diff options
| author | Nikolay Aleksandrov <razor@blackwall.org> | 2022-06-08 15:29:14 +0300 |
|---|---|---|
| committer | David Ahern <dsahern@kernel.org> | 2022-06-10 09:01:29 -0600 |
| commit | bb9e453c14068c308f000cdcff98a4dd468358d5 (patch) | |
| tree | 6e8a73eb73f774f75b1b5bd0192df194ee65035b | |
| parent | d9c15896f1d3bbe768180f8b6abd0ec0ea89dcb1 (diff) | |
| download | iproute2-bb9e453c14068c308f000cdcff98a4dd468358d5.tar.gz | |
bridge: fdb: add flush port matching
Usually we match on the device specified after "dev" but there are
special cases where we need an additional device attribute for matching
such as when matching entries specifically pointing to the bridge device
itself. We use NDA_IFINDEX for that purpose.
Example:
$ bridge fdb flush dev br0 brport br0
This will flush only entries pointing to the bridge itself.
$ bridge fdb flush dev swp1 brport swp2 master
Note this will flush entries pointing to swp2 only. The NDA_IFINDEX
attribute overrides the dev argument. This is documented in the man
page.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
| -rw-r--r-- | bridge/fdb.c | 23 | ||||
| -rw-r--r-- | man/man8/bridge.8 | 8 |
2 files changed, 28 insertions, 3 deletions
diff --git a/bridge/fdb.c b/bridge/fdb.c index c2a1fb957..4af13eb20 100644 --- a/bridge/fdb.c +++ b/bridge/fdb.c @@ -45,7 +45,8 @@ static void usage(void) " [ state STATE ] [ dynamic ] ]\n" " bridge fdb get [ to ] LLADDR [ br BRDEV ] { brport | dev } DEV\n" " [ vlan VID ] [ vni VNI ] [ self ] [ master ] [ dynamic ]\n" - " bridge fdb flush dev DEV [ vlan VID ] [ self ] [ master ]\n"); + " bridge fdb flush dev DEV [ brport DEV ] [ vlan VID ]\n" + " [ self ] [ master ]\n"); exit(-1); } @@ -679,9 +680,9 @@ static int fdb_flush(int argc, char **argv) .n.nlmsg_type = RTM_DELNEIGH, .ndm.ndm_family = PF_BRIDGE, }; + short vid = -1, port_ifidx = -1; unsigned short ndm_flags = 0; - char *d = NULL; - short vid = -1; + char *d = NULL, *port = NULL; while (argc > 0) { if (strcmp(*argv, "dev") == 0) { @@ -691,6 +692,11 @@ static int fdb_flush(int argc, char **argv) ndm_flags |= NTF_MASTER; } else if (strcmp(*argv, "self") == 0) { ndm_flags |= NTF_SELF; + } else if (strcmp(*argv, "brport") == 0) { + if (port) + duparg2("brport", *argv); + NEXT_ARG(); + port = *argv; } else if (strcmp(*argv, "vlan") == 0) { if (vid >= 0) duparg2("vlan", *argv); @@ -714,6 +720,15 @@ static int fdb_flush(int argc, char **argv) return -1; } + if (port) { + port_ifidx = ll_name_to_index(port); + if (port_ifidx == 0) { + fprintf(stderr, "Cannot find bridge port device \"%s\"\n", + port); + return -1; + } + } + if (vid >= 4096) { fprintf(stderr, "Invalid VLAN ID \"%hu\"\n", vid); return -1; @@ -724,6 +739,8 @@ static int fdb_flush(int argc, char **argv) ndm_flags |= NTF_SELF; req.ndm.ndm_flags = ndm_flags; + if (port_ifidx > -1) + addattr32(&req.n, sizeof(req), NDA_IFINDEX, port_ifidx); if (vid > -1) addattr16(&req.n, sizeof(req), NDA_VLAN, vid); diff --git a/man/man8/bridge.8 b/man/man8/bridge.8 index d5db85b94..32b81b4bd 100644 --- a/man/man8/bridge.8 +++ b/man/man8/bridge.8 @@ -116,6 +116,8 @@ bridge \- show / manipulate bridge addresses and devices .BR "bridge fdb flush" .B dev .IR DEV " [ " +.B brport +.IR DEV " ] [ " .B vlan .IR VID " ] [ " .BR self " ] [ " master " ]" @@ -802,6 +804,12 @@ is set then the operation will be fulfilled by its master device's driver and all entries pointing to that port will be deleted. .TP +.BI brport " DEV" +the target bridge port for the operation. If the bridge device is specified then only +entries pointing to the bridge itself will be deleted. Note that the target device +specified by this option will override the one specified by dev above. + +.TP .BI vlan " VID" the target VLAN ID for the operation. Match forwarding table entries only with the specified VLAN ID. |