def __init__(self, configurations):
self._ips = environment.settings().tcp.bind
self._port = environment.settings().tcp.port
self._stopping = environment.settings().tcp.once
self.exit_code = self.Exit.unknown
self.max_loop_time = environment.settings().reactor.speed
self._sleep_time = self.max_loop_time / 100
self._busyspin = {}
self._ratelimit = {}
self.early_drop = environment.settings().daemon.drop
self.processes = None
self.configuration = Configuration(configurations)
self.logger = Logger()
self.asynchronous = ASYNC()
self.signal = Signal()
self.daemon = Daemon(self)
self.listener = Listener(self)
self.api = API(self)
self._peers = {}
self._reload_processes = False
self._saved_pid = False
self._poller = select.poll()
def run(self):
if self.ip:
try:
self.listener = Listener([
self.ip,
], self.port)
self.listener.start()
except NetworkError, e:
self.listener = None
if os.geteuid() != 0 and self.port <= 1024:
self.logger.reactor(
"Can not bind to %s:%d, you may need to run ExaBGP as root"
% (self.ip, self.port), 'critical')
else:
self.logger.reactor(
"Can not bind to %s:%d (%s)" %
(self.ip, self.port, str(e)), 'critical')
self.logger.reactor(
"unset exabgp.tcp.bind if you do not want listen for incoming connections",
'critical')
self.logger.reactor(
"and check that no other daemon is already binding to port %d"
% self.port, 'critical')
sys.exit(1)
self.logger.reactor("Listening for BGP session(s) on %s:%d" %
(self.ip, self.port))
def _setup_listener(self, local_addr, remote_addr, port, md5_password,
md5_base64, ttl_in):
try:
if not self.listener:
self.listener = Listener()
if not remote_addr:
remote_addr = IP.create(
'0.0.0.0') if local_addr.ipv4() else IP.create('::')
self.listener.listen(local_addr, remote_addr, port, md5_password,
md5_base64, ttl_in)
self.logger.reactor(
'Listening for BGP session(s) on %s:%d%s' %
(local_addr, port, ' with MD5' if md5_password else ''))
return True
except NetworkError as exc:
if os.geteuid() != 0 and port <= 1024:
self.logger.reactor(
'Can not bind to %s:%d, you may need to run ExaBGP as root'
% (local_addr, port), 'critical')
else:
self.logger.reactor(
'Can not bind to %s:%d (%s)' %
(local_addr, port, str(exc)), 'critical')
self.logger.reactor(
'unset exabgp.tcp.bind if you do not want listen for incoming connections',
'critical')
self.logger.reactor(
'and check that no other daemon is already binding to port %d'
% port, 'critical')
return False
def __init__(self, configurations):
self._ips = environment.settings().tcp.bind
self._port = environment.settings().tcp.port
self._stopping = environment.settings().tcp.once
self.max_loop_time = environment.settings().reactor.speed
self.early_drop = environment.settings().daemon.drop
self.processes = None
self.configuration = Configuration(configurations)
self.logger = Logger()
self. async = ASYNC()
self.signal = Signal()
self.daemon = Daemon(self)
self.listener = Listener(self)
self.api = API(self)
self.peers = {}
self._reload_processes = False
self._saved_pid = False
def run(self):
self.daemon.daemonise()
# Make sure we create processes once we have closed file descriptor
# unfortunately, this must be done before reading the configuration file
# so we can not do it with dropped privileges
self.processes = Processes(self)
# we have to read the configuration possibly with root privileges
# as we need the MD5 information when we bind, and root is needed
# to bind to a port < 1024
# this is undesirable as :
# - handling user generated data as root should be avoided
# - we may not be able to reload the configuration once the privileges are dropped
# but I can not see any way to avoid it
if not self.load():
return False
try:
self.listener = Listener()
if self.ip:
self.listener.listen(IP.create(self.ip), IP.create('0.0.0.0'),
self.port, None, False, None)
self.logger.reactor('Listening for BGP session(s) on %s:%d' %
(self.ip, self.port))
for neighbor in self.configuration.neighbors.values():
if neighbor.listen:
self.listener.listen(neighbor.md5_ip,
neighbor.peer_address,
neighbor.listen,
neighbor.md5_password,
neighbor.md5_base64, neighbor.ttl_in)
self.logger.reactor(
'Listening for BGP session(s) on %s:%d%s' %
(neighbor.md5_ip, neighbor.listen,
' with MD5' if neighbor.md5_password else ''))
except NetworkError as exc:
self.listener = None
if os.geteuid() != 0 and self.port <= 1024:
self.logger.reactor(
'Can not bind to %s:%d, you may need to run ExaBGP as root'
% (self.ip, self.port), 'critical')
else:
self.logger.reactor(
'Can not bind to %s:%d (%s)' %
(self.ip, self.port, str(exc)), 'critical')
self.logger.reactor(
'unset exabgp.tcp.bind if you do not want listen for incoming connections',
'critical')
self.logger.reactor(
'and check that no other daemon is already binding to port %d'
% self.port, 'critical')
sys.exit(1)
if not self.early_drop:
self.processes.start()
if not self.daemon.drop_privileges():
self.logger.reactor(
'Could not drop privileges to \'%s\' refusing to run as root' %
self.daemon.user, 'critical')
self.logger.reactor(
'Set the environmemnt value exabgp.daemon.user to change the unprivileged user',
'critical')
return
if self.early_drop:
self.processes.start()
# This is required to make sure we can write in the log location as we now have dropped root privileges
if not self.logger.restart():
self.logger.reactor('Could not setup the logger, aborting',
'critical')
return
if not self.daemon.savepid():
return
# did we complete the run of updates caused by the last SIGUSR1/SIGUSR2 ?
reload_completed = True
wait = environment.settings().tcp.delay
if wait:
sleeptime = (wait * 60) - int(time.time()) % (wait * 60)
self.logger.reactor('waiting for %d seconds before connecting' %
sleeptime)
time.sleep(float(sleeptime))
workers = {}
peers = set()
scheduled = False
while True:
try:
finished = False
start = time.time()
end = start + self.max_loop_time
if self._shutdown:
self._shutdown = False
self.shutdown()
break
if self._reload and reload_completed:
self._reload = False
self.load()
self.processes.start(self._reload_processes)
self._reload_processes = False
elif self._restart:
self._restart = False
self.restart()
# We got some API routes to announce
if self.route_update:
self.route_update = False
self.route_send()
for peer in self.peers.keys():
peers.add(peer)
while start < time.time() < end and not finished:
if self.peers:
for key in list(peers):
peer = self.peers[key]
action = peer.run()
# .run() returns an ACTION enum:
# * immediate if it wants to be called again
# * later if it should be called again but has no work atm
# * close if it is finished and is closing down, or restarting
if action == ACTION.CLOSE:
self.unschedule(key)
peers.discard(key)
# we are loosing this peer, not point to schedule more process work
elif action == ACTION.LATER:
for io in peer.sockets():
workers[io] = key
# no need to come back to it before a a full cycle
peers.discard(key)
if not peers:
reload_completed = True
if self.listener:
for connection in self.listener.connected():
# found
# * False, not peer found for this TCP connection
# * True, peer found
# * None, conflict found for this TCP connections
found = False
for key in self.peers:
peer = self.peers[key]
neighbor = peer.neighbor
# XXX: FIXME: Inet can only be compared to Inet
if connection.local == str(
neighbor.peer_address) and (
neighbor.auto_discovery
or connection.peer == str(
neighbor.local_address)):
if peer.incoming(connection):
found = True
break
found = None
break
if found:
self.logger.reactor(
'accepted connection from %s - %s' %
(connection.local, connection.peer))
elif found is False:
self.logger.reactor(
'no session configured for %s - %s' %
(connection.local, connection.peer))
connection.notification(
6, 3, 'no session configured for the peer')
connection.close()
elif found is None:
self.logger.reactor(
'connection refused (already connected to the peer) %s - %s'
% (connection.local, connection.peer))
connection.notification(
6, 5, 'could not accept the connection')
connection.close()
scheduled = self.schedule()
finished = not peers and not scheduled
# RFC state that we MUST not send more than one KEEPALIVE / sec
# And doing less could cause the session to drop
if finished:
for io in self.ready(list(peers), self.processes.fds(),
end - time.time()):
if io in workers:
peers.add(workers[io])
del workers[io]
if self._stopping and not self.peers.keys():
break
except KeyboardInterrupt:
while True:
try:
self._shutdown = True
self.logger.reactor('^C received')
break
except KeyboardInterrupt:
pass
# socket.error is a subclass of IOError (so catch it first)
except socket.error:
try:
self._shutdown = True
self.logger.reactor('socket error received', 'warning')
break
except KeyboardInterrupt:
pass
except IOError:
while True:
try:
self._shutdown = True
self.logger.reactor(
'I/O Error received, most likely ^C during IO',
'warning')
break
except KeyboardInterrupt:
pass
except SystemExit:
try:
self._shutdown = True
self.logger.reactor('exiting')
break
except KeyboardInterrupt:
pass
except ProcessError:
try:
self._shutdown = True
self.logger.reactor(
'Problem when sending message(s) to helper program, stopping',
'error')
except KeyboardInterrupt:
pass
except select.error:
try:
self._shutdown = True
self.logger.reactor('problem using select, stopping',
'error')
except KeyboardInterrupt:
pass
