[mirror_frr.git] / zebra / ipforward_sysctl.c

/* IP forward control by sysctl function.
 * Copyright (C) 1997, 1999 Kunihiro Ishiguro
 *
 * This file is part of GNU Zebra.
 *
 * GNU Zebra is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2, or (at your option) any
 * later version.
 *
 * GNU Zebra is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with GNU Zebra; see the file COPYING.  If not, write to the Free
 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
 * 02111-1307, USA.  
 */

#include <zebra.h>
#include "privs.h"
#include "zebra/ipforward.h"

#include "log.h"

#define MIB_SIZ 4

extern struct zebra_privs_t zserv_privs;

/* IPv4 forwarding control MIB. */
int mib[MIB_SIZ] =
{
  CTL_NET,
  PF_INET,
  IPPROTO_IP,
  IPCTL_FORWARDING
};

int
ipforward (void)
{
  size_t len;
  int ipforwarding = 0;

  len = sizeof ipforwarding;
  if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0) 
    {
      zlog_warn ("Can't get ipforwarding value");
      return -1;
    }
  return ipforwarding;
}

int
ipforward_on (void)
{
  size_t len;
  int ipforwarding = 1;

  len = sizeof ipforwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
    {
      if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("Can't set ipforwarding on");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ipforwarding;
}

int
ipforward_off (void)
{
  size_t len;
  int ipforwarding = 0;

  len = sizeof ipforwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
    {
      if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("Can't set ipforwarding on");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ipforwarding;
}

#ifdef HAVE_IPV6

/* IPv6 forwarding control MIB. */
int mib_ipv6[MIB_SIZ] = 
{
  CTL_NET,
  PF_INET6,
#if defined(KAME)
  IPPROTO_IPV6,
  IPV6CTL_FORWARDING
#else /* NOT KAME */
  IPPROTO_IP,
  IP6CTL_FORWARDING
#endif /* KAME */
}; 

int
ipforward_ipv6 (void)
{
  size_t len;
  int ip6forwarding = 0;

  len = sizeof ip6forwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
    {
     if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("can't get ip6forwarding value");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ip6forwarding;
}

int
ipforward_ipv6_on (void)
{
  size_t len;
  int ip6forwarding = 1;

  len = sizeof ip6forwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
    {
     if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("can't get ip6forwarding value");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ip6forwarding;
}

int
ipforward_ipv6_off (void)
{
  size_t len;
  int ip6forwarding = 0;

  len = sizeof ip6forwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
    {
      if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("can't get ip6forwarding value");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ip6forwarding;
}
#endif /* HAVE_IPV6 */
Commit	Line	Data
718e3744	1	/* IP forward control by sysctl function.
	2	* Copyright (C) 1997, 1999 Kunihiro Ishiguro
	3	*
	4	* This file is part of GNU Zebra.
	5	*
	6	* GNU Zebra is free software; you can redistribute it and/or modify it
	7	* under the terms of the GNU General Public License as published by the
	8	* Free Software Foundation; either version 2, or (at your option) any
	9	* later version.
	10	*
	11	* GNU Zebra is distributed in the hope that it will be useful, but
	12	* WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	14	* General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License
	17	* along with GNU Zebra; see the file COPYING. If not, write to the Free
	18	* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
	19	* 02111-1307, USA.
	20	*/
	21
	22	#include <zebra.h>
edd7c245	23	#include "privs.h"
a1ac18c4	24	#include "zebra/ipforward.h"
718e3744	25
718e3744	26	#include "log.h"
	27
	28	#define MIB_SIZ 4
	29
edd7c245	30	extern struct zebra_privs_t zserv_privs;
edd7c245	31
718e3744	32	/* IPv4 forwarding control MIB. */
	33	int mib[MIB_SIZ] =
	34	{
	35	CTL_NET,
	36	PF_INET,
	37	IPPROTO_IP,
	38	IPCTL_FORWARDING
	39	};
	40
	41	int
a1ac18c4	42	ipforward (void)
718e3744	43	{
a5ea687e	44	size_t len;
718e3744	45	int ipforwarding = 0;
	46
	47	len = sizeof ipforwarding;
	48	if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
	49	{
	50	zlog_warn ("Can't get ipforwarding value");
	51	return -1;
	52	}
	53	return ipforwarding;
	54	}
	55
	56	int
a1ac18c4	57	ipforward_on (void)
718e3744	58	{
a5ea687e	59	size_t len;
718e3744	60	int ipforwarding = 1;
	61
	62	len = sizeof ipforwarding;
edd7c245	63	if (zserv_privs.change(ZPRIVS_RAISE))
	64	zlog (NULL, LOG_ERR, "Can't raise privileges");
	65	if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
718e3744	66	{
edd7c245	67	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	68	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	69	zlog_warn ("Can't set ipforwarding on");
	70	return -1;
	71	}
edd7c245	72	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	73	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	74	return ipforwarding;
	75	}
	76
	77	int
a1ac18c4	78	ipforward_off (void)
718e3744	79	{
a5ea687e	80	size_t len;
718e3744	81	int ipforwarding = 0;
	82
	83	len = sizeof ipforwarding;
edd7c245	84	if (zserv_privs.change(ZPRIVS_RAISE))
	85	zlog (NULL, LOG_ERR, "Can't raise privileges");
	86	if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
718e3744	87	{
edd7c245	88	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	89	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	90	zlog_warn ("Can't set ipforwarding on");
	91	return -1;
	92	}
edd7c245	93	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	94	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	95	return ipforwarding;
	96	}
	97
	98	#ifdef HAVE_IPV6
	99
	100	/* IPv6 forwarding control MIB. */
	101	int mib_ipv6[MIB_SIZ] =
	102	{
	103	CTL_NET,
	104	PF_INET6,
1cbb5dfc	105	#if defined(KAME)
718e3744	106	IPPROTO_IPV6,
	107	IPV6CTL_FORWARDING
	108	#else /* NOT KAME */
	109	IPPROTO_IP,
	110	IP6CTL_FORWARDING
	111	#endif /* KAME */
	112	};
	113
	114	int
a1ac18c4	115	ipforward_ipv6 (void)
718e3744	116	{
a5ea687e	117	size_t len;
718e3744	118	int ip6forwarding = 0;
	119
	120	len = sizeof ip6forwarding;
edd7c245	121	if (zserv_privs.change(ZPRIVS_RAISE))
	122	zlog (NULL, LOG_ERR, "Can't raise privileges");
	123	if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
718e3744	124	{
edd7c245	125	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	126	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	127	zlog_warn ("can't get ip6forwarding value");
	128	return -1;
	129	}
edd7c245	130	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	131	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	132	return ip6forwarding;
	133	}
	134
	135	int
a1ac18c4	136	ipforward_ipv6_on (void)
718e3744	137	{
a5ea687e	138	size_t len;
718e3744	139	int ip6forwarding = 1;
	140
	141	len = sizeof ip6forwarding;
edd7c245	142	if (zserv_privs.change(ZPRIVS_RAISE))
	143	zlog (NULL, LOG_ERR, "Can't raise privileges");
	144	if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
718e3744	145	{
edd7c245	146	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	147	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	148	zlog_warn ("can't get ip6forwarding value");
	149	return -1;
	150	}
edd7c245	151	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	152	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	153	return ip6forwarding;
	154	}
	155
	156	int
a1ac18c4	157	ipforward_ipv6_off (void)
718e3744	158	{
a5ea687e	159	size_t len;
718e3744	160	int ip6forwarding = 0;
	161
	162	len = sizeof ip6forwarding;
edd7c245	163	if (zserv_privs.change(ZPRIVS_RAISE))
	164	zlog (NULL, LOG_ERR, "Can't raise privileges");
	165	if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
718e3744	166	{
edd7c245	167	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	168	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	169	zlog_warn ("can't get ip6forwarding value");
	170	return -1;
	171	}
edd7c245	172	if (zserv_privs.change(ZPRIVS_LOWER))
edd7c245	173	zlog (NULL, LOG_ERR, "Can't lower privileges");
718e3744	174	return ip6forwarding;
	175	}
	176	#endif /* HAVE_IPV6 */