Implicit ROA check converted to explicit filter instruction sequence

diff --git a/filter/config.Y b/filter/config.Y
index 15b77761b6f8b81e078085536134100ac31f45a0..46ba7769da9b04d667fbf91d437153e500f0aea8 100644 (file)
--- a/filter/config.Y
+++ b/filter/config.Y
@@ -185,6 +185,21 @@ f_generate_empty(struct f_dynamic_attr dyn)
   return f_new_inst(FI_EA_SET, f_new_inst(FI_CONSTANT, empty), dyn);
 }
 
+#define BA_AS_PATH 0x02
+
+static inline struct f_inst *
+f_implicit_roa_check(struct rtable_config *tab)
+{
+  struct f_dynamic_attr fda = f_new_dynamic_attr(EAF_TYPE_AS_PATH, T_PATH, EA_CODE(PROTOCOL_BGP, BA_AS_PATH));
+
+  struct f_static_attr fsa = f_new_static_attr(T_NET, SA_NET, 1);
+
+  return f_new_inst(FI_ROA_CHECK,
+           f_new_inst(FI_RTA_GET, fsa),
+           f_new_inst(FI_AS_PATH_LAST, f_new_inst(FI_EA_GET, fda)),
+           tab);
+}
+
 /*
  * Remove all new lines and doubled whitespaces
  * and convert all tabulators to spaces
@@ -822,8 +837,8 @@ term:
  | DELETE '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_DEL, $3, $5); }
  | FILTER '(' term ',' term ')' { $$ = f_new_inst(FI_CLIST_FILTER, $3, $5); }
 
- | ROA_CHECK '(' rtable ')' { $$ = f_new_inst(FI_ROA_CHECK_IMPLICIT, $3); }
- | ROA_CHECK '(' rtable ',' term ',' term ')' { $$ = f_new_inst(FI_ROA_CHECK_EXPLICIT, $5, $7, $3); }
+ | ROA_CHECK '(' rtable ')' { $$ = f_implicit_roa_check($3); }
+ | ROA_CHECK '(' rtable ',' term ',' term ')' { $$ = f_new_inst(FI_ROA_CHECK, $5, $7, $3); }
 
  | FORMAT '(' term ')' {  $$ = f_new_inst(FI_FORMAT, $3); }
 

diff --git a/filter/f-inst.c b/filter/f-inst.c
index 2c4c97b146f6f282bb4f37b076a235f537a42dc8..8e20dc745103ace43bb94cb48756bca1a500ab22 100644 (file)
--- a/filter/f-inst.c
+++ b/filter/f-inst.c
@@ -1295,37 +1295,7 @@
       runtime("Can't filter non-[e|l]clist");
   }
 
-  INST(FI_ROA_CHECK_IMPLICIT, 0, 1) {  /* ROA Check */
-    NEVER_CONSTANT;
-    RTC(1);
-    struct rtable *table = rtc->table;
-    ACCESS_RTE;
-    ACCESS_EATTRS;
-    const net_addr *net = (*fs->rte)->net->n.addr;
-
-    /* We ignore temporary attributes, probably not a problem here */
-    /* 0x02 is a value of BA_AS_PATH, we don't want to include BGP headers */
-    eattr *e = ea_find(*fs->eattrs, EA_CODE(PROTOCOL_BGP, 0x02));
-
-    if (!e || ((e->type & EAF_TYPE_MASK) != EAF_TYPE_AS_PATH))
-      runtime("Missing AS_PATH attribute");
-
-    u32 as = 0;
-    as_path_get_last(e->u.ptr, &as);
-
-    if (!table)
-      runtime("Missing ROA table");
-
-    if (table->addr_type != NET_ROA4 && table->addr_type != NET_ROA6)
-      runtime("Table type must be either ROA4 or ROA6");
-
-    if (table->addr_type != (net->type == NET_IP4 ? NET_ROA4 : NET_ROA6))
-      RESULT(T_ENUM_ROA, i, ROA_UNKNOWN); /* Prefix and table type mismatch */
-    else
-      RESULT(T_ENUM_ROA, i, [[ net_roa_check(table, net, as) ]]);
-  }
-
-  INST(FI_ROA_CHECK_EXPLICIT, 2, 1) {  /* ROA Check */
+  INST(FI_ROA_CHECK, 2, 1) {   /* ROA Check */
     NEVER_CONSTANT;
     ARG(1, T_NET);
     ARG(2, T_INT);

diff --git a/nest/proto.c b/nest/proto.c
index 7074f73a4e491ef1e0d5f15448ef4252fe3e66b8..c6bda73b979a8d44941756be71369f92b3fbb108 100644 (file)
--- a/nest/proto.c
+++ b/nest/proto.c
@@ -409,14 +409,8 @@ channel_roa_subscribe_filter(struct channel *c, int dir)
   {
     switch (fi->fi_code)
     {
-    case FI_ROA_CHECK_IMPLICIT:
-      tab = fi->i_FI_ROA_CHECK_IMPLICIT.rtc->table;
-      if (valid) channel_roa_subscribe(c, tab, dir);
-      found = 1;
-      break;
-
-    case FI_ROA_CHECK_EXPLICIT:
-      tab = fi->i_FI_ROA_CHECK_EXPLICIT.rtc->table;
+    case FI_ROA_CHECK:
+      tab = fi->i_FI_ROA_CHECK.rtc->table;
       if (valid) channel_roa_subscribe(c, tab, dir);
       found = 1;
       break;