/* walled garden */
-char const *cvs_id = "$Id: garden.c,v 1.24 2005/10/11 09:04:53 bodea Exp $";
-
int plugin_api_version = PLUGIN_API_VERSION;
static struct pluginfuncs *f = 0;
"iptables -t nat -N garden_users >/dev/null 2>&1", // Empty chain, users added/removed by garden_session
"iptables -t nat -F garden_users",
"iptables -t nat -A PREROUTING -j garden_users", // DNAT any users on the garden_users chain
- "sysctl -w net.ipv4.ip_conntrack_max=512000 >/dev/null", // lots of entries
+ "sysctl -w net.ipv4.netfilter.ip_conntrack_max=512000" // lots of entries
+ " net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=18000 >/dev/null", // 5hrs
NULL,
};
for (i = 0; up_commands[i] && *up_commands[i]; i++)
{
f->log(3, 0, 0, "Running %s\n", up_commands[i]);
- system(up_commands[i]);
+ int status = system(up_commands[i]);
}
return PLUGIN_RET_OK;
{
char cmd[2048];
sessionidt sess;
+ int status;
if (!s) return 0;
if (!s->opened) return 0;
f->fmtaddr(htonl(s->ip), 0));
f->log(3, sess, s->tunnel, "%s\n", cmd);
- system(cmd);
+ status = system(cmd);
s->walled_garden = 1;
}
else
f->log(3, sess, s->tunnel, "%s\n", cmd);
while (--count)
{
- int status = system(cmd);
+ status = system(cmd);
if (WEXITSTATUS(status) != 0) break;
}
for (i = 0; down_commands[i] && *down_commands[i]; i++)
{
f->log(3, 0, 0, "Running %s\n", down_commands[i]);
- system(down_commands[i]);
+ int status = system(down_commands[i]);
}
}
for (i = 0; down_commands[i] && *down_commands[i]; i++)
{
f->log(3, 0, 0, "Running %s\n", down_commands[i]);
- system(down_commands[i]);
+ int status = system(down_commands[i]);
}
}