ipforward_sysctl.c 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179
  1. /* IP forward control by sysctl function.
  2. * Copyright (C) 1997, 1999 Kunihiro Ishiguro
  3. *
  4. * This file is part of GNU Zebra.
  5. *
  6. * GNU Zebra is free software; you can redistribute it and/or modify it
  7. * under the terms of the GNU General Public License as published by the
  8. * Free Software Foundation; either version 2, or (at your option) any
  9. * later version.
  10. *
  11. * GNU Zebra is distributed in the hope that it will be useful, but
  12. * WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  14. * General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU General Public License
  17. * along with GNU Zebra; see the file COPYING. If not, write to the Free
  18. * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
  19. * 02111-1307, USA.
  20. */
  21. #include <zebra.h>
  22. #include "privs.h"
  23. #ifdef NRL
  24. #include <netinet6/in6.h>
  25. #endif /* NRL */
  26. #include "log.h"
  27. #define MIB_SIZ 4
  28. extern struct zebra_privs_t zserv_privs;
  29. /* IPv4 forwarding control MIB. */
  30. int mib[MIB_SIZ] =
  31. {
  32. CTL_NET,
  33. PF_INET,
  34. IPPROTO_IP,
  35. IPCTL_FORWARDING
  36. };
  37. int
  38. ipforward ()
  39. {
  40. int len;
  41. int ipforwarding = 0;
  42. len = sizeof ipforwarding;
  43. if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
  44. {
  45. zlog_warn ("Can't get ipforwarding value");
  46. return -1;
  47. }
  48. return ipforwarding;
  49. }
  50. int
  51. ipforward_on ()
  52. {
  53. int len;
  54. int ipforwarding = 1;
  55. len = sizeof ipforwarding;
  56. if (zserv_privs.change(ZPRIVS_RAISE))
  57. zlog (NULL, LOG_ERR, "Can't raise privileges");
  58. if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  59. {
  60. if (zserv_privs.change(ZPRIVS_LOWER))
  61. zlog (NULL, LOG_ERR, "Can't lower privileges");
  62. zlog_warn ("Can't set ipforwarding on");
  63. return -1;
  64. }
  65. if (zserv_privs.change(ZPRIVS_LOWER))
  66. zlog (NULL, LOG_ERR, "Can't lower privileges");
  67. return ipforwarding;
  68. }
  69. int
  70. ipforward_off ()
  71. {
  72. int len;
  73. int ipforwarding = 0;
  74. len = sizeof ipforwarding;
  75. if (zserv_privs.change(ZPRIVS_RAISE))
  76. zlog (NULL, LOG_ERR, "Can't raise privileges");
  77. if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  78. {
  79. if (zserv_privs.change(ZPRIVS_LOWER))
  80. zlog (NULL, LOG_ERR, "Can't lower privileges");
  81. zlog_warn ("Can't set ipforwarding on");
  82. return -1;
  83. }
  84. if (zserv_privs.change(ZPRIVS_LOWER))
  85. zlog (NULL, LOG_ERR, "Can't lower privileges");
  86. return ipforwarding;
  87. }
  88. #ifdef HAVE_IPV6
  89. /* IPv6 forwarding control MIB. */
  90. int mib_ipv6[MIB_SIZ] =
  91. {
  92. CTL_NET,
  93. PF_INET6,
  94. #if defined(KAME) || (defined(__bsdi__) && _BSDI_VERSION >= 199802 ) || defined(NRL)
  95. IPPROTO_IPV6,
  96. IPV6CTL_FORWARDING
  97. #else /* NOT KAME */
  98. IPPROTO_IP,
  99. IP6CTL_FORWARDING
  100. #endif /* KAME */
  101. };
  102. int
  103. ipforward_ipv6 ()
  104. {
  105. int len;
  106. int ip6forwarding = 0;
  107. len = sizeof ip6forwarding;
  108. if (zserv_privs.change(ZPRIVS_RAISE))
  109. zlog (NULL, LOG_ERR, "Can't raise privileges");
  110. if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
  111. {
  112. if (zserv_privs.change(ZPRIVS_LOWER))
  113. zlog (NULL, LOG_ERR, "Can't lower privileges");
  114. zlog_warn ("can't get ip6forwarding value");
  115. return -1;
  116. }
  117. if (zserv_privs.change(ZPRIVS_LOWER))
  118. zlog (NULL, LOG_ERR, "Can't lower privileges");
  119. return ip6forwarding;
  120. }
  121. int
  122. ipforward_ipv6_on ()
  123. {
  124. int len;
  125. int ip6forwarding = 1;
  126. len = sizeof ip6forwarding;
  127. if (zserv_privs.change(ZPRIVS_RAISE))
  128. zlog (NULL, LOG_ERR, "Can't raise privileges");
  129. if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
  130. {
  131. if (zserv_privs.change(ZPRIVS_LOWER))
  132. zlog (NULL, LOG_ERR, "Can't lower privileges");
  133. zlog_warn ("can't get ip6forwarding value");
  134. return -1;
  135. }
  136. if (zserv_privs.change(ZPRIVS_LOWER))
  137. zlog (NULL, LOG_ERR, "Can't lower privileges");
  138. return ip6forwarding;
  139. }
  140. int
  141. ipforward_ipv6_off ()
  142. {
  143. int len;
  144. int ip6forwarding = 0;
  145. len = sizeof ip6forwarding;
  146. if (zserv_privs.change(ZPRIVS_RAISE))
  147. zlog (NULL, LOG_ERR, "Can't raise privileges");
  148. if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
  149. {
  150. if (zserv_privs.change(ZPRIVS_LOWER))
  151. zlog (NULL, LOG_ERR, "Can't lower privileges");
  152. zlog_warn ("can't get ip6forwarding value");
  153. return -1;
  154. }
  155. if (zserv_privs.change(ZPRIVS_LOWER))
  156. zlog (NULL, LOG_ERR, "Can't lower privileges");
  157. return ip6forwarding;
  158. }
  159. #endif /* HAVE_IPV6 */