diff options
| author |   claudio <claudio@openbsd.org> | 2010-11-29 17:02:41 +0000 |
|---|---|---|
| committer | claudio <claudio@openbsd.org> | 2010-11-29 17:02:41 +0000 |
| commit | a7c7b371a2e6bae7afbb8c91ee019aa3f3e643dd (patch) | |
| tree | 640a93372c1cb06f5b3d12bb10bf089a5f8cf680 | |
| parent | replace the fork-based-non-blocking-resolver-hack by shiny async resolver (diff) | |
| download | wireguard-openbsd-a7c7b371a2e6bae7afbb8c91ee019aa3f3e643dd.tar.xz wireguard-openbsd-a7c7b371a2e6bae7afbb8c91ee019aa3f3e643dd.zip | |
Deny prefixes that have F_ATTR_PARSE_ERR set by default. Now they
will not leak into the Loc-RIB or other RIBs but act as withdraws.
The invalid prefixes would not been selected anyway but it is better
to keep them out of all RIBs but the Adj-RIB-In.
| -rw-r--r-- | usr.sbin/bgpd/rde_filter.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/usr.sbin/bgpd/rde_filter.c b/usr.sbin/bgpd/rde_filter.c index 436526cf471..d641e68596f 100644 --- a/usr.sbin/bgpd/rde_filter.c +++ b/usr.sbin/bgpd/rde_filter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_filter.c,v 1.64 2010/05/17 16:08:20 claudio Exp $ */ +/* $OpenBSD: rde_filter.c,v 1.65 2010/11/29 17:02:41 claudio Exp $ */ /* * Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org> @@ -42,10 +42,10 @@ rde_filter(u_int16_t ribid, struct rde_aspath **new, struct filter_head *rules, if (asp->flags & F_ATTR_PARSE_ERR) /* - * don't try to filter bad updates but let them through + * don't try to filter bad updates just deny them * so they act as implicit withdraws */ - return (action); + return (ACTION_DENY); TAILQ_FOREACH(f, rules, entry) { if (dir != f->dir) |