summaryrefslogtreecommitdiff
path: root/src/validators/ip-length
diff options
context:
space:
mode:
authorNicolas Fort <nicolasfort1988@gmail.com>2022-08-27 15:35:52 +0000
committerNicolas Fort <nicolasfort1988@gmail.com>2022-08-27 15:35:52 +0000
commit37cfa8cdb1c6a1d395109aabd3ee29e83db151da (patch)
tree8a710dc72fe799956330008f8031bc07f9d1a407 /src/validators/ip-length
parent9126170f0b09285cf79f8c40584312bccd67c3e8 (diff)
downloadvyos-1x-37cfa8cdb1c6a1d395109aabd3ee29e83db151da.tar.gz
vyos-1x-37cfa8cdb1c6a1d395109aabd3ee29e83db151da.zip
Firewall: T4651: Add options to match packet size on firewall rules.
Diffstat (limited to 'src/validators/ip-length')
-rwxr-xr-xsrc/validators/ip-length29
1 files changed, 29 insertions, 0 deletions
diff --git a/src/validators/ip-length b/src/validators/ip-length
new file mode 100755
index 000000000..d96093849
--- /dev/null
+++ b/src/validators/ip-length
@@ -0,0 +1,29 @@
+#!/usr/bin/python3
+
+from sys import argv
+from sys import exit
+import re
+
+if __name__ == '__main__':
+ if len(argv)>1:
+ lengths = argv[1].split(",")
+
+ for length in lengths:
+ if length and length[0] == '!':
+ length = length[1:]
+ if re.match('^[0-9]{1,5}-[0-9]{1,5}$', length):
+ length_1, length_2 = length.split('-')
+ if int(length_1) not in range(0, 65536) or int(length_2) not in range(0, 65536):
+ print(f'Error: {length} is not a valid length range')
+ exit(1)
+ if int(length_1) > int(length_2):
+ print(f'Error: {length} is not a valid length range')
+ exit(1)
+ elif length.isnumeric():
+ if int(length) not in range(0, 65536):
+ print(f'Error: {length} is not a valid length value')
+ exit(1)
+ else:
+ exit(2)
+
+ exit(0) \ No newline at end of file