Before this, if the community-list has an entry with permit internet (0:0),
then it's treated as permit everything and returned as MATCH.
So if we have something like:
```
bgp community-list standard OUT_AS_PERMIT seq 5 permit internet
bgp community-list standard OUT_AS_PERMIT seq 10 deny 4:1
bgp community-list standard OUT_AS_PERMIT seq 20 permit 3:1
```
It's not gonna work because it will return MATCH and stops parsing.
Routes with 4:1 community will be advertised.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
The socket created for pimv6 was created using AF_INET for PIMV6
too.
Since the api pim_reg_sock is common to both PIMv4 and PIMv6,
need to use PIM_AF instead of AF_INET.
Fixes: #11815
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
Before:
```
donatas-laptop# show bgp ipv4 unicast community-list testas
% testas is not a valid community-list name
donatas-laptop# con
donatas-laptop(config)# bgp community-list standard testas permit internet
donatas-laptop(config)# do show bgp ipv4 unicast community-list testas
donatas-laptop(config)#
```
`is not a valid community-list name` is a misleading warning message.
Doing the same for filter-list, access-list, prefix-list, route-map.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Although VTY_GET_CONTEXT can return a failed value, it will
never happen in pbrd because of how context work. In
any event add some code to make coverity happy
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
ls_msg2edge calls ls_edge_del_all which will free the
edge variable. Ensure that FRR properly returns NULL.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The call into pim_cmd_lookup_vrf may be NULL
and dereferencing it before ensuring that the
vrf pointer is non-NULL is a good way to crash.
A crash can be initiated in pim:
eva# show ip msdp vrf NOEXIST mesh-group
vtysh: error reading from pimd: Permission denied (13)Warning: closing connection to pimd because of an I/O error!
eva# 2022/08/15 11:47:38 [PHJDC-499N2][EC 100663314] STARVATION: task vtysh_rl_read (560b77f76de6) ran for 16777ms (cpu time 0ms)
eva#
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
When calling pim_upstream_add, the lookup for upstream
or the creation of the upstream cannot fail. As such
up is never NULL.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
in pim_ifchannel.c there exists several spots where
the ch->upstream is assumed to be NULL. This is not
possible.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
For now, only if the knob is enabled. Later this gonna be (most likely) removed
and routes with AS_SET / AS_CONFED_SET will be denied by default.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Coverity spotted 3 places where `int ret = XXX` was
being used and FRR was immediately assigning a different
value.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
I am seeing the zebra_pw_install_retry timer thread crashing
on shutdown
The shutdown of the timer is only in an
if () {
...
} else if
Let's just always shut it down.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
