diff options
author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2012-06-26 19:54:27 +0000 |
---|---|---|
committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2012-06-26 19:54:27 +0000 |
commit | 482bb54db13c525aadb2dd73c8b8c538bea93f2b (patch) | |
tree | 929bd7e89c7c1c8fddb6db6faa7938a0853d3d57 /src/vpn | |
parent | 7e4c760f920056ec1be6bc27bd880ea124be2145 (diff) | |
download | gnunet-482bb54db13c525aadb2dd73c8b8c538bea93f2b.tar.gz gnunet-482bb54db13c525aadb2dd73c8b8c538bea93f2b.zip |
-add rp filter fix
Diffstat (limited to 'src/vpn')
-rw-r--r-- | src/vpn/test_gns_vpn.c | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/src/vpn/test_gns_vpn.c b/src/vpn/test_gns_vpn.c index 0c6e42500..64454c8e7 100644 --- a/src/vpn/test_gns_vpn.c +++ b/src/vpn/test_gns_vpn.c | |||
@@ -431,9 +431,85 @@ test_af (int af) | |||
431 | } | 431 | } |
432 | 432 | ||
433 | 433 | ||
434 | /** | ||
435 | * Run the given command and wait for it to complete. | ||
436 | * | ||
437 | * @param file name of the binary to run | ||
438 | * @param cmd command line arguments (as given to 'execv') | ||
439 | * @return 0 on success, 1 on any error | ||
440 | */ | ||
441 | static int | ||
442 | fork_and_exec (const char *file, | ||
443 | char *const cmd[]) | ||
444 | { | ||
445 | int status; | ||
446 | pid_t pid; | ||
447 | pid_t ret; | ||
448 | |||
449 | pid = fork (); | ||
450 | if (-1 == pid) | ||
451 | { | ||
452 | fprintf (stderr, | ||
453 | "fork failed: %s\n", | ||
454 | strerror (errno)); | ||
455 | return 1; | ||
456 | } | ||
457 | if (0 == pid) | ||
458 | { | ||
459 | /* we are the child process */ | ||
460 | /* close stdin/stdout to not cause interference | ||
461 | with the helper's main protocol! */ | ||
462 | (void) close (0); | ||
463 | (void) close (1); | ||
464 | (void) execv (file, cmd); | ||
465 | /* can only get here on error */ | ||
466 | fprintf (stderr, | ||
467 | "exec `%s' failed: %s\n", | ||
468 | file, | ||
469 | strerror (errno)); | ||
470 | _exit (1); | ||
471 | } | ||
472 | /* keep running waitpid as long as the only error we get is 'EINTR' */ | ||
473 | while ( (-1 == (ret = waitpid (pid, &status, 0))) && | ||
474 | (errno == EINTR) ); | ||
475 | if (-1 == ret) | ||
476 | { | ||
477 | fprintf (stderr, | ||
478 | "waitpid failed: %s\n", | ||
479 | strerror (errno)); | ||
480 | return 1; | ||
481 | } | ||
482 | if (! (WIFEXITED (status) && (0 == WEXITSTATUS (status)))) | ||
483 | return 1; | ||
484 | /* child process completed and returned success, we're happy */ | ||
485 | return 0; | ||
486 | } | ||
487 | |||
434 | int | 488 | int |
435 | main (int argc, char *const *argv) | 489 | main (int argc, char *const *argv) |
436 | { | 490 | { |
491 | char *sbin_sysctl; | ||
492 | char *const sysctl_args[] = {"sysctl", "-w", "net.ipv4.conf.default.rp_filter=0", NULL}; | ||
493 | |||
494 | if (0 == ACCESS ("/sbin/sysctl", X_OK)) | ||
495 | sbin_sysctl = "/sbin/sysctl"; | ||
496 | else if (0 == ACCESS ("/usr/sbin/sysctl", X_OK)) | ||
497 | sbin_sysctl = "/usr/sbin/sysctl"; | ||
498 | else | ||
499 | { | ||
500 | fprintf (stderr, | ||
501 | "Fatal: executable sysctl not found in approved directories: %s\n", | ||
502 | strerror (errno)); | ||
503 | return 0; | ||
504 | } | ||
505 | |||
506 | if (0 != fork_and_exec (sbin_sysctl, sysctl_args)) | ||
507 | { | ||
508 | fprintf (stderr, | ||
509 | "Failed to enable IPv4 forwarding. Will continue anyway.\n"); | ||
510 | return 1; | ||
511 | } | ||
512 | |||
437 | if (0 != ACCESS ("/dev/net/tun", R_OK)) | 513 | if (0 != ACCESS ("/dev/net/tun", R_OK)) |
438 | { | 514 | { |
439 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, | 515 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, |