| version 1.187, 2018/01/30 14:49:25 |
version 1.193.2.5, 2018/05/21 04:36:16 |
| Line 123 __KERNEL_RCSID(0, "$NetBSD$"); |
|
| Line 123 __KERNEL_RCSID(0, "$NetBSD$"); |
|
| |
|
| #include "faith.h" |
#include "faith.h" |
| |
|
| #include <net/net_osdep.h> |
|
| |
|
| extern struct domain inet6domain; |
extern struct domain inet6domain; |
| |
|
| u_char ip6_protox[IPPROTO_MAX]; |
u_char ip6_protox[IPPROTO_MAX]; |
| Line 138 percpu_t *ip6_forward_rt_percpu __cachel |
|
| Line 136 percpu_t *ip6_forward_rt_percpu __cachel |
|
| |
|
| static void ip6_init2(void); |
static void ip6_init2(void); |
| static void ip6intr(void *); |
static void ip6intr(void *); |
| |
static bool ip6_badaddr(struct ip6_hdr *); |
| static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *); |
static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *); |
| |
|
| static int ip6_process_hopopts(struct mbuf *, u_int8_t *, int, u_int32_t *, |
static int ip6_process_hopopts(struct mbuf *, u_int8_t *, int, u_int32_t *, |
| u_int32_t *); |
u_int32_t *); |
| static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int); |
static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int); |
| static void sysctl_net_inet6_ip6_setup(struct sysctllog **); |
static void sysctl_net_inet6_ip6_setup(struct sysctllog **); |
| |
|
| Line 218 ip6intr(void *arg __unused) |
|
| Line 217 ip6intr(void *arg __unused) |
|
| { |
{ |
| struct mbuf *m; |
struct mbuf *m; |
| |
|
| SOFTNET_LOCK_UNLESS_NET_MPSAFE(); |
SOFTNET_KERNEL_LOCK_UNLESS_NET_MPSAFE(); |
| while ((m = pktq_dequeue(ip6_pktq)) != NULL) { |
while ((m = pktq_dequeue(ip6_pktq)) != NULL) { |
| struct psref psref; |
struct psref psref; |
| struct ifnet *rcvif = m_get_rcvif_psref(m, &psref); |
struct ifnet *rcvif = m_get_rcvif_psref(m, &psref); |
| Line 238 ip6intr(void *arg __unused) |
|
| Line 237 ip6intr(void *arg __unused) |
|
| ip6_input(m, rcvif); |
ip6_input(m, rcvif); |
| m_put_rcvif_psref(rcvif, &psref); |
m_put_rcvif_psref(rcvif, &psref); |
| } |
} |
| SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); |
SOFTNET_KERNEL_UNLOCK_UNLESS_NET_MPSAFE(); |
| } |
} |
| |
|
| void |
void |
| Line 248 ip6_input(struct mbuf *m, struct ifnet * |
|
| Line 247 ip6_input(struct mbuf *m, struct ifnet * |
|
| int hit, off = sizeof(struct ip6_hdr), nest; |
int hit, off = sizeof(struct ip6_hdr), nest; |
| u_int32_t plen; |
u_int32_t plen; |
| u_int32_t rtalert = ~0; |
u_int32_t rtalert = ~0; |
| int nxt, ours = 0, rh_present = 0; |
int nxt, ours = 0, rh_present = 0, frg_present; |
| struct ifnet *deliverifp = NULL; |
struct ifnet *deliverifp = NULL; |
| int srcrt = 0; |
int srcrt = 0; |
| struct rtentry *rt = NULL; |
struct rtentry *rt = NULL; |
| Line 320 ip6_input(struct mbuf *m, struct ifnet * |
|
| Line 319 ip6_input(struct mbuf *m, struct ifnet * |
|
| goto bad; |
goto bad; |
| } |
} |
| |
|
| |
if (ip6_badaddr(ip6)) { |
| |
IP6_STATINC(IP6_STAT_BADSCOPE); |
| |
in6_ifstat_inc(rcvif, ifs6_in_addrerr); |
| |
goto bad; |
| |
} |
| |
|
| /* |
/* |
| * Assume that we can create a fast-forward IP flow entry |
* Assume that we can create a fast-forward IP flow entry |
| * based on this packet. |
* based on this packet. |
| Line 332 ip6_input(struct mbuf *m, struct ifnet * |
|
| Line 337 ip6_input(struct mbuf *m, struct ifnet * |
|
| * not fast-forwarded, they must clear the M_CANFASTFWD flag. |
* not fast-forwarded, they must clear the M_CANFASTFWD flag. |
| * Note that filters must _never_ set this flag, as another filter |
* Note that filters must _never_ set this flag, as another filter |
| * in the list may have previously cleared it. |
* in the list may have previously cleared it. |
| */ |
* |
| /* |
* Don't call hooks if the packet has already been processed by |
| * let ipfilter look at packet on the wire, |
* IPsec (encapsulated, tunnel mode). |
| * not the decapsulated packet. |
|
| */ |
*/ |
| #if defined(IPSEC) |
#if defined(IPSEC) |
| if (!ipsec_used || !ipsec_indone(m)) |
if (!ipsec_used || !ipsec_indone(m)) |
| Line 350 ip6_input(struct mbuf *m, struct ifnet * |
|
| Line 354 ip6_input(struct mbuf *m, struct ifnet * |
|
| return; |
return; |
| if (m == NULL) |
if (m == NULL) |
| return; |
return; |
| |
KASSERT(m->m_len >= sizeof(struct ip6_hdr)); |
| ip6 = mtod(m, struct ip6_hdr *); |
ip6 = mtod(m, struct ip6_hdr *); |
| srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); |
srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); |
| } |
} |
| Line 369 ip6_input(struct mbuf *m, struct ifnet * |
|
| Line 374 ip6_input(struct mbuf *m, struct ifnet * |
|
| #endif |
#endif |
| |
|
| /* |
/* |
| * Check against address spoofing/corruption. |
|
| */ |
|
| if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) || |
|
| IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) { |
|
| /* |
|
| * XXX: "badscope" is not very suitable for a multicast source. |
|
| */ |
|
| IP6_STATINC(IP6_STAT_BADSCOPE); |
|
| in6_ifstat_inc(rcvif, ifs6_in_addrerr); |
|
| goto bad; |
|
| } |
|
| |
|
| /* |
|
| * The following check is not documented in specs. A malicious |
|
| * party may be able to use IPv4 mapped addr to confuse tcp/udp stack |
|
| * and bypass security checks (act as if it was from 127.0.0.1 by using |
|
| * IPv6 src ::ffff:127.0.0.1). Be cautious. |
|
| * |
|
| * This check chokes if we are in an SIIT cloud. As none of BSDs |
|
| * support IPv4-less kernel compilation, we cannot support SIIT |
|
| * environment at all. So, it makes more sense for us to reject any |
|
| * malicious packets for non-SIIT environment, than try to do a |
|
| * partial support for SIIT environment. |
|
| */ |
|
| if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || |
|
| IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { |
|
| IP6_STATINC(IP6_STAT_BADSCOPE); |
|
| in6_ifstat_inc(rcvif, ifs6_in_addrerr); |
|
| goto bad; |
|
| } |
|
| |
|
| #if 0 |
|
| /* |
|
| * Reject packets with IPv4 compatible addresses (auto tunnel). |
|
| * |
|
| * The code forbids auto tunnel relay case in RFC1933 (the check is |
|
| * stronger than RFC1933). We may want to re-enable it if mech-xx |
|
| * is revised to forbid relaying case. |
|
| */ |
|
| if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) || |
|
| IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) { |
|
| IP6_STATINC(IP6_STAT_BADSCOPE); |
|
| in6_ifstat_inc(rcvif, ifs6_in_addrerr); |
|
| goto bad; |
|
| } |
|
| #endif |
|
| |
|
| /* |
|
| * Disambiguate address scope zones (if there is ambiguity). |
* Disambiguate address scope zones (if there is ambiguity). |
| * We first make sure that the original source or destination address |
* We first make sure that the original source or destination address |
| * is not in our internal form for scoped addresses. Such addresses |
* is not in our internal form for scoped addresses. Such addresses |
|
|
| percpu_putref(ip6_forward_rt_percpu); |
percpu_putref(ip6_forward_rt_percpu); |
| |
|
| rh_present = 0; |
rh_present = 0; |
| |
frg_present = 0; |
| while (nxt != IPPROTO_DONE) { |
while (nxt != IPPROTO_DONE) { |
| if (ip6_hdrnestlimit && (++nest > ip6_hdrnestlimit)) { |
if (ip6_hdrnestlimit && (++nest > ip6_hdrnestlimit)) { |
| IP6_STATINC(IP6_STAT_TOOMANYHDR); |
IP6_STATINC(IP6_STAT_TOOMANYHDR); |
|
|
| goto bad; |
goto bad; |
| } |
} |
| |
|
| |
M_VERIFY_PACKET(m); |
| |
|
| /* |
/* |
| * protection against faulty packet - there should be |
* protection against faulty packet - there should be |
| * more sanity checks in header chain processing. |
* more sanity checks in header chain processing. |
|
|
| IP6_STATINC(IP6_STAT_BADOPTIONS); |
IP6_STATINC(IP6_STAT_BADOPTIONS); |
| goto bad; |
goto bad; |
| } |
} |
| |
} else if (nxt == IPPROTO_FRAGMENT) { |
| |
if (frg_present++) { |
| |
in6_ifstat_inc(rcvif, ifs6_in_hdrerr); |
| |
IP6_STATINC(IP6_STAT_BADOPTIONS); |
| |
goto bad; |
| |
} |
| } |
} |
| |
|
| #ifdef IPSEC |
#ifdef IPSEC |
|
|
| & PR_LASTHDR) != 0) { |
& PR_LASTHDR) != 0) { |
| int error; |
int error; |
| |
|
| error = ipsec6_input(m); |
error = ipsec_ip_input(m, false); |
| if (error) |
if (error) |
| goto bad; |
goto bad; |
| } |
} |
|
|
| return; |
return; |
| } |
} |
| |
|
| |
static bool |
| |
ip6_badaddr(struct ip6_hdr *ip6) |
| |
{ |
| |
/* Check against address spoofing/corruption. */ |
| |
if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) || |
| |
IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) { |
| |
return true; |
| |
} |
| |
|
| |
/* |
| |
* The following check is not documented in specs. A malicious |
| |
* party may be able to use IPv4 mapped addr to confuse tcp/udp stack |
| |
* and bypass security checks (act as if it was from 127.0.0.1 by using |
| |
* IPv6 src ::ffff:127.0.0.1). Be cautious. |
| |
* |
| |
* This check chokes if we are in an SIIT cloud. As none of BSDs |
| |
* support IPv4-less kernel compilation, we cannot support SIIT |
| |
* environment at all. So, it makes more sense for us to reject any |
| |
* malicious packets for non-SIIT environment, than try to do a |
| |
* partial support for SIIT environment. |
| |
*/ |
| |
if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || |
| |
IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { |
| |
return true; |
| |
} |
| |
|
| |
/* |
| |
* Reject packets with IPv4-compatible IPv6 addresses (RFC4291). |
| |
*/ |
| |
if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) || |
| |
IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) { |
| |
return true; |
| |
} |
| |
|
| |
return false; |
| |
} |
| |
|
| /* |
/* |
| * set/grab in6_ifaddr correspond to IPv6 destination address. |
* set/grab in6_ifaddr correspond to IPv6 destination address. |
| */ |
*/ |
| Line 848 ip6_hopopts_input(u_int32_t *plenp, u_in |
|
| Line 851 ip6_hopopts_input(u_int32_t *plenp, u_in |
|
| |
|
| /* validation of the length of the header */ |
/* validation of the length of the header */ |
| IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, |
IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, |
| sizeof(struct ip6_hdr), sizeof(struct ip6_hbh)); |
sizeof(struct ip6_hdr), sizeof(struct ip6_hbh)); |
| if (hbh == NULL) { |
if (hbh == NULL) { |
| IP6_STATINC(IP6_STAT_TOOSHORT); |
IP6_STATINC(IP6_STAT_TOOSHORT); |
| return -1; |
return -1; |
| } |
} |
| hbhlen = (hbh->ip6h_len + 1) << 3; |
hbhlen = (hbh->ip6h_len + 1) << 3; |
| IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr), |
IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr), |
| hbhlen); |
hbhlen); |
| if (hbh == NULL) { |
if (hbh == NULL) { |
| IP6_STATINC(IP6_STAT_TOOSHORT); |
IP6_STATINC(IP6_STAT_TOOSHORT); |
| return -1; |
return -1; |
| Line 865 ip6_hopopts_input(u_int32_t *plenp, u_in |
|
| Line 868 ip6_hopopts_input(u_int32_t *plenp, u_in |
|
| hbhlen -= sizeof(struct ip6_hbh); |
hbhlen -= sizeof(struct ip6_hbh); |
| |
|
| if (ip6_process_hopopts(m, (u_int8_t *)hbh + sizeof(struct ip6_hbh), |
if (ip6_process_hopopts(m, (u_int8_t *)hbh + sizeof(struct ip6_hbh), |
| hbhlen, rtalertp, plenp) < 0) |
hbhlen, rtalertp, plenp) < 0) |
| return (-1); |
return -1; |
| |
|
| *offp = off; |
*offp = off; |
| *mp = m; |
*mp = m; |
| return (0); |
return 0; |
| } |
} |
| |
|
| /* |
/* |
| Line 953 ip6_process_hopopts(struct mbuf *m, u_in |
|
| Line 956 ip6_process_hopopts(struct mbuf *m, u_in |
|
| |
|
| /* |
/* |
| * We may see jumbolen in unaligned location, so |
* We may see jumbolen in unaligned location, so |
| * we'd need to perform bcopy(). |
* we'd need to perform memcpy(). |
| */ |
*/ |
| memcpy(&jumboplen, opt + 2, sizeof(jumboplen)); |
memcpy(&jumboplen, opt + 2, sizeof(jumboplen)); |
| jumboplen = (u_int32_t)htonl(jumboplen); |
jumboplen = (u_int32_t)htonl(jumboplen); |
| Line 1047 ip6_unknown_opt(u_int8_t *optp, struct m |
|
| Line 1050 ip6_unknown_opt(u_int8_t *optp, struct m |
|
| return (-1); |
return (-1); |
| } |
} |
| |
|
| /* |
|
| * Create the "control" list for this pcb. |
|
| * |
|
| * The routine will be called from upper layer handlers like tcp6_input(). |
|
| * Thus the routine assumes that the caller (tcp6_input) have already |
|
| * called IP6_EXTHDR_CHECK() and all the extension headers are located in the |
|
| * very first mbuf on the mbuf chain. |
|
| * We may want to add some infinite loop prevention or sanity checks for safety. |
|
| * (This applies only when you are using KAME mbuf chain restriction, i.e. |
|
| * you are using IP6_EXTHDR_CHECK() not m_pulldown()) |
|
| */ |
|
| void |
void |
| ip6_savecontrol(struct in6pcb *in6p, struct mbuf **mp, |
ip6_savecontrol(struct in6pcb *in6p, struct mbuf **mp, |
| struct ip6_hdr *ip6, struct mbuf *m) |
struct ip6_hdr *ip6, struct mbuf *m) |
| Line 1070 ip6_savecontrol(struct in6pcb *in6p, str |
|
| Line 1062 ip6_savecontrol(struct in6pcb *in6p, str |
|
| #endif |
#endif |
| |
|
| if (SOOPT_TIMESTAMP(so->so_options)) |
if (SOOPT_TIMESTAMP(so->so_options)) |
| mp = sbsavetimestamp(so->so_options, m, mp); |
mp = sbsavetimestamp(so->so_options, mp); |
| |
|
| /* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */ |
/* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */ |
| if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) |
if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) |
| Line 1291 ip6_notify_pmtu(struct in6pcb *in6p, con |
|
| Line 1283 ip6_notify_pmtu(struct in6pcb *in6p, con |
|
| |
|
| if (sbappendaddr(&so->so_rcv, (const struct sockaddr *)dst, NULL, m_mtu) |
if (sbappendaddr(&so->so_rcv, (const struct sockaddr *)dst, NULL, m_mtu) |
| == 0) { |
== 0) { |
| |
soroverflow(so); |
| m_freem(m_mtu); |
m_freem(m_mtu); |
| /* XXX: should count statistics */ |
|
| } else |
} else |
| sorwakeup(so); |
sorwakeup(so); |
| |
|
| Line 1310 ip6_pullexthdr(struct mbuf *m, size_t of |
|
| Line 1302 ip6_pullexthdr(struct mbuf *m, size_t of |
|
| size_t elen; |
size_t elen; |
| struct mbuf *n; |
struct mbuf *n; |
| |
|
| #ifdef DIAGNOSTIC |
|
| switch (nxt) { |
|
| case IPPROTO_DSTOPTS: |
|
| case IPPROTO_ROUTING: |
|
| case IPPROTO_HOPOPTS: |
|
| case IPPROTO_AH: /* is it possible? */ |
|
| break; |
|
| default: |
|
| printf("ip6_pullexthdr: invalid nxt=%d\n", nxt); |
|
| } |
|
| #endif |
|
| |
|
| m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); |
m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); |
| if (nxt == IPPROTO_AH) |
if (nxt == IPPROTO_AH) |
| elen = (ip6e.ip6e_len + 2) << 2; |
elen = (ip6e.ip6e_len + 2) << 2; |
| Line 1404 ip6_nexthdr(struct mbuf *m, int off, int |
|
| Line 1384 ip6_nexthdr(struct mbuf *m, int off, int |
|
| |
|
| /* just in case */ |
/* just in case */ |
| if (m == NULL) |
if (m == NULL) |
| panic("ip6_nexthdr: m == NULL"); |
panic("%s: m == NULL", __func__); |
| if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len < off) |
if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len < off) |
| return -1; |
return -1; |
| |
|
| Line 1559 sysctl_net_inet6_ip6_stats(SYSCTLFN_ARGS |
|
| Line 1539 sysctl_net_inet6_ip6_stats(SYSCTLFN_ARGS |
|
| static void |
static void |
| sysctl_net_inet6_ip6_setup(struct sysctllog **clog) |
sysctl_net_inet6_ip6_setup(struct sysctllog **clog) |
| { |
{ |
| #ifdef RFC2292 |
|
| #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) |
|
| #else |
|
| #define IS2292(x, y) (y) |
|
| #endif |
|
| |
|
| sysctl_createv(clog, 0, NULL, NULL, |
sysctl_createv(clog, 0, NULL, NULL, |
| CTLFLAG_PERMANENT, |
CTLFLAG_PERMANENT, |
| Line 1599 sysctl_net_inet6_ip6_setup(struct sysctl |
|
| Line 1574 sysctl_net_inet6_ip6_setup(struct sysctl |
|
| NULL, 0, &ip6_defhlim, 0, |
NULL, 0, &ip6_defhlim, 0, |
| CTL_NET, PF_INET6, IPPROTO_IPV6, |
CTL_NET, PF_INET6, IPPROTO_IPV6, |
| IPV6CTL_DEFHLIM, CTL_EOL); |
IPV6CTL_DEFHLIM, CTL_EOL); |
| #ifdef notyet |
|
| sysctl_createv(clog, 0, NULL, NULL, |
|
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
| CTLTYPE_INT, "mtu", NULL, |
|
| NULL, 0, &, 0, |
|
| CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
| IPV6CTL_DEFMTU, CTL_EOL); |
|
| #endif |
|
| #ifdef __no_idea__ |
|
| sysctl_createv(clog, 0, NULL, NULL, |
|
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
| CTLTYPE_INT, "forwsrcrt", NULL, |
|
| NULL, 0, &?, 0, |
|
| CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
| IPV6CTL_FORWSRCRT, CTL_EOL); |
|
| sysctl_createv(clog, 0, NULL, NULL, |
|
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
| CTLTYPE_STRUCT, "mrtstats", NULL, |
|
| NULL, 0, &?, sizeof(?), |
|
| CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
| IPV6CTL_MRTSTATS, CTL_EOL); |
|
| sysctl_createv(clog, 0, NULL, NULL, |
|
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
| CTLTYPE_?, "mrtproto", NULL, |
|
| NULL, 0, &?, sizeof(?), |
|
| CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
| IPV6CTL_MRTPROTO, CTL_EOL); |
|
| #endif |
|
| sysctl_createv(clog, 0, NULL, NULL, |
sysctl_createv(clog, 0, NULL, NULL, |
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
| CTLTYPE_INT, "maxfragpackets", |
CTLTYPE_INT, "maxfragpackets", |
| Line 1635 sysctl_net_inet6_ip6_setup(struct sysctl |
|
| Line 1582 sysctl_net_inet6_ip6_setup(struct sysctl |
|
| NULL, 0, &ip6_maxfragpackets, 0, |
NULL, 0, &ip6_maxfragpackets, 0, |
| CTL_NET, PF_INET6, IPPROTO_IPV6, |
CTL_NET, PF_INET6, IPPROTO_IPV6, |
| IPV6CTL_MAXFRAGPACKETS, CTL_EOL); |
IPV6CTL_MAXFRAGPACKETS, CTL_EOL); |
| #ifdef __no_idea__ |
|
| sysctl_createv(clog, 0, NULL, NULL, |
|
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
| CTLTYPE_INT, "sourcecheck", NULL, |
|
| NULL, 0, &?, 0, |
|
| CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
| IPV6CTL_SOURCECHECK, CTL_EOL); |
|
| sysctl_createv(clog, 0, NULL, NULL, |
|
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
| CTLTYPE_INT, "sourcecheck_logint", NULL, |
|
| NULL, 0, &?, 0, |
|
| CTL_NET, PF_INET6, IPPROTO_IPV6, |
|
| IPV6CTL_SOURCECHECK_LOGINT, CTL_EOL); |
|
| #endif |
|
| sysctl_createv(clog, 0, NULL, NULL, |
sysctl_createv(clog, 0, NULL, NULL, |
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
| CTLTYPE_INT, "accept_rtadv", |
CTLTYPE_INT, "accept_rtadv", |
| Line 1680 sysctl_net_inet6_ip6_setup(struct sysctl |
|
| Line 1613 sysctl_net_inet6_ip6_setup(struct sysctl |
|
| sysctl_createv(clog, 0, NULL, NULL, |
sysctl_createv(clog, 0, NULL, NULL, |
| CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
| CTLTYPE_INT, "log_interval", |
CTLTYPE_INT, "log_interval", |
| SYSCTL_DESCR("Minumum interval between logging " |
SYSCTL_DESCR("Minimum interval between logging " |
| "unroutable packets"), |
"unroutable packets"), |
| NULL, 0, &ip6_log_interval, 0, |
NULL, 0, &ip6_log_interval, 0, |
| CTL_NET, PF_INET6, IPPROTO_IPV6, |
CTL_NET, PF_INET6, IPPROTO_IPV6, |
![[BACK]](/icons/back.gif){kind=icon}
Return to ip6_input.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / netinet6