diff options
| author | Cooper Lees <me@cooperlees.com> | 2020-07-29 10:41:24 -0700 |
|---|---|---|
| committer | Cooper Lees <me@cooperlees.com> | 2020-07-29 10:43:27 -0700 |
| commit | 7a69596b6b3ec02f09d7f43b57c615e4a1c06881 (patch) | |
| tree | 41ee301b880e4eac5e00e2de718d85e1cf847b83 /lib | |
| parent | 955a4a5685026f28d417d8977784a6ca89ff0279 (diff) | |
| download | ohai-7a69596b6b3ec02f09d7f43b57c615e4a1c06881.tar.gz | |
Add Address Family Check to route_is_valid_default_route?
- We can now have IPv6 next hops for IPv4 routes in Linux
- We don't have enough information to validate the route as valid if they are differen address families
Test:
- Add an rspec test to show it returning false like we'd hoped
- Have also tested on Facebook servers internally
Signed-off-by: Cooper Lees <me@cooperlees.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/ohai/plugins/linux/network.rb | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/ohai/plugins/linux/network.rb b/lib/ohai/plugins/linux/network.rb index f5543819..72a3cdbc 100644 --- a/lib/ohai/plugins/linux/network.rb +++ b/lib/ohai/plugins/linux/network.rb @@ -516,8 +516,16 @@ Ohai.plugin(:Network) do # if the route destination is a default route, it's good return true if route[:destination] == "default" + return false if default_route[:via].nil? + + dest_ipaddr = IPAddress(route[:destination]) + default_route_via = IPAddress(default_route[:via]) + + # check if nexthop is the same address family + return false if dest_ipaddr.ipv4? != default_route_via.ipv4? + # the default route has a gateway and the route matches the gateway - !default_route[:via].nil? && IPAddress(route[:destination]).include?(IPAddress(default_route[:via])) + dest_ipaddr.include?(default_route_via) end # ipv4/ipv6 routes are different enough that having a single algorithm to select the favored route for both creates unnecessary complexity |