summaryrefslogtreecommitdiff
path: root/python/vyos
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-01-03 21:12:58 +0100
committerChristian Poessinger <christian@poessinger.com>2021-01-03 21:12:58 +0100
commit77deec39262be04d121bd500d80ba2ed8bf04f84 (patch)
tree2d28e4719b0d62941ce1943256fe40e1659d5607 /python/vyos
parentf4625c9ee2f54992ed96f113ff52c5a9993ea769 (diff)
downloadvyos-1x-77deec39262be04d121bd500d80ba2ed8bf04f84.tar.gz
vyos-1x-77deec39262be04d121bd500d80ba2ed8bf04f84.zip
mirror: add verify() check so we can not mirror back to our self
Diffstat (limited to 'python/vyos')
-rw-r--r--python/vyos/configverify.py14
1 files changed, 14 insertions, 0 deletions
diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index 96eeb6bb1..a425ca671 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -99,6 +99,20 @@ def verify_eapol(config):
raise ConfigError('Both cert and key-file must be specified '\
'when using EAPoL!')
+def verify_mirror(config):
+ """
+ Common helper function used by interface implementations to perform
+ recurring validation of mirror interface configuration.
+
+ It makes no sense to mirror traffic back at yourself!
+ """
+ if 'mirror' in config:
+ for direction, mirror_interface in config['mirror'].items():
+ if mirror_interface == config['ifname']:
+ raise ConfigError(f'Can not mirror "{direction}" traffic back ' \
+ 'the originating interface!')
+
+
def verify_address(config):
"""
Common helper function used by interface implementations to perform