In version 7 the routing filter deny by default?
In the case of the following filters are they correct?
Can I simplify it even more?
if (
(dst in 0.0.0.0/0 && dst-len in 25-32) ||
(dst in 0.0.0.0/8 && dst-len in 8-32) ||
(dst in 10.0.0.0/8 && dst-len in 8-32) ||
(dst in 100.64.0.0/10 && dst-len in 10-32) ||
(dst in 127.0.0.0/8 && dst-len in 8-32) ||
(dst in 169.254.0.0/16 && dst-len in 16-32) ||
(dst in 172.16.0.0/12 && dst-len in 12-32) ||
(dst in 192.0.0.0/24 && dst-len in 24-32) ||
(dst in 192.0.2.0/24 && dst-len in 24-32) ||
(dst in 192.88.99.0/24 && dst-len in 24-32) ||
(dst in 192.168.0.0/16 && dst-len in 16-32) ||
(dst in 198.18.0.0/15 && dst-len in 15-32) ||
(dst in 198.51.100.0/24 && dst-len in 24-32) ||
(dst in 203.0.113.0/24 && dst-len in 24-32) ||
(dst in 224.0.0.0/4 && dst-len in 4-32) ||
(dst in 240.0.0.0/4 && dst-len in 4-32)
)
{ reject; }
if (
( bgp-as-path 23456 ) ||
( bgp-as-path 64496-131071 ) ||
( bgp-as-path 4200000000-4294967295 ) ||
( bgp-path-len in 65-4294967295 )
)
{ reject }
if ( protocol bgp && bgp-as-path 11111 ) { accept }