summaryrefslogtreecommitdiffhomepage
path: root/policy/policy.go
diff options
context:
space:
mode:
authorFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>2015-08-12 15:22:44 +0900
committerFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>2015-08-12 15:22:44 +0900
commit845d5cc1cf37c8c998852a8b26aac99e7d043c47 (patch)
tree2eb398560b063973e6c2176b33ffb4d5a284a8db /policy/policy.go
parent84f3a20caeab95e2e41e8b13914e7d4096973376 (diff)
policy: support rpki validation match
You can configure like (NotFound:1, Valid:2, Invalid:3): [PolicyDefinitions] [[PolicyDefinitions.PolicyDefinitionList]] Name = "AS65002-EXPORT-RPKI" [PolicyDefinitions.PolicyDefinitionList.Statements] [[PolicyDefinitions.PolicyDefinitionList.Statements.StatementList]] Name = "statement1" [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Conditions.BgpConditions] RpkiValidationResult = 3 [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions] [PolicyDefinitions.PolicyDefinitionList.Statements.StatementList.Actions.RouteDisposition] RejectRoute = true Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Diffstat (limited to 'policy/policy.go')
-rw-r--r--policy/policy.go20
1 files changed, 19 insertions, 1 deletions
diff --git a/policy/policy.go b/policy/policy.go
index 259712ec..ab1d2b1a 100644
--- a/policy/policy.go
+++ b/policy/policy.go
@@ -69,7 +69,7 @@ func NewPolicy(pd config.PolicyDefinition, ds config.DefinedSets) *Policy {
}
for _, statement := range stmtList {
-
+ fmt.Println(statement.Conditions.BgpConditions)
conditions := make([]Condition, 0)
// prefix match
@@ -91,6 +91,10 @@ func NewPolicy(pd config.PolicyDefinition, ds config.DefinedSets) *Policy {
conditions = append(conditions, ac)
}
+ if statement.Conditions.BgpConditions.RpkiValidationResult != config.RPKI_VALIDATION_RESULT_TYPE_NONE {
+ conditions = append(conditions, NewRPKIValidationCondition(statement.Conditions.BgpConditions.RpkiValidationResult))
+ }
+
bgpDefset := &ds.BgpDefinedSets
bgpConditions := &statement.Conditions.BgpConditions
// AsPathCondition
@@ -972,6 +976,20 @@ func (c *ExtCommunityCondition) evaluate(path *table.Path) bool {
return result
}
+type RPKIValidationCondition struct {
+ result config.RpkiValidationResultType
+}
+
+func NewRPKIValidationCondition(result config.RpkiValidationResultType) *RPKIValidationCondition {
+ return &RPKIValidationCondition{
+ result: result,
+ }
+}
+
+func (c *RPKIValidationCondition) evaluate(path *table.Path) bool {
+ return c.result == path.Validation
+}
+
type Action interface {
apply(*table.Path) *table.Path
}