From cbfdcb40ff42311e6695d12dbcaae9921b2498ba Mon Sep 17 00:00:00 2001
From: David Schweikert <david@schweikert.ch>
Date: Fri, 17 Feb 2017 08:46:02 +0100
Subject: [PATCH] -i/-p restrictions only enforced with ./configure
 --enable-safe-limits, change -i default from 25 to 10

---
 ChangeLog     | 23 +++++++++++++++++++----
 configure.ac  |  5 +++++
 doc/fping.pod |  6 +++---
 src/fping.c   |  5 +++++
 src/options.h |  2 +-
 5 files changed, 33 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 8a14394..69d1600 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,8 @@
 2017-02-13  David Schweikert  <david@schweikert.ch>
-  * Version 4.0-rc1
+  * Version 4.0-rc2
+
+  * INCOMPATIBILE CHANGE: fping and fping6 unification
 
-  * INCOMPATIBILITY WARNING 1:
     fping and fping6 are now unified into one binary. It means that, for
     example, doing 'fping google.com' is going to ping the IPv6 IP of
     google.com on IPv6-enabled hosts.
@@ -11,7 +12,8 @@
     - ./configure --disable-ipv6; make clean install
     - ./configure --disable-ipv4 --program-suffix=6; make clean install
 
-  * INCOMPATIBILITY WARNING 2:
+  * INCOMPATIBILE CHANGE: -n option, not the same as -d anymore
+
     Option -n / --name is now doing a reverse-DNS lookups on host addresses,
     only they are given as IP address, but not for hostnames. For example, if
     you write 'fping -n google.com', fping would previously do a forward-DNS
@@ -24,7 +26,8 @@
     fping -n NAME    NAME->IP->IPNAME       NAME
     fping -d NAME    NAME->IP->IPNAME       NAME->IP->IPNAME
 
-  * INCOMPATIBILITY WARNING 3:
+  * INCOMPATIBILE CHANGE: discard late packets
+
     fping will now discard replies, if they arrive after the defined timeout
     for reply packets, specified with -t. This change is relevant only for for
     the counting and looping modes, where the measured times should now be
@@ -35,6 +38,16 @@
     period interval (up to 2000 ms), but it can be overriden with the -t
     option. The default timeout for non-looping/counting modes remains 500 ms.
 
+  * INCOMPATIBLE CHANGE: no restrictions by default
+
+    fping will not enforce that -i is >= 1 and -p >= 10 anymore, except if
+    you ./configure with the new '--enable-safe-limits' parameter.
+    
+    The reasoning to removing the restrictions by default, is that users can
+    clog the network with other tools anyway, and these restrictions are
+    sometimes getting in the way (for example if you try to ping a lot of
+    hosts).
+
   * (feature) Unified 'fping' and 'fping6' into one binary (#80)
   * (feature) Long option names for all options
   * (feature) --enable-ipv6 is now default
@@ -45,6 +58,8 @@
               (name->IP->name), as '-n' was doing until now
   * (feature) Enforce -t timeout on reply packets, by discarding late packets (#32)
   * (feature) Auto-adjust timeout for -c/-C/-l mode to value of -p
+  * (feature) -i/-p restrictions only enforced with ./configure --enable-safe-limits
+  * (feature) Default interval -i changed from 25ms to 10ms
   * (bugfix)  Fix compatibility issue with GNU Hurd
   * (other)   A C99 compiler is now required
   * (other)   Option parsing with optparse (https://github.com/skeeto/optparse)
diff --git a/configure.ac b/configure.ac
index 928424d..98d28a7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -42,6 +42,11 @@ AS_IF([test "x$enable_timestamp" = "xyes" -a "x$have_so_timestamp" = "xno"], [
   AC_MSG_ERROR([--enable-timestamp not supported on this platform])
 ])
 
+AC_ARG_ENABLE([safe-limits],
+  AS_HELP_STRING([--enable-safe-limits], [Restrict timing parameters (-i, -p) within "safe" limits]))
+AS_IF([test "x$enable_safe_limits" = "xyes"], [
+   AC_DEFINE(FPING_SAFE_LIMITS, [1], [safe limits should be enforced])])
+
 AC_CANONICAL_TARGET
 AM_INIT_AUTOMAKE([-Wall -Werror foreign])
 AM_MAINTAINER_MODE
diff --git a/doc/fping.pod b/doc/fping.pod
index 9dcf19b..9585f35 100644
--- a/doc/fping.pod
+++ b/doc/fping.pod
@@ -126,7 +126,7 @@ Set the IP TTL field (time to live hops).
 =item B<-i>, B<--interval>=I<MSEC>
 
 The minimum amount of time (in milliseconds) between sending a ping packet
-to any target (default is 25, minimum is 1).
+to any target (default is 10, minimum is 1).
 
 =item B<-I>, B<--iface>=I<IFACE>
 
@@ -266,8 +266,8 @@ line arguments, and 4 for a system call failure.
 
 =head1 RESTRICTIONS
 
-In order to avoid users mistakingly flooding the network, the following values
-are not allowed for non-root users:
+If fping was configured with C<--enable-safe-limits>, the following values are
+not allowed for non-root users:
 
 =over 4
 
diff --git a/src/fping.c b/src/fping.c
index 42c1152..e14fcc1 100644
--- a/src/fping.c
+++ b/src/fping.c
@@ -109,8 +109,13 @@ extern int h_errno;
 #define DEFAULT_PING_DATA_SIZE 56
 
 /* maxima and minima */
+#ifdef FPING_SAFE_LIMITS
 #define MIN_INTERVAL 1 /* in millisec */
 #define MIN_PERHOST_INTERVAL 10 /* in millisec */
+#else
+#define MIN_INTERVAL 0
+#define MIN_PERHOST_INTERVAL 0
+#endif
 
 /* response time array flags */
 #define RESP_WAITING -1
diff --git a/src/options.h b/src/options.h
index 75a1277..229975c 100644
--- a/src/options.h
+++ b/src/options.h
@@ -20,7 +20,7 @@
 /* constants */
 
 #ifndef DEFAULT_INTERVAL
-#define DEFAULT_INTERVAL 25        /* default time between packets (msec) */
+#define DEFAULT_INTERVAL 10        /* default time between packets (msec) */
 #endif
 
 #ifndef DEFAULT_PERHOST_INTERVAL      /* default time between packets */