On Mon, Jul 08, 2013 at 09:35:02AM +0300, Javor Kliachev wrote:
Hello,
I'm wondering, is there any way to configure following example to single rule only.
if bgp_path ~ [= * 100 * =] then return false; if bgp_path ~ [= * 200 * =] then return false; if bgp_path ~ [= * 300 * =] then return false; if bgp_path ~ [= * 400 * =] then return false;
On this way, If we want to filter many ASs, it seems that we should generate too much rows.
Well, you could replace that with this: if 10 ~ bgp_path then return false; which is probably slightly faster, but you still need all the rows. If you would test just for last (or first) ASN, you could use: if bgp_path.last ~ [10, 20, 30, 40, ... ] then return false; Perhaps we should implement this: if bgp_path ~ [10, 20, 30, 40, ... ] then return false; (i.e. check every ASN from bgp_path against set of numbers) That would be simple to implement, consistent with our filtering features for community lists and works fast for a large sets of ASN. We don't support full regular expressions for bgp_path matching, just the shell-like wildcard patterns. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."