Re: Deleting unallowed communities
On Mon, Sep 13, 2010 at 07:57:49PM +0300, Alexander Shikoff wrote: > > There is a bug in community set delete. Try attached patch to fix it. > Thank you very much! This patch fixes a problem. > Ondrej, do you plan to implement invertion of community lists? Not invertion of community lists, but perhaps invertion of (pair) sets. I am not sure. Just implementing set invertion should not be hard, but question is how to integrate it into filter language grammar (as it is not just a operator like add/delete, it must be done in config-read-time to be fast enough. Perhaps some new set syntax ... . -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: Deleting unallowed communities
On Sat, Sep 11, 2010 at 08:17:49PM +0200, Ondrej Zajicek wrote: > On Tue, Sep 07, 2010 at 01:50:58PM +0300, Alexander Shikoff wrote: > > > This code works for me. > > > > > > This is a recent feature, perhaps you are using an old version of BIRD. > > > Try version 1.2.4 . > > I'm using 1.2.4. > > > > Where do you call a function from? In my configuration it is called from > > filter: > > ... > > > Error is the same: Sep 7 13:45:58 crete bird: filters, line 37: Can't > > add/delete non-pair > > Hello > > There is a bug in community set delete. Try attached patch to fix it. Thank you very much! This patch fixes a problem. Ondrej, do you plan to implement invertion of community lists? -- MINO-RIPE
Re: Deleting unallowed communities
On Tue, Sep 07, 2010 at 01:50:58PM +0300, Alexander Shikoff wrote: > > This code works for me. > > > > This is a recent feature, perhaps you are using an old version of BIRD. > > Try version 1.2.4 . > I'm using 1.2.4. > > Where do you call a function from? In my configuration it is called from > filter: ... > Error is the same: Sep 7 13:45:58 crete bird: filters, line 37: Can't > add/delete non-pair Hello There is a bug in community set delete. Try attached patch to fix it. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." diff -uprN bird-1.2.4-o/filter/filter.c bird-1.2.4/filter/filter.c --- bird-1.2.4-o/filter/filter.c 2010-08-03 17:44:51.0 +0200 +++ bird-1.2.4/filter/filter.c 2010-09-11 20:08:48.0 +0200 @@ -919,6 +919,9 @@ interpret(struct f_inst *what) runtime("Can't add/delete to non-clist"); struct f_val dummy; +u16 op = what->aux; +i = 0; + if ((v2.type == T_PAIR) || (v2.type == T_QUAD)) i = v2.val.i; #ifndef IPV6 @@ -926,13 +929,13 @@ interpret(struct f_inst *what) else if (v2.type == T_IP) i = ipa_to_u32(v2.val.px.ip); #endif -else if ((v2.type == T_SET) && (what->aux == 'd') && clist_set_type(v2.val.t, &dummy)) - what->aux = 'D'; +else if ((v2.type == T_SET) && (op == 'd') && clist_set_type(v2.val.t, &dummy)) + op = 'D'; else runtime("Can't add/delete non-pair"); res.type = T_CLIST; -switch (what->aux) { +switch (op) { case 'a': res.val.ad = int_set_add(f_pool, v1.val.ad, i); break; case 'd': res.val.ad = int_set_del(f_pool, v1.val.ad, i); break; case 'D': res.val.ad = clist_del_matching(f_pool, v1.val.ad, v2.val.t); break; signature.asc Description: Digital signature
Re: Deleting unallowed communities
On Tue, Sep 07, 2010 at 01:50:58PM +0300, Alexander Shikoff wrote: > > This code works for me. > > > > This is a recent feature, perhaps you are using an old version of BIRD. > > Try version 1.2.4 . > I'm using 1.2.4. > > Where do you call a function from? In my configuration it is called from > filter: I pasted function check_community() to the test.conf in BIRD source (filters/test.conf) and called it from function paths() on variable l just before: print "Community list (1,2) ", l; Could you send me your complete config file to test it? -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 08:28:47PM +0200, Ondrej Zajicek wrote: > > But there is another issue: > > > > function check_community (clist c) > > pair set wrong; > > { > > wrong = [ > > (0,0)..(0,25371), > > (0,25373)..(0,31209), > > (0,31211)..(31209,65535), > > (31210,0)..(31210,25371), > > (31210,25373)..(31210,65535), > > (31211,0)..(65535,65281), > > (65535,65283)..(65535,65535) > > ]; > > c = delete(c,wrong); > > print c; > > } > > > > bird reports in log file: > > Sep 6 20:26:38 crete bird: filters, line 37: Can't add/delete non-pair > > This code works for me. > > This is a recent feature, perhaps you are using an old version of BIRD. > Try version 1.2.4 . I'm using 1.2.4. Where do you call a function from? In my configuration it is called from filter: function check_community (clist c) pair set wrong; { wrong = [ (0,0)..(0,25371), (0,25373)..(0,31209), (0,31211)..(31209,65535), (31210,0)..(31210,25371), (31210,25373)..(31210,65535), (31211,0)..(65535,65281), (65535,65283)..(65535,65535) ]; c = delete(c,wrong); print c; } # filter flt_itcons_i prefix set plist; { check_community(bgp_community); plist = [ 194.247.174.0/23, 91.200.192.0/22, 109.68.40.0/21, 91.197.128.0/24, 91.197.129.0/24, 91.197.131.0/24, 91.197.128.0/23 ]; if net ~ plist then accept; else reject; } bird still reports error: Sep 7 13:45:58 crete bird: filters, line 37: Can't add/delete non-pair Also I tried fillowing config: function check_community () pair set wrong; { wrong = [ (0,0)..(0,25371), (0,25373)..(0,31209), (0,31211)..(31209,65535), (31210,0)..(31210,25371), (31210,25373)..(31210,65535), (31211,0)..(65535,65281), (65535,65283)..(65535,65535) ]; bgp_community.delete(wrong); print bgp_community; } filter flt_itcons_i prefix set plist; { check_community(); plist = [ 194.247.174.0/23, 91.200.192.0/22, 109.68.40.0/21, 91.197.128.0/24, 91.197.129.0/24, 91.197.131.0/24, 91.197.128.0/23 ]; if net ~ plist then accept; else reject; } Error is the same: Sep 7 13:45:58 crete bird: filters, line 37: Can't add/delete non-pair -- MINO-RIPE
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 08:34:39PM +0300, Alexander Shikoff wrote: > > c.delete(wrong); > > > > I tried both c.delete(wrong) and delete(c,wrong) - the result is the same: > > syntax error. > > ok, I got it: c = delete(c,wrong); did make the error to dissapear. Yes, either (for any clist c): c = delete(c,wrong); or bgp_community.delete(wrong); But the second form works only for bgp_community attribute. 'wrong' should be declared as pair set, not as clist. > But there is another issue: > > function check_community (clist c) > pair set wrong; > { > wrong = [ > (0,0)..(0,25371), > (0,25373)..(0,31209), > (0,31211)..(31209,65535), > (31210,0)..(31210,25371), > (31210,25373)..(31210,65535), > (31211,0)..(65535,65281), > (65535,65283)..(65535,65535) > ]; > c = delete(c,wrong); > print c; > } > > bird reports in log file: > Sep 6 20:26:38 crete bird: filters, line 37: Can't add/delete non-pair This code works for me. This is a recent feature, perhaps you are using an old version of BIRD. Try version 1.2.4 . -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 08:18:06PM +0300, Alexander Shikoff wrote: > On Mon, Sep 06, 2010 at 07:00:58PM +0200, Ondrej Zajicek wrote: > > On Mon, Sep 06, 2010 at 07:45:15PM +0300, Alexander Shikoff wrote: > > > Hello, > > > > > > is it possible in filter to delete all communities except ones which > > > are stored in pre-defined list? > > > > It is possible to do that, but you have to manually invert the list > > of communities. For example instead of a list of allowed communities: > > > > [(123,100), (456,200), (789,300)] > > > > you would use a list of rejected communities: > > > > [(0,0)..(123,99), (123,101)..(456,199), (456,201)..(789,299), > > (789,301)..(65535,65535)] > > > > in bgp_community.delete(). > > Ondrej, thank you for reply. > > I tried the following code: > > function check_community (clist c) > clist wrong; > { > wrong = [ > (0,0)..(0,25371), > (0,25373)..(0,31209), > (0,31211)..(31209,65535), > (31210,0)..(31210,25371), > (31210,25373)..(31210,65535), > (31211,0)..(65535,65281), > (65535,65283)..(65535,65535) > ]; > c.delete(wrong); > } > > But bird reports error: > bird> configure > Reading configuration from /usr/local/etc/bird.conf > /usr/local/etc/bird.conf, line 37: syntax error > > Line 37 is: > > c.delete(wrong); > > I tried both c.delete(wrong) and delete(c,wrong) - the result is the same: > syntax error. ok, I got it: c = delete(c,wrong); did make the error to dissapear. But there is another issue: function check_community (clist c) pair set wrong; { wrong = [ (0,0)..(0,25371), (0,25373)..(0,31209), (0,31211)..(31209,65535), (31210,0)..(31210,25371), (31210,25373)..(31210,65535), (31211,0)..(65535,65281), (65535,65283)..(65535,65535) ]; c = delete(c,wrong); print c; } bird reports in log file: Sep 6 20:26:38 crete bird: filters, line 37: Can't add/delete non-pair If declare 'wrong' as clist, then assignments like wrong = [ (0,0)..(0,25371), (0,25373)..(0,31209), (0,31211)..(31209,65535), (31210,0)..(31210,25371), (31210,25373)..(31210,65535), (31211,0)..(65535,65281), (65535,65283)..(65535,65535) ]; do not work: Sep 6 20:23:38 crete bird: filters, line 36: Assigning to variable of incompatible type Any ideas? -- MINO-RIPE
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 07:00:58PM +0200, Ondrej Zajicek wrote: > On Mon, Sep 06, 2010 at 07:45:15PM +0300, Alexander Shikoff wrote: > > Hello, > > > > is it possible in filter to delete all communities except ones which > > are stored in pre-defined list? > > It is possible to do that, but you have to manually invert the list > of communities. For example instead of a list of allowed communities: > > [(123,100), (456,200), (789,300)] > > you would use a list of rejected communities: > > [(0,0)..(123,99), (123,101)..(456,199), (456,201)..(789,299), > (789,301)..(65535,65535)] > > in bgp_community.delete(). Ondrej, thank you for reply. I tried the following code: function check_community (clist c) clist wrong; { wrong = [ (0,0)..(0,25371), (0,25373)..(0,31209), (0,31211)..(31209,65535), (31210,0)..(31210,25371), (31210,25373)..(31210,65535), (31211,0)..(65535,65281), (65535,65283)..(65535,65535) ]; c.delete(wrong); } But bird reports error: bird> configure Reading configuration from /usr/local/etc/bird.conf /usr/local/etc/bird.conf, line 37: syntax error Line 37 is: c.delete(wrong); I tried both c.delete(wrong) and delete(c,wrong) - the result is the same: syntax error. -- MINO-RIPE
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 07:45:15PM +0300, Alexander Shikoff wrote: > Hello, > > is it possible in filter to delete all communities except ones which > are stored in pre-defined list? It is possible to do that, but you have to manually invert the list of communities. For example instead of a list of allowed communities: [(123,100), (456,200), (789,300)] you would use a list of rejected communities: [(0,0)..(123,99), (123,101)..(456,199), (456,201)..(789,299), (789,301)..(65535,65535)] in bgp_community.delete(). -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature