From 4e2c7c2e2ed88fa468ada1a1acc11e5f1a729f48 Mon Sep 17 00:00:00 2001 From: Daniel Sheppard Date: Mon, 18 Nov 2024 17:15:56 -0600 Subject: [PATCH 1/4] Fixes: #18037 - Bound VLANGroup VLAN ID max by `VLAN_VID_MAX` --- netbox/ipam/models/vlans.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/netbox/ipam/models/vlans.py b/netbox/ipam/models/vlans.py index 998bc9e2c1e..537422910a0 100644 --- a/netbox/ipam/models/vlans.py +++ b/netbox/ipam/models/vlans.py @@ -99,7 +99,11 @@ def clean(self): # Validate VID ranges if self.vid_ranges and check_ranges_overlap(self.vid_ranges): raise ValidationError({'vid_ranges': _("Ranges cannot overlap.")}) + + # Validate max VID for vid_range in self.vid_ranges: + if vid_range.lower > VLAN_VID_MAX or vid_range.upper > VLAN_VID_MAX: + raise ValidationError({'vid_ranges': _("VLAN ID cannot exceed 4094")}) if vid_range.lower > vid_range.upper: raise ValidationError({ 'vid_ranges': _( From d1db3807aaae611671663026c2f50e1462caaf8f Mon Sep 17 00:00:00 2001 From: Daniel Sheppard Date: Mon, 18 Nov 2024 17:21:20 -0600 Subject: [PATCH 2/4] Correct exception string --- netbox/ipam/models/vlans.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netbox/ipam/models/vlans.py b/netbox/ipam/models/vlans.py index 537422910a0..cf91b41cc09 100644 --- a/netbox/ipam/models/vlans.py +++ b/netbox/ipam/models/vlans.py @@ -103,7 +103,7 @@ def clean(self): # Validate max VID for vid_range in self.vid_ranges: if vid_range.lower > VLAN_VID_MAX or vid_range.upper > VLAN_VID_MAX: - raise ValidationError({'vid_ranges': _("VLAN ID cannot exceed 4094")}) + raise ValidationError({'vid_ranges': _("Child vid cannot exceed {value}").format(value=VLAN_VID_MAX)}) if vid_range.lower > vid_range.upper: raise ValidationError({ 'vid_ranges': _( From c5d87152a5b7483ee7e5f2e950dcc5badb8d9e40 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Wed, 20 Nov 2024 14:27:33 -0500 Subject: [PATCH 3/4] Validate min & max VID values --- netbox/ipam/models/vlans.py | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/netbox/ipam/models/vlans.py b/netbox/ipam/models/vlans.py index cf91b41cc09..1a73aed6339 100644 --- a/netbox/ipam/models/vlans.py +++ b/netbox/ipam/models/vlans.py @@ -97,20 +97,26 @@ def clean(self): raise ValidationError(_("Cannot set scope_id without scope_type.")) # Validate VID ranges - if self.vid_ranges and check_ranges_overlap(self.vid_ranges): - raise ValidationError({'vid_ranges': _("Ranges cannot overlap.")}) - - # Validate max VID for vid_range in self.vid_ranges: - if vid_range.lower > VLAN_VID_MAX or vid_range.upper > VLAN_VID_MAX: - raise ValidationError({'vid_ranges': _("Child vid cannot exceed {value}").format(value=VLAN_VID_MAX)}) + if vid_range.lower < VLAN_VID_MIN: + raise ValidationError({ + 'vid_ranges': _("Starting VLAN ID in range cannot be less than {value}").format(value=VLAN_VID_MIN) + }) + if vid_range.upper > VLAN_VID_MAX: + raise ValidationError({ + 'vid_ranges': _("Ending VLAN ID in range cannot exceed {value}").format(value=VLAN_VID_MAX) + }) if vid_range.lower > vid_range.upper: raise ValidationError({ 'vid_ranges': _( - "Maximum child VID must be greater than or equal to minimum child VID ({value})" + "Ending VLAN ID in range must be greater than or equal to the starting VLAN ID ({value})" ).format(value=vid_range) }) + # Check for overlapping VID ranges + if self.vid_ranges and check_ranges_overlap(self.vid_ranges): + raise ValidationError({'vid_ranges': _("Ranges cannot overlap.")}) + def save(self, *args, **kwargs): self._total_vlan_ids = 0 for vid_range in self.vid_ranges: From 9d2978d9efaeaa74cba54f349db71e9fc4d0bcc4 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Wed, 20 Nov 2024 15:48:21 -0500 Subject: [PATCH 4/4] Fix min/max VID validation --- netbox/ipam/models/vlans.py | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/netbox/ipam/models/vlans.py b/netbox/ipam/models/vlans.py index 1a73aed6339..ea26bd3b5d4 100644 --- a/netbox/ipam/models/vlans.py +++ b/netbox/ipam/models/vlans.py @@ -98,19 +98,25 @@ def clean(self): # Validate VID ranges for vid_range in self.vid_ranges: - if vid_range.lower < VLAN_VID_MIN: + lower_vid = vid_range.lower if vid_range.lower_inc else vid_range.lower + 1 + upper_vid = vid_range.upper if vid_range.upper_inc else vid_range.upper - 1 + if lower_vid < VLAN_VID_MIN: raise ValidationError({ - 'vid_ranges': _("Starting VLAN ID in range cannot be less than {value}").format(value=VLAN_VID_MIN) + 'vid_ranges': _("Starting VLAN ID in range ({value}) cannot be less than {minimum}").format( + value=lower_vid, minimum=VLAN_VID_MIN + ) }) - if vid_range.upper > VLAN_VID_MAX: + if upper_vid > VLAN_VID_MAX: raise ValidationError({ - 'vid_ranges': _("Ending VLAN ID in range cannot exceed {value}").format(value=VLAN_VID_MAX) + 'vid_ranges': _("Ending VLAN ID in range ({value}) cannot exceed {maximum}").format( + value=upper_vid, maximum=VLAN_VID_MAX + ) }) - if vid_range.lower > vid_range.upper: + if lower_vid > upper_vid: raise ValidationError({ 'vid_ranges': _( - "Ending VLAN ID in range must be greater than or equal to the starting VLAN ID ({value})" - ).format(value=vid_range) + "Ending VLAN ID in range must be greater than or equal to the starting VLAN ID ({range})" + ).format(range=f'{lower_vid}-{upper_vid}') }) # Check for overlapping VID ranges