| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20231017105532.3563683-6-amcohen@nvidia.com>
Date: Tue, 17 Oct 2023 13:55:29 +0300
From: Amit Cohen <amcohen@...dia.com>
To: <netdev@...r.kernel.org>
CC: <dsahern@...il.com>, <stephen@...workplumber.org>, <razor@...ckwall.org>,
<mlxsw@...dia.com>, <roopa@...dia.com>, Amit Cohen <amcohen@...dia.com>
Subject: [PATCH iproute2-next v2 5/8] bridge: fdb: support match on destination port in flush command
Extend "fdb flush" command to match fdb entries with a specific destination
port.
Example:
$ bridge fdb flush dev vx10 port 1111
This will flush all fdb entries pointing to vx10 with destination port
1111.
Signed-off-by: Amit Cohen <amcohen@...dia.com>
Acked-by: Nikolay Aleksandrov <razor@...ckwall.org>
---
bridge/fdb.c | 21 ++++++++++++++++++++-
man/man8/bridge.8 | 8 ++++++++
2 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/bridge/fdb.c b/bridge/fdb.c
index 16cd7660..f2d882ed 100644
--- a/bridge/fdb.c
+++ b/bridge/fdb.c
@@ -46,7 +46,7 @@ static void usage(void)
" bridge fdb get [ to ] LLADDR [ br BRDEV ] { brport | dev } DEV\n"
" [ vlan VID ] [ vni VNI ] [ self ] [ master ] [ dynamic ]\n"
" bridge fdb flush dev DEV [ brport DEV ] [ vlan VID ] [ src_vni VNI ]\n"
- " [ nhid NHID ] [ vni VNI ] [ self ] [ master ]\n"
+ " [ nhid NHID ] [ vni VNI ] [ port PORT ] [ self ] [ master ]\n"
" [ [no]permanent | [no]static | [no]dynamic ]\n"
" [ [no]added_by_user ] [ [no]extern_learn ] [ [no]sticky ]\n"
" [ [no]offloaded ]\n");
@@ -703,6 +703,7 @@ static int fdb_flush(int argc, char **argv)
unsigned short ndm_state = 0;
unsigned long src_vni = ~0;
unsigned long vni = ~0;
+ unsigned long port = 0;
__u32 nhid = 0;
char *endptr;
@@ -782,6 +783,18 @@ static int fdb_flush(int argc, char **argv)
if ((endptr && *endptr) ||
(vni >> 24) || vni == ULONG_MAX)
invarg("invalid VNI\n", *argv);
+ } else if (strcmp(*argv, "port") == 0) {
+ NEXT_ARG();
+ port = strtoul(*argv, &endptr, 0);
+ if (endptr && *endptr) {
+ struct servent *pse;
+
+ pse = getservbyname(*argv, "udp");
+ if (!pse)
+ invarg("invalid port\n", *argv);
+ port = ntohs(pse->s_port);
+ } else if (port > 0xffff)
+ invarg("invalid port\n", *argv);
} else if (strcmp(*argv, "help") == 0) {
NEXT_ARG();
} else {
@@ -834,6 +847,12 @@ static int fdb_flush(int argc, char **argv)
addattr32(&req.n, sizeof(req), NDA_NH_ID, nhid);
if (vni != ~0)
addattr32(&req.n, sizeof(req), NDA_VNI, vni);
+ if (port) {
+ unsigned short dport;
+
+ dport = htons((unsigned short)port);
+ addattr16(&req.n, sizeof(req), NDA_PORT, dport);
+ }
if (ndm_flags_mask)
addattr8(&req.n, sizeof(req), NDA_NDM_FLAGS_MASK,
ndm_flags_mask);
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index 9341c77b..cf23094c 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -134,6 +134,8 @@ bridge \- show / manipulate bridge addresses and devices
.IR NHID " ] ["
.B vni
.IR VNI " ] [ "
+.B port
+.IR PORT " ] ["
.BR self " ] [ " master " ] [ "
.BR [no]permanent " | " [no]static " | " [no]dynamic " ] [ "
.BR [no]added_by_user " ] [ " [no]extern_learn " ] [ "
@@ -915,6 +917,12 @@ the VXLAN VNI Network Identifier (or VXLAN Segment ID) for the operation. Match
forwarding table entries only with the specified VNI. Valid if the referenced
device is a VXLAN type device.
+.TP
+.BI port " PORT"
+the UDP destination PORT number for the operation. Match forwarding table
+entries only with the specified PORT. Valid if the referenced device is a VXLAN
+type device.
+
.TP
.B self
the operation is fulfilled directly by the driver for the specified network
--
2.41.0
Powered by blists - more mailing lists