zebra/ipforward_sysctl.c

   1 /* IP forward control by sysctl function.
   2  * Copyright (C) 1997, 1999 Kunihiro Ishiguro
   3  *
   4  * This file is part of GNU Zebra.
   5  *
   6  * GNU Zebra is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 2, or (at your option) any
   9  * later version.
  10  *
  11  * GNU Zebra is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with GNU Zebra; see the file COPYING.  If not, write to the Free
  18  * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
  19  * 02111-1307, USA.
  20  */
  21
  22 #include <zebra.h>
  23 #include "privs.h"
  24 #include "zebra/ipforward.h"
  25
  26 #include "log.h"
  27
  28 #define MIB_SIZ 4
  29
  30 extern struct zebra_privs_t zserv_privs;
  31
  32 /* IPv4 forwarding control MIB. */
  33 int mib[MIB_SIZ] =
  34 {
  35   CTL_NET,
  36   PF_INET,
  37   IPPROTO_IP,
  38   IPCTL_FORWARDING
  39 };
  40
  41 int
  42 ipforward (void)
  43 {
  44   size_t len;
  45   int ipforwarding = 0;
  46
  47   len = sizeof ipforwarding;
  48   if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
  49     {
  50       zlog_warn ("Can't get ipforwarding value");
  51       return -1;
  52     }
  53   return ipforwarding;
  54 }
  55
  56 int
  57 ipforward_on (void)
  58 {
  59   size_t len;
  60   int ipforwarding = 1;
  61
  62   len = sizeof ipforwarding;
  63   if (zserv_privs.change(ZPRIVS_RAISE))
  64     zlog (NULL, LOG_ERR, "Can't raise privileges");
  65   if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  66     {
  67       if (zserv_privs.change(ZPRIVS_LOWER))
  68         zlog (NULL, LOG_ERR, "Can't lower privileges");
  69       zlog_warn ("Can't set ipforwarding on");
  70       return -1;
  71     }
  72   if (zserv_privs.change(ZPRIVS_LOWER))
  73     zlog (NULL, LOG_ERR, "Can't lower privileges");
  74   return ipforwarding;
  75 }
  76
  77 int
  78 ipforward_off (void)
  79 {
  80   size_t len;
  81   int ipforwarding = 0;
  82
  83   len = sizeof ipforwarding;
  84   if (zserv_privs.change(ZPRIVS_RAISE))
  85     zlog (NULL, LOG_ERR, "Can't raise privileges");
  86   if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  87     {
  88       if (zserv_privs.change(ZPRIVS_LOWER))
  89         zlog (NULL, LOG_ERR, "Can't lower privileges");
  90       zlog_warn ("Can't set ipforwarding on");
  91       return -1;
  92     }
  93   if (zserv_privs.change(ZPRIVS_LOWER))
  94     zlog (NULL, LOG_ERR, "Can't lower privileges");
  95   return ipforwarding;
  96 }
  97
  98 #ifdef HAVE_IPV6
  99
 100 /* IPv6 forwarding control MIB. */
 101 int mib_ipv6[MIB_SIZ] =
 102 {
 103   CTL_NET,
 104   PF_INET6,
 105 #if defined(KAME)
 106   IPPROTO_IPV6,
 107   IPV6CTL_FORWARDING
 108 #else /* NOT KAME */
 109   IPPROTO_IP,
 110   IP6CTL_FORWARDING
 111 #endif /* KAME */
 112 };
 113
 114 int
 115 ipforward_ipv6 (void)
 116 {
 117   size_t len;
 118   int ip6forwarding = 0;
 119
 120   len = sizeof ip6forwarding;
 121   if (zserv_privs.change(ZPRIVS_RAISE))
 122     zlog (NULL, LOG_ERR, "Can't raise privileges");
 123   if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
 124     {
 125      if (zserv_privs.change(ZPRIVS_LOWER))
 126         zlog (NULL, LOG_ERR, "Can't lower privileges");
 127       zlog_warn ("can't get ip6forwarding value");
 128       return -1;
 129     }
 130   if (zserv_privs.change(ZPRIVS_LOWER))
 131     zlog (NULL, LOG_ERR, "Can't lower privileges");
 132   return ip6forwarding;
 133 }
 134
 135 int
 136 ipforward_ipv6_on (void)
 137 {
 138   size_t len;
 139   int ip6forwarding = 1;
 140
 141   len = sizeof ip6forwarding;
 142   if (zserv_privs.change(ZPRIVS_RAISE))
 143     zlog (NULL, LOG_ERR, "Can't raise privileges");
 144   if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
 145     {
 146      if (zserv_privs.change(ZPRIVS_LOWER))
 147         zlog (NULL, LOG_ERR, "Can't lower privileges");
 148       zlog_warn ("can't get ip6forwarding value");
 149       return -1;
 150     }
 151   if (zserv_privs.change(ZPRIVS_LOWER))
 152     zlog (NULL, LOG_ERR, "Can't lower privileges");
 153   return ip6forwarding;
 154 }
 155
 156 int
 157 ipforward_ipv6_off (void)
 158 {
 159   size_t len;
 160   int ip6forwarding = 0;
 161
 162   len = sizeof ip6forwarding;
 163   if (zserv_privs.change(ZPRIVS_RAISE))
 164     zlog (NULL, LOG_ERR, "Can't raise privileges");
 165   if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
 166     {
 167       if (zserv_privs.change(ZPRIVS_LOWER))
 168         zlog (NULL, LOG_ERR, "Can't lower privileges");
 169       zlog_warn ("can't get ip6forwarding value");
 170       return -1;
 171     }
 172   if (zserv_privs.change(ZPRIVS_LOWER))
 173     zlog (NULL, LOG_ERR, "Can't lower privileges");
 174   return ip6forwarding;
 175 }
 176 #endif /* HAVE_IPV6 */