Gitiles
Code Review Sign In
gerrit.opencord.org / quagga / fb9e46bbb1a639cf365d06a75007e708c278b6bd / . / zebra / ipforward_sysctl.c
blob: a8d0d8cbc58074fed03e59cf63dc52d7dee09bb3 [file] [log] [blame]
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]1/* IP forward control by sysctl function.
2 * Copyright (C) 1997, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with GNU Zebra; see the file COPYING. If not, write to the Free
18 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
19 * 02111-1307, USA.
20 */
21
22#include <zebra.h>
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]23#include "privs.h"
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]24
25#ifdef NRL
26#include <netinet6/in6.h>
27#endif /* NRL */
28
29#include "log.h"
30
31#define MIB_SIZ 4
32
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]33extern struct zebra_privs_t zserv_privs;
34
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]35/* IPv4 forwarding control MIB. */
36int mib[MIB_SIZ] =
37{
38 CTL_NET,
39 PF_INET,
40 IPPROTO_IP,
41 IPCTL_FORWARDING
42};
43
44int
45ipforward ()
46{
gdta5ea6872004-08-26 13:24:00 +0000[diff] [blame]47 size_t len;
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]48 int ipforwarding = 0;
49
50 len = sizeof ipforwarding;
51 if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0)
52 {
53 zlog_warn ("Can't get ipforwarding value");
54 return -1;
55 }
56 return ipforwarding;
57}
58
59int
60ipforward_on ()
61{
gdta5ea6872004-08-26 13:24:00 +0000[diff] [blame]62 size_t len;
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]63 int ipforwarding = 1;
64
65 len = sizeof ipforwarding;
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]66 if (zserv_privs.change(ZPRIVS_RAISE))
67 zlog (NULL, LOG_ERR, "Can't raise privileges");
68 if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]69 {
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]70 if (zserv_privs.change(ZPRIVS_LOWER))
71 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]72 zlog_warn ("Can't set ipforwarding on");
73 return -1;
74 }
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]75 if (zserv_privs.change(ZPRIVS_LOWER))
76 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]77 return ipforwarding;
78}
79
80int
81ipforward_off ()
82{
gdta5ea6872004-08-26 13:24:00 +0000[diff] [blame]83 size_t len;
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]84 int ipforwarding = 0;
85
86 len = sizeof ipforwarding;
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]87 if (zserv_privs.change(ZPRIVS_RAISE))
88 zlog (NULL, LOG_ERR, "Can't raise privileges");
89 if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]90 {
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]91 if (zserv_privs.change(ZPRIVS_LOWER))
92 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]93 zlog_warn ("Can't set ipforwarding on");
94 return -1;
95 }
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]96 if (zserv_privs.change(ZPRIVS_LOWER))
97 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]98 return ipforwarding;
99}
100
101#ifdef HAVE_IPV6
102
103/* IPv6 forwarding control MIB. */
104int mib_ipv6[MIB_SIZ] =
105{
106 CTL_NET,
107 PF_INET6,
108#if defined(KAME) || (defined(__bsdi__) && _BSDI_VERSION >= 199802 ) || defined(NRL)
109 IPPROTO_IPV6,
110 IPV6CTL_FORWARDING
111#else /* NOT KAME */
112 IPPROTO_IP,
113 IP6CTL_FORWARDING
114#endif /* KAME */
115};
116
117int
118ipforward_ipv6 ()
119{
gdta5ea6872004-08-26 13:24:00 +0000[diff] [blame]120 size_t len;
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]121 int ip6forwarding = 0;
122
123 len = sizeof ip6forwarding;
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]124 if (zserv_privs.change(ZPRIVS_RAISE))
125 zlog (NULL, LOG_ERR, "Can't raise privileges");
126 if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]127 {
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]128 if (zserv_privs.change(ZPRIVS_LOWER))
129 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]130 zlog_warn ("can't get ip6forwarding value");
131 return -1;
132 }
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]133 if (zserv_privs.change(ZPRIVS_LOWER))
134 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]135 return ip6forwarding;
136}
137
138int
139ipforward_ipv6_on ()
140{
gdta5ea6872004-08-26 13:24:00 +0000[diff] [blame]141 size_t len;
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]142 int ip6forwarding = 1;
143
144 len = sizeof ip6forwarding;
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]145 if (zserv_privs.change(ZPRIVS_RAISE))
146 zlog (NULL, LOG_ERR, "Can't raise privileges");
147 if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]148 {
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]149 if (zserv_privs.change(ZPRIVS_LOWER))
150 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]151 zlog_warn ("can't get ip6forwarding value");
152 return -1;
153 }
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]154 if (zserv_privs.change(ZPRIVS_LOWER))
155 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]156 return ip6forwarding;
157}
158
159int
160ipforward_ipv6_off ()
161{
gdta5ea6872004-08-26 13:24:00 +0000[diff] [blame]162 size_t len;
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]163 int ip6forwarding = 0;
164
165 len = sizeof ip6forwarding;
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]166 if (zserv_privs.change(ZPRIVS_RAISE))
167 zlog (NULL, LOG_ERR, "Can't raise privileges");
168 if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]169 {
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]170 if (zserv_privs.change(ZPRIVS_LOWER))
171 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]172 zlog_warn ("can't get ip6forwarding value");
173 return -1;
174 }
pauledd7c242003-06-04 13:59:38 +0000[diff] [blame]175 if (zserv_privs.change(ZPRIVS_LOWER))
176 zlog (NULL, LOG_ERR, "Can't lower privileges");
paul718e3742002-12-13 20:15:29 +0000[diff] [blame]177 return ip6forwarding;
178}
179#endif /* HAVE_IPV6 */