]>
Commit | Line | Data |
---|---|---|
718e3744 | 1 | /* |
2 | * Fetch ipforward value by reading /proc filesystem. | |
3 | * Copyright (C) 1997 Kunihiro Ishiguro | |
4 | * | |
5 | * This file is part of GNU Zebra. | |
6 | * | |
7 | * GNU Zebra is free software; you can redistribute it and/or modify it | |
8 | * under the terms of the GNU General Public License as published by the | |
9 | * Free Software Foundation; either version 2, or (at your option) any | |
10 | * later version. | |
11 | * | |
12 | * GNU Zebra is distributed in the hope that it will be useful, but | |
13 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 | * General Public License for more details. | |
16 | * | |
896014f4 DL |
17 | * You should have received a copy of the GNU General Public License along |
18 | * with this program; see the file COPYING; if not, write to the Free Software | |
19 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
718e3744 | 20 | */ |
21 | ||
22 | #include <zebra.h> | |
23 | ||
ddfeb486 DL |
24 | #ifdef GNU_LINUX |
25 | ||
edd7c245 | 26 | #include "log.h" |
27 | #include "privs.h" | |
174482ef | 28 | #include "lib_errors.h" |
edd7c245 | 29 | |
a1ac18c4 | 30 | #include "zebra/ipforward.h" |
31 | ||
edd7c245 | 32 | extern struct zebra_privs_t zserv_privs; |
33 | ||
718e3744 | 34 | char proc_net_snmp[] = "/proc/net/snmp"; |
35 | ||
d62a17ae | 36 | static void dropline(FILE *fp) |
718e3744 | 37 | { |
d62a17ae | 38 | int c; |
718e3744 | 39 | |
d62a17ae | 40 | while ((c = getc(fp)) != '\n') |
41 | ; | |
718e3744 | 42 | } |
43 | ||
d62a17ae | 44 | int ipforward(void) |
718e3744 | 45 | { |
116e176d | 46 | int ret = 0; |
d62a17ae | 47 | FILE *fp; |
48 | int ipforwarding = 0; | |
49 | char buf[10]; | |
50 | ||
51 | fp = fopen(proc_net_snmp, "r"); | |
52 | ||
53 | if (fp == NULL) | |
54 | return -1; | |
55 | ||
56 | /* We don't care about the first line. */ | |
57 | dropline(fp); | |
58 | ||
59 | /* Get ip_statistics.IpForwarding : | |
60 | 1 => ip forwarding enabled | |
61 | 2 => ip forwarding off. */ | |
62 | if (fgets(buf, 6, fp)) | |
116e176d | 63 | ret = sscanf(buf, "Ip: %d", &ipforwarding); |
d62a17ae | 64 | |
65 | fclose(fp); | |
66 | ||
116e176d | 67 | if (ret == 1 && ipforwarding == 1) |
d62a17ae | 68 | return 1; |
69 | ||
70 | return 0; | |
718e3744 | 71 | } |
72 | ||
73 | /* char proc_ipv4_forwarding[] = "/proc/sys/net/ipv4/conf/all/forwarding"; */ | |
74 | char proc_ipv4_forwarding[] = "/proc/sys/net/ipv4/ip_forward"; | |
75 | ||
d62a17ae | 76 | int ipforward_on(void) |
718e3744 | 77 | { |
d62a17ae | 78 | FILE *fp; |
79 | ||
80 | if (zserv_privs.change(ZPRIVS_RAISE)) | |
af4c2728 | 81 | flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s", |
174482ef | 82 | safe_strerror(errno)); |
718e3744 | 83 | |
d62a17ae | 84 | fp = fopen(proc_ipv4_forwarding, "w"); |
edd7c245 | 85 | |
d62a17ae | 86 | if (fp == NULL) { |
87 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
af4c2728 | 88 | flog_err(LIB_ERR_PRIVILEGES, |
174482ef DS |
89 | "Can't lower privileges, %s", |
90 | safe_strerror(errno)); | |
d62a17ae | 91 | return -1; |
92 | } | |
718e3744 | 93 | |
d62a17ae | 94 | fprintf(fp, "1\n"); |
718e3744 | 95 | |
d62a17ae | 96 | fclose(fp); |
718e3744 | 97 | |
d62a17ae | 98 | if (zserv_privs.change(ZPRIVS_LOWER)) |
af4c2728 | 99 | flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s", |
174482ef | 100 | safe_strerror(errno)); |
41d3fc96 | 101 | |
d62a17ae | 102 | return ipforward(); |
718e3744 | 103 | } |
104 | ||
d62a17ae | 105 | int ipforward_off(void) |
718e3744 | 106 | { |
d62a17ae | 107 | FILE *fp; |
718e3744 | 108 | |
d62a17ae | 109 | if (zserv_privs.change(ZPRIVS_RAISE)) |
af4c2728 | 110 | flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s", |
174482ef | 111 | safe_strerror(errno)); |
edd7c245 | 112 | |
d62a17ae | 113 | fp = fopen(proc_ipv4_forwarding, "w"); |
edd7c245 | 114 | |
d62a17ae | 115 | if (fp == NULL) { |
116 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
af4c2728 | 117 | flog_err(LIB_ERR_PRIVILEGES, |
174482ef DS |
118 | "Can't lower privileges, %s", |
119 | safe_strerror(errno)); | |
d62a17ae | 120 | return -1; |
121 | } | |
718e3744 | 122 | |
d62a17ae | 123 | fprintf(fp, "0\n"); |
718e3744 | 124 | |
d62a17ae | 125 | fclose(fp); |
718e3744 | 126 | |
d62a17ae | 127 | if (zserv_privs.change(ZPRIVS_LOWER)) |
af4c2728 | 128 | flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s", |
174482ef | 129 | safe_strerror(errno)); |
41d3fc96 | 130 | |
d62a17ae | 131 | return ipforward(); |
718e3744 | 132 | } |
718e3744 | 133 | |
134 | char proc_ipv6_forwarding[] = "/proc/sys/net/ipv6/conf/all/forwarding"; | |
135 | ||
d62a17ae | 136 | int ipforward_ipv6(void) |
718e3744 | 137 | { |
116e176d | 138 | int ret = 0; |
d62a17ae | 139 | FILE *fp; |
140 | char buf[5]; | |
141 | int ipforwarding = 0; | |
718e3744 | 142 | |
d62a17ae | 143 | fp = fopen(proc_ipv6_forwarding, "r"); |
718e3744 | 144 | |
d62a17ae | 145 | if (fp == NULL) |
146 | return -1; | |
718e3744 | 147 | |
d62a17ae | 148 | if (fgets(buf, 2, fp)) |
116e176d | 149 | ret = sscanf(buf, "%d", &ipforwarding); |
718e3744 | 150 | |
d62a17ae | 151 | fclose(fp); |
116e176d DS |
152 | |
153 | if (ret != 1) | |
154 | return 0; | |
155 | ||
d62a17ae | 156 | return ipforwarding; |
718e3744 | 157 | } |
158 | ||
d62a17ae | 159 | int ipforward_ipv6_on(void) |
718e3744 | 160 | { |
d62a17ae | 161 | FILE *fp; |
718e3744 | 162 | |
d62a17ae | 163 | if (zserv_privs.change(ZPRIVS_RAISE)) |
af4c2728 | 164 | flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s", |
174482ef | 165 | safe_strerror(errno)); |
edd7c245 | 166 | |
d62a17ae | 167 | fp = fopen(proc_ipv6_forwarding, "w"); |
edd7c245 | 168 | |
d62a17ae | 169 | if (fp == NULL) { |
170 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
af4c2728 | 171 | flog_err(LIB_ERR_PRIVILEGES, |
174482ef DS |
172 | "Can't lower privileges, %s", |
173 | safe_strerror(errno)); | |
d62a17ae | 174 | return -1; |
175 | } | |
718e3744 | 176 | |
d62a17ae | 177 | fprintf(fp, "1\n"); |
718e3744 | 178 | |
d62a17ae | 179 | fclose(fp); |
718e3744 | 180 | |
d62a17ae | 181 | if (zserv_privs.change(ZPRIVS_LOWER)) |
af4c2728 | 182 | flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s", |
174482ef | 183 | safe_strerror(errno)); |
41d3fc96 | 184 | |
d62a17ae | 185 | return ipforward_ipv6(); |
718e3744 | 186 | } |
187 | ||
56c1f7d8 | 188 | |
d62a17ae | 189 | int ipforward_ipv6_off(void) |
718e3744 | 190 | { |
d62a17ae | 191 | FILE *fp; |
718e3744 | 192 | |
d62a17ae | 193 | if (zserv_privs.change(ZPRIVS_RAISE)) |
af4c2728 | 194 | flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges, %s", |
174482ef | 195 | safe_strerror(errno)); |
edd7c245 | 196 | |
d62a17ae | 197 | fp = fopen(proc_ipv6_forwarding, "w"); |
edd7c245 | 198 | |
d62a17ae | 199 | if (fp == NULL) { |
200 | if (zserv_privs.change(ZPRIVS_LOWER)) | |
af4c2728 | 201 | flog_err(LIB_ERR_PRIVILEGES, |
174482ef DS |
202 | "Can't lower privileges, %s", |
203 | safe_strerror(errno)); | |
d62a17ae | 204 | return -1; |
205 | } | |
718e3744 | 206 | |
d62a17ae | 207 | fprintf(fp, "0\n"); |
718e3744 | 208 | |
d62a17ae | 209 | fclose(fp); |
718e3744 | 210 | |
d62a17ae | 211 | if (zserv_privs.change(ZPRIVS_LOWER)) |
af4c2728 | 212 | flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges, %s", |
174482ef | 213 | safe_strerror(errno)); |
41d3fc96 | 214 | |
d62a17ae | 215 | return ipforward_ipv6(); |
718e3744 | 216 | } |
ddfeb486 DL |
217 | |
218 | #endif /* GNU_LINUX */ |