From db38bdcc554cbc2271d1bd664418d6843f83dd62 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 17 Mar 2021 19:43:09 +0100 Subject: vrf: T2111: validate existence of target VRF when leaking --- .../node.tag/next-hop-interface/node.tag/next-hop-vrf/node.def | 4 ++++ .../static/interface-route6/node.tag/next-hop-interface/node.def | 4 ++++ .../static/route/node.tag/next-hop/node.tag/next-hop-vrf/node.def | 4 ++++ .../protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def | 4 ++++ 4 files changed, 16 insertions(+) (limited to 'templates/protocols') diff --git a/templates/protocols/vrf/node.tag/static/interface-route/node.tag/next-hop-interface/node.tag/next-hop-vrf/node.def b/templates/protocols/vrf/node.tag/static/interface-route/node.tag/next-hop-interface/node.tag/next-hop-vrf/node.def index ee872997..8c157906 100644 --- a/templates/protocols/vrf/node.tag/static/interface-route/node.tag/next-hop-interface/node.tag/next-hop-vrf/node.def +++ b/templates/protocols/vrf/node.tag/static/interface-route/node.tag/next-hop-interface/node.tag/next-hop-vrf/node.def @@ -6,6 +6,10 @@ allowed: local -a params echo -n "${params[@]}" val_help: ; Name of VRF to leak to end: + if [ ! -e /sys/class/net/$VAR(@) ]; then + echo 'VRF "$VAR(@)" does not exist!' + exit 1 + fi if [[ ${COMMIT_ACTION} = 'DELETE' ]] then if ! ${vyatta_sbindir}/vyatta-next-hop-check $VAR(../@) ipv4 address; then diff --git a/templates/protocols/vrf/node.tag/static/interface-route6/node.tag/next-hop-interface/node.def b/templates/protocols/vrf/node.tag/static/interface-route6/node.tag/next-hop-interface/node.def index 52f198b1..e2deadb2 100644 --- a/templates/protocols/vrf/node.tag/static/interface-route6/node.tag/next-hop-interface/node.def +++ b/templates/protocols/vrf/node.tag/static/interface-route6/node.tag/next-hop-interface/node.def @@ -24,6 +24,10 @@ end: fi if [[ -n "$VAR(./next-hop-vrf/@)" ]]; then NEXTHOP_VRF="nexthop-vrf $VAR(./next-hop-vrf/@)" + if [ ! -e /sys/class/net/$NEXTHOP_VRF ]; then + echo 'VRF "$NEXTHOP_VRF" does not exist!' + exit 1 + fi fi vtysh -c "configure terminal" \ diff --git a/templates/protocols/vrf/node.tag/static/route/node.tag/next-hop/node.tag/next-hop-vrf/node.def b/templates/protocols/vrf/node.tag/static/route/node.tag/next-hop/node.tag/next-hop-vrf/node.def index ad3e92a9..b2624cd7 100644 --- a/templates/protocols/vrf/node.tag/static/route/node.tag/next-hop/node.tag/next-hop-vrf/node.def +++ b/templates/protocols/vrf/node.tag/static/route/node.tag/next-hop/node.tag/next-hop-vrf/node.def @@ -6,6 +6,10 @@ allowed: local -a params echo -n "${params[@]}" val_help: ; Name of VRF to leak to end: + if [ ! -e /sys/class/net/$VAR(@) ]; then + echo 'VRF "$VAR(@)" does not exist!' + exit 1 + fi VRF_NAME=$VAR(../../../../@) if [[ ${COMMIT_ACTION} = 'DELETE' ]] then diff --git a/templates/protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def b/templates/protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def index 3fb5b798..044f2689 100644 --- a/templates/protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def +++ b/templates/protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def @@ -41,6 +41,10 @@ end: exit 1 fi NEXTHOP_VRF="nexthop-vrf $VAR(./next-hop-vrf/@)" + if [ ! -e /sys/class/net/$NEXTHOP_VRF ]; then + echo 'VRF "$NEXTHOP_VRF" does not exist!' + exit 1 + fi fi vtysh -c "configure terminal" \ -- cgit v1.2.3