Showing preview only (438K chars total). Download the full file or copy to clipboard to get everything.
Repository: troglobit/smcroute
Branch: master
Commit: e36897c76410
Files: 95
Total size: 414.1 KB
Directory structure:
gitextract_5o0vch3v/
├── .github/
│ ├── CONTRIBUTING.md
│ ├── FUNDING.yml
│ ├── SECURITY.md
│ └── workflows/
│ ├── build.yml
│ ├── coverity.yml
│ └── release.yml
├── .gitignore
├── COPYING
├── ChangeLog.md
├── Makefile.am
├── README.md
├── autogen.sh
├── configure.ac
├── doc/
│ ├── AUTHORS
│ └── TODO.md
├── lib/
│ ├── malloc.c
│ ├── strlcat.c
│ ├── strlcpy.c
│ ├── tempfile.c
│ └── utimensat.c
├── m4/
│ ├── misc.m4
│ └── mroute.m4
├── man/
│ ├── Makefile.am
│ ├── smcroute.conf.5
│ ├── smcroutectl.8
│ └── smcrouted.8
├── smcroute
├── smcroute.conf
├── smcroute.default
├── smcroute.init
├── smcroute.service.in
├── src/
│ ├── Makefile.am
│ ├── cap.c
│ ├── cap.h
│ ├── conf.c
│ ├── conf.h
│ ├── iface.c
│ ├── iface.h
│ ├── inet.c
│ ├── inet.h
│ ├── ip_mroute.h
│ ├── ipc.c
│ ├── ipc.h
│ ├── kern.c
│ ├── kern.h
│ ├── log.c
│ ├── log.h
│ ├── mcgroup.c
│ ├── mcgroup.h
│ ├── mrdisc.c
│ ├── mrdisc.h
│ ├── mroute.c
│ ├── mroute.h
│ ├── msg.c
│ ├── msg.h
│ ├── notify.c
│ ├── notify.h
│ ├── pidfile.c
│ ├── queue.h
│ ├── script.c
│ ├── script.h
│ ├── smcroutectl.c
│ ├── smcrouted.c
│ ├── socket.c
│ ├── socket.h
│ ├── systemd.c
│ ├── timer.c
│ ├── timer.h
│ └── util.h
└── test/
├── .gitignore
├── Makefile.am
├── README.md
├── adv.sh
├── basic.sh
├── batch.sh
├── bridge.sh
├── dyn.sh
├── expire.sh
├── gre.sh
├── include.sh
├── ipv6.sh
├── isolated.sh
├── join.sh
├── joinlen.sh
├── lib.sh
├── lost.sh
├── mem.sh
├── mrcache.sh
├── mrdisc.sh
├── multi.sh
├── poison.sh
├── reload.sh
├── reload6.sh
├── vlan.sh
└── vrfy.sh
================================================
FILE CONTENTS
================================================
================================================
FILE: .github/CONTRIBUTING.md
================================================
Contributing to SMCRoute
========================
Thank you for considering contributing back to [Free Software][1]!
There are a few things we would like you to consider when filing an
issue or pull request with this project:
1. If you are filing a bug report or feature request
Please take the time to check if an issue already has been filed
matching your problem
2. What version are you running, have you tried the latest release?
UNIX distributions often package and test software for their
particular brand. If you are using a pre-packaged version,
then please file a bug with that distribution instead.
3. Coding Style
Lines are allowed to be longer than 72 characters these days, there
is no enforced max. length.
> **Tip:** Always submit code that follows the style of surrounding code!
The coding style itself is strictly Linux [KNF][], like GIT it is
becoming a de facto standard for C programming
https://www.kernel.org/doc/Documentation/CodingStyle
4. Logical Change Sets
Changes should be broken down into logical units that add a feature
or fix a bug. Keep changes separate from each other and do not mix a
bug fix with a whitespace cleanup or a new feature addition.
This is important not only for readilibity, or for the possibility of
maintainers to revert changes, but does also increase your chances of
having a change accepted.
5. Commit messages
Commit messages exist to track *why* a change was made. Try to be as
clear and concise as possible in your commit messages, and always, be
proud of your work and set up a proper GIT identity for your commits:
git config --global user.name "J. Random Hacker"
git config --global user.email random.j.hacker@example.com
See this helpful guide for how to write simple, readable commit
messages, or have at least a look at the below example.
http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
Example
-------
Example commit message from the [Pro Git][gitbook] online book, notice
how `git commit -s` is used to automatically add a `Signed-off-by`:
Capitalized, short (50 chars or less) summary
More detailed explanatory text, if necessary. Wrap it to about 72
characters or so. In some contexts, the first line is treated as the
subject of an email and the rest of the text as the body. The blank
line separating the summary from the body is critical (unless you omit
the body entirely); tools like rebase can get confused if you run the
two together.
Write your commit message in the imperative: "Fix bug" and not "Fixed bug"
or "Fixes bug." This convention matches up with commit messages generated
by commands like git merge and git revert.
Further paragraphs come after blank lines.
- Bullet points are okay, too
- Typically a hyphen or asterisk is used for the bullet, followed by a
single space, with blank lines in between, but conventions vary here
- Use a hanging indent
Signed-off-by: J. Random Hacker <random.j.hacker@example.com>
[1]: http://www.gnu.org/philosophy/free-sw.en.html
[KNF]: https://en.wikipedia.org/wiki/Kernel_Normal_Form
[gitbook]: https://git-scm.com/book/ch5-2.html
================================================
FILE: .github/FUNDING.yml
================================================
# These are supported funding model platforms
github: [troglobit]
================================================
FILE: .github/SECURITY.md
================================================
# Security Policy
## Supported Versions
SMCRoute is a small project, as such we have no possibility to support older versions.
The only supported version is the latest released on GitHub:
<https://github.com/troglobit/smcroute/releases>
## Reporting a Vulnerability
Contact the project's main author and owner to report and discuss vulnerabilities.
================================================
FILE: .github/workflows/build.yml
================================================
name: Bob the Builder
# Run on all branches, including all pull requests, except the 'dev'
# branch since that's where we run Coverity Scan (limited tokens/day)
on:
push:
branches:
- '**'
- '!dev'
pull_request:
branches:
- '**'
jobs:
build:
# Verify we can build on latest Ubuntu with both gcc and clang
name: ${{ matrix.compiler }}
runs-on: ubuntu-latest
strategy:
matrix:
compiler: [gcc, clang]
fail-fast: false
env:
MAKEFLAGS: -j3
CC: ${{ matrix.compiler }}
steps:
- name: Install dependencies
run: |
sudo modprobe ip_gre
sudo apt-get -y update
sudo apt-get -y install pkg-config libsystemd-dev libcap-dev tshark iptables valgrind
- uses: actions/checkout@v6
- name: Configure
# Build in a sub-directory so we can safely set a+w on all
# directories. Needed for `make check` since it runs with
# root dropped and wants to write .trs and .log files.
run: |
set -x
OPTS="--cache-file=/tmp/config.cache --prefix= --enable-mrdisc --enable-test"
./autogen.sh
if [ "$CC" = "clang" ]; then
compat_valgrind="-gdwarf-4"
fi
./configure $OPTS CFLAGS="$compat_valgrind"
make dist && archive=$(ls *.tar.gz)
if [ -n "$archive" -a -f "$archive" ]; then
tar xf "$archive"
dir=$(echo "$archive" |rev |cut -f3- -d. |rev)
cd "$dir"
fi
mkdir -p .build/dir
cd .build/dir
../../configure $OPTS CFLAGS="$compat_valgrind"
chmod -R a+w .
- name: Build
run: |
make
- name: Install to ~/tmp and Inspect
run: |
DESTDIR=~/tmp make install-strip
tree ~/tmp
ldd ~/tmp/sbin/smcrouted
size ~/tmp/sbin/smcrouted
ldd ~/tmp/sbin/smcroutectl
size ~/tmp/sbin/smcroutectl
~/tmp/sbin/smcrouted -h
~/tmp/sbin/smcroutectl -h
- name: Enable unprivileged userns (unshare)
run: |
sudo sysctl kernel.apparmor_restrict_unprivileged_userns=0
- name: Run Unit Tests
run: |
make check || (cat test/test-suite.log; false)
- name: Upload Test Results
uses: actions/upload-artifact@v7
with:
name: smcroute-test-${{ matrix.compiler }}
path: test/*
================================================
FILE: .github/workflows/coverity.yml
================================================
name: Coverity Scan
on:
push:
branches:
- 'dev'
workflow_dispatch:
env:
PROJECT_NAME: smcroute
CONTACT_EMAIL: troglobit@gmail.com
COVERITY_NAME: troglobit-smcroute
COVERITY_PROJ: troglobit%2Fsmcroute
jobs:
coverity:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Fetch latest Coverity Scan MD5
id: var
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
run: |
wget -q https://scan.coverity.com/download/cxx/linux64 \
--post-data "token=$TOKEN&project=${COVERITY_PROJ}&md5=1" \
-O coverity-latest.tar.gz.md5
echo "md5=$(cat coverity-latest.tar.gz.md5)" | tee -a $GITHUB_OUTPUT
- uses: actions/cache@v5
id: cache
with:
path: coverity-latest.tar.gz
key: ${{ runner.os }}-coverity-${{ steps.var.outputs.md5 }}
restore-keys: |
${{ runner.os }}-coverity-${{ steps.var.outputs.md5 }}
${{ runner.os }}-coverity-
${{ runner.os }}-coverity
- name: Download Coverity Scan
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
run: |
if [ ! -f coverity-latest.tar.gz ]; then
wget -q https://scan.coverity.com/download/cxx/linux64 \
--post-data "token=$TOKEN&project=${COVERITY_PROJ}" \
-O coverity-latest.tar.gz
else
echo "Latest Coverity Scan available from cache :-)"
md5sum coverity-latest.tar.gz
fi
mkdir coverity
tar xzf coverity-latest.tar.gz --strip 1 -C coverity
- name: Install dependencies
run: |
sudo apt-get -y update
sudo apt-get -y install pkg-config libsystemd-dev libcap-dev
- name: Configure
run: |
./autogen.sh
./configure --prefix= --enable-mrdisc
- name: Build
run: |
export PATH=`pwd`/coverity/bin:$PATH
cov-build --dir cov-int make
- name: Submit results to Coverity Scan
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
run: |
tar czvf ${PROJECT_NAME}.tgz cov-int
curl \
--form project=${COVERITY_NAME} \
--form token=$TOKEN \
--form email=${CONTACT_EMAIL} \
--form file=@${PROJECT_NAME}.tgz \
--form version=trunk \
--form description="${PROJECT_NAME} $(git rev-parse HEAD)" \
https://scan.coverity.com/builds?project=${COVERITY_PROJ}
- name: Upload build.log
uses: actions/upload-artifact@v7
with:
name: coverity-build.log
path: cov-int/build-log.txt
================================================
FILE: .github/workflows/release.yml
================================================
name: Release General
on:
push:
tags:
- '[0-9]+.[0-9]+.[0-9]+'
jobs:
release:
name: Build and upload release tarball
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Installing dependencies ...
run: |
sudo modprobe ip_gre
sudo apt-get -y update
sudo apt-get -y install pkg-config libsystemd-dev libcap-dev tshark iptables valgrind
- name: Creating Makefiles ...
run: |
./autogen.sh
./configure --prefix= --enable-mrdisc --enable-test
- name: Enable unprivileged userns (unshare)
run: |
sudo sysctl kernel.apparmor_restrict_unprivileged_userns=0
- name: Build release ...
run: |
make release || (cat test/test-suite.log; false)
ls -lF ../
mkdir -p artifacts/
mv ../*.tar.* artifacts/
- name: Extract ChangeLog entry ...
run: |
awk '/-----*/{if (x == 1) exit; x=1;next}x' ChangeLog.md \
|head -n -1 > release.md
cat release.md
- uses: ncipollo/release-action@v1
with:
name: SMCRoute v${{ github.ref_name }}
bodyFile: "release.md"
artifacts: "artifacts/*"
================================================
FILE: .gitignore
================================================
.deps
*~
*.o
*.log
*.status
ID
GPATH
GRTAGS
GSYMS
GTAGS
Makefile
Makefile.in
aclocal.m4
autom4te.cache
aux/
compile
config.h
config.h.in
configure
depcomp
install-sh
mcsender
missing
smcrouted
smcroutectl
smcroute.service
stamp-h1
*.tar.*
.dirstamp
.gdb_history
================================================
FILE: COPYING
================================================
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
================================================
FILE: ChangeLog.md
================================================
ChangeLog
=========
All notable changes to the project are documented in this file.
[v2.5.7][] - 2024-05-09
-----------------------
### Fixes
- Fix #207: crash when adding IPv6 multicast route on a kernel without
IPv6 multicast support
[v2.5.6][] - 2022-11-28
-----------------------
Despite the new `smcroutectl` batch mode feature, this is primarily a
bug fix release. Most notably #183 and #187.
### Changes
- Add `smcroutectl` batch support, issue #189. Based on the IPC support
added in issue #185, by Alexey Smirnov:
~$ sudo smcroutectl -b <<-EOF
join eth0 225.1.2.3
add eth0 192.168.1.42 225.1.2.3 eth1 eth2
rem eth1 225.3.4.5 eth3
leave eth1 225.3.4.5
EOF
~$
### Fixes
- Fix #178: invalid systemd daemon type Simple/Notify vs simple/notify
- Fix #179: typo in wildcard routes section of README
- Fix #180: minor typo in file and directory names in documentation
- Fix #183: casting in IPC code hides error handling of `recv()`
- Fix #186: NULL pointer dereference in `utimensat()` replacement
function. Found accidentally by Alexey Smirnov. Only triggered on
systems that don't have a native `utimensat()` in their C-library, or
if you try to build SMCRoute without using its own build system ...
- Fix #187: strange behavior joining/leaving the same group
- Fix #192: typo in README
[v2.5.5][] - 2021-11-21
-----------------------
### Changes
- Revert extraction of version from GIT tag. Incompatible with systems
that do `autoreconf` on a dist. tarball
### Fixes
- Fix #175: Parse error in `/etc/smcroute.conf`. SMCRoute fails to
start on interfaces with `mrdisc` disabled, when built with mrdisc
support and `-N` passed on command line
[v2.5.4][] - 2021-11-13
-----------------------
### Changes
- Automatically extract new version from GIT tag
### Fixes
- Avoid trying to delete inactive VIFs. Fixing an annoying bogus error:
*"Failed deleting VIF for iface lo: Resource temporarily unavailable"*
- Fix #171: too small string buffer for IPv6 address causing garbled
output in periodic expiry callback
- Fix too small buffer for IPv6 address in mroute display functions
[v2.5.3][] - 2021-09-23
-----------------------
### Changes
- New tests to verify add/del of IPv4/IPv6 routes in kernel MFC
### Fixes
- Fix #166: build warning with gcc 10.2.1: "comparison is always true
due to limited range of data type"
- Fix build warning with `--disable-mrdisc` configure option
- Fix #167: cannot remove routes added with `smcroutectl add`,
only affects add/del at runtime with smcroutectl, not .conf reload
- Fix #168: build problem on Debian/kFreeBSD, used wrong queue.h
[v2.5.2][] - 2021-08-27
-----------------------
### Changes
- Allow installing routes with no outbound interfaces
- Reinitialize VIFs on reload in case of new interfaces
- Handle cases when interfaces change ifindex, i.e. they've first been
removed and then re-added with the same name
### Fixes
- Fix VIF leak when deleting interfaces with MRDISC enabled
- Fix handling when an (S,G) moves to another IIF. This fixes issues
where the SMCRoute kernel cache was out of sync with the kernel MFC
- Fix handling of lost/disabled interfaces at reload. This fixes a
couple of issues where routes were not updated properly at runtime
- Update interface flags on reload, this fixes issues when SMCRoute
failed to detect interfaces that had their MULTICAST flag set or
cleared at runtime
. Skip `setsockopt()` for IPC sockets. This fixes warnings in syslog
about failing to disable `MULTICAST_LOOP` and `MULTICAST_ALL`
[v2.5.1][] - 2021-08-22
-----------------------
### Changes
- Add .sha256 checksum to dist files, useful for packagers
### Fixes
- Fix #155: systemd Notify integration, restore `NotifyAccess=main`
- Fix #165: ftbfs on older compilers, e.g. gcc 4.8.3, use -std=gnu99
- Fix Documentation refs in systemd unit file, new man pages
[v2.5.0][] - 2021-08-19
-----------------------
**Highlights:** native `/etc/smcroute.d/*.conf` support and seamless
update/removal of routes and groups by reloading `.conf` files or
using `smcroutectl`.
Tested on Linux 5.11 and FreeBSD 12.2
### Changes
- Fully automated test suite with 15 tests covering many use cases
- Support for `/etc/smcroute.d/*.conf`, issue #103
- Support for applying changes to `.conf` files without disturbing
established flows -- i.e., seamless addition or removal of outbound
interfaces in existing rules, or add/remove routes, without ever
affecting other routes, issue #103
- Support for route replacement/update `smcroutectl`, issue #115
- Full `(*,G)` wildcard route matching, for IPv4 and IPv6, issue #31
- Variant wildcard route matching with source and group range matching.
This may of course waste a lot of resources, so handle with care:
- `(*,G/LEN)`, issue #135 (IPv4), and issue #162 (IPv6)
- `(S/LEN,G)`, issue #81
- `(S/LEN,G/LEN)`
- Full SSM/ASM group join support, for both IPv4 and IPv6. Including
joining group ranges from both `smcroutectl` and `.conf`, issue #118
Please note, no SSM support on FreeBSD, only Linux
- New command line option, `-F file.conf` to verify file syntax, issue #100
- The `-I NAME` command line option has changed to `-i NAME`, compat
support for the previous option remains
- The `mrdisc` flag to the `phyint` directive is now what solely
controls the functionality per interface. Previously a mechanism to
enable/disable the functionality (if enabled) if active routes were in
place. However, this did not cover `(*,G)` routes so that has been
removed to simplify and guarantee full function
- Output format from `smcroutectl` has been extensively changed. E.g,
new `/LEN` support means wider columns, but heading have also changed
- The `.tar.xz` archive has been has been dropped as distribution format,
keeping only `tar.gz`
### Fixes
- Fix #120: failed ASM/SSM IGMP join if interface has no address
- Fix #130: dynamic IPv6 routes are not flushed (like IPv4 `(*,G)`)
- Fix #149: `(*,G)` cache timeout callback stops, or never starts
- Fix #151: same log entries
- Fix #156: `smcruotectl show` does not show IPv6 routes
- Fix stochastic timer behavior, e.g. mrdisc announcements experienced
interference with the `(*,G)` cache timer
[v2.4.4][] - 2019-02-11
-----------------------
### Changes
- Allow same outbound interface as inbound for routes, only warn user
- systemd unit file hardening, recommended by Debian
- Discontinued GPG signing, unused and signed with only one dev key
### Fixes
- Fix #104: IGMP header checksum missing from mrdisc frames
- Fix #105: Unblock *all* matching, and currently blocked, (S,G) to a
newly installed (*,G) route, only the first know was unblocked
- Fix #106: Timer nanosecond bug causing loss of address refresh on DHCP
interfaces. Interface monitoring feature introduced in v2.4.3
- Fix #108: Calling init script with `stop` does not stop `smcrouted`
- Fix #109: ifindex in UNIX/POSIX is an interger, not unsigned short
[v2.4.3][] - 2018-11-06
-----------------------
The Lyon release.
### Changes
- Add `strlcat()` replacement from OpenBSD, use instead of `strcat()`
- `smcrouted` should never log to system console, proposed by Westermo
### Fixes
- `smcrouted` fails to join multicast groups on interfaces that do not
yet have an IP address when `smcrouted` starts up, or when it receives
`SIGHUP`, e.g. DHCP client interfaces. This patch release adds a timer
refresh of interface addresses that retries multicast group joins until
an address is set. This is similar to issue #55, but does not handle
interfaces that do not exist yet
- Make sure Linux alias interfaces (baseif:num) are registered as
baseif. Westermo found that use of alias interfaces cause multiple
VIFs to be registered for the same base interface causing multicast
routes to use the wrong inbound or outbound VIF. Alias interfaces
use the same underlying physical interface so only one VIF needed
- Fix display of route counters and column alignment
- Minor spelling fixes, found by Debian
- Add missing status command to SysV init script, found by Debian
- Simplify `utimensat()` replacement, `AT_SYMLINK_NOFOLLOW` unused
[v2.4.2][] - 2018-09-09
-----------------------
### Changes
- Add wrapper script `smcroute` for use with old style startup scripts
- Add symlinks to man pages for `smcrouted.8 and` `smcroutectl.8`
- Update SysV init script, daemon now called `smcrouted`
### Fixes
- Fix #96: A `.conf` line may be missing final newline, this is fine
- Spellcheck `smcroute.conf` example
- Fix Lintian warning (Debian) for unbreakable line in man page
[v2.4.1][] - 2018-06-16
-----------------------
### Changes
- Update and spellecheck documentation and example `.conf` file
### Fixes
- Fix #91: Allow re-configuration of unprivileged `smcrouted`.
Courtesy of Marcel Patzlaff
[v2.4.0][] - 2018-02-11
-----------------------
### Changes
- Interface wildcard support, Linux `iptables` like syntax, `eth+`
matches `eth0`, `eth1`, `eth32`. It can be used where an interface
name is used: `phyint`, `mroute`, `mgroup`, and even on the command
line to `smcroutectl`. Contributed by Martin Buck
- Disable IPv4 [mrdisc][] by default, enable per `phyint` in the `.conf`
file instead. When *not* started with `smcrouted -N` mrdisc would
otherwise be enabled on *all* interfaces found at startup
- Minor doc updates, e.g. clarify need for root or `CAP_NET_ADMIN`
including some minor man page fixes
### Fixes
- Fix #75: Not possible to remove (*,G) routes using `smcroutectl`
- Fix #76: When removing a kernel route, also remove from internal lists
otherwise route is shown in `smcroutectl show`. Conversely, adding a
route to internal list shall only be done after successful kernel add
- Fix #77: Counter overflow due to wrong type used in `smcroutectl show`
- Fix #78: Document interface wildcard feature
- Fix #80: `smcroutectl` argument parser fixes by Pawel Rozlach
- Fix #84: Check return value of `sigaction()`
- Fix #85: Signal handling is async-signal-unsafe
- Fix #86: Document how to use `iptables` on Linux to modify TTL
- Fix #87: Possible buffer overrun in `ipc_receive()`
- Fix #89: Adding similar (S,G) route should replace existing one if
inbound interface differs
[v2.3.1][] - 2017-06-13
-----------------------
Bug fix release courtesy of the Westermo WeOS automated testing
framework. Many thanks to Johan Askerin at Westermo for working
on integrating SMCRoute v2.3 into WeOS v4.22!
### Changes
- Add `utimensat()` replacement for systems that don't have it
- Ignore error messages from `send()` on interface link down
### Fixes
- Fix build error(s) on FreeBSD 9/9.3-RELEASE
- Fix possible invalid interface name reference in new mrdisc support
- Fix log macro bug in the .conf parser
- Fix buggy interface and VIF re-initialization on `SIGHUP`
[v2.3.0][] - 2017-05-28
-----------------------
### Changes
- Support GROUP/LEN matching for IPv4 (*,G) routes
- Support for IPv4 [mrdisc][], [RFC4286][]
- Support for multiple routing tables on Linux, `-t ID`
- `ssmgroup` code folded into general code, now with optional source
- Separation of daemon and client into `smcrouted` and `smcroutectl`
- Complete new client user interface, `smcroutectl`
- Support for disabling IPC and client, `--disable-client`
- Support for disabling `.conf` file support, `--disable-config`
- Show multicast routes and joined groups in client, including stats:
`smcroutectl show [groups|routes]`
- Support for `-d SEC` startup delay in `smcrouted`
- Unknown (*,G) multicast now blocked by default
- Flush timer, `-c SEC`, for (*,G) routes now enabled by default, 60 sec
- Build ID removed from `configure` script
- Massive code cleanup, refactor and separation into stand-alone modules
- Default system paths are no longer taken from `/usr/include/paths.h`,
instead the settings from `configure --prefix` are used
- Use of `libcap` for privilige separation is now auto-detected
### Fixes
- Allow use of loopback interface for multicast routes
- Fix IPv4-only build, by Martin Buck
- Fix IPv4 network interface address identification, by Martin Buck
- Support unlimited number of network interfaces, by Martin Buck
[v2.2.2][] - 2017-02-02
-----------------------
### Changes
- New client command, `-F`, for immediately flushing dynamically learned
(*,G) routes from the cache.
### Fixes
- Fix issue #51: New cache flush timeout option causes endless
`select()` loop. Reported by Ramon Fried, @mellowcandle
[v2.2.1][] - 2017-01-09
-----------------------
### Changes
- Add support for a new command line option, `-c SEC`, for timing out
dynamically learned (*,G) routes. Issue #17
### Fixes
- Portability, replace use of non-std `__progname` with small function
- Issue #49: systemd unit file missing `-d` to start daemon
[v2.2.0][] - 2016-12-03
-----------------------
### Changes
- Support for dropping root privileges after opening the multicast
routing socket and creating the PID file
- Support for Source Specific Multicast group subscription (only IPv4)
- Support for systemd, service file included and installed by default
### Fixes
- Remove GNUisms to be able to build and run on Alpine Linux (musl libc)
- Add OpenBSD `queue.h` for systems that do not have any *BSD `sys/queue.h`
- Coding style cleanup and minor refactor
[v2.1.1][] - 2016-08-19
-----------------------
### Changes
- When `SIGHUP` is received SMCRoute now touches its PID file as an
acknowledgement. This is used by some process supervision daemons,
like [Finit](https://github.com/troglobit/finit), on system
configuration changes to detect when a daemon is done. The mtime is
set using the `utimensat()` function to ensure nanosecond resolution.
### Fixes
- Fix issue #38: Minor memory leak at exit. The Valgrind tool warns
that all memory is not freed when smcroute exits. On most modern
UNIX systems, on platforms with MMU, this is not a problem, but on
older systems, or uClinux, memory is not freed at program exit.
- Fix issue #39: Removing wildcard route at runtime does not work if no
kernel routes have been set.
- Fix issue #44: IPv6 disabled by default, despite what `configure` says
in its help text. Enabling it disables it ... fixed by enabling IPv6
by default.
[v2.1.0][] - 2016-02-17
-----------------------
### Changes
- Allow more interfaces to be used for multicast routing, in particular
on Linux, where interfaces without an IP address can now be used!
Making it possible to run SMCRoute on DHCP/PPP interaces, issue #13
- Add support for TTL scoping on interfaces, very useful for filtering
multicast without a firewall: `phyint IFNAME ttl-threshold TTL`
- On Linux a socket filter now filters out ALL traffic on the helper
sockets where SMCRoute does IGMP/MLD join/leave on multicast groups.
This should eliminate the extra overhad required to, not only route
streams, but also send a copy of each packet to SMCRoute.
- Add support for limiting the amount of multicast interfaces (VIFs)
SMCRoute creates at startup. Two options are now available, by
default all multicast capable interfaces are given a VIF and the user
can selectively disable them one by one. However, if the `-N` command
line option is given SMCRoute does *not* enable any VIFs by default,
the user must then selectively enable interface one by one. The
syntax in the config file is:
phyint IFNAME <enable|disable>
Use `enable` per interface with `-N` option, or `disable` by default.
- Make build ID optional. SMCRoute has always had the build date
hard coded in the binary. This change makes this optional, and
defaults to disabled, to facilitate reproducible builds. For
more info, see https://wiki.debian.org/ReproducibleBuilds
- Remove generated files from GIT. Files generated by GNU autotools are
now only part of the distribution archive, not the GIT repository.
Use `./autogen.sh` to create the required files when using GIT.
- Updated man page and example `smcroute.conf` with limitations on
the amount of mgroup rules.
- Add support for executing an external script on config reload and when
installing a multicast route. Issue #14
smcroute -e /path/to/cmd
The script is called when SMCRoute has started up, or has received
`SIGHUP` and just reloaded the configuration file, and when a new
source-less rule have been installed. See the documentation for
more information on set environment variables etc. Issue #14
- Add `--disable-ipv6` option to `configure` script. Disables IPv6
support in SMCRoute even though the kernel may support it
- Replaced `-D` option with `-L LVL` to alter log level, issue #24
- The smcroute daemon now behaves more like a regular UNIX daemon. It
defaults to using syslog when running in the background and stderr
when running in the foreground. A new option `-s` can be used to
enable syslog when running in the foreground, issue #25
- The smcroute client no longer use syslog, only stderr, issue #25
- When starting the smcroute daemon it is no longer possible to also
send client commands on the same command line.
- Remove the (unmaintained) in-tree `mcsender` tool. Both ping(8) and
iperf(1) can be used in its stead. The omping(8) tool is another
tool, engineered specifically for testing multicast. Issue #30
### Fixes
- Fix issue #10: `smcroute` client loops forever on command if no
`smcroute` daemon is running
- Install binaries to `/usr/sbin` rather than `/usr/bin`, regression
introduced in [v2.0.0][]. Fixed by Micha Lenk
- Cleanup fix for no-MMU systems. Multicast groups were not properly
cleaned up in the `atexit()` handler -- *only* affects no-MMU systems.
- Do not force automake v1.11, only require *at least* v.11
- SMCRoute operates fine without a config file, so use a less obtrusive
warning message for missing `/etc/smcroute.conf`
[v2.0.0][] - 2014-09-30
-----------------------
### Changes
- Migrate to full GNU Configure and Build system, add Makefile.am,
GitHub issue #6 -- heads up, packagers!
- Add standard SysV init script, from Debian. GitHub issue #9
### Fixes
- Multiple fixes of nasty bugs thanks to Coverity static code analysis!
- Cleanup of Linux system anachronisms to make FreeBSD work again,
GitHub issue #5
[v1.99.2][] - 2013-07-16
------------------------
### Fixes
* Fix issue #2: Loop forever bug when deleting new (*,G) sourceless routes
Bug report and patch by Jean-Baptiste Maillet
[v1.99.1][] - 2013-07-11
------------------------
### Fixes
- Fix possible memory leak on Linux
- Fix missing #ifdefs when building on systems w/o IPv6
- Fix possible race in Makefile when building in (massive) parallel
- Fix build problems on RedHat EL5/CentOS5, i.e., Linux <= 2.6.25
[v1.99.0][] - 2012-05-13
-------------------------
### Changes
- Feature: Experimental source-less `(*,G)` IPv4 multicast routing.
Most UNIX kernels are (S,G) based, i.e., you need to supply the
source address with the multicast group to setup a kernel routing
rule. However, daemons like mrouted and pimd emulate `(*,G)` by
listening for IGMPMSG_NOCACHE messages from the kernel. SMCRoute now
also implements this, for IPv4 only atm, by placing all `(*,G)`
routes in a list and adding matching (S,G) routes on-demand at
runtime. All routes matching this (*,G) are removed when reloading
the conf file on SIGHUP or when the user sends an IPC (-r) command to
remove the (*,G) rule.
### Fixes
- Bugfix: SMCRoute segfaults when starting on interface that is up but
has no valid IPv4 address yet. Bug introduced in 1.98.3
- Improved error messages including some minor cleanup and readability
improvements
- Bugfix: Actually check if running as root at startup
[v1.98.3][] - 2011-11-05
------------------------
### Changes
- Check for existence of `asprintf()` to `pidfile()` and add
`-D_GNU_SOURCE` to `CPPFLAGS` using `AC_GNU_SOURCE` in `configure.ac`
- Cleanup IPv6 `#ifdefs` and replace `IN6_MULTICAST()` with standard
`IN6_IS_ADDR_MULTICAST()`. This commit cleans up a lot of the IPv6
related `#ifdefs`, some minor function name refactoring and squash of
some `_init` and `_enable` funcs into one for clarity and clearer
error messages to the user
### Fixes
- Fixes FTBFS when host lacks IPv6 support.
[v1.98.1][] - 2011-11-05
------------------------
### Fixes
- Bugfix: Client failed to send commands to daemon.
- Bugfix: Several FTBFS fixed for GCC 4.6.x and -W -Wall
[v1.98.0][] - 2011-11-04
------------------------
SMCRoute2 Announced!
### Changes
- Feature: Support for `smcroute.conf` configuration file for daemon.
Add support for reading multicast routes and multicast groups from a
configuration file.
mgroup from IFNAME group MCGROUP
mroute from IFNAME source ADDRESS group MCGROUP to IFNAME [IFNAME ...]
Both IPv4 and IPv6 address formats are supported
- Feature: Support for signals, reload conf file on `SIGHUP`
- Feature: Add -n switch to support running smcroute in foreground.
- Refactor: Insecure handling of pointers potentially outside array boundaries.
- Refactor: Major cleanup, reindent to Linux C-style, for improved maintainability.
### Fixes
- Bugfix: Invalid use of varargs in call to `snprintf()`, use
`vsnprintf()` instead
- Bugfix: Invalid `MRouterFD6` fd crashes smcroute, always check for
valid fd
- Bugfix: Several minor bugfixes; type mismatches and unused return
values
[v0.95][] - 2011-08-08
----------------------
### Changes
- Feature request #313278: Added support for FreeBSD
SMCRoute now builds and runs on FreeBSD kernels. This was successfully
tested with the FreeBSD port of Debian using FreeBSD 8.1. Other BSD
flavours or versions might work too. Any feedback is appreciated.
https://alioth.debian.org/tracker/index.php?func=detail&aid=313278
- Feature request #313190: Debug logging is now disabled by default. If you
want to enable debug logging again, start the daemon with parameter '-D'.
https://alioth.debian.org/tracker/index.php?func=detail&aid=313190
[v0.94.1][] - 2010-01-13
------------------------
### Fixes
- Bugfix: In case the kernel refuses write access to the file
/proc/sys/net/ipv6/conf/all/mc_forwarding, don't let smcroute exit
with an error, but proceed with normal operation without writing a
"1" to this file. Apparently newer Linux kernels take care for the
correct content of this file automatically whenever the IPv6
multicast routing API is initialized by a process.
[v0.94][] - 2009-11-01
----------------------
### Changes
- Added support for IPv6 multicast routing in smcroute. SMCRoute now
supports addition and removal of IPv6 multicast routes. It will
automatically detect which type of route to add or delete based
on the type (IPv4/IPv6) of addresses provided for the add and
remove commands.
- Added support for joins and leaves ('j'/'l') to IPv6 multicast groups.
- Added support for sending to IPv6 multicast addresses to mcsender tool.
- Added command line option to mcsender tool to allow user to specify the
outgoing interface for datagrams sent.
- Added autoconf support for smcroute build.
v0.93 - UNRELEASED
------------------
### Fixes
- Fixed the "smcroute looses output interfaces" bug.
Carsten Schill, 0.93 unreleased
v0.92 - July 2002
-----------------
### Changes
- Increased the number of supported interfaces
The 16 interface limit of version 0.90 (interfaces as listed with
ifconfig) was to small, especially when alias interfaces where
defined.
- up to 40 interfaces are no recognized by smcroute
- this does not change the number of 'virtual interfaces' supported
by the kernel (32)
- not all interfaces recognized by smcroute (40) results in a
'virtual interface' of the kernel (32)
### Fixes
- Fixed the 'mroute: pending queue full, dropping entries' error
Smcroute 0.90 didn't care about the IGMP messages delivered to the
UDP socket that establish the MC-Router API. After some time the
queue for the sockets filled up and the 'pending queue full' message
was send from the kernel. To my knowledge this didn't affect smcroute
or the operating system.
- version 0.92 reads the ICMP messages now from the UDP socket and
logs them to syslog with daemon/debug
- smcroute does no further processing of this messages
v0.9 - September 2001
---------------------
### Changes
* Added MC group join (-j) and leave (-l) functionality
- the options enable/disable the sending of IGMP join messages for
a multicast group on a specific interface
* Removed the '<OutputIntf> [<OutputIntf>] ...' for the '-r' option
- they are not used by the kernel to identify the route to remove
- smcroute will not complain about extra arguments for the '-r' option
to stay compatible with releases <= 0.80
* Improved error handling for some typical error situations
* Added a test script (tst-smcroute.pl)
* Added a man page
### Fixes
* Fixed some minor bugs
v0.8 - August 2001
------------------
Initial public release by Carsten Schill.
[mrdisc]: https://github.com/troglobit/mrdisc
[RFC4286]: https://tools.ietf.org/html/rfc4286
[UNRELEASED]: https://github.com/troglobit/smcroute/compare/2.5.7...HEAD
[v2.5.7]: https://github.com/troglobit/smcroute/compare/2.5.6...2.5.7
[v2.5.6]: https://github.com/troglobit/smcroute/compare/2.5.5...2.5.6
[v2.5.5]: https://github.com/troglobit/smcroute/compare/2.5.4...2.5.5
[v2.5.4]: https://github.com/troglobit/smcroute/compare/2.5.3...2.5.4
[v2.5.3]: https://github.com/troglobit/smcroute/compare/2.5.2...2.5.3
[v2.5.2]: https://github.com/troglobit/smcroute/compare/2.5.1...2.5.2
[v2.5.1]: https://github.com/troglobit/smcroute/compare/2.5.0...2.5.1
[v2.5.0]: https://github.com/troglobit/smcroute/compare/2.4.4...2.5.0
[v2.4.4]: https://github.com/troglobit/smcroute/compare/2.4.3...2.4.4
[v2.4.3]: https://github.com/troglobit/smcroute/compare/2.4.2...2.4.3
[v2.4.2]: https://github.com/troglobit/smcroute/compare/2.4.1...2.4.2
[v2.4.1]: https://github.com/troglobit/smcroute/compare/2.4.1...2.4.1
[v2.4.0]: https://github.com/troglobit/smcroute/compare/2.3.1...2.4.0
[v2.3.1]: https://github.com/troglobit/smcroute/compare/2.3.0...2.3.1
[v2.3.0]: https://github.com/troglobit/smcroute/compare/2.2.2...2.3.0
[v2.2.2]: https://github.com/troglobit/smcroute/compare/2.2.1...2.2.2
[v2.2.1]: https://github.com/troglobit/smcroute/compare/2.2.0...2.2.1
[v2.2.0]: https://github.com/troglobit/smcroute/compare/2.1.1...2.2.0
[v2.1.1]: https://github.com/troglobit/smcroute/compare/2.1.0...2.1.1
[v2.1.0]: https://github.com/troglobit/smcroute/compare/2.0.0...2.1.0
[v2.0.0]: https://github.com/troglobit/smcroute/compare/1.99.2...2.0.0
[v1.99.2]: https://github.com/troglobit/smcroute/compare/1.99.1...1.99.2
[v1.99.1]: https://github.com/troglobit/smcroute/compare/1.99.0...1.99.1
[v1.99.0]: https://github.com/troglobit/smcroute/compare/1.98.3...1.99.0
[v1.98.3]: https://github.com/troglobit/smcroute/compare/1.98.2...1.98.3
[v1.98.2]: https://github.com/troglobit/smcroute/compare/1.98.1...1.98.2
[v1.98.1]: https://github.com/troglobit/smcroute/compare/1.98.0...1.98.1
[v1.98.0]: https://github.com/troglobit/smcroute/compare/0.95...1.98.0
[v0.95]: https://github.com/troglobit/smcroute/compare/0.94.1...0.95
[v0.94.1]: https://github.com/troglobit/smcroute/compare/0.94...0.94.1
[v0.94]: https://github.com/troglobit/smcroute/compare/0.94.1...0.95
================================================
FILE: Makefile.am
================================================
## SMCRoute - A static multicast routing tool -*-Makefile-*-
ACLOCAL_AMFLAGS = -I m4
SUBDIRS = man src
DISTCLEANFILES = *~ DEADJOE semantic.cache *.gdb *.elf core core.* *.d
dist_sbin_SCRIPTS = smcroute
doc_DATA = README.md COPYING smcroute.conf
EXTRA_DIST = README.md ChangeLog.md autogen.sh smcroute.conf smcroute.default smcroute.init
if ENABLE_TEST
SUBDIRS += test
endif
if HAVE_SYSTEMD
systemd_DATA = smcroute.service
endif
## Check if tagged in git
release-hook:
@if [ ! `git tag -l $(PACKAGE_VERSION) | grep $(PACKAGE_VERSION)` ]; then \
echo; \
printf "\e[1m\e[41mCannot find release tag $(PACKAGE_VERSION)\e[0m\n"; \
printf "\e[1m\e[5mDo release anyway?\e[0m "; read yorn; \
if [ "$$yorn" != "y" -a "$$yorn" != "Y" ]; then \
printf "OK, aborting release.\n"; \
exit 1; \
fi; \
echo; \
else \
echo; \
printf "\e[1m\e[42mFound GIT release tag $(PACKAGE_VERSION)\e[0m\n"; \
printf "\e[1m\e[44m>>Remember to push tags!\e[0m\n"; \
echo; \
fi
## Target to run when building a release
release: release-hook distcheck
@for file in $(DIST_ARCHIVES); do \
md5sum $$file > ../$$file.md5; \
sha256sum $$file > ../$$file.sha256; \
done
@mv $(DIST_ARCHIVES) ../
@echo
@echo "Resulting release files ======================================================================="
@for file in $(DIST_ARCHIVES); do \
printf "%-30s Distribution tarball\n" $$file; \
printf "%-30s " $$file.md5; cat ../$$file.md5 | cut -f1 -d' '; \
printf "%-30s " $$file.sha256; cat ../$$file.sha256 | cut -f1 -d' '; \
done
# Workaround for systemd unit file duing distcheck
DISTCHECK_CONFIGURE_FLAGS = --with-systemd=$$dc_install_base/$(systemd) --enable-mrdisc --enable-test
================================================
FILE: README.md
================================================
SMCRoute - A static multicast routing daemon
============================================
[![License Badge][]][License] [![GitHub Status][]][GitHub] [![Coverity Status][]][Coverity Scan]
Table of Contents
-----------------
* [About](#about)
* [Features](#features)
* [Usage](#usage)
* [Caveat](#caveat)
* [Actions Scripts](#action-scripts)
* [Many Interfaces](#many-interfaces)
* [Multiple Routing Tables](#multiple-routing-tables)
* [Client Tool](#client-tool)
* [Wildcard Routes](#wildcard-routes)
* [Multicast Router Discovery](#multicast-router-discovery)
* [Build & Install](#build--install)
* [Linux Requirements](#linux-requirements)
* [*BSD Requirements](#bsd-requirements)
* [General Requirements](#general-requirements)
* [Configure & Build](#configure--build)
* [Integration with systemd](#integration-with-systemd)
* [Static Build](#static-build)
* [Building from GIT](#building-from-git)
* [Origin & References](#origin--references)
About
-----
SMCRoute is a static multicast routing daemon providing fine grained
control over the multicast forwarding cache (MFC) in the UNIX kernel.
Both IPv4 and IPv6 are fully supported.
SMCRoute can be used as an alternative to dynamic multicast routers like
[mrouted][], [pimd][], or [pim6sd][] in setups where static multicast
routes should be maintained and/or no proper IGMP or MLD signaling
exists.
Multicast routes exist in the UNIX kernel as long as a multicast routing
daemon runs. On Linux, multiple multicast routers can run simultaneously
using different multicast routing tables.
The full documentation of SMCRoute is available in the manual pages, see
[smcrouted(8)][], [smcroutectl(8)][], and [smcroute.conf(5)][].
Features
--------
All features, except [mrdisc][], are supported for both IPv4 and IPv6.
Please note, some features may not be available on systems other than
Linux. E.g., FreeBSD does not have SSM group join support.
- Configuration file support, `/etc/smcroute.conf`
- Configuration snippet include support, `/etc/smcroute.d/*.conf`
- Daemon startup options support, `/etc/default/smcroute`
- Support for seamless reloading of the configuration on `SIGHUP`
- Source-less on-demand routing, a.k.a. wildcard `(*,G)` based static
routing, including support for `(*,G/LEN)` and `(S/LEN,G/LEN)`
- Optional built-in [mrdisc][] support for IPv4, [RFC4286][]
- Support for multiple routing tables on Linux
- Client to add/remove routes, join/leave groups, and built-in support
to show both routes and joined groups
- Interface wildcard matching, `eth+` matches `eth0, eth15`
> **Note:** `smcroutectl` can be used to freely modify the runtime state
> of `smcrouted`, but any changes made (routes/groups) are
> lost when the configuration is reloaded. This is by design.
Usage
-----
smcrouted [-nNhsv] [-c SEC] [-d SEC] [-e CMD] [-f FILE] [-i NAME]
[-l LVL] [-p USER:GROUP] [-P FILE] [-t ID] [-u FILE]
smcroutectl [-dptv] [-i NAME] [-u FILE] [COMMAND]
smcroutectl ⟨kill | reload⟩
smcroutectl ⟨add | rem⟩ ⟨ROUTE⟩
smcroutectl ⟨join | leave⟩ ⟨GROUP⟩
smcroutectl show [ routes | groups]
To set multicast routes and join groups you must first start the daemon,
which needs *root privileges*, or `CAP_NET_ADMIN`. Use `smcrouted -n`
to run the daemon in the foreground, as required by modern init daemons
like systemd and [Finit][].
When started from systemd, `smcrouted` runs with the `-n -s` options,
i.e. supervised in the foreground and uses syslog for logging output.
The default log level is `INFO`, this can be adjusted using the file
`/etc/default/smcroute`:
SMCROUTED_OPTS=-l debug
When configured with `--sysconfdir=/etc`, like most Linux distributions
do, `smcrouted` reads `/etc/smcroute.conf`, which can look something
like this:
mgroup from eth0 group 225.1.2.3
mgroup from eth0 group 225.1.2.3 source 192.168.1.42
mroute from eth0 group 225.1.2.3 source 192.168.1.42 to eth1 eth2
The first line means "Join multicast group 225.1.2.3 on interface eth0".
Useful if `eth0` is not directly connected to the source, but to a LAN
with switches with IGMP snooping. Joining the group opens up multicast
for that group towards `eth0`. See below Caveat for limitations.
The second `mgroup` is for source specific group join, i.e. the host
specifies that it wants packets from 192.168.1.42 and no other source.
The third `mroute` line is the actual layer-3 routing entry. Here we
say that multicast data originating from 192.168.1.42 on `eth0` to the
multicast group 225.1.2.3 should be forwarded to interfaces `eth1` and
`eth2`.
**Note:** To test the above you can use ping from another device. The
multicast should be visible as long as your IP# matches the source
above and you ping 225.1.2.3 -- **REMEMBER TO SET THE TTL >1**
ping -I eth0 -t 2 225.1.2.3
The TTL is what usually bites people first trying out multicast routing.
Most TCP/IP stacks default to a TTL of 1 for multicast frames, e.g. ping
above requires `-t 2`, or greater. This limitation is intentional and
reduces the risk of someone accidentally flooding multicast. Remember,
multicast *behaves like broadcast* unless limited.
The TTL should preferably be set on the sender side, e.g. the camera,
but can also be modified in the firewall on a router. Be careful though
because the TTL is the only thing that helps prevent routing loops! On
Linux the following `iptables` command can be used to change the TTL:
iptables -t mangle -A PREROUTING -i eth0 -d 225.1.2.3 -j TTL --ttl-inc 1
Some commands, like this one, must usually be run with root privileges
or the correct set of capabilities.
### Caveat
On some platforms there is a limit of 20 groups per socket. This stems
from a limit in BSD UNIX, which also affects Linux. The setting that
controls this is `IP_MAX_MEMBERSHIPTS`, defined in the system header
file `netinet/in.h`. Linux users can tweak this with the following
`/proc` setting:
echo 40 > /proc/sys/net/ipv4/igmp_max_memberships
`smcrouted` probes this at runtime by attempting to join as many groups
as possible (as have been requested), when the kernel accepts no further
joins on a socket, `smcrouted` opens a new one.
For large setups it is recommended to investigate enabling multicast
router ports in the switches, either statically or by enabling support
for multicast router discovery, RFC 4286, or possibly use a dynamic
multicast routing protocol.
### Action Scripts
smcrouted -e /path/to/script
With `-e CMD` a user script or command can be called when `smcrouted`
receives a `SIGHUP` or installs a multicast route to the kernel. This
is useful if you, for instance, also run a NAT firewall and need to
flush connection tracking after installing a multicast route.
### Many Interfaces
smcrouted -N
With the `-N` command line option SMCRoute does *not* prepare all system
interfaces for multicast routing. Very useful if your system has a lot
of interfaces but only a select few are required for multicast routing.
Use the following in `/etc/smcroute.conf` to enable interfaces:
phyint eth0 enable
phyint eth1 enable
phyint eth2 enable
It is possible to use any interface that supports the `MULTICAST` flag.
Note, however, that depending on the UNIX kernel in use, you may have to
have an interface address set, in the relevant address family, and the
interface may likely also have to be `UP`.
### Multiple Routing Tables
On Linux it is possible to run multiple multicast routing daemons due to
its support for multiple multicast routing tables. In such setups it
may be useful to change the default identity of SMCRoute:
smcrouted -i mrt1 -t 1
smcrouted -i mrt2 -t 2
The `-i NAME` option alters the default syslog name, config file, PID
file, and client socket file name used. In the first instance above,
`smcrouted` will use:
- `/etc/mrt1.conf`
- `/var/run/mrt1.pid`
- `/var/run/mrt1.sock`
and syslog messages will use the `mrt1` identity as well. Remember to
use the same `-i NAME` also to `smcroutectl`.
### Client Tool
SMCRoute also has a client interface to interact with the daemon:
smcroutectl join eth0 225.1.2.3
smcroutectl add eth0 192.168.1.42 225.1.2.3 eth1 eth2
If the daemon runs with a different identity the client needs to be
called using the same identity:
smcrouted -i mrt
smcroutectl -i mrt show
There are more commands. See the man page or the online help for
details:
smcroutectl help
> **Note:** Root privileges are required by default for `smcroutectl` due
> to the IPC socket permissions.
Wildcard Routes
---------------
Multicast often originates from different sources but usually not at the
same time. For a more generic setup, and to reduce the number of rules
required, it is possible to set `(*,G)` multicast routes for both IPv4
and IPv6. Variants include `(*,G/LEN)` and `(S/LEN,G/LEN`. These
wildcard routes are used as "templates" to match against and install
proper `(S,G)` routes when the kernel informs `smcrouted` of inbound
multicast from new sources.
Example `smcroute.conf`:
phyint eth0 enable mrdisc
phyint eth1 enable
phyint eth2 enable
mgroup from eth0 group 225.1.2.3
mroute from eth0 group 225.1.2.3 to eth1 eth2
or, from the command line:
# smcroutectl join eth0 225.1.2.3
# smcroutectl add eth0 225.1.2.3 eth1 eth2
Also, see the `smcrouted -c SEC` option for periodic flushing of learned
`(*,G)` rules, including the automatic blocking of unknown multicast, and
the `smcroutectl flush` command.
Multicast Router Discovery
--------------------------
Another interesting feature is multicast router discovery, [mrdisc][],
described in [RFC4286][]. This feature is disabled by default, enable
with `configure --enable-mrdisc`. When enabled it periodically sends
out an IGMP message on inbound interfaces¹ to alert switches to open up
multicast in that direction. Not many managed switches have support for
this yet.
> **Note:** [mrdisc][] only works on Linux due to `SO_BINDTODEVICE`.
____
¹ Notice the `mrdisc` flag to the above `phyint eth0` directive, which
is missing for `eth1` and `eth2`.
Build & Install
---------------
SMCRoute should in theory work on any UNIX like operating system which
supports the BSD MROUTING API. Both Linux and FreeBSD are tested on a
regular basis.
### Linux Requirements
On Linux the following kernel config is required:
CONFIG_IP_MROUTE=y
CONFIG_IP_PIMSM_V1=y
CONFIG_IP_PIMSM_V2=y
CONFIG_IP_MROUTE_MULTIPLE_TABLES=y # For multiple routing tables
CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y # For multiple routing tables
### *BSD Requirements
On *BSD the following kernel config is required:
options MROUTING # Multicast routing
options PIM # pimd extensions used for (*,G) support
FreeBSD support module loading, `kldload(8)`, edit `/boot/loader.conf`:
ip_mroute_load="yes"
ip_mroute6_load="yes"
### General Requirements
Check the list of multicast capable interfaces:
cat /proc/net/dev_mcast
or look for interfaces with the `MULTICAST` flag in the output from:
ifconfig
Some interfaces have the `MULTICAST` flag disabled by default, like `lo`
and `greN`. Usually this flag can be enabled administratively.
### Configure & Build
The GNU Configure & Build system use `/usr/local` as the default install
prefix. In many cases this is useful, but this means the configuration
files, cache, and PID files will also use that prefix. Most users have
come to expect those files in `/etc/` and `/var/` and configure has a
few useful options that are recommended to use. For SMCRoute you may
want to use something like this:
./configure --prefix=/usr --sysconfdir=/etc --runstatedir=/var/run
make -j5
sudo make install-strip
Usually your system reserves `/usr` for native pacakges, so most users
drop `--prefix`, installing to `/usr/local`, or use `--prefix=/opt`.
**Note:** On some systems `--runstatedir` may not be available in the
configure script, try `--localstatedir=/var` instead.
### Privilege Separation
As of SMCRoute v2.2 support for privilege separation using the `libcap`
library was added. It is used to drop full root privileges at startup,
retaining only `CAP_NET_ADMIN` for managing the multicast routes.
The build system searches for the `libcap` library and header file(s).
Both `libcap-dev` and `pkg-config` are required.
**Note:** Although support is automatically detected, the build system
will issue a warning if `libcap` is missing. This can be
silenced with `configure --without-libcap`
### Integration with systemd
For systemd integration `libsystemd-dev` and `pkg-config` are required.
When the unit file is installed, `systemctl` can be used to enable and
start `smcrouted`:
$ sudo systemctl enable smcroute.service
$ sudo systemctl start smcroute.service
Check that it started properly by inspecting the system log, or:
$ sudo systemctl status smcroute.service
### Static Build
Some people want to build statically, to do this with `autoconf` add the
following `LDFLAGS=` *after* the configure script. You may also need to
add `LIBS=...`, which will depend on your particular system:
./configure LDFLAGS="-static" ...
### Building from GIT
The `configure` script and the `Makefile.in` files are generated and not
stored in GIT. So if you checkout the sources from GitHub you first
need to generated these files using `./autogen.sh`.
Origin & References
-------------------
SMCRoute is maintained collaboratively at [GitHub][Home]. Bug reports,
feature requests, patches/pull requests, and documentation fixes are
most welcome. The project was previously hosted and maintained by
Debian at [Alioth][] and before that by [Carsten Schill][], the original
author.
[smcrouted(8)]: https://man.troglobit.com/man8/smcrouted.8.html
[smcroutectl(8)]: https://man.troglobit.com/man8/smcroutectl.8.html
[smcroute.conf(5)]:https://man.troglobit.com/man5/smcroute.conf.5.html
[Finit]: https://github.com/troglobit/finit
[mrouted]: https://github.com/troglobit/mrouted
[pimd]: https://github.com/troglobit/pimd
[pim6sd]: https://github.com/troglobit/pim6sd
[mrdisc]: https://github.com/troglobit/mrdisc
[RFC4286]: https://tools.ietf.org/html/rfc4286
[Home]: https://github.com/troglobit/smcroute
[Alioth]: https://alioth.debian.org/projects/smcroute
[Carsten Schill]: http://www.cschill.de/smcroute/
[License]: https://en.wikipedia.org/wiki/GPL_license
[License Badge]: https://img.shields.io/badge/License-GPL%20v2-blue.svg
[GitHub]: https://github.com/troglobit/smcroute/actions/workflows/build.yml/
[GitHub Status]: https://github.com/troglobit/smcroute/actions/workflows/build.yml/badge.svg
[Coverity Scan]: https://scan.coverity.com/projects/3061
[Coverity Status]: https://scan.coverity.com/projects/3061/badge.svg
================================================
FILE: autogen.sh
================================================
#!/bin/sh
autoreconf -W portability -visfm
================================================
FILE: configure.ac
================================================
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.61)
AC_INIT([SMCRoute], [2.5.7], [https://github.com/troglobit/smcroute/issues],
[smcroute], [https://troglobit.com/smcroute.html])
AC_CONFIG_AUX_DIR(aux)
AM_INIT_AUTOMAKE([1.11 foreign])
AM_SILENT_RULES([yes])
AC_CONFIG_SRCDIR([src/smcrouted.c])
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_FILES([Makefile man/Makefile src/Makefile test/Makefile smcroute.service])
# Older versions of autoconf (<2.58) do not have AC_CONFIG_MACRO_DIR()
m4_include([m4/misc.m4])
m4_include([m4/mroute.m4])
AC_CONFIG_MACRO_DIR([m4])
# Checks for programs.
AC_PROG_CC
AC_PROG_LN_S
AC_PROG_INSTALL
# The pidfile() code needs asprintf(), which relies on -D_GNU_SOURCE
AC_USE_SYSTEM_EXTENSIONS
# Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_C_INLINE
AC_TYPE_MODE_T
AC_TYPE_SIZE_T
AC_TYPE_SSIZE_T
AC_TYPE_UID_T
AC_TYPE_UINT8_T
AC_TYPE_UINT16_T
AC_TYPE_UINT32_T
# Checks for library functions.
AC_FUNC_FORK
AC_FUNC_CHOWN
AC_FUNC_MALLOC
AC_CHECK_FUNCS([atexit clock_gettime dup2 memset select setenv socket strchr \
strdup strerror strncasecmp strrchr asprintf])
# Check for usually missing API's
AC_REPLACE_FUNCS([strlcpy strlcat tempfile utimensat])
AC_CONFIG_LIBOBJ_DIR([lib])
# Check for sun_len in struct sockaddr_un and sin_len in sockaddr_in
# These are used on *BSD UNIX and don't exist on Linux
AC_CHECK_SUN_LEN()
AC_CHECK_SIN_LEN()
# Check user options
AC_ARG_ENABLE([mrdisc],
AS_HELP_STRING([--enable-mrdisc], [enable IPv4 multicast router discovery]))
AC_ARG_ENABLE(test,
[AS_HELP_STRING([--enable-test], [enable tests, requries unshare, tshark, etc.])],
[ac_enable_test="$enableval"],
[ac_enable_test="no"])
AC_ARG_ENABLE([ipv6],
AS_HELP_STRING([--disable-ipv6], [disable IPv6 support]))
AC_ARG_WITH([libcap],
AS_HELP_STRING([--without-libcap], [disable libcap, -p USER:GROUP drop-privs support]),,
[with_libcap=auto])
AC_ARG_WITH([systemd],
[AS_HELP_STRING([--with-systemd=DIR], [Directory for systemd service files])],,
[with_systemd=auto])
# Checks for header files.
AC_CHECK_HEADERS([arpa/inet.h fcntl.h glob.h ifaddrs.h limits.h linux/sockios.h \
net/if.h netinet/in.h netinet/in_var.h net/route.h paths.h stddef.h \
sys/capability.h sys/ioctl.h sys/param.h sys/prctl.h sys/socket.h \
sys/stat.h sys/time.h sys/types.h syslog.h termios.h unistd.h], [], [],[
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_NET_IF_H
# include <net/if.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
])
# Build w/ mrdisc support?
AS_IF([test "x$enable_mrdisc" = "xyes"],
AC_DEFINE([ENABLE_MRDISC], 1, [Enable IPv4 multicast router discovery protocol]),
enable_mrdisc=no)
AM_CONDITIONAL([USE_MRDISC], [test "x$enable_mrdisc" = "xyes"])
# Required to check for libsystemd-dev
PKG_PROG_PKG_CONFIG
# Check where to install the systemd .service file
AS_IF([test "x$PKG_CONFIG" = "x"], [
with_systemd=no
AC_MSG_WARN([Cannot find pkg-config tool, disabling systemd check.])])
with_libsystemd=no
AS_IF([test "x$with_systemd" = "xyes" -o "x$with_systemd" = "xauto"], [
def_systemd=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)
AS_IF([test "x$def_systemd" = "x"], [
AS_IF([test "x$with_systemd" = "xyes"],[
AC_MSG_ERROR([systemd support requested but pkg-config unable to query systemd package])])
with_systemd=no], [with_systemd="$def_systemd"])])
AS_IF([test "x$with_systemd" != "xno"], [
PKG_CHECK_MODULES([libsystemd], [libsystemd], [with_libsystemd=yes], [true])
AC_SUBST([systemddir], [$with_systemd])])
AM_CONDITIONAL([HAVE_SYSTEMD], [test "x$with_systemd" != "xno"])
AS_IF([test "x$with_libsystemd" != "xno"], [
AC_DEFINE([HAVE_LIBSYSTEMD], [1], [Define to 1 if you have libsystemd-dev])
AC_SUBST([DAEMON_TYPE], "notify")], [
AC_SUBST([DAEMON_TYPE], "simple")])
AM_CONDITIONAL([HAVE_LIBSYSTEMD], [test "x$with_libsystemd" != "xno"])
# Check if we need -lpthread (building statically) and -lrt (older GLIBC)
# Unset cached values when retrying with -lpthread and reset LIBS for each API
need_librt=no
need_pthread=no
old_LIBS=$LIBS
AC_SEARCH_LIBS([clock_gettime], [rt], need_librt=yes)
LIBS=$old_LIBS
AC_SEARCH_LIBS([timer_create], [rt], need_librt=yes, [
unset ac_cv_search_timer_create
AC_SEARCH_LIBS([timer_create], [rt], need_pthread=yes,,[-lpthread])])
LIBS=$old_LIBS
AC_SEARCH_LIBS([timer_settime], [rt], need_librt=yes, [
unset ac_cv_search_timer_settime
AC_SEARCH_LIBS([timer_settime], [rt], need_pthread=yes,,[-lpthread])])
# Check for libcap to not trigger false positives on FreeBSD et al
LIBS=$old_LIBS
AC_SEARCH_LIBS([cap_set_flag], [cap],, ac_cv_header_sys_capability_h=no)
LIBS=$old_LIBS
# Check for RFC 3678-style struct group_req (Linux, FreeBSD, Solaris, macOS, AIX)
AC_CHECK_MEMBER([struct group_req.gr_interface],
AC_DEFINE([HAVE_STRUCT_GROUP_REQ], [1], [Define to 1 if you have RFC 3678 struct group_req]),
[], [[#include <netinet/in.h>]])
# Check for Linux-style extension struct ip_mreqn (Linux, FreeBSD)
AC_CHECK_MEMBER([struct ip_mreqn.imr_ifindex],
AC_DEFINE([HAVE_STRUCT_IP_MREQN], [1], [Define to 1 if you have a Linux-style struct ip_mreqn]),
[], [[#include <netinet/in.h>]])
# Check for IPv4 support
AC_CHECK_MROUTE()
# If IPv6 is enabled we must probe the system some more
AS_IF([test "x$enable_ipv6" != "xno"],
AC_CHECK_MROUTE6())
# Only enable support for dropping root privileges if auto/yes && header exists
AS_IF([test "x$with_libcap" != "xno" -a "x$ac_cv_header_sys_capability_h" = "xyes"], [
with_libcap=yes
AC_DEFINE([ENABLE_LIBCAP], [], [Define to enable support for libcap.])])
AM_CONDITIONAL(USE_LIBCAP, [test "x$with_libcap" != "xno" -a "x$ac_cv_header_sys_capability_h" = "xyes"])
AM_CONDITIONAL([ENABLE_TEST], [test "x$ac_enable_test" != "xno"])
# Mac OS does not (yet) support SOCK_CLOEXEC
AC_CACHE_CHECK([for SOCK_CLOEXEC support], [ac_cv_sock_cloexec],
[AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <sys/types.h>
#include <sys/socket.h>
int main()
{
return socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC, 0) == -1;
}]])],[ac_cv_sock_cloexec=yes],[ac_cv_sock_cloexec=no],[ac_cv_sock_cloexec=no])])
AS_IF([test "$ac_cv_sock_cloexec" = "yes" ],
AC_DEFINE([HAVE_SOCK_CLOEXEC], 1, [Define if the SOCK_CLOEXEC flag is supported]))
AS_IF([test "$need_librt" != "no"], LIB_RT=-lrt)
AC_SUBST([LIB_RT])
AS_IF([test "$need_pthread" != "no"], LIB_PTHREAD=-lpthread)
AC_SUBST([LIB_PTHREAD])
# Expand $sbindir early, into $SBINDIR, for systemd unit file
# NOTE: This does *not* take prefix/exec_prefix override at "make
# install" into account, unfortunately.
test "x$prefix" = xNONE && prefix=$ac_default_prefix
test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
SYSCONFDIR=`eval echo $sysconfdir`
SYSCONFDIR=`eval echo $SYSCONFDIR`
AC_SUBST(SYSCONFDIR)
SBINDIR=`eval echo $sbindir`
SBINDIR=`eval echo $SBINDIR`
AC_SUBST(SBINDIR)
DOCDIR=`eval echo $docdir`
DOCDIR=`eval echo $DOCDIR`
AC_SUBST(DOCDIR)
AS_IF([test "x$ac_cv_header_sys_capability_h" = "xno"], [
AS_IF([test "x$with_libcap" = "xyes"], [
dnl configure: error: ...
AC_MSG_ERROR(
[Cannot find libcap or its headers, install libcap-dev first.]
[CentOS/RHEL 6: libcap is broken, recommended to disable it.]
[Use --without-libcap to disable this feature.])
])
AS_IF([test "x$with_libcap" = "xauto"], [
dnl configure: WARNING: ...
AC_MSG_WARN(
[As a safety measure, SMCRoute use libcap to drop root privs]
[after startup. Install libcap and headers from libcap-dev,]
[or similar, to enable this feature.])
AC_MSG_NOTICE([Use --without-libcap to disable this message.])
])
with_libcap=no])
# Workaround for as-of-yet unreleased runstatedir support, planned for
# autoconf 2.70, which some major distros have backported.
AS_IF([test -z "$runstatedir"], runstatedir="$localstatedir/run")
AC_SUBST(runstatedir)
AC_OUTPUT
# Expand directories for configuration summary, unexpanded defaults:
# sysconfdir => ${prefix}/etc
# runstatedir => ${localstatedir}/run
SYSCONFDIR=`eval echo $sysconfdir`
RUNSTATEDIR=`eval echo $runstatedir`
RUNSTATEDIR=`eval echo $RUNSTATEDIR`
cat <<EOF
------------------ Summary ------------------
$PACKAGE_NAME version $PACKAGE_VERSION
Prefix.........: $prefix
Sysconfdir.....: $SYSCONFDIR
Runstatedir....: $RUNSTATEDIR
C Compiler.....: $CC $CFLAGS $CPPFLAGS $LDFLAGS $LIBS
Optional features:
IPv6...........: $enable_ipv6
MRDISC RFC4286.: $enable_mrdisc
libcap.........: $with_libcap
systemd........: $with_systemd
libsystemd.....: $with_libsystemd
Unit tests.....: $ac_enable_test
------------- Compiler version --------------
$($CC --version || true)
---------------------------------------------
Check the above options and compile with:
${MAKE-make}
EOF
================================================
FILE: doc/AUTHORS
================================================
Authors
=======
Year: 2001-2005
Author: Carsten Schill <carsten@cschill.de>, original author
Releases: --> 0.92
URL: http://www.cschill.de/smcroute/
Year: 2006-2011
Releases: Version 0.93 --> 0.95
Authors: Julien BLACHE <jb@jblache.org>,
Todd Hayton <todd.hayton@gmail.com>, and
Micha Lenk <micha@debian.org>
URL: http://alioth.debian.org/projects/smcroute
Year: 2011-
Releases: 1.93.0 -->
Authors: Joachim Wiberg <troglobit@gmail.com>,
Todd Hayton <todd.hayton@gmail.com>,
Micha Lenk <micha@debian.org>, and
Julien BLACHE <jb@jblache.org>
URL: https://github.com/troglobit/smcroute
================================================
FILE: doc/TODO.md
================================================
Refactor MRDISC Support
-----------------------
The current MRDISC implementation is fragile (see issue #175 for an
example), and it also does not work on non-Linux systems. So the
implementation really needs to be refactored, not just for this but also
for adding IPv6 support (below).
Add Support for IPv6 MRDISC
---------------------------
[RFC4286][1] details both IPv4 and IPv6, which should not be problem
to support in SMCRoute. Anyone with Wireshark and a bit of patience
could add it. Your patch is welcome! :)
[1]: https://datatracker.ietf.org/doc/html/rfc4286
Tests must have uniquely named netns (if any)
---------------------------------------------
I've had to rename the R1/R2 netns used in test/gre.sh, because it turns
out these names are shared when we run in the unshare and gre.sh's names
clashed with multi.sh's. I.e., they were stomping hard on each other's
toes and often the gre.sh test completed before multi.sh, thus causing
the latter to lose both R1 and R2 and the test failed (of course).
We may be able to work around this by running each test in its own root
netns. Something that could be set up by lib.sh. I have not verified
this yet, hence this TODO.
Add support for WRONGVIF, somehow
---------------------------------
When an (S,G) for an already installed kernel MFC route suddenly appears
on another inbound interface, the kernel sends a WRONGVIF upcall message
to smcrouted. Currently we don't act on it, mostly because there is no
clear idea how to deal with such cases from a small routing daemon that
knows nothing of the rest of the layer-3 topology (which may have been
reconfigured due to link loss by, e.g. OSPF). It can be a valid change
of inbound interface, or looped back traffic that we don't want.
For now, users are recommended to install multiast snooping switches on
their outbound interfaces, and/or leverage to `phyint foo ttl-threshold`
setting to prevent already routed multicast from being looped back.
One idea is to delegate the behavior to our external script facility.
Investigate why MIF thresholds don't seem to work on Linux 5.11.0
------------------------------------------------------------------
Here smcrouted has managed to set the TTL thresholds of three OIFs to
values != 1, but the kernel still lists all of them as `:1`. See test
`reload6.sh`
Group Origin Iif Pkts Bytes Wrong Oifs
ff2e:0000:0000:0000:0000:0000:0000:0042 fc00:0000:0000:0000:0000:0000:0000:0001 0 0 0 0 2:1 4:1 5:1
Possibly Exit with Error if Multicast Socket is Busy
----------------------------------------------------
Currently we only log this state and then continue. Not sure what is
the best approach, but everything read from a .conf will fail so not
much point really continuing?
smcroute[2359]: IPv4 multicast routing API already in use: Address in use
Proposal: exit with error if either mrouting socket is busy.
We need to consider this a configuration error.
Support for (re-)enumerating VIFs at runtime
--------------------------------------------
Currently the `-t SEC` startup delay option has to be used if not all
interfaces are available when `smcrouted` starts. Commonly a problem at
boot, but also if adding a pluggable interface (PCMCIA/USB) at runtime.
Hence, it would be a great addition to SMCRoute if new interface VIF/MIF
mappings could be at least added at runtime.
Support for filtering based on source ADDRESS/LEN
-------------------------------------------------
When setting up a (*,G/LEN) route it may be necessary to filter out some
senders of multicast. The following is a suggestion for how that might
look, notice the omitted `source` argument:
mroute from eth0 except 192.168.1.0/24 group 225.1.2.0/24 to eth1 eth2
Filtering multiple sources:
mroute from eth0 except 192.168.1.0/24,192.168.2.3 group 225.1.2.0/24 to eth1 eth2
This is sometimes also referred to as Administrative Scoping (RFC2365).
Basic support for IGMP/MLD proxying
-----------------------------------
In some setups a semi-dynamic behavior is required, but the only
signaling available is IGMP/MLD. There exist tools like [igmpproxy][]
and [mcproxy][] for this purpose, which do a great job, but why should
you need to go elsewhere for your basic multicast routing needs?
The idea itself is simple, listen for IGMP/MLD join/leave messages on
enabled interfaces and add/remove routes dynamically from an `upstream`
marked interface.
Possibly an `igmp` flag may be needed as well, for downstream interfaces
we should proxy for. Resulting `smcroute.conf` may then look like this:
phyint eth0 upstream
phyint eth1 igmp
**Note:** the IGMP/MLD signaling may also need to be "proxied" to the
`upstream` interface, although this could be an optional second step
enabled by also setting the `igmp` flag on that `upstream` interface.
For more information, see the above mentioned tools and [RFC4605][],
which details exactly this use-case.
[igmpproxy]: https://github.com/pali/igmpproxy
[mcproxy]: https://github.com/mcproxy/mcproxy
[RFC4605]: https://www.ietf.org/rfc/rfc4605.txt
================================================
FILE: lib/malloc.c
================================================
#if HAVE_CONFIG_H
# include <config.h>
#endif
#undef malloc
#include <sys/types.h>
void *malloc ();
/*
* Allocate an N-byte block of memory from the heap.
* If N is zero, allocate a 1-byte block.
*/
void *rpl_malloc (size_t n)
{
if (n == 0)
n = 1;
return malloc (n);
}
================================================
FILE: lib/strlcat.c
================================================
/* $OpenBSD: strlcat.c,v 1.15 2015/03/02 21:41:08 millert Exp $ */
/*
* Copyright (c) 1998, 2015 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/types.h>
#include <string.h>
/*
* Appends src to string dst of size dsize (unlike strncat, dsize is the
* full size of dst, not space left). At most dsize-1 characters
* will be copied. Always NUL terminates (unless dsize <= strlen(dst)).
* Returns strlen(src) + MIN(dsize, strlen(initial dst)).
* If retval >= dsize, truncation occurred.
*/
size_t
strlcat(char *dst, const char *src, size_t dsize)
{
const char *odst = dst;
const char *osrc = src;
size_t n = dsize;
size_t dlen;
/* Find the end of dst and adjust bytes left but don't go past end. */
while (n-- != 0 && *dst != '\0')
dst++;
dlen = dst - odst;
n = dsize - dlen;
if (n-- == 0)
return(dlen + strlen(src));
while (*src != '\0') {
if (n != 0) {
*dst++ = *src;
n--;
}
src++;
}
*dst = '\0';
return(dlen + (src - osrc)); /* count does not include NUL */
}
================================================
FILE: lib/strlcpy.c
================================================
/* $OpenBSD: strlcpy.c,v 1.12 2015/01/15 03:54:12 millert Exp $ */
/*
* Copyright (c) 1998, 2015 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/types.h>
#include <string.h>
/*
* Copy string src to buffer dst of size dsize. At most dsize-1
* chars will be copied. Always NUL terminates (unless dsize == 0).
* Returns strlen(src); if retval >= dsize, truncation occurred.
*/
size_t
strlcpy(char *dst, const char *src, size_t dsize)
{
const char *osrc = src;
size_t nleft = dsize;
/* Copy as many bytes as will fit. */
if (nleft != 0) {
while (--nleft != 0) {
if ((*dst++ = *src++) == '\0')
break;
}
}
/* Not enough room in dst, add NUL and traverse rest of src. */
if (nleft == 0) {
if (dsize != 0)
*dst = '\0'; /* NUL-terminate dst */
while (*src++)
;
}
return(src - osrc - 1); /* count does not include NUL */
}
================================================
FILE: lib/tempfile.c
================================================
/* A secure tmpfile() replacement.
*
* Copyright (c) 2015-2020 Joachim Wiberg <troglobit@gmail.com>
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <paths.h>
#include <fcntl.h> /* O_TMPFILE requires -D_GNU_SOURCE */
#include <stdio.h> /* fdopen() */
#include <sys/stat.h> /* umask() */
#include <errno.h>
/**
* tempfile - A secure tmpfile() replacement
*
* This is the secure replacement for tmpfile() that does not exist in
* GLIBC. The function uses the Linux specific %O_TMPFILE and %O_EXCL
* for security. When the %FILE is fclose()'ed the file contents is
* lost. The file is hidden in the %_PATH_TMP directory on the system.
*
* This function requires Linux 3.11, or later, due to %O_TMPFILE.
*
* Returns:
* An open %FILE pointer, or %NULL on error.
*/
FILE *tempfile(void)
{
#ifdef O_TMPFILE /* Only on Linux, with fairly recent (G)LIBC */
mode_t oldmask;
int fd;
oldmask = umask(0077);
fd = open(_PATH_TMP, O_TMPFILE | O_RDWR | O_EXCL | O_CLOEXEC, S_IRUSR | S_IWUSR);
umask(oldmask);
if (fd == -1) {
/* Fall back to tmpfile() if O_TMPFILE is not supported */
if (errno == EOPNOTSUPP)
return tmpfile();
return NULL;
}
return fdopen(fd, "w+");
#else
return tmpfile(); /* Fallback on older GLIBC/Linux and actual UNIX systems */
#endif
}
/**
* Local Variables:
* indent-tabs-mode: t
* c-file-style: "linux"
* End:
*/
================================================
FILE: lib/utimensat.c
================================================
/* Replacement in case utimensat(2) is missing
*
* Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include "config.h"
#include <errno.h>
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#include <time.h>
#include <sys/time.h> /* lutimes(), utimes(), utimensat() */
int utimensat(int dirfd, const char *pathname, const struct timespec times[2], int flags)
{
struct timespec ts[2];
struct timeval tv[2];
int ret = -1;
if (dirfd != 0) {
errno = ENOTSUP;
return -1;
}
if (!times) {
clock_gettime(CLOCK_REALTIME, &ts[0]);
ts[1] = ts[0];
} else {
ts[0] = times[0];
ts[1] = times[1];
}
TIMESPEC_TO_TIMEVAL(&tv[0], &ts[0]);
TIMESPEC_TO_TIMEVAL(&tv[1], &ts[1]);
#ifdef AT_SYMLINK_NOFOLLOW
if ((flags & AT_SYMLINK_NOFOLLOW) == AT_SYMLINK_NOFOLLOW)
ret = lutimes(pathname, tv);
else
#endif
ret = utimes(pathname, tv);
return ret;
}
#ifdef UNITTEST
#include <err.h>
#include <stdio.h>
#include <unistd.h>
int main(int argc, char *argv[])
{
char *fn;
if (argc < 2)
errx(1, "Usage: touch FILENAME");
fn = argv[1];
if (access(fn, F_OK)) {
FILE *fp;
fp = fopen(fn, "w");
if (!fp)
err(1, "Failed creating %s", fn);
fclose(fp);
}
utimensat(0, fn, NULL, 0);
return 0;
}
#endif
/**
* Local Variables:
* compile-command: "gcc -W -Wall -Wextra -I.. -DUNITTEST -o touch utimensat.c"
* indent-tabs-mode: t
* c-file-style: "linux"
* End:
*/
================================================
FILE: m4/misc.m4
================================================
# Misc. helper macros
AC_DEFUN([AC_CHECK_SUN_LEN],[
AC_MSG_CHECKING(for sun_len member in struct sockaddr_un)
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#include <sys/un.h>
]],[[
struct sockaddr_un dummy;
dummy.sun_len = 0;
]])],[
AC_DEFINE(HAVE_SOCKADDR_UN_SUN_LEN, 1, [Define if the struct sockaddr_un has a member sun_len on your OS])
AC_MSG_RESULT(yes)],[
AC_MSG_RESULT(no)])
])
AC_DEFUN([AC_CHECK_SIN_LEN],[
AC_MSG_CHECKING(for sin_len member in struct sockaddr_in)
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#include <netinet/in.h>
]],[[
struct sockaddr_in dummy;
dummy.sin_len = 0;
]])],[
AC_DEFINE(HAVE_SOCKADDR_IN_SIN_LEN, 1, [Define if the struct sockaddr_in has a member sin_len on your OS])
AC_MSG_RESULT(yes)],[
AC_MSG_RESULT(no)])
])
================================================
FILE: m4/mroute.m4
================================================
# Macros to probe for multicast headers and IPv4/IPv6 support
AC_DEFUN([AC_CHECK_MROUTE_HEADERS],[
AC_CHECK_HEADERS([linux/mroute.h linux/filter.h], [], [],[
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
#define _LINUX_IN_H /* For Linux <= 2.6.25 */
#include <linux/types.h>
])
AC_CHECK_HEADERS([netinet/ip_mroute.h], [], [],[
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
#ifdef HAVE_NET_ROUTE_H
# include <net/route.h>
#endif
])
])
AC_DEFUN([AC_CHECK_MROUTE],[
AC_CHECK_MROUTE_HEADERS()
])
AC_DEFUN([AC_CHECK_MROUTE6_HEADERS],[
AC_CHECK_HEADERS([linux/mroute6.h], [], [],[
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
])
AC_CHECK_HEADERS([netinet6/ip6_mroute.h], [], [],[
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
#ifdef HAVE_SYS_PARAM_H
# include <sys/param.h>
#endif
])
])
AC_DEFUN([AC_CHECK_MROUTE6],[
AC_CHECK_MROUTE6_HEADERS()
AC_MSG_CHECKING(for IPv6 multicast host support)
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
]],[[
struct ipv6_mreq mreq;
]])],[
AC_DEFINE(HAVE_IPV6_MULTICAST_HOST, 1, [Define if your OS supports acting as an IPv6 multicast host])
AC_MSG_RESULT(yes)],[
AC_MSG_RESULT(no)])
AC_MSG_CHECKING(for IPv6 multicast routing support)
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
#ifdef HAVE_LINUX_MROUTE6_H
# include <linux/mroute6.h>
#endif
#ifdef HAVE_SYS_PARAM_H
# include <sys/param.h>
#endif
#ifdef HAVE_NETINET6_IP6_MROUTE_H
# include <netinet6/ip6_mroute.h>
#endif
]],[[
int dummy = MRT6_INIT;
]])],[
AC_DEFINE(HAVE_IPV6_MULTICAST_ROUTING, 1, [Define if your OS supports IPv6 multicast routing])
AC_MSG_RESULT(yes)
enable_ipv6=yes],[
AC_MSG_RESULT(no)
enable_ipv6=no])
AC_MSG_CHECKING(for vifc_rate_limit member in struct mif6ctl)
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#ifdef HAVE_LINUX_MROUTE6_H
# include <linux/mroute6.h>
#endif
#ifdef HAVE_NETINET6_IP6_MROUTE_H
# include <netinet6/ip6_mroute.h>
#endif
]],[[
struct mif6ctl dummy;
dummy.vifc_rate_limit = 1;
]])],[
AC_DEFINE(HAVE_MIF6CTL_VIFC_RATE_LIMIT, 1, [Define if the struct mif6ctl has a member vifc_rate_limit on your OS])
AC_MSG_RESULT(yes)],[
AC_MSG_RESULT(no)])
AC_MSG_CHECKING(for vifc_threshold member in struct mif6ctl)
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#ifdef HAVE_LINUX_MROUTE6_H
#include <linux/mroute6.h>
#endif
#ifdef HAVE_NETINET6_IP6_MROUTE_H
#include <netinet6/ip6_mroute.h>
#endif
]],[[
struct mif6ctl dummy;
dummy.vifc_threshold = 1;
]])],[
AC_DEFINE(HAVE_MIF6CTL_VIFC_THRESHOLD, 1, [Define if the struct mif6ctl has a member vifc_threshold on your OS])
AC_MSG_RESULT(yes)],[
AC_MSG_RESULT(no)])
])
================================================
FILE: man/Makefile.am
================================================
dist_man5_MANS = smcroute.conf.5
dist_man8_MANS = smcrouted.8 smcroutectl.8
================================================
FILE: man/smcroute.conf.5
================================================
.\" -*- nroff -*-
.Dd August 15, 2021
.Dt SMCROUTE.CONF 5
.Os
.Sh NAME
.Nm smcroute.conf
.Nd smcrouted configuration file format
.Sh DESCRIPTION
The file
.Nm
is, strictly speaking, not critical to the operation of
.Nm smcrouted .
Some warnings may be logged, and provided the daemon is
.Sy not
started with
.Fl N ,
it enables VIFs for all interfaces it can find and then waits for
commands from
.Xr smcroutectl 8 .
As you can tell from that caveat, any non-trivial setup requires an
.Nm .
.Pp
On most systems the configuration file(s) are available in:
.Bl -tag -offset indent
.It Pa /etc/smcroute.conf
The traditional location, with all routes, group joins, and interfaces.
.It Pa /etc/smcroute.d/*.conf
Recently an
.Cm include
directive was added to
.Nm ,
which allows for including other files. By convention
.Pa /etc/smcroute.d/
has been selected as the default in the bundled example
.Nm .
See more about the
.Cm include
directive below.
.El
.Pp
In debug mode,
.Nm smcrouted
logs the success of parsing each line and setting up a route. There is
also a basic syntax validator built-in, see
.Xr smcrouted 8
for more information.
.Sh SYNTAX
This section details the syntax of each of the available configuration
file directives.
.Pp
Comments start with
.Dq #\&
and run to the end of line. See the
.Sx EXAMPLE
below.
.Bl -tag -offset indent
.It Cm phyint Ar IFNAME Oo Cm enable | Cm disable Oc Oo Cm mrdisc Oc Oo Cm ttl-threshold Ar TTL Oc
By default all interfaces on the system are enabled and possible to
route between, provided they have the
.Cm MULTICAST
interface flag set. The
.Cm phyint
directive can be used to selectively enable, or disable, interfaces from
being mapped to virtual interfaces (VIFs), which the multicast routing
stack actually employs. VIFs are limited, most operating systems only
have 32, it is recommended to disable all interfaces by default, with
.Ql Cm smcrouted Fl N ,
and enable them one by one using this directive.
.Pp
.Cm mrdisc
is an IPv4 specific feature flag to enable Multicast Router Discovery
protocol, RFC4286, announcement. This standard is supported by some
switch (and router) manufacturers and may be used instead of having
.Cm mgroup
statements for all possible multicast groups you may want to forward.
.Pp
.Cm ttl-threshold
is a very useful setting to help implement "TTL scoping". I.e., the
minimum TTL level a multicast stream must exceed for the kernel to
consider it to be routed. The default value (1) means a TTL of 2 or
higher is needed for a frame to be forwarded to the routing stack,
otherwise it is considered link-local. See
.Xr smcrouted 8
for more information on multicast scoping.
.Pp
.Sy Note:
all
.Cm phyint
directives must be read by
.Nm smcrouted
before any
.Cm mgroup
or
.Cm mroute
that refer to them! Hence, either place all
.Cm phyint
directives in the main
.Nm
or, if
.Pa /etc/smcroute.d/*.conf
is used, first in a file named,
.Pa 00-phyint.conf ,
or similar.
.It Cm mgroup from Ar IIF Oo Cm source Ar SOURCE[/LEN] Oc Cm group Ar GROUP[/LEN]
Join a multicast group, with optional prefix length, on a given inbound
interface (IIF). The source address is optional, but if given a source
specific (SSM) join is performed. Every
.Cm /LEN
is translated to as many sources and groups as specified. To attempt to
overcome (configured) kernel limitations,
.Nm smcrouted
probes the amount of joins available per socket. When the socket has
been exhausted, another one is opened. At most 2048 sockets are opened.
.Pp
The purpose of joining groups is to use layer-2 signaling to inform
switches, and other routers, to open up multicast traffic to your
interfaces. Leaving a group is not supported from the configuration
file, instead remove the
.Cm mgroup,
or trim its arguments,
.Cm SIGHUP
or
.Cm smcroutectl reload
your daemon.
.Pp
.Sy Note:
use of the
.Cm mgroup
command should be avoided if possible. Instead configure "router ports"
or similar on the switches (bridges) on your LAN. This to have them
direct all the multicast to your router, or direct select groups if they
have such capabilities. Usually MAC multicast filters exist.
.It Cm mroute from Ar IIF Oo Cm source Ar SOURCE[/LEN] Oc Cm group Ar GROUP[/LEN] Cm to Ar OIF Op Ar OIF ...
Add a multicast route for packets received on network interface
.Cm IIF ,
originating from IP address
.Cm SOURCE ,
and sent to the multicast group address
.Cm GROUP ,
to the outbound network interface(s)
.Cm OIF Op Cm OIF ... .
.Pp
The interfaces provided as
.Cm IIF
and
.Cm OIF
can be any network interface name available in the system, as long as it
has the
.Cm MULTICAST
flag set. Furthermore, the kernel usually only forwards traffic if the
interface(s) have an IP address. These are limitations posed by the
kernel, not
.Nm smcrouted .
.Pp
To add a (*,G) route, either leave SOURCE out completely or set it to
0.0.0.0, and if you want to specify a range, set GROUP/LEN, e.g.
225.0.0.0/24.
.It Cm include Ar PATH
Include another
.Nm
file, or set of files. Matching is performed using
.Xr glob 3 ,
and matches are sorted alphabetically. By convention, the example
.Nm
bundled with
.Nm smcrouted
includes
.Pa /etc/smcroute.d/*.conf .
.El
.Sh EXAMPLE
.Nm smcrouted
supports reading and setting up multicast routes from a config file.
The default location is
.Ar /etc/smcroute.conf ,
but this can be overridden using the
.Fl f Ar FILE
command line option.
.Pp
The
.Ar IIF
and
.Ar OIF
arguments below are interface names, or interface wildcards of the form
.Ar eth+ ,
which matches
.Ar eth0 , eth10 ,
etc. Wildcards are available for inbound interfaces.
.Pp
.Bd -unfilled -offset indent
#
# smcroute.conf example
#
# Syntax:
# phyint IFNAME <enable|disable> [mrdisc] [ttl-threshold <1-255>]
# mgroup from IIF [source ADDR[/LEN]] group GROUP[/LEN]
# mroute from IIF [source ADDR[/LEN]] group GROUP[/LEN] to OIF [OIF ...]
# include /path/to/*.conf
# Assuming smcrouted was started with the `-N` flag. Enable interfaces
# required for inbound and outbound traffic. TTL scoping is enabled on
# all interfaces, e.g., to use eth0 as n outbound interface (OIF), all
# multicast frames must have a TTL of 12 or greater when ingressing.
phyint eth0 enable ttl-threshold 11
phyint eth1 enable ttl-threshold 3
phyint eth2 enable ttl-threshold 5
phyint virbr0 enable ttl-threshold 5
# Instruct the kernel to join the multicast group 225.1.2.3 on interface
# eth0. Then add an mroute of the same multicast stream, from the host
# 192.168.1.42 on interface eth0 and forward to eth1 and eth2.
mgroup from eth0 group 225.1.2.3
mroute from eth0 source 192.168.1.42 group 225.1.2.3 to eth1 eth2
# Similarly, but using source-specific group join
mgroup from virbr0 source 192.168.123.110 group 225.1.2.4
mroute from virbr0 source 192.168.123.110 group 225.1.2.4 to eth0
# Allow multicast for group 225.3.2.1, from ANY source, ingressing on
# interface eth0 to be forwarded to eth1 and eth2. When the kernel
# receives a frame from unknown multicast sender, it asks smcrouted who
# use this "template" to match against, if the ingressing interface and
# group matches, smcrouted installs an (S,G) route in the kernel MFC.
mgroup from eth0 group 225.3.2.1
mroute from eth0 group 225.3.2.1 to eth1 eth2
# The previous is an example of the (*,G) support. It is also possible
# to specify a range of such rules.
mgroup from eth0 group 225.0.0.0/24
mroute from eth0 group 225.0.0.0/24 to eth1 eth2
# Include any snippet in /etc/smcroute.d/, but please remember that
# all phyint statements must be read first.
include /etc/smcroute.d/*.conf
.Ed
.Sh CAVEATS
The source address is optional for both IPv4 and IPv6 multicast routes,
this is called (*,G) routing. When omitted,
.Nm smcrouted
dynamically installs (S,G) routes, matching the group and inbound
interface, to the kernel when it learns of new inbound multicast. This
feature was inherited from
.Xr mrouted 8 ,
and may not work as intended in all use-cases. Also, depending on
kernel and CPU load, account for the setup time to detect and install
the route, expect at least one initial frame to be lost when using (*,G)
rules.
.Sh FILES
.Pa /etc/smcroute.conf ,
.Pa /etc/smcroute.d/*.conf
.Sh SEE ALSO
.Xr smcrouted 8 ,
.Xr smcroute.conf 5
.Sh AUTHORS
.An -nosplit
SMCRoute was originally created by
.An Carsten Schill Aq Mt carsten@cschill.de .
Initial IPv6 support by
.An Todd Hayton Aq Mt todd.hayton@gmail.com .
Initial FreeBSD support by
.An Micha Lenk Aq Mt micha@debian.org .
.Pp
SMCRoute is currently maintained by
.An Joachim Wiberg Aq Mt troglobit@gmail.com ,
and
.An Micha Lenk Aq Mt micha@debian.org
at
.Lk https://github.com/troglobit/smcroute "GitHub" .
================================================
FILE: man/smcroutectl.8
================================================
.\" -*- nroff -*-
.Dd November 28, 2021
.Dt SMCROUTECTL 8 SMM
.Os
.Sh NAME
.Nm smcroutectl
.Nd Control and status tool for
.Xr smcrouted 8
.Sh SYNOPSIS
.Nm smcroutectl
.Op Fl bdptv
.Op Fl i Ar NAME
.Op Fl u Ar FILE
.Op Ar COMMAND
.Pp
.Nm smcroutectl
.Ao help | flush | kill | reload | version Ac
.Nm smcroutectl
.Ao show Ac
.Op groups | routes
.Nm smcroutectl
.Ao add \ | \ \ rem Ac IIF Oo SOURCE Oc Ar GROUP[/LEN] OIF Op OIF ...
.Nm smcroutectl
.Ao join | leave Ac IIF Oo SOURCE Oc Ar GROUP[/LEN]
.Sh DESCRIPTION
.Nm
is the control tool for
.Xr smcrouted 8 .
It can be used to query status, debug, modify the kernel multicast
forwarding cache (MFC), manage group interface memberships, reload
.Nm smcroute.conf ,
and kill a running
.Nm smcrouted .
.Sh OPTIONS
The following
.Nm
options are available:
.Bl -tag -width Ds
.It Fl b
Batch mode, read commands from stdin.
.Bd -unfilled -offset indent
$ sudo smcroutectl -b <<-EOF
join eth0 225.1.2.3
add eth0 192.168.1.42 225.1.2.3 eth1 eth2
rem eth1 225.3.4.5 eth3
leave eth1 225.3.4.5
EOF
.Ed
.It Fl d
Enable detailed output in show commands.
.It Fl i Ar NAME
Connect to an
.Nm smcrouted
instance that runs with another identity,
.Ar NAME .
.Pp
This option is required for both
.Nm smcrouted
and
.Nm smcroutectl
when running multiple
.Nm smcrouted
instances, e.g., when using multiple routing tables, on Linux.
.It Fl p
Use plain table headings in
.Cm show
command output. No ANSI control characters are used, not even for
probing screen width.
.It Fl t
Skip table headings entirely in
.Cm show
command output.
.It Fl u Ar FILE
UNIX domain socket path, used for the IPC between
.Nm smcrouted
and
.Nm .
Use this to override the default socket path, otherwise derived from the
identity,
.Fl i Ar NAME .
This option can be useful when overriding the identity is not
sufficient, e.g. for testing. The default depends on how
.Nm
is configured at build time, see
.Sx FILES .
.El
.Sh OPERATION
The
.Ar IIF
and
.Ar OIF
arguments in the below
.Nm smcroutectl
commands are the interface names, or interface wildcards of the form
.Ar eth+ ,
which matches
.Ar eth0 , eth10 ,
etc. Wildcards are available for both inbound and outbound interfaces.
.Pp
A multicast route is defined by an input interface
.Ar IIF ,
the sender's unicast IP address
.Ar SOURCE ,
which is optional, the multicast group
.Ar GROUP
and a list of, at least one, output interface
.Ar OIF [OIF ...] .
.Pp
Please refer to
.Xr smcrouted 8
for more details on the operation and how ASM/SSM multicast works.
.Sh COMMANDS
Commands can be abbreviated to the minimum unambiguous prefix; for
example,
.Cm s g
for
.Cm show groups .
The following commands are available:
.Bl -tag -width Ds
.It Nm add Ar IIF [SOURCE[/LEN]] GROUP[/LEN] OIF [OIF ...]
Add a new multicast route the the kernel MFC, or modify the outbound
interfaces (OIF) an existing route.
.Pp
The arguments are, in order:
.Ar IIF
the inbound interface,
.Ar SOURCE
originating IP address (may need to be reachable in the unicast routing
table to be allowed by the kernel reverse-path check),
.Ar GROUP
the multicast group address, and
.Ar OIF Oo Ar OIF ... Oc
the outbound network interface(s).
.Pp
The interfaces provided as
.Ar IIF
and
.Ar OIF
can be any multicast capable network interface as listed by
.Ql Cm ifconfig
or
.Ql Cm ip link list ,
including tunnel interfaces and loopback. Provided
.Nm smcrouted
has "enumerated" them. See
.Xr smcrouted 8 ,
in particular the command line option
.Fl N ,
and the
.Xr smcroute.conf 5
.Ql Cm phyint
directive.
.Pp
To add a (*,G) route, either omit the
.Ar SOURCE
argument completely, or set it to
.Ar 0.0.0.0
for IPv4, and if you want to specify a range of groups, use
the
.Ql GROUP/LEN
modifier, e.g.
.Ql 225.0.0.0/24 .
.It Nm remove Ar IIF [SOURCE[/LEN]] GROUP[/LEN] [OIF [OIF ...]]
Remove or modify the outbound interfaces of a multicast route in the
kernel MFC.
.Pp
When no
.Ar OIF
argument is given, this command removes the entire route. With
one or more
.Ar OIF
arguments, each outbound interface listed is removed. Skipping
any unmatched or invalid interface names. When no more outbound
interfaces exist, the route will have been transformed into a
"stop filter". To remove the route entirely, the command must
be given with no
.Ar OIF
arguments.
.It Nm flush
Flush dynamic (*,G) multicast routes now. Similar to how
.Fl c Ar SEC
works in
.Nm smcrouted ,
this command initiates an immediate flush of all dynamically installed
(*,G) multicast routes. Useful when a topology change has been detected
and need to be propagated to
.Nm smcrouted.
.It Nm join Ar IIF [SOURCE[/LEN]] GROUP[/LEN]
Join a multicast group, with an optional prefix length, on the given
(inbound) interface. The source address is optional, but if given a
source specific (SSM) join is performed. Note, joining groups is only
ever necessary on the inbound interface, never on the outbound. Unless,
two-way routing the same group.
.Pp
Note, as mentioned in
.Xr smcrouted 8 ,
joining a group to open up traffic in layer-2 network switches is only a
workaround to direct multicast towards SMCRoute. When routing lots of
traffic it is advised to avoid this mechanism. Instead, use multicast
router ports, or similar settings on the switches, or if they support
multicast router discovery (MRDISC), see RFC4286.
.It Nm leave Ar IIF [SOURCE[/LEN]] GROUP[/LEN]
Leave a multicast group, with optional prefix length, on a given
(inbound) interface. As with the join command, above, the source
address is optional, but if the group was subscribed to with source it
must be unsubscribed with source as well.
.It Nm help [cmd]
Print a usage information message.
.It Nm kill
Tell a running
.Nm smcrouted
to exit gracefully, same as
.Ar SIGTERM .
.It Nm reload
Tell
.Nm smcrouted
to reload its configuration and activate the changes. Same as
.Ar SIGHUP .
Note, any routes or groups added or removed with
.Nm smcroutectl
will be lost. Only the configuration set in the file
.Pa smcroute.conf
is activated.
.It Nm show [groups|routes]
Show joined multicast groups or multicast routes, defaults to show
routes. Can be combined with the
.Fl d
option to get details for each multicast route.
.It Nm version
Show program version and support information.
.El
.Sh SEE ALSO
.Xr smcrouted 8 ,
.Xr smcroute.conf 5
.Sh AUTHORS
.An -nosplit
SMCRoute was originally created by
.An Carsten Schill Aq Mt carsten@cschill.de .
Initial IPv6 support by
.An Todd Hayton Aq Mt todd.hayton@gmail.com .
Initial FreeBSD support by
.An Micha Lenk Aq Mt micha@debian.org .
.Pp
SMCRoute is currently maintained by
.An Joachim Wiberg Aq Mt troglobit@gmail.com ,
and
.An Micha Lenk Aq Mt micha@debian.org
at
.Lk https://github.com/troglobit/smcroute "GitHub" .
================================================
FILE: man/smcrouted.8
================================================
.\" -*- nroff -*-
.Dd November 28, 2021
.Dt SMCROUTED 8 SMM
.Os
.Sh NAME
.Nm smcrouted
.Nd SMCRoute, a static multicast router
.Sh SYNOPSIS
.Nm smcrouted
.Op Fl nNhsv
.Op Fl c Ar SEC
.Op Fl d Ar SEC
.Op Fl e Ar CMD
.Op Fl f Ar FILE
.Op Fl F Ar FILE
.Op Fl i Ar NAME
.Op Fl l Ar LVL
.Op Fl m Ar SEC
.Op Fl p Ar USER:GROUP
.Op Fl P Ar FILE
.Op Fl t Ar ID
.Op Fl u Ar FILE
.Sh DESCRIPTION
.Nm
is a static multicast routing daemon providing fine grained control over
the multicast forwarding cache (MFC) in the UNIX kernel. Both IPv4 and
IPv6 are fully supported.
.Pp
.Nm
can be used as an alternative to dynamic multicast daemons like
.Xr mrouted 8 ,
.Xr pimd 8
or
.Xr pim6sd 8
in situations where static multicast routes should be maintained and/or
no proper IGMP or MLD signaling exists.
.Pp
Multicast routes exist in the UNIX kernel only as long as a multicast
routing daemon is running. On Linux, multiple multicast routers can run
simultaneously using different multicast routing tables. To run
.Nm
and,
.Nm mrouted
at the same time, set the former to use a routing table other than the
default (0).
.Pp
.Nm
modifies the kernel routing table and needs either full
.Ar superuser rights ,
or
.Cm CAP_NET_ADMIN
on Linux. This also applies to the friendly control tool
.Xr smcroutectl 8 .
.Ss Warning
Be careful when creating multicast routes. You can easily flood your
networks by inadvertently creating routing loops. Either direct loops
listing an inbound interface also as an outbound, or indirect loops by
going through other routers.
.Sh OPTIONS
The following command line options are available:
.Bl -tag -width Ds
.It Fl c Ar SEC
Flush unused dynamic (*,G) multicast routes every
.Ar SEC
seconds.
.Pp
This option is intended for systems with topology changes, i.e., when
inbound multicast may change both interface and source IP address.
E.g. in a setup with at least two VRRP routers. If there is no way of
detecting such a topology change this option makes sure to periodically
flush all dynamically learned multicast routes so that traffic may
resume. Flushing of a specific route only occurs if it was unused
during the last flush interval, i.e. there was no traffic matching it.
This avoids toggling between different inbound interfaces if traffic
arrives on several interfaces simultaneously. In this case, the first
selected inbound interface is retained until traffic on it ceases.
.Pp
Default is 60 sec, set to 0 to disable. See also the
.Cm smcroutectl flush
command, which can be called manually on topology changes.
.It Fl d Ar SEC
Daemon startup delay. Delays the probe of interfaces and parsing of the
configuration file. Note, the PID file is also not created, since the
daemon is not ready yet.
.Pp
This command line option, although useful in some use-cases, is fragile.
It is almost always better to rely on an init or process supervisor that
handles dependencies properly, like
.Xr finit 8 ,
which can wait for interfaces to come up and files to be created before
starting a service.
.It Fl e Ar CMD
Specify external script or command to be called when
.Nm
has loaded/reloaded all static multicast routes from the configuration
file, or when a source-less (ANY) rule has been installed.
.It Fl f Ar FILE
Alternate configuration file, default
.Pa /etc/smcroute.conf
.It Fl F Ar FILE
Check configuration file syntax, use
.Fl l Ar LEVEL
to increase verbosity. Returns non-zero on error.
.It Fl h
Show summary of command line options and exit.
.It Fl i Ar NAME
Set daemon identity. Used to create unique PID, IPC socket, and
configuration file names, as well as set the syslog identity. E.g.,
.Fl I Ar foo
would make
.Nm
look for
.Cm /etc/foo.conf ,
write its PID to
.Cm /var/run/foo.pid
and create an IPC socket for
.Nm smcroutectl
in
.Cm /var/run/foo.sock .
.Pp
For
.Nm smcroutectl
the same option can be used to select the proper
.Nm
instance to send IPC to.
.Pp
This option is required for both daemon and client when running multiple
.Nm
instances, using multiple routing tables, on Linux.
.It Fl l Ar LEVEL
Set log level: none, err, notice, info, debug. Default is notice.
.It Fl m Ar SEC
Modify Multicast Router Discovery (mrdisc) announcement interval.
Default 20 sec. This option is only available when
.Nm
is built with mrdisc support (Linux, and IPv4, only). RFC4286.
.It Fl n
Run daemon in foreground, do not detach from controlling terminal
.It Fl N
By default
.Nm
enables multicast routing on all available, and multicast capable,
interfaces in the system. These interfaces are enumerated as VIFs,
virtual interfaces, of which most UNIX systems have a very limited
amount, usually 32. This daemon option inverts the behavior so no
interfaces are enabled by default. Useful on systems with many
interfaces, where multicast routing only makes use of a few.
.Pp
The config file setting
.Ar phyint IFNAME enable
is required to enable the required interfaces.
.It Fl p Ar USER Op :GROUP
Drop root privileges to USER:GROUP after start and retain CAP_NET_ADMIN
capabilities only. The :GROUP is optional. This option is only
available when
.Nm
is built with libcap support.
.It Fl P Ar FILE
Set PID file name, and optionally full path, in case you need to
override the default identity, or the identity set with
.Fl i Ar NAME .
Regardless, setting this option overrides all others, but it is
recommended to use the ident option instead.
.It Fl s
Let daemon log to syslog, default unless running in foreground.
.It Fl t Ar ID
Set multicast routing table ID. Remember to also create routing rules
directing packets to the table. This example uses routing table ID 123:
.Bd -unfilled -offset left
ip mrule add iif eth0 lookup 123
ip mrule add oif eth0 lookup 123
.Ed
.Pp
.Nm Note:
Only available on Linux.
.It Fl u Ar FILE
UNIX domain socket path, used for the IPC between
.Nm
and
.Nm smcroutectl .
Use this to override the default socket path, derived from the daemon
identity,
.Fl i Ar NAME .
This option can be useful when overriding the identity is not
sufficient, e.g. for testing. The default depends on how
.Nm
is configured at build time, see
.Sx FILES .
.It Fl v
Show program version and support information.
.El
.Pp
The
.Fl e Ar CMD
option is useful if you want to trigger other processes to start when
.Nm
has completed installing dynamic multicast routes from (*,G) rules in
.Pa /etc/smcroute.conf ,
or when a source-less (ANY) route, a.k.a (*,G) multicast rule, from
.Pa /etc/smcroute.conf .
is matched and installed. For instance, calling
.Ar conntrack
on Linux to flush firewall connection tracking when NAT:ing multicast.
.Pp
The script
.Ar CMD
is called with an argument
.Ar reload
or
.Ar install
to let the script know if it is called on SIGHUP/startup, or when a
(*,G) rule is matched and installed. In the latter case
.Nm
also sets two environment variables:
.Nm source ,
and
.Nm group .
Beware that these environment variables are unconditionally overwritten by
.Nm
and can thus not be used to pass information to the script from outside of
.Nm .
.Sh OPERATION
.Ss Introduction
When
.Nm
starts up it scans for available network interfaces that have the
.Cm MULTICAST
flag set. Provided the
.Fl N
flag is not set, each interface is enumerated as a virtual interface
(VIF) which is what the kernel's multicast routing stack uses. The
enumeration process on some operating systems also require each
interface to have an IP address, but Linux and FreeBSD systems only
require the ifindex and the MULTICAST flag. If the interface does not
yet exist when
.Nm
starts, the
.Fl d Ar SEC
flag can be used to delay startup. Otherwise
.Nm
needs to be reloaded (e.g., using SIGHUP) when a new interface has been
added to the system.
.Pp
Since VIFs are a limited resource, most operating systems only support
32 in total, the administrator may need to declare which interfaces to
use for multicast routing using the
.Pa /etc/smcroute.conf
.Cm phyint
directive. It is recommended to always start
.Nm
with the
.Fl N
flag, disabling VIF creation by default, and then selectively enable
each of the interfaces you are going to route between. See
.Xr smcroute.conf 5
for more information.
.Ss Multicast Scoping
Because multicast inherently is broadcast there is an obvious need to
limit. On a LAN this is usually managed automatically by bridges
(switches) with built-in multicast snooping (IGMP and MLD). Between
LANs there is also the need to scope multicast, often the same multicast
groups are used for different purposes on different LANs. This must be
managed by administrators, at least three options exist:
.Bl -tag -offset indent
.It Cm TTL scoping
The traditional way of "raising walls" between zones. The outbound
interfaces of routers are given a TTL threshold greater than the hop it
represents. The default TTL threshold is 1. Managing the routers is a
lot easier than adjusting the TTL value of each multicast sender. The
only real downside to this is that it scales poorly with the number of
routers and it affects all multicast traversing the router's interfaces.
.It Cm Administrative scoping (RFC2365)
This is one of the current best practices, defining boundaries for sets
of multicast groups instead of limiting all multicast (as TTL scoping
does). In the case of
.Nm
this is left to the administrator to manage. See
.Xr mrouted 8 ,
and
.Xr mrouted.conf 5 ,
for more details.
.It Cm Filtering
Some sort of filtering mechanism, e.g., firewall (Linux netfilter) or
low-level filter (Linux tc or eBPF) that may even have some hardware
offloading support (TCAM). The firewall is likely the most common since
it is also often used to set up SNAT or 1:1 NAT (Linux netmap).
.El
.Ss Multicast Routes
.Pp
A multicast route is defined by an input interface
.Ar IFNAME ,
the sender's unicast IP address
.Ar SOURCE ,
which is optional, the multicast group
.Ar GROUP
and a list of, at least one, output interface
.Ar IFNAME [IFNAME ...] .
.Pp
.Bd -unfilled -offset indent
mroute from eth0 group 225.1.2.3 to eth1 eth2
mroute from eth0 source 1.2.3.4 group 225.3.2.1 to eth1 eth2
mroute from eth0 group ff2e::42 to eth1 eth2
mroute from eth0 source 2001:3::1 group ff2e::43 to eth1 eth2
.Ed
.Pp
The sender address and multicast group must both be either IPv4 or IPv6
addresses.
.Pp
The output interfaces are not needed when removing routes using the
.Cm smcroutectl remove
command. The first three parameters are sufficient to identify the
source of the multicast route.
.Pp
The intended purpose of
.Nm
is to aid in situations where dynamic multicast routing does not work
properly. However, a dynamic multicast routing protocol is in nearly
all cases the preferred solution. The reason for this is their ability
to translate Layer-3 signaling to Layer-2 and vice versa (IGMP or MLD).
.Pp
.Sy Note:
the optional source address multicast routes are not installed in the
kernel multicast forwarding cache (MFC) by
.Nm .
Instead, it dynamically installs new routes to the kernel MFC, matching
the group and inbound interface, when the kernel notifies
.Nm
using "upcalls" called
.Cm NOCACHE
messages. This feature was grafted onto
.Nm
from
.Xr mrouted 8 ,
and may not work as intended in all use-cases.
.Pp
.Ss Multicast Groups
.Nm
is capable of simple group join and leave by sending commands to the kernel.
The kernel then handles sending Layer-2 IGMP/MLD join and leave frames as needed.
This can be used for testing but is also useful sometimes to open up
multicast from the sender if located on a LAN with switches equipped
with IGMP/MLD Snooping. Such devices will prevent forwarding of
multicast unless an IGMP/MLD capable router or multicast client is
located on the same physical port as you run
.Nm
on. However, this feature of
.Nm
is only intended as a workaround. Some platforms impose a limit on the
maximum number of groups that can be joined, some of these systems can
be tuned to increase this limit. For bigger installations it is
strongly recommended to instead address the root cause, e.g. enable
multicast router ports on intermediate switches, either statically or by
enabling the multicast router discovery feature of
.Nm .
.Pp
To emulate a multicast client using
.Nm
you use the
.Nm join
and
.Nm leave
commands to issue join and leave commands for a given multicast group
on a given interface
.Ar IFNAME .
The
.Ar GROUP
may be given in an IPv4 or IPv6 address format.
.Pp
The command is passed to the daemon that passes it to the kernel. The
kernel then tries to join the multicast group
.Ar GROUP
on interface
.Ar IFNAME
by starting IGMP, or MLD for IPv6 group address, signaling on the given
interface. This signaling may be received by routers/switches connected
on that network supporting IGMP/MLD multicast signaling and, in turn,
start forwarding the requested multicast stream eventually reach your
desired interface.
.Pp
.Ss Multiple Daemon Instances
When running multiple
.Nm
instances, using the
.Fl t Ar ID
command line flag, one per routing table on Linux, it is required to use
the
.Fl i Ar NAME
option to both daemon and client. This because the name of the IPC
socket used for communicating is composed from the identity.
.Sh DEBUGGING
The most common problem when attempting to route multicast is the TTL.
Always start by verifying that the TTL of your multicast stream is not
set to 1, because the router decrements the TTL of an IP frame before
routing it. Test your setup using
.Xr ping 8
or
.Xr iperf 1 .
Either of which is capable of creating multicast traffic with an
adjustable TTL. Iperf in particular is useful since it can act both as
a multicast source (sender) and a multicast sink (receiver). For more
advanced IP multicast testing the
.Xr mcjoin 1
tool can be used.
.Pp
.Ss Note
A lot of extra information is sent under the daemon facility and the
debug priority to the syslog daemon. Use
.Ql smcrouted -s -l debug
to enable.
.Sh SIGNALS
For convenience in sending signals,
.Nm
writes its process ID to
.Pa /var/run/smcroute.pid
upon startup, unless the
.Fl p Ar FILE
or
.Fl i Ar NAME
options are used to change the identity or file name used. The
following signals are supported:
.Pp
.Bl -tag -width TERM -compact
.It Cm HUP
Tell
.Nm
to reload its configuration file and activate the changes.
.It Cm INT
Terminates execution gracefully.
.It Cm TERM
The same as INT.
.El
.Sh FILES
.Bl -tag -width /proc/net/ip6_mr_cache -compact
.It Pa /etc/smcroute.conf
Optional configuration file for
.Nm .
Defined interfaces to use, groups to join, and routes to set when
starting, or reloading
.Nm
on
.Ar SIGHUP .
Like the PID file, the name of the configuration file may be different
depending on command line options given to the daemon. Most notably,
.Fl I Ar IDENT
defines the full suite of files used by the
.Nm
daemon. See
.Xr smcroute.conf 5
for details.
.It Pa /etc/smcroute.d/*.conf
Optional configuration directory, path defined by convention only, actual
configuration directory, or file(s) to include, defined by
.Pa /etc/smcroute.conf .
See
.Xr smcroute.conf 5
for details.
.It Pa /var/run/smcroute.pid
Default PID file (re)created by
.Nm
when it has started up and is ready to receive commands. See also the
.Fl i Ar NAME
or
.Fl P Ar FILE
options which can change the default name.
.It Pa /var/run/smcroute.sock
IPC socket created by
.Nm
for use by
.Nm smcroutectl .
Same caveats apply to this file as the previous two, command line
options
.Fl i Ar NAME
and
.Fl S Ar FILE
to the daemon can be used to change the socket file name.
.It Pa /proc/net/ip_mr_cache
Linux specific, holds active IPv4 multicast routes.
.It Pa /proc/net/ip_mr_vif
Linux specific, holds the IPv4 virtual interfaces used by the active multicast routing daemon.
.It Pa /proc/net/ip6_mr_cache
Linux specific, holds active IPv6 multicast routes.
.It Pa /proc/net/ip6_mr_vif
Linux specific, holds the IPv6 virtual interfaces used by the active multicast routing daemon.
.It Pa /proc/net/igmp
Linux specific, holds active IGMP ASM (*,G) joins.
.It Pa /proc/net/igmp6
Linux specific, holds active MLD ASM (*,G) joins.
.It Pa /proc/net/mcfilter
Linux specific, holds active IGMP SSM (S,G) joins.
.It Pa /proc/net/mcfilter6
Linux specific, holds active MLD SSM (S,G) joins.
.It Pa /proc/sys/net/ipv4/igmp_max_memberships
Linux specific tuning of max IGMP ASM (*,G) per socket, default 20.
.It Pa /proc/sys/net/ipv4/igmp_max_msf
Linux specific tuning of max IGMP SSM (S,G) per socket, default 10.
.El
.Pp
BSD systems may consult the
.Xr netstat 1
tool for stats on virtual multicast interface tables and multicast
forwarding caches, and VIF/MIF allocation, as well as the
.Xr ifmcstat 8
tool for querying group membership.
.Xr
.Sh EXIT STATUS
.Nm
leverages BSD
.Pa sysexits.h
exit codes (64-78), which process supervisors like
.Xr systemd 1
and
.Xr finit 8
understands. The following table details what codes are used for and
how to interpret them.
.Bl -column "Status" "Symbolic Name" "Description" -offset indent
.It Sy Status Ta Sy Symbolic Name Ta Sy Description
.It 0 Ta EX_OK Ta Success
.It 64 Ta EX_USAGE Ta Invalid command line option, or missing argument
.It 69 Ta EX_UNAVAILABLE Ta Multicast routing socket (or table) already in use
.It 79 Ta EX_SOFTWARE Ta Internal error, bug in
.Nm
.It 71 Ta EX_OSERR Ta Failed
.Fn fork ,
.Fn daemon ,
.Fn getifaddrs ,
.Fn malloc ,
etc.
.It 76 Ta EX_PROTOCOL Ta Kernel does not seem to support multicast routing
.It 77 Ta EX_NOPERM Ta Not enough permissions to run
.It 78 Ta EX_CONFIG Ta Parse error in configuration file
.El
.Sh SEE ALSO
.Xr smcroute.conf 5 ,
.Xr smcroutectl 8 ,
.Xr mrouted 8 ,
.Xr pimd 8 ,
.Xr pim6sd 8 ,
.Xr ping 8 ,
.Xr mcjoin 1 ,
.Xr iperf 1
.Sh AUTHORS
.An -nosplit
SMCRoute was originally created by
.An Carsten Schill Aq Mt carsten@cschill.de .
Initial IPv6 support by
.An Todd Hayton Aq Mt todd.hayton@gmail.com .
Initial FreeBSD support by
.An Micha Lenk Aq Mt micha@debian.org .
.Pp
SMCRoute is currently maintained by
.An Joachim Wiberg Aq Mt troglobit@gmail.com ,
and
.An Micha Lenk Aq Mt micha@debian.org
at
.Lk https://github.com/troglobit/smcroute "GitHub" .
================================================
FILE: smcroute
================================================
#!/bin/sh
# Compatibility wrapper for users with old startup scripts
# Written by Joachim Wiberg, placed in the public domain
OP=$1
shift
case "$OP" in
-d)
smcrouted $*
;;
-h)
echo "Usage: smcroute [OPTIONS] [ARGS]"
echo
echo " -d Start daemon"
echo " -k Kill a running daemon"
echo
echo " -h This help text"
echo " -v Show version"
echo
echo " -a ARGS Add a multicast route"
echo " -r ARGS Remove a multicast route"
echo
echo " -j ARGS Join a multicast group"
echo " -l ARGS Leave a multicast group"
echo
echo " <------------- INBOUND --------------> <----- OUTBOUND ------>"
echo " -a <IFNAME> <SOURCE-IP> <MULTICAST-GROUP> <IFNAME> [<IFNAME> ...]"
echo " -r <IFNAME> <SOURCE-IP> <MULTICAST-GROUP>"
echo
echo " -j <IFNAME> <MULTICAST-GROUP>"
echo " -l <IFNAME> <MULTICAST-GROUP>"
echo
echo "NOTE: This is a compatibility wrapper script for SMCRoute. Intended for"
echo " use with old style startup scripts. It is recommended to migrate"
echo " to /etc/smcroute.conf, see the smcroute(8) man page for help."
return 0
;;
-k)
smcroutectl kill
;;
-v)
smcroutectl version
;;
-a)
smcroutectl add $*
;;
-r)
smcroutectl remove $*
;;
-j)
smcroutectl join $*
;;
*)
echo "Unknown command or option to the SMCRoute compatiblity wrapper script."
echo "See the smcroute(8) man page for help on available commands."
return 1
;;
esac
================================================
FILE: smcroute.conf
================================================
#
# smcroute.conf example
#
# The configuration file supports joining multicast groups, to use
# Layer-2 signaling so that switches and routers open up multicast
# traffic to your interfaces. Leave is not supported, remove the
# mgroup and SIGHUP your daemon, or send a specific leave command.
#
# NOTE: Use of the mgroup command should be avoided if possible.
# Instead configure "router ports" or similar on the switches
# or bridges on your LAN. This to have them direct all the
# multicast to your router, or select groups if they have
# such capabilities. Usually MAC multicast filters exist.
#
# Some switch manufacturers support mrdisc, RFC4286, which
# SMCRoute can use to advertise itself on source interfaces.
# If availble, use that instead of mgroup.
#
# Similarly supported is setting mroutes. Removing mroutes is not
# supported, remove/comment out the mroute from the .conf file, or
# send a remove command with smcroutectl.
#
# Syntax:
# phyint IFNAME <enable|disable> [mrdisc] [ttl-threshold <1-255>]
# mgroup from IIF [source ADDR[/LEN]] group GROUP[/LEN]
# mroute from IIF [source ADDR[/LEN]] group GROUP[/LEN] to OIF [OIF ...]
# include /path/to/*.conf
# This example assumes smcrouted was started with the `-N` flag.
# Only enable interfaces required for inbound and outbound traffic.
phyint eth0 enable ttl-threshold 11
phyint eth1 enable ttl-threshold 3
phyint eth2 enable ttl-threshold 5
phyint virbr0 enable ttl-threshold 5
# Instruct the kernel to join the multicast group 225.1.2.3 on interface
# eth0. Then add an mroute of the same multicast stream, from the host
# 192.168.1.42 on interface eth0 and forward to eth1 and eth2.
mgroup from eth0 group 225.1.2.3
mroute from eth0 source 192.168.1.42 group 225.1.2.3 to eth1 eth2
# Similar example, but using source-specific group join
mgroup from virbr0 source 192.168.123.110 group 225.1.2.4
mroute from virbr0 source 192.168.123.110 group 225.1.2.4 to eth0
# Allow multicast for group 225.3.2.1, from ANY source, ingressing on
# interface eth0 to be forwarded to eth1 and eth2. When the kernel
# receives a frame from unknown multicast sender, it asks smcrouted who
# use this "template" to match against, if the ingressing interface and
# group matches, smcrouted installs an (S,G) route in the kernel MFC.
mgroup from eth0 group 225.3.2.1
mroute from eth0 group 225.3.2.1 to eth1 eth2
# The previous is an example of the (*,G) support. It is also possible
# to specify a range of such rules.
mgroup from eth0 group 225.0.0.0/24
mroute from eth0 group 225.0.0.0/24 to eth1 eth2
# Include any snippet in /etc/smcroute.d/, but please remember that
# all phyint statements must be read first.
include /etc/smcroute.d/*.conf
================================================
FILE: smcroute.default
================================================
SMCROUTED_OPTS=-l debug
================================================
FILE: smcroute.init
================================================
#!/bin/sh
#
### BEGIN INIT INFO
# Provides: smcroute
# Required-Start: $syslog $local_fs $network $remote_fs
# Required-Stop: $syslog $local_fs $network $remote_fs
# Should-Start:
# Should-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Static multicast router daemon
# Description: SMCRoute is a daemon and command line tool to manipulate
# the multicast routing table of a UNIX kernel. It can be
# used as an alternative to dynamic multicast routers like
# pimd or mrouted in situations where static routes should
# be maintained and/or no proper IGMP signaling exists.
### END INIT INFO
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/smcrouted
DAEMONCTL=/usr/sbin/smcroutectl
DAEMON_OPTS=
NAME=smcrouted
DESC="static multicast router daemon"
test -x $DAEMON || exit 0
# Include smcroute defaults if available
if [ -f /etc/default/smcroute ] ; then
. /etc/default/smcroute
fi
. /lib/lsb/init-functions
start() {
local error
local result
log_begin_msg "Starting $DESC: $NAME"
error=$(start-stop-daemon --start --quiet \
--exec $DAEMON -- $DAEMON_OPTS 2>&1)
result=$?
if [ "$result" = "0" -a -x /etc/smcroute/startup.sh ]; then
/etc/smcroute/startup.sh
else
log_progress_msg ${error#ERRO: }
fi
log_end_msg $result
}
stop() {
local error
local result
log_begin_msg "Stopping $DESC: $NAME"
error=$($DAEMONCTL kill 2>&1)
result=$?
log_progress_msg ${error#ERRO: }
log_end_msg $result
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart|force-reload)
#
# If the "reload" option is implemented, move the "force-reload"
# option to the "reload" entry above. If not, "force-reload" is
# just the same as "restart".
#
stop
start
;;
status)
status_of_proc "$DAEMON" "$DESC" && exit 0 || exit $?
;;
*)
N=/etc/init.d/$NAME
echo "Usage: $N {start|stop|restart|force-reload}" >&2
exit 1
;;
esac
exit 0
================================================
FILE: smcroute.service.in
================================================
[Unit]
Description=Static multicast routing daemon
Documentation=man:smcrouted
Documentation=man:smcroute.conf
Documentation=man:smcroutectl
Documentation=file:@DOCDIR@/README.md
# ConditionPathExists=@SYSCONFDIR@/smcroute.conf
After=network-online.target
Requires=network-online.target
[Service]
Type=@DAEMON_TYPE@
EnvironmentFile=-@SYSCONFDIR@/default/smcroute
ExecStart=@SBINDIR@/smcrouted -n -s $SMCROUTED_OPTS $SMCROUTED_ARGS
ExecReload=@SBINDIR@/smcroutectl reload
NotifyAccess=main
# Hardening settings
NoNewPrivileges=true
ProtectControlGroups=true
ProtectSystem=full
ProtectHome=true
[Install]
WantedBy=multi-user.target
================================================
FILE: src/Makefile.am
================================================
AUTOMAKE_OPTIONS = subdir-objects
sbin_PROGRAMS = smcrouted smcroutectl
smcrouted_SOURCES = smcrouted.c conf.c conf.h mroute.c mroute.h iface.c \
iface.h inet.c inet.h ipc.c ipc.h kern.c kern.h \
log.c log.h mcgroup.c mcgroup.h msg.c msg.h \
notify.c notify.h pidfile.c queue.h script.c \
script.h socket.c socket.h timer.c timer.h util.h
smcrouted_CFLAGS = -W -Wall -Wextra -Wno-deprecated-declarations -std=gnu99
smcrouted_CPPFLAGS = -D_ATFILE_SOURCE -D_INCOMPLETE_XOPEN_C063
smcrouted_CPPFLAGS += -DSYSCONFDIR=\"@sysconfdir@\" -DRUNSTATEDIR=\"@runstatedir@\"
smcrouted_LDADD = $(LIBS) $(LIBOBJS) @LIB_RT@ @LIB_PTHREAD@
if USE_LIBCAP
smcrouted_SOURCES += cap.c cap.h
smcrouted_LDADD += -lcap
endif
if HAVE_LIBSYSTEMD
smcrouted_SOURCES += systemd.c
smcrouted_CFLAGS += $(libsystemd_CFLAGS)
smcrouted_LDADD += $(libsystemd_LIBS)
endif
if USE_MRDISC
smcrouted_SOURCES += mrdisc.c mrdisc.h
endif
smcroutectl_SOURCES = smcroutectl.c msg.h util.h
smcroutectl_CFLAGS = -W -Wall -Wextra -std=gnu99
smcroutectl_CPPFLAGS = -DRUNSTATEDIR=\"@runstatedir@\"
smcroutectl_LDADD = $(LIBS) $(LIBOBJS)
================================================
FILE: src/cap.c
================================================
/* Daemon capability API
*
* Copyright (C) 2016 Markus Palonen <markus.palonen@gmail.com>
* Copyright (C) 2016-2020 Joachim Wiberg <troglobit@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
#include "config.h"
#include <err.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#ifdef HAVE_SYS_PRCTL_H
# include <sys/prctl.h>
#endif
#include <sys/capability.h>
#include <pwd.h>
#include <grp.h>
#include "log.h"
static const char *username = NULL;
static int whoami(const char *user, const char *group, uid_t *uid, gid_t *gid)
{
struct passwd *pw;
struct group *gr;
if (!user)
return -1;
/* Get target UID and target GID */
pw = getpwnam(user);
if (!pw) {
smclog(LOG_ERR, "User '%s' not found!", user);
return -1;
}
*uid = pw->pw_uid;
*gid = pw->pw_gid;
if (group) {
gr = getgrnam(group);
if (!gr) {
smclog(LOG_ERR, "Group '%s' not found!", group);
return -1;
}
*gid = gr->gr_gid;
}
/* Valid user */
username = user;
return 0;
}
static int setcaps(cap_value_t cv)
{
int result;
cap_t caps = cap_get_proc();
cap_value_t cap_list = cv;
cap_clear(caps);
cap_set_flag(caps, CAP_PERMITTED, 1, &cap_list, CAP_SET);
cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap_list, CAP_SET);
result = cap_set_proc(caps);
cap_free(caps);
return result;
}
/*
* Drop root privileges except capability CAP_NET_ADMIN. This capability
* enables the thread (among other networking related things) to add and
* remove multicast routes
*/
static int drop_root(const char *user, uid_t uid, gid_t gid)
{
#ifdef HAVE_SYS_PRCTL_H
/* Allow this process to preserve permitted capabilities */
if (prctl(PR_SET_KEEPCAPS, 1) == -1) {
smclog(LOG_ERR, "Cannot preserve capabilities: %s", strerror(errno));
return -1;
}
#endif
/* Set supplementary groups, GID and UID */
if (initgroups(user, gid) == -1) {
smclog(LOG_ERR, "Failed setting supplementary groups: %s", strerror(errno));
return -1;
}
if (setgid(gid) == -1) {
smclog(LOG_ERR, "Failed setting group ID %d: %s", gid, strerror(errno));
return -1;
}
if (setuid(uid) == -1) {
smclog(LOG_ERR, "Failed setting user ID %d: %s", uid, strerror(errno));
return -1;
}
/* Clear all capabilities except CAP_NET_ADMIN */
if (setcaps(CAP_NET_ADMIN)) {
smclog(LOG_ERR, "Failed setting `CAP_NET_ADMIN`: %s", strerror(errno));
return -1;
}
/* Try to regain root UID, should not work at this point. */
if (setuid(0) == 0)
return -1;
return 0;
}
void cap_drop_root(uid_t uid, gid_t gid)
{
if (username) {
if (drop_root(username, uid, gid) == -1)
smclog(LOG_WARNING, "Could not drop root privileges, continuing as root.");
else
smclog(LOG_INFO, "Root privileges dropped: Current UID %u, GID %u.", getuid(), getgid());
}
}
void cap_set_user(char *arg, uid_t *uid, gid_t *gid)
{
char *ptr;
char *user;
char *group;
ptr = strdup(arg);
if (!ptr)
err(1, "Failed parsing user:group argument");
user = strtok(ptr, ":");
group = strtok(NULL, ":");
if (whoami(user, group, uid, gid))
err(1, "Invalid user:group argument");
free(ptr);
}
/**
* Local Variables:
* indent-tabs-mode: t
* c-file-style: "linux"
* End:
*/
================================================
FILE: src/cap.h
================================================
/* Daemon capability API */
#ifndef SMCROUTE_CAP_H_
#define SMCROUTE_CAP_H_
#include "config.h"
#ifdef ENABLE_LIBCAP
void cap_drop_root (uid_t uid, gid_t gid);
void cap_set_user (char *arg, uid_t *uid, gid_t *gid);
#else
#define cap_drop_root(uid, gid)
#define cap_set_user(arg, uid, gid) warnx("Drop privs support not available.")
#endif
#endif /* SMCROUTE_CAP_H_ */
================================================
FILE: src/conf.c
================================================
/* Simple .conf file parser for smcroute
*
* Copyright (C) 2011-2021 Joachim Wiberg <troglobit@gmail.com>
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <errno.h>
#include <glob.h>
#include <ctype.h>
#include <stdio.h>
#include <string.h>
#include <sysexits.h>
#include <unistd.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include "log.h"
#include "conf.h"
#include "iface.h"
#include "script.h"
#include "mcgroup.h"
#include "util.h"
#define MAX_LINE_LEN 512
#define DEBUG(fmt, args...) do { \
if (conf) \
smclog(LOG_DEBUG, "%s line %d: " fmt, conf->file, \
conf->lineno, ##args); \
else \
smclog(LOG_DEBUG, "ipc: " fmt, ##args); \
} while (0)
#define INFO(fmt, args...) do { \
if (conf) \
smclog(LOG_INFO, "%s line %d: " fmt, conf->file, \
conf->lineno, ##args); \
else \
smclog(LOG_INFO, "ipc: " fmt, ##args); \
} while (0)
#define WARN(fmt, args...) do { \
if (conf) \
smclog(LOG_WARNING, "%s line %d: " fmt, conf->file, \
conf->lineno, ##args); \
else \
smclog(LOG_WARNING, "ipc: " fmt, ##args); \
if (conf_vrfy) \
rc++; \
} while (0)
/* Used only for verifying .conf files */
static int conf_vrfy_vif;
static char *pop_token(char **line)
{
char *end, *token;
if (!line)
return NULL;
token = *line;
if (!token)
return NULL;
/* Find start of token, skip whitespace. */
while (*token && isspace((int)*token))
token++;
/* Find end of token. */
end = token;
while (*end && !isspace((int)*end))
end++;
if (end == token) {
*line = NULL;
return NULL;
}
*end = 0; /* Terminate token. */
*line = end + 1;
return token;
}
static int match(char *keyword, char *token)
{
size_t len;
if (!keyword || !token)
return 0;
len = strlen(keyword);
return !strncmp(keyword, token, len);
}
int conf_mgroup(struct conf *conf, int cmd, char *iif, char *source, char *group)
{
inet_addr_t src = { 0 }, grp = { 0 };
int src_len = 0;
int grp_len = 0;
int len_max;
int family;
int rc = 0;
if (!iif || !group) {
errno = EINVAL;
return 1;
}
grp_len = is_range(group);
if (inet_str2addr(group, &grp) || !is_multicast(&grp)) {
WARN("join: Invalid multicast group: %s", group);
goto done;
}
family = grp.ss_family;
#ifdef HAVE_IPV6_MULTICAST_HOST
if (family == AF_INET6)
len_max = 128;
else
#endif
len_max = 32;
if (grp_len < 0 || grp_len > len_max) {
WARN("join: Invalid group prefix length (0-%d): %d", len_max, grp_len);
goto done;
}
if (!grp_len)
grp_len = len_max;
if (source) {
src_len = is_range(source);
if (src_len < 0 || src_len > len_max) {
WARN("join: Invalid source prefix length (0-%d): %d", len_max, src_len);
goto done;
}
if (inet_str2addr(source, &src)) {
WARN("join: Invalid multicast source: %s", source);
goto done;
}
} else
inet_anyaddr(family, &src);
if (!src_len)
src_len = len_max;
if (!conf_vrfy)
rc = mcgroup_action(cmd, iif, &src, src_len, &grp, grp_len);
done:
return rc;
}
int conf_mroute(struct conf *conf, int cmd, char *iif, char *source, char *group, char *oif[], int num)
{
struct ifmatch state_in, state_out;
struct mroute mroute = { 0 };
struct iface *iface_in, *iface;
int len_max;
int family;
int rc = 0;
int vif;
if (!iif || !group) {
errno = EINVAL;
return 1;
}
mroute.len = is_range(group);
if (inet_str2addr(group, &mroute.group) || !is_multicast(&mroute.group)) {
WARN("mroute: Invalid multicast group: %s", group);
goto done;
}
family = mroute.group.ss_family;
#ifdef HAVE_IPV6_MULTICAST_HOST
if (family == AF_INET6)
len_max = 128;
else
#endif
len_max = 32;
if (mroute.len < 0 || mroute.len > len_max) {
WARN("mroute: Invalid multicast group prefix length, %d", mroute.len);
goto done;
}
if (!mroute.len)
mroute.len = len_max;
if (source) {
mroute.src_len = is_range(source);
if (mroute.src_len < 0 || mroute.src_len > len_max) {
WARN("mroute: invalid prefix length: %d", mroute.src_len);
goto done;
}
if (inet_str2addr(source, &mroute.source)) {
WARN("mroute: Invalid source address: %s", source);
goto done;
}
} else {
inet_anyaddr(family, &mroute.source);
mroute.src_len = 0;
}
if (!mroute.src_len)
mroute.src_len = len_max;
iface_match_init(&state_in);
DEBUG("mroute: checking for input iface %s ...", iif);
while (iface_match_vif_by_name(iif, &state_in, &iface_in) != NO_VIF) {
char src[INET_ADDRSTR_LEN], grp[INET_ADDRSTR_LEN];
vif = iface_get_vif(family, iface_in);
DEBUG("mroute: input iface %s has vif %d", iif, vif);
mroute.inbound = vif;
for (int i = 0; i < num; i++) {
iface_match_init(&state_out);
DEBUG("mroute: checking for %s ...", oif[i]);
while (iface_match_vif_by_name(oif[i], &state_out, &iface) != NO_VIF) {
vif = iface_get_vif(family, iface);
if (vif == NO_VIF)
continue;
if (vif == mroute.inbound && cmd) {
/* In case of wildcard match in==out is normal, so don't complain */
if (!ifname_is_wildcard(iif) && !ifname_is_wildcard(oif[i]))
INFO("mroute: Same outbound interface (%s) as inbound (%s) may cause routing loops.",
oif[i], iface_in->ifname);
}
/* Use configured TTL threshold for the output phyint */
mroute.ttl[vif] = iface->threshold;
}
if (!state_out.match_count)
WARN("mroute: outbound %s is not a known phyint, skipping", oif[i]);
}
if (conf_vrfy)
continue;
if (cmd) {
smclog(LOG_DEBUG, "mroute: adding route from %s (%s/%u,%s/%u)", iface_in->ifname,
inet_addr2str(&mroute.source, src, sizeof(src)), mroute.src_len,
inet_addr2str(&mroute.group, grp, sizeof(grp)), mroute.len);
if (mroute_add_route(&mroute))
rc = -1;
} else {
smclog(LOG_DEBUG, "mroute: deleting route from %s (%s/%u,%s/%u)", iface_in->ifname,
inet_addr2str(&mroute.source, src, sizeof(src)), mroute.src_len,
inet_addr2str(&mroute.group, grp, sizeof(grp)), mroute.len);
if (mroute_del_route(&mroute))
rc = -1;
}
}
if (!state_in.match_count) {
WARN("mroute: inbound %s is not a known phyint", iif);
rc = -1;
}
done:
return rc;
}
static int conf_phyint(struct conf *conf, int enable, char *iif, int mrdisc, int threshold)
{
(void)conf;
if (conf_vrfy) {
struct iface *iface;
struct ifmatch ifm;
iface_match_init(&ifm);
iface = iface_match_by_name(iif, 1, &ifm);
if (!iface)
return 1;
iface->vif = conf_vrfy_vif;
iface->mif = conf_vrfy_vif++;
return 0;
}
if (enable)
return mroute_add_vif(iif, mrdisc, threshold);
return mroute_del_vif(iif);
}
/*
* This function parses the given configuration file according to the
* below format rules. Joins multicast groups and creates multicast
* routes accordingly in the kernel. Whitespace is ignored.
*
* Format:
* phyint IFNAME <enable|disable> [ttl-threshold <1-255>]
* mgroup from IFNAME [source ADDRESS] group MCGROUP
* mroute from IFNAME source ADDRESS group MCGROUP to IFNAME [IFNAME ...]
* include FILEPATTERN
*/
int conf_parse(struct conf *conf, int do_vifs)
{
char *linebuf, *line;
int rc = 0;
FILE *fp;
fp = fopen(conf->file, "r");
if (!fp) {
if (errno == ENOENT)
smclog(LOG_NOTICE, "Configuration file %s does not exist", conf->file);
else
smclog(LOG_WARNING, "Failed opening %s: %s", conf->file, strerror(errno));
if (!conf_vrfy)
smclog(LOG_NOTICE, "Continuing anyway, waiting for client to connect.");
return 1;
}
linebuf = malloc(MAX_LINE_LEN * sizeof(char));
if (!linebuf) {
int tmp = errno;
fclose(fp);
errno = tmp;
smclog(LOG_ERR, "Failed allocating memory to read .conf file: %s", strerror(errno));
exit(EX_OSERR);
}
conf->lineno = 0;
next:
while ((line = fgets(linebuf, MAX_LINE_LEN, fp))) {
int mrdisc = 0, threshold = DEFAULT_THRESHOLD;
int op = 0, num = 0, enable = do_vifs;
char *oif[MAX_MC_VIFS];
char *include = NULL;
char *source = NULL;
char *group = NULL;
char *iif = NULL;
char *ttl = NULL;
char *token;
glob_t gl;
size_t i;
/* Strip any line end character(s) */
chomp(line);
conf->lineno++;
DEBUG("%s", line);
while ((token = pop_token(&line))) {
/* Strip comments. */
if (match("#", token))
break;
if (!op) {
if (match("mgroup", token)) {
op = MGROUP;
} else if (match("ssmgroup", token)) {
op = MGROUP; /* Compat */
} else if (match("mroute", token)) {
op = MROUTE;
} else if (match("phyint", token)) {
op = PHYINT;
iif = pop_token(&line);
if (!iif) {
WARN("phyint missing interface pattern");
goto next;
}
} else if (match("include", token)) {
op = INCLUDE;
include = pop_token(&line);
smclog(LOG_DEBUG, "Found include --> %s", include);
break;
} else {
WARN("Unknown command %s, skipping.", token);
goto next;
}
}
if (match("from", token)) {
iif = pop_token(&line);
} else if (match("source", token)) {
source = pop_token(&line);
} else if (match("group", token)) {
group = pop_token(&line);
} else if (match("to", token)) {
while ((oif[num] = pop_token(&line)))
num++;
} else if (match("enable", token)) {
enable = 1;
} else if (match("disable", token)) {
enable = 0;
} else if (match("mrdisc", token)) {
mrdisc = 1;
} else if (match("ttl-threshold", token)) {
ttl = pop_token(&line);
}
}
if (iif && !iface_exist(iif)) {
switch (op) {
case MGROUP:
WARN("mgroup from %s matches no valid phyint, skipping ...", iif);
break;
case MROUTE:
WARN("mroute from %s matches no valid phyint, skipping ...", iif);
break;
default:
WARN("phyint %s does not exist (yet?) on this system", iif);
break;
}
continue;
}
if (ttl) {
int val = atoi(ttl);
if (val < 1 || val > 255)
WARN("phyint %s ttl %s out of range (1-255)", iif ? iif : "", ttl);
else
threshold = val;
}
switch (op) {
case EMPTY:
break;
case MGROUP:
if (conf_mgroup(conf, 1, iif, source, group))
rc = -1;
break;
case MROUTE:
if (conf_mroute(conf, 1, iif, source, group, oif, num))
rc = -1;
break;
case PHYINT:
if (conf_phyint(conf, enable, iif, mrdisc, threshold))
rc = -1;
break;
case INCLUDE:
glob(include, 0, NULL, &gl);
for (i = 0; i < gl.gl_pathc; i++) {
struct conf inc = { .file = gl.gl_pathv[i] };
smclog(LOG_DEBUG, "Glob expansion to %s ...", gl.gl_pathv[i]);
if (conf_parse(&inc, do_vifs))
smclog(LOG_WARNING, "Failed reading %s: %s",
gl.gl_pathv[i], strerror(errno));
}
globfree(&gl);
break;
default:
WARN("Unknown token %d", op);
break;
}
}
free(linebuf);
fclose(fp);
if (rc) {
errno = EOPNOTSUPP;
return 1;
}
return 0;
}
/* Parse .conf file and setup routes */
int conf_read(char *file, int do_vifs)
{
struct conf conf = { .file = file };
if (conf_parse(&conf, do_vifs)) {
if (errno == EOPNOTSUPP)
smclog(LOG_WARNING, "Parse error in %s", file);
return EX_CONFIG;
}
if (conf_vrfy)
return EX_OK;
return script_exec(NULL);
}
/**
* Local Variables:
* indent-tabs-mode: t
* c-file-style: "linux"
* End:
*/
================================================
FILE: src/conf.h
================================================
#ifndef SMCROUTE_CONF_H_
#define SMCROUTE_CONF_H_
#include "config.h"
#define EMPTY 0
#define MGROUP 1
#define MROUTE 2
#define PHYINT 3
#define INCLUDE 4
struct conf {
const char *file;
unsigned int lineno;
};
extern int conf_vrfy;
int conf_mgroup (struct conf *conf, int cmd, char *iif, char *source, char *group);
int conf_mroute (struct conf *conf, int cmd, char *iif, char *source, char *group, char *oif[], int num);
int conf_parse (struct conf *conf, int do_vifs);
int conf_read (char *file, int do_vifs);
#endif /* SMCROUTE_CONF_H_ */
/**
* Local Variables:
* indent-tabs-mode: t
* c-file-style: "linux"
* End:
*/
================================================
FILE: src/iface.c
================================================
/* Physical and virtual interface API
*
* Copyright (C) 2001-2005 Carsten Schill <carsten@cschill.de>
* Copyright (C) 2006-2009 Julien BLACHE <jb@jblache.org>
* Copyright (C) 2009 Todd Hayton <todd.hayton@gmail.com>
* Copyright (C) 2009-2011 Micha Lenk <micha@debian.org>
* Copyright (C) 2011-2021 Joachim Wiberg <troglobit@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
#include "queue.h"
#include <errno.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <sysexits.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <ifaddrs.h>
#include <limits.h>
#include <unistd.h>
#include <netinet/in.h>
#include "log.h"
#include "ipc.h"
#include "iface.h"
#include "mcgroup.h"
#include "timer.h"
#include "util.h"
static TAILQ_HEAD(iflist, iface) iface_list = TAILQ_HEAD_INITIALIZER(iface_list);
extern int do_vifs;
/**
* iface_update - Check of new interfaces
*/
void iface_update(void)
{
struct ifaddrs *ifaddr, *ifa;
if (getifaddrs(&ifaddr) == -1) {
smclog(LOG_ERR, "Failed retrieving interface addresses: %s", strerror(errno));
exit(EX_OSERR);
}
for (ifa = ifaddr; ifa; ifa = ifa->ifa_next) {
struct iface *iface;
int ifindex;
ifindex = if_nametoindex(ifa->ifa_name);
/* Check if already added? */
iface = iface_find_by_name(ifa->ifa_name);
if (iface) {
smclog(LOG_DEBUG, "Found %s, updating ...", ifa->ifa_name);
iface->flags = ifa->ifa_flags;
if (ifindex != iface->ifindex || (iface->flags & IFF_MULTICAST) != IFF_MULTICAST) {
mcgroup_prune(ifa->ifa_name);
mroute_del_vif(ifa->ifa_name);
}
iface->ifindex = ifindex;
if (!iface->inaddr.s_addr && ifa->ifa_addr && ifa->ifa_addr->sa_family == AF_INET)
iface->inaddr = ((struct sockaddr_in *)ifa->ifa_addr)->sin_addr;
if (do_vifs)
iface->unused = 0;
continue;
}
smclog(LOG_DEBUG, "Found new interface %s, adding ...", ifa->ifa_name);
iface = calloc(1, sizeof(struct iface));
if (!iface) {
smclog(LOG_ERR, "Failed allocating space for interface: %s", strerror(errno));
exit(EX_OSERR);
}
/*
* Only copy interface address if inteface has one. On
* Linux we can enumerate VIFs using ifindex, useful for
* DHCP interfaces w/o any address yet. Other UNIX
* systems will fail on the MRT_ADD_VIF ioctl. if the
* kernel cannot find a matching interface.
*/
if (ifa->ifa_addr && ifa->ifa_addr->sa_family == AF_INET)
iface->inaddr = ((struct sockaddr_in *)ifa->ifa_addr)->sin_addr;
iface->flags = ifa->ifa_flags;
strlcpy(iface->ifname, ifa->ifa_name, sizeof(iface->ifname));
iface->ifindex = if_nametoindex(iface->ifname);
iface->vif = ALL_VIFS;
iface->mif = ALL_MIFS;
iface->mrdisc = 0;
iface->threshold = DEFAULT_THRESHOLD;
TAILQ_INSERT_TAIL(&iface_list, iface, link);
}
freeifaddrs(ifaddr);
}
/**
* iface_init - Probe for interaces at startup
*
* Builds up a vector with active system interfaces. Must be called
* before any other interface functions in this module!
*/
void iface_init(void)
{
iface_update();
}
/**
* iface_exit - Tear down interface list and clean up
*/
void iface_exit(void)
{
struct iface *iface, *tmp;
TAILQ_FOREACH_SAFE(iface, &iface_list, link, tmp) {
TAILQ_REMOVE(&iface_list, iface, link);
free(iface);
}
}
/**
* iface_find - Find an interface by ifindex
* @ifindex: Interface index
*
* Returns:
* Pointer to a @struct iface of the matching interface, or %NULL if no
* interface exists, or is up. If more than one interface exists, chose
* the interface that corresponds to a virtual interface.
*/
struct iface *iface_find(int ifindex)
{
struct iface *iface;
TAILQ_FOREACH(iface, &iface_list, link) {
if (iface->ifindex == ifindex)
return iface;
}
return NULL;
}
/**
* iface_find_by_name - Find an interface by name
* @ifname: Interface name
*
* Returns:
* Pointer to a @struct iface of the matching interface, or %NULL if no
* interface exists, or is up. If more than one interface exists, chose
* the interface that corresponds to a virtual interface.
*/
struct iface *iface_find_by_name(const char *ifname)
{
struct iface *candidate = NULL;
struct iface *iface;
#ifdef __linux__
char *ptr;
#endif
char *nm;
if (!ifname)
return NULL;
nm = strdup(ifname);
if (!nm)
return NULL;
#ifdef __linux__
/* Linux alias interfaces should use the same VIF/MIF as parent */
ptr = strchr(nm, ':');
if (ptr)
*ptr = 0;
#endif
TAILQ_FOREACH(iface, &iface_list, link) {
if (!strcmp(nm, iface->ifname)) {
if (iface->vif != NO_VIF) {
free(nm);
return iface;
}
candidate = iface;
}
}
free(nm);
return candidate;
}
static struct iface *find_by_vif(vifi_t vif)
{
struct iface *iface;
TAILQ_FOREACH(iface, &iface_list, link) {
if (iface->vif != NO_VIF && iface->vif == vif)
return iface;
}
return NULL;
}
static struct iface *find_by_mif(mifi_t mif)
{
struct iface *iface;
TAILQ_FOREACH(iface, &iface_list, link) {
if (iface->mif != NO_VIF && iface->mif == mif)
return iface;
}
return NULL;
}
/**
* iface_find_by_inbound - Find iface by route's inbound VIF
* @route: Route's inbound to use
*
* Returns:
* Pointer to a @struct iface of the requested interface, or %NULL if no
* interface matching @mif exists.
*/
struct iface *iface_find_by_inbound(struct mroute *route)
{
#ifdef HAVE_IPV6_MULTICAST_HOST
if (route->group.ss_family == AF_INET6)
return find_by_mif(route->inbound);
#endif
return find_by_vif(route->inbound);
}
/**
* iface_match_init - Initialize interface matching iterator
* @state: Iterator state to be initialized
*/
void iface_match_init(struct ifmatch *state)
{
state->iface = TAILQ_FIRST(&iface_list);
state->match_count = 0;
}
/**
* ifname_is_wildcard - Check whether interface name is a wildcard
*
* Returns:
* %TRUE(1) if wildcard, %FALSE(0) if normal interface name
*/
int ifname_is_wildcard(const char *ifname)
{
return (ifname && ifname[0] && ifname[strlen(ifname) - 1] == '+');
}
/**
* iface_match_by_name - Find matching interfaces by name pattern
* @ifname: Interface name pattern
* @reload: Set while reloading .conf
* @state: Iterator state
*
* Interface name patterns use iptables- syntax, i.e. perform prefix
* match with a trailing '+' matching anything.
*
* Returns:
* Pointer to a @struct iface of the next matching interface, or %NULL if no
* (more) interfaces exist (or are up).
*/
struct iface *iface_match_by_name(const char *ifname, int reload, struct ifmatch *state)
{
unsigned int match_len = UINT_MAX;
if (!ifname)
return NULL;
if (ifname_is_wildcard(ifname))
match_len = strlen(ifname) - 1;
while (state->iface != TAILQ_END(&iface_list)) {
struct iface *iface = state->iface;
if (!strncmp(ifname, iface->ifname, match_len)) {
if (reload || !iface->unused) {
state->iface = TAILQ_NEXT(iface, link);
state->match_count++;
return iface;
}
}
state->iface = TAILQ_NEXT(iface, link);
}
return NULL;
}
/**
* iface_iterator - Interface iterator
* @first: Set to start from beginning
*
* Returns:
* Pointer to a @struct iface, or %NULL when no more interfaces exist.
*/
struct iface *iface_iterator(int first)
{
static struct iface *iface = NULL;
if (first)
iface = TAILQ_FIRST(&iface_list);
else
iface = TAILQ_NEXT(iface, link);
return iface;
}
struct iface *iface_outbound_iterator(struct mroute *route, int first)
{
struct iface *iface = NULL;
static vifi_t i = 0;
if (first)
i = 0;
while (i < MAX_MC_VIFS) {
vifi_t vif = i++;
if (route->ttl[vif] == 0)
continue;
#ifdef HAVE_IPV6_MULTICAST_ROUTING
if (route->group.ss_family == AF_INET6)
iface = find_by_mif(vif);
else
#endif
iface = find_by_vif(vif);
if (!iface)
continue;
return iface;
}
return NULL;
}
vifi_t iface_get_vif(int af_family, struct iface *iface)
{
#ifdef HAVE_IPV6_MULTICAST_HOST
if (af_family == AF_INET6)
return iface->mif;
#endif
return iface->vif;
}
/**
* iface_match_vif_by_name - Get matching virtual interface index by interface name pattern (IPv4)
* @ifname: Interface name pattern
* @state: Iterator state
*
* Returns:
* The virtual interface index if the interface matches and is registered
* with the kernel, or -1 if no (more) matching virtual interfaces are found.
*/
vifi_t iface_match_vif_by_name(const char *ifname, struct ifmatch *state, struct iface **found)
{
struct iface *iface;
while ((iface = iface_match_by_name(ifname, 0, state))) {
if (iface->vif != NO_VIF) {
if (found)
*found = iface;
// smclog(LOG_DEBUG, " %s has VIF %d", iface->ifname, iface->vif);
return iface->vif;
}
// smclog(LOG_DEBUG, " %s has NO VIF", iface->ifname);
state->match_count--;
}
return NO_VIF;
}
/**
* iface_match_mif_by_name - Get matching virtual interface index by interface name pattern (IPv6)
* @ifname: Interface name pattern
* @state: Iterator state
*
* Returns:
* The virtual interface index if the interface matches and is registered
* with the kernel, or -1 if no (more) matching virtual interfaces are found.
*/
mifi_t iface_match_mif_by_name(const char *ifname, struct ifmatch *state, struct iface **found)
{
struct iface *iface;
while ((iface = iface_match_by_name(ifname, 0, state))) {
if (iface->mif != NO_VIF) {
if (found)
*found = iface;
smclog(LOG_DEBUG, " %s has MIF %d", iface->ifname, iface->mif);
return iface->mif;
}
state->match_count--;
}
return NO_VIF;
}
/* Return all currently known interfaces */
int iface_show(int sd, int detail)
{
struct iface *iface;
char *p = "PHYINT";
char line[120];
int inw;
(void)detail;
inw = iface_ifname_maxlen();
if (inw < (int)strlen(p))
inw = (int)strlen(p);
snprintf(line, sizeof(line), " INDEX %-*s VIF MIF=\n", inw, p);
ipc_send(sd, line, strlen(line));
iface = iface_iterator(1);
while (iface) {
char buf[256];
char vif[6];
char mif[6];
if (iface->vif < 65535)
snprintf(vif, sizeof(vif), "%d", iface->vif);
else
snprintf(vif, sizeof(vif), "N/A");
if (iface->mif < 65535)
snprintf(mif, sizeof(mif), "%d", iface->mif);
else
snprintf(mif, sizeof(mif), "N/A");
snprintf(buf, sizeof(buf), "%6d %-*s %4s %4s\n", iface->ifindex,
inw, iface->ifname, vif, mif);
if (ipc_send(sd, buf, strlen(buf)) < 0) {
smclog(LOG_ERR, "Failed sending reply to client: %s", strerror(errno));
return -1;
}
iface = iface_iterator(0);
}
return 0;
}
/**
* Local Variables:
* indent-tabs-mode: t
* c-file-style: "linux"
* End:
*/
================================================
FILE: src/iface.h
================================================
/* Physical and virtual interface API */
#ifndef SMCROUTE_IFACE_H_
#define SMCROUTE_IFACE_H_
#include "config.h"
#include <stdint.h>
#include <net/if.h> /* IFNAMSIZ */
#include <netinet/in.h> /* struct in_addr */
#include "mroute.h" /* vifit_t + mifi_t */
#ifndef ALL_MIFS
#define ALL_MIFS (vifi_t)-1
#endif
#define DEFAULT_THRESHOLD 1 /* Packet TTL must be at least 1 to pass */
#define NO_VIF ALL_VIFS
struct iface {
TAILQ_ENTRY(iface) link;
int unused; /* set on reload/SIGHUP only */
char ifname[IFNAMSIZ];
struct in_addr inaddr; /* == 0 for non IP interfaces */
int ifindex; /* Physical interface index */
short flags;
vifi_t vif;
mifi_t mif;
uint8_t mrdisc; /* Enable multicast router discovery */
uint8_t threshold; /* TTL threshold: 1-255, default: 1 */
};
struct ifmatch {
struct iface *iface;
size_t match_count;
};
void iface_init (void);
void iface_exit (void);
void iface_update (void);
struct iface *iface_iterator (int first);
struct iface *iface_outbound_iterator (struct mroute *route, int first);
struct iface *iface_find (int ifindex);
struct iface *iface_find_by_name (const char *ifname);
struct iface *iface_find_by_inbound (struct mroute *route);
void iface_match_init (struct ifmatch *state);
struct iface *iface_match_by_name (const char *ifname, int reload, struct ifmatch *state);
int ifname_is_wildcard (const char *ifname);
vifi_t iface_get_vif (int af_family, struct iface *iface);
vifi_t iface_match_vif_by_name (const char *ifname, struct ifmatch *state, struct iface **found);
mifi_t iface_match_mif_by_name (const char *ifname, struct ifmatch *state, struct iface **found);
int iface_show (int sd, int detail);
/*
* Check if interface exists, at all, on the system
*/
static inline int iface_exist(char *ifname)
{
struct ifmatch ifm;
iface_match_init(&ifm);
return iface_match_by_name(ifname, 1, &ifm) != NULL;
}
static inline int iface_ifname_maxlen(void)
{
struct iface *iface;
int maxlen = 0;
int first = 1;
while ((iface = iface_iterator(first))) {
first = 0;
if ((int)strlen(iface->ifname) > maxlen)
maxlen = (int)strlen(iface->ifname);
}
return maxlen;
}
#endif /* SMCROUTE_IFACE_H_ */
/**
* Local Variables:
* indent-tabs-mode: t
* c-file-style: "linux"
* End:
*/
================================================
FILE: src/inet.c
================================================
/* Housekeeping IPv4/IPv6 wrapper functions
*
* Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
#include "inet.h"
void inet_addr_set(inet_addr_t *addr, const struct in_addr *ina)
{
struct sockaddr_in *sin = (struct sockaddr_in *)addr;
assert(addr && ina);
sin->sin_family = AF_INET;
#ifdef HAVE_SOCKADDR_IN_SIN_LEN
sin->sin_len = sizeof(struct sockaddr_in);
#endif
sin->sin_addr = *ina;
}
struct in_addr *inet_addr_get(inet_addr_t *addr)
{
struct sockaddr_in *sin = (struct sockaddr_in *)addr;
assert(addr);
assert(sin->sin_family == AF_INET);
return &sin->sin_addr;
}
#ifdef HAVE_IPV6_MULTICAST_HOST
void inet_addr6_set(inet_addr_t *addr, const struct in6_addr *ina)
{
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;
assert(addr && ina);
sin6->sin6_family = AF_INET6;
#ifdef HAVE_SOCKADDR_IN_SIN_LEN
sin6->sin6_len = sizeof(struct sockaddr_in6);
#endif
sin6->sin6_addr = *ina;
}
struct sockaddr_in6 *inet_addr6_get(inet_addr_t *addr)
{
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;
assert(addr);
assert(sin6->sin6_family == AF_INET6);
return sin6;
}
#endif /* HAVE_IPV6_MULTICAST_HOST */
void inet_anyaddr(sa_family_t family, inet_addr_t *addr)
{
struct sockaddr_in *sin = (struct sockaddr_in *)addr;
#ifdef HAVE_IPV6_MULTICAST_HOST
if (family == AF_INET6) {
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;
sin6->sin6_family = AF_INET6;
#ifdef HAVE_SOCKADDR_IN_SIN_LEN
sin6->sin6_len = sizeof(struct sockaddr_in6);
#endif
memcpy(&sin6->sin6_addr, &in6addr_any, sizeof(in6addr_any));
return;
}
#endif
sin->sin_family = AF_INET;
#ifdef HAVE_SOCKADDR_IN_SIN_LEN
sin->sin_len = sizeof(struct sockaddr_in);
#endif
sin->sin_addr.s_addr = htonl(INADDR_ANY);
}
inet_addr_t inet_netaddr(inet_addr_t *addr, int len)
{
inet_addr_t net = *addr;
uint32_t bits;
int max_len;
assert(addr);
#ifdef HAVE_IPV6_MULTICAST_HOST
if (addr->ss_family == AF_INET6)
max_len = 128;
else
#endif
max_len = 32;
assert(len > 0 && len <= max_len);
bits = max_len - len;
#ifdef HAVE_IPV6_MULTICAST_HOST
if (addr->ss_family == AF_INET6) {
struct sockaddr_in6 *sin6 = inet_addr6_get(&net);
struct in6_addr s6 = sin6->sin6_addr;
uint32_t pos = 3;
while (bits >= 32) {
s6.s6_addr32[pos--] = 0;
bits -= 32;
}
s6.s6_addr32[pos] = htonl(ntohl(s6.s6_addr32[pos]) & ((0xffffffffU << bits) & 0xffffffffU));
sin6->sin6_addr = s6;
} else
#endif
{
struct in_addr *ina = inet_addr_get(&net);
ina->s_addr = htonl(ntohl(ina->s_addr) & ((0xffffffffU << bits) & 0xffffffffU));
}
return net;
}
int inet_addr_cmp(inet_addr_t *a, inet_addr_t *b)
{
if (!a || !b) {
errno = EINVAL;
return 1;
}
if (a->ss_family == AF_INET && b->ss_family == AF_INET) {
struct sockaddr_in *sa = (struct sockaddr_in *)a;
struct sockaddr_in *sb = (struct sockaddr_in *)b;
return sa->sin_addr.s_addr - sb->sin_addr.s_addr;
}
#ifdef HAVE_IPV6_MULTICAST_HOST
if (a->ss_family == AF_INET6 && b->ss_family == AF_INET6) {
struct sockaddr_in6 *sa = (struct sockaddr_in6 *)a;
struct sockaddr_in6 *sb = (struct sockaddr_in6 *)b;
return memcmp(sa, sb, sizeof(*sa));
}
#endif
errno = EAFNOSUPPORT;
return 1;
}
const char *inet_addr2str(inet_addr_t *addr, char *str, size_t len)
{
struct sockaddr_in *sin = (struct sockaddr_in *)addr;
#ifdef HAVE_IPV6_MULTICAST_HOST
if (addr->ss_family == AF_INET6) {
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;
return inet_ntop(AF_INET6, &sin6->sin6_addr, str, len);
}
#endif
return inet_ntop(AF_INET, &sin->sin_addr, str, len);
}
int inet_str2addr(const char *str, inet_addr_t *addr)
{
struct sockaddr_in *sin = (struct sockaddr_in *)addr;
int rc;
if (!str || !addr) {
errno = EINVAL;
return -1;
}
#ifdef HAVE_IPV6_MULTICAST_HOST
if (strchr(str, ':')) {
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;
sin6->sin6_family = AF_INET6;
#ifdef HAVE_SOCKADDR_IN_SIN_LEN
sin6->sin6_len = sizeof(struct sockaddr_in6);
#endif
rc = inet_pton(AF_INET6, str, &sin6->sin6_addr);
} else
#endif
{
sin->sin_family = AF_INET;
#ifdef HAVE_SOCKADDR_IN_SIN_LEN
sin->sin_len = sizeof(struct sockaddr_in);
#endif
rc = inet_pton(AF_INET, str, &sin->sin_addr);
}
if (rc == 0 || rc == -1)
return 1;
return 0;
}
int is_multicast(inet_addr_t *addr)
{
struct sockaddr_in *sin = (struct sockaddr_in *)addr;
#ifdef HAVE_IPV6_MULTICAST_HOST
if (addr->ss_family == AF_INET6) {
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;
return IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr);
}
#endif
return IN_MULTICAST(ntohl(sin->sin_addr.s_addr));
}
int is_anyaddr(inet_addr_t *addr)
{
struct sockaddr_in *sin = (struct sockaddr_in *)addr;
#ifdef HAVE_IPV6_MULTICAST_HOST
if (addr->ss_family == AF_INET6) {
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;
return !memcmp(&sin6->sin6_addr, &in6addr_any, sizeof(in6addr_any));
}
#endif
return sin->sin_addr.s_addr == htonl(INADDR_ANY);
}
int inet_iter_init(struct inet_iter *iter, inet_addr_t *addr, int len)
{
int max_len;
if (!iter)
return errno = EINVAL;
#ifdef HAVE_IPV6_MULTICAST_HOST
if (addr->ss_family == AF_INET6)
max_len = 128;
else
#endif
max_len = 32;
if (len < 0 || len > max_len) {
iter->num = 0;
return errno = EINVAL;
}
iter->orig = *addr;
iter->len = len;
iter->addr = inet_netaddr(addr, len);
iter->num = 1 << (max_len - len);
return 0;
}
int inet_iterator(struct inet_iter *iter, inet_addr_t *addr)
{
if (!iter) {
errno = EINVAL;
return 0;
}
if (iter->num-- == 0)
return 0;
*addr = iter->addr; /* prepared already */
#ifdef HAVE_IPV6_MULTICAST_HOST
if (addr->ss_family == AF_INET6) {
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&iter->addr;
struct in6_addr s6 = sin6->sin6_addr;
uint32_t pos = 4;
while (pos--) {
uint32_t addr32 = ntohl(s6.s6_addr32[pos]);
addr32++;
s6.s6_addr32[pos] = htonl(addr32);
if (addr32 > 0)
break;
}
sin6->sin6_addr = s6;
} else
#endif
{
struct sockaddr_in *sin = (struct sockaddr_in *)&iter->addr;
in_addr_t ina;
ina = ntohl(sin->sin_addr.s_addr);
sin->sin_addr.s_addr = htonl(++ina);
}
return 1;
}
#ifdef _UNIT_TEST
#include <err.h>
#include <stdio.h>
int main(void)
{
char str[INET_ADDRSTR_LEN];
struct inet_iter iter;
inet_addr_t addr;
inet_anyaddr(AF_INET6, &addr);
if (!is_anyaddr(&addr))
err(1, "FAIL");
puts("OK");
inet_str2addr("192.168.1.42", &addr);
inet_iter_init(&iter, &addr, 24);
printf("Got num: %u\n", iter.num);
while (inet_iterator(&iter, &addr))
printf("%s num %u\n", inet_addr2str(&addr, str, sizeof(str)), iter.num);
inet_str2addr("2001::1", &addr);
inet_iter_init(&iter, &addr, 122);
printf("Got num: %u -> initial str %s\n", iter.num, inet_addr2str(&addr, str, sizeof(str)));
while (inet_iterator(&iter, &addr))
printf("%s num %u\n", inet_addr2str(&addr, str, sizeof(str)), iter.num);
inet_str2addr("192.168.1.42", &addr);
inet_iter_init(&iter, &addr, 1);
printf("Got num: %u\n", iter.num);
while (inet_iterator(&iter, &addr))
printf("%s num %u\n", inet_addr2str(&addr, str, sizeof(str)), iter.num);
return 0;
}
#endif
/**
* Local Variables:
* compile-command: "gcc -D_UNIT_TEST -I.. -I. -o unit_test inet.c && ./unit_test"
* indent-tabs-mode: t
* c-file-style: "linux"
* End:
*/
================================================
FILE: src/inet.h
================================================
/* Housekeeping IPv4/IPv6 wrapper functions
*
* Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
#ifndef SMCROUTE_INET_H_
#define SMCROUTE_INET_H_
#include "config.h"
#include <assert.h>
#include <errno.h>
#include <string.h>
#include <arpa/inet.h> /* inet_ntop() */
#include <netinet/in.h>
#include <sys/socket.h>
#ifdef HAVE_IPV6_MULTICAST_HOST
#define INET_ADDRSTR_LEN INET6_ADDRSTRLEN
#else
#define INET_ADDRSTR_LEN INET_ADDRSTRLEN
#endif
typedef struct sockaddr_storage inet_addr_t;
#ifndef s6_addr32
# if defined(__FreeBSD__)
# define s6_addr32 __u6_addr.__u6_addr32
# elif defined(__linux__)
# define s6_addr32 __in6_u.__u6_addr32
# else
# error "IPv6 s6_addr32 is not defined, unknown operating system, build --without-ipv6"
# endif
#endif
struct inet_iter {
inet_addr_t orig;
int len;
inet_addr_t addr;
uint32_t num;
};
void inet_addr_set (inet_addr_t *addr, const struct in_addr *ina);
struct in_addr *inet_addr_get (inet_addr_t *addr);
#ifdef HAVE_IPV6_MULTICAST_HOST
void inet_addr6_set (inet_addr_t *addr, const struct in6_addr *ina);
struct sockaddr_in6 *inet_addr6_get (inet_addr_t *addr);
#endif
void inet_anyaddr (sa_family_t family, inet_addr_t *addr);
inet_addr_t inet_netaddr (inet_addr_t *addr, int len);
int inet_addr_cmp (inet_addr_t *a, inet_addr_t *b);
const char *inet_addr2str (inet_addr_t *addr, char *str, size_t len);
int inet_str2addr (const char *str, inet_addr_t *addr);
int is_multicast (inet_addr_t *addr);
int is_anyaddr (inet_addr_t *addr);
int inet_iter_init (struct inet_iter *iter, inet_addr_t *addr, int len);
int inet_iterator (struct inet_iter *iter, inet_addr_t *addr);
static inline int inet_max_len (inet_addr_t *addr)
{
#ifdef HAVE_IPV6_MULTICAST_HOST
if (addr->ss_family == AF_INET6)
return 128;
#endif
return 32;
}
#endif /* SMCROUTE_INET_H_ */
================================================
FILE: src/ip_mroute.h
================================================
/* Imported from Apple XNU sources, 2050.18.24
* https://opensource.apple.com/source/xnu/xnu-2050.18.24/bsd/netinet/ip_mroute.h
*
* Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
* This file contains Original Code and/or Modifications of Original Code
* as defined in and that are subject to the Apple Public Source License
* Version 2.0 (the 'License'). You may not use this file except in
* compliance with the License. The rights granted to you under the License
* may not be used to create, or enable the creation or redistribution of,
* unlawful or unlicensed copies of an Apple operating system, or to
* circumvent, violate, or enable the circumvention or violation of, any
* terms of an Apple operating system software license agreement.
*
* Please obtain a copy of the License at
* http://www.opensource.apple.com/apsl/ and read it before using this file.
*
* The Original Code and all software distributed under the License are
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
* Please see the License for the specific language governing rights and
* limitations under the License.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
/*
* Copyright (c) 1989 Stephen Deering.
* Copyright (c) 1992, 1993
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Stephen Deering of Stanford University.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)ip_mroute.h 8.1 (Berkeley) 6/10/93
*/
#ifndef _NETINET_IP_MROUTE_H_
#define _NETINET_IP_MROUTE_H_
#include <sys/appleapiopts.h>
/*
* Definitions for IP multicast forwarding.
*
* Written by David Waitzman, BBN Labs, August 1988.
* Modified by Steve Deering, Stanford, February 1989.
* Modified by Ajit Thyagarajan, PARC, August 1993.
* Modified by Ajit Thyagarajan, PARC, August 1994.
*
* MROUTING Revision: 3.3.1.3
*/
/*
* Multicast Routing set/getsockopt commands.
*/
#define MRT_INIT 100 /* initialize forwarder */
#define MRT_DONE 101 /* shut down forwarder */
#define MRT_ADD_VIF 102 /* create virtual interface */
#define MRT_DEL_VIF 103 /* delete virtual interface */
#define MRT_ADD_MFC 104 /* insert forwarding cache entry */
#define MRT_DEL_MFC 105 /* delete forwarding cache entry */
#define MRT_VERSION 106 /* get kernel version number */
#define MRT_ASSERT 107 /* enable PIM assert processing */
#ifdef KERNEL_PRIVATE
#define GET_TIME(t) microtime(&t)
#endif /* KERNEL_PRIVATE */
#ifndef CONFIG_MAXVIFS
#define CONFIG_MAXVIFS 32 /* 4635538 temp workaround */
#endif
#ifndef CONFIG_MFCTBLSIZ
#define CONFIG_MFCTBLSIZ 256 /* 4635538 temp workaround */
#endif
/*
* Types and macros for handling bitmaps with one bit per virtual interface.
*/
typedef u_int32_t vifbitmap_t;
typedef u_short vifi_t; /* type of a vif index */
#define ALL_VIFS (vifi_t)-1
#define VIFM_SET(n, m) ((m) |= (1 << (n)))
#define VIFM_CLR(n, m) ((m) &= ~(1 << (n)))
#define VIFM_ISSET(n, m) ((m) & (1 << (n)))
#define VIFM_CLRALL(m) ((m) = 0x00000000)
#define VIFM_COPY(mfrom, mto) ((mto) = (mfrom))
#define VIFM_SAME(m1, m2) ((m1) == (m2))
/*
* Argument structure for MRT_ADD_VIF.
* (MRT_DEL_VIF takes a single vifi_t argument.)
*/
struct vifctl {
vifi_t vifc_vifi; /* the index of the vif to be added */
u_char vifc_flags; /* VIFF_ flags defined below */
u_char vifc_threshold; /* min ttl required to forward on vif */
u_int vifc_rate_limit; /* max rate */
struct in_addr vifc_lcl_addr; /* local interface address */
struct in_addr vifc_rmt_addr; /* remote address (tunnels only) */
};
#define VIFF_TUNNEL 0x1 /* vif represents a tunnel end-point */
#define VIFF_SRCRT 0x2 /* tunnel uses IP source routing */
/*
* Argument structure for MRT_ADD_MFC and MRT_DEL_MFC
* (mfcc_tos to be added at a future point)
*/
struct mfcctl {
struct in_addr mfcc_origin; /* ip origin of mcasts */
struct in_addr mfcc_mcastgrp; /* multicast group associated*/
vifi_t mfcc_parent; /* incoming vif */
u_char mfcc_ttls[CONFIG_MAXVIFS]; /* forwarding ttls on vifs */
};
/*
* The kernel's multicast routing statistics.
*/
struct mrtstat {
u_int32_t mrts_mfc_lookups; /* # forw. cache hash table hits */
u_int32_t mrts_mfc_misses; /* # forw. cache hash table misses */
u_int32_t mrts_upcalls; /* # calls to mrouted */
u_int32_t mrts_no_route; /* no route for packet's origin */
u_int32_t mrts_bad_tunnel; /* malformed tunnel options */
u_int32_t mrts_cant_tunnel; /* no room for tunnel options */
u_int32_t mrts_wrong_if; /* arrived on wrong interface */
u_int32_t mrts_upq_ovflw; /* upcall Q overflow */
u_int32_t mrts_cache_cleanups; /* # entries with no upcalls */
u_int32_t mrts_drop_sel; /* pkts dropped selectively */
u_int32_t mrts_q_overflow; /* pkts dropped - Q overflow */
u_int32_t mrts_pkt2large; /* pkts dropped - size > BKT SIZE */
u_int32_t mrts_upq_sockfull; /* upcalls dropped - socket full */
};
/*
* Argument structure used by mrouted to get src-grp pkt counts
*/
struct sioc_sg_req {
struct in_addr src;
struct in_addr grp;
u_int32_t pktcnt;
u_int32_t bytecnt;
u_int32_t wrong_if;
};
/*
* Argument structure used by mrouted to get vif pkt counts
*/
struct sioc_vif_req {
vifi_t vifi; /* vif number */
u_int32_t icount; /* Input packet count on vif */
u_int32_t ocount; /* Output packet count on vif */
u_int32_t ibytes; /* Input byte count on vif */
u_int32_t obytes; /* Output byte count on vif */
};
#ifdef PRIVATE
/*
* The kernel's virtual-interface structure.
*/
struct tbf;
struct ifnet;
struct socket;
struct vif {
u_char v_flags; /* VIFF_ flags defined above */
u_char v_threshold; /* min ttl required to forward on vif*/
u_int v_rate_limit; /* max rate */
struct tbf *v_tbf; /* token bucket structure at intf. */
struct in_addr v_lcl_addr; /* local interface address */
struct in_addr v_rmt_addr; /* remote address (tunnels only) */
struct ifnet *v_ifp; /* pointer to interface */
u_int32_t v_pkt_in; /* # pkts in on interface */
u_int32_t v_pkt_out; /* # pkts out on interface */
u_int32_t v_bytes_in; /* # bytes in on interface */
u_int32_t v_bytes_out; /* # bytes out on interface */
struct route v_route; /* cached route if this is a tunnel */
u_int v_rsvp_on; /* RSVP listening on this vif */
struct socket *v_rsvpd; /* RSVP daemon socket */
};
#endif
/*
* The kernel's multicast forwarding cache entry structure
* (A field for the type of service (mfc_tos) is to be added
* at a future point)
*/
struct mfc {
struct in_addr mfc_origin; /* IP origin of mcasts */
struct in_addr mfc_mcastgrp; /* multicast group associated*/
vifi_t mfc_parent; /* incoming vif */
u_char mfc_ttls[CONFIG_MAXVIFS]; /* forwarding ttls on vifs */
u_int32_t mfc_pkt_cnt; /* pkt count for src-grp */
u_int32_t mfc_byte_cnt; /* byte count for src-grp */
u_int32_t mfc_wrong_if; /* wrong if for src-grp */
int mfc_expire; /* time to clean entry up */
struct timeval mfc_last_assert; /* last time I sent an assert*/
struct rtdetq *mfc_stall; /* q of packets awaiting mfc */
struct mfc *mfc_next; /* next mfc entry */
};
/*
* Struct used to communicate from kernel to multicast router
* note the convenient similarity to an IP packet
*/
struct igmpmsg {
u_int32_t unused1;
u_int32_t unused2;
u_char im_msgtype; /* what type of message */
#define IGMPMSG_NOCACHE 1
#define IGMPMSG_WRONGVIF 2
u_char im_mbz; /* must be zero */
u_char im_vif; /* vif rec'd on */
u_char unused3;
struct in_addr im_src, im_dst;
};
#define MFCTBLSIZ CONFIG_MFCTBLSIZ
#ifdef KERNEL_PRIVATE
/*
* Argument structure used for pkt info. while upcall is made
*/
struct rtdetq {
struct mbuf *m; /* A copy of the packet */
struct ifnet *ifp; /* Interface pkt came in on */
vifi_t xmt_vif; /* Saved copy of imo_multicast_vif */
#if UPCALL_TIMING
struct timeval t; /* Timestamp */
#endif /* UPCALL_TIMING */
struct rtdetq *next; /* Next in list of packets */
};
#if (CONFIG_MFCTBLSIZ & (CONFIG_MFCTBLSIZ - 1)) == 0 /* from sys:route.h */
#define MFCHASHMOD(h) ((h) & (CONFIG_MFCTBLSIZ - 1))
#else
#define MFCHASHMOD(h) ((h) % CONFIG_MFCTBLSIZ)
#endif
#define MAX_UPQ 4 /* max. no of pkts in upcall Q */
/*
* Token Bucket filter code
*/
#define MAX_BKT_SIZE 10000 /* 10K bytes size */
#define MAXQSIZE 10 /* max # of pkts in queue */
/*
* the token bucket filter at each vif
*/
struct tbf
{
struct timeval tbf_last_pkt_t; /* arr. time of last pkt */
u_int32_t tbf_n_tok; /* no of tokens in bucket */
u_int32_t tbf_q_len; /* length of queue at this vif */
u_int32_t tbf_max_q_len; /* max. queue length */
struct mbuf *tbf_q; /* Packet queue */
struct mbuf *tbf_t; /* tail-insertion pointer */
};
struct sockopt;
extern int (*ip_mrouter_set)(struct socket *, struct sockopt *);
extern int (*ip_mrouter_get)(struct socket *, struct sockopt *);
extern int (*ip_mrouter_done)(void);
#if MROUTING
extern int (*mrt_ioctl)(u_long, caddr_t);
#else
extern int (*mrt_ioctl)(u_long, caddr_t, struct proc *);
#endif
#endif /* KERNEL_PRIVATE */
#endif /* _NETINET_IP_MROUTE_H_ */
================================================
FILE: src/ipc.c
================================================
/* Daemon IPC API
*
* Copyright (C) 2001-2005 Carsten Schill <carsten@cschill.de>
* Copyright (C) 2006-2009 Julien BLACHE <jb@jblache.org>
* Copyright (C) 2009 Todd Hayton <todd.hayton@gmail.com>
* Copyright (C) 2009-2011 Micha Le
gitextract_5o0vch3v/
├── .github/
│ ├── CONTRIBUTING.md
│ ├── FUNDING.yml
│ ├── SECURITY.md
│ └── workflows/
│ ├── build.yml
│ ├── coverity.yml
│ └── release.yml
├── .gitignore
├── COPYING
├── ChangeLog.md
├── Makefile.am
├── README.md
├── autogen.sh
├── configure.ac
├── doc/
│ ├── AUTHORS
│ └── TODO.md
├── lib/
│ ├── malloc.c
│ ├── strlcat.c
│ ├── strlcpy.c
│ ├── tempfile.c
│ └── utimensat.c
├── m4/
│ ├── misc.m4
│ └── mroute.m4
├── man/
│ ├── Makefile.am
│ ├── smcroute.conf.5
│ ├── smcroutectl.8
│ └── smcrouted.8
├── smcroute
├── smcroute.conf
├── smcroute.default
├── smcroute.init
├── smcroute.service.in
├── src/
│ ├── Makefile.am
│ ├── cap.c
│ ├── cap.h
│ ├── conf.c
│ ├── conf.h
│ ├── iface.c
│ ├── iface.h
│ ├── inet.c
│ ├── inet.h
│ ├── ip_mroute.h
│ ├── ipc.c
│ ├── ipc.h
│ ├── kern.c
│ ├── kern.h
│ ├── log.c
│ ├── log.h
│ ├── mcgroup.c
│ ├── mcgroup.h
│ ├── mrdisc.c
│ ├── mrdisc.h
│ ├── mroute.c
│ ├── mroute.h
│ ├── msg.c
│ ├── msg.h
│ ├── notify.c
│ ├── notify.h
│ ├── pidfile.c
│ ├── queue.h
│ ├── script.c
│ ├── script.h
│ ├── smcroutectl.c
│ ├── smcrouted.c
│ ├── socket.c
│ ├── socket.h
│ ├── systemd.c
│ ├── timer.c
│ ├── timer.h
│ └── util.h
└── test/
├── .gitignore
├── Makefile.am
├── README.md
├── adv.sh
├── basic.sh
├── batch.sh
├── bridge.sh
├── dyn.sh
├── expire.sh
├── gre.sh
├── include.sh
├── ipv6.sh
├── isolated.sh
├── join.sh
├── joinlen.sh
├── lib.sh
├── lost.sh
├── mem.sh
├── mrcache.sh
├── mrdisc.sh
├── multi.sh
├── poison.sh
├── reload.sh
├── reload6.sh
├── vlan.sh
└── vrfy.sh
SYMBOL INDEX (321 symbols across 35 files)
FILE: lib/strlcat.c
function strlcat (line 29) | size_t
FILE: lib/strlcpy.c
function strlcpy (line 27) | size_t
FILE: lib/tempfile.c
function FILE (line 37) | FILE *tempfile(void)
FILE: lib/utimensat.c
function utimensat (line 27) | int utimensat(int dirfd, const char *pathname, const struct timespec tim...
function main (line 64) | int main(int argc, char *argv[])
FILE: src/cap.c
function whoami (line 40) | static int whoami(const char *user, const char *group, uid_t *uid, gid_t...
function setcaps (line 72) | static int setcaps(cap_value_t cv)
function drop_root (line 94) | static int drop_root(const char *user, uid_t uid, gid_t gid)
function cap_drop_root (line 132) | void cap_drop_root(uid_t uid, gid_t gid)
function cap_set_user (line 142) | void cap_set_user(char *arg, uid_t *uid, gid_t *gid)
FILE: src/conf.c
function match (line 95) | static int match(char *keyword, char *token)
function conf_mgroup (line 106) | int conf_mgroup(struct conf *conf, int cmd, char *iif, char *source, cha...
function conf_mroute (line 162) | int conf_mroute(struct conf *conf, int cmd, char *iif, char *source, cha...
function conf_phyint (line 274) | static int conf_phyint(struct conf *conf, int enable, char *iif, int mrd...
function conf_parse (line 310) | int conf_parse(struct conf *conf, int do_vifs)
function conf_read (line 485) | int conf_read(char *file, int do_vifs)
FILE: src/conf.h
type conf (line 12) | struct conf {
type conf (line 19) | struct conf
type conf (line 20) | struct conf
type conf (line 21) | struct conf
FILE: src/iface.c
function iface_update (line 51) | void iface_update(void)
function iface_init (line 123) | void iface_init(void)
function iface_exit (line 131) | void iface_exit(void)
type iface (line 150) | struct iface
type iface (line 152) | struct iface
type iface (line 171) | struct iface
type iface (line 173) | struct iface
type iface (line 174) | struct iface
type iface (line 210) | struct iface
type iface (line 212) | struct iface
type iface (line 222) | struct iface
type iface (line 224) | struct iface
type iface (line 242) | struct iface
type mroute (line 242) | struct mroute
function iface_match_init (line 256) | void iface_match_init(struct ifmatch *state)
function ifname_is_wildcard (line 268) | int ifname_is_wildcard(const char *ifname)
type iface (line 286) | struct iface
type ifmatch (line 286) | struct ifmatch
type iface (line 297) | struct iface
type iface (line 321) | struct iface
type iface (line 323) | struct iface
type iface (line 333) | struct iface
type mroute (line 333) | struct mroute
type iface (line 335) | struct iface
function vifi_t (line 362) | vifi_t iface_get_vif(int af_family, struct iface *iface)
function vifi_t (line 380) | vifi_t iface_match_vif_by_name(const char *ifname, struct ifmatch *state...
function mifi_t (line 409) | mifi_t iface_match_mif_by_name(const char *ifname, struct ifmatch *state...
function iface_show (line 429) | int iface_show(int sd, int detail)
FILE: src/iface.h
type iface (line 20) | struct iface {
type ifmatch (line 34) | struct ifmatch {
type iface (line 43) | struct iface
type iface (line 44) | struct iface
type mroute (line 44) | struct mroute
type iface (line 46) | struct iface
type iface (line 47) | struct iface
type iface (line 48) | struct iface
type mroute (line 48) | struct mroute
type ifmatch (line 50) | struct ifmatch
type iface (line 51) | struct iface
type ifmatch (line 51) | struct ifmatch
type iface (line 54) | struct iface
type ifmatch (line 55) | struct ifmatch
type iface (line 55) | struct iface
type ifmatch (line 56) | struct ifmatch
type iface (line 56) | struct iface
function iface_exist (line 63) | static inline int iface_exist(char *ifname)
function iface_ifname_maxlen (line 71) | static inline int iface_ifname_maxlen(void)
FILE: src/inet.c
function inet_addr_set (line 22) | void inet_addr_set(inet_addr_t *addr, const struct in_addr *ina)
type in_addr (line 34) | struct in_addr
type sockaddr_in (line 36) | struct sockaddr_in
type sockaddr_in (line 36) | struct sockaddr_in
function inet_addr6_set (line 45) | void inet_addr6_set(inet_addr_t *addr, const struct in6_addr *ina)
type sockaddr_in6 (line 57) | struct sockaddr_in6
type sockaddr_in6 (line 59) | struct sockaddr_in6
type sockaddr_in6 (line 59) | struct sockaddr_in6
function inet_anyaddr (line 68) | void inet_anyaddr(sa_family_t family, inet_addr_t *addr)
function inet_addr_t (line 92) | inet_addr_t inet_netaddr(inet_addr_t *addr, int len)
function inet_addr_cmp (line 132) | int inet_addr_cmp(inet_addr_t *a, inet_addr_t *b)
type sockaddr_in (line 161) | struct sockaddr_in
type sockaddr_in (line 161) | struct sockaddr_in
type sockaddr_in6 (line 165) | struct sockaddr_in6
type sockaddr_in6 (line 165) | struct sockaddr_in6
function inet_str2addr (line 173) | int inet_str2addr(const char *str, inet_addr_t *addr)
function is_multicast (line 208) | int is_multicast(inet_addr_t *addr)
function is_anyaddr (line 222) | int is_anyaddr(inet_addr_t *addr)
function inet_iter_init (line 236) | int inet_iter_init(struct inet_iter *iter, inet_addr_t *addr, int len)
function inet_iterator (line 262) | int inet_iterator(struct inet_iter *iter, inet_addr_t *addr)
function main (line 306) | int main(void)
FILE: src/inet.h
type inet_addr_t (line 37) | typedef struct sockaddr_storage inet_addr_t;
type inet_iter (line 49) | struct inet_iter {
type in_addr (line 57) | struct in_addr
type in_addr (line 58) | struct in_addr
type in6_addr (line 61) | struct in6_addr
type sockaddr_in6 (line 62) | struct sockaddr_in6
type inet_iter (line 76) | struct inet_iter
type inet_iter (line 77) | struct inet_iter
function inet_max_len (line 79) | static inline int inet_max_len (inet_addr_t *addr)
FILE: src/ip_mroute.h
type u_int32_t (line 113) | typedef u_int32_t vifbitmap_t;
type u_short (line 114) | typedef u_short vifi_t;
type vifctl (line 129) | struct vifctl {
type mfcctl (line 145) | struct mfcctl {
type mrtstat (line 155) | struct mrtstat {
type sioc_sg_req (line 174) | struct sioc_sg_req {
type sioc_vif_req (line 185) | struct sioc_vif_req {
type tbf (line 197) | struct tbf
type ifnet (line 198) | struct ifnet
type socket (line 199) | struct socket
type vif (line 200) | struct vif {
type mfc (line 223) | struct mfc {
type igmpmsg (line 241) | struct igmpmsg {
type rtdetq (line 259) | struct rtdetq {
type tbf (line 286) | struct tbf
type sockopt (line 297) | struct sockopt
type socket (line 299) | struct socket
type sockopt (line 299) | struct sockopt
type socket (line 300) | struct socket
type sockopt (line 300) | struct sockopt
type proc (line 305) | struct proc
FILE: src/ipc.c
type sockaddr_un (line 43) | struct sockaddr_un
function ipc_read (line 54) | static void ipc_read(int sd)
function ipc_accept (line 127) | static void ipc_accept(int sd, void *arg)
function ipc_init (line 148) | int ipc_init(char *path)
function ipc_exit (line 187) | void ipc_exit(void)
function ipc_send (line 205) | int ipc_send(int sd, const char *buf, size_t len)
function ipc_receive (line 226) | ssize_t ipc_receive(int sd, char *buf, size_t len, int first_call)
function ipc_parse (line 253) | int ipc_parse(const char *buf, size_t sz, void* msg_buf)
FILE: src/kern.c
type iface (line 48) | struct iface
type mif (line 52) | struct mif {
function group_req (line 68) | static int group_req(int sd, int cmd, struct mcgroup *mcg)
function group_req (line 117) | static int group_req(int sd, int cmd, struct mcgroup *mcg)
function kern_join_leave (line 167) | int kern_join_leave(int sd, int cmd, struct mcgroup *mcg)
function kern_mroute_init (line 189) | int kern_mroute_init(int table_id, void (*cb)(int, void *), void *arg)
function kern_mroute_exit (line 229) | int kern_mroute_exit(void)
function kern_vif_add (line 245) | int kern_vif_add(struct iface *iface)
function kern_vif_del (line 296) | int kern_vif_del(struct iface *iface)
function kern_mroute4 (line 324) | static int kern_mroute4(int cmd, struct mroute *route)
function kern_stats4 (line 364) | static int kern_stats4(struct mroute *route, struct mroute_stats *ms)
function proc_set_val (line 392) | static int proc_set_val(char *file, int val)
function kern_mroute6_init (line 409) | int kern_mroute6_init(int table_id, void (*cb)(int, void *), void *arg)
function kern_mroute6_exit (line 459) | int kern_mroute6_exit(void)
function kern_mif_add (line 475) | int kern_mif_add(struct iface *iface)
function kern_mif_del (line 524) | int kern_mif_del(struct iface *iface)
function kern_mroute6 (line 546) | static int kern_mroute6(int cmd, struct mroute *route)
function kern_stats6 (line 589) | static int kern_stats6(struct mroute *route, struct mroute_stats *ms)
function kern_stats (line 616) | int kern_stats(struct mroute *route, struct mroute_stats *ms)
function kern_mroute_add (line 629) | int kern_mroute_add(struct mroute *route)
function kern_mroute_del (line 642) | int kern_mroute_del(struct mroute *route)
FILE: src/kern.h
type mroute_stats (line 24) | struct mroute_stats {
type mcgroup (line 30) | struct mcgroup
type iface (line 38) | struct iface
type iface (line 39) | struct iface
type iface (line 41) | struct iface
type iface (line 42) | struct iface
type mroute (line 44) | struct mroute
type mroute (line 45) | struct mroute
type mroute (line 47) | struct mroute
type mroute_stats (line 47) | struct mroute_stats
FILE: src/log.c
function loglvl (line 40) | int loglvl(const char *level)
function smclog (line 65) | void smclog(int severity, const char *fmt, ...)
FILE: src/mcgroup.c
type sock_filter (line 57) | struct sock_filter
type sock_fprog (line 61) | struct sock_fprog
type mc_sock (line 75) | struct mc_sock {
function alloc_mc_sock (line 85) | static int alloc_mc_sock(int family)
function free_mc_sock (line 124) | static void free_mc_sock(int sd)
type iface (line 142) | struct iface
type ifmatch (line 142) | struct ifmatch
type iface (line 144) | struct iface
function list_add (line 152) | static void list_add(int sd, struct mcgroup *mcg)
function list_rem (line 168) | static void list_rem(int sd, struct mcgroup *mcg)
function mcgroup_init (line 187) | void mcgroup_init(void)
function mcgroup_exit (line 209) | void mcgroup_exit(void)
type mcgroup (line 224) | struct mcgroup
type mcgroup (line 226) | struct mcgroup
type mcgroup (line 242) | struct mcgroup
type mcgroup (line 242) | struct mcgroup
type mcgroup (line 244) | struct mcgroup
function mcgroup_action (line 260) | int mcgroup_action(int cmd, const char *ifname, inet_addr_t *source, int...
function mcgroup_reload_beg (line 391) | void mcgroup_reload_beg(void)
function mcgroup_reload_end (line 399) | void mcgroup_reload_end(void)
function mcgroup_prune (line 425) | void mcgroup_prune(char *ifname)
function show_mcgroup (line 437) | static int show_mcgroup(int sd, struct mcgroup *entry)
function mcgroup_show (line 472) | int mcgroup_show(int sd, int detail)
FILE: src/mcgroup.h
type mcgroup (line 8) | struct mcgroup {
FILE: src/mrdisc.c
type ifsock (line 60) | struct ifsock {
type ifsock (line 72) | struct ifsock
type ifsock (line 74) | struct ifsock
function in_cksum (line 85) | static unsigned short in_cksum(unsigned short *addr, int len)
function compose_addr (line 116) | static void compose_addr(struct sockaddr_in *sin, char *group)
function inet_send (line 123) | static int inet_send(int sd, uint8_t type, uint8_t interval)
function inet_recv (line 144) | static int inet_recv(int sd, uint8_t interval)
function inet_open (line 166) | static int inet_open(char *ifname)
function inet_close (line 236) | static int inet_close(int sd)
function announce (line 242) | static void announce(struct ifsock *entry)
function mrdisc_init (line 257) | int mrdisc_init(int period)
function mrdisc_exit (line 268) | int mrdisc_exit(void)
function mrdisc_register (line 284) | int mrdisc_register(char *ifname, short vif)
function mrdisc_deregister (line 314) | int mrdisc_deregister(short vif)
function mrdisc_send (line 331) | void mrdisc_send(void *arg)
function mrdisc_recv (line 340) | void mrdisc_recv(int sd, void *arg)
FILE: src/mroute.c
type iface (line 59) | struct iface
type mroute (line 60) | struct mroute
type mroute (line 61) | struct mroute
type mroute (line 61) | struct mroute
type mroute (line 62) | struct mroute
type mroute (line 62) | struct mroute
type mroute (line 63) | struct mroute
type mroute (line 64) | struct mroute
function handle_nocache4 (line 67) | static void handle_nocache4(int sd, void *arg)
function cache_flush (line 153) | static void cache_flush(void *arg)
function mroute4_enable (line 170) | static int mroute4_enable(int do_vifs, int table_id)
function mroute4_disable (line 217) | static void mroute4_disable(void)
function mroute4_prune_vif (line 238) | static void mroute4_prune_vif(int vif)
function mroute4_add_vif (line 259) | static int mroute4_add_vif(struct iface *iface)
function mroute4_del_vif (line 294) | static int mroute4_del_vif(struct iface *iface)
function is_exact_match (line 323) | static int is_exact_match(struct mroute *rule, struct mroute *cand)
function is_match (line 351) | int is_match(struct mroute *rule, struct mroute *cand)
function is_ssm (line 375) | static int is_ssm(struct mroute *route)
type mroute (line 383) | struct mroute
type mroute (line 383) | struct mroute
type mroute (line 385) | struct mroute
type mroute (line 396) | struct mroute
type mroute (line 396) | struct mroute
type mroute (line 398) | struct mroute
function is_active (line 408) | static int is_active(struct mroute *route)
function get_valid_pkt (line 424) | static unsigned long get_valid_pkt(struct mroute *route)
function mroute_expire (line 444) | void mroute_expire(int max_idle)
function mfc_install (line 505) | static int mfc_install(struct mroute *route)
function mfc_uninstall (line 550) | static int mfc_uninstall(struct mroute *route)
function mroute_add_route (line 615) | int mroute_add_route(struct mroute *route)
function mroute_del_route (line 660) | int mroute_del_route(struct mroute *route)
type iface (line 695) | struct iface
function handle_nocache6 (line 701) | static void handle_nocache6(int sd, void *arg)
function mroute6_enable (line 793) | static int mroute6_enable(int do_vifs, int table_id)
function mroute6_disable (line 848) | static void mroute6_disable(void)
function mroute6_prune_mif (line 860) | static void mroute6_prune_mif(int mif)
function mroute6_add_mif (line 881) | static int mroute6_add_mif(struct iface *iface)
function mroute6_del_mif (line 914) | static int mroute6_del_mif(struct iface *iface)
function mroute_dyn_add (line 948) | static int mroute_dyn_add(struct mroute *route)
function mroute_init (line 984) | int mroute_init(int do_vifs, int table_id, int cache_tmo)
function mroute_exit (line 1001) | void mroute_exit(void)
function mroute_add_vif (line 1008) | int mroute_add_vif(char *ifname, uint8_t mrdisc, uint8_t ttl)
function mroute_del_vif (line 1037) | int mroute_del_vif(char *ifname)
function mroute_reload_beg (line 1067) | void mroute_reload_beg(void)
function mroute_reload_end (line 1082) | void mroute_reload_end(int do_vifs)
function show_mroute (line 1108) | static int show_mroute(int sd, struct mroute *r, int inw, int detail)
function has_any_ssm (line 1166) | static int has_any_ssm(void)
function has_any_asm (line 1178) | static int has_any_asm(void)
function mroute_show (line 1191) | int mroute_show(int sd, int detail)
FILE: src/mroute.h
type mifi_t (line 86) | typedef unsigned short mifi_t;
type mroute (line 89) | struct mroute {
type mroute (line 115) | struct mroute
type mroute (line 116) | struct mroute
FILE: src/msg.c
function is_range (line 44) | int is_range(char *arg)
function do_mgroup (line 57) | static int do_mgroup(struct ipc_msg *msg)
function do_mroute (line 76) | static int do_mroute(struct ipc_msg *msg)
function do_show (line 122) | static int do_show(struct ipc_msg *msg, int sd, int detail)
function msg_do (line 145) | int msg_do(int sd, struct ipc_msg *msg)
FILE: src/msg.h
type ipc_msg (line 42) | struct ipc_msg {
type ipc_msg (line 49) | struct ipc_msg
FILE: src/notify.c
function notify_ready (line 27) | void notify_ready(char *pidfn, uid_t uid, gid_t gid)
function notify_reload (line 38) | void notify_reload(void)
FILE: src/pidfile.c
function pidfile_cleanup (line 54) | static void pidfile_cleanup(void)
function pidfile_create (line 63) | int pidfile_create(const char *basename, uid_t uid, gid_t gid)
FILE: src/queue.h
type type (line 175) | struct type
type type (line 250) | struct type
type type (line 330) | struct type
type type (line 410) | struct type
type type (line 419) | struct type
FILE: src/script.c
function handler (line 36) | static void handler(int signo)
function script_init (line 60) | int script_init(char *script)
function script_exec (line 78) | int script_exec(struct mroute *mroute)
FILE: src/script.h
type mroute (line 8) | struct mroute
FILE: src/smcroutectl.c
type arg (line 51) | struct arg {
type ipc_msg (line 87) | struct ipc_msg
type ipc_msg (line 89) | struct ipc_msg
type ipc_msg (line 97) | struct ipc_msg
function get_width (line 122) | static int get_width(void)
function print (line 151) | static void print(char *line, int indent)
function ipc_connect (line 212) | static int ipc_connect(char *path)
function ipc_command (line 247) | static int ipc_command(uint16_t cmd, char *argv[], size_t count)
function usage (line 337) | static int usage(int code)
function version (line 386) | static int version(void)
function parse (line 397) | static int parse(int pos, int argc, char *argv[])
function batch (line 468) | static int batch(void)
function main (line 506) | int main(int argc, char *argv[])
FILE: src/smcrouted.c
function clean (line 75) | static void clean(void)
function reload (line 85) | void reload(void)
function handler (line 106) | static void handler(int signo)
function signal_init (line 120) | static void signal_init(void)
function server_exit (line 133) | static void server_exit(void *arg)
function server_loop (line 140) | static int server_loop(void)
function start_server (line 159) | static int start_server(void)
function cleanup (line 232) | static void cleanup(void)
function compose_paths (line 242) | static int compose_paths(void)
function usage (line 278) | static int usage(int code)
function main (line 362) | int main(int argc, char *argv[])
FILE: src/socket.c
type sock (line 39) | struct sock {
function nfds (line 52) | int nfds(void)
function socket_register (line 60) | int socket_register(int sd, void (*cb)(int, void *), void *arg)
function socket_create (line 89) | int socket_create(int domain, int type, int proto, void (*cb)(int, void ...
function socket_close (line 132) | int socket_close(int sd)
function socket_poll (line 150) | int socket_poll(struct timeval *timeout)
FILE: src/socket.h
type timeval (line 30) | struct timeval
FILE: src/systemd.c
function systemd_notify_ready (line 5) | void systemd_notify_ready(const char *status)
function systemd_notify_reload (line 10) | void systemd_notify_reload(const char *status)
FILE: src/timer.c
type timer (line 39) | struct timer {
function set (line 55) | static void set(struct timer *t, struct timespec *now)
function expired (line 61) | static int expired(struct timer *t, struct timespec *now)
type timer (line 77) | struct timer
type timer (line 77) | struct timer
type timer (line 77) | struct timer
type timer (line 93) | struct timer
type timer (line 95) | struct timer
function start (line 108) | static int start(struct timespec *now)
function run (line 137) | static void run(int sd, void *arg)
function handler (line 165) | static void handler(int signo)
function timer_init (line 175) | int timer_init(void)
function timer_exit (line 204) | void timer_exit(void)
function timer_add (line 222) | int timer_add(int period, void (*cb)(void *), void *arg)
function timer_del (line 257) | int timer_del(void (*cb)(void *), void *arg)
FILE: src/util.h
type timespec (line 25) | struct timespec
Condensed preview — 95 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (456K chars).
[
{
"path": ".github/CONTRIBUTING.md",
"chars": 3308,
"preview": "Contributing to SMCRoute\n========================\n\nThank you for considering contributing back to [Free Software][1]!\n\nT"
},
{
"path": ".github/FUNDING.yml",
"chars": 67,
"preview": "# These are supported funding model platforms\n\ngithub: [troglobit]\n"
},
{
"path": ".github/SECURITY.md",
"chars": 354,
"preview": "# Security Policy\n\n## Supported Versions\n\nSMCRoute is a small project, as such we have no possibility to support older v"
},
{
"path": ".github/workflows/build.yml",
"chars": 2464,
"preview": "name: Bob the Builder\n\n# Run on all branches, including all pull requests, except the 'dev'\n# branch since that's where "
},
{
"path": ".github/workflows/coverity.yml",
"chars": 2731,
"preview": "name: Coverity Scan\n\non:\n push:\n branches:\n - 'dev'\n workflow_dispatch:\n\nenv:\n PROJECT_NAME: smcroute\n CONTA"
},
{
"path": ".github/workflows/release.yml",
"chars": 1297,
"preview": "name: Release General\n\non:\n push:\n tags:\n - '[0-9]+.[0-9]+.[0-9]+'\n\njobs:\n release:\n name: Build and upload"
},
{
"path": ".gitignore",
"chars": 262,
"preview": ".deps\n*~\n*.o\n*.log\n*.status\nID\nGPATH\nGRTAGS\nGSYMS\nGTAGS\nMakefile\nMakefile.in\naclocal.m4\nautom4te.cache\naux/\ncompile\nconf"
},
{
"path": "COPYING",
"chars": 17987,
"preview": "\t\t GNU GENERAL PUBLIC LICENSE\n\t\t Version 2, June 1991\n\n Copyright (C) 1989, 1991 Free Software Foundation, Inc."
},
{
"path": "ChangeLog.md",
"chars": 27718,
"preview": "ChangeLog\n=========\n\nAll notable changes to the project are documented in this file.\n\n\n[v2.5.7][] - 2024-05-09\n---------"
},
{
"path": "Makefile.am",
"chars": 1851,
"preview": "## SMCRoute - A static multicast routing tool -*-Makefile-*-\nACLOCAL_AMFLAGS = -I m4\nSUBDIRS "
},
{
"path": "README.md",
"chars": 15087,
"preview": "SMCRoute - A static multicast routing daemon\n============================================\n[![License Badge][]][License] "
},
{
"path": "autogen.sh",
"chars": 44,
"preview": "#!/bin/sh\n\nautoreconf -W portability -visfm\n"
},
{
"path": "configure.ac",
"chars": 8889,
"preview": "# -*- Autoconf -*-\n# Process this file with autoconf to produce a configur"
},
{
"path": "doc/AUTHORS",
"chars": 668,
"preview": "Authors\n=======\n\nYear: 2001-2005\nAuthor: Carsten Schill <carsten@cschill.de>, original author\nReleases: --> 0.92\nU"
},
{
"path": "doc/TODO.md",
"chars": 5220,
"preview": "\nRefactor MRDISC Support\n-----------------------\n\nThe current MRDISC implementation is fragile (see issue #175 for an\nex"
},
{
"path": "lib/malloc.c",
"chars": 280,
"preview": "#if HAVE_CONFIG_H\n# include <config.h>\n#endif\n#undef malloc\n\n#include <sys/types.h>\n\nvoid *malloc ();\n\n/*\n * Allocate an"
},
{
"path": "lib/strlcat.c",
"chars": 1746,
"preview": "/*\t$OpenBSD: strlcat.c,v 1.15 2015/03/02 21:41:08 millert Exp $\t*/\n\n/*\n * Copyright (c) 1998, 2015 Todd C. Miller <Todd."
},
{
"path": "lib/strlcpy.c",
"chars": 1599,
"preview": "/*\t$OpenBSD: strlcpy.c,v 1.12 2015/01/15 03:54:12 millert Exp $\t*/\n\n/*\n * Copyright (c) 1998, 2015 Todd C. Miller <Todd."
},
{
"path": "lib/tempfile.c",
"chars": 2099,
"preview": "/* A secure tmpfile() replacement.\n *\n * Copyright (c) 2015-2020 Joachim Wiberg <troglobit@gmail.com>\n *\n * Permission "
},
{
"path": "lib/utimensat.c",
"chars": 2139,
"preview": "/* Replacement in case utimensat(2) is missing\n *\n * Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n *"
},
{
"path": "m4/misc.m4",
"chars": 790,
"preview": "# Misc. helper macros\n\nAC_DEFUN([AC_CHECK_SUN_LEN],[\n\tAC_MSG_CHECKING(for sun_len member in struct sockaddr_un)\n\tAC_COMP"
},
{
"path": "m4/mroute.m4",
"chars": 3282,
"preview": "# Macros to probe for multicast headers and IPv4/IPv6 support\n\nAC_DEFUN([AC_CHECK_MROUTE_HEADERS],[\n\tAC_CHECK_HEADERS([l"
},
{
"path": "man/Makefile.am",
"chars": 76,
"preview": "dist_man5_MANS = smcroute.conf.5\ndist_man8_MANS = smcrouted.8 smcroutectl.8\n"
},
{
"path": "man/smcroute.conf.5",
"chars": 8680,
"preview": ".\\\" -*- nroff -*-\n.Dd August 15, 2021\n.Dt SMCROUTE.CONF 5\n.Os\n.Sh NAME\n.Nm smcroute.conf\n.Nd smcrouted configuration fi"
},
{
"path": "man/smcroutectl.8",
"chars": 6728,
"preview": ".\\\" -*- nroff -*-\n.Dd November 28, 2021\n.Dt SMCROUTECTL 8 SMM\n.Os\n.Sh NAME\n.Nm smcroutectl\n.Nd Control and status tool "
},
{
"path": "man/smcrouted.8",
"chars": 18149,
"preview": ".\\\" -*- nroff -*-\n.Dd November 28, 2021\n.Dt SMCROUTED 8 SMM\n.Os\n.Sh NAME\n.Nm smcrouted\n.Nd SMCRoute, a static multicast"
},
{
"path": "smcroute",
"chars": 1455,
"preview": "#!/bin/sh\n# Compatibility wrapper for users with old startup scripts\n# Written by Joachim Wiberg, placed in the public d"
},
{
"path": "smcroute.conf",
"chars": 2783,
"preview": "#\n# smcroute.conf example\n#\n# The configuration file supports joining multicast groups, to use\n# Layer-2 signaling so th"
},
{
"path": "smcroute.default",
"chars": 24,
"preview": "SMCROUTED_OPTS=-l debug\n"
},
{
"path": "smcroute.init",
"chars": 2038,
"preview": "#!/bin/sh\n#\n### BEGIN INIT INFO\n# Provides: smcroute\n# Required-Start: $syslog $local_fs $network $remote_fs"
},
{
"path": "smcroute.service.in",
"chars": 633,
"preview": "[Unit]\nDescription=Static multicast routing daemon\nDocumentation=man:smcrouted\nDocumentation=man:smcroute.conf\nDocumenta"
},
{
"path": "src/Makefile.am",
"chars": 1184,
"preview": "AUTOMAKE_OPTIONS = subdir-objects\n\nsbin_PROGRAMS\t = smcrouted smcroutectl\nsmcrouted_SOURCES = smcrouted.c con"
},
{
"path": "src/cap.c",
"chars": 3885,
"preview": "/* Daemon capability API\n *\n * Copyright (C) 2016 Markus Palonen <markus.palonen@gmail.com>\n * Copyright (C) 2016-"
},
{
"path": "src/cap.h",
"chars": 373,
"preview": "/* Daemon capability API */\n#ifndef SMCROUTE_CAP_H_\n#define SMCROUTE_CAP_H_\n\n#include \"config.h\"\n\n#ifdef ENABLE_LIBCAP\nv"
},
{
"path": "src/conf.c",
"chars": 11911,
"preview": "/* Simple .conf file parser for smcroute\n *\n * Copyright (C) 2011-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * Permi"
},
{
"path": "src/conf.h",
"chars": 650,
"preview": "#ifndef SMCROUTE_CONF_H_\n#define SMCROUTE_CONF_H_\n\n#include \"config.h\"\n\n#define EMPTY 0\n#define MGROUP 1\n#define MROU"
},
{
"path": "src/iface.c",
"chars": 11196,
"preview": "/* Physical and virtual interface API\n *\n * Copyright (C) 2001-2005 Carsten Schill <carsten@cschill.de>\n * Copyright (C"
},
{
"path": "src/iface.h",
"chars": 2484,
"preview": "/* Physical and virtual interface API */\n#ifndef SMCROUTE_IFACE_H_\n#define SMCROUTE_IFACE_H_\n\n#include \"config.h\"\n\n#incl"
},
{
"path": "src/inet.c",
"chars": 8037,
"preview": "/* Housekeeping IPv4/IPv6 wrapper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * Th"
},
{
"path": "src/inet.h",
"chars": 2767,
"preview": "/* Housekeeping IPv4/IPv6 wrapper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * Th"
},
{
"path": "src/ip_mroute.h",
"chars": 11746,
"preview": "/* Imported from Apple XNU sources, 2050.18.24\n * https://opensource.apple.com/source/xnu/xnu-2050.18.24/bsd/netinet/ip_"
},
{
"path": "src/ipc.c",
"chars": 7552,
"preview": "/* Daemon IPC API\n *\n * Copyright (C) 2001-2005 Carsten Schill <carsten@cschill.de>\n * Copyright (C) 2006-2009 Julien "
},
{
"path": "src/ipc.h",
"chars": 457,
"preview": "/* Daemon IPC API */\n#ifndef SMCROUTE_IPC_H_\n#define SMCROUTE_IPC_H_\n\n#include \"config.h\"\n\nint ipc_init (char *path"
},
{
"path": "src/kern.c",
"chars": 16265,
"preview": "/* Kernel API for join/leave multicast groups and add/del routes\n *\n * Copyright (C) 2011-2021 Joachim Wiberg <troglobi"
},
{
"path": "src/kern.h",
"chars": 1708,
"preview": "/* Kernel API for join/leave multicast groups and add/del routes\n *\n * Copyright (C) 2011-2021 Joachim Wiberg <troglobi"
},
{
"path": "src/log.c",
"chars": 2271,
"preview": "/* System logging API\n *\n * Copyright (C) 2011-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * This program is free sof"
},
{
"path": "src/log.h",
"chars": 259,
"preview": "/* System logging API */\n#ifndef SMCROUTE_LOG_H_\n#define SMCROUTE_LOG_H_\n\n#include <syslog.h>\n\nextern int log_level;\nex"
},
{
"path": "src/mcgroup.c",
"chars": 12053,
"preview": "/* Multicast group management (join/leave) API\n *\n * Copyright (C) 2001-2005 Carsten Schill <carsten@cschill.de>\n * Cop"
},
{
"path": "src/mcgroup.h",
"chars": 826,
"preview": "/* IGMP/MLD group subscription API */\n#ifndef SMCROUTE_MCGROUP_H_\n#define SMCROUTE_MCGROUP_H_\n\n#include \"inet.h\"\n#includ"
},
{
"path": "src/mrdisc.c",
"chars": 8790,
"preview": "/* Multicast Router Discovery Protocol, RFC4286 (IPv4 only)\n *\n * Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gma"
},
{
"path": "src/mrdisc.h",
"chars": 1610,
"preview": "/* Multicast Router Discovery Protocol, RFC4286 (IPv4 only)\n *\n * Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gma"
},
{
"path": "src/mroute.c",
"chars": 30798,
"preview": "/* Generic kernel multicast routing API for Linux and *BSD\n *\n * Copyright (C) 2001-2005 Carsten Schill <carsten@cschil"
},
{
"path": "src/mroute.h",
"chars": 2786,
"preview": "/* Generic kernel multicast routing API for Linux and *BSD */\n#ifndef SMCROUTE_MROUTE_H_\n#define SMCROUTE_MROUTE_H_\n\n#in"
},
{
"path": "src/msg.c",
"chars": 3839,
"preview": "/* IPC command parser and builder for daemon and client\n *\n * Copyright (C) 2011-2021 Joachim Wiberg <troglobit@gmail.c"
},
{
"path": "src/msg.h",
"chars": 1648,
"preview": "/* SMCRoute IPC API\n *\n * Multicast routes:\n *\n * add eth0 [1.1.1.1] 239.1.1.1 eth1 eth2\n *\n * +----+-----+---+--------"
},
{
"path": "src/notify.c",
"chars": 1456,
"preview": "/* generic service monitor backend\n *\n * Copyright (C) 2019-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * This progra"
},
{
"path": "src/notify.h",
"chars": 454,
"preview": "/* Wrappers for different service monitors */\n#ifndef SMCROUTE_NOTIFY_H_\n#define SMCROUTE_NOTIFY_H_\n\n#include \"config.h\""
},
{
"path": "src/pidfile.c",
"chars": 3864,
"preview": "/*\tUpdated by troglobit for libite/finit/uftpd/smcroute projects 2016/07/04 */\n/*\t$OpenBSD: pidfile.c,v 1.11 2015/06/03 "
},
{
"path": "src/queue.h",
"chars": 18321,
"preview": "/*\t$OpenBSD: queue.h,v 1.43 2015/12/28 19:38:40 millert Exp $\t*/\n/*\t$NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft "
},
{
"path": "src/script.c",
"chars": 2813,
"preview": "/* Run script when a (*,G) group is matched and installed in the kernel\n *\n * Copyright (C) 2011-2021 Joachim Wiberg <t"
},
{
"path": "src/script.h",
"chars": 208,
"preview": "/* SMCRoute script API */\n#ifndef SMCROUTE_SCRIPT_H_\n#define SMCROUTE_SCRIPT_H_\n\n#include \"mroute.h\"\n\nint script_init (c"
},
{
"path": "src/smcroutectl.c",
"chars": 11875,
"preview": "/* Client for smcrouted, not needed if only using smcroute.conf\n *\n * Copyright (C) 2011-2021 Joachim Wiberg <troglobit"
},
{
"path": "src/smcrouted.c",
"chars": 11465,
"preview": "/* Static multicast routing daemon\n *\n * Copyright (C) 2011-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * This progra"
},
{
"path": "src/socket.c",
"chars": 4139,
"preview": "/* Socket helper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * This program is fre"
},
{
"path": "src/socket.h",
"chars": 1190,
"preview": "/* Helper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * This program is free softw"
},
{
"path": "src/systemd.c",
"chars": 331,
"preview": "/* systemd service monitor backend */\n#include <unistd.h>\n#include <systemd/sd-daemon.h>\n\nvoid systemd_notify_ready(cons"
},
{
"path": "src/timer.c",
"chars": 5696,
"preview": "/* Timer helper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * This program is free"
},
{
"path": "src/timer.h",
"chars": 1059,
"preview": "/* Timer helper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg <troglobit@gmail.com>\n *\n * This program is free"
},
{
"path": "src/util.h",
"chars": 1117,
"preview": "/* Utilitity and replacement functions */\n#ifndef SMCROUTE_UTIL_H_\n#define SMCROUTE_UTIL_H_\n\n#include \"config.h\"\n#includ"
},
{
"path": "test/.gitignore",
"chars": 34,
"preview": "*.conf\n*.ip\n*.trs\n*.result\n*.pcap\n"
},
{
"path": "test/Makefile.am",
"chars": 1063,
"preview": "EXTRA_DIST = adv.sh basic.sh batch.sh bridge.sh dyn.sh expire.sh gre.sh ipv6.sh\nEXTRA_DIST += include.sh "
},
{
"path": "test/README.md",
"chars": 11036,
"preview": "Module Tests\n============\n\nThe following tests verify fundamental functionality of SMCRoute when\n`configure --enable-tes"
},
{
"path": "test/adv.sh",
"chars": 2287,
"preview": "#!/bin/sh\n# Verify stop-filter to SSM transition by adding *,G/LEN routes\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(di"
},
{
"path": "test/basic.sh",
"chars": 2699,
"preview": "#!/bin/sh\n# Verifies IPv4 (S,G) and (*,G) rules by injecting frames on one\n# interface and verifying reception on anothe"
},
{
"path": "test/batch.sh",
"chars": 1194,
"preview": "#!/bin/sh\n# Verify batch mode, we just want to see the daemon accepting the\n# batched commands.\n\n# shellcheck source=/de"
},
{
"path": "test/bridge.sh",
"chars": 1581,
"preview": "#!/bin/sh\n# Verifies (*,G) routing between VLANs on top of a VLAN filtering bridge\n# with bridge ports as VETH interface"
},
{
"path": "test/dyn.sh",
"chars": 3215,
"preview": "#!/bin/sh\n# Verifies (*,G/LEN) and (S/LEN,G) routing by injecting frames on one\n# interface and verifying reception on a"
},
{
"path": "test/expire.sh",
"chars": 1897,
"preview": "#!/bin/sh\n# Verifies IPv4 and IPv6 (*,G) => learned (S,G) flushing\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \""
},
{
"path": "test/gre.sh",
"chars": 3534,
"preview": "#!/bin/sh\n# Verify multicast routing between two routers over a GRE tunnel\n#\n# netns: host1 "
},
{
"path": "test/include.sh",
"chars": 2338,
"preview": "#!/bin/sh\n# Verifies .conf include statement\n#set -x\n\nactivate()\n{\n if [ -f /tmp/$NM/pid ]; then\n\t../src/smcroutectl "
},
{
"path": "test/ipv6.sh",
"chars": 2977,
"preview": "#!/bin/sh\n# Verifies IPv6 (S,G) and (*,G) rules, both from .conf file and IPC, by\n# injecting frames on one interface an"
},
{
"path": "test/isolated.sh",
"chars": 1417,
"preview": "#!/bin/sh\n# Verifies (*,G) routing between two emulated end devices.\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname"
},
{
"path": "test/join.sh",
"chars": 5487,
"preview": "#!/bin/sh\n# Verify join/leave multicast groups for both IPv4 and IPv6\n# a1 will be used to verify SSM and a2 to verify A"
},
{
"path": "test/joinlen.sh",
"chars": 4027,
"preview": "#!/bin/sh\n\n# only checking for a sample in each range\ncheck_output()\n{\n print \"Verifying ...\"\n if [ -n \"$1\" ]; the"
},
{
"path": "test/lib.sh",
"chars": 8660,
"preview": "#!/bin/sh\n\n# Test name, used everywhere as /tmp/$NM/foo\nNM=$(basename \"$0\" .sh)\n\n# Print heading for test phases\nprint()"
},
{
"path": "test/lost.sh",
"chars": 2279,
"preview": "#!/bin/sh\n# Verify handling when IIF for an (S,G) is changed or lost\n\n#set -x\n\ncheck_output()\n{\n echo \"ip mroute:\"\n "
},
{
"path": "test/mem.sh",
"chars": 1824,
"preview": "#!/bin/sh\n# Check for memory leaks with valgrind, should cover the basic use-cases\n# with a .conf file, reloading said ."
},
{
"path": "test/mrcache.sh",
"chars": 2303,
"preview": "#!/bin/sh\n# Verifies both IPv4 and IPv6 (S,G) add, including remove route via IPC bites in kernel.\n# Twist: uses only on"
},
{
"path": "test/mrdisc.sh",
"chars": 884,
"preview": "#!/bin/sh\n# Verifies IPv4 mrdisc messages on all interfaces it is enabled on\n# Runs for two intervals to ensure interval"
},
{
"path": "test/multi.sh",
"chars": 4339,
"preview": "#!/bin/sh\n# Verify interop between multiple routers and 1:1 NAT. Same subnet and\n# source IP of multicast emitters.\n#\n#"
},
{
"path": "test/poison.sh",
"chars": 2185,
"preview": "#!/bin/sh\n# Verify stop-filter, or \"poison pill\", routes for non-matching routes,\n# and that they do not affect flows fr"
},
{
"path": "test/reload.sh",
"chars": 2150,
"preview": "#!/bin/sh\n# Verifies SIGHUP/reload functionality\n# XXX: add group verification as well\n#set -x\n\ncheck_output()\n{\n ech"
},
{
"path": "test/reload6.sh",
"chars": 2097,
"preview": "#!/bin/sh\n# Verifies SIGHUP/reload functionality\n# XXX: add group verification as well\n#set -x\n\ncheck_output()\n{\n ip "
},
{
"path": "test/vlan.sh",
"chars": 2240,
"preview": "#!/bin/sh\n# Verify IPv4 (*,G) routing on top of VLAN interfaces\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\""
},
{
"path": "test/vrfy.sh",
"chars": 764,
"preview": "#!/bin/sh\n# Limited verifier of the smcrouted .conf file checker\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.s"
}
]
About this extraction
This page contains the full source code of the troglobit/smcroute GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 95 files (414.1 KB), approximately 128.2k tokens, and a symbol index with 321 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.