diff options
author | Daniel Golle <daniel@makrotopia.org> | 2016-04-18 12:08:41 +0000 |
---|---|---|
committer | Daniel Golle <daniel@makrotopia.org> | 2016-04-18 12:08:41 +0000 |
commit | 297cbe6dc642fc9f646aea9082cf0b7daaf3ee5f (patch) | |
tree | ddf938540fd5c34545e49c856ad37e73c70d62ec /src/exit | |
parent | 85ebcc0bfdaadb37662a77b17cb3cda4d46a92c1 (diff) | |
download | gnunet-297cbe6dc642fc9f646aea9082cf0b7daaf3ee5f.tar.gz gnunet-297cbe6dc642fc9f646aea9082cf0b7daaf3ee5f.zip |
exit: fully skip routing setup if no interface is specified
Diffstat (limited to 'src/exit')
-rw-r--r-- | src/exit/gnunet-helper-exit.c | 84 |
1 files changed, 45 insertions, 39 deletions
diff --git a/src/exit/gnunet-helper-exit.c b/src/exit/gnunet-helper-exit.c index 7427b5b5e..2aa9ec97a 100644 --- a/src/exit/gnunet-helper-exit.c +++ b/src/exit/gnunet-helper-exit.c | |||
@@ -667,27 +667,30 @@ main (int argc, char **argv) | |||
667 | fprintf (stderr, "Fatal: disabling both IPv4 and IPv6 makes no sense.\n"); | 667 | fprintf (stderr, "Fatal: disabling both IPv4 and IPv6 makes no sense.\n"); |
668 | return 1; | 668 | return 1; |
669 | } | 669 | } |
670 | if (0 == access ("/sbin/iptables", X_OK)) | 670 | if (0 != strcmp (argv[2], "-")) |
671 | sbin_iptables = "/sbin/iptables"; | ||
672 | else if (0 == access ("/usr/sbin/iptables", X_OK)) | ||
673 | sbin_iptables = "/usr/sbin/iptables"; | ||
674 | else | ||
675 | { | 671 | { |
676 | fprintf (stderr, | 672 | if (0 == access ("/sbin/iptables", X_OK)) |
677 | "Fatal: executable iptables not found in approved directories: %s\n", | 673 | sbin_iptables = "/sbin/iptables"; |
678 | strerror (errno)); | 674 | else if (0 == access ("/usr/sbin/iptables", X_OK)) |
679 | return 1; | 675 | sbin_iptables = "/usr/sbin/iptables"; |
680 | } | 676 | else |
681 | if (0 == access ("/sbin/sysctl", X_OK)) | 677 | { |
682 | sbin_sysctl = "/sbin/sysctl"; | 678 | fprintf (stderr, |
683 | else if (0 == access ("/usr/sbin/sysctl", X_OK)) | 679 | "Fatal: executable iptables not found in approved directories: %s\n", |
684 | sbin_sysctl = "/usr/sbin/sysctl"; | 680 | strerror (errno)); |
685 | else | 681 | return 1; |
686 | { | 682 | } |
687 | fprintf (stderr, | 683 | if (0 == access ("/sbin/sysctl", X_OK)) |
688 | "Fatal: executable sysctl not found in approved directories: %s\n", | 684 | sbin_sysctl = "/sbin/sysctl"; |
689 | strerror (errno)); | 685 | else if (0 == access ("/usr/sbin/sysctl", X_OK)) |
690 | return 1; | 686 | sbin_sysctl = "/usr/sbin/sysctl"; |
687 | else | ||
688 | { | ||
689 | fprintf (stderr, | ||
690 | "Fatal: executable sysctl not found in approved directories: %s\n", | ||
691 | strerror (errno)); | ||
692 | return 1; | ||
693 | } | ||
691 | } | 694 | } |
692 | 695 | ||
693 | strncpy (dev, argv[1], IFNAMSIZ); | 696 | strncpy (dev, argv[1], IFNAMSIZ); |
@@ -718,6 +721,7 @@ main (int argc, char **argv) | |||
718 | } | 721 | } |
719 | set_address6 (dev, address, prefix_len); | 722 | set_address6 (dev, address, prefix_len); |
720 | } | 723 | } |
724 | if (0 != strcmp (argv[2], "-")) | ||
721 | { | 725 | { |
722 | char *const sysctl_args[] = | 726 | char *const sysctl_args[] = |
723 | { | 727 | { |
@@ -740,29 +744,31 @@ main (int argc, char **argv) | |||
740 | 744 | ||
741 | set_address4 (dev, address, mask); | 745 | set_address4 (dev, address, mask); |
742 | } | 746 | } |
747 | if (0 != strcmp (argv[2], "-")) | ||
743 | { | 748 | { |
744 | char *const sysctl_args[] = | ||
745 | { | ||
746 | "sysctl", "-w", "net.ipv4.ip_forward=1", NULL | ||
747 | }; | ||
748 | if (0 != fork_and_exec (sbin_sysctl, | ||
749 | sysctl_args)) | ||
750 | { | 749 | { |
751 | fprintf (stderr, | 750 | char *const sysctl_args[] = |
752 | "Failed to enable IPv4 forwarding. Will continue anyway.\n"); | 751 | { |
752 | "sysctl", "-w", "net.ipv4.ip_forward=1", NULL | ||
753 | }; | ||
754 | if (0 != fork_and_exec (sbin_sysctl, | ||
755 | sysctl_args)) | ||
756 | { | ||
757 | fprintf (stderr, | ||
758 | "Failed to enable IPv4 forwarding. Will continue anyway.\n"); | ||
759 | } | ||
753 | } | 760 | } |
754 | } | ||
755 | if (0 != strcmp (argv[2], "-")) | ||
756 | { | ||
757 | char *const iptables_args[] = | ||
758 | { | ||
759 | "iptables", "-t", "nat", "-A", "POSTROUTING", "-o", argv[2], "-j", "MASQUERADE", NULL | ||
760 | }; | ||
761 | if (0 != fork_and_exec (sbin_iptables, | ||
762 | iptables_args)) | ||
763 | { | 761 | { |
764 | fprintf (stderr, | 762 | char *const iptables_args[] = |
765 | "Failed to enable IPv4 masquerading (NAT). Will continue anyway.\n"); | 763 | { |
764 | "iptables", "-t", "nat", "-A", "POSTROUTING", "-o", argv[2], "-j", "MASQUERADE", NULL | ||
765 | }; | ||
766 | if (0 != fork_and_exec (sbin_iptables, | ||
767 | iptables_args)) | ||
768 | { | ||
769 | fprintf (stderr, | ||
770 | "Failed to enable IPv4 masquerading (NAT). Will continue anyway.\n"); | ||
771 | } | ||
766 | } | 772 | } |
767 | } | 773 | } |
768 | } | 774 | } |