From 67765a232dc6d86b3acbd3f6e4ba87cea42cca48 Mon Sep 17 00:00:00 2001
From: Stephen Worley <sworley@nvidia.com>
Date: Thu, 17 Dec 2020 16:14:38 -0500
Subject: [PATCH] pbrd: disallow ipv4/ipv6 mismatching in match src/dst

Disallow mismatching of ipv4/ipv6 matching in src/dst.
Doesn't make a lot of sense to allow this based on how
IP Headers work. The kernel does not allow it at all
obviously.

Signed-off-by: Stephen Worley <sworley@nvidia.com>
---
 pbrd/pbr_vty.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pbrd/pbr_vty.c b/pbrd/pbr_vty.c
index 26163dcc56..216834fe0c 100644
--- a/pbrd/pbr_vty.c
+++ b/pbrd/pbr_vty.c
@@ -137,6 +137,11 @@ DEFPY(pbr_map_match_src, pbr_map_match_src_cmd,
 {
 	struct pbr_map_sequence *pbrms = VTY_GET_CONTEXT(pbr_map_sequence);
 
+	if (pbrms->dst && pbrms->family && prefix->family != pbrms->family) {
+		vty_out(vty, "Cannot mismatch families within match src/dst\n");
+		return CMD_WARNING_CONFIG_FAILED;
+	}
+
 	pbrms->family = prefix->family;
 
 	if (!no) {
@@ -165,6 +170,11 @@ DEFPY(pbr_map_match_dst, pbr_map_match_dst_cmd,
 {
 	struct pbr_map_sequence *pbrms = VTY_GET_CONTEXT(pbr_map_sequence);
 
+	if (pbrms->src && pbrms->family && prefix->family != pbrms->family) {
+		vty_out(vty, "Cannot mismatch families within match src/dst\n");
+		return CMD_WARNING_CONFIG_FAILED;
+	}
+
 	pbrms->family = prefix->family;
 
 	if (!no) {
-- 
2.39.5