version 1.104, 2000/03/02 06:07:36 |
version 1.130, 2001/03/02 04:26:10 |
|
|
#include <sys/proc.h> |
#include <sys/proc.h> |
#include <sys/pool.h> |
#include <sys/pool.h> |
|
|
#include <vm/vm.h> |
#include <uvm/uvm_extern.h> |
|
|
#include <sys/sysctl.h> |
#include <sys/sysctl.h> |
|
|
#include <net/if.h> |
#include <net/if.h> |
|
|
#include <netinet/in_gif.h> |
#include <netinet/in_gif.h> |
#include "gif.h" |
#include "gif.h" |
|
|
|
#ifdef MROUTING |
|
#include <netinet/ip_mroute.h> |
|
#endif |
|
|
#ifdef IPSEC |
#ifdef IPSEC |
#include <netinet6/ipsec.h> |
#include <netinet6/ipsec.h> |
#include <netkey/key.h> |
#include <netkey/key.h> |
#include <netkey/key_debug.h> |
|
#endif |
#endif |
|
|
#ifndef IPFORWARDING |
#ifndef IPFORWARDING |
Line 200 struct in_ifaddrhashhead *in_ifaddrhasht |
|
Line 204 struct in_ifaddrhashhead *in_ifaddrhasht |
|
struct ifqueue ipintrq; |
struct ifqueue ipintrq; |
struct ipstat ipstat; |
struct ipstat ipstat; |
u_int16_t ip_id; |
u_int16_t ip_id; |
int ip_defttl; |
|
|
#ifdef PFIL_HOOKS |
|
struct pfil_head inet_pfil_hook; |
|
#endif |
|
|
struct ipqhead ipq; |
struct ipqhead ipq; |
int ipq_locked; |
int ipq_locked; |
Line 281 static void save_rte __P((u_char *, stru |
|
Line 288 static void save_rte __P((u_char *, stru |
|
void |
void |
ip_init() |
ip_init() |
{ |
{ |
register struct protosw *pr; |
struct protosw *pr; |
register int i; |
int i; |
|
|
pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", |
pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", |
0, NULL, NULL, M_IPQ); |
0, NULL, NULL, M_IPQ); |
|
|
ip_id = time.tv_sec & 0xffff; |
ip_id = time.tv_sec & 0xffff; |
ipintrq.ifq_maxlen = ipqmaxlen; |
ipintrq.ifq_maxlen = ipqmaxlen; |
TAILQ_INIT(&in_ifaddr); |
TAILQ_INIT(&in_ifaddr); |
in_ifaddrhashtbl = |
in_ifaddrhashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, M_IFADDR, |
hashinit(IN_IFADDR_HASH_SIZE, M_IFADDR, M_WAITOK, &in_ifaddrhash); |
M_WAITOK, &in_ifaddrhash); |
if (ip_mtudisc != 0) |
if (ip_mtudisc != 0) |
ip_mtudisc_timeout_q = |
ip_mtudisc_timeout_q = |
rt_timer_queue_create(ip_mtudisc_timeout); |
rt_timer_queue_create(ip_mtudisc_timeout); |
#ifdef GATEWAY |
#ifdef GATEWAY |
ipflow_init(); |
ipflow_init(); |
#endif |
#endif |
|
|
|
#ifdef PFIL_HOOKS |
|
/* Register our Packet Filter hook. */ |
|
inet_pfil_hook.ph_type = PFIL_TYPE_AF; |
|
inet_pfil_hook.ph_af = AF_INET; |
|
i = pfil_head_register(&inet_pfil_hook); |
|
if (i != 0) |
|
printf("ip_init: WARNING: unable to register pfil hook, " |
|
"error %d\n", i); |
|
#endif /* PFIL_HOOKS */ |
} |
} |
|
|
struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET }; |
struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET }; |
|
|
void |
void |
ip_input(struct mbuf *m) |
ip_input(struct mbuf *m) |
{ |
{ |
register struct ip *ip = NULL; |
struct ip *ip = NULL; |
register struct ipq *fp; |
struct ipq *fp; |
register struct in_ifaddr *ia; |
struct in_ifaddr *ia; |
register struct ifaddr *ifa; |
struct ifaddr *ifa; |
struct ipqent *ipqe; |
struct ipqent *ipqe; |
int hlen = 0, mff, len; |
int hlen = 0, mff, len; |
int downmatch; |
int downmatch; |
#ifdef PFIL_HOOKS |
|
struct packet_filter_hook *pfh; |
|
struct mbuf *m0; |
|
int rv; |
|
#endif /* PFIL_HOOKS */ |
|
|
|
#ifdef DIAGNOSTIC |
#ifdef DIAGNOSTIC |
if ((m->m_flags & M_PKTHDR) == 0) |
if ((m->m_flags & M_PKTHDR) == 0) |
Line 402 ip_input(struct mbuf *m) |
|
Line 414 ip_input(struct mbuf *m) |
|
* not allowed. |
* not allowed. |
*/ |
*/ |
if (IN_MULTICAST(ip->ip_src.s_addr)) { |
if (IN_MULTICAST(ip->ip_src.s_addr)) { |
/* XXX stat */ |
ipstat.ips_badaddr++; |
goto bad; |
goto bad; |
} |
} |
|
|
|
/* 127/8 must not appear on wire - RFC1122 */ |
|
if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET || |
|
(ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) { |
|
if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) { |
|
ipstat.ips_badaddr++; |
|
goto bad; |
|
} |
|
} |
|
|
if (in_cksum(m, hlen) != 0) { |
if (in_cksum(m, hlen) != 0) { |
ipstat.ips_badsum++; |
ipstat.ips_badsum++; |
goto bad; |
goto bad; |
} |
} |
|
|
/* |
/* Retrieve the packet length. */ |
* Convert fields to host representation. |
len = ntohs(ip->ip_len); |
*/ |
|
NTOHS(ip->ip_len); |
|
NTOHS(ip->ip_off); |
|
len = ip->ip_len; |
|
|
|
/* |
/* |
* Check for additional length bogosity |
* Check for additional length bogosity |
Line 463 ip_input(struct mbuf *m) |
|
Line 480 ip_input(struct mbuf *m) |
|
* Note that filters must _never_ set this flag, as another filter |
* Note that filters must _never_ set this flag, as another filter |
* in the list may have previously cleared it. |
* in the list may have previously cleared it. |
*/ |
*/ |
m0 = m; |
/* |
pfh = pfil_hook_get(PFIL_IN, &inetsw[ip_protox[IPPROTO_IP]].pr_pfh); |
* let ipfilter look at packet on the wire, |
for (; pfh; pfh = pfh->pfil_link.tqe_next) |
* not the decapsulated packet. |
if (pfh->pfil_func) { |
*/ |
rv = pfh->pfil_func(ip, hlen, |
#ifdef IPSEC |
m->m_pkthdr.rcvif, 0, &m0); |
if (!ipsec_gethist(m, NULL)) |
if (rv) |
#else |
return; |
if (1) |
m = m0; |
#endif |
if (m == NULL) |
{ |
return; |
if (pfil_run_hooks(&inet_pfil_hook, &m, m->m_pkthdr.rcvif, |
ip = mtod(m, struct ip *); |
PFIL_IN) != 0) |
} |
return; |
|
if (m == NULL) |
|
return; |
|
ip = mtod(m, struct ip *); |
|
} |
#endif /* PFIL_HOOKS */ |
#endif /* PFIL_HOOKS */ |
|
|
|
#ifdef ALTQ |
|
/* XXX Temporary until ALTQ is changed to use a pfil hook */ |
|
if (altq_input != NULL && (*altq_input)(m, AF_INET) == 0) { |
|
/* packet dropped by traffic conditioner */ |
|
return; |
|
} |
|
#endif |
|
|
|
/* |
|
* Convert fields to host representation. |
|
*/ |
|
NTOHS(ip->ip_len); |
|
NTOHS(ip->ip_off); |
|
|
/* |
/* |
* Process options and, if not destined for us, |
* Process options and, if not destined for us, |
* ship it on. ip_dooptions returns 1 when an |
* ship it on. ip_dooptions returns 1 when an |
|
|
IPQ_UNLOCK(); |
IPQ_UNLOCK(); |
} |
} |
|
|
|
#ifdef IPSEC |
|
/* |
|
* enforce IPsec policy checking if we are seeing last header. |
|
* note that we do not visit this with protocols with pcb layer |
|
* code - like udp/tcp/raw ip. |
|
*/ |
|
if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) != 0 && |
|
ipsec4_in_reject(m, NULL)) { |
|
ipsecstat.in_polvio++; |
|
goto bad; |
|
} |
|
#endif |
|
|
/* |
/* |
* Switch out to protocol's input routine. |
* Switch out to protocol's input routine. |
*/ |
*/ |
#if IFA_STATS |
#if IFA_STATS |
ia->ia_ifa.ifa_data.ifad_inbytes += ip->ip_len; |
if (ia && ip) |
|
ia->ia_ifa.ifa_data.ifad_inbytes += ip->ip_len; |
#endif |
#endif |
ipstat.ips_delivered++; |
ipstat.ips_delivered++; |
{ |
{ |
|
|
*/ |
*/ |
struct mbuf * |
struct mbuf * |
ip_reass(ipqe, fp) |
ip_reass(ipqe, fp) |
register struct ipqent *ipqe; |
struct ipqent *ipqe; |
register struct ipq *fp; |
struct ipq *fp; |
{ |
{ |
register struct mbuf *m = ipqe->ipqe_m; |
struct mbuf *m = ipqe->ipqe_m; |
register struct ipqent *nq, *p, *q; |
struct ipqent *nq, *p, *q; |
struct ip *ip; |
struct ip *ip; |
struct mbuf *t; |
struct mbuf *t; |
int hlen = ipqe->ipqe_ip->ip_hl << 2; |
int hlen = ipqe->ipqe_ip->ip_hl << 2; |
|
|
* Make header visible. |
* Make header visible. |
*/ |
*/ |
ip->ip_len = next; |
ip->ip_len = next; |
ip->ip_ttl = 0; /* xxx */ |
|
ip->ip_sum = 0; |
|
ip->ip_src = fp->ipq_src; |
ip->ip_src = fp->ipq_src; |
ip->ip_dst = fp->ipq_dst; |
ip->ip_dst = fp->ipq_dst; |
LIST_REMOVE(fp, ipq_q); |
LIST_REMOVE(fp, ipq_q); |
|
|
m->m_data -= (ip->ip_hl << 2); |
m->m_data -= (ip->ip_hl << 2); |
/* some debugging cruft by sklower, below, will go away soon */ |
/* some debugging cruft by sklower, below, will go away soon */ |
if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */ |
if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */ |
register int plen = 0; |
int plen = 0; |
for (t = m; t; t = t->m_next) |
for (t = m; t; t = t->m_next) |
plen += t->m_len; |
plen += t->m_len; |
m->m_pkthdr.len = plen; |
m->m_pkthdr.len = plen; |
|
|
ip_freef(fp) |
ip_freef(fp) |
struct ipq *fp; |
struct ipq *fp; |
{ |
{ |
register struct ipqent *q, *p; |
struct ipqent *q, *p; |
|
|
IPQ_LOCK_CHECK(); |
IPQ_LOCK_CHECK(); |
|
|
|
|
void |
void |
ip_slowtimo() |
ip_slowtimo() |
{ |
{ |
register struct ipq *fp, *nfp; |
struct ipq *fp, *nfp; |
int s = splsoftnet(); |
int s = splsoftnet(); |
|
|
IPQ_LOCK(); |
IPQ_LOCK(); |
|
|
ip_dooptions(m) |
ip_dooptions(m) |
struct mbuf *m; |
struct mbuf *m; |
{ |
{ |
register struct ip *ip = mtod(m, struct ip *); |
struct ip *ip = mtod(m, struct ip *); |
register u_char *cp, *cp0; |
u_char *cp, *cp0; |
register struct ip_timestamp *ipt; |
struct ip_timestamp *ipt; |
register struct in_ifaddr *ia; |
struct in_ifaddr *ia; |
int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0; |
int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0; |
struct in_addr dst; |
struct in_addr dst; |
n_time ntime; |
n_time ntime; |
|
Line 1013 ip_dooptions(m) |
|
if (opt == IPOPT_NOP) |
if (opt == IPOPT_NOP) |
optlen = 1; |
optlen = 1; |
else { |
else { |
|
if (cnt < IPOPT_OLEN + sizeof(*cp)) { |
|
code = &cp[IPOPT_OLEN] - (u_char *)ip; |
|
goto bad; |
|
} |
optlen = cp[IPOPT_OLEN]; |
optlen = cp[IPOPT_OLEN]; |
if (optlen <= 0 || optlen > cnt) { |
if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) { |
code = &cp[IPOPT_OLEN] - (u_char *)ip; |
code = &cp[IPOPT_OLEN] - (u_char *)ip; |
goto bad; |
goto bad; |
} |
} |
|
Line 1044 ip_dooptions(m) |
|
code = ICMP_UNREACH_NET_PROHIB; |
code = ICMP_UNREACH_NET_PROHIB; |
goto bad; |
goto bad; |
} |
} |
|
if (optlen < IPOPT_OFFSET + sizeof(*cp)) { |
|
code = &cp[IPOPT_OLEN] - (u_char *)ip; |
|
goto bad; |
|
} |
if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) { |
if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) { |
code = &cp[IPOPT_OFFSET] - (u_char *)ip; |
code = &cp[IPOPT_OFFSET] - (u_char *)ip; |
goto bad; |
goto bad; |
Line 1012 ip_dooptions(m) |
|
Line 1067 ip_dooptions(m) |
|
break; |
break; |
} |
} |
off--; /* 0 origin */ |
off--; /* 0 origin */ |
if (off > optlen - sizeof(struct in_addr)) { |
if ((off + sizeof(struct in_addr)) > optlen) { |
/* |
/* |
* End of source route. Should be for us. |
* End of source route. Should be for us. |
*/ |
*/ |
Line 1044 ip_dooptions(m) |
|
Line 1099 ip_dooptions(m) |
|
break; |
break; |
|
|
case IPOPT_RR: |
case IPOPT_RR: |
|
if (optlen < IPOPT_OFFSET + sizeof(*cp)) { |
|
code = &cp[IPOPT_OLEN] - (u_char *)ip; |
|
goto bad; |
|
} |
if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) { |
if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) { |
code = &cp[IPOPT_OFFSET] - (u_char *)ip; |
code = &cp[IPOPT_OFFSET] - (u_char *)ip; |
goto bad; |
goto bad; |
Line 1052 ip_dooptions(m) |
|
Line 1111 ip_dooptions(m) |
|
* If no space remains, ignore. |
* If no space remains, ignore. |
*/ |
*/ |
off--; /* 0 origin */ |
off--; /* 0 origin */ |
if (off > optlen - sizeof(struct in_addr)) |
if ((off + sizeof(struct in_addr)) > optlen) |
break; |
break; |
bcopy((caddr_t)(&ip->ip_dst), (caddr_t)&ipaddr.sin_addr, |
bcopy((caddr_t)(&ip->ip_dst), (caddr_t)&ipaddr.sin_addr, |
sizeof(ipaddr.sin_addr)); |
sizeof(ipaddr.sin_addr)); |
Line 1075 ip_dooptions(m) |
|
Line 1134 ip_dooptions(m) |
|
case IPOPT_TS: |
case IPOPT_TS: |
code = cp - (u_char *)ip; |
code = cp - (u_char *)ip; |
ipt = (struct ip_timestamp *)cp; |
ipt = (struct ip_timestamp *)cp; |
if (ipt->ipt_len < 5) |
if (ipt->ipt_len < 4 || ipt->ipt_len > 40) { |
|
code = (u_char *)&ipt->ipt_len - (u_char *)ip; |
|
goto bad; |
|
} |
|
if (ipt->ipt_ptr < 5) { |
|
code = (u_char *)&ipt->ipt_ptr - (u_char *)ip; |
goto bad; |
goto bad; |
|
} |
if (ipt->ipt_ptr > ipt->ipt_len - sizeof (int32_t)) { |
if (ipt->ipt_ptr > ipt->ipt_len - sizeof (int32_t)) { |
if (++ipt->ipt_oflw == 0) |
if (++ipt->ipt_oflw == 0) { |
|
code = (u_char *)&ipt->ipt_ptr - |
|
(u_char *)ip; |
goto bad; |
goto bad; |
|
} |
break; |
break; |
} |
} |
cp0 = (cp + ipt->ipt_ptr - 1); |
cp0 = (cp + ipt->ipt_ptr - 1); |
Line 1090 ip_dooptions(m) |
|
Line 1158 ip_dooptions(m) |
|
|
|
case IPOPT_TS_TSANDADDR: |
case IPOPT_TS_TSANDADDR: |
if (ipt->ipt_ptr - 1 + sizeof(n_time) + |
if (ipt->ipt_ptr - 1 + sizeof(n_time) + |
sizeof(struct in_addr) > ipt->ipt_len) |
sizeof(struct in_addr) > ipt->ipt_len) { |
|
code = (u_char *)&ipt->ipt_ptr - |
|
(u_char *)ip; |
goto bad; |
goto bad; |
|
} |
ipaddr.sin_addr = dst; |
ipaddr.sin_addr = dst; |
ia = ifatoia(ifaof_ifpforaddr(sintosa(&ipaddr), |
ia = ifatoia(ifaof_ifpforaddr(sintosa(&ipaddr), |
m->m_pkthdr.rcvif)); |
m->m_pkthdr.rcvif)); |
Line 1104 ip_dooptions(m) |
|
Line 1175 ip_dooptions(m) |
|
|
|
case IPOPT_TS_PRESPEC: |
case IPOPT_TS_PRESPEC: |
if (ipt->ipt_ptr - 1 + sizeof(n_time) + |
if (ipt->ipt_ptr - 1 + sizeof(n_time) + |
sizeof(struct in_addr) > ipt->ipt_len) |
sizeof(struct in_addr) > ipt->ipt_len) { |
|
code = (u_char *)&ipt->ipt_ptr - |
|
(u_char *)ip; |
goto bad; |
goto bad; |
|
} |
bcopy(cp0, &ipaddr.sin_addr, |
bcopy(cp0, &ipaddr.sin_addr, |
sizeof(struct in_addr)); |
sizeof(struct in_addr)); |
if (ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))) |
if (ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))) |
Line 1115 ip_dooptions(m) |
|
Line 1189 ip_dooptions(m) |
|
break; |
break; |
|
|
default: |
default: |
|
/* XXX can't take &ipt->ipt_flg */ |
|
code = (u_char *)&ipt->ipt_ptr - |
|
(u_char *)ip + 1; |
goto bad; |
goto bad; |
} |
} |
ntime = iptime(); |
ntime = iptime(); |
cp0 = (u_char *) &ntime; /* XXX GCC BUG */ |
cp0 = (u_char *) &ntime; /* XXX grumble, GCC... */ |
bcopy(cp0, (caddr_t)cp + ipt->ipt_ptr - 1, |
bcopy(cp0, (caddr_t)cp + ipt->ipt_ptr - 1, |
sizeof(n_time)); |
sizeof(n_time)); |
ipt->ipt_ptr += sizeof(n_time); |
ipt->ipt_ptr += sizeof(n_time); |
Line 1148 struct in_ifaddr * |
|
Line 1225 struct in_ifaddr * |
|
ip_rtaddr(dst) |
ip_rtaddr(dst) |
struct in_addr dst; |
struct in_addr dst; |
{ |
{ |
register struct sockaddr_in *sin; |
struct sockaddr_in *sin; |
|
|
sin = satosin(&ipforward_rt.ro_dst); |
sin = satosin(&ipforward_rt.ro_dst); |
|
|
Line 1199 save_rte(option, dst) |
|
Line 1276 save_rte(option, dst) |
|
struct mbuf * |
struct mbuf * |
ip_srcroute() |
ip_srcroute() |
{ |
{ |
register struct in_addr *p, *q; |
struct in_addr *p, *q; |
register struct mbuf *m; |
struct mbuf *m; |
|
|
if (ip_nhops == 0) |
if (ip_nhops == 0) |
return ((struct mbuf *)0); |
return ((struct mbuf *)0); |
|
|
*/ |
*/ |
void |
void |
ip_stripoptions(m, mopt) |
ip_stripoptions(m, mopt) |
register struct mbuf *m; |
struct mbuf *m; |
struct mbuf *mopt; |
struct mbuf *mopt; |
{ |
{ |
register int i; |
int i; |
struct ip *ip = mtod(m, struct ip *); |
struct ip *ip = mtod(m, struct ip *); |
register caddr_t opts; |
caddr_t opts; |
int olen; |
int olen; |
|
|
olen = (ip->ip_hl << 2) - sizeof (struct ip); |
olen = (ip->ip_hl << 2) - sizeof (struct ip); |
Line 1316 ip_forward(m, srcrt) |
|
Line 1393 ip_forward(m, srcrt) |
|
struct mbuf *m; |
struct mbuf *m; |
int srcrt; |
int srcrt; |
{ |
{ |
register struct ip *ip = mtod(m, struct ip *); |
struct ip *ip = mtod(m, struct ip *); |
register struct sockaddr_in *sin; |
struct sockaddr_in *sin; |
register struct rtentry *rt; |
struct rtentry *rt; |
int error, type = 0, code = 0; |
int error, type = 0, code = 0; |
struct mbuf *mcopy; |
struct mbuf *mcopy; |
n_long dest; |
n_long dest; |
Line 1367 ip_forward(m, srcrt) |
|
Line 1444 ip_forward(m, srcrt) |
|
/* |
/* |
* Save at most 68 bytes of the packet in case |
* Save at most 68 bytes of the packet in case |
* we need to generate an ICMP message to the src. |
* we need to generate an ICMP message to the src. |
|
* Pullup to avoid sharing mbuf cluster between m and mcopy. |
*/ |
*/ |
mcopy = m_copy(m, 0, imin((int)ip->ip_len, 68)); |
mcopy = m_copym(m, 0, imin((int)ip->ip_len, 68), M_DONTWAIT); |
|
if (mcopy) |
|
mcopy = m_pullup(mcopy, ip->ip_hl << 2); |
|
|
/* |
/* |
* If forwarding packet using same interface that it came in on, |
* If forwarding packet using same interface that it came in on, |
Line 1405 ip_forward(m, srcrt) |
|
Line 1485 ip_forward(m, srcrt) |
|
|
|
#ifdef IPSEC |
#ifdef IPSEC |
/* Don't lookup socket in forwading case */ |
/* Don't lookup socket in forwading case */ |
ipsec_setsocket(m, NULL); |
(void)ipsec_setsocket(m, NULL); |
#endif |
#endif |
error = ip_output(m, (struct mbuf *)0, &ipforward_rt, |
error = ip_output(m, (struct mbuf *)0, &ipforward_rt, |
(IP_FORWARDING | (ip_directedbcast ? IP_ALLOWBROADCAST : 0)), 0); |
(IP_FORWARDING | (ip_directedbcast ? IP_ALLOWBROADCAST : 0)), 0); |
Line 1516 ip_forward(m, srcrt) |
|
Line 1596 ip_forward(m, srcrt) |
|
|
|
void |
void |
ip_savecontrol(inp, mp, ip, m) |
ip_savecontrol(inp, mp, ip, m) |
register struct inpcb *inp; |
struct inpcb *inp; |
register struct mbuf **mp; |
struct mbuf **mp; |
register struct ip *ip; |
struct ip *ip; |
register struct mbuf *m; |
struct mbuf *m; |
{ |
{ |
|
|
if (inp->inp_socket->so_options & SO_TIMESTAMP) { |
if (inp->inp_socket->so_options & SO_TIMESTAMP) { |
Line 1634 ip_sysctl(name, namelen, oldp, oldlenp, |
|
Line 1714 ip_sysctl(name, namelen, oldp, oldlenp, |
|
case IPCTL_ANONPORTMIN: |
case IPCTL_ANONPORTMIN: |
old = anonportmin; |
old = anonportmin; |
error = sysctl_int(oldp, oldlenp, newp, newlen, &anonportmin); |
error = sysctl_int(oldp, oldlenp, newp, newlen, &anonportmin); |
if (anonportmin >= anonportmax || anonportmin > 65535 |
if (anonportmin >= anonportmax || anonportmin < 0 |
|
|| anonportmin > 65535 |
#ifndef IPNOPRIVPORTS |
#ifndef IPNOPRIVPORTS |
|| anonportmin < IPPORT_RESERVED |
|| anonportmin < IPPORT_RESERVED |
#endif |
#endif |
Line 1646 ip_sysctl(name, namelen, oldp, oldlenp, |
|
Line 1727 ip_sysctl(name, namelen, oldp, oldlenp, |
|
case IPCTL_ANONPORTMAX: |
case IPCTL_ANONPORTMAX: |
old = anonportmax; |
old = anonportmax; |
error = sysctl_int(oldp, oldlenp, newp, newlen, &anonportmax); |
error = sysctl_int(oldp, oldlenp, newp, newlen, &anonportmax); |
if (anonportmin >= anonportmax || anonportmax > 65535 |
if (anonportmin >= anonportmax || anonportmax < 0 |
|
|| anonportmax > 65535 |
#ifndef IPNOPRIVPORTS |
#ifndef IPNOPRIVPORTS |
|| anonportmax < IPPORT_RESERVED |
|| anonportmax < IPPORT_RESERVED |
#endif |
#endif |
Line 1684 ip_sysctl(name, namelen, oldp, oldlenp, |
|
Line 1766 ip_sysctl(name, namelen, oldp, oldlenp, |
|
&ip_gif_ttl)); |
&ip_gif_ttl)); |
#endif |
#endif |
|
|
|
#ifndef IPNOPRIVPORTS |
|
case IPCTL_LOWPORTMIN: |
|
old = lowportmin; |
|
error = sysctl_int(oldp, oldlenp, newp, newlen, &lowportmin); |
|
if (lowportmin >= lowportmax |
|
|| lowportmin > IPPORT_RESERVEDMAX |
|
|| lowportmin < IPPORT_RESERVEDMIN |
|
) { |
|
lowportmin = old; |
|
return (EINVAL); |
|
} |
|
return (error); |
|
case IPCTL_LOWPORTMAX: |
|
old = lowportmax; |
|
error = sysctl_int(oldp, oldlenp, newp, newlen, &lowportmax); |
|
if (lowportmin >= lowportmax |
|
|| lowportmax > IPPORT_RESERVEDMAX |
|
|| lowportmax < IPPORT_RESERVEDMIN |
|
) { |
|
lowportmax = old; |
|
return (EINVAL); |
|
} |
|
return (error); |
|
#endif |
|
|
default: |
default: |
return (EOPNOTSUPP); |
return (EOPNOTSUPP); |
} |
} |