From de83e33569c929d29a0581a240e81b1d2e8884f0 Mon Sep 17 00:00:00 2001
From: Mohit Mehta <mohit.mehta@vyatta.com>
Date: Wed, 6 May 2009 16:45:26 -0700
Subject: * don't allow user to change zone-type on the fly

---
 lib/Vyatta/Zone.pm | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'lib')

diff --git a/lib/Vyatta/Zone.pm b/lib/Vyatta/Zone.pm
index 986ebb5..436f6fd 100755
--- a/lib/Vyatta/Zone.pm
+++ b/lib/Vyatta/Zone.pm
@@ -148,6 +148,15 @@ sub validity_checks {
 				"and it's not a local-zone";
           return($returnstring, );
         }
+        # zone defined as a local-zone
+        my @zone_intfs_orig = get_zone_interfaces("returnOrigValues", $zone);
+        if (scalar(@zone_intfs_orig) != 0) {
+          # can't change change transit zone to local-zone on the fly
+          $returnstring = "Zone $zone is a transit zone. " .
+                "Cannot convert it to local-zone.\n" .
+                "Please define another zone to create local-zone";
+          return($returnstring, );
+        }
         $num_local_zones++;
         # make sure only one zone is a local-zone
         if ($num_local_zones > 1) {
@@ -159,6 +168,12 @@ sub validity_checks {
           $returnstring = "local-zone cannot have interfaces defined";
           return($returnstring, );
         }
+        # make sure you're not converting local-zone to transit zone either
+        if (defined(is_local_zone("existsOrig", $zone))) {
+          $returnstring = "Cannot convert local-zone $zone to transit zone" .  
+				"\nPlease define another zone for it";
+          return($returnstring, );
+        }
         foreach my $interface (@zone_intfs) {
           # make sure firewall is not applied to this interface
           my $intf = new Vyatta::Interface($interface);
-- 
cgit v1.2.3