version 1.194, 2003/12/14 00:09:24 |
version 1.206, 2004/12/15 04:25:19 |
Line 200 int ipprintfs = 0; |
|
Line 200 int ipprintfs = 0; |
|
#endif |
#endif |
|
|
int ip_do_randomid = 0; |
int ip_do_randomid = 0; |
|
int ip_do_loopback_cksum = 0; |
|
|
/* |
/* |
* XXX - Setting ip_checkinterface mostly implements the receive side of |
* XXX - Setting ip_checkinterface mostly implements the receive side of |
Line 219 int ip_checkinterface = 0; |
|
Line 220 int ip_checkinterface = 0; |
|
|
|
struct rttimer_queue *ip_mtudisc_timeout_q = NULL; |
struct rttimer_queue *ip_mtudisc_timeout_q = NULL; |
|
|
extern struct domain inetdomain; |
|
int ipqmaxlen = IFQ_MAXLEN; |
int ipqmaxlen = IFQ_MAXLEN; |
u_long in_ifaddrhash; /* size of hash table - 1 */ |
u_long in_ifaddrhash; /* size of hash table - 1 */ |
int in_ifaddrentries; /* total number of addrs */ |
int in_ifaddrentries; /* total number of addrs */ |
Line 243 struct pfil_head inet_pfil_hook; |
|
Line 243 struct pfil_head inet_pfil_hook; |
|
static int ip_nmbclusters; /* copy of nmbclusters */ |
static int ip_nmbclusters; /* copy of nmbclusters */ |
static void ip_nmbclusters_changed __P((void)); /* recalc limits */ |
static void ip_nmbclusters_changed __P((void)); /* recalc limits */ |
|
|
#define CHECK_NMBCLUSTER_PARAMS() \ |
#define CHECK_NMBCLUSTER_PARAMS() \ |
do { if __predict_false(ip_nmbclusters != nmbclusters) \ |
do { \ |
ip_nmbclusters_changed(); \ |
if (__predict_false(ip_nmbclusters != nmbclusters)) \ |
} while (0) |
ip_nmbclusters_changed(); \ |
|
} while (/*CONSTCOND*/0) |
|
|
/* IP datagram reassembly queues (hashed) */ |
/* IP datagram reassembly queues (hashed) */ |
#define IPREASS_NHASH_LOG2 6 |
#define IPREASS_NHASH_LOG2 6 |
|
|
|
|
#define IPQ_UNLOCK() ipq_unlock() |
#define IPQ_UNLOCK() ipq_unlock() |
|
|
struct pool inmulti_pool; |
POOL_INIT(inmulti_pool, sizeof(struct in_multi), 0, 0, 0, "inmltpl", NULL); |
struct pool ipqent_pool; |
POOL_INIT(ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", NULL); |
|
|
#ifdef INET_CSUM_COUNTERS |
#ifdef INET_CSUM_COUNTERS |
#include <sys/device.h> |
#include <sys/device.h> |
Line 348 struct evcnt ip_swcsum = EVCNT_INITIALIZ |
|
Line 348 struct evcnt ip_swcsum = EVCNT_INITIALIZ |
|
|
|
#define INET_CSUM_COUNTER_INCR(ev) (ev)->ev_count++ |
#define INET_CSUM_COUNTER_INCR(ev) (ev)->ev_count++ |
|
|
|
EVCNT_ATTACH_STATIC(ip_hwcsum_bad); |
|
EVCNT_ATTACH_STATIC(ip_hwcsum_ok); |
|
EVCNT_ATTACH_STATIC(ip_swcsum); |
|
|
#else |
#else |
|
|
#define INET_CSUM_COUNTER_INCR(ev) /* nothing */ |
#define INET_CSUM_COUNTER_INCR(ev) /* nothing */ |
Line 393 ip_nmbclusters_changed(void) |
|
Line 397 ip_nmbclusters_changed(void) |
|
void |
void |
ip_init() |
ip_init() |
{ |
{ |
struct protosw *pr; |
const struct protosw *pr; |
int i; |
int i; |
|
|
pool_init(&inmulti_pool, sizeof(struct in_multi), 0, 0, 0, "inmltpl", |
|
NULL); |
|
pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", |
|
NULL); |
|
|
|
pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW); |
pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW); |
if (pr == 0) |
if (pr == 0) |
panic("ip_init"); |
panic("ip_init"); |
|
|
"error %d\n", i); |
"error %d\n", i); |
#endif /* PFIL_HOOKS */ |
#endif /* PFIL_HOOKS */ |
|
|
#ifdef INET_CSUM_COUNTERS |
|
evcnt_attach_static(&ip_hwcsum_bad); |
|
evcnt_attach_static(&ip_hwcsum_ok); |
|
evcnt_attach_static(&ip_swcsum); |
|
#endif /* INET_CSUM_COUNTERS */ |
|
|
|
#ifdef MBUFTRACE |
#ifdef MBUFTRACE |
MOWNER_ATTACH(&ip_tx_mowner); |
MOWNER_ATTACH(&ip_tx_mowner); |
MOWNER_ATTACH(&ip_rx_mowner); |
MOWNER_ATTACH(&ip_rx_mowner); |
Line 580 ip_input(struct mbuf *m) |
|
Line 573 ip_input(struct mbuf *m) |
|
break; |
break; |
|
|
default: |
default: |
/* Must compute it ourselves. */ |
/* |
INET_CSUM_COUNTER_INCR(&ip_swcsum); |
* Must compute it ourselves. Maybe skip checksum on |
if (in_cksum(m, hlen) != 0) |
* loopback interfaces. |
goto bad; |
*/ |
|
if (__predict_true(!(m->m_pkthdr.rcvif->if_flags & |
|
IFF_LOOPBACK) || ip_do_loopback_cksum)) { |
|
INET_CSUM_COUNTER_INCR(&ip_swcsum); |
|
if (in_cksum(m, hlen) != 0) |
|
goto badcsum; |
|
} |
break; |
break; |
} |
} |
|
|
Line 657 ip_input(struct mbuf *m) |
|
Line 656 ip_input(struct mbuf *m) |
|
return; |
return; |
ip = mtod(m, struct ip *); |
ip = mtod(m, struct ip *); |
hlen = ip->ip_hl << 2; |
hlen = ip->ip_hl << 2; |
|
/* |
|
* XXX The setting of "srcrt" here is to prevent ip_forward() |
|
* from generating ICMP redirects for packets that have |
|
* been redirected by a hook back out on to the same LAN that |
|
* they came from and is not an indication that the packet |
|
* is being inffluenced by source routing options. This |
|
* allows things like |
|
* "rdr tlp0 0/0 port 80 -> 1.1.1.200 3128 tcp" |
|
* where tlp0 is both on the 1.1.1.0/24 network and is the |
|
* default route for hosts on 1.1.1.0/24. Of course this |
|
* also requires a "map tlp0 ..." to complete the story. |
|
* One might argue whether or not this kind of network config. |
|
* should be supported in this manner... |
|
*/ |
srcrt = (odst.s_addr != ip->ip_dst.s_addr); |
srcrt = (odst.s_addr != ip->ip_dst.s_addr); |
} |
} |
#endif /* PFIL_HOOKS */ |
#endif /* PFIL_HOOKS */ |
Line 746 ip_input(struct mbuf *m) |
|
Line 759 ip_input(struct mbuf *m) |
|
#ifdef MROUTING |
#ifdef MROUTING |
extern struct socket *ip_mrouter; |
extern struct socket *ip_mrouter; |
|
|
if (M_READONLY(m)) { |
|
if ((m = m_pullup(m, hlen)) == 0) { |
|
ipstat.ips_toosmall++; |
|
return; |
|
} |
|
ip = mtod(m, struct ip *); |
|
} |
|
|
|
if (ip_mrouter) { |
if (ip_mrouter) { |
/* |
/* |
* If we are acting as a multicast router, all |
* If we are acting as a multicast router, all |
|
|
* but it's not worth the time; just let them time out.) |
* but it's not worth the time; just let them time out.) |
*/ |
*/ |
if (ip->ip_off & ~htons(IP_DF|IP_RF)) { |
if (ip->ip_off & ~htons(IP_DF|IP_RF)) { |
if (M_READONLY(m)) { |
|
if ((m = m_pullup(m, hlen)) == NULL) { |
|
ipstat.ips_toosmall++; |
|
goto bad; |
|
} |
|
ip = mtod(m, struct ip *); |
|
} |
|
|
|
/* |
/* |
* Look for queue of fragments |
* Look for queue of fragments |
Line 1288 static u_int fragttl_histo[(IPFRAGTTL+1) |
|
Line 1286 static u_int fragttl_histo[(IPFRAGTTL+1) |
|
static u_int |
static u_int |
ip_reass_ttl_decr(u_int ticks) |
ip_reass_ttl_decr(u_int ticks) |
{ |
{ |
u_int i, nfrags, median; |
u_int nfrags, median, dropfraction, keepfraction; |
struct ipq *fp, *nfp; |
struct ipq *fp, *nfp; |
u_int dropfraction, keepfraction; |
int i; |
|
|
nfrags = 0; |
nfrags = 0; |
memset(fragttl_histo, 0, sizeof fragttl_histo); |
memset(fragttl_histo, 0, sizeof fragttl_histo); |
Line 1519 ip_dooptions(m) |
|
Line 1517 ip_dooptions(m) |
|
bcopy((caddr_t)(cp + off), (caddr_t)&ipaddr.sin_addr, |
bcopy((caddr_t)(cp + off), (caddr_t)&ipaddr.sin_addr, |
sizeof(ipaddr.sin_addr)); |
sizeof(ipaddr.sin_addr)); |
if (opt == IPOPT_SSRR) |
if (opt == IPOPT_SSRR) |
ia = ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))); |
ia = ifatoia(ifa_ifwithladdr(sintosa(&ipaddr))); |
else |
else |
ia = ip_rtaddr(ipaddr.sin_addr); |
ia = ip_rtaddr(ipaddr.sin_addr); |
if (ia == 0) { |
if (ia == 0) { |
Line 2170 SYSCTL_SETUP(sysctl_net_inet_ip_setup, " |
|
Line 2168 SYSCTL_SETUP(sysctl_net_inet_ip_setup, " |
|
{ |
{ |
extern int subnetsarelocal, hostzeroisbroadcast; |
extern int subnetsarelocal, hostzeroisbroadcast; |
|
|
sysctl_createv(SYSCTL_PERMANENT, |
sysctl_createv(clog, 0, NULL, NULL, |
|
CTLFLAG_PERMANENT, |
CTLTYPE_NODE, "net", NULL, |
CTLTYPE_NODE, "net", NULL, |
NULL, 0, NULL, 0, |
NULL, 0, NULL, 0, |
CTL_NET, CTL_EOL); |
CTL_NET, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_NODE, "inet", NULL, |
CTLFLAG_PERMANENT, |
|
CTLTYPE_NODE, "inet", |
|
SYSCTL_DESCR("PF_INET related settings"), |
NULL, 0, NULL, 0, |
NULL, 0, NULL, 0, |
CTL_NET, PF_INET, CTL_EOL); |
CTL_NET, PF_INET, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_NODE, "ip", NULL, |
CTLFLAG_PERMANENT, |
|
CTLTYPE_NODE, "ip", |
|
SYSCTL_DESCR("IPv4 related settings"), |
NULL, 0, NULL, 0, |
NULL, 0, NULL, 0, |
CTL_NET, PF_INET, IPPROTO_IP, CTL_EOL); |
CTL_NET, PF_INET, IPPROTO_IP, CTL_EOL); |
|
|
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "forwarding", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "forwarding", |
|
SYSCTL_DESCR("Enable forwarding of INET datagrams"), |
NULL, 0, &ipforwarding, 0, |
NULL, 0, &ipforwarding, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_FORWARDING, CTL_EOL); |
IPCTL_FORWARDING, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "redirect", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "redirect", |
|
SYSCTL_DESCR("Enable sending of ICMP redirect messages"), |
NULL, 0, &ipsendredirects, 0, |
NULL, 0, &ipsendredirects, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_SENDREDIRECTS, CTL_EOL); |
IPCTL_SENDREDIRECTS, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "ttl", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "ttl", |
|
SYSCTL_DESCR("Default TTL for an INET datagram"), |
NULL, 0, &ip_defttl, 0, |
NULL, 0, &ip_defttl, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_DEFTTL, CTL_EOL); |
IPCTL_DEFTTL, CTL_EOL); |
#ifdef IPCTL_DEFMTU |
#ifdef IPCTL_DEFMTU |
sysctl_createv(SYSCTL_PERMANENT /* |SYSCTL_READWRITE? */, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "mtu", NULL, |
CTLFLAG_PERMANENT /* |CTLFLAG_READWRITE? */, |
|
CTLTYPE_INT, "mtu", |
|
SYSCTL_DESCR("Default MTA for an INET route"), |
NULL, 0, &ip_mtu, 0, |
NULL, 0, &ip_mtu, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_DEFMTU, CTL_EOL); |
IPCTL_DEFMTU, CTL_EOL); |
#endif /* IPCTL_DEFMTU */ |
#endif /* IPCTL_DEFMTU */ |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READONLY1, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "forwsrcrt", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READONLY1, |
|
CTLTYPE_INT, "forwsrcrt", |
|
SYSCTL_DESCR("Enable forwarding of source-routed " |
|
"datagrams"), |
NULL, 0, &ip_forwsrcrt, 0, |
NULL, 0, &ip_forwsrcrt, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_FORWSRCRT, CTL_EOL); |
IPCTL_FORWSRCRT, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "directed-broadcast", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "directed-broadcast", |
|
SYSCTL_DESCR("Enable forwarding of broadcast datagrams"), |
NULL, 0, &ip_directedbcast, 0, |
NULL, 0, &ip_directedbcast, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_DIRECTEDBCAST, CTL_EOL); |
IPCTL_DIRECTEDBCAST, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "allowsrcrt", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "allowsrcrt", |
|
SYSCTL_DESCR("Accept source-routed datagrams"), |
NULL, 0, &ip_allowsrcrt, 0, |
NULL, 0, &ip_allowsrcrt, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_ALLOWSRCRT, CTL_EOL); |
IPCTL_ALLOWSRCRT, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "subnetsarelocal", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "subnetsarelocal", |
|
SYSCTL_DESCR("Whether logical subnets are considered " |
|
"local"), |
NULL, 0, &subnetsarelocal, 0, |
NULL, 0, &subnetsarelocal, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_SUBNETSARELOCAL, CTL_EOL); |
IPCTL_SUBNETSARELOCAL, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "mtudisc", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "mtudisc", |
|
SYSCTL_DESCR("Use RFC1191 Path MTU Discovery"), |
NULL, 0, &ip_mtudisc, 0, |
NULL, 0, &ip_mtudisc, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_MTUDISC, CTL_EOL); |
IPCTL_MTUDISC, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "anonportmin", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "anonportmin", |
|
SYSCTL_DESCR("Lowest ephemeral port number to assign"), |
sysctl_net_inet_ip_ports, 0, &anonportmin, 0, |
sysctl_net_inet_ip_ports, 0, &anonportmin, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_ANONPORTMIN, CTL_EOL); |
IPCTL_ANONPORTMIN, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "anonportmax", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "anonportmax", |
|
SYSCTL_DESCR("Highest ephemeral port number to assign"), |
sysctl_net_inet_ip_ports, 0, &anonportmax, 0, |
sysctl_net_inet_ip_ports, 0, &anonportmax, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_ANONPORTMAX, CTL_EOL); |
IPCTL_ANONPORTMAX, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "mtudisctimeout", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "mtudisctimeout", |
|
SYSCTL_DESCR("Lifetime of a Path MTU Discovered route"), |
sysctl_net_inet_ip_pmtudto, 0, &ip_mtudisc_timeout, 0, |
sysctl_net_inet_ip_pmtudto, 0, &ip_mtudisc_timeout, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_MTUDISCTIMEOUT, CTL_EOL); |
IPCTL_MTUDISCTIMEOUT, CTL_EOL); |
#ifdef GATEWAY |
#ifdef GATEWAY |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "maxflows", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "maxflows", |
|
SYSCTL_DESCR("Number of flows for fast forwarding"), |
sysctl_net_inet_ip_maxflows, 0, &ip_maxflows, 0, |
sysctl_net_inet_ip_maxflows, 0, &ip_maxflows, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_MAXFLOWS, CTL_EOL); |
IPCTL_MAXFLOWS, CTL_EOL); |
#endif /* GATEWAY */ |
#endif /* GATEWAY */ |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "hostzerobroadcast", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "hostzerobroadcast", |
|
SYSCTL_DESCR("All zeroes address is broadcast address"), |
NULL, 0, &hostzeroisbroadcast, 0, |
NULL, 0, &hostzeroisbroadcast, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_HOSTZEROBROADCAST, CTL_EOL); |
IPCTL_HOSTZEROBROADCAST, CTL_EOL); |
#if NGIF > 0 |
#if NGIF > 0 |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "gifttl", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "gifttl", |
|
SYSCTL_DESCR("Default TTL for a gif tunnel datagram"), |
NULL, 0, &ip_gif_ttl, 0, |
NULL, 0, &ip_gif_ttl, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_GIF_TTL, CTL_EOL); |
IPCTL_GIF_TTL, CTL_EOL); |
#endif /* NGIF */ |
#endif /* NGIF */ |
#ifndef IPNOPRIVPORTS |
#ifndef IPNOPRIVPORTS |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "lowportmin", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "lowportmin", |
|
SYSCTL_DESCR("Lowest privileged ephemeral port number " |
|
"to assign"), |
sysctl_net_inet_ip_ports, 0, &lowportmin, 0, |
sysctl_net_inet_ip_ports, 0, &lowportmin, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_LOWPORTMIN, CTL_EOL); |
IPCTL_LOWPORTMIN, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "lowportmax", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "lowportmax", |
|
SYSCTL_DESCR("Highest privileged ephemeral port number " |
|
"to assign"), |
sysctl_net_inet_ip_ports, 0, &lowportmax, 0, |
sysctl_net_inet_ip_ports, 0, &lowportmax, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_LOWPORTMAX, CTL_EOL); |
IPCTL_LOWPORTMAX, CTL_EOL); |
#endif /* IPNOPRIVPORTS */ |
#endif /* IPNOPRIVPORTS */ |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "maxfragpackets", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "maxfragpackets", |
|
SYSCTL_DESCR("Maximum number of fragments to retain for " |
|
"possible reassembly"), |
NULL, 0, &ip_maxfragpackets, 0, |
NULL, 0, &ip_maxfragpackets, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_MAXFRAGPACKETS, CTL_EOL); |
IPCTL_MAXFRAGPACKETS, CTL_EOL); |
#if NGRE > 0 |
#if NGRE > 0 |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "grettl", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "grettl", |
|
SYSCTL_DESCR("Default TTL for a gre tunnel datagram"), |
NULL, 0, &ip_gre_ttl, 0, |
NULL, 0, &ip_gre_ttl, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_GRE_TTL, CTL_EOL); |
IPCTL_GRE_TTL, CTL_EOL); |
#endif /* NGRE */ |
#endif /* NGRE */ |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "checkinterface", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "checkinterface", |
|
SYSCTL_DESCR("Enable receive side of Strong ES model " |
|
"from RFC1122"), |
NULL, 0, &ip_checkinterface, 0, |
NULL, 0, &ip_checkinterface, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_CHECKINTERFACE, CTL_EOL); |
IPCTL_CHECKINTERFACE, CTL_EOL); |
sysctl_createv(SYSCTL_PERMANENT|SYSCTL_READWRITE, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLTYPE_INT, "random_id", NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "random_id", |
|
SYSCTL_DESCR("Assign random ip_id values"), |
NULL, 0, &ip_do_randomid, 0, |
NULL, 0, &ip_do_randomid, 0, |
CTL_NET, PF_INET, IPPROTO_IP, |
CTL_NET, PF_INET, IPPROTO_IP, |
IPCTL_RANDOMID, CTL_EOL); |
IPCTL_RANDOMID, CTL_EOL); |
|
sysctl_createv(clog, 0, NULL, NULL, |
|
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "do_loopback_cksum", |
|
SYSCTL_DESCR("Perform IP checksum on loopback"), |
|
NULL, 0, &ip_do_loopback_cksum, 0, |
|
CTL_NET, PF_INET, IPPROTO_IP, |
|
IPCTL_LOOPBACKCKSUM, CTL_EOL); |
} |
} |