fixed interface/defaultgw problem

3 files changed, 18 insertions, 11 deletions

diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 3f3564295..4473e306c 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -539,6 +539,7 @@ int sandbox(void* sandbox_arg) {
         //****************************
         // networking
         //****************************
+        int gw_cfg_failed = 0; // default gw configuration flag
         if (arg_nonetwork) {
                 net_if_up("lo");
                 if (arg_debug)
@@ -564,13 +565,6 @@ int sandbox(void* sandbox_arg) {
                         net_config_mac(cfg.bridge3.devsandbox, cfg.bridge3.macsandbox);
                 sandbox_if_up(&cfg.bridge3);
                 
-                // add a default route
-                if (cfg.defaultgw) {
-                        // set the default route
-                        if (net_add_route(0, 0, cfg.defaultgw))
-                                fprintf(stderr, "Warning: cannot configure default route\n");
-                }
-                
                 // enable interfaces
                 if (cfg.interface0.configured && cfg.interface0.ip) {
                         if (arg_debug)
@@ -597,6 +591,15 @@ int sandbox(void* sandbox_arg) {
                         net_if_up(cfg.interface3.dev);
                 }                       
                         
+                // add a default route
+                if (cfg.defaultgw) {
+                        // set the default route
+                        if (net_add_route(0, 0, cfg.defaultgw)) {
+                                fprintf(stderr, "Warning: cannot configure default route\n");
+                                gw_cfg_failed = 1;
+                        }
+                }
+
                 if (arg_debug)
                         printf("Network namespace enabled\n");
         }
@@ -612,8 +615,12 @@ int sandbox(void* sandbox_arg) {
                         printf("\n");
                         if (any_bridge_configured() || any_interface_configured())
                                 net_ifprint();
-                        if (cfg.defaultgw != 0)
-                                printf("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw));
+                        if (cfg.defaultgw != 0) {
+                                if (gw_cfg_failed)
+                                        printf("Default gateway configuration failed\n");
+                                else
+                                        printf("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw));
+                        }
                         if (cfg.dns1 != 0)
                                 printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns1));
                         if (cfg.dns2 != 0)
diff --git a/test/compile/compile.sh b/test/compile/compile.sh
index e3e9bef2b..c6b1d1928 100755
--- a/test/compile/compile.sh
+++ b/test/compile/compile.sh
@@ -15,7 +15,7 @@ arr[9]="TEST 9: compile file transfer disabled"
 cleanup() {
         rm -f report*
         rm -fr firejail
-        rm oc* om*
+        rm -f oc* om*
 }
 
 print_title() {
diff --git a/test/dist-compile/compile.sh b/test/dist-compile/compile.sh
index a9c1656ee..e0d29281b 100755
--- a/test/dist-compile/compile.sh
+++ b/test/dist-compile/compile.sh
@@ -15,7 +15,7 @@ arr[9]="TEST 9: compile file transfer disabled"
 cleanup() {
         rm -f report*
         rm -fr firejail
-        rm oc* om*
+        rm -f oc* om*
 }
 
 print_title() {