# For FRR Rules:
#   cat filter.txt | \
#       grep -e  ^[0-9] | \
#       awk '{ print "ip prefix-list dn42-in seq " $1 " " $2 " " $3 " ge " $4 " le " $5}' | \
#       sed "s_/\([0-9]\+\) ge \1_/\1_g;s_/\([0-9]\+\) le \1_/\1_g"
#
# For BIRD Rules:
#   cat filter.txt | \
#       awk 'BEGIN {printf "function is_valid_network() {\n return net ~ [\n" } \
#            /^[0-9]/ && $2 ~ /permit/ {printf "     %s{%s,%s},\n", $3, $4, $5};' | \
#       sed "$ s/,$/\n  ];\n}/"

# The rules MUST be sorted by the number column first and then the first matching rule MUST be used.
# ROAs MUST be checked against these rules and max-length of the ROA NUST NOT be longer than allowed by the matching rule.

#Nr   Action  Prefix           MinLen  MaxLen  # Comment

0001  deny    172.22.166.0/24  24      32      # block List due not responding to abuse mails after wiki grief

1001  permit  172.20.0.0/24    28      32      # dn42 anycast range
1002  permit  172.21.0.0/24    28      32      # dn42 anycast range
1003  permit  172.22.0.0/24    28      32      # dn42 anycast range
1004  permit  172.23.0.0/24    28      32      # dn42 anycast range
1100  permit  172.20.0.0/14    21      29      # dn42 main net

2001  permit  10.100.0.0/14    14      32      # ChaosVPN
2002  permit  10.127.0.0/16    16      32      # NeoNetwork
2003  permit  10.0.0.0/8       15      24      # IC-VPN / Freifunk

3001  permit  172.31.0.0/16    16      32      # ChaosVPN

9999  deny    0.0.0.0/0        0       32      # block the rest