diff options
| author | Daniil Baturin <daniil@vyos.io> | 2020-06-25 09:57:14 +0300 |
|---|---|---|
| committer | Daniil Baturin <daniil@vyos.io> | 2020-06-25 09:57:14 +0300 |
| commit | 7c719556bdee7c7e965c0b1eb4f182704ee1c6fd (patch) | |
| tree | 36db6e0dc3485313fd13a296b176829f4a3664d1 /templates | |
| parent | 1bdea7cedaca5ec6949a0942517e36ae185eb85c (diff) | |
| download | vyatta-cfg-quagga-7c719556bdee7c7e965c0b1eb4f182704ee1c6fd.tar.gz vyatta-cfg-quagga-7c719556bdee7c7e965c0b1eb4f182704ee1c6fd.zip | |
T1665: correctly validate prefix-list and access-list networks.
Diffstat (limited to 'templates')
3 files changed, 6 insertions, 3 deletions
diff --git a/templates/policy/access-list6/node.tag/rule/node.tag/source/network/node.def b/templates/policy/access-list6/node.tag/rule/node.tag/source/network/node.def index eb97e759..5bcc816c 100644 --- a/templates/policy/access-list6/node.tag/rule/node.tag/source/network/node.def +++ b/templates/policy/access-list6/node.tag/rule/node.tag/source/network/node.def @@ -1,4 +1,5 @@ -type: ipv6net +type: txt +syntax:expression: exec "${vyos_libexec_dir}/validate-value --exec \"${vyos_validators_dir}/ipv6-prefix \" --value \'$VAR(@)\'"; "$VAR(@) is not a valid IPv6 network address" help: Network/netmask to match (requires inverse-mask be defined) val_help: IPv6 address and prefix length commit:expression: ($VAR(../any/) == ""); "you may only define one filter type. (network|any)" diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def index 89e8e805..d0dacbc8 100644 --- a/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def @@ -1,3 +1,4 @@ -type: ipv4net +type: txt +syntax:expression: exec "${vyos_libexec_dir}/validate-value --exec \"${vyos_validators_dir}/ipv4-prefix \" --value \'$VAR(@)\'"; "$VAR(@) is not a valid IPv4 network prefix" help: Prefix to match val_help: Prefix to match against diff --git a/templates/policy/prefix-list6/node.tag/rule/node.tag/prefix/node.def b/templates/policy/prefix-list6/node.tag/rule/node.tag/prefix/node.def index f78d4f0f..1955e6a8 100644 --- a/templates/policy/prefix-list6/node.tag/rule/node.tag/prefix/node.def +++ b/templates/policy/prefix-list6/node.tag/rule/node.tag/prefix/node.def @@ -1,3 +1,4 @@ -type: ipv6net +type: txt +syntax:expression: exec "${vyos_libexec_dir}/validate-value --exec \"${vyos_validators_dir}/ipv6-prefix \" --value \'$VAR(@)\'"; "$VAR(@) is not a valid IPv6 network address" help: Prefix to match val_help: IPv6 prefix |