From 7343de69180f09f50b6583d2e58c368ce98bccba Mon Sep 17 00:00:00 2001
From: RomanKubiak <r.kubiak@samsung.com>
Date: Wed, 22 Jul 2015 17:14:38 +0200
Subject: [PATCH] runAsDaemon function to work in the background a fix for
 iptables rules to only catch the first "new" packet not ALL

Change-Id: Ib5f2359a7a74da97a9b48d808005a5fe166975bb
---
 conf/nether.rules       |  4 +--
 include/nether_Daemon.h | 90 +++++++++++++++++++++++++++++++++++++++++++++++++
 nether.cbp              |  1 +
 src/nether_Main.cpp     | 12 ++++++-
 4 files changed, 104 insertions(+), 3 deletions(-)
 create mode 100644 include/nether_Daemon.h

diff --git a/conf/nether.rules b/conf/nether.rules
index b1ed24c..b342507 100644
--- a/conf/nether.rules
+++ b/conf/nether.rules
@@ -23,8 +23,8 @@
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [816152:74580343]
 :POSTROUTING ACCEPT [824147:75308906]
--A OUTPUT -p tcp -j NFQUEUE --queue-num 0 --queue-bypass
--A OUTPUT -p udp -j NFQUEUE --queue-num 0 --queue-bypass
+-A OUTPUT -p tcp -m state --state NEW -j NFQUEUE --queue-num 0 --queue-bypass
+#-A OUTPUT -p udp -j NFQUEUE --queue-num 0 --queue-bypass
 -A OUTPUT -p icmp -j NFQUEUE --queue-num 0 --queue-bypass
 COMMIT
 *filter
diff --git a/include/nether_Daemon.h b/include/nether_Daemon.h
new file mode 100644
index 0000000..03a9c79
--- /dev/null
+++ b/include/nether_Daemon.h
@@ -0,0 +1,90 @@
+/*
+ *  Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *  Contact: Roman Kubiak (r.kubiak@samsung.com)
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License
+ */
+
+/**
+ * @file
+ * @author  Roman Kubiak (r.kubiak@samsung.com)
+ * @brief   Run a process as a daemon
+ */
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <time.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <signal.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+bool runAsDaemon()
+{
+    pid_t pid = fork();
+
+    if (pid == -1)
+        return (false);
+    else if (pid != 0)
+        exit (0);
+
+    if (setsid() == -1)
+        return (false);
+
+    /* Catch, ignore and handle signals */
+    signal(SIGCHLD, SIG_IGN);
+    signal(SIGHUP, SIG_IGN);
+
+    pid = fork();
+
+    /*
+     * Fork a second child and exit immediately to prevent zombies.  This
+     * causes the second child process to be orphaned, making the init
+     * process responsible for its cleanup.  And, since the first child is
+     * a session leader without a controlling terminal, it's possible for
+     * it to acquire one by opening a terminal in the future (System V-
+     * based systems).  This second fork guarantees that the child is no
+     * longer a session leader, preventing the daemon from ever acquiring
+     * a controlling terminal.
+     */
+    if (pid == -1)
+        return (false);
+    else if (pid != 0)
+        exit(0);
+
+    if (chdir("/") == -1)
+        return (false);
+
+    umask(0);
+
+    /** Close all open file descriptors */
+    for (int x = sysconf(_SC_OPEN_MAX); x>0; x--)
+    {
+        close (x);
+    }
+
+    if (open("/dev/null",O_RDONLY) == -1)
+        return (false);
+
+    if (open("/dev/null",O_WRONLY) == -1)
+        return (false);
+
+    if (open("/dev/null",O_RDWR) == -1)
+        return (false);
+
+    return (true);
+}
diff --git a/nether.cbp b/nether.cbp
index c53b6fc..1a6a84e 100644
--- a/nether.cbp
+++ b/nether.cbp
@@ -90,6 +90,7 @@
 		<Unit filename="include/logger/logger-scope.hpp" />
 		<Unit filename="include/logger/logger.hpp" />
 		<Unit filename="include/nether_CynaraBackend.h" />
+		<Unit filename="include/nether_Daemon.h" />
 		<Unit filename="include/nether_DummyBackend.h" />
 		<Unit filename="include/nether_FileBackend.h" />
 		<Unit filename="include/nether_Manager.h" />
diff --git a/src/nether_Main.cpp b/src/nether_Main.cpp
index 2467668..66d6d5b 100644
--- a/src/nether_Main.cpp
+++ b/src/nether_Main.cpp
@@ -25,6 +25,7 @@
 #include "nether_Types.h"
 #include "nether_Utils.h"
 #include "nether_Manager.h"
+#include "nether_Daemon.h"
 
 using namespace std;
 void showHelp(char *arg);
@@ -174,7 +175,7 @@ int main(int argc, char *argv[])
 #if defined(_DEBUG)
         << " debug"
 #endif
-        << " daemon="              << netherConfig.daemonMode
+        << " daemon="                << netherConfig.daemonMode
         << " queue="                 << netherConfig.queueNumber);
     LOGD("primary-backend="       << backendTypeToString (netherConfig.primaryBackendType)
         << " primary-backend-args="  << netherConfig.primaryBackendArgs);
@@ -198,6 +199,15 @@ int main(int argc, char *argv[])
         return (1);
     }
 
+    if (netherConfig.daemonMode)
+    {
+        if (!runAsDaemon())
+        {
+            LOGE("Failed to run as daemon: " << strerror(errno));
+            exit (1);
+        }
+    }
+
     manager.process();
 
     return (0);
-- 
2.7.4