return 0;
}
+int knet_handle_enable_access_lists(knet_handle_t knet_h, unsigned int enabled)
+{
+ int savederrno = 0;
+
+ if (!knet_h) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ if (enabled > 1) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ savederrno = get_global_wrlock(knet_h);
+ if (savederrno) {
+ log_err(knet_h, KNET_SUB_HANDLE, "Unable to get write lock: %s",
+ strerror(savederrno));
+ errno = savederrno;
+ return -1;
+ }
+
+ knet_h->use_access_lists = enabled;
+
+ if (enabled) {
+ log_debug(knet_h, KNET_SUB_HANDLE, "Links access lists are enabled");
+ } else {
+ log_debug(knet_h, KNET_SUB_HANDLE, "Links access lists are disabled");
+ }
+
+ pthread_rwlock_unlock(&knet_h->global_rwlock);
+
+ errno = 0;
+ return 0;
+}
+
int knet_handle_pmtud_getfreq(knet_handle_t knet_h, unsigned int *interval)
{
int savederrno = 0;
int knet_handle_setfwd(knet_handle_t knet_h, unsigned int enabled);
+/**
+ * knet_handle_enable_access_lists
+ *
+ * @brief Start packet forwarding
+ *
+ * knet_h - pointer to knet_handle_t
+ *
+ * enable - set to 1 to use ip access lists, 0 to disable ip access_lists.
+ *
+ * @return
+ * knet_handle_enable_access_lists returns
+ * 0 on success
+ * -1 on error and errno is set.
+ *
+ * By default access lists usage is off, but default internal access lists
+ * will be populated regardless, but not enforced. TODO add long explanation
+ * on internal access lists for point to point connections vs global
+ * listeners etc.
+ */
+
+int knet_handle_enable_access_lists(knet_handle_t knet_h, unsigned int enabled);
+
#define KNET_PMTUD_DEFAULT_INTERVAL 60
/**
api_knet_handle_compress_test \
api_knet_handle_crypto_test \
api_knet_handle_setfwd_test \
+ api_knet_handle_enable_access_lists_test \
api_knet_handle_enable_filter_test \
api_knet_handle_enable_sock_notify_test \
api_knet_handle_add_datafd_test \
api_knet_handle_setfwd_test_SOURCES = api_knet_handle_setfwd.c \
test-common.c
+api_knet_handle_enable_access_lists_test_SOURCES = api_knet_handle_enable_access_lists.c \
+ test-common.c
+
api_knet_handle_enable_filter_test_SOURCES = api_knet_handle_enable_filter.c \
test-common.c
--- /dev/null
+/*
+ * Copyright (C) 2016-2018 Red Hat, Inc. All rights reserved.
+ *
+ * Authors: Fabio M. Di Nitto <fabbione@kronosnet.org>
+ *
+ * This software licensed under GPL-2.0+, LGPL-2.0+
+ */
+
+#include "config.h"
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "libknet.h"
+#include "internals.h"
+
+#include "test-common.h"
+
+static void test(void)
+{
+ knet_handle_t knet_h;
+ int logfds[2];
+
+ printf("Test knet_handle_enable_access_lists with invalid knet_h\n");
+
+ if ((!knet_handle_enable_access_lists(NULL, 0)) || (errno != EINVAL)) {
+ printf("knet_handle_enable_access_lists accepted invalid knet_h parameter\n");
+ exit(FAIL);
+ }
+
+ setup_logpipes(logfds);
+
+ printf("Test knet_handle_enable_access_lists with invalid param (2) \n");
+
+ knet_h = knet_handle_start(logfds, KNET_LOG_DEBUG);
+
+ if ((!knet_handle_enable_access_lists(knet_h, 2)) || (errno != EINVAL)) {
+ printf("knet_handle_enable_access_lists accepted invalid param for enabled: %s\n", strerror(errno));
+ knet_handle_free(knet_h);
+ flush_logs(logfds[0], stdout);
+ close_logpipes(logfds);
+ exit(FAIL);
+ }
+
+ flush_logs(logfds[0], stdout);
+
+ printf("Test knet_handle_enable_access_lists with valid param (1) \n");
+
+ if (knet_handle_enable_access_lists(knet_h, 1) < 0) {
+ printf("knet_handle_enable_access_lists failed: %s\n", strerror(errno));
+ knet_handle_free(knet_h);
+ flush_logs(logfds[0], stdout);
+ close_logpipes(logfds);
+ exit(FAIL);
+ }
+
+ if (knet_h->use_access_lists != 1) {
+ printf("knet_handle_enable_access_lists failed to set correct value");
+ knet_handle_free(knet_h);
+ flush_logs(logfds[0], stdout);
+ close_logpipes(logfds);
+ exit(FAIL);
+ }
+
+ flush_logs(logfds[0], stdout);
+
+ printf("Test knet_handle_enable_access_lists with valid param (0) \n");
+
+ if (knet_handle_enable_access_lists(knet_h, 0) < 0) {
+ printf("knet_handle_enable_access_lists failed: %s\n", strerror(errno));
+ knet_handle_free(knet_h);
+ flush_logs(logfds[0], stdout);
+ close_logpipes(logfds);
+ exit(FAIL);
+ }
+
+ if (knet_h->use_access_lists != 0) {
+ printf("knet_handle_enable_access_lists failed to set correct value");
+ knet_handle_free(knet_h);
+ flush_logs(logfds[0], stdout);
+ close_logpipes(logfds);
+ exit(FAIL);
+ }
+
+ flush_logs(logfds[0], stdout);
+
+ knet_handle_free(knet_h);
+ flush_logs(logfds[0], stdout);
+ close_logpipes(logfds);
+}
+
+int main(int argc, char *argv[])
+{
+ test();
+
+ return PASS;
+}