From: Nikolay Denev <ndenev@gmail.com>
Date: Sat, 22 Dec 2012 11:00:13 +0000 (+0200)
Subject: set SO_BROADCAST on the divert socket so that broadcast
X-Git-Tag: suricata-1.4.1~79
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=29b69fb026a9dd06951c94b28d7bd38539e30fe9;p=thirdparty%2Fsuricata.git

set SO_BROADCAST on the divert socket so that broadcast
 packets can be reinjected.
---

diff --git a/src/source-ipfw.c b/src/source-ipfw.c
index 4a1f5ffc33..b423337564 100644
--- a/src/source-ipfw.c
+++ b/src/source-ipfw.c
@@ -326,6 +326,7 @@ TmEcode ReceiveIPFWLoop(ThreadVars *tv, void *data, void *slot)
 TmEcode ReceiveIPFWThreadInit(ThreadVars *tv, void *initdata, void **data)
 {
     struct timeval timev;
+    int flag;
     IPFWThreadVars *ntv = (IPFWThreadVars *) initdata;
     IPFWQueueVars *nq = IPFWGetQueue(ntv->ipfw_index);
 
@@ -352,6 +353,15 @@ TmEcode ReceiveIPFWThreadInit(ThreadVars *tv, void *initdata, void **data)
         SCReturnInt(TM_ECODE_FAILED);
     }
 
+    /* set SO_BROADCAST on the divert socket, otherwise sendto()
+     * returns EACCES when reinjecting broadcast packets. */
+    flag = 1;
+
+    if (setsockopt(nq->fd, SOL_SOCKET, SO_BROADCAST, &flag, sizeof(flag)) == -1) {
+        SCLogWarning(SC_WARN_IPFW_SETSOCKOPT,"Can't set IPFW divert socket broadcast flag: %s", strerror(errno));
+        SCReturnInt(TM_ECODE_FAILED);
+    }
+
     nq->ipfw_sinlen=sizeof(nq->ipfw_sin);
     memset(&nq->ipfw_sin, 0, nq->ipfw_sinlen);
     nq->ipfw_sin.sin_family = PF_INET;