zebra/ipforward_sysctl.c

   1 /* IP forward control by sysctl function.
   2  * Copyright (C) 1997, 1999 Kunihiro Ishiguro
   3  *
   4  * This file is part of GNU Zebra.
   5  *
   6  * GNU Zebra is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 2, or (at your option) any
   9  * later version.
  10  *
  11  * GNU Zebra is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License along
  17  * with this program; see the file COPYING; if not, write to the Free Software
  18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  19  */
  20
  21 #include <zebra.h>
  22 #include "privs.h"
  23 #include "zebra/ipforward.h"
  24
  25 #include "log.h"
  26
  27 #define MIB_SIZ 4
  28
  29 extern struct zebra_privs_t zserv_privs;
  30
  31 /* IPv4 forwarding control MIB. */
  32 int mib[MIB_SIZ] = {CTL_NET, PF_INET, IPPROTO_IP, IPCTL_FORWARDING};
  33
  34 int ipforward(void)
  35 {
  36         size_t len;
  37         int ipforwarding = 0;
  38
  39         len = sizeof ipforwarding;
  40         if (sysctl(mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0) {
  41                 zlog_warn("Can't get ipforwarding value");
  42                 return -1;
  43         }
  44         return ipforwarding;
  45 }
  46
  47 int ipforward_on(void)
  48 {
  49         size_t len;
  50         int ipforwarding = 1;
  51
  52         len = sizeof ipforwarding;
  53         if (zserv_privs.change(ZPRIVS_RAISE))
  54                 zlog_err("Can't raise privileges");
  55         if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
  56                 if (zserv_privs.change(ZPRIVS_LOWER))
  57                         zlog_err("Can't lower privileges");
  58                 zlog_warn("Can't set ipforwarding on");
  59                 return -1;
  60         }
  61         if (zserv_privs.change(ZPRIVS_LOWER))
  62                 zlog_err("Can't lower privileges");
  63         return ipforwarding;
  64 }
  65
  66 int ipforward_off(void)
  67 {
  68         size_t len;
  69         int ipforwarding = 0;
  70
  71         len = sizeof ipforwarding;
  72         if (zserv_privs.change(ZPRIVS_RAISE))
  73                 zlog_err("Can't raise privileges");
  74         if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
  75                 if (zserv_privs.change(ZPRIVS_LOWER))
  76                         zlog_err("Can't lower privileges");
  77                 zlog_warn("Can't set ipforwarding on");
  78                 return -1;
  79         }
  80         if (zserv_privs.change(ZPRIVS_LOWER))
  81                 zlog_err("Can't lower privileges");
  82         return ipforwarding;
  83 }
  84
  85 /* IPv6 forwarding control MIB. */
  86 int mib_ipv6[MIB_SIZ] = {CTL_NET, PF_INET6,
  87 #if defined(KAME)
  88                          IPPROTO_IPV6, IPV6CTL_FORWARDING
  89 #else  /* NOT KAME */
  90                          IPPROTO_IP, IP6CTL_FORWARDING
  91 #endif /* KAME */
  92 };
  93
  94 int ipforward_ipv6(void)
  95 {
  96         size_t len;
  97         int ip6forwarding = 0;
  98
  99         len = sizeof ip6forwarding;
 100         if (zserv_privs.change(ZPRIVS_RAISE))
 101                 zlog_err("Can't raise privileges");
 102         if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) {
 103                 if (zserv_privs.change(ZPRIVS_LOWER))
 104                         zlog_err("Can't lower privileges");
 105                 zlog_warn("can't get ip6forwarding value");
 106                 return -1;
 107         }
 108         if (zserv_privs.change(ZPRIVS_LOWER))
 109                 zlog_err("Can't lower privileges");
 110         return ip6forwarding;
 111 }
 112
 113 int ipforward_ipv6_on(void)
 114 {
 115         size_t len;
 116         int ip6forwarding = 1;
 117
 118         len = sizeof ip6forwarding;
 119         if (zserv_privs.change(ZPRIVS_RAISE))
 120                 zlog_err("Can't raise privileges");
 121         if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) {
 122                 if (zserv_privs.change(ZPRIVS_LOWER))
 123                         zlog_err("Can't lower privileges");
 124                 zlog_warn("can't get ip6forwarding value");
 125                 return -1;
 126         }
 127         if (zserv_privs.change(ZPRIVS_LOWER))
 128                 zlog_err("Can't lower privileges");
 129         return ip6forwarding;
 130 }
 131
 132 int ipforward_ipv6_off(void)
 133 {
 134         size_t len;
 135         int ip6forwarding = 0;
 136
 137         len = sizeof ip6forwarding;
 138         if (zserv_privs.change(ZPRIVS_RAISE))
 139                 zlog_err("Can't raise privileges");
 140         if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) {
 141                 if (zserv_privs.change(ZPRIVS_LOWER))
 142                         zlog_err("Can't lower privileges");
 143                 zlog_warn("can't get ip6forwarding value");
 144                 return -1;
 145         }
 146         if (zserv_privs.change(ZPRIVS_LOWER))
 147                 zlog_err("Can't lower privileges");
 148         return ip6forwarding;
 149 }