/**
*
*@return 1 on sucess 0 on failiure
*/
int
net_os_set_ifoptions(const char *if_name, struct interface *iface)
{
char procfile[FILENAME_MAX];
if (olsr_cnf->ip_version == AF_INET6)
return -1;
/* Generate the procfile name */
snprintf(procfile, sizeof(procfile), PROC_IF_REDIRECT, if_name);
if (writeToProc(procfile, &iface->nic_state.redirect, '0')) {
OLSR_WARN(LOG_INTERFACE, "WARNING! Could not disable ICMP redirects!\n"
"you should mannually ensure that ICMP redirects are disabled!\n\n");
// TODO olsr_startup_sleep(3);
return 0;
}
/* Generate the procfile name */
snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, if_name);
if (writeToProc(procfile, &iface->nic_state.spoof, '0')) {
OLSR_WARN(LOG_INTERFACE, "WARNING! Could not disable the IP spoof filter!\n"
"you should mannually ensure that IP spoof filtering is disabled!\n\n");
// TODO olsr_startup_sleep(3);
return 0;
}
return 1;
}
/**
*Resets the spoof filter and ICMP redirect settings
*/
void
os_cleanup_global_ifoptions(void)
{
char procfile[FILENAME_MAX];
OLSR_DEBUG(LOG_INTERFACE, "Restoring network state\n");
/* Restore IP forwarding to "off" */
if (writeToProc(olsr_cnf->ip_version == AF_INET ? PROC_IPFORWARD_V4 : PROC_IPFORWARD_V6, NULL, orig_fwd_state)) {
OLSR_WARN(LOG_INTERFACE, "Could not restore ip_forward settings\n");
}
if (olsr_cnf->smart_gw_active && (olsr_cnf->ip_version == AF_INET || olsr_cnf->use_niit)) {
/* Generate the procfile name */
snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF);
if (writeToProc(procfile, NULL, orig_tunnel_rp_filter)) {
OLSR_WARN(LOG_INTERFACE, "WARNING! Could not restore the IP spoof filter for tunnel!\n");
}
}
if (olsr_cnf->ip_version == AF_INET) {
/* Restore global ICMP redirect setting */
if (writeToProc(PROC_ALL_REDIRECT, NULL, orig_global_redirect_state)) {
OLSR_WARN(LOG_INTERFACE, "Could not restore global icmp_redirect setting\n");
}
/* Restore global rp_filter setting for linux 2.6.31+ */
if (is_at_least_linuxkernel_2_6_31()) {
if (writeToProc(PROC_ALL_SPOOF, NULL, orig_global_rp_filter)) {
OLSR_WARN(LOG_INTERFACE, "Could not restore global rp_filter setting\n");
}
}
}
}
/**
* Setup global interface options (icmp redirect, ip forwarding, rp_filter)
* @return 1 on success 0 on failure
*/
void
net_os_set_global_ifoptions(void) {
if (writeToProc(olsr_cnf->ip_version == AF_INET ? PROC_IPFORWARD_V4 : PROC_IPFORWARD_V6, &orig_fwd_state,
olsr_cnf->set_ip_forward ? OLSRD_FORWARD_VALUE : 0 )) {
OLSR_PRINTF(1, "Warning, could not enable IP forwarding!\n"
"you should manually ensure that IP forwarding is enabled!\n\n");
olsr_startup_sleep(3);
}
else if ((!olsr_cnf->set_ip_forward) && (orig_fwd_state != OLSRD_FORWARD_VALUE)) {
olsr_exit("IP forwarding not activated, shutting down.\n", 1);
}
if (olsr_cnf->smart_gw_active) {
char procfile[FILENAME_MAX];
/* Generate the procfile name */
if (olsr_cnf->ip_version == AF_INET || olsr_cnf->use_niit) {
snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF);
if (writeToProc(procfile, &orig_tunnel_rp_filter, OLSRD_SPOOF_VALUE)) {
OLSR_PRINTF(0, "WARNING! Could not disable the IP spoof filter for tunnel!\n"
"you should manually ensure that IP spoof filtering is disabled!\n\n");
olsr_startup_sleep(3);
}
}
#if 0 // should not be necessary for IPv6
if (olsr_cnf->ip_version == AF_INET6) {
snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF6);
if (writeToProc(procfile, &orig_tunnel6_rp_filter, OLSRD_SPOOF_VALUE)) {
OLSR_PRINTF(0, "WARNING! Could not disable the IP spoof filter for tunnel6!\n"
"you should manually ensure that IP spoof filtering is disabled!\n\n");
olsr_startup_sleep(3);
}
}
#endif
}
if (olsr_cnf->ip_version == AF_INET) {
if (writeToProc(PROC_ALL_REDIRECT, &orig_global_redirect_state, OLSRD_REDIRECT_VALUE)) {
OLSR_PRINTF(1, "WARNING! Could not disable ICMP redirects!\n"
"you should manually ensure that ICMP redirects are disabled!\n\n");
olsr_startup_sleep(3);
}
/* check kernel version and disable global rp_filter */
if (is_at_least_linuxkernel_2_6_31()) {
if (writeToProc(PROC_ALL_SPOOF, &orig_global_rp_filter, OLSRD_SPOOF_VALUE)) {
OLSR_PRINTF(1, "WARNING! Could not disable global rp_filter (necessary for kernel 2.6.31 and higher!\n"
"you should manually ensure that rp_filter is disabled!\n\n");
olsr_startup_sleep(3);
}
}
}
return;
}
/**
* Setup global interface options (icmp redirect, ip forwarding, rp_filter)
* @return 1 on success 0 on failure
*/
void
net_os_set_global_ifoptions(void) {
if (writeToProc(olsr_cnf->ip_version == AF_INET ? PROC_IPFORWARD_V4 : PROC_IPFORWARD_V6, &orig_fwd_state, '1')) {
OLSR_PRINTF(1, "Warning, could not enable IP forwarding!\n"
"you should manually ensure that IP forwarding is enabled!\n\n");
olsr_startup_sleep(3);
}
if (olsr_cnf->smart_gw_active) {
char procfile[FILENAME_MAX];
/* Generate the procfile name */
snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF);
if (writeToProc(procfile, &orig_tunnel_rp_filter, '0')) {
OLSR_PRINTF(0, "WARNING! Could not disable the IP spoof filter for tunnel!\n"
"you should mannually ensure that IP spoof filtering is disabled!\n\n");
olsr_startup_sleep(3);
}
if (olsr_cnf->ip_version == AF_INET6) {
snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF6);
if (writeToProc(procfile, &orig_tunnel6_rp_filter, '0')) {
OLSR_PRINTF(0, "WARNING! Could not disable the IP spoof filter for tunnel6!\n"
"you should mannually ensure that IP spoof filtering is disabled!\n\n");
olsr_startup_sleep(3);
}
}
}
if (olsr_cnf->ip_version == AF_INET) {
if (writeToProc(PROC_ALL_REDIRECT, &orig_global_redirect_state, '0')) {
OLSR_PRINTF(1, "WARNING! Could not disable ICMP redirects!\n"
"you should manually ensure that ICMP redirects are disabled!\n\n");
olsr_startup_sleep(3);
}
/* check kernel version and disable global rp_filter */
if (is_at_least_linuxkernel_2_6_31()) {
if (writeToProc(PROC_ALL_SPOOF, &orig_global_rp_filter, '0')) {
OLSR_PRINTF(1, "WARNING! Could not disable global rp_filter (necessary for kernel 2.6.31 and higher!\n"
"you should manually ensure that rp_filter is disabled!\n\n");
olsr_startup_sleep(3);
}
}
}
return;
}
void net_os_restore_ifoption(struct interface *ifs) {
char procfile[FILENAME_MAX];
/* ICMP redirects */
snprintf(procfile, sizeof(procfile), PROC_IF_REDIRECT, ifs->int_name);
if (writeToProc(procfile, NULL, ifs->nic_state.redirect)) {
OLSR_WARN(LOG_INTERFACE, "Could not restore icmp_redirect for interface %s\n", ifs->int_name);
}
/* Spoof filter */
sprintf(procfile, PROC_IF_SPOOF, ifs->int_name);
if (writeToProc(procfile, NULL, ifs->nic_state.spoof)) {
OLSR_WARN(LOG_INTERFACE, "Could not restore rp_filter for interface %s\n", ifs->int_name);
}
}
/**
*Resets the spoof filter and ICMP redirect settings
*/
int
net_os_restore_ifoptions(void)
{
struct interface *ifs;
char procfile[FILENAME_MAX];
OLSR_PRINTF(1, "Restoring network state\n");
/* Restore IP forwarding to "off" */
if (writeToProc(olsr_cnf->ip_version == AF_INET ? PROC_IPFORWARD_V4 : PROC_IPFORWARD_V6, NULL, orig_fwd_state)) {
OLSR_PRINTF(1, "Error, could not restore ip_forward settings\n");
}
if (olsr_cnf->smart_gw_active) {
/* Generate the procfile name */
snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF);
if (writeToProc(procfile, NULL, orig_tunnel_rp_filter)) {
OLSR_PRINTF(0, "WARNING! Could not restore the IP spoof filter for tunnel!\n");
}
if (olsr_cnf->ip_version == AF_INET6) {
snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF6);
if (writeToProc(procfile, NULL, orig_tunnel6_rp_filter)) {
OLSR_PRINTF(0, "WARNING! Could not restore the IP spoof filter for tunnel6!\n");
}
}
}
if (olsr_cnf->ip_version == AF_INET) {
/* Restore global ICMP redirect setting */
if (writeToProc(PROC_ALL_REDIRECT, NULL, orig_global_redirect_state)) {
OLSR_PRINTF(1, "Error, could not restore global icmp_redirect setting\n");
}
/* Restore global rp_filter setting for linux 2.6.31+ */
if (is_at_least_linuxkernel_2_6_31()) {
if (writeToProc(PROC_ALL_SPOOF, NULL, orig_global_rp_filter)) {
OLSR_PRINTF(1, "Error, could not restore global rp_filter setting\n");
}
}
for (ifs = ifnet; ifs != NULL; ifs = ifs->int_next) {
/* Discard host-emulation interfaces */
if (ifs->is_hcif)
continue;
/* ICMP redirects */
snprintf(procfile, sizeof(procfile), PROC_IF_REDIRECT, ifs->int_name);
if (writeToProc(procfile, NULL, ifs->nic_state.redirect)) {
OLSR_PRINTF(1, "Error, could not restore icmp_redirect for interface %s\n", ifs->int_name);
}
/* Spoof filter */
sprintf(procfile, PROC_IF_SPOOF, ifs->int_name);
if (writeToProc(procfile, NULL, ifs->nic_state.spoof)) {
OLSR_PRINTF(1, "Error, could not restore rp_filter for interface %s\n", ifs->int_name);
}
}
}
return 1;
}
/* write new value to proc file if current value is different*/
static int restoreProc(const char *file, char original, char value) {
if ( original == value ) return 0;
else return writeToProc(file, NULL, original);
}
