]> git.ipfire.org Git - thirdparty/bird.git/blame - filter/filter.c
projects / thirdparty / bird.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
whitespace fixes
[thirdparty/bird.git] / filter / filter.c
CommitLineData
23b1539b
PM		 1/*
2 * Filters: utility functions
3 *
4 * Copyright 1998 Pavel Machek <pavel@ucw.cz>
5 *
6 * Can be freely distributed and used under the terms of the GNU GPL.
29818140 7 *
23b1539b
PM		 8 */
9
2337ade7
PM		 10/**
11 * DOC: Filters
12 *
725270cb
MM		 13 * You can find sources of the filter language in |filter/|
14 * directory. File |filter/config.Y| contains filter grammar and basically translates
15 * the source from user into a tree of &f_inst structures. These trees are
16 * later interpreted using code in |filter/filter.c|.
fe613ecd 17 *
725270cb
MM		 18 * A filter is represented by a tree of &f_inst structures, one structure per
19 * "instruction". Each &f_inst contains @code, @aux value which is
20 * usually the data type this instruction operates on and two generic
21 * arguments (@a1, @a2). Some instructions contain pointer(s) to other
22 * instructions in their (@a1, @a2) fields.
2337ade7 23 *
725270cb
MM		 24 * Filters use a &f_val structure for their data. Each &f_val
25 * contains type and value (types are constants prefixed with %T_). Few
26 * of the types are special; %T_RETURN can be or-ed with a type to indicate
27 * that return from a function or from the whole filter should be
28 * forced. Important thing about &f_val's is that they may be copied
29 * with a simple |=|. That's fine for all currently defined types: strings
2337ade7 30 * are read-only (and therefore okay), paths are copied for each
4c5f93d7
PM		 31 * operation (okay too).
32 */
2337ade7 33
9a220cab 34#undef LOCAL_DEBUG
6b9fa320 35
23b1539b
PM		 36#include "nest/bird.h"
37#include "lib/lists.h"
38#include "lib/resource.h"
39#include "lib/socket.h"
38506f71 40#include "lib/string.h"
7f77e250 41#include "lib/unaligned.h"
23b1539b
PM		 42#include "nest/route.h"
43#include "nest/protocol.h"
44#include "nest/iface.h"
159fa4ce 45#include "nest/attrs.h"
23b1539b
PM		 46#include "conf/conf.h"
47#include "filter/filter.h"
48
2d496d20
PM		 49#define P(a,b) ((a<<8) | b)
50
38506f71
PM		 51#define CMP_ERROR 999
52
9831e591 53static struct adata *
42a0c054 54adata_empty(struct linpool *pool, int l)
ad9074e9 55{
42a0c054
OZ		 56 struct adata *res = lp_alloc(pool, sizeof(struct adata) + l);
57 res->length = l;
ad9074e9
PM		 58 return res;
59}
60
11cb6202 61static void
0e175f9f 62pm_format(struct f_path_mask *p, buffer *buf)
11cb6202 63{
0e175f9f 64 buffer_puts(buf, "[= ");
11cb6202
OZ		 65
66 while (p)
0e175f9f
OZ		 67 {
68 switch(p->kind)
11cb6202 69 {
0e175f9f
OZ		 70 case PM_ASN:
71 buffer_print(buf, "%u ", p->val);
72 break;
92a72a4c 73
0e175f9f
OZ		 74 case PM_QUESTION:
75 buffer_puts(buf, "? ");
76 break;
92a72a4c 77
0e175f9f
OZ		 78 case PM_ASTERISK:
79 buffer_puts(buf, "* ");
80 break;
11cb6202 81
a0fe1944
OF		 82 case PM_ASN_RANGE:
83 buffer_print(buf, "%u..%u ", p->val, p->val2);
84 break;
85
0e175f9f
OZ		 86 case PM_ASN_EXPR:
87 buffer_print(buf, "%u ", f_eval_asn((struct f_inst *) p->val));
88 break;
11cb6202
OZ		 89 }
90
0e175f9f
OZ		 91 p = p->next;
92 }
93
94 buffer_puts(buf, "=]");
11cb6202
OZ		 95}
96
70c57805 97static inline int
0aeac9cb 98uint_cmp(uint i1, uint i2)
2dec1e34 99{
70c57805 100 return (int)(i1 > i2) - (int)(i1 < i2);
2dec1e34
OZ		 101}
102
70c57805
OZ		 103static inline int
104u64_cmp(u64 i1, u64 i2)
42a0c054 105{
70c57805 106 return (int)(i1 > i2) - (int)(i1 < i2);
42a0c054
OZ		 107}
108
8dcf2544 109/**
3e82b32d 110 * val_compare - compare two values
8dcf2544
PM		 111 * @v1: first value
112 * @v2: second value
113 *
28a10f84
OZ		 114 * Compares two values and returns -1, 0, 1 on <, =, > or CMP_ERROR on
115 * error. Tree module relies on this giving consistent results so
116 * that it can be used for building balanced trees.
b093c328 117 */
38506f71
PM		 118int
119val_compare(struct f_val v1, struct f_val v2)
120{
d85e1f0e
MM		 121 int rc;
122
f71bded6 123 if (v1.type != v2.type) {
70c57805
OZ		 124 if (v1.type == T_VOID) /* Hack for else */
125 return -1;
126 if (v2.type == T_VOID)
127 return 1;
128
126683fe
OZ		 129#ifndef IPV6
130 /* IP->Quad implicit conversion */
131 if ((v1.type == T_QUAD) && (v2.type == T_IP))
2dec1e34 132 return uint_cmp(v1.val.i, ipa_to_u32(v2.val.px.ip));
126683fe 133 if ((v1.type == T_IP) && (v2.type == T_QUAD))
2dec1e34 134 return uint_cmp(ipa_to_u32(v1.val.px.ip), v2.val.i);
126683fe
OZ		 135#endif
136
f71bded6 137 debug( "Types do not match in val_compare\n" );
7db7b7db 138 return CMP_ERROR;
f71bded6 139 }
28a10f84 140
38506f71 141 switch (v1.type) {
28a10f84
OZ		 142 case T_VOID:
143 return 0;
f4536657 144 case T_ENUM:
a6c9f064
OF		 145 case T_INT:
146 case T_BOOL:
d3dd620b 147 case T_PAIR:
126683fe 148 case T_QUAD:
2dec1e34 149 return uint_cmp(v1.val.i, v2.val.i);
42a0c054
OZ		 150 case T_EC:
151 return u64_cmp(v1.val.ec, v2.val.ec);
43fc099b 152 case T_IP:
6dc7a0cb 153 return ipa_compare(v1.val.px.ip, v2.val.px.ip);
d85e1f0e
MM		 154 case T_PREFIX:
155 if (rc = ipa_compare(v1.val.px.ip, v2.val.px.ip))
156 return rc;
52e030e1 157 return uint_cmp(v1.val.px.len, v2.val.px.len);
e29fa06e
OZ		 158 case T_STRING:
159 return strcmp(v1.val.s, v2.val.s);
3076b5ae
MM		 160 default:
161 return CMP_ERROR;
38506f71
PM		 162 }
163}
164
28a10f84 165static int
122deb6d 166pm_same(struct f_path_mask *m1, struct f_path_mask *m2)
dfd48621 167{
28a10f84
OZ		 168 while (m1 && m2)
169 {
122deb6d 170 if (m1->kind != m2->kind)
28a10f84
OZ		 171 return 0;
172
122deb6d
OZ		 173 if (m1->kind == PM_ASN_EXPR)
174 {
175 if (!i_same((struct f_inst *) m1->val, (struct f_inst *) m2->val))
176 return 0;
177 }
178 else
179 {
180 if ((m1->val != m2->val) || (m1->val2 != m2->val2))
181 return 0;
182 }
183
28a10f84
OZ		 184 m1 = m1->next;
185 m2 = m2->next;
186 }
187
33d22f0e 188 return !m1 && !m2;
28a10f84
OZ		 189}
190
191/**
192 * val_same - compare two values
193 * @v1: first value
194 * @v2: second value
195 *
196 * Compares two values and returns 1 if they are same and 0 if not.
197 * Comparison of values of different types is valid and returns 0.
198 */
199int
200val_same(struct f_val v1, struct f_val v2)
dfd48621 201{
28a10f84
OZ		 202 int rc;
203
204 rc = val_compare(v1, v2);
205 if (rc != CMP_ERROR)
206 return !rc;
207
208 if (v1.type != v2.type)
209 return 0;
210
211 switch (v1.type) {
212 case T_PATH_MASK:
122deb6d 213 return pm_same(v1.val.path_mask, v2.val.path_mask);
28a10f84
OZ		 214 case T_PATH:
215 case T_CLIST:
216 case T_ECLIST:
217 return adata_same(v1.val.ad, v2.val.ad);
218 case T_SET:
219 return same_tree(v1.val.t, v2.val.t);
220 case T_PREFIX_SET:
221 return trie_same(v1.val.ti, v2.val.ti);
222 default:
223 bug("Invalid type in val_same(): %x", v1.type);
224 }
dfd48621 225}
b1a597e0
OZ		 226
227void
7f0d245a 228fprefix_get_bounds(struct f_prefix *px, int *l, int *h)
b1a597e0
OZ		 229{
230 *l = *h = px->len & LEN_MASK;
231
232 if (px->len & LEN_MINUS)
233 *l = 0;
234
235 else if (px->len & LEN_PLUS)
236 *h = MAX_PREFIX_LENGTH;
237
238 else if (px->len & LEN_RANGE)
239 {
240 *l = 0xff & (px->len >> 16);
241 *h = 0xff & (px->len >> 8);
242 }
243}
244
ba5c0057
OZ		 245static int
246clist_set_type(struct f_tree *set, struct f_val *v)
247{
248 switch (set->from.type) {
249 case T_PAIR:
250 v->type = T_PAIR;
251 return 1;
252 case T_QUAD:
253#ifndef IPV6
254 case T_IP:
255#endif
256 v->type = T_QUAD;
257 return 1;
258 break;
259 default:
260 v->type = T_VOID;
261 return 0;
262 }
263}
264
42a0c054
OZ		 265static inline int
266eclist_set_type(struct f_tree *set)
267{ return set->from.type == T_EC; }
268
ba5c0057
OZ		 269static int
270clist_match_set(struct adata *clist, struct f_tree *set)
271{
272 if (!clist)
273 return 0;
274
275 struct f_val v;
276 if (!clist_set_type(set, &v))
277 return CMP_ERROR;
278
279 u32 *l = (u32 *) clist->data;
280 u32 *end = l + clist->length/4;
42a0c054 281
ba5c0057
OZ		 282 while (l < end) {
283 v.val.i = *l++;
284 if (find_tree(set, v))
285 return 1;
286 }
287 return 0;
288}
289
42a0c054
OZ		 290static int
291eclist_match_set(struct adata *list, struct f_tree *set)
292{
293 if (!list)
294 return 0;
295
296 if (!eclist_set_type(set))
297 return CMP_ERROR;
298
299 struct f_val v;
300 u32 *l = int_set_get_data(list);
301 int len = int_set_get_size(list);
302 int i;
303
304 v.type = T_EC;
305 for (i = 0; i < len; i += 2) {
306 v.val.ec = ec_get(l, i);
307 if (find_tree(set, v))
308 return 1;
309 }
310
311 return 0;
312}
313
ba5c0057 314static struct adata *
0888a737 315clist_filter(struct linpool *pool, struct adata *list, struct f_val set, int pos)
ba5c0057 316{
0888a737 317 if (!list)
ba5c0057
OZ		 318 return NULL;
319
0888a737 320 int tree = (set.type == T_SET); /* 1 -> set is T_SET, 0 -> set is T_CLIST */
ba5c0057 321 struct f_val v;
0888a737
OZ		 322 if (tree)
323 clist_set_type(set.val.t, &v);
324 else
325 v.type = T_PAIR;
ba5c0057 326
0888a737
OZ		 327 int len = int_set_get_size(list);
328 u32 *l = int_set_get_data(list);
329 u32 tmp[len];
ba5c0057 330 u32 *k = tmp;
0888a737 331 u32 *end = l + len;
ba5c0057
OZ		 332
333 while (l < end) {
334 v.val.i = *l++;
0888a737
OZ		 335 /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */
336 if ((tree ? !!find_tree(set.val.t, v) : int_set_contains(set.val.ad, v.val.i)) == pos)
ba5c0057
OZ		 337 *k++ = v.val.i;
338 }
339
340 int nl = (k - tmp) * 4;
0888a737
OZ		 341 if (nl == list->length)
342 return list;
ba5c0057 343
42a0c054
OZ		 344 struct adata *res = adata_empty(pool, nl);
345 memcpy(res->data, tmp, nl);
346 return res;
347}
348
349static struct adata *
0888a737 350eclist_filter(struct linpool *pool, struct adata *list, struct f_val set, int pos)
42a0c054
OZ		 351{
352 if (!list)
353 return NULL;
354
0888a737 355 int tree = (set.type == T_SET); /* 1 -> set is T_SET, 0 -> set is T_CLIST */
42a0c054
OZ		 356 struct f_val v;
357
358 int len = int_set_get_size(list);
359 u32 *l = int_set_get_data(list);
360 u32 tmp[len];
361 u32 *k = tmp;
362 int i;
363
364 v.type = T_EC;
365 for (i = 0; i < len; i += 2) {
366 v.val.ec = ec_get(l, i);
0888a737
OZ		 367 /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */
368 if ((tree ? !!find_tree(set.val.t, v) : ec_set_contains(set.val.ad, v.val.ec)) == pos) {
42a0c054
OZ		 369 *k++ = l[i];
370 *k++ = l[i+1];
371 }
372 }
373
374 int nl = (k - tmp) * 4;
375 if (nl == list->length)
376 return list;
377
378 struct adata *res = adata_empty(pool, nl);
ba5c0057
OZ		 379 memcpy(res->data, tmp, nl);
380 return res;
381}
382
8dcf2544 383/**
3e82b32d 384 * val_in_range - implement |~| operator
8dcf2544
PM		 385 * @v1: element
386 * @v2: set
387 *
b655596d 388 * Checks if @v1 is element (|~| operator) of @v2.
b093c328 389 */
9831e591 390static int
7db7b7db
PM		 391val_in_range(struct f_val v1, struct f_val v2)
392{
b655596d
OZ		 393 if ((v1.type == T_PATH) && (v2.type == T_PATH_MASK))
394 return as_path_match(v1.val.ad, v2.val.path_mask);
6dc7a0cb 395
b655596d 396 if ((v1.type == T_INT) && (v2.type == T_PATH))
a15dab76 397 return as_path_contains(v2.val.ad, v1.val.i, 1);
6dc7a0cb 398
b655596d
OZ		 399 if (((v1.type == T_PAIR) || (v1.type == T_QUAD)) && (v2.type == T_CLIST))
400 return int_set_contains(v2.val.ad, v1.val.i);
401#ifndef IPV6
402 /* IP->Quad implicit conversion */
403 if ((v1.type == T_IP) && (v2.type == T_CLIST))
404 return int_set_contains(v2.val.ad, ipa_to_u32(v1.val.px.ip));
405#endif
b1a597e0 406
b655596d
OZ		 407 if ((v1.type == T_EC) && (v2.type == T_ECLIST))
408 return ec_set_contains(v2.val.ad, v1.val.ec);
ba5c0057 409
b655596d
OZ		 410 if ((v1.type == T_STRING) && (v2.type == T_STRING))
411 return patmatch(v2.val.s, v1.val.s);
42a0c054 412
b655596d
OZ		 413 if ((v1.type == T_IP) && (v2.type == T_PREFIX))
414 return ipa_in_net(v1.val.px.ip, v2.val.px.ip, v2.val.px.len);
7db7b7db 415
b655596d
OZ		 416 if ((v1.type == T_PREFIX) && (v2.type == T_PREFIX))
417 return net_in_net(v1.val.px.ip, v1.val.px.len, v2.val.px.ip, v2.val.px.len);
0d1b3c4c 418
b1a597e0 419 if ((v1.type == T_PREFIX) && (v2.type == T_PREFIX_SET))
7f0d245a 420 return trie_match_fprefix(v2.val.ti, &v1.val.px);
0d1b3c4c 421
b655596d
OZ		 422 if (v2.type != T_SET)
423 return CMP_ERROR;
0d1b3c4c 424
b655596d
OZ		 425 /* With integrated Quad<->IP implicit conversion */
426 if ((v1.type == v2.val.t->from.type) ||
427 ((IP_VERSION == 4) && (v1.type == T_QUAD) && (v2.val.t->from.type == T_IP)))
428 return !!find_tree(v2.val.t, v1);
0d1b3c4c 429
b655596d 430 if (v1.type == T_CLIST)
ba5c0057 431 return clist_match_set(v1.val.ad, v2.val.t);
0d1b3c4c 432
b655596d 433 if (v1.type == T_ECLIST)
42a0c054
OZ		 434 return eclist_match_set(v1.val.ad, v2.val.t);
435
b655596d 436 if (v1.type == T_PATH)
cc31b75a
OZ		 437 return as_path_match_set(v1.val.ad, v2.val.t);
438
7db7b7db 439 return CMP_ERROR;
38506f71
PM		 440}
441
4c5f93d7 442/*
0e175f9f 443 * val_format - format filter value
b093c328 444 */
508d9360 445void
0e175f9f 446val_format(struct f_val v, buffer *buf)
38506f71 447{
ecd25633 448 char buf2[1024];
0e175f9f
OZ		 449 switch (v.type)
450 {
451 case T_VOID: buffer_puts(buf, "(void)"); return;
452 case T_BOOL: buffer_puts(buf, v.val.i ? "TRUE" : "FALSE"); return;
52e030e1 453 case T_INT: buffer_print(buf, "%u", v.val.i); return;
0e175f9f
OZ		 454 case T_STRING: buffer_print(buf, "%s", v.val.s); return;
455 case T_IP: buffer_print(buf, "%I", v.val.px.ip); return;
456 case T_PREFIX: buffer_print(buf, "%I/%d", v.val.px.ip, v.val.px.len); return;
52e030e1 457 case T_PAIR: buffer_print(buf, "(%u,%u)", v.val.i >> 16, v.val.i & 0xffff); return;
0e175f9f
OZ		 458 case T_QUAD: buffer_print(buf, "%R", v.val.i); return;
459 case T_EC: ec_format(buf2, v.val.ec); buffer_print(buf, "%s", buf2); return;
460 case T_PREFIX_SET: trie_format(v.val.ti, buf); return;
461 case T_SET: tree_format(v.val.t, buf); return;
52e030e1 462 case T_ENUM: buffer_print(buf, "(enum %x)%u", v.type, v.val.i); return;
0e175f9f
OZ		 463 case T_PATH: as_path_format(v.val.ad, buf2, 1000); buffer_print(buf, "(path %s)", buf2); return;
464 case T_CLIST: int_set_format(v.val.ad, 1, -1, buf2, 1000); buffer_print(buf, "(clist %s)", buf2); return;
465 case T_ECLIST: ec_set_format(v.val.ad, -1, buf2, 1000); buffer_print(buf, "(eclist %s)", buf2); return;
466 case T_PATH_MASK: pm_format(v.val.path_mask, buf); return;
467 default: buffer_print(buf, "[unknown type %x]", v.type); return;
38506f71 468 }
38506f71
PM		 469}
470
a03ede64
OZ		 471static struct rte **f_rte;
472static struct rta *f_old_rta;
31e79264 473static struct ea_list **f_tmp_attrs;
a03ede64 474static struct linpool *f_pool;
0e175f9f 475static struct buffer f_buf;
0a06a9b8 476static int f_flags;
36bbfc70 477
a03ede64
OZ		 478static inline void f_rte_cow(void)
479{
315f23a0 480 *f_rte = rte_cow(*f_rte);
a03ede64
OZ		 481}
482
4c5f93d7 483/*
b093c328
PM		 484 * rta_cow - prepare rta for modification by filter
485 */
9831e591 486static void
a03ede64 487f_rta_cow(void)
26c09e1d 488{
8d9eef17
OZ		 489 if (!rta_is_cached((*f_rte)->attrs))
490 return;
491
492 /* Prepare to modify rte */
493 f_rte_cow();
494
495 /* Store old rta to free it later, it stores reference from rte_cow() */
496 f_old_rta = (*f_rte)->attrs;
497
498 /*
499 * Get shallow copy of rta. Fields eattrs and nexthops of rta are shared
500 * with f_old_rta (they will be copied when the cached rta will be obtained
501 * at the end of f_run()), also the lock of hostentry is inherited (we
502 * suppose hostentry is not changed by filters).
503 */
504 (*f_rte)->attrs = rta_do_cow((*f_rte)->attrs, f_pool);
26c09e1d
PM		 505}
506
1123e707 507static struct tbf rl_runtime_err = TBF_DEFAULT_LOG_LIMITS;
cb530392 508
9a4037d4 509#define runtime(x) do { \
cb530392 510 log_rl(&rl_runtime_err, L_ERR "filters, line %d: %s", what->lineno, x); \
9a4037d4
PM		 511 res.type = T_RETURN; \
512 res.val.i = F_ERROR; \
513 return res; \
514 } while(0)
515
516#define ARG(x,y) \
517 x = interpret(what->y); \
2d496d20 518 if (x.type & T_RETURN) \
9a4037d4
PM		 519 return x;
520
521#define ONEARG ARG(v1, a1.p)
522#define TWOARGS ARG(v1, a1.p) \
523 ARG(v2, a2.p)
524#define TWOARGS_C TWOARGS \
525 if (v1.type != v2.type) \
b178d92a 526 runtime( "Can't operate with values of incompatible types" );
508d9360
OZ		 527#define ACCESS_RTE \
528 do { if (!f_rte) runtime("No route to access"); } while (0)
7db7b7db 529
315f23a0
OZ		 530#define BITFIELD_MASK(what) \
531 (1u << (what->a2.i >> 24))
532
b093c328
PM		 533/**
534 * interpret
2e9b2421 535 * @what: filter to interpret
b093c328 536 *
4c5f93d7 537 * Interpret given tree of filter instructions. This is core function
b093c328 538 * of filter system and does all the hard work.
771ae456
PM		 539 *
540 * Each instruction has 4 fields: code (which is instruction code),
541 * aux (which is extension to instruction code, typically type),
542 * arg1 and arg2 - arguments. Depending on instruction, arguments
315f23a0 543 * are either integers, or pointers to instruction trees. Common
771ae456
PM		 544 * instructions like +, that have two expressions as arguments use
545 * TWOARGS macro to get both of them evaluated.
546 *
547 * &f_val structures are copied around, so there are no problems with
548 * memory managment.
b093c328 549 */
23b1539b
PM		 550static struct f_val
551interpret(struct f_inst *what)
552{
553 struct symbol *sym;
126683fe 554 struct f_val v1, v2, res, *vp;
92a72a4c 555 unsigned u1, u2;
6a57bb31 556 int i;
7ea5b00f 557 u32 as;
23b1539b
PM		 558
559 res.type = T_VOID;
560 if (!what)
561 return res;
562
563 switch(what->code) {
564 case ',':
565 TWOARGS;
566 break;
567
568/* Binary operators */
569 case '+':
570 TWOARGS_C;
571 switch (res.type = v1.type) {
b178d92a 572 case T_VOID: runtime( "Can't operate with values of type void" );
23b1539b
PM		 573 case T_INT: res.val.i = v1.val.i + v2.val.i; break;
574 default: runtime( "Usage of unknown type" );
575 }
576 break;
9f0d45d6
PM		 577 case '-':
578 TWOARGS_C;
579 switch (res.type = v1.type) {
b178d92a 580 case T_VOID: runtime( "Can't operate with values of type void" );
9f0d45d6
PM		 581 case T_INT: res.val.i = v1.val.i - v2.val.i; break;
582 default: runtime( "Usage of unknown type" );
583 }
584 break;
585 case '*':
586 TWOARGS_C;
587 switch (res.type = v1.type) {
b178d92a 588 case T_VOID: runtime( "Can't operate with values of type void" );
9f0d45d6
PM		 589 case T_INT: res.val.i = v1.val.i * v2.val.i; break;
590 default: runtime( "Usage of unknown type" );
591 }
592 break;
23b1539b
PM		 593 case '/':
594 TWOARGS_C;
595 switch (res.type = v1.type) {
b178d92a 596 case T_VOID: runtime( "Can't operate with values of type void" );
64ba9f7b
PM		 597 case T_INT: if (v2.val.i == 0) runtime( "Mother told me not to divide by 0" );
598 res.val.i = v1.val.i / v2.val.i; break;
23b1539b
PM		 599 default: runtime( "Usage of unknown type" );
600 }
601 break;
315f23a0 602
5f4aee76 603 case '&':
5f4aee76 604 case '|':
0aa88530
OZ		 605 ARG(v1, a1.p);
606 if (v1.type != T_BOOL)
607 runtime( "Can't do boolean operation on non-booleans" );
608 if (v1.val.i == (what->code == '|')) {
609 res.type = T_BOOL;
610 res.val.i = v1.val.i;
611 break;
612 }
613
614 ARG(v2, a2.p);
615 if (v2.type != T_BOOL)
616 runtime( "Can't do boolean operation on non-booleans" );
617 res.type = T_BOOL;
618 res.val.i = v2.val.i;
5f4aee76 619 break;
23b1539b 620
92a72a4c 621 case P('m','p'):
42a0c054 622 TWOARGS;
92a72a4c
OZ		 623 if ((v1.type != T_INT) || (v2.type != T_INT))
624 runtime( "Can't operate with value of non-integer type in pair constructor" );
625 u1 = v1.val.i;
626 u2 = v2.val.i;
627 if ((u1 > 0xFFFF) || (u2 > 0xFFFF))
628 runtime( "Can't operate with value out of bounds in pair constructor" );
629 res.val.i = (u1 << 16) | u2;
630 res.type = T_PAIR;
631 break;
632
42a0c054
OZ		 633 case P('m','c'):
634 {
635 TWOARGS;
636
637 int check, ipv4_used;
638 u32 key, val;
639
640 if (v1.type == T_INT) {
641 ipv4_used = 0; key = v1.val.i;
315f23a0 642 }
42a0c054
OZ		 643 else if (v1.type == T_QUAD) {
644 ipv4_used = 1; key = v1.val.i;
645 }
646#ifndef IPV6
647 /* IP->Quad implicit conversion */
648 else if (v1.type == T_IP) {
649 ipv4_used = 1; key = ipa_to_u32(v1.val.px.ip);
650 }
651#endif
652 else
653 runtime("Can't operate with key of non-integer/IPv4 type in EC constructor");
654
655 if (v2.type != T_INT)
656 runtime("Can't operate with value of non-integer type in EC constructor");
657 val = v2.val.i;
658
659 res.type = T_EC;
660
661 if (what->aux == EC_GENERIC) {
662 check = 0; res.val.ec = ec_generic(key, val);
663 }
664 else if (ipv4_used) {
665 check = 1; res.val.ec = ec_ip4(what->aux, key, val);
666 }
667 else if (key < 0x10000) {
668 check = 0; res.val.ec = ec_as2(what->aux, key, val);
669 }
670 else {
671 check = 1; res.val.ec = ec_as4(what->aux, key, val);
672 }
673
674 if (check && (val > 0xFFFF))
675 runtime("Can't operate with value out of bounds in EC constructor");
676
677 break;
678 }
679
23b1539b 680/* Relational operators */
38506f71
PM		 681
682#define COMPARE(x) \
126683fe 683 TWOARGS; \
38506f71
PM		 684 i = val_compare(v1, v2); \
685 if (i==CMP_ERROR) \
126683fe
OZ		 686 runtime( "Can't compare values of incompatible types" ); \
687 res.type = T_BOOL; \
38506f71 688 res.val.i = (x); \
23b1539b 689 break;
38506f71 690
28a10f84
OZ		 691#define SAME(x) \
692 TWOARGS; \
693 i = val_same(v1, v2); \
694 res.type = T_BOOL; \
695 res.val.i = (x); \
696 break;
697
698 case P('!','='): SAME(!i);
699 case P('=','='): SAME(i);
38506f71 700 case '<': COMPARE(i==-1);
2d496d20 701 case P('<','='): COMPARE(i!=1);
38506f71 702
995e5894
PM		 703 case '!':
704 ONEARG;
705 if (v1.type != T_BOOL)
b178d92a 706 runtime( "Not applied to non-boolean" );
995e5894
PM		 707 res = v1;
708 res.val.i = !res.val.i;
709 break;
710
38506f71
PM		 711 case '~':
712 TWOARGS;
23b1539b 713 res.type = T_BOOL;
7db7b7db
PM		 714 res.val.i = val_in_range(v1, v2);
715 if (res.val.i == CMP_ERROR)
716 runtime( "~ applied on unknown type pair" );
0aa88530 717 res.val.i = !!res.val.i;
23b1539b 718 break;
2d496d20 719 case P('d','e'):
f4536657
PM		 720 ONEARG;
721 res.type = T_BOOL;
722 res.val.i = (v1.type != T_VOID);
723 break;
23b1539b 724
d3dd620b 725 /* Set to indirect value, a1 = variable, a2 = value */
23b1539b 726 case 's':
2db3b288
PM		 727 ARG(v2, a2.p);
728 sym = what->a1.p;
126683fe
OZ		 729 vp = sym->def;
730 if ((sym->class != (SYM_VARIABLE | v2.type)) && (v2.type != T_VOID)) {
731#ifndef IPV6
732 /* IP->Quad implicit conversion */
733 if ((sym->class == (SYM_VARIABLE | T_QUAD)) && (v2.type == T_IP)) {
734 vp->type = T_QUAD;
735 vp->val.i = ipa_to_u32(v2.val.px.ip);
736 break;
737 }
738#endif
aa461248 739 runtime( "Assigning to variable of incompatible type" );
126683fe 740 }
315f23a0 741 *vp = v2;
23b1539b
PM		 742 break;
743
083c43e2 744 /* some constants have value in a2, some in *a1.p, strange. */
b1a597e0 745 case 'c': /* integer (or simple type) constant, string, set, or prefix_set */
c7b43f33 746 res.type = what->aux;
083c43e2 747
b1a597e0
OZ		 748 if (res.type == T_PREFIX_SET)
749 res.val.ti = what->a2.p;
750 else if (res.type == T_SET)
083c43e2
OZ		 751 res.val.t = what->a2.p;
752 else if (res.type == T_STRING)
753 res.val.s = what->a2.p;
754 else
755 res.val.i = what->a2.i;
23b1539b 756 break;
9be1086d 757 case 'V':
38506f71
PM		 758 case 'C':
759 res = * ((struct f_val *) what->a1.p);
760 break;
23b1539b
PM		 761 case 'p':
762 ONEARG;
0e175f9f 763 val_format(v1, &f_buf);
23b1539b
PM		 764 break;
765 case '?': /* ? has really strange error value, so we can implement if ... else nicely :-) */
766 ONEARG;
767 if (v1.type != T_BOOL)
98da26a0 768 runtime( "If requires boolean expression" );
23b1539b 769 if (v1.val.i) {
2db3b288 770 ARG(res,a2.p);
23b1539b
PM		 771 res.val.i = 0;
772 } else res.val.i = 1;
773 res.type = T_BOOL;
774 break;
775 case '0':
3cf4a2e2 776 debug( "No operation\n" );
23b1539b 777 break;
2d496d20 778 case P('p',','):
23b1539b 779 ONEARG;
798df5b1 780 if (what->a2.i == F_NOP || (what->a2.i != F_NONL && what->a1.p))
0e175f9f 781 log_commit(*L_INFO, &f_buf);
23b1539b 782
2db3b288 783 switch (what->a2.i) {
23b1539b
PM		 784 case F_QUITBIRD:
785 die( "Filter asked me to die" );
786 case F_ACCEPT:
787 /* Should take care about turning ACCEPT into MODIFY */
788 case F_ERROR:
2ad6dcdb 789 case F_REJECT: /* FIXME (noncritical) Should print complete route along with reason to reject route */
23b1539b 790 res.type = T_RETURN;
2ad6dcdb 791 res.val.i = what->a2.i;
7e1f9971 792 return res; /* We have to return now, no more processing. */
d3dd620b 793 case F_NONL:
23b1539b
PM		 794 case F_NOP:
795 break;
796 default:
b178d92a 797 bug( "unknown return type: Can't happen");
23b1539b
PM		 798 }
799 break;
36bbfc70
PM		 800 case 'a': /* rta access */
801 {
508d9360 802 ACCESS_RTE;
36bbfc70 803 struct rta *rta = (*f_rte)->attrs;
c7b43f33 804 res.type = what->aux;
a5fc5958
OZ		 805
806 switch (what->a2.i)
807 {
808 case SA_FROM: res.val.px.ip = rta->from; break;
809 case SA_GW: res.val.px.ip = rta->gw; break;
810 case SA_NET: res.val.px.ip = (*f_rte)->net->n.prefix;
811 res.val.px.len = (*f_rte)->net->n.pxlen; break;
736e143f 812 case SA_PROTO: res.val.s = rta->src->proto->name; break;
a5fc5958
OZ		 813 case SA_SOURCE: res.val.i = rta->source; break;
814 case SA_SCOPE: res.val.i = rta->scope; break;
815 case SA_CAST: res.val.i = rta->cast; break;
816 case SA_DEST: res.val.i = rta->dest; break;
817 case SA_IFNAME: res.val.s = rta->iface ? rta->iface->name : ""; break;
818 case SA_IFINDEX: res.val.i = rta->iface ? rta->iface->index : 0; break;
819
36bbfc70 820 default:
a5fc5958 821 bug("Invalid static attribute access (%x)", res.type);
36bbfc70
PM		 822 }
823 }
824 break;
0dc4431c 825 case P('a','S'):
508d9360 826 ACCESS_RTE;
0dc4431c
PM		 827 ONEARG;
828 if (what->aux != v1.type)
98da26a0 829 runtime( "Attempt to set static attribute to incompatible type" );
a5fc5958 830
a03ede64 831 f_rta_cow();
0dc4431c
PM		 832 {
833 struct rta *rta = (*f_rte)->attrs;
182a7895 834
a5fc5958
OZ		 835 switch (what->a2.i)
836 {
837 case SA_FROM:
838 rta->from = v1.val.px.ip;
0dc4431c 839 break;
182a7895 840
a5fc5958 841 case SA_GW:
00192d5a 842 {
a5fc5958 843 ip_addr ip = v1.val.px.ip;
736e143f 844 neighbor *n = neigh_find(rta->src->proto, &ip, 0);
00192d5a
OZ		 845 if (!n || (n->scope == SCOPE_HOST))
846 runtime( "Invalid gw address" );
847
848 rta->dest = RTD_ROUTER;
849 rta->gw = ip;
850 rta->iface = n->iface;
851 rta->nexthops = NULL;
852 rta->hostentry = NULL;
853 }
0dc4431c 854 break;
182a7895 855
a5fc5958 856 case SA_SCOPE:
182a7895
OZ		 857 rta->scope = v1.val.i;
858 break;
859
a5fc5958 860 case SA_DEST:
182a7895
OZ		 861 i = v1.val.i;
862 if ((i != RTD_BLACKHOLE) && (i != RTD_UNREACHABLE) && (i != RTD_PROHIBIT))
863 runtime( "Destination can be changed only to blackhole, unreachable or prohibit" );
00192d5a 864
182a7895
OZ		 865 rta->dest = i;
866 rta->gw = IPA_NONE;
867 rta->iface = NULL;
868 rta->nexthops = NULL;
00192d5a 869 rta->hostentry = NULL;
182a7895
OZ		 870 break;
871
0dc4431c 872 default:
a5fc5958 873 bug("Invalid static attribute access (%x)", res.type);
0dc4431c
PM		 874 }
875 }
876 break;
2d496d20 877 case P('e','a'): /* Access to extended attributes */
508d9360 878 ACCESS_RTE;
91447965 879 {
0a06a9b8 880 eattr *e = NULL;
315f23a0
OZ		 881 u16 code = what->a2.i;
882
3076b5ae 883 if (!(f_flags & FF_FORCE_TMPATTR))
315f23a0
OZ		 884 e = ea_find((*f_rte)->attrs->eattrs, code);
885 if (!e)
886 e = ea_find((*f_tmp_attrs), code);
3076b5ae 887 if ((!e) && (f_flags & FF_FORCE_TMPATTR))
315f23a0 888 e = ea_find((*f_rte)->attrs->eattrs, code);
e8da1bd0
OZ		 889
890 if (!e) {
0277cc0b
OZ		 891 /* A special case: undefined int_set looks like empty int_set */
892 if ((what->aux & EAF_TYPE_MASK) == EAF_TYPE_INT_SET) {
893 res.type = T_CLIST;
42a0c054
OZ		 894 res.val.ad = adata_empty(f_pool, 0);
895 break;
896 }
315f23a0 897
42a0c054 898 /* The same special case for ec_set */
315f23a0 899 if ((what->aux & EAF_TYPE_MASK) == EAF_TYPE_EC_SET) {
42a0c054
OZ		 900 res.type = T_ECLIST;
901 res.val.ad = adata_empty(f_pool, 0);
0277cc0b
OZ		 902 break;
903 }
42a0c054 904
e8da1bd0
OZ		 905 /* Undefined value */
906 res.type = T_VOID;
907 break;
908 }
909
910 switch (what->aux & EAF_TYPE_MASK) {
911 case EAF_TYPE_INT:
0150e521 912 res.type = T_INT;
91447965
PM		 913 res.val.i = e->u.data;
914 break;
126683fe
OZ		 915 case EAF_TYPE_ROUTER_ID:
916 res.type = T_QUAD;
917 res.val.i = e->u.data;
918 break;
e8da1bd0
OZ		 919 case EAF_TYPE_OPAQUE:
920 res.type = T_ENUM_EMPTY;
921 res.val.i = 0;
922 break;
330aecea 923 case EAF_TYPE_IP_ADDRESS:
330aecea
OZ		 924 res.type = T_IP;
925 struct adata * ad = e->u.ptr;
926 res.val.px.ip = * (ip_addr *) ad->data;
927 break;
0150e521
PM		 928 case EAF_TYPE_AS_PATH:
929 res.type = T_PATH;
930 res.val.ad = e->u.ptr;
931 break;
315f23a0
OZ		 932 case EAF_TYPE_BITFIELD:
933 res.type = T_BOOL;
934 res.val.i = !!(e->u.data & BITFIELD_MASK(what));
935 break;
0150e521
PM		 936 case EAF_TYPE_INT_SET:
937 res.type = T_CLIST;
10a53608
PM		 938 res.val.ad = e->u.ptr;
939 break;
42a0c054
OZ		 940 case EAF_TYPE_EC_SET:
941 res.type = T_ECLIST;
942 res.val.ad = e->u.ptr;
943 break;
e8da1bd0
OZ		 944 case EAF_TYPE_UNDEF:
945 res.type = T_VOID;
946 break;
2803c9dd 947 default:
ad9074e9 948 bug("Unknown type in e,a");
91447965
PM		 949 }
950 }
6dc7a0cb 951 break;
2d496d20 952 case P('e','S'):
508d9360 953 ACCESS_RTE;
f31156ca 954 ONEARG;
f31156ca
PM		 955 {
956 struct ea_list *l = lp_alloc(f_pool, sizeof(struct ea_list) + sizeof(eattr));
315f23a0 957 u16 code = what->a2.i;
f31156ca
PM		 958
959 l->next = NULL;
960 l->flags = EALF_SORTED;
961 l->count = 1;
315f23a0 962 l->attrs[0].id = code;
913ce95b
PM		 963 l->attrs[0].flags = 0;
964 l->attrs[0].type = what->aux | EAF_ORIGINATED;
315f23a0 965
31e79264
PM		 966 switch (what->aux & EAF_TYPE_MASK) {
967 case EAF_TYPE_INT:
968 if (v1.type != T_INT)
969 runtime( "Setting int attribute to non-int value" );
f31156ca
PM		 970 l->attrs[0].u.data = v1.val.i;
971 break;
3e40f3e7
OZ		 972
973 case EAF_TYPE_ROUTER_ID:
974#ifndef IPV6
975 /* IP->Quad implicit conversion */
976 if (v1.type == T_IP) {
977 l->attrs[0].u.data = ipa_to_u32(v1.val.px.ip);
978 break;
979 }
980#endif
981 /* T_INT for backward compatibility */
982 if ((v1.type != T_QUAD) && (v1.type != T_INT))
983 runtime( "Setting quad attribute to non-quad value" );
984 l->attrs[0].u.data = v1.val.i;
985 break;
986
e8da1bd0
OZ		 987 case EAF_TYPE_OPAQUE:
988 runtime( "Setting opaque attribute is not allowed" );
989 break;
330aecea
OZ		 990 case EAF_TYPE_IP_ADDRESS:
991 if (v1.type != T_IP)
992 runtime( "Setting ip attribute to non-ip value" );
993 int len = sizeof(ip_addr);
994 struct adata *ad = lp_alloc(f_pool, sizeof(struct adata) + len);
995 ad->length = len;
996 (* (ip_addr *) ad->data) = v1.val.px.ip;
54fe0d92 997 l->attrs[0].u.ptr = ad;
330aecea 998 break;
10a53608
PM		 999 case EAF_TYPE_AS_PATH:
1000 if (v1.type != T_PATH)
1001 runtime( "Setting path attribute to non-path value" );
1002 l->attrs[0].u.ptr = v1.val.ad;
1003 break;
315f23a0
OZ		 1004 case EAF_TYPE_BITFIELD:
1005 if (v1.type != T_BOOL)
1006 runtime( "Setting bit in bitfield attribute to non-bool value" );
1007 {
1008 /* First, we have to find the old value */
1009 eattr *e = NULL;
1010 if (!(f_flags & FF_FORCE_TMPATTR))
1011 e = ea_find((*f_rte)->attrs->eattrs, code);
1012 if (!e)
1013 e = ea_find((*f_tmp_attrs), code);
1014 if ((!e) && (f_flags & FF_FORCE_TMPATTR))
1015 e = ea_find((*f_rte)->attrs->eattrs, code);
1016 u32 data = e ? e->u.data : 0;
1017
1018 if (v1.val.i)
1019 l->attrs[0].u.data = data | BITFIELD_MASK(what);
1020 else
1021 l->attrs[0].u.data = data & ~BITFIELD_MASK(what);;
1022 }
1023 break;
708711c3
PM		 1024 case EAF_TYPE_INT_SET:
1025 if (v1.type != T_CLIST)
42a0c054
OZ		 1026 runtime( "Setting clist attribute to non-clist value" );
1027 l->attrs[0].u.ptr = v1.val.ad;
1028 break;
1029 case EAF_TYPE_EC_SET:
1030 if (v1.type != T_ECLIST)
1031 runtime( "Setting eclist attribute to non-eclist value" );
708711c3
PM		 1032 l->attrs[0].u.ptr = v1.val.ad;
1033 break;
31e79264
PM		 1034 case EAF_TYPE_UNDEF:
1035 if (v1.type != T_VOID)
1036 runtime( "Setting void attribute to non-void value" );
48f9e019
PM		 1037 l->attrs[0].u.data = 0;
1038 break;
0150e521 1039 default: bug("Unknown type in e,S");
f31156ca 1040 }
31e79264 1041
3076b5ae 1042 if (!(what->aux & EAF_TEMP) && (!(f_flags & FF_FORCE_TMPATTR))) {
a03ede64 1043 f_rta_cow();
db96fccb
OZ		 1044 l->next = (*f_rte)->attrs->eattrs;
1045 (*f_rte)->attrs->eattrs = l;
31e79264
PM		 1046 } else {
1047 l->next = (*f_tmp_attrs);
1048 (*f_tmp_attrs) = l;
1049 }
f31156ca 1050 }
f31156ca 1051 break;
0dc4431c 1052 case 'P':
508d9360 1053 ACCESS_RTE;
0dc4431c
PM		 1054 res.type = T_INT;
1055 res.val.i = (*f_rte)->pref;
1056 break;
1057 case P('P','S'):
508d9360 1058 ACCESS_RTE;
0dc4431c
PM		 1059 ONEARG;
1060 if (v1.type != T_INT)
b178d92a 1061 runtime( "Can't set preference to non-integer" );
7d37bf79 1062 if (v1.val.i > 0xFFFF)
f4c6ca8c 1063 runtime( "Setting preference value out of bounds" );
a03ede64 1064 f_rte_cow();
0dc4431c
PM		 1065 (*f_rte)->pref = v1.val.i;
1066 break;
684c6f5a
PM		 1067 case 'L': /* Get length of */
1068 ONEARG;
1069 res.type = T_INT;
1070 switch(v1.type) {
1071 case T_PREFIX: res.val.i = v1.val.px.len; break;
1072 case T_PATH: res.val.i = as_path_getlen(v1.val.ad); break;
7ccb36d3
OZ		 1073 case T_CLIST: res.val.i = int_set_get_size(v1.val.ad); break;
1074 case T_ECLIST: res.val.i = ec_set_get_size(v1.val.ad); break;
1075 default: runtime( "Prefix, path, clist or eclist expected" );
684c6f5a
PM		 1076 }
1077 break;
2d496d20 1078 case P('c','p'): /* Convert prefix to ... */
36bbfc70
PM		 1079 ONEARG;
1080 if (v1.type != T_PREFIX)
b178d92a 1081 runtime( "Prefix expected" );
c7b43f33 1082 res.type = what->aux;
36bbfc70 1083 switch(res.type) {
684c6f5a 1084 /* case T_INT: res.val.i = v1.val.px.len; break; Not needed any more */
6dc7a0cb 1085 case T_IP: res.val.px.ip = v1.val.px.ip; break;
3076b5ae 1086 default: bug( "Unknown prefix to conversion" );
36bbfc70
PM		 1087 }
1088 break;
7ea5b00f
OZ		 1089 case P('a','f'): /* Get first ASN from AS PATH */
1090 ONEARG;
1091 if (v1.type != T_PATH)
2eece54a 1092 runtime( "AS path expected" );
7ea5b00f
OZ		 1093
1094 as = 0;
52b9b2a1 1095 as_path_get_first(v1.val.ad, &as);
7ea5b00f
OZ		 1096 res.type = T_INT;
1097 res.val.i = as;
1098 break;
1099 case P('a','l'): /* Get last ASN from AS PATH */
1100 ONEARG;
1101 if (v1.type != T_PATH)
1102 runtime( "AS path expected" );
1103
1104 as = 0;
52b9b2a1 1105 as_path_get_last(v1.val.ad, &as);
7ea5b00f
OZ		 1106 res.type = T_INT;
1107 res.val.i = as;
1108 break;
9c9cc35c
OZ		 1109 case P('a','L'): /* Get last ASN from non-aggregated part of AS PATH */
1110 ONEARG;
1111 if (v1.type != T_PATH)
1112 runtime( "AS path expected" );
1113
1114 res.type = T_INT;
1115 res.val.i = as_path_get_last_nonaggregated(v1.val.ad);
1116 break;
2d496d20
PM		 1117 case 'r':
1118 ONEARG;
1119 res = v1;
1120 res.type |= T_RETURN;
44711e0c 1121 return res;
2d496d20 1122 case P('c','a'): /* CALL: this is special: if T_RETURN and returning some value, mask it out */
6542ece9
PM		 1123 ONEARG;
1124 res = interpret(what->a2.p);
2d496d20
PM		 1125 if (res.type == T_RETURN)
1126 return res;
315f23a0 1127 res.type &= ~T_RETURN;
6542ece9 1128 break;
aa461248
OZ		 1129 case P('c','v'): /* Clear local variables */
1130 for (sym = what->a1.p; sym != NULL; sym = sym->aux2)
1131 ((struct f_val *) sym->def)->type = T_VOID;
1132 break;
2d496d20 1133 case P('S','W'):
7db7b7db 1134 ONEARG;
41be4444
PM		 1135 {
1136 struct f_tree *t = find_tree(what->a2.p, v1);
1137 if (!t) {
1138 v1.type = T_VOID;
1139 t = find_tree(what->a2.p, v1);
1140 if (!t) {
ad9074e9 1141 debug( "No else statement?\n");
41be4444
PM		 1142 break;
1143 }
315f23a0 1144 }
1877dab2 1145 /* It is actually possible to have t->data NULL */
44711e0c
OZ		 1146
1147 res = interpret(t->data);
1148 if (res.type & T_RETURN)
1149 return res;
41be4444 1150 }
7db7b7db 1151 break;
2d496d20 1152 case P('i','M'): /* IP.MASK(val) */
f4536657
PM		 1153 TWOARGS;
1154 if (v2.type != T_INT)
b178d92a 1155 runtime( "Integer expected");
f4536657 1156 if (v1.type != T_IP)
b178d92a 1157 runtime( "You can mask only IP addresses" );
f4536657
PM		 1158 {
1159 ip_addr mask = ipa_mkmask(v2.val.i);
1160 res.type = T_IP;
1161 res.val.px.ip = ipa_and(mask, v1.val.px.ip);
1162 }
d3dd620b 1163 break;
afc54517
PM		 1164
1165 case 'E': /* Create empty attribute */
1166 res.type = what->aux;
42a0c054 1167 res.val.ad = adata_empty(f_pool, 0);
afc54517
PM		 1168 break;
1169 case P('A','p'): /* Path prepend */
1170 TWOARGS;
1171 if (v1.type != T_PATH)
1172 runtime("Can't prepend to non-path");
1173 if (v2.type != T_INT)
1174 runtime("Can't prepend non-integer");
1175
1176 res.type = T_PATH;
1177 res.val.ad = as_path_prepend(f_pool, v1.val.ad, v2.val.i);
1178 break;
1179
42a0c054 1180 case P('C','a'): /* (Extended) Community list add or delete */
9c400ec9 1181 TWOARGS;
bff9ce51
OZ		 1182 if (v1.type == T_PATH)
1183 {
1184 struct f_tree *set = NULL;
1185 u32 key = 0;
1186 int pos;
1187
1188 if (v2.type == T_INT)
1189 key = v2.val.i;
1190 else if ((v2.type == T_SET) && (v2.val.t->from.type == T_INT))
1191 set = v2.val.t;
1192 else
1193 runtime("Can't delete non-integer (set)");
1194
1195 switch (what->aux)
1196 {
1197 case 'a': runtime("Can't add to path");
1198 case 'd': pos = 0; break;
1199 case 'f': pos = 1; break;
1200 default: bug("unknown Ca operation");
1201 }
1202
1203 if (pos && !set)
1204 runtime("Can't filter integer");
1205
1206 res.type = T_PATH;
1207 res.val.ad = as_path_filter(f_pool, v1.val.ad, set, key, pos);
1208 }
1209 else if (v1.type == T_CLIST)
42a0c054
OZ		 1210 {
1211 /* Community (or cluster) list */
1212 struct f_val dummy;
1213 int arg_set = 0;
52e030e1 1214 uint n = 0;
a58022a6 1215
42a0c054 1216 if ((v2.type == T_PAIR) || (v2.type == T_QUAD))
52e030e1 1217 n = v2.val.i;
126683fe 1218#ifndef IPV6
42a0c054
OZ		 1219 /* IP->Quad implicit conversion */
1220 else if (v2.type == T_IP)
52e030e1 1221 n = ipa_to_u32(v2.val.px.ip);
126683fe 1222#endif
42a0c054
OZ		 1223 else if ((v2.type == T_SET) && clist_set_type(v2.val.t, &dummy))
1224 arg_set = 1;
0888a737
OZ		 1225 else if (v2.type == T_CLIST)
1226 arg_set = 2;
42a0c054
OZ		 1227 else
1228 runtime("Can't add/delete non-pair");
1229
1230 res.type = T_CLIST;
1231 switch (what->aux)
1232 {
1233 case 'a':
0888a737 1234 if (arg_set == 1)
42a0c054 1235 runtime("Can't add set");
0888a737 1236 else if (!arg_set)
52e030e1 1237 res.val.ad = int_set_add(f_pool, v1.val.ad, n);
315f23a0 1238 else
0888a737 1239 res.val.ad = int_set_union(f_pool, v1.val.ad, v2.val.ad);
42a0c054 1240 break;
315f23a0 1241
42a0c054
OZ		 1242 case 'd':
1243 if (!arg_set)
52e030e1 1244 res.val.ad = int_set_del(f_pool, v1.val.ad, n);
42a0c054 1245 else
0888a737 1246 res.val.ad = clist_filter(f_pool, v1.val.ad, v2, 0);
42a0c054 1247 break;
9c400ec9 1248
42a0c054
OZ		 1249 case 'f':
1250 if (!arg_set)
1251 runtime("Can't filter pair");
0888a737 1252 res.val.ad = clist_filter(f_pool, v1.val.ad, v2, 1);
42a0c054
OZ		 1253 break;
1254
1255 default:
1256 bug("unknown Ca operation");
1257 }
1258 }
1259 else if (v1.type == T_ECLIST)
e08d2ff0 1260 {
42a0c054
OZ		 1261 /* Extended community list */
1262 int arg_set = 0;
315f23a0 1263
42a0c054
OZ		 1264 /* v2.val is either EC or EC-set */
1265 if ((v2.type == T_SET) && eclist_set_type(v2.val.t))
1266 arg_set = 1;
0888a737
OZ		 1267 else if (v2.type == T_ECLIST)
1268 arg_set = 2;
42a0c054
OZ		 1269 else if (v2.type != T_EC)
1270 runtime("Can't add/delete non-pair");
1271
1272 res.type = T_ECLIST;
1273 switch (what->aux)
1274 {
1275 case 'a':
0888a737 1276 if (arg_set == 1)
42a0c054 1277 runtime("Can't add set");
0888a737
OZ		 1278 else if (!arg_set)
1279 res.val.ad = ec_set_add(f_pool, v1.val.ad, v2.val.ec);
315f23a0 1280 else
0888a737 1281 res.val.ad = ec_set_union(f_pool, v1.val.ad, v2.val.ad);
42a0c054 1282 break;
315f23a0 1283
42a0c054
OZ		 1284 case 'd':
1285 if (!arg_set)
1286 res.val.ad = ec_set_del(f_pool, v1.val.ad, v2.val.ec);
1287 else
0888a737 1288 res.val.ad = eclist_filter(f_pool, v1.val.ad, v2, 0);
42a0c054 1289 break;
e08d2ff0 1290
42a0c054
OZ		 1291 case 'f':
1292 if (!arg_set)
1293 runtime("Can't filter ec");
0888a737 1294 res.val.ad = eclist_filter(f_pool, v1.val.ad, v2, 1);
42a0c054 1295 break;
e08d2ff0 1296
42a0c054
OZ		 1297 default:
1298 bug("unknown Ca operation");
1299 }
9c400ec9 1300 }
42a0c054
OZ		 1301 else
1302 runtime("Can't add/delete to non-(e)clist");
1303
9c400ec9
PM		 1304 break;
1305
af582c48
OZ		 1306 case P('R','C'): /* ROA Check */
1307 if (what->arg1)
1308 {
1309 TWOARGS;
1310 if ((v1.type != T_PREFIX) || (v2.type != T_INT))
1311 runtime("Invalid argument to roa_check()");
1312
1313 as = v2.val.i;
1314 }
1315 else
1316 {
508d9360 1317 ACCESS_RTE;
af582c48
OZ		 1318 v1.val.px.ip = (*f_rte)->net->n.prefix;
1319 v1.val.px.len = (*f_rte)->net->n.pxlen;
1320
1321 /* We ignore temporary attributes, probably not a problem here */
1322 /* 0x02 is a value of BA_AS_PATH, we don't want to include BGP headers */
1323 eattr *e = ea_find((*f_rte)->attrs->eattrs, EA_CODE(EAP_BGP, 0x02));
1324
1325 if (!e || e->type != EAF_TYPE_AS_PATH)
1326 runtime("Missing AS_PATH attribute");
1327
1328 as_path_get_last(e->u.ptr, &as);
1329 }
1330
1331 struct roa_table_config *rtc = ((struct f_inst_roa_check *) what)->rtc;
1332 if (!rtc->table)
1333 runtime("Missing ROA table");
1334
1335 res.type = T_ENUM_ROA;
1336 res.val.i = roa_check(rtc->table, v1.val.px.ip, v1.val.px.len, as);
1337 break;
1338
23b1539b
PM		 1339 default:
1340 bug( "Unknown instruction %d (%c)", what->code, what->code & 0xff);
1341 }
1342 if (what->next)
1343 return interpret(what->next);
1344 return res;
1345}
1346
2d496d20 1347#undef ARG
9a4037d4
PM		 1348#define ARG(x,y) \
1349 if (!i_same(f1->y, f2->y)) \
1350 return 0;
1351
1352#define ONEARG ARG(v1, a1.p)
1353#define TWOARGS ARG(v1, a1.p) \
1354 ARG(v2, a2.p)
1355
1356#define A2_SAME if (f1->a2.i != f2->a2.i) return 0;
1357
4c5f93d7 1358/*
b093c328
PM		 1359 * i_same - function that does real comparing of instruction trees, you should call filter_same from outside
1360 */
9a4037d4
PM		 1361int
1362i_same(struct f_inst *f1, struct f_inst *f2)
1363{
9a4037d4
PM		 1364 if ((!!f1) != (!!f2))
1365 return 0;
d4d75628
PM		 1366 if (!f1)
1367 return 1;
9a4037d4
PM		 1368 if (f1->aux != f2->aux)
1369 return 0;
1370 if (f1->code != f2->code)
1371 return 0;
d4d75628
PM		 1372 if (f1 == f2) /* It looks strange, but it is possible with call rewriting trickery */
1373 return 1;
9a4037d4
PM		 1374
1375 switch(f1->code) {
1376 case ',': /* fall through */
1377 case '+':
9f0d45d6
PM		 1378 case '-':
1379 case '*':
9a4037d4 1380 case '/':
5f4aee76
PM		 1381 case '|':
1382 case '&':
92a72a4c 1383 case P('m','p'):
4271f2b7 1384 case P('m','c'):
2d496d20
PM		 1385 case P('!','='):
1386 case P('=','='):
9a4037d4 1387 case '<':
2d496d20 1388 case P('<','='): TWOARGS; break;
9a4037d4 1389
995e5894 1390 case '!': ONEARG; break;
9a4037d4 1391 case '~': TWOARGS; break;
2d496d20 1392 case P('d','e'): ONEARG; break;
9a4037d4
PM		 1393
1394 case 's':
1395 ARG(v2, a2.p);
1396 {
1397 struct symbol *s1, *s2;
1398 s1 = f1->a1.p;
1399 s2 = f2->a1.p;
1400 if (strcmp(s1->name, s2->name))
1401 return 0;
1402 if (s1->class != s2->class)
1403 return 0;
1404 }
1405 break;
1406
315f23a0 1407 case 'c':
b1a597e0
OZ		 1408 switch (f1->aux) {
1409
1410 case T_PREFIX_SET:
1411 if (!trie_same(f1->a2.p, f2->a2.p))
1412 return 0;
9be1086d 1413 break;
b1a597e0
OZ		 1414
1415 case T_SET:
4bb18dd2
PM		 1416 if (!same_tree(f1->a2.p, f2->a2.p))
1417 return 0;
9be1086d 1418 break;
b1a597e0 1419
4bb18dd2
PM		 1420 case T_STRING:
1421 if (strcmp(f1->a2.p, f2->a2.p))
1422 return 0;
1423 break;
b1a597e0 1424
4bb18dd2
PM		 1425 default:
1426 A2_SAME;
1427 }
1428 break;
507e182a 1429
28a10f84
OZ		 1430 case 'C':
1431 if (!val_same(* (struct f_val *) f1->a1.p, * (struct f_val *) f2->a1.p))
9a4037d4
PM		 1432 return 0;
1433 break;
28a10f84 1434
315f23a0 1435 case 'V':
9be1086d
OF		 1436 if (strcmp((char *) f1->a2.p, (char *) f2->a2.p))
1437 return 0;
1438 break;
684c6f5a 1439 case 'p': case 'L': ONEARG; break;
9a4037d4 1440 case '?': TWOARGS; break;
afc54517 1441 case '0': case 'E': break;
2d496d20 1442 case P('p',','): ONEARG; A2_SAME; break;
0dc4431c 1443 case 'P':
9a4037d4 1444 case 'a': A2_SAME; break;
2d496d20 1445 case P('e','a'): A2_SAME; break;
0dc4431c
PM		 1446 case P('P','S'):
1447 case P('a','S'):
2d496d20 1448 case P('e','S'): ONEARG; A2_SAME; break;
9a4037d4 1449
2d496d20
PM		 1450 case 'r': ONEARG; break;
1451 case P('c','p'): ONEARG; break;
d4d75628 1452 case P('c','a'): /* Call rewriting trickery to avoid exponential behaviour */
315f23a0 1453 ONEARG;
d4d75628 1454 if (!i_same(f1->a2.p, f2->a2.p))
315f23a0 1455 return 0;
d4d75628
PM		 1456 f2->a2.p = f1->a2.p;
1457 break;
315f23a0 1458 case P('c','v'): break; /* internal instruction */
2d496d20
PM		 1459 case P('S','W'): ONEARG; if (!same_tree(f1->a2.p, f2->a2.p)) return 0; break;
1460 case P('i','M'): TWOARGS; break;
afc54517 1461 case P('A','p'): TWOARGS; break;
9c400ec9 1462 case P('C','a'): TWOARGS; break;
2eece54a 1463 case P('a','f'):
f1f39bb9
OZ		 1464 case P('a','l'):
1465 case P('a','L'): ONEARG; break;
af582c48
OZ		 1466 case P('R','C'):
1467 TWOARGS;
1468 /* Does not really make sense - ROA check resuls may change anyway */
315f23a0 1469 if (strcmp(((struct f_inst_roa_check *) f1)->rtc->name,
af582c48
OZ		 1470 ((struct f_inst_roa_check *) f2)->rtc->name))
1471 return 0;
1472 break;
9a4037d4
PM		 1473 default:
1474 bug( "Unknown instruction %d in same (%c)", f1->code, f1->code & 0xff);
1475 }
1476 return i_same(f1->next, f2->next);
1477}
1478
ff95080f 1479/**
a03ede64
OZ		 1480 * f_run - run a filter for a route
1481 * @filter: filter to run
1482 * @rte: route being filtered, may be modified
1483 * @tmp_attrs: temporary attributes, prepared by caller or generated by f_run()
ff95080f 1484 * @tmp_pool: all filter allocations go from this pool
4c5f93d7 1485 * @flags: flags
a03ede64
OZ		 1486 *
1487 * If filter needs to modify the route, there are several
1488 * posibilities. @rte might be read-only (with REF_COW flag), in that
1489 * case rw copy is obtained by rte_cow() and @rte is replaced. If
1490 * @rte is originally rw, it may be directly modified (and it is never
1491 * copied).
1492 *
1493 * The returned rte may reuse the (possibly cached, cloned) rta, or
1494 * (if rta was modificied) contains a modified uncached rta, which
1495 * uses parts allocated from @tmp_pool and parts shared from original
1496 * rta. There is one exception - if @rte is rw but contains a cached
1497 * rta and that is modified, rta in returned rte is also cached.
1498 *
1499 * Ownership of cached rtas is consistent with rte, i.e.
1500 * if a new rte is returned, it has its own clone of cached rta
1501 * (and cached rta of read-only source rte is intact), if rte is
1502 * modified in place, old cached rta is possibly freed.
ff95080f 1503 */
23b1539b 1504int
0a06a9b8 1505f_run(struct filter *filter, struct rte **rte, struct ea_list **tmp_attrs, struct linpool *tmp_pool, int flags)
23b1539b 1506{
36da2857
OZ		 1507 if (filter == FILTER_ACCEPT)
1508 return F_ACCEPT;
1509
1510 if (filter == FILTER_REJECT)
1511 return F_REJECT;
1512
a03ede64 1513 int rte_cow = ((*rte)->flags & REF_COW);
6b9fa320 1514 DBG( "Running filter `%s'...", filter->name );
23b1539b 1515
36bbfc70 1516 f_rte = rte;
a03ede64
OZ		 1517 f_old_rta = NULL;
1518 f_tmp_attrs = tmp_attrs;
f31156ca 1519 f_pool = tmp_pool;
a03ede64 1520 f_flags = flags;
0d1b3c4c 1521
0e175f9f
OZ		 1522 LOG_BUFFER_INIT(f_buf);
1523
a03ede64
OZ		 1524 struct f_val res = interpret(filter->root);
1525
1526 if (f_old_rta) {
1527 /*
1528 * Cached rta was modified and f_rte contains now an uncached one,
1529 * sharing some part with the cached one. The cached rta should
1530 * be freed (if rte was originally COW, f_old_rta is a clone
1531 * obtained during rte_cow()).
1532 *
1533 * This also implements the exception mentioned in f_run()
1534 * description. The reason for this is that rta reuses parts of
1535 * f_old_rta, and these may be freed during rta_free(f_old_rta).
1536 * This is not the problem if rte was COW, because original rte
1537 * also holds the same rta.
1538 */
1539 if (!rte_cow)
1540 (*f_rte)->attrs = rta_lookup((*f_rte)->attrs);
1541
1542 rta_free(f_old_rta);
1543 }
1544
0d1b3c4c 1545
0b1cad81 1546 if (res.type != T_RETURN) {
1123e707 1547 log_rl(&rl_runtime_err, L_ERR "Filter %s did not return accept nor reject. Make up your mind", filter->name);
23b1539b 1548 return F_ERROR;
0b1cad81 1549 }
52e030e1 1550 DBG( "done (%u)\n", res.val.i );
23b1539b
PM		 1551 return res.val.i;
1552}
1553
1321e12a
OZ		 1554/* TODO: perhaps we could integrate f_eval(), f_eval_rte() and f_run() */
1555
1556struct f_val
1557f_eval_rte(struct f_inst *expr, struct rte **rte, struct linpool *tmp_pool)
1558{
1559 struct ea_list *tmp_attrs = NULL;
1560
1561 f_rte = rte;
1562 f_old_rta = NULL;
1563 f_tmp_attrs = &tmp_attrs;
1564 f_pool = tmp_pool;
1565 f_flags = 0;
1566
1567 LOG_BUFFER_INIT(f_buf);
1568
1569 /* Note that in this function we assume that rte->attrs is private / uncached */
1570 struct f_val res = interpret(expr);
1571
1572 /* Hack to include EAF_TEMP attributes to the main list */
1573 (*rte)->attrs->eattrs = ea_append(tmp_attrs, (*rte)->attrs->eattrs);
1574
1575 return res;
1576}
1577
508d9360
OZ		 1578struct f_val
1579f_eval(struct f_inst *expr, struct linpool *tmp_pool)
1c20608e 1580{
b1c9d871
MM		 1581 f_flags = 0;
1582 f_tmp_attrs = NULL;
1583 f_rte = NULL;
508d9360 1584 f_pool = tmp_pool;
0d1b3c4c 1585
0e175f9f
OZ		 1586 LOG_BUFFER_INIT(f_buf);
1587
508d9360
OZ		 1588 return interpret(expr);
1589}
0d1b3c4c 1590
52e030e1 1591uint
508d9360
OZ		 1592f_eval_int(struct f_inst *expr)
1593{
1594 /* Called independently in parse-time to eval expressions */
1595 struct f_val res = f_eval(expr, cfg_mem);
0d1b3c4c 1596
b1c9d871
MM		 1597 if (res.type != T_INT)
1598 cf_error("Integer expression expected");
508d9360 1599
b1c9d871
MM		 1600 return res.val.i;
1601}
1c20608e 1602
92a72a4c
OZ		 1603u32
1604f_eval_asn(struct f_inst *expr)
1605{
0d1b3c4c 1606 /* Called as a part of another interpret call, therefore no log_reset() */
92a72a4c 1607 struct f_val res = interpret(expr);
938b191b 1608 return (res.type == T_INT) ? res.val.i : 0;
92a72a4c
OZ		 1609}
1610
ff95080f
PM		 1611/**
1612 * filter_same - compare two filters
1613 * @new: first filter to be compared
1614 * @old: second filter to be compared, notice that this filter is
1615 * damaged while comparing.
1616 *
1617 * Returns 1 in case filters are same, otherwise 0. If there are
1618 * underlying bugs, it will rather say 0 on same filters than say
1619 * 1 on different.
1620 */
30a6108c
MM		 1621int
1622filter_same(struct filter *new, struct filter *old)
1623{
81ce667b
MM		 1624 if (old == new) /* Handle FILTER_ACCEPT and FILTER_REJECT */
1625 return 1;
1626 if (old == FILTER_ACCEPT || old == FILTER_REJECT ||
1627 new == FILTER_ACCEPT || new == FILTER_REJECT)
1628 return 0;
9a4037d4 1629 return i_same(new->root, old->root);
30a6108c 1630}
Mirror of https://gitlab.labs.nic.cz/labs/bird.git