From 0e48f9933c19e297b9d629b4416c7f94d411d333 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@protonmail.com>
Date: Wed, 8 Mar 2023 11:13:02 -0500
Subject: remove firemon --interface option - it is a duplication of firejail
 --net.print

---
 src/firemon/firemon.c   |  15 +----
 src/firemon/firemon.h   |   3 -
 src/firemon/interface.c | 175 ------------------------------------------------
 src/man/firemon.txt     |   3 -
 4 files changed, 1 insertion(+), 195 deletions(-)
 delete mode 100644 src/firemon/interface.c

(limited to 'src')

diff --git a/src/firemon/firemon.c b/src/firemon/firemon.c
index 01167e555..d82f387ff 100644
--- a/src/firemon/firemon.c
+++ b/src/firemon/firemon.c
@@ -30,7 +30,6 @@ int arg_debug = 0;
 static int arg_route = 0;
 static int arg_arp = 0;
 static int arg_tree = 0;
-static int arg_interface = 0;
 static int arg_seccomp = 0;
 static int arg_caps = 0;
 static int arg_cpu = 0;
@@ -178,13 +177,6 @@ int main(int argc, char **argv) {
 			arg_seccomp = 1;
 		else if (strcmp(argv[i], "--caps") == 0)
 			arg_caps = 1;
-		else if (strcmp(argv[i], "--interface") == 0) {
-			if (getuid() != 0) {
-				fprintf(stderr, "Error: you need to be root to run this command\n");
-				exit(1);
-			}
-			arg_interface = 1;
-		}
 #ifdef HAVE_NETWORK
 		else if (strcmp(argv[i], "--route") == 0)
 			arg_route = 1;
@@ -261,13 +253,12 @@ int main(int argc, char **argv) {
 
 	// if --name requested without other options, print all data
 	if (pid && !arg_cpu && !arg_seccomp && !arg_caps && !arg_apparmor &&
-	    !arg_x11 && !arg_interface && !arg_route && !arg_arp) {
+	    !arg_x11  && !arg_route && !arg_arp) {
 		arg_tree = 1;
 		arg_cpu = 1;
 		arg_seccomp = 1;
 		arg_caps = 1;
 		arg_x11 = 1;
-		arg_interface = 1;
 		arg_route = 1;
 		arg_arp = 1;
 		arg_apparmor = 1;
@@ -295,10 +286,6 @@ int main(int argc, char **argv) {
 		x11((pid_t) pid, print_procs);
 		print_procs = 0;
 	}
-	if (arg_interface && getuid() == 0) {
-		interface((pid_t) pid, print_procs);
-		print_procs = 0;
-	}
 	if (arg_route) {
 		route((pid_t) pid, print_procs);
 		print_procs = 0;
diff --git a/src/firemon/firemon.h b/src/firemon/firemon.h
index dae071e89..8b6e75fc3 100644
--- a/src/firemon/firemon.h
+++ b/src/firemon/firemon.h
@@ -57,9 +57,6 @@ void top(void) __attribute__((noreturn));
 // list.c
 void list(void);
 
-// interface.c
-void interface(pid_t pid, int print_procs);
-
 // arp.c
 void arp(pid_t pid, int print_procs);
 
diff --git a/src/firemon/interface.c b/src/firemon/interface.c
deleted file mode 100644
index a8e78133b..000000000
--- a/src/firemon/interface.c
+++ /dev/null
@@ -1,175 +0,0 @@
-/*
- * Copyright (C) 2014-2023 Firejail Authors
- *
- * This file is part of firejail project
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-*/
-#include "firemon.h"
-#include "../include/gcov_wrapper.h"
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <netdb.h>
-#include <arpa/inet.h>
-#include <ifaddrs.h>
-#include <net/if.h>
-#include <linux/connector.h>
-#include <linux/netlink.h>
-#include <linux/if_link.h>
-#include <linux/sockios.h>
-#include <sys/ioctl.h>
-
-//#include <net/route.h>
-//#include <linux/if_bridge.h>
-
-// print IP addresses for all interfaces
-static void net_ifprint(void) {
-	uint32_t ip;
-	uint32_t mask;
-	struct ifaddrs *ifaddr, *ifa;
-
-	int fd;
-	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
-		fprintf(stderr, "Error: cannot open AF_INET socket\n");
-		exit(1);
-	}
-
-	if (getifaddrs(&ifaddr) == -1)
-		errExit("getifaddrs");
-
-	// walk through the linked list
-	printf("  Link status:\n");
-	for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) {
-		if (ifa->ifa_addr == NULL)
-			continue;
-
-		if (ifa->ifa_addr->sa_family == AF_PACKET) {
-			if (ifa->ifa_flags & IFF_RUNNING && ifa->ifa_flags & IFF_UP) {
-				if (ifa->ifa_data != NULL) {
-					struct rtnl_link_stats *stats = ifa->ifa_data;
-
-					// extract mac address
-					struct ifreq ifr;
-					memset(&ifr, 0, sizeof(ifr));
-					strncpy(ifr.ifr_name,  ifa->ifa_name, IFNAMSIZ - 1);
-					int rv = ioctl (fd, SIOCGIFHWADDR, &ifr);
-
-					if (rv == 0)
-						printf("     %s UP, %02x:%02x:%02x:%02x:%02x:%02x\n",
-							ifa->ifa_name, PRINT_MAC((unsigned char *) &ifr.ifr_hwaddr.sa_data));
-					else
-						printf("     %s UP\n", ifa->ifa_name);
-
-					printf("          tx/rx: %u/%u packets,  %u/%u bytes\n",
-						stats->tx_packets, stats->rx_packets,
-						stats->tx_bytes, stats->rx_bytes);
-				}
-			}
-			else
-				printf("     %s DOWN\n", ifa->ifa_name);
-		}
-	}
-
-
-	// walk through the linked list
-	printf("  IPv4 status:\n");
-	for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) {
-		if (ifa->ifa_addr == NULL)
-			continue;
-
-		if (ifa->ifa_addr->sa_family == AF_INET) {
-			struct sockaddr_in *si = (struct sockaddr_in *) ifa->ifa_netmask;
-			mask = ntohl(si->sin_addr.s_addr);
-			si = (struct sockaddr_in *) ifa->ifa_addr;
-			ip = ntohl(si->sin_addr.s_addr);
-
-			char *status;
-			if (ifa->ifa_flags & IFF_RUNNING && ifa->ifa_flags & IFF_UP)
-				status = "UP";
-			else
-				status = "DOWN";
-
-			printf("     %s %s, %d.%d.%d.%d/%u\n",
-				ifa->ifa_name, status, PRINT_IP(ip), mask2bits(mask));
-		}
-	}
-
-
-	// walk through the linked list
-	printf("  IPv6 status:\n");
-	for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) {
-		if (ifa->ifa_addr == NULL)
-			continue;
-
-		if (ifa->ifa_addr->sa_family == AF_INET6) {
-			char host[NI_MAXHOST];
-			int s = getnameinfo(ifa->ifa_addr, sizeof(struct sockaddr_in6),
-				host, NI_MAXHOST, NULL, 0, NI_NUMERICHOST);
-			if (s == 0) {
-				char *ptr;
-				if ((ptr = strchr(host, '%')) != NULL)
-					*ptr = '\0';
-				char *status;
-				if (ifa->ifa_flags & IFF_RUNNING && ifa->ifa_flags & IFF_UP)
-					status = "UP";
-				else
-					status = "DOWN";
-
-				printf("     %s %s, %s\n", ifa->ifa_name, status, host);
-			}
-		}
-	}
-
-	freeifaddrs(ifaddr);
-	close(fd);
-}
-
-static void print_sandbox(pid_t pid) {
-	pid_t child = fork();
-	if (child == -1)
-		return;
-
-	if (child == 0) {
-		int rv = join_namespace(pid, "net");
-		if (rv)
-			return;
-		net_ifprint();
-
-		__gcov_flush();
-
-		_exit(0);
-	}
-
-	// wait for the child to finish
-	waitpid(child, NULL, 0);
-}
-
-void interface(pid_t pid, int print_procs) {
-	pid_read(pid); // a pid of 0 will include all processes
-
-	// print processes
-	int i;
-	for (i = 0; i < max_pids; i++) {
-		if (pids[i].level == 1) {
-			if (print_procs || pid == 0)
-				pid_print_list(i, arg_wrap);
-			int child = find_child(i);
-			if (child != -1) {
-				print_sandbox(child);
-			}
-		}
-	}
-	printf("\n");
-}
diff --git a/src/man/firemon.txt b/src/man/firemon.txt
index 9d0785a4a..fb0cf1175 100644
--- a/src/man/firemon.txt
+++ b/src/man/firemon.txt
@@ -30,9 +30,6 @@ Print debug messages
 \fB\-?\fR, \fB\-\-help\fR
 Print options end exit.
 .TP
-\fB\-\-interface
-Print network interface information for each sandbox.
-.TP
 \fB\-\-list
 List all sandboxes.
 .TP
-- 
cgit v1.2.3-54-g00ecf