smcroute-2.4.2/0000755000175000017500000000000013345172574012343 5ustar jockejockesmcroute-2.4.2/Makefile.am0000644000175000017500000000440713345172574014404 0ustar jockejocke## SMCRoute - A static multicast routing tool -*-Makefile-*- ACLOCAL_AMFLAGS = -I m4 DISTCHECK_CONFIGURE_FLAGS = --with-systemd=$$dc_install_base/$(systemd) SUBDIRS = src DISTCLEANFILES = *~ DEADJOE semantic.cache *.gdb *.elf core core.* *.d dist_sbin_SCRIPTS = smcroute dist_man8_MANS = smcroute.8 SYMLINKS = smcrouted.8 smcroutectl.8 doc_DATA = README.md COPYING smcroute.conf EXTRA_DIST = README.md AUTHORS ChangeLog.md autogen.sh smcroute.conf smcroute.init if HAVE_SYSTEMD systemd_DATA = smcroute.service endif # Hook in install to add smcroute.8 --> smcrouted.8, smcroutectl.8 symlinks install-data-hook: @for file in $(SYMLINKS); do \ link=$(DESTDIR)$(man8dir)/$$file; \ test -e $$link && continue; \ $(LN_S) $(dist_man8_MANS) $$link; \ done uninstall-hook: @for file in $(SYMLINKS); do \ $(RM) $(DESTDIR)$(mandir)/$$file; \ done ## Generate detached signature file (ascii-armored), like OpenVPN does GPG = gpg gpg-dist: for file in $(DIST_ARCHIVES); do \ $(GPG) -ba $$file; \ done ## Generate MD5 checksum file MD5 = md5sum md5-dist: @for file in $(DIST_ARCHIVES); do \ $(MD5) $$file > $$file.md5; \ done ## Check if tagged in git release-hook: if [ ! `git tag | grep $(PACKAGE_VERSION)` ]; then \ echo; \ printf "\e[1m\e[41mCannot find release tag $(PACKAGE_VERSION)\e[0m\n"; \ printf "\e[1m\e[5mDo release anyway?\e[0m "; read yorn; \ if [ "$$yorn" != "y" -a "$$yorn" != "Y" ]; then \ printf "OK, aborting release.\n"; \ exit 1; \ fi; \ echo; \ else \ echo; \ printf "\e[1m\e[42mFound GIT release tag $(PACKAGE_VERSION)\e[0m\n"; \ printf "\e[1m\e[44m>>Remember to push tags!\e[0m\n"; \ echo; \ fi ## Target to run when building a release release: distcheck release-hook md5-dist gpg-dist @echo @echo "Resulting release files:" @echo "=================================================================" @for file in $(DIST_ARCHIVES); do \ printf "$$file \tDistribution tarball\n"; \ printf "$$file.md5\t"; cat $$file.md5 | cut -f1 -d' '; \ printf "$$file.asc\tGPG signature "; gpg --verify $$file.asc 2>&1 \ | grep 'key ID' | sed 's/.*using \(.*\)/\1/'; echo; \ done smcroute-2.4.2/autogen.sh0000755000175000017500000000005413345172574014343 0ustar jockejocke#!/bin/sh autoreconf -W portability -visfm smcroute-2.4.2/smcroute.80000644000175000017500000004501313345172574014300 0ustar jockejocke.Dd $Mdocdate: May 6 2017 $ .Dt SMCROUTE 8 SMM .Os .Sh NAME .Nm smcroute .Nd SMCRoute, a static multicast router .Sh SYNOPSIS .Nm smcrouted .Op Fl nNhsv .Op Fl c Ar SEC .Op Fl d Ar SEC .Op Fl e Ar CMD .Op Fl f Ar FILE .Op Fl I Ar NAME .Op Fl l Ar LVL .Op Fl p Ar USER:GROUP .Op Fl P Ar FILE .Op Fl t Ar ID .Nm smcroutectl .Op Fl dtv .Op Fl I Ar NAME .Op Ar COMMAND .Oo Ao add | rem Ac Ao ROUTE Ac Oc Oo Ao join | leave Ac Ao GROUP Ac Oc .Pp .Nm smcroutectl .Op help | flush | kill | restart | version | show Op groups | routes .Nm smcroutectl .Oo \ add | \ \ rem Oc Ao IFNAME Ac Oo SOURCE Oc Ar GROUP[/LEN] IFNAME Op IFNAME ... .Nm smcroutectl .Oo join | leave Oc Ao IFNAME Ac Oo SOURCE Oc Ar GROUP .Sh DESCRIPTION .Nm is both a daemon and command line tool to manipulate the multicast routing table of a UNIX kernel. It supports both IPv4 and IPv6 multicast routing. .Nm can be used as an alternative to dynamic multicast routers like .Nm mrouted or .Nm pimd in situations where static multicast routes should be maintained and/or no proper IGMP or MLD signaling exists. .Pp Multicast routes exist in the UNIX kernel as long as a multicast routing daemon is running. On Linux, multiple multicast routers can be used simultaneously with different multicast routing tables. To run .Nm smcrouted and, .Nm mrouted at the same time, set the former to use a routing table other than the default (0). .Pp .Nm smcrouted modifies the kernel routing table and needs either full .Ar superuser rights , or .Cm CAP_NET_ADMIN on Linux. This also applies to .Nm smcroutectl . .Ss WARNING Be careful when creating multicast routes. You can easily flood your networks by inadvertently creating routing loops. Either direct loops listing an inbound interface also as an outbound, or indirect loops by going through other routers. .Sh OPTIONS The following .Nm smcrouted commands are available: .Bl -tag -width Ds .It Fl n Run daemon in foreground, do not detach from controlling terminal .It Fl N By default .Nm smcrouted enables multicast routing on all available, and multicast capable, interfaces in the system. These interfaces are enumerated as VIFs, virtual interfaces, of which most UNIX systems have a very limited amount, usually 32. This daemon option inverts the behavior so no interfaces are enabled by default. Useful on systems with many interfaces, where multicast routing only makes use of a few. .Pp The config file setting .Ar phyint IFNAME enable is required to enable the required interfaces. .It Fl f Ar FILE Alternate configuration file, default .Pa /etc/smcroute.conf .It Fl c Ar SEC Flush unused dynamic (*,G) multicast routes every .Ar SEC seconds. .Pp This option is intended for systems with topology changes, i.e., when inbound multicast may change both interface and source IP address. E.g. in a setup with at least two VRRP routers. If there is no way of detecting such a topology change this option makes sure to periodically flush all dynamically learned multicast routes so that traffic may resume. Flushing of a specific route only occurs if it was unused during the last flush interval, i.e. there was no traffic matching it. This avoids toggling between different inbound interfaces if traffic arrives on several interfaces simultaneously. In this case, the first selected inbound interface is retained until traffic on it ceases. .Pp Default is 60 sec, set to 0 to disable. See also the .Nm smcroutectl Ar flush command, which can be called manually on topology changes. .It Fl d Ar SEC Daemon startup delay. Delays the probe of interfaces and parsing of the configuration file. Note, the PID file is also not created, since the daemon is not ready yet. .Pp This command line option, although useful in some use-cases, is fragile. It is almost always better to rely on an init or process supervisor that handles dependencies properly, like .Xr finit 8 , which can wait for interfaces to come up and files to be created before starting a service. .It Fl e Ar CMD Specify external script or command to be called when .Nm smcrouted has loaded/reloaded all static multicast routes from the configuration file, or when a source-less (ANY) rule has been installed. .It Fl I Ar NAME Set daemon identity. Used to create unique PID, IPC socket, and configuration file names, as well as set the syslog identity. E.g., .Fl I Ar foo would make .Nm smcrouted look for .Cm /etc/foo.conf , write its PID to .Cm /var/run/foo.pid and create an IPC socket for .Cm smcroutectl in .Cm /var/run/foo.sock . .Pp For .Nm smcroutectl the same option can be used to select the proper .Nm smcrouted instance to send IPC to. .Pp This option is required for both daemon and client when running multiple .Nm smcrouted instances, using multiple routing tables, on Linux. .It Fl l Ar LEVEL Set log level: none, err, notice, info, debug. Default is notice. .It Fl p Ar USER Op :GROUP Drop root privileges to USER:GROUP after start and retain CAP_NET_ADMIN capabilities only. The :GROUP is optional. This option is only available when .Nm smcrouted is built with libcap support. .It Fl P Ar FILE Set PID file name, and optionally full path, in case you need to override the default identity, or the identity set with .Fl I Ar NAME . Regardless, setting this option overrides all others, but it is recommended to use the ident option instead. .It Fl s Let daemon log to syslog, default unless running in foreground. .It Fl t Ar ID Set multicast routing table ID. Remember to also create routing rules directing packets to the table. This example uses routing table ID 123: .Bd -unfilled -offset left ip mrule add iif eth0 lookup 123 ip mrule add oif eth0 lookup 123 .Ed .Pp .Nm Note: Only available on Linux. .It Fl v Show program version. .El .Pp The .Fl e Ar CMD option is useful if you want to trigger other processes to start when .Nm smcrouted has completed installing dynamic multicast routes from (*,G) rules in .Pa /etc/smcroute.conf , or when a source-less (ANY) route, a.k.a (*,G) multicast rule, from .Pa /etc/smcroute.conf . is matched and installed. For instance, calling .Ar conntrack on Linux to flush firewall connection tracking when NAT:ing multicast. .Pp The script .Ar CMD is called with an argument .Ar reload or .Ar install to let the script know if it is called on SIGHUP/startup, or when a (*,G) rule is matched and installed. In the latter case .Nm smcrouted also sets two environment variables: .Nm source , and .Nm group . Beware that these environment variables are unconditionally overwritten by .Nm smcrouted and can thus not be used to pass information to the script from outside of .Nm smcrouted . .Sh COMMANDS The .Ar IFNAME argument in the below .Nm smcroutectl commands is the interface name, or an interface wildcard of the form .Ar eth+ , which matches .Ar eth0 , eth10 , etc. Wildcards are available for inbound interfaces. The following commands are available: .Bl -tag -width Ds .It Nm add Ar IFNAME [SOURCE] GROUP[/LEN] OUTIFNAME [OUTIFNAME ...] Add a multicast route to the kernel routing cache so that multicast packets received on the network interface .Ar IFNAME originating from the IP address .Ar SOURCE and sent to the multicast group address .Ar GROUP will be forwarded to the outbound network interfaces .Ar OUTIFNAME [OUTIFNAME ...] . The interfaces provided as .Ar INIFNAME and .Ar OUTIFNAME can be any network interface as listed by 'ifconfig' or 'ip link list' (incl. tunnel interfaces), but not the loopback interface. .Pp To add a (*,G) route, either leave .Ar SOURCE out completely or set it to .Ar 0.0.0.0 , and if you want to specify a range, set .Ar GROUP/LEN , e.g. .Ar 225.0.0.0/24 . .It Nm remove Ar IFNAME [SOURCE] GROUP Remove a kernel multicast route. .It Nm flush Flush dynamic (*,G) multicast routes now. Similar to how .Fl c Ar SEC works in the daemon, this client command initiates an immediate flush of all dynamically set (*,G) routes. Useful when a topology change has been detected and need to be propagated to .Nm smcrouted. .It Nm join Ar IFNAME [SOURCE] GROUP Join a multicast group on a given interface. The source address is optional, but if given a source specific (SSM) join is performed. .It Nm leave Ar IFNAME [SOURCE] GROUP Leave a multicast group on a given interface. As with the join command, above, the source address is optional. .It Nm help [cmd] Print a usage information message. .It Nm kill Stop (kill) running daemon. .It Nm restart Tell daemon to restart and reload its configuration file. Same as .Ar SIGHUP . .It Nm show [groups|routes] Show joined multicast groups or multicast routes, defaults to show routes. Can be combined with the .Fl d option to get details for each multicast route. .It Nm version Show program version. .El .Pp A multicast route is defined by an input interface .Ar IFNAME , the sender's unicast IP address .Ar SOURCE , which is optional, the multicast group .Ar GROUP and a list of, at least one, output interface .Ar IFNAME [IFNAME ...] . .Pp The sender's address and the multicast group must both be either IPv4 or IPv6 addresses. .Pp The output interfaces are not needed when removing routes using the .Nm remove command. The first three parameters are sufficient to identify the source of the multicast route. .Pp The intended purpose of .Nm is to aid in situations where dynamic multicast routing does not work properly. However, a dynamic multicast routing protocol is in nearly all cases the preferred solution. The reason for this is their ability to translate Layer-3 signaling to Layer-2 and vice versa (IGMP or MLD). .Pp .Nm smcrouted is capable of simple group join and leave by sending commands to the kernel. The kernel then handles sending Layer-2 IGMP/MLD join and leave frames as needed. This can be used for testing but is also useful sometimes to open up multicast from the sender if located on a LAN with switches equipped with IGMP/MLD Snooping. Such devices will prevent forwarding of multicast unless an IGMP/MLD capable router or multicast client is located on the same physical port as you run .Nm smcrouted on. However, this feature of .Nm smcrouted is only intended as a workaround, and only 20 groups can be joined this way (kernel limit). For bigger installations it is strongly recommended to instead address the root cause, e.g. enable multicast router ports on intermediate switches, or try the embedded multicast router discovery feature of .Nm smcrouted . .Pp To emulate a multicast client using .Nm you use the .Nm join and .Nm leave commands to issue join and leave commands for a given multicast group on a given interface .Ar IFNAME . The .Ar GROUP may be given in an IPv4 or IPv6 address format. .Pp The command is passed to the daemon that passes it to the kernel. The kernel then tries to join the multicast group .Ar GROUP on interface .Ar IFNAME by starting IGMP, or MLD for IPv6 group address, signaling on the given interface. This signaling may be received by routers/switches connected on that network supporting IGMP/MLD multicast signaling and, in turn, start forwarding the requested multicast stream eventually reach your desired interface. .Pp .Nm Note: when running multiple .Nm smcrouted instances, one per routing table on Linux, it is required to use the .Fl I Ar NAME option to both daemon and client. This because the name of the IPC socket used for communicating is composed from the identity. .Sh CONFIGURATION FILE .Nm smcrouted supports reading and setting up multicast routes from a config file. The default location is .Ar /etc/smcroute.conf , but this can be overridden using the .Fl f Ar FILE command line option. .Pp The .Ar IFNAME argument below is the interface name, or an interface wildcard of the form .Ar eth+ , which matches .Ar eth0 , eth10 , etc. Wildcards are available for inbound interfaces. .Pp .Bd -unfilled -offset indent # # smcroute.conf example # # The configuration file supports joining multicast groups, to use # Layer-2 signaling so that switches and routers open up multicast # traffic to your interfaces. Leave is not supported, remove the # mgroup and SIGHUP your daemon, or send a specific leave command. # # NOTE: Use of the mgroup command should be avoided if possible. # Instead configure "router ports" or similar on the switches # or bridges on your LAN. This to have them direct all the # multicast to your router, or direct select groups they have # such capabilities. Usually MAC multicast filters exist. # # The UNIX kernel usually limits the number of multicast groups # a socket/client can join. In Linux, 20 mgroup lines can be # configured by default, but this can be changed with sysctl: # # sysctl -w net.ipv4.igmp_max_memberships=30 # # Similarly supported is setting mroutes. Removing mroutes is not # supported, remove/comment out the mroute from the .conf file, or # send a remove command with smcroutectl. # # Syntax: # phyint IFNAME [mrdisc] [ttl-threshold <1-255>] # mgroup from IFNAME [source ADDRESS] group MCGROUP # mroute from IFNAME [source ADDRESS] group MCGROUP[/LEN] to IFNAME [IFNAME ...] # This example disables the creation of a multicast VIF for WiFi # interface wlan0. The kernel (at least Linux) sets the ALLMULTI # flag for all interfaces that have a VIF enabled. Hence, it can # cause quite a bit of unnecessary traffic to reach the CPU if too # many interfaces have a VIF (or MIF in IPv6 lingo). Only enable # interfaces required for inbound and outbound traffic. # phyint wlan0 disable phyint eth0 enable ttl-threshold 11 phyint eth1 enable ttl-threshold 3 phyint eth2 enable ttl-threshold 5 phyint virbr0 enable ttl-threshold 5 # The following example instructs the kernel to join the multicast # group 225.1.2.3 on interface eth0. Followed by setting up an # mroute of the same multicast stream, but from the explicit sender # 192.168.1.42 on the eth0 network and forward to eth1 and eth2. # mgroup from eth0 group 225.1.2.3 mroute from eth0 source 192.168.1.42 group 225.1.2.3 to eth1 eth2 # Similar example, but using source-specific group join mgroup from virbr0 source 192.168.123.110 group 225.1.2.4 mroute from virbr0 source 192.168.123.110 group 225.1.2.4 to eth0 # Here we allow routing of multicast to group 225.3.2.1 from ANY # source coming in from interface eth0 and forward to eth1 and eth2. # NOTE: Routing from ANY source is currently only available for IPv4 # multicast. mgroup from eth0 group 225.3.2.1 mroute from eth0 group 225.3.2.1 to eth1 eth2 # The previous is an example of the (*,G) support. Such rules cause # SMCRoute to dynamically add multicast routes to the kernel when the # first frame of a stream reaches the router. It is also possible to # specify a range of such rules, again, note that this currently only # works for IPv4. Also, it is not possible to set a range of groups # to join atm. mroute from eth0 group 225.0.0.0/24 to eth1 eth2 .Ed .Pp Fairly simple. As usual, to identify the origin of the inbound multicast we need the .Ar IFNAME , the sender's IP address and, of course, the multicast group address, .Ar MCGROUP . The last argument is a list of outbound interfaces. .Pp The source address is optional for IPv4 multicast routes. If omitted it defaults to 0.0.0.0 (INADDR_ANY) and will cause .Nm smcrouted to dynamically add new routes, matching the group and inbound interface, to the kernel. This is an experimental feature which may not work as intended, in particular not with 1:1 NAT. .Pp Following the UNIX tradition the file format supports comments starting at the beginning of the line using a hash sign. It is untested to have comments at the end of a line, but should work. .Pp When starting up in debug mode, .Nm smcrouted logs the success of parsing each line and setting up a route. .Sh LIMITS The current version compiles and runs fine on Linux kernel version 2.4, 2.6 and 3.0. Known limits: .Pp .Bl -tag -width TERM -compact -offset indent .It Cm Multicast routes Depends on the kernel, more than 200, probably more than 1000 .It Cm Multicast group memberships Max. 20, see caveat above .El .Pp .Sh SIGNALS .Nm smcrouted responds to the following signals: .Pp .Bl -tag -width TERM -compact .It Cm HUP Restart and reload the configuration file. All existing multicast routes and groups are dropped. .It Cm INT Terminates execution gracefully. .It Cm TERM The same as INT. .El .Pp For convenience in sending signals, .Nm smcrouted writes its process ID to .Pa /var/run/smcroute.pid upon startup. .Pp .Sh DEBUGGING The most common problem when attempting to route multicast is the TTL. Always start by verifying that the TTL of your multicast stream is not set to 1, because the router decrements the TTL of an IP frame before routing it. Test your setup using .Xr ping 8 or .Xr iperf 1 . Either of which is capable of creating multicast traffic with an adjustable TTL. Iperf in particular is useful since it can act both as a multicast source (sender) and a multicast sink (receiver). For more advanced IP multicast testing the .Xr omping 8 tool can be used. .Pp .Sh FILES .Bl -tag -width /proc/net/ip6_mr_cache -compact .It Pa /etc/smcroute.conf Routes to be set when starting, or restarting .Nm smcrouted on .Ar SIGHUP . Like the PID file, the name of the configuration file may be different depending on command line options given to the daemon. .It Pa /var/run/smcroute.pid Default PID file (re)created by .Nm smcrouted when it has started up and is ready to receive commands. See also the .Fl I Ar NAME or .Fl P Ar FILE options which can change the default name. .It Pa /var/run/smcroute.sock IPC socket created by .Nm smcrouted for use by .Nm smcroutectl . Same caveats apply to this file as the previous two, command line options to the daemon can change the file names. .It Pa /proc/net/ip_mr_cache Holds active IPv4 multicast routes. .It Pa /proc/net/ip_mr_vif Holds the IPv4 virtual interfaces used by the active multicast routing daemon. .It Pa /proc/net/ip6_mr_cache Holds active IPv6 multicast routes. .It Pa /proc/net/ip6_mr_vif Holds the IPv6 virtual interfaces used by the active multicast routing daemon. .It Pa /proc/net/igmp Holds active IGMP joins. .It Pa /proc/net/igmp6 Holds active MLD joins. .El .Pp .Sh SEE ALSO .Xr mrouted 8 , .Xr pimd 8 , .Xr omping 8 , .Xr ping 8 , .Xr mcjoin 1 , .Xr iperf 1 .Sh AUTHORS SMCRoute was created by Carsten Schill . IPv6 support by Todd Hayton . FreeBSD support by Micha Lenk . .Pp .Nm smcrouted is maintained by Joachim Nilsson , Todd Hayton , Micha Lenk and Julien BLACHE at .Ar https://github.com/troglobit/smcroute . .Sh TIPS A lot of extra information is sent under the daemon facility and the debug priority to the syslog daemon. Use .Cm smcrouted -s -l debug to enable. smcroute-2.4.2/AUTHORS0000644000175000017500000000123513345172574013414 0ustar jockejockeAuthors ======= Year: 2001-2005 Author: Carsten Schill , original author Releases: --> 0.92 URL: http://www.cschill.de/smcroute/ Year: 2006-2011 Releases: Version 0.93 --> 0.95 Authors: Julien BLACHE , Todd Hayton , and Micha Lenk URL: http://alioth.debian.org/projects/smcroute Year: 2011- Releases: 1.93.0 --> Authors: Joachim Nilsson , Todd Hayton , Micha Lenk , and Julien BLACHE URL: https://github.com/troglobit/smcroute smcroute-2.4.2/smcroute.conf0000644000175000017500000000626613345172574015065 0ustar jockejocke# # smcroute.conf example # # The configuration file supports joining multicast groups, to use # Layer-2 signaling so that switches and routers open up multicast # traffic to your interfaces. Leave is not supported, remove the # mgroup and SIGHUP your daemon, or send a specific leave command. # # NOTE: Use of the mgroup command should be avoided if possible. # Instead configure "router ports" or similar on the switches # or bridges on your LAN. This to have them direct all the # multicast to your router, or select groups if they have # such capabilities. Usually MAC multicast filters exist. # # Some switch manufacturers support mrdisc, RFC4286, which # SMCRoute can use to advertise itself on source interfaces. # # The UNIX kernel usually limits the number of multicast groups # a socket/client can join. In Linux, 20 mgroup lines can be # configured by default, but this can be changed with sysctl: # # sysctl -w net.ipv4.igmp_max_memberships=30 # # Similarly supported is setting mroutes. Removing mroutes is not # supported, remove/comment out the mroute from the .conf file, or # send a remove command with smcroutectl. # # Syntax: # phyint IFNAME [mrdisc] [ttl-threshold <1-255>] # mgroup from IFNAME [source ADDRESS] group MCGROUP # mroute from IFNAME [source ADDRESS] group MCGROUP[/LEN] to IFNAME [IFNAME ...] # This example disables the creation of a multicast VIF for WiFi # interface wlan0. The kernel (at least Linux) sets the ALLMULTI # flag for all interfaces that have a VIF enabled. Hence, it can # cause quite a bit of unnecessary traffic to reach the CPU if too # many interfaces have a VIF (or MIF in IPv6 lingo). Only enable # interfaces required for inbound and outbound traffic. # phyint wlan0 disable phyint eth0 enable ttl-threshold 11 phyint eth1 enable ttl-threshold 3 phyint eth2 enable ttl-threshold 5 phyint virbr0 enable ttl-threshold 5 # The following example instructs the kernel to join the multicast # group 225.1.2.3 on interface eth0. Followed by setting up an # mroute of the same multicast stream, but from the explicit sender # 192.168.1.42 on the eth0 network and forward to eth1 and eth2. # mgroup from eth0 group 225.1.2.3 mroute from eth0 source 192.168.1.42 group 225.1.2.3 to eth1 eth2 # Similar example, but using source-specific group join mgroup from virbr0 source 192.168.123.110 group 225.1.2.4 mroute from virbr0 source 192.168.123.110 group 225.1.2.4 to eth0 # Here we allow routing of multicast to group 225.3.2.1 from ANY # source coming in from interface eth0 and forward to eth1 and eth2. # NOTE: Routing from ANY source is currently only available for IPv4 # multicast. mgroup from eth0 group 225.3.2.1 mroute from eth0 group 225.3.2.1 to eth1 eth2 # The previous is an example of the (*,G) support. Such rules cause # SMCRoute to dynamically add multicast routes to the kernel when the # first frame of a stream reaches the router. It is also possible to # specify a range of such rules, again, note that this currently only # works for IPv4. Also, it is not possible to set a range of groups # to join atm. mroute from eth0 group 225.0.0.0/24 to eth1 eth2 smcroute-2.4.2/smcroute.service.in0000644000175000017500000000055513345172574016200 0ustar jockejocke[Unit] Description=Static multicast routing daemon Documentation=man:smcroute Documentation=file:@DOCDIR@/README.md Documentation=https://github.com/troglobit/smcroute # ConditionPathExists=/etc/smcroute.conf After=network-online.target Requires=network-online.target [Service] Type=simple ExecStart=@SBINDIR@/smcrouted -n -s [Install] WantedBy=multi-user.target smcroute-2.4.2/m4/0000755000175000017500000000000013345172574012663 5ustar jockejockesmcroute-2.4.2/m4/mroute.m40000644000175000017500000000632213345172574014443 0ustar jockejocke# Macros to probe for multicast headers and IPv4/IPv6 support AC_DEFUN([AC_CHECK_MROUTE_HEADERS],[ AC_CHECK_HEADERS([linux/mroute.h linux/filter.h], [], [],[ #ifdef HAVE_SYS_SOCKET_H # include #endif #ifdef HAVE_NETINET_IN_H # include #endif #define _LINUX_IN_H /* For Linux <= 2.6.25 */ #include ]) AC_CHECK_HEADERS([netinet/ip_mroute.h], [], [],[ #ifdef HAVE_SYS_SOCKET_H # include #endif #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_NETINET_IN_H # include #endif #ifdef HAVE_NET_ROUTE_H # include #endif ]) ]) AC_DEFUN([AC_CHECK_MROUTE],[ AC_CHECK_MROUTE_HEADERS() ]) AC_DEFUN([AC_CHECK_MROUTE6_HEADERS],[ AC_CHECK_HEADERS([linux/mroute6.h], [], [],[ #ifdef HAVE_SYS_SOCKET_H # include #endif #ifdef HAVE_NETINET_IN_H # include #endif ]) AC_CHECK_HEADERS([netinet6/ip6_mroute.h], [], [],[ #ifdef HAVE_NETINET_IN_H # include #endif #ifdef HAVE_SYS_PARAM_H # include #endif ]) ]) AC_DEFUN([AC_CHECK_MROUTE6],[ AC_CHECK_MROUTE6_HEADERS() AC_MSG_CHECKING(for IPv6 multicast host support) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #ifdef HAVE_SYS_SOCKET_H # include #endif #ifdef HAVE_NETINET_IN_H # include #endif ]],[[ struct ipv6_mreq mreq; ]])],[ AC_DEFINE(HAVE_IPV6_MULTICAST_HOST, 1, [Define if your OS supports acting as an IPv6 multicast host]) AC_MSG_RESULT(yes)],[ AC_MSG_RESULT(no)]) AC_MSG_CHECKING(for IPv6 multicast routing support) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #ifdef HAVE_SYS_SOCKET_H # include #endif #ifdef HAVE_NETINET_IN_H # include #endif #ifdef HAVE_LINUX_MROUTE6_H # include #endif #ifdef HAVE_SYS_PARAM_H # include #endif #ifdef HAVE_NETINET6_IP6_MROUTE_H # include #endif ]],[[ int dummy = MRT6_INIT; ]])],[ AC_DEFINE(HAVE_IPV6_MULTICAST_ROUTING, 1, [Define if your OS supports IPv6 multicast routing]) AC_MSG_RESULT(yes) enable_ipv6=yes],[ AC_MSG_RESULT(no) enable_ipv6=no]) AC_MSG_CHECKING(for vifc_rate_limit member in struct mif6ctl) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #ifdef HAVE_LINUX_MROUTE6_H # include #endif #ifdef HAVE_NETINET6_IP6_MROUTE_H # include #endif ]],[[ struct mif6ctl dummy; dummy.vifc_rate_limit = 1; ]])],[ AC_DEFINE(HAVE_MIF6CTL_VIFC_RATE_LIMIT, 1, [Define if the struct mif6ctl has a member vifc_rate_limit on your OS]) AC_MSG_RESULT(yes)],[ AC_MSG_RESULT(no)]) AC_MSG_CHECKING(for vifc_threshold member in struct mif6ctl) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #ifdef HAVE_LINUX_MROUTE6_H #include #endif #ifdef HAVE_NETINET6_IP6_MROUTE_H #include #endif ]],[[ struct mif6ctl dummy; dummy.vifc_threshold = 1; ]])],[ AC_DEFINE(HAVE_MIF6CTL_VIFC_THRESHOLD, 1, [Define if the struct mif6ctl has a member vifc_threshold on your OS]) AC_MSG_RESULT(yes)],[ AC_MSG_RESULT(no)]) ]) smcroute-2.4.2/m4/misc.m40000644000175000017500000000062513345172574014063 0ustar jockejocke# Misc. helper macros AC_DEFUN([AC_CHECK_SUN_LEN],[ AC_MSG_CHECKING(for sun_len member in struct sockaddr_un) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #include ]],[[ struct sockaddr_un dummy; dummy.sun_len = 0; ]])],[ AC_DEFINE(HAVE_SOCKADDR_UN_SUN_LEN, 1, [Define if the struct sockaddr_un has a member sun_len on your OS]) AC_MSG_RESULT(yes)],[ AC_MSG_RESULT(no)]) ]) smcroute-2.4.2/ChangeLog.md0000644000175000017500000004453613345172574014530 0ustar jockejockeChangeLog ========= All notable changes to the project are documented in this file. [v2.4.2][] - 2018-09-09 ----------------------- ### Changes - Add wrapper script `smcroute` for use with old style startup scripts - Add symlinks to man pages for `smcrouted.8 and` `smcroutectl.8` - Update SysV init script, daemon now called `smcrouted` ### Fixes - Fix #96: A `.conf` line may be missing final newline, this is fine - Spellcheck `smcroute.conf` example - Fix Lintian warning (Debian) for unbreakable line in man page [v2.4.1][] - 2018-06-16 ----------------------- ### Changes - Update and spellecheck documentation and example `.conf` file ### Fixes - Fix #91: Allow re-configuration of unprivileged `smcrouted`. Courtesy of Marcel Patzlaff [v2.4.0][] - 2018-02-11 ----------------------- ### Changes - Interface wildcard support, Linux `iptables` like syntax, `eth+` matches `eth0`, `eth1`, `eth32`. It can be used where an interface name is used: `phyint`, `mroute`, `mgroup`, and even on the command line to `smcroutectl`. Contributed by Martin Buck - Disable IPv4 [mrdisc][] by default, enable per `phyint` in the `.conf` file instead. When *not* started with `smcrouted -N` mrdisc would otherwise be enabled on *all* interfaces found at startup - Minor doc updates, e.g. clarify need for root or `CAP_NET_ADMIN` including some minor man page fixes ### Fixes - Fix #75: Not possible to remove (*,G) routes using `smcroutectl` - Fix #76: When removing a kernel route, also remove from internal lists otherwise route is shown in `smcroutectl show`. Conversely, adding a route to internal list shall only be done after successful kernel add - Fix #77: Counter overflow due to wrong type used in `smcroutectl show` - Fix #78: Document interface wildcard feature - Fix #80: `smcroutectl` argument parser fixes by Pawel Rozlach - Fix #84: Check return value of `sigaction()` - Fix #85: Signal handling is async-signal-unsafe - Fix #86: Document how to use `iptables` on Linux to modify TTL - Fix #87: Possible buffer overrun in `ipc_receive()` - Fix #89: Adding similar (S,G) route should replace existing one if inbound interface differs [v2.3.1][] - 2017-06-13 ----------------------- Bug fix release courtesy of the Westermo WeOS automated testing framework. Many thanks to Johan Askerin at Westermo for working on integrating SMCRoute v2.3 into WeOS v4.22! ### Changes - Add `utimensat()` replacement for systems that don't have it - Ignore error messages from `send()` on interface link down ### Fixes - Fix build error(s) on FreeBSD 9/9.3-RELEASE - Fix possible invalid interface name reference in new mrdisc support - Fix log macro bug in the .conf parser - Fix buggy interface and VIF re-initialization on `SIGHUP` [v2.3.0][] - 2017-05-28 ----------------------- ### Changes - Support GROUP/LEN matching for IPv4 (*,G) routes - Support for IPv4 [mrdisc][], [RFC4286][] - Support for multiple routing tables on Linux, `-t ID` - `ssmgroup` code folded into general code, now with optional source - Separation of daemon and client into `smcrouted` and `smcroutectl` - Complete new client user interface, `smcroutectl` - Support for disabling IPC and client, `--disable-client` - Support for disabling `.conf` file support, `--disable-config` - Show multicast routes and joined groups in client, including stats: `smcroutectl show [groups|routes]` - Support for `-d SEC` startup delay in `smcrouted` - Unknown (*,G) multicast now blocked by default - Flush timer, `-c SEC`, for (*,G) routes now enabled by default, 60 sec - Build ID removed from `configure` script - Massive code cleanup, refactor and separation into stand-alone modules - Default system paths are no longer taken from `/usr/include/paths.h`, instead the settings from `configure --prefix` are used - Use of `libcap` for privilige separation is now auto-detected ### Fixes - Allow use of loopback interface for multicast routes - Fix IPv4-only build, by Martin Buck - Fix IPv4 network interface address identification, by Martin Buck - Support unlimited number of network interfaces, by Martin Buck [v2.2.2][] - 2017-02-02 ----------------------- ### Changes - New client command, `-F`, for immediately flushing dynamically learned (*,G) routes from the cache. ### Fixes - Fix issue #51: New cache flush timeout option causes endless `select()` loop. Reported by Ramon Fried, @mellowcandle [v2.2.1][] - 2017-01-09 ----------------------- ### Changes - Add support for a new command line option, `-c SEC`, for timing out dynamically learned (*,G) routes. Issue #17 ### Fixes - Portability, replace use of non-std `__progname` with small function - Issue #49: systemd unit file missing `-d` to start daemon [v2.2.0][] - 2016-12-03 ----------------------- ### Changes - Support for dropping root privileges after opening the multicast routing socket and creating the PID file - Support for Source Specific Multicast group subscription (only IPv4) - Support for systemd, service file included and installed by default ### Fixes - Remove GNUisms to be able to build and run on Alpine Linux (musl libc) - Add OpenBSD `queue.h` for systems that do not have any *BSD `sys/queue.h` - Coding style cleanup and minor refactor [v2.1.1][] - 2016-08-19 ----------------------- ### Changes - When `SIGHUP` is received SMCRoute now touches its PID file as an acknowledgement. This is used by some process supervision daemons, like [Finit](https://github.com/troglobit/finit), on system configuration changes to detect when a daemon is done. The mtime is set using the `utimensat()` function to ensure nanosecond resolution. ### Fixes - Fix issue #38: Minor memory leak at exit. The Valgrind tool warns that all memory is not freed when smcroute exits. On most modern UNIX systems, on platforms with MMU, this is not a problem, but on older systems, or uClinux, memory is not freed at program exit. - Fix issue #39: Removing wildcard route at runtime does not work if no kernel routes have been set. - Fix issue #44: IPv6 disabled by default, despite what `configure` says in its help text. Enabling it disables it ... fixed by enabling IPv6 by default. [v2.1.0][] - 2016-02-17 ----------------------- ### Changes - Allow more interfaces to be used for multicast routing, in particular on Linux, where interfaces without an IP address can now be used! Making it possible to run SMCRoute on DHCP/PPP interaces, issue #13 - Add support for TTL scoping on interfaces, very useful for filtering multicast without a firewall: `phyint IFNAME ttl-threshold TTL` - On Linux a socket filter now filters out ALL traffic on the helper sockets where SMCRoute does IGMP/MLD join/leave on multicast groups. This should eliminate the extra overhad required to, not only route streams, but also send a copy of each packet to SMCRoute. - Add support for limiting the amount of multicast interfaces (VIFs) SMCRoute creates at startup. Two options are now available, by default all multicast capable interfaces are given a VIF and the user can selectively disable them one by one. However, if the `-N` command line option is given SMCRoute does *not* enable any VIFs by default, the user must then selectively enable interface one by one. The syntax in the config file is: phyint IFNAME Use `enable` per interface with `-N` option, or `disable` by default. - Make build ID optional. SMCRoute has always had the build date hard coded in the binary. This change makes this optional, and defaults to disabled, to facilitate reproducible builds. For more info, see https://wiki.debian.org/ReproducibleBuilds - Remove generated files from GIT. Files generated by GNU autotools are now only part of the distribution archive, not the GIT repository. Use `./autogen.sh` to create the required files when using GIT. - Updated man page and example `smcroute.conf` with limitations on the amount of mgroup rules. - Add support for executing an external script on config reload and when installing a multicast route. Issue #14 smcroute -e /path/to/cmd The script is called when SMCRoute has started up, or has received `SIGHUP` and just reloaded the configuration file, and when a new source-less rule have been installed. See the documentation for more information on set environment variables etc. Issue #14 - Add `--disable-ipv6` option to `configure` script. Disables IPv6 support in SMCRoute even though the kernel may support it - Replaced `-D` option with `-L LVL` to alter log level, issue #24 - The smcroute daemon now behaves more like a regular UNIX daemon. It defaults to using syslog when running in the background and stderr when running in the foreground. A new option `-s` can be used to enable syslog when running in the foreground, issue #25 - The smcroute client no longer use syslog, only stderr, issue #25 - When starting the smcroute daemon it is no longer possible to also send client commands on the same command line. - Remove the (unmaintained) in-tree `mcsender` tool. Both ping(8) and iperf(1) can be used in its stead. The omping(8) tool is another tool, engineered specifically for testing multicast. Issue #30 ### Fixes - Fix issue #10: `smcroute` client loops forever on command if no `smcroute` daemon is running - Install binaries to `/usr/sbin` rather than `/usr/bin`, regression introduced in [v2.0.0][]. Fixed by Micha Lenk - Cleanup fix for no-MMU systems. Multicast groups were not properly cleaned up in the `atexit()` handler -- *only* affects no-MMU systems. - Do not force automake v1.11, only require *at least* v.11 - SMCRoute operates fine without a config file, so use a less obtrusive warning message for missing `/etc/smcroute.conf` [v2.0.0][] - 2014-09-30 ----------------------- ### Changes - Migrate to full GNU Configure and Build system, add Makefile.am, GitHub issue #6 -- heads up, packagers! - Add standard SysV init script, from Debian. GitHub issue #9 ### Fixes - Multiple fixes of nasty bugs thanks to Coverity static code analysis! - Cleanup of Linux system anachronisms to make FreeBSD work again, GitHub issue #5 [v1.99.2][] - 2013-07-16 ------------------------ ### Fixes * Fix issue #2: Loop forever bug when deleting new (*,G) sourceless routes Bug report and patch by Jean-Baptiste Maillet [v1.99.1][] - 2013-07-11 ------------------------ ### Fixes - Fix possible memory leak on Linux - Fix missing #ifdefs when building on systems w/o IPv6 - Fix possible race in Makefile when building in (massive) parallel - Fix build problems on RedHat EL5/CentOS5, i.e., Linux <= 2.6.25 [v1.99.0][] - 2012-05-13 ------------------------- ### Changes - Feature: Experimental source-less `(*,G)` IPv4 multicast routing. Most UNIX kernels are (S,G) based, i.e., you need to supply the source address with the multicast group to setup a kernel routing rule. However, daemons like mrouted and pimd emulate `(*,G)` by listening for IGMPMSG_NOCACHE messages from the kernel. SMCRoute now also implements this, for IPv4 only atm, by placing all `(*,G)` routes in a list and adding matching (S,G) routes on-demand at runtime. All routes matching this (*,G) are removed when reloading the conf file on SIGHUP or when the user sends an IPC (-r) command to remove the (*,G) rule. ### Fixes - Bugfix: SMCRoute segfaults when starting on interface that is up but has no valid IPv4 address yet. Bug introduced in 1.98.3 - Improved error messages including some minor cleanup and readability improvements - Bugfix: Actually check if running as root at startup [v1.98.3][] - 2011-11-05 ------------------------ ### Changes - Check for existence of `asprintf()` to `pidfile()` and add `-D_GNU_SOURCE` to `CPPFLAGS` using `AC_GNU_SOURCE` in `configure.ac` - Cleanup IPv6 `#ifdefs` and replace `IN6_MULTICAST()` with standard `IN6_IS_ADDR_MULTICAST()`. This commit cleans up a lot of the IPv6 related `#ifdefs`, some minor function name refactoring and squash of some `_init` and `_enable` funcs into one for clarity and clearer error messages to the user ### Fixes - Fixes FTBFS when host lacks IPv6 support. [v1.98.1][] - 2011-11-05 ------------------------ ### Fixes - Bugfix: Client failed to send commands to daemon. - Bugfix: Several FTBFS fixed for GCC 4.6.x and -W -Wall [v1.98.0][] - 2011-11-04 ------------------------ SMCRoute2 Announced! ### Changes - Feature: Support for `smcroute.conf` configuration file for daemon. Add support for reading multicast routes and multicast groups from a configuration file. mgroup from IFNAME group MCGROUP mroute from IFNAME source ADDRESS group MCGROUP to IFNAME [IFNAME ...] Both IPv4 and IPv6 address formats are supported - Feature: Support for signals, reload conf file on `SIGHUP` - Feature: Add -n switch to support running smcroute in foreground. - Refactor: Insecure handling of pointers potentially outside array boundaries. - Refactor: Major cleanup, reindent to Linux C-style, for improved maintainability. ### Fixes - Bugfix: Invalid use of varargs in call to `snprintf()`, use `vsnprintf()` instead - Bugfix: Invalid `MRouterFD6` fd crashes smcroute, always check for valid fd - Bugfix: Several minor bugfixes; type mismatches and unused return values [v0.95][] - 2011-08-08 ---------------------- ### Changes - Feature request #313278: Added support for FreeBSD SMCRoute now builds and runs on FreeBSD kernels. This was successfully tested with the FreeBSD port of Debian using FreeBSD 8.1. Other BSD flavours or versions might work too. Any feedback is appreciated. https://alioth.debian.org/tracker/index.php?func=detail&aid=313278 - Feature request #313190: Debug logging is now disabled by default. If you want to enable debug logging again, start the daemon with parameter '-D'. https://alioth.debian.org/tracker/index.php?func=detail&aid=313190 [v0.94.1][] - 2010-01-13 ------------------------ ### Fixes - Bugfix: In case the kernel refuses write access to the file /proc/sys/net/ipv6/conf/all/mc_forwarding, don't let smcroute exit with an error, but proceed with normal operation without writing a "1" to this file. Apparently newer Linux kernels take care for the correct content of this file automatically whenever the IPv6 multicast routing API is initialized by a process. [v0.94][] - 2009-11-01 ---------------------- ### Changes - Added support for IPv6 multicast routing in smcroute. SMCRoute now supports addition and removal of IPv6 multicast routes. It will automatically detect which type of route to add or delete based on the type (IPv4/IPv6) of addresses provided for the add and remove commands. - Added support for joins and leaves ('j'/'l') to IPv6 multicast groups. - Added support for sending to IPv6 multicast addresses to mcsender tool. - Added command line option to mcsender tool to allow user to specify the outgoing interface for datagrams sent. - Added autoconf support for smcroute build. v0.93 - UNRELEASED ------------------ ### Fixes - Fixed the "smcroute looses output interfaces" bug. Carsten Schill, 0.93 unreleased v0.92 - July 2002 ----------------- ### Changes - Increased the number of supported interfaces The 16 interface limit of version 0.90 (interfaces as listed with ifconfig) was to small, especially when alias interfaces where defined. - up to 40 interfaces are no recognized by smcroute - this does not change the number of 'virtual interfaces' supported by the kernel (32) - not all interfaces recognized by smcroute (40) results in a 'virtual interface' of the kernel (32) ### Fixes - Fixed the 'mroute: pending queue full, dropping entries' error Smcroute 0.90 didn't care about the IGMP messages delivered to the UDP socket that establish the MC-Router API. After some time the queue for the sockets filled up and the 'pending queue full' message was send from the kernel. To my knowledge this didn't affect smcroute or the operating system. - version 0.92 reads the ICMP messages now from the UDP socket and logs them to syslog with daemon/debug - smcroute does no further processing of this messages v0.9 - September 2001 --------------------- ### Changes * Added MC group join (-j) and leave (-l) functionality - the options enable/disable the sending of IGMP join messages for a multicast group on a specific interface * Removed the ' [] ...' for the '-r' option - they are not used by the kernel to identify the route to remove - smcroute will not complain about extra arguments for the '-r' option to stay compatible with releases <= 0.80 * Improved error handling for some typical error situations * Added a test script (tst-smcroute.pl) * Added a man page ### Fixes * Fixed some minor bugs v0.8 - August 2001 ------------------ Initial public release by Carsten Schill. [mrdisc]: https://github.com/troglobit/mrdisc [RFC4286]: https://tools.ietf.org/html/rfc4286 [UNRELEASED]: https://github.com/troglobit/smcroute/compare/2.4.2...HEAD [v2.4.2]: https://github.com/troglobit/smcroute/compare/2.4.1...2.4.2 [v2.4.1]: https://github.com/troglobit/smcroute/compare/2.4.1...2.4.1 [v2.4.0]: https://github.com/troglobit/smcroute/compare/2.3.1...2.4.0 [v2.3.1]: https://github.com/troglobit/smcroute/compare/2.3.0...2.3.1 [v2.3.0]: https://github.com/troglobit/smcroute/compare/2.2.2...2.3.0 [v2.2.2]: https://github.com/troglobit/smcroute/compare/2.2.1...2.2.2 [v2.2.1]: https://github.com/troglobit/smcroute/compare/2.2.0...2.2.1 [v2.2.0]: https://github.com/troglobit/smcroute/compare/2.1.1...2.2.0 [v2.1.1]: https://github.com/troglobit/smcroute/compare/2.1.0...2.1.1 [v2.1.0]: https://github.com/troglobit/smcroute/compare/2.0.0...2.1.0 [v2.0.0]: https://github.com/troglobit/smcroute/compare/1.99.2...2.0.0 [v1.99.2]: https://github.com/troglobit/smcroute/compare/1.99.1...1.99.2 [v1.99.1]: https://github.com/troglobit/smcroute/compare/1.99.0...1.99.1 [v1.99.0]: https://github.com/troglobit/smcroute/compare/1.98.3...1.99.0 [v1.98.3]: https://github.com/troglobit/smcroute/compare/1.98.2...1.98.3 [v1.98.2]: https://github.com/troglobit/smcroute/compare/1.98.1...1.98.2 [v1.98.1]: https://github.com/troglobit/smcroute/compare/1.98.0...1.98.1 [v1.98.0]: https://github.com/troglobit/smcroute/compare/0.95...1.98.0 [v0.95]: https://github.com/troglobit/smcroute/compare/0.94.1...0.95 [v0.94.1]: https://github.com/troglobit/smcroute/compare/0.94...0.94.1 [v0.94]: https://github.com/troglobit/smcroute/compare/0.94.1...0.95 smcroute-2.4.2/TODO.md0000644000175000017500000000525613345172574013442 0ustar jockejockeSupport for (re-)enumerating VIFs at runtime -------------------------------------------- Currently the `-t SEC` startup delay option has to be used if not all interfaces are available when `smcrouted` starts. Commonly a problem at boot, but also if adding a pluggable interface (PCMCIA/USB) at runtime. Hence, it would be a great addition to SMCRoute if new interface VIF/MIF mappings could be at least added at runtime. Support for filtering based on source ADDRESS/LEN ------------------------------------------------- When setting up a (*,G/LEN) route it may be necessary to filter out some senders of multicast. The following is a suggestion for how that might look, notice the omitted `source` argument: mroute from eth0 except 192.168.1.0/24 group 225.1.2.0/24 to eth1 eth2 Filtering multiple sources: mroute from eth0 except 192.168.1.0/24,192.168.2.3 group 225.1.2.0/24 to eth1 eth2 Basic support for IGMP/MLD proxying ----------------------------------- In some setups a semi-dynamic behavior is required, but the only signaling available is IGMP/MLD. There exist tools like [igmpproxy][] and [mcproxy][] for this purpose, which do a great job, but why should you need to go elsewhere for your basic multicast routing needs? The idea itself is simple, listen for IGMP/MLD join/leave messages on enabled interfaces and add/remove routes dynamically from an `upstream` marked interface. Possibly an `igmp` flag may be needed as well, for downstream interfaces we should proxy for. Resulting `smcroute.conf` may then look like this: phyint eth0 upstream phyint eth1 igmp **Note:** the IGMP/MLD signaling may also need to be "proxied" to the `upstream` interface, although this could be an optional second step enabled by also setting the `igmp` flag on that `upstream` interface. For more information, see the above mentioned tools and [RFC4605][], which details exactly this use-case. IPv6 support for (*,G) on-demand routing rules ---------------------------------------------- As of SMCRoute v1.99.0 IPv4 support for (*,G) routes was added. Adding support for IPv6 should be fairly straight forward but needs figuring out the kernel interface and some basic testing. IPv6 support for listing joined groups and routes ------------------------------------------------- The current `smcroutectl show` command only lists IPv4 groups and routes. Adding support for IPv6 as well is quite straight forward, but requires someone with IPv6 knowledge. Add unit tests -------------- ./configure --enable-maintainer-mode make test [igmpproxy]: https://github.com/pali/igmpproxy [mcproxy]: https://github.com/mcproxy/mcproxy [RFC4605]: https://www.ietf.org/rfc/rfc4605.txt smcroute-2.4.2/.travis.yml0000644000175000017500000000310613345172574014454 0ustar jockejocke# Travis CI integration # Defaults to GNU GCC and autotools: ./configure && make && make test language: c cache: ccache # Use docker for quicker builds, it now allows https://docs.travis-ci.com/user/apt/ sudo: false # Test build with both GCC and Clang (LLVM) # XXX: REMEMBER TO DISABLE CLANG WHEN RUNNING CONVERITY SCAN # XXX: https://github.com/travis-ci/travis-ci/issues/1975 compiler: - gcc - clang env: global: # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created # via the "travis encrypt" command using the project repo's public key - secure: "BOySKarfB7ySP4SQ9vpeLz/Yrle3cxGYe+f5ep6OVk42M2bmonX27FdgVF5oKpII6Sq5hXrhoNrwRpkYRj+G5OUy4lguOALJ1AAtRpvlrfXCCL5Vxe9TDBNpmU/AfOcZoiGiR5Vpv96CIIoqvnB6XQJMMfTa2JHvU7tZCS2p9lU=" addons: apt: packages: - tree - libcap-dev coverity_scan: project: name: "troglobit/smcroute" description: "SMCRoute -- Static Multicast Routing Daemon" notification_email: troglobit@gmail.com build_command_prepend: ./autogen.sh && ./configure build_command: make -j5 clean all branch_pattern: dev # We don't store generated files (configure and Makefile) in GIT, # so we must customize the default build script to run ./autogen.sh script: - ./autogen.sh - ./configure --disable-silent-rules --enable-mrdisc --prefix= - make clean - make -j5 - make - DESTDIR=~/tmp make install-strip - tree ~/tmp - ldd ~/tmp/sbin/smcrouted - size ~/tmp/sbin/smcrouted - ldd ~/tmp/sbin/smcroutectl - size ~/tmp/sbin/smcroutectl - ~/tmp/sbin/smcrouted -h - ~/tmp/sbin/smcroutectl -h smcroute-2.4.2/smcroute.init0000644000175000017500000000361413345172574015075 0ustar jockejocke#!/bin/sh # ### BEGIN INIT INFO # Provides: smcroute # Required-Start: $syslog $local_fs $network $remote_fs # Required-Stop: $syslog $local_fs $network $remote_fs # Should-Start: # Should-Stop: # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Static multicast router daemon # Description: SMCRoute is a daemon and command line tool to manipulate # the multicast routing table of a UNIX kernel. It can be # used as an alternative to dynamic multicast routers like # pimd or mrouted in situations where static routes should # be maintained and/or no proper IGMP signaling exists. ### END INIT INFO PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/sbin/smcrouted DAEMON_OPTS= NAME=smcrouted DESC="static multicast router daemon" test -x $DAEMON || exit 0 # Include smcroute defaults if available if [ -f /etc/default/smcroute ] ; then . /etc/default/smcroute fi . /lib/lsb/init-functions start() { local error local result log_begin_msg "Starting $DESC: $NAME" error=$(start-stop-daemon --start --quiet \ --exec $DAEMON -- $DAEMON_OPTS 2>&1) result=$? if [ "$result" = "0" -a -x /etc/smcroute/startup.sh ]; then /etc/smcroute/startup.sh else log_progress_msg ${error#ERRO: } fi log_end_msg $result } stop() { local error local result log_begin_msg "Stopping $DESC: $NAME" error=$($DAEMON -k 2>&1) result=$? log_progress_msg ${error#ERRO: } log_end_msg $result } case "$1" in start) start ;; stop) stop ;; restart|force-reload) # # If the "reload" option is implemented, move the "force-reload" # option to the "reload" entry above. If not, "force-reload" is # just the same as "restart". # stop start ;; *) N=/etc/init.d/$NAME echo "Usage: $N {start|stop|restart|force-reload}" >&2 exit 1 ;; esac exit 0 smcroute-2.4.2/src/0000755000175000017500000000000013345172574013132 5ustar jockejockesmcroute-2.4.2/src/mrdisc.c0000644000175000017500000001071713345172574014565 0ustar jockejocke/* Multicast Router Discovery Protocol, RFC4286 (IPv4 only) * * Copyright (C) 2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" #include #include #include #include #include "log.h" #include "inet.h" #include "mrdisc.h" #include "queue.h" #include "timer.h" #include "util.h" struct ifsock { LIST_ENTRY(ifsock) link; short vif; size_t refcnt; int sd; char ifname[IFNAMSIZ + 1]; }; static uint8_t interval = 20; static LIST_HEAD(, ifsock) il = LIST_HEAD_INITIALIZER(); static struct ifsock *find(int sd) { struct ifsock *entry; LIST_FOREACH(entry, &il, link) { if (entry->sd == sd) return entry; } return NULL; } static void announce(struct ifsock *entry) { if (!entry) return; smclog(LOG_DEBUG, "Sending mrdisc announcement on %s", entry->ifname); if (inet_send(entry->sd, IGMP_MRDISC_ANNOUNCE, interval)) { if (ENETUNREACH == errno || ENETDOWN == errno) return; /* Link down, ignore. */ smclog(LOG_WARNING, "Failed sending IGMP control message 0x%x on %s, error %d: %s", IGMP_MRDISC_ANNOUNCE, entry->ifname, errno, strerror(errno)); } } int mrdisc_init(int period) { interval = period; if (timer_add(interval, mrdisc_send, NULL) < 0) { smclog(LOG_ERR, "Failed starting mrdisc announcement timer."); return -1; } return 0; } int mrdisc_exit(void) { struct ifsock *entry, *tmp; LIST_FOREACH_SAFE(entry, &il, link, tmp) { inet_close(entry->sd); LIST_REMOVE(entry, link); free(entry); } return 0; } /* * Register possible interface for mrdisc */ int mrdisc_register(char *ifname, short vif) { struct ifsock *entry; LIST_FOREACH(entry, &il, link) { if (!strcmp(entry->ifname, ifname)) { errno = EEXIST; return -1; } } entry = malloc(sizeof(*entry)); if (!entry) return -1; entry->refcnt = 0; entry->vif = vif; entry->sd = -1; strlcpy(entry->ifname, ifname, sizeof(entry->ifname)); LIST_INSERT_HEAD(&il, entry, link); return 0; } /* * Unregister mrdisc interface, regardless of refcnt */ int mrdisc_deregister(short vif) { struct ifsock *entry; LIST_FOREACH(entry, &il, link) { if (entry->vif == vif) { if (entry->refcnt) inet_close(entry->sd); LIST_REMOVE(entry, link); free(entry); return 0; } } errno = ENOENT; return -1; } /* * Enable multicast router discovery for inbound interface */ int mrdisc_enable(short vif) { struct ifsock *entry; LIST_FOREACH(entry, &il, link) { if (entry->vif == vif) { if (entry->refcnt == 0) { entry->sd = inet_open(entry->ifname); if (entry->sd < 0) return -1; entry->refcnt++; announce(entry); } return 0; } } errno = ENOENT; return -1; } /* * Disable multicast router discovery for inbound interface */ int mrdisc_disable(short vif) { struct ifsock *entry; LIST_FOREACH(entry, &il, link) { if (entry->vif == vif) { if (entry->refcnt > 0) entry->refcnt--; if (entry->refcnt == 0) inet_close(entry->sd); return 0; } } errno = ENOENT; return -1; } void mrdisc_send(void *arg) { struct ifsock *entry; (void)arg; LIST_FOREACH(entry, &il, link) { if (entry->refcnt == 0) { smclog(LOG_DEBUG, "Skipping mrdisc on inactive %s", entry->ifname); continue; } announce(entry); } } void mrdisc_recv(int sd, void *arg) { struct ifsock *entry; (void)arg; /* Verify we are reading from an active socket */ entry = find(sd); if (!entry) { smclog(LOG_WARNING, "Bug in mrdisc, received frame on unknown socket %d", sd); return; } /* Only do a "dummy" read on inactive interfaces */ if (inet_recv(sd, entry->refcnt ? interval : 0)) smclog(LOG_WARNING, "Failed receiving IGMP control message from %s", entry->ifname); } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/ifvc.h0000644000175000017500000000276213345172574014241 0ustar jockejocke/* Physical and virtual interface API */ #ifndef SMCROUTE_IFVC_H_ #define SMCROUTE_IFVC_H_ #include #include #include #define DEFAULT_THRESHOLD 1 /* Packet TTL must be at least 1 to pass */ struct iface { char name[IFNAMSIZ + 1]; struct in_addr inaddr; /* == 0 for non IP interfaces */ u_short ifindex; /* Physical interface index */ short flags; short vif; short mif; uint8_t mrdisc; /* Enable multicast router discovery */ uint8_t threshold; /* TTL threshold: 1-255, default: 1 */ }; struct ifmatch { unsigned int iter; unsigned int match_count; }; void iface_init (void); void iface_exit (void); struct iface *iface_iterator (int first); struct iface *iface_find_by_name (const char *ifname); struct iface *iface_find_by_vif (int vif); void iface_match_init (struct ifmatch *state); struct iface *iface_match_by_name (const char *ifname, struct ifmatch *state); int ifname_is_wildcard (const char *ifname); int iface_get_vif (struct iface *iface); int iface_get_mif (struct iface *iface); int iface_match_vif_by_name (const char *ifname, struct ifmatch *state, struct iface **found); int iface_match_mif_by_name (const char *ifname, struct ifmatch *state, struct iface **found); #endif /* SMCROUTE_IFVC_H_ */ /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/cap.c0000644000175000017500000000735713345172574014055 0ustar jockejocke/* Daemon capability API * * Copyright (C) 2016 Markus Palonen * Copyright (C) 2016-2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" #include #include #include #include #include #include #ifdef HAVE_SYS_PRCTL_H # include #endif #include #include #include #include "log.h" static const char *username = NULL; static int whoami(const char *user, const char *group, uid_t *uid, gid_t *gid) { struct passwd *pw; struct group *gr; if (!user) return -1; /* Get target UID and target GID */ pw = getpwnam(user); if (!pw) { smclog(LOG_ERR, "User '%s' not found!", user); return -1; } *uid = pw->pw_uid; *gid = pw->pw_gid; if (group) { gr = getgrnam(group); if (!gr) { smclog(LOG_ERR, "Group '%s' not found!", group); return -1; } *gid = gr->gr_gid; } /* Valid user */ username = user; return 0; } static int setcaps(cap_value_t cv) { int result; cap_t caps = cap_get_proc(); cap_value_t cap_list = cv; cap_clear(caps); cap_set_flag(caps, CAP_PERMITTED, 1, &cap_list, CAP_SET); cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap_list, CAP_SET); result = cap_set_proc(caps); cap_free(caps); return result; } /* * Drop root privileges except capability CAP_NET_ADMIN. This capability * enables the thread (among other networking related things) to add and * remove multicast routes */ static int drop_root(const char *user, uid_t uid, gid_t gid) { #ifdef HAVE_SYS_PRCTL_H /* Allow this process to preserve permitted capabilities */ if (prctl(PR_SET_KEEPCAPS, 1) == -1) { smclog(LOG_ERR, "Cannot preserve capabilities: %s", strerror(errno)); return -1; } #endif /* Set supplementary groups, GID and UID */ if (initgroups(user, gid) == -1) { smclog(LOG_ERR, "Failed setting supplementary groups: %s", strerror(errno)); return -1; } if (setgid(gid) == -1) { smclog(LOG_ERR, "Failed setting group ID %d: %s", gid, strerror(errno)); return -1; } if (setuid(uid) == -1) { smclog(LOG_ERR, "Failed setting user ID %d: %s", uid, strerror(errno)); return -1; } /* Clear all capabilities except CAP_NET_ADMIN */ if (setcaps(CAP_NET_ADMIN)) { smclog(LOG_ERR, "Failed setting `CAP_NET_ADMIN`: %s", strerror(errno)); return -1; } /* Try to regain root UID, should not work at this point. */ if (setuid(0) == 0) return -1; return 0; } void cap_drop_root(uid_t uid, gid_t gid) { if (username) { if (drop_root(username, uid, gid) == -1) smclog(LOG_WARNING, "Could not drop root privileges, continuing as root."); else smclog(LOG_INFO, "Root privileges dropped: Current UID %u, GID %u.", getuid(), getgid()); } } void cap_set_user(char *arg, uid_t *uid, gid_t *gid) { char *ptr; ptr = strdup(arg); if (!ptr) err(1, "Failed parsing user:group argument"); if (whoami(strtok(ptr, ":"), strtok(NULL, ":"), uid, gid)) err(1, "Invalid user:group argument"); free(ptr); } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/mcgroup.c0000644000175000017500000002534113345172574014757 0ustar jockejocke/* Multicast group management (join/leave) API * * Copyright (C) 2001-2005 Carsten Schill * Copyright (C) 2006-2009 Julien BLACHE * Copyright (C) 2009 Todd Hayton * Copyright (C) 2009-2011 Micha Lenk * Copyright (C) 2011-2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" #include #include #include #include #include #include #ifdef HAVE_LINUX_FILTER_H #include #endif #include "log.h" #include "ipc.h" #include "ifvc.h" #include "queue.h" #include "socket.h" struct mgroup { LIST_ENTRY(mgroup) link; short inbound; struct in_addr source; struct in_addr group; }; /* * Track IGMP join, any-source and source specific */ LIST_HEAD(, mgroup) mgroup_static_list = LIST_HEAD_INITIALIZER(); static int mcgroup4_socket = -1; #ifdef HAVE_LINUX_FILTER_H /* Extremely simple "drop everything" filter for Linux so we do not get * a copy each packet of every routed group we join. */ static struct sock_filter filter[] = { { 0x6, 0, 0, 0x00000000 }, }; static struct sock_fprog fprog = { sizeof(filter) / sizeof(filter[0]), filter }; #endif /* HAVE_LINUX_FILTER_H */ static struct iface *match_valid_iface(const char *ifname, struct ifmatch *state) { struct iface *iface = iface_match_by_name(ifname, state); if (!iface && !state->match_count) smclog(LOG_DEBUG, "unknown interface %s", ifname); return iface; } static void list_add(struct iface *iface, struct in_addr source, struct in_addr group) { struct mgroup *entry; entry = malloc(sizeof(*entry)); if (!entry) { smclog(LOG_ERR, "Failed adding mgroup to list: %s", strerror(errno)); return; } memset(entry, 0, sizeof(*entry)); entry->inbound = iface->vif; entry->source = source; entry->group = group; LIST_INSERT_HEAD(&mgroup_static_list, entry, link); } static void list_rem(struct iface *iface, struct in_addr source, struct in_addr group) { struct mgroup *entry, *tmp; LIST_FOREACH_SAFE(entry, &mgroup_static_list, link, tmp) { if (entry->inbound != iface->vif || entry->source.s_addr != source.s_addr || entry->group.s_addr != group.s_addr) continue; LIST_REMOVE(entry, link); free(entry); } } static void mcgroup4_init(void) { if (mcgroup4_socket < 0) { mcgroup4_socket = socket_create(AF_INET, SOCK_DGRAM, 0, NULL, NULL); if (mcgroup4_socket < 0) { smclog(LOG_ERR, "failed creating IPv4 mcgroup socket: %s", strerror(errno)); exit(255); } #ifdef HAVE_LINUX_FILTER_H if (setsockopt(mcgroup4_socket, SOL_SOCKET, SO_ATTACH_FILTER, &fprog, sizeof(fprog)) < 0) smclog(LOG_WARNING, "failed setting IPv4 socket filter, continuing anyway"); #endif } } static int mcgroup_join_leave_ipv4(int sd, int cmd, const char *ifname, struct in_addr group) { int opt, ret = 0; struct ip_mreq mreq; struct iface *iface; struct ifmatch state; struct in_addr any_src; any_src.s_addr = htonl(INADDR_ANY); iface_match_init(&state); while ((iface = match_valid_iface(ifname, &state))) { if (cmd == 'j') { list_add(iface, any_src, group); opt = IP_ADD_MEMBERSHIP; } else { list_rem(iface, any_src, group); opt = IP_DROP_MEMBERSHIP; } mreq.imr_multiaddr.s_addr = group.s_addr; mreq.imr_interface.s_addr = iface->inaddr.s_addr; if (setsockopt(sd, IPPROTO_IP, opt, &mreq, sizeof(mreq))) { if (EADDRNOTAVAIL == errno && cmd == 'l') smclog(LOG_DEBUG, "failed leaving group, not a member of %s", inet_ntoa(group)); else if (EADDRINUSE == errno && cmd == 'j') smclog(LOG_DEBUG, "failed joining group, already member of %s", inet_ntoa(group)); else smclog(LOG_DEBUG, "failed group %s: %s", cmd == 'j' ? "join" : "leave", strerror(errno)); ret = 1; } } if (!state.match_count) return 1; else return ret; } static int mcgroup_join_leave_ssm_ipv4(int sd, int cmd, const char *ifname, struct in_addr source, struct in_addr group) { #ifndef IP_ADD_SOURCE_MEMBERSHIP smclog(LOG_WARNING, "Source specific join/leave not supported, ignoring source %s", inet_ntoa(source)); return mcgroup_join_leave_ipv4(sd, cmd, ifname, group); #else int opt, ret = 0; struct ip_mreq_source mreqsrc; struct iface *iface; struct ifmatch state; iface_match_init(&state); while ((iface = match_valid_iface(ifname, &state))) { if (cmd == 'j') { list_add(iface, source, group); opt = IP_ADD_SOURCE_MEMBERSHIP; } else { list_rem(iface, source, group); opt = IP_DROP_SOURCE_MEMBERSHIP; } mreqsrc.imr_multiaddr.s_addr = group.s_addr; mreqsrc.imr_sourceaddr.s_addr = source.s_addr; mreqsrc.imr_interface.s_addr = iface->inaddr.s_addr; if (setsockopt(sd, IPPROTO_IP, opt, &mreqsrc, sizeof(mreqsrc))) { if (EADDRNOTAVAIL == errno && cmd == 'j') smclog(LOG_DEBUG, "failed join, already member of %s", inet_ntoa(group)); else if (EADDRNOTAVAIL == errno && cmd == 'l') smclog(LOG_DEBUG, "failed leave, not a member of %s from that source", inet_ntoa(group)); else if (EINVAL == errno && cmd == 'l') smclog(LOG_DEBUG, "failed leave, not a member of %s", inet_ntoa(group)); else smclog(LOG_WARNING, "failed %s: %s", cmd == 'j' ? "join" : "leave", strerror(errno)); ret = 1; } } if (!state.match_count) return 1; else return ret; #endif } /* * Joins the MC group with the address 'group' on the interface 'ifname'. * The join is bound to the UDP socket 'sd', so if this socket is * closed the membership is dropped. * * returns: - 0 if the function succeeds * - 1 if parameters are wrong or the join fails */ int mcgroup4_join(const char *ifname, struct in_addr source, struct in_addr group) { mcgroup4_init(); if (!source.s_addr) return mcgroup_join_leave_ipv4(mcgroup4_socket, 'j', ifname, group); return mcgroup_join_leave_ssm_ipv4(mcgroup4_socket, 'j', ifname, source, group); } /* * Leaves the MC group with the address 'group' on the interface 'ifname'. * * returns: - 0 if the function succeeds * - 1 if parameters are wrong or the join fails */ int mcgroup4_leave(const char *ifname, struct in_addr source, struct in_addr group) { mcgroup4_init(); if (!source.s_addr) return mcgroup_join_leave_ipv4(mcgroup4_socket, 'l', ifname, group); return mcgroup_join_leave_ssm_ipv4(mcgroup4_socket, 'l', ifname, source, group); } /* * Close IPv4 multicast socket to kernel to leave any joined groups */ void mcgroup4_disable(void) { struct mgroup *entry, *tmp; if (mcgroup4_socket != -1) { socket_close(mcgroup4_socket); mcgroup4_socket = -1; } LIST_FOREACH_SAFE(entry, &mgroup_static_list, link, tmp) { LIST_REMOVE(entry, link); free(entry); } } #ifdef HAVE_IPV6_MULTICAST_HOST static int mcgroup6_socket = -1; static void mcgroup6_init(void) { if (mcgroup6_socket < 0) { mcgroup6_socket = socket_create(AF_INET6, SOCK_DGRAM, IPPROTO_UDP, NULL, NULL); if (mcgroup6_socket < 0) { smclog(LOG_WARNING, "failed creating IPv6 mcgroup socket: %s", strerror(errno)); return; } #ifdef HAVE_LINUX_FILTER_H if (setsockopt(mcgroup6_socket, SOL_SOCKET, SO_ATTACH_FILTER, &fprog, sizeof(fprog)) < 0) smclog(LOG_WARNING, "failed setting IPv6 socket filter, continuing anyway"); #endif } } static int mcgroup_join_leave_ipv6(int sd, int cmd, const char *ifname, struct in6_addr group) { int ret = 0; struct ipv6_mreq mreq; struct iface *iface; struct ifmatch state; iface_match_init(&state); while ((iface = match_valid_iface(ifname, &state))) { mreq.ipv6mr_multiaddr = group; mreq.ipv6mr_interface = iface->ifindex; if (setsockopt(sd, IPPROTO_IPV6, cmd == 'j' ? IPV6_JOIN_GROUP : IPV6_LEAVE_GROUP, &mreq, sizeof(mreq))) { char buf[INET6_ADDRSTRLEN]; if (EADDRNOTAVAIL == errno && cmd == 'l') smclog(LOG_DEBUG, "failed leaving group, not a member of %s", inet_ntop(AF_INET6, &group, buf, sizeof(buf))); else if (EADDRINUSE == errno && cmd == 'j') smclog(LOG_DEBUG, "failed joining group, already member of %s", inet_ntop(AF_INET6, &group, buf, sizeof(buf))); else smclog(LOG_DEBUG, "failed group %s: %s", cmd == 'j' ? "join" : "leave", strerror(errno)); ret = 1; } } if (!state.match_count) return 1; else return ret; } /* * Joins the MC group with the address 'group' on the interface 'ifname'. * The join is bound to the UDP socket 'sd', so if this socket is * closed the membership is dropped. * * returns: - 0 if the function succeeds * - 1 if parameters are wrong or the join fails */ int mcgroup6_join(const char *ifname, struct in6_addr group) { mcgroup6_init(); return mcgroup_join_leave_ipv6(mcgroup6_socket, 'j', ifname, group); } /* * Leaves the MC group with the address 'group' on the interface 'ifname'. * * returns: - 0 if the function succeeds * - 1 if parameters are wrong or the join fails */ int mcgroup6_leave(const char *ifname, struct in6_addr group) { mcgroup6_init(); return mcgroup_join_leave_ipv6(mcgroup6_socket, 'l', ifname, group); } #endif /* HAVE_IPV6_MULTICAST_HOST */ /* * Close IPv6 multicast socket to kernel to leave any joined groups */ void mcgroup6_disable(void) { #ifdef HAVE_IPV6_MULTICAST_HOST if (mcgroup6_socket != -1) { socket_close(mcgroup6_socket); mcgroup6_socket = -1; } #endif /* HAVE_IPV6_MULTICAST_HOST */ } #ifdef ENABLE_CLIENT /* Write all joined IGMP/MLD groups to client socket */ int mcgroup_show(int sd, int detail) { char buf[256]; char sg[INET_ADDRSTRLEN * 2 + 5]; struct mgroup *g; (void)detail; LIST_FOREACH(g, &mgroup_static_list, link) { char src[INET_ADDRSTRLEN] = "*"; char grp[INET_ADDRSTRLEN]; struct iface *i; i = iface_find_by_vif(g->inbound); if (g->source.s_addr != htonl(INADDR_ANY)) inet_ntop(AF_INET, &g->source, src, sizeof(src)); inet_ntop(AF_INET, &g->group, grp, sizeof(grp)); snprintf(sg, sizeof(sg), "(%s, %s)", src, grp); snprintf(buf, sizeof(buf), "%-34s %s\n", sg, i->name); if (ipc_send(sd, buf, strlen(buf)) < 0) { smclog(LOG_ERR, "Failed sending reply to client: %s", strerror(errno)); return -1; } } return 0; } #endif /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/timer.c0000644000175000017500000000763613345172574014432 0ustar jockejocke/* Timer helper functions * * Copyright (C) 2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include #include #include /* memset() */ #include /* malloc() */ #include /* read()/write() */ #include #include "log.h" #include "queue.h" #include "socket.h" /* * TODO * - Timers should ideally be sorted in priority order, and/or * - Investigate using the pipe to notify which timer expired */ struct timer { LIST_ENTRY(timer) link; int period; /* period time in seconds */ struct timespec timeout; void (*cb)(void *arg); void *arg; }; static timer_t timer; static int timerfd[2]; static LIST_HEAD(, timer) tl = LIST_HEAD_INITIALIZER(); static void set(struct timer *t, struct timespec *now) { t->timeout.tv_sec = now->tv_sec + t->period; t->timeout.tv_nsec = now->tv_nsec; } static int expired(struct timer *t, struct timespec *now) { if (t->timeout.tv_sec < now->tv_sec) return 1; if (t->timeout.tv_sec == now->tv_sec && t->timeout.tv_nsec <= now->tv_nsec) return 1; return 0; } static struct timer *compare(struct timer *a, struct timer *b) { if (a->timeout.tv_sec <= b->timeout.tv_sec) { if (a->timeout.tv_nsec <= b->timeout.tv_nsec) return a; return b; } return b; } static int start(struct timespec *now) { struct timer *next, *entry; struct itimerspec it; if (LIST_EMPTY(&tl)) return -1; next = LIST_FIRST(&tl); LIST_FOREACH(entry, &tl, link) next = compare(next, entry); memset(&it, 0, sizeof(it)); it.it_value.tv_sec = next->timeout.tv_sec - now->tv_sec; it.it_value.tv_nsec = 0; timer_settime(timer, 0, &it, NULL); return 0; } /* callback for activity on pipe */ static void run(int sd, void *arg) { char dummy; struct timespec now; struct timer *entry; (void)arg; if (read(sd, &dummy, 1) < 0) smclog(LOG_DEBUG, "Failed read(pipe): %s", strerror(errno)); clock_gettime(CLOCK_MONOTONIC, &now); LIST_FOREACH(entry, &tl, link) { if (expired(entry, &now)) { if (entry->cb) entry->cb(entry->arg); set(entry, &now); } } start(&now); } /* write to pipe to create an event for select() on SIGALRM */ static void handler(int signo) { (void)signo; if (write(timerfd[1], "!", 1) < 0) smclog(LOG_DEBUG, "Failed write(pipe): %s", strerror(errno)); } /* * register signal pipe and callbacks */ int timer_init(void) { struct sigaction sa; if (pipe(timerfd)) return -1; if (socket_register(timerfd[0], run, NULL) < 0) return -1; if (socket_register(timerfd[1], NULL, NULL) < 0) return -1; sa.sa_handler = handler; sa.sa_flags = 0; sigemptyset(&sa.sa_mask); sigaction(SIGALRM, &sa, NULL); if (timer_create(CLOCK_MONOTONIC, NULL, &timer)) { socket_close(timerfd[0]); socket_close(timerfd[1]); return -1; } return 0; } /* * create periodic timer (seconds) */ int timer_add(int period, void (*cb)(void *), void *arg) { struct timer *t; struct timespec now; if (clock_gettime(CLOCK_MONOTONIC, &now) < 0) return -1; t = malloc(sizeof(*t)); if (!t) return -1; t->period = period; t->cb = cb; t->arg = arg; set(t, &now); LIST_INSERT_HEAD(&tl, t, link); return start(&now); } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/script.c0000644000175000017500000000555513345172574014614 0ustar jockejocke/* Run script when a (*,G) group is matched and installed in the kernel * * Copyright (c) 2011-2017 Joachim Nilsson * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include #include /* sigemptyset(), sigaction() */ #include #include #include #include #include #include #include /* AF_INET, AF_INET6 */ #include "log.h" #include "script.h" static char *exec = NULL; static pid_t script = 0; static void handler(int signo) { int status; pid_t pid = 1; (void)signo; while (pid > 0) { pid = waitpid(-1, &status, WNOHANG); if (pid == script) { script = 0; /* Script exit OK. */ if (WIFEXITED(status)) continue; /* Script exit status ... */ status = WEXITSTATUS(status); if (status) smclog(LOG_WARNING, "Script %s returned error: %d", exec, status); } } } int script_init(char *script) { struct sigaction sa; if (script && access(script, X_OK)) { smclog(LOG_ERR, "%s is not executable.", script); return -1; } exec = script; sa.sa_handler = handler; sa.sa_flags = 0; sigemptyset(&sa.sa_mask); sigaction(SIGCHLD, &sa, NULL); return 0; } int script_exec(struct mroute *mroute) { pid_t pid; char *argv[] = { exec, "reload", NULL, }; if (!exec) return 0; if (mroute) { char source[INET6_ADDRSTRLEN], group[INET6_ADDRSTRLEN]; if (mroute->version == 4) { inet_ntop(AF_INET, &mroute->u.mroute4.source.s_addr, source, INET_ADDRSTRLEN); inet_ntop(AF_INET, &mroute->u.mroute4.group.s_addr, group, INET_ADDRSTRLEN); } else { inet_ntop(AF_INET6, &mroute->u.mroute6.source.sin6_addr, source, INET_ADDRSTRLEN); inet_ntop(AF_INET6, &mroute->u.mroute6.group.sin6_addr, group, INET_ADDRSTRLEN); } setenv("source", source, 1); setenv("group", group, 1); argv[1] = "install"; } else { unsetenv("source"); unsetenv("group"); } pid = fork(); if (!pid) _exit(execv(argv[0], argv)); if (pid < 0) { smclog(LOG_WARNING, "Cannot start script %s: %s", exec, strerror(errno)); return -1; } script = pid; return 0; } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/Makefile.am0000644000175000017500000000202013345172574015160 0ustar jockejockeAUTOMAKE_OPTIONS = subdir-objects sbin_PROGRAMS = smcrouted smcrouted_SOURCES = smcrouted.c mroute.c mroute.h ifvc.c ifvc.h mcgroup.c mcgroup.h \ script.c script.h util.h log.c log.h pidfile.c socket.c socket.h \ timer.c timer.h queue.h smcrouted_CFLAGS = -W -Wall -Wextra -Wno-deprecated-declarations smcrouted_CPPFLAGS = -D_ATFILE_SOURCE -D_INCOMPLETE_XOPEN_C063 smcrouted_CPPFLAGS += -DSYSCONFDIR=\"@sysconfdir@\" -DLOCALSTATEDIR=\"@localstatedir@\" smcrouted_LDADD = $(LIBS) $(LIBOBJS) @LIB_RT@ @LIB_PTHREAD@ if USE_LIBCAP smcrouted_SOURCES += cap.c cap.h smcrouted_LDADD += -lcap endif if USE_MRDISC smcrouted_SOURCES += mrdisc.c mrdisc.h inet.c inet.h endif if HAVE_CLIENT sbin_PROGRAMS += smcroutectl smcrouted_SOURCES += msg.c msg.h ipc.c ipc.h smcroutectl_SOURCES = smcroutectl.c msg.h util.h smcroutectl_CFLAGS = -W -Wall -Wextra smcroutectl_CPPFLAGS = -DLOCALSTATEDIR=\"@localstatedir@\" endif if USE_DOTCONF smcrouted_SOURCES += conf.c conf.h endif smcroute-2.4.2/src/ifvc.c0000644000175000017500000002076713345172574014241 0ustar jockejocke/* Physical and virtual interface API * * Copyright (C) 2001-2005 Carsten Schill * Copyright (C) 2006-2009 Julien BLACHE * Copyright (C) 2009 Todd Hayton * Copyright (C) 2009-2011 Micha Lenk * Copyright (C) 2011-2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include #include #include #include #include #include #include #include #include #include "log.h" #include "ifvc.h" #include "util.h" static unsigned int num_ifaces = 0, num_ifaces_alloc = 0; static struct iface *iface_list = NULL; /** * iface_init - Setup vector of active interfaces * * Builds up a vector with active system interfaces. Must be called * before any other interface functions in this module! */ void iface_init(void) { struct iface *iface; struct ifaddrs *ifaddr, *ifa; num_ifaces = 0; if (iface_list) free(iface_list); num_ifaces_alloc = 1; iface_list = calloc(num_ifaces_alloc, sizeof(struct iface)); if (!iface_list) { smclog(LOG_ERR, "Failed allocating space for interfaces: %s", strerror(errno)); exit(255); } if (getifaddrs(&ifaddr) == -1) { smclog(LOG_ERR, "Failed retrieving interface addresses: %s", strerror(errno)); exit(255); } for (ifa = ifaddr; ifa; ifa = ifa->ifa_next) { /* Check if already added? */ if ((iface = iface_find_by_name(ifa->ifa_name))) { if (!iface->inaddr.s_addr && ifa->ifa_addr && ifa->ifa_addr->sa_family == AF_INET) iface->inaddr = ((struct sockaddr_in *)ifa->ifa_addr)->sin_addr; continue; } /* Allocate more space? */ if (num_ifaces == num_ifaces_alloc) { num_ifaces_alloc *= 2; iface_list = realloc(iface_list, num_ifaces_alloc * sizeof(struct iface)); if (!iface_list) { smclog(LOG_ERR, "Failed allocating space for interfaces: %s", strerror(errno)); exit(255); } /* Initialize 2nd half of interface list */ memset(&iface_list[num_ifaces], 0, num_ifaces * sizeof(struct iface)); } /* Copy data from interface iterator 'ifa' */ iface = &iface_list[num_ifaces++]; strlcpy(iface->name, ifa->ifa_name, sizeof(iface->name)); /* * Only copy interface address if inteface has one. On * Linux we can enumerate VIFs using ifindex, useful for * DHCP interfaces w/o any address yet. Other UNIX * systems will fail on the MRT_ADD_VIF ioctl. if the * kernel cannot find a matching interface. */ if (ifa->ifa_addr && ifa->ifa_addr->sa_family == AF_INET) iface->inaddr = ((struct sockaddr_in *)ifa->ifa_addr)->sin_addr; iface->flags = ifa->ifa_flags; iface->ifindex = if_nametoindex(iface->name); iface->vif = -1; iface->mif = -1; iface->mrdisc = 0; iface->threshold = DEFAULT_THRESHOLD; } freeifaddrs(ifaddr); } /** * iface_exit - Tear down interface list and clean up */ void iface_exit(void) { if (iface_list) { free(iface_list); iface_list = NULL; } } /** * iface_find_by_name - Find an interface by name * @ifname: Interface name * * Returns: * Pointer to a @struct iface of the matching interface, or %NULL if no * interface exists, or is up. If more than one interface exists, chose * the interface that corresponds to a virtual interface. */ struct iface *iface_find_by_name(const char *ifname) { unsigned int i; struct iface *iface; struct iface *candidate = NULL; if (!ifname) return NULL; for (i = 0; i < num_ifaces; i++) { iface = &iface_list[i]; if (!strcmp(ifname, iface->name)) { if (iface->vif >= 0) return iface; candidate = iface; } } return candidate; } /** * iface_match_init - Initialize interface matching iterator * @state: Iterator state to be initialized */ void iface_match_init(struct ifmatch *state) { state->iter = 0; state->match_count = 0; } /** * iface_match_by_name - Find matching interfaces by name pattern * @ifname: Interface name pattern * @state: Iterator state * * Interface name patterns use iptables- syntax, i.e. perform prefix * match with a trailing '+' matching anything. * * Returns: * Pointer to a @struct iface of the next matching interface, or %NULL if no * (more) interfaces exist (or are up). */ struct iface *iface_match_by_name(const char *ifname, struct ifmatch *state) { struct iface *iface; unsigned int match_len = UINT_MAX; if (!ifname) return NULL; if (ifname_is_wildcard(ifname)) match_len = strlen(ifname) - 1; for (; state->iter < num_ifaces; state->iter++) { iface = &iface_list[state->iter]; if (!strncmp(ifname, iface->name, match_len)) { state->iter++; state->match_count++; return iface; } } return NULL; } /** * ifname_is_wildcard - Check whether interface name is a wildcard * * Returns: * %TRUE(1) if wildcard, %FALSE(0) if normal interface name */ int ifname_is_wildcard(const char *ifname) { return (ifname && ifname[0] && ifname[strlen(ifname) - 1] == '+'); } /** * iface_find_by_vif - Find by virtual interface index * @vif: Virtual multicast interface index * * Returns: * Pointer to a @struct iface of the requested interface, or %NULL if no * interface matching @vif exists. */ struct iface *iface_find_by_vif(int vif) { size_t i; for (i = 0; i < num_ifaces; i++) { struct iface *iface = &iface_list[i]; if (iface->vif >= 0 && iface->vif == vif) return iface; } return NULL; } /** * iface_iterator - Interface iterator * @first: Set to start from beginning * * Returns: * Pointer to a @struct iface, or %NULL when no more interfaces exist. */ struct iface *iface_iterator(int first) { static size_t i = 0; if (first) i = 0; if (i >= num_ifaces) return NULL; return &iface_list[i++]; } /** * iface_get_vif - Get virtual interface index for an interface (IPv4) * @iface: Pointer to a &struct iface interface * * Returns: * The virtual interface index if the interface is known and registered * with the kernel, or -1 if no virtual interface exists. */ int iface_get_vif(struct iface *iface) { if (!iface) return -1; return iface->vif; } /** * iface_get_mif - Get virtual interface index for an interface (IPv6) * @iface: Pointer to a &struct iface interface * * Returns: * The virtual interface index if the interface is known and registered * with the kernel, or -1 if no virtual interface exists. */ int iface_get_mif(struct iface *iface __attribute__ ((unused))) { #ifndef HAVE_IPV6_MULTICAST_ROUTING return -1; #else if (!iface) return -1; return iface->mif; #endif } /** * iface_match_vif_by_name - Get matching virtual interface index by interface name pattern (IPv4) * @ifname: Interface name pattern * @state: Iterator state * * Returns: * The virtual interface index if the interface matches and is registered * with the kernel, or -1 if no (more) matching virtual interfaces are found. */ int iface_match_vif_by_name(const char *ifname, struct ifmatch *state, struct iface **found) { int vif; struct iface *iface; while ((iface = iface_match_by_name(ifname, state))) { vif = iface_get_vif(iface); if (vif >= 0) { if (found) *found = iface; return vif; } state->match_count--; } return -1; } /** * iface_match_mif_by_name - Get matching virtual interface index by interface name pattern (IPv6) * @ifname: Interface name pattern * @state: Iterator state * * Returns: * The virtual interface index if the interface matches and is registered * with the kernel, or -1 if no (more) matching virtual interfaces are found. */ int iface_match_mif_by_name(const char *ifname, struct ifmatch *state, struct iface **found) { int mif; struct iface *iface; while ((iface = iface_match_by_name(ifname, state))) { mif = iface_get_mif(iface); if (mif >= 0) { if (found) *found = iface; return mif; } state->match_count--; } return -1; } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/inet.c0000644000175000017500000001001613345172574014233 0ustar jockejocke/* Multicast Router Discovery Protocol, RFC4286 (IPv4 backend) * * Copyright (C) 2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include #include #include #include #include #include #include #include #include #include #include #include "log.h" #include "inet.h" #include "mrdisc.h" #include "socket.h" #define MC_ALL_SNOOPERS "224.0.0.106" int inet_open(char *ifname) { char loop; int sd, val, rc; struct ifreq ifr; struct ip_mreqn mreq; unsigned char ra[4] = { IPOPT_RA, 0x04, 0x00, 0x00 }; sd = socket_create(AF_INET, SOCK_RAW, IPPROTO_IGMP, mrdisc_recv, NULL); if (sd < 0) { smclog(LOG_ERR, "Cannot open socket: %s", strerror(errno)); return -1; } memset(&ifr, 0, sizeof(ifr)); snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%s", ifname); if (setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr)) < 0) { if (ENODEV == errno) { smclog(LOG_WARNING, "Not a valid interface, %s, skipping ...", ifname); socket_close(sd); return -1; } smclog(LOG_ERR, "Cannot bind socket to interface %s: %s", ifname, strerror(errno)); socket_close(sd); return -1; } memset(&mreq, 0, sizeof(mreq)); mreq.imr_multiaddr.s_addr = inet_addr(MC_ALL_SNOOPERS); mreq.imr_ifindex = if_nametoindex(ifname); if (setsockopt(sd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq))) { smclog(LOG_ERR, "Failed joining group %s: %s", MC_ALL_SNOOPERS); return -1; } val = 1; rc = setsockopt(sd, IPPROTO_IP, IP_MULTICAST_TTL, &val, sizeof(val)); if (rc < 0) { smclog(LOG_ERR, "Cannot set TTL: %s", strerror(errno)); socket_close(sd); return -1; } loop = 0; rc = setsockopt(sd, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, sizeof(loop)); if (rc < 0) { smclog(LOG_ERR, "Cannot disable MC loop: %s", strerror(errno)); socket_close(sd); return -1; } rc = setsockopt(sd, IPPROTO_IP, IP_OPTIONS, &ra, sizeof(ra)); if (rc < 0) { smclog(LOG_ERR, "Cannot set IP OPTIONS: %s", strerror(errno)); socket_close(sd); return -1; } return sd; } int inet_close(int sd) { return inet_send(sd, IGMP_MRDISC_TERM, 0) || socket_close(sd); } static void compose_addr(struct sockaddr_in *sin, char *group) { memset(sin, 0, sizeof(*sin)); sin->sin_family = AF_INET; sin->sin_addr.s_addr = inet_addr(group); } int inet_send(int sd, uint8_t type, uint8_t interval) { ssize_t num; struct igmp igmp; struct sockaddr dest; memset(&igmp, 0, sizeof(igmp)); igmp.igmp_type = type; igmp.igmp_code = interval; igmp.igmp_cksum = 0; compose_addr((struct sockaddr_in *)&dest, MC_ALL_SNOOPERS); num = sendto(sd, &igmp, sizeof(igmp), 0, &dest, sizeof(dest)); if (num < 0) return -1; return 0; } /* If called with interval=0, only read() */ int inet_recv(int sd, uint8_t interval) { char buf[1530]; ssize_t num; struct ip *ip; struct igmp *igmp; memset(buf, 0, sizeof(buf)); num = read(sd, buf, sizeof(buf)); if (num < 0) return -1; ip = (struct ip *)buf; igmp = (struct igmp *)(buf + (ip->ip_hl << 2)); if (igmp->igmp_type == IGMP_MRDISC_SOLICIT && interval > 0) { smclog(LOG_DEBUG, "Received mrdisc solicitation"); return inet_send(sd, IGMP_MRDISC_ANNOUNCE, interval); } return 0; } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/smcrouted.c0000644000175000017500000002371213345172574015310 0ustar jockejocke/* Static multicast routing daemon * * Copyright (C) 2011-2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" #include #include #include #include #include #include #include #include /* gettimeofday() */ #include #include "cap.h" #include "ipc.h" #include "log.h" #include "msg.h" #include "conf.h" #include "ifvc.h" #include "util.h" #include "timer.h" #include "script.h" #include "socket.h" #include "mrdisc.h" #include "mroute.h" #include "mcgroup.h" int background = 1; int do_vifs = 1; int do_syslog = 1; int cache_tmo = 60; int interval = MRDISC_INTERVAL_DEFAULT; int startup_delay = 0; int table_id = 0; char *script = NULL; char *ident = PACKAGE; char *prognm = NULL; char *pid_file = NULL; char *conf_file = NULL; static uid_t uid = 0; static gid_t gid = 0; volatile sig_atomic_t reloading = 0; volatile sig_atomic_t running = 1; static const char version_info[] = PACKAGE_NAME " v" PACKAGE_VERSION; /* Cleans up, i.e. releases allocated resources. Called via atexit() */ static void clean(void) { mroute4_disable(1); mroute6_disable(1); mcgroup4_disable(); mcgroup6_disable(); ipc_exit(); iface_exit(); smclog(LOG_NOTICE, "Exiting."); } static void restart(void) { mroute4_disable(0); mroute6_disable(0); mcgroup4_disable(); mcgroup6_disable(); /* No need to close the IPC, only at cleanup. */ /* Update list of interfaces and create new virtual interface mappings in kernel. */ iface_init(); mroute4_enable(do_vifs, table_id, cache_tmo); mroute6_enable(do_vifs, table_id); } void reload(void) { restart(); conf_read(conf_file, do_vifs); /* Acknowledge client SIGHUP/reload by touching the pidfile */ pidfile(NULL, uid, gid); } /* * Signal handler. Take note of the fact that the signal arrived * so that the main loop can take care of it. */ static void handler(int signo) { switch (signo) { case SIGINT: case SIGTERM: running = 0; break; case SIGHUP: reloading = 1; break; } } static void signal_init(void) { struct sigaction sa; sa.sa_handler = handler; sa.sa_flags = 0; /* Interrupt system calls */ sigemptyset(&sa.sa_mask); if (sigaction(SIGHUP, &sa, NULL) || sigaction(SIGTERM, &sa, NULL) || sigaction(SIGINT, &sa, NULL)) smclog(LOG_WARNING, "Failed setting up signal handlers: %s", strerror(errno)); } static int server_loop(void) { script_init(script); mrdisc_init(interval); while (running) { if (reloading) { reload(); reloading = 0; } socket_poll(NULL); } return 0; } /* Init everything before forking, so we can fail and return an * error code in the parent and the initscript will fail */ static int start_server(void) { int api = 2, busy = 0; if (geteuid() != 0) { smclog(LOG_ERR, "Need root privileges to start %s", prognm); return 1; } if (background) { if (daemon(0, 0) < 0) { smclog(LOG_ERR, "Failed daemonizing: %s", strerror(errno)); return 1; } } /* Hello world! */ smclog(LOG_NOTICE, "%s", version_info); if (startup_delay > 0) { smclog(LOG_INFO, "Startup delay requested, waiting %d sec before continuing.", startup_delay); sleep(startup_delay); } /* * Build list of multicast-capable physical interfaces */ iface_init(); /* * Timer API needs to be initilized before mroute4_enable() */ timer_init(); if (mroute4_enable(do_vifs, table_id, cache_tmo)) { if (errno == EADDRINUSE) busy++; api--; } if (mroute6_enable(do_vifs, table_id)) { if (errno == EADDRINUSE) busy++; api--; } /* At least one API (IPv4 or IPv6) must have initialized successfully * otherwise we abort the server initialization. */ if (!api) { if (busy) smclog(LOG_ERR, "Another multicast routing application is already running."); else smclog(LOG_ERR, "Kernel does not support multicast routing."); exit(1); } atexit(clean); signal_init(); ipc_init(); conf_read(conf_file, do_vifs); /* Everything setup, notify any clients by creating the pidfile */ if (pidfile(pid_file, uid, gid)) smclog(LOG_WARNING, "Failed create/chown pidfile: %s", strerror(errno)); /* Drop root privileges before entering the server loop */ cap_drop_root(uid, gid); return server_loop(); } static int compose_paths(void) { /* Default .conf file path: "/etc" + '/' + "smcroute" + ".conf" */ if (!conf_file) { size_t len = strlen(SYSCONFDIR) + strlen(ident) + 7; conf_file = malloc(len); if (!conf_file) { smclog(LOG_ERR, "Failed allocating memory, exiting: %s", strerror(errno)); exit(1); } snprintf(conf_file, len, "%s/%s.conf", SYSCONFDIR, ident); } /* Default is to let pidfile() API construct PID file from ident */ if (!pid_file) pid_file = ident; return 0; } static int usage(int code) { char pidfn[80]; compose_paths(); if (pid_file[0] != '/') snprintf(pidfn, sizeof(pidfn), "%s/run/%s.pid", LOCALSTATEDIR, pid_file); else snprintf(pidfn, sizeof(pidfn), "%s", pid_file); printf("Usage: %s [hnNsv] [-c SEC] [-d SEC] [-e CMD] " #ifdef ENABLE_DOTCONF "[-f FILE] " #endif "[-l LVL] " #ifdef ENABLE_MRDISC "[-m SEC] " #endif "[-P FILE] " "[-t ID] " "\n\n" " -c SEC Flush dynamic (*,G) multicast routes every SEC seconds,\n" " default 60 sec. Useful when source/interface changes\n" " -d SEC Startup delay, useful for delaying interface probe at boot\n" " -e CMD Script or command to call on startup/reload when all routes\n" " have been installed, or when a (*,G) is installed\n" #ifdef ENABLE_DOTCONF " -f FILE Set configuration file, default uses ident NAME: %s\n" #endif " -h This help text\n" " -I NAME Identity for config, PID file, and syslog, default: %s\n" " -l LVL Set log level: none, err, notice*, info, debug\n" #ifdef ENABLE_MRDISC " -m SEC Multicast router discovery, 4-180, default: 20 sec\n" #endif " -n Run daemon in foreground, when started by systemd or finit\n" #ifdef ENABLE_DOTCONF " -N No multicast VIFs/MIFs created by default. Use with\n" " smcroute.conf `phyint enable` directive\n" #endif #ifdef ENABLE_LIBCAP " -p USER[:GROUP] After initialization set UID and GID to USER and GROUP\n" #endif " -P FILE Set daemon PID file name, with optional path.\n" " Default uses ident NAME: %s\n" " -s Use syslog, default unless running in foreground, -n\n" " -t ID Set multicast routing table ID, default: 0\n" " -v Show program version\n" "\n" "Bug report address: %s\n", prognm, conf_file, #ifdef ENABLE_DOTCONF ident, #endif pidfn, PACKAGE_BUGREPORT); #ifdef PACKAGE_URL printf("Project homepage: %s\n", PACKAGE_URL); #endif return code; } static char *progname(const char *arg0) { char *nm; nm = strrchr(arg0, '/'); if (nm) nm++; else nm = (char *)arg0; return nm; } /** * main - Main program * * Parses command line options and enters either daemon or client mode. * * In daemon mode, acquires multicast routing sockets, opens IPC socket * and goes in receive-execute command loop. * * In client mode, creates commands from command line and sends them to * the daemon. */ int main(int argc, char *argv[]) { int c; int log_opts = LOG_CONS | LOG_PID; prognm = progname(argv[0]); while ((c = getopt(argc, argv, "c:d:e:f:hI:l:m:nNp:P:st:v")) != EOF) { switch (c) { case 'c': /* cache timeout */ cache_tmo = atoi(optarg); break; case 'd': startup_delay = atoi(optarg); break; case 'e': script = optarg; break; case 'f': #ifndef ENABLE_DOTCONF warnx("Built without .conf file support."); #else conf_file = optarg; #endif break; case 'h': /* help */ return usage(0); case 'I': ident = optarg; break; case 'l': log_level = loglvl(optarg); break; case 'm': #ifndef ENABLE_MRDISC warnx("Built without mrdisc support."); #else interval = atoi(optarg); if (interval < 4 || interval > 180) errx(1, "Invalid mrdisc announcement interval, 4-180."); #endif break; case 'n': /* run daemon in foreground, i.e., do not fork */ background = 0; do_syslog--; break; case 'N': #ifndef ENABLE_DOTCONF errx(1, "Built without .conf file, no way to enable individual interfaces."); #else do_vifs = 0; #endif break; case 'p': cap_set_user(optarg, &uid, &gid); break; case 'P': pid_file = optarg; break; case 's': /* Force syslog even though in foreground */ do_syslog++; break; case 't': #ifndef __linux__ errx(1, "Different multicast routing tables only available on Linux."); #else table_id = atoi(optarg); if (table_id < 0) return usage(1); #endif break; case 'v': /* version */ fprintf(stderr, "%s\n", version_info); return 0; default: /* unknown option */ return usage(1); } } compose_paths(); if (!background && do_syslog < 1) log_opts |= LOG_PERROR; openlog(ident, log_opts, LOG_DAEMON); setlogmask(LOG_UPTO(log_level)); return start_server(); } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/socket.h0000644000175000017500000000224213345172574014573 0ustar jockejocke/* Helper functions * * Copyright (C) 2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #ifndef SMCROUTE_SOCKET_H_ #define SMCROUTE_SOCKET_H_ #include #include #include int socket_register(int sd, void (*cb)(int, void *), void *arg); int socket_create (int domain, int type, int proto, void (*cb)(int, void *), void *arg); int socket_close (int sd); int socket_poll (struct timeval *timeout); #endif /* SMCROUTE_SOCKET_H_ */ smcroute-2.4.2/src/log.c0000644000175000017500000000414613345172574014064 0ustar jockejocke/* System logging API * * Copyright (C) 2011-2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #define SYSLOG_NAMES #include #include #include #include "log.h" #include "util.h" int log_level = LOG_NOTICE; char log_message[128]; /** * loglvl - Convert log level string to value * @level: String from user, debug, error, warning, etc. * * Returns: * Matching %LOG_DEBUG, %LOG_ERR, etc. */ int loglvl(const char *level) { int i; for (i = 0; prioritynames[i].c_name; i++) { size_t len = MIN(strlen(prioritynames[i].c_name), strlen(level)); if (!strncasecmp(prioritynames[i].c_name, level, len)) return prioritynames[i].c_val; } return atoi(level); } /** * smclog - Log message to syslog or stderr * @severity: Standard syslog() severity levels * @fmt: Standard printf() formatted message to log * * Logs a standard printf() formatted message to syslog and stderr when * @severity is greater than the @log_level threshold. When @code is * set it is appended to the log, along with the error message. * * When @severity is %LOG_ERR or worse this function will call exit(). */ void smclog(int severity, const char *fmt, ...) { va_list args; va_start(args, fmt); vsnprintf(log_message, sizeof(log_message), fmt, args); va_end(args); syslog(severity, "%s", log_message); } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/log.h0000644000175000017500000000040313345172574014061 0ustar jockejocke/* System logging API */ #ifndef SMCROUTE_LOG_H_ #define SMCROUTE_LOG_H_ #include extern int log_level; extern char log_message[128]; int loglvl(const char *level); void smclog(int severity, const char *fmt, ...); #endif /* SMCROUTE_LOG_H_ */ smcroute-2.4.2/src/mrdisc.h0000644000175000017500000000307513345172574014571 0ustar jockejocke/* Multicast Router Discovery Protocol, RFC4286 (IPv4 only) * * Copyright (C) 2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #ifndef SMCROUTE_MRDISC_H_ #define SMCROUTE_MRDISC_H_ #include "config.h" #define MRDISC_INTERVAL_DEFAULT 20 #ifdef ENABLE_MRDISC int mrdisc_init (int interval); int mrdisc_exit (void); int mrdisc_register (char *ifname, short vif); int mrdisc_deregister ( short vif); int mrdisc_enable (short vif); int mrdisc_disable (short vif); void mrdisc_send ( void *arg); void mrdisc_recv (int sd, void *arg); #else #define mrdisc_init(interval) #define mrdisc_exit() #define mrdisc_register(ifname, vif) 0 #define mrdisc_deregister(vif) 0 #define mrdisc_enable(ifname) #define mrdisc_disable(ifname) #define mrdisc_send(arg) #define mrdisc_recv(sd, arg) #endif #endif /* SMCROUTE_MRDISC_H_ */ smcroute-2.4.2/src/cap.h0000644000175000017500000000056513345172574014054 0ustar jockejocke/* Daemon capability API */ #ifndef SMCROUTE_CAP_H_ #define SMCROUTE_CAP_H_ #include "config.h" #ifdef ENABLE_LIBCAP void cap_drop_root (uid_t uid, gid_t gid); void cap_set_user (char *arg, uid_t *uid, gid_t *gid); #else #define cap_drop_root(uid, gid) #define cap_set_user(arg, uid, gid) warnx("Drop privs support not available.") #endif #endif /* SMCROUTE_CAP_H_ */ smcroute-2.4.2/src/pidfile.c0000644000175000017500000000752013345172574014716 0ustar jockejocke/* Updated by troglobit for libite/finit/uftpd/smcroute projects 2016/07/04 */ /* $OpenBSD: pidfile.c,v 1.11 2015/06/03 02:24:36 millert Exp $ */ /* $NetBSD: pidfile.c,v 1.4 2001/02/19 22:43:42 cgd Exp $ */ /*- * Copyright (c) 1999 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation * by Jason R. Thorpe. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #include "config.h" #include /* utimensat() */ #include /* utimensat() on *BSD */ #include #include #include #include #include #include "log.h" #include "util.h" static char *pidfile_path = NULL; static pid_t pidfile_pid = 0; static void pidfile_cleanup(void); const char *__pidfile_path = LOCALSTATEDIR "/run"; const char *__pidfile_name = NULL; extern char *prognm; int pidfile(const char *basename, uid_t uid, gid_t gid) { int save_errno; int atexit_already; pid_t pid; FILE *f; if (basename == NULL) basename = prognm; pid = getpid(); atexit_already = 0; if (pidfile_path != NULL) { if (!access(pidfile_path, R_OK) && pid == pidfile_pid) { utimensat(0, pidfile_path, NULL, 0); return (0); } free(pidfile_path); pidfile_path = NULL; __pidfile_name = NULL; atexit_already = 1; } if (basename[0] != '/') { if (asprintf(&pidfile_path, "%s/%s.pid", __pidfile_path, basename) == -1) return (-1); } else { if (asprintf(&pidfile_path, "%s", basename) == -1) return (-1); } smclog(LOG_DEBUG, "Creating PID file %s", pidfile_path); if ((f = fopen(pidfile_path, "w")) == NULL) { save_errno = errno; free(pidfile_path); pidfile_path = NULL; errno = save_errno; return (-1); } if (fprintf(f, "%ld\n", (long)pid) <= 0 || fflush(f) != 0) { save_errno = errno; (void) fclose(f); (void) unlink(pidfile_path); free(pidfile_path); pidfile_path = NULL; errno = save_errno; return (-1); } (void) fclose(f); __pidfile_name = pidfile_path; if (chown(pidfile_path, uid, gid)) return (-1); /* * LITE extension, no need to set up another atexit() handler * if user only called us to update the mtime of the PID file */ if (atexit_already) return (0); pidfile_pid = pid; if (atexit(pidfile_cleanup) < 0) { save_errno = errno; (void) unlink(pidfile_path); free(pidfile_path); pidfile_path = NULL; pidfile_pid = 0; errno = save_errno; return (-1); } return (0); } static void pidfile_cleanup(void) { if (pidfile_path != NULL && pidfile_pid == getpid()) { (void) unlink(pidfile_path); free(pidfile_path); pidfile_path = NULL; } } smcroute-2.4.2/src/ipc.c0000644000175000017500000001247113345172574014056 0ustar jockejocke/* Daemon IPC API * * Copyright (C) 2001-2005 Carsten Schill * Copyright (C) 2006-2009 Julien BLACHE * Copyright (C) 2009 Todd Hayton * Copyright (C) 2009-2011 Micha Lenk * Copyright (C) 2011-2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include #include #include #include #include #include #include #include #include #include "ipc.h" #include "log.h" #include "msg.h" #include "socket.h" #include "mroute.h" extern char *ident; static struct sockaddr_un sun; /* Receive command from the smcroutectl */ static void ipc_read(int sd) { char buf[MX_CMDPKT_SZ]; struct ipc_msg *msg; memset(buf, 0, sizeof(buf)); msg = (struct ipc_msg *)ipc_receive(sd, buf, sizeof(buf)); if (!msg) { /* Skip logging client disconnects */ if (errno != ECONNRESET) smclog(LOG_WARNING, "Failed receving IPC message from client: %s", strerror(errno)); return; } if (msg_do(sd, msg)) { if (EINVAL == errno) smclog(LOG_WARNING, "Unkown or malformed IPC message '%c' from client.", msg->cmd); errno = 0; ipc_send(sd, log_message, strlen(log_message) + 1); } else { ipc_send(sd, "", 1); } free(msg); } static void ipc_accept(int sd, void *arg) { int client; socklen_t socklen = 0; (void)arg; client = accept(sd, NULL, &socklen); if (client < 0) return; ipc_read(client); close(client); } /** * ipc_init - Initialise an IPC server socket * * Returns: * The socket descriptor, or -1 on error with @errno set. */ int ipc_init(void) { int sd; socklen_t len; if (strlen(LOCALSTATEDIR) + strlen(ident) + 11 >= sizeof(sun.sun_path)) { smclog(LOG_ERR, "Too long socket path, max %zd chars", sizeof(sun.sun_path)); return -1; } sd = socket_create(AF_UNIX, SOCK_STREAM, 0, ipc_accept, NULL); if (sd < 0) { smclog(LOG_WARNING, "Failed creating IPC socket, client disabled: %s", strerror(errno)); return -1; } #ifdef HAVE_SOCKADDR_UN_SUN_LEN sun.sun_len = 0; /* <- correct length is set by the OS */ #endif sun.sun_family = AF_UNIX; snprintf(sun.sun_path, sizeof(sun.sun_path), "%s/run/%s.sock", LOCALSTATEDIR, ident); unlink(sun.sun_path); smclog(LOG_DEBUG, "Binding IPC socket to %s", sun.sun_path); len = offsetof(struct sockaddr_un, sun_path) + strlen(sun.sun_path); if (bind(sd, (struct sockaddr *)&sun, len) < 0 || listen(sd, 1)) { smclog(LOG_WARNING, "Failed binding IPC socket, client disabled: %s", strerror(errno)); socket_close(sd); return -1; } return sd; } /** * ipc_exit - Tear down and cleanup IPC communication. */ void ipc_exit(void) { unlink(sun.sun_path); } /** * ipc_send - Send message to peer * @sd: Client socket from ipc_accept() * @buf: Message to send * @len: Message length in bytes of @buf * * Sends the IPC message in @buf of the size @len to the peer. * * Returns: * Number of bytes successfully sent, or -1 with @errno on failure. */ int ipc_send(int sd, char *buf, size_t len) { if (write(sd, buf, len) != (ssize_t)len) return -1; return len; } /** * ipc_server_read - Read IPC message from client * @sd: Client socket from ipc_accept() * @buf: Buffer for message * @len: Size of @buf in bytes * * Reads a message from the IPC socket and stores in @buf, respecting * the size @len. Connects and resets connection as necessary. * * Returns: * Pointer to a successfuly read command packet in @buf, or %NULL on error. */ void *ipc_receive(int sd, char *buf, size_t len) { size_t sz; sz = recv(sd, buf, len - 1, 0); if (!sz) { errno = ECONNRESET; return NULL; } /* successful read */ if (sz >= sizeof(struct ipc_msg)) { struct ipc_msg *msg = (struct ipc_msg *)buf; /* Make sure to always have at least one NUL, for strlen() */ buf[sz] = 0; if (sz == msg->len) { char *ptr; size_t i, count; /* Upper bound: smcroutectl add in1 source group out1 out2 .. out32 */ count = msg->count; if (count > (MAXVIFS + 3)) { errno = EINVAL; return NULL; } msg = malloc(sizeof(struct ipc_msg) + msg->count * sizeof(char *)); if (!msg) return NULL; memcpy(msg, buf, sizeof(struct ipc_msg)); ptr = buf + offsetof(struct ipc_msg, argv); for (i = 0; i < count; i++) { /* Verify ptr, attacker may set too large msg->count */ if (ptr >= (buf + len)) { free(msg); errno = EBADMSG; return NULL; } msg->argv[i] = ptr; ptr += strlen(ptr) + 1; } msg->count = count; return msg; } } errno = EAGAIN; return NULL; } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/msg.c0000644000175000017500000002141213345172574014064 0ustar jockejocke/* IPC command parser and builder for daemon and client * * Copyright (C) 2011-2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" #include #include /* sig_atomic_t */ #include #include #include #include #include "log.h" #include "msg.h" #include "ifvc.h" #include "mroute.h" #include "mcgroup.h" extern volatile sig_atomic_t running; extern volatile sig_atomic_t reloading; static int do_mgroup4(struct ipc_msg *msg) { int ret = 0; char *ifname = msg->argv[0]; struct in_addr src, grp; if (msg->count == 3) { ret += inet_pton(AF_INET, msg->argv[1], &src); ret += inet_pton(AF_INET, msg->argv[2], &grp); } else { src.s_addr = htonl(INADDR_ANY); ret = 1; ret += inet_pton(AF_INET, msg->argv[1], &grp); } if (ret < 2 || !IN_MULTICAST(ntohl(grp.s_addr))) { smclog(LOG_DEBUG, "Invalid IPv4 source or group address."); return 1; } if (msg->cmd == 'j') return mcgroup4_join(ifname, src, grp); return mcgroup4_leave(ifname, src, grp); } static int do_mgroup6(struct ipc_msg *msg) { #ifndef HAVE_IPV6_MULTICAST_HOST (void)msg; smclog(LOG_WARNING, "IPv6 multicast support disabled."); return 1; #else int ret = 0; char *ifname = msg->argv[0]; struct in6_addr src, grp; if (msg->count == 3) { ret += inet_pton(AF_INET6, msg->argv[1], &src); ret += inet_pton(AF_INET6, msg->argv[2], &grp); } else { memset(&src, 0, sizeof(src)); ret = 1; ret += inet_pton(AF_INET6, msg->argv[1], &grp); } if (ret < 2 || !IN6_IS_ADDR_MULTICAST(&grp)) { smclog(LOG_DEBUG, "Invalid IPv6 source or group address."); return 1; } if (msg->cmd == 'j') return mcgroup6_join(ifname, grp); return mcgroup6_leave(ifname, grp); #endif } /* * Check for prefix length, only applicable for (*,G) routes */ static int is_range(char *arg) { char *ptr; ptr = strchr(arg, '/'); if (ptr) { *ptr++ = 0; return atoi(ptr); } return 0; } static int do_mroute4(struct ipc_msg *msg) { struct ifmatch state_in; int result = 0; /* Only emit first non-fatal error message as that's the most relevant */ int errmsg = 0; iface_match_init(&state_in); while (1) { int len, pos = 0, vif; struct mroute4 mroute; struct ifmatch state_out; struct in_addr src, grp; char *ifname_in = msg->argv[pos++]; vif = iface_match_vif_by_name(ifname_in, &state_in, NULL); if (vif < 0) break; memset(&mroute, 0, sizeof(mroute)); mroute.inbound = vif; len = is_range(msg->argv[pos]); if (inet_pton(AF_INET, msg->argv[pos++], &src) <= 0) { smclog(LOG_DEBUG, "Invalid IPv4 source or group address"); return 1; } if (!IN_MULTICAST(ntohl(src.s_addr))) { len = is_range(msg->argv[pos]); if (inet_pton(AF_INET, msg->argv[pos++], &grp) <= 0 || !IN_MULTICAST(ntohl(grp.s_addr))) { smclog(LOG_DEBUG, "Invalid IPv4 group address"); return 1; } if (len && (len < 0 || len > 32)) { smclog(LOG_DEBUG, "Invalid prefix length (/LEN), must be 0-32"); return 1; } } else { grp = src; src.s_addr = htonl(INADDR_ANY); } mroute.source = src; mroute.len = len; mroute.group = grp; if (len && mroute.source.s_addr != htonl(INADDR_ANY)) { smclog(LOG_DEBUG, "GROUP/LEN not yet supported for source specific multicast routes."); return 1; } /* * Scan output interfaces for the 'add' command only, just * ignore it for the 'remove' command. */ if (msg->cmd == 'a') { if (pos >= msg->count) { smclog(LOG_DEBUG, "Missing outbound interface"); return 1; } int total = 0; while (pos < msg->count) { char *ifname_out = msg->argv[pos++]; iface_match_init(&state_out); while ((vif = iface_match_vif_by_name(ifname_out, &state_out, NULL)) >= 0) { if (vif == mroute.inbound) { state_out.match_count--; /* In case of wildcard matches, in==out is * quite normal, so don't complain */ if (!ifname_is_wildcard(ifname_in) && !ifname_is_wildcard(ifname_out) && !errmsg++) smclog(LOG_WARNING, "Same outbound interface (%s) as inbound (%s)?", ifname_out, ifname_in); continue; } mroute.ttl[vif] = 1; /* Use a TTL threshold */ total++; } if (!state_out.match_count && !errmsg++) smclog(LOG_DEBUG, "Invalid output interface"); } if (!total) { if (!errmsg++) smclog(LOG_DEBUG, "No valid output interfaces"); result += 1; } else { result += mroute4_add(&mroute); } } else { result += mroute4_del(&mroute); } } if (!state_in.match_count) { smclog(LOG_DEBUG, "Invalid input interface"); return 1; } return result; } static int do_mroute6(struct ipc_msg *msg) { #ifndef HAVE_IPV6_MULTICAST_ROUTING (void)msg; smclog(LOG_WARNING, "IPv6 multicast support disabled."); return 1; #else struct ifmatch state_in; int result = 0; /* Only emit first non-fatal error message as that's the most relevant */ int errmsg = 0; iface_match_init(&state_in); while (1) { int pos = 0, mif; struct mroute6 mroute; struct ifmatch state_out; char *ifname_in = msg->argv[pos++]; mif = iface_match_mif_by_name(ifname_in, &state_in, NULL); if (mif < 0) break; memset(&mroute, 0, sizeof(mroute)); mroute.inbound = mif; if (inet_pton(AF_INET6, msg->argv[pos++], &mroute.source.sin6_addr) <= 0) { smclog(LOG_DEBUG, "Invalid IPv6 source address"); return 1; } if (inet_pton(AF_INET6, msg->argv[pos++], &mroute.group.sin6_addr) <= 0 || !IN6_IS_ADDR_MULTICAST(&mroute.group.sin6_addr)) { smclog(LOG_DEBUG, "Invalid IPv6 group address"); return 1; } /* * Scan output interfaces for the 'add' command only, just ignore it * for the 'remove' command to be compatible to the first release. */ if (msg->cmd == 'a') { if (pos >= msg->count) { smclog(LOG_DEBUG, "Missing outbound interface"); return 1; } int total = 0; while (pos < msg->count) { char *ifname_out = msg->argv[pos++]; iface_match_init(&state_out); while ((mif = iface_match_mif_by_name(ifname_out, &state_out, NULL)) >= 0) { if (mif == mroute.inbound) { state_out.match_count--; /* In case of wildcard matches, in==out is * quite normal, so don't complain */ if (!ifname_is_wildcard(ifname_in) && !ifname_is_wildcard(ifname_out) && !errmsg++) smclog(LOG_WARNING, "Same outbound interface (%s) as inbound (%s)?", ifname_out, ifname_in); continue; } mroute.ttl[mif] = 1; /* Use a TTL threshold */ total++; } if (!state_out.match_count && !errmsg++) smclog(LOG_DEBUG, "Invalid output interface"); } if (!total) { if (!errmsg++) smclog(LOG_DEBUG, "No valid output interfaces"); result += 1; } else { result += mroute6_add(&mroute); } } else { result += mroute6_del(&mroute); } } if (!state_in.match_count) { smclog(LOG_DEBUG, "Invalid input interface"); return 1; } return result; #endif } static int do_mroute(struct ipc_msg *msg) { if (msg->count < 2) { errno = EINVAL; return -1; } if (strchr(msg->argv[1], ':')) return do_mroute6(msg); return do_mroute4(msg); } static int do_mgroup(struct ipc_msg *msg) { if (msg->count < 2) { errno = EINVAL; return -1; } if (strchr(msg->argv[1], ':')) return do_mgroup6(msg); return do_mgroup4(msg); } static int do_show(struct ipc_msg *msg, int sd, int detail) { if (msg->count == 0) return mroute_show(sd, detail); if (msg->argv[0][0] == 'g') return mcgroup_show(sd, detail); return mroute_show(sd, detail); } /* * Convert IPC command from client to a mulicast route or group join/leave */ int msg_do(int sd, struct ipc_msg *msg) { int result = 0; switch (msg->cmd) { case 'a': case 'r': result = do_mroute(msg); break; case 'j': case 'l': result = do_mgroup(msg); break; case 'F': mroute4_dyn_expire(0); break; case 'H': /* HUP */ reloading = 1; break; case 'k': running = 0; break; case 'S': result = do_show(msg, sd, 1); break; case 's': result = do_show(msg, sd, 0); break; default: errno = EINVAL; result = -1; } return result; } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/socket.c0000644000175000017500000000601313345172574014566 0ustar jockejocke/* Socket helper functions * * Copyright (C) 2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" #include #ifdef HAVE_FCNTL_H #include #endif #include #include #include #include #include #include #include #include "log.h" #include "queue.h" struct sock { LIST_ENTRY(sock) link; int sd; void (*cb)(int, void *arg); void *arg; }; static int max_fdnum = -1; LIST_HEAD(, sock) sl = LIST_HEAD_INITIALIZER(); int nfds(void) { return max_fdnum + 1; } /* * register socket/fd/pipe created elsewhere, optional callback */ int socket_register(int sd, void (*cb)(int, void *), void *arg) { struct sock *entry; entry = malloc(sizeof(*entry)); if (!entry) return -1; entry->sd = sd; entry->cb = cb; entry->arg = arg; LIST_INSERT_HEAD(&sl, entry, link); #if !defined(HAVE_SOCK_CLOEXEC) && defined(HAVE_FCNTL_H) fcntl(sd, F_SETFD, fcntl(sd, F_GETFD) | FD_CLOEXEC); #endif /* Keep track for select() */ if (sd > max_fdnum) max_fdnum = sd; return sd; } /* * create socket, with optional callback for reading inbound data */ int socket_create(int domain, int type, int proto, void (*cb)(int, void *), void *arg) { int sd; #ifdef HAVE_SOCK_CLOEXEC type |= SOCK_CLOEXEC; #endif sd = socket(domain, type, proto); if (sd < 0) return -1; if (socket_register(sd, cb, arg) < 0) { close(sd); return -1; } return sd; } int socket_close(int sd) { struct sock *entry, *tmp; LIST_FOREACH_SAFE(entry, &sl, link, tmp) { if (entry->sd == sd) { LIST_REMOVE(entry, link); close(entry->sd); free(entry); return 0; } } errno = ENOENT; return -1; } int socket_poll(struct timeval *timeout) { int num; fd_set fds; struct sock *entry; FD_ZERO(&fds); LIST_FOREACH(entry, &sl, link) FD_SET(entry->sd, &fds); num = select(nfds(), &fds, NULL, NULL, timeout); if (num <= 0) { /* Log all errors, except when signalled, ignore failures. */ if (num < 0 && EINTR != errno) smclog(LOG_WARNING, "Failed select(): %s", strerror(errno)); return num; } LIST_FOREACH(entry, &sl, link) { if (!FD_ISSET(entry->sd, &fds)) continue; if (entry->cb) entry->cb(entry->sd, entry->arg); } return num; } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/mroute.h0000644000175000017500000000555013345172574014623 0ustar jockejocke/* Generic kernel multicast routing API for Linux and *BSD */ #ifndef SMCROUTE_MROUTE_H_ #define SMCROUTE_MROUTE_H_ #include "config.h" #include #include #include #include #include "queue.h" /* Needed by netinet/ip_mroute.h on FreeBSD */ #ifdef HAVE_LINUX_MROUTE_H #define _LINUX_IN_H /* For Linux <= 2.6.25 */ #include #include #endif #ifdef HAVE_LINUX_MROUTE6_H #include #endif #ifdef HAVE_LINUX_FILTER_H #include #endif #ifdef HAVE_NET_ROUTE_H #include #endif #ifdef HAVE_NETINET_IP_MROUTE_H #define _KERNEL #include #undef _KERNEL #else # ifdef __APPLE__ # include "ip_mroute.h" # endif #endif #ifdef HAVE_NETINET6_IP6_MROUTE_H #ifdef HAVE_SYS_PARAM_H #include #endif #include #endif #ifndef IN6_IS_ADDR_MULTICAST #define IN6_IS_ADDR_MULTICAST(a) (((__const uint8_t *) (a))[0] == 0xff) #endif /* * IPv4 multicast route */ #ifndef MAXVIFS #define MAXVIFS 32 #endif #define MAX_MC_VIFS MAXVIFS /* from linux/mroute.h */ struct mroute4 { LIST_ENTRY(mroute4) link; struct in_addr source; struct in_addr group; /* multicast group */ short len; /* prefix len, or 0:disabled */ short inbound; /* incoming VIF */ uint8_t ttl[MAX_MC_VIFS];/* outgoing VIFs */ unsigned long valid_pkt; /* packet counter at last mroute4_dyn_expire() */ time_t last_use; /* timestamp of last forwarded packet */ }; /* * IPv6 multicast route */ #ifdef HAVE_IPV6_MULTICAST_ROUTING #ifndef MAXMIFS #define MAXMIFS 32 #endif #define MAX_MC_MIFS MAXMIFS /* from linux/mroute6.h */ #else #define MAX_MC_MIFS 1 /* Dummy value for builds w/o IPv6 routing */ #endif struct mroute6 { struct sockaddr_in6 source; struct sockaddr_in6 group; /* multicast group */ short inbound; /* incoming VIF */ uint8_t ttl[MAX_MC_MIFS]; /* outgoing VIFs */ }; /* * Generic multicast route (wrapper for IPv4/IPv6 mroute) */ struct mroute { int version; /* 4 or 6 */ union { struct mroute4 mroute4; struct mroute6 mroute6; } u; }; int mroute4_enable (int do_vifs, int table_id, int timeout); void mroute4_disable (int close_socket); int mroute4_dyn_add (struct mroute4 *mroute); void mroute4_dyn_expire(int max_idle); int mroute4_add (struct mroute4 *mroute); int mroute4_del (struct mroute4 *mroute); int mroute6_enable (int do_vifs, int table_id); void mroute6_disable (int close_socket); int mroute6_add (struct mroute6 *mroute); int mroute6_del (struct mroute6 *mroute); int mroute_add_vif (char *ifname, uint8_t mrdisc, uint8_t threshold); int mroute_del_vif (char *ifname); int mroute_show (int sd, int detail); #endif /* SMCROUTE_MROUTE_H_ */ smcroute-2.4.2/src/conf.c0000644000175000017500000002357613345172574014240 0ustar jockejocke/* Simple .conf file parser for smcroute * * Copyright (c) 2011-2017 Joachim Nilsson * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include #include #include #include #include #include #include "log.h" #include "conf.h" #include "ifvc.h" #include "script.h" #include "mcgroup.h" #define MAX_LINE_LEN 512 #define DEBUG(fmt, args...) \ smclog(LOG_DEBUG, "%s:%02d: " fmt, conf, lineno, ##args) #define WARN(fmt, args...) \ smclog(LOG_WARNING, "%s:%02d: " fmt, conf, lineno, ##args) static const char *conf = NULL; static char *pop_token(char **line) { char *end, *token; if (!line) return NULL; token = *line; if (!token) return NULL; /* Find start of token, skip whitespace. */ while (*token && isspace((int)*token)) token++; /* Find end of token. */ end = token; while (*end && !isspace((int)*end)) end++; if (end == token) { *line = NULL; return NULL; } *end = 0; /* Terminate token. */ *line = end + 1; return token; } static int match(char *keyword, char *token) { size_t len; if (!keyword || !token) return 0; len = strlen(keyword); return !strncmp(keyword, token, len); } static int join_mgroup(int lineno, char *ifname, char *source, char *group) { int result; if (!ifname || !group) { errno = EINVAL; return 1; } if (strchr(group, ':')) { #if !defined(HAVE_IPV6_MULTICAST_HOST) || !defined(HAVE_IPV6_MULTICAST_ROUTING) WARN("Ignored, IPv6 disabled."); result = 0; #else struct in6_addr grp; if (source) WARN("IPv6 is not (yet) supported for Source Specific Multicast."); if (inet_pton(AF_INET6, group, &grp) <= 0 || !IN6_IS_ADDR_MULTICAST(&grp)) { WARN("Invalid IPv6 multicast group: %s", group); return 1; } result = mcgroup6_join(ifname, grp); #endif } else { struct in_addr src; struct in_addr grp; memset(&src, 0, sizeof(src)); if (source && (inet_pton(AF_INET, source, &src) <= 0)) { WARN("Invalid IPv4 multicast source: %s", source); return 1; } if ((inet_pton(AF_INET, group, &grp) <= 0) || !IN_MULTICAST(ntohl(grp.s_addr))) { WARN("Invalid IPv4 multicast group: %s", group); return 1; } result = mcgroup4_join(ifname, src, grp); } return result; } static int add_mroute(int lineno, char *ifname, char *group, char *source, char *outbound[], int num) { int i, total, ret, vif, result = 0; char *ptr; struct mroute4 mroute; struct iface *iface; struct ifmatch state_in, state_out; if (!ifname || !group || !outbound || !num) { errno = EINVAL; return 1; } if (strchr(group, ':')) { #if !defined(HAVE_IPV6_MULTICAST_HOST) || !defined(HAVE_IPV6_MULTICAST_ROUTING) WARN("Ignored, IPv6 disabled."); return 0; #else struct mroute6 mroute; int mif; iface_match_init(&state_in); while ((mif = iface_match_mif_by_name(ifname, &state_in, NULL)) >= 0) { memset(&mroute, 0, sizeof(mroute)); mroute.inbound = mif; if (!source || inet_pton(AF_INET6, source, &mroute.source.sin6_addr) <= 0) { WARN("Invalid source IPv6 address: %s", source ?: "NONE"); return 1; } if (inet_pton(AF_INET6, group, &mroute.group.sin6_addr) <= 0 || !IN6_IS_ADDR_MULTICAST(&mroute.group.sin6_addr)) { WARN("Invalid IPv6 multicast group: %s", group); return 1; } total = 0; for (i = 0; i < num; i++) { iface_match_init(&state_out); while ((mif = iface_match_mif_by_name(outbound[i], &state_out, &iface)) >= 0) { if (mif == mroute.inbound) { state_out.match_count--; /* In case of wildcard matches, in==out is * quite normal, so don't complain */ if (!ifname_is_wildcard(ifname) && !ifname_is_wildcard(outbound[i])) WARN("Same outbound IPv6 interface (%s) as inbound (%s)?", outbound[i], ifname); continue; } /* Use a TTL threshold to indicate the list of outbound interfaces. */ mroute.ttl[mif] = iface->threshold; total++; } if (!state_out.match_count) WARN("Invalid outbound IPv6 interface: %s", outbound[i]); } if (!total) { WARN("No valid outbound interfaces, skipping multicast route."); result += 1; } else { result += mroute6_add(&mroute); } } if (!state_in.match_count) { WARN("Invalid inbound IPv6 interface: %s", ifname); return 1; } return result; #endif } iface_match_init(&state_in); while ((vif = iface_match_vif_by_name(ifname, &state_in, NULL)) >= 0) { memset(&mroute, 0, sizeof(mroute)); mroute.inbound = vif; if (!source) { mroute.source.s_addr = htonl(INADDR_ANY); } else if (inet_pton(AF_INET, source, &mroute.source) <= 0) { WARN("Invalid source IPv4 address: %s", source); return 1; } ptr = strchr(group, '/'); if (ptr) { if (mroute.source.s_addr != htonl(INADDR_ANY)) { WARN("GROUP/LEN not yet supported for source specific multicast."); return 1; } *ptr++ = 0; mroute.len = atoi(ptr); if (mroute.len < 0 || mroute.len > 32) { WARN("Invalid prefix length, %s/%d", group, mroute.len); return 1; } } ret = inet_pton(AF_INET, group, &mroute.group); if (ret <= 0 || !IN_MULTICAST(ntohl(mroute.group.s_addr))) { WARN("Invalid IPv4 multicast group: %s", group); return 1; } total = 0; for (i = 0; i < num; i++) { iface_match_init(&state_out); while ((vif = iface_match_vif_by_name(outbound[i], &state_out, &iface)) >= 0) { if (vif == mroute.inbound) { state_out.match_count--; if (!ifname_is_wildcard(ifname) && !ifname_is_wildcard(outbound[i])) /* In case of wildcard matches, in==out is * quite normal, so don't complain */ WARN("Same outbound IPv4 interface (%s) as inbound (%s)?", outbound[i], ifname); continue; } /* Use a TTL threshold to indicate the list of outbound interfaces. */ mroute.ttl[vif] = iface->threshold; total++; } if (!state_out.match_count) WARN("Invalid outbound IPv4 interface: %s", outbound[i]); } if (!total) { WARN("No valid outbound IPv4 interfaces, skipping multicast route."); result += 1; } else { result += mroute4_add(&mroute); } } if (!state_in.match_count) { WARN("Invalid inbound IPv4 interface: %s", ifname); return 1; } return result; } /* * This function parses the given configuration file according to the * below format rules. Joins multicast groups and creates multicast * routes accordingly in the kernel. Whitespace is ignored. * * Format: * phyint IFNAME [threshold <1-255>] * mgroup from IFNAME group MCGROUP * ssmgroup from IFNAME source ADDRESS group MCGROUP * mroute from IFNAME source ADDRESS group MCGROUP to IFNAME [IFNAME ...] */ static int conf_parse(const char *file, int do_vifs) { int lineno = 1; char *linebuf, *line; FILE *fp; fp = fopen(file, "r"); if (!fp) return 1; linebuf = malloc(MAX_LINE_LEN * sizeof(char)); if (!linebuf) { int tmp = errno; fclose(fp); errno = tmp; return 1; } conf = file; while ((line = fgets(linebuf, MAX_LINE_LEN, fp))) { int op = 0, num = 0, enable = do_vifs; int mrdisc = 0, threshold = DEFAULT_THRESHOLD; char *token; char *ifname = NULL; char *source = NULL; char *group = NULL; char *dest[32]; DEBUG("Read line: '%s'", line); while ((token = pop_token(&line))) { /* Strip comments. */ if (match("#", token)) break; if (!op) { if (match("mgroup", token)) { op = 1; } else if (match("mroute", token)) { op = 2; } else if (match("phyint", token)) { op = 3; ifname = pop_token(&line); if (!ifname) op = 0; } else if (match("ssmgroup", token)) { op = 1; /* Compat */ } else { WARN("Unknown command %s, skipping.", token); continue; } } if (match("from", token)) { ifname = pop_token(&line); } else if (match("source", token)) { source = pop_token(&line); } else if (match("group", token)) { group = pop_token(&line); } else if (match("to", token)) { while ((dest[num] = pop_token(&line))) num++; } else if (match("enable", token)) { enable = 1; } else if (match("disable", token)) { enable = 0; } else if (match("mrdisc", token)) { mrdisc = 1; } else if (match("ttl-threshold", token)) { token = pop_token(&line); if (token) { int num = atoi(token); if (num >= 1 || num <= 255) threshold = num; } } } if (op == 1) { join_mgroup(lineno, ifname, source, group); } else if (op == 2) { add_mroute(lineno, ifname, group, source, dest, num); } else if (op == 3) { if (enable) mroute_add_vif(ifname, mrdisc, threshold); else mroute_del_vif(ifname); } lineno++; } free(linebuf); fclose(fp); return 0; } /* Parse .conf file and setup routes */ void conf_read(char *file, int do_vifs) { if (access(file, R_OK)) { if (errno == ENOENT) smclog(LOG_NOTICE, "Configuration file %s does not exist", file); else smclog(LOG_WARNING, "Unexpected error when accessing %s: %s", file, strerror(errno)); smclog(LOG_NOTICE, "Continuing anyway, waiting for client to connect."); return; } if (conf_parse(file, do_vifs)) smclog(LOG_WARNING, "Failed parsing %s: %s", file, strerror(errno)); else script_exec(NULL); } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/ip_mroute.h0000644000175000017500000002674213345172574015321 0ustar jockejocke/* Imported from Apple XNU sources, 2050.18.24 * https://opensource.apple.com/source/xnu/xnu-2050.18.24/bsd/netinet/ip_mroute.h * * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. * * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ * * This file contains Original Code and/or Modifications of Original Code * as defined in and that are subject to the Apple Public Source License * Version 2.0 (the 'License'). You may not use this file except in * compliance with the License. The rights granted to you under the License * may not be used to create, or enable the creation or redistribution of, * unlawful or unlicensed copies of an Apple operating system, or to * circumvent, violate, or enable the circumvention or violation of, any * terms of an Apple operating system software license agreement. * * Please obtain a copy of the License at * http://www.opensource.apple.com/apsl/ and read it before using this file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. * Please see the License for the specific language governing rights and * limitations under the License. * * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ */ /* * Copyright (c) 1989 Stephen Deering. * Copyright (c) 1992, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Stephen Deering of Stanford University. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)ip_mroute.h 8.1 (Berkeley) 6/10/93 */ #ifndef _NETINET_IP_MROUTE_H_ #define _NETINET_IP_MROUTE_H_ #include /* * Definitions for IP multicast forwarding. * * Written by David Waitzman, BBN Labs, August 1988. * Modified by Steve Deering, Stanford, February 1989. * Modified by Ajit Thyagarajan, PARC, August 1993. * Modified by Ajit Thyagarajan, PARC, August 1994. * * MROUTING Revision: 3.3.1.3 */ /* * Multicast Routing set/getsockopt commands. */ #define MRT_INIT 100 /* initialize forwarder */ #define MRT_DONE 101 /* shut down forwarder */ #define MRT_ADD_VIF 102 /* create virtual interface */ #define MRT_DEL_VIF 103 /* delete virtual interface */ #define MRT_ADD_MFC 104 /* insert forwarding cache entry */ #define MRT_DEL_MFC 105 /* delete forwarding cache entry */ #define MRT_VERSION 106 /* get kernel version number */ #define MRT_ASSERT 107 /* enable PIM assert processing */ #ifdef KERNEL_PRIVATE #define GET_TIME(t) microtime(&t) #endif /* KERNEL_PRIVATE */ #ifndef CONFIG_MAXVIFS #define CONFIG_MAXVIFS 32 /* 4635538 temp workaround */ #endif #ifndef CONFIG_MFCTBLSIZ #define CONFIG_MFCTBLSIZ 256 /* 4635538 temp workaround */ #endif /* * Types and macros for handling bitmaps with one bit per virtual interface. */ typedef u_int32_t vifbitmap_t; typedef u_short vifi_t; /* type of a vif index */ #define ALL_VIFS (vifi_t)-1 #define VIFM_SET(n, m) ((m) |= (1 << (n))) #define VIFM_CLR(n, m) ((m) &= ~(1 << (n))) #define VIFM_ISSET(n, m) ((m) & (1 << (n))) #define VIFM_CLRALL(m) ((m) = 0x00000000) #define VIFM_COPY(mfrom, mto) ((mto) = (mfrom)) #define VIFM_SAME(m1, m2) ((m1) == (m2)) /* * Argument structure for MRT_ADD_VIF. * (MRT_DEL_VIF takes a single vifi_t argument.) */ struct vifctl { vifi_t vifc_vifi; /* the index of the vif to be added */ u_char vifc_flags; /* VIFF_ flags defined below */ u_char vifc_threshold; /* min ttl required to forward on vif */ u_int vifc_rate_limit; /* max rate */ struct in_addr vifc_lcl_addr; /* local interface address */ struct in_addr vifc_rmt_addr; /* remote address (tunnels only) */ }; #define VIFF_TUNNEL 0x1 /* vif represents a tunnel end-point */ #define VIFF_SRCRT 0x2 /* tunnel uses IP source routing */ /* * Argument structure for MRT_ADD_MFC and MRT_DEL_MFC * (mfcc_tos to be added at a future point) */ struct mfcctl { struct in_addr mfcc_origin; /* ip origin of mcasts */ struct in_addr mfcc_mcastgrp; /* multicast group associated*/ vifi_t mfcc_parent; /* incoming vif */ u_char mfcc_ttls[CONFIG_MAXVIFS]; /* forwarding ttls on vifs */ }; /* * The kernel's multicast routing statistics. */ struct mrtstat { u_int32_t mrts_mfc_lookups; /* # forw. cache hash table hits */ u_int32_t mrts_mfc_misses; /* # forw. cache hash table misses */ u_int32_t mrts_upcalls; /* # calls to mrouted */ u_int32_t mrts_no_route; /* no route for packet's origin */ u_int32_t mrts_bad_tunnel; /* malformed tunnel options */ u_int32_t mrts_cant_tunnel; /* no room for tunnel options */ u_int32_t mrts_wrong_if; /* arrived on wrong interface */ u_int32_t mrts_upq_ovflw; /* upcall Q overflow */ u_int32_t mrts_cache_cleanups; /* # entries with no upcalls */ u_int32_t mrts_drop_sel; /* pkts dropped selectively */ u_int32_t mrts_q_overflow; /* pkts dropped - Q overflow */ u_int32_t mrts_pkt2large; /* pkts dropped - size > BKT SIZE */ u_int32_t mrts_upq_sockfull; /* upcalls dropped - socket full */ }; /* * Argument structure used by mrouted to get src-grp pkt counts */ struct sioc_sg_req { struct in_addr src; struct in_addr grp; u_int32_t pktcnt; u_int32_t bytecnt; u_int32_t wrong_if; }; /* * Argument structure used by mrouted to get vif pkt counts */ struct sioc_vif_req { vifi_t vifi; /* vif number */ u_int32_t icount; /* Input packet count on vif */ u_int32_t ocount; /* Output packet count on vif */ u_int32_t ibytes; /* Input byte count on vif */ u_int32_t obytes; /* Output byte count on vif */ }; #ifdef PRIVATE /* * The kernel's virtual-interface structure. */ struct tbf; struct ifnet; struct socket; struct vif { u_char v_flags; /* VIFF_ flags defined above */ u_char v_threshold; /* min ttl required to forward on vif*/ u_int v_rate_limit; /* max rate */ struct tbf *v_tbf; /* token bucket structure at intf. */ struct in_addr v_lcl_addr; /* local interface address */ struct in_addr v_rmt_addr; /* remote address (tunnels only) */ struct ifnet *v_ifp; /* pointer to interface */ u_int32_t v_pkt_in; /* # pkts in on interface */ u_int32_t v_pkt_out; /* # pkts out on interface */ u_int32_t v_bytes_in; /* # bytes in on interface */ u_int32_t v_bytes_out; /* # bytes out on interface */ struct route v_route; /* cached route if this is a tunnel */ u_int v_rsvp_on; /* RSVP listening on this vif */ struct socket *v_rsvpd; /* RSVP daemon socket */ }; #endif /* * The kernel's multicast forwarding cache entry structure * (A field for the type of service (mfc_tos) is to be added * at a future point) */ struct mfc { struct in_addr mfc_origin; /* IP origin of mcasts */ struct in_addr mfc_mcastgrp; /* multicast group associated*/ vifi_t mfc_parent; /* incoming vif */ u_char mfc_ttls[CONFIG_MAXVIFS]; /* forwarding ttls on vifs */ u_int32_t mfc_pkt_cnt; /* pkt count for src-grp */ u_int32_t mfc_byte_cnt; /* byte count for src-grp */ u_int32_t mfc_wrong_if; /* wrong if for src-grp */ int mfc_expire; /* time to clean entry up */ struct timeval mfc_last_assert; /* last time I sent an assert*/ struct rtdetq *mfc_stall; /* q of packets awaiting mfc */ struct mfc *mfc_next; /* next mfc entry */ }; /* * Struct used to communicate from kernel to multicast router * note the convenient similarity to an IP packet */ struct igmpmsg { u_int32_t unused1; u_int32_t unused2; u_char im_msgtype; /* what type of message */ #define IGMPMSG_NOCACHE 1 #define IGMPMSG_WRONGVIF 2 u_char im_mbz; /* must be zero */ u_char im_vif; /* vif rec'd on */ u_char unused3; struct in_addr im_src, im_dst; }; #define MFCTBLSIZ CONFIG_MFCTBLSIZ #ifdef KERNEL_PRIVATE /* * Argument structure used for pkt info. while upcall is made */ struct rtdetq { struct mbuf *m; /* A copy of the packet */ struct ifnet *ifp; /* Interface pkt came in on */ vifi_t xmt_vif; /* Saved copy of imo_multicast_vif */ #if UPCALL_TIMING struct timeval t; /* Timestamp */ #endif /* UPCALL_TIMING */ struct rtdetq *next; /* Next in list of packets */ }; #if (CONFIG_MFCTBLSIZ & (CONFIG_MFCTBLSIZ - 1)) == 0 /* from sys:route.h */ #define MFCHASHMOD(h) ((h) & (CONFIG_MFCTBLSIZ - 1)) #else #define MFCHASHMOD(h) ((h) % CONFIG_MFCTBLSIZ) #endif #define MAX_UPQ 4 /* max. no of pkts in upcall Q */ /* * Token Bucket filter code */ #define MAX_BKT_SIZE 10000 /* 10K bytes size */ #define MAXQSIZE 10 /* max # of pkts in queue */ /* * the token bucket filter at each vif */ struct tbf { struct timeval tbf_last_pkt_t; /* arr. time of last pkt */ u_int32_t tbf_n_tok; /* no of tokens in bucket */ u_int32_t tbf_q_len; /* length of queue at this vif */ u_int32_t tbf_max_q_len; /* max. queue length */ struct mbuf *tbf_q; /* Packet queue */ struct mbuf *tbf_t; /* tail-insertion pointer */ }; struct sockopt; extern int (*ip_mrouter_set)(struct socket *, struct sockopt *); extern int (*ip_mrouter_get)(struct socket *, struct sockopt *); extern int (*ip_mrouter_done)(void); #if MROUTING extern int (*mrt_ioctl)(u_long, caddr_t); #else extern int (*mrt_ioctl)(u_long, caddr_t, struct proc *); #endif #endif /* KERNEL_PRIVATE */ #endif /* _NETINET_IP_MROUTE_H_ */ smcroute-2.4.2/src/ipc.h0000644000175000017500000000066313345172574014063 0ustar jockejocke/* Daemon IPC API */ #ifndef SMCROUTE_IPC_H_ #define SMCROUTE_IPC_H_ #include "config.h" #ifdef ENABLE_CLIENT int ipc_init (void); void ipc_exit (void); int ipc_send (int sd, char *buf, size_t len); void *ipc_receive (int sd, char *buf, size_t len); #else #define ipc_init() #define ipc_exit() #endif #endif /* SMCROUTE_IPC_H_ */ /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/conf.h0000644000175000017500000000045613345172574014235 0ustar jockejocke#ifndef SMCROUTE_CONF_H_ #define SMCROUTE_CONF_H_ #include "config.h" #ifdef ENABLE_DOTCONF void conf_read(char *file, int do_vifs); #else #define conf_read(file, do_vifs) #endif #endif /* SMCROUTE_CONF_H_ */ /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/mroute.c0000644000175000017500000007764513345172574014634 0ustar jockejocke/* Generic kernel multicast routing API for Linux and *BSD * * Copyright (C) 2001-2005 Carsten Schill * Copyright (C) 2006-2009 Julien BLACHE * Copyright (C) 2009 Todd Hayton * Copyright (C) 2009-2011 Micha Lenk * Copyright (C) 2011-2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" #include #ifdef HAVE_FCNTL_H #include #endif #include #include /* snprintf() */ #include #include #include #include #include #include #include "log.h" #include "ifvc.h" #include "ipc.h" #include "script.h" #include "socket.h" #include "mrdisc.h" #include "mroute.h" #include "timer.h" #include "util.h" /* MAX_MC_VIFS from mroute.h must have same value as MAXVIFS from mroute.h */ #if MAX_MC_VIFS != MAXVIFS #error "IPv4 constants do not match, 'mroute.h' needs to be fixed!" #endif #ifdef HAVE_IPV6_MULTICAST_ROUTING /* MAX_MC_MIFS from mroute.h must have same value as MAXVIFS from mroute6.h */ #if MAX_MC_MIFS != MAXMIFS #error "IPv6 constants do not match, 'mroute.h' needs to be fixed!" #endif #endif /* * Cache flush timeout, used only for IPv4 (*,G) atm. */ static int cache_timeout = 0; /* * Raw IGMP socket used as interface for the IPv4 mrouted API. * Receives IGMP packets and upcall messages from the kernel. */ static int mroute4_socket = -1; /* * User added/configured (*,G) matched on-demand at runtime. See * mroute4_dyn_list for the (S,G) routes set from this "template". */ LIST_HEAD(, mroute4) mroute4_conf_list = LIST_HEAD_INITIALIZER(); /* * Dynamically, on-demand, set (S,G) routes. Tracks if the user * removes a configured (*,G) route. */ LIST_HEAD(, mroute4) mroute4_dyn_list = LIST_HEAD_INITIALIZER(); /* * Tracks regular static routes, mostly for 'smcroutectl show' */ LIST_HEAD(, mroute4) mroute4_static_list = LIST_HEAD_INITIALIZER(); #ifdef HAVE_IPV6_MULTICAST_ROUTING /* * Raw ICMPv6 socket used as interface for the IPv6 mrouted API. * Receives MLD packets and upcall messages from the kenrel. */ static int mroute6_socket = -1; #endif /* IPv4 internal virtual interfaces (VIF) descriptor vector */ static struct { struct iface *iface; } vif_list[MAXVIFS]; static int mroute4_add_vif(struct iface *iface); #ifdef HAVE_IPV6_MULTICAST_ROUTING /* IPv6 internal virtual interfaces (VIF) descriptor vector */ static struct mif { struct iface *iface; } mif_list[MAXMIFS]; static int mroute6_add_mif(struct iface *iface); #endif /* Check for kernel IGMPMSG_NOCACHE for (*,G) hits. I.e., source-less routes. */ static void handle_nocache4(int sd, void *arg) { int result; char tmp[128]; struct ip *ip; struct igmpmsg *igmpctl; (void)arg; memset(tmp, 0, sizeof(tmp)); result = read(sd, tmp, sizeof(tmp)); if (result < 0) { smclog(LOG_WARNING, "Failed reading IGMP message from kernel: %s", strerror(errno)); return; } /* packets sent up from kernel to daemon have ip->ip_p = 0 */ ip = (struct ip *)tmp; igmpctl = (struct igmpmsg *)tmp; /* Check for IGMPMSG_NOCACHE to do (*,G) based routing. */ if (ip->ip_p == 0 && igmpctl->im_msgtype == IGMPMSG_NOCACHE) { struct iface *iface; struct mroute mrt; struct mroute4 mroute; char origin[INET_ADDRSTRLEN], group[INET_ADDRSTRLEN]; memset(&mroute, 0, sizeof(mroute)); mroute.group.s_addr = igmpctl->im_dst.s_addr; mroute.source.s_addr = igmpctl->im_src.s_addr; mroute.inbound = igmpctl->im_vif; inet_ntop(AF_INET, &mroute.group, group, INET_ADDRSTRLEN); inet_ntop(AF_INET, &mroute.source, origin, INET_ADDRSTRLEN); smclog(LOG_DEBUG, "New multicast data from %s to group %s on VIF %d", origin, group, mroute.inbound); iface = iface_find_by_vif(mroute.inbound); if (!iface) { smclog(LOG_WARNING, "No matching interface for VIF %d, cannot add mroute.", mroute.inbound); return; } /* Find any matching route for this group on that iif. */ result = mroute4_dyn_add(&mroute); if (result) { /* * This is a common error, the router receives streams it is not * set up to route -- we ignore these by default, but if the user * sets a more permissive log level we help out by showing what * is going on. */ if (ENOENT == errno) smclog(LOG_INFO, "Multicast from %s, group %s, on %s does not match any (*,G) rule", origin, group, iface->name); return; } mrt.version = 4; mrt.u.mroute4 = mroute; script_exec(&mrt); } } static void cache_flush(void *arg) { (void)arg; smclog(LOG_INFO, "Cache timeout, flushing unused (*,G) routes!"); mroute4_dyn_expire(cache_timeout); } /** * mroute4_enable - Initialise IPv4 multicast routing * * Setup the kernel IPv4 multicast routing API and lock the multicast * routing socket to this program (only!). * * Returns: * POSIX OK(0) on success, non-zero on error with @errno set. */ int mroute4_enable(int do_vifs, int table_id, int timeout) { int arg = 1; struct iface *iface; static int running = 0; if (mroute4_socket < 0) { mroute4_socket = socket_create(AF_INET, SOCK_RAW, IPPROTO_IGMP, handle_nocache4, NULL); if (mroute4_socket < 0) { if (ENOPROTOOPT == errno) smclog(LOG_WARNING, "Kernel does not even support IGMP, skipping ..."); return -1; } } #ifdef MRT_TABLE /* Currently only available on Linux */ if (table_id != 0) { smclog(LOG_INFO, "Setting IPv4 multicast routing table id %d", table_id); if (setsockopt(mroute4_socket, IPPROTO_IP, MRT_TABLE, &table_id, sizeof(table_id)) < 0) { smclog(LOG_ERR, "Cannot set IPv4 multicast routing table id: %s", strerror(errno)); smclog(LOG_ERR, "Make sure your kernel has CONFIG_IP_MROUTE_MULTIPLE_TABLES=y"); goto error; } } #else (void)table_id; #endif if (setsockopt(mroute4_socket, IPPROTO_IP, MRT_INIT, (void *)&arg, sizeof(arg))) { switch (errno) { case EADDRINUSE: smclog(LOG_ERR, "IPv4 multicast routing API already in use: %s", strerror(errno)); break; case EOPNOTSUPP: smclog(LOG_ERR, "Kernel does not support IPv4 multicast routing, skipping ..."); break; default: smclog(LOG_ERR, "Failed initializing IPv4 multicast routing API: %s", strerror(errno)); break; } goto error; } /* Initialize virtual interface table */ memset(&vif_list, 0, sizeof(vif_list)); /* Create virtual interfaces (VIFs) for all non-loopback interfaces supporting multicast */ if (do_vifs) { for (iface = iface_iterator(1); iface; iface = iface_iterator(0)) mroute4_add_vif(iface); } LIST_INIT(&mroute4_conf_list); LIST_INIT(&mroute4_dyn_list); LIST_INIT(&mroute4_static_list); if (timeout && !running) { running++; cache_timeout = timeout; timer_add(timeout, cache_flush, NULL); } return 0; error: socket_close(mroute4_socket); mroute4_socket = -1; return -1; } /** * mroute4_disable - Disable IPv4 multicast routing * * Disable IPv4 multicast routing and release kernel routing socket. */ void mroute4_disable(int close_socket) { struct mroute4 *entry, *tmp; if (mroute4_socket < 0) return; /* Drop all kernel routes set by smcroute */ if (setsockopt(mroute4_socket, IPPROTO_IP, MRT_DONE, NULL, 0)) smclog(LOG_WARNING, "Failed shutting down IPv4 multicast routing socket: %s", strerror(errno)); if (close_socket) { socket_close(mroute4_socket); mroute4_socket = -1; } /* Free list of (*,G) routes on SIGHUP */ LIST_FOREACH_SAFE(entry, &mroute4_conf_list, link, tmp) { LIST_REMOVE(entry, link); free(entry); } LIST_FOREACH_SAFE(entry, &mroute4_dyn_list, link, tmp) { LIST_REMOVE(entry, link); free(entry); } LIST_FOREACH_SAFE(entry, &mroute4_static_list, link, tmp) { LIST_REMOVE(entry, link); free(entry); } } /* Create a virtual interface from @iface so it can be used for IPv4 multicast routing. */ static int mroute4_add_vif(struct iface *iface) { struct vifctl vc; int vif = -1; size_t i; if (mroute4_socket < 0) return -1; if ((iface->flags & IFF_MULTICAST) != IFF_MULTICAST) { smclog(LOG_INFO, "Interface %s is not multicast capable, skipping VIF.", iface->name); iface->vif = -1; return 0; } /* find a free vif */ for (i = 0; i < NELEMS(vif_list); i++) { if (!vif_list[i].iface) { vif = i; break; } } /* no more space */ if (vif == -1) { errno = ENOMEM; smclog(LOG_WARNING, "Kernel MAXVIFS (%d) too small for number of interfaces: %s", MAXVIFS, strerror(errno)); return 1; } memset(&vc, 0, sizeof(vc)); vc.vifc_vifi = vif; vc.vifc_flags = 0; /* no tunnel, no source routing, register ? */ vc.vifc_threshold = iface->threshold; vc.vifc_rate_limit = 0; /* hopefully no limit */ #ifdef VIFF_USE_IFINDEX /* Register VIF using ifindex, not lcl_addr, since Linux 2.6.33 */ vc.vifc_flags |= VIFF_USE_IFINDEX; vc.vifc_lcl_ifindex = iface->ifindex; #else vc.vifc_lcl_addr.s_addr = iface->inaddr.s_addr; #endif vc.vifc_rmt_addr.s_addr = htonl(INADDR_ANY); smclog(LOG_DEBUG, "Map iface %-16s => VIF %-2d ifindex %2d flags 0x%04x TTL threshold %u", iface->name, vc.vifc_vifi, iface->ifindex, vc.vifc_flags, iface->threshold); if (setsockopt(mroute4_socket, IPPROTO_IP, MRT_ADD_VIF, (void *)&vc, sizeof(vc))) { smclog(LOG_ERR, "Failed adding VIF for iface %s: %s", iface->name, strerror(errno)); iface->vif = -1; return 1; } iface->vif = vif; vif_list[vif].iface = iface; if (iface->mrdisc) return mrdisc_register(iface->name, vif); return 0; } static int mroute4_del_vif(struct iface *iface) { int ret; int16_t vif = iface->vif; if (mroute4_socket < 0) return -1; if (-1 == vif) return 0; /* No VIF setup for iface, skip */ smclog(LOG_DEBUG, "Removing %-16s => VIF %-2d", iface->name, vif); #ifdef __linux__ struct vifctl vc = { .vifc_vifi = vif }; ret = setsockopt(mroute4_socket, IPPROTO_IP, MRT_DEL_VIF, (void *)&vc, sizeof(vc)); #else ret = setsockopt(mroute4_socket, IPPROTO_IP, MRT_DEL_VIF, (void *)&vif, sizeof(vif)); #endif if (ret) smclog(LOG_ERR, "Failed deleting VIF for iface %s: %s", iface->name, strerror(errno)); else iface->vif = -1; if (iface->mrdisc) return mrdisc_deregister(vif); return 0; } /* Actually set in kernel - called by mroute4_add() and mroute4_check_add() */ static int kern_add4(struct mroute4 *route, int active) { char origin[INET_ADDRSTRLEN], group[INET_ADDRSTRLEN]; struct mfcctl mc; if (mroute4_socket < 0) return -1; memset(&mc, 0, sizeof(mc)); mc.mfcc_origin = route->source; mc.mfcc_mcastgrp = route->group; mc.mfcc_parent = route->inbound; /* copy the TTL vector */ if (sizeof(mc.mfcc_ttls[0]) != sizeof(route->ttl[0]) || NELEMS(mc.mfcc_ttls) != NELEMS(route->ttl)) { smclog(LOG_ERR, "Critical data type validation error in %s!", __FILE__); exit(255); } memcpy(mc.mfcc_ttls, route->ttl, NELEMS(mc.mfcc_ttls) * sizeof(mc.mfcc_ttls[0])); if (setsockopt(mroute4_socket, IPPROTO_IP, MRT_ADD_MFC, &mc, sizeof(mc))) { smclog(LOG_WARNING, "failed adding IPv4 multicast route: %s", strerror(errno)); return 1; } if (active) { smclog(LOG_DEBUG, "Add %s -> %s from VIF %d", inet_ntop(AF_INET, &mc.mfcc_origin, origin, INET_ADDRSTRLEN), inet_ntop(AF_INET, &mc.mfcc_mcastgrp, group, INET_ADDRSTRLEN), mc.mfcc_parent); /* Only enable mrdisc for active routes, i.e. with outbound */ mrdisc_enable(route->inbound); } return 0; } /* Actually remove from kernel - called by mroute4_del() */ static int kern_del4(struct mroute4 *route, int active) { char origin[INET_ADDRSTRLEN], group[INET_ADDRSTRLEN]; struct mfcctl mc; if (mroute4_socket < 0) return -1; memset(&mc, 0, sizeof(mc)); mc.mfcc_origin = route->source; mc.mfcc_mcastgrp = route->group; if (setsockopt(mroute4_socket, IPPROTO_IP, MRT_DEL_MFC, &mc, sizeof(mc))) { if (ENOENT == errno) smclog(LOG_DEBUG, "failed removing multicast route, does not exist."); else smclog(LOG_DEBUG, "failed removing IPv4 multicast route: %s", strerror(errno)); return 1; } if (active) { smclog(LOG_DEBUG, "Del %s -> %s", inet_ntop(AF_INET, &mc.mfcc_origin, origin, INET_ADDRSTRLEN), inet_ntop(AF_INET, &mc.mfcc_mcastgrp, group, INET_ADDRSTRLEN)); /* Only disable mrdisc for active routes. */ mrdisc_disable(route->inbound); } return 0; } /* * Used for exact (S,G) matching */ static int is_exact_match4(struct mroute4 *a, struct mroute4 *b) { if (a->source.s_addr == b->source.s_addr && a->group.s_addr == b->group.s_addr && a->len == b->len && a->inbound == b->inbound) return 1; return 0; } /* * Used for (*,G) matches * * The incoming candidate is compared to the configured rule, e.g. * does 225.1.2.3 fall inside 225.0.0.0/8? => Yes * does 225.1.2.3 fall inside 225.0.0.0/15? => Yes * does 225.1.2.3 fall inside 225.0.0.0/16? => No */ static int is_match4(struct mroute4 *rule, struct mroute4 *cand) { uint32_t g1, g2, mask; if (rule->inbound != cand->inbound) return 0; if (rule->len > 0) mask = 0xFFFFFFFFu << (32 - rule->len); else mask = 0xFFFFFFFFu; mask = htonl(mask); g1 = rule->group.s_addr & mask; g2 = cand->group.s_addr & mask; return g1 == g2; } /** * mroute4_dyn_add - Add route to kernel if it matches a known (*,G) route. * @route: Pointer to candidate struct mroute4 IPv4 multicast route * * Returns: * POSIX OK(0) on success, non-zero on error with @errno set. */ int mroute4_dyn_add(struct mroute4 *route) { struct mroute4 *entry, *new_entry; int ret; LIST_FOREACH(entry, &mroute4_conf_list, link) { /* Find matching (*,G) ... and interface. */ if (!is_match4(entry, route)) continue; /* Use configured template (*,G) outbound interfaces. */ memcpy(route->ttl, entry->ttl, NELEMS(route->ttl) * sizeof(route->ttl[0])); break; } if (!entry) { /* * No match, add entry without outbound interfaces * nevertheless to avoid continuous cache misses from * the kernel. Note that this still gets reported as an * error (ENOENT) below. */ memset(route->ttl, 0, NELEMS(route->ttl) * sizeof(route->ttl[0])); } ret = kern_add4(route, entry ? 1 : 0); if (ret) return ret; /* * Add to list of dynamically added routes. Necessary if the user * removes the (*,G) using the command line interface rather than * updating the conf file and SIGHUP. Note: if we fail to alloc() * memory we don't do anything, just add kernel route silently. */ new_entry = malloc(sizeof(struct mroute4)); if (new_entry) { memcpy(new_entry, route, sizeof(struct mroute4)); LIST_INSERT_HEAD(&mroute4_dyn_list, new_entry, link); } /* Signal to cache handler we've added a stop filter */ if (!entry) { errno = ENOENT; return -1; } return 0; } /* * Query kernel for install MFC entry usage statistics */ static int get_stats4(struct mroute4 *route, unsigned long *pktcnt, unsigned long *bytecnt, unsigned long *wrong_if) { struct sioc_sg_req sg_req; if (mroute4_socket < 0) return -1; memset(&sg_req, 0, sizeof(sg_req)); sg_req.src = route->source; sg_req.grp = route->group; if (ioctl(mroute4_socket, SIOCGETSGCNT, &sg_req) < 0) { if (wrong_if) smclog(LOG_WARNING, "Failed getting MFC stats: %s", strerror(errno)); return errno; } if (pktcnt) *pktcnt = sg_req.pktcnt; if (bytecnt) *bytecnt = sg_req.bytecnt; if (wrong_if) *wrong_if = sg_req.wrong_if; return 0; } static int is_active4(struct mroute4 *route) { size_t i; for (i = 0; i < NELEMS(route->ttl); i++) { if (route->ttl[i]) return 1; } return 0; } /* * Get valid packet usage statistics (i.e. number of actually forwarded * packets) from the kernel for an installed MFC entry */ static unsigned long get_valid_pkt4(struct mroute4 *route) { unsigned long pktcnt = 0, wrong_if = 0; if (get_stats4(route, &pktcnt, NULL, &wrong_if) < 0) return 0; return pktcnt - wrong_if; } /** * mroute4_dyn_expire - Expire dynamically added (*,G) routes * @max_idle: Timeout for routes in seconds, 0 to expire all dynamic routes * * This function flushes all (*,G) routes which haven't been used (i.e. no * packets matching them have been forwarded) in the last max_idle seconds. * It is called periodically on cache-timeout or on request of smcroutectl. * The latter is useful in case of topology changes (e.g. VRRP fail-over) * or similar. */ void mroute4_dyn_expire(int max_idle) { struct mroute4 *entry, *tmp; struct timespec now; clock_gettime(CLOCK_MONOTONIC, &now); LIST_FOREACH_SAFE(entry, &mroute4_dyn_list, link, tmp) { if (!entry->last_use) { /* New entry */ entry->last_use = now.tv_sec; entry->valid_pkt = get_valid_pkt4(entry); } if (entry->last_use + max_idle <= now.tv_sec) { unsigned long valid_pkt; valid_pkt = get_valid_pkt4(entry); if (valid_pkt != entry->valid_pkt) { /* Used since last check, update */ entry->last_use = now.tv_sec; entry->valid_pkt = valid_pkt; continue; } /* Not used, expire */ kern_del4(entry, is_active4(entry)); LIST_REMOVE(entry, link); free(entry); } } } static int mroute4_exists(struct mroute4 *route) { struct mroute4 *entry; LIST_FOREACH(entry, &mroute4_conf_list, link) { if (is_match4(entry, route)) { smclog(LOG_INFO, "(*,G) route already exists"); return 1; } } LIST_FOREACH(entry, &mroute4_static_list, link) { if (is_exact_match4(entry, route)) { smclog(LOG_INFO, "Static route already exists"); return 1; } } return 0; } /* Only inbound differs, there can only be one ... */ static struct mroute4 *mroute4_similar(struct mroute4 *route) { struct mroute4 *entry; LIST_FOREACH(entry, &mroute4_static_list, link) { if (entry->source.s_addr == route->source.s_addr && entry->group.s_addr == route->group.s_addr && entry->len == route->len) return entry; } return NULL; } /** * mroute4_add - Add route to kernel, or save a wildcard route for later use * @route: Pointer to struct mroute4 IPv4 multicast route to add * * Adds the given multicast @route to the kernel multicast routing table * unless the source IP is %INADDR_ANY, i.e., a (*,G) route. Those we * save for and check against at runtime when the kernel signals us. * * Returns: * POSIX OK(0) on success, non-zero on error with @errno set. */ int mroute4_add(struct mroute4 *route) { struct mroute4 *entry; /* Exact match, then skip ... */ if (mroute4_exists(route)){ errno = EEXIST; return 1; } /* ... (S,G) matches and inbound differs, then replace route */ entry = mroute4_similar(route); if (entry) { kern_del4(entry, is_active4(entry)); LIST_REMOVE(entry, link); free(entry); } entry = malloc(sizeof(struct mroute4)); if (!entry) { smclog(LOG_WARNING, "Cannot add multicast route: %s", strerror(errno)); return 1; } memcpy(entry, route, sizeof(struct mroute4)); /* * For (*,G) we save to a linked list to be added on-demand when * the kernel sends IGMPMSG_NOCACHE. */ if (route->source.s_addr == htonl(INADDR_ANY)) { struct mroute4 *dyn, *tmp; LIST_INSERT_HEAD(&mroute4_conf_list, entry, link); /* Also, immediately expire any currently blocked traffic */ LIST_FOREACH_SAFE(dyn, &mroute4_dyn_list, link, tmp) { if (!is_active4(dyn) && is_match4(entry, dyn)) { kern_del4(dyn, 0); LIST_REMOVE(dyn, link); free(dyn); break; } } return 0; } LIST_INSERT_HEAD(&mroute4_static_list, entry, link); return kern_add4(route, 1); } /* Remove from kernel and linked list */ static int do_mroute4_del(struct mroute4 *entry) { int ret; ret = kern_del4(entry, is_active4(entry)); if (ret && ENOENT != errno) return ret; /* Also remove on ENOENT */ LIST_REMOVE(entry, link); free(entry); return ret; } /** * mroute4_del - Remove route from kernel, or all matching routes if wildcard * @route: Pointer to struct mroute4 IPv4 multicast route to remove * * Removes the given multicast @route from the kernel multicast routing * table, or if the @route is a wildcard, then all matching kernel * routes are removed, as well as the wildcard. * * Returns: * POSIX OK(0) on success, non-zero on error with @errno set. */ int mroute4_del(struct mroute4 *route) { struct mroute4 *entry, *set, *tmp; if (route->source.s_addr != htonl(INADDR_ANY)) { LIST_FOREACH_SAFE(entry, &mroute4_static_list, link, tmp) { if (!is_exact_match4(entry, route)) continue; return do_mroute4_del(entry); } /* Not found in static list, check if spawned from a (*,G) rule. */ LIST_FOREACH_SAFE(entry, &mroute4_dyn_list, link, tmp) { if (!is_exact_match4(entry, route)) continue; return do_mroute4_del(entry); } errno = ENOENT; return -1; } /* Find matching (*,G) ... and interface .. and prefix length. */ LIST_FOREACH_SAFE(entry, &mroute4_conf_list, link, tmp) { int ret = 0; if (!is_match4(entry, route) || entry->len != route->len) continue; /* Remove all (S,G) routes spawned from the (*,G) as well ... */ LIST_FOREACH_SAFE(set, &mroute4_dyn_list, link, tmp) { if (!is_match4(entry, set) || entry->len != route->len) continue; ret += do_mroute4_del(set); } if (!ret) { LIST_REMOVE(entry, link); free(entry); } return ret; } errno = ENOENT; return -1; } #ifdef HAVE_IPV6_MULTICAST_ROUTING #ifdef __linux__ #define IPV6_ALL_MC_FORWARD "/proc/sys/net/ipv6/conf/all/mc_forwarding" static int proc_set_val(char *file, int val) { int fd, result = 0; fd = open(file, O_WRONLY); if (fd < 0) return 1; if (-1 == write(fd, "1", val)) result = 1; close(fd); return result; } #endif /* Linux only */ /* * Receive and drop ICMPv6 stuff. This is either MLD packets or upcall * messages sent up from the kernel. * * XXX: Currently MRT6MSG_NOCACHE messages for IPv6 (*,G) is unsupported. */ static void handle_nocache6(int sd, void *arg) { int result; char tmp[128]; (void)arg; result = read(sd, tmp, sizeof(tmp)); if (result < 0) smclog(LOG_INFO, "Failed clearing MLD message from kernel: %s", strerror(errno)); } #endif /* HAVE_IPV6_MULTICAST_ROUTING */ /** * mroute6_enable - Initialise IPv6 multicast routing * * Setup the kernel IPv6 multicast routing API and lock the multicast * routing socket to this program (only!). * * Returns: * POSIX OK(0) on success, non-zero on error with @errno set. */ int mroute6_enable(int do_vifs, int table_id) { #ifndef HAVE_IPV6_MULTICAST_ROUTING (void)do_vifs; (void)table_id; #else int arg = 1; struct iface *iface; if (mroute6_socket < 0) { mroute6_socket = socket_create(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6, handle_nocache6, NULL); if (mroute6_socket < 0) { if (ENOPROTOOPT == errno) smclog(LOG_WARNING, "Kernel does not even support IPv6 ICMP, skipping ..."); return -1; } } #ifdef MRT6_TABLE /* Currently only available on Linux */ if (table_id != 0) { smclog(LOG_INFO, "Setting IPv6 multicast routing table id %d", table_id); if (setsockopt(mroute6_socket, IPPROTO_IPV6, MRT6_TABLE, &table_id, sizeof(table_id)) < 0) { smclog(LOG_ERR, "Cannot set IPv6 multicast routing table id: %s", strerror(errno)); smclog(LOG_ERR, "Make sure your kernel has CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y"); goto error; } } #else (void)table_id; #endif if (setsockopt(mroute6_socket, IPPROTO_IPV6, MRT6_INIT, (void *)&arg, sizeof(arg))) { switch (errno) { case EADDRINUSE: smclog(LOG_ERR, "IPv6 multicast routing API already in use: %s", strerror(errno)); break; case EOPNOTSUPP: smclog(LOG_ERR, "Kernel does not support IPv6 multicast routing, skipping ..."); break; default: smclog(LOG_ERR, "Failed initializing IPv6 multicast routing API: %s", strerror(errno)); break; } goto error; } /* Initialize virtual interface table */ memset(&mif_list, 0, sizeof(mif_list)); #ifdef __linux__ /* On Linux pre 2.6.29 kernels net.ipv6.conf.all.mc_forwarding * is not set on MRT6_INIT so we have to do this manually */ if (proc_set_val(IPV6_ALL_MC_FORWARD, 1)) { if (errno != EACCES) { smclog(LOG_ERR, "Failed enabling IPv6 multicast forwarding: %s", strerror(errno)); goto error; } } #endif /* Create virtual interfaces, IPv6 MIFs, for all non-loopback interfaces */ if (do_vifs) { for (iface = iface_iterator(1); iface; iface = iface_iterator(0)) mroute6_add_mif(iface); } return 0; error: socket_close(mroute6_socket); mroute6_socket = -1; #endif /* HAVE_IPV6_MULTICAST_ROUTING */ return -1; } /** * mroute6_disable - Disable IPv6 multicast routing * * Disable IPv6 multicast routing and release kernel routing socket. */ void mroute6_disable(int close_socket) { #ifdef HAVE_IPV6_MULTICAST_ROUTING if (mroute6_socket < 0) return; if (setsockopt(mroute6_socket, IPPROTO_IPV6, MRT6_DONE, NULL, 0)) smclog(LOG_WARNING, "Failed shutting down IPv6 multicast routing socket: %s", strerror(errno)); if (close_socket) { socket_close(mroute6_socket); mroute6_socket = -1; } #endif /* HAVE_IPV6_MULTICAST_ROUTING */ } #ifdef HAVE_IPV6_MULTICAST_ROUTING /* Create a virtual interface from @iface so it can be used for IPv6 multicast routing. */ static int mroute6_add_mif(struct iface *iface) { struct mif6ctl mc; int mif = -1; size_t i; if (mroute6_socket == -1) return 0; if ((iface->flags & IFF_MULTICAST) != IFF_MULTICAST) { smclog(LOG_INFO, "Interface %s is not multicast capable, skipping MIF.", iface->name); iface->mif = -1; return 0; } /* find a free mif */ for (i = 0; i < NELEMS(mif_list); i++) { if (!mif_list[i].iface) { mif = i; break; } } /* no more space */ if (mif == -1) { errno = ENOMEM; smclog(LOG_WARNING, "Kernel MAXMIFS (%d) too small for number of interfaces: %s", MAXMIFS, strerror(errno)); return 1; } memset(&mc, 0, sizeof(mc)); mc.mif6c_mifi = mif; mc.mif6c_flags = 0; /* no register */ #ifdef HAVE_MIF6CTL_VIFC_THRESHOLD mc.vifc_threshold = iface->threshold; #endif mc.mif6c_pifi = iface->ifindex; /* physical interface index */ #ifdef HAVE_MIF6CTL_VIFC_RATE_LIMIT mc.vifc_rate_limit = 0; /* hopefully no limit */ #endif smclog(LOG_DEBUG, "Map iface %-16s => MIF %-2d ifindex %2d flags 0x%04x TTL threshold %u", iface->name, mc.mif6c_mifi, mc.mif6c_pifi, mc.mif6c_flags, iface->threshold); if (setsockopt(mroute6_socket, IPPROTO_IPV6, MRT6_ADD_MIF, (void *)&mc, sizeof(mc))) { smclog(LOG_ERR, "Failed adding MIF for iface %s: %s", iface->name, strerror(errno)); iface->mif = -1; return 1; } iface->mif = mif; mif_list[mif].iface = iface; return 0; } static int mroute6_del_mif(struct iface *iface) { int16_t mif = iface->mif; if (mroute6_socket == -1) return 0; if (-1 == mif) return 0; /* No MIF setup for iface, skip */ smclog(LOG_DEBUG, "Removing %-16s => MIF %-2d", iface->name, mif); if (setsockopt(mroute6_socket, IPPROTO_IPV6, MRT6_DEL_MIF, (void *)&mif, sizeof(mif))) smclog(LOG_ERR, "Failed deleting MIF for iface %s: %s", iface->name, strerror(errno)); else iface->mif = -1; return 0; } /** * mroute6_add - Add route to kernel, or save a wildcard route for later use * @route: Pointer to struct mroute6 IPv6 multicast route to add * * Adds the given multicast @route to the kernel multicast routing table. * * Returns: * POSIX OK(0) on success, non-zero on error with @errno set. */ int mroute6_add(struct mroute6 *route) { size_t i; char origin[INET6_ADDRSTRLEN], group[INET6_ADDRSTRLEN]; struct mf6cctl mc; if (mroute6_socket == -1) return 0; memset(&mc, 0, sizeof(mc)); mc.mf6cc_origin = route->source; mc.mf6cc_mcastgrp = route->group; mc.mf6cc_parent = route->inbound; /* copy the outgoing MIFs */ for (i = 0; i < NELEMS(route->ttl); i++) { if (route->ttl[i] > 0) IF_SET(i, &mc.mf6cc_ifset); } if (setsockopt(mroute6_socket, IPPROTO_IPV6, MRT6_ADD_MFC, (void *)&mc, sizeof(mc))) { smclog(LOG_DEBUG, "failed adding IPv6 multicast route: %s", strerror(errno)); return 1; } smclog(LOG_DEBUG, "Add %s -> %s from MIF %d", inet_ntop(AF_INET6, &mc.mf6cc_origin.sin6_addr, origin, INET6_ADDRSTRLEN), inet_ntop(AF_INET6, &mc.mf6cc_mcastgrp.sin6_addr, group, INET6_ADDRSTRLEN), mc.mf6cc_parent); return 0; } /** * mroute6_del - Remove route from kernel * @route: Pointer to struct mroute6 IPv6 multicast route to remove * * Removes the given multicast @route from the kernel multicast routing * table. * * Returns: * POSIX OK(0) on success, non-zero on error with @errno set. */ int mroute6_del(struct mroute6 *route) { char origin[INET6_ADDRSTRLEN], group[INET6_ADDRSTRLEN]; struct mf6cctl mc; if (mroute6_socket == -1) return 0; memset(&mc, 0, sizeof(mc)); mc.mf6cc_origin = route->source; mc.mf6cc_mcastgrp = route->group; if (setsockopt(mroute6_socket, IPPROTO_IPV6, MRT6_DEL_MFC, (void *)&mc, sizeof(mc))) { if (ENOENT == errno) smclog(LOG_DEBUG, "failed removing multicast route, does not exist."); else smclog(LOG_DEBUG, "failed removing IPv6 multicast route: %s", strerror(errno)); return 1; } smclog(LOG_DEBUG, "Del %s -> %s", inet_ntop(AF_INET6, &mc.mf6cc_origin.sin6_addr, origin, INET6_ADDRSTRLEN), inet_ntop(AF_INET6, &mc.mf6cc_mcastgrp.sin6_addr, group, INET6_ADDRSTRLEN)); return 0; } #endif /* HAVE_IPV6_MULTICAST_ROUTING */ /* Used by file parser to add VIFs/MIFs after setup */ int mroute_add_vif(char *ifname, uint8_t mrdisc, uint8_t threshold) { int ret = 0; struct iface *iface; struct ifmatch state; smclog(LOG_DEBUG, "Adding %s to list of multicast routing interfaces", ifname); iface_match_init(&state); while ((iface = iface_match_by_name(ifname, &state))) { iface->mrdisc = mrdisc; iface->threshold = threshold; ret += mroute4_add_vif(iface); #ifdef HAVE_IPV6_MULTICAST_ROUTING ret += mroute6_add_mif(iface); #endif } if (!state.match_count) return 1; else return ret; } /* Used by file parser to remove VIFs/MIFs after setup */ int mroute_del_vif(char *ifname) { int ret = 0; struct iface *iface; struct ifmatch state; smclog(LOG_DEBUG, "Pruning %s from list of multicast routing interfaces", ifname); iface_match_init(&state); while ((iface = iface_match_by_name(ifname, &state))) { ret += mroute4_del_vif(iface); #ifdef HAVE_IPV6_MULTICAST_ROUTING ret += mroute6_del_mif(iface); #endif } if (!state.match_count) return 1; else return ret; } #ifdef ENABLE_CLIENT static int show_mroute(int sd, struct mroute4 *r, int detail) { int vif; char src[INET_ADDRSTRLEN] = "*"; char grp[INET_ADDRSTRLEN]; char sg[INET_ADDRSTRLEN * 2 + 5]; char buf[MAX_MC_VIFS * 17 + 80]; struct iface *i; if (r->source.s_addr != htonl(INADDR_ANY)) inet_ntop(AF_INET, &r->source, src, sizeof(src)); inet_ntop(AF_INET, &r->group, grp, sizeof(grp)); i = iface_find_by_vif(r->inbound); snprintf(sg, sizeof(sg), "(%s, %s)", src, grp); snprintf(buf, sizeof(buf), "%-34s %-16s", sg, i->name); if (detail) { char stats[25]; unsigned long p = 0, b = 0; get_stats4(r, &p, &b, NULL); snprintf(stats, sizeof(stats), " %10.10lu %10.10lu ", p, b); strcat(buf, stats); } for (vif = 0; vif < MAX_MC_VIFS; vif++) { char tmp[22]; if (r->ttl[vif] == 0) continue; i = iface_find_by_vif(vif); if (!i) continue; snprintf(tmp, sizeof(tmp), " %s", i->name); strcat(buf, tmp); } strcat(buf, "\n"); if (ipc_send(sd, buf, strlen(buf)) < 0) { smclog(LOG_ERR, "Failed sending reply to client: %s", strerror(errno)); return -1; } return 0; } /* Write all (*,G) routes to client socket */ int mroute_show(int sd, int detail) { struct mroute4 *r; LIST_FOREACH(r, &mroute4_conf_list, link) { if (show_mroute(sd, r, detail) < 0) return 1; } LIST_FOREACH(r, &mroute4_dyn_list, link) { if (show_mroute(sd, r, detail) < 0) return 1; } LIST_FOREACH(r, &mroute4_static_list, link) { if (show_mroute(sd, r, detail) < 0) return 1; } return 0; } #endif /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/queue.h0000644000175000017500000004362113345172574014435 0ustar jockejocke/* $OpenBSD: queue.h,v 1.43 2015/12/28 19:38:40 millert Exp $ */ /* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */ /* * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)queue.h 8.5 (Berkeley) 8/20/94 */ #ifndef _SYS_QUEUE_H_ #define _SYS_QUEUE_H_ /* * This file defines five types of data structures: singly-linked lists, * lists, simple queues, tail queues and XOR simple queues. * * * A singly-linked list is headed by a single forward pointer. The elements * are singly linked for minimum space and pointer manipulation overhead at * the expense of O(n) removal for arbitrary elements. New elements can be * added to the list after an existing element or at the head of the list. * Elements being removed from the head of the list should use the explicit * macro for this purpose for optimum efficiency. A singly-linked list may * only be traversed in the forward direction. Singly-linked lists are ideal * for applications with large datasets and few or no removals or for * implementing a LIFO queue. * * A list is headed by a single forward pointer (or an array of forward * pointers for a hash table header). The elements are doubly linked * so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before * or after an existing element or at the head of the list. A list * may only be traversed in the forward direction. * * A simple queue is headed by a pair of pointers, one to the head of the * list and the other to the tail of the list. The elements are singly * linked to save space, so elements can only be removed from the * head of the list. New elements can be added to the list before or after * an existing element, at the head of the list, or at the end of the * list. A simple queue may only be traversed in the forward direction. * * A tail queue is headed by a pair of pointers, one to the head of the * list and the other to the tail of the list. The elements are doubly * linked so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before or * after an existing element, at the head of the list, or at the end of * the list. A tail queue may be traversed in either direction. * * An XOR simple queue is used in the same way as a regular simple queue. * The difference is that the head structure also includes a "cookie" that * is XOR'd with the queue pointer (first, last or next) to generate the * real pointer value. * * For details on the use of these macros, see the queue(3) manual page. */ #if defined(QUEUE_MACRO_DEBUG) || (defined(_KERNEL) && defined(DIAGNOSTIC)) #define _Q_INVALIDATE(a) (a) = ((void *)-1) #else #define _Q_INVALIDATE(a) #endif /* * Singly-linked List definitions. */ #define SLIST_HEAD(name, type) \ struct name { \ struct type *slh_first; /* first element */ \ } #define SLIST_HEAD_INITIALIZER(head) \ { NULL } #define SLIST_ENTRY(type) \ struct { \ struct type *sle_next; /* next element */ \ } /* * Singly-linked List access methods. */ #define SLIST_FIRST(head) ((head)->slh_first) #define SLIST_END(head) NULL #define SLIST_EMPTY(head) (SLIST_FIRST(head) == SLIST_END(head)) #define SLIST_NEXT(elm, field) ((elm)->field.sle_next) #define SLIST_FOREACH(var, head, field) \ for((var) = SLIST_FIRST(head); \ (var) != SLIST_END(head); \ (var) = SLIST_NEXT(var, field)) #define SLIST_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = SLIST_FIRST(head); \ (var) && ((tvar) = SLIST_NEXT(var, field), 1); \ (var) = (tvar)) /* * Singly-linked List functions. */ #define SLIST_INIT(head) { \ SLIST_FIRST(head) = SLIST_END(head); \ } #define SLIST_INSERT_AFTER(slistelm, elm, field) do { \ (elm)->field.sle_next = (slistelm)->field.sle_next; \ (slistelm)->field.sle_next = (elm); \ } while (0) #define SLIST_INSERT_HEAD(head, elm, field) do { \ (elm)->field.sle_next = (head)->slh_first; \ (head)->slh_first = (elm); \ } while (0) #define SLIST_REMOVE_AFTER(elm, field) do { \ (elm)->field.sle_next = (elm)->field.sle_next->field.sle_next; \ } while (0) #define SLIST_REMOVE_HEAD(head, field) do { \ (head)->slh_first = (head)->slh_first->field.sle_next; \ } while (0) #define SLIST_REMOVE(head, elm, type, field) do { \ if ((head)->slh_first == (elm)) { \ SLIST_REMOVE_HEAD((head), field); \ } else { \ struct type *curelm = (head)->slh_first; \ \ while (curelm->field.sle_next != (elm)) \ curelm = curelm->field.sle_next; \ curelm->field.sle_next = \ curelm->field.sle_next->field.sle_next; \ } \ _Q_INVALIDATE((elm)->field.sle_next); \ } while (0) /* * List definitions. */ #define LIST_HEAD(name, type) \ struct name { \ struct type *lh_first; /* first element */ \ } #define LIST_HEAD_INITIALIZER(head) \ { NULL } #define LIST_ENTRY(type) \ struct { \ struct type *le_next; /* next element */ \ struct type **le_prev; /* address of previous next element */ \ } /* * List access methods. */ #define LIST_FIRST(head) ((head)->lh_first) #define LIST_END(head) NULL #define LIST_EMPTY(head) (LIST_FIRST(head) == LIST_END(head)) #define LIST_NEXT(elm, field) ((elm)->field.le_next) #define LIST_FOREACH(var, head, field) \ for((var) = LIST_FIRST(head); \ (var)!= LIST_END(head); \ (var) = LIST_NEXT(var, field)) #define LIST_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = LIST_FIRST(head); \ (var) && ((tvar) = LIST_NEXT(var, field), 1); \ (var) = (tvar)) /* * List functions. */ #define LIST_INIT(head) do { \ LIST_FIRST(head) = LIST_END(head); \ } while (0) #define LIST_INSERT_AFTER(listelm, elm, field) do { \ if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \ (listelm)->field.le_next->field.le_prev = \ &(elm)->field.le_next; \ (listelm)->field.le_next = (elm); \ (elm)->field.le_prev = &(listelm)->field.le_next; \ } while (0) #define LIST_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.le_prev = (listelm)->field.le_prev; \ (elm)->field.le_next = (listelm); \ *(listelm)->field.le_prev = (elm); \ (listelm)->field.le_prev = &(elm)->field.le_next; \ } while (0) #define LIST_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.le_next = (head)->lh_first) != NULL) \ (head)->lh_first->field.le_prev = &(elm)->field.le_next;\ (head)->lh_first = (elm); \ (elm)->field.le_prev = &(head)->lh_first; \ } while (0) #define LIST_REMOVE(elm, field) do { \ if ((elm)->field.le_next != NULL) \ (elm)->field.le_next->field.le_prev = \ (elm)->field.le_prev; \ *(elm)->field.le_prev = (elm)->field.le_next; \ _Q_INVALIDATE((elm)->field.le_prev); \ _Q_INVALIDATE((elm)->field.le_next); \ } while (0) #define LIST_REPLACE(elm, elm2, field) do { \ if (((elm2)->field.le_next = (elm)->field.le_next) != NULL) \ (elm2)->field.le_next->field.le_prev = \ &(elm2)->field.le_next; \ (elm2)->field.le_prev = (elm)->field.le_prev; \ *(elm2)->field.le_prev = (elm2); \ _Q_INVALIDATE((elm)->field.le_prev); \ _Q_INVALIDATE((elm)->field.le_next); \ } while (0) /* * Simple queue definitions. */ #define SIMPLEQ_HEAD(name, type) \ struct name { \ struct type *sqh_first; /* first element */ \ struct type **sqh_last; /* addr of last next element */ \ } #define SIMPLEQ_HEAD_INITIALIZER(head) \ { NULL, &(head).sqh_first } #define SIMPLEQ_ENTRY(type) \ struct { \ struct type *sqe_next; /* next element */ \ } /* * Simple queue access methods. */ #define SIMPLEQ_FIRST(head) ((head)->sqh_first) #define SIMPLEQ_END(head) NULL #define SIMPLEQ_EMPTY(head) (SIMPLEQ_FIRST(head) == SIMPLEQ_END(head)) #define SIMPLEQ_NEXT(elm, field) ((elm)->field.sqe_next) #define SIMPLEQ_FOREACH(var, head, field) \ for((var) = SIMPLEQ_FIRST(head); \ (var) != SIMPLEQ_END(head); \ (var) = SIMPLEQ_NEXT(var, field)) #define SIMPLEQ_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = SIMPLEQ_FIRST(head); \ (var) && ((tvar) = SIMPLEQ_NEXT(var, field), 1); \ (var) = (tvar)) /* * Simple queue functions. */ #define SIMPLEQ_INIT(head) do { \ (head)->sqh_first = NULL; \ (head)->sqh_last = &(head)->sqh_first; \ } while (0) #define SIMPLEQ_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.sqe_next = (head)->sqh_first) == NULL) \ (head)->sqh_last = &(elm)->field.sqe_next; \ (head)->sqh_first = (elm); \ } while (0) #define SIMPLEQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.sqe_next = NULL; \ *(head)->sqh_last = (elm); \ (head)->sqh_last = &(elm)->field.sqe_next; \ } while (0) #define SIMPLEQ_INSERT_AFTER(head, listelm, elm, field) do { \ if (((elm)->field.sqe_next = (listelm)->field.sqe_next) == NULL)\ (head)->sqh_last = &(elm)->field.sqe_next; \ (listelm)->field.sqe_next = (elm); \ } while (0) #define SIMPLEQ_REMOVE_HEAD(head, field) do { \ if (((head)->sqh_first = (head)->sqh_first->field.sqe_next) == NULL) \ (head)->sqh_last = &(head)->sqh_first; \ } while (0) #define SIMPLEQ_REMOVE_AFTER(head, elm, field) do { \ if (((elm)->field.sqe_next = (elm)->field.sqe_next->field.sqe_next) \ == NULL) \ (head)->sqh_last = &(elm)->field.sqe_next; \ } while (0) #define SIMPLEQ_CONCAT(head1, head2) do { \ if (!SIMPLEQ_EMPTY((head2))) { \ *(head1)->sqh_last = (head2)->sqh_first; \ (head1)->sqh_last = (head2)->sqh_last; \ SIMPLEQ_INIT((head2)); \ } \ } while (0) /* * XOR Simple queue definitions. */ #define XSIMPLEQ_HEAD(name, type) \ struct name { \ struct type *sqx_first; /* first element */ \ struct type **sqx_last; /* addr of last next element */ \ unsigned long sqx_cookie; \ } #define XSIMPLEQ_ENTRY(type) \ struct { \ struct type *sqx_next; /* next element */ \ } /* * XOR Simple queue access methods. */ #define XSIMPLEQ_XOR(head, ptr) ((__typeof(ptr))((head)->sqx_cookie ^ \ (unsigned long)(ptr))) #define XSIMPLEQ_FIRST(head) XSIMPLEQ_XOR(head, ((head)->sqx_first)) #define XSIMPLEQ_END(head) NULL #define XSIMPLEQ_EMPTY(head) (XSIMPLEQ_FIRST(head) == XSIMPLEQ_END(head)) #define XSIMPLEQ_NEXT(head, elm, field) XSIMPLEQ_XOR(head, ((elm)->field.sqx_next)) #define XSIMPLEQ_FOREACH(var, head, field) \ for ((var) = XSIMPLEQ_FIRST(head); \ (var) != XSIMPLEQ_END(head); \ (var) = XSIMPLEQ_NEXT(head, var, field)) #define XSIMPLEQ_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = XSIMPLEQ_FIRST(head); \ (var) && ((tvar) = XSIMPLEQ_NEXT(head, var, field), 1); \ (var) = (tvar)) /* * XOR Simple queue functions. */ #define XSIMPLEQ_INIT(head) do { \ arc4random_buf(&(head)->sqx_cookie, sizeof((head)->sqx_cookie)); \ (head)->sqx_first = XSIMPLEQ_XOR(head, NULL); \ (head)->sqx_last = XSIMPLEQ_XOR(head, &(head)->sqx_first); \ } while (0) #define XSIMPLEQ_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.sqx_next = (head)->sqx_first) == \ XSIMPLEQ_XOR(head, NULL)) \ (head)->sqx_last = XSIMPLEQ_XOR(head, &(elm)->field.sqx_next); \ (head)->sqx_first = XSIMPLEQ_XOR(head, (elm)); \ } while (0) #define XSIMPLEQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.sqx_next = XSIMPLEQ_XOR(head, NULL); \ *(XSIMPLEQ_XOR(head, (head)->sqx_last)) = XSIMPLEQ_XOR(head, (elm)); \ (head)->sqx_last = XSIMPLEQ_XOR(head, &(elm)->field.sqx_next); \ } while (0) #define XSIMPLEQ_INSERT_AFTER(head, listelm, elm, field) do { \ if (((elm)->field.sqx_next = (listelm)->field.sqx_next) == \ XSIMPLEQ_XOR(head, NULL)) \ (head)->sqx_last = XSIMPLEQ_XOR(head, &(elm)->field.sqx_next); \ (listelm)->field.sqx_next = XSIMPLEQ_XOR(head, (elm)); \ } while (0) #define XSIMPLEQ_REMOVE_HEAD(head, field) do { \ if (((head)->sqx_first = XSIMPLEQ_XOR(head, \ (head)->sqx_first)->field.sqx_next) == XSIMPLEQ_XOR(head, NULL)) \ (head)->sqx_last = XSIMPLEQ_XOR(head, &(head)->sqx_first); \ } while (0) #define XSIMPLEQ_REMOVE_AFTER(head, elm, field) do { \ if (((elm)->field.sqx_next = XSIMPLEQ_XOR(head, \ (elm)->field.sqx_next)->field.sqx_next) \ == XSIMPLEQ_XOR(head, NULL)) \ (head)->sqx_last = \ XSIMPLEQ_XOR(head, &(elm)->field.sqx_next); \ } while (0) /* * Tail queue definitions. */ #define TAILQ_HEAD(name, type) \ struct name { \ struct type *tqh_first; /* first element */ \ struct type **tqh_last; /* addr of last next element */ \ } #define TAILQ_HEAD_INITIALIZER(head) \ { NULL, &(head).tqh_first } #define TAILQ_ENTRY(type) \ struct { \ struct type *tqe_next; /* next element */ \ struct type **tqe_prev; /* address of previous next element */ \ } /* * Tail queue access methods. */ #define TAILQ_FIRST(head) ((head)->tqh_first) #define TAILQ_END(head) NULL #define TAILQ_NEXT(elm, field) ((elm)->field.tqe_next) #define TAILQ_LAST(head, headname) \ (*(((struct headname *)((head)->tqh_last))->tqh_last)) /* XXX */ #define TAILQ_PREV(elm, headname, field) \ (*(((struct headname *)((elm)->field.tqe_prev))->tqh_last)) #define TAILQ_EMPTY(head) \ (TAILQ_FIRST(head) == TAILQ_END(head)) #define TAILQ_FOREACH(var, head, field) \ for((var) = TAILQ_FIRST(head); \ (var) != TAILQ_END(head); \ (var) = TAILQ_NEXT(var, field)) #define TAILQ_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = TAILQ_FIRST(head); \ (var) != TAILQ_END(head) && \ ((tvar) = TAILQ_NEXT(var, field), 1); \ (var) = (tvar)) #define TAILQ_FOREACH_REVERSE(var, head, headname, field) \ for((var) = TAILQ_LAST(head, headname); \ (var) != TAILQ_END(head); \ (var) = TAILQ_PREV(var, headname, field)) #define TAILQ_FOREACH_REVERSE_SAFE(var, head, headname, field, tvar) \ for ((var) = TAILQ_LAST(head, headname); \ (var) != TAILQ_END(head) && \ ((tvar) = TAILQ_PREV(var, headname, field), 1); \ (var) = (tvar)) /* * Tail queue functions. */ #define TAILQ_INIT(head) do { \ (head)->tqh_first = NULL; \ (head)->tqh_last = &(head)->tqh_first; \ } while (0) #define TAILQ_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \ (head)->tqh_first->field.tqe_prev = \ &(elm)->field.tqe_next; \ else \ (head)->tqh_last = &(elm)->field.tqe_next; \ (head)->tqh_first = (elm); \ (elm)->field.tqe_prev = &(head)->tqh_first; \ } while (0) #define TAILQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.tqe_next = NULL; \ (elm)->field.tqe_prev = (head)->tqh_last; \ *(head)->tqh_last = (elm); \ (head)->tqh_last = &(elm)->field.tqe_next; \ } while (0) #define TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \ if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\ (elm)->field.tqe_next->field.tqe_prev = \ &(elm)->field.tqe_next; \ else \ (head)->tqh_last = &(elm)->field.tqe_next; \ (listelm)->field.tqe_next = (elm); \ (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \ } while (0) #define TAILQ_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.tqe_prev = (listelm)->field.tqe_prev; \ (elm)->field.tqe_next = (listelm); \ *(listelm)->field.tqe_prev = (elm); \ (listelm)->field.tqe_prev = &(elm)->field.tqe_next; \ } while (0) #define TAILQ_REMOVE(head, elm, field) do { \ if (((elm)->field.tqe_next) != NULL) \ (elm)->field.tqe_next->field.tqe_prev = \ (elm)->field.tqe_prev; \ else \ (head)->tqh_last = (elm)->field.tqe_prev; \ *(elm)->field.tqe_prev = (elm)->field.tqe_next; \ _Q_INVALIDATE((elm)->field.tqe_prev); \ _Q_INVALIDATE((elm)->field.tqe_next); \ } while (0) #define TAILQ_REPLACE(head, elm, elm2, field) do { \ if (((elm2)->field.tqe_next = (elm)->field.tqe_next) != NULL) \ (elm2)->field.tqe_next->field.tqe_prev = \ &(elm2)->field.tqe_next; \ else \ (head)->tqh_last = &(elm2)->field.tqe_next; \ (elm2)->field.tqe_prev = (elm)->field.tqe_prev; \ *(elm2)->field.tqe_prev = (elm2); \ _Q_INVALIDATE((elm)->field.tqe_prev); \ _Q_INVALIDATE((elm)->field.tqe_next); \ } while (0) #define TAILQ_CONCAT(head1, head2, field) do { \ if (!TAILQ_EMPTY(head2)) { \ *(head1)->tqh_last = (head2)->tqh_first; \ (head2)->tqh_first->field.tqe_prev = (head1)->tqh_last; \ (head1)->tqh_last = (head2)->tqh_last; \ TAILQ_INIT((head2)); \ } \ } while (0) #endif /* !_SYS_QUEUE_H_ */ smcroute-2.4.2/src/inet.h0000644000175000017500000000231113345172574014237 0ustar jockejocke/* Multicast Router Discovery Protocol, RFC4286 (IPv4 backend) * * Copyright (C) 2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #ifndef SMCROUTE_INET_H_ #define SMCROUTE_INET_H_ #include #define IGMP_MRDISC_ANNOUNCE 0x30 #define IGMP_MRDISC_SOLICIT 0x31 #define IGMP_MRDISC_TERM 0x32 int inet_open (char *ifname); int inet_close (int sd); int inet_send (int sd, uint8_t type, uint8_t interval); int inet_recv (int sd, uint8_t interval); #endif /* SMCROUTE_INET_H_ */ smcroute-2.4.2/src/smcroutectl.c0000644000175000017500000002341713345172574015651 0ustar jockejocke/* Client for smcrouted, not needed if only using smcroute.conf * * Copyright (C) 2011-2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" #include #include #include #include #include #include #ifdef HAVE_TERMIOS_H # include #endif #include #include #include #include #include #include "msg.h" #include "util.h" struct arg { char *name; int min_args; /* 0: command takes no arguments */ int val; char *arg; char *help; char *example; /* optional */ int has_detail; } args[] = { { NULL, 0, 'd', NULL, "Detailed output in show command", NULL, 0 }, { NULL, 1, 'I', "NAME", "Identity of routing daemon instance, default: " PACKAGE, "foo", 0 }, { NULL, 0, 't', NULL, "Skip table heading in show command", NULL, 0 }, { "help", 0, 'h', NULL, "Show help text", NULL, 0 }, { "version", 0, 'v', NULL, "Show program version", NULL, 0 }, { "flush" , 0, 'F', NULL, "Flush all dynamically set (*,G) multicast routes", NULL, 0 }, { "kill", 0, 'k', NULL, "Kill running daemon", NULL, 0 }, { "restart", 0, 'H', NULL, "Tell daemon to restart and reload its .conf file, like SIGHUP", NULL, 0 }, { "show", 0, 's', NULL, "Show passive (*,G) and active routes, as well as joined groups", NULL, 1 }, { "add", 3, 'a', NULL, "Add a multicast route", "eth0 192.168.2.42 225.1.2.3 eth1 eth2", 0 }, { "remove", 2, 'r', NULL, "Remove a multicast route", "eth0 192.168.2.42 225.1.2.3", 0 }, { "del", 2, 'r', NULL, NULL, NULL, 0 }, /* Alias */ { "join", 2, 'j', NULL, "Join multicast group on an interface", "eth0 225.1.2.3", 0 }, { "leave", 2, 'l', NULL, "Leave joined multicast group", "eth0 225.1.2.3", 0 }, { NULL, 0, 0, NULL, NULL, NULL, 0 } }; static int heading = 1; static char *ident = PACKAGE; static char *prognm = NULL; /* * Build IPC message to send to the daemon using @cmd and @count * number of arguments from @argv. */ static struct ipc_msg *msg_create(uint16_t cmd, char *argv[], size_t count) { char *ptr; size_t i, len = 0, sz; struct ipc_msg *msg; for (i = 0; i < count; i++) len += strlen(argv[i]) + 1; sz = sizeof(struct ipc_msg) + len + 1; if (sz > MX_CMDPKT_SZ) { errno = EMSGSIZE; return NULL; } msg = calloc(1, sz); if (!msg) return NULL; msg->len = sz; msg->cmd = cmd; msg->count = count; ptr = (char *)msg->argv; for (i = 0; i < count; i++) { len = strlen(argv[i]) + 1; ptr = memcpy(ptr, argv[i], len) + len; } *ptr = '\0'; /* '\0' behind last string */ return msg; } #define ESC "\033" static int get_width(void) { int ret = 74; #ifdef HAVE_TERMIOS_H char buf[42]; struct termios tc, saved; struct pollfd fd = { STDIN_FILENO, POLLIN, 0 }; memset(buf, 0, sizeof(buf)); tcgetattr(STDERR_FILENO, &tc); saved = tc; tc.c_cflag |= (CLOCAL | CREAD); tc.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG); tcsetattr(STDERR_FILENO, TCSANOW, &tc); fprintf(stderr, ESC "7" ESC "[r" ESC "[999;999H" ESC "[6n"); if (poll(&fd, 1, 300) > 0) { int row, col; if (scanf(ESC "[%d;%dR", &row, &col) == 2) ret = col; } fprintf(stderr, ESC "8"); tcsetattr(STDERR_FILENO, TCSANOW, &saved); #endif return ret; } static void table_heading(char *argv[], size_t count, int detail) { int len; char line[90]; const char *g = "GROUP (S,G)", *i = "INBOUND"; const char *r = "ROUTE (S,G)", *o = "OUTBOUND", *p = "PACKETS", *b = "BYTES"; /* Skip heading also if user redirects output to a file */ if (!heading || !isatty(STDOUT_FILENO)) return; if (count && argv[0][0] == 'g') snprintf(line, sizeof(line), "\e[7m%-34s %-16s", g, i); else if (detail) snprintf(line, sizeof(line), "\e[7m%-34s %-16s %10s %10s %-8s", r, i, p, b, o); else snprintf(line, sizeof(line), "\e[7m%-34s %-16s %-8s", r, i, o); len = get_width() - (int)strlen(line) + 4; fprintf(stderr, "%s%*s\n\e[0m", line, len < 0 ? 0 : len, ""); } /* * Connects to the IPC socket of the server */ static int ipc_connect(void) { struct sockaddr_un sa; socklen_t len; int sd; sd = socket(AF_UNIX, SOCK_STREAM, 0); if (sd < 0) return -1; #ifdef HAVE_SOCKADDR_UN_SUN_LEN sa.sun_len = 0; /* <- correct length is set by the OS */ #endif sa.sun_family = AF_UNIX; snprintf(sa.sun_path, sizeof(sa.sun_path), "%s/run/%s.sock", LOCALSTATEDIR, ident); len = offsetof(struct sockaddr_un, sun_path) + strlen(sa.sun_path); if (connect(sd, (struct sockaddr *)&sa, len) < 0) { int err = errno; if (ENOENT == errno) warnx("Cannot find IPC socket %s", sa.sun_path); close(sd); errno = err; return -1; } return sd; } static int ipc_command(uint16_t cmd, char *argv[], size_t count) { int sd; int result = 0; int retry_count = 30; ssize_t len; struct ipc_msg *msg; char buf[MX_CMDPKT_SZ + 1]; msg = msg_create(cmd, argv, count); if (!msg) { warn("Failed constructing IPC command"); return 1; } while ((sd = ipc_connect()) < 0) { switch (errno) { case EACCES: warnx("Need root privileges to connect to daemon"); break; case ENOENT: warnx("Daemon may be running with another -I NAME"); break; case ECONNREFUSED: if (--retry_count) { usleep(100000); continue; } warnx("Daemon not running"); break; default: warn("Failed connecting to daemon"); break; } free(msg); return 1; } /* Send command */ if (write(sd, msg, msg->len) != (ssize_t)msg->len) { error: warn("Communication with daemon failed"); close(sd); free(msg); return 1; } /* Wait here for reply */ len = read(sd, buf, sizeof(buf) - 1); if (len < 0) goto error; if (len != 1 || *buf != '\0') { int detail = 0; /* Make sure buffer is NULL terminated */ buf[len] = 0; switch (cmd) { case 'S': detail = 1; /* fallthrough */ case 's': table_heading(argv, count, detail); do { fputs(buf, stdout); len = read(sd, buf, sizeof(buf) - 1); if (len >= 0) buf[len] = 0; } while (len > 0); break; default: warnx("%s", buf); result = 1; break; } } close(sd); free(msg); return result; } static int usage(int code) { int i; printf("Usage:\n %s [OPTIONS] CMD [ARGS]\n\n", prognm); printf("Options:\n"); for (i = 0; args[i].val; i++) { if (!args[i].help) continue; if (args[i].name) continue; printf(" -%c %-10s %s\n", args[i].val, args[i].arg ? args[i].arg : "", args[i].help); } printf("\nCommands:\n"); for (i = 0; args[i].val; i++) { if (!args[i].help) continue; if (!args[i].name) continue; printf(" %-7s %s %s\n", args[i].name, args[i].min_args ? "ARGS" : " ", args[i].help); } printf("\nArguments:\n" " <----------- INBOUND ------------> <--- OUTBOUND ---->\n" " add IFNAME [SOURCE-IP] MULTICAST-GROUP IFNAME [IFNAME ...]\n" " remove IFNAME [SOURCE-IP] MULTICAST-GROUP\n" "\n" " join IFNAME [SOURCE-IP] MULTICAST-GROUP\n" " leave IFNAME [SOURCE-IP] MULTICAST-GROUP\n" "\n" " show [groups|routes]\n" "\n" "NOTE: IFNAME is either an interface name or wildcard. E.g., `eth+` matches\n" " eth0, eth15, etc. Wildcards are available for inbound interfaces.\n" "\n" "Bug report address: %s\n", PACKAGE_BUGREPORT); #ifdef PACKAGE_URL printf("Project homepage: %s\n", PACKAGE_URL); #endif return code; } static int version(void) { puts(PACKAGE_VERSION); return 0; } static char *progname(const char *arg0) { char *nm; nm = strrchr(arg0, '/'); if (nm) nm++; else nm = (char *)arg0; return nm; } int main(int argc, char *argv[]) { int help = 0, detail = 0; int c, i, pos = 1, status = 0; struct arg *cmd = NULL; prognm = progname(argv[0]); while ((c = getopt(argc, argv, "dhI:tv")) != EOF) { switch (c) { case 'd': detail++; break; case 'h': help++; break; case 'I': ident = optarg; break; case 't': heading = 0; break; case 'v': return version(); default: errx(0, "Unknown option -'%c'\n", c); } } pos = optind; while (pos < argc && !cmd) { char *arg = argv[pos]; for (i = 0; args[i].val; i++) { int c = args[i].val; char *nm = args[i].name; size_t len; if (!nm) continue; len = MIN(strlen(nm), strlen(arg)); if (strncmp(arg, nm, len)) continue; switch (c) { case 'h': help++; break; case 'v': return version(); default: cmd = &args[i]; if (argc - (pos + 1) < args[i].min_args) { warnx("Not enough arguments to command %s", nm); status = 1; goto help; } break; } break; /* Next arg */ } pos++; } if (help) { if (!cmd) return usage(0); help: while (!cmd->help) cmd--; printf("Help:\n" " %s\n\n" "Example:\n" " %s %s %s\n\n", cmd->help, prognm, cmd->name, cmd->example ? cmd->example : ""); return status; } if (!cmd) return ipc_command('s', NULL, 0); c = cmd->val; if (cmd->has_detail) c -= 0x20; return ipc_command(c, &argv[pos], argc - pos); } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/util.h0000644000175000017500000000130513345172574014257 0ustar jockejocke/* Utilitity and replacement functions */ #ifndef SMCROUTE_UTIL_H_ #define SMCROUTE_UTIL_H_ #include "config.h" #include #include "mroute.h" #ifndef MIN #define MIN(a, b) ((a) < (b) ? (a) : (b)) #endif #ifndef MAX #define MAX(a, b) ((a) < (b) ? (b) : (a)) #endif /* From The Practice of Programming, by Kernighan and Pike */ #ifndef NELEMS #define NELEMS(array) (sizeof(array) / sizeof(array[0])) #endif int pidfile(const char *basename, uid_t uid, gid_t gid); #ifndef HAVE_UTIMENSAT int utimensat(int dirfd, const char *pathname, const struct timespec ts[2], int flags); #endif #ifndef HAVE_STRLCPY size_t strlcpy(char *dst, const char *src, size_t len); #endif #endif /* SMCROUTE_UTIL_H_ */ smcroute-2.4.2/src/mcgroup.h0000644000175000017500000000121413345172574014755 0ustar jockejocke/* IGMP/MLD group subscription API */ #ifndef SMCROUTE_MCGROUP_H_ #define SMCROUTE_MCGROUP_H_ int mcgroup4_join (const char *ifname, struct in_addr source, struct in_addr group); int mcgroup4_leave (const char *ifname, struct in_addr source, struct in_addr group); void mcgroup4_disable (void); int mcgroup6_join (const char *ifname, struct in6_addr group); int mcgroup6_leave (const char *ifname, struct in6_addr group); void mcgroup6_disable (void); int mcgroup_show (int sd, int detail); #endif /* SMCROUTE_MCGROUP_H_ */ /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/script.h0000644000175000017500000000032013345172574014602 0ustar jockejocke/* SMCRoute script API */ #ifndef SMCROUTE_SCRIPT_H_ #define SMCROUTE_SCRIPT_H_ #include "mroute.h" int script_init (char *script); int script_exec (struct mroute *mroute); #endif /* SMCROUTE_SCRIPT_H_ */ smcroute-2.4.2/src/msg.h0000644000175000017500000000313413345172574014072 0ustar jockejocke/* SMCRoute IPC API * * Multicast routes: * * add eth0 [1.1.1.1] 239.1.1.1 eth1 eth2 * * +----+-----+---+--------------------------------------------+ * | 42 | 'a' | 5 | "eth0\01.1.1.1\0239.1.1.1\0eth1\0eth2\0\0" | * +----+-----+---+--------------------------------------------+ * ^ ^ |-----| * | | `---> Second argument is optional => (*,G) * +-----cmd------+ * * del [1.1.1.1] 239.1.1.1 * * +----+-----+---+--------------------------+ * | 27 | 'r' | 2 | "1.1.1.1\0239.1.1.1\0\0" | * +----+-----+---+--------------------------+ * ^ ^ * | | * +-----cmd------+ * * Multicast groups: * * join/leave eth0 [1.1.1.1] 239.1.1.1 * * +----+-----+---+--------------------------------------------+ * | 32 | 'j' | 3 | "eth0\01.1.1.1\0239.1.1.1\0\0" | * +----+-----+---+--------------------------------------------+ * |-----| * `-----> For SSM group join/leave */ #ifndef SMCROUTE_MSG_H_ #define SMCROUTE_MSG_H_ #include #include #define MX_CMDPKT_SZ 1024 /* command size including appended strings */ struct ipc_msg { size_t len; /* total size of packet including cmd header */ uint16_t cmd; /* 'a'=Add,'r'=Remove,'j'=Join,'l'=Leave,'k'=Kill */ uint16_t count; /* command argument count */ char *argv[0]; /* 'count' * '\0' terminated strings + '\0' */ }; int msg_do(int sd, struct ipc_msg *msg); #endif /* SMCROUTE_MSG_H_ */ /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/src/timer.h0000644000175000017500000000030513345172574014421 0ustar jockejocke/* Timer helper functions */ #ifndef SMCROUTE_TIMER_H_ #define SMCROUTE_TIMER_H_ int timer_init (void); int timer_add (int period, void (*cb)(void *), void *arg); #endif /* SMCROUTE_TIMER_H_ */ smcroute-2.4.2/README.md0000644000175000017500000002545213345172574013632 0ustar jockejockeSMCRoute - A static multicast routing daemon ============================================ [![License Badge][]][License] [![Travis Status][]][Travis] [![Coverity Status][]][Coverity Scan] Table of Contents ----------------- * [About](#about) * [Features](#features) * [Usage](#usage) * [Actions Scripts](#action-scripts) * [Many Interfaces](#many-interfaces) * [Multiple Routing Tables](#multiple-routing-tables) * [Client Tool](#client-tool) * [Experimental](#experimental) * [Build & Install](#build--install) * [Linux Requirements](#linux-requirements) * [*BSD Requirements](#bsd-requirements) * [General Requirements](#general-requirements) * [Configure & Build](#configure--build) * [Integration with systemd](#integration-with-systemd) * [Static Build](#static-build) * [Building from GIT](#building-from-git) * [Origin & References](#origin--references) About ----- SMCRoute is a UNIX/Linux tool to manage and monitor multicast routes. It supports both IPv4 and IPv6 multicast routing. SMCRoute can be used as an alternative to dynamic multicast routers like [mrouted][] or [pimd][] in setups where static multicast routes should be maintained and/or no proper IGMP or MLD signaling exists. Multicast routes exist in the UNIX kernel as long as a multicast routing daemon runs. On Linux, multiple multicast routers can run simultaneously using different multicast routing tables. Features -------- - Configuration file support, `/etc/smcroute.conf` - Support for restarting and reloading the `.conf` on `SIGHUP` - Source-less on-demand routing, a.k.a. (*,G) based static routing - Optional built-in [mrdisc][] support, [RFC4286][] - Support for multiple routing tables on Linux - Client with built-in support to show routes and joined groups - Interface wildcard matching, `eth+` matches `eth0, eth15` Usage ----- smcrouted [-nNhsv] [-c SEC] [-d SEC] [-e CMD] [-f CONF] [-l LVL] [-p USER:GROUP] [-t ID] smcroutectl [-Fkhv] [COMMAND] [⟨add | rem⟩ ⟨ROUTE⟩] [⟨join | leave⟩ ⟨GROUP⟩] To set multicast routes and join groups you must first start the daemon, which needs *root privileges*, or `CAP_NET_ADMIN`. Use `smcrouted -n` to run the daemon in the foreground, as required by modern init daemons like systemd and [Finit][]. By default `smcrouted` reads `/etc/smcroute.conf`, which can look something like this: mgroup from eth0 group 225.1.2.3 mgroup from eth0 group 225.1.2.3 source 192.168.1.42 mroute from eth0 group 225.1.2.3 source 192.168.1.42 to eth1 eth2 The first line means "Join multicast group 225.1.2.3 on interface eth0". Useful if `eth0` is not directly connected to the source, but to a LAN with switches with IGMP snooping. Joining the group opens up multicast for that group towards `eth0`. Only 20 groups can be joined, for large setups investigate enabling multicast router ports in the switches, or possibly use a dynamic multicast routing protocol. The second `mgroup` is for source specific group join, i.e. the host specifies that it wants packets from 192.168.1.42 and no other source. The third `mroute` line is the actual layer-3 routing entry. Here we say that multicast data originating from 192.168.1.42 on `eth0` to the multicast group 225.1.2.3 should be forwarded to interfaces `eth1` and `eth2`. **Note:** To test the above you can use ping from another device. The multicast should be visible as long as your IP# matches the source above and you ping 225.1.2.3 -- **REMEMBER TO SET THE TTL >1** $ ping -I eth0 -t 2 225.1.2.3 The TTL is what usually bites people first trying out multicast routing. Most TCP/IP stacks default to a TTL of 1 for multicast frames, e.g. ping above requires `-t 2`, or greater. This limitation is intentional and reduces the risk of someone accidentally flooding multicast. Remember, multicast *behaves like broadcast* unless limited. The TTL should preferably be set on the sender side, e.g. the camera, but can also be modified in the firewall on a router. Be careful though because the TTL is the only thing that helps prevent routing loops! On Linux the following `iptables` command can be used to change the TTL: # iptables -t mangle -A PREROUTING -i eth0 -d 225.1.2.3 -j TTL --ttl-inc 1 ### Action Scripts # smcrouted -e /path/to/script With `-e CMD` a user script or command can be called when `smcrouted` receives a `SIGHUP` or installs a multicast route to the kernel. This is useful if you, for instance, also run a NAT firewall and need to flush connection tracking after installing a multicast route. ### Many Interfaces # smcrouted -N With the `-N` command line option SMCRoute does *not* prepare all system interfaces for multicast routing. Very useful if your system has a lot of interfaces but only a select few are required for multicast routing. Use the following in `/etc/smcroute.conf` to enable interfaces: phyint eth0 enable phyint eth1 enable phyint eth2 enable It is possible to use any interface that supports the `MULTICAST` flag. ### Multiple Routing Tables On Linux it is possible to run multiple multicast routing daemons due to its support for multiple multicast routing tables. In such setups it may be useful to change the default identity of SMCRoute: # smcrouted -I mrt1 -t 1 # smcrouted -I mrt2 -t 2 The `-I NAME` option alters the default syslog name, config file, PID file, and client socket file name used. In the first instance above, `smcrouted` will use: - `/etc/mrt1.conf` - `/var/run/mrt1.pid` - `/var/run/mrt1.sock` and syslog messages will use the `mrt1` identity as well. Remember to use the same `-I NAME` also to `smcroutectl`. ### Client Tool SMCRoute also has a client interface to interact with the daemon: # smcroutectl join eth0 225.1.2.3 # smcroutectl add eth0 192.168.1.42 225.1.2.3 eth1 eth2 If the daemon runs with a different identity the client needs to be called using the same identity: # smcrouted -I mrt # smcroutectl -I mrt show There are more commands. See the man page or the online help for details: # smcroutectl help **Note:** Root privileges are required by default for `smcroutectl` due to the IPC socket permissions. Experimental ------------ Multicast often originates from different sources but usually not at the same time. For a more generic setup, and to reduce the number of rules required, it is possible to set (*,G) IPv4 multicast routes. Example `smcroute.conf`: phyint eth0 enable mrdisc phyint eth1 enable phyint eth1 enable mgroup from eth0 group 225.1.2.3 mroute from eth0 group 225.1.2.3 to eth1 eth2 or, from the command line: # smcroutectl join eth0 225.1.2.3 # smcroutectl add eth0 225.1.2.3 eth1 eth2 Also, see the `smcrouted -c SEC` option for periodic flushing of learned (*,G) rules, including the automatic blocking of unknown multicast, and the `smcroutectl flush` command. Another experimental feature is multicast router discovery, [mrdisc][], described in [RFC4286][]. This feature is disabled by default, enable with `configure --enable-mrdisc`. When enabled it periodically sends out an IGMP message on inbound interfaces¹ to alert switches to open up multicast in that direction. Not many managed switches have support for this yet. ____ ¹ Notice the `mrdisc` flag to the above `phyint eth0` directive, which is missing for `eth1` and `eth2`. Build & Install --------------- SMCRoute should in theory work on any UNIX like operating system which supports the BSD MROUTING API. Both Linux and FreeBSD are tested on a regular basis. ### Linux Requirements On Linux the following kernel config is required: CONFIG_IP_MROUTE=y CONFIG_IP_PIMSM_V1=y CONFIG_IP_PIMSM_V2=y CONFIG_IP_MROUTE_MULTIPLE_TABLES=y # For multiple routing tables CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y # For multiple routing tables ### *BSD Requirements On *BSD the following kernel config is required: options MROUTING # Multicast routing options PIM # pimd extensions used for (*,G) support ### General Requirements Check the list of multicast capable interfaces: cat /proc/net/dev_mcast or look for interfaces with the `MULTICAST` flag in the output from: ifconfig Some interfaces have the `MULTICAST` flag disabled by default, like `lo` and `greN`. Usually this flag can be enabled administratively. ### Configure & Build As of SMCRoute v2.2, the `libcap` library is used to gain full privilege separation using POSIX capabilities. At startup this library is used to drop full root privileges, retaining only `CAP_NET_ADMIN` for managing the multicast routes. Use `--without-libcap` to disable this feature. **Note:** On RHEL/CentOS 6 you must `configure --without-libcap` $ ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var $ make -j5 $ sudo make install-strip ### Integration with systemd For systemd integration you need to install `pkg-config`, which helps the SMCRoute build system figure out the systemd paths. When installed simply call `systemctl` to enable and start `smcrouted`: $ sudo systemctl enable smcroute.service $ sudo systemctl start smcroute.service Check that it started properly by inspecting the system log, or: $ sudo systemctl status smcroute.service ### Static Build Some people want to build statically, to do this with `autoconf` add the following `LDFLAGS=` *after* the configure script. You may also need to add `LIBS=...`, which will depend on your particular system: $ ./configure LDFLAGS="-static" ... ### Building from GIT The `configure` script and the `Makefile.in` files are generated and not stored in GIT. So if you checkout the sources from GitHub you first need to generated these files using `./autogen.sh`. Origin & References ------------------- SMCRoute is maintained collaboratively at [GitHub][]. Bug reports, feature requests, patches/pull requests, and documentation fixes are most welcome. The project was previously hosted and maintained by Debian at [Alioth][] and before that by [Carsten Schill][], the original author. [Finit]: https://github.com/troglobit/finit [mrouted]: https://github.com/troglobit/mrouted [pimd]: https://github.com/troglobit/pimd [mrdisc]: https://github.com/troglobit/mrdisc [RFC4286]: https://tools.ietf.org/html/rfc4286 [GitHub]: https://github.com/troglobit/smcroute [Alioth]: https://alioth.debian.org/projects/smcroute [Carsten Schill]: http://www.cschill.de/smcroute/ [License]: https://en.wikipedia.org/wiki/GPL_license [License Badge]: https://img.shields.io/badge/License-GPL%20v2-blue.svg [Travis]: https://travis-ci.org/troglobit/smcroute [Travis Status]: https://travis-ci.org/troglobit/smcroute.png?branch=master [Coverity Scan]: https://scan.coverity.com/projects/3061 [Coverity Status]: https://scan.coverity.com/projects/3061/badge.svg smcroute-2.4.2/COPYING0000644000175000017500000004310313345172574013377 0ustar jockejocke GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. smcroute-2.4.2/smcroute0000755000175000017500000000265713345172574014144 0ustar jockejocke#!/bin/sh # Compatibility wrapper for users with old startup scripts # Written by Joachim Nilsson, placed in the public domain OP=$1 shift case "$OP" in -d) smcrouted $* ;; -h) echo "Usage: smcroute [OPTIONS] [ARGS]" echo echo " -d Start daemon" echo " -k Kill a running daemon" echo echo " -h This help text" echo " -v Show version" echo echo " -a ARGS Add a multicast route" echo " -r ARGS Remove a multicast route" echo echo " -j ARGS Join a multicast group" echo " -l ARGS Leave a multicast group" echo echo " <------------- INBOUND --------------> <----- OUTBOUND ------>" echo " -a [ ...]" echo " -r " echo echo " -j " echo " -l " echo echo "NOTE: This is a compatibility wrapper script for SMCRoute. Intended for" echo " use with old style startup scripts. It is recommended to migrate" echo " to /etc/smcroute.conf, see the smcroute(8) man page for help." return 0 ;; -k) smcroutectl kill ;; -v) smcroutectl version ;; -a) smcroutectl add $* ;; -r) smcroutectl remove $* ;; -j) smcroutectl join $* ;; *) echo "Unkown command or option to the SMCRoute compatiblity wrapper script." echo "See the smcroute(8) man page for help on available commands." return 1 ;; esac smcroute-2.4.2/.gitignore0000644000175000017500000000036413345172574014336 0ustar jockejocke.deps *~ *.o *.log *.status ID GPATH GRTAGS GSYMS GTAGS Makefile Makefile.in aclocal.m4 autom4te.cache compile config.h config.h.in configure depcomp install-sh mcsender missing smcrouted smcroutectl smcroute.service stamp-h1 *.tar.* .dirstamp smcroute-2.4.2/lib/0000755000175000017500000000000013345172574013111 5ustar jockejockesmcroute-2.4.2/lib/utimensat.c0000644000175000017500000000267613345172574015301 0ustar jockejocke/* Replacement in case utimensat(2) is missing * * Copyright (C) 2017 Joachim Nilsson * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" #include #ifdef HAVE_FCNTL_H #include #endif #include /* lutimes(), utimes(), utimensat() */ int utimensat(int dirfd, const char *pathname, const struct timespec ts[2], int flags) { int ret = -1; struct timeval tv[2]; if (dirfd != 0) { errno = ENOTSUP; return -1; } TIMESPEC_TO_TIMEVAL(&tv[0], &ts[0]); TIMESPEC_TO_TIMEVAL(&tv[1], &ts[1]); if ((flags & AT_SYMLINK_NOFOLLOW) == AT_SYMLINK_NOFOLLOW) ret = lutimes(pathname, tv); else ret = utimes(pathname, tv); return ret; } /** * Local Variables: * indent-tabs-mode: t * c-file-style: "linux" * End: */ smcroute-2.4.2/lib/strlcpy.c0000644000175000017500000000312613345172574014757 0ustar jockejocke/* $OpenBSD: strlcpy.c,v 1.12 2015/01/15 03:54:12 millert Exp $ */ /* * Copyright (c) 1998, 2015 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include #include #ifndef strlcpy /* * Copy string src to buffer dst of size dsize. At most dsize-1 * chars will be copied. Always NUL terminates (unless dsize == 0). * Returns strlen(src); if retval >= dsize, truncation occurred. */ size_t strlcpy(char *dst, const char *src, size_t dsize) { const char *osrc = src; size_t nleft = dsize; /* Copy as many bytes as will fit. */ if (nleft != 0) { while (--nleft != 0) { if ((*dst++ = *src++) == '\0') break; } } /* Not enough room in dst, add NUL and traverse rest of src. */ if (nleft == 0) { if (dsize != 0) *dst = '\0'; /* NUL-terminate dst */ while (*src++) ; } return(src - osrc - 1); /* count does not include NUL */ } #endif smcroute-2.4.2/CONTRIBUTING.md0000644000175000017500000000631613345172574014602 0ustar jockejockeContributing to SMCRoute ======================== Thank you for considering contributing back to [Free Software][1]! There are a few things we would like you to consider when filing an issue or pull request with this project: 1. If you are filing a bug report or feature request Please take the time to check if an issue already has been filed matching your problem 2. What version are you running, have you tried the latest release? UNIX distributions often package and test software for their particular brand. If you are using a pre-packaged version, then please file a bug with that distribution instead. 3. Coding Style Lines are allowed to be longer than 72 characters these days, there is no enforced max. length. > **Tip:** Always submit code that follows the style of surrounding code! The coding style itself is strictly Linux [KNF][], like GIT it is becoming a de facto standard for C programming https://www.kernel.org/doc/Documentation/CodingStyle 4. Logical Change Sets Changes should be broken down into logical units that add a feature or fix a bug. Keep changes separate from each other and do not mix a bug fix with a whitespace cleanup or a new feature addition. This is important not only for readilibity, or for the possibility of maintainers to revert changes, but does also increase your chances of having a change accepted. 5. Commit messages Commit messages exist to track *why* a change was made. Try to be as clear and concise as possible in your commit messages, and always, be proud of your work and set up a proper GIT identity for your commits: git config --global user.name "Jane Doe" git config --global user.email jane.doe@example.com See this helpful guide for how to write simple, readable commit messages, or have at least a look at the below example. http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html Example ------- Example commit message from the [Pro Git][gitbook] online book, notice how `git commit -s` is used to automatically add a `Signed-off-by`: Capitalized, short (50 chars or less) summary More detailed explanatory text, if necessary. Wrap it to about 72 characters or so. In some contexts, the first line is treated as the subject of an email and the rest of the text as the body. The blank line separating the summary from the body is critical (unless you omit the body entirely); tools like rebase can get confused if you run the two together. Write your commit message in the imperative: "Fix bug" and not "Fixed bug" or "Fixes bug." This convention matches up with commit messages generated by commands like git merge and git revert. Further paragraphs come after blank lines. - Bullet points are okay, too - Typically a hyphen or asterisk is used for the bullet, followed by a single space, with blank lines in between, but conventions vary here - Use a hanging indent Signed-off-by: Jane Doe [1]: http://www.gnu.org/philosophy/free-sw.en.html [KNF]: https://en.wikipedia.org/wiki/Kernel_Normal_Form [gitbook]: https://git-scm.com/book/ch5-2.html smcroute-2.4.2/configure.ac0000644000175000017500000001670113345172574014636 0ustar jockejocke# -*- Autoconf -*- # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) AC_INIT(SMCRoute, 2.4.2, https://github.com/troglobit/smcroute/issues, smcroute, http://troglobit.com/smcroute.html) AM_INIT_AUTOMAKE([1.11 foreign dist-xz]) AM_SILENT_RULES([yes]) AC_CONFIG_SRCDIR([src/smcrouted.c]) AC_CONFIG_HEADER([config.h]) AC_CONFIG_FILES([Makefile src/Makefile smcroute.service]) # Older versions of autoconf (<2.58) do not have AC_CONFIG_MACRO_DIR() m4_include([m4/misc.m4]) m4_include([m4/mroute.m4]) AC_CONFIG_MACRO_DIR([m4]) # Checks for programs. AC_PROG_CC AC_PROG_LN_S AC_PROG_INSTALL # The pidfile() code needs asprintf(), which relies on -D_GNU_SOURCE AC_GNU_SOURCE # Checks for typedefs, structures, and compiler characteristics. AC_C_CONST AC_C_INLINE AC_TYPE_UINT32_T # Checks for library functions. AC_FUNC_FORK AC_CHECK_FUNCS([atexit dup2 memset select socket strchr strerror strrchr asprintf]) # Check for usually missing API's AC_REPLACE_FUNCS([strlcpy utimensat]) AC_CONFIG_LIBOBJ_DIR([lib]) # Check for sun_len in struct sockaddr_un AC_CHECK_SUN_LEN() # Check user options AC_ARG_ENABLE([mrdisc], AS_HELP_STRING([--enable-mrdisc], [enable IPv4 multicast router discovery])) AC_ARG_ENABLE([ipv6], AS_HELP_STRING([--disable-ipv6], [disable IPv6 support])) AC_ARG_ENABLE([client], AS_HELP_STRING([--disable-client], [disable smcroutectl and IPC API]),, enable_client=yes) AC_ARG_ENABLE([config], AS_HELP_STRING([--disable-config], [disable /etc/smcroute.conf support]),, enable_config=yes) AC_ARG_WITH([libcap], AS_HELP_STRING([--without-libcap], [disable libcap, -p USER:GROUP drop-privs support]),, [with_libcap=auto]) AC_ARG_WITH([systemd], [AS_HELP_STRING([--with-systemd=DIR], [Directory for systemd service files])],, [with_systemd=auto]) # Checks for header files. AC_HEADER_STDC AC_CHECK_HEADERS([arpa/inet.h fcntl.h netinet/in.h stdlib.h string.h \ sys/ioctl.h sys/prctl.h sys/socket.h sys/types.h syslog.h \ unistd.h net/route.h sys/param.h sys/stat.h sys/time.h \ sys/capability.h ifaddrs.h linux/sockios.h termios.h], [], [],[ #ifdef HAVE_SYS_SOCKET_H # include #endif ]) # Build w/ mrdisc support? AS_IF([test "x$enable_mrdisc" = "xyes"], AC_DEFINE([ENABLE_MRDISC], 1, [Enable IPv4 multicast router discovery protocol]), enable_mrdisc=no) AM_CONDITIONAL([USE_MRDISC], [test "x$enable_mrdisc" = "xyes"]) # Build w/o smcroutectl and IPC API? AS_IF([test "x$enable_client" != "xno"], AC_DEFINE([ENABLE_CLIENT], 1, [Enable smcroutectl and the daemon IPC API])) AM_CONDITIONAL([HAVE_CLIENT], [test "x$enable_client" != "xno"]) # Build w/o smcroute.conf support? AS_IF([test "x$enable_config" != "xno"], AC_DEFINE([ENABLE_DOTCONF], 1, [Enable /etc/smcroute.conf support])) AM_CONDITIONAL([USE_DOTCONF], [test "x$enable_config" != "xno"]) # Sanity check ... AS_IF([test "x$with_client" = "xno" -a "x$with_config" = "xno"], AC_MSG_ERROR([Cannot disable both smcroutectl and /etc/smcroute.conf support.])) # Required to check for libsystemd-dev PKG_PROG_PKG_CONFIG # Check where to install the systemd .service file AS_IF([test "x$PKG_CONFIG" = "x"], [ with_systemd=no AC_MSG_WARN([Cannot find pkg-config tool, disabling systemd check.])]) AS_IF([test "x$with_systemd" = "xyes" -o "x$with_systemd" = "xauto"], [ def_systemd=$($PKG_CONFIG --variable=systemdsystemunitdir systemd) AS_IF([test "x$def_systemd" = "x"], [AS_IF([test "x$with_systemd" = "xyes"], [AC_MSG_ERROR([systemd support requested but pkg-config unable to query systemd package])]) with_systemd=no], [with_systemd="$def_systemd"])] ) AS_IF([test "x$with_systemd" != "xno"], [AC_SUBST([systemddir], [$with_systemd])]) AM_CONDITIONAL([HAVE_SYSTEMD], [test "x$with_systemd" != "xno"]) # Check if we need -lpthread (building statically) and -lrt (older GLIBC) # Unset cached values when retrying with -lpthread and reset LIBS for each API need_librt=no need_pthread=no old_LIBS=$LIBS AC_SEARCH_LIBS([clock_gettime], [rt], need_librt=yes) LIBS=$old_LIBS AC_SEARCH_LIBS([timer_create], [rt], need_librt=yes, [ unset ac_cv_search_timer_create AC_SEARCH_LIBS([timer_create], [rt], need_pthread=yes,,[-lpthread])]) LIBS=$old_LIBS AC_SEARCH_LIBS([timer_settime], [rt], need_librt=yes, [ unset ac_cv_search_timer_settime AC_SEARCH_LIBS([timer_settime], [rt], need_pthread=yes,,[-lpthread])]) # Check for libcap to not trigger false positives on FreeBSD et al LIBS=$old_LIBS AC_SEARCH_LIBS([cap_set_flag], [cap],, ac_cv_header_sys_capability_h=no) LIBS=$old_LIBS # Check for IPv4 support AC_CHECK_MROUTE() # If IPv6 is enabled we must probe the system some more AS_IF([test "x$enable_ipv6" != "xno"], AC_CHECK_MROUTE6()) # Only enable support for dropping root privileges if auto/yes && header exists AS_IF([test "x$with_libcap" != "xno" -a "x$ac_cv_header_sys_capability_h" = "xyes"], [ with_libcap=yes AC_DEFINE([ENABLE_LIBCAP], [], [Define to enable support for libcap.])]) AM_CONDITIONAL(USE_LIBCAP, [test "x$with_libcap" != "xno" -a "x$ac_cv_header_sys_capability_h" = "xyes"]) # Mac OS does not (yet) support SOCK_CLOEXEC AC_CACHE_CHECK([for SOCK_CLOEXEC support], [ac_cv_sock_cloexec], [AC_TRY_RUN([ #include #include int main() { return socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC, 0) == -1; }], [ac_cv_sock_cloexec=yes], [ac_cv_sock_cloexec=no], [ac_cv_sock_cloexec=no])]) AS_IF([test "$ac_cv_sock_cloexec" = "yes" ], AC_DEFINE([HAVE_SOCK_CLOEXEC], 1, [Define if the SOCK_CLOEXEC flag is supported])) AS_IF([test "$need_librt" != "no"], LIB_RT=-lrt) AC_SUBST([LIB_RT]) AS_IF([test "$need_pthread" != "no"], LIB_PTHREAD=-lpthread) AC_SUBST([LIB_PTHREAD]) # Expand $sbindir early, into $SBINDIR, for systemd unit file # NOTE: This does *not* take prefix/exec_prefix override at "make # install" into account, unfortunately. test "x$prefix" = xNONE && prefix=$ac_default_prefix test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' SBINDIR=`eval echo $sbindir` SBINDIR=`eval echo $SBINDIR` AC_SUBST(SBINDIR) DOCDIR=`eval echo $docdir` DOCDIR=`eval echo $DOCDIR` AC_SUBST(DOCDIR) AS_IF([test "x$ac_cv_header_sys_capability_h" = "xno"], [ AS_IF([test "x$with_libcap" = "xyes"], [ dnl configure: error: ... AC_MSG_ERROR( [Cannot find libcap or its headers, install libcap-dev first.] [CentOS/RHEL 6: libcap is broken, recommended to disable it.] [Use --without-libcap to disable this feature.]) ]) AS_IF([test "x$with_libcap" = "xauto"], [ dnl configure: WARNING: ... AC_MSG_WARN( [As a safety measure, SMCRoute use libcap to drop root privs] [after startup. Install libcap and headers from libcap-dev,] [or similar, to enable this feature.]) AC_MSG_NOTICE([Use --without-libcap to disable this message.]) ]) with_libcap=no]) AC_OUTPUT cat <