Re: Deleting unallowed communities
On Mon, Sep 13, 2010 at 07:57:49PM +0300, Alexander Shikoff wrote: > > There is a bug in community set delete. Try attached patch to fix it. > Thank you very much! This patch fixes a problem. > Ondrej, do you plan to implement invertion of community lists? Not invertion of community lists, but perhaps invertion of (pair) sets. I am not sure. Just implementing set invertion should not be hard, but question is how to integrate it into filter language grammar (as it is not just a operator like add/delete, it must be done in config-read-time to be fast enough. Perhaps some new set syntax ... . -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: Deleting unallowed communities
On Sat, Sep 11, 2010 at 08:17:49PM +0200, Ondrej Zajicek wrote: > On Tue, Sep 07, 2010 at 01:50:58PM +0300, Alexander Shikoff wrote: > > > This code works for me. > > > > > > This is a recent feature, perhaps you are using an old version of BIRD. > > > Try version 1.2.4 . > > I'm using 1.2.4. > > > > Where do you call a function from? In my configuration it is called from > > filter: > > ... > > > Error is the same: Sep 7 13:45:58 crete bird: filters, line 37: Can't > > add/delete non-pair > > Hello > > There is a bug in community set delete. Try attached patch to fix it. Thank you very much! This patch fixes a problem. Ondrej, do you plan to implement invertion of community lists? -- MINO-RIPE
Re: Deleting unallowed communities
On Tue, Sep 07, 2010 at 01:50:58PM +0300, Alexander Shikoff wrote:
> > This code works for me.
> >
> > This is a recent feature, perhaps you are using an old version of BIRD.
> > Try version 1.2.4 .
> I'm using 1.2.4.
>
> Where do you call a function from? In my configuration it is called from
> filter:
...
> Error is the same: Sep 7 13:45:58 crete bird: filters, line 37: Can't
> add/delete non-pair
Hello
There is a bug in community set delete. Try attached patch to fix it.
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
diff -uprN bird-1.2.4-o/filter/filter.c bird-1.2.4/filter/filter.c
--- bird-1.2.4-o/filter/filter.c 2010-08-03 17:44:51.0 +0200
+++ bird-1.2.4/filter/filter.c 2010-09-11 20:08:48.0 +0200
@@ -919,6 +919,9 @@ interpret(struct f_inst *what)
runtime("Can't add/delete to non-clist");
struct f_val dummy;
+u16 op = what->aux;
+i = 0;
+
if ((v2.type == T_PAIR) || (v2.type == T_QUAD))
i = v2.val.i;
#ifndef IPV6
@@ -926,13 +929,13 @@ interpret(struct f_inst *what)
else if (v2.type == T_IP)
i = ipa_to_u32(v2.val.px.ip);
#endif
-else if ((v2.type == T_SET) && (what->aux == 'd') && clist_set_type(v2.val.t, &dummy))
- what->aux = 'D';
+else if ((v2.type == T_SET) && (op == 'd') && clist_set_type(v2.val.t, &dummy))
+ op = 'D';
else
runtime("Can't add/delete non-pair");
res.type = T_CLIST;
-switch (what->aux) {
+switch (op) {
case 'a': res.val.ad = int_set_add(f_pool, v1.val.ad, i); break;
case 'd': res.val.ad = int_set_del(f_pool, v1.val.ad, i); break;
case 'D': res.val.ad = clist_del_matching(f_pool, v1.val.ad, v2.val.t); break;
signature.asc
Description: Digital signature
Re: Deleting unallowed communities
On Tue, Sep 07, 2010 at 01:50:58PM +0300, Alexander Shikoff wrote: > > This code works for me. > > > > This is a recent feature, perhaps you are using an old version of BIRD. > > Try version 1.2.4 . > I'm using 1.2.4. > > Where do you call a function from? In my configuration it is called from > filter: I pasted function check_community() to the test.conf in BIRD source (filters/test.conf) and called it from function paths() on variable l just before: print "Community list (1,2) ", l; Could you send me your complete config file to test it? -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 08:28:47PM +0200, Ondrej Zajicek wrote:
> > But there is another issue:
> >
> > function check_community (clist c)
> > pair set wrong;
> > {
> > wrong = [
> > (0,0)..(0,25371),
> > (0,25373)..(0,31209),
> > (0,31211)..(31209,65535),
> > (31210,0)..(31210,25371),
> > (31210,25373)..(31210,65535),
> > (31211,0)..(65535,65281),
> > (65535,65283)..(65535,65535)
> > ];
> > c = delete(c,wrong);
> > print c;
> > }
> >
> > bird reports in log file:
> > Sep 6 20:26:38 crete bird: filters, line 37: Can't add/delete non-pair
>
> This code works for me.
>
> This is a recent feature, perhaps you are using an old version of BIRD.
> Try version 1.2.4 .
I'm using 1.2.4.
Where do you call a function from? In my configuration it is called from
filter:
function check_community (clist c)
pair set wrong;
{
wrong = [
(0,0)..(0,25371),
(0,25373)..(0,31209),
(0,31211)..(31209,65535),
(31210,0)..(31210,25371),
(31210,25373)..(31210,65535),
(31211,0)..(65535,65281),
(65535,65283)..(65535,65535)
];
c = delete(c,wrong);
print c;
}
#
filter flt_itcons_i
prefix set plist;
{
check_community(bgp_community);
plist = [
194.247.174.0/23,
91.200.192.0/22,
109.68.40.0/21,
91.197.128.0/24,
91.197.129.0/24,
91.197.131.0/24,
91.197.128.0/23
];
if net ~ plist then accept; else reject;
}
bird still reports error: Sep 7 13:45:58 crete bird: filters, line 37: Can't
add/delete non-pair
Also I tried fillowing config:
function check_community ()
pair set wrong;
{
wrong = [
(0,0)..(0,25371),
(0,25373)..(0,31209),
(0,31211)..(31209,65535),
(31210,0)..(31210,25371),
(31210,25373)..(31210,65535),
(31211,0)..(65535,65281),
(65535,65283)..(65535,65535)
];
bgp_community.delete(wrong);
print bgp_community;
}
filter flt_itcons_i
prefix set plist;
{
check_community();
plist = [
194.247.174.0/23,
91.200.192.0/22,
109.68.40.0/21,
91.197.128.0/24,
91.197.129.0/24,
91.197.131.0/24,
91.197.128.0/23
];
if net ~ plist then accept; else reject;
}
Error is the same: Sep 7 13:45:58 crete bird: filters, line 37: Can't
add/delete non-pair
--
MINO-RIPE
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 08:34:39PM +0300, Alexander Shikoff wrote:
> > c.delete(wrong);
> >
> > I tried both c.delete(wrong) and delete(c,wrong) - the result is the same:
> > syntax error.
>
> ok, I got it: c = delete(c,wrong); did make the error to dissapear.
Yes, either (for any clist c):
c = delete(c,wrong);
or
bgp_community.delete(wrong);
But the second form works only for bgp_community attribute.
'wrong' should be declared as pair set, not as clist.
> But there is another issue:
>
> function check_community (clist c)
> pair set wrong;
> {
> wrong = [
> (0,0)..(0,25371),
> (0,25373)..(0,31209),
> (0,31211)..(31209,65535),
> (31210,0)..(31210,25371),
> (31210,25373)..(31210,65535),
> (31211,0)..(65535,65281),
> (65535,65283)..(65535,65535)
> ];
> c = delete(c,wrong);
> print c;
> }
>
> bird reports in log file:
> Sep 6 20:26:38 crete bird: filters, line 37: Can't add/delete non-pair
This code works for me.
This is a recent feature, perhaps you are using an old version of BIRD.
Try version 1.2.4 .
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
signature.asc
Description: Digital signature
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 08:18:06PM +0300, Alexander Shikoff wrote:
> On Mon, Sep 06, 2010 at 07:00:58PM +0200, Ondrej Zajicek wrote:
> > On Mon, Sep 06, 2010 at 07:45:15PM +0300, Alexander Shikoff wrote:
> > > Hello,
> > >
> > > is it possible in filter to delete all communities except ones which
> > > are stored in pre-defined list?
> >
> > It is possible to do that, but you have to manually invert the list
> > of communities. For example instead of a list of allowed communities:
> >
> > [(123,100), (456,200), (789,300)]
> >
> > you would use a list of rejected communities:
> >
> > [(0,0)..(123,99), (123,101)..(456,199), (456,201)..(789,299),
> > (789,301)..(65535,65535)]
> >
> > in bgp_community.delete().
>
> Ondrej, thank you for reply.
>
> I tried the following code:
>
> function check_community (clist c)
> clist wrong;
> {
> wrong = [
> (0,0)..(0,25371),
> (0,25373)..(0,31209),
> (0,31211)..(31209,65535),
> (31210,0)..(31210,25371),
> (31210,25373)..(31210,65535),
> (31211,0)..(65535,65281),
> (65535,65283)..(65535,65535)
> ];
> c.delete(wrong);
> }
>
> But bird reports error:
> bird> configure
> Reading configuration from /usr/local/etc/bird.conf
> /usr/local/etc/bird.conf, line 37: syntax error
>
> Line 37 is:
>
> c.delete(wrong);
>
> I tried both c.delete(wrong) and delete(c,wrong) - the result is the same:
> syntax error.
ok, I got it: c = delete(c,wrong); did make the error to dissapear.
But there is another issue:
function check_community (clist c)
pair set wrong;
{
wrong = [
(0,0)..(0,25371),
(0,25373)..(0,31209),
(0,31211)..(31209,65535),
(31210,0)..(31210,25371),
(31210,25373)..(31210,65535),
(31211,0)..(65535,65281),
(65535,65283)..(65535,65535)
];
c = delete(c,wrong);
print c;
}
bird reports in log file:
Sep 6 20:26:38 crete bird: filters, line 37: Can't add/delete non-pair
If declare 'wrong' as clist, then assignments like
wrong = [
(0,0)..(0,25371),
(0,25373)..(0,31209),
(0,31211)..(31209,65535),
(31210,0)..(31210,25371),
(31210,25373)..(31210,65535),
(31211,0)..(65535,65281),
(65535,65283)..(65535,65535)
];
do not work:
Sep 6 20:23:38 crete bird: filters, line 36: Assigning to variable of
incompatible type
Any ideas?
--
MINO-RIPE
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 07:00:58PM +0200, Ondrej Zajicek wrote:
> On Mon, Sep 06, 2010 at 07:45:15PM +0300, Alexander Shikoff wrote:
> > Hello,
> >
> > is it possible in filter to delete all communities except ones which
> > are stored in pre-defined list?
>
> It is possible to do that, but you have to manually invert the list
> of communities. For example instead of a list of allowed communities:
>
> [(123,100), (456,200), (789,300)]
>
> you would use a list of rejected communities:
>
> [(0,0)..(123,99), (123,101)..(456,199), (456,201)..(789,299),
> (789,301)..(65535,65535)]
>
> in bgp_community.delete().
Ondrej, thank you for reply.
I tried the following code:
function check_community (clist c)
clist wrong;
{
wrong = [
(0,0)..(0,25371),
(0,25373)..(0,31209),
(0,31211)..(31209,65535),
(31210,0)..(31210,25371),
(31210,25373)..(31210,65535),
(31211,0)..(65535,65281),
(65535,65283)..(65535,65535)
];
c.delete(wrong);
}
But bird reports error:
bird> configure
Reading configuration from /usr/local/etc/bird.conf
/usr/local/etc/bird.conf, line 37: syntax error
Line 37 is:
c.delete(wrong);
I tried both c.delete(wrong) and delete(c,wrong) - the result is the same:
syntax error.
--
MINO-RIPE
Re: Deleting unallowed communities
On Mon, Sep 06, 2010 at 07:45:15PM +0300, Alexander Shikoff wrote: > Hello, > > is it possible in filter to delete all communities except ones which > are stored in pre-defined list? It is possible to do that, but you have to manually invert the list of communities. For example instead of a list of allowed communities: [(123,100), (456,200), (789,300)] you would use a list of rejected communities: [(0,0)..(123,99), (123,101)..(456,199), (456,201)..(789,299), (789,301)..(65535,65535)] in bgp_community.delete(). -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
