Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v retrieving revision 1.53.2.4 retrieving revision 1.54 diff -u -p -r1.53.2.4 -r1.54 --- src/sys/netinet/ip_input.c 1998/11/15 19:18:13 1.53.2.4 +++ src/sys/netinet/ip_input.c 1998/01/05 09:52:04 1.54 @@ -1,4 +1,4 @@ -/* $NetBSD: ip_input.c,v 1.53.2.4 1998/11/15 19:18:13 cgd Exp $ */ +/* $NetBSD: ip_input.c,v 1.54 1998/01/05 09:52:04 lukem Exp $ */ /* * Copyright (c) 1982, 1986, 1988, 1993 @@ -35,43 +35,6 @@ * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 */ -/*- - * Copyright (c) 1998 The NetBSD Foundation, Inc. - * All rights reserved. - * - * This code is derived from software contributed to The NetBSD Foundation - * by Public Access Networks Corporation ("Panix"). It was developed under - * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the NetBSD - * Foundation, Inc. and its contributors. - * 4. Neither the name of The NetBSD Foundation nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS - * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - #include #include #include @@ -123,10 +86,6 @@ #ifndef IPMTUDISC #define IPMTUDISC 0 #endif -#ifndef IPMTUDISCTIMEOUT -#define IPMTUDISCTIMEOUT (10 * 60) /* as per RFC 1191 */ -#endif - /* * Note: DIRECTED_BROADCAST is handled this way so that previous @@ -146,19 +105,15 @@ int ip_forwsrcrt = IPFORWSRCRT; int ip_directedbcast = IPDIRECTEDBCAST; int ip_allowsrcrt = IPALLOWSRCRT; int ip_mtudisc = IPMTUDISC; -u_int ip_mtudisc_timeout = IPMTUDISCTIMEOUT; #ifdef DIAGNOSTIC int ipprintfs = 0; #endif -struct rttimer_queue *ip_mtudisc_timeout_q = NULL; - extern struct domain inetdomain; extern struct protosw inetsw[]; u_char ip_protox[IPPROTO_MAX]; int ipqmaxlen = IFQ_MAXLEN; struct in_ifaddrhead in_ifaddr; -struct in_ifaddrhashhead *in_ifaddrhashtbl; struct ifqueue ipintrq; /* @@ -202,11 +157,6 @@ ip_init() ip_id = time.tv_sec & 0xffff; ipintrq.ifq_maxlen = ipqmaxlen; TAILQ_INIT(&in_ifaddr); - in_ifaddrhashtbl = - hashinit(IN_IFADDR_HASH_SIZE, M_IFADDR, &in_ifaddrhash); - if (ip_mtudisc != 0) - ip_mtudisc_timeout_q = - rt_timer_queue_create(ip_mtudisc_timeout); } struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET }; @@ -223,7 +173,6 @@ ipintr() register struct mbuf *m; register struct ipq *fp; register struct in_ifaddr *ia; - register struct ifaddr *ifa; struct ipqent *ipqe; int hlen = 0, mff, len, s; #ifdef PFIL_HOOKS @@ -311,15 +260,12 @@ next: * Run through list of hooks for input packets. */ m0 = m; - for (pfh = pfil_hook_get(PFIL_IN); pfh; pfh = pfh->pfil_link.tqe_next) + for (pfh = pfil_hook_get(PFIL_IN); pfh; pfh = pfh->pfil_link.le_next) if (pfh->pfil_func) { rv = pfh->pfil_func(ip, hlen, m->m_pkthdr.rcvif, 0, &m0); if (rv) goto next; - m = m0; - if (m == NULL) - goto next; - ip = mtod(m, struct ip *); + ip = mtod(m = m0, struct ip *); } #endif /* PFIL_HOOKS */ @@ -336,13 +282,12 @@ next: /* * Check our list of addresses, to see if the packet is for us. */ - INADDR_TO_IA(ip->ip_dst, ia); - if (ia != NULL) goto ours; - if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) { - for (ifa = m->m_pkthdr.rcvif->if_addrlist.tqh_first; - ifa != NULL; ifa = ifa->ifa_list.tqe_next) { - if (ifa->ifa_addr->sa_family != AF_INET) continue; - ia = ifatoia(ifa); + for (ia = in_ifaddr.tqh_first; ia; ia = ia->ia_list.tqe_next) { + if (in_hosteq(ip->ip_dst, ia->ia_addr.sin_addr)) + goto ours; + if (((ip_directedbcast == 0) || (ip_directedbcast && + ia->ia_ifp == m->m_pkthdr.rcvif)) && + (ia->ia_ifp->if_flags & IFF_BROADCAST)) { if (in_hosteq(ip->ip_dst, ia->ia_broadaddr.sin_addr) || in_hosteq(ip->ip_dst, ia->ia_netbroadcast) || /* @@ -352,13 +297,14 @@ next: ip->ip_dst.s_addr == ia->ia_subnet || ip->ip_dst.s_addr == ia->ia_net) goto ours; - /* - * An interface with IP address zero accepts - * all packets that arrive on that interface. - */ - if (in_nullhost(ia->ia_addr.sin_addr)) - goto ours; } + /* + * An interface with IP address zero accepts + * all packets that arrive on that interface. + */ + if ((ia->ia_ifp == m->m_pkthdr.rcvif) && + in_nullhost(ia->ia_addr.sin_addr)) + goto ours; } if (IN_MULTICAST(ip->ip_dst.s_addr)) { struct in_multi *inm; @@ -492,7 +438,6 @@ found: goto next; ipstat.ips_reassembled++; ip = mtod(m, struct ip *); - hlen = ip->ip_hl << 2; } else if (fp) ip_freef(fp); @@ -1303,7 +1248,8 @@ ip_sysctl(name, namelen, oldp, oldlenp, size_t newlen; { extern int subnetsarelocal; - int error; + + int error, old; /* All sysctl names at this level are terminal. */ if (namelen != 1) @@ -1339,23 +1285,32 @@ ip_sysctl(name, namelen, oldp, oldlenp, return (sysctl_int(oldp, oldlenp, newp, newlen, &subnetsarelocal)); case IPCTL_MTUDISC: - error = sysctl_int(oldp, oldlenp, newp, newlen, - &ip_mtudisc); - if (ip_mtudisc != 0 && ip_mtudisc_timeout_q == NULL) { - ip_mtudisc_timeout_q = - rt_timer_queue_create(ip_mtudisc_timeout); - } else if (ip_mtudisc == 0 && ip_mtudisc_timeout_q != NULL) { - rt_timer_queue_destroy(ip_mtudisc_timeout_q, TRUE); - ip_mtudisc_timeout_q = NULL; + return (sysctl_int(oldp, oldlenp, newp, newlen, + &ip_mtudisc)); + case IPCTL_ANONPORTMIN: + old = anonportmin; + error = sysctl_int(oldp, oldlenp, newp, newlen, &anonportmin); + if (anonportmin >= anonportmax || anonportmin > 65535 +#ifndef IPNOPRIVPORTS + || anonportmin < IPPORT_RESERVED +#endif + ) { + anonportmin = old; + return (EINVAL); + } + return (error); + case IPCTL_ANONPORTMAX: + old = anonportmax; + error = sysctl_int(oldp, oldlenp, newp, newlen, &anonportmax); + if (anonportmin >= anonportmax || anonportmax > 65535 +#ifndef IPNOPRIVPORTS + || anonportmax < IPPORT_RESERVED +#endif + ) { + anonportmax = old; + return (EINVAL); } - return error; - case IPCTL_MTUDISCTIMEOUT: - error = sysctl_int(oldp, oldlenp, newp, newlen, - &ip_mtudisc_timeout); - if (ip_mtudisc_timeout_q != NULL) - rt_timer_queue_change(ip_mtudisc_timeout_q, - ip_mtudisc_timeout); - return (error); + return (error); default: return (EOPNOTSUPP); }