From be1d9edad43cdab5acc74e905fa271d260937eaa Mon Sep 17 00:00:00 2001 From: Saurabh Mohan Date: Tue, 12 Feb 2013 16:02:31 -0800 Subject: mGRE bug fixes local-ip address changes and v6 check. VYATTA-129: check for IPv6 addresses was moved to tunnel/node.def VYATTA-128: added more stronger check to forbid any way of setting remote-ip VYATTA-118: workaround added to update ipsec settings when tunnel local-ip is modified. --- templates/interfaces/tunnel/node.def | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'templates/interfaces/tunnel/node.def') diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def index 7490f336..cc99c1f5 100644 --- a/templates/interfaces/tunnel/node.def +++ b/templates/interfaces/tunnel/node.def @@ -10,6 +10,23 @@ commit:expression: $VAR(./local-ip/) != "" ; \ "Must configure the tunnel local-ip for $VAR(@)" commit:expression: $VAR(./encapsulation/) != "" ; \ "Must configure the tunnel encapsulation for $VAR(@)" +commit:expression: +exec " + if [ $VAR(./encapsulation/@) == gre-multipoint ] && [ -n \"$VAR(./remote-ip/)\" ]; then \ + echo \"Remote-ip shouldn't be set for mGRE mode for $VAR(@)\"; \ + exit 1; \ + fi; \ + if [ $VAR(./encapsulation/@) != gre-multipoint ] && [ ! -n \"$VAR(./remote-ip/)\" ]; then \ + echo \"Must configure the tunnel remote-ip for $VAR(@)\"; \ + exit 1; \ + fi; + + exit 0" +commit:expression: (!(pattern $VAR(./local-ip/@) ".*:.*") && $VAR(./encapsulation/@) == "gre-multipoint") || \ + $VAR(./encapsulation/@) != "gre-multipoint"; "IPv6 local-ip ($VAR(./local-ip/@)) is forbidden for gre-multipoint encapsulation type." + +commit:expression: (!(pattern $VAR(./address/@@) ".*:.*") && $VAR(./encapsulation/@) == "gre-multipoint") || \ + $VAR(./encapsulation/@) != "gre-multipoint"; "IPv6 addresses ($VAR(./address/@@)) are forbidden for gre-multipoint encapsulation type." create: if [ "$VAR(./encapsulation/@)" == "gre-multipoint" ]; then -- cgit v1.2.3