summaryrefslogtreecommitdiff
path: root/filter
diff options
context:
space:
mode:
Diffstat (limited to 'filter')
-rw-r--r--filter/config.Y7
-rw-r--r--filter/f-util.c10
-rw-r--r--filter/filter.c14
-rw-r--r--filter/filter.h4
4 files changed, 17 insertions, 18 deletions
diff --git a/filter/config.Y b/filter/config.Y
index 6efc14f5..3bb00c13 100644
--- a/filter/config.Y
+++ b/filter/config.Y
@@ -278,6 +278,7 @@ CF_KEYWORDS(FUNCTION, PRINT, PRINTN, UNSET, RETURN,
TRUE, FALSE, RT, RO, UNKNOWN, GENERIC,
FROM, GW, NET, MASK, PROTO, SOURCE, SCOPE, CAST, DEST, IFNAME, IFINDEX,
PREFERENCE,
+ ROA_CHECK,
LEN,
DEFINED,
ADD, DELETE, CONTAINS, RESET,
@@ -759,10 +760,8 @@ term:
| DELETE '(' term ',' term ')' { $$ = f_new_inst(); $$->code = P('C','a'); $$->a1.p = $3; $$->a2.p = $5; $$->aux = 'd'; }
| FILTER '(' term ',' term ')' { $$ = f_new_inst(); $$->code = P('C','a'); $$->a1.p = $3; $$->a2.p = $5; $$->aux = 'f'; }
-/*
- | ROA_CHECK '(' SYM ')' { $$ = f_generate_roa_check($3, NULL, NULL); }
- | ROA_CHECK '(' SYM ',' term ',' term ')' { $$ = f_generate_roa_check($3, $5, $7); }
-*/
+ | ROA_CHECK '(' rtable ')' { $$ = f_generate_roa_check($3, NULL, NULL); }
+ | ROA_CHECK '(' rtable ',' term ',' term ')' { $$ = f_generate_roa_check($3, $5, $7); }
/* | term '.' LEN { $$->code = P('P','l'); } */
diff --git a/filter/f-util.c b/filter/f-util.c
index 7311a56e..661941ec 100644
--- a/filter/f-util.c
+++ b/filter/f-util.c
@@ -54,9 +54,8 @@ f_generate_complex(int operation, int operation_aux, struct f_inst *dyn, struct
return set_dyn;
}
-#if 0
struct f_inst *
-f_generate_roa_check(struct symbol *sym, struct f_inst *prefix, struct f_inst *asn)
+f_generate_roa_check(struct rtable_config *table, struct f_inst *prefix, struct f_inst *asn)
{
struct f_inst_roa_check *ret = cfg_allocz(sizeof(struct f_inst_roa_check));
ret->i.code = P('R','C');
@@ -65,13 +64,12 @@ f_generate_roa_check(struct symbol *sym, struct f_inst *prefix, struct f_inst *a
ret->i.arg2 = asn;
/* prefix == NULL <-> asn == NULL */
- if ((sym->class != SYM_ROA) || ! sym->def)
- cf_error("%s is not a ROA table", sym->name);
- ret->rtc = sym->def;
+ if (table->addr_type != NET_ROA4 && table->addr_type != NET_ROA6)
+ cf_error("%s is not a ROA table", table->name);
+ ret->rtc = table;
return &ret->i;
}
-#endif
char *
filter_name(struct filter *filter)
diff --git a/filter/filter.c b/filter/filter.c
index 7a5ba5b9..6ab0cc93 100644
--- a/filter/filter.c
+++ b/filter/filter.c
@@ -39,6 +39,8 @@
#include "lib/socket.h"
#include "lib/string.h"
#include "lib/unaligned.h"
+#include "lib/net.h"
+#include "lib/ip.h"
#include "nest/route.h"
#include "nest/protocol.h"
#include "nest/iface.h"
@@ -1241,7 +1243,7 @@ interpret(struct f_inst *what)
break;
-#if 0
+
case P('R','C'): /* ROA Check */
if (what->arg1)
{
@@ -1266,15 +1268,15 @@ interpret(struct f_inst *what)
as_path_get_last(e->u.ptr, &as);
}
- struct roa_table_config *rtc = ((struct f_inst_roa_check *) what)->rtc;
- if (!rtc->table)
+ struct rtable *table = ((struct f_inst_roa_check *) what)->rtc->table;
+ if (!table || table->addr_type != (v1.val.net->type == NET_IP4 ? NET_ROA4 : NET_ROA6))
runtime("Missing ROA table");
res.type = T_ENUM_ROA;
- res.val.i = ROA_UNKNOWN;
- // XXXX res.val.i = roa_check_net(rtc->table, &v1.val.net, as);
+ res.val.i = net_roa_check(table, v1.val.net, as);
+
break;
-#endif
+
default:
bug( "Unknown instruction %d (%c)", what->code, what->code & 0xff);
diff --git a/filter/filter.h b/filter/filter.h
index 1875f314..af490121 100644
--- a/filter/filter.h
+++ b/filter/filter.h
@@ -35,7 +35,7 @@ struct f_inst { /* Instruction */
/* Not enough fields in f_inst for three args used by roa_check() */
struct f_inst_roa_check {
struct f_inst i;
- struct roa_table_config *rtc;
+ struct rtable_config *rtc;
};
struct f_prefix {
@@ -67,7 +67,7 @@ struct f_inst *f_new_inst(void);
struct f_inst *f_new_dynamic_attr(int type, int f_type, int code); /* Type as core knows it, type as filters know it, and code of dynamic attribute */
struct f_tree *f_new_tree(void);
struct f_inst *f_generate_complex(int operation, int operation_aux, struct f_inst *dyn, struct f_inst *argument);
-// struct f_inst *f_generate_roa_check(struct symbol *sym, struct f_inst *prefix, struct f_inst *asn);
+struct f_inst *f_generate_roa_check(struct rtable_config *table, struct f_inst *prefix, struct f_inst *asn);
struct f_tree *build_tree(struct f_tree *);