lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed,  8 Jun 2022 15:29:13 +0300
From:   Nikolay Aleksandrov <razor@...ckwall.org>
To:     netdev@...r.kernel.org
Cc:     dsahern@...il.com, stephen@...workplumber.org, roopa@...dia.com,
        Nikolay Aleksandrov <razor@...ckwall.org>
Subject: [PATCH iproute2-next 02/10] bridge: fdb: add flush vlan matching

Add flush support to match fdb entries in a specific vlan.
Example:
$ bridge fdb flush dev swp1 vlan 10 master
This will flush all fdb entries with port swp1 and vlan 10.

Signed-off-by: Nikolay Aleksandrov <razor@...ckwall.org>
---
 bridge/fdb.c      | 15 ++++++++++++++-
 man/man8/bridge.8 |  7 +++++++
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/bridge/fdb.c b/bridge/fdb.c
index ac9f7af64336..c2a1fb957f7e 100644
--- a/bridge/fdb.c
+++ b/bridge/fdb.c
@@ -45,7 +45,7 @@ static void usage(void)
 		"              [ state STATE ] [ dynamic ] ]\n"
 		"       bridge fdb get [ to ] LLADDR [ br BRDEV ] { brport | dev } DEV\n"
 		"              [ vlan VID ] [ vni VNI ] [ self ] [ master ] [ dynamic ]\n"
-		"       bridge fdb flush dev DEV [ self ] [ master ]\n");
+		"       bridge fdb flush dev DEV [ vlan VID ] [ self ] [ master ]\n");
 	exit(-1);
 }
 
@@ -681,6 +681,7 @@ static int fdb_flush(int argc, char **argv)
 	};
 	unsigned short ndm_flags = 0;
 	char *d = NULL;
+	short vid = -1;
 
 	while (argc > 0) {
 		if (strcmp(*argv, "dev") == 0) {
@@ -690,6 +691,11 @@ static int fdb_flush(int argc, char **argv)
 			ndm_flags |= NTF_MASTER;
 		} else if (strcmp(*argv, "self") == 0) {
 			ndm_flags |= NTF_SELF;
+		} else if (strcmp(*argv, "vlan") == 0) {
+			if (vid >= 0)
+				duparg2("vlan", *argv);
+			NEXT_ARG();
+			vid = atoi(*argv);
 		} else {
 			if (strcmp(*argv, "help") == 0)
 				NEXT_ARG();
@@ -708,11 +714,18 @@ static int fdb_flush(int argc, char **argv)
 		return -1;
 	}
 
+	if (vid >= 4096) {
+		fprintf(stderr, "Invalid VLAN ID \"%hu\"\n", vid);
+		return -1;
+	}
+
 	/* if self and master were not specified assume self */
 	if (!(ndm_flags & (NTF_SELF | NTF_MASTER)))
 		ndm_flags |= NTF_SELF;
 
 	req.ndm.ndm_flags = ndm_flags;
+	if (vid > -1)
+		addattr16(&req.n, sizeof(req), NDA_VLAN, vid);
 
 	if (rtnl_talk(&rth, &req.n, NULL) < 0)
 		return -1;
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index bfda9f7ecd7b..d5db85b943bd 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -116,6 +116,8 @@ bridge \- show / manipulate bridge addresses and devices
 .BR "bridge fdb flush"
 .B dev
 .IR DEV " [ "
+.B vlan
+.IR VID " ] [ "
 .BR self " ] [ " master " ]"
 
 .ti -8
@@ -799,6 +801,11 @@ the target device for the operation. If the device is a bridge port and "master"
 is set then the operation will be fulfilled by its master device's driver and
 all entries pointing to that port will be deleted.
 
+.TP
+.BI vlan " VID"
+the target VLAN ID for the operation. Match forwarding table entries only with the
+specified VLAN ID.
+
 .TP
 .B self
 the operation is fulfilled directly by the driver for the specified network
-- 
2.35.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ