version 1.262.6.4, 2008/10/05 20:11:33 |
version 1.268.2.5, 2010/03/11 15:04:28 |
|
|
__KERNEL_RCSID(0, "$NetBSD$"); |
__KERNEL_RCSID(0, "$NetBSD$"); |
|
|
#include "opt_inet.h" |
#include "opt_inet.h" |
|
#include "opt_compat_netbsd.h" |
#include "opt_gateway.h" |
#include "opt_gateway.h" |
#include "opt_pfil_hooks.h" |
#include "opt_pfil_hooks.h" |
#include "opt_ipsec.h" |
#include "opt_ipsec.h" |
Line 173 __KERNEL_RCSID(0, "$NetBSD$"); |
|
Line 174 __KERNEL_RCSID(0, "$NetBSD$"); |
|
#define IPMTUDISCTIMEOUT (10 * 60) /* as per RFC 1191 */ |
#define IPMTUDISCTIMEOUT (10 * 60) /* as per RFC 1191 */ |
#endif |
#endif |
|
|
|
#ifdef COMPAT_50 |
|
#include <compat/sys/time.h> |
|
#include <compat/sys/socket.h> |
|
#endif |
|
|
/* |
/* |
* Note: DIRECTED_BROADCAST is handled this way so that previous |
* Note: DIRECTED_BROADCAST is handled this way so that previous |
* configuration using this option will Just Work. |
* configuration using this option will Just Work. |
Line 377 struct mowner ip_rx_mowner = MOWNER_INIT |
|
Line 383 struct mowner ip_rx_mowner = MOWNER_INIT |
|
struct mowner ip_tx_mowner = MOWNER_INIT("internet", "tx"); |
struct mowner ip_tx_mowner = MOWNER_INIT("internet", "tx"); |
#endif |
#endif |
|
|
|
static void sysctl_net_inet_ip_setup(struct sysctllog **); |
|
|
/* |
/* |
* Compute IP limits derived from the value of nmbclusters. |
* Compute IP limits derived from the value of nmbclusters. |
*/ |
*/ |
|
|
const struct protosw *pr; |
const struct protosw *pr; |
int i; |
int i; |
|
|
|
sysctl_net_inet_ip_setup(NULL); |
|
|
pool_init(&inmulti_pool, sizeof(struct in_multi), 0, 0, 0, "inmltpl", |
pool_init(&inmulti_pool, sizeof(struct in_multi), 0, 0, 0, "inmltpl", |
NULL, IPL_SOFTNET); |
NULL, IPL_SOFTNET); |
pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", |
pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", |
|
|
*/ |
*/ |
if (ip->ip_tos != fp->ipq_tos) { |
if (ip->ip_tos != fp->ipq_tos) { |
IP_STATINC(IP_STAT_BADFRAGS); |
IP_STATINC(IP_STAT_BADFRAGS); |
|
IPQ_UNLOCK(); |
goto bad; |
goto bad; |
} |
} |
goto found; |
goto found; |
Line 1121 ip_reass(struct ipqent *ipqe, struct ipq |
|
Line 1132 ip_reass(struct ipqent *ipqe, struct ipq |
|
else if (ip_nfragpackets >= ip_maxfragpackets) |
else if (ip_nfragpackets >= ip_maxfragpackets) |
goto dropfrag; |
goto dropfrag; |
ip_nfragpackets++; |
ip_nfragpackets++; |
MALLOC(fp, struct ipq *, sizeof (struct ipq), |
fp = malloc(sizeof (struct ipq), M_FTABLE, M_NOWAIT); |
M_FTABLE, M_NOWAIT); |
|
if (fp == NULL) |
if (fp == NULL) |
goto dropfrag; |
goto dropfrag; |
LIST_INSERT_HEAD(ipqhead, fp, ipq_q); |
LIST_INSERT_HEAD(ipqhead, fp, ipq_q); |
|
|
ip->ip_src = fp->ipq_src; |
ip->ip_src = fp->ipq_src; |
ip->ip_dst = fp->ipq_dst; |
ip->ip_dst = fp->ipq_dst; |
LIST_REMOVE(fp, ipq_q); |
LIST_REMOVE(fp, ipq_q); |
FREE(fp, M_FTABLE); |
free(fp, M_FTABLE); |
ip_nfragpackets--; |
ip_nfragpackets--; |
m->m_len += (ip->ip_hl << 2); |
m->m_len += (ip->ip_hl << 2); |
m->m_data -= (ip->ip_hl << 2); |
m->m_data -= (ip->ip_hl << 2); |
Line 1306 ip_freef(struct ipq *fp) |
|
Line 1316 ip_freef(struct ipq *fp) |
|
printf("ip_freef: nfrags %d != %d\n", fp->ipq_nfrags, nfrags); |
printf("ip_freef: nfrags %d != %d\n", fp->ipq_nfrags, nfrags); |
ip_nfrags -= nfrags; |
ip_nfrags -= nfrags; |
LIST_REMOVE(fp, ipq_q); |
LIST_REMOVE(fp, ipq_q); |
FREE(fp, M_FTABLE); |
free(fp, M_FTABLE); |
ip_nfragpackets--; |
ip_nfragpackets--; |
} |
} |
|
|
Line 1556 ip_dooptions(struct mbuf *m) |
|
Line 1566 ip_dooptions(struct mbuf *m) |
|
/* |
/* |
* locate outgoing interface |
* locate outgoing interface |
*/ |
*/ |
bcopy((void *)(cp + off), (void *)&ipaddr.sin_addr, |
memcpy((void *)&ipaddr.sin_addr, (void *)(cp + off), |
sizeof(ipaddr.sin_addr)); |
sizeof(ipaddr.sin_addr)); |
if (opt == IPOPT_SSRR) |
if (opt == IPOPT_SSRR) |
ia = ifatoia(ifa_ifwithladdr(sintosa(&ipaddr))); |
ia = ifatoia(ifa_ifwithladdr(sintosa(&ipaddr))); |
Line 1592 ip_dooptions(struct mbuf *m) |
|
Line 1602 ip_dooptions(struct mbuf *m) |
|
off--; /* 0 origin */ |
off--; /* 0 origin */ |
if ((off + sizeof(struct in_addr)) > optlen) |
if ((off + sizeof(struct in_addr)) > optlen) |
break; |
break; |
bcopy((void *)(&ip->ip_dst), (void *)&ipaddr.sin_addr, |
memcpy((void *)&ipaddr.sin_addr, (void *)(&ip->ip_dst), |
sizeof(ipaddr.sin_addr)); |
sizeof(ipaddr.sin_addr)); |
/* |
/* |
* locate outgoing interface; if we're the destination, |
* locate outgoing interface; if we're the destination, |
Line 1659 ip_dooptions(struct mbuf *m) |
|
Line 1669 ip_dooptions(struct mbuf *m) |
|
(u_char *)ip; |
(u_char *)ip; |
goto bad; |
goto bad; |
} |
} |
bcopy(cp0, &ipaddr.sin_addr, |
memcpy(&ipaddr.sin_addr, cp0, |
sizeof(struct in_addr)); |
sizeof(struct in_addr)); |
if (ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))) |
if (ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))) |
== NULL) |
== NULL) |
Line 1733 save_rte(u_char *option, struct in_addr |
|
Line 1743 save_rte(u_char *option, struct in_addr |
|
#endif /* 0 */ |
#endif /* 0 */ |
if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst))) |
if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst))) |
return; |
return; |
bcopy((void *)option, (void *)ip_srcrt.srcopt, olen); |
memcpy((void *)ip_srcrt.srcopt, (void *)option, olen); |
ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr); |
ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr); |
ip_srcrt.dst = dst; |
ip_srcrt.dst = dst; |
} |
} |
Line 2051 ip_savecontrol(struct inpcb *inp, struct |
|
Line 2061 ip_savecontrol(struct inpcb *inp, struct |
|
struct mbuf *m) |
struct mbuf *m) |
{ |
{ |
|
|
if (inp->inp_socket->so_options & SO_TIMESTAMP) { |
if (inp->inp_socket->so_options & SO_TIMESTAMP |
|
#ifdef SO_OTIMESTAMP |
|
|| inp->inp_socket->so_options & SO_OTIMESTAMP |
|
#endif |
|
) { |
struct timeval tv; |
struct timeval tv; |
|
|
microtime(&tv); |
microtime(&tv); |
|
#ifdef SO_OTIMESTAMP |
|
if (inp->inp_socket->so_options & SO_OTIMESTAMP) { |
|
struct timeval50 tv50; |
|
timeval_to_timeval50(&tv, &tv50); |
|
*mp = sbcreatecontrol((void *) &tv50, sizeof(tv50), |
|
SCM_OTIMESTAMP, SOL_SOCKET); |
|
} else |
|
#endif |
*mp = sbcreatecontrol((void *) &tv, sizeof(tv), |
*mp = sbcreatecontrol((void *) &tv, sizeof(tv), |
SCM_TIMESTAMP, SOL_SOCKET); |
SCM_TIMESTAMP, SOL_SOCKET); |
if (*mp) |
if (*mp) |
Line 2100 ip_savecontrol(struct inpcb *inp, struct |
|
Line 2122 ip_savecontrol(struct inpcb *inp, struct |
|
if (*mp) |
if (*mp) |
mp = &(*mp)->m_next; |
mp = &(*mp)->m_next; |
} |
} |
|
if (inp->inp_flags & INP_RECVTTL) { |
|
*mp = sbcreatecontrol((void *) &ip->ip_ttl, |
|
sizeof(uint8_t), IP_RECVTTL, IPPROTO_IP); |
|
if (*mp) |
|
mp = &(*mp)->m_next; |
|
} |
} |
} |
|
|
/* |
/* |
Line 2118 sysctl_net_inet_ip_forwsrcrt(SYSCTLFN_AR |
|
Line 2146 sysctl_net_inet_ip_forwsrcrt(SYSCTLFN_AR |
|
if (error || newp == NULL) |
if (error || newp == NULL) |
return (error); |
return (error); |
|
|
if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_FORWSRCRT, |
error = kauth_authorize_network(l->l_cred, KAUTH_NETWORK_FORWSRCRT, |
0, NULL, NULL, NULL)) |
0, NULL, NULL, NULL); |
return (EPERM); |
if (error) |
|
return (error); |
|
|
ip_forwsrcrt = tmp; |
ip_forwsrcrt = tmp; |
|
|
Line 2182 sysctl_net_inet_ip_maxflows(SYSCTLFN_ARG |
|
Line 2211 sysctl_net_inet_ip_maxflows(SYSCTLFN_ARG |
|
|
|
static int |
static int |
sysctl_net_inet_ip_hashsize(SYSCTLFN_ARGS) |
sysctl_net_inet_ip_hashsize(SYSCTLFN_ARGS) |
{ |
{ |
int error, tmp; |
int error, tmp; |
struct sysctlnode node; |
struct sysctlnode node; |
|
|
Line 2210 sysctl_net_inet_ip_hashsize(SYSCTLFN_ARG |
|
Line 2239 sysctl_net_inet_ip_hashsize(SYSCTLFN_ARG |
|
* EINVAL if not a power of 2 |
* EINVAL if not a power of 2 |
*/ |
*/ |
error = EINVAL; |
error = EINVAL; |
} |
} |
|
|
return error; |
return error; |
} |
} |
Line 2223 sysctl_net_inet_ip_stats(SYSCTLFN_ARGS) |
|
Line 2252 sysctl_net_inet_ip_stats(SYSCTLFN_ARGS) |
|
return (NETSTAT_SYSCTL(ipstat_percpu, IP_NSTATS)); |
return (NETSTAT_SYSCTL(ipstat_percpu, IP_NSTATS)); |
} |
} |
|
|
SYSCTL_SETUP(sysctl_net_inet_ip_setup, "sysctl net.inet.ip subtree setup") |
static void |
|
sysctl_net_inet_ip_setup(struct sysctllog **clog) |
{ |
{ |
extern int subnetsarelocal, hostzeroisbroadcast; |
extern int subnetsarelocal, hostzeroisbroadcast; |
|
|