[ { "path": ".github/CONTRIBUTING.md", "content": "Contributing to SMCRoute\n========================\n\nThank you for considering contributing back to [Free Software][1]!\n\nThere are a few things we would like you to consider when filing an\nissue or pull request with this project:\n\n1. If you are filing a bug report or feature request\n\n Please take the time to check if an issue already has been filed\n matching your problem\n\n2. What version are you running, have you tried the latest release?\n\n UNIX distributions often package and test software for their\n particular brand. If you are using a pre-packaged version,\n then please file a bug with that distribution instead.\n\n3. Coding Style\n\n Lines are allowed to be longer than 72 characters these days, there\n is no enforced max. length. \n \n> **Tip:** Always submit code that follows the style of surrounding code!\n\n The coding style itself is strictly Linux [KNF][], like GIT it is\n becoming a de facto standard for C programming\n\n https://www.kernel.org/doc/Documentation/CodingStyle\n\n4. Logical Change Sets\n\n Changes should be broken down into logical units that add a feature\n or fix a bug. Keep changes separate from each other and do not mix a\n bug fix with a whitespace cleanup or a new feature addition.\n\n This is important not only for readilibity, or for the possibility of\n maintainers to revert changes, but does also increase your chances of\n having a change accepted.\n\n5. Commit messages\n\n Commit messages exist to track *why* a change was made. Try to be as\n clear and concise as possible in your commit messages, and always, be\n proud of your work and set up a proper GIT identity for your commits:\n\n git config --global user.name \"J. Random Hacker\"\n git config --global user.email random.j.hacker@example.com\n\n See this helpful guide for how to write simple, readable commit\n messages, or have at least a look at the below example.\n \n http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html\n\n\nExample\n-------\n\nExample commit message from the [Pro Git][gitbook] online book, notice\nhow `git commit -s` is used to automatically add a `Signed-off-by`:\n\n Capitalized, short (50 chars or less) summary\n \n More detailed explanatory text, if necessary. Wrap it to about 72\n characters or so. In some contexts, the first line is treated as the\n subject of an email and the rest of the text as the body. The blank\n line separating the summary from the body is critical (unless you omit\n the body entirely); tools like rebase can get confused if you run the\n two together.\n \n Write your commit message in the imperative: \"Fix bug\" and not \"Fixed bug\"\n or \"Fixes bug.\" This convention matches up with commit messages generated\n by commands like git merge and git revert.\n \n Further paragraphs come after blank lines.\n \n - Bullet points are okay, too\n \n - Typically a hyphen or asterisk is used for the bullet, followed by a\n single space, with blank lines in between, but conventions vary here\n \n - Use a hanging indent\n \n Signed-off-by: J. Random Hacker \n\n\n[1]: http://www.gnu.org/philosophy/free-sw.en.html\n[KNF]: https://en.wikipedia.org/wiki/Kernel_Normal_Form\n[gitbook]: https://git-scm.com/book/ch5-2.html\n" }, { "path": ".github/FUNDING.yml", "content": "# These are supported funding model platforms\n\ngithub: [troglobit]\n" }, { "path": ".github/SECURITY.md", "content": "# Security Policy\n\n## Supported Versions\n\nSMCRoute is a small project, as such we have no possibility to support older versions.\nThe only supported version is the latest released on GitHub:\n\n\n\n## Reporting a Vulnerability\n\nContact the project's main author and owner to report and discuss vulnerabilities.\n" }, { "path": ".github/workflows/build.yml", "content": "name: Bob the Builder\n\n# Run on all branches, including all pull requests, except the 'dev'\n# branch since that's where we run Coverity Scan (limited tokens/day)\non:\n push:\n branches:\n - '**'\n - '!dev'\n pull_request:\n branches:\n - '**'\n\njobs:\n build:\n # Verify we can build on latest Ubuntu with both gcc and clang\n name: ${{ matrix.compiler }}\n runs-on: ubuntu-latest\n strategy:\n matrix:\n compiler: [gcc, clang]\n fail-fast: false\n env:\n MAKEFLAGS: -j3\n CC: ${{ matrix.compiler }}\n steps:\n - name: Install dependencies\n run: |\n sudo modprobe ip_gre\n sudo apt-get -y update\n sudo apt-get -y install pkg-config libsystemd-dev libcap-dev tshark iptables valgrind\n - uses: actions/checkout@v6\n - name: Configure\n # Build in a sub-directory so we can safely set a+w on all\n # directories. Needed for `make check` since it runs with\n # root dropped and wants to write .trs and .log files.\n run: |\n set -x\n OPTS=\"--cache-file=/tmp/config.cache --prefix= --enable-mrdisc --enable-test\"\n ./autogen.sh\n if [ \"$CC\" = \"clang\" ]; then\n compat_valgrind=\"-gdwarf-4\"\n fi\n ./configure $OPTS CFLAGS=\"$compat_valgrind\"\n make dist && archive=$(ls *.tar.gz)\n if [ -n \"$archive\" -a -f \"$archive\" ]; then\n tar xf \"$archive\"\n dir=$(echo \"$archive\" |rev |cut -f3- -d. |rev)\n cd \"$dir\"\n fi\n mkdir -p .build/dir\n cd .build/dir\n ../../configure $OPTS CFLAGS=\"$compat_valgrind\"\n chmod -R a+w .\n - name: Build\n run: |\n make\n - name: Install to ~/tmp and Inspect\n run: |\n DESTDIR=~/tmp make install-strip\n tree ~/tmp\n ldd ~/tmp/sbin/smcrouted\n size ~/tmp/sbin/smcrouted\n ldd ~/tmp/sbin/smcroutectl\n size ~/tmp/sbin/smcroutectl\n ~/tmp/sbin/smcrouted -h\n ~/tmp/sbin/smcroutectl -h\n - name: Enable unprivileged userns (unshare)\n run: |\n sudo sysctl kernel.apparmor_restrict_unprivileged_userns=0\n - name: Run Unit Tests\n run: |\n make check || (cat test/test-suite.log; false)\n - name: Upload Test Results\n uses: actions/upload-artifact@v7\n with:\n name: smcroute-test-${{ matrix.compiler }}\n path: test/*\n" }, { "path": ".github/workflows/coverity.yml", "content": "name: Coverity Scan\n\non:\n push:\n branches:\n - 'dev'\n workflow_dispatch:\n\nenv:\n PROJECT_NAME: smcroute\n CONTACT_EMAIL: troglobit@gmail.com\n COVERITY_NAME: troglobit-smcroute\n COVERITY_PROJ: troglobit%2Fsmcroute\n\njobs:\n coverity:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v6\n - name: Fetch latest Coverity Scan MD5\n id: var\n env:\n TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}\n run: |\n wget -q https://scan.coverity.com/download/cxx/linux64 \\\n --post-data \"token=$TOKEN&project=${COVERITY_PROJ}&md5=1\" \\\n -O coverity-latest.tar.gz.md5\n echo \"md5=$(cat coverity-latest.tar.gz.md5)\" | tee -a $GITHUB_OUTPUT\n - uses: actions/cache@v5\n id: cache\n with:\n path: coverity-latest.tar.gz\n key: ${{ runner.os }}-coverity-${{ steps.var.outputs.md5 }}\n restore-keys: |\n ${{ runner.os }}-coverity-${{ steps.var.outputs.md5 }}\n ${{ runner.os }}-coverity-\n ${{ runner.os }}-coverity\n - name: Download Coverity Scan\n env:\n TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}\n run: |\n if [ ! -f coverity-latest.tar.gz ]; then\n wget -q https://scan.coverity.com/download/cxx/linux64 \\\n --post-data \"token=$TOKEN&project=${COVERITY_PROJ}\" \\\n -O coverity-latest.tar.gz\n else\n echo \"Latest Coverity Scan available from cache :-)\"\n md5sum coverity-latest.tar.gz\n fi\n mkdir coverity\n tar xzf coverity-latest.tar.gz --strip 1 -C coverity\n - name: Install dependencies\n run: |\n sudo apt-get -y update\n sudo apt-get -y install pkg-config libsystemd-dev libcap-dev\n - name: Configure\n run: |\n ./autogen.sh\n ./configure --prefix= --enable-mrdisc\n - name: Build\n run: |\n export PATH=`pwd`/coverity/bin:$PATH\n cov-build --dir cov-int make\n - name: Submit results to Coverity Scan\n env:\n TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}\n run: |\n tar czvf ${PROJECT_NAME}.tgz cov-int\n curl \\\n --form project=${COVERITY_NAME} \\\n --form token=$TOKEN \\\n --form email=${CONTACT_EMAIL} \\\n --form file=@${PROJECT_NAME}.tgz \\\n --form version=trunk \\\n --form description=\"${PROJECT_NAME} $(git rev-parse HEAD)\" \\\n https://scan.coverity.com/builds?project=${COVERITY_PROJ}\n - name: Upload build.log\n uses: actions/upload-artifact@v7\n with:\n name: coverity-build.log\n path: cov-int/build-log.txt\n" }, { "path": ".github/workflows/release.yml", "content": "name: Release General\n\non:\n push:\n tags:\n - '[0-9]+.[0-9]+.[0-9]+'\n\njobs:\n release:\n name: Build and upload release tarball\n if: startsWith(github.ref, 'refs/tags/')\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v6\n - name: Installing dependencies ...\n run: |\n sudo modprobe ip_gre\n sudo apt-get -y update\n sudo apt-get -y install pkg-config libsystemd-dev libcap-dev tshark iptables valgrind\n - name: Creating Makefiles ...\n run: |\n ./autogen.sh\n ./configure --prefix= --enable-mrdisc --enable-test\n - name: Enable unprivileged userns (unshare)\n run: |\n sudo sysctl kernel.apparmor_restrict_unprivileged_userns=0\n - name: Build release ...\n run: |\n make release || (cat test/test-suite.log; false)\n ls -lF ../\n mkdir -p artifacts/\n mv ../*.tar.* artifacts/\n - name: Extract ChangeLog entry ...\n run: |\n awk '/-----*/{if (x == 1) exit; x=1;next}x' ChangeLog.md \\\n |head -n -1 > release.md\n cat release.md\n - uses: ncipollo/release-action@v1\n with:\n name: SMCRoute v${{ github.ref_name }}\n bodyFile: \"release.md\"\n artifacts: \"artifacts/*\"\n" }, { "path": ".gitignore", "content": ".deps\n*~\n*.o\n*.log\n*.status\nID\nGPATH\nGRTAGS\nGSYMS\nGTAGS\nMakefile\nMakefile.in\naclocal.m4\nautom4te.cache\naux/\ncompile\nconfig.h\nconfig.h.in\nconfigure\ndepcomp\ninstall-sh\nmcsender\nmissing\nsmcrouted\nsmcroutectl\nsmcroute.service\nstamp-h1\n*.tar.*\n.dirstamp\n.gdb_history\n" }, { "path": "COPYING", "content": "\t\t GNU GENERAL PUBLIC LICENSE\n\t\t Version 2, June 1991\n\n Copyright (C) 1989, 1991 Free Software Foundation, Inc.,\n 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA\n Everyone is permitted to copy and distribute verbatim copies\n of this license document, but changing it is not allowed.\n\n\t\t\t Preamble\n\n The licenses for most software are designed to take away your\nfreedom to share and change it. By contrast, the GNU General Public\nLicense is intended to guarantee your freedom to share and change free\nsoftware--to make sure the software is free for all its users. This\nGeneral Public License applies to most of the Free Software\nFoundation's software and to any other program whose authors commit to\nusing it. (Some other Free Software Foundation software is covered by\nthe GNU Lesser General Public License instead.) You can apply it to\nyour programs, too.\n\n When we speak of free software, we are referring to freedom, not\nprice. Our General Public Licenses are designed to make sure that you\nhave the freedom to distribute copies of free software (and charge for\nthis service if you wish), that you receive source code or can get it\nif you want it, that you can change the software or use pieces of it\nin new free programs; and that you know you can do these things.\n\n To protect your rights, we need to make restrictions that forbid\nanyone to deny you these rights or to ask you to surrender the rights.\nThese restrictions translate to certain responsibilities for you if you\ndistribute copies of the software, or if you modify it.\n\n For example, if you distribute copies of such a program, whether\ngratis or for a fee, you must give the recipients all the rights that\nyou have. You must make sure that they, too, receive or can get the\nsource code. And you must show them these terms so they know their\nrights.\n\n We protect your rights with two steps: (1) copyright the software, and\n(2) offer you this license which gives you legal permission to copy,\ndistribute and/or modify the software.\n\n Also, for each author's protection and ours, we want to make certain\nthat everyone understands that there is no warranty for this free\nsoftware. If the software is modified by someone else and passed on, we\nwant its recipients to know that what they have is not the original, so\nthat any problems introduced by others will not reflect on the original\nauthors' reputations.\n\n Finally, any free program is threatened constantly by software\npatents. We wish to avoid the danger that redistributors of a free\nprogram will individually obtain patent licenses, in effect making the\nprogram proprietary. To prevent this, we have made it clear that any\npatent must be licensed for everyone's free use or not licensed at all.\n\n The precise terms and conditions for copying, distribution and\nmodification follow.\n\n\t\t GNU GENERAL PUBLIC LICENSE\n TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION\n\n 0. This License applies to any program or other work which contains\na notice placed by the copyright holder saying it may be distributed\nunder the terms of this General Public License. The \"Program\", below,\nrefers to any such program or work, and a \"work based on the Program\"\nmeans either the Program or any derivative work under copyright law:\nthat is to say, a work containing the Program or a portion of it,\neither verbatim or with modifications and/or translated into another\nlanguage. (Hereinafter, translation is included without limitation in\nthe term \"modification\".) Each licensee is addressed as \"you\".\n\nActivities other than copying, distribution and modification are not\ncovered by this License; they are outside its scope. The act of\nrunning the Program is not restricted, and the output from the Program\nis covered only if its contents constitute a work based on the\nProgram (independent of having been made by running the Program).\nWhether that is true depends on what the Program does.\n\n 1. You may copy and distribute verbatim copies of the Program's\nsource code as you receive it, in any medium, provided that you\nconspicuously and appropriately publish on each copy an appropriate\ncopyright notice and disclaimer of warranty; keep intact all the\nnotices that refer to this License and to the absence of any warranty;\nand give any other recipients of the Program a copy of this License\nalong with the Program.\n\nYou may charge a fee for the physical act of transferring a copy, and\nyou may at your option offer warranty protection in exchange for a fee.\n\n 2. You may modify your copy or copies of the Program or any portion\nof it, thus forming a work based on the Program, and copy and\ndistribute such modifications or work under the terms of Section 1\nabove, provided that you also meet all of these conditions:\n\n a) You must cause the modified files to carry prominent notices\n stating that you changed the files and the date of any change.\n\n b) You must cause any work that you distribute or publish, that in\n whole or in part contains or is derived from the Program or any\n part thereof, to be licensed as a whole at no charge to all third\n parties under the terms of this License.\n\n c) If the modified program normally reads commands interactively\n when run, you must cause it, when started running for such\n interactive use in the most ordinary way, to print or display an\n announcement including an appropriate copyright notice and a\n notice that there is no warranty (or else, saying that you provide\n a warranty) and that users may redistribute the program under\n these conditions, and telling the user how to view a copy of this\n License. (Exception: if the Program itself is interactive but\n does not normally print such an announcement, your work based on\n the Program is not required to print an announcement.)\n\nThese requirements apply to the modified work as a whole. If\nidentifiable sections of that work are not derived from the Program,\nand can be reasonably considered independent and separate works in\nthemselves, then this License, and its terms, do not apply to those\nsections when you distribute them as separate works. But when you\ndistribute the same sections as part of a whole which is a work based\non the Program, the distribution of the whole must be on the terms of\nthis License, whose permissions for other licensees extend to the\nentire whole, and thus to each and every part regardless of who wrote it.\n\nThus, it is not the intent of this section to claim rights or contest\nyour rights to work written entirely by you; rather, the intent is to\nexercise the right to control the distribution of derivative or\ncollective works based on the Program.\n\nIn addition, mere aggregation of another work not based on the Program\nwith the Program (or with a work based on the Program) on a volume of\na storage or distribution medium does not bring the other work under\nthe scope of this License.\n\n 3. You may copy and distribute the Program (or a work based on it,\nunder Section 2) in object code or executable form under the terms of\nSections 1 and 2 above provided that you also do one of the following:\n\n a) Accompany it with the complete corresponding machine-readable\n source code, which must be distributed under the terms of Sections\n 1 and 2 above on a medium customarily used for software interchange; or,\n\n b) Accompany it with a written offer, valid for at least three\n years, to give any third party, for a charge no more than your\n cost of physically performing source distribution, a complete\n machine-readable copy of the corresponding source code, to be\n distributed under the terms of Sections 1 and 2 above on a medium\n customarily used for software interchange; or,\n\n c) Accompany it with the information you received as to the offer\n to distribute corresponding source code. (This alternative is\n allowed only for noncommercial distribution and only if you\n received the program in object code or executable form with such\n an offer, in accord with Subsection b above.)\n\nThe source code for a work means the preferred form of the work for\nmaking modifications to it. For an executable work, complete source\ncode means all the source code for all modules it contains, plus any\nassociated interface definition files, plus the scripts used to\ncontrol compilation and installation of the executable. However, as a\nspecial exception, the source code distributed need not include\nanything that is normally distributed (in either source or binary\nform) with the major components (compiler, kernel, and so on) of the\noperating system on which the executable runs, unless that component\nitself accompanies the executable.\n\nIf distribution of executable or object code is made by offering\naccess to copy from a designated place, then offering equivalent\naccess to copy the source code from the same place counts as\ndistribution of the source code, even though third parties are not\ncompelled to copy the source along with the object code.\n\n 4. You may not copy, modify, sublicense, or distribute the Program\nexcept as expressly provided under this License. Any attempt\notherwise to copy, modify, sublicense or distribute the Program is\nvoid, and will automatically terminate your rights under this License.\nHowever, parties who have received copies, or rights, from you under\nthis License will not have their licenses terminated so long as such\nparties remain in full compliance.\n\n 5. You are not required to accept this License, since you have not\nsigned it. However, nothing else grants you permission to modify or\ndistribute the Program or its derivative works. These actions are\nprohibited by law if you do not accept this License. Therefore, by\nmodifying or distributing the Program (or any work based on the\nProgram), you indicate your acceptance of this License to do so, and\nall its terms and conditions for copying, distributing or modifying\nthe Program or works based on it.\n\n 6. Each time you redistribute the Program (or any work based on the\nProgram), the recipient automatically receives a license from the\noriginal licensor to copy, distribute or modify the Program subject to\nthese terms and conditions. You may not impose any further\nrestrictions on the recipients' exercise of the rights granted herein.\nYou are not responsible for enforcing compliance by third parties to\nthis License.\n\n 7. If, as a consequence of a court judgment or allegation of patent\ninfringement or for any other reason (not limited to patent issues),\nconditions are imposed on you (whether by court order, agreement or\notherwise) that contradict the conditions of this License, they do not\nexcuse you from the conditions of this License. If you cannot\ndistribute so as to satisfy simultaneously your obligations under this\nLicense and any other pertinent obligations, then as a consequence you\nmay not distribute the Program at all. For example, if a patent\nlicense would not permit royalty-free redistribution of the Program by\nall those who receive copies directly or indirectly through you, then\nthe only way you could satisfy both it and this License would be to\nrefrain entirely from distribution of the Program.\n\nIf any portion of this section is held invalid or unenforceable under\nany particular circumstance, the balance of the section is intended to\napply and the section as a whole is intended to apply in other\ncircumstances.\n\nIt is not the purpose of this section to induce you to infringe any\npatents or other property right claims or to contest validity of any\nsuch claims; this section has the sole purpose of protecting the\nintegrity of the free software distribution system, which is\nimplemented by public license practices. Many people have made\ngenerous contributions to the wide range of software distributed\nthrough that system in reliance on consistent application of that\nsystem; it is up to the author/donor to decide if he or she is willing\nto distribute software through any other system and a licensee cannot\nimpose that choice.\n\nThis section is intended to make thoroughly clear what is believed to\nbe a consequence of the rest of this License.\n\n 8. If the distribution and/or use of the Program is restricted in\ncertain countries either by patents or by copyrighted interfaces, the\noriginal copyright holder who places the Program under this License\nmay add an explicit geographical distribution limitation excluding\nthose countries, so that distribution is permitted only in or among\ncountries not thus excluded. In such case, this License incorporates\nthe limitation as if written in the body of this License.\n\n 9. The Free Software Foundation may publish revised and/or new versions\nof the General Public License from time to time. Such new versions will\nbe similar in spirit to the present version, but may differ in detail to\naddress new problems or concerns.\n\nEach version is given a distinguishing version number. If the Program\nspecifies a version number of this License which applies to it and \"any\nlater version\", you have the option of following the terms and conditions\neither of that version or of any later version published by the Free\nSoftware Foundation. If the Program does not specify a version number of\nthis License, you may choose any version ever published by the Free Software\nFoundation.\n\n 10. If you wish to incorporate parts of the Program into other free\nprograms whose distribution conditions are different, write to the author\nto ask for permission. For software which is copyrighted by the Free\nSoftware Foundation, write to the Free Software Foundation; we sometimes\nmake exceptions for this. Our decision will be guided by the two goals\nof preserving the free status of all derivatives of our free software and\nof promoting the sharing and reuse of software generally.\n\n\t\t\t NO WARRANTY\n\n 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY\nFOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN\nOTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES\nPROVIDE THE PROGRAM \"AS IS\" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED\nOR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF\nMERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS\nTO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE\nPROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,\nREPAIR OR CORRECTION.\n\n 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING\nWILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR\nREDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,\nINCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING\nOUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED\nTO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY\nYOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER\nPROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE\nPOSSIBILITY OF SUCH DAMAGES.\n\n\t\t END OF TERMS AND CONDITIONS\n\n\t How to Apply These Terms to Your New Programs\n\n If you develop a new program, and you want it to be of the greatest\npossible use to the public, the best way to achieve this is to make it\nfree software which everyone can redistribute and change under these terms.\n\n To do so, attach the following notices to the program. It is safest\nto attach them to the start of each source file to most effectively\nconvey the exclusion of warranty; and each file should have at least\nthe \"copyright\" line and a pointer to where the full notice is found.\n\n \n Copyright (C) \n\n This program is free software; you can redistribute it and/or modify\n it under the terms of the GNU General Public License as published by\n the Free Software Foundation; either version 2 of the License, or\n (at your option) any later version.\n\n This program is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n GNU General Public License for more details.\n\n You should have received a copy of the GNU General Public License along\n with this program; if not, write to the Free Software Foundation, Inc.,\n 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.\n\nAlso add information on how to contact you by electronic and paper mail.\n\nIf the program is interactive, make it output a short notice like this\nwhen it starts in an interactive mode:\n\n Gnomovision version 69, Copyright (C) year name of author\n Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.\n This is free software, and you are welcome to redistribute it\n under certain conditions; type `show c' for details.\n\nThe hypothetical commands `show w' and `show c' should show the appropriate\nparts of the General Public License. Of course, the commands you use may\nbe called something other than `show w' and `show c'; they could even be\nmouse-clicks or menu items--whatever suits your program.\n\nYou should also get your employer (if you work as a programmer) or your\nschool, if any, to sign a \"copyright disclaimer\" for the program, if\nnecessary. Here is a sample; alter the names:\n\n Yoyodyne, Inc., hereby disclaims all copyright interest in the program\n `Gnomovision' (which makes passes at compilers) written by James Hacker.\n\n , 1 April 1989\n Ty Coon, President of Vice\n\nThis General Public License does not permit incorporating your program into\nproprietary programs. If your program is a subroutine library, you may\nconsider it more useful to permit linking proprietary applications with the\nlibrary. If this is what you want to do, use the GNU Lesser General\nPublic License instead of this License.\n" }, { "path": "ChangeLog.md", "content": "ChangeLog\n=========\n\nAll notable changes to the project are documented in this file.\n\n\n[v2.5.7][] - 2024-05-09\n-----------------------\n\n### Fixes\n- Fix #207: crash when adding IPv6 multicast route on a kernel without\n IPv6 multicast support\n\n\n[v2.5.6][] - 2022-11-28\n-----------------------\n\nDespite the new `smcroutectl` batch mode feature, this is primarily a\nbug fix release. Most notably #183 and #187.\n\n### Changes\n- Add `smcroutectl` batch support, issue #189. Based on the IPC support\n added in issue #185, by Alexey Smirnov:\n\n ~$ sudo smcroutectl -b <<-EOF\n join eth0 225.1.2.3\n add eth0 192.168.1.42 225.1.2.3 eth1 eth2\n rem eth1 225.3.4.5 eth3\n leave eth1 225.3.4.5\n EOF\n ~$\n\n### Fixes\n- Fix #178: invalid systemd daemon type Simple/Notify vs simple/notify\n- Fix #179: typo in wildcard routes section of README\n- Fix #180: minor typo in file and directory names in documentation\n- Fix #183: casting in IPC code hides error handling of `recv()`\n- Fix #186: NULL pointer dereference in `utimensat()` replacement\n function. Found accidentally by Alexey Smirnov. Only triggered on\n systems that don't have a native `utimensat()` in their C-library, or\n if you try to build SMCRoute without using its own build system ...\n- Fix #187: strange behavior joining/leaving the same group\n- Fix #192: typo in README\n\n\n[v2.5.5][] - 2021-11-21\n-----------------------\n\n### Changes\n- Revert extraction of version from GIT tag. Incompatible with systems\n that do `autoreconf` on a dist. tarball\n\n### Fixes\n- Fix #175: Parse error in `/etc/smcroute.conf`. SMCRoute fails to\n start on interfaces with `mrdisc` disabled, when built with mrdisc\n support and `-N` passed on command line\n\n\n[v2.5.4][] - 2021-11-13\n-----------------------\n\n### Changes\n- Automatically extract new version from GIT tag\n\n### Fixes\n- Avoid trying to delete inactive VIFs. Fixing an annoying bogus error:\n *\"Failed deleting VIF for iface lo: Resource temporarily unavailable\"*\n- Fix #171: too small string buffer for IPv6 address causing garbled\n output in periodic expiry callback\n- Fix too small buffer for IPv6 address in mroute display functions\n\n\n[v2.5.3][] - 2021-09-23\n-----------------------\n\n### Changes\n- New tests to verify add/del of IPv4/IPv6 routes in kernel MFC\n\n### Fixes\n- Fix #166: build warning with gcc 10.2.1: \"comparison is always true\n due to limited range of data type\"\n- Fix build warning with `--disable-mrdisc` configure option\n- Fix #167: cannot remove routes added with `smcroutectl add`,\n only affects add/del at runtime with smcroutectl, not .conf reload\n- Fix #168: build problem on Debian/kFreeBSD, used wrong queue.h\n\n\n[v2.5.2][] - 2021-08-27\n-----------------------\n\n### Changes\n- Allow installing routes with no outbound interfaces\n- Reinitialize VIFs on reload in case of new interfaces\n- Handle cases when interfaces change ifindex, i.e. they've first been\n removed and then re-added with the same name\n\n### Fixes\n- Fix VIF leak when deleting interfaces with MRDISC enabled\n- Fix handling when an (S,G) moves to another IIF. This fixes issues\n where the SMCRoute kernel cache was out of sync with the kernel MFC\n- Fix handling of lost/disabled interfaces at reload. This fixes a\n couple of issues where routes were not updated properly at runtime\n- Update interface flags on reload, this fixes issues when SMCRoute\n failed to detect interfaces that had their MULTICAST flag set or\n cleared at runtime\n. Skip `setsockopt()` for IPC sockets. This fixes warnings in syslog\n about failing to disable `MULTICAST_LOOP` and `MULTICAST_ALL`\n\n\n[v2.5.1][] - 2021-08-22\n-----------------------\n\n### Changes\n- Add .sha256 checksum to dist files, useful for packagers\n\n### Fixes\n- Fix #155: systemd Notify integration, restore `NotifyAccess=main`\n- Fix #165: ftbfs on older compilers, e.g. gcc 4.8.3, use -std=gnu99\n- Fix Documentation refs in systemd unit file, new man pages\n\n\n[v2.5.0][] - 2021-08-19\n-----------------------\n\n**Highlights:** native `/etc/smcroute.d/*.conf` support and seamless\n update/removal of routes and groups by reloading `.conf` files or\n using `smcroutectl`.\n\nTested on Linux 5.11 and FreeBSD 12.2\n\n### Changes\n- Fully automated test suite with 15 tests covering many use cases\n- Support for `/etc/smcroute.d/*.conf`, issue #103\n- Support for applying changes to `.conf` files without disturbing\n established flows -- i.e., seamless addition or removal of outbound\n interfaces in existing rules, or add/remove routes, without ever\n affecting other routes, issue #103\n- Support for route replacement/update `smcroutectl`, issue #115\n- Full `(*,G)` wildcard route matching, for IPv4 and IPv6, issue #31\n- Variant wildcard route matching with source and group range matching.\n This may of course waste a lot of resources, so handle with care:\n - `(*,G/LEN)`, issue #135 (IPv4), and issue #162 (IPv6)\n - `(S/LEN,G)`, issue #81\n - `(S/LEN,G/LEN)`\n- Full SSM/ASM group join support, for both IPv4 and IPv6. Including\n joining group ranges from both `smcroutectl` and `.conf`, issue #118\n Please note, no SSM support on FreeBSD, only Linux\n- New command line option, `-F file.conf` to verify file syntax, issue #100\n- The `-I NAME` command line option has changed to `-i NAME`, compat\n support for the previous option remains\n- The `mrdisc` flag to the `phyint` directive is now what solely\n controls the functionality per interface. Previously a mechanism to\n enable/disable the functionality (if enabled) if active routes were in\n place. However, this did not cover `(*,G)` routes so that has been\n removed to simplify and guarantee full function\n- Output format from `smcroutectl` has been extensively changed. E.g,\n new `/LEN` support means wider columns, but heading have also changed\n- The `.tar.xz` archive has been has been dropped as distribution format,\n keeping only `tar.gz`\n\n### Fixes\n- Fix #120: failed ASM/SSM IGMP join if interface has no address\n- Fix #130: dynamic IPv6 routes are not flushed (like IPv4 `(*,G)`)\n- Fix #149: `(*,G)` cache timeout callback stops, or never starts\n- Fix #151: same log entries\n- Fix #156: `smcruotectl show` does not show IPv6 routes\n- Fix stochastic timer behavior, e.g. mrdisc announcements experienced\n interference with the `(*,G)` cache timer\n\n\n[v2.4.4][] - 2019-02-11\n-----------------------\n\n### Changes\n- Allow same outbound interface as inbound for routes, only warn user\n- systemd unit file hardening, recommended by Debian\n- Discontinued GPG signing, unused and signed with only one dev key\n\n### Fixes\n- Fix #104: IGMP header checksum missing from mrdisc frames\n- Fix #105: Unblock *all* matching, and currently blocked, (S,G) to a\n newly installed (*,G) route, only the first know was unblocked\n- Fix #106: Timer nanosecond bug causing loss of address refresh on DHCP\n interfaces. Interface monitoring feature introduced in v2.4.3\n- Fix #108: Calling init script with `stop` does not stop `smcrouted`\n- Fix #109: ifindex in UNIX/POSIX is an interger, not unsigned short\n\n\n[v2.4.3][] - 2018-11-06\n-----------------------\n\nThe Lyon release.\n\n### Changes\n- Add `strlcat()` replacement from OpenBSD, use instead of `strcat()`\n- `smcrouted` should never log to system console, proposed by Westermo\n\n### Fixes\n- `smcrouted` fails to join multicast groups on interfaces that do not\n yet have an IP address when `smcrouted` starts up, or when it receives\n `SIGHUP`, e.g. DHCP client interfaces. This patch release adds a timer\n refresh of interface addresses that retries multicast group joins until\n an address is set. This is similar to issue #55, but does not handle\n interfaces that do not exist yet\n- Make sure Linux alias interfaces (baseif:num) are registered as\n baseif. Westermo found that use of alias interfaces cause multiple\n VIFs to be registered for the same base interface causing multicast\n routes to use the wrong inbound or outbound VIF. Alias interfaces\n use the same underlying physical interface so only one VIF needed\n- Fix display of route counters and column alignment\n- Minor spelling fixes, found by Debian\n- Add missing status command to SysV init script, found by Debian\n- Simplify `utimensat()` replacement, `AT_SYMLINK_NOFOLLOW` unused\n\n\n[v2.4.2][] - 2018-09-09\n-----------------------\n\n### Changes\n- Add wrapper script `smcroute` for use with old style startup scripts\n- Add symlinks to man pages for `smcrouted.8 and` `smcroutectl.8`\n- Update SysV init script, daemon now called `smcrouted`\n\n### Fixes\n- Fix #96: A `.conf` line may be missing final newline, this is fine\n- Spellcheck `smcroute.conf` example\n- Fix Lintian warning (Debian) for unbreakable line in man page\n\n\n[v2.4.1][] - 2018-06-16\n-----------------------\n\n### Changes\n- Update and spellecheck documentation and example `.conf` file\n\n### Fixes\n- Fix #91: Allow re-configuration of unprivileged `smcrouted`. \n Courtesy of Marcel Patzlaff\n\n\n[v2.4.0][] - 2018-02-11\n-----------------------\n\n### Changes\n- Interface wildcard support, Linux `iptables` like syntax, `eth+`\n matches `eth0`, `eth1`, `eth32`. It can be used where an interface\n name is used: `phyint`, `mroute`, `mgroup`, and even on the command\n line to `smcroutectl`. Contributed by Martin Buck\n- Disable IPv4 [mrdisc][] by default, enable per `phyint` in the `.conf`\n file instead. When *not* started with `smcrouted -N` mrdisc would\n otherwise be enabled on *all* interfaces found at startup\n- Minor doc updates, e.g. clarify need for root or `CAP_NET_ADMIN`\n including some minor man page fixes\n\n### Fixes\n- Fix #75: Not possible to remove (*,G) routes using `smcroutectl`\n- Fix #76: When removing a kernel route, also remove from internal lists\n otherwise route is shown in `smcroutectl show`. Conversely, adding a\n route to internal list shall only be done after successful kernel add\n- Fix #77: Counter overflow due to wrong type used in `smcroutectl show`\n- Fix #78: Document interface wildcard feature\n- Fix #80: `smcroutectl` argument parser fixes by Pawel Rozlach\n- Fix #84: Check return value of `sigaction()`\n- Fix #85: Signal handling is async-signal-unsafe\n- Fix #86: Document how to use `iptables` on Linux to modify TTL\n- Fix #87: Possible buffer overrun in `ipc_receive()`\n- Fix #89: Adding similar (S,G) route should replace existing one if\n inbound interface differs\n\n\n[v2.3.1][] - 2017-06-13\n-----------------------\n\nBug fix release courtesy of the Westermo WeOS automated testing\nframework. Many thanks to Johan Askerin at Westermo for working\non integrating SMCRoute v2.3 into WeOS v4.22!\n\n### Changes\n- Add `utimensat()` replacement for systems that don't have it\n- Ignore error messages from `send()` on interface link down\n\n### Fixes\n- Fix build error(s) on FreeBSD 9/9.3-RELEASE\n- Fix possible invalid interface name reference in new mrdisc support\n- Fix log macro bug in the .conf parser\n- Fix buggy interface and VIF re-initialization on `SIGHUP`\n\n\n[v2.3.0][] - 2017-05-28\n-----------------------\n\n### Changes\n- Support GROUP/LEN matching for IPv4 (*,G) routes\n- Support for IPv4 [mrdisc][], [RFC4286][]\n- Support for multiple routing tables on Linux, `-t ID`\n- `ssmgroup` code folded into general code, now with optional source\n- Separation of daemon and client into `smcrouted` and `smcroutectl`\n - Complete new client user interface, `smcroutectl`\n - Support for disabling IPC and client, `--disable-client`\n - Support for disabling `.conf` file support, `--disable-config`\n- Show multicast routes and joined groups in client, including stats:\n `smcroutectl show [groups|routes]`\n- Support for `-d SEC` startup delay in `smcrouted`\n- Unknown (*,G) multicast now blocked by default\n- Flush timer, `-c SEC`, for (*,G) routes now enabled by default, 60 sec\n- Build ID removed from `configure` script\n- Massive code cleanup, refactor and separation into stand-alone modules\n- Default system paths are no longer taken from `/usr/include/paths.h`,\n instead the settings from `configure --prefix` are used\n- Use of `libcap` for privilige separation is now auto-detected\n\n### Fixes\n- Allow use of loopback interface for multicast routes\n- Fix IPv4-only build, by Martin Buck\n- Fix IPv4 network interface address identification, by Martin Buck\n- Support unlimited number of network interfaces, by Martin Buck\n\n\n[v2.2.2][] - 2017-02-02\n-----------------------\n\n### Changes\n- New client command, `-F`, for immediately flushing dynamically learned\n (*,G) routes from the cache.\n\n### Fixes\n- Fix issue #51: New cache flush timeout option causes endless\n `select()` loop. Reported by Ramon Fried, @mellowcandle\n\n\n[v2.2.1][] - 2017-01-09\n-----------------------\n\n### Changes\n- Add support for a new command line option, `-c SEC`, for timing out\n dynamically learned (*,G) routes. Issue #17\n\n### Fixes\n- Portability, replace use of non-std `__progname` with small function\n- Issue #49: systemd unit file missing `-d` to start daemon\n\n\n[v2.2.0][] - 2016-12-03\n-----------------------\n\n### Changes\n- Support for dropping root privileges after opening the multicast\n routing socket and creating the PID file\n- Support for Source Specific Multicast group subscription (only IPv4)\n- Support for systemd, service file included and installed by default\n\n### Fixes\n- Remove GNUisms to be able to build and run on Alpine Linux (musl libc)\n- Add OpenBSD `queue.h` for systems that do not have any *BSD `sys/queue.h`\n- Coding style cleanup and minor refactor\n\n\n[v2.1.1][] - 2016-08-19\n-----------------------\n\n### Changes\n- When `SIGHUP` is received SMCRoute now touches its PID file as an\n acknowledgement. This is used by some process supervision daemons,\n like [Finit](https://github.com/troglobit/finit), on system\n configuration changes to detect when a daemon is done. The mtime is\n set using the `utimensat()` function to ensure nanosecond resolution.\n\n### Fixes\n- Fix issue #38: Minor memory leak at exit. The Valgrind tool warns\n that all memory is not freed when smcroute exits. On most modern\n UNIX systems, on platforms with MMU, this is not a problem, but on\n older systems, or uClinux, memory is not freed at program exit.\n- Fix issue #39: Removing wildcard route at runtime does not work if no\n kernel routes have been set.\n- Fix issue #44: IPv6 disabled by default, despite what `configure` says\n in its help text. Enabling it disables it ... fixed by enabling IPv6\n by default.\n\n\n[v2.1.0][] - 2016-02-17\n-----------------------\n\n### Changes\n- Allow more interfaces to be used for multicast routing, in particular\n on Linux, where interfaces without an IP address can now be used!\n Making it possible to run SMCRoute on DHCP/PPP interaces, issue #13\n- Add support for TTL scoping on interfaces, very useful for filtering\n multicast without a firewall: `phyint IFNAME ttl-threshold TTL`\n- On Linux a socket filter now filters out ALL traffic on the helper\n sockets where SMCRoute does IGMP/MLD join/leave on multicast groups.\n This should eliminate the extra overhad required to, not only route\n streams, but also send a copy of each packet to SMCRoute.\n- Add support for limiting the amount of multicast interfaces (VIFs)\n SMCRoute creates at startup. Two options are now available, by\n default all multicast capable interfaces are given a VIF and the user\n can selectively disable them one by one. However, if the `-N` command\n line option is given SMCRoute does *not* enable any VIFs by default,\n the user must then selectively enable interface one by one. The\n syntax in the config file is:\n\n phyint IFNAME \n\n Use `enable` per interface with `-N` option, or `disable` by default.\n\n- Make build ID optional. SMCRoute has always had the build date\n hard coded in the binary. This change makes this optional, and\n defaults to disabled, to facilitate reproducible builds. For\n more info, see https://wiki.debian.org/ReproducibleBuilds\n- Remove generated files from GIT. Files generated by GNU autotools are\n now only part of the distribution archive, not the GIT repository.\n Use `./autogen.sh` to create the required files when using GIT.\n- Updated man page and example `smcroute.conf` with limitations on\n the amount of mgroup rules.\n- Add support for executing an external script on config reload and when\n installing a multicast route. Issue #14\n\n smcroute -e /path/to/cmd\n\n The script is called when SMCRoute has started up, or has received\n `SIGHUP` and just reloaded the configuration file, and when a new\n source-less rule have been installed. See the documentation for\n more information on set environment variables etc. Issue #14\n- Add `--disable-ipv6` option to `configure` script. Disables IPv6\n support in SMCRoute even though the kernel may support it\n- Replaced `-D` option with `-L LVL` to alter log level, issue #24\n- The smcroute daemon now behaves more like a regular UNIX daemon. It\n defaults to using syslog when running in the background and stderr\n when running in the foreground. A new option `-s` can be used to\n enable syslog when running in the foreground, issue #25\n- The smcroute client no longer use syslog, only stderr, issue #25\n- When starting the smcroute daemon it is no longer possible to also\n send client commands on the same command line.\n- Remove the (unmaintained) in-tree `mcsender` tool. Both ping(8) and\n iperf(1) can be used in its stead. The omping(8) tool is another\n tool, engineered specifically for testing multicast. Issue #30\n\n### Fixes\n- Fix issue #10: `smcroute` client loops forever on command if no\n `smcroute` daemon is running\n- Install binaries to `/usr/sbin` rather than `/usr/bin`, regression\n introduced in [v2.0.0][]. Fixed by Micha Lenk\n- Cleanup fix for no-MMU systems. Multicast groups were not properly\n cleaned up in the `atexit()` handler -- *only* affects no-MMU systems.\n- Do not force automake v1.11, only require *at least* v.11\n- SMCRoute operates fine without a config file, so use a less obtrusive\n warning message for missing `/etc/smcroute.conf`\n\n\n[v2.0.0][] - 2014-09-30\n-----------------------\n\n### Changes\n- Migrate to full GNU Configure and Build system, add Makefile.am,\n GitHub issue #6 -- heads up, packagers!\n- Add standard SysV init script, from Debian. GitHub issue #9\n\n### Fixes\n- Multiple fixes of nasty bugs thanks to Coverity static code analysis!\n- Cleanup of Linux system anachronisms to make FreeBSD work again,\n GitHub issue #5\n\n\n[v1.99.2][] - 2013-07-16\n------------------------\n\n### Fixes\n* Fix issue #2: Loop forever bug when deleting new (*,G) sourceless routes\n Bug report and patch by Jean-Baptiste Maillet\n\n\n[v1.99.1][] - 2013-07-11\n------------------------\n\n### Fixes\n- Fix possible memory leak on Linux\n- Fix missing #ifdefs when building on systems w/o IPv6\n- Fix possible race in Makefile when building in (massive) parallel\n- Fix build problems on RedHat EL5/CentOS5, i.e., Linux <= 2.6.25\n\n\n[v1.99.0][] - 2012-05-13\n-------------------------\n\n### Changes\n- Feature: Experimental source-less `(*,G)` IPv4 multicast routing.\n Most UNIX kernels are (S,G) based, i.e., you need to supply the\n source address with the multicast group to setup a kernel routing\n rule. However, daemons like mrouted and pimd emulate `(*,G)` by\n listening for IGMPMSG_NOCACHE messages from the kernel. SMCRoute now\n also implements this, for IPv4 only atm, by placing all `(*,G)`\n routes in a list and adding matching (S,G) routes on-demand at\n runtime. All routes matching this (*,G) are removed when reloading\n the conf file on SIGHUP or when the user sends an IPC (-r) command to\n remove the (*,G) rule.\n\n### Fixes\n- Bugfix: SMCRoute segfaults when starting on interface that is up but\n has no valid IPv4 address yet. Bug introduced in 1.98.3\n- Improved error messages including some minor cleanup and readability\n improvements\n- Bugfix: Actually check if running as root at startup\n\n\n[v1.98.3][] - 2011-11-05\n------------------------\n\n### Changes\n- Check for existence of `asprintf()` to `pidfile()` and add\n `-D_GNU_SOURCE` to `CPPFLAGS` using `AC_GNU_SOURCE` in `configure.ac`\n- Cleanup IPv6 `#ifdefs` and replace `IN6_MULTICAST()` with standard\n `IN6_IS_ADDR_MULTICAST()`. This commit cleans up a lot of the IPv6\n related `#ifdefs`, some minor function name refactoring and squash of\n some `_init` and `_enable` funcs into one for clarity and clearer\n error messages to the user\n\n### Fixes\n- Fixes FTBFS when host lacks IPv6 support.\n\n\n[v1.98.1][] - 2011-11-05\n------------------------\n\n### Fixes\n- Bugfix: Client failed to send commands to daemon.\n- Bugfix: Several FTBFS fixed for GCC 4.6.x and -W -Wall\n\n\n[v1.98.0][] - 2011-11-04\n------------------------\n\nSMCRoute2 Announced!\n\n### Changes\n- Feature: Support for `smcroute.conf` configuration file for daemon.\n Add support for reading multicast routes and multicast groups from a\n configuration file.\n\n mgroup from IFNAME group MCGROUP\n mroute from IFNAME source ADDRESS group MCGROUP to IFNAME [IFNAME ...]\n\n Both IPv4 and IPv6 address formats are supported\n- Feature: Support for signals, reload conf file on `SIGHUP`\n- Feature: Add -n switch to support running smcroute in foreground.\n- Refactor: Insecure handling of pointers potentially outside array boundaries.\n- Refactor: Major cleanup, reindent to Linux C-style, for improved maintainability.\n\n### Fixes\n- Bugfix: Invalid use of varargs in call to `snprintf()`, use\n `vsnprintf()` instead\n- Bugfix: Invalid `MRouterFD6` fd crashes smcroute, always check for\n valid fd\n- Bugfix: Several minor bugfixes; type mismatches and unused return\n values\n\n\n[v0.95][] - 2011-08-08\n----------------------\n\n### Changes\n- Feature request #313278: Added support for FreeBSD\n SMCRoute now builds and runs on FreeBSD kernels. This was successfully\n tested with the FreeBSD port of Debian using FreeBSD 8.1. Other BSD\n flavours or versions might work too. Any feedback is appreciated.\n https://alioth.debian.org/tracker/index.php?func=detail&aid=313278\n- Feature request #313190: Debug logging is now disabled by default. If you\n want to enable debug logging again, start the daemon with parameter '-D'.\n https://alioth.debian.org/tracker/index.php?func=detail&aid=313190\n\n\n[v0.94.1][] - 2010-01-13\n------------------------\n\n### Fixes\n- Bugfix: In case the kernel refuses write access to the file\n /proc/sys/net/ipv6/conf/all/mc_forwarding, don't let smcroute exit\n with an error, but proceed with normal operation without writing a\n \"1\" to this file. Apparently newer Linux kernels take care for the\n correct content of this file automatically whenever the IPv6\n multicast routing API is initialized by a process.\n\n\n[v0.94][] - 2009-11-01\n----------------------\n\n### Changes\n- Added support for IPv6 multicast routing in smcroute. SMCRoute now\n supports addition and removal of IPv6 multicast routes. It will\n automatically detect which type of route to add or delete based\n on the type (IPv4/IPv6) of addresses provided for the add and\n remove commands.\n- Added support for joins and leaves ('j'/'l') to IPv6 multicast groups.\n- Added support for sending to IPv6 multicast addresses to mcsender tool.\n- Added command line option to mcsender tool to allow user to specify the\n outgoing interface for datagrams sent.\n- Added autoconf support for smcroute build.\n\n\nv0.93 - UNRELEASED\n------------------\n\n### Fixes\n- Fixed the \"smcroute looses output interfaces\" bug.\n Carsten Schill, 0.93 unreleased\n\n\nv0.92 - July 2002\n-----------------\n\n### Changes\n- Increased the number of supported interfaces\n The 16 interface limit of version 0.90 (interfaces as listed with\n ifconfig) was to small, especially when alias interfaces where\n defined.\n - up to 40 interfaces are no recognized by smcroute\n - this does not change the number of 'virtual interfaces' supported\n by the kernel (32)\n - not all interfaces recognized by smcroute (40) results in a\n 'virtual interface' of the kernel (32)\n\n### Fixes\n- Fixed the 'mroute: pending queue full, dropping entries' error\n Smcroute 0.90 didn't care about the IGMP messages delivered to the\n UDP socket that establish the MC-Router API. After some time the\n queue for the sockets filled up and the 'pending queue full' message\n was send from the kernel. To my knowledge this didn't affect smcroute\n or the operating system.\n - version 0.92 reads the ICMP messages now from the UDP socket and\n logs them to syslog with daemon/debug\n - smcroute does no further processing of this messages\n\n\nv0.9 - September 2001\n---------------------\n\n### Changes\n* Added MC group join (-j) and leave (-l) functionality\n - the options enable/disable the sending of IGMP join messages for\n a multicast group on a specific interface\n* Removed the ' [] ...' for the '-r' option\n - they are not used by the kernel to identify the route to remove\n - smcroute will not complain about extra arguments for the '-r' option\n to stay compatible with releases <= 0.80\n* Improved error handling for some typical error situations\n* Added a test script (tst-smcroute.pl)\n* Added a man page\n\n### Fixes\n* Fixed some minor bugs\n\n\nv0.8 - August 2001\n------------------\n\nInitial public release by Carsten Schill.\n\n\n[mrdisc]: https://github.com/troglobit/mrdisc\n[RFC4286]: https://tools.ietf.org/html/rfc4286\n[UNRELEASED]: https://github.com/troglobit/smcroute/compare/2.5.7...HEAD\n[v2.5.7]: https://github.com/troglobit/smcroute/compare/2.5.6...2.5.7\n[v2.5.6]: https://github.com/troglobit/smcroute/compare/2.5.5...2.5.6\n[v2.5.5]: https://github.com/troglobit/smcroute/compare/2.5.4...2.5.5\n[v2.5.4]: https://github.com/troglobit/smcroute/compare/2.5.3...2.5.4\n[v2.5.3]: https://github.com/troglobit/smcroute/compare/2.5.2...2.5.3\n[v2.5.2]: https://github.com/troglobit/smcroute/compare/2.5.1...2.5.2\n[v2.5.1]: https://github.com/troglobit/smcroute/compare/2.5.0...2.5.1\n[v2.5.0]: https://github.com/troglobit/smcroute/compare/2.4.4...2.5.0\n[v2.4.4]: https://github.com/troglobit/smcroute/compare/2.4.3...2.4.4\n[v2.4.3]: https://github.com/troglobit/smcroute/compare/2.4.2...2.4.3\n[v2.4.2]: https://github.com/troglobit/smcroute/compare/2.4.1...2.4.2\n[v2.4.1]: https://github.com/troglobit/smcroute/compare/2.4.1...2.4.1\n[v2.4.0]: https://github.com/troglobit/smcroute/compare/2.3.1...2.4.0\n[v2.3.1]: https://github.com/troglobit/smcroute/compare/2.3.0...2.3.1\n[v2.3.0]: https://github.com/troglobit/smcroute/compare/2.2.2...2.3.0\n[v2.2.2]: https://github.com/troglobit/smcroute/compare/2.2.1...2.2.2\n[v2.2.1]: https://github.com/troglobit/smcroute/compare/2.2.0...2.2.1\n[v2.2.0]: https://github.com/troglobit/smcroute/compare/2.1.1...2.2.0\n[v2.1.1]: https://github.com/troglobit/smcroute/compare/2.1.0...2.1.1\n[v2.1.0]: https://github.com/troglobit/smcroute/compare/2.0.0...2.1.0\n[v2.0.0]: https://github.com/troglobit/smcroute/compare/1.99.2...2.0.0\n[v1.99.2]: https://github.com/troglobit/smcroute/compare/1.99.1...1.99.2\n[v1.99.1]: https://github.com/troglobit/smcroute/compare/1.99.0...1.99.1\n[v1.99.0]: https://github.com/troglobit/smcroute/compare/1.98.3...1.99.0\n[v1.98.3]: https://github.com/troglobit/smcroute/compare/1.98.2...1.98.3\n[v1.98.2]: https://github.com/troglobit/smcroute/compare/1.98.1...1.98.2\n[v1.98.1]: https://github.com/troglobit/smcroute/compare/1.98.0...1.98.1\n[v1.98.0]: https://github.com/troglobit/smcroute/compare/0.95...1.98.0\n[v0.95]: https://github.com/troglobit/smcroute/compare/0.94.1...0.95\n[v0.94.1]: https://github.com/troglobit/smcroute/compare/0.94...0.94.1\n[v0.94]: https://github.com/troglobit/smcroute/compare/0.94.1...0.95\n" }, { "path": "Makefile.am", "content": "## SMCRoute - A static multicast routing tool -*-Makefile-*-\nACLOCAL_AMFLAGS = -I m4\nSUBDIRS = man src\nDISTCLEANFILES\t\t= *~ DEADJOE semantic.cache *.gdb *.elf core core.* *.d\ndist_sbin_SCRIPTS = smcroute\ndoc_DATA\t\t= README.md COPYING smcroute.conf\nEXTRA_DIST\t\t= README.md ChangeLog.md autogen.sh smcroute.conf smcroute.default smcroute.init\n\nif ENABLE_TEST\nSUBDIRS += test\nendif\n\nif HAVE_SYSTEMD\nsystemd_DATA = smcroute.service\nendif\n\n## Check if tagged in git\nrelease-hook:\n\t@if [ ! `git tag -l $(PACKAGE_VERSION) | grep $(PACKAGE_VERSION)` ]; then\t\\\n\t\techo;\t\t\t\t\t\t\t\t\t\\\n\t\tprintf \"\\e[1m\\e[41mCannot find release tag $(PACKAGE_VERSION)\\e[0m\\n\";\t\\\n\t\tprintf \"\\e[1m\\e[5mDo release anyway?\\e[0m \"; read yorn;\t\t\t\\\n\t\tif [ \"$$yorn\" != \"y\" -a \"$$yorn\" != \"Y\" ]; then\t\t\t\t\\\n\t\t\tprintf \"OK, aborting release.\\n\";\t\t\t\t\\\n\t\t\texit 1;\t\t\t\t\t\t\t\t\\\n\t\tfi;\t\t\t\t\t\t\t\t\t\\\n\t\techo;\t\t\t\t\t\t\t\t\t\\\n\telse\t\t\t\t\t\t\t\t\t\t\\\n\t\techo;\t\t\t\t\t\t\t\t\t\\\n\t\tprintf \"\\e[1m\\e[42mFound GIT release tag $(PACKAGE_VERSION)\\e[0m\\n\";\t\\\n\t\tprintf \"\\e[1m\\e[44m>>Remember to push tags!\\e[0m\\n\";\t\t\t\\\n\t\techo;\t\t\t\t\t\t\t\t\t\\\n\tfi\n\n## Target to run when building a release\nrelease: release-hook distcheck\n\t@for file in $(DIST_ARCHIVES); do\t\t\\\n\t\tmd5sum $$file > ../$$file.md5;\t\\\n\t\tsha256sum $$file > ../$$file.sha256;\t\\\n\tdone\n\t@mv $(DIST_ARCHIVES) ../\n\t@echo\n\t@echo \"Resulting release files =======================================================================\"\n\t@for file in $(DIST_ARCHIVES); do\t\t\t\t\t\t\\\n\t\tprintf \"%-30s Distribution tarball\\n\" $$file;\t\t\t\t\\\n\t\tprintf \"%-30s \" $$file.md5; cat ../$$file.md5 | cut -f1 -d' ';\t\\\n\t\tprintf \"%-30s \" $$file.sha256; cat ../$$file.sha256 | cut -f1 -d' ';\t\\\n\tdone\n\n# Workaround for systemd unit file duing distcheck\nDISTCHECK_CONFIGURE_FLAGS = --with-systemd=$$dc_install_base/$(systemd) --enable-mrdisc --enable-test\n" }, { "path": "README.md", "content": "SMCRoute - A static multicast routing daemon\n============================================\n[![License Badge][]][License] [![GitHub Status][]][GitHub] [![Coverity Status][]][Coverity Scan]\n\nTable of Contents\n-----------------\n* [About](#about)\n* [Features](#features)\n* [Usage](#usage)\n * [Caveat](#caveat)\n * [Actions Scripts](#action-scripts)\n * [Many Interfaces](#many-interfaces)\n * [Multiple Routing Tables](#multiple-routing-tables)\n * [Client Tool](#client-tool)\n* [Wildcard Routes](#wildcard-routes)\n* [Multicast Router Discovery](#multicast-router-discovery)\n* [Build & Install](#build--install)\n * [Linux Requirements](#linux-requirements)\n * [*BSD Requirements](#bsd-requirements)\n * [General Requirements](#general-requirements)\n * [Configure & Build](#configure--build)\n * [Integration with systemd](#integration-with-systemd)\n * [Static Build](#static-build)\n * [Building from GIT](#building-from-git)\n* [Origin & References](#origin--references)\n\n\nAbout\n-----\n\nSMCRoute is a static multicast routing daemon providing fine grained\ncontrol over the multicast forwarding cache (MFC) in the UNIX kernel.\nBoth IPv4 and IPv6 are fully supported.\n\nSMCRoute can be used as an alternative to dynamic multicast routers like\n[mrouted][], [pimd][], or [pim6sd][] in setups where static multicast\nroutes should be maintained and/or no proper IGMP or MLD signaling\nexists.\n\nMulticast routes exist in the UNIX kernel as long as a multicast routing\ndaemon runs. On Linux, multiple multicast routers can run simultaneously\nusing different multicast routing tables.\n\nThe full documentation of SMCRoute is available in the manual pages, see\n[smcrouted(8)][], [smcroutectl(8)][], and [smcroute.conf(5)][].\n\n\nFeatures\n--------\n\nAll features, except [mrdisc][], are supported for both IPv4 and IPv6.\nPlease note, some features may not be available on systems other than\nLinux. E.g., FreeBSD does not have SSM group join support.\n\n - Configuration file support, `/etc/smcroute.conf`\n - Configuration snippet include support, `/etc/smcroute.d/*.conf`\n - Daemon startup options support, `/etc/default/smcroute`\n - Support for seamless reloading of the configuration on `SIGHUP`\n - Source-less on-demand routing, a.k.a. wildcard `(*,G)` based static\n routing, including support for `(*,G/LEN)` and `(S/LEN,G/LEN)`\n - Optional built-in [mrdisc][] support for IPv4, [RFC4286][]\n - Support for multiple routing tables on Linux\n - Client to add/remove routes, join/leave groups, and built-in support\n to show both routes and joined groups\n - Interface wildcard matching, `eth+` matches `eth0, eth15`\n\n> **Note:** `smcroutectl` can be used to freely modify the runtime state\n> of `smcrouted`, but any changes made (routes/groups) are\n> lost when the configuration is reloaded. This is by design.\n\n\nUsage\n-----\n\n smcrouted [-nNhsv] [-c SEC] [-d SEC] [-e CMD] [-f FILE] [-i NAME]\n\t [-l LVL] [-p USER:GROUP] [-P FILE] [-t ID] [-u FILE]\n \n smcroutectl [-dptv] [-i NAME] [-u FILE] [COMMAND]\n smcroutectl ⟨kill | reload⟩\n smcroutectl ⟨add | rem⟩ ⟨ROUTE⟩\n smcroutectl ⟨join | leave⟩ ⟨GROUP⟩\n smcroutectl show [ routes | groups]\n\nTo set multicast routes and join groups you must first start the daemon,\nwhich needs *root privileges*, or `CAP_NET_ADMIN`. Use `smcrouted -n`\nto run the daemon in the foreground, as required by modern init daemons\nlike systemd and [Finit][].\n\nWhen started from systemd, `smcrouted` runs with the `-n -s` options,\ni.e. supervised in the foreground and uses syslog for logging output.\nThe default log level is `INFO`, this can be adjusted using the file\n`/etc/default/smcroute`:\n\n SMCROUTED_OPTS=-l debug\n\nWhen configured with `--sysconfdir=/etc`, like most Linux distributions\ndo, `smcrouted` reads `/etc/smcroute.conf`, which can look something\nlike this:\n\n mgroup from eth0 group 225.1.2.3\n mgroup from eth0 group 225.1.2.3 source 192.168.1.42\n mroute from eth0 group 225.1.2.3 source 192.168.1.42 to eth1 eth2\n\nThe first line means \"Join multicast group 225.1.2.3 on interface eth0\".\nUseful if `eth0` is not directly connected to the source, but to a LAN\nwith switches with IGMP snooping. Joining the group opens up multicast\nfor that group towards `eth0`. See below Caveat for limitations.\n\nThe second `mgroup` is for source specific group join, i.e. the host\nspecifies that it wants packets from 192.168.1.42 and no other source.\n\nThe third `mroute` line is the actual layer-3 routing entry. Here we\nsay that multicast data originating from 192.168.1.42 on `eth0` to the\nmulticast group 225.1.2.3 should be forwarded to interfaces `eth1` and\n`eth2`.\n\n**Note:** To test the above you can use ping from another device. The\n multicast should be visible as long as your IP# matches the source\n above and you ping 225.1.2.3 -- **REMEMBER TO SET THE TTL >1**\n\n ping -I eth0 -t 2 225.1.2.3\n\nThe TTL is what usually bites people first trying out multicast routing.\nMost TCP/IP stacks default to a TTL of 1 for multicast frames, e.g. ping\nabove requires `-t 2`, or greater. This limitation is intentional and\nreduces the risk of someone accidentally flooding multicast. Remember,\nmulticast *behaves like broadcast* unless limited.\n\nThe TTL should preferably be set on the sender side, e.g. the camera,\nbut can also be modified in the firewall on a router. Be careful though\nbecause the TTL is the only thing that helps prevent routing loops! On\nLinux the following `iptables` command can be used to change the TTL:\n\n iptables -t mangle -A PREROUTING -i eth0 -d 225.1.2.3 -j TTL --ttl-inc 1\n\nSome commands, like this one, must usually be run with root privileges\nor the correct set of capabilities.\n\n### Caveat\n\nOn some platforms there is a limit of 20 groups per socket. This stems\nfrom a limit in BSD UNIX, which also affects Linux. The setting that\ncontrols this is `IP_MAX_MEMBERSHIPTS`, defined in the system header\nfile `netinet/in.h`. Linux users can tweak this with the following\n`/proc` setting:\n\n echo 40 > /proc/sys/net/ipv4/igmp_max_memberships\n\n`smcrouted` probes this at runtime by attempting to join as many groups\nas possible (as have been requested), when the kernel accepts no further\njoins on a socket, `smcrouted` opens a new one.\n\nFor large setups it is recommended to investigate enabling multicast\nrouter ports in the switches, either statically or by enabling support\nfor multicast router discovery, RFC 4286, or possibly use a dynamic\nmulticast routing protocol.\n\n\n### Action Scripts\n\n smcrouted -e /path/to/script\n\nWith `-e CMD` a user script or command can be called when `smcrouted`\nreceives a `SIGHUP` or installs a multicast route to the kernel. This\nis useful if you, for instance, also run a NAT firewall and need to\nflush connection tracking after installing a multicast route.\n\n\n### Many Interfaces\n\n smcrouted -N\n\nWith the `-N` command line option SMCRoute does *not* prepare all system\ninterfaces for multicast routing. Very useful if your system has a lot\nof interfaces but only a select few are required for multicast routing.\nUse the following in `/etc/smcroute.conf` to enable interfaces:\n\n phyint eth0 enable\n phyint eth1 enable\n phyint eth2 enable\n\nIt is possible to use any interface that supports the `MULTICAST` flag.\n\nNote, however, that depending on the UNIX kernel in use, you may have to\nhave an interface address set, in the relevant address family, and the\ninterface may likely also have to be `UP`.\n\n\n### Multiple Routing Tables\n\nOn Linux it is possible to run multiple multicast routing daemons due to\nits support for multiple multicast routing tables. In such setups it\nmay be useful to change the default identity of SMCRoute:\n\n smcrouted -i mrt1 -t 1\n smcrouted -i mrt2 -t 2\n\nThe `-i NAME` option alters the default syslog name, config file, PID\nfile, and client socket file name used. In the first instance above,\n`smcrouted` will use:\n\n- `/etc/mrt1.conf`\n- `/var/run/mrt1.pid`\n- `/var/run/mrt1.sock`\n\nand syslog messages will use the `mrt1` identity as well. Remember to\nuse the same `-i NAME` also to `smcroutectl`.\n\n\n### Client Tool\n\nSMCRoute also has a client interface to interact with the daemon:\n\n smcroutectl join eth0 225.1.2.3\n smcroutectl add eth0 192.168.1.42 225.1.2.3 eth1 eth2\n\nIf the daemon runs with a different identity the client needs to be\ncalled using the same identity:\n\n smcrouted -i mrt\n smcroutectl -i mrt show\n\nThere are more commands. See the man page or the online help for\ndetails:\n\n smcroutectl help\n\n> **Note:** Root privileges are required by default for `smcroutectl` due\n> to the IPC socket permissions.\n\n\nWildcard Routes\n---------------\n\nMulticast often originates from different sources but usually not at the\nsame time. For a more generic setup, and to reduce the number of rules\nrequired, it is possible to set `(*,G)` multicast routes for both IPv4\nand IPv6. Variants include `(*,G/LEN)` and `(S/LEN,G/LEN`. These\nwildcard routes are used as \"templates\" to match against and install\nproper `(S,G)` routes when the kernel informs `smcrouted` of inbound\nmulticast from new sources.\n\nExample `smcroute.conf`:\n\n phyint eth0 enable mrdisc\n phyint eth1 enable\n phyint eth2 enable\n \n mgroup from eth0 group 225.1.2.3\n mroute from eth0 group 225.1.2.3 to eth1 eth2\n\nor, from the command line:\n\n # smcroutectl join eth0 225.1.2.3\n # smcroutectl add eth0 225.1.2.3 eth1 eth2\n\nAlso, see the `smcrouted -c SEC` option for periodic flushing of learned\n`(*,G)` rules, including the automatic blocking of unknown multicast, and\nthe `smcroutectl flush` command.\n\n\nMulticast Router Discovery\n--------------------------\n\nAnother interesting feature is multicast router discovery, [mrdisc][],\ndescribed in [RFC4286][]. This feature is disabled by default, enable\nwith `configure --enable-mrdisc`. When enabled it periodically sends\nout an IGMP message on inbound interfaces¹ to alert switches to open up\nmulticast in that direction. Not many managed switches have support for\nthis yet.\n\n> **Note:** [mrdisc][] only works on Linux due to `SO_BINDTODEVICE`.\n\n____ \n¹ Notice the `mrdisc` flag to the above `phyint eth0` directive, which\nis missing for `eth1` and `eth2`.\n\n\nBuild & Install\n---------------\n\nSMCRoute should in theory work on any UNIX like operating system which\nsupports the BSD MROUTING API. Both Linux and FreeBSD are tested on a\nregular basis.\n\n### Linux Requirements\n\nOn Linux the following kernel config is required:\n\n CONFIG_IP_MROUTE=y\n CONFIG_IP_PIMSM_V1=y\n CONFIG_IP_PIMSM_V2=y\n CONFIG_IP_MROUTE_MULTIPLE_TABLES=y # For multiple routing tables\n CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y # For multiple routing tables\n\n### *BSD Requirements\n\nOn *BSD the following kernel config is required:\n\n options MROUTING # Multicast routing\n options PIM # pimd extensions used for (*,G) support\n\nFreeBSD support module loading, `kldload(8)`, edit `/boot/loader.conf`:\n\n ip_mroute_load=\"yes\"\n ip_mroute6_load=\"yes\"\n\n### General Requirements\n\nCheck the list of multicast capable interfaces:\n\n cat /proc/net/dev_mcast\n\nor look for interfaces with the `MULTICAST` flag in the output from:\n\n ifconfig\n\nSome interfaces have the `MULTICAST` flag disabled by default, like `lo`\nand `greN`. Usually this flag can be enabled administratively.\n\n### Configure & Build\n\nThe GNU Configure & Build system use `/usr/local` as the default install\nprefix. In many cases this is useful, but this means the configuration\nfiles, cache, and PID files will also use that prefix. Most users have\ncome to expect those files in `/etc/` and `/var/` and configure has a\nfew useful options that are recommended to use. For SMCRoute you may\nwant to use something like this:\n\n ./configure --prefix=/usr --sysconfdir=/etc --runstatedir=/var/run\n make -j5\n sudo make install-strip\n\nUsually your system reserves `/usr` for native pacakges, so most users\ndrop `--prefix`, installing to `/usr/local`, or use `--prefix=/opt`.\n\n**Note:** On some systems `--runstatedir` may not be available in the\n configure script, try `--localstatedir=/var` instead.\n\n\n### Privilege Separation\n\nAs of SMCRoute v2.2 support for privilege separation using the `libcap`\nlibrary was added. It is used to drop full root privileges at startup,\nretaining only `CAP_NET_ADMIN` for managing the multicast routes.\n\nThe build system searches for the `libcap` library and header file(s).\nBoth `libcap-dev` and `pkg-config` are required.\n\n**Note:** Although support is automatically detected, the build system\n will issue a warning if `libcap` is missing. This can be\n silenced with `configure --without-libcap`\n\n### Integration with systemd\n\nFor systemd integration `libsystemd-dev` and `pkg-config` are required.\nWhen the unit file is installed, `systemctl` can be used to enable and\nstart `smcrouted`:\n\n $ sudo systemctl enable smcroute.service\n $ sudo systemctl start smcroute.service\n\nCheck that it started properly by inspecting the system log, or:\n\n $ sudo systemctl status smcroute.service\n\n### Static Build\n\nSome people want to build statically, to do this with `autoconf` add the\nfollowing `LDFLAGS=` *after* the configure script. You may also need to\nadd `LIBS=...`, which will depend on your particular system:\n\n ./configure LDFLAGS=\"-static\" ...\n\n### Building from GIT\n\nThe `configure` script and the `Makefile.in` files are generated and not\nstored in GIT. So if you checkout the sources from GitHub you first\nneed to generated these files using `./autogen.sh`.\n\n\nOrigin & References\n-------------------\n\nSMCRoute is maintained collaboratively at [GitHub][Home]. Bug reports,\nfeature requests, patches/pull requests, and documentation fixes are\nmost welcome. The project was previously hosted and maintained by\nDebian at [Alioth][] and before that by [Carsten Schill][], the original\nauthor.\n\n\n[smcrouted(8)]: https://man.troglobit.com/man8/smcrouted.8.html\n[smcroutectl(8)]: https://man.troglobit.com/man8/smcroutectl.8.html\n[smcroute.conf(5)]:https://man.troglobit.com/man5/smcroute.conf.5.html\n[Finit]: https://github.com/troglobit/finit\n[mrouted]: https://github.com/troglobit/mrouted\n[pimd]: https://github.com/troglobit/pimd\n[pim6sd]: https://github.com/troglobit/pim6sd\n[mrdisc]: https://github.com/troglobit/mrdisc\n[RFC4286]: https://tools.ietf.org/html/rfc4286\n[Home]: https://github.com/troglobit/smcroute\n[Alioth]: https://alioth.debian.org/projects/smcroute\n[Carsten Schill]: http://www.cschill.de/smcroute/\n[License]: https://en.wikipedia.org/wiki/GPL_license\n[License Badge]: https://img.shields.io/badge/License-GPL%20v2-blue.svg\n[GitHub]: https://github.com/troglobit/smcroute/actions/workflows/build.yml/\n[GitHub Status]: https://github.com/troglobit/smcroute/actions/workflows/build.yml/badge.svg\n[Coverity Scan]: https://scan.coverity.com/projects/3061\n[Coverity Status]: https://scan.coverity.com/projects/3061/badge.svg\n" }, { "path": "autogen.sh", "content": "#!/bin/sh\n\nautoreconf -W portability -visfm\n" }, { "path": "configure.ac", "content": "# -*- Autoconf -*-\n# Process this file with autoconf to produce a configure script.\n\nAC_PREREQ(2.61)\nAC_INIT([SMCRoute], [2.5.7], [https://github.com/troglobit/smcroute/issues],\n\t [smcroute], [https://troglobit.com/smcroute.html])\nAC_CONFIG_AUX_DIR(aux)\nAM_INIT_AUTOMAKE([1.11 foreign])\nAM_SILENT_RULES([yes])\n\nAC_CONFIG_SRCDIR([src/smcrouted.c])\nAC_CONFIG_HEADERS([config.h])\nAC_CONFIG_FILES([Makefile man/Makefile src/Makefile test/Makefile smcroute.service])\n\n# Older versions of autoconf (<2.58) do not have AC_CONFIG_MACRO_DIR()\nm4_include([m4/misc.m4])\nm4_include([m4/mroute.m4])\nAC_CONFIG_MACRO_DIR([m4])\n\n# Checks for programs.\nAC_PROG_CC\nAC_PROG_LN_S\nAC_PROG_INSTALL\n\n# The pidfile() code needs asprintf(), which relies on -D_GNU_SOURCE\nAC_USE_SYSTEM_EXTENSIONS\n\n# Checks for typedefs, structures, and compiler characteristics.\nAC_C_CONST\nAC_C_INLINE\nAC_TYPE_MODE_T\nAC_TYPE_SIZE_T\nAC_TYPE_SSIZE_T\nAC_TYPE_UID_T\nAC_TYPE_UINT8_T\nAC_TYPE_UINT16_T\nAC_TYPE_UINT32_T\n\n# Checks for library functions.\nAC_FUNC_FORK\nAC_FUNC_CHOWN\nAC_FUNC_MALLOC\nAC_CHECK_FUNCS([atexit clock_gettime dup2 memset select setenv socket strchr \\\n\tstrdup strerror strncasecmp strrchr asprintf])\n\n# Check for usually missing API's\nAC_REPLACE_FUNCS([strlcpy strlcat tempfile utimensat])\nAC_CONFIG_LIBOBJ_DIR([lib])\n\n# Check for sun_len in struct sockaddr_un and sin_len in sockaddr_in\n# These are used on *BSD UNIX and don't exist on Linux\nAC_CHECK_SUN_LEN()\nAC_CHECK_SIN_LEN()\n\n# Check user options\nAC_ARG_ENABLE([mrdisc],\n\tAS_HELP_STRING([--enable-mrdisc], [enable IPv4 multicast router discovery]))\nAC_ARG_ENABLE(test,\n [AS_HELP_STRING([--enable-test], [enable tests, requries unshare, tshark, etc.])],\n [ac_enable_test=\"$enableval\"],\n\t[ac_enable_test=\"no\"])\nAC_ARG_ENABLE([ipv6],\n\tAS_HELP_STRING([--disable-ipv6], [disable IPv6 support]))\nAC_ARG_WITH([libcap],\n\tAS_HELP_STRING([--without-libcap], [disable libcap, -p USER:GROUP drop-privs support]),,\n\t[with_libcap=auto])\nAC_ARG_WITH([systemd],\n\t[AS_HELP_STRING([--with-systemd=DIR], [Directory for systemd service files])],,\n\t[with_systemd=auto])\n\n# Checks for header files.\nAC_CHECK_HEADERS([arpa/inet.h fcntl.h glob.h ifaddrs.h limits.h linux/sockios.h \\\n\tnet/if.h netinet/in.h netinet/in_var.h net/route.h paths.h stddef.h \\\n\tsys/capability.h sys/ioctl.h sys/param.h sys/prctl.h sys/socket.h \\\n\tsys/stat.h sys/time.h sys/types.h syslog.h termios.h unistd.h], [], [],[\n\t#ifdef HAVE_SYS_SOCKET_H\n\t# include \n\t#endif\n\t#ifdef HAVE_NET_IF_H\n\t# include \n\t#endif\n\t#ifdef HAVE_NETINET_IN_H\n\t# include \n\t#endif\n])\n\n# Build w/ mrdisc support?\nAS_IF([test \"x$enable_mrdisc\" = \"xyes\"],\n AC_DEFINE([ENABLE_MRDISC], 1, [Enable IPv4 multicast router discovery protocol]),\n enable_mrdisc=no)\nAM_CONDITIONAL([USE_MRDISC], [test \"x$enable_mrdisc\" = \"xyes\"])\n\n# Required to check for libsystemd-dev\nPKG_PROG_PKG_CONFIG\n\n# Check where to install the systemd .service file\nAS_IF([test \"x$PKG_CONFIG\" = \"x\"], [\n\twith_systemd=no\n\tAC_MSG_WARN([Cannot find pkg-config tool, disabling systemd check.])])\n\nwith_libsystemd=no\nAS_IF([test \"x$with_systemd\" = \"xyes\" -o \"x$with_systemd\" = \"xauto\"], [\n\tdef_systemd=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)\n\tAS_IF([test \"x$def_systemd\" = \"x\"], [\n \tAS_IF([test \"x$with_systemd\" = \"xyes\"],[\n\t \t\tAC_MSG_ERROR([systemd support requested but pkg-config unable to query systemd package])])\n\t\twith_systemd=no], [with_systemd=\"$def_systemd\"])])\n\nAS_IF([test \"x$with_systemd\" != \"xno\"], [\n\tPKG_CHECK_MODULES([libsystemd], [libsystemd], [with_libsystemd=yes], [true])\n\tAC_SUBST([systemddir], [$with_systemd])])\nAM_CONDITIONAL([HAVE_SYSTEMD], [test \"x$with_systemd\" != \"xno\"])\n\nAS_IF([test \"x$with_libsystemd\" != \"xno\"], [\n\tAC_DEFINE([HAVE_LIBSYSTEMD], [1], [Define to 1 if you have libsystemd-dev])\n\tAC_SUBST([DAEMON_TYPE], \"notify\")], [\n\tAC_SUBST([DAEMON_TYPE], \"simple\")])\nAM_CONDITIONAL([HAVE_LIBSYSTEMD], [test \"x$with_libsystemd\" != \"xno\"])\n\n# Check if we need -lpthread (building statically) and -lrt (older GLIBC)\n# Unset cached values when retrying with -lpthread and reset LIBS for each API\nneed_librt=no\nneed_pthread=no\nold_LIBS=$LIBS\nAC_SEARCH_LIBS([clock_gettime], [rt], need_librt=yes)\nLIBS=$old_LIBS\nAC_SEARCH_LIBS([timer_create], [rt], need_librt=yes, [\n\tunset ac_cv_search_timer_create\n\tAC_SEARCH_LIBS([timer_create], [rt], need_pthread=yes,,[-lpthread])])\nLIBS=$old_LIBS\nAC_SEARCH_LIBS([timer_settime], [rt], need_librt=yes, [\n\tunset ac_cv_search_timer_settime\n\tAC_SEARCH_LIBS([timer_settime], [rt], need_pthread=yes,,[-lpthread])])\n# Check for libcap to not trigger false positives on FreeBSD et al\nLIBS=$old_LIBS\nAC_SEARCH_LIBS([cap_set_flag], [cap],, ac_cv_header_sys_capability_h=no)\nLIBS=$old_LIBS\n\n# Check for RFC 3678-style struct group_req (Linux, FreeBSD, Solaris, macOS, AIX)\nAC_CHECK_MEMBER([struct group_req.gr_interface],\n\tAC_DEFINE([HAVE_STRUCT_GROUP_REQ], [1], [Define to 1 if you have RFC 3678 struct group_req]),\n\t[], [[#include ]])\n\n# Check for Linux-style extension struct ip_mreqn (Linux, FreeBSD)\nAC_CHECK_MEMBER([struct ip_mreqn.imr_ifindex],\n\tAC_DEFINE([HAVE_STRUCT_IP_MREQN], [1], [Define to 1 if you have a Linux-style struct ip_mreqn]),\n\t[], [[#include ]])\n\n# Check for IPv4 support\nAC_CHECK_MROUTE()\n\n# If IPv6 is enabled we must probe the system some more\nAS_IF([test \"x$enable_ipv6\" != \"xno\"],\n AC_CHECK_MROUTE6())\n\n# Only enable support for dropping root privileges if auto/yes && header exists\nAS_IF([test \"x$with_libcap\" != \"xno\" -a \"x$ac_cv_header_sys_capability_h\" = \"xyes\"], [\n\twith_libcap=yes\n\tAC_DEFINE([ENABLE_LIBCAP], [], [Define to enable support for libcap.])])\nAM_CONDITIONAL(USE_LIBCAP, [test \"x$with_libcap\" != \"xno\" -a \"x$ac_cv_header_sys_capability_h\" = \"xyes\"])\n\nAM_CONDITIONAL([ENABLE_TEST], [test \"x$ac_enable_test\" != \"xno\"])\n\n# Mac OS does not (yet) support SOCK_CLOEXEC\nAC_CACHE_CHECK([for SOCK_CLOEXEC support], [ac_cv_sock_cloexec],\n\t[AC_RUN_IFELSE([AC_LANG_SOURCE([[\n#include \n#include \n\nint main()\n{\n return socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC, 0) == -1;\n}]])],[ac_cv_sock_cloexec=yes],[ac_cv_sock_cloexec=no],[ac_cv_sock_cloexec=no])])\n\nAS_IF([test \"$ac_cv_sock_cloexec\" = \"yes\" ],\n AC_DEFINE([HAVE_SOCK_CLOEXEC], 1, [Define if the SOCK_CLOEXEC flag is supported]))\n\nAS_IF([test \"$need_librt\" != \"no\"], LIB_RT=-lrt)\nAC_SUBST([LIB_RT])\n\nAS_IF([test \"$need_pthread\" != \"no\"], LIB_PTHREAD=-lpthread)\nAC_SUBST([LIB_PTHREAD])\n\n# Expand $sbindir early, into $SBINDIR, for systemd unit file\n# NOTE: This does *not* take prefix/exec_prefix override at \"make\n# install\" into account, unfortunately.\ntest \"x$prefix\" = xNONE && prefix=$ac_default_prefix\ntest \"x$exec_prefix\" = xNONE && exec_prefix='${prefix}'\nSYSCONFDIR=`eval echo $sysconfdir`\nSYSCONFDIR=`eval echo $SYSCONFDIR`\nAC_SUBST(SYSCONFDIR)\nSBINDIR=`eval echo $sbindir`\nSBINDIR=`eval echo $SBINDIR`\nAC_SUBST(SBINDIR)\nDOCDIR=`eval echo $docdir`\nDOCDIR=`eval echo $DOCDIR`\nAC_SUBST(DOCDIR)\n\nAS_IF([test \"x$ac_cv_header_sys_capability_h\" = \"xno\"], [\n\tAS_IF([test \"x$with_libcap\" = \"xyes\"], [\n\t\tdnl configure: error: ...\n\t\tAC_MSG_ERROR(\n\t\t [Cannot find libcap or its headers, install libcap-dev first.]\n\t\t [CentOS/RHEL 6: libcap is broken, recommended to disable it.]\n\t\t [Use --without-libcap to disable this feature.])\n\t])\n\tAS_IF([test \"x$with_libcap\" = \"xauto\"], [\n\t\tdnl configure: WARNING: ...\n\t\tAC_MSG_WARN(\n\t\t [As a safety measure, SMCRoute use libcap to drop root privs]\n\t\t [after startup. Install libcap and headers from libcap-dev,]\n\t\t [or similar, to enable this feature.])\n\t\tAC_MSG_NOTICE([Use --without-libcap to disable this message.])\n\t])\n\twith_libcap=no])\n\n# Workaround for as-of-yet unreleased runstatedir support, planned for\n# autoconf 2.70, which some major distros have backported.\nAS_IF([test -z \"$runstatedir\"], runstatedir=\"$localstatedir/run\")\nAC_SUBST(runstatedir)\n\nAC_OUTPUT\n\n# Expand directories for configuration summary, unexpanded defaults:\n# sysconfdir => ${prefix}/etc\n# runstatedir => ${localstatedir}/run\nSYSCONFDIR=`eval echo $sysconfdir`\nRUNSTATEDIR=`eval echo $runstatedir`\nRUNSTATEDIR=`eval echo $RUNSTATEDIR`\n\ncat <, original author\nReleases: --> 0.92\nURL: http://www.cschill.de/smcroute/\n\nYear: 2006-2011\nReleases: Version 0.93 --> 0.95\nAuthors: Julien BLACHE ,\n Todd Hayton , and\n Micha Lenk \nURL: http://alioth.debian.org/projects/smcroute\n\nYear: 2011-\nReleases: 1.93.0 -->\nAuthors: Joachim Wiberg ,\n Todd Hayton ,\n Micha Lenk , and\n Julien BLACHE \nURL: https://github.com/troglobit/smcroute\n\n" }, { "path": "doc/TODO.md", "content": "\nRefactor MRDISC Support\n-----------------------\n\nThe current MRDISC implementation is fragile (see issue #175 for an\nexample), and it also does not work on non-Linux systems. So the\nimplementation really needs to be refactored, not just for this but also\nfor adding IPv6 support (below).\n\n\nAdd Support for IPv6 MRDISC\n---------------------------\n\n[RFC4286][1] details both IPv4 and IPv6, which should not be problem\nto support in SMCRoute. Anyone with Wireshark and a bit of patience\ncould add it. Your patch is welcome! :)\n\n[1]: https://datatracker.ietf.org/doc/html/rfc4286\n\n\nTests must have uniquely named netns (if any)\n---------------------------------------------\n\nI've had to rename the R1/R2 netns used in test/gre.sh, because it turns\nout these names are shared when we run in the unshare and gre.sh's names\nclashed with multi.sh's. I.e., they were stomping hard on each other's\ntoes and often the gre.sh test completed before multi.sh, thus causing\nthe latter to lose both R1 and R2 and the test failed (of course).\n\nWe may be able to work around this by running each test in its own root\nnetns. Something that could be set up by lib.sh. I have not verified\nthis yet, hence this TODO.\n\n\nAdd support for WRONGVIF, somehow\n---------------------------------\n\nWhen an (S,G) for an already installed kernel MFC route suddenly appears\non another inbound interface, the kernel sends a WRONGVIF upcall message\nto smcrouted. Currently we don't act on it, mostly because there is no\nclear idea how to deal with such cases from a small routing daemon that\nknows nothing of the rest of the layer-3 topology (which may have been\nreconfigured due to link loss by, e.g. OSPF). It can be a valid change\nof inbound interface, or looped back traffic that we don't want.\n\nFor now, users are recommended to install multiast snooping switches on\ntheir outbound interfaces, and/or leverage to `phyint foo ttl-threshold`\nsetting to prevent already routed multicast from being looped back.\n\nOne idea is to delegate the behavior to our external script facility.\n\n\nInvestigate why MIF thresholds don't seem to work on Linux 5.11.0\n------------------------------------------------------------------\n\nHere smcrouted has managed to set the TTL thresholds of three OIFs to\nvalues != 1, but the kernel still lists all of them as `:1`. See test\n`reload6.sh`\n\n Group Origin Iif Pkts Bytes Wrong Oifs\n ff2e:0000:0000:0000:0000:0000:0000:0042 fc00:0000:0000:0000:0000:0000:0000:0001 0 0 0 0 2:1 4:1 5:1\n\n\nPossibly Exit with Error if Multicast Socket is Busy\n----------------------------------------------------\n\nCurrently we only log this state and then continue. Not sure what is\nthe best approach, but everything read from a .conf will fail so not\nmuch point really continuing?\n\n smcroute[2359]: IPv4 multicast routing API already in use: Address in use\n\nProposal: exit with error if either mrouting socket is busy.\n We need to consider this a configuration error.\n\n\nSupport for (re-)enumerating VIFs at runtime\n--------------------------------------------\n\nCurrently the `-t SEC` startup delay option has to be used if not all\ninterfaces are available when `smcrouted` starts. Commonly a problem at\nboot, but also if adding a pluggable interface (PCMCIA/USB) at runtime.\n\nHence, it would be a great addition to SMCRoute if new interface VIF/MIF\nmappings could be at least added at runtime.\n\n\nSupport for filtering based on source ADDRESS/LEN\n-------------------------------------------------\n\nWhen setting up a (*,G/LEN) route it may be necessary to filter out some\nsenders of multicast. The following is a suggestion for how that might\nlook, notice the omitted `source` argument:\n\n mroute from eth0 except 192.168.1.0/24 group 225.1.2.0/24 to eth1 eth2\n\nFiltering multiple sources:\n\n mroute from eth0 except 192.168.1.0/24,192.168.2.3 group 225.1.2.0/24 to eth1 eth2\n\nThis is sometimes also referred to as Administrative Scoping (RFC2365).\n\n\nBasic support for IGMP/MLD proxying\n-----------------------------------\n\nIn some setups a semi-dynamic behavior is required, but the only\nsignaling available is IGMP/MLD. There exist tools like [igmpproxy][]\nand [mcproxy][] for this purpose, which do a great job, but why should\nyou need to go elsewhere for your basic multicast routing needs?\n\nThe idea itself is simple, listen for IGMP/MLD join/leave messages on\nenabled interfaces and add/remove routes dynamically from an `upstream`\nmarked interface.\n\nPossibly an `igmp` flag may be needed as well, for downstream interfaces\nwe should proxy for. Resulting `smcroute.conf` may then look like this:\n\n phyint eth0 upstream\n phyint eth1 igmp\n\n**Note:** the IGMP/MLD signaling may also need to be \"proxied\" to the\n `upstream` interface, although this could be an optional second step\n enabled by also setting the `igmp` flag on that `upstream` interface.\n\nFor more information, see the above mentioned tools and [RFC4605][],\nwhich details exactly this use-case.\n\n\n[igmpproxy]: https://github.com/pali/igmpproxy\n[mcproxy]: https://github.com/mcproxy/mcproxy\n[RFC4605]: https://www.ietf.org/rfc/rfc4605.txt\n" }, { "path": "lib/malloc.c", "content": "#if HAVE_CONFIG_H\n# include \n#endif\n#undef malloc\n\n#include \n\nvoid *malloc ();\n\n/*\n * Allocate an N-byte block of memory from the heap.\n * If N is zero, allocate a 1-byte block.\n */\nvoid *rpl_malloc (size_t n)\n{\n\tif (n == 0)\n\t\tn = 1;\n\n\treturn malloc (n);\n}\n" }, { "path": "lib/strlcat.c", "content": "/*\t$OpenBSD: strlcat.c,v 1.15 2015/03/02 21:41:08 millert Exp $\t*/\n\n/*\n * Copyright (c) 1998, 2015 Todd C. Miller \n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n#include \n#include \n\n/*\n * Appends src to string dst of size dsize (unlike strncat, dsize is the\n * full size of dst, not space left). At most dsize-1 characters\n * will be copied. Always NUL terminates (unless dsize <= strlen(dst)).\n * Returns strlen(src) + MIN(dsize, strlen(initial dst)).\n * If retval >= dsize, truncation occurred.\n */\nsize_t\nstrlcat(char *dst, const char *src, size_t dsize)\n{\n\tconst char *odst = dst;\n\tconst char *osrc = src;\n\tsize_t n = dsize;\n\tsize_t dlen;\n\n\t/* Find the end of dst and adjust bytes left but don't go past end. */\n\twhile (n-- != 0 && *dst != '\\0')\n\t\tdst++;\n\tdlen = dst - odst;\n\tn = dsize - dlen;\n\n\tif (n-- == 0)\n\t\treturn(dlen + strlen(src));\n\twhile (*src != '\\0') {\n\t\tif (n != 0) {\n\t\t\t*dst++ = *src;\n\t\t\tn--;\n\t\t}\n\t\tsrc++;\n\t}\n\t*dst = '\\0';\n\n\treturn(dlen + (src - osrc));\t/* count does not include NUL */\n}\n" }, { "path": "lib/strlcpy.c", "content": "/*\t$OpenBSD: strlcpy.c,v 1.12 2015/01/15 03:54:12 millert Exp $\t*/\n\n/*\n * Copyright (c) 1998, 2015 Todd C. Miller \n *\n * Permission to use, copy, modify, and distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n#include \n#include \n\n/*\n * Copy string src to buffer dst of size dsize. At most dsize-1\n * chars will be copied. Always NUL terminates (unless dsize == 0).\n * Returns strlen(src); if retval >= dsize, truncation occurred.\n */\nsize_t\nstrlcpy(char *dst, const char *src, size_t dsize)\n{\n\tconst char *osrc = src;\n\tsize_t nleft = dsize;\n\n\t/* Copy as many bytes as will fit. */\n\tif (nleft != 0) {\n\t\twhile (--nleft != 0) {\n\t\t\tif ((*dst++ = *src++) == '\\0')\n\t\t\t\tbreak;\n\t\t}\n\t}\n\n\t/* Not enough room in dst, add NUL and traverse rest of src. */\n\tif (nleft == 0) {\n\t\tif (dsize != 0)\n\t\t\t*dst = '\\0';\t\t/* NUL-terminate dst */\n\t\twhile (*src++)\n\t\t\t;\n\t}\n\n\treturn(src - osrc - 1);\t/* count does not include NUL */\n}\n" }, { "path": "lib/tempfile.c", "content": "/* A secure tmpfile() replacement.\n *\n * Copyright (c) 2015-2020 Joachim Wiberg \n *\n * Permission to use, copy, modify, and/or distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n#include \n#include \t\t/* O_TMPFILE requires -D_GNU_SOURCE */\n#include \t\t/* fdopen() */\n#include \t\t/* umask() */\n#include \n\n/**\n * tempfile - A secure tmpfile() replacement\n *\n * This is the secure replacement for tmpfile() that does not exist in\n * GLIBC. The function uses the Linux specific %O_TMPFILE and %O_EXCL\n * for security. When the %FILE is fclose()'ed the file contents is\n * lost. The file is hidden in the %_PATH_TMP directory on the system.\n *\n * This function requires Linux 3.11, or later, due to %O_TMPFILE.\n *\n * Returns:\n * An open %FILE pointer, or %NULL on error.\n */\nFILE *tempfile(void)\n{\n#ifdef O_TMPFILE\t /* Only on Linux, with fairly recent (G)LIBC */\n\tmode_t oldmask;\n\tint fd;\n\n\toldmask = umask(0077);\n\tfd = open(_PATH_TMP, O_TMPFILE | O_RDWR | O_EXCL | O_CLOEXEC, S_IRUSR | S_IWUSR);\n\tumask(oldmask);\n\tif (fd == -1) {\n\t /* Fall back to tmpfile() if O_TMPFILE is not supported */\n\t if (errno == EOPNOTSUPP)\n\t return tmpfile();\n\t \n\t return NULL; \n }\n\n\treturn fdopen(fd, \"w+\");\n#else\n\treturn tmpfile(); /* Fallback on older GLIBC/Linux and actual UNIX systems */\n#endif\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "lib/utimensat.c", "content": "/* Replacement in case utimensat(2) is missing\n *\n * Copyright (C) 2017-2021 Joachim Wiberg \n *\n * Permission to use, copy, modify, and/or distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n#include \"config.h\"\n\n#include \n#ifdef HAVE_FCNTL_H\n#include \n#endif\n#include \n#include \t\t/* lutimes(), utimes(), utimensat() */\n\nint utimensat(int dirfd, const char *pathname, const struct timespec times[2], int flags)\n{\n\tstruct timespec ts[2];\n\tstruct timeval tv[2];\n\tint ret = -1;\n\n\tif (dirfd != 0) {\n\t\terrno = ENOTSUP;\n\t\treturn -1;\n\t}\n\n\tif (!times) {\n\t\tclock_gettime(CLOCK_REALTIME, &ts[0]);\n\t\tts[1] = ts[0];\n\t} else {\n\t\tts[0] = times[0];\n\t\tts[1] = times[1];\n\t}\n\n\tTIMESPEC_TO_TIMEVAL(&tv[0], &ts[0]);\n\tTIMESPEC_TO_TIMEVAL(&tv[1], &ts[1]);\n\n#ifdef AT_SYMLINK_NOFOLLOW\n\tif ((flags & AT_SYMLINK_NOFOLLOW) == AT_SYMLINK_NOFOLLOW)\n\t\tret = lutimes(pathname, tv);\n\telse\n#endif\n\t\tret = utimes(pathname, tv);\n\n\treturn ret;\n}\n\n#ifdef UNITTEST\n#include \n#include \n#include \n\nint main(int argc, char *argv[])\n{\n\tchar *fn;\n\n\tif (argc < 2)\n\t\terrx(1, \"Usage: touch FILENAME\");\n\tfn = argv[1];\n\n\tif (access(fn, F_OK)) {\n\t\tFILE *fp;\n\n\t\tfp = fopen(fn, \"w\");\n\t\tif (!fp)\n\t\t\terr(1, \"Failed creating %s\", fn);\n\t\tfclose(fp);\n\t}\n\tutimensat(0, fn, NULL, 0);\n\n\treturn 0;\n}\n#endif\n/**\n * Local Variables:\n * compile-command: \"gcc -W -Wall -Wextra -I.. -DUNITTEST -o touch utimensat.c\"\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "m4/misc.m4", "content": "# Misc. helper macros\n\nAC_DEFUN([AC_CHECK_SUN_LEN],[\n\tAC_MSG_CHECKING(for sun_len member in struct sockaddr_un)\n\tAC_COMPILE_IFELSE([\n\t\tAC_LANG_PROGRAM([[\n\t\t\t#include \n\t\t]],[[\n\t\t\tstruct sockaddr_un dummy;\n\t\t\tdummy.sun_len = 0;\n\t\t]])],[\n\t\tAC_DEFINE(HAVE_SOCKADDR_UN_SUN_LEN, 1, [Define if the struct sockaddr_un has a member sun_len on your OS])\n\t\tAC_MSG_RESULT(yes)],[\n\t\tAC_MSG_RESULT(no)])\n\t])\n\nAC_DEFUN([AC_CHECK_SIN_LEN],[\n\tAC_MSG_CHECKING(for sin_len member in struct sockaddr_in)\n\tAC_COMPILE_IFELSE([\n\t\tAC_LANG_PROGRAM([[\n\t\t\t#include \n\t\t]],[[\n\t\t\tstruct sockaddr_in dummy;\n\t\t\tdummy.sin_len = 0;\n\t\t]])],[\n\t\tAC_DEFINE(HAVE_SOCKADDR_IN_SIN_LEN, 1, [Define if the struct sockaddr_in has a member sin_len on your OS])\n\t\tAC_MSG_RESULT(yes)],[\n\t\tAC_MSG_RESULT(no)])\n\t])\n" }, { "path": "m4/mroute.m4", "content": "# Macros to probe for multicast headers and IPv4/IPv6 support\n\nAC_DEFUN([AC_CHECK_MROUTE_HEADERS],[\n\tAC_CHECK_HEADERS([linux/mroute.h linux/filter.h], [], [],[\n\t\t#ifdef HAVE_SYS_SOCKET_H\n\t\t# include \n\t\t#endif\n\t\t#ifdef HAVE_NETINET_IN_H\n\t\t# include \n\t\t#endif\n\t\t#define _LINUX_IN_H /* For Linux <= 2.6.25 */\n\t\t#include \n\t])\n\n\tAC_CHECK_HEADERS([netinet/ip_mroute.h], [], [],[\n\t\t#ifdef HAVE_SYS_SOCKET_H\n\t\t# include \n\t\t#endif\n\t\t#ifdef HAVE_SYS_TYPES_H\n\t\t# include \n\t\t#endif\n\t\t#ifdef HAVE_NETINET_IN_H\n\t\t# include \n\t\t#endif\n\t\t#ifdef HAVE_NET_ROUTE_H\n\t\t# include \n\t\t#endif\n\t])\n])\n\nAC_DEFUN([AC_CHECK_MROUTE],[\n\tAC_CHECK_MROUTE_HEADERS()\n])\n\nAC_DEFUN([AC_CHECK_MROUTE6_HEADERS],[\n\tAC_CHECK_HEADERS([linux/mroute6.h], [], [],[\n\t\t#ifdef HAVE_SYS_SOCKET_H\n\t\t# include \n\t\t#endif\n\t\t#ifdef HAVE_NETINET_IN_H\n\t\t# include \n\t\t#endif\n\t])\n\n\tAC_CHECK_HEADERS([netinet6/ip6_mroute.h], [], [],[\n\t\t#ifdef HAVE_NETINET_IN_H\n\t\t# include \n\t\t#endif\n\t\t#ifdef HAVE_SYS_PARAM_H\n\t\t# include \n\t\t#endif\n\t])\n])\n\nAC_DEFUN([AC_CHECK_MROUTE6],[\n\tAC_CHECK_MROUTE6_HEADERS()\n\n\tAC_MSG_CHECKING(for IPv6 multicast host support)\n\tAC_COMPILE_IFELSE([\n\t\tAC_LANG_PROGRAM([[\n\t\t\t#ifdef HAVE_SYS_SOCKET_H\n\t\t\t# include \n\t\t\t#endif\n\t\t\t#ifdef HAVE_NETINET_IN_H\n\t\t\t# include \n\t\t\t#endif\n\t\t]],[[\n\t\t\tstruct ipv6_mreq mreq;\n\t\t]])],[\n\t\tAC_DEFINE(HAVE_IPV6_MULTICAST_HOST, 1, [Define if your OS supports acting as an IPv6 multicast host])\n\t\tAC_MSG_RESULT(yes)],[\n\t\tAC_MSG_RESULT(no)])\n\n\tAC_MSG_CHECKING(for IPv6 multicast routing support)\n\tAC_COMPILE_IFELSE([\n\t\tAC_LANG_PROGRAM([[\n\t\t\t#ifdef HAVE_SYS_SOCKET_H\n\t\t\t# include \n\t\t\t#endif\n\t\t\t#ifdef HAVE_NETINET_IN_H\n\t\t\t# include \n\t\t\t#endif\n\t\t\t#ifdef HAVE_LINUX_MROUTE6_H\n\t\t\t# include \n\t\t\t#endif\n\t\t\t#ifdef HAVE_SYS_PARAM_H\n\t\t\t# include \n\t\t\t#endif\n\t\t\t#ifdef HAVE_NETINET6_IP6_MROUTE_H\n\t\t\t# include \n\t\t\t#endif\n\t\t]],[[\n\t\t\tint dummy = MRT6_INIT;\n\t\t]])],[\n\t\tAC_DEFINE(HAVE_IPV6_MULTICAST_ROUTING, 1, [Define if your OS supports IPv6 multicast routing])\n \t\tAC_MSG_RESULT(yes)\n\t\tenable_ipv6=yes],[\n\t\tAC_MSG_RESULT(no)\n\t\tenable_ipv6=no])\n\n\tAC_MSG_CHECKING(for vifc_rate_limit member in struct mif6ctl)\n\tAC_COMPILE_IFELSE([\n\t\tAC_LANG_PROGRAM([[\n\t\t\t#ifdef HAVE_LINUX_MROUTE6_H\n\t\t\t# include \n\t\t\t#endif\n\t\t\t#ifdef HAVE_NETINET6_IP6_MROUTE_H\n\t\t\t# include \n\t\t\t#endif\n\t\t]],[[\n\t\t\tstruct mif6ctl dummy;\n\t\t\tdummy.vifc_rate_limit = 1;\n\t\t]])],[\n\t\tAC_DEFINE(HAVE_MIF6CTL_VIFC_RATE_LIMIT, 1, [Define if the struct mif6ctl has a member vifc_rate_limit on your OS])\n\t\tAC_MSG_RESULT(yes)],[\n\t\tAC_MSG_RESULT(no)])\n\n\tAC_MSG_CHECKING(for vifc_threshold member in struct mif6ctl)\n\tAC_COMPILE_IFELSE([\n\t\tAC_LANG_PROGRAM([[\n\t\t\t#ifdef HAVE_LINUX_MROUTE6_H\n\t\t\t#include \n\t\t\t#endif\n\t\t\t#ifdef HAVE_NETINET6_IP6_MROUTE_H\n\t\t\t#include \n\t\t\t#endif\n\t\t]],[[\n\t\t\tstruct mif6ctl dummy;\n\t\t\tdummy.vifc_threshold = 1;\n\t\t]])],[\n\t\tAC_DEFINE(HAVE_MIF6CTL_VIFC_THRESHOLD, 1, [Define if the struct mif6ctl has a member vifc_threshold on your OS])\n\t\tAC_MSG_RESULT(yes)],[\n\t\tAC_MSG_RESULT(no)])\n])\n" }, { "path": "man/Makefile.am", "content": "dist_man5_MANS = smcroute.conf.5\ndist_man8_MANS = smcrouted.8 smcroutectl.8\n" }, { "path": "man/smcroute.conf.5", "content": ".\\\" -*- nroff -*-\n.Dd August 15, 2021\n.Dt SMCROUTE.CONF 5\n.Os\n.Sh NAME\n.Nm smcroute.conf\n.Nd smcrouted configuration file format\n.Sh DESCRIPTION\nThe file\n.Nm\nis, strictly speaking, not critical to the operation of\n.Nm smcrouted .\nSome warnings may be logged, and provided the daemon is\n.Sy not\nstarted with\n.Fl N ,\nit enables VIFs for all interfaces it can find and then waits for\ncommands from\n.Xr smcroutectl 8 .\nAs you can tell from that caveat, any non-trivial setup requires an\n.Nm .\n.Pp\nOn most systems the configuration file(s) are available in:\n.Bl -tag -offset indent\n.It Pa /etc/smcroute.conf\nThe traditional location, with all routes, group joins, and interfaces.\n.It Pa /etc/smcroute.d/*.conf\nRecently an\n.Cm include\ndirective was added to\n.Nm ,\nwhich allows for including other files. By convention\n.Pa /etc/smcroute.d/\nhas been selected as the default in the bundled example\n.Nm .\nSee more about the\n.Cm include\ndirective below.\n.El\n.Pp\nIn debug mode,\n.Nm smcrouted\nlogs the success of parsing each line and setting up a route. There is\nalso a basic syntax validator built-in, see\n.Xr smcrouted 8\nfor more information.\n.Sh SYNTAX\nThis section details the syntax of each of the available configuration\nfile directives.\n.Pp\nComments start with\n.Dq #\\&\nand run to the end of line. See the\n.Sx EXAMPLE\nbelow.\n.Bl -tag -offset indent\n.It Cm phyint Ar IFNAME Oo Cm enable | Cm disable Oc Oo Cm mrdisc Oc Oo Cm ttl-threshold Ar TTL Oc\nBy default all interfaces on the system are enabled and possible to\nroute between, provided they have the\n.Cm MULTICAST\ninterface flag set. The\n.Cm phyint\ndirective can be used to selectively enable, or disable, interfaces from\nbeing mapped to virtual interfaces (VIFs), which the multicast routing\nstack actually employs. VIFs are limited, most operating systems only\nhave 32, it is recommended to disable all interfaces by default, with\n.Ql Cm smcrouted Fl N ,\nand enable them one by one using this directive.\n.Pp\n.Cm mrdisc\nis an IPv4 specific feature flag to enable Multicast Router Discovery\nprotocol, RFC4286, announcement. This standard is supported by some\nswitch (and router) manufacturers and may be used instead of having\n.Cm mgroup\nstatements for all possible multicast groups you may want to forward.\n.Pp\n.Cm ttl-threshold\nis a very useful setting to help implement \"TTL scoping\". I.e., the\nminimum TTL level a multicast stream must exceed for the kernel to\nconsider it to be routed. The default value (1) means a TTL of 2 or\nhigher is needed for a frame to be forwarded to the routing stack,\notherwise it is considered link-local. See\n.Xr smcrouted 8\nfor more information on multicast scoping.\n.Pp\n.Sy Note:\nall\n.Cm phyint\ndirectives must be read by\n.Nm smcrouted\nbefore any\n.Cm mgroup\nor\n.Cm mroute\nthat refer to them! Hence, either place all\n.Cm phyint\ndirectives in the main\n.Nm\nor, if\n.Pa /etc/smcroute.d/*.conf\nis used, first in a file named,\n.Pa 00-phyint.conf ,\nor similar.\n.It Cm mgroup from Ar IIF Oo Cm source Ar SOURCE[/LEN] Oc Cm group Ar GROUP[/LEN]\nJoin a multicast group, with optional prefix length, on a given inbound\ninterface (IIF). The source address is optional, but if given a source\nspecific (SSM) join is performed. Every\n.Cm /LEN\nis translated to as many sources and groups as specified. To attempt to\novercome (configured) kernel limitations,\n.Nm smcrouted\nprobes the amount of joins available per socket. When the socket has\nbeen exhausted, another one is opened. At most 2048 sockets are opened.\n.Pp\nThe purpose of joining groups is to use layer-2 signaling to inform\nswitches, and other routers, to open up multicast traffic to your\ninterfaces. Leaving a group is not supported from the configuration\nfile, instead remove the\n.Cm mgroup,\nor trim its arguments,\n.Cm SIGHUP\nor\n.Cm smcroutectl reload\nyour daemon.\n.Pp\n.Sy Note:\nuse of the\n.Cm mgroup\ncommand should be avoided if possible. Instead configure \"router ports\"\nor similar on the switches (bridges) on your LAN. This to have them\ndirect all the multicast to your router, or direct select groups if they\nhave such capabilities. Usually MAC multicast filters exist.\n.It Cm mroute from Ar IIF Oo Cm source Ar SOURCE[/LEN] Oc Cm group Ar GROUP[/LEN] Cm to Ar OIF Op Ar OIF ...\nAdd a multicast route for packets received on network interface\n.Cm IIF ,\noriginating from IP address\n.Cm SOURCE ,\nand sent to the multicast group address\n.Cm GROUP ,\nto the outbound network interface(s)\n.Cm OIF Op Cm OIF ... .\n.Pp\nThe interfaces provided as\n.Cm IIF\nand\n.Cm OIF\ncan be any network interface name available in the system, as long as it\nhas the\n.Cm MULTICAST\nflag set. Furthermore, the kernel usually only forwards traffic if the\ninterface(s) have an IP address. These are limitations posed by the\nkernel, not\n.Nm smcrouted .\n.Pp\nTo add a (*,G) route, either leave SOURCE out completely or set it to\n0.0.0.0, and if you want to specify a range, set GROUP/LEN, e.g.\n225.0.0.0/24.\n.It Cm include Ar PATH\nInclude another\n.Nm\nfile, or set of files. Matching is performed using\n.Xr glob 3 ,\nand matches are sorted alphabetically. By convention, the example\n.Nm\nbundled with\n.Nm smcrouted\nincludes\n.Pa /etc/smcroute.d/*.conf .\n.El\n.Sh EXAMPLE\n.Nm smcrouted\nsupports reading and setting up multicast routes from a config file.\nThe default location is\n.Ar /etc/smcroute.conf ,\nbut this can be overridden using the\n.Fl f Ar FILE\ncommand line option.\n.Pp\nThe\n.Ar IIF\nand\n.Ar OIF\narguments below are interface names, or interface wildcards of the form\n.Ar eth+ ,\nwhich matches\n.Ar eth0 , eth10 ,\netc. Wildcards are available for inbound interfaces.\n.Pp\n.Bd -unfilled -offset indent\n#\n# smcroute.conf example\n#\n# Syntax:\n# phyint IFNAME [mrdisc] [ttl-threshold <1-255>]\n# mgroup from IIF [source ADDR[/LEN]] group GROUP[/LEN]\n# mroute from IIF [source ADDR[/LEN]] group GROUP[/LEN] to OIF [OIF ...]\n# include /path/to/*.conf\n\n# Assuming smcrouted was started with the `-N` flag. Enable interfaces\n# required for inbound and outbound traffic. TTL scoping is enabled on\n# all interfaces, e.g., to use eth0 as n outbound interface (OIF), all\n# multicast frames must have a TTL of 12 or greater when ingressing.\nphyint eth0 enable ttl-threshold 11\nphyint eth1 enable ttl-threshold 3\nphyint eth2 enable ttl-threshold 5\nphyint virbr0 enable ttl-threshold 5\n\n# Instruct the kernel to join the multicast group 225.1.2.3 on interface\n# eth0. Then add an mroute of the same multicast stream, from the host\n# 192.168.1.42 on interface eth0 and forward to eth1 and eth2.\nmgroup from eth0 group 225.1.2.3\nmroute from eth0 source 192.168.1.42 group 225.1.2.3 to eth1 eth2\n\n# Similarly, but using source-specific group join\nmgroup from virbr0 source 192.168.123.110 group 225.1.2.4\nmroute from virbr0 source 192.168.123.110 group 225.1.2.4 to eth0\n\n# Allow multicast for group 225.3.2.1, from ANY source, ingressing on\n# interface eth0 to be forwarded to eth1 and eth2. When the kernel\n# receives a frame from unknown multicast sender, it asks smcrouted who\n# use this \"template\" to match against, if the ingressing interface and\n# group matches, smcrouted installs an (S,G) route in the kernel MFC.\nmgroup from eth0 group 225.3.2.1\nmroute from eth0 group 225.3.2.1 to eth1 eth2\n\n# The previous is an example of the (*,G) support. It is also possible\n# to specify a range of such rules.\nmgroup from eth0 group 225.0.0.0/24\nmroute from eth0 group 225.0.0.0/24 to eth1 eth2\n\n# Include any snippet in /etc/smcroute.d/, but please remember that\n# all phyint statements must be read first.\ninclude /etc/smcroute.d/*.conf\n.Ed\n.Sh CAVEATS\nThe source address is optional for both IPv4 and IPv6 multicast routes,\nthis is called (*,G) routing. When omitted,\n.Nm smcrouted\ndynamically installs (S,G) routes, matching the group and inbound\ninterface, to the kernel when it learns of new inbound multicast. This\nfeature was inherited from\n.Xr mrouted 8 ,\nand may not work as intended in all use-cases. Also, depending on\nkernel and CPU load, account for the setup time to detect and install\nthe route, expect at least one initial frame to be lost when using (*,G)\nrules.\n.Sh FILES\n.Pa /etc/smcroute.conf ,\n.Pa /etc/smcroute.d/*.conf\n.Sh SEE ALSO\n.Xr smcrouted 8 ,\n.Xr smcroute.conf 5\n.Sh AUTHORS\n.An -nosplit\nSMCRoute was originally created by\n.An Carsten Schill Aq Mt carsten@cschill.de .\nInitial IPv6 support by\n.An Todd Hayton Aq Mt todd.hayton@gmail.com .\nInitial FreeBSD support by\n.An Micha Lenk Aq Mt micha@debian.org .\n.Pp\nSMCRoute is currently maintained by\n.An Joachim Wiberg Aq Mt troglobit@gmail.com ,\nand\n.An Micha Lenk Aq Mt micha@debian.org\nat\n.Lk https://github.com/troglobit/smcroute \"GitHub\" .\n" }, { "path": "man/smcroutectl.8", "content": ".\\\" -*- nroff -*-\n.Dd November 28, 2021\n.Dt SMCROUTECTL 8 SMM\n.Os\n.Sh NAME\n.Nm smcroutectl\n.Nd Control and status tool for\n.Xr smcrouted 8\n.Sh SYNOPSIS\n.Nm smcroutectl\n.Op Fl bdptv\n.Op Fl i Ar NAME\n.Op Fl u Ar FILE\n.Op Ar COMMAND\n.Pp\n.Nm smcroutectl\n.Ao help | flush | kill | reload | version Ac\n.Nm smcroutectl\n.Ao show Ac\n.Op groups | routes\n.Nm smcroutectl\n.Ao add \\ | \\ \\ rem Ac IIF Oo SOURCE Oc Ar GROUP[/LEN] OIF Op OIF ...\n.Nm smcroutectl\n.Ao join | leave Ac IIF Oo SOURCE Oc Ar GROUP[/LEN]\n.Sh DESCRIPTION\n.Nm\nis the control tool for\n.Xr smcrouted 8 .\nIt can be used to query status, debug, modify the kernel multicast\nforwarding cache (MFC), manage group interface memberships, reload\n.Nm smcroute.conf ,\nand kill a running\n.Nm smcrouted .\n.Sh OPTIONS\nThe following\n.Nm\noptions are available:\n.Bl -tag -width Ds\n.It Fl b\nBatch mode, read commands from stdin.\n.Bd -unfilled -offset indent\n$ sudo smcroutectl -b <<-EOF\n\tjoin eth0 225.1.2.3\n\tadd eth0 192.168.1.42 225.1.2.3 eth1 eth2\n\trem eth1 225.3.4.5 eth3\n\tleave eth1 225.3.4.5\n\tEOF\n.Ed\n.It Fl d\nEnable detailed output in show commands.\n.It Fl i Ar NAME\nConnect to an\n.Nm smcrouted\ninstance that runs with another identity,\n.Ar NAME .\n.Pp\nThis option is required for both\n.Nm smcrouted\nand\n.Nm smcroutectl\nwhen running multiple\n.Nm smcrouted\ninstances, e.g., when using multiple routing tables, on Linux.\n.It Fl p\nUse plain table headings in\n.Cm show\ncommand output. No ANSI control characters are used, not even for\nprobing screen width.\n.It Fl t\nSkip table headings entirely in\n.Cm show\ncommand output.\n.It Fl u Ar FILE\nUNIX domain socket path, used for the IPC between\n.Nm smcrouted\nand\n.Nm .\nUse this to override the default socket path, otherwise derived from the\nidentity,\n.Fl i Ar NAME .\nThis option can be useful when overriding the identity is not\nsufficient, e.g. for testing. The default depends on how\n.Nm\nis configured at build time, see\n.Sx FILES .\n.El\n.Sh OPERATION\nThe\n.Ar IIF\nand\n.Ar OIF\narguments in the below\n.Nm smcroutectl\ncommands are the interface names, or interface wildcards of the form\n.Ar eth+ ,\nwhich matches\n.Ar eth0 , eth10 ,\netc. Wildcards are available for both inbound and outbound interfaces.\n.Pp\nA multicast route is defined by an input interface\n.Ar IIF ,\nthe sender's unicast IP address\n.Ar SOURCE ,\nwhich is optional, the multicast group\n.Ar GROUP\nand a list of, at least one, output interface\n.Ar OIF [OIF ...] .\n.Pp\nPlease refer to\n.Xr smcrouted 8 \nfor more details on the operation and how ASM/SSM multicast works.\n.Sh COMMANDS\nCommands can be abbreviated to the minimum unambiguous prefix; for\nexample,\n.Cm s g\nfor\n.Cm show groups .\nThe following commands are available:\n.Bl -tag -width Ds\n.It Nm add Ar IIF [SOURCE[/LEN]] GROUP[/LEN] OIF [OIF ...]\nAdd a new multicast route the the kernel MFC, or modify the outbound\ninterfaces (OIF) an existing route.\n.Pp\nThe arguments are, in order:\n.Ar IIF\nthe inbound interface,\n.Ar SOURCE\noriginating IP address (may need to be reachable in the unicast routing\ntable to be allowed by the kernel reverse-path check),\n.Ar GROUP\nthe multicast group address, and\n.Ar OIF Oo Ar OIF ... Oc\nthe outbound network interface(s).\n.Pp\nThe interfaces provided as\n.Ar IIF\nand\n.Ar OIF\ncan be any multicast capable network interface as listed by\n.Ql Cm ifconfig\nor\n.Ql Cm ip link list ,\nincluding tunnel interfaces and loopback. Provided\n.Nm smcrouted\nhas \"enumerated\" them. See\n.Xr smcrouted 8 ,\nin particular the command line option\n.Fl N ,\nand the\n.Xr smcroute.conf 5\n.Ql Cm phyint\ndirective.\n.Pp\nTo add a (*,G) route, either omit the\n.Ar SOURCE\nargument completely, or set it to\n.Ar 0.0.0.0\nfor IPv4, and if you want to specify a range of groups, use\nthe\n.Ql GROUP/LEN\nmodifier, e.g.\n.Ql 225.0.0.0/24 .\n.It Nm remove Ar IIF [SOURCE[/LEN]] GROUP[/LEN] [OIF [OIF ...]]\nRemove or modify the outbound interfaces of a multicast route in the\nkernel MFC.\n.Pp\nWhen no\n.Ar OIF\nargument is given, this command removes the entire route. With\none or more\n.Ar OIF\narguments, each outbound interface listed is removed. Skipping\nany unmatched or invalid interface names. When no more outbound\ninterfaces exist, the route will have been transformed into a\n\"stop filter\". To remove the route entirely, the command must\nbe given with no\n.Ar OIF\narguments.\n.It Nm flush\nFlush dynamic (*,G) multicast routes now. Similar to how\n.Fl c Ar SEC\nworks in\n.Nm smcrouted ,\nthis command initiates an immediate flush of all dynamically installed\n(*,G) multicast routes. Useful when a topology change has been detected\nand need to be propagated to\n.Nm smcrouted.\n.It Nm join Ar IIF [SOURCE[/LEN]] GROUP[/LEN]\nJoin a multicast group, with an optional prefix length, on the given\n(inbound) interface. The source address is optional, but if given a\nsource specific (SSM) join is performed. Note, joining groups is only\never necessary on the inbound interface, never on the outbound. Unless,\ntwo-way routing the same group.\n.Pp\nNote, as mentioned in\n.Xr smcrouted 8 ,\njoining a group to open up traffic in layer-2 network switches is only a\nworkaround to direct multicast towards SMCRoute. When routing lots of\ntraffic it is advised to avoid this mechanism. Instead, use multicast\nrouter ports, or similar settings on the switches, or if they support\nmulticast router discovery (MRDISC), see RFC4286.\n.It Nm leave Ar IIF [SOURCE[/LEN]] GROUP[/LEN]\nLeave a multicast group, with optional prefix length, on a given\n(inbound) interface. As with the join command, above, the source\naddress is optional, but if the group was subscribed to with source it\nmust be unsubscribed with source as well.\n.It Nm help [cmd]\nPrint a usage information message.\n.It Nm kill\nTell a running\n.Nm smcrouted\nto exit gracefully, same as\n.Ar SIGTERM .\n.It Nm reload\nTell\n.Nm smcrouted\nto reload its configuration and activate the changes. Same as\n.Ar SIGHUP .\nNote, any routes or groups added or removed with\n.Nm smcroutectl\nwill be lost. Only the configuration set in the file\n.Pa smcroute.conf\nis activated.\n.It Nm show [groups|routes]\nShow joined multicast groups or multicast routes, defaults to show\nroutes. Can be combined with the\n.Fl d\noption to get details for each multicast route.\n.It Nm version\nShow program version and support information.\n.El\n.Sh SEE ALSO\n.Xr smcrouted 8 ,\n.Xr smcroute.conf 5\n.Sh AUTHORS\n.An -nosplit\nSMCRoute was originally created by\n.An Carsten Schill Aq Mt carsten@cschill.de .\nInitial IPv6 support by\n.An Todd Hayton Aq Mt todd.hayton@gmail.com .\nInitial FreeBSD support by\n.An Micha Lenk Aq Mt micha@debian.org .\n.Pp\nSMCRoute is currently maintained by\n.An Joachim Wiberg Aq Mt troglobit@gmail.com ,\nand\n.An Micha Lenk Aq Mt micha@debian.org\nat\n.Lk https://github.com/troglobit/smcroute \"GitHub\" .\n" }, { "path": "man/smcrouted.8", "content": ".\\\" -*- nroff -*-\n.Dd November 28, 2021\n.Dt SMCROUTED 8 SMM\n.Os\n.Sh NAME\n.Nm smcrouted\n.Nd SMCRoute, a static multicast router\n.Sh SYNOPSIS\n.Nm smcrouted\n.Op Fl nNhsv\n.Op Fl c Ar SEC\n.Op Fl d Ar SEC\n.Op Fl e Ar CMD\n.Op Fl f Ar FILE\n.Op Fl F Ar FILE\n.Op Fl i Ar NAME\n.Op Fl l Ar LVL\n.Op Fl m Ar SEC\n.Op Fl p Ar USER:GROUP\n.Op Fl P Ar FILE\n.Op Fl t Ar ID\n.Op Fl u Ar FILE\n.Sh DESCRIPTION\n.Nm\nis a static multicast routing daemon providing fine grained control over\nthe multicast forwarding cache (MFC) in the UNIX kernel. Both IPv4 and\nIPv6 are fully supported.\n.Pp\n.Nm\ncan be used as an alternative to dynamic multicast daemons like\n.Xr mrouted 8 ,\n.Xr pimd 8\nor\n.Xr pim6sd 8\nin situations where static multicast routes should be maintained and/or\nno proper IGMP or MLD signaling exists.\n.Pp\nMulticast routes exist in the UNIX kernel only as long as a multicast\nrouting daemon is running. On Linux, multiple multicast routers can run\nsimultaneously using different multicast routing tables. To run\n.Nm\nand,\n.Nm mrouted\nat the same time, set the former to use a routing table other than the\ndefault (0).\n.Pp\n.Nm\nmodifies the kernel routing table and needs either full\n.Ar superuser rights ,\nor\n.Cm CAP_NET_ADMIN\non Linux. This also applies to the friendly control tool\n.Xr smcroutectl 8 .\n.Ss Warning\nBe careful when creating multicast routes. You can easily flood your\nnetworks by inadvertently creating routing loops. Either direct loops\nlisting an inbound interface also as an outbound, or indirect loops by\ngoing through other routers.\n.Sh OPTIONS\nThe following command line options are available:\n.Bl -tag -width Ds\n.It Fl c Ar SEC\nFlush unused dynamic (*,G) multicast routes every\n.Ar SEC\nseconds.\n.Pp\nThis option is intended for systems with topology changes, i.e., when\ninbound multicast may change both interface and source IP address.\nE.g. in a setup with at least two VRRP routers. If there is no way of\ndetecting such a topology change this option makes sure to periodically\nflush all dynamically learned multicast routes so that traffic may\nresume. Flushing of a specific route only occurs if it was unused\nduring the last flush interval, i.e. there was no traffic matching it.\nThis avoids toggling between different inbound interfaces if traffic\narrives on several interfaces simultaneously. In this case, the first\nselected inbound interface is retained until traffic on it ceases.\n.Pp\nDefault is 60 sec, set to 0 to disable. See also the\n.Cm smcroutectl flush\ncommand, which can be called manually on topology changes.\n.It Fl d Ar SEC\nDaemon startup delay. Delays the probe of interfaces and parsing of the\nconfiguration file. Note, the PID file is also not created, since the\ndaemon is not ready yet.\n.Pp\nThis command line option, although useful in some use-cases, is fragile.\nIt is almost always better to rely on an init or process supervisor that\nhandles dependencies properly, like\n.Xr finit 8 ,\nwhich can wait for interfaces to come up and files to be created before\nstarting a service.\n.It Fl e Ar CMD\nSpecify external script or command to be called when\n.Nm\nhas loaded/reloaded all static multicast routes from the configuration\nfile, or when a source-less (ANY) rule has been installed.\n.It Fl f Ar FILE\nAlternate configuration file, default\n.Pa /etc/smcroute.conf\n.It Fl F Ar FILE\nCheck configuration file syntax, use\n.Fl l Ar LEVEL\nto increase verbosity. Returns non-zero on error.\n.It Fl h\nShow summary of command line options and exit.\n.It Fl i Ar NAME\nSet daemon identity. Used to create unique PID, IPC socket, and\nconfiguration file names, as well as set the syslog identity. E.g.,\n.Fl I Ar foo\nwould make\n.Nm\nlook for\n.Cm /etc/foo.conf ,\nwrite its PID to\n.Cm /var/run/foo.pid\nand create an IPC socket for\n.Nm smcroutectl\nin\n.Cm /var/run/foo.sock .\n.Pp\nFor\n.Nm smcroutectl\nthe same option can be used to select the proper\n.Nm\ninstance to send IPC to.\n.Pp\nThis option is required for both daemon and client when running multiple\n.Nm\ninstances, using multiple routing tables, on Linux.\n.It Fl l Ar LEVEL\nSet log level: none, err, notice, info, debug. Default is notice.\n.It Fl m Ar SEC\nModify Multicast Router Discovery (mrdisc) announcement interval.\nDefault 20 sec. This option is only available when\n.Nm\nis built with mrdisc support (Linux, and IPv4, only). RFC4286.\n.It Fl n\nRun daemon in foreground, do not detach from controlling terminal\n.It Fl N\nBy default\n.Nm\nenables multicast routing on all available, and multicast capable,\ninterfaces in the system. These interfaces are enumerated as VIFs,\nvirtual interfaces, of which most UNIX systems have a very limited\namount, usually 32. This daemon option inverts the behavior so no\ninterfaces are enabled by default. Useful on systems with many\ninterfaces, where multicast routing only makes use of a few.\n.Pp\nThe config file setting\n.Ar phyint IFNAME enable\nis required to enable the required interfaces.\n.It Fl p Ar USER Op :GROUP\nDrop root privileges to USER:GROUP after start and retain CAP_NET_ADMIN\ncapabilities only. The :GROUP is optional. This option is only\navailable when\n.Nm\nis built with libcap support.\n.It Fl P Ar FILE\nSet PID file name, and optionally full path, in case you need to\noverride the default identity, or the identity set with\n.Fl i Ar NAME .\nRegardless, setting this option overrides all others, but it is\nrecommended to use the ident option instead.\n.It Fl s\nLet daemon log to syslog, default unless running in foreground.\n.It Fl t Ar ID\nSet multicast routing table ID. Remember to also create routing rules\ndirecting packets to the table. This example uses routing table ID 123:\n.Bd -unfilled -offset left\nip mrule add iif eth0 lookup 123\nip mrule add oif eth0 lookup 123\n.Ed\n.Pp\n.Nm Note:\nOnly available on Linux.\n.It Fl u Ar FILE\nUNIX domain socket path, used for the IPC between\n.Nm\nand\n.Nm smcroutectl .\nUse this to override the default socket path, derived from the daemon\nidentity,\n.Fl i Ar NAME .\nThis option can be useful when overriding the identity is not\nsufficient, e.g. for testing. The default depends on how\n.Nm\nis configured at build time, see\n.Sx FILES .\n.It Fl v\nShow program version and support information.\n.El\n.Pp\nThe\n.Fl e Ar CMD\noption is useful if you want to trigger other processes to start when\n.Nm\nhas completed installing dynamic multicast routes from (*,G) rules in\n.Pa /etc/smcroute.conf ,\nor when a source-less (ANY) route, a.k.a (*,G) multicast rule, from\n.Pa /etc/smcroute.conf .\nis matched and installed. For instance, calling\n.Ar conntrack\non Linux to flush firewall connection tracking when NAT:ing multicast.\n.Pp\nThe script\n.Ar CMD\nis called with an argument\n.Ar reload\nor\n.Ar install\nto let the script know if it is called on SIGHUP/startup, or when a\n(*,G) rule is matched and installed. In the latter case\n.Nm\nalso sets two environment variables:\n.Nm source ,\nand\n.Nm group .\nBeware that these environment variables are unconditionally overwritten by\n.Nm\nand can thus not be used to pass information to the script from outside of\n.Nm .\n.Sh OPERATION\n.Ss Introduction\nWhen\n.Nm\nstarts up it scans for available network interfaces that have the\n.Cm MULTICAST\nflag set. Provided the\n.Fl N\nflag is not set, each interface is enumerated as a virtual interface\n(VIF) which is what the kernel's multicast routing stack uses. The\nenumeration process on some operating systems also require each\ninterface to have an IP address, but Linux and FreeBSD systems only\nrequire the ifindex and the MULTICAST flag. If the interface does not\nyet exist when\n.Nm\nstarts, the\n.Fl d Ar SEC\nflag can be used to delay startup. Otherwise\n.Nm\nneeds to be reloaded (e.g., using SIGHUP) when a new interface has been\nadded to the system.\n.Pp\nSince VIFs are a limited resource, most operating systems only support\n32 in total, the administrator may need to declare which interfaces to\nuse for multicast routing using the\n.Pa /etc/smcroute.conf\n.Cm phyint\ndirective. It is recommended to always start\n.Nm\nwith the\n.Fl N\nflag, disabling VIF creation by default, and then selectively enable\neach of the interfaces you are going to route between. See\n.Xr smcroute.conf 5\nfor more information.\n.Ss Multicast Scoping\nBecause multicast inherently is broadcast there is an obvious need to\nlimit. On a LAN this is usually managed automatically by bridges\n(switches) with built-in multicast snooping (IGMP and MLD). Between\nLANs there is also the need to scope multicast, often the same multicast\ngroups are used for different purposes on different LANs. This must be\nmanaged by administrators, at least three options exist:\n.Bl -tag -offset indent\n.It Cm TTL scoping\nThe traditional way of \"raising walls\" between zones. The outbound\ninterfaces of routers are given a TTL threshold greater than the hop it\nrepresents. The default TTL threshold is 1. Managing the routers is a\nlot easier than adjusting the TTL value of each multicast sender. The\nonly real downside to this is that it scales poorly with the number of\nrouters and it affects all multicast traversing the router's interfaces.\n.It Cm Administrative scoping (RFC2365)\nThis is one of the current best practices, defining boundaries for sets\nof multicast groups instead of limiting all multicast (as TTL scoping\ndoes). In the case of\n.Nm\nthis is left to the administrator to manage. See\n.Xr mrouted 8 ,\nand\n.Xr mrouted.conf 5 ,\nfor more details.\n.It Cm Filtering\nSome sort of filtering mechanism, e.g., firewall (Linux netfilter) or\nlow-level filter (Linux tc or eBPF) that may even have some hardware\noffloading support (TCAM). The firewall is likely the most common since\nit is also often used to set up SNAT or 1:1 NAT (Linux netmap).\n.El\n.Ss Multicast Routes\n.Pp\nA multicast route is defined by an input interface\n.Ar IFNAME ,\nthe sender's unicast IP address\n.Ar SOURCE ,\nwhich is optional, the multicast group\n.Ar GROUP\nand a list of, at least one, output interface\n.Ar IFNAME [IFNAME ...] .\n.Pp\n.Bd -unfilled -offset indent\nmroute from eth0 group 225.1.2.3 to eth1 eth2\nmroute from eth0 source 1.2.3.4 group 225.3.2.1 to eth1 eth2\n\nmroute from eth0 group ff2e::42 to eth1 eth2\nmroute from eth0 source 2001:3::1 group ff2e::43 to eth1 eth2\n.Ed\n.Pp\nThe sender address and multicast group must both be either IPv4 or IPv6\naddresses.\n.Pp\nThe output interfaces are not needed when removing routes using the\n.Cm smcroutectl remove\ncommand. The first three parameters are sufficient to identify the\nsource of the multicast route.\n.Pp\nThe intended purpose of\n.Nm\nis to aid in situations where dynamic multicast routing does not work\nproperly. However, a dynamic multicast routing protocol is in nearly\nall cases the preferred solution. The reason for this is their ability\nto translate Layer-3 signaling to Layer-2 and vice versa (IGMP or MLD).\n.Pp\n.Sy Note:\nthe optional source address multicast routes are not installed in the\nkernel multicast forwarding cache (MFC) by\n.Nm .\nInstead, it dynamically installs new routes to the kernel MFC, matching\nthe group and inbound interface, when the kernel notifies\n.Nm\nusing \"upcalls\" called\n.Cm NOCACHE\nmessages. This feature was grafted onto\n.Nm\nfrom\n.Xr mrouted 8 ,\nand may not work as intended in all use-cases.\n.Pp\n.Ss Multicast Groups\n.Nm\nis capable of simple group join and leave by sending commands to the kernel.\nThe kernel then handles sending Layer-2 IGMP/MLD join and leave frames as needed.\nThis can be used for testing but is also useful sometimes to open up\nmulticast from the sender if located on a LAN with switches equipped\nwith IGMP/MLD Snooping. Such devices will prevent forwarding of\nmulticast unless an IGMP/MLD capable router or multicast client is\nlocated on the same physical port as you run\n.Nm\non. However, this feature of\n.Nm\nis only intended as a workaround. Some platforms impose a limit on the\nmaximum number of groups that can be joined, some of these systems can\nbe tuned to increase this limit. For bigger installations it is\nstrongly recommended to instead address the root cause, e.g. enable\nmulticast router ports on intermediate switches, either statically or by\nenabling the multicast router discovery feature of\n.Nm .\n.Pp\nTo emulate a multicast client using\n.Nm\nyou use the\n.Nm join\nand\n.Nm leave\ncommands to issue join and leave commands for a given multicast group\non a given interface\n.Ar IFNAME .\nThe\n.Ar GROUP\nmay be given in an IPv4 or IPv6 address format.\n.Pp\nThe command is passed to the daemon that passes it to the kernel. The\nkernel then tries to join the multicast group\n.Ar GROUP\non interface\n.Ar IFNAME\nby starting IGMP, or MLD for IPv6 group address, signaling on the given\ninterface. This signaling may be received by routers/switches connected\non that network supporting IGMP/MLD multicast signaling and, in turn,\nstart forwarding the requested multicast stream eventually reach your\ndesired interface.\n.Pp\n.Ss Multiple Daemon Instances\nWhen running multiple\n.Nm\ninstances, using the\n.Fl t Ar ID\ncommand line flag, one per routing table on Linux, it is required to use\nthe\n.Fl i Ar NAME\noption to both daemon and client. This because the name of the IPC\nsocket used for communicating is composed from the identity.\n.Sh DEBUGGING\nThe most common problem when attempting to route multicast is the TTL.\nAlways start by verifying that the TTL of your multicast stream is not\nset to 1, because the router decrements the TTL of an IP frame before\nrouting it. Test your setup using\n.Xr ping 8\nor\n.Xr iperf 1 .\nEither of which is capable of creating multicast traffic with an\nadjustable TTL. Iperf in particular is useful since it can act both as\na multicast source (sender) and a multicast sink (receiver). For more\nadvanced IP multicast testing the\n.Xr mcjoin 1\ntool can be used.\n.Pp\n.Ss Note\nA lot of extra information is sent under the daemon facility and the\ndebug priority to the syslog daemon. Use\n.Ql smcrouted -s -l debug\nto enable.\n.Sh SIGNALS\nFor convenience in sending signals,\n.Nm\nwrites its process ID to\n.Pa /var/run/smcroute.pid\nupon startup, unless the\n.Fl p Ar FILE\nor\n.Fl i Ar NAME\noptions are used to change the identity or file name used. The\nfollowing signals are supported:\n.Pp\n.Bl -tag -width TERM -compact\n.It Cm HUP\nTell\n.Nm\nto reload its configuration file and activate the changes.\n.It Cm INT\nTerminates execution gracefully.\n.It Cm TERM\nThe same as INT.\n.El\n.Sh FILES\n.Bl -tag -width /proc/net/ip6_mr_cache -compact\n.It Pa /etc/smcroute.conf\nOptional configuration file for\n.Nm .\nDefined interfaces to use, groups to join, and routes to set when\nstarting, or reloading\n.Nm\non\n.Ar SIGHUP .\nLike the PID file, the name of the configuration file may be different\ndepending on command line options given to the daemon. Most notably,\n.Fl I Ar IDENT\ndefines the full suite of files used by the\n.Nm\ndaemon. See\n.Xr smcroute.conf 5\nfor details.\n.It Pa /etc/smcroute.d/*.conf\nOptional configuration directory, path defined by convention only, actual\nconfiguration directory, or file(s) to include, defined by\n.Pa /etc/smcroute.conf .\nSee\n.Xr smcroute.conf 5\nfor details.\n.It Pa /var/run/smcroute.pid\nDefault PID file (re)created by\n.Nm\nwhen it has started up and is ready to receive commands. See also the\n.Fl i Ar NAME\nor\n.Fl P Ar FILE\noptions which can change the default name.\n.It Pa /var/run/smcroute.sock\nIPC socket created by\n.Nm\nfor use by\n.Nm smcroutectl .\nSame caveats apply to this file as the previous two, command line\noptions\n.Fl i Ar NAME\nand\n.Fl S Ar FILE\nto the daemon can be used to change the socket file name.\n.It Pa /proc/net/ip_mr_cache\nLinux specific, holds active IPv4 multicast routes.\n.It Pa /proc/net/ip_mr_vif\nLinux specific, holds the IPv4 virtual interfaces used by the active multicast routing daemon.\n.It Pa /proc/net/ip6_mr_cache\nLinux specific, holds active IPv6 multicast routes.\n.It Pa /proc/net/ip6_mr_vif\nLinux specific, holds the IPv6 virtual interfaces used by the active multicast routing daemon.\n.It Pa /proc/net/igmp\nLinux specific, holds active IGMP ASM (*,G) joins.\n.It Pa /proc/net/igmp6\nLinux specific, holds active MLD ASM (*,G) joins.\n.It Pa /proc/net/mcfilter\nLinux specific, holds active IGMP SSM (S,G) joins.\n.It Pa /proc/net/mcfilter6\nLinux specific, holds active MLD SSM (S,G) joins.\n.It Pa /proc/sys/net/ipv4/igmp_max_memberships\nLinux specific tuning of max IGMP ASM (*,G) per socket, default 20.\n.It Pa /proc/sys/net/ipv4/igmp_max_msf\nLinux specific tuning of max IGMP SSM (S,G) per socket, default 10.\n.El\n.Pp\nBSD systems may consult the\n.Xr netstat 1\ntool for stats on virtual multicast interface tables and multicast\nforwarding caches, and VIF/MIF allocation, as well as the\n.Xr ifmcstat 8\ntool for querying group membership.\n.Xr \n.Sh EXIT STATUS\n.Nm\nleverages BSD\n.Pa sysexits.h\nexit codes (64-78), which process supervisors like\n.Xr systemd 1\nand\n.Xr finit 8\nunderstands. The following table details what codes are used for and\nhow to interpret them.\n.Bl -column \"Status\" \"Symbolic Name\" \"Description\" -offset indent\n.It Sy Status Ta Sy Symbolic Name Ta Sy Description\n.It 0 Ta EX_OK Ta Success\n.It 64 Ta EX_USAGE Ta Invalid command line option, or missing argument\n.It 69 Ta EX_UNAVAILABLE Ta Multicast routing socket (or table) already in use\n.It 79 Ta EX_SOFTWARE Ta Internal error, bug in\n.Nm\n.It 71 Ta EX_OSERR Ta Failed\n.Fn fork ,\n.Fn daemon ,\n.Fn getifaddrs ,\n.Fn malloc ,\netc.\n.It 76 Ta EX_PROTOCOL Ta Kernel does not seem to support multicast routing\n.It 77 Ta EX_NOPERM Ta Not enough permissions to run\n.It 78 Ta EX_CONFIG Ta Parse error in configuration file\n.El\n.Sh SEE ALSO\n.Xr smcroute.conf 5 ,\n.Xr smcroutectl 8 ,\n.Xr mrouted 8 ,\n.Xr pimd 8 ,\n.Xr pim6sd 8 ,\n.Xr ping 8 ,\n.Xr mcjoin 1 ,\n.Xr iperf 1\n.Sh AUTHORS\n.An -nosplit\nSMCRoute was originally created by\n.An Carsten Schill Aq Mt carsten@cschill.de .\nInitial IPv6 support by\n.An Todd Hayton Aq Mt todd.hayton@gmail.com .\nInitial FreeBSD support by\n.An Micha Lenk Aq Mt micha@debian.org .\n.Pp\nSMCRoute is currently maintained by\n.An Joachim Wiberg Aq Mt troglobit@gmail.com ,\nand\n.An Micha Lenk Aq Mt micha@debian.org\nat\n.Lk https://github.com/troglobit/smcroute \"GitHub\" .\n" }, { "path": "smcroute", "content": "#!/bin/sh\n# Compatibility wrapper for users with old startup scripts\n# Written by Joachim Wiberg, placed in the public domain\n\nOP=$1\nshift\n\ncase \"$OP\" in\n -d)\n\tsmcrouted $*\n\t;;\n -h)\n\techo \"Usage: smcroute [OPTIONS] [ARGS]\"\n\techo\n\techo \" -d Start daemon\"\n\techo \" -k Kill a running daemon\"\n\techo\n\techo \" -h This help text\"\n\techo \" -v Show version\"\n\techo\n\techo \" -a ARGS Add a multicast route\"\n\techo \" -r ARGS Remove a multicast route\"\n\techo\n\techo \" -j ARGS Join a multicast group\"\n\techo \" -l ARGS Leave a multicast group\"\n\techo\n\techo \" <------------- INBOUND --------------> <----- OUTBOUND ------>\"\n\techo \" -a [ ...]\"\n\techo \" -r \"\n\techo\n\techo \" -j \"\n\techo \" -l \"\n\techo\n\techo \"NOTE: This is a compatibility wrapper script for SMCRoute. Intended for\"\n\techo \" use with old style startup scripts. It is recommended to migrate\"\n\techo \" to /etc/smcroute.conf, see the smcroute(8) man page for help.\"\n\treturn 0\n\t;;\n -k)\n\tsmcroutectl kill\n\t;;\n -v)\n\tsmcroutectl version\n\t;;\n -a)\n\tsmcroutectl add $*\n\t;;\n -r)\n\tsmcroutectl remove $*\n\t;;\n -j)\n\tsmcroutectl join $*\n\t;;\n *)\n\techo \"Unknown command or option to the SMCRoute compatiblity wrapper script.\"\n\techo \"See the smcroute(8) man page for help on available commands.\"\n\treturn 1\n\t;;\nesac\n" }, { "path": "smcroute.conf", "content": "#\n# smcroute.conf example\n#\n# The configuration file supports joining multicast groups, to use\n# Layer-2 signaling so that switches and routers open up multicast\n# traffic to your interfaces. Leave is not supported, remove the\n# mgroup and SIGHUP your daemon, or send a specific leave command.\n#\n# NOTE: Use of the mgroup command should be avoided if possible.\n# Instead configure \"router ports\" or similar on the switches\n# or bridges on your LAN. This to have them direct all the\n# multicast to your router, or select groups if they have\n# such capabilities. Usually MAC multicast filters exist.\n#\n# Some switch manufacturers support mrdisc, RFC4286, which\n# SMCRoute can use to advertise itself on source interfaces.\n# If availble, use that instead of mgroup.\n#\n# Similarly supported is setting mroutes. Removing mroutes is not\n# supported, remove/comment out the mroute from the .conf file, or\n# send a remove command with smcroutectl.\n#\n# Syntax:\n# phyint IFNAME [mrdisc] [ttl-threshold <1-255>]\n# mgroup from IIF [source ADDR[/LEN]] group GROUP[/LEN]\n# mroute from IIF [source ADDR[/LEN]] group GROUP[/LEN] to OIF [OIF ...]\n# include /path/to/*.conf\n\n# This example assumes smcrouted was started with the `-N` flag.\n# Only enable interfaces required for inbound and outbound traffic.\nphyint eth0 enable ttl-threshold 11\nphyint eth1 enable ttl-threshold 3\nphyint eth2 enable ttl-threshold 5\nphyint virbr0 enable ttl-threshold 5\n\n# Instruct the kernel to join the multicast group 225.1.2.3 on interface\n# eth0. Then add an mroute of the same multicast stream, from the host\n# 192.168.1.42 on interface eth0 and forward to eth1 and eth2.\nmgroup from eth0 group 225.1.2.3\nmroute from eth0 source 192.168.1.42 group 225.1.2.3 to eth1 eth2\n\n# Similar example, but using source-specific group join\nmgroup from virbr0 source 192.168.123.110 group 225.1.2.4\nmroute from virbr0 source 192.168.123.110 group 225.1.2.4 to eth0\n\n# Allow multicast for group 225.3.2.1, from ANY source, ingressing on\n# interface eth0 to be forwarded to eth1 and eth2. When the kernel\n# receives a frame from unknown multicast sender, it asks smcrouted who\n# use this \"template\" to match against, if the ingressing interface and\n# group matches, smcrouted installs an (S,G) route in the kernel MFC.\nmgroup from eth0 group 225.3.2.1\nmroute from eth0 group 225.3.2.1 to eth1 eth2\n\n# The previous is an example of the (*,G) support. It is also possible\n# to specify a range of such rules.\nmgroup from eth0 group 225.0.0.0/24\nmroute from eth0 group 225.0.0.0/24 to eth1 eth2\n\n# Include any snippet in /etc/smcroute.d/, but please remember that\n# all phyint statements must be read first.\ninclude /etc/smcroute.d/*.conf\n" }, { "path": "smcroute.default", "content": "SMCROUTED_OPTS=-l debug\n" }, { "path": "smcroute.init", "content": "#!/bin/sh\n#\n### BEGIN INIT INFO\n# Provides: smcroute\n# Required-Start: $syslog $local_fs $network $remote_fs\n# Required-Stop: $syslog $local_fs $network $remote_fs\n# Should-Start: \n# Should-Stop: \n# Default-Start: 2 3 4 5\n# Default-Stop: 0 1 6\n# Short-Description: Static multicast router daemon\n# Description: SMCRoute is a daemon and command line tool to manipulate\n# the multicast routing table of a UNIX kernel. It can be\n# used as an alternative to dynamic multicast routers like\n# pimd or mrouted in situations where static routes should\n# be maintained and/or no proper IGMP signaling exists.\n### END INIT INFO\n\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\nDAEMON=/usr/sbin/smcrouted\nDAEMONCTL=/usr/sbin/smcroutectl\nDAEMON_OPTS=\nNAME=smcrouted\nDESC=\"static multicast router daemon\"\n\ntest -x $DAEMON || exit 0\n\n# Include smcroute defaults if available\nif [ -f /etc/default/smcroute ] ; then\n\t. /etc/default/smcroute\nfi\n\n. /lib/lsb/init-functions\n\nstart() {\n\tlocal error\n\tlocal result\n\tlog_begin_msg \"Starting $DESC: $NAME\"\n\terror=$(start-stop-daemon --start --quiet \\\n\t\t--exec $DAEMON -- $DAEMON_OPTS 2>&1)\n\tresult=$?\n\tif [ \"$result\" = \"0\" -a -x /etc/smcroute/startup.sh ]; then\n\t\t/etc/smcroute/startup.sh\n\telse\n\t\tlog_progress_msg ${error#ERRO: }\n\tfi\n\tlog_end_msg $result\n}\n\nstop() {\n\tlocal error\n\tlocal result\n\tlog_begin_msg \"Stopping $DESC: $NAME\"\n\terror=$($DAEMONCTL kill 2>&1)\n\tresult=$?\n\tlog_progress_msg ${error#ERRO: }\n\tlog_end_msg $result\n}\n\ncase \"$1\" in\n start)\n\tstart\n\t;;\n stop)\n\tstop\n\t;;\n restart|force-reload)\n\t#\n\t# If the \"reload\" option is implemented, move the \"force-reload\"\n\t# option to the \"reload\" entry above. If not, \"force-reload\" is\n\t# just the same as \"restart\".\n\t#\n\tstop\n\tstart\n\t;;\n status)\n\tstatus_of_proc \"$DAEMON\" \"$DESC\" && exit 0 || exit $?\n\t;;\n *)\n\tN=/etc/init.d/$NAME\n\techo \"Usage: $N {start|stop|restart|force-reload}\" >&2\n\texit 1\n\t;;\nesac\n\nexit 0\n" }, { "path": "smcroute.service.in", "content": "[Unit]\nDescription=Static multicast routing daemon\nDocumentation=man:smcrouted\nDocumentation=man:smcroute.conf\nDocumentation=man:smcroutectl\nDocumentation=file:@DOCDIR@/README.md\n# ConditionPathExists=@SYSCONFDIR@/smcroute.conf\nAfter=network-online.target\nRequires=network-online.target\n\n[Service]\nType=@DAEMON_TYPE@\nEnvironmentFile=-@SYSCONFDIR@/default/smcroute\nExecStart=@SBINDIR@/smcrouted -n -s $SMCROUTED_OPTS $SMCROUTED_ARGS\nExecReload=@SBINDIR@/smcroutectl reload\nNotifyAccess=main\n\n# Hardening settings\nNoNewPrivileges=true\nProtectControlGroups=true\nProtectSystem=full\nProtectHome=true\n\n[Install]\nWantedBy=multi-user.target\n" }, { "path": "src/Makefile.am", "content": "AUTOMAKE_OPTIONS = subdir-objects\n\nsbin_PROGRAMS\t = smcrouted smcroutectl\nsmcrouted_SOURCES = smcrouted.c conf.c conf.h mroute.c mroute.h iface.c \\\n\t\t iface.h inet.c inet.h ipc.c ipc.h kern.c kern.h\t \\\n\t\t log.c log.h mcgroup.c mcgroup.h msg.c msg.h\t \\\n\t\t notify.c notify.h pidfile.c queue.h script.c\t \\\n\t\t script.h socket.c socket.h timer.c timer.h util.h\n\nsmcrouted_CFLAGS = -W -Wall -Wextra -Wno-deprecated-declarations -std=gnu99\nsmcrouted_CPPFLAGS = -D_ATFILE_SOURCE -D_INCOMPLETE_XOPEN_C063\nsmcrouted_CPPFLAGS += -DSYSCONFDIR=\\\"@sysconfdir@\\\" -DRUNSTATEDIR=\\\"@runstatedir@\\\"\nsmcrouted_LDADD\t = $(LIBS) $(LIBOBJS) @LIB_RT@ @LIB_PTHREAD@\n\nif USE_LIBCAP\nsmcrouted_SOURCES += cap.c cap.h\nsmcrouted_LDADD\t += -lcap\nendif\n\nif HAVE_LIBSYSTEMD\nsmcrouted_SOURCES += systemd.c\nsmcrouted_CFLAGS += $(libsystemd_CFLAGS)\nsmcrouted_LDADD\t += $(libsystemd_LIBS)\nendif\n\nif USE_MRDISC\nsmcrouted_SOURCES += mrdisc.c mrdisc.h\nendif\n\nsmcroutectl_SOURCES = smcroutectl.c msg.h util.h\nsmcroutectl_CFLAGS = -W -Wall -Wextra -std=gnu99\nsmcroutectl_CPPFLAGS = -DRUNSTATEDIR=\\\"@runstatedir@\\\"\nsmcroutectl_LDADD = $(LIBS) $(LIBOBJS)\n" }, { "path": "src/cap.c", "content": "/* Daemon capability API\n *\n * Copyright (C) 2016 Markus Palonen \n * Copyright (C) 2016-2020 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n#include \"config.h\"\n\n#include \n#include \n#include \n#include \n#include \n#include \n#ifdef HAVE_SYS_PRCTL_H\n# include \n#endif\n#include \n#include \n#include \n\n#include \"log.h\"\n\nstatic const char *username = NULL;\n\n\nstatic int whoami(const char *user, const char *group, uid_t *uid, gid_t *gid)\n{\n\tstruct passwd *pw;\n\tstruct group *gr;\n\n\tif (!user)\n\t\treturn -1;\n\n\t/* Get target UID and target GID */\n\tpw = getpwnam(user);\n\tif (!pw) {\n\t\tsmclog(LOG_ERR, \"User '%s' not found!\", user);\n\t\treturn -1;\n\t}\n\n\t*uid = pw->pw_uid;\n\t*gid = pw->pw_gid;\n\tif (group) {\n\t\tgr = getgrnam(group);\n\t\tif (!gr) {\n\t\t\tsmclog(LOG_ERR, \"Group '%s' not found!\", group);\n\t\t\treturn -1;\n\t\t}\n\t\t*gid = gr->gr_gid;\n\t}\n\n\t/* Valid user */\n\tusername = user;\n\n\treturn 0;\n}\n\nstatic int setcaps(cap_value_t cv)\n{\n\tint result;\n\tcap_t caps = cap_get_proc();\n\tcap_value_t cap_list = cv;\n\n\tcap_clear(caps);\n\n\tcap_set_flag(caps, CAP_PERMITTED, 1, &cap_list, CAP_SET);\n\tcap_set_flag(caps, CAP_EFFECTIVE, 1, &cap_list, CAP_SET);\n\tresult = cap_set_proc(caps);\n\n\tcap_free(caps);\n\n\treturn result;\n}\n\n/*\n * Drop root privileges except capability CAP_NET_ADMIN. This capability\n * enables the thread (among other networking related things) to add and\n * remove multicast routes\n */\nstatic int drop_root(const char *user, uid_t uid, gid_t gid)\n{\n#ifdef HAVE_SYS_PRCTL_H\n\t/* Allow this process to preserve permitted capabilities */\n\tif (prctl(PR_SET_KEEPCAPS, 1) == -1) {\n\t\tsmclog(LOG_ERR, \"Cannot preserve capabilities: %s\", strerror(errno));\n\t\treturn -1;\n\t}\n#endif\n\t/* Set supplementary groups, GID and UID */\n\tif (initgroups(user, gid) == -1) {\n\t\tsmclog(LOG_ERR, \"Failed setting supplementary groups: %s\", strerror(errno));\n\t\treturn -1;\n\t}\n\n\tif (setgid(gid) == -1) {\n\t\tsmclog(LOG_ERR, \"Failed setting group ID %d: %s\", gid, strerror(errno));\n\t\treturn -1;\n\t}\n\n\tif (setuid(uid) == -1) {\n\t\tsmclog(LOG_ERR, \"Failed setting user ID %d: %s\", uid, strerror(errno));\n\t\treturn -1;\n\t}\n\n\t/* Clear all capabilities except CAP_NET_ADMIN */\n\tif (setcaps(CAP_NET_ADMIN)) {\n\t\tsmclog(LOG_ERR, \"Failed setting `CAP_NET_ADMIN`: %s\", strerror(errno));\n\t\treturn -1;\n\t}\n\n\t/* Try to regain root UID, should not work at this point. */\n\tif (setuid(0) == 0)\n\t\treturn -1;\n\n\treturn 0;\n}\n\nvoid cap_drop_root(uid_t uid, gid_t gid)\n{\n\tif (username) {\n\t\tif (drop_root(username, uid, gid) == -1)\n\t\t\tsmclog(LOG_WARNING, \"Could not drop root privileges, continuing as root.\");\n\t\telse\n\t\t\tsmclog(LOG_INFO, \"Root privileges dropped: Current UID %u, GID %u.\", getuid(), getgid());\n\t}\n}\n\nvoid cap_set_user(char *arg, uid_t *uid, gid_t *gid)\n{\n\tchar *ptr;\n\tchar *user;\n\tchar *group;\n\n\tptr = strdup(arg);\n\tif (!ptr)\n\t\terr(1, \"Failed parsing user:group argument\");\n\n\tuser = strtok(ptr, \":\");\n\tgroup = strtok(NULL, \":\");\n\n\tif (whoami(user, group, uid, gid))\n\t\terr(1, \"Invalid user:group argument\");\n\n\tfree(ptr);\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/cap.h", "content": "/* Daemon capability API */\n#ifndef SMCROUTE_CAP_H_\n#define SMCROUTE_CAP_H_\n\n#include \"config.h\"\n\n#ifdef ENABLE_LIBCAP\nvoid cap_drop_root (uid_t uid, gid_t gid);\nvoid cap_set_user (char *arg, uid_t *uid, gid_t *gid);\n#else\n#define cap_drop_root(uid, gid)\n#define cap_set_user(arg, uid, gid) warnx(\"Drop privs support not available.\")\n#endif\n\n#endif /* SMCROUTE_CAP_H_ */\n" }, { "path": "src/conf.c", "content": "/* Simple .conf file parser for smcroute\n *\n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * Permission to use, copy, modify, and/or distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n\n#include \"log.h\"\n#include \"conf.h\"\n#include \"iface.h\"\n#include \"script.h\"\n#include \"mcgroup.h\"\n#include \"util.h\"\n\n#define MAX_LINE_LEN 512\n\n#define DEBUG(fmt, args...) do {\t\t\t\t\t\\\n\tif (conf)\t\t\t\t\t\t\t\\\n\t\tsmclog(LOG_DEBUG, \"%s line %d: \" fmt, conf->file,\t\\\n\t\t conf->lineno, ##args);\t\t\t\t\\\n\telse\t\t\t\t\t\t\t\t\\\n\t\tsmclog(LOG_DEBUG, \"ipc: \" fmt, ##args);\t\t\t\\\n\t} while (0)\n#define INFO(fmt, args...) do {\t\t\t\t\t\t\\\n\tif (conf)\t\t\t\t\t\t\t\\\n\t\tsmclog(LOG_INFO, \"%s line %d: \" fmt, conf->file,\t\\\n\t\t\tconf->lineno, ##args);\t\t\t\t\\\n\telse\t\t\t\t\t\t\t\t\\\n\t\tsmclog(LOG_INFO, \"ipc: \" fmt, ##args);\t\t\t\\\n\t} while (0)\n\n#define WARN(fmt, args...) do {\t\t\t\t\t\t\\\n\tif (conf)\t\t\t\t\t\t\t\\\n\t\tsmclog(LOG_WARNING, \"%s line %d: \" fmt, conf->file,\t\\\n\t\t conf->lineno, ##args);\t\t\t\t\\\n\telse\t\t\t\t\t\t\t\t\\\n\t\tsmclog(LOG_WARNING, \"ipc: \" fmt, ##args);\t\t\\\n\tif (conf_vrfy)\t\t\t\t\t\t\t\\\n\t\trc++;\t\t\t\t\t\t\t\\\n\t} while (0)\n\n/* Used only for verifying .conf files */\nstatic int conf_vrfy_vif;\n\nstatic char *pop_token(char **line)\n{\n\tchar *end, *token;\n\n\tif (!line)\n\t\treturn NULL;\n\n\ttoken = *line;\n\tif (!token)\n\t\treturn NULL;\n\n\t/* Find start of token, skip whitespace. */\n\twhile (*token && isspace((int)*token))\n\t\ttoken++;\n\n\t/* Find end of token. */\n\tend = token;\n\twhile (*end && !isspace((int)*end))\n\t\tend++;\n\tif (end == token) {\n\t\t*line = NULL;\n\t\treturn NULL;\n\t}\n\n\t*end = 0;\t\t/* Terminate token. */\n\t*line = end + 1;\n\n\treturn token;\n}\n\nstatic int match(char *keyword, char *token)\n{\n\tsize_t len;\n\n\tif (!keyword || !token)\n\t\treturn 0;\n\n\tlen = strlen(keyword);\n\treturn !strncmp(keyword, token, len);\n}\n\nint conf_mgroup(struct conf *conf, int cmd, char *iif, char *source, char *group)\n{\n\tinet_addr_t src = { 0 }, grp = { 0 };\n\tint src_len = 0;\n\tint grp_len = 0;\n\tint len_max;\n\tint family;\n\tint rc = 0;\n\n\tif (!iif || !group) {\n\t\terrno = EINVAL;\n\t\treturn 1;\n\t}\n\n\tgrp_len = is_range(group);\n\tif (inet_str2addr(group, &grp) || !is_multicast(&grp)) {\n\t\tWARN(\"join: Invalid multicast group: %s\", group);\n\t\tgoto done;\n\t}\n\tfamily = grp.ss_family;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (family == AF_INET6)\n\t\tlen_max = 128;\n\telse\n#endif\n\tlen_max = 32;\n\tif (grp_len < 0 || grp_len > len_max) {\n\t\tWARN(\"join: Invalid group prefix length (0-%d): %d\", len_max, grp_len);\n\t\tgoto done;\n\t}\n\tif (!grp_len)\n\t\tgrp_len = len_max;\n\n\tif (source) {\n\t\tsrc_len = is_range(source);\n\t\tif (src_len < 0 || src_len > len_max) {\n\t\t\tWARN(\"join: Invalid source prefix length (0-%d): %d\", len_max, src_len);\n\t\t\tgoto done;\n\t\t}\n\n\t\tif (inet_str2addr(source, &src)) {\n\t\t\tWARN(\"join: Invalid multicast source: %s\", source);\n\t\t\tgoto done;\n\t\t}\n\t} else\n\t\tinet_anyaddr(family, &src);\n\tif (!src_len)\n\t\tsrc_len = len_max;\n\n\tif (!conf_vrfy)\n\t\trc = mcgroup_action(cmd, iif, &src, src_len, &grp, grp_len);\ndone:\n\treturn rc;\n}\n\nint conf_mroute(struct conf *conf, int cmd, char *iif, char *source, char *group, char *oif[], int num)\n{\n\tstruct ifmatch state_in, state_out;\n\tstruct mroute mroute = { 0 };\n\tstruct iface *iface_in, *iface;\n\tint len_max;\n\tint family;\n\tint rc = 0;\n\tint vif;\n\n\tif (!iif || !group) {\n\t\terrno = EINVAL;\n\t\treturn 1;\n\t}\n\n\tmroute.len = is_range(group);\n\tif (inet_str2addr(group, &mroute.group) || !is_multicast(&mroute.group)) {\n\t\tWARN(\"mroute: Invalid multicast group: %s\", group);\n\t\tgoto done;\n\t}\n\tfamily = mroute.group.ss_family;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (family == AF_INET6)\n\t\tlen_max = 128;\n\telse\n#endif\n\t\tlen_max = 32;\n\tif (mroute.len < 0 || mroute.len > len_max) {\n\t\tWARN(\"mroute: Invalid multicast group prefix length, %d\", mroute.len);\n\t\tgoto done;\n\t}\n\tif (!mroute.len)\n\t\tmroute.len = len_max;\n\n\tif (source) {\n\t\tmroute.src_len = is_range(source);\n\t\tif (mroute.src_len < 0 || mroute.src_len > len_max) {\n\t\t\tWARN(\"mroute: invalid prefix length: %d\", mroute.src_len);\n\t\t\tgoto done;\n\t\t}\n\n\t\tif (inet_str2addr(source, &mroute.source)) {\n\t\t\tWARN(\"mroute: Invalid source address: %s\", source);\n\t\t\tgoto done;\n\t\t}\n\t} else {\n\t\tinet_anyaddr(family, &mroute.source);\n\t\tmroute.src_len = 0;\n\t}\n\tif (!mroute.src_len)\n\t\tmroute.src_len = len_max;\n\n\tiface_match_init(&state_in);\n\tDEBUG(\"mroute: checking for input iface %s ...\", iif);\n\twhile (iface_match_vif_by_name(iif, &state_in, &iface_in) != NO_VIF) {\n\t\tchar src[INET_ADDRSTR_LEN], grp[INET_ADDRSTR_LEN];\n\n\t\tvif = iface_get_vif(family, iface_in);\n\t\tDEBUG(\"mroute: input iface %s has vif %d\", iif, vif);\n\t\tmroute.inbound = vif;\n\n\t\tfor (int i = 0; i < num; i++) {\n\t\t\tiface_match_init(&state_out);\n\n\t\t\tDEBUG(\"mroute: checking for %s ...\", oif[i]);\n\t\t\twhile (iface_match_vif_by_name(oif[i], &state_out, &iface) != NO_VIF) {\n\t\t\t\tvif = iface_get_vif(family, iface);\n\t\t\t\tif (vif == NO_VIF)\n\t\t\t\t\tcontinue;\n\n\t\t\t\tif (vif == mroute.inbound && cmd) {\n\t\t\t\t\t/* In case of wildcard match in==out is normal, so don't complain */\n\t\t\t\t\tif (!ifname_is_wildcard(iif) && !ifname_is_wildcard(oif[i]))\n\t\t\t\t\t\tINFO(\"mroute: Same outbound interface (%s) as inbound (%s) may cause routing loops.\",\n\t\t\t\t\t\t oif[i], iface_in->ifname);\n\t\t\t\t}\n\n\t\t\t\t/* Use configured TTL threshold for the output phyint */\n\t\t\t\tmroute.ttl[vif] = iface->threshold;\n\t\t\t}\n\t\t\tif (!state_out.match_count)\n\t\t\t\tWARN(\"mroute: outbound %s is not a known phyint, skipping\", oif[i]);\n\t\t}\n\n\t\tif (conf_vrfy)\n\t\t\tcontinue;\n\n\t\tif (cmd) {\n\t\t\tsmclog(LOG_DEBUG, \"mroute: adding route from %s (%s/%u,%s/%u)\", iface_in->ifname,\n\t\t\t inet_addr2str(&mroute.source, src, sizeof(src)), mroute.src_len,\n\t\t\t inet_addr2str(&mroute.group, grp, sizeof(grp)), mroute.len);\n\t\t\tif (mroute_add_route(&mroute))\n\t\t\t\trc = -1;\n\t\t} else {\n\t\t\tsmclog(LOG_DEBUG, \"mroute: deleting route from %s (%s/%u,%s/%u)\", iface_in->ifname,\n\t\t\t inet_addr2str(&mroute.source, src, sizeof(src)), mroute.src_len,\n\t\t\t inet_addr2str(&mroute.group, grp, sizeof(grp)), mroute.len);\n\t\t\tif (mroute_del_route(&mroute))\n\t\t\t\trc = -1;\n\t\t}\n\t}\n\n\tif (!state_in.match_count) {\n\t\tWARN(\"mroute: inbound %s is not a known phyint\", iif);\n\t\trc = -1;\n\t}\n\ndone:\n\treturn rc;\n}\n\nstatic int conf_phyint(struct conf *conf, int enable, char *iif, int mrdisc, int threshold)\n{\n\t(void)conf;\n\n\tif (conf_vrfy) {\n\t\tstruct iface *iface;\n\t\tstruct ifmatch ifm;\n\n\t\tiface_match_init(&ifm);\n\t\tiface = iface_match_by_name(iif, 1, &ifm);\n\t\tif (!iface)\n\t\t\treturn 1;\n\n\t\tiface->vif = conf_vrfy_vif;\n\t\tiface->mif = conf_vrfy_vif++;\n\n\t\treturn 0;\n\t}\n\n\tif (enable)\n\t\treturn mroute_add_vif(iif, mrdisc, threshold);\n\n\treturn mroute_del_vif(iif);\n}\n\n/*\n * This function parses the given configuration file according to the\n * below format rules. Joins multicast groups and creates multicast\n * routes accordingly in the kernel. Whitespace is ignored.\n *\n * Format:\n * phyint IFNAME [ttl-threshold <1-255>]\n * mgroup from IFNAME [source ADDRESS] group MCGROUP\n * mroute from IFNAME source ADDRESS group MCGROUP to IFNAME [IFNAME ...]\n * include FILEPATTERN\n */\nint conf_parse(struct conf *conf, int do_vifs)\n{\n\tchar *linebuf, *line;\n\tint rc = 0;\n\tFILE *fp;\n\n\tfp = fopen(conf->file, \"r\");\n\tif (!fp) {\n\t\tif (errno == ENOENT)\n\t\t\tsmclog(LOG_NOTICE, \"Configuration file %s does not exist\", conf->file);\n\t\telse\n\t\t\tsmclog(LOG_WARNING, \"Failed opening %s: %s\", conf->file, strerror(errno));\n\n\t\tif (!conf_vrfy)\n\t\t\tsmclog(LOG_NOTICE, \"Continuing anyway, waiting for client to connect.\");\n\n\t\treturn 1;\n\t}\n\n\tlinebuf = malloc(MAX_LINE_LEN * sizeof(char));\n\tif (!linebuf) {\n\t\tint tmp = errno;\n\n\t\tfclose(fp);\n\t\terrno = tmp;\n\t\tsmclog(LOG_ERR, \"Failed allocating memory to read .conf file: %s\", strerror(errno));\n\t\texit(EX_OSERR);\n\t}\n\n\tconf->lineno = 0;\nnext:\n\twhile ((line = fgets(linebuf, MAX_LINE_LEN, fp))) {\n\t\tint mrdisc = 0, threshold = DEFAULT_THRESHOLD;\n\t\tint op = 0, num = 0, enable = do_vifs;\n\t\tchar *oif[MAX_MC_VIFS];\n\t\tchar *include = NULL;\n\t\tchar *source = NULL;\n\t\tchar *group = NULL;\n\t\tchar *iif = NULL;\n\t\tchar *ttl = NULL;\n\t\tchar *token;\n\t\tglob_t gl;\n\t\tsize_t i;\n\n\t\t/* Strip any line end character(s) */\n\t\tchomp(line);\n\t\tconf->lineno++;\n\n\t\tDEBUG(\"%s\", line);\n\t\twhile ((token = pop_token(&line))) {\n\t\t\t/* Strip comments. */\n\t\t\tif (match(\"#\", token))\n\t\t\t\tbreak;\n\n\t\t\tif (!op) {\n\t\t\t\tif (match(\"mgroup\", token)) {\n\t\t\t\t\top = MGROUP;\n\t\t\t\t} else if (match(\"ssmgroup\", token)) {\n\t\t\t\t\top = MGROUP; /* Compat */\n\t\t\t\t} else if (match(\"mroute\", token)) {\n\t\t\t\t\top = MROUTE;\n\t\t\t\t} else if (match(\"phyint\", token)) {\n\t\t\t\t\top = PHYINT;\n\t\t\t\t\tiif = pop_token(&line);\n\t\t\t\t\tif (!iif) {\n\t\t\t\t\t\tWARN(\"phyint missing interface pattern\");\n\t\t\t\t\t\tgoto next;\n\t\t\t\t\t}\n\t\t\t\t} else if (match(\"include\", token)) {\n\t\t\t\t\top = INCLUDE;\n\t\t\t\t\tinclude = pop_token(&line);\n\t\t\t\t\tsmclog(LOG_DEBUG, \"Found include --> %s\", include);\n\t\t\t\t\tbreak;\n\t\t\t\t} else {\n\t\t\t\t\tWARN(\"Unknown command %s, skipping.\", token);\n\t\t\t\t\tgoto next;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (match(\"from\", token)) {\n\t\t\t\tiif = pop_token(&line);\n\t\t\t} else if (match(\"source\", token)) {\n\t\t\t\tsource = pop_token(&line);\n\t\t\t} else if (match(\"group\", token)) {\n\t\t\t\tgroup = pop_token(&line);\n\t\t\t} else if (match(\"to\", token)) {\n\t\t\t\twhile ((oif[num] = pop_token(&line)))\n\t\t\t\t\tnum++;\n\t\t\t} else if (match(\"enable\", token)) {\n\t\t\t\tenable = 1;\n\t\t\t} else if (match(\"disable\", token)) {\n\t\t\t\tenable = 0;\n\t\t\t} else if (match(\"mrdisc\", token)) {\n\t\t\t\tmrdisc = 1;\n\t\t\t} else if (match(\"ttl-threshold\", token)) {\n\t\t\t\tttl = pop_token(&line);\n\t\t\t}\n\t\t}\n\n\t\tif (iif && !iface_exist(iif)) {\n\t\t\tswitch (op) {\n\t\t\tcase MGROUP:\n\t\t\t\tWARN(\"mgroup from %s matches no valid phyint, skipping ...\", iif);\n\t\t\t\tbreak;\n\n\t\t\tcase MROUTE:\n\t\t\t\tWARN(\"mroute from %s matches no valid phyint, skipping ...\", iif);\n\t\t\t\tbreak;\n\n\t\t\tdefault:\n\t\t\t\tWARN(\"phyint %s does not exist (yet?) on this system\", iif);\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\tcontinue;\n\t\t}\n\n\t\tif (ttl) {\n\t\t\tint val = atoi(ttl);\n\n\t\t\tif (val < 1 || val > 255)\n\t\t\t\tWARN(\"phyint %s ttl %s out of range (1-255)\", iif ? iif : \"\", ttl);\n\t\t\telse\n\t\t\t\tthreshold = val;\n\t\t}\n\n\t\tswitch (op) {\n\t\tcase EMPTY:\n\t\t\tbreak;\n\n\t\tcase MGROUP:\n\t\t\tif (conf_mgroup(conf, 1, iif, source, group))\n\t\t\t\trc = -1;\n\t\t\tbreak;\n\n\t\tcase MROUTE:\n\t\t\tif (conf_mroute(conf, 1, iif, source, group, oif, num))\n\t\t\t\trc = -1;\n\t\t\tbreak;\n\n\t\tcase PHYINT:\n\t\t\tif (conf_phyint(conf, enable, iif, mrdisc, threshold))\n\t\t\t\trc = -1;\n\t\t\tbreak;\n\n\t\tcase INCLUDE:\n\t\t\tglob(include, 0, NULL, &gl);\n\t\t\tfor (i = 0; i < gl.gl_pathc; i++) {\n\t\t\t\tstruct conf inc = { .file = gl.gl_pathv[i] };\n\n\t\t\t\tsmclog(LOG_DEBUG, \"Glob expansion to %s ...\", gl.gl_pathv[i]);\n\t\t\t\tif (conf_parse(&inc, do_vifs))\n\t\t\t\t\tsmclog(LOG_WARNING, \"Failed reading %s: %s\",\n\t\t\t\t\t gl.gl_pathv[i], strerror(errno));\n\t\t\t}\n\t\t\tglobfree(&gl);\n\t\t\tbreak;\n\n\t\tdefault:\n\t\t\tWARN(\"Unknown token %d\", op);\n\t\t\tbreak;\n\t\t}\n\t}\n\n\tfree(linebuf);\n\tfclose(fp);\n\n\tif (rc) {\n\t\terrno = EOPNOTSUPP;\n\t\treturn 1;\n\t}\n\n\treturn 0;\n}\n\n/* Parse .conf file and setup routes */\nint conf_read(char *file, int do_vifs)\n{\n\tstruct conf conf = { .file = file };\n\n\tif (conf_parse(&conf, do_vifs)) {\n\t\tif (errno == EOPNOTSUPP)\n\t\t\tsmclog(LOG_WARNING, \"Parse error in %s\", file);\n\t\treturn EX_CONFIG;\n\t}\n\n\tif (conf_vrfy)\n\t\treturn EX_OK;\n\n\treturn script_exec(NULL);\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/conf.h", "content": "#ifndef SMCROUTE_CONF_H_\n#define SMCROUTE_CONF_H_\n\n#include \"config.h\"\n\n#define EMPTY 0\n#define MGROUP 1\n#define MROUTE 2\n#define PHYINT 3\n#define INCLUDE 4\n\nstruct conf {\n\tconst char *file;\n\tunsigned int lineno;\n};\n\nextern int conf_vrfy;\n\nint conf_mgroup (struct conf *conf, int cmd, char *iif, char *source, char *group);\nint conf_mroute (struct conf *conf, int cmd, char *iif, char *source, char *group, char *oif[], int num);\nint conf_parse (struct conf *conf, int do_vifs);\n\nint conf_read (char *file, int do_vifs);\n\n#endif /* SMCROUTE_CONF_H_ */\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/iface.c", "content": "/* Physical and virtual interface API\n *\n * Copyright (C) 2001-2005 Carsten Schill \n * Copyright (C) 2006-2009 Julien BLACHE \n * Copyright (C) 2009 Todd Hayton \n * Copyright (C) 2009-2011 Micha Lenk \n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \"queue.h\"\n\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n\n#include \"log.h\"\n#include \"ipc.h\"\n#include \"iface.h\"\n#include \"mcgroup.h\"\n#include \"timer.h\"\n#include \"util.h\"\n\nstatic TAILQ_HEAD(iflist, iface) iface_list = TAILQ_HEAD_INITIALIZER(iface_list);\nextern int do_vifs;\n\n/**\n * iface_update - Check of new interfaces\n */\nvoid iface_update(void)\n{\n\tstruct ifaddrs *ifaddr, *ifa;\n\n\tif (getifaddrs(&ifaddr) == -1) {\n\t\tsmclog(LOG_ERR, \"Failed retrieving interface addresses: %s\", strerror(errno));\n\t\texit(EX_OSERR);\n\t}\n\n\tfor (ifa = ifaddr; ifa; ifa = ifa->ifa_next) {\n\t\tstruct iface *iface;\n\t\tint ifindex;\n\n\t\tifindex = if_nametoindex(ifa->ifa_name);\n\n\t\t/* Check if already added? */\n\t\tiface = iface_find_by_name(ifa->ifa_name);\n\t\tif (iface) {\n\t\t\tsmclog(LOG_DEBUG, \"Found %s, updating ...\", ifa->ifa_name);\n\t\t\tiface->flags = ifa->ifa_flags;\n\n\t\t\tif (ifindex != iface->ifindex || (iface->flags & IFF_MULTICAST) != IFF_MULTICAST) {\n\t\t\t\tmcgroup_prune(ifa->ifa_name);\n\t\t\t\tmroute_del_vif(ifa->ifa_name);\n\t\t\t}\n\n\t\t\tiface->ifindex = ifindex;\n\t\t\tif (!iface->inaddr.s_addr && ifa->ifa_addr && ifa->ifa_addr->sa_family == AF_INET)\n\t\t\t\tiface->inaddr = ((struct sockaddr_in *)ifa->ifa_addr)->sin_addr;\n\n\t\t\tif (do_vifs)\n\t\t\t\tiface->unused = 0;\n\n\t\t\tcontinue;\n\t\t}\n\n\t\tsmclog(LOG_DEBUG, \"Found new interface %s, adding ...\", ifa->ifa_name);\n\t\tiface = calloc(1, sizeof(struct iface));\n\t\tif (!iface) {\n\t\t\tsmclog(LOG_ERR, \"Failed allocating space for interface: %s\", strerror(errno));\n\t\t\texit(EX_OSERR);\n\t\t}\n\n\t\t/*\n\t\t * Only copy interface address if inteface has one. On\n\t\t * Linux we can enumerate VIFs using ifindex, useful for\n\t\t * DHCP interfaces w/o any address yet. Other UNIX\n\t\t * systems will fail on the MRT_ADD_VIF ioctl. if the\n\t\t * kernel cannot find a matching interface.\n\t\t */\n\t\tif (ifa->ifa_addr && ifa->ifa_addr->sa_family == AF_INET)\n\t\t\tiface->inaddr = ((struct sockaddr_in *)ifa->ifa_addr)->sin_addr;\n\t\tiface->flags = ifa->ifa_flags;\n\t\tstrlcpy(iface->ifname, ifa->ifa_name, sizeof(iface->ifname));\n\t\tiface->ifindex = if_nametoindex(iface->ifname);\n\t\tiface->vif = ALL_VIFS;\n\t\tiface->mif = ALL_MIFS;\n\t\tiface->mrdisc = 0;\n\t\tiface->threshold = DEFAULT_THRESHOLD;\n\n\t\tTAILQ_INSERT_TAIL(&iface_list, iface, link);\n\t}\n\n\tfreeifaddrs(ifaddr);\n}\n\n/**\n * iface_init - Probe for interaces at startup\n *\n * Builds up a vector with active system interfaces. Must be called\n * before any other interface functions in this module!\n */\nvoid iface_init(void)\n{\n\tiface_update();\n}\n\n/**\n * iface_exit - Tear down interface list and clean up\n */\nvoid iface_exit(void)\n{\n\tstruct iface *iface, *tmp;\n\n\tTAILQ_FOREACH_SAFE(iface, &iface_list, link, tmp) {\n\t\tTAILQ_REMOVE(&iface_list, iface, link);\n\t\tfree(iface);\n\t}\n}\n\n/**\n * iface_find - Find an interface by ifindex\n * @ifindex: Interface index\n *\n * Returns:\n * Pointer to a @struct iface of the matching interface, or %NULL if no\n * interface exists, or is up. If more than one interface exists, chose\n * the interface that corresponds to a virtual interface.\n */\nstruct iface *iface_find(int ifindex)\n{\n\tstruct iface *iface;\n\n\tTAILQ_FOREACH(iface, &iface_list, link) {\n\t\tif (iface->ifindex == ifindex)\n\t\t\treturn iface;\n\t}\n\n\treturn NULL;\n}\n\n/**\n * iface_find_by_name - Find an interface by name\n * @ifname: Interface name\n *\n * Returns:\n * Pointer to a @struct iface of the matching interface, or %NULL if no\n * interface exists, or is up. If more than one interface exists, chose\n * the interface that corresponds to a virtual interface.\n */\nstruct iface *iface_find_by_name(const char *ifname)\n{\n\tstruct iface *candidate = NULL;\n\tstruct iface *iface;\n#ifdef __linux__\n\tchar *ptr;\n#endif\n\tchar *nm;\n\n\tif (!ifname)\n\t\treturn NULL;\n\n\tnm = strdup(ifname);\n\tif (!nm)\n\t\treturn NULL;\n\n#ifdef __linux__\n\t/* Linux alias interfaces should use the same VIF/MIF as parent */\n\tptr = strchr(nm, ':');\n\tif (ptr)\n\t\t*ptr = 0;\n#endif\n\n\tTAILQ_FOREACH(iface, &iface_list, link) {\n\t\tif (!strcmp(nm, iface->ifname)) {\n\t\t\tif (iface->vif != NO_VIF) {\n\t\t\t\tfree(nm);\n\t\t\t\treturn iface;\n\t\t\t}\n\n\t\t\tcandidate = iface;\n\t\t}\n\t}\n\n\tfree(nm);\n\n\treturn candidate;\n}\n\nstatic struct iface *find_by_vif(vifi_t vif)\n{\n\tstruct iface *iface;\n\n\tTAILQ_FOREACH(iface, &iface_list, link) {\n\t\tif (iface->vif != NO_VIF && iface->vif == vif)\n\t\t\treturn iface;\n\t}\n\n\treturn NULL;\n}\n\nstatic struct iface *find_by_mif(mifi_t mif)\n{\n\tstruct iface *iface;\n\n\tTAILQ_FOREACH(iface, &iface_list, link) {\n\t\tif (iface->mif != NO_VIF && iface->mif == mif)\n\t\t\treturn iface;\n\t}\n\n\treturn NULL;\n}\n\n/**\n * iface_find_by_inbound - Find iface by route's inbound VIF\n * @route: Route's inbound to use\n *\n * Returns:\n * Pointer to a @struct iface of the requested interface, or %NULL if no\n * interface matching @mif exists.\n */\nstruct iface *iface_find_by_inbound(struct mroute *route)\n{\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (route->group.ss_family == AF_INET6)\n\t\treturn find_by_mif(route->inbound);\n#endif\n\n\treturn find_by_vif(route->inbound);\n}\n\n/**\n * iface_match_init - Initialize interface matching iterator\n * @state: Iterator state to be initialized\n */\nvoid iface_match_init(struct ifmatch *state)\n{\n\tstate->iface = TAILQ_FIRST(&iface_list);\n\tstate->match_count = 0;\n}\n\n/**\n * ifname_is_wildcard - Check whether interface name is a wildcard\n *\n * Returns:\n * %TRUE(1) if wildcard, %FALSE(0) if normal interface name\n */\nint ifname_is_wildcard(const char *ifname)\n{\n\treturn (ifname && ifname[0] && ifname[strlen(ifname) - 1] == '+');\n}\n\n/**\n * iface_match_by_name - Find matching interfaces by name pattern\n * @ifname: Interface name pattern\n * @reload: Set while reloading .conf\n * @state: Iterator state\n *\n * Interface name patterns use iptables- syntax, i.e. perform prefix\n * match with a trailing '+' matching anything.\n *\n * Returns:\n * Pointer to a @struct iface of the next matching interface, or %NULL if no\n * (more) interfaces exist (or are up).\n */\nstruct iface *iface_match_by_name(const char *ifname, int reload, struct ifmatch *state)\n{\n\tunsigned int match_len = UINT_MAX;\n\n\tif (!ifname)\n\t\treturn NULL;\n\n\tif (ifname_is_wildcard(ifname))\n\t\tmatch_len = strlen(ifname) - 1;\n\n\twhile (state->iface != TAILQ_END(&iface_list)) {\n\t\tstruct iface *iface = state->iface;\n\n\t\tif (!strncmp(ifname, iface->ifname, match_len)) {\n\t\t\tif (reload || !iface->unused) {\n\t\t\t\tstate->iface = TAILQ_NEXT(iface, link);\n\t\t\t\tstate->match_count++;\n\n\t\t\t\treturn iface;\n\t\t\t}\n\t\t}\n\n\t\tstate->iface = TAILQ_NEXT(iface, link);\n\t}\n\n\treturn NULL;\n}\n\n/**\n * iface_iterator - Interface iterator\n * @first: Set to start from beginning\n *\n * Returns:\n * Pointer to a @struct iface, or %NULL when no more interfaces exist.\n */\nstruct iface *iface_iterator(int first)\n{\n\tstatic struct iface *iface = NULL;\n\n\tif (first)\n\t\tiface = TAILQ_FIRST(&iface_list);\n\telse\n\t\tiface = TAILQ_NEXT(iface, link);\n\n\treturn iface;\n}\n\nstruct iface *iface_outbound_iterator(struct mroute *route, int first)\n{\n\tstruct iface *iface = NULL;\n\tstatic vifi_t i = 0;\n\n\tif (first)\n\t\ti = 0;\n\n\twhile (i < MAX_MC_VIFS) {\n\t\tvifi_t vif = i++;\n\n\t\tif (route->ttl[vif] == 0)\n\t\t\tcontinue;\n\n#ifdef HAVE_IPV6_MULTICAST_ROUTING\n\t\tif (route->group.ss_family == AF_INET6)\n\t\t\tiface = find_by_mif(vif);\n\t\telse\n#endif\n\t\tiface = find_by_vif(vif);\n\t\tif (!iface)\n\t\t\tcontinue;\n\n\t\treturn iface;\n\t}\n\n\treturn NULL;\n}\n\nvifi_t iface_get_vif(int af_family, struct iface *iface)\n{\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (af_family == AF_INET6)\n\t\treturn iface->mif;\n#endif\n\treturn iface->vif;\n}\n\n/**\n * iface_match_vif_by_name - Get matching virtual interface index by interface name pattern (IPv4)\n * @ifname: Interface name pattern\n * @state: Iterator state\n *\n * Returns:\n * The virtual interface index if the interface matches and is registered\n * with the kernel, or -1 if no (more) matching virtual interfaces are found.\n */\nvifi_t iface_match_vif_by_name(const char *ifname, struct ifmatch *state, struct iface **found)\n{\n\tstruct iface *iface;\n\n\twhile ((iface = iface_match_by_name(ifname, 0, state))) {\n\t\tif (iface->vif != NO_VIF) {\n\t\t\tif (found)\n\t\t\t\t*found = iface;\n\n//\t\t\tsmclog(LOG_DEBUG, \" %s has VIF %d\", iface->ifname, iface->vif);\n\t\t\treturn iface->vif;\n\t\t}\n\n//\t\tsmclog(LOG_DEBUG, \" %s has NO VIF\", iface->ifname);\n\t\tstate->match_count--;\n\t}\n\n\treturn NO_VIF;\n}\n\n/**\n * iface_match_mif_by_name - Get matching virtual interface index by interface name pattern (IPv6)\n * @ifname: Interface name pattern\n * @state: Iterator state\n *\n * Returns:\n * The virtual interface index if the interface matches and is registered\n * with the kernel, or -1 if no (more) matching virtual interfaces are found.\n */\nmifi_t iface_match_mif_by_name(const char *ifname, struct ifmatch *state, struct iface **found)\n{\n\tstruct iface *iface;\n\n\twhile ((iface = iface_match_by_name(ifname, 0, state))) {\n\t\tif (iface->mif != NO_VIF) {\n\t\t\tif (found)\n\t\t\t\t*found = iface;\n\n\t\t\tsmclog(LOG_DEBUG, \" %s has MIF %d\", iface->ifname, iface->mif);\n\t\t\treturn iface->mif;\n\t\t}\n\n\t\tstate->match_count--;\n\t}\n\n\treturn NO_VIF;\n}\n\n/* Return all currently known interfaces */\nint iface_show(int sd, int detail)\n{\n\tstruct iface *iface;\n\tchar *p = \"PHYINT\";\n\tchar line[120];\n\tint inw;\n\n\t(void)detail;\n\n\tinw = iface_ifname_maxlen();\n\tif (inw < (int)strlen(p))\n\t\tinw = (int)strlen(p);\n\n\tsnprintf(line, sizeof(line), \" INDEX %-*s VIF MIF=\\n\", inw, p);\n\tipc_send(sd, line, strlen(line));\n\n\tiface = iface_iterator(1);\n\twhile (iface) {\n\t\tchar buf[256];\n\t\tchar vif[6];\n\t\tchar mif[6];\n\n\t\tif (iface->vif < 65535)\n\t\t\tsnprintf(vif, sizeof(vif), \"%d\", iface->vif);\n\t\telse\n\t\t\tsnprintf(vif, sizeof(vif), \"N/A\");\n\n\t\tif (iface->mif < 65535)\n\t\t\tsnprintf(mif, sizeof(mif), \"%d\", iface->mif);\n\t\telse\n\t\t\tsnprintf(mif, sizeof(mif), \"N/A\");\n\n\t\tsnprintf(buf, sizeof(buf), \"%6d %-*s %4s %4s\\n\", iface->ifindex,\n\t\t\t inw, iface->ifname, vif, mif);\n\t\tif (ipc_send(sd, buf, strlen(buf)) < 0) {\n\t\t\tsmclog(LOG_ERR, \"Failed sending reply to client: %s\", strerror(errno));\n\t\t\treturn -1;\n\t\t}\n\n\t\tiface = iface_iterator(0);\n\t}\n\n\treturn 0;\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/iface.h", "content": "/* Physical and virtual interface API */\n#ifndef SMCROUTE_IFACE_H_\n#define SMCROUTE_IFACE_H_\n\n#include \"config.h\"\n\n#include \n#include \t\t\t/* IFNAMSIZ */\n#include \t\t\t/* struct in_addr */\n\n#include \"mroute.h\"\t\t\t/* vifit_t + mifi_t */\n\n#ifndef ALL_MIFS\n#define ALL_MIFS (vifi_t)-1\n#endif\n\n#define DEFAULT_THRESHOLD 1\t\t/* Packet TTL must be at least 1 to pass */\n#define NO_VIF ALL_VIFS\n\nstruct iface {\n\tTAILQ_ENTRY(iface) link;\n\tint unused;\t\t/* set on reload/SIGHUP only */\n\n\tchar ifname[IFNAMSIZ];\n\tstruct in_addr inaddr;\t\t/* == 0 for non IP interfaces */\n\tint ifindex;\t\t/* Physical interface index */\n\tshort flags;\n\tvifi_t vif;\n\tmifi_t mif;\n\tuint8_t mrdisc;\t\t/* Enable multicast router discovery */\n\tuint8_t threshold;\t\t/* TTL threshold: 1-255, default: 1 */\n};\n\nstruct ifmatch {\n\tstruct iface *iface;\n\tsize_t match_count;\n};\n\nvoid iface_init (void);\nvoid iface_exit (void);\nvoid iface_update (void);\n\nstruct iface *iface_iterator (int first);\nstruct iface *iface_outbound_iterator (struct mroute *route, int first);\n\nstruct iface *iface_find (int ifindex);\nstruct iface *iface_find_by_name (const char *ifname);\nstruct iface *iface_find_by_inbound (struct mroute *route);\n\nvoid iface_match_init (struct ifmatch *state);\nstruct iface *iface_match_by_name (const char *ifname, int reload, struct ifmatch *state);\nint ifname_is_wildcard (const char *ifname);\n\nvifi_t iface_get_vif (int af_family, struct iface *iface);\nvifi_t iface_match_vif_by_name (const char *ifname, struct ifmatch *state, struct iface **found);\nmifi_t iface_match_mif_by_name (const char *ifname, struct ifmatch *state, struct iface **found);\n\nint iface_show (int sd, int detail);\n\n/*\n * Check if interface exists, at all, on the system\n */\nstatic inline int iface_exist(char *ifname)\n{\n\tstruct ifmatch ifm;\n\n\tiface_match_init(&ifm);\n\treturn iface_match_by_name(ifname, 1, &ifm) != NULL;\n}\n\nstatic inline int iface_ifname_maxlen(void)\n{\n\tstruct iface *iface;\n\tint maxlen = 0;\n\tint first = 1;\n\n\twhile ((iface = iface_iterator(first))) {\n\t\tfirst = 0;\n\t\tif ((int)strlen(iface->ifname) > maxlen)\n\t\t\tmaxlen = (int)strlen(iface->ifname);\n\t}\n\n\treturn maxlen;\n}\n\n#endif /* SMCROUTE_IFACE_H_ */\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/inet.c", "content": "/* Housekeeping IPv4/IPv6 wrapper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \"inet.h\"\n\nvoid inet_addr_set(inet_addr_t *addr, const struct in_addr *ina)\n{\n\tstruct sockaddr_in *sin = (struct sockaddr_in *)addr;\n\n\tassert(addr && ina);\n\tsin->sin_family = AF_INET;\n#ifdef HAVE_SOCKADDR_IN_SIN_LEN\n\tsin->sin_len = sizeof(struct sockaddr_in);\n#endif\n\tsin->sin_addr = *ina;\n}\n\nstruct in_addr *inet_addr_get(inet_addr_t *addr)\n{\n\tstruct sockaddr_in *sin = (struct sockaddr_in *)addr;\n\n\tassert(addr);\n\tassert(sin->sin_family == AF_INET);\n\n\treturn &sin->sin_addr;\n}\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\nvoid inet_addr6_set(inet_addr_t *addr, const struct in6_addr *ina)\n{\n\tstruct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;\n\n\tassert(addr && ina);\n\tsin6->sin6_family = AF_INET6;\n#ifdef HAVE_SOCKADDR_IN_SIN_LEN\n\tsin6->sin6_len = sizeof(struct sockaddr_in6);\n#endif\n\tsin6->sin6_addr = *ina;\n}\n\nstruct sockaddr_in6 *inet_addr6_get(inet_addr_t *addr)\n{\n\tstruct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;\n\n\tassert(addr);\n\tassert(sin6->sin6_family == AF_INET6);\n\n\treturn sin6;\n}\n#endif /* HAVE_IPV6_MULTICAST_HOST */\n\nvoid inet_anyaddr(sa_family_t family, inet_addr_t *addr)\n{\n\tstruct sockaddr_in *sin = (struct sockaddr_in *)addr;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (family == AF_INET6) {\n\t\tstruct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;\n\n\t\tsin6->sin6_family = AF_INET6;\n#ifdef HAVE_SOCKADDR_IN_SIN_LEN\n\t\tsin6->sin6_len = sizeof(struct sockaddr_in6);\n#endif\n\t\tmemcpy(&sin6->sin6_addr, &in6addr_any, sizeof(in6addr_any));\n\t\treturn;\n\t}\n#endif\n\n\tsin->sin_family = AF_INET;\n#ifdef HAVE_SOCKADDR_IN_SIN_LEN\n\tsin->sin_len = sizeof(struct sockaddr_in);\n#endif\n\tsin->sin_addr.s_addr = htonl(INADDR_ANY);\n}\n\ninet_addr_t inet_netaddr(inet_addr_t *addr, int len)\n{\n\tinet_addr_t net = *addr;\n\tuint32_t bits;\n\tint max_len;\n\n\tassert(addr);\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (addr->ss_family == AF_INET6)\n\t\tmax_len = 128;\n\telse\n#endif\n\t\tmax_len = 32;\n\tassert(len > 0 && len <= max_len);\n\tbits = max_len - len;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (addr->ss_family == AF_INET6) {\n\t\tstruct sockaddr_in6 *sin6 = inet_addr6_get(&net);\n\t\tstruct in6_addr s6 = sin6->sin6_addr;\n\t\tuint32_t pos = 3;\n\n\t\twhile (bits >= 32) {\n\t\t\ts6.s6_addr32[pos--] = 0;\n\t\t\tbits -= 32;\n\t\t}\n\n\t\ts6.s6_addr32[pos] = htonl(ntohl(s6.s6_addr32[pos]) & ((0xffffffffU << bits) & 0xffffffffU));\n\t\tsin6->sin6_addr = s6;\n\t} else\n#endif\n\t{\n\t\tstruct in_addr *ina = inet_addr_get(&net);\n\n\t\tina->s_addr = htonl(ntohl(ina->s_addr) & ((0xffffffffU << bits) & 0xffffffffU));\n\t}\n\n\treturn net;\n}\n\nint inet_addr_cmp(inet_addr_t *a, inet_addr_t *b)\n{\n\tif (!a || !b) {\n\t\terrno = EINVAL;\n\t\treturn 1;\n\t}\n\n\tif (a->ss_family == AF_INET && b->ss_family == AF_INET) {\n\t\tstruct sockaddr_in *sa = (struct sockaddr_in *)a;\n\t\tstruct sockaddr_in *sb = (struct sockaddr_in *)b;\n\n\t\treturn sa->sin_addr.s_addr - sb->sin_addr.s_addr;\n\t}\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (a->ss_family == AF_INET6 && b->ss_family == AF_INET6) {\n\t\tstruct sockaddr_in6 *sa = (struct sockaddr_in6 *)a;\n\t\tstruct sockaddr_in6 *sb = (struct sockaddr_in6 *)b;\n\n\t\treturn memcmp(sa, sb, sizeof(*sa));\n\t}\n#endif\n\n\terrno = EAFNOSUPPORT;\n\treturn 1;\n}\n\nconst char *inet_addr2str(inet_addr_t *addr, char *str, size_t len)\n{\n\tstruct sockaddr_in *sin = (struct sockaddr_in *)addr;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (addr->ss_family == AF_INET6) {\n\t\tstruct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;\n\t\treturn inet_ntop(AF_INET6, &sin6->sin6_addr, str, len);\n\t}\n#endif\n\n\treturn inet_ntop(AF_INET, &sin->sin_addr, str, len);\n}\n\nint inet_str2addr(const char *str, inet_addr_t *addr)\n{\n\tstruct sockaddr_in *sin = (struct sockaddr_in *)addr;\n\tint rc;\n\n\tif (!str || !addr) {\n\t\terrno = EINVAL;\n\t\treturn -1;\n\t}\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (strchr(str, ':')) {\n\t\tstruct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;\n\n\t\tsin6->sin6_family = AF_INET6;\n#ifdef HAVE_SOCKADDR_IN_SIN_LEN\n\t\tsin6->sin6_len = sizeof(struct sockaddr_in6);\n#endif\n\t\trc = inet_pton(AF_INET6, str, &sin6->sin6_addr);\n\t} else\n#endif\n\t{\n\t\tsin->sin_family = AF_INET;\n#ifdef HAVE_SOCKADDR_IN_SIN_LEN\n\t\tsin->sin_len = sizeof(struct sockaddr_in);\n#endif\n\t\trc = inet_pton(AF_INET, str, &sin->sin_addr);\n\t}\n\n\tif (rc == 0 || rc == -1)\n\t\treturn 1;\n\n\treturn 0;\n}\n\nint is_multicast(inet_addr_t *addr)\n{\n\tstruct sockaddr_in *sin = (struct sockaddr_in *)addr;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (addr->ss_family == AF_INET6) {\n\t\tstruct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;\n\t\treturn IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr);\n\t}\n#endif\n\n\treturn IN_MULTICAST(ntohl(sin->sin_addr.s_addr));\n}\n\nint is_anyaddr(inet_addr_t *addr)\n{\n\tstruct sockaddr_in *sin = (struct sockaddr_in *)addr;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (addr->ss_family == AF_INET6) {\n\t\tstruct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr;\n\t\treturn !memcmp(&sin6->sin6_addr, &in6addr_any, sizeof(in6addr_any));\n\t}\n#endif\n\n\treturn sin->sin_addr.s_addr == htonl(INADDR_ANY);\n}\n\nint inet_iter_init(struct inet_iter *iter, inet_addr_t *addr, int len)\n{\n\tint max_len;\n\n\tif (!iter)\n\t\treturn errno = EINVAL;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (addr->ss_family == AF_INET6)\n\t\tmax_len = 128;\n\telse\n#endif\n\tmax_len = 32;\n\tif (len < 0 || len > max_len) {\n\t\titer->num = 0;\n\t\treturn errno = EINVAL;\n\t}\n\n\titer->orig = *addr;\n\titer->len = len;\n\titer->addr = inet_netaddr(addr, len);\n\titer->num = 1 << (max_len - len);\n\n\treturn 0;\n}\n\nint inet_iterator(struct inet_iter *iter, inet_addr_t *addr)\n{\n\tif (!iter) {\n\t\terrno = EINVAL;\n\t\treturn 0;\n\t}\n\tif (iter->num-- == 0)\n\t\treturn 0;\n\n\t*addr = iter->addr;\t\t/* prepared already */\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (addr->ss_family == AF_INET6) {\n\t\tstruct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&iter->addr;\n\t\tstruct in6_addr s6 = sin6->sin6_addr;\n\t\tuint32_t pos = 4;\n\n\t\twhile (pos--) {\n\t\t\tuint32_t addr32 = ntohl(s6.s6_addr32[pos]);\n\n\t\t\taddr32++;\n\t\t\ts6.s6_addr32[pos] = htonl(addr32);\n\t\t\tif (addr32 > 0)\n\t\t\t\tbreak;\n\t\t}\n\n\t\tsin6->sin6_addr = s6;\n\t} else\n#endif\n\t{\n\t\tstruct sockaddr_in *sin = (struct sockaddr_in *)&iter->addr;\n\t\tin_addr_t ina;\n\n\t\tina = ntohl(sin->sin_addr.s_addr);\n\t\tsin->sin_addr.s_addr = htonl(++ina);\n\t}\n\n\treturn 1;\n}\n\n#ifdef _UNIT_TEST\n#include \n#include \n\nint main(void)\n{\n\tchar str[INET_ADDRSTR_LEN];\n\tstruct inet_iter iter;\n\tinet_addr_t addr;\n\n\tinet_anyaddr(AF_INET6, &addr);\n\tif (!is_anyaddr(&addr))\n\t\terr(1, \"FAIL\");\n\tputs(\"OK\");\n\n\tinet_str2addr(\"192.168.1.42\", &addr);\n\tinet_iter_init(&iter, &addr, 24);\n\tprintf(\"Got num: %u\\n\", iter.num);\n\twhile (inet_iterator(&iter, &addr))\n\t\tprintf(\"%s num %u\\n\", inet_addr2str(&addr, str, sizeof(str)), iter.num);\n\n\tinet_str2addr(\"2001::1\", &addr);\n\tinet_iter_init(&iter, &addr, 122);\n\tprintf(\"Got num: %u -> initial str %s\\n\", iter.num, inet_addr2str(&addr, str, sizeof(str)));\n\twhile (inet_iterator(&iter, &addr))\n\t\tprintf(\"%s num %u\\n\", inet_addr2str(&addr, str, sizeof(str)), iter.num);\n\n\tinet_str2addr(\"192.168.1.42\", &addr);\n\tinet_iter_init(&iter, &addr, 1);\n\tprintf(\"Got num: %u\\n\", iter.num);\n\twhile (inet_iterator(&iter, &addr))\n\t\tprintf(\"%s num %u\\n\", inet_addr2str(&addr, str, sizeof(str)), iter.num);\n\n\treturn 0;\n}\n#endif\n\n/**\n * Local Variables:\n * compile-command: \"gcc -D_UNIT_TEST -I.. -I. -o unit_test inet.c && ./unit_test\"\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/inet.h", "content": "/* Housekeeping IPv4/IPv6 wrapper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#ifndef SMCROUTE_INET_H_\n#define SMCROUTE_INET_H_\n\n#include \"config.h\"\n\n#include \n#include \n#include \n#include \t\t/* inet_ntop() */\n#include \n#include \n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n#define INET_ADDRSTR_LEN INET6_ADDRSTRLEN\n#else\n#define INET_ADDRSTR_LEN INET_ADDRSTRLEN\n#endif\ntypedef struct sockaddr_storage inet_addr_t;\n\n#ifndef s6_addr32\n# if defined(__FreeBSD__)\n# define s6_addr32 __u6_addr.__u6_addr32\n# elif defined(__linux__)\n# define s6_addr32 __in6_u.__u6_addr32\n# else\n# error \"IPv6 s6_addr32 is not defined, unknown operating system, build --without-ipv6\"\n# endif\n#endif\n\nstruct inet_iter {\n\tinet_addr_t orig;\n\tint len;\n\n\tinet_addr_t addr;\n\tuint32_t num;\n};\n\nvoid inet_addr_set (inet_addr_t *addr, const struct in_addr *ina);\nstruct in_addr *inet_addr_get (inet_addr_t *addr);\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\nvoid inet_addr6_set (inet_addr_t *addr, const struct in6_addr *ina);\nstruct sockaddr_in6 *inet_addr6_get (inet_addr_t *addr);\n#endif\n\nvoid inet_anyaddr (sa_family_t family, inet_addr_t *addr);\ninet_addr_t inet_netaddr (inet_addr_t *addr, int len);\n\nint inet_addr_cmp (inet_addr_t *a, inet_addr_t *b);\n\nconst char *inet_addr2str (inet_addr_t *addr, char *str, size_t len);\nint inet_str2addr (const char *str, inet_addr_t *addr);\n\nint is_multicast (inet_addr_t *addr);\nint is_anyaddr (inet_addr_t *addr);\n\nint inet_iter_init (struct inet_iter *iter, inet_addr_t *addr, int len);\nint inet_iterator (struct inet_iter *iter, inet_addr_t *addr);\n\nstatic inline int inet_max_len (inet_addr_t *addr)\n{\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (addr->ss_family == AF_INET6)\n\t\treturn 128;\n#endif\n\treturn 32;\n}\n\n#endif /* SMCROUTE_INET_H_ */\n" }, { "path": "src/ip_mroute.h", "content": "/* Imported from Apple XNU sources, 2050.18.24\n * https://opensource.apple.com/source/xnu/xnu-2050.18.24/bsd/netinet/ip_mroute.h\n *\n * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.\n *\n * @APPLE_OSREFERENCE_LICENSE_HEADER_START@\n * \n * This file contains Original Code and/or Modifications of Original Code\n * as defined in and that are subject to the Apple Public Source License\n * Version 2.0 (the 'License'). You may not use this file except in\n * compliance with the License. The rights granted to you under the License\n * may not be used to create, or enable the creation or redistribution of,\n * unlawful or unlicensed copies of an Apple operating system, or to\n * circumvent, violate, or enable the circumvention or violation of, any\n * terms of an Apple operating system software license agreement.\n * \n * Please obtain a copy of the License at\n * http://www.opensource.apple.com/apsl/ and read it before using this file.\n * \n * The Original Code and all software distributed under the License are\n * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER\n * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,\n * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.\n * Please see the License for the specific language governing rights and\n * limitations under the License.\n * \n * @APPLE_OSREFERENCE_LICENSE_HEADER_END@\n */\n/*\n * Copyright (c) 1989 Stephen Deering.\n * Copyright (c) 1992, 1993\n *\tThe Regents of the University of California. All rights reserved.\n *\n * This code is derived from software contributed to Berkeley by\n * Stephen Deering of Stanford University.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. All advertising materials mentioning features or use of this software\n * must display the following acknowledgement:\n *\tThis product includes software developed by the University of\n *\tCalifornia, Berkeley and its contributors.\n * 4. Neither the name of the University nor the names of its contributors\n * may be used to endorse or promote products derived from this software\n * without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND\n * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE\n * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE\n * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\n * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS\n * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT\n * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY\n * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF\n * SUCH DAMAGE.\n *\n *\t@(#)ip_mroute.h\t8.1 (Berkeley) 6/10/93\n */\n\n#ifndef _NETINET_IP_MROUTE_H_\n#define _NETINET_IP_MROUTE_H_\n#include \n\n/*\n * Definitions for IP multicast forwarding.\n *\n * Written by David Waitzman, BBN Labs, August 1988.\n * Modified by Steve Deering, Stanford, February 1989.\n * Modified by Ajit Thyagarajan, PARC, August 1993.\n * Modified by Ajit Thyagarajan, PARC, August 1994.\n *\n * MROUTING Revision: 3.3.1.3\n */\n\n\n/*\n * Multicast Routing set/getsockopt commands.\n */\n#define\tMRT_INIT\t100\t/* initialize forwarder */\n#define\tMRT_DONE\t101\t/* shut down forwarder */\n#define\tMRT_ADD_VIF\t102\t/* create virtual interface */\n#define\tMRT_DEL_VIF\t103\t/* delete virtual interface */\n#define MRT_ADD_MFC\t104\t/* insert forwarding cache entry */\n#define MRT_DEL_MFC\t105\t/* delete forwarding cache entry */\n#define MRT_VERSION\t106\t/* get kernel version number */\n#define MRT_ASSERT 107 /* enable PIM assert processing */\n\n\n#ifdef KERNEL_PRIVATE\n#define GET_TIME(t)\tmicrotime(&t)\n#endif /* KERNEL_PRIVATE */\n\n#ifndef CONFIG_MAXVIFS\n#define CONFIG_MAXVIFS 32 /* 4635538 temp workaround */\n#endif\n\n#ifndef CONFIG_MFCTBLSIZ\n#define CONFIG_MFCTBLSIZ 256 /* 4635538 temp workaround */\n#endif\n\n/*\n * Types and macros for handling bitmaps with one bit per virtual interface.\n */\ntypedef u_int32_t vifbitmap_t;\ntypedef u_short vifi_t;\t\t/* type of a vif index */\n#define ALL_VIFS (vifi_t)-1\n\n#define\tVIFM_SET(n, m)\t\t((m) |= (1 << (n)))\n#define\tVIFM_CLR(n, m)\t\t((m) &= ~(1 << (n)))\n#define\tVIFM_ISSET(n, m)\t((m) & (1 << (n)))\n#define\tVIFM_CLRALL(m)\t\t((m) = 0x00000000)\n#define\tVIFM_COPY(mfrom, mto)\t((mto) = (mfrom))\n#define\tVIFM_SAME(m1, m2)\t((m1) == (m2))\n\n\n/*\n * Argument structure for MRT_ADD_VIF.\n * (MRT_DEL_VIF takes a single vifi_t argument.)\n */\nstruct vifctl {\n vifi_t\tvifc_vifi;\t \t/* the index of the vif to be added */\n u_char\tvifc_flags; \t/* VIFF_ flags defined below */\n u_char\tvifc_threshold; \t/* min ttl required to forward on vif */\n u_int\tvifc_rate_limit;\t/* max rate */\n struct\tin_addr vifc_lcl_addr;\t/* local interface address */\n struct\tin_addr vifc_rmt_addr;\t/* remote address (tunnels only) */\n};\n\n#define\tVIFF_TUNNEL\t0x1\t\t/* vif represents a tunnel end-point */\n#define VIFF_SRCRT\t0x2\t\t/* tunnel uses IP source routing */\n\n/*\n * Argument structure for MRT_ADD_MFC and MRT_DEL_MFC\n * (mfcc_tos to be added at a future point)\n */\nstruct mfcctl {\n struct in_addr\tmfcc_origin;\t\t/* ip origin of mcasts */\n struct in_addr\tmfcc_mcastgrp; \t\t/* multicast group associated*/\n vifi_t\t\tmfcc_parent;\t\t/* incoming vif */\n u_char\t\tmfcc_ttls[CONFIG_MAXVIFS];\t/* forwarding ttls on vifs */\n};\n\n/*\n * The kernel's multicast routing statistics.\n */\nstruct mrtstat {\n u_int32_t\tmrts_mfc_lookups;\t/* # forw. cache hash table hits */\n u_int32_t\tmrts_mfc_misses;\t/* # forw. cache hash table misses */\n u_int32_t\tmrts_upcalls;\t\t/* # calls to mrouted */\n u_int32_t\tmrts_no_route;\t\t/* no route for packet's origin */\n u_int32_t\tmrts_bad_tunnel;\t/* malformed tunnel options */\n u_int32_t\tmrts_cant_tunnel;\t/* no room for tunnel options */\n u_int32_t\tmrts_wrong_if;\t\t/* arrived on wrong interface */\n u_int32_t\tmrts_upq_ovflw;\t\t/* upcall Q overflow */\n u_int32_t\tmrts_cache_cleanups;\t/* # entries with no upcalls */\n u_int32_t\tmrts_drop_sel;\t\t/* pkts dropped selectively */\n u_int32_t\tmrts_q_overflow;\t/* pkts dropped - Q overflow */\n u_int32_t\tmrts_pkt2large;\t\t/* pkts dropped - size > BKT SIZE */\n u_int32_t\tmrts_upq_sockfull;\t/* upcalls dropped - socket full */\n};\n\n/*\n * Argument structure used by mrouted to get src-grp pkt counts\n */\nstruct sioc_sg_req {\n struct in_addr\tsrc;\n struct in_addr\tgrp;\n u_int32_t\t\tpktcnt;\n u_int32_t\t\tbytecnt;\n u_int32_t\t\twrong_if;\n};\n\n/*\n * Argument structure used by mrouted to get vif pkt counts\n */\nstruct sioc_vif_req {\n vifi_t\t\tvifi;\t\t/* vif number\t\t\t*/\n u_int32_t\t\ticount;\t\t/* Input packet count on vif\t*/\n u_int32_t\t\tocount;\t\t/* Output packet count on vif\t*/\n u_int32_t\t\tibytes;\t\t/* Input byte count on vif\t*/\n u_int32_t\t\tobytes;\t\t/* Output byte count on vif\t*/\n};\n\n#ifdef PRIVATE\n/*\n * The kernel's virtual-interface structure.\n */\nstruct tbf;\nstruct ifnet;\nstruct socket;\nstruct vif {\n u_char \t\tv_flags; \t/* VIFF_ flags defined above */\n u_char \t\tv_threshold;\t/* min ttl required to forward on vif*/\n u_int \t\tv_rate_limit; \t/* max rate\t\t\t */\n struct tbf \t *v_tbf; \t/* token bucket structure at intf. */\n struct in_addr \tv_lcl_addr; \t/* local interface address */\n struct in_addr \tv_rmt_addr; \t/* remote address (tunnels only) */\n struct ifnet *v_ifp;\t \t/* pointer to interface */\n u_int32_t\t\tv_pkt_in;\t/* # pkts in on interface */\n u_int32_t\t\tv_pkt_out;\t/* # pkts out on interface */\n u_int32_t\t\tv_bytes_in;\t/* # bytes in on interface\t */\n u_int32_t\t\tv_bytes_out;\t/* # bytes out on interface\t */\n struct route\tv_route;\t/* cached route if this is a tunnel */\n u_int\t\tv_rsvp_on;\t/* RSVP listening on this vif */\n struct socket *v_rsvpd;\t/* RSVP daemon socket */\n};\n#endif\n\n/*\n * The kernel's multicast forwarding cache entry structure \n * (A field for the type of service (mfc_tos) is to be added \n * at a future point)\n */\nstruct mfc {\n struct in_addr mfc_origin;\t \t\t/* IP origin of mcasts */\n struct in_addr mfc_mcastgrp; \t\t/* multicast group associated*/\n vifi_t\t mfc_parent; \t\t/* incoming vif */\n u_char\t mfc_ttls[CONFIG_MAXVIFS]; \t\t/* forwarding ttls on vifs */\n u_int32_t\t mfc_pkt_cnt;\t\t/* pkt count for src-grp */\n u_int32_t\t mfc_byte_cnt;\t\t/* byte count for src-grp */\n u_int32_t\t mfc_wrong_if;\t\t/* wrong if for src-grp\t */\n int\t\t mfc_expire;\t\t\t/* time to clean entry up */\n struct timeval mfc_last_assert;\t\t/* last time I sent an assert*/\n struct rtdetq *mfc_stall;\t\t\t/* q of packets awaiting mfc */\n struct mfc *mfc_next;\t\t\t/* next mfc entry */\n};\n\n/*\n * Struct used to communicate from kernel to multicast router\n * note the convenient similarity to an IP packet\n */\nstruct igmpmsg {\n u_int32_t\t unused1;\n u_int32_t\t unused2;\n u_char\t im_msgtype;\t\t\t/* what type of message\t */\n#define IGMPMSG_NOCACHE\t\t1\n#define IGMPMSG_WRONGVIF\t2\n u_char\t im_mbz;\t\t\t/* must be zero\t\t */\n u_char\t im_vif;\t\t\t/* vif rec'd on\t\t */\n u_char\t unused3;\n struct in_addr im_src, im_dst;\n};\n\n#define MFCTBLSIZ CONFIG_MFCTBLSIZ\n\n#ifdef KERNEL_PRIVATE\n/*\n * Argument structure used for pkt info. while upcall is made\n */\nstruct rtdetq {\n struct mbuf \t*m;\t\t/* A copy of the packet\t\t */\n struct ifnet\t*ifp;\t\t/* Interface pkt came in on\t */\n vifi_t\t\txmt_vif;\t/* Saved copy of imo_multicast_vif */\n#if UPCALL_TIMING\n struct timeval\tt;\t\t/* Timestamp */\n#endif /* UPCALL_TIMING */\n struct rtdetq\t*next;\t\t/* Next in list of packets */\n};\n\n#if (CONFIG_MFCTBLSIZ & (CONFIG_MFCTBLSIZ - 1)) == 0\t /* from sys:route.h */\n#define MFCHASHMOD(h)\t((h) & (CONFIG_MFCTBLSIZ - 1))\n#else\n#define MFCHASHMOD(h)\t((h) % CONFIG_MFCTBLSIZ)\n#endif\n\n#define MAX_UPQ\t4\t\t/* max. no of pkts in upcall Q */\n\n/*\n * Token Bucket filter code \n */\n#define MAX_BKT_SIZE 10000 /* 10K bytes size \t\t*/\n#define MAXQSIZE 10 /* max # of pkts in queue \t*/\n\n/*\n * the token bucket filter at each vif\n */\nstruct tbf\n{\n struct timeval tbf_last_pkt_t; /* arr. time of last pkt \t*/\n u_int32_t tbf_n_tok; \t/* no of tokens in bucket \t*/\n u_int32_t tbf_q_len; \t/* length of queue at this vif\t*/\n u_int32_t tbf_max_q_len;\t/* max. queue length\t\t*/\n struct mbuf *tbf_q;\t\t/* Packet queue\t\t\t*/\n struct mbuf *tbf_t;\t\t/* tail-insertion pointer\t*/\n};\n\n\nstruct sockopt;\n\nextern int\t(*ip_mrouter_set)(struct socket *, struct sockopt *);\nextern int\t(*ip_mrouter_get)(struct socket *, struct sockopt *);\nextern int\t(*ip_mrouter_done)(void);\n#if MROUTING\nextern int\t(*mrt_ioctl)(u_long, caddr_t);\n#else\nextern int\t(*mrt_ioctl)(u_long, caddr_t, struct proc *);\n#endif\n\n#endif /* KERNEL_PRIVATE */\n#endif /* _NETINET_IP_MROUTE_H_ */\n" }, { "path": "src/ipc.c", "content": "/* Daemon IPC API\n *\n * Copyright (C) 2001-2005 Carsten Schill \n * Copyright (C) 2006-2009 Julien BLACHE \n * Copyright (C) 2009 Todd Hayton \n * Copyright (C) 2009-2011 Micha Lenk \n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n\n#include \"ipc.h\"\n#include \"log.h\"\n#include \"msg.h\"\n#include \"util.h\"\n#include \"socket.h\"\n#include \"mroute.h\"\n\nextern char *ident;\n\nstatic struct sockaddr_un sun;\nstatic int ipc_socket = -1;\n\n/*\n * max word count in one command:\n * smcroutectl add in1 source group out1 out2 .. out32\n */\n#define CMD_MAX_WORDS (MAXVIFS + 3)\n\n\n/* Receive command from the smcroutectl */\nstatic void ipc_read(int sd)\n{\n\t/* since command len must be limited by the max number of oifs\n\tpreallocate ipc_msg only once in advance */ \n\tchar msg_buf[sizeof(struct ipc_msg) + CMD_MAX_WORDS * sizeof(char *)];\n\tchar buf[MX_CMDPKT_SZ];\n\tint first_call = 1;\n\tssize_t pos = 0;\n\n\tmemset(buf, 0, sizeof(buf));\n\n\t/* \n\t * since client message would be big enough and couldn't fit\n\t * into buffer we have to make multiple iterations to receive\n\t * all data\n\t */\n\twhile (1) {\n\t\tconst char* ptr;\n\t\tssize_t rc;\n\n\t\trc = ipc_receive(sd, buf + pos, sizeof(buf) - pos - 1, first_call);\n\t\tfirst_call = 0;\n\t\tif (rc <= 0) {\n\t\t\tif (errno == EAGAIN) /* no more data from client */\n\t\t\t\treturn;\n\t\t\tif (errno != ECONNRESET) /* Skip logging client disconnects */\n\t\t\t\tsmclog(LOG_WARNING, \"Failed receiving IPC message from client: %s\", strerror(errno));\n\t\t\treturn;\n\t\t}\n\n\t\tpos += rc;\n\t\tif (pos > (int)sizeof(buf) - 1) {\n\t\t\tsmclog(LOG_WARNING, \"Too large IPC message, unsupported.\");\n\t\t\treturn;\n\t\t}\n\n\t\t/* Make sure to always have at least one NUL, for strlen() */\n\t\tbuf[pos] = 0;\n\n\t\tptr = buf;\n\t\twhile (pos > 0) {\n\t\t\tstruct ipc_msg* msg = (struct ipc_msg*)msg_buf;\n\n\t\t\t/* extract one command at a time */\n\t\t\tif (ipc_parse(ptr, pos, msg)) {\n\t\t\t\tif (EAGAIN == errno) {\n\t\t\t\t\t/* \n\t\t\t\t\t * need more data from client? move last unused bytes (if any) to\n\t\t\t\t\t * the begging of the buffer and lets try to receive more data\n\t\t\t\t\t */\n\t\t\t\t\tmemmove(buf, ptr, pos);\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t\tsmclog(LOG_WARNING, \"Failed to parse IPC message from client: %s\", strerror(errno));\n\t\t\t\treturn;\n\t\t\t}\n\n\t\t\tif (msg_do(sd, msg)) {\n\t\t\t\tif (EINVAL == errno)\n\t\t\t\t\tsmclog(LOG_WARNING, \"Unknown or malformed IPC message '%c' from client.\", msg->cmd);\n\t\t\t\terrno = 0;\n\t\t\t\tipc_send(sd, log_message, strlen(log_message) + 1);\n\t\t\t} else {\n\t\t\t\tipc_send(sd, \"\", 1);\n\t\t\t}\n\n\t\t\t/* shift to the next command if any and reduce remaining bytes in buffer */\n\t\t\tptr += msg->len;\n\t\t\tpos -= msg->len;\n\t\t}\n\t}\n}\n\nstatic void ipc_accept(int sd, void *arg)\n{\n\tsocklen_t socklen = 0;\n\tint client;\n\n\t(void)arg;\n\tclient = accept(sd, NULL, &socklen);\n\tif (client < 0)\n\t\treturn;\n\n\tipc_read(client);\n\tclose(client);\n}\n\n/**\n * ipc_init - Initialise an IPC server socket\n * @path: Path to UNIX domain socket\n *\n * Returns:\n * The socket descriptor, or -1 on error with @errno set.\n */\nint ipc_init(char *path)\n{\n\tsocklen_t len;\n\tint sd;\n\n\tif (strlen(RUNSTATEDIR) + strlen(ident) + 11 >= sizeof(sun.sun_path)) {\n\t\tsmclog(LOG_ERR, \"Too long socket path, max %zd chars\", sizeof(sun.sun_path));\n\t\treturn -1;\n\t}\n\n\tsd = socket_create(AF_UNIX, SOCK_STREAM, 0, ipc_accept, NULL);\n\tif (sd < 0) {\n\t\tsmclog(LOG_WARNING, \"Failed creating IPC socket, client disabled: %s\", strerror(errno));\n\t\treturn -1;\n\t}\n\n#ifdef HAVE_SOCKADDR_UN_SUN_LEN\n\tsun.sun_len = 0;\t/* <- correct length is set by the OS */\n#endif\n\tsun.sun_family = AF_UNIX;\n\tstrlcpy(sun.sun_path, path, sizeof(sun.sun_path));\n\n\tunlink(sun.sun_path);\n\tsmclog(LOG_DEBUG, \"Binding IPC socket to %s\", sun.sun_path);\n\n\tlen = offsetof(struct sockaddr_un, sun_path) + strlen(sun.sun_path);\n\tif (bind(sd, (struct sockaddr *)&sun, len) < 0 || listen(sd, 1)) {\n\t\tsmclog(LOG_WARNING, \"Failed binding IPC socket, client disabled: %s\", strerror(errno));\n\t\tsocket_close(sd);\n\t\treturn -1;\n\t}\n\tipc_socket = sd;\n\n\treturn sd;\n}\n\n/**\n * ipc_exit - Tear down and cleanup IPC communication.\n */\nvoid ipc_exit(void)\n{\n\tif (ipc_socket >= 0)\n\t\tsocket_close(ipc_socket);\n\tunlink(sun.sun_path);\n}\n\n/**\n * ipc_send - Send message to peer\n * @sd: Client socket from ipc_accept()\n * @buf: Message to send\n * @len: Message length in bytes of @buf\n *\n * Sends the IPC message in @buf of the size @len to the peer.\n *\n * Returns:\n * Number of bytes successfully sent, or -1 with @errno on failure.\n */\nint ipc_send(int sd, const char *buf, size_t len)\n{\n\tif (write(sd, buf, len) != (ssize_t)len)\n\t\treturn -1;\n\n\treturn len;\n}\n\n/**\n * ipc_server_read - Read IPC message from client\n * @sd: Client socket from ipc_accept()\n * @buf: Buffer for message\n * @len: Size of @buf in bytes\n * @first_call: non-zero set on first read after accept, 0 - subsequent calls\n *\n * Reads a message(s) from the IPC socket and stores in @buf, respecting\n * the size @len. Connects and resets connection as necessary.\n *\n * Returns:\n * Size of a successfuly read command packet in @buf, or 0 on error.\n */\nssize_t ipc_receive(int sd, char *buf, size_t len, int first_call)\n{\n\tssize_t sz;\n\t/* since we can call this multiple times during receive of multipart\n\tcommand lets pass `don't wait` flag to not block forever\n\twhen client finish transmission */\n\tint flags = first_call ? 0 : MSG_DONTWAIT;\n\n\tsz = recv(sd, buf, len - 1, flags);\n\tif (!sz)\n\t\terrno = ECONNRESET;\n\n\treturn sz;\n}\n\n/**\n * ipc_server_parse - Parse IPC message(s) from client\n * @buf: Buffer of message(s)\n * @sz: Size of @buf in bytes\n * @msg_buf: Preallocated ipc_msg\n *\n * Parse message(s) from the IPC socket, respecting\n * the size @sz.\n *\n * Returns:\n * POSIX OK(0) on a successfuly read command in @buf, or non-zero on error.\n */\nint ipc_parse(const char *buf, size_t sz, void* msg_buf)\n{\n\tstruct ipc_msg* msg;\n\n\t/* successful read */\n\tif (sz >= sizeof(struct ipc_msg)) {\n\t\tmemcpy(msg_buf, buf, sizeof(struct ipc_msg));\n\t\tmsg = (struct ipc_msg*)msg_buf;\n\n\t\t/* enough bytes to extract just one message? */\n\t\tif (sz >= msg->len) {\n\t\t\tsize_t i, count;\n\t\t\tconst char *ptr;\n\n\t\t\tcount = msg->count;\n\t\t\tif (count > CMD_MAX_WORDS) {\n\t\t\t\terrno = EINVAL;\n\t\t\t\treturn 1;\n\t\t\t}\n\n\t\t\tptr = buf + offsetof(struct ipc_msg, argv);\n\t\t\tfor (i = 0; i < count; i++) {\n\t\t\t\t/* Verify ptr, attacker may set too large msg->count */\n\t\t\t\tif (ptr >= (buf + msg->len)) {\n\t\t\t\t\terrno = EBADMSG;\n\t\t\t\t\treturn 1;\n\t\t\t\t}\n\n\t\t\t\tmsg->argv[i] = (char*)ptr;\n\t\t\t\tptr += strlen(ptr) + 1;\n\t\t\t}\n\n\t\t\treturn 0;\n\t\t}\n\t}\n\n\t/* we've parsed all commands or not enough bytes to parse next */\n\terrno = EAGAIN;\n\treturn 1;\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/ipc.h", "content": "/* Daemon IPC API */\n#ifndef SMCROUTE_IPC_H_\n#define SMCROUTE_IPC_H_\n\n#include \"config.h\"\n\nint ipc_init (char *path);\nvoid ipc_exit (void);\n\nint ipc_send (int sd, const char *buf, size_t len);\nssize_t ipc_receive(int sd, char *buf, size_t len, int first_call);\nint ipc_parse (const char *buf, size_t sz, void *msg_buf);\n\n#endif /* SMCROUTE_IPC_H_ */\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/kern.c", "content": "/* Kernel API for join/leave multicast groups and add/del routes\n *\n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * Permission to use, copy, modify, and/or distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n#include \"config.h\"\n\n#include \n#ifdef HAVE_FCNTL_H\n#include \n#endif\n#include \n#include \n#include \n\n#include \"iface.h\"\n#include \"kern.h\"\n#include \"log.h\"\n#include \"mrdisc.h\"\n#include \"socket.h\"\n#include \"util.h\"\n\n/*\n * Raw IGMP socket used as interface for the IPv4 mrouted API.\n * Receives IGMP packets and upcall messages from the kernel.\n */\nstatic int sd4 = -1;\n/*\n * Raw ICMPv6 socket used as interface for the IPv6 mrouted API.\n * Receives MLD packets and upcall messages from the kenrel.\n */\nstatic int sd6 = -1;\n\n/* IPv4 internal virtual interfaces (VIF) descriptor vector */\nstatic struct {\n\tstruct iface *iface;\n} vif_list[MAX_MC_VIFS];\n\n/* IPv6 internal virtual interfaces (VIF) descriptor vector */\nstatic struct mif {\n\tstruct iface *iface;\n} mif_list[MAX_MC_VIFS];\n\n\n/*\n * This function handles both ASM and SSM join/leave for IPv4 and IPv6\n * using the RFC 3678 API available on Linux, FreeBSD, and a few other\n * operating systems.\n *\n * On Linux this makes it possible to join a group on an interface that\n * is down and/or has no IP address assigned to it yet. The latter is\n * one of the most common causes of malfunction on Linux and IPv4 with\n * the old struct ip_mreq API.\n */\n#ifdef HAVE_STRUCT_GROUP_REQ\t/* Prefer RFC 3678 */\nstatic int group_req(int sd, int cmd, struct mcgroup *mcg)\n{\n\tchar source[INET_ADDRSTR_LEN], group[INET_ADDRSTR_LEN];\n\tstruct group_source_req gsr = { 0 };\n\tstruct group_req gr = { 0 };\n\tsize_t len;\n\tvoid *arg;\n\tint op, proto;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (mcg->group.ss_family == AF_INET6)\n\t\tproto = IPPROTO_IPV6;\n\telse\n#endif\n\t\tproto = IPPROTO_IP;\n\n\tif (is_anyaddr(&mcg->source)) {\n\t\tif (cmd)\top = MCAST_JOIN_GROUP;\n\t\telse\t\top = MCAST_LEAVE_GROUP;\n\n\t\targ = &gr;\n\t\tlen = sizeof(gr);\n\t\tgr.gr_interface = mcg->iface->ifindex;\n\t\tgr.gr_group = mcg->group;\n\n\t\tstrncpy(source, \"*\", sizeof(source));\n\t\tinet_addr2str(&gr.gr_group, group, sizeof(group));\n\t} else {\n\t\tif (cmd)\top = MCAST_JOIN_SOURCE_GROUP;\n\t\telse\t\top = MCAST_LEAVE_SOURCE_GROUP;\n\n\t\targ = &gsr;\n\t\tlen = sizeof(gsr);\n\t\tgsr.gsr_interface = mcg->iface->ifindex;\n\t\tgsr.gsr_source = mcg->source;\n\t\tgsr.gsr_group = mcg->group;\n\n\t\tinet_addr2str(&gsr.gsr_source, source, sizeof(source));\n\t\tinet_addr2str(&gsr.gsr_group, group, sizeof(group));\n\t}\n\n\tsmclog(LOG_DEBUG, \"%s group (%s,%s) on ifindex %d and socket %d ...\",\n\t cmd ? \"Join\" : \"Leave\", source, group, mcg->iface->ifindex, sd);\n\n\treturn setsockopt(sd, proto, op, arg, len);\n}\n\n#else /* Assume we have old style struct ip_mreq */\n\nstatic int group_req(int sd, int cmd, struct mcgroup *mcg)\n{\n\tchar group[INET_ADDRSTR_LEN];\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tstruct ipv6_mreq ipv6mr = { 0 };\n#endif\n#ifdef HAVE_STRUCT_IP_MREQN\n\tstruct ip_mreqn imr = { 0 };\n#else\n\tstruct ip_mreq imr = { 0 };\n#endif\n\tint op, proto;\n\tsize_t len;\n\tvoid *arg;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (mcg->group.ss_family == AF_INET6) {\n\t\tstruct sockaddr_in6 *sin6;\n\n\t\tsin6 = inet_addr6_get(&mcg->group);\n\t\tipv6mr.ipv6mr_multiaddr = sin6->sin6_addr;\n\t\tipv6mr.ipv6mr_interface = mcg->iface->ifindex;\n\n\t\tproto = IPPROTO_IPV6;\n\t\top = cmd ? IPV6_JOIN_GROUP : IPV6_LEAVE_GROUP;\n\t\targ = &ipv6mr;\n\t\tlen = sizeof(ipv6mr);\n\t} else\n#endif\n\t{\n\t\timr.imr_multiaddr = *inet_addr_get(&mcg->group);\n#ifdef HAVE_STRUCT_IP_MREQN\n\t\timr.imr_ifindex = mcg->iface->ifindex;\n#else\n\t\timr.imr_interface = mcg->iface->inaddr;\n#endif\n\n\t\tproto = IPPROTO_IP;\n\t\top = cmd ? IP_ADD_MEMBERSHIP : IP_DROP_MEMBERSHIP;\n\t\targ = &imr;\n\t\tlen = sizeof(imr);\n\t}\n\n\tsmclog(LOG_DEBUG, \"%s group (*,%s) on ifindex %d ...\", cmd ? \"Join\" : \"Leave\",\n\t inet_addr2str(&mcg->group, group, sizeof(group)), mcg->iface->ifindex);\n\n\treturn setsockopt(sd, proto, op, arg, len);\n}\n#endif\n\nint kern_join_leave(int sd, int cmd, struct mcgroup *mcg)\n{\n\tif (group_req(sd, cmd, mcg)) {\n\t\tchar source[INET_ADDRSTR_LEN] = \"*\";\n\t\tchar group[INET_ADDRSTR_LEN];\n\t\tint len;\n\n\t\tif (!is_anyaddr(&mcg->source))\n\t\t\tinet_addr2str(&mcg->source, source, sizeof(source));\n\t\tinet_addr2str(&mcg->group, group, sizeof(group));\n\t\tlen = mcg->len == 0 ? 32 : mcg->len;\n\n\t\tsmclog(LOG_ERR, \"Failed %s group (%s,%s/%d) on sd %d ... %d: %s\",\n\t\t cmd ? \"joining\" : \"leaving\",\n\t\t source, group, len, sd,\n\t\t errno, strerror(errno));\n\t\treturn 1;\n\t}\n\n\treturn 0;\n}\n\nint kern_mroute_init(int table_id, void (*cb)(int, void *), void *arg)\n{\n\tint val = 1;\n\n\tif (sd4 < 0) {\n\t\tsd4 = socket_create(AF_INET, SOCK_RAW, IPPROTO_IGMP, cb, arg);\n\t\tif (sd4 < 0)\n\t\t\treturn -1;\n\t}\n\n#ifdef MRT_TABLE /* Currently only available on Linux */\n\tif (table_id != 0) {\n\t\tsmclog(LOG_INFO, \"Setting IPv4 multicast routing table id %d\", table_id);\n\t\tif (setsockopt(sd4, IPPROTO_IP, MRT_TABLE, &table_id, sizeof(table_id)) < 0) {\n\t\t\terrno = EPROTONOSUPPORT;\n\t\t\tgoto error;\n\t\t}\n\t}\n#else\n\t(void)table_id;\n#endif\n\n\tif (setsockopt(sd4, IPPROTO_IP, MRT_INIT, &val, sizeof(val)))\n\t\tgoto error;\n\n\t/* Enable \"PIM\" to get WRONGVIF messages */\n\tif (setsockopt(sd4, IPPROTO_IP, MRT_PIM, &val, sizeof(val)))\n\t\tsmclog(LOG_ERR, \"Failed enabling PIM IGMPMSG_WRONGVIF, ignoring: %s\", strerror(errno));\n\n\t/* Initialize virtual interface table */\n\tmemset(&vif_list, 0, sizeof(vif_list));\n\n\treturn 0;\nerror:\n\tsocket_close(sd4);\n\tsd4 = -1;\n\n\treturn -1;\n}\n\nint kern_mroute_exit(void)\n{\n\tif (sd4 == -1)\n\t\treturn errno = EAGAIN;\n\n\t/* Drop all kernel routes set by smcroute */\n\tif (setsockopt(sd4, IPPROTO_IP, MRT_DONE, NULL, 0))\n\t\tsmclog(LOG_WARNING, \"Failed shutting down IPv4 multicast routing socket: %s\",\n\t\t strerror(errno));\n\n\tsocket_close(sd4);\n\tsd4 = -1;\n\n\treturn 0;\n}\n\nint kern_vif_add(struct iface *iface)\n{\n\tstruct vifctl vifc = { 0 };\n\tsize_t i;\n\tint vif;\n\n\tif (!iface)\n\t\treturn errno = EINVAL;\n\tif ((iface->flags & IFF_MULTICAST) != IFF_MULTICAST)\n\t\treturn errno = ENOPROTOOPT;\n\tif (sd4 == -1)\n\t\treturn errno = EAGAIN;\n\tif (iface->vif != NO_VIF)\n\t\treturn errno = EEXIST;\n\n\t/* find a free vif */\n\tfor (i = 0, vif = -1; i < NELEMS(vif_list); i++) {\n\t\tif (!vif_list[i].iface) {\n\t\t\tvif = i;\n\t\t\tbreak;\n\t\t}\n\t}\n\n\tif (vif == -1)\n\t\treturn errno = ENOMEM;\n\n\tmemset(&vifc, 0, sizeof(vifc));\n\tvifc.vifc_vifi = vif;\n\tvifc.vifc_flags = 0; /* no tunnel, no source routing, register ? */\n\tvifc.vifc_threshold = iface->threshold;\n\tvifc.vifc_rate_limit = 0;\t/* hopefully no limit */\n#ifdef VIFF_USE_IFINDEX\t\t/* Register VIF using ifindex, not lcl_addr, since Linux 2.6.33 */\n\tvifc.vifc_flags |= VIFF_USE_IFINDEX;\n\tvifc.vifc_lcl_ifindex = iface->ifindex;\n#else\n\tvifc.vifc_lcl_addr.s_addr = iface->inaddr.s_addr;\n#endif\n\tvifc.vifc_rmt_addr.s_addr = htonl(INADDR_ANY);\n\n\tsmclog(LOG_DEBUG, \"Map iface %-16s => VIF %-2d ifindex %2d flags 0x%04x TTL threshold %u\",\n\t iface->ifname, vifc.vifc_vifi, iface->ifindex, vifc.vifc_flags, iface->threshold);\n\n\tif (setsockopt(sd4, IPPROTO_IP, MRT_ADD_VIF, &vifc, sizeof(vifc)))\n\t\treturn 1;\n\n\tiface->vif = vif;\n\tvif_list[vif].iface = iface;\n\n\treturn 0;\n}\n\nint kern_vif_del(struct iface *iface)\n{\n\tstruct vifctl vifc = { 0 };\n\tint rc;\n\n\tif (sd4 == -1)\n\t\treturn errno = EAGAIN;\n\tif (!iface)\n\t\treturn errno = EINVAL;\n\tif (iface->vif == NO_VIF)\n\t\treturn errno = ENOENT;\n\n\tsmclog(LOG_DEBUG, \"Removing %-16s => VIF %-2d\", iface->ifname, iface->vif);\n\n\tvifc.vifc_vifi = iface->vif;\n#ifdef __linux__\n\trc = setsockopt(sd4, IPPROTO_IP, MRT_DEL_VIF, &vifc, sizeof(vifc));\n#else\n\trc = setsockopt(sd4, IPPROTO_IP, MRT_DEL_VIF, &vifc.vifc_vifi, sizeof(vifc.vifc_vifi));\n#endif\n\tif (!rc) {\n\t\tvif_list[iface->vif].iface = NULL;\n\t\tiface->vif = -1;\n\t}\n\n\treturn rc;\n}\n\nstatic int kern_mroute4(int cmd, struct mroute *route)\n{\n\tchar origin[INET_ADDRSTRLEN], group[INET_ADDRSTRLEN];\n\tint op = cmd ? MRT_ADD_MFC : MRT_DEL_MFC;\n\tstruct mfcctl mfcc = { 0 };\n\tsize_t i;\n\n\tif (sd4 == -1) {\n\t\tsmclog(LOG_DEBUG, \"No IPv4 multicast socket\");\n\t\treturn -1;\n\t}\n\n\tmemset(&mfcc, 0, sizeof(mfcc));\n\tmfcc.mfcc_origin = *inet_addr_get(&route->source);\n\tmfcc.mfcc_mcastgrp = *inet_addr_get(&route->group);\n\tmfcc.mfcc_parent = route->inbound;\n\n\tinet_addr2str(&route->source, origin, sizeof(origin));\n\tinet_addr2str(&route->group, group, sizeof(group));\n\n\t/* copy the TTL vector, as many as the kernel supports */\n\tfor (i = 0; i < NELEMS(mfcc.mfcc_ttls); i++)\n\t\tmfcc.mfcc_ttls[i] = route->ttl[i];\n\n\tif (setsockopt(sd4, IPPROTO_IP, op, &mfcc, sizeof(mfcc))) {\n\t\tif (ENOENT == errno)\n\t\t\tsmclog(LOG_DEBUG, \"failed removing multicast route (%s,%s), does not exist.\",\n\t\t\t\torigin, group);\n\t\telse\n\t\t\tsmclog(LOG_WARNING, \"failed %s IPv4 multicast route (%s,%s): %s\",\n\t\t\t cmd ? \"adding\" : \"removing\", origin, group, strerror(errno));\n\t\treturn 1;\n\t}\n\n\tsmclog(LOG_DEBUG, \"%s %s -> %s from VIF %d\", cmd ? \"Add\" : \"Del\",\n\t origin, group, route->inbound);\n\n\treturn 0;\n}\n\nstatic int kern_stats4(struct mroute *route, struct mroute_stats *ms)\n{\n\tstruct sioc_sg_req sg_req = { 0 };\n\n\tif (sd4 == -1)\n\t\treturn errno = EAGAIN;\n\n\tmemset(&sg_req, 0, sizeof(sg_req));\n\tsg_req.src = *inet_addr_get(&route->source);\n\tsg_req.grp = *inet_addr_get(&route->group);\n\n\tif (ioctl(sd4, SIOCGETSGCNT, &sg_req) < 0) {\n\t\tif (ms->ms_wrong_if)\n\t\t\tsmclog(LOG_WARNING, \"Failed getting MFC stats: %s\", strerror(errno));\n\t\treturn errno;\n\t}\n\n\tms->ms_pktcnt = sg_req.pktcnt;\n\tms->ms_bytecnt = sg_req.bytecnt;\n\tms->ms_wrong_if = sg_req.wrong_if;\n\n\treturn 0;\n}\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n#ifdef __linux__\n#define IPV6_ALL_MC_FORWARD \"/proc/sys/net/ipv6/conf/all/mc_forwarding\"\n\nstatic int proc_set_val(char *file, int val)\n{\n\tint fd, rc = 0;\n\n\tfd = open(file, O_WRONLY);\n\tif (fd < 0)\n\t\treturn 1;\n\n\tif (-1 == write(fd, \"1\", val))\n\t\trc = 1;\n\n\tclose(fd);\n\n\treturn rc;\n}\n#endif /* Linux only */\n\nint kern_mroute6_init(int table_id, void (*cb)(int, void *), void *arg)\n{\n\tint val = 1;\n\n\tif (sd6 < 0) {\n\t\tsd6 = socket_create(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6, cb, arg);\n\t\tif (sd6 < 0)\n\t\t\treturn -1;\n\t}\n\n#ifdef MRT6_TABLE /* Currently only available on Linux */\n\tif (table_id != 0) {\n\t\tsmclog(LOG_INFO, \"Setting IPv6 multicast routing table id %d\", table_id);\n\t\tif (setsockopt(sd6, IPPROTO_IPV6, MRT6_TABLE, &table_id, sizeof(table_id)) < 0) {\n\t\t\terrno = EPROTONOSUPPORT;\n\t\t\tgoto error;\n\t\t}\n\t}\n#else\n\t(void)table_id;\n#endif\n\n\tif (setsockopt(sd6, IPPROTO_IPV6, MRT6_INIT, &val, sizeof(val)))\n\t\tgoto error;\n\n\t/* Initialize virtual interface table */\n\tmemset(&mif_list, 0, sizeof(mif_list));\n\n#ifdef __linux__\n\t/*\n\t * On Linux pre 2.6.29 kernels net.ipv6.conf.all.mc_forwarding\n\t * is not set on MRT6_INIT so we have to do this manually\n\t */\n\tif (proc_set_val(IPV6_ALL_MC_FORWARD, 1)) {\n\t\tif (errno != EACCES) {\n\t\t\tsmclog(LOG_ERR, \"Failed enabling IPv6 multicast forwarding: %s\",\n\t\t\t strerror(errno));\n\t\t\tgoto error;\n\t\t}\n\t}\n#endif\n\n\treturn 0;\nerror:\n\tsocket_close(sd6);\n\tsd6 = -1;\n\n\treturn -1;\n}\n\nint kern_mroute6_exit(void)\n{\n\tif (sd6 == -1)\n\t\treturn errno = EAGAIN;\n\n\tif (setsockopt(sd6, IPPROTO_IPV6, MRT6_DONE, NULL, 0))\n\t\tsmclog(LOG_WARNING, \"Failed shutting down IPv6 multicast routing socket: %s\",\n\t\t strerror(errno));\n\n\tsocket_close(sd6);\n\tsd6 = -1;\n\n\treturn 0;\n}\n\n/* Create a virtual interface from @iface so it can be used for IPv6 multicast routing. */\nint kern_mif_add(struct iface *iface)\n{\n\tstruct mif6ctl mif6c = { 0 };\n\tint mif = -1;\n\tsize_t i;\n\n\tif (sd6 == -1)\n\t\treturn errno = EAGAIN;\n\tif (!iface)\n\t\treturn errno = EINVAL;\n\tif ((iface->flags & IFF_MULTICAST) != IFF_MULTICAST)\n\t\treturn errno = ENOPROTOOPT;\n\tif (iface->mif != NO_VIF)\n\t\treturn errno = EEXIST;\n\n\t/* find a free mif */\n\tfor (i = 0; i < NELEMS(mif_list); i++) {\n\t\tif (!mif_list[i].iface) {\n\t\t\tmif = i;\n\t\t\tbreak;\n\t\t}\n\t}\n\n\tif (mif == -1)\n\t\treturn errno = ENOMEM;\n\n\tmemset(&mif6c, 0, sizeof(mif6c));\n\tmif6c.mif6c_mifi = mif;\n\tmif6c.mif6c_flags = 0; /* no register */\n#ifdef HAVE_MIF6CTL_VIFC_THRESHOLD\n\tmif6c.vifc_threshold = iface->threshold;\n#endif\n\tmif6c.mif6c_pifi = iface->ifindex; /* physical interface index */\n#ifdef HAVE_MIF6CTL_VIFC_RATE_LIMIT\n\tmif6c.vifc_rate_limit = 0; /* hopefully no limit */\n#endif\n\n\tsmclog(LOG_DEBUG, \"Map iface %-16s => MIF %-2d ifindex %2d flags 0x%04x TTL threshold %u\",\n\t iface->ifname, mif6c.mif6c_mifi, mif6c.mif6c_pifi, mif6c.mif6c_flags, iface->threshold);\n\n\tif (setsockopt(sd6, IPPROTO_IPV6, MRT6_ADD_MIF, &mif6c, sizeof(mif6c)))\n\t\treturn -1;\n\n\tiface->mif = mif;\n\tmif_list[mif].iface = iface;\n\n\treturn 0;\n}\n\nint kern_mif_del(struct iface *iface)\n{\n\tint rc;\n\n\tif (sd6 == -1)\n\t\treturn errno = EAGAIN;\n\tif (!iface)\n\t\treturn errno = EINVAL;\n\tif (iface->mif == NO_VIF)\n\t\treturn errno = ENOENT;\n\n\tsmclog(LOG_DEBUG, \"Removing %-16s => MIF %-2d\", iface->ifname, iface->mif);\n\n\trc = setsockopt(sd6, IPPROTO_IPV6, MRT6_DEL_MIF, &iface->mif, sizeof(iface->mif));\n\tif (!rc) {\n\t\tmif_list[iface->mif].iface = NULL;\n\t\tiface->mif = -1;\n\t}\n\n\treturn rc;\n}\n\nstatic int kern_mroute6(int cmd, struct mroute *route)\n{\n\tchar origin[INET_ADDRSTR_LEN], group[INET_ADDRSTR_LEN];\n\tint op = cmd ? MRT6_ADD_MFC : MRT6_DEL_MFC;\n\tstruct mf6cctl mf6cc = { 0 };\n\tsize_t i;\n\n\tif (sd6 == -1)\n\t\treturn errno = EAGAIN;\n\tif (!route)\n\t\treturn errno = EINVAL;\n\n\tmemset(&mf6cc, 0, sizeof(mf6cc));\n\tmf6cc.mf6cc_origin = *inet_addr6_get(&route->source);\n\tmf6cc.mf6cc_mcastgrp = *inet_addr6_get(&route->group);\n\tmf6cc.mf6cc_parent = route->inbound;\n\n\tinet_addr2str(&route->source, origin, INET_ADDRSTR_LEN);\n\tinet_addr2str(&route->group, group, INET_ADDRSTR_LEN);\n\n\tIF_ZERO(&mf6cc.mf6cc_ifset);\n\tfor (i = 0; i < NELEMS(route->ttl); i++) {\n\t\tif (route->ttl[i]) {\n\t\t\tIF_SET(i, &mf6cc.mf6cc_ifset);\n\t\t}\n\t}\n\n\tif (setsockopt(sd6, IPPROTO_IPV6, op, &mf6cc, sizeof(mf6cc))) {\n\t\tif (ENOENT == errno)\n\t\t\tsmclog(LOG_DEBUG, \"failed removing IPv6 multicast route (%s,%s), \"\n\t\t\t \"does not exist.\", origin, group);\n\t\telse\n\t\t\tsmclog(LOG_WARNING, \"failed %s IPv6 multicast route (%s,%s): %s\",\n\t\t\t cmd ? \"adding\" : \"removing\", origin, group, strerror(errno));\n\t\treturn 1;\n\t}\n\n\tsmclog(LOG_DEBUG, \"%s %s -> %s from VIF %d\", cmd ? \"Add\" : \"Del\",\n\t origin, group, route->inbound);\n\n\treturn 0;\n}\n\nstatic int kern_stats6(struct mroute *route, struct mroute_stats *ms)\n{\n\tstruct sioc_sg_req6 sg_req = { 0 };\n\n\tif (sd6 == -1)\n\t\treturn errno = EAGAIN;\n\n\tsg_req.src = *inet_addr6_get(&route->source);\n\tsg_req.grp = *inet_addr6_get(&route->group);\n\n\tif (ioctl(sd6, SIOCGETSGCNT_IN6, &sg_req) < 0) {\n\t\tif (ms->ms_wrong_if)\n\t\t\tsmclog(LOG_WARNING, \"Failed getting MFC stats: %s\", strerror(errno));\n\t\treturn errno;\n\t}\n\n\tms->ms_pktcnt = sg_req.pktcnt;\n\tms->ms_bytecnt = sg_req.bytecnt;\n\tms->ms_wrong_if = sg_req.wrong_if;\n\n\treturn 0;\n}\n#endif /* HAVE_IPV6_MULTICAST_HOST */\n\n/*\n * Query kernel for route usage statistics\n */\nint kern_stats(struct mroute *route, struct mroute_stats *ms)\n{\n\tif (!route || !ms)\n\t\treturn errno = EINVAL;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (route->group.ss_family == AF_INET6)\n\t\treturn kern_stats6(route, ms);\n#endif\n\n\treturn kern_stats4(route, ms);\n}\n\nint kern_mroute_add(struct mroute *route)\n{\n\tif (!route)\n\t\treturn errno = EINVAL;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (route->group.ss_family == AF_INET6)\n\t\treturn kern_mroute6(1, route);\n#endif\n\n\treturn kern_mroute4(1, route);\n}\n\nint kern_mroute_del(struct mroute *route)\n{\n\tif (!route)\n\t\treturn errno = EINVAL;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (route->group.ss_family == AF_INET6)\n\t\treturn kern_mroute6(0, route);\n#endif\n\n\treturn kern_mroute4(0, route);\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/kern.h", "content": "/* Kernel API for join/leave multicast groups and add/del routes\n *\n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * Permission to use, copy, modify, and/or distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n#ifndef SMCROUTE_KERN_H_\n#define SMCROUTE_KERN_H_\n\n#include \"mcgroup.h\"\n#include \"mroute.h\"\n\nstruct mroute_stats {\n\tunsigned long ms_pktcnt;\n\tunsigned long ms_bytecnt;\n\tunsigned long ms_wrong_if;\n};\n\nint kern_join_leave (int sd, int cmd, struct mcgroup *mcg);\n\nint kern_mroute_init (int table_id, void (*cb)(int, void *), void *arg);\nint kern_mroute_exit (void);\n\nint kern_mroute6_init(int table_id, void (*cb)(int, void *), void *arg);\nint kern_mroute6_exit(void);\n\nint kern_vif_add (struct iface *iface);\nint kern_vif_del (struct iface *iface);\n\nint kern_mif_add (struct iface *iface);\nint kern_mif_del (struct iface *iface);\n\nint kern_mroute_add (struct mroute *route);\nint kern_mroute_del (struct mroute *route);\n\nint kern_stats (struct mroute *route, struct mroute_stats *ms);\n\n#endif /* SMCROUTE_KERN_H_ */\n" }, { "path": "src/log.c", "content": "/* System logging API\n *\n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#define SYSLOG_NAMES\n\n#include \n#include \n#include \n\n#include \"log.h\"\n#include \"conf.h\"\n#include \"util.h\"\n\nint log_level = LOG_NOTICE;\nchar log_message[128];\n\n/**\n * loglvl - Convert log level string to value\n * @level: String from user, debug, error, warning, etc.\n *\n * Returns:\n * Matching %LOG_DEBUG, %LOG_ERR, etc.\n */\nint loglvl(const char *level)\n{\n\tint i;\n\n\tfor (i = 0; prioritynames[i].c_name; i++) {\n\t\tsize_t len = MIN(strlen(prioritynames[i].c_name), strlen(level));\n\n\t\tif (!strncasecmp(prioritynames[i].c_name, level, len))\n\t\t\treturn prioritynames[i].c_val;\n\t}\n\n\treturn atoi(level);\n}\n\n/**\n * smclog - Log message to syslog or stderr\n * @severity: Standard syslog() severity levels\n * @fmt: Standard printf() formatted message to log\n *\n * Logs a standard printf() formatted message to syslog and stderr when\n * @severity is greater than the @log_level threshold. When @code is\n * set it is appended to the log, along with the error message.\n *\n * When @severity is %LOG_ERR or worse this function will call exit().\n */\nvoid smclog(int severity, const char *fmt, ...)\n{\n\tva_list args;\n\n\tva_start(args, fmt);\n\tif (!conf_vrfy) {\n\t\tvsnprintf(log_message, sizeof(log_message), fmt, args);\n\t} else {\n\t\tif (severity <= log_level) {\n\t\t\tvprintf(fmt, args);\n\t\t\tputs(\"\");\n\t\t}\n\t}\n\tva_end(args);\n\n\tsyslog(severity, \"%s\", log_message);\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/log.h", "content": "/* System logging API */\n#ifndef SMCROUTE_LOG_H_\n#define SMCROUTE_LOG_H_\n\n#include \n\nextern int log_level;\nextern char log_message[128];\n\nint loglvl(const char *level);\nvoid smclog(int severity, const char *fmt, ...);\n\n#endif /* SMCROUTE_LOG_H_ */\n" }, { "path": "src/mcgroup.c", "content": "/* Multicast group management (join/leave) API\n *\n * Copyright (C) 2001-2005 Carsten Schill \n * Copyright (C) 2006-2009 Julien BLACHE \n * Copyright (C) 2009 Todd Hayton \n * Copyright (C) 2009-2011 Micha Lenk \n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \"config.h\"\n#include \"queue.h\"\n\n#include \n#include \n#include \n#include \n#include \n#include \n#ifdef HAVE_LINUX_FILTER_H\n#include \n#endif\n#include \n\n#include \"log.h\"\n#include \"ipc.h\"\n#include \"util.h\"\n#include \"iface.h\"\n#include \"socket.h\"\n#include \"mcgroup.h\"\n#include \"kern.h\"\n\n/*\n * Track IGMP join, any-source and source specific\n */\nstatic TAILQ_HEAD(kmcglist, mcgroup) kern_list = TAILQ_HEAD_INITIALIZER(kern_list);\nstatic TAILQ_HEAD(cmcglist, mcgroup) conf_list = TAILQ_HEAD_INITIALIZER(conf_list);\n\n#ifdef HAVE_LINUX_FILTER_H\n/*\n * Extremely simple \"drop everything\" filter for Linux so we do not get\n * a copy each packet of every routed group we join.\n */\nstatic struct sock_filter filter[] = {\n\t{ 0x6, 0, 0, 0x00000000 },\n};\n\nstatic struct sock_fprog fprog = {\n\tsizeof(filter) / sizeof(filter[0]),\n\tfilter\n};\n#endif /* HAVE_LINUX_FILTER_H */\n\n/*\n * Linux net.ipv4.igmp_max_memberships defaults to 20, but empiricism\n * suggests we can only ever get 10 from each socket on Linux 5.11.\n * We therefore calibrate for the current system this using ENOBUFS.\n */\n#define MAX_GROUPS 20\nstatic int max_groups = MAX_GROUPS;\n\nstruct mc_sock {\n\tTAILQ_ENTRY(mc_sock) link;\n\n\tint family;\t\t\t/* address family */\n\tint sd;\t\t\t\t/* socket for join/leave ops */\n\tint cnt;\t\t\t/* max 20 on linux */\n};\n\nTAILQ_HEAD(mcslist, mc_sock) mc_sock_list= TAILQ_HEAD_INITIALIZER(mc_sock_list);\n\nstatic int alloc_mc_sock(int family)\n{\n\tstruct mc_sock *entry;\n\n\tTAILQ_FOREACH(entry, &mc_sock_list, link) {\n\t\tif (entry->cnt < max_groups && entry->family == family)\n\t\t\tbreak;\n\t}\n\n\tif (!entry) {\n\t\tentry = malloc(sizeof(struct mc_sock));\n\t\tif (!entry) {\n\t\t\tsmclog(LOG_ERR, \"Out of memory in %s()\", __func__);\n\t\t\treturn -1;\n\t\t}\n\n\t\tentry->family = family;\n\t\tentry->cnt = 0;\n\t\tentry->sd = socket_create(family, SOCK_DGRAM, 0, NULL, NULL);\n\t\tif (entry->sd == -1) {\n\t\t\tsmclog(LOG_ERR, \"Failed creating mc socket: %s\", strerror(errno));\n\t\t\tfree(entry);\n\t\t\treturn -1;\n\t\t}\n\n#ifdef HAVE_LINUX_FILTER_H\n\t\tif (setsockopt(entry->sd, SOL_SOCKET, SO_ATTACH_FILTER, &fprog, sizeof(fprog)) < 0)\n\t\t\tsmclog(LOG_WARNING, \"failed setting IPv4 socket filter, continuing anyway\");\n#endif\n\n\t\tTAILQ_INSERT_TAIL(&mc_sock_list, entry, link);\n\t}\n\n\tentry->cnt++;\n\tsmclog(LOG_DEBUG, \"Group socket %d count %d of MAX %d\", entry->sd, entry->cnt, max_groups);\n\n\treturn entry->sd;\n}\n\nstatic void free_mc_sock(int sd)\n{\n\tstruct mc_sock *entry, *tmp;\n\n\tTAILQ_FOREACH_SAFE(entry, &mc_sock_list, link, tmp) {\n\t\tif (entry->sd == sd)\n\t\t\tbreak;\n\t}\n\n\tif (entry) {\n\t\tif (--entry->cnt == 0) {\n\t\t\tTAILQ_REMOVE(&mc_sock_list, entry, link);\n\t\t\tsocket_close(entry->sd);\n\t\t\tfree(entry);\n\t\t}\n\t}\n}\n\nstatic struct iface *match_valid_iface(const char *ifname, struct ifmatch *state)\n{\n\tstruct iface *iface = iface_match_by_name(ifname, 0, state);\n\n\tif (!iface && !state->match_count)\n\t\tsmclog(LOG_DEBUG, \"unknown interface %s\", ifname);\n\n\treturn iface;\n}\n\nstatic void list_add(int sd, struct mcgroup *mcg)\n{\n\tstruct mcgroup *entry;\n\n\tentry = malloc(sizeof(*entry));\n\tif (!entry) {\n\t\tsmclog(LOG_ERR, \"Failed adding mgroup to list: %s\", strerror(errno));\n\t\treturn;\n\t}\n\n\t*entry = *mcg;\n\tentry->sd = sd;\n\n\tTAILQ_INSERT_TAIL(&kern_list, entry, link);\n}\n\nstatic void list_rem(int sd, struct mcgroup *mcg)\n{\n\tstruct mcgroup *entry, *tmp;\n\n\t(void)sd;\n\tTAILQ_FOREACH_SAFE(entry, &kern_list, link, tmp) {\n\t\tif (entry->iface->ifindex != mcg->iface->ifindex)\n\t\t\tcontinue;\n\n\t\tif (inet_addr_cmp(&entry->source, &mcg->source) ||\n\t\t inet_addr_cmp(&entry->group, &mcg->group))\n\t\t\tcontinue;\n\n\t\tTAILQ_REMOVE(&kern_list, entry, link);\n\t\tfree_mc_sock(entry->sd);\n\t\tfree(entry);\n\t}\n}\n\nvoid mcgroup_init(void)\n{\n\tstruct rlimit rlim;\n\n\tif (getrlimit(RLIMIT_NOFILE, &rlim)) {\n\t\tsmclog(LOG_ERR, \"Failed reading RLIMIT_NOFILE\");\n\t\treturn;\n\t}\n\n\tsmclog(LOG_DEBUG, \"NOFILE: current %lu max %lu\", rlim.rlim_cur, rlim.rlim_max);\n\trlim.rlim_cur = rlim.rlim_max;\n\tif (setrlimit(RLIMIT_NOFILE, &rlim)) {\n\t\tsmclog(LOG_ERR, \"Failed setting RLIMIT_NOFILE soft limit to %lu: %s\",\n\t\t rlim.rlim_max, strerror(errno));\n\t\treturn;\n\t}\n\tsmclog(LOG_DEBUG, \"NOFILE: set new current %ld max %ld\", rlim.rlim_cur, rlim.rlim_max);\n}\n\n/*\n * Close IPv4/IPv6 multicast sockets to kernel to leave any joined groups\n */\nvoid mcgroup_exit(void)\n{\n\tstruct mcgroup *entry, *tmp;\n\n\tTAILQ_FOREACH_SAFE(entry, &conf_list, link, tmp) {\n\t\tTAILQ_REMOVE(&conf_list, entry, link);\n\t\tfree(entry);\n\t}\n\tTAILQ_FOREACH_SAFE(entry, &kern_list, link, tmp) {\n\t\tTAILQ_REMOVE(&kern_list, entry, link);\n\t\tfree_mc_sock(entry->sd);\n\t\tfree(entry);\n\t}\n}\n\nstatic struct mcgroup *find_conf(const char *ifname, inet_addr_t *source, inet_addr_t *group, int len)\n{\n\tstruct mcgroup *entry;\n\n\tTAILQ_FOREACH(entry, &conf_list, link) {\n\t\tif (strcmp(entry->ifname, ifname))\n\t\t\tcontinue;\n\t\tif (inet_addr_cmp(&entry->source, source))\n\t\t\tcontinue;\n\t\tif (inet_addr_cmp(&entry->group, group) || entry->len != len)\n\t\t\tcontinue;\n\n\t\treturn entry;\n\t}\n\n\treturn NULL;\n}\n\nstatic struct mcgroup *find_kern(struct mcgroup *mcg)\n{\n\tstruct mcgroup *entry;\n\n\tTAILQ_FOREACH(entry, &kern_list, link) {\n\t\tif (strcmp(entry->ifname, mcg->ifname))\n\t\t\tcontinue;\n\t\tif (inet_addr_cmp(&entry->source, &mcg->source))\n\t\t\tcontinue;\n\t\tif (inet_addr_cmp(&entry->group, &mcg->group))\n\t\t\tcontinue;\n\n\t\treturn entry;\n\t}\n\n\treturn NULL;\n}\n\nint mcgroup_action(int cmd, const char *ifname, inet_addr_t *source, int src_len, inet_addr_t *group, int len)\n{\n\tchar src[INET_ADDRSTR_LEN] = \"*\", grp[INET_ADDRSTR_LEN];\n\tstruct mcgroup *mcg;\n\tstruct ifmatch state;\n\tint rc = 0;\n\tint sd;\n\n\tif (!is_anyaddr(source))\n\t\tinet_addr2str(source, src, sizeof(src));\n\tinet_addr2str(group, grp, sizeof(grp));\n\n\tmcg = find_conf(ifname, source, group, len);\n\tif (mcg) {\n\t\tif (cmd) {\n\t\t\tif (mcg->unused) {\n\t\t\t\tmcg->unused = 0;\n\t\t\t\treturn 0;\n\t\t\t}\n\n\t\t\tsmclog(LOG_INFO, \"Already joined (%s,%s) on %s\", src, grp, ifname);\n\t\t\terrno = EALREADY;\n\t\t\treturn 1;\n\t\t}\n\t} else {\n\t\tif (!cmd) {\n\t\t\tsmclog(LOG_INFO, \"No group (%s,%s) on %s to leave\", src, grp, ifname);\n\t\t\terrno = ENOENT;\n\t\t\treturn 1;\n\t\t}\n\n\t\tmcg = calloc(1, sizeof(*mcg));\n\t\tif (!mcg) {\n\t\t\tsmclog(LOG_ERR, \"Out of memory joining (%s,%s) on %s\", src, grp, ifname);\n\t\t\treturn 1;\n\t\t}\n\n\t\tstrlcpy(mcg->ifname, ifname, sizeof(mcg->ifname));\n\t\tmcg->source = *source;\n\t\tmcg->src_len = src_len;\n\t\tmcg->group = *group;\n\t\tmcg->len = len;\n\n\t\tTAILQ_INSERT_TAIL(&conf_list, mcg, link);\n\t}\n\n\tiface_match_init(&state);\n\twhile ((mcg->iface = match_valid_iface(ifname, &state))) {\n\t\tstruct inet_iter siter;\n\n\t\tinet_iter_init(&siter, &mcg->source, mcg->src_len);\n\t\twhile (inet_iterator(&siter, &mcg->source)) {\n\t\t\tstruct inet_iter giter;\n\n\t\t\tinet_iter_init(&giter, &mcg->group, mcg->len);\n\t\t\twhile (inet_iterator(&giter, &mcg->group)) {\n\t\t\t\tif (!cmd) {\n\t\t\t\t\tstruct mcgroup *kmcg;\n\n\t\t\t\t\tkmcg = find_kern(mcg);\n\t\t\t\t\tif (!kmcg)\n\t\t\t\t\t\tcontinue;\n\n\t\t\t\t\tsd = kmcg->sd;\n\t\t\t\t} else {\n\t\t\t\tretry:\n\t\t\t\t\tsd = alloc_mc_sock(group->ss_family);\n\t\t\t\t}\n\n\t\t\t\tif (sd == -1) {\n\t\t\t\t\tsmclog(LOG_ERR, \"Failed %s (%s,%s) on %s: %s\",\n\t\t\t\t\t cmd ? \"joining\" : \"leaving\",\n\t\t\t\t\t src, grp, ifname, strerror(errno));\n\t\t\t\t\tcontinue;\n\t\t\t\t}\n\n\t\t\t\tif (kern_join_leave(sd, cmd, mcg)) {\n\t\t\t\t\tif (cmd) {\n\t\t\t\t\t\tswitch (errno) {\n\t\t\t\t\t\tcase EADDRINUSE:\n\t\t\t\t\t\t\t /* Already joined, ignore */\n\t\t\t\t\t\t\tcontinue;\n\n\t\t\t\t\t\tcase ENOBUFS:\n\t\t\t\t\t\t\tsmclog(LOG_WARNING, \"Out of groups on socket \"\n\t\t\t\t\t\t\t \"adjusting max_groups %d.\", max_groups);\n\t\t\t\t\t\t\t/*\n\t\t\t\t\t\t\t * Maxed out net.ipv4.igmp_max_msf\n\t\t\t\t\t\t\t * or net.ipv4.igmp_max_memberships\n\t\t\t\t\t\t\t * Linux only.\n\t\t\t\t\t\t\t */\n\t\t\t\t\t\t\tmax_groups--;\n\t\t\t\t\t\t\tgoto retry;\n\n\t\t\t\t\t\tdefault:\n\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\trc++;\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\n\t\t\t\tif (cmd)\n\t\t\t\t\tlist_add(sd, mcg);\n\t\t\t\telse\n\t\t\t\t\tlist_rem(sd, mcg);\n\t\t\t}\n\n\t\t\tmcg->group = giter.orig;\n\t\t}\n\n\t\tmcg->source = siter.orig;\n\t}\n\n\tif (!cmd) {\n\t\tTAILQ_REMOVE(&conf_list, mcg, link);\n\t\tfree_mc_sock(mcg->sd);\n\t\tfree(mcg);\n\t}\n\n\tif (!state.match_count)\n\t\treturn 1;\n\n\treturn rc;\n}\n\n/*\n * Called on SIGHUP/reload. Mark all known configured groups as\n * 'unused', let mcgroup_action() unmark and mcgroup_reload_end()\n * take care to remove groups that still have the 'unused' flag.\n */\nvoid mcgroup_reload_beg(void)\n{\n\tstruct mcgroup *entry;\n\n\tTAILQ_FOREACH(entry, &conf_list, link)\n\t\tentry->unused = 1;\n}\n\nvoid mcgroup_reload_end(void)\n{\n\tstruct mcgroup *entry, *tmp;\n\tstruct iface *iface;\n\tint first = 1;\n\n\twhile ((iface = iface_iterator(first))) {\n\t\tchar dummy[IFNAMSIZ];\n\n\t\tfirst = 0;\n\t\tif (iface->unused || !if_indextoname(iface->ifindex, dummy))\n\t\t\tmcgroup_prune(iface->ifname);\n\t}\n\n\tTAILQ_FOREACH_SAFE(entry, &conf_list, link, tmp) {\n\t\tif (!entry->unused)\n\t\t\tcontinue;\n\n\t\tmcgroup_action(0, entry->ifname, &entry->source, entry->src_len, &entry->group, entry->len);\n\t}\n}\n\n/*\n * When an interface is removed from the system, or its flags are\n * changed to exclude the MULTICAST flag, we must prune groups.\n */\nvoid mcgroup_prune(char *ifname)\n{\n\tstruct mcgroup *entry, *tmp;\n\n\tTAILQ_FOREACH_SAFE(entry, &conf_list, link, tmp) {\n\t\tif (strcmp(entry->ifname, ifname))\n\t\t\tcontinue;\n\n\t\tmcgroup_action(0, entry->ifname, &entry->source, entry->src_len, &entry->group, entry->len);\n\t}\n}\n\nstatic int show_mcgroup(int sd, struct mcgroup *entry)\n{\n\tint max_len = inet_max_len(&entry->group);\n\tchar sg[INET_ADDRSTR_LEN * 2 + 10 + 3];\n\tchar src[INET_ADDRSTR_LEN] = \"*\";\n\tchar grp[INET_ADDRSTR_LEN];\n\tchar line[256];\n\n\tif (!is_anyaddr(&entry->source))\n\t\tinet_addr2str(&entry->source, src, sizeof(src));\n\tinet_addr2str(&entry->group, grp, sizeof(grp));\n\n\tsnprintf(sg, sizeof(sg), \"(%s\", src);\n\tif (entry->src_len != max_len)\n\t\tsnprintf(line, sizeof(line), \"/%u, \", entry->src_len);\n\telse\n\t\tsnprintf(line, sizeof(line), \", \");\n\tstrlcat(sg, line, sizeof(sg));\n\n\tif (entry->len != max_len)\n\t\tsnprintf(line, sizeof(line), \"%s/%u)\", grp, entry->len);\n\telse\n\t\tsnprintf(line, sizeof(line), \"%s)\", grp);\n\tstrlcat(sg, line, sizeof(sg));\n\n\tsnprintf(line, sizeof(line), \"%-42s %s\\n\", sg, entry->ifname);\n\tif (ipc_send(sd, line, strlen(line)) < 0) {\n\t\tsmclog(LOG_ERR, \"Failed sending reply to client: %s\", strerror(errno));\n\t\treturn -1;\n\t}\n\n\treturn 0;\n}\n\n/* Write all joined IGMP/MLD groups to client socket */\nint mcgroup_show(int sd, int detail)\n{\n\tchar *conf_str = \"Group Memberships Table_\\n\";\n\tchar *kern_str = \"Kernel Group Membership Table_\\n\";\n\tstruct mcgroup *entry;\n\tchar line[256];\n\n\tif (TAILQ_EMPTY(&conf_list))\n\t\treturn 0;\n\n\tipc_send(sd, conf_str, strlen(conf_str));\n\tsnprintf(line, sizeof(line), \"%-42s %-16s=\\n\", \"GROUP (S,G)\", \"IIF\");\n\tipc_send(sd, line, strlen(line));\n\n\tTAILQ_FOREACH(entry, &conf_list, link) {\n\t\tif (show_mcgroup(sd, entry) < 0)\n\t\t return 1;\n\t}\n\n\tif (!detail)\n\t\treturn 0;\n\n\tipc_send(sd, kern_str, strlen(kern_str));\n\tsnprintf(line, sizeof(line), \"%-42s %-16s=\\n\", \"GROUP (S,G)\", \"IIF\");\n\tTAILQ_FOREACH(entry, &kern_list, link) {\n\t\tif (show_mcgroup(sd, entry) < 0)\n\t\t return 1;\n\t}\n\n\treturn 0;\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/mcgroup.h", "content": "/* IGMP/MLD group subscription API */\n#ifndef SMCROUTE_MCGROUP_H_\n#define SMCROUTE_MCGROUP_H_\n\n#include \"inet.h\"\n#include \"queue.h\"\n\nstruct mcgroup {\n\tTAILQ_ENTRY(mcgroup) link;\n\tint unused;\n\n\tchar ifname[IFNAMSIZ];\n\tstruct iface *iface;\n\tinet_addr_t source;\n\tuint8_t src_len;\n\tinet_addr_t group;\n\tuint8_t len;\n\tint sd;\n};\n\nvoid mcgroup_reload_beg(void);\nvoid mcgroup_reload_end(void);\nvoid mcgroup_prune (char *ifname);\n\nvoid mcgroup_init (void);\nvoid mcgroup_exit (void);\n\nint mcgroup_action (int cmd, const char *ifname, inet_addr_t *source, int src_len, inet_addr_t *group, int len);\n\nint mcgroup_show (int sd, int detail);\n\n#endif /* SMCROUTE_MCGROUP_H_ */\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/mrdisc.c", "content": "/* Multicast Router Discovery Protocol, RFC4286 (IPv4 only)\n *\n * Copyright (C) 2017-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#ifndef __linux__\n/* We use SO_BINDTODEVICE to be able to send MRDISC on interfaces that\n * may not have an IP address yet. I have not found any way of doing\n * this on FreeBSD. Best I could find was an aging patch for IP_SENDIF\n * https://forums.freebsd.org/threads/so_bindtodevice-undeclared-on-freebsd-12.73731/\n * that never got merged. It's possible there are other ways to do the\n * same, but now you know as much as I do.\n */\n#error Currently only works on Linux, patches for FreeBSD are most welcome.\n#endif\n\n#include \"config.h\"\n#include \"queue.h\"\n\n#include \n#include \n#include \n#include \n#include \n#include \n\n#include \n#include \n#include \n#include \n#include \n\n#include \"log.h\"\n#include \"mrdisc.h\"\n#include \"socket.h\"\n#include \"timer.h\"\n#include \"util.h\"\n\n#define MC_ALL_ROUTERS \"224.0.0.2\"\n#define MC_ALL_SNOOPERS \"224.0.0.106\"\n\n#define IGMP_MRDISC_ANNOUNCE 0x30\n#define IGMP_MRDISC_SOLICIT 0x31\n#define IGMP_MRDISC_TERM 0x32\n\nstruct ifsock {\n\tLIST_ENTRY(ifsock) link;\n\n\tint sd;\n\tchar ifname[IFNAMSIZ];\n\tvifi_t vif;\n};\n\nstatic uint8_t interval = 20;\nstatic LIST_HEAD(ifslist, ifsock) ifsock_list = LIST_HEAD_INITIALIZER();\n\n\nstatic struct ifsock *find(int sd)\n{\n\tstruct ifsock *entry;\n\n\tLIST_FOREACH(entry, &ifsock_list, link) {\n\t\tif (entry->sd == sd)\n\t\t\treturn entry;\n\t}\n\n\treturn NULL;\n}\n\n/* Checksum routine for Internet Protocol family headers */\nstatic unsigned short in_cksum(unsigned short *addr, int len)\n{\n\tunsigned short answer = 0;\n\tunsigned short *w = addr;\n\tunsigned int sum = 0;\n\tint nleft = len;\n\n\t/*\n\t * Our algorithm is simple, using a 32 bit accumulator (sum), we add\n\t * sequential 16 bit words to it, and at the end, fold back all the\n\t * carry bits from the top 16 bits into the lower 16 bits.\n\t */\n\twhile (nleft > 1) {\n\t\tsum += *w++;\n\t\tnleft -= 2;\n\t}\n\n\t/* mop up an odd byte, if necessary */\n\tif (nleft == 1) {\n\t\t*(unsigned char *)(&answer) = *(unsigned char *)w;\n\t\tsum += answer;\n\t}\n\n\t/* add back carry outs from top 16 bits to low 16 bits */\n\tsum = (sum >> 16) + (sum & 0xffff);\t/* add hi 16 to low 16 */\n\tsum += (sum >> 16);\t\t\t/* add carry */\n\tanswer = ~sum & 0xffff;\t\t\t/* truncate to 16 bits */\n\n\treturn answer;\n}\n\nstatic void compose_addr(struct sockaddr_in *sin, char *group)\n{\n\tmemset(sin, 0, sizeof(*sin));\n\tsin->sin_family = AF_INET;\n\tsin->sin_addr.s_addr = inet_addr(group);\n}\n\nstatic int inet_send(int sd, uint8_t type, uint8_t interval)\n{\n\tstruct sockaddr dest;\n\tstruct igmp igmp;\n\tssize_t num;\n\n\tmemset(&igmp, 0, sizeof(igmp));\n\tigmp.igmp_type = type;\n\tigmp.igmp_code = interval;\n\tigmp.igmp_cksum = in_cksum((unsigned short *)&igmp, sizeof(igmp));\n\n\tcompose_addr((struct sockaddr_in *)&dest, MC_ALL_SNOOPERS);\n\n\tnum = sendto(sd, &igmp, sizeof(igmp), 0, &dest, sizeof(dest));\n\tif (num < 0)\n\t\treturn -1;\n\n\treturn 0;\n}\n\n/* If called with interval=0, only read() */\nstatic int inet_recv(int sd, uint8_t interval)\n{\n\tstruct igmp *igmp;\n\tchar buf[1530];\n\tstruct ip *ip;\n\tssize_t num;\n\n\tmemset(buf, 0, sizeof(buf));\n\tnum = read(sd, buf, sizeof(buf));\n\tif (num < 0)\n\t\treturn -1;\n\n\tip = (struct ip *)buf;\n\tigmp = (struct igmp *)(buf + (ip->ip_hl << 2));\n\tif (igmp->igmp_type == IGMP_MRDISC_SOLICIT && interval > 0) {\n\t\tsmclog(LOG_DEBUG, \"Received mrdisc solicitation\");\n\t\treturn inet_send(sd, IGMP_MRDISC_ANNOUNCE, interval);\n\t}\n\n\treturn 0;\n}\n\nstatic int inet_open(char *ifname)\n{\n\tunsigned char ra[4] = { IPOPT_RA, 0x04, 0x00, 0x00 };\n\tstruct ip_mreqn mreq;\n\tstruct ifreq ifr;\n\tint sd, val, rc;\n\tchar loop;\n\n\tsd = socket_create(AF_INET, SOCK_RAW, IPPROTO_IGMP, mrdisc_recv, NULL);\n\tif (sd < 0) {\n\t\tsmclog(LOG_ERR, \"Cannot open socket: %s\", strerror(errno));\n\t\treturn -1;\n\t}\n\n\tmemset(&ifr, 0, sizeof(ifr));\n\tsnprintf(ifr.ifr_name, sizeof(ifr.ifr_name), \"%s\", ifname);\n\tif (setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr)) < 0) {\n\t\tif (ENODEV == errno) {\n\t\t\tsmclog(LOG_WARNING, \"Not a valid interface, %s, skipping ...\", ifname);\n\t\t\tsocket_close(sd);\n\t\t\treturn -1;\n\t\t}\n\n\t\tsmclog(LOG_ERR, \"Cannot bind socket to interface %s: %s\", ifname, strerror(errno));\n\t\tsocket_close(sd);\n\t\treturn -1;\n\t}\n\n\tmemset(&mreq, 0, sizeof(mreq));\n\tmreq.imr_multiaddr.s_addr = inet_addr(MC_ALL_SNOOPERS);\n\tmreq.imr_ifindex = if_nametoindex(ifname);\n if (setsockopt(sd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq))) {\n\t\tsmclog(LOG_ERR, \"Failed joining group %s: %s\", MC_ALL_SNOOPERS, strerror(errno));\n\t\treturn -1;\n\t}\n\n\t/* mrdisc solicitation messages goes to the All-Routers group */\n\tmreq.imr_multiaddr.s_addr = inet_addr(MC_ALL_ROUTERS);\n\tmreq.imr_ifindex = if_nametoindex(ifname);\n if (setsockopt(sd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq))) {\n\t\tsmclog(LOG_ERR, \"Failed joining group %s: %s\", MC_ALL_ROUTERS, strerror(errno));\n\t\treturn -1;\n\t}\n\n\tval = 1;\n\trc = setsockopt(sd, IPPROTO_IP, IP_MULTICAST_TTL, &val, sizeof(val));\n\tif (rc < 0) {\n\t\tsmclog(LOG_ERR, \"Cannot set TTL: %s\", strerror(errno));\n\t\tsocket_close(sd);\n\t\treturn -1;\n\t}\n\n\tloop = 0;\n\trc = setsockopt(sd, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, sizeof(loop));\n\tif (rc < 0) {\n\t\tsmclog(LOG_ERR, \"Cannot disable MC loop: %s\", strerror(errno));\n\t\tsocket_close(sd);\n\t\treturn -1;\n\t}\n\n\trc = setsockopt(sd, IPPROTO_IP, IP_OPTIONS, &ra, sizeof(ra));\n\tif (rc < 0) {\n\t\tsmclog(LOG_ERR, \"Cannot set IP OPTIONS: %s\", strerror(errno));\n\t\tsocket_close(sd);\n\t\treturn -1;\n\t}\n\n\treturn sd;\n}\n\nstatic int inet_close(int sd)\n{\n\treturn inet_send(sd, IGMP_MRDISC_TERM, 0) ||\n\t\tsocket_close(sd);\n}\n\nstatic void announce(struct ifsock *entry)\n{\n\tif (!entry)\n\t\treturn;\n\n\tsmclog(LOG_DEBUG, \"Sending mrdisc announcement on %s\", entry->ifname);\n\tif (inet_send(entry->sd, IGMP_MRDISC_ANNOUNCE, interval)) {\n\t\tif (ENETUNREACH == errno || ENETDOWN == errno)\n\t\t\treturn;\t/* Link down, ignore. */\n\n\t\tsmclog(LOG_WARNING, \"Failed sending IGMP control message 0x%x on %s, error %d: %s\",\n\t\t IGMP_MRDISC_ANNOUNCE, entry->ifname, errno, strerror(errno));\n\t}\n}\n\nint mrdisc_init(int period)\n{\n\tinterval = period;\n\tif (timer_add(interval, mrdisc_send, NULL) < 0 && errno != EEXIST) {\n\t\tsmclog(LOG_ERR, \"Failed starting mrdisc announcement timer.\");\n\t\treturn -1;\n\t}\n\n\treturn 0;\n}\n\nint mrdisc_exit(void)\n{\n\tstruct ifsock *entry, *tmp;\n\n\tLIST_FOREACH_SAFE(entry, &ifsock_list, link, tmp) {\n\t\tinet_close(entry->sd);\n\t\tLIST_REMOVE(entry, link);\n\t\tfree(entry);\n\t}\n\n\treturn 0;\n}\n\n/*\n * Register possible interface for mrdisc\n */\nint mrdisc_register(char *ifname, short vif)\n{\n\tstruct ifsock *entry;\n\n\tLIST_FOREACH(entry, &ifsock_list, link) {\n\t\tif (!strcmp(entry->ifname, ifname))\n\t\t\tgoto reload;\n\t}\n\n\tentry = malloc(sizeof(*entry));\n\tif (!entry) {\n\t\tsmclog(LOG_ERR, \"Out of memory in %s()\", __func__);\n\t\treturn -1;\n\t}\n\n\tentry->vif = vif;\n\tstrlcpy(entry->ifname, ifname, sizeof(entry->ifname));\n\tLIST_INSERT_HEAD(&ifsock_list, entry, link);\n\n\tentry->sd = inet_open(entry->ifname);\n\tif (entry->sd < 0)\n\t\treturn -1;\nreload:\n\tannounce(entry);\n\treturn 0;\n}\n\n/*\n * Unregister mrdisc interface, regardless of refcnt\n */\nint mrdisc_deregister(short vif)\n{\n\tstruct ifsock *entry;\n\n\tLIST_FOREACH(entry, &ifsock_list, link) {\n\t\tif (entry->vif != vif)\n\t\t\tcontinue;\n\n\t\tinet_close(entry->sd);\n\t\tLIST_REMOVE(entry, link);\n\t\tfree(entry);\n\t\treturn 0;\n\t}\n\n\treturn 0;\n}\n\nvoid mrdisc_send(void *arg)\n{\n\tstruct ifsock *entry;\n\n\t(void)arg;\n\tLIST_FOREACH(entry, &ifsock_list, link)\n\t\tannounce(entry);\n}\n\nvoid mrdisc_recv(int sd, void *arg)\n{\n\tstruct ifsock *entry;\n\n\t(void)arg;\n\n\t/* Verify we are reading from an active socket */\n\tentry = find(sd);\n\tif (!entry) {\n\t\tsmclog(LOG_WARNING, \"Bug in mrdisc, received frame on unknown socket %d\", sd);\n\t\treturn;\n\t}\n\n\t/* Only do a \"dummy\" read on inactive interfaces */\n\tif (inet_recv(sd, interval))\n\t\tsmclog(LOG_WARNING, \"Failed receiving IGMP control message from %s\", entry->ifname);\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/mrdisc.h", "content": "/* Multicast Router Discovery Protocol, RFC4286 (IPv4 only)\n *\n * Copyright (C) 2017-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#ifndef SMCROUTE_MRDISC_H_\n#define SMCROUTE_MRDISC_H_\n\n#include \"config.h\"\n#define MRDISC_INTERVAL_DEFAULT 20\n\n#ifdef ENABLE_MRDISC\nint mrdisc_init (int interval);\nint mrdisc_exit (void);\n\nint mrdisc_register (char *ifname, short vif);\nint mrdisc_deregister ( short vif);\n\nint mrdisc_enable (short vif);\nint mrdisc_disable (short vif);\n\nvoid mrdisc_send ( void *arg);\nvoid mrdisc_recv (int sd, void *arg);\n\n#else\n#define mrdisc_init(interval)\n#define mrdisc_exit()\n\n#define mrdisc_register(ifname, vif) 0\n#define mrdisc_deregister(vif) 0\n\n#define mrdisc_enable(ifname)\n#define mrdisc_disable(ifname) {}\n\n#define mrdisc_send(arg)\n#define mrdisc_recv(sd, arg)\n#endif\n\n#endif /* SMCROUTE_MRDISC_H_ */\n" }, { "path": "src/mroute.c", "content": "/* Generic kernel multicast routing API for Linux and *BSD\n *\n * Copyright (C) 2001-2005 Carsten Schill \n * Copyright (C) 2006-2009 Julien BLACHE \n * Copyright (C) 2009 Todd Hayton \n * Copyright (C) 2009-2011 Micha Lenk \n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \"config.h\"\n#include \"queue.h\"\n\n#include \n#include \n#include \t\t/* snprintf() */\n#include \n#include \n#include \n\n#include \"log.h\"\n#include \"iface.h\"\n#include \"ipc.h\"\n#include \"script.h\"\n#include \"mrdisc.h\"\n#include \"mroute.h\"\n#include \"kern.h\"\n#include \"timer.h\"\n#include \"util.h\"\n\n/*\n * Cache flush timeout, used for learned S in (*,G) that stop xmit\n */\nstatic int cache_timeout = 0;\n\n/*\n * User added/configured routes, both ASM and SSM\n */\nstatic TAILQ_HEAD(cl, mroute) conf_list = TAILQ_HEAD_INITIALIZER(conf_list);\n\n/*\n * Kernel MFC\n */\nstatic TAILQ_HEAD(kl, mroute) kern_list = TAILQ_HEAD_INITIALIZER(kern_list);\n\nstatic int mroute4_add_vif (struct iface *iface);\nstatic int mroute_dyn_add (struct mroute *route);\nstatic int is_match (struct mroute *rule, struct mroute *cand);\nstatic int is_exact_match (struct mroute *rule, struct mroute *cand);\nstatic int mfc_install (struct mroute *route);\nstatic int mfc_uninstall (struct mroute *route);\n\n/* Check for kernel IGMPMSG_NOCACHE for (*,G) hits. I.e., source-less routes. */\nstatic void handle_nocache4(int sd, void *arg)\n{\n\tchar origin[INET_ADDRSTRLEN], group[INET_ADDRSTRLEN];\n\tstruct mroute mroute = { 0 };\n\tstruct igmpmsg *im;\n\tstruct iface *iface;\n\tstruct ip *ip;\n\tchar tmp[128];\n\tint result;\n\n\t(void)arg;\n\tresult = read(sd, tmp, sizeof(tmp));\n\tif (result < 0) {\n\t\tsmclog(LOG_WARNING, \"Failed reading IGMP message from kernel: %s\", strerror(errno));\n\t\treturn;\n\t}\n\n\tip = (struct ip *)tmp;\n\n\t/* Basic validation, filter out non igmpmsg */\n\tim = (struct igmpmsg *)tmp;\n\tif (im->im_mbz != 0 || im->im_msgtype == 0)\n\t\treturn;\n\n\t/* packets sent up from kernel to daemon have ip->ip_p = 0 */\n\tif (ip->ip_p != 0)\n\t\treturn;\n\n\tinet_addr_set(&mroute.source, &im->im_src);\n\tinet_addr_set(&mroute.group, &im->im_dst);\n\tmroute.inbound = im->im_vif;\n\tmroute.len = 32;\n\tmroute.src_len = 32;\n\n\tinet_addr2str(&mroute.source, origin, sizeof(origin));\n\tinet_addr2str(&mroute.group, group, sizeof(group));\n\n\tiface = iface_find_by_inbound(&mroute);\n\tif (!iface) {\n\t\tsmclog(LOG_WARNING, \"No matching interface for VIF %u, cannot handle IGMP message %d.\",\n\t\t mroute.inbound, im->im_msgtype);\n\t\treturn;\n\t}\n\n\t/* check for IGMPMSG_NOCACHE to do (*,G) based routing. */\n\tswitch (im->im_msgtype) {\n\tcase IGMPMSG_NOCACHE:\n\t\t/* Find any matching route for this group on that iif. */\n\t\tsmclog(LOG_DEBUG, \"New multicast data from %s to group %s on %s\",\n\t\t origin, group, iface->ifname);\n\n\t\tresult = mroute_dyn_add(&mroute);\n\t\tif (result) {\n\t\t\t/*\n\t\t\t * This is a common error, the router receives streams it is not\n\t\t\t * set up to route -- we ignore these by default, but if the user\n\t\t\t * sets a more permissive log level we help out by showing what\n\t\t\t * is going on.\n\t\t\t */\n\t\t\tif (ENOENT == errno)\n\t\t\t\tsmclog(LOG_INFO, \"Multicast from %s, group %s, on %s does not match any (*,G) rule\",\n\t\t\t\t origin, group, iface->ifname);\n\t\t\treturn;\n\t\t}\n\n\t\tscript_exec(&mroute);\n\t\tbreak;\n\n\tcase IGMPMSG_WRONGVIF:\n\t\tsmclog(LOG_WARNING, \"Multicast from %s, group %s, coming in on wrong VIF %u, iface %s\",\n\t\t origin, group, mroute.inbound, iface->ifname);\n\t\tbreak;\n\n\tcase IGMPMSG_WHOLEPKT:\n#ifdef IGMPMSG_WRVIFWHOLE\n\tcase IGMPMSG_WRVIFWHOLE:\n#endif\n\t\tsmclog(LOG_WARNING, \"Receiving PIM register data from %s, group %s\", origin, group);\n\t\tbreak;\n\n\tdefault:\n\t\tsmclog(LOG_DEBUG, \"Unknown IGMP message %d from kernel\", im->im_msgtype);\n\t\tbreak;\n\t}\n}\n\nstatic void cache_flush(void *arg)\n{\n\t(void)arg;\n\n\tsmclog(LOG_INFO, \"Cache timeout, flushing unused (*,G) routes!\");\n\tmroute_expire(cache_timeout);\n}\n\n/**\n * mroute4_enable - Initialise IPv4 multicast routing\n *\n * Setup the kernel IPv4 multicast routing API and lock the multicast\n * routing socket to this program (only!).\n *\n * Returns:\n * POSIX OK(0) on success, non-zero on error with @errno set.\n */\nstatic int mroute4_enable(int do_vifs, int table_id)\n{\n\tstruct iface *iface;\n\n\tif (kern_mroute_init(table_id, handle_nocache4, NULL)) {\n\t\tswitch (errno) {\n\t\tcase ENOPROTOOPT:\n\t\t\tsmclog(LOG_WARNING, \"Kernel does not even support IGMP, skipping ...\");\n\t\t\tbreak;\n\n\t\tcase EPROTONOSUPPORT:\n\t\t\tsmclog(LOG_ERR, \"Cannot set IPv4 multicast routing table id: %s\", strerror(errno));\n\t\t\tsmclog(LOG_ERR, \"Make sure your kernel has CONFIG_IP_MROUTE_MULTIPLE_TABLES=y\");\n\t\t\tbreak;\n\n\t\tcase EADDRINUSE:\n\t\t\tsmclog(LOG_ERR, \"IPv4 multicast routing API already in use: %s\",\n\t\t\t strerror(errno));\n\t\t\tbreak;\n\n\t\tcase EOPNOTSUPP:\n\t\t\tsmclog(LOG_ERR, \"Kernel does not support IPv4 multicast routing, skipping ...\");\n\t\t\tbreak;\n\n\t\tdefault:\n\t\t\tsmclog(LOG_ERR, \"Failed initializing IPv4 multicast routing API: %s\",\n\t\t\t strerror(errno));\n\t\t\tbreak;\n\t\t}\n\n\t\treturn 1;\n\t}\n\n\t/* Create virtual interfaces (VIFs) for all IFF_MULTICAST interfaces */\n\tif (do_vifs) {\n\t\tfor (iface = iface_iterator(1); iface; iface = iface_iterator(0))\n\t\t\tmroute4_add_vif(iface);\n\t}\n\n\treturn 0;\n}\n\n/**\n * mroute4_disable - Disable IPv4 multicast routing\n *\n * Disable IPv4 multicast routing and release kernel routing socket.\n */\nstatic void mroute4_disable(void)\n{\n\tstruct mroute *entry, *tmp;\n\n\tif (kern_mroute_exit())\n\t\treturn;\n\n\tTAILQ_FOREACH_SAFE(entry, &conf_list, link, tmp) {\n\t\tTAILQ_REMOVE(&conf_list, entry, link);\n\t\tfree(entry);\n\t}\n\tTAILQ_FOREACH_SAFE(entry, &kern_list, link, tmp) {\n\t\tTAILQ_REMOVE(&kern_list, entry, link);\n\t\tfree(entry);\n\t}\n}\n\n/*\n * Prune VIF from all existing routes and update kernel MFC. If VIF is\n * used as inbound, prune entire route, otherwise just the outbound.\n */\nstatic void mroute4_prune_vif(int vif)\n{\n\tstruct mroute *entry, *tmp;\n\n\tTAILQ_FOREACH_SAFE(entry, &conf_list, link, tmp) {\n\t\tif (entry->group.ss_family != AF_INET)\n\t\t\tcontinue;\n\n\t\tif (entry->inbound == vif) {\n\t\t\tTAILQ_REMOVE(&conf_list, entry, link);\n\t\t\tentry->unused = 1;\n\t\t\tmfc_uninstall(entry);\n\t\t\tfree(entry);\n\t\t} else if (entry->ttl[vif] > 0) {\n\t\t\tentry->ttl[vif] = 0;\n\t\t\tmfc_install(entry);\n\t\t}\n\t}\n}\n\n/* Create a virtual interface from @iface so it can be used for IPv4 multicast routing. */\nstatic int mroute4_add_vif(struct iface *iface)\n{\n\tif (kern_vif_add(iface)) {\n\t\tswitch (errno) {\n\t\tcase ENOPROTOOPT:\n\t\t\tsmclog(LOG_INFO, \"Interface %s is not multicast capable, skipping VIF.\",\n\t\t\t iface->ifname);\n\t\t\treturn -1;\n\n\t\tcase EAGAIN:\n\t\t\tsmclog(LOG_DEBUG, \"No IPv4 multicast socket\");\n\t\t\treturn -1;\n\n\t\tcase ENOMEM:\n\t\t\tsmclog(LOG_WARNING, \"Not enough available VIFs to create %s\", iface->ifname);\n\t\t\treturn 1;\n\n\t\tcase EEXIST:\n\t\t\tsmclog(LOG_DEBUG, \"Interface %s already has VIF %d.\", iface->ifname, iface->vif);\n\t\t\treturn 0;\n\n\t\tdefault:\n\t\t\tbreak;\n\t\t}\n\n\t\tsmclog(LOG_DEBUG, \"Failed creating VIF for %s: %s\", iface->ifname, strerror(errno));\n\t\treturn -1;\n\t}\n\n\tif (iface->mrdisc)\n\t\treturn mrdisc_register(iface->ifname, iface->vif);\n\n\treturn mrdisc_deregister(iface->vif);\n}\n\nstatic int mroute4_del_vif(struct iface *iface)\n{\n\tint rc = 0;\n\n\tif (iface->mrdisc)\n\t\trc = mrdisc_deregister(iface->vif);\n\n\tif (iface->vif == ALL_VIFS)\n\t\treturn 0;\n\n\tif (kern_vif_del(iface)) {\n\t\tswitch (errno) {\n\t\tcase ENOENT:\n\t\tcase EADDRNOTAVAIL:\n\t\t\tbreak;\n\t\tdefault:\n\t\t\tsmclog(LOG_ERR, \"Failed deleting VIF for iface %s: %s\", iface->ifname, strerror(errno));\n\t\t\tbreak;\n\t\t}\n\t\trc = -1;\n\t}\n\n\tif (iface->vif != ALL_VIFS)\n\t\tmroute4_prune_vif(iface->vif);\n\tiface->vif = ALL_VIFS;\n\n\treturn rc;\n}\n\nstatic int is_exact_match(struct mroute *rule, struct mroute *cand)\n{\n\tif (rule->group.ss_family != cand->group.ss_family)\n\t\treturn 0;\n\tif (rule->inbound != cand->inbound)\n\t\treturn 0;\n\n\tif (!inet_addr_cmp(&rule->source, &cand->source) &&\n\t !inet_addr_cmp(&rule->group, &cand->group) &&\n\t rule->len == cand->len &&\n\t rule->src_len == cand->src_len)\n\t\treturn 1;\n\n\treturn 0;\n}\n\n/*\n * Used for (*,G) matches\n *\n * The incoming candidate is compared to the configured rule, e.g.\n * does 225.1.2.3 fall inside 225.0.0.0/8? => Yes\n * does 225.1.2.3 fall inside 225.0.0.0/15? => Yes\n * does 225.1.2.3 fall inside 225.0.0.0/16? => No\n *\n * does ff05:bad1::1 fall inside ff05:bad0::/16? => Yes\n * does ff05:bad1::1 fall inside ff05:bad0::/31? => Yes\n * does ff05:bad1::1 fall inside ff05:bad0::/32? => No\n */\nint is_match(struct mroute *rule, struct mroute *cand)\n{\n\tinet_addr_t a, b;\n\tint rc = 0;\n\n\tif (rule->group.ss_family != cand->group.ss_family)\n\t\treturn 0;\n\tif (rule->inbound != cand->inbound)\n\t\treturn rc;\n\n\ta = inet_netaddr(&rule->group, rule->len);\n\tb = inet_netaddr(&cand->group, rule->len);\n\n\trc = !inet_addr_cmp(&a, &b);\n\tif (is_anyaddr(&rule->source))\n\t\treturn rc;\n\n\ta = inet_netaddr(&rule->source, rule->src_len);\n\tb = inet_netaddr(&cand->source, rule->src_len);\n\trc &= !inet_addr_cmp(&a, &b);\n\n\treturn rc;\n}\n\nstatic int is_ssm(struct mroute *route)\n{\n\tint max_len = inet_max_len(&route->group);\n\n\treturn !is_anyaddr(&route->source) && route->src_len == max_len && route->len == max_len;\n}\n\n/* find any existing route, with matching inbound interface */\nstatic struct mroute *conf_find(struct mroute *route)\n{\n\tstruct mroute *entry;\n\n\tTAILQ_FOREACH(entry, &conf_list, link) {\n\t\tif (is_exact_match(route, entry))\n\t\t\treturn entry;\n\t}\n\n\treturn NULL;\n}\n\n/* find any existing route, with matching inbound interface */\nstatic struct mroute *kern_find(struct mroute *route)\n{\n\tstruct mroute *entry;\n\n\tTAILQ_FOREACH(entry, &kern_list, link) {\n\t\tif (is_match(route, entry))\n\t\t\treturn entry;\n\t}\n\n\treturn NULL;\n}\n\nstatic int is_active(struct mroute *route)\n{\n\tsize_t i;\n\n\tfor (i = 0; i < NELEMS(route->ttl); i++) {\n\t\tif (route->ttl[i])\n\t\t\treturn 1;\n\t}\n\n\treturn 0;\n}\n\n/*\n * Get valid packet usage statistics (i.e. number of actually forwarded\n * packets) from the kernel for an installed MFC entry\n */\nstatic unsigned long get_valid_pkt(struct mroute *route)\n{\n\tstruct mroute_stats ms = { 0 };\n\n\tif (kern_stats(route, &ms))\n\t\treturn 0;\n\n\treturn ms.ms_pktcnt - ms.ms_wrong_if;\n}\n\n/**\n * mroute_expire - Expire dynamically added (*,G) routes\n * @max_idle: Timeout for routes in seconds, 0 to expire all dynamic routes\n *\n * This function flushes all (*,G) routes which haven't been used (i.e. no\n * packets matching them have been forwarded) in the last max_idle seconds.\n * It is called periodically on cache-timeout or on request of smcroutectl.\n * The latter is useful in case of topology changes (e.g. VRRP fail-over)\n * or similar.\n */\nvoid mroute_expire(int max_idle)\n{\n\tstruct mroute *entry, *tmp;\n\tstruct timespec now;\n\n\tclock_gettime(CLOCK_MONOTONIC, &now);\n\n\tTAILQ_FOREACH_SAFE(entry, &kern_list, link, tmp) {\n\t\tchar origin[INET_ADDRSTR_LEN], group[INET_ADDRSTR_LEN];\n\t\tstruct iface *iface;\n\n\t\t/* XXX: only consider (*,G) routes, not pure (S,G), and no overlap handling for now */\n\t\tif (conf_find(entry))\n\t\t\tcontinue;\n\n\t\tinet_addr2str(&entry->group, group, sizeof(group));\n\t\tinet_addr2str(&entry->source, origin, sizeof(origin));\n\t\tiface = iface_find_by_inbound(entry);\n\n\t\tif (!entry->last_use) {\n\t\t\t/* New entry */\n\t\t\tentry->last_use = now.tv_sec;\n\t\t\tentry->valid_pkt = get_valid_pkt(entry);\n\t\t\tcontinue;\n\t\t}\n\n\t\tsmclog(LOG_DEBUG, \"Checking (%s,%s) on %s, time to expire: last %ld max %d now: %ld\",\n\t\t origin, group, iface ? iface->ifname : \"UNKNOWN\",\n\t\t entry->last_use, max_idle, now.tv_sec);\n\n\t\tif (entry->last_use + max_idle <= now.tv_sec) {\n\t\t\tunsigned long valid_pkt;\n\n\t\t\tvalid_pkt = get_valid_pkt(entry);\n\t\t\tif (valid_pkt != entry->valid_pkt) {\n\t\t\t\t/* Used since last check, update */\n\t\t\t\tsmclog(LOG_DEBUG, \" -> Nope, still active, valid %lu vs last valid %lu.\",\n\t\t\t\t valid_pkt, entry->valid_pkt);\n\t\t\t\tentry->last_use = now.tv_sec;\n\t\t\t\tentry->valid_pkt = valid_pkt;\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\t/* Not used, expire */\n\t\t\tsmclog(LOG_DEBUG, \" -> Yup, stale route.\");\n\t\t\tkern_mroute_del(entry);\n\t\t\tTAILQ_REMOVE(&kern_list, entry, link);\n\t\t\tfree(entry);\n\t\t}\n\t}\n}\n\n/*\n * Install or update kernel MFC. Installing a new route currently\n * requires an (S,G) entry, updating only requires a (*,G), which\n * is to handle overlaps.\n *\n * Currently, meaning Linux has support for (*,*) and (*,G) routing\n * but supporting that would require quite a bit of changes. I.e.,\n * it's not just about removing the `!is_ssm(conf)` check ...\n */\nstatic int mfc_install(struct mroute *route)\n{\n\tstruct mroute *kern;\n\n\tkern = kern_find(route);\n\tif (!kern) {\n\t\tif (!is_ssm(route))\n\t\t\treturn 0;\n\n\t\tkern = malloc(sizeof(struct mroute));\n\t\tif (!kern) {\n\t\t\tsmclog(LOG_WARNING, \"Cannot add kernel route: %s\", strerror(errno));\n\t\t\treturn 1;\n\t\t}\n\n\t\tmemcpy(kern, route, sizeof(struct mroute));\n\t\tTAILQ_INSERT_TAIL(&kern_list, kern, link);\n\n\t\treturn kern_mroute_add(kern);\n\t}\n\n\tTAILQ_FOREACH(kern, &kern_list, link) {\n\t\tif (!is_match(route, kern))\n\t\t\tcontinue;\n\n\t\tfor (size_t i = 0; i < NELEMS(route->ttl); i++) {\n\t\t\tif (route->ttl[i] > 0 && kern->ttl[i] != route->ttl[i])\n\t\t\t\tkern->ttl[i] = route->ttl[i];\n\t\t}\n\n\t\tkern_mroute_add(kern);\n\t}\n\n\treturn 0;\n}\n\n/*\n * When route has an empty oif list -- attempt full removal of the\n * route, unless there exist other configured routes that map to the\n * same kernel MFC entry.\n *\n * When route oif list is *not* empty, attempt to remove only select\n * interfaces from the MFC entry. Again, unless other configured\n * routes map to the same MFC entry.\n */\nstatic int mfc_uninstall(struct mroute *route)\n{\n\tstruct mroute *conf, *kern, *tmp;\n\tint removal = !is_active(route);\n\tint diff = 0;\n\tint rc = 0;\n\n\tTAILQ_FOREACH_SAFE(kern, &kern_list, link, tmp) {\n\t\tif (!is_match(route, kern))\n\t\t\tcontinue;\n\n\t\tif (route->unused)\n\t\t\tgoto cleanup;\n\n\t\t/* First remove OIFs from route entry */\n\t\tfor (size_t i = 0; i < NELEMS(route->ttl); i++) {\n\t\t\tif (removal || route->ttl[i] > 0) {\n\t\t\t\tkern->ttl[i] = 0;\n\t\t\t\tdiff++;\n\t\t\t}\n\t\t}\n\n\t\t/* Then, for each matching conf we add its oifs */\n\t\tTAILQ_FOREACH(conf, &conf_list, link) {\n\t\t\tif (!is_match(kern, conf))\n\t\t\t\tcontinue;\n\n\t\t\tfor (size_t i = 0; i < NELEMS(conf->ttl); i++) {\n\t\t\t\tif (conf->ttl[i] > 0 && kern->ttl[i] == 0) {\n\t\t\t\t\tkern->ttl[i] = conf->ttl[i];\n\t\t\t\t\tdiff++;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\t\tif (!diff && !removal)\n\t\t\tcontinue;\n\n\t\tif (is_active(kern) || !removal) {\n\t\t\tif (kern_mroute_add(kern))\n\t\t\t\trc = -1;\n\t\t\tcontinue;\n\t\t}\n\n\tcleanup:\n\t\tif (kern_mroute_del(kern))\n\t\t\trc = -1;\n\t\tTAILQ_REMOVE(&kern_list, kern, link);\n\t\tfree(kern);\n\t}\n\n\treturn rc;\n}\n\n/**\n * mroute_add_route - Add route to kernel, or save a wildcard route for later use\n * @route: Pointer to multicast route to add\n *\n * Adds the given multicast @route to the kernel multicast routing table\n * unless it is ASM, i.e., a (*,G) route. Those we save for and check\n * against at runtime when the kernel signals us.\n *\n * Returns:\n * POSIX OK(0) on success, non-zero on error with @errno set.\n */\nint mroute_add_route(struct mroute *route)\n{\n\tstruct mroute *conf;\n\n\tconf = conf_find(route);\n\tif (conf) {\n\t\tsize_t i;\n\n\t\t/* .conf: replace found entry with new outbounds */\n\t\tif (conf->unused) {\n\t\t\tfor (i = 0; i < NELEMS(conf->ttl); i++)\n\t\t\t\tconf->ttl[i] = 0;\n\t\t}\n\n\t\t/* ipc: add any new outbound interafces */\n\t\tfor (i = 0; i < NELEMS(conf->ttl); i++) {\n\t\t\tif (route->ttl[i])\n\t\t\t\tconf->ttl[i] = route->ttl[i];\n\t\t}\n\t} else {\n\t\tconf = malloc(sizeof(struct mroute));\n\t\tif (!conf) {\n\t\t\tsmclog(LOG_WARNING, \"Cannot add multicast route: %s\", strerror(errno));\n\t\t\treturn 1;\n\t\t}\n\n\t\tmemcpy(conf, route, sizeof(struct mroute));\n\t\tTAILQ_INSERT_TAIL(&conf_list, conf, link);\n\t}\n\n\tconf->unused = 0;\n\treturn mfc_install(conf);\n}\n\n/**\n * mroute_del_route - Remove route from kernel, or all matching routes if wildcard\n * @route: Pointer to multicast route to remove\n *\n * Removes the given multicast @route from the kernel multicast routing\n * table, or if the @route is a wildcard, then all matching kernel\n * routes are removed, as well as the wildcard.\n *\n * Returns:\n * POSIX OK(0) on success, non-zero on error with @errno set.\n */\nint mroute_del_route(struct mroute *route)\n{\n\tstruct mroute *conf;\n\tint rc = 0;\n\n\tif (route->unused) {\n\t\tconf = route;\n\t\tgoto cleanup;\n\t}\n\n\tconf = conf_find(route);\n\tif (!conf) {\n\t\terrno = ENOENT;\n\t\treturn -1;\n\t}\n\n\tif (is_active(route)) {\n\t\t/* remove only the listed oifs from config */\n\t\tfor (size_t i = 0; i < NELEMS(conf->ttl); i++) {\n\t\t\tif (route->ttl[i] > 0 && conf->ttl[i] != 0)\n\t\t\t\tconf->ttl[i] = 0;\n\t\t}\n\n\t\trc = mfc_uninstall(route);\n\t} else {\n\tcleanup:\n\t\tTAILQ_REMOVE(&conf_list, conf, link);\n\t\trc = mfc_uninstall(route);\n\t\tfree(conf);\n\t}\n\n\treturn rc;\n}\n\n#ifdef HAVE_IPV6_MULTICAST_ROUTING\nstatic int mroute6_add_mif(struct iface *iface);\n\n/*\n * Receive and drop ICMPv6 stuff. This is either MLD packets or upcall\n * messages sent up from the kernel.\n */\nstatic void handle_nocache6(int sd, void *arg)\n{\n\tchar origin[INET_ADDRSTR_LEN], group[INET_ADDRSTR_LEN];\n\tstruct mroute mroute = { 0 };\n\tstruct mrt6msg *im6;\n\tstruct iface *iface;\n\tchar tmp[128];\n\tint result;\n\n\t(void)arg;\n\tresult = read(sd, tmp, sizeof(tmp));\n\tif (result < 0) {\n\t\tsmclog(LOG_INFO, \"Failed clearing MLD message from kernel: %s\", strerror(errno));\n\t\treturn;\n\t}\n\n\t/*\n\t * Basic input validation, filter out all non-mrt messages (e.g.\n\t * our join for each group). The mrt6msg struct is overlayed on\n\t * the MLD header, so the im6_mbz field (must-be-zero) is the\n\t * MLD type, e.g. 143, and im6_msgtype is the MLD code for an\n\t * MLDv2 Join.\n\t */\n\tim6 = (struct mrt6msg *)tmp;\n\tif (im6->im6_mbz != 0 || im6->im6_msgtype == 0)\n\t\treturn;\n\n\tinet_addr6_set(&mroute.source, &im6->im6_src);\n\tinet_addr6_set(&mroute.group, &im6->im6_dst);\n\tmroute.inbound = im6->im6_mif;\n\tmroute.len = 128;\n\tmroute.src_len = 128;\n\n\tinet_addr2str(&mroute.source, origin, sizeof(origin));\n\tinet_addr2str(&mroute.group, group, sizeof(group));\n\n\tiface = iface_find_by_inbound(&mroute);\n\tif (!iface) {\n\t\tsmclog(LOG_WARNING, \"No matching interface for VIF %u, cannot handle MRT6MSG %u:%u. \"\n\t\t \"Multicast source %s, dest %s\", mroute.inbound, im6->im6_mbz, im6->im6_msgtype,\n\t\t origin, group);\n\t\treturn;\n\t}\n\n\tswitch (im6->im6_msgtype) {\n\tcase MRT6MSG_NOCACHE:\n\t\tsmclog(LOG_DEBUG, \"New multicast data from %s to group %s on VIF %u\",\n\t\t origin, group, mroute.inbound);\n\n\t\t/* Find any matching route for this group on that iif. */\n\t\tresult = mroute_dyn_add(&mroute);\n\t\tif (result) {\n\t\t\t/*\n\t\t\t * This is a common error, the router receives streams it is not\n\t\t\t * set up to route -- we ignore these by default, but if the user\n\t\t\t * sets a more permissive log level we help out by showing what\n\t\t\t * is going on.\n\t\t\t */\n\t\t\tif (ENOENT == errno)\n\t\t\t\tsmclog(LOG_INFO, \"Multicast from %s, group %s, on %s does not match any (*,G) rule\",\n\t\t\t\t origin, group, iface->ifname);\n\t\t\treturn;\n\t\t}\n\n\t\tscript_exec(&mroute);\n\t\tbreak;\n\n\tcase MRT6MSG_WRONGMIF:\n\t\tsmclog(LOG_WARNING, \"Multicast from %s, group %s, coming in on wrong MIF %u, iface %s\",\n\t\t origin, group, mroute.inbound, iface->ifname);\n\t\tbreak;\n\n\tcase MRT6MSG_WHOLEPKT:\n\t\tsmclog(LOG_WARNING, \"Receiving PIM6 register data from %s, group %s\", origin, group);\n\t\tbreak;\n\n\tdefault:\n\t\tsmclog(LOG_DEBUG, \"Unknown MRT6MSG %u from kernel\", im6->im6_msgtype);\n\t\tbreak;\n\t}\n}\n#endif /* HAVE_IPV6_MULTICAST_ROUTING */\n\n/**\n * mroute6_enable - Initialise IPv6 multicast routing\n *\n * Setup the kernel IPv6 multicast routing API and lock the multicast\n * routing socket to this program (only!).\n *\n * Returns:\n * POSIX OK(0) on success, non-zero on error with @errno set.\n */\nstatic int mroute6_enable(int do_vifs, int table_id)\n{\n#ifndef HAVE_IPV6_MULTICAST_ROUTING\n\t(void)do_vifs;\n\t(void)table_id;\n#else\n\tstruct iface *iface;\n\n\tif (kern_mroute6_init(table_id, handle_nocache6, NULL)) {\n\t\tswitch (errno) {\n\t\tcase ENOPROTOOPT:\n\t\t\tsmclog(LOG_WARNING, \"Kernel does not even support IPv6 ICMP, skipping ...\");\n\t\t\tbreak;\n\n\t\tcase EPROTONOSUPPORT:\n\t\t\tsmclog(LOG_ERR, \"Cannot set IPv6 multicast routing table id: %s\",\n\t\t\t strerror(errno));\n\t\t\tsmclog(LOG_ERR, \"Make sure your kernel has CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y\");\n\t\t\tbreak;\n\n\t\tcase EADDRINUSE:\n\t\t\tsmclog(LOG_ERR, \"IPv6 multicast routing API already in use: %s\",\n\t\t\t strerror(errno));\n\t\t\tbreak;\n\n\t\tcase EOPNOTSUPP:\n\t\t\tsmclog(LOG_ERR, \"Kernel does not support IPv6 multicast routing, skipping ...\");\n\t\t\tbreak;\n\n\t\tdefault:\n\t\t\tsmclog(LOG_ERR, \"Failed initializing IPv6 multicast routing API: %s\",\n\t\t\t strerror(errno));\n\t\t\tbreak;\n\t\t}\n\n\t\treturn 1;\n\t}\n\n\t/* Create virtual interfaces, IPv6 MIFs, for all IFF_MULTICAST interfaces */\n\tif (do_vifs) {\n\t\tfor (iface = iface_iterator(1); iface; iface = iface_iterator(0))\n\t\t\tmroute6_add_mif(iface);\n\t}\n\n\treturn 0;\n#endif /* HAVE_IPV6_MULTICAST_ROUTING */\n\n\treturn -1;\n}\n\n/**\n * mroute6_disable - Disable IPv6 multicast routing\n *\n * Disable IPv6 multicast routing and release kernel routing socket.\n */\nstatic void mroute6_disable(void)\n{\n#ifdef HAVE_IPV6_MULTICAST_ROUTING\n\tkern_mroute6_exit();\n#endif\n}\n\n#ifdef HAVE_IPV6_MULTICAST_ROUTING\n/*\n * Prune VIF from all existing routes and update kernel MFC. If VIF is\n * used as inbound, prune entire route, otherwise just the outbound.\n */\nstatic void mroute6_prune_mif(int mif)\n{\n\tstruct mroute *entry, *tmp;\n\n\tTAILQ_FOREACH_SAFE(entry, &conf_list, link, tmp) {\n\t\tif (entry->group.ss_family != AF_INET6)\n\t\t\tcontinue;\n\n\t\tif (entry->inbound == mif) {\n\t\t\tTAILQ_REMOVE(&conf_list, entry, link);\n\t\t\tentry->unused = 1;\n\t\t\tmfc_uninstall(entry);\n\t\t\tfree(entry);\n\t\t} else if (entry->ttl[mif] > 0) {\n\t\t\tentry->ttl[mif] = 0;\n\t\t\tmfc_install(entry);\n\t\t}\n\t}\n}\n\n/* Create a virtual interface from @iface so it can be used for IPv6 multicast routing. */\nstatic int mroute6_add_mif(struct iface *iface)\n{\n\tif (kern_mif_add(iface)) {\n\t\tswitch (errno) {\n\t\tcase ENOPROTOOPT:\n\t\t\tsmclog(LOG_INFO, \"Interface %s is not multicast capable, skipping MIF.\",\n\t\t\t iface->ifname);\n\t\t\treturn -1;\n\n\t\tcase EAGAIN:\n\t\t\tsmclog(LOG_DEBUG, \"No IPv6 multicast socket\");\n\t\t\treturn -1;\n\n\t\tcase ENOMEM:\n\t\t\tsmclog(LOG_WARNING, \"Not enough available MIFs to create %s\", iface->ifname);\n\t\t\treturn 1;\n\n\t\tcase EEXIST:\n\t\t\tsmclog(LOG_DEBUG, \"Interface %s already has MIF %d.\", iface->ifname, iface->mif);\n\t\t\treturn 0;\n\n\t\tdefault:\n\t\t\tbreak;\n\t\t}\n\n\t\tsmclog(LOG_DEBUG, \"Failed creating MIF for %s: %s\", iface->ifname, strerror(errno));\n\n\t\treturn -1;\n\t}\n\n\treturn 0;\n}\n\nstatic int mroute6_del_mif(struct iface *iface)\n{\n\tint rc = 0;\n\n\tif (iface->mif == ALL_VIFS)\n\t\treturn 0;\n\n\tif (kern_mif_del(iface) && errno != ENOENT) {\n\t\tswitch (errno) {\n\t\tcase ENOENT:\n\t\tcase EADDRNOTAVAIL:\n\t\t\tbreak;\n\t\tdefault:\n\t\t\tsmclog(LOG_ERR, \"Failed deleting MIF for iface %s: %s\", iface->ifname, strerror(errno));\n\t\t\tbreak;\n\t\t}\n\t\trc = -1;\n\t}\n\n\tif (iface->mif != ALL_VIFS)\n\t\tmroute6_prune_mif(iface->mif);\n\tiface->mif = ALL_VIFS;\n\n\treturn rc;\n}\n#endif /* HAVE_IPV6_MULTICAST_ROUTING */\n\n/**\n * mroute_dyn_add - Add route to kernel if it matches a known (*,G) route.\n * @route: Pointer to candidate multicast route\n *\n * Returns:\n * POSIX OK(0) on success, non-zero on error with @errno set.\n */\nstatic int mroute_dyn_add(struct mroute *route)\n{\n\tstruct mroute *entry;\n\tint rc;\n\n\tTAILQ_FOREACH(entry, &conf_list, link) {\n\t\t/* Find matching (*,G) ... and interface. */\n\t\tif (is_ssm(entry) || !is_match(entry, route))\n\t\t\tcontinue;\n\n\t\t/* Use configured template (*,G) outbound interfaces. */\n\t\tmemcpy(route->ttl, entry->ttl, NELEMS(route->ttl) * sizeof(route->ttl[0]));\n\t\tbreak;\n\t}\n\n\tif (!entry) {\n\t\t/*\n\t\t * No match, add entry without outbound interfaces\n\t\t * nevertheless to avoid continuous cache misses from\n\t\t * the kernel. Note that this still gets reported as an\n\t\t * error (ENOENT) below.\n\t\t */\n\t\tmemset(route->ttl, 0, NELEMS(route->ttl) * sizeof(route->ttl[0]));\n\t}\n\n\trc = mfc_install(route);\n\n\t/* Signal to cache handler we've added a stop filter */\n\tif (!entry) {\n\t\terrno = ENOENT;\n\t\treturn -1;\n\t}\n\n\treturn rc;\n}\n\nint mroute_init(int do_vifs, int table_id, int cache_tmo)\n{\n\tstatic int running = 0;\n\n\tTAILQ_INIT(&conf_list);\n\tTAILQ_INIT(&kern_list);\n\n\tif (cache_tmo > 0 && !running) {\n\t\trunning++;\n\t\tcache_timeout = cache_tmo;\n\t\ttimer_add(cache_tmo, cache_flush, NULL);\n\t}\n\n\treturn mroute4_enable(do_vifs, table_id) ||\n\t\tmroute6_enable(do_vifs, table_id);\n}\n\nvoid mroute_exit(void)\n{\n\tmroute4_disable();\n\tmroute6_disable();\n}\n\n/* Used by file parser to add VIFs/MIFs after setup */\nint mroute_add_vif(char *ifname, uint8_t mrdisc, uint8_t ttl)\n{\n\tstruct ifmatch state;\n\tstruct iface *iface;\n\tint rc = 0;\n\n\tiface_match_init(&state);\n\twhile ((iface = iface_match_by_name(ifname, 1, &state))) {\n\t\tsmclog(LOG_DEBUG, \"Creating/updating multicast VIF for %s TTL %d\", iface->ifname, ttl);\n\t\tiface->mrdisc = mrdisc;\n\t\tiface->threshold = ttl;\n\t\tiface->unused = 0;\n\t\tif (mroute4_add_vif(iface))\n\t\t\trc = -1;\n#ifdef HAVE_IPV6_MULTICAST_ROUTING\n\t\tif (mroute6_add_mif(iface))\n\t\t\trc = -1;\n#endif\n\t}\n\n\tif (!state.match_count) {\n\t\tsmclog(LOG_DEBUG, \"Failed adding phyint %s, no matching interfaces.\", ifname);\n\t\treturn 1;\n\t}\n\n\treturn rc;\n}\n\n/* Used by file parser to remove VIFs/MIFs after setup */\nint mroute_del_vif(char *ifname)\n{\n\tstruct ifmatch state;\n\tstruct iface *iface;\n\tint rc = 0;\n\n\tiface_match_init(&state);\n\twhile ((iface = iface_match_by_name(ifname, 1, &state))) {\n\t\tsmclog(LOG_DEBUG, \"Removing multicast VIFs for %s\", iface->ifname);\n\t\tif (mroute4_del_vif(iface))\n\t\t\trc = -1;\n#ifdef HAVE_IPV6_MULTICAST_ROUTING\n\t\tif (mroute6_del_mif(iface))\n\t\t\trc = -1;\n#endif\n\t}\n\n\tif (!state.match_count) {\n\t\tsmclog(LOG_DEBUG, \"Failed removing phyint %s, no matching interfaces.\", ifname);\n\t\treturn 1;\n\t}\n\n\treturn rc;\n}\n\n/*\n * Called on SIGHUP/reload. Mark all known configured routes as\n * 'unused', let mroute*_add() unmark and mroute_reload_end() take\n * care to remove routes that still have the 'unused' flag.\n */\nvoid mroute_reload_beg(void)\n{\n\tstruct mroute *entry;\n\tstruct iface *iface;\n\tint first = 1;\n\n\tTAILQ_FOREACH(entry, &conf_list, link)\n\t\tentry->unused = 1;\n\n\twhile ((iface = iface_iterator(first))) {\n\t\tfirst = 0;\n\t\tiface->unused = 1;\n\t}\n}\n\nvoid mroute_reload_end(int do_vifs)\n{\n\tstruct mroute *entry, *tmp;\n\tstruct iface *iface;\n\tint first = 1;\n\n\twhile ((iface = iface_iterator(first))) {\n\t\tchar dummy[IFNAMSIZ];\n\n\t\tfirst = 0;\n\t\tif (iface->unused || !if_indextoname(iface->ifindex, dummy)) {\n\t\t\tmroute_del_vif(iface->ifname);\n\t\t} else if (do_vifs)\n\t\t\tmroute_add_vif(iface->ifname, iface->mrdisc, iface->threshold);\n\t}\n\n\tTAILQ_FOREACH_SAFE(entry, &conf_list, link, tmp) {\n\t\tif (entry->unused)\n\t\t\tmroute_del_route(entry);\n\t}\n\n\t/* retry add if .conf changed IIF for routes, not until del (above) can we add */\n\tTAILQ_FOREACH(entry, &conf_list, link)\n\t\tmfc_install(entry);\n}\n\nstatic int show_mroute(int sd, struct mroute *r, int inw, int detail)\n{\n\tchar src[INET_ADDRSTR_LEN] = \"*\";\n\tchar src_len[5] = \"\";\n\tchar grp[INET_ADDRSTR_LEN];\n\tchar grp_len[5] = \"\";\n\tchar sg[(INET_ADDRSTR_LEN + 3) * 2 + 5];\n\tchar buf[MAX_MC_VIFS * 17 + 80];\n\tstruct iface *iface;\n\tint max_len;\n\n\tmax_len = inet_max_len(&r->group);\n\n\tif (!is_anyaddr(&r->source)) {\n\t\tinet_addr2str(&r->source, src, sizeof(src));\n\t\tif (r->src_len != max_len)\n\t\t\tsnprintf(src_len, sizeof(src_len), \"/%u\", r->src_len);\n\t}\n\tinet_addr2str(&r->group, grp, sizeof(grp));\n\tif (r->len != max_len)\n\t\tsnprintf(grp_len, sizeof(grp_len), \"/%u\", r->len);\n\n\tiface = iface_find_by_inbound(r);\n\tsnprintf(sg, sizeof(sg), \"(%s%s, %s%s)\", src, src_len, grp, grp_len);\n\tif (!iface) {\n\t\tsmclog(LOG_ERR, \"Failed reading iif for %s, aborting.\", sg);\n\t\texit(EX_SOFTWARE);\n\t}\n\tsnprintf(buf, sizeof(buf), \"%-42s %-*s \", sg, inw, iface->ifname);\n\n\tif (detail) {\n\t\tstruct mroute_stats ms = { 0 };\n\t\tchar stats[30];\n\n\t\tkern_stats(r, &ms);\n\t\tsnprintf(stats, sizeof(stats), \"%10lu %10lu \", ms.ms_pktcnt, ms.ms_bytecnt);\n\t\tstrlcat(buf, stats, sizeof(buf));\n\t}\n\n\tiface = iface_outbound_iterator(r, 1);\n\twhile (iface) {\n\t\tchar tmp[22];\n\n\t\tsnprintf(tmp, sizeof(tmp), \" %s\", iface->ifname);\n\t\tstrlcat(buf, tmp, sizeof(buf));\n\n\t\tiface = iface_outbound_iterator(r, 0);\n\t}\n\tstrlcat(buf, \"\\n\", sizeof(buf));\n\n\tif (ipc_send(sd, buf, strlen(buf)) < 0) {\n\t\tsmclog(LOG_ERR, \"Failed sending reply to client: %s\", strerror(errno));\n\t\treturn -1;\n\t}\n\n\treturn 0;\n}\n\nstatic int has_any_ssm(void)\n{\n\tstruct mroute *e;\n\n\tTAILQ_FOREACH(e, &conf_list, link) {\n\t\tif (is_ssm(e))\n\t\t\treturn 1;\n\t}\n\n\treturn 0;\n}\n\nstatic int has_any_asm(void)\n{\n\tstruct mroute *e;\n\n\tTAILQ_FOREACH(e, &conf_list, link) {\n\t\tif (!is_ssm(e))\n\t\t\treturn 1;\n\t}\n\n\treturn 0;\n}\n\n/* Write all (*,G) routes to client socket */\nint mroute_show(int sd, int detail)\n{\n\tconst char *r = \"ROUTE (S,G)\", *o = \"OIFS\", *i = \"IIF\";\n\tstruct mroute *entry;\n\tchar line[256];\n\tint inw;\n\n\tinw = iface_ifname_maxlen();\n\tif (inw < (int)strlen(i))\n\t\tinw = (int)strlen(i);\n\n\tif (detail) {\n\t\tconst char *p = \"PACKETS\", *b = \"BYTES\";\n\t\tsnprintf(line, sizeof(line), \"%-42s %-*s %10s %10s %s=\\n\", r, inw, i, p, b, o);\n\t} else\n\t\tsnprintf(line, sizeof(line), \"%-42s %-*s %s=\\n\", r, inw, i, o);\n\n\tif (has_any_asm()) {\n\t\tchar *asm_conf = \"(*,G) Template Rules_\\n\";\n\n\t\tipc_send(sd, asm_conf, strlen(asm_conf));\n\t\tipc_send(sd, line, strlen(line));\n\t\tTAILQ_FOREACH(entry, &conf_list, link) {\n\t\t\tif (is_ssm(entry))\n\t\t\t\tcontinue;\n\t\t\tif (show_mroute(sd, entry, inw, detail) < 0)\n\t\t\t\treturn 1;\n\t\t}\n\t}\n\n\tif (has_any_ssm()) {\n\t\tchar *ssm_list = \"(S,G) Rules_\\n\";\n\n\t\tipc_send(sd, ssm_list, strlen(ssm_list));\n\t\tipc_send(sd, line, strlen(line));\n\t\tTAILQ_FOREACH(entry, &conf_list, link) {\n\t\t\tif (!is_ssm(entry))\n\t\t\t\tcontinue;\n\t\t\tif (show_mroute(sd, entry, inw, detail) < 0)\n\t\t\t\treturn 1;\n\t\t}\n\t}\n\n\tif (!TAILQ_EMPTY(&kern_list)) {\n\t\tchar *asm_kern = \"Kernel MFC Table_\\n\";\n\n\t\tipc_send(sd, asm_kern, strlen(asm_kern));\n\t\tipc_send(sd, line, strlen(line));\n\t\tTAILQ_FOREACH(entry, &kern_list, link) {\n\t\t\tif (!is_active(entry))\n\t\t\t\tcontinue;\n\t\t\tif (show_mroute(sd, entry, inw, detail) < 0)\n\t\t\t\treturn 1;\n\t\t}\n\t\tTAILQ_FOREACH(entry, &kern_list, link) {\n\t\t\tif (is_active(entry))\n\t\t\t\tcontinue;\n\t\t\tif (show_mroute(sd, entry, inw, detail) < 0)\n\t\t\t\treturn 1;\n\t\t}\n\t}\n\n\treturn 0;\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/mroute.h", "content": "/* Generic kernel multicast routing API for Linux and *BSD */\n#ifndef SMCROUTE_MROUTE_H_\n#define SMCROUTE_MROUTE_H_\n\n#include \"config.h\"\n#include \n#include \n#include \t\t/* Defines u_char, needed by netinet/in.h */\n#include \n#include \n#include \n#ifdef HAVE_NETINET_IN_VAR_H\n#include \n#endif\n#include \n#include \"queue.h\"\t\t/* Needed by netinet/ip_mroute.h on FreeBSD */\n\n#ifdef HAVE_LINUX_MROUTE_H\n#define _LINUX_IN_H /* For Linux <= 2.6.25 */\n#include \n#include \n#endif\n\n#ifdef HAVE_LINUX_MROUTE6_H\n#include \n#endif\n\n#ifdef HAVE_LINUX_FILTER_H\n#include \n#endif\n\n#ifdef HAVE_NET_ROUTE_H\n#include \n#endif\n\n#ifdef HAVE_NETINET_IP_MROUTE_H\n#define _KERNEL\n#include \n#undef _KERNEL\n#else\n# ifdef __APPLE__\n# include \"ip_mroute.h\"\n# endif\n#endif\n\n#ifdef HAVE_NETINET6_IP6_MROUTE_H\n#ifdef HAVE_SYS_PARAM_H\n#include \n#endif\n#include \n#endif\n\n#ifndef IN6_IS_ADDR_MULTICAST\n#define IN6_IS_ADDR_MULTICAST(a) (((__const uint8_t *) (a))[0] == 0xff)\n#endif\n\n#include \"inet.h\"\n\n/*\n * IPv4 multicast route\n */\n#ifndef MAXVIFS\n#define MAXVIFS 32\n#endif\n\n/*\n * IPv6 multicast route\n */\n#ifdef HAVE_IPV6_MULTICAST_ROUTING\n# ifndef MAXMIFS\n# define MAXMIFS MAXVIFS\n# endif\n\n/* Allocate data types to the max, on FreeBSD MAXMIFS > MAXVIFS */\n# if MAXMIFS > MAXVIFS\n# define MAX_MC_VIFS MAXMIFS\n# else\n# define MAX_MC_VIFS MAXVIFS\n# endif\n#else\n#define MAX_MC_VIFS MAXVIFS\n#endif\n\n/* We're on a system w/o IPv6 routing, define to avoid other ifdefs */\n#ifndef mifi_t\ntypedef unsigned short mifi_t;\n#endif\n\nstruct mroute {\n\tTAILQ_ENTRY(mroute) link;\n\tint unused;\n\n\tinet_addr_t source;\t\t/* originating host, may be inet_anyaddr() */\n\tshort\t src_len;\t\t/* source prefix len, or 0:disabled */\n\n\tinet_addr_t group;\t\t/* multicast group */\n\tshort\t len;\t\t/* prefix len, or 0:disabled */\n\n\tvifi_t inbound;\t\t/* incoming VIF\t */\n\tuint8_t\t ttl[MAX_MC_VIFS];/* outgoing VIFs */\n\n\n\tunsigned long valid_pkt;\t/* packet counter at last mroute4_dyn_expire() */\n\ttime_t\t last_use;\t/* timestamp of last forwarded packet */\n};\n\nint mroute_init (int do_vifs, int table_id, int cache_tmo);\nvoid mroute_exit (void);\n\nint mroute_add_vif (char *ifname, uint8_t mrdisc, uint8_t threshold);\nint mroute_del_vif (char *ifname);\n\nvoid mroute_expire (int max_idle);\n\nint mroute_add_route (struct mroute *mroute);\nint mroute_del_route (struct mroute *mroute);\n\nvoid mroute_reload_beg (void);\nvoid mroute_reload_end (int do_vifs);\n\nint mroute_show (int sd, int detail);\n\n#endif /* SMCROUTE_MROUTE_H_ */\n" }, { "path": "src/msg.c", "content": "/* IPC command parser and builder for daemon and client\n *\n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \"config.h\"\n\n#include \n#include \t\t/* sig_atomic_t */\n#include \n#include \n#include \n#include \n\n#include \"conf.h\"\n#include \"log.h\"\n#include \"msg.h\"\n#include \"iface.h\"\n#include \"util.h\"\n#include \"mroute.h\"\n#include \"mcgroup.h\"\n\nextern volatile sig_atomic_t running;\nextern volatile sig_atomic_t reloading;\n\n\n/*\n * Check for prefix length, only applicable for (*,G) routes\n */\nint is_range(char *arg)\n{\n\tchar *ptr;\n\n\tptr = strchr(arg, '/');\n\tif (ptr) {\n\t\t*ptr++ = 0;\n\t\treturn atoi(ptr);\n\t}\n\n\treturn 0;\n}\n\nstatic int do_mgroup(struct ipc_msg *msg)\n{\n\tchar source[INET_ADDRSTR_LEN + 5] = { 0 };\n\tchar group[INET_ADDRSTR_LEN + 5] = { 0 };\n\tchar *ifname = msg->argv[0];\n\n\tif (msg->count < 2) {\n\t\terrno = EINVAL;\n\t\treturn -1;\n\t}\n\tif (msg->count == 3) {\n\t\tstrlcpy(source, msg->argv[1], sizeof(source));\n\t\tstrlcpy(group, msg->argv[2], sizeof(group));\n\t} else\n\t\tstrlcpy(group, msg->argv[1], sizeof(group));\n\n\treturn conf_mgroup(NULL, msg->cmd == 'j' ? 1 : 0, ifname, source[0] ? source : NULL, group);\n}\n\nstatic int do_mroute(struct ipc_msg *msg)\n{\n\tchar src[INET_ADDRSTR_LEN + 5];\n\tchar *ifname, *source, *group;\n\tchar *out[MAX_MC_VIFS];\n\tinet_addr_t ss;\n\tint num = 0;\n\tint pos = 0;\n\n\tif (msg->count < 2) {\n\t\terrno = EINVAL;\n\t\treturn -1;\n\t}\n\n\tifname = msg->argv[pos++];\n\n\tstrlcpy(src, msg->argv[pos++], sizeof(src));\n\tis_range(src);\n\tif (inet_str2addr(src, &ss)) {\n\t\tsmclog(LOG_ERR, \"mroute: invalid source/group address: %s\", src);\n\t\treturn 1;\n\t}\n\n\tif (!is_multicast(&ss)) {\n\t\tchar grp[INET_ADDRSTR_LEN + 5];\n\n\t\tstrlcpy(grp, msg->argv[pos++], sizeof(grp));\n\t\tis_range(grp);\n\t\tif (inet_str2addr(grp, &ss) || !is_multicast(&ss)) {\n\t\t\tsmclog(LOG_DEBUG, \"mroute: invalid multicast group: %s\", grp);\n\t\t\treturn 1;\n\t\t}\n\n\t\tsource = msg->argv[1];\n\t\tgroup = msg->argv[2];\n\t} else {\n\t\tsource = NULL;\n\t\tgroup = msg->argv[1];\n\t}\n\n\twhile (pos < msg->count)\n\t\tout[num++] = msg->argv[pos++];\n\n\treturn conf_mroute(NULL, msg->cmd == 'a' ? 1 : 0, ifname, source, group, out, num);\n}\n\nstatic int do_show(struct ipc_msg *msg, int sd, int detail)\n{\n\tif (msg->count > 0) {\n\t\tchar cmd = msg->argv[0][0];\n\n\t\tswitch (cmd) {\n\t\tcase 'g':\n\t\t\treturn mcgroup_show(sd, detail);\n\n\t\tcase 'i':\n\t\t\treturn iface_show(sd, detail);\n\n\t\tdefault:\n\t\t\tbreak;\n\t\t}\n\t}\n\n\treturn mroute_show(sd, detail);\n}\n\n/*\n * Convert IPC command from client to a mulicast route or group join/leave\n */\nint msg_do(int sd, struct ipc_msg *msg)\n{\n\tint result = 0;\n\n\tswitch (msg->cmd) {\n\tcase 'a':\n\tcase 'r':\n\t\tresult = do_mroute(msg);\n\t\tbreak;\n\n\tcase 'j':\n\tcase 'l':\n\t\tresult = do_mgroup(msg);\n\t\tbreak;\n\n\tcase 'F':\n\t\tmroute_expire(0);\n\t\tbreak;\n\n\tcase 'H':\t\t/* HUP */\n\t\treloading = 1;\n\t\tbreak;\n\n\tcase 'k':\n\t\trunning = 0;\n\t\tbreak;\n\n\tcase 'S':\n\t\tresult = do_show(msg, sd, 1);\n\t\tbreak;\n\n\tcase 's':\n\t\tresult = do_show(msg, sd, 0);\n\t\tbreak;\n\n\tdefault:\n\t\terrno = EINVAL;\n\t\tresult = -1;\n\t}\n\n\treturn result;\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/msg.h", "content": "/* SMCRoute IPC API\n *\n * Multicast routes:\n *\n * add eth0 [1.1.1.1] 239.1.1.1 eth1 eth2\n *\n * +----+-----+---+--------------------------------------------+\n * | 42 | 'a' | 5 | \"eth0\\01.1.1.1\\0239.1.1.1\\0eth1\\0eth2\\0\\0\" |\n * +----+-----+---+--------------------------------------------+\n * ^ ^ |-----|\n * | | `---> Second argument is optional => (*,G)\n * +-----cmd------+\n *\n * del [1.1.1.1] 239.1.1.1\n *\n * +----+-----+---+--------------------------+\n * | 27 | 'r' | 2 | \"1.1.1.1\\0239.1.1.1\\0\\0\" |\n * +----+-----+---+--------------------------+\n * ^ ^\n * | |\n * +-----cmd------+\n *\n * Multicast groups:\n *\n * join/leave eth0 [1.1.1.1] 239.1.1.1\n *\n * +----+-----+---+--------------------------------------------+\n * | 32 | 'j' | 3 | \"eth0\\01.1.1.1\\0239.1.1.1\\0\\0\" |\n * +----+-----+---+--------------------------------------------+\n * |-----|\n * `-----> For SSM group join/leave\n */\n#ifndef SMCROUTE_MSG_H_\n#define SMCROUTE_MSG_H_\n\n#include \n#include \n#include \n\n#define MX_CMDPKT_SZ 1024\t/* command size including appended strings */\n\nstruct ipc_msg {\n\tsize_t len;\t\t/* total size of packet including cmd header */\n\tuint16_t cmd;\t\t/* 'a'=Add,'r'=Remove,'j'=Join,'l'=Leave,'k'=Kill */\n\tuint16_t count;\t\t/* command argument count */\n\tchar *argv[0]; \t/* 'count' * '\\0' terminated strings + '\\0' */\n};\n\nint msg_do(int sd, struct ipc_msg *msg);\n\n#endif /* SMCROUTE_MSG_H_ */\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/notify.c", "content": "/* generic service monitor backend\n *\n * Copyright (C) 2019-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \n#include \n\n#include \"log.h\"\n#include \"notify.h\"\n#include \"util.h\"\n\nvoid notify_ready(char *pidfn, uid_t uid, gid_t gid)\n{\n\tconst char *msg = \"Ready, waiting for client request or kernel event.\";\n\n\tif (pidfile_create(pidfn, uid, gid))\n\t\tsmclog(LOG_WARNING, \"Failed create/chown PID file: %s\", strerror(errno));\n\n\tsystemd_notify_ready(msg);\n\tsmclog(LOG_NOTICE, msg);\n}\n\nvoid notify_reload(void)\n{\n\tconst char *msg = \"Reloading configuration, please wait ...\";\n\n\tsystemd_notify_reload(msg);\n\tsmclog(LOG_NOTICE, msg);\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/notify.h", "content": "/* Wrappers for different service monitors */\n#ifndef SMCROUTE_NOTIFY_H_\n#define SMCROUTE_NOTIFY_H_\n\n#include \"config.h\"\n\nvoid notify_ready(char *pidfn, uid_t uid, gid_t gid);\nvoid notify_reload(void);\n\n#ifdef HAVE_LIBSYSTEMD\nvoid systemd_notify_ready(const char *status);\nvoid systemd_notify_reload(const char *status);\n#else\n#define systemd_notify_ready(status)\n#define systemd_notify_reload(status)\n#endif\n\n#endif /* SMCROUTE_NOTIFY_H_ */\n" }, { "path": "src/pidfile.c", "content": "/*\tUpdated by troglobit for libite/finit/uftpd/smcroute projects 2016/07/04 */\n/*\t$OpenBSD: pidfile.c,v 1.11 2015/06/03 02:24:36 millert Exp $\t*/\n/*\t$NetBSD: pidfile.c,v 1.4 2001/02/19 22:43:42 cgd Exp $\t*/\n\n/*-\n * Copyright (c) 1999 The NetBSD Foundation, Inc.\n * All rights reserved.\n *\n * This code is derived from software contributed to The NetBSD Foundation\n * by Jason R. Thorpe.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n *\n * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS\n * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED\n * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS\n * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR\n * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\n * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\n * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\n * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\n * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\n * POSSIBILITY OF SUCH DAMAGE.\n */\n\n#include \"config.h\"\n\n#include \t\t/* utimensat() */\n#include \t\t/* utimensat() on *BSD */\n#include \n#include \n#include \n#include \n#include \n\n#include \"log.h\"\n#include \"util.h\"\n\nstatic char *pidfile_path = NULL;\nstatic pid_t pidfile_pid = 0;\n\nconst char *__pidfile_path = RUNSTATEDIR;\nconst char *__pidfile_name = NULL;\nextern char *prognm;\n\nstatic void pidfile_cleanup(void)\n{\n\tif (pidfile_path != NULL && pidfile_pid == getpid()) {\n\t\t(void) unlink(pidfile_path);\n\t\tfree(pidfile_path);\n\t\tpidfile_path = NULL;\n\t}\n}\n\nint pidfile_create(const char *basename, uid_t uid, gid_t gid)\n{\n\tint save_errno;\n\tint atexit_already;\n\tpid_t pid;\n\tFILE *f;\n\n\tif (basename == NULL)\n\t\tbasename = prognm;\n\n\tpid = getpid();\n\tatexit_already = 0;\n\n\tif (pidfile_path != NULL) {\n\t\tif (!access(pidfile_path, R_OK) && pid == pidfile_pid) {\n\t\t\tutimensat(0, pidfile_path, NULL, 0);\n\t\t\treturn 0;\n\t\t}\n\t\tfree(pidfile_path);\n\t\tpidfile_path = NULL;\n\t\t__pidfile_name = NULL;\n\t\tatexit_already = 1;\n\t}\n\n\tif (basename[0] != '/') {\n\t\tif (asprintf(&pidfile_path, \"%s/%s.pid\", __pidfile_path, basename) == -1)\n\t\t\treturn -1;\n\t} else {\n\t\tif (asprintf(&pidfile_path, \"%s\", basename) == -1)\n\t\t\treturn -1;\n\t}\n\n\tsmclog(LOG_DEBUG, \"Creating PID file %s\", pidfile_path);\n\tif ((f = fopen(pidfile_path, \"w\")) == NULL) {\n\t\tsave_errno = errno;\n\t\tfree(pidfile_path);\n\t\tpidfile_path = NULL;\n\t\terrno = save_errno;\n\t\treturn -1;\n\t}\n\n\tif (fprintf(f, \"%ld\\n\", (long)pid) <= 0 || fflush(f) != 0) {\n\t\tsave_errno = errno;\n\t\t(void) fclose(f);\n\t\t(void) unlink(pidfile_path);\n\t\tfree(pidfile_path);\n\t\tpidfile_path = NULL;\n\t\terrno = save_errno;\n\t\treturn -1;\n\t}\n\t(void) fclose(f);\n\t__pidfile_name = pidfile_path;\n\n\tif (chown(pidfile_path, uid, gid))\n\t\treturn -1;\n\n\t/*\n\t * LITE extension, no need to set up another atexit() handler\n\t * if user only called us to update the mtime of the PID file\n\t */\n\tif (atexit_already)\n\t\treturn 0;\n\n\tpidfile_pid = pid;\n\tif (atexit(pidfile_cleanup) < 0) {\n\t\tsave_errno = errno;\n\t\t(void) unlink(pidfile_path);\n\t\tfree(pidfile_path);\n\t\tpidfile_path = NULL;\n\t\tpidfile_pid = 0;\n\t\terrno = save_errno;\n\t\treturn -1;\n\t}\n\n\treturn 0;\n}\n" }, { "path": "src/queue.h", "content": "/*\t$OpenBSD: queue.h,v 1.43 2015/12/28 19:38:40 millert Exp $\t*/\n/*\t$NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $\t*/\n\n/*\n * Copyright (c) 1991, 1993\n *\tThe Regents of the University of California. All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. Neither the name of the University nor the names of its contributors\n * may be used to endorse or promote products derived from this software\n * without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND\n * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE\n * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE\n * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\n * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS\n * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT\n * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY\n * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF\n * SUCH DAMAGE.\n *\n *\t@(#)queue.h\t8.5 (Berkeley) 8/20/94\n */\n\n#ifndef\t_SYS_QUEUE_H_\n#define\t_SYS_QUEUE_H_\n\n/*\n * This file defines five types of data structures: singly-linked lists,\n * lists, simple queues, tail queues and XOR simple queues.\n *\n *\n * A singly-linked list is headed by a single forward pointer. The elements\n * are singly linked for minimum space and pointer manipulation overhead at\n * the expense of O(n) removal for arbitrary elements. New elements can be\n * added to the list after an existing element or at the head of the list.\n * Elements being removed from the head of the list should use the explicit\n * macro for this purpose for optimum efficiency. A singly-linked list may\n * only be traversed in the forward direction. Singly-linked lists are ideal\n * for applications with large datasets and few or no removals or for\n * implementing a LIFO queue.\n *\n * A list is headed by a single forward pointer (or an array of forward\n * pointers for a hash table header). The elements are doubly linked\n * so that an arbitrary element can be removed without a need to\n * traverse the list. New elements can be added to the list before\n * or after an existing element or at the head of the list. A list\n * may only be traversed in the forward direction.\n *\n * A simple queue is headed by a pair of pointers, one to the head of the\n * list and the other to the tail of the list. The elements are singly\n * linked to save space, so elements can only be removed from the\n * head of the list. New elements can be added to the list before or after\n * an existing element, at the head of the list, or at the end of the\n * list. A simple queue may only be traversed in the forward direction.\n *\n * A tail queue is headed by a pair of pointers, one to the head of the\n * list and the other to the tail of the list. The elements are doubly\n * linked so that an arbitrary element can be removed without a need to\n * traverse the list. New elements can be added to the list before or\n * after an existing element, at the head of the list, or at the end of\n * the list. A tail queue may be traversed in either direction.\n *\n * An XOR simple queue is used in the same way as a regular simple queue.\n * The difference is that the head structure also includes a \"cookie\" that\n * is XOR'd with the queue pointer (first, last or next) to generate the\n * real pointer value.\n *\n * For details on the use of these macros, see the queue(3) manual page.\n */\n\n#if defined(QUEUE_MACRO_DEBUG) || (defined(_KERNEL) && defined(DIAGNOSTIC))\n#define _Q_INVALIDATE(a) (a) = ((void *)-1)\n#else\n#define _Q_INVALIDATE(a)\n#endif\n\n/*\n * Singly-linked List definitions.\n */\n#define SLIST_HEAD(name, type)\t\t\t\t\t\t\\\nstruct name {\t\t\t\t\t\t\t\t\\\n\tstruct type *slh_first;\t/* first element */\t\t\t\\\n}\n\n#define\tSLIST_HEAD_INITIALIZER(head)\t\t\t\t\t\\\n\t{ NULL }\n\n#define SLIST_ENTRY(type)\t\t\t\t\t\t\\\nstruct {\t\t\t\t\t\t\t\t\\\n\tstruct type *sle_next;\t/* next element */\t\t\t\\\n}\n\n/*\n * Singly-linked List access methods.\n */\n#define\tSLIST_FIRST(head)\t((head)->slh_first)\n#define\tSLIST_END(head)\t\tNULL\n#define\tSLIST_EMPTY(head)\t(SLIST_FIRST(head) == SLIST_END(head))\n#define\tSLIST_NEXT(elm, field)\t((elm)->field.sle_next)\n\n#define\tSLIST_FOREACH(var, head, field)\t\t\t\t\t\\\n\tfor((var) = SLIST_FIRST(head);\t\t\t\t\t\\\n\t (var) != SLIST_END(head);\t\t\t\t\t\\\n\t (var) = SLIST_NEXT(var, field))\n\n#define\tSLIST_FOREACH_SAFE(var, head, field, tvar)\t\t\t\\\n\tfor ((var) = SLIST_FIRST(head);\t\t\t\t\\\n\t (var) && ((tvar) = SLIST_NEXT(var, field), 1);\t\t\\\n\t (var) = (tvar))\n\n/*\n * Singly-linked List functions.\n */\n#define\tSLIST_INIT(head) {\t\t\t\t\t\t\\\n\tSLIST_FIRST(head) = SLIST_END(head);\t\t\t\t\\\n}\n\n#define\tSLIST_INSERT_AFTER(slistelm, elm, field) do {\t\t\t\\\n\t(elm)->field.sle_next = (slistelm)->field.sle_next;\t\t\\\n\t(slistelm)->field.sle_next = (elm);\t\t\t\t\\\n} while (0)\n\n#define\tSLIST_INSERT_HEAD(head, elm, field) do {\t\t\t\\\n\t(elm)->field.sle_next = (head)->slh_first;\t\t\t\\\n\t(head)->slh_first = (elm);\t\t\t\t\t\\\n} while (0)\n\n#define\tSLIST_REMOVE_AFTER(elm, field) do {\t\t\t\t\\\n\t(elm)->field.sle_next = (elm)->field.sle_next->field.sle_next;\t\\\n} while (0)\n\n#define\tSLIST_REMOVE_HEAD(head, field) do {\t\t\t\t\\\n\t(head)->slh_first = (head)->slh_first->field.sle_next;\t\t\\\n} while (0)\n\n#define SLIST_REMOVE(head, elm, type, field) do {\t\t\t\\\n\tif ((head)->slh_first == (elm)) {\t\t\t\t\\\n\t\tSLIST_REMOVE_HEAD((head), field);\t\t\t\\\n\t} else {\t\t\t\t\t\t\t\\\n\t\tstruct type *curelm = (head)->slh_first;\t\t\\\n\t\t\t\t\t\t\t\t\t\\\n\t\twhile (curelm->field.sle_next != (elm))\t\t\t\\\n\t\t\tcurelm = curelm->field.sle_next;\t\t\\\n\t\tcurelm->field.sle_next =\t\t\t\t\\\n\t\t curelm->field.sle_next->field.sle_next;\t\t\\\n\t}\t\t\t\t\t\t\t\t\\\n\t_Q_INVALIDATE((elm)->field.sle_next);\t\t\t\t\\\n} while (0)\n\n/*\n * List definitions.\n */\n#define LIST_HEAD(name, type)\t\t\t\t\t\t\\\nstruct name {\t\t\t\t\t\t\t\t\\\n\tstruct type *lh_first;\t/* first element */\t\t\t\\\n}\n\n#define LIST_HEAD_INITIALIZER(head)\t\t\t\t\t\\\n\t{ NULL }\n\n#define LIST_ENTRY(type)\t\t\t\t\t\t\\\nstruct {\t\t\t\t\t\t\t\t\\\n\tstruct type *le_next;\t/* next element */\t\t\t\\\n\tstruct type **le_prev;\t/* address of previous next element */\t\\\n}\n\n/*\n * List access methods.\n */\n#define\tLIST_FIRST(head)\t\t((head)->lh_first)\n#define\tLIST_END(head)\t\t\tNULL\n#define\tLIST_EMPTY(head)\t\t(LIST_FIRST(head) == LIST_END(head))\n#define\tLIST_NEXT(elm, field)\t\t((elm)->field.le_next)\n\n#define LIST_FOREACH(var, head, field)\t\t\t\t\t\\\n\tfor((var) = LIST_FIRST(head);\t\t\t\t\t\\\n\t (var)!= LIST_END(head);\t\t\t\t\t\\\n\t (var) = LIST_NEXT(var, field))\n\n#define\tLIST_FOREACH_SAFE(var, head, field, tvar)\t\t\t\\\n\tfor ((var) = LIST_FIRST(head);\t\t\t\t\\\n\t (var) && ((tvar) = LIST_NEXT(var, field), 1);\t\t\\\n\t (var) = (tvar))\n\n/*\n * List functions.\n */\n#define\tLIST_INIT(head) do {\t\t\t\t\t\t\\\n\tLIST_FIRST(head) = LIST_END(head);\t\t\t\t\\\n} while (0)\n\n#define LIST_INSERT_AFTER(listelm, elm, field) do {\t\t\t\\\n\tif (((elm)->field.le_next = (listelm)->field.le_next) != NULL)\t\\\n\t\t(listelm)->field.le_next->field.le_prev =\t\t\\\n\t\t &(elm)->field.le_next;\t\t\t\t\\\n\t(listelm)->field.le_next = (elm);\t\t\t\t\\\n\t(elm)->field.le_prev = &(listelm)->field.le_next;\t\t\\\n} while (0)\n\n#define\tLIST_INSERT_BEFORE(listelm, elm, field) do {\t\t\t\\\n\t(elm)->field.le_prev = (listelm)->field.le_prev;\t\t\\\n\t(elm)->field.le_next = (listelm);\t\t\t\t\\\n\t*(listelm)->field.le_prev = (elm);\t\t\t\t\\\n\t(listelm)->field.le_prev = &(elm)->field.le_next;\t\t\\\n} while (0)\n\n#define LIST_INSERT_HEAD(head, elm, field) do {\t\t\t\t\\\n\tif (((elm)->field.le_next = (head)->lh_first) != NULL)\t\t\\\n\t\t(head)->lh_first->field.le_prev = &(elm)->field.le_next;\\\n\t(head)->lh_first = (elm);\t\t\t\t\t\\\n\t(elm)->field.le_prev = &(head)->lh_first;\t\t\t\\\n} while (0)\n\n#define LIST_REMOVE(elm, field) do {\t\t\t\t\t\\\n\tif ((elm)->field.le_next != NULL)\t\t\t\t\\\n\t\t(elm)->field.le_next->field.le_prev =\t\t\t\\\n\t\t (elm)->field.le_prev;\t\t\t\t\\\n\t*(elm)->field.le_prev = (elm)->field.le_next;\t\t\t\\\n\t_Q_INVALIDATE((elm)->field.le_prev);\t\t\t\t\\\n\t_Q_INVALIDATE((elm)->field.le_next);\t\t\t\t\\\n} while (0)\n\n#define LIST_REPLACE(elm, elm2, field) do {\t\t\t\t\\\n\tif (((elm2)->field.le_next = (elm)->field.le_next) != NULL)\t\\\n\t\t(elm2)->field.le_next->field.le_prev =\t\t\t\\\n\t\t &(elm2)->field.le_next;\t\t\t\t\\\n\t(elm2)->field.le_prev = (elm)->field.le_prev;\t\t\t\\\n\t*(elm2)->field.le_prev = (elm2);\t\t\t\t\\\n\t_Q_INVALIDATE((elm)->field.le_prev);\t\t\t\t\\\n\t_Q_INVALIDATE((elm)->field.le_next);\t\t\t\t\\\n} while (0)\n\n/*\n * Simple queue definitions.\n */\n#define SIMPLEQ_HEAD(name, type)\t\t\t\t\t\\\nstruct name {\t\t\t\t\t\t\t\t\\\n\tstruct type *sqh_first;\t/* first element */\t\t\t\\\n\tstruct type **sqh_last;\t/* addr of last next element */\t\t\\\n}\n\n#define SIMPLEQ_HEAD_INITIALIZER(head)\t\t\t\t\t\\\n\t{ NULL, &(head).sqh_first }\n\n#define SIMPLEQ_ENTRY(type)\t\t\t\t\t\t\\\nstruct {\t\t\t\t\t\t\t\t\\\n\tstruct type *sqe_next;\t/* next element */\t\t\t\\\n}\n\n/*\n * Simple queue access methods.\n */\n#define\tSIMPLEQ_FIRST(head)\t ((head)->sqh_first)\n#define\tSIMPLEQ_END(head)\t NULL\n#define\tSIMPLEQ_EMPTY(head)\t (SIMPLEQ_FIRST(head) == SIMPLEQ_END(head))\n#define\tSIMPLEQ_NEXT(elm, field) ((elm)->field.sqe_next)\n\n#define SIMPLEQ_FOREACH(var, head, field)\t\t\t\t\\\n\tfor((var) = SIMPLEQ_FIRST(head);\t\t\t\t\\\n\t (var) != SIMPLEQ_END(head);\t\t\t\t\t\\\n\t (var) = SIMPLEQ_NEXT(var, field))\n\n#define\tSIMPLEQ_FOREACH_SAFE(var, head, field, tvar)\t\t\t\\\n\tfor ((var) = SIMPLEQ_FIRST(head);\t\t\t\t\\\n\t (var) && ((tvar) = SIMPLEQ_NEXT(var, field), 1);\t\t\\\n\t (var) = (tvar))\n\n/*\n * Simple queue functions.\n */\n#define\tSIMPLEQ_INIT(head) do {\t\t\t\t\t\t\\\n\t(head)->sqh_first = NULL;\t\t\t\t\t\\\n\t(head)->sqh_last = &(head)->sqh_first;\t\t\t\t\\\n} while (0)\n\n#define SIMPLEQ_INSERT_HEAD(head, elm, field) do {\t\t\t\\\n\tif (((elm)->field.sqe_next = (head)->sqh_first) == NULL)\t\\\n\t\t(head)->sqh_last = &(elm)->field.sqe_next;\t\t\\\n\t(head)->sqh_first = (elm);\t\t\t\t\t\\\n} while (0)\n\n#define SIMPLEQ_INSERT_TAIL(head, elm, field) do {\t\t\t\\\n\t(elm)->field.sqe_next = NULL;\t\t\t\t\t\\\n\t*(head)->sqh_last = (elm);\t\t\t\t\t\\\n\t(head)->sqh_last = &(elm)->field.sqe_next;\t\t\t\\\n} while (0)\n\n#define SIMPLEQ_INSERT_AFTER(head, listelm, elm, field) do {\t\t\\\n\tif (((elm)->field.sqe_next = (listelm)->field.sqe_next) == NULL)\\\n\t\t(head)->sqh_last = &(elm)->field.sqe_next;\t\t\\\n\t(listelm)->field.sqe_next = (elm);\t\t\t\t\\\n} while (0)\n\n#define SIMPLEQ_REMOVE_HEAD(head, field) do {\t\t\t\\\n\tif (((head)->sqh_first = (head)->sqh_first->field.sqe_next) == NULL) \\\n\t\t(head)->sqh_last = &(head)->sqh_first;\t\t\t\\\n} while (0)\n\n#define SIMPLEQ_REMOVE_AFTER(head, elm, field) do {\t\t\t\\\n\tif (((elm)->field.sqe_next = (elm)->field.sqe_next->field.sqe_next) \\\n\t == NULL)\t\t\t\t\t\t\t\\\n\t\t(head)->sqh_last = &(elm)->field.sqe_next;\t\t\\\n} while (0)\n\n#define SIMPLEQ_CONCAT(head1, head2) do {\t\t\t\t\\\n\tif (!SIMPLEQ_EMPTY((head2))) {\t\t\t\t\t\\\n\t\t*(head1)->sqh_last = (head2)->sqh_first;\t\t\\\n\t\t(head1)->sqh_last = (head2)->sqh_last;\t\t\t\\\n\t\tSIMPLEQ_INIT((head2));\t\t\t\t\t\\\n\t}\t\t\t\t\t\t\t\t\\\n} while (0)\n\n/*\n * XOR Simple queue definitions.\n */\n#define XSIMPLEQ_HEAD(name, type)\t\t\t\t\t\\\nstruct name {\t\t\t\t\t\t\t\t\\\n\tstruct type *sqx_first;\t/* first element */\t\t\t\\\n\tstruct type **sqx_last;\t/* addr of last next element */\t\t\\\n\tunsigned long sqx_cookie;\t\t\t\t\t\\\n}\n\n#define XSIMPLEQ_ENTRY(type)\t\t\t\t\t\t\\\nstruct {\t\t\t\t\t\t\t\t\\\n\tstruct type *sqx_next;\t/* next element */\t\t\t\\\n}\n\n/*\n * XOR Simple queue access methods.\n */\n#define XSIMPLEQ_XOR(head, ptr)\t ((__typeof(ptr))((head)->sqx_cookie ^ \\\n\t\t\t\t\t(unsigned long)(ptr)))\n#define\tXSIMPLEQ_FIRST(head)\t XSIMPLEQ_XOR(head, ((head)->sqx_first))\n#define\tXSIMPLEQ_END(head)\t NULL\n#define\tXSIMPLEQ_EMPTY(head)\t (XSIMPLEQ_FIRST(head) == XSIMPLEQ_END(head))\n#define\tXSIMPLEQ_NEXT(head, elm, field) XSIMPLEQ_XOR(head, ((elm)->field.sqx_next))\n\n\n#define XSIMPLEQ_FOREACH(var, head, field)\t\t\t\t\\\n\tfor ((var) = XSIMPLEQ_FIRST(head);\t\t\t\t\\\n\t (var) != XSIMPLEQ_END(head);\t\t\t\t\\\n\t (var) = XSIMPLEQ_NEXT(head, var, field))\n\n#define\tXSIMPLEQ_FOREACH_SAFE(var, head, field, tvar)\t\t\t\\\n\tfor ((var) = XSIMPLEQ_FIRST(head);\t\t\t\t\\\n\t (var) && ((tvar) = XSIMPLEQ_NEXT(head, var, field), 1);\t\\\n\t (var) = (tvar))\n\n/*\n * XOR Simple queue functions.\n */\n#define\tXSIMPLEQ_INIT(head) do {\t\t\t\t\t\\\n\tarc4random_buf(&(head)->sqx_cookie, sizeof((head)->sqx_cookie)); \\\n\t(head)->sqx_first = XSIMPLEQ_XOR(head, NULL);\t\t\t\\\n\t(head)->sqx_last = XSIMPLEQ_XOR(head, &(head)->sqx_first);\t\\\n} while (0)\n\n#define XSIMPLEQ_INSERT_HEAD(head, elm, field) do {\t\t\t\\\n\tif (((elm)->field.sqx_next = (head)->sqx_first) ==\t\t\\\n\t XSIMPLEQ_XOR(head, NULL))\t\t\t\t\t\\\n\t\t(head)->sqx_last = XSIMPLEQ_XOR(head, &(elm)->field.sqx_next); \\\n\t(head)->sqx_first = XSIMPLEQ_XOR(head, (elm));\t\t\t\\\n} while (0)\n\n#define XSIMPLEQ_INSERT_TAIL(head, elm, field) do {\t\t\t\\\n\t(elm)->field.sqx_next = XSIMPLEQ_XOR(head, NULL);\t\t\\\n\t*(XSIMPLEQ_XOR(head, (head)->sqx_last)) = XSIMPLEQ_XOR(head, (elm)); \\\n\t(head)->sqx_last = XSIMPLEQ_XOR(head, &(elm)->field.sqx_next);\t\\\n} while (0)\n\n#define XSIMPLEQ_INSERT_AFTER(head, listelm, elm, field) do {\t\t\\\n\tif (((elm)->field.sqx_next = (listelm)->field.sqx_next) ==\t\\\n\t XSIMPLEQ_XOR(head, NULL))\t\t\t\t\t\\\n\t\t(head)->sqx_last = XSIMPLEQ_XOR(head, &(elm)->field.sqx_next); \\\n\t(listelm)->field.sqx_next = XSIMPLEQ_XOR(head, (elm));\t\t\\\n} while (0)\n\n#define XSIMPLEQ_REMOVE_HEAD(head, field) do {\t\t\t\t\\\n\tif (((head)->sqx_first = XSIMPLEQ_XOR(head,\t\t\t\\\n\t (head)->sqx_first)->field.sqx_next) == XSIMPLEQ_XOR(head, NULL)) \\\n\t\t(head)->sqx_last = XSIMPLEQ_XOR(head, &(head)->sqx_first); \\\n} while (0)\n\n#define XSIMPLEQ_REMOVE_AFTER(head, elm, field) do {\t\t\t\\\n\tif (((elm)->field.sqx_next = XSIMPLEQ_XOR(head,\t\t\t\\\n\t (elm)->field.sqx_next)->field.sqx_next)\t\t\t\\\n\t == XSIMPLEQ_XOR(head, NULL))\t\t\t\t\\\n\t\t(head)->sqx_last = \t\t\t\t\t\\\n\t\t XSIMPLEQ_XOR(head, &(elm)->field.sqx_next);\t\t\\\n} while (0)\n\n\n/*\n * Tail queue definitions.\n */\n#define TAILQ_HEAD(name, type)\t\t\t\t\t\t\\\nstruct name {\t\t\t\t\t\t\t\t\\\n\tstruct type *tqh_first;\t/* first element */\t\t\t\\\n\tstruct type **tqh_last;\t/* addr of last next element */\t\t\\\n}\n\n#define TAILQ_HEAD_INITIALIZER(head)\t\t\t\t\t\\\n\t{ NULL, &(head).tqh_first }\n\n#define TAILQ_ENTRY(type)\t\t\t\t\t\t\\\nstruct {\t\t\t\t\t\t\t\t\\\n\tstruct type *tqe_next;\t/* next element */\t\t\t\\\n\tstruct type **tqe_prev;\t/* address of previous next element */\t\\\n}\n\n/*\n * Tail queue access methods.\n */\n#define\tTAILQ_FIRST(head)\t\t((head)->tqh_first)\n#define\tTAILQ_END(head)\t\t\tNULL\n#define\tTAILQ_NEXT(elm, field)\t\t((elm)->field.tqe_next)\n#define TAILQ_LAST(head, headname)\t\t\t\t\t\\\n\t(*(((struct headname *)((head)->tqh_last))->tqh_last))\n/* XXX */\n#define TAILQ_PREV(elm, headname, field)\t\t\t\t\\\n\t(*(((struct headname *)((elm)->field.tqe_prev))->tqh_last))\n#define\tTAILQ_EMPTY(head)\t\t\t\t\t\t\\\n\t(TAILQ_FIRST(head) == TAILQ_END(head))\n\n#define TAILQ_FOREACH(var, head, field)\t\t\t\t\t\\\n\tfor((var) = TAILQ_FIRST(head);\t\t\t\t\t\\\n\t (var) != TAILQ_END(head);\t\t\t\t\t\\\n\t (var) = TAILQ_NEXT(var, field))\n\n#define\tTAILQ_FOREACH_SAFE(var, head, field, tvar)\t\t\t\\\n\tfor ((var) = TAILQ_FIRST(head);\t\t\t\t\t\\\n\t (var) != TAILQ_END(head) &&\t\t\t\t\t\\\n\t ((tvar) = TAILQ_NEXT(var, field), 1);\t\t\t\\\n\t (var) = (tvar))\n\n\n#define TAILQ_FOREACH_REVERSE(var, head, headname, field)\t\t\\\n\tfor((var) = TAILQ_LAST(head, headname);\t\t\t\t\\\n\t (var) != TAILQ_END(head);\t\t\t\t\t\\\n\t (var) = TAILQ_PREV(var, headname, field))\n\n#define\tTAILQ_FOREACH_REVERSE_SAFE(var, head, headname, field, tvar)\t\\\n\tfor ((var) = TAILQ_LAST(head, headname);\t\t\t\\\n\t (var) != TAILQ_END(head) &&\t\t\t\t\t\\\n\t ((tvar) = TAILQ_PREV(var, headname, field), 1);\t\t\\\n\t (var) = (tvar))\n\n/*\n * Tail queue functions.\n */\n#define\tTAILQ_INIT(head) do {\t\t\t\t\t\t\\\n\t(head)->tqh_first = NULL;\t\t\t\t\t\\\n\t(head)->tqh_last = &(head)->tqh_first;\t\t\t\t\\\n} while (0)\n\n#define TAILQ_INSERT_HEAD(head, elm, field) do {\t\t\t\\\n\tif (((elm)->field.tqe_next = (head)->tqh_first) != NULL)\t\\\n\t\t(head)->tqh_first->field.tqe_prev =\t\t\t\\\n\t\t &(elm)->field.tqe_next;\t\t\t\t\\\n\telse\t\t\t\t\t\t\t\t\\\n\t\t(head)->tqh_last = &(elm)->field.tqe_next;\t\t\\\n\t(head)->tqh_first = (elm);\t\t\t\t\t\\\n\t(elm)->field.tqe_prev = &(head)->tqh_first;\t\t\t\\\n} while (0)\n\n#define TAILQ_INSERT_TAIL(head, elm, field) do {\t\t\t\\\n\t(elm)->field.tqe_next = NULL;\t\t\t\t\t\\\n\t(elm)->field.tqe_prev = (head)->tqh_last;\t\t\t\\\n\t*(head)->tqh_last = (elm);\t\t\t\t\t\\\n\t(head)->tqh_last = &(elm)->field.tqe_next;\t\t\t\\\n} while (0)\n\n#define TAILQ_INSERT_AFTER(head, listelm, elm, field) do {\t\t\\\n\tif (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\\\n\t\t(elm)->field.tqe_next->field.tqe_prev =\t\t\t\\\n\t\t &(elm)->field.tqe_next;\t\t\t\t\\\n\telse\t\t\t\t\t\t\t\t\\\n\t\t(head)->tqh_last = &(elm)->field.tqe_next;\t\t\\\n\t(listelm)->field.tqe_next = (elm);\t\t\t\t\\\n\t(elm)->field.tqe_prev = &(listelm)->field.tqe_next;\t\t\\\n} while (0)\n\n#define\tTAILQ_INSERT_BEFORE(listelm, elm, field) do {\t\t\t\\\n\t(elm)->field.tqe_prev = (listelm)->field.tqe_prev;\t\t\\\n\t(elm)->field.tqe_next = (listelm);\t\t\t\t\\\n\t*(listelm)->field.tqe_prev = (elm);\t\t\t\t\\\n\t(listelm)->field.tqe_prev = &(elm)->field.tqe_next;\t\t\\\n} while (0)\n\n#define TAILQ_REMOVE(head, elm, field) do {\t\t\t\t\\\n\tif (((elm)->field.tqe_next) != NULL)\t\t\t\t\\\n\t\t(elm)->field.tqe_next->field.tqe_prev =\t\t\t\\\n\t\t (elm)->field.tqe_prev;\t\t\t\t\\\n\telse\t\t\t\t\t\t\t\t\\\n\t\t(head)->tqh_last = (elm)->field.tqe_prev;\t\t\\\n\t*(elm)->field.tqe_prev = (elm)->field.tqe_next;\t\t\t\\\n\t_Q_INVALIDATE((elm)->field.tqe_prev);\t\t\t\t\\\n\t_Q_INVALIDATE((elm)->field.tqe_next);\t\t\t\t\\\n} while (0)\n\n#define TAILQ_REPLACE(head, elm, elm2, field) do {\t\t\t\\\n\tif (((elm2)->field.tqe_next = (elm)->field.tqe_next) != NULL)\t\\\n\t\t(elm2)->field.tqe_next->field.tqe_prev =\t\t\\\n\t\t &(elm2)->field.tqe_next;\t\t\t\t\\\n\telse\t\t\t\t\t\t\t\t\\\n\t\t(head)->tqh_last = &(elm2)->field.tqe_next;\t\t\\\n\t(elm2)->field.tqe_prev = (elm)->field.tqe_prev;\t\t\t\\\n\t*(elm2)->field.tqe_prev = (elm2);\t\t\t\t\\\n\t_Q_INVALIDATE((elm)->field.tqe_prev);\t\t\t\t\\\n\t_Q_INVALIDATE((elm)->field.tqe_next);\t\t\t\t\\\n} while (0)\n\n#define TAILQ_CONCAT(head1, head2, field) do {\t\t\t\t\\\n\tif (!TAILQ_EMPTY(head2)) {\t\t\t\t\t\\\n\t\t*(head1)->tqh_last = (head2)->tqh_first;\t\t\\\n\t\t(head2)->tqh_first->field.tqe_prev = (head1)->tqh_last;\t\\\n\t\t(head1)->tqh_last = (head2)->tqh_last;\t\t\t\\\n\t\tTAILQ_INIT((head2));\t\t\t\t\t\\\n\t}\t\t\t\t\t\t\t\t\\\n} while (0)\n\n#endif\t/* !_SYS_QUEUE_H_ */\n" }, { "path": "src/script.c", "content": "/* Run script when a (*,G) group is matched and installed in the kernel\n *\n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * Permission to use, copy, modify, and/or distribute this software for any\n * purpose with or without fee is hereby granted, provided that the above\n * copyright notice and this permission notice appear in all copies.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\n * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\n * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\n * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\n * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\n * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n */\n\n#include \n#include \t\t/* sigemptyset(), sigaction() */\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \t\t/* AF_INET, AF_INET6 */\n\n#include \"log.h\"\n#include \"iface.h\"\n#include \"script.h\"\n\nstatic char *exec = NULL;\nstatic pid_t script = 0;\n\nstatic void handler(int signo)\n{\n\tint status;\n\tpid_t pid = 1;\n\n\t(void)signo;\n\n\twhile (pid > 0) {\n\t\tpid = waitpid(-1, &status, WNOHANG);\n\t\tif (pid == script) {\n\t\t\tscript = 0;\n\n\t\t\t/* Script exit OK. */\n\t\t\tif (WIFEXITED(status))\n\t\t\t\tcontinue;\n\n\t\t\t/* Script exit status ... */\n\t\t\tstatus = WEXITSTATUS(status);\n\t\t\tif (status)\n\t\t\t\tsmclog(LOG_WARNING, \"Script %s returned error: %d\", exec, status);\n\t\t}\n\t}\n}\n\nint script_init(char *script)\n{\n\tstruct sigaction sa;\n\n\tif (script && access(script, X_OK)) {\n\t\tsmclog(LOG_ERR, \"%s is not executable.\", script);\n\t\treturn -1;\n\t}\n\texec = script;\n\n\tsa.sa_handler = handler;\n\tsa.sa_flags = 0;\n\tsigemptyset(&sa.sa_mask);\n\tsigaction(SIGCHLD, &sa, NULL);\n\n\treturn 0;\n}\n\nint script_exec(struct mroute *mroute)\n{\n\tpid_t pid;\n\n\tchar *argv[] = {\n\t\texec,\n\t\t\"reload\",\n\t\tNULL,\n\t};\n\n\tif (!exec)\n\t\treturn 0;\n\n\tif (mroute) {\n\t\tchar source[INET_ADDRSTR_LEN], group[INET_ADDRSTR_LEN];\n\n\t\tinet_addr2str(&mroute->source, source, sizeof(source));\n\t\tinet_addr2str(&mroute->group, group, sizeof(group));\n\n\t\tsetenv(\"source\", source, 1);\n\t\tsetenv(\"group\", group, 1);\n\t\targv[1] = \"install\";\n\t} else {\n\t\tunsetenv(\"source\");\n\t\tunsetenv(\"group\");\n\t}\n\n\tpid = fork();\n\tif (!pid) {\n\t\t/* Prevent children from accessing systemd socket (if enabled) */\n\t\tunsetenv(\"NOTIFY_SOCKET\");\n\t\t_exit(execv(argv[0], argv));\n\t}\n\tif (pid < 0) {\n\t\tsmclog(LOG_WARNING, \"Cannot start script %s: %s\", exec, strerror(errno));\n\t\treturn EX_OSERR;\n\t}\n\n\tscript = pid;\n\treturn EX_OK;\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n\n" }, { "path": "src/script.h", "content": "/* SMCRoute script API */\n#ifndef SMCROUTE_SCRIPT_H_\n#define SMCROUTE_SCRIPT_H_\n\n#include \"mroute.h\"\n\nint script_init (char *script);\nint script_exec (struct mroute *mroute);\n\n#endif /* SMCROUTE_SCRIPT_H_ */\n" }, { "path": "src/smcroutectl.c", "content": "/* Client for smcrouted, not needed if only using smcroute.conf\n *\n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \"config.h\"\n\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#ifdef HAVE_TERMIOS_H\n# include \n#endif\n#include \n#include \n#include \n#include \n#include \n\n#include \"msg.h\"\n#include \"util.h\"\n\nstatic const char version_info[] = PACKAGE_NAME \" v\" PACKAGE_VERSION;\n\nstatic char *ident = PACKAGE;\nstatic char *sock_file = NULL;\nstatic const char *prognm = NULL;\nstatic int heading = 1;\nstatic int detail = 0;\nstatic int plain = 0;\nstatic int help = 0;\n\nstruct arg {\n\tchar *name;\n\tint min_args;\t\t/* 0: command takes no arguments */\n\tint val;\n\tchar *arg;\n\tchar *help;\n\tchar *example;\t\t/* optional */\n\tint has_detail;\n} args[] = {\n\t{ NULL, 0, 'b', NULL, \"Batch mode, read commands from stdin\", NULL, 0 },\n\t{ NULL, 0, 'd', NULL, \"Detailed output in show command\", NULL, 0 },\n\t{ NULL, 1, 'i', \"NAME\", \"Identity of routing daemon instance, default: \" PACKAGE, \"foo\", 0 },\n\t{ NULL, 1, 'I', \"NAME\", NULL, NULL, 0 }, /* Alias, compat with older versions */\n\t{ NULL, 0, 'p', NULL, \"Use plain table headings, no ctrl chars\", NULL, 0 },\n\t{ NULL, 0, 't', NULL, \"Skip table heading in show command\", NULL, 0 },\n\t{ NULL, 1, 'u', \"FILE\", \"UNIX domain socket for daemon, default: \" RUNSTATEDIR \"/\" PACKAGE \".sock\", \"/tmp/foo.sock\", 0 },\n\t{ \"help\", 0, 'h', NULL, \"Show help text\", NULL, 0 },\n\t{ \"version\", 0, 'v', NULL, \"Show program version and support information\", NULL, 0 },\n\t{ \"flush\" , 0, 'F', NULL, \"Flush all dynamically installed (*,G) multicast routes\", NULL, 0 },\n\t{ \"kill\", 0, 'k', NULL, \"Kill running daemon\", NULL, 0 },\n\t{ \"reload\", 0, 'H', NULL, \"Reload .conf file, like SIGHUP\", NULL, 0 },\n\t{ \"restart\", 0, 'H', NULL, NULL, NULL, 0 }, /* Alias, compat with older versions */\n\t{ \"show\", 0, 's', NULL, \"Show status of routes, joined groups, interfaces, etc.\", NULL, 1 },\n\t{ \"add\", 3, 'a', NULL, \"Add a multicast route\", \"eth0 192.168.2.42 225.1.2.3 eth1 eth2\", 0 },\n\t{ \"remove\", 2, 'r', NULL, \"Remove a multicast route\", \"eth0 192.168.2.42 225.1.2.3\", 0 },\n\t{ \"del\", 2, 'r', NULL, NULL, NULL, 0 }, /* Alias */\n\t{ \"join\", 2, 'j', NULL, \"Join multicast group on an interface\", \"eth0 225.1.2.3\", 0 },\n\t{ \"leave\", 2, 'l', NULL, \"Leave joined multicast group\", \"eth0 225.1.2.3\", 0 },\n\t{ NULL, 0, 0, NULL, NULL, NULL, 0 }\n};\n\n\n/*\n * Build IPC message to send to the daemon using @cmd and @count\n * number of arguments from @argv.\n */\nstatic struct ipc_msg *msg_create(uint16_t cmd, char *argv[], size_t count)\n{\n\tstruct ipc_msg *msg;\n\tsize_t len = 0;\n\tsize_t i, sz;\n\tchar *ptr;\n\n\tfor (i = 0; i < count; i++)\n\t\tlen += strlen(argv[i]) + 1;\n\n\tsz = sizeof(struct ipc_msg) + len + 1;\n\tif (sz > MX_CMDPKT_SZ) {\n\t\terrno = EMSGSIZE;\n\t\treturn NULL;\n\t}\n\n\tmsg = calloc(1, sz);\n\tif (!msg)\n\t\treturn NULL;\n\n\tmsg->len = sz;\n\tmsg->cmd = cmd;\n\tmsg->count = count;\n\n\tptr = (char *)msg->argv;\n\tfor (i = 0; i < count; i++) {\n\t\tlen = strlen(argv[i]) + 1;\n\t\tptr = memcpy(ptr, argv[i], len) + len;\n\t}\n\t*ptr = '\\0';\t/* '\\0' behind last string */\n\n\treturn msg;\n}\n\n#define ESC \"\\033\"\nstatic int get_width(void)\n{\n\tint ret = 79;\n#ifdef HAVE_TERMIOS_H\n\tstruct pollfd fd = { STDIN_FILENO, POLLIN, 0 };\n\tstruct termios tc, saved;\n\tchar buf[42];\n\n\tmemset(buf, 0, sizeof(buf));\n\ttcgetattr(STDERR_FILENO, &tc);\n\tsaved = tc;\n\ttc.c_cflag |= (CLOCAL | CREAD);\n\ttc.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG);\n\ttcsetattr(STDERR_FILENO, TCSANOW, &tc);\n\tfprintf(stderr, ESC \"7\" ESC \"[r\" ESC \"[999;999H\" ESC \"[6n\");\n\n\tif (poll(&fd, 1, 300) > 0) {\n\t\tint row, col;\n\n\t\tif (scanf(ESC \"[%d;%dR\", &row, &col) == 2)\n\t\t\tret = col;\n\t}\n\n\tfprintf(stderr, ESC \"8\");\n\ttcsetattr(STDERR_FILENO, TCSANOW, &saved);\n#endif\n\treturn ret;\n}\n\nstatic void print(char *line, int indent)\n{\n\tint type = 0;\n\tint i, len;\n\n\tchomp(line);\n\n\t/* Table headings, or repeat headers, end with a '=' */\n\tlen = (int)strlen(line) - 1;\n\tif (len > 0) {\n\t\tif (line[len] == '_')\n\t\t\ttype = 1;\n\t\tif (line[len] == '=')\n\t\t\ttype = 2;\n\n\t\tif (type) {\n\t\t\tif (!heading)\n\t\t\t\treturn;\n\t\t\tline[len] = 0;\n\t\t}\n\t}\n\n\tswitch (type) {\n\tcase 1:\n\t\tif (!plain) {\n\t\t\tfprintf(stdout, \"\\e[4m%*s\\e[0m\\n%s\\n\", get_width(), \"\", line);\n\t\t\treturn;\n\n\t\t}\n\n\t\tlen = len < 79 ? 79 : len;\n\t\tfor (i = 0; i < len; i++)\n\t\t\tfputc('_', stdout);\n\t\tfprintf(stdout, \"\\n%*s%s\\n\", indent, \"\", line);\n\t\tbreak;\n\n\tcase 2:\n\t\tif (!plain) {\n\t\t\tlen = get_width() - len;\n\t\t\tfprintf(stdout, \"\\e[7m%s%*s\\e[0m\\n\", line, len, \"\");\n\t\t\treturn;\n\t\t}\n\n\t\tlen = len < 79 ? 79 : len;\n\t\tfor (i = 0; i < len; i++)\n\t\t\tfputc('=', stdout);\n\t\tfprintf(stdout, \"\\n%*s%s\\n\", indent, \"\", line);\n\t\tfor (i = 0; i < len; i++)\n\t\t\tfputc('=', stdout);\n\t\tfputs(\"\\n\", stdout);\n\t\tbreak;\n\n\tdefault:\n\t\tputs(line);\n\t\tbreak;\n\t}\n}\n\n/*\n * Connects to the IPC socket of the server\n */\nstatic int ipc_connect(char *path)\n{\n\tstruct sockaddr_un sa;\n\tsocklen_t len;\n\tint sd;\n\n\tsd = socket(AF_UNIX, SOCK_STREAM, 0);\n\tif (sd < 0)\n\t\treturn -1;\n\n#ifdef HAVE_SOCKADDR_UN_SUN_LEN\n\tsa.sun_len = 0;\t/* <- correct length is set by the OS */\n#endif\n\tsa.sun_family = AF_UNIX;\n\tif (!path)\n\t\tsnprintf(sa.sun_path, sizeof(sa.sun_path), \"%s/%s.sock\", RUNSTATEDIR, ident);\n\telse\n\t\tsnprintf(sa.sun_path, sizeof(sa.sun_path), \"%s\", path);\n\n\tlen = offsetof(struct sockaddr_un, sun_path) + strlen(sa.sun_path);\n\tif (connect(sd, (struct sockaddr *)&sa, len) < 0) {\n\t\tint err = errno;\n\n\t\tif (ENOENT == errno)\n\t\t\twarnx(\"Cannot find IPC socket %s\", sa.sun_path);\n\n\t\tclose(sd);\n\t\terrno = err;\n\n\t\treturn -1;\n\t}\n\n\treturn sd;\n}\n\nstatic int ipc_command(uint16_t cmd, char *argv[], size_t count)\n{\n\tchar buf[MX_CMDPKT_SZ + 1];\n\tstruct ipc_msg *msg;\n\tint retries = 30;\n\tint result = 0;\n\tssize_t total;\n\tssize_t len;\n\tFILE *fp;\n\tint sd;\n\n\tmsg = msg_create(cmd, argv, count);\n\tif (!msg) {\n\t\twarn(\"Failed constructing IPC command\");\n\t\treturn 1;\n\t}\n\n\twhile ((sd = ipc_connect(sock_file)) < 0) {\n\t\tswitch (errno) {\n\t\tcase EACCES:\n\t\t\twarnx(\"Need root privileges to connect to daemon\");\n\t\t\tbreak;\n\n\t\tcase ECONNREFUSED:\n\t\t\tif (--retries) {\n\t\t\t\tusleep(100000);\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\twarnx(\"Daemon not running\");\n\t\t\tbreak;\n\n\t\tcase ENOENT:\n\t\t\tif (!sock_file) {\n\t\t\t\twarnx(\"Daemon may be running with another -i NAME\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\t/* fallthrough */\n\n\t\tdefault:\n\t\t\twarn(\"Failed connecting to daemon\");\n\t\t\tbreak;\n\t\t}\n\n\t\tfree(msg);\n\t\treturn 1;\n\t}\n\n\t/* Send command */\n\tif (write(sd, msg, msg->len) != (ssize_t)msg->len) {\n\t\twarn(\"Communication with daemon failed\");\n\t\tclose(sd);\n\t\tfree(msg);\n\n\t\treturn 1;\n\t}\n\n\tfp = tempfile();\n\tif (!fp) {\n\t\tclose(sd);\n\t\tfree(msg);\n\t\terr(EX_OSERR, \"Failed creating tempfile()\");\n\t}\n\n\ttotal = 0;\n\twhile ((len = read(sd, buf, sizeof(buf) - 1)) > 0) {\n\t\ttotal += len;\n\t\tbuf[len] = 0;\n\t\tfwrite(buf, len, 1, fp);\n\t}\n\trewind(fp);\n\n\tif (total > 1) {\n\t\tif (cmd == 'S' || cmd == 's') {\n\t\t\twhile (fgets(buf, sizeof(buf), fp))\n\t\t\t\tprint(buf, 0);\n\t\t} else {\n\t\t\tif (fgets(buf, sizeof(buf), fp))\n\t\t\t\twarnx(\"%s\", buf);\n\t\t\tresult = 1;\n\t\t}\n\t}\n\n\tfclose(fp);\n\tclose(sd);\n\tfree(msg);\n\n\treturn result;\n}\n\nstatic int usage(int code)\n{\n\tint i;\n\n\tprintf(\"Usage:\\n %s [OPTIONS] CMD [ARGS]\\n\\n\", prognm);\n\n\tprintf(\"Options:\\n\");\n\tfor (i = 0; args[i].val; i++) {\n\t\tif (!args[i].help)\n\t\t\tcontinue;\n\n\t\tif (args[i].name)\n\t\t\tcontinue;\n\n\t\tprintf(\" -%c %-10s %s\\n\", args[i].val, args[i].arg ? args[i].arg : \"\", args[i].help);\n\t}\n\n\tprintf(\"\\nCommands:\\n\");\n\tfor (i = 0; args[i].val; i++) {\n\t\tif (!args[i].help)\n\t\t\tcontinue;\n\n\t\tif (!args[i].name)\n\t\t\tcontinue;\n\n\t\tprintf(\" %-7s %s %s\\n\", args[i].name,\n\t\t args[i].min_args ? \"ARGS\" : \" \", args[i].help);\n\t}\n\n\tprintf(\"\\nArguments:\\n\"\n\t \" <---------- INBOUND ------------> <- OUTBOUND ->\\n\"\n\t \" add IIF [SOURCE-IP[/LEN]] GROUP[/LEN] OIF [OIF ... ]\\n\"\n\t \" remove IIF [SOURCE-IP[/LEN]] GROUP[/LEN]\\n\"\n\t \"\\n\"\n\t \" join IIF [SOURCE-IP[/LEN]] GROUP[/LEN]\\n\"\n\t \" leave IIF [SOURCE-IP[/LEN]] GROUP[/LEN]\\n\"\n\t \"\\n\"\n\t \" show interfaces Show configured multicast interfaces\\n\"\n\t \" show groups Show joined multicast groups\\n\"\n\t \" show routes Show (*,G) and (S,G) multicast routes, default\\n\"\n\t \"\\n\"\n\t \"Note:\\n\"\n\t \" Inbound (IIF) and outbound (OIF) interfaces can be either an interface\\n\"\n\t \" name or a wildcard. E.g., \\\"eth+\\\" matches eth0, eth15, etc.\\n\"\n\t \"\\n\");\n\n\treturn code;\n}\n\nstatic int version(void)\n{\n\tputs(version_info);\n\tprintf(\"\\n\"\n\t \"Bug report address: %s\\n\", PACKAGE_BUGREPORT);\n#ifdef PACKAGE_URL\n\tprintf(\"Project homepage: %s\\n\", PACKAGE_URL);\n#endif\n\treturn 0;\n}\n\nstatic int parse(int pos, int argc, char *argv[])\n{\n\tstruct arg *cmd = NULL;\n\tint status = 0;\n\tint c;\n\n\twhile (pos < argc && !cmd) {\n\t\tchar *arg = argv[pos];\n\t\tint i;\n\n\t\tfor (i = 0; args[i].val; i++) {\n\t\t\tchar *nm = args[i].name;\n\t\t\tsize_t len;\n\n\t\t\tif (!nm)\n\t\t\t\tcontinue;\n\n\t\t\tlen = MIN(strlen(nm), strlen(arg));\n\t\t\tif (strncmp(arg, nm, len))\n\t\t\t\tcontinue;\n\n\t\t\tc = args[i].val;\n\t\t\tswitch (c) {\n\t\t\tcase 'h':\n\t\t\t\thelp++;\n\t\t\t\tbreak;\n\n\t\t\tcase 'v':\n\t\t\t\treturn version();\n\n\t\t\tdefault:\n\t\t\t\tcmd = &args[i];\n\t\t\t\tif (help)\n\t\t\t\t\tgoto help;\n\t\t\t\tif (argc - (pos + 1) < args[i].min_args) {\n\t\t\t\t\twarnx(\"Not enough arguments to command %s\", nm);\n\t\t\t\t\tstatus = 1;\n\t\t\t\t\tgoto help;\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\t}\n\n\t\t\tbreak;\t/* Next arg */\n\t\t}\n\t\tpos++;\n\t}\n\n\tif (help) {\n\t\tif (!cmd)\n\t\t\treturn usage(0);\n\thelp:\n\t\twhile (!cmd->help)\n\t\t\tcmd--;\n\t\tprintf(\"Help:\\n\"\n\t\t \" %s\\n\\n\"\n\t\t \"Example:\\n\"\n\t\t \" %s %s %s\\n\\n\", cmd->help,\n\t\t prognm, cmd->name, cmd->example ? cmd->example : \"\");\n\t\treturn status;\n\t}\n\n\tif (!cmd)\n\t\treturn ipc_command(detail ? 'S' : 's', NULL, 0);\n\n\tc = cmd->val;\n\tif (detail && cmd->has_detail)\n\t\tc -= 0x20;\n\n\treturn ipc_command(c, &argv[pos], argc - pos);\n}\n\nstatic int batch(void)\n{\n\tchar line[512];\n\tint rc = 0;\n\n\twhile (fgets(line, sizeof(line), stdin)) {\n\t\tchar *ptr, *token, *args[10];\n\t\tint num = 0;\n\n\t\tptr = chomp(line);\n\t\tif (ptr[0] == '#')\n\t\t\tcontinue;\n\n\t\twhile (num < 9 && (token = strsep(&ptr, \" \\t\")))\n\t\t\targs[num++] = token;\n\n\t\tif (!num)\n\t\t\tcontinue;\n\n\t\trc += parse(0, num, args);\n\t}\n\n\treturn rc;\n}\n\nstatic const char *progname(const char *arg0)\n{\n\tconst char *nm;\n\n\tnm = strrchr(arg0, '/');\n\tif (nm)\n\t\tnm++;\n\telse\n\t\tnm = arg0;\n\n\treturn nm;\n}\n\nint main(int argc, char *argv[])\n{\n\tint batch_mode = 0;\n\tint c;\n\n\tprognm = progname(argv[0]);\n\twhile ((c = getopt(argc, argv, \"bdhI:i:ptu:v\")) != EOF) {\n\t\tswitch (c) {\n\t\tcase 'b':\n\t\t\tbatch_mode = 1;\n\t\t\tbreak;\n\n\t\tcase 'd':\n\t\t\tdetail++;\n\t\t\tbreak;\n\n\t\tcase 'h':\n\t\t\thelp++;\n\t\t\tbreak;\n\n\t\tcase 'I':\t/* compat with previous versions */\n\t\tcase 'i':\n\t\t\tident = optarg;\n\t\t\tbreak;\n\n\t\tcase 'p':\n\t\t\tplain = 1;\n\t\t\tbreak;\n\n\t\tcase 't':\n\t\t\theading = 0;\n\t\t\tbreak;\n\n\t\tcase 'u':\n\t\t\tsock_file = optarg;\n\t\t\tbreak;\n\n\t\tcase 'v':\n\t\t\treturn version();\n\n\t\tdefault:\n\t\t\treturn usage(1);\n\t\t}\n\t}\n\n\tif (batch_mode)\n\t\treturn batch();\n\n\treturn parse(optind, argc, argv);\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/smcrouted.c", "content": "/* Static multicast routing daemon\n *\n * Copyright (C) 2011-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \"config.h\"\n\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \t\t/* gettimeofday() */\n#include \n\n#include \"cap.h\"\n#include \"ipc.h\"\n#include \"log.h\"\n#include \"msg.h\"\n#include \"conf.h\"\n#include \"iface.h\"\n#include \"util.h\"\n#include \"timer.h\"\n#include \"notify.h\"\n#include \"script.h\"\n#include \"socket.h\"\n#include \"mrdisc.h\"\n#include \"mroute.h\"\n#include \"mcgroup.h\"\n\nint background = 1;\nint do_vifs = 1;\nint do_syslog = 1;\nint cache_tmo = 60;\nint interval = MRDISC_INTERVAL_DEFAULT;\nint startup_delay = 0;\nint exit_delay = 0;\nint table_id = 0;\n\nchar *script = NULL;\nchar *ident = PACKAGE;\nconst char *prognm = NULL;\nchar *pid_file = NULL;\nchar *conf_file = NULL;\nchar *sock_file = NULL;\nint conf_vrfy = 0;\n\nstatic uid_t uid = 0;\nstatic gid_t gid = 0;\n\nvolatile sig_atomic_t reloading = 0;\nvolatile sig_atomic_t running = 1;\n\nstatic const char version_info[] = PACKAGE_NAME \" v\" PACKAGE_VERSION;\n\n\n/* Cleans up, i.e. releases allocated resources. Called via atexit() */\nstatic void clean(void)\n{\n\ttimer_exit();\n\tmroute_exit();\n\tmcgroup_exit();\n\tipc_exit();\n\tiface_exit();\n\tsmclog(LOG_NOTICE, \"Exiting.\");\n}\n\nvoid reload(void)\n{\n\tnotify_reload();\n\n\tmcgroup_reload_beg();\n\tmroute_reload_beg();\n\n\tiface_update();\n\tconf_read(conf_file, do_vifs);\n\n\tmroute_reload_end(do_vifs);\n\tmcgroup_reload_end();\n\n\t/* Acknowledge client SIGHUP/reload */\n\tnotify_ready(NULL, uid, gid);\n}\n\n/*\n * Signal handler. Take note of the fact that the signal arrived\n * so that the main loop can take care of it.\n */\nstatic void handler(int signo)\n{\n\tswitch (signo) {\n\tcase SIGINT:\n\tcase SIGTERM:\n\t\trunning = 0;\n\t\tbreak;\n\n\tcase SIGHUP:\n\t\treloading = 1;\n\t\tbreak;\n\t}\n}\n\nstatic void signal_init(void)\n{\n\tstruct sigaction sa;\n\n\tsa.sa_handler = handler;\n\tsa.sa_flags = 0;\t/* Interrupt system calls */\n\tsigemptyset(&sa.sa_mask);\n\tif (sigaction(SIGHUP, &sa, NULL) ||\n\t sigaction(SIGTERM, &sa, NULL) ||\n\t sigaction(SIGINT, &sa, NULL))\n\t\tsmclog(LOG_WARNING, \"Failed setting up signal handlers: %s\", strerror(errno));\n}\n\nstatic void server_exit(void *arg)\n{\n\t(void)arg;\n\tsmclog(LOG_NOTICE, \"Exit delay timer expired.\");\n\texit(0);\n}\n\nstatic int server_loop(void)\n{\n\tscript_init(script);\n\tmrdisc_init(interval);\n\n\twhile (running) {\n\t\tif (reloading) {\n\t\t\treload();\n\t\t\treloading = 0;\n\t\t}\n\n\t\tsocket_poll(NULL);\n\t}\n\n\treturn 0;\n}\n\n/* Init everything before forking, so we can fail and return an\n * error code in the parent and the initscript will fail */\nstatic int start_server(void)\n{\n\tint api = 2, busy = 0;\n\n\tif (geteuid() != 0) {\n\t\tsmclog(LOG_ERR, \"Need root privileges to start %s\", prognm);\n\t\treturn EX_NOPERM;\n\t}\n\n\tif (background) {\n\t\tif (daemon(0, 0) < 0) {\n\t\t\tsmclog(LOG_ERR, \"Failed daemonizing: %s\", strerror(errno));\n\t\t\treturn EX_OSERR;\n\t\t}\n\t}\n\n\t/* Hello world! */\n\tsmclog(LOG_NOTICE, \"%s\", version_info);\n\n\tif (startup_delay > 0) {\n\t\tsmclog(LOG_INFO, \"Startup delay requested, waiting %d sec before continuing.\", startup_delay);\n\t\tsleep(startup_delay);\n\t}\n\n\t/*\n\t * Timer API needs to be initilized before mroute_init()\n\t */\n\ttimer_init();\n\n\tif (exit_delay > 0) {\n\t\tsmclog(LOG_INFO, \"Exit delay requested, starting background timer, %d sec\", exit_delay);\n\t\ttimer_add(exit_delay, server_exit, NULL);\n\t}\n\n\t/*\n\t * Build list of multicast-capable physical interfaces\n\t */\n\tiface_init();\n\n\tif (mroute_init(do_vifs, table_id, cache_tmo)) {\n\t\tif (errno == EADDRINUSE)\n\t\t\tbusy++;\n\t\tapi--;\n\t}\n\n\t/* At least one API (IPv4 or IPv6) must have initialized successfully\n\t * otherwise we abort the server initialization. */\n\tif (!api) {\n\t\tif (busy) {\n\t\t\tsmclog(LOG_ERR, \"Another multicast routing application is already running.\");\n\t\t\texit(EX_UNAVAILABLE);\n\t\t}\n\n\t\tsmclog(LOG_ERR, \"Kernel does not support multicast routing.\");\n\t\texit(EX_PROTOCOL);\n\t}\n\n\tatexit(clean);\n\tsignal_init();\n\tmcgroup_init();\n\tipc_init(sock_file);\n\n\tconf_read(conf_file, do_vifs);\n\n\t/* Everything setup, notify any clients waiting for us */\n\tnotify_ready(pid_file, uid, gid);\n\n\t/* Drop root privileges before entering the server loop */\n\tcap_drop_root(uid, gid);\n\n\treturn server_loop();\n}\n\nstatic void cleanup(void)\n{\n\tif (conf_file)\n\t\tfree(conf_file);\n\tconf_file = NULL;\n\tif (sock_file)\n\t\tfree(sock_file);\n\tsock_file = NULL;\n}\n\nstatic int compose_paths(void)\n{\n\t/* Default .conf file path: \"/etc\" + '/' + \"smcroute\" + \".conf\" */\n\tif (!conf_file) {\n\t\tsize_t len = strlen(SYSCONFDIR) + strlen(ident) + 7;\n\n\t\tconf_file = malloc(len);\n\t\tif (!conf_file) {\n\t\t\tsmclog(LOG_ERR, \"Failed allocating memory, exiting: %s\", strerror(errno));\n\t\t\texit(EX_OSERR);\n\t\t}\n\n\t\tsnprintf(conf_file, len, \"%s/%s.conf\", SYSCONFDIR, ident);\n\t}\n\n\tif (!sock_file) {\n\t\tsize_t len = strlen(RUNSTATEDIR) + strlen(ident) + 7;\n\n\t\tsock_file = malloc(len);\n\t\tif (!sock_file) {\n\t\t\tsmclog(LOG_ERR, \"Failed allocating memory, exiting: %s\", strerror(errno));\n\t\t\texit(EX_OSERR);\n\t\t}\n\n\t\tsnprintf(sock_file, len, \"%s/%s.sock\", RUNSTATEDIR, ident);\n\t}\n\n\t/* Default is to let pidfile() API construct PID file from ident */\n\tif (!pid_file)\n\t\tpid_file = ident;\n\n\tatexit(cleanup);\n\n\treturn 0;\n}\n\nstatic int usage(int code)\n{\n char *pidfn;\n\tsize_t len;\n\n\tcompose_paths();\n\tlen = sizeof(RUNSTATEDIR) + strlen(pid_file) + 6;\n\tpidfn = malloc(len);\n\tif (!pidfn)\n\t\terr(EX_OSERR, \"Failed allocating memory for PID file name\");\n\n\tif (pid_file[0] != '/')\n\t\tsnprintf(pidfn, len, \"%s/%s.pid\", RUNSTATEDIR, pid_file);\n\telse\n\t\tsnprintf(pidfn, len, \"%s\", pid_file);\n\n\tprintf(\"Usage:\\n\"\n\t \" %s [-hnNsv] [-c SEC] [-d SEC] [-e CMD] [-f FILE] [-i NAME] [-l LVL] \"\n\t \"\\n\"\n\t \" \"\n#ifdef ENABLE_MRDISC\n\t \"[-m SEC] \"\n#endif\n\t \"[-P FILE] [-t ID] [-u FILE]\\n\"\n\t \"\\n\"\n\t \"Options:\\n\"\n\t \" -c SEC Flush dynamic (*,G) multicast routes every SEC seconds,\\n\"\n\t \" default 60 sec. Useful when source/interface changes\\n\"\n\t \" -d SEC Startup delay, useful for delaying interface probe at boot\\n\"\n\t \" -e CMD Script or command to call on startup/reload when all routes\\n\"\n\t \" have been installed, or when a (*,G) is installed\\n\"\n\t \" -f FILE Configuration file, default use ident NAME: %s\\n\"\n\t \" -F FILE Check configuration file syntax, use -l to increase verbosity\\n\"\n\t \" -h This help text\\n\"\n\t \" -i NAME Identity for .conf/.pid/.sock file, and syslog, default: %s\\n\"\n\t \" -l LVL Set log level: none, err, notice*, info, debug\\n\"\n#ifdef ENABLE_MRDISC\n\t \" -m SEC Multicast router discovery, 4-180, default: 20 sec\\n\"\n#endif\n\t \" -n Run daemon in foreground, when started by systemd or finit\\n\"\n\t \" -N No multicast VIFs/MIFs created by default. Use with\\n\"\n\t \" smcroute.conf `phyint enable` directive\\n\"\n#ifdef ENABLE_LIBCAP\n\t \" -p USER[:GROUP] After initialization set UID and GID to USER and GROUP\\n\"\n#endif\n\t \" -P FILE Set daemon PID file name, with optional path.\\n\"\n\t \" Default use ident NAME: %s\\n\"\n\t \" -s Use syslog, default unless running in foreground, -n\\n\"\n\t \" -t ID Set multicast routing table ID, default: 0\\n\"\n\t \" -u FILE UNIX domain socket path, for use with smcroutectl.\\n\"\n\t \" Default use ident NAME: %s\\n\"\n\t \" -v Show program version and support information\\n\"\n\t \"\\n\", prognm, conf_file, ident, pidfn, sock_file);\n\n\tfree(pidfn);\n\tcleanup();\n\n\treturn code;\n}\n\nstatic const char *progname(const char *arg0)\n{\n\tconst char *nm;\n\n\tnm = strrchr(arg0, '/');\n\tif (nm)\n\t\tnm++;\n\telse\n\t\tnm = arg0;\n\n\treturn nm;\n}\n\n/**\n * main - Main program\n *\n * Parses command line options and enters either daemon or client mode.\n *\n * In daemon mode, acquires multicast routing sockets, opens IPC socket\n * and goes in receive-execute command loop.\n *\n * In client mode, creates commands from command line and sends them to\n * the daemon.\n */\nint main(int argc, char *argv[])\n{\n\tint log_opts = LOG_NDELAY | LOG_PID;\n\tint c, new_log_level = -1;\n\n\tprognm = progname(argv[0]);\n\twhile ((c = getopt(argc, argv, \"c:d:D:e:f:F:hI:i:l:m:nNp:P:st:u:v\")) != EOF) {\n\t\tswitch (c) {\n\t\tcase 'c':\t/* cache timeout */\n\t\t\tcache_tmo = atoi(optarg);\n\t\t\tbreak;\n\n\t\tcase 'd':\n\t\t\tstartup_delay = atoi(optarg);\n\t\t\tbreak;\n\n\t\tcase 'D':\t\t/* Undocumented, used for testing. */\n\t\t\texit_delay = atoi(optarg);\n\t\t\tbreak;\n\n\t\tcase 'e':\n\t\t\tscript = optarg;\n\t\t\tbreak;\n\n\t\tcase 'F':\n\t\t\tlog_level = LOG_INFO; /* Raise log level for verify */\n\t\t\tconf_vrfy = 1;\n\t\t\t/* fallthrough */\n\t\tcase 'f':\n\t\t\tconf_file = strdup(optarg);\n\t\t\tbreak;\n\n\t\tcase 'h':\t/* help */\n\t\t\treturn usage(EX_OK);\n\n\t\tcase 'I':\t/* compat with previous versions */\n\t\tcase 'i':\n\t\t\tident = optarg;\n\t\t\tbreak;\n\n\t\tcase 'l':\n\t\t\tnew_log_level = loglvl(optarg);\n\t\t\tbreak;\n\n\t\tcase 'm':\n#ifndef ENABLE_MRDISC\n\t\t\twarnx(\"Built without mrdisc support.\");\n#else\n\t\t\tinterval = atoi(optarg);\n\t\t\tif (interval < 4 || interval > 180)\n\t\t\t\terrx(1, \"Invalid mrdisc announcement interval, 4-180.\");\n#endif\n\t\t\tbreak;\n\n\t\tcase 'n':\t/* run daemon in foreground, i.e., do not fork */\n\t\t\tbackground = 0;\n\t\t\tdo_syslog--;\n\t\t\tbreak;\n\n\t\tcase 'N':\n\t\t\tdo_vifs = 0;\n\t\t\tbreak;\n\n\t\tcase 'p':\n\t\t\tcap_set_user(optarg, &uid, &gid);\n\t\t\tbreak;\n\n\t\tcase 'P':\n\t\t\t/* Handled separately from the other files, no strdup() */\n\t\t\tpid_file = optarg;\n\t\t\tbreak;\n\n\t\tcase 's':\t/* Force syslog even though in foreground */\n\t\t\tdo_syslog++;\n\t\t\tbreak;\n\n\t\tcase 't':\n#ifndef __linux__\n\t\t\terrx(1, \"Different multicast routing tables only available on Linux.\");\n#else\n\t\t\ttable_id = atoi(optarg);\n\t\t\tif (table_id < 0)\n\t\t\t\treturn usage(EX_USAGE);\n#endif\n\t\t\tbreak;\n\n\t\tcase 'u':\n\t\t\tsock_file = strdup(optarg);\n\t\t\tbreak;\n\n\t\tcase 'v':\t/* version */\n\t\t\tputs(version_info);\n\t\t\tprintf(\"\\n\"\n\t\t\t \"Bug report address: %s\\n\", PACKAGE_BUGREPORT);\n#ifdef PACKAGE_URL\n\t\t\tprintf(\"Project homepage: %s\\n\", PACKAGE_URL);\n#endif\n\t\t\treturn EX_OK;\n\n\t\tdefault:\t/* unknown option */\n\t\t\treturn usage(EX_USAGE);\n\t\t}\n\t}\n\n\tif (new_log_level != -1)\n\t\tlog_level = new_log_level;\n\n\tcompose_paths();\n\n\tif (conf_vrfy) {\n\t\tsmclog(LOG_INFO, \"Verifying configuration file %s ...\", conf_file);\n\t\tiface_init();\n\t\tc = conf_read(conf_file, do_vifs);\n\t\tiface_exit();\n\n\t\treturn c;\n\t}\n\n\tif (!background && do_syslog < 1)\n\t\tlog_opts |= LOG_PERROR;\n\n\topenlog(ident, log_opts, LOG_DAEMON);\n\tsetlogmask(LOG_UPTO(log_level));\n\n\treturn start_server();\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/socket.c", "content": "/* Socket helper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \"config.h\"\n#include \"queue.h\"\n\n#include \n#ifdef HAVE_FCNTL_H\n#include \n#endif\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n\n#include \"log.h\"\n\nstruct sock {\n\tLIST_ENTRY(sock) link;\n\n\tint sd;\n\n\tvoid (*cb)(int, void *arg);\n\tvoid *arg;\n};\n\nstatic int max_fdnum = -1;\nstatic LIST_HEAD(slist, sock) sock_list = LIST_HEAD_INITIALIZER();\n\n\nint nfds(void)\n{\n\treturn max_fdnum + 1;\n}\n\n/*\n * register socket/fd/pipe created elsewhere, optional callback\n */\nint socket_register(int sd, void (*cb)(int, void *), void *arg)\n{\n\tstruct sock *entry;\n\n\tentry = malloc(sizeof(*entry));\n\tif (!entry) {\n\t\tsmclog(LOG_ERR, \"Failed allocating memory registering socket: %s\", strerror(errno));\n\t\texit(EX_OSERR);\n\t}\n\n\tentry->sd = sd;\n\tentry->cb = cb;\n\tentry->arg = arg;\n\tLIST_INSERT_HEAD(&sock_list, entry, link);\n\n#if !defined(HAVE_SOCK_CLOEXEC) && defined(HAVE_FCNTL_H)\n\tfcntl(sd, F_SETFD, fcntl(sd, F_GETFD) | FD_CLOEXEC);\n#endif\n\n\t/* Keep track for select() */\n\tif (sd > max_fdnum)\n\t\tmax_fdnum = sd;\n\n\treturn sd;\n}\n\n/*\n * create socket, with optional callback for reading inbound data\n */\nint socket_create(int domain, int type, int proto, void (*cb)(int, void *), void *arg)\n{\n\tint val = 0;\n\tint sd;\n\n#ifdef HAVE_SOCK_CLOEXEC\n\ttype |= SOCK_CLOEXEC;\n#endif\n\tsd = socket(domain, type, proto);\n\tif (sd < 0)\n\t\treturn -1;\n\n\tif (domain == AF_UNIX)\n\t\tgoto done;\n\n#ifdef HAVE_IPV6_MULTICAST_HOST\n\tif (domain == AF_INET6) {\n\t\tif (setsockopt(sd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &val, sizeof(val)))\n\t\t\tsmclog(LOG_WARNING, \"failed disabling IPV6_MULTICAST_LOOP: %s\", strerror(errno));\n#ifdef IPV6_MULTICAST_ALL\n\t\tif (setsockopt(sd, IPPROTO_IPV6, IPV6_MULTICAST_ALL, &val, sizeof(val)))\n\t\t\tsmclog(LOG_WARNING, \"failed disabling IPV6_MULTICAST_ALL: %s\", strerror(errno));\n#endif\n\t} else\n#endif /* HAVE_IPV6_MULTICAST_HOST */\n\t{\n\n\t\tif (setsockopt(sd, IPPROTO_IP, IP_MULTICAST_LOOP, &val, sizeof(val)))\n\t\t\tsmclog(LOG_WARNING, \"failed disabling IP_MULTICAST_LOOP: %s\", strerror(errno));\n#ifdef IP_MULTICAST_ALL\n\t\tif (setsockopt(sd, IPPROTO_IP, IP_MULTICAST_ALL, &val, sizeof(val)))\n\t\t\tsmclog(LOG_WARNING, \"failed disabling IP_MULTICAST_ALL: %s\", strerror(errno));\n#endif\n\t}\ndone:\n\tif (socket_register(sd, cb, arg) < 0) {\n\t\tclose(sd);\n\t\treturn -1;\n\t}\n\n\treturn sd;\n}\n\nint socket_close(int sd)\n{\n\tstruct sock *entry, *tmp;\n\n\tLIST_FOREACH_SAFE(entry, &sock_list, link, tmp) {\n\t\tif (entry->sd == sd) {\n\t\t\tLIST_REMOVE(entry, link);\n\t\t\tclose(entry->sd);\n\t\t\tfree(entry);\n\n\t\t\treturn 0;\n\t\t}\n\t}\n\n\terrno = ENOENT;\n\treturn -1;\n}\n\nint socket_poll(struct timeval *timeout)\n{\n\tint num;\n\tfd_set fds;\n\tstruct sock *entry;\n\n\tFD_ZERO(&fds);\n\tLIST_FOREACH(entry, &sock_list, link)\n\t\tFD_SET(entry->sd, &fds);\n\n\tnum = select(nfds(), &fds, NULL, NULL, timeout);\n\tif (num <= 0) {\n\t\t/* Log all errors, except when signalled, ignore failures. */\n\t\tif (num < 0 && EINTR != errno)\n\t\t\tsmclog(LOG_WARNING, \"Failed select(): %s\", strerror(errno));\n\n\t\treturn num;\n\t}\n\n\tLIST_FOREACH(entry, &sock_list, link) {\n\t\tif (!FD_ISSET(entry->sd, &fds))\n\t\t\tcontinue;\n\n\t\tif (entry->cb)\n\t\t\tentry->cb(entry->sd, entry->arg);\n\t}\n\n\treturn num;\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/socket.h", "content": "/* Helper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#ifndef SMCROUTE_SOCKET_H_\n#define SMCROUTE_SOCKET_H_\n\n#include \n#include \n#include \n\nint socket_register(int sd, void (*cb)(int, void *), void *arg);\nint socket_create (int domain, int type, int proto, void (*cb)(int, void *), void *arg);\nint socket_close (int sd);\nint socket_poll (struct timeval *timeout);\n\n#endif /* SMCROUTE_SOCKET_H_ */\n" }, { "path": "src/systemd.c", "content": "/* systemd service monitor backend */\n#include \n#include \n\nvoid systemd_notify_ready(const char *status)\n{\n\tsd_notifyf(0, \"READY=1\\nSTATUS=%s\\nMAINPID=%lu\\n\", status, (unsigned long)getpid());\n}\n\nvoid systemd_notify_reload(const char *status)\n{\n\tsd_notifyf(0, \"RELOADING=1\\nSTATUS=%s\\n\", status);\n}\n\n" }, { "path": "src/timer.c", "content": "/* Timer helper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#include \"queue.h\"\n\n#include \n#include \n#include \t\t/* memset() */\n#include \t\t/* malloc() */\n#include \n#include \t\t/* read()/write() */\n#include \n\n#include \"log.h\"\n#include \"socket.h\"\n#include \"timer.h\"\n\n/*\n * TODO\n * - Timers should ideally be sorted in priority order, and/or\n * - Investigate using the pipe to notify which timer expired\n */\nstruct timer {\n\tLIST_ENTRY(timer) link;\n\tint active;\t/* Set to 0 to delete */\n\n\tint period;\t/* period time in seconds */\n\tstruct timespec timeout;\n\n\tvoid (*cb)(void *arg);\n\tvoid *arg;\n};\n\nstatic timer_t timer;\nstatic int timerfd[2];\nstatic LIST_HEAD(tlist, timer) timer_list = LIST_HEAD_INITIALIZER();\n\n\nstatic void set(struct timer *t, struct timespec *now)\n{\n\tt->timeout.tv_sec = now->tv_sec + t->period;\n\tt->timeout.tv_nsec = now->tv_nsec;\n}\n\nstatic int expired(struct timer *t, struct timespec *now)\n{\n\tlong round_nsec;\n\n\tround_nsec = now->tv_nsec + 250000000;\n\tround_nsec = round_nsec > 999999999 ? 999999999 : round_nsec;\n\n\tif (t->timeout.tv_sec < now->tv_sec)\n\t\treturn 1;\n\n\tif (t->timeout.tv_sec == now->tv_sec && t->timeout.tv_nsec <= round_nsec)\n\t\treturn 1;\n\n\treturn 0;\n}\n\nstatic struct timer *compare(struct timer *a, struct timer *b)\n{\n\tif (a->timeout.tv_sec <= b->timeout.tv_sec) {\n\t\tif (a->timeout.tv_sec == b->timeout.tv_sec) {\n\t\t\tif (a->timeout.tv_nsec <= b->timeout.tv_nsec)\n\t\t\t\treturn a;\n\n\t\t\treturn b;\n\t\t}\n\n\t\treturn a;\n\t}\n\n\treturn b;\n}\n\nstatic struct timer *find(void (*cb), void *arg)\n{\n\tstruct timer *entry;\n\n\tLIST_FOREACH(entry, &timer_list, link) {\n\t\tif (entry->cb != cb || entry->arg != arg)\n\t\t\tcontinue;\n\n\t\treturn entry;\n\t}\n\n\treturn NULL;\n}\n\n\nstatic int start(struct timespec *now)\n{\n\tstruct itimerspec it = { 0 };\n\tstruct timer *next, *entry;\n\n\tif (LIST_EMPTY(&timer_list))\n\t\treturn -1;\n\n\tnext = LIST_FIRST(&timer_list);\n\tLIST_FOREACH(entry, &timer_list, link)\n\t\tnext = compare(next, entry);\n\n\tit.it_value.tv_sec = next->timeout.tv_sec - now->tv_sec;\n\tit.it_value.tv_nsec = next->timeout.tv_nsec - now->tv_nsec;\n\tif (it.it_value.tv_nsec < 0) {\n\t\tit.it_value.tv_sec -= 1;\n\t\tit.it_value.tv_nsec = 1000000000 + it.it_value.tv_nsec;\n\t}\n\tif (it.it_value.tv_sec < 0)\n\t\tit.it_value.tv_sec = 0;\n\n\tif (timer_settime(timer, 0, &it, NULL))\n\t\tsmclog(LOG_ERR, \"Failed starting %.1f sec period timer, errno %d: %s\",\n\t\t difftime(next->timeout.tv_sec, now->tv_sec), errno, strerror(errno));\n\n\treturn 0;\n}\n\n/* callback for activity on pipe */\nstatic void run(int sd, void *arg)\n{\n\tstruct timer *entry, *tmp;\n\tstruct timespec now;\n\tchar dummy;\n\n\t(void)arg;\n\tif (read(sd, &dummy, 1) < 0)\n\t\tsmclog(LOG_DEBUG, \"Failed read(pipe): %s\", strerror(errno));\n\n\tclock_gettime(CLOCK_MONOTONIC, &now);\n\tLIST_FOREACH_SAFE(entry, &timer_list, link, tmp) {\n\t\tif (expired(entry, &now)) {\n\t\t\tif (entry->cb)\n\t\t\t\tentry->cb(entry->arg);\n\t\t\tset(entry, &now);\n\t\t}\n\n\t\tif (!entry->active) {\n\t\t\tLIST_REMOVE(entry, link);\n\t\t\tfree(entry);\n\t\t}\n\t}\n\n\tstart(&now);\n}\n\n/* write to pipe to create an event for select() on SIGALRM */\nstatic void handler(int signo)\n{\n\t(void)signo;\n\tif (write(timerfd[1], \"!\", 1) < 0)\n\t\tsmclog(LOG_DEBUG, \"Failed write(pipe): %s\", strerror(errno));\n}\n\n/*\n * register signal pipe and callbacks\n */\nint timer_init(void)\n{\n\tstruct sigaction sa;\n\n\tif (pipe(timerfd)) {\n\t\tsmclog(LOG_ERR, \"Failed creating timer pipe(): %s\", strerror(errno));\n\t\texit(EX_OSERR);\n\t}\n\n\tsocket_register(timerfd[0], run, NULL);\n\tsocket_register(timerfd[1], NULL, NULL);\n\n\tsa.sa_handler = handler;\n\tsa.sa_flags = 0;\n\tsigemptyset(&sa.sa_mask);\n\tsigaction(SIGALRM, &sa, NULL);\n\n\tif (timer_create(CLOCK_MONOTONIC, NULL, &timer)) {\n\t\tsocket_close(timerfd[0]);\n\t\tsocket_close(timerfd[1]);\n\t\treturn -1;\n\t}\n\n\treturn 0;\n}\n\n/*\n * cleanup and free for program exit\n */\nvoid timer_exit(void)\n{\n\tstruct timer *entry, *tmp;\n\n\ttimer_delete(timer);\n\n\tsocket_close(timerfd[0]);\n\tsocket_close(timerfd[1]);\n\n\tLIST_FOREACH_SAFE(entry, &timer_list, link, tmp) {\n\t\tLIST_REMOVE(entry, link);\n\t\tfree(entry);\n\t}\n}\n\n/*\n * create periodic timer (seconds)\n */\nint timer_add(int period, void (*cb)(void *), void *arg)\n{\n\tstruct timespec now;\n\tstruct timer *t;\n\n\tt = find(cb, arg);\n\tif (t && t->active) {\n\t\terrno = EEXIST;\n\t\treturn -1;\n\t}\n\n\tif (clock_gettime(CLOCK_MONOTONIC, &now) < 0)\n\t\treturn -1;\n\n\tt = malloc(sizeof(*t));\n\tif (!t) {\n\t\tsmclog(LOG_ERR, \"Out of memory in %s()\", __func__);\n\t\texit(EX_OSERR);\n\t}\n\n\tt->active = 1;\n\tt->period = period;\n\tt->cb = cb;\n\tt->arg = arg;\n\n\tset(t, &now);\n\n\tLIST_INSERT_HEAD(&timer_list, t, link);\n\n\treturn start(&now);\n}\n\n/*\n * delete a timer\n */\nint timer_del(void (*cb)(void *), void *arg)\n{\n\tstruct timer *entry;\n\n\tentry = find(cb, arg);\n\tif (!entry)\n\t\treturn 1;\n\n\t/* Mark for deletion and issue a new run */\n\tentry->active = 0;\n\thandler(0);\n\n\treturn 0;\n}\n\n/**\n * Local Variables:\n * indent-tabs-mode: t\n * c-file-style: \"linux\"\n * End:\n */\n" }, { "path": "src/timer.h", "content": "/* Timer helper functions\n *\n * Copyright (C) 2017-2021 Joachim Wiberg \n *\n * This program is free software; you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation; either version 2 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n */\n\n#ifndef SMCROUTE_TIMER_H_\n#define SMCROUTE_TIMER_H_\n\nint timer_init (void);\nvoid timer_exit (void);\n\nint timer_add (int period, void (*cb)(void *), void *arg);\nint timer_del (void (*cb)(void *), void *arg);\n\n#endif /* SMCROUTE_TIMER_H_ */\n" }, { "path": "src/util.h", "content": "/* Utilitity and replacement functions */\n#ifndef SMCROUTE_UTIL_H_\n#define SMCROUTE_UTIL_H_\n\n#include \"config.h\"\n#include \n#include \n#include \"mroute.h\"\n\n#ifndef MIN\n#define MIN(a, b) ((a) < (b) ? (a) : (b))\n#endif\n#ifndef MAX\n#define MAX(a, b) ((a) < (b) ? (b) : (a))\n#endif\n\n/* From The Practice of Programming, by Kernighan and Pike */\n#ifndef NELEMS\n#define NELEMS(array) (sizeof(array) / sizeof(array[0]))\n#endif\n\nint pidfile_create(const char *basename, uid_t uid, gid_t gid);\n\n#ifndef HAVE_UTIMENSAT\nint utimensat(int dirfd, const char *pathname, const struct timespec ts[2], int flags);\n#endif\n\n#ifndef HAVE_STRLCPY\nsize_t strlcpy(char *dst, const char *src, size_t len);\n#endif\n\n#ifndef HAVE_STRLCAT\nsize_t strlcat(char *dst, const char *src, size_t dsize);\n#endif\n\n#ifndef HAVE_TEMPFILE\nFILE *tempfile(void);\n#endif\n\nint is_range(char *arg);\n\ninline static char *chomp(char *str)\n{\n\tchar *p;\n\n\tif (!str || strlen(str) < 1) {\n\t\terrno = EINVAL;\n\t\treturn NULL;\n\t}\n\n\tp = str + strlen(str) - 1;\n while (p >= str && *p == '\\n')\n\t\t*p-- = 0;\n\n\treturn str;\n}\n\n#endif /* SMCROUTE_UTIL_H_ */\n" }, { "path": "test/.gitignore", "content": "*.conf\n*.ip\n*.trs\n*.result\n*.pcap\n" }, { "path": "test/Makefile.am", "content": "EXTRA_DIST = adv.sh basic.sh batch.sh bridge.sh dyn.sh expire.sh gre.sh ipv6.sh\nEXTRA_DIST += include.sh isolated.sh join.sh joinlen.sh lib.sh lost.sh\nEXTRA_DIST += multi.sh mem.sh mrcache.sh mrdisc.sh poison.sh\nEXTRA_DIST += reload.sh reload6.sh vlan.sh vrfy.sh\nCLEANFILES = *~ *.trs *.log\nTEST_EXTENSIONS = .sh\nTESTS_ENVIRONMENT = unshare -mrun --map-auto\n\nTESTS = expire.sh\nTESTS += adv.sh\nTESTS += basic.sh\nTESTS += batch.sh\nTESTS += bridge.sh\nTESTS += dyn.sh\nTESTS += gre.sh\nTESTS += include.sh\nTESTS += ipv6.sh\nTESTS += isolated.sh\nTESTS += join.sh\nTESTS += joinlen.sh\nTESTS += lost.sh\nTESTS += mem.sh\nTESTS += mrcache.sh\nTESTS += mrdisc.sh\nTESTS += multi.sh\nTESTS += poison.sh\nTESTS += reload.sh\nTESTS += reload6.sh\nTESTS += vlan.sh\nTESTS += vrfy.sh\n" }, { "path": "test/README.md", "content": "Module Tests\n============\n\nThe following tests verify fundamental functionality of SMCRoute when\n`configure --enable-test`. Required tools to be installed and available\nin `$PATH`:\n\n - `ip` and `bridge` (iproute2 package, not the BusyBox variants)\n - `iptables`, for the 1:1 NAT test\n - `ping`\n - `tshark` (because `tcpdump -w foo.pcap` doesn't work in an unshare)\n - `valgrind`, for the memleak test\n\n> [!IMPORTANT]\n> One of the tests makes use of `iptables`, which may not work in an\n> `unshare(1)`, unless you have v1.8.7 or newer that supports the\n> `XTABLES_LOCKFILE` environment variable. As a workaround you can\n> `chmod a+rw /var/run/xtables.lock`.\n>\n> Also, as of Ubuntu 24.04 blocks user namespaces for unprivileged users\n> by default, meaning you need some `sysctl` magic to set up your system\n> see :\n>\n> sudo sysctl kernel.apparmor_restrict_unprivileged_userns=0\n>\n> Finally, the GRE test require the `ip_gre.ko` kernel module to be\n> loaded. If not, the test will be skipped.\n\n\nRunning\n-------\n\nTo run the tests:\n\n ~$ sudo modprobe ip_gre # if you have sudo capabilities\n ~$ cd src/smcroute\n ~/src/smcroute$ ./autogen.sh\n ~/src/smcroute$ ./configure --enable-test --enable-mrdisc\n ~/src/smcroute$ make -j9\n ~/src/smcroute$ make check\n\nEach unit test is standalone. To manually run select tests:\n\n ~/src/smcroute$ cd test/\n ~/src/smcroute/test$ unshare -mrun ./testname.sh\n\nThe tools `ping` and `tshark` are used to create and listen to multicast\nstreams \"routed by\" SMCRoute.\n\n> [!NOTE]\n> These tests must be run in sequence, not in parallel, because they use\n> the same interface names *and*, most importantly, we may run on a\n> kernel w/o multicast policy routing support!\n\n[1]: https://github.com/libnet/nemesis\n[2]: https://github.com/troglobit/smcroute/actions/workflows/build.yml\n\n\nTopologies\n----------\n\nThe following test topologies are employed to verify different aspects\nand use-cases supported by SMCRoute.\n\n### Basic\n\nInterfaces `a1` and `a2` are Linux dummy type interfaces.\n\n SMCRoute\n .------ router -----.\n / \\\n MC -----> a1 a2 ------> MC\n\n\n### Basic Plus\n\nSame as Basic, but with more inbound/output interfaces, useful for\ntesting wildcard interface matching.\n\n SMCRoute\n .====== router =====.\n //// \\\\\\\\\n MC ----> a1/// \\\\\\b1 ------> MC \n MC ----> a2// \\\\b2 ------> MC \n MC ----> a3/ \\b3 ------> MC \n MC ----> a4 b4 ------> MC \n\n\n### Basic w/ VLANs\n\nInterfaces `a1` and `a2` are Linux dummy type interfaces with VLAN\ninterfaces created on top. The topology sets up two VLAN interfaces\nper dummy interface, VID 100 and 110.\n\n SMCRoute\n .------.== router ==.------.\n / / \\ \\\n MC --> a1.100 a1.110 a2.100 a2.110 --> MC\n \\ / \\ /\n a1 a2\n\n\n### Bridged w/ VLANs\n\nTwo VETH pairs (a1:b1 and a2:b2) are attached to a bridge with VLAN\nfiltering enabled. On top of the bridge two VLAN interfaces are\ncreated on which routing takes place.\n\n SMCRoute\n .-- router --.\n / \\\n vlan1 vlan2\n \\ /\n bridge0\n MC -----> a1 / \\ a2 -----> MC\n '------' '------'\n\nBoth bridge ports, `a1` and `a2`, are untagged members of each VLAN.\n\n> [!NOTE]\n> interface `a1` and `vlan1` are in the same VLAN (VID 1), and\n> interface `a2` and `vlan2` are in the same VLAN (VID 2).\n\n\n### Isolated Endpoints Bridged w/ VLANs\n\nLike the default bridge, but each endpoint is in an isolated network\nnamespace. This allows setting both IPv4 & IPv6 addresses on all\ninterfaces and using ping6 as emitter instead of requiring [nemesis][1].\n\n SMCRoute\n .-- router --.\n / \\\n netns: left vlan1 vlan2 netns: right\n .-------------. \\ / .-------------.\n | | bridge0 | |\n | MC --> eth0 | / \\ | eth0 --> MC |\n | `--------' '---------' |\n '-------------' '-------------'\n\nBoth bridge ports, `a1` and `a2`, are untagged members of each VLAN.\n\n> [!NOTE]\n> interface `a1` and `vlan1` are in the same VLAN (VID 1), and\n> interface `a2` and `vlan2` are in the same VLAN (VID 2).\n\n\n### Isolated\n\nSimilar to Basic, but with two VETH pairs with the outer end of each in\nan isolated network namespace. Purpose is to emulate true end devices.\n\n SMCRoute\n netns: left .-- router --. netns: right\n .-----------. / \\ .-----------.\n | | b1 b2 | |\n | MC --> a1-|-----' `----|-a2 --> MC |\n | | | |\n '-----------' VETH pairs: aN//brN '-----------'\n In netns: eth0\n\n\n### Multi Domain\n\nThis topology is intended to be used for testing multiple routers. The\nbridge in the shared segment is only used to connect the two VETH pairs.\n\n\n netns: left netns: right\n .-------------. .-------------.\n | smcrouted | | smcrouted |\n | / \\ | br0 | / \\ |\n MC --> eth1 eth0 | / \\ | eth0 eth1 <-- MC\n | `------' '-------' |\n '-------------' 192.168.0.0/24 '-------------'\n 10.0.0.0/24 10.0.0.0/24\n\nThe idea is to provide a very tricky, but also very common, use case;\nreplicated setups with the same IP subnet forwarding multicast to a\nshared LAN. Commonly worked around using 1:1 NAT, or IP masquerading.\nNeither of which is really best friends with IP multicast routing.\n\n\nTests\n-----\n\n### Advanced Routing\n\nThe test use ten ingressing multicast streams, starting at 225.1.2.3.\nWith a single initial SSM route matching one of the streams. The\nremaining nine are installed in the kernel MFC with a stop-filter.\n\n - Verify that the SSM route works\n - Verify that no other multicast stream is forwarded\n\nNow, add an ASM route for 225.1.2.3/29 and verify that the new ASM route\nmatches a subset of the installed stop-filters, changing them to proper\nSSM routes.\n\nRemove the 225.1.2.3/29 route and verify that the filters are changed\nback to stop-filters, and that the first SSM stream (which is in the\nsame range) is not affected.\n\n**Topology:** Basic\n\n\n### Basic Routing\n\nVerifies routing between two interfaces a1 and a2. Multicast is\ninjected on a1 and tcpdump verifies function on a2.\n\n**Topology:** Basic\n\n\t\t\t\t\t\t\t\t\t\t\t\t \n### Bridge VLANs\n\nSlightly more advanced test case, a bridge with two VLAN interfaces on\ntop and two VETH pairs acting as untagged ports to the bridge in each of\nthe VLANs. The other end of each VETH pair is placed in an isolated\nnetwork namespace to allow proper IP networking to be set up.\n\n**Topology:** Isolated Bridged w/ VLANs\n\n\n### Dynamic Routes\n\nDifferent combinations of `(*,G/LEN)` to `(S/LEN, G)` routing is tested\nhere for both IPv4 and IPv6.\n\n**Topology:** Basic\n\n\n### Expiration of Dynamic Routes\n\nThe command line option `smcrouted -c SEC` can be used to tweak the\ncache timeout for `(*,G)` routes. This test verifies that it works\nas intended for both IPv4 and IPv6.\n\n**Topology:** Basic\n\n\n### Include Files\n\nThis test does not traffic or forwarding verification, it only tests\nthat the `include` directive for `smcroute.conf` works.\n\n**Topology:** Basic\n\n\n### IPv6 (S,G) and (*,G) Forwarding\n\nSimilar to the Bridged VLAN test, only with IPv6.\n\n**Topology:** Basic\n\n\n### Isolated (*,G) Forwarding\n\nThis test is currently very similar to the Basic test, but can easily be\nextended with IPv6 support as well. The trick here is to use the nested\nnetwork namespace support, introduced in the new Isolated topology.\n\nThe Isolated topology allows setting interface addresses, both IPv4 and\nIPv6 (!), regardless of the environment (and as long as the underlying\nLinux kernel supports it). This means a standard tool like `ping` can\nbe used to send multicast. Lowering the barrier of entry to run tests.\n\n**Topology:** Isolated\n\n\n### Join/Leave ASM/SSM\n\nVerify ASM & SSM join and leave for IPv4 & IPv6. Since ASM and SSM\ncannot be mixed on the same interface (fallback to ASM occurs), we\nuse different interfaces and verify operation by inspecting the Linux\n`ip maddr` and `/proc/net/mcfilter` output.\n\n**Topology:** Basic\n\n\n### Join/Leave ASM/SSM with Prefix Length\n\nVerify ASM & SSM join and leave for IPv4 & IPv6 in various prefix length\ncombinations; `(S/LEN, G)`, `(S, G/LEN)`, and `(S/LEN, G/LEN)`. Since\nASM and SSM cannot be mixed on the same interface (fallback to ASM\noccurs), we use different interfaces and verify operation by inspecting\nthe Linux `ip maddr` and `/proc/net/mcfilter` output.\n\n**Topology:** Basic\n\n\n### Multiple Routers with 1:1 NAT\n\nVerify multicast forwarding from two separate LANs to a shared segment,\nwhere the two separate LANs have the same IP subnet. To make things\nworse, the same IP source address will be used for both multicast\nsenders.\n\nNote, this test requires the host system also has `iptables`. If the\ntest cannot find the `iptables` tool, it will `exit 77` to trigger a\nSKIP in the test suite.\n\n**Topology:** Multi Domain\n\n\n### Poison Pill Routes\n\nVerifies `(*,G/LEN)` routes from a set of approved inbound interfaces\nare properly installed in the kernel MFC. While blocking traffic to the\nsame groups from other inbound interfaces using stop-filter, or \"poison\npill\", routes (no outbound interfaces). For details, see issue #143.\n\nNote, this test assumed the origin `S` of inbound traffic differs\nbetween inbound interfaces. I.e., the same `S` on different inbound\ninterfaces is not supported by `smcrouted`.\n\n**Topology:** Multi\n\n\n### Reload .conf File (IPv4)\n\nVerifies that reloading the .conf file using `SIGHUP` or `reload`\ncommand to `smcroutectl` does not disturb established flows, and\nthat the resulting configuration is properly set in the kernel.\n\n**Topology:** Multi\n\n\n### Reload .conf File (IPv6)\n\nThe same as the IPv4 test, but for IPv6.\n\n**Topology:** Multi\n\n\n### VLAN Interfaces\n\nSimilar to the basic routing test, except VLAN interfaces are created on\ntop of the base interfaces, and routing takes place there. This test is\nbased on [troglobit/smcroute#161][issue-161].\n\n**Topology:** Basic w/ VLANs\n\n\n[issue-161]: https://github.com/troglobit/smcroute/issues/161\n" }, { "path": "test/adv.sh", "content": "#!/bin/sh\n# Verify stop-filter to SSM transition by adding *,G/LEN routes\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\nphyint a1 enable\nphyint a2 enable\n\nmroute from a1 source 10.0.0.1 group 225.1.2.3 to a2\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\n\n# Start emitters on a1 for 225.1.2.1 .. 225.1.2.10\nemitter a1 10\nshow_mroute\n\n# Sanity check, the route from the conf file should work\ncollect a2 -c3 'dst 225.1.2.3'\nsleep 3\nlines1=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.3 | tee \"/tmp/$NM/result\" | wc -l)\n# shellcheck disable=SC2086\n[ $lines1 -lt 3 ] && FAIL\n\n# Add (*,G) routes for 225.1.2.1 .. 225.1.2.7, overlapping with previous 225.1.2.3\nprint \"Adding *,225.1.2.3/29 ASM routes ...\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" add a1 225.1.2.3/29 a2\nshow_mroute\n\n# Check for a sample of the added routes\ncollect a2 -c6 'dst 225.1.2.6 or dst 225.1.2.3'\nsleep 3\n\nprint \"Analyzing ...\"\nlines1=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.3 | tee \"/tmp/$NM/result\" | wc -l)\nlines2=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.6 | tee -a \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\n# shellcheck disable=SC2086 disable=SC2166\n[ $lines1 -lt 3 -o $lines2 -lt 3 ] && FAIL\n\n# When removing (*,G) routes, the (S,G) route from the conf file should remain\nprint \"Removing *,225.1.2.3/29 ASM routes ...\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" del a1 225.1.2.3/29\nshow_mroute\n\n# Check for same sample, now we should no longer see 225.1.2.6, only 225.1.2.3\ncollect a2 -c3 'dst 225.1.2.6 or dst 225.1.2.3'\nsleep 3\n\nprint \"Analyzing ...\"\nlines1=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.3 | tee \"/tmp/$NM/result\" | wc -l)\nlines2=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.6 | tee -a \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\necho \" => $lines1 for group 225.1.2.3 from R1, expected > 1\"\necho \" => $lines2 for group 225.1.2.6 from R2, expected = 0\"\n# shellcheck disable=SC2086 disable=SC2166\n[ $lines1 -gt 1 -a $lines2 -eq 0 ] && OK\nFAIL\n" }, { "path": "test/basic.sh", "content": "#!/bin/sh\n# Verifies IPv4 (S,G) and (*,G) rules by injecting frames on one\n# interface and verifying reception on another.\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# basic (*,G) multicast routing\nphyint a1 enable\nphyint a2 enable\n\nmgroup from a1 source 10.0.0.1 group 225.3.2.1\nmroute from a1 source 10.0.0.1 group 225.3.2.1 to a2\n\nmgroup from a1 group 225.1.2.3\nmroute from a1 group 225.1.2.3 to a2\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show interfaces\necho \"-----------------------------------------------------------------------------------\"\nip maddress\necho \"-----------------------------------------------------------------------------------\"\ncat /proc/net/mcfilter\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\n\ncollect a2 -c12 'dst 225.3.2.1 or dst 225.1.2.3 or dst 225.1.2.4 or 225.1.2.5'\n\nprint \"Adding IPC routes ...\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" add a1 225.1.2.4 a2\n../src/smcroutectl -u \"/tmp/$NM/sock\" add a1 10.0.0.1 225.1.2.5 a2\nshow_mroute\n\nprint \"Starting emitter ...\"\nping -c 3 -W 1 -I a1 -t 2 225.3.2.1 >/dev/null\nping -c 3 -W 1 -I a1 -t 2 225.1.2.3 >/dev/null\nping -c 3 -W 1 -I a1 -t 2 225.1.2.4 >/dev/null\nping -c 3 -W 1 -I a1 -t 2 225.1.2.5 >/dev/null\nshow_mroute\n\nprint \"Analyzing ...\"\nlines1=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.3 | tee \"/tmp/$NM/result\" | wc -l)\nlines2=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.3.2.1 | tee -a \"/tmp/$NM/result\" | wc -l)\nlines3=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.4 | tee -a \"/tmp/$NM/result\" | wc -l)\nlines4=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.5 | tee -a \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\necho \" => $lines1 for 225.1.2.3, expected => 2\"\necho \" => $lines2 for 225.3.2.1, expected => 3\"\necho \" => $lines3 for 225.1.2.4, expected => 2\"\necho \" => $lines4 for 225.1.2.5, expected => 3\"\n\n########################################################################### DONE\n# Expect one frame lost due to initial (*,G) -> (S,G) route setup, while\n# we don't expect any frame loss in pure (S,G) routes\n# shellcheck disable=SC2166 disable=SC2086\n[ $lines1 -ge 2 -a $lines2 -eq 3 -a $lines3 -ge 2 -a $lines4 -eq 3 ] && OK\nFAIL\n" }, { "path": "test/batch.sh", "content": "#!/bin/sh\n# Verify batch mode, we just want to see the daemon accepting the\n# batched commands.\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\n\n# IP world ...\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip addr add 2001:1::1/64 dev a1\nip addr add 2001:2::1/64 dev a2\nip -br a\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\nprint \"Joining groups (batch)\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" -b <<-EOF\n\tjoin a1 10.0.0.11 225.1.1.1\n\tjoin a2 225.2.2.2\n\tjoin a1 fc00::2 ff04::111\n\tjoin a2 ff2e::22\n\tEOF\n\noutput=$(../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups)\necho \"$output\"\n[ \"$(echo \"$output\" | grep 225.1.1.1 | sed 's/[[:space:]]*//g')\" = \"(10.0.0.11,225.1.1.1)a1\" ] || FAIL \"225.1.1.1\"\n[ \"$(echo \"$output\" | grep 225.2.2.2 | sed 's/[[:space:]]*//g')\" = \"(*,225.2.2.2)a2\" ] || FAIL \"225.2.2.2\"\n[ \"$(echo \"$output\" | grep ff04::111 | sed 's/[[:space:]]*//g')\" = \"(fc00::2,ff04::111)a1\" ] || FAIL \"ff04::111\"\n[ \"$(echo \"$output\" | grep ff2e::22 | sed 's/[[:space:]]*//g')\" = \"(*,ff2e::22)a2\" ] || FAIL \"ff2e::22\"\n\nOK\n" }, { "path": "test/bridge.sh", "content": "#!/bin/sh\n# Verifies (*,G) routing between VLANs on top of a VLAN filtering bridge\n# with bridge ports as VETH interfaces. The endpoints of the VETH pairs\n# are placed in isolated network namespaces to allow IP networking as\n# one expects.\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nLEFT=/tmp/$NM/b1\nRIGHT=/tmp/$NM/b2\n\nprint \"Creating world ...\"\ntopo isolated bridge \"$LEFT\" \"$RIGHT\"\n\n# IP World\nip addr add 10.0.0.1/24 dev vlan1\nnsenter --net=\"$LEFT\" -- ip addr add 10.0.0.10/24 dev eth0\n\nip addr add 20.0.0.1/24 dev vlan2\nnsenter --net=\"$RIGHT\" -- ip addr add 20.0.0.10/24 dev eth0\nbridge link\nbridge vlan\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# vlan (*,G) multicast routing\nphyint vlan1 enable\nphyint vlan2 enable\nmroute from vlan1 group 225.1.2.3 to vlan2\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -u \"/tmp/$NM/sock\" &\nsleep 1\n\nprint \"Starting collector ...\"\nnsenter --net=\"$RIGHT\" -- tshark -c 2 -lni eth0 -w \"/tmp/$NM/pcap\" 'dst 225.1.2.3' 2>/dev/null &\necho $! >> \"/tmp/$NM/PIDs\"\nsleep 1\n\nprint \"Starting emitter ...\"\nnsenter --net=\"$LEFT\" -- ping -c 3 -W 1 -I eth0 -t 3 225.1.2.3\nshow_mroute\n\nprint \"Analyzing ...\"\nlines=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.3 | tee \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\necho \" => $lines for 225.1.2.3, expected => 2\"\n\n########################################################################### DONE\n# one frame lost due to initial (*,G) -> (S,G) setup\n[ \"$lines\" = \"2\" ] && OK\nFAIL\n" }, { "path": "test/dyn.sh", "content": "#!/bin/sh\n# Verifies (*,G/LEN) and (S/LEN,G) routing by injecting frames on one\n# interface and verifying reception on another.\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip addr add 2001:1::1/64 dev a1\nip addr add fc00::42/64 dev a1\nip addr add 2001:2::1/64 dev a2\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# basic (*,G/LEN) multicast routing\nphyint a1 enable\nphyint a2 enable\n\nmroute from a1 group 225.1.2.3/24 to a2\nmroute from a1 group ff2e::42/121 to a2\n\nmroute from a1 source 10.0.0.1/24 group 225.3.2.1 to a2\nmroute from a1 source fc00::1/64 group ff04::114 to a2\n\nmroute from a1 source 10.0.0.1 group 225.3.3.3/24 to a2\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show interfaces\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show routes\n\ncollect a2 -c21 'dst 225.1.2.1 or dst 225.1.2.201 or dst ff2e::42 or dst ff2e::7f or dst 225.3.2.1 or dst ff04::114 or dst 225.3.3.1'\n\nprint \"Starting emitter ...\"\nping -c 3 -W 1 -I a1 -t 2 225.1.2.1 >/dev/null\nping -c 3 -W 1 -I a1 -t 2 225.1.2.201 >/dev/null\nping -6 -c 3 -W 1 -I fc00::42 -t 2 ff2e::42 >/dev/null\nping -6 -c 3 -W 1 -I fc00::42 -t 2 ff2e::7f >/dev/null\nping -c 3 -W 1 -I a1 -t 2 225.3.2.1 >/dev/null\nping -6 -c 3 -W 1 -I fc00::42 -t 2 ff04::114 >/dev/null\nping -c 3 -W 1 -I a1 -t 2 225.3.3.1 >/dev/null\nshow_mroute\n\nprint \"Analyzing ...\"\nlines1=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.1 | tee \"/tmp/$NM/result\" | wc -l)\nlines2=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.201 | tee \"/tmp/$NM/result\" | wc -l)\nlines3=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep ff2e::42 | tee \"/tmp/$NM/result\" | wc -l)\nlines4=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep ff2e::7f | tee \"/tmp/$NM/result\" | wc -l)\nlines5=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.3.2.1 | tee \"/tmp/$NM/result\" | wc -l)\nlines6=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep ff04::114 | tee \"/tmp/$NM/result\" | wc -l)\nlines7=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.3.3.1 | tee \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\necho \" => $lines1 for 225.1.2.1, expected >= 2\"\necho \" => $lines2 for 225.1.2.201, expected >= 2\"\necho \" => $lines3 for ff2e::42, expected >= 2\"\necho \" => $lines4 for ff2e::7f, expected >= 2\"\necho \" => $lines5 for 225.3.2.1, expected >= 2\"\necho \" => $lines6 for ff04::114, expected >= 2\"\necho \" => $lines7 for 225.3.3.1, expected >= 2\"\n\n########################################################################### DONE\n# Expect one frame lost due to initial (*,G) -> (S,G) route setup\n# shellcheck disable=SC2166 disable=SC2086\n[ $lines1 -ge 2 -a $lines2 -ge 2 -a $lines3 -ge 2 -a $lines4 -ge 2 -a $lines5 -ge 2 -a $lines6 -ge 2 -a $lines7 -ge 2 ] && OK\nFAIL\n" }, { "path": "test/expire.sh", "content": "#!/bin/sh\n# Verifies IPv4 and IPv6 (*,G) => learned (S,G) flushing\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\n\n# IP world ...\nip addr add 10.0.0.1/24 dev a1\nip addr add 2001:1::1/64 dev a1\nip addr add fc00::1/64 dev a1\nip addr add 20.0.0.1/24 dev a1\nip addr add 2001:2::1/64 dev a2\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# ipv4 and ipv6 (*,G) multicast routing\nphyint a1 enable\nphyint a2 enable\n\nmroute from a1 source 10.0.0.10 group 225.3.2.1 to a2\nmroute from a1 group 225.1.2.3 to a2\n\nmroute from a1 source fc00::1 group ff04:0:0:0:0:0:0:114 to a2\nmroute from a1 group ff2e::42 to a2\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -c 10 -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\ncollect a2 -c12 'dst ff04::114 or dst ff2e::42 or dst ff2e::43 or dst ff2e::44'\n\nprint \"Starting emitter ...\"\nping -c 3 -W 1 -I a1 -t 3 225.1.2.3 >/dev/null\nping -6 -c 3 -W 1 -I 2001:1::1 -t 3 ff2e::42 >/dev/null\nshow_mroute\n\nip mroute | grep -q \"(10.0.0.1,225.1.2.3)\"\n[ $? -eq 0 ] || FAIL \"Failed learning IPv4 (*,G) route\"\n\nip -6 mroute | grep -q \"(2001:1::1,ff2e::42)\"\n[ $? -eq 0 ] || FAIL \"Failed learning IPv6 (*,G) route\"\n\nprint \"Verifying (*,G) flush, please wait ... \"\nsleep 11\nshow_mroute\nip mroute | grep -q \"(10.0.0.1,225.1.2.3)\"\n[ $? -eq 1 ] || FAIL \"Failed flushing IPv4 (*,G) route\"\n\nip -6 mroute | grep -q \"(2001:1::1,ff2e::42)\"\n[ $? -eq 1 ] || FAIL \"Failed flushing IPv6 (*,G) route\"\n\nprint \"Analyzing ...\"\nlines2=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep ff2e::42 | tee -a \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\necho \" => $lines2 frames for group ff2e::42, expected >= 2\"\n\n########################################################################### DONE\n# shellcheck disable=SC2086\n[ $lines2 -ge 2 ] && OK\nFAIL\n" }, { "path": "test/gre.sh", "content": "#!/bin/sh\n# Verify multicast routing between two routers over a GRE tunnel\n#\n# netns: host1 netns: host2\n# .-------------. .-------------.\n# | smcrouted | | smcrouted |\n# | / \\ | br0 | / \\ |\n# MC --> eth1 eth0 | / \\ | eth0 eth1 <-- MC\n# | `------' '-------' |\n# '-------------' 192.168.0.0/24 '-------------'\n# 10.0.0.0/24 10.0.0.0/24\n#\n# Note: you may have to `modprobe ip_gre` before the test.\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Checking dependencies ...\"\nlsb_release -a\nuname -a\ncheck_dep grep -q ip_gre /proc/modules\n\nprint \"Creating world ...\"\ntopo multi host1 host2\n\n# IP world ...\necho \"Links, addresses, and routes for host1 =====================================\"\nnsenter --net=host1 -- ip addr add 192.168.0.10/24 dev eth0\nnsenter --net=host1 -- ip addr add 10.0.0.1/24 dev eth1\nnsenter --net=host1 -- ip tunnel add tun0 mode gre remote 192.168.0.20 local 192.168.0.10 ttl 255\nnsenter --net=host1 -- ip addr add 172.16.0.10/24 dev tun0\nnsenter --net=host1 -- ip link set tun0 multicast on\nnsenter --net=host1 -- ip link set tun0 up\nnsenter --net=host1 -- ip route add 20.0.0.0/24 via 172.16.0.10\nnsenter --net=host1 -- ip -br l\nnsenter --net=host1 -- ip -br a\nnsenter --net=host1 -- ip -br r\n\necho \"Links, addresses, and routes for host2 =====================================\"\nnsenter --net=host2 -- ip addr add 192.168.0.20/24 dev eth0\nnsenter --net=host2 -- ip addr add 20.0.0.1/24 dev eth1\nnsenter --net=host2 -- ip tunnel add tun0 mode gre remote 192.168.0.10 local 192.168.0.20 ttl 255\nnsenter --net=host2 -- ip addr add 172.16.0.20/24 dev tun0\nnsenter --net=host2 -- ip link set tun0 multicast on\nnsenter --net=host2 -- ip link set tun0 up\nnsenter --net=host2 -- ip route add 10.0.0.0/24 via 172.16.0.20\nnsenter --net=host2 -- ip -br l\nnsenter --net=host2 -- ip -br a\nnsenter --net=host2 -- ip -br r\n\nprint \"Verifying connectivity ...\"\nprintf \"host1 (172.16.0.10) \"\nif ! nsenter --net=host1 -- ping -c 3 172.16.0.20; then\n FAIL \"host1: cannot reach host2 over GRE tunnel\"\nfi\n\nprint \"Creating config ...\"\ncat <\"/tmp/$NM/shared.conf\"\n# shared.conf for both netns\nphyint tun0 enable\nphyint eth1 enable\n\nmgroup from eth1 group 225.1.2.3\nmroute from eth1 group 225.1.2.3 to tun0\n\nmgroup from tun0 group 225.1.2.3\nmroute from tun0 group 225.1.2.3 to eth1\nEOF\ncat \"/tmp/$NM/shared.conf\"\n\nprint \"Starting smcrouted instances ...\"\nnsenter --net=host1 -- ../src/smcrouted -f \"/tmp/$NM/shared.conf\" -n -N -i host1 -l debug -u \"/tmp/$NM/host1.sock\" &\necho $! >> \"/tmp/$NM/PIDs\"\nnsenter --net=host2 -- ../src/smcrouted -f \"/tmp/$NM/shared.conf\" -n -N -i host2 -l debug -u \"/tmp/$NM/host2.sock\" &\necho $! >> \"/tmp/$NM/PIDs\"\nsleep 1\n\nprint \"Starting collector on eth1@host2 ...\"\nnsenter --net=host2 -- tshark -w \"/tmp/$NM/pcap\" -lni eth1 -c5 'dst 225.1.2.3' 2>/dev/null &\necho $! >> \"/tmp/$NM/PIDs\"\n\nprint \"Starting emitters ...\"\nnsenter --net=host1 -- ping -c 5 -W 1 -I eth1 -t 10 225.1.2.3 > /dev/null &\nsleep 5\n\nprint \"Analyzing pcap from eth1@host2 ...\"\nlines1=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.3 | tee \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\n\necho \" => $lines1 for group 225.1.2.3 from host1, expected >= 4\"\n\n# Expect one frame loss for each initial (*,G) -> (S,G) route setup\n# shellcheck disable=SC2086\n[ $lines1 -ge 3 ] && OK\nFAIL\n" }, { "path": "test/include.sh", "content": "#!/bin/sh\n# Verifies .conf include statement\n#set -x\n\nactivate()\n{\n if [ -f /tmp/$NM/pid ]; then\n\t../src/smcroutectl -u \"/tmp/$NM/sock\" reload\n else\n\t../src/smcrouted -c 8 -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\n fi\n sleep 1\n}\n\nget_routes()\n{\n ip -6 mroute\n ip mroute\n}\n\ncheck_output()\n{\n show_mroute\n get_routes | grep -q \"$2\"\n [ \"$?\" = \"$1\" ] || FAIL \"$3\"\n}\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\n\n# IP world ...\nip addr add 10.0.0.1/24 dev a1\nip addr add 2001:1::1/64 dev a1\nip addr add fc00::1/64 dev a1\nip addr add 20.0.0.1/24 dev a1\nip addr add 2001:2::1/64 dev a2\nip -br a\n\n######################################################### Plain conf, no include\nprint \"Creating /tmp/$NM/conf ...\"\ncat < \"/tmp/$NM/conf\"\nphyint a1 enable\nphyint a2 enable\n\nmroute from a1 source 10.0.0.10 group 225.3.2.1 to a2\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\nactivate\ncheck_output 0 \"(10.0.0.10,225.3.2.1)\" \"Failed reading initial .conf file\"\n\n######################################################## Include files from conf\nprint \"Creating /tmp/$NM/conf2 ...\"\necho \"include /tmp/$NM/conf2\" >> \"/tmp/$NM/conf\"\ncat <\"/tmp/$NM/conf2\"\nmroute from a1 source fc00::1 group ff04:0:0:0:0:0:0:114 to a2\ninclude /tmp/$NM/*.foo\nEOF\necho \">> /tmp/$NM/conf\"\ncat \"/tmp/$NM/conf\"\necho \">> /tmp/$NM/conf2\"\ncat \"/tmp/$NM/conf2\"\n\nactivate\ncheck_output 0 \"(fc00::1,ff04::114)\" \"Failed reading conf2\"\n\n######################################################### Creating a.foo & b.foo\nprint \"Creating /tmp/$NM/{a,b}.foo ...\"\ncat <\"/tmp/$NM/a.foo\"\nmroute from a1 source 10.0.0.1 group 225.1.2.3 to a2\nEOF\necho \">> /tmp/$NM/a.foo\"\ncat \"/tmp/$NM/a.foo\"\n\ncat <\"/tmp/$NM/b.foo\"\nmroute from a1 source 10.0.0.2 group 225.1.2.1 to a2\nEOF\necho \">> /tmp/$NM/b.foo\"\ncat \"/tmp/$NM/b.foo\"\n\nactivate\ncheck_output 0 \"(10.0.0.1,225.1.2.3)\" \"Failed reading a.foo\"\ncheck_output 0 \"(10.0.0.2,225.1.2.1)\" \"Failed reading b.foo\"\n\n################################################################# Removing b.foo\nprint \"Removing b.foo ...\"\nrm \"/tmp/$NM/b.foo\"\nactivate\ncheck_output 1 \"(10.0.0.2,225.1.2.1)\" \"Failed removing old route from b.foo\"\n\n########################################################################### DONE\nOK\n" }, { "path": "test/ipv6.sh", "content": "#!/bin/sh\n# Verifies IPv6 (S,G) and (*,G) rules, both from .conf file and IPC, by\n# injecting frames on one interface and verify reception on another.\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\n\n# IP world ...\nip addr add 2001:1::1/64 dev a1\nip addr add fc00::1/64 dev a1\nip addr add 2001:2::1/64 dev a2\nip addr add 2001:2:3:4:6:7:12:1/64 dev a2\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# ipv6 (*,G) multicast routing\nphyint a1 enable\nphyint a2 enable\n\nmgroup from a1 source fc00::1 group ff04:0:0:0:0:0:0:114\nmroute from a1 source fc00::1 group ff04:0:0:0:0:0:0:114 to a2\n\nmgroup from a1 group ff2e::42\nmroute from a1 group ff2e::42 to a2\n\nmroute from a1 group ff2e::7 to a2\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -c 5 -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show interfaces\necho \"-----------------------------------------------------------------------------------\"\nip -6 maddress\necho \"-----------------------------------------------------------------------------------\"\ncat /proc/net/mcfilter6\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\n\ncollect a2 -c12 'dst ff04::114 or dst ff2e::42 or dst ff2e::43 or dst ff2e::44'\n\n../src/smcroutectl -u \"/tmp/$NM/sock\" add a1 ff2e::43 a2\n../src/smcroutectl -u \"/tmp/$NM/sock\" add a1 fc00::1 ff2e::44 a2\nshow_mroute\n\nprint \"Starting emitter ...\"\nping -6 -c 3 -W 1 -I fc00::1 -t 3 ff04::114 >/dev/null\nping -6 -c 3 -W 1 -I 2001:1::1 -t 3 ff2e::42 >/dev/null\nping -6 -c 3 -W 1 -I 2001:1::1 -t 3 ff2e::43 >/dev/null\nping -6 -c 3 -W 1 -I fc00::1 -t 3 ff2e::44 >/dev/null\nping -6 -c 3 -W 1 -I 2001:2:3:4:6:7:12:1 -t 3 ff2e::7 >/dev/null\nshow_mroute\n\nprint \"Analyzing ...\"\nlines1=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep ff04::114 | tee \"/tmp/$NM/result\" | wc -l)\nlines2=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep ff2e::42 | tee -a \"/tmp/$NM/result\" | wc -l)\nlines3=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep ff2e::43 | tee -a \"/tmp/$NM/result\" | wc -l)\nlines4=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep ff2e::44 | tee -a \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\necho \" => $lines1 for group ff04::114, expected => 3\"\necho \" => $lines2 for group ff2e::42, expected => 2\"\necho \" => $lines3 for group ff2e::43, expected => 2\"\necho \" => $lines4 for group ff2e::44, expected => 3\"\n\nsleep 10\nshow_mroute\n\n########################################################################### DONE\n# one frame lost due to initial (*,G) -> (S,G) route setup\n# no frames lost in pure (S,G) route\n# shellcheck disable=SC2166 disable=SC2086\n[ $lines1 -eq 3 -a $lines2 -ge 2 -a $lines3 -ge 2 -a $lines4 -eq 3 ] && OK\nFAIL\n" }, { "path": "test/isolated.sh", "content": "#!/bin/sh\n# Verifies (*,G) routing between two emulated end devices.\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nLEFT=/tmp/$NM/left\nRIGHT=/tmp/$NM/right\nLIF=$(basename \"$LEFT\")\nRIF=$(basename \"$RIGHT\")\n\nprint \"Creating world ...\"\ntopo isolated \"$LEFT\" \"$RIGHT\"\n\n# IP World\nip addr add 10.0.0.1/24 dev \"$LIF\"\nnsenter --net=\"$LEFT\" -- ip addr add 10.0.0.10/24 dev eth0\n\nip addr add 20.0.0.1/24 dev \"$RIF\"\nnsenter --net=\"$RIGHT\" -- ip addr add 20.0.0.10/24 dev eth0\n\nip -br l\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# vlan (*,G) multicast routing\nphyint $LIF enable\nphyint $RIF enable\nmroute from $LIF group 225.1.2.3 to $RIF\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\nprint \"Starting collector ...\"\nnsenter --net=\"$RIGHT\" -- tshark -c 2 -lni eth0 -w \"/tmp/$NM/pcap\" dst 225.1.2.3 &\necho $! >> \"/tmp/$NM/PIDs\"\nsleep 1\n\nprint \"Starting emitter ...\"\nnsenter --net=\"$LEFT\" -- ping -c 3 -W 1 -I eth0 -t 3 225.1.2.3\nshow_mroute\n\nprint \"Analyzing ...\"\nlines=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.3 | tee \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\necho \" => $lines expected 2\"\n\n########################################################################### DONE\n# one frame lost due to initial (*,G) -> (S,G) setup\n[ \"$lines\" = \"2\" ] && OK\nFAIL\n" }, { "path": "test/join.sh", "content": "#!/bin/sh\n# Verify join/leave multicast groups for both IPv4 and IPv6\n# a1 will be used to verify SSM and a2 to verify ASM\n#\n# Note: this test is really ugly and full of code duplcation\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\n\n# IP world ...\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip addr add 2001:1::1/64 dev a1\nip addr add 2001:2::1/64 dev a2\nip -br a\n\n################################################################## STATIC GROUPS\nprint \"Phase 1: Join groups (.conf)\"\ncat < \"/tmp/$NM/conf\"\n# ASM + SSM join/leave multicast groups\nphyint a1 enable\nphyint a2 enable\n\nmgroup from a1 source fc00::1 group ff04:0:0:0:0:0:0:114\nmgroup from a1 source 10.0.0.10 group 225.1.2.3\n\nmgroup from a2 group ff2e::42\nmgroup from a2 group 225.3.2.1\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show interfaces\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\necho \"-----------------------------------------------------------------------------------\"\ngrep \"0xe1010203 0x0a00000a\" /proc/net/mcfilter\nconfig_ssm=$?\ngrep \"ff040000000000000000000000000114 fc000000000000000000000000000001\" /proc/net/mcfilter6\nconfig_ssm6=$?\nip maddr show dev a2 | grep 225.3.2.1\nconfig_asm=$?\nip -6 maddr show dev a2 | grep ff2e::42\nconfig_asm6=$?\n\n# shellcheck disable=SC2166\nif [ $config_ssm -eq 0 -a $config_ssm6 -eq 0 ]; then\n echo \"Config SSM join OK\"\n config_ssm=0\nelse\n echo \"Config SSM join FAIL\"\n config_ssm=1\nfi\n\n# shellcheck disable=SC2166\nif [ $config_asm -eq 0 -a $config_asm6 -eq 0 ]; then\n echo \"Config ASM join OK\"\n config_asm=0\nelse\n echo \"Config ASM join FAIL\"\n config_asm=1\nfi\n\n# shellcheck disable=SC2166\nif [ $config_ssm -eq 0 -a $config_asm -eq 0 ]; then\n echo \"Config join OK\"\n config=0\nelse\n echo \"Config join FAIL\"\n config=1\nfi\n\n#################################################################### JOIN GROUPS\nprint \"Phase 2: Join groups (IPC)\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a1 10.0.0.11 225.1.1.1\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a2 225.2.2.2\n\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a1 fc00::2 ff04::111\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a2 ff2e::22\n\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show interfaces\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\necho \"-----------------------------------------------------------------------------------\"\ngrep \"0xe1010101 0x0a00000b\" /proc/net/mcfilter\ndynamic_ssm=$?\ngrep \"ff040000000000000000000000000111 fc000000000000000000000000000002\" /proc/net/mcfilter6\ndynamic_ssm6=$?\nip maddr show dev a2 | grep 225.2.2.2\ndynamic_asm=$?\nip -6 maddr show dev a2 | grep ff2e::22\ndynamic_asm6=$?\n\n# shellcheck disable=SC2166\nif [ $dynamic_ssm -eq 0 -a $dynamic_ssm6 -eq 0 ]; then\n echo \"Dynamic SSM join OK\"\n dynamic_ssm=0\nelse\n echo \"Dynamic SSM join FAIL\"\n dynamic_ssm=1\nfi\n\n# shellcheck disable=SC2166\nif [ $dynamic_asm -eq 0 -a $dynamic_asm6 -eq 0 ]; then\n echo \"Dynamic ASM join OK\"\n dynamic_asm=0\nelse\n echo \"Dynamic ASM join FAIL\"\n dynamic_asm=1\nfi\n\n# shellcheck disable=SC2166\nif [ $dynamic_ssm -eq 0 -a $dynamic_asm -eq 0 ]; then\n echo \"Dynamic join OK\"\n dynamic=0\nelse\n echo \"Dynamic join FAIL\"\n dynamic=1\nfi\n\n################################################################### LEAVE GROUPS\nprint \"Phase 3: Leave groups (IPC)\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a1 10.0.0.10 225.1.2.3\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a2 225.3.2.1\n\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a1 fc00::1 ff04::114\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a2 ff2e::42\n\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show interfaces\necho \"-----------------------------------------------------------------------------------\"\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\necho \"-----------------------------------------------------------------------------------\"\ngrep \"0xe1010203 0x0a00000a\" /proc/net/mcfilter\nleave_ssm=$?\ngrep \"ff040000000000000000000000000114 fc000000000000000000000000000001\" /proc/net/mcfilter6\nleave_ssm6=$?\nip maddr show dev a2 | grep 225.3.2.1\nleave_asm=$?\nip -6 maddr show dev a2 | grep ff2e::42\nleave_asm6=$?\n\n# shellcheck disable=SC2166\nif [ $leave_ssm -eq 1 -a $leave_ssm6 -eq 1 ]; then\n echo \"Dynamic SSM leave OK\"\n leave_ssm=0\nelse\n echo \"Dynamic SSM leave FAIL\"\n leave_ssm=1\nfi\n\n# shellcheck disable=SC2166\nif [ $leave_asm -eq 1 -a $leave_asm6 -eq 1 ]; then\n echo \"Dynamic ASM leave OK\"\n leave_asm=0\nelse\n echo \"Dynamic ASM leave FAIL\"\n leave_asm=1\nfi\n\n# shellcheck disable=SC2166\nif [ $leave_ssm -eq 0 -a $leave_asm -eq 0 ]; then\n echo \"Dynamic leave OK\"\n leave=0\nelse\n echo \"Dynamic leave FAIL\"\n leave=1\nfi\n\n########################################################################### DONE\n# shellcheck disable=SC2166\n[ $config -eq 0 -a $dynamic -eq 0 -a $leave -eq 0 ] && OK\nFAIL\n" }, { "path": "test/joinlen.sh", "content": "#!/bin/sh\n\n# only checking for a sample in each range\ncheck_output()\n{\n print \"Verifying ...\"\n if [ -n \"$1\" ]; then\n\tip maddr show dev a2\n\tif ! ip maddr show dev a2 | grep -q \"$1\"; then\n\t FAIL \"Cannot find (* $1)\"\n\tfi\n fi\n\n if [ -n \"$2\" ]; then\n\tcat /proc/net/mcfilter\n\tif ! grep -q \"$2\" /proc/net/mcfilter; then\n\t FAIL \"Cannot find ($2)\"\n\tfi\n fi\n}\n\ncheck_output6()\n{\n print \"Verifying ...\"\n if [ -n \"$1\" ]; then\n\tip -6 maddr show dev a2\n\tif ! ip -6 maddr show dev a2 | grep -q \"$1\"; then\n\t FAIL \"Cannot find (* $1)\"\n\tfi\n fi\n\n if [ -n \"$2\" ]; then\n\tcat /proc/net/mcfilter6\n\tif ! grep -q \"$2\" /proc/net/mcfilter6; then\n\t FAIL \"Cannot find ($2)\"\n\tfi\n fi\n}\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\n\n# IP world ...\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip addr add 2001:1::1/64 dev a1\nip addr add 2001:2::1/64 dev a2\nip -br a\n\n################################################################## STATIC GROUPS\nprint \"Phase 1: Join groups (.conf)\"\ncat < \"/tmp/$NM/conf\"\n# ASM + SSM join/leave multicast groups\nphyint a1 enable\nphyint a2 enable\n\nmgroup from a1 source 10.0.0.10 group 225.1.2.40/24\nmgroup from a2 group 225.3.2.250/24\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\ncheck_output \"225.3.2.249\" \"0xe101022a 0x0a00000a\"\n\n################################################################### LEAVE GROUPS\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a1 10.0.0.10 225.1.2.40/24\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a2 225.3.2.250/24\ncat /proc/net/mcfilter\nip maddr show dev a2\n\n#################################################################### JOIN GROUPS\nprint \"Phase 2: Join groups (IPC)\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a1 10.0.0.10 225.1.1.1/30\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a2 225.0.0.1/30\ncheck_output \"225.0.0.2\" \"0xe1010102 0x0a00000a\"\n\n################################################################### LEAVE GROUPS\nprint \"Debug 1 ...\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" show group\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a1 10.0.0.10 225.1.1.1/30\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a2 225.0.0.1/30\n\n################################################################### JOIN SOURCES\nprint \"Debug 2 ...\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" show group\nprint \"Phase 3: Join group from multiple sources (IPC)\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a1 10.0.0.1/26 225.1.2.3\ncheck_output \"\" \"0xe1010203 0x0a00003e\"\n\n################################################################### LEAVE GROUPS\nprint \"Debug 3 ...\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" show group\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a1 10.0.0.1/26 225.1.2.3\n\n######################################################## JOIN SOURCES AND GROUPS\nprint \"Phase 4: Join multiple groups from multiple sources (IPC)\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a1 10.0.0.1/30 225.1.2.3/30\ncheck_output \"\" \"0xe1010201 0x0a000003\"\n\n############################################################## JOIN IPv6 SOURCES\nprint \"Phase 5: Join IPv6 group from multiple sources (IPC)\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a1 2001:1::1/122 ff2e::42\ncheck_output6 \"\" \"ff2e0000000000000000000000000042 2001000100000000000000000000001c\"\n\n../src/smcroutectl -u \"/tmp/$NM/sock\" show group\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a1 2001:1::1/122 ff2e::42\n\n################################################### JOIN IPv6 SOURCES AND GROUPS\nprint \"Phase 6: Join multiple IPv6 groups from multiple sources (IPC)\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" join a1 2001:1::1/126 ff2e::42/126\ncheck_output6 \"\" \"ff2e0000000000000000000000000041 20010001000000000000000000000002\"\n\n../src/smcroutectl -u \"/tmp/$NM/sock\" show group\n../src/smcroutectl -u \"/tmp/$NM/sock\" leave a1 2001:1::1/122 ff2e::42/126\n\n########################################################################### DONE\nOK\n" }, { "path": "test/lib.sh", "content": "#!/bin/sh\n\n# Test name, used everywhere as /tmp/$NM/foo\nNM=$(basename \"$0\" .sh)\n\n# Print heading for test phases\nprint()\n{\n printf \"\\e[7m>> %-80s\\e[0m\\n\" \"$1\"\n}\n\nSKIP()\n{\n print \"TEST: SKIP\"\n [ $# -gt 0 ] && echo \"$*\"\n exit 77\n}\n\nFAIL()\n{\n print \"TEST: FAIL\"\n [ $# -gt 0 ] && echo \"$*\"\n exit 99\n}\n\nCHECK()\n{\n [ \"$@\" ] || FAIL \"$*\"\n}\n\nOK()\n{\n print \"TEST: OK\"\n [ $# -gt 0 ] && echo \"$*\"\n exit 0\n}\n\n# shellcheck disable=SC2068\ncheck_dep()\n{\n if [ -n \"$2\" ]; then\n\tif ! $@; then\n\t SKIP \"$* is not supported on this system.\"\n\tfi\n elif ! command -v \"$1\"; then\n\tSKIP \"Cannot find $1, skipping test.\"\n fi\n}\n\nshow_mroute()\n{\n # Show active routes (and counters)\n cat /proc/net/ip_mr_cache\n cat /proc/net/ip6_mr_cache\n echo \"-----------------------------------------------------------------------------------\"\n ip mroute\n ip -6 mroute\n echo \"-----------------------------------------------------------------------------------\"\n ../src/smcroutectl -pd -u \"/tmp/$NM/sock\"\n}\n\nemitter()\n{\n print \"Starting emitter(s) on $1 ...\"\n for i in $(seq 1 $2); do\n\tping -I $1 -W 1 -t 3 225.1.2.$i >/dev/null &\n\techo $! >> \"/tmp/$NM/PIDs\"\n done\n}\n\ncollect()\n{\n print \"Starting collector on $1 ...\"\n tshark -w \"/tmp/$NM/pcap\" -lni \"$@\" 2>/dev/null &\n echo $! >> \"/tmp/$NM/PIDs\"\n sleep 2\n}\n\n# Set up a basic bridge topology, two VETH pairs with one end in the\n# bridge and the other free. Each pair is also in a separate VLAN.\n#\n# No IP address assignment is done in topo files, only topology setup.\n#\n# Topology: ¦\n# vlan1 ¦ vlan2\n# \\ ¦ /\n# a1 -------- br0 --------- a2\n# ¦\n# VLAN 1 ¦ VLAN 2\n#\n# Note: in addition to VLAN filtering, the bridge has both IGMP and MLD\n# snooping disabled, because the main purpose of these tests is to\n# verify the IPv4 and IPv6 routing functionality of SMCRoute.\n# Future tests may include verifying join/leave of groups (TODO)\ntopo_bridge()\n{\n cat << EOF > \"$NM-topo.ip\"\nlink add br0 type bridge vlan_filtering 1 mcast_snooping 0\nlink add a1 type veth peer b1\nlink add a2 type veth peer b2\nlink set b1 master br0\nlink set b2 master br0\n\nlink set a1 up\nlink set b1 up\nlink set a2 up\nlink set b2 up\nlink set br0 up\n\nlink add link br0 vlan1 type vlan id 1\nlink add link br0 vlan2 type vlan id 2\n\nlink set vlan1 up\nlink set vlan2 up\nEOF\n\n # Move b2 to VLAN 2\n # Set br0 as tagged member of both VLANs\n cat < \"$NM-bridge.ip\"\nvlan add vid 2 dev b2 pvid untagged\nvlan del vid 1 dev b2\n\nvlan add vid 1 dev br0 self\nvlan add vid 2 dev br0 self\nEOF\n\n ip -force -batch \"$NM-topo.ip\"\n bridge -force -batch \"$NM-bridge.ip\"\n\n rm -f \"$NM-topo.ip\" \"$NM-bridge.ip\"\n}\n\n\n# Set up a basic dummy interface topology,\n#\n# No IP address assignment is done in topo files, only topology setup.\ntopo_basic()\n{\n cat << EOF > \"$NM-topo.ip\"\nlink add a1 type dummy\nlink set a1 up\nlink set a1 multicast on\n\nlink add a2 type dummy\nlink set a2 up\nlink set a2 multicast on\nEOF\n\n ip -force -batch \"$NM-topo.ip\"\n rm -f \"$NM-topo.ip\"\n\n return 2\n}\n\n# Same as basic topology, but with more inbound/outbound interfaces.\n#\n# No IP address assignment is done in topo files, only topology setup.\ntopo_plus()\n{\n cat << EOF > \"$NM-topo.ip\"\nlink add a1 type dummy\nlink set a1 up\nlink set a1 multicast on\n\nlink add a2 type dummy\nlink set a2 up\nlink set a2 multicast on\n\nlink add a3 type dummy\nlink set a3 up\nlink set a3 multicast on\n\nlink add a4 type dummy\nlink set a4 up\nlink set a4 multicast on\n\nlink add b1 type dummy\nlink set b1 up\nlink set b1 multicast on\n\nlink add b2 type dummy\nlink set b2 up\nlink set b2 multicast on\n\nlink add b3 type dummy\nlink set b3 up\nlink set b3 multicast on\n\nlink add b4 type dummy\nlink set b4 up\nlink set b4 multicast on\nEOF\n\n ip -force -batch \"$NM-topo.ip\"\n rm -f \"$NM-topo.ip\"\n}\n\n# Set up VLAN interfaces on top of dummy interfaces\n# shellcheck disable=SC2048\ntopo_basic_vlan()\n{\n num=$1\n shift\n\n i=1\n while [ $i -le \"$num\" ]; do\n\tiface=a$i\n\ti=$((i + 1))\n\n\tfor vid in $*; do\n\t ip link add \"$iface.$vid\" link $iface type vlan id \"$vid\"\n\t ip link set \"$iface.$vid\" up\n\t ip link set \"$iface.$vid\" multicast on\n\tdone\n done\n}\n\ntopo_isolated()\n{\n left=\"$1\"\n right=\"$2\"\n lif=$(basename \"$left\")\n rif=$(basename \"$right\")\n\n touch \"$left\" \"$right\"\n PID=$$\n\n echo \"$left\" > \"/tmp/$NM/mounts\"\n echo \"$right\" >> \"/tmp/$NM/mounts\"\n\n unshare --net=\"$left\" -- ip link set lo up\n nsenter --net=\"$left\" -- ip link add eth0 type veth peer \"$lif\"\n nsenter --net=\"$left\" -- ip link set \"$lif\" netns $PID\n nsenter --net=\"$left\" -- ip link set eth0 up\n ip link set \"$lif\" up\n\n unshare --net=\"$right\" -- ip link set lo up\n nsenter --net=\"$right\" -- ip link add eth0 type veth peer \"$rif\"\n nsenter --net=\"$right\" -- ip link set \"$rif\" netns $PID\n nsenter --net=\"$right\" -- ip link set eth0 up\n ip link set \"$rif\" up\n}\n\n# Same as bridge topology, but with the VETH endpoints constructed\n# by the isolated topology. We just rename the main namespace's\n# bridge ports to match.\ntopo_isolated_bridge()\n{\n left=\"$1\"\n right=\"$2\"\n lif=$(basename \"$left\")\n rif=$(basename \"$right\")\n\n topo_isolated \"$@\"\n\n echo \"Creating br0, adding $lif and $rif as bridge ports\"\n ip link add br0 type bridge vlan_filtering 1 mcast_snooping 0\n ip link set \"$lif\" master br0\n ip link set \"$rif\" master br0\n\n ip link set br0 up\n\n ip link add link br0 vlan1 type vlan id 1\n ip link add link br0 vlan2 type vlan id 2\n\n ip link set vlan1 up\n ip link set vlan2 up\n\n bridge vlan add vid 2 dev \"$rif\" pvid untagged\n bridge vlan del vid 1 dev \"$rif\"\n\n bridge vlan add vid 1 dev br0 self\n bridge vlan add vid 2 dev br0 self\n}\n\n# Variant of a variant ... this is the Multi Domain topology. It has\n# two isolated network namespaces and a shared segment connecting them.\n# The intention is to emulate network setups where the same base subnet\n# is reused in many places. So that when interconnecting them a string\n# of 1:1 NAT operations need to performed. These type of setups are\n# more common than one might think; factories, train cars, ... tanks.\n#\n# Note, the bridge is only used to connect the ends of the VETH pairs.\ntopo_multi()\n{\n left=\"$1\"\n right=\"$2\"\n lif=$(basename \"$left\")\n rif=$(basename \"$right\")\n\n topo_isolated \"$@\"\n\n nsenter --net=\"$left\" -- ip link add eth1 type dummy\n nsenter --net=\"$left\" -- ip link set eth1 up\n nsenter --net=\"$left\" -- ip link set eth1 multicast on\n\n nsenter --net=\"$right\" -- ip link add eth1 type dummy\n nsenter --net=\"$right\" -- ip link set eth1 up\n nsenter --net=\"$right\" -- ip link set eth1 multicast on\n\n echo \"Creating br0, adding $lif and $rif as bridge ports\"\n ip link add br0 type bridge\n ip link set \"$lif\" master br0\n ip link set \"$rif\" master br0\n\n ip link set br0 up\n}\n\ntopo_teardown()\n{\n if [ -z \"$NM\" ]; then\n\techo \"NM variable unset, skippnig teardown\"\n\texit 1\n fi\n\n if [ -f \"/tmp/$NM/pid\" ]; then\n\tPID=$(cat \"/tmp/$NM/pid\")\n\tkill -9 \"$PID\"\n fi\n\n # shellcheck disable=SC2162\n if [ -f \"/tmp/$NM/mounts\" ]; then\n while read ln; do umount \"$ln\"; rm \"$ln\"; done < \"/tmp/$NM/mounts\"\n fi\n\n # shellcheck disable=SC2162\n if [ -f \"/tmp/$NM/PIDs\" ]; then\n\twhile read ln; do kill \"$ln\" 2>/dev/null; done < \"/tmp/$NM/PIDs\"\n fi\n\n ip link del br0 2>/dev/null\n ip link del a1 2>/dev/null\n ip link del a2 2>/dev/null\n ip link del b1 2>/dev/null\n ip link del b2 2>/dev/null\n\n rm -rf \"/tmp/$NM\"\n}\n\nsignal()\n{\n echo\n if [ \"$1\" != \"EXIT\" ]; then\n\tprint \"Got signal, cleaning up\"\n fi\n topo_teardown\n}\n\n# props to https://stackoverflow.com/a/2183063/1708249\ntrapit()\n{\n func=\"$1\" ; shift\n for sig ; do\n trap \"$func $sig\" \"$sig\"\n done\n}\n\ntopo()\n{\n if [ $# -lt 1 ]; then\n\tprint \"Too few arguments to topo()\"\n\texit 1\n fi\n t=$1\n shift\n\n case \"$t\" in\n\tbridge)\n\t topo_bridge\n\t ;;\n\n\tbasic)\n\t topo_basic\n\t num=$?\n\t case \"$1\" in\n\t\tvlan)\n\t\t shift\n\t\t topo_basic_vlan $num \"$@\"\n\t\t ;;\n\t esac\n\t ;;\n\n\tisolated)\n\t case \"$1\" in\n\t\tbridge)\n\t\t shift\n\t\t topo_isolated_bridge \"$@\"\n\t\t ;;\n\t\t*)\n\t \t topo_isolated \"$@\"\n\t\t ;;\n\t esac\n\t ;;\n\n\tmulti)\n\t topo_multi \"$@\"\n\t ;;\n\n\tplus)\n\t topo_plus\n\t ;;\n\n\tteardown)\n\t topo_teardown\n\t ;;\n\t*)\n\t print \"No such topology: $t\"\n\t exit 1\n\t ;;\n esac\n}\n\n# Runs once when including lib.sh\nmkdir \"/tmp/$NM\"\ntouch \"/tmp/$NM/PIDs\"\ntrapit signal INT TERM QUIT EXIT\n" }, { "path": "test/lost.sh", "content": "#!/bin/sh\n# Verify handling when IIF for an (S,G) is changed or lost\n\n#set -x\n\ncheck_output()\n{\n echo \"ip mroute:\"\n ip mroute\n ip mroute |tee \"/tmp/$NM/result\" | grep -q \"$2\"\n oif=$?\n grep -q \"$1\" \"/tmp/$NM/result\"\n iif=$?\n # shellcheck disable=SC2166\n [ \"$oif\" = \"0\" -a \"$iif\" = \"0\" ] || FAIL\n}\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip -br a\n\nprint \"Creating config #1 ...\"\ncat < \"/tmp/$NM/conf\"\nphyint a1 enable\nphyint a2 enable\n\nmgroup from a1 group 225.1.2.3\nmroute from a1 group 225.1.2.3 to a2\n\nmgroup from a2 group 225.1.2.4\nmroute from a2 source 1.2.3.4 group 225.1.2.4 to a1\n\nmgroup from a1 group 225.2.2.5\nmroute from a1 group 225.2.2.5 to a1\n\nmgroup from a2 group 225.1.2.6\nmroute from a2 source 1.2.3.5 group 225.1.2.6 to a1\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -N -n -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\ncat /proc/net/ip_mr_vif\ncat /proc/net/ip_mr_cache\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\nshow_mroute\n\ncheck_output \"(1.2.3.4,225.1.2.4) Iif: a2 Oifs: a1\"\n\nprint \"Creating config #2 ...\"\ncat < \"/tmp/$NM/conf\"\nphyint a1 enable\nphyint a2 enable\n\nmgroup from a1 group 225.1.2.3\nmroute from a1 group 225.1.2.3 to a2\n\nmgroup from a1 group 225.1.2.4\nmroute from a1 source 1.2.3.4 group 225.1.2.4 to a2\n\nmgroup from a2 group 225.2.2.5\nmroute from a2 group 225.2.2.5 to a1\n\nmgroup from a2 group 225.1.2.6\nmroute from a2 source 1.2.3.5 group 225.1.2.6 to a1\nEOF\ncat \"/tmp/$NM/conf\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" reload\nsleep 1\n\ncheck_output \"(1.2.3.4,225.1.2.4) Iif: a1 Oifs: a2\"\n\nprint \"Deleting and restoring interface a1 => new ifindex ...\"\nip link del a1\nip link add a1 type dummy\nip link set a1 up\nip link set a1 multicast on\nip addr add 10.0.0.1/24 dev a1\n\n../src/smcroutectl -u \"/tmp/$NM/sock\" reload\nsleep 1\n\ncheck_output \"(1.2.3.4,225.1.2.4) Iif: a1 Oifs: a2\"\n\nprint \"Deleting interface a1 ...\"\nip link del a1\n../src/smcroutectl -u \"/tmp/$NM/sock\" reload\nsleep 1\ncheck_output \"(1.2.3.5,225.1.2.6) Iif: a2 State: resolved\"\n\nOK\n" }, { "path": "test/mem.sh", "content": "#!/bin/sh\n# Check for memory leaks with valgrind, should cover the basic use-cases\n# with a .conf file, reloading said .conf file, and IPC.\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Checking dependencies ...\"\nlsb_release -a\nuname -a\ncheck_dep valgrind\n\nprint \"Creating world ...\"\ntopo plus\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip addr add 20.0.0.1/24 dev a3\nip -br l\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# basic (*,G) multicast routing\nphyint a1 enable\nphyint a3 enable\nphyint foo0 enable\nphyint\n\nmgroup from a1 source 10.0.0.1 group 225.3.2.1\nmroute from a1 source 10.0.0.1 group 225.3.2.1 to a2 foo0\n\nmgroup from a1 group 225.1.2.3\nmroute from a1 group 225.1.2.3 to a2\n\nmroute from a3 group 225.1.2.3 to a1\n\nmgroup from b4 group 225.1.2.3\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Creating background ops ...\"\ncat < \"/tmp/$NM/ops.sh\"\n#!/bin/sh\n\nsleep 2\n../src/smcroutectl -dp -u \"/tmp/$NM/sock\" reload\nsleep 1\n../src/smcroutectl -dp -u \"/tmp/$NM/sock\" add a1 225.1.2.4 a3\n../src/smcroutectl -dp -u \"/tmp/$NM/sock\" add a1 10.0.0.1 225.1.2.5 a3\necho\n../src/smcroutectl -dp -u \"/tmp/$NM/sock\" show int\necho\n../src/smcroutectl -dp -u \"/tmp/$NM/sock\" show gr\necho\n../src/smcroutectl -dp -u \"/tmp/$NM/sock\" show ro\necho\nEOF\ncat \"/tmp/$NM/ops.sh\"\nchmod +x \"/tmp/$NM/ops.sh\"\n\"/tmp/$NM/ops.sh\" &\n\nprint \"Checking for memory leaks ...\"\nvalgrind -s --leak-check=full --show-leak-kinds=all --log-file=\"/tmp/$NM/valgrind.log\" ../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -l debug -P \"/tmp/$NM/pid\" -u \"/tmp/$NM/sock\" -D 5\nrc=$?\ncat \"/tmp/$NM/valgrind.log\" >> \"/tmp/$NM/log\"\n\nwait\n[ $rc -eq 0 ] || FAIL \"Failed starting valgrind, return code $rc\"\nif ! grep -q \"no leaks are possible\" \"/tmp/$NM/log\"; then\n cat \"/tmp/$NM/valgrind.log\"\n FAIL \"Leaks detected.\"\nfi\nOK\n" }, { "path": "test/mrcache.sh", "content": "#!/bin/sh\n# Verifies both IPv4 and IPv6 (S,G) add, including remove route via IPC bites in kernel.\n# Twist: uses only one interface, inteded to mimic Debian tests.\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\ndebug()\n{\n echo \"/proc/net/ip_mr_cache -------------------------------------------------------DEBUG-\"\n cat /proc/net/ip_mr_cache\n echo \"ip mroute -------------------------------------------------------------------DEBUG-\"\n ip mroute\n echo \"smcroutectl -----------------------------------------------------------------DEBUG-\"\n ../src/smcroutectl -pd -u \"/tmp/$NM/sock\"\n echo \"-----------------------------------------------------------------------------DEBUG/\"\n}\n\ncheck_add()\n{\n s=$1\n g=$2\n input=$3\n output=$4\n\n print \"Adding IPC route ($s,$g) inbound $input outbound $output ...\"\n ../src/smcroutectl -u \"/tmp/$NM/sock\" add \"$input\" \"$s\" \"$g\" \"$output\"\n # sleep 1\n\n print \"Verifying kernel route ($s,$g) Iif: $input Oif: $output ...\"\n# debug\n ip mroute > \"/tmp/$NM/routes\"\n ip -6 mroute >> \"/tmp/$NM/routes\"\n sg=$(awk \"/$s,$g/{print \\$1}\" \"/tmp/$NM/routes\")\n iif=$(awk \"/$s,$g/{print \\$3}\" \"/tmp/$NM/routes\")\n oif=$(awk \"/$s,$g/{print \\$5}\" \"/tmp/$NM/routes\")\n state=$(awk \"/$s,$g/{print \\$7}\" \"/tmp/$NM/routes\")\n CHECK \"$sg\" = \"($s,$g)\"\n CHECK \"$iif\" = \"$input\"\n CHECK \"$oif\" = \"$output\"\n CHECK \"$state\" = \"resolved\"\n}\n\ncheck_del()\n{\n s=$1\n g=$2\n input=$3\n output=$4\n\n print \"Removing IPC route ($s,$g) inbound $input outbound $output ...\"\n ../src/smcroutectl -u \"/tmp/$NM/sock\" del \"$input\" \"$s\" \"$g\"\n# sleep 1\n\n print \"Verifying kernel route for ($s,$g) has been removed ...\"\n #debug\n ip mroute > \"/tmp/$NM/routes2\"\n sg=$(awk \"/$s,$g/{print \\$1}\" \"/tmp/$NM/routes2\")\n CHECK -z \"$sg\"\n}\n\ntest_one()\n{\n check_add $1 $2 $3 $4\n check_del $1 $2 $3 $4\n}\n\nprint \"Creating world ...\"\ntopo basic\nip addr add 10.0.0.1/24 dev a1\nip addr add fc01::1/64 dev a1\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# empty\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\ntest_one 10.0.0.1 224.0.1.20 a1 a1\ntest_one fc01::1 ff01::114 a1 a1\nOK\n" }, { "path": "test/mrdisc.sh", "content": "#!/bin/sh\n# Verifies IPv4 mrdisc messages on all interfaces it is enabled on\n# Runs for two intervals to ensure interval timer works properly.\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\nphyint a1 enable mrdisc\nphyint a2 enable mrdisc\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" -m 4 &\nsleep 1\n\ncollect a2 -c3 'dst 224.0.0.106'\nsleep 10\n\nprint \"Analyzing ...\"\nlines=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 224.0.0.106 | tee \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\necho \" => $lines for 224.0.0.106 (MRDISC), expected >= 2\"\n\n# shellcheck disable=SC2086\n[ $lines -ge 2 ] && OK\nFAIL\n" }, { "path": "test/multi.sh", "content": "#!/bin/sh\n# Verify interop between multiple routers and 1:1 NAT. Same subnet and\n# source IP of multicast emitters.\n#\n# netns: R1 netns: R2\n# .-------------. .-------------.\n# | smcrouted | | smcrouted |\n# | / \\ | br0 | / \\ |\n# MC --> eth1 eth0 | / \\ | eth0 eth1 <-- MC\n# | `------' '-------' |\n# '-------------' 192.168.0.0/24 '-------------'\n# 10.0.0.0/24 10.0.0.0/24\n#\n# Since we use tshark (because tcpdump doesn't work in an unshare), and\n# it doesn't seem to be able to dump the Ethernet header, we set the TTL\n# of the two ping's to different values to be able to separate the two\n# when inspecting the pcap from br0.\n#\n# Note: modern versions of iptables have introduced the xtables.lock file\n# the default path for it can be overridden from v1.8.7 and later,\n# a workaround is to `chmod a+rw /var/run/xtables.lock`\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Checking dependencies ...\"\nlsb_release -a\nuname -a\nXTABLES_LOCK=$(mktemp -p \"/tmp/$NM\")\nexport XTABLES_LOCK\ncheck_dep unshare -mrun iptables -L 2>/dev/null\n\nprint \"Creating world ...\"\ntopo multi R1 R2\n\n# IP world ...\nnsenter --net=R1 -- ip addr add 192.168.0.10/24 dev eth0\nnsenter --net=R1 -- ip addr add 10.0.0.1/24 dev eth1\nnsenter --net=R1 -- ip route add 192.168.20.0/24 via 192.168.0.20\nnsenter --net=R1 -- iptables -t nat -A PREROUTING -d 192.168.10.0/24 -j NETMAP --to 10.0.0.0/24\nnsenter --net=R1 -- iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j NETMAP --to 192.168.10.0/24\nnsenter --net=R1 -- ip -br l\nnsenter --net=R1 -- ip -br a\n\nnsenter --net=R2 -- ip addr add 192.168.0.20/24 dev eth0\nnsenter --net=R2 -- ip addr add 10.0.0.1/24 dev eth1\nnsenter --net=R2 -- ip route add 192.168.10.0/24 via 192.168.0.10\nnsenter --net=R2 -- iptables -t nat -A PREROUTING -d 192.168.20.0/24 -j NETMAP --to 10.0.0.0/24\nnsenter --net=R2 -- iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j NETMAP --to 192.168.20.0/24\nnsenter --net=R2 -- ip -br l\nnsenter --net=R2 -- ip -br a\n\nprint \"Verifying connectivity ...\"\nprintf \"R1 (192.168.0.10) \"\nif ! nsenter --net=R1 -- ping -c 3 192.168.20.1; then\n FAIL \"R1: cannot reach ED2 via R2\"\nfi\n\nprint \"Creating config ...\"\ncat <\"/tmp/$NM/shared.conf\"\n# shared.conf for both netns\nphyint eth0 enable\nphyint eth1 enable\n\nmgroup from eth1 group 225.1.2.3\nmroute from eth1 group 225.1.2.3 to eth0\n\n# Disable for now, maybe use in another test. With this\n# disabled we get WRONGVIF messages from the kernel that\n# can extend this test to verify.\n#mgroup from eth0 group 225.1.2.3\n#mroute from eth0 group 225.1.2.3 to eth1\nEOF\ncat \"/tmp/$NM/shared.conf\"\n\nprint \"Starting smcrouted instances ...\"\nnsenter --net=R1 -- ../src/smcrouted -f \"/tmp/$NM/shared.conf\" -n -N -i R1 -l debug -u \"/tmp/$NM/R1.sock\" &\necho $! >> \"/tmp/$NM/PIDs\"\nnsenter --net=R2 -- ../src/smcrouted -f \"/tmp/$NM/shared.conf\" -n -N -i R2 -l debug -u \"/tmp/$NM/R2.sock\" &\necho $! >> \"/tmp/$NM/PIDs\"\nsleep 1\n\ncollect br0 -c10 'dst 225.1.2.3'\n\nprint \"Starting emitters ...\"\nnsenter --net=R1 -- ping -c 5 -W 1 -I eth1 -t 11 225.1.2.3 > /dev/null &\nsleep 1\nnsenter --net=R2 -- ping -c 5 -W 1 -I eth1 -t 21 225.1.2.3 > /dev/null &\nsleep 5\n\nprint \"R1 multicast routes and 1:1 NAT ...\"\nnsenter --net=R1 -- ip mroute\nnsenter --net=R1 -- ../src/smcroutectl -d -u \"/tmp/$NM/R1.sock\"\nnsenter --net=R1 -- iptables -v -L -t nat\n\nprint \"R2 multicast routes and 1:1 NAT ...\"\nnsenter --net=R2 -- ip mroute\nnsenter --net=R2 -- ../src/smcroutectl -d -u \"/tmp/$NM/R2.sock\"\nnsenter --net=R2 -- iptables -v -L -t nat\n\nprint \"Analyzing br0 pcap, data from R1 and R2 ...\"\nlines1=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.3 | grep 'ttl=10' | tee \"/tmp/$NM/result\" | wc -l)\nlines2=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.3 | grep 'ttl=20' | tee -a \"/tmp/$NM/result\" | wc -l)\ncat \"/tmp/$NM/result\"\n\necho \" => $lines1 for group 225.1.2.3 from R1, expected >= 4\"\necho \" => $lines2 for group 225.1.2.3 from R2, expected >= 4\"\n\n# Expect one frame loss due to initial (*,G) -> (S,G) route setup\n# shellcheck disable=SC2086 disable=SC2166\n[ $lines1 -ge 4 -a $lines2 -ge 4 ] && OK\nFAIL\n" }, { "path": "test/poison.sh", "content": "#!/bin/sh\n# Verify stop-filter, or \"poison pill\", routes for non-matching routes,\n# and that they do not affect flows from matching routes.\n\ncheck_output()\n{\n if ! ip $1 mroute | grep -q \"$2\"; then\n\tFAIL \"Did not even register $2\"\n fi\n\n if ip $1 mroute | grep -q \"$2\" | grep -q \"$3\"; then\n\tFAIL \"No stop-filter route set for $2\"\n fi\n}\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo plus\nip -d l\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip addr add 30.0.0.1/24 dev b3\n\nip addr add 2001:1::1/64 dev a1\nip addr add fc00::42/64 dev a1\nip addr add 2001:2::1/64 dev a2\nip addr add 2001:3::1/64 dev b3\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# basic (*,G/LEN) multicast routing\nphyint a1 enable\nphyint a2 enable\nphyint b3 enable\n\nmroute from a1 group 225.1.2.3/24 to b3\nmroute from a2 group 225.1.2.3/24 to b3\nmroute from a1 group ff2e::42/121 to b3\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\ncollect b3 -c15 'dst 225.1.2.1 or dst ff2e::42'\nip -d l\nip -br a\n\nprint \"Starting emitter ...\"\nping -c 3 -W 1 -I b3 -t 2 225.1.2.1 >/dev/null\nping -c 3 -W 1 -I a2 -t 2 225.1.2.1 >/dev/null\nping -c 3 -W 1 -I a1 -t 2 225.1.2.1 >/dev/null\nping -6 -c 3 -W 1 -I b3 -t 2 ff2e::42 >/dev/null\nping -6 -c 3 -W 1 -I fc00::42 -t 2 ff2e::42 >/dev/null\n\nshow_mroute\n\nprint \"Analyzing ...\"\ncheck_output -4 \"(30.0.0.1,225.1.2.1)\" \"Oifs: b3\"\ncheck_output -6 \"(2001:3::1,ff2e::42)\" \"Oifs: b3\"\n\nlines1=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep 225.1.2.1 | tee \"/tmp/$NM/result\" | wc -l)\nlines2=$(tshark -r \"/tmp/$NM/pcap\" 2>/dev/null | grep ff2e::42 | tee -a \"/tmp/$NM/result\" | wc -l)\n\ncat \"/tmp/$NM/result\"\necho \" => $lines1 for 225.1.2.1, expected >= 7\"\necho \" => $lines2 for ff2e::42, expected >= 5\"\n\n########################################################################### DONE\n# Expect one frame lost due to initial (*,G) -> (S,G) route setup\n# shellcheck disable=SC2166 disable=SC2086\n[ $lines1 -ge 7 -a $lines2 -ge 5 ] && OK\nFAIL\n" }, { "path": "test/reload.sh", "content": "#!/bin/sh\n# Verifies SIGHUP/reload functionality\n# XXX: add group verification as well\n#set -x\n\ncheck_output()\n{\n echo \"ip mroute:\"\n ip mroute\n ip mroute |tee \"/tmp/$NM/result\" | grep -q \"$2\"\n oif=$?\n grep -q \"$1\" \"/tmp/$NM/result\"\n iif=$?\n # shellcheck disable=SC2166\n [ \"$oif\" = \"0\" -a \"$iif\" = \"0\" ] || FAIL\n}\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo plus\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip addr add 30.0.0.1/24 dev a3\nip addr add 40.0.0.1/24 dev a4\nip addr add 50.0.0.1/24 dev b1\nip addr add 60.0.0.1/24 dev b2\nip addr add 70.0.0.1/24 dev b3\nip addr add 80.0.0.1/24 dev b4\nip -br a\n\nprint \"Creating config #1 ...\"\ncat < \"/tmp/$NM/conf\"\nphyint a1 enable\nphyint b1 enable\nphyint b3 enable\n\nmgroup from a1 source 10.0.0.1 group 225.3.2.1\nmroute from a1 source 10.0.0.1 group 225.3.2.1 to b1 b3\n\nmgroup from a1 group 225.1.2.3\nmroute from a1 group 225.1.2.3 to b1\nmroute from a1 group 225.1.2.4 to b1\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -N -n -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\ncat /proc/net/ip_mr_vif\ncat /proc/net/ip_mr_cache\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\nshow_mroute\n\ncheck_output \"Iif: a1\" \"Oifs: b1 b3\"\n\nprint \"Creating config #2 ...\"\ncat < \"/tmp/$NM/conf\"\nphyint a1 enable ttl-threshold 1\nphyint a3 enable ttl-threshold 3\nphyint b2 enable ttl-threshold 2\nphyint b3 enable ttl-threshold 3\nphyint b4 enable ttl-threshold 4\n\nmgroup from a1 source 10.0.0.1 group 225.3.2.1\nmroute from a1 source 10.0.0.1 group 225.3.2.1 to b2 b3\n\nmgroup from a3 group 225.1.2.4\nmroute from a3 group 225.1.2.4 to b3 b4\nEOF\ncat \"/tmp/$NM/conf\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" reload\nsleep 1\n\ncat /proc/net/ip_mr_vif\ncat /proc/net/ip_mr_cache\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\nshow_mroute\n\ncheck_output \"Iif: a1\" \"Oifs: b3(ttl 3) b2(ttl 2)\"\n\nprint \"Updating route from smcroutectl ...\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" add a1 10.0.0.1 225.3.2.1 b4\nshow_mroute\n\ncheck_output \"Iif: a1\" \"Oifs: b3(ttl 3) b2(ttl 2) b4(ttl 4)\"\nOK\n" }, { "path": "test/reload6.sh", "content": "#!/bin/sh\n# Verifies SIGHUP/reload functionality\n# XXX: add group verification as well\n#set -x\n\ncheck_output()\n{\n ip -6 mroute |tee \"/tmp/$NM/result\" | grep -q \"$2\"\n oif=$?\n grep -q \"$1\" \"/tmp/$NM/result\"\n iif=$?\n # shellcheck disable=SC2166\n [ \"$oif\" = \"0\" -a \"$iif\" = \"0\" ] || FAIL\n}\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo plus\nip addr add 2001:1::1/64 dev a1\nip addr add 2001:2::1/64 dev a2\nip addr add 2001:3::1/64 dev a3\nip addr add 2001:4::1/64 dev a4\nip addr add 2001:5::1/64 dev b1\nip addr add 2001:6::1/64 dev b2\nip addr add 2001:7::1/64 dev b3\nip addr add 2001:8::1/64 dev b4\nip -br a\n\nprint \"Creating config #1 ...\"\ncat < \"/tmp/$NM/conf\"\nphyint a1 enable ttl-threshold 1\nphyint b1 enable ttl-threshold 1\nphyint b3 enable ttl-threshold 3\n\nmgroup from a1 source fc00::1 group ff2e::42\nmroute from a1 source fc00::1 group ff2e::42 to b1 b3\n\nmgroup from a1 group ff2e::43\nmroute from a1 group ff2e::43 to b1\nmroute from a1 group ff2e::44 to b1\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -N -n -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\nip -6 maddr\ncat /proc/net/ip6_mr_vif\nshow_mroute\n\ncheck_output \"Iif: a1\" \"Oifs: b1 b3\"\n\nprint \"Creating config #2 ...\"\ncat < \"/tmp/$NM/conf\"\nphyint a1 enable ttl-threshold 1\nphyint a3 enable ttl-threshold 3\nphyint b2 enable ttl-threshold 2\nphyint b3 enable ttl-threshold 3\nphyint b4 enable ttl-threshold 4\n\nmgroup from a1 source fc00::1 group ff2e::42\nmroute from a1 source fc00::1 group ff2e::42 to b2 b3\n\nmgroup from a3 group ff2e::44\nmroute from a3 group ff2e::44 to b3 b4\nEOF\ncat \"/tmp/$NM/conf\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" reload\nsleep 1\n\n../src/smcroutectl -pu \"/tmp/$NM/sock\" show groups\nip -6 maddr\ncat /proc/net/ip6_mr_vif\nshow_mroute\n\ncheck_output \"Iif: a1\" \"Oifs: b3 b2\"\n\nprint \"Updating route from smcroutectl ...\"\n../src/smcroutectl -u \"/tmp/$NM/sock\" add a1 fc00::1 ff2e::42 b4\nshow_mroute\n\ncheck_output \"Iif: a1\" \"Oifs: b3 b2 b4\"\nOK\n" }, { "path": "test/vlan.sh", "content": "#!/bin/sh\n# Verify IPv4 (*,G) routing on top of VLAN interfaces\n#set -x\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic vlan 100 110\nip addr add 10.100.0.1/24 dev a1.100\nip addr add 10.110.0.1/24 dev a1.110\nip addr add 20.100.0.1/24 dev a2.100\nip addr add 20.110.0.1/24 dev a2.110\nip -br a\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# vlan (*,G) multicast routing\nphyint a1.100 enable\nphyint a1.110 enable\nphyint a2.110 enable\nmroute from a1.100 group 225.1.2.3 to a1.110 a2.110\nmroute from a2.110 group 225.3.2.1 to a1.110 a1.100\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Starting smcrouted ...\"\n../src/smcrouted -f \"/tmp/$NM/conf\" -n -N -P \"/tmp/$NM/pid\" -l debug -u \"/tmp/$NM/sock\" &\nsleep 1\n\nprint \"Starting collectors ...\"\ntshark -c 6 -lni a1.110 -w \"/tmp/$NM/pcap1\" 'icmp and (dst 225.1.2.3 or dst 225.3.2.1)' 2>/dev/null &\necho $! >> \"/tmp/$NM/PIDs\"\ntshark -c 3 -lni a2.110 -w \"/tmp/$NM/pcap2\" 'icmp and dst 225.1.2.3' 2>/dev/null &\necho $! >> \"/tmp/$NM/PIDs\"\ntshark -c 3 -lni a1.100 -w \"/tmp/$NM/pcap3\" 'icmp and dst 225.3.2.1' 2>/dev/null &\necho $! >> \"/tmp/$NM/PIDs\"\nsleep 1\n\nprint \"Starting emitters ...\"\nping -c 3 -W 1 -I a1.100 -t 2 225.1.2.3 >/dev/null\nping -c 3 -W 1 -I a2.110 -t 2 225.3.2.1 >/dev/null\nshow_mroute\n\nprint \"Analyzing ...\"\nlines1=$(tshark -r \"/tmp/$NM/pcap1\" 2>/dev/null | grep 225.1.2.3 | tee \"/tmp/$NM/result1\" | wc -l)\nlines2=$(tshark -r \"/tmp/$NM/pcap1\" 2>/dev/null | grep 225.3.2.1 | tee -a \"/tmp/$NM/result1\" | wc -l)\nlines3=$(tshark -r \"/tmp/$NM/pcap2\" 2>/dev/null | grep 225.1.2.3 | tee \"/tmp/$NM/result2\" | wc -l)\nlines4=$(tshark -r \"/tmp/$NM/pcap3\" 2>/dev/null | grep 225.3.2.1 | tee \"/tmp/$NM/result3\" | wc -l)\necho \"Receieved on a1.110, expected >=2 pkt of 225.1.2.3 and >=2 pkt 225.3.2.1:\"\ncat \"/tmp/$NM/result1\"\necho \"Receieved on a2.110, expected >=2 pkt of 225.1.2.3:\"\ncat \"/tmp/$NM/result2\"\necho \"Receieved on a1.100, expected >=2 pkt of 225.3.2.1:\"\ncat \"/tmp/$NM/result3\"\n\n########################################################################### DONE\n# one frame lost due to initial (*,G) -> (S,G) setup\n# shellcheck disable=SC2086 disable=SC2166\n[ $lines1 -ge 2 -a $lines2 -ge 2 -a $lines3 -ge 2 -a $lines4 -ge 2 ] && OK\nFAIL\n" }, { "path": "test/vrfy.sh", "content": "#!/bin/sh\n# Limited verifier of the smcrouted .conf file checker\n\n# shellcheck source=/dev/null\n. \"$(dirname \"$0\")/lib.sh\"\n\nprint \"Creating world ...\"\ntopo basic\nip addr add 10.0.0.1/24 dev a1\nip addr add 20.0.0.1/24 dev a2\nip -br l\n\nprint \"Creating config ...\"\ncat < \"/tmp/$NM/conf\"\n# basic (*,G) multicast routing\nphyint a1 enable\nphyint a3 enable\nphyint\n\nmgroup from a1 source 10.0.0.1 group 225.3.2.1\nmroute from a1 source 10.0.0.1 group 225.3.2.1 to a2 a3\n\nmgroup from a1 group 225.1.2.3\nmroute from a1 group 225.1.2.3 to a2\n\nmroute from a3 group 225.1.2.3 to a1\n\nmgroup from b4 group 225.1.2.3\nEOF\ncat \"/tmp/$NM/conf\"\n\nprint \"Verifying config ...\"\n../src/smcrouted -N -F \"/tmp/$NM/conf\" -l info\nrc=$?\necho \"Return code: $rc\"\n\n[ $rc -eq 78 ] && OK\nFAIL\n" } ]