From e7500f044c0a639d359c07d14d2357793737d903 Mon Sep 17 00:00:00 2001
From: giovanni <giovanni@41d37cc5-eb28-0410-a9bf-d37491348ade>
Date: Fri, 24 Oct 2008 15:07:50 +0000
Subject: [PATCH] forbids non-umts slices to access the UMTS interface

---
 backend.spec           |  2 +-
 backend/umts_functions | 11 ++++++++---
 frontend.spec          |  2 +-
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/backend.spec b/backend.spec
index f08db13..578ece0 100644
--- a/backend.spec
+++ b/backend.spec
@@ -2,7 +2,7 @@
 
 %define name planetlab-umts-tools-backend
 %define version 0.5
-%define release 3
+%define release 4
 
 Summary: Umts-tools for PlanetLab - backend part
 Name: %{name}
diff --git a/backend/umts_functions b/backend/umts_functions
index 1d87671..9c7fc5d 100644
--- a/backend/umts_functions
+++ b/backend/umts_functions
@@ -113,7 +113,7 @@ function start_umts(){
     fi
 
     if [[ `get_umts_dev` == "" ]]; then 
-	if [[ init_umts != 0 ]]; then
+	if [[ init_umts != 0 ]]; then	
 		return 1
 	fi
     fi
@@ -142,7 +142,7 @@ function start_umts(){
 	conn_on $sliver $sliver_nid
     else
 	#second try
-	sleep 4s;
+	sleep 5s;
 	if grep "$STROK" $LOGF >/dev/null 2>&1; then
 	    conn_on $sliver $sliver_nid
 	else
@@ -169,7 +169,7 @@ function stop_umts(){
     if [ -d /proc/$PID ] &&  grep $PPPD /proc/$PID/cmdline >/dev/null 2>&1; then 	
 	conn_off $sliver $sliver_nid
 	kill $PID;
-	sleep 4;
+	sleep 2s;
     fi
 
     if status_umts; then
@@ -223,6 +223,9 @@ function set_routes(){
 	iptables -t mangle -A OUTPUT -m mark --mark $sliver_nid -j MARK --set-mark $temp_nid
 	iptables -t nat -A POSTROUTING -o $PPP_INT -j SNAT --to-source $ppp_addr
 	iptables -t mangle -I POSTROUTING 1 -m mark --mark $temp_nid -j MARK --set-mark $sliver_nid
+
+	#forbids other slices to use the UMTS interface
+	iptables -t nat -I POSTROUTING 1 -o $PPP_INT -m mark ! --mark $sliver_nid -j DROP
 	
 	#enable the explicit bind to the ppp interface
 	ip route flush table umts_table >/dev/null 2>&1 
@@ -243,6 +246,8 @@ function unset_routes(){
 	iptables -t nat -D POSTROUTING -o $PPP_INT -j SNAT --to-source $ppp_addr
 	iptables -t mangle -D POSTROUTING -m mark --mark $temp_nid -j MARK --set-mark $sliver_nid
 
+	iptables -t nat -D POSTROUTING -o $PPP_INT -m mark ! --mark $sliver_nid -j DROP
+
 	#disable the explicit bind to the ppp interface
 	ip rule del from $ppp_addr fwmark $temp_nid table umts_table  >/dev/null 2>&1
 	ip route del default dev $PPP_INT  src $ppp_addr table umts_table >/dev/null 2>&1
diff --git a/frontend.spec b/frontend.spec
index 882c555..4ffb9ae 100644
--- a/frontend.spec
+++ b/frontend.spec
@@ -2,7 +2,7 @@
 
 %define name planetlab-umts-tools-frontend
 %define version 0.5
-%define release 3
+%define release 4
 
 Summary: UMTS tools for PlanetLab
 Name: %{name}
-- 
2.43.0