diff options
| author | zsdc <taras@vyos.io> | 2021-08-29 16:13:45 +0300 |
|---|---|---|
| committer | zsdc <taras@vyos.io> | 2021-08-29 16:13:45 +0300 |
| commit | 8d0207f87cf692458b688527022c8d841ec72904 (patch) | |
| tree | 374975ab646ef795947bfa0c468fae5f63b253e3 /src/conf_mode | |
| parent | c78daaf0f93937a7ecac139c45c5c81f7fcee81f (diff) | |
| download | vyos-1x-8d0207f87cf692458b688527022c8d841ec72904.tar.gz vyos-1x-8d0207f87cf692458b688527022c8d841ec72904.zip | |
wireguard: T3763: The port availability check fix
Check a port availability only if it was changed in current commit.
This should protect from fail-positive errors when other parameters
change for an interface.
Diffstat (limited to 'src/conf_mode')
| -rwxr-xr-x | src/conf_mode/interfaces-wireguard.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/conf_mode/interfaces-wireguard.py b/src/conf_mode/interfaces-wireguard.py index 9baf5b6e9..da64dd076 100755 --- a/src/conf_mode/interfaces-wireguard.py +++ b/src/conf_mode/interfaces-wireguard.py @@ -47,6 +47,9 @@ def get_config(config=None): base = ['interfaces', 'wireguard'] wireguard = get_interface_dict(conf, base) + # Check if a port was changed + wireguard['port_changed'] = leaf_node_changed(conf, ['port']) + # Determine which Wireguard peer has been removed. # Peers can only be removed with their public key! dict = {} @@ -74,7 +77,7 @@ def verify(wireguard): if 'peer' not in wireguard: raise ConfigError('At least one Wireguard peer is required!') - if 'port' in wireguard: + if 'port' in wireguard and wireguard['port_changed']: listen_port = int(wireguard['port']) if check_port_availability('0.0.0.0', listen_port, 'udp') is not True: raise ConfigError( |