diff options
| author | fett0 <fernando.gmaidana@gmail.com> | 2024-07-31 18:21:25 +0000 |
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-08-05 10:50:24 +0000 |
| commit | bc2bb1ed9ac977c8ad540d7ccbfff8e9980277cf (patch) | |
| tree | 1e907a1a262c941d59eba894c51d3697ad74d951 /src | |
| parent | f51657532b546cc1e20df1a18b1111c46db045be (diff) | |
| download | vyos-1x-bc2bb1ed9ac977c8ad540d7ccbfff8e9980277cf.tar.gz vyos-1x-bc2bb1ed9ac977c8ad540d7ccbfff8e9980277cf.zip | |
OPENVPN: T6555: add server-bridge options in mode server
(cherry picked from commit 4acad3eb8d9be173b76fecafc32b0c70eae9b192)
Diffstat (limited to 'src')
| -rwxr-xr-x | src/conf_mode/interfaces_openvpn.py | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/conf_mode/interfaces_openvpn.py b/src/conf_mode/interfaces_openvpn.py index 320ab7b7b..fcbba30ce 100755 --- a/src/conf_mode/interfaces_openvpn.py +++ b/src/conf_mode/interfaces_openvpn.py @@ -378,6 +378,22 @@ def verify(openvpn): if (client_v.get('ip') and len(client_v['ip']) > 1) or (client_v.get('ipv6_ip') and len(client_v['ipv6_ip']) > 1): raise ConfigError(f'Server client "{client_k}": cannot specify more than 1 IPv4 and 1 IPv6 IP') + if dict_search('server.server_bridge', openvpn): + # check if server-bridge is a tap interfaces + if not openvpn['device_type'] == 'tap' and dict_search('server.server_bridge', openvpn): + raise ConfigError('Must specify "device-type tap" with server-bridge mode') + elif not (dict_search('server.server_bridge.start', openvpn) and dict_search('server.server_bridge.stop', openvpn)): + raise ConfigError('Server server-bridge requires both start and stop addresses') + else: + v4PoolStart = IPv4Address(dict_search('server.server_bridge.start', openvpn)) + v4PoolStop = IPv4Address(dict_search('server.server_bridge.stop', openvpn)) + if v4PoolStart > v4PoolStop: + raise ConfigError(f'Server server-bridge start address {v4PoolStart} is larger than stop address {v4PoolStop}') + + v4PoolSize = int(v4PoolStop) - int(v4PoolStart) + if v4PoolSize >= 65536: + raise ConfigError(f'Server server_bridge is too large [{v4PoolStart} -> {v4PoolStop} = {v4PoolSize}], maximum is 65536 addresses.') + if dict_search('server.client_ip_pool', openvpn): if not (dict_search('server.client_ip_pool.start', openvpn) and dict_search('server.client_ip_pool.stop', openvpn)): raise ConfigError('Server client-ip-pool requires both start and stop addresses') |