1: /* IP forward control by sysctl function.
2: * Copyright (C) 1997, 1999 Kunihiro Ishiguro
3: *
4: * This file is part of GNU Zebra.
5: *
6: * GNU Zebra is free software; you can redistribute it and/or modify it
7: * under the terms of the GNU General Public License as published by the
8: * Free Software Foundation; either version 2, or (at your option) any
9: * later version.
10: *
11: * GNU Zebra is distributed in the hope that it will be useful, but
12: * WITHOUT ANY WARRANTY; without even the implied warranty of
13: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14: * General Public License for more details.
15: *
16: * You should have received a copy of the GNU General Public License
17: * along with GNU Zebra; see the file COPYING. If not, write to the Free
18: * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
19: * 02111-1307, USA.
20: */
21:
22: #include <zebra.h>
23: #include "privs.h"
24: #include "zebra/ipforward.h"
25:
26: #include "log.h"
27:
28: #define MIB_SIZ 4
29:
30: extern struct zebra_privs_t zserv_privs;
31:
32: /* IPv4 forwarding control MIB. */
33: int mib[MIB_SIZ] =
34: {
35: CTL_NET,
36: PF_INET,
37: IPPROTO_IP,
38: IPCTL_FORWARDING
39: };
40:
41: int
42: ipforward (void)
43: {
44: size_t len;
45: int ipforwarding = 0;
46:
47: len = sizeof ipforwarding;
48: if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
49: {
50: zlog_warn ("Can't get ipforwarding value");
51: return -1;
52: }
53: return ipforwarding;
54: }
55:
56: int
57: ipforward_on (void)
58: {
59: size_t len;
60: int ipforwarding = 1;
61:
62: len = sizeof ipforwarding;
63: if (zserv_privs.change(ZPRIVS_RAISE))
64: zlog (NULL, LOG_ERR, "Can't raise privileges");
65: if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
66: {
67: if (zserv_privs.change(ZPRIVS_LOWER))
68: zlog (NULL, LOG_ERR, "Can't lower privileges");
69: zlog_warn ("Can't set ipforwarding on");
70: return -1;
71: }
72: if (zserv_privs.change(ZPRIVS_LOWER))
73: zlog (NULL, LOG_ERR, "Can't lower privileges");
74: return ipforwarding;
75: }
76:
77: int
78: ipforward_off (void)
79: {
80: size_t len;
81: int ipforwarding = 0;
82:
83: len = sizeof ipforwarding;
84: if (zserv_privs.change(ZPRIVS_RAISE))
85: zlog (NULL, LOG_ERR, "Can't raise privileges");
86: if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
87: {
88: if (zserv_privs.change(ZPRIVS_LOWER))
89: zlog (NULL, LOG_ERR, "Can't lower privileges");
90: zlog_warn ("Can't set ipforwarding on");
91: return -1;
92: }
93: if (zserv_privs.change(ZPRIVS_LOWER))
94: zlog (NULL, LOG_ERR, "Can't lower privileges");
95: return ipforwarding;
96: }
97:
98: #ifdef HAVE_IPV6
99:
100: /* IPv6 forwarding control MIB. */
101: int mib_ipv6[MIB_SIZ] =
102: {
103: CTL_NET,
104: PF_INET6,
105: #if defined(KAME)
106: IPPROTO_IPV6,
107: IPV6CTL_FORWARDING
108: #else /* NOT KAME */
109: IPPROTO_IP,
110: IP6CTL_FORWARDING
111: #endif /* KAME */
112: };
113:
114: int
115: ipforward_ipv6 (void)
116: {
117: size_t len;
118: int ip6forwarding = 0;
119:
120: len = sizeof ip6forwarding;
121: if (zserv_privs.change(ZPRIVS_RAISE))
122: zlog (NULL, LOG_ERR, "Can't raise privileges");
123: if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
124: {
125: if (zserv_privs.change(ZPRIVS_LOWER))
126: zlog (NULL, LOG_ERR, "Can't lower privileges");
127: zlog_warn ("can't get ip6forwarding value");
128: return -1;
129: }
130: if (zserv_privs.change(ZPRIVS_LOWER))
131: zlog (NULL, LOG_ERR, "Can't lower privileges");
132: return ip6forwarding;
133: }
134:
135: int
136: ipforward_ipv6_on (void)
137: {
138: size_t len;
139: int ip6forwarding = 1;
140:
141: len = sizeof ip6forwarding;
142: if (zserv_privs.change(ZPRIVS_RAISE))
143: zlog (NULL, LOG_ERR, "Can't raise privileges");
144: if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
145: {
146: if (zserv_privs.change(ZPRIVS_LOWER))
147: zlog (NULL, LOG_ERR, "Can't lower privileges");
148: zlog_warn ("can't get ip6forwarding value");
149: return -1;
150: }
151: if (zserv_privs.change(ZPRIVS_LOWER))
152: zlog (NULL, LOG_ERR, "Can't lower privileges");
153: return ip6forwarding;
154: }
155:
156: int
157: ipforward_ipv6_off (void)
158: {
159: size_t len;
160: int ip6forwarding = 0;
161:
162: len = sizeof ip6forwarding;
163: if (zserv_privs.change(ZPRIVS_RAISE))
164: zlog (NULL, LOG_ERR, "Can't raise privileges");
165: if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
166: {
167: if (zserv_privs.change(ZPRIVS_LOWER))
168: zlog (NULL, LOG_ERR, "Can't lower privileges");
169: zlog_warn ("can't get ip6forwarding value");
170: return -1;
171: }
172: if (zserv_privs.change(ZPRIVS_LOWER))
173: zlog (NULL, LOG_ERR, "Can't lower privileges");
174: return ip6forwarding;
175: }
176: #endif /* HAVE_IPV6 */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>