}
}
if (FwmarkClient::shouldSetFwmark(family)) {
- FwmarkCommand command = {FwmarkCommand::ON_ACCEPT, 0};
+ FwmarkCommand command = {FwmarkCommand::ON_ACCEPT, 0, 0};
if (int error = FwmarkClient().send(&command, sizeof(command), acceptedSocket)) {
return closeFdAndSetErrno(acceptedSocket, error);
}
int netdClientConnect(int sockfd, const sockaddr* addr, socklen_t addrlen) {
if (sockfd >= 0 && addr && FwmarkClient::shouldSetFwmark(addr->sa_family)) {
- FwmarkCommand command = {FwmarkCommand::ON_CONNECT, 0};
+ FwmarkCommand command = {FwmarkCommand::ON_CONNECT, 0, 0};
if (int error = FwmarkClient().send(&command, sizeof(command), sockfd)) {
errno = -error;
return -1;
if (socketFd < 0) {
return -EBADF;
}
- FwmarkCommand command = {FwmarkCommand::SELECT_NETWORK, netId};
+ FwmarkCommand command = {FwmarkCommand::SELECT_NETWORK, netId, 0};
return FwmarkClient().send(&command, sizeof(command), socketFd);
}
if (socketFd < 0) {
return -EBADF;
}
- FwmarkCommand command = {FwmarkCommand::PROTECT_FROM_VPN, 0};
+ FwmarkCommand command = {FwmarkCommand::PROTECT_FROM_VPN, 0, 0};
+ return FwmarkClient().send(&command, sizeof(command), socketFd);
+}
+
+extern "C" int setNetworkForUser(uid_t uid, int socketFd) {
+ if (socketFd < 0) {
+ return -EBADF;
+ }
+ FwmarkCommand command = {FwmarkCommand::SELECT_FOR_USER, 0, uid};
return FwmarkClient().send(&command, sizeof(command), socketFd);
}
#ifndef NETD_INCLUDE_FWMARK_COMMAND_H
#define NETD_INCLUDE_FWMARK_COMMAND_H
+#include <sys/types.h>
+
// Commands sent from clients to the fwmark server to mark sockets (i.e., set their SO_MARK).
struct FwmarkCommand {
enum {
ON_CONNECT,
SELECT_NETWORK,
PROTECT_FROM_VPN,
+ SELECT_FOR_USER,
} cmdId;
unsigned netId; // used only in the SELECT_NETWORK command; ignored otherwise.
+ uid_t uid; // used only in the SELECT_FOR_USER command; ignored otherwise.
};
#endif // NETD_INCLUDE_FWMARK_COMMAND_H