From: Vincent Bernat Date: Thu, 3 Nov 2011 21:44:54 +0000 (+0100) Subject: Extend whitelist with possibility to blacklist. X-Git-Tag: 0.5.5~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5abfffc2ff659d5cd4272fab472131f43ac7603b;p=thirdparty%2Flldpd.git Extend whitelist with possibility to blacklist. It is possible to specify patterns like "*,!eth1" to blacklist "eth1" or something like "eth*,wlan*,!wlan*master" to listen to all eth interfaces and wlan interfaces with the exception of interfaces like "wlan0master". --- diff --git a/CHANGELOG b/CHANGELOG index 29f02f6e..1a1e9d01 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,7 @@ lldpd (0.5.5) * Features: + Support for PPVID and PI Dot1 TLV, thanks to Shuah Khan. + + Extend whitelist with possibility to blacklist. * Fixes: + Key/value output was incorrect when a dot was present in interface names. This is fixed but it is preferable to use XML diff --git a/man/lldpd.8 b/man/lldpd.8 index 0f97c57c..43476485 100644 --- a/man/lldpd.8 +++ b/man/lldpd.8 @@ -122,6 +122,17 @@ Specify which interface to listen to. Without this option, .Nm will listen on all available interfaces. This option can use wildcards. Several interfaces can be specified separated by commas. +It is also possible to blacklist an interface by suffixing it with an +exclamation mark. When an interface is both specified with and without +an exclamation mark, it is blacklisted. For example, with +.Em eth*,!eth1,!eth2 +.Nm +will only listen to interfaces starting by +.Em eth +with the exception of +.Em eth1 +and +.Em eth2 . .It Fl M Ar class Enable emission of LLDP-MED frame. The class should be one of the following value: diff --git a/src/interfaces.c b/src/interfaces.c index 8ecc7f6e..918bf3c3 100644 --- a/src/interfaces.c +++ b/src/interfaces.c @@ -741,6 +741,7 @@ lldpd_ifh_whitelist(struct lldpd *cfg, struct ifaddrs *ifap) struct ifaddrs *ifa; char *interfaces = NULL; char *pattern; + int whitelisted; if (!cfg->g_interfaces) return; @@ -752,15 +753,21 @@ lldpd_ifh_whitelist(struct lldpd *cfg, struct ifaddrs *ifap) for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) { if (ifa->ifa_flags == 0) continue; /* Already handled by someone else */ strcpy(interfaces, cfg->g_interfaces); /* Restore our list of interfaces */ - pattern = strtok(interfaces, ","); - while (pattern != NULL) { - if (fnmatch(pattern, ifa->ifa_name, 0) == 0) { - /* This interface is whitelisted */ + whitelisted = 0; + ; + for (whitelisted = 0, pattern = strtok(interfaces, ","); + pattern != NULL; + pattern = strtok(NULL, ",")) { + if ((pattern[0] == '!') && + ((fnmatch(pattern + 1, ifa->ifa_name, 0) == 0))) { + /* Blacklisted. Definitive */ + whitelisted = 0; break; } - pattern = strtok(NULL, ","); + if (fnmatch(pattern, ifa->ifa_name, 0) == 0) + whitelisted = 1; } - if (pattern == NULL) { + if (!whitelisted) { /* This interface was not found. We flag it. */ LLOG_DEBUG("blacklist %s", ifa->ifa_name); ifa->ifa_flags = 0; diff --git a/src/lldpd.c b/src/lldpd.c index 36ff4d83..ce373483 100644 --- a/src/lldpd.c +++ b/src/lldpd.c @@ -115,6 +115,7 @@ usage(void) fprintf(stderr, "-S descr Override the default system description.\n"); fprintf(stderr, "-m IP Specify the management address of this system.\n"); fprintf(stderr, "-H mode Specify the behaviour when detecting multiple neighbors.\n"); + fprintf(stderr, "-I iface Limit interfaces to use.\n") #ifdef ENABLE_LLDPMED fprintf(stderr, "-M class Enable emission of LLDP-MED frame. 'class' should be one of:\n"); fprintf(stderr, " 1 Generic Endpoint (Class I)\n");