BGP Filtering question

Sergey Popovich popovich_sergei at mail.ru
Mon Aug 18 17:02:34 CEST 2014


> Hi everyone,

Hello.

> 
> I am trying to do something that I think that should be so easy but I am
> not success yet.
> 
> In IPv4 I need to know if there is any possibility to execute OS commands
> and receive its output (in filters or functions) owing to receive the list
> of dev names to accept (concretely in a OpenWRT shell or similar). An
> example of the routes I want to accept is:

Currently impossible to execute any external binary from the
filters/functions.

> 
> 10.201.192.0/24 dev bmxOut_GSoC-0a  proto static  metric 1024
> 
> Otherwise, my other possiblity is to use statically the device name:
> bmx_____, using the pattern "bmx*" to filter them (it is possible?), but I
> am not really sure if there is a "dev" option, if I may use "ifname" (it is
> outgoing iface, so I suppose that no) or something like to check it.

You could filter routes on ingress (i.e. from kernel/direct protocol)
by the ifname attribute.

For instance:

    if ifname ~ "bmx*" then
      accept;
     reject;

> 
> Best regards,​

-- 
SP5474-RIPE
Sergey Popovich




More information about the Bird-users mailing list