diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-07-26 19:50:34 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-07-26 19:50:34 +0300 |
commit | fc35434bfb0def50e5e492030451e035c80d153d (patch) | |
tree | 1ffb8efda349bf0da71ca47564084e94ae35b080 /src/conf_mode | |
parent | 6a1a687f8b8f4c60b6f3f124471f47663a737775 (diff) | |
parent | 5f2e9cb81d89a5cfecbac01bec054b3ba4e8dff5 (diff) | |
download | vyos-1x-fc35434bfb0def50e5e492030451e035c80d153d.tar.gz vyos-1x-fc35434bfb0def50e5e492030451e035c80d153d.zip |
Merge pull request #2078 from nicolas-fort/T5154
T5154: NTP: allow maximum of one ipv4 and one ipv6 address on paramet…
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-x | src/conf_mode/ntp.py | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py index 917f6e058..1cc23a7df 100755 --- a/src/conf_mode/ntp.py +++ b/src/conf_mode/ntp.py @@ -24,6 +24,7 @@ from vyos.utils.process import call from vyos.utils.permission import chmod_750 from vyos.utils.network import get_interface_config from vyos.template import render +from vyos.template import is_ipv4 from vyos import ConfigError from vyos import airbag airbag.enable() @@ -62,16 +63,29 @@ def verify(ntp): if 'interface' in ntp: # If ntpd should listen on a given interface, ensure it exists - for interface in ntp['interface']: - verify_interface_exists(interface) - - # If we run in a VRF, our interface must belong to this VRF, too - if 'vrf' in ntp: - tmp = get_interface_config(interface) - vrf_name = ntp['vrf'] - if 'master' not in tmp or tmp['master'] != vrf_name: - raise ConfigError(f'NTP runs in VRF "{vrf_name}" - "{interface}" '\ - f'does not belong to this VRF!') + interface = ntp['interface'] + verify_interface_exists(interface) + + # If we run in a VRF, our interface must belong to this VRF, too + if 'vrf' in ntp: + tmp = get_interface_config(interface) + vrf_name = ntp['vrf'] + if 'master' not in tmp or tmp['master'] != vrf_name: + raise ConfigError(f'NTP runs in VRF "{vrf_name}" - "{interface}" '\ + f'does not belong to this VRF!') + + if 'listen_address' in ntp: + ipv4_addresses = 0 + ipv6_addresses = 0 + for address in ntp['listen_address']: + if is_ipv4(address): + ipv4_addresses += 1 + else: + ipv6_addresses += 1 + if ipv4_addresses > 1: + raise ConfigError(f'NTP Only admits one ipv4 value for listen-address parameter ') + if ipv6_addresses > 1: + raise ConfigError(f'NTP Only admits one ipv6 value for listen-address parameter ') return None |