zebra/ipforward_proc.c

   1 /*
   2  * Fetch ipforward value by reading /proc filesystem.
   3  * Copyright (C) 1997 Kunihiro Ishiguro
   4  *
   5  * This file is part of GNU Zebra.
   6  *
   7  * GNU Zebra is free software; you can redistribute it and/or modify it
   8  * under the terms of the GNU General Public License as published by the
   9  * Free Software Foundation; either version 2, or (at your option) any
  10  * later version.
  11  *
  12  * GNU Zebra is distributed in the hope that it will be useful, but
  13  * WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  15  * General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License along
  18  * with this program; see the file COPYING; if not, write to the Free Software
  19  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  20  */
  21
  22 #include <zebra.h>
  23
  24 #ifdef GNU_LINUX
  25
  26 #include "log.h"
  27 #include "privs.h"
  28 #include "lib_errors.h"
  29
  30 #include "zebra/ipforward.h"
  31
  32 extern struct zebra_privs_t zserv_privs;
  33
  34 char proc_net_snmp[] = "/proc/net/snmp";
  35
  36 static void dropline(FILE *fp)
  37 {
  38         int c;
  39
  40         while ((c = getc(fp)) != '\n')
  41                 ;
  42 }
  43
  44 int ipforward(void)
  45 {
  46         int ret = 0;
  47         FILE *fp;
  48         int ipforwarding = 0;
  49         char buf[10];
  50
  51         fp = fopen(proc_net_snmp, "r");
  52
  53         if (fp == NULL)
  54                 return -1;
  55
  56         /* We don't care about the first line. */
  57         dropline(fp);
  58
  59         /* Get ip_statistics.IpForwarding :
  60            1 => ip forwarding enabled
  61            2 => ip forwarding off. */
  62         if (fgets(buf, 6, fp))
  63                 ret = sscanf(buf, "Ip: %d", &ipforwarding);
  64
  65         fclose(fp);
  66
  67         if (ret == 1 && ipforwarding == 1)
  68                 return 1;
  69
  70         return 0;
  71 }
  72
  73 /* char proc_ipv4_forwarding[] = "/proc/sys/net/ipv4/conf/all/forwarding"; */
  74 char proc_ipv4_forwarding[] = "/proc/sys/net/ipv4/ip_forward";
  75
  76 int ipforward_on(void)
  77 {
  78         FILE *fp;
  79
  80         if (zserv_privs.change(ZPRIVS_RAISE))
  81                 zlog_ferr(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s",
  82                           safe_strerror(errno));
  83
  84         fp = fopen(proc_ipv4_forwarding, "w");
  85
  86         if (fp == NULL) {
  87                 if (zserv_privs.change(ZPRIVS_LOWER))
  88                         zlog_ferr(LIB_ERR_PRIVILEGES,
  89                                   "Can't lower privileges, %s",
  90                                   safe_strerror(errno));
  91                 return -1;
  92         }
  93
  94         fprintf(fp, "1\n");
  95
  96         fclose(fp);
  97
  98         if (zserv_privs.change(ZPRIVS_LOWER))
  99                 zlog_ferr(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s",
 100                           safe_strerror(errno));
 101
 102         return ipforward();
 103 }
 104
 105 int ipforward_off(void)
 106 {
 107         FILE *fp;
 108
 109         if (zserv_privs.change(ZPRIVS_RAISE))
 110                 zlog_ferr(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s",
 111                           safe_strerror(errno));
 112
 113         fp = fopen(proc_ipv4_forwarding, "w");
 114
 115         if (fp == NULL) {
 116                 if (zserv_privs.change(ZPRIVS_LOWER))
 117                         zlog_ferr(LIB_ERR_PRIVILEGES,
 118                                   "Can't lower privileges, %s",
 119                                   safe_strerror(errno));
 120                 return -1;
 121         }
 122
 123         fprintf(fp, "0\n");
 124
 125         fclose(fp);
 126
 127         if (zserv_privs.change(ZPRIVS_LOWER))
 128                 zlog_ferr(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s",
 129                           safe_strerror(errno));
 130
 131         return ipforward();
 132 }
 133
 134 char proc_ipv6_forwarding[] = "/proc/sys/net/ipv6/conf/all/forwarding";
 135
 136 int ipforward_ipv6(void)
 137 {
 138         int ret = 0;
 139         FILE *fp;
 140         char buf[5];
 141         int ipforwarding = 0;
 142
 143         fp = fopen(proc_ipv6_forwarding, "r");
 144
 145         if (fp == NULL)
 146                 return -1;
 147
 148         if (fgets(buf, 2, fp))
 149                 ret = sscanf(buf, "%d", &ipforwarding);
 150
 151         fclose(fp);
 152
 153         if (ret != 1)
 154                 return 0;
 155
 156         return ipforwarding;
 157 }
 158
 159 int ipforward_ipv6_on(void)
 160 {
 161         FILE *fp;
 162
 163         if (zserv_privs.change(ZPRIVS_RAISE))
 164                 zlog_ferr(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s",
 165                           safe_strerror(errno));
 166
 167         fp = fopen(proc_ipv6_forwarding, "w");
 168
 169         if (fp == NULL) {
 170                 if (zserv_privs.change(ZPRIVS_LOWER))
 171                         zlog_ferr(LIB_ERR_PRIVILEGES,
 172                                   "Can't lower privileges, %s",
 173                                   safe_strerror(errno));
 174                 return -1;
 175         }
 176
 177         fprintf(fp, "1\n");
 178
 179         fclose(fp);
 180
 181         if (zserv_privs.change(ZPRIVS_LOWER))
 182                 zlog_ferr(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s",
 183                           safe_strerror(errno));
 184
 185         return ipforward_ipv6();
 186 }
 187
 188
 189 int ipforward_ipv6_off(void)
 190 {
 191         FILE *fp;
 192
 193         if (zserv_privs.change(ZPRIVS_RAISE))
 194                 zlog_ferr(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s",
 195                           safe_strerror(errno));
 196
 197         fp = fopen(proc_ipv6_forwarding, "w");
 198
 199         if (fp == NULL) {
 200                 if (zserv_privs.change(ZPRIVS_LOWER))
 201                         zlog_ferr(LIB_ERR_PRIVILEGES,
 202                                   "Can't lower privileges, %s",
 203                                   safe_strerror(errno));
 204                 return -1;
 205         }
 206
 207         fprintf(fp, "0\n");
 208
 209         fclose(fp);
 210
 211         if (zserv_privs.change(ZPRIVS_LOWER))
 212                 zlog_ferr(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s",
 213                           safe_strerror(errno));
 214
 215         return ipforward_ipv6();
 216 }
 217
 218 #endif /* GNU_LINUX */