babeld/babel_filter.c

   1 /*
   2  *  This file is free software: you may copy, redistribute and/or modify it
   3  *  under the terms of the GNU General Public License as published by the
   4  *  Free Software Foundation, either version 2 of the License, or (at your
   5  *  option) any later version.
   6  *
   7  *  This file is distributed in the hope that it will be useful, but
   8  *  WITHOUT ANY WARRANTY; without even the implied warranty of
   9  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  10  *  General Public License for more details.
  11  *
  12  *  You should have received a copy of the GNU General Public License
  13  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  14  *
  15  * This file incorporates work covered by the following copyright and
  16  * permission notice:
  17  *
  18
  19 Copyright 2011 by Matthieu Boutier and Juliusz Chroboczek
  20
  21 Permission is hereby granted, free of charge, to any person obtaining a copy
  22 of this software and associated documentation files (the "Software"), to deal
  23 in the Software without restriction, including without limitation the rights
  24 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  25 copies of the Software, and to permit persons to whom the Software is
  26 furnished to do so, subject to the following conditions:
  27
  28 The above copyright notice and this permission notice shall be included in
  29 all copies or substantial portions of the Software.
  30
  31 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  32 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  33 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
  34 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  35 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  36 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  37 THE SOFTWARE.
  38 */
  39
  40 #include "babel_filter.h"
  41 #include "vty.h"
  42 #include "filter.h"
  43 #include "log.h"
  44 #include "plist.h"
  45 #include "distribute.h"
  46 #include "util.h"
  47
  48
  49 int
  50 babel_filter_in (struct prefix *p, babel_interface_nfo *babel_ifp)
  51 {
  52     struct distribute *dist;
  53     struct access_list *alist;
  54     struct prefix_list *plist;
  55
  56     /* Input distribute-list filtering. */
  57     if (babel_ifp != NULL && babel_ifp->list[BABEL_FILTER_IN]) {
  58         if (access_list_apply (babel_ifp->list[BABEL_FILTER_IN], p)
  59             == FILTER_DENY) {
  60             debugf(BABEL_DEBUG_FILTER,
  61                    "%s/%d filtered by distribute in",
  62                    p->family == AF_INET ?
  63                    inet_ntoa(p->u.prefix4) :
  64                    inet6_ntoa (p->u.prefix6),
  65                    p->prefixlen);
  66             return -1;
  67         }
  68     }
  69     if (babel_ifp != NULL && babel_ifp->prefix[BABEL_FILTER_IN]) {
  70         if (prefix_list_apply (babel_ifp->prefix[BABEL_FILTER_IN], p)
  71             == PREFIX_DENY) {
  72             debugf(BABEL_DEBUG_FILTER, "%s/%d filtered by distribute in",
  73                         p->family == AF_INET ?
  74                         inet_ntoa(p->u.prefix4) :
  75                         inet6_ntoa (p->u.prefix6),
  76                         p->prefixlen);
  77             return -1;
  78         }
  79     }
  80
  81     /* All interface filter check. */
  82     dist = distribute_lookup (NULL);
  83     if (dist) {
  84         if (dist->list[DISTRIBUTE_IN]) {
  85             alist = access_list_lookup (AFI_IP6, dist->list[DISTRIBUTE_IN]);
  86
  87             if (alist) {
  88                 if (access_list_apply (alist, p) == FILTER_DENY) {
  89                     debugf(BABEL_DEBUG_FILTER, "%s/%d filtered by distribute in",
  90                                 p->family == AF_INET ?
  91                                 inet_ntoa(p->u.prefix4) :
  92                                 inet6_ntoa (p->u.prefix6),
  93                                 p->prefixlen);
  94                     return -1;
  95                 }
  96             }
  97         }
  98         if (dist->prefix[DISTRIBUTE_IN]) {
  99             plist = prefix_list_lookup (AFI_IP6, dist->prefix[DISTRIBUTE_IN]);
 100             if (plist) {
 101                 if (prefix_list_apply (plist, p) == PREFIX_DENY) {
 102                     debugf(BABEL_DEBUG_FILTER, "%s/%d filtered by distribute in",
 103                                 p->family == AF_INET ?
 104                                 inet_ntoa(p->u.prefix4) :
 105                                 inet6_ntoa (p->u.prefix6),
 106                                 p->prefixlen);
 107                     return -1;
 108                 }
 109             }
 110         }
 111     }
 112     return 0;
 113 }
 114
 115 int
 116 babel_filter_out (struct prefix *p, babel_interface_nfo *babel_ifp)
 117 {
 118     struct distribute *dist;
 119     struct access_list *alist;
 120     struct prefix_list *plist;
 121
 122     if (babel_ifp != NULL && babel_ifp->list[BABEL_FILTER_OUT]) {
 123         if (access_list_apply (babel_ifp->list[BABEL_FILTER_OUT], p)
 124             == FILTER_DENY) {
 125             debugf(BABEL_DEBUG_FILTER, "%s/%d filtered by distribute out",
 126                         p->family == AF_INET ?
 127                         inet_ntoa(p->u.prefix4) :
 128                         inet6_ntoa (p->u.prefix6),
 129                         p->prefixlen);
 130             return -1;
 131         }
 132     }
 133     if (babel_ifp != NULL && babel_ifp->prefix[BABEL_FILTER_OUT]) {
 134         if (prefix_list_apply (babel_ifp->prefix[BABEL_FILTER_OUT], p)
 135             == PREFIX_DENY) {
 136             debugf(BABEL_DEBUG_FILTER, "%s/%d filtered by distribute out",
 137                         p->family == AF_INET ?
 138                         inet_ntoa(p->u.prefix4) :
 139                         inet6_ntoa (p->u.prefix6),
 140                         p->prefixlen);
 141             return -1;
 142         }
 143     }
 144
 145     /* All interface filter check. */
 146     dist = distribute_lookup (NULL);
 147     if (dist) {
 148         if (dist->list[DISTRIBUTE_OUT]) {
 149             alist = access_list_lookup (AFI_IP6, dist->list[DISTRIBUTE_OUT]);
 150             if (alist) {
 151                 if (access_list_apply (alist, p) == FILTER_DENY) {
 152                     debugf(BABEL_DEBUG_FILTER, "%s/%d filtered by distribute out",
 153                                 p->family == AF_INET ?
 154                                 inet_ntoa(p->u.prefix4) :
 155                                 inet6_ntoa (p->u.prefix6),
 156                                 p->prefixlen);
 157                     return -1;
 158                 }
 159             }
 160         }
 161         if (dist->prefix[DISTRIBUTE_OUT]) {
 162             plist = prefix_list_lookup (AFI_IP6, dist->prefix[DISTRIBUTE_OUT]);
 163             if (plist) {
 164                 if (prefix_list_apply (plist, p) == PREFIX_DENY) {
 165                     debugf(BABEL_DEBUG_FILTER, "%s/%d filtered by distribute out",
 166                                 p->family == AF_INET ?
 167                                 inet_ntoa(p->u.prefix4) :
 168                                 inet6_ntoa (p->u.prefix6),
 169                                 p->prefixlen);
 170                     return -1;
 171                 }
 172             }
 173         }
 174     }
 175     return 0;
 176 }
 177
 178 int
 179 babel_filter_redistribute (struct prefix *p,
 180                            babel_interface_nfo *babel_ifp)
 181 {
 182     debugf(BABEL_DEBUG_FILTER, "%s/%d WARNING: no redistribute filter implemented !!!!",
 183                 p->family == AF_INET ?
 184                 inet_ntoa(p->u.prefix4) :
 185                 inet6_ntoa (p->u.prefix6),
 186                 p->prefixlen);
 187     return 0; /* TODO: it redistributes always */
 188 }