summaryrefslogtreecommitdiff
path: root/usr.sbin/bgpd
AgeCommit message (Collapse)Author
2015-10-27calloc -> malloc when the memory is immediately overwritten with memcpy.mmcc
ok claudio@
2015-10-25Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent andClaudio Jeker
imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
2015-10-25Only run the rib_dump_runner() if there is something pending and theClaudio Jeker
control socket has not many messages queued.
2015-10-24"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argumentSebastian Benoit
to work. send an error if none is given. ok claudio@
2015-10-24Introduce msgtypenames to print bgp msg types (which will be used by bgpctl)Claudio Jeker
2015-10-24In all other cases of rde_filter_match() we ensure that asp is valid soClaudio Jeker
do it here as well.
2015-10-24seg_type is only set but never used. So remove it. Someone reported thisClaudio Jeker
long time ago.
2015-10-22Revert revision 1.282:Reyk Floeter
"Allow for empty blocks for peers. While this is bad style for permant use, this is very nice to temporarily disable a peer option." This broke the grammar by introducing shift/reduce errors. OK phessler@
2015-10-22If we receive an empty route message, log it and ignore it. HappensPeter Hessler
occasionally on FreeBSD. from Melissa Jenkins OK claudio@, florian@, benno@
2015-10-17Do no accept fds on the control socket; including the restricted socket.Reyk Floeter
OK gilles@ eric@
2015-10-11standardize a community that has been independently created by nearlyPeter Hessler
every single AS on the planet: the blackhole OK benno@, claudio@, sthen@
2015-10-11some peers are following an expired draft RFC and are sending "unknown"Peter Hessler
error codes to OPEN messages. make them "known", and show them. OK benno@, claudio@, sthen@
2015-10-09Change all tame callers to namechange to pledge(2).Theo de Raadt
2015-10-07In theory, bgpd should be happy with tame "stdio unix route recvfd".Theo de Raadt
Let's hear from people's experiences by commiting it.
2015-10-07use fatal() instead of err(); from bennoTheo de Raadt
2015-10-06Move from tame "cmsg" to tame "sendfd" or "recvfd", depending on whichTheo de Raadt
way the process moves fd's.
2015-10-05tame "stdio inet cmsg" should work well in the session engine.Theo de Raadt
ok benno
2015-09-21sort;Jason McIntyre
2015-09-21Let us log all updates sent from an individual peer. Since this can bePeter Hessler
applied to a group, also let us disable logging on a sub-member of the group. Very handy for debugging naughty peers on a router with multiple peers. OK benno@
2015-09-21Allow for empty blocks for peers. While this is bad style for permantPeter Hessler
use, this is very nice to temporarily disable a peer option. OK sthen@ benno@
2015-09-19Use correct function name in error messageClaudio Jeker
2015-09-16Another ifmedia64 fix, this time for bgpd's ift2ifm().Stefan Sperling
And rename struct kif's media_type to if_type to avoid confusion with ifmedia's media type. Same rename in other daemons will follow. ok claudio henning benno
2015-09-13explicit_bzero() from Michael McConville, thanks!Florian Obser
OK claudio
2015-08-30rename a variable "err" to "error"Theo de Raadt
2015-08-20stdlib.h is in scope; do not cast malloc/calloc/realloc*Theo de Raadt
ok millert krw
2015-08-04Give more precise errors, to help track when bgpd quitsPeter Hessler
OK florian@ benno@ sthen@ deraadt@
2015-07-20Make bgpd execute the RDE and session engine process instead of just forking.Claudio Jeker
This way ASLR and stack cookies are per process. With input from benno@ and deraadt@ OK benno@
2015-07-19knock out "Ns Li" before colons - the Li was being ignored anyway, and iJason McIntyre
don;t think the colon needs marked up.
2015-07-19clarify how inet|inet6 work in filtersSebastian Benoit
mofified version by jmc@, ok phessler@ and claudio@ is fine with it (but notes that the details are more complicated)
2015-07-18give bgpd's fatal() varargs and use it to instrument bgpd fatal()Sebastian Benoit
calls to aid in debugging henning@ "makes sense to me", sthen@ "yes please", ok phessler@
2015-07-17Only filter RTF_LLINFO or RTF_BROADCAST routes out but not RTF_LOCAL onesClaudio Jeker
since we need those for loopback and point-to-point interfaces. OK mpi@
2015-07-16Next round of config cleanup. Move various lists into the bgpd_config struct.Claudio Jeker
This is the next step to better split parsing and merging the config. OK benno@
2015-07-16fix pasto in error stringBret Lambert
ok claudio@
2015-07-08Check for RTF_CONNECTED to track interface (connected) routes.Martin Pieuchot
Make bgpd(8) properly handle interface routes since they no longer have a "gateway" sockaddr of type AF_LINK. Regression reported by <mxb AT alumni DOT chalmers DOT se> and benno@ While here document traditional BSD connected route assumption. ok claudio@, benno@
2015-06-21There is a race between sending notifications to the SE and getting a newClaudio Jeker
peer_up event in the RDE. This can be triggered by graceful restart. So remove the panic and replace it with roughly what peer_down does. OK phessler and henning
2015-06-19show the number of (currently) known prefixes and the max-prefix limit,Peter Hessler
when we terminate the session. since we terminate the session as soon as we go above the limit, show '>' since there may be more that we haven't/won't process. OK benno@
2015-04-26mlarkin asks "bgpctl checks the length of the control socket path toSebastian Benoit
make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit" Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
2015-04-25allow us to write rules that match directly on the peer ASPeter Hessler
... allow from AS 1 prefix 192.0.2.0/24 ... Also adjust the IRR ruleset output to include the declared peer AS, instead of hoping they listed their neighbor IP address! OK benno@ older version OK: claudio@ henning@
2015-03-14rename rde_free_filter() to filterlist_free() and start using it outsideClaudio Jeker
of the RDE to free the filterlists. Also refactor common code to merge filterlists into its own function. Makes the code look nicer.
2015-03-14Move the command line options (mainly -d and -v) out of struct bgpd_configClaudio Jeker
into a own flag field since these can't be modified via a config reload. OK henning@ benno@ before lock
2015-03-14Move the code that adjust FIB priority when changed during a config reloadClaudio Jeker
from the parsing function to the merge_config function where it belongs. OK henning@ benno@ before lock
2015-02-28Reduce usage of predefined strings in manpages.Anthony J. Bentley
Predefined strings are not very portable across troff implementations, and they make the source much harder to read. Usually the intended character can be written directly. No output changes, except for two instances where the incorrect escape was used in the first place. tweaks + ok schwarze@
2015-02-11Use sizeof(u_short) in the first check since there are RT messages thatClaudio Jeker
are less then sizeof(*rtm) bytes long (e.g. interface announcements). Found the hard way by phessler@
2015-02-10Make also the special sockets SOCK_NONBLOCK. For the routing socket addClaudio Jeker
a trigger for the case that not a full message has been read. Should not be possible but lets see if this triggers somewhen. With and OK henning@
2015-02-09Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC orClaudio Jeker
SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
2015-01-21Include <netinet/in.h> before <net/pfvar.h>. In a future change whenTheo de Raadt
ports is ready, <net/pfvar.h> will stop including a pile of balony.
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
2014-12-18two more uses of siphash. better hash for ipv4. maybe not needed for rbtreeTed Unangst
hint, but still pretty. ok deraadt
2014-12-12convert some hash tables (the easy ones) to siphash. ok benno.Ted Unangst
2014-12-04replace an overlapping memcpy with memmove, ok deraadt teduStuart Henderson