Pavel Tvrdik
cd6ca9b1f6
filter/test.conf: add ROA check and operator tests
2016-12-07 09:35:24 +01:00
Pavel Tvrdik
e58f8c28d2
Add `.maxlen' operator to all ROA prefixes in filters
...
Example:
bird> eval (1.2.0.0/16 max 20 as 1234).maxlen
20
Todo: Should be described in user docs
2016-12-07 09:35:24 +01:00
Pavel Tvrdik
69ae578450
Add `.asn' operator to all ROA prefixes in filters
...
Example:
bird> eval (1.2.0.0/16 max 20 as 1234).asn
1234
Todo: Should be described in user docs
2016-12-07 09:35:24 +01:00
Pavel Tvrdík
65d2a88dd2
RPKI protocol with one cache server per protocol
...
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/ ) that is integrated inside
the BIRD's code.
Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2
Example configuration of bird.conf:
...
roa4 table r4;
roa6 table r6;
protocol rpki {
debug all;
# Import both IPv4 and IPv6 ROAs
roa4 { table r4; };
roa6 { table r6; };
# Set cache server (validator) address,
# overwrite default port 323
remote "rpki-validator.realmv6.org" port 8282;
# Overwrite default time intervals
retry 10; # Default 600 seconds
refresh 60; # Default 3600 seconds
expire 600; # Default 7200 seconds
}
protocol rpki {
debug all;
# Import only IPv4 routes
roa4 { table r4; };
# Set cache server address to localhost,
# use default ports tcp => 323 or ssh => 22
remote 127.0.0.1;
# Use SSH transport instead of unprotected transport over TCP
ssh encryption {
bird private key "/home/birdgeek/.ssh/id_rsa";
remote public key "/home/birdgeek/.ssh/known_hosts";
user "birdgeek";
};
}
...
2016-12-07 09:35:24 +01:00
Ondrej Zajicek (work)
286e2011d2
Miscellaneous minor fixes
2016-05-12 16:04:47 +02:00
Jan Moskyto Matejka
0c6dfe5236
Merge branch 'int-new' into int-new-merged
2016-05-10 14:30:49 +02:00
Jan Moskyto Matejka
7152e5efbb
Build system reworked to one global Makefile with includes and no nesting
...
Also removed the lib-dir merging with sysdep. Updated #include's
accordingly.
Fixed make doc on recent Debian together with moving generated doc into
objdir.
Moved Makefile.in into root dir
Retired all.o and birdlib.a
Linking the final binaries directly from all the .o files.
2016-05-10 14:07:34 +02:00
Jan Moskyto Matejka
7a7ac65682
Merge branch 'master' into int-new-channels
2016-04-08 12:28:33 +02:00
Ondrej Zajicek (work)
9c9cc35c02
Filter: Implement last_nonaggregated operator on bgp_path
2016-02-16 17:33:58 +01:00
Pavel Tvrdík
0264ccf6f4
Rewrite roa_check() for integrated BIRD
...
Thanks to Ondrej Zajicek for his support with writing this code.
2016-01-20 16:46:58 +01:00
Pavel Tvrdík
cb1bd816db
Add ROA_* constants values to grammar of configuration
...
Add ROA_UNKNOWN, ROA_VALID and ROA_INVALID
2016-01-20 16:46:58 +01:00
Pavel Tvrdík
de9b87f558
Add NET ROA4/6 structures
2016-01-07 18:21:31 +01:00
Ondrej Zajicek (work)
04632fd77f
Follow-up work on integration
2015-12-24 15:56:04 +01:00
Ondrej Zajicek (work)
0bf95f99e6
Follow-up work on integration
...
Contains some patches from Jan Moskyto Matejka
2015-12-21 17:17:21 +01:00
Ondrej Zajicek (work)
23c212e7f1
Follow-up work on integration
2015-12-21 03:33:18 +01:00
Ondrej Zajicek (work)
e92a4b855f
Filter: Fix some changes in IP<->Quad implicit conversion
2015-12-20 21:43:00 +01:00
Jan Moskyto Matejka
9656dce72e
ROA code switchoff
2015-12-20 13:04:07 +01:00
Jan Moskyto Matejka
5e173e9f63
Stop perusing f_prefix for non-prefix-set uses
...
Multiple changes by Ondrej Santiago Zajicek
2015-12-19 23:49:47 +01:00
Jan Moskyto Matejka
d7661fbe9d
Removed BITS_PER_IP_ADDRESS, MAX_PREFIX_LENGTH, BIRD_AF
...
Explicit setting of AF_INET(6|) in IP socket creation. BFD set to listen
on v6, without setting the V6ONLY flag to catch both v4 and v6 traffic.
Squashing and minor changes by Ondrej Santiago Zajicek
2015-12-19 15:57:09 +01:00
Ondrej Zajicek (work)
fe9f1a6ded
Initial commit on integrated BIRD
...
New data types net_addr and variants (in lib/net.h) describing
network addresses (prefix/pxlen). Modifications of FIB structures
to handle these data types and changing everything to use these
data types instead of prefix/pxlen pairs where possible.
The commit is WiP, some protocols are not yet updated (BGP, Kernel),
and the code contains some temporary scaffolding.
Comments are welcome.
2015-11-05 12:48:52 +01:00
Ondrej Zajicek
1321e12ac4
Static: Allows to specify attributes for static routes
...
The patch adds suport for specifying route attributes together with
static routes, e.g.:
route 10.1.1.0/24 via 10.0.0.1 { krt_advmss = 1200; ospf_metric1 = 100; };
2015-07-20 17:11:10 +02:00
Ondrej Zajicek
8d9eef1771
BGP multipath support
...
Kernel option 'merge paths' allows to merge routes exported to kernel
protocol (currently BGP and static routes) to multipath routes.
2015-06-08 02:24:08 +02:00
Ondrej Zajicek
315f23a047
Add bitfield route attribute type
2015-05-10 19:44:10 +02:00
Pavel Tvrdik
7d37bf79de
Remove a comparison of unsigned expression < 0
2015-02-21 19:38:44 +01:00
Ondrej Zajicek
51762a45b3
Allows user data attached to f_trie_node structure.
...
Thanks to Alexander Chernikov for the patch.
2015-02-21 14:05:20 +01:00
Ondrej Zajicek
1123e70740
Implements token bucket filter for rate limiting.
2014-10-02 12:52:50 +02:00
Ondrej Zajicek
b2f008378a
Allows more constants in set literals.
...
Thanks to Michael Fincham for the bugreport.
2014-10-02 12:52:50 +02:00
Ondrej Zajicek
6285793f18
Replaces function name in test.conf as it collided with new keyword.
2014-07-07 22:23:37 +02:00
Ondrej Zajicek
283c7dfada
Merge branch 'master' into add-path
2013-11-25 18:42:47 +01:00
Ondrej Zajicek
52e030e146
Converts filters to unsigned integers.
2013-11-24 00:17:02 +01:00
Ondrej Zajicek
736e143fa5
Merge branch 'master' into add-path
...
Conflicts:
filter/filter.c
nest/proto.c
nest/rt-table.c
proto/bgp/bgp.h
proto/bgp/config.Y
2013-11-23 11:50:34 +01:00
Ondrej Zajicek
56027b5cbd
Minor fix in log_commit() w.r.t. changes in BFD branch.
2013-11-22 21:58:43 +01:00
Ondrej Zajicek
0aeac9cb7f
Merge commit 'origin/bfd'
2013-11-22 02:48:44 +01:00
Ondrej Zajicek
f8f2419d4c
Additional filter test case.
2013-11-20 13:30:11 +01:00
Ondrej Zajicek
a15dab76f9
Implements 'allow local as' option.
...
Similar to allowas-in option on other routers.
2013-10-21 14:59:35 +02:00
Ondrej Zajicek
0e175f9f0f
Fixes some BFD bugs and makes logging thread-safe.
2013-10-05 20:12:28 +02:00
Ondrej Zajicek
7ccb36d330
Implements C.len operator for clist and eclist types.
...
Thanks to Sergey Popovich for the original patch.
2013-10-02 14:57:29 +02:00
Ondrej Zajicek
28a10f84cb
Some fixes in filter code.
...
Thanks to Sergey Popovich for original patches.
2013-10-02 14:41:37 +02:00
Ondrej Zajicek
70c5780535
Minor code cleanups.
...
Thanks to Sergey Popovich for the patch.
2013-10-02 12:10:09 +02:00
Ondrej Zajicek
b655596d1d
Simplifies val_in_range().
...
Also fixes missing type check for element ~ set.
2013-10-02 11:42:46 +02:00
Ondrej Zajicek
a5fc59587f
Rewrites static attribute filter code and adds ifname/ifindex attributes.
...
Thanks to Sergey Popovich for the original ifname/ifindex patch.
2013-09-26 22:08:21 +02:00
Ondrej Zajicek
507e182a60
Fixes reconfiguration of global set variables.
...
When global set variables were used, every reconfiguration restarted
protocols that use it in filters.
Thanks to Sergey Popovich for a bugreport.
2013-09-10 12:58:24 +02:00
Ondrej Zajicek
bff9ce5130
Extends delete/filter operators to work no bgp_paths.
2013-08-15 01:06:47 +02:00
Ondrej Zajicek
00192d5ab8
Implements proper setting of 'gw' route attribute.
...
Thanks to Sergey Popovich for the bugreport.
2013-08-13 20:32:02 +02:00
Ondrej Zajicek
4ee39ff2ff
Fixes initial random values for function arguments.
...
Thanks to Javor Kliachev for the bugreport.
2013-07-26 11:08:59 +02:00
Ondrej Zajicek
1103b32e83
Allows to define constants of all filter types.
2013-07-25 22:33:57 +02:00
Ondrej Zajicek
508d936078
Implements eval command and minor CLI cleanups.
...
Implemented eval command can be used to evaluate expressions.
The patch also documents echo command and allows to use log classes
instead of integer as a mask for echo.
2013-07-25 13:15:32 +02:00
Ondrej Zajicek
cc31b75a8f
Implements 'bgppath ~ int set' filter op.
2013-07-09 23:27:10 +02:00
Ondrej Zajicek
36da2857bc
Implements router advertisements activated by received routes.
...
The RAdv protocol could be configured to change its behavior based on
availability of routes, e.g., do not announce router lifetime when a
default route is not available.
2013-02-08 23:58:27 +01:00
Ondrej Zajicek
b31774eeb0
Removes some nonsense.
2012-11-27 01:30:09 +01:00