Makefile.in
*.tar.gz
*.tar.gz.asc
+*.tar.?z
.nfs*
libtool
.libs
debian/frr.substvars
debian/frr/
debian/tmp/
+*.deb
+*.ddeb
+*.dsc
+*.changes
*.pyc
*.swp
cscope.*
vtysh doc tests \
solaris bgpd/rfp-example/librfp \
bgpd/rfp-example/rfptest \
+ debianpkg \
# end
if PKGSRC
safi_t safi;
struct bgp_synchronize *sync;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- sync = XCALLOC(MTYPE_BGP_SYNCHRONISE,
- sizeof(struct bgp_synchronize));
- BGP_ADV_FIFO_INIT(&sync->update);
- BGP_ADV_FIFO_INIT(&sync->withdraw);
- BGP_ADV_FIFO_INIT(&sync->withdraw_low);
- peer->sync[afi][safi] = sync;
- peer->hash[afi][safi] =
- hash_create(baa_hash_key,
- baa_hash_cmp,
- "BGP Sync Hash");
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ sync = XCALLOC(MTYPE_BGP_SYNCHRONISE,
+ sizeof(struct bgp_synchronize));
+ BGP_ADV_FIFO_INIT(&sync->update);
+ BGP_ADV_FIFO_INIT(&sync->withdraw);
+ BGP_ADV_FIFO_INIT(&sync->withdraw_low);
+ peer->sync[afi][safi] = sync;
+ peer->hash[afi][safi] = hash_create(baa_hash_key, baa_hash_cmp,
+ "BGP Sync Hash");
+ }
}
void bgp_sync_delete(struct peer *peer)
afi_t afi;
safi_t safi;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (peer->sync[afi][safi])
- XFREE(MTYPE_BGP_SYNCHRONISE,
- peer->sync[afi][safi]);
- peer->sync[afi][safi] = NULL;
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (peer->sync[afi][safi])
+ XFREE(MTYPE_BGP_SYNCHRONISE, peer->sync[afi][safi]);
+ peer->sync[afi][safi] = NULL;
- if (peer->hash[afi][safi])
- hash_free(peer->hash[afi][safi]);
- peer->hash[afi][safi] = NULL;
- }
+ if (peer->hash[afi][safi])
+ hash_free(peer->hash[afi][safi]);
+ peer->hash[afi][safi] = NULL;
+ }
}
}
/* Convert aspath structure to string expression. */
-static void aspath_make_str_count(struct aspath *as)
+static void aspath_make_str_count(struct aspath *as, bool make_json)
{
struct assegment *seg;
int str_size;
json_object *jseg = NULL;
json_object *jseg_list = NULL;
- as->json = json_object_new_object();
- jaspath_segments = json_object_new_array();
+ if (make_json) {
+ as->json = json_object_new_object();
+ jaspath_segments = json_object_new_array();
+ }
/* Empty aspath. */
if (!as->segments) {
- json_object_string_add(as->json, "string", "Local");
- json_object_object_add(as->json, "segments", jaspath_segments);
- json_object_int_add(as->json, "length", 0);
+ if (make_json) {
+ json_object_string_add(as->json, "string", "Local");
+ json_object_object_add(as->json, "segments", jaspath_segments);
+ json_object_int_add(as->json, "length", 0);
+ }
as->str = XMALLOC(MTYPE_AS_STR, 1);
as->str[0] = '\0';
as->str_len = 0;
as->str_len = 0;
json_object_free(as->json);
as->json = NULL;
+
return;
}
str_buf + len, str_size - len, "%c",
aspath_delimiter_char(seg->type, AS_SEG_START));
- jseg_list = json_object_new_array();
+ if (make_json)
+ jseg_list = json_object_new_array();
/* write out the ASNs, with their seperators, bar the last one*/
for (i = 0; i < seg->length; i++) {
- json_object_array_add(jseg_list,
- json_object_new_int(seg->as[i]));
+ if (make_json)
+ json_object_array_add(jseg_list,
+ json_object_new_int(seg->as[i]));
len += snprintf(str_buf + len, str_size - len, "%u",
seg->as[i]);
"%c", seperator);
}
- jseg = json_object_new_object();
- json_object_string_add(jseg, "type",
- aspath_segment_type_str[seg->type]);
- json_object_object_add(jseg, "list", jseg_list);
- json_object_array_add(jaspath_segments, jseg);
+ if (make_json) {
+ jseg = json_object_new_object();
+ json_object_string_add(jseg, "type",
+ aspath_segment_type_str[seg->type]);
+ json_object_object_add(jseg, "list", jseg_list);
+ json_object_array_add(jaspath_segments, jseg);
+ }
if (seg->type != AS_SEQUENCE)
len += snprintf(
as->str = str_buf;
as->str_len = len;
- json_object_string_add(as->json, "string", str_buf);
- json_object_object_add(as->json, "segments", jaspath_segments);
- json_object_int_add(as->json, "length", aspath_count_hops(as));
+ if (make_json) {
+ json_object_string_add(as->json, "string", str_buf);
+ json_object_object_add(as->json, "segments", jaspath_segments);
+ json_object_int_add(as->json, "length", aspath_count_hops(as));
+ }
+
return;
}
-static void aspath_str_update(struct aspath *as)
+void aspath_str_update(struct aspath *as, bool make_json)
{
if (as->str)
XFREE(MTYPE_AS_STR, as->str);
as->json = NULL;
}
- aspath_make_str_count(as);
+ aspath_make_str_count(as, make_json);
}
/* Intern allocated AS path. */
}
assegment_normalise(aspath->segments);
- aspath_str_update(aspath);
+ aspath_str_update(aspath, false);
return aspath;
}
seg = seg->next;
}
- aspath_str_update(new);
+ aspath_str_update(new, false);
return new;
}
seg = seg->next;
}
- aspath_str_update(new);
+ aspath_str_update(new, false);
return new;
}
seg = seg->next;
}
- aspath_str_update(new);
+ aspath_str_update(new, false);
return new;
}
last->next = as2->segments;
as2->segments = new;
- aspath_str_update(as2);
+ aspath_str_update(as2, false);
return as2;
}
/* If as2 is empty, only need to dupe as1's chain onto as2 */
if (seg2 == NULL) {
as2->segments = assegment_dup_all(as1->segments);
- aspath_str_update(as2);
+ aspath_str_update(as2, false);
return as2;
}
/* we've now prepended as1's segment chain to as2, merging
* the inbetween AS_SEQUENCE of seg2 in the process
*/
- aspath_str_update(as2);
+ aspath_str_update(as2, false);
return as2;
} else {
/* AS_SET merge code is needed at here. */
lastseg->next = newseg;
lastseg = newseg;
}
- aspath_str_update(newpath);
+ aspath_str_update(newpath, false);
/* We are happy returning even an empty AS_PATH, because the
* administrator
* might expect this very behaviour. There's a mean to avoid this, if
aspath->segments = newsegment;
}
- aspath_str_update(aspath);
+ aspath_str_update(aspath, false);
return aspath;
}
if (!hops) {
newpath = aspath_dup(as4path);
- aspath_str_update(newpath);
+ aspath_str_update(newpath, false);
return newpath;
}
mergedpath = aspath_merge(newpath, aspath_dup(as4path));
aspath_free(newpath);
mergedpath->segments = assegment_normalise(mergedpath->segments);
- aspath_str_update(mergedpath);
+ aspath_str_update(mergedpath, false);
if (BGP_DEBUG(as4, AS4))
zlog_debug("[AS4] result of synthesizing is %s",
}
if (removed_confed_segment)
- aspath_str_update(aspath);
+ aspath_str_update(aspath, false);
return aspath;
}
struct aspath *aspath;
aspath = aspath_new();
- aspath_make_str_count(aspath);
+ aspath_make_str_count(aspath, false);
return aspath;
}
}
}
- aspath_make_str_count(aspath);
+ aspath_make_str_count(aspath, false);
return aspath;
}
unsigned int key = 0;
if (!aspath->str)
- aspath_str_update(aspath);
+ aspath_str_update(aspath, false);
key = jhash(aspath->str, aspath->str_len, 2334325);
extern struct aspath *aspath_empty(void);
extern struct aspath *aspath_empty_get(void);
extern struct aspath *aspath_str2aspath(const char *);
+extern void aspath_str_update(struct aspath *as, bool make_json);
extern void aspath_free(struct aspath *);
extern struct aspath *aspath_intern(struct aspath *);
extern void aspath_unintern(struct aspath **);
if (com == NULL || com->size == 0)
str = "";
else
- str = community_str(com);
+ str = community_str(com, false);
/* Regular expression match. */
if (regexec(reg, str, 0, NULL, 0) == 0)
return NULL;
new = community_new();
- ;
new->json = NULL;
for (i = 0; i < com->size; i++) {
0xFFFF0000 "graceful-shutdown"
For other values, "AS:VAL" format is used. */
-static void set_community_string(struct community *com)
+static void set_community_string(struct community *com, bool make_json)
{
int i;
char *str;
if (!com)
return;
- com->json = json_object_new_object();
- json_community_list = json_object_new_array();
+ if (make_json) {
+ com->json = json_object_new_object();
+ json_community_list = json_object_new_array();
+ }
/* When communities attribute is empty. */
if (com->size == 0) {
str = XMALLOC(MTYPE_COMMUNITY_STR, 1);
str[0] = '\0';
- json_object_string_add(com->json, "string", "");
- json_object_object_add(com->json, "list", json_community_list);
+ if (make_json) {
+ json_object_string_add(com->json, "string", "");
+ json_object_object_add(com->json, "list", json_community_list);
+ }
com->str = str;
return;
}
case COMMUNITY_INTERNET:
strcpy(pnt, "internet");
pnt += strlen("internet");
- json_string = json_object_new_string("internet");
- json_object_array_add(json_community_list, json_string);
+ if (make_json) {
+ json_string = json_object_new_string("internet");
+ json_object_array_add(json_community_list, json_string);
+ }
break;
case COMMUNITY_NO_EXPORT:
strcpy(pnt, "no-export");
pnt += strlen("no-export");
- json_string = json_object_new_string("noExport");
- json_object_array_add(json_community_list, json_string);
+ if (make_json) {
+ json_string = json_object_new_string("noExport");
+ json_object_array_add(json_community_list, json_string);
+ }
break;
case COMMUNITY_NO_ADVERTISE:
strcpy(pnt, "no-advertise");
pnt += strlen("no-advertise");
- json_string = json_object_new_string("noAdvertise");
- json_object_array_add(json_community_list, json_string);
+ if (make_json) {
+ json_string = json_object_new_string("noAdvertise");
+ json_object_array_add(json_community_list, json_string);
+ }
break;
case COMMUNITY_LOCAL_AS:
strcpy(pnt, "local-AS");
pnt += strlen("local-AS");
- json_string = json_object_new_string("localAs");
- json_object_array_add(json_community_list, json_string);
+ if (make_json) {
+ json_string = json_object_new_string("localAs");
+ json_object_array_add(json_community_list, json_string);
+ }
break;
case COMMUNITY_GSHUT:
strcpy(pnt, "graceful-shutdown");
pnt += strlen("graceful-shutdown");
- json_string = json_object_new_string("gracefulShutdown");
- json_object_array_add(json_community_list, json_string);
+ if (make_json) {
+ json_string = json_object_new_string("gracefulShutdown");
+ json_object_array_add(json_community_list, json_string);
+ }
break;
default:
as = (comval >> 16) & 0xFFFF;
val = comval & 0xFFFF;
sprintf(pnt, "%u:%d", as, val);
- json_string = json_object_new_string(pnt);
- json_object_array_add(json_community_list, json_string);
+ if (make_json) {
+ json_string = json_object_new_string(pnt);
+ json_object_array_add(json_community_list, json_string);
+ }
pnt += strlen(pnt);
break;
}
}
*pnt = '\0';
- json_object_string_add(com->json, "string", str);
- json_object_object_add(com->json, "list", json_community_list);
+ if (make_json) {
+ json_object_string_add(com->json, "string", str);
+ json_object_object_add(com->json, "list", json_community_list);
+ }
com->str = str;
}
/* Make string. */
if (!find->str)
- set_community_string(find);
+ set_community_string(find, false);
return find;
}
}
/* Retrun string representation of communities attribute. */
-char *community_str(struct community *com)
+char *community_str(struct community *com, bool make_json)
{
if (!com)
return NULL;
+ if (make_json && !com->json && com->str)
+ XFREE(MTYPE_COMMUNITY_STR, com->str);
+
if (!com->str)
- set_community_string(com);
+ set_community_string(com, make_json);
return com->str;
}
extern struct community *community_parse(u_int32_t *, u_short);
extern struct community *community_intern(struct community *);
extern void community_unintern(struct community **);
-extern char *community_str(struct community *);
+extern char *community_str(struct community *, bool make_json);
extern unsigned int community_hash_make(struct community *);
extern struct community *community_str2com(const char *);
extern int community_match(const struct community *, const struct community *);
if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)))
snprintf(buf + strlen(buf), size - strlen(buf),
- ", community %s", community_str(attr->community));
+ ", community %s", community_str(attr->community,
+ false));
if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
snprintf(buf + strlen(buf), size - strlen(buf),
from_peer->domainname = NULL;
}
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- peer->af_flags[afi][safi] =
- from_peer->af_flags[afi][safi];
- peer->af_sflags[afi][safi] =
- from_peer->af_sflags[afi][safi];
- peer->af_cap[afi][safi] = from_peer->af_cap[afi][safi];
- peer->afc_nego[afi][safi] =
- from_peer->afc_nego[afi][safi];
- peer->afc_adv[afi][safi] =
- from_peer->afc_adv[afi][safi];
- peer->afc_recv[afi][safi] =
- from_peer->afc_recv[afi][safi];
- peer->orf_plist[afi][safi] =
- from_peer->orf_plist[afi][safi];
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ peer->af_flags[afi][safi] = from_peer->af_flags[afi][safi];
+ peer->af_sflags[afi][safi] = from_peer->af_sflags[afi][safi];
+ peer->af_cap[afi][safi] = from_peer->af_cap[afi][safi];
+ peer->afc_nego[afi][safi] = from_peer->afc_nego[afi][safi];
+ peer->afc_adv[afi][safi] = from_peer->afc_adv[afi][safi];
+ peer->afc_recv[afi][safi] = from_peer->afc_recv[afi][safi];
+ peer->orf_plist[afi][safi] = from_peer->orf_plist[afi][safi];
+ }
if (bgp_getsockname(peer) < 0) {
zlog_err(
peer->fd = -1;
}
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- /* Reset all negotiated variables */
- peer->afc_nego[afi][safi] = 0;
- peer->afc_adv[afi][safi] = 0;
- peer->afc_recv[afi][safi] = 0;
-
- /* peer address family capability flags*/
- peer->af_cap[afi][safi] = 0;
-
- /* peer address family status flags*/
- peer->af_sflags[afi][safi] = 0;
-
- /* Received ORF prefix-filter */
- peer->orf_plist[afi][safi] = NULL;
-
- if ((peer->status == OpenConfirm)
- || (peer->status == Established)) {
- /* ORF received prefix-filter pnt */
- sprintf(orf_name, "%s.%d.%d", peer->host, afi,
- safi);
- prefix_bgp_orf_remove_all(afi, orf_name);
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ /* Reset all negotiated variables */
+ peer->afc_nego[afi][safi] = 0;
+ peer->afc_adv[afi][safi] = 0;
+ peer->afc_recv[afi][safi] = 0;
+
+ /* peer address family capability flags*/
+ peer->af_cap[afi][safi] = 0;
+
+ /* peer address family status flags*/
+ peer->af_sflags[afi][safi] = 0;
+
+ /* Received ORF prefix-filter */
+ peer->orf_plist[afi][safi] = NULL;
+
+ if ((peer->status == OpenConfirm)
+ || (peer->status == Established)) {
+ /* ORF received prefix-filter pnt */
+ sprintf(orf_name, "%s.%d.%d", peer->host, afi, safi);
+ prefix_bgp_orf_remove_all(afi, orf_name);
}
+ }
/* Reset keepalive and holdtime */
if (PEER_OR_GROUP_TIMER_SET(peer)) {
peer->uptime = bgp_clock();
/* Send route-refresh when ORF is enabled */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (CHECK_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ORF_PREFIX_SM_ADV)) {
if (CHECK_FLAG(peer->af_cap[afi][safi],
- PEER_CAP_ORF_PREFIX_SM_ADV)) {
- if (CHECK_FLAG(peer->af_cap[afi][safi],
- PEER_CAP_ORF_PREFIX_RM_RCV))
- bgp_route_refresh_send(
- peer, afi, safi,
- ORF_TYPE_PREFIX,
- REFRESH_IMMEDIATE, 0);
- else if (
- CHECK_FLAG(
- peer->af_cap[afi][safi],
- PEER_CAP_ORF_PREFIX_RM_OLD_RCV))
- bgp_route_refresh_send(
- peer, afi, safi,
- ORF_TYPE_PREFIX_OLD,
- REFRESH_IMMEDIATE, 0);
- }
+ PEER_CAP_ORF_PREFIX_RM_RCV))
+ bgp_route_refresh_send(peer, afi, safi,
+ ORF_TYPE_PREFIX,
+ REFRESH_IMMEDIATE, 0);
+ else if (CHECK_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ORF_PREFIX_RM_OLD_RCV))
+ bgp_route_refresh_send(peer, afi, safi,
+ ORF_TYPE_PREFIX_OLD,
+ REFRESH_IMMEDIATE, 0);
+ }
+ }
/* First update is deferred until ORF or ROUTE-REFRESH is received */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (CHECK_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ORF_PREFIX_RM_ADV))
if (CHECK_FLAG(peer->af_cap[afi][safi],
- PEER_CAP_ORF_PREFIX_RM_ADV))
- if (CHECK_FLAG(peer->af_cap[afi][safi],
- PEER_CAP_ORF_PREFIX_SM_RCV)
- || CHECK_FLAG(
- peer->af_cap[afi][safi],
- PEER_CAP_ORF_PREFIX_SM_OLD_RCV))
- SET_FLAG(peer->af_sflags[afi][safi],
- PEER_STATUS_ORF_WAIT_REFRESH);
+ PEER_CAP_ORF_PREFIX_SM_RCV)
+ || CHECK_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ORF_PREFIX_SM_OLD_RCV))
+ SET_FLAG(peer->af_sflags[afi][safi],
+ PEER_STATUS_ORF_WAIT_REFRESH);
+ }
bgp_announce_peer(peer);
return;
/* MP capability for configured AFI, SAFI */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (peer->afc[afi][safi]) {
- /* Convert AFI, SAFI to values for packet. */
- bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
- &pkt_safi);
-
- peer->afc_adv[afi][safi] = 1;
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (peer->afc[afi][safi]) {
+ /* Convert AFI, SAFI to values for packet. */
+ bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
+ &pkt_safi);
+
+ peer->afc_adv[afi][safi] = 1;
+ stream_putc(s, BGP_OPEN_OPT_CAP);
+ stream_putc(s, CAPABILITY_CODE_MP_LEN + 2);
+ stream_putc(s, CAPABILITY_CODE_MP);
+ stream_putc(s, CAPABILITY_CODE_MP_LEN);
+ stream_putw(s, pkt_afi);
+ stream_putc(s, 0);
+ stream_putc(s, pkt_safi);
+
+ /* Extended nexthop capability - currently
+ * supporting RFC-5549 for
+ * Link-Local peering only
+ */
+ if (CHECK_FLAG(peer->flags, PEER_FLAG_CAPABILITY_ENHE)
+ && peer->su.sa.sa_family == AF_INET6
+ && IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr)
+ && afi == AFI_IP
+ && (safi == SAFI_UNICAST
+ || safi == SAFI_LABELED_UNICAST)) {
+ /* RFC 5549 Extended Next Hop Encoding
+ */
+ SET_FLAG(peer->cap, PEER_CAP_ENHE_ADV);
stream_putc(s, BGP_OPEN_OPT_CAP);
- stream_putc(s, CAPABILITY_CODE_MP_LEN + 2);
- stream_putc(s, CAPABILITY_CODE_MP);
- stream_putc(s, CAPABILITY_CODE_MP_LEN);
+ stream_putc(s, CAPABILITY_CODE_ENHE_LEN + 2);
+ stream_putc(s, CAPABILITY_CODE_ENHE);
+ stream_putc(s, CAPABILITY_CODE_ENHE_LEN);
+
+ SET_FLAG(peer->af_cap[AFI_IP][safi],
+ PEER_CAP_ENHE_AF_ADV);
stream_putw(s, pkt_afi);
- stream_putc(s, 0);
- stream_putc(s, pkt_safi);
+ stream_putw(s, pkt_safi);
+ stream_putw(s, afi_int2iana(AFI_IP6));
- /* Extended nexthop capability - currently
- * supporting RFC-5549 for
- * Link-Local peering only
- */
- if (CHECK_FLAG(peer->flags,
- PEER_FLAG_CAPABILITY_ENHE)
- && peer->su.sa.sa_family == AF_INET6
- && IN6_IS_ADDR_LINKLOCAL(
- &peer->su.sin6.sin6_addr)
- && afi == AFI_IP
- && (safi == SAFI_UNICAST
- || safi == SAFI_LABELED_UNICAST)) {
- /* RFC 5549 Extended Next Hop Encoding
- */
- SET_FLAG(peer->cap, PEER_CAP_ENHE_ADV);
- stream_putc(s, BGP_OPEN_OPT_CAP);
- stream_putc(s,
- CAPABILITY_CODE_ENHE_LEN
- + 2);
- stream_putc(s, CAPABILITY_CODE_ENHE);
- stream_putc(s,
- CAPABILITY_CODE_ENHE_LEN);
-
- SET_FLAG(peer->af_cap[AFI_IP][safi],
- PEER_CAP_ENHE_AF_ADV);
- stream_putw(s, pkt_afi);
- stream_putw(s, pkt_safi);
- stream_putw(s, afi_int2iana(AFI_IP6));
-
- if (CHECK_FLAG(peer->af_cap[afi][safi],
- PEER_CAP_ENHE_AF_RCV))
- SET_FLAG(
- peer->af_cap[afi][safi],
- PEER_CAP_ENHE_AF_NEGO);
- }
+ if (CHECK_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ENHE_AF_RCV))
+ SET_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ENHE_AF_NEGO);
}
}
+ }
/* Route refresh. */
SET_FLAG(peer->cap, PEER_CAP_REFRESH_ADV);
stream_putl(s, local_as);
/* AddPath */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- if (peer->afc[afi][safi]) {
- afi_safi_count++;
-
- /* Only advertise addpath TX if a feature that
- * will use it is
- * configured */
- if (CHECK_FLAG(peer->af_flags[afi][safi],
- PEER_FLAG_ADDPATH_TX_ALL_PATHS)
- || CHECK_FLAG(
- peer->af_flags[afi][safi],
- PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
- adv_addpath_tx = 1;
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (peer->afc[afi][safi]) {
+ afi_safi_count++;
+
+ /* Only advertise addpath TX if a feature that
+ * will use it is
+ * configured */
+ if (CHECK_FLAG(peer->af_flags[afi][safi],
+ PEER_FLAG_ADDPATH_TX_ALL_PATHS)
+ || CHECK_FLAG(peer->af_flags[afi][safi],
+ PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
+ adv_addpath_tx = 1;
+ }
+ }
SET_FLAG(peer->cap, PEER_CAP_ADDPATH_ADV);
stream_putc(s, BGP_OPEN_OPT_CAP);
stream_putc(s, CAPABILITY_CODE_ADDPATH);
stream_putc(s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- if (peer->afc[afi][safi]) {
- /* Convert AFI, SAFI to values for packet. */
- bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
- &pkt_safi);
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (peer->afc[afi][safi]) {
+ /* Convert AFI, SAFI to values for packet. */
+ bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
+ &pkt_safi);
- stream_putw(s, pkt_afi);
- stream_putc(s, pkt_safi);
+ stream_putw(s, pkt_afi);
+ stream_putc(s, pkt_safi);
- if (adv_addpath_tx) {
- stream_putc(s,
- BGP_ADDPATH_RX
- | BGP_ADDPATH_TX);
- SET_FLAG(peer->af_cap[afi][safi],
- PEER_CAP_ADDPATH_AF_RX_ADV);
- SET_FLAG(peer->af_cap[afi][safi],
- PEER_CAP_ADDPATH_AF_TX_ADV);
- } else {
- stream_putc(s, BGP_ADDPATH_RX);
- SET_FLAG(peer->af_cap[afi][safi],
- PEER_CAP_ADDPATH_AF_RX_ADV);
- UNSET_FLAG(peer->af_cap[afi][safi],
- PEER_CAP_ADDPATH_AF_TX_ADV);
- }
+ if (adv_addpath_tx) {
+ stream_putc(s, BGP_ADDPATH_RX | BGP_ADDPATH_TX);
+ SET_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ADDPATH_AF_RX_ADV);
+ SET_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ADDPATH_AF_TX_ADV);
+ } else {
+ stream_putc(s, BGP_ADDPATH_RX);
+ SET_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ADDPATH_AF_RX_ADV);
+ UNSET_FLAG(peer->af_cap[afi][safi],
+ PEER_CAP_ADDPATH_AF_TX_ADV);
}
+ }
+ }
/* ORF capability. */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- if (CHECK_FLAG(peer->af_flags[afi][safi],
- PEER_FLAG_ORF_PREFIX_SM)
- || CHECK_FLAG(peer->af_flags[afi][safi],
- PEER_FLAG_ORF_PREFIX_RM)) {
- bgp_open_capability_orf(
- s, peer, afi, safi,
- CAPABILITY_CODE_ORF_OLD);
- bgp_open_capability_orf(s, peer, afi, safi,
- CAPABILITY_CODE_ORF);
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (CHECK_FLAG(peer->af_flags[afi][safi],
+ PEER_FLAG_ORF_PREFIX_SM)
+ || CHECK_FLAG(peer->af_flags[afi][safi],
+ PEER_FLAG_ORF_PREFIX_RM)) {
+ bgp_open_capability_orf(s, peer, afi, safi,
+ CAPABILITY_CODE_ORF_OLD);
+ bgp_open_capability_orf(s, peer, afi, safi,
+ CAPABILITY_CODE_ORF);
+ }
+ }
/* Dynamic capability. */
if (CHECK_FLAG(peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY)) {
config
is present */
if (bgp_flag_check(peer->bgp, BGP_FLAG_GRACEFUL_RESTART)) {
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- if (peer->afc[afi][safi]) {
- /* Convert AFI, SAFI to values for
- * packet. */
- bgp_map_afi_safi_int2iana(
- afi, safi, &pkt_afi, &pkt_safi);
- stream_putw(s, pkt_afi);
- stream_putc(s, pkt_safi);
- if (bgp_flag_check(
- peer->bgp,
- BGP_FLAG_GR_PRESERVE_FWD))
- stream_putc(s, RESTART_F_BIT);
- else
- stream_putc(s, 0);
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (peer->afc[afi][safi]) {
+ /* Convert AFI, SAFI to values for
+ * packet. */
+ bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
+ &pkt_safi);
+ stream_putw(s, pkt_afi);
+ stream_putc(s, pkt_safi);
+ if (bgp_flag_check(peer->bgp,
+ BGP_FLAG_GR_PRESERVE_FWD))
+ stream_putc(s, RESTART_F_BIT);
+ else
+ stream_putc(s, 0);
+ }
+ }
}
/* Total Graceful restart capability Len. */
if (peer->bgp && peer->bgp->main_peers_update_hold)
return NULL;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- paf = peer_af_find(peer, afi, safi);
- if (!paf || !PAF_SUBGRP(paf))
- continue;
+ FOREACH_AFI_SAFI (afi, safi) {
+ paf = peer_af_find(peer, afi, safi);
+ if (!paf || !PAF_SUBGRP(paf))
+ continue;
+ next_pkt = paf->next_pkt_to_send;
+
+ /* Try to generate a packet for the peer if we are at
+ * the end of
+ * the list. Always try to push out WITHDRAWs first. */
+ if (!next_pkt || !next_pkt->buffer) {
+ next_pkt = subgroup_withdraw_packet(PAF_SUBGRP(paf));
+ if (!next_pkt || !next_pkt->buffer)
+ subgroup_update_packet(PAF_SUBGRP(paf));
next_pkt = paf->next_pkt_to_send;
+ }
- /* Try to generate a packet for the peer if we are at
- * the end of
- * the list. Always try to push out WITHDRAWs first. */
- if (!next_pkt || !next_pkt->buffer) {
- next_pkt = subgroup_withdraw_packet(
- PAF_SUBGRP(paf));
- if (!next_pkt || !next_pkt->buffer)
- subgroup_update_packet(PAF_SUBGRP(paf));
- next_pkt = paf->next_pkt_to_send;
- }
-
- /* If we still don't have a packet to send to the peer,
- * then
- * try to find out out if we have to send eor or if not,
- * skip to
- * the next AFI, SAFI.
- * Don't send the EOR prematurely... if the subgroup's
- * coalesce
- * timer is running, the adjacency-out structure is not
- * created
- * yet.
- */
- if (!next_pkt || !next_pkt->buffer) {
- if (CHECK_FLAG(peer->cap,
- PEER_CAP_RESTART_RCV)) {
- if (!(PAF_SUBGRP(paf))->t_coalesce
- && peer->afc_nego[afi][safi]
- && peer->synctime
- && !CHECK_FLAG(
- peer->af_sflags[afi]
- [safi],
- PEER_STATUS_EOR_SEND)) {
- SET_FLAG(peer->af_sflags[afi]
- [safi],
- PEER_STATUS_EOR_SEND);
- return bgp_update_packet_eor(
- peer, afi, safi);
- }
+ /* If we still don't have a packet to send to the peer,
+ * then
+ * try to find out out if we have to send eor or if not,
+ * skip to
+ * the next AFI, SAFI.
+ * Don't send the EOR prematurely... if the subgroup's
+ * coalesce
+ * timer is running, the adjacency-out structure is not
+ * created
+ * yet.
+ */
+ if (!next_pkt || !next_pkt->buffer) {
+ if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
+ if (!(PAF_SUBGRP(paf))->t_coalesce
+ && peer->afc_nego[afi][safi]
+ && peer->synctime
+ && !CHECK_FLAG(peer->af_sflags[afi][safi],
+ PEER_STATUS_EOR_SEND)) {
+ SET_FLAG(peer->af_sflags[afi][safi],
+ PEER_STATUS_EOR_SEND);
+ return bgp_update_packet_eor(peer, afi,
+ safi);
}
- continue;
}
+ continue;
+ }
- /*
- * Found a packet template to send, overwrite packet
- * with appropriate
- * attributes from peer and advance peer
- */
- s = bpacket_reformat_for_peer(next_pkt, paf);
- bpacket_queue_advance_peer(paf);
- return s;
- }
+ /*
+ * Found a packet template to send, overwrite packet
+ * with appropriate
+ * attributes from peer and advance peer
+ */
+ s = bpacket_reformat_for_peer(next_pkt, paf);
+ bpacket_queue_advance_peer(paf);
+ return s;
+ }
return NULL;
}
return;
}
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- paf = peer_af_find(peer, afi, safi);
- if (!paf)
- continue;
- subgrp = paf->subgroup;
- if (!subgrp)
- continue;
+ FOREACH_AFI_SAFI (afi, safi) {
+ paf = peer_af_find(peer, afi, safi);
+ if (!paf)
+ continue;
+ subgrp = paf->subgroup;
+ if (!subgrp)
+ continue;
- next_pkt = paf->next_pkt_to_send;
- if (next_pkt && next_pkt->buffer) {
- BGP_WRITE_ON(peer->t_write, bgp_write,
- peer->fd);
- return;
- }
+ next_pkt = paf->next_pkt_to_send;
+ if (next_pkt && next_pkt->buffer) {
+ BGP_WRITE_ON(peer->t_write, bgp_write, peer->fd);
+ return;
+ }
- /* No packets readily available for AFI/SAFI, are there
- * subgroup packets
- * that need to be generated? */
- if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
- SUBGRP_PKTQ(subgrp)))
- fullq_found = 1;
- else if (subgroup_packets_to_build(subgrp)) {
+ /* No packets readily available for AFI/SAFI, are there
+ * subgroup packets
+ * that need to be generated? */
+ if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
+ SUBGRP_PKTQ(subgrp)))
+ fullq_found = 1;
+ else if (subgroup_packets_to_build(subgrp)) {
+ BGP_WRITE_ON(peer->t_write, bgp_write, peer->fd);
+ return;
+ }
+
+ /* No packets to send, see if EOR is pending */
+ if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
+ if (!subgrp->t_coalesce && peer->afc_nego[afi][safi]
+ && peer->synctime
+ && !CHECK_FLAG(peer->af_sflags[afi][safi],
+ PEER_STATUS_EOR_SEND)
+ && safi != SAFI_MPLS_VPN) {
BGP_WRITE_ON(peer->t_write, bgp_write,
peer->fd);
return;
}
-
- /* No packets to send, see if EOR is pending */
- if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
- if (!subgrp->t_coalesce
- && peer->afc_nego[afi][safi]
- && peer->synctime
- && !CHECK_FLAG(peer->af_sflags[afi][safi],
- PEER_STATUS_EOR_SEND)
- && safi != SAFI_MPLS_VPN) {
- BGP_WRITE_ON(peer->t_write, bgp_write,
- peer->fd);
- return;
- }
- }
}
+ }
if (fullq_found) {
BGP_WRITE_ON(peer->t_write, bgp_write, peer->fd);
return;
if (bgp_debug_neighbor_events(peer))
zlog_debug("Peer %s: Checking explicit EORs", peer->host);
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (peer->afc_nego[afi][safi]
- && !CHECK_FLAG(peer->af_sflags[afi][safi],
- PEER_STATUS_EOR_RECEIVED)) {
- if (bgp_debug_neighbor_events(peer))
- zlog_debug(
- " afi %d safi %d didnt receive EOR",
- afi, safi);
- return;
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (peer->afc_nego[afi][safi]
+ && !CHECK_FLAG(peer->af_sflags[afi][safi],
+ PEER_STATUS_EOR_RECEIVED)) {
+ if (bgp_debug_neighbor_events(peer))
+ zlog_debug(
+ " afi %d safi %d didnt receive EOR",
+ afi, safi);
+ return;
}
+ }
peer->update_delay_over = 1;
peer->bgp->explicit_eors++;
sizeof(bgp->update_delay_zebra_resume_time));
bgp->main_zebra_update_hold = 0;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (bgp_fibupd_safi(safi))
- bgp_zebra_announce_table(bgp, afi,
- safi);
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (bgp_fibupd_safi(safi))
+ bgp_zebra_announce_table(bgp, afi, safi);
+ }
bgp->main_peers_update_hold = 0;
bgp_start_routeadv(bgp);
afi_t afi;
safi_t safi;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- bgp_announce_route(peer, afi, safi);
+ FOREACH_AFI_SAFI (afi, safi)
+ bgp_announce_route(peer, afi, safi);
}
static void bgp_soft_reconfig_table(struct peer *peer, afi_t afi, safi_t safi,
afi_t afi;
safi_t safi;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- bgp_clear_route(peer, afi, safi);
+ FOREACH_AFI_SAFI (afi, safi)
+ bgp_clear_route(peer, afi, safi);
#if ENABLE_BGP_VNC
rfapiProcessPeerDown(peer);
struct bgp_table *table;
struct bgp_static *bgp_static;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- for (rn = bgp_table_top(bgp->route[afi][safi]); rn;
- rn = bgp_route_next(rn)) {
- if (rn->info == NULL)
- continue;
+ FOREACH_AFI_SAFI (afi, safi)
+ for (rn = bgp_table_top(bgp->route[afi][safi]); rn;
+ rn = bgp_route_next(rn)) {
+ if (rn->info == NULL)
+ continue;
- if ((safi == SAFI_MPLS_VPN)
- || (safi == SAFI_ENCAP)
- || (safi == SAFI_EVPN)) {
- table = rn->info;
-
- for (rm = bgp_table_top(table); rm;
- rm = bgp_route_next(rm)) {
- bgp_static = rm->info;
- bgp_static_update_safi(
- bgp, &rm->p, bgp_static,
- afi, safi);
- }
- } else {
- bgp_static_update(bgp, &rn->p, rn->info,
- afi, safi);
+ if ((safi == SAFI_MPLS_VPN) || (safi == SAFI_ENCAP)
+ || (safi == SAFI_EVPN)) {
+ table = rn->info;
+
+ for (rm = bgp_table_top(table); rm;
+ rm = bgp_route_next(rm)) {
+ bgp_static = rm->info;
+ bgp_static_update_safi(bgp, &rm->p,
+ bgp_static, afi,
+ safi);
}
+ } else {
+ bgp_static_update(bgp, &rn->p, rn->info, afi,
+ safi);
}
+ }
}
/* Called from bgp_delete(). Delete all static routes from the BGP
struct bgp_table *table;
struct bgp_static *bgp_static;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- for (rn = bgp_table_top(bgp->route[afi][safi]); rn;
- rn = bgp_route_next(rn)) {
- if (rn->info == NULL)
- continue;
+ FOREACH_AFI_SAFI (afi, safi)
+ for (rn = bgp_table_top(bgp->route[afi][safi]); rn;
+ rn = bgp_route_next(rn)) {
+ if (rn->info == NULL)
+ continue;
- if ((safi == SAFI_MPLS_VPN)
- || (safi == SAFI_ENCAP)
- || (safi == SAFI_EVPN)) {
- table = rn->info;
-
- for (rm = bgp_table_top(table); rm;
- rm = bgp_route_next(rm)) {
- bgp_static = rm->info;
- bgp_static_withdraw_safi(
- bgp, &rm->p, AFI_IP,
- safi,
- (struct prefix_rd *)&rn
- ->p);
- bgp_static_free(bgp_static);
- rn->info = NULL;
- bgp_unlock_node(rn);
- }
- } else {
- bgp_static = rn->info;
- bgp_static_withdraw(bgp, &rn->p, afi,
- safi);
+ if ((safi == SAFI_MPLS_VPN) || (safi == SAFI_ENCAP)
+ || (safi == SAFI_EVPN)) {
+ table = rn->info;
+
+ for (rm = bgp_table_top(table); rm;
+ rm = bgp_route_next(rm)) {
+ bgp_static = rm->info;
+ bgp_static_withdraw_safi(
+ bgp, &rm->p, AFI_IP, safi,
+ (struct prefix_rd *)&rn->p);
bgp_static_free(bgp_static);
rn->info = NULL;
bgp_unlock_node(rn);
}
+ } else {
+ bgp_static = rn->info;
+ bgp_static_withdraw(bgp, &rn->p, afi, safi);
+ bgp_static_free(bgp_static);
+ rn->info = NULL;
+ bgp_unlock_node(rn);
}
+ }
}
void bgp_static_redo_import_check(struct bgp *bgp)
/* Use this flag to force reprocessing of the route */
bgp_flag_set(bgp, BGP_FLAG_FORCE_STATIC_PROCESS);
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- for (rn = bgp_table_top(bgp->route[afi][safi]); rn;
- rn = bgp_route_next(rn)) {
- if (rn->info == NULL)
- continue;
+ FOREACH_AFI_SAFI (afi, safi) {
+ for (rn = bgp_table_top(bgp->route[afi][safi]); rn;
+ rn = bgp_route_next(rn)) {
+ if (rn->info == NULL)
+ continue;
- if ((safi == SAFI_MPLS_VPN)
- || (safi == SAFI_ENCAP)
- || (safi == SAFI_EVPN)) {
- table = rn->info;
-
- for (rm = bgp_table_top(table); rm;
- rm = bgp_route_next(rm)) {
- bgp_static = rm->info;
- bgp_static_update_safi(
- bgp, &rm->p, bgp_static,
- afi, safi);
- }
- } else {
- bgp_static = rn->info;
- bgp_static_update(bgp, &rn->p,
- bgp_static, afi,
- safi);
+ if ((safi == SAFI_MPLS_VPN) || (safi == SAFI_ENCAP)
+ || (safi == SAFI_EVPN)) {
+ table = rn->info;
+
+ for (rm = bgp_table_top(table); rm;
+ rm = bgp_route_next(rm)) {
+ bgp_static = rm->info;
+ bgp_static_update_safi(bgp, &rm->p,
+ bgp_static, afi,
+ safi);
}
+ } else {
+ bgp_static = rn->info;
+ bgp_static_update(bgp, &rn->p, bgp_static, afi,
+ safi);
}
+ }
+ }
bgp_flag_unset(bgp, BGP_FLAG_FORCE_STATIC_PROCESS);
}
afi_t afi;
safi_t safi;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- bgp_purge_af_static_redist_routes(bgp, afi, safi);
+ FOREACH_AFI_SAFI (afi, safi)
+ bgp_purge_af_static_redist_routes(bgp, afi, safi);
}
/*
/* Redistribute route treatment. */
void bgp_redistribute_add(struct bgp *bgp, struct prefix *p,
- const union g_addr *nexthop, unsigned int ifindex,
- u_int32_t metric, u_char type, u_short instance,
+ const union g_addr *nexthop, ifindex_t ifindex,
+ enum nexthop_types_t nhtype, uint32_t metric,
+ u_char type, u_short instance,
route_tag_t tag)
{
struct bgp_info *new;
/* Make default attribute. */
bgp_attr_default_set(&attr, BGP_ORIGIN_INCOMPLETE);
- if (nexthop) {
+
+ switch(nhtype) {
+ case NEXTHOP_TYPE_IFINDEX:
+ break;
+ case NEXTHOP_TYPE_IPV4:
+ case NEXTHOP_TYPE_IPV4_IFINDEX:
+ attr.nexthop = nexthop->ipv4;
+ break;
+ case NEXTHOP_TYPE_IPV6:
+ case NEXTHOP_TYPE_IPV6_IFINDEX:
+ attr.mp_nexthop_global = nexthop->ipv6;
+ attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV6_GLOBAL;
+ break;
+ case NEXTHOP_TYPE_BLACKHOLE:
switch (p->family) {
case AF_INET:
- attr.nexthop = nexthop->ipv4;
+ attr.nexthop.s_addr = INADDR_ANY;
break;
case AF_INET6:
- attr.mp_nexthop_global = nexthop->ipv6;
+ memset(&attr.mp_nexthop_global, 0,
+ sizeof(attr.mp_nexthop_global));
attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV6_GLOBAL;
+ break;
}
+ break;
}
attr.nh_ifindex = ifindex;
/* Line1 display AS-path, Aggregator */
if (attr->aspath) {
if (json_paths) {
+ if (!attr->aspath->json)
+ aspath_str_update(attr->aspath, true);
json_object_lock(attr->aspath->json);
json_object_object_add(json_path, "aspath",
attr->aspath->json);
/* Line 4 display Community */
if (attr->community) {
if (json_paths) {
+ if (!attr->community->json)
+ community_str(attr->community,
+ true);
json_object_lock(attr->community->json);
json_object_object_add(json_path, "community",
attr->community->json);
continue;
display = 0;
- if (!first && use_json)
- vty_out(vty, ",");
if (use_json)
json_paths = json_object_new_array();
else
inet_ntop(p->family, &p->u.prefix,
buf, BUFSIZ),
p->prefixlen);
- vty_out(vty, "\"%s\": ", buf2);
+ if (first)
+ vty_out(vty, "\"%s\": ", buf2);
+ else
+ vty_out(vty, ",\"%s\": ", buf2);
+
vty_out(vty, "%s",
json_object_to_json_string_ext(json_paths, JSON_C_TO_STRING_PRETTY));
json_object_free(json_paths);
safi_t safi;
/* Init BGP distance table. */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- bgp_distance_table[afi][safi] =
- bgp_table_init(afi, safi);
+ FOREACH_AFI_SAFI (afi, safi)
+ bgp_distance_table[afi][safi] = bgp_table_init(afi, safi);
/* IPv4 BGP commands. */
install_element(BGP_NODE, &bgp_table_map_cmd);
afi_t afi;
safi_t safi;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- bgp_table_unlock(bgp_distance_table[afi][safi]);
- bgp_distance_table[afi][safi] = NULL;
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ bgp_table_unlock(bgp_distance_table[afi][safi]);
+ bgp_distance_table[afi][safi] = NULL;
+ }
}
extern int bgp_maximum_prefix_overflow(struct peer *, afi_t, safi_t, int);
-extern void bgp_redistribute_add(struct bgp *, struct prefix *,
- const union g_addr *, unsigned int ifindex,
- u_int32_t, u_char, u_short, route_tag_t);
+extern void bgp_redistribute_add(struct bgp *bgp, struct prefix *p,
+ const union g_addr *nexthop, ifindex_t ifindex,
+ enum nexthop_types_t nhtype, uint32_t metric,
+ u_char type, u_short instance,
+ route_tag_t tag);
extern void bgp_redistribute_delete(struct bgp *, struct prefix *, u_char,
u_short);
extern void bgp_redistribute_withdraw(struct bgp *, afi_t, int, u_short);
/* All the peers have been updated correctly already. This is
* just updating the placeholder data. No real update required.
*/
- for (ALL_LIST_ELEMENTS(bgp->group, node, nnode, group))
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- filter = &group->conf->filter[afi][safi];
-
- for (direct = RMAP_IN; direct < RMAP_MAX;
- direct++) {
- if ((filter->map[direct].name)
- && (strcmp(rmap_name,
- filter->map[direct].name)
- == 0))
- filter->map[direct].map = map;
- }
-
- if (filter->usmap.name
- && (strcmp(rmap_name, filter->usmap.name)
+ for (ALL_LIST_ELEMENTS(bgp->group, node, nnode, group)) {
+ FOREACH_AFI_SAFI (afi, safi) {
+ filter = &group->conf->filter[afi][safi];
+
+ for (direct = RMAP_IN; direct < RMAP_MAX; direct++) {
+ if ((filter->map[direct].name)
+ && (strcmp(rmap_name,
+ filter->map[direct].name)
== 0))
- filter->usmap.map = map;
+ filter->map[direct].map = map;
}
+
+ if (filter->usmap.name
+ && (strcmp(rmap_name, filter->usmap.name) == 0))
+ filter->usmap.map = map;
+ }
+ }
}
/*
if (CHECK_FLAG(peer->sflags, PEER_STATUS_GROUP))
continue;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- /* process in/out/import/export/default-orig
- * route-maps */
- bgp_route_map_process_peer(rmap_name, map, peer,
- afi, safi,
- route_update);
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ /* process in/out/import/export/default-orig
+ * route-maps */
+ bgp_route_map_process_peer(rmap_name, map, peer, afi,
+ safi, route_update);
+ }
}
/* for outbound/default-orig route-maps, process for groups */
/* update peer-group config (template) */
bgp_route_map_update_peer_group(rmap_name, map, bgp);
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- /* For table route-map updates. */
- if (!bgp_fibupd_safi(safi))
- continue;
-
- if (bgp->table_map[afi][safi].name
- && (strcmp(rmap_name,
- bgp->table_map[afi][safi].name)
- == 0)) {
- bgp->table_map[afi][safi].map = map;
+ FOREACH_AFI_SAFI (afi, safi) {
+ /* For table route-map updates. */
+ if (!bgp_fibupd_safi(safi))
+ continue;
- if (BGP_DEBUG(zebra, ZEBRA))
- zlog_debug(
- "Processing route_map %s update on "
- "table map",
- rmap_name);
- if (route_update)
- bgp_zebra_announce_table(bgp, afi,
- safi);
- }
+ if (bgp->table_map[afi][safi].name
+ && (strcmp(rmap_name, bgp->table_map[afi][safi].name)
+ == 0)) {
+ bgp->table_map[afi][safi].map = map;
+
+ if (BGP_DEBUG(zebra, ZEBRA))
+ zlog_debug(
+ "Processing route_map %s update on "
+ "table map",
+ rmap_name);
+ if (route_update)
+ bgp_zebra_announce_table(bgp, afi, safi);
+ }
- /* For network route-map updates. */
- for (bn = bgp_table_top(bgp->route[afi][safi]); bn;
- bn = bgp_route_next(bn))
- if ((bgp_static = bn->info) != NULL) {
- if (bgp_static->rmap.name
- && (strcmp(rmap_name,
- bgp_static->rmap.name)
- == 0)) {
- bgp_static->rmap.map = map;
-
- if (route_update)
- if (!bgp_static
- ->backdoor) {
- if (bgp_debug_zebra(
- &bn->p))
- zlog_debug(
- "Processing route_map %s update on "
- "static route %s",
- rmap_name,
- inet_ntop(
- bn->p.family,
- &bn->p.u.prefix,
- buf,
- INET6_ADDRSTRLEN));
- bgp_static_update(
- bgp,
- &bn->p,
- bgp_static,
- afi,
- safi);
- }
- }
+ /* For network route-map updates. */
+ for (bn = bgp_table_top(bgp->route[afi][safi]); bn;
+ bn = bgp_route_next(bn))
+ if ((bgp_static = bn->info) != NULL) {
+ if (bgp_static->rmap.name
+ && (strcmp(rmap_name, bgp_static->rmap.name)
+ == 0)) {
+ bgp_static->rmap.map = map;
+
+ if (route_update)
+ if (!bgp_static->backdoor) {
+ if (bgp_debug_zebra(
+ &bn->p))
+ zlog_debug(
+ "Processing route_map %s update on "
+ "static route %s",
+ rmap_name,
+ inet_ntop(
+ bn->p.family,
+ &bn->p.u.prefix,
+ buf,
+ INET6_ADDRSTRLEN));
+ bgp_static_update(
+ bgp, &bn->p,
+ bgp_static, afi,
+ safi);
+ }
}
- }
+ }
+ }
/* For redistribute route-map updates. */
for (afi = AFI_IP; afi < AFI_MAX; afi++)
}
/* Set communites attribute string. */
- str = community_str(com);
+ str = community_str(com, false);
if (additive) {
argstr = XCALLOC(MTYPE_TMP,
bestpath_per_as_used = 0;
for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX;
- safi++)
- if (CHECK_FLAG(
- peer->af_flags[afi][safi],
- PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS)) {
- bestpath_per_as_used = 1;
- break;
- }
+ FOREACH_AFI_SAFI (afi, safi)
+ if (CHECK_FLAG(
+ peer->af_flags[afi][safi],
+ PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS)) {
+ bestpath_per_as_used = 1;
+ break;
+ }
if (bestpath_per_as_used)
break;
json_add = json_object_new_object();
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX; safi++) {
- json_object *json_sub =
- NULL;
- json_sub =
- json_object_new_object();
- print_store =
- afi_safi_print(
- afi,
- safi);
+ FOREACH_AFI_SAFI (afi, safi) {
+ json_object *json_sub = NULL;
+ json_sub =
+ json_object_new_object();
+ print_store = afi_safi_print(
+ afi, safi);
+ if (CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_ADV)
+ || CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_RCV)) {
if (CHECK_FLAG(
p->af_cap
[afi]
[safi],
PEER_CAP_ADDPATH_AF_TX_ADV)
- || CHECK_FLAG(
+ && CHECK_FLAG(
p->af_cap
[afi]
[safi],
- PEER_CAP_ADDPATH_AF_TX_RCV)) {
- if (CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_ADV)
- && CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_RCV))
- json_object_boolean_true_add(
- json_sub,
- "txAdvertisedAndReceived");
- else if (
- CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_ADV))
- json_object_boolean_true_add(
- json_sub,
- "txAdvertised");
- else if (
- CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_RCV))
- json_object_boolean_true_add(
- json_sub,
- "txReceived");
- }
+ PEER_CAP_ADDPATH_AF_TX_RCV))
+ json_object_boolean_true_add(
+ json_sub,
+ "txAdvertisedAndReceived");
+ else if (
+ CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_ADV))
+ json_object_boolean_true_add(
+ json_sub,
+ "txAdvertised");
+ else if (
+ CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_RCV))
+ json_object_boolean_true_add(
+ json_sub,
+ "txReceived");
+ }
+ if (CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_ADV)
+ || CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_RCV)) {
if (CHECK_FLAG(
p->af_cap
[afi]
[safi],
PEER_CAP_ADDPATH_AF_RX_ADV)
- || CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_RCV)) {
- if (CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_ADV)
- && CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_RCV))
- json_object_boolean_true_add(
- json_sub,
- "rxAdvertisedAndReceived");
- else if (
- CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_ADV))
- json_object_boolean_true_add(
- json_sub,
- "rxAdvertised");
- else if (
- CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_RCV))
- json_object_boolean_true_add(
- json_sub,
- "rxReceived");
- }
-
- if (CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_ADV)
- || CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_RCV)
- || CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_ADV)
- || CHECK_FLAG(
+ && CHECK_FLAG(
p->af_cap
[afi]
[safi],
PEER_CAP_ADDPATH_AF_RX_RCV))
- json_object_object_add(
- json_add,
- print_store,
- json_sub);
- else
- json_object_free(
- json_sub);
+ json_object_boolean_true_add(
+ json_sub,
+ "rxAdvertisedAndReceived");
+ else if (
+ CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_ADV))
+ json_object_boolean_true_add(
+ json_sub,
+ "rxAdvertised");
+ else if (
+ CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_RCV))
+ json_object_boolean_true_add(
+ json_sub,
+ "rxReceived");
}
+ if (CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_ADV)
+ || CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_RCV)
+ || CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_ADV)
+ || CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_RCV))
+ json_object_object_add(
+ json_add,
+ print_store,
+ json_sub);
+ else
+ json_object_free(
+ json_sub);
+ }
+
json_object_object_add(
json_cap, "addPath", json_add);
}
json_object *json_multi = NULL;
json_multi = json_object_new_object();
- for (afi = AFI_IP; afi < AFI_MAX; afi++) {
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX; safi++) {
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (p->afc_adv[afi][safi]
+ || p->afc_recv[afi][safi]) {
+ json_object *json_exten = NULL;
+ json_exten =
+ json_object_new_object();
+
if (p->afc_adv[afi][safi]
- || p->afc_recv[afi][safi]) {
- json_object
- *json_exten =
- NULL;
- json_exten =
- json_object_new_object();
-
- if (p->afc_adv[afi]
- [safi]
- && p->afc_recv
- [afi]
- [safi])
- json_object_boolean_true_add(
- json_exten,
- "advertisedAndReceived");
- else if (p->afc_adv
- [afi]
- [safi])
- json_object_boolean_true_add(
- json_exten,
- "advertised");
- else if (p->afc_recv
- [afi]
- [safi])
- json_object_boolean_true_add(
- json_exten,
- "received");
+ && p->afc_recv[afi][safi])
+ json_object_boolean_true_add(
+ json_exten,
+ "advertisedAndReceived");
+ else if (p->afc_adv[afi][safi])
+ json_object_boolean_true_add(
+ json_exten,
+ "advertised");
+ else if (p->afc_recv[afi][safi])
+ json_object_boolean_true_add(
+ json_exten,
+ "received");
- json_object_object_add(
- json_multi,
- afi_safi_print(
- afi,
- safi),
- json_exten);
- }
+ json_object_object_add(
+ json_multi,
+ afi_safi_print(afi,
+ safi),
+ json_exten);
}
}
json_object_object_add(
"gracefulRestartRemoteTimerMsecs",
p->v_gr_restart * 1000);
- for (afi = AFI_IP;
- afi < AFI_MAX; afi++) {
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX;
- safi++) {
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_RESTART_AF_RCV)) {
+ json_object *
+ json_sub =
+ NULL;
+ json_sub =
+ json_object_new_object();
+
if (CHECK_FLAG(
p->af_cap
[afi]
[safi],
- PEER_CAP_RESTART_AF_RCV)) {
- json_object *json_sub =
- NULL;
- json_sub =
- json_object_new_object();
-
- if (CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_RESTART_AF_PRESERVE_RCV))
- json_object_boolean_true_add(
- json_sub,
- "preserved");
- restart_af_count++;
- json_object_object_add(
- json_restart,
- afi_safi_print(
- afi,
- safi),
- json_sub);
- }
+ PEER_CAP_RESTART_AF_PRESERVE_RCV))
+ json_object_boolean_true_add(
+ json_sub,
+ "preserved");
+ restart_af_count++;
+ json_object_object_add(
+ json_restart,
+ afi_safi_print(
+ afi,
+ safi),
+ json_sub);
}
}
if (!restart_af_count) {
PEER_CAP_ADDPATH_ADV)) {
vty_out(vty, " AddPath:\n");
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX; safi++) {
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_ADV)
+ || CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_RCV)) {
+ vty_out(vty,
+ " %s: TX ",
+ afi_safi_print(
+ afi,
+ safi));
+
if (CHECK_FLAG(
p->af_cap
[afi]
[safi],
- PEER_CAP_ADDPATH_AF_TX_ADV)
- || CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_RCV)) {
+ PEER_CAP_ADDPATH_AF_TX_ADV))
vty_out(vty,
- " %s: TX ",
+ "advertised %s",
afi_safi_print(
afi,
safi));
- if (CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_ADV))
- vty_out(vty,
- "advertised %s",
- afi_safi_print(
- afi,
- safi));
+ if (CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_RCV))
+ vty_out(vty,
+ "%sreceived",
+ CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_TX_ADV)
+ ? " and "
+ : "");
- if (CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_RCV))
- vty_out(vty,
- "%sreceived",
- CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_TX_ADV)
- ? " and "
- : "");
+ vty_out(vty, "\n");
+ }
- vty_out(vty,
- "\n");
- }
+ if (CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_ADV)
+ || CHECK_FLAG(
+ p->af_cap[afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_RCV)) {
+ vty_out(vty,
+ " %s: RX ",
+ afi_safi_print(
+ afi,
+ safi));
if (CHECK_FLAG(
p->af_cap
[afi]
[safi],
- PEER_CAP_ADDPATH_AF_RX_ADV)
- || CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_RCV)) {
+ PEER_CAP_ADDPATH_AF_RX_ADV))
vty_out(vty,
- " %s: RX ",
+ "advertised %s",
afi_safi_print(
afi,
safi));
- if (CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_ADV))
- vty_out(vty,
- "advertised %s",
- afi_safi_print(
- afi,
- safi));
-
- if (CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_RCV))
- vty_out(vty,
- "%sreceived",
- CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_ADDPATH_AF_RX_ADV)
- ? " and "
- : "");
-
+ if (CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_RCV))
vty_out(vty,
- "\n");
- }
+ "%sreceived",
+ CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_ADDPATH_AF_RX_ADV)
+ ? " and "
+ : "");
+
+ vty_out(vty, "\n");
}
+ }
}
/* Dynamic */
}
/* Multiprotocol Extensions */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX; safi++)
- if (p->afc_adv[afi][safi]
- || p->afc_recv[afi][safi]) {
+ FOREACH_AFI_SAFI (afi, safi)
+ if (p->afc_adv[afi][safi]
+ || p->afc_recv[afi][safi]) {
+ vty_out(vty,
+ " Address Family %s:",
+ afi_safi_print(afi,
+ safi));
+ if (p->afc_adv[afi][safi])
vty_out(vty,
- " Address Family %s:",
- afi_safi_print(
- afi,
- safi));
- if (p->afc_adv[afi]
- [safi])
- vty_out(vty,
- " advertised");
- if (p->afc_recv[afi]
- [safi])
- vty_out(vty,
- " %sreceived",
- p->afc_adv[afi]
- [safi]
- ? "and "
- : "");
- vty_out(vty, "\n");
- }
+ " advertised");
+ if (p->afc_recv[afi][safi])
+ vty_out(vty,
+ " %sreceived",
+ p->afc_adv[afi]
+ [safi]
+ ? "and "
+ : "");
+ vty_out(vty, "\n");
+ }
/* Hostname capability */
vty_out(vty, " Hostname Capability:");
vty_out(vty,
" Address families by peer:\n ");
- for (afi = AFI_IP;
- afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX;
- safi++)
- if (CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_RESTART_AF_RCV)) {
- vty_out(vty,
- "%s%s(%s)",
- restart_af_count
- ? ", "
- : "",
- afi_safi_print(
- afi,
- safi),
- CHECK_FLAG(
- p->af_cap
- [afi]
- [safi],
- PEER_CAP_RESTART_AF_PRESERVE_RCV)
- ? "preserved"
- : "not preserved");
- restart_af_count++;
- }
+ FOREACH_AFI_SAFI (afi, safi)
+ if (CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_RESTART_AF_RCV)) {
+ vty_out(vty,
+ "%s%s(%s)",
+ restart_af_count
+ ? ", "
+ : "",
+ afi_safi_print(
+ afi,
+ safi),
+ CHECK_FLAG(
+ p->af_cap
+ [afi]
+ [safi],
+ PEER_CAP_RESTART_AF_PRESERVE_RCV)
+ ? "preserved"
+ : "not preserved");
+ restart_af_count++;
+ }
if (!restart_af_count)
vty_out(vty, "none");
vty_out(vty, "\n");
json_grace_recv = json_object_new_object();
if (p->status == Established) {
- for (afi = AFI_IP; afi < AFI_MAX; afi++) {
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX; safi++) {
- if (CHECK_FLAG(
- p->af_sflags[afi]
- [safi],
- PEER_STATUS_EOR_SEND)) {
- json_object_boolean_true_add(
- json_grace_send,
- afi_safi_print(
- afi,
- safi));
- eor_send_af_count++;
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (CHECK_FLAG(p->af_sflags[afi][safi],
+ PEER_STATUS_EOR_SEND)) {
+ json_object_boolean_true_add(
+ json_grace_send,
+ afi_safi_print(afi,
+ safi));
+ eor_send_af_count++;
}
}
- for (afi = AFI_IP; afi < AFI_MAX; afi++) {
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX; safi++) {
- if (CHECK_FLAG(
- p->af_sflags[afi]
- [safi],
- PEER_STATUS_EOR_RECEIVED)) {
- json_object_boolean_true_add(
- json_grace_recv,
- afi_safi_print(
- afi,
- safi));
- eor_receive_af_count++;
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (CHECK_FLAG(
+ p->af_sflags[afi][safi],
+ PEER_STATUS_EOR_RECEIVED)) {
+ json_object_boolean_true_add(
+ json_grace_recv,
+ afi_safi_print(afi,
+ safi));
+ eor_receive_af_count++;
}
}
}
vty_out(vty, " Graceful restart informations:\n");
if (p->status == Established) {
vty_out(vty, " End-of-RIB send: ");
- for (afi = AFI_IP; afi < AFI_MAX; afi++) {
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX; safi++) {
- if (CHECK_FLAG(
- p->af_sflags[afi]
- [safi],
- PEER_STATUS_EOR_SEND)) {
- vty_out(vty, "%s%s",
- eor_send_af_count
- ? ", "
- : "",
- afi_safi_print(
- afi,
- safi));
- eor_send_af_count++;
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (CHECK_FLAG(p->af_sflags[afi][safi],
+ PEER_STATUS_EOR_SEND)) {
+ vty_out(vty, "%s%s",
+ eor_send_af_count ? ", "
+ : "",
+ afi_safi_print(afi,
+ safi));
+ eor_send_af_count++;
}
}
vty_out(vty, "\n");
vty_out(vty, " End-of-RIB received: ");
- for (afi = AFI_IP; afi < AFI_MAX; afi++) {
- for (safi = SAFI_UNICAST;
- safi < SAFI_MAX; safi++) {
- if (CHECK_FLAG(
- p->af_sflags[afi]
- [safi],
- PEER_STATUS_EOR_RECEIVED)) {
- vty_out(vty, "%s%s",
- eor_receive_af_count
- ? ", "
- : "",
- afi_safi_print(
- afi,
- safi));
- eor_receive_af_count++;
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (CHECK_FLAG(
+ p->af_sflags[afi][safi],
+ PEER_STATUS_EOR_RECEIVED)) {
+ vty_out(vty, "%s%s",
+ eor_receive_af_count
+ ? ", "
+ : "",
+ afi_safi_print(afi,
+ safi));
+ eor_receive_af_count++;
}
}
vty_out(vty, "\n");
if (use_json)
json_hold = json_object_new_object();
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- if (p->afc[afi][safi])
- bgp_show_peer_afi(vty, p, afi, safi, use_json,
- json_hold);
+ FOREACH_AFI_SAFI (afi, safi)
+ if (p->afc[afi][safi])
+ bgp_show_peer_afi(vty, p, afi, safi, use_json,
+ json_hold);
if (use_json) {
json_object_object_add(json_neigh, "addressFamilyInfo",
com = (struct community *)backet->data;
vty_out(vty, "[%p] (%ld) %s\n", (void *)com, com->refcnt,
- community_str(com));
+ community_str(com, false));
}
/* Show BGP's community internal data. */
/* Display AFs configured. */
vty_out(vty, " Configured address-families:");
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (conf->afc[afi][safi]) {
- af_cfgd = 1;
- vty_out(vty, " %s;", afi_safi_print(afi, safi));
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (conf->afc[afi][safi]) {
+ af_cfgd = 1;
+ vty_out(vty, " %s;", afi_safi_print(afi, safi));
}
+ }
if (!af_cfgd)
vty_out(vty, " none\n");
else
vty_out(vty, " %s %s\n",
community_direct_str(entry->direct),
entry->style == COMMUNITY_LIST_STANDARD
- ? community_str(entry->u.com)
+ ? community_str(entry->u.com, false)
: entry->config);
}
}
str = "";
else {
if (entry->style == COMMUNITY_LIST_STANDARD)
- str = community_str(entry->u.com);
+ str = community_str(entry->u.com, false);
else
str = entry->config;
}
static int zebra_read_route(int command, struct zclient *zclient,
zebra_size_t length, vrf_id_t vrf_id)
{
+ enum nexthop_types_t nhtype;
struct zapi_route api;
union g_addr nexthop;
- unsigned int ifindex;
+ ifindex_t ifindex;
int add, i;
struct bgp *bgp;
nexthop = api.nexthops[0].gate;
ifindex = api.nexthops[0].ifindex;
+ nhtype = api.nexthops[0].type;
add = (command == ZEBRA_REDISTRIBUTE_ROUTE_ADD);
if (add) {
/* Now perform the add/update. */
bgp_redistribute_add(bgp, &api.prefix, &nexthop, ifindex,
- api.metric, api.type, api.instance,
- api.tag);
+ nhtype, api.metric, api.type,
+ api.instance, api.tag);
} else {
bgp_redistribute_delete(bgp, &api.prefix, api.type,
api.instance);
peer->password = NULL;
/* Set default flags. */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (!bgp_option_check(BGP_OPT_CONFIG_CISCO)) {
- SET_FLAG(peer->af_flags[afi][safi],
- PEER_FLAG_SEND_COMMUNITY);
- SET_FLAG(peer->af_flags[afi][safi],
- PEER_FLAG_SEND_EXT_COMMUNITY);
- SET_FLAG(peer->af_flags[afi][safi],
- PEER_FLAG_SEND_LARGE_COMMUNITY);
- }
- peer->orf_plist[afi][safi] = NULL;
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (!bgp_option_check(BGP_OPT_CONFIG_CISCO)) {
+ SET_FLAG(peer->af_flags[afi][safi],
+ PEER_FLAG_SEND_COMMUNITY);
+ SET_FLAG(peer->af_flags[afi][safi],
+ PEER_FLAG_SEND_EXT_COMMUNITY);
+ SET_FLAG(peer->af_flags[afi][safi],
+ PEER_FLAG_SEND_LARGE_COMMUNITY);
}
+ peer->orf_plist[afi][safi] = NULL;
+ }
SET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
/* Create buffers. */
peer_dst->password =
XSTRDUP(MTYPE_PEER_PASSWORD, peer_src->password);
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- peer_dst->afc[afi][safi] = peer_src->afc[afi][safi];
- peer_dst->af_flags[afi][safi] =
- peer_src->af_flags[afi][safi];
- peer_dst->allowas_in[afi][safi] =
- peer_src->allowas_in[afi][safi];
- peer_dst->weight[afi][safi] =
- peer_src->weight[afi][safi];
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ peer_dst->afc[afi][safi] = peer_src->afc[afi][safi];
+ peer_dst->af_flags[afi][safi] = peer_src->af_flags[afi][safi];
+ peer_dst->allowas_in[afi][safi] =
+ peer_src->allowas_in[afi][safi];
+ peer_dst->weight[afi][safi] = peer_src->weight[afi][safi];
+ }
for (afidx = BGP_AF_START; afidx < BGP_AF_MAX; afidx++) {
paf = peer_src->peer_af_array[afidx];
afi_t afi;
safi_t safi;
- for (afi = AFI_IP; afi < AFI_MAX; afi++) {
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- bgp_recalculate_afi_safi_bestpaths(bgp, afi, safi);
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ bgp_recalculate_afi_safi_bestpaths(bgp, afi, safi);
}
}
}
/* Free filter related memory. */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- filter = &peer->filter[afi][safi];
-
- for (i = FILTER_IN; i < FILTER_MAX; i++) {
- if (filter->dlist[i].name) {
- XFREE(MTYPE_BGP_FILTER_NAME,
- filter->dlist[i].name);
- filter->dlist[i].name = NULL;
- }
-
- if (filter->plist[i].name) {
- XFREE(MTYPE_BGP_FILTER_NAME,
- filter->plist[i].name);
- filter->plist[i].name = NULL;
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ filter = &peer->filter[afi][safi];
- if (filter->aslist[i].name) {
- XFREE(MTYPE_BGP_FILTER_NAME,
- filter->aslist[i].name);
- filter->aslist[i].name = NULL;
- }
+ for (i = FILTER_IN; i < FILTER_MAX; i++) {
+ if (filter->dlist[i].name) {
+ XFREE(MTYPE_BGP_FILTER_NAME,
+ filter->dlist[i].name);
+ filter->dlist[i].name = NULL;
}
- for (i = RMAP_IN; i < RMAP_MAX; i++) {
- if (filter->map[i].name) {
- XFREE(MTYPE_BGP_FILTER_NAME,
- filter->map[i].name);
- filter->map[i].name = NULL;
- }
+ if (filter->plist[i].name) {
+ XFREE(MTYPE_BGP_FILTER_NAME,
+ filter->plist[i].name);
+ filter->plist[i].name = NULL;
}
- if (filter->usmap.name) {
+ if (filter->aslist[i].name) {
XFREE(MTYPE_BGP_FILTER_NAME,
- filter->usmap.name);
- filter->usmap.name = NULL;
+ filter->aslist[i].name);
+ filter->aslist[i].name = NULL;
}
+ }
- if (peer->default_rmap[afi][safi].name) {
- XFREE(MTYPE_ROUTE_MAP_NAME,
- peer->default_rmap[afi][safi].name);
- peer->default_rmap[afi][safi].name = NULL;
+ for (i = RMAP_IN; i < RMAP_MAX; i++) {
+ if (filter->map[i].name) {
+ XFREE(MTYPE_BGP_FILTER_NAME,
+ filter->map[i].name);
+ filter->map[i].name = NULL;
}
}
+ if (filter->usmap.name) {
+ XFREE(MTYPE_BGP_FILTER_NAME, filter->usmap.name);
+ filter->usmap.name = NULL;
+ }
+
+ if (peer->default_rmap[afi][safi].name) {
+ XFREE(MTYPE_ROUTE_MAP_NAME,
+ peer->default_rmap[afi][safi].name);
+ peer->default_rmap[afi][safi].name = NULL;
+ }
+ }
+
FOREACH_AFI_SAFI (afi, safi)
peer_af_delete(peer, afi, safi);
if (peer->conf_if && cap_enhe_preset)
peer_flag_set(peer, PEER_FLAG_CAPABILITY_ENHE);
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (group->conf->afc[afi][safi]) {
- peer->afc[afi][safi] = 1;
-
- if (peer_af_find(peer, afi, safi)
- || peer_af_create(peer, afi,
- safi)) {
- peer_group2peer_config_copy_af(
- group, peer, afi, safi);
- }
- } else if (peer->afc[afi][safi])
- peer_deactivate(peer, afi, safi);
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (group->conf->afc[afi][safi]) {
+ peer->afc[afi][safi] = 1;
+
+ if (peer_af_find(peer, afi, safi)
+ || peer_af_create(peer, afi, safi)) {
+ peer_group2peer_config_copy_af(
+ group, peer, afi, safi);
+ }
+ } else if (peer->afc[afi][safi])
+ peer_deactivate(peer, afi, safi);
}
if (peer->group) {
/* If the peer-group is active for this afi/safi then activate
* for this peer */
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
- if (group->conf->afc[afi][safi]) {
- peer->afc[afi][safi] = 1;
- peer_af_create(peer, afi, safi);
- peer_group2peer_config_copy_af(
- group, peer, afi, safi);
- } else if (peer->afc[afi][safi])
- peer_deactivate(peer, afi, safi);
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (group->conf->afc[afi][safi]) {
+ peer->afc[afi][safi] = 1;
+ peer_af_create(peer, afi, safi);
+ peer_group2peer_config_copy_af(group, peer, afi,
+ safi);
+ } else if (peer->afc[afi][safi])
+ peer_deactivate(peer, afi, safi);
+ }
SET_FLAG(peer->flags, PEER_FLAG_CONFIG_NODE);
if (group != peer->group)
return BGP_ERR_PEER_GROUP_MISMATCH;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (peer->afc[afi][safi]) {
- peer->afc[afi][safi] = 0;
- peer_af_flag_reset(peer, afi, safi);
-
- if (peer_af_delete(peer, afi, safi) != 0) {
- zlog_err(
- "couldn't delete af structure for peer %s",
- peer->host);
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (peer->afc[afi][safi]) {
+ peer->afc[afi][safi] = 0;
+ peer_af_flag_reset(peer, afi, safi);
+
+ if (peer_af_delete(peer, afi, safi) != 0) {
+ zlog_err(
+ "couldn't delete af structure for peer %s",
+ peer->host);
}
}
+ }
assert(listnode_lookup(group->peer, peer));
peer_unlock(peer); /* peer group list reference */
bgp->group = list_new();
bgp->group->cmp = (int (*)(void *, void *))peer_group_cmp;
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- bgp->route[afi][safi] = bgp_table_init(afi, safi);
- bgp->aggregate[afi][safi] = bgp_table_init(afi, safi);
- bgp->rib[afi][safi] = bgp_table_init(afi, safi);
+ FOREACH_AFI_SAFI (afi, safi) {
+ bgp->route[afi][safi] = bgp_table_init(afi, safi);
+ bgp->aggregate[afi][safi] = bgp_table_init(afi, safi);
+ bgp->rib[afi][safi] = bgp_table_init(afi, safi);
- /* Enable maximum-paths */
- bgp_maximum_paths_set(bgp, afi, safi, BGP_PEER_EBGP,
- multipath_num, 0);
- bgp_maximum_paths_set(bgp, afi, safi, BGP_PEER_IBGP,
- multipath_num, 0);
- }
+ /* Enable maximum-paths */
+ bgp_maximum_paths_set(bgp, afi, safi, BGP_PEER_EBGP,
+ multipath_num, 0);
+ bgp_maximum_paths_set(bgp, afi, safi, BGP_PEER_IBGP,
+ multipath_num, 0);
+ }
bgp->v_update_delay = BGP_UPDATE_DELAY_DEF;
bgp->default_local_pref = BGP_DEFAULT_LOCAL_PREF;
bgp->peerhash = NULL;
}
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- /* Special handling for 2-level routing tables. */
- if (safi == SAFI_MPLS_VPN || safi == SAFI_ENCAP
- || safi == SAFI_EVPN) {
- for (rn = bgp_table_top(bgp->rib[afi][safi]);
- rn; rn = bgp_route_next(rn)) {
- table = (struct bgp_table *)rn->info;
- bgp_table_finish(&table);
- }
+ FOREACH_AFI_SAFI (afi, safi) {
+ /* Special handling for 2-level routing tables. */
+ if (safi == SAFI_MPLS_VPN || safi == SAFI_ENCAP
+ || safi == SAFI_EVPN) {
+ for (rn = bgp_table_top(bgp->rib[afi][safi]); rn;
+ rn = bgp_route_next(rn)) {
+ table = (struct bgp_table *)rn->info;
+ bgp_table_finish(&table);
}
- if (bgp->route[afi][safi])
- bgp_table_finish(&bgp->route[afi][safi]);
- if (bgp->aggregate[afi][safi])
- bgp_table_finish(&bgp->aggregate[afi][safi]);
- if (bgp->rib[afi][safi])
- bgp_table_finish(&bgp->rib[afi][safi]);
- rmap = &bgp->table_map[afi][safi];
- if (rmap->name)
- XFREE(MTYPE_ROUTE_MAP_NAME, rmap->name);
}
+ if (bgp->route[afi][safi])
+ bgp_table_finish(&bgp->route[afi][safi]);
+ if (bgp->aggregate[afi][safi])
+ bgp_table_finish(&bgp->aggregate[afi][safi]);
+ if (bgp->rib[afi][safi])
+ bgp_table_finish(&bgp->rib[afi][safi]);
+ rmap = &bgp->table_map[afi][safi];
+ if (rmap->name)
+ XFREE(MTYPE_ROUTE_MAP_NAME, rmap->name);
+ }
bgp_scan_finish(bgp);
bgp_address_destroy(bgp);
* peer_group_bind as that is sub-optimal and does some stuff we don't
* want.
*/
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (!group->conf->afc[afi][safi])
- continue;
- peer->afc[afi][safi] = 1;
+ FOREACH_AFI_SAFI (afi, safi) {
+ if (!group->conf->afc[afi][safi])
+ continue;
+ peer->afc[afi][safi] = 1;
- if (!peer_af_find(peer, afi, safi))
- peer_af_create(peer, afi, safi);
+ if (!peer_af_find(peer, afi, safi))
+ peer_af_create(peer, afi, safi);
- peer_group2peer_config_copy_af(group, peer, afi, safi);
- }
+ peer_group2peer_config_copy_af(group, peer, afi, safi);
+ }
/* Mark as dynamic, but also as a "config node" for other things to
* work. */
update_group_policy_update(bgp, BGP_POLICY_FILTER_LIST,
access->name, 0, 0);
for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX;
- safi++) {
- filter = &peer->filter[afi][safi];
-
- for (direct = FILTER_IN;
- direct < FILTER_MAX; direct++) {
- if (filter->dlist[direct].name)
- filter->dlist[direct]
- .alist = access_list_lookup(
- afi,
- filter->dlist[direct]
- .name);
- else
+ FOREACH_AFI_SAFI (afi, safi) {
+ filter = &peer->filter[afi][safi];
+
+ for (direct = FILTER_IN; direct < FILTER_MAX;
+ direct++) {
+ if (filter->dlist[direct].name)
+ filter->dlist[direct]
+ .alist = access_list_lookup(
+ afi,
filter->dlist[direct]
- .alist = NULL;
- }
+ .name);
+ else
+ filter->dlist[direct].alist =
+ NULL;
}
+ }
}
for (ALL_LIST_ELEMENTS(bgp->group, node, nnode, group)) {
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX;
- safi++) {
- filter =
- &group->conf->filter[afi][safi];
-
- for (direct = FILTER_IN;
- direct < FILTER_MAX; direct++) {
- if (filter->dlist[direct].name)
- filter->dlist[direct]
- .alist = access_list_lookup(
- afi,
- filter->dlist[direct]
- .name);
- else
+ FOREACH_AFI_SAFI (afi, safi) {
+ filter = &group->conf->filter[afi][safi];
+
+ for (direct = FILTER_IN; direct < FILTER_MAX;
+ direct++) {
+ if (filter->dlist[direct].name)
+ filter->dlist[direct]
+ .alist = access_list_lookup(
+ afi,
filter->dlist[direct]
- .alist = NULL;
- }
+ .name);
+ else
+ filter->dlist[direct].alist =
+ NULL;
}
+ }
}
#if ENABLE_BGP_VNC
vnc_prefix_list_update(bgp);
plist ? prefix_list_name(plist) : NULL, 0, 0);
for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX;
- safi++) {
- filter = &peer->filter[afi][safi];
-
- for (direct = FILTER_IN;
- direct < FILTER_MAX; direct++) {
- if (filter->plist[direct].name)
- filter->plist[direct]
- .plist = prefix_list_lookup(
- afi,
- filter->plist[direct]
- .name);
- else
+ FOREACH_AFI_SAFI (afi, safi) {
+ filter = &peer->filter[afi][safi];
+
+ for (direct = FILTER_IN; direct < FILTER_MAX;
+ direct++) {
+ if (filter->plist[direct].name)
+ filter->plist[direct]
+ .plist = prefix_list_lookup(
+ afi,
filter->plist[direct]
- .plist = NULL;
- }
+ .name);
+ else
+ filter->plist[direct].plist =
+ NULL;
}
+ }
}
for (ALL_LIST_ELEMENTS(bgp->group, node, nnode, group)) {
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX;
- safi++) {
- filter =
- &group->conf->filter[afi][safi];
-
- for (direct = FILTER_IN;
- direct < FILTER_MAX; direct++) {
- if (filter->plist[direct].name)
+ FOREACH_AFI_SAFI (afi, safi) {
+ filter = &group->conf->filter[afi][safi];
+
+ for (direct = FILTER_IN; direct < FILTER_MAX;
+ direct++) {
+ if (filter->plist[direct].name)
+ filter->plist[direct]
+ .plist = prefix_list_lookup(
+ afi,
filter->plist[direct]
- .plist = prefix_list_lookup(
- afi,
- filter->plist[direct]
- .name);
- else
- filter->plist[direct]
- .plist = NULL;
- }
+ .name);
+ else
+ filter->plist[direct].plist =
+ NULL;
}
+ }
}
}
}
aslist_name, 0, 0);
for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX;
- safi++) {
- filter = &peer->filter[afi][safi];
-
- for (direct = FILTER_IN;
- direct < FILTER_MAX; direct++) {
- if (filter->aslist[direct].name)
+ FOREACH_AFI_SAFI (afi, safi) {
+ filter = &peer->filter[afi][safi];
+
+ for (direct = FILTER_IN; direct < FILTER_MAX;
+ direct++) {
+ if (filter->aslist[direct].name)
+ filter->aslist[direct]
+ .aslist = as_list_lookup(
filter->aslist[direct]
- .aslist = as_list_lookup(
- filter->aslist[direct]
- .name);
- else
- filter->aslist[direct]
- .aslist = NULL;
- }
+ .name);
+ else
+ filter->aslist[direct].aslist =
+ NULL;
}
+ }
}
for (ALL_LIST_ELEMENTS(bgp->group, node, nnode, group)) {
- for (afi = AFI_IP; afi < AFI_MAX; afi++)
- for (safi = SAFI_UNICAST; safi < SAFI_MAX;
- safi++) {
- filter =
- &group->conf->filter[afi][safi];
-
- for (direct = FILTER_IN;
- direct < FILTER_MAX; direct++) {
- if (filter->aslist[direct].name)
+ FOREACH_AFI_SAFI (afi, safi) {
+ filter = &group->conf->filter[afi][safi];
+
+ for (direct = FILTER_IN; direct < FILTER_MAX;
+ direct++) {
+ if (filter->aslist[direct].name)
+ filter->aslist[direct]
+ .aslist = as_list_lookup(
filter->aslist[direct]
- .aslist = as_list_lookup(
- filter->aslist[direct]
- .name);
- else
- filter->aslist[direct]
- .aslist = NULL;
- }
+ .name);
+ else
+ filter->aslist[direct].aslist =
+ NULL;
}
+ }
}
}
}
AS_HELP_STRING([--enable-cumulus], [enable Cumulus Switch Special Extensions]))
AC_ARG_ENABLE(datacenter,
AS_HELP_STRING([--enable-datacenter], [enable Compilation for Data Center Extensions]))
+AC_ARG_ENABLE(fuzzing,
+ AS_HELP_STRING([--enable-fuzzing], [enable ability to fuzz various parts of FRR]))
AC_ARG_ENABLE(rr-semantics,
AS_HELP_STRING([--disable-rr-semantics], [disable the v6 Route Replace semantics]))
AC_ARG_ENABLE([protobuf],
DFLT_NAME="traditional"
fi
+if test "${enable_fuzzing}" = "yes" ; then
+ AC_DEFINE(HANDLE_ZAPI_FUZZING,,Compile extensions to use with a fuzzer)
+fi
+
if test "${enable_cumulus}" = "yes" ; then
AC_DEFINE(HAVE_CUMULUS,,Compile Special Cumulus Code in)
fi
doc/Makefile tests/Makefile
bgpd/rfp-example/rfptest/Makefile bgpd/rfp-example/librfp/Makefile
redhat/frr.spec
+ debianpkg/Makefile
+ debianpkg/changelog
snapcraft/snapcraft.yaml
lib/version.h
tests/lib/cli/test_cli.refout
+++ /dev/null
-* SAFETY MEASURES:
-==================
-
-Please consider setting this package "on hold" by typing
- echo "frr hold" | dpkg --set-selections
-and verifying this using
- dpkg --get-selections | grep 'hold$'
-
-Setting a package "on hold" means that it will not automatically be upgraded.
-Instead apt-get only displays a warning saying that a new version would be
-available forcing you to explicitly type "apt-get install frr" to upgrade it.
-
-
-* What is frr?
-=================
-
-http://www.frrouting.org/
-FRR is a routing software suite, providing implementations of OSPFv2,
-OSPFv3, RIP v1 and v2, RIPng, ISIS, PIM, BGP and LDP for Unix platforms, particularly
-FreeBSD and Linux and also NetBSD, to mention a few. FRR is a fork of Quagga
-which itself is a fork of Zebra.
-Zebra was developed by Kunihiro Ishiguro.
-
-
-* Why has SNMP support been disabled?
-=====================================
-FRR used to link against the NetSNMP libraries to provide SNMP
-support. Those libraries sadly link against the OpenSSL libraries
-to provide crypto support for SNMPv3 among others.
-OpenSSL now is not compatible with the GNU GENERAL PUBLIC LICENSE (GPL)
-licence that FRR is distributed under. For more explanation read:
- http://www.gnome.org/~markmc/openssl-and-the-gpl.html
- http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs
-Updating the licence to explecitly allow linking against OpenSSL
-would requite the affirmation of all people that ever contributed
-a significant part to Zebra / Quagga or FRR and thus are the collective
-"copyright holder". That's too much work. Using a shrinked down
-version of NetSNMP without OpenSSL or convincing the NetSNMP people
-to change to GnuTLS are maybe good solutions but not reachable
-during the last days before the Sarge release :-(
-
- *BUT*
-
-It is allowed by the used licence mix that you fetch the sources and
-build FRR yourself with SNMP with
- <remove the "grep ^smux" block at the end of debian/frr.preinst>
- # export WANT_SNMP=1
- # apt-get -b source frr
-Just distributing it in binary form, linked against OpenSSL, is forbidden.
-
-
-* Daemon selection:
-===================
-
-The Debian package uses /etc/frr/daemons to tell the
-initscript which daemons to start. It's in the format
-<daemon>=<yes|no|priority>
-with no spaces (it's simply source-d into the initscript).
-Default is not to start anything, since it can hose your
-system's routing table if not set up properly.
-
-Priorities were suggested by Dancer <dancer@zeor.simegen.com>.
-They're used to start the FRR daemons in more than one step
-(for example start one or two at network initialization and the
-rest later). The number of FRR daemons being small, priorities
-must be between 1 and 9, inclusive (or the initscript has to be
-changed). /etc/init.d/frr then can be started as
-
-/etc/init.d/frr <start|stop|restart|<priority>>
-
-where priority 0 is the same as 'stop', priority 10 or 'start'
-means 'start all'
-
-
-* Error message "privs_init: initial cap_set_proc failed":
-==========================================================
-
-This error message means that "capability support" has to be built
-into the kernel.
-
-
-* Error message "netlink-listen: overrun: No buffer space available":
-=====================================================================
-
-If this message occurs the receive buffer should be increased by adding the
-following to /etc/sysctl.conf and "--nl-bufsize" to /etc/frr/daemons.conf.
-> net.core.rmem_default = 262144
-> net.core.rmem_max = 262144
-See message #4525 from 2005-05-09 in the quagga-users mailing list.
-
-
-* vtysh immediately exists:
-===========================
-
-Check /etc/pam.d/frr, it probably denies access to your user. The passwords
-configured in /etc/frr/frr.conf are only for telnet access.
-
+++ /dev/null
-#
-# To check if the patches still apply on new upstream versions:
-#
-for i in debian/patches/*.diff; do echo -e "#\n# $i\n#"; patch --fuzz=3 --dry-run -p1 < $i; done
-
-#
-# Filename transition from zebra to frr
-#
-
-Files that keep their names
- /usr/bin/vtysh
-
-Files that got an -pj suffix
- /etc/default/zebra -> /etc/frr/daemons.conf
- /etc/init.d/zebra -> /etc/init.d/frr
- /etc/zebra/ -> /etc/frr/
- /usr/share/doc/zebra/ -> /usr/share/doc/frr/
- /var/log/zebra/ -> /var/log/frr/
- /var/run/ -> /var/run/frr/
-
-Files that were moved
- /usr/sbin/* -> /usr/lib/frr/
+++ /dev/null
-frr (3.1-dev) Released; urgency=medium
-
- * New Enabled: PIM draft Unnumbered
-
- -- frr <frog@lists.frrouting.org> Wed, 5 Apr 2017 22:29:42 -0500
-
-frr (3.0) Released; urgency=medium
-
- * New Enabled: BGP Shutdown Message
- * New Enabled: BGP Large Community
- * New Enabled: BGP RFC 7432 Partial Support w/ Ethernet VPN
- * New Enabled: BGP EVPN RT-5
- * New Enabled: LDP RFC 5561
- * New Enabled: LDP RFC 5918
- * New Enabled: LDP RFC 5919
- * New Enabled: LDP RFC 6667
- * New Enabled: LDP RFC 7473
- * New Enabled: OSPF RFC 4552
- * New Enabled: ISIS SPF Backoff draft
- * New Enabled: PIM Unnumbered Interfaces
- * New Enabled: PIM RFC 4611
- * New Enabled: PIM Sparse Mode
- * New Enabled: NHRP RFC 2332
- * New Enabled: Label Manager
-
- -- frr <frr@lists.nox.tf> Wed, 5 Apr 2017 22:23:42 -0500
-
-frr (2.1) Released; urgency=medium
-
- * Switchover to FRR
-
- -- frr <frr@lists.nox.tf> Mon, 23 Jan 2017 16:30:22 -0400
-
-quagga (0.99.24+cl3u5) RELEASED; urgency=medium
-
- * Closes: CM-12846 - Resolve Memory leaks in 'show ip bgp neighbor json'
- * Closes: CM-5878 - Display all ospf peers with 'show ip ospf neighbor detail all'
- * Closes: CM-5794 - Add support for IPv6 static to null0
- * Closes: CM-13060 - Reduce JSON memory usage.
- * Closes: CM-10394 - protect 'could not get instance' error messages with debug
- * Closes: CM-11173 - Move netlink error messages undeer a debug
- * Closes: CM-13328 - Fixes route missing in hardware after reboot
-
- -- dev-support <dev-support@cumulusnetworks.com> Fri, 11 Nov 2016 22:13:29 -0400
-
-quagga (0.99.24+cl3u4) RELEASED; urgency=medium
-
- * Closes: CM-12687 - Buffer overflow in zebra RA code
-
- -- dev-support <dev-support@cumulusnetworks.com> Wed, 31 Aug 2016 12:36:10 -0400
-
-quagga (0.99.24+cl3u3) RELEASED; urgency=medium
-
- * New Enabled: Merge up-to 0.99.24 code from upstream
- * New Enabled: Additional CLI simplification
- * New Enabled: Various Bug Fixes
-
- -- dev-support <dev-support@cumulusnetworks.com> Thu, 04 Aug 2016 08:43:36 -0700
-
-quagga (0.99.23.1-1+cl3u2) RELEASED; urgency=medium
-
- * New Enabled: VRF - See Documentation for how to use
- * New Enabled: Improved interface statistics
- * New Enabled: Various vtysh improvements
- * New Enabled: Numerous compile warnings and SA fixes
- * New Enabled: Improved priviledge handlingA
- * New Enabled: Various OSPF CLI fixes
- * New Enabled: Prefix-list Performance Improvements.
- * New Enabled: Allow more than 1k peers in Quagga
- and Performance Improvements
- * New Enabled: Systemd integration
- * New Enabled: Various ISIS fixes
- * New Enabled: BGP MRT improvements
- * New Enabled: Lowered default MRAI timers
- * New Enabled: Lowered default 'timers connect'
- * New Enabled: 'bgp log-neighbor-changes' enabled by default
- * New Enabled: BGP default keepalive to 3s and holdtime to 9s
- * New Enabled: OSPF spf timers are now '0 50 5000' by default
- * New Enabled: BGP hostname is displayed by default
- * New Enabled: BGP 'no-as-set' is the default for
- 'bgp as-path multipath-relax"
- * New Enabled: RA is on by default if using 5549 on an interface
- * New Enabled: peer-group restrictions relaxed, update-groups determine
- outbund policy anyway
- * New Enabled: BGP enabled 'maximum-paths 64' by default
- * New Enabled: OSPF "log-adjacency-changes" on by default
- * New Enabled: Zebra: Add IPv6 protocol filtering support
- * and setting src of IPv6 routes.
- * New Enabled: BGP and OSPF JSON commands added.
- * New Enabled: BGP Enable multiple instances support by default
- * New Enabled: 'banner motd file' command
- * New Enabled: Remove bad default passwords from default conf
- * New Enabled: BGP addpath TX
- * New Enabled: Simplified configuration for BGP Unnumbered
-
- * New Deprecated: Remove unused 'show memory XXX' functionality
- * New Deprecated: Remove babel protocol
-
- * Closes: CM-10435 Addition on hidden command
- "bfd multihop/singlehop" and "ptm-enable" per interface command
- * Closes: CM-9974 Get route counts right for show ip route summary
- * Closes: CM-9786 BGP memory leak in peer hostname
- * Closes: CM-9340 BGP: Ensure correct sequence of processing at exit
- * Closes: CM-9270 ripd: Fix crash when a default route is passed to rip
- * Closes: CM-9255 BGPD crash around bgp_config_write ()
- * Closes: CM-9134 ospf6d: Fix for crash when non area 0 network
- entered first
- * Closes: CM-8934 OSPFv3: Check area before scheduling SPF
- * Closes: CM-8514 zebra: Crash upon disabling a link
- * Closes: CM-8295 BGP crash in group_announce_route_walkcb
- * Closes: CM-8191 BGP: crash in update_subgroup_merge()
- * Closes: CM-8015 lib: Memory reporting fails over 2GB
- * Closes: CM-7926 BGP: crash from not NULLing freed pointers
-
- -- dev-support <dev-support@cumulusnetworks.com> Wed, 04 May 2016 16:22:52 -0700
-
-quagga (0.99.23.1-1) unstable; urgency=medium
-
- * New upstream release
- * Added .png figures for info files to quagga-doc package.
- * Changed dependency from iproute to iproute2 (thanks to Andreas
- Henriksson). Closes: #753736
- * Added texlive-fonts-recommended to build-depends to get ecrm1095 font
- (thanks to Christoph Biedl). Closes: #651545
-
- -- Christian Brunotte <ch@debian.org> Tue, 30 Sep 2014 00:20:12 +0200
-
-quagga (0.99.23-1) unstable; urgency=low
-
- * New upstream release
- * Removed debian/patches/readline-6.3.diff which was already in upstream.
-
- -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2014 09:15:48 +0200
-
-quagga (0.99.22.4-4) unstable; urgency=medium
-
- * Fix build failure with readline-6.3 (thanks to Matthias Klose).
- Closes: #741774
-
- -- Christian Hammers <ch@debian.org> Sun, 23 Mar 2014 15:28:42 +0100
-
-quagga (0.99.22.4-3) unstable; urgency=low
-
- * Added status to init script (thanks to Peter J. Holzer). Closes: #730625
- * Init script now sources /lib/lsb/init-functions.
- * Switched from hardening-wrapper to dpkg-buildflags.
-
- -- Christian Hammers <ch@debian.org> Wed, 01 Jan 2014 19:12:01 +0100
-
-quagga (0.99.22.4-2) unstable; urgency=low
-
- * Fixed typo in package description (thanks to Davide Prina).
- Closes: #625860
- * Added Italian Debconf translation (thanks to Beatrice Torracca)
- Closes: #729798
-
- -- Christian Hammers <ch@debian.org> Tue, 26 Nov 2013 00:47:11 +0100
-
-quagga (0.99.22.4-1) unstable; urgency=high
-
- * SECURITY:
- "ospfd: CVE-2013-2236, stack overrun in apiserver
-
- the OSPF API-server (exporting the LSDB and allowing announcement of
- Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads
- to an exploitable stack overflow.
-
- For this condition to occur, the following two conditions must be true:
- - Quagga is configured with --enable-opaque-lsa
- - ospfd is started with the "-a" command line option
-
- If either of these does not hold, the relevant code is not executed and
- the issue does not get triggered."
- Closes: #726724
-
- * New upstream release
- - ospfd: protect vs. VU#229804 (malformed Router-LSA)
- (Quagga is said to be non-vulnerable but still adds some protection)
-
- -- Christian Hammers <ch@debian.org> Thu, 24 Oct 2013 22:58:37 +0200
-
-quagga (0.99.22.1-2) unstable; urgency=low
-
- * Added autopkgtests (thanks to Yolanda Robla). Closes: #710147
- * Added "status" command to init script (thanks to James Andrewartha).
- Closes: #690013
- * Added "libsnmp-dev" to Build-Deps. There not needed for the official
- builds but for people who compile Quagga themselves to activate the
- SNMP feature (which for licence reasons cannot be done by Debian).
- Thanks to Ben Winslow). Closes: #694852
- * Changed watchquagga_options to an array so that quotes can finally
- be used as expected. Closes: #681088
- * Fixed bug that prevented restarting only the watchquagga daemon
- (thanks to Harald Kappe). Closes: #687124
-
- -- Christian Hammers <ch@debian.org> Sat, 27 Jul 2013 16:06:25 +0200
-
-quagga (0.99.22.1-1) unstable; urgency=low
-
- * New upstream release
- - ospfd restore nexthop IP for p2p interfaces
- - ospfd: fix LSA initialization for build without opaque LSA
- - ripd: correctly redistribute ifindex routes (BZ#664)
- - bgpd: fix lost passwords of grouped neighbors
- * Removed 91_ld_as_needed.diff as it was found in the upstream source.
-
- -- Christian Hammers <ch@debian.org> Mon, 22 Apr 2013 22:21:20 +0200
-
-quagga (0.99.22-1) unstable; urgency=low
-
- * New upstream release.
- - [bgpd] The semantics of default-originate route-map have changed.
- The route-map is now used to advertise the default route conditionally.
- The old behaviour which allowed to set attributes on the originated
- default route is no longer supported.
- - [bgpd] this version of bgpd implements draft-idr-error-handling. This was
- added in 0.99.21 and may not be desirable. If you need a version
- without this behaviour, please use 0.99.20.1. There will be a
- runtime configuration switch for this in future versions.
- - [isisd] is in "beta" state.
- - [ospf6d] is in "alpha/experimental" state
- - More changes are documented in the upstream changelog!
- * debian/watch: Adjusted to new savannah.gnu.org site, thanks to Bart
- Martens.
- * debian/patches/99_CVE-2012-1820_bgp_capability_orf.diff removed as its
- in the changelog.
- * debian/patches/99_distribute_list.diff removed as its in the changelog.
- * debian/patches/10_doc__Makefiles__makeinfo-force.diff removed as it
- was just for Debian woody.
-
- -- Christian Hammers <ch@debian.org> Thu, 14 Feb 2013 00:22:00 +0100
-
-quagga (0.99.21-4) unstable; urgency=medium
-
- * Fixed regression bug that caused OSPF "distribute-list" statements to be
- silently ignored. The patch has already been applied upstream but there
- has been no new Quagga release since then.
- Thanks to Hans van Kranenburg for reporting. Closes: #697240
-
- -- Christian Hammers <ch@debian.org> Sun, 06 Jan 2013 15:50:32 +0100
-
-quagga (0.99.21-3) unstable; urgency=high
-
- * SECURITY:
- CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling.
- A denial-of-service condition could be caused by an attacker controlling
- one of the pre-configured BGP peers. In most cases this means, that the
- attack must be originated from an adjacent network. Closes: #676510
-
- -- Christian Hammers <ch@debian.org> Fri, 08 Jun 2012 01:15:32 +0200
-
-quagga (0.99.21-2) unstable; urgency=low
-
- * Renamed babeld.8 to quagga-babeld.8 as it conflicted with the
- original mapage of the babeld package which users might want to
- install in parallel as it is slightly more capable. Closes: #671916
-
- -- Christian Hammers <ch@debian.org> Thu, 10 May 2012 07:53:01 +0200
-
-quagga (0.99.21-1) unstable; urgency=low
-
- * New upstream release
- - [bgpd] BGP multipath support has been merged
- - [bgpd] SAFI (Multicast topology) support has been extended to propagate
- the topology to zebra.
- - [bgpd] AS path limit functionality has been removed
- - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing
- protocol has been merged.
- - [isisd] a major overhaul has been picked up. Please note that isisd is
- STILL NOT SUITABLE FOR PRODUCTION USE.
- - a lot of bugs have been fixed
- * Added watchquagga daemon.
- * Added DEP-3 conforming patch comments.
-
- -- Christian Hammers <ch@debian.org> Sun, 06 May 2012 15:33:33 +0200
-
-quagga (0.99.20.1-1) unstable; urgency=high
-
- * SECURITY:
- CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet
- CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data
- CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message
- * New upstream release. Closes: #664033
-
- -- Christian Hammers <ch@debian.org> Fri, 16 Mar 2012 22:14:05 +0100
-
-quagga (0.99.20-4) unstable; urgency=low
-
- * Switch to dpkg-source 3.0 (quilt) format.
- * Switch to changelog-format-1.0.
-
- -- Christian Hammers <ch@debian.org> Sat, 25 Feb 2012 18:52:06 +0100
-
-quagga (0.99.20-3) unstable; urgency=low
-
- * Added --sysconfdir back to the configure options (thanks to Sven-Haegar
- Koch). Closes: #645649
-
- -- Christian Hammers <ch@debian.org> Tue, 18 Oct 2011 00:24:37 +0200
-
-quagga (0.99.20-2) unstable; urgency=low
-
- * Bumped standards version to 0.9.2.
- * Migrated to "dh" build system.
- * Added quagga-dbg package.
-
- -- Christian Hammers <ch@debian.org> Fri, 14 Oct 2011 23:59:26 +0200
-
-quagga (0.99.20-1) unstable; urgency=low
-
- * New upstream release:
- "The primary focus of this release is a fix of SEGV regression in ospfd,
- which was introduced in 0.99.19. It also features a series of minor
- improvements, including better RFC compliance in bgpd, better support
- of FreeBSD and some enhancements to isisd."
- * Fixes off-by-one bug (removed 20_ospf6_area_argv.dpatch). Closes: #519488
-
- -- Christian Hammers <ch@debian.org> Fri, 30 Sep 2011 00:59:24 +0200
-
-quagga (0.99.19-1) unstable; urgency=high
-
- * SECURITY:
- "This release provides security fixes, which address assorted
- vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323,
- CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327).
- * New upstream release.
- * Removed incorporated debian/patches/92_opaque_lsa_enable.dpatch.
- * Removed incorporated debian/patches/93_opaque_lsa_fix.dpatch.
- * Removed obsolete debian/README.Debian.Woody and README.Debian.MD5.
-
- -- Christian Hammers <ch@debian.org> Tue, 27 Sep 2011 00:16:27 +0200
-
-quagga (0.99.18-1) unstable; urgency=low
-
- * SECURITY:
- "This release fixes 2 denial of services in bgpd, which can be remotely
- triggered by malformed AS-Pathlimit or Extended-Community attributes.
- These issues have been assigned CVE-2010-1674 and CVE-2010-1675.
- Support for AS-Pathlimit has been removed with this release."
- * Added Brazilian Portuguese debconf translation. Closes: #617735
- * Changed section for quagga-doc from "doc" to "net".
- * Added patch to fix FTBFS with latest GCC. Closes: #614459
-
- -- Christian Hammers <ch@debian.org> Tue, 22 Mar 2011 23:13:34 +0100
-
-quagga (0.99.17-4) unstable; urgency=low
-
- * Added comment to init script (thanks to Marc Haber). Closes: #599524
-
- -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:53:29 +0100
-
-quagga (0.99.17-3) unstable; urgency=low
-
- * Fix FTBFS with ld --as-needed (thanks to Matthias Klose at Ubuntu).
- Closes: #609555
-
- -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:27:06 +0100
-
-quagga (0.99.17-2) unstable; urgency=low
-
- * Added Danisch Debconf translation (thanks to Joe Dalton). Closes: #596259
-
- -- Christian Hammers <ch@debian.org> Sat, 18 Sep 2010 12:20:07 +0200
-
-quagga (0.99.17-1) unstable; urgency=high
-
- * SECURITY:
- "This release provides two important bugfixes, which address remote crash
- possibility in bgpd discovered by CROSS team.":
- 1. Stack buffer overflow by processing certain Route-Refresh messages
- CVE-2010-2948
- 2. DoS (crash) while processing certain BGP update AS path messages
- CVE-2010-2949
- Closes: #594262
-
- -- Christian Hammers <ch@debian.org> Wed, 25 Aug 2010 00:52:48 +0200
-
-quagga (0.99.16-1) unstable; urgency=low
-
- * New upstream release. Closes: #574527
- * Added chrpath to debian/rules to fix rpath problems that lintian spottet.
-
- -- Christian Hammers <ch@debian.org> Sun, 21 Mar 2010 17:05:40 +0100
-
-quagga (0.99.15-2) unstable; urgency=low
-
- * Applied patch for off-by-one bug in ospf6d that caused a segmentation
- fault when using the "area a.b.c.d filter-list prefix" command (thanks
- to Steinar H. Gunderson). Closes: 519488
-
- -- Christian Hammers <ch@debian.org> Sun, 14 Feb 2010 20:02:03 +0100
-
-quagga (0.99.15-1) unstable; urgency=low
-
- * New upstream release
- "This fixes some annoying little ospfd and ospf6d regressions, which made
- 0.99.14 a bit of a problem release (...) This release still contains a
- regression in the "no ip address ..." command, at least on Linux.
- See bug #486, which contains a workaround patch. This release should be
- considered a 1.0.0 release candidate. Please test this release as widely
- as possible."
- * Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst).
- Closes: #517860
- * Added Russian Debconf tanslation (thanks to Yuri Kozlov).
- Closes: #539464
- * Removed so-version in build-dep to libreadline-dev on request of
- Matthias Klose.
- * Added README.source with reference to dpatch as suggested by lintian.
- * Bumped standards versionto 3.8.3.
-
- -- Christian Hammers <ch@debian.org> Sun, 13 Sep 2009 18:12:06 +0200
-
-quagga (0.99.14-1) unstable; urgency=low
-
- * New upstream release
- "This release contains a regression fix for ospf6d, various small fixes
- and some hopefully very significant bgpd stability fixes.
- This release should be considered a 1.0.0 release candidate. Please test
- this release as widely as possible."
- * Fixes bug with premature LSA aging in ospf6d. Closes: #535030
- * Fixes section number in zebra.8 manpage. Closes: #517860
-
- -- Christian Hammers <ch@debian.org> Sat, 25 Jul 2009 00:40:38 +0200
-
-quagga (0.99.13-2) unstable; urgency=low
-
- * Added Japanese Debconf translation (thanks to Hideki Yamane).
- Closes: #510714
- * When checking for obsoleted config options in preinst, print filename
- where it occures (thanks to Michael Bussmann). Closes: #339489
-
- -- Christian Hammers <ch@debian.org> Sun, 19 Jul 2009 17:13:23 +0200
-
-quagga (0.99.13-1) unstable; urgency=low
-
- * New upstream release
- "This release is contains a number of small fixes, for potentially
- irritating issues, as well as small enhancements to vtysh and support
- for linking to PCRE (a much faster regex library)."
- * Added build-dep to gawk as configure required it for memtypes.awk
- * Replaced build-dep to gs-gpl with ghostscript as requested by lintian
- * Minor changes to copyright and control files to make lintian happy.
-
- -- Christian Hammers <ch@debian.org> Wed, 24 Jun 2009 17:53:28 +0200
-
-quagga (0.99.12-1) unstable; urgency=high
-
- * New upstream release
- "This release fixes an urgent bug in bgpd where it could hit an assert
- if it received a long AS_PATH with a 4-byte ASN." Noteworthy bugfixes:
- + [bgpd] Fix bgp ipv4/ipv6 accept handling
- + [bgpd] AS4 bugfix by Chris Caputo
- + [bgpd] Allow accepted peers to progress even if realpeer is in Connect
- + [ospfd] Switch Fletcher checksum back to old ospfd version
-
- -- Christian Hammers <ch@debian.org> Mon, 22 Jun 2009 00:16:33 +0200
-
-quagga (0.99.11-1) unstable; urgency=low
-
- * New upstream release
- "Most regressions in 0.99 over 0.98 are now believed to be fixed. This
- release should be considered a release-candidate for a new stable series."
- + bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged
- + zebra: ignore dead routes in RIB update
- + [ospfd] Default route needs to be refreshed after neighbour state change
- + [zebra:netlink] Set proto/scope on all route update messages
- * Removed debian/patches/20_*bgp*md5*.dpatch due to upstream support.
-
- -- Christian Hammers <ch@debian.org> Thu, 09 Oct 2008 22:56:38 +0200
-
-quagga (0.99.10-1) unstable; urgency=medium
-
- * New upstream release
- + bgpd: 4-Byte AS Number support
- + Sessions were incorrectly reset if a partial AS-Pathlimit attribute
- was received.
- + Advertisement of Multi-Protocol prefixes (i.e. non-IPv4) had been
- broken in the 0.99.9 release. Closes: #467656
-
- -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2008 23:32:42 +0200
-
-quagga (0.99.9-6) unstable; urgency=low
-
- * Fixed FTBFS by adding a build-dep to libpcre3-dev (thanks to Luk Claes).
- Closes: #469891
-
- -- Christian Hammers <ch@debian.org> Sat, 12 Apr 2008 12:53:51 +0200
-
-quagga (0.99.9-5) unstable; urgency=low
-
- * C.J. Adams-Collier and Paul Jakma suggested to build against libpcre3
- which is supposed to be faster.
-
- -- Christian Hammers <ch@debian.org> Sun, 02 Mar 2008 13:19:42 +0100
-
-quagga (0.99.9-4) unstable; urgency=low
-
- * Added hardening-wrapper to the build-deps (thanks to Moritz Muehlenhoff).
-
- -- Christian Hammers <ch@debian.org> Tue, 29 Jan 2008 22:33:56 +0100
-
-quagga (0.99.9-3) unstable; urgency=low
-
- * Replaced the BGP patch by a new one so that the package builds again
- with kernels above 2.6.21!
- * debian/control:
- + Moved quagga-doc to section doc to make lintian happy.
- * Added Spanish debconf translation (thanks to Carlos Galisteo de Cabo).
- Closes: #428574
- * debian/control: (thanks to Marco Rodrigues)
- + Bump Standards-Version to 3.7.3 (no changes needed).
- + Add Homepage field.
-
- -- Christian Hammers <ch@debian.org> Mon, 28 Jan 2008 22:29:18 +0100
-
-quagga (0.99.9-2.1) unstable; urgency=low
-
- * Non-maintainer upload.
- * debian/rules: fixed bashisms. (Closes: #459122)
-
- -- Miguel Angel Ruiz Manzano <debianized@gmail.com> Tue, 22 Jan 2008 14:37:21 -0300
-
-quagga (0.99.9-2) unstable; urgency=low
-
- * Added CVE id for the security bug to the last changelog entry.
- Closes: 442133
-
- -- Christian Hammers <ch@debian.org> Tue, 25 Sep 2007 22:01:31 +0200
-
-quagga (0.99.9-1) unstable; urgency=high
-
- * SECURITY:
- "This release fixes two potential DoS conditions in bgpd, reported by Mu
- Security, where a bgpd could be crashed if a peer sent a malformed OPEN
- message or a malformed COMMUNITY attribute. Only configured peers can do
- this, hence we consider these issues to be very low impact." CVE-2007-4826
-
- -- Christian Hammers <ch@debian.org> Wed, 12 Sep 2007 21:12:41 +0200
-
-quagga (0.99.8-1) unstable; urgency=low
-
- * New upstream version.
-
- -- Christian Hammers <ch@debian.org> Fri, 17 Aug 2007 00:07:04 +0200
-
-quagga (0.99.7-3) unstable; urgency=medium
-
- * Applied patch for FTBFS with linux-libc-dev (thanks to Andrew J. Schorr
- and Lucas Nussbaum). Closes: #429003
-
- -- Christian Hammers <ch@debian.org> Fri, 22 Jun 2007 21:34:55 +0200
-
-quagga (0.99.7-2) unstable; urgency=low
-
- * Added Florian Weimar as co-maintainer. Closes: 421977
- * Added Dutch debconf translation (thanks to Bart Cornelis).
- Closes: #420932
- * Added Portuguese debconf translation (thanks to Rui Branco).
- Closes: #421185
- * Improved package description (thanks to Reuben Thomas).
- Closes: #418933
- * Added CVE Id to 0.99.6-5 changelog entry.
-
- -- Christian Hammers <ch@debian.org> Wed, 02 May 2007 20:27:12 +0200
-
-quagga (0.99.7-1) unstable; urgency=low
-
- * New upstream release. Closes: #421553
-
- -- Christian Hammers <ch@debian.org> Mon, 30 Apr 2007 14:22:34 +0200
-
-quagga (0.99.6-6) unstable; urgency=medium
-
- * Fixes FTBFS with tetex-live. Closes: #420468
-
- -- Christian Hammers <ch@debian.org> Mon, 23 Apr 2007 21:34:13 +0200
-
-quagga (0.99.6-5) unstable; urgency=high
-
- * SECURITY:
- The bgpd daemon was vulnerable to a Denial-of-Service. Configured peers
- could cause a Quagga bgpd to, typically, assert() and abort. The DoS
- could be triggered by peers by sending an UPDATE message with a crafted,
- malformed Multi-Protocol reachable/unreachable NLRI attribute.
- This is CVE-2007-1995 and Quagga Bug#354. Closes: #418323
-
- -- Christian Hammers <ch@debian.org> Thu, 12 Apr 2007 23:21:58 +0200
-
-quagga (0.99.6-4) unstable; urgency=low
-
- * Improved note in README.Debian for SNMP self-builders (thanks to Matthias
- Wamser). Closes: #414788
-
- -- Christian Hammers <ch@debian.org> Wed, 14 Mar 2007 02:18:57 +0100
-
-quagga (0.99.6-3) unstable; urgency=low
-
- * Updated German Debconf translation (thanks to Matthias Julius).
- Closes: #409327
-
- -- Christian Hammers <ch@debian.org> Sat, 10 Feb 2007 15:06:16 +0100
-
-quagga (0.99.6-2) unstable; urgency=low
-
- * Updated config.guess/config.sub as suggested by lintian.
- * Corrected README.Debian text regarding the WANT_SNMP flag.
-
- -- Christian Hammers <ch@debian.org> Sun, 17 Dec 2006 01:45:37 +0100
-
-quagga (0.99.6-1) unstable; urgency=low
-
- * New upstream release. Closes: #402361
-
- -- Christian Hammers <ch@debian.org> Mon, 11 Dec 2006 00:28:09 +0100
-
-quagga (0.99.5-5) unstable; urgency=high
-
- * Changed Depends on adduser to Pre-Depends to avoid uninstallability
- in certain cases (thanks to Steve Langasek, Lucas Nussbaum).
- Closes: #398562
-
- -- Christian Hammers <ch@debian.org> Wed, 15 Nov 2006 17:46:34 +0100
-
-quagga (0.99.5-4) unstable; urgency=low
-
- * Added default PAM file and some explanations regarding PAM authentication
- of vtysh which could prevent the start at boot-time when used wrong.
- Now PAM permits anybody to access the vtysh tool (a malicious user could
- build his own vtysh without PAM anyway) and the access is controled by
- the read/write permissions of the vtysh socket which are only granted to
- users belonging to the quaggavty group (thanks to Wakko Warner).
- Closes: #389496
- * Added "case" to prerm script so that the Debconf question is not called a
- second time in e.g. "new-prerm abort-upgrade" after being NACKed in the
- old-prerm.
-
- -- Christian Hammers <ch@debian.org> Fri, 3 Nov 2006 01:22:15 +0100
-
-quagga (0.99.5-3) unstable; urgency=medium
-
- * Backport CVS fix for an OSPF DD Exchange regression (thanks to Matt
- Brown). Closes: #391040
-
- -- Christian Hammers <ch@debian.org> Wed, 25 Oct 2006 19:47:11 +0200
-
-quagga (0.99.5-2) unstable; urgency=medium
-
- * Added LSB info section to initscript.
- * Removed unnecessary depends to libncurses5 to make checklib happy.
- The one to libcap should remain though as it is just temporarily
- unused.
-
- -- Christian Hammers <ch@debian.org> Thu, 21 Sep 2006 00:04:07 +0200
-
-quagga (0.99.5-1) unstable; urgency=low
-
- * New upstream release. Closes: #38704
- * Upstream fixes ospfd documentary inconsistency. Closes: #347897
- * Changed debconf question in prerm to "high" (thanks to Rafal Pietrak).
-
- -- Christian Hammers <ch@debian.org> Mon, 11 Sep 2006 23:43:42 +0200
-
-quagga (0.99.4-4) unstable; urgency=low
-
- * Recreate /var/run if not present because /var is e.g. on a tmpfs
- filesystem (thanks to Martin Pitt). Closes: #376142
- * Removed nonexistant option from ospfd.8 manpage (thanks to
- David Medberry). Closes: 378274
-
- -- Christian Hammers <ch@debian.org> Sat, 15 Jul 2006 20:22:12 +0200
-
-quagga (0.99.4-3) unstable; urgency=low
-
- * Removed invalid semicolon from rules file (thanks to Philippe Gramoulle).
-
- -- Christian Hammers <ch@debian.org> Tue, 27 Jun 2006 23:36:07 +0200
-
-quagga (0.99.4-2) unstable; urgency=high
-
- * Set urgency to high as 0.99.4-1 fixes a security problem!
- * Fixed building of the info file.
-
- -- Christian Hammers <ch@debian.org> Sun, 14 May 2006 23:04:28 +0200
-
-quagga (0.99.4-1) unstable; urgency=low
-
- * New upstream release to fix a security problem in the telnet interface
- of the BGP daemon which could be used for DoS attacks (CVE-2006-2276).
- Closes: 366980
-
- -- Christian Hammers <ch@debian.org> Sat, 13 May 2006 19:54:40 +0200
-
-quagga (0.99.3-3) unstable; urgency=low
-
- * Added CVE numbers for the security patch in 0.99.3-2.
-
- -- Christian Hammers <ch@debian.org> Sat, 6 May 2006 17:14:22 +0200
-
-quagga (0.99.3-2) unstable; urgency=high
-
- * SECURITY:
- Added security bugfix patch from upstream BTS for security problem
- that could lead to injected routes when using RIPv1.
- CVE-2006-2223 - missing configuration to disable RIPv1 or require
- plaintext or MD5 authentication
- CVE-2006-2224 - lack of enforcement of RIPv2 authentication requirements
- Closes: #365940
- * First amd64 upload.
-
- -- Christian Hammers <ch@debian.org> Thu, 4 May 2006 00:22:09 +0200
-
-quagga (0.99.3-1) unstable; urgency=low
-
- * New upstream release
-
- -- Christian Hammers <ch@debian.org> Wed, 25 Jan 2006 13:37:27 +0100
-
-quagga (0.99.2-1) unstable; urgency=low
-
- * New upstream release
- Closes: #330248, #175553
-
- -- Christian Hammers <ch@debian.org> Wed, 16 Nov 2005 00:25:52 +0100
-
-quagga (0.99.1-7) unstable; urgency=low
-
- * Changed debian/rules check for mounted /proc directory to check
- for /proc/1 as not all systems (e.g. 2.6 arm kernels) have
- /proc/kcore which is a optional feature only (thanks to Lennert
- Buytenhek). Closes: #335695
- * Added Swedish Debconf translation (thanks to Daniel Nylander).
- Closes: #331367
-
- -- Christian Hammers <ch@debian.org> Thu, 27 Oct 2005 20:53:19 +0200
-
-quagga (0.99.1-6) unstable; urgency=low
-
- * Fixed debconf dependency as requested by Joey Hess.
-
- -- Christian Hammers <ch@debian.org> Mon, 26 Sep 2005 20:47:35 +0200
-
-quagga (0.99.1-5) unstable; urgency=low
-
- * Rebuild with libreadline5-dev as build-dep as requested by
- Matthias Klose. Closes: #326306
- * Made initscript more fault tolerant against missing lines in
- /etc/quagga/daemons (thanks to Ralf Hildebrandt). Closes: #323774
- * Added dependency to adduser.
-
- -- Christian Hammers <ch@debian.org> Tue, 13 Sep 2005 21:42:17 +0200
-
-quagga (0.99.1-4) unstable; urgency=low
-
- * Added French Debconf translation (thanks to Mohammed Adnene Trojette).
- Closes: #319324
- * Added Czech Debconf translation (thanks to Miroslav Kure).
- Closes: #318127
-
- -- Christian Hammers <ch@debian.org> Sun, 31 Jul 2005 04:19:41 +0200
-
-quagga (0.99.1-3) unstable; urgency=low
-
- * A Debconf question now asks the admin before upgrading if the daemon
- should really be stopped as this could lead to the loss of network
- connectivity or BGP flaps (thanks to Michael Horn and Achilleas Kotsis).
- Also added a hint about setting Quagga "on hold" to README.Debian.
- Closes: #315467
- * Added patch to build on Linux/ARM.
-
- -- Christian Hammers <ch@debian.org> Sun, 10 Jul 2005 22:19:38 +0200
-
-quagga (0.99.1-2) unstable; urgency=low
-
- * Fixed SNMP enabled command in debian/rules (thanks to Christoph Kluenter).
- Closes: #306840
-
- -- Christian Hammers <ch@debian.org> Sat, 4 Jun 2005 14:04:01 +0200
-
-quagga (0.99.1-1) unstable; urgency=low
-
- * New upstream version. Among others:
- - BGP graceful restart and "match ip route-source" added
- - support for interface renaming
- - improved threading for better responsivness under load
- * Switched to dpatch to make diffs cleaner.
- * Made autoreconf unnecessary.
- * Replaced quagga.dvi and quagga.ps by quagga.pdf in quagga-doc.
- (the PostScript would have needed Makefile corrections and PDF
- is more preferable anyway)
- * Added isisd to the list of daemons in /etc/init.d/quagga (thanks
- to Ernesto Elbe).
- * Added hint for "netlink-listen: overrun" messages (thanks to
- Hasso Tepper).
- * Added preinst check that bails out if old smux options are in use
- as Quagga would not start up else anyway (thanks to Bjorn Mork).
- Closes: #308320
-
- -- Christian Hammers <ch@debian.org> Fri, 13 May 2005 01:18:24 +0200
-
-quagga (0.98.3-7) unstable; urgency=high
-
- * Removed SNMP support as linking against NetSNMP introduced a dependency
- to OpenSSL which is not compatible to the GPL which governs this
- application (thanks to Faidon Liambotis). See README.Debian for more
- information. Closes: #306840
- * Changed listening address of ospf6d and ripngd from 127.0.0.1 to "::1".
- * Added build-dep to groff to let drafz-zebra-00.txt build correctly.
-
- -- Christian Hammers <ch@debian.org> Wed, 4 May 2005 20:08:14 +0200
-
-quagga (0.98.3-6) testing-proposed-updates; urgency=high
-
- * Removed "Recommends kernel-image-2.4" as aptitude then
- installes a kernel-image for an arbitrary architecture as long
- as it fullfill that recommendation which can obviously fatal
- at the next reboot :) Also it is a violation of the policy
- which mandates a reference to real packages (thanks to Holger Levsen).
- Closes: #307281
-
- -- Christian Hammers <ch@debian.org> Tue, 3 May 2005 22:53:39 +0200
-
-quagga (0.98.3-5) unstable; urgency=high
-
- * The patch which tried to remove the OpenSSL dependency, which is
- not only unneccessary but also a violation of the licence and thus RC,
- stopped working a while ago, since autoreconf is no longer run before
- building the binaries. So now ./configure is patched directly (thanks
- to Faidon Liambotis for reporting). Closes: #306840
- * Raised Debhelper compatibility level from 3 to 4. Nothing changed.
- * Added build-dep to texinfo (>= 4.7) to ease work for www.backports.org.
-
- -- Christian Hammers <ch@debian.org> Fri, 29 Apr 2005 02:31:03 +0200
-
-quagga (0.98.3-4) unstable; urgency=low
-
- * Removed Debconf upgrade note as it was considered a Debconf abuse
- and apart from that so obvious that it was not even worth to be
- put into NEWS.Debian (thanks to Steve Langasek). Closes: #306384
-
- -- Christian Hammers <ch@debian.org> Wed, 27 Apr 2005 00:10:24 +0200
-
-quagga (0.98.3-3) unstable; urgency=medium
-
- * Adding the debconf module due to a lintian suggestion is a very
- bad idea if no db_stop is called as the script hangs then (thanks
- to Tore Anderson for reporting). Closes: #306324
-
- -- Christian Hammers <ch@debian.org> Mon, 25 Apr 2005 21:55:58 +0200
-
-quagga (0.98.3-2) unstable; urgency=low
-
- * Added debconf confmodule to postinst as lintian suggested.
-
- -- Christian Hammers <ch@debian.org> Sun, 24 Apr 2005 13:16:00 +0200
-
-quagga (0.98.3-1) unstable; urgency=low
-
- * New upstream release.
- Mmost notably fixes last regression in bgpd (reannounce of prefixes
- with changed attributes works again), race condition in netlink
- handling while using IPv6, MTU changes handling in ospfd and several
- crashes in ospfd, bgpd and ospf6d.
-
- -- Christian Hammers <ch@debian.org> Mon, 4 Apr 2005 12:51:24 +0200
-
-quagga (0.98.2-2) unstable; urgency=low
-
- * Added patch to let Quagga compile with gcc-4.0 (thanks to
- Andreas Jochens). Closes: #300949
-
- -- Christian Hammers <ch@debian.org> Fri, 25 Mar 2005 19:33:30 +0100
-
-quagga (0.98.2-1) unstable; urgency=medium
-
- * Quoting the upstream announcement:
- The 0.98.1 release unfortunately was a brown paper bag release with
- respect to ospfd. [...] 0.98.2 has been released, with one crucial change
- to fix the unfortunate mistake in 0.98.1, which caused problems if
- ospfd became DR.
- * Note: the upstream tarball had a strange problem, apparently redhat.spec
- was twice in it? At least debuild gave a strange error message so I
- unpacked it by hand. No changes were made to the .orig.tar.gz!
-
- -- Christian Hammers <ch@debian.org> Fri, 4 Feb 2005 01:31:36 +0100
-
-quagga (0.98.1-1) unstable; urgency=medium
-
- * New upstream version
- "fixing a fatal OSPF + MD5 auth regression, and a non-fatal high-load
- regression in bgpd which were present in the 0.98.0 release."
- * Upstream version fixes bug in ospfd that could lead to crash when OSPF
- packages had a MTU > 1500. Closes: #290566
- * Added notice regarding capability kernel support to README.Debian
- (thanks to Florian Weimer). Closes: #291509
- * Changed permission setting in postinst script (thanks to Bastian Blank).
- Closes: #292690
-
- -- Christian Hammers <ch@debian.org> Tue, 1 Feb 2005 02:01:27 +0100
-
-quagga (0.98.0-3) unstable; urgency=low
-
- * Fixed problem in init script. Closes: #290317
- * Removed obsolete "smux peer enable" patch.
-
- -- Christian Hammers <ch@debian.org> Fri, 14 Jan 2005 17:37:27 +0100
-
-quagga (0.98.0-2) unstable; urgency=low
-
- * Updated broken TCP MD5 patch for BGP (thanks to John P. Looney
- for telling me).
-
- -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2005 02:03:54 +0100
-
-quagga (0.98.0-1) unstable; urgency=low
-
- * New upstream release
- * Added kernel-image-2.6 as alternative to 2.4 to the recommends
- (thanks to Faidon Liambotis). Closes: #289530
-
- -- Christian Hammers <ch@debian.org> Mon, 10 Jan 2005 19:36:17 +0100
-
-quagga (0.97.5-1) unstable; urgency=low
-
- * New upstream version.
- * Added Czech debconf translation (thanks to Miroslav Kure).
- Closes: #287293
- * Added Brazilian debconf translation (thanks to Andre Luis Lopes).
- Closes: #279352
-
- -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 23:49:57 +0100
-
-quagga (0.97.4-2) unstable; urgency=low
-
- * Fixed quagga.info build problem.
-
- -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 22:38:01 +0100
-
-quagga (0.97.4-1) unstable; urgency=low
-
- * New upstream release.
-
- -- Christian Hammers <ch@debian.org> Tue, 4 Jan 2005 01:45:22 +0100
-
-quagga (0.97.3-2) unstable; urgency=low
-
- * Included isisd in the daemon list.
- * Wrote an isisd manpage.
- * It is now ensured that zebra is always the last daemon to be stopped.
- * (Thanks to Hasso Tepper for mailing me a long list of suggestions
- which lead to this release)
-
- -- Christian Hammers <ch@debian.org> Sat, 18 Dec 2004 13:14:55 +0100
-
-quagga (0.97.3-1) unstable; urgency=medium
-
- * New upstream version.
- - Fixes important OSPF bug.
- * Added ht-20040911-smux.patch regarding Quagga bug #112.
- * Updated ht-20041109-0.97.3-bgp-md5.patch for BGP with TCP MD5
- (thanks to Matthias Wamser).
-
- -- Christian Hammers <ch@debian.org> Tue, 9 Nov 2004 17:45:26 +0100
-
-quagga (0.97.2-4) unstable; urgency=low
-
- * Added Portuguese debconf translation (thanks to Andre Luis Lopes).
- Closes: #279352
- * Disabled ospfapi server by default on recommendation of Paul Jakma.
-
- -- Christian Hammers <ch@debian.org> Sun, 7 Nov 2004 15:07:05 +0100
-
-quagga (0.97.2-3) unstable; urgency=low
-
- * Added Andrew Schorrs VTY Buffer patch from the [quagga-dev 1729].
-
- -- Christian Hammers <ch@debian.org> Tue, 2 Nov 2004 00:46:56 +0100
-
-quagga (0.97.2-2) unstable; urgency=low
-
- * Changed file and directory permissions and ownerships according to a
- suggestion from Paul Jakma. Still not perfect though.
- * Fixed upstream vtysh.conf.sample file.
- * "ip ospf network broadcast" is now saved correctly. Closes: #244116
- * Daemon options are now in /etc/quagga/debian.conf to be user
- configurable (thanks to Simon Raven and Hasso Tepper). Closes: #266715
-
- -- Christian Hammers <ch@debian.org> Tue, 26 Oct 2004 23:35:45 +0200
-
-quagga (0.97.2-1) unstable; urgency=low
-
- * New upstream version.
- Closes: #254541
- * Fixed warning on unmodular kernels (thanks to Christoph Biedl).
- Closes: #277973
-
- -- Christian Hammers <ch@debian.org> Mon, 25 Oct 2004 00:47:04 +0200
-
-quagga (0.97.1-2) unstable; urgency=low
-
- * Version 0.97 introduced shared libraries. They are now included.
- (thanks to Raf D'Halleweyn). Closes: #277446
-
- -- Christian Hammers <ch@debian.org> Wed, 20 Oct 2004 15:32:06 +0200
-
-quagga (0.97.1-1) unstable; urgency=low
-
- * New upstream version.
- * Removed some obsolete files from debian/patches.
- * Added patch from upstream bug 113. Closes: #254541
- * Added patch from upstream that fixes a compilation problem in the
- ospfclient code (thanks to Hasso Tepper).
- * Updated German debconf translation (thanks to Jens Nachtigall)
- Closes: #277059
-
- -- Christian Hammers <ch@debian.org> Mon, 18 Oct 2004 01:16:35 +0200
-
-quagga (0.96.5-11) unstable; urgency=low
-
- * Fixed /tmp/buildd/* paths in binaries.
- For some unknown reason the upstream Makefile modified a .h file at
- the end of the "debian/rules build" target. During the following
- "make install" one library got thus be re*compiled* - with /tmp/buildd
- paths as sysconfdir (thanks to Peder Chr. Norgaard). Closes: #274050
-
- -- Christian Hammers <ch@debian.org> Fri, 1 Oct 2004 01:21:02 +0200
-
-quagga (0.96.5-10) unstable; urgency=medium
-
- * The BGP routing daemon might freeze on network disturbances when
- their peer is also a Quagga/Zebra router.
- Applied patch from http://bugzilla.quagga.net/show_bug.cgi?id=102
- which has been confirmed by the upstream author.
- (thanks to Gunther Stammwitz)
- * Changed --enable-pam to --with-libpam (thanks to Hasso Tepper).
- Closes: #264562
- * Added patch for vtysh (thanks to Hasso Tepper). Closes: #215919
-
- -- Christian Hammers <ch@debian.org> Mon, 9 Aug 2004 15:33:02 +0200
-
-quagga (0.96.5-9) unstable; urgency=low
-
- * Rewrote the documentation chapter about SNMP support. Closes: #195653
- * Added MPLS docs.
-
- -- Christian Hammers <ch@debian.org> Thu, 29 Jul 2004 21:01:52 +0200
-
-quagga (0.96.5-8) unstable; urgency=low
-
- * Adjusted a grep in the initscript to also match a modprobe message
- from older modutils packages (thanks to Faidon Paravoid).
-
- -- Christian Hammers <ch@debian.org> Wed, 28 Jul 2004 21:19:02 +0200
-
-quagga (0.96.5-7) unstable; urgency=low
-
- * Added a "cd /etc/quagga/" to the init script as quagga tries to load
- the config file first from the current working dir and then from the
- config dir which could lead to confusion (thanks to Marco d'Itri).
- Closes: #255078
- * Removed warning regarding problems with the Debian kernels from
- README.Debian as they are no longer valid (thanks to Raphael Hertzog).
- Closes: #257580
- * Added patch from Hasso Tepper that makes "terminal length 0" work
- in vtysh (thanks to Matthias Wamser). Closes: #252579
-
- -- Christian Hammers <ch@debian.org> Thu, 8 Jul 2004 21:53:21 +0200
-
-quagga (0.96.5-6) unstable; urgency=low
-
- * Try to load the capability module as it is needed now.
-
- -- Christian Hammers <ch@debian.org> Tue, 8 Jun 2004 23:25:29 +0200
-
-quagga (0.96.5-5) unstable; urgency=low
-
- * Changed the homedir of the quagga user to /etc/quagga/ to allow
- admins to put ~/.ssh/authorized_keys there (thanks to Matthias Wamser).
- Closes: #252577
-
- -- Christian Hammers <ch@debian.org> Sat, 5 Jun 2004 14:47:31 +0200
-
-quagga (0.96.5-4) unstable; urgency=medium
-
- * Fixed rules file to use the renamed ./configure option --enable-tcp-md5
- (thanks to Matthias Wamser). Closes: #252141
-
- -- Christian Hammers <ch@debian.org> Tue, 1 Jun 2004 22:58:32 +0200
-
-quagga (0.96.5-3) unstable; urgency=low
-
- * Provided default binary package name to all build depends that were
- virtual packages (thanks to Goswin von Brederlow). Closes: #251625
-
- -- Christian Hammers <ch@debian.org> Sat, 29 May 2004 22:48:53 +0200
-
-quagga (0.96.5-2) unstable; urgency=low
-
- * New upstream version.
- * New md5 patch version (thanks to Niklas Jakobsson and Hasso Tepper).
- Closes: #250985
- * Fixes info file generation (thanks to Peder Chr. Norgaard).
- Closes: #250992
- * Added catalan debconf translation (thanks to Aleix Badia i Bosch).
- Closes: #250118
- * PATCHES:
- This release contains BGP4 MD5 support which requires a kernel patch
- to work. See /usr/share/doc/quagga/README.Debian.MD5.
- (The patch is ht-20040525-0.96.5-bgp-md5.patch from Hasso Tepper)
-
- -- Christian Hammers <ch@debian.org> Thu, 27 May 2004 20:09:37 +0200
-
-quagga (0.96.5-1) unstable; urgency=low
-
- * New upstream version.
- * PATCHES:
- This release contains BGP4 MD5 support which also requires a kernel patch.
- See /usr/share/doc/quagga/README.Debian.MD5 and search for CAN-2004-0230.
-
- -- Christian Hammers <ch@debian.org> Sun, 16 May 2004 17:40:40 +0200
-
-quagga (0.96.4x-10) unstable; urgency=low
-
- * SECURITY:
- This release contains support for MD5 for BGP which is one suggested
- prevention of the actually long known TCP SYN/RST attacks which got
- much news in the last days as ideas were revealed that made them much
- easier probable agains especially the BGP sessions than commonly known.
- There are a lot of arguments agains the MD5 approach but some ISPs
- started to require it.
- See: CAN-2004-0230, http://www.us-cert.gov/cas/techalerts/TA04-111A.html
- * PATCHES:
- This release contains the MD5 patch from Hasso Tepper. It also seems to
- required a kernel patch. See /usr/share/doc/quagga/README.Debian.MD5.
-
- -- Christian Hammers <ch@debian.org> Thu, 29 Apr 2004 01:01:38 +0200
-
-quagga (0.96.4x-9) unstable; urgency=low
-
- * Fixed daemon loading order (thanks to Matt Kemner).
- * Fixed typo in init script (thanks to Charlie Brett). Closes: #238582
-
- -- Christian Hammers <ch@debian.org> Sun, 4 Apr 2004 15:32:18 +0200
-
-quagga (0.96.4x-8) unstable; urgency=low
-
- * Patched upstream source so that quagga header files end up in
- /usr/include/quagga/. Closes: #233792
-
- -- Christian Hammers <ch@debian.org> Mon, 23 Feb 2004 01:42:53 +0100
-
-quagga (0.96.4x-7) unstable; urgency=low
-
- * Fixed info file installation (thanks to Holger Dietze). Closes: #227579
- * Added Japanese translation (thanks to Hideki Yamane). Closes: #227812
-
- -- Christian Hammers <ch@debian.org> Sun, 18 Jan 2004 17:28:29 +0100
-
-quagga (0.96.4x-6) unstable; urgency=low
-
- * Added dependency to iproute.
- * Initscript now checks not only for the pid file but also for the
- daemons presence (thanks to Phil Gregory). Closes: #224389
- * Added my patch to configure file permissions.
-
- -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 22:34:29 +0100
-
-quagga (0.96.4x-5) unstable; urgency=low
-
- * Added patch which gives bgpd the CAP_NET_RAW capability to allow it
- to bind to special IPv6 link-local interfaces (Thanks to Bastian Blank).
- Closes: #222930
- * Made woody backport easier by applying Colin Watsons po-debconf hack.
- Thanks to Marc Haber for suggesting it. Closes: #223527
- * Made woody backport easier by applying a patch that removes some
- obscure whitespaces inside an C macro. (Thanks to Marc Haber).
- Closes: #223529
- * Now uses /usr/bin/pager. Closes: #204070
- * Added note about the "official woody backports" on my homepage.
-
- -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 20:39:06 +0100
-
-quagga (0.96.4x-4) unstable; urgency=high
-
- * SECURITY:
- Fixes another bug that was originally reported against Zebra.
- .
- http://rhn.redhat.com/errata/RHSA-2003-307.html
- Herbert Xu reported that Zebra can accept spoofed messages sent on the
- kernel netlink interface by other users on the local machine. This could
- lead to a local denial of service attack. The Common Vulnerabilities and
- Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to
- this issue.
-
- * Minor improvements to init script (thanks to Iustin Pop).
- Closes: #220938
-
- -- Christian Hammers <ch@debian.org> Sat, 22 Nov 2003 13:27:57 +0100
-
-quagga (0.96.4x-3) unstable; urgency=low
-
- * Changed "more" to "/usr/bin/pager" as default pager if $PAGER or
- $VTYSH_PAGER is not set (thanks to Bastian Blank). Closes: #204070
- * Made the directory (but not the config/log files!) world accessible
- again on user request (thanks to Anand Kumria)). Closes: #213129
- * No longer providing sample configuration in /etc/quagga/. They are
- now only available in /usr/share/doc/quagga/ to avoid accidently
- using them without changing the adresses (thanks to Marc Haber).
- Closes: #215918
-
- -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 16:59:30 +0100
-
-quagga (0.96.4x-2) unstable; urgency=low
-
- * Fixed permission problem with pidfile (thanks to Kir Kostuchenko).
- Closes: #220938
-
- -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 14:24:08 +0100
-
-quagga (0.96.4x-1) unstable; urgency=low
-
- * Reupload of 0.96.4. Last upload-in-a-hurry produced a totally
- crappy .tar.gz file. Closes: #220621
-
- -- Christian Hammers <ch@debian.org> Fri, 14 Nov 2003 19:45:57 +0100
-
-quagga (0.96.4-1) unstable; urgency=high
-
- * SECURITY: Remote DoS of protocol daemons.
- Fix for a remote triggerable crash in vty layer. The management
- ports ("telnet myrouter ospfd") should not be open to the internet!
-
- * New upstream version.
- - OSPF bugfixes.
- - Some improvements for bgp and rip.
-
- -- Christian Hammers <ch@debian.org> Thu, 13 Nov 2003 11:52:27 +0100
-
-quagga (0.96.3-3) unstable; urgency=low
-
- * Fixed pid file generation by substituting the daemons "-d" by the
- start-stop-daemon option "--background" (thanks to Micha Gaisser).
- Closes: #218103
-
- -- Christian Hammers <ch@debian.org> Wed, 29 Oct 2003 05:17:49 +0100
-
-quagga (0.96.3-2) unstable; urgency=low
-
- * Readded GNOME-PRODUCT-ZEBRA-MIB.
-
- -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 06:17:03 +0200
-
-quagga (0.96.3-1) unstable; urgency=medium
-
- * New upstream version.
- * Removed -u and -e in postrm due to problems with debhelper and userdel
- (thanks to Adam Majer and Jaakko Niemi). Closes: #216770
- * Removed SNMP MIBs as they are now included in libsnmp-base (thanks to
- David Engel and Peter Gervai). Closes: #216138, #216086
- * Fixed seq command in init script (thanks to Marc Haber). Closes: #215915
- * Improved /proc check (thanks to Marc Haber). Closes: #212331
-
- -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 03:42:02 +0200
-
-quagga (0.96.2-9) unstable; urgency=medium
-
- * Removed /usr/share/info/dir.* which were accidently there and prevented
- the installation by dpkg (thanks to Simon Raven). Closes: #212614
- * Reworded package description (thanks to Anand Kumria). Closes: #213125
- * Added french debconf translation (thanks to Christian Perrier).
- Closes: #212803
-
- -- Christian Hammers <ch@debian.org> Tue, 7 Oct 2003 13:26:58 +0200
-
-quagga (0.96.2-8) unstable; urgency=low
-
- * debian/rules now checks if /proc is mounted as ./configure needs
- it but just fails with an obscure error message if it is absent.
- (Thanks to Norbert Tretkowski). Closes: #212331
-
- -- Christian Hammers <ch@debian.org> Tue, 23 Sep 2003 12:57:38 +0200
-
-quagga (0.96.2-7) unstable; urgency=low
-
- * Last build was rejected due to a buggy dpkg-dev version. Rebuild.
-
- -- Christian Hammers <ch@debian.org> Mon, 22 Sep 2003 20:34:12 +0200
-
-quagga (0.96.2-6) unstable; urgency=low
-
- * Fixed init script so that is is now possible to just start
- the bgpd but not the zebra daemon. Also daemons are now actually
- started in the order defined their priority. (Thanks to Thomas Kaehn
- and Jochen Friedrich) Closes: #210924
-
- -- Christian Hammers <ch@debian.org> Fri, 19 Sep 2003 21:17:02 +0200
-
-quagga (0.96.2-5) unstable; urgency=low
-
- * For using quagga as BGP route server or similar, it is not
- wanted to have the zebra daemon running too. For this reason
- it can now be disabled in /etc/quagga/daemons, too.
- (Thanks to Jochen Friedrich). Closes: #210924
- * Attached *unapplied* patch for the ISIS protocol. I did not dare
- to apply it as long as upstream does not do it but this way give
- users the possibilities to use it if they like to.
- (Thanks to Remco van Mook)
-
- -- Christian Hammers <ch@debian.org> Wed, 17 Sep 2003 19:57:31 +0200
-
-quagga (0.96.2-4) unstable; urgency=low
-
- * Enabled IPV6 router advertisement feature by default on user request
- (thanks to Jochen Friedrich and Hasso Tepper). Closes: #210732
- * Updated GNU autoconf to let it build on hppa/parisc64 (thanks to
- lamont). Closes: #210492
-
- -- Christian Hammers <ch@debian.org> Sat, 13 Sep 2003 14:11:13 +0200
-
-quagga (0.96.2-3) unstable; urgency=medium
-
- * Removed unnecessary "-lcrypto" to avoid dependency against OpenSSL
- which would require further copyright addtions.
-
- -- Christian Hammers <ch@debian.org> Wed, 10 Sep 2003 01:37:28 +0200
-
-quagga (0.96.2-2) unstable; urgency=low
-
- * Added note that config files of quagga are in /etc/quagga and
- not /etc/zebra for the zebra users that migrate to quagga.
- (Thanks to Roberto Suarez Soto for the idea)
- * Fixed setgid rights in /etc/quagga.
-
- -- Christian Hammers <ch@debian.org> Wed, 27 Aug 2003 14:05:39 +0200
-
-quagga (0.96.2-1) unstable; urgency=low
-
- * This package has formally been known as "zebra-pj"!
- * New upstream release.
- Fixes "anoying OSPF problem".
- * Modified group ownerships so that vtysh can now be used by normal
- uses if they are in the quaggavty group.
-
- -- Christian Hammers <ch@debian.org> Mon, 25 Aug 2003 23:40:14 +0200
-
-quagga (0.96.1-1) unstable; urgency=low
-
- * Zebra-pj, the fork of zebra has been renamed to quagga as the original
- upstream author asked the new project membed not to use "zebra" in the
- name. zebra-pj is obsolete.
-
- -- Christian Hammers <ch@debian.org> Mon, 18 Aug 2003 23:37:20 +0200
-
-zebra-pj (0.94+cvs20030721-1) unstable; urgency=low
-
- * New CVS build.
- - OSPF changes (integration of the OSPF API?)
- - code cleanups (for ipv6?)
- * Tightened Build-Deps to gcc-2.95 as 3.x does not compile a stable ospfd.
- This is a known problem and has been discussed on the mailing list.
- No other solutions so far.
-
- -- Christian Hammers <ch@debian.org> Mon, 21 Jul 2003 23:52:00 +0200
-
-zebra-pj (0.94+cvs20030701-1) unstable; urgency=low
-
- * Initial Release.
-
- -- Christian Hammers <ch@debian.org> Tue, 1 Jul 2003 01:58:06 +0200
+++ /dev/null
-Source: frr
-Section: net
-Priority: optional
-Maintainer: Christian Hammers <ch@debian.org>
-Uploaders: Florian Weimer <fw@debian.org>
-Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, po-debconf, autotools-dev, hardening-wrapper, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson0, libjson0-dev, dh-systemd, libsystemd-dev, python-ipaddr, bison, flex, libc-ares-dev, python3-dev
-Standards-Version: 3.9.6
-Homepage: http://www.frr.net/
-XS-Testsuite: autopkgtest
-
-Package: frr
-Architecture: any
-Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), iproute2 | iproute, ${misc:Depends}, libc-ares2
-Pre-Depends: adduser
-Conflicts: zebra, zebra-pj, quagga
-Replaces: zebra, zebra-pj
-Suggests: snmpd
-Description: BGP/OSPF/RIP routing daemon
- Frr is free software which manages TCP/IP based routing protocols.
- It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, and RIPng as
- well as the IPv6 versions of these.
- .
- Frr uses threading if the kernel supports it, but can also run on
- kernels that do not support threading. Each protocol has its own daemon.
- .
- It is more than a routed replacement, it can be used as a Route Server and
- a Route Reflector.
-
-Package: frr-dbg
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
-Priority: extra
-Section: debug
-Description: BGP/OSPF/RIP routing daemon (debug symbols)
- This package provides debugging symbols for all binary packages built from
- frr source package. It's highly recommended to have this package installed
- before reporting any Frr crashes to either Frr developers or Debian
- package maintainers.
-
-Package: frr-doc
-Section: net
-Architecture: all
-Depends: ${misc:Depends}
-Suggests: frr
-Description: documentation files for frr
- This package includes info files for frr, a free software which manages
- TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
- IS-IS, RIPv1, RIPv2, and RIPng as well as the IPv6 versions of these.
+++ /dev/null
-Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: Frr
-Upstream-Contact: maintainers@frrouting.org, security@frrouting.org
-Source: http://www.frrouting.org/
-
-Files: *
-Copyright: 1996-2003 by the original Zebra authors:
- Kunihiro Ishiguro <kunihiro@zebra.org>
- Toshiaki Takada <takada@zebra.org>
- Yasuhiro Ohara <yasu@sfc.wide.ad.jp>
- 2003-2012 by the Quagga Project, mostly Paul Jakma <paul@jakma.org>
-License: GPL-2+
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
- .
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- .
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- .
- On Debian systems, the full text of the GNU General Public
- License version 2 can be found in the file
- `/usr/share/common-licenses/GPL-2'.
+++ /dev/null
-AUTHORS
-NEWS
-README
-REPORTING-BUGS
-doc/BGP-TypeCode
-doc/draft-zebra-00.txt
-doc/mpls/
-bgpd/BGP4-MIB.txt
+++ /dev/null
-doc/frr.info*
+++ /dev/null
-usr/share/info
+++ /dev/null
-frr-doc: wrong-section-according-to-package-name frr-doc => doc
+++ /dev/null
-# Create the /run/frr directory at boot or from systemd-tmpfiles on install
-d /run/frr 0755 frr frr
+++ /dev/null
-#!/bin/bash -e
-
-. /usr/share/debconf/confmodule
-
+++ /dev/null
-etc/logrotate.d/
-etc/frr/
-etc/iproute2/rt_protos.d/
-usr/share/doc/frr/
-usr/share/doc/frr/examples/
-usr/share/lintian/overrides/
-usr/share/snmp/mibs/
-var/log/frr/
+++ /dev/null
-tools
-debian/README.Debian
+++ /dev/null
-etc/frr/
-usr/bin/vtysh
-usr/include/frr/
-usr/lib/
-tools/frr-reload.py usr/lib/frr/
-tools/frr usr/lib/frr
-usr/share/doc/frr/
-usr/share/man/man1/vtysh.1
-usr/share/man/man1/frr.1
-usr/share/man/man8
-usr/share/man/man8/bgpd.8
-usr/share/man/man8/ospf6d.8
-usr/share/man/man8/ospfd.8
-usr/share/man/man8/ripd.8
-usr/share/man/man8/ripngd.8
-usr/share/man/man8/zebra.8
-usr/share/man/man8/isisd.8
-usr/share/man/man8/watchfrr.8
-usr/share/man/man8/frr-args.8
-usr/share/snmp/mibs/
-tools/etc/* etc/
-tools/*.service lib/systemd/system
-debian/frr.conf usr/lib/tmpfiles.d
+++ /dev/null
-frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrrospfapiclient.so.0.0.0 usr/lib/libfrrospfapiclient.so
-frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrr.so.0.0.0 usr/lib/libfrr.so
-frr: package-name-doesnt-match-sonames libfrrospf0 libfrrospfapiclient0 libfrr0
+++ /dev/null
-/var/log/frr/*.log {
- size 500k
- sharedscripts
- missingok
- compress
- rotate 14
- create 640 frr frrvty
-
- postrotate
- pid=$(lsof -t -a -c /syslog/ /var/log/frr/* 2>/dev/null)
- if [ -n "$pid" ]
- then # using syslog
- kill -HUP $pid
- fi
- # in case using file logging; if switching back and forth
- # between file and syslog, rsyslogd might still have file
- # open, as well as the daemons, so always signal the daemons.
- # It's safe, a NOP if (only) syslog is being used.
- for i in babeld bgpd eigrpd isisd ldpd nhrpd ospf6d ospfd \
- pimd ripd ripngd zebra ; do
- if [ -e /var/run/frr/$i.pid ] ; then
- pids="$pids $(cat /var/run/frr/$i.pid)"
- fi
- done
- [ -n "$pids" ] && kill -USR1 $pids || true
- endscript
-}
+++ /dev/null
-doc/bgpd.8
-doc/ospf6d.8
-doc/ospfd.8
-doc/ripd.8
-doc/ripngd.8
-doc/vtysh.1
-doc/zebra.8
-doc/isisd.8
-doc/watchfrr.8
+++ /dev/null
-# Any user may call vtysh but only those belonging to the group frrvty can
-# actually connect to the socket and use the program.
-auth sufficient pam_permit.so
+++ /dev/null
-#!/bin/bash -e
-
-######################
-PASSWDFILE=/etc/passwd
-GROUPFILE=/etc/group
-
-frruid=`egrep "^frr:" $PASSWDFILE | awk -F ":" '{ print $3 }'`
-frrgid=`egrep "^frr:" $GROUPFILE | awk -F ":" '{ print $3 }'`
-frrvtygid=`egrep "^frrvty:" $GROUPFILE | awk -F ":" '{ print $3 }'`
-
-[ -n ${frruid} ] || (echo "No uid for frr in ${PASSWDFILE}" && /bin/false)
-[ -n ${frrgid} ] || (echo "No gid for frr in ${GROUPFILE}" && /bin/false)
-[ -n ${frrVTYgid} ] || (echo "No gid for frrvty in ${GROUPFILE}" && /bin/false)
-
-chown -R ${frruid}:${frrgid} /etc/frr
-touch /etc/frr/vtysh.conf
-chgrp ${frrvtygid} /etc/frr/vtysh*
-chmod 644 /etc/frr/*
-
-ENVIRONMENTFILE=/etc/environment
-if ! grep --quiet VTYSH_PAGER=/bin/cat ${ENVIRONMENTFILE}; then
- echo "VTYSH_PAGER=/bin/cat" >> ${ENVIRONMENTFILE}
-fi
-##################################################
-
-if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
-${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
-
-# This is most likely due to the answer "no" to the "really stop the server"
-# question in the prerm script.
-if [ "$1" = "abort-upgrade" ]; then
- exit 0
-fi
-
-. /usr/share/debconf/confmodule
-
-db_stop
-
-#DEBHELPER#
-
+++ /dev/null
-#!/bin/bash -e
-
-if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
-${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
-# set -u not because of debhelper
-
-if [ "$1" = "purge" ]; then
- rm -rf /etc/frr /var/run/frr /var/log/frr
- userdel frr >/dev/null 2>&1 || true
-fi
-
-#DEBHELPER#
+++ /dev/null
-#!/bin/bash
-
-if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
-${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
-set -e
-set -u
-
-# creating frrvty group if it isn't already there
-if ! getent group frrvty >/dev/null; then
- addgroup --system frrvty >/dev/null
-fi
-
-# creating frr group if it isn't already there
-if ! getent group frr >/dev/null; then
- addgroup --system frr >/dev/null
-fi
-
-# creating frr user if he isn't already there
-if ! getent passwd frr >/dev/null; then
- adduser \
- --system \
- --ingroup frr \
- --home /var/run/frr/ \
- --gecos "Frr routing suite" \
- --shell /bin/false \
- frr >/dev/null
-fi
-
-# We may be installing over an older version of
-# frr and as such we need to intelligently
-# check to see if the frr user is in the frrvty
-# group.
-if ! /usr/bin/id frr | grep &>/dev/null 'frrvty'; then
- usermod -a -G frrvty frr >/dev/null
-fi
-
-# Do not change permissions when upgrading as it would violate policy.
-if [ "$1" = "install" ]; then
- # Logfiles are group readable in case users were put into the frr group.
- d=/var/log/frr/
- mkdir -p $d
- chown -R frr:frr $d
- chmod u=rwx,go=rx $d
- find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
-
- # Strict permissions for the sockets.
- d=/var/run/frr/
- mkdir -p $d
- chown -R frr:frr $d
- chmod u=rwx,go=rx $d
- find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,go=
-
- # Config files. Vtysh does not have access to the individual daemons config file
- d=/etc/frr/
- mkdir -p $d
- chown frr:frrvty $d
- chmod ug=rwx,o=rx $d
- find $d -type f -print0 | xargs -0 --no-run-if-empty chown frr:frr
- find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
-
- # Exceptions for vtysh.
- f=$d/vtysh.conf
- if [ -f $f ]; then
- chown frr:frrvty $f
- chmod u=rw,g=r,o= $f
- fi
-
- # Exceptions for vtysh.
- f=$d/frr.conf
- if [ -f $d/Zebra.conf ]; then
- mv $d/Zebra.conf $f
- fi
- if [ -f $f ]; then
- chown frr:frrvty $f
- chmod u=rw,g=r,o= $f
- fi
-fi
-
-#DEBHELPER#
+++ /dev/null
-#!/bin/bash -e
-
-. /usr/share/debconf/confmodule
-
-if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
-${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
-
-# prerm remove
-# old-prerm upgrade new-version
-# new-prerm failed-upgrade old-version
-# conflictor's-prerm remove in-favour package new-version
-# deconfigured's-prerm deconfigure in-favour package-being-installed version removing conflicting-package
-case $1 in
- remove|upgrade)
- ;;
-
- failed-upgrade)
- # If frr/really_stop was negated then this script exits with return
- # code 1 and is called again with "failed-upgrade". Well, exit again.
- exit 1
- ;;
-
-esac
-
-#DEBHELPER#
+++ /dev/null
-Description: Change example to make it compatible with the Debian init scripts
- per default.
-Author: Christian Hammers <ch@debian.org>
-
---- old/vtysh/vtysh.conf.sample.orig 2004-10-30 23:07:40.000000000 +0200
-+++ new/vtysh/vtysh.conf.sample 2004-10-30 23:08:24.000000000 +0200
-@@ -1,7 +1,7 @@
- !
- ! Sample configuration file for vtysh.
- !
--!service integrated-vtysh-config
-+service integrated-vtysh-config
- !hostname quagga-router
--!username root nopassword
-+username root nopassword
- !
+++ /dev/null
-Description: Use the pager program that was choosen with the Debian
- update-alternative system. (Updated line numbers for 0.99.22)
-Author: Christian Hammers <ch@debian.org>
-
---- old/vtysh/vtysh.c.orig 2004-10-18 01:23:16.000000000 +0200
-+++ new/vtysh/vtysh.c 2004-10-18 01:25:15.000000000 +0200
-@@ -265,10 +265,16 @@
-
- pager_defined = getenv ("VTYSH_PAGER");
-
-- if (pager_defined)
-+ if (pager_defined) {
- vtysh_pager_name = strdup (pager_defined);
-- else
-- vtysh_pager_name = strdup ("more");
-+ } else {
-+ struct stat pager_stat;
-+ if (stat("/usr/bin/pager", &pager_stat) == 0) {
-+ vtysh_pager_name = strdup ("/usr/bin/pager");
-+ } else {
-+ vtysh_pager_name = strdup ("more");
-+ }
-+ }
- }
-
- /* Command execution over the vty interface. */
+++ /dev/null
-Description: Fixes group permission. (line numbers adjusted for 0.99.22)
-
-Index: quagga-0.99.23.1/vtysh/vtysh.c
-===================================================================
---- quagga-0.99.23.1.orig/vtysh/vtysh.c 2015-04-16 07:58:08.000000000 -0700
-+++ quagga-0.99.23.1/vtysh/vtysh.c 2015-04-16 08:02:16.108035000 -0700
-@@ -26,6 +26,8 @@
- #include <sys/wait.h>
- #include <sys/resource.h>
- #include <sys/stat.h>
-+#include <sys/types.h>
-+#include <grp.h>
-
- #include <readline/readline.h>
- #include <readline/history.h>
-@@ -2026,6 +2028,9 @@
- char line[] = "write terminal\n";
- FILE *fp, *fp1;
-
-+ /* Setting file permissions */
-+ struct group *quagga_vty_group;
-+
- fprintf (stdout,"Building Configuration...\n");
-
- backup_config_file(integrate_default);
-@@ -2058,16 +2063,31 @@
-
- fclose (fp);
-
-+ errno = 0;
-+ if ((quagga_vty_group = getgrnam(VTY_GROUP)) == NULL)
-+ {
-+ fprintf (stdout, "%% Can't get group %s: %s (%d)\n",
-+ VTY_GROUP, strerror(errno), errno);
-+ return CMD_WARNING;
-+ }
-+
-+ if ((chown(integrate_default, -1, quagga_vty_group->gr_gid)) != 0)
-+ {
-+ fprintf (stdout,"%% Can't chown configuration file %s: %s (%d)\n",
-+ integrate_default, strerror(errno), errno);
-+ return CMD_WARNING;
-+ }
-+
- if (chmod (integrate_default, CONFIGFILE_MASK) != 0)
- {
-- fprintf (stdout,"%% Can't chmod configuration file %s: %s (%d)\n",
-+ fprintf (stdout,"%% Can't chmod configuration file %s: %s (%d)\n",
- integrate_default, safe_strerror(errno), errno);
- return CMD_WARNING;
- }
-
- if (chmod (host.config, CONFIGFILE_MASK) != 0)
- {
-- fprintf (stdout,"%% Can't chmod configuration file %s: %s (%d)\n",
-+ fprintf (stdout,"%% Can't chmod configuration file %s: %s (%d)\n",
- integrate_default, safe_strerror(errno), errno);
- return CMD_WARNING;
- }
+++ /dev/null
-Description: Adds explanation why vtysh does not work if PAM fails.
-Author: Christian Hammers <ch@debian.org>
-
---- old/vtysh/vtysh_user.c.orig 2006-11-03 01:53:58.000000000 +0100
-+++ new/vtysh/vtysh_user.c 2006-11-03 01:59:02.000000000 +0100
-@@ -60,2 +60,4 @@ vtysh_pam (const char *user)
- ret = pam_authenticate (pamh, 0);
-+ if (ret != PAM_SUCCESS)
-+ printf("Not authenticated. Check /etc/pam.d/quagga.\n");
- /* printf ("ret %d\n", ret); */
+++ /dev/null
-Description: To make checklib happy.
- See http://rerun.lefant.net/checklib/log.quagga_0.99.5-1.html
- (adjusted for 0.99.2)
-Author: Christian Hammers <ch@debian.org>
-
---- old/configure 2011-09-27 00:30:23.000000000 +0200
-+++ new/configure 2011-09-27 00:30:28.000000000 +0200
-@@ -14207,7 +14207,8 @@
- $as_echo_n "(cached) " >&6
- else
- ac_check_lib_save_LIBS=$LIBS
--LIBS="-ltermcap $LIBS"
-+#42#DEBIAN# LIBS="-ltermcap $LIBS"
-+LIBS="$LIBS"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h. */
-
-@@ -14238,7 +14238,8 @@
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_termcap_tputs" >&5
- $as_echo "$ac_cv_lib_termcap_tputs" >&6; }
- if test "x$ac_cv_lib_termcap_tputs" = xyes; then :
-- LIBREADLINE="$LIBREADLINE -ltermcap"
-+ #42#DEBIAN# LIBREADLINE="$LIBREADLINE -ltermcap"
-+ LIBREADLINE="$LIBREADLINE "
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for tputs in -ltinfo" >&5
- $as_echo_n "checking for tputs in -ltinfo... " >&6; }
-@@ -14285,7 +14289,8 @@
- $as_echo_n "(cached) " >&6
- else
- ac_check_lib_save_LIBS=$LIBS
--LIBS="-lcurses $LIBS"
-+#42#DEBIAN# LIBS="-lcurses $LIBS"
-+LIBS="$LIBS"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h. */
-
-@@ -14355,7 +14355,8 @@
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ncurses_tputs" >&5
- $as_echo "$ac_cv_lib_ncurses_tputs" >&6; }
- if test "x$ac_cv_lib_ncurses_tputs" = xyes; then :
-- LIBREADLINE="$LIBREADLINE -lncurses"
-+ #42#DEBIAN# LIBREADLINE="$LIBREADLINE -lncurses"
-+ LIBREADLINE="$LIBREADLINE"
- fi
-
-
+++ /dev/null
-90_configure_ncurses.diff
-82_vtysh__vtysh_user.c__pam.diff
-80_vtysh__vtysh.c__privs.diff
-75_vtysh__vtysh.c__PAGER.diff
-50_vtysh__vtysh.conf.sample.diff
+++ /dev/null
-[type: gettext/rfc822deb] quagga.templates
+++ /dev/null
-#
-# Translators, if you are not familiar with the PO format, gettext
-# documentation is worth reading, especially sections dedicated to
-# this format, e.g. by running:
-# info -n '(gettext)PO Files'
-# info -n '(gettext)Header Entry'
-#
-# Some information specific to po-debconf are available at
-# /usr/share/doc/po-debconf/README-trans
-# or http://www.debian.org/intl/l10n/po-debconf/README-trans
-#
-# Developers do not need to manually edit POT or PO files.
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2005-07-13 18:52+0200\n"
-"Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
-"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
-"Language: cs\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Opravdu chcete zastavit daemon Quagga?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"VAROVÁNÍ: Abyste mohli pokračovat, musí se směrovací daemon Quagga "
-"pozastavit. To může vést ke zpanikaření BGP nebo ke ztrátě konektivity."
+++ /dev/null
-# Danish translation quagga.
-# Copyright (C) 2010 quagga & nedenstående oversættere.
-# This file is distributed under the same license as the quagga package.
-# Joe Hansen <joedalton2@yahoo.dk>, 2010.
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2010-09-09 23:51+0200\n"
-"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
-"Language-Team: Danish <debian-l10n-danish@lists.debian.org> \n"
-"Language: \n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Ønsker du virkelig at stoppe dæmonen Quagga?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"ADVARSEL: Ruteplanlægningsdæmonen Quagga skal stoppes for at fortsætte. "
-"Dette kan føre til BGP-udfald eller tab af netværksforbindelse."
+++ /dev/null
-# translation of po-debconf template to German
-# Copyright (C) 2007, Matthias Julius
-# This file is distributed under the same license as the quagga package.
-#
-# Matthias Julius <mdeb@julius-net.net>, 2007.
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga 0.99.6-2\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2007-02-01 19:32-0500\n"
-"Last-Translator: Matthias Julius <mdeb@julius-net.net>\n"
-"Language-Team: German <debian-l10n-german@lists.debian.org>\n"
-"Language: de\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: KBabel 1.11.4\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Möchten Sie den Quagga-Daemon wirklich beenden?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"Warnung: Um fortzufahren muss der Quagga-Routing-Daemon beendet werden. Dies "
-"könnte zu BGP-Flaps oder Verlust der Netzwerkverbindung führen."
+++ /dev/null
-# quagga translation to spanish
-# Copyright (C) 2004 Software in the Public Interest
-# This file is distributed under the same license as the quagga package.
-#
-# Changes:
-# - Initial translation
-# Carlos Galisteo de Cabo <cgalisteo@k-rolus.net>, 2007
-#
-#
-# Traductores, si no conoce el formato PO, merece la pena leer la
-# documentación de gettext, especialmente las secciones dedicadas a este
-# formato, por ejemplo ejecutando:
-# info -n '(gettext)PO Files'
-# info -n '(gettext)Header Entry'
-#
-# Equipo de traducción al español, por favor lean antes de traducir
-# los siguientes documentos:
-#
-# - El proyecto de traducción de Debian al español
-# http://www.debian.org/intl/spanish/coordinacion
-# especialmente las notas de traducción en
-# http://www.debian.org/intl/spanish/notas
-#
-# - La guía de traducción de po's de debconf:
-# /usr/share/doc/po-debconf/README-trans
-# o http://www.debian.org/intl/l10n/po-debconf/README-trans
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga_0.99.7-2\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2007-05-08 12:39+0200\n"
-"Last-Translator: Carlos Galisteo <cgalisteo@k-rolus.net>\n"
-"Language-Team: <debian-l10n-spanish@lists.debian.org>\n"
-"Language: \n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=ISO-8859-15\n"
-"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: KBabel 1.11.4\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "¿Está seguro de que quiere detener el servicio «Quagga»?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"ADVERTENCIA: Debe detenerse el servicio de encaminamiento «Quagga» para "
-"continuar. Ésto podría provocar intermitencias en BGP o pérdidas de "
-"conectividad."
+++ /dev/null
-#
-# Translators, if you are not familiar with the PO format, gettext
-# documentation is worth reading, especially sections dedicated to
-# this format, e.g. by running:
-# info -n '(gettext)PO Files'
-# info -n '(gettext)Header Entry'
-#
-# Some information specific to po-debconf are available at
-# /usr/share/doc/po-debconf/README-trans
-# or http://www.debian.org/intl/l10n/po-debconf/README-trans
-#
-# Developers do not need to manually edit POT or PO files.
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga 0.99.1-3\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2005-07-21 10:52+0200\n"
-"Last-Translator: Mohammed Adnène Trojette<adn+deb@diwi.org>\n"
-"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
-"Language: fr\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=iso-8859-15\n"
-"Content-Transfer-Encoding: 8bit\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Faut-il vraiment arrêter le démon Quagga ?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"Veuillez noter que le démon de routage Quagga doit être arrêté avant de "
-"poursuivre cette installation. Cela peut provoquer des incohérences BGP ou "
-"des pertes de connectivité."
+++ /dev/null
-# Italian translation of quagga debconf messages
-# Copyright (C) 2013, quagga package copyright holder
-# This file is distributed under the same license as the quagga package.
-# Beatrice Torracca <beatricet@libero.it>, 2013.
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2013-11-03 11:52+0200\n"
-"Last-Translator: Beatrice Torracca <beatricet@libero.it>\n"
-"Language-Team: Italian <debian-l10n-italian@lists.debian.org>\n"
-"Language: it\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Virtaal 0.7.1\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Arrestare veramente il demone Quagga?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"ATTENZIONE: per procedere il demone di instradamento Quagga deve essere "
-"fermato. Questo può portare a flap BGP o a perdita della connettività di "
-"rete."
+++ /dev/null
-# Copyright (C) 2008 Christian Hammers <ch@debian.org>\r
-# This file is distributed under the same license as quagga package.\r
-# Hideki Yamane (Debian-JP) <henrich@debian.or.jp>, 2008.\r
-# \r
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga 0.99.11-1\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2008-12-28 22:26+0900\n"
-"Last-Translator: Hideki Yamane (Debian-JP) <henrich@debian.or.jp>\n"
-"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
-"Language: ja\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Quagga デーモンを本当に停止しますか?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"警告: Quagga ルーティングデーモンの停止が実施されました。これによって BGP "
-"ルートフラップの発生やネットワーク接続の切断が起こされる可能性があります。"
+++ /dev/null
-# SOME DESCRIPTIVE TITLE.
-# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
-# This file is distributed under the same license as the PACKAGE package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2007-03-15 18:49+0100\n"
-"Last-Translator: Bart Cornelis <cobaco@skolelinux.no>\n"
-"Language-Team: debian-l10n-dutch <debian-l10n-dutch@lists.debian.org>\n"
-"Language: \n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=utf-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"X-Poedit-Language: Dutch\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Bent u zeker dat u de Quagga-achtergronddienst wilt stoppen?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"WAARSCHUWING: De Quagga 'routing'-achtergronddienst dient stopgezet te "
-"worden voor u verder gaat. Dit kan BGP-flaps en verliezen van "
-"netwerkverbinding veroorzaken."
+++ /dev/null
-# Portuguese translations for quagga package.
-# Copyright (C) 2007 Miguel Figueiredo
-# This file is distributed under the same license as the quagga package.
-# Miguel Figueiredo <elmig@debianpt.org>, 2007.
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga 0.99.6-6\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2007-04-26 23:07+0100\n"
-"Last-Translator: Miguel Figueiredo <elmig@debianpt.org>\n"
-"Language-Team: Portuguese <traduz@debianpt.org>\n"
-"Language: pt\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Deseja mesmo parar o daemon Quagga?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"AVISO: O daemon de routing tem de ser parado para continuar. Isto pode levar "
-"a distúrbio do BGP ou perda da ligação de rede."
+++ /dev/null
-# quagga Brazilian Portuguese po-debconf translation
-# Copyright (C) 2007 THE quagga'S COPYRIGHT HOLDER
-# This file is distributed under the same license as the quagga package.
-# Jefferson Alexandre dos Santos <jefferson.alexandre@gmail.com>, 2007.
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2007-09-29 00:34-0300\n"
-"Last-Translator: Jefferson Alexandre dos Santos<jefferson.alexandre@gmail."
-"com>\n"
-"Language-Team: Brazilian Portuguese <debian-l10n-portuguese@lists.debian."
-"org>\n"
-"Language: pt_BR\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Você realmente deseja parar o daemon Quagga?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"AVISO: O daemon de roteamento Quagga precisa ser parado para prosseguir. "
-"Isto pode causar \"BGP flaps\" ou perda de conectividade de rede."
+++ /dev/null
-# translation of ru.po to Russian
-# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
-# This file is distributed under the same license as the PACKAGE package.
-#
-# Yuri Kozlov <yuray@komyakino.ru>, 2009.
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga 0.99.13-1\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2009-07-19 09:04+0400\n"
-"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
-"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
-"Language: ru\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: KBabel 1.11.4\n"
-"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
-"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Действительно остановить службу Quagga?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"ПРЕДУПРЕЖДЕНИЕ: Для продолжения работы служба маршрутизации Quagga должна "
-"быть остановлена. Это может привести к перестройке таблиц BGP или потере "
-"связности узлов сети."
+++ /dev/null
-# Translators, if you are not familiar with the PO format, gettext
-# documentation is worth reading, especially sections dedicated to
-# this format, e.g. by running:
-# info -n '(gettext)PO Files'
-# info -n '(gettext)Header Entry'
-# Some information specific to po-debconf are available at
-# /usr/share/doc/po-debconf/README-trans
-# or http://www.debian.org/intl/l10n/po-debconf/README-trans
-# Developers do not need to manually edit POT or PO files.
-# , fuzzy
-#
-#
-msgid ""
-msgstr ""
-"Project-Id-Version: quagga 0.99.1-6\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: 2005-10-04 06:56+0200\n"
-"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
-"Language-Team: Swedish <sv@li.org>\n"
-"Language: sv\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=iso-8859-1\n"
-"Content-Transfer-Encoding: 8bit\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr "Vill du stoppa Quagga-daemonen?"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
-"VARNING: routingdaemonen Quagga måste stoppas för att fortsätta. Detta kan "
-"leda till BGP-flaps eller att nätverksförbindelsen avbryts."
+++ /dev/null
-# SOME DESCRIPTIVE TITLE.
-# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
-# This file is distributed under the same license as the PACKAGE package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
-#
-#, fuzzy
-msgid ""
-msgstr ""
-"Project-Id-Version: PACKAGE VERSION\n"
-"Report-Msgid-Bugs-To: ch@debian.org\n"
-"POT-Creation-Date: 2006-07-15 20:31+0200\n"
-"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
-"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
-"Language-Team: LANGUAGE <LL@li.org>\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=CHARSET\n"
-"Content-Transfer-Encoding: 8bit\n"
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid "Do you really want to stop the Quagga daemon?"
-msgstr ""
-
-#. Type: boolean
-#. Description
-#: ../quagga.templates:1001
-msgid ""
-"WARNING: The Quagga routing daemon has to be stopped to proceed. This could "
-"lead to BGP flaps or loss of network connectivity."
-msgstr ""
+++ /dev/null
-#!/usr/bin/make -f
-
-export DH_VERBOSE=1
-export DEB_BUILD_HARDENING=1
-export DH_OPTIONS=-v
-
-ifeq ($(WANT_SNMP), 1)
- USE_SNMP=--enable-snmp
- $(warning "DEBIAN: SNMP enabled, sorry for your inconvenience")
-else
- $(warning "DEBIAN: SNMP disabled, see README.Debian")
-endif
-
-ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
- DEBIAN_JOBS := $(subst parallel=,,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
-endif
-
-ifdef DEBIAN_JOBS
-MAKEFLAGS += -j$(DEBIAN_JOBS)
-endif
-
-%:
- dh $@ --with=systemd,autoreconf --parallel --dbg-package=frr-dbg --list-missing
-
-override_dh_auto_configure:
- # Frr needs /proc to check some BSD vs Linux specific stuff.
- # Else it fails with an obscure error message pointing out that
- # IPCTL_FORWARDING is an undefined symbol which is not very helpful.
- @if ! [ -d /proc/1 ]; then \
- echo "./configure needs a mounted /proc"; \
- exit 1; \
- fi
-
- if ! [ -e config.status ]; then \
- dh_auto_configure -- \
- --enable-exampledir=/usr/share/doc/frr/examples/ \
- --localstatedir=/var/run/frr \
- --sbindir=/usr/lib/frr \
- --sysconfdir=/etc/frr \
- $(USE_SNMP) \
- --enable-ospfapi=yes \
- --enable-vtysh=yes \
- --enable-isisd=yes \
- --enable-multipath=256 \
- --enable-user=frr \
- --enable-group=frr \
- --enable-vty-group=frrvty \
- --enable-configfile-mask=0640 \
- --enable-logfile-mask=0640 \
- --enable-werror \
- --enable-gcc-rdynamic \
- --with-libpam \
- --enable-systemd=yes \
- --enable-poll=yes \
- --enable-cumulus=yes \
- --enable-pimd=yes \
- --enable-dependency-tracking \
- --enable-bgp-vnc=no; \
- fi
-
-override_dh_auto_build:
- #dh_auto_build
- $(MAKE)
- dh_auto_build -- -C doc draft-zebra-00.txt
-
-
- # doc/ is a bit crazy
-ifeq ($(GENERATE_PDF), 1)
- dh_auto_build -- -C doc frr.pdf || true # pdfetex fails with exit code 1 but still produces a good looking .pdf
-endif
- rm -vf doc/frr.info
- dh_auto_build -- -C doc frr.info
- rm -vf doc/frr.info.html*
-
-override_dh_auto_test:
-
-override_dh_auto_install:
- dh_auto_install
-
- # cleaning up the info dir
- rm -f debian/tmp/usr/share/info/dir*
-
- # install config files
- mkdir -p debian/tmp/etc/frr/
- perl -pi -e 's#^!log file #!log file /var/log/frr/#' debian/tmp/usr/share/doc/frr/examples/*sample*
-
- # installing the Frr specific SNMP MIB
-ifeq ($(WANT_SNMP), 1)
- install -D -m 644 ./zebra/GNOME-PRODUCT-ZEBRA-MIB debian/tmp/usr/share/snmp/mibs/GNOME-PRODUCT-ZEBRA-MIB
-else
- mkdir -p debian/tmp/usr/share/snmp/mibs/
-endif
-
- # cleaning .la files
- sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/*.la
-
-override_dh_systemd_start:
- dh_systemd_start frr.service
-
-override_dh_systemd_enable:
- dh_systemd_enable frr.service
-
+++ /dev/null
-Tests: daemons
-Depends: frr
-Restrictions: needs-root
+++ /dev/null
-#!/bin/bash
-#---------------
-# Testing frr
-#---------------
-set -e
-
-# modify config file to enable all daemons and copy config files
-CONFIG_FILE=/etc/frr/daemons
-DAEMONS=("zebra" "bgpd" "ospfd" "ospf6d" "ripd" "ripngd" "isisd" "pimd")
-
-for daemon in "${DAEMONS[@]}"
-do
- sed -i -e "s/${daemon}=no/${daemon}=yes/g" $CONFIG_FILE
- cp /usr/share/doc/frr/examples/${daemon}.conf.sample /etc/frr/${daemon}.conf
-done
-
-# reload frr
-/etc/init.d/frr restart > /dev/null 2>&1
-
-# check daemons
-for daemon in "${DAEMONS[@]}"
-do
- echo -n "check $daemon - "
- if pidof -x $daemon > /dev/null; then
- echo "${daemon} OK"
- else
- echo "ERROR: ${daemon} IS NOT RUNNING"
- exit 1
- fi
-done
+++ /dev/null
-# Example watch control file for uscan
-# Rename this file to "watch" and then you can run the "uscan" command
-# to check for upstream updates and more.
-# Site Directory Pattern Version Script
-version=3
-opts=uversionmangle=s/(\d)[_\.\-\+]?((RC|rc|pre|dev|beta|alpha|b|a)[\-\.]?\d*)$/$1~$2/ \
- http://download.savannah.gnu.org/releases/frr/quagga-(\d.*)\.(?:tgz|tar\.(?:gz|bz2|xz))
-# Bart Martens <bartm@debian.org> Fri, 25 Jan 2013 06:38:53 +0000
+++ /dev/null
-check process watchfrr with pidfile /var/run/frr/watchfrr.pid
- start program = "/etc/init.d/frr start watchfrr" with timeout 120 seconds
- stop program = "/etc/init.d/frr stop watchfrr"
- if 3 restarts within 10 cycles then timeout
--- /dev/null
+
+EXTRA_DIST = README.Debian README.Maintainer \
+ changelog compat control copyright \
+ rules source/format tests/control \
+ tests/daemons watchfrr.rc \
+ backports/README backports/rules \
+ backports/debian8/debian/source/format \
+ backports/debian8/exclude \
+ backports/debian8/versionext \
+ backports/debian9/debian/source/format \
+ backports/debian9/exclude \
+ backports/debian9/versionext \
+ backports/ubuntu12.04/debian/control \
+ backports/ubuntu12.04/debian/frr.install \
+ backports/ubuntu12.04/debian/frr.postinst \
+ backports/ubuntu12.04/debian/frr.postrm \
+ backports/ubuntu12.04/debian/rules \
+ backports/ubuntu12.04/debian/source/format \
+ backports/ubuntu12.04/exclude \
+ backports/ubuntu12.04/versionext \
+ backports/ubuntu14.04/debian/control \
+ backports/ubuntu14.04/debian/frr.install \
+ backports/ubuntu14.04/debian/frr.postinst \
+ backports/ubuntu14.04/debian/frr.postrm \
+ backports/ubuntu14.04/debian/rules \
+ backports/ubuntu14.04/debian/source/format \
+ backports/ubuntu14.04/exclude \
+ backports/ubuntu14.04/versionext \
+ backports/ubuntu16.04/debian/source/format \
+ backports/ubuntu16.04/exclude \
+ backports/ubuntu16.04/versionext \
+ frr-doc.docs frr-doc.info frr-doc.install \
+ frr-doc.lintian-overrides frr.conf \
+ frr.dirs frr.docs frr.install \
+ frr.lintian-overrides frr.logrotate \
+ frr.manpages frr.pam frr.postinst frr.postrm \
+ frr.preinst frr.prerm \
+ frr-pythontools.install
--- /dev/null
+* SAFETY MEASURES:
+==================
+
+Please consider setting this package "on hold" by typing
+ echo "frr hold" | dpkg --set-selections
+and verifying this using
+ dpkg --get-selections | grep 'hold$'
+
+Setting a package "on hold" means that it will not automatically be upgraded.
+Instead apt-get only displays a warning saying that a new version would be
+available forcing you to explicitly type "apt-get install frr" to upgrade it.
+
+
+* What is frr?
+=================
+
+http://www.frrouting.org/
+FRR is a routing software suite, providing implementations of OSPFv2,
+OSPFv3, RIP v1 and v2, RIPng, ISIS, PIM, BGP and LDP for Unix platforms, particularly
+FreeBSD and Linux and also NetBSD, to mention a few. FRR is a fork of Quagga
+which itself is a fork of Zebra.
+Zebra was developed by Kunihiro Ishiguro.
+
+
+* Why has SNMP support been disabled?
+=====================================
+FRR used to link against the NetSNMP libraries to provide SNMP
+support. Those libraries sadly link against the OpenSSL libraries
+to provide crypto support for SNMPv3 among others.
+OpenSSL now is not compatible with the GNU GENERAL PUBLIC LICENSE (GPL)
+licence that FRR is distributed under. For more explanation read:
+ http://www.gnome.org/~markmc/openssl-and-the-gpl.html
+ http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs
+Updating the licence to explecitly allow linking against OpenSSL
+would requite the affirmation of all people that ever contributed
+a significant part to Zebra / Quagga or FRR and thus are the collective
+"copyright holder". That's too much work. Using a shrinked down
+version of NetSNMP without OpenSSL or convincing the NetSNMP people
+to change to GnuTLS are maybe good solutions but not reachable
+during the last days before the Sarge release :-(
+
+ *BUT*
+
+It is allowed by the used licence mix that you fetch the sources and
+build FRR yourself with SNMP with
+ <remove the "grep ^smux" block at the end of debian/frr.preinst>
+ # export WANT_SNMP=1
+ # apt-get -b source frr
+Just distributing it in binary form, linked against OpenSSL, is forbidden.
+
+
+* Daemon selection:
+===================
+
+The Debian package uses /etc/frr/daemons to tell the
+initscript which daemons to start. It's in the format
+<daemon>=<yes|no|priority>
+with no spaces (it's simply source-d into the initscript).
+Default is not to start anything, since it can hose your
+system's routing table if not set up properly.
+
+Priorities were suggested by Dancer <dancer@zeor.simegen.com>.
+They're used to start the FRR daemons in more than one step
+(for example start one or two at network initialization and the
+rest later). The number of FRR daemons being small, priorities
+must be between 1 and 9, inclusive (or the initscript has to be
+changed). /etc/init.d/frr then can be started as
+
+/etc/init.d/frr <start|stop|restart|<priority>>
+
+where priority 0 is the same as 'stop', priority 10 or 'start'
+means 'start all'
+
+
+* Error message "privs_init: initial cap_set_proc failed":
+==========================================================
+
+This error message means that "capability support" has to be built
+into the kernel.
+
+
+* Error message "netlink-listen: overrun: No buffer space available":
+=====================================================================
+
+If this message occurs the receive buffer should be increased by adding the
+following to /etc/sysctl.conf and "--nl-bufsize" to /etc/frr/daemons.conf.
+> net.core.rmem_default = 262144
+> net.core.rmem_max = 262144
+See message #4525 from 2005-05-09 in the quagga-users mailing list.
+
+
+* vtysh immediately exists:
+===========================
+
+Check /etc/pam.d/frr, it probably denies access to your user. The passwords
+configured in /etc/frr/frr.conf are only for telnet access.
+
--- /dev/null
+#
+# To check if the patches still apply on new upstream versions:
+#
+for i in debian/patches/*.diff; do echo -e "#\n# $i\n#"; patch --fuzz=3 --dry-run -p1 < $i; done
+
+#
+# Filename transition from zebra to frr
+#
+
+Files that keep their names
+ /usr/bin/vtysh
+
+Files that got an -pj suffix
+ /etc/default/zebra -> /etc/frr/daemons.conf
+ /etc/init.d/zebra -> /etc/init.d/frr
+ /etc/zebra/ -> /etc/frr/
+ /usr/share/doc/zebra/ -> /usr/share/doc/frr/
+ /var/log/zebra/ -> /var/log/frr/
+ /var/run/ -> /var/run/frr/
+
+Files that were moved
+ /usr/sbin/* -> /usr/lib/frr/
--- /dev/null
+Building your own FRRouting Debian Package
+==========================================
+(Tested on Ubuntu 12.04, 14.04, 16.04 and Debian 8)
+
+1. Follow the package installation as outlined in doc/Building_on_XXXX.md
+ (XXXX refers your OS Distribution) to install the required build packages
+
+2. Install the following additional packages:
+
+ apt-get install realpath equivs groff fakeroot debhelper
+
+3. Checkout FRR under a **unpriviledged** user account
+
+ git clone https://github.com/frrouting/frr.git frr
+
+4. Run Bootstrap and make distribution tar.gz
+
+ cd frr
+ ./bootstrap.sh
+ ./configure --with-pkg-extra-version=-MyDebPkgVersion
+ make dist
+
+ Note: configure parameters are not important for the Debian Package
+ building - except the `with-pkg-extra-version` if you want to give the
+ Debian Package a specific name to mark your own unoffical build
+
+5. Edit `debianpkg/rules` and set the configuration as needed
+
+ Look for section `dh_auto_configure` to modify the configure
+ options as needed. Options might be different between main `rules` and
+ `backports/XXXX/debian/rules`. Please adjust as needed on all files
+
+6. Create backports debian sources
+
+ Move the `debianpkg` to `debian` and create the backports
+ (Debian requires to not ship a `debian` directory inside the source
+ directory to avoid build conflicts with the reserved `debian` subdirectory
+ name during the build)
+
+ mv debianpkg debian
+ make -f debian/rules backports
+
+ This will create a `frr_*.orig.tar.gz` with the source (same as dist tar),
+ and multiple `frr_*.debian.tar.xz` and `frr_*.dsc` for the debian package
+ source on each backport supported distribution
+
+6. Create a new directory to build the package and populate with package src
+
+ mkdir frrpkg
+ cd frrpkg
+ tar xf ~/frr/frr_*.orig.tar.gz
+ cd frr*
+ . /etc/os-release
+ tar xf ~/frr/frr_*${ID}${VERSION_ID}*.debian.tar.xz
+
+7. Build Debian Package Dependencies and install them as needed
+
+ sudo mk-build-deps --install debian/control
+
+8. Build Debian Package
+
+ debuild -b -uc -us
+
+DONE.
+
+If all works correctly, then you should end up with the Debian packages under
+`frrpkg`. If distributed, please make sure you distribute it together with
+the sources (`frr_*.orig.tar.gz`, `frr_*.debian.tar.xz` and `frr_*.dsc`)
+
+
+Enabling daemons after installation of the package:
+---------------------------------------------------
+
+1. Edit `/etc/frr/daemons` and enable required routing daemons (Zebra is
+probably needed for most deployments, so make sure to enable it.)
+
+2. Check your firewall / IPtables to make sure the routing protocols are
+allowed.
+
+3. Enable FRR at startup
+
+ - On `init.d` based systems (Ubuntu 12.04)
+
+ sudo update-rc.d frr defaults
+
+ - On `systemd` based systems (Debian 8, Ubuntu 14.04, 16.04)
+
+ sudo systemctl enable frr
+
+4. Start/Restart the daemons (or reboot)
+
+ - On `init.d` based systems (Ubuntu 12.04)
+
+ sudo invoke-rc.d frr start
+
+ - on `systemd` based systems (Debian 8, Ubuntu 14.04, 16.04)
+
+ sudo systemctl start frr
+
+
+Configuration is stored in `/etc/frr/*.conf` files and daemon selection
+is stored in `/etc/frr/daemons`.
--- /dev/null
+*/*.dirhash
+*/debian/changelog
--- /dev/null
+This directory contains the debian directories for backports to other debian
+platforms. These are built via the `3.0 (custom)' source format, which
+allows one to build a source package directly out of tarballs (e.g. an
+orig.tar.gz tarball and a debian.tar.gz file), at which point the format can
+be changed to a real format (e.g. `3.0 (quilt)').
+
+Source packages are assembled via targets of the same name as the system to
+which the backport is done (e.g. `precise'), included in debian/rules.
+
+To create a new debian backport:
+
+* Add its name to `KNOWN_BACKPORTS', defined in debian/rules.
+* Create a directory of the same name in debian/backports.
+* Add the files `exclude', `versionext', and `debian/source/format' under
+ this directory:
+ * `exclude' contains whitespace-separated paths (relative to the root of
+ the source dir) that should be excluded from the source package (e.g.
+ debian/patches).
+ * `versionext' contains the suffix added to the version number for this
+ backport's build. Distributions often have guidelines for what this
+ should be. If left empty, no new debian/changelog entry is created.
+ * `debian/source/format' should contain the source format of the resulting
+ source package. As of of the writing of this document the only supported
+ format is `3.0 (quilt)'.
+* Add appropriate files under the `debian/' subdirectory. These will be
+ included in the source package, overriding any top-level `debian/' files
+ with equivalent paths.
+
--- /dev/null
+3.0 (quilt)
--- /dev/null
+-1~debian8+1
--- /dev/null
+3.0 (quilt)
--- /dev/null
+-1~debian9+1
--- /dev/null
+.PHONY: backports $(KNOWN_BACKPORTS)
+
+# error out if these files are missing
+required_files = $(foreach backport,$(KNOWN_BACKPORTS), \
+ $(addprefix debian/backports/$(backport)/, \
+ debian/source/format \
+ versionext \
+ exclude))
+$(if $(filter-out $(wildcard $(required_files)),$(required_files)), \
+ $(error missing required backports files: \
+ $(filter-out $(wildcard $(required_files)),$(required_files)). \
+ see debian/backports/README) \
+)
+
+TARBALLDIR ?= $(shell dh_testdir debian/changelog && realpath .)
+
+define backports-targets
+# if this file is empty, no automatic changelog entry is created
+VERSIONEXT_$(1) ?= $(strip \
+ $(shell cat $(wildcard debian/backports/$(1)/versionext)))
+DEBIAN_VERSION_$(1) = $(DEBIAN_VERSION)$$(VERSIONEXT_$(1))
+BACKPORTDIR_$(1) = $(realpath debian/backports/$(1))
+
+# as of right now, must be '3.0 (quilt)'
+SOURCEFORMAT_$(1) ?= $(strip \
+ $(shell cat debian/backports/$(1)/debian/source/format))
+
+# files checked for the dirhash (see below)
+FINDCMD_$(1) = find -L debian/backports/$(1)/debian \
+ -type f \
+ ! -path debian/backports/$(1)/debian/changelog
+
+# files *not* pulled from the root debian directory into the backport tarball:
+# debian/changelog (copied and edited for backport version entry)
+# debian/backports itself (relevant contents are copied out separately)
+# anything provided in the current backports debian dir
+# anything specified in the 'exclude' file in the current backports debian dir
+EXCLUDEROOT_$(1) = debian/changelog debian/backports \
+ $$(subst debian/backports/$(1)/,,$$(shell $$(FINDCMD_$(1)))) \
+ $$(shell cat debian/backports/$(1)/exclude)
+
+EXCLUDEROOT_TAR_$(1) = $$(foreach file,$$(EXCLUDEROOT_$(1)),--exclude $$(file))
+EXCLUDEROOT_FIND_$(1) = $$(foreach file,$$(EXCLUDEROOT_$(1)),-o -path $$(file))
+
+# find command resulting in all files that *will* be pulled into the backport
+# tarball.
+FINDCMDROOT_$(1) = find -L debian/ \
+ '(' -false $$(EXCLUDEROOT_FIND_$(1)) ')' -prune -o \
+ -type f -a '!' '(' -false $$(EXCLUDEROOT_FIND_$(1)) ')'
+
+# usually using `find' output for dependencies has the downfall of not tracking
+# file removal. Work around that by introducing a dependency on a file whose
+# name contains the hash of `find' output, so that the name will change when a
+# file is deleted.
+DIRHASH_$(1) = \
+ $$(shell $$(FINDCMD_$(1)) | sha1sum | sed -r 's/^(......).*/\1/')
+DIRHASHROOT_$(1) = \
+ $$(shell $$(FINDCMDROOT_$(1)) | sha1sum | sed -r 's/^(......).*/\1/')
+
+CONTROL_$(1) = $$(strip \
+ $$(if $$(wildcard $$(BACKPORTDIR_$(1))/debian/control), \
+ $$(BACKPORTDIR_$(1))/debian/control, \
+ $(realpath debian/control) \
+ ))
+
+# TARGETS:
+
+$(1): $(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).dsc ;
+
+# we use 3.0 (custom) to build a source package directly from tarballs,
+# bypassing the usual checks (which wouldn't like our combination-of-
+# directories approach)
+$(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).dsc:
+ dpkg-source -l$$(BACKPORTDIR_$(1))/debian/changelog \
+ -c$$(CONTROL_$(1)) \
+ --format='3.0 (custom)' \
+ --target-format='$$(SOURCEFORMAT_$(1))' \
+ -b . $$^
+ mv $(TARBALLDIR)/../$$(notdir $$@) $$@
+
+ifeq ($$(SOURCEFORMAT_$(1)),3.0 (quilt))
+# this target depends on the orig.tar.gz file, for which there is no target in
+# this makefile. It is assumed to either already exist or be built by a target
+# provided elsewhere in debian/rules (e.g. via pristine-tar)
+$$(if $$(findstring $(ORIG_VERSION),$$(DEBIAN_VERSION_$(1))), \
+ $$(info downstream version matches upstream version (good)), \
+ $$(error quilt format expects downstream version \
+ ($$(DEBIAN_VERSION_$(1))) to contain upstream version \
+ ($(ORIG_VERSION)). Make a new debian/changelog entry \
+ to reflect the new upstream release) \
+)
+
+$(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).dsc: \
+ $(TARBALLDIR)/$(SRCPKG)_$(ORIG_VERSION).orig.tar.gz \
+ $(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).debian.tar.xz
+else
+$$(error unsupported source format for $(1) backport: $$(SOURCEFORMAT_$(1)))
+endif #SOURCEFORMAT_$(1)
+
+# for 3.0 (quilt)
+$(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).debian.tar.xz: \
+ $$(BACKPORTDIR_$(1))/debian/changelog \
+ $$(shell $$(FINDCMD_$(1))) \
+ $$(BACKPORTDIR_$(1))/$$(DIRHASH_$(1)).backport.dirhash \
+ $$(shell $$(FINDCMDROOT_$(1))) \
+ $$(BACKPORTDIR_$(1))/$$(DIRHASHROOT_$(1)).root.dirhash \
+ $$(BACKPORTDIR_$(1))/exclude
+ rm -f $$(subst .tar.xz,.tar,$$@) $$@
+ tar -chf $$(subst .tar.xz,.tar,$$@) \
+ --exclude-vcs $$(EXCLUDEROOT_TAR_$(1)) debian/
+ cd debian/backports/$(1) && tar -uhf $$(subst .tar.xz,.tar,$$@) \
+ --exclude-vcs debian/
+ xz $$(subst .tar.xz,.tar,$$@)
+
+$$(BACKPORTDIR_$(1))/debian/changelog: \
+ debian/changelog \
+ debian/backports/$(1)/versionext
+ rm -f debian/backports/$(1)/debian/changelog
+ cp $$< $$@
+ $(if $$(VERSIONEXT_$(1)), \
+ dch -c $$@ -v '$$(DEBIAN_VERSION_$(1))' -b \
+ 'backport to $(1) systems', \
+ )
+
+$$(BACKPORTDIR_$(1))/$$(DIRHASH_$(1)).backport.dirhash:
+ rm -f debian/backports/$(1)/*.backport.dirhash
+ touch $$@
+
+$$(BACKPORTDIR_$(1))/$$(DIRHASHROOT_$(1)).root.dirhash:
+ rm -f debian/backports/$(1)/*.root.dirhash
+ touch $$@
+
+endef # backports-targets
+$(foreach backport,$(KNOWN_BACKPORTS),$(eval \
+ $(call backports-targets,$(backport))))
+
+backports: $(KNOWN_BACKPORTS)
--- /dev/null
+Source: frr
+Section: net
+Priority: optional
+Maintainer: Nobody <nobody@frrouting.org>
+Uploaders: Nobody <nobody@frrouting.org>
+XSBC-Original-Maintainer: <maintainers@frrouting.org>
+Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson0, libjson0-dev, pkg-config, python (>= 2.7), python-ipaddr
+Standards-Version: 3.9.6
+Homepage: http://www.frrouting.org/
+XS-Testsuite: autopkgtest
+
+Package: frr
+Architecture: any
+Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), ${misc:Depends}
+Pre-Depends: adduser
+Conflicts: zebra, zebra-pj
+Replaces: zebra, zebra-pj
+Suggests: snmpd
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
+ FRR is free software which manages TCP/IP based routing protocols.
+ It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
+ PIM and LDP as well as the IPv6 versions of these.
+ .
+ FRR is a fork of Quagga with an open community model. The main git
+ lives on https://github.com/frrouting/frr.git
+
+Package: frr-dbg
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
+Priority: extra
+Section: debug
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
+ This package provides debugging symbols for all binary packages built
+ from frr source package. It's highly recommended to have this package
+ installed before reporting any FRR crashes to either FRR developers or
+ Debian package maintainers.
+
+Package: frr-doc
+Section: net
+Architecture: all
+Depends: ${misc:Depends}
+Suggests: frr
+Description: documentation files for FRR
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
+Package: frr-pythontools
+Section: net
+Architecture: all
+Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
--- /dev/null
+../../ubuntu14.04/debian/frr.install
\ No newline at end of file
--- /dev/null
+../../ubuntu14.04/debian/frr.postinst
\ No newline at end of file
--- /dev/null
+../../ubuntu14.04/debian/frr.postrm
\ No newline at end of file
--- /dev/null
+#!/usr/bin/make -f
+
+# FRRouting Configuration options
+######################################
+#
+# WANT_xxxx --> Set to 1 for enable, 0 for disable
+# The following are the defaults. They can be overridden by setting a
+# env variable to a different value
+#
+# export WANT_LDP=1
+# export WANT_PIM=1
+# export WANT_OSPFAPI=1
+# export WANT_TCP_ZEBRA=0
+# export WANT_BGP_VNC=0
+# export WANT_CUMULUS_MODE=0
+# export WANT_MULTIPATH=1
+#
+# If multipath is enabled (WANT_MULTIPATH=1), then set number of multipaths here
+# Please be aware that 0 is NOT disabled, but treated as unlimited
+# export MULTIPATH=256
+#
+# Set the following to the value required (or leave undefined for the default below)
+# WANT_FRR_USER is used for the username and groupname of the FRR user account
+# export WANT_FRR_USER=frr
+# export WANT_FRR_VTY_GROUP=frrvty
+#
+####################################
+
+export DH_VERBOSE=1
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+export DH_OPTIONS=-v
+
+ifeq ($(WANT_SNMP), 1)
+ USE_SNMP=--enable-snmp
+ $(warning "DEBIAN: SNMP enabled, sorry for your inconvenience")
+else
+ $(warning "DEBIAN: SNMP disabled, see README.Debian")
+endif
+
+ifneq ($(WANT_LDP), 0)
+ USE_LDP=--enable-ldpd
+else
+ USE_LDP=--disable-ldpd
+endif
+
+ifneq ($(WANT_PIM), 0)
+ USE_PIM=--enable-pimd
+else
+ USE_PIM=--disable-pimd
+endif
+
+ifneq ($(WANT_OSPFAPI), 0)
+ USE_OSPFAPI=--enable-ospfapi=yes
+else
+ USE_OSPFAPI=--enable-ospfapi=no
+endif
+
+ifeq ($(WANT_TCP_ZEBRA),1)
+ USE_TCP_ZEBRA=--enable-tcp-zebra
+endif
+
+ifneq ($(WANT_BGP_VNC), 0)
+ USE_BGP_VNC=--enable-bgp-vnc=yes
+else
+ USE_BGP_VNC=--enable-bgp-vnc=no
+endif
+
+ifndef WANT_FRR_USER
+ USE_FRR_USER=--enable-user=frr
+ USE_FRR_GROUP=--enable-group=frr
+else
+ USE_FRR_USER=$(WANT_FRR_USER)
+ USE_FRR_GROUP=$(WANT_FRR_USER)
+endif
+
+ifndef WANT_FRR_VTY_GROUP
+ USE_FRR_VTY_GROUP=--enable-vty-group=frrvty
+else
+ USE_FRR_VTY_GROUP=--enable-vty-group=$(WANT_FRR_VTY_GROUP)
+endif
+
+ifneq ($(WANT_MULTIPATH), 0)
+ ifdef MULTIPATH
+ USE_MULTIPATH=--enable-multipath=$(MULTIPATH)
+ else
+ USE_MULTIPATH=--enable-multipath=256
+ endif
+else
+ USE_MULTIPATH=--disable-multipath
+endif
+
+ifeq ($(WANT_CUMULUS_NODE), 1)
+ USE_CUMULUS=--enable-cumulus=yes
+else
+ USE_CUMULUS=--enable-cumulus=no
+endif
+
+ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+ DEBIAN_JOBS := $(subst parallel=,,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+endif
+
+ifdef DEBIAN_JOBS
+MAKEFLAGS += -j$(DEBIAN_JOBS)
+endif
+
+%:
+ dh $@ --with=autoreconf --parallel --dbg-package=frr-dbg --list-missing
+
+override_dh_auto_configure:
+ # Frr needs /proc to check some BSD vs Linux specific stuff.
+ # Else it fails with an obscure error message pointing out that
+ # IPCTL_FORWARDING is an undefined symbol which is not very helpful.
+ @if ! [ -d /proc/1 ]; then \
+ echo "./configure needs a mounted /proc"; \
+ exit 1; \
+ fi
+
+ if ! [ -e config.status ]; then \
+ dh_auto_configure -- \
+ --enable-exampledir=/usr/share/doc/frr/examples/ \
+ --localstatedir=/var/run/frr \
+ --sbindir=/usr/lib/frr \
+ --sysconfdir=/etc/frr \
+ $(USE_SNMP) \
+ $(USE_OSPFAPI) \
+ $(USE_MULTIPATH) \
+ $(USE_LDP) \
+ $(USE_TCP_ZEBRA) \
+ --enable-fpm \
+ $(USE_FRR_USER) $(USE_FRR_GROUP) \
+ $(USE_FRR_VTY_GROUP) \
+ --enable-configfile-mask=0640 \
+ --enable-logfile-mask=0640 \
+ --with-libpam \
+ --enable-systemd=no \
+ --enable-poll=yes \
+ $(USE_CUMULUS) \
+ $(USE_PIM) \
+ --enable-dependency-tracking \
+ $(USE_BGP_VNC) \
+ $(shell dpkg-buildflags --export=configure); \
+ fi
+
+override_dh_auto_build:
+ #dh_auto_build
+ $(MAKE)
+ dh_auto_build -- -C doc draft-zebra-00.txt
+
+
+ # doc/ is a bit crazy
+ifeq ($(GENERATE_PDF), 1)
+ dh_auto_build -- -C doc frr.pdf || true # pdfetex fails with exit code 1 but still produces a good looking .pdf
+endif
+ rm -vf doc/frr.info
+ dh_auto_build -- -C doc frr.info
+ rm -vf doc/frr.info.html*
+
+override_dh_auto_test:
+
+override_dh_auto_install:
+ dh_auto_install
+
+ # installed in frr-pythontools
+ rm debian/tmp/usr/lib/frr/frr-reload.py
+
+ # cleaning up the info dir
+ rm -f debian/tmp/usr/share/info/dir*
+
+ # install config files
+ mkdir -p debian/tmp/etc/frr/
+ perl -pi -e 's#^!log file #!log file /var/log/frr/#' debian/tmp/usr/share/doc/frr/examples/*sample*
+
+ # installing the Frr specific SNMP MIB
+ install -D -m 644 ./zebra/GNOME-PRODUCT-ZEBRA-MIB debian/tmp/usr/share/snmp/mibs/GNOME-PRODUCT-ZEBRA-MIB
+
+ # cleaning .la files
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/*.la
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/frr/modules/*.la
+
--- /dev/null
+3.0 (quilt)
--- /dev/null
+-1~ubuntu12.04+1
--- /dev/null
+Source: frr
+Section: net
+Priority: optional
+Maintainer: Nobody <nobody@frrouting.org>
+Uploaders: Nobody <nobody@frrouting.org>
+XSBC-Original-Maintainer: <maintainers@frrouting.org>
+Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2, pkg-config, python (>= 2.7), python-ipaddr
+Standards-Version: 3.9.6
+Homepage: http://www.frrouting.org/
+XS-Testsuite: autopkgtest
+
+Package: frr
+Architecture: any
+Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), ${misc:Depends}
+Pre-Depends: adduser
+Conflicts: zebra, zebra-pj
+Replaces: zebra, zebra-pj
+Suggests: snmpd
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
+ FRR is free software which manages TCP/IP based routing protocols.
+ It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
+ PIM and LDP as well as the IPv6 versions of these.
+ .
+ FRR is a fork of Quagga with an open community model. The main git
+ lives on https://github.com/frrouting/frr.git
+
+Package: frr-dbg
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
+Priority: extra
+Section: debug
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
+ This package provides debugging symbols for all binary packages built
+ from frr source package. It's highly recommended to have this package
+ installed before reporting any FRR crashes to either FRR developers or
+ Debian package maintainers.
+
+Package: frr-doc
+Section: net
+Architecture: all
+Depends: ${misc:Depends}
+Suggests: frr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
+Package: frr-pythontools
+Section: net
+Architecture: all
+Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
--- /dev/null
+etc/frr/
+usr/bin/vtysh
+usr/include/frr/
+usr/lib/
+tools/frr etc/init.d/
+usr/share/doc/frr/
+usr/share/man/man1/vtysh.1
+usr/share/man/man1/frr.1
+usr/share/man/man8
+usr/share/man/man8/bgpd.8
+usr/share/man/man8/ospf6d.8
+usr/share/man/man8/ospfd.8
+usr/share/man/man8/ripd.8
+usr/share/man/man8/ripngd.8
+usr/share/man/man8/zebra.8
+usr/share/man/man8/isisd.8
+usr/share/man/man8/watchfrr.8
+usr/share/snmp/mibs/
+tools/etc/* etc/
+tools/*.service lib/systemd/system
+debian/frr.conf usr/lib/tmpfiles.d
--- /dev/null
+#!/bin/bash -e
+
+######################
+PASSWDFILE=/etc/passwd
+GROUPFILE=/etc/group
+
+frruid=`egrep "^frr:" $PASSWDFILE | awk -F ":" '{ print $3 }'`
+frrgid=`egrep "^frr:" $GROUPFILE | awk -F ":" '{ print $3 }'`
+frrvtygid=`egrep "^frrvty:" $GROUPFILE | awk -F ":" '{ print $3 }'`
+
+[ -n ${frruid} ] || (echo "No uid for frr in ${PASSWDFILE}" && /bin/false)
+[ -n ${frrgid} ] || (echo "No gid for frr in ${GROUPFILE}" && /bin/false)
+[ -n ${frrVTYgid} ] || (echo "No gid for frrvty in ${GROUPFILE}" && /bin/false)
+
+chown -R ${frruid}:${frrgid} /etc/frr
+touch /etc/frr/vtysh.conf
+chgrp ${frrvtygid} /etc/frr/vtysh*
+chmod 644 /etc/frr/*
+
+ENVIRONMENTFILE=/etc/environment
+if ! grep --quiet VTYSH_PAGER=/bin/cat ${ENVIRONMENTFILE}; then
+ echo "VTYSH_PAGER=/bin/cat" >> ${ENVIRONMENTFILE}
+fi
+##################################################
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+
+# This is most likely due to the answer "no" to the "really stop the server"
+# question in the prerm script.
+if [ "$1" = "abort-upgrade" ]; then
+ exit 0
+fi
+
+update-rc.d frr defaults > /dev/null
+
+#DEBHELPER#
+
--- /dev/null
+#!/bin/bash -e
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+# set -u not because of debhelper
+
+update-rc.d -f frr remove >> /dev/null
+
+if [ "$1" = "purge" ]; then
+ rm -rf /etc/frr /var/run/frr /var/log/frr
+ userdel frr >/dev/null 2>&1 || true
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/usr/bin/make -f
+
+# FRRouting Configuration options
+######################################
+#
+# WANT_xxxx --> Set to 1 for enable, 0 for disable
+# The following are the defaults. They can be overridden by setting a
+# env variable to a different value
+#
+# export WANT_LDP=1
+# export WANT_PIM=1
+# export WANT_OSPFAPI=1
+# export WANT_TCP_ZEBRA=0
+# export WANT_BGP_VNC=0
+# export WANT_CUMULUS_MODE=0
+# export WANT_MULTIPATH=1
+#
+# If multipath is enabled (WANT_MULTIPATH=1), then set number of multipaths here
+# Please be aware that 0 is NOT disabled, but treated as unlimited
+# export MULTIPATH=256
+#
+# Set the following to the value required (or leave undefined for the default below)
+# WANT_FRR_USER is used for the username and groupname of the FRR user account
+# export WANT_FRR_USER=frr
+# export WANT_FRR_VTY_GROUP=frrvty
+#
+####################################
+
+export DH_VERBOSE=1
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+export DH_OPTIONS=-v
+
+ifeq ($(WANT_SNMP), 1)
+ USE_SNMP=--enable-snmp
+ $(warning "DEBIAN: SNMP enabled, sorry for your inconvenience")
+else
+ $(warning "DEBIAN: SNMP disabled, see README.Debian")
+endif
+
+ifneq ($(WANT_LDP), 0)
+ USE_LDP=--enable-ldpd
+else
+ USE_LDP=--disable-ldpd
+endif
+
+ifneq ($(WANT_PIM), 0)
+ USE_PIM=--enable-pimd
+else
+ USE_PIM=--disable-pimd
+endif
+
+ifneq ($(WANT_OSPFAPI), 0)
+ USE_OSPFAPI=--enable-ospfapi=yes
+else
+ USE_OSPFAPI=--enable-ospfapi=no
+endif
+
+ifeq ($(WANT_TCP_ZEBRA),1)
+ USE_TCP_ZEBRA=--enable-tcp-zebra
+endif
+
+ifneq ($(WANT_BGP_VNC), 0)
+ USE_BGP_VNC=--enable-bgp-vnc=yes
+else
+ USE_BGP_VNC=--enable-bgp-vnc=no
+endif
+
+ifndef WANT_FRR_USER
+ USE_FRR_USER=--enable-user=frr
+ USE_FRR_GROUP=--enable-group=frr
+else
+ USE_FRR_USER=$(WANT_FRR_USER)
+ USE_FRR_GROUP=$(WANT_FRR_USER)
+endif
+
+ifndef WANT_FRR_VTY_GROUP
+ USE_FRR_VTY_GROUP=--enable-vty-group=frrvty
+else
+ USE_FRR_VTY_GROUP=--enable-vty-group=$(WANT_FRR_VTY_GROUP)
+endif
+
+ifneq ($(WANT_MULTIPATH), 0)
+ ifdef MULTIPATH
+ USE_MULTIPATH=--enable-multipath=$(MULTIPATH)
+ else
+ USE_MULTIPATH=--enable-multipath=256
+ endif
+else
+ USE_MULTIPATH=--disable-multipath
+endif
+
+ifeq ($(WANT_CUMULUS_NODE), 1)
+ USE_CUMULUS=--enable-cumulus=yes
+else
+ USE_CUMULUS=--enable-cumulus=no
+endif
+
+ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+ DEBIAN_JOBS := $(subst parallel=,,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+endif
+
+ifdef DEBIAN_JOBS
+MAKEFLAGS += -j$(DEBIAN_JOBS)
+endif
+
+%:
+ dh $@ --with=autoreconf --parallel --dbg-package=frr-dbg --list-missing
+
+override_dh_auto_configure:
+ # Frr needs /proc to check some BSD vs Linux specific stuff.
+ # Else it fails with an obscure error message pointing out that
+ # IPCTL_FORWARDING is an undefined symbol which is not very helpful.
+ @if ! [ -d /proc/1 ]; then \
+ echo "./configure needs a mounted /proc"; \
+ exit 1; \
+ fi
+
+ if ! [ -e config.status ]; then \
+ dh_auto_configure -- \
+ --enable-exampledir=/usr/share/doc/frr/examples/ \
+ --localstatedir=/var/run/frr \
+ --sbindir=/usr/lib/frr \
+ --sysconfdir=/etc/frr \
+ $(USE_SNMP) \
+ $(USE_OSPFAPI) \
+ $(USE_MULTIPATH) \
+ $(USE_LDP) \
+ $(USE_TCP_ZEBRA) \
+ --enable-fpm \
+ $(USE_FRR_USER) $(USE_FRR_GROUP) \
+ $(USE_FRR_VTY_GROUP) \
+ --enable-configfile-mask=0640 \
+ --enable-logfile-mask=0640 \
+ --with-libpam \
+ --enable-systemd=no \
+ --enable-poll=yes \
+ $(USE_CUMULUS) \
+ $(USE_PIM) \
+ --enable-dependency-tracking \
+ $(USE_BGP_VNC) \
+ $(shell dpkg-buildflags --export=configure); \
+ fi
+
+override_dh_auto_build:
+ #dh_auto_build
+ $(MAKE)
+ dh_auto_build -- -C doc draft-zebra-00.txt
+
+
+ # doc/ is a bit crazy
+ifeq ($(GENERATE_PDF), 1)
+ dh_auto_build -- -C doc frr.pdf || true # pdfetex fails with exit code 1 but still produces a good looking .pdf
+endif
+ rm -vf doc/frr.info
+ dh_auto_build -- -C doc frr.info
+ rm -vf doc/frr.info.html*
+
+override_dh_auto_test:
+
+override_dh_auto_install:
+ dh_auto_install
+
+ # installed in frr-pythontools
+ rm debian/tmp/usr/lib/frr/frr-reload.py
+
+ # cleaning up the info dir
+ rm -f debian/tmp/usr/share/info/dir*
+
+ # install config files
+ mkdir -p debian/tmp/etc/frr/
+ perl -pi -e 's#^!log file #!log file /var/log/frr/#' debian/tmp/usr/share/doc/frr/examples/*sample*
+
+ # installing the Frr specific SNMP MIB
+ install -D -m 644 ./zebra/GNOME-PRODUCT-ZEBRA-MIB debian/tmp/usr/share/snmp/mibs/GNOME-PRODUCT-ZEBRA-MIB
+
+ # cleaning .la files
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/*.la
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/frr/modules/*.la
+
+override_dh_systemd_start:
+ dh_systemd_start frr.service
+
+override_dh_systemd_enable:
+ dh_systemd_enable frr.service
+
--- /dev/null
+3.0 (quilt)
--- /dev/null
+-1~ubuntu14.04+1
--- /dev/null
+3.0 (quilt)
--- /dev/null
+-1~ubuntu16.04+1
--- /dev/null
+frr (@VERSION@) RELEASED; urgency=medium
+
+ * New Enabled: PIM draft Unnumbered
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Wed, 18 Oct 2017 17:01:42 -0700
+
+frr (3.0-1) RELEASED; urgency=medium
+
+ * Added Debian 9 Backport
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 16 Oct 2017 03:28:00 -0700
+
+frr (3.0-0) RELEASED; urgency=medium
+
+ * New Enabled: BGP Shutdown Message
+ * New Enabled: BGP Large Community
+ * New Enabled: BGP RFC 7432 Partial Support w/ Ethernet VPN
+ * New Enabled: BGP EVPN RT-5
+ * New Enabled: LDP RFC 5561
+ * New Enabled: LDP RFC 5918
+ * New Enabled: LDP RFC 5919
+ * New Enabled: LDP RFC 6667
+ * New Enabled: LDP RFC 7473
+ * New Enabled: OSPF RFC 4552
+ * New Enabled: ISIS SPF Backoff draft
+ * New Enabled: PIM Unnumbered Interfaces
+ * New Enabled: PIM RFC 4611
+ * New Enabled: PIM Sparse Mode
+ * New Enabled: NHRP RFC 2332
+ * New Enabled: Label Manager
+ * Switched from hardening-wrapper to dpkg-buildflags.
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Fri, 13 Oct 2017 16:17:26 -0700
+
+frr (2.0-0) RELEASED; urgency=medium
+
+ * Switchover to FRR
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 23 Jan 2017 16:30:22 -0400
+
+quagga (0.99.24+cl3u5) RELEASED; urgency=medium
+
+ * Closes: CM-12846 - Resolve Memory leaks in 'show ip bgp neighbor json'
+ * Closes: CM-5878 - Display all ospf peers with 'show ip ospf neighbor detail all'
+ * Closes: CM-5794 - Add support for IPv6 static to null0
+ * Closes: CM-13060 - Reduce JSON memory usage.
+ * Closes: CM-10394 - protect 'could not get instance' error messages with debug
+ * Closes: CM-11173 - Move netlink error messages undeer a debug
+ * Closes: CM-13328 - Fixes route missing in hardware after reboot
+
+ -- dev-support <dev-support@cumulusnetworks.com> Fri, 11 Nov 2016 22:13:29 -0400
+
+quagga (0.99.24+cl3u4) RELEASED; urgency=medium
+
+ * Closes: CM-12687 - Buffer overflow in zebra RA code
+
+ -- dev-support <dev-support@cumulusnetworks.com> Wed, 31 Aug 2016 12:36:10 -0400
+
+quagga (0.99.24+cl3u3) RELEASED; urgency=medium
+
+ * New Enabled: Merge up-to 0.99.24 code from upstream
+ * New Enabled: Additional CLI simplification
+ * New Enabled: Various Bug Fixes
+
+ -- dev-support <dev-support@cumulusnetworks.com> Thu, 04 Aug 2016 08:43:36 -0700
+
+quagga (0.99.23.1-1+cl3u2) RELEASED; urgency=medium
+
+ * New Enabled: VRF - See Documentation for how to use
+ * New Enabled: Improved interface statistics
+ * New Enabled: Various vtysh improvements
+ * New Enabled: Numerous compile warnings and SA fixes
+ * New Enabled: Improved priviledge handlingA
+ * New Enabled: Various OSPF CLI fixes
+ * New Enabled: Prefix-list Performance Improvements.
+ * New Enabled: Allow more than 1k peers in Quagga
+ and Performance Improvements
+ * New Enabled: Systemd integration
+ * New Enabled: Various ISIS fixes
+ * New Enabled: BGP MRT improvements
+ * New Enabled: Lowered default MRAI timers
+ * New Enabled: Lowered default 'timers connect'
+ * New Enabled: 'bgp log-neighbor-changes' enabled by default
+ * New Enabled: BGP default keepalive to 3s and holdtime to 9s
+ * New Enabled: OSPF spf timers are now '0 50 5000' by default
+ * New Enabled: BGP hostname is displayed by default
+ * New Enabled: BGP 'no-as-set' is the default for
+ 'bgp as-path multipath-relax"
+ * New Enabled: RA is on by default if using 5549 on an interface
+ * New Enabled: peer-group restrictions relaxed, update-groups determine
+ outbund policy anyway
+ * New Enabled: BGP enabled 'maximum-paths 64' by default
+ * New Enabled: OSPF "log-adjacency-changes" on by default
+ * New Enabled: Zebra: Add IPv6 protocol filtering support
+ * and setting src of IPv6 routes.
+ * New Enabled: BGP and OSPF JSON commands added.
+ * New Enabled: BGP Enable multiple instances support by default
+ * New Enabled: 'banner motd file' command
+ * New Enabled: Remove bad default passwords from default conf
+ * New Enabled: BGP addpath TX
+ * New Enabled: Simplified configuration for BGP Unnumbered
+
+ * New Deprecated: Remove unused 'show memory XXX' functionality
+ * New Deprecated: Remove babel protocol
+
+ * Closes: CM-10435 Addition on hidden command
+ "bfd multihop/singlehop" and "ptm-enable" per interface command
+ * Closes: CM-9974 Get route counts right for show ip route summary
+ * Closes: CM-9786 BGP memory leak in peer hostname
+ * Closes: CM-9340 BGP: Ensure correct sequence of processing at exit
+ * Closes: CM-9270 ripd: Fix crash when a default route is passed to rip
+ * Closes: CM-9255 BGPD crash around bgp_config_write ()
+ * Closes: CM-9134 ospf6d: Fix for crash when non area 0 network
+ entered first
+ * Closes: CM-8934 OSPFv3: Check area before scheduling SPF
+ * Closes: CM-8514 zebra: Crash upon disabling a link
+ * Closes: CM-8295 BGP crash in group_announce_route_walkcb
+ * Closes: CM-8191 BGP: crash in update_subgroup_merge()
+ * Closes: CM-8015 lib: Memory reporting fails over 2GB
+ * Closes: CM-7926 BGP: crash from not NULLing freed pointers
+
+ -- dev-support <dev-support@cumulusnetworks.com> Wed, 04 May 2016 16:22:52 -0700
+
+quagga (0.99.23.1-1) unstable; urgency=medium
+
+ * New upstream release
+ * Added .png figures for info files to quagga-doc package.
+ * Changed dependency from iproute to iproute2 (thanks to Andreas
+ Henriksson). Closes: #753736
+ * Added texlive-fonts-recommended to build-depends to get ecrm1095 font
+ (thanks to Christoph Biedl). Closes: #651545
+
+ -- Christian Brunotte <ch@debian.org> Tue, 30 Sep 2014 00:20:12 +0200
+
+quagga (0.99.23-1) unstable; urgency=low
+
+ * New upstream release
+ * Removed debian/patches/readline-6.3.diff which was already in upstream.
+
+ -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2014 09:15:48 +0200
+
+quagga (0.99.22.4-4) unstable; urgency=medium
+
+ * Fix build failure with readline-6.3 (thanks to Matthias Klose).
+ Closes: #741774
+
+ -- Christian Hammers <ch@debian.org> Sun, 23 Mar 2014 15:28:42 +0100
+
+quagga (0.99.22.4-3) unstable; urgency=low
+
+ * Added status to init script (thanks to Peter J. Holzer). Closes: #730625
+ * Init script now sources /lib/lsb/init-functions.
+ * Switched from hardening-wrapper to dpkg-buildflags.
+
+ -- Christian Hammers <ch@debian.org> Wed, 01 Jan 2014 19:12:01 +0100
+
+quagga (0.99.22.4-2) unstable; urgency=low
+
+ * Fixed typo in package description (thanks to Davide Prina).
+ Closes: #625860
+ * Added Italian Debconf translation (thanks to Beatrice Torracca)
+ Closes: #729798
+
+ -- Christian Hammers <ch@debian.org> Tue, 26 Nov 2013 00:47:11 +0100
+
+quagga (0.99.22.4-1) unstable; urgency=high
+
+ * SECURITY:
+ "ospfd: CVE-2013-2236, stack overrun in apiserver
+
+ the OSPF API-server (exporting the LSDB and allowing announcement of
+ Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads
+ to an exploitable stack overflow.
+
+ For this condition to occur, the following two conditions must be true:
+ - Quagga is configured with --enable-opaque-lsa
+ - ospfd is started with the "-a" command line option
+
+ If either of these does not hold, the relevant code is not executed and
+ the issue does not get triggered."
+ Closes: #726724
+
+ * New upstream release
+ - ospfd: protect vs. VU#229804 (malformed Router-LSA)
+ (Quagga is said to be non-vulnerable but still adds some protection)
+
+ -- Christian Hammers <ch@debian.org> Thu, 24 Oct 2013 22:58:37 +0200
+
+quagga (0.99.22.1-2) unstable; urgency=low
+
+ * Added autopkgtests (thanks to Yolanda Robla). Closes: #710147
+ * Added "status" command to init script (thanks to James Andrewartha).
+ Closes: #690013
+ * Added "libsnmp-dev" to Build-Deps. There not needed for the official
+ builds but for people who compile Quagga themselves to activate the
+ SNMP feature (which for licence reasons cannot be done by Debian).
+ Thanks to Ben Winslow). Closes: #694852
+ * Changed watchquagga_options to an array so that quotes can finally
+ be used as expected. Closes: #681088
+ * Fixed bug that prevented restarting only the watchquagga daemon
+ (thanks to Harald Kappe). Closes: #687124
+
+ -- Christian Hammers <ch@debian.org> Sat, 27 Jul 2013 16:06:25 +0200
+
+quagga (0.99.22.1-1) unstable; urgency=low
+
+ * New upstream release
+ - ospfd restore nexthop IP for p2p interfaces
+ - ospfd: fix LSA initialization for build without opaque LSA
+ - ripd: correctly redistribute ifindex routes (BZ#664)
+ - bgpd: fix lost passwords of grouped neighbors
+ * Removed 91_ld_as_needed.diff as it was found in the upstream source.
+
+ -- Christian Hammers <ch@debian.org> Mon, 22 Apr 2013 22:21:20 +0200
+
+quagga (0.99.22-1) unstable; urgency=low
+
+ * New upstream release.
+ - [bgpd] The semantics of default-originate route-map have changed.
+ The route-map is now used to advertise the default route conditionally.
+ The old behaviour which allowed to set attributes on the originated
+ default route is no longer supported.
+ - [bgpd] this version of bgpd implements draft-idr-error-handling. This was
+ added in 0.99.21 and may not be desirable. If you need a version
+ without this behaviour, please use 0.99.20.1. There will be a
+ runtime configuration switch for this in future versions.
+ - [isisd] is in "beta" state.
+ - [ospf6d] is in "alpha/experimental" state
+ - More changes are documented in the upstream changelog!
+ * debian/watch: Adjusted to new savannah.gnu.org site, thanks to Bart
+ Martens.
+ * debian/patches/99_CVE-2012-1820_bgp_capability_orf.diff removed as its
+ in the changelog.
+ * debian/patches/99_distribute_list.diff removed as its in the changelog.
+ * debian/patches/10_doc__Makefiles__makeinfo-force.diff removed as it
+ was just for Debian woody.
+
+ -- Christian Hammers <ch@debian.org> Thu, 14 Feb 2013 00:22:00 +0100
+
+quagga (0.99.21-4) unstable; urgency=medium
+
+ * Fixed regression bug that caused OSPF "distribute-list" statements to be
+ silently ignored. The patch has already been applied upstream but there
+ has been no new Quagga release since then.
+ Thanks to Hans van Kranenburg for reporting. Closes: #697240
+
+ -- Christian Hammers <ch@debian.org> Sun, 06 Jan 2013 15:50:32 +0100
+
+quagga (0.99.21-3) unstable; urgency=high
+
+ * SECURITY:
+ CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling.
+ A denial-of-service condition could be caused by an attacker controlling
+ one of the pre-configured BGP peers. In most cases this means, that the
+ attack must be originated from an adjacent network. Closes: #676510
+
+ -- Christian Hammers <ch@debian.org> Fri, 08 Jun 2012 01:15:32 +0200
+
+quagga (0.99.21-2) unstable; urgency=low
+
+ * Renamed babeld.8 to quagga-babeld.8 as it conflicted with the
+ original mapage of the babeld package which users might want to
+ install in parallel as it is slightly more capable. Closes: #671916
+
+ -- Christian Hammers <ch@debian.org> Thu, 10 May 2012 07:53:01 +0200
+
+quagga (0.99.21-1) unstable; urgency=low
+
+ * New upstream release
+ - [bgpd] BGP multipath support has been merged
+ - [bgpd] SAFI (Multicast topology) support has been extended to propagate
+ the topology to zebra.
+ - [bgpd] AS path limit functionality has been removed
+ - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing
+ protocol has been merged.
+ - [isisd] a major overhaul has been picked up. Please note that isisd is
+ STILL NOT SUITABLE FOR PRODUCTION USE.
+ - a lot of bugs have been fixed
+ * Added watchquagga daemon.
+ * Added DEP-3 conforming patch comments.
+
+ -- Christian Hammers <ch@debian.org> Sun, 06 May 2012 15:33:33 +0200
+
+quagga (0.99.20.1-1) unstable; urgency=high
+
+ * SECURITY:
+ CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet
+ CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data
+ CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message
+ * New upstream release. Closes: #664033
+
+ -- Christian Hammers <ch@debian.org> Fri, 16 Mar 2012 22:14:05 +0100
+
+quagga (0.99.20-4) unstable; urgency=low
+
+ * Switch to dpkg-source 3.0 (quilt) format.
+ * Switch to changelog-format-1.0.
+
+ -- Christian Hammers <ch@debian.org> Sat, 25 Feb 2012 18:52:06 +0100
+
+quagga (0.99.20-3) unstable; urgency=low
+
+ * Added --sysconfdir back to the configure options (thanks to Sven-Haegar
+ Koch). Closes: #645649
+
+ -- Christian Hammers <ch@debian.org> Tue, 18 Oct 2011 00:24:37 +0200
+
+quagga (0.99.20-2) unstable; urgency=low
+
+ * Bumped standards version to 0.9.2.
+ * Migrated to "dh" build system.
+ * Added quagga-dbg package.
+
+ -- Christian Hammers <ch@debian.org> Fri, 14 Oct 2011 23:59:26 +0200
+
+quagga (0.99.20-1) unstable; urgency=low
+
+ * New upstream release:
+ "The primary focus of this release is a fix of SEGV regression in ospfd,
+ which was introduced in 0.99.19. It also features a series of minor
+ improvements, including better RFC compliance in bgpd, better support
+ of FreeBSD and some enhancements to isisd."
+ * Fixes off-by-one bug (removed 20_ospf6_area_argv.dpatch). Closes: #519488
+
+ -- Christian Hammers <ch@debian.org> Fri, 30 Sep 2011 00:59:24 +0200
+
+quagga (0.99.19-1) unstable; urgency=high
+
+ * SECURITY:
+ "This release provides security fixes, which address assorted
+ vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323,
+ CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327).
+ * New upstream release.
+ * Removed incorporated debian/patches/92_opaque_lsa_enable.dpatch.
+ * Removed incorporated debian/patches/93_opaque_lsa_fix.dpatch.
+ * Removed obsolete debian/README.Debian.Woody and README.Debian.MD5.
+
+ -- Christian Hammers <ch@debian.org> Tue, 27 Sep 2011 00:16:27 +0200
+
+quagga (0.99.18-1) unstable; urgency=low
+
+ * SECURITY:
+ "This release fixes 2 denial of services in bgpd, which can be remotely
+ triggered by malformed AS-Pathlimit or Extended-Community attributes.
+ These issues have been assigned CVE-2010-1674 and CVE-2010-1675.
+ Support for AS-Pathlimit has been removed with this release."
+ * Added Brazilian Portuguese debconf translation. Closes: #617735
+ * Changed section for quagga-doc from "doc" to "net".
+ * Added patch to fix FTBFS with latest GCC. Closes: #614459
+
+ -- Christian Hammers <ch@debian.org> Tue, 22 Mar 2011 23:13:34 +0100
+
+quagga (0.99.17-4) unstable; urgency=low
+
+ * Added comment to init script (thanks to Marc Haber). Closes: #599524
+
+ -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:53:29 +0100
+
+quagga (0.99.17-3) unstable; urgency=low
+
+ * Fix FTBFS with ld --as-needed (thanks to Matthias Klose at Ubuntu).
+ Closes: #609555
+
+ -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:27:06 +0100
+
+quagga (0.99.17-2) unstable; urgency=low
+
+ * Added Danisch Debconf translation (thanks to Joe Dalton). Closes: #596259
+
+ -- Christian Hammers <ch@debian.org> Sat, 18 Sep 2010 12:20:07 +0200
+
+quagga (0.99.17-1) unstable; urgency=high
+
+ * SECURITY:
+ "This release provides two important bugfixes, which address remote crash
+ possibility in bgpd discovered by CROSS team.":
+ 1. Stack buffer overflow by processing certain Route-Refresh messages
+ CVE-2010-2948
+ 2. DoS (crash) while processing certain BGP update AS path messages
+ CVE-2010-2949
+ Closes: #594262
+
+ -- Christian Hammers <ch@debian.org> Wed, 25 Aug 2010 00:52:48 +0200
+
+quagga (0.99.16-1) unstable; urgency=low
+
+ * New upstream release. Closes: #574527
+ * Added chrpath to debian/rules to fix rpath problems that lintian spottet.
+
+ -- Christian Hammers <ch@debian.org> Sun, 21 Mar 2010 17:05:40 +0100
+
+quagga (0.99.15-2) unstable; urgency=low
+
+ * Applied patch for off-by-one bug in ospf6d that caused a segmentation
+ fault when using the "area a.b.c.d filter-list prefix" command (thanks
+ to Steinar H. Gunderson). Closes: 519488
+
+ -- Christian Hammers <ch@debian.org> Sun, 14 Feb 2010 20:02:03 +0100
+
+quagga (0.99.15-1) unstable; urgency=low
+
+ * New upstream release
+ "This fixes some annoying little ospfd and ospf6d regressions, which made
+ 0.99.14 a bit of a problem release (...) This release still contains a
+ regression in the "no ip address ..." command, at least on Linux.
+ See bug #486, which contains a workaround patch. This release should be
+ considered a 1.0.0 release candidate. Please test this release as widely
+ as possible."
+ * Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst).
+ Closes: #517860
+ * Added Russian Debconf tanslation (thanks to Yuri Kozlov).
+ Closes: #539464
+ * Removed so-version in build-dep to libreadline-dev on request of
+ Matthias Klose.
+ * Added README.source with reference to dpatch as suggested by lintian.
+ * Bumped standards versionto 3.8.3.
+
+ -- Christian Hammers <ch@debian.org> Sun, 13 Sep 2009 18:12:06 +0200
+
+quagga (0.99.14-1) unstable; urgency=low
+
+ * New upstream release
+ "This release contains a regression fix for ospf6d, various small fixes
+ and some hopefully very significant bgpd stability fixes.
+ This release should be considered a 1.0.0 release candidate. Please test
+ this release as widely as possible."
+ * Fixes bug with premature LSA aging in ospf6d. Closes: #535030
+ * Fixes section number in zebra.8 manpage. Closes: #517860
+
+ -- Christian Hammers <ch@debian.org> Sat, 25 Jul 2009 00:40:38 +0200
+
+quagga (0.99.13-2) unstable; urgency=low
+
+ * Added Japanese Debconf translation (thanks to Hideki Yamane).
+ Closes: #510714
+ * When checking for obsoleted config options in preinst, print filename
+ where it occures (thanks to Michael Bussmann). Closes: #339489
+
+ -- Christian Hammers <ch@debian.org> Sun, 19 Jul 2009 17:13:23 +0200
+
+quagga (0.99.13-1) unstable; urgency=low
+
+ * New upstream release
+ "This release is contains a number of small fixes, for potentially
+ irritating issues, as well as small enhancements to vtysh and support
+ for linking to PCRE (a much faster regex library)."
+ * Added build-dep to gawk as configure required it for memtypes.awk
+ * Replaced build-dep to gs-gpl with ghostscript as requested by lintian
+ * Minor changes to copyright and control files to make lintian happy.
+
+ -- Christian Hammers <ch@debian.org> Wed, 24 Jun 2009 17:53:28 +0200
+
+quagga (0.99.12-1) unstable; urgency=high
+
+ * New upstream release
+ "This release fixes an urgent bug in bgpd where it could hit an assert
+ if it received a long AS_PATH with a 4-byte ASN." Noteworthy bugfixes:
+ + [bgpd] Fix bgp ipv4/ipv6 accept handling
+ + [bgpd] AS4 bugfix by Chris Caputo
+ + [bgpd] Allow accepted peers to progress even if realpeer is in Connect
+ + [ospfd] Switch Fletcher checksum back to old ospfd version
+
+ -- Christian Hammers <ch@debian.org> Mon, 22 Jun 2009 00:16:33 +0200
+
+quagga (0.99.11-1) unstable; urgency=low
+
+ * New upstream release
+ "Most regressions in 0.99 over 0.98 are now believed to be fixed. This
+ release should be considered a release-candidate for a new stable series."
+ + bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged
+ + zebra: ignore dead routes in RIB update
+ + [ospfd] Default route needs to be refreshed after neighbour state change
+ + [zebra:netlink] Set proto/scope on all route update messages
+ * Removed debian/patches/20_*bgp*md5*.dpatch due to upstream support.
+
+ -- Christian Hammers <ch@debian.org> Thu, 09 Oct 2008 22:56:38 +0200
+
+quagga (0.99.10-1) unstable; urgency=medium
+
+ * New upstream release
+ + bgpd: 4-Byte AS Number support
+ + Sessions were incorrectly reset if a partial AS-Pathlimit attribute
+ was received.
+ + Advertisement of Multi-Protocol prefixes (i.e. non-IPv4) had been
+ broken in the 0.99.9 release. Closes: #467656
+
+ -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2008 23:32:42 +0200
+
+quagga (0.99.9-6) unstable; urgency=low
+
+ * Fixed FTBFS by adding a build-dep to libpcre3-dev (thanks to Luk Claes).
+ Closes: #469891
+
+ -- Christian Hammers <ch@debian.org> Sat, 12 Apr 2008 12:53:51 +0200
+
+quagga (0.99.9-5) unstable; urgency=low
+
+ * C.J. Adams-Collier and Paul Jakma suggested to build against libpcre3
+ which is supposed to be faster.
+
+ -- Christian Hammers <ch@debian.org> Sun, 02 Mar 2008 13:19:42 +0100
+
+quagga (0.99.9-4) unstable; urgency=low
+
+ * Added hardening-wrapper to the build-deps (thanks to Moritz Muehlenhoff).
+
+ -- Christian Hammers <ch@debian.org> Tue, 29 Jan 2008 22:33:56 +0100
+
+quagga (0.99.9-3) unstable; urgency=low
+
+ * Replaced the BGP patch by a new one so that the package builds again
+ with kernels above 2.6.21!
+ * debian/control:
+ + Moved quagga-doc to section doc to make lintian happy.
+ * Added Spanish debconf translation (thanks to Carlos Galisteo de Cabo).
+ Closes: #428574
+ * debian/control: (thanks to Marco Rodrigues)
+ + Bump Standards-Version to 3.7.3 (no changes needed).
+ + Add Homepage field.
+
+ -- Christian Hammers <ch@debian.org> Mon, 28 Jan 2008 22:29:18 +0100
+
+quagga (0.99.9-2.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * debian/rules: fixed bashisms. (Closes: #459122)
+
+ -- Miguel Angel Ruiz Manzano <debianized@gmail.com> Tue, 22 Jan 2008 14:37:21 -0300
+
+quagga (0.99.9-2) unstable; urgency=low
+
+ * Added CVE id for the security bug to the last changelog entry.
+ Closes: 442133
+
+ -- Christian Hammers <ch@debian.org> Tue, 25 Sep 2007 22:01:31 +0200
+
+quagga (0.99.9-1) unstable; urgency=high
+
+ * SECURITY:
+ "This release fixes two potential DoS conditions in bgpd, reported by Mu
+ Security, where a bgpd could be crashed if a peer sent a malformed OPEN
+ message or a malformed COMMUNITY attribute. Only configured peers can do
+ this, hence we consider these issues to be very low impact." CVE-2007-4826
+
+ -- Christian Hammers <ch@debian.org> Wed, 12 Sep 2007 21:12:41 +0200
+
+quagga (0.99.8-1) unstable; urgency=low
+
+ * New upstream version.
+
+ -- Christian Hammers <ch@debian.org> Fri, 17 Aug 2007 00:07:04 +0200
+
+quagga (0.99.7-3) unstable; urgency=medium
+
+ * Applied patch for FTBFS with linux-libc-dev (thanks to Andrew J. Schorr
+ and Lucas Nussbaum). Closes: #429003
+
+ -- Christian Hammers <ch@debian.org> Fri, 22 Jun 2007 21:34:55 +0200
+
+quagga (0.99.7-2) unstable; urgency=low
+
+ * Added Florian Weimar as co-maintainer. Closes: 421977
+ * Added Dutch debconf translation (thanks to Bart Cornelis).
+ Closes: #420932
+ * Added Portuguese debconf translation (thanks to Rui Branco).
+ Closes: #421185
+ * Improved package description (thanks to Reuben Thomas).
+ Closes: #418933
+ * Added CVE Id to 0.99.6-5 changelog entry.
+
+ -- Christian Hammers <ch@debian.org> Wed, 02 May 2007 20:27:12 +0200
+
+quagga (0.99.7-1) unstable; urgency=low
+
+ * New upstream release. Closes: #421553
+
+ -- Christian Hammers <ch@debian.org> Mon, 30 Apr 2007 14:22:34 +0200
+
+quagga (0.99.6-6) unstable; urgency=medium
+
+ * Fixes FTBFS with tetex-live. Closes: #420468
+
+ -- Christian Hammers <ch@debian.org> Mon, 23 Apr 2007 21:34:13 +0200
+
+quagga (0.99.6-5) unstable; urgency=high
+
+ * SECURITY:
+ The bgpd daemon was vulnerable to a Denial-of-Service. Configured peers
+ could cause a Quagga bgpd to, typically, assert() and abort. The DoS
+ could be triggered by peers by sending an UPDATE message with a crafted,
+ malformed Multi-Protocol reachable/unreachable NLRI attribute.
+ This is CVE-2007-1995 and Quagga Bug#354. Closes: #418323
+
+ -- Christian Hammers <ch@debian.org> Thu, 12 Apr 2007 23:21:58 +0200
+
+quagga (0.99.6-4) unstable; urgency=low
+
+ * Improved note in README.Debian for SNMP self-builders (thanks to Matthias
+ Wamser). Closes: #414788
+
+ -- Christian Hammers <ch@debian.org> Wed, 14 Mar 2007 02:18:57 +0100
+
+quagga (0.99.6-3) unstable; urgency=low
+
+ * Updated German Debconf translation (thanks to Matthias Julius).
+ Closes: #409327
+
+ -- Christian Hammers <ch@debian.org> Sat, 10 Feb 2007 15:06:16 +0100
+
+quagga (0.99.6-2) unstable; urgency=low
+
+ * Updated config.guess/config.sub as suggested by lintian.
+ * Corrected README.Debian text regarding the WANT_SNMP flag.
+
+ -- Christian Hammers <ch@debian.org> Sun, 17 Dec 2006 01:45:37 +0100
+
+quagga (0.99.6-1) unstable; urgency=low
+
+ * New upstream release. Closes: #402361
+
+ -- Christian Hammers <ch@debian.org> Mon, 11 Dec 2006 00:28:09 +0100
+
+quagga (0.99.5-5) unstable; urgency=high
+
+ * Changed Depends on adduser to Pre-Depends to avoid uninstallability
+ in certain cases (thanks to Steve Langasek, Lucas Nussbaum).
+ Closes: #398562
+
+ -- Christian Hammers <ch@debian.org> Wed, 15 Nov 2006 17:46:34 +0100
+
+quagga (0.99.5-4) unstable; urgency=low
+
+ * Added default PAM file and some explanations regarding PAM authentication
+ of vtysh which could prevent the start at boot-time when used wrong.
+ Now PAM permits anybody to access the vtysh tool (a malicious user could
+ build his own vtysh without PAM anyway) and the access is controled by
+ the read/write permissions of the vtysh socket which are only granted to
+ users belonging to the quaggavty group (thanks to Wakko Warner).
+ Closes: #389496
+ * Added "case" to prerm script so that the Debconf question is not called a
+ second time in e.g. "new-prerm abort-upgrade" after being NACKed in the
+ old-prerm.
+
+ -- Christian Hammers <ch@debian.org> Fri, 3 Nov 2006 01:22:15 +0100
+
+quagga (0.99.5-3) unstable; urgency=medium
+
+ * Backport CVS fix for an OSPF DD Exchange regression (thanks to Matt
+ Brown). Closes: #391040
+
+ -- Christian Hammers <ch@debian.org> Wed, 25 Oct 2006 19:47:11 +0200
+
+quagga (0.99.5-2) unstable; urgency=medium
+
+ * Added LSB info section to initscript.
+ * Removed unnecessary depends to libncurses5 to make checklib happy.
+ The one to libcap should remain though as it is just temporarily
+ unused.
+
+ -- Christian Hammers <ch@debian.org> Thu, 21 Sep 2006 00:04:07 +0200
+
+quagga (0.99.5-1) unstable; urgency=low
+
+ * New upstream release. Closes: #38704
+ * Upstream fixes ospfd documentary inconsistency. Closes: #347897
+ * Changed debconf question in prerm to "high" (thanks to Rafal Pietrak).
+
+ -- Christian Hammers <ch@debian.org> Mon, 11 Sep 2006 23:43:42 +0200
+
+quagga (0.99.4-4) unstable; urgency=low
+
+ * Recreate /var/run if not present because /var is e.g. on a tmpfs
+ filesystem (thanks to Martin Pitt). Closes: #376142
+ * Removed nonexistant option from ospfd.8 manpage (thanks to
+ David Medberry). Closes: 378274
+
+ -- Christian Hammers <ch@debian.org> Sat, 15 Jul 2006 20:22:12 +0200
+
+quagga (0.99.4-3) unstable; urgency=low
+
+ * Removed invalid semicolon from rules file (thanks to Philippe Gramoulle).
+
+ -- Christian Hammers <ch@debian.org> Tue, 27 Jun 2006 23:36:07 +0200
+
+quagga (0.99.4-2) unstable; urgency=high
+
+ * Set urgency to high as 0.99.4-1 fixes a security problem!
+ * Fixed building of the info file.
+
+ -- Christian Hammers <ch@debian.org> Sun, 14 May 2006 23:04:28 +0200
+
+quagga (0.99.4-1) unstable; urgency=low
+
+ * New upstream release to fix a security problem in the telnet interface
+ of the BGP daemon which could be used for DoS attacks (CVE-2006-2276).
+ Closes: 366980
+
+ -- Christian Hammers <ch@debian.org> Sat, 13 May 2006 19:54:40 +0200
+
+quagga (0.99.3-3) unstable; urgency=low
+
+ * Added CVE numbers for the security patch in 0.99.3-2.
+
+ -- Christian Hammers <ch@debian.org> Sat, 6 May 2006 17:14:22 +0200
+
+quagga (0.99.3-2) unstable; urgency=high
+
+ * SECURITY:
+ Added security bugfix patch from upstream BTS for security problem
+ that could lead to injected routes when using RIPv1.
+ CVE-2006-2223 - missing configuration to disable RIPv1 or require
+ plaintext or MD5 authentication
+ CVE-2006-2224 - lack of enforcement of RIPv2 authentication requirements
+ Closes: #365940
+ * First amd64 upload.
+
+ -- Christian Hammers <ch@debian.org> Thu, 4 May 2006 00:22:09 +0200
+
+quagga (0.99.3-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Christian Hammers <ch@debian.org> Wed, 25 Jan 2006 13:37:27 +0100
+
+quagga (0.99.2-1) unstable; urgency=low
+
+ * New upstream release
+ Closes: #330248, #175553
+
+ -- Christian Hammers <ch@debian.org> Wed, 16 Nov 2005 00:25:52 +0100
+
+quagga (0.99.1-7) unstable; urgency=low
+
+ * Changed debian/rules check for mounted /proc directory to check
+ for /proc/1 as not all systems (e.g. 2.6 arm kernels) have
+ /proc/kcore which is a optional feature only (thanks to Lennert
+ Buytenhek). Closes: #335695
+ * Added Swedish Debconf translation (thanks to Daniel Nylander).
+ Closes: #331367
+
+ -- Christian Hammers <ch@debian.org> Thu, 27 Oct 2005 20:53:19 +0200
+
+quagga (0.99.1-6) unstable; urgency=low
+
+ * Fixed debconf dependency as requested by Joey Hess.
+
+ -- Christian Hammers <ch@debian.org> Mon, 26 Sep 2005 20:47:35 +0200
+
+quagga (0.99.1-5) unstable; urgency=low
+
+ * Rebuild with libreadline5-dev as build-dep as requested by
+ Matthias Klose. Closes: #326306
+ * Made initscript more fault tolerant against missing lines in
+ /etc/quagga/daemons (thanks to Ralf Hildebrandt). Closes: #323774
+ * Added dependency to adduser.
+
+ -- Christian Hammers <ch@debian.org> Tue, 13 Sep 2005 21:42:17 +0200
+
+quagga (0.99.1-4) unstable; urgency=low
+
+ * Added French Debconf translation (thanks to Mohammed Adnene Trojette).
+ Closes: #319324
+ * Added Czech Debconf translation (thanks to Miroslav Kure).
+ Closes: #318127
+
+ -- Christian Hammers <ch@debian.org> Sun, 31 Jul 2005 04:19:41 +0200
+
+quagga (0.99.1-3) unstable; urgency=low
+
+ * A Debconf question now asks the admin before upgrading if the daemon
+ should really be stopped as this could lead to the loss of network
+ connectivity or BGP flaps (thanks to Michael Horn and Achilleas Kotsis).
+ Also added a hint about setting Quagga "on hold" to README.Debian.
+ Closes: #315467
+ * Added patch to build on Linux/ARM.
+
+ -- Christian Hammers <ch@debian.org> Sun, 10 Jul 2005 22:19:38 +0200
+
+quagga (0.99.1-2) unstable; urgency=low
+
+ * Fixed SNMP enabled command in debian/rules (thanks to Christoph Kluenter).
+ Closes: #306840
+
+ -- Christian Hammers <ch@debian.org> Sat, 4 Jun 2005 14:04:01 +0200
+
+quagga (0.99.1-1) unstable; urgency=low
+
+ * New upstream version. Among others:
+ - BGP graceful restart and "match ip route-source" added
+ - support for interface renaming
+ - improved threading for better responsivness under load
+ * Switched to dpatch to make diffs cleaner.
+ * Made autoreconf unnecessary.
+ * Replaced quagga.dvi and quagga.ps by quagga.pdf in quagga-doc.
+ (the PostScript would have needed Makefile corrections and PDF
+ is more preferable anyway)
+ * Added isisd to the list of daemons in /etc/init.d/quagga (thanks
+ to Ernesto Elbe).
+ * Added hint for "netlink-listen: overrun" messages (thanks to
+ Hasso Tepper).
+ * Added preinst check that bails out if old smux options are in use
+ as Quagga would not start up else anyway (thanks to Bjorn Mork).
+ Closes: #308320
+
+ -- Christian Hammers <ch@debian.org> Fri, 13 May 2005 01:18:24 +0200
+
+quagga (0.98.3-7) unstable; urgency=high
+
+ * Removed SNMP support as linking against NetSNMP introduced a dependency
+ to OpenSSL which is not compatible to the GPL which governs this
+ application (thanks to Faidon Liambotis). See README.Debian for more
+ information. Closes: #306840
+ * Changed listening address of ospf6d and ripngd from 127.0.0.1 to "::1".
+ * Added build-dep to groff to let drafz-zebra-00.txt build correctly.
+
+ -- Christian Hammers <ch@debian.org> Wed, 4 May 2005 20:08:14 +0200
+
+quagga (0.98.3-6) testing-proposed-updates; urgency=high
+
+ * Removed "Recommends kernel-image-2.4" as aptitude then
+ installes a kernel-image for an arbitrary architecture as long
+ as it fullfill that recommendation which can obviously fatal
+ at the next reboot :) Also it is a violation of the policy
+ which mandates a reference to real packages (thanks to Holger Levsen).
+ Closes: #307281
+
+ -- Christian Hammers <ch@debian.org> Tue, 3 May 2005 22:53:39 +0200
+
+quagga (0.98.3-5) unstable; urgency=high
+
+ * The patch which tried to remove the OpenSSL dependency, which is
+ not only unneccessary but also a violation of the licence and thus RC,
+ stopped working a while ago, since autoreconf is no longer run before
+ building the binaries. So now ./configure is patched directly (thanks
+ to Faidon Liambotis for reporting). Closes: #306840
+ * Raised Debhelper compatibility level from 3 to 4. Nothing changed.
+ * Added build-dep to texinfo (>= 4.7) to ease work for www.backports.org.
+
+ -- Christian Hammers <ch@debian.org> Fri, 29 Apr 2005 02:31:03 +0200
+
+quagga (0.98.3-4) unstable; urgency=low
+
+ * Removed Debconf upgrade note as it was considered a Debconf abuse
+ and apart from that so obvious that it was not even worth to be
+ put into NEWS.Debian (thanks to Steve Langasek). Closes: #306384
+
+ -- Christian Hammers <ch@debian.org> Wed, 27 Apr 2005 00:10:24 +0200
+
+quagga (0.98.3-3) unstable; urgency=medium
+
+ * Adding the debconf module due to a lintian suggestion is a very
+ bad idea if no db_stop is called as the script hangs then (thanks
+ to Tore Anderson for reporting). Closes: #306324
+
+ -- Christian Hammers <ch@debian.org> Mon, 25 Apr 2005 21:55:58 +0200
+
+quagga (0.98.3-2) unstable; urgency=low
+
+ * Added debconf confmodule to postinst as lintian suggested.
+
+ -- Christian Hammers <ch@debian.org> Sun, 24 Apr 2005 13:16:00 +0200
+
+quagga (0.98.3-1) unstable; urgency=low
+
+ * New upstream release.
+ Mmost notably fixes last regression in bgpd (reannounce of prefixes
+ with changed attributes works again), race condition in netlink
+ handling while using IPv6, MTU changes handling in ospfd and several
+ crashes in ospfd, bgpd and ospf6d.
+
+ -- Christian Hammers <ch@debian.org> Mon, 4 Apr 2005 12:51:24 +0200
+
+quagga (0.98.2-2) unstable; urgency=low
+
+ * Added patch to let Quagga compile with gcc-4.0 (thanks to
+ Andreas Jochens). Closes: #300949
+
+ -- Christian Hammers <ch@debian.org> Fri, 25 Mar 2005 19:33:30 +0100
+
+quagga (0.98.2-1) unstable; urgency=medium
+
+ * Quoting the upstream announcement:
+ The 0.98.1 release unfortunately was a brown paper bag release with
+ respect to ospfd. [...] 0.98.2 has been released, with one crucial change
+ to fix the unfortunate mistake in 0.98.1, which caused problems if
+ ospfd became DR.
+ * Note: the upstream tarball had a strange problem, apparently redhat.spec
+ was twice in it? At least debuild gave a strange error message so I
+ unpacked it by hand. No changes were made to the .orig.tar.gz!
+
+ -- Christian Hammers <ch@debian.org> Fri, 4 Feb 2005 01:31:36 +0100
+
+quagga (0.98.1-1) unstable; urgency=medium
+
+ * New upstream version
+ "fixing a fatal OSPF + MD5 auth regression, and a non-fatal high-load
+ regression in bgpd which were present in the 0.98.0 release."
+ * Upstream version fixes bug in ospfd that could lead to crash when OSPF
+ packages had a MTU > 1500. Closes: #290566
+ * Added notice regarding capability kernel support to README.Debian
+ (thanks to Florian Weimer). Closes: #291509
+ * Changed permission setting in postinst script (thanks to Bastian Blank).
+ Closes: #292690
+
+ -- Christian Hammers <ch@debian.org> Tue, 1 Feb 2005 02:01:27 +0100
+
+quagga (0.98.0-3) unstable; urgency=low
+
+ * Fixed problem in init script. Closes: #290317
+ * Removed obsolete "smux peer enable" patch.
+
+ -- Christian Hammers <ch@debian.org> Fri, 14 Jan 2005 17:37:27 +0100
+
+quagga (0.98.0-2) unstable; urgency=low
+
+ * Updated broken TCP MD5 patch for BGP (thanks to John P. Looney
+ for telling me).
+
+ -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2005 02:03:54 +0100
+
+quagga (0.98.0-1) unstable; urgency=low
+
+ * New upstream release
+ * Added kernel-image-2.6 as alternative to 2.4 to the recommends
+ (thanks to Faidon Liambotis). Closes: #289530
+
+ -- Christian Hammers <ch@debian.org> Mon, 10 Jan 2005 19:36:17 +0100
+
+quagga (0.97.5-1) unstable; urgency=low
+
+ * New upstream version.
+ * Added Czech debconf translation (thanks to Miroslav Kure).
+ Closes: #287293
+ * Added Brazilian debconf translation (thanks to Andre Luis Lopes).
+ Closes: #279352
+
+ -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 23:49:57 +0100
+
+quagga (0.97.4-2) unstable; urgency=low
+
+ * Fixed quagga.info build problem.
+
+ -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 22:38:01 +0100
+
+quagga (0.97.4-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Christian Hammers <ch@debian.org> Tue, 4 Jan 2005 01:45:22 +0100
+
+quagga (0.97.3-2) unstable; urgency=low
+
+ * Included isisd in the daemon list.
+ * Wrote an isisd manpage.
+ * It is now ensured that zebra is always the last daemon to be stopped.
+ * (Thanks to Hasso Tepper for mailing me a long list of suggestions
+ which lead to this release)
+
+ -- Christian Hammers <ch@debian.org> Sat, 18 Dec 2004 13:14:55 +0100
+
+quagga (0.97.3-1) unstable; urgency=medium
+
+ * New upstream version.
+ - Fixes important OSPF bug.
+ * Added ht-20040911-smux.patch regarding Quagga bug #112.
+ * Updated ht-20041109-0.97.3-bgp-md5.patch for BGP with TCP MD5
+ (thanks to Matthias Wamser).
+
+ -- Christian Hammers <ch@debian.org> Tue, 9 Nov 2004 17:45:26 +0100
+
+quagga (0.97.2-4) unstable; urgency=low
+
+ * Added Portuguese debconf translation (thanks to Andre Luis Lopes).
+ Closes: #279352
+ * Disabled ospfapi server by default on recommendation of Paul Jakma.
+
+ -- Christian Hammers <ch@debian.org> Sun, 7 Nov 2004 15:07:05 +0100
+
+quagga (0.97.2-3) unstable; urgency=low
+
+ * Added Andrew Schorrs VTY Buffer patch from the [quagga-dev 1729].
+
+ -- Christian Hammers <ch@debian.org> Tue, 2 Nov 2004 00:46:56 +0100
+
+quagga (0.97.2-2) unstable; urgency=low
+
+ * Changed file and directory permissions and ownerships according to a
+ suggestion from Paul Jakma. Still not perfect though.
+ * Fixed upstream vtysh.conf.sample file.
+ * "ip ospf network broadcast" is now saved correctly. Closes: #244116
+ * Daemon options are now in /etc/quagga/debian.conf to be user
+ configurable (thanks to Simon Raven and Hasso Tepper). Closes: #266715
+
+ -- Christian Hammers <ch@debian.org> Tue, 26 Oct 2004 23:35:45 +0200
+
+quagga (0.97.2-1) unstable; urgency=low
+
+ * New upstream version.
+ Closes: #254541
+ * Fixed warning on unmodular kernels (thanks to Christoph Biedl).
+ Closes: #277973
+
+ -- Christian Hammers <ch@debian.org> Mon, 25 Oct 2004 00:47:04 +0200
+
+quagga (0.97.1-2) unstable; urgency=low
+
+ * Version 0.97 introduced shared libraries. They are now included.
+ (thanks to Raf D'Halleweyn). Closes: #277446
+
+ -- Christian Hammers <ch@debian.org> Wed, 20 Oct 2004 15:32:06 +0200
+
+quagga (0.97.1-1) unstable; urgency=low
+
+ * New upstream version.
+ * Removed some obsolete files from debian/patches.
+ * Added patch from upstream bug 113. Closes: #254541
+ * Added patch from upstream that fixes a compilation problem in the
+ ospfclient code (thanks to Hasso Tepper).
+ * Updated German debconf translation (thanks to Jens Nachtigall)
+ Closes: #277059
+
+ -- Christian Hammers <ch@debian.org> Mon, 18 Oct 2004 01:16:35 +0200
+
+quagga (0.96.5-11) unstable; urgency=low
+
+ * Fixed /tmp/buildd/* paths in binaries.
+ For some unknown reason the upstream Makefile modified a .h file at
+ the end of the "debian/rules build" target. During the following
+ "make install" one library got thus be re*compiled* - with /tmp/buildd
+ paths as sysconfdir (thanks to Peder Chr. Norgaard). Closes: #274050
+
+ -- Christian Hammers <ch@debian.org> Fri, 1 Oct 2004 01:21:02 +0200
+
+quagga (0.96.5-10) unstable; urgency=medium
+
+ * The BGP routing daemon might freeze on network disturbances when
+ their peer is also a Quagga/Zebra router.
+ Applied patch from http://bugzilla.quagga.net/show_bug.cgi?id=102
+ which has been confirmed by the upstream author.
+ (thanks to Gunther Stammwitz)
+ * Changed --enable-pam to --with-libpam (thanks to Hasso Tepper).
+ Closes: #264562
+ * Added patch for vtysh (thanks to Hasso Tepper). Closes: #215919
+
+ -- Christian Hammers <ch@debian.org> Mon, 9 Aug 2004 15:33:02 +0200
+
+quagga (0.96.5-9) unstable; urgency=low
+
+ * Rewrote the documentation chapter about SNMP support. Closes: #195653
+ * Added MPLS docs.
+
+ -- Christian Hammers <ch@debian.org> Thu, 29 Jul 2004 21:01:52 +0200
+
+quagga (0.96.5-8) unstable; urgency=low
+
+ * Adjusted a grep in the initscript to also match a modprobe message
+ from older modutils packages (thanks to Faidon Paravoid).
+
+ -- Christian Hammers <ch@debian.org> Wed, 28 Jul 2004 21:19:02 +0200
+
+quagga (0.96.5-7) unstable; urgency=low
+
+ * Added a "cd /etc/quagga/" to the init script as quagga tries to load
+ the config file first from the current working dir and then from the
+ config dir which could lead to confusion (thanks to Marco d'Itri).
+ Closes: #255078
+ * Removed warning regarding problems with the Debian kernels from
+ README.Debian as they are no longer valid (thanks to Raphael Hertzog).
+ Closes: #257580
+ * Added patch from Hasso Tepper that makes "terminal length 0" work
+ in vtysh (thanks to Matthias Wamser). Closes: #252579
+
+ -- Christian Hammers <ch@debian.org> Thu, 8 Jul 2004 21:53:21 +0200
+
+quagga (0.96.5-6) unstable; urgency=low
+
+ * Try to load the capability module as it is needed now.
+
+ -- Christian Hammers <ch@debian.org> Tue, 8 Jun 2004 23:25:29 +0200
+
+quagga (0.96.5-5) unstable; urgency=low
+
+ * Changed the homedir of the quagga user to /etc/quagga/ to allow
+ admins to put ~/.ssh/authorized_keys there (thanks to Matthias Wamser).
+ Closes: #252577
+
+ -- Christian Hammers <ch@debian.org> Sat, 5 Jun 2004 14:47:31 +0200
+
+quagga (0.96.5-4) unstable; urgency=medium
+
+ * Fixed rules file to use the renamed ./configure option --enable-tcp-md5
+ (thanks to Matthias Wamser). Closes: #252141
+
+ -- Christian Hammers <ch@debian.org> Tue, 1 Jun 2004 22:58:32 +0200
+
+quagga (0.96.5-3) unstable; urgency=low
+
+ * Provided default binary package name to all build depends that were
+ virtual packages (thanks to Goswin von Brederlow). Closes: #251625
+
+ -- Christian Hammers <ch@debian.org> Sat, 29 May 2004 22:48:53 +0200
+
+quagga (0.96.5-2) unstable; urgency=low
+
+ * New upstream version.
+ * New md5 patch version (thanks to Niklas Jakobsson and Hasso Tepper).
+ Closes: #250985
+ * Fixes info file generation (thanks to Peder Chr. Norgaard).
+ Closes: #250992
+ * Added catalan debconf translation (thanks to Aleix Badia i Bosch).
+ Closes: #250118
+ * PATCHES:
+ This release contains BGP4 MD5 support which requires a kernel patch
+ to work. See /usr/share/doc/quagga/README.Debian.MD5.
+ (The patch is ht-20040525-0.96.5-bgp-md5.patch from Hasso Tepper)
+
+ -- Christian Hammers <ch@debian.org> Thu, 27 May 2004 20:09:37 +0200
+
+quagga (0.96.5-1) unstable; urgency=low
+
+ * New upstream version.
+ * PATCHES:
+ This release contains BGP4 MD5 support which also requires a kernel patch.
+ See /usr/share/doc/quagga/README.Debian.MD5 and search for CAN-2004-0230.
+
+ -- Christian Hammers <ch@debian.org> Sun, 16 May 2004 17:40:40 +0200
+
+quagga (0.96.4x-10) unstable; urgency=low
+
+ * SECURITY:
+ This release contains support for MD5 for BGP which is one suggested
+ prevention of the actually long known TCP SYN/RST attacks which got
+ much news in the last days as ideas were revealed that made them much
+ easier probable agains especially the BGP sessions than commonly known.
+ There are a lot of arguments agains the MD5 approach but some ISPs
+ started to require it.
+ See: CAN-2004-0230, http://www.us-cert.gov/cas/techalerts/TA04-111A.html
+ * PATCHES:
+ This release contains the MD5 patch from Hasso Tepper. It also seems to
+ required a kernel patch. See /usr/share/doc/quagga/README.Debian.MD5.
+
+ -- Christian Hammers <ch@debian.org> Thu, 29 Apr 2004 01:01:38 +0200
+
+quagga (0.96.4x-9) unstable; urgency=low
+
+ * Fixed daemon loading order (thanks to Matt Kemner).
+ * Fixed typo in init script (thanks to Charlie Brett). Closes: #238582
+
+ -- Christian Hammers <ch@debian.org> Sun, 4 Apr 2004 15:32:18 +0200
+
+quagga (0.96.4x-8) unstable; urgency=low
+
+ * Patched upstream source so that quagga header files end up in
+ /usr/include/quagga/. Closes: #233792
+
+ -- Christian Hammers <ch@debian.org> Mon, 23 Feb 2004 01:42:53 +0100
+
+quagga (0.96.4x-7) unstable; urgency=low
+
+ * Fixed info file installation (thanks to Holger Dietze). Closes: #227579
+ * Added Japanese translation (thanks to Hideki Yamane). Closes: #227812
+
+ -- Christian Hammers <ch@debian.org> Sun, 18 Jan 2004 17:28:29 +0100
+
+quagga (0.96.4x-6) unstable; urgency=low
+
+ * Added dependency to iproute.
+ * Initscript now checks not only for the pid file but also for the
+ daemons presence (thanks to Phil Gregory). Closes: #224389
+ * Added my patch to configure file permissions.
+
+ -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 22:34:29 +0100
+
+quagga (0.96.4x-5) unstable; urgency=low
+
+ * Added patch which gives bgpd the CAP_NET_RAW capability to allow it
+ to bind to special IPv6 link-local interfaces (Thanks to Bastian Blank).
+ Closes: #222930
+ * Made woody backport easier by applying Colin Watsons po-debconf hack.
+ Thanks to Marc Haber for suggesting it. Closes: #223527
+ * Made woody backport easier by applying a patch that removes some
+ obscure whitespaces inside an C macro. (Thanks to Marc Haber).
+ Closes: #223529
+ * Now uses /usr/bin/pager. Closes: #204070
+ * Added note about the "official woody backports" on my homepage.
+
+ -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 20:39:06 +0100
+
+quagga (0.96.4x-4) unstable; urgency=high
+
+ * SECURITY:
+ Fixes another bug that was originally reported against Zebra.
+ .
+ http://rhn.redhat.com/errata/RHSA-2003-307.html
+ Herbert Xu reported that Zebra can accept spoofed messages sent on the
+ kernel netlink interface by other users on the local machine. This could
+ lead to a local denial of service attack. The Common Vulnerabilities and
+ Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to
+ this issue.
+
+ * Minor improvements to init script (thanks to Iustin Pop).
+ Closes: #220938
+
+ -- Christian Hammers <ch@debian.org> Sat, 22 Nov 2003 13:27:57 +0100
+
+quagga (0.96.4x-3) unstable; urgency=low
+
+ * Changed "more" to "/usr/bin/pager" as default pager if $PAGER or
+ $VTYSH_PAGER is not set (thanks to Bastian Blank). Closes: #204070
+ * Made the directory (but not the config/log files!) world accessible
+ again on user request (thanks to Anand Kumria)). Closes: #213129
+ * No longer providing sample configuration in /etc/quagga/. They are
+ now only available in /usr/share/doc/quagga/ to avoid accidently
+ using them without changing the adresses (thanks to Marc Haber).
+ Closes: #215918
+
+ -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 16:59:30 +0100
+
+quagga (0.96.4x-2) unstable; urgency=low
+
+ * Fixed permission problem with pidfile (thanks to Kir Kostuchenko).
+ Closes: #220938
+
+ -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 14:24:08 +0100
+
+quagga (0.96.4x-1) unstable; urgency=low
+
+ * Reupload of 0.96.4. Last upload-in-a-hurry produced a totally
+ crappy .tar.gz file. Closes: #220621
+
+ -- Christian Hammers <ch@debian.org> Fri, 14 Nov 2003 19:45:57 +0100
+
+quagga (0.96.4-1) unstable; urgency=high
+
+ * SECURITY: Remote DoS of protocol daemons.
+ Fix for a remote triggerable crash in vty layer. The management
+ ports ("telnet myrouter ospfd") should not be open to the internet!
+
+ * New upstream version.
+ - OSPF bugfixes.
+ - Some improvements for bgp and rip.
+
+ -- Christian Hammers <ch@debian.org> Thu, 13 Nov 2003 11:52:27 +0100
+
+quagga (0.96.3-3) unstable; urgency=low
+
+ * Fixed pid file generation by substituting the daemons "-d" by the
+ start-stop-daemon option "--background" (thanks to Micha Gaisser).
+ Closes: #218103
+
+ -- Christian Hammers <ch@debian.org> Wed, 29 Oct 2003 05:17:49 +0100
+
+quagga (0.96.3-2) unstable; urgency=low
+
+ * Readded GNOME-PRODUCT-ZEBRA-MIB.
+
+ -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 06:17:03 +0200
+
+quagga (0.96.3-1) unstable; urgency=medium
+
+ * New upstream version.
+ * Removed -u and -e in postrm due to problems with debhelper and userdel
+ (thanks to Adam Majer and Jaakko Niemi). Closes: #216770
+ * Removed SNMP MIBs as they are now included in libsnmp-base (thanks to
+ David Engel and Peter Gervai). Closes: #216138, #216086
+ * Fixed seq command in init script (thanks to Marc Haber). Closes: #215915
+ * Improved /proc check (thanks to Marc Haber). Closes: #212331
+
+ -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 03:42:02 +0200
+
+quagga (0.96.2-9) unstable; urgency=medium
+
+ * Removed /usr/share/info/dir.* which were accidently there and prevented
+ the installation by dpkg (thanks to Simon Raven). Closes: #212614
+ * Reworded package description (thanks to Anand Kumria). Closes: #213125
+ * Added french debconf translation (thanks to Christian Perrier).
+ Closes: #212803
+
+ -- Christian Hammers <ch@debian.org> Tue, 7 Oct 2003 13:26:58 +0200
+
+quagga (0.96.2-8) unstable; urgency=low
+
+ * debian/rules now checks if /proc is mounted as ./configure needs
+ it but just fails with an obscure error message if it is absent.
+ (Thanks to Norbert Tretkowski). Closes: #212331
+
+ -- Christian Hammers <ch@debian.org> Tue, 23 Sep 2003 12:57:38 +0200
+
+quagga (0.96.2-7) unstable; urgency=low
+
+ * Last build was rejected due to a buggy dpkg-dev version. Rebuild.
+
+ -- Christian Hammers <ch@debian.org> Mon, 22 Sep 2003 20:34:12 +0200
+
+quagga (0.96.2-6) unstable; urgency=low
+
+ * Fixed init script so that is is now possible to just start
+ the bgpd but not the zebra daemon. Also daemons are now actually
+ started in the order defined their priority. (Thanks to Thomas Kaehn
+ and Jochen Friedrich) Closes: #210924
+
+ -- Christian Hammers <ch@debian.org> Fri, 19 Sep 2003 21:17:02 +0200
+
+quagga (0.96.2-5) unstable; urgency=low
+
+ * For using quagga as BGP route server or similar, it is not
+ wanted to have the zebra daemon running too. For this reason
+ it can now be disabled in /etc/quagga/daemons, too.
+ (Thanks to Jochen Friedrich). Closes: #210924
+ * Attached *unapplied* patch for the ISIS protocol. I did not dare
+ to apply it as long as upstream does not do it but this way give
+ users the possibilities to use it if they like to.
+ (Thanks to Remco van Mook)
+
+ -- Christian Hammers <ch@debian.org> Wed, 17 Sep 2003 19:57:31 +0200
+
+quagga (0.96.2-4) unstable; urgency=low
+
+ * Enabled IPV6 router advertisement feature by default on user request
+ (thanks to Jochen Friedrich and Hasso Tepper). Closes: #210732
+ * Updated GNU autoconf to let it build on hppa/parisc64 (thanks to
+ lamont). Closes: #210492
+
+ -- Christian Hammers <ch@debian.org> Sat, 13 Sep 2003 14:11:13 +0200
+
+quagga (0.96.2-3) unstable; urgency=medium
+
+ * Removed unnecessary "-lcrypto" to avoid dependency against OpenSSL
+ which would require further copyright addtions.
+
+ -- Christian Hammers <ch@debian.org> Wed, 10 Sep 2003 01:37:28 +0200
+
+quagga (0.96.2-2) unstable; urgency=low
+
+ * Added note that config files of quagga are in /etc/quagga and
+ not /etc/zebra for the zebra users that migrate to quagga.
+ (Thanks to Roberto Suarez Soto for the idea)
+ * Fixed setgid rights in /etc/quagga.
+
+ -- Christian Hammers <ch@debian.org> Wed, 27 Aug 2003 14:05:39 +0200
+
+quagga (0.96.2-1) unstable; urgency=low
+
+ * This package has formally been known as "zebra-pj"!
+ * New upstream release.
+ Fixes "anoying OSPF problem".
+ * Modified group ownerships so that vtysh can now be used by normal
+ uses if they are in the quaggavty group.
+
+ -- Christian Hammers <ch@debian.org> Mon, 25 Aug 2003 23:40:14 +0200
+
+quagga (0.96.1-1) unstable; urgency=low
+
+ * Zebra-pj, the fork of zebra has been renamed to quagga as the original
+ upstream author asked the new project membed not to use "zebra" in the
+ name. zebra-pj is obsolete.
+
+ -- Christian Hammers <ch@debian.org> Mon, 18 Aug 2003 23:37:20 +0200
+
+zebra-pj (0.94+cvs20030721-1) unstable; urgency=low
+
+ * New CVS build.
+ - OSPF changes (integration of the OSPF API?)
+ - code cleanups (for ipv6?)
+ * Tightened Build-Deps to gcc-2.95 as 3.x does not compile a stable ospfd.
+ This is a known problem and has been discussed on the mailing list.
+ No other solutions so far.
+
+ -- Christian Hammers <ch@debian.org> Mon, 21 Jul 2003 23:52:00 +0200
+
+zebra-pj (0.94+cvs20030701-1) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Christian Hammers <ch@debian.org> Tue, 1 Jul 2003 01:58:06 +0200
--- /dev/null
+Source: frr
+Section: net
+Priority: optional
+Maintainer: Nobody <nobody@frrouting.org>
+Uploaders: Nobody <nobody@frrouting.org>
+XSBC-Original-Maintainer: <maintainers@frrouting.org>
+Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2 | libjson-c3, dh-systemd, libsystemd-dev, bison, flex, libc-ares-dev, pkg-config, python (>= 2.7), python-ipaddr
+Standards-Version: 3.9.6
+Homepage: http://www.frrouting.org/
+
+Package: frr
+Architecture: any
+Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), iproute2 | iproute, ${misc:Depends}, libc-ares2
+Pre-Depends: adduser
+Conflicts: zebra, zebra-pj, quagga
+Replaces: zebra, zebra-pj
+Suggests: snmpd
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
+ FRR is free software which manages TCP/IP based routing protocols.
+ It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
+ PIM and LDP as well as the IPv6 versions of these.
+ .
+ FRR is a fork of Quagga with an open community model. The main git
+ lives on https://github.com/frrouting/frr.git
+
+Package: frr-dbg
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
+Priority: extra
+Section: debug
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
+ This package provides debugging symbols for all binary packages built
+ from frr source package. It's highly recommended to have this package
+ installed before reporting any FRR crashes to either FRR developers or
+ Debian package maintainers.
+
+Package: frr-doc
+Section: net
+Architecture: all
+Depends: ${misc:Depends}
+Suggests: frr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
+Package: frr-pythontools
+Section: net
+Architecture: all
+Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
--- /dev/null
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: Frr
+Upstream-Contact: maintainers@frrouting.org, security@frrouting.org
+Source: http://www.frrouting.org/
+
+Files: *
+Copyright: 1996-2003 by the original Zebra authors:
+ Kunihiro Ishiguro <kunihiro@zebra.org>
+ Toshiaki Takada <takada@zebra.org>
+ Yasuhiro Ohara <yasu@sfc.wide.ad.jp>
+ 2003-2012 by the Quagga Project, mostly Paul Jakma <paul@jakma.org>
+License: GPL-2+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ .
+ On Debian systems, the full text of the GNU General Public
+ License version 2 can be found in the file
+ `/usr/share/common-licenses/GPL-2'.
--- /dev/null
+AUTHORS
+NEWS
+README
+REPORTING-BUGS
+doc/BGP-TypeCode
+doc/draft-zebra-00.txt
+doc/mpls/
+bgpd/BGP4-MIB.txt
--- /dev/null
+doc/frr.info*
--- /dev/null
+usr/share/info
+doc/*.png usr/share/info
--- /dev/null
+frr-doc: wrong-section-according-to-package-name frr-doc => doc
--- /dev/null
+tools/frr-reload.py usr/lib/frr/
--- /dev/null
+# Create the /run/frr directory at boot or from systemd-tmpfiles on install
+d /run/frr 0755 frr frr
--- /dev/null
+etc/logrotate.d/
+etc/frr/
+etc/iproute2/rt_protos.d/
+usr/share/doc/frr/
+usr/share/doc/frr/examples/
+usr/share/lintian/overrides/
+usr/share/snmp/mibs/
+var/log/frr/
--- /dev/null
+tools
+debian/README.Debian
--- /dev/null
+etc/frr/
+usr/bin/vtysh
+usr/include/frr/
+usr/lib/
+tools/frr usr/lib/frr
+usr/share/doc/frr/
+usr/share/man/man1/vtysh.1
+usr/share/man/man1/frr.1
+usr/share/man/man8
+usr/share/man/man8/bgpd.8
+usr/share/man/man8/ospf6d.8
+usr/share/man/man8/ospfd.8
+usr/share/man/man8/ripd.8
+usr/share/man/man8/ripngd.8
+usr/share/man/man8/zebra.8
+usr/share/man/man8/isisd.8
+usr/share/man/man8/watchfrr.8
+usr/share/man/man8/frr-args.8
+usr/share/snmp/mibs/
+tools/etc/* etc/
+tools/*.service lib/systemd/system
+debian/frr.conf usr/lib/tmpfiles.d
--- /dev/null
+frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrrospfapiclient.so.0.0.0 usr/lib/libfrrospfapiclient.so
+frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrr.so.0.0.0 usr/lib/libfrr.so
+frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrrfpm_pb.so.0.0.0 usr/lib/libfrrfpm_pb.so
+frr: package-name-doesnt-match-sonames libfrr0 libfrrfpm-pb0 libfrrospfapiclient0
--- /dev/null
+/var/log/frr/*.log {
+ size 500k
+ sharedscripts
+ missingok
+ compress
+ rotate 14
+ create 640 frr frrvty
+
+ postrotate
+ pid=$(lsof -t -a -c /syslog/ /var/log/frr/* 2>/dev/null)
+ if [ -n "$pid" ]
+ then # using syslog
+ kill -HUP $pid
+ fi
+ # in case using file logging; if switching back and forth
+ # between file and syslog, rsyslogd might still have file
+ # open, as well as the daemons, so always signal the daemons.
+ # It's safe, a NOP if (only) syslog is being used.
+ for i in babeld bgpd eigrpd isisd ldpd nhrpd ospf6d ospfd \
+ pimd ripd ripngd zebra ; do
+ if [ -e /var/run/frr/$i.pid ] ; then
+ pids="$pids $(cat /var/run/frr/$i.pid)"
+ fi
+ done
+ [ -n "$pids" ] && kill -USR1 $pids || true
+ endscript
+}
--- /dev/null
+doc/bgpd.8
+doc/ospf6d.8
+doc/ospfd.8
+doc/ripd.8
+doc/ripngd.8
+doc/vtysh.1
+doc/zebra.8
+doc/isisd.8
+doc/watchfrr.8
--- /dev/null
+# Any user may call vtysh but only those belonging to the group frrvty can
+# actually connect to the socket and use the program.
+auth sufficient pam_permit.so
--- /dev/null
+#!/bin/bash -e
+
+######################
+PASSWDFILE=/etc/passwd
+GROUPFILE=/etc/group
+
+frruid=`egrep "^frr:" $PASSWDFILE | awk -F ":" '{ print $3 }'`
+frrgid=`egrep "^frr:" $GROUPFILE | awk -F ":" '{ print $3 }'`
+frrvtygid=`egrep "^frrvty:" $GROUPFILE | awk -F ":" '{ print $3 }'`
+
+[ -n ${frruid} ] || (echo "No uid for frr in ${PASSWDFILE}" && /bin/false)
+[ -n ${frrgid} ] || (echo "No gid for frr in ${GROUPFILE}" && /bin/false)
+[ -n ${frrVTYgid} ] || (echo "No gid for frrvty in ${GROUPFILE}" && /bin/false)
+
+chown -R ${frruid}:${frrgid} /etc/frr
+touch /etc/frr/vtysh.conf
+chgrp ${frrvtygid} /etc/frr/vtysh*
+chmod 644 /etc/frr/*
+
+ENVIRONMENTFILE=/etc/environment
+if ! grep --quiet VTYSH_PAGER=/bin/cat ${ENVIRONMENTFILE}; then
+ echo "VTYSH_PAGER=/bin/cat" >> ${ENVIRONMENTFILE}
+fi
+##################################################
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+
+# This is most likely due to the answer "no" to the "really stop the server"
+# question in the prerm script.
+if [ "$1" = "abort-upgrade" ]; then
+ exit 0
+fi
+
+#DEBHELPER#
+
--- /dev/null
+#!/bin/bash -e
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+# set -u not because of debhelper
+
+if [ "$1" = "purge" ]; then
+ rm -rf /etc/frr /var/run/frr /var/log/frr
+ userdel frr >/dev/null 2>&1 || true
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/bash
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+set -e
+set -u
+
+# creating frrvty group if it isn't already there
+if ! getent group frrvty >/dev/null; then
+ addgroup --system frrvty >/dev/null
+fi
+
+# creating frr group if it isn't already there
+if ! getent group frr >/dev/null; then
+ addgroup --system frr >/dev/null
+fi
+
+# creating frr user if he isn't already there
+if ! getent passwd frr >/dev/null; then
+ adduser \
+ --system \
+ --ingroup frr \
+ --home /var/run/frr/ \
+ --gecos "Frr routing suite" \
+ --shell /bin/false \
+ frr >/dev/null
+fi
+
+# We may be installing over an older version of
+# frr and as such we need to intelligently
+# check to see if the frr user is in the frrvty
+# group.
+if ! /usr/bin/id frr | grep &>/dev/null 'frrvty'; then
+ usermod -a -G frrvty frr >/dev/null
+fi
+
+# Do not change permissions when upgrading as it would violate policy.
+if [ "$1" = "install" ]; then
+ # Logfiles are group readable in case users were put into the frr group.
+ d=/var/log/frr/
+ mkdir -p $d
+ chown -R frr:frr $d
+ chmod u=rwx,go=rx $d
+ find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
+
+ # Strict permissions for the sockets.
+ d=/var/run/frr/
+ mkdir -p $d
+ chown -R frr:frr $d
+ chmod u=rwx,go=rx $d
+ find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,go=
+
+ # Config files. Vtysh does not have access to the individual daemons config file
+ d=/etc/frr/
+ mkdir -p $d
+ chown frr:frrvty $d
+ chmod ug=rwx,o=rx $d
+ find $d -type f -print0 | xargs -0 --no-run-if-empty chown frr:frr
+ find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
+
+ # Exceptions for vtysh.
+ f=$d/vtysh.conf
+ if [ -f $f ]; then
+ chown frr:frrvty $f
+ chmod u=rw,g=r,o= $f
+ fi
+
+ # Exceptions for vtysh.
+ f=$d/frr.conf
+ if [ -f $d/Zebra.conf ]; then
+ mv $d/Zebra.conf $f
+ fi
+ if [ -f $f ]; then
+ chown frr:frrvty $f
+ chmod u=rw,g=r,o= $f
+ fi
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/bash -e
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+
+# prerm remove
+# old-prerm upgrade new-version
+# new-prerm failed-upgrade old-version
+# conflictor's-prerm remove in-favour package new-version
+# deconfigured's-prerm deconfigure in-favour package-being-installed version removing conflicting-package
+case $1 in
+ remove|upgrade)
+ ;;
+
+ failed-upgrade)
+ # If frr/really_stop was negated then this script exits with return
+ # code 1 and is called again with "failed-upgrade". Well, exit again.
+ exit 1
+ ;;
+
+esac
+
+#DEBHELPER#
--- /dev/null
+#!/usr/bin/make -f
+
+# FRRouting Configuration options
+######################################
+#
+# WANT_xxxx --> Set to 1 for enable, 0 for disable
+# The following are the defaults. They can be overridden by setting a
+# env variable to a different value
+#
+# export WANT_LDP=1
+# export WANT_PIM=1
+# export WANT_OSPFAPI=1
+# export WANT_TCP_ZEBRA=0
+# export WANT_BGP_VNC=0
+# export WANT_CUMULUS_MODE=0
+# export WANT_MULTIPATH=1
+#
+# If multipath is enabled (WANT_MULTIPATH=1), then set number of multipaths here
+# Please be aware that 0 is NOT disabled, but treated as unlimited
+# export MULTIPATH=256
+#
+# Set the following to the value required (or leave undefined for the default below)
+# WANT_FRR_USER is used for the username and groupname of the FRR user account
+# export WANT_FRR_USER=frr
+# export WANT_FRR_VTY_GROUP=frrvty
+#
+####################################
+
+export DH_VERBOSE=1
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+export DH_OPTIONS=-v
+
+ifeq ($(WANT_SNMP), 1)
+ USE_SNMP=--enable-snmp
+ $(warning "DEBIAN: SNMP enabled, sorry for your inconvenience")
+else
+ $(warning "DEBIAN: SNMP disabled, see README.Debian")
+endif
+
+ifneq ($(WANT_LDP), 0)
+ USE_LDP=--enable-ldpd
+else
+ USE_LDP=--disable-ldpd
+endif
+
+ifneq ($(WANT_PIM), 0)
+ USE_PIM=--enable-pimd
+else
+ USE_PIM=--disable-pimd
+endif
+
+ifneq ($(WANT_OSPFAPI), 0)
+ USE_OSPFAPI=--enable-ospfapi=yes
+else
+ USE_OSPFAPI=--enable-ospfapi=no
+endif
+
+ifeq ($(WANT_TCP_ZEBRA),1)
+ USE_TCP_ZEBRA=--enable-tcp-zebra
+endif
+
+ifneq ($(WANT_BGP_VNC), 0)
+ USE_BGP_VNC=--enable-bgp-vnc=yes
+else
+ USE_BGP_VNC=--enable-bgp-vnc=no
+endif
+
+ifndef WANT_FRR_USER
+ USE_FRR_USER=--enable-user=frr
+ USE_FRR_GROUP=--enable-group=frr
+else
+ USE_FRR_USER=$(WANT_FRR_USER)
+ USE_FRR_GROUP=$(WANT_FRR_USER)
+endif
+
+ifndef WANT_FRR_VTY_GROUP
+ USE_FRR_VTY_GROUP=--enable-vty-group=frrvty
+else
+ USE_FRR_VTY_GROUP=--enable-vty-group=$(WANT_FRR_VTY_GROUP)
+endif
+
+ifneq ($(WANT_MULTIPATH), 0)
+ ifdef MULTIPATH
+ USE_MULTIPATH=--enable-multipath=$(MULTIPATH)
+ else
+ USE_MULTIPATH=--enable-multipath=256
+ endif
+else
+ USE_MULTIPATH=--disable-multipath
+endif
+
+ifeq ($(WANT_CUMULUS_NODE), 1)
+ USE_CUMULUS=--enable-cumulus=yes
+else
+ USE_CUMULUS=--enable-cumulus=no
+endif
+
+ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+ DEBIAN_JOBS := $(subst parallel=,,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+endif
+
+ifdef DEBIAN_JOBS
+MAKEFLAGS += -j$(DEBIAN_JOBS)
+endif
+
+%:
+ dh $@ --with=systemd,autoreconf --parallel --dbg-package=frr-dbg --list-missing
+
+override_dh_auto_configure:
+ # Frr needs /proc to check some BSD vs Linux specific stuff.
+ # Else it fails with an obscure error message pointing out that
+ # IPCTL_FORWARDING is an undefined symbol which is not very helpful.
+ @if ! [ -d /proc/1 ]; then \
+ echo "./configure needs a mounted /proc"; \
+ exit 1; \
+ fi
+
+ if ! [ -e config.status ]; then \
+ dh_auto_configure -- \
+ --enable-exampledir=/usr/share/doc/frr/examples/ \
+ --localstatedir=/var/run/frr \
+ --sbindir=/usr/lib/frr \
+ --sysconfdir=/etc/frr \
+ $(USE_SNMP) \
+ $(USE_OSPFAPI) \
+ $(USE_MULTIPATH) \
+ $(USE_LDP) \
+ $(USE_TCP_ZEBRA) \
+ --enable-fpm \
+ $(USE_FRR_USER) $(USE_FRR_GROUP) \
+ $(USE_FRR_VTY_GROUP) \
+ --enable-configfile-mask=0640 \
+ --enable-logfile-mask=0640 \
+ --enable-werror \
+ --with-libpam \
+ --enable-systemd=yes \
+ --enable-poll=yes \
+ $(USE_CUMULUS) \
+ $(USE_PIM) \
+ --enable-dependency-tracking \
+ $(USE_BGP_VNC) \
+ $(shell dpkg-buildflags --export=configure); \
+ fi
+
+override_dh_auto_build:
+ #dh_auto_build
+ $(MAKE)
+ dh_auto_build -- -C doc draft-zebra-00.txt
+
+
+ # doc/ is a bit crazy
+ifeq ($(GENERATE_PDF), 1)
+ dh_auto_build -- -C doc frr.pdf || true # pdfetex fails with exit code 1 but still produces a good looking .pdf
+endif
+ rm -vf doc/frr.info
+ dh_auto_build -- -C doc frr.info
+ rm -vf doc/frr.info.html*
+
+override_dh_auto_test:
+
+override_dh_auto_install:
+ dh_auto_install
+
+ # installed in frr-pythontools
+ rm debian/tmp/usr/lib/frr/frr-reload.py
+
+ # cleaning up the info dir
+ rm -f debian/tmp/usr/share/info/dir*
+
+ # install config files
+ mkdir -p debian/tmp/etc/frr/
+ perl -pi -e 's#^!log file #!log file /var/log/frr/#' debian/tmp/usr/share/doc/frr/examples/*sample*
+
+ # installing the Frr specific SNMP MIB
+ifeq ($(WANT_SNMP), 1)
+ install -D -m 644 ./zebra/GNOME-PRODUCT-ZEBRA-MIB debian/tmp/usr/share/snmp/mibs/GNOME-PRODUCT-ZEBRA-MIB
+else
+ mkdir -p debian/tmp/usr/share/snmp/mibs/
+endif
+
+ # cleaning .la files
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/*.la
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/frr/modules/*.la
+
+override_dh_systemd_start:
+ dh_systemd_start frr.service
+
+override_dh_systemd_enable:
+ dh_systemd_enable frr.service
+
+# backports
+SRCPKG = frr
+KNOWN_BACKPORTS = debian8 debian9 ubuntu12.04 ubuntu14.04 ubuntu16.04
+DEBIAN_VERSION := $(shell dh_testdir && \
+ dpkg-parsechangelog -c1 < debian/changelog | \
+ sed -rn 's/^Version: ?//p')
+ORIG_VERSION := $(DEBIAN_VERSION)
+-include debian/backports/rules
+
+ifneq ($(TARBALLDIR),)
+ifeq ($(wildcard frr-$(ORIG_VERSION).tar.gz),frr-$(ORIG_VERSION).tar.gz)
+
+$(TARBALLDIR)/$(SRCPKG)_$(ORIG_VERSION).orig.tar.gz: \
+ frr-$(ORIG_VERSION).tar.gz
+ cp $< $@
+
+else # wildcard frr-$(ORIG_VERSION).tar.gz
+
+# better error message on missing .orig.tar.gz
+$(TARBALLDIR)/$(SRCPKG)_$(ORIG_VERSION).orig.tar.gz:
+ @ echo "\`$(TARBALLDIR)/$(SRCPKG)-$(ORIG_VERSION).tar.gz'" not \
+ found and not generated by debian/rules. Provided you have the \
+ necessary packages installed, you can generate it yourself via \
+ "\"./bootstrap.sh && ./configure && make dist\"".
+ exit 1
+
+endif # wildcard frr-$(ORIG_VERSION).tar.gz
+endif # TARBALLDIR nonempty
--- /dev/null
+Tests: daemons
+Depends: frr
+Restrictions: needs-root
--- /dev/null
+#!/bin/bash
+#---------------
+# Testing frr
+#---------------
+set -e
+
+# modify config file to enable all daemons and copy config files
+CONFIG_FILE=/etc/frr/daemons
+DAEMONS=("zebra" "bgpd" "ospfd" "ospf6d" "ripd" "ripngd" "isisd" "pimd")
+
+for daemon in "${DAEMONS[@]}"
+do
+ sed -i -e "s/${daemon}=no/${daemon}=yes/g" $CONFIG_FILE
+ cp /usr/share/doc/frr/examples/${daemon}.conf.sample /etc/frr/${daemon}.conf
+done
+
+# reload frr
+/etc/init.d/frr restart > /dev/null 2>&1
+
+# check daemons
+for daemon in "${DAEMONS[@]}"
+do
+ echo -n "check $daemon - "
+ if pidof -x $daemon > /dev/null; then
+ echo "${daemon} OK"
+ else
+ echo "ERROR: ${daemon} IS NOT RUNNING"
+ exit 1
+ fi
+done
--- /dev/null
+check process watchfrr with pidfile /var/run/frr/watchfrr.pid
+ start program = "/etc/init.d/frr start watchfrr" with timeout 120 seconds
+ stop program = "/etc/init.d/frr stop watchfrr"
+ if 3 restarts within 10 cycles then timeout
--- /dev/null
+Building FRR on Debian 9 from Git Source
+========================================
+
+Install required packages
+-------------------------
+
+Add packages:
+
+ sudo apt-get install git autoconf automake libtool make \
+ libreadline-dev texinfo libjson-c-dev pkg-config bison flex \
+ python-pip libc-ares-dev python3-dev python-pytest
+
+Get FRR, compile it and install it (from Git)
+---------------------------------------------
+
+**This assumes you want to build and install FRR from source and not using
+any packages**
+
+### Add frr groups and user
+
+ sudo addgroup --system --gid 92 frr
+ sudo addgroup --system --gid 85 frrvty
+ sudo adduser --system --ingroup frr --home /var/run/frr/ \
+ --gecos "FRR suite" --shell /bin/false frr
+ sudo usermod -a -G frrvty frr
+
+### Download Source, configure and compile it
+(You may prefer different options on configure statement. These are just
+an example.)
+
+ git clone https://github.com/frrouting/frr.git frr
+ cd frr
+ git checkout stable/3.0
+ ./bootstrap.sh
+ ./configure \
+ --enable-exampledir=/usr/share/doc/frr/examples/ \
+ --localstatedir=/var/run/frr \
+ --sbindir=/usr/lib/frr \
+ --sysconfdir=/etc/frr \
+ --enable-vtysh \
+ --enable-isisd \
+ --enable-pimd \
+ --enable-watchfrr \
+ --enable-ospfclient=yes \
+ --enable-ospfapi=yes \
+ --enable-multipath=64 \
+ --enable-user=frr \
+ --enable-group=frr \
+ --enable-vty-group=frrvty \
+ --enable-configfile-mask=0640 \
+ --enable-logfile-mask=0640 \
+ --enable-rtadv \
+ --enable-fpm \
+ --enable-ldpd \
+ --with-pkg-git-version \
+ --with-pkg-extra-version=-MyOwnFRRVersion
+ make
+ make check
+ sudo make install
+
+### Create empty FRR configuration files
+
+ sudo install -m 755 -o frr -g frr -d /var/log/frr
+ sudo install -m 775 -o frr -g frrvty -d /etc/frr
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/zebra.conf
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/bgpd.conf
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ospfd.conf
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ospf6d.conf
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/isisd.conf
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ripd.conf
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ripngd.conf
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/pimd.conf
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ldpd.conf
+ sudo install -m 640 -o frr -g frr /dev/null /etc/frr/nhrpd.conf
+ sudo install -m 640 -o frr -g frrvty /dev/null /etc/frr/vtysh.conf
+
+### Enable IP & IPv6 forwarding
+
+Edit `/etc/sysctl.conf` and uncomment the following values (ignore the
+other settings)
+
+ # Uncomment the next line to enable packet forwarding for IPv4
+ net.ipv4.ip_forward=1
+
+ # Uncomment the next line to enable packet forwarding for IPv6
+ # Enabling this option disables Stateless Address Autoconfiguration
+ # based on Router Advertisements for this host
+ net.ipv6.conf.all.forwarding=1
+
+**Reboot** or use `sysctl -p` to apply the same config to the running system
+
+### Troubleshooting
+
+**Local state directory**
+
+The local state directory must exist and have the correct permissions applied
+for the frrouting daemons to start. In the above ./configure example the
+local state directory is set to /var/run/frr (--localstatedir=/var/run/frr)
+Debian considers /var/run/frr to be temporary and this is removed after a
+reboot.
+
+When using a different local state directory you need to create the new
+directory and change the ownership to the frr user, for example:
+
+ mkdir /var/opt/frr
+ chown frr /var/opt/frr
+
+**Shared library error**
+
+If you try and start any of the frrouting daemons you may see the below error
+due to the frrouting shared library directory not being found:
+
+ ./zebra: error while loading shared libraries: libfrr.so.0: cannot open shared object file: No such file or directory
+
+The fix is to add the following line to /etc/ld.so.conf which will continue to
+reference the library directory after the system reboots. To load the library
+directory path immediately run the ldconfig command after adding the line to
+the file eg:
+
+ echo include /usr/local/lib >> /etc/ld.so.conf
+ ldconfig
Turn on some options for compiling FRR within a development environment in
mind. Specifically turn on -g3 -O0 for compiling options and add inclusion
of grammar sandbox.
+@item --enable-fuzzing
+Turn on some compile options to allow you to run fuzzing tools
+against the system. This tools is intended as a developer
+only tool and should not be used for normal operations
@end table
You may specify any combination of the above options to the configure
#include "ldpd/ldpd.h"
#include "ldpd/ldp_vty.h"
+#ifndef VTYSH_EXTRACT_PL
#include "ldpd/ldp_vty_cmds_clippy.c"
+#endif
DEFUN_NOSH(ldp_mpls_ldp,
ldp_mpls_ldp_cmd,
if (IS_DEBUG_OSPF_EVENT)
zlog_debug(
"ospf_flood_through_interface(): "
- "considering int %s, INBR(%s), LSA[%s]",
+ "considering int %s, INBR(%s), LSA[%s] AGE %u",
IF_NAME(oi), inbr ? inet_ntoa(inbr->router_id) : "NULL",
- dump_lsa_key(lsa));
+ dump_lsa_key(lsa), ntohs(lsa->data->ls_age));
if (!ospf_if_is_enable(oi))
return 0;
more time for the ACK to be received and avoid
retransmissions */
lsa->data->ls_age = htons(OSPF_LSA_MAXAGE);
+ if (IS_DEBUG_OSPF_EVENT)
+ zlog_debug("%s: MAXAGE set to LSA %s", __PRETTY_FUNCTION__,
+ inet_ntoa(lsa->data->id));
monotime(&lsa->tv_recv);
lsa->tv_orig = lsa->tv_recv;
ospf_flood_through_area(area, NULL, lsa);
struct route_node *rn;
int need_to_flush_ase = 0;
+ ospf->inst_shutdown = 1;
+
for (ALL_LIST_ELEMENTS(ospf->areas, node, nnode, area)) {
if ((lsa = area->router_lsa_self) != NULL) {
if (IS_DEBUG_OSPF_EVENT)
}
if (listcount(update) > 0)
- ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT);
+ ospf_ls_upd_send(nbr, update,
+ OSPF_SEND_PACKET_DIRECT, 0);
list_delete_and_null(&update);
}
if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
if (oi->type == OSPF_IFTYPE_NBMA)
ospf_ls_upd_send(nbr, ls_upd,
- OSPF_SEND_PACKET_DIRECT);
+ OSPF_SEND_PACKET_DIRECT, 0);
else
ospf_ls_upd_send(nbr, ls_upd,
- OSPF_SEND_PACKET_INDIRECT);
+ OSPF_SEND_PACKET_INDIRECT, 0);
/* Only remove list contents. Keep ls_upd. */
list_delete_all_node(ls_upd);
/* Send rest of Link State Update. */
if (listcount(ls_upd) > 0) {
if (oi->type == OSPF_IFTYPE_NBMA)
- ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT);
+ ospf_ls_upd_send(nbr, ls_upd,
+ OSPF_SEND_PACKET_DIRECT, 0);
else
ospf_ls_upd_send(nbr, ls_upd,
- OSPF_SEND_PACKET_INDIRECT);
+ OSPF_SEND_PACKET_INDIRECT, 0);
list_delete_and_null(&ls_upd);
} else
update = list_new();
listnode_add(update, lsa);
- ospf_ls_upd_send(nbr, update, flag);
+
+ /*ospf instance is going down, send self originated
+ * MAXAGE LSA update to neighbors to remove from LSDB */
+ if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
+ ospf_ls_upd_send(nbr, update, flag, 1);
+ else
+ ospf_ls_upd_send(nbr, update, flag, 0);
list_delete_and_null(&update);
}
}
static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
- struct list *update, struct in_addr addr)
+ struct list *update, struct in_addr addr,
+ int send_lsupd_now)
{
struct ospf_packet *op;
u_int16_t length = OSPF_HEADER_SIZE;
/* Add packet to the interface output queue. */
ospf_packet_add(oi, op);
-
- /* Hook thread to write packet. */
- OSPF_ISM_WRITE_ON(oi->ospf);
+ /* Call ospf_write() right away to send ospf packets to neighbors */
+ if (send_lsupd_now) {
+ struct thread os_packet_thd;
+
+ os_packet_thd.arg = (void *)oi->ospf;
+ if (oi->on_write_q == 0) {
+ listnode_add(oi->ospf->oi_write_q, oi);
+ oi->on_write_q = 1;
+ }
+ ospf_write(&os_packet_thd);
+ } else {
+ /* Hook thread to write packet. */
+ OSPF_ISM_WRITE_ON(oi->ospf);
+ }
}
static int ospf_ls_upd_send_queue_event(struct thread *thread)
update = (struct list *)rn->info;
- ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4);
+ ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
/* list might not be empty. */
if (listcount(update) == 0) {
return 0;
}
-void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag)
+void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
+ int send_lsupd_now)
{
struct ospf_interface *oi;
struct ospf_lsa *lsa;
for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
listnode_add(rn->info,
ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
+ if (send_lsupd_now) {
+ struct list *send_update_list;
+ struct route_node *rn, *rnext;
- thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
+ for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
+ rnext = route_next(rn);
+
+ if (rn->info == NULL)
+ continue;
+
+ send_update_list = (struct list *)rn->info;
+
+ ospf_ls_upd_queue_send(oi, send_update_list,
+ rn->p.u.prefix4, 1);
+
+ }
+ } else
+ thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
&oi->t_ls_upd_event);
}
extern void ospf_ls_req_send(struct ospf_neighbor *);
extern void ospf_ls_upd_send_lsa(struct ospf_neighbor *, struct ospf_lsa *,
int);
-extern void ospf_ls_upd_send(struct ospf_neighbor *, struct list *, int);
+extern void ospf_ls_upd_send(struct ospf_neighbor *, struct list *, int, int);
extern void ospf_ls_ack_send(struct ospf_neighbor *, struct ospf_lsa *);
extern void ospf_ls_ack_send_delayed(struct ospf_interface *);
extern void ospf_ls_retransmit(struct ospf_interface *, struct ospf_lsa *);
ospf_opaque_type11_lsa_term(ospf);
- /* be nice if this worked, but it doesn't */
- /*ospf_flush_self_originated_lsas_now (ospf);*/
+ ospf_flush_self_originated_lsas_now(ospf);
/* Unregister redistribution */
for (i = 0; i < ZEBRA_ROUTE_MAX; i++) {
struct route_table *distance_table;
+ /* Used during ospf instance going down send LSDB
+ * update to neighbors immediatly */
+ uint8_t inst_shutdown;
+
QOBJ_FIELDS
};
DECLARE_QOBJ_TYPE(ospf)
if ((list = rp->info) != NULL)
for (ALL_LIST_ELEMENTS(list, listnode, nextnode,
rinfo))
- if (rinfo->ifindex == ifp->ifindex)
+ if (rinfo->nh.ifindex == ifp->ifindex)
rip_ecmp_delete(rinfo);
ri = ifp->info;
static void rip_apply_address_add(struct connected *ifc)
{
struct prefix_ipv4 address;
+ struct nexthop nh;
struct prefix *p;
if (!rip)
p = ifc->address;
memset(&address, 0, sizeof(address));
+ memset(&nh, 0, sizeof(nh));
+
address.family = p->family;
address.prefix = p->u.prefix4;
address.prefixlen = p->prefixlen;
apply_mask_ipv4(&address);
+ nh.ifindex = ifc->ifp->ifindex;
+ nh.type = NEXTHOP_TYPE_IFINDEX;
+
/* Check if this interface is RIP enabled or not
or Check if this address's prefix is RIP enabled */
if ((rip_enable_if_lookup(ifc->ifp->name) >= 0)
|| (rip_enable_network_lookup2(ifc) >= 0))
rip_redistribute_add(ZEBRA_ROUTE_CONNECT, RIP_ROUTE_INTERFACE,
- &address, ifc->ifp->ifindex, NULL, 0, 0,
- 0);
+ &address, &nh, 0, 0, 0);
}
int rip_interface_address_add(int command, struct zclient *zclient,
struct listnode *node, *nnode;
struct connected *connected;
struct prefix_ipv4 address;
+ struct nexthop nh;
+
+ memset(&nh, 0, sizeof(nh));
for (ALL_LIST_ELEMENTS(ifp->connected, node, nnode, connected)) {
struct prefix *p;
address.prefixlen = p->prefixlen;
apply_mask_ipv4(&address);
+ nh.ifindex = connected->ifp->ifindex;
+ nh.type = NEXTHOP_TYPE_IFINDEX;
if (set) {
/* Check once more wether this prefix is within a
* "network IF_OR_PREF" one */
rip_redistribute_add(
ZEBRA_ROUTE_CONNECT,
RIP_ROUTE_INTERFACE, &address,
- connected->ifp->ifindex, NULL, 0, 0, 0);
+ &nh, 0, 0, 0);
} else {
rip_redistribute_delete(ZEBRA_ROUTE_CONNECT,
RIP_ROUTE_INTERFACE, &address,
rip_redistribute_add(
ZEBRA_ROUTE_CONNECT,
RIP_ROUTE_REDISTRIBUTE, &address,
- connected->ifp->ifindex, NULL, 0, 0, 0);
+ &nh, 0, 0, 0);
}
}
}
rinfo = object;
if (rinfo->ifindex_out == ifp->ifindex
- || rinfo->ifindex == ifp->ifindex)
+ || rinfo->nh.ifindex == ifp->ifindex)
return RMAP_MATCH;
else
return RMAP_NOMATCH;
rinfo = object;
p.family = AF_INET;
p.prefix =
- (rinfo->nexthop.s_addr) ? rinfo->nexthop : rinfo->from;
+ (rinfo->nh.gate.ipv4.s_addr) ?
+ rinfo->nh.gate.ipv4 : rinfo->from;
p.prefixlen = IPV4_MAX_BITLEN;
alist = access_list_lookup(AFI_IP, (char *)rule);
rinfo = object;
p.family = AF_INET;
p.prefix =
- (rinfo->nexthop.s_addr) ? rinfo->nexthop : rinfo->from;
+ (rinfo->nh.gate.ipv4.s_addr) ?
+ rinfo->nh.gate.ipv4 : rinfo->from;
p.prefixlen = IPV4_MAX_BITLEN;
plist = prefix_list_lookup(AFI_IP, (char *)rule);
if (count >= MULTIPATH_NUM)
break;
api_nh = &api.nexthops[count];
- api_nh->gate.ipv4 = rinfo->nexthop;
+ api_nh->gate = rinfo->nh.gate;
api_nh->type = NEXTHOP_TYPE_IPV4;
if (cmd == ZEBRA_ROUTE_ADD)
SET_FLAG(rinfo->flags, RIP_RTF_FIB);
zebra_size_t length, vrf_id_t vrf_id)
{
struct zapi_route api;
- struct in_addr nexthop;
- unsigned long ifindex;
+ struct nexthop nh;
if (!rip)
return 0;
if (zapi_route_decode(zclient->ibuf, &api) < 0)
return -1;
- nexthop = api.nexthops[0].gate.ipv4;
- ifindex = api.nexthops[0].ifindex;
+ memset(&nh, 0, sizeof(nh));
+ nh.type = api.nexthops[0].type;
+ nh.gate.ipv4 = api.nexthops[0].gate.ipv4;
+ nh.ifindex = api.nexthops[0].ifindex;
/* Then fetch IPv4 prefixes. */
if (command == ZEBRA_REDISTRIBUTE_ROUTE_ADD)
rip_redistribute_add(api.type, RIP_ROUTE_REDISTRIBUTE,
- (struct prefix_ipv4 *)&api.prefix, ifindex,
- &nexthop, api.metric, api.distance,
+ (struct prefix_ipv4 *)&api.prefix, &nh,
+ api.metric, api.distance,
api.tag);
else if (command == ZEBRA_REDISTRIBUTE_ROUTE_DEL)
rip_redistribute_delete(api.type, RIP_ROUTE_REDISTRIBUTE,
(struct prefix_ipv4 *)&api.prefix,
- ifindex);
+ nh.ifindex);
return 0;
}
"Distribute a default route\n")
{
struct prefix_ipv4 p;
+ struct nexthop nh;
if (!rip->default_information) {
memset(&p, 0, sizeof(struct prefix_ipv4));
+ memset(&nh, 0, sizeof(nh));
+
p.family = AF_INET;
+ nh.type = NEXTHOP_TYPE_IPV4;
rip->default_information = 1;
- rip_redistribute_add(ZEBRA_ROUTE_RIP, RIP_ROUTE_DEFAULT, &p, 0,
- NULL, 0, 0, 0);
+ rip_redistribute_add(ZEBRA_ROUTE_RIP, RIP_ROUTE_DEFAULT, &p,
+ &nh, 0, 0, 0);
}
return CMD_SUCCESS;
memset(&newinfo, 0, sizeof(newinfo));
newinfo.type = ZEBRA_ROUTE_RIP;
newinfo.sub_type = RIP_ROUTE_RTE;
- newinfo.nexthop = rte->nexthop;
+ newinfo.nh.gate.ipv4 = rte->nexthop;
newinfo.from = from->sin_addr;
- newinfo.ifindex = ifp->ifindex;
+ newinfo.nh.ifindex = ifp->ifindex;
+ newinfo.nh.type = NEXTHOP_TYPE_IPV4_IFINDEX;
newinfo.metric = rte->metric;
newinfo.metric_out = rte->metric; /* XXX */
newinfo.tag = ntohs(rte->tag); /* XXX */
rp = route_node_get(rip->table, (struct prefix *)&p);
newinfo.rp = rp;
- newinfo.nexthop = *nexthop;
+ newinfo.nh.gate.ipv4 = *nexthop;
+ newinfo.nh.type = NEXTHOP_TYPE_IPV4;
newinfo.metric = rte->metric;
newinfo.tag = ntohs(rte->tag);
newinfo.distance = rip_distance_apply(&newinfo);
break;
if (IPV4_ADDR_SAME(&rinfo->from, &from->sin_addr)
- && IPV4_ADDR_SAME(&rinfo->nexthop, nexthop))
+ && IPV4_ADDR_SAME(&rinfo->nh.gate.ipv4, nexthop))
break;
if (!listnextnode(node)) {
/* Only routes directly connected to an interface
* (nexthop == 0)
* may have a valid NULL distance */
- if (rinfo->nexthop.s_addr != 0)
+ if (rinfo->nh.gate.ipv4.s_addr != 0)
old_dist = old_dist
? old_dist
: ZEBRA_RIP_DISTANCE_DEFAULT;
If this datagram is from the same router as the existing
route, reinitialize the timeout. */
same = (IPV4_ADDR_SAME(&rinfo->from, &from->sin_addr)
- && (rinfo->ifindex == ifp->ifindex));
+ && (rinfo->nh.ifindex == ifp->ifindex));
old_dist = rinfo->distance ? rinfo->distance
: ZEBRA_RIP_DISTANCE_DEFAULT;
/* Add redistributed route to RIP table. */
void rip_redistribute_add(int type, int sub_type, struct prefix_ipv4 *p,
- ifindex_t ifindex, struct in_addr *nexthop,
+ struct nexthop *nh,
unsigned int metric, unsigned char distance,
route_tag_t tag)
{
memset(&newinfo, 0, sizeof(struct rip_info));
newinfo.type = type;
newinfo.sub_type = sub_type;
- newinfo.ifindex = ifindex;
newinfo.metric = 1;
newinfo.external_metric = metric;
newinfo.distance = distance;
if (tag <= UINT16_MAX) /* RIP only supports 16 bit tags */
newinfo.tag = tag;
newinfo.rp = rp;
- if (nexthop)
- newinfo.nexthop = *nexthop;
+ newinfo.nh = *nh;
if ((list = rp->info) != NULL && listcount(list) != 0) {
rinfo = listgetdata(listhead(list));
}
}
- rinfo = rip_ecmp_replace(&newinfo);
+ (void)rip_ecmp_replace(&newinfo);
route_unlock_node(rp);
} else
- rinfo = rip_ecmp_add(&newinfo);
+ (void)rip_ecmp_add(&newinfo);
if (IS_RIP_DEBUG_EVENT) {
- if (!nexthop)
- zlog_debug(
- "Redistribute new prefix %s/%d on the interface %s",
- inet_ntoa(p->prefix), p->prefixlen,
- ifindex2ifname(ifindex, VRF_DEFAULT));
- else
- zlog_debug(
- "Redistribute new prefix %s/%d with nexthop %s on the interface %s",
- inet_ntoa(p->prefix), p->prefixlen,
- inet_ntoa(rinfo->nexthop),
- ifindex2ifname(ifindex, VRF_DEFAULT));
+ zlog_debug(
+ "Redistribute new prefix %s/%d",
+ inet_ntoa(p->prefix), p->prefixlen);
}
rip_event(RIP_TRIGGERED_UPDATE, 0);
rinfo = listgetdata(listhead(list));
if (rinfo != NULL && rinfo->type == type
&& rinfo->sub_type == sub_type
- && rinfo->ifindex == ifindex) {
+ && rinfo->nh.ifindex == ifindex) {
/* Perform poisoned reverse. */
rinfo->metric = RIP_METRIC_INFINITY;
RIP_TIMER_ON(rinfo->t_garbage_collect,
if (IS_RIP_DEBUG_EVENT)
zlog_debug(
- "Poisone %s/%d on the interface %s with an "
+ "Poison %s/%d on the interface %s with an "
"infinity metric [delete]",
inet_ntoa(p->prefix),
p->prefixlen,
for (ALL_LIST_ELEMENTS_RO(list, listnode,
tmp_rinfo))
if (tmp_rinfo->type == ZEBRA_ROUTE_RIP
- && tmp_rinfo->ifindex
+ && tmp_rinfo->nh.ifindex
== ifc->ifp->ifindex) {
suppress = 1;
break;
* to avoid an IGP multi-level recursive look-up.
* see (4.4)
*/
- if (rinfo->ifindex == ifc->ifp->ifindex)
- rinfo->nexthop_out = rinfo->nexthop;
+ if (rinfo->nh.ifindex == ifc->ifp->ifindex)
+ rinfo->nexthop_out = rinfo->nh.gate.ipv4;
/* Interface route-map */
if (ri->routemap[RIP_FILTER_OUT]) {
for (ALL_LIST_ELEMENTS_RO(list, listnode,
tmp_rinfo))
if (tmp_rinfo->type == ZEBRA_ROUTE_RIP
- && tmp_rinfo->ifindex
+ && tmp_rinfo->nh.ifindex
== ifc->ifp->ifindex)
rinfo->metric_out =
RIP_METRIC_INFINITY;
"Poisone %s/%d on the interface %s with an infinity metric [withdraw]",
inet_ntoa(p->prefix),
p->prefixlen,
- ifindex2ifname(rinfo->ifindex,
- VRF_DEFAULT));
+ ifindex2ifname(
+ rinfo->nh.ifindex,
+ VRF_DEFAULT));
}
rip_event(RIP_TRIGGERED_UPDATE, 0);
{
int idx_ipv4_prefixlen = 1;
int ret;
+ struct nexthop nh;
struct prefix_ipv4 p;
struct route_node *node;
+ memset(&nh, 0, sizeof(nh));
+ nh.type = NEXTHOP_TYPE_IPV4;
+
ret = str2prefix_ipv4(argv[idx_ipv4_prefixlen]->arg, &p);
if (ret < 0) {
vty_out(vty, "Malformed address\n");
node->info = (void *)1;
- rip_redistribute_add(ZEBRA_ROUTE_RIP, RIP_ROUTE_STATIC, &p, 0, NULL, 0,
+ rip_redistribute_add(ZEBRA_ROUTE_RIP, RIP_ROUTE_STATIC, &p, &nh, 0,
0, 0);
return CMD_SUCCESS;
if (len > 0)
vty_out(vty, "%*s", len, " ");
- if (rinfo->nexthop.s_addr)
+ switch(rinfo->nh.type) {
+ case NEXTHOP_TYPE_IPV4:
+ case NEXTHOP_TYPE_IPV4_IFINDEX:
vty_out(vty, "%-20s %2d ",
- inet_ntoa(rinfo->nexthop),
+ inet_ntoa(rinfo->nh.gate.ipv4),
rinfo->metric);
- else
+ break;
+ case NEXTHOP_TYPE_IFINDEX:
vty_out(vty,
"0.0.0.0 %2d ",
rinfo->metric);
+ break;
+ case NEXTHOP_TYPE_BLACKHOLE:
+ vty_out(vty,
+ "blackhole %2d ",
+ rinfo->metric);
+ break;
+ case NEXTHOP_TYPE_IPV6:
+ case NEXTHOP_TYPE_IPV6_IFINDEX:
+ vty_out(vty,
+ "V6 Address Hidden %2d ",
+ rinfo->metric);
+ break;
+ }
/* Route which exist in kernel routing table. */
if ((rinfo->type == ZEBRA_ROUTE_RIP)
#include "qobj.h"
#include "hook.h"
+#include "nexthop.h"
#include "rip_memory.h"
/* RIP version number. */
int sub_type;
/* RIP nexthop. */
- struct in_addr nexthop;
+ struct nexthop nh;
struct in_addr from;
- /* Which interface does this route come from. */
- ifindex_t ifindex;
-
/* Metric of this route. */
u_int32_t metric;
extern int rip_neighbor_lookup(struct sockaddr_in *);
extern int rip_redistribute_check(int);
-extern void rip_redistribute_add(int, int, struct prefix_ipv4 *, ifindex_t,
- struct in_addr *, unsigned int, unsigned char,
- route_tag_t);
+extern void rip_redistribute_add(int type, int sub_type,
+ struct prefix_ipv4 *p,
+ struct nexthop *nh,
+ unsigned int metric, unsigned char distance,
+ route_tag_t tag);
extern void rip_redistribute_delete(int, int, struct prefix_ipv4 *, ifindex_t);
extern void rip_redistribute_withdraw(int);
extern void rip_zebra_ipv4_add(struct route_node *);
TESTS_BGPD = \
bgpd/test_aspath \
bgpd/test_capability \
+ bgpd/test_packet \
bgpd/test_ecommunity \
bgpd/test_mp_attr \
bgpd/test_mpath
helpers/c/prng.c
bgpd_test_aspath_SOURCES = bgpd/test_aspath.c
bgpd_test_capability_SOURCES = bgpd/test_capability.c
+bgpd_test_packet_SOURCES = bgpd/test_packet.c
bgpd_test_ecommunity_SOURCES = bgpd/test_ecommunity.c
bgpd_test_mp_attr_SOURCES = bgpd/test_mp_attr.c
bgpd_test_mpath_SOURCES = bgpd/test_mpath.c
lib_cli_test_commands_LDADD = $(ALL_TESTS_LDADD)
bgpd_test_aspath_LDADD = $(BGP_TEST_LDADD)
bgpd_test_capability_LDADD = $(BGP_TEST_LDADD)
+bgpd_test_packet_LDADD = $(BGP_TEST_LDADD)
bgpd_test_ecommunity_LDADD = $(BGP_TEST_LDADD)
bgpd_test_mp_attr_LDADD = $(BGP_TEST_LDADD)
bgpd_test_mpath_LDADD = $(BGP_TEST_LDADD)
--- /dev/null
+/*
+ * Copyright (C) 2017 Cumulus Networks Inc.
+ * Donald Sharp
+ *
+ * This file is part of FRR
+ *
+ * FRR is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2, or (at your option) any
+ * later version.
+ *
+ * FRR is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; see the file COPYING; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include <zebra.h>
+
+#include "qobj.h"
+#include "vty.h"
+#include "stream.h"
+#include "privs.h"
+#include "memory.h"
+#include "queue.h"
+#include "filter.h"
+
+#include "bgpd/bgpd.h"
+#include "bgpd/bgp_open.h"
+#include "bgpd/bgp_debug.h"
+#include "bgpd/bgp_packet.h"
+#include "bgpd/bgp_aspath.h"
+
+/* need these to link in libbgp */
+struct zebra_privs_t *bgpd_privs = NULL;
+struct thread_master *master = NULL;
+
+static struct bgp *bgp;
+static as_t asn = 100;
+
+extern int bgp_read_packet(struct peer *peer);
+
+/*
+ * This file is intended to be used as input for some sort of
+ * fuzzer. Specifically I had afl in mind when I wrote
+ * this code.
+ */
+int main(int argc, char *argv[])
+{
+ struct peer *peer;
+ int i, j;
+ struct thread t;
+
+ qobj_init();
+ bgp_attr_init();
+ master = thread_master_create(NULL);
+ bgp_master_init(master);
+ vrf_init(NULL, NULL, NULL, NULL);
+ bgp_option_set(BGP_OPT_NO_LISTEN);
+
+ if (bgp_get(&bgp, &asn, NULL, BGP_INSTANCE_TYPE_DEFAULT))
+ return -1;
+
+ peer = peer_create_accept(bgp);
+ peer->host = (char *)"foo";
+
+ for (i = AFI_IP; i < AFI_MAX; i++)
+ for (j = SAFI_UNICAST; j < SAFI_MAX; j++) {
+ peer->afc[i][j] = 1;
+ peer->afc_adv[i][j] = 1;
+ }
+
+ SET_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV);
+ peer->status = Established;
+
+ peer->fd = open(argv[1], O_RDONLY|O_NONBLOCK);
+ t.arg = peer;
+ peer->t_read = &t;
+
+ printf("bgp_read_packet returns: %d\n", bgp_read(&t));
+}
[Unit]
-Description=Cumulus Linux FRR
-After=syslog.target networking.service
+Description=FRRouting
+After=networking.service
OnFailure=heartbeat-failed@%n.service
[Service]
char *lblmgr_path = NULL;
struct sockaddr_storage dummy;
socklen_t dummylen;
+#if defined(HANDLE_ZAPI_FUZZING)
+ char *fuzzing = NULL;
+#endif
frr_preinit(&zebra_di, argc, argv);
"bakz:e:l:r"
#ifdef HAVE_NETLINK
"s:"
+#endif
+#if defined(HANDLE_ZAPI_FUZZING)
+ "c:"
#endif
,
longopts,
#ifdef HAVE_NETLINK
" -s, --nl-bufsize Set netlink receive buffer size\n"
#endif /* HAVE_NETLINK */
+#if defined(HANDLE_ZAPI_FUZZING)
+ " -c <file> Bypass normal startup use this file for tetsting of zapi"
+#endif
);
while (1) {
nl_rcvbufsize = atoi(optarg);
break;
#endif /* HAVE_NETLINK */
+#if defined(HANDLE_ZAPI_FUZZING)
+ case 'c':
+ fuzzing = optarg;
+ break;
+#endif
default:
frr_help_exit(1);
break;
* routing socket. */
zebra_ns_init();
+#if defined(HANDLE_ZAPI_FUZZING)
+ if (fuzzing) {
+ zserv_read_file(fuzzing);
+ exit(0);
+ }
+#endif
+
/* Process the configuration file. Among other configuration
* directives we can meet those installing static routes. Such
* requests will not be executed immediately, but queued in
while (rn) {
route_unlock_node(rn);
- /* If lookup self prefix return immediately. */
- if (rn == top)
- return 0;
+ /* Lookup should halt if we've matched against ourselves ('top',
+ * if specified) - i.e., we cannot have a nexthop NH1 is
+ * resolved by a route NH1. The exception is if the route is a
+ * host route.
+ */
+ if (top && rn == top)
+ if (((afi == AFI_IP) && (rn->p.prefixlen != 32)) ||
+ ((afi == AFI_IP6) && (rn->p.prefixlen != 128)))
+ return 0;
/* Pick up selected route. */
/* However, do not resolve over default route unless explicitly
if (info->safi != SAFI_UNICAST) {
for (ALL_NEXTHOPS(re->nexthop, nexthop))
- SET_FLAG(nexthop->flags, NEXTHOP_FLAG_FIB);
+ UNSET_FLAG(nexthop->flags, NEXTHOP_FLAG_FIB);
return ret;
}
}
/*
- * Determine appropriate route (RE entry) resolving a tracked entry
- * (nexthop or BGP route for import).
+ * Determine appropriate route (RE entry) resolving a tracked BGP route
+ * for BGP route for import.
*/
-static struct route_entry *zebra_rnh_resolve_entry(vrf_id_t vrfid, int family,
- rnh_type_t type,
+static
+struct route_entry *zebra_rnh_resolve_import_entry(vrf_id_t vrfid,
+ int family,
struct route_node *nrn,
struct rnh *rnh,
struct route_node **prn)
if (!rn)
return NULL;
- /* When resolving nexthops, do not resolve via the default route unless
- * 'ip nht resolve-via-default' is configured.
- */
- if ((type == RNH_NEXTHOP_TYPE)
- && (is_default_prefix(&rn->p)
- && !nh_resolve_via_default(rn->p.family)))
- re = NULL;
- else if ((type == RNH_IMPORT_CHECK_TYPE)
- && CHECK_FLAG(rnh->flags, ZEBRA_NHT_EXACT_MATCH)
- && !prefix_same(&nrn->p, &rn->p))
- re = NULL;
- else {
- /* Identify appropriate route entry. */
- RNODE_FOREACH_RE (rn, re) {
- if (CHECK_FLAG(re->status, ROUTE_ENTRY_REMOVED))
- continue;
- if (!CHECK_FLAG(re->status, ROUTE_ENTRY_SELECTED_FIB))
- continue;
+ /* Unlock route node - we don't need to lock when walking the tree. */
+ route_unlock_node(rn);
- if (CHECK_FLAG(rnh->flags, ZEBRA_NHT_CONNECTED)) {
- if (re->type == ZEBRA_ROUTE_CONNECT)
- break;
- if (re->type == ZEBRA_ROUTE_NHRP) {
- struct nexthop *nexthop;
- for (nexthop = re->nexthop; nexthop;
- nexthop = nexthop->next)
- if (nexthop->type
- == NEXTHOP_TYPE_IFINDEX)
- break;
- if (nexthop)
- break;
- }
- } else if ((type == RNH_IMPORT_CHECK_TYPE)
- && (re->type == ZEBRA_ROUTE_BGP))
- continue;
- else
- break;
- }
+ if (CHECK_FLAG(rnh->flags, ZEBRA_NHT_EXACT_MATCH) &&
+ !prefix_same(&nrn->p, &rn->p))
+ return NULL;
+
+ /* Identify appropriate route entry. */
+ RNODE_FOREACH_RE(rn, re) {
+ if (!CHECK_FLAG(re->status, ROUTE_ENTRY_REMOVED) &&
+ CHECK_FLAG(re->flags, ZEBRA_FLAG_SELECTED) &&
+ (re->type != ZEBRA_ROUTE_BGP))
+ break;
}
- /* Need to unlock route node */
- route_unlock_node(rn);
if (re)
*prn = rn;
return re;
}
}
+/*
+ * Determine appropriate route (route entry) resolving a tracked
+ * nexthop.
+ */
+static struct route_entry *zebra_rnh_resolve_nexthop_entry(vrf_id_t vrfid,
+ int family,
+ struct route_node *nrn,
+ struct rnh *rnh,
+ struct route_node **prn)
+{
+ struct route_table *route_table;
+ struct route_node *rn;
+ struct route_entry *re;
+
+ *prn = NULL;
+
+ route_table = zebra_vrf_table(family2afi(family), SAFI_UNICAST, vrfid);
+ if (!route_table)
+ return NULL;
+
+ rn = route_node_match(route_table, &nrn->p);
+ if (!rn)
+ return NULL;
+
+ /* Unlock route node - we don't need to lock when walking the tree. */
+ route_unlock_node(rn);
+
+ /* While resolving nexthops, we may need to walk up the tree from the
+ * most-specific match. Do similar logic as in zebra_rib.c
+ */
+ while (rn) {
+ /* Do not resolve over default route unless allowed &&
+ * match route to be exact if so specified
+ */
+ if (is_default_prefix(&rn->p) &&
+ !nh_resolve_via_default(rn->p.family))
+ return NULL;
+
+ /* Identify appropriate route entry. */
+ RNODE_FOREACH_RE(rn, re) {
+ if (CHECK_FLAG(re->status, ROUTE_ENTRY_REMOVED))
+ continue;
+ if (!CHECK_FLAG(re->flags, ZEBRA_FLAG_SELECTED))
+ continue;
+
+ if (CHECK_FLAG(rnh->flags, ZEBRA_NHT_CONNECTED)) {
+ if ((re->type == ZEBRA_ROUTE_CONNECT)
+ || (re->type == ZEBRA_ROUTE_STATIC))
+ break;
+ if (re->type == ZEBRA_ROUTE_NHRP) {
+ struct nexthop *nexthop;
+
+ for (nexthop = re->nexthop;
+ nexthop;
+ nexthop = nexthop->next)
+ if (nexthop->type
+ == NEXTHOP_TYPE_IFINDEX)
+ break;
+ if (nexthop)
+ break;
+ }
+ } else
+ break;
+ }
+
+ /* Route entry found, we're done; else, walk up the tree. */
+ if (re) {
+ *prn = rn;
+ return re;
+ }
+
+ if (CHECK_FLAG(rnh->flags, ZEBRA_NHT_CONNECTED))
+ rn = rn->parent;
+ else
+ return NULL;
+ }
+
+ return NULL;
+}
+
static void zebra_rnh_process_pseudowires(vrf_id_t vrfid, struct rnh *rnh)
{
struct zebra_pw *pw;
rnh = nrn->info;
/* Identify route entry (RE) resolving this tracked entry. */
- re = zebra_rnh_resolve_entry(vrfid, family, type, nrn, rnh, &prn);
+ if (type == RNH_IMPORT_CHECK_TYPE)
+ re = zebra_rnh_resolve_import_entry(vrfid, family, nrn,
+ rnh, &prn);
+ else
+ re = zebra_rnh_resolve_nexthop_entry(vrfid, family, nrn, rnh,
+ &prn);
/* If the entry cannot be resolved and that is also the existing state,
* there is nothing further to do.
rnh = nrn->info;
- re = zebra_rnh_resolve_entry(vrfid, family, type, nrn, rnh, &prn);
+ /* Identify route entry (RIB) resolving this tracked entry. */
+ if (type == RNH_IMPORT_CHECK_TYPE)
+ re = zebra_rnh_resolve_import_entry(vrfid, family, nrn,
+ rnh, &prn);
+ else
+ re = zebra_rnh_resolve_nexthop_entry(vrfid, family, nrn, rnh,
+ &prn);
if (re) {
UNSET_FLAG(re->status, ROUTE_ENTRY_NEXTHOPS_CHANGED);
#include "zebra/zebra_static.h"
#include "lib/json.h"
#include "zebra/zebra_vxlan.h"
+#ifndef VTYSH_EXTRACT_PL
#include "zebra/zebra_vty_clippy.c"
+#endif
#include "zebra/zserv.h"
extern int allow_delete;
{
int uj = use_json(argc, argv);
return do_show_ip_route(vty, VRF_DEFAULT_NAME, AFI_IP, SAFI_MULTICAST,
- false, uj, 0, NULL, false, -1, 0);
+ false, uj, 0, NULL, false, 0, 0);
}
DEFUN (show_ip_rpf_addr,
}
}
+#if defined(HANDLE_ZAPI_FUZZING)
+static void zserv_write_incoming(struct stream *orig, uint16_t command)
+{
+ char fname[MAXPATHLEN];
+ struct stream *copy;
+ int fd = -1;
+
+ copy = stream_dup(orig);
+ stream_set_getp(copy, 0);
+
+ zserv_privs.change(ZPRIVS_RAISE);
+ snprintf(fname, MAXPATHLEN, "%s/%u", DAEMON_VTY_DIR, command);
+ fd = open(fname, O_CREAT | O_WRONLY | O_EXCL, 0644);
+ stream_flush(copy, fd);
+ close(fd);
+ zserv_privs.change(ZPRIVS_LOWER);
+ stream_free(copy);
+}
+#endif
+
/* Handler of zebra service request. */
static int zebra_client_read(struct thread *thread)
{
uint8_t marker, version;
vrf_id_t vrf_id;
struct zebra_vrf *zvrf;
+#if defined(HANDLE_ZAPI_FUZZING)
+ int packets = 1;
+#else
int packets = zebrad.packets_to_process;
+#endif
/* Get thread data. Reset reading thread because I'm running. */
sock = THREAD_FD(thread);
}
}
+#if defined(HANDLE_ZAPI_FUZZING)
+ zserv_write_incoming(client->ibuf, command);
+#endif
length -= ZEBRA_HEADER_SIZE;
/* Debug packet information. */
"", /* This node has no interface. */
1};
+#if defined(HANDLE_ZAPI_FUZZING)
+void zserv_read_file(char *input)
+{
+ int fd;
+ struct zserv *client = NULL;
+ struct thread t;
+
+ zebra_client_create(-1);
+ client = zebrad.client_list->head->data;
+ t.arg = client;
+
+ fd = open(input, O_RDONLY|O_NONBLOCK);
+ t.u.fd = fd;
+
+ zebra_client_read(&t);
+
+ close(fd);
+}
+#endif
+
/* Initialisation of zebra and installation of commands. */
void zebra_init(void)
{
extern struct zserv *zebra_find_client(u_char proto);
+#if defined(HANDLE_ZAPI_FUZZING)
+extern void zserv_read_file(char *input);
+#endif
+
#endif /* _ZEBRA_ZEBRA_H */
projects / mirror_frr.git / commitdiff