Skip to content

Commit 2cab6a0

Browse files
r-caamanor-caamano
authored
Merge pull request #86 from netfoundry/v0.9.6-release-candidate
redirect system call output to /dev/null for set_tc_filter()
2 parents e859bbb + c936407 commit 2cab6a0

File tree

3 files changed

+22
-2
lines changed

3 files changed

+22
-2
lines changed

CHANGELOG.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file. The format
55
---
66
###
77

8+
# [0.9.56 - 2024-12-09
9+
10+
- Updated zfw.c to redirect system call output to /dev/null for set_tc_filter()
11+
12+
###
13+
814
# [0.9.5] - 2024-11-29
915

1016
- updated the release workflow to upload zfw-router deb package to jfrog repo

src/zfw.c

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,7 @@
4141
#include <time.h>
4242
#include <signal.h>
4343
#include <limits.h>
44+
#include <fcntl.h>
4445

4546
#ifndef BPF_MAX_ENTRIES
4647
#define BPF_MAX_ENTRIES 100 // MAX # PREFIXES
@@ -262,7 +263,7 @@ char *direction_string;
262263
char *masq_interface;
263264
char check_alt[IF_NAMESIZE];
264265

265-
const char *argp_program_version = "0.9.5";
266+
const char *argp_program_version = "0.9.6";
266267
struct ring_buffer *ring_buffer;
267268

268269
__u32 if_list[MAX_IF_LIST_ENTRIES];
@@ -727,6 +728,15 @@ void set_tc_filter(char *action)
727728
close_maps(1);
728729
}
729730
pid_t pid;
731+
int o_std_out = dup(STDOUT_FILENO);
732+
int o_std_err = dup(STDERR_FILENO);
733+
int fd = open("/dev/null", O_WRONLY);
734+
if (fd == -1){
735+
return;
736+
}
737+
dup2(fd, STDOUT_FILENO);
738+
dup2(fd, STDERR_FILENO);
739+
close(fd);
730740
if (!strcmp(action, "add") && check_filter(if_nametoindex(tc_interface),direction_string))
731741
{
732742
if(check_qdisc(tc_interface)){
@@ -782,6 +792,10 @@ void set_tc_filter(char *action)
782792
printf("execv error: unknown error removing filter");
783793
}
784794
}
795+
dup2(o_std_out, STDOUT_FILENO);
796+
dup2(o_std_err, STDERR_FILENO);
797+
close(o_std_out);
798+
close(o_std_err);
785799
}
786800

787801
void disable_ebpf()

src/zfw_monitor.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ char check_alt[IF_NAMESIZE];
8787
char doc[] = "zfw_monitor -- ebpf firewall monitor tool";
8888
const char *rb_map_path = "/sys/fs/bpf/tc/globals/rb_map";
8989
const char *tproxy_map_path = "/sys/fs/bpf/tc/globals/zt_tproxy_map";
90-
const char *argp_program_version = "0.9.5";
90+
const char *argp_program_version = "0.9.6";
9191
union bpf_attr rb_map;
9292
int rb_fd = -1;
9393

0 commit comments

Comments
 (0)