Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.91 retrieving revision 1.131 diff -u -p -r1.91 -r1.131 --- src/sys/netinet/ip_input.c 1999/07/09 22:57:18 1.91 +++ src/sys/netinet/ip_input.c 2001/03/27 02:24:38 1.131 @@ -1,4 +1,4 @@ -/* $NetBSD: ip_input.c,v 1.91 1999/07/09 22:57:18 thorpej Exp $ */ +/* $NetBSD: ip_input.c,v 1.131 2001/03/27 02:24:38 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -120,7 +120,8 @@ #include #include -#include +#include + #include #include @@ -139,14 +140,13 @@ #include #include "gif.h" +#ifdef MROUTING +#include +#endif + #ifdef IPSEC #include -#include -#ifdef IPSEC_ESP -#include -#endif #include -#include #endif #ifndef IPFORWARDING @@ -198,18 +198,21 @@ int ipprintfs = 0; struct rttimer_queue *ip_mtudisc_timeout_q = NULL; extern struct domain inetdomain; -extern struct protosw inetsw[]; -u_char ip_protox[IPPROTO_MAX]; int ipqmaxlen = IFQ_MAXLEN; struct in_ifaddrhead in_ifaddr; struct in_ifaddrhashhead *in_ifaddrhashtbl; struct ifqueue ipintrq; struct ipstat ipstat; u_int16_t ip_id; -int ip_defttl; + +#ifdef PFIL_HOOKS +struct pfil_head inet_pfil_hook; +#endif struct ipqhead ipq; int ipq_locked; +int ip_nfragpackets = 0; +int ip_maxfragpackets = -1; static __inline int ipq_lock_try __P((void)); static __inline void ipq_unlock __P((void)); @@ -287,8 +290,8 @@ static void save_rte __P((u_char *, stru void ip_init() { - register struct protosw *pr; - register int i; + struct protosw *pr; + int i; pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", 0, NULL, NULL, M_IPQ); @@ -307,14 +310,24 @@ ip_init() ip_id = time.tv_sec & 0xffff; ipintrq.ifq_maxlen = ipqmaxlen; TAILQ_INIT(&in_ifaddr); - in_ifaddrhashtbl = - hashinit(IN_IFADDR_HASH_SIZE, M_IFADDR, M_WAITOK, &in_ifaddrhash); + in_ifaddrhashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, M_IFADDR, + M_WAITOK, &in_ifaddrhash); if (ip_mtudisc != 0) ip_mtudisc_timeout_q = rt_timer_queue_create(ip_mtudisc_timeout); #ifdef GATEWAY ipflow_init(); #endif + +#ifdef PFIL_HOOKS + /* Register our Packet Filter hook. */ + inet_pfil_hook.ph_type = PFIL_TYPE_AF; + inet_pfil_hook.ph_af = AF_INET; + i = pfil_head_register(&inet_pfil_hook); + if (i != 0) + printf("ip_init: WARNING: unable to register pfil hook, " + "error %d\n", i); +#endif /* PFIL_HOOKS */ } struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET }; @@ -346,17 +359,13 @@ ipintr() void ip_input(struct mbuf *m) { - register struct ip *ip = NULL; - register struct ipq *fp; - register struct in_ifaddr *ia; - register struct ifaddr *ifa; + struct ip *ip = NULL; + struct ipq *fp; + struct in_ifaddr *ia; + struct ifaddr *ifa; struct ipqent *ipqe; int hlen = 0, mff, len; -#ifdef PFIL_HOOKS - struct packet_filter_hook *pfh; - struct mbuf *m0; - int rv; -#endif /* PFIL_HOOKS */ + int downmatch; #ifdef DIAGNOSTIC if ((m->m_flags & M_PKTHDR) == 0) @@ -401,25 +410,32 @@ ip_input(struct mbuf *m) } ip = mtod(m, struct ip *); } + /* - * we drop packets that have a multicast address as source - * as wanted by rfc 1112 + * RFC1122: packets with a multicast source address are + * not allowed. */ if (IN_MULTICAST(ip->ip_src.s_addr)) { + ipstat.ips_badaddr++; goto bad; } + /* 127/8 must not appear on wire - RFC1122 */ + if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET || + (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) { + if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) { + ipstat.ips_badaddr++; + goto bad; + } + } + if (in_cksum(m, hlen) != 0) { ipstat.ips_badsum++; goto bad; } - /* - * Convert fields to host representation. - */ - NTOHS(ip->ip_len); - NTOHS(ip->ip_off); - len = ip->ip_len; + /* Retrieve the packet length. */ + len = ntohs(ip->ip_len); /* * Check for additional length bogosity @@ -447,11 +463,16 @@ ip_input(struct mbuf *m) m_adj(m, len - m->m_pkthdr.len); } +#ifdef IPSEC + /* ipflow (IP fast fowarding) is not compatible with IPsec. */ + m->m_flags &= ~M_CANFASTFWD; +#else /* * Assume that we can create a fast-forward IP flow entry * based on this packet. */ m->m_flags |= M_CANFASTFWD; +#endif #ifdef PFIL_HOOKS /* @@ -461,19 +482,39 @@ ip_input(struct mbuf *m) * Note that filters must _never_ set this flag, as another filter * in the list may have previously cleared it. */ - m0 = m; - for (pfh = pfil_hook_get(PFIL_IN); pfh; pfh = pfh->pfil_link.tqe_next) - if (pfh->pfil_func) { - rv = pfh->pfil_func(ip, hlen, m->m_pkthdr.rcvif, 0, &m0); - if (rv) - return; - m = m0; - if (m == NULL) - return; - ip = mtod(m, struct ip *); - } + /* + * let ipfilter look at packet on the wire, + * not the decapsulated packet. + */ +#ifdef IPSEC + if (!ipsec_gethist(m, NULL)) +#else + if (1) +#endif + { + if (pfil_run_hooks(&inet_pfil_hook, &m, m->m_pkthdr.rcvif, + PFIL_IN) != 0) + return; + if (m == NULL) + return; + ip = mtod(m, struct ip *); + } #endif /* PFIL_HOOKS */ +#ifdef ALTQ + /* XXX Temporary until ALTQ is changed to use a pfil hook */ + if (altq_input != NULL && (*altq_input)(m, AF_INET) == 0) { + /* packet dropped by traffic conditioner */ + return; + } +#endif + + /* + * Convert fields to host representation. + */ + NTOHS(ip->ip_len); + NTOHS(ip->ip_off); + /* * Process options and, if not destined for us, * ship it on. ip_dooptions returns 1 when an @@ -486,8 +527,22 @@ ip_input(struct mbuf *m) /* * Check our list of addresses, to see if the packet is for us. - */ - INADDR_TO_IA(ip->ip_dst, ia); + * + * Traditional 4.4BSD did not consult IFF_UP at all. + * The behavior here is to treat addresses on !IFF_UP interface + * as not mine. + */ + downmatch = 0; + for (ia = IN_IFADDR_HASH(ip->ip_dst.s_addr).lh_first; + ia != NULL; + ia = ia->ia_hash.le_next) { + if (in_hosteq(ia->ia_addr.sin_addr, ip->ip_dst)) { + if ((ia->ia_ifp->if_flags & IFF_UP) != 0) + break; + else + downmatch++; + } + } if (ia != NULL) goto ours; if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) { @@ -576,8 +631,20 @@ ip_input(struct mbuf *m) if (ipforwarding == 0) { ipstat.ips_cantforward++; m_freem(m); - } else + } else { + /* + * If ip_dst matched any of my address on !IFF_UP interface, + * and there's no IFF_UP interface that matches ip_dst, + * send icmp unreach. Forwarding it will result in in-kernel + * forwarding loop till TTL goes to 0. + */ + if (downmatch) { + icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, 0, 0); + ipstat.ips_cantforward++; + return; + } ip_forward(m, 0); + } return; ours: @@ -654,11 +721,25 @@ found: IPQ_UNLOCK(); } +#ifdef IPSEC + /* + * enforce IPsec policy checking if we are seeing last header. + * note that we do not visit this with protocols with pcb layer + * code - like udp/tcp/raw ip. + */ + if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) != 0 && + ipsec4_in_reject(m, NULL)) { + ipsecstat.in_polvio++; + goto bad; + } +#endif + /* * Switch out to protocol's input routine. */ #if IFA_STATS - ia->ia_ifa.ifa_data.ifad_inbytes += ip->ip_len; + if (ia && ip) + ia->ia_ifa.ifa_data.ifad_inbytes += ip->ip_len; #endif ipstat.ips_delivered++; { @@ -679,11 +760,11 @@ bad: */ struct mbuf * ip_reass(ipqe, fp) - register struct ipqent *ipqe; - register struct ipq *fp; + struct ipqent *ipqe; + struct ipq *fp; { - register struct mbuf *m = ipqe->ipqe_m; - register struct ipqent *nq, *p, *q; + struct mbuf *m = ipqe->ipqe_m; + struct ipqent *nq, *p, *q; struct ip *ip; struct mbuf *t; int hlen = ipqe->ipqe_ip->ip_hl << 2; @@ -702,6 +783,17 @@ ip_reass(ipqe, fp) * If first fragment to arrive, create a reassembly queue. */ if (fp == 0) { + /* + * Enforce upper bound on number of fragmented packets + * for which we attempt reassembly; + * If maxfrag is 0, never accept fragments. + * If maxfrag is -1, accept all fragments without limitation. + */ + if (ip_maxfragpackets < 0) + ; + else if (ip_nfragpackets >= ip_maxfragpackets) + goto dropfrag; + ip_nfragpackets++; MALLOC(fp, struct ipq *, sizeof (struct ipq), M_FTABLE, M_NOWAIT); if (fp == NULL) @@ -813,17 +905,16 @@ insert: * Make header visible. */ ip->ip_len = next; - ip->ip_ttl = 0; /* xxx */ - ip->ip_sum = 0; ip->ip_src = fp->ipq_src; ip->ip_dst = fp->ipq_dst; LIST_REMOVE(fp, ipq_q); FREE(fp, M_FTABLE); + ip_nfragpackets--; m->m_len += (ip->ip_hl << 2); m->m_data -= (ip->ip_hl << 2); /* some debugging cruft by sklower, below, will go away soon */ if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */ - register int plen = 0; + int plen = 0; for (t = m; t; t = t->m_next) plen += t->m_len; m->m_pkthdr.len = plen; @@ -845,7 +936,7 @@ void ip_freef(fp) struct ipq *fp; { - register struct ipqent *q, *p; + struct ipqent *q, *p; IPQ_LOCK_CHECK(); @@ -857,6 +948,7 @@ ip_freef(fp) } LIST_REMOVE(fp, ipq_q); FREE(fp, M_FTABLE); + ip_nfragpackets--; } /* @@ -867,7 +959,7 @@ ip_freef(fp) void ip_slowtimo() { - register struct ipq *fp, *nfp; + struct ipq *fp, *nfp; int s = splsoftnet(); IPQ_LOCK(); @@ -878,6 +970,17 @@ ip_slowtimo() ip_freef(fp); } } + /* + * If we are over the maximum number of fragments + * (due to the limit being lowered), drain off + * enough to get down to the new limit. + */ + if (ip_maxfragpackets < 0) + ; + else { + while (ip_nfragpackets > ip_maxfragpackets && ipq.lh_first) + ip_freef(ipq.lh_first); + } IPQ_UNLOCK(); #ifdef GATEWAY ipflow_slowtimo(); @@ -918,12 +1021,12 @@ int ip_dooptions(m) struct mbuf *m; { - register struct ip *ip = mtod(m, struct ip *); - register u_char *cp; - register struct ip_timestamp *ipt; - register struct in_ifaddr *ia; + struct ip *ip = mtod(m, struct ip *); + u_char *cp, *cp0; + struct ip_timestamp *ipt; + struct in_ifaddr *ia; int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0; - struct in_addr *sin, dst; + struct in_addr dst; n_time ntime; dst = ip->ip_dst; @@ -936,8 +1039,12 @@ ip_dooptions(m) if (opt == IPOPT_NOP) optlen = 1; else { + if (cnt < IPOPT_OLEN + sizeof(*cp)) { + code = &cp[IPOPT_OLEN] - (u_char *)ip; + goto bad; + } optlen = cp[IPOPT_OLEN]; - if (optlen <= 0 || optlen > cnt) { + if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) { code = &cp[IPOPT_OLEN] - (u_char *)ip; goto bad; } @@ -963,6 +1070,10 @@ ip_dooptions(m) code = ICMP_UNREACH_NET_PROHIB; goto bad; } + if (optlen < IPOPT_OFFSET + sizeof(*cp)) { + code = &cp[IPOPT_OLEN] - (u_char *)ip; + goto bad; + } if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) { code = &cp[IPOPT_OFFSET] - (u_char *)ip; goto bad; @@ -982,7 +1093,7 @@ ip_dooptions(m) break; } off--; /* 0 origin */ - if (off > optlen - sizeof(struct in_addr)) { + if ((off + sizeof(struct in_addr)) > optlen) { /* * End of source route. Should be for us. */ @@ -994,11 +1105,9 @@ ip_dooptions(m) */ bcopy((caddr_t)(cp + off), (caddr_t)&ipaddr.sin_addr, sizeof(ipaddr.sin_addr)); - if (opt == IPOPT_SSRR) { -#define INA struct in_ifaddr * -#define SA struct sockaddr * - ia = (INA)ifa_ifwithladdr((SA)&ipaddr); - } else + if (opt == IPOPT_SSRR) + ia = ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))); + else ia = ip_rtaddr(ipaddr.sin_addr); if (ia == 0) { type = ICMP_UNREACH; @@ -1016,6 +1125,10 @@ ip_dooptions(m) break; case IPOPT_RR: + if (optlen < IPOPT_OFFSET + sizeof(*cp)) { + code = &cp[IPOPT_OLEN] - (u_char *)ip; + goto bad; + } if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) { code = &cp[IPOPT_OFFSET] - (u_char *)ip; goto bad; @@ -1024,7 +1137,7 @@ ip_dooptions(m) * If no space remains, ignore. */ off--; /* 0 origin */ - if (off > optlen - sizeof(struct in_addr)) + if ((off + sizeof(struct in_addr)) > optlen) break; bcopy((caddr_t)(&ip->ip_dst), (caddr_t)&ipaddr.sin_addr, sizeof(ipaddr.sin_addr)); @@ -1032,8 +1145,9 @@ ip_dooptions(m) * locate outgoing interface; if we're the destination, * use the incoming interface (should be same). */ - if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == 0 && - (ia = ip_rtaddr(ipaddr.sin_addr)) == 0) { + if ((ia = ifatoia(ifa_ifwithaddr(sintosa(&ipaddr)))) + == NULL && + (ia = ip_rtaddr(ipaddr.sin_addr)) == NULL) { type = ICMP_UNREACH; code = ICMP_UNREACH_HOST; goto bad; @@ -1046,14 +1160,23 @@ ip_dooptions(m) case IPOPT_TS: code = cp - (u_char *)ip; ipt = (struct ip_timestamp *)cp; - if (ipt->ipt_len < 5) + if (ipt->ipt_len < 4 || ipt->ipt_len > 40) { + code = (u_char *)&ipt->ipt_len - (u_char *)ip; + goto bad; + } + if (ipt->ipt_ptr < 5) { + code = (u_char *)&ipt->ipt_ptr - (u_char *)ip; goto bad; + } if (ipt->ipt_ptr > ipt->ipt_len - sizeof (int32_t)) { - if (++ipt->ipt_oflw == 0) + if (++ipt->ipt_oflw == 0) { + code = (u_char *)&ipt->ipt_ptr - + (u_char *)ip; goto bad; + } break; } - sin = (struct in_addr *)(cp + ipt->ipt_ptr - 1); + cp0 = (cp + ipt->ipt_ptr - 1); switch (ipt->ipt_flg) { case IPOPT_TS_TSONLY: @@ -1061,34 +1184,45 @@ ip_dooptions(m) case IPOPT_TS_TSANDADDR: if (ipt->ipt_ptr - 1 + sizeof(n_time) + - sizeof(struct in_addr) > ipt->ipt_len) + sizeof(struct in_addr) > ipt->ipt_len) { + code = (u_char *)&ipt->ipt_ptr - + (u_char *)ip; goto bad; + } ipaddr.sin_addr = dst; - ia = (INA)ifaof_ifpforaddr((SA)&ipaddr, - m->m_pkthdr.rcvif); + ia = ifatoia(ifaof_ifpforaddr(sintosa(&ipaddr), + m->m_pkthdr.rcvif)); if (ia == 0) continue; - bcopy((caddr_t)&ia->ia_addr.sin_addr, - (caddr_t)sin, sizeof(struct in_addr)); + bcopy(&ia->ia_addr.sin_addr, + cp0, sizeof(struct in_addr)); ipt->ipt_ptr += sizeof(struct in_addr); break; case IPOPT_TS_PRESPEC: if (ipt->ipt_ptr - 1 + sizeof(n_time) + - sizeof(struct in_addr) > ipt->ipt_len) + sizeof(struct in_addr) > ipt->ipt_len) { + code = (u_char *)&ipt->ipt_ptr - + (u_char *)ip; goto bad; - bcopy((caddr_t)sin, (caddr_t)&ipaddr.sin_addr, + } + bcopy(cp0, &ipaddr.sin_addr, sizeof(struct in_addr)); - if (ifa_ifwithaddr((SA)&ipaddr) == 0) + if (ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))) + == NULL) continue; ipt->ipt_ptr += sizeof(struct in_addr); break; default: + /* XXX can't take &ipt->ipt_flg */ + code = (u_char *)&ipt->ipt_ptr - + (u_char *)ip + 1; goto bad; } ntime = iptime(); - bcopy((caddr_t)&ntime, (caddr_t)cp + ipt->ipt_ptr - 1, + cp0 = (u_char *) &ntime; /* XXX grumble, GCC... */ + bcopy(cp0, (caddr_t)cp + ipt->ipt_ptr - 1, sizeof(n_time)); ipt->ipt_ptr += sizeof(n_time); } @@ -1117,7 +1251,7 @@ struct in_ifaddr * ip_rtaddr(dst) struct in_addr dst; { - register struct sockaddr_in *sin; + struct sockaddr_in *sin; sin = satosin(&ipforward_rt.ro_dst); @@ -1168,8 +1302,8 @@ save_rte(option, dst) struct mbuf * ip_srcroute() { - register struct in_addr *p, *q; - register struct mbuf *m; + struct in_addr *p, *q; + struct mbuf *m; if (ip_nhops == 0) return ((struct mbuf *)0); @@ -1238,12 +1372,12 @@ ip_srcroute() */ void ip_stripoptions(m, mopt) - register struct mbuf *m; + struct mbuf *m; struct mbuf *mopt; { - register int i; + int i; struct ip *ip = mtod(m, struct ip *); - register caddr_t opts; + caddr_t opts; int olen; olen = (ip->ip_hl << 2) - sizeof (struct ip); @@ -1285,9 +1419,9 @@ ip_forward(m, srcrt) struct mbuf *m; int srcrt; { - register struct ip *ip = mtod(m, struct ip *); - register struct sockaddr_in *sin; - register struct rtentry *rt; + struct ip *ip = mtod(m, struct ip *); + struct sockaddr_in *sin; + struct rtentry *rt; int error, type = 0, code = 0; struct mbuf *mcopy; n_long dest; @@ -1303,7 +1437,7 @@ ip_forward(m, srcrt) ntohl(ip->ip_src.s_addr), ntohl(ip->ip_dst.s_addr), ip->ip_ttl); #endif - if (m->m_flags & M_BCAST || in_canforward(ip->ip_dst) == 0) { + if (m->m_flags & (M_BCAST|M_MCAST) || in_canforward(ip->ip_dst) == 0) { ipstat.ips_cantforward++; m_freem(m); return; @@ -1336,8 +1470,11 @@ ip_forward(m, srcrt) /* * Save at most 68 bytes of the packet in case * we need to generate an ICMP message to the src. + * Pullup to avoid sharing mbuf cluster between m and mcopy. */ - mcopy = m_copy(m, 0, imin((int)ip->ip_len, 68)); + mcopy = m_copym(m, 0, imin((int)ip->ip_len, 68), M_DONTWAIT); + if (mcopy) + mcopy = m_pullup(mcopy, ip->ip_hl << 2); /* * If forwarding packet using same interface that it came in on, @@ -1373,8 +1510,9 @@ ip_forward(m, srcrt) } #ifdef IPSEC - m->m_pkthdr.rcvif = NULL; -#endif /*IPSEC*/ + /* Don't lookup socket in forwading case */ + (void)ipsec_setsocket(m, NULL); +#endif error = ip_output(m, (struct mbuf *)0, &ipforward_rt, (IP_FORWARDING | (ip_directedbcast ? IP_ALLOWBROADCAST : 0)), 0); if (error) @@ -1429,18 +1567,21 @@ ip_forward(m, srcrt) if (ipforward_rt.ro_rt) { struct secpolicy *sp; int ipsecerror; - int ipsechdr; + size_t ipsechdr; struct route *ro; sp = ipsec4_getpolicybyaddr(mcopy, - IP_FORWARDING, - &ipsecerror); + IPSEC_DIR_OUTBOUND, + IP_FORWARDING, + &ipsecerror); if (sp == NULL) destifp = ipforward_rt.ro_rt->rt_ifp; else { /* count IPsec header size */ - ipsechdr = ipsec4_hdrsiz(mcopy, NULL); + ipsechdr = ipsec4_hdrsiz(mcopy, + IPSEC_DIR_OUTBOUND, + NULL); /* * find the correct route for outer IPv4 @@ -1453,8 +1594,9 @@ ip_forward(m, srcrt) /*XXX*/ destifp = NULL; if (sp->req != NULL - && sp->req->sa != NULL) { - ro = &sp->req->sa->saidx->sa_route; + && sp->req->sav != NULL + && sp->req->sav->sah != NULL) { + ro = &sp->req->sav->sah->sa_route; if (ro->ro_rt && ro->ro_rt->rt_ifp) { dummyifp.if_mtu = ro->ro_rt->rt_ifp->if_mtu; @@ -1480,10 +1622,10 @@ ip_forward(m, srcrt) void ip_savecontrol(inp, mp, ip, m) - register struct inpcb *inp; - register struct mbuf **mp; - register struct ip *ip; - register struct mbuf *m; + struct inpcb *inp; + struct mbuf **mp; + struct ip *ip; + struct mbuf *m; { if (inp->inp_socket->so_options & SO_TIMESTAMP) { @@ -1598,7 +1740,8 @@ ip_sysctl(name, namelen, oldp, oldlenp, case IPCTL_ANONPORTMIN: old = anonportmin; error = sysctl_int(oldp, oldlenp, newp, newlen, &anonportmin); - if (anonportmin >= anonportmax || anonportmin > 65535 + if (anonportmin >= anonportmax || anonportmin < 0 + || anonportmin > 65535 #ifndef IPNOPRIVPORTS || anonportmin < IPPORT_RESERVED #endif @@ -1610,7 +1753,8 @@ ip_sysctl(name, namelen, oldp, oldlenp, case IPCTL_ANONPORTMAX: old = anonportmax; error = sysctl_int(oldp, oldlenp, newp, newlen, &anonportmax); - if (anonportmin >= anonportmax || anonportmax > 65535 + if (anonportmin >= anonportmax || anonportmax < 0 + || anonportmax > 65535 #ifndef IPNOPRIVPORTS || anonportmax < IPPORT_RESERVED #endif @@ -1648,6 +1792,35 @@ ip_sysctl(name, namelen, oldp, oldlenp, &ip_gif_ttl)); #endif +#ifndef IPNOPRIVPORTS + case IPCTL_LOWPORTMIN: + old = lowportmin; + error = sysctl_int(oldp, oldlenp, newp, newlen, &lowportmin); + if (lowportmin >= lowportmax + || lowportmin > IPPORT_RESERVEDMAX + || lowportmin < IPPORT_RESERVEDMIN + ) { + lowportmin = old; + return (EINVAL); + } + return (error); + case IPCTL_LOWPORTMAX: + old = lowportmax; + error = sysctl_int(oldp, oldlenp, newp, newlen, &lowportmax); + if (lowportmin >= lowportmax + || lowportmax > IPPORT_RESERVEDMAX + || lowportmax < IPPORT_RESERVEDMIN + ) { + lowportmax = old; + return (EINVAL); + } + return (error); +#endif + + case IPCTL_MAXFRAGPACKETS: + return (sysctl_int(oldp, oldlenp, newp, newlen, + &ip_maxfragpackets)); + default: return (EOPNOTSUPP); }