int
rule_replace(inet_prefix * from, inet_prefix * to, char *dev,
int prio, u_int fwmark, u_char table)
{
rule_del(from, to, dev, prio, fwmark, table);
return rule_add(from, to, dev, prio, fwmark, table);
}
static void rule_read (s_rule *r, const char *buf)
{
const char *b = buf;
t_sym s;
while ((s = read_symbol(&b)) && (*s != '#')) {
syslog(LOG_DEBUG, "SYMBOL %s", s);
rule_add(r, s);
}
}
//---------------------------------------------------------------------------------------------------------------------
int pmip_common_init(void)
//---------------------------------------------------------------------------------------------------------------------
{
/**
* Probe for the local address
**/
int probe_fd = socket(AF_INET6, SOCK_DGRAM, 0);
if (probe_fd < 0) {
perror("socket");
exit(2);
}
unsigned int alen;
struct sockaddr_in6 host;
struct sockaddr_in6 firsthop;
memset(&firsthop, 0, sizeof(firsthop));
firsthop.sin6_port = htons(1025);
firsthop.sin6_family = AF_INET6;
if (connect(probe_fd, (struct sockaddr *) &firsthop, sizeof(firsthop)) == -1) {
perror("connect");
return -1;;
}
alen = sizeof(host);
if (getsockname(probe_fd, (struct sockaddr *) &host, &alen) == -1) {
perror("probe getsockname");
return -1;;
}
close(probe_fd);
/**
* Initializes PMIP cache.
**/
if (pmip_cache_init() < 0) {
dbg("PMIP Binding Cache initialization failed! \n");
return -1;
} else {
dbg("PMIP Binding Cache is initialized!\n");
}
/**
* Adds a default rule for RT6_TABLE_MIP6.
*/
dbg("Add default rule for RT6_TABLE_MIP6\n");
if (rule_add(NULL, RT6_TABLE_MIP6, IP6_RULE_PRIO_MIP6_FWD, RTN_UNICAST, &in6addr_any, 0, &in6addr_any, 0, 0) < 0) {
dbg("Add default rule for RT6_TABLE_MIP6 failed, insufficient privilege/kernel options missing!\n");
return -1;
}
return 0;
}
static int strexpand_init(char **table)
{
int err=0;
int c, t;
/* initialize the rules[] array */
for(c=0; c<256; c++)
rules[c]= (rule_t *)0;
/* add the given rules */
if(table)
{
for(t=0; table[t] && (err==0); t+=2)
err= rule_add(table[t], table[t+1]);
}
return err;
}
/*
* init_internet_gateway_search:
* Initialization of the igs.c code.
*/
void
init_internet_gateway_search(void)
{
inet_prefix new_gw;
char new_gw_dev[IFNAMSIZ];
pthread_t ping_thread;
pthread_attr_t t_attr;
int i, ret, res, e;
active_gws = 0;
igw_multi_gw_disabled = 0;
setzero(multigw_nh, sizeof(igw_nexthop) * MAX_MULTIPATH_ROUTES);
/*
* Just return if we aren't in restricted mode or if the user doesn't
* want to use shared internet connections
*/
if (!restricted_mode || (!server_opt.use_shared_inet &&
!server_opt.share_internet))
return;
loginfo("Activating the Internet Gateway Search engine");
init_igws(&me.igws, &me.igws_counter, GET_LEVELS(my_family));
init_tunnels_ifs();
/* delete all the old tunnels */
del_all_tunnel_ifs(0, 0, 0, NTK_TUNL_PREFIX);
/*
* Bring tunl0 up (just to test if the ipip module is loaded)
*/
loginfo("Checking if \"" DEFAULT_TUNL_IF "\" exists");
if (tunnel_change(0, 0, 0, DEFAULT_TUNL_PREFIX, DEFAULT_TUNL_NUMBER) <
0) {
printf("Cannot read \"" DEFAULT_TUNL_IF "\". "
"Is the \"ipip\" kernel module loaded?\n"
" If you don't care about using the shared internet "
"connections of the ntk nodes\n"
" around you, disable the \"use_shared_inet\" option "
"in netsukuku.conf");
del_resolv_conf("nameserver 127.0.0.1", "/etc/resolv.conf");
exit(1);
}
ifs_del_all_name(me.cur_ifs, &me.cur_ifs_n, NTK_TUNL_PREFIX);
ifs_del_all_name(me.cur_ifs, &me.cur_ifs_n, DEFAULT_TUNL_PREFIX);
/*
* Delete old routing rules
*/
reset_igw_rules();
/*
* Init netfilter
*/
res = mark_init(server_opt.share_internet);
if (res) {
error(err_str);
error("Cannot set the netfilter rules needed for the multi-igw. "
"This feature will be disabled");
igw_multi_gw_disabled = 1;
}
/*
* Check anomalies: from this point we initialize stuff only if we
* have an Inet connection
*/
if (!server_opt.inet_connection)
return;
if (!server_opt.inet_hosts)
fatal("You didn't specified any Internet hosts in the "
"configuration file. What hosts should I ping?");
/*
* If we are sharing our internet connection, activate the
* masquerading.
*/
if (server_opt.share_internet) {
igw_exec_masquerade_sh(server_opt.ip_masq_script, 0);
if (!server_opt.ip_masq_script)
fatal("No masquerading script was configured!");
};
/*
* Get the default gateway route currently set in the kernel routing
* table
*/
setzero(&new_gw, sizeof(inet_prefix));
ret = rt_get_default_gw(&new_gw, new_gw_dev);
/*
* If there is no IP set in the route, fetch it at least from the
* device included in it.
*/
if (!new_gw.family && *new_gw_dev) {
if (get_dev_ip(&new_gw, my_family, new_gw_dev) < 0)
(*new_gw_dev) = 0;
}
if (ret < 0 || (!*new_gw_dev && !new_gw.family)) {
/* Nothing useful has been found */
loginfo("The retrieval of the default gw from the kernel failed.");
if (!server_opt.inet_gw.data[0])
fatal("The default gw isn't set in the kernel and you "
"didn't specified it in netsukuku.conf. "
"Cannot continue!");
} else if (!server_opt.inet_gw_dev ||
strncmp(new_gw_dev, server_opt.inet_gw_dev, IFNAMSIZ) ||
memcmp(new_gw.data, server_opt.inet_gw.data, MAX_IP_SZ)) {
if (server_opt.inet_gw.data[0])
loginfo("Your specified Internet gateway doesn't match with "
"the one currently stored in the kernel routing table."
"I'm going to use the kernel gateway: %s dev %s",
inet_to_str(new_gw), new_gw_dev);
if (!server_opt.inet_gw_dev)
server_opt.inet_gw_dev = xstrdup(new_gw_dev);
else
strncpy(server_opt.inet_gw_dev, new_gw_dev, IFNAMSIZ);
memcpy(&server_opt.inet_gw, &new_gw, sizeof(inet_prefix));
/* Delete the default gw, we are replacing it */
rt_delete_def_gw(0);
}
loginfo("Using \"%s dev %s\" as your first Internet gateway.",
inet_to_str(server_opt.inet_gw), server_opt.inet_gw_dev);
if (rt_replace_def_gw(server_opt.inet_gw_dev, server_opt.inet_gw, 0))
fatal("Cannot set the default gw to %s %s",
inet_to_str(server_opt.inet_gw), server_opt.inet_gw_dev);
active_gws++;
/*
* Activate the anti-loop multi-igw shield
*/
if (server_opt.share_internet) {
rule_add(0, 0, 0, 0, FWMARK_ALISHIELD, RTTABLE_ALISHIELD);
if (rt_replace_def_gw(server_opt.inet_gw_dev, server_opt.inet_gw,
RTTABLE_ALISHIELD)) {
error("Cannot set the default route in the ALISHIELD table. "
"Disabling the multi-inet_gw feature");
igw_multi_gw_disabled = 1;
}
}
/*
* Activate the traffic shaping for the `server_opt.inet_gw_dev'
* device
*/
if (server_opt.shape_internet)
igw_exec_tcshaper_sh(server_opt.tc_shaper_script, 0,
server_opt.inet_gw_dev,
server_opt.my_upload_bw,
server_opt.my_dnload_bw);
for (i = 0; i < me.cur_ifs_n; i++)
if (!strcmp(me.cur_ifs[i].dev_name, server_opt.inet_gw_dev)) {
for (e = 0; e < server_opt.ifs_n; e++)
if (!strcmp(server_opt.ifs[i], server_opt.inet_gw_dev))
fatal("You specified the \"%s\" interface"
" in the options, but this device is also"
" part of the primary Internet gw route."
" Don't include \"%s\" in the list of "
"interfaces utilised by the daemon",
server_opt.inet_gw_dev, server_opt.inet_gw_dev);
loginfo("Deleting the \"%s\" interface from the device "
"list since it is part of the primary Internet"
" gw route.", me.cur_ifs[i].dev_name);
ifs_del(me.cur_ifs, &me.cur_ifs_n, i);
if (me.cur_ifs_n <= 0)
fatal
("The deleted interface cannot be used by NetsukukuD because it is part\n"
" of your primary Internet gw route. You have to specify another\n"
" interface with the -i option or you won't be able share your"
" Internet connection");
}
loginfo("Launching the first ping to the Internet hosts");
if (!server_opt.disable_andna)
internet_hosts_to_ip();
me.inet_connected = igw_check_inet_conn();
if (me.inet_connected)
loginfo("The Internet connection is up & running");
else
loginfo("The Internet connection appears to be down");
if (!me.inet_connected && server_opt.share_internet)
fatal("We are not connected to the Internet, but you want to "
"share your connection. Please check your options");
debug(DBG_SOFT, "Evoking the Internet ping daemon.");
pthread_attr_init(&t_attr);
pthread_attr_setdetachstate(&t_attr, PTHREAD_CREATE_DETACHED);
pthread_create(&ping_thread, &t_attr, igw_check_inet_conn_t, 0);
}
static void cmd_init (s_symtable *cmd, t_sym id, const char *arg)
{
rule_init(cmd);
rule_add(cmd, id);
rule_read(cmd, arg);
}
