Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.99 retrieving revision 1.109 diff -u -p -r1.99 -r1.109 --- src/sys/netinet/ip_input.c 2000/02/12 18:00:00 1.99 +++ src/sys/netinet/ip_input.c 2000/03/30 13:24:59 1.109 @@ -1,4 +1,4 @@ -/* $NetBSD: ip_input.c,v 1.99 2000/02/12 18:00:00 thorpej Exp $ */ +/* $NetBSD: ip_input.c,v 1.109 2000/03/30 13:24:59 augustss Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -194,15 +194,12 @@ int ipprintfs = 0; struct rttimer_queue *ip_mtudisc_timeout_q = NULL; extern struct domain inetdomain; -extern struct protosw inetsw[]; -u_char ip_protox[IPPROTO_MAX]; int ipqmaxlen = IFQ_MAXLEN; struct in_ifaddrhead in_ifaddr; struct in_ifaddrhashhead *in_ifaddrhashtbl; struct ifqueue ipintrq; struct ipstat ipstat; u_int16_t ip_id; -int ip_defttl; struct ipqhead ipq; int ipq_locked; @@ -283,8 +280,8 @@ static void save_rte __P((u_char *, stru void ip_init() { - register struct protosw *pr; - register int i; + struct protosw *pr; + int i; pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", 0, NULL, NULL, M_IPQ); @@ -342,12 +339,13 @@ ipintr() void ip_input(struct mbuf *m) { - register struct ip *ip = NULL; - register struct ipq *fp; - register struct in_ifaddr *ia; - register struct ifaddr *ifa; + struct ip *ip = NULL; + struct ipq *fp; + struct in_ifaddr *ia; + struct ifaddr *ifa; struct ipqent *ipqe; int hlen = 0, mff, len; + int downmatch; #ifdef PFIL_HOOKS struct packet_filter_hook *pfh; struct mbuf *m0; @@ -465,9 +463,11 @@ ip_input(struct mbuf *m) * in the list may have previously cleared it. */ m0 = m; - for (pfh = pfil_hook_get(PFIL_IN); pfh; pfh = pfh->pfil_link.tqe_next) + pfh = pfil_hook_get(PFIL_IN, &inetsw[ip_protox[IPPROTO_IP]].pr_pfh); + for (; pfh; pfh = pfh->pfil_link.tqe_next) if (pfh->pfil_func) { - rv = pfh->pfil_func(ip, hlen, m->m_pkthdr.rcvif, 0, &m0); + rv = pfh->pfil_func(ip, hlen, + m->m_pkthdr.rcvif, 0, &m0); if (rv) return; m = m0; @@ -489,18 +489,20 @@ ip_input(struct mbuf *m) /* * Check our list of addresses, to see if the packet is for us. + * + * Traditional 4.4BSD did not consult IFF_UP at all. + * The behavior here is to treat addresses on !IFF_UP interface + * as not mine. */ + downmatch = 0; for (ia = IN_IFADDR_HASH(ip->ip_dst.s_addr).lh_first; ia != NULL; ia = ia->ia_hash.le_next) { if (in_hosteq(ia->ia_addr.sin_addr, ip->ip_dst)) { if ((ia->ia_ifp->if_flags & IFF_UP) != 0) break; - else { - icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, - 0, m->m_pkthdr.rcvif); - return; - } + else + downmatch++; } } if (ia != NULL) @@ -591,8 +593,20 @@ ip_input(struct mbuf *m) if (ipforwarding == 0) { ipstat.ips_cantforward++; m_freem(m); - } else + } else { + /* + * If ip_dst matched any of my address on !IFF_UP interface, + * and there's no IFF_UP interface that matches ip_dst, + * send icmp unreach. Forwarding it will result in in-kernel + * forwarding loop till TTL goes to 0. + */ + if (downmatch) { + icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, 0, 0); + ipstat.ips_cantforward++; + return; + } ip_forward(m, 0); + } return; ours: @@ -694,11 +708,11 @@ bad: */ struct mbuf * ip_reass(ipqe, fp) - register struct ipqent *ipqe; - register struct ipq *fp; + struct ipqent *ipqe; + struct ipq *fp; { - register struct mbuf *m = ipqe->ipqe_m; - register struct ipqent *nq, *p, *q; + struct mbuf *m = ipqe->ipqe_m; + struct ipqent *nq, *p, *q; struct ip *ip; struct mbuf *t; int hlen = ipqe->ipqe_ip->ip_hl << 2; @@ -828,8 +842,6 @@ insert: * Make header visible. */ ip->ip_len = next; - ip->ip_ttl = 0; /* xxx */ - ip->ip_sum = 0; ip->ip_src = fp->ipq_src; ip->ip_dst = fp->ipq_dst; LIST_REMOVE(fp, ipq_q); @@ -838,7 +850,7 @@ insert: m->m_data -= (ip->ip_hl << 2); /* some debugging cruft by sklower, below, will go away soon */ if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */ - register int plen = 0; + int plen = 0; for (t = m; t; t = t->m_next) plen += t->m_len; m->m_pkthdr.len = plen; @@ -860,7 +872,7 @@ void ip_freef(fp) struct ipq *fp; { - register struct ipqent *q, *p; + struct ipqent *q, *p; IPQ_LOCK_CHECK(); @@ -882,7 +894,7 @@ ip_freef(fp) void ip_slowtimo() { - register struct ipq *fp, *nfp; + struct ipq *fp, *nfp; int s = splsoftnet(); IPQ_LOCK(); @@ -933,12 +945,12 @@ int ip_dooptions(m) struct mbuf *m; { - register struct ip *ip = mtod(m, struct ip *); - register u_char *cp; - register struct ip_timestamp *ipt; - register struct in_ifaddr *ia; + struct ip *ip = mtod(m, struct ip *); + u_char *cp, *cp0; + struct ip_timestamp *ipt; + struct in_ifaddr *ia; int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0; - struct in_addr *sin, dst; + struct in_addr dst; n_time ntime; dst = ip->ip_dst; @@ -1067,7 +1079,7 @@ ip_dooptions(m) goto bad; break; } - sin = (struct in_addr *)(cp + ipt->ipt_ptr - 1); + cp0 = (cp + ipt->ipt_ptr - 1); switch (ipt->ipt_flg) { case IPOPT_TS_TSONLY: @@ -1082,8 +1094,8 @@ ip_dooptions(m) m->m_pkthdr.rcvif)); if (ia == 0) continue; - bcopy((caddr_t)&ia->ia_addr.sin_addr, - (caddr_t)sin, sizeof(struct in_addr)); + bcopy(&ia->ia_addr.sin_addr, + cp0, sizeof(struct in_addr)); ipt->ipt_ptr += sizeof(struct in_addr); break; @@ -1091,7 +1103,7 @@ ip_dooptions(m) if (ipt->ipt_ptr - 1 + sizeof(n_time) + sizeof(struct in_addr) > ipt->ipt_len) goto bad; - bcopy((caddr_t)sin, (caddr_t)&ipaddr.sin_addr, + bcopy(cp0, &ipaddr.sin_addr, sizeof(struct in_addr)); if (ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))) == NULL) @@ -1103,7 +1115,8 @@ ip_dooptions(m) goto bad; } ntime = iptime(); - bcopy((caddr_t)&ntime, (caddr_t)cp + ipt->ipt_ptr - 1, + cp0 = (u_char *) &ntime; /* XXX grumble, GCC... */ + bcopy(cp0, (caddr_t)cp + ipt->ipt_ptr - 1, sizeof(n_time)); ipt->ipt_ptr += sizeof(n_time); } @@ -1132,7 +1145,7 @@ struct in_ifaddr * ip_rtaddr(dst) struct in_addr dst; { - register struct sockaddr_in *sin; + struct sockaddr_in *sin; sin = satosin(&ipforward_rt.ro_dst); @@ -1183,8 +1196,8 @@ save_rte(option, dst) struct mbuf * ip_srcroute() { - register struct in_addr *p, *q; - register struct mbuf *m; + struct in_addr *p, *q; + struct mbuf *m; if (ip_nhops == 0) return ((struct mbuf *)0); @@ -1253,12 +1266,12 @@ ip_srcroute() */ void ip_stripoptions(m, mopt) - register struct mbuf *m; + struct mbuf *m; struct mbuf *mopt; { - register int i; + int i; struct ip *ip = mtod(m, struct ip *); - register caddr_t opts; + caddr_t opts; int olen; olen = (ip->ip_hl << 2) - sizeof (struct ip); @@ -1300,9 +1313,9 @@ ip_forward(m, srcrt) struct mbuf *m; int srcrt; { - register struct ip *ip = mtod(m, struct ip *); - register struct sockaddr_in *sin; - register struct rtentry *rt; + struct ip *ip = mtod(m, struct ip *); + struct sockaddr_in *sin; + struct rtentry *rt; int error, type = 0, code = 0; struct mbuf *mcopy; n_long dest; @@ -1388,8 +1401,9 @@ ip_forward(m, srcrt) } #ifdef IPSEC - m->m_pkthdr.rcvif = NULL; -#endif /*IPSEC*/ + /* Don't lookup socket in forwading case */ + ipsec_setsocket(m, NULL); +#endif error = ip_output(m, (struct mbuf *)0, &ipforward_rt, (IP_FORWARDING | (ip_directedbcast ? IP_ALLOWBROADCAST : 0)), 0); if (error) @@ -1499,10 +1513,10 @@ ip_forward(m, srcrt) void ip_savecontrol(inp, mp, ip, m) - register struct inpcb *inp; - register struct mbuf **mp; - register struct ip *ip; - register struct mbuf *m; + struct inpcb *inp; + struct mbuf **mp; + struct ip *ip; + struct mbuf *m; { if (inp->inp_socket->so_options & SO_TIMESTAMP) {