backport of #1051 - fixing flow-spec tcp-flag for != and &!=

etc/exabgp/conf-flow.conf

@@ -142,5 +142,20 @@ neighbor 127.0.0.1 {
 				discard;
 			}
 		}
+
+
+		route check-tcp-flags {
+			match {
+				source 10.0.0.1/32;
+				destination 10.0.0.2/32;
+				destination-port =3128;
+				protocol tcp;
+				tcp-flags [SYN RST&FIN&!=push];
+			}
+			then {
+				discard;
+			}
+		}
+
 	}
 }

lib/exabgp/bgp/message/update/nlri/flow.py

@@ -97,6 +97,7 @@ class BinaryOperator(CommonOperator):
     INCLUDE = 0x00  # 0b00000000
     NOT = 0x02  # 0b00000010
     MATCH = 0x01  # 0b00000001
+    DIFF = NOT | MATCH
 
 
 def _len_to_bit(value):

lib/exabgp/configuration/flow/parser.py

@@ -122,6 +122,8 @@ def _operator_binary(string):
         if string[0] == '=':
             return BinaryOperator.MATCH, string[1:]
         elif string[0] == '!':
+            if string.startswith('!='):
+                return BinaryOperator.DIFF, string[2:]
             return BinaryOperator.NOT, string[1:]
         else:
             return BinaryOperator.INCLUDE, string

qa/ci/conf-flow.msg

@@ -36,6 +36,9 @@
 # flow destination-ipv4 192.168.0.1/32 source-ipv4 10.0.0.10/32 protocol !=TCP port !=0 destination-port !=443 source-port !=80 !=8080 extended-community discard
 1:raw:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF:0055:02:0000003E4001010040020040050400000064C010088006000000000000800E2200018500001C0120C0A8000102200A00000A038606048600059601BB060650961F90
 
+# flow source-ipv4 10.0.0.1/32 destination-ipv4 10.0.0.2/32 destination-port =3128 protocol tcp tcp-flags SYN RST&FIN&!=push extended-community discard 
+1:raw:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF:0055:02:0000003E4001010040020040050400000064C010088006000000000000800E2200018500001C01200A00000202200A00000103810605910C3809000200044001C308
+
 # EOR
 1:raw:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF:001E02:00000007900F0003000185
 1:raw:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF:001E02:00000007900F0003000186