Message ID | 20170223195028.16388-1-stephen@networkplumber.org |
---|---|
State | RFC, archived |
Delegated to: | stephen hemminger |
Headers | show |
On 2/23/17 12:50 PM, Stephen Hemminger wrote: > Some use cases create Linux networking devices which are not intended for use > by normal networking. This is an enhancement to ip command to hide network > devices starting with period (like files in normal directory). Interfaces whose > name start with "." are not shown by default, and the -a (or -all) flag must > be used to show these devices. Agree that some devices need to be hidden by default -- not just from users but also other processes. This solution is very narrow, only affecting iproute2 users. Any other programs that use netlink or /proc files will continue to see those devices. I started a patch a year ago that allows devices to marked as invisible (attribute can be toggled at any time). Invisible devices do not show up in netlink dumps, proc files or notifications. Netlink dumps can request invisible devices to be included in a link dump. While it is more intrusive, it is also more complete covering all of the paths in which the device is shows up. Also, changing the default behavior for iproute2 could break existing users that have such device names.
On Thu, 23 Feb 2017 16:39:52 -0700 David Ahern <dsa@cumulusnetworks.com> wrote: > On 2/23/17 12:50 PM, Stephen Hemminger wrote: > > Some use cases create Linux networking devices which are not intended for use > > by normal networking. This is an enhancement to ip command to hide network > > devices starting with period (like files in normal directory). Interfaces whose > > name start with "." are not shown by default, and the -a (or -all) flag must > > be used to show these devices. > > Agree that some devices need to be hidden by default -- not just from > users but also other processes. > > This solution is very narrow, only affecting iproute2 users. Any other > programs that use netlink or /proc files will continue to see those devices. I want solution that works broadly. And this works for sysfs already. > I started a patch a year ago that allows devices to marked as invisible > (attribute can be toggled at any time). Invisible devices do not show up > in netlink dumps, proc files or notifications. Netlink dumps can request > invisible devices to be included in a link dump. While it is more > intrusive, it is also more complete covering all of the paths in which > the device is shows up. > > Also, changing the default behavior for iproute2 could break existing > users that have such device names. I am less worried about this. The only people using . in name already are probably Brocade, and they have similar thing in CLI to hide these devices.
On 2/23/17 5:30 PM, Stephen Hemminger wrote: > On Thu, 23 Feb 2017 16:39:52 -0700 > David Ahern <dsa@cumulusnetworks.com> wrote: > >> On 2/23/17 12:50 PM, Stephen Hemminger wrote: >>> Some use cases create Linux networking devices which are not intended for use >>> by normal networking. This is an enhancement to ip command to hide network >>> devices starting with period (like files in normal directory). Interfaces whose >>> name start with "." are not shown by default, and the -a (or -all) flag must >>> be used to show these devices. >> >> Agree that some devices need to be hidden by default -- not just from >> users but also other processes. >> >> This solution is very narrow, only affecting iproute2 users. Any other >> programs that use netlink or /proc files will continue to see those devices. > > I want solution that works broadly. And this works for sysfs already. for 'ls' maybe, but not general walking of /sys. It does not hide devices from snmpd, from ifconfig, etc., etc. >> I started a patch a year ago that allows devices to marked as invisible >> (attribute can be toggled at any time). Invisible devices do not show up >> in netlink dumps, proc files or notifications. Netlink dumps can request >> invisible devices to be included in a link dump. While it is more >> intrusive, it is also more complete covering all of the paths in which >> the device is shows up. >> >> Also, changing the default behavior for iproute2 could break existing >> users that have such device names. > > I am less worried about this. The only people using . in name already > are probably Brocade, and they have similar thing in CLI to hide these > devices. seems like a big assumption.
On Thu, 23 Feb 2017 18:07:07 -0700 David Ahern <dsa@cumulusnetworks.com> wrote: > On 2/23/17 5:30 PM, Stephen Hemminger wrote: > > On Thu, 23 Feb 2017 16:39:52 -0700 > > David Ahern <dsa@cumulusnetworks.com> wrote: > > > >> On 2/23/17 12:50 PM, Stephen Hemminger wrote: > >>> Some use cases create Linux networking devices which are not intended for use > >>> by normal networking. This is an enhancement to ip command to hide network > >>> devices starting with period (like files in normal directory). Interfaces whose > >>> name start with "." are not shown by default, and the -a (or -all) flag must > >>> be used to show these devices. > >> > >> Agree that some devices need to be hidden by default -- not just from > >> users but also other processes. > >> > >> This solution is very narrow, only affecting iproute2 users. Any other > >> programs that use netlink or /proc files will continue to see those devices. > > > > I want solution that works broadly. And this works for sysfs already. > > for 'ls' maybe, but not general walking of /sys. It does not hide > devices from snmpd, from ifconfig, etc., etc. > > > >> I started a patch a year ago that allows devices to marked as invisible > >> (attribute can be toggled at any time). Invisible devices do not show up > >> in netlink dumps, proc files or notifications. Netlink dumps can request > >> invisible devices to be included in a link dump. While it is more > >> intrusive, it is also more complete covering all of the paths in which > >> the device is shows up. > >> > >> Also, changing the default behavior for iproute2 could break existing > >> users that have such device names. > > > > I am less worried about this. The only people using . in name already > > are probably Brocade, and they have similar thing in CLI to hide these > > devices. > > > seems like a big assumption. Need a solution now, not something that requires kernel and command changes.
From: David Ahern <dsa@cumulusnetworks.com> Date: Thu, 23 Feb 2017 18:07:07 -0700 > On 2/23/17 5:30 PM, Stephen Hemminger wrote: >> On Thu, 23 Feb 2017 16:39:52 -0700 >> David Ahern <dsa@cumulusnetworks.com> wrote: >> >>> On 2/23/17 12:50 PM, Stephen Hemminger wrote: >>>> Some use cases create Linux networking devices which are not intended for use >>>> by normal networking. This is an enhancement to ip command to hide network >>>> devices starting with period (like files in normal directory). Interfaces whose >>>> name start with "." are not shown by default, and the -a (or -all) flag must >>>> be used to show these devices. >>> >>> Agree that some devices need to be hidden by default -- not just from >>> users but also other processes. >>> >>> This solution is very narrow, only affecting iproute2 users. Any other >>> programs that use netlink or /proc files will continue to see those devices. >> >> I want solution that works broadly. And this works for sysfs already. > > for 'ls' maybe, but not general walking of /sys. It does not hide > devices from snmpd, from ifconfig, etc., etc. I agree, that this is a pretty poor assumption. And relying upon tool specific behavior to provide this facility is even more special purpose. This really need to be a fundamental facility, so that it transparently works for NetworkManager, router daemons, everything. Not just iproute2 and "ls".
On Thu, Feb 23, 2017 at 05:31:14PM -0800, Stephen Hemminger wrote: > On Thu, 23 Feb 2017 18:07:07 -0700 > David Ahern <dsa@cumulusnetworks.com> wrote: > > > On 2/23/17 5:30 PM, Stephen Hemminger wrote: > > > On Thu, 23 Feb 2017 16:39:52 -0700 > > > David Ahern <dsa@cumulusnetworks.com> wrote: > > > > > >> On 2/23/17 12:50 PM, Stephen Hemminger wrote: > > >>> Some use cases create Linux networking devices which are not intended for use > > >>> by normal networking. This is an enhancement to ip command to hide network > > >>> devices starting with period (like files in normal directory). Interfaces whose > > >>> name start with "." are not shown by default, and the -a (or -all) flag must > > >>> be used to show these devices. > > >> > > >> Agree that some devices need to be hidden by default -- not just from > > >> users but also other processes. > > >> > > >> This solution is very narrow, only affecting iproute2 users. Any other > > >> programs that use netlink or /proc files will continue to see those devices. > > > > > > I want solution that works broadly. And this works for sysfs already. > > > > for 'ls' maybe, but not general walking of /sys. It does not hide > > devices from snmpd, from ifconfig, etc., etc. > > > > > > >> I started a patch a year ago that allows devices to marked as invisible > > >> (attribute can be toggled at any time). Invisible devices do not show up > > >> in netlink dumps, proc files or notifications. Netlink dumps can request > > >> invisible devices to be included in a link dump. While it is more > > >> intrusive, it is also more complete covering all of the paths in which > > >> the device is shows up. > > >> > > >> Also, changing the default behavior for iproute2 could break existing > > >> users that have such device names. > > > > > > I am less worried about this. The only people using . in name already > > > are probably Brocade, and they have similar thing in CLI to hide these > > > devices. > > > > > > seems like a big assumption. > > Need a solution now, not something that requires kernel and command changes. Why the haste? This doesn't seem like an urgent thing to fix and given the mixed feelings this provoked giving it a second thought might not be the worst idea, no? Cheers, Phil
On 2/23/17 8:12 PM, David Miller wrote: > This really need to be a fundamental facility, so that it transparently > works for NetworkManager, router daemons, everything. Not just iproute2 > and "ls". I'll rebase my patch and send out as RFC.
On Thu, Feb 23, 2017 at 11:50:28AM -0800, stephen hemminger wrote: > Some use cases create Linux networking devices which are not intended for use > by normal networking. This is an enhancement to ip command to hide network > devices starting with period (like files in normal directory). Interfaces whose > name start with "." are not shown by default, and the -a (or -all) flag must > be used to show these devices. > > Example: > $ ip -brief link show > lo UNKNOWN 00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> > eth0 UP 00:25:90:86:b3:6b <BROADCAST,MULTICAST,UP,LOWER_UP> > eth1 DOWN 00:25:90:86:b3:6a <NO-CARRIER,BROADCAST,MULTICAST,UP> > $ ip -all -brief link show > lo UNKNOWN 00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> > eth0 UP 00:25:90:86:b3:6b <BROADCAST,MULTICAST,UP,LOWER_UP> > eth1 DOWN 00:25:90:86:b3:6a <NO-CARRIER,BROADCAST,MULTICAST,UP> > .eth2 DOWN 00:1b:21:a0:e7:06 <BROADCAST,MULTICAST> I've run across a time when there was a perceived need for this with an out of tree driver that created a netdev that was never used. I was never a big fan of the attempt to hide it. It seemed like the better answer would be to try and fix the driver that is creating and registering this unnecessary netdev so it no longer appears and that was what we did. As an admin I'd be pretty frustrated if I somehow had a network issue that I could not properly debug due to a hidden network interface. If there was an extra flag that was needed to a tool like iproute2 to show the hidden device, soon admin's hands would just type 'ip -all link show' each time to get the full picture. If the concensus is that we DO want to hide devices I've seen David Ahern's set and it is much more complete than this. It is probably the better approach to not leave too many loose ends. > Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> > --- > include/utils.h | 1 + > ip/ip.c | 5 ++++- > ip/ipaddress.c | 31 ++++++++++++++++++++++++------- > man/man8/ip.8 | 5 +++++ > 4 files changed, 34 insertions(+), 8 deletions(-) > > diff --git a/include/utils.h b/include/utils.h > index 22369e0b4e03..50712d27f112 100644 > --- a/include/utils.h > +++ b/include/utils.h > @@ -16,6 +16,7 @@ extern int human_readable; > extern int use_iec; > extern int show_stats; > extern int show_details; > +extern int show_all; > extern int show_raw; > extern int resolve_hosts; > extern int oneline; > diff --git a/ip/ip.c b/ip/ip.c > index 07050b07592a..ed637b065b58 100644 > --- a/ip/ip.c > +++ b/ip/ip.c > @@ -30,6 +30,7 @@ int human_readable; > int use_iec; > int show_stats; > int show_details; > +int show_all; > int resolve_hosts; > int oneline; > int brief; > @@ -54,7 +55,7 @@ static void usage(void) > " netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |\n" > " vrf }\n" > " OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |\n" > -" -h[uman-readable] | -iec |\n" > +" -h[uman-readable] | -iec | -all |\n" > " -f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |\n" > " -4 | -6 | -I | -D | -B | -0 |\n" > " -l[oops] { maximum-addr-flush-attempts } | -br[ief] |\n" > @@ -231,6 +232,8 @@ int main(int argc, char **argv) > ++show_stats; > } else if (matches(opt, "-details") == 0) { > ++show_details; > + } else if (matches(opt, "-all") == 0) { > + ++show_all; > } else if (matches(opt, "-resolve") == 0) { > ++resolve_hosts; > } else if (matches(opt, "-oneline") == 0) { > diff --git a/ip/ipaddress.c b/ip/ipaddress.c > index 400ebb4de563..029aae100549 100644 > --- a/ip/ipaddress.c > +++ b/ip/ipaddress.c > @@ -660,6 +660,7 @@ int print_linkinfo_brief(const struct sockaddr_nl *who, > struct ifinfomsg *ifi = NLMSG_DATA(n); > struct rtattr *tb[IFLA_MAX+1]; > int len = n->nlmsg_len; > + const char *ifname; > char *name; > char buf[32] = { 0, }; > unsigned int m_flag = 0; > @@ -677,14 +678,22 @@ int print_linkinfo_brief(const struct sockaddr_nl *who, > return -1; > > parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); > - if (tb[IFLA_IFNAME] == NULL) > - fprintf(stderr, "BUG: device with ifindex %d has nil ifname\n", ifi->ifi_index); > + if (tb[IFLA_IFNAME]) > + ifname = rta_getattr_str(tb[IFLA_IFNAME]); > + else { > + fprintf(stderr, "BUG: device with ifindex %d has nil ifname\n", > + ifi->ifi_index); > + ifname = "<nil>"; > + } > > if (filter.label && > (!filter.family || filter.family == AF_PACKET) && > fnmatch(filter.label, RTA_DATA(tb[IFLA_IFNAME]), 0)) > return -1; > > + if (!filter.ifindex && *ifname == '.' && !show_all) > + return 0; > + > if (tb[IFLA_GROUP]) { > int group = *(int *)RTA_DATA(tb[IFLA_GROUP]); > > @@ -758,6 +767,7 @@ int print_linkinfo(const struct sockaddr_nl *who, > struct ifinfomsg *ifi = NLMSG_DATA(n); > struct rtattr *tb[IFLA_MAX+1]; > int len = n->nlmsg_len; > + const char *ifname; > unsigned int m_flag = 0; > > if (n->nlmsg_type != RTM_NEWLINK && n->nlmsg_type != RTM_DELLINK) > @@ -773,12 +783,20 @@ int print_linkinfo(const struct sockaddr_nl *who, > return 0; > > parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); > - if (tb[IFLA_IFNAME] == NULL) > - fprintf(stderr, "BUG: device with ifindex %d has nil ifname\n", ifi->ifi_index); > + if (tb[IFLA_IFNAME]) > + ifname = rta_getattr_str(tb[IFLA_IFNAME]); > + else { > + fprintf(stderr, "BUG: device with ifindex %d has nil ifname\n", > + ifi->ifi_index); > + ifname = "<nil>"; > + } > > if (filter.label && > (!filter.family || filter.family == AF_PACKET) && > - fnmatch(filter.label, RTA_DATA(tb[IFLA_IFNAME]), 0)) > + fnmatch(filter.label, ifname, 0)) > + return 0; > + > + if (!filter.ifindex && *ifname == '.' && !show_all) > return 0; > > if (tb[IFLA_GROUP]) { > @@ -806,8 +824,7 @@ int print_linkinfo(const struct sockaddr_nl *who, > fprintf(fp, "Deleted "); > > fprintf(fp, "%d: ", ifi->ifi_index); > - color_fprintf(fp, COLOR_IFNAME, "%s", > - tb[IFLA_IFNAME] ? rta_getattr_str(tb[IFLA_IFNAME]) : "<nil>"); > + color_fprintf(fp, COLOR_IFNAME, "%s", ifname); > > if (tb[IFLA_LINK]) { > SPRINT_BUF(b1); > diff --git a/man/man8/ip.8 b/man/man8/ip.8 > index 8ecb1996da92..813dbec2a6f2 100644 > --- a/man/man8/ip.8 > +++ b/man/man8/ip.8 > @@ -31,6 +31,7 @@ ip \- show / manipulate routing, devices, policy routing and tunnels > \fB\-h\fR[\fIuman-readable\fR] | > \fB\-s\fR[\fItatistics\fR] | > \fB\-d\fR[\fIetails\fR] | > +\fB\-a\fR[\fll\fR] | > \fB\-r\fR[\fIesolve\fR] | > \fB\-iec\fR | > \fB\-f\fR[\fIamily\fR] { > @@ -84,6 +85,10 @@ As a rule, the information is statistics or some time values. > Output more detailed information. > > .TP > +.BR "\-a" , " \-all" > +Show all devices, do not ignore entries starting with period. > + > +.TP > .BR "\-l" , " \-loops " <COUNT> > Specify maximum number of loops the 'ip address flush' logic > will attempt before giving up. The default is 10.
Le 24/02/2017 à 16:52, David Ahern a écrit : > On 2/23/17 8:12 PM, David Miller wrote: >> This really need to be a fundamental facility, so that it transparently >> works for NetworkManager, router daemons, everything. Not just iproute2 >> and "ls". > > I'll rebase my patch and send out as RFC. > David, did you finally send those patches? Thank you, Nicolas
On 5/4/17 9:15 AM, Nicolas Dichtel wrote: > Le 24/02/2017 à 16:52, David Ahern a écrit : >> On 2/23/17 8:12 PM, David Miller wrote: >>> This really need to be a fundamental facility, so that it transparently >>> works for NetworkManager, router daemons, everything. Not just iproute2 >>> and "ls". >> >> I'll rebase my patch and send out as RFC. >> > David, did you finally send those patches? > No, but for a few reasons. It is easy to hide devices in a dump: https://github.com/dsahern/linux/commit/48a80a00eac284e58bae04af10a5a932dd7aee00 But I think those devices should also not exist in sysfs or procfs which overlaps what I would like to see for lightweight netdevices: https://github.com/dsahern/linux/commit/70574be699cf252e77f71e3df11192438689f976 and to be complete, hidden devices should not be allowed to have a network address or transmit packets which is the L2 only intent from Florian: https://www.spinics.net/lists/netdev/msg340808.html
On 05/04/2017 09:37 AM, David Ahern wrote: > On 5/4/17 9:15 AM, Nicolas Dichtel wrote: >> Le 24/02/2017 à 16:52, David Ahern a écrit : >>> On 2/23/17 8:12 PM, David Miller wrote: >>>> This really need to be a fundamental facility, so that it transparently >>>> works for NetworkManager, router daemons, everything. Not just iproute2 >>>> and "ls". >>> >>> I'll rebase my patch and send out as RFC. >>> >> David, did you finally send those patches? >> > > No, but for a few reasons. > > It is easy to hide devices in a dump: > > https://github.com/dsahern/linux/commit/48a80a00eac284e58bae04af10a5a932dd7aee00 > > > But I think those devices should also not exist in sysfs or procfs which > overlaps what I would like to see for lightweight netdevices: > > https://github.com/dsahern/linux/commit/70574be699cf252e77f71e3df11192438689f976 Interesting that does indeed solve the same problems as the L2 only patch set intended. I am not exactly sure if hiding the devices from procfs/sysfs would be appropriate in my case (dumb L2 only switch that only does 802.1q for instance), but why not. > > > and to be complete, hidden devices should not be allowed to have a > network address or transmit packets which is the L2 only intent from > Florian: > https://www.spinics.net/lists/netdev/msg340808.html > Do you plan on submitting the LWT patch set at some point?
On 5/4/17 1:10 PM, Florian Fainelli wrote: > On 05/04/2017 09:37 AM, David Ahern wrote: >> On 5/4/17 9:15 AM, Nicolas Dichtel wrote: >>> Le 24/02/2017 à 16:52, David Ahern a écrit : >>>> On 2/23/17 8:12 PM, David Miller wrote: >>>>> This really need to be a fundamental facility, so that it transparently >>>>> works for NetworkManager, router daemons, everything. Not just iproute2 >>>>> and "ls". >>>> >>>> I'll rebase my patch and send out as RFC. >>>> >>> David, did you finally send those patches? >>> >> >> No, but for a few reasons. >> >> It is easy to hide devices in a dump: >> >> https://github.com/dsahern/linux/commit/48a80a00eac284e58bae04af10a5a932dd7aee00 >> >> >> But I think those devices should also not exist in sysfs or procfs which >> overlaps what I would like to see for lightweight netdevices: >> >> https://github.com/dsahern/linux/commit/70574be699cf252e77f71e3df11192438689f976 > > Interesting that does indeed solve the same problems as the L2 only > patch set intended. I am not exactly sure if hiding the devices from > procfs/sysfs would be appropriate in my case (dumb L2 only switch that > only does 802.1q for instance), but why not. > > >> >> >> and to be complete, hidden devices should not be allowed to have a >> network address or transmit packets which is the L2 only intent from >> Florian: >> https://www.spinics.net/lists/netdev/msg340808.html >> > > Do you plan on submitting the LWT patch set at some point? Definitely. Maybe I can find some time this weekend.
On Thu, 4 May 2017 13:47:36 -0600, David Ahern wrote: > On 5/4/17 1:10 PM, Florian Fainelli wrote: > > On 05/04/2017 09:37 AM, David Ahern wrote: > > Do you plan on submitting the LWT patch set at some point? > > Definitely. Maybe I can find some time this weekend. I suggest to change the name to "lwd" or so. "lwt" name is too similar to the existing "lwtunnel" infrastructure and would be very confusing. Thanks, Jiri
Le 04/05/2017 à 21:47, David Ahern a écrit : > On 5/4/17 1:10 PM, Florian Fainelli wrote: >> On 05/04/2017 09:37 AM, David Ahern wrote: >>> On 5/4/17 9:15 AM, Nicolas Dichtel wrote: >>>> Le 24/02/2017 à 16:52, David Ahern a écrit : >>>>> On 2/23/17 8:12 PM, David Miller wrote: >>>>>> This really need to be a fundamental facility, so that it transparently >>>>>> works for NetworkManager, router daemons, everything. Not just iproute2 >>>>>> and "ls". >>>>> >>>>> I'll rebase my patch and send out as RFC. >>>>> >>>> David, did you finally send those patches? >>>> >>> >>> No, but for a few reasons. >>> >>> It is easy to hide devices in a dump: >>> >>> https://github.com/dsahern/linux/commit/48a80a00eac284e58bae04af10a5a932dd7aee00 >>> >>> >>> But I think those devices should also not exist in sysfs or procfs which >>> overlaps what I would like to see for lightweight netdevices: >>> >>> https://github.com/dsahern/linux/commit/70574be699cf252e77f71e3df11192438689f976 >> >> Interesting that does indeed solve the same problems as the L2 only >> patch set intended. I am not exactly sure if hiding the devices from >> procfs/sysfs would be appropriate in my case (dumb L2 only switch that >> only does 802.1q for instance), but why not. >> >> >>> >>> >>> and to be complete, hidden devices should not be allowed to have a >>> network address or transmit packets which is the L2 only intent from >>> Florian: >>> https://www.spinics.net/lists/netdev/msg340808.html >>> >> >> Do you plan on submitting the LWT patch set at some point? > > Definitely. Maybe I can find some time this weekend. > Ok, thank you for the details. I agree with Jiri that the name should be something different than lwt. Regards, Nicolas
diff --git a/include/utils.h b/include/utils.h index 22369e0b4e03..50712d27f112 100644 --- a/include/utils.h +++ b/include/utils.h @@ -16,6 +16,7 @@ extern int human_readable; extern int use_iec; extern int show_stats; extern int show_details; +extern int show_all; extern int show_raw; extern int resolve_hosts; extern int oneline; diff --git a/ip/ip.c b/ip/ip.c index 07050b07592a..ed637b065b58 100644 --- a/ip/ip.c +++ b/ip/ip.c @@ -30,6 +30,7 @@ int human_readable; int use_iec; int show_stats; int show_details; +int show_all; int resolve_hosts; int oneline; int brief; @@ -54,7 +55,7 @@ static void usage(void) " netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |\n" " vrf }\n" " OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |\n" -" -h[uman-readable] | -iec |\n" +" -h[uman-readable] | -iec | -all |\n" " -f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |\n" " -4 | -6 | -I | -D | -B | -0 |\n" " -l[oops] { maximum-addr-flush-attempts } | -br[ief] |\n" @@ -231,6 +232,8 @@ int main(int argc, char **argv) ++show_stats; } else if (matches(opt, "-details") == 0) { ++show_details; + } else if (matches(opt, "-all") == 0) { + ++show_all; } else if (matches(opt, "-resolve") == 0) { ++resolve_hosts; } else if (matches(opt, "-oneline") == 0) { diff --git a/ip/ipaddress.c b/ip/ipaddress.c index 400ebb4de563..029aae100549 100644 --- a/ip/ipaddress.c +++ b/ip/ipaddress.c @@ -660,6 +660,7 @@ int print_linkinfo_brief(const struct sockaddr_nl *who, struct ifinfomsg *ifi = NLMSG_DATA(n); struct rtattr *tb[IFLA_MAX+1]; int len = n->nlmsg_len; + const char *ifname; char *name; char buf[32] = { 0, }; unsigned int m_flag = 0; @@ -677,14 +678,22 @@ int print_linkinfo_brief(const struct sockaddr_nl *who, return -1; parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); - if (tb[IFLA_IFNAME] == NULL) - fprintf(stderr, "BUG: device with ifindex %d has nil ifname\n", ifi->ifi_index); + if (tb[IFLA_IFNAME]) + ifname = rta_getattr_str(tb[IFLA_IFNAME]); + else { + fprintf(stderr, "BUG: device with ifindex %d has nil ifname\n", + ifi->ifi_index); + ifname = "<nil>"; + } if (filter.label && (!filter.family || filter.family == AF_PACKET) && fnmatch(filter.label, RTA_DATA(tb[IFLA_IFNAME]), 0)) return -1; + if (!filter.ifindex && *ifname == '.' && !show_all) + return 0; + if (tb[IFLA_GROUP]) { int group = *(int *)RTA_DATA(tb[IFLA_GROUP]); @@ -758,6 +767,7 @@ int print_linkinfo(const struct sockaddr_nl *who, struct ifinfomsg *ifi = NLMSG_DATA(n); struct rtattr *tb[IFLA_MAX+1]; int len = n->nlmsg_len; + const char *ifname; unsigned int m_flag = 0; if (n->nlmsg_type != RTM_NEWLINK && n->nlmsg_type != RTM_DELLINK) @@ -773,12 +783,20 @@ int print_linkinfo(const struct sockaddr_nl *who, return 0; parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); - if (tb[IFLA_IFNAME] == NULL) - fprintf(stderr, "BUG: device with ifindex %d has nil ifname\n", ifi->ifi_index); + if (tb[IFLA_IFNAME]) + ifname = rta_getattr_str(tb[IFLA_IFNAME]); + else { + fprintf(stderr, "BUG: device with ifindex %d has nil ifname\n", + ifi->ifi_index); + ifname = "<nil>"; + } if (filter.label && (!filter.family || filter.family == AF_PACKET) && - fnmatch(filter.label, RTA_DATA(tb[IFLA_IFNAME]), 0)) + fnmatch(filter.label, ifname, 0)) + return 0; + + if (!filter.ifindex && *ifname == '.' && !show_all) return 0; if (tb[IFLA_GROUP]) { @@ -806,8 +824,7 @@ int print_linkinfo(const struct sockaddr_nl *who, fprintf(fp, "Deleted "); fprintf(fp, "%d: ", ifi->ifi_index); - color_fprintf(fp, COLOR_IFNAME, "%s", - tb[IFLA_IFNAME] ? rta_getattr_str(tb[IFLA_IFNAME]) : "<nil>"); + color_fprintf(fp, COLOR_IFNAME, "%s", ifname); if (tb[IFLA_LINK]) { SPRINT_BUF(b1); diff --git a/man/man8/ip.8 b/man/man8/ip.8 index 8ecb1996da92..813dbec2a6f2 100644 --- a/man/man8/ip.8 +++ b/man/man8/ip.8 @@ -31,6 +31,7 @@ ip \- show / manipulate routing, devices, policy routing and tunnels \fB\-h\fR[\fIuman-readable\fR] | \fB\-s\fR[\fItatistics\fR] | \fB\-d\fR[\fIetails\fR] | +\fB\-a\fR[\fll\fR] | \fB\-r\fR[\fIesolve\fR] | \fB\-iec\fR | \fB\-f\fR[\fIamily\fR] { @@ -84,6 +85,10 @@ As a rule, the information is statistics or some time values. Output more detailed information. .TP +.BR "\-a" , " \-all" +Show all devices, do not ignore entries starting with period. + +.TP .BR "\-l" , " \-loops " <COUNT> Specify maximum number of loops the 'ip address flush' logic will attempt before giving up. The default is 10.
Some use cases create Linux networking devices which are not intended for use by normal networking. This is an enhancement to ip command to hide network devices starting with period (like files in normal directory). Interfaces whose name start with "." are not shown by default, and the -a (or -all) flag must be used to show these devices. Example: $ ip -brief link show lo UNKNOWN 00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> eth0 UP 00:25:90:86:b3:6b <BROADCAST,MULTICAST,UP,LOWER_UP> eth1 DOWN 00:25:90:86:b3:6a <NO-CARRIER,BROADCAST,MULTICAST,UP> $ ip -all -brief link show lo UNKNOWN 00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> eth0 UP 00:25:90:86:b3:6b <BROADCAST,MULTICAST,UP,LOWER_UP> eth1 DOWN 00:25:90:86:b3:6a <NO-CARRIER,BROADCAST,MULTICAST,UP> .eth2 DOWN 00:1b:21:a0:e7:06 <BROADCAST,MULTICAST> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> --- include/utils.h | 1 + ip/ip.c | 5 ++++- ip/ipaddress.c | 31 ++++++++++++++++++++++++------- man/man8/ip.8 | 5 +++++ 4 files changed, 34 insertions(+), 8 deletions(-)