diff options
| author | Christian Breunig <christian@breunig.cc> | 2025-01-18 20:28:16 +0100 |
|---|---|---|
| committer | Christian Breunig <christian@breunig.cc> | 2025-02-04 18:09:39 +0100 |
| commit | 5a7a9f3a20e19a52572ce1b9b214528b6ce958ce (patch) | |
| tree | 2495a4210e82ff8bdaf76e1d01cfd895e931d16b /src/conf_mode | |
| parent | 3f4c6422110c9a242ff3b81abd4f5ac5e01d5ab9 (diff) | |
| download | vyos-1x-5a7a9f3a20e19a52572ce1b9b214528b6ce958ce.tar.gz vyos-1x-5a7a9f3a20e19a52572ce1b9b214528b6ce958ce.zip | |
syslog: T6989: add possibility to define VRF per remote
Rsyslog supports individual VRFs per omfwd remote entry - so we should support
this, too.
Diffstat (limited to 'src/conf_mode')
| -rwxr-xr-x | src/conf_mode/system_syslog.py | 46 |
1 files changed, 23 insertions, 23 deletions
diff --git a/src/conf_mode/system_syslog.py b/src/conf_mode/system_syslog.py index f27c27e0b..00c571ea9 100755 --- a/src/conf_mode/system_syslog.py +++ b/src/conf_mode/system_syslog.py @@ -20,11 +20,12 @@ from sys import exit from vyos.base import Warning from vyos.config import Config -from vyos.configdict import is_node_changed from vyos.configverify import verify_vrf from vyos.utils.network import is_addr_assigned from vyos.utils.process import call from vyos.template import render +from vyos.template import is_ipv4 +from vyos.template import is_ipv6 from vyos import ConfigError from vyos import airbag airbag.enable() @@ -46,9 +47,6 @@ def get_config(config=None): syslog.update({ 'logrotate' : logrotate_conf }) - tmp = is_node_changed(conf, base + ['vrf']) - if tmp: syslog.update({'restart_required': {}}) - syslog = conf.merge_defaults(syslog, recursive=True) if syslog.from_defaults(['local']): del syslog['local'] @@ -74,19 +72,26 @@ def verify(syslog): Warning('No "system domain-name" defined - cannot set syslog FQDN!') if 'remote' in syslog: - for host, host_options in syslog['remote'].items(): - if 'protocol' in host_options and host_options['protocol'] == 'udp': - if 'format' in host_options and 'octet_counted' in host_options['format']: - Warning(f'Syslog UDP transport for "{host}" should not use octet-counted format!') - - verify_vrf(syslog) - - if 'source_address' in syslog: - syslog_vrf = None - if 'vrf' in syslog: - syslog_vrf = syslog['vrf'] - if not is_addr_assigned(syslog['source_address'], syslog_vrf): - raise ConfigError('No interface with given address specified!') + for remote, remote_options in syslog['remote'].items(): + if 'protocol' in remote_options and remote_options['protocol'] == 'udp': + if 'format' in remote_options and 'octet_counted' in remote_options['format']: + Warning(f'Syslog UDP transport for "{remote}" should not use octet-counted format!') + + if 'vrf' in remote_options: + verify_vrf(remote_options) + + if 'source_address' in remote_options: + vrf = None + if 'vrf' in remote_options: + vrf = remote_options['vrf'] + if not is_addr_assigned(remote_options['source_address'], vrf): + raise ConfigError('No interface with given address specified!') + + source_address = remote_options['source_address'] + if ((is_ipv4(remote) and is_ipv6(source_address)) or + (is_ipv6(remote) and is_ipv4(source_address))): + raise ConfigError(f'Source-address "{source_address}" does not match '\ + f'address-family of remote "{remote}"!') def generate(syslog): if not syslog: @@ -108,12 +113,7 @@ def apply(syslog): call(f'systemctl stop {systemd_service} {systemd_socket}') return None - # we need to restart the service if e.g. the VRF name changed - systemd_action = 'reload-or-restart' - if 'restart_required' in syslog: - systemd_action = 'restart' - - call(f'systemctl {systemd_action} {systemd_service}') + call(f'systemctl reload-or-restart {systemd_service}') return None if __name__ == '__main__': |