diff options
author | Jernej Jakob <jernej.jakob@gmail.com> | 2020-05-03 13:57:35 +0200 |
---|---|---|
committer | Jernej Jakob <jernej.jakob@gmail.com> | 2020-05-04 20:58:06 +0200 |
commit | da413b6aec002b37a20443632bab08f5db89f854 (patch) | |
tree | fc148be504f7c10515f78a0795c7acd9354dfc29 /python/vyos | |
parent | 64d3d94f35453bfaf596c27a0fc0f3fa78cc7260 (diff) | |
download | vyos-1x-da413b6aec002b37a20443632bab08f5db89f854.tar.gz vyos-1x-da413b6aec002b37a20443632bab08f5db89f854.zip |
vlan: T2241: add checks for bridge membership
Diffstat (limited to 'python/vyos')
-rw-r--r-- | python/vyos/configdict.py | 2 | ||||
-rw-r--r-- | python/vyos/ifconfig_vlan.py | 35 |
2 files changed, 27 insertions, 10 deletions
diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index 97ba8937c..0648d8646 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -26,7 +26,6 @@ from vyos.ifconfig import Interface from vyos.validate import is_member from vyos.util import ifname_from_config - def retrieve_config(path_hash, base_path, config): """ Retrieves a VyOS config as a dict according to a declarative description @@ -130,6 +129,7 @@ vlan_default = { 'ipv6_dup_addr_detect': 1, 'ingress_qos': '', 'ingress_qos_changed': False, + 'is_bridge_member': False, 'mac': '', 'mtu': 1500, 'vif_c': [], diff --git a/python/vyos/ifconfig_vlan.py b/python/vyos/ifconfig_vlan.py index ee009f7f9..079118df6 100644 --- a/python/vyos/ifconfig_vlan.py +++ b/python/vyos/ifconfig_vlan.py @@ -103,9 +103,15 @@ def verify_vlan_config(config): if vif['dhcpv6_prm_only'] and vif['dhcpv6_temporary']: raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') - vrf_name = vif['vrf'] - if vrf_name and vrf_name not in interfaces(): - raise ConfigError(f'VRF "{vrf_name}" does not exist') + + if vif['vrf']: + if vif['vrf'] not in interfaces(): + raise ConfigError(f'VRF "{vif["vrf"]}" does not exist') + + if vif['is_bridge_member']: + raise ConfigError(( + f'vif {vif["intf"]} cannot be member of VRF {vif["vrf"]} ' + f'and bridge {vif["is_bridge_member"]} at the same time!')) # e.g. wireless interface has no vif_s support # thus we bail out eraly. @@ -121,17 +127,28 @@ def verify_vlan_config(config): if vif_s['dhcpv6_prm_only'] and vif_s['dhcpv6_temporary']: raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') - vrf_name = vif_s['vrf'] - if vrf_name and vrf_name not in interfaces(): - raise ConfigError(f'VRF "{vrf_name}" does not exist') + + if vif_s['vrf']: + if vif_s['vrf'] not in interfaces(): + raise ConfigError(f'VRF "{vif_s["vrf"]}" does not exist') + + if vif_s['is_bridge_member']: + raise ConfigError(( + f'vif-s {vif_s["intf"]} cannot be member of VRF {vif_s["vrf"]} ' + f'and bridge {vif_s["is_bridge_member"]} at the same time!')) for vif_c in vif_s['vif_c']: # DHCPv6 parameters-only and temporary address are mutually exclusive if vif_c['dhcpv6_prm_only'] and vif_c['dhcpv6_temporary']: raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!') - vrf_name = vif_c['vrf'] - if vrf_name and vrf_name not in interfaces(): - raise ConfigError(f'VRF "{vrf_name}" does not exist') + if vif_c['vrf']: + if vif_c['vrf'] not in interfaces(): + raise ConfigError(f'VRF "{vif_c["vrf"]}" does not exist') + + if vif_c['is_bridge_member']: + raise ConfigError(( + f'vif-c {vif_c["intf"]} cannot be member of VRF {vif_c["vrf"]} ' + f'and bridge {vif_c["is_bridge_member"]} at the same time!')) |