For example this
Code: Select all
prefix-length=0-32
Code: Select all
dst-len > 32
where is my mind it should be
Code: Select all
dst-len <= 32
prefix-length=0-32
dst-len > 32
dst-len <= 32
--->add action=discard chain=V4-BLOCK-RFC1918 prefix=192.168.0.0/16 prefix-length=0-32
add chain=V4-BLOCK-RFC1918 disabled=no rule="if (dst in 192.168.0.0/16 && dst-len > 32) { reject; }"
--->add action=accept chain=V4-IPT-BGP-IN-AS000000 prefix=0.0.0.0/0 set-bgp-communities="" set-bgp-local-pref=110 set-route-targets=000000:110
add action=discard chain=V4-IPT-BGP-IN-AS000000
add chain=V4-IPT-BGP-IN-AS000000 disabled=no rule="reject;"
--->add action=accept chain=V6-IPT-BGP-OUT-AS000000 prefix=2000:0000::/32 set-bgp-communities=""
add action=accept chain=V6-IPT-BGP-OUT-AS000000 prefix=2000:0000::/48 set-bgp-communities=""
add action=discard chain=V6-IPT-BGP-OUT-AS000000
add chain=V6-IPT-BGP-OUT-AS000000 disabled=no rule="reject;"
81 chain=test-set rule="if (dst == 2000::/32) { accept; }"
82 chain=test-set rule="if (dst == 2000::/48) { accept; }"
83 chain=test-set rule="set bgp-local-pref 110; delete bgp-ext-communities rt; append bgp-ext-communities rt:0:110; accept;"