*/
#include <zebra.h>
+
+#if !defined(GNU_LINUX) && !defined(SUNOS_5)
+
#include "privs.h"
#include "zebra/ipforward.h"
+#include "zebra/zebra_errors.h"
#include "log.h"
+#include "lib_errors.h"
#define MIB_SIZ 4
extern struct zebra_privs_t zserv_privs;
/* IPv4 forwarding control MIB. */
-int mib[MIB_SIZ] =
-{
- CTL_NET,
- PF_INET,
- IPPROTO_IP,
- IPCTL_FORWARDING
-};
+int mib[MIB_SIZ] = {CTL_NET, PF_INET, IPPROTO_IP, IPCTL_FORWARDING};
-int
-ipforward (void)
+int ipforward(void)
{
- size_t len;
- int ipforwarding = 0;
-
- len = sizeof ipforwarding;
- if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
- {
- zlog_warn ("Can't get ipforwarding value");
- return -1;
- }
- return ipforwarding;
+ size_t len;
+ int ipforwarding = 0;
+
+ len = sizeof ipforwarding;
+ if (sysctl(mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0) {
+ flog_err_sys(EC_LIB_SYSTEM_CALL,
+ "Can't get ipforwarding value");
+ return -1;
+ }
+ return ipforwarding;
}
-int
-ipforward_on (void)
+int ipforward_on(void)
{
- size_t len;
- int ipforwarding = 1;
-
- len = sizeof ipforwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
- {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn ("Can't set ipforwarding on");
- return -1;
- }
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- return ipforwarding;
+ size_t len;
+ int ipforwarding = 1;
+
+ len = sizeof ipforwarding;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
+ flog_err_sys(EC_LIB_SYSTEM_CALL,
+ "Can't set ipforwarding on");
+ return -1;
+ }
+ }
+ return ipforwarding;
}
-int
-ipforward_off (void)
+int ipforward_off(void)
{
- size_t len;
- int ipforwarding = 0;
-
- len = sizeof ipforwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
- {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn ("Can't set ipforwarding on");
- return -1;
- }
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- return ipforwarding;
+ size_t len;
+ int ipforwarding = 0;
+
+ len = sizeof ipforwarding;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
+ flog_err_sys(EC_LIB_SYSTEM_CALL,
+ "Can't set ipforwarding on");
+ return -1;
+ }
+ }
+ return ipforwarding;
}
/* IPv6 forwarding control MIB. */
-int mib_ipv6[MIB_SIZ] =
-{
- CTL_NET,
- PF_INET6,
-#if defined(KAME)
- IPPROTO_IPV6,
- IPV6CTL_FORWARDING
-#else /* NOT KAME */
- IPPROTO_IP,
- IP6CTL_FORWARDING
-#endif /* KAME */
-};
-
-int
-ipforward_ipv6 (void)
+int mib_ipv6[MIB_SIZ] = {CTL_NET, PF_INET6,
+#if defined(BSD_V6_SYSCTL)
+ IPPROTO_IPV6, IPV6CTL_FORWARDING
+#else /* NOT BSD_V6_SYSCTL */
+ IPPROTO_IP, IP6CTL_FORWARDING
+#endif /* BSD_V6_SYSCTL */
+};
+
+int ipforward_ipv6(void)
{
- size_t len;
- int ip6forwarding = 0;
-
- len = sizeof ip6forwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
- {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn ("can't get ip6forwarding value");
- return -1;
- }
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- return ip6forwarding;
+ size_t len;
+ int ip6forwarding = 0;
+
+ len = sizeof ip6forwarding;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) {
+ flog_err_sys(EC_LIB_SYSTEM_CALL,
+ "can't get ip6forwarding value");
+ return -1;
+ }
+ }
+ return ip6forwarding;
}
-int
-ipforward_ipv6_on (void)
+int ipforward_ipv6_on(void)
{
- size_t len;
- int ip6forwarding = 1;
-
- len = sizeof ip6forwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
- {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn ("can't get ip6forwarding value");
- return -1;
- }
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- return ip6forwarding;
+ size_t len;
+ int ip6forwarding = 1;
+
+ len = sizeof ip6forwarding;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len)
+ < 0) {
+ flog_err_sys(EC_LIB_SYSTEM_CALL,
+ "can't get ip6forwarding value");
+ return -1;
+ }
+ }
+ return ip6forwarding;
}
-int
-ipforward_ipv6_off (void)
+int ipforward_ipv6_off(void)
{
- size_t len;
- int ip6forwarding = 0;
-
- len = sizeof ip6forwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
- {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn ("can't get ip6forwarding value");
- return -1;
- }
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- return ip6forwarding;
+ size_t len;
+ int ip6forwarding = 0;
+
+ len = sizeof ip6forwarding;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len)
+ < 0) {
+ flog_err_sys(EC_LIB_SYSTEM_CALL,
+ "can't get ip6forwarding value");
+ return -1;
+ }
+ }
+ return ip6forwarding;
}
+
+#endif /* !defined(GNU_LINUX) && !defined(SUNOS_5) */
projects / mirror_frr.git / blobdiff