From: Philippe Guibert <philippe.guibert@6wind.com>
Date: Tue, 27 Nov 2018 12:35:28 +0000 (+0100)
Subject: bgpd: bgp pbr ignores bgp fs entries with 0.0.0.0 ips written.
X-Git-Tag: frr-7.1-dev~141^2
X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=4c2876fb8d61cd3e2bf9668fdc10bd30140ef3af;p=matthieu%2Ffrr.git

bgpd: bgp pbr ignores bgp fs entries with 0.0.0.0 ips written.

when converting bgp fs entries to bgp pbr entries, the fields of the
flowspec are analysed. In the case src ip or dst ip is set to 0.0.0.0,
that field is ignored, thus preventing from injecting a rule that can
not be injected into the pbr. This can be done by avoiding mentioning
the field in the bitmask structure used to convert data to pbr entries.

PR=61620
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Acked-by: Emmanuel Vize <emmanuel.vize@6wind.com>
---

diff --git a/bgpd/bgp_flowspec_util.c b/bgpd/bgp_flowspec_util.c
index cb71a64a85..c6386dcdb5 100644
--- a/bgpd/bgp_flowspec_util.c
+++ b/bgpd/bgp_flowspec_util.c
@@ -449,8 +449,17 @@ int bgp_flowspec_match_rules_fill(uint8_t *nlri_content, int len,
 				flog_err(EC_BGP_FLOWSPEC_PACKET,
 					 "%s: flowspec_ip_address error %d",
 					 __func__, error);
-			else
-				bpem->match_bitmask |= bitmask;
+			else {
+				/* if src or dst address is 0.0.0.0,
+				 * ignore that rule
+				 */
+				if (prefix->family == AF_INET
+				    && prefix->u.prefix4.s_addr == 0)
+					memset(prefix, 0,
+					       sizeof(struct prefix));
+				else
+					bpem->match_bitmask |= bitmask;
+			}
 			offset += ret;
 			break;
 		case FLOWSPEC_IP_PROTOCOL: