[quagga-dev 4419] Re: Problem using undefined access-list in distrbute lists
paul at clubi.ie
Thu Sep 28 16:23:54 BST 2006
On Thu, 28 Sep 2006, Alain Ritoux wrote:
> Within ABR context, if an acces-list is used but not defined, then the result
> is somehow PERMIT. The same behaviour can be seen with distribute-lists as
> But if take a look at route-map management, this is the opposite behaviour,
> i.e. when an acces-list is used in a a test, but not defined, the result is
> I think the second behaviour is better.
Is this a bug or an intentional compatibility behaviour though?
> Here after the suggested modifs, relying on the fact that
> access_list_apply() result is FILTER_DENY when the access-list ptr
> is NULL
> This will change behaviour for what I think is a mis-configured thing, but
> in my opinion it will be safer.
It sounds like unintentional behaviour alright. But I'm not sure.
> Your opinions ?
> Note: From a first view, the same kind of pb exists in ripd (but needs
> more modifs, as ri->list should be keep the ACL name to be able
> to differantiat no acl used from no acl found), and maube others ...
Yeah, very likely. We have a class problem here, as well as in how
delete/update of lists is managed, see, e.g.:
Which suggests the interfaces to these needs improving.
Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
Live Free or Live in Massachusettes.
More information about the Quagga-dev