From 650f76c2e1b0b12e1c46fdd3be22c5f505245d83 Mon Sep 17 00:00:00 2001 From: Paul Jakma Date: Thu, 25 Jun 2009 18:06:31 +0100 Subject: [bgpd] Log a debug/update warning if filters are configured but don't exist * bgp_route.c: (bgp_{input,output}_filter) Log a debug warning if a route is received or sent and a filter name is configured for a prefix, as or distribute list but none is found - guaranteed configuration mistake. --- bgpd/bgp_route.c | 46 +++++++++++++++++++++++++++++++++++++++------- 1 file changed, 39 insertions(+), 7 deletions(-) (limited to 'bgpd') diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index 5e175c8e..87fe7f5c 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -530,19 +530,35 @@ bgp_input_filter (struct peer *peer, struct prefix *p, struct attr *attr, filter = &peer->filter[afi][safi]; - if (DISTRIBUTE_IN_NAME (filter)) +#define FILTER_EXIST_WARN(F,f,filter) \ + if (BGP_DEBUG (update, UPDATE_IN) \ + && !(F ## _IN (filter))) \ + plog_warn (peer->log, "%s: Could not find configured input %s-list %s!", \ + peer->host, #f, F ## _IN_NAME(filter)); + + if (DISTRIBUTE_IN_NAME (filter)) { + FILTER_EXIST_WARN(DISTRIBUTE, distribute, filter); + if (access_list_apply (DISTRIBUTE_IN (filter), p) == FILTER_DENY) return FILTER_DENY; + } - if (PREFIX_LIST_IN_NAME (filter)) + if (PREFIX_LIST_IN_NAME (filter)) { + FILTER_EXIST_WARN(PREFIX_LIST, prefix, filter); + if (prefix_list_apply (PREFIX_LIST_IN (filter), p) == PREFIX_DENY) return FILTER_DENY; + } - if (FILTER_LIST_IN_NAME (filter)) + if (FILTER_LIST_IN_NAME (filter)) { + FILTER_EXIST_WARN(FILTER_LIST, as, filter); + if (as_list_apply (FILTER_LIST_IN (filter), attr->aspath)== AS_FILTER_DENY) return FILTER_DENY; - + } + return FILTER_PERMIT; +#undef FILTER_EXIST_WARN } static enum filter_type @@ -553,19 +569,35 @@ bgp_output_filter (struct peer *peer, struct prefix *p, struct attr *attr, filter = &peer->filter[afi][safi]; - if (DISTRIBUTE_OUT_NAME (filter)) +#define FILTER_EXIST_WARN(F,f,filter) \ + if (BGP_DEBUG (update, UPDATE_OUT) \ + && !(F ## _OUT (filter))) \ + plog_warn (peer->log, "%s: Could not find configured output %s-list %s!", \ + peer->host, #f, F ## _OUT_NAME(filter)); + + if (DISTRIBUTE_OUT_NAME (filter)) { + FILTER_EXIST_WARN(DISTRIBUTE, distribute, filter); + if (access_list_apply (DISTRIBUTE_OUT (filter), p) == FILTER_DENY) return FILTER_DENY; + } - if (PREFIX_LIST_OUT_NAME (filter)) + if (PREFIX_LIST_OUT_NAME (filter)) { + FILTER_EXIST_WARN(PREFIX_LIST, prefix, filter); + if (prefix_list_apply (PREFIX_LIST_OUT (filter), p) == PREFIX_DENY) return FILTER_DENY; + } - if (FILTER_LIST_OUT_NAME (filter)) + if (FILTER_LIST_OUT_NAME (filter)) { + FILTER_EXIST_WARN(FILTER_LIST, as, filter); + if (as_list_apply (FILTER_LIST_OUT (filter), attr->aspath) == AS_FILTER_DENY) return FILTER_DENY; + } return FILTER_PERMIT; +#undef FILTER_EXIST_WARN } /* If community attribute includes no_export then return 1. */ -- cgit v1.2.1