lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 17 Oct 2023 10:02:19 +0300
From: Amit Cohen <amcohen@...dia.com>
To: <netdev@...r.kernel.org>
CC: <dsahern@...il.com>, <stephen@...workplumber.org>, <razor@...ckwall.org>,
	<mlxsw@...dia.com>, <roopa@...dia.com>, Amit Cohen <amcohen@...dia.com>
Subject: [PATCH iproute2-next 0/8] Extend flush command to support VXLAN attributes

The merge commit f84e3f8cced9 ("Merge branch 'bridge-fdb-flush' into next")
added support for fdb flushing.

The kernel was extended to support flush for VXLAN device, so the
"bridge fdb flush" command should support new attributes.

Add support for flushing FDB entries based on the following:
* Source VNI
* Nexthop ID
* Destination VNI
* Destination Port
* Destination IP
* 'router' flag

With this set, flush works with attributes which are relevant for VXLAN
FDBs, for example:

$ bridge fdb flush dev vx10 vni 5000 dst 192.2.2.1
< flush all vx10 entries with VNI 5000 and destination IP 192.2.2.1 >

There are examples for each attribute in the respective commit messages.

Patch set overview:
Patch #1 prepares the code for adding support for 'port' keyword
Patches #2-#7 add support for new keywords in flush command
Patch #8 adds a note in man page

Amit Cohen (8):
  bridge: fdb: rename some variables to contain 'brport'
  bridge: fdb: support match on source VNI in flush command
  bridge: fdb: support match on nexthop ID in flush command
  bridge: fdb: support match on destination VNI in flush command
  bridge: fdb: support match on destination port in flush command
  bridge: fdb: support match on destination IP in flush command
  bridge: fdb: support match on [no]router flag in flush command
  man: bridge: add a note about using 'master' and 'self' with flush

 bridge/fdb.c      | 88 ++++++++++++++++++++++++++++++++++++++++-------
 man/man8/bridge.8 | 53 +++++++++++++++++++++++++++-
 2 files changed, 127 insertions(+), 14 deletions(-)

-- 
2.41.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ