/* * BIRD -- Core Configuration * * (c) 1998--2000 Martin Mares * (c) 2004 Ondrej Filip * * Can be freely distributed and used under the terms of the GNU GPL. */ CF_HDR #include "nest/rt-dev.h" #include "nest/password.h" #include "nest/cmds.h" #include "nest/mpls.h" #include "lib/lists.h" #include "lib/mac.h" CF_DEFINES static struct rtable_config *this_table; static struct proto_config *this_proto; static struct channel_config *this_channel; static struct iface_patt *this_ipatt; static struct iface_patt_node *this_ipn; /* static struct roa_table_config *this_roa_table; */ static list *this_p_list; static struct password_item *this_p_item; static int password_id; static struct bfd_options *this_bfd_opts; static void iface_patt_check(void) { struct iface_patt_node *pn; WALK_LIST(pn, this_ipatt->ipn_list) if (!pn->pattern || pn->prefix.type) cf_error("Interface name/mask expected, not IP prefix"); } static inline void init_password_list(void) { if (!this_p_list) { this_p_list = cfg_allocz(sizeof(list)); init_list(this_p_list); password_id = 1; } } static inline void init_password(const void *key, uint length, uint id) { this_p_item = cfg_allocz(sizeof (struct password_item)); this_p_item->password = key; this_p_item->length = length; this_p_item->genfrom = 0; this_p_item->gento = TIME_INFINITY; this_p_item->accfrom = 0; this_p_item->accto = TIME_INFINITY; this_p_item->id = id; this_p_item->alg = ALG_UNDEFINED; add_tail(this_p_list, &this_p_item->n); } static inline void reset_passwords(void) { this_p_list = NULL; } static inline list * get_passwords(void) { list *rv = this_p_list; this_p_list = NULL; return rv; } static inline void init_bfd_opts(struct bfd_options **opts) { cf_check_bfd(1); if (! *opts) *opts = bfd_new_options(); } static inline void open_bfd_opts(struct bfd_options **opts) { init_bfd_opts(opts); this_bfd_opts = *opts; } static inline void close_bfd_opts(void) { this_bfd_opts = NULL; } static void proto_postconfig(void) { CALL(this_proto->protocol->postconfig, this_proto); this_channel = NULL; this_proto = NULL; } static void channel_reload_out_done_main(void *_prr) { struct proto_reload_request *prr = _prr; ASSERT_THE_BIRD_LOCKED; rfree(prr->trie->lp); } static inline void proto_call_cmd_reload(struct proto_spec ps, int dir, const struct f_trie *trie) { struct proto_reload_request *prr = cfg_alloc(sizeof *prr); *prr = (struct proto_reload_request) { .trie = trie, .dir = dir, .counter = 1, }; if (trie) { /* CLI linpool is moved to trie, because trie is need for longer time * than the linpool would exist in CLI. The linpool is freed in channel_reload_out_done_main. */ ASSERT_DIE(this_cli->parser_pool == prr->trie->lp); rmove(this_cli->parser_pool, &root_pool); this_cli->parser_pool = lp_new(this_cli->pool); prr->ev = (event) { .data = prr, .hook = channel_reload_out_done_main, }; } proto_apply_cmd(ps, proto_cmd_reload, 1, (uintptr_t) prr); /* This function used reference to this trie, so it is freed here as well as in protocols*/ if (trie) if (atomic_fetch_sub_explicit(&prr->counter, 1, memory_order_acq_rel) == 1) ev_send_loop(&main_birdloop, &prr->ev); } #define DIRECT_CFG ((struct rt_dev_config *) this_proto) CF_DECLS CF_KEYWORDS(ROUTER, ID, HOSTNAME, PROTOCOL, TEMPLATE, PREFERENCE, DISABLED, DEBUG, ALL, OFF, DIRECT, PIPE) CF_KEYWORDS(INTERFACE, IMPORT, EXPORT, FILTER, NONE, VRF, DEFAULT, TABLE, TABLES, STATES, ROUTES, FILTERS) CF_KEYWORDS(IPV4, IPV6, VPN4, VPN6, ROA4, ROA6, FLOW4, FLOW6, SADR, MPLS) CF_KEYWORDS(RECEIVE, LIMIT, ACTION, WARN, BLOCK, RESTART, DISABLE, KEEP, FILTERED, RPKI) CF_KEYWORDS(PASSWORD, KEY, FROM, PASSIVE, TO, ID, EVENTS, PACKETS, PROTOCOLS, CHANNELS, INTERFACES) CF_KEYWORDS(ALGORITHM, KEYED, HMAC, MD5, SHA1, SHA256, SHA384, SHA512, BLAKE2S128, BLAKE2S256, BLAKE2B256, BLAKE2B512) CF_KEYWORDS(PRIMARY, STATS, COUNT, FOR, IN, COMMANDS, PREEXPORT, NOEXPORT, EXPORTED, GENERATE) CF_KEYWORDS(BGP, PASSWORDS, DESCRIPTION) CF_KEYWORDS(RELOAD, IN, OUT, MRTDUMP, MESSAGES, RESTRICT, MEMORY, CLASS, DSCP, PARTIAL) CF_KEYWORDS(TIMEFORMAT, ISO, SHORT, LONG, ROUTE, PROTOCOL, BASE, LOG, S, MS, US) CF_KEYWORDS(GRACEFUL, RESTART, WAIT, MAX, AS) CF_KEYWORDS(MIN, IDLE, RX, TX, INTERVAL, MULTIPLIER, PASSIVE) CF_KEYWORDS(CHECK, LINK) CF_KEYWORDS(CORK, SORTED, TRIE, MIN, MAX, ROA, ROUTE, REFRESH, SETTLE, TIME, GC, THRESHOLD, PERIOD) CF_KEYWORDS(MPLS_LABEL, MPLS_POLICY, MPLS_CLASS) /* For r_args_channel */ CF_KEYWORDS(IPV4, IPV4_MC, IPV4_MPLS, IPV6, IPV6_MC, IPV6_MPLS, IPV6_SADR, VPN4, VPN4_MC, VPN4_MPLS, VPN6, VPN6_MC, VPN6_MPLS, ROA4, ROA6, FLOW4, FLOW6, MPLS, PRI, SEC) CF_ENUM(T_ENUM_RTS, RTS_, STATIC, INHERIT, DEVICE, STATIC_DEVICE, REDIRECT, RIP, OSPF, OSPF_IA, OSPF_EXT1, OSPF_EXT2, BGP, PIPE, BABEL, RPKI, L3VPN, AGGREGATED) CF_ENUM(T_ENUM_SCOPE, SCOPE_, HOST, LINK, SITE, ORGANIZATION, UNIVERSE, UNDEFINED) CF_ENUM(T_ENUM_RTD, RTD_, UNICAST, BLACKHOLE, UNREACHABLE, PROHIBIT) CF_ENUM(T_ENUM_ROA, ROA_, UNKNOWN, VALID, INVALID) CF_ENUM_PX(T_ENUM_AF, AF_, AFI_, IPV4, IPV6) CF_ENUM(T_ENUM_MPLS_POLICY, MPLS_POLICY_, NONE, STATIC, PREFIX, AGGREGATE, VRF) %type idval %type imexport %type rtable %type optproto %type r_args %type sym_args %type proto_start debug_mask debug_list debug_flag mrtdump_mask mrtdump_list mrtdump_flag export_mode limit_action net_type net_type_base tos password_algorithm %type proto_patt proto_patt2 %type channel_start proto_channel %type limit_spec %type r_args_for_val %type r_args_for %type channel_sym %type channel_arg %type partial_opt CF_GRAMMAR /* Setting of router ID */ conf: rtrid ; rtrid: ROUTER ID idval ';' { new_config->router_id = $3; } | ROUTER ID FROM iface_patt ';' { new_config->router_id_from = this_ipatt; } ; idval: NUM { $$ = $1; } | '(' term ')' { $$ = cf_eval_int($2); } | IP4 { $$ = ip4_to_u32($1); } | CF_SYM_KNOWN { if ($1->class == (SYM_CONSTANT | T_INT) || $1->class == (SYM_CONSTANT | T_QUAD)) $$ = SYM_VAL($1).i; else if (($1->class == (SYM_CONSTANT | T_IP)) && ipa_is_ip4(SYM_VAL($1).ip)) $$ = ipa_to_u32(SYM_VAL($1).ip); else cf_error("Number or IPv4 address constant expected"); } ; conf: hostname_override ; hostname_override: HOSTNAME text ';' { new_config->hostname = $2; } ; conf: gr_opts ; gr_opts: GRACEFUL RESTART WAIT expr ';' { new_config->gr_wait = $4; } ; /* Network types (for tables, channels) */ net_type_base: IPV4 { $$ = NET_IP4; } | IPV6 { $$ = NET_IP6; } | IPV6 SADR { $$ = NET_IP6_SADR; } | VPN4 { $$ = NET_VPN4; } | VPN6 { $$ = NET_VPN6; } | ROA4 { $$ = NET_ROA4; } | ROA6 { $$ = NET_ROA6; } | FLOW4{ $$ = NET_FLOW4; } | FLOW6{ $$ = NET_FLOW6; } ; net_type: net_type_base | MPLS { $$ = NET_MPLS; } ; CF_ENUM(T_ENUM_NETTYPE, NET_, IP4, IP6, VPN4, VPN6, ROA4, ROA6, FLOW4, FLOW6, IP6_SADR, MPLS) /* Creation of routing tables */ conf: table ; table: table_start table_sorted table_opt_list ; table_start: net_type TABLE symbol { this_table = rt_new_table($3, $1); } ; table_sorted: /* empty */ | SORTED { this_table->sorted = 1; } ; table_opt: SORTED bool { this_table->sorted = $2; } | DEBUG debug_mask { this_table->debug = $2; } | TRIE bool { if (!net_val_match(this_table->addr_type, NB_IP | NB_VPN | NB_ROA | NB_IP6_SADR)) cf_error("Trie option not supported for %s table", net_label[this_table->addr_type]); this_table->trie_used = $2; } | GC THRESHOLD expr { this_table->gc_threshold = $3; } | GC PERIOD expr_us { this_table->gc_period = (uint) $3; if ($3 > 3600 S_) cf_error("GC period must be at most 3600 s"); } | CORK THRESHOLD expr expr { if ($3 > $4) cf_error("Cork low threshold must be lower than the high threshold."); this_table->cork_threshold.low = $3; this_table->cork_threshold.high = $4; } | EXPORT SETTLE TIME settle { this_table->export_settle = $4; } | ROUTE REFRESH EXPORT SETTLE TIME settle { this_table->export_rr_settle = $6; } ; table_opts: /* empty */ | table_opts table_opt ';' ; table_opt_list: /* empty */ | '{' table_opts '}' ; /* Definition of protocols */ conf: proto { proto_postconfig(); } ; proto_start: PROTOCOL { $$ = SYM_PROTO; } | TEMPLATE { $$ = SYM_TEMPLATE; } ; proto_name: /* EMPTY */ { struct symbol *s = cf_default_name(new_config, this_proto->protocol->template, &this_proto->protocol->name_counter); s->class = this_proto->class; s->proto = this_proto; this_proto->name = s->name; } | symbol { cf_define_symbol(new_config, $1, this_proto->class, proto, this_proto); this_proto->name = $1->name; } | FROM CF_SYM_KNOWN { if (($2->class != SYM_TEMPLATE) && ($2->class != SYM_PROTO)) cf_error("Template or protocol name expected"); struct symbol *s = cf_default_name(new_config, this_proto->protocol->template, &this_proto->protocol->name_counter); s->class = this_proto->class; s->proto = this_proto; this_proto->name = s->name; proto_copy_config(this_proto, $2->proto); } | symbol FROM CF_SYM_KNOWN { if (($3->class != SYM_TEMPLATE) && ($3->class != SYM_PROTO)) cf_error("Template or protocol name expected"); cf_define_symbol(new_config, $1, this_proto->class, proto, this_proto); this_proto->name = $1->name; proto_copy_config(this_proto, $3->proto); } ; proto_item: /* EMPTY */ | DISABLED bool { this_proto->disabled = $2; } | DEBUG debug_mask { this_proto->debug = $2; } | MRTDUMP mrtdump_mask { this_proto->mrtdump = $2; } | ROUTER ID idval { this_proto->router_id = $3; } | DESCRIPTION text { this_proto->dsc = $2; } | VRF text { this_proto->vrf = if_get_by_name($2); } | VRF DEFAULT { this_proto->vrf = &default_vrf; } ; channel_start: net_type_base { $$ = this_channel = channel_config_get(NULL, net_label[$1], $1, this_proto); }; channel_item_: TABLE rtable { if (this_channel->net_type && ($2->addr_type != this_channel->net_type)) cf_error("Incompatible table type"); this_channel->table = $2; } | IMPORT imexport { this_channel->in_filter = $2; } | EXPORT IN net_any imexport { if (this_channel->net_type && ($3->type != this_channel->net_type)) cf_error("Incompatible export prefilter type"); this_channel->out_subprefix = $3; this_channel->out_filter = $4; } | EXPORT imexport { this_channel->out_filter = $2; } | EXPORT BLOCK expr { this_channel->feed_block_size = $3; } | RECEIVE LIMIT limit_spec { this_channel->rx_limit = $3; } | IMPORT LIMIT limit_spec { this_channel->in_limit = $3; } | EXPORT LIMIT limit_spec { this_channel->out_limit = $3; } | ROA SETTLE TIME settle { this_channel->roa_settle = $4; } | PREFERENCE expr { this_channel->preference = $2; check_u16($2); } | IMPORT KEEP FILTERED bool { if ($4) this_channel->in_keep |= RIK_REJECTED; else if ((this_channel->in_keep & RIK_PREFILTER) == RIK_PREFILTER) cf_error("Import keep filtered is implied by the import table."); else this_channel->in_keep &= ~RIK_REJECTED; } | RPKI RELOAD bool { this_channel->rpki_reload = $3; } ; /* To avoid grammar collision in Pipe protocol */ channel_item: channel_item_ | DEBUG debug_mask { this_channel->debug = $2; } ; channel_opts: /* empty */ | channel_opts channel_item ';' ; channel_opt_list: /* empty */ | '{' channel_opts '}' ; channel_end: { if (!this_channel->table) cf_error("Routing table not specified"); this_channel = NULL; }; proto_channel: channel_start channel_opt_list channel_end; rtable: CF_SYM_KNOWN { cf_assert_symbol($1, SYM_TABLE); if (!$1->table) rt_new_default_table($1); $$ = $1->table; } ; imexport: FILTER filter { $$ = $2; } | where_filter | ALL { $$ = FILTER_ACCEPT; } | NONE { $$ = FILTER_REJECT; } ; limit_action: /* default */ { $$ = PLA_DISABLE; } | ACTION WARN { $$ = PLA_WARN; } | ACTION BLOCK { $$ = PLA_BLOCK; } | ACTION RESTART { $$ = PLA_RESTART; } | ACTION DISABLE { $$ = PLA_DISABLE; } ; limit_spec: expr limit_action { $$ = (struct channel_limit){ .limit = $1, $$.action = $2 }; } | OFF { $$ = (struct channel_limit){}; } ; conf: debug_default ; debug_default: DEBUG PROTOCOLS debug_mask { new_config->proto_default_debug = $3; } | DEBUG CHANNELS debug_mask { new_config->channel_default_debug = $3; } | DEBUG TABLES debug_mask { new_config->table_default_debug = $3; } | DEBUG COMMANDS expr { new_config->cli_debug = $3; } ; /* MRTDUMP PROTOCOLS is in systep/unix/config.Y */ conf: timeformat_base ; timeformat_which: ROUTE { $$ = &new_config->tf_route; } | PROTOCOL { $$ = &new_config->tf_proto; } | BASE { $$ = &new_config->tf_base; } | LOG { $$ = &new_config->tf_log; } ; timeformat_spec: timeformat_which TEXT { *$1 = (struct timeformat){$2, NULL, 0}; } | timeformat_which TEXT expr TEXT { *$1 = (struct timeformat){$2, $4, (s64) $3 S_}; } | timeformat_which ISO SHORT { *$1 = TM_ISO_SHORT_S; } | timeformat_which ISO SHORT MS { *$1 = TM_ISO_SHORT_MS; } | timeformat_which ISO SHORT US { *$1 = TM_ISO_SHORT_US; } | timeformat_which ISO LONG { *$1 = TM_ISO_LONG_S; } | timeformat_which ISO LONG MS { *$1 = TM_ISO_LONG_MS; } | timeformat_which ISO LONG US { *$1 = TM_ISO_LONG_US; } ; timeformat_base: TIMEFORMAT timeformat_spec ';' ; /* Interface patterns */ iface_patt_node_init: /* EMPTY */ { struct iface_patt_node *ipn = cfg_allocz(sizeof(struct iface_patt_node)); add_tail(&this_ipatt->ipn_list, NODE ipn); this_ipn = ipn; } ; iface_patt_node_body: TEXT { this_ipn->pattern = $1; /* this_ipn->prefix stays zero */ } | opttext net_or_ipa { this_ipn->pattern = $1; this_ipn->prefix = $2; } ; iface_negate: { this_ipn->positive = 1; } | '-' { this_ipn->positive = 0; } ; iface_patt_node: iface_patt_node_init iface_negate iface_patt_node_body ; iface_patt_list: iface_patt_node | iface_patt_list ',' iface_patt_node ; /* For name/mask-only iface patterns */ iface_patt_list_nopx: iface_patt_list { iface_patt_check(); } iface_patt_init: { /* Generic this_ipatt init */ this_ipatt = cfg_allocz(sizeof(struct iface_patt)); init_list(&this_ipatt->ipn_list); } ; iface_patt: iface_patt_init iface_patt_list ; tos: CLASS expr { $$ = $2 & 0xfc; if ($2 > 255) cf_error("TX class must be in range 0-255"); } | DSCP expr { $$ = ($2 & 0x3f) << 2; if ($2 > 63) cf_error("TX DSCP must be in range 0-63"); } ; /* Direct device route protocol */ proto: dev_proto '}' ; dev_proto_start: proto_start DIRECT { this_proto = proto_config_new(&proto_device, $1); init_list(&DIRECT_CFG->iface_list); this_proto->late_if_feed = 1; } ; dev_proto: dev_proto_start proto_name '{' | dev_proto proto_item ';' | dev_proto proto_channel ';' | dev_proto dev_iface_patt ';' | dev_proto CHECK LINK bool ';' { DIRECT_CFG->check_link = $4; } ; dev_iface_init: /* EMPTY */ { this_ipatt = cfg_allocz(sizeof(struct iface_patt)); add_tail(&DIRECT_CFG->iface_list, NODE this_ipatt); init_list(&this_ipatt->ipn_list); } ; dev_iface_patt: INTERFACE dev_iface_init iface_patt_list ; /* Debug flags */ debug_mask: ALL { $$ = ~0; } | OFF { $$ = 0; } | '{' debug_list '}' { $$ = $2; } ; debug_list: debug_flag | debug_list ',' debug_flag { $$ = $1 | $3; } ; debug_flag: STATES { $$ = D_STATES; } | ROUTES { $$ = D_ROUTES; } | FILTERS { $$ = D_FILTERS; } | INTERFACES { $$ = D_IFACES; } | EVENTS { $$ = D_EVENTS; } | PACKETS { $$ = D_PACKETS; } ; /* MRTDump flags */ mrtdump_mask: ALL { $$ = ~0; } | OFF { $$ = 0; } | '{' mrtdump_list '}' { $$ = $2; } ; mrtdump_list: mrtdump_flag | mrtdump_list ',' mrtdump_flag { $$ = $1 | $3; } ; mrtdump_flag: STATES { $$ = MD_STATES; } | MESSAGES { $$ = MD_MESSAGES; } ; /* Password lists */ password_list: password_list_body ; password_list_body: PASSWORDS '{' password_items '}' | password_item ; password_items: /* empty */ | password_item ';' password_items ; password_item: password_item_begin '{' password_item_params '}' password_item_end | password_item_begin password_item_end ; pass_key: PASSWORD | KEY; password_item_begin: pass_key bytestring_text { init_password_list(); if ($2.type == T_BYTESTRING) init_password($2.val.bs->data, $2.val.bs->length, password_id++); else if ($2.type == T_STRING) init_password($2.val.s, strlen($2.val.s), password_id++); else bug("Bad bytestring_text"); }; password_item_params: /* empty */ { } | GENERATE FROM time ';' password_item_params { this_p_item->genfrom = $3; } | GENERATE TO time ';' password_item_params { this_p_item->gento = $3; } | ACCEPT FROM time ';' password_item_params { this_p_item->accfrom = $3; } | ACCEPT TO time ';' password_item_params { this_p_item->accto = $3; } | FROM time ';' password_item_params { this_p_item->genfrom = this_p_item->accfrom = $2; } | TO time ';' password_item_params { this_p_item->gento = this_p_item->accto = $2; } | ID expr ';' password_item_params { this_p_item->id = $2; if ($2 > 255) cf_error("Password ID must be in range 0-255"); } | ALGORITHM password_algorithm ';' password_item_params { this_p_item->alg = $2; } ; password_algorithm: KEYED MD5 { $$ = ALG_MD5; } | KEYED SHA1 { $$ = ALG_SHA1; } | KEYED SHA256 { $$ = ALG_SHA256; } | KEYED SHA384 { $$ = ALG_SHA384; } | KEYED SHA512 { $$ = ALG_SHA512; } | HMAC MD5 { $$ = ALG_HMAC_MD5; } | HMAC SHA1 { $$ = ALG_HMAC_SHA1; } | HMAC SHA256 { $$ = ALG_HMAC_SHA256; } | HMAC SHA384 { $$ = ALG_HMAC_SHA384; } | HMAC SHA512 { $$ = ALG_HMAC_SHA512; } | BLAKE2S128 { $$ = ALG_BLAKE2S_128; } | BLAKE2S256 { $$ = ALG_BLAKE2S_256; } | BLAKE2B256 { $$ = ALG_BLAKE2B_256; } | BLAKE2B512 { $$ = ALG_BLAKE2B_512; } ; password_item_end: { password_validate_length(this_p_item); }; /* BFD options */ bfd_item: INTERVAL expr_us { this_bfd_opts->min_rx_int = this_bfd_opts->min_tx_int = $2; } | MIN RX INTERVAL expr_us { this_bfd_opts->min_rx_int = $4; } | MIN TX INTERVAL expr_us { this_bfd_opts->min_tx_int = $4; } | IDLE TX INTERVAL expr_us { this_bfd_opts->idle_tx_int = $4; } | MULTIPLIER expr { this_bfd_opts->multiplier = $2; } | PASSIVE bool { this_bfd_opts->passive = $2; this_bfd_opts->passive_set = 1; } | GRACEFUL { this_bfd_opts->mode = BGP_BFD_GRACEFUL; } ; bfd_items: /* empty */ | bfd_items bfd_item ';' ; bfd_opts: '{' bfd_items '}' ; /* Core commands */ CF_CLI_HELP(SHOW, ..., [[Show status information]]) CF_CLI(SHOW STATUS,,, [[Show router status]]) { cmd_show_status(); } ; CF_CLI(SHOW MEMORY,,, [[Show memory usage]]) { cmd_show_memory(); } ; CF_CLI(SHOW PROTOCOLS, proto_patt2, [ | \"\"], [[Show routing protocols]]) { proto_apply_cmd($3, proto_cmd_show, 0, 0); } ; CF_CLI(SHOW PROTOCOLS ALL, proto_patt2, [ | \"\"], [[Show routing protocol details]]) { proto_apply_cmd($4, proto_cmd_show, 0, 1); } ; optproto: CF_SYM_KNOWN { cf_assert_symbol($1, SYM_PROTO); $$ = $1; } | /* empty */ { $$ = NULL; } ; CF_CLI(SHOW INTERFACES,,, [[Show network interfaces]]) { if_show(); } ; CF_CLI(SHOW INTERFACES SUMMARY,,, [[Show summary of network interfaces]]) { if_show_summary(); } ; CF_CLI_HELP(SHOW ROUTE, ..., [[Show routing table]]) CF_CLI(SHOW ROUTE, r_args, [[[|for |for |in ] [table ] [(import|export) table

.] [filter |where ] [all] [primary] [filtered] [(export|preexport|noexport)

] [protocol

] [stats|count]]], [[Show routing table]]) { rt_show($3); } ; r_args: /* empty */ { $$ = cfg_allocz(sizeof(struct rt_show_data)); init_list(&($$->tables)); $$->filter = FILTER_ACCEPT; $$->running_on_config = config; $$->cli = this_cli; } | r_args net_any { $$ = $1; if ($$->addr) cf_error("Only one prefix expected"); $$->addr = $2; $$->addr_mode = TE_ADDR_EQUAL; } | r_args FOR r_args_for { $$ = $1; if ($$->addr) cf_error("Only one prefix expected"); $$->addr = $3; $$->addr_mode = TE_ADDR_FOR; } | r_args IN net_any { $$ = $1; if ($$->addr) cf_error("Only one prefix expected"); if (!net_type_match($3, NB_IP)) cf_error("Only IP networks accepted for 'in' argument"); $$->addr = $3; $$->addr_mode = TE_ADDR_IN; } | r_args TABLE CF_SYM_KNOWN { cf_assert_symbol($3, SYM_TABLE); if (!$3->table) cf_error("Table %s not configured", $3->name); $$ = $1; rt_show_add_table($$, $3->table->table); $$->tables_defined_by = RSD_TDB_DIRECT; } | r_args TABLE ALL { struct rtable_config *t; $$ = $1; WALK_LIST(t, config->tables) rt_show_add_table($$, t->table); $$->tables_defined_by = RSD_TDB_ALL; } | r_args IMPORT TABLE channel_arg { if (!($4->in_keep & RIK_PREFILTER)) cf_error("No import table in channel %s.%s", $4->proto->name, $4->name); RT_LOCKED($4->table, tab) rt_show_add_exporter($$, &tab->exporter.e, "import")->prefilter = $4; $$->tables_defined_by = RSD_TDB_DIRECT; } | r_args EXPORT TABLE channel_arg { if (!$4->out_table) cf_error("No export table in channel %s.%s", $4->proto->name, $4->name); rt_show_add_exporter($$, $4->out_table, "export"); $$->tables_defined_by = RSD_TDB_DIRECT; } | r_args FILTER filter { $$ = $1; if ($$->filter != FILTER_ACCEPT) cf_error("Filter specified twice"); $$->filter = $3; } | r_args where_filter { $$ = $1; if ($$->filter != FILTER_ACCEPT) cf_error("Filter specified twice"); $$->filter = $2; } | r_args ALL { $$ = $1; $$->verbose = 1; } | r_args PRIMARY { $$ = $1; $$->primary_only = 1; } | r_args FILTERED { $$ = $1; $$->filtered = 1; } | r_args export_mode CF_SYM_KNOWN { cf_assert_symbol($3, SYM_PROTO); struct proto_config *c = (struct proto_config *) $3->proto; $$ = $1; if ($$->export_mode) cf_error("Export specified twice"); if (!c->proto) cf_error("%s is not a protocol", $3->name); $$->export_mode = $2; $$->export_protocol = c->proto; $$->tables_defined_by = RSD_TDB_INDIRECT; } | r_args export_mode channel_arg { $$ = $1; if ($$->export_mode) cf_error("Export specified twice"); $$->export_mode = $2; $$->export_channel = $3; $$->tables_defined_by = RSD_TDB_INDIRECT; } | r_args PROTOCOL CF_SYM_KNOWN { cf_assert_symbol($3, SYM_PROTO); struct proto_config *c = (struct proto_config *) $3->proto; $$ = $1; if ($$->show_protocol) cf_error("Protocol specified twice"); if (!c->proto) cf_error("%s is not a protocol", $3->name); $$->show_protocol = c->proto; $$->tables_defined_by = RSD_TDB_INDIRECT; } | r_args STATS { $$ = $1; $$->stats = 1; } | r_args COUNT { $$ = $1; $$->stats = 2; } ; r_args_for: r_args_for_val { $$ = cfg_alloc($1.length); net_copy($$, &$1); } | net_vpn4_ | net_vpn6_ | net_ip6_sadr_ | VPN_RD IP4 { $$ = cfg_alloc(sizeof(net_addr_vpn4)); net_fill_vpn4($$, $2, IP4_MAX_PREFIX_LENGTH, $1); } | VPN_RD IP6 { $$ = cfg_alloc(sizeof(net_addr_vpn6)); net_fill_vpn6($$, $2, IP6_MAX_PREFIX_LENGTH, $1); } | IP6 FROM IP6 { $$ = cfg_alloc(sizeof(net_addr_ip6_sadr)); net_fill_ip6_sadr($$, $1, IP6_MAX_PREFIX_LENGTH, $3, IP6_MAX_PREFIX_LENGTH); } | CF_SYM_KNOWN { if ($1->class == (SYM_CONSTANT | T_IP)) { $$ = cfg_alloc(ipa_is_ip4(SYM_VAL($1).ip) ? sizeof(net_addr_ip4) : sizeof(net_addr_ip6)); net_fill_ip_host($$, SYM_VAL($1).ip); } else if (($1->class == (SYM_CONSTANT | T_NET)) && net_type_match(SYM_VAL($1).net, NB_IP | NB_VPN)) $$ = (net_addr *) SYM_VAL($1).net; /* Avoid const warning */ else cf_error("IP address or network constant expected"); } ; r_args_for_val: net_ip4_ | net_ip6_ | IP4 { net_fill_ip4(&($$), $1, IP4_MAX_PREFIX_LENGTH); } | IP6 { net_fill_ip6(&($$), $1, IP6_MAX_PREFIX_LENGTH); } export_mode: PREEXPORT { $$ = RSEM_PREEXPORT; } | EXPORT { $$ = RSEM_EXPORT; } | NOEXPORT { $$ = RSEM_NOEXPORT; } | EXPORTED { $$ = RSEM_EXPORTED; } ; /* This is ugly hack */ channel_sym: IPV4 { $$ = "ipv4"; } | IPV4_MC { $$ = "ipv4-mc"; } | IPV4_MPLS { $$ = "ipv4-mpls"; } | IPV6 { $$ = "ipv6"; } | IPV6_MC { $$ = "ipv6-mc"; } | IPV6_MPLS { $$ = "ipv6-mpls"; } | IPV6_SADR { $$ = "ipv6-sadr"; } | VPN4 { $$ = "vpn4"; } | VPN4_MC { $$ = "vpn4-mc"; } | VPN4_MPLS { $$ = "vpn4-mpls"; } | VPN6 { $$ = "vpn6"; } | VPN6_MC { $$ = "vpn6-mc"; } | VPN6_MPLS { $$ = "vpn6-mpls"; } | ROA4 { $$ = "roa4"; } | ROA6 { $$ = "roa6"; } | FLOW4 { $$ = "flow4"; } | FLOW6 { $$ = "flow6"; } | MPLS { $$ = "mpls"; } | PRI { $$ = "pri"; } | SEC { $$ = "sec"; } ; channel_arg: CF_SYM_KNOWN '.' channel_sym { cf_assert_symbol($1, SYM_PROTO); struct proto *p = $1->proto->proto; if (!p) cf_error("%s is not a protocol", $1->name); $$ = proto_find_channel_by_name(p, $3); if (!$$) cf_error("Channel %s.%s not found", $1->name, $3); } ; CF_CLI_HELP(SHOW SYMBOLS, ..., [[Show all known symbolic names]]) CF_CLI(SHOW SYMBOLS, sym_args, [table|filter|function|protocol|template|], [[Show all known symbolic names]]) { cmd_show_symbols($3); } ; sym_args: /* empty */ { $$ = cfg_allocz(sizeof(struct sym_show_data)); } | sym_args TABLE { $$ = $1; $$->type = SYM_TABLE; } | sym_args FUNCTION { $$ = $1; $$->type = SYM_FUNCTION; } | sym_args FILTER { $$ = $1; $$->type = SYM_FILTER; } | sym_args PROTOCOL { $$ = $1; $$->type = SYM_PROTO; } | sym_args TEMPLATE { $$ = $1; $$->type = SYM_TEMPLATE; } | sym_args CF_SYM_KNOWN { $$ = $1; $$->sym = $2; } ; CF_CLI_HELP(DUMP, ..., [[Dump debugging information]]) CF_CLI(DUMP RESOURCES,,, [[Dump all allocated resource]]) { rdump(&root_pool, 0); cli_msg(0, ""); } ; CF_CLI(DUMP SOCKETS,,, [[Dump open sockets]]) { sk_dump_all(); cli_msg(0, ""); } ; CF_CLI(DUMP EVENTS,,, [[Dump event log]]) { io_log_dump(); cli_msg(0, ""); } ; CF_CLI(DUMP INTERFACES,,, [[Dump interface information]]) { if_dump_all(); cli_msg(0, ""); } ; CF_CLI(DUMP NEIGHBORS,,, [[Dump neighbor cache]]) { neigh_dump_all(); cli_msg(0, ""); } ; CF_CLI(DUMP ATTRIBUTES,,, [[Dump attribute cache]]) { ea_dump_all(); cli_msg(0, ""); } ; CF_CLI(DUMP ROUTES,,, [[Dump routes]]) { rt_dump_all(); cli_msg(0, ""); } ; CF_CLI(DUMP TABLES,,, [[Dump table connections]]) { rt_dump_hooks_all(); cli_msg(0, ""); } ; CF_CLI(DUMP PROTOCOLS,,, [[Dump protocol information]]) { protos_dump_all(); cli_msg(0, ""); } ; CF_CLI(DUMP FILTER ALL,,, [[Dump all filters in linearized form]]) { filters_dump_all(); cli_msg(0, ""); } ; CF_CLI(EVAL, term, , [[Evaluate an expression]]) { cmd_eval(f_linearize($2, 1)); } ; partial_opt: PARTIAL term { struct f_val val; if (f_eval(f_linearize($2, 1), &val) > F_RETURN) cf_error("Runtime error"); if (val.type != T_PREFIX_SET) cf_error("Partial spec must be prefix set"); $$ = val.val.ti; } | /* empty */ { $$ = NULL; } ; CF_CLI(DISABLE, proto_patt opttext, ( | \"\" | all) [message], [[Disable protocol]]) { proto_apply_cmd($2, proto_cmd_disable, 1, (uintptr_t) $3); } ; CF_CLI(ENABLE, proto_patt opttext, ( | \"\" | all) [message], [[Enable protocol]]) { proto_apply_cmd($2, proto_cmd_enable, 1, (uintptr_t) $3); } ; CF_CLI(RESTART, proto_patt opttext, ( | \"\" | all) [message], [[Restart protocol]]) { proto_apply_cmd($2, proto_cmd_restart, 1, (uintptr_t) $3); } ; CF_CLI(RELOAD, proto_patt partial_opt, ( | \"\" | all) [partial ], [[Reload protocol]]) { proto_call_cmd_reload($2, CMD_RELOAD, $3); } ; CF_CLI(RELOAD IN, proto_patt partial_opt, | \"\" | all, [[Reload protocol (just imported routes)]]) { proto_call_cmd_reload($3, CMD_RELOAD_IN, $4); } ; CF_CLI(RELOAD OUT, proto_patt partial_opt, | \"\" | all, [[Reload protocol (just exported routes)]]) { proto_call_cmd_reload($3, CMD_RELOAD_OUT, $4); } ; CF_CLI_HELP(DEBUG, ..., [[Control protocol debugging via BIRD logs]]) CF_CLI(DEBUG, debug_args, ( | | \"\" | all) (all | off | { states|routes|filters|interfaces|events|packets [, ...] }), [[Control protocol debugging via BIRD logs]]) { /* Done in debug_args */ }; debug_args: proto_patt debug_mask { proto_apply_cmd($1, proto_cmd_debug, 1, $2); } | channel_arg debug_mask { channel_cmd_debug($1, $2); } ; CF_CLI_HELP(MRTDUMP, ..., [[Control protocol debugging via MRTdump files]]) CF_CLI(MRTDUMP, proto_patt mrtdump_mask, ( | \"\" | all) (all | off | { states|messages [, ...] }), [[Control protocol debugging via MRTdump format]]) { proto_apply_cmd($2, proto_cmd_mrtdump, 1, $3); } ; CF_CLI(RESTRICT,,,[[Restrict current CLI session to safe commands]]) { this_cli->restricted = 1; cli_msg(16, "Access restricted"); } ; proto_patt: CF_SYM_KNOWN { cf_assert_symbol($1, SYM_PROTO); $$.ptr = $1; $$.patt = 0; } | ALL { $$.ptr = NULL; $$.patt = 1; } | TEXT { $$.ptr = $1; $$.patt = 1; } ; proto_patt2: CF_SYM_KNOWN { cf_assert_symbol($1, SYM_PROTO); $$.ptr = $1; $$.patt = 0; } | { $$.ptr = NULL; $$.patt = 1; } | TEXT { $$.ptr = $1; $$.patt = 1; } ; CF_CODE CF_END