Add ddosctrl program for safe execution

add ddosctrl to start/stop/status XDP
program from ddos.cgi safely.

permission of ddosctrl

chown root.nobody /usr/local/bin/ddosctrl
chmod u+s /usr/local/bin/ddosctrl

result:

-rwsr-x--- 1 root nobody 14672 Mar 19 09:58 /usr/local/bin/ddosctrl

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>

src/misc-progs/Makefile

@@ -32,7 +32,7 @@ SUID_PROGS = squidctrl sshctrl ipfirereboot \
 	smartctrl clamavctrl addonctrl pakfire mpfirectrl wlanapctrl \
 	setaliases urlfilterctrl updxlratorctrl fireinfoctrl rebuildroutes \
 	getconntracktable wirelessclient torctrl ddnsctrl unboundctrl \
-	captivectrl
+	captivectrl ddosctrl
 
 OBJS = $(patsubst %,%.o,$(PROGS) $(SUID_PROGS))
 

src/misc-progs/ddosctrl.c

@@ -0,0 +1,40 @@
+/* This file is part of the IPFire Firewall.
+ *
+ * This program is distributed under the terms of the GNU General Public
+ * Licence.  See the file COPYING for details.
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include "setuid.h"
+
+int main(int argc, char *argv[]) {
+
+	if (!(initsetuid()))
+		exit(1);
+
+	if (argc < 2) {
+		fprintf(stderr, "\nNo argument given.\n\nddosctrl (start|stop|restart)\n\n");
+		exit(1);
+	}
+
+	if (strcmp(argv[1], "start") == 0) {
+		safe_system("/etc/rc.d/init.d/ddos start");
+	} else if (strcmp(argv[1], "stop") == 0) {
+		safe_system("/etc/rc.d/init.d/ddos stop");
+	} else if (strcmp(argv[1], "restart") == 0) {
+		safe_system("/etc/rc.d/init.d/ddos restart");
+	} else if (strcmp(argv[1], "status") == 0) {
+		safe_system("/etc/rc.d/init.d/ddos status");
+	} else {
+		fprintf(stderr, "\nBad argument given.\n\nddosctrl (start|stop|restart|status)\n\n");
+		exit(1);
+	}
+
+	return 0;
+}