-check for ipt

diff --git a/src/pt/test_gns_vpn.c b/src/pt/test_gns_vpn.c
index 6a5aa5e61cf56f6a945cccea9d0f5c0004e711b1..9789ce7d914bf4dee08f2228bd9d11c2bf7125ba 100644 (file)
--- a/src/pt/test_gns_vpn.c
+++ b/src/pt/test_gns_vpn.c
@@ -437,9 +437,88 @@ test_af (int af)
 }
 
 
+/**
+ * Run the given command and wait for it to complete.
+ * 
+ * @param file name of the binary to run
+ * @param cmd command line arguments (as given to 'execv')
+ * @return 0 on success, 1 on any error
+ */
+static int
+fork_and_exec (const char *file, 
+              char *const cmd[])
+{
+  int status;
+  pid_t pid;
+  pid_t ret;
+
+  pid = fork ();
+  if (-1 == pid)
+  {
+    fprintf (stderr, 
+            "fork failed: %s\n", 
+            strerror (errno));
+    return 1;
+  }
+  if (0 == pid)
+  {
+    /* we are the child process */
+    /* close stdin/stdout to not cause interference
+       with the helper's main protocol! */
+    (void) close (0); 
+    (void) close (1); 
+    (void) execv (file, cmd);
+    /* can only get here on error */
+    fprintf (stderr, 
+            "exec `%s' failed: %s\n", 
+            file,
+            strerror (errno));
+    _exit (1);
+  }
+  /* keep running waitpid as long as the only error we get is 'EINTR' */
+  while ( (-1 == (ret = waitpid (pid, &status, 0))) &&
+         (errno == EINTR) ); 
+  if (-1 == ret)
+  {
+    fprintf (stderr, 
+            "waitpid failed: %s\n", 
+            strerror (errno));
+    return 1;
+  }
+  if (! (WIFEXITED (status) && (0 == WEXITSTATUS (status))))
+    return 1;
+  /* child process completed and returned success, we're happy */
+  return 0;
+}
+
 int
 main (int argc, char *const *argv)
 {
+  char *sbin_iptables;
+  char *const iptables_args[] =
+  {
+    "iptables", "-t", "mangle", "-L", "-v", NULL
+  };
+  
+  if (0 == access ("/sbin/iptables", X_OK))
+    sbin_iptables = "/sbin/iptables";
+  else if (0 == access ("/usr/sbin/iptables", X_OK))
+    sbin_iptables = "/usr/sbin/iptables";
+  else
+  {
+    fprintf (stderr, 
+            "Executable iptables not found in approved directories: %s, skipping\n",
+            strerror (errno));
+    return 0;
+  }
+  
+  if (0 != fork_and_exec (sbin_iptables, iptables_args))
+  {
+    fprintf (stderr,
+             "IPtables not available, Skipping.\n");
+    return 0;
+  }
+
   if (0 != ACCESS ("/dev/net/tun", R_OK))
   {
     GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
@@ -449,6 +528,7 @@ main (int argc, char *const *argv)
             "WARNING: System unable to run test, skipping.\n");
     return 0;
   }
+
   if ( (GNUNET_YES !=
        GNUNET_OS_check_helper_binary ("gnunet-helper-vpn")) ||
        (GNUNET_YES !=