diff options
author | netblue30 <netblue30@yahoo.com> | 2015-08-08 19:12:30 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-08-08 19:12:30 -0400 |
commit | 1379851360349d6617ad32944a25ee5e2bb74fc2 (patch) | |
tree | f69b48e90708bfa3c2723d5a27ed3e024c827b43 /src/firemon/interface.c | |
parent | delete files (diff) | |
download | firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.tar.gz firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.tar.zst firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.zip |
Baseline firejail 0.9.28
Diffstat (limited to 'src/firemon/interface.c')
-rw-r--r-- | src/firemon/interface.c | 176 |
1 files changed, 176 insertions, 0 deletions
diff --git a/src/firemon/interface.c b/src/firemon/interface.c new file mode 100644 index 000000000..52a9c33cd --- /dev/null +++ b/src/firemon/interface.c | |||
@@ -0,0 +1,176 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com) | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | #include "firemon.h" | ||
21 | #include <sys/types.h> | ||
22 | #include <sys/wait.h> | ||
23 | #include <netdb.h> | ||
24 | #include <arpa/inet.h> | ||
25 | #include <ifaddrs.h> | ||
26 | #include <net/if.h> | ||
27 | #include <linux/connector.h> | ||
28 | #include <linux/netlink.h> | ||
29 | #include <linux/if_link.h> | ||
30 | #include <linux/sockios.h> | ||
31 | #include <sys/ioctl.h> | ||
32 | |||
33 | //#include <net/route.h> | ||
34 | //#include <linux/if_bridge.h> | ||
35 | |||
36 | // print IP addresses for all interfaces | ||
37 | static void net_ifprint(void) { | ||
38 | uint32_t ip; | ||
39 | uint32_t mask; | ||
40 | struct ifaddrs *ifaddr, *ifa; | ||
41 | |||
42 | int fd; | ||
43 | if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { | ||
44 | fprintf(stderr, "Error: cannot open AF_INET socket\n"); | ||
45 | exit(1); | ||
46 | } | ||
47 | |||
48 | if (getifaddrs(&ifaddr) == -1) | ||
49 | errExit("getifaddrs"); | ||
50 | |||
51 | // walk through the linked list | ||
52 | printf(" Link status:\n"); | ||
53 | for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) { | ||
54 | if (ifa->ifa_addr == NULL) | ||
55 | continue; | ||
56 | |||
57 | if (ifa->ifa_addr->sa_family == AF_PACKET) { | ||
58 | if (ifa->ifa_flags & IFF_RUNNING && ifa->ifa_flags & IFF_UP) { | ||
59 | if (ifa->ifa_data != NULL) { | ||
60 | struct rtnl_link_stats *stats = ifa->ifa_data; | ||
61 | |||
62 | // extract mac address | ||
63 | struct ifreq ifr; | ||
64 | memset(&ifr, 0, sizeof(ifr)); | ||
65 | strncpy(ifr.ifr_name, ifa->ifa_name, IFNAMSIZ); | ||
66 | int rv = ioctl (fd, SIOCGIFHWADDR, &ifr); | ||
67 | |||
68 | if (rv == 0) | ||
69 | printf(" %s UP, %02x:%02x:%02x:%02x:%02x:%02x\n", | ||
70 | ifa->ifa_name, PRINT_MAC((unsigned char *) &ifr.ifr_hwaddr.sa_data)); | ||
71 | else | ||
72 | printf(" %s UP\n", ifa->ifa_name); | ||
73 | |||
74 | printf(" tx/rx: %u/%u packets, %u/%u bytes\n", | ||
75 | stats->tx_packets, stats->rx_packets, | ||
76 | stats->tx_bytes, stats->rx_bytes); | ||
77 | } | ||
78 | } | ||
79 | else | ||
80 | printf(" %s DOWN\n", ifa->ifa_name); | ||
81 | } | ||
82 | } | ||
83 | |||
84 | |||
85 | // walk through the linked list | ||
86 | printf(" IPv4 status:\n"); | ||
87 | for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) { | ||
88 | if (ifa->ifa_addr == NULL) | ||
89 | continue; | ||
90 | |||
91 | if (ifa->ifa_addr->sa_family == AF_INET) { | ||
92 | struct sockaddr_in *si = (struct sockaddr_in *) ifa->ifa_netmask; | ||
93 | mask = ntohl(si->sin_addr.s_addr); | ||
94 | si = (struct sockaddr_in *) ifa->ifa_addr; | ||
95 | ip = ntohl(si->sin_addr.s_addr); | ||
96 | |||
97 | char *status; | ||
98 | if (ifa->ifa_flags & IFF_RUNNING && ifa->ifa_flags & IFF_UP) | ||
99 | status = "UP"; | ||
100 | else | ||
101 | status = "DOWN"; | ||
102 | |||
103 | printf(" %s %s, %d.%d.%d.%d/%u\n", | ||
104 | ifa->ifa_name, status, PRINT_IP(ip), mask2bits(mask)); | ||
105 | } | ||
106 | } | ||
107 | |||
108 | |||
109 | // walk through the linked list | ||
110 | printf(" IPv6 status:\n"); | ||
111 | for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) { | ||
112 | if (ifa->ifa_addr == NULL) | ||
113 | continue; | ||
114 | |||
115 | if (ifa->ifa_addr->sa_family == AF_INET6) { | ||
116 | char host[NI_MAXHOST]; | ||
117 | int s = getnameinfo(ifa->ifa_addr, sizeof(struct sockaddr_in6), | ||
118 | host, NI_MAXHOST, NULL, 0, NI_NUMERICHOST); | ||
119 | if (s == 0) { | ||
120 | char *ptr; | ||
121 | if ((ptr = strchr(host, '%')) != NULL) | ||
122 | *ptr = '\0'; | ||
123 | char *status; | ||
124 | if (ifa->ifa_flags & IFF_RUNNING && ifa->ifa_flags & IFF_UP) | ||
125 | status = "UP"; | ||
126 | else | ||
127 | status = "DOWN"; | ||
128 | |||
129 | printf(" %s %s, %s\n", ifa->ifa_name, status, host); | ||
130 | } | ||
131 | } | ||
132 | } | ||
133 | |||
134 | freeifaddrs(ifaddr); | ||
135 | close(fd); | ||
136 | } | ||
137 | |||
138 | static void print_sandbox(pid_t pid) { | ||
139 | pid_t child = fork(); | ||
140 | if (child == -1) | ||
141 | return; | ||
142 | |||
143 | if (child == 0) { | ||
144 | int rv = join_namespace(pid, "net"); | ||
145 | if (rv) | ||
146 | return; | ||
147 | net_ifprint(); | ||
148 | printf("\n"); | ||
149 | exit(0); | ||
150 | } | ||
151 | |||
152 | // wait for the child to finish | ||
153 | waitpid(child, NULL, 0); | ||
154 | } | ||
155 | |||
156 | void interface(pid_t pid) { | ||
157 | if (getuid() != 0) { | ||
158 | fprintf(stderr, "Error: you need to be root to run this command\n"); | ||
159 | exit(1); | ||
160 | } | ||
161 | |||
162 | pid_read(pid); // a pid of 0 will include all processes | ||
163 | |||
164 | // print processes | ||
165 | int i; | ||
166 | for (i = 0; i < max_pids; i++) { | ||
167 | if (pids[i].level == 1) { | ||
168 | pid_print_list(i, 0); | ||
169 | int child = find_child(i); | ||
170 | if (child != -1) { | ||
171 | print_sandbox(child); | ||
172 | } | ||
173 | } | ||
174 | } | ||
175 | } | ||
176 | |||