embedaddon/quagga/doc/filter.texi - view

Return to filter.texi CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / quagga / doc

File: [ELWIX - Embedded LightWeight unIX -] / embedaddon / quagga / doc / filter.texi
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 17:26:11 2012 UTC (12 years, 4 months ago) by misho
Branches: quagga, MAIN
CVS tags: v1_0_20160315, v0_99_22p0, v0_99_22, v0_99_21, v0_99_20_1, v0_99_20, HEAD

quagga

    1: @node Filtering
    2: @comment  node-name,  next,  previous,  up
    3: @chapter Filtering
    4: 
    5: Quagga provides many very flexible filtering features.  Filtering is used
    6: for both input and output of the routing information.  Once filtering is
    7: defined, it can be applied in any direction.
    8: 
    9: @menu
   10: * IP Access List::              
   11: * IP Prefix List::              
   12: @end menu
   13: 
   14: @node IP Access List
   15: @comment  node-name,  next,  previous,  up
   16: @section IP Access List
   17: 
   18: @deffn {Command} {access-list @var{name} permit @var{ipv4-network}} {}
   19: @deffnx {Command} {access-list @var{name} deny @var{ipv4-network}} {}
   20: @end deffn
   21: 
   22: Basic filtering is done by @code{access-list} as shown in the
   23: following example.
   24: 
   25: @example
   26: access-list filter deny 10.0.0.0/9
   27: access-list filter permit 10.0.0.0/8
   28: @end example
   29: 
   30: @node IP Prefix List
   31: @comment  node-name,  next,  previous,  up
   32: @section IP Prefix List
   33: 
   34: @command{ip prefix-list} provides the most powerful prefix based
   35: filtering mechanism.  In addition to @command{access-list} functionality,
   36: @command{ip prefix-list} has prefix length range specification and
   37: sequential number specification.  You can add or delete prefix based
   38: filters to arbitrary points of prefix-list using sequential number specification.
   39: 
   40: If no ip prefix-list is specified, it acts as permit.  If @command{ip prefix-list} 
   41: is defined, and no match is found, default deny is applied.
   42: 
   43: @c @deffn {Command} {ip prefix-list @var{name} [seq @var{number}] permit|deny [le @var{prefixlen}] [ge @var{prefixlen}]} {}
   44: @deffn {Command} {ip prefix-list @var{name} (permit|deny) @var{prefix} [le @var{len}] [ge @var{len}]} {}
   45: @deffnx {Command} {ip prefix-list @var{name} seq @var{number} (permit|deny) @var{prefix} [le @var{len}] [ge @var{len}]} {}
   46: 
   47: You can create @command{ip prefix-list} using above commands.
   48: 
   49: @table @asis
   50: 
   51: @item @asis{seq}
   52: seq @var{number} can be set either automatically or manually.  In the
   53: case that sequential numbers are set manually, the user may pick any
   54: number less than 4294967295.  In the case that sequential number are set
   55: automatically, the sequential number will increase by a unit of five (5)
   56: per list.  If a list with no specified sequential number is created
   57: after a list with a specified sequential number, the list will
   58: automatically pick the next multiple of five (5) as the list number.
   59: For example, if a list with number 2 already exists and a new list with
   60: no specified number is created, the next list will be numbered 5.  If
   61: lists 2 and 7 already exist and a new list with no specified number is
   62: created, the new list will be numbered 10.
   63: 
   64: @item @asis{le}
   65: @command{le} command specifies prefix length.  The prefix list will be 
   66: applied if the prefix length is less than or equal to the le prefix length.
   67: 
   68: @item @asis{ge}
   69: @command{ge} command specifies prefix length.  The prefix list will be 
   70: applied if the prefix length is greater than or equal to the ge prefix length.
   71: 
   72: @end table
   73: 
   74: @end deffn
   75: 
   76: Less than or equal to prefix numbers and greater than or equal to
   77: prefix numbers can be used together.  The order of the le and ge
   78: commands does not matter.
   79: 
   80: If a prefix list with a different sequential number but with the exact
   81: same rules as a previous list is created, an error will result.
   82: However, in the case that the sequential number and the rules are
   83: exactly similar, no error will result.
   84: 
   85: If a list with the same sequential number as a previous list is created,
   86: the new list will overwrite the old list.
   87: 
   88: Matching of IP Prefix is performed from the smaller sequential number to the
   89: larger.  The matching will stop once any rule has been applied.
   90: 
   91: In the case of no le or ge command, the prefix length must match exactly the
   92: length specified in the prefix list.
   93: 
   94: @deffn {Command} {no ip prefix-list @var{name}} {}
   95: @end deffn
   96: 
   97: @menu
   98: * ip prefix-list description::  
   99: * ip prefix-list sequential number control::  
  100: * Showing ip prefix-list::      
  101: * Clear counter of ip prefix-list::  
  102: @end menu
  103: 
  104: @node ip prefix-list description
  105: @subsection ip prefix-list description
  106: 
  107: @deffn {Command} {ip prefix-list @var{name} description @var{desc}} {}
  108: Descriptions may be added to prefix lists.  This command adds a
  109: description to the prefix list.
  110: @end deffn
  111: 
  112: @deffn {Command} {no ip prefix-list @var{name} description [@var{desc}]} {}
  113: Deletes the description from a prefix list.  It is possible to use the
  114: command without the full description.
  115: @end deffn
  116: 
  117: @node  ip prefix-list sequential number control
  118: @subsection ip prefix-list sequential number control
  119: 
  120: @deffn {Command} {ip prefix-list sequence-number} {}
  121: With this command, the IP prefix list sequential number is displayed.
  122: This is the default behavior.
  123: @end deffn
  124: 
  125: @deffn {Command} {no ip prefix-list sequence-number} {}
  126: With this command, the IP prefix list sequential number is not
  127: displayed.
  128: @end deffn
  129: 
  130: @node  Showing ip prefix-list
  131: @subsection Showing ip prefix-list
  132: 
  133: @deffn {Command} {show ip prefix-list} {}
  134: Display all IP prefix lists.
  135: @end deffn
  136: 
  137: @deffn {Command} {show ip prefix-list @var{name}} {}
  138: Show IP prefix list can be used with a prefix list name.
  139: @end deffn
  140: 
  141: @deffn {Command} {show ip prefix-list @var{name} seq @var{num}} {}
  142: Show IP prefix list can be used with a prefix list name and sequential
  143: number.
  144: @end deffn
  145: 
  146: @deffn {Command} {show ip prefix-list @var{name} @var{a.b.c.d/m}} {}
  147: If the command longer is used, all prefix lists with prefix lengths equal to
  148: or longer than the specified length will be displayed.
  149: If the command first match is used, the first prefix length match will be
  150: displayed.
  151: @end deffn
  152: 
  153: @deffn {Command} {show ip prefix-list @var{name} @var{a.b.c.d/m} longer} {}
  154: @end deffn
  155: 
  156: @deffn {Command} {show ip prefix-list @var{name} @var{a.b.c.d/m} first-match} {}
  157: @end deffn
  158: 
  159: @deffn {Command} {show ip prefix-list summary} {}
  160: @end deffn
  161: @deffn {Command} {show ip prefix-list summary @var{name}} {}
  162: @end deffn
  163: 
  164: @deffn {Command} {show ip prefix-list detail} {}
  165: @end deffn
  166: @deffn {Command} {show ip prefix-list detail @var{name}} {}
  167: @end deffn
  168: 
  169: @node  Clear counter of ip prefix-list
  170: @subsection Clear counter of ip prefix-list
  171: 
  172: @deffn {Command} {clear ip prefix-list} {}
  173: Clears the counters of all IP prefix lists.  Clear IP Prefix List can be
  174: used with a specified name and prefix.
  175: @end deffn
  176: 
  177: @deffn {Command} {clear ip prefix-list @var{name}} {}
  178: @end deffn
  179: 
  180: @deffn {Command} {clear ip prefix-list @var{name} @var{a.b.c.d/m}} {}
  181: @end deffn
  182:

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>