Annotation of src/sys/netinet6/in6_gif.c, Revision 1.14.4.1
1.14.4.1! he 1: /* $NetBSD: in6_gif.c,v 1.14 2000/04/19 06:30:56 itojun Exp $ */
! 2: /* $KAME: in6_gif.c,v 1.43 2001/01/22 07:27:17 itojun Exp $ */
1.3 thorpej 3:
1.2 itojun 4: /*
5: * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6: * All rights reserved.
1.14 itojun 7: *
1.2 itojun 8: * Redistribution and use in source and binary forms, with or without
9: * modification, are permitted provided that the following conditions
10: * are met:
11: * 1. Redistributions of source code must retain the above copyright
12: * notice, this list of conditions and the following disclaimer.
13: * 2. Redistributions in binary form must reproduce the above copyright
14: * notice, this list of conditions and the following disclaimer in the
15: * documentation and/or other materials provided with the distribution.
16: * 3. Neither the name of the project nor the names of its contributors
17: * may be used to endorse or promote products derived from this software
18: * without specific prior written permission.
1.14 itojun 19: *
1.2 itojun 20: * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23: * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30: * SUCH DAMAGE.
31: */
32:
33: /*
34: * in6_gif.c
35: */
36:
1.14 itojun 37: #if (defined(__FreeBSD__) && __FreeBSD__ >= 3) || defined(__NetBSD__)
1.2 itojun 38: #include "opt_inet.h"
1.14 itojun 39: #endif
1.2 itojun 40:
41: #include <sys/param.h>
42: #include <sys/systm.h>
43: #include <sys/socket.h>
44: #include <sys/sockio.h>
45: #include <sys/mbuf.h>
46: #include <sys/errno.h>
1.14 itojun 47: #if !(defined(__FreeBSD__) && __FreeBSD__ >= 3)
1.2 itojun 48: #include <sys/ioctl.h>
1.14 itojun 49: #endif
1.14.4.1! he 50: #include <sys/queue.h>
! 51: #include <sys/syslog.h>
1.14 itojun 52:
53: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
54: #include <sys/malloc.h>
55: #endif
1.2 itojun 56:
57: #include <net/if.h>
58: #include <net/route.h>
59:
60: #include <netinet/in.h>
61: #include <netinet/in_systm.h>
62: #ifdef INET
63: #include <netinet/ip.h>
64: #endif
1.14 itojun 65: #include <netinet/ip_encap.h>
1.11 itojun 66: #ifdef INET6
67: #include <netinet/ip6.h>
1.2 itojun 68: #include <netinet6/ip6_var.h>
69: #include <netinet6/in6_gif.h>
1.14 itojun 70: #include <netinet6/in6_var.h>
1.2 itojun 71: #endif
72: #include <netinet/ip_ecn.h>
73:
74: #include <net/if_gif.h>
75:
1.8 itojun 76: #include <net/net_osdep.h>
77:
1.2 itojun 78: int
79: in6_gif_output(ifp, family, m, rt)
80: struct ifnet *ifp;
81: int family; /* family of the packet to be encapsulate. */
82: struct mbuf *m;
83: struct rtentry *rt;
84: {
85: struct gif_softc *sc = (struct gif_softc*)ifp;
86: struct sockaddr_in6 *dst = (struct sockaddr_in6 *)&sc->gif_ro6.ro_dst;
87: struct sockaddr_in6 *sin6_src = (struct sockaddr_in6 *)sc->gif_psrc;
88: struct sockaddr_in6 *sin6_dst = (struct sockaddr_in6 *)sc->gif_pdst;
89: struct ip6_hdr *ip6;
90: int proto;
91: u_int8_t itos, otos;
92:
93: if (sin6_src == NULL || sin6_dst == NULL ||
94: sin6_src->sin6_family != AF_INET6 ||
95: sin6_dst->sin6_family != AF_INET6) {
96: m_freem(m);
97: return EAFNOSUPPORT;
98: }
99:
100: switch (family) {
101: #ifdef INET
102: case AF_INET:
103: {
104: struct ip *ip;
105:
106: proto = IPPROTO_IPV4;
107: if (m->m_len < sizeof(*ip)) {
108: m = m_pullup(m, sizeof(*ip));
109: if (!m)
110: return ENOBUFS;
111: }
112: ip = mtod(m, struct ip *);
113: itos = ip->ip_tos;
114: break;
115: }
116: #endif
117: #ifdef INET6
118: case AF_INET6:
119: {
120: struct ip6_hdr *ip6;
121: proto = IPPROTO_IPV6;
122: if (m->m_len < sizeof(*ip6)) {
123: m = m_pullup(m, sizeof(*ip6));
124: if (!m)
125: return ENOBUFS;
126: }
127: ip6 = mtod(m, struct ip6_hdr *);
128: itos = (ntohl(ip6->ip6_flow) >> 20) & 0xff;
129: break;
130: }
131: #endif
132: default:
1.12 itojun 133: #ifdef DEBUG
1.2 itojun 134: printf("in6_gif_output: warning: unknown family %d passed\n",
135: family);
136: #endif
137: m_freem(m);
138: return EAFNOSUPPORT;
139: }
140:
141: /* prepend new IP header */
142: M_PREPEND(m, sizeof(struct ip6_hdr), M_DONTWAIT);
143: if (m && m->m_len < sizeof(struct ip6_hdr))
144: m = m_pullup(m, sizeof(struct ip6_hdr));
145: if (m == NULL) {
146: printf("ENOBUFS in in6_gif_output %d\n", __LINE__);
147: return ENOBUFS;
148: }
149:
150: ip6 = mtod(m, struct ip6_hdr *);
151: ip6->ip6_flow = 0;
1.9 itojun 152: ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
153: ip6->ip6_vfc |= IPV6_VERSION;
1.2 itojun 154: ip6->ip6_plen = htons((u_short)m->m_pkthdr.len);
155: ip6->ip6_nxt = proto;
156: ip6->ip6_hlim = ip6_gif_hlim;
157: ip6->ip6_src = sin6_src->sin6_addr;
158: if (ifp->if_flags & IFF_LINK0) {
159: /* multi-destination mode */
160: if (!IN6_IS_ADDR_UNSPECIFIED(&sin6_dst->sin6_addr))
161: ip6->ip6_dst = sin6_dst->sin6_addr;
162: else if (rt) {
1.8 itojun 163: if (family != AF_INET6) {
164: m_freem(m);
165: return EINVAL; /*XXX*/
166: }
1.2 itojun 167: ip6->ip6_dst = ((struct sockaddr_in6 *)(rt->rt_gateway))->sin6_addr;
168: } else {
169: m_freem(m);
170: return ENETUNREACH;
171: }
172: } else {
173: /* bidirectional configured tunnel mode */
174: if (!IN6_IS_ADDR_UNSPECIFIED(&sin6_dst->sin6_addr))
175: ip6->ip6_dst = sin6_dst->sin6_addr;
176: else {
177: m_freem(m);
178: return ENETUNREACH;
179: }
180: }
181: if (ifp->if_flags & IFF_LINK1) {
182: otos = 0;
183: ip_ecn_ingress(ECN_ALLOWED, &otos, &itos);
184: ip6->ip6_flow |= htonl((u_int32_t)otos << 20);
185: }
186:
187: if (dst->sin6_family != sin6_dst->sin6_family ||
188: !IN6_ARE_ADDR_EQUAL(&dst->sin6_addr, &sin6_dst->sin6_addr)) {
189: /* cache route doesn't match */
190: bzero(dst, sizeof(*dst));
191: dst->sin6_family = sin6_dst->sin6_family;
192: dst->sin6_len = sizeof(struct sockaddr_in6);
193: dst->sin6_addr = sin6_dst->sin6_addr;
194: if (sc->gif_ro6.ro_rt) {
195: RTFREE(sc->gif_ro6.ro_rt);
196: sc->gif_ro6.ro_rt = NULL;
197: }
198: #if 0
199: sc->gif_if.if_mtu = GIF_MTU;
200: #endif
201: }
202:
203: if (sc->gif_ro6.ro_rt == NULL) {
204: rtalloc((struct route *)&sc->gif_ro6);
205: if (sc->gif_ro6.ro_rt == NULL) {
206: m_freem(m);
207: return ENETUNREACH;
208: }
1.14 itojun 209:
210: /* if it constitutes infinite encapsulation, punt. */
211: if (sc->gif_ro.ro_rt->rt_ifp == ifp) {
212: m_freem(m);
213: return ENETUNREACH; /*XXX*/
214: }
1.2 itojun 215: #if 0
216: ifp->if_mtu = sc->gif_ro6.ro_rt->rt_ifp->if_mtu
217: - sizeof(struct ip6_hdr);
218: #endif
219: }
220:
1.14 itojun 221: #ifdef IPV6_MINMTU
222: /*
223: * force fragmentation to minimum MTU, to avoid path MTU discovery.
224: * it is too painful to ask for resend of inner packet, to achieve
225: * path MTU discovery for encapsulated packets.
226: */
227: return(ip6_output(m, 0, &sc->gif_ro6, IPV6_MINMTU, 0, NULL));
228: #else
1.8 itojun 229: return(ip6_output(m, 0, &sc->gif_ro6, 0, 0, NULL));
1.14 itojun 230: #endif
1.2 itojun 231: }
232:
233: int in6_gif_input(mp, offp, proto)
234: struct mbuf **mp;
235: int *offp, proto;
236: {
237: struct mbuf *m = *mp;
238: struct ifnet *gifp = NULL;
239: struct ip6_hdr *ip6;
240: int af = 0;
241: u_int32_t otos;
242:
243: ip6 = mtod(m, struct ip6_hdr *);
244:
1.14 itojun 245: gifp = (struct ifnet *)encap_getarg(m);
1.2 itojun 246:
1.14 itojun 247: if (gifp == NULL || (gifp->if_flags & IFF_UP) == 0) {
1.2 itojun 248: m_freem(m);
249: ip6stat.ip6s_nogif++;
250: return IPPROTO_DONE;
251: }
1.14 itojun 252:
1.2 itojun 253: otos = ip6->ip6_flow;
254: m_adj(m, *offp);
255:
256: switch (proto) {
257: #ifdef INET
258: case IPPROTO_IPV4:
259: {
260: struct ip *ip;
261: u_int8_t otos8;
262: af = AF_INET;
263: otos8 = (ntohl(otos) >> 20) & 0xff;
264: if (m->m_len < sizeof(*ip)) {
265: m = m_pullup(m, sizeof(*ip));
266: if (!m)
267: return IPPROTO_DONE;
268: }
269: ip = mtod(m, struct ip *);
270: if (gifp->if_flags & IFF_LINK1)
271: ip_ecn_egress(ECN_ALLOWED, &otos8, &ip->ip_tos);
272: break;
273: }
274: #endif /* INET */
275: #ifdef INET6
276: case IPPROTO_IPV6:
277: {
278: struct ip6_hdr *ip6;
279: af = AF_INET6;
280: if (m->m_len < sizeof(*ip6)) {
281: m = m_pullup(m, sizeof(*ip6));
282: if (!m)
283: return IPPROTO_DONE;
284: }
285: ip6 = mtod(m, struct ip6_hdr *);
286: if (gifp->if_flags & IFF_LINK1)
287: ip6_ecn_egress(ECN_ALLOWED, &otos, &ip6->ip6_flow);
288: break;
289: }
290: #endif
291: default:
292: ip6stat.ip6s_nogif++;
293: m_freem(m);
294: return IPPROTO_DONE;
295: }
296:
297: gif_input(m, af, gifp);
298: return IPPROTO_DONE;
1.14 itojun 299: }
300:
301: /*
302: * we know that we are in IFF_UP, outer address available, and outer family
303: * matched the physical addr family. see gif_encapcheck().
304: */
305: int
306: gif_encapcheck6(m, off, proto, arg)
307: const struct mbuf *m;
308: int off;
309: int proto;
310: void *arg;
311: {
312: struct ip6_hdr ip6;
313: struct gif_softc *sc;
314: struct sockaddr_in6 *src, *dst;
315: int addrmatch;
316:
317: /* sanity check done in caller */
318: sc = (struct gif_softc *)arg;
319: src = (struct sockaddr_in6 *)sc->gif_psrc;
320: dst = (struct sockaddr_in6 *)sc->gif_pdst;
321:
322: /* LINTED const cast */
323: m_copydata((struct mbuf *)m, 0, sizeof(ip6), (caddr_t)&ip6);
324:
325: /* check for address match */
326: addrmatch = 0;
327: if (IN6_ARE_ADDR_EQUAL(&src->sin6_addr, &ip6.ip6_dst))
328: addrmatch |= 1;
329: if (IN6_ARE_ADDR_EQUAL(&dst->sin6_addr, &ip6.ip6_src))
330: addrmatch |= 2;
331: else if ((sc->gif_if.if_flags & IFF_LINK0) != 0 &&
332: IN6_IS_ADDR_UNSPECIFIED(&dst->sin6_addr)) {
333: addrmatch |= 2; /* we accept any source */
334: }
335: if (addrmatch != 3)
336: return 0;
337:
338: /* martian filters on outer source - done in ip6_input */
339:
340: /* ingress filters on outer source */
1.14.4.1! he 341: if ((sc->gif_if.if_flags & IFF_LINK2) == 0 &&
! 342: (m->m_flags & M_PKTHDR) != 0 && m->m_pkthdr.rcvif) {
1.14 itojun 343: struct sockaddr_in6 sin6;
344: struct rtentry *rt;
345:
346: bzero(&sin6, sizeof(sin6));
347: sin6.sin6_family = AF_INET6;
348: sin6.sin6_len = sizeof(struct sockaddr_in6);
349: sin6.sin6_addr = ip6.ip6_src;
350: /* XXX scopeid */
351: #ifdef __FreeBSD__
352: rt = rtalloc1((struct sockaddr *)&sin6, 0, 0UL);
353: #else
354: rt = rtalloc1((struct sockaddr *)&sin6, 0);
355: #endif
1.14.4.1! he 356: if (!rt || rt->rt_ifp != m->m_pkthdr.rcvif) {
! 357: #if 0
! 358: log(LOG_WARNING, "%s: packet from %s dropped "
! 359: "due to ingress filter\n", if_name(&sc->gif_if),
! 360: ip6_sprintf(&sin6.sin6_addr));
! 361: #endif
! 362: if (rt)
! 363: rtfree(rt);
1.14 itojun 364: return 0;
365: }
366: rtfree(rt);
367: }
368:
369: /* prioritize: IFF_LINK0 mode is less preferred */
370: return (sc->gif_if.if_flags & IFF_LINK0) ? 128 : 128 * 2;
1.2 itojun 371: }
CVSweb <webmaster@jp.NetBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to in6_gif.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / netinet6