FAELIX
/
hphr
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

add bind.so for LD_PRELOAD; run bgpq3 on the router again

Browse Source
master
Marek Isalski 6 years ago
parent 87807af1d4
commit b60798c787
2 changed files with 19 additions and 13 deletions
Show Stats Download Patch File Download Diff File

8
hphr.sls
Unescape Escape View File

@ -1,7 +1,12 @@
/tmp/bgpq3: /tmp/bgpq3:
file.managed: file.managed:
- source: salt://bgpq3-linux-amd64 - source: salt://bgpq3-linux-amd64
- mode: 700 - mode: 755
/tmp/bind.so:
file.managed:
- source: salt://bind.so
- mode: 755
/config/config.new: /config/config.new:
file.managed: file.managed:
@ -9,6 +14,7 @@
- source: salt://vyos.conf.j2 - source: salt://vyos.conf.j2
- require: - require:
- file: /tmp/bgpq3 - file: /tmp/bgpq3
- file: /tmp/bind.so
configure: configure:
cmd.script: cmd.script:

24
vyos.conf.j2
Unescape Escape View File

@ -265,7 +265,7 @@ protocols {
policy { policy {
prefix-list static-NO-IPv4 { prefix-list hphr-NO-IPv4 {
rule 1 { rule 1 {
prefix 0.0.0.0/0 prefix 0.0.0.0/0
le 32 le 32
@ -273,7 +273,7 @@ policy {
} }
} }
prefix-list static-ALL-IPv4 { prefix-list hphr-ALL-IPv4 {
rule 1 { rule 1 {
prefix 0.0.0.0/0 prefix 0.0.0.0/0
le 32 le 32
@ -281,7 +281,7 @@ policy {
} }
} }
prefix-list static-DEFAULT-IPv4 { prefix-list hphr-DEFAULT-IPv4 {
rule 1 { rule 1 {
prefix 0.0.0.0/0 prefix 0.0.0.0/0
action permit action permit
@ -293,7 +293,7 @@ policy {
} }
} }
prefix-list static-DFZ-IPv4 { prefix-list hphr-DFZ-IPv4 {
rule 100 { rule 100 {
prefix 192.168.0.0/16 prefix 192.168.0.0/16
description "RFC1918" description "RFC1918"
@ -384,7 +384,7 @@ policy {
} }
} }
prefix-list static-DFZ-DEFAULT-IPv4 { prefix-list hphr-DFZ-DEFAULT-IPv4 {
rule 10 { rule 10 {
prefix 0.0.0.0/0 prefix 0.0.0.0/0
action permit action permit
@ -479,7 +479,7 @@ policy {
} }
} }
prefix-list6 static-NO-IPv6 { prefix-list6 hphr-NO-IPv6 {
rule 1 { rule 1 {
prefix ::/0 prefix ::/0
le 128 le 128
@ -487,7 +487,7 @@ policy {
} }
} }
prefix-list6 static-ALL-IPv6 { prefix-list6 hphr-ALL-IPv6 {
rule 1 { rule 1 {
prefix ::/0 prefix ::/0
le 128 le 128
@ -495,7 +495,7 @@ policy {
} }
} }
prefix-list6 static-DEFAULT-IPv6 { prefix-list6 hphr-DEFAULT-IPv6 {
rule 1 { rule 1 {
prefix ::/0 prefix ::/0
action permit action permit
@ -507,7 +507,7 @@ policy {
} }
} }
prefix-list6 static-DFZ-IPv6 { prefix-list6 hphr-DFZ-IPv6 {
rule 100 { rule 100 {
prefix ::/128 prefix ::/128
description "not self" description "not self"
@ -585,7 +585,7 @@ policy {
} }
} }
prefix-list6 static-DFZ-DEFAULT-IPv6 { prefix-list6 hphr-DFZ-DEFAULT-IPv6 {
rule 10 { rule 10 {
prefix ::/0 prefix ::/0
action permit action permit
@ -669,7 +669,7 @@ policy {
{% for prefix_list_name, bgpq3_query in salt['pillar.get']("policy:prefix-list",{}).items() %} {% for prefix_list_name, bgpq3_query in salt['pillar.get']("policy:prefix-list",{}).items() %}
prefix-list {{ prefix_list_name }} { prefix-list {{ prefix_list_name }} {
{% import_yaml ("routes/" + prefix_list_name + ".json4") as jsonblob %} {% set jsonblob = salt['cmd.run']('/tmp/bgpq3 -A -6 -j ' + bgpq3_query["IPv6"], env={'BIND_ADDR':pillar['loopback']['IPv4'], 'BIND_ADDR6':pillar['loopback']['IPv6'], 'LD_PRELOAD':'/tmp/bind.so'})|load_json %}
{% for prefix in jsonblob.NN %} {% for prefix in jsonblob.NN %}
rule {{ loop.index }} { rule {{ loop.index }} {
action permit action permit
@ -688,7 +688,7 @@ policy {
{% for prefix_list_name, bgpq3_query in salt['pillar.get']("policy:prefix-list",{}).items() %} {% for prefix_list_name, bgpq3_query in salt['pillar.get']("policy:prefix-list",{}).items() %}
prefix-list6 {{ prefix_list_name }} { prefix-list6 {{ prefix_list_name }} {
{% import_yaml ("routes/" + prefix_list_name + ".json6") as jsonblob %} {% set jsonblob = salt['cmd.run']('/tmp/bgpq3 -A -6 -j ' + bgpq3_query["IPv6"], env={'BIND_ADDR':pillar['loopback']['IPv4'], 'BIND_ADDR6':pillar['loopback']['IPv6'], 'LD_PRELOAD':'/tmp/bind.so'})|load_json %}
{% for prefix in jsonblob.NN %} {% for prefix in jsonblob.NN %}
rule {{ loop.index }} { rule {{ loop.index }} {
action permit action permit

Write Preview
Loading…
Cancel
Save