version 1.130.2.6, 2002/01/08 00:34:06 |
version 1.130.2.7, 2002/02/28 04:15:08 |
Line 139 __KERNEL_RCSID(0, "$NetBSD$"); |
|
Line 139 __KERNEL_RCSID(0, "$NetBSD$"); |
|
/* just for gif_ttl */ |
/* just for gif_ttl */ |
#include <netinet/in_gif.h> |
#include <netinet/in_gif.h> |
#include "gif.h" |
#include "gif.h" |
|
#include <net/if_gre.h> |
|
#include "gre.h" |
|
|
#ifdef MROUTING |
#ifdef MROUTING |
#include <netinet/ip_mroute.h> |
#include <netinet/ip_mroute.h> |
Line 685 ip_input(struct mbuf *m) |
|
Line 687 ip_input(struct mbuf *m) |
|
ipstat.ips_cantforward++; |
ipstat.ips_cantforward++; |
return; |
return; |
} |
} |
|
#ifdef IPSEC |
|
if (ipsec4_in_reject(m, NULL)) { |
|
ipsecstat.in_polvio++; |
|
goto bad; |
|
} |
|
#endif |
|
|
ip_forward(m, 0); |
ip_forward(m, 0); |
} |
} |
return; |
return; |
Line 1665 ip_forward(m, srcrt) |
|
Line 1674 ip_forward(m, srcrt) |
|
break; |
break; |
|
|
case ENOBUFS: |
case ENOBUFS: |
|
#if 1 |
|
/* |
|
* a router should not generate ICMP_SOURCEQUENCH as |
|
* required in RFC1812 Requirements for IP Version 4 Routers. |
|
* source quench could be a big problem under DoS attacks, |
|
* or the underlying interface is rate-limited. |
|
*/ |
|
if (mcopy) |
|
m_freem(mcopy); |
|
return; |
|
#else |
type = ICMP_SOURCEQUENCH; |
type = ICMP_SOURCEQUENCH; |
code = 0; |
code = 0; |
break; |
break; |
|
#endif |
} |
} |
icmp_error(mcopy, type, code, dest, destifp); |
icmp_error(mcopy, type, code, dest, destifp); |
} |
} |
Line 1844 ip_sysctl(name, namelen, oldp, oldlenp, |
|
Line 1865 ip_sysctl(name, namelen, oldp, oldlenp, |
|
&ip_gif_ttl)); |
&ip_gif_ttl)); |
#endif |
#endif |
|
|
|
#if NGRE > 0 |
|
case IPCTL_GRE_TTL: |
|
return(sysctl_int(oldp, oldlenp, newp, newlen, |
|
&ip_gre_ttl)); |
|
#endif |
|
|
#ifndef IPNOPRIVPORTS |
#ifndef IPNOPRIVPORTS |
case IPCTL_LOWPORTMIN: |
case IPCTL_LOWPORTMIN: |
old = lowportmin; |
old = lowportmin; |