ipforward_sysctl.c 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176
  1. /* IP forward control by sysctl function.
  2. * Copyright (C) 1997, 1999 Kunihiro Ishiguro
  3. *
  4. * This file is part of GNU Zebra.
  5. *
  6. * GNU Zebra is free software; you can redistribute it and/or modify it
  7. * under the terms of the GNU General Public License as published by the
  8. * Free Software Foundation; either version 2, or (at your option) any
  9. * later version.
  10. *
  11. * GNU Zebra is distributed in the hope that it will be useful, but
  12. * WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  14. * General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU General Public License
  17. * along with GNU Zebra; see the file COPYING. If not, write to the Free
  18. * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
  19. * 02111-1307, USA.
  20. */
  21. #include <zebra.h>
  22. #include "privs.h"
  23. #include "zebra/ipforward.h"
  24. #include "log.h"
  25. #define MIB_SIZ 4
  26. extern struct zebra_privs_t zserv_privs;
  27. /* IPv4 forwarding control MIB. */
  28. int mib[MIB_SIZ] =
  29. {
  30. CTL_NET,
  31. PF_INET,
  32. IPPROTO_IP,
  33. IPCTL_FORWARDING
  34. };
  35. int
  36. ipforward (void)
  37. {
  38. size_t len;
  39. int ipforwarding = 0;
  40. len = sizeof ipforwarding;
  41. if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
  42. {
  43. zlog_warn ("Can't get ipforwarding value");
  44. return -1;
  45. }
  46. return ipforwarding;
  47. }
  48. int
  49. ipforward_on (void)
  50. {
  51. size_t len;
  52. int ipforwarding = 1;
  53. len = sizeof ipforwarding;
  54. if (zserv_privs.change(ZPRIVS_RAISE))
  55. zlog (NULL, LOG_ERR, "Can't raise privileges");
  56. if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  57. {
  58. if (zserv_privs.change(ZPRIVS_LOWER))
  59. zlog (NULL, LOG_ERR, "Can't lower privileges");
  60. zlog_warn ("Can't set ipforwarding on");
  61. return -1;
  62. }
  63. if (zserv_privs.change(ZPRIVS_LOWER))
  64. zlog (NULL, LOG_ERR, "Can't lower privileges");
  65. return ipforwarding;
  66. }
  67. int
  68. ipforward_off (void)
  69. {
  70. size_t len;
  71. int ipforwarding = 0;
  72. len = sizeof ipforwarding;
  73. if (zserv_privs.change(ZPRIVS_RAISE))
  74. zlog (NULL, LOG_ERR, "Can't raise privileges");
  75. if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
  76. {
  77. if (zserv_privs.change(ZPRIVS_LOWER))
  78. zlog (NULL, LOG_ERR, "Can't lower privileges");
  79. zlog_warn ("Can't set ipforwarding on");
  80. return -1;
  81. }
  82. if (zserv_privs.change(ZPRIVS_LOWER))
  83. zlog (NULL, LOG_ERR, "Can't lower privileges");
  84. return ipforwarding;
  85. }
  86. #ifdef HAVE_IPV6
  87. /* IPv6 forwarding control MIB. */
  88. int mib_ipv6[MIB_SIZ] =
  89. {
  90. CTL_NET,
  91. PF_INET6,
  92. #if defined(KAME)
  93. IPPROTO_IPV6,
  94. IPV6CTL_FORWARDING
  95. #else /* NOT KAME */
  96. IPPROTO_IP,
  97. IP6CTL_FORWARDING
  98. #endif /* KAME */
  99. };
  100. int
  101. ipforward_ipv6 (void)
  102. {
  103. size_t len;
  104. int ip6forwarding = 0;
  105. len = sizeof ip6forwarding;
  106. if (zserv_privs.change(ZPRIVS_RAISE))
  107. zlog (NULL, LOG_ERR, "Can't raise privileges");
  108. if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
  109. {
  110. if (zserv_privs.change(ZPRIVS_LOWER))
  111. zlog (NULL, LOG_ERR, "Can't lower privileges");
  112. zlog_warn ("can't get ip6forwarding value");
  113. return -1;
  114. }
  115. if (zserv_privs.change(ZPRIVS_LOWER))
  116. zlog (NULL, LOG_ERR, "Can't lower privileges");
  117. return ip6forwarding;
  118. }
  119. int
  120. ipforward_ipv6_on (void)
  121. {
  122. size_t len;
  123. int ip6forwarding = 1;
  124. len = sizeof ip6forwarding;
  125. if (zserv_privs.change(ZPRIVS_RAISE))
  126. zlog (NULL, LOG_ERR, "Can't raise privileges");
  127. if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
  128. {
  129. if (zserv_privs.change(ZPRIVS_LOWER))
  130. zlog (NULL, LOG_ERR, "Can't lower privileges");
  131. zlog_warn ("can't get ip6forwarding value");
  132. return -1;
  133. }
  134. if (zserv_privs.change(ZPRIVS_LOWER))
  135. zlog (NULL, LOG_ERR, "Can't lower privileges");
  136. return ip6forwarding;
  137. }
  138. int
  139. ipforward_ipv6_off (void)
  140. {
  141. size_t len;
  142. int ip6forwarding = 0;
  143. len = sizeof ip6forwarding;
  144. if (zserv_privs.change(ZPRIVS_RAISE))
  145. zlog (NULL, LOG_ERR, "Can't raise privileges");
  146. if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
  147. {
  148. if (zserv_privs.change(ZPRIVS_LOWER))
  149. zlog (NULL, LOG_ERR, "Can't lower privileges");
  150. zlog_warn ("can't get ip6forwarding value");
  151. return -1;
  152. }
  153. if (zserv_privs.change(ZPRIVS_LOWER))
  154. zlog (NULL, LOG_ERR, "Can't lower privileges");
  155. return ip6forwarding;
  156. }
  157. #endif /* HAVE_IPV6 */