Development
This commit is contained in:
parent
9c22b6f2fd
commit
6e610f888e
10 changed files with 526 additions and 102 deletions
|
|
@ -807,19 +807,22 @@ def validate_config(data):
|
|||
if ip and ip not in network:
|
||||
errors.append(f"{label}: '{ip_str}' is not within subnet {network}.")
|
||||
|
||||
for vlan, iface in zip(data.get("vlans", []), vlan_ifaces):
|
||||
name = vlan.get("name", "?")
|
||||
net = vlan_networks.get(iface)
|
||||
|
||||
for r in vlan.get("port_wrangling", []):
|
||||
desc = r.get("description", "?")
|
||||
label = f"vlan '{name}' port_wrangling '{desc}'"
|
||||
if r.get("protocol") not in valid_protos:
|
||||
errors.append(f"{label}: invalid protocol '{r.get('protocol')}'. "
|
||||
f"Must be tcp, udp, or both.")
|
||||
nat_check_port(f"{label} dest_port", r.get("dest_port"))
|
||||
if net:
|
||||
nat_check_ip_in_network(f"{label} redirect_to", r.get("redirect_to", ""), net)
|
||||
# port_wrangling validation (top-level) =========================
|
||||
_vlan_name_to_net = {
|
||||
v.get("name", ""): vlan_networks.get(iface)
|
||||
for v, iface in zip(data.get("vlans", []), vlan_ifaces)
|
||||
}
|
||||
for idx, r in enumerate(data.get("port_wrangling", [])):
|
||||
desc = r.get("description", "?")
|
||||
vlan_name = r.get("vlan", "?")
|
||||
label = f"port_wrangling[{idx}] (vlan '{vlan_name}') '{desc}'"
|
||||
if r.get("protocol") not in valid_protos:
|
||||
errors.append(f"{label}: invalid protocol '{r.get('protocol')}'. "
|
||||
f"Must be tcp, udp, or both.")
|
||||
nat_check_port(f"{label} dest_port", r.get("dest_port"))
|
||||
net = _vlan_name_to_net.get(vlan_name)
|
||||
if net:
|
||||
nat_check_ip_in_network(f"{label} redirect_to", r.get("redirect_to", ""), net)
|
||||
|
||||
# port_forwarding validation (top-level) ========================
|
||||
for idx, r in enumerate(data.get("port_forwarding", [])):
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue