summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-08-11 21:24:05 +0200
committerChristian Breunig <christian@breunig.cc>2023-08-11 21:24:32 +0200
commitf8b60fff531e4e8cfe1bba99652343b0680f98ad (patch)
tree1b64abadf2f4f9a3c6c5ca3b9fbd9a1418007648
parent11f46a2b4f8522cb52a85ba5bc6e76a575b418ce (diff)
downloadvyos-1x-f8b60fff531e4e8cfe1bba99652343b0680f98ad.tar.gz
vyos-1x-f8b60fff531e4e8cfe1bba99652343b0680f98ad.zip
interface: T5465: adjust-mss: config migration fails if applied to a VLAN or Q-in-Q interface
When migration from 1.3 to 1.4 and a user hat the following configured: options { interface eth0.10{ adjust-mss 1452 adjust-mss6 1432 } } The configuration was wrongly migrated to: interfaces { ethernet eth0.10 { ipv6 { adjust-mss "1432" } ip { adjust-mss "1452" } } Instead of interfaces { ethernet eth0 { vif 10 { ipv6 { adjust-mss "1432" } ip { adjust-mss "1452" } } }
-rwxr-xr-xsrc/migration-scripts/firewall/5-to-646
1 files changed, 44 insertions, 2 deletions
diff --git a/src/migration-scripts/firewall/5-to-6 b/src/migration-scripts/firewall/5-to-6
index 3fa07a0a1..e1eaea7a1 100755
--- a/src/migration-scripts/firewall/5-to-6
+++ b/src/migration-scripts/firewall/5-to-6
@@ -46,12 +46,54 @@ for interface in config.list_nodes(base):
if config.exists(base + [interface, 'adjust-mss']):
section = Section.section(interface)
tmp = config.return_value(base + [interface, 'adjust-mss'])
- config.set(['interfaces', section, interface, 'ip', 'adjust-mss'], value=tmp)
+
+ vlan = interface.split('.')
+ base_interface_path = ['interfaces', section, vlan[0]]
+
+ if len(vlan) == 1:
+ # Normal interface, no VLAN
+ config.set(base_interface_path + ['ip', 'adjust-mss'], value=tmp)
+ elif len(vlan) == 2:
+ # Regular VIF or VIF-S interface - we need to check the config
+ vif = vlan[1]
+ if config.exists(base_interface_path + ['vif', vif]):
+ config.set(base_interface_path + ['vif', vif, 'ip', 'adjust-mss'], value=tmp)
+ elif config.exists(base_interface_path + ['vif-s', vif]):
+ config.set(base_interface_path + ['vif-s', vif, 'ip', 'adjust-mss'], value=tmp)
+ elif len(vlan) == 3:
+ # VIF-S interface with VIF-C subinterface
+ vif_s = vlan[1]
+ vif_c = vlan[2]
+ config.set(base_interface_path + ['vif-s', vif_s, 'vif-c', vif_c, 'ip', 'adjust-mss'], value=tmp)
+ config.set_tag(base_interface_path + ['vif-s'])
+ config.set_tag(base_interface_path + ['vif-s', vif_s, 'vif-c'])
if config.exists(base + [interface, 'adjust-mss6']):
section = Section.section(interface)
tmp = config.return_value(base + [interface, 'adjust-mss6'])
- config.set(['interfaces', section, interface, 'ipv6', 'adjust-mss'], value=tmp)
+
+ vlan = interface.split('.')
+ base_interface_path = ['interfaces', section, vlan[0]]
+
+ if len(vlan) == 1:
+ # Normal interface, no VLAN
+ config.set(['interfaces', section, interface, 'ipv6', 'adjust-mss'], value=tmp)
+ elif len(vlan) == 2:
+ # Regular VIF or VIF-S interface - we need to check the config
+ vif = vlan[1]
+ if config.exists(base_interface_path + ['vif', vif]):
+ config.set(base_interface_path + ['vif', vif, 'ipv6', 'adjust-mss'], value=tmp)
+ config.set_tag(base_interface_path + ['vif'])
+ elif config.exists(base_interface_path + ['vif-s', vif]):
+ config.set(base_interface_path + ['vif-s', vif, 'ipv6', 'adjust-mss'], value=tmp)
+ config.set_tag(base_interface_path + ['vif-s'])
+ elif len(vlan) == 3:
+ # VIF-S interface with VIF-C subinterface
+ vif_s = vlan[1]
+ vif_c = vlan[2]
+ config.set(base_interface_path + ['vif-s', vif_s, 'vif-c', vif_c, 'ipv6', 'adjust-mss'], value=tmp)
+ config.set_tag(base_interface_path + ['vif-s'])
+ config.set_tag(base_interface_path + ['vif-s', vif_s, 'vif-c'])
config.delete(['firewall', 'options'])