fix rp_filter for smartgw tunnel endpoint
authorHenning Rogge <hrogge@googlemail.com>
Thu, 29 Apr 2010 15:18:15 +0000 (17:18 +0200)
committerHenning Rogge <hrogge@googlemail.com>
Thu, 29 Apr 2010 15:18:15 +0000 (17:18 +0200)
src/kernel_tunnel.h
src/linux/kernel_tunnel.c
src/linux/net.c

index 90b9174..15d1525 100644 (file)
 #define IF_NAMESIZE MAX_INTERFACE_NAME_LEN
 #endif
 
-
 #include "defs.h"
 #include "olsr_types.h"
 #include "common/avl.h"
 
+#define TUNNEL_ENDPOINT_IF "tunl0"
+#define TUNNEL_ENDPOINT_IF6 "ip6tnl0"
+
 struct olsr_iptunnel_entry {
   struct avl_node node;
   union olsr_ip_addr target;
index cb5efbc..3114680 100644 (file)
@@ -67,8 +67,8 @@
 #include <sys/types.h>
 #include <net/if.h>
 
-static const char DEV_IPV4_TUNNEL[IFNAMSIZ] = "tunl0";
-static const char DEV_IPV6_TUNNEL[IFNAMSIZ] = "ip6tnl0";
+static const char DEV_IPV4_TUNNEL[IFNAMSIZ] = TUNNEL_ENDPOINT_IF;
+static const char DEV_IPV6_TUNNEL[IFNAMSIZ] = TUNNEL_ENDPOINT_IF6;
 
 static bool store_iptunnel_state;
 static struct olsr_cookie_info *tunnel_cookie;
index a4259a2..24d9daf 100644 (file)
@@ -47,6 +47,7 @@
 #include "../ipcalc.h"
 #include "../olsr.h"
 #include "../log.h"
+#include "kernel_tunnel.h"
 
 #include <net/if.h>
 
@@ -90,6 +91,7 @@
 static char orig_fwd_state;
 static char orig_global_redirect_state;
 static char orig_global_rp_filter;
+static char orig_tunnel_rp_filter, orig_tunnel6_rp_filter;
 
 /**
  *Bind a socket to a device
@@ -169,13 +171,35 @@ static bool is_at_least_linuxkernel_2_6_31(void) {
  */
 void
 net_os_set_global_ifoptions(void) {
-
   if (writeToProc(olsr_cnf->ip_version == AF_INET ? PROC_IPFORWARD_V4 : PROC_IPFORWARD_V6, &orig_fwd_state, '1')) {
     OLSR_PRINTF(1, "Warning, could not enable IP forwarding!\n"
         "you should manually ensure that IP forwarding is enabled!\n\n");
     olsr_startup_sleep(3);
   }
 
+  if (olsr_cnf->smart_gw_active) {
+    char procfile[FILENAME_MAX];
+
+    /* Generate the procfile name */
+    snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF);
+    if (writeToProc(procfile, &orig_tunnel_rp_filter, '0')) {
+      OLSR_PRINTF(0, "WARNING! Could not disable the IP spoof filter for tunnel!\n"
+          "you should mannually ensure that IP spoof filtering is disabled!\n\n");
+
+      olsr_startup_sleep(3);
+    }
+
+    if (olsr_cnf->ip_version == AF_INET6) {
+      snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF6);
+      if (writeToProc(procfile, &orig_tunnel6_rp_filter, '0')) {
+        OLSR_PRINTF(0, "WARNING! Could not disable the IP spoof filter for tunnel6!\n"
+            "you should mannually ensure that IP spoof filtering is disabled!\n\n");
+
+        olsr_startup_sleep(3);
+      }
+    }
+  }
+
   if (olsr_cnf->ip_version == AF_INET) {
     if (writeToProc(PROC_ALL_REDIRECT, &orig_global_redirect_state, '0')) {
       OLSR_PRINTF(1, "WARNING! Could not disable ICMP redirects!\n"
@@ -247,6 +271,21 @@ net_os_restore_ifoptions(void)
     OLSR_PRINTF(1, "Error, could not restore ip_forward settings\n");
   }
 
+  if (olsr_cnf->smart_gw_active) {
+    /* Generate the procfile name */
+    snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF);
+    if (writeToProc(procfile, NULL, orig_tunnel_rp_filter)) {
+      OLSR_PRINTF(0, "WARNING! Could not restore the IP spoof filter for tunnel!\n");
+    }
+
+    if (olsr_cnf->ip_version == AF_INET6) {
+      snprintf(procfile, sizeof(procfile), PROC_IF_SPOOF, TUNNEL_ENDPOINT_IF6);
+      if (writeToProc(procfile, NULL, orig_tunnel6_rp_filter)) {
+        OLSR_PRINTF(0, "WARNING! Could not restore the IP spoof filter for tunnel6!\n");
+      }
+    }
+  }
+
   if (olsr_cnf->ip_version == AF_INET) {
     /* Restore global ICMP redirect setting */
     if (writeToProc(PROC_ALL_REDIRECT, NULL, orig_global_redirect_state)) {