From 595f35bbdda732883ce0b8b0721061bb3a40a715 Mon Sep 17 00:00:00 2001 From: Nataliia Solomko Date: Wed, 11 Sep 2024 12:22:25 +0300 Subject: policy: T6676: Invalid route-map caused bgpd to crash --- src/conf_mode/policy.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/conf_mode/policy.py b/src/conf_mode/policy.py index 4df893ebf..a5963e72c 100755 --- a/src/conf_mode/policy.py +++ b/src/conf_mode/policy.py @@ -167,10 +167,10 @@ def verify(policy): continue for rule, rule_config in route_map_config['rule'].items(): - # Action 'deny' cannot be used with "continue" - # FRR does not validate it T4827 - if rule_config['action'] == 'deny' and 'continue' in rule_config: - raise ConfigError(f'rule {rule} "continue" cannot be used with action deny!') + # Action 'deny' cannot be used with "continue" or "on-match" + # FRR does not validate it T4827, T6676 + if rule_config['action'] == 'deny' and ('continue' in rule_config or 'on_match' in rule_config): + raise ConfigError(f'rule {rule} "continue" or "on-match" cannot be used with action deny!') # Specified community-list must exist tmp = dict_search('match.community.community_list', -- cgit v1.2.3