summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--filter/config.Y58
-rw-r--r--filter/filter.c13
-rw-r--r--filter/filter.h4
-rw-r--r--nest/rt-table.c8
4 files changed, 75 insertions, 8 deletions
diff --git a/filter/config.Y b/filter/config.Y
index 00aeefc..413e88c 100644
--- a/filter/config.Y
+++ b/filter/config.Y
@@ -9,6 +9,64 @@
FIXME (for BGP): whole system of paths, path ~ string, path.prepend(), path.originate
FIXME: create community lists
FIXME: IP addresses in ipv6
+
+
+(1) Cesty
+
+ AS paths budtez interne reprezentovany stejne jako v BGP (viz RFC 1771),
+to znamena jako posloupnost segmentu, z nichz kazdy je budto posloupnost nebo
+mnozina cisel ASu. Na cestach nadefinuji nasledujici operace:
+
+ - zformatovani do stringu
+ - append dalsiho AS k ceste
+
+Filtry by mely podporovat:
+
+ - operator pridani AS k ceste
+ - matchovani na pritomnost podposloupnosti v ceste (pricemz vyskytne-li
+ se tam mnozina, tak si ji lze predstavit prerovnanou v libovolnem
+ poradi)
+ - operator zjisteni delky cesty (pro vypocet metrik)
+
+Byl bych rad, kdyby se samotne matchovaci funkce objevily v proto/bgp/attrs.c.
+
+
+(2) Community-listy
+
+Community list budiz interne reprezentovan jako posloupnost 32-bitovych cisel.
+
+Filtry by se mely na communities divat jako na usporadane dvojice 16-bitovych
+cisel (prvni je cislo AS, ktery community definoval, druhe pak community ID
+v ramci AS) a melo by byt mozne definovat si konstanty typu community.
+K dispozici by mely byt nasledujici operace:
+
+ - zjisteni pritomnosti community v listu
+ - pridani community do listu
+ - odebrani community z listu
+ - zresetovani listu
+
+Pro operace na cestach i na community listech by se mela pouzivat `teckova'
+notace pouzita v mem puvodnim navrhu syntaxe.
+
+
+(3) Zmeny v semantice dynamickych atributu
+
+Aby se nemusely neustale kopirovat seznamy atributu, rad bych provedl jeste
+jednu zmenu v tom, jak filtry nakladaji s atributy (pevne doufam, ze posledni,
+ale uznavam, ze u te predchozi jsem to take tvrdil): Funkci f_run budiz
+pridan jeste jeden parametr, ktery prepina mezi dvema mody:
+
+ (a) [incoming filter mode] Jako nyni.
+
+ (b) [outgoing filter mode] Pokud se hleda atribut, hleda se nejdrive
+ v tmp_attrs a pokud to selze, tak v rta->attrs. Pokud se nastavuje,
+ dava se _vzdy_ do tmp_attrs.
+
+Diky tomu filtry pri exportu routes nebudou vubec muset modifikovat rta a
+protokoly, ktere v import_control potrebuji nastavovat i non-temporary
+atributy, je budou moci pridat do tmp_attrs, aniz by sahly na rta.
+
+
*/
CF_HDR
diff --git a/filter/filter.c b/filter/filter.c
index 5faabfe..6a59072 100644
--- a/filter/filter.c
+++ b/filter/filter.c
@@ -145,6 +145,7 @@ val_print(struct f_val v)
static struct rte **f_rte, *f_rte_old;
static struct linpool *f_pool;
static struct ea_list **f_tmp_attrs;
+static int f_flags;
#define runtime(x) do { \
log( L_ERR x ); \
@@ -329,9 +330,14 @@ interpret(struct f_inst *what)
break;
case P('e','a'): /* Access to extended attributes */
{
- eattr *e = ea_find( (*f_rte)->attrs->eattrs, what->a2.i );
+ eattr *e = NULL;
+ if (!(f_flags & FF_OUTGOING))
+ e = ea_find( (*f_rte)->attrs->eattrs, what->a2.i );
if (!e)
e = ea_find( (*f_tmp_attrs), what->a2.i );
+ if ((!e) && (f_flags & FF_OUTGOING))
+ e = ea_find( (*f_rte)->attrs->eattrs, what->a2.i );
+
if (!e) {
res.type = T_VOID;
break;
@@ -371,7 +377,7 @@ interpret(struct f_inst *what)
break;
}
- if (!(what->aux & EAF_TEMP)) {
+ if (!(what->aux & EAF_TEMP) && (!(f_flags & FF_OUTGOING))) {
*f_rte = rte_do_cow(*f_rte);
l->next = (*f_rte)->attrs->eattrs;
(*f_rte)->attrs->eattrs = l;
@@ -523,12 +529,13 @@ i_same(struct f_inst *f1, struct f_inst *f2)
}
int
-f_run(struct filter *filter, struct rte **rte, struct ea_list **tmp_attrs, struct linpool *tmp_pool)
+f_run(struct filter *filter, struct rte **rte, struct ea_list **tmp_attrs, struct linpool *tmp_pool, int flags)
{
struct f_inst *inst;
struct f_val res;
DBG( "Running filter `%s'...", filter->name );
+ f_flags = flags;
f_tmp_attrs = tmp_attrs;
f_rte = rte;
f_rte_old = *rte;
diff --git a/filter/filter.h b/filter/filter.h
index 3f05f6a..b05e6a7 100644
--- a/filter/filter.h
+++ b/filter/filter.h
@@ -67,7 +67,7 @@ int same_tree(struct f_tree *t1, struct f_tree *t2);
struct ea_list;
struct rte;
-int f_run(struct filter *filter, struct rte **rte, struct ea_list **tmp_attrs, struct linpool *tmp_pool);
+int f_run(struct filter *filter, struct rte **rte, struct ea_list **tmp_attrs, struct linpool *tmp_pool, int flags);
char *filter_name(struct filter *filter);
int filter_same(struct filter *new, struct filter *old);
@@ -122,4 +122,6 @@ struct f_tree {
#define NEW_F_VAL struct f_val * val; val = cfg_alloc(sizeof(struct f_val));
+#define FF_OUTGOING 1
+
#endif
diff --git a/nest/rt-table.c b/nest/rt-table.c
index d3fcf64..687e940 100644
--- a/nest/rt-table.c
+++ b/nest/rt-table.c
@@ -141,7 +141,7 @@ do_rte_announce(struct announce_hook *a, net *net, rte *new, rte *old, ea_list *
else if (ok)
rte_trace_out(D_FILTERS, p, new, "forced accept by protocol");
else if (p->out_filter == FILTER_REJECT ||
- p->out_filter && f_run(p->out_filter, &new, &tmpa, rte_update_pool) > F_ACCEPT)
+ p->out_filter && f_run(p->out_filter, &new, &tmpa, rte_update_pool, 0) > F_ACCEPT)
{
rte_trace_out(D_FILTERS, p, new, "filtered out");
new = NULL;
@@ -155,7 +155,7 @@ do_rte_announce(struct announce_hook *a, net *net, rte *new, rte *old, ea_list *
else
{
ea_list *tmpb = p->make_tmp_attrs ? p->make_tmp_attrs(old, rte_update_pool) : NULL;
- if (f_run(p->out_filter, &old, &tmpb, rte_update_pool) > F_ACCEPT)
+ if (f_run(p->out_filter, &old, &tmpb, rte_update_pool, 0) > F_ACCEPT)
old = NULL;
}
}
@@ -387,7 +387,7 @@ rte_update(rtable *table, net *net, struct proto *p, rte *new)
if (p->in_filter)
{
ea_list *old_tmpa = tmpa;
- int fr = f_run(p->in_filter, &new, &tmpa, rte_update_pool);
+ int fr = f_run(p->in_filter, &new, &tmpa, rte_update_pool, 0);
if (fr > F_ACCEPT)
{
rte_trace_in(D_FILTERS, p, new, "filtered out");
@@ -695,7 +695,7 @@ rt_show_net(struct cli *c, net *n, struct rt_show_data *d)
struct ea_list *tmpa = NULL;
ee = e;
rte_update_lock(); /* We use the update buffer for filtering */
- if (d->filter == FILTER_ACCEPT || f_run(d->filter, &ee, &tmpa, rte_update_pool) <= F_ACCEPT)
+ if (d->filter == FILTER_ACCEPT || f_run(d->filter, &ee, &tmpa, rte_update_pool, 0) <= F_ACCEPT)
{
rt_show_rte(c, ia, e, d);
ia[0] = 0;