Commit | Line | Data |
---|---|---|
08e5c1c8 IJ |
1 | #!/usr/bin/perl -w |
2 | # | |
3 | # When invoked appropriately, it creates a point-to-point network | |
4 | # interface with specified parameters. It arranges for packets sent out | |
5 | # via that interface by the kernel to appear on its own stdout in SLIP or | |
6 | # CSLIP encoding, and packets injected into its own stdin to be given to | |
7 | # the kernel as if received on that interface. Optionally, additional | |
8 | # routes can be set up to arrange for traffic for other address ranges to | |
9 | # be routed through the new interface. | |
10 | # | |
11 | # This is the access control wrapper for the service program. | |
12 | # Arrangments should be made to invoke this as root from userv. | |
13 | # | |
14 | # Usage: | |
15 | # | |
16 | # .../ipif1 <v1config> -- <service-args>... | |
17 | # | |
18 | # Config file is a series of lines. | |
19 | # | |
20 | # permit <keyword>.... | |
21 | # | |
22 | # if caller, local addr, all remote addrs and networks, and | |
23 | # ifname, all match, permits the request (and stops reading | |
24 | # the config) | |
25 | # | |
26 | # group <groupname>|<gid> | |
27 | # matches caller if they are in that group | |
28 | # user <username>|<uid> | |
29 | # matches caller if they are that user | |
30 | # everyone | |
31 | # always matches caller | |
32 | # | |
33 | # hostnet <ipaddr>/<prefixlen> | |
34 | # equivalent to local <ipv4addr> remote <ipv4addr&prefix> | |
35 | # local <ipaddr> | |
36 | # matches local address when it is <ipv4addr> | |
37 | # remote <ipnetnet>/<prefixlen> | |
38 | # matches aplicable remote addrs (including p-t-p) | |
39 | # addrs <ipaddr>|<ipnetnet>/<prefixlen> | |
40 | # matches applicable local ore remote addrs | |
41 | # | |
42 | # ifname <ifname> | |
43 | # matches interface name if it is exactly <ifname> | |
44 | # (<ifname> may contain %d, which is interpreted by | |
45 | # the kernel) | |
46 | # wildcards are not supported | |
47 | # if a permit has no ifname at all, it is as if | |
48 | # `ifname userv%d' was specified | |
49 | # | |
50 | # v0config <v0configfile> | |
51 | # | |
52 | # If none of the `permit' lines match, will read <v0configfile> | |
53 | # in old format. Must be the last line in the file. | |
54 | # | |
55 | # <config> -- | |
56 | ||
57 | use strict; |