Hi, bgpd.conf manual has an example with :
good="{ 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }" bad="{ 224.0.0.0/4 prefixlen >= 4, 240.0.0.0/4 prefixlen >= 4 }" ugly="{ 127.0.0.1/8, 169.254.0.0/16 }" deny from any prefix { $good $bad $ugly } This syntax is not valid with current parse.y. Here is a patch to make it valid. Index: parse.y =================================================================== RCS file: /cvs/src/usr.sbin/bgpd/parse.y,v retrieving revision 1.298 diff -u -p -r1.298 parse.y --- parse.y 22 Feb 2017 13:55:14 -0000 1.298 +++ parse.y 21 May 2017 17:29:11 -0000 @@ -217,6 +217,7 @@ typedef struct { %type <v.filter_set> filter_set_opt %type <v.filter_set_head> filter_set filter_set_l %type <v.filter_prefix> filter_prefix filter_prefix_l filter_prefix_h +%type <v.filter_prefix> filter_prefix_m %type <v.u8> unaryop equalityop binaryop filter_as_type %type <v.encspec> encspec %% @@ -1615,8 +1616,22 @@ filter_prefix_h : IPV4 prefixlenop { } } | PREFIX filter_prefix { $$ = $2; } - | PREFIX '{' filter_prefix_l '}' { $$ = $3; } + | PREFIX '{' filter_prefix_m '}' { $$ = $3; } ; + +filter_prefix_m : filter_prefix_l + | '{' filter_prefix_l '}' { $$ = $2; } + | '{' filter_prefix_l '}' filter_prefix_m + { + struct filter_prefix_l *p; + + /* merge, both can be lists */ + for (p = $2; p != NULL && p->next != NULL; p = p->next) + ; /* nothing */ + if (p != NULL) + p->next = $4; + $$ = $2; + } filter_prefix_l : filter_prefix { $$ = $1; } | filter_prefix_l comma filter_prefix {