summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-01-22 20:49:35 +0100
committerMergify <37929162+mergify[bot]@users.noreply.github.com>2024-01-30 11:12:53 +0000
commit9eb129400dd57fc6c41c810fa5aa2c455b908322 (patch)
tree3765cb9f5359186791a772d294dbc12cef4edcca
parentf5590b63f2a849ebe63bf453c561930f846598d5 (diff)
downloadvyos-1x-9eb129400dd57fc6c41c810fa5aa2c455b908322.tar.gz
vyos-1x-9eb129400dd57fc6c41c810fa5aa2c455b908322.zip
vrf: T5973: fix has_rule() to check for l3mdev rule
A code path was missing to check if only priority is available in the result of "ip --json -4 rule show", in the case of l3mdev it's a dedicated key! (cherry picked from commit a009143a62caca207fdffffcf0b490c747a87025)
-rwxr-xr-xsrc/conf_mode/vrf.py20
1 files changed, 16 insertions, 4 deletions
diff --git a/src/conf_mode/vrf.py b/src/conf_mode/vrf.py
index 1db4e99f2..f2c544aa6 100755
--- a/src/conf_mode/vrf.py
+++ b/src/conf_mode/vrf.py
@@ -42,15 +42,27 @@ airbag.enable()
config_file = '/etc/iproute2/rt_tables.d/vyos-vrf.conf'
k_mod = ['vrf']
-def has_rule(af : str, priority : int, table : str):
- """ Check if a given ip rule exists """
+def has_rule(af : str, priority : int, table : str=None):
+ """
+ Check if a given ip rule exists
+ $ ip --json -4 rule show
+ [{'l3mdev': None, 'priority': 1000, 'src': 'all'},
+ {'action': 'unreachable', 'l3mdev': None, 'priority': 2000, 'src': 'all'},
+ {'priority': 32765, 'src': 'all', 'table': 'local'},
+ {'priority': 32766, 'src': 'all', 'table': 'main'},
+ {'priority': 32767, 'src': 'all', 'table': 'default'}]
+ """
if af not in ['-4', '-6']:
raise ValueError()
- command = f'ip -j {af} rule show'
+ command = f'ip --detail --json {af} rule show'
for tmp in loads(cmd(command)):
- if {'priority', 'table'} <= set(tmp):
+ if 'priority' in tmp and 'table' in tmp:
if tmp['priority'] == priority and tmp['table'] == table:
return True
+ elif 'priority' in tmp and table in tmp:
+ # l3mdev table has a different layout
+ if tmp['priority'] == priority:
+ return True
return False
def vrf_interfaces(c, match):