aboutsummaryrefslogtreecommitdiff
path: root/slirp/slirp.c
diff options
context:
space:
mode:
authorJan Kiszka <jan.kiszka@siemens.com>2011-07-20 12:20:18 +0200
committerAnthony Liguori <aliguori@us.ibm.com>2011-07-23 10:19:50 -0500
commite6d43cfb1f937898dc031c7b38a23e5ccad8bd9a (patch)
tree67adcf8336aa881316f8b91dc17307c47d70ae9f /slirp/slirp.c
parent565465fcae755fbdb11c2f65ec5f0ae62c78db3a (diff)
downloadqemu-e6d43cfb1f937898dc031c7b38a23e5ccad8bd9a.zip
qemu-e6d43cfb1f937898dc031c7b38a23e5ccad8bd9a.tar.gz
qemu-e6d43cfb1f937898dc031c7b38a23e5ccad8bd9a.tar.bz2
slirp: Forward ICMP echo requests via unprivileged sockets
Linux 3.0 gained support for unprivileged ICMP ping sockets. Use this feature to forward guest pings to the outer world. The host admin has to set the ping_group_range in order to grant access to those sockets. To allow ping for the users group (GID 100): echo 100 100 > /proc/sys/net/ipv4/ping_group_range Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Diffstat (limited to 'slirp/slirp.c')
-rw-r--r--slirp/slirp.c37
1 files changed, 37 insertions, 0 deletions
diff --git a/slirp/slirp.c b/slirp/slirp.c
index 1593be1..faaa2f3 100644
--- a/slirp/slirp.c
+++ b/slirp/slirp.c
@@ -373,6 +373,31 @@ void slirp_select_fill(int *pnfds,
UPD_NFDS(so->s);
}
}
+
+ /*
+ * ICMP sockets
+ */
+ for (so = slirp->icmp.so_next; so != &slirp->icmp;
+ so = so_next) {
+ so_next = so->so_next;
+
+ /*
+ * See if it's timed out
+ */
+ if (so->so_expire) {
+ if (so->so_expire <= curtime) {
+ icmp_detach(so);
+ continue;
+ } else {
+ do_slowtimo = 1; /* Let socket expire */
+ }
+ }
+
+ if (so->so_state & SS_ISFCONNECTED) {
+ FD_SET(so->s, readfds);
+ UPD_NFDS(so->s);
+ }
+ }
}
*pnfds = nfds;
@@ -542,6 +567,18 @@ void slirp_select_poll(fd_set *readfds, fd_set *writefds, fd_set *xfds,
sorecvfrom(so);
}
}
+
+ /*
+ * Check incoming ICMP relies.
+ */
+ for (so = slirp->icmp.so_next; so != &slirp->icmp;
+ so = so_next) {
+ so_next = so->so_next;
+
+ if (so->s != -1 && FD_ISSET(so->s, readfds)) {
+ icmp_receive(so);
+ }
+ }
}
/*