diff options
27 files changed, 225 insertions, 143 deletions
diff --git a/data/templates/openvpn/client.conf.tmpl b/data/templates/openvpn/client.conf.tmpl index fd3d3e68d..62387ef7c 100644 --- a/data/templates/openvpn/client.conf.tmpl +++ b/data/templates/openvpn/client.conf.tmpl @@ -13,7 +13,6 @@ push "route {{ route | address_from_cidr }} {{ route | netmask_from_cidr }}" iroute {{ network | address_from_cidr }} {{ network | netmask_from_cidr }} {% endfor %} {% endif %} - {# ipv6_remote is only set when IPv6 server is enabled #} {% if ipv6_remote %} # IPv6 @@ -27,7 +26,6 @@ push "route-ipv6 {{ route6 }}" iroute {{ net6 }} {% endfor %} {% endif %} - {% if disable is defined %} disable {% endif %} diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index 66da9c794..a510c3a84 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -13,7 +13,13 @@ dev-type {{ device_type }} dev {{ ifname }} persist-key iproute /usr/libexec/vyos/system/unpriv-ip -proto {{ protocol }} +{% if protocol == 'tcp-active' %} +proto tcp6-client +{% elif protocol == 'tcp-passive' %} +proto tcp6-server +{% else %} +proto udp6 +{% endif %} {% if local_host is defined and local_host is not none %} local {{ local_host }} {% endif %} @@ -60,24 +66,24 @@ mode server tls-server {% if server is defined and server is not none %} {% if server.subnet is defined and server.subnet is not none %} -{% for subnet in server.subnet if subnet | ipv4 %} +{% if server.topology is defined and server.topology == 'point-to-point' %} +topology p2p +{% elif server.topology is defined and server.topology is not none %} +topology {{ server.topology }} +{% endif %} +{% for subnet in server.subnet if subnet | is_ipv4 %} server {{ subnet | address_from_cidr }} {{ subnet | netmask_from_cidr }} nopool {# OpenVPN assigns the first IP address to its local interface so the pool used #} {# in net30 topology - where each client receives a /30 must start from the second subnet #} {% if server.topology is defined and server.topology == 'net30' %} -ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }} +ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }} {% else %} {# OpenVPN assigns the first IP address to its local interface so the pool must #} {# start from the second address and end on the last address #} -ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }} +ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tun' else '' }} {% endif %} {% endfor %} {% endif %} -{% if server.topology is defined and server.topology == 'point-to-point' %} -topology p2p -{% elif server.topology is defined and server.topology is not none %} -topology {{ server.topology }} -{% endif %} {% if server.client_ip_pool is defined and server.client_ip_pool is not none and server.client_ip_pool.disable is not defined %} ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }}{{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is defined and server.client_ip_pool.subnet_mask is not none }} {% endif %} @@ -130,12 +136,12 @@ push "dhcp-option DNS6 {{ ns6 }}" ping {{ keep_alive.interval }} ping-restart {{ keep_alive.failure_count }} -{% for laddr, laddr_conf in local_address.items() if laddr | ipv4 %} +{% for laddr, laddr_conf in local_address.items() if laddr | is_ipv4 %} {% if laddr_conf is defined and laddr_conf.subnet_mask is defined and laddr_conf.subnet_mask is not none %} ifconfig {{ laddr }} {{ laddr_conf.subnet_mask }} {% else %} {% for raddr in remote_address %} -{% if raddr | ipv4 %} +{% if raddr | is_ipv4 %} ifconfig {{ laddr }} {{ raddr }} {% else %} ifconfig-ipv6 {{ laddr }} {{ raddr }} diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index 0b03dfc7d..b14f96364 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -431,7 +431,7 @@ def get_accel_dict(config, base, chap_secrets): Return a dictionary with the necessary interface config keys. """ from vyos.util import get_half_cpus - from vyos.validate import is_ipv4 + from vyos.template import is_ipv4 dict = config.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py index babb0feb7..675dac5b1 100644 --- a/python/vyos/configverify.py +++ b/python/vyos/configverify.py @@ -51,7 +51,7 @@ def verify_mtu_ipv6(config): recurring validation if the specified MTU can be used when IPv6 is configured on the interface. IPv6 requires a 1280 bytes MTU. """ - from vyos.validate import is_ipv6 + from vyos.template import is_ipv6 if 'mtu' in config: # IPv6 minimum required link mtu min_mtu = 1280 @@ -278,7 +278,7 @@ def verify_diffie_hellman_length(file, min_keysize): prog = re.compile('\d+\s+bit') if prog.search(out): bits = prog.search(out)[0].split()[0] - if int(min_keysize) >= int(bits): + if int(bits) >= int(min_keysize): return True return False diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py index 894410871..893623284 100644 --- a/python/vyos/ifconfig/interface.py +++ b/python/vyos/ifconfig/interface.py @@ -35,8 +35,8 @@ from vyos.configdict import dict_merge from vyos.template import render from vyos.util import mac2eui64 from vyos.util import dict_search -from vyos.validate import is_ipv4 -from vyos.validate import is_ipv6 +from vyos.template import is_ipv4 +from vyos.template import is_ipv6 from vyos.validate import is_intf_addr_assigned from vyos.validate import assert_boolean from vyos.validate import assert_list diff --git a/python/vyos/ifconfig/tunnel.py b/python/vyos/ifconfig/tunnel.py index 4122d1a2f..926d66c18 100644 --- a/python/vyos/ifconfig/tunnel.py +++ b/python/vyos/ifconfig/tunnel.py @@ -22,6 +22,10 @@ from vyos.ifconfig.interface import Interface from vyos.ifconfig.afi import IP4, IP6 from vyos.validate import assert_list +import random +from random import seed, getrandbits +from ipaddress import IPv6Network, IPv6Address + def enable_to_on(value): if value == 'enable': return 'on' @@ -122,6 +126,16 @@ class _Tunnel(Interface): @classmethod def get_config(cls): return dict(zip(cls.options, ['']*len(cls.options))) + + def generate_link_local(): + # Linux Kernel does not generate IPv6 Link Local address do to missing MAC + # We have to generate address manually and assign to interface + net = IPv6Network("FE80::/16") + rand_net = IPv6Network((net.network_address + (random.getrandbits(64 - net.prefixlen) << 64 ),64)) + network = IPv6Network(rand_net) + address = str(IPv6Address(network.network_address + getrandbits(network.max_prefixlen - network.prefixlen)))+'/'+str(network.prefixlen) + + return address class GREIf(_Tunnel): @@ -154,6 +168,12 @@ class GREIf(_Tunnel): create = 'ip tunnel add {ifname} mode {type}' change = 'ip tunnel cha {ifname}' delete = 'ip tunnel del {ifname}' + + + def _create(self): + super()._create(self) + # Assign generated IPv6 Link Local address to the interface + self.add_addr(self.generate_link_local()) # GreTap also called GRE Bridge @@ -219,6 +239,11 @@ class IP6GREIf(_Tunnel): # sudo ip tunnel cha tun100 local: : 2 # Error: an IP address is expected rather than "::2" # works if mode is explicit + + def _create(self): + super()._create(self) + # Assign generated IPv6 Link Local address to the interface + self.add_addr(self.generate_link_local()) class IPIPIf(_Tunnel): @@ -270,6 +295,11 @@ class IPIP6If(_Tunnel): create = 'ip -6 tunnel add {ifname} mode {type}' change = 'ip -6 tunnel cha {ifname}' delete = 'ip -6 tunnel del {ifname}' + + def _create(self): + super()._create(self) + # Assign generated IPv6 Link Local address to the interface + self.add_addr(self.generate_link_local()) class IP6IP6If(IPIP6If): @@ -283,6 +313,11 @@ class IP6IP6If(IPIP6If): ip = [IP6,] default = {'type': 'ip6ip6'} + + def _create(self): + super()._create(self) + # Assign generated IPv6 Link Local address to the interface + self.add_addr(self.generate_link_local()) class SitIf(_Tunnel): @@ -306,6 +341,11 @@ class SitIf(_Tunnel): create = 'ip tunnel add {ifname} mode {type}' change = 'ip tunnel cha {ifname}' delete = 'ip tunnel del {ifname}' + + def _create(self): + super()._create(self) + # Assign generated IPv6 Link Local address to the interface + self.add_addr(self.generate_link_local()) class Sit6RDIf(SitIf): diff --git a/python/vyos/ifconfig/wireguard.py b/python/vyos/ifconfig/wireguard.py index d8e89229d..da3bd4e89 100644 --- a/python/vyos/ifconfig/wireguard.py +++ b/python/vyos/ifconfig/wireguard.py @@ -24,7 +24,7 @@ from hurry.filesize import alternative from vyos.config import Config from vyos.ifconfig import Interface from vyos.ifconfig import Operational -from vyos.validate import is_ipv6 +from vyos.template import is_ipv6 class WireGuardOperational(Operational): def _dump(self): diff --git a/python/vyos/template.py b/python/vyos/template.py index 389f6927f..58ba75972 100644 --- a/python/vyos/template.py +++ b/python/vyos/template.py @@ -124,7 +124,7 @@ def render( ################################## @register_filter('address_from_cidr') -def vyos_address_from_cidr(text): +def address_from_cidr(text): """ Take an IPv4/IPv6 CIDR prefix and convert the network to an "address". Example: 192.0.2.0/24 -> 192.0.2.0, 2001:db8::/48 -> 2001:db8:: @@ -133,7 +133,7 @@ def vyos_address_from_cidr(text): return str(ip_network(text).network_address) @register_filter('netmask_from_cidr') -def vyos_netmask_from_cidr(text): +def netmask_from_cidr(text): """ Take CIDR prefix and convert the prefix length to a "subnet mask". Example: - 192.0.2.0/24 -> 255.255.255.0 @@ -142,22 +142,27 @@ def vyos_netmask_from_cidr(text): from ipaddress import ip_network return str(ip_network(text).netmask) -@register_filter('ipv4') -def vyos_ipv4(text): +@register_filter('is_ip') +def is_ip(addr): + """ Check addr if it is an IPv4 or IPv6 address """ + return is_ipv4(addr) or is_ipv6(addr) + +@register_filter('is_ipv4') +def is_ipv4(text): """ Filter IP address, return True on IPv4 address, False otherwise """ from ipaddress import ip_interface try: return ip_interface(text).version == 4 except: return False @register_filter('ipv6') -def vyos_ipv6(text): +def is_ipv6(text): """ Filter IP address, return True on IPv6 address, False otherwise """ from ipaddress import ip_interface try: return ip_interface(text).version == 6 except: return False @register_filter('first_host_address') -def vyos_first_host_address(text): +def first_host_address(text): """ Return first usable (host) IP address from given prefix. Example: - 10.0.0.0/24 -> 10.0.0.1 @@ -173,7 +178,7 @@ def vyos_first_host_address(text): return str(addr.ip) @register_filter('last_host_address') -def vyos_last_host_address(text): +def last_host_address(text): """ Return first usable IP address from given prefix. Example: - 10.0.0.0/24 -> 10.0.0.254 @@ -190,11 +195,23 @@ def vyos_last_host_address(text): return str(IPv6Network(addr).broadcast_address) @register_filter('inc_ip') -def vyos_inc_ip(text, increment): - """ Return first usable IP address from given prefix. - Example: - - 10.0.0.0/24 -> 10.0.0.1 - - 2001:db8::/64 -> 2001:db8::1 +def inc_ip(address, increment): + """ Increment given IP address by 'increment' + + Example (inc by 2): + - 10.0.0.0/24 -> 10.0.0.2 + - 2001:db8::/64 -> 2001:db8::2 + """ + from ipaddress import ip_interface + return str(ip_interface(address).ip + int(increment)) + +@register_filter('dec_ip') +def dec_ip(address, decrement): + """ Decrement given IP address by 'decrement' + + Example (inc by 2): + - 10.0.0.0/24 -> 10.0.0.2 + - 2001:db8::/64 -> 2001:db8::2 """ from ipaddress import ip_interface - return str(ip_interface(text).ip + int(increment)) + return str(ip_interface(address).ip - int(decrement)) diff --git a/python/vyos/validate.py b/python/vyos/validate.py index 74b8adcfc..84a7bc2de 100644 --- a/python/vyos/validate.py +++ b/python/vyos/validate.py @@ -25,21 +25,10 @@ from vyos.util import cmd # parameters with default will be left unset # all other paramters will receive the value to check -def is_ip(addr): - """ Check addr if it is an IPv4 or IPv6 address """ - return is_ipv4(addr) or is_ipv6(addr) - -def is_ipv4(addr): - from vyos.template import vyos_ipv4 - return vyos_ipv4(addr) - -def is_ipv6(addr): - from vyos.template import vyos_ipv6 - return vyos_ipv6(addr) - def is_ipv6_link_local(addr): """ Check if addrsss is an IPv6 link-local address. Returns True/False """ from ipaddress import IPv6Address + from vyos.template import is_ipv6 addr = addr.split('%')[0] if is_ipv6(addr): if IPv6Address(addr).is_link_local: @@ -51,6 +40,7 @@ def _are_same_ip(one, two): from socket import AF_INET from socket import AF_INET6 from socket import inet_pton + from vyos.template import is_ipv4 # compare the binary representation of the IP f_one = AF_INET if is_ipv4(one) else AF_INET6 s_two = AF_INET if is_ipv4(two) else AF_INET6 @@ -68,6 +58,7 @@ def _is_intf_addr_assigned(intf, address, netmask=''): It can check both a single IP address (e.g. 192.0.2.1 or a assigned CIDR address 192.0.2.1/24. """ + from vyos.template import is_ipv4 # check if the requested address type is configured at all # { @@ -138,6 +129,7 @@ def is_subnet_connected(subnet, primary=False): """ from ipaddress import ip_address from ipaddress import ip_network + from vyos.template import is_ipv6 # determine IP version (AF_INET or AF_INET6) depending on passed address addr_type = netifaces.AF_INET diff --git a/smoketest/scripts/cli/base_accel_ppp_test.py b/smoketest/scripts/cli/base_accel_ppp_test.py index e3e5071c1..e46a16137 100644 --- a/smoketest/scripts/cli/base_accel_ppp_test.py +++ b/smoketest/scripts/cli/base_accel_ppp_test.py @@ -20,10 +20,10 @@ from configparser import ConfigParser from vyos.configsession import ConfigSession from vyos.configsession import ConfigSessionError +from vyos.template import is_ipv4 from vyos.util import cmd from vyos.util import get_half_cpus from vyos.util import process_named_running -from vyos.validate import is_ipv4 class BasicAccelPPPTest: class BaseTest(unittest.TestCase): diff --git a/smoketest/scripts/cli/base_interfaces_test.py b/smoketest/scripts/cli/base_interfaces_test.py index 653cc91f9..e02424073 100644 --- a/smoketest/scripts/cli/base_interfaces_test.py +++ b/smoketest/scripts/cli/base_interfaces_test.py @@ -23,7 +23,8 @@ from vyos.ifconfig import Interface from vyos.util import read_file from vyos.util import cmd from vyos.util import dict_search -from vyos.validate import is_intf_addr_assigned, is_ipv6_link_local +from vyos.validate import is_intf_addr_assigned +from vyos.validate import is_ipv6_link_local class BasicInterfaceTest: class BaseTest(unittest.TestCase): diff --git a/smoketest/scripts/cli/test_interfaces_openvpn.py b/smoketest/scripts/cli/test_interfaces_openvpn.py index 63deef5c2..41e48c2f8 100755 --- a/smoketest/scripts/cli/test_interfaces_openvpn.py +++ b/smoketest/scripts/cli/test_interfaces_openvpn.py @@ -26,11 +26,11 @@ from vyos.configsession import ConfigSessionError from vyos.util import cmd from vyos.util import process_named_running from vyos.util import read_file -from vyos.template import vyos_inc_ip -from vyos.template import vyos_address_from_cidr -from vyos.template import vyos_netmask_from_cidr -from vyos.template import vyos_last_host_address -from vyos.template import vyos_inc_ip +from vyos.template import address_from_cidr +from vyos.template import dec_ip +from vyos.template import inc_ip +from vyos.template import last_host_address +from vyos.template import netmask_from_cidr PROCESS_NAME = 'openvpn' @@ -319,7 +319,7 @@ class TestInterfacesOpenVPN(unittest.TestCase): for ii in num_range: interface = f'vtun{ii}' subnet = f'192.0.{ii}.0/24' - client_ip = vyos_inc_ip(subnet, '5') + client_ip = inc_ip(subnet, '5') path = base_path + [interface] port = str(2000 + ii) @@ -349,11 +349,11 @@ class TestInterfacesOpenVPN(unittest.TestCase): interface = f'vtun{ii}' subnet = f'192.0.{ii}.0/24' - start_addr = vyos_inc_ip(subnet, '2') - stop_addr = vyos_last_host_address(subnet) + start_addr = inc_ip(subnet, '2') + stop_addr = last_host_address(subnet) - client_ip = vyos_inc_ip(subnet, '5') - client_netmask = vyos_netmask_from_cidr(subnet) + client_ip = inc_ip(subnet, '5') + client_netmask = netmask_from_cidr(subnet) port = str(2000 + ii) @@ -387,7 +387,7 @@ class TestInterfacesOpenVPN(unittest.TestCase): self.assertIn(f'ifconfig-push {client_ip} {client_netmask}', client_config) for route in client1_routes: - self.assertIn('iroute {} {}'.format(vyos_address_from_cidr(route), vyos_netmask_from_cidr(route)), client_config) + self.assertIn('iroute {} {}'.format(address_from_cidr(route), netmask_from_cidr(route)), client_config) self.assertTrue(process_named_running(PROCESS_NAME)) self.assertEqual(get_vrf(interface), vrf_name) @@ -434,8 +434,8 @@ class TestInterfacesOpenVPN(unittest.TestCase): for ii in num_range: interface = f'vtun{ii}' subnet = f'192.0.{ii}.0/24' - start_addr = vyos_inc_ip(subnet, '4') - stop_addr = vyos_last_host_address(subnet) + start_addr = inc_ip(subnet, '4') + stop_addr = dec_ip(last_host_address(subnet), '1') port = str(2000 + ii) config_file = f'/run/openvpn/{interface}.conf' diff --git a/smoketest/scripts/cli/test_service_snmp.py b/smoketest/scripts/cli/test_service_snmp.py index 067a3c76b..2c2e2181b 100755 --- a/smoketest/scripts/cli/test_service_snmp.py +++ b/smoketest/scripts/cli/test_service_snmp.py @@ -18,10 +18,10 @@ import os import re import unittest -from vyos.validate import is_ipv4 from vyos.configsession import ConfigSession from vyos.configsession import ConfigSessionError +from vyos.template import is_ipv4 from vyos.util import read_file from vyos.util import process_named_running diff --git a/smoketest/scripts/cli/test_service_tftp-server.py b/smoketest/scripts/cli/test_service_tftp-server.py index 92333392a..3210e622f 100755 --- a/smoketest/scripts/cli/test_service_tftp-server.py +++ b/smoketest/scripts/cli/test_service_tftp-server.py @@ -24,7 +24,7 @@ from vyos.configsession import ConfigSession from vyos.configsession import ConfigSessionError from vyos.util import read_file from vyos.util import process_named_running -from vyos.validate import is_ipv6 +from vyos.template import is_ipv6 PROCESS_NAME = 'in.tftpd' base_path = ['service', 'tftp-server'] diff --git a/smoketest/scripts/cli/test_system_ntp.py b/smoketest/scripts/cli/test_system_ntp.py index 4f62b62d5..822a9aff2 100755 --- a/smoketest/scripts/cli/test_system_ntp.py +++ b/smoketest/scripts/cli/test_system_ntp.py @@ -20,8 +20,8 @@ import unittest from vyos.configsession import ConfigSession from vyos.configsession import ConfigSessionError -from vyos.template import vyos_address_from_cidr -from vyos.template import vyos_netmask_from_cidr +from vyos.template import address_from_cidr +from vyos.template import netmask_from_cidr from vyos.util import read_file from vyos.util import process_named_running @@ -86,8 +86,8 @@ class TestSystemNTP(unittest.TestCase): # Check generated client address configuration for network in networks: - network_address = vyos_address_from_cidr(network) - network_netmask = vyos_netmask_from_cidr(network) + network_address = address_from_cidr(network) + network_netmask = netmask_from_cidr(network) tmp = get_config_value(f'restrict {network_address}')[0] test = f'mask {network_netmask} nomodify notrap nopeer' diff --git a/src/conf_mode/dhcpv6_server.py b/src/conf_mode/dhcpv6_server.py index 1777d4db7..c2868e078 100755 --- a/src/conf_mode/dhcpv6_server.py +++ b/src/conf_mode/dhcpv6_server.py @@ -22,10 +22,11 @@ from copy import deepcopy from vyos.config import Config from vyos.template import render +from vyos.template import is_ipv6 from vyos.util import call -from vyos.validate import is_subnet_connected, is_ipv6 -from vyos import ConfigError +from vyos.validate import is_subnet_connected +from vyos import ConfigError from vyos import airbag airbag.enable() diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py index d0c2dd252..ef52cbfd3 100755 --- a/src/conf_mode/dns_forwarding.py +++ b/src/conf_mode/dns_forwarding.py @@ -21,12 +21,12 @@ from sys import exit from vyos.config import Config from vyos.configdict import dict_merge from vyos.hostsd_client import Client as hostsd_client +from vyos.template import render +from vyos.template import is_ipv6 from vyos.util import call from vyos.util import chown from vyos.util import dict_search -from vyos.template import render from vyos.xml import defaults -from vyos.validate import is_ipv6 from vyos import ConfigError from vyos import airbag diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index b507afcc0..c23e79948 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -33,13 +33,13 @@ from vyos.configverify import verify_bridge_delete from vyos.configverify import verify_diffie_hellman_length from vyos.ifconfig import VTunIf from vyos.template import render +from vyos.template import is_ipv4 +from vyos.template import is_ipv6 from vyos.util import call from vyos.util import chown from vyos.util import chmod_600 from vyos.util import dict_search from vyos.validate import is_addr_assigned -from vyos.validate import is_ipv4 -from vyos.validate import is_ipv6 from vyos import ConfigError from vyos import airbag @@ -320,7 +320,7 @@ def verify(openvpn): if 'local_port' in openvpn: raise ConfigError('Cannot specify "local-port" with "tcp-active"') - if 'remote_host' in openvpn: + if 'remote_host' not in openvpn: raise ConfigError('Must specify "remote-host" with "tcp-active"') # shared secret and TLS diff --git a/src/conf_mode/interfaces-tunnel.py b/src/conf_mode/interfaces-tunnel.py index 5561514bd..f1217b62d 100755 --- a/src/conf_mode/interfaces-tunnel.py +++ b/src/conf_mode/interfaces-tunnel.py @@ -23,12 +23,14 @@ from netifaces import interfaces from vyos.config import Config from vyos.configdict import is_member +from vyos.configdict import list_diff +from vyos.dicts import FixedDict from vyos.ifconfig import Interface, GREIf, GRETapIf, IPIPIf, IP6GREIf, IPIP6If, IP6IP6If, SitIf, Sit6RDIf from vyos.ifconfig.afi import IP4, IP6 -from vyos.configdict import list_diff -from vyos.validate import is_ipv4, is_ipv6 +from vyos.template import is_ipv4 +from vyos.template import is_ipv6 from vyos import ConfigError -from vyos.dicts import FixedDict + from vyos import airbag airbag.enable() diff --git a/src/conf_mode/protocols_bfd.py b/src/conf_mode/protocols_bfd.py index c8e791c78..d1e551cad 100755 --- a/src/conf_mode/protocols_bfd.py +++ b/src/conf_mode/protocols_bfd.py @@ -20,11 +20,11 @@ from sys import exit from copy import deepcopy from vyos.config import Config -from vyos.validate import is_ipv6_link_local, is_ipv6 -from vyos import ConfigError -from vyos.util import call +from vyos.template import is_ipv6 from vyos.template import render - +from vyos.util import call +from vyos.validate import is_ipv6_link_local +from vyos import ConfigError from vyos import airbag airbag.enable() diff --git a/src/conf_mode/service_ipoe-server.py b/src/conf_mode/service_ipoe-server.py index 87c7754f3..68c554360 100755 --- a/src/conf_mode/service_ipoe-server.py +++ b/src/conf_mode/service_ipoe-server.py @@ -23,8 +23,9 @@ from sys import exit from vyos.config import Config from vyos.template import render +from vyos.template import is_ipv4 +from vyos.template import is_ipv6 from vyos.util import call, get_half_cpus -from vyos.validate import is_ipv4 from vyos import ConfigError from vyos import airbag diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py index 117bf0274..3990e5735 100755 --- a/src/conf_mode/snmp.py +++ b/src/conf_mode/snmp.py @@ -22,8 +22,9 @@ from vyos.config import Config from vyos.configverify import verify_vrf from vyos.snmpv3_hashgen import plaintext_to_md5, plaintext_to_sha1, random from vyos.template import render +from vyos.template import is_ipv4 from vyos.util import call, chmod_755 -from vyos.validate import is_ipv4, is_addr_assigned +from vyos.validate import is_addr_assigned from vyos.version import get_version_data from vyos import ConfigError, airbag airbag.enable() diff --git a/src/conf_mode/tftp_server.py b/src/conf_mode/tftp_server.py index cac95afe2..56e195b6a 100755 --- a/src/conf_mode/tftp_server.py +++ b/src/conf_mode/tftp_server.py @@ -25,9 +25,9 @@ from sys import exit from vyos.config import Config from vyos.configdict import dict_merge from vyos.template import render +from vyos.template import is_ipv4 from vyos.util import call from vyos.util import chmod_755 -from vyos.validate import is_ipv4 from vyos.validate import is_addr_assigned from vyos.xml import defaults from vyos import ConfigError diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py index 465986d5b..80eb8daf2 100755 --- a/src/conf_mode/vpn_l2tp.py +++ b/src/conf_mode/vpn_l2tp.py @@ -25,10 +25,10 @@ from time import sleep from ipaddress import ip_network from vyos.config import Config +from vyos.template import is_ipv4 +from vyos.template import render from vyos.util import call, get_half_cpus -from vyos.validate import is_ipv4 from vyos import ConfigError -from vyos.template import render from vyos import airbag airbag.enable() diff --git a/src/tests/test_jinja_filters.py b/src/tests/test_jinja_filters.py index acd7a5952..8a7241fe3 100644 --- a/src/tests/test_jinja_filters.py +++ b/src/tests/test_jinja_filters.py @@ -17,13 +17,13 @@ from unittest import TestCase from ipaddress import ip_network -from vyos.template import vyos_address_from_cidr -from vyos.template import vyos_netmask_from_cidr -from vyos.template import vyos_ipv4 -from vyos.template import vyos_ipv6 -from vyos.template import vyos_first_host_address -from vyos.template import vyos_last_host_address -from vyos.template import vyos_inc_ip +from vyos.template import address_from_cidr +from vyos.template import netmask_from_cidr +from vyos.template import is_ipv4 +from vyos.template import is_ipv6 +from vyos.template import first_host_address +from vyos.template import last_host_address +from vyos.template import inc_ip class TestTeamplteHelpers(TestCase): def setUp(self): @@ -31,39 +31,39 @@ class TestTeamplteHelpers(TestCase): def test_helpers_from_cidr(self): network_v4 = '192.0.2.0/26' - self.assertEqual(vyos_address_from_cidr(network_v4), str(ip_network(network_v4).network_address)) - self.assertEqual(vyos_netmask_from_cidr(network_v4), str(ip_network(network_v4).netmask)) + self.assertEqual(address_from_cidr(network_v4), str(ip_network(network_v4).network_address)) + self.assertEqual(netmask_from_cidr(network_v4), str(ip_network(network_v4).netmask)) def test_helpers_ipv4(self): - self.assertTrue(vyos_ipv4('192.0.2.1')) - self.assertTrue(vyos_ipv4('192.0.2.0/24')) - self.assertTrue(vyos_ipv4('192.0.2.1/32')) - self.assertTrue(vyos_ipv4('10.255.1.2')) - self.assertTrue(vyos_ipv4('10.255.1.0/24')) - self.assertTrue(vyos_ipv4('10.255.1.2/32')) - self.assertFalse(vyos_ipv4('2001:db8::')) - self.assertFalse(vyos_ipv4('2001:db8::1')) - self.assertFalse(vyos_ipv4('2001:db8::/64')) + self.assertTrue(is_ipv4('192.0.2.1')) + self.assertTrue(is_ipv4('192.0.2.0/24')) + self.assertTrue(is_ipv4('192.0.2.1/32')) + self.assertTrue(is_ipv4('10.255.1.2')) + self.assertTrue(is_ipv4('10.255.1.0/24')) + self.assertTrue(is_ipv4('10.255.1.2/32')) + self.assertFalse(is_ipv4('2001:db8::')) + self.assertFalse(is_ipv4('2001:db8::1')) + self.assertFalse(is_ipv4('2001:db8::/64')) def test_helpers_ipv6(self): - self.assertFalse(vyos_ipv6('192.0.2.1')) - self.assertFalse(vyos_ipv6('192.0.2.0/24')) - self.assertFalse(vyos_ipv6('192.0.2.1/32')) - self.assertFalse(vyos_ipv6('10.255.1.2')) - self.assertFalse(vyos_ipv6('10.255.1.0/24')) - self.assertFalse(vyos_ipv6('10.255.1.2/32')) - self.assertTrue(vyos_ipv6('2001:db8::')) - self.assertTrue(vyos_ipv6('2001:db8::1')) - self.assertTrue(vyos_ipv6('2001:db8::1/64')) - self.assertTrue(vyos_ipv6('2001:db8::/32')) - self.assertTrue(vyos_ipv6('2001:db8::/64')) + self.assertFalse(is_ipv6('192.0.2.1')) + self.assertFalse(is_ipv6('192.0.2.0/24')) + self.assertFalse(is_ipv6('192.0.2.1/32')) + self.assertFalse(is_ipv6('10.255.1.2')) + self.assertFalse(is_ipv6('10.255.1.0/24')) + self.assertFalse(is_ipv6('10.255.1.2/32')) + self.assertTrue(is_ipv6('2001:db8::')) + self.assertTrue(is_ipv6('2001:db8::1')) + self.assertTrue(is_ipv6('2001:db8::1/64')) + self.assertTrue(is_ipv6('2001:db8::/32')) + self.assertTrue(is_ipv6('2001:db8::/64')) def test_helpers_first_host_address(self): - self.assertEqual(vyos_first_host_address('10.0.0.0/24'), '10.0.0.1') - self.assertEqual(vyos_first_host_address('10.0.0.128/25'), '10.0.0.129') - self.assertEqual(vyos_first_host_address('10.0.0.200/29'), '10.0.0.201') + self.assertEqual(first_host_address('10.0.0.0/24'), '10.0.0.1') + self.assertEqual(first_host_address('10.0.0.128/25'), '10.0.0.129') + self.assertEqual(first_host_address('10.0.0.200/29'), '10.0.0.201') - self.assertEqual(vyos_first_host_address('2001:db8::/64'), '2001:db8::') - self.assertEqual(vyos_first_host_address('2001:db8::/112'), '2001:db8::') - self.assertEqual(vyos_first_host_address('2001:db8::10/112'), '2001:db8::10') - self.assertEqual(vyos_first_host_address('2001:db8::100/112'), '2001:db8::100') + self.assertEqual(first_host_address('2001:db8::/64'), '2001:db8::') + self.assertEqual(first_host_address('2001:db8::/112'), '2001:db8::') + self.assertEqual(first_host_address('2001:db8::10/112'), '2001:db8::10') + self.assertEqual(first_host_address('2001:db8::100/112'), '2001:db8::100') diff --git a/src/tests/test_template.py b/src/tests/test_template.py new file mode 100644 index 000000000..6dc2f075e --- /dev/null +++ b/src/tests/test_template.py @@ -0,0 +1,46 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2020 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import vyos.template +from unittest import TestCase + +class TestVyOSTemplate(TestCase): + def setUp(self): + pass + + def test_is_ip(self): + self.assertTrue(vyos.template.is_ip('192.0.2.1')) + self.assertTrue(vyos.template.is_ip('2001:db8::1')) + self.assertFalse(vyos.template.is_ip('VyOS')) + + def test_is_ipv4(self): + self.assertTrue(vyos.template.is_ipv4('192.0.2.1')) + self.assertTrue(vyos.template.is_ipv4('192.0.2.0/24')) + self.assertTrue(vyos.template.is_ipv4('192.0.2.1/32')) + + self.assertFalse(vyos.template.is_ipv4('2001:db8::1')) + self.assertFalse(vyos.template.is_ipv4('2001:db8::/64')) + self.assertFalse(vyos.template.is_ipv4('VyOS')) + + def test_is_ipv6(self): + self.assertTrue(vyos.template.is_ipv6('2001:db8::1')) + self.assertTrue(vyos.template.is_ipv6('2001:db8::/64')) + self.assertTrue(vyos.template.is_ipv6('2001:db8::1/64')) + + self.assertFalse(vyos.template.is_ipv6('192.0.2.1')) + self.assertFalse(vyos.template.is_ipv6('192.0.2.0/24')) + self.assertFalse(vyos.template.is_ipv6('192.0.2.1/32')) + self.assertFalse(vyos.template.is_ipv6('VyOS')) diff --git a/src/tests/test_validate.py b/src/tests/test_validate.py index e9fe185ed..226e856a3 100644 --- a/src/tests/test_validate.py +++ b/src/tests/test_validate.py @@ -21,29 +21,6 @@ class TestVyOSValidate(TestCase): def setUp(self): pass - def test_is_ip(self): - self.assertTrue(vyos.validate.is_ip('192.0.2.1')) - self.assertTrue(vyos.validate.is_ip('2001:db8::1')) - self.assertFalse(vyos.validate.is_ip('VyOS')) - - def test_is_ipv4(self): - self.assertTrue(vyos.validate.is_ipv4('192.0.2.1')) - self.assertTrue(vyos.validate.is_ipv4('192.0.2.0/24')) - self.assertTrue(vyos.validate.is_ipv4('192.0.2.1/32')) - - self.assertFalse(vyos.validate.is_ipv4('2001:db8::1')) - self.assertFalse(vyos.validate.is_ipv4('2001:db8::/64')) - self.assertFalse(vyos.validate.is_ipv4('VyOS')) - - def test_is_ipv6(self): - self.assertFalse(vyos.validate.is_ipv6('192.0.2.1')) - self.assertFalse(vyos.validate.is_ipv6('192.0.2.0/24')) - self.assertFalse(vyos.validate.is_ipv6('192.0.2.1/32')) - self.assertTrue(vyos.validate.is_ipv6('2001:db8::1')) - self.assertTrue(vyos.validate.is_ipv6('2001:db8::/64')) - self.assertTrue(vyos.validate.is_ipv6('2001:db8::1/64')) - self.assertFalse(vyos.validate.is_ipv6('VyOS')) - def test_is_ipv6_link_local(self): self.assertFalse(vyos.validate.is_ipv6_link_local('169.254.0.1')) self.assertTrue(vyos.validate.is_ipv6_link_local('fe80::')) |