version 1.267, 2008/04/23 06:09:04 |
version 1.275.4.1.8.2, 2011/01/07 03:17:44 |
|
|
* 2. Redistributions in binary form must reproduce the above copyright |
* 2. Redistributions in binary form must reproduce the above copyright |
* notice, this list of conditions and the following disclaimer in the |
* notice, this list of conditions and the following disclaimer in the |
* documentation and/or other materials provided with the distribution. |
* documentation and/or other materials provided with the distribution. |
* 3. All advertising materials mentioning features or use of this software |
|
* must display the following acknowledgement: |
|
* This product includes software developed by the NetBSD |
|
* Foundation, Inc. and its contributors. |
|
* 4. Neither the name of The NetBSD Foundation nor the names of its |
|
* contributors may be used to endorse or promote products derived |
|
* from this software without specific prior written permission. |
|
* |
* |
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS |
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS |
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED |
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED |
|
|
|
|
#define IPQ_UNLOCK() ipq_unlock() |
#define IPQ_UNLOCK() ipq_unlock() |
|
|
POOL_INIT(inmulti_pool, sizeof(struct in_multi), 0, 0, 0, "inmltpl", NULL, |
struct pool inmulti_pool; |
IPL_SOFTNET); |
struct pool ipqent_pool; |
POOL_INIT(ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", NULL, |
|
IPL_VM); |
|
|
|
#ifdef INET_CSUM_COUNTERS |
#ifdef INET_CSUM_COUNTERS |
#include <sys/device.h> |
#include <sys/device.h> |
|
|
const struct protosw *pr; |
const struct protosw *pr; |
int i; |
int i; |
|
|
|
pool_init(&inmulti_pool, sizeof(struct in_multi), 0, 0, 0, "inmltpl", |
|
NULL, IPL_SOFTNET); |
|
pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", |
|
NULL, IPL_VM); |
|
|
pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW); |
pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW); |
if (pr == 0) |
if (pr == 0) |
panic("ip_init"); |
panic("ip_init"); |
|
|
ip_nmbclusters_changed(); |
ip_nmbclusters_changed(); |
|
|
TAILQ_INIT(&in_ifaddrhead); |
TAILQ_INIT(&in_ifaddrhead); |
in_ifaddrhashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, M_IFADDR, |
in_ifaddrhashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, true, |
M_WAITOK, &in_ifaddrhash); |
&in_ifaddrhash); |
in_multihashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, M_IPMADDR, |
in_multihashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, true, |
M_WAITOK, &in_multihash); |
&in_multihash); |
ip_mtudisc_timeout_q = rt_timer_queue_create(ip_mtudisc_timeout); |
ip_mtudisc_timeout_q = rt_timer_queue_create(ip_mtudisc_timeout); |
#ifdef GATEWAY |
#ifdef GATEWAY |
ipflow_init(ip_hashsize); |
ipflow_init(ip_hashsize); |
|
|
int s; |
int s; |
struct mbuf *m; |
struct mbuf *m; |
|
|
|
mutex_enter(softnet_lock); |
|
KERNEL_LOCK(1, NULL); |
while (!IF_IS_EMPTY(&ipintrq)) { |
while (!IF_IS_EMPTY(&ipintrq)) { |
s = splnet(); |
s = splnet(); |
IF_DEQUEUE(&ipintrq, m); |
IF_DEQUEUE(&ipintrq, m); |
splx(s); |
splx(s); |
if (m == 0) |
if (m == NULL) |
return; |
break; |
ip_input(m); |
ip_input(m); |
} |
} |
|
KERNEL_UNLOCK_ONE(NULL); |
|
mutex_exit(softnet_lock); |
} |
} |
|
|
/* |
/* |
|
|
*/ |
*/ |
if (ip->ip_tos != fp->ipq_tos) { |
if (ip->ip_tos != fp->ipq_tos) { |
IP_STATINC(IP_STAT_BADFRAGS); |
IP_STATINC(IP_STAT_BADFRAGS); |
|
IPQ_UNLOCK(); |
goto bad; |
goto bad; |
} |
} |
goto found; |
goto found; |
Line 1389 ip_slowtimo(void) |
|
Line 1390 ip_slowtimo(void) |
|
static u_int dropscanidx = 0; |
static u_int dropscanidx = 0; |
u_int i; |
u_int i; |
u_int median_ttl; |
u_int median_ttl; |
int s = splsoftnet(); |
|
|
mutex_enter(softnet_lock); |
|
KERNEL_LOCK(1, NULL); |
|
|
IPQ_LOCK(); |
IPQ_LOCK(); |
|
|
Line 1431 ip_slowtimo(void) |
|
Line 1434 ip_slowtimo(void) |
|
dropscanidx = i; |
dropscanidx = i; |
} |
} |
IPQ_UNLOCK(); |
IPQ_UNLOCK(); |
splx(s); |
|
|
KERNEL_UNLOCK_ONE(NULL); |
|
mutex_exit(softnet_lock); |
} |
} |
|
|
/* |
/* |
* Drain off all datagram fragments. |
* Drain off all datagram fragments. Don't acquire softnet_lock as |
|
* can be called from hardware interrupt context. |
*/ |
*/ |
void |
void |
ip_drain(void) |
ip_drain(void) |
{ |
{ |
|
|
|
KERNEL_LOCK(1, NULL); |
|
|
/* |
/* |
* We may be called from a device's interrupt context. If |
* We may be called from a device's interrupt context. If |
* the ipq is already busy, just bail out now. |
* the ipq is already busy, just bail out now. |
*/ |
*/ |
if (ipq_lock_try() == 0) |
if (ipq_lock_try() != 0) { |
return; |
/* |
|
* Drop half the total fragments now. If more mbufs are |
/* |
* needed, we will be called again soon. |
* Drop half the total fragments now. If more mbufs are needed, |
*/ |
* we will be called again soon. |
ip_reass_drophalf(); |
*/ |
IPQ_UNLOCK(); |
ip_reass_drophalf(); |
} |
|
|
IPQ_UNLOCK(); |
KERNEL_UNLOCK_ONE(NULL); |
} |
} |
|
|
/* |
/* |
Line 1963 ip_forward(struct mbuf *m, int srcrt) |
|
Line 1971 ip_forward(struct mbuf *m, int srcrt) |
|
type = ICMP_UNREACH; |
type = ICMP_UNREACH; |
code = ICMP_UNREACH_NEEDFRAG; |
code = ICMP_UNREACH_NEEDFRAG; |
|
|
if ((rt = rtcache_validate(&ipforward_rt)) != NULL) { |
if ((rt = rtcache_validate(&ipforward_rt)) != NULL) |
|
destmtu = rt->rt_ifp->if_mtu; |
|
|
#if defined(IPSEC) || defined(FAST_IPSEC) |
#if defined(IPSEC) || defined(FAST_IPSEC) |
|
{ |
/* |
/* |
* If the packet is routed over IPsec tunnel, tell the |
* If the packet is routed over IPsec tunnel, tell the |
* originator the tunnel MTU. |
* originator the tunnel MTU. |
Line 1981 ip_forward(struct mbuf *m, int srcrt) |
|
Line 1991 ip_forward(struct mbuf *m, int srcrt) |
|
sp = ipsec4_getpolicybyaddr(mcopy, |
sp = ipsec4_getpolicybyaddr(mcopy, |
IPSEC_DIR_OUTBOUND, IP_FORWARDING, |
IPSEC_DIR_OUTBOUND, IP_FORWARDING, |
&ipsecerror); |
&ipsecerror); |
#endif |
|
|
|
destmtu = rt->rt_ifp->if_mtu; |
|
#if defined(IPSEC) || defined(FAST_IPSEC) |
|
if (sp != NULL) { |
if (sp != NULL) { |
/* count IPsec header size */ |
/* count IPsec header size */ |
ipsechdr = ipsec4_hdrsiz(mcopy, |
ipsechdr = ipsec4_hdrsiz(mcopy, |
Line 1999 ip_forward(struct mbuf *m, int srcrt) |
|
Line 2006 ip_forward(struct mbuf *m, int srcrt) |
|
&& sp->req->sav != NULL |
&& sp->req->sav != NULL |
&& sp->req->sav->sah != NULL) { |
&& sp->req->sav->sah != NULL) { |
ro = &sp->req->sav->sah->sa_route; |
ro = &sp->req->sav->sah->sa_route; |
|
rt = rtcache_validate(ro); |
if (rt && rt->rt_ifp) { |
if (rt && rt->rt_ifp) { |
destmtu = |
destmtu = |
rt->rt_rmx.rmx_mtu ? |
rt->rt_rmx.rmx_mtu ? |
Line 2014 ip_forward(struct mbuf *m, int srcrt) |
|
Line 2022 ip_forward(struct mbuf *m, int srcrt) |
|
KEY_FREESP(&sp); |
KEY_FREESP(&sp); |
#endif |
#endif |
} |
} |
#endif /*defined(IPSEC) || defined(FAST_IPSEC)*/ |
|
} |
} |
|
#endif /*defined(IPSEC) || defined(FAST_IPSEC)*/ |
IP_STATINC(IP_STAT_CANTFRAG); |
IP_STATINC(IP_STAT_CANTFRAG); |
break; |
break; |
|
|
Line 2139 sysctl_net_inet_ip_pmtudto(SYSCTLFN_ARGS |
|
Line 2147 sysctl_net_inet_ip_pmtudto(SYSCTLFN_ARGS |
|
if (tmp < 0) |
if (tmp < 0) |
return (EINVAL); |
return (EINVAL); |
|
|
|
mutex_enter(softnet_lock); |
|
|
ip_mtudisc_timeout = tmp; |
ip_mtudisc_timeout = tmp; |
rt_timer_queue_change(ip_mtudisc_timeout_q, ip_mtudisc_timeout); |
rt_timer_queue_change(ip_mtudisc_timeout_q, ip_mtudisc_timeout); |
|
|
|
mutex_exit(softnet_lock); |
|
|
return (0); |
return (0); |
} |
} |
|
|
Line 2152 sysctl_net_inet_ip_pmtudto(SYSCTLFN_ARGS |
|
Line 2164 sysctl_net_inet_ip_pmtudto(SYSCTLFN_ARGS |
|
static int |
static int |
sysctl_net_inet_ip_maxflows(SYSCTLFN_ARGS) |
sysctl_net_inet_ip_maxflows(SYSCTLFN_ARGS) |
{ |
{ |
int s; |
int error; |
|
|
s = sysctl_lookup(SYSCTLFN_CALL(rnode)); |
error = sysctl_lookup(SYSCTLFN_CALL(rnode)); |
if (s || newp == NULL) |
if (error || newp == NULL) |
return (s); |
return (error); |
|
|
|
mutex_enter(softnet_lock); |
|
KERNEL_LOCK(1, NULL); |
|
|
s = splsoftnet(); |
|
ipflow_prune(); |
ipflow_prune(); |
splx(s); |
|
|
KERNEL_UNLOCK_ONE(NULL); |
|
mutex_exit(softnet_lock); |
|
|
return (0); |
return (0); |
} |
} |
Line 2182 sysctl_net_inet_ip_hashsize(SYSCTLFN_ARG |
|
Line 2198 sysctl_net_inet_ip_hashsize(SYSCTLFN_ARG |
|
/* |
/* |
* Can only fail due to malloc() |
* Can only fail due to malloc() |
*/ |
*/ |
if (ipflow_invalidate_all(tmp)) |
mutex_enter(softnet_lock); |
return ENOMEM; |
KERNEL_LOCK(1, NULL); |
|
|
|
error = ipflow_invalidate_all(tmp); |
|
|
|
KERNEL_UNLOCK_ONE(NULL); |
|
mutex_exit(softnet_lock); |
|
|
} else { |
} else { |
/* |
/* |
* EINVAL if not a power of 2 |
* EINVAL if not a power of 2 |
*/ |
*/ |
return EINVAL; |
error = EINVAL; |
} |
} |
|
|
return (0); |
return error; |
} |
} |
#endif /* GATEWAY */ |
#endif /* GATEWAY */ |
|
|
static int |
static int |
sysctl_net_inet_ip_stats(SYSCTLFN_ARGS) |
sysctl_net_inet_ip_stats(SYSCTLFN_ARGS) |
{ |
{ |
netstat_sysctl_context ctx; |
|
uint64_t ips[IP_NSTATS]; |
|
|
|
ctx.ctx_stat = ipstat_percpu; |
return (NETSTAT_SYSCTL(ipstat_percpu, IP_NSTATS)); |
ctx.ctx_counters = ips; |
|
ctx.ctx_ncounters = IP_NSTATS; |
|
return (NETSTAT_SYSCTL(&ctx)); |
|
} |
} |
|
|
SYSCTL_SETUP(sysctl_net_inet_ip_setup, "sysctl net.inet.ip subtree setup") |
SYSCTL_SETUP(sysctl_net_inet_ip_setup, "sysctl net.inet.ip subtree setup") |