summaryrefslogtreecommitdiff
path: root/python/vyos/validate.py
diff options
context:
space:
mode:
authorThomas Mangin <thomas.mangin@exa.net.uk>2020-06-23 18:24:29 +0100
committerThomas Mangin <thomas.mangin@exa.net.uk>2020-06-23 18:24:29 +0100
commitfba3e4b624529576cbfe59f10dfc1bb3df80634f (patch)
treebad69c9e8914e932df7f628478ffdc124d95669c /python/vyos/validate.py
parent70d45cdec4263a0eff1146656ae8e8012ab125b6 (diff)
downloadvyos-1x-fba3e4b624529576cbfe59f10dfc1bb3df80634f.tar.gz
vyos-1x-fba3e4b624529576cbfe59f10dfc1bb3df80634f.zip
validation: T2630: bound to interface mtu if available
Diffstat (limited to 'python/vyos/validate.py')
-rw-r--r--python/vyos/validate.py31
1 files changed, 28 insertions, 3 deletions
diff --git a/python/vyos/validate.py b/python/vyos/validate.py
index 6304fa8de..9072c5817 100644
--- a/python/vyos/validate.py
+++ b/python/vyos/validate.py
@@ -13,10 +13,23 @@
# You should have received a copy of the GNU Lesser General Public
# License along with this library. If not, see <http://www.gnu.org/licenses/>.
+import json
import socket
import netifaces
import ipaddress
+from vyos.util import cmd
+
+# Important note when you are adding new validation functions:
+#
+# The Control class will analyse the signature of the function in this file
+# and will build the parameters to be passed to it.
+#
+# The parameter names "ifname" and "self" will get the Interface name and class
+# parameters with default will be left unset
+# all other paramters will receive the value to check
+
+
def is_ip(addr):
"""
Check addr if it is an IPv4 or IPv6 address
@@ -208,10 +221,21 @@ def assert_positive(n, smaller=0):
raise ValueError(f'{n} is smaller than {smaller}')
-def assert_mtu(mtu, min=68, max=9000):
+def assert_mtu(mtu, ifname):
assert_number(mtu)
- if int(mtu) < min or int(mtu) > max:
- raise ValueError(f'Invalid MTU size: "{mtu}"')
+
+ out = cmd(f'ip -j -d link show dev {ifname}')
+ # [{"ifindex":2,"ifname":"eth0","flags":["BROADCAST","MULTICAST","UP","LOWER_UP"],"mtu":1500,"qdisc":"pfifo_fast","operstate":"UP","linkmode":"DEFAULT","group":"default","txqlen":1000,"link_type":"ether","address":"08:00:27:d9:5b:04","broadcast":"ff:ff:ff:ff:ff:ff","promiscuity":0,"min_mtu":46,"max_mtu":16110,"inet6_addr_gen_mode":"none","num_tx_queues":1,"num_rx_queues":1,"gso_max_size":65536,"gso_max_segs":65535}]
+ parsed = json.loads(out)[0]
+ min_mtu = int(parsed.get('min_mtu', '0'))
+ # cur_mtu = parsed.get('mtu',0),
+ max_mtu = int(parsed.get('max_mtu', '0'))
+ cur_mtu = int(mtu)
+
+ if (min_mtu and cur_mtu < min_mtu) or cur_mtu < 68:
+ raise ValueError(f'MTU is too small for interface "{ifname}": {mtu} < {min_mtu}')
+ if (max_mtu and cur_mtu > max_mtu) or cur_mtu > 65536:
+ raise ValueError(f'MTU is too small for interface "{ifname}": {mtu} > {max_mtu}')
def assert_mac(m):
@@ -241,6 +265,7 @@ def assert_mac(m):
if octets[:5] == (0, 0, 94, 0, 1):
raise ValueError(f'{m} is a VRRP MAC address')
+
def is_member(conf, interface, intftype=None):
"""
Checks if passed interface is member of other interface of specified type.