On Wed, Mar 21, 2018 at 04:29:13PM +0200, Javor Kliachev wrote:
> Hi,
>
> Thank you very much for the fast response.
>
> The patch has completely fixed the issue!
>
> One more question about the ROA:
>
> Is it possible to use roa_check() into another function and first parameter
> of the roa_check to be some argument like peer_as for an example:
>
> roa table 65501 {
> roa 1.2.3.0/24 max 32 as 65501;
> }
>
>
> function BGP_IN(*int peer_as*) {
>
> if roa_check(*peer_as*, net, bgp_path.last) = ROA_INVALID then {
> print "ROA check failed for ", net, " from ASN ", bgp_path.last;
> return false;
> }
>
> if roa_check(*peer_as*, net, bgp_path.last) = ROA_UNKNOWN then {
> print "ROA check failed: unallowed prefix - ", net, " origin ASN ",
> bgp_path.last , " - AS-PATH", bgp_path , " via ", proto; return false;
> }
> return true;
> }
>
> When I put the above lines in the configuration and try to reconfigure I got
> the following error:
No, you hae to use switch based on peer_as.
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santi...@crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
