Filtering on Export-Protocol

Michael Rack mail at michaelrack.de
Thu Apr 9 07:32:20 CEST 2020 

perhaps you should add two new constants:

1) target_proto
2) source_proto (same as proto + proto for compatibility)

We do filtering on VLANs so perhaps it is also possible to expose the
target_interface where the socket is bound to?

So we can simply match on *if target_interface = "eth1.2220"*

If the protocol is kernel or device the target_interface is also kernel /
device.

Am Mi., 8. Apr. 2020 um 20:17 Uhr schrieb Michael Rack <mail at michaelrack.de
>:

> Aaahh now i see...
>
> Currently I do pattern matching... Sorry.
>
> function is_filtered_proto_in ( string p )
>> {
>>         return false;
>> }
>> function is_filtered_proto_out ( string p )
>> {
>>         if p ~ "*2220" then
>>         {
>>                 bgp_community.add((65000,11120));
>>                 print "Reached is_filtered_proto_out( ", p, " ): Adding
>> Community 65000,11120";
>>         }
>>         if p = "*2221" then
>>         {
>>                 bgp_community.add((65000,11050));
>>                 print "Reached is_filtered_proto_out( ", p, " ): Adding
>> Community 65000,11050";
>>         }
>>         return false;
>> }
>
>
> Am Mi., 8. Apr. 2020 um 20:09 Uhr schrieb Maria Matějka <
> maria.matejka at nic.cz>:
>
>> I say that there is no support for such a thing yet but I may be able to
>> provide you with a patch (we want to add it to the filter language).
>>
>> Maria
>>
>> On April 8, 2020 7:58:41 PM GMT+02:00, Michael Rack <mail at michaelrack.de>
>> wrote:
>>>
>>> Can you explain what you mean?
>>>
>>> How should I change my scripts?
>>>
>>> I think it will be a good workaround when I simply use functions instead
>>> of filters, so I can bypass some parameters.
>>>
>>> *protocol bgp *'peer-neo' {
>>>>       ipv4 { export where *filter_common_ipv4_out(* "peer-neo" *)*; };
>>>> }
>>>> *function  *filter_common_ipv4_out( string remote_peer_name ) {
>>>>       if  remote_peer_name  = 'peer-neo' then .....;
>>>> }
>>>
>>>
>>> It is stupid because i define the peer-name twice.
>>> But for now it will do the job relatively easily.
>>>
>>> I have over 40 peers, so I have to write the function / filter for
>>> common use.
>>>
>>> Am Mi., 8. Apr. 2020 um 19:39 Uhr schrieb Maria Matějka <
>>> maria.matejka at nic.cz>:
>>>
>>>> Hello!
>>>>
>>>> Currently not supported. Is simple exact match enough for your
>>>> purposes? This may be simply added to the filter language.
>>>>
>>>> Maria
>>>>
>>>> On April 8, 2020 6:47:49 PM GMT+02:00, Michael Rack <
>>>> mail at michaelrack.de> wrote:
>>>>>
>>>>> Hi Guys,
>>>>>
>>>>> if i am in the EXPORT-Routine, how can i access the "protocol-name" of
>>>>> that instance that is currently using my function?
>>>>>
>>>>> If I rely on "proto" I get the protocol-name where the route comes
>>>>> from. That is not what I want.
>>>>>
>>>>> *protocol bgp *'peer-neo' {
>>>>>>       ipv4 { export filter *filter_common_ipv4_out*; };
>>>>>> }
>>>>>> *filter  * filter_common_ipv4_out() {
>>>>>>       if  proto  = 'peer-neo' then .....;
>>>>>> }
>>>>>
>>>>>
>>>>> How can I match for 'peer-neo' ?
>>>>>
>>>>> Thank you.
>>>>> Michael.
>>>>>
>>>>
>>>> --
>>>> Sent from my Android device with K-9 Mail. Please excuse my brevity.
>>>>
>>>
>> --
>> Sent from my Android device with K-9 Mail. Please excuse my brevity.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20200409/3636b023/attachment.htm>

More information about the Bird-users mailing list