[mirror_frr.git] / zebra / ipforward_sysctl.c

/* IP forward control by sysctl function.
 * Copyright (C) 1997, 1999 Kunihiro Ishiguro
 *
 * This file is part of GNU Zebra.
 *
 * GNU Zebra is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2, or (at your option) any
 * later version.
 *
 * GNU Zebra is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with GNU Zebra; see the file COPYING.  If not, write to the Free
 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
 * 02111-1307, USA.  
 */

#include <zebra.h>
#include "privs.h"

#ifdef NRL
#include <netinet6/in6.h>
#endif /* NRL */

#include "log.h"

#define MIB_SIZ 4

extern struct zebra_privs_t zserv_privs;

/* IPv4 forwarding control MIB. */
int mib[MIB_SIZ] =
{
  CTL_NET,
  PF_INET,
  IPPROTO_IP,
  IPCTL_FORWARDING
};

int
ipforward ()
{
  size_t len;
  int ipforwarding = 0;

  len = sizeof ipforwarding;
  if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0) 
    {
      zlog_warn ("Can't get ipforwarding value");
      return -1;
    }
  return ipforwarding;
}

int
ipforward_on ()
{
  size_t len;
  int ipforwarding = 1;

  len = sizeof ipforwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
    {
      if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("Can't set ipforwarding on");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ipforwarding;
}

int
ipforward_off ()
{
  size_t len;
  int ipforwarding = 0;

  len = sizeof ipforwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
    {
      if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("Can't set ipforwarding on");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ipforwarding;
}

#ifdef HAVE_IPV6

/* IPv6 forwarding control MIB. */
int mib_ipv6[MIB_SIZ] = 
{
  CTL_NET,
  PF_INET6,
#if defined(KAME) || (defined(__bsdi__) && _BSDI_VERSION >= 199802 ) || defined(NRL)
  IPPROTO_IPV6,
  IPV6CTL_FORWARDING
#else /* NOT KAME */
  IPPROTO_IP,
  IP6CTL_FORWARDING
#endif /* KAME */
}; 

int
ipforward_ipv6 ()
{
  size_t len;
  int ip6forwarding = 0;

  len = sizeof ip6forwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
    {
     if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("can't get ip6forwarding value");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ip6forwarding;
}

int
ipforward_ipv6_on ()
{
  size_t len;
  int ip6forwarding = 1;

  len = sizeof ip6forwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
    {
     if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("can't get ip6forwarding value");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ip6forwarding;
}

int
ipforward_ipv6_off ()
{
  size_t len;
  int ip6forwarding = 0;

  len = sizeof ip6forwarding;
  if (zserv_privs.change(ZPRIVS_RAISE))
    zlog (NULL, LOG_ERR, "Can't raise privileges");
  if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
    {
      if (zserv_privs.change(ZPRIVS_LOWER))
        zlog (NULL, LOG_ERR, "Can't lower privileges");
      zlog_warn ("can't get ip6forwarding value");
      return -1;
    }
  if (zserv_privs.change(ZPRIVS_LOWER))
    zlog (NULL, LOG_ERR, "Can't lower privileges");
  return ip6forwarding;
}
#endif /* HAVE_IPV6 */
Commit	Line	Data
	1	/* IP forward control by sysctl function.
	2	* Copyright (C) 1997, 1999 Kunihiro Ishiguro
	3	*
	4	* This file is part of GNU Zebra.
	5	*
	6	* GNU Zebra is free software; you can redistribute it and/or modify it
	7	* under the terms of the GNU General Public License as published by the
	8	* Free Software Foundation; either version 2, or (at your option) any
	9	* later version.
	10	*
	11	* GNU Zebra is distributed in the hope that it will be useful, but
	12	* WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	14	* General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License
	17	* along with GNU Zebra; see the file COPYING. If not, write to the Free
	18	* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
	19	* 02111-1307, USA.
	20	*/
	21
	22	#include <zebra.h>
	23	#include "privs.h"
	24
	25	#ifdef NRL
	26	#include <netinet6/in6.h>
	27	#endif /* NRL */
	28
	29	#include "log.h"
	30
	31	#define MIB_SIZ 4
	32
	33	extern struct zebra_privs_t zserv_privs;
	34
	35	/* IPv4 forwarding control MIB. */
	36	int mib[MIB_SIZ] =
	37	{
	38	CTL_NET,
	39	PF_INET,
	40	IPPROTO_IP,
	41	IPCTL_FORWARDING
	42	};
	43
	44	int
	45	ipforward ()
	46	{
	47	size_t len;
	48	int ipforwarding = 0;
	49
	50	len = sizeof ipforwarding;
	51	if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
	52	{
	53	zlog_warn ("Can't get ipforwarding value");
	54	return -1;
	55	}
	56	return ipforwarding;
	57	}
	58
	59	int
	60	ipforward_on ()
	61	{
	62	size_t len;
	63	int ipforwarding = 1;
	64
	65	len = sizeof ipforwarding;
	66	if (zserv_privs.change(ZPRIVS_RAISE))
	67	zlog (NULL, LOG_ERR, "Can't raise privileges");
	68	if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
	69	{
	70	if (zserv_privs.change(ZPRIVS_LOWER))
	71	zlog (NULL, LOG_ERR, "Can't lower privileges");
	72	zlog_warn ("Can't set ipforwarding on");
	73	return -1;
	74	}
	75	if (zserv_privs.change(ZPRIVS_LOWER))
	76	zlog (NULL, LOG_ERR, "Can't lower privileges");
	77	return ipforwarding;
	78	}
	79
	80	int
	81	ipforward_off ()
	82	{
	83	size_t len;
	84	int ipforwarding = 0;
	85
	86	len = sizeof ipforwarding;
	87	if (zserv_privs.change(ZPRIVS_RAISE))
	88	zlog (NULL, LOG_ERR, "Can't raise privileges");
	89	if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
	90	{
	91	if (zserv_privs.change(ZPRIVS_LOWER))
	92	zlog (NULL, LOG_ERR, "Can't lower privileges");
	93	zlog_warn ("Can't set ipforwarding on");
	94	return -1;
	95	}
	96	if (zserv_privs.change(ZPRIVS_LOWER))
	97	zlog (NULL, LOG_ERR, "Can't lower privileges");
	98	return ipforwarding;
	99	}
	100
	101	#ifdef HAVE_IPV6
	102
	103	/* IPv6 forwarding control MIB. */
	104	int mib_ipv6[MIB_SIZ] =
	105	{
	106	CTL_NET,
	107	PF_INET6,
	108	#if defined(KAME) \|\| (defined(__bsdi__) && _BSDI_VERSION >= 199802 ) \|\| defined(NRL)
	109	IPPROTO_IPV6,
	110	IPV6CTL_FORWARDING
	111	#else /* NOT KAME */
	112	IPPROTO_IP,
	113	IP6CTL_FORWARDING
	114	#endif /* KAME */
	115	};
	116
	117	int
	118	ipforward_ipv6 ()
	119	{
	120	size_t len;
	121	int ip6forwarding = 0;
	122
	123	len = sizeof ip6forwarding;
	124	if (zserv_privs.change(ZPRIVS_RAISE))
	125	zlog (NULL, LOG_ERR, "Can't raise privileges");
	126	if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
	127	{
	128	if (zserv_privs.change(ZPRIVS_LOWER))
	129	zlog (NULL, LOG_ERR, "Can't lower privileges");
	130	zlog_warn ("can't get ip6forwarding value");
	131	return -1;
	132	}
	133	if (zserv_privs.change(ZPRIVS_LOWER))
	134	zlog (NULL, LOG_ERR, "Can't lower privileges");
	135	return ip6forwarding;
	136	}
	137
	138	int
	139	ipforward_ipv6_on ()
	140	{
	141	size_t len;
	142	int ip6forwarding = 1;
	143
	144	len = sizeof ip6forwarding;
	145	if (zserv_privs.change(ZPRIVS_RAISE))
	146	zlog (NULL, LOG_ERR, "Can't raise privileges");
	147	if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
	148	{
	149	if (zserv_privs.change(ZPRIVS_LOWER))
	150	zlog (NULL, LOG_ERR, "Can't lower privileges");
	151	zlog_warn ("can't get ip6forwarding value");
	152	return -1;
	153	}
	154	if (zserv_privs.change(ZPRIVS_LOWER))
	155	zlog (NULL, LOG_ERR, "Can't lower privileges");
	156	return ip6forwarding;
	157	}
	158
	159	int
	160	ipforward_ipv6_off ()
	161	{
	162	size_t len;
	163	int ip6forwarding = 0;
	164
	165	len = sizeof ip6forwarding;
	166	if (zserv_privs.change(ZPRIVS_RAISE))
	167	zlog (NULL, LOG_ERR, "Can't raise privileges");
	168	if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
	169	{
	170	if (zserv_privs.change(ZPRIVS_LOWER))
	171	zlog (NULL, LOG_ERR, "Can't lower privileges");
	172	zlog_warn ("can't get ip6forwarding value");
	173	return -1;
	174	}
	175	if (zserv_privs.change(ZPRIVS_LOWER))
	176	zlog (NULL, LOG_ERR, "Can't lower privileges");
	177	return ip6forwarding;
	178	}
	179	#endif /* HAVE_IPV6 */