diff options
author | Stefano Brivio <sbrivio@redhat.com> | 2021-05-10 08:30:38 +0200 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2021-05-10 08:30:38 +0200 |
commit | c8581f3710335ae6be68909c1c8307aa66990428 (patch) | |
tree | f81b74c9489cd9f259ab2f5efe53549292e1e847 /icmp.c | |
parent | b385ebaadfd8b7fe4ebba627c9714ceb689f38b0 (diff) | |
download | passt-c8581f3710335ae6be68909c1c8307aa66990428.tar passt-c8581f3710335ae6be68909c1c8307aa66990428.tar.gz passt-c8581f3710335ae6be68909c1c8307aa66990428.tar.bz2 passt-c8581f3710335ae6be68909c1c8307aa66990428.tar.lz passt-c8581f3710335ae6be68909c1c8307aa66990428.tar.xz passt-c8581f3710335ae6be68909c1c8307aa66990428.tar.zst passt-c8581f3710335ae6be68909c1c8307aa66990428.zip |
icmp: Warn if "ping" socket can't be opened, don't fail
If net.ipv4.ping_group_range doesn't include our PID, we'll fail
to open sockets for ICMP and ICMPv6 echo. Warn instead of
exiting, this is not fatal.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'icmp.c')
-rw-r--r-- | icmp.c | 18 |
1 files changed, 16 insertions, 2 deletions
@@ -101,6 +101,9 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr, .sin_addr.s_addr = htonl(INADDR_ANY), }; + if (c->icmp.s4 < 0) + return 1; + if (msg[0].l4_len < sizeof(*ih) || ih->type != ICMP_ECHO) return 1; @@ -118,6 +121,9 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr, }; struct icmp6hdr *ih = (struct icmp6hdr *)msg[0].l4h; + if (c->icmp.s6 < 0) + return 1; + if (msg[0].l4_len < sizeof(*ih) || (ih->icmp6_type != 128 && ih->icmp6_type != 129)) return 1; @@ -142,14 +148,22 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr, */ int icmp_sock_init(struct ctx *c) { + int fail = 0; + c->icmp.fd_min = INT_MAX; c->icmp.fd_max = 0; if (c->v4 && (c->icmp.s4 = sock_l4(c, AF_INET, IPPROTO_ICMP, 0)) < 0) - return -1; + fail = 1; if (c->v6 && (c->icmp.s6 = sock_l4(c, AF_INET6, IPPROTO_ICMPV6, 0)) < 0) - return -1; + fail = 1; + + if (fail) { + warn("Cannot open \"ping\" socket. You might need to:"); + warn(" sysctl -w net.ipv4.ping_group_range=\"0 2147483647\""); + warn("...continuing without echo request/reply support."); + } return 0; } |