Extend whitelist with possibility to blacklist.

It is possible to specify patterns like "*,!eth1" to blacklist "eth1"
or something like "eth*,wlan*,!wlan*master" to listen to all eth
interfaces and wlan interfaces with the exception of interfaces like
"wlan0master".

diff --git a/CHANGELOG b/CHANGELOG
index 29f02f6e2a0f78d7fe184e6fd9fac410a8c96227..1a1e9d017f9fd64c08d963decfb91147ca62bcb7 100644 (file)
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 lldpd (0.5.5)
   * Features:
     + Support for PPVID and PI Dot1 TLV, thanks to Shuah Khan.
+    + Extend whitelist with possibility to blacklist.
   * Fixes:
     + Key/value output was incorrect when a dot was present in
       interface names. This is fixed but it is preferable to use XML

diff --git a/man/lldpd.8 b/man/lldpd.8
index 0f97c57c5a53e7776807d90c12ebf0ec9ea0875c..4347648545a40449b68e29befcd390efb02c743e 100644 (file)
--- a/man/lldpd.8
+++ b/man/lldpd.8
@@ -122,6 +122,17 @@ Specify which interface to listen to. Without this option,
 .Nm
 will listen on all available interfaces. This option can use
 wildcards. Several interfaces can be specified separated by commas.
+It is also possible to blacklist an interface by suffixing it with an
+exclamation mark. When an interface is both specified with and without
+an exclamation mark, it is blacklisted. For example, with
+.Em eth*,!eth1,!eth2
+.Nm
+will only listen to interfaces starting by
+.Em eth
+with the exception of
+.Em eth1
+and
+.Em eth2 .
 .It Fl M Ar class
 Enable emission of LLDP-MED frame. The class should be one of the
 following value:

diff --git a/src/interfaces.c b/src/interfaces.c
index 8ecc7f6e1d5a0c36c4cd54bc2eab69cb2b086141..918bf3c32421a11f11fc231929142b15bca1b2a7 100644 (file)
--- a/src/interfaces.c
+++ b/src/interfaces.c
@@ -741,6 +741,7 @@ lldpd_ifh_whitelist(struct lldpd *cfg, struct ifaddrs *ifap)
        struct ifaddrs *ifa;
        char *interfaces = NULL;
        char *pattern;
+       int   whitelisted;
 
        if (!cfg->g_interfaces)
                return;
@@ -752,15 +753,21 @@ lldpd_ifh_whitelist(struct lldpd *cfg, struct ifaddrs *ifap)
        for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) {
                if (ifa->ifa_flags == 0) continue; /* Already handled by someone else */
                strcpy(interfaces, cfg->g_interfaces); /* Restore our list of interfaces */
-               pattern = strtok(interfaces, ",");
-               while (pattern != NULL) {
-                       if (fnmatch(pattern, ifa->ifa_name, 0) == 0) {
-                               /* This interface is whitelisted */
+               whitelisted = 0;
+               ;
+               for (whitelisted = 0, pattern = strtok(interfaces, ",");
+                    pattern != NULL;
+                    pattern = strtok(NULL, ",")) {
+                       if ((pattern[0] == '!') &&
+                           ((fnmatch(pattern + 1, ifa->ifa_name, 0) == 0))) {
+                               /* Blacklisted. Definitive */
+                               whitelisted = 0;
                                break;
                        }
-                       pattern = strtok(NULL, ",");
+                       if (fnmatch(pattern, ifa->ifa_name, 0) == 0)
+                               whitelisted = 1;
                }
-               if (pattern == NULL) {
+               if (!whitelisted) {
                        /* This interface was not found. We flag it. */
                        LLOG_DEBUG("blacklist %s", ifa->ifa_name);
                        ifa->ifa_flags = 0;

diff --git a/src/lldpd.c b/src/lldpd.c
index 36ff4d8316624f9052065c8bceebfc124e9afe18..ce3734832aceae6cab801168ed724f2c7379b281 100644 (file)
--- a/src/lldpd.c
+++ b/src/lldpd.c
@@ -115,6 +115,7 @@ usage(void)
        fprintf(stderr, "-S descr Override the default system description.\n");
        fprintf(stderr, "-m IP    Specify the management address of this system.\n");
        fprintf(stderr, "-H mode  Specify the behaviour when detecting multiple neighbors.\n");
+       fprintf(stderr, "-I iface Limit interfaces to use.\n")
 #ifdef ENABLE_LLDPMED
        fprintf(stderr, "-M class Enable emission of LLDP-MED frame. 'class' should be one of:\n");
        fprintf(stderr, "             1 Generic Endpoint (Class I)\n");