From ded90a0249827911e86c343ad67ae0d2074b6008 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen.hemminger@vyatta.com>
Date: Wed, 9 Jun 2010 10:45:46 -0700
Subject: Block attempts to mirror/redirect to self

---
 interface-templates/mirror/node.def   | 3 +++
 interface-templates/redirect/node.def | 4 ++++
 2 files changed, 7 insertions(+)

diff --git a/interface-templates/mirror/node.def b/interface-templates/mirror/node.def
index cbb3bde..f19ae06 100644
--- a/interface-templates/mirror/node.def
+++ b/interface-templates/mirror/node.def
@@ -2,6 +2,9 @@ type: txt
 help: Set incoming packet mirroring destination
 allowed: ${vyatta_sbindir}/vyatta-interfaces.pl --skip=$IFNAME --show=all
 
+syntax: $VAR(@) != $VAR(../@) ;\
+	 "interface $VAR(../@): mirroring to same interface not allowed"
+
 syntax: /opt/vyatta/sbin/vyatta-interfaces.pl --dev=$IFNAME --check=all
 
 commit:expression: $VAR(../redirect) == ""; \
diff --git a/interface-templates/redirect/node.def b/interface-templates/redirect/node.def
index 6f0bd60..e94e8a8 100644
--- a/interface-templates/redirect/node.def
+++ b/interface-templates/redirect/node.def
@@ -2,7 +2,11 @@ type: txt
 help: Set incoming packet redirection destination
 allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --skip=$IFNAME --show=all
 
+syntax: $VAR(@) != $VAR(../@) ;\
+	 "interface $VAR(../@): redirect to same interface not allowed"
+
 syntax: /opt/vyatta/sbin/vyatta-interfaces.pl --dev=$IFNAME --check=all
+
 commit:expression: $VAR(../mirror) == "";\
 		   "interface $VAR(../@) : can not redirect and mirror on $IFNAME"
 
-- 
cgit v1.2.3