Mailing List Archive

TUNSETIFF (Operation not permitted)
Hi, I'm unfamiliar with thread list-servers so forgive me if this pipe is misused.


I am trying to VPN tunnel using VPNC but when I execute with a conf file under root I get an error.

Without using --local-port 0 I get: Permission denied

With --local-port 0 I get: Operation not permitted

Using strace I can see it fails here:

open("/dev/net/tun", O_RDWR) = 4
ioctl(4, TUNSETIFF, 0xbeaea5a8) = -1 EPERM (Operation not permitted)
close(4) = 0
write(1, " using interface \n", 20 using interface
) = 20
write(2, "vpnc: ", 6vpnc: ) = 6
write(2, "can't initialise tunnel interfac"..., 33can't initialise tunnel interface) = 33
write(2, ": Operation not permitted", 25: Operation not permitted) = 25
write(2, "\n", 1


I have also compiled and ran my own code that appears to use TUNSETIFF successfully.


int tun_open(char *dev, enum if_mode_enum mode)
{
struct ifreq ifr;
int fd, err;

if ((fd = open("/dev/net/tun", O_RDWR)) < 0) {
qDebug() << ("can't open /dev/net/tun, check that it is either device char 10 200 or (with DevFS) a symlink to ../misc/net/tun (not misc/net/tun)");
return -1;
}

memset(&ifr, 0, sizeof(ifr));
ifr.ifr_flags = ((mode == IF_MODE_TUN) ? IFF_TUN : IFF_TAP) | IFF_NO_PI;
if (*dev)
strncpy(ifr.ifr_name, dev, IFNAMSIZ);

if ((err = ioctl(fd, TUNSETIFF, (void *)&ifr)) < 0) {
qDebug() << ("TUNSETIFF Error");
close(fd);
return err;
}
strcpy(dev, ifr.ifr_name);
return fd;
}


Not sure the cause, any help appreciated!

Thanks,
-Joe
Confidentiality Notice: The preceding e-mail message (including any attachments) contains information that may be confidential, protected by applicable legal privileges, or constitute non-public information. It is intended to be conveyed only to the designated recipient(s). If you are not an intended recipient of this message, please notify the sender by replying to this message and then delete it from your system. Use, dissemination, distribution or reproduction of this message by unintended recipients is not authorized and may be unlawful.


_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/