diff options
| author | Hans Schultz <schultz.hans@gmail.com> | 2022-02-28 14:36:47 +0100 |
|---|---|---|
| committer | David Ahern <dsahern@kernel.org> | 2022-03-04 09:15:46 -0700 |
| commit | 0e51a185dd529080b5bf41c1346f686d2521dd81 (patch) | |
| tree | 31ff9a9dc457451da0ece5ad80c3946bb3d7f96a | |
| parent | 04a0077deb5de919477c3965985c0780aca20e47 (diff) | |
| download | iproute2-0e51a185dd529080b5bf41c1346f686d2521dd81.tar.gz | |
bridge: link: add command to set port in locked mode
Add support for setting a bridge port in locked mode to use with 802.1X,
so that only authorized clients are allowed access through the port.
Syntax: bridge link set dev DEV locked {on, off}
Signed-off-by: Hans Schultz <schultz.hans+netdev@gmail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
| -rw-r--r-- | bridge/link.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/bridge/link.c b/bridge/link.c index bc7837a94..dc3fc7adb 100644 --- a/bridge/link.c +++ b/bridge/link.c @@ -175,6 +175,9 @@ static void print_protinfo(FILE *fp, struct rtattr *attr) if (prtb[IFLA_BRPORT_ISOLATED]) print_on_off(PRINT_ANY, "isolated", "isolated %s ", rta_getattr_u8(prtb[IFLA_BRPORT_ISOLATED])); + if (prtb[IFLA_BRPORT_LOCKED]) + print_on_off(PRINT_ANY, "locked", "locked %s ", + rta_getattr_u8(prtb[IFLA_BRPORT_LOCKED])); } else print_stp_state(rta_getattr_u8(attr)); } @@ -269,6 +272,7 @@ static void usage(void) " [ neigh_suppress {on | off} ]\n" " [ vlan_tunnel {on | off} ]\n" " [ isolated {on | off} ]\n" + " [ locked {on | off} ]\n" " [ hwmode {vepa | veb} ]\n" " [ backup_port DEVICE ] [ nobackup_port ]\n" " [ self ] [ master ]\n" @@ -297,6 +301,7 @@ static int brlink_modify(int argc, char **argv) __s8 vlan_tunnel = -1; __s8 mcast_flood = -1; __s8 mcast_to_unicast = -1; + __s8 locked = -1; __s8 isolated = -1; __s8 hairpin = -1; __s8 bpdu_guard = -1; @@ -409,6 +414,11 @@ static int brlink_modify(int argc, char **argv) isolated = parse_on_off("isolated", *argv, &ret); if (ret) return ret; + } else if (strcmp(*argv, "locked") == 0) { + NEXT_ARG(); + locked = parse_on_off("locked", *argv, &ret); + if (ret) + return ret; } else if (strcmp(*argv, "backup_port") == 0) { NEXT_ARG(); backup_port_idx = ll_name_to_index(*argv); @@ -483,6 +493,9 @@ static int brlink_modify(int argc, char **argv) if (isolated != -1) addattr8(&req.n, sizeof(req), IFLA_BRPORT_ISOLATED, isolated); + if (locked >= 0) + addattr8(&req.n, sizeof(req), IFLA_BRPORT_LOCKED, locked); + if (backup_port_idx != -1) addattr32(&req.n, sizeof(req), IFLA_BRPORT_BACKUP_PORT, backup_port_idx); |