summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2020-07-26 14:02:47 +0300
committerDaniil Baturin <daniil@vyos.io>2020-07-26 14:03:53 +0300
commit920d87447ca479c311102260e5816ec0f5268a9b (patch)
treefdf6af4bd25f3936f797afc7ed48f66ab308ba15
parenteb6bfbd75bf61828af886b3c9a06384e49b451ae (diff)
downloadvyos-1x-920d87447ca479c311102260e5816ec0f5268a9b.tar.gz
vyos-1x-920d87447ca479c311102260e5816ec0f5268a9b.zip
T1949: backport the IPv6 BFD validation improvements from PR#199
-rw-r--r--python/vyos/validate.py12
-rwxr-xr-xsrc/conf_mode/protocols_bfd.py11
-rwxr-xr-xsrc/helpers/validate-value.py2
3 files changed, 21 insertions, 4 deletions
diff --git a/python/vyos/validate.py b/python/vyos/validate.py
index 8def0a510..ffe530ede 100644
--- a/python/vyos/validate.py
+++ b/python/vyos/validate.py
@@ -38,6 +38,18 @@ def is_ipv6(addr):
else:
return False
+def is_ipv6_link_local(addr):
+ """
+ Check addr if it is an IPv6 link-local address/network. Returns True/False
+ """
+
+ addr = addr.split('%')[0]
+ if is_ipv6(addr):
+ if ipaddress.IPv6Address(addr).is_link_local:
+ return True
+
+ return False
+
def is_addr_assigned(addr):
"""
Verify if the given IPv4/IPv6 address is assigned to any interface on this
diff --git a/src/conf_mode/protocols_bfd.py b/src/conf_mode/protocols_bfd.py
index 9ca194edd..58f5b5a0e 100755
--- a/src/conf_mode/protocols_bfd.py
+++ b/src/conf_mode/protocols_bfd.py
@@ -163,10 +163,15 @@ def verify(bfd):
conf = Config()
for peer in bfd['new_peers']:
- # IPv6 peers require an explicit local address/interface combination
- if vyos.validate.is_ipv6(peer['remote']):
+ # IPv6 link local peers require an explicit local address/interface
+ if vyos.validate.is_ipv6_link_local(peer['remote']):
if not (peer['src_if'] and peer['src_addr']):
- raise ConfigError('BFD IPv6 peers require explicit local address and interface setting')
+ raise ConfigError('BFD IPv6 link-local peers require explicit local address and interface setting')
+
+ # IPv6 peers require an explicit local address
+ if vyos.validate.is_ipv6(peer['remote']):
+ if not peer['src_addr']:
+ raise ConfigError('BFD IPv6 peers require explicit local address setting')
# multihop require source address
if peer['multihop'] and not peer['src_addr']:
diff --git a/src/helpers/validate-value.py b/src/helpers/validate-value.py
index 36f996d38..7e16cfb4e 100755
--- a/src/helpers/validate-value.py
+++ b/src/helpers/validate-value.py
@@ -28,7 +28,7 @@ except Exception as exn:
try:
for cmd in args.exec:
- cmd = "{0} {1}".format(cmd, args.value)
+ cmd = "{0} \'{1}\'".format(cmd, args.value)
if debug:
print(cmd)
res = os.system(cmd)