diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-01-05 08:23:23 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-05 08:23:23 +0100 |
commit | b87fd7cb75f7b1d98b7320d632438a711aa71978 (patch) | |
tree | cef10f080ee8b544a5f26602af979b38ee729182 /src/conf_mode | |
parent | a893c8d8167eb6b2fe35bcbc3cd61c850456ef75 (diff) | |
parent | 96f577ef82721b11b474d14d8155d30891a60d3f (diff) | |
download | vyos-1x-b87fd7cb75f7b1d98b7320d632438a711aa71978.tar.gz vyos-1x-b87fd7cb75f7b1d98b7320d632438a711aa71978.zip |
Merge pull request #1136 from sarthurdev/firewall
zone-policy: T4135: Raise error when using an invalid "from" zone.
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-x | src/conf_mode/zone_policy.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/conf_mode/zone_policy.py b/src/conf_mode/zone_policy.py index d605e9639..683f8f034 100755 --- a/src/conf_mode/zone_policy.py +++ b/src/conf_mode/zone_policy.py @@ -95,6 +95,9 @@ def verify(zone_policy): if 'from' in zone_conf: for from_zone, from_conf in zone_conf['from'].items(): + if from_zone not in zone_policy['zone']: + raise ConfigError(f'Zone "{zone}" refers to a non-existent or deleted zone "{from_zone}"') + v4_name = dict_search_args(from_conf, 'firewall', 'name') if v4_name: if 'name' not in zone_policy['firewall']: |