+
+ int sockets[2];
+ if (socketpair(PF_LOCAL, SOCK_DGRAM, 0, sockets) != 0)
+ err(EXIT_FAILURE, "socketpair()");
+ int sockR = sockets[0];
+ sockW = sockets[1];
+ pid_t pid = fork();
+ if (pid == -1)
+ err(EXIT_FAILURE, "fork()");
+ if (pid == 0) {
+ close(sockW);
+
+ rlimited(RLIMIT_NPROC);
+ rlimited(RLIMIT_FSIZE);
+ rlimited(RLIMIT_NOFILE);
+ ssize_t n = 0;
+ unsigned char buf[sizeof(struct Pkt)];
+ for (;;) {
+ n = read(sockR, buf, sizeof buf);
+ if (n == -1) {
+ perror("read()");
+ continue;
+ }
+ if (pktSend((struct Pkt *)buf) == -1)
+ perror("sendto()");
+ }
+ }
+ close(sockR);
+
+ cap_rights_t caprights;
+ cap_rights_init(&caprights, CAP_WRITE);
+ if (cap_rights_limit(STDERR_FILENO, &caprights) != 0)
+ err(EXIT_FAILURE, "cap_rights_limit(stderr)");
+ if (!verbose)
+ if (cap_rights_limit(STDOUT_FILENO, &caprights) != 0)
+ err(EXIT_FAILURE, "cap_rights_limit(stdout)");
+ if (cap_rights_limit(sockW, &caprights) != 0)
+ err(EXIT_FAILURE, "cap_rights_limit(sockW)");
+ if (cap_enter() != 0)
+ err(EXIT_FAILURE, "cap_enter()");
+
+ token_bucket_time = time(NULL);
+ token_bucket_tokens = MAX_TOKEN_BUCKET_TOKENS;
+
+ int kq = kqueue();
+ if (kq == -1)
+ err(EXIT_FAILURE, "kqueue()");
+ struct kevent chs[2];
+ struct kevent ev;
+ int chsLen = 0;
+ if (dht_socket != -1) {
+ EV_SET(&(chs[chsLen]), dht_socket, EVFILT_READ, EV_ADD, 0, 0, NULL);
+ chsLen++;
+ }
+ if (dht_socket6 != -1) {
+ EV_SET(&(chs[chsLen]), dht_socket6, EVFILT_READ, EV_ADD, 0, 0, NULL);
+ chsLen++;
+ }
+