gluon/package/gluon-mesh-vpn-fastd/check_site.lua
lemoer 50812b162c
treewide: forbid use of selected site variables in domain specific or site configs
[Matthias schiffer: rebase, add a few more restrictions]
2018-01-19 04:05:27 +01:00

31 lines
990 B
Lua

local fastd_methods = {'salsa2012+gmac', 'salsa2012+umac', 'null+salsa2012+gmac', 'null+salsa2012+umac', 'null'}
need_array_of('mesh_vpn.fastd.methods', fastd_methods)
need_boolean(in_site('mesh_vpn.fastd.configurable'), false)
need_one_of(in_site('mesh_vpn.fastd.syslog_level'), {'error', 'warn', 'info', 'verbose', 'debug', 'debug2'}, false)
local function check_peer(prefix)
return function(k, _)
assert_uci_name(k)
local table = string.format('%s[%q].', prefix, k)
need_string_match(in_domain(table .. 'key'), '^%x+$')
need_string_array(in_domain(table .. 'remotes'))
end
end
local function check_group(prefix)
return function(k, _)
assert_uci_name(k)
local table = string.format('%s[%q].', prefix, k)
need_number(table .. 'limit', false)
need_table(table .. 'peers', check_peer(table .. 'peers'), false)
need_table(table .. 'groups', check_group(table .. 'groups'), false)
end
end
need_table('mesh_vpn.fastd.groups', check_group('mesh_vpn.fastd.groups'))