zebra/ipforward_sysctl.c

   1 /* IP forward control by sysctl function.
   2  * Copyright (C) 1997, 1999 Kunihiro Ishiguro
   3  *
   4  * This file is part of GNU Zebra.
   5  *
   6  * GNU Zebra is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 2, or (at your option) any
   9  * later version.
  10  *
  11  * GNU Zebra is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License along
  17  * with this program; see the file COPYING; if not, write to the Free Software
  18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  19  */
  20
  21 #include <zebra.h>
  22
  23 #if !defined(GNU_LINUX) && !defined(SUNOS_5)
  24
  25 #include "privs.h"
  26 #include "zebra/ipforward.h"
  27
  28 #include "log.h"
  29
  30 #define MIB_SIZ 4
  31
  32 extern struct zebra_privs_t zserv_privs;
  33
  34 /* IPv4 forwarding control MIB. */
  35 int mib[MIB_SIZ] = {CTL_NET, PF_INET, IPPROTO_IP, IPCTL_FORWARDING};
  36
  37 int ipforward(void)
  38 {
  39         size_t len;
  40         int ipforwarding = 0;
  41
  42         len = sizeof ipforwarding;
  43         if (sysctl(mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0) {
  44                 zlog_warn("Can't get ipforwarding value");
  45                 return -1;
  46         }
  47         return ipforwarding;
  48 }
  49
  50 int ipforward_on(void)
  51 {
  52         size_t len;
  53         int ipforwarding = 1;
  54
  55         len = sizeof ipforwarding;
  56         if (zserv_privs.change(ZPRIVS_RAISE))
  57                 zlog_err("Can't raise privileges");
  58         if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
  59                 if (zserv_privs.change(ZPRIVS_LOWER))
  60                         zlog_err("Can't lower privileges");
  61                 zlog_warn("Can't set ipforwarding on");
  62                 return -1;
  63         }
  64         if (zserv_privs.change(ZPRIVS_LOWER))
  65                 zlog_err("Can't lower privileges");
  66         return ipforwarding;
  67 }
  68
  69 int ipforward_off(void)
  70 {
  71         size_t len;
  72         int ipforwarding = 0;
  73
  74         len = sizeof ipforwarding;
  75         if (zserv_privs.change(ZPRIVS_RAISE))
  76                 zlog_err("Can't raise privileges");
  77         if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
  78                 if (zserv_privs.change(ZPRIVS_LOWER))
  79                         zlog_err("Can't lower privileges");
  80                 zlog_warn("Can't set ipforwarding on");
  81                 return -1;
  82         }
  83         if (zserv_privs.change(ZPRIVS_LOWER))
  84                 zlog_err("Can't lower privileges");
  85         return ipforwarding;
  86 }
  87
  88 /* IPv6 forwarding control MIB. */
  89 int mib_ipv6[MIB_SIZ] = {CTL_NET, PF_INET6,
  90 #if defined(KAME)
  91                          IPPROTO_IPV6, IPV6CTL_FORWARDING
  92 #else  /* NOT KAME */
  93                          IPPROTO_IP, IP6CTL_FORWARDING
  94 #endif /* KAME */
  95 };
  96
  97 int ipforward_ipv6(void)
  98 {
  99         size_t len;
 100         int ip6forwarding = 0;
 101
 102         len = sizeof ip6forwarding;
 103         if (zserv_privs.change(ZPRIVS_RAISE))
 104                 zlog_err("Can't raise privileges");
 105         if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) {
 106                 if (zserv_privs.change(ZPRIVS_LOWER))
 107                         zlog_err("Can't lower privileges");
 108                 zlog_warn("can't get ip6forwarding value");
 109                 return -1;
 110         }
 111         if (zserv_privs.change(ZPRIVS_LOWER))
 112                 zlog_err("Can't lower privileges");
 113         return ip6forwarding;
 114 }
 115
 116 int ipforward_ipv6_on(void)
 117 {
 118         size_t len;
 119         int ip6forwarding = 1;
 120
 121         len = sizeof ip6forwarding;
 122         if (zserv_privs.change(ZPRIVS_RAISE))
 123                 zlog_err("Can't raise privileges");
 124         if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) {
 125                 if (zserv_privs.change(ZPRIVS_LOWER))
 126                         zlog_err("Can't lower privileges");
 127                 zlog_warn("can't get ip6forwarding value");
 128                 return -1;
 129         }
 130         if (zserv_privs.change(ZPRIVS_LOWER))
 131                 zlog_err("Can't lower privileges");
 132         return ip6forwarding;
 133 }
 134
 135 int ipforward_ipv6_off(void)
 136 {
 137         size_t len;
 138         int ip6forwarding = 0;
 139
 140         len = sizeof ip6forwarding;
 141         if (zserv_privs.change(ZPRIVS_RAISE))
 142                 zlog_err("Can't raise privileges");
 143         if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) {
 144                 if (zserv_privs.change(ZPRIVS_LOWER))
 145                         zlog_err("Can't lower privileges");
 146                 zlog_warn("can't get ip6forwarding value");
 147                 return -1;
 148         }
 149         if (zserv_privs.change(ZPRIVS_LOWER))
 150                 zlog_err("Can't lower privileges");
 151         return ip6forwarding;
 152 }
 153
 154 #endif /* !defined(GNU_LINUX) && !defined(SUNOS_5) */