Exact Definition of numbers-match bitmask-match and fragmentation-type
Matt Corallo
birdlist at as397444.net
Tue May 18 17:15:07 CEST 2021
On 5/18/21 09:43, Ondrej Zajicek wrote:
> On Mon, May 17, 2021 at 08:27:10PM -0400, Matt Corallo wrote:
>> On 5/17/21 19:44, Ondrej Zajicek wrote:
>>> On Mon, May 17, 2021 at 01:48:19PM -0400, Matt Corallo wrote:
>>> You are right. My comment above is true for numeric ops, but for bitmask
>>> ops the ',' is the same as '&&', i am not really sure why. This seems
>>> confusing and it is undocumented.
>>
>> Ha! right, yea, some documentation would be helpful. Just to double-check, fragmentation-type uses "," as ||, correct?
>
> No, fragmentation-type is just a variant of bitmask.
Oof. Ok, thanks, updated my BIRD flowspec -> XDP converter.
> I think that a way out of this confusion is to deprecate ',' from bitmask
> (and fragmentation) and always show && or || (but keep ',' in parser for
> compatibility reasons). And leave ',' only for list of numerical values
> where the meaning is clear.
>
> I think that if i knew nothing about BIRD flowspec syntax, then expression
> "port 10,20,30..40" is clear to me, but "tcp flags 0x2/0x3,0x0/0x10" definitely
> is not (while "tcp flags 0x2/0x3 && 0x0/0x10" is a bit more comprehensible).
Yea, this seems reasonable. If the `,` stays in, it may still make sense to note it in the docs.
More information about the Bird-users
mailing list