summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHenning Brauer <henning@cvs.openbsd.org>2007-03-06 16:52:49 +0000
committerHenning Brauer <henning@cvs.openbsd.org>2007-03-06 16:52:49 +0000
commit03de0b8c25b1ebd95a1ada574f7b288e671d1205 (patch)
tree169a8bddd1af1bb7339101010e67a3076eaee2cb
parentd5e1319b22d905661096e8092b359e13ff85d980 (diff)
allow filtering on peer-as (leftmost AS in path), ok claudio
-rw-r--r--usr.sbin/bgpd/bgpd.conf.54
-rw-r--r--usr.sbin/bgpd/bgpd.h3
-rw-r--r--usr.sbin/bgpd/parse.y6
-rw-r--r--usr.sbin/bgpd/printconf.c4
-rw-r--r--usr.sbin/bgpd/rde_attr.c16
5 files changed, 24 insertions, 9 deletions
diff --git a/usr.sbin/bgpd/bgpd.conf.5 b/usr.sbin/bgpd/bgpd.conf.5
index c662a987dfb..87ce323d369 100644
--- a/usr.sbin/bgpd/bgpd.conf.5
+++ b/usr.sbin/bgpd/bgpd.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: bgpd.conf.5,v 1.82 2007/03/04 17:41:40 henning Exp $
+.\" $OpenBSD: bgpd.conf.5,v 1.83 2007/03/06 16:52:48 henning Exp $
.\"
.\" Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
.\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -800,6 +800,8 @@ is one of the following operators:
.Bl -tag -width transmit-as -compact
.It Ic AS
(any part)
+.It Ic peer-as
+(leftmost AS number)
.It Ic source-as
(rightmost AS number)
.It Ic transit-as
diff --git a/usr.sbin/bgpd/bgpd.h b/usr.sbin/bgpd/bgpd.h
index c00aae0377f..7851e448ae9 100644
--- a/usr.sbin/bgpd/bgpd.h
+++ b/usr.sbin/bgpd/bgpd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bgpd.h,v 1.211 2007/01/26 17:40:49 claudio Exp $ */
+/* $OpenBSD: bgpd.h,v 1.212 2007/03/06 16:52:48 henning Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -524,6 +524,7 @@ enum as_spec {
AS_ALL,
AS_SOURCE,
AS_TRANSIT,
+ AS_PEER,
AS_EMPTY
};
diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y
index 74c3ebaee02..2816f6657c9 100644
--- a/usr.sbin/bgpd/parse.y
+++ b/usr.sbin/bgpd/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.200 2007/02/22 08:34:18 henning Exp $ */
+/* $OpenBSD: parse.y,v 1.201 2007/03/06 16:52:48 henning Exp $ */
/*
* Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -163,7 +163,7 @@ typedef struct {
%token QUICK
%token FROM TO ANY
%token CONNECTED STATIC
-%token PREFIX PREFIXLEN SOURCEAS TRANSITAS COMMUNITY DELETE
+%token PREFIX PREFIXLEN SOURCEAS TRANSITAS PEERAS COMMUNITY DELETE
%token SET LOCALPREF MED METRIC NEXTHOP REJECT BLACKHOLE NOMODIFY SELF
%token PREPEND_SELF PREPEND_PEER PFTABLE WEIGHT RTLABEL
%token ERROR INCLUDE
@@ -1293,6 +1293,7 @@ prefixlenop : unaryop number {
filter_as_type : AS { $$ = AS_ALL; }
| SOURCEAS { $$ = AS_SOURCE; }
| TRANSITAS { $$ = AS_TRANSIT; }
+ | PEERAS { $$ = AS_PEER; }
;
filter_set : /* empty */ { $$ = NULL; }
@@ -1660,6 +1661,7 @@ lookup(char *s)
{ "out", OUT},
{ "passive", PASSIVE},
{ "password", PASSWORD},
+ { "peer-as", PEERAS},
{ "pftable", PFTABLE},
{ "prefix", PREFIX},
{ "prefixlen", PREFIXLEN},
diff --git a/usr.sbin/bgpd/printconf.c b/usr.sbin/bgpd/printconf.c
index 19d22539b5b..f335c7a6322 100644
--- a/usr.sbin/bgpd/printconf.c
+++ b/usr.sbin/bgpd/printconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: printconf.c,v 1.59 2006/12/05 12:08:13 henning Exp $ */
+/* $OpenBSD: printconf.c,v 1.60 2007/03/06 16:52:48 henning Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -467,6 +467,8 @@ print_rule(struct peer *peer_l, struct filter_rule *r)
printf("source-as %u ", r->match.as.as);
else if (r->match.as.type == AS_TRANSIT)
printf("transit-as %u ", r->match.as.as);
+ else if (r->match.as.type == AS_PEER)
+ printf("peer-as %u ", r->match.as.as);
else
printf("unfluffy-as %u ", r->match.as.as);
}
diff --git a/usr.sbin/bgpd/rde_attr.c b/usr.sbin/bgpd/rde_attr.c
index 290e29dcb79..eaf692f5a9a 100644
--- a/usr.sbin/bgpd/rde_attr.c
+++ b/usr.sbin/bgpd/rde_attr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rde_attr.c,v 1.69 2007/02/22 08:34:18 henning Exp $ */
+/* $OpenBSD: rde_attr.c,v 1.70 2007/03/06 16:52:48 henning Exp $ */
/*
* Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
@@ -671,7 +671,7 @@ int
aspath_match(struct aspath *a, enum as_spec type, u_int16_t as)
{
u_int8_t *seg;
- int final;
+ int final, first;
u_int16_t len, seg_size;
u_int8_t i, seg_type, seg_len;
@@ -683,6 +683,7 @@ aspath_match(struct aspath *a, enum as_spec type, u_int16_t as)
}
final = 0;
+ first = 1;
seg = a->data;
for (len = a->len; len > 0; len -= seg_size, seg += seg_size) {
seg_type = seg[0];
@@ -695,9 +696,14 @@ aspath_match(struct aspath *a, enum as_spec type, u_int16_t as)
/* not yet in the final segment */
continue;
- for (i = 0; i < seg_len; i++)
+ for (i = 0; i < seg_len; i++) {
if (as == aspath_extract(seg, i)) {
- if (final && i + 1 >= seg_len)
+ if (type == AS_PEER) {
+ if (first)
+ return (1);
+ else
+ return (0);
+ } else if (final && i + 1 >= seg_len)
/* the final (rightmost) as */
if (type == AS_TRANSIT)
return (0);
@@ -706,6 +712,8 @@ aspath_match(struct aspath *a, enum as_spec type, u_int16_t as)
else if (type != AS_SOURCE)
return (1);
}
+ first = 0;
+ }
}
return (0);
}