zebra/ipforward_sysctl.c

   1 /* IP forward control by sysctl function.
   2  * Copyright (C) 1997, 1999 Kunihiro Ishiguro
   3  *
   4  * This file is part of GNU Zebra.
   5  *
   6  * GNU Zebra is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 2, or (at your option) any
   9  * later version.
  10  *
  11  * GNU Zebra is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with GNU Zebra; see the file COPYING.  If not, write to the Free
  18  * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
  19  * 02111-1307, USA.
  20  */
  21
  22 #include <zebra.h>
  23 #include "privs.h"
  24 #include "zebra/ipforward.h"
  25
  26 #ifdef NRL
  27 #include <netinet6/in6.h>
  28 #endif /* NRL */
  29
  30 #include "log.h"
  31
  32 #define MIB_SIZ 4
  33
  34 extern struct zebra_privs_t zserv_privs;
  35
  36 /* IPv4 forwarding control MIB. */
  37 int mib[MIB_SIZ] =
  38 {
  39   CTL_NET,
  40   PF_INET,
  41   IPPROTO_IP,
  42   IPCTL_FORWARDING
  43 };
  44
  45 int
  46 ipforward (void)
  47 {
  48   size_t len;
  49   int ipforwarding = 0;
  50
  51   len = sizeof ipforwarding;
  52   if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
  53     {
  54       zlog_warn ("Can't get ipforwarding value");
  55       return -1;
  56     }
  57   return ipforwarding;
  58 }
  59
  60 int
  61 ipforward_on (void)
  62 {
  63   size_t len;
  64   int ipforwarding = 1;
  65
  66   len = sizeof ipforwarding;
  67   if (zserv_privs.change(ZPRIVS_RAISE))
  68     zlog (NULL, LOG_ERR, "Can't raise privileges");
  69   if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  70     {
  71       if (zserv_privs.change(ZPRIVS_LOWER))
  72         zlog (NULL, LOG_ERR, "Can't lower privileges");
  73       zlog_warn ("Can't set ipforwarding on");
  74       return -1;
  75     }
  76   if (zserv_privs.change(ZPRIVS_LOWER))
  77     zlog (NULL, LOG_ERR, "Can't lower privileges");
  78   return ipforwarding;
  79 }
  80
  81 int
  82 ipforward_off (void)
  83 {
  84   size_t len;
  85   int ipforwarding = 0;
  86
  87   len = sizeof ipforwarding;
  88   if (zserv_privs.change(ZPRIVS_RAISE))
  89     zlog (NULL, LOG_ERR, "Can't raise privileges");
  90   if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  91     {
  92       if (zserv_privs.change(ZPRIVS_LOWER))
  93         zlog (NULL, LOG_ERR, "Can't lower privileges");
  94       zlog_warn ("Can't set ipforwarding on");
  95       return -1;
  96     }
  97   if (zserv_privs.change(ZPRIVS_LOWER))
  98     zlog (NULL, LOG_ERR, "Can't lower privileges");
  99   return ipforwarding;
 100 }
 101
 102 #ifdef HAVE_IPV6
 103
 104 /* IPv6 forwarding control MIB. */
 105 int mib_ipv6[MIB_SIZ] =
 106 {
 107   CTL_NET,
 108   PF_INET6,
 109 #if defined(KAME) || (defined(__bsdi__) && _BSDI_VERSION >= 199802 ) || defined(NRL)
 110   IPPROTO_IPV6,
 111   IPV6CTL_FORWARDING
 112 #else /* NOT KAME */
 113   IPPROTO_IP,
 114   IP6CTL_FORWARDING
 115 #endif /* KAME */
 116 };
 117
 118 int
 119 ipforward_ipv6 (void)
 120 {
 121   size_t len;
 122   int ip6forwarding = 0;
 123
 124   len = sizeof ip6forwarding;
 125   if (zserv_privs.change(ZPRIVS_RAISE))
 126     zlog (NULL, LOG_ERR, "Can't raise privileges");
 127   if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
 128     {
 129      if (zserv_privs.change(ZPRIVS_LOWER))
 130         zlog (NULL, LOG_ERR, "Can't lower privileges");
 131       zlog_warn ("can't get ip6forwarding value");
 132       return -1;
 133     }
 134   if (zserv_privs.change(ZPRIVS_LOWER))
 135     zlog (NULL, LOG_ERR, "Can't lower privileges");
 136   return ip6forwarding;
 137 }
 138
 139 int
 140 ipforward_ipv6_on (void)
 141 {
 142   size_t len;
 143   int ip6forwarding = 1;
 144
 145   len = sizeof ip6forwarding;
 146   if (zserv_privs.change(ZPRIVS_RAISE))
 147     zlog (NULL, LOG_ERR, "Can't raise privileges");
 148   if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
 149     {
 150      if (zserv_privs.change(ZPRIVS_LOWER))
 151         zlog (NULL, LOG_ERR, "Can't lower privileges");
 152       zlog_warn ("can't get ip6forwarding value");
 153       return -1;
 154     }
 155   if (zserv_privs.change(ZPRIVS_LOWER))
 156     zlog (NULL, LOG_ERR, "Can't lower privileges");
 157   return ip6forwarding;
 158 }
 159
 160 int
 161 ipforward_ipv6_off (void)
 162 {
 163   size_t len;
 164   int ip6forwarding = 0;
 165
 166   len = sizeof ip6forwarding;
 167   if (zserv_privs.change(ZPRIVS_RAISE))
 168     zlog (NULL, LOG_ERR, "Can't raise privileges");
 169   if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
 170     {
 171       if (zserv_privs.change(ZPRIVS_LOWER))
 172         zlog (NULL, LOG_ERR, "Can't lower privileges");
 173       zlog_warn ("can't get ip6forwarding value");
 174       return -1;
 175     }
 176   if (zserv_privs.change(ZPRIVS_LOWER))
 177     zlog (NULL, LOG_ERR, "Can't lower privileges");
 178   return ip6forwarding;
 179 }
 180 #endif /* HAVE_IPV6 */