ipforward_sysctl.c 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180
  1. /* IP forward control by sysctl function.
  2. * Copyright (C) 1997, 1999 Kunihiro Ishiguro
  3. *
  4. * This file is part of GNU Zebra.
  5. *
  6. * GNU Zebra is free software; you can redistribute it and/or modify it
  7. * under the terms of the GNU General Public License as published by the
  8. * Free Software Foundation; either version 2, or (at your option) any
  9. * later version.
  10. *
  11. * GNU Zebra is distributed in the hope that it will be useful, but
  12. * WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  14. * General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU General Public License
  17. * along with GNU Zebra; see the file COPYING. If not, write to the Free
  18. * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
  19. * 02111-1307, USA.
  20. */
  21. #include <zebra.h>
  22. #include "privs.h"
  23. #include "zebra/ipforward.h"
  24. #ifdef NRL
  25. #include <netinet6/in6.h>
  26. #endif /* NRL */
  27. #include "log.h"
  28. #define MIB_SIZ 4
  29. extern struct zebra_privs_t zserv_privs;
  30. /* IPv4 forwarding control MIB. */
  31. int mib[MIB_SIZ] =
  32. {
  33. CTL_NET,
  34. PF_INET,
  35. IPPROTO_IP,
  36. IPCTL_FORWARDING
  37. };
  38. int
  39. ipforward (void)
  40. {
  41. size_t len;
  42. int ipforwarding = 0;
  43. len = sizeof ipforwarding;
  44. if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
  45. {
  46. zlog_warn ("Can't get ipforwarding value");
  47. return -1;
  48. }
  49. return ipforwarding;
  50. }
  51. int
  52. ipforward_on (void)
  53. {
  54. size_t len;
  55. int ipforwarding = 1;
  56. len = sizeof ipforwarding;
  57. if (zserv_privs.change(ZPRIVS_RAISE))
  58. zlog (NULL, LOG_ERR, "Can't raise privileges");
  59. if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  60. {
  61. if (zserv_privs.change(ZPRIVS_LOWER))
  62. zlog (NULL, LOG_ERR, "Can't lower privileges");
  63. zlog_warn ("Can't set ipforwarding on");
  64. return -1;
  65. }
  66. if (zserv_privs.change(ZPRIVS_LOWER))
  67. zlog (NULL, LOG_ERR, "Can't lower privileges");
  68. return ipforwarding;
  69. }
  70. int
  71. ipforward_off (void)
  72. {
  73. size_t len;
  74. int ipforwarding = 0;
  75. len = sizeof ipforwarding;
  76. if (zserv_privs.change(ZPRIVS_RAISE))
  77. zlog (NULL, LOG_ERR, "Can't raise privileges");
  78. if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  79. {
  80. if (zserv_privs.change(ZPRIVS_LOWER))
  81. zlog (NULL, LOG_ERR, "Can't lower privileges");
  82. zlog_warn ("Can't set ipforwarding on");
  83. return -1;
  84. }
  85. if (zserv_privs.change(ZPRIVS_LOWER))
  86. zlog (NULL, LOG_ERR, "Can't lower privileges");
  87. return ipforwarding;
  88. }
  89. #ifdef HAVE_IPV6
  90. /* IPv6 forwarding control MIB. */
  91. int mib_ipv6[MIB_SIZ] =
  92. {
  93. CTL_NET,
  94. PF_INET6,
  95. #if defined(KAME) || (defined(__bsdi__) && _BSDI_VERSION >= 199802 ) || defined(NRL)
  96. IPPROTO_IPV6,
  97. IPV6CTL_FORWARDING
  98. #else /* NOT KAME */
  99. IPPROTO_IP,
  100. IP6CTL_FORWARDING
  101. #endif /* KAME */
  102. };
  103. int
  104. ipforward_ipv6 (void)
  105. {
  106. size_t len;
  107. int ip6forwarding = 0;
  108. len = sizeof ip6forwarding;
  109. if (zserv_privs.change(ZPRIVS_RAISE))
  110. zlog (NULL, LOG_ERR, "Can't raise privileges");
  111. if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
  112. {
  113. if (zserv_privs.change(ZPRIVS_LOWER))
  114. zlog (NULL, LOG_ERR, "Can't lower privileges");
  115. zlog_warn ("can't get ip6forwarding value");
  116. return -1;
  117. }
  118. if (zserv_privs.change(ZPRIVS_LOWER))
  119. zlog (NULL, LOG_ERR, "Can't lower privileges");
  120. return ip6forwarding;
  121. }
  122. int
  123. ipforward_ipv6_on (void)
  124. {
  125. size_t len;
  126. int ip6forwarding = 1;
  127. len = sizeof ip6forwarding;
  128. if (zserv_privs.change(ZPRIVS_RAISE))
  129. zlog (NULL, LOG_ERR, "Can't raise privileges");
  130. if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
  131. {
  132. if (zserv_privs.change(ZPRIVS_LOWER))
  133. zlog (NULL, LOG_ERR, "Can't lower privileges");
  134. zlog_warn ("can't get ip6forwarding value");
  135. return -1;
  136. }
  137. if (zserv_privs.change(ZPRIVS_LOWER))
  138. zlog (NULL, LOG_ERR, "Can't lower privileges");
  139. return ip6forwarding;
  140. }
  141. int
  142. ipforward_ipv6_off (void)
  143. {
  144. size_t len;
  145. int ip6forwarding = 0;
  146. len = sizeof ip6forwarding;
  147. if (zserv_privs.change(ZPRIVS_RAISE))
  148. zlog (NULL, LOG_ERR, "Can't raise privileges");
  149. if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
  150. {
  151. if (zserv_privs.change(ZPRIVS_LOWER))
  152. zlog (NULL, LOG_ERR, "Can't lower privileges");
  153. zlog_warn ("can't get ip6forwarding value");
  154. return -1;
  155. }
  156. if (zserv_privs.change(ZPRIVS_LOWER))
  157. zlog (NULL, LOG_ERR, "Can't lower privileges");
  158. return ip6forwarding;
  159. }
  160. #endif /* HAVE_IPV6 */