my @vinfo;
my $foo;
my $real_xid;
-my $cat_cmd;
$slicename = $ARGV[0];
$xid = int(`id -u $slicename`) || die("Could not determine xid of $slicename\n");
die("$portnumber is not a port number");
}
-$fuser_cmd = "ncontext --nid $xid --migrate -- vcontext --xid $xid --migrate fuser -n tcp $portnumber";
+if ($portnumber<61001 || $portnumber>65535) {
+ die("$portnumber lies in the local port-rover range\n");
+}
+
+$fuser_cmd = "ncontext --nid $xid --migrate -- vcontext --xid $xid --migrate fuser -n tcp $portnumber 2>/dev/null";
$pid = `$fuser_cmd` || die("Please bind to port $portnumber, e.g. run nc -l $portnumber.");
+$pid=~s/\s+//g;
+
+my $cat_cmd;
-$cat_cmd = "cat /proc/$pid/vinfo";
+$cat_cmd = "chcontext --ctx 1 cat /proc/$pid/vinfo";
$_ = `$cat_cmd`;
@vinfo = split /\n/;
($#vinfo>0) || die("Port reservation failed. Please try again.\n");
die("Port $portnumber belongs to user $real_xid, not to you.\n");
}
-close CMD;
+# OK. We're good
+# Only, slices are allowed only 1 port reservation/session
+
+if ( -f "/dev/shm/$slicename-port" ) {
+ print "You have already reserved the following port:\n";
+ system("cat /dev/shm/$slicename-port");
+ exit(1);
+}
+
+open FIL,">/dev/shm/$slicename-port";
+print FIL "$portnumber";
+close FIL;
+
+system("iptables -t mangle -A INPUT -m tcp -p tcp --dport $portnumber -j MARK --set-mark $xid");