Warn on useless attribute 'has_subnets'

This closes #28

Author: hknutzen

go/pkg/pass1/find-subnets.go

@@ -495,24 +495,23 @@ func (c *spoc) findSubnetsInNatDomain0(domains []*natDomain, networks netList) {
 				// as value of subnet_of.
 				if natSubnet.subnetOf == bignet {
 					subnet.subnetOfUsed = true
-				} else if !(bignet.hasSubnets &&
+				} else if bignet.hasSubnets &&
 					(bignet.ipp.Bits() == 0 ||
 						zoneEq(bignet.zone, subnet.zone) ||
-						isLoopbackAtZoneBorder(subnet, bignet))) {
-
-					if printType := c.conf.CheckSubnets; printType != "" {
-						// Prevent multiple error messages in
-						// different NAT domains.
-						if natSubnet.subnetOf == nil {
-							natSubnet.subnetOf = bignet
-							natSubnet.subnetOfUsed = true
-						}
-						c.warnOrErr(printType,
-							"%s is subnet of %s\n"+
-								" in %s.\n"+
-								" If desired, declare attribute 'subnet_of'",
-							natName(natSubnet), natName(natBignet), domain.name)
+						isLoopbackAtZoneBorder(subnet, bignet)) {
+					bignet.hasSubnetsUsed = true
+				} else if printType := c.conf.CheckSubnets; printType != "" {
+					// Prevent multiple error messages in
+					// different NAT domains.
+					if natSubnet.subnetOf == nil {
+						natSubnet.subnetOf = bignet
+						natSubnet.subnetOfUsed = true
 					}
+					c.warnOrErr(printType,
+						"%s is subnet of %s\n"+
+							" in %s.\n"+
+							" If desired, declare attribute 'subnet_of'",
+						natName(natSubnet), natName(natBignet), domain.name)
 				}
 			}
 
@@ -624,10 +623,13 @@ func isLoopbackAtZoneBorder(sub, big *network) bool {
 	return false
 }
 
-func (c *spoc) findUselessSubnetOf() {
+func (c *spoc) findUselessSubnetAttr() {
 	for _, n := range c.allNetworks {
 		if bignet := n.subnetOf; bignet != nil && !n.subnetOfUsed {
-			c.warn("Useless 'subnet_of = %s' at %s", bignet, n)
+			c.warn("Useless 'subnet_of = %s' at %s", bignet, n.vxName())
+		}
+		if n.hasSubnets && !n.hasSubnetsUsed {
+			c.warn("Useless 'has_subnets' at %s", n.vxName())
 		}
 	}
 }
@@ -753,5 +755,5 @@ func (c *spoc) findSubnetsInNatDomain(domains []*natDomain) {
 			setMaxSecondaryNet(networks)
 		}
 	})
-	c.findUselessSubnetOf()
+	c.findUselessSubnetAttr()
 }

go/pkg/pass1/types.go

@@ -151,6 +151,7 @@ type network struct {
 	hasIdHosts           bool
 	hasOtherSubnet       bool
 	hasSubnets           bool
+	hasSubnetsUsed       bool
 	hidden               bool
 	hosts                []*host
 	identity             bool

go/testdata/crypto.t

@@ -3266,6 +3266,8 @@ crypto map crypto-outside interface outside
 =SUBST=,0.0.0.0/0,1.0.0.0/8,
 # Use individual routes to VPN peers, even if all have same next hop
 # and even if no route to 0.0.0.0/0 is added.
+=WARNING=
+Warning: Useless 'has_subnets' at network:internet
 =OUTPUT=
 --asavpn
 ! [ Routing ]

go/testdata/ipv6/crypto_ipv6.t

@@ -3266,6 +3266,8 @@ crypto map crypto-outside interface outside
 =SUBST=,::/0,::100:0/8,
 # Use individual routes to VPN peers, even if all have same next hop
 # and even if no route to ::/0 is added.
+=WARNING=
+Warning: Useless 'has_subnets' at network:internet
 =OUTPUT=
 --ipv6/asavpn
 ! [ Routing ]

go/testdata/ipv6/loopback_ipv6.t

@@ -187,6 +187,7 @@ router:r2 = {
 Warning: interface:r2.lo is subnet of network:n1
  in nat_domain:[network:n1].
  If desired, declare attribute 'subnet_of'
+Warning: Useless 'has_subnets' at network:n1
 =END=
 
 ############################################################

go/testdata/loopback.t

@@ -187,6 +187,7 @@ router:r2 = {
 Warning: interface:r2.lo is subnet of network:n1
  in nat_domain:[network:n1].
  If desired, declare attribute 'subnet_of'
+Warning: Useless 'has_subnets' at network:n1
 =END=
 
 ############################################################