]>
Commit | Line | Data |
---|---|---|
718e3744 | 1 | /* IP forward control by sysctl function. |
2 | * Copyright (C) 1997, 1999 Kunihiro Ishiguro | |
3 | * | |
4 | * This file is part of GNU Zebra. | |
5 | * | |
6 | * GNU Zebra is free software; you can redistribute it and/or modify it | |
7 | * under the terms of the GNU General Public License as published by the | |
8 | * Free Software Foundation; either version 2, or (at your option) any | |
9 | * later version. | |
10 | * | |
11 | * GNU Zebra is distributed in the hope that it will be useful, but | |
12 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * General Public License for more details. | |
15 | * | |
896014f4 DL |
16 | * You should have received a copy of the GNU General Public License along |
17 | * with this program; see the file COPYING; if not, write to the Free Software | |
18 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
718e3744 | 19 | */ |
20 | ||
21 | #include <zebra.h> | |
ddfeb486 DL |
22 | |
23 | #if !defined(GNU_LINUX) && !defined(SUNOS_5) | |
24 | ||
edd7c245 | 25 | #include "privs.h" |
a1ac18c4 | 26 | #include "zebra/ipforward.h" |
718e3744 | 27 | |
718e3744 | 28 | #include "log.h" |
29 | ||
30 | #define MIB_SIZ 4 | |
31 | ||
edd7c245 | 32 | extern struct zebra_privs_t zserv_privs; |
33 | ||
718e3744 | 34 | /* IPv4 forwarding control MIB. */ |
d62a17ae | 35 | int mib[MIB_SIZ] = {CTL_NET, PF_INET, IPPROTO_IP, IPCTL_FORWARDING}; |
718e3744 | 36 | |
d62a17ae | 37 | int ipforward(void) |
718e3744 | 38 | { |
d62a17ae | 39 | size_t len; |
40 | int ipforwarding = 0; | |
41 | ||
42 | len = sizeof ipforwarding; | |
43 | if (sysctl(mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0) { | |
44 | zlog_warn("Can't get ipforwarding value"); | |
45 | return -1; | |
46 | } | |
47 | return ipforwarding; | |
718e3744 | 48 | } |
49 | ||
d62a17ae | 50 | int ipforward_on(void) |
718e3744 | 51 | { |
d62a17ae | 52 | size_t len; |
53 | int ipforwarding = 1; | |
54 | ||
55 | len = sizeof ipforwarding; | |
56 | if (zserv_privs.change(ZPRIVS_RAISE)) | |
57 | zlog_err("Can't raise privileges"); | |
58 | if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { | |
59 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
60 | zlog_err("Can't lower privileges"); | |
61 | zlog_warn("Can't set ipforwarding on"); | |
62 | return -1; | |
63 | } | |
64 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
65 | zlog_err("Can't lower privileges"); | |
66 | return ipforwarding; | |
718e3744 | 67 | } |
68 | ||
d62a17ae | 69 | int ipforward_off(void) |
718e3744 | 70 | { |
d62a17ae | 71 | size_t len; |
72 | int ipforwarding = 0; | |
73 | ||
74 | len = sizeof ipforwarding; | |
75 | if (zserv_privs.change(ZPRIVS_RAISE)) | |
76 | zlog_err("Can't raise privileges"); | |
77 | if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { | |
78 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
79 | zlog_err("Can't lower privileges"); | |
80 | zlog_warn("Can't set ipforwarding on"); | |
81 | return -1; | |
82 | } | |
83 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
84 | zlog_err("Can't lower privileges"); | |
85 | return ipforwarding; | |
718e3744 | 86 | } |
87 | ||
718e3744 | 88 | /* IPv6 forwarding control MIB. */ |
d62a17ae | 89 | int mib_ipv6[MIB_SIZ] = {CTL_NET, PF_INET6, |
d616d639 | 90 | #if defined(BSD_V6_SYSCTL) |
d62a17ae | 91 | IPPROTO_IPV6, IPV6CTL_FORWARDING |
d616d639 | 92 | #else /* NOT BSD_V6_SYSCTL */ |
d62a17ae | 93 | IPPROTO_IP, IP6CTL_FORWARDING |
d616d639 | 94 | #endif /* BSD_V6_SYSCTL */ |
d62a17ae | 95 | }; |
718e3744 | 96 | |
d62a17ae | 97 | int ipforward_ipv6(void) |
718e3744 | 98 | { |
d62a17ae | 99 | size_t len; |
100 | int ip6forwarding = 0; | |
101 | ||
102 | len = sizeof ip6forwarding; | |
103 | if (zserv_privs.change(ZPRIVS_RAISE)) | |
104 | zlog_err("Can't raise privileges"); | |
105 | if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) { | |
106 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
107 | zlog_err("Can't lower privileges"); | |
108 | zlog_warn("can't get ip6forwarding value"); | |
109 | return -1; | |
110 | } | |
111 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
112 | zlog_err("Can't lower privileges"); | |
113 | return ip6forwarding; | |
718e3744 | 114 | } |
115 | ||
d62a17ae | 116 | int ipforward_ipv6_on(void) |
718e3744 | 117 | { |
d62a17ae | 118 | size_t len; |
119 | int ip6forwarding = 1; | |
120 | ||
121 | len = sizeof ip6forwarding; | |
122 | if (zserv_privs.change(ZPRIVS_RAISE)) | |
123 | zlog_err("Can't raise privileges"); | |
124 | if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) { | |
125 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
126 | zlog_err("Can't lower privileges"); | |
127 | zlog_warn("can't get ip6forwarding value"); | |
128 | return -1; | |
129 | } | |
130 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
131 | zlog_err("Can't lower privileges"); | |
132 | return ip6forwarding; | |
718e3744 | 133 | } |
134 | ||
d62a17ae | 135 | int ipforward_ipv6_off(void) |
718e3744 | 136 | { |
d62a17ae | 137 | size_t len; |
138 | int ip6forwarding = 0; | |
139 | ||
140 | len = sizeof ip6forwarding; | |
141 | if (zserv_privs.change(ZPRIVS_RAISE)) | |
142 | zlog_err("Can't raise privileges"); | |
143 | if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) { | |
144 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
145 | zlog_err("Can't lower privileges"); | |
146 | zlog_warn("can't get ip6forwarding value"); | |
147 | return -1; | |
148 | } | |
149 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
150 | zlog_err("Can't lower privileges"); | |
151 | return ip6forwarding; | |
718e3744 | 152 | } |
ddfeb486 DL |
153 | |
154 | #endif /* !defined(GNU_LINUX) && !defined(SUNOS_5) */ |