Re: OpenBGPd: expand rib list (updated for r1.295)
Also looks good to me, OK On 2017 Jan 20 (Fri) at 21:19:22 +0100 (+0100), Denis Fondras wrote: :Hello, : :Here is a patch to expand RIB names in rules. When playing with multi-RIBs, it :allows to simplify ruleset. : : Ex : :# cat /etc/bgpd.conf :[...] :peer_ribs = "{ m1, m2, m3 }" :deny rib m2 from any :allow rib $peer_ribs from any prefix { 2001:db8:1::/48, 2001:db8:2::/48 } : :# bgpd -dnv :[...] :deny rib m2 from any :allow rib m3 from any prefix 2001:db8:2::/48 :allow rib m3 from any prefix 2001:db8:1::/48 :allow rib m2 from any prefix 2001:db8:2::/48 :allow rib m2 from any prefix 2001:db8:1::/48 :allow rib m1 from any prefix 2001:db8:2::/48 :allow rib m1 from any prefix 2001:db8:1::/48 : : :Index: parse.y :=== :RCS file: /cvs/src/usr.sbin/bgpd/parse.y,v :retrieving revision 1.295 :diff -u -p -r1.295 parse.y :--- parse.y18 Jan 2017 04:28:45 - 1.295 :+++ parse.y20 Jan 2017 20:15:20 - :@@ -91,6 +91,11 @@ static struct filter_rule *curpeer_filte : static struct filter_rule *curgroup_filter[2]; : static u_int32_t id; : :+struct filter_rib_l { :+ struct filter_rib_l *next; :+ char name[PEER_DESCR_LEN]; :+}; :+ : struct filter_peers_l { : struct filter_peers_l *next; : struct filter_peers p; :@@ -128,8 +133,9 @@ struct rde_rib *find_rib(char *); : intget_id(struct peer *); : intmerge_prefixspec(struct filter_prefix_l *, : struct filter_prefixlen *); :-intexpand_rule(struct filter_rule *, struct filter_peers_l *, :- struct filter_match_l *, struct filter_set_head *); :+intexpand_rule(struct filter_rule *, struct filter_rib_l *, :+ struct filter_peers_l *, struct filter_match_l *, :+ struct filter_set_head *); : intstr2key(char *, char *, size_t); : intneighbor_consistent(struct peer *); : intmerge_filterset(struct filter_set_head *, struct filter_set *); :@@ -153,6 +159,7 @@ typedef struct { : char*string; : struct bgpd_addr addr; : u_int8_t u8; :+ struct filter_rib_l *filter_rib; : struct filter_peers_l *filter_peers; : struct filter_match_lfilter_match; : struct filter_prefix_l *filter_prefix; :@@ -203,10 +210,11 @@ typedef struct { : %type asnumber as4number as4number_any optnumber : %type espah family restart origincode nettype : %type yesno inout restricted :-%type string filter_rib :+%type string : %type address : %type prefix addrspec : %type action quick direction delete :+%type filter_rib_h filter_rib_l filter_rib : %type filter_peer filter_peer_l filter_peer_h : %type filter_match filter_elm filter_match_h : %typefilter_as filter_as_l filter_as_h :@@ -1469,9 +1477,10 @@ encspec : /* nada */{ : } : ; : :-filterrule: action quick filter_rib direction filter_peer_h filter_match_h filter_set :+filterrule: action quick filter_rib_h direction filter_peer_h filter_match_h filter_set : { : struct filter_rule r; :+ struct filter_rib_l *rb, *rbnext; : : bzero(&r, sizeof(r)); : r.action = $1; :@@ -1481,25 +1490,15 @@ filterrule : action quick filter_rib dir : if (r.dir != DIR_IN) { : yyerror("rib only allowed on \"from\" " : "rules."); :- free($3); :- YYERROR; :- } :- if (!find_rib($3)) { :- yyerror("rib \"%s\" does not exist.", :- $3); :- free($3); :- YYERROR; :- } :- if (strlcpy(r.rib, $3, sizeof(r.rib)) >= :- sizeof(r.rib)) { :- yyerror("rib name \"%s\" too long: " :- "max %zu", $3, sizeof(r.rib) - 1); :- free($3); :+ :+ for (rb = $3; rb != NULL; rb = rbnext) { :+ rbnext = rb->next; :+ free(rb); :+ } : YYERROR; :
OpenBGPd: expand rib list (updated for r1.295)
Hello, Here is a patch to expand RIB names in rules. When playing with multi-RIBs, it allows to simplify ruleset. Ex : # cat /etc/bgpd.conf [...] peer_ribs = "{ m1, m2, m3 }" deny rib m2 from any allow rib $peer_ribs from any prefix { 2001:db8:1::/48, 2001:db8:2::/48 } # bgpd -dnv [...] deny rib m2 from any allow rib m3 from any prefix 2001:db8:2::/48 allow rib m3 from any prefix 2001:db8:1::/48 allow rib m2 from any prefix 2001:db8:2::/48 allow rib m2 from any prefix 2001:db8:1::/48 allow rib m1 from any prefix 2001:db8:2::/48 allow rib m1 from any prefix 2001:db8:1::/48 Index: parse.y === RCS file: /cvs/src/usr.sbin/bgpd/parse.y,v retrieving revision 1.295 diff -u -p -r1.295 parse.y --- parse.y 18 Jan 2017 04:28:45 - 1.295 +++ parse.y 20 Jan 2017 20:15:20 - @@ -91,6 +91,11 @@ static struct filter_rule*curpeer_filte static struct filter_rule *curgroup_filter[2]; static u_int32_tid; +struct filter_rib_l { + struct filter_rib_l *next; + char name[PEER_DESCR_LEN]; +}; + struct filter_peers_l { struct filter_peers_l *next; struct filter_peers p; @@ -128,8 +133,9 @@ struct rde_rib *find_rib(char *); int get_id(struct peer *); int merge_prefixspec(struct filter_prefix_l *, struct filter_prefixlen *); -int expand_rule(struct filter_rule *, struct filter_peers_l *, - struct filter_match_l *, struct filter_set_head *); +int expand_rule(struct filter_rule *, struct filter_rib_l *, + struct filter_peers_l *, struct filter_match_l *, + struct filter_set_head *); int str2key(char *, char *, size_t); int neighbor_consistent(struct peer *); int merge_filterset(struct filter_set_head *, struct filter_set *); @@ -153,6 +159,7 @@ typedef struct { char*string; struct bgpd_addr addr; u_int8_t u8; + struct filter_rib_l *filter_rib; struct filter_peers_l *filter_peers; struct filter_match_lfilter_match; struct filter_prefix_l *filter_prefix; @@ -203,10 +210,11 @@ typedef struct { %typeasnumber as4number as4number_any optnumber %typeespah family restart origincode nettype %typeyesno inout restricted -%typestring filter_rib +%typestring %type address %typeprefix addrspec %typeaction quick direction delete +%typefilter_rib_h filter_rib_l filter_rib %type filter_peer filter_peer_l filter_peer_h %type filter_match filter_elm filter_match_h %type filter_as filter_as_l filter_as_h @@ -1469,9 +1477,10 @@ encspec : /* nada */{ } ; -filterrule : action quick filter_rib direction filter_peer_h filter_match_h filter_set +filterrule : action quick filter_rib_h direction filter_peer_h filter_match_h filter_set { struct filter_rule r; + struct filter_rib_l *rb, *rbnext; bzero(&r, sizeof(r)); r.action = $1; @@ -1481,25 +1490,15 @@ filterrule : action quick filter_rib dir if (r.dir != DIR_IN) { yyerror("rib only allowed on \"from\" " "rules."); - free($3); - YYERROR; - } - if (!find_rib($3)) { - yyerror("rib \"%s\" does not exist.", - $3); - free($3); - YYERROR; - } - if (strlcpy(r.rib, $3, sizeof(r.rib)) >= - sizeof(r.rib)) { - yyerror("rib name \"%s\" too long: " - "max %zu", $3, sizeof(r.rib) - 1); - free($3); + + for (rb = $3; rb != NULL; rb = rbnext) { + rbnext = rb->next; + free(rb); + } YYERROR; } - free($3); } - if (expand_rule(&r, $5, &$6, $7) =