4 files changed, 68 insertions, 2 deletions

diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py
index bcaec55be..abd91583d 100644
--- a/python/vyos/configverify.py
+++ b/python/vyos/configverify.py
@@ -307,3 +307,26 @@ def verify_diffie_hellman_length(file, min_keysize):
 
     return False
 
+def verify_route_maps(config):
+    """
+    Common helper function used by routing protocol implementations to perform
+    recurring validation if the specified route-map for either zebra to kernel
+    installation exists (this is the top-level route_map key) or when a route
+    is redistributed with a route-map that it exists!
+    """
+    if 'route_map' in config:
+        route_map = config['route_map']
+        # Check if the specified route-map exists, if not error out
+        if dict_search(f'policy.route_map.{route_map}', config) == None:
+            raise ConfigError(f'Specified route-map "{route_map}" does not exist!')
+
+    if 'redistribute' in config:
+        for protocol, protocol_config in config['redistribute'].items():
+            if 'route_map' in protocol_config:
+                # A hyphen in a route-map name will be converted to _, take care
+                # about this effect during validation
+                route_map = protocol_config['route_map'].replace('-','_')
+                # Check if the specified route-map exists, if not error out
+                if dict_search(f'policy.route_map.{route_map}', config) == None:
+                    raise ConfigError(f'Redistribution route-map "{route_map}" ' \
+                                      f'for "{protocol}" does not exist!')
diff --git a/python/vyos/frr.py b/python/vyos/frr.py
index 3bab64301..76e204ab3 100644
--- a/python/vyos/frr.py
+++ b/python/vyos/frr.py
@@ -459,7 +459,8 @@ class FRRConfig:
         start = _find_first_element(self.config, before_pattern)
         if start < 0:
             return False
-
+        for i, e in enumerate(addition, start=start):
+            LOG.debug(f'add_before:   add          {i:3} {e}')
         self.config[start:start] = addition
         return True
 
diff --git a/python/vyos/ifconfig/tunnel.py b/python/vyos/ifconfig/tunnel.py
index 7e3f9565a..4320bf8bc 100644
--- a/python/vyos/ifconfig/tunnel.py
+++ b/python/vyos/ifconfig/tunnel.py
@@ -55,6 +55,7 @@ class _Tunnel(Interface):
         'ttl' : '',
         'tos' : '',
         'key' : '',
+        'raw' : '',
     }
     options = Interface.options + list(default.keys())
 
diff --git a/python/vyos/template.py b/python/vyos/template.py
index bf087c223..527384d0b 100644
--- a/python/vyos/template.py
+++ b/python/vyos/template.py
@@ -149,7 +149,9 @@ def netmask_from_ipv4(address):
     Example:
       - 172.18.201.10 -> 255.255.255.128
     """
-    from netifaces import interfaces, ifaddresses, AF_INET
+    from netifaces import interfaces
+    from netifaces import ifaddresses
+    from netifaces import AF_INET
     for interface in interfaces():
         tmp = ifaddresses(interface)
         if AF_INET in tmp:
@@ -160,6 +162,30 @@ def netmask_from_ipv4(address):
 
     raise ValueError
 
+@register_filter('is_ip_network')
+def is_ip_network(addr):
+    """ Take IP(v4/v6) address and validate if the passed argument is a network
+    or a host address.
+
+    Example:
+      - 192.0.2.0          -> False
+      - 192.0.2.10/24      -> False
+      - 192.0.2.0/24       -> True
+      - 2001:db8::         -> False
+      - 2001:db8::100      -> False
+      - 2001:db8::/48      -> True
+      - 2001:db8:1000::/64 -> True
+    """
+    try:
+        from ipaddress import ip_network
+        # input variables must contain a / to indicate its CIDR notation
+        if len(addr.split('/')) != 2:
+            raise ValueError()
+        ip_network(addr)
+        return True
+    except:
+        return False
+
 @register_filter('network_from_ipv4')
 def network_from_ipv4(address):
     """ Take IP address and search all attached interface IP addresses for the
@@ -248,6 +274,21 @@ def dec_ip(address, decrement):
     from ipaddress import ip_interface
     return str(ip_interface(address).ip - int(decrement))
 
+@register_filter('compare_netmask')
+def compare_netmask(netmask1, netmask2):
+    """
+    Compare two IP netmask if they have the exact same size.
+
+    compare_netmask('10.0.0.0/8', '20.0.0.0/8') -> True
+    compare_netmask('10.0.0.0/8', '20.0.0.0/16') -> False
+    """
+    from ipaddress import ip_network
+    try:
+        return ip_network(netmask1).netmask == ip_network(netmask2).netmask
+    except:
+        return False
+
+
 @register_filter('isc_static_route')
 def isc_static_route(subnet, router):
     # https://ercpe.de/blog/pushing-static-routes-with-isc-dhcp-server