Menu
▾
▴
#75 Multi interface and bridging with Linux
This patch will permit a guest to use the Host's subnet
(and any DHCP server...); we do this by using the
bridging capabilities of Linux.
Also, this patch will manage multiple occurances of
PearPC, network-wise.
Here's the HOWTO:
I am using kernel 2.6.7 to do this. I think this will
work with no
problems with the 2.4 series too.
Set the Device Drivers -> Networking Support ->
Networking Options -> 802.1d Ethernet Bridging to ON or
Module.
Compile your kernel, and reboot.
Get the latest bridge-utils package from
bridge.sourceforge.net. I am using version 0.9.6.
Those using Gentoo can just "emerge bridge-utils" :-)
This removes the necessity to use Netfilter and NAT.
Please modify the file "settings" to your liking.
Version 0.1
Logged In: YES
user_id=260442
Oh, this works with the Altivec source too.
Logged In: YES
user_id=3437
At least for smaller networks this is a very nice thing,
thanks.
I commited it except some smaller gliches:
* You used sizeof instead of strlen (maybe this was the
cause of the sigsegv you were seeing)
* snprintf is almost as evil as sprintf and has been banned
by me. Use ht_snprintf instead.
* Can you explain why you inspected the return value of
snprintf? To my understand it should never return 0 except
when the format already was "".
Ah, and thanks for the settings stuff.
Logged In: YES
user_id=3437
And there were some more problems with uninitialized
pointers (like for "command") and you didn't free mIfName.
You should really take a little bit more care on those
network things which are security relevant.
But we have now a problem with your patch. You want to
execute "ifconfig" but therefore you need root priviledges.
I don't really want to give PearPC suid... Any ideas to fix
this?
Logged In: YES
user_id=3437
The ifconfig line is really dangerous, since it allows the
execution of arbirary commands if we made the "PPC"
interface prefix configurable.
Anyway, I attached a updated version, maybe you can fix this
last problem.
0.2
Logged In: YES
user_id=3437
The ifconfig line is really dangerous, since it allows the
execution of arbirary commands if we made the "PPC"
interface prefix configurable.
Anyway, I attached a updated version, maybe you can fix this
last problem.
Logged In: YES
user_id=260442
I can use 'ifconfig eth0' without being root in Linux. Am I
out to lunch ?
I added a cutoff point for string lenght of the interface
name. I only keep the first 3 chars. If I add a string
search to make sure the 3 chars are only alpha, then we
should be OK security wise.
Thanks for the mods.
Pat
0.3
Logged In: YES
user_id=3437
Yes, your absolutely right. I thought ifconfig is only
available under sbin.
So, (strlen(netif_prefix) > 3) sounds a little bit to small
for me, we should at least allow names like "pearpc". The
alphanumeric check is more important.
Is there any reason you start the counter at 1? A name like
ppc0 sounds more unix like.
BTW: You should read the manpages of snprintf and strncpy.
Those functions are harmful if you don't know their caveats:
If you write something like
char chop_buffer[3];
strncpy(chop_buffer, netif_prefix,3);
netif_prefix = chop_buffer;
chop_buffer will _not_ be 0-terminated if
strlen(netif_prefix)>=3!
If you use strncpy it should look like
strncpy(dest, src, sizeof dest - 1);
dest[sizeof dest-1]=0;
Of course this is ugly, so I'd recommend to either use
std::string or the String class of PearPC (in C++ programs).
Logged In: YES
user_id=260442
Newer version mostly written in C++ now. Now starts a ppc0
Permits up to 6 chars in prefix.
Can someone test with > 10 instances ?
Pat
0.4
Logged In: YES
user_id=3437
So, I commited it, but used String instead of std::string (I
like my own class more :) ). You had again a wild pointer
(temp_buffer was allocated on the stack, but you reused its
c_str()) and the comparision (mIfName=="") didn't do what
you expected.
Logged In: YES
user_id=3437
Reopened. Executing the settings file is a huge security risk.