summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/firewall.py5
-rwxr-xr-xsrc/conf_mode/protocols_nhrp.py7
-rwxr-xr-xsrc/op_mode/show_ip_external.sh19
3 files changed, 23 insertions, 8 deletions
diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py
index 335098bf1..fbe0a3a13 100755
--- a/src/conf_mode/firewall.py
+++ b/src/conf_mode/firewall.py
@@ -423,8 +423,9 @@ def apply(firewall):
call('systemctl restart vyos-domain-group-resolve.service')
for group, group_config in firewall['group']['domain_group'].items():
domains = []
- for address in group_config['address']:
- domains.append(address)
+ if group_config.get('address') is not None:
+ for address in group_config.get('address'):
+ domains.append(address)
# Add elements to domain-group, try to resolve domain => ip
# and add elements to nft set
ip_dict = get_ips_domains_dict(domains)
diff --git a/src/conf_mode/protocols_nhrp.py b/src/conf_mode/protocols_nhrp.py
index 56939955d..b247ce2ab 100755
--- a/src/conf_mode/protocols_nhrp.py
+++ b/src/conf_mode/protocols_nhrp.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021-2022 VyOS maintainers and contributors
+# Copyright (C) 2021 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -81,11 +81,6 @@ def verify(nhrp):
for map_name, map_conf in nhrp_conf['dynamic_map'].items():
if 'nbma_domain_name' not in map_conf:
raise ConfigError(f'nbma-domain-name missing on dynamic-map {map_name} on tunnel {name}')
-
- if 'cisco_authentication' in nhrp_conf:
- if len(nhrp_conf['cisco_authentication']) > 8:
- raise ConfigError('Maximum length of the secret is 8 characters!')
-
return None
def generate(nhrp):
diff --git a/src/op_mode/show_ip_external.sh b/src/op_mode/show_ip_external.sh
new file mode 100755
index 000000000..275d05278
--- /dev/null
+++ b/src/op_mode/show_ip_external.sh
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+# Detect an external IP address
+# Use random services for checking
+
+
+array=(
+ ipinfo.io/ip
+ ifconfig.me
+ ipecho.net/plain
+ icanhazip.com
+ v4.ident.me
+ checkip.amazonaws.com
+)
+
+size=${#array[@]}
+index=$(($RANDOM % $size))
+
+curl --silent ${array[$index]} | tr -d "[:space:]" && echo