Register keyword removal
[dragonfly.git] / sys / netinet / ip_input.c
CommitLineData
984263bc
MD
1/*
2 * Copyright (c) 1982, 1986, 1988, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 *
33 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94
34 * $FreeBSD: src/sys/netinet/ip_input.c,v 1.130.2.52 2003/03/07 07:01:28 silby Exp $
2256ba69 35 * $DragonFly: src/sys/netinet/ip_input.c,v 1.3 2003/07/26 21:00:04 rob Exp $
984263bc
MD
36 */
37
38#define _IP_VHL
39
40#include "opt_bootp.h"
41#include "opt_ipfw.h"
42#include "opt_ipdn.h"
43#include "opt_ipdivert.h"
44#include "opt_ipfilter.h"
45#include "opt_ipstealth.h"
46#include "opt_ipsec.h"
47#include "opt_random_ip_id.h"
48
49#include <sys/param.h>
50#include <sys/systm.h>
51#include <sys/mbuf.h>
52#include <sys/malloc.h>
53#include <sys/domain.h>
54#include <sys/protosw.h>
55#include <sys/socket.h>
56#include <sys/time.h>
57#include <sys/kernel.h>
58#include <sys/syslog.h>
59#include <sys/sysctl.h>
60
61#include <net/if.h>
62#include <net/if_types.h>
63#include <net/if_var.h>
64#include <net/if_dl.h>
65#include <net/route.h>
66#include <net/netisr.h>
67#include <net/intrq.h>
68
69#include <netinet/in.h>
70#include <netinet/in_systm.h>
71#include <netinet/in_var.h>
72#include <netinet/ip.h>
73#include <netinet/in_pcb.h>
74#include <netinet/ip_var.h>
75#include <netinet/ip_icmp.h>
76#include <machine/in_cksum.h>
77
78#include <netinet/ipprotosw.h>
79
80#include <sys/socketvar.h>
81
82#include <netinet/ip_fw.h>
83#include <netinet/ip_dummynet.h>
84
85#ifdef IPSEC
86#include <netinet6/ipsec.h>
87#include <netkey/key.h>
88#endif
89
90#ifdef FAST_IPSEC
91#include <netipsec/ipsec.h>
92#include <netipsec/key.h>
93#endif
94
95int rsvp_on = 0;
96static int ip_rsvp_on;
97struct socket *ip_rsvpd;
98
99int ipforwarding = 0;
100SYSCTL_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW,
101 &ipforwarding, 0, "Enable IP forwarding between interfaces");
102
103static int ipsendredirects = 1; /* XXX */
104SYSCTL_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW,
105 &ipsendredirects, 0, "Enable sending IP redirects");
106
107int ip_defttl = IPDEFTTL;
108SYSCTL_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW,
109 &ip_defttl, 0, "Maximum TTL on IP packets");
110
111static int ip_dosourceroute = 0;
112SYSCTL_INT(_net_inet_ip, IPCTL_SOURCEROUTE, sourceroute, CTLFLAG_RW,
113 &ip_dosourceroute, 0, "Enable forwarding source routed IP packets");
114
115static int ip_acceptsourceroute = 0;
116SYSCTL_INT(_net_inet_ip, IPCTL_ACCEPTSOURCEROUTE, accept_sourceroute,
117 CTLFLAG_RW, &ip_acceptsourceroute, 0,
118 "Enable accepting source routed IP packets");
119
120static int ip_keepfaith = 0;
121SYSCTL_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
122 &ip_keepfaith, 0,
123 "Enable packet capture for FAITH IPv4->IPv6 translater daemon");
124
125static int nipq = 0; /* total # of reass queues */
126static int maxnipq;
127SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragpackets, CTLFLAG_RW,
128 &maxnipq, 0,
129 "Maximum number of IPv4 fragment reassembly queue entries");
130
131static int maxfragsperpacket;
132SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW,
133 &maxfragsperpacket, 0,
134 "Maximum number of IPv4 fragments allowed per packet");
135
136static int ip_sendsourcequench = 0;
137SYSCTL_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW,
138 &ip_sendsourcequench, 0,
139 "Enable the transmission of source quench packets");
140
141/*
142 * XXX - Setting ip_checkinterface mostly implements the receive side of
143 * the Strong ES model described in RFC 1122, but since the routing table
144 * and transmit implementation do not implement the Strong ES model,
145 * setting this to 1 results in an odd hybrid.
146 *
147 * XXX - ip_checkinterface currently must be disabled if you use ipnat
148 * to translate the destination address to another local interface.
149 *
150 * XXX - ip_checkinterface must be disabled if you add IP aliases
151 * to the loopback interface instead of the interface where the
152 * packets for those addresses are received.
153 */
154static int ip_checkinterface = 0;
155SYSCTL_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW,
156 &ip_checkinterface, 0, "Verify packet arrives on correct interface");
157
158#ifdef DIAGNOSTIC
159static int ipprintfs = 0;
160#endif
161
162static int ipqmaxlen = IFQ_MAXLEN;
163
164extern struct domain inetdomain;
165extern struct ipprotosw inetsw[];
166u_char ip_protox[IPPROTO_MAX];
167struct in_ifaddrhead in_ifaddrhead; /* first inet address */
168struct in_ifaddrhashhead *in_ifaddrhashtbl; /* inet addr hash table */
169u_long in_ifaddrhmask; /* mask for hash table */
170SYSCTL_INT(_net_inet_ip, IPCTL_INTRQMAXLEN, intr_queue_maxlen, CTLFLAG_RW,
171 &ipintrq.ifq_maxlen, 0, "Maximum size of the IP input queue");
172SYSCTL_INT(_net_inet_ip, IPCTL_INTRQDROPS, intr_queue_drops, CTLFLAG_RD,
173 &ipintrq.ifq_drops, 0, "Number of packets dropped from the IP input queue");
174
175struct ipstat ipstat;
176SYSCTL_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW,
177 &ipstat, ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)");
178
179/* Packet reassembly stuff */
180#define IPREASS_NHASH_LOG2 6
181#define IPREASS_NHASH (1 << IPREASS_NHASH_LOG2)
182#define IPREASS_HMASK (IPREASS_NHASH - 1)
183#define IPREASS_HASH(x,y) \
184 (((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK)
185
186static struct ipq ipq[IPREASS_NHASH];
187const int ipintrq_present = 1;
188
189#ifdef IPCTL_DEFMTU
190SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
191 &ip_mtu, 0, "Default MTU");
192#endif
193
194#ifdef IPSTEALTH
195static int ipstealth = 0;
196SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW,
197 &ipstealth, 0, "");
198#endif
199
200
201/* Firewall hooks */
202ip_fw_chk_t *ip_fw_chk_ptr;
203int fw_enable = 1 ;
204int fw_one_pass = 1;
205
206/* Dummynet hooks */
207ip_dn_io_t *ip_dn_io_ptr;
208
209int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)) = NULL;
210
211/*
212 * XXX this is ugly -- the following two global variables are
213 * used to store packet state while it travels through the stack.
214 * Note that the code even makes assumptions on the size and
215 * alignment of fields inside struct ip_srcrt so e.g. adding some
216 * fields will break the code. This needs to be fixed.
217 *
218 * We need to save the IP options in case a protocol wants to respond
219 * to an incoming packet over the same route if the packet got here
220 * using IP source routing. This allows connection establishment and
221 * maintenance when the remote end is on a network that is not known
222 * to us.
223 */
224static int ip_nhops = 0;
225static struct ip_srcrt {
226 struct in_addr dst; /* final destination */
227 char nop; /* one NOP to align */
228 char srcopt[IPOPT_OFFSET + 1]; /* OPTVAL, OLEN and OFFSET */
229 struct in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)];
230} ip_srcrt;
231
232static void save_rte(u_char *, struct in_addr);
233static int ip_dooptions(struct mbuf *m, int,
234 struct sockaddr_in *next_hop);
235static void ip_forward(struct mbuf *m, int srcrt,
236 struct sockaddr_in *next_hop);
237static void ip_freef(struct ipq *);
238static struct mbuf *ip_reass(struct mbuf *, struct ipq *,
239 struct ipq *, u_int32_t *, u_int16_t *);
240static void ipintr(void);
241
242/*
243 * IP initialization: fill in IP protocol switch table.
244 * All protocols not implemented in kernel go to raw IP protocol handler.
245 */
246void
247ip_init()
248{
2256ba69
RG
249 struct ipprotosw *pr;
250 int i;
984263bc
MD
251
252 TAILQ_INIT(&in_ifaddrhead);
253 in_ifaddrhashtbl = hashinit(INADDR_NHASH, M_IFADDR, &in_ifaddrhmask);
254 pr = (struct ipprotosw *)pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW);
255 if (pr == 0)
256 panic("ip_init");
257 for (i = 0; i < IPPROTO_MAX; i++)
258 ip_protox[i] = pr - inetsw;
259 for (pr = (struct ipprotosw *)inetdomain.dom_protosw;
260 pr < (struct ipprotosw *)inetdomain.dom_protoswNPROTOSW; pr++)
261 if (pr->pr_domain->dom_family == PF_INET &&
262 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
263 ip_protox[pr->pr_protocol] = pr - inetsw;
264
265 for (i = 0; i < IPREASS_NHASH; i++)
266 ipq[i].next = ipq[i].prev = &ipq[i];
267
268 maxnipq = nmbclusters / 32;
269 maxfragsperpacket = 16;
270
271#ifndef RANDOM_IP_ID
272 ip_id = time_second & 0xffff;
273#endif
274 ipintrq.ifq_maxlen = ipqmaxlen;
275
276 register_netisr(NETISR_IP, ipintr);
277}
278
279/*
280 * XXX watch out this one. It is perhaps used as a cache for
281 * the most recently used route ? it is cleared in in_addroute()
282 * when a new route is successfully created.
283 */
284struct route ipforward_rt;
285static struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET };
286
287/*
288 * Ip input routine. Checksum and byte swap header. If fragmented
289 * try to reassemble. Process options. Pass to next level.
290 */
291void
292ip_input(struct mbuf *m)
293{
294 struct ip *ip;
295 struct ipq *fp;
296 struct in_ifaddr *ia = NULL;
297 struct ifaddr *ifa;
298 int i, hlen, checkif;
299 u_short sum;
300 struct in_addr pkt_dst;
301 u_int32_t divert_info = 0; /* packet divert/tee info */
302 struct ip_fw_args args;
303#ifdef FAST_IPSEC
304 struct m_tag *mtag;
305 struct tdb_ident *tdbi;
306 struct secpolicy *sp;
307 int s, error;
308#endif /* FAST_IPSEC */
309
310 args.eh = NULL;
311 args.oif = NULL;
312 args.rule = NULL;
313 args.divert_rule = 0; /* divert cookie */
314 args.next_hop = NULL;
315
316 /* Grab info from MT_TAG mbufs prepended to the chain. */
317 for (; m && m->m_type == MT_TAG; m = m->m_next) {
318 switch(m->_m_tag_id) {
319 default:
320 printf("ip_input: unrecognised MT_TAG tag %d\n",
321 m->_m_tag_id);
322 break;
323
324 case PACKET_TAG_DUMMYNET:
325 args.rule = ((struct dn_pkt *)m)->rule;
326 break;
327
328 case PACKET_TAG_DIVERT:
329 args.divert_rule = (int)m->m_hdr.mh_data & 0xffff;
330 break;
331
332 case PACKET_TAG_IPFORWARD:
333 args.next_hop = (struct sockaddr_in *)m->m_hdr.mh_data;
334 break;
335 }
336 }
337
338 KASSERT(m != NULL && (m->m_flags & M_PKTHDR) != 0,
339 ("ip_input: no HDR"));
340
341 if (args.rule) { /* dummynet already filtered us */
342 ip = mtod(m, struct ip *);
343 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
344 goto iphack ;
345 }
346
347 ipstat.ips_total++;
348
349 if (m->m_pkthdr.len < sizeof(struct ip))
350 goto tooshort;
351
352 if (m->m_len < sizeof (struct ip) &&
353 (m = m_pullup(m, sizeof (struct ip))) == 0) {
354 ipstat.ips_toosmall++;
355 return;
356 }
357 ip = mtod(m, struct ip *);
358
359 if (IP_VHL_V(ip->ip_vhl) != IPVERSION) {
360 ipstat.ips_badvers++;
361 goto bad;
362 }
363
364 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
365 if (hlen < sizeof(struct ip)) { /* minimum header length */
366 ipstat.ips_badhlen++;
367 goto bad;
368 }
369 if (hlen > m->m_len) {
370 if ((m = m_pullup(m, hlen)) == 0) {
371 ipstat.ips_badhlen++;
372 return;
373 }
374 ip = mtod(m, struct ip *);
375 }
376
377 /* 127/8 must not appear on wire - RFC1122 */
378 if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
379 (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
380 if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) {
381 ipstat.ips_badaddr++;
382 goto bad;
383 }
384 }
385
386 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
387 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
388 } else {
389 if (hlen == sizeof(struct ip)) {
390 sum = in_cksum_hdr(ip);
391 } else {
392 sum = in_cksum(m, hlen);
393 }
394 }
395 if (sum) {
396 ipstat.ips_badsum++;
397 goto bad;
398 }
399
400 /*
401 * Convert fields to host representation.
402 */
403 ip->ip_len = ntohs(ip->ip_len);
404 if (ip->ip_len < hlen) {
405 ipstat.ips_badlen++;
406 goto bad;
407 }
408 ip->ip_off = ntohs(ip->ip_off);
409
410 /*
411 * Check that the amount of data in the buffers
412 * is as at least much as the IP header would have us expect.
413 * Trim mbufs if longer than we expect.
414 * Drop packet if shorter than we expect.
415 */
416 if (m->m_pkthdr.len < ip->ip_len) {
417tooshort:
418 ipstat.ips_tooshort++;
419 goto bad;
420 }
421 if (m->m_pkthdr.len > ip->ip_len) {
422 if (m->m_len == m->m_pkthdr.len) {
423 m->m_len = ip->ip_len;
424 m->m_pkthdr.len = ip->ip_len;
425 } else
426 m_adj(m, ip->ip_len - m->m_pkthdr.len);
427 }
428#if defined(IPSEC) && !defined(IPSEC_FILTERGIF)
429 /*
430 * Bypass packet filtering for packets from a tunnel (gif).
431 */
432 if (ipsec_gethist(m, NULL))
433 goto pass;
434#endif
435
436 /*
437 * IpHack's section.
438 * Right now when no processing on packet has done
439 * and it is still fresh out of network we do our black
440 * deals with it.
441 * - Firewall: deny/allow/divert
442 * - Xlate: translate packet's addr/port (NAT).
443 * - Pipe: pass pkt through dummynet.
444 * - Wrap: fake packet's addr/port <unimpl.>
445 * - Encapsulate: put it in another IP and send out. <unimp.>
446 */
447
448iphack:
449 /*
450 * Check if we want to allow this packet to be processed.
451 * Consider it to be bad if not.
452 */
453 if (fr_checkp) {
454 struct mbuf *m1 = m;
455
456 if ((*fr_checkp)(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1)
457 return;
458 ip = mtod(m = m1, struct ip *);
459 }
460 if (fw_enable && IPFW_LOADED) {
461 /*
462 * If we've been forwarded from the output side, then
463 * skip the firewall a second time
464 */
465 if (args.next_hop)
466 goto ours;
467
468 args.m = m;
469 i = ip_fw_chk_ptr(&args);
470 m = args.m;
471
472 if ( (i & IP_FW_PORT_DENY_FLAG) || m == NULL) { /* drop */
473 if (m)
474 m_freem(m);
475 return;
476 }
477 ip = mtod(m, struct ip *); /* just in case m changed */
478 if (i == 0 && args.next_hop == NULL) /* common case */
479 goto pass;
480 if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG) != 0) {
481 /* Send packet to the appropriate pipe */
482 ip_dn_io_ptr(m, i&0xffff, DN_TO_IP_IN, &args);
483 return;
484 }
485#ifdef IPDIVERT
486 if (i != 0 && (i & IP_FW_PORT_DYNT_FLAG) == 0) {
487 /* Divert or tee packet */
488 divert_info = i;
489 goto ours;
490 }
491#endif
492 if (i == 0 && args.next_hop != NULL)
493 goto pass;
494 /*
495 * if we get here, the packet must be dropped
496 */
497 m_freem(m);
498 return;
499 }
500pass:
501
502 /*
503 * Process options and, if not destined for us,
504 * ship it on. ip_dooptions returns 1 when an
505 * error was detected (causing an icmp message
506 * to be sent and the original packet to be freed).
507 */
508 ip_nhops = 0; /* for source routed packets */
509 if (hlen > sizeof (struct ip) && ip_dooptions(m, 0, args.next_hop))
510 return;
511
512 /* greedy RSVP, snatches any PATH packet of the RSVP protocol and no
513 * matter if it is destined to another node, or whether it is
514 * a multicast one, RSVP wants it! and prevents it from being forwarded
515 * anywhere else. Also checks if the rsvp daemon is running before
516 * grabbing the packet.
517 */
518 if (rsvp_on && ip->ip_p==IPPROTO_RSVP)
519 goto ours;
520
521 /*
522 * Check our list of addresses, to see if the packet is for us.
523 * If we don't have any addresses, assume any unicast packet
524 * we receive might be for us (and let the upper layers deal
525 * with it).
526 */
527 if (TAILQ_EMPTY(&in_ifaddrhead) &&
528 (m->m_flags & (M_MCAST|M_BCAST)) == 0)
529 goto ours;
530
531 /*
532 * Cache the destination address of the packet; this may be
533 * changed by use of 'ipfw fwd'.
534 */
535 pkt_dst = args.next_hop ? args.next_hop->sin_addr : ip->ip_dst;
536
537 /*
538 * Enable a consistency check between the destination address
539 * and the arrival interface for a unicast packet (the RFC 1122
540 * strong ES model) if IP forwarding is disabled and the packet
541 * is not locally generated and the packet is not subject to
542 * 'ipfw fwd'.
543 *
544 * XXX - Checking also should be disabled if the destination
545 * address is ipnat'ed to a different interface.
546 *
547 * XXX - Checking is incompatible with IP aliases added
548 * to the loopback interface instead of the interface where
549 * the packets are received.
550 */
551 checkif = ip_checkinterface && (ipforwarding == 0) &&
552 m->m_pkthdr.rcvif != NULL &&
553 ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) &&
554 (args.next_hop == NULL);
555
556 /*
557 * Check for exact addresses in the hash bucket.
558 */
559 LIST_FOREACH(ia, INADDR_HASH(pkt_dst.s_addr), ia_hash) {
560 /*
561 * If the address matches, verify that the packet
562 * arrived via the correct interface if checking is
563 * enabled.
564 */
565 if (IA_SIN(ia)->sin_addr.s_addr == pkt_dst.s_addr &&
566 (!checkif || ia->ia_ifp == m->m_pkthdr.rcvif))
567 goto ours;
568 }
569 /*
570 * Check for broadcast addresses.
571 *
572 * Only accept broadcast packets that arrive via the matching
573 * interface. Reception of forwarded directed broadcasts would
574 * be handled via ip_forward() and ether_output() with the loopback
575 * into the stack for SIMPLEX interfaces handled by ether_output().
576 */
577 if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
578 TAILQ_FOREACH(ifa, &m->m_pkthdr.rcvif->if_addrhead, ifa_link) {
579 if (ifa->ifa_addr->sa_family != AF_INET)
580 continue;
581 ia = ifatoia(ifa);
582 if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
583 pkt_dst.s_addr)
584 goto ours;
585 if (ia->ia_netbroadcast.s_addr == pkt_dst.s_addr)
586 goto ours;
587#ifdef BOOTP_COMPAT
588 if (IA_SIN(ia)->sin_addr.s_addr == INADDR_ANY)
589 goto ours;
590#endif
591 }
592 }
593 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
594 struct in_multi *inm;
595 if (ip_mrouter) {
596 /*
597 * If we are acting as a multicast router, all
598 * incoming multicast packets are passed to the
599 * kernel-level multicast forwarding function.
600 * The packet is returned (relatively) intact; if
601 * ip_mforward() returns a non-zero value, the packet
602 * must be discarded, else it may be accepted below.
603 */
604 if (ip_mforward &&
605 ip_mforward(ip, m->m_pkthdr.rcvif, m, 0) != 0) {
606 ipstat.ips_cantforward++;
607 m_freem(m);
608 return;
609 }
610
611 /*
612 * The process-level routing daemon needs to receive
613 * all multicast IGMP packets, whether or not this
614 * host belongs to their destination groups.
615 */
616 if (ip->ip_p == IPPROTO_IGMP)
617 goto ours;
618 ipstat.ips_forward++;
619 }
620 /*
621 * See if we belong to the destination multicast group on the
622 * arrival interface.
623 */
624 IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);
625 if (inm == NULL) {
626 ipstat.ips_notmember++;
627 m_freem(m);
628 return;
629 }
630 goto ours;
631 }
632 if (ip->ip_dst.s_addr == (u_long)INADDR_BROADCAST)
633 goto ours;
634 if (ip->ip_dst.s_addr == INADDR_ANY)
635 goto ours;
636
637 /*
638 * FAITH(Firewall Aided Internet Translator)
639 */
640 if (m->m_pkthdr.rcvif && m->m_pkthdr.rcvif->if_type == IFT_FAITH) {
641 if (ip_keepfaith) {
642 if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_ICMP)
643 goto ours;
644 }
645 m_freem(m);
646 return;
647 }
648
649 /*
650 * Not for us; forward if possible and desirable.
651 */
652 if (ipforwarding == 0) {
653 ipstat.ips_cantforward++;
654 m_freem(m);
655 } else {
656#ifdef IPSEC
657 /*
658 * Enforce inbound IPsec SPD.
659 */
660 if (ipsec4_in_reject(m, NULL)) {
661 ipsecstat.in_polvio++;
662 goto bad;
663 }
664#endif /* IPSEC */
665#ifdef FAST_IPSEC
666 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
667 s = splnet();
668 if (mtag != NULL) {
669 tdbi = (struct tdb_ident *)(mtag + 1);
670 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
671 } else {
672 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
673 IP_FORWARDING, &error);
674 }
675 if (sp == NULL) { /* NB: can happen if error */
676 splx(s);
677 /*XXX error stat???*/
678 DPRINTF(("ip_input: no SP for forwarding\n")); /*XXX*/
679 goto bad;
680 }
681
682 /*
683 * Check security policy against packet attributes.
684 */
685 error = ipsec_in_reject(sp, m);
686 KEY_FREESP(&sp);
687 splx(s);
688 if (error) {
689 ipstat.ips_cantforward++;
690 goto bad;
691 }
692#endif /* FAST_IPSEC */
693 ip_forward(m, 0, args.next_hop);
694 }
695 return;
696
697ours:
698#ifdef IPSTEALTH
699 /*
700 * IPSTEALTH: Process non-routing options only
701 * if the packet is destined for us.
702 */
703 if (ipstealth && hlen > sizeof (struct ip) &&
704 ip_dooptions(m, 1, args.next_hop))
705 return;
706#endif /* IPSTEALTH */
707
708 /* Count the packet in the ip address stats */
709 if (ia != NULL) {
710 ia->ia_ifa.if_ipackets++;
711 ia->ia_ifa.if_ibytes += m->m_pkthdr.len;
712 }
713
714 /*
715 * If offset or IP_MF are set, must reassemble.
716 * Otherwise, nothing need be done.
717 * (We could look in the reassembly queue to see
718 * if the packet was previously fragmented,
719 * but it's not worth the time; just let them time out.)
720 */
721 if (ip->ip_off & (IP_MF | IP_OFFMASK)) {
722
723 /* If maxnipq is 0, never accept fragments. */
724 if (maxnipq == 0) {
725 ipstat.ips_fragments++;
726 ipstat.ips_fragdropped++;
727 goto bad;
728 }
729
730 sum = IPREASS_HASH(ip->ip_src.s_addr, ip->ip_id);
731 /*
732 * Look for queue of fragments
733 * of this datagram.
734 */
735 for (fp = ipq[sum].next; fp != &ipq[sum]; fp = fp->next)
736 if (ip->ip_id == fp->ipq_id &&
737 ip->ip_src.s_addr == fp->ipq_src.s_addr &&
738 ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
739 ip->ip_p == fp->ipq_p)
740 goto found;
741
742 fp = 0;
743
744 /*
745 * Enforce upper bound on number of fragmented packets
746 * for which we attempt reassembly;
747 * If maxnipq is -1, accept all fragments without limitation.
748 */
749 if ((nipq > maxnipq) && (maxnipq > 0)) {
750 /*
751 * drop something from the tail of the current queue
752 * before proceeding further
753 */
754 if (ipq[sum].prev == &ipq[sum]) { /* gak */
755 for (i = 0; i < IPREASS_NHASH; i++) {
756 if (ipq[i].prev != &ipq[i]) {
757 ipstat.ips_fragtimeout +=
758 ipq[i].prev->ipq_nfrags;
759 ip_freef(ipq[i].prev);
760 break;
761 }
762 }
763 } else {
764 ipstat.ips_fragtimeout += ipq[sum].prev->ipq_nfrags;
765 ip_freef(ipq[sum].prev);
766 }
767 }
768found:
769 /*
770 * Adjust ip_len to not reflect header,
771 * convert offset of this to bytes.
772 */
773 ip->ip_len -= hlen;
774 if (ip->ip_off & IP_MF) {
775 /*
776 * Make sure that fragments have a data length
777 * that's a non-zero multiple of 8 bytes.
778 */
779 if (ip->ip_len == 0 || (ip->ip_len & 0x7) != 0) {
780 ipstat.ips_toosmall++; /* XXX */
781 goto bad;
782 }
783 m->m_flags |= M_FRAG;
784 } else
785 m->m_flags &= ~M_FRAG;
786 ip->ip_off <<= 3;
787
788 /*
789 * Attempt reassembly; if it succeeds, proceed.
790 * ip_reass() will return a different mbuf, and update
791 * the divert info in divert_info and args.divert_rule.
792 */
793 ipstat.ips_fragments++;
794 m->m_pkthdr.header = ip;
795 m = ip_reass(m,
796 fp, &ipq[sum], &divert_info, &args.divert_rule);
797 if (m == 0)
798 return;
799 ipstat.ips_reassembled++;
800 ip = mtod(m, struct ip *);
801 /* Get the header length of the reassembled packet */
802 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
803#ifdef IPDIVERT
804 /* Restore original checksum before diverting packet */
805 if (divert_info != 0) {
806 ip->ip_len += hlen;
807 ip->ip_len = htons(ip->ip_len);
808 ip->ip_off = htons(ip->ip_off);
809 ip->ip_sum = 0;
810 if (hlen == sizeof(struct ip))
811 ip->ip_sum = in_cksum_hdr(ip);
812 else
813 ip->ip_sum = in_cksum(m, hlen);
814 ip->ip_off = ntohs(ip->ip_off);
815 ip->ip_len = ntohs(ip->ip_len);
816 ip->ip_len -= hlen;
817 }
818#endif
819 } else
820 ip->ip_len -= hlen;
821
822#ifdef IPDIVERT
823 /*
824 * Divert or tee packet to the divert protocol if required.
825 */
826 if (divert_info != 0) {
827 struct mbuf *clone = NULL;
828
829 /* Clone packet if we're doing a 'tee' */
830 if ((divert_info & IP_FW_PORT_TEE_FLAG) != 0)
831 clone = m_dup(m, M_DONTWAIT);
832
833 /* Restore packet header fields to original values */
834 ip->ip_len += hlen;
835 ip->ip_len = htons(ip->ip_len);
836 ip->ip_off = htons(ip->ip_off);
837
838 /* Deliver packet to divert input routine */
839 divert_packet(m, 1, divert_info & 0xffff, args.divert_rule);
840 ipstat.ips_delivered++;
841
842 /* If 'tee', continue with original packet */
843 if (clone == NULL)
844 return;
845 m = clone;
846 ip = mtod(m, struct ip *);
847 ip->ip_len += hlen;
848 /*
849 * Jump backwards to complete processing of the
850 * packet. But first clear divert_info to avoid
851 * entering this block again.
852 * We do not need to clear args.divert_rule
853 * or args.next_hop as they will not be used.
854 */
855 divert_info = 0;
856 goto pass;
857 }
858#endif
859
860#ifdef IPSEC
861 /*
862 * enforce IPsec policy checking if we are seeing last header.
863 * note that we do not visit this with protocols with pcb layer
864 * code - like udp/tcp/raw ip.
865 */
866 if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) != 0 &&
867 ipsec4_in_reject(m, NULL)) {
868 ipsecstat.in_polvio++;
869 goto bad;
870 }
871#endif
872#if FAST_IPSEC
873 /*
874 * enforce IPsec policy checking if we are seeing last header.
875 * note that we do not visit this with protocols with pcb layer
876 * code - like udp/tcp/raw ip.
877 */
878 if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) != 0) {
879 /*
880 * Check if the packet has already had IPsec processing
881 * done. If so, then just pass it along. This tag gets
882 * set during AH, ESP, etc. input handling, before the
883 * packet is returned to the ip input queue for delivery.
884 */
885 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
886 s = splnet();
887 if (mtag != NULL) {
888 tdbi = (struct tdb_ident *)(mtag + 1);
889 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
890 } else {
891 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
892 IP_FORWARDING, &error);
893 }
894 if (sp != NULL) {
895 /*
896 * Check security policy against packet attributes.
897 */
898 error = ipsec_in_reject(sp, m);
899 KEY_FREESP(&sp);
900 } else {
901 /* XXX error stat??? */
902 error = EINVAL;
903DPRINTF(("ip_input: no SP, packet discarded\n"));/*XXX*/
904 goto bad;
905 }
906 splx(s);
907 if (error)
908 goto bad;
909 }
910#endif /* FAST_IPSEC */
911
912 /*
913 * Switch out to protocol's input routine.
914 */
915 ipstat.ips_delivered++;
916 if (args.next_hop && ip->ip_p == IPPROTO_TCP) {
917 /* TCP needs IPFORWARD info if available */
918 struct m_hdr tag;
919
920 tag.mh_type = MT_TAG;
921 tag.mh_flags = PACKET_TAG_IPFORWARD;
922 tag.mh_data = (caddr_t)args.next_hop;
923 tag.mh_next = m;
924
925 (*inetsw[ip_protox[ip->ip_p]].pr_input)(
926 (struct mbuf *)&tag, hlen, ip->ip_p);
927 } else
928 (*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen, ip->ip_p);
929 return;
930bad:
931 m_freem(m);
932}
933
934/*
935 * IP software interrupt routine - to go away sometime soon
936 */
937static void
938ipintr(void)
939{
940 int s;
941 struct mbuf *m;
942
943 while(1) {
944 s = splimp();
945 IF_DEQUEUE(&ipintrq, m);
946 splx(s);
947 if (m == 0)
948 return;
949 ip_input(m);
950 }
951}
952
953/*
954 * Take incoming datagram fragment and try to reassemble it into
955 * whole datagram. If a chain for reassembly of this datagram already
956 * exists, then it is given as fp; otherwise have to make a chain.
957 *
958 * When IPDIVERT enabled, keep additional state with each packet that
959 * tells us if we need to divert or tee the packet we're building.
960 * In particular, *divinfo includes the port and TEE flag,
961 * *divert_rule is the number of the matching rule.
962 */
963
964static struct mbuf *
965ip_reass(struct mbuf *m, struct ipq *fp, struct ipq *where,
966 u_int32_t *divinfo, u_int16_t *divert_rule)
967{
968 struct ip *ip = mtod(m, struct ip *);
2256ba69 969 struct mbuf *p = 0, *q, *nq;
984263bc
MD
970 struct mbuf *t;
971 int hlen = IP_VHL_HL(ip->ip_vhl) << 2;
972 int i, next;
973
974 /*
975 * Presence of header sizes in mbufs
976 * would confuse code below.
977 */
978 m->m_data += hlen;
979 m->m_len -= hlen;
980
981 /*
982 * If first fragment to arrive, create a reassembly queue.
983 */
984 if (fp == 0) {
985 if ((t = m_get(M_DONTWAIT, MT_FTABLE)) == NULL)
986 goto dropfrag;
987 fp = mtod(t, struct ipq *);
988 insque(fp, where);
989 nipq++;
990 fp->ipq_nfrags = 1;
991 fp->ipq_ttl = IPFRAGTTL;
992 fp->ipq_p = ip->ip_p;
993 fp->ipq_id = ip->ip_id;
994 fp->ipq_src = ip->ip_src;
995 fp->ipq_dst = ip->ip_dst;
996 fp->ipq_frags = m;
997 m->m_nextpkt = NULL;
998#ifdef IPDIVERT
999 fp->ipq_div_info = 0;
1000 fp->ipq_div_cookie = 0;
1001#endif
1002 goto inserted;
1003 } else {
1004 fp->ipq_nfrags++;
1005 }
1006
1007#define GETIP(m) ((struct ip*)((m)->m_pkthdr.header))
1008
1009 /*
1010 * Find a segment which begins after this one does.
1011 */
1012 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt)
1013 if (GETIP(q)->ip_off > ip->ip_off)
1014 break;
1015
1016 /*
1017 * If there is a preceding segment, it may provide some of
1018 * our data already. If so, drop the data from the incoming
1019 * segment. If it provides all of our data, drop us, otherwise
1020 * stick new segment in the proper place.
1021 *
1022 * If some of the data is dropped from the the preceding
1023 * segment, then it's checksum is invalidated.
1024 */
1025 if (p) {
1026 i = GETIP(p)->ip_off + GETIP(p)->ip_len - ip->ip_off;
1027 if (i > 0) {
1028 if (i >= ip->ip_len)
1029 goto dropfrag;
1030 m_adj(m, i);
1031 m->m_pkthdr.csum_flags = 0;
1032 ip->ip_off += i;
1033 ip->ip_len -= i;
1034 }
1035 m->m_nextpkt = p->m_nextpkt;
1036 p->m_nextpkt = m;
1037 } else {
1038 m->m_nextpkt = fp->ipq_frags;
1039 fp->ipq_frags = m;
1040 }
1041
1042 /*
1043 * While we overlap succeeding segments trim them or,
1044 * if they are completely covered, dequeue them.
1045 */
1046 for (; q != NULL && ip->ip_off + ip->ip_len > GETIP(q)->ip_off;
1047 q = nq) {
1048 i = (ip->ip_off + ip->ip_len) -
1049 GETIP(q)->ip_off;
1050 if (i < GETIP(q)->ip_len) {
1051 GETIP(q)->ip_len -= i;
1052 GETIP(q)->ip_off += i;
1053 m_adj(q, i);
1054 q->m_pkthdr.csum_flags = 0;
1055 break;
1056 }
1057 nq = q->m_nextpkt;
1058 m->m_nextpkt = nq;
1059 ipstat.ips_fragdropped++;
1060 fp->ipq_nfrags--;
1061 m_freem(q);
1062 }
1063
1064inserted:
1065
1066#ifdef IPDIVERT
1067 /*
1068 * Transfer firewall instructions to the fragment structure.
1069 * Only trust info in the fragment at offset 0.
1070 */
1071 if (ip->ip_off == 0) {
1072 fp->ipq_div_info = *divinfo;
1073 fp->ipq_div_cookie = *divert_rule;
1074 }
1075 *divinfo = 0;
1076 *divert_rule = 0;
1077#endif
1078
1079 /*
1080 * Check for complete reassembly and perform frag per packet
1081 * limiting.
1082 *
1083 * Frag limiting is performed here so that the nth frag has
1084 * a chance to complete the packet before we drop the packet.
1085 * As a result, n+1 frags are actually allowed per packet, but
1086 * only n will ever be stored. (n = maxfragsperpacket.)
1087 *
1088 */
1089 next = 0;
1090 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt) {
1091 if (GETIP(q)->ip_off != next) {
1092 if (fp->ipq_nfrags > maxfragsperpacket) {
1093 ipstat.ips_fragdropped += fp->ipq_nfrags;
1094 ip_freef(fp);
1095 }
1096 return (0);
1097 }
1098 next += GETIP(q)->ip_len;
1099 }
1100 /* Make sure the last packet didn't have the IP_MF flag */
1101 if (p->m_flags & M_FRAG) {
1102 if (fp->ipq_nfrags > maxfragsperpacket) {
1103 ipstat.ips_fragdropped += fp->ipq_nfrags;
1104 ip_freef(fp);
1105 }
1106 return (0);
1107 }
1108
1109 /*
1110 * Reassembly is complete. Make sure the packet is a sane size.
1111 */
1112 q = fp->ipq_frags;
1113 ip = GETIP(q);
1114 if (next + (IP_VHL_HL(ip->ip_vhl) << 2) > IP_MAXPACKET) {
1115 ipstat.ips_toolong++;
1116 ipstat.ips_fragdropped += fp->ipq_nfrags;
1117 ip_freef(fp);
1118 return (0);
1119 }
1120
1121 /*
1122 * Concatenate fragments.
1123 */
1124 m = q;
1125 t = m->m_next;
1126 m->m_next = 0;
1127 m_cat(m, t);
1128 nq = q->m_nextpkt;
1129 q->m_nextpkt = 0;
1130 for (q = nq; q != NULL; q = nq) {
1131 nq = q->m_nextpkt;
1132 q->m_nextpkt = NULL;
1133 m->m_pkthdr.csum_flags &= q->m_pkthdr.csum_flags;
1134 m->m_pkthdr.csum_data += q->m_pkthdr.csum_data;
1135 m_cat(m, q);
1136 }
1137
1138#ifdef IPDIVERT
1139 /*
1140 * Extract firewall instructions from the fragment structure.
1141 */
1142 *divinfo = fp->ipq_div_info;
1143 *divert_rule = fp->ipq_div_cookie;
1144#endif
1145
1146 /*
1147 * Create header for new ip packet by
1148 * modifying header of first packet;
1149 * dequeue and discard fragment reassembly header.
1150 * Make header visible.
1151 */
1152 ip->ip_len = next;
1153 ip->ip_src = fp->ipq_src;
1154 ip->ip_dst = fp->ipq_dst;
1155 remque(fp);
1156 nipq--;
1157 (void) m_free(dtom(fp));
1158 m->m_len += (IP_VHL_HL(ip->ip_vhl) << 2);
1159 m->m_data -= (IP_VHL_HL(ip->ip_vhl) << 2);
1160 /* some debugging cruft by sklower, below, will go away soon */
1161 if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */
2256ba69 1162 int plen = 0;
984263bc
MD
1163 for (t = m; t; t = t->m_next)
1164 plen += t->m_len;
1165 m->m_pkthdr.len = plen;
1166 }
1167 return (m);
1168
1169dropfrag:
1170#ifdef IPDIVERT
1171 *divinfo = 0;
1172 *divert_rule = 0;
1173#endif
1174 ipstat.ips_fragdropped++;
1175 if (fp != 0)
1176 fp->ipq_nfrags--;
1177 m_freem(m);
1178 return (0);
1179
1180#undef GETIP
1181}
1182
1183/*
1184 * Free a fragment reassembly header and all
1185 * associated datagrams.
1186 */
1187static void
1188ip_freef(fp)
1189 struct ipq *fp;
1190{
2256ba69 1191 struct mbuf *q;
984263bc
MD
1192
1193 while (fp->ipq_frags) {
1194 q = fp->ipq_frags;
1195 fp->ipq_frags = q->m_nextpkt;
1196 m_freem(q);
1197 }
1198 remque(fp);
1199 (void) m_free(dtom(fp));
1200 nipq--;
1201}
1202
1203/*
1204 * IP timer processing;
1205 * if a timer expires on a reassembly
1206 * queue, discard it.
1207 */
1208void
1209ip_slowtimo()
1210{
2256ba69 1211 struct ipq *fp;
984263bc
MD
1212 int s = splnet();
1213 int i;
1214
1215 for (i = 0; i < IPREASS_NHASH; i++) {
1216 fp = ipq[i].next;
1217 if (fp == 0)
1218 continue;
1219 while (fp != &ipq[i]) {
1220 --fp->ipq_ttl;
1221 fp = fp->next;
1222 if (fp->prev->ipq_ttl == 0) {
1223 ipstat.ips_fragtimeout += fp->prev->ipq_nfrags;
1224 ip_freef(fp->prev);
1225 }
1226 }
1227 }
1228 /*
1229 * If we are over the maximum number of fragments
1230 * (due to the limit being lowered), drain off
1231 * enough to get down to the new limit.
1232 */
1233 if (maxnipq >= 0 && nipq > maxnipq) {
1234 for (i = 0; i < IPREASS_NHASH; i++) {
1235 while (nipq > maxnipq &&
1236 (ipq[i].next != &ipq[i])) {
1237 ipstat.ips_fragdropped +=
1238 ipq[i].next->ipq_nfrags;
1239 ip_freef(ipq[i].next);
1240 }
1241 }
1242 }
1243 ipflow_slowtimo();
1244 splx(s);
1245}
1246
1247/*
1248 * Drain off all datagram fragments.
1249 */
1250void
1251ip_drain()
1252{
1253 int i;
1254
1255 for (i = 0; i < IPREASS_NHASH; i++) {
1256 while (ipq[i].next != &ipq[i]) {
1257 ipstat.ips_fragdropped += ipq[i].next->ipq_nfrags;
1258 ip_freef(ipq[i].next);
1259 }
1260 }
1261 in_rtqdrain();
1262}
1263
1264/*
1265 * Do option processing on a datagram,
1266 * possibly discarding it if bad options are encountered,
1267 * or forwarding it if source-routed.
1268 * The pass argument is used when operating in the IPSTEALTH
1269 * mode to tell what options to process:
1270 * [LS]SRR (pass 0) or the others (pass 1).
1271 * The reason for as many as two passes is that when doing IPSTEALTH,
1272 * non-routing options should be processed only if the packet is for us.
1273 * Returns 1 if packet has been forwarded/freed,
1274 * 0 if the packet should be processed further.
1275 */
1276static int
1277ip_dooptions(struct mbuf *m, int pass, struct sockaddr_in *next_hop)
1278{
1279 struct ip *ip = mtod(m, struct ip *);
1280 u_char *cp;
1281 struct in_ifaddr *ia;
1282 int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0;
1283 struct in_addr *sin, dst;
1284 n_time ntime;
1285
1286 dst = ip->ip_dst;
1287 cp = (u_char *)(ip + 1);
1288 cnt = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof (struct ip);
1289 for (; cnt > 0; cnt -= optlen, cp += optlen) {
1290 opt = cp[IPOPT_OPTVAL];
1291 if (opt == IPOPT_EOL)
1292 break;
1293 if (opt == IPOPT_NOP)
1294 optlen = 1;
1295 else {
1296 if (cnt < IPOPT_OLEN + sizeof(*cp)) {
1297 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1298 goto bad;
1299 }
1300 optlen = cp[IPOPT_OLEN];
1301 if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
1302 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1303 goto bad;
1304 }
1305 }
1306 switch (opt) {
1307
1308 default:
1309 break;
1310
1311 /*
1312 * Source routing with record.
1313 * Find interface with current destination address.
1314 * If none on this machine then drop if strictly routed,
1315 * or do nothing if loosely routed.
1316 * Record interface address and bring up next address
1317 * component. If strictly routed make sure next
1318 * address is on directly accessible net.
1319 */
1320 case IPOPT_LSRR:
1321 case IPOPT_SSRR:
1322#ifdef IPSTEALTH
1323 if (ipstealth && pass > 0)
1324 break;
1325#endif
1326 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1327 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1328 goto bad;
1329 }
1330 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1331 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1332 goto bad;
1333 }
1334 ipaddr.sin_addr = ip->ip_dst;
1335 ia = (struct in_ifaddr *)
1336 ifa_ifwithaddr((struct sockaddr *)&ipaddr);
1337 if (ia == 0) {
1338 if (opt == IPOPT_SSRR) {
1339 type = ICMP_UNREACH;
1340 code = ICMP_UNREACH_SRCFAIL;
1341 goto bad;
1342 }
1343 if (!ip_dosourceroute)
1344 goto nosourcerouting;
1345 /*
1346 * Loose routing, and not at next destination
1347 * yet; nothing to do except forward.
1348 */
1349 break;
1350 }
1351 off--; /* 0 origin */
1352 if (off > optlen - (int)sizeof(struct in_addr)) {
1353 /*
1354 * End of source route. Should be for us.
1355 */
1356 if (!ip_acceptsourceroute)
1357 goto nosourcerouting;
1358 save_rte(cp, ip->ip_src);
1359 break;
1360 }
1361#ifdef IPSTEALTH
1362 if (ipstealth)
1363 goto dropit;
1364#endif
1365 if (!ip_dosourceroute) {
1366 if (ipforwarding) {
1367 char buf[16]; /* aaa.bbb.ccc.ddd\0 */
1368 /*
1369 * Acting as a router, so generate ICMP
1370 */
1371nosourcerouting:
1372 strcpy(buf, inet_ntoa(ip->ip_dst));
1373 log(LOG_WARNING,
1374 "attempted source route from %s to %s\n",
1375 inet_ntoa(ip->ip_src), buf);
1376 type = ICMP_UNREACH;
1377 code = ICMP_UNREACH_SRCFAIL;
1378 goto bad;
1379 } else {
1380 /*
1381 * Not acting as a router, so silently drop.
1382 */
1383#ifdef IPSTEALTH
1384dropit:
1385#endif
1386 ipstat.ips_cantforward++;
1387 m_freem(m);
1388 return (1);
1389 }
1390 }
1391
1392 /*
1393 * locate outgoing interface
1394 */
1395 (void)memcpy(&ipaddr.sin_addr, cp + off,
1396 sizeof(ipaddr.sin_addr));
1397
1398 if (opt == IPOPT_SSRR) {
1399#define INA struct in_ifaddr *
1400#define SA struct sockaddr *
1401 if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr)) == 0)
1402 ia = (INA)ifa_ifwithnet((SA)&ipaddr);
1403 } else
1404 ia = ip_rtaddr(ipaddr.sin_addr, &ipforward_rt);
1405 if (ia == 0) {
1406 type = ICMP_UNREACH;
1407 code = ICMP_UNREACH_SRCFAIL;
1408 goto bad;
1409 }
1410 ip->ip_dst = ipaddr.sin_addr;
1411 (void)memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
1412 sizeof(struct in_addr));
1413 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1414 /*
1415 * Let ip_intr's mcast routing check handle mcast pkts
1416 */
1417 forward = !IN_MULTICAST(ntohl(ip->ip_dst.s_addr));
1418 break;
1419
1420 case IPOPT_RR:
1421#ifdef IPSTEALTH
1422 if (ipstealth && pass == 0)
1423 break;
1424#endif
1425 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1426 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1427 goto bad;
1428 }
1429 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1430 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1431 goto bad;
1432 }
1433 /*
1434 * If no space remains, ignore.
1435 */
1436 off--; /* 0 origin */
1437 if (off > optlen - (int)sizeof(struct in_addr))
1438 break;
1439 (void)memcpy(&ipaddr.sin_addr, &ip->ip_dst,
1440 sizeof(ipaddr.sin_addr));
1441 /*
1442 * locate outgoing interface; if we're the destination,
1443 * use the incoming interface (should be same).
1444 */
1445 if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == 0 &&
1446 (ia = ip_rtaddr(ipaddr.sin_addr,
1447 &ipforward_rt)) == 0) {
1448 type = ICMP_UNREACH;
1449 code = ICMP_UNREACH_HOST;
1450 goto bad;
1451 }
1452 (void)memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
1453 sizeof(struct in_addr));
1454 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1455 break;
1456
1457 case IPOPT_TS:
1458#ifdef IPSTEALTH
1459 if (ipstealth && pass == 0)
1460 break;
1461#endif
1462 code = cp - (u_char *)ip;
1463 if (optlen < 4 || optlen > 40) {
1464 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1465 goto bad;
1466 }
1467 if ((off = cp[IPOPT_OFFSET]) < 5) {
1468 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1469 goto bad;
1470 }
1471 if (off > optlen - (int)sizeof(int32_t)) {
1472 cp[IPOPT_OFFSET + 1] += (1 << 4);
1473 if ((cp[IPOPT_OFFSET + 1] & 0xf0) == 0) {
1474 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1475 goto bad;
1476 }
1477 break;
1478 }
1479 off--; /* 0 origin */
1480 sin = (struct in_addr *)(cp + off);
1481 switch (cp[IPOPT_OFFSET + 1] & 0x0f) {
1482
1483 case IPOPT_TS_TSONLY:
1484 break;
1485
1486 case IPOPT_TS_TSANDADDR:
1487 if (off + sizeof(n_time) +
1488 sizeof(struct in_addr) > optlen) {
1489 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1490 goto bad;
1491 }
1492 ipaddr.sin_addr = dst;
1493 ia = (INA)ifaof_ifpforaddr((SA)&ipaddr,
1494 m->m_pkthdr.rcvif);
1495 if (ia == 0)
1496 continue;
1497 (void)memcpy(sin, &IA_SIN(ia)->sin_addr,
1498 sizeof(struct in_addr));
1499 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1500 off += sizeof(struct in_addr);
1501 break;
1502
1503 case IPOPT_TS_PRESPEC:
1504 if (off + sizeof(n_time) +
1505 sizeof(struct in_addr) > optlen) {
1506 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1507 goto bad;
1508 }
1509 (void)memcpy(&ipaddr.sin_addr, sin,
1510 sizeof(struct in_addr));
1511 if (ifa_ifwithaddr((SA)&ipaddr) == 0)
1512 continue;
1513 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1514 off += sizeof(struct in_addr);
1515 break;
1516
1517 default:
1518 code = &cp[IPOPT_OFFSET + 1] - (u_char *)ip;
1519 goto bad;
1520 }
1521 ntime = iptime();
1522 (void)memcpy(cp + off, &ntime, sizeof(n_time));
1523 cp[IPOPT_OFFSET] += sizeof(n_time);
1524 }
1525 }
1526 if (forward && ipforwarding) {
1527 ip_forward(m, 1, next_hop);
1528 return (1);
1529 }
1530 return (0);
1531bad:
1532 icmp_error(m, type, code, 0, 0);
1533 ipstat.ips_badoptions++;
1534 return (1);
1535}
1536
1537/*
1538 * Given address of next destination (final or next hop),
1539 * return internet address info of interface to be used to get there.
1540 */
1541struct in_ifaddr *
1542ip_rtaddr(dst, rt)
1543 struct in_addr dst;
1544 struct route *rt;
1545{
2256ba69 1546 struct sockaddr_in *sin;
984263bc
MD
1547
1548 sin = (struct sockaddr_in *)&rt->ro_dst;
1549
1550 if (rt->ro_rt == 0 ||
1551 dst.s_addr != sin->sin_addr.s_addr) {
1552 if (rt->ro_rt) {
1553 RTFREE(rt->ro_rt);
1554 rt->ro_rt = 0;
1555 }
1556 sin->sin_family = AF_INET;
1557 sin->sin_len = sizeof(*sin);
1558 sin->sin_addr = dst;
1559
1560 rtalloc_ign(rt, RTF_PRCLONING);
1561 }
1562 if (rt->ro_rt == 0)
1563 return ((struct in_ifaddr *)0);
1564 return (ifatoia(rt->ro_rt->rt_ifa));
1565}
1566
1567/*
1568 * Save incoming source route for use in replies,
1569 * to be picked up later by ip_srcroute if the receiver is interested.
1570 */
1571void
1572save_rte(option, dst)
1573 u_char *option;
1574 struct in_addr dst;
1575{
1576 unsigned olen;
1577
1578 olen = option[IPOPT_OLEN];
1579#ifdef DIAGNOSTIC
1580 if (ipprintfs)
1581 printf("save_rte: olen %d\n", olen);
1582#endif
1583 if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst)))
1584 return;
1585 bcopy(option, ip_srcrt.srcopt, olen);
1586 ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
1587 ip_srcrt.dst = dst;
1588}
1589
1590/*
1591 * Retrieve incoming source route for use in replies,
1592 * in the same form used by setsockopt.
1593 * The first hop is placed before the options, will be removed later.
1594 */
1595struct mbuf *
1596ip_srcroute()
1597{
2256ba69
RG
1598 struct in_addr *p, *q;
1599 struct mbuf *m;
984263bc
MD
1600
1601 if (ip_nhops == 0)
1602 return ((struct mbuf *)0);
1603 m = m_get(M_DONTWAIT, MT_HEADER);
1604 if (m == 0)
1605 return ((struct mbuf *)0);
1606
1607#define OPTSIZ (sizeof(ip_srcrt.nop) + sizeof(ip_srcrt.srcopt))
1608
1609 /* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */
1610 m->m_len = ip_nhops * sizeof(struct in_addr) + sizeof(struct in_addr) +
1611 OPTSIZ;
1612#ifdef DIAGNOSTIC
1613 if (ipprintfs)
1614 printf("ip_srcroute: nhops %d mlen %d", ip_nhops, m->m_len);
1615#endif
1616
1617 /*
1618 * First save first hop for return route
1619 */
1620 p = &ip_srcrt.route[ip_nhops - 1];
1621 *(mtod(m, struct in_addr *)) = *p--;
1622#ifdef DIAGNOSTIC
1623 if (ipprintfs)
1624 printf(" hops %lx", (u_long)ntohl(mtod(m, struct in_addr *)->s_addr));
1625#endif
1626
1627 /*
1628 * Copy option fields and padding (nop) to mbuf.
1629 */
1630 ip_srcrt.nop = IPOPT_NOP;
1631 ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF;
1632 (void)memcpy(mtod(m, caddr_t) + sizeof(struct in_addr),
1633 &ip_srcrt.nop, OPTSIZ);
1634 q = (struct in_addr *)(mtod(m, caddr_t) +
1635 sizeof(struct in_addr) + OPTSIZ);
1636#undef OPTSIZ
1637 /*
1638 * Record return path as an IP source route,
1639 * reversing the path (pointers are now aligned).
1640 */
1641 while (p >= ip_srcrt.route) {
1642#ifdef DIAGNOSTIC
1643 if (ipprintfs)
1644 printf(" %lx", (u_long)ntohl(q->s_addr));
1645#endif
1646 *q++ = *p--;
1647 }
1648 /*
1649 * Last hop goes to final destination.
1650 */
1651 *q = ip_srcrt.dst;
1652#ifdef DIAGNOSTIC
1653 if (ipprintfs)
1654 printf(" %lx\n", (u_long)ntohl(q->s_addr));
1655#endif
1656 return (m);
1657}
1658
1659/*
1660 * Strip out IP options, at higher
1661 * level protocol in the kernel.
1662 * Second argument is buffer to which options
1663 * will be moved, and return value is their length.
1664 * XXX should be deleted; last arg currently ignored.
1665 */
1666void
1667ip_stripoptions(m, mopt)
2256ba69 1668 struct mbuf *m;
984263bc
MD
1669 struct mbuf *mopt;
1670{
2256ba69 1671 int i;
984263bc 1672 struct ip *ip = mtod(m, struct ip *);
2256ba69 1673 caddr_t opts;
984263bc
MD
1674 int olen;
1675
1676 olen = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof (struct ip);
1677 opts = (caddr_t)(ip + 1);
1678 i = m->m_len - (sizeof (struct ip) + olen);
1679 bcopy(opts + olen, opts, (unsigned)i);
1680 m->m_len -= olen;
1681 if (m->m_flags & M_PKTHDR)
1682 m->m_pkthdr.len -= olen;
1683 ip->ip_vhl = IP_MAKE_VHL(IPVERSION, sizeof(struct ip) >> 2);
1684}
1685
1686u_char inetctlerrmap[PRC_NCMDS] = {
1687 0, 0, 0, 0,
1688 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH,
1689 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
1690 EMSGSIZE, EHOSTUNREACH, 0, 0,
1691 0, 0, 0, 0,
1692 ENOPROTOOPT, ECONNREFUSED
1693};
1694
1695/*
1696 * Forward a packet. If some error occurs return the sender
1697 * an icmp packet. Note we can't always generate a meaningful
1698 * icmp message because icmp doesn't have a large enough repertoire
1699 * of codes and types.
1700 *
1701 * If not forwarding, just drop the packet. This could be confusing
1702 * if ipforwarding was zero but some routing protocol was advancing
1703 * us as a gateway to somewhere. However, we must let the routing
1704 * protocol deal with that.
1705 *
1706 * The srcrt parameter indicates whether the packet is being forwarded
1707 * via a source route.
1708 */
1709static void
1710ip_forward(struct mbuf *m, int srcrt, struct sockaddr_in *next_hop)
1711{
1712 struct ip *ip = mtod(m, struct ip *);
1713 struct sockaddr_in *sin;
1714 struct rtentry *rt;
1715 int error, type = 0, code = 0;
1716 struct mbuf *mcopy;
1717 n_long dest;
1718 struct in_addr pkt_dst;
1719 struct ifnet *destifp;
1720#if defined(IPSEC) || defined(FAST_IPSEC)
1721 struct ifnet dummyifp;
1722#endif
1723
1724 dest = 0;
1725 /*
1726 * Cache the destination address of the packet; this may be
1727 * changed by use of 'ipfw fwd'.
1728 */
1729 pkt_dst = next_hop ? next_hop->sin_addr : ip->ip_dst;
1730
1731#ifdef DIAGNOSTIC
1732 if (ipprintfs)
1733 printf("forward: src %lx dst %lx ttl %x\n",
1734 (u_long)ip->ip_src.s_addr, (u_long)pkt_dst.s_addr,
1735 ip->ip_ttl);
1736#endif
1737
1738
1739 if (m->m_flags & (M_BCAST|M_MCAST) || in_canforward(pkt_dst) == 0) {
1740 ipstat.ips_cantforward++;
1741 m_freem(m);
1742 return;
1743 }
1744#ifdef IPSTEALTH
1745 if (!ipstealth) {
1746#endif
1747 if (ip->ip_ttl <= IPTTLDEC) {
1748 icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS,
1749 dest, 0);
1750 return;
1751 }
1752#ifdef IPSTEALTH
1753 }
1754#endif
1755
1756 sin = (struct sockaddr_in *)&ipforward_rt.ro_dst;
1757 if ((rt = ipforward_rt.ro_rt) == 0 ||
1758 pkt_dst.s_addr != sin->sin_addr.s_addr) {
1759 if (ipforward_rt.ro_rt) {
1760 RTFREE(ipforward_rt.ro_rt);
1761 ipforward_rt.ro_rt = 0;
1762 }
1763 sin->sin_family = AF_INET;
1764 sin->sin_len = sizeof(*sin);
1765 sin->sin_addr = pkt_dst;
1766
1767 rtalloc_ign(&ipforward_rt, RTF_PRCLONING);
1768 if (ipforward_rt.ro_rt == 0) {
1769 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, dest, 0);
1770 return;
1771 }
1772 rt = ipforward_rt.ro_rt;
1773 }
1774
1775 /*
1776 * Save the IP header and at most 8 bytes of the payload,
1777 * in case we need to generate an ICMP message to the src.
1778 *
1779 * XXX this can be optimized a lot by saving the data in a local
1780 * buffer on the stack (72 bytes at most), and only allocating the
1781 * mbuf if really necessary. The vast majority of the packets
1782 * are forwarded without having to send an ICMP back (either
1783 * because unnecessary, or because rate limited), so we are
1784 * really we are wasting a lot of work here.
1785 *
1786 * We don't use m_copy() because it might return a reference
1787 * to a shared cluster. Both this function and ip_output()
1788 * assume exclusive access to the IP header in `m', so any
1789 * data in a cluster may change before we reach icmp_error().
1790 */
1791 MGET(mcopy, M_DONTWAIT, m->m_type);
1792 if (mcopy != NULL && !m_dup_pkthdr(mcopy, m, M_DONTWAIT)) {
1793 /*
1794 * It's probably ok if the pkthdr dup fails (because
1795 * the deep copy of the tag chain failed), but for now
1796 * be conservative and just discard the copy since
1797 * code below may some day want the tags.
1798 */
1799 m_free(mcopy);
1800 mcopy = NULL;
1801 }
1802 if (mcopy != NULL) {
1803 mcopy->m_len = imin((IP_VHL_HL(ip->ip_vhl) << 2) + 8,
1804 (int)ip->ip_len);
1805 m_copydata(m, 0, mcopy->m_len, mtod(mcopy, caddr_t));
1806 }
1807
1808#ifdef IPSTEALTH
1809 if (!ipstealth) {
1810#endif
1811 ip->ip_ttl -= IPTTLDEC;
1812#ifdef IPSTEALTH
1813 }
1814#endif
1815
1816 /*
1817 * If forwarding packet using same interface that it came in on,
1818 * perhaps should send a redirect to sender to shortcut a hop.
1819 * Only send redirect if source is sending directly to us,
1820 * and if packet was not source routed (or has any options).
1821 * Also, don't send redirect if forwarding using a default route
1822 * or a route modified by a redirect.
1823 */
1824 if (rt->rt_ifp == m->m_pkthdr.rcvif &&
1825 (rt->rt_flags & (RTF_DYNAMIC|RTF_MODIFIED)) == 0 &&
1826 satosin(rt_key(rt))->sin_addr.s_addr != 0 &&
1827 ipsendredirects && !srcrt && !next_hop) {
1828#define RTA(rt) ((struct in_ifaddr *)(rt->rt_ifa))
1829 u_long src = ntohl(ip->ip_src.s_addr);
1830
1831 if (RTA(rt) &&
1832 (src & RTA(rt)->ia_subnetmask) == RTA(rt)->ia_subnet) {
1833 if (rt->rt_flags & RTF_GATEWAY)
1834 dest = satosin(rt->rt_gateway)->sin_addr.s_addr;
1835 else
1836 dest = pkt_dst.s_addr;
1837 /* Router requirements says to only send host redirects */
1838 type = ICMP_REDIRECT;
1839 code = ICMP_REDIRECT_HOST;
1840#ifdef DIAGNOSTIC
1841 if (ipprintfs)
1842 printf("redirect (%d) to %lx\n", code, (u_long)dest);
1843#endif
1844 }
1845 }
1846
1847 {
1848 struct m_hdr tag;
1849
1850 if (next_hop) {
1851 /* Pass IPFORWARD info if available */
1852
1853 tag.mh_type = MT_TAG;
1854 tag.mh_flags = PACKET_TAG_IPFORWARD;
1855 tag.mh_data = (caddr_t)next_hop;
1856 tag.mh_next = m;
1857 m = (struct mbuf *)&tag;
1858 }
1859 error = ip_output(m, (struct mbuf *)0, &ipforward_rt,
1860 IP_FORWARDING, 0, NULL);
1861 }
1862 if (error)
1863 ipstat.ips_cantforward++;
1864 else {
1865 ipstat.ips_forward++;
1866 if (type)
1867 ipstat.ips_redirectsent++;
1868 else {
1869 if (mcopy) {
1870 ipflow_create(&ipforward_rt, mcopy);
1871 m_freem(mcopy);
1872 }
1873 return;
1874 }
1875 }
1876 if (mcopy == NULL)
1877 return;
1878 destifp = NULL;
1879
1880 switch (error) {
1881
1882 case 0: /* forwarded, but need redirect */
1883 /* type, code set above */
1884 break;
1885
1886 case ENETUNREACH: /* shouldn't happen, checked above */
1887 case EHOSTUNREACH:
1888 case ENETDOWN:
1889 case EHOSTDOWN:
1890 default:
1891 type = ICMP_UNREACH;
1892 code = ICMP_UNREACH_HOST;
1893 break;
1894
1895 case EMSGSIZE:
1896 type = ICMP_UNREACH;
1897 code = ICMP_UNREACH_NEEDFRAG;
1898#ifdef IPSEC
1899 /*
1900 * If the packet is routed over IPsec tunnel, tell the
1901 * originator the tunnel MTU.
1902 * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
1903 * XXX quickhack!!!
1904 */
1905 if (ipforward_rt.ro_rt) {
1906 struct secpolicy *sp = NULL;
1907 int ipsecerror;
1908 int ipsechdr;
1909 struct route *ro;
1910
1911 sp = ipsec4_getpolicybyaddr(mcopy,
1912 IPSEC_DIR_OUTBOUND,
1913 IP_FORWARDING,
1914 &ipsecerror);
1915
1916 if (sp == NULL)
1917 destifp = ipforward_rt.ro_rt->rt_ifp;
1918 else {
1919 /* count IPsec header size */
1920 ipsechdr = ipsec4_hdrsiz(mcopy,
1921 IPSEC_DIR_OUTBOUND,
1922 NULL);
1923
1924 /*
1925 * find the correct route for outer IPv4
1926 * header, compute tunnel MTU.
1927 *
1928 * XXX BUG ALERT
1929 * The "dummyifp" code relies upon the fact
1930 * that icmp_error() touches only ifp->if_mtu.
1931 */
1932 /*XXX*/
1933 destifp = NULL;
1934 if (sp->req != NULL
1935 && sp->req->sav != NULL
1936 && sp->req->sav->sah != NULL) {
1937 ro = &sp->req->sav->sah->sa_route;
1938 if (ro->ro_rt && ro->ro_rt->rt_ifp) {
1939 dummyifp.if_mtu =
1940 ro->ro_rt->rt_ifp->if_mtu;
1941 dummyifp.if_mtu -= ipsechdr;
1942 destifp = &dummyifp;
1943 }
1944 }
1945
1946 key_freesp(sp);
1947 }
1948 }
1949#elif FAST_IPSEC
1950 /*
1951 * If the packet is routed over IPsec tunnel, tell the
1952 * originator the tunnel MTU.
1953 * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
1954 * XXX quickhack!!!
1955 */
1956 if (ipforward_rt.ro_rt) {
1957 struct secpolicy *sp = NULL;
1958 int ipsecerror;
1959 int ipsechdr;
1960 struct route *ro;
1961
1962 sp = ipsec_getpolicybyaddr(mcopy,
1963 IPSEC_DIR_OUTBOUND,
1964 IP_FORWARDING,
1965 &ipsecerror);
1966
1967 if (sp == NULL)
1968 destifp = ipforward_rt.ro_rt->rt_ifp;
1969 else {
1970 /* count IPsec header size */
1971 ipsechdr = ipsec4_hdrsiz(mcopy,
1972 IPSEC_DIR_OUTBOUND,
1973 NULL);
1974
1975 /*
1976 * find the correct route for outer IPv4
1977 * header, compute tunnel MTU.
1978 *
1979 * XXX BUG ALERT
1980 * The "dummyifp" code relies upon the fact
1981 * that icmp_error() touches only ifp->if_mtu.
1982 */
1983 /*XXX*/
1984 destifp = NULL;
1985 if (sp->req != NULL
1986 && sp->req->sav != NULL
1987 && sp->req->sav->sah != NULL) {
1988 ro = &sp->req->sav->sah->sa_route;
1989 if (ro->ro_rt && ro->ro_rt->rt_ifp) {
1990 dummyifp.if_mtu =
1991 ro->ro_rt->rt_ifp->if_mtu;
1992 dummyifp.if_mtu -= ipsechdr;
1993 destifp = &dummyifp;
1994 }
1995 }
1996
1997 KEY_FREESP(&sp);
1998 }
1999 }
2000#else /* !IPSEC && !FAST_IPSEC */
2001 if (ipforward_rt.ro_rt)
2002 destifp = ipforward_rt.ro_rt->rt_ifp;
2003#endif /*IPSEC*/
2004 ipstat.ips_cantfrag++;
2005 break;
2006
2007 case ENOBUFS:
2008 /*
2009 * A router should not generate ICMP_SOURCEQUENCH as
2010 * required in RFC1812 Requirements for IP Version 4 Routers.
2011 * Source quench could be a big problem under DoS attacks,
2012 * or if the underlying interface is rate-limited.
2013 * Those who need source quench packets may re-enable them
2014 * via the net.inet.ip.sendsourcequench sysctl.
2015 */
2016 if (ip_sendsourcequench == 0) {
2017 m_freem(mcopy);
2018 return;
2019 } else {
2020 type = ICMP_SOURCEQUENCH;
2021 code = 0;
2022 }
2023 break;
2024
2025 case EACCES: /* ipfw denied packet */
2026 m_freem(mcopy);
2027 return;
2028 }
2029 icmp_error(mcopy, type, code, dest, destifp);
2030}
2031
2032void
2033ip_savecontrol(inp, mp, ip, m)
2256ba69
RG
2034 struct inpcb *inp;
2035 struct mbuf **mp;
2036 struct ip *ip;
2037 struct mbuf *m;
984263bc
MD
2038{
2039 if (inp->inp_socket->so_options & SO_TIMESTAMP) {
2040 struct timeval tv;
2041
2042 microtime(&tv);
2043 *mp = sbcreatecontrol((caddr_t) &tv, sizeof(tv),
2044 SCM_TIMESTAMP, SOL_SOCKET);
2045 if (*mp)
2046 mp = &(*mp)->m_next;
2047 }
2048 if (inp->inp_flags & INP_RECVDSTADDR) {
2049 *mp = sbcreatecontrol((caddr_t) &ip->ip_dst,
2050 sizeof(struct in_addr), IP_RECVDSTADDR, IPPROTO_IP);
2051 if (*mp)
2052 mp = &(*mp)->m_next;
2053 }
2054#ifdef notyet
2055 /* XXX
2056 * Moving these out of udp_input() made them even more broken
2057 * than they already were.
2058 */
2059 /* options were tossed already */
2060 if (inp->inp_flags & INP_RECVOPTS) {
2061 *mp = sbcreatecontrol((caddr_t) opts_deleted_above,
2062 sizeof(struct in_addr), IP_RECVOPTS, IPPROTO_IP);
2063 if (*mp)
2064 mp = &(*mp)->m_next;
2065 }
2066 /* ip_srcroute doesn't do what we want here, need to fix */
2067 if (inp->inp_flags & INP_RECVRETOPTS) {
2068 *mp = sbcreatecontrol((caddr_t) ip_srcroute(),
2069 sizeof(struct in_addr), IP_RECVRETOPTS, IPPROTO_IP);
2070 if (*mp)
2071 mp = &(*mp)->m_next;
2072 }
2073#endif
2074 if (inp->inp_flags & INP_RECVIF) {
2075 struct ifnet *ifp;
2076 struct sdlbuf {
2077 struct sockaddr_dl sdl;
2078 u_char pad[32];
2079 } sdlbuf;
2080 struct sockaddr_dl *sdp;
2081 struct sockaddr_dl *sdl2 = &sdlbuf.sdl;
2082
2083 if (((ifp = m->m_pkthdr.rcvif))
2084 && ( ifp->if_index && (ifp->if_index <= if_index))) {
2085 sdp = (struct sockaddr_dl *)(ifnet_addrs
2086 [ifp->if_index - 1]->ifa_addr);
2087 /*
2088 * Change our mind and don't try copy.
2089 */
2090 if ((sdp->sdl_family != AF_LINK)
2091 || (sdp->sdl_len > sizeof(sdlbuf))) {
2092 goto makedummy;
2093 }
2094 bcopy(sdp, sdl2, sdp->sdl_len);
2095 } else {
2096makedummy:
2097 sdl2->sdl_len
2098 = offsetof(struct sockaddr_dl, sdl_data[0]);
2099 sdl2->sdl_family = AF_LINK;
2100 sdl2->sdl_index = 0;
2101 sdl2->sdl_nlen = sdl2->sdl_alen = sdl2->sdl_slen = 0;
2102 }
2103 *mp = sbcreatecontrol((caddr_t) sdl2, sdl2->sdl_len,
2104 IP_RECVIF, IPPROTO_IP);
2105 if (*mp)
2106 mp = &(*mp)->m_next;
2107 }
2108}
2109
2110/*
2111 * XXX these routines are called from the upper part of the kernel.
2112 *
2113 * They could also be moved to ip_mroute.c, since all the RSVP
2114 * handling is done there already.
2115 */
2116int
2117ip_rsvp_init(struct socket *so)
2118{
2119 if (so->so_type != SOCK_RAW ||
2120 so->so_proto->pr_protocol != IPPROTO_RSVP)
2121 return EOPNOTSUPP;
2122
2123 if (ip_rsvpd != NULL)
2124 return EADDRINUSE;
2125
2126 ip_rsvpd = so;
2127 /*
2128 * This may seem silly, but we need to be sure we don't over-increment
2129 * the RSVP counter, in case something slips up.
2130 */
2131 if (!ip_rsvp_on) {
2132 ip_rsvp_on = 1;
2133 rsvp_on++;
2134 }
2135
2136 return 0;
2137}
2138
2139int
2140ip_rsvp_done(void)
2141{
2142 ip_rsvpd = NULL;
2143 /*
2144 * This may seem silly, but we need to be sure we don't over-decrement
2145 * the RSVP counter, in case something slips up.
2146 */
2147 if (ip_rsvp_on) {
2148 ip_rsvp_on = 0;
2149 rsvp_on--;
2150 }
2151 return 0;
2152}
2153
2154void
2155rsvp_input(struct mbuf *m, int off, int proto) /* XXX must fixup manually */
2156{
2157 if (rsvp_input_p) { /* call the real one if loaded */
2158 rsvp_input_p(m, off, proto);
2159 return;
2160 }
2161
2162 /* Can still get packets with rsvp_on = 0 if there is a local member
2163 * of the group to which the RSVP packet is addressed. But in this
2164 * case we want to throw the packet away.
2165 */
2166
2167 if (!rsvp_on) {
2168 m_freem(m);
2169 return;
2170 }
2171
2172 if (ip_rsvpd != NULL) {
2173 rip_input(m, off, proto);
2174 return;
2175 }
2176 /* Drop the packet */
2177 m_freem(m);
2178}
2179