version 1.116, 2008/04/15 03:57:04 |
version 1.141, 2012/11/29 02:07:20 |
|
|
#include <sys/cdefs.h> |
#include <sys/cdefs.h> |
__KERNEL_RCSID(0, "$NetBSD$"); |
__KERNEL_RCSID(0, "$NetBSD$"); |
|
|
|
#include "opt_gateway.h" |
#include "opt_inet.h" |
#include "opt_inet.h" |
#include "opt_inet6.h" |
#include "opt_inet6.h" |
#include "opt_ipsec.h" |
#include "opt_ipsec.h" |
#include "opt_pfil_hooks.h" |
#include "opt_pfil_hooks.h" |
|
#include "opt_compat_netbsd.h" |
|
|
#include <sys/param.h> |
#include <sys/param.h> |
#include <sys/systm.h> |
#include <sys/systm.h> |
Line 83 __KERNEL_RCSID(0, "$NetBSD$"); |
|
Line 85 __KERNEL_RCSID(0, "$NetBSD$"); |
|
#include <sys/syslog.h> |
#include <sys/syslog.h> |
#include <sys/proc.h> |
#include <sys/proc.h> |
#include <sys/sysctl.h> |
#include <sys/sysctl.h> |
|
#include <sys/cprng.h> |
|
|
#include <net/if.h> |
#include <net/if.h> |
#include <net/if_types.h> |
#include <net/if_types.h> |
Line 100 __KERNEL_RCSID(0, "$NetBSD$"); |
|
Line 103 __KERNEL_RCSID(0, "$NetBSD$"); |
|
#include <netinet/ip_icmp.h> |
#include <netinet/ip_icmp.h> |
#endif /* INET */ |
#endif /* INET */ |
#include <netinet/ip6.h> |
#include <netinet/ip6.h> |
|
#include <netinet/portalgo.h> |
#include <netinet6/in6_var.h> |
#include <netinet6/in6_var.h> |
#include <netinet6/ip6_var.h> |
#include <netinet6/ip6_var.h> |
#include <netinet6/ip6_private.h> |
#include <netinet6/ip6_private.h> |
Line 109 __KERNEL_RCSID(0, "$NetBSD$"); |
|
Line 113 __KERNEL_RCSID(0, "$NetBSD$"); |
|
#include <netinet6/in6_ifattach.h> |
#include <netinet6/in6_ifattach.h> |
#include <netinet6/nd6.h> |
#include <netinet6/nd6.h> |
|
|
#ifdef IPSEC |
|
#include <netinet6/ipsec.h> |
|
#endif |
|
|
|
#ifdef FAST_IPSEC |
#ifdef FAST_IPSEC |
#include <netipsec/ipsec.h> |
#include <netipsec/ipsec.h> |
#include <netipsec/ipsec6.h> |
#include <netipsec/ipsec6.h> |
#include <netipsec/key.h> |
#include <netipsec/key.h> |
#endif /* FAST_IPSEC */ |
#endif /* FAST_IPSEC */ |
|
|
|
#ifdef COMPAT_50 |
|
#include <compat/sys/time.h> |
|
#include <compat/sys/socket.h> |
|
#endif |
|
|
#include <netinet6/ip6protosw.h> |
#include <netinet6/ip6protosw.h> |
|
|
#include "faith.h" |
#include "faith.h" |
Line 152 percpu_t *ip6stat_percpu; |
|
Line 157 percpu_t *ip6stat_percpu; |
|
static void ip6_init2(void *); |
static void ip6_init2(void *); |
static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *); |
static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *); |
|
|
static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *); |
static int ip6_process_hopopts(struct mbuf *, u_int8_t *, int, u_int32_t *, |
|
u_int32_t *); |
static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int); |
static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int); |
|
static void sysctl_net_inet6_ip6_setup(struct sysctllog **); |
|
|
/* |
/* |
* IP6 initialization: fill in IP6 protocol switch table. |
* IP6 initialization: fill in IP6 protocol switch table. |
|
|
const struct ip6protosw *pr; |
const struct ip6protosw *pr; |
int i; |
int i; |
|
|
|
sysctl_net_inet6_ip6_setup(NULL); |
pr = (const struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW); |
pr = (const struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW); |
if (pr == 0) |
if (pr == 0) |
panic("ip6_init"); |
panic("ip6_init"); |
|
|
addrsel_policy_init(); |
addrsel_policy_init(); |
nd6_init(); |
nd6_init(); |
frag6_init(); |
frag6_init(); |
ip6_desync_factor = arc4random() % MAX_TEMP_DESYNC_FACTOR; |
ip6_desync_factor = cprng_fast32() % MAX_TEMP_DESYNC_FACTOR; |
|
|
ip6_init2((void *)0); |
ip6_init2(NULL); |
#ifdef GATEWAY |
#ifdef GATEWAY |
ip6flow_init(ip6_hashsize); |
ip6flow_init(ip6_hashsize); |
#endif |
#endif |
Line 205 ip6_init2(void *dummy) |
|
Line 213 ip6_init2(void *dummy) |
|
{ |
{ |
|
|
/* nd6_timer_init */ |
/* nd6_timer_init */ |
callout_init(&nd6_timer_ch, 0); |
callout_init(&nd6_timer_ch, CALLOUT_MPSAFE); |
callout_reset(&nd6_timer_ch, hz, nd6_timer, NULL); |
callout_reset(&nd6_timer_ch, hz, nd6_timer, NULL); |
|
|
/* timer for regeneranation of temporary addresses randomize ID */ |
/* timer for regeneranation of temporary addresses randomize ID */ |
callout_init(&in6_tmpaddrtimer_ch, 0); |
callout_init(&in6_tmpaddrtimer_ch, CALLOUT_MPSAFE); |
callout_reset(&in6_tmpaddrtimer_ch, |
callout_reset(&in6_tmpaddrtimer_ch, |
(ip6_temp_preferred_lifetime - ip6_desync_factor - |
(ip6_temp_preferred_lifetime - ip6_desync_factor - |
ip6_temp_regen_advance) * hz, |
ip6_temp_regen_advance) * hz, |
|
|
int s; |
int s; |
struct mbuf *m; |
struct mbuf *m; |
|
|
|
mutex_enter(softnet_lock); |
|
KERNEL_LOCK(1, NULL); |
for (;;) { |
for (;;) { |
s = splnet(); |
s = splnet(); |
IF_DEQUEUE(&ip6intrq, m); |
IF_DEQUEUE(&ip6intrq, m); |
splx(s); |
splx(s); |
if (m == 0) |
if (m == 0) |
return; |
break; |
/* drop the packet if IPv6 operation is disabled on the IF */ |
/* drop the packet if IPv6 operation is disabled on the IF */ |
if ((ND_IFINFO(m->m_pkthdr.rcvif)->flags & ND6_IFF_IFDISABLED)) { |
if ((ND_IFINFO(m->m_pkthdr.rcvif)->flags & ND6_IFF_IFDISABLED)) { |
m_freem(m); |
m_freem(m); |
return; |
break; |
} |
} |
ip6_input(m); |
ip6_input(m); |
} |
} |
|
KERNEL_UNLOCK_ONE(NULL); |
|
mutex_exit(softnet_lock); |
} |
} |
|
|
extern struct route ip6_forward_rt; |
extern struct route ip6_forward_rt; |
Line 264 ip6_input(struct mbuf *m) |
|
Line 276 ip6_input(struct mbuf *m) |
|
int s, error; |
int s, error; |
#endif |
#endif |
|
|
#ifdef IPSEC |
|
/* |
|
* should the inner packet be considered authentic? |
|
* see comment in ah4_input(). |
|
*/ |
|
m->m_flags &= ~M_AUTHIPHDR; |
|
m->m_flags &= ~M_AUTHIPDGM; |
|
#endif |
|
|
|
/* |
/* |
* make sure we don't have onion peering information into m_tag. |
* make sure we don't have onion peering information into m_tag. |
*/ |
*/ |
Line 336 ip6_input(struct mbuf *m) |
|
Line 339 ip6_input(struct mbuf *m) |
|
goto bad; |
goto bad; |
} |
} |
|
|
#if defined(IPSEC) |
|
/* IPv6 fast forwarding is not compatible with IPsec. */ |
|
m->m_flags &= ~M_CANFASTFWD; |
|
#else |
|
/* |
/* |
* Assume that we can create a fast-forward IP flow entry |
* Assume that we can create a fast-forward IP flow entry |
* based on this packet. |
* based on this packet. |
*/ |
*/ |
m->m_flags |= M_CANFASTFWD; |
m->m_flags |= M_CANFASTFWD; |
#endif |
|
|
|
#ifdef PFIL_HOOKS |
#ifdef PFIL_HOOKS |
/* |
/* |
Line 359 ip6_input(struct mbuf *m) |
|
Line 357 ip6_input(struct mbuf *m) |
|
* let ipfilter look at packet on the wire, |
* let ipfilter look at packet on the wire, |
* not the decapsulated packet. |
* not the decapsulated packet. |
*/ |
*/ |
#ifdef IPSEC |
#if defined(FAST_IPSEC) |
if (!ipsec_getnhist(m)) |
|
#elif defined(FAST_IPSEC) |
|
if (!ipsec_indone(m)) |
if (!ipsec_indone(m)) |
#else |
#else |
if (1) |
if (1) |
Line 770 ip6_input(struct mbuf *m) |
|
Line 766 ip6_input(struct mbuf *m) |
|
} |
} |
} |
} |
|
|
#ifdef IPSEC |
|
/* |
|
* enforce IPsec policy checking if we are seeing last header. |
|
* note that we do not visit this with protocols with pcb layer |
|
* code - like udp/tcp/raw ip. |
|
*/ |
|
if ((inet6sw[ip6_protox[nxt]].pr_flags & PR_LASTHDR) != 0 && |
|
ipsec6_in_reject(m, NULL)) { |
|
ipsec6stat.in_polvio++; |
|
goto bad; |
|
} |
|
#endif |
|
#ifdef FAST_IPSEC |
#ifdef FAST_IPSEC |
/* |
/* |
* enforce IPsec policy checking if we are seeing last header. |
* enforce IPsec policy checking if we are seeing last header. |
Line 867 ip6_getdstifaddr(struct mbuf *m) |
|
Line 851 ip6_getdstifaddr(struct mbuf *m) |
|
* |
* |
* rtalertp - XXX: should be stored more smart way |
* rtalertp - XXX: should be stored more smart way |
*/ |
*/ |
static int |
int |
ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp, |
ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp, |
struct mbuf **mp, int *offp) |
struct mbuf **mp, int *offp) |
{ |
{ |
Line 912 ip6_hopopts_input(u_int32_t *plenp, u_in |
|
Line 896 ip6_hopopts_input(u_int32_t *plenp, u_in |
|
* (RFC2460 p7), opthead is pointer into data content in m, and opthead to |
* (RFC2460 p7), opthead is pointer into data content in m, and opthead to |
* opthead + hbhlen is located in continuous memory region. |
* opthead + hbhlen is located in continuous memory region. |
*/ |
*/ |
int |
static int |
ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen, |
ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen, |
u_int32_t *rtalertp, u_int32_t *plenp) |
u_int32_t *rtalertp, u_int32_t *plenp) |
{ |
{ |
Line 949 ip6_process_hopopts(struct mbuf *m, u_in |
|
Line 933 ip6_process_hopopts(struct mbuf *m, u_in |
|
return (-1); |
return (-1); |
} |
} |
optlen = IP6OPT_RTALERT_LEN; |
optlen = IP6OPT_RTALERT_LEN; |
bcopy((void *)(opt + 2), (void *)&rtalert_val, 2); |
memcpy((void *)&rtalert_val, (void *)(opt + 2), 2); |
*rtalertp = ntohs(rtalert_val); |
*rtalertp = ntohs(rtalert_val); |
break; |
break; |
case IP6OPT_JUMBO: |
case IP6OPT_JUMBO: |
Line 984 ip6_process_hopopts(struct mbuf *m, u_in |
|
Line 968 ip6_process_hopopts(struct mbuf *m, u_in |
|
* We may see jumbolen in unaligned location, so |
* We may see jumbolen in unaligned location, so |
* we'd need to perform bcopy(). |
* we'd need to perform bcopy(). |
*/ |
*/ |
bcopy(opt + 2, &jumboplen, sizeof(jumboplen)); |
memcpy(&jumboplen, opt + 2, sizeof(jumboplen)); |
jumboplen = (u_int32_t)htonl(jumboplen); |
jumboplen = (u_int32_t)htonl(jumboplen); |
|
|
#if 1 |
#if 1 |
Line 1097 ip6_savecontrol(struct in6pcb *in6p, str |
|
Line 1081 ip6_savecontrol(struct in6pcb *in6p, str |
|
#define IS2292(x, y) (y) |
#define IS2292(x, y) (y) |
#endif |
#endif |
|
|
#ifdef SO_TIMESTAMP |
if (in6p->in6p_socket->so_options & SO_TIMESTAMP |
if (in6p->in6p_socket->so_options & SO_TIMESTAMP) { |
#ifdef SO_OTIMESTAMP |
|
|| in6p->in6p_socket->so_options & SO_OTIMESTAMP |
|
#endif |
|
) { |
struct timeval tv; |
struct timeval tv; |
|
|
microtime(&tv); |
microtime(&tv); |
|
#ifdef SO_OTIMESTAMP |
|
if (in6p->in6p_socket->so_options & SO_OTIMESTAMP) { |
|
struct timeval50 tv50; |
|
timeval_to_timeval50(&tv, &tv50); |
|
*mp = sbcreatecontrol((void *) &tv50, sizeof(tv50), |
|
SCM_OTIMESTAMP, SOL_SOCKET); |
|
} else |
|
#endif |
*mp = sbcreatecontrol((void *) &tv, sizeof(tv), |
*mp = sbcreatecontrol((void *) &tv, sizeof(tv), |
SCM_TIMESTAMP, SOL_SOCKET); |
SCM_TIMESTAMP, SOL_SOCKET); |
if (*mp) |
if (*mp) |
mp = &(*mp)->m_next; |
mp = &(*mp)->m_next; |
} |
} |
#endif |
|
|
|
/* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */ |
/* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */ |
if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) |
if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) |
Line 1117 ip6_savecontrol(struct in6pcb *in6p, str |
|
Line 1111 ip6_savecontrol(struct in6pcb *in6p, str |
|
if ((in6p->in6p_flags & IN6P_PKTINFO) != 0) { |
if ((in6p->in6p_flags & IN6P_PKTINFO) != 0) { |
struct in6_pktinfo pi6; |
struct in6_pktinfo pi6; |
|
|
bcopy(&ip6->ip6_dst, &pi6.ipi6_addr, sizeof(struct in6_addr)); |
memcpy(&pi6.ipi6_addr, &ip6->ip6_dst, sizeof(struct in6_addr)); |
in6_clearscope(&pi6.ipi6_addr); /* XXX */ |
in6_clearscope(&pi6.ipi6_addr); /* XXX */ |
pi6.ipi6_ifindex = m->m_pkthdr.rcvif ? |
pi6.ipi6_ifindex = m->m_pkthdr.rcvif ? |
m->m_pkthdr.rcvif->if_index : 0; |
m->m_pkthdr.rcvif->if_index : 0; |
Line 1252 ip6_savecontrol(struct in6pcb *in6p, str |
|
Line 1246 ip6_savecontrol(struct in6pcb *in6p, str |
|
|
|
switch (nxt) { |
switch (nxt) { |
case IPPROTO_DSTOPTS: |
case IPPROTO_DSTOPTS: |
if (!in6p->in6p_flags & IN6P_DSTOPTS) |
if (!(in6p->in6p_flags & IN6P_DSTOPTS)) |
break; |
break; |
|
|
*mp = sbcreatecontrol((void *)ip6e, elen, |
*mp = sbcreatecontrol((void *)ip6e, elen, |
Line 1263 ip6_savecontrol(struct in6pcb *in6p, str |
|
Line 1257 ip6_savecontrol(struct in6pcb *in6p, str |
|
break; |
break; |
|
|
case IPPROTO_ROUTING: |
case IPPROTO_ROUTING: |
if (!in6p->in6p_flags & IN6P_RTHDR) |
if (!(in6p->in6p_flags & IN6P_RTHDR)) |
break; |
break; |
|
|
*mp = sbcreatecontrol((void *)ip6e, elen, |
*mp = sbcreatecontrol((void *)ip6e, elen, |
Line 1557 ip6_addaux(struct mbuf *m) |
|
Line 1551 ip6_addaux(struct mbuf *m) |
|
M_NOWAIT); |
M_NOWAIT); |
if (mtag) { |
if (mtag) { |
m_tag_prepend(m, mtag); |
m_tag_prepend(m, mtag); |
bzero(mtag + 1, sizeof(struct ip6aux)); |
memset(mtag + 1, 0, sizeof(struct ip6aux)); |
} |
} |
} |
} |
return mtag; |
return mtag; |
Line 1590 ip6_delaux(struct mbuf *m) |
|
Line 1584 ip6_delaux(struct mbuf *m) |
|
static int |
static int |
sysctl_net_inet6_ip6_maxflows(SYSCTLFN_ARGS) |
sysctl_net_inet6_ip6_maxflows(SYSCTLFN_ARGS) |
{ |
{ |
int s; |
int error; |
|
|
s = sysctl_lookup(SYSCTLFN_CALL(rnode)); |
error = sysctl_lookup(SYSCTLFN_CALL(rnode)); |
if (s || newp == NULL) |
if (error || newp == NULL) |
return (s); |
return (error); |
|
|
s = splsoftnet(); |
mutex_enter(softnet_lock); |
ip6flow_reap(0); |
KERNEL_LOCK(1, NULL); |
splx(s); |
|
|
ip6flow_reap(0); |
|
|
|
KERNEL_UNLOCK_ONE(NULL); |
|
mutex_exit(softnet_lock); |
|
|
return (0); |
return (0); |
} |
} |
|
|
static int |
static int |
Line 1620 sysctl_net_inet6_ip6_hashsize(SYSCTLFN_A |
|
Line 1618 sysctl_net_inet6_ip6_hashsize(SYSCTLFN_A |
|
/* |
/* |
* Can only fail due to malloc() |
* Can only fail due to malloc() |
*/ |
*/ |
if (ip6flow_invalidate_all(tmp)) |
mutex_enter(softnet_lock); |
return ENOMEM; |
KERNEL_LOCK(1, NULL); |
|
|
|
error = ip6flow_invalidate_all(tmp); |
|
|
|
KERNEL_UNLOCK_ONE(NULL); |
|
mutex_exit(softnet_lock); |
} else { |
} else { |
/* |
/* |
* EINVAL if not a power of 2 |
* EINVAL if not a power of 2 |
*/ |
*/ |
return EINVAL; |
error = EINVAL; |
} |
} |
|
|
return (0); |
return error; |
} |
} |
#endif /* GATEWAY */ |
#endif /* GATEWAY */ |
|
|
Line 1637 sysctl_net_inet6_ip6_hashsize(SYSCTLFN_A |
|
Line 1640 sysctl_net_inet6_ip6_hashsize(SYSCTLFN_A |
|
* System control for IP6 |
* System control for IP6 |
*/ |
*/ |
|
|
u_char inet6ctlerrmap[PRC_NCMDS] = { |
const u_char inet6ctlerrmap[PRC_NCMDS] = { |
0, 0, 0, 0, |
0, 0, 0, 0, |
0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH, |
0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH, |
EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED, |
EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED, |
Line 1646 u_char inet6ctlerrmap[PRC_NCMDS] = { |
|
Line 1649 u_char inet6ctlerrmap[PRC_NCMDS] = { |
|
ENOPROTOOPT |
ENOPROTOOPT |
}; |
}; |
|
|
static void |
|
ip6stat_convert_to_user_cb(void *v1, void *v2, struct cpu_info *ci) |
|
{ |
|
uint64_t *ip6sc = v1; |
|
uint64_t *ip6s = v2; |
|
u_int i; |
|
|
|
for (i = 0; i < IP6_NSTATS; i++) |
|
ip6s[i] += ip6sc[i]; |
|
} |
|
|
|
static void |
|
ip6stat_convert_to_user(uint64_t *ip6s) |
|
{ |
|
|
|
memset(ip6s, 0, sizeof(uint64_t) * IP6_NSTATS); |
|
percpu_foreach(ip6stat_percpu, ip6stat_convert_to_user_cb, ip6s); |
|
} |
|
|
|
static int |
static int |
sysctl_net_inet6_ip6_stats(SYSCTLFN_ARGS) |
sysctl_net_inet6_ip6_stats(SYSCTLFN_ARGS) |
{ |
{ |
struct sysctlnode node; |
|
uint64_t ip6s[IP6_NSTATS]; |
|
|
|
ip6stat_convert_to_user(ip6s); |
return (NETSTAT_SYSCTL(ip6stat_percpu, IP6_NSTATS)); |
node = *rnode; |
|
node.sysctl_data = ip6s; |
|
node.sysctl_size = sizeof(ip6s); |
|
return (sysctl_lookup(SYSCTLFN_CALL(&node))); |
|
} |
} |
|
|
SYSCTL_SETUP(sysctl_net_inet6_ip6_setup, "sysctl net.inet6.ip6 subtree setup") |
static void |
|
sysctl_net_inet6_ip6_setup(struct sysctllog **clog) |
{ |
{ |
#ifdef RFC2292 |
#ifdef RFC2292 |
#define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) |
#define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) |
Line 1784 SYSCTL_SETUP(sysctl_net_inet6_ip6_setup, |
|
Line 1763 SYSCTL_SETUP(sysctl_net_inet6_ip6_setup, |
|
IPV6CTL_ACCEPT_RTADV, CTL_EOL); |
IPV6CTL_ACCEPT_RTADV, CTL_EOL); |
sysctl_createv(clog, 0, NULL, NULL, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "rtadv_maxroutes", |
|
SYSCTL_DESCR("Maximum number of routes accepted via router advertisements"), |
|
NULL, 0, &ip6_rtadv_maxroutes, 0, |
|
CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
IPV6CTL_RTADV_MAXROUTES, CTL_EOL); |
|
sysctl_createv(clog, 0, NULL, NULL, |
|
CTLFLAG_PERMANENT, |
|
CTLTYPE_INT, "rtadv_numroutes", |
|
SYSCTL_DESCR("Current number of routes accepted via router advertisements"), |
|
NULL, 0, &nd6_numroutes, 0, |
|
CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
IPV6CTL_RTADV_NUMROUTES, CTL_EOL); |
|
sysctl_createv(clog, 0, NULL, NULL, |
|
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
CTLTYPE_INT, "keepfaith", |
CTLTYPE_INT, "keepfaith", |
SYSCTL_DESCR("Activate faith interface"), |
SYSCTL_DESCR("Activate faith interface"), |
NULL, 0, &ip6_keepfaith, 0, |
NULL, 0, &ip6_keepfaith, 0, |
Line 1964 SYSCTL_SETUP(sysctl_net_inet6_ip6_setup, |
|
Line 1957 SYSCTL_SETUP(sysctl_net_inet6_ip6_setup, |
|
CTL_NET, PF_INET6, IPPROTO_IPV6, |
CTL_NET, PF_INET6, IPPROTO_IPV6, |
CTL_CREATE, CTL_EOL); |
CTL_CREATE, CTL_EOL); |
#endif |
#endif |
|
/* anonportalgo RFC6056 subtree */ |
|
const struct sysctlnode *portalgo_node; |
|
sysctl_createv(clog, 0, NULL, &portalgo_node, |
|
CTLFLAG_PERMANENT, |
|
CTLTYPE_NODE, "anonportalgo", |
|
SYSCTL_DESCR("Anonymous port algorithm selection (RFC 6056)"), |
|
NULL, 0, NULL, 0, |
|
CTL_NET, PF_INET6, IPPROTO_IPV6, CTL_CREATE, CTL_EOL); |
|
sysctl_createv(clog, 0, &portalgo_node, NULL, |
|
CTLFLAG_PERMANENT, |
|
CTLTYPE_STRING, "available", |
|
SYSCTL_DESCR("available algorithms"), |
|
sysctl_portalgo_available, 0, NULL, PORTALGO_MAXLEN, |
|
CTL_CREATE, CTL_EOL); |
|
sysctl_createv(clog, 0, &portalgo_node, NULL, |
|
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_STRING, "selected", |
|
SYSCTL_DESCR("selected algorithm"), |
|
sysctl_portalgo_selected6, 0, NULL, PORTALGO_MAXLEN, |
|
CTL_CREATE, CTL_EOL); |
|
sysctl_createv(clog, 0, &portalgo_node, NULL, |
|
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_STRUCT, "reserve", |
|
SYSCTL_DESCR("bitmap of reserved ports"), |
|
sysctl_portalgo_reserve6, 0, NULL, 0, |
|
CTL_CREATE, CTL_EOL); |
|
sysctl_createv(clog, 0, NULL, NULL, |
|
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "neighborgcthresh", |
|
SYSCTL_DESCR("Maximum number of entries in neighbor" |
|
" cache"), |
|
NULL, 1, &ip6_neighborgcthresh, 0, |
|
CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
CTL_CREATE, CTL_EOL); |
|
sysctl_createv(clog, 0, NULL, NULL, |
|
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "maxifprefixes", |
|
SYSCTL_DESCR("Maximum number of prefixes created by" |
|
" route advertisement per interface"), |
|
NULL, 1, &ip6_maxifprefixes, 0, |
|
CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
CTL_CREATE, CTL_EOL); |
|
sysctl_createv(clog, 0, NULL, NULL, |
|
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "maxifdefrouters", |
|
SYSCTL_DESCR("Maximum number of default routers created" |
|
" by route advertisement per interface"), |
|
NULL, 1, &ip6_maxifdefrouters, 0, |
|
CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
CTL_CREATE, CTL_EOL); |
|
sysctl_createv(clog, 0, NULL, NULL, |
|
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_INT, "maxdynroutes", |
|
SYSCTL_DESCR("Maximum number of routes created via" |
|
" redirect"), |
|
NULL, 1, &ip6_maxdynroutes, 0, |
|
CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
CTL_CREATE, CTL_EOL); |
} |
} |
|
|
void |
void |