I was adding bogon filtering back into that new apu2 default gateway (which, btw, used to run quagga)
Simple example (though you need to grep out a few more things) #!/bin/sh TFILE=/tmp/bogons.$$ B6N=fullbogons-ipv6.txt B4N=fullbogons-ipv4.txt B6=https://www.team-cymru.org/Services/Bogons/$B6N B4=https://www.team-cymru.org/Services/Bogons/$B4N rm -f /tmp/$B6N /tmp/$B4N cd /tmp; wget -t 300 $B6; wget -t 300 $B4 cat /tmp/$B4N /tmp/$B6N | egrep -v \# | while read x do echo route replace blackhole $x proto 51 done > $TFILE ip -b $TFILE rm -f $TFILE And I'm *not* importing proto 51 of this list into babeld, but when it does a kernel dump, it gets it all, hits an internal memory limit processing the netlink data and doesn't manage to import *any* kernel routes. root@ida:~/git/babeld# ./babeld -d 1 eth0 Interface eth0 has no link-local address. setsockopt(IPV6_LEAVE_GROUP): Cannot assign requested address Warning: couldn't check exported routes. Interface eth0 has no link-local address. ... So, perhaps, some way to express invalid protocols and tables earlier in the babeld filtering system would help. (yep, gonna fiddle with bird soon, too. or bpf, again.) crude, example, hack diff --git a/kernel_netlink.c b/kernel_netlink.c index 76e6350..c651d72 100644 --- a/kernel_netlink.c +++ b/kernel_netlink.c @@ -1201,6 +1201,9 @@ filter_kernel_routes(struct nlmsghdr *nh, struct kernel_route *route) if(rtm->rtm_protocol == RTPROT_BABEL) return 0; + if(rtm->rtm_protocol == 51 ) + return 0; + /* Ignore cached routes, advertised by some kernels (linux 3.x). */ if(rtm->rtm_flags & RTM_F_CLONED) return 0; _______________________________________________ Babel-users mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/babel-users
