diff options
| author |  root <root@debian> | 2016-04-25 09:54:17 -0400 |
|---|---|---|
| committer | root <root@debian> | 2016-04-25 09:54:17 -0400 |
| commit | c92dc59bef0d34541c10fd535d91d876d214a5d8 (patch) | |
| tree | 270bbadb3380ce0d144cb351f09062e40b4da456 /src | |
| parent | cyberfox profile (diff) | |
| download | firejail-c92dc59bef0d34541c10fd535d91d876d214a5d8.tar.gz firejail-c92dc59bef0d34541c10fd535d91d876d214a5d8.tar.zst firejail-c92dc59bef0d34541c10fd535d91d876d214a5d8.zip | |
fixed interface/defaultgw problem
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/sandbox.c | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 3f3564295..4473e306c 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
| @@ -539,6 +539,7 @@ int sandbox(void* sandbox_arg) { | |||
| 539 | //**************************** | 539 | //**************************** |
| 540 | // networking | 540 | // networking |
| 541 | //**************************** | 541 | //**************************** |
| 542 | int gw_cfg_failed = 0; // default gw configuration flag | ||
| 542 | if (arg_nonetwork) { | 543 | if (arg_nonetwork) { |
| 543 | net_if_up("lo"); | 544 | net_if_up("lo"); |
| 544 | if (arg_debug) | 545 | if (arg_debug) |
| @@ -564,13 +565,6 @@ int sandbox(void* sandbox_arg) { | |||
| 564 | net_config_mac(cfg.bridge3.devsandbox, cfg.bridge3.macsandbox); | 565 | net_config_mac(cfg.bridge3.devsandbox, cfg.bridge3.macsandbox); |
| 565 | sandbox_if_up(&cfg.bridge3); | 566 | sandbox_if_up(&cfg.bridge3); |
| 566 | 567 | ||
| 567 | // add a default route | ||
| 568 | if (cfg.defaultgw) { | ||
| 569 | // set the default route | ||
| 570 | if (net_add_route(0, 0, cfg.defaultgw)) | ||
| 571 | fprintf(stderr, "Warning: cannot configure default route\n"); | ||
| 572 | } | ||
| 573 | |||
| 574 | // enable interfaces | 568 | // enable interfaces |
| 575 | if (cfg.interface0.configured && cfg.interface0.ip) { | 569 | if (cfg.interface0.configured && cfg.interface0.ip) { |
| 576 | if (arg_debug) | 570 | if (arg_debug) |
| @@ -597,6 +591,15 @@ int sandbox(void* sandbox_arg) { | |||
| 597 | net_if_up(cfg.interface3.dev); | 591 | net_if_up(cfg.interface3.dev); |
| 598 | } | 592 | } |
| 599 | 593 | ||
| 594 | // add a default route | ||
| 595 | if (cfg.defaultgw) { | ||
| 596 | // set the default route | ||
| 597 | if (net_add_route(0, 0, cfg.defaultgw)) { | ||
| 598 | fprintf(stderr, "Warning: cannot configure default route\n"); | ||
| 599 | gw_cfg_failed = 1; | ||
| 600 | } | ||
| 601 | } | ||
| 602 | |||
| 600 | if (arg_debug) | 603 | if (arg_debug) |
| 601 | printf("Network namespace enabled\n"); | 604 | printf("Network namespace enabled\n"); |
| 602 | } | 605 | } |
| @@ -612,8 +615,12 @@ int sandbox(void* sandbox_arg) { | |||
| 612 | printf("\n"); | 615 | printf("\n"); |
| 613 | if (any_bridge_configured() || any_interface_configured()) | 616 | if (any_bridge_configured() || any_interface_configured()) |
| 614 | net_ifprint(); | 617 | net_ifprint(); |
| 615 | if (cfg.defaultgw != 0) | 618 | if (cfg.defaultgw != 0) { |
| 616 | printf("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw)); | 619 | if (gw_cfg_failed) |
| 620 | printf("Default gateway configuration failed\n"); | ||
| 621 | else | ||
| 622 | printf("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw)); | ||
| 623 | } | ||
| 617 | if (cfg.dns1 != 0) | 624 | if (cfg.dns1 != 0) |
| 618 | printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns1)); | 625 | printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns1)); |
| 619 | if (cfg.dns2 != 0) | 626 | if (cfg.dns2 != 0) |