summaryrefslogtreecommitdiff
path: root/src/conf_mode/interfaces-wireguard.py
diff options
context:
space:
mode:
authorzsdc <taras@vyos.io>2021-08-29 16:13:45 +0300
committerzsdc <taras@vyos.io>2021-08-29 16:13:45 +0300
commit8d0207f87cf692458b688527022c8d841ec72904 (patch)
tree374975ab646ef795947bfa0c468fae5f63b253e3 /src/conf_mode/interfaces-wireguard.py
parentc78daaf0f93937a7ecac139c45c5c81f7fcee81f (diff)
downloadvyos-1x-8d0207f87cf692458b688527022c8d841ec72904.tar.gz
vyos-1x-8d0207f87cf692458b688527022c8d841ec72904.zip
wireguard: T3763: The port availability check fix
Check a port availability only if it was changed in current commit. This should protect from fail-positive errors when other parameters change for an interface.
Diffstat (limited to 'src/conf_mode/interfaces-wireguard.py')
-rwxr-xr-xsrc/conf_mode/interfaces-wireguard.py5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/conf_mode/interfaces-wireguard.py b/src/conf_mode/interfaces-wireguard.py
index 9baf5b6e9..da64dd076 100755
--- a/src/conf_mode/interfaces-wireguard.py
+++ b/src/conf_mode/interfaces-wireguard.py
@@ -47,6 +47,9 @@ def get_config(config=None):
base = ['interfaces', 'wireguard']
wireguard = get_interface_dict(conf, base)
+ # Check if a port was changed
+ wireguard['port_changed'] = leaf_node_changed(conf, ['port'])
+
# Determine which Wireguard peer has been removed.
# Peers can only be removed with their public key!
dict = {}
@@ -74,7 +77,7 @@ def verify(wireguard):
if 'peer' not in wireguard:
raise ConfigError('At least one Wireguard peer is required!')
- if 'port' in wireguard:
+ if 'port' in wireguard and wireguard['port_changed']:
listen_port = int(wireguard['port'])
if check_port_availability('0.0.0.0', listen_port, 'udp') is not True:
raise ConfigError(
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-21 22:51:38 +0000