summaryrefslogtreecommitdiff
path: root/interface-definitions/include/firewall/common-rule-bridge.xml.i
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-07-20 10:35:44 +0200
committerMergify <37929162+mergify[bot]@users.noreply.github.com>2024-07-20 14:21:20 +0000
commit1b3350788ceeace52e2d693a18d92d82464220c0 (patch)
treee090909afd56a9a2e55b37d57dafc563fede1146 /interface-definitions/include/firewall/common-rule-bridge.xml.i
parent5be256235052592dab254f55f5f329feb5e955b0 (diff)
downloadvyos-1x-1b3350788ceeace52e2d693a18d92d82464220c0.tar.gz
vyos-1x-1b3350788ceeace52e2d693a18d92d82464220c0.zip
interfaces: T6592: moving an interface between VRF instances failed
To reproduce: set vrf name mgmt table '150' set vrf name no-mgmt table '151' set interfaces ethernet eth2 vrf 'mgmt' commit set interfaces ethernet eth2 vrf no-mgmt commit This resulted in an error while interacting with nftables: [Errno 1] failed to run command: nft add element inet vrf_zones ct_iface_map { "eth2" : 151 } The reason is that the old mapping entry still exists and was not removed. This commit adds a new utility function get_vrf_tableid() and compares the current and new VRF table IDs assigned to an interface. If the IDs do not match, the nftables ct_iface_map entry is removed before the new entry is added. (cherry picked from commit 452068ce78581bb6fba2df4dba197e95b9aeb33d)
Diffstat (limited to 'interface-definitions/include/firewall/common-rule-bridge.xml.i')
0 files changed, 0 insertions, 0 deletions