Author: fischer Date: Tue Aug 25 17:50:02 2009 New Revision: 869 Log: preserving forwarding 'bit' of /proc/sys/net/ipv4/ip_forward Modified: trunk/trust-point/pisasd/sdmain.c Modified: trunk/trust-point/pisasd/sdmain.c ============================================================================== --- trunk/trust-point/pisasd/sdmain.c Tue Aug 25 17:45:27 2009 (r868) +++ trunk/trust-point/pisasd/sdmain.c Tue Aug 25 17:50:02 2009 (r869) @@ -10,10 +10,19 @@ * @date Jan. 2009 */ +#include <stdio.h> + #include <signal.h> #include <getopt.h> #include <sys/utsname.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> + +#include <errno.h> +#include <unistd.h> + #include "config.h" #include "buffer.h" #include "socket.h" @@ -56,6 +65,12 @@ }; /** + * Path to pseudo interface file in the Linux procfs. + * Used for NAT (not internal NAT but NAT on the server + */ +#define IP4_FOWARD_FILENAME "/proc/sys/net/ipv4/ip_forward" + +/** * A set of pointers to packet handling functions */ pisa_packet_handle_func_set pisasd_packet_handle_func_set; @@ -103,6 +118,43 @@ return 0; } +void sd_read_value(int fd,void* data){ + if (read(fd,data,1) == -1) + PISA_ERROR("Error reading from file <%s>: %s\n", + IP4_FOWARD_FILENAME, + strerror(errno)); +} + +void sd_write_value(int fd,void* data){ + if (write(fd,(const char*)data,1) == -1) + PISA_ERROR("Error writing to file <%s>: %s\n", + IP4_FOWARD_FILENAME, + strerror(errno)); +} + + + +static int sd_do_with_fd_from_filename(void (*callback)(int fd, void* data), + void* data,const char* filename,int open_flags){ + int fd=0; + + fd=open(filename,open_flags); + + if (fd == -1){ + PISA_ERROR("Error opening file <%s>: %s\n",filename,strerror(errno)); + return 0; + }else{ + + callback(fd,data); + if (close(fd) == -1){ + PISA_ERROR("Error closing file <%s>: %s\n",filename,strerror(errno)); + return 0; + } else + return 1; + } +} + + /** * Initialize the basic settings before starting the main loop. */ @@ -150,6 +202,20 @@ sd_ctx.natlist = pisa_nat_init(); + { + char value=-1; + sd_do_with_fd_from_filename(sd_read_value,&value, + IP4_FOWARD_FILENAME,O_RDONLY); + value-='0'; /* ASCII to internal representation */ + + if(value==0){ /* 0 == NAT not enabled */ + if(sd_do_with_fd_from_filename(sd_write_value,"1", + IP4_FOWARD_FILENAME,O_WRONLY)) + sd_ctx.disable_ip4_forward=1; + + } + + } /* Setup configuration file. * This is needed before any sdconf_read_*() operations. */ @@ -247,7 +313,9 @@ /* disable ip forwarding */ if (sd_ctx.disable_ip4_forward==1){ PISA_DEBUG(PL_NAT,"Disabling ip_forwarding.\n"); - sd_ctx.disable_ip4_forward=0; + if(sd_do_with_fd_from_filename(sd_write_value,"0", + IP4_FOWARD_FILENAME,O_WRONLY)) + sd_ctx.disable_ip4_forward=0; } /* TODO clear iptables (at least/most from nat stuff) */