From: Stephen Hemminger <stephen@networkplumber.org>
To: "Andrey Jr. Melnikov" <temnota.am@gmail.com>
Cc: Stephen Hemminger <shemminger@osdl.org>, netdev@vger.kernel.org
Subject: Re: [PATCH] iproute: disallow ip rule del without parameters
Date: Mon, 29 Aug 2016 10:53:25 -0700 [thread overview]
Message-ID: <20160829105325.40230e41@xeon-e3> (raw)
In-Reply-To: <20160824204252.2melotzdx6ftzgaq@ppc.Dlink>
On Wed, 24 Aug 2016 23:43:00 +0300
"Andrey Jr. Melnikov" <temnota.am@gmail.com> wrote:
> Disallow run `ip rule del` without any parameter to avoid delete any first
> rule from table.
>
> Signed-off-by: Andrey Jr. Melnikov <temnota.am@gmail.com>
> ---
>
> diff --git a/ip/iprule.c b/ip/iprule.c
> index 8f24206..70562c5 100644
> --- a/ip/iprule.c
> +++ b/ip/iprule.c
> @@ -346,6 +346,11 @@ static int iprule_modify(int cmd, int argc, char **argv)
> req.r.rtm_type = RTN_UNICAST;
> }
>
> + if (cmd == RTM_DELRULE && argc == 0) {
> + fprintf(stderr, "\"ip rule del\" requires arguments.\n");
> + return -1;
> + }
> +
> while (argc > 0) {
> if (strcmp(*argv, "not") == 0) {
> req.r.rtm_flags |= FIB_RULE_INVERT;
Actually ip rule delete without arguments deletes all rules.
Which could be a bug or feature depending on the user.
I can imagine somebody is doing something like deleting all rules
and putting in new ones for PBR.
next prev parent reply other threads:[~2016-08-29 17:53 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-24 20:43 [PATCH] iproute: disallow ip rule del without parameters Andrey Jr. Melnikov
2016-08-29 17:53 ` Stephen Hemminger [this message]
2016-08-30 11:51 ` Michal Kubecek
2016-09-01 16:05 ` Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160829105325.40230e41@xeon-e3 \
--to=stephen@networkplumber.org \
--cc=netdev@vger.kernel.org \
--cc=shemminger@osdl.org \
--cc=temnota.am@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.