summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2019-08-26 16:20:03 +0200
committerChristian Poessinger <christian@poessinger.com>2019-08-26 16:20:03 +0200
commit4a8ab14dc3cbe4245b95250c51ee427eb6241372 (patch)
tree0c2565357da5fbd9cb64cff484e80bbbe8c24c90 /src
parentd5e9512b8461f55d276182b4a75267378aa11f50 (diff)
downloadvyos-1x-4a8ab14dc3cbe4245b95250c51ee427eb6241372.tar.gz
vyos-1x-4a8ab14dc3cbe4245b95250c51ee427eb6241372.zip
bridge: T1608: deny adding non existing interfaces to bridge config
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/interface-bridge.py5
-rwxr-xr-xsrc/helpers/vyos-bridge-sync.py53
2 files changed, 58 insertions, 0 deletions
diff --git a/src/conf_mode/interface-bridge.py b/src/conf_mode/interface-bridge.py
index fc1243867..c5c5bd4ac 100755
--- a/src/conf_mode/interface-bridge.py
+++ b/src/conf_mode/interface-bridge.py
@@ -23,6 +23,7 @@ import subprocess
import vyos.configinterface as VyIfconfig
+from netifaces import interfaces
from vyos.config import Config
from vyos import ConfigError
@@ -189,6 +190,10 @@ def verify(bridge):
if intf['name'] in tmp:
raise ConfigError('Interface "{}" belongs to bridge "{}" and can not be enslaved.'.format(intf['name'], bridge['intf']))
+ # the interface must exist prior adding it to a bridge
+ for intf in bridge['member']:
+ if intf['name'] not in interfaces():
+ raise ConfigError('Can not add non existing interface "{}" to bridge "{}"'.format(intf['name'], bridge['intf']))
return None
diff --git a/src/helpers/vyos-bridge-sync.py b/src/helpers/vyos-bridge-sync.py
new file mode 100755
index 000000000..495eb5d40
--- /dev/null
+++ b/src/helpers/vyos-bridge-sync.py
@@ -0,0 +1,53 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2019 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# Script is used to synchronize configured bridge interfaces.
+# one can add a non existing interface to a bridge group (e.g. VLAN)
+# but the vlan interface itself does yet not exist. It should be added
+# to the bridge automatically once it's available
+
+import argparse
+import subprocess
+
+from sys import exit
+from time import sleep
+from vyos.config import Config
+
+def subprocess_cmd(command):
+ process = subprocess.Popen(command,stdout=subprocess.PIPE, shell=True)
+ proc_stdout = process.communicate()[0].strip()
+ pass
+
+if __name__ == '__main__':
+ parser = argparse.ArgumentParser()
+ parser.add_argument('-i', '--interface', action='store', help='Interface name which should be added to bridge it is configured for', required=True)
+ args, unknownargs = parser.parse_known_args()
+
+ conf = Config()
+ if not conf.list_nodes('interfaces bridge'):
+ # no bridge interfaces exist .. bail out early
+ exit(0)
+ else:
+ for bridge in conf.list_nodes('interfaces bridge'):
+ for member_if in conf.list_nodes('interfaces bridge {} member interface'.format(bridge)):
+ if args.interface == member_if:
+ cmd = 'brctl addif "{}" "{}"'.format(bridge, args.interface)
+ # let interfaces etc. settle - especially required for OpenVPN bridged interfaces
+ sleep(4)
+ subprocess_cmd(cmd)
+
+ exit(0)