This behavior is very non intuitive and makes filter automation much more difficult.
IMO, when using lists, the following should occur:
Then also perhaps consider adding a new, not in prefix operator, "!in"
IMO, when using lists, the following should occur:
Code:
address-list add list=test_list address=192.168.1.0/24address-list add list=test_list address=10.0.0.0/8#accept 192.168.1.0/24, 192.168.1.128/29, 10.1.2.0/24#deny 1.1.1.0/24chain=test_bgp_rule="if (afi ipv4 && dst in test_list) {set bgp-path-prepend 2;accept}"chain=test_bgp_rule="reject;"#accept 192.168.1.0/24#deny 1.1.1.0/24, 192.168.1.128/29, 10.1.2.0/24chain=test_bgp_rule="if (afi ipv4 && dst == test_list) {set bgp-path-prepend 2;accept}"chain=test_bgp_rule="reject;"#accept 1.1.1.0/24, 192.168.1.128/29, 10.1.2.0/24#deny 192.168.1.0/24chain=test_bgp_rule="if (afi ipv4 && dst != test_list) {set bgp-path-prepend 2;accept}"chain=test_bgp_rule="reject;"Code:
address-list add list=test_list address=192.168.1.0/24address-list add list=test_list address=10.0.0.0/8#accept 1.1.1.0/24#deny 192.168.1.0/24, 192.168.1.128/29, 10.1.2.0/24chain=test_bgp_rule="if (afi ipv4 && dst !in test_list) {set bgp-path-prepend 2;accept}"chain=test_bgp_rule="reject;"Statistics: Posted by twofatmonkeys — Sun Feb 11, 2024 12:31 am