0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-11-10 05:08:42 +00:00
Commit Graph

506 Commits

Author SHA1 Message Date
Ondrej Zajicek
354496ace8 Some fixes for TTL security. 2013-07-11 13:50:44 +02:00
Ondrej Zajicek
c01a94663c Implements multiple routing table support for FreeBSD and OpenBSD.
Inspired by the patch from Alexander V. Chernikov.
2013-07-07 12:11:42 +02:00
Ondrej Zajicek
c6964c305b Makes krt.c much more readable. 2013-07-04 18:02:22 +02:00
Ondrej Zajicek
70e212f913 Implements TTL security for OSPF and RIP.
Interfaces for OSPF and RIP could be configured to use (and request)
TTL 255 for traffic to direct neighbors.

Thanks to Simon Dickhoven for the original patch for RIPng.
2013-06-25 15:39:44 +02:00
Ondrej Zajicek
ef4a50be10 Better packet priority and traffic class handling.
Implements support for IPv6 traffic class, sets higher priority for OSPF
and RIP outgoing packets by default and allows to configure ToS/DS/TClass
IP header field and the local priority of outgoing packets.
2013-06-24 16:37:30 +02:00
Ondrej Zajicek
9810d05562 Fixes problems with routing table scans on some platforms.
Negative bit shifts are definitely undefined oprations.
2013-05-28 10:44:44 +02:00
Ondrej Zajicek
a2017200c7 NEWS and version update. 2013-04-29 22:33:50 +02:00
Ondrej Zajicek
a92cf57dd6 Implements undo command and optional timeout for configuration
Several new configure command variants:

configure undo - undo last reconfiguration
configure timeout - configure with scheduled undo if not confirmed in timeout
configure confirm - confirm last configuration
configure check - just parse and validate config file
2012-12-26 12:40:48 +01:00
Ondrej Zajicek
c93c02088a NEWS and version update. 2012-11-16 13:30:54 +01:00
Ondrej Zajicek
cf98be7b67 Allows rejected routes to be kept and examined.
When 'import keep rejected' protocol option is activated, routes
rejected by the import filter are kept in the routing table, but they
are hidden and not propagated to other protocols. It is possible to
examine them using 'show route rejected'.
2012-11-10 14:26:13 +01:00
Ondrej Zajicek
0343d066da Fixes a bug in primary IP selection. 2012-08-29 12:42:49 +02:00
Ondrej Zajicek
094d2bdb79 Implements ADD-PATH extension for BGP.
Allows to send and receive multiple routes for one network by one BGP
session. Also contains necessary core changes to support this (routing
tables accepting several routes for one network from one protocol).
It needs some more cleanup before merging to the master branch.
2012-08-14 16:46:43 +02:00
Ondrej Filip
d760229ab8 DragonFly support add - thanks to john@marino.st 2012-08-08 14:10:31 +02:00
Ondrej Zajicek
94e2f1c111 NEWS and version update. 2012-08-07 11:06:57 +02:00
Ondrej Zajicek
c06de722dd Some minor fixes. 2012-08-06 11:09:13 +02:00
Ondrej Zajicek
c4b76d7b19 Rename sk_new() to avoid name collision with OpenSSL. 2012-07-18 19:35:30 +02:00
Ondrej Zajicek
4be266a983 Implements wildcard matching in config file include.
Also fixes some minor bugs in include.

Thanks Kelly Cochran for suggestion and draft patch.
2012-07-18 19:29:33 +02:00
Ondrej Zajicek
47c447c42e Minor cleanups. 2012-05-11 12:10:21 +02:00
Ondrej Zajicek
95616c8202 Cleanup in sysdep KRT code, part 4.
Adding some files that was accidentally removed
(instead of moved) in cleanup part 2.
2012-05-04 16:38:25 +02:00
Ondrej Zajicek
e14bd38087 Fixes flushing of device routes. 2012-05-03 14:04:56 +02:00
Ondrej Zajicek
ab188fb76d Implements build options to specify socket dir and suffix. 2012-05-03 12:25:15 +02:00
Ondrej Zajicek
7a2c48dafc Cleanup in sysdep KRT code, part 3.
Just one more renaming, old krt_set_notify() to krt_replace_rte().
2012-04-30 22:34:06 +02:00
Ondrej Zajicek
f1aceff59b Cleanup in sysdep KRT code, part 2.
Remove support for historic Linux kernels,
merge krt-iface, krt-set and krt-scan stub headers.
2012-04-30 22:25:24 +02:00
Ondrej Zajicek
396dfa9042 Cleanup in sysdep KRT code, part 1.
OS-dependent functions renamed to be more consistent,
prepared to merge krt-set and krt-scan headers.

Name changes:

struct krt_if_params -> struct kif_params
struct krt_if_status -> struct kif_status
struct krt_set/scan_params -> struct krt_params
struct krt_set/scan_status -> struct krt_status

krt_if_params_same -> kif_sys_reconfigure
krt_if_copy_params -> kif_sys_copy_config
krt_set/scan_params_same -> krt_sys_reconfigure
krt_set/scan_copy_params -> krt_sys_copy_config

krt_if_scan -> kif_do_scan
krt_set_notify -> krt_do_notify
krt_scan_fire -> krt_do_scan

krt_if_ -> kif_sys_
krt_scan_ -> krt_sys_
krt_set_ -> krt_sys_
2012-04-30 15:31:32 +02:00
Ondrej Zajicek
3589546af4 Merge commit 'origin/master' 2012-04-24 23:37:01 +02:00
Ondrej Zajicek
334a0ed24d Fixes missing device attributes when exporting routes to kernel.
Thanks to Howden Nick for the bugreport.
2012-04-21 11:00:23 +02:00
Ondrej Filip
f93e6f338e Small clean up in debug texts 2012-04-19 17:14:16 +02:00
Ondrej Zajicek
ebecb6f6a1 Implements generalized import hooks.
Thanks to Alexander V. Chernikov for the original patch.
2012-04-15 15:28:29 +02:00
Ondrej Zajicek
ae8b300164 Merge commit 'origin/master' 2012-04-15 15:15:05 +02:00
Ondrej Filip
ed7c4b0cd5 Small bugfix in error message related to reconfiguration. 2012-04-09 14:19:28 +02:00
Ondrej Zajicek
bf2abe2f51 Merge branch 'soon'
Conflicts:

	nest/proto.c
	nest/rt-table.c
2012-03-30 11:04:12 +02:00
Ondrej Zajicek
c9df01d321 Fixes several minor bugs in kernel syncer. 2012-03-25 19:44:14 +02:00
Ondrej Zajicek
9ba2798c65 Adds krt_metric linux route attribute. 2012-03-23 17:22:13 +01:00
Ondrej Zajicek
72aed1a00b Adds krt_source route attribute.
Thanks Jeremie Dimino for the original patch.
2012-03-23 00:26:26 +01:00
Ondrej Zajicek
89647357af NEWS and version update. 2012-03-22 12:29:02 +01:00
Ondrej Zajicek
df27911880 Fixes problem with dirname().
Thanks Henrique de Moraes Holschuh for the original patch.
2012-03-19 13:00:00 +01:00
Ondrej Zajicek
af582c4811 Route Origin Authorization basics.
- ROA tables, which are used as a basic part for RPKI.
 - Commands for examining and modifying ROA tables.
 - Filter operators based on ROA tables consistent with RFC 6483.
2012-03-18 17:32:30 +01:00
Ondrej Zajicek
46c1a583a5 Fixes a bug causing crash during soft reconfiguration of export to kernel proto. 2012-02-03 11:50:51 +01:00
Ondrej Zajicek
39c028e9e9 Assign default protocol preference via proto_config_new().
The patch from Alexander V. Chernikov.
2012-01-24 11:31:00 +01:00
Ondrej Zajicek
09686693d3 Implements handling of BSD iface arrival/departure notifications.
Thanks to Alexander V. Chernikov for original patch.
2012-01-23 03:15:12 +01:00
Ondrej Zajicek
732a0a257d Fixes problems with creating/removing/renaming ifaces on BSD. 2012-01-23 01:26:40 +01:00
Ondrej Zajicek
b573755df4 Fixes a bug in BSD iface scan.
if_update() should be called always, because periodic iface scan code
removes all not-updated ifaces.
2012-01-21 22:41:31 +01:00
Ondrej Zajicek
544f2e1b36 NEWS and version update. 2012-01-20 18:16:35 +01:00
Ondrej Filip
2c5ca47ad4 New version 1.3.5 2012-01-10 13:48:53 +01:00
root
4b3a8ff8c6 Extend buffer for netlink messages. 2012-01-09 16:57:45 +01:00
Ondrej Zajicek
d7f469c15c Some minor fixes. 2012-01-09 02:41:13 +01:00
Ondrej Zajicek
3f58437405 Fix for IPv6 addresses on non-multiaccess ifaces on BSD.
Thanks Matthias Schiffer for the patch.
2012-01-08 16:32:28 +01:00
Ondrej Zajicek
eb1451a3a0 Better support for link-local addresses in IO code. 2012-01-08 15:27:04 +01:00
Ondrej Zajicek
a7f23f581f Implements protocol templates.
Based on the patch from Alexander V. Chernikov.
Extended to support almost all protocols.
Uses 'protocol bgp NAME from TEMPLATE { ... }' syntax.
2011-11-07 00:31:23 +01:00
Ondrej Zajicek
00a124e3fc NEWS and version update. 2011-10-10 02:33:11 +02:00
Ondrej Zajicek
9b7fdfc84a Fixes for include. 2011-10-10 01:41:08 +02:00
Ondrej Zajicek
1cb97af419 Extend the error message. 2011-10-09 17:01:01 +02:00
Ondrej Zajicek
32f95476a8 Signal problems with route installation to kernel tables. 2011-10-06 22:48:49 +02:00
Ondrej Filip
48ec367aab Configuration can include other files. 2011-09-11 21:21:47 +02:00
Ondrej Zajicek
a98995273b NEWS and version update. 2011-09-04 13:23:26 +02:00
Ondrej Zajicek
cb2b586f00 NetBSD compile fix. 2011-09-04 10:39:10 +02:00
Ondrej Zajicek
b1b1943360 The generalized TTL security mechanism (RFC 5082) support.
Thanks to Alexander V. Chernikov for the patch.
2011-08-16 23:13:05 +02:00
Ondrej Zajicek
a209d5d8e1 A minor fix in BSD. 2011-08-15 02:06:56 +02:00
Ondrej Zajicek
42a0c05408 BGP Extended communities. 2011-08-14 13:55:02 +02:00
root
aca0e79faa Handles missing macro. 2011-07-29 14:52:28 +02:00
Ondrej Zajicek
14272097df Fixes crash on BSD. 2011-07-28 13:50:02 +02:00
Ondrej Zajicek
c49490f8c0 NEWS and version update. 2011-07-08 08:58:50 +02:00
Ondrej Zajicek
beeda6af44 Removes timers for stub interfaces. Also fixes some minor bugs. 2011-07-08 01:14:52 +02:00
Ondrej Zajicek
e8b89a6104 Update and document the privilege restriction. 2011-05-15 16:29:44 +02:00
Ondrej Zajicek
1bc2695744 Allows run with restricted privileges.
Adds option -u and -g to specify user and group.
When different user (than root) is specified,
linux capabilities CAP_NET_* are kept.
2011-05-10 02:42:17 +02:00
Ondrej Zajicek
409e8a6e21 NEWS and version update. 2011-05-02 02:06:03 +02:00
Ondrej Zajicek
acc93efd4c Use constants from /etc/iproute2/rt_* files. 2011-04-28 00:31:37 +02:00
Ondrej Zajicek
71ca77169d Adds support for several Linux kernel route attributes. 2011-04-13 12:32:27 +02:00
Ondrej Zajicek
4aef102be1 Fixes KRT sync in BSD.
When buffer is too small (because of change between sysctls()),
needed is *not* changed.
2011-04-07 11:42:13 +02:00
Ondrej Zajicek
eb3786e4ea NEWS and version update.
(and minor changes in documentation)
2011-03-30 02:00:56 +02:00
Ondrej Zajicek
83696b3913 Hide 6to4 route warnings. 2011-03-29 02:44:39 +02:00
Ondrej Zajicek
52a43ae3b7 Minor changes in addresses.
Mainly changes IA_UNNUMBERED to IA_PEER and adds IA_HOST. Also do not
show broadcast addr in show interfaces. Nobody cares for that.
2011-03-28 22:46:18 +02:00
Ondrej Zajicek
d0e9b36d30 Added header file. 2011-03-23 17:15:11 +01:00
Ondrej Zajicek
93e868c730 Implements Router Advertisement protocol. 2011-03-13 11:33:50 +01:00
Ondrej Zajicek
d32a071da9 Some cleanups in krt_read_ifinfo(). 2011-01-08 11:31:12 +01:00
Ondrej Zajicek
dad7ee70c1 Fixes interface names on BSD systems. 2011-01-08 11:22:38 +01:00
Ondrej Zajicek
32b4972834 Multipath support for linux kernel protocol. 2010-12-07 23:36:11 +01:00
Ondrej Zajicek
01427d3f2b Remove some runaway debug messages and typos. 2010-11-19 18:03:27 +01:00
Ondrej Zajicek
f25cb0ef9f Implements link state detection.
Also changes some symbol names (IFF_ADMIN_DOWN -> IFF_SHUTDOWN,
IFF_LINK_UP -> IFF_ADMIN_UP).
2010-11-11 10:03:02 +01:00
Ondrej Zajicek
0d1b3c4c0e Changes print-like filter commands to use a log instead of a stderr.
And extends the log subsystem to better handle that.
2010-09-20 13:01:01 +02:00
Ondrej Zajicek
f428631cd6 Ignore warning when BGP peer is unreachable. 2010-08-03 01:12:43 +02:00
Ondrej Zajicek
f038f0a638 Fixes missing check in reconfiguration. 2010-07-12 21:39:10 +02:00
Ondrej Zajicek
9be9a26413 Implements proper multihop BGP.
Also does some incompatible changes to config file syntax,
like removing 'via IP' from multihop option.
2010-07-12 17:39:39 +02:00
Ondrej Zajicek
cfe34a316e Implements hostcache and recursive next hops.
Hostcache is a structure for monitoring changes in a routing table that
is used for routes with dynamic/recursive next hops. This is needed for
proper iBGP next hop handling.
2010-07-05 17:50:19 +02:00
Ondrej Zajicek
acb60628f5 Implements command that shows memory usage. 2010-06-02 22:20:40 +02:00
Ondrej Zajicek
9ef239946b NEWS and version update. 2010-05-31 20:41:40 +02:00
Ondrej Zajicek
9b061f7ea5 Minor fixes. 2010-05-28 11:16:39 +02:00
Ondrej Zajicek
691057f033 Support loopback/dummy addresses. 2010-05-26 16:09:22 +02:00
Ondrej Zajicek
87a9abeac9 Fixes interface scan on Linux 2.4.x in IPv6 mode. 2010-05-21 15:17:49 +02:00
Ondrej Zajicek
002b642318 Fixes bug on Linux 2.4.x - kernel sync does not work until restart of kernel protocol.
Which was, actually, a bug in timers - on older kernel, monotonic timer
is missing and the other implementation started with now == 0, which
collides with usage 0 as a special value in timer->expires field.
2010-05-21 12:00:53 +02:00
Ondrej Zajicek
475977242a Handle EPIPE as a common connection close event. 2010-05-14 16:54:39 +02:00
Ondrej Zajicek
ba32170657 Better support for /31 networks. 2010-04-28 00:39:57 +02:00
Ondrej Zajicek
1d44ddf20f Merge commit 'origin/master' into new 2010-04-21 21:52:10 +02:00
Ondrej Filip
6bc414d619 It seems that prefixes /31 and /127 are valid and used in this strange world. 2010-04-19 16:10:20 +02:00
Ondrej Zajicek
607d991424 Fixes build on newer Linux systems. 2010-04-14 15:35:08 +02:00
Ondrej Zajicek
dcc6049444 Fixes IPv6 build on older systems. 2010-04-14 14:46:21 +02:00
Ondrej Zajicek
d759c1a6f8 NEWS and version update. 2010-04-09 17:42:39 +02:00
Ondrej Zajicek
de14a7c7aa Ignore routes with next-hop 127.0.0.1 on BSD. 2010-04-09 00:56:47 +02:00
Ondrej Zajicek
a9f380fe83 On BSD, consider unmarked non-device routes as alien. 2010-04-08 18:41:17 +02:00
Ondrej Zajicek
646b24d932 Minor changes. 2010-04-08 17:45:50 +02:00