On Wed, Mar 21, 2018 at 04:29:13PM +0200, Javor Kliachev wrote:
Hi,
Thank you very much for the fast response.
The patch has completely fixed the issue!
One more question about the ROA:
Is it possible to use roa_check() into another function and first parameter of the roa_check to be some argument like peer_as for an example:
roa table 65501 { roa 1.2.3.0/24 max 32 as 65501; }
function BGP_IN(*int peer_as*) {
if roa_check(*peer_as*, net, bgp_path.last) = ROA_INVALID then { print "ROA check failed for ", net, " from ASN ", bgp_path.last; return false; }
if roa_check(*peer_as*, net, bgp_path.last) = ROA_UNKNOWN then { print "ROA check failed: unallowed prefix - ", net, " origin ASN ", bgp_path.last , " - AS-PATH", bgp_path , " via ", proto; return false; } return true; }
When I put the above lines in the configuration and try to reconfigure I got the following error:
No, you hae to use switch based on peer_as. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."