summaryrefslogtreecommitdiff
path: root/python/vyos
diff options
context:
space:
mode:
authorJernej Jakob <jernej.jakob@gmail.com>2020-05-03 13:57:35 +0200
committerJernej Jakob <jernej.jakob@gmail.com>2020-05-04 20:58:06 +0200
commitda413b6aec002b37a20443632bab08f5db89f854 (patch)
treefc148be504f7c10515f78a0795c7acd9354dfc29 /python/vyos
parent64d3d94f35453bfaf596c27a0fc0f3fa78cc7260 (diff)
downloadvyos-1x-da413b6aec002b37a20443632bab08f5db89f854.tar.gz
vyos-1x-da413b6aec002b37a20443632bab08f5db89f854.zip
vlan: T2241: add checks for bridge membership
Diffstat (limited to 'python/vyos')
-rw-r--r--python/vyos/configdict.py2
-rw-r--r--python/vyos/ifconfig_vlan.py35
2 files changed, 27 insertions, 10 deletions
diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py
index 97ba8937c..0648d8646 100644
--- a/python/vyos/configdict.py
+++ b/python/vyos/configdict.py
@@ -26,7 +26,6 @@ from vyos.ifconfig import Interface
from vyos.validate import is_member
from vyos.util import ifname_from_config
-
def retrieve_config(path_hash, base_path, config):
"""
Retrieves a VyOS config as a dict according to a declarative description
@@ -130,6 +129,7 @@ vlan_default = {
'ipv6_dup_addr_detect': 1,
'ingress_qos': '',
'ingress_qos_changed': False,
+ 'is_bridge_member': False,
'mac': '',
'mtu': 1500,
'vif_c': [],
diff --git a/python/vyos/ifconfig_vlan.py b/python/vyos/ifconfig_vlan.py
index ee009f7f9..079118df6 100644
--- a/python/vyos/ifconfig_vlan.py
+++ b/python/vyos/ifconfig_vlan.py
@@ -103,9 +103,15 @@ def verify_vlan_config(config):
if vif['dhcpv6_prm_only'] and vif['dhcpv6_temporary']:
raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!')
- vrf_name = vif['vrf']
- if vrf_name and vrf_name not in interfaces():
- raise ConfigError(f'VRF "{vrf_name}" does not exist')
+
+ if vif['vrf']:
+ if vif['vrf'] not in interfaces():
+ raise ConfigError(f'VRF "{vif["vrf"]}" does not exist')
+
+ if vif['is_bridge_member']:
+ raise ConfigError((
+ f'vif {vif["intf"]} cannot be member of VRF {vif["vrf"]} '
+ f'and bridge {vif["is_bridge_member"]} at the same time!'))
# e.g. wireless interface has no vif_s support
# thus we bail out eraly.
@@ -121,17 +127,28 @@ def verify_vlan_config(config):
if vif_s['dhcpv6_prm_only'] and vif_s['dhcpv6_temporary']:
raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!')
- vrf_name = vif_s['vrf']
- if vrf_name and vrf_name not in interfaces():
- raise ConfigError(f'VRF "{vrf_name}" does not exist')
+
+ if vif_s['vrf']:
+ if vif_s['vrf'] not in interfaces():
+ raise ConfigError(f'VRF "{vif_s["vrf"]}" does not exist')
+
+ if vif_s['is_bridge_member']:
+ raise ConfigError((
+ f'vif-s {vif_s["intf"]} cannot be member of VRF {vif_s["vrf"]} '
+ f'and bridge {vif_s["is_bridge_member"]} at the same time!'))
for vif_c in vif_s['vif_c']:
# DHCPv6 parameters-only and temporary address are mutually exclusive
if vif_c['dhcpv6_prm_only'] and vif_c['dhcpv6_temporary']:
raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!')
- vrf_name = vif_c['vrf']
- if vrf_name and vrf_name not in interfaces():
- raise ConfigError(f'VRF "{vrf_name}" does not exist')
+ if vif_c['vrf']:
+ if vif_c['vrf'] not in interfaces():
+ raise ConfigError(f'VRF "{vif_c["vrf"]}" does not exist')
+
+ if vif_c['is_bridge_member']:
+ raise ConfigError((
+ f'vif-c {vif_c["intf"]} cannot be member of VRF {vif_c["vrf"]} '
+ f'and bridge {vif_c["is_bridge_member"]} at the same time!'))