From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jonatan Schlag To: network@lists.ipfire.org Subject: [PATCH 4/5] ip-tunnel: Improve checks Date: Sun, 04 Mar 2018 18:24:58 +0000 Message-ID: <1520187899-5759-4-git-send-email-jonatan.schlag@ipfire.org> In-Reply-To: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6608480927577287056==" List-Id: --===============6608480927577287056== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable We cannot mix ipv6 and ipv4 and we also need to detect the IP protocol version to decide which mode we have to use. This is done in a seperated commit. Signed-off-by: Jonatan Schlag --- src/functions/functions.ip-tunnel | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/functions/functions.ip-tunnel b/src/functions/functions.ip-t= unnel index 550b0b3..0a0c210 100644 --- a/src/functions/functions.ip-tunnel +++ b/src/functions/functions.ip-tunnel @@ -98,6 +98,24 @@ ip_tunnel_add() { return ${EXIT_ERROR} fi =20 + # Detect the IP protocol, which is important to decide which mode we have t= o use + local remote_address_protocol=3D"$(ip_detect_protocol "${remote_address}")" + + # If we could not detect the IP protocol something with + # ${remote_address} is wrong + if ! isset remote_address_protocol; then + log ERROR "Could not determine remote address IP protocol" + return ${EXIT_ERROR} + fi + + # We cannot mix IPv6 and IPv4 + if [[ "${remote_address_protocol}" !=3D \ + "$(ip_detect_protocol "${local_address}")" ]] ; then + log ERROR "Local and remote address\ + are not from the same IP protocol" + return ${EXIT_ERROR} + fi + # ikey and okey must be set for VTI devices if [ "${mode}" =3D "vti" ] && (! isset ikey || ! isset okey); then error "--ikey=3D and --okey=3D must be set for VTI device" --=20 2.6.3 --===============6608480927577287056==--