Index: avahi-daemon/main.c =================================================================== --- avahi-daemon/main.c (revision 1781) +++ avahi-daemon/main.c (working copy) @@ -601,6 +601,38 @@ } } #endif + else if (strcasecmp(p->key, "allow-interfaces") == 0) { + int count = 0; + char **e, **t; + + avahi_string_list_free(c->server_config.allow_interfaces); + e = avahi_split_csv(p->value); + + for (t = e; *t; t++) { + c->server_config.allow_interfaces = avahi_string_list_add(c->server_config.allow_interfaces, *t); + count++; + } + + avahi_strfreev(e); + if (c->server_config.deny_interfaces != NULL && avahi_string_list_length(c->server_config.allow_interfaces) == 0) { + avahi_log_error("You have specified a deny_interfaces key but there are no allowed interfaces!\n"); + } + } + else if (strcasecmp(p->key, "deny-interfaces") == 0) { + char **e, **t; + + avahi_string_list_free(c->server_config.deny_interfaces); + e = avahi_split_csv(p->value); + + for (t = e; *t; t++) { + c->server_config.deny_interfaces = avahi_string_list_add(c->server_config.deny_interfaces, *t); + } + + avahi_strfreev(e); + if (c->server_config.allow_interfaces != NULL && avahi_string_list_length(c->server_config.allow_interfaces) == 0) { + avahi_log_error("You have specified a deny_interfaces key but there are no allowed interfaces!\n"); + } + } else { avahi_log_error("Invalid configuration key \"%s\" in group \"%s\"\n", p->key, g->name); goto finish; Index: avahi-daemon/avahi-daemon.conf =================================================================== --- avahi-daemon/avahi-daemon.conf (revision 1781) +++ avahi-daemon/avahi-daemon.conf (working copy) @@ -26,6 +26,8 @@ browse-domains=0pointer.de, zeroconf.org use-ipv4=yes use-ipv6=no +#allow-interfaces=eth0 +#deny-interfaces=eth1 #check-response-ttl=no #use-iff-running=no #enable-dbus=yes Index: man/avahi-daemon.conf.5.xml.in =================================================================== --- man/avahi-daemon.conf.5.xml.in (revision 1781) +++ man/avahi-daemon.conf.5.xml.in (working copy) @@ -72,6 +72,19 @@ + allow-interfaces= Set a comma seperated list of + allowed networkinterfaces that should be used by the program. + Other interfaces will be ignored. + + + + deny-interfaces= Set a comma seperated list of + networkinterfaces that should not be used by the program. + Other not specified interfaces will be used, unless + allow-interfaces is set. + + + check-response-ttl= Takes a boolean value ("yes" or "no"). If set to "yes", an additional security check is activated: incoming IP packets will be ignored unless the IP Index: avahi-core/iface.c =================================================================== --- avahi-core/iface.c (revision 1781) +++ avahi-core/iface.c (working copy) @@ -632,7 +632,7 @@ return 0; } -int avahi_interface_is_relevant(AvahiInterface *i) { +static int avahi_interface_is_relevant_internal(AvahiInterface *i) { AvahiInterfaceAddress *a; assert(i); @@ -646,6 +646,37 @@ return 0; } + +int avahi_interface_is_relevant(AvahiInterface *i) { + assert(i); + + if (i->monitor->server->config.deny_interfaces != NULL || + i->monitor->server->config.allow_interfaces != NULL) { + AvahiStringList *l; + + if (i->monitor->server->config.deny_interfaces != NULL) { /* required ? */ + for (l = i->monitor->server->config.deny_interfaces; l; l = l->next) { + if (strcasecmp((char*) l->text, i->hardware->name) == 0) { + return 0; + } + } + } + + if (i->monitor->server->config.allow_interfaces != NULL) { + for (l = i->monitor->server->config.allow_interfaces; l; l = l->next) { + if (strcasecmp((char*) l->text, i->hardware->name) == 0) { + return avahi_interface_is_relevant_internal(i); + } + } + } else { + return avahi_interface_is_relevant_internal(i); + } + } else { + return avahi_interface_is_relevant_internal(i); + } + + return 0; +} int avahi_interface_address_is_relevant(AvahiInterfaceAddress *a) { AvahiInterfaceAddress *b; Index: avahi-core/core.h =================================================================== --- avahi-core/core.h (revision 1781) +++ avahi-core/core.h (working copy) @@ -47,6 +47,8 @@ char *domain_name; /**< Default domain name. If left empty defaults to .local */ int use_ipv4; /**< Enable IPv4 support */ int use_ipv6; /**< Enable IPv6 support */ + AvahiStringList *allow_interfaces;/**< Allow specific interface to be used for Avahi */ + AvahiStringList *deny_interfaces; /**< Deny specific interfaces to be used for Avahi */ int publish_hinfo; /**< Register a HINFO record for the host containing the local OS and CPU type */ int publish_addresses; /**< Register A, AAAA and PTR records for all local IP addresses */ int publish_workstation; /**< Register a _workstation._tcp service */ Index: avahi-core/server.c =================================================================== --- avahi-core/server.c (revision 1781) +++ avahi-core/server.c (working copy) @@ -1562,6 +1562,8 @@ memset(c, 0, sizeof(AvahiServerConfig)); c->use_ipv6 = 1; c->use_ipv4 = 1; + c->allow_interfaces = NULL; + c->deny_interfaces = NULL; c->host_name = NULL; c->domain_name = NULL; c->check_response_ttl = 0; @@ -1591,11 +1593,13 @@ avahi_free(c->host_name); avahi_free(c->domain_name); avahi_string_list_free(c->browse_domains); + avahi_string_list_free(c->allow_interfaces); + avahi_string_list_free(c->deny_interfaces); } AvahiServerConfig* avahi_server_config_copy(AvahiServerConfig *ret, const AvahiServerConfig *c) { char *d = NULL, *h = NULL; - AvahiStringList *l = NULL; + AvahiStringList *browse = NULL, *allow = NULL, *deny = NULL; assert(ret); assert(c); @@ -1609,16 +1613,33 @@ return NULL; } - if (!(l = avahi_string_list_copy(c->browse_domains)) && c->browse_domains) { + if (!(browse = avahi_string_list_copy(c->browse_domains)) && c->browse_domains) { avahi_free(h); avahi_free(d); return NULL; } + + if (!(allow = avahi_string_list_copy(c->allow_interfaces)) && c->allow_interfaces) { + avahi_string_list_free(browse); + avahi_free(h); + avahi_free(d); + return NULL; + } + if (!(deny = avahi_string_list_copy(c->deny_interfaces)) && c->deny_interfaces) { + avahi_string_list_free(allow); + avahi_string_list_free(browse); + avahi_free(h); + avahi_free(d); + return NULL; + } + *ret = *c; ret->host_name = h; ret->domain_name = d; - ret->browse_domains = l; + ret->browse_domains = browse; + ret->allow_interfaces = allow; + ret->deny_interfaces = deny; return ret; }
allow-interfaces= Set a comma seperated list of + allowed networkinterfaces that should be used by the program. + Other interfaces will be ignored.
deny-interfaces= Set a comma seperated list of + networkinterfaces that should not be used by the program. + Other not specified interfaces will be used, unless + allow-interfaces is set.
check-response-ttl= Takes a boolean value ("yes" or "no"). If set to "yes", an additional security check is activated: incoming IP packets will be ignored unless the IP Index: avahi-core/iface.c =================================================================== --- avahi-core/iface.c (revision 1781) +++ avahi-core/iface.c (working copy) @@ -632,7 +632,7 @@ return 0; } -int avahi_interface_is_relevant(AvahiInterface *i) { +static int avahi_interface_is_relevant_internal(AvahiInterface *i) { AvahiInterfaceAddress *a; assert(i); @@ -646,6 +646,37 @@ return 0; } + +int avahi_interface_is_relevant(AvahiInterface *i) { + assert(i); + + if (i->monitor->server->config.deny_interfaces != NULL || + i->monitor->server->config.allow_interfaces != NULL) { + AvahiStringList *l; + + if (i->monitor->server->config.deny_interfaces != NULL) { /* required ? */ + for (l = i->monitor->server->config.deny_interfaces; l; l = l->next) { + if (strcasecmp((char*) l->text, i->hardware->name) == 0) { + return 0; + } + } + } + + if (i->monitor->server->config.allow_interfaces != NULL) { + for (l = i->monitor->server->config.allow_interfaces; l; l = l->next) { + if (strcasecmp((char*) l->text, i->hardware->name) == 0) { + return avahi_interface_is_relevant_internal(i); + } + } + } else { + return avahi_interface_is_relevant_internal(i); + } + } else { + return avahi_interface_is_relevant_internal(i); + } + + return 0; +} int avahi_interface_address_is_relevant(AvahiInterfaceAddress *a) { AvahiInterfaceAddress *b; Index: avahi-core/core.h =================================================================== --- avahi-core/core.h (revision 1781) +++ avahi-core/core.h (working copy) @@ -47,6 +47,8 @@ char *domain_name; /**< Default domain name. If left empty defaults to .local */ int use_ipv4; /**< Enable IPv4 support */ int use_ipv6; /**< Enable IPv6 support */ + AvahiStringList *allow_interfaces;/**< Allow specific interface to be used for Avahi */ + AvahiStringList *deny_interfaces; /**< Deny specific interfaces to be used for Avahi */ int publish_hinfo; /**< Register a HINFO record for the host containing the local OS and CPU type */ int publish_addresses; /**< Register A, AAAA and PTR records for all local IP addresses */ int publish_workstation; /**< Register a _workstation._tcp service */ Index: avahi-core/server.c =================================================================== --- avahi-core/server.c (revision 1781) +++ avahi-core/server.c (working copy) @@ -1562,6 +1562,8 @@ memset(c, 0, sizeof(AvahiServerConfig)); c->use_ipv6 = 1; c->use_ipv4 = 1; + c->allow_interfaces = NULL; + c->deny_interfaces = NULL; c->host_name = NULL; c->domain_name = NULL; c->check_response_ttl = 0; @@ -1591,11 +1593,13 @@ avahi_free(c->host_name); avahi_free(c->domain_name); avahi_string_list_free(c->browse_domains); + avahi_string_list_free(c->allow_interfaces); + avahi_string_list_free(c->deny_interfaces); } AvahiServerConfig* avahi_server_config_copy(AvahiServerConfig *ret, const AvahiServerConfig *c) { char *d = NULL, *h = NULL; - AvahiStringList *l = NULL; + AvahiStringList *browse = NULL, *allow = NULL, *deny = NULL; assert(ret); assert(c); @@ -1609,16 +1613,33 @@ return NULL; } - if (!(l = avahi_string_list_copy(c->browse_domains)) && c->browse_domains) { + if (!(browse = avahi_string_list_copy(c->browse_domains)) && c->browse_domains) { avahi_free(h); avahi_free(d); return NULL; } + + if (!(allow = avahi_string_list_copy(c->allow_interfaces)) && c->allow_interfaces) { + avahi_string_list_free(browse); + avahi_free(h); + avahi_free(d); + return NULL; + } + if (!(deny = avahi_string_list_copy(c->deny_interfaces)) && c->deny_interfaces) { + avahi_string_list_free(allow); + avahi_string_list_free(browse); + avahi_free(h); + avahi_free(d); + return NULL; + } + *ret = *c; ret->host_name = h; ret->domain_name = d; - ret->browse_domains = l; + ret->browse_domains = browse; + ret->allow_interfaces = allow; + ret->deny_interfaces = deny; return ret; }