From f81ca22c1988495943531cba11add7cfc9441033 Mon Sep 17 00:00:00 2001
From: Jernej Jakob <jernej.jakob@gmail.com>
Date: Fri, 1 May 2020 17:45:20 +0200
Subject: bridge: T2241: disallow adding interfaces with addresses to bridge

---
 src/conf_mode/interfaces-bridge.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/conf_mode/interfaces-bridge.py b/src/conf_mode/interfaces-bridge.py
index 3f54e0dc3..fe3675190 100755
--- a/src/conf_mode/interfaces-bridge.py
+++ b/src/conf_mode/interfaces-bridge.py
@@ -23,7 +23,7 @@ from netifaces import interfaces
 from vyos.ifconfig import BridgeIf, Section
 from vyos.ifconfig.stp import STP
 from vyos.configdict import list_diff
-from vyos.validate import is_member
+from vyos.validate import is_member, has_address_configured
 from vyos.config import Config
 from vyos.util import cmd, get_bridge_member_config
 from vyos import ConfigError
@@ -268,6 +268,12 @@ def verify(bridge):
                 f'Cannot add interface "{intf["name"]}" to bridge '
                 f'"{bridge["intf"]}", it is already a member of bond "{tmp}"!'))
 
+        # bridge members must not have an assigned address
+        if has_address_configured(conf, intf['name']):
+            raise ConfigError((
+                f'Cannot add interface "{intf["name"]}" to bridge '
+                f'"{bridge["intf"]}", it has an address assigned!'))
+
     return None
 
 def generate(bridge):
-- 
cgit v1.2.3