diff --git a/netjsonconfig/backends/openwrt/schema.py b/netjsonconfig/backends/openwrt/schema.py index cfe4f38f9..0f608b3a2 100644 --- a/netjsonconfig/backends/openwrt/schema.py +++ b/netjsonconfig/backends/openwrt/schema.py @@ -8,6 +8,22 @@ default_radio_driver = "mac80211" +# pattern to match ipv4 and ipv6 in CIDR notation +src_pattern = ( + "^(s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|" + "((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|" + "(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)" + "(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|" + "((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|" + "(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:" + "((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}" + "(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)" + "(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|" + "((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|" + "(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)" + "(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9])))|" + "(((^|\\.)((25[0-5])|(2[0-4]\\d)|(1\\d\\d)|([1-9]?\\d))){4}\\/(?:\\d|[12]\\d|3[01]))$" +) schema = merge_config( default_schema, @@ -229,12 +245,14 @@ "title": "source subnet", "description": "(CIDR notation)", "propertyOrder": 3, + "pattern": src_pattern, }, "dest": { "type": "string", "title": "destination subnet", "description": "(CIDR notation)", "propertyOrder": 4, + "pattern": src_pattern, }, "tos": { "type": "integer", diff --git a/tests/openwrt/test_network.py b/tests/openwrt/test_network.py index 74c6fb4d8..99560f1ee 100644 --- a/tests/openwrt/test_network.py +++ b/tests/openwrt/test_network.py @@ -1,6 +1,7 @@ import unittest from netjsonconfig import OpenWrt +from netjsonconfig.exceptions import ValidationError from netjsonconfig.utils import _TabsMixin @@ -210,6 +211,46 @@ def test_rules_no_src_dest(self): ) self.assertEqual(o.render(), expected) + def test_render_rule_wrong(self): + rule = { + "ip_rules": [ + { + "in": "eth0", + "out": "eth1", + "src": "wrong", + "dest": "wrong1", + "tos": 2, + "action": "blackhole", + } + ] + } + o = OpenWrt(rule) + with self.assertRaisesRegexp(ValidationError, "'wrong' does not match"): + o.validate() + rule['ip_rules'][0]['src'] = '192.168.1.1/24' + o = OpenWrt(rule) + with self.assertRaisesRegexp(ValidationError, "'wrong1' does not match"): + o.validate() + # fix 'dest' and expect no ValidationError raised + rule['ip_rules'][0]['dest'] = '192.168.1.1/24' + o = OpenWrt(rule) + o.validate() + + def test_parse_rules_zone(self): + with self.assertRaisesRegexp(ValidationError, "'wrong' does not match"): + OpenWrt( + native="""package network + +config rule 'rule1' + option action 'blackhole' + option dest 'wrong' + option in 'eth0' + option out 'eth1' + option src 'wrong' + option tos '2' +""" + ) + _switch_netjson = { "switch": [ {