Commit graph

435 commits

Author SHA1 Message Date
Jan Maria Matejka
fc8df41ec6 Filter refactoring: The values are now saved on a custom stack.
This shall help with performance.
2019-02-20 22:30:54 +01:00
Jan Maria Matejka
7afa143886 Filter refactoring: Passing the resulting struct f_val as a pointer.
This also drops the multiplexing of errors with the f_val itself
together with the T_RETURN f_val type flag.
2019-02-20 22:30:54 +01:00
Jan Maria Matejka
f62a369fb4 Filter refactoring: Moved filter instruction definition to a separate file 2019-02-20 22:30:54 +01:00
Jan Maria Matejka
25566c6810 Filter refactoring: Moved the bitfield bit position formula to route.h 2019-02-20 22:30:54 +01:00
Jan Maria Matejka
aca8263926 Filter refactoring: Moved the interpret macros inside the block 2019-02-20 22:30:54 +01:00
Jan Maria Matejka
a946317fab Filter: Converted static global variables to a filter_state struct.
The static filter state was messy and blocked the planned parallel
execution of filters. Anyway, this will be also slower as the state
structure must be passed almost everywhere with us.
2019-02-20 22:30:53 +01:00
Ondrej Zajicek (work)
3a2a3c7325 Doc: Rename code documentation files back to Doc 2018-12-14 02:03:42 +01:00
Maria Matejka
265419a369 Custom route attributes
For local route marking purposes, local custom route attributes may be
defined. These attributes are seamlessly stripped after export filter to
every real protocol like Kernel, BGP or OSPF, they however pass through
pipes. We currently allow at most 256 custom attributes.

This should be much faster than currently used bgp communities
for marking routes.
2018-12-06 09:55:21 +01:00
Ondrej Zajicek (work)
f2d8e6801e Filter: Make ifname attribute modifiable
Allow to change an interface associated with a route by setting
ifname attribute. It will also change the route to a direct one.
2018-11-05 22:03:21 +01:00
Ondrej Zajicek (work)
83715aa829 Filter: Add support for VPN_RD sets 2018-10-25 11:26:58 +02:00
Ondrej Zajicek (work)
41b83e52f7 Filter: Fix minor bug in accessing bgp_path
Not relevant for regular BGP paths, just for BGP paths added by filters
to e.g. static routes.
2018-10-25 11:23:15 +02:00
Ondrej Zajicek (work)
586c1800c4 Nest: Neighbor cache cleanups
Simplify neighbor cache code, fix several minor bugs, and improve
handling of ONLINK flag.
2018-06-27 16:57:07 +02:00
Maria Matejka
c2fc4c10ac Doc: renamed progdoc files Doc -> progdoc to fix collision with doc/ folder on case-insensitive filesystems 2018-06-26 17:09:12 +02:00
Jan Maria Matejka
f851f0d7e3 Config: Dropping CF_ADDTO. 2018-06-26 14:29:03 +02:00
Jan Maria Matejka
1771f70d74 Filter: fixed eattr cached pointer
Use ACCESS_RTE to guard **f_rte, use ACCESS_EATTRS to guard **f_eattrs.
Use f_rta_cow() before writing to rta or eattrs, use f_rte_cow() before
writing preference (stored in rte).

Do not access eattrs indirectly through (*f_rte)->attrs->eattrs, it is
way too slow. The cached pointer is faster.
2018-06-19 16:51:40 +02:00
Jan Maria Matejka
13c0be19d3 Nest: Removing separate tmpa from route propagation
This is a fundamental change of an original (1999) concept of route
processing inside BIRD. During import/export, there was a temporary
ea_list created which was to be used instead of the another one inside
the route itself.

This led to some confusion, quirks, and strange filter code that handled
extended route attributes. Dropping it now.

The protocol interface has changed in an uniform way -- the
`struct ea_list *attrs` argument has been removed from store_tmp_attrs(),
import_control(), rt_notify() and get_route_info().
2018-05-30 17:08:49 +02:00
Jan Maria Matejka
ee7e2ffd26 Protocol: Introducing an enum protocol_class
This supersedes the EAP_* constants.
2018-05-29 12:35:06 +02:00
Jan Maria Matejka
c3becfe193 Filter: macro for recursive interpretation of instructions 2018-05-29 12:35:06 +02:00
Jan Maria Matejka
0ec6b5ecd3 Filter: Simple type checks converted to ARG() macro 2018-05-29 12:35:06 +02:00
Jan Maria Matejka
478f9babed Filter: Removing the third argument hack
Just to make the code a bit more clean and easier to maintain.
2018-05-29 11:53:51 +02:00
Jan Maria Matejka
cff9e937fd Filter: instruction names 2018-05-29 11:53:51 +02:00
Jan Maria Matejka
31d6939cde Filter: Instruction codes linearized 2018-05-29 11:53:51 +02:00
Ondrej Zajicek (work)
b24b781117 Filter: Add support for src filter op to access SADR source prefix
The patch allows to use 'net.src' to access SADR source prefix
from filters.

Thanks to Toke Hoiland-Jorgensen for the original patch for srclen.
2018-05-16 11:19:29 +02:00
Jan Maria Matejka
823ad12191 Filter: Added missing instruction comparators.
These instructions caused SIGABORTs on reconfiguration.
2018-04-27 14:38:41 +02:00
Jan Maria Matejka
8a871e890a Merge branch 'master' into int-new 2018-03-14 12:57:16 +01:00
Jan Maria Matejka
e8bc64e308 Filter: make bgpmask literals real constructors
The bgpmask literals can include expressions. This is OK but they have
to be interpreted as soon as the code is run, not in the time the code
is used as value.

This led to strange behavior like rewriting bgpmasks when they shan't
be rewritten:

	function mask_generator(int as)
	{
		return [= * as * =];
	}

	function another()
	bgpmask m1;
	bgpmask m2;
	{
		m1 = mask_generator(10);
		m2 = mask_generator(20);
		if (m1 == m2) {
			print("strange"); # this would happen
		}
	}

Moreover, sending this to CLI would cause stack overflow and knock down the
whole BIRD, as soon as there is at least one route to execute the given
filter on.

	show route filter bgpmask mmm; bgppath ppp; { ppp = +empty+; mmm = [= (ppp ~ mmm) =]; print(mmm); accept; }

The magic match operator (~) inside the bgpmask literal would try to
resolve mmm, which points to the same bgpmask so it would resolve
itself, call the magic match operator and vice versa.

After this patch, the bgpmask literal will get resolved as soon as it's
assigned to mmm and it also will return a type error as bool is not
convertible to ASN in BIRD.
2018-03-14 11:34:29 +01:00
Jan Maria Matejka
e95705f00c Merge branch 'master' into int-new 2018-03-13 17:02:49 +01:00
Jan Maria Matejka
74bfd2f97c Filters: Removed FI_COMMA, not used for 19 years.
This instruction was removed in the commit linked below
and never used ever again. Rest in peace.

commit 84c7e1943f
Author: Pavel Machek <pavel@ucw.cz>
Date:   Tue Mar 2 19:49:28 1999 +0000
2018-03-13 17:01:37 +01:00
Jan Maria Matejka
d1ba927b36 Merge branch 'master' into int-new 2018-03-13 16:51:04 +01:00
Jan Maria Matejka
7c601e6b7b Filter: recursion to loop
It was supposed to do tail-recursion in interpret() but it didn't
compile as such. Converting it to loop makes a significant filter
performance improvement for flat filters.
2018-03-13 16:29:33 +01:00
Maria Jan Matejka
5a14df3950 Filter: Instruction codes named as enum
The two-letter instructions were quite messy but they could be easily
read from memory dumps. Now GDB (since 2012) supports pretty printing
enum values and GCC checks the switch construction for missing enum
values so we are converting the nice two-byte values to enums.

Anyway, the enum still keeps the old two-byte values to be able to read
the instruction codes even without GDB from plain memory dump.
2018-03-13 16:29:33 +01:00
Jan Maria Matejka
f2f5a7d945 Filter: the test conf checks also a bit of BGP args
Uncommented an old test.
2018-03-08 12:57:39 +01:00
Jan Maria Matejka
0575c7db72 Config: Dropped the ipv4:netmask4 syntax for IPv4 prefixes. 2018-03-08 12:57:39 +01:00
Ondrej Zajicek (work)
1561ee799c Handle properly enums for extended attributes 2018-02-13 19:52:22 +01:00
Ondrej Zajicek (work)
75d98b6013 Merge branch 'master' into int-new 2018-01-23 18:29:32 +01:00
Ondrej Zajicek (work)
b940579115 Filter: Allow silent filter execution
A filter should log messages only if executed explicitly (e.g., during
route export or route import). When a filter is executed for technical
reasons (e.g., to establish whether a route was exported before), it
should run silently.
2018-01-16 16:20:01 +01:00
Ondrej Zajicek (work)
3831b61966 BGP: Require explicit import and export policies for EBGP channels
To comply with RFC 8212 requirements.
2018-01-16 04:14:49 +01:00
Ondrej Zajicek (work)
8f8671bcde Filter: Handle undefined BGP paths as empty
The same is already done for clists. Also fixes defined() to work
properly for paths and clists.
2018-01-03 15:44:05 +01:00
Ondrej Zajicek (work)
ed1d853e51 Filter: Remove old BGP path mask syntax from tests 2017-12-08 17:31:33 +01:00
Jan Maria Matejka
3e52d112d7 Docs: Update to v2.0 2017-12-08 16:27:19 +01:00
Ondrej Zajicek (work)
830ba75e6d Merge commit '1e8721e2aeccfbc3f533e8b8abc07582cee77e9a' into int-new 2017-12-07 21:54:47 +01:00
Jan Maria Matejka
9ba4b4a63d Filter test: typo fix 2017-11-09 15:04:05 +01:00
Michal 'vorner' Vaner
2a95e63343 RAdv: Support for more specific routes (RFC 4191)
The patch implements Default Router Preferences and More-Specific Routes
(RFC 4191) for RAdv protocol, allowing to announce router preference and
more specific routes in router advertisements. Routes can be exported to
RAdv like to regular routing protocols.

Some cleanups, bugfixes and other changes done by Ondrej Zajicek.
2017-10-04 16:27:02 +02:00
Michal 'vorner' Vaner
5a8b1fb047 filter: Allow assigning enums into extended attributes
They are internally ints, but they got refused as a wrong type. This
fixes setting of the BGP origin and is also needed for RA.
2017-09-20 15:36:54 +02:00
Ondrej Zajicek (work)
69f7399247 Merge branch 'master' into int-new 2017-08-09 12:46:27 +02:00
Ondrej Zajicek (work)
e46128fb50 Filters: Do not clamp EC set values to 16 bit for EC_GENERICs
Thanks to Lennert Buytenhek <buytenh@wantstofly.org> for the patch.
2017-06-19 12:46:40 +02:00
Ondrej Zajicek (work)
6aaaa63519 Change parser to handle numbers as unsigned
Lexer always parsed numbers as unsigned, but parser handled them as
signed and grammar contained many unnecessary checks for negativity.
2017-05-23 17:40:19 +02:00
Jan Moskyto Matejka
05d47bd53e Linpool: default allocation size 2017-05-16 15:34:57 +02:00
Ondrej Zajicek (work)
751fb2366c Test: Fix broken test for filters 2017-04-26 14:11:28 +02:00
Jan Moskyto Matejka
69fddac052 Merge branch 'int-new' of gitlab.labs.nic.cz:labs/bird into int-new 2017-04-26 12:30:22 +02:00
Jan Moskyto Matejka
2af807a83f Test: fixed broken test for VPN RD output 2017-04-26 12:19:39 +02:00
Ondrej Zajicek (work)
6f535924eb Filter: Fix reconfiguration of roa_check() 2017-04-18 13:56:51 +02:00
Jan Moskyto Matejka
61e501da89 Filter: Check whether IP is 4 or 6 2017-03-22 14:53:37 +01:00
Ondrej Zajicek (work)
a5d2a34497 Minor cleanups
BTW, 'prefices' is hypercorrection, as 'prefix' is from 'praefixum' with
plural 'praefixa'.
2017-03-14 17:25:42 +01:00
Jan Moskyto Matejka
8c9986d310 Filters: VPN Route Distinguishers, Prefix Type, Docs Update 2017-03-13 13:51:20 +01:00
Jan Moskyto Matejka
54334b5667 Filter: ROA check test and mixed prefix test 2017-03-09 15:57:54 +01:00
Jan Moskyto Matejka
c609d03986 Merge branch 'int-new' into nexthop-merged 2017-02-22 11:58:04 +01:00
Ondrej Zajicek (work)
62e64905b7 Several minor fixes 2017-02-20 02:26:45 +01:00
Ondrej Zajicek (work)
c259669fa3 Merge branch 'master' into int-new 2017-02-08 14:34:48 +01:00
Ondrej Zajicek (work)
da65a3d898 Filter: Fix missing case for !~ operator
Thanks to Vincent Bernat for the patch.
2017-01-24 15:35:38 +01:00
Jan Moskyto Matejka
5b208e296f Removing (struct rta)->cast. Never used. 2016-12-22 13:09:59 +01:00
Jan Moskyto Matejka
4e276a8920 Merged multipath and single-path data structures.
Dropped struct mpnh and mpnh_*()
Now struct nexthop exists, nexthop_*(), and also included struct nexthop
into struct rta.

Also converted RTD_DEVICE and RTD_ROUTER to RTD_UNICAST. If it is needed
to distinguish between these two cases, RTD_DEVICE is equivalent to
IPA_ZERO(a->nh.gw), RTD_ROUTER is then IPA_NONZERO(a->nh.gw).

From now on, we also explicitely want C99 compatible compiler. We assume
that this 20-year norm should be known almost everywhere.
2016-12-22 13:01:06 +01:00
Ondrej Zajicek (work)
77234bbbde Basic flow specification support (RFC 5575)
Add flow4/flow6 network and rt-table type and operations, config grammar
and static protocol support.

Squashed flowspec branch from Pavel Tvrdik.
2016-12-07 15:54:19 +01:00
Jan Moskyto Matejka
ad88b94bca Merge branch 'int-new-rpki-squashed' (early part) into int-new 2016-12-07 15:30:46 +01:00
Ondrej Zajicek (work)
d15b0b0a1b BGP redesign
Integrated and extensible BGP with generalized AFI handling,
support for IPv4+IPv6 AFI and unicast+multicast SAFI.
2016-12-07 14:20:52 +01:00
Pavel Tvrdik
cd6ca9b1f6 filter/test.conf: add ROA check and operator tests 2016-12-07 09:35:24 +01:00
Pavel Tvrdik
e58f8c28d2 Add `.maxlen' operator to all ROA prefixes in filters
Example:
  bird> eval (1.2.0.0/16 max 20 as 1234).maxlen
  20

Todo: Should be described in user docs
2016-12-07 09:35:24 +01:00
Pavel Tvrdik
69ae578450 Add `.asn' operator to all ROA prefixes in filters
Example:
  bird> eval (1.2.0.0/16 max 20 as 1234).asn
  1234

Todo: Should be described in user docs
2016-12-07 09:35:24 +01:00
Pavel Tvrdík
65d2a88dd2 RPKI protocol with one cache server per protocol
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.

Implemeted transports are:
 - unprotected transport over TCP
 - secure transport over SSHv2

Example configuration of bird.conf:
  ...
  roa4 table r4;
  roa6 table r6;

  protocol rpki {
    debug all;

    # Import both IPv4 and IPv6 ROAs
    roa4 { table r4; };
    roa6 { table r6; };

    # Set cache server (validator) address,
    # overwrite default port 323
    remote "rpki-validator.realmv6.org" port 8282;

    # Overwrite default time intervals
    retry   10;         # Default 600 seconds
    refresh 60;         # Default 3600 seconds
    expire 600;         # Default 7200 seconds
  }

  protocol rpki {
    debug all;

    # Import only IPv4 routes
    roa4 { table r4; };

    # Set cache server address to localhost,
    # use default ports tcp => 323 or ssh => 22
    remote 127.0.0.1;

    # Use SSH transport instead of unprotected transport over TCP
    ssh encryption {
      bird private key "/home/birdgeek/.ssh/id_rsa";
      remote public key "/home/birdgeek/.ssh/known_hosts";
      user "birdgeek";
    };
  }
  ...
2016-12-07 09:35:24 +01:00
Pavel Tvrdik
5df4073c81 filter/test.conf: Minor changes in order of calls 2016-11-30 11:57:35 +01:00
Pavel Tvrdik
4abe781c27 Remove filter/test_bgp_filtering.conf file
It was an example filtering configuration from BIRD's wiki.
2016-11-30 11:57:35 +01:00
Pavel Tvrdik
012a0d6bf8 Merge test6.conf IPv6 tests into test.conf 2016-11-30 11:57:35 +01:00
Pavel Tvrdik
c39a1cb17e filter/test.conf: Extend tests 2016-11-16 17:01:09 +01:00
Pavel Tvrdik
0ed1e85091 filter/test.conf: Reorder tests
Tests are sorted from trivial tests to more complex tests
2016-11-16 13:46:43 +01:00
Pavel Tvrdik
7dea7ccb10 filter/test.conf: Replace print func with assert and format 2016-11-16 12:22:01 +01:00
Pavel Tvrdik
4b135d0958 Birdtest: Add function format in grammar for stringify expression 2016-11-16 12:22:01 +01:00
Pavel Tvrdik
3ec0bedc60 Birdtest: Remove bt_assert command from term
The bt_assert function does not return any value, so it was useless to
have a option in term definition.
2016-11-16 12:22:01 +01:00
Pavel Tvrdik
5e3cd0e5b5 Birdtest: Replace BT_SUCCESS and BT_FAILURE with 1 and 0 2016-11-11 17:43:09 +01:00
Pavel Tvrdik
fd328869cc birdtest: Fix no-forked mode in trie_test 2016-11-11 17:02:16 +01:00
Ondrej Zajicek (work)
101c5a50aa Filter: Add long community tests
Based on Pavel Tvrdik's int-test-lc branch.
2016-11-09 19:09:24 +01:00
Ondrej Zajicek (work)
9b0a0ba9e6 Unit Testing for BIRD
- Unit Testing Framework (BirdTest)
 - Integration of BirdTest into the BIRD build system
 - Tests for several BIRD modules

 Based on squashed Pavel Tvrdik's int-test branch, updated for
 current int-new branch.
2016-11-09 16:36:34 +01:00
Ondrej Zajicek (work)
8860e991f6 Merge branch 'master' into int-new 2016-11-08 19:27:58 +01:00
Ondrej Zajicek (work)
c8cafc8ebb Minor code cleanups 2016-11-08 17:46:29 +01:00
Ondrej Zajicek (work)
cc5b93f72d Merge tag 'v1.6.2' into int-new 2016-11-08 17:04:29 +01:00
Jan Moskyto Matejka
3e236955c9 Build: switch on -Wextra, get rid of most of the warnings
There are several unresolved -Wmissing-field-initializers on older
versions of GCC than 5.1, all of them false positive.
2016-11-01 14:52:54 +01:00
Ondrej Zajicek (work)
c68e8cd374 Filter: Minor formatting changes in test.conf 2016-10-18 13:06:51 +02:00
Pavel Tvrdik
5fd7dacadc Filter: Expand testing of large community sets 2016-10-13 15:17:41 +02:00
Pavel Tvrdik
c2564d34af Tree/Trie: Check the end of buffer
We set buffer->pos to buffer->end in function buffer_print() when
bvsnprintf() failed, so there would be uninitialized memory between
the old buffer->pos and the current buffer->pos.
2016-10-11 21:25:21 +02:00
Ondrej Zajicek (work)
a998836d4b Filter: fix missing separator 2016-10-04 23:19:35 +02:00
Ondrej Zajicek (work)
60566c5c80 Filter: large community sets
Add support for lc sets to filter code. Grammar of (small) community sets
has to be updated to avoid parser collisions.
2016-10-03 13:47:37 +02:00
Ondrej Zajicek (work)
66dbdbd993 BGP: Support for large communities
Add support for large communities (draft-ietf-idr-large-community),
96bit alternative to RFC 1997 communities.

Thanks to Matt Griswold for the original patch.
2016-10-03 12:48:56 +02:00
Pavel Tvrdik
768d5e1058 Add !~ operator to filter grammar 2016-09-21 13:35:52 +02:00
Pavel Tvrdik
bc00f05815 Filter: Prefer xmalloc/xfree to malloc/free 2016-09-15 15:24:00 +02:00
Ondřej Surý
33d22f0e9e whitespace fixes 2016-08-16 09:24:12 +02:00
Ondrej Zajicek (work)
f1f39bb9d8 Filter: Fixes reconfiguration with last_nonaggregated operator 2016-07-01 11:03:13 +02:00
Pavel Tvrdik
5de0e848de filter/test.conf: fixes formating 2016-06-30 15:00:47 +02:00
Ondrej Zajicek (work)
122deb6d5b Filters: Fixes pm_same() w.r.t. ASN ranges and ASN expressions
This is necessary for proper detection of filter changes during
reconfigurations.
2016-06-09 00:30:41 +02:00
Ondrej Filip
a0fe1944d1 Add AS# ranges to bgpmask. 2016-06-08 16:22:44 +02:00
Ondrej Zajicek (work)
286e2011d2 Miscellaneous minor fixes 2016-05-12 16:04:47 +02:00
Jan Moskyto Matejka
0c6dfe5236 Merge branch 'int-new' into int-new-merged 2016-05-10 14:30:49 +02:00