All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] iproute: disallow ip rule del without parameters
@ 2016-08-24 20:43 Andrey Jr. Melnikov
  2016-08-29 17:53 ` Stephen Hemminger
  0 siblings, 1 reply; 4+ messages in thread
From: Andrey Jr. Melnikov @ 2016-08-24 20:43 UTC (permalink / raw)
  To: Stephen Hemminger; +Cc: netdev

Disallow run `ip rule del` without any parameter to avoid delete any first
rule from table.

Signed-off-by: Andrey Jr. Melnikov <temnota.am@gmail.com>
---

diff --git a/ip/iprule.c b/ip/iprule.c
index 8f24206..70562c5 100644
--- a/ip/iprule.c
+++ b/ip/iprule.c
@@ -346,6 +346,11 @@ static int iprule_modify(int cmd, int argc, char **argv)
 		req.r.rtm_type = RTN_UNICAST;
 	}
 
+	if (cmd == RTM_DELRULE && argc == 0) {
+		fprintf(stderr, "\"ip rule del\" requires arguments.\n");
+		return -1;
+	}
+
 	while (argc > 0) {
 		if (strcmp(*argv, "not") == 0) {
 			req.r.rtm_flags |= FIB_RULE_INVERT;

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] iproute: disallow ip rule del without parameters
  2016-08-24 20:43 [PATCH] iproute: disallow ip rule del without parameters Andrey Jr. Melnikov
@ 2016-08-29 17:53 ` Stephen Hemminger
  2016-08-30 11:51   ` Michal Kubecek
  0 siblings, 1 reply; 4+ messages in thread
From: Stephen Hemminger @ 2016-08-29 17:53 UTC (permalink / raw)
  To: Andrey Jr. Melnikov; +Cc: Stephen Hemminger, netdev

On Wed, 24 Aug 2016 23:43:00 +0300
"Andrey Jr. Melnikov" <temnota.am@gmail.com> wrote:

> Disallow run `ip rule del` without any parameter to avoid delete any first
> rule from table.
> 
> Signed-off-by: Andrey Jr. Melnikov <temnota.am@gmail.com>
> ---
> 
> diff --git a/ip/iprule.c b/ip/iprule.c
> index 8f24206..70562c5 100644
> --- a/ip/iprule.c
> +++ b/ip/iprule.c
> @@ -346,6 +346,11 @@ static int iprule_modify(int cmd, int argc, char **argv)
>  		req.r.rtm_type = RTN_UNICAST;
>  	}
>  
> +	if (cmd == RTM_DELRULE && argc == 0) {
> +		fprintf(stderr, "\"ip rule del\" requires arguments.\n");
> +		return -1;
> +	}
> +
>  	while (argc > 0) {
>  		if (strcmp(*argv, "not") == 0) {
>  			req.r.rtm_flags |= FIB_RULE_INVERT;


Actually ip rule delete without arguments deletes all rules.
Which could be a bug or feature depending on the user.
I can imagine somebody is doing something like deleting all rules
and putting in new ones for PBR.

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] iproute: disallow ip rule del without parameters
  2016-08-29 17:53 ` Stephen Hemminger
@ 2016-08-30 11:51   ` Michal Kubecek
  2016-09-01 16:05     ` Stephen Hemminger
  0 siblings, 1 reply; 4+ messages in thread
From: Michal Kubecek @ 2016-08-30 11:51 UTC (permalink / raw)
  To: Stephen Hemminger; +Cc: Andrey Jr. Melnikov, Stephen Hemminger, netdev

On Mon, Aug 29, 2016 at 10:53:25AM -0700, Stephen Hemminger wrote:
> On Wed, 24 Aug 2016 23:43:00 +0300
> "Andrey Jr. Melnikov" <temnota.am@gmail.com> wrote:
> 
> > Disallow run `ip rule del` without any parameter to avoid delete any first
> > rule from table.
...
> Actually ip rule delete without arguments deletes all rules.
> Which could be a bug or feature depending on the user.
> I can imagine somebody is doing something like deleting all rules
> and putting in new ones for PBR.

We have "ip rule flush" for that, don't we?

Michal Kubecek

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] iproute: disallow ip rule del without parameters
  2016-08-30 11:51   ` Michal Kubecek
@ 2016-09-01 16:05     ` Stephen Hemminger
  0 siblings, 0 replies; 4+ messages in thread
From: Stephen Hemminger @ 2016-09-01 16:05 UTC (permalink / raw)
  To: Michal Kubecek; +Cc: Andrey Jr. Melnikov, Stephen Hemminger, netdev

On Tue, 30 Aug 2016 13:51:56 +0200
Michal Kubecek <mkubecek@suse.cz> wrote:

> On Mon, Aug 29, 2016 at 10:53:25AM -0700, Stephen Hemminger wrote:
> > On Wed, 24 Aug 2016 23:43:00 +0300
> > "Andrey Jr. Melnikov" <temnota.am@gmail.com> wrote:
> >   
> > > Disallow run `ip rule del` without any parameter to avoid delete any first
> > > rule from table.  
> ...
> > Actually ip rule delete without arguments deletes all rules.
> > Which could be a bug or feature depending on the user.
> > I can imagine somebody is doing something like deleting all rules
> > and putting in new ones for PBR.  
> 
> We have "ip rule flush" for that, don't we?
> 
> Michal Kubecek

I went ahead and applied this, seemed better to give error than deleting
all rules.

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-09-01 16:05 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-08-24 20:43 [PATCH] iproute: disallow ip rule del without parameters Andrey Jr. Melnikov
2016-08-29 17:53 ` Stephen Hemminger
2016-08-30 11:51   ` Michal Kubecek
2016-09-01 16:05     ` Stephen Hemminger

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.