diff options
Diffstat (limited to 'bbot/machine.cxx')
-rw-r--r-- | bbot/machine.cxx | 66 |
1 files changed, 35 insertions, 31 deletions
diff --git a/bbot/machine.cxx b/bbot/machine.cxx index ce07c94..86448cf 100644 --- a/bbot/machine.cxx +++ b/bbot/machine.cxx @@ -31,45 +31,49 @@ namespace bbot const char* a, const string& tap, const string& br, - uint16_t port) + uint16_t port, + bool ignore_errors = false) { string addr (iface_addr (br)); + auto_fd fdn (ignore_errors ? fdnull () : nullfd); + int ofd (ignore_errors ? fdn.get () : 2); + process_exit::code_type e; - e = run_exit (t, - "sudo", "iptables", - "-t", "nat", - a, "PREROUTING", - "-m", "udp", - "-p", "udp", - "-m", "physdev", - "-i", br, - "--physdev-in", tap, - "--dport", 69, - "-j", "DNAT", - "--to-destination", addr + ':' + to_string (port)); - - if (e != 0 && port != 0) + e = run_io_exit (t, 0, ofd, ofd, + "sudo", "iptables", + "-t", "nat", + a, "PREROUTING", + "-m", "udp", + "-p", "udp", + "-m", "physdev", + "-i", br, + "--physdev-in", tap, + "--dport", 69, + "-j", "DNAT", + "--to-destination", addr + ':' + to_string (port)); + + if (e != 0 && !ignore_errors) fail << "process iptables terminated with non-zero exit code"; // Nobody really knows whether this is really needed (really)... // - e = run_exit (t, - "sudo", "iptables", - a, "FORWARD", - "-m", "udp", - "-p", "udp", - "-m", "physdev", - "-o", br, - "--physdev-out", tap, - "-d", addr, - "--dport", port, - "-m", "state", - "--state", "NEW,ESTABLISHED,RELATED", - "-j", "ACCEPT"); - - if (e != 0 && port != 0) + e = run_io_exit (t, 0, ofd, ofd, + "sudo", "iptables", + a, "FORWARD", + "-m", "udp", + "-p", "udp", + "-m", "physdev", + "-o", br, + "--physdev-out", tap, + "-d", addr, + "--dport", port, + "-m", "state", + "--state", "NEW,ESTABLISHED,RELATED", + "-j", "ACCEPT"); + + if (e != 0 && !ignore_errors) fail << "process iptables terminated with non-zero exit code"; } @@ -82,7 +86,7 @@ namespace bbot // First try to delete it in case there is one from a previous run. // - //iptables (trace, "-D", t, br, 0); // Any port. + iptables (trace, "-D", t, br, port, true); // Ignore errors. run_exit (trace, "sudo", "ip", "tuntap", "delete", t, "mode", "tap"); run (trace, "sudo", "ip", "tuntap", "add", t, "mode", "tap", "user", uid); |