update

bird/filter/inet_import.conf

@@ -1,10 +0,0 @@
-# 对上游接收过滤器
-# 政策：全网照单接受
-
-function function_inet_bgp_import_from_upstream() {
-    if is_self_net() then return false;
-    if is_bogon_prefix() || (bgp_path.len > 20) then return false;
-    # 允许转发给下游
-    bgp_large_community.add((LOCAL_ASN,1000,0));
-    return true;
-}

bird/filter/inet_upstream.conf

@@ -0,0 +1,36 @@
+# 普通上游（发布控制器）
+# 政策：只发自己的
+
+function function_inet_bgp_export_to_upstream0() {
+    if source != RTS_STATIC then return false;
+    if is_bogon_prefix() then return false;
+
+    if !is_self_net() then return false;
+    if bgp_large_community ~ [(LOCAL_ASN, 200, 0)] then return true;
+
+    return false;
+}
+
+# 能带下游的上游
+# 政策：自己+下游
+function function_inet_bgp_export_to_upstream1() {
+    if source !~ [RTS_STATIC, RTS_BGP] then return false;
+    if is_bogon_prefix() then return false;
+
+    if source =RTS_STATIC then {
+        if !is_self_net() then return false;
+        if bgp_large_community ~ [(LOCAL_ASN, 200, 0)] then return true;
+    }
+    
+    if source = RTS_BGP then {
+        if bgp_large_community ~ [(LOCAL_ASN, 10100, 4)] then return true;
+    }
+    return false;
+}
+
+# 从上游收表
+function function_inet_bgp_import_from_upstream() {
+    if is_self_net() then return false;
+    if is_bogon_prefix() || (bgp_path.len > 20) then return false;
+    return true;
+}

bird/filter/inet_upstream0.conf

@@ -1,34 +0,0 @@
-# 普通上游（发布控制器）
-# 政策：只发自己的
-
-function function_inet_bgp_export_to_upstream0() {
-    if !is_self_net() then return false;
-    if is_bogon_prefix() then return false;
-    if source != RTS_STATIC then return false;
-    # 100禁止性过滤
-    if bgp_large_community ~ [(LOCAL_ASN, 100, 100)] then return false;
-    if bgp_large_community ~ [(LOCAL_ASN, 100, 200)] then return false;
-    if bgp_large_community ~ [(LOCAL_ASN, 200, 201)] then return false;
-
-    # 前置过滤：允许自己的段子-所有上游和普通上游
-    if bgp_large_community ~ [(LOCAL_ASN, 200, 0)] then return true;
-    if bgp_large_community ~ [(LOCAL_ASN, 200, 1)] then return true;
-    if bgp_large_community ~ [(LOCAL_ASN, 200, 2)] then return false;
-    return false;
-}
-
-
-function function_inet_control_bgp_upstream0(int peer_asn){
-    # 1.禁止带有 201 0 (禁止一切外发)的发出去
-    if bgp_large_community ~ [(LOCAL_ASN, 201, 0)] then return false;
-    # 2.禁止带有 201 peer asn (禁止向某一外发)的发出去
-    if bgp_large_community ~ [(LOCAL_ASN, 201, peer_asn)] then return false;
-
-    # 3.不带202,0(允许全体外发)，但是带有202,peer asn（允许单一外发）的，放
-    if (bgp_large_community !~ [(LOCAL_ASN, 202, 0)]) then {
-        if bgp_large_community ~ [(LOCAL_ASN, 202, peer_asn)] then return true;
-    }
-    # 4.带有202,0（允许一切外发）的，放
-    if bgp_large_community ~ [(LOCAL_ASN, 202, 0)] then return true;
-    return false;
-}

bird/filter/inet_upstream1.conf

@@ -1,46 +0,0 @@
-# 能带下游的上游（发布控制器）
-# 政策：发自己的+下游的
-
-function function_inet_bgp_export_to_upstream1() {
-    if source !~ [RTS_STATIC, RTS_BGP] then return false;
-    if is_bogon_prefix() then return false;
-    # 100禁止性过滤
-    if bgp_large_community ~ [(LOCAL_ASN, 100, 100)] then return false;
-    if bgp_large_community ~ [(LOCAL_ASN, 100, 200)] then return false;
-    if bgp_large_community ~ [(LOCAL_ASN, 200, 202)] then return false;
-    if source =RTS_STATIC then {
-        # 静态路由，允许 200，[0 2]
-        if bgp_large_community ~ [(LOCAL_ASN, 200, 0)] then return true;
-        if bgp_large_community ~ [(LOCAL_ASN, 200, 2)] then return true;
-        if bgp_large_community ~ [(LOCAL_ASN, 200, 1)] then return false;
-    }
-    if source = RTS_BGP then {
-        if bgp_large_community ~ [(LOCAL_ASN, 10100, 4)] then return true;
-    }
-    return false;
-}
-
-
-function function_inet_control_bgp_upstream1(int peer_asn){
-    # 1.禁止带有 201 0 (禁止一切外发)  301 0（禁止下游段子转发）的发出去
-    if bgp_large_community ~ [(LOCAL_ASN, 201, 0)] then return false;
-    if bgp_large_community ~ [(LOCAL_ASN, 301, 0)] then return false;
-    # 2.禁止带有 201 peer asn (禁止向某一外发) 301 peer asn（禁止向某一外发下游）的发出去
-    if bgp_large_community ~ [(LOCAL_ASN, 201, peer_asn)] then return false;
-    if bgp_large_community ~ [(LOCAL_ASN, 301, peer_asn)] then return false;
-
-
-    # 3.不带202,0(允许全体外发)，但是带有202,peer asn 放
-    if (bgp_large_community !~ [(LOCAL_ASN, 202, 0)]) then {
-        if bgp_large_community ~ [(LOCAL_ASN, 202, peer_asn)] then return true;
-    }
-    # 不带302 0，但是有302 peer asn的，放
-    if (bgp_large_community !~ [(LOCAL_ASN, 302, 0)]) then {
-        if bgp_large_community ~ [(LOCAL_ASN, 302, peer_asn)] then return true;
-    }
-
-    # 4.带有202,0（允许一切外发）和302 0的，放
-    if bgp_large_community ~ [(LOCAL_ASN, 202, 0)] then return true;
-    if bgp_large_community ~ [(LOCAL_ASN, 302, 0)] then return true;
-    return false;
-}

bird/function/inet_community.conf

@@ -0,0 +1,60 @@
+# 社区属性转换与本地优先级修正函数（Local Pref 200封顶版）
+function function_inet_community_make(){
+    # 1. 从上游收到的路由 => 赋予兜底优先级 (Local Pref = 100)
+    if bgp_large_community ~ [(LOCAL_ASN, 10100, 0)] then {
+        bgp_local_pref = 100;
+        bgp_large_community.add((LOCAL_ASN, 2, 4));
+        bgp_large_community.delete((LOCAL_ASN, 10100, 0));
+        return true;
+    }
+
+    # 2. 私有上游 => 赋予兜底优先级 (Local Pref = 100)
+    if bgp_large_community ~ [(LOCAL_ASN, 10100, 1)] then {
+        bgp_local_pref = 100;
+        bgp_large_community.delete((LOCAL_ASN, 10100, 1));
+        return true;
+    }
+
+    # 3. Peer/IXP 收到的路由 => 赋予中等优先 (Local Pref = 140)
+    if bgp_large_community ~ [(LOCAL_ASN, 10100, 2), (LOCAL_ASN, 10100, 3)] then {
+        bgp_local_pref = 140;
+        bgp_large_community.add((LOCAL_ASN, 2, 4));
+        bgp_large_community.delete([(LOCAL_ASN, 10100, 2), (LOCAL_ASN, 10100, 3)]);
+        return true;
+    }
+
+    # 4. 下游客户发来的路由 => 赋予高优先级 (Local Pref = 180)
+    if bgp_large_community ~ [(LOCAL_ASN, 10100, 4)] then {
+        bgp_local_pref = 180;
+        bgp_large_community.add([
+            (LOCAL_ASN, 2, 1), (LOCAL_ASN, 2, 2), (LOCAL_ASN, 2, 3), (LOCAL_ASN, 2, 4)
+        ]);
+        bgp_large_community.delete((LOCAL_ASN, 10100, 4));
+        return true;
+    }
+
+    # 5. 自身宣告的前缀 => 赋予最高级封顶 (Local Pref = 200)
+    if bgp_large_community ~ [(LOCAL_ASN, 200, 0)] then {
+        bgp_local_pref = 200;
+        bgp_large_community.add([(LOCAL_ASN, 2, 0..4)]);
+        bgp_large_community.delete((LOCAL_ASN, 200, 0));
+        return true;
+    }
+
+    return false;
+}
+
+
+# 社区安全检查/清理（全量通配版）
+function function_inet_bgp_community_clear(){
+    # 使用 [ (ASN, Data1, *) ] 语法，直接清空该分类下的所有子标记
+    bgp_large_community.delete([
+        (LOCAL_ASN, 1, *),
+        (LOCAL_ASN, 2, *),
+        (LOCAL_ASN, 3, *),
+        (LOCAL_ASN, 200, *),
+        (LOCAL_ASN, 10100, *),
+        (LOCAL_ASN, 10101, *),
+        (LOCAL_ASN, 10102, *)
+    ]);
+}

bird/update.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+cd 
+wget https://git.nia.ink/brnet/bird_config/raw/branch/master/update.sh
+chmod +x update.sh
+./update.sh

update.sh

@@ -3,24 +3,17 @@
 cd 
 git clone https://git.nia.ink/brnet/bird_config.git
 
-rm /etc/bird/bird.conf
-mv ./bird_config/bird/bird.conf /etc/bird/
-
-rm /etc/bird/conf/dn42.conf
-
 rm /etc/bird/filter/*.conf
 mv ./bird_config/bird/filter/*.conf /etc/bird/filter/
 
 rm /etc/bird/function/*.conf
 mv ./bird_config/bird/function/*.conf /etc/bird/function/
 
-rm /etc/bird/net/dn42.conf
-rm /etc/bird/net/unet.conf
-mv ./bird_config/bird/net/unet.conf /etc/bird/net/
-
 rm /etc/bird/template/*.conf
 mv ./bird_config/bird/template/*.conf /etc/bird/template/
 
+mv ./bird_config/bird/update.sh /etc/bird/
+chmod +x /etc/bird/update.sh
 
 birdc c
 cd