diff options
| -rw-r--r-- | interface-definitions/include/interface/inbound-interface.xml.i | 10 | ||||
| -rw-r--r-- | interface-definitions/policy-local-route.xml.in | 2 | ||||
| -rwxr-xr-x | smoketest/scripts/cli/test_policy.py | 53 | ||||
| -rwxr-xr-x | src/conf_mode/policy-local-route.py | 36 |
4 files changed, 7 insertions, 94 deletions
diff --git a/interface-definitions/include/interface/inbound-interface.xml.i b/interface-definitions/include/interface/inbound-interface.xml.i deleted file mode 100644 index 5a8d47280..000000000 --- a/interface-definitions/include/interface/inbound-interface.xml.i +++ /dev/null @@ -1,10 +0,0 @@ -<!-- include start from interface/inbound-interface.xml.i --> -<leafNode name="inbound-interface"> - <properties> - <help>Inbound Interface</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - </properties> -</leafNode> -<!-- include end --> diff --git a/interface-definitions/policy-local-route.xml.in b/interface-definitions/policy-local-route.xml.in index 7abf0dc0b..1c9d94ec5 100644 --- a/interface-definitions/policy-local-route.xml.in +++ b/interface-definitions/policy-local-route.xml.in @@ -76,7 +76,6 @@ <multi/> </properties> </leafNode> - #include <include/interface/inbound-interface.xml.i> </children> </tagNode> </children> @@ -166,7 +165,6 @@ <multi/> </properties> </leafNode> - #include <include/interface/inbound-interface.xml.i> </children> </tagNode> </children> diff --git a/smoketest/scripts/cli/test_policy.py b/smoketest/scripts/cli/test_policy.py index ae63ecd50..6697b9f16 100755 --- a/smoketest/scripts/cli/test_policy.py +++ b/smoketest/scripts/cli/test_policy.py @@ -749,32 +749,6 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase): self.assertEqual(sort_ip(tmp), sort_ip(original)) - # Test set table for sources with iif - def test_iif_sources_table_id(self): - path = base_path + ['local-route'] - - sources = ['203.0.113.11', '203.0.113.12'] - iif = 'lo' - rule = '100' - table = '150' - - self.cli_set(path + ['rule', rule, 'set', 'table', table]) - self.cli_set(path + ['rule', rule, 'inbound-interface', iif]) - for src in sources: - self.cli_set(path + ['rule', rule, 'source', src]) - - self.cli_commit() - - # Check generated configuration - # Expected values - original = """ - 100: from 203.0.113.11 iif lo lookup 150 - 100: from 203.0.113.12 iif lo lookup 150 - """ - tmp = cmd('ip rule show prio 100') - - self.assertEqual(sort_ip(tmp), sort_ip(original)) - # Test set table for sources and destinations with fwmark def test_fwmark_sources_destination_table_id(self): path = base_path + ['local-route'] @@ -887,31 +861,6 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase): self.assertEqual(sort_ip(tmp), sort_ip(original)) - # Test set table for sources with iif ipv6 - def test_iif_sources_ipv6_table_id(self): - path = base_path + ['local-route6'] - - sources = ['2001:db8:1338::/126', '2001:db8:1339::/126'] - iif = 'lo' - rule = '102' - table = '150' - for src in sources: - self.cli_set(path + ['rule', rule, 'set', 'table', table]) - self.cli_set(path + ['rule', rule, 'source', src]) - self.cli_set(path + ['rule', rule, 'inbound-interface', iif]) - - self.cli_commit() - - # Check generated configuration - # Expected values - original = """ - 102: from 2001:db8:1338::/126 iif lo lookup 150 - 102: from 2001:db8:1339::/126 iif lo lookup 150 - """ - tmp = cmd('ip -6 rule show prio 102') - - self.assertEqual(sort_ip(tmp), sort_ip(original)) - # Test set table for sources and destinations with fwmark ipv6 def test_fwmark_sources_destination_ipv6_table_id(self): path = base_path + ['local-route6'] @@ -978,7 +927,7 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase): 103: from 2001:db8:1338::/126 to 2001:db8:16::/48 fwmark 0x17 lookup 150 103: from 2001:db8:1339::/56 to 2001:db8:13::/48 fwmark 0x17 lookup 150 103: from 2001:db8:1339::/56 to 2001:db8:16::/48 fwmark 0x17 lookup 150 - 103: from 2001:db8:1338::/126 to 2001:db8:13::/48 fwmark 0x17 lookup 150 + 103: from 2001:db8:1338::/126 to 2001:db8:13::/48 fwmark 0x17 lookup 150 """ tmp = cmd('ip rule show prio 103') tmp_v6 = cmd('ip -6 rule show prio 103') diff --git a/src/conf_mode/policy-local-route.py b/src/conf_mode/policy-local-route.py index 5aa7eb3fd..c4bef3414 100755 --- a/src/conf_mode/policy-local-route.py +++ b/src/conf_mode/policy-local-route.py @@ -18,7 +18,6 @@ import os from sys import exit -from netifaces import interfaces from vyos.config import Config from vyos.configdict import dict_merge from vyos.configdict import node_changed @@ -52,15 +51,12 @@ def get_config(config=None): for rule in (tmp or []): src = leaf_node_changed(conf, base_rule + [rule, 'source']) fwmk = leaf_node_changed(conf, base_rule + [rule, 'fwmark']) - iif = leaf_node_changed(conf, base_rule + [rule, 'inbound-interface']) dst = leaf_node_changed(conf, base_rule + [rule, 'destination']) rule_def = {} if src: rule_def = dict_merge({'source' : src}, rule_def) if fwmk: rule_def = dict_merge({'fwmark' : fwmk}, rule_def) - if iif: - rule_def = dict_merge({'inbound_interface' : iif}, rule_def) if dst: rule_def = dict_merge({'destination' : dst}, rule_def) dict = dict_merge({dict_id : {rule : rule_def}}, dict) @@ -76,7 +72,6 @@ def get_config(config=None): for rule, rule_config in pbr[route]['rule'].items(): src = leaf_node_changed(conf, base_rule + [rule, 'source']) fwmk = leaf_node_changed(conf, base_rule + [rule, 'fwmark']) - iif = leaf_node_changed(conf, base_rule + [rule, 'inbound-interface']) dst = leaf_node_changed(conf, base_rule + [rule, 'destination']) # keep track of changes in configuration # otherwise we might remove an existing node although nothing else has changed @@ -105,13 +100,6 @@ def get_config(config=None): changed = True if len(fwmk) > 0: rule_def = dict_merge({'fwmark' : fwmk}, rule_def) - if iif is None: - if 'inbound_interface' in rule_config: - rule_def = dict_merge({'inbound_interface': rule_config['inbound_interface']}, rule_def) - else: - changed = True - if len(iif) > 0: - rule_def = dict_merge({'inbound_interface' : iif}, rule_def) if dst is None: if 'destination' in rule_config: rule_def = dict_merge({'destination': rule_config['destination']}, rule_def) @@ -137,18 +125,11 @@ def verify(pbr): pbr_route = pbr[route] if 'rule' in pbr_route: for rule in pbr_route['rule']: - if 'source' not in pbr_route['rule'][rule] \ - and 'destination' not in pbr_route['rule'][rule] \ - and 'fwmark' not in pbr_route['rule'][rule] \ - and 'inbound_interface' not in pbr_route['rule'][rule]: - raise ConfigError('Source or destination address or fwmark or inbound-interface is required!') + if 'source' not in pbr_route['rule'][rule] and 'destination' not in pbr_route['rule'][rule] and 'fwmark' not in pbr_route['rule'][rule]: + raise ConfigError('Source or destination address or fwmark is required!') else: if 'set' not in pbr_route['rule'][rule] or 'table' not in pbr_route['rule'][rule]['set']: raise ConfigError('Table set is required!') - if 'inbound_interface' in pbr_route['rule'][rule]: - interface = pbr_route['rule'][rule]['inbound_interface'] - if interface not in interfaces(): - raise ConfigError(f'Interface "{interface}" does not exist') return None @@ -162,6 +143,8 @@ def apply(pbr): if not pbr: return None + print(pbr) + # Delete old rule if needed for rule_rm in ['rule_remove', 'rule6_remove']: if rule_rm in pbr: @@ -176,10 +159,7 @@ def apply(pbr): rule_config['fwmark'] = rule_config['fwmark'] if 'fwmark' in rule_config else [''] for fwmk in rule_config['fwmark']: f_fwmk = '' if fwmk == '' else f' fwmark {fwmk} ' - rule_config['inbound_interface'] = rule_config['inbound_interface'] if 'inbound_interface' in rule_config else [''] - for iif in rule_config['inbound_interface']: - f_iif = '' if iif == '' else f' iif {iif} ' - call(f'ip{v6} rule del prio {rule} {f_src}{f_dst}{f_fwmk}{f_iif}') + call(f'ip{v6} rule del prio {rule} {f_src}{f_dst}{f_fwmk}') # Generate new config for route in ['local_route', 'local_route6']: @@ -203,11 +183,7 @@ def apply(pbr): if 'fwmark' in rule_config: fwmk = rule_config['fwmark'] f_fwmk = f' fwmark {fwmk} ' - f_iif = '' - if 'inbound_interface' in rule_config: - iif = rule_config['inbound_interface'] - f_iif = f' iif {iif} ' - call(f'ip{v6} rule add prio {rule} {f_src}{f_dst}{f_fwmk}{f_iif} lookup {table}') + call(f'ip{v6} rule add prio {rule} {f_src}{f_dst}{f_fwmk} lookup {table}') return None |