diff options
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/firewall.py | 5 | ||||
-rwxr-xr-x | src/conf_mode/protocols_nhrp.py | 7 | ||||
-rwxr-xr-x | src/op_mode/show_ip_external.sh | 19 |
3 files changed, 23 insertions, 8 deletions
diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py index 335098bf1..fbe0a3a13 100755 --- a/src/conf_mode/firewall.py +++ b/src/conf_mode/firewall.py @@ -423,8 +423,9 @@ def apply(firewall): call('systemctl restart vyos-domain-group-resolve.service') for group, group_config in firewall['group']['domain_group'].items(): domains = [] - for address in group_config['address']: - domains.append(address) + if group_config.get('address') is not None: + for address in group_config.get('address'): + domains.append(address) # Add elements to domain-group, try to resolve domain => ip # and add elements to nft set ip_dict = get_ips_domains_dict(domains) diff --git a/src/conf_mode/protocols_nhrp.py b/src/conf_mode/protocols_nhrp.py index 56939955d..b247ce2ab 100755 --- a/src/conf_mode/protocols_nhrp.py +++ b/src/conf_mode/protocols_nhrp.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2021-2022 VyOS maintainers and contributors +# Copyright (C) 2021 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -81,11 +81,6 @@ def verify(nhrp): for map_name, map_conf in nhrp_conf['dynamic_map'].items(): if 'nbma_domain_name' not in map_conf: raise ConfigError(f'nbma-domain-name missing on dynamic-map {map_name} on tunnel {name}') - - if 'cisco_authentication' in nhrp_conf: - if len(nhrp_conf['cisco_authentication']) > 8: - raise ConfigError('Maximum length of the secret is 8 characters!') - return None def generate(nhrp): diff --git a/src/op_mode/show_ip_external.sh b/src/op_mode/show_ip_external.sh new file mode 100755 index 000000000..275d05278 --- /dev/null +++ b/src/op_mode/show_ip_external.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +# Detect an external IP address +# Use random services for checking + + +array=( + ipinfo.io/ip + ifconfig.me + ipecho.net/plain + icanhazip.com + v4.ident.me + checkip.amazonaws.com +) + +size=${#array[@]} +index=$(($RANDOM % $size)) + +curl --silent ${array[$index]} | tr -d "[:space:]" && echo |