X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=zebra%2Fipforward_proc.c;h=8f44c377b33ecf873be3453ea95e808816f0f499;hb=91d227b7e3cb53ad8fdbcd9d4cff7f0a666918e3;hp=2876eded378048b95039d2b93a8e47a0ca1abaac;hpb=7e7a2d38b2d5d5edd3be7d6754d67c3231ee215e;p=mirror_frr.git diff --git a/zebra/ipforward_proc.c b/zebra/ipforward_proc.c index 2876eded3..8f44c377b 100644 --- a/zebra/ipforward_proc.c +++ b/zebra/ipforward_proc.c @@ -14,14 +14,15 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with GNU Zebra; see the file COPYING. If not, write to the Free - * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA - * 02111-1307, USA. + * You should have received a copy of the GNU General Public License along + * with this program; see the file COPYING; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include +#ifdef GNU_LINUX + #include "log.h" #include "privs.h" @@ -31,170 +32,154 @@ extern struct zebra_privs_t zserv_privs; char proc_net_snmp[] = "/proc/net/snmp"; -static void -dropline (FILE *fp) +static void dropline(FILE *fp) { - int c; + int c; - while ((c = getc (fp)) != '\n') - ; + while ((c = getc(fp)) != '\n') + ; } -int -ipforward (void) +int ipforward(void) { - FILE *fp; - int ipforwarding = 0; - char buf[10]; - - fp = fopen (proc_net_snmp, "r"); - - if (fp == NULL) - return -1; - - /* We don't care about the first line. */ - dropline (fp); - - /* Get ip_statistics.IpForwarding : - 1 => ip forwarding enabled - 2 => ip forwarding off. */ - if (fgets (buf, 6, fp)) - sscanf (buf, "Ip: %d", &ipforwarding); - - fclose(fp); - - if (ipforwarding == 1) - return 1; - - return 0; + int ret = 0; + FILE *fp; + int ipforwarding = 0; + char buf[10]; + + fp = fopen(proc_net_snmp, "r"); + + if (fp == NULL) + return -1; + + /* We don't care about the first line. */ + dropline(fp); + + /* Get ip_statistics.IpForwarding : + 1 => ip forwarding enabled + 2 => ip forwarding off. */ + if (fgets(buf, 6, fp)) + ret = sscanf(buf, "Ip: %d", &ipforwarding); + + fclose(fp); + + if (ret == 1 && ipforwarding == 1) + return 1; + + return 0; } /* char proc_ipv4_forwarding[] = "/proc/sys/net/ipv4/conf/all/forwarding"; */ char proc_ipv4_forwarding[] = "/proc/sys/net/ipv4/ip_forward"; -int -ipforward_on (void) +int ipforward_on(void) { - FILE *fp; - - if ( zserv_privs.change(ZPRIVS_RAISE) ) - zlog_err ("Can't raise privileges, %s", safe_strerror (errno) ); + FILE *fp; + + frr_elevate_privs(&zserv_privs) { - fp = fopen (proc_ipv4_forwarding, "w"); + fp = fopen(proc_ipv4_forwarding, "w"); - if (fp == NULL) { - if ( zserv_privs.change(ZPRIVS_LOWER) ) - zlog_err ("Can't lower privileges, %s", safe_strerror (errno)); - return -1; - } + if (fp == NULL) { + return -1; + } - fprintf (fp, "1\n"); + fprintf(fp, "1\n"); - fclose (fp); + fclose(fp); - if ( zserv_privs.change(ZPRIVS_LOWER) ) - zlog_err ("Can't lower privileges, %s", safe_strerror (errno)); + } - return ipforward (); + return ipforward(); } -int -ipforward_off (void) +int ipforward_off(void) { - FILE *fp; + FILE *fp; - if ( zserv_privs.change(ZPRIVS_RAISE) ) - zlog_err ("Can't raise privileges, %s", safe_strerror (errno)); + frr_elevate_privs(&zserv_privs) { - fp = fopen (proc_ipv4_forwarding, "w"); + fp = fopen(proc_ipv4_forwarding, "w"); - if (fp == NULL) { - if ( zserv_privs.change(ZPRIVS_LOWER) ) - zlog_err ("Can't lower privileges, %s", safe_strerror (errno)); - return -1; - } + if (fp == NULL) { + return -1; + } - fprintf (fp, "0\n"); + fprintf(fp, "0\n"); - fclose (fp); + fclose(fp); - if ( zserv_privs.change(ZPRIVS_LOWER) ) - zlog_err ("Can't lower privileges, %s", safe_strerror (errno)); + } - return ipforward (); + return ipforward(); } -#ifdef HAVE_IPV6 char proc_ipv6_forwarding[] = "/proc/sys/net/ipv6/conf/all/forwarding"; -int -ipforward_ipv6 (void) +int ipforward_ipv6(void) { - FILE *fp; - char buf[5]; - int ipforwarding = 0; + int ret = 0; + FILE *fp; + char buf[5]; + int ipforwarding = 0; + + fp = fopen(proc_ipv6_forwarding, "r"); - fp = fopen (proc_ipv6_forwarding, "r"); + if (fp == NULL) + return -1; - if (fp == NULL) - return -1; + if (fgets(buf, 2, fp)) + ret = sscanf(buf, "%d", &ipforwarding); - if (fgets (buf, 2, fp)) - sscanf (buf, "%d", &ipforwarding); + fclose(fp); - fclose (fp); - return ipforwarding; + if (ret != 1) + return 0; + + return ipforwarding; } -int -ipforward_ipv6_on (void) +int ipforward_ipv6_on(void) { - FILE *fp; + FILE *fp; - if ( zserv_privs.change(ZPRIVS_RAISE) ) - zlog_err ("Can't raise privileges, %s", safe_strerror (errno)); + frr_elevate_privs(&zserv_privs) { - fp = fopen (proc_ipv6_forwarding, "w"); + fp = fopen(proc_ipv6_forwarding, "w"); - if (fp == NULL) { - if ( zserv_privs.change(ZPRIVS_LOWER) ) - zlog_err ("Can't lower privileges, %s", safe_strerror (errno)); - return -1; - } + if (fp == NULL) { + return -1; + } - fprintf (fp, "1\n"); + fprintf(fp, "1\n"); - fclose (fp); + fclose(fp); - if ( zserv_privs.change(ZPRIVS_LOWER) ) - zlog_err ("Can't lower privileges, %s", safe_strerror (errno)); + } - return ipforward_ipv6 (); + return ipforward_ipv6(); } -int -ipforward_ipv6_off (void) + +int ipforward_ipv6_off(void) { - FILE *fp; + FILE *fp; - if ( zserv_privs.change(ZPRIVS_RAISE) ) - zlog_err ("Can't raise privileges, %s", safe_strerror (errno)); + frr_elevate_privs(&zserv_privs) { - fp = fopen (proc_ipv6_forwarding, "w"); + fp = fopen(proc_ipv6_forwarding, "w"); - if (fp == NULL) { - if ( zserv_privs.change(ZPRIVS_LOWER) ) - zlog_err ("Can't lower privileges, %s", safe_strerror (errno)); - return -1; - } + if (fp == NULL) { + return -1; + } - fprintf (fp, "0\n"); + fprintf(fp, "0\n"); - fclose (fp); + fclose(fp); - if ( zserv_privs.change(ZPRIVS_LOWER) ) - zlog_err ("Can't lower privileges, %s", safe_strerror (errno)); + } - return ipforward_ipv6 (); + return ipforward_ipv6(); } -#endif /* HAVE_IPV6 */ + +#endif /* GNU_LINUX */