bird-rs-cron/bin/update-check-import.sh

#!/bin/sh

set -e

if [ ! -f /usr/local/etc/bird-peers-update.conf ]; then
	printf "Write /usr/local/etc/bird-peers-update.conf with at least "
	printf "PDB_API_KEY and BIRD_CONF_PATH vars\n"
	exit 1
else
	. /usr/local/etc/bird-peers-update.conf
fi

# comma list
NEVER_VIA_RS_LIST="$(
	curl -H 'Authorization: Api-Key '"${PDB_API_KEY}" \
		-s 'https://www.peeringdb.com/api/net?info_never_via_route_servers=1' | \
		jq '.data[].asn' | sort -n | tr '\n' ',' | sed 's/,/, /g;s/, $//'
)"

# bird set
NEVER_VIA_RS_SET="$(
	printf "[ ${NEVER_VIA_RS_LIST} ]"
)"


if [ -n "${NEVER_VIA_RS_SET}" ]; then
printf "# generated by $0 $@
function check_import(int peeras; ip nexthop)
  int set reserved_asn;
  int set never_via_rs;
{
    reserved_asn = [ 0, 64297..131071, 4200000000..4294967294, 4294967295 ];

    never_via_rs = ${NEVER_VIA_RS_SET};

    # Check that the next AS is our neighbour's.
    # Same for next-hop
    if bgp_path.first != peeras then return false;
    if bgp_next_hop != nexthop then return false;

    # AS_PATH too long (8 because a member could re-annonce its clients, and
    # the clients of it clients, and prepend on the IXP)
    if bgp_path.len > 8 then return false;

	# Don't accept if path contains a reserved AS
	# Disabled because it removes legit prefixes
	if bgp_path ~ reserved_asn then return false;
	if bgp_path ~ never_via_rs then return false;

    return true;
}
" > "${BIRD_CONF_PATH}"/check_import.conf
fi
First code sync Signed-off-by: Alarig Le Lay <alelay@scaleway.com> 2024-10-17 15:28:02 +02:00			`#!/bin/sh`

			`set -e`

			`if [ ! -f /usr/local/etc/bird-peers-update.conf ]; then`
			`printf "Write /usr/local/etc/bird-peers-update.conf with at least "`
			`printf "PDB_API_KEY and BIRD_CONF_PATH vars\n"`
			`exit 1`
			`else`
			`. /usr/local/etc/bird-peers-update.conf`
			`fi`

			`# comma list`
			`NEVER_VIA_RS_LIST="$(`
			`curl -H 'Authorization: Api-Key '"${PDB_API_KEY}" \`
			`-s 'https://www.peeringdb.com/api/net?info_never_via_route_servers=1' \| \`
			`jq '.data[].asn' \| sort -n \| tr '\n' ',' \| sed 's/,/, /g;s/, $//'`
			`)"`

			`# bird set`
			`NEVER_VIA_RS_SET="$(`
			`printf "[ ${NEVER_VIA_RS_LIST} ]"`
			`)"`


			`if [ -n "${NEVER_VIA_RS_SET}" ]; then`
			`printf "# generated by $0 $@`
			`function check_import(int peeras; ip nexthop)`
			`int set reserved_asn;`
			`int set never_via_rs;`
			`{`
			`reserved_asn = [ 0, 64297..131071, 4200000000..4294967294, 4294967295 ];`

			`never_via_rs = ${NEVER_VIA_RS_SET};`

			`# Check that the next AS is our neighbour's.`
			`# Same for next-hop`
			`if bgp_path.first != peeras then return false;`
			`if bgp_next_hop != nexthop then return false;`

			`# AS_PATH too long (8 because a member could re-annonce its clients, and`
			`# the clients of it clients, and prepend on the IXP)`
			`if bgp_path.len > 8 then return false;`

			`# Don't accept if path contains a reserved AS`
			`# Disabled because it removes legit prefixes`
			`if bgp_path ~ reserved_asn then return false;`
			`if bgp_path ~ never_via_rs then return false;`

			`return true;`
			`}`
			`" > "${BIRD_CONF_PATH}"/check_import.conf`
			`fi`