diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-03-26 09:24:36 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-03-26 09:24:36 +0100 |
commit | 1bfe09f90b9eca58f00cfae880e13e88c6dae894 (patch) | |
tree | 8148b6fe5a1afefc3856d7c097e3fffc820ecebe | |
parent | 6249c2abe7e40a6671549d318ee9b0fbd622b991 (diff) | |
download | vyos-1x-1bfe09f90b9eca58f00cfae880e13e88c6dae894.tar.gz vyos-1x-1bfe09f90b9eca58f00cfae880e13e88c6dae894.zip |
vyos.validate: T4321: make is_intf_addr_assigned() VRF aware
-rw-r--r-- | python/vyos/validate.py | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/python/vyos/validate.py b/python/vyos/validate.py index 0dad2a6cb..6dfa1139f 100644 --- a/python/vyos/validate.py +++ b/python/vyos/validate.py @@ -43,19 +43,15 @@ def _are_same_ip(one, two): s_two = AF_INET if is_ipv4(two) else AF_INET6 return inet_pton(f_one, one) == inet_pton(f_one, two) -def is_intf_addr_assigned(intf, addr): - if '/' in addr: - ip,mask = addr.split('/') - return _is_intf_addr_assigned(intf, ip, mask) - return _is_intf_addr_assigned(intf, addr) - -def _is_intf_addr_assigned(intf, address, netmask=None): +def is_intf_addr_assigned(intf, address, vrf=None) -> bool: """ Verify if the given IPv4/IPv6 address is assigned to specific interface. It can check both a single IP address (e.g. 192.0.2.1 or a assigned CIDR address 192.0.2.1/24. """ from vyos.template import is_ipv4 + from vyos.util import get_interface_config + from netifaces import ifaddresses from netifaces import AF_INET from netifaces import AF_INET6 @@ -72,10 +68,19 @@ def _is_intf_addr_assigned(intf, address, netmask=None): print(e) return False + # Check if interface belongs to requested VRF. If interfaces does not + # belong to requested VRF - bail out early + tmp = get_interface_config(intf) + if 'master' in tmp and tmp['master'] != vrf: + return False + # determine IP version (AF_INET or AF_INET6) depending on passed address addr_type = AF_INET if is_ipv4(address) else AF_INET6 # Check every IP address on this interface for a match + netmask = None + if '/' in address: + address, netmask = address.split('/') for ip in ifaces.get(addr_type,[]): # ip can have the interface name in the 'addr' field, we need to remove it # {'addr': 'fe80::a00:27ff:fec5:f821%eth2', 'netmask': 'ffff:ffff:ffff:ffff::'} @@ -99,13 +104,13 @@ def _is_intf_addr_assigned(intf, address, netmask=None): return False -def is_addr_assigned(addr): +def is_addr_assigned(addr, vrf=None) -> bool: """ Verify if the given IPv4/IPv6 address is assigned to any interface """ from netifaces import interfaces for intf in interfaces(): - tmp = is_intf_addr_assigned(intf, addr) + tmp = is_intf_addr_assigned(intf, addr, vrf) if tmp == True: return True |