diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-11-17 21:42:26 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-11-17 21:50:43 +0100 |
commit | a12079f7cb7f8c10bfb309375c3397852502ed78 (patch) | |
tree | a0cd5c1fab1c97b333024ce1eea8240c0ba69596 /src/conf_mode | |
parent | b618790b9e5ab51e5d4f65e6756fedca70882cba (diff) | |
download | vyos-1x-a12079f7cb7f8c10bfb309375c3397852502ed78.tar.gz vyos-1x-a12079f7cb7f8c10bfb309375c3397852502ed78.zip |
snmp: T3996: fix invalid IPv6 localhost handling when using listen-address
We need to use a temporary variable when validating the tuple if address
is used. If not the else branch will always add the tuple to the list of
addresses used for listen-address.
(cherry picked from commit d13b91462487e090b32c0d1ecf9139a2271b4837)
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-x | src/conf_mode/snmp.py | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py index 3990e5735..0fbe90cce 100755 --- a/src/conf_mode/snmp.py +++ b/src/conf_mode/snmp.py @@ -20,13 +20,17 @@ from sys import exit from vyos.config import Config from vyos.configverify import verify_vrf -from vyos.snmpv3_hashgen import plaintext_to_md5, plaintext_to_sha1, random +from vyos.snmpv3_hashgen import plaintext_to_md5 +from vyos.snmpv3_hashgen import plaintext_to_sha1 +from vyos.snmpv3_hashgen import random from vyos.template import render from vyos.template import is_ipv4 -from vyos.util import call, chmod_755 +from vyos.util import call +from vyos.util import chmod_755 from vyos.validate import is_addr_assigned from vyos.version import get_version_data -from vyos import ConfigError, airbag +from vyos import ConfigError +from vyos import airbag airbag.enable() config_file_client = r'/etc/snmp/snmp.conf' @@ -401,19 +405,20 @@ def verify(snmp): addr = listen[0] port = listen[1] + tmp = None if is_ipv4(addr): # example: udp:127.0.0.1:161 - listen = 'udp:' + addr + ':' + port + tmp = f'udp:{addr}:{port}' elif snmp['ipv6_enabled']: # example: udp6:[::1]:161 - listen = 'udp6:' + '[' + addr + ']' + ':' + port + tmp = f'udp6:[{addr}]:{port}' # We only wan't to configure addresses that exist on the system. # Hint the user if they don't exist if is_addr_assigned(addr): - snmp['listen_on'].append(listen) + if tmp: snmp['listen_on'].append(tmp) else: - print('WARNING: SNMP listen address {0} not configured!'.format(addr)) + print(f'WARNING: SNMP listen address {addr} not configured!') verify_vrf(snmp) |