| version 1.211, 2005/02/03 22:56:42 |
version 1.212.2.2.4.1, 2007/09/17 20:16:58 |
| Line 200 int ipprintfs = 0; |
|
| Line 200 int ipprintfs = 0; |
|
| #endif |
#endif |
| |
|
| int ip_do_randomid = 0; |
int ip_do_randomid = 0; |
| int ip_do_loopback_cksum = 0; |
|
| |
|
| /* |
/* |
| * XXX - Setting ip_checkinterface mostly implements the receive side of |
* XXX - Setting ip_checkinterface mostly implements the receive side of |
| Line 223 struct rttimer_queue *ip_mtudisc_timeout |
|
| Line 222 struct rttimer_queue *ip_mtudisc_timeout |
|
| int ipqmaxlen = IFQ_MAXLEN; |
int ipqmaxlen = IFQ_MAXLEN; |
| u_long in_ifaddrhash; /* size of hash table - 1 */ |
u_long in_ifaddrhash; /* size of hash table - 1 */ |
| int in_ifaddrentries; /* total number of addrs */ |
int in_ifaddrentries; /* total number of addrs */ |
| struct in_ifaddrhead in_ifaddrhead; |
struct in_ifaddrhead in_ifaddrhead; |
| struct in_ifaddrhashhead *in_ifaddrhashtbl; |
struct in_ifaddrhashhead *in_ifaddrhashtbl; |
| u_long in_multihash; /* size of hash table - 1 */ |
u_long in_multihash; /* size of hash table - 1 */ |
| int in_multientries; /* total number of addrs */ |
int in_multientries; /* total number of addrs */ |
|
|
| (((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK) |
(((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK) |
| struct ipqhead ipq[IPREASS_NHASH]; |
struct ipqhead ipq[IPREASS_NHASH]; |
| int ipq_locked; |
int ipq_locked; |
| static int ip_nfragpackets; /* packets in reass queue */ |
static int ip_nfragpackets; /* packets in reass queue */ |
| static int ip_nfrags; /* total fragments in reass queues */ |
static int ip_nfrags; /* total fragments in reass queues */ |
| |
|
| int ip_maxfragpackets = 200; /* limit on packets. XXX sysctl */ |
int ip_maxfragpackets = 200; /* limit on packets. XXX sysctl */ |
| Line 267 int ip_maxfrags; /* limit on fr |
|
| Line 266 int ip_maxfrags; /* limit on fr |
|
| /* |
/* |
| * Additive-Increase/Multiplicative-Decrease (AIMD) strategy for |
* Additive-Increase/Multiplicative-Decrease (AIMD) strategy for |
| * IP reassembly queue buffer managment. |
* IP reassembly queue buffer managment. |
| * |
* |
| * We keep a count of total IP fragments (NB: not fragmented packets!) |
* We keep a count of total IP fragments (NB: not fragmented packets!) |
| * awaiting reassembly (ip_nfrags) and a limit (ip_maxfrags) on fragments. |
* awaiting reassembly (ip_nfrags) and a limit (ip_maxfrags) on fragments. |
| * If ip_nfrags exceeds ip_maxfrags the limit, we drop half the |
* If ip_nfrags exceeds ip_maxfrags the limit, we drop half the |
| Line 275 int ip_maxfrags; /* limit on fr |
|
| Line 274 int ip_maxfrags; /* limit on fr |
|
| * repeatedly deleting single packets under heavy fragmentation load |
* repeatedly deleting single packets under heavy fragmentation load |
| * (e.g., from lossy NFS peers). |
* (e.g., from lossy NFS peers). |
| */ |
*/ |
| static u_int ip_reass_ttl_decr(u_int ticks); |
static u_int ip_reass_ttl_decr(u_int ticks); |
| static void ip_reass_drophalf(void); |
static void ip_reass_drophalf(void); |
| |
|
| |
|
| Line 668 ip_input(struct mbuf *m) |
|
| Line 667 ip_input(struct mbuf *m) |
|
| * default route for hosts on 1.1.1.0/24. Of course this |
* default route for hosts on 1.1.1.0/24. Of course this |
| * also requires a "map tlp0 ..." to complete the story. |
* also requires a "map tlp0 ..." to complete the story. |
| * One might argue whether or not this kind of network config. |
* One might argue whether or not this kind of network config. |
| * should be supported in this manner... |
* should be supported in this manner... |
| */ |
*/ |
| srcrt = (odst.s_addr != ip->ip_dst.s_addr); |
srcrt = (odst.s_addr != ip->ip_dst.s_addr); |
| } |
} |
| Line 836 ip_input(struct mbuf *m) |
|
| Line 835 ip_input(struct mbuf *m) |
|
| sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND); |
sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND); |
| } else { |
} else { |
| sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND, |
sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND, |
| IP_FORWARDING, &error); |
IP_FORWARDING, &error); |
| } |
} |
| if (sp == NULL) { /* NB: can happen if error */ |
if (sp == NULL) { /* NB: can happen if error */ |
| splx(s); |
splx(s); |
|
|
| * done. If so, then just pass it along. This tag gets |
* done. If so, then just pass it along. This tag gets |
| * set during AH, ESP, etc. input handling, before the |
* set during AH, ESP, etc. input handling, before the |
| * packet is returned to the ip input queue for delivery. |
* packet is returned to the ip input queue for delivery. |
| */ |
*/ |
| mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL); |
mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL); |
| s = splsoftnet(); |
s = splsoftnet(); |
| if (mtag != NULL) { |
if (mtag != NULL) { |
|
|
| sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND); |
sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND); |
| } else { |
} else { |
| sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND, |
sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND, |
| IP_FORWARDING, &error); |
IP_FORWARDING, &error); |
| } |
} |
| if (sp != NULL) { |
if (sp != NULL) { |
| /* |
/* |
|
|
| /* XXX error stat??? */ |
/* XXX error stat??? */ |
| error = EINVAL; |
error = EINVAL; |
| DPRINTF(("ip_input: no SP, packet discarded\n"));/*XXX*/ |
DPRINTF(("ip_input: no SP, packet discarded\n"));/*XXX*/ |
| goto bad; |
|
| } |
} |
| splx(s); |
splx(s); |
| if (error) |
if (error) |
| Line 1075 ip_reass(struct ipqent *ipqe, struct ipq |
|
| Line 1073 ip_reass(struct ipqent *ipqe, struct ipq |
|
| * We are about to add a fragment; increment frag count. |
* We are about to add a fragment; increment frag count. |
| */ |
*/ |
| ip_nfrags++; |
ip_nfrags++; |
| |
|
| /* |
/* |
| * If first fragment to arrive, create a reassembly queue. |
* If first fragment to arrive, create a reassembly queue. |
| */ |
*/ |
|
|
| for (t = m; t; t = t->m_next) |
for (t = m; t; t = t->m_next) |
| plen += t->m_len; |
plen += t->m_len; |
| m->m_pkthdr.len = plen; |
m->m_pkthdr.len = plen; |
| |
m->m_pkthdr.csum_flags = 0; |
| } |
} |
| return (m); |
return (m); |
| |
|
| Line 1285 ip_reass_ttl_decr(u_int ticks) |
|
| Line 1284 ip_reass_ttl_decr(u_int ticks) |
|
| u_int nfrags, median, dropfraction, keepfraction; |
u_int nfrags, median, dropfraction, keepfraction; |
| struct ipq *fp, *nfp; |
struct ipq *fp, *nfp; |
| int i; |
int i; |
| |
|
| nfrags = 0; |
nfrags = 0; |
| memset(fragttl_histo, 0, sizeof fragttl_histo); |
memset(fragttl_histo, 0, sizeof fragttl_histo); |
| |
|
| for (i = 0; i < IPREASS_NHASH; i++) { |
for (i = 0; i < IPREASS_NHASH; i++) { |
| for (fp = LIST_FIRST(&ipq[i]); fp != NULL; fp = nfp) { |
for (fp = LIST_FIRST(&ipq[i]); fp != NULL; fp = nfp) { |
| fp->ipq_ttl = ((fp->ipq_ttl <= ticks) ? |
fp->ipq_ttl = ((fp->ipq_ttl <= ticks) ? |
| Line 2139 sysctl_net_inet_ip_maxflows(SYSCTLFN_ARG |
|
| Line 2138 sysctl_net_inet_ip_maxflows(SYSCTLFN_ARG |
|
| s = sysctl_lookup(SYSCTLFN_CALL(rnode)); |
s = sysctl_lookup(SYSCTLFN_CALL(rnode)); |
| if (s) |
if (s) |
| return (s); |
return (s); |
| |
|
| s = splsoftnet(); |
s = splsoftnet(); |
| ipflow_reap(0); |
ipflow_reap(0); |
| splx(s); |
splx(s); |
| Line 2170 SYSCTL_SETUP(sysctl_net_inet_ip_setup, " |
|
| Line 2169 SYSCTL_SETUP(sysctl_net_inet_ip_setup, " |
|
| SYSCTL_DESCR("IPv4 related settings"), |
SYSCTL_DESCR("IPv4 related settings"), |
| NULL, 0, NULL, 0, |
NULL, 0, NULL, 0, |
| CTL_NET, PF_INET, IPPROTO_IP, CTL_EOL); |
CTL_NET, PF_INET, IPPROTO_IP, CTL_EOL); |
| |
|
| sysctl_createv(clog, 0, NULL, NULL, |
sysctl_createv(clog, 0, NULL, NULL, |
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
| CTLTYPE_INT, "forwarding", |
CTLTYPE_INT, "forwarding", |
![[BACK]](/icons/back.gif){kind=icon}
Return to ip_input.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / netinet