+// SPDX-License-Identifier: GPL-2.0-or-later
/*
* Fetch ipforward value by reading /proc filesystem.
* Copyright (C) 1997 Kunihiro Ishiguro
- *
- * This file is part of GNU Zebra.
- *
- * GNU Zebra is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2, or (at your option) any
- * later version.
- *
- * GNU Zebra is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; see the file COPYING; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
#include <zebra.h>
#include "log.h"
#include "privs.h"
-#include "lib_errors.h"
#include "zebra/ipforward.h"
extern struct zebra_privs_t zserv_privs;
-char proc_net_snmp[] = "/proc/net/snmp";
+static const char proc_net_snmp[] = "/proc/net/snmp";
static void dropline(FILE *fp)
{
- int c;
-
- while ((c = getc(fp)) != '\n')
+ while (getc(fp) != '\n')
;
}
}
/* char proc_ipv4_forwarding[] = "/proc/sys/net/ipv4/conf/all/forwarding"; */
-char proc_ipv4_forwarding[] = "/proc/sys/net/ipv4/ip_forward";
+static const char proc_ipv4_forwarding[] = "/proc/sys/net/ipv4/ip_forward";
int ipforward_on(void)
{
FILE *fp;
- if (zserv_privs.change(ZPRIVS_RAISE))
- flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s",
- safe_strerror(errno));
+ frr_with_privs(&zserv_privs) {
- fp = fopen(proc_ipv4_forwarding, "w");
+ fp = fopen(proc_ipv4_forwarding, "w");
- if (fp == NULL) {
- if (zserv_privs.change(ZPRIVS_LOWER))
- flog_err(LIB_ERR_PRIVILEGES,
- "Can't lower privileges, %s",
- safe_strerror(errno));
- return -1;
- }
+ if (fp == NULL) {
+ return -1;
+ }
- fprintf(fp, "1\n");
+ fprintf(fp, "1\n");
- fclose(fp);
+ fclose(fp);
- if (zserv_privs.change(ZPRIVS_LOWER))
- flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s",
- safe_strerror(errno));
+ }
return ipforward();
}
{
FILE *fp;
- if (zserv_privs.change(ZPRIVS_RAISE))
- flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s",
- safe_strerror(errno));
+ frr_with_privs(&zserv_privs) {
- fp = fopen(proc_ipv4_forwarding, "w");
+ fp = fopen(proc_ipv4_forwarding, "w");
- if (fp == NULL) {
- if (zserv_privs.change(ZPRIVS_LOWER))
- flog_err(LIB_ERR_PRIVILEGES,
- "Can't lower privileges, %s",
- safe_strerror(errno));
- return -1;
- }
+ if (fp == NULL) {
+ return -1;
+ }
- fprintf(fp, "0\n");
+ fprintf(fp, "0\n");
- fclose(fp);
+ fclose(fp);
- if (zserv_privs.change(ZPRIVS_LOWER))
- flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s",
- safe_strerror(errno));
+ }
return ipforward();
}
-char proc_ipv6_forwarding[] = "/proc/sys/net/ipv6/conf/all/forwarding";
+static const char proc_ipv6_forwarding[] =
+ "/proc/sys/net/ipv6/conf/all/forwarding";
int ipforward_ipv6(void)
{
{
FILE *fp;
- if (zserv_privs.change(ZPRIVS_RAISE))
- flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s",
- safe_strerror(errno));
+ frr_with_privs(&zserv_privs) {
- fp = fopen(proc_ipv6_forwarding, "w");
+ fp = fopen(proc_ipv6_forwarding, "w");
- if (fp == NULL) {
- if (zserv_privs.change(ZPRIVS_LOWER))
- flog_err(LIB_ERR_PRIVILEGES,
- "Can't lower privileges, %s",
- safe_strerror(errno));
- return -1;
- }
+ if (fp == NULL) {
+ return -1;
+ }
- fprintf(fp, "1\n");
+ fprintf(fp, "1\n");
- fclose(fp);
+ fclose(fp);
- if (zserv_privs.change(ZPRIVS_LOWER))
- flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s",
- safe_strerror(errno));
+ }
return ipforward_ipv6();
}
{
FILE *fp;
- if (zserv_privs.change(ZPRIVS_RAISE))
- flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s",
- safe_strerror(errno));
+ frr_with_privs(&zserv_privs) {
- fp = fopen(proc_ipv6_forwarding, "w");
+ fp = fopen(proc_ipv6_forwarding, "w");
- if (fp == NULL) {
- if (zserv_privs.change(ZPRIVS_LOWER))
- flog_err(LIB_ERR_PRIVILEGES,
- "Can't lower privileges, %s",
- safe_strerror(errno));
- return -1;
- }
+ if (fp == NULL) {
+ return -1;
+ }
- fprintf(fp, "0\n");
+ fprintf(fp, "0\n");
- fclose(fp);
+ fclose(fp);
- if (zserv_privs.change(ZPRIVS_LOWER))
- flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s",
- safe_strerror(errno));
+ }
return ipforward_ipv6();
}