tunnel: T3788: Add check keys for ipip and sit

Keys are not allowed with ipip and sit tunnels (cherry picked from commit 7e84566dedfdc532ffe05b404005daa6f21df567)
author: Viacheslav <v.gletenko@vyos.io> 2021-09-02 18:58:11 +0000
committer: Christian Poessinger <christian@poessinger.com> 2021-09-02 21:48:23 +0200
commit: a654886f23aada50b4f1a951c7c45a98f962341c (patch)
tree: 66f20c644ce7d517ba689a0cf2d10db53e1b1d52 /src/conf_mode
parent: 4a8bf1ee1e1e5b6fee1850b5cb82085c0edd75ab (diff)
download: vyos-1x-a654886f23aada50b4f1a951c7c45a98f962341c.tar.gz
vyos-1x-a654886f23aada50b4f1a951c7c45a98f962341c.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/conf_mode/interfaces-tunnel.py b/src/conf_mode/interfaces-tunnel.py
index a7207f94e..ccc4bad3d 100755
--- a/src/conf_mode/interfaces-tunnel.py
+++ b/src/conf_mode/interfaces-tunnel.py
@@ -80,6 +80,11 @@ def verify(tunnel):
        dict_search('parameters.ip.key', tunnel) == None:
         raise ConfigError('Tunnel parameters ip key must be set!')
 
+    # Keys are not allowed with ipip and sit tunnels
+    if tunnel['encapsulation'] in ['ipip', 'sit']:
+        if dict_search('parameters.ip.key', tunnel) != None:
+            raise ConfigError('Keys are not allowed with ipip and sit tunnels!')
+
     verify_mtu_ipv6(tunnel)
     verify_address(tunnel)
     verify_vrf(tunnel)
author	Viacheslav <v.gletenko@vyos.io>	2021-09-02 18:58:11 +0000
committer	Christian Poessinger <christian@poessinger.com>	2021-09-02 21:48:23 +0200
commit	a654886f23aada50b4f1a951c7c45a98f962341c (patch)
tree	66f20c644ce7d517ba689a0cf2d10db53e1b1d52 /src/conf_mode
parent	4a8bf1ee1e1e5b6fee1850b5cb82085c0edd75ab (diff)
download	vyos-1x-a654886f23aada50b4f1a951c7c45a98f962341c.tar.gz vyos-1x-a654886f23aada50b4f1a951c7c45a98f962341c.zip