ChronosXYZ/netsukuku
1
0
Fork 0
mirror of https://github.com/ChronosX88/netsukuku.git synced 2024-11-22 18:22:18 +00:00
Code Issues Projects Releases Wiki Activity

A million changes, tunl0 was only ever used for checking if the ipip module is loaded. So, Instead of trying to modify it to check if it exists, We now just use get tunnel. We improved some errors and added some of our own. We made more changes than I can remember right now, Please enjoy.

Browse Source
This commit is contained in:
MissValeska 2014-03-17 21:42:37 -07:00
parent 415d789b80
commit b28ac22fb3
5 changed files with 66 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/igs.c
View File

@ -306,16 +306,16 @@ void init_internet_gateway_search(void)
/* /*
* Bring tunl0 up (just to test if the ipip module is loaded) * Bring tunl0 up (just to test if the ipip module is loaded)
*/ */
loginfo("Configuring the \"" DEFAULT_TUNL_IF "\" tunnel device"); loginfo("Checking if \"" DEFAULT_TUNL_IF "\" exists");
if(tunnel_change(0, 0, 0, DEFAULT_TUNL_PREFIX, DEFAULT_TUNL_NUMBER) < 0) { if(tunnel_change(0, 0, 0, DEFAULT_TUNL_PREFIX, DEFAULT_TUNL_NUMBER) < 0) {
printf("Cannot initialize \"" DEFAULT_TUNL_IF "\". " printf("Cannot read \"" DEFAULT_TUNL_IF "\". "
"Is the \"ipip\" kernel module loaded?\n" "Is the \"ipip\" kernel module loaded?\n"
" If you don't care about using the shared internet " " If you don't care about using the shared internet "
"connections of the ntk nodes\n" "connections of the ntk nodes\n"
" around you, disable the \"use_shared_inet\" option " " around you, disable the \"use_shared_inet\" option "
"in netsukuku.conf"); "in netsukuku.conf");
//del_resolv_conf("nameserver 127.0.0.1", "/etc/resolv.conf"); del_resolv_conf("nameserver 127.0.0.1", "/etc/resolv.conf");
//exit(1); exit(1);
} }
ifs_del_all_name(me.cur_ifs, &me.cur_ifs_n, NTK_TUNL_PREFIX); ifs_del_all_name(me.cur_ifs, &me.cur_ifs_n, NTK_TUNL_PREFIX);
ifs_del_all_name(me.cur_ifs, &me.cur_ifs_n, DEFAULT_TUNL_PREFIX); ifs_del_all_name(me.cur_ifs, &me.cur_ifs_n, DEFAULT_TUNL_PREFIX);

1
src/inet.c
View File

@ -1055,6 +1055,7 @@ ssize_t inet_sendto(int s, const void *msg, size_t len, int flags,
int ret; int ret;
if((err=sendto(s, msg, len, flags, to, tolen))==-1) { if((err=sendto(s, msg, len, flags, to, tolen))==-1) {
error("sendto errno: %d err is: %d", errno, err);
switch(errno) switch(errno)
{ {
case EMSGSIZE: case EMSGSIZE:

4
src/iptunnel.c
View File

@ -56,8 +56,7 @@ int tunnel_add(inet_prefix *remote, inet_prefix *local, char *dev,
int tunnel_change(inet_prefix *remote, inet_prefix *local, char *dev, int tunnel_change(inet_prefix *remote, inet_prefix *local, char *dev,
char *tunl_prefix, int tunl_number) char *tunl_prefix, int tunl_number)
{ {
error("The value of siocchgtunnel is: %d", SIOCCHGTUNNEL); return do_add(SIOCGETTUNNEL, remote, local, dev, tunl_prefix,
return do_add(SIOCCHGTUNNEL, remote, local, dev, tunl_prefix,
tunl_number); tunl_number);
} }
@ -248,7 +247,6 @@ int do_get(char *dev)
static int do_add(int cmd, inet_prefix *remote, inet_prefix *local, char *dev, static int do_add(int cmd, inet_prefix *remote, inet_prefix *local, char *dev,
char *tunl_prefix, int tunl_number) char *tunl_prefix, int tunl_number)
{ {
error("This is the do_add function.");
struct ip_tunnel_parm p; struct ip_tunnel_parm p;
if (fill_tunnel_parm(cmd, remote, local, dev, tunl_prefix, if (fill_tunnel_parm(cmd, remote, local, dev, tunl_prefix,

4
src/iptunnel.h
View File

@ -22,8 +22,8 @@
#include "if.h" #include "if.h"
#define DEFAULT_TUNL_PREFIX "tunl" #define DEFAULT_TUNL_PREFIX "tunl"
#define DEFAULT_TUNL_NUMBER 1 /* The permanent tunl0 device */ #define DEFAULT_TUNL_NUMBER 0 /* The permanent tunl0 device */
#define DEFAULT_TUNL_IF "tunl1" #define DEFAULT_TUNL_IF "tunl0"
#define NTK_TUNL_PREFIX "ntk_tunl" #define NTK_TUNL_PREFIX "ntk_tunl"
/* Usage: printf(TUNL_STRING, TUNL_NUMBER("tunl", x)); */ /* Usage: printf(TUNL_STRING, TUNL_NUMBER("tunl", x)); */

116
src/mark.c
View File

@ -5,7 +5,7 @@
*********************************************** ***********************************************
******* BEGIN 3/2006 ******** ******* BEGIN 3/2006 ********
************************************************************************* *************************************************************************
* * * *
* This program is free software; you can redistribute it and/or modify * * This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by * * it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or * * the Free Software Foundation; either version 2 of the License, or *
@ -18,16 +18,16 @@
* * * *
************************************************************************/ ************************************************************************/
/* /*
* This code is written with my blood. * This code is written with my blood.
* My hand was hurt. The keyboard was red. * My hand was hurt. The keyboard was red.
* In this code you can find my sacrifice. * In this code you can find my sacrifice.
* *
* This code is a netfilter iptc library. * This code is a netfilter iptc library.
* iptc is very bad documented: wisdom and * iptc is very bad documented: wisdom and
* debuggers was my friends to understand * debuggers was my friends to understand
* netfilter behavior. * netfilter behavior.
* I hope you'll never need to code netfilter * I hope you'll never need to code netfilter
* apps. * apps.
* Memory dumpers are with you. * Memory dumpers are with you.
*/ */
@ -47,7 +47,7 @@ static int clean_on_exit;
static rule_store rr,fr,dr; static rule_store rr,fr,dr;
static int dumped; static int dumped;
/* Table init: is too easy for comments. /* Table init: is too easy for comments.
* Returns: * Returns:
* 0 * 0
* -1 * -1
@ -62,8 +62,8 @@ int table_init(const char *table, iptc_handle_t *t)
return 0; return 0;
} }
/* /*
* insert the rule -rule- on chain -chain- * insert the rule -rule- on chain -chain-
* at the position pos. * at the position pos.
* Returns: * Returns:
* 0 * 0
@ -79,7 +79,7 @@ int insert_rule(const char *rule,iptc_handle_t *t,const char *chain,int pos)
} }
return 0; return 0;
} }
/* /*
* append the rule -rule- on chain -chain-. * append the rule -rule- on chain -chain-.
* Returns: * Returns:
* 0 * 0
@ -105,7 +105,7 @@ int commit_rules(iptc_handle_t *t)
{ {
int res; int res;
res=iptc_commit(t); res=iptc_commit(t);
error("This is the value of res: %i This is the value of t is: %s", res, t); error("This is the value of res: %i This is the value of t is: %p", res, t);
if (!res) { if (!res) {
error("In commit_rules: %s.",iptc_strerror(errno)); error("In commit_rules: %s.",iptc_strerror(errno));
err_ret(ERR_NETCOM,-1); err_ret(ERR_NETCOM,-1);
@ -114,13 +114,13 @@ int commit_rules(iptc_handle_t *t)
} }
/* /*
* Put in -rule- the netfilter rule: * Put in -rule- the netfilter rule:
* *
* -A OUTPUT -o ntk_tunl+ -m conntrack \ * -A OUTPUT -o ntk_tunl+ -m conntrack \
* --ctstate RELATED,ESTABLISHED -j CONNMARK \ * --ctstate RELATED,ESTABLISHED -j CONNMARK \
* --restore-mark * --restore-mark
* *
* -rule- has to be RESTORE_OUTPUT_RULE_SZ-sized * -rule- has to be RESTORE_OUTPUT_RULE_SZ-sized
*/ */
void restore_output_rule_init(char *rule) void restore_output_rule_init(char *rule)
@ -132,7 +132,7 @@ void restore_output_rule_init(char *rule)
struct ipt_connmark_target_info *icmi; struct ipt_connmark_target_info *icmi;
memset(rule,0,RESTORE_OUTPUT_RULE_SZ); memset(rule,0,RESTORE_OUTPUT_RULE_SZ);
ee=(struct ipt_entry*)(rule); ee=(struct ipt_entry*)(rule);
em=(struct ipt_entry_match*)(rule+OFFSET_MATCH); em=(struct ipt_entry_match*)(rule+OFFSET_MATCH);
ici=(struct ipt_conntrack_info*)(rule+OFFSET_MATCH_INFO); ici=(struct ipt_conntrack_info*)(rule+OFFSET_MATCH_INFO);
@ -141,14 +141,14 @@ void restore_output_rule_init(char *rule)
ee->next_offset=RESTORE_OUTPUT_RULE_SZ; ee->next_offset=RESTORE_OUTPUT_RULE_SZ;
ee->target_offset=OFFSET_TARGET; ee->target_offset=OFFSET_TARGET;
snprintf(ee->ip.outiface,IFNAMSIZ,"%s+",NTK_TUNL_PREFIX); snprintf(ee->ip.outiface,IFNAMSIZ,"%s+",NTK_TUNL_PREFIX);
memset(ee->ip.outiface_mask,0xFF,strlen(ee->ip.outiface)-1); memset(ee->ip.outiface_mask,0xFF,strlen(ee->ip.outiface)-1);
strcpy(em->u.user.name,MOD_CONNTRACK); strcpy(em->u.user.name,MOD_CONNTRACK);
em->u.match_size=MATCH_SZ;; em->u.match_size=MATCH_SZ;;
em->u.user.match_size=em->u.match_size; em->u.user.match_size=em->u.match_size;
et->u.target_size=TARGET_SZ; et->u.target_size=TARGET_SZ;
et->u.user.target_size=et->u.target_size; et->u.user.target_size=et->u.target_size;
strcpy(et->u.user.name,MOD_CONNMARK); strcpy(et->u.user.name,MOD_CONNMARK);
@ -160,12 +160,12 @@ void restore_output_rule_init(char *rule)
icmi->mode=IPT_CONNMARK_RESTORE; icmi->mode=IPT_CONNMARK_RESTORE;
icmi->mask= 0xffffffffUL; icmi->mask= 0xffffffffUL;
} }
/* /*
* Put in -rule- the netfilter rule: * Put in -rule- the netfilter rule:
* *
* -A POSTROUTING -o ntk_tunl+ -m conntrack * -A POSTROUTING -o ntk_tunl+ -m conntrack
* --ctstate NEW -j ntk_mark_chain * --ctstate NEW -j ntk_mark_chain
* *
* -rule- has to be NTK_FORWARD_RULE_SZ-sized * -rule- has to be NTK_FORWARD_RULE_SZ-sized
*/ */
void ntk_forward_rule_init(char *rule) void ntk_forward_rule_init(char *rule)
@ -174,9 +174,9 @@ void ntk_forward_rule_init(char *rule)
struct ipt_entry_match *em; struct ipt_entry_match *em;
struct ipt_entry_target *et; struct ipt_entry_target *et;
struct ipt_conntrack_info *ici; struct ipt_conntrack_info *ici;
memset(rule,0,NTK_FORWARD_RULE_SZ); memset(rule,0,NTK_FORWARD_RULE_SZ);
ee=(struct ipt_entry*)(rule); ee=(struct ipt_entry*)(rule);
em=(struct ipt_entry_match*)(rule+IPT_ENTRY_SZ); em=(struct ipt_entry_match*)(rule+IPT_ENTRY_SZ);
ici=(struct ipt_conntrack_info*)(rule+OFFSET_MATCH_INFO); ici=(struct ipt_conntrack_info*)(rule+OFFSET_MATCH_INFO);
@ -198,13 +198,13 @@ void ntk_forward_rule_init(char *rule)
et->u.user.target_size=et->u.target_size; et->u.user.target_size=et->u.target_size;
strcpy(et->u.user.name,NTK_MARK_CHAIN); strcpy(et->u.user.name,NTK_MARK_CHAIN);
} }
/* /*
* Put in -rule- the netfilter rule: * Put in -rule- the netfilter rule:
* *
* *
* -A ntk_mark_chain -o ntk_tunl<outiface_num> * -A ntk_mark_chain -o ntk_tunl<outiface_num>
* -j CONNMARK --set-mark <outiface_num> * -j CONNMARK --set-mark <outiface_num>
* *
* -rule- has to be MARK_RULE_SZ-sized * -rule- has to be MARK_RULE_SZ-sized
*/ */
void mark_rule_init(char *rule,char *outiface,int outiface_num) void mark_rule_init(char *rule,char *outiface,int outiface_num)
@ -214,7 +214,7 @@ void mark_rule_init(char *rule,char *outiface,int outiface_num)
struct ipt_connmark_target_info *icmi; struct ipt_connmark_target_info *icmi;
memset(rule,0,MARK_RULE_SZ); memset(rule,0,MARK_RULE_SZ);
ee=(struct ipt_entry*)(rule); ee=(struct ipt_entry*)(rule);
et=(struct ipt_entry_target*)(rule+IPT_ENTRY_SZ); et=(struct ipt_entry_target*)(rule+IPT_ENTRY_SZ);
icmi=(struct ipt_connmark_target_info*)(rule+IPT_ENTRY_SZ+IPT_ENTRY_TARGET_SZ); icmi=(struct ipt_connmark_target_info*)(rule+IPT_ENTRY_SZ+IPT_ENTRY_TARGET_SZ);
@ -232,13 +232,13 @@ void mark_rule_init(char *rule,char *outiface,int outiface_num)
memset(ee->ip.outiface_mask,0xFF,strlen(ee->ip.outiface)); memset(ee->ip.outiface_mask,0xFF,strlen(ee->ip.outiface));
icmi->mark=outiface_num+1; icmi->mark=outiface_num+1;
} }
/* /*
* Put in -rule- the netfilter rule: * Put in -rule- the netfilter rule:
* *
* *
* -A PREROUTING -o ntk_tunl+ \ * -A PREROUTING -o ntk_tunl+ \
* -j CONNMARK --set-mark 25 * -j CONNMARK --set-mark 25
* *
* -rule- has to be IGW_FILTER_RULE_SZ-sized * -rule- has to be IGW_FILTER_RULE_SZ-sized
*/ */
void igw_mark_rule_init(char *rule) void igw_mark_rule_init(char *rule)
@ -250,7 +250,7 @@ void igw_mark_rule_init(char *rule)
memset(rule,0,IGW_FILTER_RULE_SZ); memset(rule,0,IGW_FILTER_RULE_SZ);
e=(struct ipt_entry*)rule; e=(struct ipt_entry*)rule;
et=(struct ipt_entry_target*)(rule+IPT_ENTRY_SZ); et=(struct ipt_entry_target*)(rule+IPT_ENTRY_SZ);
e->next_offset=IGW_FILTER_RULE_SZ; e->next_offset=IGW_FILTER_RULE_SZ;
e->target_offset=IPT_ENTRY_SZ; e->target_offset=IPT_ENTRY_SZ;
snprintf(e->ip.iniface,IFNAMSIZ,"%s+",NTK_TUNL_PREFIX); snprintf(e->ip.iniface,IFNAMSIZ,"%s+",NTK_TUNL_PREFIX);
@ -263,7 +263,7 @@ void igw_mark_rule_init(char *rule)
memcpy(et->data,&res,4); memcpy(et->data,&res,4);
} }
/* /*
* Build the chain ntk_mark_chain on * Build the chain ntk_mark_chain on
* mangle table. * mangle table.
*/ */
int ntk_mark_chain_init(iptc_handle_t *t) int ntk_mark_chain_init(iptc_handle_t *t)
@ -271,14 +271,14 @@ int ntk_mark_chain_init(iptc_handle_t *t)
int res; int res;
res=iptc_is_chain(NTK_MARK_CHAIN,*t); res=iptc_is_chain(NTK_MARK_CHAIN,*t);
if (res) { if (res) {
debug(DBG_NORMAL,"In mark_init: bizarre, ntk mangle" debug(DBG_NORMAL,"In mark_init: bizarre, ntk mangle"
"chain is present yet. it will be flushed."); "chain is present yet. it will be flushed.");
res=iptc_flush_entries(NTK_MARK_CHAIN,t); res=iptc_flush_entries(NTK_MARK_CHAIN,t);
if (!res) if (!res)
goto dontwork; goto dontwork;
} else { } else {
res=iptc_create_chain(NTK_MARK_CHAIN,t); res=iptc_create_chain(NTK_MARK_CHAIN,t);
if (!res) if (!res)
goto dontwork; goto dontwork;
} }
return 0; return 0;
@ -369,7 +369,7 @@ int load_dump_rules()
if (!dumped) if (!dumped)
return 0; return 0;
fd=open("/usr/share/netsukuku/mark_rules",O_RDONLY ); fd=open("/usr/share/netsukuku/mark_rules",O_RDONLY );
if (fd==-1) if (fd==-1)
return -1; return -1;
read(fd,&d_rr,sizeof(rule_store)); read(fd,&d_rr,sizeof(rule_store));
read(fd,&d_fr,sizeof(rule_store)); read(fd,&d_fr,sizeof(rule_store));
@ -439,9 +439,9 @@ int mark_init(int igw)
error(err_str); error(err_str);
error("Unable to create netfilter forwarding rule."); error("Unable to create netfilter forwarding rule.");
goto cannot_init; goto cannot_init;
} }
if (igw) { if (igw) {
death_loop_rule=1; death_loop_rule=1;
igw_mark_rule_init(rule); igw_mark_rule_init(rule);
res=insert_rule(rule,&t,CHAIN_PREROUTING,0); res=insert_rule(rule,&t,CHAIN_PREROUTING,0);
if (res) { if (res) {
@ -449,7 +449,7 @@ int mark_init(int igw)
error("Unable to create netfilter igw death loop rule."); error("Unable to create netfilter igw death loop rule.");
death_loop_rule=0; death_loop_rule=0;
goto cannot_init; goto cannot_init;
} }
} }
else else
death_loop_rule=0; death_loop_rule=0;
@ -481,12 +481,12 @@ cannot_init:
err_ret(ERR_MRKINI,-1); err_ret(ERR_MRKINI,-1);
} }
/* /*
* Count the number of rules in ntk_mangle_chain. * Count the number of rules in ntk_mangle_chain.
* *
* Returns the number of rules present in * Returns the number of rules present in
* this chain. * this chain.
*/ */
int count_ntk_mark_chain(iptc_handle_t *t) int count_ntk_mark_chain(iptc_handle_t *t)
{ {
int nchain=0; int nchain=0;
@ -533,7 +533,7 @@ int create_mark_rules(int n)
if (nchain==-1) { if (nchain==-1) {
error("In create_mark_rules: can not read ntk_mark_chain."); error("In create_mark_rules: can not read ntk_mark_chain.");
err_ret(ERR_NETRUL,-1); err_ret(ERR_NETRUL,-1);
} }
if (nchain>=n) { if (nchain>=n) {
debug(DBG_NORMAL,"In create_mark_rules: rules present yet."); debug(DBG_NORMAL,"In create_mark_rules: rules present yet.");
return 0; return 0;
@ -555,7 +555,7 @@ int create_mark_rules(int n)
return 0; return 0;
} }
/* /*
* Deltion function: * Deltion function:
* this delete the chain ntk_mark_chain * this delete the chain ntk_mark_chain
* Returns: * Returns:
* 0 * 0
@ -563,21 +563,21 @@ int create_mark_rules(int n)
*/ */
int delete_ntk_forward_chain(iptc_handle_t *t) int delete_ntk_forward_chain(iptc_handle_t *t)
{ {
int res; int res;
res=iptc_is_chain(NTK_MARK_CHAIN,*t); res=iptc_is_chain(NTK_MARK_CHAIN,*t);
if (!res) if (!res)
return 0; return 0;
res=iptc_flush_entries(NTK_MARK_CHAIN,t); res=iptc_flush_entries(NTK_MARK_CHAIN,t);
if (!res) if (!res)
goto cannot_delete; goto cannot_delete;
res=iptc_delete_chain(NTK_MARK_CHAIN,t); res=iptc_delete_chain(NTK_MARK_CHAIN,t);
if (!res) if (!res)
goto cannot_delete; goto cannot_delete;
return 0; return 0;
cannot_delete: cannot_delete:
error("In delete_ntk_forward_chain: -> %s", iptc_strerror(errno)); error("In delete_ntk_forward_chain: -> %s", iptc_strerror(errno));
err_ret(ERR_NETDEL,-1); err_ret(ERR_NETDEL,-1);
} }
@ -596,7 +596,7 @@ int delete_first_rule(iptc_handle_t *t,const char *chain)
if (!res) if (!res)
goto cannot_delete; goto cannot_delete;
return 0; return 0;
cannot_delete: cannot_delete:
error("In delete_first_rule: -> %s", iptc_strerror(errno)); error("In delete_first_rule: -> %s", iptc_strerror(errno));
err_ret(ERR_NETDEL,-1); err_ret(ERR_NETDEL,-1);
} }
@ -624,7 +624,7 @@ int rule_position(rule_store *rule,iptc_handle_t *t)
} }
return found?count:-1; return found?count:-1;
} }
/* /*
* Delete rule -rule.rule- on chain rule.chain. * Delete rule -rule.rule- on chain rule.chain.
* Returns * Returns
* 0 if deletion is Ok or if nothing * 0 if deletion is Ok or if nothing
@ -646,7 +646,7 @@ int delete_rule(rule_store *rule,iptc_handle_t *t)
} }
return 0; return 0;
} }
/* /*
* clean the rules committed by: * clean the rules committed by:
* - mark_init * - mark_init
* - create_mark_rules() * - create_mark_rules()
@ -654,7 +654,7 @@ int delete_rule(rule_store *rule,iptc_handle_t *t)
* 0 * 0
* -1 * -1
*/ */
int mark_close() int mark_close()
{ {
iptc_handle_t t; iptc_handle_t t;
@ -666,7 +666,7 @@ int mark_close()
} }
load_dump_rules(); load_dump_rules();
res=table_init(MANGLE_TABLE,&t); res=table_init(MANGLE_TABLE,&t);
if (res) if (res)
goto reset_error; goto reset_error;
res=0; res=0;
res+=delete_rule(&rr,&t); res+=delete_rule(&rr,&t);
@ -675,13 +675,13 @@ int mark_close()
debug(DBG_INSANE,"In mark_close: I'm an IGW: deleting death loop rule."); debug(DBG_INSANE,"In mark_close: I'm an IGW: deleting death loop rule.");
res+=delete_rule(&dr,&t); res+=delete_rule(&dr,&t);
} }
if (res) if (res)
goto reset_error; goto reset_error;
res=delete_ntk_forward_chain(&t); res=delete_ntk_forward_chain(&t);
if (res) if (res)
goto reset_error; goto reset_error;
res=commit_rules(&t); res=commit_rules(&t);
if (res) if (res)
goto reset_error; goto reset_error;
debug(DBG_NORMAL,"Netfilter completely restored."); debug(DBG_NORMAL,"Netfilter completely restored.");
return 0; return 0;