|
[-]
[+]
|
Changed |
bird.changes
|
|
|
|
[-]
[+]
|
Changed |
bird.spec
^
|
|
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/ChangeLog
^
|
| @@ -1,3 +1,182 @@
+commit 50b71c1b96f99ac40e733295daeb03927777b206
+Author: Ondrej Filip <feela@network.cz>
+Date: Sun Jul 28 18:50:40 2013 +0200
+
+ Fixed small error in documantation (thanks engels@openit.de).
+
+commit 643228bc1cfb6a8f5169ee8ebfe1b75c81cc8543
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Sat Jul 27 00:47:58 2013 +0200
+
+ NEWS and version update.
+
+commit f4830d8cb801c9124361bcc0c9e33f8f6005c08d
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Sat Jul 27 00:38:29 2013 +0200
+
+ Documentation update.
+
+commit 4ee39ff2ff78f86ce1ec79a77e22120984452549
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Fri Jul 26 11:06:08 2013 +0200
+
+ Fixes initial random values for function arguments.
+
+ Thanks to Javor Kliachev for the bugreport.
+
+commit 1103b32e830fbf98d9b3e32c0425b9a589773bf8
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Thu Jul 25 22:33:57 2013 +0200
+
+ Allows to define constants of all filter types.
+
+commit ac5745134847c044b21c311e5ab11d92d05bacc1
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Thu Jul 25 13:55:24 2013 +0200
+
+ Implements RFC 6608 Subcodes for BGP FSM Error.
+
+commit 508d936078aecc8fbbb9ca1218104599c4a3cb4a
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Thu Jul 25 13:15:32 2013 +0200
+
+ Implements eval command and minor CLI cleanups.
+
+ Implemented eval command can be used to evaluate expressions.
+
+ The patch also documents echo command and allows to use log classes
+ instead of integer as a mask for echo.
+
+commit a0b176e3b2b50d3a30574afa927e0ee8ef65be68
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Wed Jul 24 14:20:46 2013 +0200
+
+ Fixes header file name.
+
+ Thanks to Fritz Grimpen for the patch.
+
+commit e1afee279993363ffb4a7005554d0774eb09b764
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Wed Jul 24 14:19:37 2013 +0200
+
+ Fixes socket error hook for radv protocol.
+
+commit 9135c1f0ca6322bff9648895b5394b97761b4bcb
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Wed Jul 24 14:11:12 2013 +0200
+
+ Fixes bug in protocol flushing and rtable pruning.
+
+ When route was propagated to another rtable through a pipe and then the
+ pipe was reconfigured softly in such a way that any subsequent route
+ updates are filtered, then the source protocol shutdown didn't clean up
+ the route in the second rtable which caused stale routes and potential
+ crashes.
+
+commit 48b15ef10fede35113af71bd0dbb0b27a5fcb8f5
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Sat Jul 13 01:39:41 2013 +0200
+
+ Fixes stuck connection during BGP session shutdown.
+
+ If TX buffers were full during BGP session shutdown
+ then a protocol waited indefinitely to be able to
+ send notification packet to close the session.
+
+commit 354496ace87341428e6005fbc073fbe57b4e6c0e
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Thu Jul 11 13:50:44 2013 +0200
+
+ Some fixes for TTL security.
+
+commit cc31b75a8fd7949533c12db2c3e9d67eeaf46d10
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Tue Jul 9 23:27:10 2013 +0200
+
+ Implements 'bgppath ~ int set' filter op.
+
+commit c01a94663cc18f53fd741c5d44387eead9ca88af
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Sun Jul 7 12:11:42 2013 +0200
+
+ Implements multiple routing table support for FreeBSD and OpenBSD.
+
+ Inspired by the patch from Alexander V. Chernikov.
+
+commit c6964c305b425b98aaf0492806a28b578d799d83
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Sat Jun 29 22:55:41 2013 +0200
+
+ Makes krt.c much more readable.
+
+commit 6ac4f87a2d661c739e55a63577e7bccf696c7abd
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Wed Jun 26 14:35:39 2013 +0200
+
+ Documentation for TTL security.
+
+commit 70e212f913b6ce9d343d6c401b4f1712986a5f8c
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Tue Jun 25 15:33:00 2013 +0200
+
+ Implements TTL security for OSPF and RIP.
+
+ Interfaces for OSPF and RIP could be configured to use (and request)
+ TTL 255 for traffic to direct neighbors.
+
+ Thanks to Simon Dickhoven for the original patch for RIPng.
+
+commit ef4a50be10c6dd0abffd957132cd146029c3d79d
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Mon Jun 24 16:37:30 2013 +0200
+
+ Better packet priority and traffic class handling.
+
+ Implements support for IPv6 traffic class, sets higher priority for OSPF
+ and RIP outgoing packets by default and allows to configure ToS/DS/TClass
+ IP header field and the local priority of outgoing packets.
+
+commit fad04c750ca6906fb095f1b45958dec0ac8e210c
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Thu Jun 13 11:27:14 2013 +0200
+
+ Fixes problems with kernel routes multiple routing tables.
+
+ Temporary dummy routes created by a kernel protocol during routing table
+ scan get mixed with real routes propagated from another kernel protocol
+ through a pipe.
+
+commit f623ab9875cad2d129f708e95021d3a252930000
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Tue Jun 11 12:12:11 2013 +0200
+
+ Implements OSPF stub router option (RFC 3137).
+
+ Also fixes OSPFv3 routing table calculcation w.r.t.
+ errata 2078 to RFC 5340.
+
+commit 924868543c2010f3ef2cfcb7ba6bac5988ab3264
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Tue May 28 10:48:14 2013 +0200
+
+ Fixes crash with vlinks.
+
+commit 9810d055628877232f811d684567e203381e10dc
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Tue May 28 10:44:44 2013 +0200
+
+ Fixes problems with routing table scans on some platforms.
+
+ Negative bit shifts are definitely undefined oprations.
+
+commit 9c99d753fd672bd9839715ee325ef01cca993dbf
+Author: Ondrej Zajicek <santiago@crfreenet.org>
+Date: Thu May 9 11:11:06 2013 +0200
+
+ Fixes a problem with BGP neighbors, link-local addresses and locking.
+
+ Thanks to Fritz Grimpen for the bugfix.
+
commit a2017200c71293d0a28a39d1f250ba38d57f6289
Author: Ondrej Zajicek <santiago@crfreenet.org>
Date: Mon Apr 29 22:33:50 2013 +0200
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/NEWS
^
|
| @@ -1,3 +1,13 @@
+Version 1.3.11 (2013-07-27)
+ o OSPF stub router option (RFC 3137).
+ o TTL security for OSPF and RIP.
+ o Protocol packet priority and traffic class handling.
+ o Multiple routing tables support for FreeBSD and OpenBSD.
+ o Extends constants to all filter data types.
+ o Implements eval command.
+ o 'bgppath ~ int set' filter operation.
+ o Several bugfixes.
+
Version 1.3.10 (2013-04-30)
o Lightweight BIRD client for embedded environments.
o Dynamic IPv6 router advertisements.
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/conf/cf-lex.l
^
|
| @@ -15,10 +15,10 @@
* symbols and keywords.
*
* Each symbol is represented by a &symbol structure containing name
- * of the symbol, its lexical scope, symbol class (%SYM_PROTO for a name of a protocol,
- * %SYM_NUMBER for a numeric constant etc.) and class dependent data.
- * When an unknown symbol is encountered, it's automatically added to the
- * symbol table with class %SYM_VOID.
+ * of the symbol, its lexical scope, symbol class (%SYM_PROTO for a
+ * name of a protocol, %SYM_CONSTANT for a constant etc.) and class
+ * dependent data. When an unknown symbol is encountered, it's
+ * automatically added to the symbol table with class %SYM_VOID.
*
* The keyword tables are generated from the grammar templates
* using the |gen_keywords.m4| script.
@@ -623,24 +623,23 @@
char *
cf_symbol_class_name(struct symbol *sym)
{
+ if ((sym->class & 0xff00) == SYM_CONSTANT)
+ return "constant";
+
switch (sym->class)
{
case SYM_VOID:
return "undefined";
case SYM_PROTO:
return "protocol";
- case SYM_NUMBER:
- return "numeric constant";
+ case SYM_TEMPLATE:
+ return "protocol template";
case SYM_FUNCTION:
return "function";
case SYM_FILTER:
return "filter";
case SYM_TABLE:
return "routing table";
- case SYM_IPA:
- return "network address";
- case SYM_TEMPLATE:
- return "protocol template";
case SYM_ROA:
return "ROA table";
default:
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/conf/conf.h
^
|
| @@ -110,15 +110,17 @@
/* Remember to update cf_symbol_class_name() */
#define SYM_VOID 0
#define SYM_PROTO 1
-#define SYM_NUMBER 2
+#define SYM_TEMPLATE 2
#define SYM_FUNCTION 3
#define SYM_FILTER 4
#define SYM_TABLE 5
-#define SYM_IPA 6
-#define SYM_TEMPLATE 7
-#define SYM_ROA 8
+#define SYM_ROA 6
#define SYM_VARIABLE 0x100 /* 0x100-0x1ff are variable types */
+#define SYM_CONSTANT 0x200 /* 0x200-0x2ff are variable types */
+
+#define SYM_TYPE(s) (((struct f_val *) (s)->def)->type)
+#define SYM_VAL(s) (((struct f_val *) (s)->def)->val)
struct include_file_stack {
void *buffer; /* Internal lexer state */
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/conf/confbase.Y
^
|
| @@ -103,28 +103,29 @@
CF_ADDTO(conf, ';')
+
/* Constant expressions */
+CF_ADDTO(conf, definition)
+definition:
+ DEFINE SYM '=' term ';' {
+ struct f_val *val = cfg_alloc(sizeof(struct f_val));
+ *val = f_eval($4, cfg_mem);
+ if (val->type == T_RETURN) cf_error("Runtime error");
+ cf_define_symbol($2, SYM_CONSTANT | val->type, val);
+ }
+ ;
+
expr:
NUM
| '(' term ')' { $$ = f_eval_int($2); }
- | SYM { if ($1->class != SYM_NUMBER) cf_error("Number expected"); else $$ = $1->aux; }
+ | SYM {
+ if ($1->class != (SYM_CONSTANT | T_INT)) cf_error("Number expected");
+ $$ = SYM_VAL($1).i; }
;
/* expr_u16: expr { check_u16($1); $$ = $1; }; */
-CF_ADDTO(conf, definition)
-definition:
- DEFINE SYM '=' expr ';' {
- cf_define_symbol($2, SYM_NUMBER, NULL);
- $2->aux = $4;
- }
- | DEFINE SYM '=' IPA ';' {
- cf_define_symbol($2, SYM_IPA, cfg_alloc(sizeof(ip_addr)));
- *(ip_addr *)$2->def = $4;
- }
- ;
-
/* Switches */
bool:
@@ -141,8 +142,8 @@
ipa:
IPA
| SYM {
- if ($1->class != SYM_IPA) cf_error("IP address expected");
- $$ = *(ip_addr *)$1->def;
+ if ($1->class != (SYM_CONSTANT | T_IP)) cf_error("IP address expected");
+ $$ = SYM_VAL($1).px.ip;
}
;
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/doc/bird-3.html
^
|
| @@ -61,7 +61,8 @@
<DL>
<DT><CODE>include "<I>filename</I>"</CODE><DD><P>This statement causes inclusion of a new file. The maximal depth is set to 5.
<P>
-<DT><CODE>log "<I>filename</I>"|syslog [name <I>name</I>]|stderr all|{ <I>list of classes</I> }</CODE><DD><P>Set logging of messages having the given class (either <CODE>all</CODE> or <CODE>{
+<DT><CODE>
+<A NAME="dsc-log"></A> log "<I>filename</I>"|syslog [name <I>name</I>]|stderr all|{ <I>list of classes</I> }</CODE><DD><P>Set logging of messages having the given class (either <CODE>all</CODE> or <CODE>{
error, trace }</CODE> etc.) into selected destination (a file specified as a filename string,
syslog with optional name argument, or the stderr output). Classes are:
<CODE>info</CODE>, <CODE>warning</CODE>, <CODE>error</CODE> and <CODE>fatal</CODE> for messages about local problems,
@@ -104,7 +105,7 @@
expression and the name of the template. At the moment templates (and <CODE>from</CODE> expression)
are not implemented for OSPF protocol.
<P>
-<DT><CODE>define <I>constant</I> = (<I>expression</I>)|<I>number</I>|<I>IP address</I></CODE><DD><P>Define a constant. You can use it later in every place you could use a simple integer or an IP address.
+<DT><CODE>define <I>constant</I> = <I>expression</I></CODE><DD><P>Define a constant. You can use it later in every place you could use a value of the same type.
Besides, there are some predefined numeric constants based on /etc/iproute2/rt_* files.
A list of defined constants can be seen (together with other symbols) using 'show symbols' command.
<P>
@@ -230,7 +231,7 @@
works in the direction from the routing table to the protocol.
Default: <CODE>none</CODE>.
<P>
-<DT><CODE>import keep filtered <I>bool</I></CODE><DD><P>Usually, if an import filter rejects a route, the route is
+<DT><CODE>import keep filtered <I>switch</I></CODE><DD><P>Usually, if an import filter rejects a route, the route is
forgotten. When this option is active, these routes are
kept in the routing table, but they are hidden and not
propagated to other protocols. But it is possible to show them
@@ -313,6 +314,21 @@
ethernet interfaces that have address from 192.168.1.0/24.
<P>
<DT><CODE>
+<A NAME="dsc-prio"></A> tx class|dscp <I>num</I></CODE><DD><P>This option specifies the value of ToS/DS/Class field in IP
+headers of the outgoing protocol packets. This may affect how the
+protocol packets are processed by the network relative to the
+other network traffic. With <CODE>class</CODE> keyword, the value
+(0-255) is used for the whole ToS/Class octet (but two bits
+reserved for ECN are ignored). With <CODE>dscp</CODE> keyword, the
+value (0-63) is used just for the DS field in the
+octet. Default value is 0xc0 (DSCP 0x30 - CS6).
+<P>
+<DT><CODE>tx priority <I>num</I></CODE><DD><P>This option specifies the local packet priority. This may
+affect how the protocol packets are processed in the local TX
+queues. This option is Linux specific. Default value is 7
+(highest priority, privileged traffic).
+<P>
+<DT><CODE>
<A NAME="dsc-pass"></A> password "<I>password</I>" [ { id <I>num</I>; generate from <I>time</I>; generate to <I>time</I>; accept from <I>time</I>; accept to <I>time</I>; } ]</CODE><DD><P>Specifies a password that can be used by the protocol. Password option can
be used more times to specify more passwords. If more passwords are
specified, it is a protocol-dependent decision which one is really
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/doc/bird-4.html
^
|
| @@ -41,8 +41,6 @@
<P>Here is a brief list of supported functions:
<P>
<DL>
-<DT><CODE>dump resources|sockets|interfaces|neighbors|attributes|routes|protocols</CODE><DD><P>Dump contents of internal data structures to the debugging output.
-<P>
<DT><CODE>show status</CODE><DD><P>Show router status, that is BIRD version, uptime and time from last reconfiguration.
<P>
<DT><CODE>show protocols [all]</CODE><DD><P>Show list of protocol instances along with tables they are connected to and protocol status, possibly giving verbose information, if <CODE>all</CODE> is specified.
@@ -172,6 +170,15 @@
<DT><CODE>down</CODE><DD><P>Shut BIRD down.
<P>
<DT><CODE>debug <I>protocol</I>|<I>pattern</I>|all all|off|{ states | routes | filters | events | packets }</CODE><DD><P>Control protocol debugging.
+<P>
+<DT><CODE>dump resources|sockets|interfaces|neighbors|attributes|routes|protocols</CODE><DD><P>Dump contents of internal data structures to the debugging output.
+<P>
+<DT><CODE>echo all|off|{ <I>list of log classes</I> } [ <I>buffer-size</I> ]</CODE><DD><P>Control echoing of log messages to the command-line output.
+See
+<A HREF="bird-3.html#dsc-log">log option</A> for a list of log classes.
+<P>
+<DT><CODE>eval <I>expr</I></CODE><DD><P>Evaluate given expression.
+<P>
</DL>
<P>
<HR>
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/doc/bird-5.html
^
|
| @@ -277,7 +277,7 @@
Special operators include <CODE>~</CODE> for "is element of a set" operation - it can be
used on element and set of elements of the same type (returning true if element is contained in the given set), or
on two strings (returning true if first string matches a shell-like pattern stored in second string) or on IP and prefix (returning true if IP is within the range defined by that prefix), or on
-prefix and prefix (returning true if first prefix is more specific than second one) or on bgppath and bgpmask (returning true if the path matches the mask) or on number and bgppath (returning true if the number is in the path) or on pair/quad and clist (returning true if the pair/quad is element of the clist) or on clist and pair/quad set (returning true if there is an element of the clist that is also a member of the pair/quad set).
+prefix and prefix (returning true if first prefix is more specific than second one) or on bgppath and bgpmask (returning true if the path matches the mask) or on number and bgppath (returning true if the number is in the path) or on bgppath and int (number) set (returning true if any ASN from the path is in the set) or on pair/quad and clist (returning true if the pair/quad is element of the clist) or on clist and pair/quad set (returning true if there is an element of the clist that is also a member of the pair/quad set).
<P>
<P>There is one operator related to ROA infrastructure -
<CODE>roa_check()</CODE>. It examines a ROA table and does RFC 6483 route
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/doc/bird-6.html
^
|
| @@ -743,6 +743,7 @@
<PRE>
protocol ospf <name> {
rfc1583compat <switch>;
+ stub router <switch>;
tick <num>;
ecmp <switch> [limit <num>];
area <id> {
@@ -788,6 +789,9 @@
ptp netmask <switch>;
check link <switch>;
ecmp weight <num>;
+ ttl security [<switch>; | tx only]
+ tx class|dscp <num>;
+ tx priority <num>;
authentication [none|simple|cryptographic];
password "<text>";
password "<text>" {
@@ -822,6 +826,15 @@
<A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc1583.txt">ftp://ftp.rfc-editor.org/in-notes/rfc1583.txt</A>. Default
value is no.
<P>
+<DT><CODE>stub router <I>switch</I></CODE><DD><P>This option configures the router to be a stub router, i.e.,
+a router that participates in the OSPF topology but does not
+allow transit traffic. In OSPFv2, this is implemented by
+advertising maximum metric for outgoing links, as suggested
+by RFC 3137
+<A HREF="ftp://ftp.rfc-editor.org/in-notes/rfc3137.txt">ftp://ftp.rfc-editor.org/in-notes/rfc3137.txt</A>.
+In OSPFv3, the stub router behavior is announced by clearing
+the R-bit in the router LSA. Default value is no.
+<P>
<DT><CODE>tick <I>num</I></CODE><DD><P>The routing table calculation and clean-up of areas' databases
is not performed when a single link state
change arrives. To lower the CPU utilization, it's processed later
@@ -1015,6 +1028,22 @@
prefix) is propagated. It is possible that some hardware
drivers or platforms do not implement this feature. Default value is no.
<P>
+<DT><CODE>ttl security [<I>switch</I> | tx only]</CODE><DD><P>TTL security is a feature that protects routing protocols
+from remote spoofed packets by using TTL 255 instead of TTL 1
+for protocol packets destined to neighbors. Because TTL is
+decremented when packets are forwarded, it is non-trivial to
+spoof packets with TTL 255 from remote locations. Note that
+this option would interfere with OSPF virtual links.
+<P>If this option is enabled, the router will send OSPF packets
+with TTL 255 and drop received packets with TTL less than
+255. If this option si set to <CODE>tx only</CODE>, TTL 255 is used
+for sent packets, but is not checked for received
+packets. Default value is no.
+<P>
+<DT><CODE>tx class|dscp|priority <I>num</I></CODE><DD><P>These options specify the ToS/DiffServ/Traffic class/Priority
+of the outgoing OSPF packets. See
+<A HREF="bird-3.html#dsc-prio">tx class</A> common option for detailed description.
+<P>
<DT><CODE>ecmp weight <I>num</I></CODE><DD><P>When ECMP (multipath) routes are allowed, this value specifies
a relative weight used for nexthops going through the iface.
Allowed values are 1-256. Default value is 1.
@@ -1174,7 +1203,7 @@
<DT><CODE>peer table <I>table</I></CODE><DD><P>Defines secondary routing table to connect to. The
primary one is selected by the <CODE>table</CODE> keyword.
<P>
-<DT><CODE>mode opaque|transparent</CODE><DD><P>Specifies the mode for the pipe to work in. Default is opaque.
+<DT><CODE>mode opaque|transparent</CODE><DD><P>Specifies the mode for the pipe to work in. Default is transparent.
</DL>
<P>
<H3>Attributes</H3>
@@ -1530,13 +1559,40 @@
neighbors, that is not configurable. Default: never.
</DL>
<P>
-<P>There are two options that can be specified per-interface. First is <CODE>metric</CODE>, with
-default one. Second is <CODE>mode multicast|broadcast|quiet|nolisten|version1</CODE>, it selects mode for
-rip to work in. If nothing is specified, rip runs in multicast mode. <CODE>version1</CODE> is
-currently equivalent to <CODE>broadcast</CODE>, and it makes RIP talk to a broadcast address even
-through multicast mode is possible. <CODE>quiet</CODE> option means that RIP will not transmit
-any periodic messages to this interface and <CODE>nolisten</CODE> means that RIP will send to this
-interface but not listen to it.
+<P>There are some options that can be specified per-interface:
+<P>
+<DL>
+<DT><CODE>metric <I>num</I></CODE><DD><P>This option specifies the metric of the interface. Valid
+<P>
+<DT><CODE>mode multicast|broadcast|quiet|nolisten|version1</CODE><DD><P>This option selects the mode for RIP to work in. If nothing is
+specified, RIP runs in multicast mode. <CODE>version1</CODE> is
+currently equivalent to <CODE>broadcast</CODE>, and it makes RIP talk
+to a broadcast address even through multicast mode is
+possible. <CODE>quiet</CODE> option means that RIP will not transmit
+any periodic messages to this interface and <CODE>nolisten</CODE>
+means that RIP will send to this interface butnot listen to it.
+<P>
+<DT><CODE>ttl security [<I>switch</I> | tx only]</CODE><DD><P>TTL security is a feature that protects routing protocols
+from remote spoofed packets by using TTL 255 instead of TTL 1
+for protocol packets destined to neighbors. Because TTL is
+decremented when packets are forwarded, it is non-trivial to
+spoof packets with TTL 255 from remote locations.
+<P>If this option is enabled, the router will send RIP packets
+with TTL 255 and drop received packets with TTL less than
+255. If this option si set to <CODE>tx only</CODE>, TTL 255 is used
+for sent packets, but is not checked for received
+packets. Such setting does not offer protection, but offers
+compatibility with neighbors regardless of whether they use
+ttl security.
+<P>Note that for RIPng, TTL security is a standard behavior
+(required by RFC 2080), but BIRD uses <CODE>tx only</CODE> by
+default, for compatibility with older versions. For IPv4 RIP,
+default value is no.
+<P>
+<DT><CODE>tx class|dscp|priority <I>num</I></CODE><DD><P>These options specify the ToS/DiffServ/Traffic class/Priority
+of the outgoing RIP packets. See
+<A HREF="bird-3.html#dsc-prio">tx class</A> common option for detailed description.
+</DL>
<P>
<P>The following options generally override behavior specified in RFC. If you use any of these
options, BIRD will no longer be RFC-compliant, which means it will not be able to talk to anything
|
|
|
Added |
bird-1.3.11.tar.bz2/doc/bird-doc.tgz
^
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/doc/bird.sgml
^
|
| @@ -282,7 +282,7 @@
<tag>include "<m/filename/"</tag>
This statement causes inclusion of a new file. The maximal depth is set to 5.
- <tag>log "<m/filename/"|syslog [name <m/name/]|stderr all|{ <m/list of classes/ }</tag>
+ <tag><label id="dsc-log">log "<m/filename/"|syslog [name <m/name/]|stderr all|{ <m/list of classes/ }</tag>
Set logging of messages having the given class (either <cf/all/ or <cf/{
error, trace }/ etc.) into selected destination (a file specified as a filename string,
syslog with optional name argument, or the stderr output). Classes are:
@@ -332,8 +332,8 @@
expression and the name of the template. At the moment templates (and <cf/from/ expression)
are not implemented for OSPF protocol.
- <tag>define <m/constant/ = (<m/expression/)|<m/number/|<m/IP address/</tag>
- Define a constant. You can use it later in every place you could use a simple integer or an IP address.
+ <tag>define <m/constant/ = <m/expression/</tag>
+ Define a constant. You can use it later in every place you could use a value of the same type.
Besides, there are some predefined numeric constants based on /etc/iproute2/rt_* files.
A list of defined constants can be seen (together with other symbols) using 'show symbols' command.
@@ -470,7 +470,7 @@
works in the direction from the routing table to the protocol.
Default: <cf/none/.
- <tag>import keep filtered <m/bool/</tag>
+ <tag>import keep filtered <m/switch/</tag>
Usually, if an import filter rejects a route, the route is
forgotten. When this option is active, these routes are
kept in the routing table, but they are hidden and not
@@ -567,6 +567,22 @@
<cf>interface "eth*" 192.168.1.0/24;</cf> - start the protocol on all
ethernet interfaces that have address from 192.168.1.0/24.
+ <tag><label id="dsc-prio">tx class|dscp <m/num/</tag>
+ This option specifies the value of ToS/DS/Class field in IP
+ headers of the outgoing protocol packets. This may affect how the
+ protocol packets are processed by the network relative to the
+ other network traffic. With <cf/class/ keyword, the value
+ (0-255) is used for the whole ToS/Class octet (but two bits
+ reserved for ECN are ignored). With <cf/dscp/ keyword, the
+ value (0-63) is used just for the DS field in the
+ octet. Default value is 0xc0 (DSCP 0x30 - CS6).
+
+ <tag>tx priority <m/num/</tag>
+ This option specifies the local packet priority. This may
+ affect how the protocol packets are processed in the local TX
+ queues. This option is Linux specific. Default value is 7
+ (highest priority, privileged traffic).
+
<tag><label id="dsc-pass">password "<m/password/" [ { id <m/num/; generate from <m/time/; generate to <m/time/; accept from <m/time/; accept to <m/time/; } ]</tag>
Specifies a password that can be used by the protocol. Password option can
be used more times to specify more passwords. If more passwords are
@@ -635,9 +651,6 @@
<p>Here is a brief list of supported functions:
<descrip>
- <tag>dump resources|sockets|interfaces|neighbors|attributes|routes|protocols</tag>
- Dump contents of internal data structures to the debugging output.
-
<tag>show status</tag>
Show router status, that is BIRD version, uptime and time from last reconfiguration.
@@ -796,6 +809,17 @@
<tag>debug <m/protocol/|<m/pattern/|all all|off|{ states | routes | filters | events | packets }</tag>
Control protocol debugging.
+
+ <tag>dump resources|sockets|interfaces|neighbors|attributes|routes|protocols</tag>
+ Dump contents of internal data structures to the debugging output.
+
+ <tag>echo all|off|{ <m/list of log classes/ } [ <m/buffer-size/ ]</tag>
+ Control echoing of log messages to the command-line output.
+ See <ref id="dsc-log" name="log option"> for a list of log classes.
+
+ <tag>eval <m/expr/</tag>
+ Evaluate given expression.
+
</descrip>
<chapt>Filters
@@ -1074,7 +1098,7 @@
Special operators include <cf/˜/ for "is element of a set" operation - it can be
used on element and set of elements of the same type (returning true if element is contained in the given set), or
on two strings (returning true if first string matches a shell-like pattern stored in second string) or on IP and prefix (returning true if IP is within the range defined by that prefix), or on
-prefix and prefix (returning true if first prefix is more specific than second one) or on bgppath and bgpmask (returning true if the path matches the mask) or on number and bgppath (returning true if the number is in the path) or on pair/quad and clist (returning true if the pair/quad is element of the clist) or on clist and pair/quad set (returning true if there is an element of the clist that is also a member of the pair/quad set).
+prefix and prefix (returning true if first prefix is more specific than second one) or on bgppath and bgpmask (returning true if the path matches the mask) or on number and bgppath (returning true if the number is in the path) or on bgppath and int (number) set (returning true if any ASN from the path is in the set) or on pair/quad and clist (returning true if the pair/quad is element of the clist) or on clist and pair/quad set (returning true if there is an element of the clist that is also a member of the pair/quad set).
<p>There is one operator related to ROA infrastructure -
<cf/roa_check()/. It examines a ROA table and does RFC 6483 route
@@ -1904,6 +1928,7 @@
<code>
protocol ospf <name> {
rfc1583compat <switch>;
+ stub router <switch>;
tick <num>;
ecmp <switch> [limit <num>];
area <id> {
@@ -1949,6 +1974,9 @@
ptp netmask <switch>;
check link <switch>;
ecmp weight <num>;
+ ttl security [<switch>; | tx only]
+ tx class|dscp <num>;
+ tx priority <num>;
authentication [none|simple|cryptographic];
password "<text>";
password "<text>" {
@@ -1983,6 +2011,15 @@
url="ftp://ftp.rfc-editor.org/in-notes/rfc1583.txt">. Default
value is no.
+ <tag>stub router <M>switch</M></tag>
+ This option configures the router to be a stub router, i.e.,
+ a router that participates in the OSPF topology but does not
+ allow transit traffic. In OSPFv2, this is implemented by
+ advertising maximum metric for outgoing links, as suggested
+ by RFC 3137<htmlurl url="ftp://ftp.rfc-editor.org/in-notes/rfc3137.txt">.
+ In OSPFv3, the stub router behavior is announced by clearing
+ the R-bit in the router LSA. Default value is no.
+
<tag>tick <M>num</M></tag>
The routing table calculation and clean-up of areas' databases
is not performed when a single link state
@@ -2210,6 +2247,25 @@
prefix) is propagated. It is possible that some hardware
drivers or platforms do not implement this feature. Default value is no.
+ <tag>ttl security [<m/switch/ | tx only]</tag>
+ TTL security is a feature that protects routing protocols
+ from remote spoofed packets by using TTL 255 instead of TTL 1
+ for protocol packets destined to neighbors. Because TTL is
+ decremented when packets are forwarded, it is non-trivial to
+ spoof packets with TTL 255 from remote locations. Note that
+ this option would interfere with OSPF virtual links.
+
+ If this option is enabled, the router will send OSPF packets
+ with TTL 255 and drop received packets with TTL less than
+ 255. If this option si set to <cf/tx only/, TTL 255 is used
+ for sent packets, but is not checked for received
+ packets. Default value is no.
+
+ <tag>tx class|dscp|priority <m/num/</tag>
+ These options specify the ToS/DiffServ/Traffic class/Priority
+ of the outgoing OSPF packets. See <ref id="dsc-prio" name="tx
+ class"> common option for detailed description.
+
<tag>ecmp weight <M>num</M></tag>
When ECMP (multipath) routes are allowed, this value specifies
a relative weight used for nexthops going through the iface.
@@ -2371,7 +2427,7 @@
<tag>peer table <m/table/</tag> Defines secondary routing table to connect to. The
primary one is selected by the <cf/table/ keyword.
- <tag>mode opaque|transparent</tag> Specifies the mode for the pipe to work in. Default is opaque.
+ <tag>mode opaque|transparent</tag> Specifies the mode for the pipe to work in. Default is transparent.
</descrip>
<sect1>Attributes
@@ -2738,13 +2794,46 @@
neighbors, that is not configurable. Default: never.
</descrip>
-<p>There are two options that can be specified per-interface. First is <cf>metric</cf>, with
-default one. Second is <cf>mode multicast|broadcast|quiet|nolisten|version1</cf>, it selects mode for
-rip to work in. If nothing is specified, rip runs in multicast mode. <cf>version1</cf> is
-currently equivalent to <cf>broadcast</cf>, and it makes RIP talk to a broadcast address even
-through multicast mode is possible. <cf>quiet</cf> option means that RIP will not transmit
-any periodic messages to this interface and <cf>nolisten</cf> means that RIP will send to this
-interface but not listen to it.
+<p>There are some options that can be specified per-interface:
+
+<descrip>
+ <tag>metric <m/num/</tag>
+ This option specifies the metric of the interface. Valid
+
+ <tag>mode multicast|broadcast|quiet|nolisten|version1</tag>
+ This option selects the mode for RIP to work in. If nothing is
+ specified, RIP runs in multicast mode. <cf/version1/ is
+ currently equivalent to <cf/broadcast/, and it makes RIP talk
+ to a broadcast address even through multicast mode is
+ possible. <cf/quiet/ option means that RIP will not transmit
+ any periodic messages to this interface and <cf/nolisten/
+ means that RIP will send to this interface butnot listen to it.
+
+ <tag>ttl security [<m/switch/ | tx only]</tag>
+ TTL security is a feature that protects routing protocols
+ from remote spoofed packets by using TTL 255 instead of TTL 1
+ for protocol packets destined to neighbors. Because TTL is
+ decremented when packets are forwarded, it is non-trivial to
+ spoof packets with TTL 255 from remote locations.
+
+ If this option is enabled, the router will send RIP packets
+ with TTL 255 and drop received packets with TTL less than
+ 255. If this option si set to <cf/tx only/, TTL 255 is used
+ for sent packets, but is not checked for received
+ packets. Such setting does not offer protection, but offers
+ compatibility with neighbors regardless of whether they use
+ ttl security.
+
+ Note that for RIPng, TTL security is a standard behavior
+ (required by RFC 2080), but BIRD uses <cf/tx only/ by
+ default, for compatibility with older versions. For IPv4 RIP,
+ default value is no.
+
+ <tag>tx class|dscp|priority <m/num/</tag>
+ These options specify the ToS/DiffServ/Traffic class/Priority
+ of the outgoing RIP packets. See <ref id="dsc-prio" name="tx
+ class"> common option for detailed description.
+</descrip>
<p>The following options generally override behavior specified in RFC. If you use any of these
options, BIRD will no longer be RFC-compliant, which means it will not be able to talk to anything
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/doc/prog-2.html
^
|
| @@ -357,10 +357,16 @@
(<B>void</B>) -- prune routing tables
<P>
<H3>Description</H3>
+<P>
<P>The prune loop scans routing tables and removes routes belonging to
-inactive protocols and also stale network entries. Returns 1 when
+flushing protocols and also stale network entries. Returns 1 when
all such routes are pruned. It is a part of the protocol flushing
loop.
+<P>The prune loop runs in two steps. In the first step it prunes just
+the routes with flushing senders (in explicitly marked tables) so
+the route removal is propagated as usual. In the second step, all
+remaining relevant routes are removed. Ideally, there shouldn't be
+any, but it happens when pipe filters are changed.
<HR><H3>Function</H3>
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/doc/prog-3.html
^
|
| @@ -239,10 +239,10 @@
functions maintaining the hash tables containing information about
symbols and keywords.
<P>Each symbol is represented by a <I>symbol</I> structure containing name
-of the symbol, its lexical scope, symbol class (<I>SYM_PROTO</I> for a name of a protocol,
-<I>SYM_NUMBER</I> for a numeric constant etc.) and class dependent data.
-When an unknown symbol is encountered, it's automatically added to the
-symbol table with class <I>SYM_VOID</I>.
+of the symbol, its lexical scope, symbol class (<I>SYM_PROTO</I> for a
+name of a protocol, <I>SYM_CONSTANT</I> for a constant etc.) and class
+dependent data. When an unknown symbol is encountered, it's
+automatically added to the symbol table with class <I>SYM_VOID</I>.
<P>The keyword tables are generated from the grammar templates
using the <CODE>gen_keywords.m4</CODE> script.
<P>
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/doc/reply_codes
^
|
| @@ -31,6 +31,7 @@
0020 Configuration OK
0021 Undo requested
0022 Undo scheduled
+0023 Evaluation of expression
1000 BIRD version
1001 Interface list
@@ -61,6 +62,7 @@
8005 Protocol is down => cannot dump
8006 Reload failed
8007 Access denied
+8008 Evaluation runtime error
9000 Command too long
9001 Parse error
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/filter/config.Y
^
|
| @@ -193,7 +193,14 @@
else if (tk->code == 'C') {
c1 = 1;
struct f_val *val = tk->a1.p;
- if (val->type == T_IP) {
+
+ if (val->type == T_INT) {
+ ipv4_used = 0; key = val->val.i;
+ }
+ else if (val->type == T_QUAD) {
+ ipv4_used = 1; key = val->val.i;
+ }
+ else if (val->type == T_IP) {
ipv4_used = 1; key = ipa_to_u32(val->val.px.ip);
}
else
@@ -329,8 +336,8 @@
one_decl:
type SYM {
- struct f_val * val = cfg_alloc(sizeof(struct f_val));
- val->type = $1;
+ struct f_val * val = cfg_alloc(sizeof(struct f_val));
+ val->type = T_VOID;
$2 = cf_define_symbol($2, SYM_VARIABLE | $1, val);
DBG( "New variable %s type %x\n", $2->name, $1 );
$2->aux2 = NULL;
@@ -661,37 +668,15 @@
symbol:
SYM {
$$ = f_new_inst();
- switch ($1->class) {
- case SYM_NUMBER:
- $$ = f_new_inst();
- $$->code = 'c';
- $$->aux = T_INT;
- $$->a2.i = $1->aux;
- break;
- case SYM_IPA:
- { NEW_F_VAL; $$ = f_new_inst(); $$->code = 'C'; $$->a1.p = val; val->type = T_IP; val->val.px.ip = * (ip_addr *) ($1->def); }
- break;
- case SYM_VARIABLE | T_BOOL:
- case SYM_VARIABLE | T_INT:
- case SYM_VARIABLE | T_PAIR:
- case SYM_VARIABLE | T_QUAD:
- case SYM_VARIABLE | T_EC:
- case SYM_VARIABLE | T_STRING:
- case SYM_VARIABLE | T_IP:
- case SYM_VARIABLE | T_PREFIX:
- case SYM_VARIABLE | T_PREFIX_SET:
- case SYM_VARIABLE | T_SET:
- case SYM_VARIABLE | T_PATH:
- case SYM_VARIABLE | T_PATH_MASK:
- case SYM_VARIABLE | T_CLIST:
- case SYM_VARIABLE | T_ECLIST:
- $$->code = 'V';
- $$->a1.p = $1->def;
- $$->a2.p = $1->name;
- break;
- default:
- cf_error("%s: variable expected.", $1->name );
+
+ switch ($1->class & 0xff00) {
+ case SYM_CONSTANT: $$->code = 'C'; break;
+ case SYM_VARIABLE: $$->code = 'V'; break;
+ default: cf_error("%s: variable expected.", $1->name);
}
+
+ $$->a1.p = $1->def;
+ $$->a2.p = $1->name;
}
static_attr:
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/filter/filter.c
^
|
| @@ -418,6 +418,9 @@
if ((v1.type == T_ECLIST) && (v2.type == T_SET))
return eclist_match_set(v1.val.ad, v2.val.t);
+ if ((v1.type == T_PATH) && (v2.type == T_SET))
+ return as_path_match_set(v1.val.ad, v2.val.t);
+
if (v2.type == T_SET)
switch (v1.type) {
case T_ENUM:
@@ -437,8 +440,6 @@
return CMP_ERROR;
}
-static void val_print(struct f_val v);
-
static void
tree_node_print(struct f_tree *t, char **sep)
{
@@ -471,7 +472,7 @@
/*
* val_print - format filter value
*/
-static void
+void
val_print(struct f_val v)
{
char buf2[1024];
@@ -555,6 +556,8 @@
#define TWOARGS_C TWOARGS \
if (v1.type != v2.type) \
runtime( "Can't operate with values of incompatible types" );
+#define ACCESS_RTE \
+ do { if (!f_rte) runtime("No route to access"); } while (0)
/**
* interpret
@@ -818,6 +821,7 @@
break;
case 'a': /* rta access */
{
+ ACCESS_RTE;
struct rta *rta = (*f_rte)->attrs;
res.type = what->aux;
switch(res.type) {
@@ -842,6 +846,7 @@
}
break;
case P('a','S'):
+ ACCESS_RTE;
ONEARG;
if (what->aux != v1.type)
runtime( "Attempt to set static attribute to incompatible type" );
@@ -874,6 +879,7 @@
}
break;
case P('e','a'): /* Access to extended attributes */
+ ACCESS_RTE;
{
eattr *e = NULL;
if (!(f_flags & FF_FORCE_TMPATTR))
@@ -941,6 +947,7 @@
}
break;
case P('e','S'):
+ ACCESS_RTE;
ONEARG;
{
struct ea_list *l = lp_alloc(f_pool, sizeof(struct ea_list) + sizeof(eattr));
@@ -1018,10 +1025,12 @@
}
break;
case 'P':
+ ACCESS_RTE;
res.type = T_INT;
res.val.i = (*f_rte)->pref;
break;
case P('P','S'):
+ ACCESS_RTE;
ONEARG;
if (v1.type != T_INT)
runtime( "Can't set preference to non-integer" );
@@ -1243,6 +1252,7 @@
}
else
{
+ ACCESS_RTE;
v1.val.px.ip = (*f_rte)->net->n.prefix;
v1.val.px.len = (*f_rte)->net->n.pxlen;
@@ -1475,22 +1485,27 @@
return res.val.i;
}
-int
-f_eval_int(struct f_inst *expr)
+struct f_val
+f_eval(struct f_inst *expr, struct linpool *tmp_pool)
{
- /* Called independently in parse-time to eval expressions */
- struct f_val res;
-
f_flags = 0;
f_tmp_attrs = NULL;
f_rte = NULL;
- f_pool = cfg_mem;
+ f_pool = tmp_pool;
log_reset();
- res = interpret(expr);
+ return interpret(expr);
+}
+
+int
+f_eval_int(struct f_inst *expr)
+{
+ /* Called independently in parse-time to eval expressions */
+ struct f_val res = f_eval(expr, cfg_mem);
if (res.type != T_INT)
cf_error("Integer expression expected");
+
return res.val.i;
}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/filter/filter.h
^
|
| @@ -106,6 +106,7 @@
struct rte;
int f_run(struct filter *filter, struct rte **rte, struct ea_list **tmp_attrs, struct linpool *tmp_pool, int flags);
+struct f_val f_eval(struct f_inst *expr, struct linpool *tmp_pool);
int f_eval_int(struct f_inst *expr);
u32 f_eval_asn(struct f_inst *expr);
@@ -117,6 +118,8 @@
int val_compare(struct f_val v1, struct f_val v2);
int tree_compare(const void *p1, const void *p2);
+void val_print(struct f_val v);
+
#define F_NOP 0
#define F_NONL 1
#define F_ACCEPT 2 /* Need to preserve ordering: accepts < rejects! */
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/filter/test.conf
^
|
| @@ -95,10 +95,10 @@
p2 = prepend( p2, 3 );
p2 = prepend( p2, 4 );
print "Testing paths: ", p2;
- print "Should be true: ", p2 ~ pm1, " ", p2 ~ pm2, " ", 3 ~ p2;
+ print "Should be true: ", p2 ~ pm1, " ", p2 ~ pm2, " ", 3 ~ p2, " ", p2 ~ [2, 10..20], " ", p2 ~ [4, 10..20];
print "4 = ", p2.len;
p2 = prepend( p2, 5 );
- print "Should be false: ", p2 ~ pm1, " ", p2 ~ pm2, " ", 10 ~ p2;
+ print "Should be false: ", p2 ~ pm1, " ", p2 ~ pm2, " ", 10 ~ p2, " ", p2 ~ [8, 10..20],;
print "Should be true: ", p2 ~ / ? 4 3 2 1 /, " ", p2, " ", / ? 4 3 2 1 /;
print "Should be true: ", p2 ~ [= * 4 3 * 1 =], " ", p2, " ", [= * 4 3 * 1 =];
print "Should be true: ", p2 ~ [= (3+2) (2*2) 3 2 1 =], " ", p2 ~ mkpath(5, 4);
@@ -240,6 +240,15 @@
print "Defined: ", a, " ", b, " ", defined(b);
}
+define is1 = [ one, (2+1), (6-one), 8, 11, 15, 17, 19];
+define is2 = [(17+2), 17, 15, 11, 8, 5, 3, 2];
+define is3 = [5, 17, 2, 11, 8, 15, 3, 19];
+
+define pxs2 = [ 10.0.0.0/16{8,12}, 20.0.0.0/16{24,28} ];
+
+define ecs2 = [(rt, ten, (one+onef(0))*10), (ro, 100000, 100..200), (rt, 12345, *)];
+
+
function __startup()
int i;
bool b;
@@ -249,9 +258,6 @@
quad qq;
ec cc;
int set is;
-int set is1;
-int set is2;
-int set is3;
pair set ps;
ec set ecs;
prefix set pxs;
@@ -279,11 +285,6 @@
print " must be true: ", defined(1), ",", defined(1.2.3.4), ",", 1 != 2, ",", 1 <= 2;
print " data types: must be false: ", 1 ~ [ 2, 3, 4 ], ",", 5 ~ is, ",", 1.2.3.4 ~ [ 1.2.3.3, 1.2.3.5 ], ",", (1,2) > (2,2), ",", (1,1) > (1,1), ",", 1.0.0.0/9 ~ [ 1.0.0.0/8- ], ",", 1.2.0.0/17 ~ [ 1.0.0.0/8{ 15 , 16 } ], ",", true && false;
- is1 = [ 1, 5, 8, 11, 15, 17, 19];
-
- is1 = [ one, (2+1), (6-one), 8, 11, 15, 17, 19];
- is2 = [(17+2), 17, 15, 11, 8, 5, 3, 2];
- is3 = [5, 17, 2, 11, 8, 15, 3, 19];
print " must be true: ", 1 ~ is1, " ", 3 ~ is1, " ", 5 ~ is1;
print " must be true: ", (one+2) ~ is1, " ", 2 ~ is2, " ", 2 ~ is3;
@@ -333,6 +334,7 @@
ecs = [(rt, ten, (one+onef(0))*10), (ro, 100000, 100..200), (rt, 12345, *)];
print "EC set: ", ecs;
+ print "EC set: ", ecs2;
print "Testing EC set, true: ", (rt, 10, 20) ~ ecs, " ", (ro, 100000, 100) ~ ecs, " ", (ro, 100000, 200) ~ ecs,
" ", (rt, 12345, 0) ~ ecs, " ", cc ~ ecs, " ", (rt, 12345, 4000000) ~ ecs;
print "Testing EC set, false: ", (ro, 10, 20) ~ ecs, " ", (rt, 10, 21) ~ ecs, " ", (ro, 100000, 99) ~ ecs,
@@ -354,6 +356,7 @@
print " must be false: ", 1.1.0.0/16 ~ pxs, ",", 1.3.0.0/16 ~ pxs, ",", 1.2.0.0/15 ~ pxs, ",", 1.2.0.0/17 ~ pxs, ",",
1.2.0.0/32 ~ pxs, ",", 1.4.0.0/15 ~ pxs;
+ test_pxset(pxs2);
test_pxset([ 10.0.0.0/16{8,12}, 20.0.0.0/16{24,28} ]);
print "What will this do? ", [ 1, 2, 1, 1, 1, 3, 4, 1, 1, 1, 5 ];
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/lib/ipv6.h
^
|
| @@ -128,11 +128,6 @@
return buf+16;
}
-/*
- * RFC 1883 defines packet precendece, but RFC 2460 replaces it
- * by generic Traffic Class ID with no defined semantics. Better
- * not use it yet.
- */
-#define IP_PREC_INTERNET_CONTROL -1
+#define IP_PREC_INTERNET_CONTROL 0xc0
#endif
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/lib/socket.h
^
|
| @@ -20,7 +20,8 @@
void *data; /* User data */
ip_addr saddr, daddr; /* IPA_NONE = unspecified */
unsigned sport, dport; /* 0 = unspecified (for IP: protocol type) */
- int tos; /* TOS and priority, -1 = default */
+ int tos; /* TOS / traffic class, -1 = default */
+ int priority; /* Local socket priority, -1 = default */
int ttl; /* Time To Live, -1 = default */
u32 flags;
struct iface *iface; /* Interface; specify this for broad/multicast sockets */
@@ -81,12 +82,14 @@
return sk->tbuf == sk->tpos;
}
+extern int sk_priority_control; /* Suggested priority for control traffic, should be sysdep define */
/* Socket flags */
#define SKF_V6ONLY 1 /* Use IPV6_V6ONLY socket option */
#define SKF_LADDR_RX 2 /* Report local address for RX packets */
#define SKF_LADDR_TX 4 /* Allow to specify local address for TX packets */
+#define SKF_TTL_RX 8 /* Report TTL / Hop Limit for RX packets */
/*
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/nest/a-path.c
^
|
| @@ -264,6 +264,29 @@
return 0;
}
+int
+as_path_match_set(struct adata *path, struct f_tree *set)
+{
+ u8 *p = path->data;
+ u8 *q = p+path->length;
+ int i, n;
+
+ while (p<q)
+ {
+ n = p[1];
+ p += 2;
+ for (i=0; i<n; i++)
+ {
+ struct f_val v = {T_INT, .val.i = get_as(p)};
+ if (find_tree(set, v))
+ return 1;
+ p += BS;
+ }
+ }
+
+ return 0;
+}
+
struct pm_pos
{
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/nest/attrs.h
^
|
| @@ -25,6 +25,8 @@
* to 16bit slot (like in 16bit AS_PATH). See RFC 4893 for details
*/
+struct f_tree;
+
struct adata *as_path_prepend(struct linpool *pool, struct adata *olda, u32 as);
int as_path_convert_to_old(struct adata *path, byte *dst, int *new_used);
int as_path_convert_to_new(struct adata *path, byte *dst, int req_as);
@@ -34,6 +36,7 @@
int as_path_get_first(struct adata *path, u32 *orig_as);
int as_path_get_last(struct adata *path, u32 *last_as);
int as_path_is_member(struct adata *path, u32 as);
+int as_path_match_set(struct adata *path, struct f_tree *set);
#define PM_ASN 0
#define PM_QUESTION 1
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/nest/cmds.c
^
|
| @@ -13,6 +13,7 @@
#include "nest/cmds.h"
#include "lib/string.h"
#include "lib/resource.h"
+#include "filter/filter.h"
extern int shutting_down;
extern int configuring;
@@ -90,3 +91,22 @@
print_size("Total:", rmemsize(&root_pool));
cli_msg(0, "");
}
+
+extern const char *log_buffer_ptr;
+
+void
+cmd_eval(struct f_inst *expr)
+{
+ struct f_val v = f_eval(expr, this_cli->parser_pool);
+ log_reset();
+
+ if (v.type == T_RETURN)
+ {
+ cli_msg(8008, "runtime error");
+ return;
+ }
+
+ val_print(v);
+ cli_msg(23, "%s", log_buffer_ptr);
+ log_reset();
+}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/nest/cmds.h
^
|
| @@ -11,6 +11,9 @@
struct symbol *sym;
};
+struct f_inst;
+
void cmd_show_status(void);
void cmd_show_symbols(struct sym_show_data *sym);
void cmd_show_memory(void);
+void cmd_eval(struct f_inst *expr);
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/nest/config.Y
^
|
| @@ -48,7 +48,7 @@
CF_KEYWORDS(PASSWORD, FROM, PASSIVE, TO, ID, EVENTS, PACKETS, PROTOCOLS, INTERFACES)
CF_KEYWORDS(PRIMARY, STATS, COUNT, FOR, COMMANDS, PREEXPORT, GENERATE, ROA, MAX, FLUSH)
CF_KEYWORDS(LISTEN, BGP, V6ONLY, DUAL, ADDRESS, PORT, PASSWORDS, DESCRIPTION, SORTED)
-CF_KEYWORDS(RELOAD, IN, OUT, MRTDUMP, MESSAGES, RESTRICT, MEMORY, IGP_METRIC)
+CF_KEYWORDS(RELOAD, IN, OUT, MRTDUMP, MESSAGES, RESTRICT, MEMORY, IGP_METRIC, CLASS, DSCP)
CF_ENUM(T_ENUM_RTS, RTS_, DUMMY, STATIC, INHERIT, DEVICE, STATIC_DEVICE, REDIRECT,
RIP, OSPF, OSPF_IA, OSPF_EXT1, OSPF_EXT2, BGP, PIPE)
@@ -65,7 +65,7 @@
%type <ro> roa_args
%type <rot> roa_table_arg
%type <sd> sym_args
-%type <i> proto_start echo_mask echo_size debug_mask debug_list debug_flag mrtdump_mask mrtdump_list mrtdump_flag export_or_preexport roa_mode limit_action tab_sorted
+%type <i> proto_start echo_mask echo_size debug_mask debug_list debug_flag mrtdump_mask mrtdump_list mrtdump_flag export_or_preexport roa_mode limit_action tab_sorted tos
%type <ps> proto_patt proto_patt2
%type <g> limit_spec
@@ -277,6 +277,10 @@
iface_patt_init iface_patt_list
;
+tos:
+ CLASS expr { $$ = $2 & 0xfc; if (($2 < 0) || ($2 > 255)) cf_error("TX class must be in range 0-255"); }
+ | DSCP expr { $$ = ($2 & 0x3f) << 2; if (($2 < 0) || ($2 > 63)) cf_error("TX DSCP must be in range 0-63"); }
+ ;
/* Direct device route protocol */
@@ -608,7 +612,11 @@
CF_CLI(DUMP PROTOCOLS,,, [[Dump protocol information]])
{ protos_dump_all(); cli_msg(0, ""); } ;
-CF_CLI(ECHO, echo_mask echo_size, [all | off | <mask>] [<buffer-size>], [[Configure echoing of log messages]]) {
+CF_CLI(EVAL, term, <expr>, [[Evaluate an expression]])
+{ cmd_eval($2); } ;
+
+CF_CLI_HELP(ECHO, ..., [[Control echoing of log messages]])
+CF_CLI(ECHO, echo_mask echo_size, (all | off | { debug | trace | info | remote | warning | error | auth }) [<buffer-size>], [[Control echoing of log messages]]) {
cli_set_log_echo(this_cli, $2, $3);
cli_msg(0, "");
} ;
@@ -616,7 +624,7 @@
echo_mask:
ALL { $$ = ~0; }
| OFF { $$ = 0; }
- | NUM
+ | '{' log_mask_list '}' { $$ = $2; }
;
echo_size:
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/nest/proto.c
^
|
| @@ -835,14 +835,18 @@
proto_schedule_flush_loop(void)
{
struct proto *p;
+ struct announce_hook *h;
if (flush_loop_state)
return;
flush_loop_state = 1;
- rt_schedule_prune_all();
WALK_LIST(p, flush_proto_list)
+ {
p->flushing = 1;
+ for (h=p->ahooks; h; h=h->next)
+ h->table->prune_state = 1;
+ }
ev_schedule(proto_flush_event);
}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/nest/route.h
^
|
| @@ -141,7 +141,7 @@
int gc_counter; /* Number of operations since last GC */
bird_clock_t gc_time; /* Time of last GC */
byte gc_scheduled; /* GC is scheduled */
- byte prune_state; /* Table prune state, 1 -> prune is running */
+ byte prune_state; /* Table prune state, 1 -> scheduled, 2-> running */
byte hcu_scheduled; /* Hostcache update is scheduled */
byte nhu_state; /* Next Hop Update state */
struct fib_iterator prune_fit; /* Rtable prune FIB iterator */
@@ -265,7 +265,6 @@
void rt_dump_all(void);
int rt_feed_baby(struct proto *p);
void rt_feed_baby_abort(struct proto *p);
-void rt_schedule_prune_all(void);
int rt_prune_loop(void);
struct rtable_config *rt_new_table(struct symbol *s);
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/nest/rt-table.c
^
|
| @@ -906,6 +906,26 @@
lp_flush(rte_update_pool);
}
+static inline void
+rte_hide_dummy_routes(net *net, rte **dummy)
+{
+ if (net->routes && net->routes->attrs->source == RTS_DUMMY)
+ {
+ *dummy = net->routes;
+ net->routes = (*dummy)->next;
+ }
+}
+
+static inline void
+rte_unhide_dummy_routes(net *net, rte **dummy)
+{
+ if (*dummy)
+ {
+ (*dummy)->next = net->routes;
+ net->routes = *dummy;
+ }
+}
+
/**
* rte_update - enter a new update to a routing table
* @table: table to be updated
@@ -955,6 +975,7 @@
struct proto_stats *stats = ah->stats;
struct filter *filter = ah->in_filter;
ea_list *tmpa = NULL;
+ rte *dummy = NULL;
rte_update_lock();
if (new)
@@ -1010,14 +1031,18 @@
else
stats->imp_withdraws_received++;
+ recalc:
+ rte_hide_dummy_routes(net, &dummy);
rte_recalculate(ah, net, new, tmpa, src);
+ rte_unhide_dummy_routes(net, &dummy);
rte_update_unlock();
return;
-drop:
+ drop:
rte_free(new);
- rte_recalculate(ah, net, NULL, NULL, src);
- rte_update_unlock();
+ new = NULL;
+ tmpa = NULL;
+ goto recalc;
}
/* Independent call to rte_announce(), used from next hop
@@ -1243,19 +1268,8 @@
}
-/* Called from proto_schedule_flush_loop() only,
- ensuring that all prune states are zero */
-void
-rt_schedule_prune_all(void)
-{
- rtable *t;
-
- WALK_LIST(t, routing_tables)
- t->prune_state = 1;
-}
-
static inline int
-rt_prune_step(rtable *tab, int *max_feed)
+rt_prune_step(rtable *tab, int step, int *max_feed)
{
struct fib_iterator *fit = &tab->prune_fit;
@@ -1281,8 +1295,8 @@
rescan:
for (e=n->routes; e; e=e->next)
- if (e->sender->proto->core_state != FS_HAPPY &&
- e->sender->proto->core_state != FS_FEEDING)
+ if (e->sender->proto->flushing ||
+ (step && e->attrs->proto->flushing))
{
if (*max_feed <= 0)
{
@@ -1290,6 +1304,10 @@
return 0;
}
+ if (step)
+ log(L_WARN "Route %I/%d from %s still in %s after flush",
+ n->n.prefix, n->n.pxlen, e->attrs->proto->name, tab->name);
+
rte_discard(tab, e);
(*max_feed)--;
@@ -1314,23 +1332,42 @@
/**
* rt_prune_loop - prune routing tables
- * @tab: routing table to be pruned
*
* The prune loop scans routing tables and removes routes belonging to
- * inactive protocols and also stale network entries. Returns 1 when
+ * flushing protocols and also stale network entries. Returns 1 when
* all such routes are pruned. It is a part of the protocol flushing
* loop.
+ *
+ * The prune loop runs in two steps. In the first step it prunes just
+ * the routes with flushing senders (in explicitly marked tables) so
+ * the route removal is propagated as usual. In the second step, all
+ * remaining relevant routes are removed. Ideally, there shouldn't be
+ * any, but it happens when pipe filters are changed.
*/
int
rt_prune_loop(void)
{
- rtable *t;
+ static int step = 0;
int max_feed = 512;
+ rtable *t;
+ again:
WALK_LIST(t, routing_tables)
- if (! rt_prune_step(t, &max_feed))
+ if (! rt_prune_step(t, step, &max_feed))
return 0;
+ if (step == 0)
+ {
+ /* Prepare for the second step */
+ WALK_LIST(t, routing_tables)
+ t->prune_state = 1;
+
+ step = 1;
+ goto again;
+ }
+
+ /* Done */
+ step = 0;
return 1;
}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/bgp/bgp.c
^
|
| @@ -384,10 +384,12 @@
int os = conn->state;
bgp_conn_set_state(conn, BS_CLOSE);
- tm_stop(conn->hold_timer);
tm_stop(conn->keepalive_timer);
conn->sk->rx_hook = NULL;
+ /* Timeout for CLOSE state, if we cannot send notification soon then we just hangup */
+ bgp_start_timer(conn->hold_timer, 10);
+
if (os == BS_ESTABLISHED)
bgp_conn_leave_established_state(p);
}
@@ -478,9 +480,18 @@
bgp_hold_timeout(timer *t)
{
struct bgp_conn *conn = t->data;
+ struct bgp_proto *p = conn->bgp;
DBG("BGP: Hold timeout\n");
+ /* We are already closing the connection - just do hangup */
+ if (conn->state == BS_CLOSE)
+ {
+ BGP_TRACE(D_EVENTS, "Connection stalled");
+ bgp_conn_enter_idle_state(conn);
+ return;
+ }
+
/* If there is something in input queue, we are probably congested
and perhaps just not processed BGP packets in time. */
@@ -840,7 +851,6 @@
lock->iface = p->cf->iface;
lock->type = OBJLOCK_TCP;
lock->port = BGP_PORT;
- lock->iface = NULL;
lock->hook = bgp_start_locked;
lock->data = p;
olock_acquire(lock);
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/bgp/bgp.h
^
|
| @@ -254,6 +254,8 @@
#define BS_ESTABLISHED 5
#define BS_CLOSE 6 /* Used during transition to BS_IDLE */
+#define BS_MAX 7
+
/* BGP start states
*
* Used in PS_START for fine-grained specification of starting state.
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/bgp/packets.c
^
|
| @@ -24,6 +24,13 @@
static struct rate_limit rl_rcv_update, rl_snd_update;
+/* Table for state -> RFC 6608 FSM error subcodes */
+static byte fsm_err_subcode[BS_MAX] = {
+ [BS_OPENSENT] = 1,
+ [BS_OPENCONFIRM] = 2,
+ [BS_ESTABLISHED] = 3
+};
+
/*
* MRT Dump format is not semantically specified.
* We will use these values in appropriate fields:
@@ -720,7 +727,7 @@
/* Check state */
if (conn->state != BS_OPENSENT)
- { bgp_error(conn, 5, 0, NULL, 0); return; }
+ { bgp_error(conn, 5, fsm_err_subcode[conn->state], NULL, 0); return; }
/* Check message contents */
if (len < 29 || len != 29 + pkt[28])
@@ -1060,7 +1067,7 @@
bgp_conn_enter_established_state(conn);
if (conn->state != BS_ESTABLISHED)
- { bgp_error(conn, 5, 0, NULL, 0); return; }
+ { bgp_error(conn, 5, fsm_err_subcode[conn->state], NULL, 0); return; }
bgp_start_timer(conn->hold_timer, conn->hold_time);
/* Find parts of the packet and check sizes */
@@ -1122,7 +1129,10 @@
{ 3, 10, "Invalid network field" },
{ 3, 11, "Malformed AS_PATH" },
{ 4, 0, "Hold timer expired" },
- { 5, 0, "Finite state machine error" },
+ { 5, 0, "Finite state machine error" }, /* Subcodes are according to [RFC6608] */
+ { 5, 1, "Unexpected message in OpenSent state" },
+ { 5, 2, "Unexpected message in OpenConfirm state" },
+ { 5, 3, "Unexpected message in Established state" },
{ 6, 0, "Cease" }, /* Subcodes are according to [RFC4486] */
{ 6, 1, "Maximum number of prefixes reached" },
{ 6, 2, "Administrative shutdown" },
@@ -1253,7 +1263,7 @@
case BS_ESTABLISHED:
break;
default:
- bgp_error(conn, 5, 0, NULL, 0);
+ bgp_error(conn, 5, fsm_err_subcode[conn->state], NULL, 0);
}
}
@@ -1265,7 +1275,7 @@
BGP_TRACE(D_PACKETS, "Got ROUTE-REFRESH");
if (conn->state != BS_ESTABLISHED)
- { bgp_error(conn, 5, 0, NULL, 0); return; }
+ { bgp_error(conn, 5, fsm_err_subcode[conn->state], NULL, 0); return; }
if (!p->cf->enable_refresh)
{ bgp_error(conn, 1, 3, pkt+18, 1); return; }
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/ospf/config.Y
^
|
| @@ -127,11 +127,11 @@
CF_KEYWORDS(NEIGHBORS, RFC1583COMPAT, STUB, TICK, COST, COST2, RETRANSMIT)
CF_KEYWORDS(HELLO, TRANSMIT, PRIORITY, DEAD, TYPE, BROADCAST, BCAST)
CF_KEYWORDS(NONBROADCAST, NBMA, POINTOPOINT, PTP, POINTOMULTIPOINT, PTMP)
-CF_KEYWORDS(NONE, SIMPLE, AUTHENTICATION, STRICT, CRYPTOGRAPHIC)
-CF_KEYWORDS(ELIGIBLE, POLL, NETWORKS, HIDDEN, VIRTUAL, CHECK, LINK)
+CF_KEYWORDS(NONE, SIMPLE, AUTHENTICATION, STRICT, CRYPTOGRAPHIC, TTL, SECURITY)
+CF_KEYWORDS(ELIGIBLE, POLL, NETWORKS, HIDDEN, VIRTUAL, CHECK, LINK, ONLY)
CF_KEYWORDS(RX, BUFFER, LARGE, NORMAL, STUBNET, HIDDEN, SUMMARY, TAG, EXTERNAL)
CF_KEYWORDS(WAIT, DELAY, LSADB, ECMP, LIMIT, WEIGHT, NSSA, TRANSLATOR, STABILITY)
-CF_KEYWORDS(GLOBAL, LSID, ROUTER, SELF, INSTANCE, REAL, NETMASK)
+CF_KEYWORDS(GLOBAL, LSID, ROUTER, SELF, INSTANCE, REAL, NETMASK, TX, PRIORITY)
%type <t> opttext
%type <ld> lsadb_args
@@ -158,6 +158,7 @@
ospf_proto_item:
proto_item
| RFC1583COMPAT bool { OSPF_CFG->rfc1583 = $2; }
+ | STUB ROUTER bool { OSPF_CFG->stub_router = $3; }
| ECMP bool { OSPF_CFG->ecmp = $2 ? DEFAULT_ECMP_LIMIT : 0; }
| ECMP bool LIMIT expr { OSPF_CFG->ecmp = $2 ? $4 : 0; if ($4 < 0) cf_error("ECMP limit cannot be negative"); }
| TICK expr { OSPF_CFG->tick = $2; if($2<=0) cf_error("Tick must be greater than zero"); }
@@ -304,6 +305,10 @@
| RX BUFFER LARGE { OSPF_PATT->rxbuf = OSPF_RXBUF_LARGE ; }
| RX BUFFER NORMAL { OSPF_PATT->rxbuf = OSPF_RXBUF_NORMAL ; }
| RX BUFFER expr { OSPF_PATT->rxbuf = $3 ; if (($3 < OSPF_RXBUF_MINSIZE) || ($3 > OSPF_MAX_PKT_SIZE)) cf_error("Buffer size must be in range 256-65535"); }
+ | TX tos { OSPF_PATT->tx_tos = $2; }
+ | TX PRIORITY expr { OSPF_PATT->tx_priority = $3; }
+ | TTL SECURITY bool { OSPF_PATT->ttl_security = $3; }
+ | TTL SECURITY TX ONLY { OSPF_PATT->ttl_security = 2; }
| password_list
;
@@ -366,6 +371,8 @@
init_list(&OSPF_PATT->nbma_list);
OSPF_PATT->autype = OSPF_AUTH_NONE;
OSPF_PATT->ptp_netmask = 2; /* not specified */
+ OSPF_PATT->tx_tos = IP_PREC_INTERNET_CONTROL;
+ OSPF_PATT->tx_priority = sk_priority_control;
reset_passwords();
}
;
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/ospf/iface.c
^
|
| @@ -77,7 +77,8 @@
sk->dport = OSPF_PROTO;
sk->saddr = IPA_NONE;
- sk->tos = IP_PREC_INTERNET_CONTROL;
+ sk->tos = ifa->cf->tx_tos;
+ sk->priority = ifa->cf->tx_priority;
sk->rx_hook = ospf_rx_hook;
sk->tx_hook = ospf_tx_hook;
sk->err_hook = ospf_err_hook;
@@ -85,7 +86,8 @@
sk->rbsize = rxbufsize(ifa);
sk->tbsize = rxbufsize(ifa);
sk->data = (void *) ifa;
- sk->flags = SKF_LADDR_RX;
+ sk->flags = SKF_LADDR_RX | (ifa->check_ttl ? SKF_TTL_RX : 0);
+ sk->ttl = ifa->cf->ttl_security ? 255 : -1;
if (sk_open(sk) != 0)
goto err;
@@ -130,7 +132,7 @@
else
{
ifa->all_routers = AllSPFRouters;
- sk->ttl = 1; /* Hack, this will affect just multicast packets */
+ sk->ttl = ifa->cf->ttl_security ? 255 : 1;
if (sk_setup_multicast(sk) < 0)
goto err;
@@ -533,11 +535,12 @@
ifa->rxbuf = ip->rxbuf;
ifa->check_link = ip->check_link;
ifa->ecmp_weight = ip->ecmp_weight;
+ ifa->check_ttl = (ip->ttl_security == 1);
#ifdef OSPFv2
ifa->autype = ip->autype;
ifa->passwords = ip->passwords;
- ifa->ptp_netmask = !(addr->flags & IA_PEER);
+ ifa->ptp_netmask = addr ? !(addr->flags & IA_PEER) : 0;
if (ip->ptp_netmask < 2)
ifa->ptp_netmask = ip->ptp_netmask;
#endif
@@ -659,7 +662,11 @@
if (ifa->stub != new_stub)
return 0;
- if (new->real_bcast != ifa->cf->real_bcast)
+ /* Change of these options would require to reset the iface socket */
+ if ((new->real_bcast != ifa->cf->real_bcast) ||
+ (new->tx_tos != ifa->cf->tx_tos) ||
+ (new->tx_priority != ifa->cf->tx_priority) ||
+ (new->ttl_security != ifa->cf->ttl_security))
return 0;
ifa->cf = new;
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/ospf/ospf.c
^
|
| @@ -167,7 +167,7 @@
#ifdef OSPFv2
oa->options = ac->type;
#else /* OSPFv3 */
- oa->options = OPT_R | ac->type | OPT_V6;
+ oa->options = ac->type | OPT_V6 | (po->stub_router ? 0 : OPT_R);
#endif
/*
@@ -234,6 +234,7 @@
po->router_id = proto_get_router_id(p->cf);
po->last_vlink_id = 0x80000000;
po->rfc1583 = c->rfc1583;
+ po->stub_router = c->stub_router;
po->ebit = 0;
po->ecmp = c->ecmp;
po->tick = c->tick;
@@ -690,7 +691,7 @@
#ifdef OSPFv2
oa->options = nac->type;
#else /* OSPFv3 */
- oa->options = OPT_R | nac->type | OPT_V6;
+ oa->options = nac->type | OPT_V6 | (oa->po->stub_router ? 0 : OPT_R);
#endif
if (oa_is_nssa(oa) && (oa->po->areano > 1))
oa->po->ebit = 1;
@@ -738,6 +739,7 @@
if (old->abr != new->abr)
return 0;
+ po->stub_router = new->stub_router;
po->ecmp = new->ecmp;
po->tick = new->tick;
po->disp_timer->recurrent = po->tick;
@@ -831,6 +833,7 @@
cli_msg(-1014, "%s:", p->name);
cli_msg(-1014, "RFC1583 compatibility: %s", (po->rfc1583 ? "enable" : "disabled"));
+ cli_msg(-1014, "Stub router: %s", (po->stub_router ? "Yes" : "No"));
cli_msg(-1014, "RT scheduler tick: %d", po->tick);
cli_msg(-1014, "Number of areas: %u", po->areano);
cli_msg(-1014, "Number of LSAs in DB:\t%u", po->gr->hash_entries);
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/ospf/ospf.h
^
|
| @@ -83,6 +83,7 @@
struct proto_config c;
unsigned tick;
byte rfc1583;
+ byte stub_router;
byte abr;
int ecmp;
list area_list; /* list of struct ospf_area_config */
@@ -274,6 +275,7 @@
u8 check_link; /* Whether iface link change is used */
u8 ecmp_weight; /* Weight used for ECMP */
u8 ptp_netmask; /* Send real netmask for P2P */
+ u8 check_ttl; /* Check incoming packets for TTL 255 */
};
struct ospf_md5
@@ -771,6 +773,7 @@
int areano; /* Number of area I belong to */
struct fib rtf; /* Routing table */
byte rfc1583; /* RFC1583 compatibility */
+ byte stub_router; /* Do not forward transit traffic */
byte ebit; /* Did I originate any ext lsa? */
byte ecmp; /* Maximal number of nexthops in ECMP route, or 0 */
struct ospf_area *backbone; /* If exists */
@@ -798,6 +801,8 @@
u32 priority;
u32 voa;
u32 vid;
+ int tx_tos;
+ int tx_priority;
u16 rxbuf;
#define OSPF_RXBUF_NORMAL 0
#define OSPF_RXBUF_LARGE 1
@@ -811,7 +816,8 @@
u8 check_link;
u8 ecmp_weight;
u8 real_bcast; /* Not really used in OSPFv3 */
- u8 ptp_netmask; /* bool but 2 for unspecified */
+ u8 ptp_netmask; /* bool + 2 for unspecified */
+ u8 ttl_security; /* bool + 2 for TX only */
#ifdef OSPFv2
list *passwords;
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/ospf/packet.c
^
|
| @@ -309,6 +309,12 @@
return 1;
}
+ if (ifa->check_ttl && (sk->ttl < 255))
+ {
+ log(L_ERR "%s%I - TTL %d (< 255)", mesg, sk->faddr, sk->ttl);
+ return 1;
+ }
+
if ((unsigned) size < sizeof(struct ospf_packet))
{
log(L_ERR "%s%I - too short (%u bytes)", mesg, sk->faddr, size);
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/ospf/rt.c
^
|
| @@ -501,6 +501,10 @@
#ifdef OSPFv2
ospf_rt_spfa_rtlinks(oa, act, act);
#else /* OSPFv3 */
+ /* Errata 2078 to RFC 5340 4.8.1 - skip links from non-routing nodes */
+ if ((act != oa->rt) && !(rt->options & OPT_R))
+ break;
+
for (tmp = ospf_hash_find_rt_first(po->gr, act->domain, act->lsa.rt);
tmp; tmp = ospf_hash_find_rt_next(tmp))
ospf_rt_spfa_rtlinks(oa, act, tmp);
@@ -1839,7 +1843,7 @@
if (en->lsa.type == LSA_T_RT)
{
struct ospf_lsa_rt *rt = en->lsa_body;
- if (!(rt->options & OPT_V6) || !(rt->options & OPT_R))
+ if (!(rt->options & OPT_V6))
return;
}
#endif
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/ospf/topology.c
^
|
| @@ -233,6 +233,7 @@
WALK_LIST(ifa, po->iface_list)
{
int net_lsa = 0;
+ u32 link_cost = po->stub_router ? 0xffff : ifa->cost;
if ((ifa->type == OSPF_IT_VLINK) && (ifa->voa == oa) &&
(!EMPTY_LIST(ifa->neigh_list)))
@@ -268,8 +269,7 @@
* this address as a next-hop.
*/
ln->data = ipa_to_u32(ifa->addr->ip);
-
- ln->metric = ifa->cost;
+ ln->metric = link_cost;
ln->padding = 0;
i++;
}
@@ -283,7 +283,7 @@
ln->type = LSART_NET;
ln->id = ipa_to_u32(ifa->drip);
ln->data = ipa_to_u32(ifa->addr->ip);
- ln->metric = ifa->cost;
+ ln->metric = link_cost;
ln->padding = 0;
i++;
net_lsa = 1;
@@ -298,7 +298,7 @@
ln->type = LSART_VLNK;
ln->id = neigh->rid;
ln->data = ipa_to_u32(ifa->addr->ip);
- ln->metric = ifa->cost;
+ ln->metric = link_cost;
ln->padding = 0;
i++;
}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/radv/packets.c
^
|
| @@ -395,7 +395,7 @@
radv_err_hook(sock *sk, int err)
{
struct radv_iface *ifa = sk->data;
- log(L_ERR "%s: Socket error: %m", ifa->ra->p.name, err);
+ log(L_ERR "%s: Socket error on %s: %M", ifa->ra->p.name, ifa->iface->name, err);
}
int
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/rip/config.Y
^
|
| @@ -22,12 +22,18 @@
#define RIP_CFG ((struct rip_proto_config *) this_proto)
#define RIP_IPATT ((struct rip_patt *) this_ipatt)
+#ifdef IPV6
+#define RIP_DEFAULT_TTL_SECURITY 2
+#else
+#define RIP_DEFAULT_TTL_SECURITY 0
+#endif
+
CF_DECLS
CF_KEYWORDS(RIP, INFINITY, METRIC, PORT, PERIOD, GARBAGE, TIMEOUT,
MODE, BROADCAST, MULTICAST, QUIET, NOLISTEN, VERSION1,
- AUTHENTICATION, NONE, PLAINTEXT, MD5,
- HONOR, NEVER, NEIGHBOR, ALWAYS,
+ AUTHENTICATION, NONE, PLAINTEXT, MD5, TTL, SECURITY,
+ HONOR, NEVER, NEIGHBOR, ALWAYS, TX, PRIORITY, ONLY,
RIP_METRIC, RIP_TAG)
%type <i> rip_mode rip_auth
@@ -76,6 +82,10 @@
rip_iface_item:
| METRIC expr { RIP_IPATT->metric = $2; }
| MODE rip_mode { RIP_IPATT->mode |= $2; }
+ | TX tos { RIP_IPATT->tx_tos = $2; }
+ | TX PRIORITY expr { RIP_IPATT->tx_priority = $3; }
+ | TTL SECURITY bool { RIP_IPATT->ttl_security = $3; }
+ | TTL SECURITY TX ONLY { RIP_IPATT->ttl_security = 2; }
;
rip_iface_opts:
@@ -94,6 +104,9 @@
add_tail(&RIP_CFG->iface_list, NODE this_ipatt);
init_list(&this_ipatt->ipn_list);
RIP_IPATT->metric = 1;
+ RIP_IPATT->tx_tos = IP_PREC_INTERNET_CONTROL;
+ RIP_IPATT->tx_priority = sk_priority_control;
+ RIP_IPATT->ttl_security = RIP_DEFAULT_TTL_SECURITY;
}
;
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/rip/rip.c
^
|
| @@ -480,6 +480,14 @@
iface = i->iface;
#endif
+ if (i->check_ttl && (s->ttl < 255))
+ {
+ log( L_REMOTE "%s: Discarding packet with TTL %d (< 255) from %I on %s",
+ p->name, s->ttl, s->faddr, i->iface->name);
+ return 1;
+ }
+
+
CHK_MAGIC;
DBG( "RIP: message came: %d bytes from %I via %s\n", size, s->faddr, i->iface ? i->iface->name : "(dummy)" );
size -= sizeof( struct rip_packet_heading );
@@ -686,6 +694,7 @@
rif->mode = PATT->mode;
rif->metric = PATT->metric;
rif->multicast = (!(PATT->mode & IM_BROADCAST)) && (flags & IF_MULTICAST);
+ rif->check_ttl = (PATT->ttl_security == 1);
}
/* lookup multicasts over unnumbered links - no: rip is not defined over unnumbered links */
@@ -706,9 +715,10 @@
rif->sock->dport = P_CF->port;
if (new)
{
- rif->sock->ttl = 1;
- rif->sock->tos = IP_PREC_INTERNET_CONTROL;
- rif->sock->flags = SKF_LADDR_RX;
+ rif->sock->tos = PATT->tx_tos;
+ rif->sock->priority = PATT->tx_priority;
+ rif->sock->ttl = PATT->ttl_security ? 255 : 1;
+ rif->sock->flags = SKF_LADDR_RX | (rif->check_ttl ? SKF_TTL_RX : 0);
}
if (new) {
@@ -1007,7 +1017,9 @@
rip_pat_compare(struct rip_patt *a, struct rip_patt *b)
{
return ((a->metric == b->metric) &&
- (a->mode == b->mode));
+ (a->mode == b->mode) &&
+ (a->tx_tos == b->tx_tos) &&
+ (a->tx_priority == b->tx_priority));
}
static int
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/proto/rip/rip.h
^
|
| @@ -114,6 +114,7 @@
struct rip_connection *busy;
int metric; /* You don't want to put struct rip_patt *patt here -- think about reconfigure */
int mode;
+ int check_ttl; /* Check incoming packets for TTL 255 */
int triggered;
struct object_lock *lock;
int multicast;
@@ -128,6 +129,9 @@
#define IM_QUIET 4
#define IM_NOLISTEN 8
#define IM_VERSION1 16
+ int tx_tos;
+ int tx_priority;
+ int ttl_security; /* bool + 2 for TX only (send, but do not check on RX) */
};
struct rip_proto_config {
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/bsd/Modules
^
|
| @@ -1,3 +1,4 @@
krt-sock.c
+krt-sock.Y
krt-sys.h
sysio.h
|
|
[-]
[+]
|
Added |
bird-1.3.11.tar.bz2/sysdep/bsd/krt-sock.Y
^
|
| @@ -0,0 +1,32 @@
+/*
+ * BIRD -- BSD Kernel Syncer Configuration
+ *
+ * (c) 1999--2000 Martin Mares <mj@ucw.cz>
+ *
+ * Can be freely distributed and used under the terms of the GNU GPL.
+ */
+
+CF_HDR
+
+CF_DECLS
+
+CF_KEYWORDS(KERNEL, TABLE)
+
+CF_GRAMMAR
+
+CF_ADDTO(kern_proto, kern_proto kern_sys_item ';')
+
+kern_sys_item:
+ KERNEL TABLE expr {
+ if ($3 && (krt_max_tables == 1))
+ cf_error("Multiple kernel routing tables not supported");
+ if ($3 < 0 || $3 >= krt_max_tables)
+ cf_error("Kernel table id must be in range 0-%d", krt_max_tables - 1);
+
+ THIS_KRT->sys.table_id = $3;
+ }
+ ;
+
+CF_CODE
+
+CF_END
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/bsd/krt-sock.c
^
|
| @@ -1,5 +1,5 @@
/*
- * BIRD -- Unix Routing Table Syncing
+ * BIRD -- BSD Routing Table Syncing
*
* (c) 2004 Ondrej Filip <feela@network.cz>
*
@@ -7,6 +7,7 @@
*/
#include <stdio.h>
+#include <stdlib.h>
#include <ctype.h>
#include <fcntl.h>
#include <unistd.h>
@@ -34,18 +35,112 @@
#include "lib/socket.h"
-#ifndef RTAX_MAX
-#define RTAX_MAX 8
+/*
+ * There are significant differences in multiple tables support between BSD variants.
+ *
+ * OpenBSD has table_id field for routes in route socket protocol, therefore all
+ * tables could be managed by one kernel socket. FreeBSD lacks such field,
+ * therefore multiple sockets (locked to specific table using SO_SETFIB socket
+ * option) must be used.
+ *
+ * Both FreeBSD and OpenBSD uses separate scans for each table. In OpenBSD,
+ * table_id is specified explicitly as sysctl scan argument, while in FreeBSD it
+ * is handled implicitly by changing default table using setfib() syscall.
+ *
+ * KRT_SHARED_SOCKET - use shared kernel socked instead of one for each krt_proto
+ * KRT_USE_SETFIB_SCAN - use setfib() for sysctl() route scan
+ * KRT_USE_SETFIB_SOCK - use SO_SETFIB socket option for kernel sockets
+ * KRT_USE_SYSCTL_7 - use 7-th arg of sysctl() as table id for route scans
+ * KRT_USE_SYSCTL_NET_FIBS - use net.fibs sysctl() for dynamic max number of fibs
+ */
+
+#ifdef __FreeBSD__
+#define KRT_MAX_TABLES 256
+#define KRT_USE_SETFIB_SCAN
+#define KRT_USE_SETFIB_SOCK
+#define KRT_USE_SYSCTL_NET_FIBS
#endif
-struct ks_msg
+#ifdef __OpenBSD__
+#define KRT_MAX_TABLES (RT_TABLEID_MAX+1)
+#define KRT_SHARED_SOCKET
+#define KRT_USE_SYSCTL_7
+#endif
+
+#ifndef KRT_MAX_TABLES
+#define KRT_MAX_TABLES 1
+#endif
+
+
+
+/* Dynamic max number of tables */
+
+int krt_max_tables;
+
+#ifdef KRT_USE_SYSCTL_NET_FIBS
+
+static int
+krt_get_max_tables(void)
{
- struct rt_msghdr rtm;
- struct sockaddr_storage buf[RTAX_MAX];
-};
+ int fibs;
+ size_t fibs_len = sizeof(fibs);
+
+ if (sysctlbyname("net.fibs", &fibs, &fibs_len, NULL, 0) < 0)
+ {
+ log(L_WARN "KRT: unable to get max number of fib tables: %m");
+ return 1;
+ }
+
+ return MIN(fibs, KRT_MAX_TABLES);
+}
+
+#else
+
+static int
+krt_get_max_tables(void)
+{
+ return KRT_MAX_TABLES;
+}
+
+#endif /* KRT_USE_SYSCTL_NET_FIBS */
+
+
+/* setfib() syscall for FreeBSD scans */
+
+#ifdef KRT_USE_SETFIB_SCAN
+
+/*
+static int krt_default_fib;
+
+static int
+krt_get_active_fib(void)
+{
+ int fib;
+ size_t fib_len = sizeof(fib);
+
+ if (sysctlbyname("net.my_fibnum", &fib, &fib_len, NULL, 0) < 0)
+ {
+ log(L_WARN "KRT: unable to get active fib number: %m");
+ return 0;
+ }
+
+ return fib;
+}
+*/
+
+extern int setfib(int fib);
+#endif /* KRT_USE_SETFIB_SCAN */
-static int rt_sock = 0;
+
+/* table_id -> krt_proto map */
+
+#ifdef KRT_SHARED_SOCKET
+static struct krt_proto *krt_table_map[KRT_MAX_TABLES];
+#endif
+
+
+/* Route socket message processing */
int
krt_capable(rte *e)
@@ -65,6 +160,16 @@
);
}
+#ifndef RTAX_MAX
+#define RTAX_MAX 8
+#endif
+
+struct ks_msg
+{
+ struct rt_msghdr rtm;
+ struct sockaddr_storage buf[RTAX_MAX];
+};
+
#define ROUNDUP(a) \
((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))
@@ -81,7 +186,7 @@
body += l;}
static int
-krt_sock_send(int cmd, rte *e)
+krt_send_route(struct krt_proto *p, int cmd, rte *e)
{
net *net = e->net;
rta *a = e->attrs;
@@ -103,13 +208,13 @@
msg.rtm.rtm_flags = RTF_UP | RTF_PROTO1;
if (net->n.pxlen == MAX_PREFIX_LENGTH)
- {
msg.rtm.rtm_flags |= RTF_HOST;
- }
else
- {
msg.rtm.rtm_addrs |= RTA_NETMASK;
- }
+
+#ifdef KRT_SHARED_SOCKET
+ msg.rtm.rtm_tableid = KRT_CF->sys.table_id;
+#endif
#ifdef RTF_REJECT
if(a->dest == RTD_UNREACHABLE)
@@ -192,7 +297,7 @@
l = body - (char *)&msg;
msg.rtm.rtm_msglen = l;
- if ((l = write(rt_sock, (char *)&msg, l)) < 0) {
+ if ((l = write(p->sys.sk->fd, (char *)&msg, l)) < 0) {
log(L_ERR "KRT: Error sending route %I/%d to kernel: %m", net->n.prefix, net->n.pxlen);
return -1;
}
@@ -201,16 +306,16 @@
}
void
-krt_replace_rte(struct krt_proto *p UNUSED, net *n, rte *new, rte *old,
+krt_replace_rte(struct krt_proto *p, net *n, rte *new, rte *old,
struct ea_list *eattrs UNUSED)
{
int err = 0;
if (old)
- krt_sock_send(RTM_DELETE, old);
+ krt_send_route(p, RTM_DELETE, old);
if (new)
- err = krt_sock_send(RTM_ADD, new);
+ err = krt_send_route(p, RTM_ADD, new);
if (err < 0)
n->n.flags |= KRF_SYNC_ERROR;
@@ -221,8 +326,10 @@
#define SKIP(ARG...) do { DBG("KRT: Ignoring route - " ARG); return; } while(0)
static void
-krt_read_rt(struct ks_msg *msg, struct krt_proto *p, int scan)
+krt_read_route(struct ks_msg *msg, struct krt_proto *p, int scan)
{
+ /* p is NULL iff KRT_SHARED_SOCKET and !scan */
+
rte *e;
net *net;
sockaddr dst, gate, mask;
@@ -244,6 +351,17 @@
if (flags & RTF_LLINFO)
SKIP("link-local\n");
+#ifdef KRT_SHARED_SOCKET
+ if (!scan)
+ {
+ int table_id = msg->rtm.rtm_tableid;
+ p = (table_id < KRT_MAX_TABLES) ? krt_table_map[table_id] : NULL;
+
+ if (!p)
+ SKIP("unknown table id %d\n", table_id);
+ }
+#endif
+
GETADDR(&dst, RTA_DST);
GETADDR(&gate, RTA_GATEWAY);
GETADDR(&mask, RTA_NETMASK);
@@ -594,17 +712,18 @@
ifa_delete(&ifa);
}
-
-void
+static void
krt_read_msg(struct proto *p, struct ks_msg *msg, int scan)
{
+ /* p is NULL iff KRT_SHARED_SOCKET and !scan */
+
switch (msg->rtm.rtm_type)
{
case RTM_GET:
if(!scan) return;
case RTM_ADD:
case RTM_DELETE:
- krt_read_rt(msg, (struct krt_proto *)p, scan);
+ krt_read_route(msg, (struct krt_proto *)p, scan);
break;
case RTM_IFANNOUNCE:
krt_read_ifannounce(msg);
@@ -621,14 +740,57 @@
}
}
+
+/* Sysctl based scans */
+
+static byte *krt_buffer;
+static size_t krt_buflen, krt_bufmin;
+static struct proto *krt_buffer_owner;
+
+static byte *
+krt_buffer_update(struct proto *p, size_t *needed)
+{
+ size_t req = *needed;
+
+ if ((req > krt_buflen) ||
+ ((p == krt_buffer_owner) && (req < krt_bufmin)))
+ {
+ /* min buflen is 32 kB, step is 8 kB, or 128 kB if > 1 MB */
+ size_t step = (req < 0x100000) ? 0x2000 : 0x20000;
+ krt_buflen = (req < 0x6000) ? 0x8000 : (req + step);
+ krt_bufmin = (req < 0x8000) ? 0 : (req - 2*step);
+
+ if (krt_buffer)
+ mb_free(krt_buffer);
+ krt_buffer = mb_alloc(krt_pool, krt_buflen);
+ krt_buffer_owner = p;
+ }
+
+ *needed = krt_buflen;
+ return krt_buffer;
+}
+
+static void
+krt_buffer_release(struct proto *p)
+{
+ if (p == krt_buffer_owner)
+ {
+ mb_free(krt_buffer);
+ krt_buffer = NULL;
+ krt_buflen = 0;
+ krt_buffer_owner = 0;
+ }
+}
+
static void
-krt_sysctl_scan(struct proto *p, pool *pool, byte **buf, size_t *bl, int cmd)
+krt_sysctl_scan(struct proto *p, int cmd, int table_id)
{
- byte *next;
- int mib[6];
- size_t obl, needed;
+ byte *buf, *next;
+ int mib[7], mcnt;
+ size_t needed;
struct ks_msg *m;
int retries = 3;
+ int rv;
mib[0] = CTL_NET;
mib[1] = PF_ROUTE;
@@ -636,125 +798,258 @@
mib[3] = BIRD_PF;
mib[4] = cmd;
mib[5] = 0;
+ mcnt = 6;
- try:
- if (sysctl(mib, 6 , NULL , &needed, NULL, 0) < 0)
- die("krt_sysctl_scan 1: %m");
-
- obl = *bl;
+#ifdef KRT_USE_SYSCTL_7
+ if (table_id >= 0)
+ {
+ mib[6] = table_id;
+ mcnt = 7;
+ }
+#endif
- while (needed > *bl) *bl *= 2;
- while (needed < (*bl/2)) *bl /= 2;
+#ifdef KRT_USE_SETFIB_SCAN
+ if (table_id > 0)
+ if (setfib(table_id) < 0)
+ {
+ log(L_ERR "KRT: setfib(%d) failed: %m", table_id);
+ return;
+ }
+#endif
- if ((obl!=*bl) || !*buf)
+ try:
+ rv = sysctl(mib, mcnt, NULL, &needed, NULL, 0);
+ if (rv < 0)
{
- if (*buf) mb_free(*buf);
- if ((*buf = mb_alloc(pool, *bl)) == NULL) die("RT scan buf alloc");
+ /* OpenBSD returns EINVAL for not yet used tables */
+ if ((errno == EINVAL) && (table_id > 0))
+ goto exit;
+
+ log(L_ERR "KRT: Route scan estimate failed: %m");
+ goto exit;
}
- if (sysctl(mib, 6 , *buf, &needed, NULL, 0) < 0)
+ /* The table is empty */
+ if (needed == 0)
+ goto exit;
+
+ buf = krt_buffer_update(p, &needed);
+
+ rv = sysctl(mib, mcnt, buf, &needed, NULL, 0);
+ if (rv < 0)
{
- if (errno == ENOMEM)
- {
- /* The buffer size changed since last sysctl ('needed' is not changed) */
- if (retries--)
- goto try;
+ /* The buffer size changed since last sysctl ('needed' is not changed) */
+ if ((errno == ENOMEM) && retries--)
+ goto try;
- log(L_ERR "KRT: Route scan failed");
- return;
- }
- die("krt_sysctl_scan 2: %m");
+ log(L_ERR "KRT: Route scan failed: %m");
+ goto exit;
}
- for (next = *buf; next < (*buf + needed); next += m->rtm.rtm_msglen)
+#ifdef KRT_USE_SETFIB_SCAN
+ if (table_id > 0)
+ if (setfib(0) < 0)
+ die("KRT: setfib(%d) failed: %m", 0);
+#endif
+
+ /* Process received messages */
+ for (next = buf; next < (buf + needed); next += m->rtm.rtm_msglen)
{
m = (struct ks_msg *)next;
krt_read_msg(p, m, 1);
}
-}
-static byte *krt_buffer = NULL;
-static byte *kif_buffer = NULL;
-static size_t krt_buflen = 32768;
-static size_t kif_buflen = 4096;
+ return;
+
+ exit:
+ krt_buffer_release(p);
+
+#ifdef KRT_USE_SETFIB_SCAN
+ if (table_id > 0)
+ if (setfib(0) < 0)
+ die("KRT: setfib(%d) failed: %m", 0);
+#endif
+}
void
krt_do_scan(struct krt_proto *p)
{
- krt_sysctl_scan((struct proto *)p, p->krt_pool, &krt_buffer, &krt_buflen, NET_RT_DUMP);
+ krt_sysctl_scan(&p->p, NET_RT_DUMP, KRT_CF->sys.table_id);
}
void
kif_do_scan(struct kif_proto *p)
{
- struct proto *P = (struct proto *)p;
if_start_update();
- krt_sysctl_scan(P, P->pool, &kif_buffer, &kif_buflen, NET_RT_IFLIST);
+ krt_sysctl_scan(&p->p, NET_RT_IFLIST, -1);
if_end_update();
}
+
+/* Kernel sockets */
+
static int
krt_sock_hook(sock *sk, int size UNUSED)
{
struct ks_msg msg;
int l = read(sk->fd, (char *)&msg, sizeof(msg));
- if(l <= 0)
+ if (l <= 0)
log(L_ERR "krt-sock: read failed");
else
- krt_read_msg((struct proto *)sk->data, &msg, 0);
+ krt_read_msg((struct proto *) sk->data, &msg, 0);
return 0;
}
+static sock *
+krt_sock_open(pool *pool, void *data, int table_id)
+{
+ sock *sk;
+ int fd;
+
+ fd = socket(PF_ROUTE, SOCK_RAW, AF_UNSPEC);
+ if (fd < 0)
+ die("Cannot open kernel socket for routes");
+
+#ifdef KRT_USE_SETFIB_SOCK
+ if (table_id > 0)
+ {
+ if (setsockopt(fd, SOL_SOCKET, SO_SETFIB, &table_id, sizeof(table_id)) < 0)
+ die("Cannot set FIB %d for kernel socket: %m", table_id);
+ }
+#endif
+
+ sk = sk_new(pool);
+ sk->type = SK_MAGIC;
+ sk->rx_hook = krt_sock_hook;
+ sk->fd = fd;
+ sk->data = data;
+
+ if (sk_open(sk) < 0)
+ bug("krt-sock: sk_open failed");
+
+ return sk;
+}
+
+
+#ifdef KRT_SHARED_SOCKET
+
+static sock *krt_sock;
+static int krt_sock_count;
+
+
+static void
+krt_sock_open_shared(void)
+{
+ if (!krt_sock_count)
+ krt_sock = krt_sock_open(krt_pool, NULL, -1);
+
+ krt_sock_count++;
+}
+
+static void
+krt_sock_close_shared(void)
+{
+ krt_sock_count--;
+
+ if (!krt_sock_count)
+ {
+ rfree(krt_sock);
+ krt_sock = NULL;
+ }
+}
+
void
-krt_sys_start(struct krt_proto *x, int first UNUSED)
+krt_sys_start(struct krt_proto *p)
{
- sock *sk_rt;
- static int ks_open_tried = 0;
+ krt_table_map[KRT_CF->sys.table_id] = p;
- if (ks_open_tried)
- return;
+ krt_sock_open_shared();
+ p->sys.sk = krt_sock;
+}
- ks_open_tried = 1;
+void
+krt_sys_shutdown(struct krt_proto *p)
+{
+ krt_sock_close_shared();
+ p->sys.sk = NULL;
- DBG("KRT: Opening kernel socket\n");
+ krt_table_map[KRT_CF->sys.table_id] = NULL;
- if( (rt_sock = socket(PF_ROUTE, SOCK_RAW, AF_UNSPEC)) < 0)
- die("Cannot open kernel socket for routes");
+ krt_buffer_release(&p->p);
+}
- sk_rt = sk_new(krt_pool);
- sk_rt->type = SK_MAGIC;
- sk_rt->rx_hook = krt_sock_hook;
- sk_rt->fd = rt_sock;
- sk_rt->data = x;
- if (sk_open(sk_rt))
- bug("krt-sock: sk_open failed");
+#else
+
+void
+krt_sys_start(struct krt_proto *p)
+{
+ p->sys.sk = krt_sock_open(p->p.pool, p, KRT_CF->sys.table_id);
}
void
-krt_sys_shutdown(struct krt_proto *x UNUSED, int last UNUSED)
+krt_sys_shutdown(struct krt_proto *p)
{
- if (!krt_buffer)
- return;
+ rfree(p->sys.sk);
+ p->sys.sk = NULL;
+
+ krt_buffer_release(&p->p);
+}
+
+#endif /* KRT_SHARED_SOCKET */
+
- mb_free(krt_buffer);
- krt_buffer = NULL;
+/* KRT configuration callbacks */
+
+static u32 krt_table_cf[(KRT_MAX_TABLES+31) / 32];
+
+int
+krt_sys_reconfigure(struct krt_proto *p UNUSED, struct krt_config *n, struct krt_config *o)
+{
+ return n->sys.table_id == o->sys.table_id;
}
+void
+krt_sys_preconfig(struct config *c UNUSED)
+{
+ krt_max_tables = krt_get_max_tables();
+ bzero(&krt_table_cf, sizeof(krt_table_cf));
+}
void
-kif_sys_start(struct kif_proto *p UNUSED)
+krt_sys_postconfig(struct krt_config *x)
{
+ u32 *tbl = krt_table_cf;
+ int id = x->sys.table_id;
+
+ if (tbl[id/32] & (1 << (id%32)))
+ cf_error("Multiple kernel syncers defined for table #%d", id);
+
+ tbl[id/32] |= (1 << (id%32));
}
+void krt_sys_init_config(struct krt_config *c)
+{
+ c->sys.table_id = 0; /* Default table */
+}
+
+void krt_sys_copy_config(struct krt_config *d, struct krt_config *s)
+{
+ d->sys.table_id = s->sys.table_id;
+}
+
+
+/* KIF misc code */
+
void
-kif_sys_shutdown(struct kif_proto *p UNUSED)
+kif_sys_start(struct kif_proto *p UNUSED)
{
- if (!kif_buffer)
- return;
+}
- mb_free(kif_buffer);
- kif_buffer = NULL;
+void
+kif_sys_shutdown(struct kif_proto *p)
+{
+ krt_buffer_release(&p->p);
}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/bsd/krt-sys.h
^
|
| @@ -9,13 +9,14 @@
#ifndef _BIRD_KRT_SYS_H_
#define _BIRD_KRT_SYS_H_
+struct birdsock;
/* Kernel interfaces */
struct kif_params {
};
-struct kif_status {
+struct kif_state {
};
@@ -30,20 +31,18 @@
/* Kernel routes */
+extern int krt_max_tables;
+
struct krt_params {
+ int table_id; /* Kernel table ID we sync with */
};
-struct krt_status {
+struct krt_state {
+ struct birdsock *sk;
};
static inline void krt_sys_init(struct krt_proto *p UNUSED) { }
-static inline int krt_sys_reconfigure(struct krt_proto *p UNUSED, struct krt_config *n UNUSED, struct krt_config *o UNUSED) { return 1; }
-
-static inline void krt_sys_preconfig(struct config *c UNUSED) { }
-static inline void krt_sys_postconfig(struct krt_config *c UNUSED) { }
-static inline void krt_sys_init_config(struct krt_config *c UNUSED) { }
-static inline void krt_sys_copy_config(struct krt_config *d UNUSED, struct krt_config *s UNUSED) { }
#endif
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/bsd/sysio.h
^
|
| @@ -6,9 +6,22 @@
* Can be freely distributed and used under the terms of the GNU GPL.
*/
+#ifdef __NetBSD__
+
+#ifndef IP_RECVTTL
+#define IP_RECVTTL 23
+#endif
+
+#ifndef IP_MINTTL
+#define IP_MINTTL 24
+#endif
+
+#endif
+
#ifdef __DragonFly__
#define TCP_MD5SIG TCP_SIGNATURE_ENABLE
#endif
+
#ifdef IPV6
static inline void
@@ -113,7 +126,9 @@
/* BSD RX/TX packet info handling for IPv4 */
/* it uses IP_RECVDSTADDR / IP_RECVIF socket options instead of IP_PKTINFO */
-#define CMSG_RX_SPACE (CMSG_SPACE(sizeof(struct in_addr)) + CMSG_SPACE(sizeof(struct sockaddr_dl)))
+#define CMSG_RX_SPACE (CMSG_SPACE(sizeof(struct in_addr)) + \
+ CMSG_SPACE(sizeof(struct sockaddr_dl)) + \
+ CMSG_SPACE(sizeof(char)))
#define CMSG_TX_SPACE CMSG_SPACE(sizeof(struct in_addr))
static char *
@@ -121,13 +136,18 @@
{
int ok = 1;
if (s->flags & SKF_LADDR_RX)
- {
- if (setsockopt(s->fd, IPPROTO_IP, IP_RECVDSTADDR, &ok, sizeof(ok)) < 0)
- return "IP_RECVDSTADDR";
+ {
+ if (setsockopt(s->fd, IPPROTO_IP, IP_RECVDSTADDR, &ok, sizeof(ok)) < 0)
+ return "IP_RECVDSTADDR";
+
+ if (setsockopt(s->fd, IPPROTO_IP, IP_RECVIF, &ok, sizeof(ok)) < 0)
+ return "IP_RECVIF";
+ }
+
+ if ((s->flags & SKF_TTL_RX) &&
+ (setsockopt(s->fd, IPPROTO_IP, IP_RECVTTL, &ok, sizeof(ok)) < 0))
+ return "IP_RECVTTL";
- if (setsockopt(s->fd, IPPROTO_IP, IP_RECVIF, &ok, sizeof(ok)) < 0)
- return "IP_RECVIF";
- }
return NULL;
}
@@ -136,27 +156,35 @@
sysio_process_rx_cmsgs(sock *s, struct msghdr *msg)
{
struct cmsghdr *cm;
+ struct in_addr *ra = NULL;
+ struct sockaddr_dl *ri = NULL;
+ unsigned char *ttl = NULL;
- if (!(s->flags & SKF_LADDR_RX))
- return;
+ for (cm = CMSG_FIRSTHDR(msg); cm != NULL; cm = CMSG_NXTHDR(msg, cm))
+ {
+ if (cm->cmsg_level == IPPROTO_IP && cm->cmsg_type == IP_RECVDSTADDR)
+ ra = (struct in_addr *) CMSG_DATA(cm);
- s->laddr = IPA_NONE;
- s->lifindex = 0;
+ if (cm->cmsg_level == IPPROTO_IP && cm->cmsg_type == IP_RECVIF)
+ ri = (struct sockaddr_dl *) CMSG_DATA(cm);
- for (cm = CMSG_FIRSTHDR(msg); cm != NULL; cm = CMSG_NXTHDR(msg, cm))
- {
- if (cm->cmsg_level == IPPROTO_IP && cm->cmsg_type == IP_RECVDSTADDR)
- {
- struct in_addr *ra = (struct in_addr *) CMSG_DATA(cm);
- get_inaddr(&s->laddr, ra);
- }
+ if (cm->cmsg_level == IPPROTO_IP && cm->cmsg_type == IP_RECVTTL)
+ ttl = (unsigned char *) CMSG_DATA(cm);
+ }
- if (cm->cmsg_level == IPPROTO_IP && cm->cmsg_type == IP_RECVIF)
- {
- struct sockaddr_dl *ri = (struct sockaddr_dl *) CMSG_DATA(cm);
- s->lifindex = ri->sdl_index;
- }
- }
+ if (s->flags & SKF_LADDR_RX)
+ {
+ s->laddr = IPA_NONE;
+ s->lifindex = 0;
+
+ if (ra)
+ get_inaddr(&s->laddr, ra);
+ if (ri)
+ s->lifindex = ri->sdl_index;
+ }
+
+ if (s->flags & SKF_TTL_RX)
+ s->ttl = ttl ? *ttl : -1;
// log(L_WARN "RX %I %d", s->laddr, s->lifindex);
}
@@ -244,8 +272,6 @@
#ifndef IPV6
-#ifdef IP_MINTTL
-
static int
sk_set_min_ttl4(sock *s, int ttl)
{
@@ -262,25 +288,23 @@
return 0;
}
-#else /* no IP_MINTTL */
+#else /* IPv6 */
static int
-sk_set_min_ttl4(sock *s, int ttl)
+sk_set_min_ttl6(sock *s, int ttl)
{
- log(L_ERR "IPv4 TTL security not supported");
+ log(L_ERR "IPv6 TTL security not supported");
return -1;
}
#endif
-#else /* IPv6 */
+
+int sk_priority_control = -1;
static int
-sk_set_min_ttl6(sock *s, int ttl)
+sk_set_priority(sock *s, int prio UNUSED)
{
- log(L_ERR "IPv6 TTL security not supported");
+ log(L_WARN "Socket priority not supported");
return -1;
}
-
-#endif
-
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/cf/bsd-v6.h
^
|
| @@ -10,6 +10,7 @@
#define CONFIG_AUTO_ROUTES
#define CONFIG_SELF_CONSCIOUS
+#define CONFIG_MULTIPLE_TABLES
#define CONFIG_SKIP_MC_BIND
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/cf/bsd.h
^
|
| @@ -8,6 +8,7 @@
#define CONFIG_AUTO_ROUTES
#define CONFIG_SELF_CONSCIOUS
+#define CONFIG_MULTIPLE_TABLES
#define CONFIG_SKIP_MC_BIND
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/config.h
^
|
| @@ -7,7 +7,7 @@
#define _BIRD_CONFIG_H_
/* BIRD version */
-#define BIRD_VERSION "1.3.10"
+#define BIRD_VERSION "1.3.11"
/* Include parameters determined by configure script */
#include "sysdep/autoconf.h"
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/linux/krt-sys.h
^
|
| @@ -15,7 +15,7 @@
struct kif_params {
};
-struct kif_status {
+struct kif_state {
};
@@ -36,7 +36,7 @@
int table_id; /* Kernel table ID we sync with */
};
-struct krt_status {
+struct krt_state {
};
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/linux/netlink.Y
^
|
| @@ -10,13 +10,13 @@
CF_DECLS
-CF_KEYWORDS(ASYNC, KERNEL, TABLE, KRT_PREFSRC, KRT_REALM)
+CF_KEYWORDS(KERNEL, TABLE, KRT_PREFSRC, KRT_REALM)
CF_GRAMMAR
-CF_ADDTO(kern_proto, kern_proto nl_item ';')
+CF_ADDTO(kern_proto, kern_proto kern_sys_item ';')
-nl_item:
+kern_sys_item:
KERNEL TABLE expr {
if ($3 <= 0 || $3 >= NL_NUM_TABLES)
cf_error("Kernel routing table number out of range");
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/linux/netlink.c
^
|
| @@ -843,9 +843,11 @@
memcpy(&ra.gw, RTA_DATA(a[RTA_GATEWAY]), sizeof(ra.gw));
ipa_ntoh(ra.gw);
+#ifdef IPV6
/* Silently skip strange 6to4 routes */
if (ipa_in_net(ra.gw, IPA_NONE, 96))
return;
+#endif
ng = neigh_find2(&p->p, &ra.gw, ra.iface,
(i->rtm_flags & RTNH_F_ONLINK) ? NEF_ONLINK : 0);
@@ -1084,18 +1086,16 @@
static u8 nl_cf_table[(NL_NUM_TABLES+7) / 8];
void
-krt_sys_start(struct krt_proto *p, int first)
+krt_sys_start(struct krt_proto *p)
{
nl_table_map[KRT_CF->sys.table_id] = p;
- if (first)
- {
- nl_open();
- nl_open_async();
- }
+
+ nl_open();
+ nl_open_async();
}
void
-krt_sys_shutdown(struct krt_proto *p UNUSED, int last UNUSED)
+krt_sys_shutdown(struct krt_proto *p UNUSED)
{
}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/linux/sysio.h
^
|
| @@ -194,17 +194,22 @@
/* RX/TX packet info handling for IPv4 */
/* Mostly similar to standardized IPv6 code */
-#define CMSG_RX_SPACE CMSG_SPACE(sizeof(struct in_pktinfo))
+#define CMSG_RX_SPACE (CMSG_SPACE(sizeof(struct in_pktinfo)) + CMSG_SPACE(sizeof(int)))
#define CMSG_TX_SPACE CMSG_SPACE(sizeof(struct in_pktinfo))
static char *
sysio_register_cmsgs(sock *s)
{
int ok = 1;
+
if ((s->flags & SKF_LADDR_RX) &&
- setsockopt(s->fd, IPPROTO_IP, IP_PKTINFO, &ok, sizeof(ok)) < 0)
+ (setsockopt(s->fd, IPPROTO_IP, IP_PKTINFO, &ok, sizeof(ok)) < 0))
return "IP_PKTINFO";
+ if ((s->flags & SKF_TTL_RX) &&
+ (setsockopt(s->fd, IPPROTO_IP, IP_RECVTTL, &ok, sizeof(ok)) < 0))
+ return "IP_RECVTTL";
+
return NULL;
}
@@ -213,25 +218,34 @@
{
struct cmsghdr *cm;
struct in_pktinfo *pi = NULL;
-
- if (!(s->flags & SKF_LADDR_RX))
- return;
+ int *ttl = NULL;
for (cm = CMSG_FIRSTHDR(msg); cm != NULL; cm = CMSG_NXTHDR(msg, cm))
+ {
+ if (cm->cmsg_level == IPPROTO_IP && cm->cmsg_type == IP_PKTINFO)
+ pi = (struct in_pktinfo *) CMSG_DATA(cm);
+
+ if (cm->cmsg_level == IPPROTO_IP && cm->cmsg_type == IP_TTL)
+ ttl = (int *) CMSG_DATA(cm);
+ }
+
+ if (s->flags & SKF_LADDR_RX)
+ {
+ if (pi)
{
- if (cm->cmsg_level == IPPROTO_IP && cm->cmsg_type == IP_PKTINFO)
- pi = (struct in_pktinfo *) CMSG_DATA(cm);
+ get_inaddr(&s->laddr, &pi->ipi_addr);
+ s->lifindex = pi->ipi_ifindex;
}
-
- if (!pi)
+ else
{
s->laddr = IPA_NONE;
s->lifindex = 0;
- return;
}
+ }
+
+ if (s->flags & SKF_TTL_RX)
+ s->ttl = ttl ? *ttl : -1;
- get_inaddr(&s->laddr, &pi->ipi_addr);
- s->lifindex = pi->ipi_ifindex;
return;
}
@@ -310,3 +324,22 @@
}
#endif
+
+
+#ifndef IPV6_TCLASS
+#define IPV6_TCLASS 67
+#endif
+
+int sk_priority_control = 7;
+
+static int
+sk_set_priority(sock *s, int prio)
+{
+ if (setsockopt(s->fd, SOL_SOCKET, SO_PRIORITY, &prio, sizeof(prio)) < 0)
+ {
+ log(L_WARN "sk_set_priority: setsockopt: %m");
+ return -1;
+ }
+
+ return 0;
+}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/unix/io.c
^
|
| @@ -17,10 +17,10 @@
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
-#include <sys/fcntl.h>
#include <sys/uio.h>
#include <sys/un.h>
#include <unistd.h>
+#include <fcntl.h>
#include <errno.h>
#include <netinet/in.h>
#include <netinet/icmp6.h>
@@ -598,7 +598,7 @@
sock *s = ralloc(p, &sk_class);
s->pool = p;
// s->saddr = s->daddr = IPA_NONE;
- s->tos = s->ttl = -1;
+ s->tos = s->priority = s->ttl = -1;
s->fd = -1;
return s;
}
@@ -673,7 +673,7 @@
#ifdef IPV6
/* PKTINFO handling is also standardized in IPv6 */
-#define CMSG_RX_SPACE CMSG_SPACE(sizeof(struct in6_pktinfo))
+#define CMSG_RX_SPACE (CMSG_SPACE(sizeof(struct in6_pktinfo)) + CMSG_SPACE(sizeof(int)))
#define CMSG_TX_SPACE CMSG_SPACE(sizeof(struct in6_pktinfo))
/*
@@ -685,15 +685,26 @@
#ifndef IPV6_RECVPKTINFO
#define IPV6_RECVPKTINFO IPV6_PKTINFO
#endif
+/*
+ * Same goes for IPV6_HOPLIMIT -> IPV6_RECVHOPLIMIT.
+ */
+#ifndef IPV6_RECVHOPLIMIT
+#define IPV6_RECVHOPLIMIT IPV6_HOPLIMIT
+#endif
static char *
sysio_register_cmsgs(sock *s)
{
int ok = 1;
+
if ((s->flags & SKF_LADDR_RX) &&
- setsockopt(s->fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &ok, sizeof(ok)) < 0)
+ (setsockopt(s->fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &ok, sizeof(ok)) < 0))
return "IPV6_RECVPKTINFO";
+ if ((s->flags & SKF_TTL_RX) &&
+ (setsockopt(s->fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &ok, sizeof(ok)) < 0))
+ return "IPV6_RECVHOPLIMIT";
+
return NULL;
}
@@ -702,25 +713,34 @@
{
struct cmsghdr *cm;
struct in6_pktinfo *pi = NULL;
-
- if (!(s->flags & SKF_LADDR_RX))
- return;
+ int *hlim = NULL;
for (cm = CMSG_FIRSTHDR(msg); cm != NULL; cm = CMSG_NXTHDR(msg, cm))
+ {
+ if (cm->cmsg_level == IPPROTO_IPV6 && cm->cmsg_type == IPV6_PKTINFO)
+ pi = (struct in6_pktinfo *) CMSG_DATA(cm);
+
+ if (cm->cmsg_level == IPPROTO_IPV6 && cm->cmsg_type == IPV6_HOPLIMIT)
+ hlim = (int *) CMSG_DATA(cm);
+ }
+
+ if (s->flags & SKF_LADDR_RX)
+ {
+ if (pi)
{
- if (cm->cmsg_level == IPPROTO_IPV6 && cm->cmsg_type == IPV6_PKTINFO)
- pi = (struct in6_pktinfo *) CMSG_DATA(cm);
+ get_inaddr(&s->laddr, &pi->ipi6_addr);
+ s->lifindex = pi->ipi6_ifindex;
}
-
- if (!pi)
+ else
{
s->laddr = IPA_NONE;
s->lifindex = 0;
- return;
}
+ }
+
+ if (s->flags & SKF_TTL_RX)
+ s->ttl = hlim ? *hlim : -1;
- get_inaddr(&s->laddr, &pi->ipi6_addr);
- s->lifindex = pi->ipi6_ifindex;
return;
}
@@ -783,21 +803,28 @@
ERR("fcntl(O_NONBLOCK)");
if (s->type == SK_UNIX)
return NULL;
-#ifndef IPV6
+
+#ifdef IPV6
+ if ((s->tos >= 0) && setsockopt(fd, SOL_IPV6, IPV6_TCLASS, &s->tos, sizeof(s->tos)) < 0)
+ WARN("IPV6_TCLASS");
+#else
if ((s->tos >= 0) && setsockopt(fd, SOL_IP, IP_TOS, &s->tos, sizeof(s->tos)) < 0)
WARN("IP_TOS");
#endif
+ if (s->priority >= 0)
+ sk_set_priority(s, s->priority);
+
#ifdef IPV6
int v = 1;
if ((s->flags & SKF_V6ONLY) && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &v, sizeof(v)) < 0)
WARN("IPV6_V6ONLY");
#endif
- if (s->ttl >= 0)
- err = sk_set_ttl_int(s);
+ if ((s->ttl >= 0) && (err = sk_set_ttl_int(s)))
+ goto bad;
- sysio_register_cmsgs(s);
+ err = sysio_register_cmsgs(s);
bad:
return err;
}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/unix/krt.c
^
|
| @@ -69,12 +69,14 @@
pool *krt_pool;
static linpool *krt_filter_lp;
+static list krt_proto_list;
void
krt_io_init(void)
{
krt_pool = rp_new(&root_pool, "Kernel Syncer");
krt_filter_lp = lp_new(krt_pool, 4080);
+ init_list(&krt_proto_list);
}
/*
@@ -565,12 +567,6 @@
* Routes
*/
-#ifdef CONFIG_ALL_TABLES_AT_ONCE
-static timer *krt_scan_timer;
-static int krt_instance_count;
-static list krt_instance_list;
-#endif
-
static void
krt_flush_routes(struct krt_proto *p)
{
@@ -812,34 +808,88 @@
* Periodic scanning
*/
+
+#ifdef CONFIG_ALL_TABLES_AT_ONCE
+
+static timer *krt_scan_timer;
+static int krt_scan_count;
+
static void
krt_scan(timer *t UNUSED)
{
struct krt_proto *p;
kif_force_scan();
-#ifdef CONFIG_ALL_TABLES_AT_ONCE
+
+ /* We need some node to decide whether to print the debug messages or not */
+ p = SKIP_BACK(struct krt_proto, krt_node, HEAD(krt_proto_list));
+ KRT_TRACE(p, D_EVENTS, "Scanning routing table");
+
+ krt_do_scan(NULL);
+
+ void *q;
+ WALK_LIST(q, krt_proto_list)
{
- void *q;
- /* We need some node to decide whether to print the debug messages or not */
- p = SKIP_BACK(struct krt_proto, instance_node, HEAD(krt_instance_list));
- if (p->instance_node.next)
- KRT_TRACE(p, D_EVENTS, "Scanning routing table");
- krt_do_scan(NULL);
- WALK_LIST(q, krt_instance_list)
- {
- p = SKIP_BACK(struct krt_proto, instance_node, q);
- krt_prune(p);
- }
+ p = SKIP_BACK(struct krt_proto, krt_node, q);
+ krt_prune(p);
+ }
+}
+
+static void
+krt_scan_timer_start(struct krt_proto *p)
+{
+ if (!krt_scan_count)
+ {
+ krt_scan_timer = tm_new_set(krt_pool, krt_scan, NULL, 0, KRT_CF->scan_time);
+ tm_start(krt_scan_timer, 0);
+ }
+
+ krt_scan_count++;
+}
+
+static void
+krt_scan_timer_stop(struct krt_proto *p)
+{
+ krt_scan_count--;
+
+ if (!krt_scan_count)
+ {
+ rfree(krt_scan_timer);
+ krt_scan_timer = NULL;
}
+}
+
#else
- p = t->data;
+
+static void
+krt_scan(timer *t)
+{
+ struct krt_proto *p = t->data;
+
+ kif_force_scan();
+
KRT_TRACE(p, D_EVENTS, "Scanning routing table");
krt_do_scan(p);
krt_prune(p);
-#endif
}
+static void
+krt_scan_timer_start(struct krt_proto *p)
+{
+ p->scan_timer = tm_new_set(p->p.pool, krt_scan, p, 0, KRT_CF->scan_time);
+ tm_start(p->scan_timer, 0);
+}
+
+static void
+krt_scan_timer_stop(struct krt_proto *p)
+{
+ tm_stop(p->scan_timer);
+}
+
+#endif
+
+
+
/*
* Updates
@@ -942,52 +992,20 @@
return &p->p;
}
-static timer *
-krt_start_timer(struct krt_proto *p)
-{
- timer *t;
-
- t = tm_new(p->krt_pool);
- t->hook = krt_scan;
- t->data = p;
- t->recurrent = KRT_CF->scan_time;
- tm_start(t, 0);
- return t;
-}
-
static int
krt_start(struct proto *P)
{
struct krt_proto *p = (struct krt_proto *) P;
- int first = 1;
-#ifdef CONFIG_ALL_TABLES_AT_ONCE
- if (!krt_instance_count++)
- init_list(&krt_instance_list);
- else
- first = 0;
- p->krt_pool = krt_pool;
- add_tail(&krt_instance_list, &p->instance_node);
-#else
- p->krt_pool = P->pool;
-#endif
+ add_tail(&krt_proto_list, &p->krt_node);
#ifdef KRT_ALLOW_LEARN
krt_learn_init(p);
#endif
- krt_sys_start(p, first);
+ krt_sys_start(p);
- /* Start periodic routing table scanning */
-#ifdef CONFIG_ALL_TABLES_AT_ONCE
- if (first)
- krt_scan_timer = krt_start_timer(p);
- else
- tm_start(krt_scan_timer, 0);
- p->scan_timer = krt_scan_timer;
-#else
- p->scan_timer = krt_start_timer(p);
-#endif
+ krt_scan_timer_start(p);
return PS_UP;
}
@@ -996,26 +1014,16 @@
krt_shutdown(struct proto *P)
{
struct krt_proto *p = (struct krt_proto *) P;
- int last = 1;
-#ifdef CONFIG_ALL_TABLES_AT_ONCE
- rem_node(&p->instance_node);
- if (--krt_instance_count)
- last = 0;
- else
-#endif
- tm_stop(p->scan_timer);
+ krt_scan_timer_stop(p);
/* FIXME we should flush routes even when persist during reconfiguration */
if (p->initialized && !KRT_CF->persist)
krt_flush_routes(p);
- krt_sys_shutdown(p, last);
+ krt_sys_shutdown(p);
-#ifdef CONFIG_ALL_TABLES_AT_ONCE
- if (last)
- rfree(krt_scan_timer);
-#endif
+ rem_node(&p->krt_node);
return PS_DOWN;
}
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/unix/krt.h
^
|
| @@ -52,15 +52,17 @@
struct krt_proto {
struct proto p;
- struct krt_status sys; /* Sysdep state */
+ struct krt_state sys; /* Sysdep state */
+
#ifdef KRT_ALLOW_LEARN
struct rtable krt_table; /* Internal table of inherited routes */
#endif
- pool *krt_pool; /* Pool used for common krt data */
+
+#ifndef CONFIG_ALL_TABLES_AT_ONCE
timer *scan_timer;
-#ifdef CONFIG_ALL_TABLES_AT_ONCE
- node instance_node; /* Node in krt instance list */
#endif
+
+ node krt_node; /* Node in krt_proto_list */
int initialized; /* First scan has already been finished */
};
@@ -103,7 +105,7 @@
struct kif_proto {
struct proto p;
- struct kif_status sys; /* Sysdep state */
+ struct kif_state sys; /* Sysdep state */
};
#define KIF_CF ((struct kif_config *)p->p.cf)
@@ -114,8 +116,8 @@
/* krt sysdep */
void krt_sys_init(struct krt_proto *);
-void krt_sys_start(struct krt_proto *, int);
-void krt_sys_shutdown(struct krt_proto *, int);
+void krt_sys_start(struct krt_proto *);
+void krt_sys_shutdown(struct krt_proto *);
int krt_sys_reconfigure(struct krt_proto *p UNUSED, struct krt_config *n, struct krt_config *o);
void krt_sys_preconfig(struct config *);
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/unix/log.c
^
|
| @@ -70,6 +70,8 @@
static char *log_buffer_pos;
static int log_buffer_remains;
+const char *log_buffer_ptr = log_buffer;
+
/**
* log_reset - reset the log buffer
|
|
[-]
[+]
|
Changed |
bird-1.3.11.tar.bz2/sysdep/unix/main.c
^
|
| @@ -97,9 +97,10 @@
add_num_const(char *name, int val)
{
struct symbol *s = cf_find_symbol(name);
- s->class = SYM_NUMBER;
- s->def = NULL;
- s->aux = val;
+ s->class = SYM_CONSTANT | T_INT;
+ s->def = cfg_allocz(sizeof(struct f_val));
+ SYM_TYPE(s) = T_INT;
+ SYM_VAL(s).i = val;
}
/* the code of read_iproute_table() is based on
|
