1 files changed, 27 insertions, 14 deletions

diff --git a/src/conf_mode/policy.py b/src/conf_mode/policy.py
index fec9a206e..a8244ca26 100755
--- a/src/conf_mode/policy.py
+++ b/src/conf_mode/policy.py
@@ -36,29 +36,42 @@ def get_config(config=None):
     base = ['policy']
     policy = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True,
                                   no_tag_node_value_mangle=True)
+
     return policy
 
 def verify(policy):
     if not policy:
         return None
 
-    if 'access-list' in policy:
-        for acl, acl_config in policy['access-list'].items():
-            if 'rule' not in acl_config:
+    def verify_access_list(acl, rule, rule_config):
+        error_append = f'must be specified for rule {rule} in access-list {acl}!'
+        if 'source' not in rule_config:
+            raise ConfigError(f'Source {error_append}')
+
+        if int(acl) in range(100, 200) or int(acl) in range(2000, 2700):
+            if 'destination' not in rule_config:
+                raise ConfigError(f'Destination {error_append}')
+
+    for type in ['access_list', 'access_list6', 'as_path_list', 'community_list',
+                 'extcommunity_list', 'large_community_list', 'prefix_list',
+                 'prefix_list6', 'route_map']:
+        # Bail out early and continue with next policy type
+        if type not in policy:
+            continue
+        # instance can be an ACL name/number, prefix-list name or route-map name
+        for instance, instance_config in policy[type].items():
+            # If no rule was found within the instance ... sad, but we can leave
+            # early as nothing needs to be verified
+            if 'rule' not in instance_config:
                 continue
-
-            for rule, rule_config in acl_config['rule'].items():
-                if 'source' not in rule_config:
-                    raise ConfigError(f'Source must be specified for rule {rule} '\
-                                      f'for access-list {acl}!')
+            for rule, rule_config in instance_config['rule'].items():
                 if 'action' not in rule_config:
-                    raise ConfigError(f'Action must be specified for rule {rule} '\
-                                      f'for access-list {acl}!')
+                    error_msg = 'Action must be specified for ' + type.replace('_','-')
+                    raise ConfigError(f'{error_msg} {instance}, rule {rule}!')
+
+                if type == 'access_list':
+                    verify_access_list(instance, rule, rule_config)
 
-                if int(acl) not in range(100, 200) or int(acl) not in range(2000, 2700):
-                    if 'destination' not in rule_config:
-                        raise ConfigError(f'Destination must be specified for rule {rule} '\
-                                          f'for access-list {acl}!')
 
     return None