[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r22320 - gnunet/src/dns
From: |
gnunet |
Subject: |
[GNUnet-SVN] r22320 - gnunet/src/dns |
Date: |
Tue, 26 Jun 2012 22:58:03 +0200 |
Author: schanzen
Date: 2012-06-26 22:58:03 +0200 (Tue, 26 Jun 2012)
New Revision: 22320
Modified:
gnunet/src/dns/gnunet-helper-dns.c
Log:
-add rp filter fix to dns helper
Modified: gnunet/src/dns/gnunet-helper-dns.c
===================================================================
--- gnunet/src/dns/gnunet-helper-dns.c 2012-06-26 20:44:32 UTC (rev 22319)
+++ gnunet/src/dns/gnunet-helper-dns.c 2012-06-26 20:58:03 UTC (rev 22320)
@@ -100,6 +100,11 @@
static const char *sbin_iptables;
/**
+ * Name and full path of sysctl binary
+ */
+static const char *sbin_sysctl;
+
+/**
* Name and full path of IPTABLES binary.
*/
static const char *sbin_ip;
@@ -714,6 +719,17 @@
strerror (errno));
return 4;
}
+ if (0 == access ("/sbin/sysctl", X_OK))
+ sbin_sysctl = "/sbin/sysctl";
+ else if (0 == access ("/usr/sbin/sysctl", X_OK))
+ sbin_sysctl = "/usr/sbin/sysctl";
+ else
+ {
+ fprintf (stderr,
+ "Fatal: executable sysctl not found in approved directories:
%s\n",
+ strerror (errno));
+ return 5;
+ }
/* setup 'mygid' string */
snprintf (mygid, sizeof (mygid), "%d", (int) getegid());
@@ -778,6 +794,22 @@
strncpy (dev, argv[1], IFNAMSIZ);
dev[IFNAMSIZ - 1] = '\0';
+ /* Disable rp filtering */
+ {
+ char *const sysctl_args[] = {"sysctl", "-w",
+ "net.ipv4.conf.all.rp_filter=0", NULL};
+ char *const sysctl_args2[] = {"sysctl", "-w",
+ "net.ipv4.conf.default.rp_filter=0", NULL};
+ if ((0 != fork_and_exec (sbin_sysctl, sysctl_args)) ||
+ (0 != fork_and_exec (sbin_sysctl, sysctl_args2)))
+ {
+ fprintf (stderr,
+ "Failed to disable rp filtering.\n");
+ return 5;
+ }
+ }
+
+
/* now open virtual interface (first part that requires root) */
if (-1 == (fd_tun = init_tun (dev)))
{
@@ -814,6 +846,7 @@
set_address4 (dev, address, mask);
}
+
/* update routing tables -- next part why we need SUID! */
/* Forward everything from our EGID (which should only be held
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r22320 - gnunet/src/dns,
gnunet <=