system/NetworkManager
system/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager synced 2024-07-22 02:35:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

2008-06-11 Dan Williams <dcbw@redhat.com>

Browse source 
* src/NetworkManagerPolicy.c
		- do_ipt_cmd -> do_cmd
		- (sharing_init): use do_cmd() instead of system()



git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3747 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
This commit is contained in:
Dan Williams 2008-06-11 13:30:53 +00:00
parent 628f271791
commit c2ffdc1d2e
2 changed files with 28 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ChangeLog
View file

@ -1,3 +1,9 @@
2008-06-11 Dan Williams <dcbw@redhat.com>
* src/NetworkManagerPolicy.c
- do_ipt_cmd -> do_cmd
- (sharing_init): use do_cmd() instead of system()
2008-06-10 Dan Williams <dcbw@redhat.com>
The grand 802-11-wireless rename. Get rid of the 802-11/80211/802_11 bits

44
src/NetworkManagerPolicy.c
View file

@ -343,7 +343,7 @@ get_device_connection (NMDevice *device)
}
static gboolean
do_ipt_cmd (const char *fmt, ...)
do_cmd (const char *fmt, ...)
{
va_list args;
char *cmd;
@ -371,32 +371,32 @@ do_ipt_cmd (const char *fmt, ...)
static void
sharing_init (void)
{
system ("echo \"1\" > /proc/sys/net/ipv4/ip_forward");
system ("echo \"1\" > /proc/sys/net/ipv4/ip_dynaddr");
system ("/sbin/modprobe ip_tables iptable_nat ip_nat_ftp ip_nat_irc");
do_ipt_cmd ("/sbin/iptables -P INPUT ACCEPT");
do_ipt_cmd ("/sbin/iptables -F INPUT");
do_ipt_cmd ("/sbin/iptables -P OUTPUT ACCEPT");
do_ipt_cmd ("/sbin/iptables -F OUTPUT");
do_ipt_cmd ("/sbin/iptables -P FORWARD DROP");
do_ipt_cmd ("/sbin/iptables -F FORWARD");
do_ipt_cmd ("/sbin/iptables -t nat -F");
do_cmd ("echo \"1\" > /proc/sys/net/ipv4/ip_forward");
do_cmd ("echo \"1\" > /proc/sys/net/ipv4/ip_dynaddr");
do_cmd ("/sbin/modprobe ip_tables iptable_nat ip_nat_ftp ip_nat_irc");
do_cmd ("/sbin/iptables -P INPUT ACCEPT");
do_cmd ("/sbin/iptables -F INPUT");
do_cmd ("/sbin/iptables -P OUTPUT ACCEPT");
do_cmd ("/sbin/iptables -F OUTPUT");
do_cmd ("/sbin/iptables -P FORWARD DROP");
do_cmd ("/sbin/iptables -F FORWARD");
do_cmd ("/sbin/iptables -t nat -F");
}
static void
sharing_stop (NMActRequest *req)
{
do_ipt_cmd ("/sbin/iptables -F INPUT");
do_ipt_cmd ("/sbin/iptables -F OUTPUT");
do_ipt_cmd ("/sbin/iptables -P FORWARD DROP");
do_ipt_cmd ("/sbin/iptables -F FORWARD");
do_ipt_cmd ("/sbin/iptables -F -t nat");
do_cmd ("/sbin/iptables -F INPUT");
do_cmd ("/sbin/iptables -F OUTPUT");
do_cmd ("/sbin/iptables -P FORWARD DROP");
do_cmd ("/sbin/iptables -F FORWARD");
do_cmd ("/sbin/iptables -F -t nat");
// Delete all User-specified chains
do_ipt_cmd ("/sbin/iptables -X");
do_cmd ("/sbin/iptables -X");
// Reset all IPTABLES counters
do_ipt_cmd ("/sbin/iptables -Z");
do_cmd ("/sbin/iptables -Z");
nm_act_request_set_shared (req, FALSE);
}
@ -444,14 +444,14 @@ sharing_restart (NMPolicy *policy, NMActRequest *req)
// FWD: Allow all connections OUT and only existing and related ones IN
intif = nm_device_get_ip_iface (candidate);
g_assert (intif);
do_ipt_cmd ("/sbin/iptables -A FORWARD -i %s -o %s -m state --state ESTABLISHED,RELATED -j ACCEPT", extif, intif);
do_ipt_cmd ("/sbin/iptables -A FORWARD -i %s -o %s -j ACCEPT", extif, intif);
do_ipt_cmd ("/sbin/iptables -A FORWARD -i %s -o %s -j ACCEPT", intif, extif);
do_cmd ("/sbin/iptables -A FORWARD -i %s -o %s -m state --state ESTABLISHED,RELATED -j ACCEPT", extif, intif);
do_cmd ("/sbin/iptables -A FORWARD -i %s -o %s -j ACCEPT", extif, intif);
do_cmd ("/sbin/iptables -A FORWARD -i %s -o %s -j ACCEPT", intif, extif);
}
if (have_shared) {
// Enabling SNAT (MASQUERADE) functionality on $EXTIF
do_ipt_cmd ("/sbin/iptables -t nat -A POSTROUTING -o %s -j MASQUERADE", extif);
do_cmd ("/sbin/iptables -t nat -A POSTROUTING -o %s -j MASQUERADE", extif);
nm_act_request_set_shared (req, TRUE);
}