From f283818a213ab30d290dc3e3d7513713f214587c Mon Sep 17 00:00:00 2001 From: r-caamano Date: Fri, 30 Jun 2023 01:51:05 +0000 Subject: [PATCH] added support for zitiX tun interface name change --- CHANGELOG.md | 6 ++++++ src/zfw.c | 55 +++++++++++++++++++++++++++++++++++++++------------- 2 files changed, 48 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index aac93f0..276e5c7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). --- +# [0.4.0] - 2023-06-29 + +### + +- Added support for upcoming ziti-edge-tunnel interface name change from tunX to zitiX. + # [0.3.10] - 2023-06-28 ### diff --git a/src/zfw.c b/src/zfw.c index 551eb97..752cb2d 100644 --- a/src/zfw.c +++ b/src/zfw.c @@ -111,7 +111,7 @@ static char *tun_interface; static char *tc_interface; static char *object_file; static char *direction_string; -const char *argp_program_version = "0.3.10"; +const char *argp_program_version = "0.4.0"; static __u8 if_list[MAX_IF_LIST_ENTRIES]; int ifcount = 0; @@ -976,14 +976,24 @@ void interface_tc() address = address->ifa_next; continue; } - if(!strncmp(address->ifa_name,"tun", 3) || idx >= MAX_IF_ENTRIES) + if (all_interface) + { + tc_interface = address->ifa_name; + } + if(!strncmp(address->ifa_name,"tun", 3) || !strncmp(address->ifa_name,"ziti", 4)) { - if(!strncmp(tc_interface,"tun", 3)){ - printf("zfw does not allow tc filters on tun interfaces!\n"); + if(!strncmp(tc_interface,"tun", 3) || !strncmp(tc_interface,"ziti", 4)){ + printf("%s:zfw does not allow tc filters on tun interfaces!\n", address->ifa_name); } address = address->ifa_next; continue; } + if(idx >= MAX_IF_ENTRIES) + { + printf("%s:zfw does not allow tc filters interfaces with an ifindex above %d!\n", address->ifa_name, MAX_IF_ENTRIES -1); + address = address->ifa_next; + continue; + } if (!strncmp(address->ifa_name, "lo", 2)) { lo_count++; @@ -992,10 +1002,6 @@ void interface_tc() continue; } } - if (all_interface) - { - tc_interface = address->ifa_name; - } if (tc || tcfilter) { if (!strcmp(tc_interface, address->ifa_name)) @@ -1070,7 +1076,8 @@ void interface_diag() address = address->ifa_next; continue; } - if(idx >= MAX_IF_ENTRIES && strncmp(address->ifa_name,"tun", 3)){ + if(idx >= MAX_IF_ENTRIES && strncmp(address->ifa_name,"tun", 3) && strncmp(address->ifa_name,"ziti", 4)){ + printf("%s:zfw does not support interfaces with an ifindex above %d!\n", address->ifa_name, MAX_IF_ENTRIES -1); address = address->ifa_next; continue; } @@ -1107,7 +1114,23 @@ void interface_diag() address = address->ifa_next; continue; } - if (echo && strncmp(address->ifa_name,"tun", 3)) + if(!strncmp(address->ifa_name, "ziti", 4) && (tun || per_interface || ssh_disable || echo)){ + if(per_interface && !strncmp(prefix_interface, "ziti", 4)){ + printf("%s:zfw does not allow setting on tun interfaces!\n", address->ifa_name); + } + if(tun && !strncmp(tun_interface, "ziti", 4)){ + printf("%s:zfw does not allow setting on tun interfaces!\n", address->ifa_name); + } + if(ssh_disable && !strncmp(ssh_interface, "ziti", 4)){ + printf("%s:zfw does not allow setting on tun interfaces!\n", address->ifa_name); + } + if(echo && !strncmp(echo_interface, "ziti", 4)){ + printf("%s:zfw does not allow setting on tun interfaces!\n", address->ifa_name); + } + address = address->ifa_next; + continue; + } + if (echo && strncmp(address->ifa_name,"tun", 3) && strncmp(address->ifa_name,"ziti", 4)) { if (!strcmp(echo_interface, address->ifa_name)) { @@ -1120,6 +1143,9 @@ void interface_diag() if(!strncmp(address->ifa_name, "tun", 3) && !strncmp(verbose_interface,"tun", 3)){ set_tun_diag(); } + else if(!strncmp(address->ifa_name, "ziti", 4) && !strncmp(verbose_interface,"ziti", 4)){ + set_tun_diag(); + } else if(!strcmp(verbose_interface, address->ifa_name)) { set_diag(&idx); @@ -1147,6 +1173,9 @@ void interface_diag() if(!strncmp(address->ifa_name, "tun", 3) && !strncmp(diag_interface,"tun", 3)){ set_tun_diag(); } + else if(!strncmp(address->ifa_name, "ziti", 4) && !strncmp(verbose_interface,"ziti", 4)){ + set_tun_diag(); + } else if (!strcmp(diag_interface, address->ifa_name)) { set_diag(&idx); @@ -1287,7 +1316,7 @@ bool interface_map() address = address->ifa_next; continue; } - if((idx >= MAX_IF_ENTRIES) && strncmp(address->ifa_name,"tun", 3)){ + if((idx >= MAX_IF_ENTRIES) && strncmp(address->ifa_name,"tun", 3) && strncmp(address->ifa_name,"ziti", 4)){ address = address->ifa_next; continue; } @@ -1312,11 +1341,11 @@ bool interface_map() continue; } } - if((idx < MAX_IF_ENTRIES) && strncmp(address->ifa_name,"tun", 3)){ + if((idx < MAX_IF_ENTRIES) && strncmp(address->ifa_name,"tun", 3) && strncmp(address->ifa_name,"ziti", 4)){ add_if_index(&idx, ifip, address->ifa_name); } - if(ifip == tunip) + if((ifip == tunip) && (!strncmp(address->ifa_name,"tun", 3) || !strncmp(address->ifa_name,"ziti", 4))) { bool change_detected =true; struct ifindex_tun o_iftun;