2 * Copyright 2001 Wasabi Systems, Inc.
5 * Written by Jason R. Thorpe for Wasabi Systems, Inc.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed for the NetBSD Project by
18 * Wasabi Systems, Inc.
19 * 4. The name of Wasabi Systems, Inc. may not be used to endorse
20 * or promote products derived from this software without specific prior
23 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
27 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
37 * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
38 * All rights reserved.
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
43 * 1. Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 * 3. All advertising materials mentioning features or use of this software
49 * must display the following acknowledgement:
50 * This product includes software developed by Jason L. Wright
51 * 4. The name of the author may not be used to endorse or promote products
52 * derived from this software without specific prior written permission.
54 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
55 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
56 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
57 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
58 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
59 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
60 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
62 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
63 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
64 * POSSIBILITY OF SUCH DAMAGE.
66 * $OpenBSD: if_bridge.c,v 1.60 2001/06/15 03:38:33 itojun Exp $
67 * $NetBSD: if_bridge.c,v 1.31 2005/06/01 19:45:34 jdc Exp $
68 * $FreeBSD: src/sys/net/if_bridge.c,v 1.26 2005/10/13 23:05:55 thompsa Exp $
69 * $DragonFly: src/sys/net/bridge/if_bridge.c,v 1.23 2007/06/05 13:41:39 sephe Exp $
73 * Network interface bridge support.
77 * - Currently only supports Ethernet-like interfaces (Ethernet,
78 * 802.11, VLANs on Ethernet, etc.) Figure out a nice way
79 * to bridge other types of interfaces (FDDI-FDDI, and maybe
80 * consider heterogenous bridges).
83 #include <sys/cdefs.h>
86 #include "opt_inet6.h"
88 #include <sys/param.h>
90 #include <sys/malloc.h>
91 #include <sys/protosw.h>
92 #include <sys/systm.h>
94 #include <sys/socket.h> /* for net/if.h */
95 #include <sys/sockio.h>
96 #include <sys/ctype.h> /* string functions */
97 #include <sys/kernel.h>
98 #include <sys/random.h>
99 #include <sys/sysctl.h>
100 #include <sys/module.h>
101 #include <sys/proc.h>
102 #include <sys/lock.h>
103 #include <sys/thread.h>
104 #include <sys/thread2.h>
105 #include <sys/mpipe.h>
109 #include <net/if_dl.h>
110 #include <net/if_types.h>
111 #include <net/if_var.h>
112 #include <net/pfil.h>
113 #include <net/ifq_var.h>
115 #include <netinet/in.h> /* for struct arpcom */
116 #include <netinet/in_systm.h>
117 #include <netinet/in_var.h>
118 #include <netinet/ip.h>
119 #include <netinet/ip_var.h>
121 #include <netinet/ip6.h>
122 #include <netinet6/ip6_var.h>
124 #include <netinet/if_ether.h> /* for struct arpcom */
125 #include <net/bridge/if_bridgevar.h>
126 #include <net/if_llc.h>
128 #include <net/route.h>
129 #include <sys/in_cksum.h>
132 * Size of the route hash table. Must be a power of two.
134 #ifndef BRIDGE_RTHASH_SIZE
135 #define BRIDGE_RTHASH_SIZE 1024
138 #define BRIDGE_RTHASH_MASK (BRIDGE_RTHASH_SIZE - 1)
141 * Maximum number of addresses to cache.
143 #ifndef BRIDGE_RTABLE_MAX
144 #define BRIDGE_RTABLE_MAX 100
148 * Spanning tree defaults.
150 #define BSTP_DEFAULT_MAX_AGE (20 * 256)
151 #define BSTP_DEFAULT_HELLO_TIME (2 * 256)
152 #define BSTP_DEFAULT_FORWARD_DELAY (15 * 256)
153 #define BSTP_DEFAULT_HOLD_TIME (1 * 256)
154 #define BSTP_DEFAULT_BRIDGE_PRIORITY 0x8000
155 #define BSTP_DEFAULT_PORT_PRIORITY 0x80
156 #define BSTP_DEFAULT_PATH_COST 55
159 * Timeout (in seconds) for entries learned dynamically.
161 #ifndef BRIDGE_RTABLE_TIMEOUT
162 #define BRIDGE_RTABLE_TIMEOUT (20 * 60) /* same as ARP */
166 * Number of seconds between walks of the route list.
168 #ifndef BRIDGE_RTABLE_PRUNE_PERIOD
169 #define BRIDGE_RTABLE_PRUNE_PERIOD (5 * 60)
173 * List of capabilities to mask on the member interface.
175 #define BRIDGE_IFCAPS_MASK IFCAP_TXCSUM
177 eventhandler_tag bridge_detach_cookie = NULL;
179 extern struct mbuf *(*bridge_input_p)(struct ifnet *, struct mbuf *);
180 extern int (*bridge_output_p)(struct ifnet *, struct mbuf *,
181 struct sockaddr *, struct rtentry *);
182 extern void (*bridge_dn_p)(struct mbuf *, struct ifnet *);
184 static int bridge_rtable_prune_period = BRIDGE_RTABLE_PRUNE_PERIOD;
186 static int bridge_clone_create(struct if_clone *, int);
187 static void bridge_clone_destroy(struct ifnet *);
189 static int bridge_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
190 static void bridge_mutecaps(struct bridge_iflist *, int);
191 static void bridge_ifdetach(void *arg __unused, struct ifnet *);
192 static void bridge_init(void *);
193 static void bridge_stop(struct ifnet *);
194 static void bridge_start(struct ifnet *);
195 static struct mbuf *bridge_input(struct ifnet *, struct mbuf *);
196 static int bridge_output_serialized(struct ifnet *, struct mbuf *,
197 struct sockaddr *, struct rtentry *);
199 static void bridge_forward(struct bridge_softc *, struct mbuf *m);
201 static void bridge_timer(void *);
203 static void bridge_broadcast(struct bridge_softc *, struct ifnet *,
205 static void bridge_span(struct bridge_softc *, struct mbuf *);
207 static int bridge_rtupdate(struct bridge_softc *, const uint8_t *,
208 struct ifnet *, int, uint8_t);
209 static struct ifnet *bridge_rtlookup(struct bridge_softc *, const uint8_t *);
210 static void bridge_rttrim(struct bridge_softc *);
211 static void bridge_rtage(struct bridge_softc *);
212 static void bridge_rtflush(struct bridge_softc *, int);
213 static int bridge_rtdaddr(struct bridge_softc *, const uint8_t *);
215 static int bridge_rtable_init(struct bridge_softc *);
216 static void bridge_rtable_fini(struct bridge_softc *);
218 static int bridge_rtnode_addr_cmp(const uint8_t *, const uint8_t *);
219 static struct bridge_rtnode *bridge_rtnode_lookup(struct bridge_softc *,
221 static int bridge_rtnode_insert(struct bridge_softc *,
222 struct bridge_rtnode *);
223 static void bridge_rtnode_destroy(struct bridge_softc *,
224 struct bridge_rtnode *);
226 static struct bridge_iflist *bridge_lookup_member(struct bridge_softc *,
228 static struct bridge_iflist *bridge_lookup_member_if(struct bridge_softc *,
230 static void bridge_delete_member(struct bridge_softc *,
231 struct bridge_iflist *, int);
232 static void bridge_delete_span(struct bridge_softc *,
233 struct bridge_iflist *);
235 static int bridge_ioctl_add(struct bridge_softc *, void *);
236 static int bridge_ioctl_del(struct bridge_softc *, void *);
237 static int bridge_ioctl_gifflags(struct bridge_softc *, void *);
238 static int bridge_ioctl_sifflags(struct bridge_softc *, void *);
239 static int bridge_ioctl_scache(struct bridge_softc *, void *);
240 static int bridge_ioctl_gcache(struct bridge_softc *, void *);
241 static int bridge_ioctl_gifs(struct bridge_softc *, void *);
242 static int bridge_ioctl_rts(struct bridge_softc *, void *);
243 static int bridge_ioctl_saddr(struct bridge_softc *, void *);
244 static int bridge_ioctl_sto(struct bridge_softc *, void *);
245 static int bridge_ioctl_gto(struct bridge_softc *, void *);
246 static int bridge_ioctl_daddr(struct bridge_softc *, void *);
247 static int bridge_ioctl_flush(struct bridge_softc *, void *);
248 static int bridge_ioctl_gpri(struct bridge_softc *, void *);
249 static int bridge_ioctl_spri(struct bridge_softc *, void *);
250 static int bridge_ioctl_ght(struct bridge_softc *, void *);
251 static int bridge_ioctl_sht(struct bridge_softc *, void *);
252 static int bridge_ioctl_gfd(struct bridge_softc *, void *);
253 static int bridge_ioctl_sfd(struct bridge_softc *, void *);
254 static int bridge_ioctl_gma(struct bridge_softc *, void *);
255 static int bridge_ioctl_sma(struct bridge_softc *, void *);
256 static int bridge_ioctl_sifprio(struct bridge_softc *, void *);
257 static int bridge_ioctl_sifcost(struct bridge_softc *, void *);
258 static int bridge_ioctl_addspan(struct bridge_softc *, void *);
259 static int bridge_ioctl_delspan(struct bridge_softc *, void *);
260 static int bridge_pfil(struct mbuf **, struct ifnet *, struct ifnet *,
262 static int bridge_ip_checkbasic(struct mbuf **mp);
264 static int bridge_ip6_checkbasic(struct mbuf **mp);
266 static int bridge_fragment(struct ifnet *, struct mbuf *,
267 struct ether_header *, int, struct llc *);
269 SYSCTL_DECL(_net_link);
270 SYSCTL_NODE(_net_link, IFT_BRIDGE, bridge, CTLFLAG_RW, 0, "Bridge");
272 static int pfil_onlyip = 1; /* only pass IP[46] packets when pfil is enabled */
273 static int pfil_bridge = 1; /* run pfil hooks on the bridge interface */
274 static int pfil_member = 1; /* run pfil hooks on the member interface */
275 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_onlyip, CTLFLAG_RW,
276 &pfil_onlyip, 0, "Only pass IP packets when pfil is enabled");
277 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_bridge, CTLFLAG_RW,
278 &pfil_bridge, 0, "Packet filter on the bridge interface");
279 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_member, CTLFLAG_RW,
280 &pfil_member, 0, "Packet filter on the member interface");
282 struct bridge_control {
283 int (*bc_func)(struct bridge_softc *, void *);
288 #define BC_F_COPYIN 0x01 /* copy arguments in */
289 #define BC_F_COPYOUT 0x02 /* copy arguments out */
290 #define BC_F_SUSER 0x04 /* do super-user check */
292 const struct bridge_control bridge_control_table[] = {
293 { bridge_ioctl_add, sizeof(struct ifbreq),
294 BC_F_COPYIN|BC_F_SUSER },
295 { bridge_ioctl_del, sizeof(struct ifbreq),
296 BC_F_COPYIN|BC_F_SUSER },
298 { bridge_ioctl_gifflags, sizeof(struct ifbreq),
299 BC_F_COPYIN|BC_F_COPYOUT },
300 { bridge_ioctl_sifflags, sizeof(struct ifbreq),
301 BC_F_COPYIN|BC_F_SUSER },
303 { bridge_ioctl_scache, sizeof(struct ifbrparam),
304 BC_F_COPYIN|BC_F_SUSER },
305 { bridge_ioctl_gcache, sizeof(struct ifbrparam),
308 { bridge_ioctl_gifs, sizeof(struct ifbifconf),
309 BC_F_COPYIN|BC_F_COPYOUT },
310 { bridge_ioctl_rts, sizeof(struct ifbaconf),
311 BC_F_COPYIN|BC_F_COPYOUT },
313 { bridge_ioctl_saddr, sizeof(struct ifbareq),
314 BC_F_COPYIN|BC_F_SUSER },
316 { bridge_ioctl_sto, sizeof(struct ifbrparam),
317 BC_F_COPYIN|BC_F_SUSER },
318 { bridge_ioctl_gto, sizeof(struct ifbrparam),
321 { bridge_ioctl_daddr, sizeof(struct ifbareq),
322 BC_F_COPYIN|BC_F_SUSER },
324 { bridge_ioctl_flush, sizeof(struct ifbreq),
325 BC_F_COPYIN|BC_F_SUSER },
327 { bridge_ioctl_gpri, sizeof(struct ifbrparam),
329 { bridge_ioctl_spri, sizeof(struct ifbrparam),
330 BC_F_COPYIN|BC_F_SUSER },
332 { bridge_ioctl_ght, sizeof(struct ifbrparam),
334 { bridge_ioctl_sht, sizeof(struct ifbrparam),
335 BC_F_COPYIN|BC_F_SUSER },
337 { bridge_ioctl_gfd, sizeof(struct ifbrparam),
339 { bridge_ioctl_sfd, sizeof(struct ifbrparam),
340 BC_F_COPYIN|BC_F_SUSER },
342 { bridge_ioctl_gma, sizeof(struct ifbrparam),
344 { bridge_ioctl_sma, sizeof(struct ifbrparam),
345 BC_F_COPYIN|BC_F_SUSER },
347 { bridge_ioctl_sifprio, sizeof(struct ifbreq),
348 BC_F_COPYIN|BC_F_SUSER },
350 { bridge_ioctl_sifcost, sizeof(struct ifbreq),
351 BC_F_COPYIN|BC_F_SUSER },
353 { bridge_ioctl_addspan, sizeof(struct ifbreq),
354 BC_F_COPYIN|BC_F_SUSER },
355 { bridge_ioctl_delspan, sizeof(struct ifbreq),
356 BC_F_COPYIN|BC_F_SUSER },
358 const int bridge_control_table_size =
359 sizeof(bridge_control_table) / sizeof(bridge_control_table[0]);
361 LIST_HEAD(, bridge_softc) bridge_list;
363 struct if_clone bridge_cloner = IF_CLONE_INITIALIZER("bridge",
365 bridge_clone_destroy, 0, IF_MAXUNIT);
368 bridge_modevent(module_t mod, int type, void *data)
373 LIST_INIT(&bridge_list);
374 if_clone_attach(&bridge_cloner);
375 bridge_input_p = bridge_input;
376 bridge_output_p = bridge_output_serialized;
377 bridge_detach_cookie = EVENTHANDLER_REGISTER(
378 ifnet_detach_event, bridge_ifdetach, NULL,
379 EVENTHANDLER_PRI_ANY);
381 bstp_linkstate_p = bstp_linkstate;
385 if (!LIST_EMPTY(&bridge_list))
387 EVENTHANDLER_DEREGISTER(ifnet_detach_event,
388 bridge_detach_cookie);
389 if_clone_detach(&bridge_cloner);
390 bridge_input_p = NULL;
391 bridge_output_p = NULL;
393 bstp_linkstate_p = NULL;
402 static moduledata_t bridge_mod = {
408 DECLARE_MODULE(if_bridge, bridge_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
412 * bridge_clone_create:
414 * Create a new bridge instance.
417 bridge_clone_create(struct if_clone *ifc, int unit)
419 struct bridge_softc *sc;
423 sc = kmalloc(sizeof(*sc), M_DEVBUF, M_WAITOK|M_ZERO);
424 ifp = sc->sc_ifp = &sc->sc_if;
426 sc->sc_brtmax = BRIDGE_RTABLE_MAX;
427 sc->sc_brttimeout = BRIDGE_RTABLE_TIMEOUT;
428 sc->sc_bridge_max_age = BSTP_DEFAULT_MAX_AGE;
429 sc->sc_bridge_hello_time = BSTP_DEFAULT_HELLO_TIME;
430 sc->sc_bridge_forward_delay = BSTP_DEFAULT_FORWARD_DELAY;
431 sc->sc_bridge_priority = BSTP_DEFAULT_BRIDGE_PRIORITY;
432 sc->sc_hold_time = BSTP_DEFAULT_HOLD_TIME;
434 /* Initialize our routing table. */
435 bridge_rtable_init(sc);
437 callout_init(&sc->sc_brcallout);
438 callout_init(&sc->sc_bstpcallout);
440 LIST_INIT(&sc->sc_iflist);
441 LIST_INIT(&sc->sc_spanlist);
444 if_initname(ifp, ifc->ifc_name, unit);
445 ifp->if_mtu = ETHERMTU;
446 ifp->if_flags = IFF_BROADCAST | IFF_MULTICAST;
447 ifp->if_ioctl = bridge_ioctl;
448 ifp->if_start = bridge_start;
449 ifp->if_init = bridge_init;
450 ifp->if_type = IFT_BRIDGE;
451 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen);
452 ifp->if_snd.ifq_maxlen = ifqmaxlen;
453 ifq_set_ready(&ifp->if_snd);
454 ifp->if_hdrlen = ETHER_HDR_LEN;
457 * Generate a random ethernet address and use the private AC:DE:48
461 int rnd = karc4random();
462 bcopy(&rnd, &eaddr[0], 4); /* ETHER_ADDR_LEN == 6 */
464 bcopy(&rnd, &eaddr[2], 4); /* ETHER_ADDR_LEN == 6 */
466 eaddr[0] &= ~1; /* clear multicast bit */
467 eaddr[0] |= 2; /* set the LAA bit */
469 ether_ifattach(ifp, eaddr, NULL);
470 /* Now undo some of the damage... */
471 ifp->if_baudrate = 0;
472 ifp->if_type = IFT_BRIDGE;
475 LIST_INSERT_HEAD(&bridge_list, sc, sc_list);
482 * bridge_clone_destroy:
484 * Destroy a bridge instance.
487 bridge_clone_destroy(struct ifnet *ifp)
489 struct bridge_softc *sc = ifp->if_softc;
490 struct bridge_iflist *bif;
492 lwkt_serialize_enter(ifp->if_serializer);
495 ifp->if_flags &= ~IFF_UP;
497 while ((bif = LIST_FIRST(&sc->sc_iflist)) != NULL)
498 bridge_delete_member(sc, bif, 0);
500 while ((bif = LIST_FIRST(&sc->sc_spanlist)) != NULL) {
501 bridge_delete_span(sc, bif);
504 callout_stop(&sc->sc_brcallout);
505 callout_stop(&sc->sc_bstpcallout);
507 lwkt_serialize_exit(ifp->if_serializer);
510 LIST_REMOVE(sc, sc_list);
515 /* Tear down the routing table. */
516 bridge_rtable_fini(sc);
524 * Handle a control request from the operator.
527 bridge_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
529 struct bridge_softc *sc = ifp->if_softc;
531 struct ifbreq ifbreq;
532 struct ifbifconf ifbifconf;
533 struct ifbareq ifbareq;
534 struct ifbaconf ifbaconf;
535 struct ifbrparam ifbrparam;
537 struct ifdrv *ifd = (struct ifdrv *) data;
538 const struct bridge_control *bc;
541 ASSERT_SERIALIZED(ifp->if_serializer);
550 if (ifd->ifd_cmd >= bridge_control_table_size) {
554 bc = &bridge_control_table[ifd->ifd_cmd];
556 if (cmd == SIOCGDRVSPEC &&
557 (bc->bc_flags & BC_F_COPYOUT) == 0) {
560 } else if (cmd == SIOCSDRVSPEC &&
561 (bc->bc_flags & BC_F_COPYOUT) != 0) {
566 if (bc->bc_flags & BC_F_SUSER) {
567 error = suser_cred(cr, NULL_CRED_OKAY);
572 if (ifd->ifd_len != bc->bc_argsize ||
573 ifd->ifd_len > sizeof(args)) {
578 memset(&args, 0, sizeof(args));
579 if (bc->bc_flags & BC_F_COPYIN) {
580 error = copyin(ifd->ifd_data, &args, ifd->ifd_len);
585 error = bc->bc_func(sc, &args);
589 if (bc->bc_flags & BC_F_COPYOUT)
590 error = copyout(&args, ifd->ifd_data, ifd->ifd_len);
594 if (!(ifp->if_flags & IFF_UP) &&
595 (ifp->if_flags & IFF_RUNNING)) {
597 * If interface is marked down and it is running,
601 } else if ((ifp->if_flags & IFF_UP) &&
602 !(ifp->if_flags & IFF_RUNNING)) {
604 * If interface is marked up and it is stopped, then
612 /* Do not allow the MTU to be changed on the bridge */
617 error = ether_ioctl(ifp, cmd, data);
626 * Clear or restore unwanted capabilities on the member interface
629 bridge_mutecaps(struct bridge_iflist *bif, int mute)
631 struct ifnet *ifp = bif->bif_ifp;
635 if (ifp->if_ioctl == NULL)
638 bzero(&ifr, sizeof(ifr));
639 ifr.ifr_reqcap = ifp->if_capenable;
642 /* mask off and save capabilities */
643 bif->bif_mutecap = ifr.ifr_reqcap & BRIDGE_IFCAPS_MASK;
644 if (bif->bif_mutecap != 0)
645 ifr.ifr_reqcap &= ~BRIDGE_IFCAPS_MASK;
647 /* restore muted capabilities */
648 ifr.ifr_reqcap |= bif->bif_mutecap;
650 if (bif->bif_mutecap != 0) {
651 lwkt_serialize_enter(ifp->if_serializer);
652 error = (*ifp->if_ioctl)(ifp, SIOCSIFCAP, (caddr_t)&ifr, NULL);
653 lwkt_serialize_exit(ifp->if_serializer);
658 * bridge_lookup_member:
660 * Lookup a bridge member interface.
662 static struct bridge_iflist *
663 bridge_lookup_member(struct bridge_softc *sc, const char *name)
665 struct bridge_iflist *bif;
668 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
670 if (strcmp(ifp->if_xname, name) == 0)
678 * bridge_lookup_member_if:
680 * Lookup a bridge member interface by ifnet*.
682 static struct bridge_iflist *
683 bridge_lookup_member_if(struct bridge_softc *sc, struct ifnet *member_ifp)
685 struct bridge_iflist *bif;
687 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
688 if (bif->bif_ifp == member_ifp)
696 * bridge_delete_member:
698 * Delete the specified member interface.
701 bridge_delete_member(struct bridge_softc *sc, struct bridge_iflist *bif,
704 struct ifnet *ifs = bif->bif_ifp;
707 switch (ifs->if_type) {
711 * Take the interface out of promiscuous mode.
713 (void) ifpromisc(ifs, 0);
714 bridge_mutecaps(bif, 0);
722 panic("bridge_delete_member: impossible");
728 ifs->if_bridge = NULL;
729 LIST_REMOVE(bif, bif_next);
731 bridge_rtdelete(sc, ifs, IFBF_FLUSHALL);
733 kfree(bif, M_DEVBUF);
735 if (sc->sc_ifp->if_flags & IFF_RUNNING)
736 bstp_initialization(sc);
740 * bridge_delete_span:
742 * Delete the specified span interface.
745 bridge_delete_span(struct bridge_softc *sc, struct bridge_iflist *bif)
747 KASSERT(bif->bif_ifp->if_bridge == NULL,
748 ("%s: not a span interface", __func__));
750 LIST_REMOVE(bif, bif_next);
751 kfree(bif, M_DEVBUF);
755 bridge_ioctl_add(struct bridge_softc *sc, void *arg)
757 struct ifbreq *req = arg;
758 struct bridge_iflist *bif = NULL;
762 ifs = ifunit(req->ifbr_ifsname);
766 /* If it's in the span list, it can't be a member. */
767 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
768 if (ifs == bif->bif_ifp)
771 /* Allow the first Ethernet member to define the MTU */
772 if (ifs->if_type != IFT_GIF) {
773 if (LIST_EMPTY(&sc->sc_iflist))
774 sc->sc_ifp->if_mtu = ifs->if_mtu;
775 else if (sc->sc_ifp->if_mtu != ifs->if_mtu) {
776 if_printf(sc->sc_ifp, "invalid MTU for %s\n",
782 if (ifs->if_bridge == sc)
785 if (ifs->if_bridge != NULL)
788 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK|M_ZERO);
790 bif->bif_flags = IFBIF_LEARNING | IFBIF_DISCOVER;
791 bif->bif_priority = BSTP_DEFAULT_PORT_PRIORITY;
792 bif->bif_path_cost = BSTP_DEFAULT_PATH_COST;
794 switch (ifs->if_type) {
798 * Place the interface into promiscuous mode.
800 error = ifpromisc(ifs, 1);
804 bridge_mutecaps(bif, 1);
807 case IFT_GIF: /* :^) */
817 LIST_INSERT_HEAD(&sc->sc_iflist, bif, bif_next);
819 if (sc->sc_ifp->if_flags & IFF_RUNNING)
820 bstp_initialization(sc);
827 kfree(bif, M_DEVBUF);
833 bridge_ioctl_del(struct bridge_softc *sc, void *arg)
835 struct ifbreq *req = arg;
836 struct bridge_iflist *bif;
838 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
842 bridge_delete_member(sc, bif, 0);
848 bridge_ioctl_gifflags(struct bridge_softc *sc, void *arg)
850 struct ifbreq *req = arg;
851 struct bridge_iflist *bif;
853 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
857 req->ifbr_ifsflags = bif->bif_flags;
858 req->ifbr_state = bif->bif_state;
859 req->ifbr_priority = bif->bif_priority;
860 req->ifbr_path_cost = bif->bif_path_cost;
861 req->ifbr_portno = bif->bif_ifp->if_index & 0xff;
867 bridge_ioctl_sifflags(struct bridge_softc *sc, void *arg)
869 struct ifbreq *req = arg;
870 struct bridge_iflist *bif;
872 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
876 if (req->ifbr_ifsflags & IFBIF_SPAN)
877 /* SPAN is readonly */
880 if (req->ifbr_ifsflags & IFBIF_STP) {
881 switch (bif->bif_ifp->if_type) {
883 /* These can do spanning tree. */
887 /* Nothing else can. */
892 bif->bif_flags = req->ifbr_ifsflags;
894 if (sc->sc_ifp->if_flags & IFF_RUNNING)
895 bstp_initialization(sc);
901 bridge_ioctl_scache(struct bridge_softc *sc, void *arg)
903 struct ifbrparam *param = arg;
905 sc->sc_brtmax = param->ifbrp_csize;
912 bridge_ioctl_gcache(struct bridge_softc *sc, void *arg)
914 struct ifbrparam *param = arg;
916 param->ifbrp_csize = sc->sc_brtmax;
922 bridge_ioctl_gifs(struct bridge_softc *sc, void *arg)
924 struct ifbifconf *bifc = arg;
925 struct bridge_iflist *bif;
927 int count, len, error = 0;
930 LIST_FOREACH(bif, &sc->sc_iflist, bif_next)
932 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
935 if (bifc->ifbic_len == 0) {
936 bifc->ifbic_len = sizeof(breq) * count;
941 len = bifc->ifbic_len;
942 memset(&breq, 0, sizeof breq);
943 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
944 if (len < sizeof(breq))
947 strlcpy(breq.ifbr_ifsname, bif->bif_ifp->if_xname,
948 sizeof(breq.ifbr_ifsname));
949 breq.ifbr_ifsflags = bif->bif_flags;
950 breq.ifbr_state = bif->bif_state;
951 breq.ifbr_priority = bif->bif_priority;
952 breq.ifbr_path_cost = bif->bif_path_cost;
953 breq.ifbr_portno = bif->bif_ifp->if_index & 0xff;
954 error = copyout(&breq, bifc->ifbic_req + count, sizeof(breq));
960 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
961 if (len < sizeof(breq))
964 strlcpy(breq.ifbr_ifsname, bif->bif_ifp->if_xname,
965 sizeof(breq.ifbr_ifsname));
966 breq.ifbr_ifsflags = bif->bif_flags;
967 breq.ifbr_state = bif->bif_state;
968 breq.ifbr_priority = bif->bif_priority;
969 breq.ifbr_path_cost = bif->bif_path_cost;
970 breq.ifbr_portno = bif->bif_ifp->if_index & 0xff;
971 error = copyout(&breq, bifc->ifbic_req + count, sizeof(breq));
978 bifc->ifbic_len = sizeof(breq) * count;
983 bridge_ioctl_rts(struct bridge_softc *sc, void *arg)
985 struct ifbaconf *bac = arg;
986 struct bridge_rtnode *brt;
987 struct ifbareq bareq;
988 int count = 0, error = 0, len;
990 if (bac->ifbac_len == 0)
993 len = bac->ifbac_len;
994 memset(&bareq, 0, sizeof(bareq));
995 LIST_FOREACH(brt, &sc->sc_rtlist, brt_list) {
996 if (len < sizeof(bareq))
998 strlcpy(bareq.ifba_ifsname, brt->brt_ifp->if_xname,
999 sizeof(bareq.ifba_ifsname));
1000 memcpy(bareq.ifba_dst, brt->brt_addr, sizeof(brt->brt_addr));
1001 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
1002 time_second < brt->brt_expire)
1003 bareq.ifba_expire = brt->brt_expire - time_second;
1005 bareq.ifba_expire = 0;
1006 bareq.ifba_flags = brt->brt_flags;
1008 error = copyout(&bareq, bac->ifbac_req + count, sizeof(bareq));
1012 len -= sizeof(bareq);
1015 bac->ifbac_len = sizeof(bareq) * count;
1020 bridge_ioctl_saddr(struct bridge_softc *sc, void *arg)
1022 struct ifbareq *req = arg;
1023 struct bridge_iflist *bif;
1026 bif = bridge_lookup_member(sc, req->ifba_ifsname);
1030 error = bridge_rtupdate(sc, req->ifba_dst, bif->bif_ifp, 1,
1037 bridge_ioctl_sto(struct bridge_softc *sc, void *arg)
1039 struct ifbrparam *param = arg;
1041 sc->sc_brttimeout = param->ifbrp_ctime;
1047 bridge_ioctl_gto(struct bridge_softc *sc, void *arg)
1049 struct ifbrparam *param = arg;
1051 param->ifbrp_ctime = sc->sc_brttimeout;
1057 bridge_ioctl_daddr(struct bridge_softc *sc, void *arg)
1059 struct ifbareq *req = arg;
1061 return (bridge_rtdaddr(sc, req->ifba_dst));
1065 bridge_ioctl_flush(struct bridge_softc *sc, void *arg)
1067 struct ifbreq *req = arg;
1069 bridge_rtflush(sc, req->ifbr_ifsflags);
1075 bridge_ioctl_gpri(struct bridge_softc *sc, void *arg)
1077 struct ifbrparam *param = arg;
1079 param->ifbrp_prio = sc->sc_bridge_priority;
1085 bridge_ioctl_spri(struct bridge_softc *sc, void *arg)
1087 struct ifbrparam *param = arg;
1089 sc->sc_bridge_priority = param->ifbrp_prio;
1091 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1092 bstp_initialization(sc);
1098 bridge_ioctl_ght(struct bridge_softc *sc, void *arg)
1100 struct ifbrparam *param = arg;
1102 param->ifbrp_hellotime = sc->sc_bridge_hello_time >> 8;
1108 bridge_ioctl_sht(struct bridge_softc *sc, void *arg)
1110 struct ifbrparam *param = arg;
1112 if (param->ifbrp_hellotime == 0)
1114 sc->sc_bridge_hello_time = param->ifbrp_hellotime << 8;
1116 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1117 bstp_initialization(sc);
1123 bridge_ioctl_gfd(struct bridge_softc *sc, void *arg)
1125 struct ifbrparam *param = arg;
1127 param->ifbrp_fwddelay = sc->sc_bridge_forward_delay >> 8;
1133 bridge_ioctl_sfd(struct bridge_softc *sc, void *arg)
1135 struct ifbrparam *param = arg;
1137 if (param->ifbrp_fwddelay == 0)
1139 sc->sc_bridge_forward_delay = param->ifbrp_fwddelay << 8;
1141 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1142 bstp_initialization(sc);
1148 bridge_ioctl_gma(struct bridge_softc *sc, void *arg)
1150 struct ifbrparam *param = arg;
1152 param->ifbrp_maxage = sc->sc_bridge_max_age >> 8;
1158 bridge_ioctl_sma(struct bridge_softc *sc, void *arg)
1160 struct ifbrparam *param = arg;
1162 if (param->ifbrp_maxage == 0)
1164 sc->sc_bridge_max_age = param->ifbrp_maxage << 8;
1166 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1167 bstp_initialization(sc);
1173 bridge_ioctl_sifprio(struct bridge_softc *sc, void *arg)
1175 struct ifbreq *req = arg;
1176 struct bridge_iflist *bif;
1178 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1182 bif->bif_priority = req->ifbr_priority;
1184 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1185 bstp_initialization(sc);
1191 bridge_ioctl_sifcost(struct bridge_softc *sc, void *arg)
1193 struct ifbreq *req = arg;
1194 struct bridge_iflist *bif;
1196 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1200 bif->bif_path_cost = req->ifbr_path_cost;
1202 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1203 bstp_initialization(sc);
1209 bridge_ioctl_addspan(struct bridge_softc *sc, void *arg)
1211 struct ifbreq *req = arg;
1212 struct bridge_iflist *bif = NULL;
1215 ifs = ifunit(req->ifbr_ifsname);
1219 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1220 if (ifs == bif->bif_ifp)
1223 if (ifs->if_bridge != NULL)
1226 switch (ifs->if_type) {
1235 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK|M_ZERO);
1240 bif->bif_flags = IFBIF_SPAN;
1242 LIST_INSERT_HEAD(&sc->sc_spanlist, bif, bif_next);
1248 bridge_ioctl_delspan(struct bridge_softc *sc, void *arg)
1250 struct ifbreq *req = arg;
1251 struct bridge_iflist *bif;
1254 ifs = ifunit(req->ifbr_ifsname);
1258 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1259 if (ifs == bif->bif_ifp)
1265 bridge_delete_span(sc, bif);
1273 * Detach an interface from a bridge. Called when a member
1274 * interface is detaching.
1277 bridge_ifdetach(void *arg __unused, struct ifnet *ifp)
1279 struct bridge_softc *sc = ifp->if_bridge;
1280 struct bridge_iflist *bif;
1282 /* Check if the interface is a bridge member */
1284 lwkt_serialize_enter(ifp->if_serializer);
1286 bif = bridge_lookup_member_if(sc, ifp);
1288 bridge_delete_member(sc, bif, 1);
1290 lwkt_serialize_exit(ifp->if_serializer);
1294 /* Check if the interface is a span port */
1295 LIST_FOREACH(sc, &bridge_list, sc_list) {
1296 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1297 if (ifp == bif->bif_ifp) {
1298 bridge_delete_span(sc, bif);
1307 * Initialize a bridge interface.
1310 bridge_init(void *xsc)
1312 struct bridge_softc *sc = (struct bridge_softc *)xsc;
1313 struct ifnet *ifp = sc->sc_ifp;
1315 ASSERT_SERIALIZED(ifp->if_serializer);
1317 if (ifp->if_flags & IFF_RUNNING)
1320 callout_reset(&sc->sc_brcallout, bridge_rtable_prune_period * hz,
1323 ifp->if_flags |= IFF_RUNNING;
1324 bstp_initialization(sc);
1331 * Stop the bridge interface.
1334 bridge_stop(struct ifnet *ifp)
1336 struct bridge_softc *sc = ifp->if_softc;
1338 ASSERT_SERIALIZED(ifp->if_serializer);
1340 if ((ifp->if_flags & IFF_RUNNING) == 0)
1343 callout_stop(&sc->sc_brcallout);
1346 bridge_rtflush(sc, IFBF_FLUSHDYN);
1348 ifp->if_flags &= ~IFF_RUNNING;
1354 * Enqueue a packet on a bridge member interface.
1358 bridge_enqueue(struct bridge_softc *sc, struct ifnet *dst_ifp, struct mbuf *m)
1360 struct altq_pktattr pktattr;
1363 while (m->m_type == MT_TAG) {
1364 /* XXX see ether_output_frame for full rules check */
1368 lwkt_serialize_enter(dst_ifp->if_serializer);
1370 /* We may be sending a fragment so traverse the mbuf */
1373 m->m_nextpkt = NULL;
1375 if (ifq_is_enabled(&dst_ifp->if_snd))
1376 altq_etherclassify(&dst_ifp->if_snd, m, &pktattr);
1378 ifq_handoff(dst_ifp, m, &pktattr);
1381 lwkt_serialize_exit(dst_ifp->if_serializer);
1385 * bridge_output_serialized:
1387 * Send output from a bridge member interface. This
1388 * performs the bridging function for locally originated
1391 * The mbuf has the Ethernet header already attached. We must
1392 * enqueue or free the mbuf before returning.
1395 bridge_output_serialized(struct ifnet *ifp, struct mbuf *m,
1396 struct sockaddr *sa, struct rtentry *rt)
1398 struct ether_header *eh;
1399 struct ifnet *dst_if;
1400 struct bridge_softc *sc;
1402 sc = ifp->if_bridge;
1404 ASSERT_SERIALIZED(ifp->if_serializer);
1406 if (m->m_len < ETHER_HDR_LEN) {
1407 m = m_pullup(m, ETHER_HDR_LEN);
1413 * Serialize our bridge interface. We have to get rid of the
1414 * originating interface lock to avoid a deadlock.
1416 lwkt_serialize_exit(ifp->if_serializer);
1417 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
1419 eh = mtod(m, struct ether_header *);
1422 * If bridge is down, but the original output interface is up,
1423 * go ahead and send out that interface. Otherwise, the packet
1426 if ((sc->sc_ifp->if_flags & IFF_RUNNING) == 0) {
1432 * If the packet is a multicast, or we don't know a better way to
1433 * get there, send to all interfaces.
1435 if (ETHER_IS_MULTICAST(eh->ether_dhost))
1438 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1439 if (dst_if == NULL) {
1440 struct bridge_iflist *bif;
1446 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1447 dst_if = bif->bif_ifp;
1448 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1452 * If this is not the original output interface,
1453 * and the interface is participating in spanning
1454 * tree, make sure the port is in a state that
1455 * allows forwarding.
1457 if (dst_if != ifp &&
1458 (bif->bif_flags & IFBIF_STP) != 0) {
1459 switch (bif->bif_state) {
1460 case BSTP_IFSTATE_BLOCKING:
1461 case BSTP_IFSTATE_LISTENING:
1462 case BSTP_IFSTATE_DISABLED:
1467 if (LIST_NEXT(bif, bif_next) == NULL) {
1471 mc = m_copypacket(m, MB_DONTWAIT);
1473 sc->sc_ifp->if_oerrors++;
1477 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
1478 bridge_enqueue(sc, dst_if, mc);
1479 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
1483 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
1489 * XXX Spanning tree consideration here?
1493 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
1494 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
1497 bridge_enqueue(sc, dst_if, m);
1500 lwkt_serialize_enter(ifp->if_serializer);
1507 * Start output on a bridge.
1511 bridge_start(struct ifnet *ifp)
1513 struct bridge_softc *sc = ifp->if_softc;
1515 ASSERT_SERIALIZED(ifp->if_serializer);
1517 ifp->if_flags |= IFF_OACTIVE;
1519 struct ifnet *dst_if = NULL;
1520 struct ether_header *eh;
1523 m = ifq_dequeue(&ifp->if_snd, NULL);
1527 if (m->m_len < sizeof(*eh)) {
1528 m = m_pullup(m, sizeof(*eh));
1534 eh = mtod(m, struct ether_header *);
1539 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0)
1540 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1543 bridge_broadcast(sc, ifp, m, 0);
1545 bridge_enqueue(sc, dst_if, m);
1547 ifp->if_flags &= ~IFF_OACTIVE;
1553 * The forwarding function of the bridge.
1556 bridge_forward(struct bridge_softc *sc, struct mbuf *m)
1558 struct bridge_iflist *bif;
1559 struct ifnet *src_if, *dst_if, *ifp;
1560 struct ether_header *eh;
1562 src_if = m->m_pkthdr.rcvif;
1565 ASSERT_SERIALIZED(ifp->if_serializer);
1567 sc->sc_ifp->if_ipackets++;
1568 sc->sc_ifp->if_ibytes += m->m_pkthdr.len;
1571 * Look up the bridge_iflist.
1573 bif = bridge_lookup_member_if(sc, src_if);
1575 /* Interface is not a bridge member (anymore?) */
1580 if (bif->bif_flags & IFBIF_STP) {
1581 switch (bif->bif_state) {
1582 case BSTP_IFSTATE_BLOCKING:
1583 case BSTP_IFSTATE_LISTENING:
1584 case BSTP_IFSTATE_DISABLED:
1590 eh = mtod(m, struct ether_header *);
1593 * Various ifp's are used below, release the serializer for
1594 * the bridge ifp so other ifp serializers can be acquired.
1596 lwkt_serialize_exit(ifp->if_serializer);
1599 * If the interface is learning, and the source
1600 * address is valid and not multicast, record
1603 if ((bif->bif_flags & IFBIF_LEARNING) != 0 &&
1604 ETHER_IS_MULTICAST(eh->ether_shost) == 0 &&
1605 (eh->ether_shost[0] == 0 &&
1606 eh->ether_shost[1] == 0 &&
1607 eh->ether_shost[2] == 0 &&
1608 eh->ether_shost[3] == 0 &&
1609 eh->ether_shost[4] == 0 &&
1610 eh->ether_shost[5] == 0) == 0) {
1611 bridge_rtupdate(sc, eh->ether_shost, src_if, 0, IFBAF_DYNAMIC);
1614 if ((bif->bif_flags & IFBIF_STP) != 0 &&
1615 bif->bif_state == BSTP_IFSTATE_LEARNING) {
1621 * At this point, the port either doesn't participate
1622 * in spanning tree or it is in the forwarding state.
1626 * If the packet is unicast, destined for someone on
1627 * "this" side of the bridge, drop it.
1629 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) {
1630 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1631 if (src_if == dst_if) {
1636 /* ...forward it to all interfaces. */
1637 sc->sc_ifp->if_imcasts++;
1641 /* run the packet filter */
1642 if (inet_pfil_hook.ph_hashooks > 0
1644 || inet6_pfil_hook.ph_hashooks > 0
1647 if (bridge_pfil(&m, ifp, src_if, PFIL_IN) != 0)
1653 if (dst_if == NULL) {
1654 bridge_broadcast(sc, src_if, m, 1);
1659 * At this point, we're dealing with a unicast frame
1660 * going to a different interface.
1662 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
1666 bif = bridge_lookup_member_if(sc, dst_if);
1668 /* Not a member of the bridge (anymore?) */
1673 if (bif->bif_flags & IFBIF_STP) {
1674 switch (bif->bif_state) {
1675 case BSTP_IFSTATE_DISABLED:
1676 case BSTP_IFSTATE_BLOCKING:
1682 if (inet_pfil_hook.ph_hashooks > 0
1684 || inet6_pfil_hook.ph_hashooks > 0
1687 if (bridge_pfil(&m, sc->sc_ifp, dst_if, PFIL_OUT) != 0)
1692 bridge_enqueue(sc, dst_if, m);
1695 * ifp's serializer was held on entry and is expected to be held
1699 lwkt_serialize_enter(ifp->if_serializer);
1705 * Receive input from a member interface. Queue the packet for
1706 * bridging if it is not for us.
1708 static struct mbuf *
1709 bridge_input(struct ifnet *ifp, struct mbuf *m)
1711 struct bridge_softc *sc = ifp->if_bridge;
1712 struct bridge_iflist *bif;
1713 struct ifnet *bifp, *new_ifp;
1714 struct ether_header *eh;
1715 struct mbuf *mc, *mc2;
1720 lwkt_serialize_enter(bifp->if_serializer);
1722 if ((bifp->if_flags & IFF_RUNNING) == 0)
1726 * Implement support for bridge monitoring. If this flag has been
1727 * set on this interface, discard the packet once we push it through
1728 * the bpf(4) machinery, but before we do, increment the byte and
1729 * packet counters associated with this interface.
1731 if ((bifp->if_flags & IFF_MONITOR) != 0) {
1732 m->m_pkthdr.rcvif = bifp;
1734 bifp->if_ipackets++;
1735 bifp->if_ibytes += m->m_pkthdr.len;
1741 eh = mtod(m, struct ether_header *);
1743 m->m_flags &= ~M_PROTO1; /* XXX Hack - loop prevention */
1745 if (memcmp(eh->ether_dhost, IF_LLADDR(bifp), ETHER_ADDR_LEN) == 0) {
1747 * If the packet is for us, set the packets source as the
1748 * bridge, and return the packet back to ifnet.if_input for
1751 KASSERT(bifp->if_bridge == NULL,
1752 ("loop created in bridge_input"));
1758 * Tap all packets arriving on the bridge, no matter if
1759 * they are local destinations or not. In is in.
1763 bif = bridge_lookup_member_if(sc, ifp);
1769 if (ETHER_IS_MULTICAST(eh->ether_dhost)) {
1770 /* Tap off 802.1D packets; they do not get forwarded. */
1771 if (memcmp(eh->ether_dhost, bstp_etheraddr,
1772 ETHER_ADDR_LEN) == 0) {
1773 m = bstp_input(ifp, m);
1775 ("attempt to deliver 802.1D packet\n"));
1779 if (bif->bif_flags & IFBIF_STP) {
1780 switch (bif->bif_state) {
1781 case BSTP_IFSTATE_BLOCKING:
1782 case BSTP_IFSTATE_LISTENING:
1783 case BSTP_IFSTATE_DISABLED:
1788 if (bcmp(etherbroadcastaddr, eh->ether_dhost,
1789 sizeof(etherbroadcastaddr)) == 0)
1790 m->m_flags |= M_BCAST;
1792 m->m_flags |= M_MCAST;
1795 * Make a deep copy of the packet and enqueue the copy
1796 * for bridge processing; return the original packet for
1799 mc = m_dup(m, MB_DONTWAIT);
1803 bridge_forward(sc, mc);
1806 * Reinject the mbuf as arriving on the bridge so we have a
1807 * chance at claiming multicast packets. We can not loop back
1808 * here from ether_input as a bridge is never a member of a
1811 KASSERT(bifp->if_bridge == NULL,
1812 ("loop created in bridge_input"));
1813 mc2 = m_dup(m, MB_DONTWAIT);
1816 /* Keep the layer3 header aligned */
1817 int i = min(mc2->m_pkthdr.len, max_protohdr);
1818 mc2 = m_copyup(mc2, i, ETHER_ALIGN);
1822 mc2->m_pkthdr.rcvif = bifp;
1823 bifp->if_ipackets++;
1824 bifp->if_input(bifp, mc2);
1827 /* Return the original packet for local processing. */
1831 if (bif->bif_flags & IFBIF_STP) {
1832 switch (bif->bif_state) {
1833 case BSTP_IFSTATE_BLOCKING:
1834 case BSTP_IFSTATE_LISTENING:
1835 case BSTP_IFSTATE_DISABLED:
1841 * Unicast. Make sure it's not for us.
1843 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1844 if (bif->bif_ifp->if_type != IFT_ETHER)
1847 /* It is destined for us. */
1848 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_dhost,
1849 ETHER_ADDR_LEN) == 0) {
1850 if (bif->bif_flags & IFBIF_LEARNING) {
1852 eh->ether_shost, ifp, 0, IFBAF_DYNAMIC);
1855 m->m_flags |= M_PROTO1; /* XXX loop prevention */
1856 new_ifp = bif->bif_ifp;
1860 /* We just received a packet that we sent out. */
1861 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_shost,
1862 ETHER_ADDR_LEN) == 0) {
1869 /* Perform the bridge forwarding function. */
1870 bridge_forward(sc, m);
1873 lwkt_serialize_exit(bifp->if_serializer);
1875 if (new_ifp != NULL) {
1876 lwkt_serialize_enter(new_ifp->if_serializer);
1878 m->m_pkthdr.rcvif = new_ifp;
1879 new_ifp->if_ipackets++;
1880 new_ifp->if_input(new_ifp, m);
1883 lwkt_serialize_exit(new_ifp->if_serializer);
1891 * Send a frame to all interfaces that are members of
1892 * the bridge, except for the one on which the packet
1896 bridge_broadcast(struct bridge_softc *sc, struct ifnet *src_if,
1897 struct mbuf *m, int runfilt)
1899 struct bridge_iflist *bif;
1901 struct ifnet *dst_if;
1904 /* Filter on the bridge interface before broadcasting */
1905 if (runfilt && (inet_pfil_hook.ph_hashooks > 0
1907 || inet6_pfil_hook.ph_hashooks > 0
1910 if (bridge_pfil(&m, sc->sc_ifp, NULL, PFIL_OUT) != 0)
1916 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1917 dst_if = bif->bif_ifp;
1918 if (dst_if == src_if)
1921 if (bif->bif_flags & IFBIF_STP) {
1922 switch (bif->bif_state) {
1923 case BSTP_IFSTATE_BLOCKING:
1924 case BSTP_IFSTATE_DISABLED:
1929 if ((bif->bif_flags & IFBIF_DISCOVER) == 0 &&
1930 (m->m_flags & (M_BCAST|M_MCAST)) == 0)
1933 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1936 if (LIST_NEXT(bif, bif_next) == NULL) {
1940 mc = m_copypacket(m, MB_DONTWAIT);
1942 sc->sc_ifp->if_oerrors++;
1948 * Filter on the output interface. Pass a NULL bridge interface
1949 * pointer so we do not redundantly filter on the bridge for
1950 * each interface we broadcast on.
1952 if (runfilt && (inet_pfil_hook.ph_hashooks > 0
1954 || inet6_pfil_hook.ph_hashooks > 0
1957 if (bridge_pfil(&mc, NULL, dst_if, PFIL_OUT) != 0)
1963 bridge_enqueue(sc, dst_if, mc);
1972 * Duplicate a packet out one or more interfaces that are in span mode,
1973 * the original mbuf is unmodified.
1976 bridge_span(struct bridge_softc *sc, struct mbuf *m)
1978 struct bridge_iflist *bif;
1979 struct ifnet *dst_if;
1982 if (LIST_EMPTY(&sc->sc_spanlist))
1985 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
1986 dst_if = bif->bif_ifp;
1988 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1991 mc = m_copypacket(m, MB_DONTWAIT);
1993 sc->sc_ifp->if_oerrors++;
1997 bridge_enqueue(sc, dst_if, mc);
2004 * Add a bridge routing entry.
2005 * Can be called from interrupt context.
2008 bridge_rtupdate(struct bridge_softc *sc, const uint8_t *dst,
2009 struct ifnet *dst_if, int setflags, uint8_t flags)
2011 struct bridge_rtnode *brt;
2015 * A route for this destination might already exist. If so,
2016 * update it, otherwise create a new one.
2018 if ((brt = bridge_rtnode_lookup(sc, dst)) == NULL) {
2019 if (sc->sc_brtcnt >= sc->sc_brtmax)
2023 * Allocate a new bridge forwarding node, and
2024 * initialize the expiration time and Ethernet
2027 brt = kmalloc(sizeof(struct bridge_rtnode), M_DEVBUF,
2028 M_INTNOWAIT|M_ZERO);
2032 brt->brt_flags = IFBAF_DYNAMIC;
2033 memcpy(brt->brt_addr, dst, ETHER_ADDR_LEN);
2035 if ((error = bridge_rtnode_insert(sc, brt)) != 0) {
2036 kfree(brt, M_DEVBUF);
2041 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2042 brt->brt_ifp = dst_if;
2043 if ((flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2044 brt->brt_expire = time_second + sc->sc_brttimeout;
2046 brt->brt_flags = flags;
2054 * Lookup the destination interface for an address.
2056 static struct ifnet *
2057 bridge_rtlookup(struct bridge_softc *sc, const uint8_t *addr)
2059 struct bridge_rtnode *brt;
2061 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
2064 return (brt->brt_ifp);
2070 * Trim the routine table so that we have a number
2071 * of routing entries less than or equal to the
2075 bridge_rttrim(struct bridge_softc *sc)
2077 struct bridge_rtnode *brt, *nbrt;
2079 /* Make sure we actually need to do this. */
2080 if (sc->sc_brtcnt <= sc->sc_brtmax)
2083 /* Force an aging cycle; this might trim enough addresses. */
2085 if (sc->sc_brtcnt <= sc->sc_brtmax)
2088 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2089 nbrt = LIST_NEXT(brt, brt_list);
2090 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2091 bridge_rtnode_destroy(sc, brt);
2092 if (sc->sc_brtcnt <= sc->sc_brtmax)
2101 * Aging timer for the bridge.
2104 bridge_timer(void *arg)
2106 struct bridge_softc *sc = arg;
2108 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
2112 if (sc->sc_ifp->if_flags & IFF_RUNNING)
2113 callout_reset(&sc->sc_brcallout,
2114 bridge_rtable_prune_period * hz, bridge_timer, sc);
2116 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
2122 * Perform an aging cycle.
2125 bridge_rtage(struct bridge_softc *sc)
2127 struct bridge_rtnode *brt, *nbrt;
2129 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2130 nbrt = LIST_NEXT(brt, brt_list);
2131 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2132 if (time_second >= brt->brt_expire)
2133 bridge_rtnode_destroy(sc, brt);
2141 * Remove all dynamic addresses from the bridge.
2144 bridge_rtflush(struct bridge_softc *sc, int full)
2146 struct bridge_rtnode *brt, *nbrt;
2148 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2149 nbrt = LIST_NEXT(brt, brt_list);
2150 if (full || (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2151 bridge_rtnode_destroy(sc, brt);
2158 * Remove an address from the table.
2161 bridge_rtdaddr(struct bridge_softc *sc, const uint8_t *addr)
2163 struct bridge_rtnode *brt;
2165 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
2168 bridge_rtnode_destroy(sc, brt);
2175 * Delete routes to a speicifc member interface.
2178 bridge_rtdelete(struct bridge_softc *sc, struct ifnet *ifp, int full)
2180 struct bridge_rtnode *brt, *nbrt;
2182 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2183 nbrt = LIST_NEXT(brt, brt_list);
2184 if (brt->brt_ifp == ifp && (full ||
2185 (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC))
2186 bridge_rtnode_destroy(sc, brt);
2191 * bridge_rtable_init:
2193 * Initialize the route table for this bridge.
2196 bridge_rtable_init(struct bridge_softc *sc)
2200 sc->sc_rthash = kmalloc(sizeof(*sc->sc_rthash) * BRIDGE_RTHASH_SIZE,
2201 M_DEVBUF, M_WAITOK);
2203 for (i = 0; i < BRIDGE_RTHASH_SIZE; i++)
2204 LIST_INIT(&sc->sc_rthash[i]);
2206 sc->sc_rthash_key = karc4random();
2208 LIST_INIT(&sc->sc_rtlist);
2214 * bridge_rtable_fini:
2216 * Deconstruct the route table for this bridge.
2219 bridge_rtable_fini(struct bridge_softc *sc)
2222 kfree(sc->sc_rthash, M_DEVBUF);
2226 * The following hash function is adapted from "Hash Functions" by Bob Jenkins
2227 * ("Algorithm Alley", Dr. Dobbs Journal, September 1997).
2229 #define mix(a, b, c) \
2231 a -= b; a -= c; a ^= (c >> 13); \
2232 b -= c; b -= a; b ^= (a << 8); \
2233 c -= a; c -= b; c ^= (b >> 13); \
2234 a -= b; a -= c; a ^= (c >> 12); \
2235 b -= c; b -= a; b ^= (a << 16); \
2236 c -= a; c -= b; c ^= (b >> 5); \
2237 a -= b; a -= c; a ^= (c >> 3); \
2238 b -= c; b -= a; b ^= (a << 10); \
2239 c -= a; c -= b; c ^= (b >> 15); \
2240 } while (/*CONSTCOND*/0)
2242 static __inline uint32_t
2243 bridge_rthash(struct bridge_softc *sc, const uint8_t *addr)
2245 uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = sc->sc_rthash_key;
2256 return (c & BRIDGE_RTHASH_MASK);
2262 bridge_rtnode_addr_cmp(const uint8_t *a, const uint8_t *b)
2266 for (i = 0, d = 0; i < ETHER_ADDR_LEN && d == 0; i++) {
2267 d = ((int)a[i]) - ((int)b[i]);
2274 * bridge_rtnode_lookup:
2276 * Look up a bridge route node for the specified destination.
2278 static struct bridge_rtnode *
2279 bridge_rtnode_lookup(struct bridge_softc *sc, const uint8_t *addr)
2281 struct bridge_rtnode *brt;
2285 hash = bridge_rthash(sc, addr);
2286 LIST_FOREACH(brt, &sc->sc_rthash[hash], brt_hash) {
2287 dir = bridge_rtnode_addr_cmp(addr, brt->brt_addr);
2298 * bridge_rtnode_insert:
2300 * Insert the specified bridge node into the route table. We
2301 * assume the entry is not already in the table.
2304 bridge_rtnode_insert(struct bridge_softc *sc, struct bridge_rtnode *brt)
2306 struct bridge_rtnode *lbrt;
2310 hash = bridge_rthash(sc, brt->brt_addr);
2312 lbrt = LIST_FIRST(&sc->sc_rthash[hash]);
2314 LIST_INSERT_HEAD(&sc->sc_rthash[hash], brt, brt_hash);
2319 dir = bridge_rtnode_addr_cmp(brt->brt_addr, lbrt->brt_addr);
2323 LIST_INSERT_BEFORE(lbrt, brt, brt_hash);
2326 if (LIST_NEXT(lbrt, brt_hash) == NULL) {
2327 LIST_INSERT_AFTER(lbrt, brt, brt_hash);
2330 lbrt = LIST_NEXT(lbrt, brt_hash);
2331 } while (lbrt != NULL);
2334 panic("bridge_rtnode_insert: impossible");
2338 LIST_INSERT_HEAD(&sc->sc_rtlist, brt, brt_list);
2345 * bridge_rtnode_destroy:
2347 * Destroy a bridge rtnode.
2350 bridge_rtnode_destroy(struct bridge_softc *sc, struct bridge_rtnode *brt)
2353 LIST_REMOVE(brt, brt_hash);
2355 LIST_REMOVE(brt, brt_list);
2357 kfree(brt, M_DEVBUF);
2361 * Send bridge packets through pfil if they are one of the types pfil can deal
2362 * with, or if they are ARP or REVARP. (pfil will pass ARP and REVARP without
2363 * question.) If *bifp or *ifp are NULL then packet filtering is skipped for
2367 bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
2369 int snap, error, i, hlen;
2370 struct ether_header *eh1, eh2;
2373 u_int16_t ether_type;
2376 error = -1; /* Default error if not error == 0 */
2378 if (pfil_bridge == 0 && pfil_member == 0)
2379 return (0); /* filtering is disabled */
2381 i = min((*mp)->m_pkthdr.len, max_protohdr);
2382 if ((*mp)->m_len < i) {
2383 *mp = m_pullup(*mp, i);
2385 kprintf("%s: m_pullup failed\n", __func__);
2390 eh1 = mtod(*mp, struct ether_header *);
2391 ether_type = ntohs(eh1->ether_type);
2394 * Check for SNAP/LLC.
2396 if (ether_type < ETHERMTU) {
2397 struct llc *llc2 = (struct llc *)(eh1 + 1);
2399 if ((*mp)->m_len >= ETHER_HDR_LEN + 8 &&
2400 llc2->llc_dsap == LLC_SNAP_LSAP &&
2401 llc2->llc_ssap == LLC_SNAP_LSAP &&
2402 llc2->llc_control == LLC_UI) {
2403 ether_type = htons(llc2->llc_un.type_snap.ether_type);
2409 * If we're trying to filter bridge traffic, don't look at anything
2410 * other than IP and ARP traffic. If the filter doesn't understand
2411 * IPv6, don't allow IPv6 through the bridge either. This is lame
2412 * since if we really wanted, say, an AppleTalk filter, we are hosed,
2413 * but of course we don't have an AppleTalk filter to begin with.
2414 * (Note that since pfil doesn't understand ARP it will pass *ALL*
2417 switch (ether_type) {
2419 case ETHERTYPE_REVARP:
2420 return (0); /* Automatically pass */
2423 case ETHERTYPE_IPV6:
2428 * Check to see if the user wants to pass non-ip
2429 * packets, these will not be checked by pfil(9) and
2430 * passed unconditionally so the default is to drop.
2436 /* Strip off the Ethernet header and keep a copy. */
2437 m_copydata(*mp, 0, ETHER_HDR_LEN, (caddr_t) &eh2);
2438 m_adj(*mp, ETHER_HDR_LEN);
2440 /* Strip off snap header, if present */
2442 m_copydata(*mp, 0, sizeof(struct llc), (caddr_t) &llc1);
2443 m_adj(*mp, sizeof(struct llc));
2447 * Check the IP header for alignment and errors
2449 if (dir == PFIL_IN) {
2450 switch (ether_type) {
2452 error = bridge_ip_checkbasic(mp);
2455 case ETHERTYPE_IPV6:
2456 error = bridge_ip6_checkbasic(mp);
2469 * Run the packet through pfil
2475 * before calling the firewall, swap fields the same as
2476 * IP does. here we assume the header is contiguous
2478 ip = mtod(*mp, struct ip *);
2480 ip->ip_len = ntohs(ip->ip_len);
2481 ip->ip_off = ntohs(ip->ip_off);
2484 * Run pfil on the member interface and the bridge, both can
2485 * be skipped by clearing pfil_member or pfil_bridge.
2488 * in_if -> bridge_if -> out_if
2490 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
2491 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp,
2494 if (*mp == NULL || error != 0) /* filter may consume */
2497 if (pfil_member && ifp != NULL)
2498 error = pfil_run_hooks(&inet_pfil_hook, mp, ifp,
2501 if (*mp == NULL || error != 0) /* filter may consume */
2504 if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
2505 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp,
2508 if (*mp == NULL || error != 0) /* filter may consume */
2511 /* check if we need to fragment the packet */
2512 if (pfil_member && ifp != NULL && dir == PFIL_OUT) {
2513 i = (*mp)->m_pkthdr.len;
2514 if (i > ifp->if_mtu) {
2515 error = bridge_fragment(ifp, *mp, &eh2, snap,
2521 /* Recalculate the ip checksum and restore byte ordering */
2522 ip = mtod(*mp, struct ip *);
2523 hlen = ip->ip_hl << 2;
2524 if (hlen < sizeof(struct ip))
2526 if (hlen > (*mp)->m_len) {
2527 if ((*mp = m_pullup(*mp, hlen)) == 0)
2529 ip = mtod(*mp, struct ip *);
2533 ip->ip_len = htons(ip->ip_len);
2534 ip->ip_off = htons(ip->ip_off);
2536 if (hlen == sizeof(struct ip))
2537 ip->ip_sum = in_cksum_hdr(ip);
2539 ip->ip_sum = in_cksum(*mp, hlen);
2543 case ETHERTYPE_IPV6 :
2544 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
2545 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
2548 if (*mp == NULL || error != 0) /* filter may consume */
2551 if (pfil_member && ifp != NULL)
2552 error = pfil_run_hooks(&inet6_pfil_hook, mp, ifp,
2555 if (*mp == NULL || error != 0) /* filter may consume */
2558 if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
2559 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
2576 * Finally, put everything back the way it was and return
2579 M_PREPEND(*mp, sizeof(struct llc), MB_DONTWAIT);
2582 bcopy(&llc1, mtod(*mp, caddr_t), sizeof(struct llc));
2585 M_PREPEND(*mp, ETHER_HDR_LEN, MB_DONTWAIT);
2588 bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN);
2599 * Perform basic checks on header size since
2600 * pfil assumes ip_input has already processed
2601 * it for it. Cut-and-pasted from ip_input.c.
2602 * Given how simple the IPv6 version is,
2603 * does the IPv4 version really need to be
2606 * XXX Should we update ipstat here, or not?
2607 * XXX Right now we update ipstat but not
2611 bridge_ip_checkbasic(struct mbuf **mp)
2613 struct mbuf *m = *mp;
2621 if (IP_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
2622 if ((m = m_copyup(m, sizeof(struct ip),
2623 (max_linkhdr + 3) & ~3)) == NULL) {
2624 /* XXXJRT new stat, please */
2625 ipstat.ips_toosmall++;
2630 #ifndef __predict_false
2631 #define __predict_false(x) x
2633 if (__predict_false(m->m_len < sizeof (struct ip))) {
2634 if ((m = m_pullup(m, sizeof (struct ip))) == NULL) {
2635 ipstat.ips_toosmall++;
2639 ip = mtod(m, struct ip *);
2640 if (ip == NULL) goto bad;
2642 if (ip->ip_v != IPVERSION) {
2643 ipstat.ips_badvers++;
2646 hlen = ip->ip_hl << 2;
2647 if (hlen < sizeof(struct ip)) { /* minimum header length */
2648 ipstat.ips_badhlen++;
2651 if (hlen > m->m_len) {
2652 if ((m = m_pullup(m, hlen)) == 0) {
2653 ipstat.ips_badhlen++;
2656 ip = mtod(m, struct ip *);
2657 if (ip == NULL) goto bad;
2660 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
2661 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
2663 if (hlen == sizeof(struct ip)) {
2664 sum = in_cksum_hdr(ip);
2666 sum = in_cksum(m, hlen);
2670 ipstat.ips_badsum++;
2674 /* Retrieve the packet length. */
2675 len = ntohs(ip->ip_len);
2678 * Check for additional length bogosity
2681 ipstat.ips_badlen++;
2686 * Check that the amount of data in the buffers
2687 * is as at least much as the IP header would have us expect.
2688 * Drop packet if shorter than we expect.
2690 if (m->m_pkthdr.len < len) {
2691 ipstat.ips_tooshort++;
2695 /* Checks out, proceed */
2706 * Same as above, but for IPv6.
2707 * Cut-and-pasted from ip6_input.c.
2708 * XXX Should we update ip6stat, or not?
2711 bridge_ip6_checkbasic(struct mbuf **mp)
2713 struct mbuf *m = *mp;
2714 struct ip6_hdr *ip6;
2717 * If the IPv6 header is not aligned, slurp it up into a new
2718 * mbuf with space for link headers, in the event we forward
2719 * it. Otherwise, if it is aligned, make sure the entire base
2720 * IPv6 header is in the first mbuf of the chain.
2723 if (IP6_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
2724 struct ifnet *inifp = m->m_pkthdr.rcvif;
2725 if ((m = m_copyup(m, sizeof(struct ip6_hdr),
2726 (max_linkhdr + 3) & ~3)) == NULL) {
2727 /* XXXJRT new stat, please */
2728 ip6stat.ip6s_toosmall++;
2729 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
2734 if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) {
2735 struct ifnet *inifp = m->m_pkthdr.rcvif;
2736 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
2737 ip6stat.ip6s_toosmall++;
2738 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
2743 ip6 = mtod(m, struct ip6_hdr *);
2745 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
2746 ip6stat.ip6s_badvers++;
2747 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
2751 /* Checks out, proceed */
2764 * Return a fragmented mbuf chain.
2767 bridge_fragment(struct ifnet *ifp, struct mbuf *m, struct ether_header *eh,
2768 int snap, struct llc *llc)
2774 if (m->m_len < sizeof(struct ip) &&
2775 (m = m_pullup(m, sizeof(struct ip))) == NULL)
2777 ip = mtod(m, struct ip *);
2779 error = ip_fragment(ip, &m, ifp->if_mtu, ifp->if_hwassist,
2784 /* walk the chain and re-add the Ethernet header */
2785 for (m0 = m; m0; m0 = m0->m_nextpkt) {
2788 M_PREPEND(m0, sizeof(struct llc), MB_DONTWAIT);
2793 bcopy(llc, mtod(m0, caddr_t),
2794 sizeof(struct llc));
2796 M_PREPEND(m0, ETHER_HDR_LEN, MB_DONTWAIT);
2801 bcopy(eh, mtod(m0, caddr_t), ETHER_HDR_LEN);
2807 ipstat.ips_fragmented++;
projects / dragonfly.git / blob