Expand description
§Message Filters
The filter module defines a number of available filters that users can use, and implements the filtering mechanism for BgpElem.
The available filters are:
origin_asn– origin AS numberorigin_asns– multiple origin AS numbers (OR logic)prefix– network prefix and match typeprefixes– multiple network prefixes (OR logic)peer_ip– peer’s IP addresspeer_ips– peers’ IP addresses (OR logic)peer_asn– peer’s AS numberpeer_asns– multiple peer AS numbers (OR logic)type– message type (withdraworannounce)ts_start– start and end unix timestampas_path– regular expression for AS path stringip_version– IP version (ipv4oripv6)
§Negative Filters
Most filters support negation by prefixing the filter value with !. For example:
origin_asn=!13335– matches elements where origin AS is NOT 13335prefix=!10.0.0.0/8– matches elements where prefix is NOT 10.0.0.0/8peer_ip=!192.168.1.1– matches elements where peer IP is NOT 192.168.1.1
For multi-value filters, you can negate all values:
origin_asns=!13335,!15169– matches elements where origin AS is NOT 13335 AND NOT 15169- Mixing positive and negative values in the same filter is not allowed
Note: Timestamp filters (ts_start, ts_end) do not support negation as the behavior would be unintuitive.
Filter::new function takes a str as the filter type and str as the filter value and returns a
Result of a Filter or a parsing error.
BgpkitParser implements the function add_filter("filter_type", "filter_value") that takes the parser’s ownership itself
and returns a new parser with specified filter added. See the example below.
§Example
use bgpkit_parser::BgpkitParser;
/// This example shows how to parse a MRT file and filter by prefix.
env_logger::Builder::from_env(env_logger::Env::default().default_filter_or("info")).init();
log::info!("downloading updates file");
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
.add_filter("prefix", "211.98.251.0/24").unwrap()
.add_filter("type", "a").unwrap();
// iterating through the parser. the iterator returns `BgpElem` one at a time.
log::info!("parsing updates file");
for elem in parser {
log::info!("{}", &elem);
}
log::info!("done");§Example with Negative Filter
use bgpkit_parser::BgpkitParser;
// Filter out all elements from AS 13335 (Cloudflare)
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
.add_filter("origin_asn", "!13335").unwrap();
for elem in parser {
println!("{}", elem);
}§Example with Multiple Filters (OR Logic)
use bgpkit_parser::BgpkitParser;
// Filter elements from multiple origin ASNs (matches ANY of the specified ASNs)
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
.add_filter("origin_asns", "13335,15169,8075").unwrap();
for elem in parser {
println!("{}", elem);
}
// Filter elements NOT from these ASNs (matches if NOT ANY of the specified ASNs)
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
.add_filter("origin_asns", "!13335,!15169,!8075").unwrap();
for elem in parser {
println!("{}", elem);
}
// Filter elements matching multiple prefixes (matches ANY of the specified prefixes)
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
.add_filter("prefixes", "1.1.1.0/24,8.8.8.0/24").unwrap();
for elem in parser {
println!("{}", elem);
}Note, by default, the prefix filtering is for the exact prefix. You can include super-prefixes or
sub-prefixes when filtering by using "prefix_super", "prefix_sub", or "prefix_super_sub" as
the filter type string. For multiple prefixes, use "prefixes_super", "prefixes_sub", or "prefixes_super_sub".
§Note
Currently, only BgpElem implements the filtering capability. Support for MrtRecord will come in later releases.
Enums§
- Filter
- Filter enum: definition of types of filters
- IpVersion
- Prefix
Match Type