diff options
| author | Christian Breunig <christian@breunig.cc> | 2025-06-29 07:16:15 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-06-29 07:16:15 +0200 |
| commit | 862817a7207c5b5d17c67451bac602d296b88230 (patch) | |
| tree | 70d669d388f260aac8aa4b8bc4a74d389f6f21b4 /src | |
| parent | 22c6a817faee11ef97bb33a5431d7467b683c2e6 (diff) | |
| parent | c741a290261eb53d5f9ca4849109f19ced8fda9f (diff) | |
| download | vyos-1x-862817a7207c5b5d17c67451bac602d296b88230.tar.gz vyos-1x-862817a7207c5b5d17c67451bac602d296b88230.zip | |
Merge pull request #4581 from talmakion/bugfix/T7544/escape-vrfif-nftables
vrf: T7544: Ensure correct quoting for VRF ifnames in nftables
Diffstat (limited to 'src')
| -rwxr-xr-x | src/conf_mode/vrf.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/conf_mode/vrf.py b/src/conf_mode/vrf.py index 6e9d4147a..00a202df4 100755 --- a/src/conf_mode/vrf.py +++ b/src/conf_mode/vrf.py @@ -240,7 +240,7 @@ def apply(vrf): vrf_iface.set_dhcpv6(False) # Remove nftables conntrack zone map item - nft_del_element = f'delete element inet vrf_zones ct_iface_map {{ "{tmp}" }}' + nft_del_element = f'delete element inet vrf_zones ct_iface_map {{ \'"{tmp}"\' }}' # Check if deleting is possible first to avoid raising errors _, err = popen(f'nft --check {nft_del_element}') if not err: @@ -320,7 +320,7 @@ def apply(vrf): state = 'down' if 'disable' in config else 'up' vrf_if.set_admin_state(state) # Add nftables conntrack zone map item - nft_add_element = f'add element inet vrf_zones ct_iface_map {{ "{name}" : {table} }}' + nft_add_element = f'add element inet vrf_zones ct_iface_map {{ \'"{name}"\' : {table} }}' cmd(f'nft {nft_add_element}') # Only call into nftables as long as there is nothing setup to avoid wasting |