D51707.diff
No OneTemporary
Actions

Size

14 KB

Referenced Files

None

Subscribers

None

D51707.diff
View Options

	diff --git a/sbin/ifconfig/ifbridge.c b/sbin/ifconfig/ifbridge.c
	--- a/sbin/ifconfig/ifbridge.c
	+++ b/sbin/ifconfig/ifbridge.c
	@@ -60,6 +60,10 @@

	#include "ifconfig.h"

	+static int parse_vlans(ifbvlan_set_t set, const char str);
	+static int get_val(const char cp, u_long valp);
	+static int get_vlan_id(const char cp, ether_vlanid_t valp);
	+
	static const char *stpstates[] = { STP_STATES };
	static const char *stpproto[] = { STP_PROTOS };
	static const char *stproles[] = { STP_ROLES };
	@@ -288,15 +292,62 @@
	ifconfig_bridge_free_bridge_status(bridge);
	}

	-static void
	-setbridge_add(if_ctx ctx, const char val, int dummy __unused)
	+static int
	+setbridge_add(if_ctx ctx, int argc, const char const *argv)
	{
	struct ifbreq req;
	+ struct ifbif_vlan_req vlreq;
	+ int oargc = argc;

	memset(&req, 0, sizeof(req));
	- strlcpy(req.ifbr_ifsname, val, sizeof(req.ifbr_ifsname));
	+ memset(&vlreq, 0, sizeof(vlreq));
	+
	+ if (argc < 1)
	+ errx(1, "usage: addm <interface> [opts ...]");
	+
	+ strlcpy(req.ifbr_ifsname, argv[0], sizeof(req.ifbr_ifsname));
	+ --argc; ++argv;
	+
	+ while (argc) {
	+ if (strcmp(argv[0], "untagged") == 0) {
	+ if (argc < 2)
	+ errx(1, "usage: untagged <vlan id>");
	+
	+ if (get_vlan_id(argv[1], &req.ifbr_pvid) < 0)
	+ errx(1, "invalid VLAN identifier: %s", argv[1]);
	+
	+ argc -= 2;
	+ argv += 2;
	+ } else if (strcmp(argv[0], "tagged") == 0) {
	+ if (argc < 2)
	+ errx(1, "usage: tagged <vlan set>");
	+
	+ vlreq.bv_op = BRDG_VLAN_OP_SET;
	+ strlcpy(vlreq.bv_ifname, req.ifbr_ifsname,
	+ sizeof(vlreq.bv_ifname));
	+ if (parse_vlans(&vlreq.bv_set, argv[1]) != 0)
	+ errx(1, "invalid vlan set: %s", argv[1]);
	+
	+ argc -= 2;
	+ argv += 2;
	+ } else {
	+ break;
	+ }
	+ }
	+
	if (do_cmd(ctx, BRDGADD, &req, sizeof(req), 1) < 0)
	- err(1, "BRDGADD %s", val);
	+ err(1, "BRDGADD %s", req.ifbr_ifsname);
	+
	+ if (req.ifbr_pvid != 0 &&
	+ do_cmd(ctx, BRDGSIFPVID, &req, sizeof(req), 1) < 0)
	+ err(1, "BRDGSIFPVID %s %u", req.ifbr_ifsname,
	+ (unsigned)req.ifbr_pvid);
	+
	+ if (vlreq.bv_op != 0 &&
	+ do_cmd(ctx, BRDGSIFVLANSET, &vlreq, sizeof(vlreq), 1) < 0)
	+ err(1, "BRDGSIFVLANSET %s", req.ifbr_ifsname);
	+
	+ return (oargc - argc);
	}

	static void
	@@ -684,7 +735,7 @@
	}

	static void
	-setbridge_untagged(if_ctx ctx, const char ifn, const char *vlanid)
	+setbridge_ifuntagged(if_ctx ctx, const char ifn, const char *vlanid)
	{
	struct ifbreq req;

	@@ -699,7 +750,7 @@
	}

	static void
	-unsetbridge_untagged(if_ctx ctx, const char ifn, int dummy __unused)
	+unsetbridge_ifuntagged(if_ctx ctx, const char ifn, int dummy __unused)
	{
	struct ifbreq req;

	@@ -831,19 +882,19 @@
	}

	static void
	-setbridge_tagged(if_ctx ctx, const char ifn, const char *vlans)
	+setbridge_iftagged(if_ctx ctx, const char ifn, const char *vlans)
	{
	set_bridge_vlanset(ctx, ifn, vlans, BRDG_VLAN_OP_SET);
	}

	static void
	-addbridge_tagged(if_ctx ctx, const char ifn, const char *vlans)
	+addbridge_iftagged(if_ctx ctx, const char ifn, const char *vlans)
	{
	set_bridge_vlanset(ctx, ifn, vlans, BRDG_VLAN_OP_ADD);
	}

	static void
	-delbridge_tagged(if_ctx ctx, const char ifn, const char *vlans)
	+delbridge_iftagged(if_ctx ctx, const char ifn, const char *vlans)
	{
	set_bridge_vlanset(ctx, ifn, vlans, BRDG_VLAN_OP_DEL);
	}
	@@ -933,7 +984,7 @@
	}

	static struct cmd bridge_cmds[] = {
	- DEF_CMD_ARG("addm", setbridge_add),
	+ DEF_CMD_VARG("addm", setbridge_add),
	DEF_CMD_ARG("deletem", setbridge_delete),
	DEF_CMD_ARG("discover", setbridge_discover),
	DEF_CMD_ARG("-discover", unsetbridge_discover),
	@@ -968,11 +1019,11 @@
	DEF_CMD_ARG2("ifpriority", setbridge_ifpriority),
	DEF_CMD_ARG2("ifpathcost", setbridge_ifpathcost),
	DEF_CMD_ARG2("ifmaxaddr", setbridge_ifmaxaddr),
	- DEF_CMD_ARG2("untagged", setbridge_untagged),
	- DEF_CMD_ARG("-untagged", unsetbridge_untagged),
	- DEF_CMD_ARG2("tagged", setbridge_tagged),
	- DEF_CMD_ARG2("+tagged", addbridge_tagged),
	- DEF_CMD_ARG2("-tagged", delbridge_tagged),
	+ DEF_CMD_ARG2("ifuntagged", setbridge_ifuntagged),
	+ DEF_CMD_ARG("-ifuntagged", unsetbridge_ifuntagged),
	+ DEF_CMD_ARG2("iftagged", setbridge_iftagged),
	+ DEF_CMD_ARG2("+iftagged", addbridge_iftagged),
	+ DEF_CMD_ARG2("-iftagged", delbridge_iftagged),
	DEF_CMD_ARG2("ifvlanproto", setbridge_ifvlanproto),
	DEF_CMD_ARG("timeout", setbridge_timeout),
	DEF_CMD_ARG("private", setbridge_private),
	diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
	--- a/sbin/ifconfig/ifconfig.8
	+++ b/sbin/ifconfig/ifconfig.8
	@@ -2494,12 +2494,27 @@
	.Ss Bridge Interface Parameters
	The following parameters are specific to bridge interfaces:
	.Bl -tag -width indent
	-.It Cm addm Ar interface
	+.It Cm addm Ar interface Op Ar options ...
	Add the interface named by
	.Ar interface
	as a member of the bridge.
	The interface is put into promiscuous mode
	so that it can receive every packet sent on the network.
	+.Pp
	+The interface name may be followed by one or more of the following
	+.Ar options :
	+.Bl -tag -width ".Cm untagged Ar vlan-id"
	+.It Cm untagged Ar vlan-id
	+Set the untagged VLAN identifier for the interface.
	+This is equivalent to the
	+.Cm ifuntagged
	+command.
	+.It Cm tagged Ar vlan-set
	+Set the allowed VLAN list for the interface.
	+This is equivalent to the
	+.Cm iftagged
	+command.
	+.El
	.It Cm deletem Ar interface
	Remove the interface named by
	.Ar interface
	@@ -2715,9 +2730,9 @@
	.It Cm -vlanfilter
	Disable VLAN filtering on the bridge.
	This is the default.
	-.It Cm untagged Ar interface Ar vlan-id
	+.It Cm ifuntagged Ar interface Ar vlan-id
	Set the untagged VLAN identifier for an interface.
	-.It Cm -untagged Ar interface Ar vlan-id
	+.It Cm -ifuntagged Ar interface Ar vlan-id
	Clear the untagged VLAN identifier for an interface.
	.It Cm defuntagged Ar vlan-id
	Enable the
	@@ -2727,7 +2742,7 @@
	Do not enable the
	.Cm untagged
	option by default on newly added members.
	-.It Cm tagged Ar interface Ar vlan-list
	+.It Cm iftagged Ar interface Ar vlan-list
	Set the interface's VLAN access list to the provided list of VLANs.
	The list should be a comma-separated list of one or more VLAN IDs
	or ranges formatted as
	@@ -2738,15 +2753,15 @@
	or the value
	.Dq all
	meaning all VLANs (1-4094).
	-.It Cm +tagged Ar interface Ar vlan-list
	+.It Cm +iftagged Ar interface Ar vlan-list
	Add the provided list of VLAN IDs to the interface's VLAN access list.
	The list should be formatted as described for
	-.Cm tagged .
	-.It Cm -tagged Ar interface Ar vlan-list
	+.Cm iftagged .
	+.It Cm -iftagged Ar interface Ar vlan-list
	Remove the provided list of VLAN IDs from the interface's VLAN access
	list.
	The list should be formatted as described for
	-.Cm tagged .
	+.Cm iftagged .
	.It Cm qinq Ar interface
	Allow this interface to send 802.1ad
	.Dq Q-in-Q
	diff --git a/tests/sys/net/if_bridge_test.sh b/tests/sys/net/if_bridge_test.sh
	--- a/tests/sys/net/if_bridge_test.sh
	+++ b/tests/sys/net/if_bridge_test.sh
	@@ -922,15 +922,15 @@
	ifconfig ${bridge} vlanfilter up
	ifconfig ${epone}a up
	ifconfig ${eptwo}a up
	- ifconfig ${bridge} addm ${epone}a untagged ${epone}a 20
	- ifconfig ${bridge} addm ${eptwo}a untagged ${eptwo}a 20
	+ ifconfig ${bridge} addm ${epone}a untagged 20
	+ ifconfig ${bridge} addm ${eptwo}a untagged 20

	# With VLAN filtering enabled, traffic should be passed.
	atf_check -s exit:0 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	atf_check -s exit:0 -o ignore jexec two ping -c 3 -t 1 192.0.2.1

	# Removed the untagged VLAN on one port; traffic should not be passed.
	- ifconfig ${bridge} -untagged ${epone}a
	+ ifconfig ${bridge} -ifuntagged ${epone}a
	atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
	}
	@@ -966,10 +966,8 @@
	atf_check -s exit:0 ifconfig ${bridge} vlanfilter up
	atf_check -s exit:0 ifconfig ${epone}a up
	atf_check -s exit:0 ifconfig ${eptwo}a up
	- atf_check -s exit:0 ifconfig ${bridge} \
	- addm ${epone}a untagged ${epone}a 20
	- atf_check -s exit:0 ifconfig ${bridge} \
	- addm ${eptwo}a untagged ${eptwo}a 30
	+ atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a untagged 20
	+ atf_check -s exit:0 ifconfig ${bridge} addm ${eptwo}a untagged 30

	atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
	@@ -1011,10 +1009,8 @@
	atf_check -s exit:0 ifconfig ${bridge} vlanfilter up
	atf_check -s exit:0 ifconfig ${epone}a up
	atf_check -s exit:0 ifconfig ${eptwo}a up
	- atf_check -s exit:0 ifconfig ${bridge} \
	- addm ${epone}a untagged ${epone}a 20
	- atf_check -s exit:0 ifconfig ${bridge} \
	- addm ${eptwo}a untagged ${eptwo}a 20
	+ atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a untagged 20
	+ atf_check -s exit:0 ifconfig ${bridge} addm ${eptwo}a untagged 20

	# Tagged frames should not be passed.
	atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	@@ -1055,10 +1051,8 @@
	bridge=$(vnet_mkbridge)

	atf_check -s exit:0 ifconfig ${bridge} vlanfilter up
	- atf_check -s exit:0 ifconfig ${bridge} \
	- addm ${epone}a untagged ${epone}a 20
	- atf_check -s exit:0 ifconfig ${bridge} addm ${eptwo}a \
	- tagged ${eptwo}a 20
	+ atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a untagged 20
	+ atf_check -s exit:0 ifconfig ${bridge} addm ${eptwo}a tagged 20

	atf_check -s exit:0 ifconfig ${epone}a up
	atf_check -s exit:0 ifconfig ${eptwo}a up
	@@ -1116,25 +1110,25 @@
	# Set the untagged vlan on both ports to 20 and make sure traffic is
	# still blocked. We intentionally do not pass tagged traffic for the
	# untagged vlan.
	- atf_check -s exit:0 ifconfig ${bridge} untagged ${epone}a 20
	- atf_check -s exit:0 ifconfig ${bridge} untagged ${eptwo}a 20
	+ atf_check -s exit:0 ifconfig ${bridge} ifuntagged ${epone}a 20
	+ atf_check -s exit:0 ifconfig ${bridge} ifuntagged ${eptwo}a 20

	atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1

	- atf_check -s exit:0 ifconfig ${bridge} -untagged ${epone}a
	- atf_check -s exit:0 ifconfig ${bridge} -untagged ${eptwo}a
	+ atf_check -s exit:0 ifconfig ${bridge} -ifuntagged ${epone}a
	+ atf_check -s exit:0 ifconfig ${bridge} -ifuntagged ${eptwo}a

	# Add VLANs 10-30 to the access list; now access should be allowed.
	- atf_check -s exit:0 ifconfig ${bridge} +tagged ${epone}a 10-30
	- atf_check -s exit:0 ifconfig ${bridge} +tagged ${eptwo}a 10-30
	+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${epone}a 10-30
	+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${eptwo}a 10-30
	atf_check -s exit:0 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	atf_check -s exit:0 -o ignore jexec two ping -c 3 -t 1 192.0.2.1

	# Remove vlan 20 from the access list, now access should be blocked
	# again.
	- atf_check -s exit:0 ifconfig ${bridge} -tagged ${epone}a 20
	- atf_check -s exit:0 ifconfig ${bridge} -tagged ${eptwo}a 20
	+ atf_check -s exit:0 ifconfig ${bridge} -iftagged ${epone}a 20
	+ atf_check -s exit:0 ifconfig ${bridge} -iftagged ${eptwo}a 20
	atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
	}
	@@ -1145,16 +1139,16 @@
	}

	#
	-# Test the ifconfig 'tagged' option.
	+# Test the ifconfig 'iftagged' option.
	#
	-atf_test_case "vlan_ifconfig_tagged" "cleanup"
	-vlan_ifconfig_tagged_head()
	+atf_test_case "vlan_ifconfig_iftagged" "cleanup"
	+vlan_ifconfig_iftagged_head()
	{
	- atf_set descr 'test the ifconfig tagged option'
	+ atf_set descr 'test the ifconfig iftagged option'
	atf_set require.user root
	}

	-vlan_ifconfig_tagged_body()
	+vlan_ifconfig_iftagged_body()
	{
	vnet_init
	vnet_init_bridge
	@@ -1170,34 +1164,34 @@
	atf_check -s exit:0 -o not-match:"tagged" ifconfig ${bridge}

	# Add vlans 100-149.
	- atf_check -s exit:0 ifconfig ${bridge} tagged ${ep}a 100-149
	+ atf_check -s exit:0 ifconfig ${bridge} iftagged ${ep}a 100-149
	atf_check -s exit:0 -o match:"tagged 100-149" ifconfig ${bridge}

	# Replace the vlan list with 139-199.
	- atf_check -s exit:0 ifconfig ${bridge} tagged ${ep}a 139-199
	+ atf_check -s exit:0 ifconfig ${bridge} iftagged ${ep}a 139-199
	atf_check -s exit:0 -o match:"tagged 139-199" ifconfig ${bridge}

	# Add vlans 100-170.
	- atf_check -s exit:0 ifconfig ${bridge} +tagged ${ep}a 100-170
	+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${ep}a 100-170
	atf_check -s exit:0 -o match:"tagged 100-199" ifconfig ${bridge}

	# Remove vlans 104, 105, and 150-159
	- atf_check -s exit:0 ifconfig ${bridge} -tagged ${ep}a 104,105,150-159
	+ atf_check -s exit:0 ifconfig ${bridge} -iftagged ${ep}a 104,105,150-159
	atf_check -s exit:0 -o match:"tagged 100-103,106-149,160-199" \
	ifconfig ${bridge}

	# Remove the entire vlan list.
	- atf_check -s exit:0 ifconfig ${bridge} tagged ${ep}a none
	+ atf_check -s exit:0 ifconfig ${bridge} iftagged ${ep}a none
	atf_check -s exit:0 -o not-match:"tagged" ifconfig ${bridge}

	# Test some invalid vlans sets.
	for bad_vlan in -1 0 4096 4097 foo 0-10 4000-5000 foo-40 40-foo; do
	atf_check -s exit:1 -e ignore \
	- ifconfig ${bridge} tagged "$bad_vlan"
	+ ifconfig ${bridge} iftagged "$bad_vlan"
	done
	}

	-vlan_ifconfig_tagged_cleanup()
	+vlan_ifconfig_iftagged_cleanup()
	{
	vnet_cleanup
	}
	@@ -1229,8 +1223,7 @@

	atf_check -s exit:0 ifconfig ${bridge} vlanfilter up
	atf_check -s exit:0 ifconfig ${epone}a up
	- atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a \
	- tagged ${epone}a 20
	+ atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a tagged 20

	svi=$(vnet_mkvlan)
	atf_check -s exit:0 ifconfig ${svi} vlan 20 vlandev ${bridge}
	@@ -1294,8 +1287,8 @@
	atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1

	# Add the provider tag to the access list; now traffic should be passed.
	- atf_check -s exit:0 ifconfig ${bridge} +tagged ${epone}a 5
	- atf_check -s exit:0 ifconfig ${bridge} +tagged ${eptwo}a 5
	+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${epone}a 5
	+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${eptwo}a 5
	atf_check -s exit:0 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
	atf_check -s exit:0 -o ignore jexec two ping -c 3 -t 1 192.0.2.1

	@@ -1411,7 +1404,7 @@
	atf_add_test_case "vlan_pvid_filtered"
	atf_add_test_case "vlan_pvid_tagged"
	atf_add_test_case "vlan_filtering"
	- atf_add_test_case "vlan_ifconfig_tagged"
	+ atf_add_test_case "vlan_ifconfig_iftagged"
	atf_add_test_case "vlan_svi"
	atf_add_test_case "vlan_qinq"
	atf_add_test_case "vlan_defuntagged"

File Metadata

Mime Type: text/plain
Expires: Fri, Jun 26, 7:04 PM (9 m, 23 s)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 34366122
Default Alt Text: D51707.diff (14 KB)

D51707.diffNo OneTemporaryActions

D51707.diffView Options

File Metadata

Event Timeline

D51707.diff
No OneTemporary
Actions

D51707.diff
View Options