Ver código fonte

A million changes, tunl0 was only ever used for checking if the ipip module is loaded. So, Instead of trying to modify it to check if it exists, We now just use get tunnel. We improved some errors and added some of our own. We made more changes than I can remember right now, Please enjoy.

MissValeska 10 anos atrás
pai
commit
b28ac22fb3
5 arquivos alterados com 66 adições e 67 exclusões
  1. 4
    4
      src/igs.c
  2. 1
    0
      src/inet.c
  3. 1
    3
      src/iptunnel.c
  4. 2
    2
      src/iptunnel.h
  5. 58
    58
      src/mark.c

+ 4
- 4
src/igs.c Ver arquivo

@@ -306,16 +306,16 @@ void init_internet_gateway_search(void)
306 306
 	/*
307 307
 	 * Bring tunl0 up (just to test if the ipip module is loaded)
308 308
 	 */
309
-	loginfo("Configuring the \"" DEFAULT_TUNL_IF "\" tunnel device");
309
+	loginfo("Checking if \"" DEFAULT_TUNL_IF "\" exists");
310 310
 	if(tunnel_change(0, 0, 0, DEFAULT_TUNL_PREFIX, DEFAULT_TUNL_NUMBER) < 0) {
311
-		printf("Cannot initialize \"" DEFAULT_TUNL_IF "\". "
311
+		printf("Cannot read \"" DEFAULT_TUNL_IF "\". "
312 312
 			"Is the \"ipip\" kernel module loaded?\n"
313 313
 			"  If you don't care about using the shared internet "
314 314
 			"connections of the ntk nodes\n"
315 315
 			"  around you, disable the \"use_shared_inet\" option "
316 316
 			"in netsukuku.conf");
317
-			//del_resolv_conf("nameserver 127.0.0.1", "/etc/resolv.conf");
318
-			//exit(1);
317
+			del_resolv_conf("nameserver 127.0.0.1", "/etc/resolv.conf");
318
+			exit(1);
319 319
 			}
320 320
 	ifs_del_all_name(me.cur_ifs, &me.cur_ifs_n, NTK_TUNL_PREFIX);
321 321
 	ifs_del_all_name(me.cur_ifs, &me.cur_ifs_n, DEFAULT_TUNL_PREFIX);

+ 1
- 0
src/inet.c Ver arquivo

@@ -1055,6 +1055,7 @@ ssize_t inet_sendto(int s, const void *msg, size_t len, int flags,
1055 1055
 	int ret;
1056 1056
 
1057 1057
 	if((err=sendto(s, msg, len, flags, to, tolen))==-1) {
1058
+		error("sendto errno: %d err is: %d", errno, err);
1058 1059
 		switch(errno)
1059 1060
 		{
1060 1061
 			case EMSGSIZE:

+ 1
- 3
src/iptunnel.c Ver arquivo

@@ -56,8 +56,7 @@ int tunnel_add(inet_prefix *remote, inet_prefix *local, char *dev,
56 56
 int tunnel_change(inet_prefix *remote, inet_prefix *local, char *dev,
57 57
 		char *tunl_prefix, int tunl_number)
58 58
 {
59
-	error("The value of siocchgtunnel is: %d", SIOCCHGTUNNEL);
60
-	return do_add(SIOCCHGTUNNEL, remote, local, dev, tunl_prefix,
59
+	return do_add(SIOCGETTUNNEL, remote, local, dev, tunl_prefix,
61 60
 			tunl_number);
62 61
 }
63 62
 
@@ -248,7 +247,6 @@ int do_get(char *dev)
248 247
 static int do_add(int cmd, inet_prefix *remote, inet_prefix *local, char *dev,
249 248
 		char *tunl_prefix, int tunl_number)
250 249
 {
251
-    error("This is the do_add function.");
252 250
 	struct ip_tunnel_parm p;
253 251
 
254 252
 	if (fill_tunnel_parm(cmd, remote, local, dev, tunl_prefix,

+ 2
- 2
src/iptunnel.h Ver arquivo

@@ -22,8 +22,8 @@
22 22
 #include "if.h"
23 23
 
24 24
 #define DEFAULT_TUNL_PREFIX	"tunl"
25
-#define DEFAULT_TUNL_NUMBER	1	/* The permanent tunl0 device */
26
-#define DEFAULT_TUNL_IF		"tunl1"
25
+#define DEFAULT_TUNL_NUMBER	0	/* The permanent tunl0 device */
26
+#define DEFAULT_TUNL_IF		"tunl0"
27 27
 #define NTK_TUNL_PREFIX		"ntk_tunl"
28 28
 
29 29
 /* Usage: printf(TUNL_STRING, TUNL_NUMBER("tunl", x)); */

+ 58
- 58
src/mark.c Ver arquivo

@@ -5,7 +5,7 @@
5 5
 	     ***********************************************
6 6
 	     *******          BEGIN 3/2006          ********
7 7
 *************************************************************************
8
-*                                              				* 
8
+*                                              				*
9 9
 *  This program is free software; you can redistribute it and/or modify	*
10 10
 *  it under the terms of the GNU General Public License as published by	*
11 11
 *  the Free Software Foundation; either version 2 of the License, or	*
@@ -18,16 +18,16 @@
18 18
 *									*
19 19
 ************************************************************************/
20 20
 
21
-/* 
21
+/*
22 22
  * This code is written with my blood.
23 23
  * My hand was hurt. The keyboard was red.
24 24
  * In this code you can find my sacrifice.
25 25
  *
26 26
  * This code is a netfilter iptc library.
27
- * iptc is very bad documented: wisdom and 
28
- * debuggers was my friends to understand 
29
- * netfilter behavior. 
30
- * I hope you'll never need to code netfilter 
27
+ * iptc is very bad documented: wisdom and
28
+ * debuggers was my friends to understand
29
+ * netfilter behavior.
30
+ * I hope you'll never need to code netfilter
31 31
  * apps.
32 32
  * Memory dumpers are with you.
33 33
  */
@@ -47,7 +47,7 @@ static int clean_on_exit;
47 47
 static rule_store rr,fr,dr;
48 48
 static int dumped;
49 49
 
50
-/* Table init: is too easy for comments. 
50
+/* Table init: is too easy for comments.
51 51
  * Returns:
52 52
  * 	0
53 53
  * 	-1
@@ -62,8 +62,8 @@ int table_init(const char *table, iptc_handle_t *t)
62 62
 	return 0;
63 63
 
64 64
 }
65
-/* 
66
- * insert the rule -rule- on chain -chain- 
65
+/*
66
+ * insert the rule -rule- on chain -chain-
67 67
  * at the position pos.
68 68
  * Returns:
69 69
  * 	0
@@ -79,7 +79,7 @@ int insert_rule(const char *rule,iptc_handle_t *t,const char *chain,int pos)
79 79
 	}
80 80
 	return 0;
81 81
 }
82
-/* 
82
+/*
83 83
  * append the rule -rule- on chain -chain-.
84 84
  * Returns:
85 85
  * 	0
@@ -105,7 +105,7 @@ int commit_rules(iptc_handle_t *t)
105 105
 {
106 106
 	int res;
107 107
 	res=iptc_commit(t);
108
-	error("This is the value of res: %i This is the value of t is: %s", res, t);
108
+	error("This is the value of res: %i This is the value of t is: %p", res, t);
109 109
 	if (!res) {
110 110
 		error("In commit_rules: %s.",iptc_strerror(errno));
111 111
 		err_ret(ERR_NETCOM,-1);
@@ -114,13 +114,13 @@ int commit_rules(iptc_handle_t *t)
114 114
 }
115 115
 
116 116
 
117
-/* 
117
+/*
118 118
  * Put in -rule- the netfilter rule:
119
- * 
119
+ *
120 120
  *  -A OUTPUT -o ntk_tunl+ -m conntrack  \
121 121
  *  --ctstate RELATED,ESTABLISHED -j CONNMARK \
122 122
  *  --restore-mark
123
- *  
123
+ *
124 124
  * -rule- has to be RESTORE_OUTPUT_RULE_SZ-sized
125 125
  */
126 126
 void restore_output_rule_init(char *rule)
@@ -132,7 +132,7 @@ void restore_output_rule_init(char *rule)
132 132
 	struct ipt_connmark_target_info *icmi;
133 133
 
134 134
 	memset(rule,0,RESTORE_OUTPUT_RULE_SZ);
135
-	
135
+
136 136
 	ee=(struct ipt_entry*)(rule);
137 137
 	em=(struct ipt_entry_match*)(rule+OFFSET_MATCH);
138 138
 	ici=(struct ipt_conntrack_info*)(rule+OFFSET_MATCH_INFO);
@@ -141,14 +141,14 @@ void restore_output_rule_init(char *rule)
141 141
 
142 142
 	ee->next_offset=RESTORE_OUTPUT_RULE_SZ;
143 143
 	ee->target_offset=OFFSET_TARGET;
144
-	
144
+
145 145
 	snprintf(ee->ip.outiface,IFNAMSIZ,"%s+",NTK_TUNL_PREFIX);
146 146
 	memset(ee->ip.outiface_mask,0xFF,strlen(ee->ip.outiface)-1);
147 147
 
148 148
 	strcpy(em->u.user.name,MOD_CONNTRACK);
149 149
 	em->u.match_size=MATCH_SZ;;
150 150
 	em->u.user.match_size=em->u.match_size;
151
-	
151
+
152 152
 	et->u.target_size=TARGET_SZ;
153 153
 	et->u.user.target_size=et->u.target_size;
154 154
 	strcpy(et->u.user.name,MOD_CONNMARK);
@@ -160,12 +160,12 @@ void restore_output_rule_init(char *rule)
160 160
 	icmi->mode=IPT_CONNMARK_RESTORE;
161 161
 	icmi->mask= 0xffffffffUL;
162 162
 }
163
-/* 
163
+/*
164 164
  * Put in -rule- the netfilter rule:
165
- * 
166
- *  -A POSTROUTING -o ntk_tunl+ -m conntrack 
165
+ *
166
+ *  -A POSTROUTING -o ntk_tunl+ -m conntrack
167 167
  *  --ctstate NEW -j ntk_mark_chain
168
- *  
168
+ *
169 169
  * -rule- has to be NTK_FORWARD_RULE_SZ-sized
170 170
  */
171 171
 void ntk_forward_rule_init(char *rule)
@@ -174,9 +174,9 @@ void ntk_forward_rule_init(char *rule)
174 174
 	struct ipt_entry_match *em;
175 175
 	struct ipt_entry_target *et;
176 176
 	struct ipt_conntrack_info *ici;
177
-	
177
+
178 178
 	memset(rule,0,NTK_FORWARD_RULE_SZ);
179
-	
179
+
180 180
 	ee=(struct ipt_entry*)(rule);
181 181
 	em=(struct ipt_entry_match*)(rule+IPT_ENTRY_SZ);
182 182
 	ici=(struct ipt_conntrack_info*)(rule+OFFSET_MATCH_INFO);
@@ -198,13 +198,13 @@ void ntk_forward_rule_init(char *rule)
198 198
 	et->u.user.target_size=et->u.target_size;
199 199
 	strcpy(et->u.user.name,NTK_MARK_CHAIN);
200 200
 }
201
-/* 
201
+/*
202 202
  * Put in -rule- the netfilter rule:
203
- * 
204
- * 
203
+ *
204
+ *
205 205
  *  -A ntk_mark_chain -o ntk_tunl<outiface_num>
206 206
  *  -j CONNMARK --set-mark <outiface_num>
207
- *  
207
+ *
208 208
  * -rule- has to be MARK_RULE_SZ-sized
209 209
  */
210 210
 void mark_rule_init(char *rule,char *outiface,int outiface_num)
@@ -214,7 +214,7 @@ void mark_rule_init(char *rule,char *outiface,int outiface_num)
214 214
 	struct ipt_connmark_target_info *icmi;
215 215
 
216 216
 	memset(rule,0,MARK_RULE_SZ);
217
-	
217
+
218 218
 	ee=(struct ipt_entry*)(rule);
219 219
 	et=(struct ipt_entry_target*)(rule+IPT_ENTRY_SZ);
220 220
 	icmi=(struct ipt_connmark_target_info*)(rule+IPT_ENTRY_SZ+IPT_ENTRY_TARGET_SZ);
@@ -232,13 +232,13 @@ void mark_rule_init(char *rule,char *outiface,int outiface_num)
232 232
 	memset(ee->ip.outiface_mask,0xFF,strlen(ee->ip.outiface));
233 233
 	icmi->mark=outiface_num+1;
234 234
 }
235
-/* 
235
+/*
236 236
  * Put in -rule- the netfilter rule:
237
- * 
238
- * 
237
+ *
238
+ *
239 239
  *  -A PREROUTING -o ntk_tunl+ \
240 240
  *  -j CONNMARK --set-mark 25
241
- *  
241
+ *
242 242
  * -rule- has to be IGW_FILTER_RULE_SZ-sized
243 243
  */
244 244
 void igw_mark_rule_init(char *rule)
@@ -250,7 +250,7 @@ void igw_mark_rule_init(char *rule)
250 250
 	memset(rule,0,IGW_FILTER_RULE_SZ);
251 251
 	e=(struct ipt_entry*)rule;
252 252
 	et=(struct ipt_entry_target*)(rule+IPT_ENTRY_SZ);
253
-	
253
+
254 254
 	e->next_offset=IGW_FILTER_RULE_SZ;
255 255
 	e->target_offset=IPT_ENTRY_SZ;
256 256
 	snprintf(e->ip.iniface,IFNAMSIZ,"%s+",NTK_TUNL_PREFIX);
@@ -263,7 +263,7 @@ void igw_mark_rule_init(char *rule)
263 263
 	memcpy(et->data,&res,4);
264 264
 }
265 265
 /*
266
- * Build the chain ntk_mark_chain on 
266
+ * Build the chain ntk_mark_chain on
267 267
  * mangle table.
268 268
  */
269 269
 int ntk_mark_chain_init(iptc_handle_t *t)
@@ -271,14 +271,14 @@ int ntk_mark_chain_init(iptc_handle_t *t)
271 271
 	int res;
272 272
 	res=iptc_is_chain(NTK_MARK_CHAIN,*t);
273 273
 	if (res) {
274
-		debug(DBG_NORMAL,"In mark_init: bizarre, ntk mangle" 
274
+		debug(DBG_NORMAL,"In mark_init: bizarre, ntk mangle"
275 275
 				 "chain is present yet. it will be flushed.");
276 276
 		res=iptc_flush_entries(NTK_MARK_CHAIN,t);
277
-		if (!res) 
277
+		if (!res)
278 278
 			goto dontwork;
279 279
 	} else {
280 280
 		res=iptc_create_chain(NTK_MARK_CHAIN,t);
281
-		if (!res) 
281
+		if (!res)
282 282
 			goto dontwork;
283 283
 	}
284 284
 	return 0;
@@ -369,7 +369,7 @@ int load_dump_rules()
369 369
 	if (!dumped)
370 370
 		return 0;
371 371
 	fd=open("/usr/share/netsukuku/mark_rules",O_RDONLY );
372
-	if (fd==-1) 
372
+	if (fd==-1)
373 373
 		return -1;
374 374
 	read(fd,&d_rr,sizeof(rule_store));
375 375
 	read(fd,&d_fr,sizeof(rule_store));
@@ -439,9 +439,9 @@ int mark_init(int igw)
439 439
 		error(err_str);
440 440
 		error("Unable to create netfilter forwarding rule.");
441 441
 		goto cannot_init;
442
-	}	
442
+	}
443 443
 	if (igw) {
444
-		death_loop_rule=1; 
444
+		death_loop_rule=1;
445 445
 		igw_mark_rule_init(rule);
446 446
 		res=insert_rule(rule,&t,CHAIN_PREROUTING,0);
447 447
 		if (res) {
@@ -449,7 +449,7 @@ int mark_init(int igw)
449 449
 			error("Unable to create netfilter igw death loop rule.");
450 450
 			death_loop_rule=0;
451 451
 			goto cannot_init;
452
-		}  
452
+		}
453 453
 	}
454 454
 	else
455 455
 		death_loop_rule=0;
@@ -481,12 +481,12 @@ cannot_init:
481 481
 	err_ret(ERR_MRKINI,-1);
482 482
 
483 483
 }
484
-/* 
484
+/*
485 485
  * Count the number of rules in ntk_mangle_chain.
486 486
  *
487
- * Returns the number of rules present in 
487
+ * Returns the number of rules present in
488 488
  * this chain.
489
- */ 
489
+ */
490 490
 int count_ntk_mark_chain(iptc_handle_t *t)
491 491
 {
492 492
 	int nchain=0;
@@ -533,7 +533,7 @@ int create_mark_rules(int n)
533 533
 	if (nchain==-1) {
534 534
 		error("In create_mark_rules: can not read ntk_mark_chain.");
535 535
 		err_ret(ERR_NETRUL,-1);
536
-	} 
536
+	}
537 537
 	if (nchain>=n) {
538 538
 		debug(DBG_NORMAL,"In create_mark_rules: rules present yet.");
539 539
 		return 0;
@@ -555,7 +555,7 @@ int create_mark_rules(int n)
555 555
 	return 0;
556 556
 }
557 557
 /*
558
- * Deltion function: 
558
+ * Deltion function:
559 559
  * this delete the chain ntk_mark_chain
560 560
  * Returns:
561 561
  * 	0
@@ -563,21 +563,21 @@ int create_mark_rules(int n)
563 563
  */
564 564
 
565 565
 int delete_ntk_forward_chain(iptc_handle_t *t)
566
-{	
566
+{
567 567
 	int res;
568 568
 
569 569
 	res=iptc_is_chain(NTK_MARK_CHAIN,*t);
570 570
 	if (!res)
571 571
 		return 0;
572 572
 	res=iptc_flush_entries(NTK_MARK_CHAIN,t);
573
-        if (!res) 
573
+        if (!res)
574 574
 		goto cannot_delete;
575 575
 	res=iptc_delete_chain(NTK_MARK_CHAIN,t);
576
-	if (!res) 
576
+	if (!res)
577 577
 		goto cannot_delete;
578 578
 	return 0;
579
-        	
580
-cannot_delete:	
579
+
580
+cannot_delete:
581 581
 	error("In delete_ntk_forward_chain: -> %s", iptc_strerror(errno));
582 582
 	err_ret(ERR_NETDEL,-1);
583 583
 }
@@ -596,7 +596,7 @@ int delete_first_rule(iptc_handle_t *t,const char *chain)
596 596
 	if (!res)
597 597
 		goto cannot_delete;
598 598
 	return 0;
599
-cannot_delete:	
599
+cannot_delete:
600 600
 	error("In delete_first_rule: -> %s", iptc_strerror(errno));
601 601
 	err_ret(ERR_NETDEL,-1);
602 602
 }
@@ -624,7 +624,7 @@ int rule_position(rule_store *rule,iptc_handle_t *t)
624 624
 	}
625 625
 	return found?count:-1;
626 626
 }
627
-/* 
627
+/*
628 628
  * Delete rule -rule.rule- on chain rule.chain.
629 629
  * Returns
630 630
  * 	0 if deletion is Ok or if nothing
@@ -646,7 +646,7 @@ int delete_rule(rule_store *rule,iptc_handle_t *t)
646 646
 	}
647 647
 	return 0;
648 648
 }
649
-/* 
649
+/*
650 650
  * clean the rules committed by:
651 651
  * 	- mark_init
652 652
  * 	- create_mark_rules()
@@ -654,7 +654,7 @@ int delete_rule(rule_store *rule,iptc_handle_t *t)
654 654
  * 	0
655 655
  * 	-1
656 656
  */
657
-		
657
+
658 658
 int mark_close()
659 659
 {
660 660
 	iptc_handle_t t;
@@ -666,7 +666,7 @@ int mark_close()
666 666
 	}
667 667
 	load_dump_rules();
668 668
 	res=table_init(MANGLE_TABLE,&t);
669
-	if (res) 
669
+	if (res)
670 670
 		goto reset_error;
671 671
 	res=0;
672 672
 	res+=delete_rule(&rr,&t);
@@ -675,13 +675,13 @@ int mark_close()
675 675
 		debug(DBG_INSANE,"In mark_close: I'm an IGW: deleting death loop rule.");
676 676
 		res+=delete_rule(&dr,&t);
677 677
 	}
678
-	if (res) 
678
+	if (res)
679 679
 		goto reset_error;
680 680
 	res=delete_ntk_forward_chain(&t);
681 681
 	if (res)
682 682
 		goto reset_error;
683 683
 	res=commit_rules(&t);
684
-	if (res) 
684
+	if (res)
685 685
 		goto reset_error;
686 686
 	debug(DBG_NORMAL,"Netfilter completely restored.");
687 687
 	return 0;

Carregando…
Cancelar
Salvar