From 26d631b25730ad3cab53fa3cdf9b184b035f264d Mon Sep 17 00:00:00 2001 From: Job Snijders Date: Tue, 20 Jun 2023 12:12:37 +0000 Subject: [PATCH] By default disallow 23456 as origin Can be bypassed with '-p' --- VERSION | 2 +- bgpq4.8 | 3 ++- expander.c | 10 +++++----- main.c | 1 + 4 files changed, 9 insertions(+), 7 deletions(-) diff --git a/VERSION b/VERSION index c044b1a..0960158 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.10 +1.11 diff --git a/bgpq4.8 b/bgpq4.8 index 6d4a692..90ff1d3 100644 --- a/bgpq4.8 +++ b/bgpq4.8 @@ -114,7 +114,8 @@ generate config for Nokia SR Linux (Cisco IOS by default) .It Fl N generate config for Nokia SR OS classic CLI (Cisco IOS by default). .It Fl p -emit prefixes where the origin ASN is in the private ASN range (disabled by default). +emit prefixes where the origin ASN is 23456 or in the private ASN range +(disabled by default). .It Fl r Ar len allow more specific routes starting with specified masklen too. .It Fl R Ar len diff --git a/expander.c b/expander.c index 7ec87c0..8221df6 100644 --- a/expander.c +++ b/expander.c @@ -183,7 +183,7 @@ int bgpq_expander_add_as(struct bgpq_expander *b, char *as) { char *eoa; - uint32_t asno = 0; + uint32_t asno = 0; struct asn_entry *asne; if (!b || !as) @@ -191,14 +191,14 @@ bgpq_expander_add_as(struct bgpq_expander *b, char *as) asno = strtoul(as + 2, &eoa, 10); if (eoa && *eoa != 0) { - sx_report(SX_ERROR,"Invalid symbol in AS number: '%c' in %s\n", + sx_report(SX_ERROR, "Invalid symbol in AS number: '%c' in %s\n", *eoa, as); return 0; } - if (!expand_special_asn && - (asno >= 4200000000ul || (asno >= 64496 && asno <= 65551))) { - sx_report(SX_ERROR,"Invalid AS number: %u\n", asno); + if (!expand_special_asn && (asno == 23456 || asno >= 4200000000ul + || (asno >= 64496 && asno <= 65551))) { + sx_report(SX_ERROR, "Invalid AS number: %u\n", asno); return 0; } diff --git a/main.c b/main.c index 383ccdf..bb8b3c6 100644 --- a/main.c +++ b/main.c @@ -94,6 +94,7 @@ usage(int ecode) printf(" -M match : extra match conditions for JunOS route-filters\n"); printf(" -l name : use specified name for generated access/prefix/.." " list\n"); + printf(" -p : allow special ASNs like 23456 or in the private range"); printf(" -R len : allow more specific routes up to specified masklen\n"); printf(" -r len : allow more specific routes from masklen specified\n"); printf(" -s : generate sequence numbers in prefix-lists (IOS only)\n");