]>
Commit | Line | Data |
---|---|---|
acddc0ed | 1 | // SPDX-License-Identifier: MIT |
ca10883e DS |
2 | /* |
3 | Copyright 2011 by Matthieu Boutier and Juliusz Chroboczek | |
ca10883e DS |
4 | */ |
5 | ||
b45ac5f5 DL |
6 | #ifdef HAVE_CONFIG_H |
7 | #include "config.h" | |
8 | #endif | |
9 | ||
ca10883e DS |
10 | #include "babel_filter.h" |
11 | #include "vty.h" | |
12 | #include "filter.h" | |
13 | #include "log.h" | |
14 | #include "plist.h" | |
15 | #include "distribute.h" | |
16 | #include "util.h" | |
17 | ||
18 | int | |
19 | babel_filter(int output, const unsigned char *prefix, unsigned short plen, | |
20 | unsigned int ifindex) | |
21 | { | |
22 | struct interface *ifp = if_lookup_by_index(ifindex, VRF_DEFAULT); | |
23 | babel_interface_nfo *babel_ifp = ifp ? babel_get_if_nfo(ifp) : NULL; | |
24 | struct prefix p; | |
03a38493 | 25 | struct distribute *dist = NULL; |
ca10883e DS |
26 | struct access_list *alist; |
27 | struct prefix_list *plist; | |
28 | int distribute; | |
03a38493 | 29 | struct babel *babel; |
0f9650ca | 30 | afi_t family; |
ca10883e DS |
31 | |
32 | p.family = v4mapped(prefix) ? AF_INET : AF_INET6; | |
33 | p.prefixlen = v4mapped(prefix) ? plen - 96 : plen; | |
34 | if (p.family == AF_INET) { | |
35 | uchar_to_inaddr(&p.u.prefix4, prefix); | |
36 | distribute = output ? DISTRIBUTE_V4_OUT : DISTRIBUTE_V4_IN; | |
0f9650ca | 37 | family = AFI_IP; |
ca10883e DS |
38 | } else { |
39 | uchar_to_in6addr(&p.u.prefix6, prefix); | |
40 | distribute = output ? DISTRIBUTE_V6_OUT : DISTRIBUTE_V6_IN; | |
0f9650ca | 41 | family = AFI_IP6; |
ca10883e DS |
42 | } |
43 | ||
44 | if (babel_ifp != NULL && babel_ifp->list[distribute]) { | |
45 | if (access_list_apply (babel_ifp->list[distribute], &p) | |
46 | == FILTER_DENY) { | |
47 | debugf(BABEL_DEBUG_FILTER, | |
2bd8bc15 MS |
48 | "%pFX filtered by distribute %s", |
49 | &p, output ? "out" : "in"); | |
ca10883e DS |
50 | return INFINITY; |
51 | } | |
52 | } | |
53 | if (babel_ifp != NULL && babel_ifp->prefix[distribute]) { | |
54 | if (prefix_list_apply (babel_ifp->prefix[distribute], &p) | |
55 | == PREFIX_DENY) { | |
2bd8bc15 MS |
56 | debugf(BABEL_DEBUG_FILTER, "%pFX filtered by distribute %s", |
57 | &p, output ? "out" : "in"); | |
ca10883e DS |
58 | return INFINITY; |
59 | } | |
60 | } | |
61 | ||
62 | /* All interface filter check. */ | |
03a38493 PG |
63 | babel = babel_lookup(); |
64 | if (babel) | |
65 | dist = distribute_lookup (babel->distribute_ctx, NULL); | |
ca10883e DS |
66 | if (dist) { |
67 | if (dist->list[distribute]) { | |
0f9650ca | 68 | alist = access_list_lookup (family, dist->list[distribute]); |
ca10883e DS |
69 | |
70 | if (alist) { | |
71 | if (access_list_apply (alist, &p) == FILTER_DENY) { | |
2bd8bc15 MS |
72 | debugf(BABEL_DEBUG_FILTER,"%pFX filtered by distribute %s", |
73 | &p, output ? "out" : "in"); | |
ca10883e DS |
74 | return INFINITY; |
75 | } | |
76 | } | |
77 | } | |
78 | if (dist->prefix[distribute]) { | |
0f9650ca | 79 | plist = prefix_list_lookup (family, dist->prefix[distribute]); |
ca10883e DS |
80 | if (plist) { |
81 | if (prefix_list_apply (plist, &p) == PREFIX_DENY) { | |
2bd8bc15 MS |
82 | debugf(BABEL_DEBUG_FILTER,"%pFX filtered by distribute %s", |
83 | &p, output ? "out" : "in"); | |
ca10883e DS |
84 | return INFINITY; |
85 | } | |
86 | } | |
87 | } | |
88 | } | |
89 | return 0; | |
90 | } |