diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-04-07 20:43:39 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-04-07 20:43:39 +0200 |
commit | 44c67e54ef6ecdf4d7b62e765ccfa4e724c14316 (patch) | |
tree | 7bdf260ef533c7319882b0f836143f18179b65fb /src/conf_mode | |
parent | 440a7a1c965be39ca0b13b4ea5985dd9c95fabef (diff) | |
download | vyos-1x-44c67e54ef6ecdf4d7b62e765ccfa4e724c14316.tar.gz vyos-1x-44c67e54ef6ecdf4d7b62e765ccfa4e724c14316.zip |
policy: T4194: simplify prefix-list duplication checks
Commit 5dafe255d ("policy: T4194: Add prefix-list duplication checks") added
first support for FRR prefix-list duplication checks. FRR does not allow to
specify the same profix list rule multiple times.
vyos(config)# ip prefix-list foo seq 10 permit 192.0.2.0/24
vyos(config)# ip prefix-list foo seq 20 permit 192.0.2.0/24
% Configuration failed.
Error type: validation
Error description: duplicated prefix list value: 192.0.2.0/24
There is a VyOS verify() function which simply probed for the prefix, action,
le and ge settings - but as Python has excellent support when comparing data,
this can be as simple as a dictionary comparison using "==".
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-x | src/conf_mode/policy.py | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/src/conf_mode/policy.py b/src/conf_mode/policy.py index 6b1d3bf1a..9d8fcfa36 100755 --- a/src/conf_mode/policy.py +++ b/src/conf_mode/policy.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2021 VyOS maintainers and contributors +# Copyright (C) 2021-2022 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -114,10 +114,9 @@ def verify(policy): if 'prefix' not in rule_config: raise ConfigError(f'A prefix {mandatory_error}') - # Check prefix duplicates - if rule_config['prefix'] in entries and ('ge' not in rule_config and 'le' not in rule_config): - raise ConfigError(f'Prefix {rule_config["prefix"]} is duplicated!') - entries.append(rule_config['prefix']) + if rule_config in entries: + raise ConfigError(f'Rule "{rule}" contains a duplicate prefix definition!') + entries.append(rule_config) # route-maps tend to be a bit more complex so they get their own verify() section |