-add rp filter fix

author: Martin Schanzenbach <mschanzenbach@posteo.de> 2012-06-26 19:54:27 +0000
committer: Martin Schanzenbach <mschanzenbach@posteo.de> 2012-06-26 19:54:27 +0000
commit: 482bb54db13c525aadb2dd73c8b8c538bea93f2b (patch)
tree: 929bd7e89c7c1c8fddb6db6faa7938a0853d3d57 /src/vpn
parent: 7e4c760f920056ec1be6bc27bd880ea124be2145 (diff)
download: gnunet-482bb54db13c525aadb2dd73c8b8c538bea93f2b.tar.gz
gnunet-482bb54db13c525aadb2dd73c8b8c538bea93f2b.zip
1 files changed, 76 insertions, 0 deletions
diff --git a/src/vpn/test_gns_vpn.c b/src/vpn/test_gns_vpn.c
index 0c6e42500..64454c8e7 100644
--- a/src/vpn/test_gns_vpn.c
+++ b/src/vpn/test_gns_vpn.c
@@ -431,9 +431,85 @@ test_af (int af)
 }
+/**
+ * Run the given command and wait for it to complete.
+ * 
+ * @param file name of the binary to run
+ * @param cmd command line arguments (as given to 'execv')
+ * @return 0 on success, 1 on any error
+ */
+static int
+fork_and_exec (const char *file, 
+               char *const cmd[])
+{
+  int status;
+  pid_t pid;
+  pid_t ret;
+  pid = fork ();
+  if (-1 == pid)
+  {
+    fprintf (stderr, 
+             "fork failed: %s\n", 
+             strerror (errno));
+    return 1;
+  }
+  if (0 == pid)
+  {
+    /* we are the child process */
+    /* close stdin/stdout to not cause interference
+       with the helper's main protocol! */
+    (void) close (0); 
+    (void) close (1); 
+    (void) execv (file, cmd);
+    /* can only get here on error */
+    fprintf (stderr, 
+             "exec `%s' failed: %s\n", 
+             file,
+             strerror (errno));
+    _exit (1);
+  }
+  /* keep running waitpid as long as the only error we get is 'EINTR' */
+  while ( (-1 == (ret = waitpid (pid, &status, 0))) &&
+          (errno == EINTR) ); 
+  if (-1 == ret)
+  {
+    fprintf (stderr, 
+             "waitpid failed: %s\n", 
+             strerror (errno));
+    return 1;
+  }
+  if (! (WIFEXITED (status) && (0 == WEXITSTATUS (status))))
+    return 1;
+  /* child process completed and returned success, we're happy */
+  return 0;
+}
 int
 main (int argc, char *const *argv)
 {
+  char *sbin_sysctl;
+  char *const sysctl_args[] = {"sysctl", "-w", "net.ipv4.conf.default.rp_filter=0", NULL};
+  if (0 == ACCESS ("/sbin/sysctl", X_OK))
+      sbin_sysctl = "/sbin/sysctl";
+  else if (0 == ACCESS ("/usr/sbin/sysctl", X_OK))
+    sbin_sysctl = "/usr/sbin/sysctl";
+  else
+  {
+    fprintf (stderr,
+             "Fatal: executable sysctl not found in approved directories: %s\n",
+             strerror (errno));
+    return 0;
+  }
+  if (0 != fork_and_exec (sbin_sysctl, sysctl_args))
+  {
+    fprintf (stderr,
+             "Failed to enable IPv4 forwarding.  Will continue anyway.\n");
+    return 1;
+  }
  if (0 != ACCESS ("/dev/net/tun", R_OK))
  {
    GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
author	Martin Schanzenbach <mschanzenbach@posteo.de>	2012-06-26 19:54:27 +0000
committer	Martin Schanzenbach <mschanzenbach@posteo.de>	2012-06-26 19:54:27 +0000
commit	482bb54db13c525aadb2dd73c8b8c538bea93f2b (patch)
tree	929bd7e89c7c1c8fddb6db6faa7938a0853d3d57 /src/vpn
parent	7e4c760f920056ec1be6bc27bd880ea124be2145 (diff)
download	gnunet-482bb54db13c525aadb2dd73c8b8c538bea93f2b.tar.gz gnunet-482bb54db13c525aadb2dd73c8b8c538bea93f2b.zip

diff --git a/src/vpn/test_gns_vpn.c b/src/vpn/test_gns_vpn.c index 0c6e42500..64454c8e7 100644 --- a/src/vpn/test_gns_vpn.c +++ b/src/vpn/test_gns_vpn.c
@@ -431,9 +431,85 @@ test_af (int af)
431	}	431	}
432		432
433		433
		434	/**
		435	* Run the given command and wait for it to complete.
		436	*
		437	* @param file name of the binary to run
		438	* @param cmd command line arguments (as given to 'execv')
		439	* @return 0 on success, 1 on any error
		440	*/
		441	static int
		442	fork_and_exec (const char *file,
		443	char *const cmd[])
		444	{
		445	int status;
		446	pid_t pid;
		447	pid_t ret;
		448
		449	pid = fork ();
		450	if (-1 == pid)
		451	{
		452	fprintf (stderr,
		453	"fork failed: %s\n",
		454	strerror (errno));
		455	return 1;
		456	}
		457	if (0 == pid)
		458	{
		459	/* we are the child process */
		460	/* close stdin/stdout to not cause interference
		461	with the helper's main protocol! */
		462	(void) close (0);
		463	(void) close (1);
		464	(void) execv (file, cmd);
		465	/* can only get here on error */
		466	fprintf (stderr,
		467	"exec `%s' failed: %s\n",
		468	file,
		469	strerror (errno));
		470	_exit (1);
		471	}
		472	/* keep running waitpid as long as the only error we get is 'EINTR' */
		473	while ( (-1 == (ret = waitpid (pid, &status, 0))) &&
		474	(errno == EINTR) );
		475	if (-1 == ret)
		476	{
		477	fprintf (stderr,
		478	"waitpid failed: %s\n",
		479	strerror (errno));
		480	return 1;
		481	}
		482	if (! (WIFEXITED (status) && (0 == WEXITSTATUS (status))))
		483	return 1;
		484	/* child process completed and returned success, we're happy */
		485	return 0;
		486	}
		487
434	int	488	int
435	main (int argc, char const argv)	489	main (int argc, char const argv)
436	{	490	{
		491	char *sbin_sysctl;
		492	char *const sysctl_args[] = {"sysctl", "-w", "net.ipv4.conf.default.rp_filter=0", NULL};
		493
		494	if (0 == ACCESS ("/sbin/sysctl", X_OK))
		495	sbin_sysctl = "/sbin/sysctl";
		496	else if (0 == ACCESS ("/usr/sbin/sysctl", X_OK))
		497	sbin_sysctl = "/usr/sbin/sysctl";
		498	else
		499	{
		500	fprintf (stderr,
		501	"Fatal: executable sysctl not found in approved directories: %s\n",
		502	strerror (errno));
		503	return 0;
		504	}
		505
		506	if (0 != fork_and_exec (sbin_sysctl, sysctl_args))
		507	{
		508	fprintf (stderr,
		509	"Failed to enable IPv4 forwarding. Will continue anyway.\n");
		510	return 1;
		511	}
		512
437	if (0 != ACCESS ("/dev/net/tun", R_OK))	513	if (0 != ACCESS ("/dev/net/tun", R_OK))
438	{	514	{
439	GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,	515	GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,