diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2008-09-29 14:03:42 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2008-09-29 14:03:42 +0000 |
| commit | 14645610d64e478a32fccefbeba75403391a9489 (patch) | |
| tree | a3078edeca38e95a67544542779d7a9117d30a45 /usr.sbin/bgpd | |
| parent | f9c41637927e81b81bf3a53975112d28ba7ef3ef (diff) | |
Correct the logic when matching prefixes. This solves issues where IPv6
prefixes where matched on a simple deny from any prefix 0.0.0.0/0 rule.
OK henning@
Diffstat (limited to 'usr.sbin/bgpd')
| -rw-r--r-- | usr.sbin/bgpd/rde_filter.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/usr.sbin/bgpd/rde_filter.c b/usr.sbin/bgpd/rde_filter.c index 526756dc00e..f3c40e253bd 100644 --- a/usr.sbin/bgpd/rde_filter.c +++ b/usr.sbin/bgpd/rde_filter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_filter.c,v 1.54 2008/06/15 10:19:21 claudio Exp $ */ +/* $OpenBSD: rde_filter.c,v 1.55 2008/09/29 14:03:41 claudio Exp $ */ /* * Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org> @@ -283,8 +283,11 @@ rde_filter_match(struct filter_rule *f, struct rde_aspath *asp, return (0); } - if (f->match.prefix.addr.af != 0 && - f->match.prefix.addr.af == prefix->af) { + if (f->match.prefix.addr.af != 0) { + if (f->match.prefix.addr.af != prefix->af) + /* don't use IPv4 rules for IPv6 and vice versa */ + return (0); + if (prefix_compare(prefix, &f->match.prefix.addr, f->match.prefix.len)) return (0); |