patchpanel: directly write to /proc/sys/net/

This patch changes patchpanel to not interact with /proc/sys/net runtime
configuration through /usr/sbin/sysctl but instead directly writing to a
fixed set of files in /proc/sys/net.

After the device has booted, reading the following /proc/sys path
returns the expected content:

localhost ~ # cat /proc/sys/net/ipv4/ip_forward
1
localhost ~ # cat /proc/sys/net/ipv4/ip_local_port_range
32768   47103
localhost ~ # cat /proc/sys/net/ipv6/conf/all/forwarding
1

BUG=b:178980566
TEST=Unit tests. Flashed rammus, checked that /proc/sys/net
configuration on the host happens as expected, checked that ndproxyd
starts correctly.

Change-Id: I1cfa71c3ccd88bdfd89c81b5a75b0c0912b39c72
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/2738499
Tested-by: Hugo Benichi <hugobenichi@google.com>
Commit-Queue: Hugo Benichi <hugobenichi@google.com>
Reviewed-by: Garrick Evans <garrick@chromium.org>
diff --git a/patchpanel/system.h b/patchpanel/system.h
index be9249d..011aedb 100644
--- a/patchpanel/system.h
+++ b/patchpanel/system.h
@@ -5,6 +5,8 @@
 #ifndef PATCHPANEL_SYSTEM_H_
 #define PATCHPANEL_SYSTEM_H_
 
+#include <string>
+
 #include <net/if.h>
 #include <net/route.h>
 #include <sys/ioctl.h>
@@ -21,16 +23,42 @@
 // tests.
 class System {
  public:
+  // Enum used for restricting the possible paths that SysNetSet can write to.
+  enum SysNet {
+    // Used for modifying "net.ipv4.ip_forward"
+    IPv4Forward = 1,
+    // Used for modifying "net.ipv4.ip_local_port_range"
+    IPLocalPortRange,
+    // Used for modifying "net.ipv4.conf.%s.route_localnet", requires an
+    // interface
+    // argument
+    IPv4RouteLocalnet,
+    // Used for modifying "net.ipv6.conf.%s.accept_ra", requires an interface
+    // argument
+    IPv6AcceptRA,
+    // Used for modifying "net.ipv6.conf.all.forwarding"
+    IPv6Forward,
+    // Used for enabling netfilter connection tracking helper modules.
+    ConntrackHelper,
+  };
+
   System() = default;
   System(const System&) = delete;
   System& operator=(const System&) = delete;
   virtual ~System() = default;
 
+  // Write |content| to a "/proc/sys/net/" path as specified by |target|
+  virtual bool SysNetSet(SysNet target,
+                         const std::string& content,
+                         const std::string& iface = "");
+
   virtual int Ioctl(int fd, ioctl_req_t request, const char* argp);
   int Ioctl(int fd, ioctl_req_t request, uint64_t arg);
   int Ioctl(int fd, ioctl_req_t request, struct ifreq* ifr);
   int Ioctl(int fd, ioctl_req_t request, struct rtentry* route);
 
+  static bool Write(const std::string& path, const std::string& content);
+
  private:
 };