From 7581a5c6cbbc3f0e38ac69028b814252805d5c98 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Wed, 23 Mar 2022 10:58:02 +0100
Subject: qos: T4284: verify mirror/redirect target interface exists

---
 python/vyos/configverify.py       | 13 ++++++++++++-
 python/vyos/ifconfig/interface.py |  4 ----
 2 files changed, 12 insertions(+), 5 deletions(-)

(limited to 'python')

diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index 9f2771854..1062d51ee 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -185,15 +185,26 @@ def verify_mirror_redirect(config):
 
     It makes no sense to mirror traffic back at yourself!
     """
+    import os
     if {'mirror', 'redirect'} <= set(config):
         raise ConfigError('Mirror and redirect can not be enabled at the same time!')
 
     if 'mirror' in config:
         for direction, mirror_interface in config['mirror'].items():
+            if not os.path.exists(f'/sys/class/net/{mirror_interface}'):
+                raise ConfigError(f'Requested mirror interface "{mirror_interface}" '\
+                                   'does not exist!')
+
             if mirror_interface == config['ifname']:
-                raise ConfigError(f'Can not mirror "{direction}" traffic back ' \
+                raise ConfigError(f'Can not mirror "{direction}" traffic back '\
                                    'the originating interface!')
 
+    if 'redirect' in config:
+        redirect_ifname = config['redirect']
+        if not os.path.exists(f'/sys/class/net/{redirect_ifname}'):
+            raise ConfigError(f'Requested redirect interface "{redirect_ifname}" '\
+                               'does not exist!')
+
     if dict_search('traffic_policy.in', config) != None:
         # XXX: support combination of limiting and redirect/mirror - this is an
         # artificial limitation
diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py
index 1464b2969..5b2760386 100755
--- a/python/vyos/ifconfig/interface.py
+++ b/python/vyos/ifconfig/interface.py
@@ -13,7 +13,6 @@
 # You should have received a copy of the GNU Lesser General Public
 # License along with this library.  If not, see <http://www.gnu.org/licenses/>.
 
-from netifaces import interfaces
 import os
 import re
 import json
@@ -1319,9 +1318,6 @@ class Interface(Control):
         # Apply interface mirror policy
         if mirror_config:
             for direction, target_if in mirror_config.items():
-                if target_if not in interfaces():
-                    continue
-
                 if direction == 'ingress':
                     handle = 'ffff: ingress'
                     parent = 'ffff:'
-- 
cgit v1.2.3