diff options
author | Viacheslav <v.gletenko@vyos.io> | 2021-09-02 18:58:11 +0000 |
---|---|---|
committer | Viacheslav <v.gletenko@vyos.io> | 2021-09-02 18:58:26 +0000 |
commit | 7e84566dedfdc532ffe05b404005daa6f21df567 (patch) | |
tree | a4b9d4d999002393b6319bb0e37815c7b6301c4e | |
parent | 658de9ea0fbe91e593f9cf0a8c434791282af100 (diff) | |
download | vyos-1x-7e84566dedfdc532ffe05b404005daa6f21df567.tar.gz vyos-1x-7e84566dedfdc532ffe05b404005daa6f21df567.zip |
tunnel: T3788: Add check keys for ipip and sit
Keys are not allowed with ipip and sit tunnels
-rwxr-xr-x | src/conf_mode/interfaces-tunnel.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/conf_mode/interfaces-tunnel.py b/src/conf_mode/interfaces-tunnel.py index bfd9a8c56..ef385d2e7 100755 --- a/src/conf_mode/interfaces-tunnel.py +++ b/src/conf_mode/interfaces-tunnel.py @@ -123,6 +123,11 @@ def verify(tunnel): raise ConfigError(f'Key "{orig_new_key}" for source-address "{new_source_address}" ' \ f'is already used for tunnel "{tunnel_if}"!') + # Keys are not allowed with ipip and sit tunnels + if tunnel['encapsulation'] in ['ipip', 'sit']: + if dict_search('parameters.ip.key', tunnel) != None: + raise ConfigError('Keys are not allowed with ipip and sit tunnels!') + verify_mtu_ipv6(tunnel) verify_address(tunnel) verify_vrf(tunnel) |