proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-06-13 17:49:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pbrd: disallow ipv4/ipv6 mismatching in match src/dst

Browse Source 
Disallow mismatching of ipv4/ipv6 matching in src/dst.
Doesn't make a lot of sense to allow this based on how
IP Headers work. The kernel does not allow it at all
obviously.

Signed-off-by: Stephen Worley <sworley@nvidia.com>
This commit is contained in:
Stephen Worley 2020-12-17 16:14:38 -05:00
parent 91653aefd4
commit 67765a232d
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pbrd/pbr_vty.c
View File

@ -137,6 +137,11 @@ DEFPY(pbr_map_match_src, pbr_map_match_src_cmd,
{
struct pbr_map_sequence *pbrms = VTY_GET_CONTEXT(pbr_map_sequence);
if (pbrms->dst && pbrms->family && prefix->family != pbrms->family) {
vty_out(vty, "Cannot mismatch families within match src/dst\n");
return CMD_WARNING_CONFIG_FAILED;
}
pbrms->family = prefix->family;
if (!no) {
@ -165,6 +170,11 @@ DEFPY(pbr_map_match_dst, pbr_map_match_dst_cmd,
{
struct pbr_map_sequence *pbrms = VTY_GET_CONTEXT(pbr_map_sequence);
if (pbrms->src && pbrms->family && prefix->family != pbrms->family) {
vty_out(vty, "Cannot mismatch families within match src/dst\n");
return CMD_WARNING_CONFIG_FAILED;
}
pbrms->family = prefix->family;
if (!no) {