From 83a9ce7991195c709736eec234fea3d60cde7582 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Tue, 22 Sep 2020 18:37:00 +0200
Subject: ifconfig: T2653: bond: bridge: ensure member interface is not a
 source-interface

As we already check that a bond/bridge member interface is not a member of any
other bridge or bond, the check must be extended. We also need to ensure that
the bond member interface is not used as a source-interface to pppoe, macsec,
tunnel, pseudo-ethernet, vxlan interfaces.
---
 python/vyos/configverify.py | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'python/vyos/configverify.py')

diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index 7e1930878..bf4e26fa7 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -82,9 +82,20 @@ def verify_source_interface(config):
     if 'source_interface' not in config:
         raise ConfigError('Physical source-interface required for '
                           'interface "{ifname}"'.format(**config))
+
     if config['source_interface'] not in interfaces():
-        raise ConfigError('Source interface {source_interface} does not '
-                          'exist'.format(**config))
+        raise ConfigError('Specified source-interface {source_interface} does '
+                          'not exist'.format(**config))
+
+    if 'source_interface_is_bridge_member' in config:
+        raise ConfigError('Invalid source-interface {source_interface}. Interface '
+                          'is already a member of bridge '
+                          '{source_interface_is_bridge_member}'.format(**config))
+
+    if 'source_interface_is_bond_member' in config:
+        raise ConfigError('Invalid source-interface {source_interface}. Interface '
+                          'is already a member of bond '
+                          '{source_interface_is_bond_member}'.format(**config))
 
 def verify_dhcpv6(config):
     """
-- 
cgit v1.2.3