From 45b9ac5e86e50cbe2ad422a9e5b20f81276e94a7 Mon Sep 17 00:00:00 2001 From: Kioubit Date: Sun, 26 Dec 2021 07:13:48 -0500 Subject: [PATCH] Set Interface Allmulti flag --- pndp/rawsocket.go | 28 ++++++++++++++++++++++++++++ pndpd.service | 4 ++-- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/pndp/rawsocket.go b/pndp/rawsocket.go index 7018415..00bdb43 100644 --- a/pndp/rawsocket.go +++ b/pndp/rawsocket.go @@ -61,6 +61,7 @@ func listen(iface string, responder chan *ndpRequest, requestType ndpType, stopW } go func() { <-stopChan + setAllMulti(fd, iface, false) _ = syscall.Close(fd) stopWG.Done() // syscall.read does not release when the file descriptor is closed }() @@ -77,6 +78,8 @@ func listen(iface string, responder chan *ndpRequest, requestType ndpType, stopW panic(err.Error()) } + setAllMulti(fd, iface, true) + var protocolNo uint32 if requestType == ndp_SOL { //Neighbor Solicitation @@ -163,3 +166,28 @@ func listen(iface string, responder chan *ndpRequest, requestType ndpType, stopW } } } + +type iflags struct { + name [syscall.IFNAMSIZ]byte + flags uint16 +} + +func setAllMulti(fd int, iface string, enable bool) { + var ifl iflags + copy(ifl.name[:], []byte(iface)) + _, _, ep := syscall.Syscall(syscall.SYS_IOCTL, uintptr(fd), syscall.SIOCGIFFLAGS, uintptr(unsafe.Pointer(&ifl))) + if ep != 0 { + panic(ep) + } + + if enable { + ifl.flags |= uint16(syscall.IFF_ALLMULTI) + } else { + ifl.flags &^= uint16(syscall.IFF_ALLMULTI) + } + + _, _, ep = syscall.Syscall(syscall.SYS_IOCTL, uintptr(fd), syscall.SIOCSIFFLAGS, uintptr(unsafe.Pointer(&ifl))) + if ep != 0 { + panic(ep) + } +} diff --git a/pndpd.service b/pndpd.service index 4dab6b2..f4e1964 100644 --- a/pndpd.service +++ b/pndpd.service @@ -10,8 +10,8 @@ RestartSec=5s ExecStart=/usr/bin/pndpd config /etc/pndpd/pndpd.conf DynamicUser=yes -AmbientCapabilities=CAP_NET_RAW -CapabilityBoundingSet= +AmbientCapabilities=CAP_NET_RAW CAP_NET_ADMIN +CapabilityBoundingSet=CAP_NET_RAW CAP_NET_ADMIN ProtectHome=yes [Install]