diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-05-14 21:26:25 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-05-14 21:39:46 +0200 |
| commit | 3fc9b2fb79fd3e27a5034804e5243fe2e4ec40c3 (patch) | |
| tree | 06bbf47d590425224c27594cdc50b5af5628e428 | |
| parent | cd59f198366ce58a01887e4f900a746d5b10b161 (diff) | |
| download | vyos-1x-3fc9b2fb79fd3e27a5034804e5243fe2e4ec40c3.tar.gz vyos-1x-3fc9b2fb79fd3e27a5034804e5243fe2e4ec40c3.zip | |
conntrack: T3535: check for VRRP group definition
| -rw-r--r-- | interface-definitions/service_conntrack-sync.xml.in | 2 | ||||
| -rwxr-xr-x | src/conf_mode/conntrack_sync.py | 10 |
2 files changed, 11 insertions, 1 deletions
diff --git a/interface-definitions/service_conntrack-sync.xml.in b/interface-definitions/service_conntrack-sync.xml.in index 2953ae390..088cd78f6 100644 --- a/interface-definitions/service_conntrack-sync.xml.in +++ b/interface-definitions/service_conntrack-sync.xml.in @@ -78,7 +78,7 @@ <children> <leafNode name="sync-group"> <properties> - <help>VRRP sync group [REQUIRED]</help> + <help>VRRP sync group</help> <completionHelp> <path>high-availability vrrp sync-group</path> </completionHelp> diff --git a/src/conf_mode/conntrack_sync.py b/src/conf_mode/conntrack_sync.py index c1c90d1fc..e0a414745 100755 --- a/src/conf_mode/conntrack_sync.py +++ b/src/conf_mode/conntrack_sync.py @@ -21,6 +21,7 @@ from vyos.config import Config from vyos.configdict import dict_merge from vyos.configverify import verify_interface_exists from vyos.util import call +from vyos.util import dict_search from vyos.util import read_file from vyos.template import render from vyos.template import get_ipv4 @@ -51,6 +52,9 @@ def get_config(config=None): conntrack['hash_size'] = read_file('/sys/module/nf_conntrack/parameters/hashsize') conntrack['table_size'] = read_file('/proc/sys/net/netfilter/nf_conntrack_max') + conntrack['vrrp'] = conf.get_config_dict(['high-availability', 'vrrp', 'sync-group'], + get_first_key=True) + return conntrack def verify(conntrack): @@ -75,6 +79,12 @@ def verify(conntrack): if not is_addr_assigned(address): raise ConfigError(f'Specified listen-address {address} not assigned to any interface!') + vrrp_group = dict_search('failover_mechanism.vrrp.sync_group', conntrack) + if vrrp_group == None: + raise ConfigError(f'No VRRP sync-group defined!') + if vrrp_group not in conntrack['vrrp']: + raise ConfigError(f'VRRP sync-group {vrrp_group} not configured!') + return None def generate(conntrack): |