Merge pull request #1096 from BastilleBSD/tschettervictor-patch-2

create: Exit if -V and interface already used as member
2025-12-19 08:40:44 +01:00 · 2025-05-22 11:00:37 -06:00
parent 64c74ba80a dbad1a7203
commit 2574fea879
3 changed files with 18 additions and 8 deletions
--- a/docs/chapters/networking.rst
+++ b/docs/chapters/networking.rst
@@ -38,6 +38,10 @@ different types of jail network configurations.
  bastille will simply set ``ip4`` to ``ip_hostname`` inside the jail config.
  The jail will then function according the jail(8) documentation.

+You cannot use ``-V|--vnet`` with any interface that is already a member of another
+bridge. For example, if you create a bridge, and assign ``vtnet0`` as a member, you
+will not be able to use ``vtnet0`` with ``-V|--vnet``.
+
 IP Address Options
 ------------------

--- a/usr/local/share/bastille/create.sh
+++ b/usr/local/share/bastille/create.sh
@@ -179,10 +179,16 @@ validate_netif() {

    local LIST_INTERFACES="$(ifconfig -l)"

-    if echo "${LIST_INTERFACES} VNET" | grep -qwo "${INTERFACE}"; then
-        info "\nValid: (${INTERFACE})."
-    else
+    if ! echo "${LIST_INTERFACES} VNET" | grep -qwo "${INTERFACE}"; then
        error_exit "[ERROR]: Invalid: (${INTERFACE})."
+    elif [ -n "${VNET_JAIL}" ] && [ -z "${VNET_JAIL_BRIDGE}" ]; then
+        for _bridge in $(ifconfig -g bridge | grep -vw "${INTERFACE}bridge"); do
+            if ifconfig ${_bridge} | grep "member" | grep -owq "${INTERFACE}"; then
+                error_exit "[ERROR]: Interface (${INTERFACE}) is already a member of bridge: ${_bridge}"
+            fi
+        done
+    else
+        info "\nValid: (${INTERFACE})."
    fi
 }

--- a/usr/local/share/bastille/setup.sh
+++ b/usr/local/share/bastille/setup.sh
@@ -182,7 +182,6 @@ configure_shared_interface() {
 configure_bridge() {

    _auto_if="${1}"
-    _bridge_name="bastillebridge"
    _interface_list="$(ifconfig -l)"
    _interface_count=0

@@ -214,12 +213,13 @@ configure_bridge() {
            _interface_select="${_auto_if}"
        fi
        # Create bridge and persist on reboot
+        _bridge_name="${_interface_select}bridge"
        ifconfig bridge0 create
-        ifconfig bridge0 name bastillebridge
-        ifconfig bastillebridge addm ${_interface_select} up
+        ifconfig bridge0 name ${_bridge_name}
+        ifconfig ${_bridge_name} addm ${_interface_select} up
        sysrc cloned_interfaces+="bridge0"
-        sysrc ifconfig_bridge0_name="bastillebridge"
-        sysrc ifconfig_bastillebridge="addm ${_interface_select} up"
+        sysrc ifconfig_bridge0_name="${_bridge_name}"
+        sysrc ifconfig_${_bridge_name}="addm ${_interface_select} up"

        info "\nBridge interface successfully configured: [${_bridge_name}]"
    else