mirror of
https://gitlab.nic.cz/labs/bird.git
synced 2025-01-03 07:31:54 +00:00
Implicit ROA check converted to explicit filter instruction sequence
This commit is contained in:
parent
5299fb9db0
commit
cd9550b244
@ -185,6 +185,21 @@ f_generate_empty(struct f_dynamic_attr dyn)
|
||||
return f_new_inst(FI_EA_SET, f_new_inst(FI_CONSTANT, empty), dyn);
|
||||
}
|
||||
|
||||
#define BA_AS_PATH 0x02
|
||||
|
||||
static inline struct f_inst *
|
||||
f_implicit_roa_check(struct rtable_config *tab)
|
||||
{
|
||||
struct f_dynamic_attr fda = f_new_dynamic_attr(EAF_TYPE_AS_PATH, T_PATH, EA_CODE(PROTOCOL_BGP, BA_AS_PATH));
|
||||
|
||||
struct f_static_attr fsa = f_new_static_attr(T_NET, SA_NET, 1);
|
||||
|
||||
return f_new_inst(FI_ROA_CHECK,
|
||||
f_new_inst(FI_RTA_GET, fsa),
|
||||
f_new_inst(FI_AS_PATH_LAST, f_new_inst(FI_EA_GET, fda)),
|
||||
tab);
|
||||
}
|
||||
|
||||
/*
|
||||
* Remove all new lines and doubled whitespaces
|
||||
* and convert all tabulators to spaces
|
||||
@ -822,8 +837,8 @@ term:
|
||||
| DELETE '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_DEL, $3, $5); }
|
||||
| FILTER '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_FILTER, $3, $5); }
|
||||
|
||||
| ROA_CHECK '(' rtable ')' { $$ = f_new_inst(FI_ROA_CHECK_IMPLICIT, $3); }
|
||||
| ROA_CHECK '(' rtable ',' term ',' term ')' { $$ = f_new_inst(FI_ROA_CHECK_EXPLICIT, $5, $7, $3); }
|
||||
| ROA_CHECK '(' rtable ')' { $$ = f_implicit_roa_check($3); }
|
||||
| ROA_CHECK '(' rtable ',' term ',' term ')' { $$ = f_new_inst(FI_ROA_CHECK, $5, $7, $3); }
|
||||
|
||||
| FORMAT '(' term ')' { $$ = f_new_inst(FI_FORMAT, $3); }
|
||||
|
||||
|
@ -1295,37 +1295,7 @@
|
||||
runtime("Can't filter non-[e|l]clist");
|
||||
}
|
||||
|
||||
INST(FI_ROA_CHECK_IMPLICIT, 0, 1) { /* ROA Check */
|
||||
NEVER_CONSTANT;
|
||||
RTC(1);
|
||||
struct rtable *table = rtc->table;
|
||||
ACCESS_RTE;
|
||||
ACCESS_EATTRS;
|
||||
const net_addr *net = (*fs->rte)->net->n.addr;
|
||||
|
||||
/* We ignore temporary attributes, probably not a problem here */
|
||||
/* 0x02 is a value of BA_AS_PATH, we don't want to include BGP headers */
|
||||
eattr *e = ea_find(*fs->eattrs, EA_CODE(PROTOCOL_BGP, 0x02));
|
||||
|
||||
if (!e || ((e->type & EAF_TYPE_MASK) != EAF_TYPE_AS_PATH))
|
||||
runtime("Missing AS_PATH attribute");
|
||||
|
||||
u32 as = 0;
|
||||
as_path_get_last(e->u.ptr, &as);
|
||||
|
||||
if (!table)
|
||||
runtime("Missing ROA table");
|
||||
|
||||
if (table->addr_type != NET_ROA4 && table->addr_type != NET_ROA6)
|
||||
runtime("Table type must be either ROA4 or ROA6");
|
||||
|
||||
if (table->addr_type != (net->type == NET_IP4 ? NET_ROA4 : NET_ROA6))
|
||||
RESULT(T_ENUM_ROA, i, ROA_UNKNOWN); /* Prefix and table type mismatch */
|
||||
else
|
||||
RESULT(T_ENUM_ROA, i, [[ net_roa_check(table, net, as) ]]);
|
||||
}
|
||||
|
||||
INST(FI_ROA_CHECK_EXPLICIT, 2, 1) { /* ROA Check */
|
||||
INST(FI_ROA_CHECK, 2, 1) { /* ROA Check */
|
||||
NEVER_CONSTANT;
|
||||
ARG(1, T_NET);
|
||||
ARG(2, T_INT);
|
||||
|
10
nest/proto.c
10
nest/proto.c
@ -409,14 +409,8 @@ channel_roa_subscribe_filter(struct channel *c, int dir)
|
||||
{
|
||||
switch (fi->fi_code)
|
||||
{
|
||||
case FI_ROA_CHECK_IMPLICIT:
|
||||
tab = fi->i_FI_ROA_CHECK_IMPLICIT.rtc->table;
|
||||
if (valid) channel_roa_subscribe(c, tab, dir);
|
||||
found = 1;
|
||||
break;
|
||||
|
||||
case FI_ROA_CHECK_EXPLICIT:
|
||||
tab = fi->i_FI_ROA_CHECK_EXPLICIT.rtc->table;
|
||||
case FI_ROA_CHECK:
|
||||
tab = fi->i_FI_ROA_CHECK.rtc->table;
|
||||
if (valid) channel_roa_subscribe(c, tab, dir);
|
||||
found = 1;
|
||||
break;
|
||||
|
Loading…
Reference in New Issue
Block a user