diff options
-rw-r--r-- | python/vyos/configverify.py | 14 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-ethernet.py | 2 |
2 files changed, 16 insertions, 0 deletions
diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py index 96eeb6bb1..a425ca671 100644 --- a/python/vyos/configverify.py +++ b/python/vyos/configverify.py @@ -99,6 +99,20 @@ def verify_eapol(config): raise ConfigError('Both cert and key-file must be specified '\ 'when using EAPoL!') +def verify_mirror(config): + """ + Common helper function used by interface implementations to perform + recurring validation of mirror interface configuration. + + It makes no sense to mirror traffic back at yourself! + """ + if 'mirror' in config: + for direction, mirror_interface in config['mirror'].items(): + if mirror_interface == config['ifname']: + raise ConfigError(f'Can not mirror "{direction}" traffic back ' \ + 'the originating interface!') + + def verify_address(config): """ Common helper function used by interface implementations to perform diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py index ed6396acf..bc102826f 100755 --- a/src/conf_mode/interfaces-ethernet.py +++ b/src/conf_mode/interfaces-ethernet.py @@ -29,6 +29,7 @@ from vyos.configverify import verify_mtu_ipv6 from vyos.configverify import verify_vlan_config from vyos.configverify import verify_vrf from vyos.configverify import verify_eapol +from vyos.configverify import verify_mirror from vyos.ifconfig import EthernetIf from vyos.template import render from vyos.util import call @@ -74,6 +75,7 @@ def verify(ethernet): verify_address(ethernet) verify_vrf(ethernet) verify_eapol(ethernet) + verify_mirror(ethernet) ifname = ethernet['ifname'] # verify offloading capabilities |