]>
git.ipfire.org Git - thirdparty/bird.git/blob - filter/filter.c
2 * Filters: utility functions
4 * Copyright 1998 Pavel Machek <pavel@ucw.cz>
6 * Can be freely distributed and used under the terms of the GNU GPL.
13 * You can find sources of the filter language in |filter/|
14 * directory. File |filter/config.Y| contains filter grammar and basically translates
15 * the source from user into a tree of &f_inst structures. These trees are
16 * later interpreted using code in |filter/filter.c|.
18 * A filter is represented by a tree of &f_inst structures, one structure per
19 * "instruction". Each &f_inst contains @code, @aux value which is
20 * usually the data type this instruction operates on and two generic
21 * arguments (@a1, @a2). Some instructions contain pointer(s) to other
22 * instructions in their (@a1, @a2) fields.
24 * Filters use a &f_val structure for their data. Each &f_val
25 * contains type and value (types are constants prefixed with %T_). Few
26 * of the types are special; %T_RETURN can be or-ed with a type to indicate
27 * that return from a function or from the whole filter should be
28 * forced. Important thing about &f_val's is that they may be copied
29 * with a simple |=|. That's fine for all currently defined types: strings
30 * are read-only (and therefore okay), paths are copied for each
31 * operation (okay too).
36 #include "nest/bird.h"
37 #include "lib/lists.h"
38 #include "lib/resource.h"
39 #include "lib/socket.h"
40 #include "lib/string.h"
41 #include "lib/unaligned.h"
44 #include "nest/route.h"
45 #include "nest/protocol.h"
46 #include "nest/iface.h"
47 #include "nest/attrs.h"
48 #include "conf/conf.h"
49 #include "filter/filter.h"
53 void (*bt_assert_hook
)(int result
, struct f_inst
*assert);
55 static struct adata undef_adata
; /* adata of length 0 used for undefined */
57 /* Special undef value for paths and clists */
59 undef_value(struct f_val v
)
61 return ((v
.type
== T_PATH
) || (v
.type
== T_CLIST
) ||
62 (v
.type
== T_ECLIST
) || (v
.type
== T_LCLIST
)) &&
63 (v
.val
.ad
== &undef_adata
);
67 adata_empty(struct linpool
*pool
, int l
)
69 struct adata
*res
= lp_alloc(pool
, sizeof(struct adata
) + l
);
75 pm_format(struct f_path_mask
*p
, buffer
*buf
)
77 buffer_puts(buf
, "[= ");
84 buffer_print(buf
, "%u ", p
->val
);
88 buffer_puts(buf
, "? ");
92 buffer_puts(buf
, "* ");
96 buffer_print(buf
, "%u..%u ", p
->val
, p
->val2
);
106 buffer_puts(buf
, "=]");
109 static inline int val_is_ip4(const struct f_val v
)
110 { return (v
.type
== T_IP
) && ipa_is_ip4(v
.val
.ip
); }
113 lcomm_cmp(lcomm v1
, lcomm v2
)
115 if (v1
.asn
!= v2
.asn
)
116 return (v1
.asn
> v2
.asn
) ? 1 : -1;
117 if (v1
.ldp1
!= v2
.ldp1
)
118 return (v1
.ldp1
> v2
.ldp1
) ? 1 : -1;
119 if (v1
.ldp2
!= v2
.ldp2
)
120 return (v1
.ldp2
> v2
.ldp2
) ? 1 : -1;
125 * val_compare - compare two values
129 * Compares two values and returns -1, 0, 1 on <, =, > or CMP_ERROR on
130 * error. Tree module relies on this giving consistent results so
131 * that it can be used for building balanced trees.
134 val_compare(struct f_val v1
, struct f_val v2
)
136 if (v1
.type
!= v2
.type
) {
137 if (v1
.type
== T_VOID
) /* Hack for else */
139 if (v2
.type
== T_VOID
)
142 /* IP->Quad implicit conversion */
143 if ((v1
.type
== T_QUAD
) && val_is_ip4(v2
))
144 return uint_cmp(v1
.val
.i
, ipa_to_u32(v2
.val
.ip
));
145 if (val_is_ip4(v1
) && (v2
.type
== T_QUAD
))
146 return uint_cmp(ipa_to_u32(v1
.val
.ip
), v2
.val
.i
);
148 debug( "Types do not match in val_compare\n" );
160 return uint_cmp(v1
.val
.i
, v2
.val
.i
);
163 return u64_cmp(v1
.val
.ec
, v2
.val
.ec
);
165 return lcomm_cmp(v1
.val
.lc
, v2
.val
.lc
);
167 return ipa_compare(v1
.val
.ip
, v2
.val
.ip
);
169 return net_compare(v1
.val
.net
, v2
.val
.net
);
171 return strcmp(v1
.val
.s
, v2
.val
.s
);
178 pm_same(struct f_path_mask
*m1
, struct f_path_mask
*m2
)
182 if (m1
->kind
!= m2
->kind
)
185 if (m1
->kind
== PM_ASN_EXPR
)
187 if (!i_same((struct f_inst
*) m1
->val
, (struct f_inst
*) m2
->val
))
192 if ((m1
->val
!= m2
->val
) || (m1
->val2
!= m2
->val2
))
204 * val_same - compare two values
208 * Compares two values and returns 1 if they are same and 0 if not.
209 * Comparison of values of different types is valid and returns 0.
212 val_same(struct f_val v1
, struct f_val v2
)
216 rc
= val_compare(v1
, v2
);
220 if (v1
.type
!= v2
.type
)
225 return pm_same(v1
.val
.path_mask
, v2
.val
.path_mask
);
230 return adata_same(v1
.val
.ad
, v2
.val
.ad
);
232 return same_tree(v1
.val
.t
, v2
.val
.t
);
234 return trie_same(v1
.val
.ti
, v2
.val
.ti
);
236 bug("Invalid type in val_same(): %x", v1
.type
);
241 clist_set_type(struct f_tree
*set
, struct f_val
*v
)
243 switch (set
->from
.type
)
254 if (val_is_ip4(set
->from
) && val_is_ip4(set
->to
))
267 eclist_set_type(struct f_tree
*set
)
268 { return set
->from
.type
== T_EC
; }
271 lclist_set_type(struct f_tree
*set
)
272 { return set
->from
.type
== T_LC
; }
275 clist_match_set(struct adata
*clist
, struct f_tree
*set
)
281 if (!clist_set_type(set
, &v
))
284 u32
*l
= (u32
*) clist
->data
;
285 u32
*end
= l
+ clist
->length
/4;
289 if (find_tree(set
, v
))
296 eclist_match_set(struct adata
*list
, struct f_tree
*set
)
301 if (!eclist_set_type(set
))
305 u32
*l
= int_set_get_data(list
);
306 int len
= int_set_get_size(list
);
310 for (i
= 0; i
< len
; i
+= 2) {
311 v
.val
.ec
= ec_get(l
, i
);
312 if (find_tree(set
, v
))
320 lclist_match_set(struct adata
*list
, struct f_tree
*set
)
325 if (!lclist_set_type(set
))
329 u32
*l
= int_set_get_data(list
);
330 int len
= int_set_get_size(list
);
334 for (i
= 0; i
< len
; i
+= 3) {
335 v
.val
.lc
= lc_get(l
, i
);
336 if (find_tree(set
, v
))
343 static struct adata
*
344 clist_filter(struct linpool
*pool
, struct adata
*list
, struct f_val set
, int pos
)
349 int tree
= (set
.type
== T_SET
); /* 1 -> set is T_SET, 0 -> set is T_CLIST */
352 clist_set_type(set
.val
.t
, &v
);
356 int len
= int_set_get_size(list
);
357 u32
*l
= int_set_get_data(list
);
364 /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */
365 if ((tree
? !!find_tree(set
.val
.t
, v
) : int_set_contains(set
.val
.ad
, v
.val
.i
)) == pos
)
369 uint nl
= (k
- tmp
) * sizeof(u32
);
370 if (nl
== list
->length
)
373 struct adata
*res
= adata_empty(pool
, nl
);
374 memcpy(res
->data
, tmp
, nl
);
378 static struct adata
*
379 eclist_filter(struct linpool
*pool
, struct adata
*list
, struct f_val set
, int pos
)
384 int tree
= (set
.type
== T_SET
); /* 1 -> set is T_SET, 0 -> set is T_CLIST */
387 int len
= int_set_get_size(list
);
388 u32
*l
= int_set_get_data(list
);
394 for (i
= 0; i
< len
; i
+= 2) {
395 v
.val
.ec
= ec_get(l
, i
);
396 /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */
397 if ((tree
? !!find_tree(set
.val
.t
, v
) : ec_set_contains(set
.val
.ad
, v
.val
.ec
)) == pos
) {
403 uint nl
= (k
- tmp
) * sizeof(u32
);
404 if (nl
== list
->length
)
407 struct adata
*res
= adata_empty(pool
, nl
);
408 memcpy(res
->data
, tmp
, nl
);
412 static struct adata
*
413 lclist_filter(struct linpool
*pool
, struct adata
*list
, struct f_val set
, int pos
)
418 int tree
= (set
.type
== T_SET
); /* 1 -> set is T_SET, 0 -> set is T_CLIST */
421 int len
= int_set_get_size(list
);
422 u32
*l
= int_set_get_data(list
);
428 for (i
= 0; i
< len
; i
+= 3) {
429 v
.val
.lc
= lc_get(l
, i
);
430 /* pos && member(val, set) || !pos && !member(val, set), member() depends on tree */
431 if ((tree
? !!find_tree(set
.val
.t
, v
) : lc_set_contains(set
.val
.ad
, v
.val
.lc
)) == pos
)
435 uint nl
= (k
- tmp
) * sizeof(u32
);
436 if (nl
== list
->length
)
439 struct adata
*res
= adata_empty(pool
, nl
);
440 memcpy(res
->data
, tmp
, nl
);
445 * val_in_range - implement |~| operator
449 * Checks if @v1 is element (|~| operator) of @v2.
452 val_in_range(struct f_val v1
, struct f_val v2
)
454 if ((v1
.type
== T_PATH
) && (v2
.type
== T_PATH_MASK
))
455 return as_path_match(v1
.val
.ad
, v2
.val
.path_mask
);
457 if ((v1
.type
== T_INT
) && (v2
.type
== T_PATH
))
458 return as_path_contains(v2
.val
.ad
, v1
.val
.i
, 1);
460 if (((v1
.type
== T_PAIR
) || (v1
.type
== T_QUAD
)) && (v2
.type
== T_CLIST
))
461 return int_set_contains(v2
.val
.ad
, v1
.val
.i
);
462 /* IP->Quad implicit conversion */
463 if (val_is_ip4(v1
) && (v2
.type
== T_CLIST
))
464 return int_set_contains(v2
.val
.ad
, ipa_to_u32(v1
.val
.ip
));
466 if ((v1
.type
== T_EC
) && (v2
.type
== T_ECLIST
))
467 return ec_set_contains(v2
.val
.ad
, v1
.val
.ec
);
469 if ((v1
.type
== T_LC
) && (v2
.type
== T_LCLIST
))
470 return lc_set_contains(v2
.val
.ad
, v1
.val
.lc
);
472 if ((v1
.type
== T_STRING
) && (v2
.type
== T_STRING
))
473 return patmatch(v2
.val
.s
, v1
.val
.s
);
475 if ((v1
.type
== T_IP
) && (v2
.type
== T_NET
))
476 return ipa_in_netX(v1
.val
.ip
, v2
.val
.net
);
478 if ((v1
.type
== T_NET
) && (v2
.type
== T_NET
))
479 return net_in_netX(v1
.val
.net
, v2
.val
.net
);
481 if ((v1
.type
== T_NET
) && (v2
.type
== T_PREFIX_SET
))
482 return trie_match_net(v2
.val
.ti
, v1
.val
.net
);
484 if (v2
.type
!= T_SET
)
487 /* With integrated Quad<->IP implicit conversion */
488 if ((v1
.type
== v2
.val
.t
->from
.type
) ||
489 ((v1
.type
== T_QUAD
) && val_is_ip4(v2
.val
.t
->from
) && val_is_ip4(v2
.val
.t
->to
)))
490 return !!find_tree(v2
.val
.t
, v1
);
492 if (v1
.type
== T_CLIST
)
493 return clist_match_set(v1
.val
.ad
, v2
.val
.t
);
495 if (v1
.type
== T_ECLIST
)
496 return eclist_match_set(v1
.val
.ad
, v2
.val
.t
);
498 if (v1
.type
== T_LCLIST
)
499 return lclist_match_set(v1
.val
.ad
, v2
.val
.t
);
501 if (v1
.type
== T_PATH
)
502 return as_path_match_set(v1
.val
.ad
, v2
.val
.t
);
508 * val_format - format filter value
511 val_format(struct f_val v
, buffer
*buf
)
516 case T_VOID
: buffer_puts(buf
, "(void)"); return;
517 case T_BOOL
: buffer_puts(buf
, v
.val
.i
? "TRUE" : "FALSE"); return;
518 case T_INT
: buffer_print(buf
, "%u", v
.val
.i
); return;
519 case T_STRING
: buffer_print(buf
, "%s", v
.val
.s
); return;
520 case T_IP
: buffer_print(buf
, "%I", v
.val
.ip
); return;
521 case T_NET
: buffer_print(buf
, "%N", v
.val
.net
); return;
522 case T_PAIR
: buffer_print(buf
, "(%u,%u)", v
.val
.i
>> 16, v
.val
.i
& 0xffff); return;
523 case T_QUAD
: buffer_print(buf
, "%R", v
.val
.i
); return;
524 case T_EC
: ec_format(buf2
, v
.val
.ec
); buffer_print(buf
, "%s", buf2
); return;
525 case T_LC
: lc_format(buf2
, v
.val
.lc
); buffer_print(buf
, "%s", buf2
); return;
526 case T_RD
: rd_format(v
.val
.ec
, buf2
, 1024); buffer_print(buf
, "%s", buf2
); return;
527 case T_PREFIX_SET
: trie_format(v
.val
.ti
, buf
); return;
528 case T_SET
: tree_format(v
.val
.t
, buf
); return;
529 case T_ENUM
: buffer_print(buf
, "(enum %x)%u", v
.type
, v
.val
.i
); return;
530 case T_PATH
: as_path_format(v
.val
.ad
, buf2
, 1000); buffer_print(buf
, "(path %s)", buf2
); return;
531 case T_CLIST
: int_set_format(v
.val
.ad
, 1, -1, buf2
, 1000); buffer_print(buf
, "(clist %s)", buf2
); return;
532 case T_ECLIST
: ec_set_format(v
.val
.ad
, -1, buf2
, 1000); buffer_print(buf
, "(eclist %s)", buf2
); return;
533 case T_LCLIST
: lc_set_format(v
.val
.ad
, -1, buf2
, 1000); buffer_print(buf
, "(lclist %s)", buf2
); return;
534 case T_PATH_MASK
: pm_format(v
.val
.path_mask
, buf
); return;
535 default: buffer_print(buf
, "[unknown type %x]", v
.type
); return;
539 static struct rte
**f_rte
;
540 static struct rta
*f_old_rta
;
541 static struct ea_list
**f_tmp_attrs
;
542 static struct linpool
*f_pool
;
543 static struct buffer f_buf
;
546 static inline void f_rte_cow(void)
548 *f_rte
= rte_cow(*f_rte
);
552 * rta_cow - prepare rta for modification by filter
557 if (!rta_is_cached((*f_rte
)->attrs
))
560 /* Prepare to modify rte */
563 /* Store old rta to free it later, it stores reference from rte_cow() */
564 f_old_rta
= (*f_rte
)->attrs
;
567 * Get shallow copy of rta. Fields eattrs and nexthops of rta are shared
568 * with f_old_rta (they will be copied when the cached rta will be obtained
569 * at the end of f_run()), also the lock of hostentry is inherited (we
570 * suppose hostentry is not changed by filters).
572 (*f_rte
)->attrs
= rta_do_cow((*f_rte
)->attrs
, f_pool
);
576 val_format_str(struct f_val v
) {
580 return lp_strdup(f_pool
, b
.start
);
583 static struct tbf rl_runtime_err
= TBF_DEFAULT_LOG_LIMITS
;
585 #define runtime(fmt, ...) do { \
586 if (!(f_flags & FF_SILENT)) \
587 log_rl(&rl_runtime_err, L_ERR "filters, line %d: " fmt, what->lineno, ##__VA_ARGS__); \
588 res.type = T_RETURN; \
589 res.val.i = F_ERROR; \
593 #define ARG_ANY(n) INTERPRET(v##n, what->a##n.p)
595 #define ARG(n,t) ARG_ANY(n) \
596 if (v##n.type != t) \
597 runtime("Argument %d of instruction %s must be of type %02x, got %02x", \
598 n, f_instruction_name(what->fi_code), t, v##n.type);
600 #define INTERPRET(val, what_) \
601 val = interpret(what_); \
602 if (val.type & T_RETURN) \
606 do { if (!f_rte) runtime("No route to access"); } while (0)
608 #define BITFIELD_MASK(what) \
609 (1u << (what->a2.i >> 24))
613 * @what: filter to interpret
615 * Interpret given tree of filter instructions. This is core function
616 * of filter system and does all the hard work.
618 * Each instruction has 4 fields: code (which is instruction code),
619 * aux (which is extension to instruction code, typically type),
620 * arg1 and arg2 - arguments. Depending on instruction, arguments
621 * are either integers, or pointers to instruction trees. Common
622 * instructions like +, that have two expressions as arguments use
623 * TWOARGS macro to get both of them evaluated.
625 * &f_val structures are copied around, so there are no problems with
629 interpret(struct f_inst
*what
)
632 struct f_val v1
, v2
, v3
, res
= { .type
= T_VOID
}, *vp
;
637 for ( ; what
; what
= what
->next
) {
639 switch(what
->fi_code
) {
640 /* Binary operators */
645 res
.val
.i
= v1
.val
.i
+ v2
.val
.i
;
651 res
.val
.i
= v1
.val
.i
- v2
.val
.i
;
657 res
.val
.i
= v1
.val
.i
* v2
.val
.i
;
663 if (v2
.val
.i
== 0) runtime( "Mother told me not to divide by 0" );
664 res
.val
.i
= v1
.val
.i
/ v2
.val
.i
;
669 if (v1
.val
.i
== (what
->fi_code
== FI_OR
)) {
671 res
.val
.i
= v1
.val
.i
;
677 case FI_PAIR_CONSTRUCT
:
682 if ((u1
> 0xFFFF) || (u2
> 0xFFFF))
683 runtime( "Can't operate with value out of bounds in pair constructor" );
684 res
.val
.i
= (u1
<< 16) | u2
;
688 case FI_EC_CONSTRUCT
:
693 int check
, ipv4_used
;
696 if (v1
.type
== T_INT
) {
697 ipv4_used
= 0; key
= v1
.val
.i
;
699 else if (v1
.type
== T_QUAD
) {
700 ipv4_used
= 1; key
= v1
.val
.i
;
702 /* IP->Quad implicit conversion */
703 else if (val_is_ip4(v1
)) {
704 ipv4_used
= 1; key
= ipa_to_u32(v1
.val
.ip
);
707 runtime("Can't operate with key of non-integer/IPv4 type in EC constructor");
714 if (what
->aux
== EC_GENERIC
) {
715 check
= 0; res
.val
.ec
= ec_generic(key
, val
);
717 else if (ipv4_used
) {
718 check
= 1; res
.val
.ec
= ec_ip4(what
->aux
, key
, val
);
720 else if (key
< 0x10000) {
721 check
= 0; res
.val
.ec
= ec_as2(what
->aux
, key
, val
);
724 check
= 1; res
.val
.ec
= ec_as4(what
->aux
, key
, val
);
727 if (check
&& (val
> 0xFFFF))
728 runtime("Can't operate with value out of bounds in EC constructor");
733 case FI_LC_CONSTRUCT
:
740 res
.val
.lc
= (lcomm
) { v1
.val
.i
, v2
.val
.i
, v3
.val
.i
};
745 case FI_PATHMASK_CONSTRUCT
:
747 struct f_path_mask
*tt
= what
->a1
.p
, *vbegin
, **vv
= &vbegin
;
750 *vv
= lp_alloc(f_pool
, sizeof(struct f_path_mask
));
751 if (tt
->kind
== PM_ASN_EXPR
) {
753 INTERPRET(res
, (struct f_inst
*) tt
->val
);
754 (*vv
)->kind
= PM_ASN
;
755 if (res
.type
!= T_INT
) {
756 runtime( "Error resolving path mask template: value not an integer" );
757 return (struct f_val
) { .type
= T_VOID
};
760 (*vv
)->val
= res
.val
.i
;
768 res
= (struct f_val
) { .type
= T_PATH_MASK
, .val
.path_mask
= vbegin
};
772 /* Relational operators */
777 i = val_compare(v1, v2); \
779 runtime( "Can't compare values of incompatible types" ); \
787 i = val_same(v1, v2); \
792 case FI_NEQ
: SAME(!i
);
794 case FI_LT
: COMPARE(i
==-1);
795 case FI_LTE
: COMPARE(i
!=1);
800 res
.val
.i
= !res
.val
.i
;
807 res
.val
.i
= val_in_range(v1
, v2
);
808 if (res
.val
.i
== CMP_ERROR
)
809 runtime( "~ applied on unknown type pair" );
810 res
.val
.i
= !!res
.val
.i
;
817 res
.val
.i
= val_in_range(v1
, v2
);
818 if (res
.val
.i
== CMP_ERROR
)
819 runtime( "!~ applied on unknown type pair" );
820 res
.val
.i
= !res
.val
.i
;
826 res
.val
.i
= (v1
.type
!= T_VOID
) && !undef_value(v1
);
829 ARG_ANY(1); /* There may be more types supporting this operation */
833 res
.type
= T_ENUM_NETTYPE
;
834 res
.val
.i
= v1
.val
.net
->type
;
837 runtime( "Can't determine type of this item" );
843 res
.val
.i
= ipa_is_ip4(v1
.val
.ip
);
846 /* Set to indirect value, a1 = variable, a2 = value */
851 if ((sym
->class != (SYM_VARIABLE
| v2
.type
)) && (v2
.type
!= T_VOID
))
853 /* IP->Quad implicit conversion */
854 if ((sym
->class == (SYM_VARIABLE
| T_QUAD
)) && val_is_ip4(v2
))
857 vp
->val
.i
= ipa_to_u32(v2
.val
.ip
);
860 runtime( "Assigning to variable of incompatible type" );
865 /* some constants have value in a2, some in *a1.p, strange. */
866 case FI_CONSTANT
: /* integer (or simple type) constant, string, set, or prefix_set */
867 res
.type
= what
->aux
;
869 if (res
.type
== T_PREFIX_SET
)
870 res
.val
.ti
= what
->a2
.p
;
871 else if (res
.type
== T_SET
)
872 res
.val
.t
= what
->a2
.p
;
873 else if (res
.type
== T_STRING
)
874 res
.val
.s
= what
->a2
.p
;
876 res
.val
.i
= what
->a2
.i
;
879 case FI_CONSTANT_INDIRECT
:
880 res
= * ((struct f_val
*) what
->a1
.p
);
884 val_format(v1
, &f_buf
);
886 case FI_CONDITION
: /* ? has really strange error value, so we can implement if ... else nicely :-) */
896 debug( "No operation\n" );
898 case FI_PRINT_AND_DIE
:
900 if ((what
->a2
.i
== F_NOP
|| (what
->a2
.i
!= F_NONL
&& what
->a1
.p
)) &&
901 !(f_flags
& FF_SILENT
))
902 log_commit(*L_INFO
, &f_buf
);
904 switch (what
->a2
.i
) {
906 die( "Filter asked me to die" );
908 /* Should take care about turning ACCEPT into MODIFY */
910 case F_REJECT
: /* FIXME (noncritical) Should print complete route along with reason to reject route */
912 res
.val
.i
= what
->a2
.i
;
913 return res
; /* We have to return now, no more processing. */
918 bug( "unknown return type: Can't happen");
921 case FI_RTA_GET
: /* rta access */
924 struct rta
*rta
= (*f_rte
)->attrs
;
925 res
.type
= what
->aux
;
929 case SA_FROM
: res
.val
.ip
= rta
->from
; break;
930 case SA_GW
: res
.val
.ip
= rta
->nh
.gw
; break;
931 case SA_NET
: res
.val
.net
= (*f_rte
)->net
->n
.addr
; break;
932 case SA_PROTO
: res
.val
.s
= rta
->src
->proto
->name
; break;
933 case SA_SOURCE
: res
.val
.i
= rta
->source
; break;
934 case SA_SCOPE
: res
.val
.i
= rta
->scope
; break;
935 case SA_DEST
: res
.val
.i
= rta
->dest
; break;
936 case SA_IFNAME
: res
.val
.s
= rta
->nh
.iface
? rta
->nh
.iface
->name
: ""; break;
937 case SA_IFINDEX
: res
.val
.i
= rta
->nh
.iface
? rta
->nh
.iface
->index
: 0; break;
940 bug("Invalid static attribute access (%x)", res
.type
);
947 if (what
->aux
!= v1
.type
)
948 runtime( "Attempt to set static attribute to incompatible type" );
952 struct rta
*rta
= (*f_rte
)->attrs
;
957 rta
->from
= v1
.val
.ip
;
962 ip_addr ip
= v1
.val
.ip
;
963 neighbor
*n
= neigh_find(rta
->src
->proto
, &ip
, 0);
964 if (!n
|| (n
->scope
== SCOPE_HOST
))
965 runtime( "Invalid gw address" );
967 rta
->dest
= RTD_UNICAST
;
969 rta
->nh
.iface
= n
->iface
;
971 rta
->hostentry
= NULL
;
976 rta
->scope
= v1
.val
.i
;
981 if ((i
!= RTD_BLACKHOLE
) && (i
!= RTD_UNREACHABLE
) && (i
!= RTD_PROHIBIT
))
982 runtime( "Destination can be changed only to blackhole, unreachable or prohibit" );
985 rta
->nh
.gw
= IPA_NONE
;
986 rta
->nh
.iface
= NULL
;
988 rta
->hostentry
= NULL
;
992 bug("Invalid static attribute access (%x)", res
.type
);
996 case FI_EA_GET
: /* Access to extended attributes */
1000 u16 code
= what
->a2
.i
;
1001 int f_type
= what
->aux
>> 8;
1003 if (!(f_flags
& FF_FORCE_TMPATTR
))
1004 e
= ea_find((*f_rte
)->attrs
->eattrs
, code
);
1006 e
= ea_find((*f_tmp_attrs
), code
);
1007 if ((!e
) && (f_flags
& FF_FORCE_TMPATTR
))
1008 e
= ea_find((*f_rte
)->attrs
->eattrs
, code
);
1011 /* A special case: undefined as_path looks like empty as_path */
1012 if ((what
->aux
& EAF_TYPE_MASK
) == EAF_TYPE_AS_PATH
) {
1014 res
.val
.ad
= &undef_adata
;
1018 /* The same special case for int_set */
1019 if ((what
->aux
& EAF_TYPE_MASK
) == EAF_TYPE_INT_SET
) {
1021 res
.val
.ad
= &undef_adata
;
1025 /* The same special case for ec_set */
1026 if ((what
->aux
& EAF_TYPE_MASK
) == EAF_TYPE_EC_SET
) {
1027 res
.type
= T_ECLIST
;
1028 res
.val
.ad
= &undef_adata
;
1032 /* The same special case for lc_set */
1033 if ((what
->aux
& EAF_TYPE_MASK
) == EAF_TYPE_LC_SET
) {
1034 res
.type
= T_LCLIST
;
1035 res
.val
.ad
= &undef_adata
;
1039 /* Undefined value */
1044 switch (what
->aux
& EAF_TYPE_MASK
) {
1047 res
.val
.i
= e
->u
.data
;
1049 case EAF_TYPE_ROUTER_ID
:
1051 res
.val
.i
= e
->u
.data
;
1053 case EAF_TYPE_OPAQUE
:
1054 res
.type
= T_ENUM_EMPTY
;
1057 case EAF_TYPE_IP_ADDRESS
:
1059 struct adata
* ad
= e
->u
.ptr
;
1060 res
.val
.ip
= * (ip_addr
*) ad
->data
;
1062 case EAF_TYPE_AS_PATH
:
1064 res
.val
.ad
= e
->u
.ptr
;
1066 case EAF_TYPE_BITFIELD
:
1068 res
.val
.i
= !!(e
->u
.data
& BITFIELD_MASK(what
));
1070 case EAF_TYPE_INT_SET
:
1072 res
.val
.ad
= e
->u
.ptr
;
1074 case EAF_TYPE_EC_SET
:
1075 res
.type
= T_ECLIST
;
1076 res
.val
.ad
= e
->u
.ptr
;
1078 case EAF_TYPE_LC_SET
:
1079 res
.type
= T_LCLIST
;
1080 res
.val
.ad
= e
->u
.ptr
;
1082 case EAF_TYPE_UNDEF
:
1086 bug("Unknown type in e,a");
1094 struct ea_list
*l
= lp_alloc(f_pool
, sizeof(struct ea_list
) + sizeof(eattr
));
1095 u16 code
= what
->a2
.i
;
1096 int f_type
= what
->aux
>> 8;
1099 l
->flags
= EALF_SORTED
;
1101 l
->attrs
[0].id
= code
;
1102 l
->attrs
[0].flags
= 0;
1103 l
->attrs
[0].type
= (what
->aux
& 0xff) | EAF_ORIGINATED
| EAF_FRESH
;
1105 switch (what
->aux
& EAF_TYPE_MASK
) {
1107 if (v1
.type
!= f_type
)
1108 runtime( "Setting int attribute to non-int value" );
1109 l
->attrs
[0].u
.data
= v1
.val
.i
;
1112 case EAF_TYPE_ROUTER_ID
:
1113 /* IP->Quad implicit conversion */
1114 if (val_is_ip4(v1
)) {
1115 l
->attrs
[0].u
.data
= ipa_to_u32(v1
.val
.ip
);
1118 /* T_INT for backward compatibility */
1119 if ((v1
.type
!= T_QUAD
) && (v1
.type
!= T_INT
))
1120 runtime( "Setting quad attribute to non-quad value" );
1121 l
->attrs
[0].u
.data
= v1
.val
.i
;
1124 case EAF_TYPE_OPAQUE
:
1125 runtime( "Setting opaque attribute is not allowed" );
1127 case EAF_TYPE_IP_ADDRESS
:
1128 if (v1
.type
!= T_IP
)
1129 runtime( "Setting ip attribute to non-ip value" );
1130 int len
= sizeof(ip_addr
);
1131 struct adata
*ad
= lp_alloc(f_pool
, sizeof(struct adata
) + len
);
1133 (* (ip_addr
*) ad
->data
) = v1
.val
.ip
;
1134 l
->attrs
[0].u
.ptr
= ad
;
1136 case EAF_TYPE_AS_PATH
:
1137 if (v1
.type
!= T_PATH
)
1138 runtime( "Setting path attribute to non-path value" );
1139 l
->attrs
[0].u
.ptr
= v1
.val
.ad
;
1141 case EAF_TYPE_BITFIELD
:
1142 if (v1
.type
!= T_BOOL
)
1143 runtime( "Setting bit in bitfield attribute to non-bool value" );
1145 /* First, we have to find the old value */
1147 if (!(f_flags
& FF_FORCE_TMPATTR
))
1148 e
= ea_find((*f_rte
)->attrs
->eattrs
, code
);
1150 e
= ea_find((*f_tmp_attrs
), code
);
1151 if ((!e
) && (f_flags
& FF_FORCE_TMPATTR
))
1152 e
= ea_find((*f_rte
)->attrs
->eattrs
, code
);
1153 u32 data
= e
? e
->u
.data
: 0;
1156 l
->attrs
[0].u
.data
= data
| BITFIELD_MASK(what
);
1158 l
->attrs
[0].u
.data
= data
& ~BITFIELD_MASK(what
);;
1161 case EAF_TYPE_INT_SET
:
1162 if (v1
.type
!= T_CLIST
)
1163 runtime( "Setting clist attribute to non-clist value" );
1164 l
->attrs
[0].u
.ptr
= v1
.val
.ad
;
1166 case EAF_TYPE_EC_SET
:
1167 if (v1
.type
!= T_ECLIST
)
1168 runtime( "Setting eclist attribute to non-eclist value" );
1169 l
->attrs
[0].u
.ptr
= v1
.val
.ad
;
1171 case EAF_TYPE_LC_SET
:
1172 if (v1
.type
!= T_LCLIST
)
1173 runtime( "Setting lclist attribute to non-lclist value" );
1174 l
->attrs
[0].u
.ptr
= v1
.val
.ad
;
1176 case EAF_TYPE_UNDEF
:
1177 if (v1
.type
!= T_VOID
)
1178 runtime( "Setting void attribute to non-void value" );
1179 l
->attrs
[0].u
.data
= 0;
1181 default: bug("Unknown type in e,S");
1184 if (!(what
->aux
& EAF_TEMP
) && (!(f_flags
& FF_FORCE_TMPATTR
))) {
1186 l
->next
= (*f_rte
)->attrs
->eattrs
;
1187 (*f_rte
)->attrs
->eattrs
= l
;
1189 l
->next
= (*f_tmp_attrs
);
1197 res
.val
.i
= (*f_rte
)->pref
;
1202 if (v1
.val
.i
> 0xFFFF)
1203 runtime( "Setting preference value out of bounds" );
1205 (*f_rte
)->pref
= v1
.val
.i
;
1207 case FI_LENGTH
: /* Get length of */
1211 case T_NET
: res
.val
.i
= net_pxlen(v1
.val
.net
); break;
1212 case T_PATH
: res
.val
.i
= as_path_getlen(v1
.val
.ad
); break;
1213 case T_CLIST
: res
.val
.i
= int_set_get_size(v1
.val
.ad
); break;
1214 case T_ECLIST
: res
.val
.i
= ec_set_get_size(v1
.val
.ad
); break;
1215 case T_LCLIST
: res
.val
.i
= lc_set_get_size(v1
.val
.ad
); break;
1216 default: runtime( "Prefix, path, clist or eclist expected" );
1219 case FI_SADR_SRC
: /* Get SADR src prefix */
1221 if (!net_is_sadr(v1
.val
.net
))
1222 runtime( "SADR expected" );
1225 net_addr_ip6_sadr
*net
= (void *) v1
.val
.net
;
1226 net_addr
*src
= lp_alloc(f_pool
, sizeof(net_addr_ip6
));
1227 net_fill_ip6(src
, net
->src_prefix
, net
->src_pxlen
);
1233 case FI_ROA_MAXLEN
: /* Get ROA max prefix length */
1235 if (!net_is_roa(v1
.val
.net
))
1236 runtime( "ROA expected" );
1239 res
.val
.i
= (v1
.val
.net
->type
== NET_ROA4
) ?
1240 ((net_addr_roa4
*) v1
.val
.net
)->max_pxlen
:
1241 ((net_addr_roa6
*) v1
.val
.net
)->max_pxlen
;
1243 case FI_ROA_ASN
: /* Get ROA ASN */
1245 if (!net_is_roa(v1
.val
.net
))
1246 runtime( "ROA expected" );
1249 res
.val
.i
= (v1
.val
.net
->type
== NET_ROA4
) ?
1250 ((net_addr_roa4
*) v1
.val
.net
)->asn
:
1251 ((net_addr_roa6
*) v1
.val
.net
)->asn
;
1253 case FI_IP
: /* Convert prefix to ... */
1256 res
.val
.ip
= net_prefix(v1
.val
.net
);
1258 case FI_ROUTE_DISTINGUISHER
:
1261 if (!net_is_vpn(v1
.val
.net
))
1262 runtime( "VPN address expected" );
1264 res
.val
.ec
= net_rd(v1
.val
.net
);
1266 case FI_AS_PATH_FIRST
: /* Get first ASN from AS PATH */
1270 as_path_get_first(v1
.val
.ad
, &as
);
1274 case FI_AS_PATH_LAST
: /* Get last ASN from AS PATH */
1278 as_path_get_last(v1
.val
.ad
, &as
);
1282 case FI_AS_PATH_LAST_NAG
: /* Get last ASN from non-aggregated part of AS PATH */
1286 res
.val
.i
= as_path_get_last_nonaggregated(v1
.val
.ad
);
1291 res
.type
|= T_RETURN
;
1293 case FI_CALL
: /* CALL: this is special: if T_RETURN and returning some value, mask it out */
1295 res
= interpret(what
->a2
.p
);
1296 if (res
.type
== T_RETURN
)
1298 res
.type
&= ~T_RETURN
;
1300 case FI_CLEAR_LOCAL_VARS
: /* Clear local variables */
1301 for (sym
= what
->a1
.p
; sym
!= NULL
; sym
= sym
->aux2
)
1302 ((struct f_val
*) sym
->def
)->type
= T_VOID
;
1307 struct f_tree
*t
= find_tree(what
->a2
.p
, v1
);
1310 t
= find_tree(what
->a2
.p
, v1
);
1312 debug( "No else statement?\n");
1316 /* It is actually possible to have t->data NULL */
1318 INTERPRET(res
, t
->data
);
1321 case FI_IP_MASK
: /* IP.MASK(val) */
1326 res
.val
.ip
= ipa_is_ip4(v1
.val
.ip
) ?
1327 ipa_from_ip4(ip4_and(ipa_to_ip4(v1
.val
.ip
), ip4_mkmask(v2
.val
.i
))) :
1328 ipa_from_ip6(ip6_and(ipa_to_ip6(v1
.val
.ip
), ip6_mkmask(v2
.val
.i
)));
1331 case FI_EMPTY
: /* Create empty attribute */
1332 res
.type
= what
->aux
;
1333 res
.val
.ad
= adata_empty(f_pool
, 0);
1335 case FI_PATH_PREPEND
: /* Path prepend */
1340 res
.val
.ad
= as_path_prepend(f_pool
, v1
.val
.ad
, v2
.val
.i
);
1343 case FI_CLIST_ADD_DEL
: /* (Extended) Community list add or delete */
1346 if (v1
.type
== T_PATH
)
1348 struct f_tree
*set
= NULL
;
1352 if (v2
.type
== T_INT
)
1354 else if ((v2
.type
== T_SET
) && (v2
.val
.t
->from
.type
== T_INT
))
1357 runtime("Can't delete non-integer (set)");
1361 case 'a': runtime("Can't add to path");
1362 case 'd': pos
= 0; break;
1363 case 'f': pos
= 1; break;
1364 default: bug("unknown Ca operation");
1368 runtime("Can't filter integer");
1371 res
.val
.ad
= as_path_filter(f_pool
, v1
.val
.ad
, set
, key
, pos
);
1373 else if (v1
.type
== T_CLIST
)
1375 /* Community (or cluster) list */
1380 if ((v2
.type
== T_PAIR
) || (v2
.type
== T_QUAD
))
1382 /* IP->Quad implicit conversion */
1383 else if (val_is_ip4(v2
))
1384 n
= ipa_to_u32(v2
.val
.ip
);
1385 else if ((v2
.type
== T_SET
) && clist_set_type(v2
.val
.t
, &dummy
))
1387 else if (v2
.type
== T_CLIST
)
1390 runtime("Can't add/delete non-pair");
1397 runtime("Can't add set");
1399 res
.val
.ad
= int_set_add(f_pool
, v1
.val
.ad
, n
);
1401 res
.val
.ad
= int_set_union(f_pool
, v1
.val
.ad
, v2
.val
.ad
);
1406 res
.val
.ad
= int_set_del(f_pool
, v1
.val
.ad
, n
);
1408 res
.val
.ad
= clist_filter(f_pool
, v1
.val
.ad
, v2
, 0);
1413 runtime("Can't filter pair");
1414 res
.val
.ad
= clist_filter(f_pool
, v1
.val
.ad
, v2
, 1);
1418 bug("unknown Ca operation");
1421 else if (v1
.type
== T_ECLIST
)
1423 /* Extended community list */
1426 /* v2.val is either EC or EC-set */
1427 if ((v2
.type
== T_SET
) && eclist_set_type(v2
.val
.t
))
1429 else if (v2
.type
== T_ECLIST
)
1431 else if (v2
.type
!= T_EC
)
1432 runtime("Can't add/delete non-ec");
1434 res
.type
= T_ECLIST
;
1439 runtime("Can't add set");
1441 res
.val
.ad
= ec_set_add(f_pool
, v1
.val
.ad
, v2
.val
.ec
);
1443 res
.val
.ad
= ec_set_union(f_pool
, v1
.val
.ad
, v2
.val
.ad
);
1448 res
.val
.ad
= ec_set_del(f_pool
, v1
.val
.ad
, v2
.val
.ec
);
1450 res
.val
.ad
= eclist_filter(f_pool
, v1
.val
.ad
, v2
, 0);
1455 runtime("Can't filter ec");
1456 res
.val
.ad
= eclist_filter(f_pool
, v1
.val
.ad
, v2
, 1);
1460 bug("unknown Ca operation");
1463 else if (v1
.type
== T_LCLIST
)
1465 /* Large community list */
1468 /* v2.val is either LC or LC-set */
1469 if ((v2
.type
== T_SET
) && lclist_set_type(v2
.val
.t
))
1471 else if (v2
.type
== T_LCLIST
)
1473 else if (v2
.type
!= T_LC
)
1474 runtime("Can't add/delete non-lc");
1476 res
.type
= T_LCLIST
;
1481 runtime("Can't add set");
1483 res
.val
.ad
= lc_set_add(f_pool
, v1
.val
.ad
, v2
.val
.lc
);
1485 res
.val
.ad
= lc_set_union(f_pool
, v1
.val
.ad
, v2
.val
.ad
);
1490 res
.val
.ad
= lc_set_del(f_pool
, v1
.val
.ad
, v2
.val
.lc
);
1492 res
.val
.ad
= lclist_filter(f_pool
, v1
.val
.ad
, v2
, 0);
1497 runtime("Can't filter lc");
1498 res
.val
.ad
= lclist_filter(f_pool
, v1
.val
.ad
, v2
, 1);
1502 bug("unknown Ca operation");
1506 runtime("Can't add/delete to non-[e|l]clist");
1510 case FI_ROA_CHECK
: /* ROA Check */
1521 v1
.val
.net
= (*f_rte
)->net
->n
.addr
;
1523 /* We ignore temporary attributes, probably not a problem here */
1524 /* 0x02 is a value of BA_AS_PATH, we don't want to include BGP headers */
1525 eattr
*e
= ea_find((*f_rte
)->attrs
->eattrs
, EA_CODE(EAP_BGP
, 0x02));
1527 if (!e
|| e
->type
!= EAF_TYPE_AS_PATH
)
1528 runtime("Missing AS_PATH attribute");
1530 as_path_get_last(e
->u
.ptr
, &as
);
1533 struct rtable
*table
= ((struct f_inst_roa_check
*) what
)->rtc
->table
;
1535 runtime("Missing ROA table");
1537 if (table
->addr_type
!= NET_ROA4
&& table
->addr_type
!= NET_ROA6
)
1538 runtime("Table type must be either ROA4 or ROA6");
1540 res
.type
= T_ENUM_ROA
;
1542 if (table
->addr_type
!= (v1
.val
.net
->type
== NET_IP4
? NET_ROA4
: NET_ROA6
))
1543 res
.val
.i
= ROA_UNKNOWN
; /* Prefix and table type mismatch */
1545 res
.val
.i
= net_roa_check(table
, v1
.val
.net
, as
);
1549 case FI_FORMAT
: /* Format */
1552 res
.type
= T_STRING
;
1553 res
.val
.s
= val_format_str(v1
);
1556 case FI_ASSERT
: /* Birdtest Assert */
1562 CALL(bt_assert_hook
, res
.val
.i
, what
);
1566 bug( "Unknown instruction %d (%c)", what
->fi_code
, what
->fi_code
& 0xff);
1575 if (!i_same(f1->a##n.p, f2->a##n.p)) \
1578 #define ONEARG ARG(1);
1579 #define TWOARGS ONEARG; ARG(2);
1580 #define THREEARGS TWOARGS; ARG(3);
1582 #define A2_SAME if (f1->a2.i != f2->a2.i) return 0;
1585 * i_same - function that does real comparing of instruction trees, you should call filter_same from outside
1588 i_same(struct f_inst
*f1
, struct f_inst
*f2
)
1590 if ((!!f1
) != (!!f2
))
1594 if (f1
->aux
!= f2
->aux
)
1596 if (f1
->fi_code
!= f2
->fi_code
)
1598 if (f1
== f2
) /* It looks strange, but it is possible with call rewriting trickery */
1601 switch(f1
->fi_code
) {
1602 case FI_ADD
: /* fall through */
1608 case FI_PAIR_CONSTRUCT
:
1609 case FI_EC_CONSTRUCT
:
1613 case FI_LTE
: TWOARGS
; break;
1615 case FI_PATHMASK_CONSTRUCT
: if (!pm_same(f1
->a1
.p
, f2
->a1
.p
)) return 0; break;
1617 case FI_NOT
: ONEARG
; break;
1619 case FI_MATCH
: TWOARGS
; break;
1620 case FI_DEFINED
: ONEARG
; break;
1621 case FI_TYPE
: ONEARG
; break;
1623 case FI_LC_CONSTRUCT
:
1630 struct symbol
*s1
, *s2
;
1633 if (strcmp(s1
->name
, s2
->name
))
1635 if (s1
->class != s2
->class)
1644 if (!trie_same(f1
->a2
.p
, f2
->a2
.p
))
1649 if (!same_tree(f1
->a2
.p
, f2
->a2
.p
))
1654 if (strcmp(f1
->a2
.p
, f2
->a2
.p
))
1663 case FI_CONSTANT_INDIRECT
:
1664 if (!val_same(* (struct f_val
*) f1
->a1
.p
, * (struct f_val
*) f2
->a1
.p
))
1669 if (strcmp((char *) f1
->a2
.p
, (char *) f2
->a2
.p
))
1672 case FI_PRINT
: case FI_LENGTH
: ONEARG
; break;
1673 case FI_CONDITION
: TWOARGS
; break;
1674 case FI_NOP
: case FI_EMPTY
: break;
1675 case FI_PRINT_AND_DIE
: ONEARG
; A2_SAME
; break;
1677 case FI_RTA_GET
: A2_SAME
; break;
1678 case FI_EA_GET
: A2_SAME
; break;
1681 case FI_EA_SET
: ONEARG
; A2_SAME
; break;
1683 case FI_RETURN
: ONEARG
; break;
1684 case FI_ROA_MAXLEN
: ONEARG
; break;
1685 case FI_ROA_ASN
: ONEARG
; break;
1686 case FI_SADR_SRC
: ONEARG
; break;
1687 case FI_IP
: ONEARG
; break;
1688 case FI_IS_V4
: ONEARG
; break;
1689 case FI_ROUTE_DISTINGUISHER
: ONEARG
; break;
1690 case FI_CALL
: /* Call rewriting trickery to avoid exponential behaviour */
1692 if (!i_same(f1
->a2
.p
, f2
->a2
.p
))
1694 f2
->a2
.p
= f1
->a2
.p
;
1696 case FI_CLEAR_LOCAL_VARS
: break; /* internal instruction */
1697 case FI_SWITCH
: ONEARG
; if (!same_tree(f1
->a2
.p
, f2
->a2
.p
)) return 0; break;
1698 case FI_IP_MASK
: TWOARGS
; break;
1699 case FI_PATH_PREPEND
: TWOARGS
; break;
1700 case FI_CLIST_ADD_DEL
: TWOARGS
; break;
1701 case FI_AS_PATH_FIRST
:
1702 case FI_AS_PATH_LAST
:
1703 case FI_AS_PATH_LAST_NAG
: ONEARG
; break;
1706 /* Does not really make sense - ROA check results may change anyway */
1707 if (strcmp(((struct f_inst_roa_check
*) f1
)->rtc
->name
,
1708 ((struct f_inst_roa_check
*) f2
)->rtc
->name
))
1711 case FI_FORMAT
: ONEARG
; break;
1712 case FI_ASSERT
: ONEARG
; break;
1714 bug( "Unknown instruction %d in same (%c)", f1
->fi_code
, f1
->fi_code
& 0xff);
1716 return i_same(f1
->next
, f2
->next
);
1720 * f_run - run a filter for a route
1721 * @filter: filter to run
1722 * @rte: route being filtered, may be modified
1723 * @tmp_attrs: temporary attributes, prepared by caller or generated by f_run()
1724 * @tmp_pool: all filter allocations go from this pool
1727 * If filter needs to modify the route, there are several
1728 * posibilities. @rte might be read-only (with REF_COW flag), in that
1729 * case rw copy is obtained by rte_cow() and @rte is replaced. If
1730 * @rte is originally rw, it may be directly modified (and it is never
1733 * The returned rte may reuse the (possibly cached, cloned) rta, or
1734 * (if rta was modificied) contains a modified uncached rta, which
1735 * uses parts allocated from @tmp_pool and parts shared from original
1736 * rta. There is one exception - if @rte is rw but contains a cached
1737 * rta and that is modified, rta in returned rte is also cached.
1739 * Ownership of cached rtas is consistent with rte, i.e.
1740 * if a new rte is returned, it has its own clone of cached rta
1741 * (and cached rta of read-only source rte is intact), if rte is
1742 * modified in place, old cached rta is possibly freed.
1745 f_run(struct filter
*filter
, struct rte
**rte
, struct ea_list
**tmp_attrs
, struct linpool
*tmp_pool
, int flags
)
1747 if (filter
== FILTER_ACCEPT
)
1750 if (filter
== FILTER_REJECT
)
1753 int rte_cow
= ((*rte
)->flags
& REF_COW
);
1754 DBG( "Running filter `%s'...", filter
->name
);
1758 f_tmp_attrs
= tmp_attrs
;
1762 LOG_BUFFER_INIT(f_buf
);
1764 struct f_val res
= interpret(filter
->root
);
1768 * Cached rta was modified and f_rte contains now an uncached one,
1769 * sharing some part with the cached one. The cached rta should
1770 * be freed (if rte was originally COW, f_old_rta is a clone
1771 * obtained during rte_cow()).
1773 * This also implements the exception mentioned in f_run()
1774 * description. The reason for this is that rta reuses parts of
1775 * f_old_rta, and these may be freed during rta_free(f_old_rta).
1776 * This is not the problem if rte was COW, because original rte
1777 * also holds the same rta.
1780 (*f_rte
)->attrs
= rta_lookup((*f_rte
)->attrs
);
1782 rta_free(f_old_rta
);
1786 if (res
.type
!= T_RETURN
) {
1787 if (!(f_flags
& FF_SILENT
))
1788 log_rl(&rl_runtime_err
, L_ERR
"Filter %s did not return accept nor reject. Make up your mind", filter
->name
);
1791 DBG( "done (%u)\n", res
.val
.i
);
1795 /* TODO: perhaps we could integrate f_eval(), f_eval_rte() and f_run() */
1798 f_eval_rte(struct f_inst
*expr
, struct rte
**rte
, struct linpool
*tmp_pool
)
1800 struct ea_list
*tmp_attrs
= NULL
;
1804 f_tmp_attrs
= &tmp_attrs
;
1808 LOG_BUFFER_INIT(f_buf
);
1810 /* Note that in this function we assume that rte->attrs is private / uncached */
1811 struct f_val res
= interpret(expr
);
1813 /* Hack to include EAF_TEMP attributes to the main list */
1814 (*rte
)->attrs
->eattrs
= ea_append(tmp_attrs
, (*rte
)->attrs
->eattrs
);
1820 f_eval(struct f_inst
*expr
, struct linpool
*tmp_pool
)
1827 LOG_BUFFER_INIT(f_buf
);
1829 return interpret(expr
);
1833 f_eval_int(struct f_inst
*expr
)
1835 /* Called independently in parse-time to eval expressions */
1836 struct f_val res
= f_eval(expr
, cfg_mem
);
1838 if (res
.type
!= T_INT
)
1839 cf_error("Integer expression expected");
1845 * filter_same - compare two filters
1846 * @new: first filter to be compared
1847 * @old: second filter to be compared, notice that this filter is
1848 * damaged while comparing.
1850 * Returns 1 in case filters are same, otherwise 0. If there are
1851 * underlying bugs, it will rather say 0 on same filters than say
1855 filter_same(struct filter
*new, struct filter
*old
)
1857 if (old
== new) /* Handle FILTER_ACCEPT and FILTER_REJECT */
1859 if (old
== FILTER_ACCEPT
|| old
== FILTER_REJECT
||
1860 new == FILTER_ACCEPT
|| new == FILTER_REJECT
)
1862 return i_same(new->root
, old
->root
);