proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-08 05:27:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #1635 from qlyoung/bgpd-remove-options-directly-connected

Browse Source 
bgpd: disallow invalid config at cli layer
This commit is contained in:
Renato Westphal 2018-01-16 10:11:39 -02:00 committed by GitHub
commit 9d57c91faf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
bgpd/bgp_vty.c
View File

@ -3403,18 +3403,6 @@ static int peer_flag_modify_vty(struct vty *vty, const char *ip_str,
if (!peer) if (!peer)
return CMD_WARNING_CONFIG_FAILED; return CMD_WARNING_CONFIG_FAILED;
/*
* If 'neighbor <interface>', then this is for directly connected peers,
* we should not accept disable-connected-check.
*/
if (peer->conf_if && (flag == PEER_FLAG_DISABLE_CONNECTED_CHECK)) {
vty_out(vty,
"%s is directly connected peer, cannot accept disable-"
"connected-check\n",
ip_str);
return CMD_WARNING_CONFIG_FAILED;
}
if (!set && flag == PEER_FLAG_SHUTDOWN) if (!set && flag == PEER_FLAG_SHUTDOWN)
peer_tx_shutdown_message_unset(peer); peer_tx_shutdown_message_unset(peer);
@ -4505,9 +4493,9 @@ DEFUN (no_neighbor_ebgp_multihop,
/* disable-connected-check */ /* disable-connected-check */
DEFUN (neighbor_disable_connected_check, DEFUN (neighbor_disable_connected_check,
neighbor_disable_connected_check_cmd, neighbor_disable_connected_check_cmd,
"neighbor <A.B.C.D|X:X::X:X|WORD> <disable-connected-check|enforce-multihop>", "neighbor <A.B.C.D|X:X::X:X> <disable-connected-check|enforce-multihop>",
NEIGHBOR_STR NEIGHBOR_STR
NEIGHBOR_ADDR_STR2 NEIGHBOR_ADDR_STR
"one-hop away EBGP peer using loopback address\n" "one-hop away EBGP peer using loopback address\n"
"Enforce EBGP neighbors perform multihop\n") "Enforce EBGP neighbors perform multihop\n")
{ {
@ -4518,10 +4506,10 @@ DEFUN (neighbor_disable_connected_check,
DEFUN (no_neighbor_disable_connected_check, DEFUN (no_neighbor_disable_connected_check,
no_neighbor_disable_connected_check_cmd, no_neighbor_disable_connected_check_cmd,
"no neighbor <A.B.C.D|X:X::X:X|WORD> <disable-connected-check|enforce-multihop>", "no neighbor <A.B.C.D|X:X::X:X> <disable-connected-check|enforce-multihop>",
NO_STR NO_STR
NEIGHBOR_STR NEIGHBOR_STR
NEIGHBOR_ADDR_STR2 NEIGHBOR_ADDR_STR
"one-hop away EBGP peer using loopback address\n" "one-hop away EBGP peer using loopback address\n"
"Enforce EBGP neighbors perform multihop\n") "Enforce EBGP neighbors perform multihop\n")
{ {
@ -5960,9 +5948,9 @@ ALIAS_HIDDEN(
DEFUN (neighbor_ttl_security, DEFUN (neighbor_ttl_security,
neighbor_ttl_security_cmd, neighbor_ttl_security_cmd,
"neighbor <A.B.C.D|X:X::X:X|WORD> ttl-security hops (1-254)", "neighbor <A.B.C.D|X:X::X:X> ttl-security hops (1-254)",
NEIGHBOR_STR NEIGHBOR_STR
NEIGHBOR_ADDR_STR2 NEIGHBOR_ADDR_STR
"BGP ttl-security parameters\n" "BGP ttl-security parameters\n"
"Specify the maximum number of hops to the BGP peer\n" "Specify the maximum number of hops to the BGP peer\n"
"Number of hops to BGP peer\n") "Number of hops to BGP peer\n")
@ -5978,26 +5966,15 @@ DEFUN (neighbor_ttl_security,
gtsm_hops = strtoul(argv[idx_number]->arg, NULL, 10); gtsm_hops = strtoul(argv[idx_number]->arg, NULL, 10);
/*
* If 'neighbor swpX', then this is for directly connected peers,
* we should not accept a ttl-security hops value greater than 1.
*/
if (peer->conf_if && (gtsm_hops > 1)) {
vty_out(vty,
"%s is directly connected peer, hops cannot exceed 1\n",
argv[idx_peer]->arg);
return CMD_WARNING_CONFIG_FAILED;
}
return bgp_vty_return(vty, peer_ttl_security_hops_set(peer, gtsm_hops)); return bgp_vty_return(vty, peer_ttl_security_hops_set(peer, gtsm_hops));
} }
DEFUN (no_neighbor_ttl_security, DEFUN (no_neighbor_ttl_security,
no_neighbor_ttl_security_cmd, no_neighbor_ttl_security_cmd,
"no neighbor <A.B.C.D|X:X::X:X|WORD> ttl-security hops (1-254)", "no neighbor <A.B.C.D|X:X::X:X> ttl-security hops (1-254)",
NO_STR NO_STR
NEIGHBOR_STR NEIGHBOR_STR
NEIGHBOR_ADDR_STR2 NEIGHBOR_ADDR_STR
"BGP ttl-security parameters\n" "BGP ttl-security parameters\n"
"Specify the maximum number of hops to the BGP peer\n" "Specify the maximum number of hops to the BGP peer\n"
"Number of hops to BGP peer\n") "Number of hops to BGP peer\n")