From bff0ea1c99ff68ca6f1ab58dcdfa0054caf42fca Mon Sep 17 00:00:00 2001 From: Kozlov Dmitry Date: Fri, 19 Apr 2013 13:27:21 +0400 Subject: ipoe: accept packets only from specified interfaces --- accel-pppd/ctrl/ipoe/ipoe.c | 5 ++++ accel-pppd/ctrl/ipoe/ipoe.h | 2 ++ accel-pppd/ctrl/ipoe/ipoe_netlink.c | 53 +++++++++++++++++++++++++++++++++++++ 3 files changed, 60 insertions(+) (limited to 'accel-pppd') diff --git a/accel-pppd/ctrl/ipoe/ipoe.c b/accel-pppd/ctrl/ipoe/ipoe.c index aae1cd1..116e83c 100644 --- a/accel-pppd/ctrl/ipoe/ipoe.c +++ b/accel-pppd/ctrl/ipoe/ipoe.c @@ -1417,6 +1417,9 @@ static void add_interface(const char *ifname, int ifindex, const char *opt) opt_dhcpv4 = conf_dhcpv4; } + if (opt_up) + ipoe_nl_add_interface(ifindex); + list_for_each_entry(serv, &serv_list, entry) { if (strcmp(ifname, serv->ifname)) continue; @@ -1574,6 +1577,8 @@ static void load_interfaces(struct conf_sect_t *sect) struct conf_option_t *opt; struct list_head *pos, *n; + ipoe_nl_delete_interfaces(); + list_for_each_entry(serv, &serv_list, entry) serv->active = 0; diff --git a/accel-pppd/ctrl/ipoe/ipoe.h b/accel-pppd/ctrl/ipoe/ipoe.h index 827cba3..bb5841e 100644 --- a/accel-pppd/ctrl/ipoe/ipoe.h +++ b/accel-pppd/ctrl/ipoe/ipoe.h @@ -85,6 +85,8 @@ struct ipoe_serv *ipoe_find_serv(const char *ifname); void ipoe_nl_add_net(uint32_t addr, int mask); void ipoe_nl_delete_nets(void); +void ipoe_nl_add_interface(int ifindex); +void ipoe_nl_delete_interfaces(void); int ipoe_nl_create(uint32_t peer_addr, uint32_t addr, const char *ifname, uint8_t *hwaddr); void ipoe_nl_delete(int ifindex); int ipoe_nl_modify(int ifindex, uint32_t peer_addr, uint32_t addr, const char *ifname, uint8_t *hwaddr); diff --git a/accel-pppd/ctrl/ipoe/ipoe_netlink.c b/accel-pppd/ctrl/ipoe/ipoe_netlink.c index b92ec92..dde83a5 100644 --- a/accel-pppd/ctrl/ipoe/ipoe_netlink.c +++ b/accel-pppd/ctrl/ipoe/ipoe_netlink.c @@ -82,6 +82,59 @@ void ipoe_nl_add_net(uint32_t addr, int mask) log_error("ipoe: nl_add_net: error talking to kernel\n"); } +void ipoe_nl_delete_interfaces(void) +{ + struct nlmsghdr *nlh; + struct genlmsghdr *ghdr; + struct { + struct nlmsghdr n; + char buf[1024]; + } req; + + if (rth.fd == -1) + return; + + nlh = &req.n; + nlh->nlmsg_len = NLMSG_LENGTH(GENL_HDRLEN); + nlh->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK; + nlh->nlmsg_type = ipoe_genl_id; + + ghdr = NLMSG_DATA(&req.n); + ghdr->cmd = IPOE_CMD_DEL_IF; + + addattr32(nlh, 1024, IPOE_ATTR_IFINDEX, -1); + + if (rtnl_talk(&rth, nlh, 0, 0, nlh, NULL, NULL, 0) < 0 ) + log_error("ipoe: nl_del_iface: error talking to kernel\n"); +} + +void ipoe_nl_add_interface(int ifindex) +{ + struct nlmsghdr *nlh; + struct genlmsghdr *ghdr; + struct { + struct nlmsghdr n; + char buf[1024]; + } req; + + if (rth.fd == -1) + return; + + nlh = &req.n; + nlh->nlmsg_len = NLMSG_LENGTH(GENL_HDRLEN); + nlh->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK; + nlh->nlmsg_type = ipoe_genl_id; + + ghdr = NLMSG_DATA(&req.n); + ghdr->cmd = IPOE_CMD_ADD_IF; + + addattr32(nlh, 1024, IPOE_ATTR_IFINDEX, ifindex); + + if (rtnl_talk(&rth, nlh, 0, 0, nlh, NULL, NULL, 0) < 0 ) + log_error("ipoe: nl_add_iface: error talking to kernel\n"); +} + + int ipoe_nl_create(uint32_t peer_addr, uint32_t addr, const char *ifname, uint8_t *hwaddr) { struct rtnl_handle rth; -- cgit v1.2.3