>From 2ad5df4a359fc2305599bc4d067f9671acfba174 Mon Sep 17 00:00:00 2001
From: Daniel Golle <address@hidden>
Date: Mon, 18 Apr 2016 02:54:08 +0200
Subject: [PATCH 2/2] exit: fully skip routing setup if no interface is
 specified

---
 src/exit/gnunet-helper-exit.c | 84 +++++++++++++++++++++++--------------------
 1 file changed, 45 insertions(+), 39 deletions(-)

diff --git a/src/exit/gnunet-helper-exit.c b/src/exit/gnunet-helper-exit.c
index 7427b5b..2aa9ec9 100644
--- a/src/exit/gnunet-helper-exit.c
+++ b/src/exit/gnunet-helper-exit.c
@@ -667,27 +667,30 @@ main (int argc, char **argv)
     fprintf (stderr, "Fatal: disabling both IPv4 and IPv6 makes no sense.\n");
     return 1;
   }
-  if (0 == access ("/sbin/iptables", X_OK))
-    sbin_iptables = "/sbin/iptables";
-  else if (0 == access ("/usr/sbin/iptables", X_OK))
-    sbin_iptables = "/usr/sbin/iptables";
-  else
+  if (0 != strcmp (argv[2], "-"))
   {
-    fprintf (stderr,
-	     "Fatal: executable iptables not found in approved directories: %s\n",
-	     strerror (errno));
-    return 1;
-  }
-  if (0 == access ("/sbin/sysctl", X_OK))
-    sbin_sysctl = "/sbin/sysctl";
-  else if (0 == access ("/usr/sbin/sysctl", X_OK))
-    sbin_sysctl = "/usr/sbin/sysctl";
-  else
-  {
-    fprintf (stderr,
-	     "Fatal: executable sysctl not found in approved directories: %s\n",
-	     strerror (errno));
-    return 1;
+    if (0 == access ("/sbin/iptables", X_OK))
+      sbin_iptables = "/sbin/iptables";
+    else if (0 == access ("/usr/sbin/iptables", X_OK))
+      sbin_iptables = "/usr/sbin/iptables";
+    else
+    {
+      fprintf (stderr,
+	       "Fatal: executable iptables not found in approved directories: %s\n",
+	       strerror (errno));
+      return 1;
+    }
+    if (0 == access ("/sbin/sysctl", X_OK))
+      sbin_sysctl = "/sbin/sysctl";
+    else if (0 == access ("/usr/sbin/sysctl", X_OK))
+      sbin_sysctl = "/usr/sbin/sysctl";
+    else
+    {
+      fprintf (stderr,
+	       "Fatal: executable sysctl not found in approved directories: %s\n",
+	       strerror (errno));
+      return 1;
+    }
   }
 
   strncpy (dev, argv[1], IFNAMSIZ);
@@ -718,6 +721,7 @@ main (int argc, char **argv)
       }
       set_address6 (dev, address, prefix_len);
     }
+    if (0 != strcmp (argv[2], "-"))
     {
       char *const sysctl_args[] =
 	{
@@ -740,29 +744,31 @@ main (int argc, char **argv)
 
       set_address4 (dev, address, mask);
     }
+    if (0 != strcmp (argv[2], "-"))
     {
-      char *const sysctl_args[] =
-	{
-	  "sysctl", "-w", "net.ipv4.ip_forward=1", NULL
-	};
-      if (0 != fork_and_exec (sbin_sysctl,
-			      sysctl_args))
       {
-	fprintf (stderr,
-		 "Failed to enable IPv4 forwarding.  Will continue anyway.\n");
+        char *const sysctl_args[] =
+	  {
+	    "sysctl", "-w", "net.ipv4.ip_forward=1", NULL
+	  };
+        if (0 != fork_and_exec (sbin_sysctl,
+			        sysctl_args))
+        {
+	  fprintf (stderr,
+		   "Failed to enable IPv4 forwarding.  Will continue anyway.\n");
+        }
       }
-    }
-    if (0 != strcmp (argv[2], "-"))
-    {
-      char *const iptables_args[] =
-	{
-	  "iptables", "-t", "nat", "-A", "POSTROUTING", "-o", argv[2], "-j", "MASQUERADE", NULL
-	};
-      if (0 != fork_and_exec (sbin_iptables,
-			      iptables_args))
       {
-	fprintf (stderr,
-		 "Failed to enable IPv4 masquerading (NAT).  Will continue anyway.\n");
+        char *const iptables_args[] =
+	  {
+	    "iptables", "-t", "nat", "-A", "POSTROUTING", "-o", argv[2], "-j", "MASQUERADE", NULL
+	  };
+        if (0 != fork_and_exec (sbin_iptables,
+			        iptables_args))
+        {
+	  fprintf (stderr,
+		   "Failed to enable IPv4 masquerading (NAT).  Will continue anyway.\n");
+        }
       }
     }
   }
-- 
2.8.0