zone-policy: T4135: Raise error when using an invalid "from" zone.

author: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2022-01-05 01:32:12 +0100
committer: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2022-01-05 01:36:14 +0100
commit: 96f577ef82721b11b474d14d8155d30891a60d3f (patch)
tree: 709f7633d8c1a2fc351879d21f5e10f14e273668
parent: 459c7079bebe7059d90441a5014d948a92d2ee19 (diff)
download: vyos-1x-96f577ef82721b11b474d14d8155d30891a60d3f.tar.gz
vyos-1x-96f577ef82721b11b474d14d8155d30891a60d3f.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/src/conf_mode/zone_policy.py b/src/conf_mode/zone_policy.py
index d605e9639..683f8f034 100755
--- a/src/conf_mode/zone_policy.py
+++ b/src/conf_mode/zone_policy.py
@@ -95,6 +95,9 @@ def verify(zone_policy):
 
             if 'from' in zone_conf:
                 for from_zone, from_conf in zone_conf['from'].items():
+                    if from_zone not in zone_policy['zone']:
+                        raise ConfigError(f'Zone "{zone}" refers to a non-existent or deleted zone "{from_zone}"')
+
                     v4_name = dict_search_args(from_conf, 'firewall', 'name')
                     if v4_name:
                         if 'name' not in zone_policy['firewall']:
author	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2022-01-05 01:32:12 +0100
committer	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2022-01-05 01:36:14 +0100
commit	96f577ef82721b11b474d14d8155d30891a60d3f (patch)
tree	709f7633d8c1a2fc351879d21f5e10f14e273668
parent	459c7079bebe7059d90441a5014d948a92d2ee19 (diff)
download	vyos-1x-96f577ef82721b11b474d14d8155d30891a60d3f.tar.gz vyos-1x-96f577ef82721b11b474d14d8155d30891a60d3f.zip