)
tree173190f97b25877ac9b37472efb77f403d07c981
parentf1bb5f2f8e1fdb2aad996126f28bc09a4899fb11 (diff)
downloadvyos-1x-e22b8a31536e44b807aa285cf6e0164b35b4abb4.tar.gz
vyos-1x-e22b8a31536e44b807aa285cf6e0164b35b4abb4.zip
Revert "backport: policy: T4219: add local-route(6) incoming-interface"
This reverts commit 72d7152f794cfe48821797d62865024c1843096e.
-rw-r--r--interface-definitions/include/interface/inbound-interface.xml.i10
-rw-r--r--interface-definitions/policy-local-route.xml.in2
-rwxr-xr-xsmoketest/scripts/cli/test_policy.py53
-rwxr-xr-xsrc/conf_mode/policy-local-route.py36
4 files changed, 7 insertions, 94 deletions
diff --git a/interface-definitions/include/interface/inbound-interface.xml.i b/interface-definitions/include/interface/inbound-interface.xml.i
deleted file mode 100644
index 5a8d47280..000000000
--- a/interface-definitions/include/interface/inbound-interface.xml.i
+++ /dev/null
@@ -1,10 +0,0 @@
-<!-- include start from interface/inbound-interface.xml.i -->
-<leafNode name="inbound-interface">
- <properties>
- <help>Inbound Interface</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py</script>
- </completionHelp>
- </properties>
-</leafNode>
-<!-- include end -->
diff --git a/interface-definitions/policy-local-route.xml.in b/interface-definitions/policy-local-route.xml.in
index 7abf0dc0b..1c9d94ec5 100644
--- a/interface-definitions/policy-local-route.xml.in
+++ b/interface-definitions/policy-local-route.xml.in
@@ -76,7 +76,6 @@
<multi/>
</properties>
</leafNode>
- #include <include/interface/inbound-interface.xml.i>
</children>
</tagNode>
</children>
@@ -166,7 +165,6 @@
<multi/>
</properties>
</leafNode>
- #include <include/interface/inbound-interface.xml.i>
</children>
</tagNode>
</children>
diff --git a/smoketest/scripts/cli/test_policy.py b/smoketest/scripts/cli/test_policy.py
index ae63ecd50..6697b9f16 100755
--- a/smoketest/scripts/cli/test_policy.py
+++ b/smoketest/scripts/cli/test_policy.py
@@ -749,32 +749,6 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
self.assertEqual(sort_ip(tmp), sort_ip(original))
- # Test set table for sources with iif
- def test_iif_sources_table_id(self):
- path = base_path + ['local-route']
-
- sources = ['203.0.113.11', '203.0.113.12']
- iif = 'lo'
- rule = '100'
- table = '150'
-
- self.cli_set(path + ['rule', rule, 'set', 'table', table])
- self.cli_set(path + ['rule', rule, 'inbound-interface', iif])
- for src in sources:
- self.cli_set(path + ['rule', rule, 'source', src])
-
- self.cli_commit()
-
- # Check generated configuration
- # Expected values
- original = """
- 100: from 203.0.113.11 iif lo lookup 150
- 100: from 203.0.113.12 iif lo lookup 150
- """
- tmp = cmd('ip rule show prio 100')
-
- self.assertEqual(sort_ip(tmp), sort_ip(original))
-
# Test set table for sources and destinations with fwmark
def test_fwmark_sources_destination_table_id(self):
path = base_path + ['local-route']
@@ -887,31 +861,6 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
self.assertEqual(sort_ip(tmp), sort_ip(original))
- # Test set table for sources with iif ipv6
- def test_iif_sources_ipv6_table_id(self):
- path = base_path + ['local-route6']
-
- sources = ['2001:db8:1338::/126', '2001:db8:1339::/126']
- iif = 'lo'
- rule = '102'
- table = '150'
- for src in sources:
- self.cli_set(path + ['rule', rule, 'set', 'table', table])
- self.cli_set(path + ['rule', rule, 'source', src])
- self.cli_set(path + ['rule', rule, 'inbound-interface', iif])
-
- self.cli_commit()
-
- # Check generated configuration
- # Expected values
- original = """
- 102: from 2001:db8:1338::/126 iif lo lookup 150
- 102: from 2001:db8:1339::/126 iif lo lookup 150
- """
- tmp = cmd('ip -6 rule show prio 102')
-
- self.assertEqual(sort_ip(tmp), sort_ip(original))
-
# Test set table for sources and destinations with fwmark ipv6
def test_fwmark_sources_destination_ipv6_table_id(self):
path = base_path + ['local-route6']
@@ -978,7 +927,7 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
103: from 2001:db8:1338::/126 to 2001:db8:16::/48 fwmark 0x17 lookup 150
103: from 2001:db8:1339::/56 to 2001:db8:13::/48 fwmark 0x17 lookup 150
103: from 2001:db8:1339::/56 to 2001:db8:16::/48 fwmark 0x17 lookup 150
- 103: from 2001:db8:1338::/126 to 2001:db8:13::/48 fwmark 0x17 lookup 150
+ 103: from 2001:db8:1338::/126 to 2001:db8:13::/48 fwmark 0x17 lookup 150
"""
tmp = cmd('ip rule show prio 103')
tmp_v6 = cmd('ip -6 rule show prio 103')
diff --git a/src/conf_mode/policy-local-route.py b/src/conf_mode/policy-local-route.py
index 5aa7eb3fd..c4bef3414 100755
--- a/src/conf_mode/policy-local-route.py
+++ b/src/conf_mode/policy-local-route.py
@@ -18,7 +18,6 @@ import os
from sys import exit
-from netifaces import interfaces
from vyos.config import Config
from vyos.configdict import dict_merge
from vyos.configdict import node_changed
@@ -52,15 +51,12 @@ def get_config(config=None):
for rule in (tmp or []):
src = leaf_node_changed(conf, base_rule + [rule, 'source'])
fwmk = leaf_node_changed(conf, base_rule + [rule, 'fwmark'])
- iif = leaf_node_changed(conf, base_rule + [rule, 'inbound-interface'])
dst = leaf_node_changed(conf, base_rule + [rule, 'destination'])
rule_def = {}
if src:
rule_def = dict_merge({'source' : src}, rule_def)
if fwmk:
rule_def = dict_merge({'fwmark' : fwmk}, rule_def)
- if iif:
- rule_def = dict_merge({'inbound_interface' : iif}, rule_def)
if dst:
rule_def = dict_merge({'destination' : dst}, rule_def)
dict = dict_merge({dict_id : {rule : rule_def}}, dict)
@@ -76,7 +72,6 @@ def get_config(config=None):
for rule, rule_config in pbr[route]['rule'].items():
src = leaf_node_changed(conf, base_rule + [rule, 'source'])
fwmk = leaf_node_changed(conf, base_rule + [rule, 'fwmark'])
- iif = leaf_node_changed(conf, base_rule + [rule, 'inbound-interface'])
dst = leaf_node_changed(conf, base_rule + [rule, 'destination'])
# keep track of changes in configuration
# otherwise we might remove an existing node although nothing else has changed
@@ -105,13 +100,6 @@ def get_config(config=None):
changed = True
if len(fwmk) > 0:
rule_def = dict_merge({'fwmark' : fwmk}, rule_def)
- if iif is None:
- if 'inbound_interface' in rule_config:
- rule_def = dict_merge({'inbound_interface': rule_config['inbound_interface']}, rule_def)
- else:
- changed = True
- if len(iif) > 0:
- rule_def = dict_merge({'inbound_interface' : iif}, rule_def)
if dst is None:
if 'destination' in rule_config:
rule_def = dict_merge({'destination': rule_config['destination']}, rule_def)
@@ -137,18 +125,11 @@ def verify(pbr):
pbr_route = pbr[route]
if 'rule' in pbr_route:
for rule in pbr_route['rule']:
- if 'source' not in pbr_route['rule'][rule] \
- and 'destination' not in pbr_route['rule'][rule] \
- and 'fwmark' not in pbr_route['rule'][rule] \
- and 'inbound_interface' not in pbr_route['rule'][rule]:
- raise ConfigError('Source or destination address or fwmark or inbound-interface is required!')
+ if 'source' not in pbr_route['rule'][rule] and 'destination' not in pbr_route['rule'][rule] and 'fwmark' not in pbr_route['rule'][rule]:
+ raise ConfigError('Source or destination address or fwmark is required!')
else:
if 'set' not in pbr_route['rule'][rule] or 'table' not in pbr_route['rule'][rule]['set']:
raise ConfigError('Table set is required!')
- if 'inbound_interface' in pbr_route['rule'][rule]:
- interface = pbr_route['rule'][rule]['inbound_interface']
- if interface not in interfaces():
- raise ConfigError(f'Interface "{interface}" does not exist')
return None
@@ -162,6 +143,8 @@ def apply(pbr):
if not pbr:
return None
+ print(pbr)
+
# Delete old rule if needed
for rule_rm in ['rule_remove', 'rule6_remove']:
if rule_rm in pbr:
@@ -176,10 +159,7 @@ def apply(pbr):
rule_config['fwmark'] = rule_config['fwmark'] if 'fwmark' in rule_config else ['']
for fwmk in rule_config['fwmark']:
f_fwmk = '' if fwmk == '' else f' fwmark {fwmk} '
- rule_config['inbound_interface'] = rule_config['inbound_interface'] if 'inbound_interface' in rule_config else ['']
- for iif in rule_config['inbound_interface']:
- f_iif = '' if iif == '' else f' iif {iif} '
- call(f'ip{v6} rule del prio {rule} {f_src}{f_dst}{f_fwmk}{f_iif}')
+ call(f'ip{v6} rule del prio {rule} {f_src}{f_dst}{f_fwmk}')
# Generate new config
for route in ['local_route', 'local_route6']:
@@ -203,11 +183,7 @@ def apply(pbr):
if 'fwmark' in rule_config:
fwmk = rule_config['fwmark']
f_fwmk = f' fwmark {fwmk} '
- f_iif = ''
- if 'inbound_interface' in rule_config:
- iif = rule_config['inbound_interface']
- f_iif = f' iif {iif} '
- call(f'ip{v6} rule add prio {rule} {f_src}{f_dst}{f_fwmk}{f_iif} lookup {table}')
+ call(f'ip{v6} rule add prio {rule} {f_src}{f_dst}{f_fwmk} lookup {table}')
return None