I have a code to apply IPv4 Firewall Rules. Code will read rules from local text file and parse the data to form rule. Once rule is formed, using posix_spawn rules will be applied. Below is my code:
ApplyRule(std::vector<const char*> rule, const char* binaryPath)
{
pid_t pid;
int status;
if((posix_spawn(&pid,binaryPath,NULL,NULL,(char* const*)rule.data(),NULL)) !=0)
{cout<<"Posix_Spawan_Failed"<<endl;
} else {
if (waitpid(pid, &status, 0) == -1)
{
cout<<"Status 1:"<<status<<endl;
}
}
}
Here rule will have iptables -w -o rmnet_data0 -p tcp -d 18.159.158.206 --sport 5401 -A VARIABLE_IN -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT --tcp-flags SYN SYN and binaryPath will have /usr/sbin/iptables
When executed, Apply rule is failing
Earlier this code was working without any errors, Without tcp flags ApplyRule is successful. Now we added support for tcpflags support. As soon as tcpflags SYN SYN is passed in the rule, Apply Rule is failing.
If i pass same rule from command line it is working but when i pass from the code ApplyRule is failing in posix_spawn. Reading the rule and parsing the rule is not having any errors. Also i tried to hard code the rule before applying in the code, still it failed. Is it because tcpflags have two arguments SYN SYN separated by space ? or some other issue ??
I doubt whether Fifth argument passed to posix_spawn which is of type char *const argv[restrict] causing the issues because of space in SYN SYN ?