summaryrefslogtreecommitdiff
path: root/usr.sbin/bgpd/parse.y
AgeCommit message (Collapse)Author
2004-10-19allow neighbor definitions to depend on interface state.Henning Brauer
with this, if a neighbor is configured as dependent on carp0 for example, the neighbor will remain in state IDLE as long as carp0 is not master. once carp0 becomes master the session(s) depending on it immediately go to CONNECT (or ACTIVE, if they're configured passive), reducing failover time. claudio ok, with some input from ryan as well
2004-09-28Add prepend-neighbor feature. Prepend the remote-as n times similar toClaudio Jeker
prepend-self. Only for incomming UPDATEs. OK henning@
2004-08-24don't do the pftable_exists() check if we are running -n, needs rootHenning Brauer
2004-08-24correctly inherit conf->opts from xconf->opts in parse_config(),Henning Brauer
foudn by claudio
2004-08-24back out rev. 1.136. I commited that unintentionally and it does not workClaudio Jeker
without other nastier changes in parse.y.
2004-08-20Grrr. copy paste error. Dump MED and not local-pref. OK henning@Claudio Jeker
2004-08-20foobar-AS -> foobar-as as already done in some places. mIXeD cASe keywordsClaudio Jeker
are not fluffy. OK henning@
2004-08-17Merge set constructs in neighbor statements. This fixes a common problem:Claudio Jeker
previous sets were cleared by the last one. OK henning@
2004-08-13Fix minor issues with IPv6 dumps and add a function for dumping the RIB tableClaudio Jeker
protocol independent. This new dump format is not (yet) supported by the mrtd route_btoa tool. OK henning@
2004-08-10switch nexthop in struct filter_set form struct in_addr to struct bgpd_addrClaudio Jeker
OK henning@
2004-08-05tab at EOLClaudio Jeker
2004-08-03deny hilarious prepends. OK henning@Claudio Jeker
2004-08-02Fix a possible mem leak and add a missing yyerror(). OK henning@Claudio Jeker
2004-07-30Add new announce type "default-route" which will only announce the defaultClaudio Jeker
route to the specified neighbor. Idea and OK henning@
2004-07-28allow "set metric" as synonym for "set med", from discussion with & ok claudioHenning Brauer
2004-07-28allow prefix lists inside prefix listsHenning Brauer
2004-07-28allow AS lists inside AS listsHenning Brauer
2004-07-28prevent the filter elements from beeing given more than onceHenning Brauer
2004-07-28add list expansion for AS in filter rulesHenning Brauer
actually, it's list expansion on steroids, this works: deny from any { source-AS { 3320 852 } AS { 4589 174 } }
2004-07-28rework the filter_match production and everything below - fixesHenning Brauer
a couple of bugs
2004-07-27add support for {} expansion for prefix in the filter rules, claudio okHenning Brauer
2004-07-27suport macro expansion for peer spec in filter rulesHenning Brauer
things like deny from { $peer1 $peer2 } prefix 192.168.0.0/16 are now possible.
2004-07-13fix some typosJared Yanovich
ok henning otto
2004-07-05implement "set nexthop blackhole" and "set nexthop reject"Henning Brauer
blackhole/reject routes will be entered to the kernel for matching ones. this is intended to be used with the Cymru Bogon Route Server Project (http://www.cymru.com/BGP/bogon-rs.html) and similar services, claudio ok
2004-07-03Switch mrt dumping to fd passing. This gives some speed up when extensiveClaudio Jeker
dumping is done. Acctually mrt dumps were broken because of the fd passing. The nice side effect is a much cleaner code, especially in the parent process. OK henning@
2004-06-23Support rfc 3765 which adds a new well known community NOPEER. OK henning@Claudio Jeker
2004-06-20at least somewhat consistently name the TAILQ_ENTRYs... this confused meHenning Brauer
more than once
2004-06-08fix a few memory leaks in error paths and one in the pftable path,Henning Brauer
and simplyfy the prefix production error handling slightly from Mr. Memleak Terminator Patrick Latifi <pat@eyeo.org>, kickass!
2004-06-06rework bgpd's handling of listening sockets. instead of one for eachHenning Brauer
supported address familiy, keep a tailq of an arbitary number of them. the new struct listen_addr contains the sockaddr and the fd. this fixes quite some nasty behaviour which was a consequence of the previous model. looks right deraadt@, and discussed with claudio
2004-05-21RFC 2796 bgp route reflector support. This is very useful in conjunctionClaudio Jeker
with templates. looks good, go for it henning@
2004-05-17extend filter language to allow basic setting of COMMUNITIES attribute.Damien Miller
ok claudio@
2004-05-08off by one in key too long detectionHenning Brauer
2004-05-08fix redefinition detection with manual keyes ipsecHenning Brauer
2004-05-08with manual keyed ipsec, we need keys and spis for both directions -Henning Brauer
enforce that
2004-05-08KNFHenning Brauer
2004-05-08break out the consistency checking for neighbors in its own function,Henning Brauer
and verify that peers with ipsec have local-address specified (needed to set up the flows...)
2004-05-08allow for neighbor statements without { parameters } block; everythingHenning Brauer
can be inherited from the group
2004-05-08add support for ipsec ah with manual keys, pfkey part already does so, andHenning Brauer
flesh parser out a bit. also add support for printing ipsec ah with manual keys in printconf
2004-05-08factor out the string -> key conversion code used for md5sig and twice for ipsecHenning Brauer
2004-05-07add a filter option to dump prefixes learned in UPDATEs into a PF table,Damien Miller
intended for building realtime BGP blacklists (e.g. with spamd); ok claudio & henning
2004-05-06we need a seperate field for the md5 key len, can't use strlen, noticedHenning Brauer
by markus some time ago
2004-05-04Correctly plug the memory leak and fix a error message.Claudio Jeker
2004-04-30plug memory leaks; henning okTheo de Raadt
2004-04-30spellingTheo de Raadt
2004-04-29sock -> fd; ok henningTheo de Raadt
2004-04-28FILE * leak; henning ja ja ja jaTheo de Raadt
2004-04-28allow ah/esp spec with IKE, markus okHenning Brauer
2004-04-28prevent multiple auth methods to be specifiedHenning Brauer
2004-04-28prefix the auth related defines by AUTH_, we had a name clash, markus okHenning Brauer
2004-04-27set conf.auth.methodod for md5, tooMarkus Friedl