Re: bgpd.conf macros on 5.5 and up

Tue, 03 Feb 2015 08:49:33 -0800 

Hi all,

Here is a patch to revert back to 5.4 behaviour so the manual example with
braces works again :

# cat /etc/bgpd.conf                                                            
                                                                                
                  
AS 65001
router-id 10.0.0.1

neighbor 10.0.2.0 {
        remote-as       65004
        descr           upstream2
        local-address   10.0.0.8
        ipsec ah ike
}

deny from any prefix { 192.168.0.0/16, 10.0.0.0/8 or-longer }
good="{ 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"
bad="{ 224.0.0.0/4 prefixlen >= 4, 240.0.0.0/4 prefixlen >= 4 }"
ugly="{ 127.0.0.1/8, 169.254.0.0/16 }"
deny from any prefix { $good $bad $ugly }


# bgpd -dnv
good = "{ 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"
bad = "{ 224.0.0.0/4 prefixlen >= 4, 240.0.0.0/4 prefixlen >= 4 }"
ugly = "{ 127.0.0.1/8, 169.254.0.0/16 }"
AS 65001
router-id 10.0.0.1
socket "/var/run/bgpd.sock"
holdtime min 3
fib-priority 48


rde rib Adj-RIB-In no evaluate
rde rib Loc-RIB rtable 0 fib-update yes


neighbor 10.0.2.0 {
        descr "upstream2"
        remote-as 65004
        local-address 10.0.0.8
        announce self
        enforce neighbor-as yes
        ipsec ah ike
        announce IPv4 unicast
        softreconfig in yes
        softreconfig out yes
}

deny from any prefix 10.0.0.0/8 prefixlen >= 8 
deny from any prefix 192.168.0.0/16 
deny from any prefix 10.0.0.0/8 
deny from any prefix 172.16.0.0/12 
deny from any prefix 192.168.0.0/16 
deny from any prefix 240.0.0.0/4 prefixlen >= 4 
deny from any prefix 224.0.0.0/4 prefixlen >= 4 
deny from any prefix 169.254.0.0/16 
deny from any prefix 127.0.0.1/8 


Index: parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/parse.y,v
retrieving revision 1.275
diff -u -p -r1.275 parse.y
--- parse.y     20 Nov 2014 05:51:20 -0000      1.275
+++ parse.y     3 Feb 2015 16:39:40 -0000
@@ -211,7 +211,8 @@ typedef struct {
 %type  <v.prefixlen>           prefixlenop
 %type  <v.filter_set>          filter_set_opt
 %type  <v.filter_set_head>     filter_set filter_set_l
-%type  <v.filter_prefix>       filter_prefix filter_prefix_l filter_prefix_h
+%type  <v.filter_prefix>       filter_prefix filter_prefix_l 
+%type  <v.filter_prefix>       filter_prefix_h filter_prefix_m
 %type  <v.u8>                  unaryop binaryop filter_as_type
 %type  <v.encspec>             encspec
 %%
@@ -1518,10 +1519,23 @@ filter_prefix_h : IPV4 prefixlenop
{
                        }
                }
                | PREFIX filter_prefix                  { $$ = $2; }
-               | PREFIX '{' filter_prefix_l '}'        { $$ = $3; }
+               | PREFIX '{' filter_prefix_m '}'        { $$ = $3; }
                ;
 
-filter_prefix_l        : filter_prefix                         { $$ = $1; }
+filter_prefix_m        : filter_prefix_l
+               | '{' filter_prefix_l '}'               { $$ = $2; }
+               | '{' filter_prefix_l '}' filter_prefix_m
+               {
+                       struct filter_prefix_l  *p;
+
+                       /* merge, both can be lists */
+                       for (p = $2; p != NULL && p->next != NULL; p = p->next)
+                               ;       /* nothing */
+                       if (p != NULL)
+                               p->next = $4;
+                       $$ = $2;
+               }
+filter_prefix_l        : filter_prefix                 { $$ = $1; }
                | filter_prefix_l comma filter_prefix   {
                        $3->next = $1;
                        $$ = $3;

Reply via email to