diff options
| author | Corey Siltala <csiltala@atcorp.com> | 2024-11-25 10:36:54 -0600 |
|---|---|---|
| committer | Corey Siltala <csiltala@atcorp.com> | 2024-12-06 14:44:17 -0600 |
| commit | 4de4017d64ccaaa5a0f768873bc36aad4a8912a6 (patch) | |
| tree | 7bb032b90c4c08f3f65f188f60220e267f0a89a4 /pimd/pim_igmpv2.c | |
| parent | a9bee74ea2ed6e91a7a49d291ad1a8d3c2c1bec0 (diff) | |
pimd,yang: Extend multicast boundary functionality
Add new interface command ip multicast boundary ACCESSLIST4_NAME. This
allows filtering on both source and group using the extended access-list
syntax vs. group-only as with the existing "ip multicast boundary oil"
command, which uses prefix-lists. If both are configured, the prefix-
list is evaluated first. The default behavior for both prefix-lists and
access-lists remains "deny", so the prefix-list must have a terminating
"permit" statement in order to also evaluate against the access-list.
The following example denies groups in range 229.1.1.0/24 and groups in
range 232.1.1.0/24 with source 10.0.20.2:
!
ip prefix-list pim-oil-plist seq 10 deny 229.1.1.0/24
ip prefix-list pim-oil-plist seq 20 permit any
!
access-list pim-acl seq 10 deny ip host 10.0.20.2 232.1.1.0 0.0.0.255
access-list pim-acl seq 20 permit ip any any
!
interface r1-eth0
ip address 10.0.20.1/24
ip igmp
ip pim
ip multicast boundary oil pim-oil-plist
ip multicast boundary pim-acl
!
Signed-off-by: Corey Siltala <csiltala@atcorp.com>
Diffstat (limited to 'pimd/pim_igmpv2.c')
| -rw-r--r-- | pimd/pim_igmpv2.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/pimd/pim_igmpv2.c b/pimd/pim_igmpv2.c index 944dffdc33..720a4944fe 100644 --- a/pimd/pim_igmpv2.c +++ b/pimd/pim_igmpv2.c @@ -134,6 +134,9 @@ int igmp_v2_recv_report(struct gm_sock *igmp, struct in_addr from, ifp->name, group_str); } + if (pim_is_group_filtered(pim_ifp, &group_addr, NULL)) + return -1; + /* * RFC 4604 * section 2.2.1 |