diff options
author | Christian Poessinger <christian@poessinger.com> | 2019-08-04 22:31:06 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2019-08-04 22:31:06 +0200 |
commit | 8545b650f0cc1e7319744c3da57d5a74472246dc (patch) | |
tree | 7f9f9d11826915d812ba12d13503d33b48af4d86 /python/vyos | |
parent | 7ce45e063265170185097fc1aef4f3f7f3bbc9f5 (diff) | |
download | vyos-1x-8545b650f0cc1e7319744c3da57d5a74472246dc.tar.gz vyos-1x-8545b650f0cc1e7319744c3da57d5a74472246dc.zip |
[bridge] T1156: validate if supplied MAC address is valid
Diffstat (limited to 'python/vyos')
-rw-r--r-- | python/vyos/configinterface.py | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/python/vyos/configinterface.py b/python/vyos/configinterface.py index 37b6b92c1..8ff93c02f 100644 --- a/python/vyos/configinterface.py +++ b/python/vyos/configinterface.py @@ -15,12 +15,32 @@ import os +def validate_mac_address(addr): + # a mac address consits out of 6 octets + octets = len(addr.split(':')) + if octets != 6: + raise ValueError('wrong number of MAC octets: {} '.format(octets)) + + # validate against the first mac address byte if it's a multicast address + if int(addr.split(':')[0]) & 1: + raise ValueError('{} is a multicast MAC address'.format(addr)) + + # overall mac address is not allowed to be 00:00:00:00:00:00 + if sum(int(i, 16) for i in addr.split(':')) == 0: + raise ValueError('00:00:00:00:00:00 is not a valid MAC address') + + # check for VRRP mac address + if addr.split(':')[0] == '0' and addr.split(':')[1] == '0' and addr.split(':')[2] == '94' and addr.split(':')[3] == '0' and addr.split(':')[4] == '1': + raise ValueError('{} is a VRRP MAC address') + + pass + def set_mac_address(intf, addr): """ Configure interface mac address using iproute2 command - - NOTE: mac address should be validated here??? """ + validate_mac_address(addr) + os.system('ip link set {} address {}'.format(intf, addr)) def set_description(intf, desc): |