From: Jonatan Schlag <jonatan.schlag@ipfire.org>
Date: Sun, 4 Mar 2018 18:24:58 +0000 (+0000)
Subject: ip-tunnel: Improve checks
X-Git-Tag: 010~146
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5bbd1fab191de5ec8fe7c03ebc7e57c487e948f7;p=network.git

ip-tunnel: Improve checks

We cannot mix ipv6 and ipv4 and we also need to detect the IP protocol
version to decide which mode we have to use.
This is done in a seperated commit.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/functions/functions.ip-tunnel b/src/functions/functions.ip-tunnel
index 550b0b30..0a0c210c 100644
--- a/src/functions/functions.ip-tunnel
+++ b/src/functions/functions.ip-tunnel
@@ -98,6 +98,24 @@ ip_tunnel_add() {
 		return ${EXIT_ERROR}
 	fi
 
+	# Detect the IP protocol, which is important to decide which mode we have to use
+	local remote_address_protocol="$(ip_detect_protocol "${remote_address}")"
+
+	# If we could not detect the IP protocol something with
+	# ${remote_address} is wrong
+	if ! isset remote_address_protocol; then
+		log ERROR "Could not determine remote address IP protocol"
+		return ${EXIT_ERROR}
+	fi
+
+	# We cannot mix IPv6 and IPv4
+	if [[ "${remote_address_protocol}" != \
+		"$(ip_detect_protocol "${local_address}")" ]] ; then
+		log ERROR "Local and remote address\
+			are not from the same IP protocol"
+		return ${EXIT_ERROR}
+	fi
+
 	# ikey and okey must be set for VTI devices
 	if [ "${mode}" = "vti" ] && (! isset ikey || ! isset okey); then
 		error "--ikey= and --okey= must be set for VTI device"