Skip to main content

Module filter

bgpkit_parser::parser

Module filter 

Source
Expand description

§Message Filters

The filter module defines a number of available filters that users can use, and implements the filtering mechanism for BgpElem.

The available filters are:

  • origin_asn – origin AS number
  • origin_asns – multiple origin AS numbers (OR logic)
  • prefix – network prefix and match type
  • prefixes – multiple network prefixes (OR logic)
  • peer_ip – peer’s IP address
  • peer_ips – peers’ IP addresses (OR logic)
  • peer_asn – peer’s AS number
  • peer_asns – multiple peer AS numbers (OR logic)
  • type – message type (withdraw or announce)
  • ts_start – start and end unix timestamp
  • as_path – regular expression for AS path string
  • ip_version – IP version (ipv4 or ipv6)

§Negative Filters

Most filters support negation by prefixing the filter value with !. For example:

  • origin_asn=!13335 – matches elements where origin AS is NOT 13335
  • prefix=!10.0.0.0/8 – matches elements where prefix is NOT 10.0.0.0/8
  • peer_ip=!192.168.1.1 – matches elements where peer IP is NOT 192.168.1.1

For multi-value filters, you can negate all values:

  • origin_asns=!13335,!15169 – matches elements where origin AS is NOT 13335 AND NOT 15169
  • Mixing positive and negative values in the same filter is not allowed

Note: Timestamp filters (ts_start, ts_end) do not support negation as the behavior would be unintuitive.

Filter::new function takes a str as the filter type and str as the filter value and returns a Result of a Filter or a parsing error.

BgpkitParser implements the function add_filter("filter_type", "filter_value") that takes the parser’s ownership itself and returns a new parser with specified filter added. See the example below.

§Example

use bgpkit_parser::BgpkitParser;

/// This example shows how to parse a MRT file and filter by prefix.
env_logger::Builder::from_env(env_logger::Env::default().default_filter_or("info")).init();

log::info!("downloading updates file");
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
    .add_filter("prefix", "211.98.251.0/24").unwrap()
    .add_filter("type", "a").unwrap();

// iterating through the parser. the iterator returns `BgpElem` one at a time.
log::info!("parsing updates file");
for elem in parser {
    log::info!("{}", &elem);
}
log::info!("done");

§Example with Negative Filter

use bgpkit_parser::BgpkitParser;

// Filter out all elements from AS 13335 (Cloudflare)
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
    .add_filter("origin_asn", "!13335").unwrap();

for elem in parser {
    println!("{}", elem);
}

§Example with Multiple Filters (OR Logic)

use bgpkit_parser::BgpkitParser;

// Filter elements from multiple origin ASNs (matches ANY of the specified ASNs)
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
    .add_filter("origin_asns", "13335,15169,8075").unwrap();

for elem in parser {
    println!("{}", elem);
}

// Filter elements NOT from these ASNs (matches if NOT ANY of the specified ASNs)
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
    .add_filter("origin_asns", "!13335,!15169,!8075").unwrap();

for elem in parser {
    println!("{}", elem);
}

// Filter elements matching multiple prefixes (matches ANY of the specified prefixes)
let parser = BgpkitParser::new("http://archive.routeviews.org/bgpdata/2021.10/UPDATES/updates.20211001.0000.bz2").unwrap()
    .add_filter("prefixes", "1.1.1.0/24,8.8.8.0/24").unwrap();

for elem in parser {
    println!("{}", elem);
}

Note, by default, the prefix filtering is for the exact prefix. You can include super-prefixes or sub-prefixes when filtering by using "prefix_super", "prefix_sub", or "prefix_super_sub" as the filter type string. For multiple prefixes, use "prefixes_super", "prefixes_sub", or "prefixes_super_sub".

§Note

BgpElem and BgpRouteElem implement the filtering capability. Route-level filtering only has access to route identity, peer metadata, timestamp, and AS path, so community filters do not match BgpRouteElem values. Support for MrtRecord will come in later releases.

Enums§

Filter
Filter enum: definition of types of filters
IpVersion
PrefixMatchType

Traits§

Filterable