From 42373334b1edae9553776bfbe8f21ba3bf4dd2a5 Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Sun, 20 Nov 2022 09:17:06 +0000 Subject: T4827: Route-map state continue must be with action permit only route-map action 'deny' cannot be used for "continue" as FRR does not validate it r14(config)# route-map FOO permit 100 r14(config-route-map)# route-map FOO deny 50 r14(config-route-map)# on-match goto 100 % Configuration failed. Error type: validation r14(config-route-map)# --- src/conf_mode/policy.py | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/conf_mode/policy.py') diff --git a/src/conf_mode/policy.py b/src/conf_mode/policy.py index a0d288e91..331194fec 100755 --- a/src/conf_mode/policy.py +++ b/src/conf_mode/policy.py @@ -167,6 +167,11 @@ def verify(policy): continue for rule, rule_config in route_map_config['rule'].items(): + # Action 'deny' cannot be used with "continue" + # FRR does not validate it T4827 + if rule_config['action'] == 'deny' and 'continue' in rule_config: + raise ConfigError(f'rule {rule} "continue" cannot be used with action deny!') + # Specified community-list must exist tmp = dict_search('match.community.community_list', rule_config) -- cgit v1.2.3