projects / dragonfly.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Add FW_MBUF_REDISPATCH, which should be set by various firewall code,
[dragonfly.git] / sys / netinet / ip_input.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 2003, 2004 Jeffrey M. Hsu. All rights reserved.
3 * Copyright (c) 2003, 2004 The DragonFly Project. All rights reserved.
4 *
5 * This code is derived from software contributed to The DragonFly Project
6 * by Jeffrey M. Hsu.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of The DragonFly Project nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific, prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
30 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34/*
35 * Copyright (c) 1982, 1986, 1988, 1993
36 * The Regents of the University of California. All rights reserved.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. All advertising materials mentioning features or use of this software
47 * must display the following acknowledgement:
48 * This product includes software developed by the University of
49 * California, Berkeley and its contributors.
50 * 4. Neither the name of the University nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * SUCH DAMAGE.
65 *
66 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94
67 * $FreeBSD: src/sys/netinet/ip_input.c,v 1.130.2.52 2003/03/07 07:01:28 silby Exp $
68 * $DragonFly: src/sys/netinet/ip_input.c,v 1.102 2008/09/13 07:15:14 sephe Exp $
69 */
70
71#define _IP_VHL
72
73#include "opt_bootp.h"
74#include "opt_ipfw.h"
75#include "opt_ipdn.h"
76#include "opt_ipdivert.h"
77#include "opt_ipfilter.h"
78#include "opt_ipstealth.h"
79#include "opt_ipsec.h"
80
81#include <sys/param.h>
82#include <sys/systm.h>
83#include <sys/mbuf.h>
84#include <sys/malloc.h>
85#include <sys/mpipe.h>
86#include <sys/domain.h>
87#include <sys/protosw.h>
88#include <sys/socket.h>
89#include <sys/time.h>
90#include <sys/globaldata.h>
91#include <sys/thread.h>
92#include <sys/kernel.h>
93#include <sys/syslog.h>
94#include <sys/sysctl.h>
95#include <sys/in_cksum.h>
96
97#include <machine/stdarg.h>
98
99#include <net/if.h>
100#include <net/if_types.h>
101#include <net/if_var.h>
102#include <net/if_dl.h>
103#include <net/pfil.h>
104#include <net/route.h>
105#include <net/netisr.h>
106
107#include <netinet/in.h>
108#include <netinet/in_systm.h>
109#include <netinet/in_var.h>
110#include <netinet/ip.h>
111#include <netinet/in_pcb.h>
112#include <netinet/ip_var.h>
113#include <netinet/ip_icmp.h>
114#ifdef IPDIVERT
115#include <netinet/ip_divert.h>
116#endif
117
118#include <sys/thread2.h>
119#include <sys/msgport2.h>
120#include <net/netmsg2.h>
121
122#include <sys/socketvar.h>
123
124#include <net/ipfw/ip_fw.h>
125#include <net/dummynet/ip_dummynet.h>
126
127#ifdef IPSEC
128#include <netinet6/ipsec.h>
129#include <netproto/key/key.h>
130#endif
131
132#ifdef FAST_IPSEC
133#include <netproto/ipsec/ipsec.h>
134#include <netproto/ipsec/key.h>
135#endif
136
137int rsvp_on = 0;
138static int ip_rsvp_on;
139struct socket *ip_rsvpd;
140
141int ipforwarding = 0;
142SYSCTL_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW,
143 &ipforwarding, 0, "Enable IP forwarding between interfaces");
144
145static int ipsendredirects = 1; /* XXX */
146SYSCTL_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW,
147 &ipsendredirects, 0, "Enable sending IP redirects");
148
149int ip_defttl = IPDEFTTL;
150SYSCTL_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW,
151 &ip_defttl, 0, "Maximum TTL on IP packets");
152
153static int ip_dosourceroute = 0;
154SYSCTL_INT(_net_inet_ip, IPCTL_SOURCEROUTE, sourceroute, CTLFLAG_RW,
155 &ip_dosourceroute, 0, "Enable forwarding source routed IP packets");
156
157static int ip_acceptsourceroute = 0;
158SYSCTL_INT(_net_inet_ip, IPCTL_ACCEPTSOURCEROUTE, accept_sourceroute,
159 CTLFLAG_RW, &ip_acceptsourceroute, 0,
160 "Enable accepting source routed IP packets");
161
162static int ip_keepfaith = 0;
163SYSCTL_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
164 &ip_keepfaith, 0,
165 "Enable packet capture for FAITH IPv4->IPv6 translator daemon");
166
167static int nipq = 0; /* total # of reass queues */
168static int maxnipq;
169SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragpackets, CTLFLAG_RW,
170 &maxnipq, 0,
171 "Maximum number of IPv4 fragment reassembly queue entries");
172
173static int maxfragsperpacket;
174SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW,
175 &maxfragsperpacket, 0,
176 "Maximum number of IPv4 fragments allowed per packet");
177
178static int ip_sendsourcequench = 0;
179SYSCTL_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW,
180 &ip_sendsourcequench, 0,
181 "Enable the transmission of source quench packets");
182
183int ip_do_randomid = 1;
184SYSCTL_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW,
185 &ip_do_randomid, 0,
186 "Assign random ip_id values");
187/*
188 * XXX - Setting ip_checkinterface mostly implements the receive side of
189 * the Strong ES model described in RFC 1122, but since the routing table
190 * and transmit implementation do not implement the Strong ES model,
191 * setting this to 1 results in an odd hybrid.
192 *
193 * XXX - ip_checkinterface currently must be disabled if you use ipnat
194 * to translate the destination address to another local interface.
195 *
196 * XXX - ip_checkinterface must be disabled if you add IP aliases
197 * to the loopback interface instead of the interface where the
198 * packets for those addresses are received.
199 */
200static int ip_checkinterface = 0;
201SYSCTL_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW,
202 &ip_checkinterface, 0, "Verify packet arrives on correct interface");
203
204#ifdef DIAGNOSTIC
205static int ipprintfs = 0;
206#endif
207
208extern struct domain inetdomain;
209extern struct protosw inetsw[];
210u_char ip_protox[IPPROTO_MAX];
211struct in_ifaddrhead in_ifaddrheads[MAXCPU]; /* first inet address */
212struct in_ifaddrhashhead *in_ifaddrhashtbls[MAXCPU];
213 /* inet addr hash table */
214u_long in_ifaddrhmask; /* mask for hash table */
215
216struct ip_stats ipstats_percpu[MAXCPU];
217#ifdef SMP
218static int
219sysctl_ipstats(SYSCTL_HANDLER_ARGS)
220{
221 int cpu, error = 0;
222
223 for (cpu = 0; cpu < ncpus; ++cpu) {
224 if ((error = SYSCTL_OUT(req, &ipstats_percpu[cpu],
225 sizeof(struct ip_stats))))
226 break;
227 if ((error = SYSCTL_IN(req, &ipstats_percpu[cpu],
228 sizeof(struct ip_stats))))
229 break;
230 }
231
232 return (error);
233}
234SYSCTL_PROC(_net_inet_ip, IPCTL_STATS, stats, (CTLTYPE_OPAQUE | CTLFLAG_RW),
235 0, 0, sysctl_ipstats, "S,ip_stats", "IP statistics");
236#else
237SYSCTL_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW,
238 &ipstat, ip_stats, "IP statistics");
239#endif
240
241/* Packet reassembly stuff */
242#define IPREASS_NHASH_LOG2 6
243#define IPREASS_NHASH (1 << IPREASS_NHASH_LOG2)
244#define IPREASS_HMASK (IPREASS_NHASH - 1)
245#define IPREASS_HASH(x,y) \
246 (((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK)
247
248static struct ipq ipq[IPREASS_NHASH];
249
250#ifdef IPCTL_DEFMTU
251SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
252 &ip_mtu, 0, "Default MTU");
253#endif
254
255#ifdef IPSTEALTH
256static int ipstealth = 0;
257SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, &ipstealth, 0, "");
258#else
259static const int ipstealth = 0;
260#endif
261
262
263/* Firewall hooks */
264ip_fw_chk_t *ip_fw_chk_ptr;
265ip_fw_dn_io_t *ip_fw_dn_io_ptr;
266int ip_fw_loaded;
267int fw_enable = 1;
268int fw_one_pass = 1;
269
270struct pfil_head inet_pfil_hook;
271
272/*
273 * struct ip_srcrt_opt is used to store packet state while it travels
274 * through the stack.
275 *
276 * XXX Note that the code even makes assumptions on the size and
277 * alignment of fields inside struct ip_srcrt so e.g. adding some
278 * fields will break the code. This needs to be fixed.
279 *
280 * We need to save the IP options in case a protocol wants to respond
281 * to an incoming packet over the same route if the packet got here
282 * using IP source routing. This allows connection establishment and
283 * maintenance when the remote end is on a network that is not known
284 * to us.
285 */
286struct ip_srcrt {
287 struct in_addr dst; /* final destination */
288 char nop; /* one NOP to align */
289 char srcopt[IPOPT_OFFSET + 1]; /* OPTVAL, OLEN and OFFSET */
290 struct in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)];
291};
292
293struct ip_srcrt_opt {
294 int ip_nhops;
295 struct ip_srcrt ip_srcrt;
296};
297
298static MALLOC_DEFINE(M_IPQ, "ipq", "IP Fragment Management");
299static struct malloc_pipe ipq_mpipe;
300
301static void save_rte(struct mbuf *, u_char *, struct in_addr);
302static int ip_dooptions(struct mbuf *m, int, struct sockaddr_in *);
303static void ip_freef(struct ipq *);
304static void ip_input_handler(struct netmsg *);
305static struct mbuf *ip_reass(struct mbuf *);
306
307/*
308 * IP initialization: fill in IP protocol switch table.
309 * All protocols not implemented in kernel go to raw IP protocol handler.
310 */
311void
312ip_init(void)
313{
314 struct protosw *pr;
315 int i;
316#ifdef SMP
317 int cpu;
318#endif
319
320 /*
321 * Make sure we can handle a reasonable number of fragments but
322 * cap it at 4000 (XXX).
323 */
324 mpipe_init(&ipq_mpipe, M_IPQ, sizeof(struct ipq),
325 IFQ_MAXLEN, 4000, 0, NULL);
326 for (i = 0; i < ncpus; ++i) {
327 TAILQ_INIT(&in_ifaddrheads[i]);
328 in_ifaddrhashtbls[i] =
329 hashinit(INADDR_NHASH, M_IFADDR, &in_ifaddrhmask);
330 }
331 pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW);
332 if (pr == NULL)
333 panic("ip_init");
334 for (i = 0; i < IPPROTO_MAX; i++)
335 ip_protox[i] = pr - inetsw;
336 for (pr = inetdomain.dom_protosw;
337 pr < inetdomain.dom_protoswNPROTOSW; pr++)
338 if (pr->pr_domain->dom_family == PF_INET &&
339 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
340 ip_protox[pr->pr_protocol] = pr - inetsw;
341
342 inet_pfil_hook.ph_type = PFIL_TYPE_AF;
343 inet_pfil_hook.ph_af = AF_INET;
344 if ((i = pfil_head_register(&inet_pfil_hook)) != 0) {
345 kprintf("%s: WARNING: unable to register pfil hook, "
346 "error %d\n", __func__, i);
347 }
348
349 for (i = 0; i < IPREASS_NHASH; i++)
350 ipq[i].next = ipq[i].prev = &ipq[i];
351
352 maxnipq = nmbclusters / 32;
353 maxfragsperpacket = 16;
354
355 ip_id = time_second & 0xffff;
356
357 /*
358 * Initialize IP statistics counters for each CPU.
359 *
360 */
361#ifdef SMP
362 for (cpu = 0; cpu < ncpus; ++cpu) {
363 bzero(&ipstats_percpu[cpu], sizeof(struct ip_stats));
364 }
365#else
366 bzero(&ipstat, sizeof(struct ip_stats));
367#endif
368
369 netisr_register(NETISR_IP, ip_mport_in, ip_input_handler);
370}
371
372/*
373 * XXX watch out this one. It is perhaps used as a cache for
374 * the most recently used route ? it is cleared in in_addroute()
375 * when a new route is successfully created.
376 */
377struct route ipforward_rt[MAXCPU];
378
379/* Do transport protocol processing. */
380static void
381transport_processing_oncpu(struct mbuf *m, int hlen, struct ip *ip)
382{
383 /*
384 * Switch out to protocol's input routine.
385 */
386 (*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen, ip->ip_p);
387}
388
389static void
390transport_processing_handler(netmsg_t netmsg)
391{
392 struct netmsg_packet *pmsg = (struct netmsg_packet *)netmsg;
393 struct ip *ip;
394 int hlen;
395
396 ip = mtod(pmsg->nm_packet, struct ip *);
397 hlen = pmsg->nm_netmsg.nm_lmsg.u.ms_result;
398
399 transport_processing_oncpu(pmsg->nm_packet, hlen, ip);
400 /* netmsg was embedded in the mbuf, do not reply! */
401}
402
403static void
404ip_input_handler(struct netmsg *msg0)
405{
406 struct mbuf *m = ((struct netmsg_packet *)msg0)->nm_packet;
407
408 ip_input(m);
409 /* msg0 was embedded in the mbuf, do not reply! */
410}
411
412#ifdef IPDIVERT
413static struct mbuf *
414ip_divert_in(struct mbuf *m, int tee)
415{
416 struct mbuf *clone = NULL;
417 struct ip *ip = mtod(m, struct ip *);
418 struct m_tag *mtag;
419
420 if (ip->ip_off & (IP_MF | IP_OFFMASK)) {
421 const struct divert_info *divinfo;
422 u_short frag_off;
423 int hlen;
424
425 /*
426 * Only trust divert info in the fragment
427 * at offset 0.
428 */
429 frag_off = ip->ip_off << 3;
430 if (frag_off != 0) {
431 mtag = m_tag_find(m, PACKET_TAG_IPFW_DIVERT, NULL);
432 m_tag_delete(m, mtag);
433 }
434
435 /*
436 * Attempt reassembly; if it succeeds, proceed.
437 * ip_reass() will return a different mbuf.
438 */
439 m = ip_reass(m);
440 if (m == NULL)
441 return NULL;
442 ip = mtod(m, struct ip *);
443
444 /* Caller need to redispatch the packet, if it is for us */
445 m->m_pkthdr.fw_flags |= FW_MBUF_REDISPATCH;
446
447 /*
448 * Get the header length of the reassembled
449 * packet
450 */
451 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
452
453 /*
454 * Restore original checksum before diverting
455 * packet
456 */
457 ip->ip_len += hlen;
458 ip->ip_len = htons(ip->ip_len);
459 ip->ip_off = htons(ip->ip_off);
460 ip->ip_sum = 0;
461 if (hlen == sizeof(struct ip))
462 ip->ip_sum = in_cksum_hdr(ip);
463 else
464 ip->ip_sum = in_cksum(m, hlen);
465 ip->ip_off = ntohs(ip->ip_off);
466 ip->ip_len = ntohs(ip->ip_len);
467
468 /*
469 * Only use the saved divert info
470 */
471 mtag = m_tag_find(m, PACKET_TAG_IPFW_DIVERT, NULL);
472 if (mtag == NULL) {
473 /* Wrongly configured ipfw */
474 kprintf("ip_input no divert info\n");
475 m_freem(m);
476 return NULL;
477 }
478 divinfo = m_tag_data(mtag);
479 tee = divinfo->tee;
480 }
481
482 /*
483 * Divert or tee packet to the divert protocol if
484 * required.
485 */
486
487 /* Clone packet if we're doing a 'tee' */
488 if (tee)
489 clone = m_dup(m, MB_DONTWAIT);
490
491 /*
492 * Restore packet header fields to original
493 * values
494 */
495 ip->ip_len = htons(ip->ip_len);
496 ip->ip_off = htons(ip->ip_off);
497
498 /* Deliver packet to divert input routine */
499 divert_packet(m, 1);
500
501 /* Catch invalid reference */
502 m = NULL;
503 ip = NULL;
504
505 ipstat.ips_delivered++;
506
507 /* If 'tee', continue with original packet */
508 if (clone != NULL) {
509 /*
510 * Complete processing of the packet.
511 * XXX Better safe than sorry, remove the DIVERT tag.
512 */
513 mtag = m_tag_find(clone, PACKET_TAG_IPFW_DIVERT, NULL);
514 KKASSERT(mtag != NULL);
515 m_tag_delete(clone, mtag);
516 }
517 return clone;
518}
519#endif /* IPDIVERT */
520
521/*
522 * IP input routine. Checksum and byte swap header. If fragmented
523 * try to reassemble. Process options. Pass to next level.
524 */
525void
526ip_input(struct mbuf *m)
527{
528 struct ip *ip;
529 struct in_ifaddr *ia = NULL;
530 struct in_ifaddr_container *iac;
531 int i, hlen, checkif;
532 u_short sum;
533 struct in_addr pkt_dst;
534 boolean_t using_srcrt = FALSE; /* forward (by PFIL_HOOKS) */
535 boolean_t needredispatch = FALSE;
536 struct in_addr odst; /* original dst address(NAT) */
537 struct m_tag *mtag;
538 struct sockaddr_in *next_hop = NULL;
539#ifdef FAST_IPSEC
540 struct tdb_ident *tdbi;
541 struct secpolicy *sp;
542 int error;
543#endif
544
545 M_ASSERTPKTHDR(m);
546
547 if (m->m_pkthdr.fw_flags & IPFORWARD_MBUF_TAGGED) {
548 /* Next hop */
549 mtag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL);
550 KKASSERT(mtag != NULL);
551 next_hop = m_tag_data(mtag);
552 }
553
554 if (m->m_pkthdr.fw_flags & DUMMYNET_MBUF_TAGGED) {
555 /* dummynet already filtered us */
556 ip = mtod(m, struct ip *);
557 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
558 goto iphack;
559 }
560
561 ipstat.ips_total++;
562
563 /* length checks already done in ip_demux() */
564 KASSERT(m->m_len >= sizeof(ip), ("IP header not in one mbuf"));
565
566 ip = mtod(m, struct ip *);
567
568 if (IP_VHL_V(ip->ip_vhl) != IPVERSION) {
569 ipstat.ips_badvers++;
570 goto bad;
571 }
572
573 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
574 /* length checks already done in ip_demux() */
575 KASSERT(hlen >= sizeof(struct ip), ("IP header len too small"));
576 KASSERT(m->m_len >= hlen, ("packet shorter than IP header length"));
577
578 /* 127/8 must not appear on wire - RFC1122 */
579 if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
580 (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
581 if (!(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK)) {
582 ipstat.ips_badaddr++;
583 goto bad;
584 }
585 }
586
587 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
588 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
589 } else {
590 if (hlen == sizeof(struct ip)) {
591 sum = in_cksum_hdr(ip);
592 } else {
593 sum = in_cksum(m, hlen);
594 }
595 }
596 if (sum != 0) {
597 ipstat.ips_badsum++;
598 goto bad;
599 }
600
601#ifdef ALTQ
602 if (altq_input != NULL && (*altq_input)(m, AF_INET) == 0) {
603 /* packet is dropped by traffic conditioner */
604 return;
605 }
606#endif
607 /*
608 * Convert fields to host representation.
609 */
610 ip->ip_len = ntohs(ip->ip_len);
611 if (ip->ip_len < hlen) {
612 ipstat.ips_badlen++;
613 goto bad;
614 }
615 ip->ip_off = ntohs(ip->ip_off);
616
617 /*
618 * Check that the amount of data in the buffers
619 * is as at least much as the IP header would have us expect.
620 * Trim mbufs if longer than we expect.
621 * Drop packet if shorter than we expect.
622 */
623 if (m->m_pkthdr.len < ip->ip_len) {
624 ipstat.ips_tooshort++;
625 goto bad;
626 }
627 if (m->m_pkthdr.len > ip->ip_len) {
628 if (m->m_len == m->m_pkthdr.len) {
629 m->m_len = ip->ip_len;
630 m->m_pkthdr.len = ip->ip_len;
631 } else
632 m_adj(m, ip->ip_len - m->m_pkthdr.len);
633 }
634#if defined(IPSEC) && !defined(IPSEC_FILTERGIF)
635 /*
636 * Bypass packet filtering for packets from a tunnel (gif).
637 */
638 if (ipsec_gethist(m, NULL))
639 goto pass;
640#endif
641
642 /*
643 * IpHack's section.
644 * Right now when no processing on packet has done
645 * and it is still fresh out of network we do our black
646 * deals with it.
647 * - Firewall: deny/allow/divert
648 * - Xlate: translate packet's addr/port (NAT).
649 * - Pipe: pass pkt through dummynet.
650 * - Wrap: fake packet's addr/port <unimpl.>
651 * - Encapsulate: put it in another IP and send out. <unimp.>
652 */
653
654iphack:
655 /*
656 * If we've been forwarded from the output side, then
657 * skip the firewall a second time
658 */
659 if (next_hop != NULL)
660 goto ours;
661
662 /*
663 * Run through list of hooks for input packets.
664 *
665 * NB: Beware of the destination address changing (e.g.
666 * by NAT rewriting). When this happens, tell
667 * ip_forward to do the right thing.
668 */
669 if (pfil_has_hooks(&inet_pfil_hook)) {
670 odst = ip->ip_dst;
671 if (pfil_run_hooks(&inet_pfil_hook, &m,
672 m->m_pkthdr.rcvif, PFIL_IN)) {
673 return;
674 }
675 if (m == NULL) /* consumed by filter */
676 return;
677 ip = mtod(m, struct ip *);
678 using_srcrt = (odst.s_addr != ip->ip_dst.s_addr);
679 }
680
681 if (fw_enable && IPFW_LOADED) {
682 struct ip_fw_args args;
683 int tee = 0;
684
685 if (m->m_pkthdr.fw_flags & DUMMYNET_MBUF_TAGGED) {
686 /* Extract info from dummynet tag */
687 mtag = m_tag_find(m, PACKET_TAG_DUMMYNET, NULL);
688 KKASSERT(mtag != NULL);
689 args.rule =
690 ((struct dn_pkt *)m_tag_data(mtag))->dn_priv;
691 KKASSERT(args.rule != NULL);
692
693 m_tag_delete(m, mtag);
694 m->m_pkthdr.fw_flags &= ~DUMMYNET_MBUF_TAGGED;
695 } else {
696 args.rule = NULL;
697 }
698
699 args.eh = NULL;
700 args.oif = NULL;
701 args.m = m;
702 i = ip_fw_chk_ptr(&args);
703 m = args.m;
704
705 if (m == NULL)
706 return;
707 ip = mtod(m, struct ip *); /* just in case m changed */
708
709 switch (i) {
710 case IP_FW_PASS:
711 goto pass;
712
713 case IP_FW_DENY:
714 m_freem(m);
715 return;
716
717 case IP_FW_DUMMYNET:
718 /* Send packet to the appropriate pipe */
719 ip_fw_dn_io_ptr(m, args.cookie, DN_TO_IP_IN, &args);
720 goto pass;
721
722 case IP_FW_TEE:
723 tee = 1;
724 /* FALL THROUGH */
725
726 case IP_FW_DIVERT:
727#ifdef IPDIVERT
728 m = ip_divert_in(m, tee);
729 if (m == NULL)
730 return;
731 ip = mtod(m, struct ip *);
732 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
733 goto pass;
734#else
735 m_freem(m);
736 return;
737#endif
738
739 default:
740 panic("unknown ipfw return value: %d\n", i);
741 }
742 }
743pass:
744 if (m->m_pkthdr.fw_flags & IPFORWARD_MBUF_TAGGED) {
745 mtag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL);
746 KKASSERT(mtag != NULL);
747 next_hop = m_tag_data(mtag);
748 }
749 if (m->m_pkthdr.fw_flags & DUMMYNET_MBUF_TAGGED) {
750 ip_dn_queue(m);
751 return;
752 }
753 if (m->m_pkthdr.fw_flags & FW_MBUF_REDISPATCH) {
754 needredispatch = TRUE;
755 m->m_pkthdr.fw_flags &= ~FW_MBUF_REDISPATCH;
756 }
757
758 /*
759 * Process options and, if not destined for us,
760 * ship it on. ip_dooptions returns 1 when an
761 * error was detected (causing an icmp message
762 * to be sent and the original packet to be freed).
763 */
764 if (hlen > sizeof(struct ip) && ip_dooptions(m, 0, next_hop))
765 return;
766
767 /* greedy RSVP, snatches any PATH packet of the RSVP protocol and no
768 * matter if it is destined to another node, or whether it is
769 * a multicast one, RSVP wants it! and prevents it from being forwarded
770 * anywhere else. Also checks if the rsvp daemon is running before
771 * grabbing the packet.
772 */
773 if (rsvp_on && ip->ip_p == IPPROTO_RSVP)
774 goto ours;
775
776 /*
777 * Check our list of addresses, to see if the packet is for us.
778 * If we don't have any addresses, assume any unicast packet
779 * we receive might be for us (and let the upper layers deal
780 * with it).
781 */
782 if (TAILQ_EMPTY(&in_ifaddrheads[mycpuid]) &&
783 !(m->m_flags & (M_MCAST | M_BCAST)))
784 goto ours;
785
786 /*
787 * Cache the destination address of the packet; this may be
788 * changed by use of 'ipfw fwd'.
789 */
790 pkt_dst = next_hop ? next_hop->sin_addr : ip->ip_dst;
791
792 /*
793 * Enable a consistency check between the destination address
794 * and the arrival interface for a unicast packet (the RFC 1122
795 * strong ES model) if IP forwarding is disabled and the packet
796 * is not locally generated and the packet is not subject to
797 * 'ipfw fwd'.
798 *
799 * XXX - Checking also should be disabled if the destination
800 * address is ipnat'ed to a different interface.
801 *
802 * XXX - Checking is incompatible with IP aliases added
803 * to the loopback interface instead of the interface where
804 * the packets are received.
805 */
806 checkif = ip_checkinterface &&
807 !ipforwarding &&
808 m->m_pkthdr.rcvif != NULL &&
809 !(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) &&
810 next_hop == NULL;
811
812 /*
813 * Check for exact addresses in the hash bucket.
814 */
815 LIST_FOREACH(iac, INADDR_HASH(pkt_dst.s_addr), ia_hash) {
816 ia = iac->ia;
817
818 /*
819 * If the address matches, verify that the packet
820 * arrived via the correct interface if checking is
821 * enabled.
822 */
823 if (IA_SIN(ia)->sin_addr.s_addr == pkt_dst.s_addr &&
824 (!checkif || ia->ia_ifp == m->m_pkthdr.rcvif))
825 goto ours;
826 }
827 ia = NULL;
828
829 /*
830 * Check for broadcast addresses.
831 *
832 * Only accept broadcast packets that arrive via the matching
833 * interface. Reception of forwarded directed broadcasts would
834 * be handled via ip_forward() and ether_output() with the loopback
835 * into the stack for SIMPLEX interfaces handled by ether_output().
836 */
837 if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
838 struct ifaddr_container *ifac;
839
840 TAILQ_FOREACH(ifac, &m->m_pkthdr.rcvif->if_addrheads[mycpuid],
841 ifa_link) {
842 struct ifaddr *ifa = ifac->ifa;
843
844 if (ifa->ifa_addr == NULL) /* shutdown/startup race */
845 continue;
846 if (ifa->ifa_addr->sa_family != AF_INET)
847 continue;
848 ia = ifatoia(ifa);
849 if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
850 pkt_dst.s_addr)
851 goto ours;
852 if (ia->ia_netbroadcast.s_addr == pkt_dst.s_addr)
853 goto ours;
854#ifdef BOOTP_COMPAT
855 if (IA_SIN(ia)->sin_addr.s_addr == INADDR_ANY)
856 goto ours;
857#endif
858 }
859 }
860 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
861 struct in_multi *inm;
862
863 if (ip_mrouter != NULL) {
864 /*
865 * If we are acting as a multicast router, all
866 * incoming multicast packets are passed to the
867 * kernel-level multicast forwarding function.
868 * The packet is returned (relatively) intact; if
869 * ip_mforward() returns a non-zero value, the packet
870 * must be discarded, else it may be accepted below.
871 */
872 if (ip_mforward != NULL &&
873 ip_mforward(ip, m->m_pkthdr.rcvif, m, NULL) != 0) {
874 ipstat.ips_cantforward++;
875 m_freem(m);
876 return;
877 }
878
879 /*
880 * The process-level routing daemon needs to receive
881 * all multicast IGMP packets, whether or not this
882 * host belongs to their destination groups.
883 */
884 if (ip->ip_p == IPPROTO_IGMP)
885 goto ours;
886 ipstat.ips_forward++;
887 }
888 /*
889 * See if we belong to the destination multicast group on the
890 * arrival interface.
891 */
892 IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);
893 if (inm == NULL) {
894 ipstat.ips_notmember++;
895 m_freem(m);
896 return;
897 }
898 goto ours;
899 }
900 if (ip->ip_dst.s_addr == INADDR_BROADCAST)
901 goto ours;
902 if (ip->ip_dst.s_addr == INADDR_ANY)
903 goto ours;
904
905 /*
906 * FAITH(Firewall Aided Internet Translator)
907 */
908 if (m->m_pkthdr.rcvif && m->m_pkthdr.rcvif->if_type == IFT_FAITH) {
909 if (ip_keepfaith) {
910 if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_ICMP)
911 goto ours;
912 }
913 m_freem(m);
914 return;
915 }
916
917 /*
918 * Not for us; forward if possible and desirable.
919 */
920 if (!ipforwarding) {
921 ipstat.ips_cantforward++;
922 m_freem(m);
923 } else {
924#ifdef IPSEC
925 /*
926 * Enforce inbound IPsec SPD.
927 */
928 if (ipsec4_in_reject(m, NULL)) {
929 ipsecstat.in_polvio++;
930 goto bad;
931 }
932#endif
933#ifdef FAST_IPSEC
934 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
935 crit_enter();
936 if (mtag != NULL) {
937 tdbi = (struct tdb_ident *)m_tag_data(mtag);
938 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
939 } else {
940 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
941 IP_FORWARDING, &error);
942 }
943 if (sp == NULL) { /* NB: can happen if error */
944 crit_exit();
945 /*XXX error stat???*/
946 DPRINTF(("ip_input: no SP for forwarding\n")); /*XXX*/
947 goto bad;
948 }
949
950 /*
951 * Check security policy against packet attributes.
952 */
953 error = ipsec_in_reject(sp, m);
954 KEY_FREESP(&sp);
955 crit_exit();
956 if (error) {
957 ipstat.ips_cantforward++;
958 goto bad;
959 }
960#endif
961 ip_forward(m, using_srcrt, next_hop);
962 }
963 return;
964
965ours:
966
967 /*
968 * IPSTEALTH: Process non-routing options only
969 * if the packet is destined for us.
970 */
971 if (ipstealth &&
972 hlen > sizeof(struct ip) &&
973 ip_dooptions(m, 1, next_hop))
974 return;
975
976 /* Count the packet in the ip address stats */
977 if (ia != NULL) {
978 ia->ia_ifa.if_ipackets++;
979 ia->ia_ifa.if_ibytes += m->m_pkthdr.len;
980 }
981
982 /*
983 * If offset or IP_MF are set, must reassemble.
984 * Otherwise, nothing need be done.
985 * (We could look in the reassembly queue to see
986 * if the packet was previously fragmented,
987 * but it's not worth the time; just let them time out.)
988 */
989 if (ip->ip_off & (IP_MF | IP_OFFMASK)) {
990 /*
991 * Attempt reassembly; if it succeeds, proceed.
992 * ip_reass() will return a different mbuf.
993 */
994 m = ip_reass(m);
995 if (m == NULL)
996 return;
997 ip = mtod(m, struct ip *);
998
999 /* Get the header length of the reassembled packet */
1000 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
1001
1002 needredispatch = TRUE;
1003 } else {
1004 ip->ip_len -= hlen;
1005 }
1006
1007#ifdef IPSEC
1008 /*
1009 * enforce IPsec policy checking if we are seeing last header.
1010 * note that we do not visit this with protocols with pcb layer
1011 * code - like udp/tcp/raw ip.
1012 */
1013 if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) &&
1014 ipsec4_in_reject(m, NULL)) {
1015 ipsecstat.in_polvio++;
1016 goto bad;
1017 }
1018#endif
1019#if FAST_IPSEC
1020 /*
1021 * enforce IPsec policy checking if we are seeing last header.
1022 * note that we do not visit this with protocols with pcb layer
1023 * code - like udp/tcp/raw ip.
1024 */
1025 if (inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) {
1026 /*
1027 * Check if the packet has already had IPsec processing
1028 * done. If so, then just pass it along. This tag gets
1029 * set during AH, ESP, etc. input handling, before the
1030 * packet is returned to the ip input queue for delivery.
1031 */
1032 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
1033 crit_enter();
1034 if (mtag != NULL) {
1035 tdbi = (struct tdb_ident *)m_tag_data(mtag);
1036 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
1037 } else {
1038 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
1039 IP_FORWARDING, &error);
1040 }
1041 if (sp != NULL) {
1042 /*
1043 * Check security policy against packet attributes.
1044 */
1045 error = ipsec_in_reject(sp, m);
1046 KEY_FREESP(&sp);
1047 } else {
1048 /* XXX error stat??? */
1049 error = EINVAL;
1050DPRINTF(("ip_input: no SP, packet discarded\n"));/*XXX*/
1051 goto bad;
1052 }
1053 crit_exit();
1054 if (error)
1055 goto bad;
1056 }
1057#endif /* FAST_IPSEC */
1058
1059 ipstat.ips_delivered++;
1060 if (needredispatch) {
1061 struct netmsg_packet *pmsg;
1062 lwkt_port_t port;
1063
1064 ip->ip_off = htons(ip->ip_off);
1065 ip->ip_len = htons(ip->ip_len);
1066 port = ip_mport_in(&m);
1067 if (port == NULL)
1068 return;
1069
1070 pmsg = &m->m_hdr.mh_netmsg;
1071 netmsg_init(&pmsg->nm_netmsg, &netisr_apanic_rport, 0,
1072 transport_processing_handler);
1073 pmsg->nm_packet = m;
1074 pmsg->nm_netmsg.nm_lmsg.u.ms_result = hlen;
1075
1076 ip = mtod(m, struct ip *);
1077 ip->ip_len = ntohs(ip->ip_len);
1078 ip->ip_off = ntohs(ip->ip_off);
1079 lwkt_sendmsg(port, &pmsg->nm_netmsg.nm_lmsg);
1080 } else {
1081 transport_processing_oncpu(m, hlen, ip);
1082 }
1083 return;
1084
1085bad:
1086 m_freem(m);
1087}
1088
1089/*
1090 * Take incoming datagram fragment and try to reassemble it into
1091 * whole datagram. If a chain for reassembly of this datagram already
1092 * exists, then it is given as fp; otherwise have to make a chain.
1093 */
1094static struct mbuf *
1095ip_reass(struct mbuf *m)
1096{
1097 struct ip *ip = mtod(m, struct ip *);
1098 struct mbuf *p = NULL, *q, *nq;
1099 struct mbuf *n;
1100 struct ipq *fp = NULL;
1101 int hlen = IP_VHL_HL(ip->ip_vhl) << 2;
1102 int i, next;
1103 u_short sum;
1104
1105 /* If maxnipq is 0, never accept fragments. */
1106 if (maxnipq == 0) {
1107 ipstat.ips_fragments++;
1108 ipstat.ips_fragdropped++;
1109 m_freem(m);
1110 return NULL;
1111 }
1112
1113 sum = IPREASS_HASH(ip->ip_src.s_addr, ip->ip_id);
1114 /*
1115 * Look for queue of fragments of this datagram.
1116 */
1117 for (fp = ipq[sum].next; fp != &ipq[sum]; fp = fp->next)
1118 if (ip->ip_id == fp->ipq_id &&
1119 ip->ip_src.s_addr == fp->ipq_src.s_addr &&
1120 ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
1121 ip->ip_p == fp->ipq_p)
1122 goto found;
1123
1124 fp = NULL;
1125
1126 /*
1127 * Enforce upper bound on number of fragmented packets
1128 * for which we attempt reassembly;
1129 * If maxnipq is -1, accept all fragments without limitation.
1130 */
1131 if (nipq > maxnipq && maxnipq > 0) {
1132 /*
1133 * drop something from the tail of the current queue
1134 * before proceeding further
1135 */
1136 if (ipq[sum].prev == &ipq[sum]) { /* gak */
1137 for (i = 0; i < IPREASS_NHASH; i++) {
1138 if (ipq[i].prev != &ipq[i]) {
1139 ipstat.ips_fragtimeout +=
1140 ipq[i].prev->ipq_nfrags;
1141 ip_freef(ipq[i].prev);
1142 break;
1143 }
1144 }
1145 } else {
1146 ipstat.ips_fragtimeout +=
1147 ipq[sum].prev->ipq_nfrags;
1148 ip_freef(ipq[sum].prev);
1149 }
1150 }
1151found:
1152 /*
1153 * Adjust ip_len to not reflect header,
1154 * convert offset of this to bytes.
1155 */
1156 ip->ip_len -= hlen;
1157 if (ip->ip_off & IP_MF) {
1158 /*
1159 * Make sure that fragments have a data length
1160 * that's a non-zero multiple of 8 bytes.
1161 */
1162 if (ip->ip_len == 0 || (ip->ip_len & 0x7) != 0) {
1163 ipstat.ips_toosmall++; /* XXX */
1164 m_freem(m);
1165 return NULL;
1166 }
1167 m->m_flags |= M_FRAG;
1168 } else
1169 m->m_flags &= ~M_FRAG;
1170 ip->ip_off <<= 3;
1171
1172 ipstat.ips_fragments++;
1173 m->m_pkthdr.header = ip;
1174
1175 /*
1176 * If the hardware has not done csum over this fragment
1177 * then csum_data is not valid at all.
1178 */
1179 if ((m->m_pkthdr.csum_flags & (CSUM_FRAG_NOT_CHECKED | CSUM_DATA_VALID))
1180 == (CSUM_FRAG_NOT_CHECKED | CSUM_DATA_VALID)) {
1181 m->m_pkthdr.csum_data = 0;
1182 m->m_pkthdr.csum_flags &= ~(CSUM_DATA_VALID | CSUM_PSEUDO_HDR);
1183 }
1184
1185 /*
1186 * Presence of header sizes in mbufs
1187 * would confuse code below.
1188 */
1189 m->m_data += hlen;
1190 m->m_len -= hlen;
1191
1192 /*
1193 * If first fragment to arrive, create a reassembly queue.
1194 */
1195 if (fp == NULL) {
1196 if ((fp = mpipe_alloc_nowait(&ipq_mpipe)) == NULL)
1197 goto dropfrag;
1198 insque(fp, &ipq[sum]);
1199 nipq++;
1200 fp->ipq_nfrags = 1;
1201 fp->ipq_ttl = IPFRAGTTL;
1202 fp->ipq_p = ip->ip_p;
1203 fp->ipq_id = ip->ip_id;
1204 fp->ipq_src = ip->ip_src;
1205 fp->ipq_dst = ip->ip_dst;
1206 fp->ipq_frags = m;
1207 m->m_nextpkt = NULL;
1208 goto inserted;
1209 } else {
1210 fp->ipq_nfrags++;
1211 }
1212
1213#define GETIP(m) ((struct ip*)((m)->m_pkthdr.header))
1214
1215 /*
1216 * Find a segment which begins after this one does.
1217 */
1218 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt)
1219 if (GETIP(q)->ip_off > ip->ip_off)
1220 break;
1221
1222 /*
1223 * If there is a preceding segment, it may provide some of
1224 * our data already. If so, drop the data from the incoming
1225 * segment. If it provides all of our data, drop us, otherwise
1226 * stick new segment in the proper place.
1227 *
1228 * If some of the data is dropped from the the preceding
1229 * segment, then it's checksum is invalidated.
1230 */
1231 if (p) {
1232 i = GETIP(p)->ip_off + GETIP(p)->ip_len - ip->ip_off;
1233 if (i > 0) {
1234 if (i >= ip->ip_len)
1235 goto dropfrag;
1236 m_adj(m, i);
1237 m->m_pkthdr.csum_flags = 0;
1238 ip->ip_off += i;
1239 ip->ip_len -= i;
1240 }
1241 m->m_nextpkt = p->m_nextpkt;
1242 p->m_nextpkt = m;
1243 } else {
1244 m->m_nextpkt = fp->ipq_frags;
1245 fp->ipq_frags = m;
1246 }
1247
1248 /*
1249 * While we overlap succeeding segments trim them or,
1250 * if they are completely covered, dequeue them.
1251 */
1252 for (; q != NULL && ip->ip_off + ip->ip_len > GETIP(q)->ip_off;
1253 q = nq) {
1254 i = (ip->ip_off + ip->ip_len) - GETIP(q)->ip_off;
1255 if (i < GETIP(q)->ip_len) {
1256 GETIP(q)->ip_len -= i;
1257 GETIP(q)->ip_off += i;
1258 m_adj(q, i);
1259 q->m_pkthdr.csum_flags = 0;
1260 break;
1261 }
1262 nq = q->m_nextpkt;
1263 m->m_nextpkt = nq;
1264 ipstat.ips_fragdropped++;
1265 fp->ipq_nfrags--;
1266 q->m_nextpkt = NULL;
1267 m_freem(q);
1268 }
1269
1270inserted:
1271 /*
1272 * Check for complete reassembly and perform frag per packet
1273 * limiting.
1274 *
1275 * Frag limiting is performed here so that the nth frag has
1276 * a chance to complete the packet before we drop the packet.
1277 * As a result, n+1 frags are actually allowed per packet, but
1278 * only n will ever be stored. (n = maxfragsperpacket.)
1279 *
1280 */
1281 next = 0;
1282 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt) {
1283 if (GETIP(q)->ip_off != next) {
1284 if (fp->ipq_nfrags > maxfragsperpacket) {
1285 ipstat.ips_fragdropped += fp->ipq_nfrags;
1286 ip_freef(fp);
1287 }
1288 return (NULL);
1289 }
1290 next += GETIP(q)->ip_len;
1291 }
1292 /* Make sure the last packet didn't have the IP_MF flag */
1293 if (p->m_flags & M_FRAG) {
1294 if (fp->ipq_nfrags > maxfragsperpacket) {
1295 ipstat.ips_fragdropped += fp->ipq_nfrags;
1296 ip_freef(fp);
1297 }
1298 return (NULL);
1299 }
1300
1301 /*
1302 * Reassembly is complete. Make sure the packet is a sane size.
1303 */
1304 q = fp->ipq_frags;
1305 ip = GETIP(q);
1306 if (next + (IP_VHL_HL(ip->ip_vhl) << 2) > IP_MAXPACKET) {
1307 ipstat.ips_toolong++;
1308 ipstat.ips_fragdropped += fp->ipq_nfrags;
1309 ip_freef(fp);
1310 return (NULL);
1311 }
1312
1313 /*
1314 * Concatenate fragments.
1315 */
1316 m = q;
1317 n = m->m_next;
1318 m->m_next = NULL;
1319 m_cat(m, n);
1320 nq = q->m_nextpkt;
1321 q->m_nextpkt = NULL;
1322 for (q = nq; q != NULL; q = nq) {
1323 nq = q->m_nextpkt;
1324 q->m_nextpkt = NULL;
1325 m->m_pkthdr.csum_flags &= q->m_pkthdr.csum_flags;
1326 m->m_pkthdr.csum_data += q->m_pkthdr.csum_data;
1327 m_cat(m, q);
1328 }
1329
1330 /*
1331 * Clean up the 1's complement checksum. Carry over 16 bits must
1332 * be added back. This assumes no more then 65535 packet fragments
1333 * were reassembled. A second carry can also occur (but not a third).
1334 */
1335 m->m_pkthdr.csum_data = (m->m_pkthdr.csum_data & 0xffff) +
1336 (m->m_pkthdr.csum_data >> 16);
1337 if (m->m_pkthdr.csum_data > 0xFFFF)
1338 m->m_pkthdr.csum_data -= 0xFFFF;
1339
1340 /*
1341 * Create header for new ip packet by
1342 * modifying header of first packet;
1343 * dequeue and discard fragment reassembly header.
1344 * Make header visible.
1345 */
1346 ip->ip_len = next;
1347 ip->ip_src = fp->ipq_src;
1348 ip->ip_dst = fp->ipq_dst;
1349 remque(fp);
1350 nipq--;
1351 mpipe_free(&ipq_mpipe, fp);
1352 m->m_len += (IP_VHL_HL(ip->ip_vhl) << 2);
1353 m->m_data -= (IP_VHL_HL(ip->ip_vhl) << 2);
1354 /* some debugging cruft by sklower, below, will go away soon */
1355 if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */
1356 int plen = 0;
1357
1358 for (n = m; n; n = n->m_next)
1359 plen += n->m_len;
1360 m->m_pkthdr.len = plen;
1361 }
1362
1363 ipstat.ips_reassembled++;
1364 return (m);
1365
1366dropfrag:
1367 ipstat.ips_fragdropped++;
1368 if (fp != NULL)
1369 fp->ipq_nfrags--;
1370 m_freem(m);
1371 return (NULL);
1372
1373#undef GETIP
1374}
1375
1376/*
1377 * Free a fragment reassembly header and all
1378 * associated datagrams.
1379 */
1380static void
1381ip_freef(struct ipq *fp)
1382{
1383 struct mbuf *q;
1384
1385 while (fp->ipq_frags) {
1386 q = fp->ipq_frags;
1387 fp->ipq_frags = q->m_nextpkt;
1388 q->m_nextpkt = NULL;
1389 m_freem(q);
1390 }
1391 remque(fp);
1392 mpipe_free(&ipq_mpipe, fp);
1393 nipq--;
1394}
1395
1396/*
1397 * IP timer processing;
1398 * if a timer expires on a reassembly
1399 * queue, discard it.
1400 */
1401void
1402ip_slowtimo(void)
1403{
1404 struct ipq *fp;
1405 int i;
1406
1407 crit_enter();
1408 for (i = 0; i < IPREASS_NHASH; i++) {
1409 fp = ipq[i].next;
1410 if (fp == NULL)
1411 continue;
1412 while (fp != &ipq[i]) {
1413 --fp->ipq_ttl;
1414 fp = fp->next;
1415 if (fp->prev->ipq_ttl == 0) {
1416 ipstat.ips_fragtimeout += fp->prev->ipq_nfrags;
1417 ip_freef(fp->prev);
1418 }
1419 }
1420 }
1421 /*
1422 * If we are over the maximum number of fragments
1423 * (due to the limit being lowered), drain off
1424 * enough to get down to the new limit.
1425 */
1426 if (maxnipq >= 0 && nipq > maxnipq) {
1427 for (i = 0; i < IPREASS_NHASH; i++) {
1428 while (nipq > maxnipq &&
1429 (ipq[i].next != &ipq[i])) {
1430 ipstat.ips_fragdropped +=
1431 ipq[i].next->ipq_nfrags;
1432 ip_freef(ipq[i].next);
1433 }
1434 }
1435 }
1436 ipflow_slowtimo();
1437 crit_exit();
1438}
1439
1440/*
1441 * Drain off all datagram fragments.
1442 */
1443void
1444ip_drain(void)
1445{
1446 int i;
1447
1448 for (i = 0; i < IPREASS_NHASH; i++) {
1449 while (ipq[i].next != &ipq[i]) {
1450 ipstat.ips_fragdropped += ipq[i].next->ipq_nfrags;
1451 ip_freef(ipq[i].next);
1452 }
1453 }
1454 in_rtqdrain();
1455}
1456
1457/*
1458 * Do option processing on a datagram,
1459 * possibly discarding it if bad options are encountered,
1460 * or forwarding it if source-routed.
1461 * The pass argument is used when operating in the IPSTEALTH
1462 * mode to tell what options to process:
1463 * [LS]SRR (pass 0) or the others (pass 1).
1464 * The reason for as many as two passes is that when doing IPSTEALTH,
1465 * non-routing options should be processed only if the packet is for us.
1466 * Returns 1 if packet has been forwarded/freed,
1467 * 0 if the packet should be processed further.
1468 */
1469static int
1470ip_dooptions(struct mbuf *m, int pass, struct sockaddr_in *next_hop)
1471{
1472 struct sockaddr_in ipaddr = { sizeof ipaddr, AF_INET };
1473 struct ip *ip = mtod(m, struct ip *);
1474 u_char *cp;
1475 struct in_ifaddr *ia;
1476 int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB;
1477 boolean_t forward = FALSE;
1478 struct in_addr *sin, dst;
1479 n_time ntime;
1480
1481 dst = ip->ip_dst;
1482 cp = (u_char *)(ip + 1);
1483 cnt = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
1484 for (; cnt > 0; cnt -= optlen, cp += optlen) {
1485 opt = cp[IPOPT_OPTVAL];
1486 if (opt == IPOPT_EOL)
1487 break;
1488 if (opt == IPOPT_NOP)
1489 optlen = 1;
1490 else {
1491 if (cnt < IPOPT_OLEN + sizeof(*cp)) {
1492 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1493 goto bad;
1494 }
1495 optlen = cp[IPOPT_OLEN];
1496 if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
1497 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1498 goto bad;
1499 }
1500 }
1501 switch (opt) {
1502
1503 default:
1504 break;
1505
1506 /*
1507 * Source routing with record.
1508 * Find interface with current destination address.
1509 * If none on this machine then drop if strictly routed,
1510 * or do nothing if loosely routed.
1511 * Record interface address and bring up next address
1512 * component. If strictly routed make sure next
1513 * address is on directly accessible net.
1514 */
1515 case IPOPT_LSRR:
1516 case IPOPT_SSRR:
1517 if (ipstealth && pass > 0)
1518 break;
1519 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1520 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1521 goto bad;
1522 }
1523 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1524 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1525 goto bad;
1526 }
1527 ipaddr.sin_addr = ip->ip_dst;
1528 ia = (struct in_ifaddr *)
1529 ifa_ifwithaddr((struct sockaddr *)&ipaddr);
1530 if (ia == NULL) {
1531 if (opt == IPOPT_SSRR) {
1532 type = ICMP_UNREACH;
1533 code = ICMP_UNREACH_SRCFAIL;
1534 goto bad;
1535 }
1536 if (!ip_dosourceroute)
1537 goto nosourcerouting;
1538 /*
1539 * Loose routing, and not at next destination
1540 * yet; nothing to do except forward.
1541 */
1542 break;
1543 }
1544 off--; /* 0 origin */
1545 if (off > optlen - (int)sizeof(struct in_addr)) {
1546 /*
1547 * End of source route. Should be for us.
1548 */
1549 if (!ip_acceptsourceroute)
1550 goto nosourcerouting;
1551 save_rte(m, cp, ip->ip_src);
1552 break;
1553 }
1554 if (ipstealth)
1555 goto dropit;
1556 if (!ip_dosourceroute) {
1557 if (ipforwarding) {
1558 char buf[sizeof "aaa.bbb.ccc.ddd"];
1559
1560 /*
1561 * Acting as a router, so generate ICMP
1562 */
1563nosourcerouting:
1564 strcpy(buf, inet_ntoa(ip->ip_dst));
1565 log(LOG_WARNING,
1566 "attempted source route from %s to %s\n",
1567 inet_ntoa(ip->ip_src), buf);
1568 type = ICMP_UNREACH;
1569 code = ICMP_UNREACH_SRCFAIL;
1570 goto bad;
1571 } else {
1572 /*
1573 * Not acting as a router,
1574 * so silently drop.
1575 */
1576dropit:
1577 ipstat.ips_cantforward++;
1578 m_freem(m);
1579 return (1);
1580 }
1581 }
1582
1583 /*
1584 * locate outgoing interface
1585 */
1586 memcpy(&ipaddr.sin_addr, cp + off,
1587 sizeof ipaddr.sin_addr);
1588
1589 if (opt == IPOPT_SSRR) {
1590#define INA struct in_ifaddr *
1591#define SA struct sockaddr *
1592 if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr))
1593 == NULL)
1594 ia = (INA)ifa_ifwithnet((SA)&ipaddr);
1595 } else
1596 ia = ip_rtaddr(ipaddr.sin_addr,
1597 &ipforward_rt[mycpuid]);
1598 if (ia == NULL) {
1599 type = ICMP_UNREACH;
1600 code = ICMP_UNREACH_SRCFAIL;
1601 goto bad;
1602 }
1603 ip->ip_dst = ipaddr.sin_addr;
1604 memcpy(cp + off, &IA_SIN(ia)->sin_addr,
1605 sizeof(struct in_addr));
1606 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1607 /*
1608 * Let ip_intr's mcast routing check handle mcast pkts
1609 */
1610 forward = !IN_MULTICAST(ntohl(ip->ip_dst.s_addr));
1611 break;
1612
1613 case IPOPT_RR:
1614 if (ipstealth && pass == 0)
1615 break;
1616 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1617 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1618 goto bad;
1619 }
1620 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1621 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1622 goto bad;
1623 }
1624 /*
1625 * If no space remains, ignore.
1626 */
1627 off--; /* 0 origin */
1628 if (off > optlen - (int)sizeof(struct in_addr))
1629 break;
1630 memcpy(&ipaddr.sin_addr, &ip->ip_dst,
1631 sizeof ipaddr.sin_addr);
1632 /*
1633 * locate outgoing interface; if we're the destination,
1634 * use the incoming interface (should be same).
1635 */
1636 if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == NULL &&
1637 (ia = ip_rtaddr(ipaddr.sin_addr,
1638 &ipforward_rt[mycpuid]))
1639 == NULL) {
1640 type = ICMP_UNREACH;
1641 code = ICMP_UNREACH_HOST;
1642 goto bad;
1643 }
1644 memcpy(cp + off, &IA_SIN(ia)->sin_addr,
1645 sizeof(struct in_addr));
1646 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1647 break;
1648
1649 case IPOPT_TS:
1650 if (ipstealth && pass == 0)
1651 break;
1652 code = cp - (u_char *)ip;
1653 if (optlen < 4 || optlen > 40) {
1654 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1655 goto bad;
1656 }
1657 if ((off = cp[IPOPT_OFFSET]) < 5) {
1658 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1659 goto bad;
1660 }
1661 if (off > optlen - (int)sizeof(int32_t)) {
1662 cp[IPOPT_OFFSET + 1] += (1 << 4);
1663 if ((cp[IPOPT_OFFSET + 1] & 0xf0) == 0) {
1664 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1665 goto bad;
1666 }
1667 break;
1668 }
1669 off--; /* 0 origin */
1670 sin = (struct in_addr *)(cp + off);
1671 switch (cp[IPOPT_OFFSET + 1] & 0x0f) {
1672
1673 case IPOPT_TS_TSONLY:
1674 break;
1675
1676 case IPOPT_TS_TSANDADDR:
1677 if (off + sizeof(n_time) +
1678 sizeof(struct in_addr) > optlen) {
1679 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1680 goto bad;
1681 }
1682 ipaddr.sin_addr = dst;
1683 ia = (INA)ifaof_ifpforaddr((SA)&ipaddr,
1684 m->m_pkthdr.rcvif);
1685 if (ia == NULL)
1686 continue;
1687 memcpy(sin, &IA_SIN(ia)->sin_addr,
1688 sizeof(struct in_addr));
1689 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1690 off += sizeof(struct in_addr);
1691 break;
1692
1693 case IPOPT_TS_PRESPEC:
1694 if (off + sizeof(n_time) +
1695 sizeof(struct in_addr) > optlen) {
1696 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1697 goto bad;
1698 }
1699 memcpy(&ipaddr.sin_addr, sin,
1700 sizeof(struct in_addr));
1701 if (ifa_ifwithaddr((SA)&ipaddr) == NULL)
1702 continue;
1703 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1704 off += sizeof(struct in_addr);
1705 break;
1706
1707 default:
1708 code = &cp[IPOPT_OFFSET + 1] - (u_char *)ip;
1709 goto bad;
1710 }
1711 ntime = iptime();
1712 memcpy(cp + off, &ntime, sizeof(n_time));
1713 cp[IPOPT_OFFSET] += sizeof(n_time);
1714 }
1715 }
1716 if (forward && ipforwarding) {
1717 ip_forward(m, TRUE, next_hop);
1718 return (1);
1719 }
1720 return (0);
1721bad:
1722 icmp_error(m, type, code, 0, 0);
1723 ipstat.ips_badoptions++;
1724 return (1);
1725}
1726
1727/*
1728 * Given address of next destination (final or next hop),
1729 * return internet address info of interface to be used to get there.
1730 */
1731struct in_ifaddr *
1732ip_rtaddr(struct in_addr dst, struct route *ro)
1733{
1734 struct sockaddr_in *sin;
1735
1736 sin = (struct sockaddr_in *)&ro->ro_dst;
1737
1738 if (ro->ro_rt == NULL || dst.s_addr != sin->sin_addr.s_addr) {
1739 if (ro->ro_rt != NULL) {
1740 RTFREE(ro->ro_rt);
1741 ro->ro_rt = NULL;
1742 }
1743 sin->sin_family = AF_INET;
1744 sin->sin_len = sizeof *sin;
1745 sin->sin_addr = dst;
1746 rtalloc_ign(ro, RTF_PRCLONING);
1747 }
1748
1749 if (ro->ro_rt == NULL)
1750 return (NULL);
1751
1752 return (ifatoia(ro->ro_rt->rt_ifa));
1753}
1754
1755/*
1756 * Save incoming source route for use in replies,
1757 * to be picked up later by ip_srcroute if the receiver is interested.
1758 */
1759static void
1760save_rte(struct mbuf *m, u_char *option, struct in_addr dst)
1761{
1762 struct m_tag *mtag;
1763 struct ip_srcrt_opt *opt;
1764 unsigned olen;
1765
1766 mtag = m_tag_get(PACKET_TAG_IPSRCRT, sizeof(*opt), MB_DONTWAIT);
1767 if (mtag == NULL)
1768 return;
1769 opt = m_tag_data(mtag);
1770
1771 olen = option[IPOPT_OLEN];
1772#ifdef DIAGNOSTIC
1773 if (ipprintfs)
1774 kprintf("save_rte: olen %d\n", olen);
1775#endif
1776 if (olen > sizeof(opt->ip_srcrt) - (1 + sizeof(dst))) {
1777 m_tag_free(mtag);
1778 return;
1779 }
1780 bcopy(option, opt->ip_srcrt.srcopt, olen);
1781 opt->ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
1782 opt->ip_srcrt.dst = dst;
1783 m_tag_prepend(m, mtag);
1784}
1785
1786/*
1787 * Retrieve incoming source route for use in replies,
1788 * in the same form used by setsockopt.
1789 * The first hop is placed before the options, will be removed later.
1790 */
1791struct mbuf *
1792ip_srcroute(struct mbuf *m0)
1793{
1794 struct in_addr *p, *q;
1795 struct mbuf *m;
1796 struct m_tag *mtag;
1797 struct ip_srcrt_opt *opt;
1798
1799 if (m0 == NULL)
1800 return NULL;
1801
1802 mtag = m_tag_find(m0, PACKET_TAG_IPSRCRT, NULL);
1803 if (mtag == NULL)
1804 return NULL;
1805 opt = m_tag_data(mtag);
1806
1807 if (opt->ip_nhops == 0)
1808 return (NULL);
1809 m = m_get(MB_DONTWAIT, MT_HEADER);
1810 if (m == NULL)
1811 return (NULL);
1812
1813#define OPTSIZ (sizeof(opt->ip_srcrt.nop) + sizeof(opt->ip_srcrt.srcopt))
1814
1815 /* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */
1816 m->m_len = opt->ip_nhops * sizeof(struct in_addr) +
1817 sizeof(struct in_addr) + OPTSIZ;
1818#ifdef DIAGNOSTIC
1819 if (ipprintfs) {
1820 kprintf("ip_srcroute: nhops %d mlen %d",
1821 opt->ip_nhops, m->m_len);
1822 }
1823#endif
1824
1825 /*
1826 * First save first hop for return route
1827 */
1828 p = &opt->ip_srcrt.route[opt->ip_nhops - 1];
1829 *(mtod(m, struct in_addr *)) = *p--;
1830#ifdef DIAGNOSTIC
1831 if (ipprintfs)
1832 kprintf(" hops %x", ntohl(mtod(m, struct in_addr *)->s_addr));
1833#endif
1834
1835 /*
1836 * Copy option fields and padding (nop) to mbuf.
1837 */
1838 opt->ip_srcrt.nop = IPOPT_NOP;
1839 opt->ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF;
1840 memcpy(mtod(m, caddr_t) + sizeof(struct in_addr), &opt->ip_srcrt.nop,
1841 OPTSIZ);
1842 q = (struct in_addr *)(mtod(m, caddr_t) +
1843 sizeof(struct in_addr) + OPTSIZ);
1844#undef OPTSIZ
1845 /*
1846 * Record return path as an IP source route,
1847 * reversing the path (pointers are now aligned).
1848 */
1849 while (p >= opt->ip_srcrt.route) {
1850#ifdef DIAGNOSTIC
1851 if (ipprintfs)
1852 kprintf(" %x", ntohl(q->s_addr));
1853#endif
1854 *q++ = *p--;
1855 }
1856 /*
1857 * Last hop goes to final destination.
1858 */
1859 *q = opt->ip_srcrt.dst;
1860 m_tag_delete(m0, mtag);
1861#ifdef DIAGNOSTIC
1862 if (ipprintfs)
1863 kprintf(" %x\n", ntohl(q->s_addr));
1864#endif
1865 return (m);
1866}
1867
1868/*
1869 * Strip out IP options.
1870 */
1871void
1872ip_stripoptions(struct mbuf *m)
1873{
1874 int datalen;
1875 struct ip *ip = mtod(m, struct ip *);
1876 caddr_t opts;
1877 int optlen;
1878
1879 optlen = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
1880 opts = (caddr_t)(ip + 1);
1881 datalen = m->m_len - (sizeof(struct ip) + optlen);
1882 bcopy(opts + optlen, opts, datalen);
1883 m->m_len -= optlen;
1884 if (m->m_flags & M_PKTHDR)
1885 m->m_pkthdr.len -= optlen;
1886 ip->ip_vhl = IP_MAKE_VHL(IPVERSION, sizeof(struct ip) >> 2);
1887}
1888
1889u_char inetctlerrmap[PRC_NCMDS] = {
1890 0, 0, 0, 0,
1891 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH,
1892 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
1893 EMSGSIZE, EHOSTUNREACH, 0, 0,
1894 0, 0, 0, 0,
1895 ENOPROTOOPT, ECONNREFUSED
1896};
1897
1898/*
1899 * Forward a packet. If some error occurs return the sender
1900 * an icmp packet. Note we can't always generate a meaningful
1901 * icmp message because icmp doesn't have a large enough repertoire
1902 * of codes and types.
1903 *
1904 * If not forwarding, just drop the packet. This could be confusing
1905 * if ipforwarding was zero but some routing protocol was advancing
1906 * us as a gateway to somewhere. However, we must let the routing
1907 * protocol deal with that.
1908 *
1909 * The using_srcrt parameter indicates whether the packet is being forwarded
1910 * via a source route.
1911 */
1912void
1913ip_forward(struct mbuf *m, boolean_t using_srcrt, struct sockaddr_in *next_hop)
1914{
1915 struct ip *ip = mtod(m, struct ip *);
1916 struct sockaddr_in *ipforward_rtaddr;
1917 struct rtentry *rt;
1918 int error, type = 0, code = 0, destmtu = 0;
1919 struct mbuf *mcopy;
1920 n_long dest;
1921 struct in_addr pkt_dst;
1922 struct route *cache_rt = &ipforward_rt[mycpuid];
1923
1924 dest = INADDR_ANY;
1925 /*
1926 * Cache the destination address of the packet; this may be
1927 * changed by use of 'ipfw fwd'.
1928 */
1929 pkt_dst = (next_hop != NULL) ? next_hop->sin_addr : ip->ip_dst;
1930
1931#ifdef DIAGNOSTIC
1932 if (ipprintfs)
1933 kprintf("forward: src %x dst %x ttl %x\n",
1934 ip->ip_src.s_addr, pkt_dst.s_addr, ip->ip_ttl);
1935#endif
1936
1937 if (m->m_flags & (M_BCAST | M_MCAST) || !in_canforward(pkt_dst)) {
1938 ipstat.ips_cantforward++;
1939 m_freem(m);
1940 return;
1941 }
1942 if (!ipstealth && ip->ip_ttl <= IPTTLDEC) {
1943 icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, dest, 0);
1944 return;
1945 }
1946
1947 ipforward_rtaddr = (struct sockaddr_in *) &cache_rt->ro_dst;
1948 if (cache_rt->ro_rt == NULL ||
1949 ipforward_rtaddr->sin_addr.s_addr != pkt_dst.s_addr) {
1950 if (cache_rt->ro_rt != NULL) {
1951 RTFREE(cache_rt->ro_rt);
1952 cache_rt->ro_rt = NULL;
1953 }
1954 ipforward_rtaddr->sin_family = AF_INET;
1955 ipforward_rtaddr->sin_len = sizeof(struct sockaddr_in);
1956 ipforward_rtaddr->sin_addr = pkt_dst;
1957 rtalloc_ign(cache_rt, RTF_PRCLONING);
1958 if (cache_rt->ro_rt == NULL) {
1959 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, dest, 0);
1960 return;
1961 }
1962 }
1963 rt = cache_rt->ro_rt;
1964
1965 /*
1966 * Save the IP header and at most 8 bytes of the payload,
1967 * in case we need to generate an ICMP message to the src.
1968 *
1969 * XXX this can be optimized a lot by saving the data in a local
1970 * buffer on the stack (72 bytes at most), and only allocating the
1971 * mbuf if really necessary. The vast majority of the packets
1972 * are forwarded without having to send an ICMP back (either
1973 * because unnecessary, or because rate limited), so we are
1974 * really we are wasting a lot of work here.
1975 *
1976 * We don't use m_copy() because it might return a reference
1977 * to a shared cluster. Both this function and ip_output()
1978 * assume exclusive access to the IP header in `m', so any
1979 * data in a cluster may change before we reach icmp_error().
1980 */
1981 MGETHDR(mcopy, MB_DONTWAIT, m->m_type);
1982 if (mcopy != NULL && !m_dup_pkthdr(mcopy, m, MB_DONTWAIT)) {
1983 /*
1984 * It's probably ok if the pkthdr dup fails (because
1985 * the deep copy of the tag chain failed), but for now
1986 * be conservative and just discard the copy since
1987 * code below may some day want the tags.
1988 */
1989 m_free(mcopy);
1990 mcopy = NULL;
1991 }
1992 if (mcopy != NULL) {
1993 mcopy->m_len = imin((IP_VHL_HL(ip->ip_vhl) << 2) + 8,
1994 (int)ip->ip_len);
1995 mcopy->m_pkthdr.len = mcopy->m_len;
1996 m_copydata(m, 0, mcopy->m_len, mtod(mcopy, caddr_t));
1997 }
1998
1999 if (!ipstealth)
2000 ip->ip_ttl -= IPTTLDEC;
2001
2002 /*
2003 * If forwarding packet using same interface that it came in on,
2004 * perhaps should send a redirect to sender to shortcut a hop.
2005 * Only send redirect if source is sending directly to us,
2006 * and if packet was not source routed (or has any options).
2007 * Also, don't send redirect if forwarding using a default route
2008 * or a route modified by a redirect.
2009 */
2010 if (rt->rt_ifp == m->m_pkthdr.rcvif &&
2011 !(rt->rt_flags & (RTF_DYNAMIC | RTF_MODIFIED)) &&
2012 satosin(rt_key(rt))->sin_addr.s_addr != INADDR_ANY &&
2013 ipsendredirects && !using_srcrt && next_hop == NULL) {
2014 u_long src = ntohl(ip->ip_src.s_addr);
2015 struct in_ifaddr *rt_ifa = (struct in_ifaddr *)rt->rt_ifa;
2016
2017 if (rt_ifa != NULL &&
2018 (src & rt_ifa->ia_subnetmask) == rt_ifa->ia_subnet) {
2019 if (rt->rt_flags & RTF_GATEWAY)
2020 dest = satosin(rt->rt_gateway)->sin_addr.s_addr;
2021 else
2022 dest = pkt_dst.s_addr;
2023 /*
2024 * Router requirements says to only send
2025 * host redirects.
2026 */
2027 type = ICMP_REDIRECT;
2028 code = ICMP_REDIRECT_HOST;
2029#ifdef DIAGNOSTIC
2030 if (ipprintfs)
2031 kprintf("redirect (%d) to %x\n", code, dest);
2032#endif
2033 }
2034 }
2035
2036 error = ip_output(m, NULL, cache_rt, IP_FORWARDING, NULL, NULL);
2037 if (error == 0) {
2038 ipstat.ips_forward++;
2039 if (type == 0) {
2040 if (mcopy) {
2041 ipflow_create(cache_rt, mcopy);
2042 m_freem(mcopy);
2043 }
2044 return; /* most common case */
2045 } else {
2046 ipstat.ips_redirectsent++;
2047 }
2048 } else {
2049 ipstat.ips_cantforward++;
2050 }
2051
2052 if (mcopy == NULL)
2053 return;
2054
2055 /*
2056 * Send ICMP message.
2057 */
2058
2059 switch (error) {
2060
2061 case 0: /* forwarded, but need redirect */
2062 /* type, code set above */
2063 break;
2064
2065 case ENETUNREACH: /* shouldn't happen, checked above */
2066 case EHOSTUNREACH:
2067 case ENETDOWN:
2068 case EHOSTDOWN:
2069 default:
2070 type = ICMP_UNREACH;
2071 code = ICMP_UNREACH_HOST;
2072 break;
2073
2074 case EMSGSIZE:
2075 type = ICMP_UNREACH;
2076 code = ICMP_UNREACH_NEEDFRAG;
2077#ifdef IPSEC
2078 /*
2079 * If the packet is routed over IPsec tunnel, tell the
2080 * originator the tunnel MTU.
2081 * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
2082 * XXX quickhack!!!
2083 */
2084 if (cache_rt->ro_rt != NULL) {
2085 struct secpolicy *sp = NULL;
2086 int ipsecerror;
2087 int ipsechdr;
2088 struct route *ro;
2089
2090 sp = ipsec4_getpolicybyaddr(mcopy,
2091 IPSEC_DIR_OUTBOUND,
2092 IP_FORWARDING,
2093 &ipsecerror);
2094
2095 if (sp == NULL)
2096 destmtu = cache_rt->ro_rt->rt_ifp->if_mtu;
2097 else {
2098 /* count IPsec header size */
2099 ipsechdr = ipsec4_hdrsiz(mcopy,
2100 IPSEC_DIR_OUTBOUND,
2101 NULL);
2102
2103 /*
2104 * find the correct route for outer IPv4
2105 * header, compute tunnel MTU.
2106 *
2107 */
2108 if (sp->req != NULL && sp->req->sav != NULL &&
2109 sp->req->sav->sah != NULL) {
2110 ro = &sp->req->sav->sah->sa_route;
2111 if (ro->ro_rt != NULL &&
2112 ro->ro_rt->rt_ifp != NULL) {
2113 destmtu =
2114 ro->ro_rt->rt_ifp->if_mtu;
2115 destmtu -= ipsechdr;
2116 }
2117 }
2118
2119 key_freesp(sp);
2120 }
2121 }
2122#elif FAST_IPSEC
2123 /*
2124 * If the packet is routed over IPsec tunnel, tell the
2125 * originator the tunnel MTU.
2126 * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
2127 * XXX quickhack!!!
2128 */
2129 if (cache_rt->ro_rt != NULL) {
2130 struct secpolicy *sp = NULL;
2131 int ipsecerror;
2132 int ipsechdr;
2133 struct route *ro;
2134
2135 sp = ipsec_getpolicybyaddr(mcopy,
2136 IPSEC_DIR_OUTBOUND,
2137 IP_FORWARDING,
2138 &ipsecerror);
2139
2140 if (sp == NULL)
2141 destmtu = cache_rt->ro_rt->rt_ifp->if_mtu;
2142 else {
2143 /* count IPsec header size */
2144 ipsechdr = ipsec4_hdrsiz(mcopy,
2145 IPSEC_DIR_OUTBOUND,
2146 NULL);
2147
2148 /*
2149 * find the correct route for outer IPv4
2150 * header, compute tunnel MTU.
2151 */
2152
2153 if (sp->req != NULL &&
2154 sp->req->sav != NULL &&
2155 sp->req->sav->sah != NULL) {
2156 ro = &sp->req->sav->sah->sa_route;
2157 if (ro->ro_rt != NULL &&
2158 ro->ro_rt->rt_ifp != NULL) {
2159 destmtu =
2160 ro->ro_rt->rt_ifp->if_mtu;
2161 destmtu -= ipsechdr;
2162 }
2163 }
2164
2165 KEY_FREESP(&sp);
2166 }
2167 }
2168#else /* !IPSEC && !FAST_IPSEC */
2169 if (cache_rt->ro_rt != NULL)
2170 destmtu = cache_rt->ro_rt->rt_ifp->if_mtu;
2171#endif /*IPSEC*/
2172 ipstat.ips_cantfrag++;
2173 break;
2174
2175 case ENOBUFS:
2176 /*
2177 * A router should not generate ICMP_SOURCEQUENCH as
2178 * required in RFC1812 Requirements for IP Version 4 Routers.
2179 * Source quench could be a big problem under DoS attacks,
2180 * or if the underlying interface is rate-limited.
2181 * Those who need source quench packets may re-enable them
2182 * via the net.inet.ip.sendsourcequench sysctl.
2183 */
2184 if (!ip_sendsourcequench) {
2185 m_freem(mcopy);
2186 return;
2187 } else {
2188 type = ICMP_SOURCEQUENCH;
2189 code = 0;
2190 }
2191 break;
2192
2193 case EACCES: /* ipfw denied packet */
2194 m_freem(mcopy);
2195 return;
2196 }
2197 icmp_error(mcopy, type, code, dest, destmtu);
2198}
2199
2200void
2201ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip,
2202 struct mbuf *m)
2203{
2204 if (inp->inp_socket->so_options & SO_TIMESTAMP) {
2205 struct timeval tv;
2206
2207 microtime(&tv);
2208 *mp = sbcreatecontrol((caddr_t) &tv, sizeof(tv),
2209 SCM_TIMESTAMP, SOL_SOCKET);
2210 if (*mp)
2211 mp = &(*mp)->m_next;
2212 }
2213 if (inp->inp_flags & INP_RECVDSTADDR) {
2214 *mp = sbcreatecontrol((caddr_t) &ip->ip_dst,
2215 sizeof(struct in_addr), IP_RECVDSTADDR, IPPROTO_IP);
2216 if (*mp)
2217 mp = &(*mp)->m_next;
2218 }
2219 if (inp->inp_flags & INP_RECVTTL) {
2220 *mp = sbcreatecontrol((caddr_t) &ip->ip_ttl,
2221 sizeof(u_char), IP_RECVTTL, IPPROTO_IP);
2222 if (*mp)
2223 mp = &(*mp)->m_next;
2224 }
2225#ifdef notyet
2226 /* XXX
2227 * Moving these out of udp_input() made them even more broken
2228 * than they already were.
2229 */
2230 /* options were tossed already */
2231 if (inp->inp_flags & INP_RECVOPTS) {
2232 *mp = sbcreatecontrol((caddr_t) opts_deleted_above,
2233 sizeof(struct in_addr), IP_RECVOPTS, IPPROTO_IP);
2234 if (*mp)
2235 mp = &(*mp)->m_next;
2236 }
2237 /* ip_srcroute doesn't do what we want here, need to fix */
2238 if (inp->inp_flags & INP_RECVRETOPTS) {
2239 *mp = sbcreatecontrol((caddr_t) ip_srcroute(m),
2240 sizeof(struct in_addr), IP_RECVRETOPTS, IPPROTO_IP);
2241 if (*mp)
2242 mp = &(*mp)->m_next;
2243 }
2244#endif
2245 if (inp->inp_flags & INP_RECVIF) {
2246 struct ifnet *ifp;
2247 struct sdlbuf {
2248 struct sockaddr_dl sdl;
2249 u_char pad[32];
2250 } sdlbuf;
2251 struct sockaddr_dl *sdp;
2252 struct sockaddr_dl *sdl2 = &sdlbuf.sdl;
2253
2254 if (((ifp = m->m_pkthdr.rcvif)) &&
2255 ((ifp->if_index != 0) && (ifp->if_index <= if_index))) {
2256 sdp = IF_LLSOCKADDR(ifp);
2257 /*
2258 * Change our mind and don't try copy.
2259 */
2260 if ((sdp->sdl_family != AF_LINK) ||
2261 (sdp->sdl_len > sizeof(sdlbuf))) {
2262 goto makedummy;
2263 }
2264 bcopy(sdp, sdl2, sdp->sdl_len);
2265 } else {
2266makedummy:
2267 sdl2->sdl_len =
2268 offsetof(struct sockaddr_dl, sdl_data[0]);
2269 sdl2->sdl_family = AF_LINK;
2270 sdl2->sdl_index = 0;
2271 sdl2->sdl_nlen = sdl2->sdl_alen = sdl2->sdl_slen = 0;
2272 }
2273 *mp = sbcreatecontrol((caddr_t) sdl2, sdl2->sdl_len,
2274 IP_RECVIF, IPPROTO_IP);
2275 if (*mp)
2276 mp = &(*mp)->m_next;
2277 }
2278}
2279
2280/*
2281 * XXX these routines are called from the upper part of the kernel.
2282 *
2283 * They could also be moved to ip_mroute.c, since all the RSVP
2284 * handling is done there already.
2285 */
2286int
2287ip_rsvp_init(struct socket *so)
2288{
2289 if (so->so_type != SOCK_RAW ||
2290 so->so_proto->pr_protocol != IPPROTO_RSVP)
2291 return EOPNOTSUPP;
2292
2293 if (ip_rsvpd != NULL)
2294 return EADDRINUSE;
2295
2296 ip_rsvpd = so;
2297 /*
2298 * This may seem silly, but we need to be sure we don't over-increment
2299 * the RSVP counter, in case something slips up.
2300 */
2301 if (!ip_rsvp_on) {
2302 ip_rsvp_on = 1;
2303 rsvp_on++;
2304 }
2305
2306 return 0;
2307}
2308
2309int
2310ip_rsvp_done(void)
2311{
2312 ip_rsvpd = NULL;
2313 /*
2314 * This may seem silly, but we need to be sure we don't over-decrement
2315 * the RSVP counter, in case something slips up.
2316 */
2317 if (ip_rsvp_on) {
2318 ip_rsvp_on = 0;
2319 rsvp_on--;
2320 }
2321 return 0;
2322}
2323
2324void
2325rsvp_input(struct mbuf *m, ...) /* XXX must fixup manually */
2326{
2327 int off, proto;
2328 __va_list ap;
2329
2330 __va_start(ap, m);
2331 off = __va_arg(ap, int);
2332 proto = __va_arg(ap, int);
2333 __va_end(ap);
2334
2335 if (rsvp_input_p) { /* call the real one if loaded */
2336 rsvp_input_p(m, off, proto);
2337 return;
2338 }
2339
2340 /* Can still get packets with rsvp_on = 0 if there is a local member
2341 * of the group to which the RSVP packet is addressed. But in this
2342 * case we want to throw the packet away.
2343 */
2344
2345 if (!rsvp_on) {
2346 m_freem(m);
2347 return;
2348 }
2349
2350 if (ip_rsvpd != NULL) {
2351 rip_input(m, off, proto);
2352 return;
2353 }
2354 /* Drop the packet */
2355 m_freem(m);
2356}
DragonFly Project Source