Allows run with restricted privileges.
Adds option -u and -g to specify user and group.When different user (than root) is specified,linux capabilities CAP_NET_* are kept.
Tried to clean up multicast handling. Now we don't try to guessmulticast abilities depending on definedness of symbols and use hard-wiredsystem-dependent configuration defines instead.
Please test whereever you can.
Rewrote the kernel syncer. The old layering was horrible.
The new kernel syncer is cleanly split between generic UNIX moduleand OS dependent submodules:
- krt.c (the generic part) - krt-iface (low-level functions for interface handling) - krt-scan (low-level functions for routing table scanning)...
Added skeletal version of Linux netlink interface. It doesn't work yet,but the framework is there and I'll try finish it soon.
Use traditional Unix route/iface interface only when CONFIG_NETLINKis not defined. Also moved declarations of Unix iface logic to krt.h.
Kernel syncer is now configurable. It will probably need some moreoptions, but at least basic tuning is possible now.
Since almost every UNIX system requires different techniques for readingthe kernel routing table as opposed to modifying it which is approximatelythe same on non-netlink systems, I've split the kernel routing tableroutines to read and write parts. To be implemented later ;-)
The library is now glued together from generic and OS-dependent partsby the `mergedirs' script. Few more IP address manipulation functionsand some fixes.