1/* IP forward control by sysctl function. 2 * Copyright (C) 1997, 1999 Kunihiro Ishiguro 3 * 4 * This file is part of GNU Zebra. 5 * 6 * GNU Zebra is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the 8 * Free Software Foundation; either version 2, or (at your option) any 9 * later version. 10 * 11 * GNU Zebra is distributed in the hope that it will be useful, but 12 * WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with GNU Zebra; see the file COPYING. If not, write to the Free 18 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 19 * 02111-1307, USA. 20 */ 21 22#include <zebra.h> 23#include "privs.h" 24#include "zebra/ipforward.h" 25 26#include "log.h" 27 28#define MIB_SIZ 4 29 30extern struct zebra_privs_t zserv_privs; 31 32/* IPv4 forwarding control MIB. */ 33int mib[MIB_SIZ] = 34{ 35 CTL_NET, 36 PF_INET, 37 IPPROTO_IP, 38 IPCTL_FORWARDING 39}; 40 41int 42ipforward (void) 43{ 44 size_t len; 45 int ipforwarding = 0; 46 47 len = sizeof ipforwarding; 48 if (sysctl (mib, MIB_SIZ, &ipforwarding, &len, 0, 0) < 0) 49 { 50 zlog_warn ("Can't get ipforwarding value"); 51 return -1; 52 } 53 return ipforwarding; 54} 55 56int 57ipforward_on (void) 58{ 59 size_t len; 60 int ipforwarding = 1; 61 62 len = sizeof ipforwarding; 63 if (zserv_privs.change(ZPRIVS_RAISE)) 64 zlog (NULL, LOG_ERR, "Can't raise privileges"); 65 if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) 66 { 67 if (zserv_privs.change(ZPRIVS_LOWER)) 68 zlog (NULL, LOG_ERR, "Can't lower privileges"); 69 zlog_warn ("Can't set ipforwarding on"); 70 return -1; 71 } 72 if (zserv_privs.change(ZPRIVS_LOWER)) 73 zlog (NULL, LOG_ERR, "Can't lower privileges"); 74 return ipforwarding; 75} 76 77int 78ipforward_off (void) 79{ 80 size_t len; 81 int ipforwarding = 0; 82 83 len = sizeof ipforwarding; 84 if (zserv_privs.change(ZPRIVS_RAISE)) 85 zlog (NULL, LOG_ERR, "Can't raise privileges"); 86 if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) 87 { 88 if (zserv_privs.change(ZPRIVS_LOWER)) 89 zlog (NULL, LOG_ERR, "Can't lower privileges"); 90 zlog_warn ("Can't set ipforwarding on"); 91 return -1; 92 } 93 if (zserv_privs.change(ZPRIVS_LOWER)) 94 zlog (NULL, LOG_ERR, "Can't lower privileges"); 95 return ipforwarding; 96} 97 98#ifdef HAVE_IPV6 99 100/* IPv6 forwarding control MIB. */ 101int mib_ipv6[MIB_SIZ] = 102{ 103 CTL_NET, 104 PF_INET6, 105#if defined(KAME) 106 IPPROTO_IPV6, 107 IPV6CTL_FORWARDING 108#else /* NOT KAME */ 109 IPPROTO_IP, 110 IP6CTL_FORWARDING 111#endif /* KAME */ 112}; 113 114int 115ipforward_ipv6 (void) 116{ 117 size_t len; 118 int ip6forwarding = 0; 119 120 len = sizeof ip6forwarding; 121 if (zserv_privs.change(ZPRIVS_RAISE)) 122 zlog (NULL, LOG_ERR, "Can't raise privileges"); 123 if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) 124 { 125 if (zserv_privs.change(ZPRIVS_LOWER)) 126 zlog (NULL, LOG_ERR, "Can't lower privileges"); 127 zlog_warn ("can't get ip6forwarding value"); 128 return -1; 129 } 130 if (zserv_privs.change(ZPRIVS_LOWER)) 131 zlog (NULL, LOG_ERR, "Can't lower privileges"); 132 return ip6forwarding; 133} 134 135int 136ipforward_ipv6_on (void) 137{ 138 size_t len; 139 int ip6forwarding = 1; 140 141 len = sizeof ip6forwarding; 142 if (zserv_privs.change(ZPRIVS_RAISE)) 143 zlog (NULL, LOG_ERR, "Can't raise privileges"); 144 if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) 145 { 146 if (zserv_privs.change(ZPRIVS_LOWER)) 147 zlog (NULL, LOG_ERR, "Can't lower privileges"); 148 zlog_warn ("can't get ip6forwarding value"); 149 return -1; 150 } 151 if (zserv_privs.change(ZPRIVS_LOWER)) 152 zlog (NULL, LOG_ERR, "Can't lower privileges"); 153 return ip6forwarding; 154} 155 156int 157ipforward_ipv6_off (void) 158{ 159 size_t len; 160 int ip6forwarding = 0; 161 162 len = sizeof ip6forwarding; 163 if (zserv_privs.change(ZPRIVS_RAISE)) 164 zlog (NULL, LOG_ERR, "Can't raise privileges"); 165 if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) 166 { 167 if (zserv_privs.change(ZPRIVS_LOWER)) 168 zlog (NULL, LOG_ERR, "Can't lower privileges"); 169 zlog_warn ("can't get ip6forwarding value"); 170 return -1; 171 } 172 if (zserv_privs.change(ZPRIVS_LOWER)) 173 zlog (NULL, LOG_ERR, "Can't lower privileges"); 174 return ip6forwarding; 175} 176#endif /* HAVE_IPV6 */ 177