diff options
| author | Daniil Baturin <daniil@vyos.io> | 2020-07-26 14:02:47 +0300 |
|---|---|---|
| committer | Daniil Baturin <daniil@vyos.io> | 2020-07-26 14:03:53 +0300 |
| commit | 920d87447ca479c311102260e5816ec0f5268a9b (patch) | |
| tree | fdf6af4bd25f3936f797afc7ed48f66ab308ba15 | |
| parent | eb6bfbd75bf61828af886b3c9a06384e49b451ae (diff) | |
| download | vyos-1x-920d87447ca479c311102260e5816ec0f5268a9b.tar.gz vyos-1x-920d87447ca479c311102260e5816ec0f5268a9b.zip | |
T1949: backport the IPv6 BFD validation improvements from PR#199
| -rw-r--r-- | python/vyos/validate.py | 12 | ||||
| -rwxr-xr-x | src/conf_mode/protocols_bfd.py | 11 | ||||
| -rwxr-xr-x | src/helpers/validate-value.py | 2 |
3 files changed, 21 insertions, 4 deletions
diff --git a/python/vyos/validate.py b/python/vyos/validate.py index 8def0a510..ffe530ede 100644 --- a/python/vyos/validate.py +++ b/python/vyos/validate.py @@ -38,6 +38,18 @@ def is_ipv6(addr): else: return False +def is_ipv6_link_local(addr): + """ + Check addr if it is an IPv6 link-local address/network. Returns True/False + """ + + addr = addr.split('%')[0] + if is_ipv6(addr): + if ipaddress.IPv6Address(addr).is_link_local: + return True + + return False + def is_addr_assigned(addr): """ Verify if the given IPv4/IPv6 address is assigned to any interface on this diff --git a/src/conf_mode/protocols_bfd.py b/src/conf_mode/protocols_bfd.py index 9ca194edd..58f5b5a0e 100755 --- a/src/conf_mode/protocols_bfd.py +++ b/src/conf_mode/protocols_bfd.py @@ -163,10 +163,15 @@ def verify(bfd): conf = Config() for peer in bfd['new_peers']: - # IPv6 peers require an explicit local address/interface combination - if vyos.validate.is_ipv6(peer['remote']): + # IPv6 link local peers require an explicit local address/interface + if vyos.validate.is_ipv6_link_local(peer['remote']): if not (peer['src_if'] and peer['src_addr']): - raise ConfigError('BFD IPv6 peers require explicit local address and interface setting') + raise ConfigError('BFD IPv6 link-local peers require explicit local address and interface setting') + + # IPv6 peers require an explicit local address + if vyos.validate.is_ipv6(peer['remote']): + if not peer['src_addr']: + raise ConfigError('BFD IPv6 peers require explicit local address setting') # multihop require source address if peer['multihop'] and not peer['src_addr']: diff --git a/src/helpers/validate-value.py b/src/helpers/validate-value.py index 36f996d38..7e16cfb4e 100755 --- a/src/helpers/validate-value.py +++ b/src/helpers/validate-value.py @@ -28,7 +28,7 @@ except Exception as exn: try: for cmd in args.exec: - cmd = "{0} {1}".format(cmd, args.value) + cmd = "{0} \'{1}\'".format(cmd, args.value) if debug: print(cmd) res = os.system(cmd) |