Age | Commit message (Collapse) | Author | |
---|---|---|---|
2004-10-19 | allow neighbor definitions to depend on interface state. | Henning Brauer | |
with this, if a neighbor is configured as dependent on carp0 for example, the neighbor will remain in state IDLE as long as carp0 is not master. once carp0 becomes master the session(s) depending on it immediately go to CONNECT (or ACTIVE, if they're configured passive), reducing failover time. claudio ok, with some input from ryan as well | |||
2004-09-28 | Add prepend-neighbor feature. Prepend the remote-as n times similar to | Claudio Jeker | |
prepend-self. Only for incomming UPDATEs. OK henning@ | |||
2004-08-24 | don't do the pftable_exists() check if we are running -n, needs root | Henning Brauer | |
2004-08-24 | correctly inherit conf->opts from xconf->opts in parse_config(), | Henning Brauer | |
foudn by claudio | |||
2004-08-24 | back out rev. 1.136. I commited that unintentionally and it does not work | Claudio Jeker | |
without other nastier changes in parse.y. | |||
2004-08-20 | Grrr. copy paste error. Dump MED and not local-pref. OK henning@ | Claudio Jeker | |
2004-08-20 | foobar-AS -> foobar-as as already done in some places. mIXeD cASe keywords | Claudio Jeker | |
are not fluffy. OK henning@ | |||
2004-08-17 | Merge set constructs in neighbor statements. This fixes a common problem: | Claudio Jeker | |
previous sets were cleared by the last one. OK henning@ | |||
2004-08-13 | Fix minor issues with IPv6 dumps and add a function for dumping the RIB table | Claudio Jeker | |
protocol independent. This new dump format is not (yet) supported by the mrtd route_btoa tool. OK henning@ | |||
2004-08-10 | switch nexthop in struct filter_set form struct in_addr to struct bgpd_addr | Claudio Jeker | |
OK henning@ | |||
2004-08-05 | tab at EOL | Claudio Jeker | |
2004-08-03 | deny hilarious prepends. OK henning@ | Claudio Jeker | |
2004-08-02 | Fix a possible mem leak and add a missing yyerror(). OK henning@ | Claudio Jeker | |
2004-07-30 | Add new announce type "default-route" which will only announce the default | Claudio Jeker | |
route to the specified neighbor. Idea and OK henning@ | |||
2004-07-28 | allow "set metric" as synonym for "set med", from discussion with & ok claudio | Henning Brauer | |
2004-07-28 | allow prefix lists inside prefix lists | Henning Brauer | |
2004-07-28 | allow AS lists inside AS lists | Henning Brauer | |
2004-07-28 | prevent the filter elements from beeing given more than once | Henning Brauer | |
2004-07-28 | add list expansion for AS in filter rules | Henning Brauer | |
actually, it's list expansion on steroids, this works: deny from any { source-AS { 3320 852 } AS { 4589 174 } } | |||
2004-07-28 | rework the filter_match production and everything below - fixes | Henning Brauer | |
a couple of bugs | |||
2004-07-27 | add support for {} expansion for prefix in the filter rules, claudio ok | Henning Brauer | |
2004-07-27 | suport macro expansion for peer spec in filter rules | Henning Brauer | |
things like deny from { $peer1 $peer2 } prefix 192.168.0.0/16 are now possible. | |||
2004-07-13 | fix some typos | Jared Yanovich | |
ok henning otto | |||
2004-07-05 | implement "set nexthop blackhole" and "set nexthop reject" | Henning Brauer | |
blackhole/reject routes will be entered to the kernel for matching ones. this is intended to be used with the Cymru Bogon Route Server Project (http://www.cymru.com/BGP/bogon-rs.html) and similar services, claudio ok | |||
2004-07-03 | Switch mrt dumping to fd passing. This gives some speed up when extensive | Claudio Jeker | |
dumping is done. Acctually mrt dumps were broken because of the fd passing. The nice side effect is a much cleaner code, especially in the parent process. OK henning@ | |||
2004-06-23 | Support rfc 3765 which adds a new well known community NOPEER. OK henning@ | Claudio Jeker | |
2004-06-20 | at least somewhat consistently name the TAILQ_ENTRYs... this confused me | Henning Brauer | |
more than once | |||
2004-06-08 | fix a few memory leaks in error paths and one in the pftable path, | Henning Brauer | |
and simplyfy the prefix production error handling slightly from Mr. Memleak Terminator Patrick Latifi <pat@eyeo.org>, kickass! | |||
2004-06-06 | rework bgpd's handling of listening sockets. instead of one for each | Henning Brauer | |
supported address familiy, keep a tailq of an arbitary number of them. the new struct listen_addr contains the sockaddr and the fd. this fixes quite some nasty behaviour which was a consequence of the previous model. looks right deraadt@, and discussed with claudio | |||
2004-05-21 | RFC 2796 bgp route reflector support. This is very useful in conjunction | Claudio Jeker | |
with templates. looks good, go for it henning@ | |||
2004-05-17 | extend filter language to allow basic setting of COMMUNITIES attribute. | Damien Miller | |
ok claudio@ | |||
2004-05-08 | off by one in key too long detection | Henning Brauer | |
2004-05-08 | fix redefinition detection with manual keyes ipsec | Henning Brauer | |
2004-05-08 | with manual keyed ipsec, we need keys and spis for both directions - | Henning Brauer | |
enforce that | |||
2004-05-08 | KNF | Henning Brauer | |
2004-05-08 | break out the consistency checking for neighbors in its own function, | Henning Brauer | |
and verify that peers with ipsec have local-address specified (needed to set up the flows...) | |||
2004-05-08 | allow for neighbor statements without { parameters } block; everything | Henning Brauer | |
can be inherited from the group | |||
2004-05-08 | add support for ipsec ah with manual keys, pfkey part already does so, and | Henning Brauer | |
flesh parser out a bit. also add support for printing ipsec ah with manual keys in printconf | |||
2004-05-08 | factor out the string -> key conversion code used for md5sig and twice for ipsec | Henning Brauer | |
2004-05-07 | add a filter option to dump prefixes learned in UPDATEs into a PF table, | Damien Miller | |
intended for building realtime BGP blacklists (e.g. with spamd); ok claudio & henning | |||
2004-05-06 | we need a seperate field for the md5 key len, can't use strlen, noticed | Henning Brauer | |
by markus some time ago | |||
2004-05-04 | Correctly plug the memory leak and fix a error message. | Claudio Jeker | |
2004-04-30 | plug memory leaks; henning ok | Theo de Raadt | |
2004-04-30 | spelling | Theo de Raadt | |
2004-04-29 | sock -> fd; ok henning | Theo de Raadt | |
2004-04-28 | FILE * leak; henning ja ja ja ja | Theo de Raadt | |
2004-04-28 | allow ah/esp spec with IKE, markus ok | Henning Brauer | |
2004-04-28 | prevent multiple auth methods to be specified | Henning Brauer | |
2004-04-28 | prefix the auth related defines by AUTH_, we had a name clash, markus ok | Henning Brauer | |
2004-04-27 | set conf.auth.methodod for md5, too | Markus Friedl | |