1 /* dnsmasq is Copyright (c) 2000-2013 Simon Kelley
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
16 /* Jon Zarate AFAIK wrote the original Tomato specific code, primarily to
17 support extra info in the GUI. Following is a vague clue as to how it
20 device list status is handled by www/devlist.c - this sends a SIGUSR2
21 to dnsmasq which causes the 'tomato_helper' function to execute in
22 addition to the normal dnsmasq SIGUSR2 code (Switch logfile, but since
23 Tomato not using that it doesn't matter) devlist.c waits up to 5 secs
24 for file '/var/tmp/dhcp/leases.!' to disappear before continuing
25 (Must be a better way to do this IPC stuff)
27 tomato_helper(lease.c) does a couple of things:
29 It looks for /var/tmp/dhcp/delete and deletes any known leases by IP
30 address found therein. It deletes /var/tmp/dhcp/delete when done.
31 This implements the 'delete lease' from GUI functionality.
33 It dumps the current dhcp leases into /var/tmp/dhcp/lease.! (tmp file)
34 subtracting the current time from the lease expiry time, thus producing
35 a 'lease remaining' time for the GUI.
36 The temp file is renamed to /var/tmp/dhcp/leases thus signalling devlist.c
37 that it may proceed. Finally when devlist.c is finished
38 /var/tmp/dhcp/leases is removed.
40 rfc2131.c implements a 'Quiet DHCP' option (don't log DHCP stuff) first
41 implemented by 'Teddy Bear'.
43 dnsmasq.c also intercepts SIGHUP so that it may flush the lease file.
44 This is so lease expiry times survive a process restart since dnsmasq
45 reads the lease file at start-up.
47 Finally(?) lease_update_file (lease.c) writes out the remaining lease
48 duration for each dhcp lease rather than lease expiry time (with RTC) or
49 lease length (no RTC) for dnsmasq's internal lease database.
50 asuswrt does a similar thing with lease durations though the code is
51 different. Ideally the code would be merged in such a way that Tomato
52 and asuswrt-merlin can code share without even thinking...another project!
54 dhcp lease file is /var/lib/misc/dnsmasq.leases
56 Above description K Darbyshire-Bryant 02/05/13 Hope it helps someone
61 /* Declare static char *compiler_opts in config.h */
62 #define DNSMASQ_COMPILE_OPTS
66 struct daemon
*daemon
;
68 static volatile pid_t pid
= 0;
69 static volatile int pipewrite
;
71 static int set_dns_listeners(time_t now
, fd_set
*set
, int *maxfdp
);
72 static void check_dns_listeners(fd_set
*set
, time_t now
);
73 static void sig_handler(int sig
);
74 static void async_event(int pipe
, time_t now
);
75 static void fatal_event(struct event_desc
*ev
, char *msg
);
76 static int read_event(int fd
, struct event_desc
*evp
, char **msg
);
79 int main (int argc
, char **argv
)
81 int bind_fallback
= 0;
83 struct sigaction sigact
;
85 int piperead
, pipefd
[2], err_pipe
[2];
86 struct passwd
*ent_pw
= NULL
;
87 #if defined(HAVE_SCRIPT)
91 struct group
*gp
= NULL
;
92 long i
, max_fd
= sysconf(_SC_OPEN_MAX
);
95 #if defined(HAVE_LINUX_NETWORK)
96 cap_user_header_t hdr
= NULL
;
97 cap_user_data_t data
= NULL
;
99 struct dhcp_context
*context
;
102 setlocale(LC_ALL
, "");
103 bindtextdomain("dnsmasq", LOCALEDIR
);
104 textdomain("dnsmasq");
107 sigact
.sa_handler
= sig_handler
;
109 sigemptyset(&sigact
.sa_mask
);
110 sigaction(SIGUSR1
, &sigact
, NULL
);
111 sigaction(SIGUSR2
, &sigact
, NULL
);
112 sigaction(SIGHUP
, &sigact
, NULL
);
113 sigaction(SIGTERM
, &sigact
, NULL
);
114 sigaction(SIGALRM
, &sigact
, NULL
);
115 sigaction(SIGCHLD
, &sigact
, NULL
);
118 sigact
.sa_handler
= SIG_IGN
;
119 sigaction(SIGPIPE
, &sigact
, NULL
);
121 umask(022); /* known umask, create leases and pid files as 0644 */
123 read_opts(argc
, argv
, compile_opts
);
125 if (daemon
->edns_pktsz
< PACKETSZ
)
126 daemon
->edns_pktsz
= PACKETSZ
;
127 daemon
->packet_buff_sz
= daemon
->edns_pktsz
> DNSMASQ_PACKETSZ
?
128 daemon
->edns_pktsz
: DNSMASQ_PACKETSZ
;
129 daemon
->packet
= safe_malloc(daemon
->packet_buff_sz
);
131 daemon
->addrbuff
= safe_malloc(ADDRSTRLEN
);
135 if (!daemon
->lease_file
)
137 if (daemon
->dhcp
|| daemon
->dhcp6
)
138 daemon
->lease_file
= LEASEFILE
;
142 /* Close any file descriptors we inherited apart from std{in|out|err}
144 Ensure that at least stdin, stdout and stderr (fd 0, 1, 2) exist,
145 otherwise file descriptors we create can end up being 0, 1, or 2
146 and then get accidentally closed later when we make 0, 1, and 2
147 open to /dev/null. Normally we'll be started with 0, 1 and 2 open,
148 but it's not guaranteed. By opening /dev/null three times, we
149 ensure that we're not using those fds for real stuff. */
150 for (i
= 0; i
< max_fd
; i
++)
151 if (i
!= STDOUT_FILENO
&& i
!= STDERR_FILENO
&& i
!= STDIN_FILENO
)
154 open("/dev/null", O_RDWR
);
156 #ifndef HAVE_LINUX_NETWORK
157 # if !(defined(IP_RECVDSTADDR) && defined(IP_RECVIF) && defined(IP_SENDSRCADDR))
158 if (!option_bool(OPT_NOWILD
))
161 set_option_bool(OPT_NOWILD
);
165 /* -- bind-dynamic not supported on !Linux, fall back to --bind-interfaces */
166 if (option_bool(OPT_CLEVERBIND
))
169 set_option_bool(OPT_NOWILD
);
170 reset_option_bool(OPT_CLEVERBIND
);
175 if (option_bool(OPT_TFTP
))
176 die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL
, EC_BADCONF
);
179 #ifdef HAVE_CONNTRACK
180 if (option_bool(OPT_CONNTRACK
) && (daemon
->query_port
!= 0 || daemon
->osport
))
181 die (_("Cannot use --conntrack AND --query-port"), NULL
, EC_BADCONF
);
183 if (option_bool(OPT_CONNTRACK
))
184 die(_("Conntrack support not available: set HAVE_CONNTRACK in src/config.h"), NULL
, EC_BADCONF
);
187 #ifdef HAVE_SOLARIS_NETWORK
188 if (daemon
->max_logs
!= 0)
189 die(_("asychronous logging is not available under Solaris"), NULL
, EC_BADCONF
);
193 if (daemon
->max_logs
!= 0)
194 die(_("asychronous logging is not available under Android"), NULL
, EC_BADCONF
);
198 if (daemon
->authserver
)
199 die(_("authoritative DNS not available: set HAVE_AUTH in src/config.h"), NULL
, EC_BADCONF
);
204 now
= dnsmasq_time();
206 /* Create a serial at startup if not configured. */
207 if (daemon
->authinterface
&& daemon
->soa_sn
== 0)
208 #ifdef HAVE_BROKEN_RTC
209 die(_("zone serial must be configured in --auth-soa"), NULL
, EC_BADCONF
);
211 daemon
->soa_sn
= now
;
215 if (daemon
->dhcp
|| daemon
->dhcp6
)
221 daemon
->doing_ra
= option_bool(OPT_RA
);
223 for (context
= daemon
->dhcp6
; context
; context
= context
->next
)
225 if (context
->flags
& CONTEXT_DHCP
)
226 daemon
->doing_dhcp6
= 1;
227 if (context
->flags
& CONTEXT_RA
)
228 daemon
->doing_ra
= 1;
229 #ifndef HAVE_LINUX_NETWORK
230 if (context
->flags
& CONTEXT_TEMPLATE
)
231 die (_("dhcp-range constructor not available on this platform"), NULL
, EC_BADCONF
);
237 /* Note that order matters here, we must call lease_init before
238 creating any file descriptors which shouldn't be leaked
239 to the lease-script init process. We need to call common_init
240 before lease_init to allocate buffers it uses.*/
241 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
251 if (daemon
->doing_ra
)
254 if (daemon
->doing_dhcp6
)
266 #ifdef HAVE_LINUX_NETWORK
269 if (option_bool(OPT_NOWILD
) && option_bool(OPT_CLEVERBIND
))
270 die(_("cannot set --bind-interfaces and --bind-dynamic"), NULL
, EC_BADCONF
);
273 if (!enumerate_interfaces(1) || !enumerate_interfaces(0))
274 die(_("failed to find list of interfaces: %s"), NULL
, EC_MISC
);
276 if (option_bool(OPT_NOWILD
) || option_bool(OPT_CLEVERBIND
))
278 create_bound_listeners(1);
280 if (!option_bool(OPT_CLEVERBIND
))
281 for (if_tmp
= daemon
->if_names
; if_tmp
; if_tmp
= if_tmp
->next
)
282 if (if_tmp
->name
&& !if_tmp
->used
)
283 die(_("unknown interface %s"), if_tmp
->name
, EC_BADNET
);
285 #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP)
286 /* after enumerate_interfaces() */
289 bindtodevice(daemon
->dhcpfd
);
290 if (daemon
->enable_pxe
)
291 bindtodevice(daemon
->pxefd
);
295 #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP6)
296 if (daemon
->doing_dhcp6
)
297 bindtodevice(daemon
->dhcp6fd
);
301 create_wildcard_listeners();
304 /* after enumerate_interfaces() */
305 if (daemon
->doing_dhcp6
|| daemon
->doing_ra
)
309 if (daemon
->port
!= 0)
312 if (option_bool(OPT_DBUS
))
317 daemon
->watches
= NULL
;
318 if ((err
= dbus_init()))
319 die(_("DBus error: %s"), err
, EC_MISC
);
322 die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL
, EC_BADCONF
);
325 if (daemon
->port
!= 0)
328 #if defined(HAVE_SCRIPT)
329 /* Note getpwnam returns static storage */
330 if ((daemon
->dhcp
|| daemon
->dhcp6
) &&
331 daemon
->scriptuser
&&
332 (daemon
->lease_change_command
|| daemon
->luascript
))
334 if ((ent_pw
= getpwnam(daemon
->scriptuser
)))
336 script_uid
= ent_pw
->pw_uid
;
337 script_gid
= ent_pw
->pw_gid
;
340 baduser
= daemon
->scriptuser
;
344 if (daemon
->username
&& !(ent_pw
= getpwnam(daemon
->username
)))
345 baduser
= daemon
->username
;
346 else if (daemon
->groupname
&& !(gp
= getgrnam(daemon
->groupname
)))
347 baduser
= daemon
->groupname
;
350 die(_("unknown user or group: %s"), baduser
, EC_BADCONF
);
352 /* implement group defaults, "dip" if available, or group associated with uid */
353 if (!daemon
->group_set
&& !gp
)
355 if (!(gp
= getgrnam(CHGRP
)) && ent_pw
)
356 gp
= getgrgid(ent_pw
->pw_gid
);
358 /* for error message */
360 daemon
->groupname
= gp
->gr_name
;
363 #if defined(HAVE_LINUX_NETWORK)
364 /* determine capability API version here, while we can still
366 if (ent_pw
&& ent_pw
->pw_uid
!= 0)
368 int capsize
= 1; /* for header version 1 */
369 hdr
= safe_malloc(sizeof(*hdr
));
371 /* find version supported by kernel */
372 memset(hdr
, 0, sizeof(*hdr
));
375 if (hdr
->version
!= LINUX_CAPABILITY_VERSION_1
)
377 /* if unknown version, use largest supported version (3) */
378 if (hdr
->version
!= LINUX_CAPABILITY_VERSION_2
)
379 hdr
->version
= LINUX_CAPABILITY_VERSION_3
;
383 data
= safe_malloc(sizeof(*data
) * capsize
);
384 memset(data
, 0, sizeof(*data
) * capsize
);
388 /* Use a pipe to carry signals and other events back to the event loop
389 in a race-free manner and another to carry errors to daemon-invoking process */
390 safe_pipe(pipefd
, 1);
392 piperead
= pipefd
[0];
393 pipewrite
= pipefd
[1];
394 /* prime the pipe to load stuff first time. */
395 send_event(pipewrite
, EVENT_RELOAD
, 0, NULL
);
399 if (!option_bool(OPT_DEBUG
))
401 /* The following code "daemonizes" the process.
402 See Stevens section 12.4 */
405 die(_("cannot chdir to filesystem root: %s"), NULL
, EC_MISC
);
408 if (!option_bool(OPT_NO_FORK
))
412 /* pipe to carry errors back to original process.
413 When startup is complete we close this and the process terminates. */
414 safe_pipe(err_pipe
, 0);
416 if ((pid
= fork()) == -1)
417 /* fd == -1 since we've not forked, never returns. */
418 send_event(-1, EVENT_FORK_ERR
, errno
, NULL
);
422 struct event_desc ev
;
425 /* close our copy of write-end */
428 /* check for errors after the fork */
429 if (read_event(err_pipe
[0], &ev
, &msg
))
430 fatal_event(&ev
, msg
);
437 /* NO calls to die() from here on. */
441 if ((pid
= fork()) == -1)
442 send_event(err_pipe
[1], EVENT_FORK_ERR
, errno
, NULL
);
449 /* write pidfile _after_ forking ! */
454 sprintf(daemon
->namebuff
, "%d\n", (int) getpid());
456 /* Explanation: Some installations of dnsmasq (eg Debian/Ubuntu) locate the pid-file
457 in a directory which is writable by the non-privileged user that dnsmasq runs as. This
458 allows the daemon to delete the file as part of its shutdown. This is a security hole to the
459 extent that an attacker running as the unprivileged user could replace the pidfile with a
460 symlink, and have the target of that symlink overwritten as root next time dnsmasq starts.
462 The folowing code first deletes any existing file, and then opens it with the O_EXCL flag,
463 ensuring that the open() fails should there be any existing file (because the unlink() failed,
464 or an attacker exploited the race between unlink() and open()). This ensures that no symlink
467 Any compromise of the non-privileged user still theoretically allows the pid-file to be
468 replaced whilst dnsmasq is running. The worst that could allow is that the usual
469 "shutdown dnsmasq" shell command could be tricked into stopping any other process.
471 Note that if dnsmasq is started as non-root (eg for testing) it silently ignores
472 failure to write the pid-file.
475 unlink(daemon
->runfile
);
477 if ((fd
= open(daemon
->runfile
, O_WRONLY
|O_CREAT
|O_TRUNC
|O_EXCL
, S_IWUSR
|S_IRUSR
|S_IRGRP
|S_IROTH
)) == -1)
479 /* only complain if started as root */
485 if (!read_write(fd
, (unsigned char *)daemon
->namebuff
, strlen(daemon
->namebuff
), 0))
488 while (!err
&& close(fd
) == -1)
495 send_event(err_pipe
[1], EVENT_PIDFILE
, errno
, daemon
->runfile
);
501 log_err
= log_start(ent_pw
, err_pipe
[1]);
503 if (!option_bool(OPT_DEBUG
))
505 /* open stdout etc to /dev/null */
506 int nullfd
= open("/dev/null", O_RDWR
);
507 dup2(nullfd
, STDOUT_FILENO
);
508 dup2(nullfd
, STDERR_FILENO
);
509 dup2(nullfd
, STDIN_FILENO
);
513 /* if we are to run scripts, we need to fork a helper before dropping root. */
514 daemon
->helperfd
= -1;
516 if ((daemon
->dhcp
|| daemon
->dhcp6
) && (daemon
->lease_change_command
|| daemon
->luascript
))
517 daemon
->helperfd
= create_helper(pipewrite
, err_pipe
[1], script_uid
, script_gid
, max_fd
);
520 if (!option_bool(OPT_DEBUG
) && getuid() == 0)
522 int bad_capabilities
= 0;
525 /* remove all supplimentary groups */
527 (setgroups(0, &dummy
) == -1 ||
528 setgid(gp
->gr_gid
) == -1))
530 send_event(err_pipe
[1], EVENT_GROUP_ERR
, errno
, daemon
->groupname
);
534 if (ent_pw
&& ent_pw
->pw_uid
!= 0)
536 #if defined(HAVE_LINUX_NETWORK)
537 /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
538 CAP_NET_RAW (for icmp) if we're doing dhcp. If we have yet to bind
539 ports because of DAD, or we're doing it dynamically,
540 we need CAP_NET_BIND_SERVICE too. */
541 if (is_dad_listeners() || option_bool(OPT_CLEVERBIND
))
542 data
->effective
= data
->permitted
= data
->inheritable
=
543 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) |
544 (1 << CAP_SETUID
) | (1 << CAP_NET_BIND_SERVICE
);
546 data
->effective
= data
->permitted
= data
->inheritable
=
547 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) | (1 << CAP_SETUID
);
549 /* Tell kernel to not clear capabilities when dropping root */
550 if (capset(hdr
, data
) == -1 || prctl(PR_SET_KEEPCAPS
, 1, 0, 0, 0) == -1)
551 bad_capabilities
= errno
;
553 #elif defined(HAVE_SOLARIS_NETWORK)
554 /* http://developers.sun.com/solaris/articles/program_privileges.html */
555 priv_set_t
*priv_set
;
557 if (!(priv_set
= priv_str_to_set("basic", ",", NULL
)) ||
558 priv_addset(priv_set
, PRIV_NET_ICMPACCESS
) == -1 ||
559 priv_addset(priv_set
, PRIV_SYS_NET_CONFIG
) == -1)
560 bad_capabilities
= errno
;
562 if (priv_set
&& bad_capabilities
== 0)
564 priv_inverse(priv_set
);
566 if (setppriv(PRIV_OFF
, PRIV_LIMIT
, priv_set
) == -1)
567 bad_capabilities
= errno
;
571 priv_freeset(priv_set
);
575 if (bad_capabilities
!= 0)
577 send_event(err_pipe
[1], EVENT_CAP_ERR
, bad_capabilities
, NULL
);
581 /* finally drop root */
582 if (setuid(ent_pw
->pw_uid
) == -1)
584 send_event(err_pipe
[1], EVENT_USER_ERR
, errno
, daemon
->username
);
588 #ifdef HAVE_LINUX_NETWORK
589 if (is_dad_listeners() || option_bool(OPT_CLEVERBIND
))
590 data
->effective
= data
->permitted
=
591 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) | (1 << CAP_NET_BIND_SERVICE
);
593 data
->effective
= data
->permitted
=
594 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
);
595 data
->inheritable
= 0;
597 /* lose the setuid and setgid capbilities */
598 if (capset(hdr
, data
) == -1)
600 send_event(err_pipe
[1], EVENT_CAP_ERR
, errno
, NULL
);
608 #ifdef HAVE_LINUX_NETWORK
609 if (option_bool(OPT_DEBUG
))
610 prctl(PR_SET_DUMPABLE
, 1, 0, 0, 0);
614 if (option_bool(OPT_TFTP
))
617 struct tftp_prefix
*p
;
619 if (daemon
->tftp_prefix
)
621 if (!((dir
= opendir(daemon
->tftp_prefix
))))
623 send_event(err_pipe
[1], EVENT_TFTP_ERR
, errno
, daemon
->tftp_prefix
);
629 for (p
= daemon
->if_prefix
; p
; p
= p
->next
)
631 if (!((dir
= opendir(p
->prefix
))))
633 send_event(err_pipe
[1], EVENT_TFTP_ERR
, errno
, p
->prefix
);
641 if (daemon
->port
== 0)
642 my_syslog(LOG_INFO
, _("started, version %s DNS disabled"), VERSION
);
643 else if (daemon
->cachesize
!= 0)
644 my_syslog(LOG_INFO
, _("started, version %s cachesize %d"), VERSION
, daemon
->cachesize
);
646 my_syslog(LOG_INFO
, _("started, version %s cache disabled"), VERSION
);
648 my_syslog(LOG_INFO
, _("compile time options: %s"), compile_opts
);
651 if (option_bool(OPT_DBUS
))
654 my_syslog(LOG_INFO
, _("DBus support enabled: connected to system bus"));
656 my_syslog(LOG_INFO
, _("DBus support enabled: bus connection pending"));
661 my_syslog(LOG_WARNING
, _("warning: failed to change owner of %s: %s"),
662 daemon
->log_file
, strerror(log_err
));
665 my_syslog(LOG_WARNING
, _("setting --bind-interfaces option because of OS limitations"));
667 if (!option_bool(OPT_NOWILD
))
668 for (if_tmp
= daemon
->if_names
; if_tmp
; if_tmp
= if_tmp
->next
)
669 if (if_tmp
->name
&& !if_tmp
->used
)
670 my_syslog(LOG_WARNING
, _("warning: interface %s does not currently exist"), if_tmp
->name
);
672 if (daemon
->port
!= 0 && option_bool(OPT_NO_RESOLV
))
674 if (daemon
->resolv_files
&& !daemon
->resolv_files
->is_default
)
675 my_syslog(LOG_WARNING
, _("warning: ignoring resolv-file flag because no-resolv is set"));
676 daemon
->resolv_files
= NULL
;
677 if (!daemon
->servers
)
678 my_syslog(LOG_WARNING
, _("warning: no upstream servers configured"));
681 if (daemon
->max_logs
!= 0)
682 my_syslog(LOG_INFO
, _("asynchronous logging enabled, queue limit is %d messages"), daemon
->max_logs
);
686 for (context
= daemon
->dhcp
; context
; context
= context
->next
)
687 log_context(AF_INET
, context
);
690 for (context
= daemon
->dhcp6
; context
; context
= context
->next
)
691 log_context(AF_INET6
, context
);
693 if (daemon
->doing_dhcp6
|| daemon
->doing_ra
)
694 dhcp_construct_contexts(now
);
696 if (option_bool(OPT_RA
))
697 my_syslog(MS_DHCP
| LOG_INFO
, _("IPv6 router advertisement enabled"));
700 /* after dhcp_contruct_contexts */
701 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
702 lease_find_interfaces(now
);
706 if (option_bool(OPT_TFTP
))
709 if (FD_SETSIZE
< (unsigned)max_fd
)
713 my_syslog(MS_TFTP
| LOG_INFO
, "TFTP %s%s %s",
714 daemon
->tftp_prefix
? _("root is ") : _("enabled"),
715 daemon
->tftp_prefix
? daemon
->tftp_prefix
: "",
716 option_bool(OPT_TFTP_SECURE
) ? _("secure mode") : "");
718 /* This is a guess, it assumes that for small limits,
719 disjoint files might be served, but for large limits,
720 a single file will be sent to may clients (the file only needs
723 max_fd
-= 30; /* use other than TFTP */
727 else if (max_fd
< 100)
730 max_fd
= max_fd
- 20;
732 /* if we have to use a limited range of ports,
733 that will limit the number of transfers */
734 if (daemon
->start_tftp_port
!= 0 &&
735 daemon
->end_tftp_port
- daemon
->start_tftp_port
+ 1 < max_fd
)
736 max_fd
= daemon
->end_tftp_port
- daemon
->start_tftp_port
+ 1;
738 if (daemon
->tftp_max
> max_fd
)
740 daemon
->tftp_max
= max_fd
;
741 my_syslog(MS_TFTP
| LOG_WARNING
,
742 _("restricting maximum simultaneous TFTP transfers to %d"),
748 /* finished start-up - release original process */
749 if (err_pipe
[1] != -1)
752 if (daemon
->port
!= 0)
760 struct timeval t
, *tp
= NULL
;
761 fd_set rset
, wset
, eset
;
767 /* if we are out of resources, find how long we have to wait
768 for some to come free, we'll loop around then and restart
769 listening for queries */
770 if ((t
.tv_sec
= set_dns_listeners(now
, &rset
, &maxfd
)) != 0)
776 /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */
777 if (daemon
->tftp_trans
||
778 (option_bool(OPT_DBUS
) && !daemon
->dbus
))
784 /* Wake every second whilst waiting for DAD to complete */
785 else if (is_dad_listeners())
793 set_dbus_listeners(&maxfd
, &rset
, &wset
, &eset
);
799 FD_SET(daemon
->dhcpfd
, &rset
);
800 bump_maxfd(daemon
->dhcpfd
, &maxfd
);
801 if (daemon
->pxefd
!= -1)
803 FD_SET(daemon
->pxefd
, &rset
);
804 bump_maxfd(daemon
->pxefd
, &maxfd
);
810 if (daemon
->doing_dhcp6
)
812 FD_SET(daemon
->dhcp6fd
, &rset
);
813 bump_maxfd(daemon
->dhcp6fd
, &maxfd
);
816 if (daemon
->doing_ra
)
818 FD_SET(daemon
->icmp6fd
, &rset
);
819 bump_maxfd(daemon
->icmp6fd
, &maxfd
);
823 #ifdef HAVE_LINUX_NETWORK
824 FD_SET(daemon
->netlinkfd
, &rset
);
825 bump_maxfd(daemon
->netlinkfd
, &maxfd
);
828 FD_SET(piperead
, &rset
);
829 bump_maxfd(piperead
, &maxfd
);
833 while (helper_buf_empty() && do_script_run(now
));
836 while (helper_buf_empty() && do_tftp_script_run());
839 if (!helper_buf_empty())
841 FD_SET(daemon
->helperfd
, &wset
);
842 bump_maxfd(daemon
->helperfd
, &maxfd
);
845 /* need this for other side-effects */
846 while (do_script_run(now
));
849 while (do_tftp_script_run());
855 /* must do this just before select(), when we know no
856 more calls to my_syslog() can occur */
857 set_log_writer(&wset
, &maxfd
);
859 if (select(maxfd
+1, &rset
, &wset
, &eset
, tp
) < 0)
861 /* otherwise undefined after error */
862 FD_ZERO(&rset
); FD_ZERO(&wset
); FD_ZERO(&eset
);
865 now
= dnsmasq_time();
867 check_log_writer(&wset
);
870 enumerate_interfaces(1);
872 /* Check the interfaces to see if any have exited DAD state
873 and if so, bind the address. */
874 if (is_dad_listeners())
876 enumerate_interfaces(0);
877 /* NB, is_dad_listeners() == 1 --> we're binding interfaces */
878 create_bound_listeners(0);
881 #ifdef HAVE_LINUX_NETWORK
882 if (FD_ISSET(daemon
->netlinkfd
, &rset
))
883 netlink_multicast(now
);
886 /* Check for changes to resolv files once per second max. */
887 /* Don't go silent for long periods if the clock goes backwards. */
888 if (daemon
->last_resolv
== 0 ||
889 difftime(now
, daemon
->last_resolv
) > 1.0 ||
890 difftime(now
, daemon
->last_resolv
) < -1.0)
892 /* poll_resolv doesn't need to reload first time through, since
893 that's queued anyway. */
895 poll_resolv(0, daemon
->last_resolv
!= 0, now
);
896 daemon
->last_resolv
= now
;
899 if (FD_ISSET(piperead
, &rset
))
900 async_event(piperead
, now
);
903 /* if we didn't create a DBus connection, retry now. */
904 if (option_bool(OPT_DBUS
) && !daemon
->dbus
)
907 if ((err
= dbus_init()))
908 my_syslog(LOG_WARNING
, _("DBus error: %s"), err
);
910 my_syslog(LOG_INFO
, _("connected to system DBus"));
912 check_dbus_listeners(&rset
, &wset
, &eset
);
915 check_dns_listeners(&rset
, now
);
918 check_tftp_listeners(&rset
, now
);
924 if (FD_ISSET(daemon
->dhcpfd
, &rset
))
926 if (daemon
->pxefd
!= -1 && FD_ISSET(daemon
->pxefd
, &rset
))
931 if (daemon
->doing_dhcp6
&& FD_ISSET(daemon
->dhcp6fd
, &rset
))
934 if (daemon
->doing_ra
&& FD_ISSET(daemon
->icmp6fd
, &rset
))
939 if (daemon
->helperfd
!= -1 && FD_ISSET(daemon
->helperfd
, &wset
))
947 static void sig_handler(int sig
)
951 /* ignore anything other than TERM during startup
952 and in helper proc. (helper ignore TERM too) */
956 else if (pid
!= getpid())
958 /* alarm is used to kill TCP children after a fixed time. */
965 int event
, errsave
= errno
;
968 event
= EVENT_RELOAD
;
969 else if (sig
== SIGCHLD
)
971 else if (sig
== SIGALRM
)
973 else if (sig
== SIGTERM
)
975 else if (sig
== SIGUSR1
)
977 else if (sig
== SIGUSR2
)
978 event
= EVENT_REOPEN
;
982 send_event(pipewrite
, event
, 0, NULL
);
987 /* now == 0 -> queue immediate callback */
988 void send_alarm(time_t event
, time_t now
)
990 if (now
== 0 || event
!= 0)
992 /* alarm(0) or alarm(-ve) doesn't do what we want.... */
993 if ((now
== 0 || difftime(event
, now
) <= 0.0))
994 send_event(pipewrite
, EVENT_ALARM
, 0, NULL
);
996 alarm((unsigned)difftime(event
, now
));
1000 void send_event(int fd
, int event
, int data
, char *msg
)
1002 struct event_desc ev
;
1003 struct iovec iov
[2];
1007 ev
.msg_sz
= msg
? strlen(msg
) : 0;
1009 iov
[0].iov_base
= &ev
;
1010 iov
[0].iov_len
= sizeof(ev
);
1011 iov
[1].iov_base
= msg
;
1012 iov
[1].iov_len
= ev
.msg_sz
;
1014 /* error pipe, debug mode. */
1016 fatal_event(&ev
, msg
);
1018 /* pipe is non-blocking and struct event_desc is smaller than
1019 PIPE_BUF, so this either fails or writes everything */
1020 while (writev(fd
, iov
, msg
? 2 : 1) == -1 && errno
== EINTR
);
1023 /* NOTE: the memory used to return msg is leaked: use msgs in events only
1024 to describe fatal errors. */
1025 static int read_event(int fd
, struct event_desc
*evp
, char **msg
)
1029 if (!read_write(fd
, (unsigned char *)evp
, sizeof(struct event_desc
), 1))
1034 if (evp
->msg_sz
!= 0 &&
1035 (buf
= malloc(evp
->msg_sz
+ 1)) &&
1036 read_write(fd
, (unsigned char *)buf
, evp
->msg_sz
, 1))
1038 buf
[evp
->msg_sz
] = 0;
1045 static void fatal_event(struct event_desc
*ev
, char *msg
)
1054 case EVENT_FORK_ERR
:
1055 die(_("cannot fork into background: %s"), NULL
, EC_MISC
);
1057 case EVENT_PIPE_ERR
:
1058 die(_("failed to create helper: %s"), NULL
, EC_MISC
);
1061 die(_("setting capabilities failed: %s"), NULL
, EC_MISC
);
1063 case EVENT_USER_ERR
:
1064 die(_("failed to change user-id to %s: %s"), msg
, EC_MISC
);
1066 case EVENT_GROUP_ERR
:
1067 die(_("failed to change group-id to %s: %s"), msg
, EC_MISC
);
1070 die(_("failed to open pidfile %s: %s"), msg
, EC_FILE
);
1073 die(_("cannot open log %s: %s"), msg
, EC_FILE
);
1076 die(_("failed to load Lua script: %s"), msg
, EC_MISC
);
1078 case EVENT_TFTP_ERR
:
1079 die(_("TFTP directory %s inaccessible: %s"), msg
, EC_FILE
);
1083 static void async_event(int pipe
, time_t now
)
1086 struct event_desc ev
;
1090 /* NOTE: the memory used to return msg is leaked: use msgs in events only
1091 to describe fatal errors. */
1093 if (read_event(pipe
, &ev
, &msg
))
1097 clear_cache_and_reload(now
);
1098 if (daemon
->port
!= 0 && daemon
->resolv_files
&& option_bool(OPT_NO_POLL
))
1100 reload_servers(daemon
->resolv_files
->name
);
1109 if (daemon
->port
!= 0)
1115 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
1117 lease_prune(NULL
, now
);
1118 lease_update_file(now
);
1121 else if (daemon
->doing_ra
)
1122 /* Not doing DHCP, so no lease system, manage alarms for ra only */
1123 send_alarm(periodic_ra(now
), now
);
1129 /* See Stevens 5.10 */
1130 while ((p
= waitpid(-1, NULL
, WNOHANG
)) != 0)
1137 for (i
= 0 ; i
< MAX_PROCS
; i
++)
1138 if (daemon
->tcp_pids
[i
] == p
)
1139 daemon
->tcp_pids
[i
] = 0;
1143 my_syslog(LOG_WARNING
, _("script process killed by signal %d"), ev
.data
);
1147 my_syslog(LOG_WARNING
, _("script process exited with status %d"), ev
.data
);
1150 case EVENT_EXEC_ERR
:
1151 my_syslog(LOG_ERR
, _("failed to execute %s: %s"),
1152 daemon
->lease_change_command
, strerror(ev
.data
));
1155 /* necessary for fatal errors in helper */
1156 case EVENT_USER_ERR
:
1159 fatal_event(&ev
, msg
);
1163 /* Note: this may leave TCP-handling processes with the old file still open.
1164 Since any such process will die in CHILD_LIFETIME or probably much sooner,
1165 we leave them logging to the old file. */
1167 if (daemon
->log_file
!= NULL
)
1168 log_reopen(daemon
->log_file
);
1171 tomato_helper(now
); //possibly delete & write out leases for tomato
1173 /* following is Asus tweak. Interestingly Asus read the dnsmasq leases db
1174 directly. They signal dnsmasq to update via SIGUSR2 and wait 1 second
1175 assuming the file will be complete by the time they come to parse it.
1176 Race conditions anyone? What if dnsmasq happens to be updating the
1178 #if defined(HAVE_DHCP) && defined(HAVE_LEASEFILE_EXPIRE) && !defined(HAVE_TOMATO)
1179 if (daemon
->dhcp
|| daemon
->dhcp6
)
1180 flush_lease_file(now
);
1185 /* Knock all our children on the head. */
1186 for (i
= 0; i
< MAX_PROCS
; i
++)
1187 if (daemon
->tcp_pids
[i
] != 0)
1188 kill(daemon
->tcp_pids
[i
], SIGALRM
);
1190 #if defined(HAVE_SCRIPT)
1191 /* handle pending lease transitions */
1192 if (daemon
->helperfd
!= -1)
1194 /* block in writes until all done */
1195 if ((i
= fcntl(daemon
->helperfd
, F_GETFL
)) != -1)
1196 fcntl(daemon
->helperfd
, F_SETFL
, i
& ~O_NONBLOCK
);
1199 } while (!helper_buf_empty() || do_script_run(now
));
1200 close(daemon
->helperfd
);
1204 //Originally TOMATO tweak
1205 #if defined(HAVE_DHCP) && defined(HAVE_LEASEFILE_EXPIRE)
1206 if (daemon
->dhcp
|| daemon
->dhcp6
)
1207 flush_lease_file(now
);
1210 if (daemon
->lease_stream
)
1211 fclose(daemon
->lease_stream
);
1213 if (daemon
->runfile
)
1214 unlink(daemon
->runfile
);
1216 my_syslog(LOG_INFO
, _("exiting on receipt of SIGTERM"));
1222 void poll_resolv(int force
, int do_reload
, time_t now
)
1224 struct resolvc
*res
, *latest
;
1225 struct stat statbuf
;
1226 time_t last_change
= 0;
1227 /* There may be more than one possible file.
1228 Go through and find the one which changed _last_.
1229 Warn of any which can't be read. */
1231 if (daemon
->port
== 0 || option_bool(OPT_NO_POLL
))
1234 for (latest
= NULL
, res
= daemon
->resolv_files
; res
; res
= res
->next
)
1235 if (stat(res
->name
, &statbuf
) == -1)
1244 my_syslog(LOG_WARNING
, _("failed to access %s: %s"), res
->name
, strerror(errno
));
1247 if (res
->mtime
!= 0)
1249 /* existing file evaporated, force selection of the latest
1250 file even if its mtime hasn't changed since we last looked */
1251 poll_resolv(1, do_reload
, now
);
1258 if (force
|| (statbuf
.st_mtime
!= res
->mtime
))
1260 res
->mtime
= statbuf
.st_mtime
;
1261 if (difftime(statbuf
.st_mtime
, last_change
) > 0.0)
1263 last_change
= statbuf
.st_mtime
;
1265 /* This is now commented out
1268 #endif //TOMATO - Really don't understand what this break is trying to acheive/avoid
1276 static int warned
= 0;
1277 if (reload_servers(latest
->name
))
1279 my_syslog(LOG_INFO
, _("reading %s"), latest
->name
);
1282 if (option_bool(OPT_RELOAD
) && do_reload
)
1283 clear_cache_and_reload(now
);
1290 my_syslog(LOG_WARNING
, _("no servers found in %s, will retry"), latest
->name
);
1297 void clear_cache_and_reload(time_t now
)
1299 if (daemon
->port
!= 0)
1303 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
1305 if (option_bool(OPT_ETHERS
))
1308 dhcp_update_configs(daemon
->dhcp_conf
);
1309 lease_update_from_configs();
1310 lease_update_file(now
);
1311 lease_update_dns(1);
1314 else if (daemon
->doing_ra
)
1315 /* Not doing DHCP, so no lease system, manage
1316 alarms for ra only */
1317 send_alarm(periodic_ra(now
), now
);
1322 static int set_dns_listeners(time_t now
, fd_set
*set
, int *maxfdp
)
1324 struct serverfd
*serverfdp
;
1325 struct listener
*listener
;
1330 struct tftp_transfer
*transfer
;
1331 for (transfer
= daemon
->tftp_trans
; transfer
; transfer
= transfer
->next
)
1334 FD_SET(transfer
->sockfd
, set
);
1335 bump_maxfd(transfer
->sockfd
, maxfdp
);
1339 /* will we be able to get memory? */
1340 if (daemon
->port
!= 0)
1341 get_new_frec(now
, &wait
);
1343 for (serverfdp
= daemon
->sfds
; serverfdp
; serverfdp
= serverfdp
->next
)
1345 FD_SET(serverfdp
->fd
, set
);
1346 bump_maxfd(serverfdp
->fd
, maxfdp
);
1349 if (daemon
->port
!= 0 && !daemon
->osport
)
1350 for (i
= 0; i
< RANDOM_SOCKS
; i
++)
1351 if (daemon
->randomsocks
[i
].refcount
!= 0)
1353 FD_SET(daemon
->randomsocks
[i
].fd
, set
);
1354 bump_maxfd(daemon
->randomsocks
[i
].fd
, maxfdp
);
1357 for (listener
= daemon
->listeners
; listener
; listener
= listener
->next
)
1359 /* only listen for queries if we have resources */
1360 if (listener
->fd
!= -1 && wait
== 0)
1362 FD_SET(listener
->fd
, set
);
1363 bump_maxfd(listener
->fd
, maxfdp
);
1366 /* death of a child goes through the select loop, so
1367 we don't need to explicitly arrange to wake up here */
1368 if (listener
->tcpfd
!= -1)
1369 for (i
= 0; i
< MAX_PROCS
; i
++)
1370 if (daemon
->tcp_pids
[i
] == 0)
1372 FD_SET(listener
->tcpfd
, set
);
1373 bump_maxfd(listener
->tcpfd
, maxfdp
);
1378 if (tftp
<= daemon
->tftp_max
&& listener
->tftpfd
!= -1)
1380 FD_SET(listener
->tftpfd
, set
);
1381 bump_maxfd(listener
->tftpfd
, maxfdp
);
1390 static void check_dns_listeners(fd_set
*set
, time_t now
)
1392 struct serverfd
*serverfdp
;
1393 struct listener
*listener
;
1396 for (serverfdp
= daemon
->sfds
; serverfdp
; serverfdp
= serverfdp
->next
)
1397 if (FD_ISSET(serverfdp
->fd
, set
))
1398 reply_query(serverfdp
->fd
, serverfdp
->source_addr
.sa
.sa_family
, now
);
1400 if (daemon
->port
!= 0 && !daemon
->osport
)
1401 for (i
= 0; i
< RANDOM_SOCKS
; i
++)
1402 if (daemon
->randomsocks
[i
].refcount
!= 0 &&
1403 FD_ISSET(daemon
->randomsocks
[i
].fd
, set
))
1404 reply_query(daemon
->randomsocks
[i
].fd
, daemon
->randomsocks
[i
].family
, now
);
1406 for (listener
= daemon
->listeners
; listener
; listener
= listener
->next
)
1408 if (listener
->fd
!= -1 && FD_ISSET(listener
->fd
, set
))
1409 receive_query(listener
, now
);
1412 if (listener
->tftpfd
!= -1 && FD_ISSET(listener
->tftpfd
, set
))
1413 tftp_request(listener
, now
);
1416 if (listener
->tcpfd
!= -1 && FD_ISSET(listener
->tcpfd
, set
))
1418 int confd
, client_ok
= 1;
1419 struct irec
*iface
= NULL
;
1421 union mysockaddr tcp_addr
;
1422 socklen_t tcp_len
= sizeof(union mysockaddr
);
1424 while ((confd
= accept(listener
->tcpfd
, NULL
, NULL
)) == -1 && errno
== EINTR
);
1429 if (getsockname(confd
, (struct sockaddr
*)&tcp_addr
, &tcp_len
) == -1)
1435 /* Make sure that the interface list is up-to-date.
1437 We do this here as we may need the results below, and
1438 the DNS code needs them for --interface-name stuff.
1440 Multiple calls to enumerate_interfaces() per select loop are
1441 inhibited, so calls to it in the child process (which doesn't select())
1442 have no effect. This avoids two processes reading from the same
1443 netlink fd and screwing the pooch entirely.
1446 enumerate_interfaces(0);
1448 if (option_bool(OPT_NOWILD
))
1449 iface
= listener
->iface
; /* May be NULL */
1453 char intr_name
[IF_NAMESIZE
];
1455 /* if we can find the arrival interface, check it's one that's allowed */
1456 if ((if_index
= tcp_interface(confd
, tcp_addr
.sa
.sa_family
)) != 0 &&
1457 indextoname(listener
->tcpfd
, if_index
, intr_name
))
1459 struct all_addr addr
;
1460 addr
.addr
.addr4
= tcp_addr
.in
.sin_addr
;
1462 if (tcp_addr
.sa
.sa_family
== AF_INET6
)
1463 addr
.addr
.addr6
= tcp_addr
.in6
.sin6_addr
;
1466 for (iface
= daemon
->interfaces
; iface
; iface
= iface
->next
)
1467 if (iface
->index
== if_index
)
1470 if (!iface
&& !loopback_exception(listener
->tcpfd
, tcp_addr
.sa
.sa_family
, &addr
, intr_name
))
1474 if (option_bool(OPT_CLEVERBIND
))
1475 iface
= listener
->iface
; /* May be NULL */
1478 /* Check for allowed interfaces when binding the wildcard address:
1479 we do this by looking for an interface with the same address as
1480 the local address of the TCP connection, then looking to see if that's
1481 an allowed interface. As a side effect, we get the netmask of the
1482 interface too, for localisation. */
1484 for (iface
= daemon
->interfaces
; iface
; iface
= iface
->next
)
1485 if (sockaddr_isequal(&iface
->addr
, &tcp_addr
))
1495 shutdown(confd
, SHUT_RDWR
);
1499 else if (!option_bool(OPT_DEBUG
) && (p
= fork()) != 0)
1504 for (i
= 0; i
< MAX_PROCS
; i
++)
1505 if (daemon
->tcp_pids
[i
] == 0)
1507 daemon
->tcp_pids
[i
] = p
;
1516 unsigned char *buff
;
1519 struct in_addr netmask
;
1524 netmask
= iface
->netmask
;
1525 auth_dns
= iface
->dns_auth
;
1534 /* Arrange for SIGALARM after CHILD_LIFETIME seconds to
1535 terminate the process. */
1536 if (!option_bool(OPT_DEBUG
))
1537 alarm(CHILD_LIFETIME
);
1540 /* start with no upstream connections. */
1541 for (s
= daemon
->servers
; s
; s
= s
->next
)
1544 /* The connected socket inherits non-blocking
1545 attribute from the listening socket.
1547 if ((flags
= fcntl(confd
, F_GETFL
, 0)) != -1)
1548 fcntl(confd
, F_SETFL
, flags
& ~O_NONBLOCK
);
1550 buff
= tcp_request(confd
, now
, &tcp_addr
, netmask
, auth_dns
);
1552 shutdown(confd
, SHUT_RDWR
);
1558 for (s
= daemon
->servers
; s
; s
= s
->next
)
1561 shutdown(s
->tcpfd
, SHUT_RDWR
);
1565 if (!option_bool(OPT_DEBUG
))
1577 int make_icmp_sock(void)
1582 if ((fd
= socket (AF_INET
, SOCK_RAW
, IPPROTO_ICMP
)) != -1)
1585 setsockopt(fd
, SOL_SOCKET
, SO_DONTROUTE
, &zeroopt
, sizeof(zeroopt
)) == -1)
1595 int icmp_ping(struct in_addr addr
)
1597 /* Try and get an ICMP echo from a machine. */
1599 /* Note that whilst in the three second wait, we check for
1600 (and service) events on the DNS and TFTP sockets, (so doing that
1601 better not use any resources our caller has in use...)
1602 but we remain deaf to signals or further DHCP packets. */
1605 struct sockaddr_in saddr
;
1610 unsigned short id
= rand16();
1615 #if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
1616 if ((fd
= make_icmp_sock()) == -1)
1620 fd
= daemon
->dhcp_icmp_fd
;
1621 setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &opt
, sizeof(opt
));
1624 saddr
.sin_family
= AF_INET
;
1626 saddr
.sin_addr
= addr
;
1627 #ifdef HAVE_SOCKADDR_SA_LEN
1628 saddr
.sin_len
= sizeof(struct sockaddr_in
);
1631 memset(&packet
.icmp
, 0, sizeof(packet
.icmp
));
1632 packet
.icmp
.icmp_type
= ICMP_ECHO
;
1633 packet
.icmp
.icmp_id
= id
;
1634 for (j
= 0, i
= 0; i
< sizeof(struct icmp
) / 2; i
++)
1635 j
+= ((u16
*)&packet
.icmp
)[i
];
1637 j
= (j
& 0xffff) + (j
>> 16);
1638 packet
.icmp
.icmp_cksum
= (j
== 0xffff) ? j
: ~j
;
1640 while (sendto(fd
, (char *)&packet
.icmp
, sizeof(struct icmp
), 0,
1641 (struct sockaddr
*)&saddr
, sizeof(saddr
)) == -1 &&
1644 for (now
= start
= dnsmasq_time();
1645 difftime(now
, start
) < (float)PING_WAIT
;)
1649 struct sockaddr_in faddr
;
1651 socklen_t len
= sizeof(faddr
);
1653 tv
.tv_usec
= 250000;
1659 set_dns_listeners(now
, &rset
, &maxfd
);
1660 set_log_writer(&wset
, &maxfd
);
1663 if (daemon
->doing_ra
)
1665 FD_SET(daemon
->icmp6fd
, &rset
);
1666 bump_maxfd(daemon
->icmp6fd
, &maxfd
);
1670 if (select(maxfd
+1, &rset
, &wset
, NULL
, &tv
) < 0)
1676 now
= dnsmasq_time();
1678 check_log_writer(&wset
);
1679 check_dns_listeners(&rset
, now
);
1682 if (daemon
->doing_ra
&& FD_ISSET(daemon
->icmp6fd
, &rset
))
1687 check_tftp_listeners(&rset
, now
);
1690 if (FD_ISSET(fd
, &rset
) &&
1691 recvfrom(fd
, &packet
, sizeof(packet
), 0,
1692 (struct sockaddr
*)&faddr
, &len
) == sizeof(packet
) &&
1693 saddr
.sin_addr
.s_addr
== faddr
.sin_addr
.s_addr
&&
1694 packet
.icmp
.icmp_type
== ICMP_ECHOREPLY
&&
1695 packet
.icmp
.icmp_seq
== 0 &&
1696 packet
.icmp
.icmp_id
== id
)
1703 #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
1707 setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &opt
, sizeof(opt
));