]> git.proxmox.com Git - mirror_frr.git/blobdiff - zebra/ipforward_sysctl.c
projects / mirror_frr.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
isisd: implement the 'lsp-too-large' notification
[mirror_frr.git] / zebra / ipforward_sysctl.c
diff --git a/zebra/ipforward_sysctl.c b/zebra/ipforward_sysctl.c
index 651046d2694209cfb0e282b655d18b2d9da2c2ef..cc9421c2754db5f51eb3861dc5b81f0ee76f9f20 100644 (file)
--- a/zebra/ipforward_sysctl.c
+++ b/zebra/ipforward_sysctl.c
@@ -13,17 +13,21 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * General Public License for more details.
  *
- * You should have received a copy of the GNU General Public License
- * along with GNU Zebra; see the file COPYING.  If not, write to the Free
- * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
- * 02111-1307, USA.
+ * You should have received a copy of the GNU General Public License along
+ * with this program; see the file COPYING; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  */
 
 #include <zebra.h>
+
+#if !defined(GNU_LINUX) && !defined(SUNOS_5)
+
 #include "privs.h"
 #include "zebra/ipforward.h"
+#include "zebra/zebra_errors.h"
 
 #include "log.h"
+#include "lib_errors.h"
 
 #define MIB_SIZ 4
 
@@ -39,7 +43,8 @@ int ipforward(void)
 
        len = sizeof ipforwarding;
        if (sysctl(mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0) {
-               zlog_warn("Can't get ipforwarding value");
+               flog_err_sys(EC_LIB_SYSTEM_CALL,
+                            "Can't get ipforwarding value");
                return -1;
        }
        return ipforwarding;
@@ -51,16 +56,13 @@ int ipforward_on(void)
        int ipforwarding = 1;
 
        len = sizeof ipforwarding;
-       if (zserv_privs.change(ZPRIVS_RAISE))
-               zlog_err("Can't raise privileges");
-       if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
-               if (zserv_privs.change(ZPRIVS_LOWER))
-                       zlog_err("Can't lower privileges");
-               zlog_warn("Can't set ipforwarding on");
-               return -1;
+       frr_elevate_privs(&zserv_privs) {
+               if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
+                       flog_err_sys(EC_LIB_SYSTEM_CALL,
+                                    "Can't set ipforwarding on");
+                       return -1;
+               }
        }
-       if (zserv_privs.change(ZPRIVS_LOWER))
-               zlog_err("Can't lower privileges");
        return ipforwarding;
 }
 
@@ -70,26 +72,23 @@ int ipforward_off(void)
        int ipforwarding = 0;
 
        len = sizeof ipforwarding;
-       if (zserv_privs.change(ZPRIVS_RAISE))
-               zlog_err("Can't raise privileges");
-       if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
-               if (zserv_privs.change(ZPRIVS_LOWER))
-                       zlog_err("Can't lower privileges");
-               zlog_warn("Can't set ipforwarding on");
-               return -1;
+       frr_elevate_privs(&zserv_privs) {
+               if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
+                       flog_err_sys(EC_LIB_SYSTEM_CALL,
+                                    "Can't set ipforwarding on");
+                       return -1;
+               }
        }
-       if (zserv_privs.change(ZPRIVS_LOWER))
-               zlog_err("Can't lower privileges");
        return ipforwarding;
 }
 
 /* IPv6 forwarding control MIB. */
 int mib_ipv6[MIB_SIZ] = {CTL_NET, PF_INET6,
-#if defined(KAME)
+#if defined(BSD_V6_SYSCTL)
                         IPPROTO_IPV6, IPV6CTL_FORWARDING
-#else  /* NOT KAME */
+#else  /* NOT BSD_V6_SYSCTL */
                         IPPROTO_IP, IP6CTL_FORWARDING
-#endif /* KAME */
+#endif /* BSD_V6_SYSCTL */
 };
 
 int ipforward_ipv6(void)
@@ -98,16 +97,13 @@ int ipforward_ipv6(void)
        int ip6forwarding = 0;
 
        len = sizeof ip6forwarding;
-       if (zserv_privs.change(ZPRIVS_RAISE))
-               zlog_err("Can't raise privileges");
-       if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) {
-               if (zserv_privs.change(ZPRIVS_LOWER))
-                       zlog_err("Can't lower privileges");
-               zlog_warn("can't get ip6forwarding value");
-               return -1;
+       frr_elevate_privs(&zserv_privs) {
+               if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) {
+                       flog_err_sys(EC_LIB_SYSTEM_CALL,
+                                    "can't get ip6forwarding value");
+                       return -1;
+               }
        }
-       if (zserv_privs.change(ZPRIVS_LOWER))
-               zlog_err("Can't lower privileges");
        return ip6forwarding;
 }
 
@@ -117,16 +113,14 @@ int ipforward_ipv6_on(void)
        int ip6forwarding = 1;
 
        len = sizeof ip6forwarding;
-       if (zserv_privs.change(ZPRIVS_RAISE))
-               zlog_err("Can't raise privileges");
-       if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) {
-               if (zserv_privs.change(ZPRIVS_LOWER))
-                       zlog_err("Can't lower privileges");
-               zlog_warn("can't get ip6forwarding value");
-               return -1;
+       frr_elevate_privs(&zserv_privs) {
+               if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len)
+                   < 0) {
+                       flog_err_sys(EC_LIB_SYSTEM_CALL,
+                                    "can't get ip6forwarding value");
+                       return -1;
+               }
        }
-       if (zserv_privs.change(ZPRIVS_LOWER))
-               zlog_err("Can't lower privileges");
        return ip6forwarding;
 }
 
@@ -136,15 +130,15 @@ int ipforward_ipv6_off(void)
        int ip6forwarding = 0;
 
        len = sizeof ip6forwarding;
-       if (zserv_privs.change(ZPRIVS_RAISE))
-               zlog_err("Can't raise privileges");
-       if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) {
-               if (zserv_privs.change(ZPRIVS_LOWER))
-                       zlog_err("Can't lower privileges");
-               zlog_warn("can't get ip6forwarding value");
-               return -1;
+       frr_elevate_privs(&zserv_privs) {
+               if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len)
+                   < 0) {
+                       flog_err_sys(EC_LIB_SYSTEM_CALL,
+                                    "can't get ip6forwarding value");
+                       return -1;
+               }
        }
-       if (zserv_privs.change(ZPRIVS_LOWER))
-               zlog_err("Can't lower privileges");
        return ip6forwarding;
 }
+
+#endif /* !defined(GNU_LINUX) && !defined(SUNOS_5) */
FRRouting mirror