summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-11-17 21:42:26 +0100
committerChristian Poessinger <christian@poessinger.com>2021-11-17 21:50:43 +0100
commita12079f7cb7f8c10bfb309375c3397852502ed78 (patch)
treea0cd5c1fab1c97b333024ce1eea8240c0ba69596 /src/conf_mode
parentb618790b9e5ab51e5d4f65e6756fedca70882cba (diff)
downloadvyos-1x-a12079f7cb7f8c10bfb309375c3397852502ed78.tar.gz
vyos-1x-a12079f7cb7f8c10bfb309375c3397852502ed78.zip
snmp: T3996: fix invalid IPv6 localhost handling when using listen-address
We need to use a temporary variable when validating the tuple if address is used. If not the else branch will always add the tuple to the list of addresses used for listen-address. (cherry picked from commit d13b91462487e090b32c0d1ecf9139a2271b4837)
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/snmp.py19
1 files changed, 12 insertions, 7 deletions
diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py
index 3990e5735..0fbe90cce 100755
--- a/src/conf_mode/snmp.py
+++ b/src/conf_mode/snmp.py
@@ -20,13 +20,17 @@ from sys import exit
from vyos.config import Config
from vyos.configverify import verify_vrf
-from vyos.snmpv3_hashgen import plaintext_to_md5, plaintext_to_sha1, random
+from vyos.snmpv3_hashgen import plaintext_to_md5
+from vyos.snmpv3_hashgen import plaintext_to_sha1
+from vyos.snmpv3_hashgen import random
from vyos.template import render
from vyos.template import is_ipv4
-from vyos.util import call, chmod_755
+from vyos.util import call
+from vyos.util import chmod_755
from vyos.validate import is_addr_assigned
from vyos.version import get_version_data
-from vyos import ConfigError, airbag
+from vyos import ConfigError
+from vyos import airbag
airbag.enable()
config_file_client = r'/etc/snmp/snmp.conf'
@@ -401,19 +405,20 @@ def verify(snmp):
addr = listen[0]
port = listen[1]
+ tmp = None
if is_ipv4(addr):
# example: udp:127.0.0.1:161
- listen = 'udp:' + addr + ':' + port
+ tmp = f'udp:{addr}:{port}'
elif snmp['ipv6_enabled']:
# example: udp6:[::1]:161
- listen = 'udp6:' + '[' + addr + ']' + ':' + port
+ tmp = f'udp6:[{addr}]:{port}'
# We only wan't to configure addresses that exist on the system.
# Hint the user if they don't exist
if is_addr_assigned(addr):
- snmp['listen_on'].append(listen)
+ if tmp: snmp['listen_on'].append(tmp)
else:
- print('WARNING: SNMP listen address {0} not configured!'.format(addr))
+ print(f'WARNING: SNMP listen address {addr} not configured!')
verify_vrf(snmp)