mirror of
https://git.proxmox.com/git/mirror_frr
synced 2025-07-27 13:06:51 +00:00
bgpd: changes for code maintainability
these changes are for improving the code maintainability and readability Signed-off-by: sri-mohan1 <sri.mohan@samsung.com>
This commit is contained in:
sri-mohan1
parent
cc7951d754
commit
c986690948
175
bgpd/bgp_pbr.c
175
bgpd/bgp_pbr.c
@ -173,33 +173,33 @@ static int snprintf_bgp_pbr_match_val(char *str, int len,
|
|||||||
ptr += delta;
|
ptr += delta;
|
||||||
len -= delta;
|
len -= delta;
|
||||||
} else {
|
} else {
|
||||||
if (mval->unary_operator & OPERATOR_UNARY_OR) {
|
if (CHECK_FLAG(mval->unary_operator, OPERATOR_UNARY_OR)) {
|
||||||
delta = snprintf(ptr, len, ", or ");
|
delta = snprintf(ptr, len, ", or ");
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
len -= delta;
|
len -= delta;
|
||||||
}
|
}
|
||||||
if (mval->unary_operator & OPERATOR_UNARY_AND) {
|
if (CHECK_FLAG(mval->unary_operator, OPERATOR_UNARY_AND)) {
|
||||||
delta = snprintf(ptr, len, ", and ");
|
delta = snprintf(ptr, len, ", and ");
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
len -= delta;
|
len -= delta;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (mval->compare_operator & OPERATOR_COMPARE_LESS_THAN) {
|
if (CHECK_FLAG(mval->compare_operator, OPERATOR_COMPARE_LESS_THAN)) {
|
||||||
delta = snprintf(ptr, len, "<");
|
delta = snprintf(ptr, len, "<");
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
len -= delta;
|
len -= delta;
|
||||||
}
|
}
|
||||||
if (mval->compare_operator & OPERATOR_COMPARE_GREATER_THAN) {
|
if (CHECK_FLAG(mval->compare_operator, OPERATOR_COMPARE_GREATER_THAN)) {
|
||||||
delta = snprintf(ptr, len, ">");
|
delta = snprintf(ptr, len, ">");
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
len -= delta;
|
len -= delta;
|
||||||
}
|
}
|
||||||
if (mval->compare_operator & OPERATOR_COMPARE_EQUAL_TO) {
|
if (CHECK_FLAG(mval->compare_operator, OPERATOR_COMPARE_EQUAL_TO)) {
|
||||||
delta = snprintf(ptr, len, "=");
|
delta = snprintf(ptr, len, "=");
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
len -= delta;
|
len -= delta;
|
||||||
}
|
}
|
||||||
if (mval->compare_operator & OPERATOR_COMPARE_EXACT_MATCH) {
|
if (CHECK_FLAG(mval->compare_operator, OPERATOR_COMPARE_EXACT_MATCH)) {
|
||||||
delta = snprintf(ptr, len, "match");
|
delta = snprintf(ptr, len, "match");
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
len -= delta;
|
len -= delta;
|
||||||
@ -287,9 +287,7 @@ static bool bgp_pbr_extract_enumerate_unary_opposite(
|
|||||||
{
|
{
|
||||||
if (unary_operator == OPERATOR_UNARY_AND && and_valmask) {
|
if (unary_operator == OPERATOR_UNARY_AND && and_valmask) {
|
||||||
if (type_entry == FLOWSPEC_TCP_FLAGS) {
|
if (type_entry == FLOWSPEC_TCP_FLAGS) {
|
||||||
and_valmask->mask |=
|
SET_FLAG(and_valmask->mask, CHECK_FLAG(TCP_HEADER_ALL_FLAGS, ~(value)));
|
||||||
TCP_HEADER_ALL_FLAGS &
|
|
||||||
~(value);
|
|
||||||
} else if (type_entry == FLOWSPEC_DSCP ||
|
} else if (type_entry == FLOWSPEC_DSCP ||
|
||||||
type_entry == FLOWSPEC_FLOW_LABEL ||
|
type_entry == FLOWSPEC_FLOW_LABEL ||
|
||||||
type_entry == FLOWSPEC_PKT_LEN ||
|
type_entry == FLOWSPEC_PKT_LEN ||
|
||||||
@ -302,9 +300,7 @@ static bool bgp_pbr_extract_enumerate_unary_opposite(
|
|||||||
sizeof(struct bgp_pbr_val_mask));
|
sizeof(struct bgp_pbr_val_mask));
|
||||||
if (type_entry == FLOWSPEC_TCP_FLAGS) {
|
if (type_entry == FLOWSPEC_TCP_FLAGS) {
|
||||||
and_valmask->val = TCP_HEADER_ALL_FLAGS;
|
and_valmask->val = TCP_HEADER_ALL_FLAGS;
|
||||||
and_valmask->mask |=
|
SET_FLAG(and_valmask->mask, CHECK_FLAG(TCP_HEADER_ALL_FLAGS, ~(value)));
|
||||||
TCP_HEADER_ALL_FLAGS &
|
|
||||||
~(value);
|
|
||||||
} else if (type_entry == FLOWSPEC_DSCP ||
|
} else if (type_entry == FLOWSPEC_DSCP ||
|
||||||
type_entry == FLOWSPEC_FLOW_LABEL ||
|
type_entry == FLOWSPEC_FLOW_LABEL ||
|
||||||
type_entry == FLOWSPEC_FRAGMENT ||
|
type_entry == FLOWSPEC_FRAGMENT ||
|
||||||
@ -346,14 +342,10 @@ static bool bgp_pbr_extract_enumerate_unary(struct bgp_pbr_match_val list[],
|
|||||||
if (i != 0 && list[i].unary_operator !=
|
if (i != 0 && list[i].unary_operator !=
|
||||||
unary_operator)
|
unary_operator)
|
||||||
return false;
|
return false;
|
||||||
if (!(list[i].compare_operator &
|
if (!CHECK_FLAG(list[i].compare_operator, OPERATOR_COMPARE_EQUAL_TO) &&
|
||||||
OPERATOR_COMPARE_EQUAL_TO) &&
|
!CHECK_FLAG(list[i].compare_operator, OPERATOR_COMPARE_EXACT_MATCH)) {
|
||||||
!(list[i].compare_operator &
|
if (CHECK_FLAG(list[i].compare_operator, OPERATOR_COMPARE_LESS_THAN) &&
|
||||||
OPERATOR_COMPARE_EXACT_MATCH)) {
|
CHECK_FLAG(list[i].compare_operator, OPERATOR_COMPARE_GREATER_THAN)) {
|
||||||
if ((list[i].compare_operator &
|
|
||||||
OPERATOR_COMPARE_LESS_THAN) &&
|
|
||||||
(list[i].compare_operator &
|
|
||||||
OPERATOR_COMPARE_GREATER_THAN)) {
|
|
||||||
ret = bgp_pbr_extract_enumerate_unary_opposite(
|
ret = bgp_pbr_extract_enumerate_unary_opposite(
|
||||||
unary_operator, and_valmask,
|
unary_operator, and_valmask,
|
||||||
or_valmask, list[i].value,
|
or_valmask, list[i].value,
|
||||||
@ -366,15 +358,15 @@ static bool bgp_pbr_extract_enumerate_unary(struct bgp_pbr_match_val list[],
|
|||||||
}
|
}
|
||||||
if (unary_operator == OPERATOR_UNARY_AND && and_valmask) {
|
if (unary_operator == OPERATOR_UNARY_AND && and_valmask) {
|
||||||
if (type_entry == FLOWSPEC_TCP_FLAGS)
|
if (type_entry == FLOWSPEC_TCP_FLAGS)
|
||||||
and_valmask->mask |=
|
SET_FLAG(and_valmask->mask,
|
||||||
TCP_HEADER_ALL_FLAGS & list[i].value;
|
CHECK_FLAG(TCP_HEADER_ALL_FLAGS, list[i].value));
|
||||||
} else if (unary_operator == OPERATOR_UNARY_OR && or_valmask) {
|
} else if (unary_operator == OPERATOR_UNARY_OR && or_valmask) {
|
||||||
and_valmask = XCALLOC(MTYPE_PBR_VALMASK,
|
and_valmask = XCALLOC(MTYPE_PBR_VALMASK,
|
||||||
sizeof(struct bgp_pbr_val_mask));
|
sizeof(struct bgp_pbr_val_mask));
|
||||||
if (type_entry == FLOWSPEC_TCP_FLAGS) {
|
if (type_entry == FLOWSPEC_TCP_FLAGS) {
|
||||||
and_valmask->val = TCP_HEADER_ALL_FLAGS;
|
and_valmask->val = TCP_HEADER_ALL_FLAGS;
|
||||||
and_valmask->mask |=
|
SET_FLAG(and_valmask->mask,
|
||||||
TCP_HEADER_ALL_FLAGS & list[i].value;
|
CHECK_FLAG(TCP_HEADER_ALL_FLAGS, list[i].value));
|
||||||
} else if (type_entry == FLOWSPEC_DSCP ||
|
} else if (type_entry == FLOWSPEC_DSCP ||
|
||||||
type_entry == FLOWSPEC_FLOW_LABEL ||
|
type_entry == FLOWSPEC_FLOW_LABEL ||
|
||||||
type_entry == FLOWSPEC_ICMP_TYPE ||
|
type_entry == FLOWSPEC_ICMP_TYPE ||
|
||||||
@ -402,8 +394,8 @@ static bool bgp_pbr_extract_enumerate(struct bgp_pbr_match_val list[],
|
|||||||
uint8_t unary_operator_val;
|
uint8_t unary_operator_val;
|
||||||
bool double_check = false;
|
bool double_check = false;
|
||||||
|
|
||||||
if ((unary_operator & OPERATOR_UNARY_OR) &&
|
if (CHECK_FLAG(unary_operator, OPERATOR_UNARY_OR) &&
|
||||||
(unary_operator & OPERATOR_UNARY_AND)) {
|
CHECK_FLAG(unary_operator, OPERATOR_UNARY_AND)) {
|
||||||
unary_operator_val = OPERATOR_UNARY_AND;
|
unary_operator_val = OPERATOR_UNARY_AND;
|
||||||
double_check = true;
|
double_check = true;
|
||||||
} else
|
} else
|
||||||
@ -431,12 +423,12 @@ static uint8_t bgp_pbr_match_val_get_operator(struct bgp_pbr_match_val list[],
|
|||||||
for (i = 0; i < num; i++) {
|
for (i = 0; i < num; i++) {
|
||||||
if (i == 0)
|
if (i == 0)
|
||||||
continue;
|
continue;
|
||||||
if (list[i].unary_operator & OPERATOR_UNARY_OR)
|
if (CHECK_FLAG(list[i].unary_operator, OPERATOR_UNARY_OR))
|
||||||
unary_operator = OPERATOR_UNARY_OR;
|
unary_operator = OPERATOR_UNARY_OR;
|
||||||
if ((list[i].unary_operator & OPERATOR_UNARY_AND
|
if ((CHECK_FLAG(list[i].unary_operator, OPERATOR_UNARY_AND) &&
|
||||||
&& unary_operator == OPERATOR_UNARY_OR) ||
|
unary_operator == OPERATOR_UNARY_OR) ||
|
||||||
(list[i].unary_operator & OPERATOR_UNARY_OR
|
(CHECK_FLAG(list[i].unary_operator, OPERATOR_UNARY_OR) &&
|
||||||
&& unary_operator == OPERATOR_UNARY_AND))
|
unary_operator == OPERATOR_UNARY_AND))
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
return unary_operator;
|
return unary_operator;
|
||||||
@ -723,8 +715,8 @@ static int bgp_pbr_validate_policy_route(struct bgp_pbr_entry_main *api)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
} else if (!(api->match_bitmask & PREFIX_SRC_PRESENT) &&
|
} else if (!CHECK_FLAG(api->match_bitmask, PREFIX_SRC_PRESENT) &&
|
||||||
!(api->match_bitmask & PREFIX_DST_PRESENT)) {
|
!CHECK_FLAG(api->match_bitmask, PREFIX_DST_PRESENT)) {
|
||||||
if (BGP_DEBUG(pbr, PBR)) {
|
if (BGP_DEBUG(pbr, PBR)) {
|
||||||
bgp_pbr_print_policy_route(api);
|
bgp_pbr_print_policy_route(api);
|
||||||
zlog_debug("BGP: match actions without src or dst address can not operate. ignoring.");
|
zlog_debug("BGP: match actions without src or dst address can not operate. ignoring.");
|
||||||
@ -786,8 +778,7 @@ int bgp_pbr_build_and_validate_entry(const struct prefix *p,
|
|||||||
|
|
||||||
memcpy(&ecom_copy, ecom_eval,
|
memcpy(&ecom_copy, ecom_eval,
|
||||||
sizeof(struct ecommunity_val));
|
sizeof(struct ecommunity_val));
|
||||||
ecom_copy.val[0] &=
|
UNSET_FLAG(ecom_copy.val[0], ECOMMUNITY_ENCODE_TRANS_EXP);
|
||||||
~ECOMMUNITY_ENCODE_TRANS_EXP;
|
|
||||||
ecom_copy.val[1] = ECOMMUNITY_ROUTE_TARGET;
|
ecom_copy.val[1] = ECOMMUNITY_ROUTE_TARGET;
|
||||||
ecommunity_add_val(eckey, &ecom_copy,
|
ecommunity_add_val(eckey, &ecom_copy,
|
||||||
false, false);
|
false, false);
|
||||||
@ -955,12 +946,12 @@ int bgp_pbr_build_and_validate_entry(const struct prefix *p,
|
|||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
/* check inconsistency in the match rule */
|
/* check inconsistency in the match rule */
|
||||||
if (api->match_bitmask & PREFIX_SRC_PRESENT) {
|
if (CHECK_FLAG(api->match_bitmask, PREFIX_SRC_PRESENT)) {
|
||||||
src = &api->src_prefix;
|
src = &api->src_prefix;
|
||||||
afi = family2afi(src->family);
|
afi = family2afi(src->family);
|
||||||
valid_prefix = 1;
|
valid_prefix = 1;
|
||||||
}
|
}
|
||||||
if (api->match_bitmask & PREFIX_DST_PRESENT) {
|
if (CHECK_FLAG(api->match_bitmask, PREFIX_DST_PRESENT)) {
|
||||||
dst = &api->dst_prefix;
|
dst = &api->dst_prefix;
|
||||||
if (valid_prefix && afi != family2afi(dst->family)) {
|
if (valid_prefix && afi != family2afi(dst->family)) {
|
||||||
if (BGP_DEBUG(pbr, PBR)) {
|
if (BGP_DEBUG(pbr, PBR)) {
|
||||||
@ -1204,12 +1195,10 @@ bool bgp_pbr_rule_hash_equal(const void *arg1, const void *arg2)
|
|||||||
if (r1->action != r2->action)
|
if (r1->action != r2->action)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if ((r1->flags & MATCH_IP_SRC_SET) &&
|
if (CHECK_FLAG(r1->flags, MATCH_IP_SRC_SET) && !prefix_same(&r1->src, &r2->src))
|
||||||
!prefix_same(&r1->src, &r2->src))
|
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if ((r1->flags & MATCH_IP_DST_SET) &&
|
if (CHECK_FLAG(r1->flags, MATCH_IP_DST_SET) && !prefix_same(&r1->dst, &r2->dst))
|
||||||
!prefix_same(&r1->dst, &r2->dst))
|
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
@ -1426,7 +1415,7 @@ void bgp_pbr_print_policy_route(struct bgp_pbr_entry_main *api)
|
|||||||
delta = snprintf(ptr, sizeof(return_string), "MATCH : ");
|
delta = snprintf(ptr, sizeof(return_string), "MATCH : ");
|
||||||
len -= delta;
|
len -= delta;
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
if (api->match_bitmask & PREFIX_SRC_PRESENT) {
|
if (CHECK_FLAG(api->match_bitmask, PREFIX_SRC_PRESENT)) {
|
||||||
struct prefix *p = &(api->src_prefix);
|
struct prefix *p = &(api->src_prefix);
|
||||||
|
|
||||||
if (api->src_prefix_offset)
|
if (api->src_prefix_offset)
|
||||||
@ -1438,7 +1427,7 @@ void bgp_pbr_print_policy_route(struct bgp_pbr_entry_main *api)
|
|||||||
ptr += delta;
|
ptr += delta;
|
||||||
INCREMENT_DISPLAY(ptr, nb_items, len);
|
INCREMENT_DISPLAY(ptr, nb_items, len);
|
||||||
}
|
}
|
||||||
if (api->match_bitmask & PREFIX_DST_PRESENT) {
|
if (CHECK_FLAG(api->match_bitmask, PREFIX_DST_PRESENT)) {
|
||||||
struct prefix *p = &(api->dst_prefix);
|
struct prefix *p = &(api->dst_prefix);
|
||||||
|
|
||||||
INCREMENT_DISPLAY(ptr, nb_items, len);
|
INCREMENT_DISPLAY(ptr, nb_items, len);
|
||||||
@ -1581,21 +1570,18 @@ void bgp_pbr_print_policy_route(struct bgp_pbr_entry_main *api)
|
|||||||
delta = snprintf(ptr, len, "@action ");
|
delta = snprintf(ptr, len, "@action ");
|
||||||
len -= delta;
|
len -= delta;
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
if (api->actions[i].u.za.filter
|
if (CHECK_FLAG(api->actions[i].u.za.filter, TRAFFIC_ACTION_TERMINATE)) {
|
||||||
& TRAFFIC_ACTION_TERMINATE) {
|
|
||||||
delta = snprintf(ptr, len,
|
delta = snprintf(ptr, len,
|
||||||
" terminate (apply filter(s))");
|
" terminate (apply filter(s))");
|
||||||
len -= delta;
|
len -= delta;
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
}
|
}
|
||||||
if (api->actions[i].u.za.filter
|
if (CHECK_FLAG(api->actions[i].u.za.filter, TRAFFIC_ACTION_DISTRIBUTE)) {
|
||||||
& TRAFFIC_ACTION_DISTRIBUTE) {
|
|
||||||
delta = snprintf(ptr, len, " distribute");
|
delta = snprintf(ptr, len, " distribute");
|
||||||
len -= delta;
|
len -= delta;
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
}
|
}
|
||||||
if (api->actions[i].u.za.filter
|
if (CHECK_FLAG(api->actions[i].u.za.filter, TRAFFIC_ACTION_SAMPLE)) {
|
||||||
& TRAFFIC_ACTION_SAMPLE) {
|
|
||||||
delta = snprintf(ptr, len, " sample");
|
delta = snprintf(ptr, len, " sample");
|
||||||
len -= delta;
|
len -= delta;
|
||||||
ptr += delta;
|
ptr += delta;
|
||||||
@ -1746,12 +1732,10 @@ static int bgp_pbr_get_same_rule(struct hash_bucket *bucket, void *arg)
|
|||||||
if (r1->flags != r2->flags)
|
if (r1->flags != r2->flags)
|
||||||
return HASHWALK_CONTINUE;
|
return HASHWALK_CONTINUE;
|
||||||
|
|
||||||
if ((r1->flags & MATCH_IP_SRC_SET) &&
|
if (CHECK_FLAG(r1->flags, MATCH_IP_SRC_SET) && !prefix_same(&r1->src, &r2->src))
|
||||||
!prefix_same(&r1->src, &r2->src))
|
|
||||||
return HASHWALK_CONTINUE;
|
return HASHWALK_CONTINUE;
|
||||||
|
|
||||||
if ((r1->flags & MATCH_IP_DST_SET) &&
|
if (CHECK_FLAG(r1->flags, MATCH_IP_DST_SET) && !prefix_same(&r1->dst, &r2->dst))
|
||||||
!prefix_same(&r1->dst, &r2->dst))
|
|
||||||
return HASHWALK_CONTINUE;
|
return HASHWALK_CONTINUE;
|
||||||
|
|
||||||
/* this function is used for two cases:
|
/* this function is used for two cases:
|
||||||
@ -1840,11 +1824,11 @@ static void bgp_pbr_policyroute_remove_from_zebra_unit(
|
|||||||
pbr_rule.vrf_id = bpf->vrf_id;
|
pbr_rule.vrf_id = bpf->vrf_id;
|
||||||
if (bpf->src) {
|
if (bpf->src) {
|
||||||
prefix_copy(&pbr_rule.src, bpf->src);
|
prefix_copy(&pbr_rule.src, bpf->src);
|
||||||
pbr_rule.flags |= MATCH_IP_SRC_SET;
|
SET_FLAG(pbr_rule.flags, MATCH_IP_SRC_SET);
|
||||||
}
|
}
|
||||||
if (bpf->dst) {
|
if (bpf->dst) {
|
||||||
prefix_copy(&pbr_rule.dst, bpf->dst);
|
prefix_copy(&pbr_rule.dst, bpf->dst);
|
||||||
pbr_rule.flags |= MATCH_IP_DST_SET;
|
SET_FLAG(pbr_rule.flags, MATCH_IP_DST_SET);
|
||||||
}
|
}
|
||||||
bpr = &pbr_rule;
|
bpr = &pbr_rule;
|
||||||
/* A previous entry may already exist
|
/* A previous entry may already exist
|
||||||
@ -1867,32 +1851,32 @@ static void bgp_pbr_policyroute_remove_from_zebra_unit(
|
|||||||
|
|
||||||
temp.family = bpf->family;
|
temp.family = bpf->family;
|
||||||
if (bpf->src) {
|
if (bpf->src) {
|
||||||
temp.flags |= MATCH_IP_SRC_SET;
|
SET_FLAG(temp.flags, MATCH_IP_SRC_SET);
|
||||||
prefix_copy(&temp2.src, bpf->src);
|
prefix_copy(&temp2.src, bpf->src);
|
||||||
} else
|
} else
|
||||||
temp2.src.family = bpf->family;
|
temp2.src.family = bpf->family;
|
||||||
if (bpf->dst) {
|
if (bpf->dst) {
|
||||||
temp.flags |= MATCH_IP_DST_SET;
|
SET_FLAG(temp.flags, MATCH_IP_DST_SET);
|
||||||
prefix_copy(&temp2.dst, bpf->dst);
|
prefix_copy(&temp2.dst, bpf->dst);
|
||||||
} else
|
} else
|
||||||
temp2.dst.family = bpf->family;
|
temp2.dst.family = bpf->family;
|
||||||
if (src_port && (src_port->min_port || bpf->protocol == IPPROTO_ICMP)) {
|
if (src_port && (src_port->min_port || bpf->protocol == IPPROTO_ICMP)) {
|
||||||
if (bpf->protocol == IPPROTO_ICMP)
|
if (bpf->protocol == IPPROTO_ICMP)
|
||||||
temp.flags |= MATCH_ICMP_SET;
|
SET_FLAG(temp.flags, MATCH_ICMP_SET);
|
||||||
temp.flags |= MATCH_PORT_SRC_SET;
|
SET_FLAG(temp.flags, MATCH_PORT_SRC_SET);
|
||||||
temp2.src_port_min = src_port->min_port;
|
temp2.src_port_min = src_port->min_port;
|
||||||
if (src_port->max_port) {
|
if (src_port->max_port) {
|
||||||
temp.flags |= MATCH_PORT_SRC_RANGE_SET;
|
SET_FLAG(temp.flags, MATCH_PORT_SRC_RANGE_SET);
|
||||||
temp2.src_port_max = src_port->max_port;
|
temp2.src_port_max = src_port->max_port;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (dst_port && (dst_port->min_port || bpf->protocol == IPPROTO_ICMP)) {
|
if (dst_port && (dst_port->min_port || bpf->protocol == IPPROTO_ICMP)) {
|
||||||
if (bpf->protocol == IPPROTO_ICMP)
|
if (bpf->protocol == IPPROTO_ICMP)
|
||||||
temp.flags |= MATCH_ICMP_SET;
|
SET_FLAG(temp.flags, MATCH_ICMP_SET);
|
||||||
temp.flags |= MATCH_PORT_DST_SET;
|
SET_FLAG(temp.flags, MATCH_PORT_DST_SET);
|
||||||
temp2.dst_port_min = dst_port->min_port;
|
temp2.dst_port_min = dst_port->min_port;
|
||||||
if (dst_port->max_port) {
|
if (dst_port->max_port) {
|
||||||
temp.flags |= MATCH_PORT_DST_RANGE_SET;
|
SET_FLAG(temp.flags, MATCH_PORT_DST_RANGE_SET);
|
||||||
temp2.dst_port_max = dst_port->max_port;
|
temp2.dst_port_max = dst_port->max_port;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1904,7 +1888,7 @@ static void bgp_pbr_policyroute_remove_from_zebra_unit(
|
|||||||
temp.pkt_len_max = pkt_len->max_port;
|
temp.pkt_len_max = pkt_len->max_port;
|
||||||
} else if (bpf->pkt_len_val) {
|
} else if (bpf->pkt_len_val) {
|
||||||
if (bpf->pkt_len_val->mask)
|
if (bpf->pkt_len_val->mask)
|
||||||
temp.flags |= MATCH_PKT_LEN_INVERSE_SET;
|
SET_FLAG(temp.flags, MATCH_PKT_LEN_INVERSE_SET);
|
||||||
temp.pkt_len_min = bpf->pkt_len_val->val;
|
temp.pkt_len_min = bpf->pkt_len_val->val;
|
||||||
}
|
}
|
||||||
if (bpf->tcp_flags) {
|
if (bpf->tcp_flags) {
|
||||||
@ -1913,32 +1897,32 @@ static void bgp_pbr_policyroute_remove_from_zebra_unit(
|
|||||||
}
|
}
|
||||||
if (bpf->dscp) {
|
if (bpf->dscp) {
|
||||||
if (bpf->dscp->mask)
|
if (bpf->dscp->mask)
|
||||||
temp.flags |= MATCH_DSCP_INVERSE_SET;
|
SET_FLAG(temp.flags, MATCH_DSCP_INVERSE_SET);
|
||||||
else
|
else
|
||||||
temp.flags |= MATCH_DSCP_SET;
|
SET_FLAG(temp.flags, MATCH_DSCP_SET);
|
||||||
temp.dscp_value = bpf->dscp->val;
|
temp.dscp_value = bpf->dscp->val;
|
||||||
}
|
}
|
||||||
if (bpf->flow_label) {
|
if (bpf->flow_label) {
|
||||||
if (bpf->flow_label->mask)
|
if (bpf->flow_label->mask)
|
||||||
temp.flags |= MATCH_FLOW_LABEL_INVERSE_SET;
|
SET_FLAG(temp.flags, MATCH_FLOW_LABEL_INVERSE_SET);
|
||||||
else
|
else
|
||||||
temp.flags |= MATCH_FLOW_LABEL_SET;
|
SET_FLAG(temp.flags, MATCH_FLOW_LABEL_SET);
|
||||||
temp.flow_label = bpf->flow_label->val;
|
temp.flow_label = bpf->flow_label->val;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (bpf->fragment) {
|
if (bpf->fragment) {
|
||||||
if (bpf->fragment->mask)
|
if (bpf->fragment->mask)
|
||||||
temp.flags |= MATCH_FRAGMENT_INVERSE_SET;
|
SET_FLAG(temp.flags, MATCH_FRAGMENT_INVERSE_SET);
|
||||||
temp.fragment = bpf->fragment->val;
|
temp.fragment = bpf->fragment->val;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (bpf->src == NULL || bpf->dst == NULL) {
|
if (bpf->src == NULL || bpf->dst == NULL) {
|
||||||
if (temp.flags & (MATCH_PORT_DST_SET | MATCH_PORT_SRC_SET))
|
if (CHECK_FLAG(temp.flags, (MATCH_PORT_DST_SET | MATCH_PORT_SRC_SET)))
|
||||||
temp.type = IPSET_NET_PORT;
|
temp.type = IPSET_NET_PORT;
|
||||||
else
|
else
|
||||||
temp.type = IPSET_NET;
|
temp.type = IPSET_NET;
|
||||||
} else {
|
} else {
|
||||||
if (temp.flags & (MATCH_PORT_DST_SET | MATCH_PORT_SRC_SET))
|
if (CHECK_FLAG(temp.flags, (MATCH_PORT_DST_SET | MATCH_PORT_SRC_SET)))
|
||||||
temp.type = IPSET_NET_PORT_NET;
|
temp.type = IPSET_NET_PORT_NET;
|
||||||
else
|
else
|
||||||
temp.type = IPSET_NET_NET;
|
temp.type = IPSET_NET_NET;
|
||||||
@ -2316,11 +2300,11 @@ static void bgp_pbr_policyroute_add_to_zebra_unit(struct bgp *bgp,
|
|||||||
pbr_rule.vrf_id = bpf->vrf_id;
|
pbr_rule.vrf_id = bpf->vrf_id;
|
||||||
pbr_rule.priority = 20;
|
pbr_rule.priority = 20;
|
||||||
if (bpf->src) {
|
if (bpf->src) {
|
||||||
pbr_rule.flags |= MATCH_IP_SRC_SET;
|
SET_FLAG(pbr_rule.flags, MATCH_IP_SRC_SET);
|
||||||
prefix_copy(&pbr_rule.src, bpf->src);
|
prefix_copy(&pbr_rule.src, bpf->src);
|
||||||
}
|
}
|
||||||
if (bpf->dst) {
|
if (bpf->dst) {
|
||||||
pbr_rule.flags |= MATCH_IP_DST_SET;
|
SET_FLAG(pbr_rule.flags, MATCH_IP_DST_SET);
|
||||||
prefix_copy(&pbr_rule.dst, bpf->dst);
|
prefix_copy(&pbr_rule.dst, bpf->dst);
|
||||||
}
|
}
|
||||||
pbr_rule.action = bpa;
|
pbr_rule.action = bpa;
|
||||||
@ -2377,32 +2361,32 @@ static void bgp_pbr_policyroute_add_to_zebra_unit(struct bgp *bgp,
|
|||||||
temp.vrf_id = bpf->vrf_id;
|
temp.vrf_id = bpf->vrf_id;
|
||||||
temp.family = bpf->family;
|
temp.family = bpf->family;
|
||||||
if (bpf->src)
|
if (bpf->src)
|
||||||
temp.flags |= MATCH_IP_SRC_SET;
|
SET_FLAG(temp.flags, MATCH_IP_SRC_SET);
|
||||||
if (bpf->dst)
|
if (bpf->dst)
|
||||||
temp.flags |= MATCH_IP_DST_SET;
|
SET_FLAG(temp.flags, MATCH_IP_DST_SET);
|
||||||
|
|
||||||
if (src_port && (src_port->min_port || bpf->protocol == IPPROTO_ICMP)) {
|
if (src_port && (src_port->min_port || bpf->protocol == IPPROTO_ICMP)) {
|
||||||
if (bpf->protocol == IPPROTO_ICMP)
|
if (bpf->protocol == IPPROTO_ICMP)
|
||||||
temp.flags |= MATCH_ICMP_SET;
|
SET_FLAG(temp.flags, MATCH_ICMP_SET);
|
||||||
temp.flags |= MATCH_PORT_SRC_SET;
|
SET_FLAG(temp.flags, MATCH_PORT_SRC_SET);
|
||||||
}
|
}
|
||||||
if (dst_port && (dst_port->min_port || bpf->protocol == IPPROTO_ICMP)) {
|
if (dst_port && (dst_port->min_port || bpf->protocol == IPPROTO_ICMP)) {
|
||||||
if (bpf->protocol == IPPROTO_ICMP)
|
if (bpf->protocol == IPPROTO_ICMP)
|
||||||
temp.flags |= MATCH_ICMP_SET;
|
SET_FLAG(temp.flags, MATCH_ICMP_SET);
|
||||||
temp.flags |= MATCH_PORT_DST_SET;
|
SET_FLAG(temp.flags, MATCH_PORT_DST_SET);
|
||||||
}
|
}
|
||||||
if (src_port && src_port->max_port)
|
if (src_port && src_port->max_port)
|
||||||
temp.flags |= MATCH_PORT_SRC_RANGE_SET;
|
SET_FLAG(temp.flags, MATCH_PORT_SRC_RANGE_SET);
|
||||||
if (dst_port && dst_port->max_port)
|
if (dst_port && dst_port->max_port)
|
||||||
temp.flags |= MATCH_PORT_DST_RANGE_SET;
|
SET_FLAG(temp.flags, MATCH_PORT_DST_RANGE_SET);
|
||||||
|
|
||||||
if (bpf->src == NULL || bpf->dst == NULL) {
|
if (bpf->src == NULL || bpf->dst == NULL) {
|
||||||
if (temp.flags & (MATCH_PORT_DST_SET | MATCH_PORT_SRC_SET))
|
if (CHECK_FLAG(temp.flags, (MATCH_PORT_DST_SET | MATCH_PORT_SRC_SET)))
|
||||||
temp.type = IPSET_NET_PORT;
|
temp.type = IPSET_NET_PORT;
|
||||||
else
|
else
|
||||||
temp.type = IPSET_NET;
|
temp.type = IPSET_NET;
|
||||||
} else {
|
} else {
|
||||||
if (temp.flags & (MATCH_PORT_DST_SET | MATCH_PORT_SRC_SET))
|
if (CHECK_FLAG(temp.flags, (MATCH_PORT_DST_SET | MATCH_PORT_SRC_SET)))
|
||||||
temp.type = IPSET_NET_PORT_NET;
|
temp.type = IPSET_NET_PORT_NET;
|
||||||
else
|
else
|
||||||
temp.type = IPSET_NET_NET;
|
temp.type = IPSET_NET_NET;
|
||||||
@ -2413,7 +2397,7 @@ static void bgp_pbr_policyroute_add_to_zebra_unit(struct bgp *bgp,
|
|||||||
temp.pkt_len_max = pkt_len->max_port;
|
temp.pkt_len_max = pkt_len->max_port;
|
||||||
} else if (bpf->pkt_len_val) {
|
} else if (bpf->pkt_len_val) {
|
||||||
if (bpf->pkt_len_val->mask)
|
if (bpf->pkt_len_val->mask)
|
||||||
temp.flags |= MATCH_PKT_LEN_INVERSE_SET;
|
SET_FLAG(temp.flags, MATCH_PKT_LEN_INVERSE_SET);
|
||||||
temp.pkt_len_min = bpf->pkt_len_val->val;
|
temp.pkt_len_min = bpf->pkt_len_val->val;
|
||||||
}
|
}
|
||||||
if (bpf->tcp_flags) {
|
if (bpf->tcp_flags) {
|
||||||
@ -2422,26 +2406,26 @@ static void bgp_pbr_policyroute_add_to_zebra_unit(struct bgp *bgp,
|
|||||||
}
|
}
|
||||||
if (bpf->dscp) {
|
if (bpf->dscp) {
|
||||||
if (bpf->dscp->mask)
|
if (bpf->dscp->mask)
|
||||||
temp.flags |= MATCH_DSCP_INVERSE_SET;
|
SET_FLAG(temp.flags, MATCH_DSCP_INVERSE_SET);
|
||||||
else
|
else
|
||||||
temp.flags |= MATCH_DSCP_SET;
|
SET_FLAG(temp.flags, MATCH_DSCP_SET);
|
||||||
temp.dscp_value = bpf->dscp->val;
|
temp.dscp_value = bpf->dscp->val;
|
||||||
}
|
}
|
||||||
if (bpf->flow_label) {
|
if (bpf->flow_label) {
|
||||||
if (bpf->flow_label->mask)
|
if (bpf->flow_label->mask)
|
||||||
temp.flags |= MATCH_FLOW_LABEL_INVERSE_SET;
|
SET_FLAG(temp.flags, MATCH_FLOW_LABEL_INVERSE_SET);
|
||||||
else
|
else
|
||||||
temp.flags |= MATCH_FLOW_LABEL_SET;
|
SET_FLAG(temp.flags, MATCH_FLOW_LABEL_SET);
|
||||||
temp.flow_label = bpf->flow_label->val;
|
temp.flow_label = bpf->flow_label->val;
|
||||||
}
|
}
|
||||||
if (bpf->fragment) {
|
if (bpf->fragment) {
|
||||||
if (bpf->fragment->mask)
|
if (bpf->fragment->mask)
|
||||||
temp.flags |= MATCH_FRAGMENT_INVERSE_SET;
|
SET_FLAG(temp.flags, MATCH_FRAGMENT_INVERSE_SET);
|
||||||
temp.fragment = bpf->fragment->val;
|
temp.fragment = bpf->fragment->val;
|
||||||
}
|
}
|
||||||
if (bpf->protocol) {
|
if (bpf->protocol) {
|
||||||
temp.protocol = bpf->protocol;
|
temp.protocol = bpf->protocol;
|
||||||
temp.flags |= MATCH_PROTOCOL_SET;
|
SET_FLAG(temp.flags, MATCH_PROTOCOL_SET);
|
||||||
}
|
}
|
||||||
temp.action = bpa;
|
temp.action = bpa;
|
||||||
bpm = hash_get(bgp->pbr_match_hash, &temp,
|
bpm = hash_get(bgp->pbr_match_hash, &temp,
|
||||||
@ -2658,13 +2642,13 @@ static void bgp_pbr_handle_entry(struct bgp *bgp, struct bgp_path_info *path,
|
|||||||
memset(&nh, 0, sizeof(nh));
|
memset(&nh, 0, sizeof(nh));
|
||||||
memset(&bpf, 0, sizeof(bpf));
|
memset(&bpf, 0, sizeof(bpf));
|
||||||
memset(&bpof, 0, sizeof(bpof));
|
memset(&bpof, 0, sizeof(bpof));
|
||||||
if (api->match_bitmask & PREFIX_SRC_PRESENT ||
|
if (CHECK_FLAG(api->match_bitmask, PREFIX_SRC_PRESENT) ||
|
||||||
(api->type == BGP_PBR_IPRULE &&
|
(api->type == BGP_PBR_IPRULE &&
|
||||||
api->match_bitmask_iprule & PREFIX_SRC_PRESENT))
|
CHECK_FLAG(api->match_bitmask_iprule, PREFIX_SRC_PRESENT)))
|
||||||
src = &api->src_prefix;
|
src = &api->src_prefix;
|
||||||
if (api->match_bitmask & PREFIX_DST_PRESENT ||
|
if (CHECK_FLAG(api->match_bitmask, PREFIX_DST_PRESENT) ||
|
||||||
(api->type == BGP_PBR_IPRULE &&
|
(api->type == BGP_PBR_IPRULE &&
|
||||||
api->match_bitmask_iprule & PREFIX_DST_PRESENT))
|
CHECK_FLAG(api->match_bitmask_iprule, PREFIX_DST_PRESENT)))
|
||||||
dst = &api->dst_prefix;
|
dst = &api->dst_prefix;
|
||||||
if (api->type == BGP_PBR_IPRULE)
|
if (api->type == BGP_PBR_IPRULE)
|
||||||
bpf.type = api->type;
|
bpf.type = api->type;
|
||||||
@ -2809,8 +2793,7 @@ static void bgp_pbr_handle_entry(struct bgp *bgp, struct bgp_path_info *path,
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case ACTION_TRAFFIC_ACTION:
|
case ACTION_TRAFFIC_ACTION:
|
||||||
if (api->actions[i].u.za.filter
|
if (CHECK_FLAG(api->actions[i].u.za.filter, TRAFFIC_ACTION_SAMPLE)) {
|
||||||
& TRAFFIC_ACTION_SAMPLE) {
|
|
||||||
if (BGP_DEBUG(pbr, PBR)) {
|
if (BGP_DEBUG(pbr, PBR)) {
|
||||||
bgp_pbr_print_policy_route(api);
|
bgp_pbr_print_policy_route(api);
|
||||||
zlog_warn("PBR: Sample action Ignored");
|
zlog_warn("PBR: Sample action Ignored");
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user