diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2010-11-29 17:02:42 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2010-11-29 17:02:42 +0000 |
| commit | 407ea385c1722e231fa5ddb0ac10892a144fc870 (patch) | |
| tree | 449e7aa50e64c909172a4b1685f0c26daec43520 /usr.sbin | |
| parent | 71b46ba7782a17d5727aef137f7891f6c027471f (diff) | |
Deny prefixes that have F_ATTR_PARSE_ERR set by default. Now they
will not leak into the Loc-RIB or other RIBs but act as withdraws.
The invalid prefixes would not been selected anyway but it is better
to keep them out of all RIBs but the Adj-RIB-In.
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/bgpd/rde_filter.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/usr.sbin/bgpd/rde_filter.c b/usr.sbin/bgpd/rde_filter.c index 436526cf471..d641e68596f 100644 --- a/usr.sbin/bgpd/rde_filter.c +++ b/usr.sbin/bgpd/rde_filter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_filter.c,v 1.64 2010/05/17 16:08:20 claudio Exp $ */ +/* $OpenBSD: rde_filter.c,v 1.65 2010/11/29 17:02:41 claudio Exp $ */ /* * Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org> @@ -42,10 +42,10 @@ rde_filter(u_int16_t ribid, struct rde_aspath **new, struct filter_head *rules, if (asp->flags & F_ATTR_PARSE_ERR) /* - * don't try to filter bad updates but let them through + * don't try to filter bad updates just deny them * so they act as implicit withdraws */ - return (action); + return (ACTION_DENY); TAILQ_FOREACH(f, rules, entry) { if (dir != f->dir) |