diff options
| -rwxr-xr-x | scripts/vpn-config.pl | 2 | ||||
| -rwxr-xr-x | scripts/vyatta-vti-config.pl | 6 |
2 files changed, 7 insertions, 1 deletions
diff --git a/scripts/vpn-config.pl b/scripts/vpn-config.pl index 60b1f55..7d0289c 100755 --- a/scripts/vpn-config.pl +++ b/scripts/vpn-config.pl @@ -574,7 +574,7 @@ if ($vcVPN->exists('ipsec')) { or $any_peer == 1) { if ($isVti) { - vpn_die(["vpn","ipsec","site-to-site","peer",$peer],"$vpn_cfg_err The \"$peer\" is invalid ". "ip address must be specified for $tunKeyword.\n"); + vpn_die(["vpn","ipsec","site-to-site","peer",$peer],"$vpn_cfg_err The peer \"$peer\" is invalid, an ip address must be specified for $tunKeyword.\n"); } $right = '%any'; $any_peer = 1; diff --git a/scripts/vyatta-vti-config.pl b/scripts/vyatta-vti-config.pl index 23bead1..5373ddf 100755 --- a/scripts/vyatta-vti-config.pl +++ b/scripts/vyatta-vti-config.pl @@ -38,6 +38,7 @@ use Getopt::Long; use Vyatta::VPN::vtiIntf; use Vyatta::Config; use Vyatta::Misc; +use Vyatta::TypeChecker; my $vti_cfg_err = "VPN VTI configuration error:"; my $gencmds = ""; @@ -114,6 +115,11 @@ foreach my $peer (@peers) { if (!$vcVPN->exists("ipsec site-to-site peer $peer vti")) { next; } + + if (!(validateType('ipv4', $peer, 'quiet') || validateType('ipv6', $peer, 'quiet')) || ($peer eq '0.0.0.0')) { + vti_die(["vpn","ipsec","site-to-site","peer",$peer],"$vti_cfg_err The peer \"$peer\" is invalid, an ip address must be specified for VTIs.\n"); + } + # # we have the vti configured. # |