Add support for Nokia SR Linux IP prefix lists / ACL filters (#91)

* Add support for Nokia SR Linux prefix sets * Update tests * Update docs * Fix ACL prefix filter
2025-02-28 08:53:11 +00:00 · 2023-05-25 11:47:09 -05:00
parent 3c201684b6
commit aee7adb698
7 changed files with 137 additions and 5 deletions
--- a/printer.c
+++ b/printer.c
@@ -40,6 +40,13 @@

 extern int debug_expander;

+#define max(a,b)             \
+({                           \
+    __typeof__ (a) _a = (a); \
+    __typeof__ (b) _b = (b); \
+    _a > _b ? _a : _b;       \
+})
+
 static void 
 bgpq4_print_cisco_aspath(FILE *f, struct bgpq_expander *b)
 {
@@ -1370,6 +1377,60 @@ checkSon:

 }

+static void
+bgpq4_print_nokia_srl_prefix(struct sx_radix_node *n, void *ff)
+{
+	char 	 prefix[128];
+	FILE	*f = (FILE*)ff;
+
+	if (n->isGlue)
+		goto checkSon;
+
+	if (!f)
+		f = stdout;
+
+	sx_prefix_snprintf(n->prefix, prefix, sizeof(prefix));
+
+	if (!n->isAggregate) {
+		fprintf(f, "    prefix %s mask-length-range exact { }\n", prefix);
+	} else {
+		fprintf(f, "    prefix %s mask-length-range %u..%u { }\n", prefix, 
+		  max(n->aggregateLow,n->prefix->masklen), n->aggregateHi);
+	}
+
+checkSon:
+	if (n->son)
+		bgpq4_print_nokia_srl_prefix(n->son, ff);
+}
+
+typedef struct {
+	FILE *f;
+	int seq;
+} NOKIA_SRL_IPFILTER_PARAMS;
+
+static void
+bgpq4_print_nokia_srl_ipfilter(struct sx_radix_node *n, void *ff)
+{
+	char 	 prefix[128];
+	NOKIA_SRL_IPFILTER_PARAMS *params = (NOKIA_SRL_IPFILTER_PARAMS*) ff;
+
+	if (n->isGlue)
+		goto checkSon;
+
+	if (!params->f)
+		params->f = stdout;
+
+	sx_prefix_snprintf(n->prefix, prefix, sizeof(prefix));
+
+	fprintf(params->f, " entry %d {\n  action { accept { } }\n  match { source-ip { prefix %s } } }\n", params->seq, prefix);
+	params->seq += 10;
+
+checkSon:
+	if (n->son) {
+		bgpq4_print_nokia_srl_ipfilter(n->son, ff);
+	}
+}
+
 static void
 bgpq4_print_juniper_prefixlist(FILE *f, struct bgpq_expander *b)
 {
@@ -1716,6 +1777,45 @@ bgpq4_print_nokia_md_ipprefixlist(FILE *f, struct bgpq_expander *b)
 	fprintf(f,"}\n");
 }

+static void
+bgpq4_print_nokia_srl_prefixset(FILE *f, struct bgpq_expander *b)
+{
+	bname = b->name ? b->name : "NN";
+
+	fprintf(f, "/routing-policy\ndelete prefix-set \"%s\"\n",
+	    bname);
+
+	fprintf(f, "prefix-set \"%s\" {\n", bname);
+
+	if (!sx_radix_tree_empty(b->tree)) {
+		sx_radix_tree_foreach(b->tree, bgpq4_print_nokia_srl_prefix, f);
+	}
+
+	fprintf(f,"}\n");
+}
+
+static void
+bgpq4_print_nokia_srl_aclipfilter(FILE *f, struct bgpq_expander *b)
+{
+	bname = b->name ? b->name : "NN";
+
+	fprintf(f,"/acl \ndelete ipv%c-filter \"%s\"\n",
+	    b->tree->family == AF_INET ? '4' : '6', bname);
+
+	fprintf(f,"ipv%c-filter \"%s\" {\n",
+	    b->tree->family == AF_INET ? '4' : '6', bname);
+
+	if (!sx_radix_tree_empty(b->tree)) {
+		NOKIA_SRL_IPFILTER_PARAMS params = { f, 10 };
+		sx_radix_tree_foreach(b->tree, bgpq4_print_nokia_srl_ipfilter, &params);
+	} else {
+		fprintf(f,"# generated ipv%c-filter '%s' is empty\n",
+		    b->tree->family == AF_INET ? '4' : '6', bname);
+	}
+
+	fprintf(f,"}\n");
+}
+
 static void
 bgpq4_print_k6prefix(struct sx_radix_node *n, void *ff)
 {
@@ -1827,6 +1927,9 @@ bgpq4_print_prefixlist(FILE *f, struct bgpq_expander *b)
 	case V_NOKIA_MD:
 		bgpq4_print_nokia_md_ipprefixlist(f, b);
 		break;
+	case V_NOKIA_SRL:
+		bgpq4_print_nokia_srl_prefixset(f, b);
+		break;
 	case V_HUAWEI:
 		bgpq4_print_huawei_prefixlist(f, b);
 		break;
@@ -1863,6 +1966,9 @@ bgpq4_print_eacl(FILE *f, struct bgpq_expander *b)
 	case V_NOKIA_MD:
 		bgpq4_print_nokia_md_prefixlist(f, b);
 		break;
+	case V_NOKIA_SRL:
+		bgpq4_print_nokia_srl_aclipfilter(f, b);
+		break;
 	default:
 		sx_report(SX_FATAL, "unreachable point\n");
 	}