Fixes #15220: Move IP mask validation logic from form to model

2025-07-15 11:42:52 -06:00 · 2024-02-29 16:03:54 -05:00 · 2024-02-29 16:03:54 -05:00 · bdcf4c4154
commit bdcf4c4154
parent c45acf0a7c
2 changed files with 19 additions and 14 deletions
--- a/netbox/ipam/forms/model_forms.py
+++ b/netbox/ipam/forms/model_forms.py
@ -367,20 +367,6 @@ class IPAddressForm(TenancyForm, NetBoxModelForm):
                'primary_for_parent', _("Only IP addresses assigned to an interface can be designated as primary IPs.")
            )

-        # Do not allow assigning a network ID or broadcast address to an interface.
-        if interface and (address := self.cleaned_data.get('address')):
-            if address.ip == address.network:
-                msg = _("{ip} is a network ID, which may not be assigned to an interface.").format(ip=address.ip)
-                if address.version == 4 and address.prefixlen not in (31, 32):
-                    raise ValidationError(msg)
-                if address.version == 6 and address.prefixlen not in (127, 128):
-                    raise ValidationError(msg)
-            if address.version == 4 and address.ip == address.broadcast and address.prefixlen not in (31, 32):
-                msg = _("{ip} is a broadcast address, which may not be assigned to an interface.").format(
-                    ip=address.ip
-                )
-                raise ValidationError(msg)
-
    def save(self, *args, **kwargs):
        ipaddress = super().save(*args, **kwargs)

--- a/netbox/ipam/models/ip.py
+++ b/netbox/ipam/models/ip.py
@ -844,6 +844,25 @@ class IPAddress(PrimaryModel):
                    'address': _("Cannot create IP address with /0 mask.")
                })

+            # Do not allow assigning a network ID or broadcast address to an interface.
+            if self.assigned_object:
+                if self.address.ip == self.address.network:
+                    msg = _("{ip} is a network ID, which may not be assigned to an interface.").format(
+                        ip=self.address.ip
+                    )
+                    if self.address.version == 4 and self.address.prefixlen not in (31, 32):
+                        raise ValidationError(msg)
+                    if self.address.version == 6 and self.address.prefixlen not in (127, 128):
+                        raise ValidationError(msg)
+                if (
+                        self.address.version == 4 and self.address.ip == self.address.broadcast and
+                        self.address.prefixlen not in (31, 32)
+                ):
+                    msg = _("{ip} is a broadcast address, which may not be assigned to an interface.").format(
+                        ip=self.address.ip
+                    )
+                    raise ValidationError(msg)
+
            # Enforce unique IP space (if applicable)
            if (self.vrf is None and get_config().ENFORCE_GLOBAL_UNIQUE) or (self.vrf and self.vrf.enforce_unique):
                duplicate_ips = self.get_duplicates()