summaryrefslogtreecommitdiff
path: root/python/vyos/configverify.py
diff options
context:
space:
mode:
authorjack9603301 <jack9603301@163.com>2020-12-13 20:30:23 +0800
committerjack9603301 <jack9603301@163.com>2021-02-02 13:58:00 +0800
commitc7d0865455c9bbf078765b7a53811286cf3dfb8b (patch)
tree7c3cbc94fe67fe1b97f58850da438625ef4fb3ae /python/vyos/configverify.py
parenta8028063b3ed7a897aa265755dde37abaeb7520f (diff)
downloadvyos-1x-c7d0865455c9bbf078765b7a53811286cf3dfb8b.tar.gz
vyos-1x-c7d0865455c9bbf078765b7a53811286cf3dfb8b.zip
tunnel: T3030: Modify the command line to streamline configuration (support package type automatic detection)
Diffstat (limited to 'python/vyos/configverify.py')
-rw-r--r--python/vyos/configverify.py43
1 files changed, 43 insertions, 0 deletions
diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index a888791ba..e71e4e1c5 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -89,6 +89,49 @@ def verify_vrf(config):
'Interface "{ifname}" cannot be both a member of VRF "{vrf}" '
'and bridge "{is_bridge_member}"!'.format(**config))
+def verify_tunnel(config):
+ """
+ This helper is used to verify the common part of the tunnel
+ """
+ from vyos.template import is_ipv4
+ from vyos.template import is_ipv6
+
+ if 'encapsulation' not in config:
+ raise ConfigError('Must configure the tunnel encapsulation for '\
+ '{ifname}!'.format(**config))
+
+ if 'local_ip' not in config and 'dhcp_interface' not in config:
+ raise ConfigError('local-ip is mandatory for tunnel')
+
+ if 'remote_ip' not in config and config['encapsulation'] != 'gre':
+ raise ConfigError('remote-ip is mandatory for tunnel')
+
+ if {'local_ip', 'dhcp_interface'} <= set(config):
+ raise ConfigError('Can not use both local-ip and dhcp-interface')
+
+ if config['encapsulation'] in ['ipip6', 'ip6ip6', 'ip6gre', 'ip6erspan']:
+ error_ipv6 = 'Encapsulation mode requires IPv6'
+ if 'local_ip' in config and not is_ipv6(config['local_ip']):
+ raise ConfigError(f'{error_ipv6} local-ip')
+
+ if 'remote_ip' in config and not is_ipv6(config['remote_ip']):
+ raise ConfigError(f'{error_ipv6} remote-ip')
+ else:
+ error_ipv4 = 'Encapsulation mode requires IPv4'
+ if 'local_ip' in config and not is_ipv4(config['local_ip']):
+ raise ConfigError(f'{error_ipv4} local-ip')
+
+ if 'remote_ip' in config and not is_ipv4(config['remote_ip']):
+ raise ConfigError(f'{error_ipv4} remote-ip')
+
+ if config['encapsulation'] in ['sit', 'gre-bridge']:
+ if 'source_interface' in config:
+ raise ConfigError('Option source-interface can not be used with ' \
+ 'encapsulation "sit" or "gre-bridge"')
+ elif config['encapsulation'] == 'gre':
+ if 'local_ip' in config and is_ipv6(config['local_ip']):
+ raise ConfigError('Can not use local IPv6 address is for mGRE tunnels')
+
def verify_eapol(config):
"""
Common helper function used by interface implementations to perform