summaryrefslogtreecommitdiff
path: root/src/conf_mode/policy.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-11-20 10:40:37 +0100
committerGitHub <noreply@github.com>2022-11-20 10:40:37 +0100
commitb7e203d168d5549b2e5c7d0f7168317744c1d71e (patch)
tree3844630b4c983aefc49e24212d4b5777273b0ff8 /src/conf_mode/policy.py
parent94287c30406894671a89b9b75dd5a163af714e6c (diff)
parent42373334b1edae9553776bfbe8f21ba3bf4dd2a5 (diff)
downloadvyos-1x-b7e203d168d5549b2e5c7d0f7168317744c1d71e.tar.gz
vyos-1x-b7e203d168d5549b2e5c7d0f7168317744c1d71e.zip
Merge pull request #1667 from sever-sever/T4827
T4827: Route-map state continue must be with action permit only
Diffstat (limited to 'src/conf_mode/policy.py')
-rwxr-xr-xsrc/conf_mode/policy.py5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/conf_mode/policy.py b/src/conf_mode/policy.py
index a0d288e91..331194fec 100755
--- a/src/conf_mode/policy.py
+++ b/src/conf_mode/policy.py
@@ -167,6 +167,11 @@ def verify(policy):
continue
for rule, rule_config in route_map_config['rule'].items():
+ # Action 'deny' cannot be used with "continue"
+ # FRR does not validate it T4827
+ if rule_config['action'] == 'deny' and 'continue' in rule_config:
+ raise ConfigError(f'rule {rule} "continue" cannot be used with action deny!')
+
# Specified community-list must exist
tmp = dict_search('match.community.community_list',
rule_config)