From 11823917831a50a0ce4f7d8037a0814e8bb3f342 Mon Sep 17 00:00:00 2001
From: Stig Thormodsrud <stig@vyatta.com>
Date: Sun, 14 Jun 2009 14:14:49 -0700
Subject: Fix 4579: There is no validation for vrrp virtual-address like the
 one for interfaces address.

---
 .../vrrp/vrrp-group/node.tag/virtual-address/node.def         | 11 +++++++++++
 .../vrrp/vrrp-group/node.tag/virtual-address/node.def         | 11 +++++++++++
 2 files changed, 22 insertions(+)

(limited to 'templates')

diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
index 363240cd..176287aa 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
@@ -6,6 +6,17 @@ syntax:expression: exec "/opt/vyatta/sbin/vyatta-keepalived.pl        \
                            --vrrp-action='check-vip' --vip='$VAR(@)' "\
      ; "Invalid virtual-address [$VAR(@)] for vrrp-group $VAR(../@)"
 
+syntax:expression: exec "
+  if echo '$VAR(@)' | grep -q '/' ; then
+    if /opt/vyatta/sbin/vyatta-interfaces.pl \
+         --valid-addr $VAR(@) --dev $VAR(../../../@) ; then
+       exit 0
+    else
+       echo Invalid vrrp virtual-address [$VAR(@)] for vrrp-group $VAR(../@)
+       exit 1
+    fi
+  fi"
+
 comp_help: possible completions:
  <x.x.x.x>          Virtual IP address (up to 20 per group)
  <x.x.x.x/x>        Virtual IP address with prefix (up to 20 per group)
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
index 363240cd..176287aa 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
@@ -6,6 +6,17 @@ syntax:expression: exec "/opt/vyatta/sbin/vyatta-keepalived.pl        \
                            --vrrp-action='check-vip' --vip='$VAR(@)' "\
      ; "Invalid virtual-address [$VAR(@)] for vrrp-group $VAR(../@)"
 
+syntax:expression: exec "
+  if echo '$VAR(@)' | grep -q '/' ; then
+    if /opt/vyatta/sbin/vyatta-interfaces.pl \
+         --valid-addr $VAR(@) --dev $VAR(../../../@) ; then
+       exit 0
+    else
+       echo Invalid vrrp virtual-address [$VAR(@)] for vrrp-group $VAR(../@)
+       exit 1
+    fi
+  fi"
+
 comp_help: possible completions:
  <x.x.x.x>          Virtual IP address (up to 20 per group)
  <x.x.x.x/x>        Virtual IP address with prefix (up to 20 per group)
-- 
cgit v1.2.3