diff mbox series

[4/5] ip-tunnel: Improve checks

Message ID 1520187899-5759-4-git-send-email-jonatan.schlag@ipfire.org
State Accepted
Commit 5bbd1fab191de5ec8fe7c03ebc7e57c487e948f7
Headers
Series [1/5] ip-tunnel: add new function |

Commit Message

Jonatan Schlag March 5, 2018, 5:24 a.m. UTC 
  We cannot mix ipv6 and ipv4 and we also need to detect the IP protocol
version to decide which mode we have to use.
This is done in a seperated commit.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
---
 src/functions/functions.ip-tunnel | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
diff mbox series

Patch

diff --git a/src/functions/functions.ip-tunnel b/src/functions/functions.ip-tunnel
index 550b0b3..0a0c210 100644
--- a/src/functions/functions.ip-tunnel
+++ b/src/functions/functions.ip-tunnel
@@ -98,6 +98,24 @@  ip_tunnel_add() {
 		return ${EXIT_ERROR}
 	fi
 
+	# Detect the IP protocol, which is important to decide which mode we have to use
+	local remote_address_protocol="$(ip_detect_protocol "${remote_address}")"
+
+	# If we could not detect the IP protocol something with
+	# ${remote_address} is wrong
+	if ! isset remote_address_protocol; then
+		log ERROR "Could not determine remote address IP protocol"
+		return ${EXIT_ERROR}
+	fi
+
+	# We cannot mix IPv6 and IPv4
+	if [[ "${remote_address_protocol}" != \
+		"$(ip_detect_protocol "${local_address}")" ]] ; then
+		log ERROR "Local and remote address\
+			are not from the same IP protocol"
+		return ${EXIT_ERROR}
+	fi
+
 	# ikey and okey must be set for VTI devices
 	if [ "${mode}" = "vti" ] && (! isset ikey || ! isset okey); then
 		error "--ikey= and --okey= must be set for VTI device"