diff options
author | Jernej Jakob <jernej.jakob@gmail.com> | 2020-05-01 19:59:53 +0200 |
---|---|---|
committer | Jernej Jakob <jernej.jakob@gmail.com> | 2020-05-04 22:59:40 +0200 |
commit | 5b628a395fca837f9e0b3fde180c11ce0eac16a5 (patch) | |
tree | cc370095abadfd3612dacfc7cb95601d4822945d | |
parent | 56caf9cc1e980f5b2e03b930a5411a94190fbba7 (diff) | |
download | vyos-1x-5b628a395fca837f9e0b3fde180c11ce0eac16a5.tar.gz vyos-1x-5b628a395fca837f9e0b3fde180c11ce0eac16a5.zip |
wireguard: T2241: fix falling out of bridge when changing settings
Previously, set_vrf was always called, which uses the same master and nomaster
commands as bridge, so it removed the interface from the bridge.
- add checks to make VRF and bridge membership mutually exclusive
-rwxr-xr-x | src/conf_mode/interfaces-wireguard.py | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/conf_mode/interfaces-wireguard.py b/src/conf_mode/interfaces-wireguard.py index 3b18f8a15..2065278fd 100755 --- a/src/conf_mode/interfaces-wireguard.py +++ b/src/conf_mode/interfaces-wireguard.py @@ -264,8 +264,10 @@ def apply(wg): # update interface description used e.g. within SNMP w.set_alias(wg['description']) - # assign/remove VRF - w.set_vrf(wg['vrf']) + # assign/remove VRF (ONLY when not a member of a bridge, + # otherwise 'nomaster' removes it from it) + if not wg['is_bridge_member']: + w.set_vrf(wg['vrf']) # remove peers for pub_key in wg['peer_remove']: |