lib, vtysh: Add allow-reserved-ranges global command

It will be used to allow/deny using IPv4 reserved ranges (Class E) for Zebra
(configuring interface address) or BGP (allow next-hop to be from this range).

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>

lib/command.c

@@ -121,6 +121,11 @@ const char *cmd_version_get(void)
 	return host.version;
 }
 
+bool cmd_allow_reserved_ranges_get(void)
+{
+	return host.allow_reserved_ranges;
+}
+
 static int root_on_exit(struct vty *vty);
 
 /* Standard command node structures. */
@@ -454,6 +459,9 @@ static int config_write_host(struct vty *vty)
 	if (name && name[0] != '\0')
 		vty_out(vty, "domainname %s\n", name);
 
+	if (cmd_allow_reserved_ranges_get())
+		vty_out(vty, "allow-reserved-ranges\n");
+
 	/* The following are all configuration commands that are not sent to
 	 * watchfrr.  For instance watchfrr is hardcoded to log to syslog so
 	 * we would always display 'log syslog informational' in the config
@@ -2294,6 +2302,21 @@ DEFUN (no_banner_motd,
 	return CMD_SUCCESS;
 }
 
+DEFUN(allow_reserved_ranges, allow_reserved_ranges_cmd, "allow-reserved-ranges",
+      "Allow using IPv4 (Class E) reserved IP space\n")
+{
+	host.allow_reserved_ranges = true;
+	return CMD_SUCCESS;
+}
+
+DEFUN(no_allow_reserved_ranges, no_allow_reserved_ranges_cmd,
+      "no allow-reserved-ranges",
+      NO_STR "Allow using IPv4 (Class E) reserved IP space\n")
+{
+	host.allow_reserved_ranges = false;
+	return CMD_SUCCESS;
+}
+
 int cmd_find_cmds(struct vty *vty, struct cmd_token **argv, int argc)
 {
 	const struct cmd_node *node;
@@ -2483,6 +2506,7 @@ void cmd_init(int terminal)
 	host.lines = -1;
 	cmd_banner_motd_line(FRR_DEFAULT_MOTD);
 	host.motdfile = NULL;
+	host.allow_reserved_ranges = false;
 
 	/* Install top nodes. */
 	install_node(&view_node);
@@ -2552,6 +2576,8 @@ void cmd_init(int terminal)
 		install_element(CONFIG_NODE, &no_banner_motd_cmd);
 		install_element(CONFIG_NODE, &service_terminal_length_cmd);
 		install_element(CONFIG_NODE, &no_service_terminal_length_cmd);
+		install_element(CONFIG_NODE, &allow_reserved_ranges_cmd);
+		install_element(CONFIG_NODE, &no_allow_reserved_ranges_cmd);
 
 		log_cmd_init();
 		vrf_install_commands();

lib/command.h

@@ -84,6 +84,9 @@ struct host {
 	/* Banner configuration. */
 	char *motd;
 	char *motdfile;
+
+	/* Allow using IPv4 (Class E) reserved IP space */
+	bool allow_reserved_ranges;
 };
 
 /* List of CLI nodes. Please remember to update the name array in command.c. */
@@ -614,6 +617,7 @@ extern const char *cmd_domainname_get(void);
 extern const char *cmd_system_get(void);
 extern const char *cmd_release_get(void);
 extern const char *cmd_version_get(void);
+extern bool cmd_allow_reserved_ranges_get(void);
 
 /* NOT safe for general use; call this only if DEV_BUILD! */
 extern void grammar_sandbox_init(void);

vtysh/vtysh.c

@@ -3140,6 +3140,20 @@ DEFUN(vtysh_debug_uid_backtrace,
 	return err;
 }
 
+DEFUNSH(VTYSH_ALL, vtysh_allow_reserved_ranges, vtysh_allow_reserved_ranges_cmd,
+	"allow-reserved-ranges",
+	"Allow using IPv4 (Class E) reserved IP space\n")
+{
+	return CMD_SUCCESS;
+}
+
+DEFUNSH(VTYSH_ALL, no_vtysh_allow_reserved_ranges,
+	no_vtysh_allow_reserved_ranges_cmd, "no allow-reserved-ranges",
+	NO_STR "Allow using IPv4 (Class E) reserved IP space\n")
+{
+	return CMD_SUCCESS;
+}
+
 DEFUNSH(VTYSH_ALL, vtysh_service_password_encrypt,
 	vtysh_service_password_encrypt_cmd, "service password-encryption",
 	"Set up miscellaneous service\n"
@@ -4902,6 +4916,9 @@ void vtysh_init_vty(void)
 	install_element(CONFIG_NODE, &vtysh_service_password_encrypt_cmd);
 	install_element(CONFIG_NODE, &no_vtysh_service_password_encrypt_cmd);
 
+	install_element(CONFIG_NODE, &vtysh_allow_reserved_ranges_cmd);
+	install_element(CONFIG_NODE, &no_vtysh_allow_reserved_ranges_cmd);
+
 	install_element(CONFIG_NODE, &vtysh_password_cmd);
 	install_element(CONFIG_NODE, &no_vtysh_password_cmd);
 	install_element(CONFIG_NODE, &vtysh_enable_password_cmd);

vtysh/vtysh_config.c

@@ -478,14 +478,18 @@ void vtysh_config_parse_line(void *arg, const char *line)
 		else if (strncmp(line, "rpki", strlen("rpki")) == 0)
 			config = config_get(RPKI_NODE, line);
 		else {
-			if (strncmp(line, "log", strlen("log")) == 0
-			    || strncmp(line, "hostname", strlen("hostname")) == 0
-			    || strncmp(line, "domainname", strlen("domainname")) == 0
-			    || strncmp(line, "frr", strlen("frr")) == 0
-			    || strncmp(line, "agentx", strlen("agentx")) == 0
-			    || strncmp(line, "no log", strlen("no log")) == 0
-			    || strncmp(line, "no ip prefix-list", strlen("no ip prefix-list")) == 0
-			    || strncmp(line, "no ipv6 prefix-list", strlen("no ipv6 prefix-list")) == 0)
+			if (strncmp(line, "log", strlen("log")) == 0 ||
+			    strncmp(line, "hostname", strlen("hostname")) ==
+				    0 ||
+			    strncmp(line, "domainname", strlen("domainname")) ==
+				    0 ||
+			    strncmp(line, "frr", strlen("frr")) == 0 ||
+			    strncmp(line, "agentx", strlen("agentx")) == 0 ||
+			    strncmp(line, "no log", strlen("no log")) == 0 ||
+			    strncmp(line, "no ip prefix-list",
+				    strlen("no ip prefix-list")) == 0 ||
+			    strncmp(line, "no ipv6 prefix-list",
+				    strlen("no ipv6 prefix-list")) == 0)
 				config_add_line_uniq(config_top, line);
 			else
 				config_add_line(config_top, line);