projects / dragonfly.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
White space
[dragonfly.git] / sys / netinet / ip_input.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 2003, 2004 Jeffrey M. Hsu. All rights reserved.
3 * Copyright (c) 2003, 2004 The DragonFly Project. All rights reserved.
4 *
5 * This code is derived from software contributed to The DragonFly Project
6 * by Jeffrey M. Hsu.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of The DragonFly Project nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific, prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
30 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34/*
35 * Copyright (c) 1982, 1986, 1988, 1993
36 * The Regents of the University of California. All rights reserved.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. All advertising materials mentioning features or use of this software
47 * must display the following acknowledgement:
48 * This product includes software developed by the University of
49 * California, Berkeley and its contributors.
50 * 4. Neither the name of the University nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * SUCH DAMAGE.
65 *
66 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94
67 * $FreeBSD: src/sys/netinet/ip_input.c,v 1.130.2.52 2003/03/07 07:01:28 silby Exp $
68 * $DragonFly: src/sys/netinet/ip_input.c,v 1.93 2008/08/23 09:06:37 sephe Exp $
69 */
70
71#define _IP_VHL
72
73#include "opt_bootp.h"
74#include "opt_ipfw.h"
75#include "opt_ipdn.h"
76#include "opt_ipdivert.h"
77#include "opt_ipfilter.h"
78#include "opt_ipstealth.h"
79#include "opt_ipsec.h"
80
81#include <sys/param.h>
82#include <sys/systm.h>
83#include <sys/mbuf.h>
84#include <sys/malloc.h>
85#include <sys/mpipe.h>
86#include <sys/domain.h>
87#include <sys/protosw.h>
88#include <sys/socket.h>
89#include <sys/time.h>
90#include <sys/globaldata.h>
91#include <sys/thread.h>
92#include <sys/kernel.h>
93#include <sys/syslog.h>
94#include <sys/sysctl.h>
95#include <sys/in_cksum.h>
96
97#include <machine/stdarg.h>
98
99#include <net/if.h>
100#include <net/if_types.h>
101#include <net/if_var.h>
102#include <net/if_dl.h>
103#include <net/pfil.h>
104#include <net/route.h>
105#include <net/netisr.h>
106
107#include <netinet/in.h>
108#include <netinet/in_systm.h>
109#include <netinet/in_var.h>
110#include <netinet/ip.h>
111#include <netinet/in_pcb.h>
112#include <netinet/ip_var.h>
113#include <netinet/ip_icmp.h>
114
115#include <sys/thread2.h>
116#include <sys/msgport2.h>
117#include <net/netmsg2.h>
118
119#include <sys/socketvar.h>
120
121#include <net/ipfw/ip_fw.h>
122#include <net/dummynet/ip_dummynet.h>
123
124#ifdef IPSEC
125#include <netinet6/ipsec.h>
126#include <netproto/key/key.h>
127#endif
128
129#ifdef FAST_IPSEC
130#include <netproto/ipsec/ipsec.h>
131#include <netproto/ipsec/key.h>
132#endif
133
134int rsvp_on = 0;
135static int ip_rsvp_on;
136struct socket *ip_rsvpd;
137
138int ipforwarding = 0;
139SYSCTL_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW,
140 &ipforwarding, 0, "Enable IP forwarding between interfaces");
141
142static int ipsendredirects = 1; /* XXX */
143SYSCTL_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW,
144 &ipsendredirects, 0, "Enable sending IP redirects");
145
146int ip_defttl = IPDEFTTL;
147SYSCTL_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW,
148 &ip_defttl, 0, "Maximum TTL on IP packets");
149
150static int ip_dosourceroute = 0;
151SYSCTL_INT(_net_inet_ip, IPCTL_SOURCEROUTE, sourceroute, CTLFLAG_RW,
152 &ip_dosourceroute, 0, "Enable forwarding source routed IP packets");
153
154static int ip_acceptsourceroute = 0;
155SYSCTL_INT(_net_inet_ip, IPCTL_ACCEPTSOURCEROUTE, accept_sourceroute,
156 CTLFLAG_RW, &ip_acceptsourceroute, 0,
157 "Enable accepting source routed IP packets");
158
159static int ip_keepfaith = 0;
160SYSCTL_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
161 &ip_keepfaith, 0,
162 "Enable packet capture for FAITH IPv4->IPv6 translator daemon");
163
164static int nipq = 0; /* total # of reass queues */
165static int maxnipq;
166SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragpackets, CTLFLAG_RW,
167 &maxnipq, 0,
168 "Maximum number of IPv4 fragment reassembly queue entries");
169
170static int maxfragsperpacket;
171SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW,
172 &maxfragsperpacket, 0,
173 "Maximum number of IPv4 fragments allowed per packet");
174
175static int ip_sendsourcequench = 0;
176SYSCTL_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW,
177 &ip_sendsourcequench, 0,
178 "Enable the transmission of source quench packets");
179
180int ip_do_randomid = 1;
181SYSCTL_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW,
182 &ip_do_randomid, 0,
183 "Assign random ip_id values");
184/*
185 * XXX - Setting ip_checkinterface mostly implements the receive side of
186 * the Strong ES model described in RFC 1122, but since the routing table
187 * and transmit implementation do not implement the Strong ES model,
188 * setting this to 1 results in an odd hybrid.
189 *
190 * XXX - ip_checkinterface currently must be disabled if you use ipnat
191 * to translate the destination address to another local interface.
192 *
193 * XXX - ip_checkinterface must be disabled if you add IP aliases
194 * to the loopback interface instead of the interface where the
195 * packets for those addresses are received.
196 */
197static int ip_checkinterface = 0;
198SYSCTL_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW,
199 &ip_checkinterface, 0, "Verify packet arrives on correct interface");
200
201#ifdef DIAGNOSTIC
202static int ipprintfs = 0;
203#endif
204
205extern struct domain inetdomain;
206extern struct protosw inetsw[];
207u_char ip_protox[IPPROTO_MAX];
208struct in_ifaddrhead in_ifaddrheads[MAXCPU]; /* first inet address */
209struct in_ifaddrhashhead *in_ifaddrhashtbls[MAXCPU];
210 /* inet addr hash table */
211u_long in_ifaddrhmask; /* mask for hash table */
212
213struct ip_stats ipstats_percpu[MAXCPU];
214#ifdef SMP
215static int
216sysctl_ipstats(SYSCTL_HANDLER_ARGS)
217{
218 int cpu, error = 0;
219
220 for (cpu = 0; cpu < ncpus; ++cpu) {
221 if ((error = SYSCTL_OUT(req, &ipstats_percpu[cpu],
222 sizeof(struct ip_stats))))
223 break;
224 if ((error = SYSCTL_IN(req, &ipstats_percpu[cpu],
225 sizeof(struct ip_stats))))
226 break;
227 }
228
229 return (error);
230}
231SYSCTL_PROC(_net_inet_ip, IPCTL_STATS, stats, (CTLTYPE_OPAQUE | CTLFLAG_RW),
232 0, 0, sysctl_ipstats, "S,ip_stats", "IP statistics");
233#else
234SYSCTL_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW,
235 &ipstat, ip_stats, "IP statistics");
236#endif
237
238/* Packet reassembly stuff */
239#define IPREASS_NHASH_LOG2 6
240#define IPREASS_NHASH (1 << IPREASS_NHASH_LOG2)
241#define IPREASS_HMASK (IPREASS_NHASH - 1)
242#define IPREASS_HASH(x,y) \
243 (((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK)
244
245static struct ipq ipq[IPREASS_NHASH];
246
247#ifdef IPCTL_DEFMTU
248SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
249 &ip_mtu, 0, "Default MTU");
250#endif
251
252#ifdef IPSTEALTH
253static int ipstealth = 0;
254SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, &ipstealth, 0, "");
255#else
256static const int ipstealth = 0;
257#endif
258
259
260/* Firewall hooks */
261ip_fw_chk_t *ip_fw_chk_ptr;
262ip_fw_dn_io_t *ip_fw_dn_io_ptr;
263int ip_fw_loaded;
264int fw_enable = 1;
265int fw_one_pass = 1;
266
267struct pfil_head inet_pfil_hook;
268
269/*
270 * struct ip_srcrt_opt is used to store packet state while it travels
271 * through the stack.
272 *
273 * XXX Note that the code even makes assumptions on the size and
274 * alignment of fields inside struct ip_srcrt so e.g. adding some
275 * fields will break the code. This needs to be fixed.
276 *
277 * We need to save the IP options in case a protocol wants to respond
278 * to an incoming packet over the same route if the packet got here
279 * using IP source routing. This allows connection establishment and
280 * maintenance when the remote end is on a network that is not known
281 * to us.
282 */
283struct ip_srcrt {
284 struct in_addr dst; /* final destination */
285 char nop; /* one NOP to align */
286 char srcopt[IPOPT_OFFSET + 1]; /* OPTVAL, OLEN and OFFSET */
287 struct in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)];
288};
289
290struct ip_srcrt_opt {
291 int ip_nhops;
292 struct ip_srcrt ip_srcrt;
293};
294
295static MALLOC_DEFINE(M_IPQ, "ipq", "IP Fragment Management");
296static struct malloc_pipe ipq_mpipe;
297
298static void save_rte(struct mbuf *, u_char *, struct in_addr);
299static int ip_dooptions(struct mbuf *m, int, struct sockaddr_in *);
300static void ip_freef(struct ipq *);
301static void ip_input_handler(struct netmsg *);
302static struct mbuf *ip_reass(struct mbuf *, u_int32_t *);
303
304/*
305 * IP initialization: fill in IP protocol switch table.
306 * All protocols not implemented in kernel go to raw IP protocol handler.
307 */
308void
309ip_init(void)
310{
311 struct protosw *pr;
312 int i;
313#ifdef SMP
314 int cpu;
315#endif
316
317 /*
318 * Make sure we can handle a reasonable number of fragments but
319 * cap it at 4000 (XXX).
320 */
321 mpipe_init(&ipq_mpipe, M_IPQ, sizeof(struct ipq),
322 IFQ_MAXLEN, 4000, 0, NULL);
323 for (i = 0; i < ncpus; ++i) {
324 TAILQ_INIT(&in_ifaddrheads[i]);
325 in_ifaddrhashtbls[i] =
326 hashinit(INADDR_NHASH, M_IFADDR, &in_ifaddrhmask);
327 }
328 pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW);
329 if (pr == NULL)
330 panic("ip_init");
331 for (i = 0; i < IPPROTO_MAX; i++)
332 ip_protox[i] = pr - inetsw;
333 for (pr = inetdomain.dom_protosw;
334 pr < inetdomain.dom_protoswNPROTOSW; pr++)
335 if (pr->pr_domain->dom_family == PF_INET &&
336 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
337 ip_protox[pr->pr_protocol] = pr - inetsw;
338
339 inet_pfil_hook.ph_type = PFIL_TYPE_AF;
340 inet_pfil_hook.ph_af = AF_INET;
341 if ((i = pfil_head_register(&inet_pfil_hook)) != 0) {
342 kprintf("%s: WARNING: unable to register pfil hook, "
343 "error %d\n", __func__, i);
344 }
345
346 for (i = 0; i < IPREASS_NHASH; i++)
347 ipq[i].next = ipq[i].prev = &ipq[i];
348
349 maxnipq = nmbclusters / 32;
350 maxfragsperpacket = 16;
351
352 ip_id = time_second & 0xffff;
353
354 /*
355 * Initialize IP statistics counters for each CPU.
356 *
357 */
358#ifdef SMP
359 for (cpu = 0; cpu < ncpus; ++cpu) {
360 bzero(&ipstats_percpu[cpu], sizeof(struct ip_stats));
361 }
362#else
363 bzero(&ipstat, sizeof(struct ip_stats));
364#endif
365
366 netisr_register(NETISR_IP, ip_mport_in, ip_input_handler);
367}
368
369/*
370 * XXX watch out this one. It is perhaps used as a cache for
371 * the most recently used route ? it is cleared in in_addroute()
372 * when a new route is successfully created.
373 */
374struct route ipforward_rt[MAXCPU];
375
376/* Do transport protocol processing. */
377static void
378transport_processing_oncpu(struct mbuf *m, int hlen, struct ip *ip)
379{
380 /*
381 * Switch out to protocol's input routine.
382 */
383 (*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen, ip->ip_p);
384}
385
386static void
387transport_processing_handler(netmsg_t netmsg)
388{
389 struct netmsg_packet *pmsg = (struct netmsg_packet *)netmsg;
390 struct ip *ip;
391 int hlen;
392
393 ip = mtod(pmsg->nm_packet, struct ip *);
394 hlen = pmsg->nm_netmsg.nm_lmsg.u.ms_result;
395
396 transport_processing_oncpu(pmsg->nm_packet, hlen, ip);
397 /* netmsg was embedded in the mbuf, do not reply! */
398}
399
400static void
401ip_input_handler(struct netmsg *msg0)
402{
403 struct mbuf *m = ((struct netmsg_packet *)msg0)->nm_packet;
404
405 ip_input(m);
406 /* msg0 was embedded in the mbuf, do not reply! */
407}
408
409/*
410 * IP input routine. Checksum and byte swap header. If fragmented
411 * try to reassemble. Process options. Pass to next level.
412 */
413void
414ip_input(struct mbuf *m)
415{
416 struct ip *ip;
417 struct in_ifaddr *ia = NULL;
418 struct in_ifaddr_container *iac;
419 int i, hlen, checkif;
420 u_short sum;
421 struct in_addr pkt_dst;
422 u_int32_t divert_info = 0; /* packet divert/tee info */
423 struct ip_fw_args args;
424 boolean_t using_srcrt = FALSE; /* forward (by PFIL_HOOKS) */
425 boolean_t needredispatch = FALSE;
426 struct in_addr odst; /* original dst address(NAT) */
427 struct m_tag *mtag;
428 struct sockaddr_in *next_hop = NULL;
429#ifdef FAST_IPSEC
430 struct tdb_ident *tdbi;
431 struct secpolicy *sp;
432 int error;
433#endif
434
435 args.eh = NULL;
436 args.oif = NULL;
437 args.rule = NULL;
438
439 M_ASSERTPKTHDR(m);
440
441 if (m->m_pkthdr.fw_flags & IPFORWARD_MBUF_TAGGED) {
442 /* Next hop */
443 mtag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL);
444 KKASSERT(mtag != NULL);
445 next_hop = m_tag_data(mtag);
446 }
447
448 if (m->m_pkthdr.fw_flags & DUMMYNET_MBUF_TAGGED) {
449 /* Extract info from dummynet tag */
450 mtag = m_tag_find(m, PACKET_TAG_DUMMYNET, NULL);
451 KKASSERT(mtag != NULL);
452 args.rule = ((struct dn_pkt *)m_tag_data(mtag))->dn_priv;
453 KKASSERT(args.rule != NULL);
454
455 m_tag_delete(m, mtag);
456 m->m_pkthdr.fw_flags &= ~DUMMYNET_MBUF_TAGGED;
457
458 /* dummynet already filtered us */
459 ip = mtod(m, struct ip *);
460 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
461 goto iphack;
462 }
463
464 ipstat.ips_total++;
465
466 /* length checks already done in ip_demux() */
467 KASSERT(m->m_len >= sizeof(ip), ("IP header not in one mbuf"));
468
469 ip = mtod(m, struct ip *);
470
471 if (IP_VHL_V(ip->ip_vhl) != IPVERSION) {
472 ipstat.ips_badvers++;
473 goto bad;
474 }
475
476 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
477 /* length checks already done in ip_demux() */
478 KASSERT(hlen >= sizeof(struct ip), ("IP header len too small"));
479 KASSERT(m->m_len >= hlen, ("packet shorter than IP header length"));
480
481 /* 127/8 must not appear on wire - RFC1122 */
482 if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
483 (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
484 if (!(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK)) {
485 ipstat.ips_badaddr++;
486 goto bad;
487 }
488 }
489
490 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
491 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
492 } else {
493 if (hlen == sizeof(struct ip)) {
494 sum = in_cksum_hdr(ip);
495 } else {
496 sum = in_cksum(m, hlen);
497 }
498 }
499 if (sum != 0) {
500 ipstat.ips_badsum++;
501 goto bad;
502 }
503
504#ifdef ALTQ
505 if (altq_input != NULL && (*altq_input)(m, AF_INET) == 0) {
506 /* packet is dropped by traffic conditioner */
507 return;
508 }
509#endif
510 /*
511 * Convert fields to host representation.
512 */
513 ip->ip_len = ntohs(ip->ip_len);
514 if (ip->ip_len < hlen) {
515 ipstat.ips_badlen++;
516 goto bad;
517 }
518 ip->ip_off = ntohs(ip->ip_off);
519
520 /*
521 * Check that the amount of data in the buffers
522 * is as at least much as the IP header would have us expect.
523 * Trim mbufs if longer than we expect.
524 * Drop packet if shorter than we expect.
525 */
526 if (m->m_pkthdr.len < ip->ip_len) {
527 ipstat.ips_tooshort++;
528 goto bad;
529 }
530 if (m->m_pkthdr.len > ip->ip_len) {
531 if (m->m_len == m->m_pkthdr.len) {
532 m->m_len = ip->ip_len;
533 m->m_pkthdr.len = ip->ip_len;
534 } else
535 m_adj(m, ip->ip_len - m->m_pkthdr.len);
536 }
537#if defined(IPSEC) && !defined(IPSEC_FILTERGIF)
538 /*
539 * Bypass packet filtering for packets from a tunnel (gif).
540 */
541 if (ipsec_gethist(m, NULL))
542 goto pass;
543#endif
544
545 /*
546 * IpHack's section.
547 * Right now when no processing on packet has done
548 * and it is still fresh out of network we do our black
549 * deals with it.
550 * - Firewall: deny/allow/divert
551 * - Xlate: translate packet's addr/port (NAT).
552 * - Pipe: pass pkt through dummynet.
553 * - Wrap: fake packet's addr/port <unimpl.>
554 * - Encapsulate: put it in another IP and send out. <unimp.>
555 */
556
557iphack:
558
559 /*
560 * Run through list of hooks for input packets.
561 *
562 * NB: Beware of the destination address changing (e.g.
563 * by NAT rewriting). When this happens, tell
564 * ip_forward to do the right thing.
565 */
566 if (pfil_has_hooks(&inet_pfil_hook)) {
567 odst = ip->ip_dst;
568 if (pfil_run_hooks(&inet_pfil_hook, &m,
569 m->m_pkthdr.rcvif, PFIL_IN)) {
570 return;
571 }
572 if (m == NULL) /* consumed by filter */
573 return;
574 ip = mtod(m, struct ip *);
575 using_srcrt = (odst.s_addr != ip->ip_dst.s_addr);
576 }
577
578 if (fw_enable && IPFW_LOADED) {
579 /*
580 * If we've been forwarded from the output side, then
581 * skip the firewall a second time
582 */
583 if (next_hop != NULL)
584 goto ours;
585
586 args.m = m;
587 i = ip_fw_chk_ptr(&args);
588 m = args.m;
589
590 if ((i & IP_FW_PORT_DENY_FLAG) || m == NULL) { /* drop */
591 if (m != NULL)
592 m_freem(m);
593 return;
594 }
595 ip = mtod(m, struct ip *); /* just in case m changed */
596
597 if (m->m_pkthdr.fw_flags & IPFORWARD_MBUF_TAGGED) {
598 mtag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL);
599 KKASSERT(mtag != NULL);
600 next_hop = m_tag_data(mtag);
601 }
602
603 if (i == 0 && next_hop == NULL) /* common case */
604 goto pass;
605 if (i & IP_FW_PORT_DYNT_FLAG) {
606 /* Send packet to the appropriate pipe */
607 ip_fw_dn_io_ptr(m, i&0xffff, DN_TO_IP_IN, &args);
608 return;
609 }
610#ifdef IPDIVERT
611 if (i != 0 && !(i & IP_FW_PORT_DYNT_FLAG)) {
612 /* Divert or tee packet */
613 divert_info = i;
614 goto ours;
615 }
616#endif
617 if (i == 0 && next_hop != NULL)
618 goto pass;
619 /*
620 * if we get here, the packet must be dropped
621 */
622 m_freem(m);
623 return;
624 }
625pass:
626
627 /*
628 * Process options and, if not destined for us,
629 * ship it on. ip_dooptions returns 1 when an
630 * error was detected (causing an icmp message
631 * to be sent and the original packet to be freed).
632 */
633 if (hlen > sizeof(struct ip) && ip_dooptions(m, 0, next_hop))
634 return;
635
636 /* greedy RSVP, snatches any PATH packet of the RSVP protocol and no
637 * matter if it is destined to another node, or whether it is
638 * a multicast one, RSVP wants it! and prevents it from being forwarded
639 * anywhere else. Also checks if the rsvp daemon is running before
640 * grabbing the packet.
641 */
642 if (rsvp_on && ip->ip_p == IPPROTO_RSVP)
643 goto ours;
644
645 /*
646 * Check our list of addresses, to see if the packet is for us.
647 * If we don't have any addresses, assume any unicast packet
648 * we receive might be for us (and let the upper layers deal
649 * with it).
650 */
651 if (TAILQ_EMPTY(&in_ifaddrheads[mycpuid]) &&
652 !(m->m_flags & (M_MCAST | M_BCAST)))
653 goto ours;
654
655 /*
656 * Cache the destination address of the packet; this may be
657 * changed by use of 'ipfw fwd'.
658 */
659 pkt_dst = next_hop ? next_hop->sin_addr : ip->ip_dst;
660
661 /*
662 * Enable a consistency check between the destination address
663 * and the arrival interface for a unicast packet (the RFC 1122
664 * strong ES model) if IP forwarding is disabled and the packet
665 * is not locally generated and the packet is not subject to
666 * 'ipfw fwd'.
667 *
668 * XXX - Checking also should be disabled if the destination
669 * address is ipnat'ed to a different interface.
670 *
671 * XXX - Checking is incompatible with IP aliases added
672 * to the loopback interface instead of the interface where
673 * the packets are received.
674 */
675 checkif = ip_checkinterface &&
676 !ipforwarding &&
677 m->m_pkthdr.rcvif != NULL &&
678 !(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) &&
679 next_hop == NULL;
680
681 /*
682 * Check for exact addresses in the hash bucket.
683 */
684 LIST_FOREACH(iac, INADDR_HASH(pkt_dst.s_addr), ia_hash) {
685 ia = iac->ia;
686
687 /*
688 * If the address matches, verify that the packet
689 * arrived via the correct interface if checking is
690 * enabled.
691 */
692 if (IA_SIN(ia)->sin_addr.s_addr == pkt_dst.s_addr &&
693 (!checkif || ia->ia_ifp == m->m_pkthdr.rcvif))
694 goto ours;
695 }
696 ia = NULL;
697
698 /*
699 * Check for broadcast addresses.
700 *
701 * Only accept broadcast packets that arrive via the matching
702 * interface. Reception of forwarded directed broadcasts would
703 * be handled via ip_forward() and ether_output() with the loopback
704 * into the stack for SIMPLEX interfaces handled by ether_output().
705 */
706 if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
707 struct ifaddr_container *ifac;
708
709 TAILQ_FOREACH(ifac, &m->m_pkthdr.rcvif->if_addrheads[mycpuid],
710 ifa_link) {
711 struct ifaddr *ifa = ifac->ifa;
712
713 if (ifa->ifa_addr == NULL) /* shutdown/startup race */
714 continue;
715 if (ifa->ifa_addr->sa_family != AF_INET)
716 continue;
717 ia = ifatoia(ifa);
718 if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
719 pkt_dst.s_addr)
720 goto ours;
721 if (ia->ia_netbroadcast.s_addr == pkt_dst.s_addr)
722 goto ours;
723#ifdef BOOTP_COMPAT
724 if (IA_SIN(ia)->sin_addr.s_addr == INADDR_ANY)
725 goto ours;
726#endif
727 }
728 }
729 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
730 struct in_multi *inm;
731
732 if (ip_mrouter != NULL) {
733 /*
734 * If we are acting as a multicast router, all
735 * incoming multicast packets are passed to the
736 * kernel-level multicast forwarding function.
737 * The packet is returned (relatively) intact; if
738 * ip_mforward() returns a non-zero value, the packet
739 * must be discarded, else it may be accepted below.
740 */
741 if (ip_mforward != NULL &&
742 ip_mforward(ip, m->m_pkthdr.rcvif, m, NULL) != 0) {
743 ipstat.ips_cantforward++;
744 m_freem(m);
745 return;
746 }
747
748 /*
749 * The process-level routing daemon needs to receive
750 * all multicast IGMP packets, whether or not this
751 * host belongs to their destination groups.
752 */
753 if (ip->ip_p == IPPROTO_IGMP)
754 goto ours;
755 ipstat.ips_forward++;
756 }
757 /*
758 * See if we belong to the destination multicast group on the
759 * arrival interface.
760 */
761 IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);
762 if (inm == NULL) {
763 ipstat.ips_notmember++;
764 m_freem(m);
765 return;
766 }
767 goto ours;
768 }
769 if (ip->ip_dst.s_addr == INADDR_BROADCAST)
770 goto ours;
771 if (ip->ip_dst.s_addr == INADDR_ANY)
772 goto ours;
773
774 /*
775 * FAITH(Firewall Aided Internet Translator)
776 */
777 if (m->m_pkthdr.rcvif && m->m_pkthdr.rcvif->if_type == IFT_FAITH) {
778 if (ip_keepfaith) {
779 if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_ICMP)
780 goto ours;
781 }
782 m_freem(m);
783 return;
784 }
785
786 /*
787 * Not for us; forward if possible and desirable.
788 */
789 if (!ipforwarding) {
790 ipstat.ips_cantforward++;
791 m_freem(m);
792 } else {
793#ifdef IPSEC
794 /*
795 * Enforce inbound IPsec SPD.
796 */
797 if (ipsec4_in_reject(m, NULL)) {
798 ipsecstat.in_polvio++;
799 goto bad;
800 }
801#endif
802#ifdef FAST_IPSEC
803 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
804 crit_enter();
805 if (mtag != NULL) {
806 tdbi = (struct tdb_ident *)m_tag_data(mtag);
807 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
808 } else {
809 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
810 IP_FORWARDING, &error);
811 }
812 if (sp == NULL) { /* NB: can happen if error */
813 crit_exit();
814 /*XXX error stat???*/
815 DPRINTF(("ip_input: no SP for forwarding\n")); /*XXX*/
816 goto bad;
817 }
818
819 /*
820 * Check security policy against packet attributes.
821 */
822 error = ipsec_in_reject(sp, m);
823 KEY_FREESP(&sp);
824 crit_exit();
825 if (error) {
826 ipstat.ips_cantforward++;
827 goto bad;
828 }
829#endif
830 ip_forward(m, using_srcrt, next_hop);
831 }
832 return;
833
834ours:
835
836 /*
837 * IPSTEALTH: Process non-routing options only
838 * if the packet is destined for us.
839 */
840 if (ipstealth &&
841 hlen > sizeof(struct ip) &&
842 ip_dooptions(m, 1, next_hop))
843 return;
844
845 /* Count the packet in the ip address stats */
846 if (ia != NULL) {
847 ia->ia_ifa.if_ipackets++;
848 ia->ia_ifa.if_ibytes += m->m_pkthdr.len;
849 }
850
851 /*
852 * If offset or IP_MF are set, must reassemble.
853 * Otherwise, nothing need be done.
854 * (We could look in the reassembly queue to see
855 * if the packet was previously fragmented,
856 * but it's not worth the time; just let them time out.)
857 */
858 if (ip->ip_off & (IP_MF | IP_OFFMASK)) {
859 /*
860 * Attempt reassembly; if it succeeds, proceed.
861 * ip_reass() will return a different mbuf, and update
862 * the divert info in divert_info.
863 */
864 m = ip_reass(m, &divert_info);
865 if (m == NULL)
866 return;
867
868 needredispatch = TRUE;
869 ip = mtod(m, struct ip *);
870 /* Get the header length of the reassembled packet */
871 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
872#ifdef IPDIVERT
873 /* Restore original checksum before diverting packet */
874 if (divert_info != 0) {
875 ip->ip_len += hlen;
876 ip->ip_len = htons(ip->ip_len);
877 ip->ip_off = htons(ip->ip_off);
878 ip->ip_sum = 0;
879 if (hlen == sizeof(struct ip))
880 ip->ip_sum = in_cksum_hdr(ip);
881 else
882 ip->ip_sum = in_cksum(m, hlen);
883 ip->ip_off = ntohs(ip->ip_off);
884 ip->ip_len = ntohs(ip->ip_len);
885 ip->ip_len -= hlen;
886 }
887#endif
888 } else {
889 ip->ip_len -= hlen;
890 }
891
892#ifdef IPDIVERT
893 /*
894 * Divert or tee packet to the divert protocol if required.
895 */
896 if (divert_info != 0) {
897 struct mbuf *clone = NULL;
898
899 /* Clone packet if we're doing a 'tee' */
900 if ((divert_info & IP_FW_PORT_TEE_FLAG) != 0)
901 clone = m_dup(m, MB_DONTWAIT);
902
903 /* Restore packet header fields to original values */
904 ip->ip_len += hlen;
905 ip->ip_len = htons(ip->ip_len);
906 ip->ip_off = htons(ip->ip_off);
907
908 /* Deliver packet to divert input routine */
909 divert_packet(m, 1, divert_info & 0xffff);
910 ipstat.ips_delivered++;
911
912 /* If 'tee', continue with original packet */
913 if (clone == NULL)
914 return;
915 m = clone;
916 ip = mtod(m, struct ip *);
917 ip->ip_len += hlen;
918 /*
919 * Jump backwards to complete processing of the
920 * packet. But first clear divert_info to avoid
921 * entering this block again.
922 * We do not need to clear args.divert_rule as
923 * it will not be used.
924 *
925 * XXX Better safe than sorry, remove the DIVERT tag.
926 */
927 mtag = m_tag_find(m, PACKET_TAG_IPFW_DIVERT, NULL);
928 if (mtag != NULL)
929 m_tag_delete(m, mtag);
930
931 divert_info = 0;
932 goto pass;
933 }
934#endif
935
936#ifdef IPSEC
937 /*
938 * enforce IPsec policy checking if we are seeing last header.
939 * note that we do not visit this with protocols with pcb layer
940 * code - like udp/tcp/raw ip.
941 */
942 if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) &&
943 ipsec4_in_reject(m, NULL)) {
944 ipsecstat.in_polvio++;
945 goto bad;
946 }
947#endif
948#if FAST_IPSEC
949 /*
950 * enforce IPsec policy checking if we are seeing last header.
951 * note that we do not visit this with protocols with pcb layer
952 * code - like udp/tcp/raw ip.
953 */
954 if (inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) {
955 /*
956 * Check if the packet has already had IPsec processing
957 * done. If so, then just pass it along. This tag gets
958 * set during AH, ESP, etc. input handling, before the
959 * packet is returned to the ip input queue for delivery.
960 */
961 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
962 crit_enter();
963 if (mtag != NULL) {
964 tdbi = (struct tdb_ident *)m_tag_data(mtag);
965 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
966 } else {
967 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
968 IP_FORWARDING, &error);
969 }
970 if (sp != NULL) {
971 /*
972 * Check security policy against packet attributes.
973 */
974 error = ipsec_in_reject(sp, m);
975 KEY_FREESP(&sp);
976 } else {
977 /* XXX error stat??? */
978 error = EINVAL;
979DPRINTF(("ip_input: no SP, packet discarded\n"));/*XXX*/
980 goto bad;
981 }
982 crit_exit();
983 if (error)
984 goto bad;
985 }
986#endif /* FAST_IPSEC */
987
988 ipstat.ips_delivered++;
989 if (needredispatch) {
990 struct netmsg_packet *pmsg;
991 lwkt_port_t port;
992
993 ip->ip_off = htons(ip->ip_off);
994 ip->ip_len = htons(ip->ip_len);
995 port = ip_mport_in(&m);
996 if (port == NULL)
997 return;
998
999 pmsg = &m->m_hdr.mh_netmsg;
1000 netmsg_init(&pmsg->nm_netmsg, &netisr_apanic_rport, 0,
1001 transport_processing_handler);
1002 pmsg->nm_packet = m;
1003 pmsg->nm_netmsg.nm_lmsg.u.ms_result = hlen;
1004
1005 ip = mtod(m, struct ip *);
1006 ip->ip_len = ntohs(ip->ip_len);
1007 ip->ip_off = ntohs(ip->ip_off);
1008 lwkt_sendmsg(port, &pmsg->nm_netmsg.nm_lmsg);
1009 } else {
1010 transport_processing_oncpu(m, hlen, ip);
1011 }
1012 return;
1013
1014bad:
1015 m_freem(m);
1016}
1017
1018/*
1019 * Take incoming datagram fragment and try to reassemble it into
1020 * whole datagram. If a chain for reassembly of this datagram already
1021 * exists, then it is given as fp; otherwise have to make a chain.
1022 *
1023 * When IPDIVERT enabled, keep additional state with each packet that
1024 * tells us if we need to divert or tee the packet we're building.
1025 * In particular, *divinfo includes the port and TEE flag.
1026 */
1027
1028static struct mbuf *
1029ip_reass(struct mbuf *m, u_int32_t *divinfo)
1030{
1031 struct ip *ip = mtod(m, struct ip *);
1032 struct mbuf *p = NULL, *q, *nq;
1033 struct mbuf *n;
1034 struct ipq *fp = NULL;
1035 int hlen = IP_VHL_HL(ip->ip_vhl) << 2;
1036 int i, next;
1037 u_short sum;
1038#ifdef IPDIVERT
1039 struct m_tag *mtag;
1040#endif
1041
1042 /* If maxnipq is 0, never accept fragments. */
1043 if (maxnipq == 0) {
1044 ipstat.ips_fragments++;
1045 ipstat.ips_fragdropped++;
1046 m_freem(m);
1047 return NULL;
1048 }
1049
1050 sum = IPREASS_HASH(ip->ip_src.s_addr, ip->ip_id);
1051 /*
1052 * Look for queue of fragments of this datagram.
1053 */
1054 for (fp = ipq[sum].next; fp != &ipq[sum]; fp = fp->next)
1055 if (ip->ip_id == fp->ipq_id &&
1056 ip->ip_src.s_addr == fp->ipq_src.s_addr &&
1057 ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
1058 ip->ip_p == fp->ipq_p)
1059 goto found;
1060
1061 fp = NULL;
1062
1063 /*
1064 * Enforce upper bound on number of fragmented packets
1065 * for which we attempt reassembly;
1066 * If maxnipq is -1, accept all fragments without limitation.
1067 */
1068 if (nipq > maxnipq && maxnipq > 0) {
1069 /*
1070 * drop something from the tail of the current queue
1071 * before proceeding further
1072 */
1073 if (ipq[sum].prev == &ipq[sum]) { /* gak */
1074 for (i = 0; i < IPREASS_NHASH; i++) {
1075 if (ipq[i].prev != &ipq[i]) {
1076 ipstat.ips_fragtimeout +=
1077 ipq[i].prev->ipq_nfrags;
1078 ip_freef(ipq[i].prev);
1079 break;
1080 }
1081 }
1082 } else {
1083 ipstat.ips_fragtimeout +=
1084 ipq[sum].prev->ipq_nfrags;
1085 ip_freef(ipq[sum].prev);
1086 }
1087 }
1088found:
1089 /*
1090 * Adjust ip_len to not reflect header,
1091 * convert offset of this to bytes.
1092 */
1093 ip->ip_len -= hlen;
1094 if (ip->ip_off & IP_MF) {
1095 /*
1096 * Make sure that fragments have a data length
1097 * that's a non-zero multiple of 8 bytes.
1098 */
1099 if (ip->ip_len == 0 || (ip->ip_len & 0x7) != 0) {
1100 ipstat.ips_toosmall++; /* XXX */
1101 m_freem(m);
1102 return NULL;
1103 }
1104 m->m_flags |= M_FRAG;
1105 } else
1106 m->m_flags &= ~M_FRAG;
1107 ip->ip_off <<= 3;
1108
1109 ipstat.ips_fragments++;
1110 m->m_pkthdr.header = ip;
1111
1112 /*
1113 * If the hardware has not done csum over this fragment
1114 * then csum_data is not valid at all.
1115 */
1116 if ((m->m_pkthdr.csum_flags & (CSUM_FRAG_NOT_CHECKED | CSUM_DATA_VALID))
1117 == (CSUM_FRAG_NOT_CHECKED | CSUM_DATA_VALID)) {
1118 m->m_pkthdr.csum_data = 0;
1119 m->m_pkthdr.csum_flags &= ~(CSUM_DATA_VALID | CSUM_PSEUDO_HDR);
1120 }
1121
1122 /*
1123 * Presence of header sizes in mbufs
1124 * would confuse code below.
1125 */
1126 m->m_data += hlen;
1127 m->m_len -= hlen;
1128
1129 /*
1130 * If first fragment to arrive, create a reassembly queue.
1131 */
1132 if (fp == NULL) {
1133 if ((fp = mpipe_alloc_nowait(&ipq_mpipe)) == NULL)
1134 goto dropfrag;
1135 insque(fp, &ipq[sum]);
1136 nipq++;
1137 fp->ipq_nfrags = 1;
1138 fp->ipq_ttl = IPFRAGTTL;
1139 fp->ipq_p = ip->ip_p;
1140 fp->ipq_id = ip->ip_id;
1141 fp->ipq_src = ip->ip_src;
1142 fp->ipq_dst = ip->ip_dst;
1143 fp->ipq_frags = m;
1144 m->m_nextpkt = NULL;
1145#ifdef IPDIVERT
1146 fp->ipq_div_info = 0;
1147#endif
1148 goto inserted;
1149 } else {
1150 fp->ipq_nfrags++;
1151 }
1152
1153#define GETIP(m) ((struct ip*)((m)->m_pkthdr.header))
1154
1155 /*
1156 * Find a segment which begins after this one does.
1157 */
1158 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt)
1159 if (GETIP(q)->ip_off > ip->ip_off)
1160 break;
1161
1162 /*
1163 * If there is a preceding segment, it may provide some of
1164 * our data already. If so, drop the data from the incoming
1165 * segment. If it provides all of our data, drop us, otherwise
1166 * stick new segment in the proper place.
1167 *
1168 * If some of the data is dropped from the the preceding
1169 * segment, then it's checksum is invalidated.
1170 */
1171 if (p) {
1172 i = GETIP(p)->ip_off + GETIP(p)->ip_len - ip->ip_off;
1173 if (i > 0) {
1174 if (i >= ip->ip_len)
1175 goto dropfrag;
1176 m_adj(m, i);
1177 m->m_pkthdr.csum_flags = 0;
1178 ip->ip_off += i;
1179 ip->ip_len -= i;
1180 }
1181 m->m_nextpkt = p->m_nextpkt;
1182 p->m_nextpkt = m;
1183 } else {
1184 m->m_nextpkt = fp->ipq_frags;
1185 fp->ipq_frags = m;
1186 }
1187
1188 /*
1189 * While we overlap succeeding segments trim them or,
1190 * if they are completely covered, dequeue them.
1191 */
1192 for (; q != NULL && ip->ip_off + ip->ip_len > GETIP(q)->ip_off;
1193 q = nq) {
1194 i = (ip->ip_off + ip->ip_len) - GETIP(q)->ip_off;
1195 if (i < GETIP(q)->ip_len) {
1196 GETIP(q)->ip_len -= i;
1197 GETIP(q)->ip_off += i;
1198 m_adj(q, i);
1199 q->m_pkthdr.csum_flags = 0;
1200 break;
1201 }
1202 nq = q->m_nextpkt;
1203 m->m_nextpkt = nq;
1204 ipstat.ips_fragdropped++;
1205 fp->ipq_nfrags--;
1206 q->m_nextpkt = NULL;
1207 m_freem(q);
1208 }
1209
1210inserted:
1211
1212#ifdef IPDIVERT
1213 /*
1214 * Transfer firewall instructions to the fragment structure.
1215 * Only trust info in the fragment at offset 0.
1216 */
1217 if (ip->ip_off == 0) {
1218 fp->ipq_div_info = *divinfo;
1219 } else {
1220 mtag = m_tag_find(m, PACKET_TAG_IPFW_DIVERT, NULL);
1221 if (mtag != NULL)
1222 m_tag_delete(m, mtag);
1223 }
1224 *divinfo = 0;
1225#endif
1226
1227 /*
1228 * Check for complete reassembly and perform frag per packet
1229 * limiting.
1230 *
1231 * Frag limiting is performed here so that the nth frag has
1232 * a chance to complete the packet before we drop the packet.
1233 * As a result, n+1 frags are actually allowed per packet, but
1234 * only n will ever be stored. (n = maxfragsperpacket.)
1235 *
1236 */
1237 next = 0;
1238 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt) {
1239 if (GETIP(q)->ip_off != next) {
1240 if (fp->ipq_nfrags > maxfragsperpacket) {
1241 ipstat.ips_fragdropped += fp->ipq_nfrags;
1242 ip_freef(fp);
1243 }
1244 return (NULL);
1245 }
1246 next += GETIP(q)->ip_len;
1247 }
1248 /* Make sure the last packet didn't have the IP_MF flag */
1249 if (p->m_flags & M_FRAG) {
1250 if (fp->ipq_nfrags > maxfragsperpacket) {
1251 ipstat.ips_fragdropped += fp->ipq_nfrags;
1252 ip_freef(fp);
1253 }
1254 return (NULL);
1255 }
1256
1257 /*
1258 * Reassembly is complete. Make sure the packet is a sane size.
1259 */
1260 q = fp->ipq_frags;
1261 ip = GETIP(q);
1262 if (next + (IP_VHL_HL(ip->ip_vhl) << 2) > IP_MAXPACKET) {
1263 ipstat.ips_toolong++;
1264 ipstat.ips_fragdropped += fp->ipq_nfrags;
1265 ip_freef(fp);
1266 return (NULL);
1267 }
1268
1269 /*
1270 * Concatenate fragments.
1271 */
1272 m = q;
1273 n = m->m_next;
1274 m->m_next = NULL;
1275 m_cat(m, n);
1276 nq = q->m_nextpkt;
1277 q->m_nextpkt = NULL;
1278 for (q = nq; q != NULL; q = nq) {
1279 nq = q->m_nextpkt;
1280 q->m_nextpkt = NULL;
1281 m->m_pkthdr.csum_flags &= q->m_pkthdr.csum_flags;
1282 m->m_pkthdr.csum_data += q->m_pkthdr.csum_data;
1283 m_cat(m, q);
1284 }
1285
1286 /*
1287 * Clean up the 1's complement checksum. Carry over 16 bits must
1288 * be added back. This assumes no more then 65535 packet fragments
1289 * were reassembled. A second carry can also occur (but not a third).
1290 */
1291 m->m_pkthdr.csum_data = (m->m_pkthdr.csum_data & 0xffff) +
1292 (m->m_pkthdr.csum_data >> 16);
1293 if (m->m_pkthdr.csum_data > 0xFFFF)
1294 m->m_pkthdr.csum_data -= 0xFFFF;
1295
1296
1297#ifdef IPDIVERT
1298 /*
1299 * Extract firewall instructions from the fragment structure.
1300 */
1301 *divinfo = fp->ipq_div_info;
1302#endif
1303
1304 /*
1305 * Create header for new ip packet by
1306 * modifying header of first packet;
1307 * dequeue and discard fragment reassembly header.
1308 * Make header visible.
1309 */
1310 ip->ip_len = next;
1311 ip->ip_src = fp->ipq_src;
1312 ip->ip_dst = fp->ipq_dst;
1313 remque(fp);
1314 nipq--;
1315 mpipe_free(&ipq_mpipe, fp);
1316 m->m_len += (IP_VHL_HL(ip->ip_vhl) << 2);
1317 m->m_data -= (IP_VHL_HL(ip->ip_vhl) << 2);
1318 /* some debugging cruft by sklower, below, will go away soon */
1319 if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */
1320 int plen = 0;
1321
1322 for (n = m; n; n = n->m_next)
1323 plen += n->m_len;
1324 m->m_pkthdr.len = plen;
1325 }
1326
1327 ipstat.ips_reassembled++;
1328 return (m);
1329
1330dropfrag:
1331#ifdef IPDIVERT
1332 *divinfo = 0;
1333#endif
1334 ipstat.ips_fragdropped++;
1335 if (fp != NULL)
1336 fp->ipq_nfrags--;
1337 m_freem(m);
1338 return (NULL);
1339
1340#undef GETIP
1341}
1342
1343/*
1344 * Free a fragment reassembly header and all
1345 * associated datagrams.
1346 */
1347static void
1348ip_freef(struct ipq *fp)
1349{
1350 struct mbuf *q;
1351
1352 while (fp->ipq_frags) {
1353 q = fp->ipq_frags;
1354 fp->ipq_frags = q->m_nextpkt;
1355 q->m_nextpkt = NULL;
1356 m_freem(q);
1357 }
1358 remque(fp);
1359 mpipe_free(&ipq_mpipe, fp);
1360 nipq--;
1361}
1362
1363/*
1364 * IP timer processing;
1365 * if a timer expires on a reassembly
1366 * queue, discard it.
1367 */
1368void
1369ip_slowtimo(void)
1370{
1371 struct ipq *fp;
1372 int i;
1373
1374 crit_enter();
1375 for (i = 0; i < IPREASS_NHASH; i++) {
1376 fp = ipq[i].next;
1377 if (fp == NULL)
1378 continue;
1379 while (fp != &ipq[i]) {
1380 --fp->ipq_ttl;
1381 fp = fp->next;
1382 if (fp->prev->ipq_ttl == 0) {
1383 ipstat.ips_fragtimeout += fp->prev->ipq_nfrags;
1384 ip_freef(fp->prev);
1385 }
1386 }
1387 }
1388 /*
1389 * If we are over the maximum number of fragments
1390 * (due to the limit being lowered), drain off
1391 * enough to get down to the new limit.
1392 */
1393 if (maxnipq >= 0 && nipq > maxnipq) {
1394 for (i = 0; i < IPREASS_NHASH; i++) {
1395 while (nipq > maxnipq &&
1396 (ipq[i].next != &ipq[i])) {
1397 ipstat.ips_fragdropped +=
1398 ipq[i].next->ipq_nfrags;
1399 ip_freef(ipq[i].next);
1400 }
1401 }
1402 }
1403 ipflow_slowtimo();
1404 crit_exit();
1405}
1406
1407/*
1408 * Drain off all datagram fragments.
1409 */
1410void
1411ip_drain(void)
1412{
1413 int i;
1414
1415 for (i = 0; i < IPREASS_NHASH; i++) {
1416 while (ipq[i].next != &ipq[i]) {
1417 ipstat.ips_fragdropped += ipq[i].next->ipq_nfrags;
1418 ip_freef(ipq[i].next);
1419 }
1420 }
1421 in_rtqdrain();
1422}
1423
1424/*
1425 * Do option processing on a datagram,
1426 * possibly discarding it if bad options are encountered,
1427 * or forwarding it if source-routed.
1428 * The pass argument is used when operating in the IPSTEALTH
1429 * mode to tell what options to process:
1430 * [LS]SRR (pass 0) or the others (pass 1).
1431 * The reason for as many as two passes is that when doing IPSTEALTH,
1432 * non-routing options should be processed only if the packet is for us.
1433 * Returns 1 if packet has been forwarded/freed,
1434 * 0 if the packet should be processed further.
1435 */
1436static int
1437ip_dooptions(struct mbuf *m, int pass, struct sockaddr_in *next_hop)
1438{
1439 struct sockaddr_in ipaddr = { sizeof ipaddr, AF_INET };
1440 struct ip *ip = mtod(m, struct ip *);
1441 u_char *cp;
1442 struct in_ifaddr *ia;
1443 int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB;
1444 boolean_t forward = FALSE;
1445 struct in_addr *sin, dst;
1446 n_time ntime;
1447
1448 dst = ip->ip_dst;
1449 cp = (u_char *)(ip + 1);
1450 cnt = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
1451 for (; cnt > 0; cnt -= optlen, cp += optlen) {
1452 opt = cp[IPOPT_OPTVAL];
1453 if (opt == IPOPT_EOL)
1454 break;
1455 if (opt == IPOPT_NOP)
1456 optlen = 1;
1457 else {
1458 if (cnt < IPOPT_OLEN + sizeof(*cp)) {
1459 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1460 goto bad;
1461 }
1462 optlen = cp[IPOPT_OLEN];
1463 if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
1464 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1465 goto bad;
1466 }
1467 }
1468 switch (opt) {
1469
1470 default:
1471 break;
1472
1473 /*
1474 * Source routing with record.
1475 * Find interface with current destination address.
1476 * If none on this machine then drop if strictly routed,
1477 * or do nothing if loosely routed.
1478 * Record interface address and bring up next address
1479 * component. If strictly routed make sure next
1480 * address is on directly accessible net.
1481 */
1482 case IPOPT_LSRR:
1483 case IPOPT_SSRR:
1484 if (ipstealth && pass > 0)
1485 break;
1486 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1487 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1488 goto bad;
1489 }
1490 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1491 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1492 goto bad;
1493 }
1494 ipaddr.sin_addr = ip->ip_dst;
1495 ia = (struct in_ifaddr *)
1496 ifa_ifwithaddr((struct sockaddr *)&ipaddr);
1497 if (ia == NULL) {
1498 if (opt == IPOPT_SSRR) {
1499 type = ICMP_UNREACH;
1500 code = ICMP_UNREACH_SRCFAIL;
1501 goto bad;
1502 }
1503 if (!ip_dosourceroute)
1504 goto nosourcerouting;
1505 /*
1506 * Loose routing, and not at next destination
1507 * yet; nothing to do except forward.
1508 */
1509 break;
1510 }
1511 off--; /* 0 origin */
1512 if (off > optlen - (int)sizeof(struct in_addr)) {
1513 /*
1514 * End of source route. Should be for us.
1515 */
1516 if (!ip_acceptsourceroute)
1517 goto nosourcerouting;
1518 save_rte(m, cp, ip->ip_src);
1519 break;
1520 }
1521 if (ipstealth)
1522 goto dropit;
1523 if (!ip_dosourceroute) {
1524 if (ipforwarding) {
1525 char buf[sizeof "aaa.bbb.ccc.ddd"];
1526
1527 /*
1528 * Acting as a router, so generate ICMP
1529 */
1530nosourcerouting:
1531 strcpy(buf, inet_ntoa(ip->ip_dst));
1532 log(LOG_WARNING,
1533 "attempted source route from %s to %s\n",
1534 inet_ntoa(ip->ip_src), buf);
1535 type = ICMP_UNREACH;
1536 code = ICMP_UNREACH_SRCFAIL;
1537 goto bad;
1538 } else {
1539 /*
1540 * Not acting as a router,
1541 * so silently drop.
1542 */
1543dropit:
1544 ipstat.ips_cantforward++;
1545 m_freem(m);
1546 return (1);
1547 }
1548 }
1549
1550 /*
1551 * locate outgoing interface
1552 */
1553 memcpy(&ipaddr.sin_addr, cp + off,
1554 sizeof ipaddr.sin_addr);
1555
1556 if (opt == IPOPT_SSRR) {
1557#define INA struct in_ifaddr *
1558#define SA struct sockaddr *
1559 if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr))
1560 == NULL)
1561 ia = (INA)ifa_ifwithnet((SA)&ipaddr);
1562 } else
1563 ia = ip_rtaddr(ipaddr.sin_addr,
1564 &ipforward_rt[mycpuid]);
1565 if (ia == NULL) {
1566 type = ICMP_UNREACH;
1567 code = ICMP_UNREACH_SRCFAIL;
1568 goto bad;
1569 }
1570 ip->ip_dst = ipaddr.sin_addr;
1571 memcpy(cp + off, &IA_SIN(ia)->sin_addr,
1572 sizeof(struct in_addr));
1573 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1574 /*
1575 * Let ip_intr's mcast routing check handle mcast pkts
1576 */
1577 forward = !IN_MULTICAST(ntohl(ip->ip_dst.s_addr));
1578 break;
1579
1580 case IPOPT_RR:
1581 if (ipstealth && pass == 0)
1582 break;
1583 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1584 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1585 goto bad;
1586 }
1587 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1588 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1589 goto bad;
1590 }
1591 /*
1592 * If no space remains, ignore.
1593 */
1594 off--; /* 0 origin */
1595 if (off > optlen - (int)sizeof(struct in_addr))
1596 break;
1597 memcpy(&ipaddr.sin_addr, &ip->ip_dst,
1598 sizeof ipaddr.sin_addr);
1599 /*
1600 * locate outgoing interface; if we're the destination,
1601 * use the incoming interface (should be same).
1602 */
1603 if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == NULL &&
1604 (ia = ip_rtaddr(ipaddr.sin_addr,
1605 &ipforward_rt[mycpuid]))
1606 == NULL) {
1607 type = ICMP_UNREACH;
1608 code = ICMP_UNREACH_HOST;
1609 goto bad;
1610 }
1611 memcpy(cp + off, &IA_SIN(ia)->sin_addr,
1612 sizeof(struct in_addr));
1613 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1614 break;
1615
1616 case IPOPT_TS:
1617 if (ipstealth && pass == 0)
1618 break;
1619 code = cp - (u_char *)ip;
1620 if (optlen < 4 || optlen > 40) {
1621 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1622 goto bad;
1623 }
1624 if ((off = cp[IPOPT_OFFSET]) < 5) {
1625 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1626 goto bad;
1627 }
1628 if (off > optlen - (int)sizeof(int32_t)) {
1629 cp[IPOPT_OFFSET + 1] += (1 << 4);
1630 if ((cp[IPOPT_OFFSET + 1] & 0xf0) == 0) {
1631 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1632 goto bad;
1633 }
1634 break;
1635 }
1636 off--; /* 0 origin */
1637 sin = (struct in_addr *)(cp + off);
1638 switch (cp[IPOPT_OFFSET + 1] & 0x0f) {
1639
1640 case IPOPT_TS_TSONLY:
1641 break;
1642
1643 case IPOPT_TS_TSANDADDR:
1644 if (off + sizeof(n_time) +
1645 sizeof(struct in_addr) > optlen) {
1646 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1647 goto bad;
1648 }
1649 ipaddr.sin_addr = dst;
1650 ia = (INA)ifaof_ifpforaddr((SA)&ipaddr,
1651 m->m_pkthdr.rcvif);
1652 if (ia == NULL)
1653 continue;
1654 memcpy(sin, &IA_SIN(ia)->sin_addr,
1655 sizeof(struct in_addr));
1656 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1657 off += sizeof(struct in_addr);
1658 break;
1659
1660 case IPOPT_TS_PRESPEC:
1661 if (off + sizeof(n_time) +
1662 sizeof(struct in_addr) > optlen) {
1663 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1664 goto bad;
1665 }
1666 memcpy(&ipaddr.sin_addr, sin,
1667 sizeof(struct in_addr));
1668 if (ifa_ifwithaddr((SA)&ipaddr) == NULL)
1669 continue;
1670 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1671 off += sizeof(struct in_addr);
1672 break;
1673
1674 default:
1675 code = &cp[IPOPT_OFFSET + 1] - (u_char *)ip;
1676 goto bad;
1677 }
1678 ntime = iptime();
1679 memcpy(cp + off, &ntime, sizeof(n_time));
1680 cp[IPOPT_OFFSET] += sizeof(n_time);
1681 }
1682 }
1683 if (forward && ipforwarding) {
1684 ip_forward(m, TRUE, next_hop);
1685 return (1);
1686 }
1687 return (0);
1688bad:
1689 icmp_error(m, type, code, 0, 0);
1690 ipstat.ips_badoptions++;
1691 return (1);
1692}
1693
1694/*
1695 * Given address of next destination (final or next hop),
1696 * return internet address info of interface to be used to get there.
1697 */
1698struct in_ifaddr *
1699ip_rtaddr(struct in_addr dst, struct route *ro)
1700{
1701 struct sockaddr_in *sin;
1702
1703 sin = (struct sockaddr_in *)&ro->ro_dst;
1704
1705 if (ro->ro_rt == NULL || dst.s_addr != sin->sin_addr.s_addr) {
1706 if (ro->ro_rt != NULL) {
1707 RTFREE(ro->ro_rt);
1708 ro->ro_rt = NULL;
1709 }
1710 sin->sin_family = AF_INET;
1711 sin->sin_len = sizeof *sin;
1712 sin->sin_addr = dst;
1713 rtalloc_ign(ro, RTF_PRCLONING);
1714 }
1715
1716 if (ro->ro_rt == NULL)
1717 return (NULL);
1718
1719 return (ifatoia(ro->ro_rt->rt_ifa));
1720}
1721
1722/*
1723 * Save incoming source route for use in replies,
1724 * to be picked up later by ip_srcroute if the receiver is interested.
1725 */
1726static void
1727save_rte(struct mbuf *m, u_char *option, struct in_addr dst)
1728{
1729 struct m_tag *mtag;
1730 struct ip_srcrt_opt *opt;
1731 unsigned olen;
1732
1733 mtag = m_tag_get(PACKET_TAG_IPSRCRT, sizeof(*opt), MB_DONTWAIT);
1734 if (mtag == NULL)
1735 return;
1736 opt = m_tag_data(mtag);
1737
1738 olen = option[IPOPT_OLEN];
1739#ifdef DIAGNOSTIC
1740 if (ipprintfs)
1741 kprintf("save_rte: olen %d\n", olen);
1742#endif
1743 if (olen > sizeof(opt->ip_srcrt) - (1 + sizeof(dst))) {
1744 m_tag_free(mtag);
1745 return;
1746 }
1747 bcopy(option, opt->ip_srcrt.srcopt, olen);
1748 opt->ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
1749 opt->ip_srcrt.dst = dst;
1750 m_tag_prepend(m, mtag);
1751}
1752
1753/*
1754 * Retrieve incoming source route for use in replies,
1755 * in the same form used by setsockopt.
1756 * The first hop is placed before the options, will be removed later.
1757 */
1758struct mbuf *
1759ip_srcroute(struct mbuf *m0)
1760{
1761 struct in_addr *p, *q;
1762 struct mbuf *m;
1763 struct m_tag *mtag;
1764 struct ip_srcrt_opt *opt;
1765
1766 if (m0 == NULL)
1767 return NULL;
1768
1769 mtag = m_tag_find(m0, PACKET_TAG_IPSRCRT, NULL);
1770 if (mtag == NULL)
1771 return NULL;
1772 opt = m_tag_data(mtag);
1773
1774 if (opt->ip_nhops == 0)
1775 return (NULL);
1776 m = m_get(MB_DONTWAIT, MT_HEADER);
1777 if (m == NULL)
1778 return (NULL);
1779
1780#define OPTSIZ (sizeof(opt->ip_srcrt.nop) + sizeof(opt->ip_srcrt.srcopt))
1781
1782 /* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */
1783 m->m_len = opt->ip_nhops * sizeof(struct in_addr) +
1784 sizeof(struct in_addr) + OPTSIZ;
1785#ifdef DIAGNOSTIC
1786 if (ipprintfs) {
1787 kprintf("ip_srcroute: nhops %d mlen %d",
1788 opt->ip_nhops, m->m_len);
1789 }
1790#endif
1791
1792 /*
1793 * First save first hop for return route
1794 */
1795 p = &opt->ip_srcrt.route[opt->ip_nhops - 1];
1796 *(mtod(m, struct in_addr *)) = *p--;
1797#ifdef DIAGNOSTIC
1798 if (ipprintfs)
1799 kprintf(" hops %x", ntohl(mtod(m, struct in_addr *)->s_addr));
1800#endif
1801
1802 /*
1803 * Copy option fields and padding (nop) to mbuf.
1804 */
1805 opt->ip_srcrt.nop = IPOPT_NOP;
1806 opt->ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF;
1807 memcpy(mtod(m, caddr_t) + sizeof(struct in_addr), &opt->ip_srcrt.nop,
1808 OPTSIZ);
1809 q = (struct in_addr *)(mtod(m, caddr_t) +
1810 sizeof(struct in_addr) + OPTSIZ);
1811#undef OPTSIZ
1812 /*
1813 * Record return path as an IP source route,
1814 * reversing the path (pointers are now aligned).
1815 */
1816 while (p >= opt->ip_srcrt.route) {
1817#ifdef DIAGNOSTIC
1818 if (ipprintfs)
1819 kprintf(" %x", ntohl(q->s_addr));
1820#endif
1821 *q++ = *p--;
1822 }
1823 /*
1824 * Last hop goes to final destination.
1825 */
1826 *q = opt->ip_srcrt.dst;
1827 m_tag_delete(m0, mtag);
1828#ifdef DIAGNOSTIC
1829 if (ipprintfs)
1830 kprintf(" %x\n", ntohl(q->s_addr));
1831#endif
1832 return (m);
1833}
1834
1835/*
1836 * Strip out IP options.
1837 */
1838void
1839ip_stripoptions(struct mbuf *m)
1840{
1841 int datalen;
1842 struct ip *ip = mtod(m, struct ip *);
1843 caddr_t opts;
1844 int optlen;
1845
1846 optlen = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
1847 opts = (caddr_t)(ip + 1);
1848 datalen = m->m_len - (sizeof(struct ip) + optlen);
1849 bcopy(opts + optlen, opts, datalen);
1850 m->m_len -= optlen;
1851 if (m->m_flags & M_PKTHDR)
1852 m->m_pkthdr.len -= optlen;
1853 ip->ip_vhl = IP_MAKE_VHL(IPVERSION, sizeof(struct ip) >> 2);
1854}
1855
1856u_char inetctlerrmap[PRC_NCMDS] = {
1857 0, 0, 0, 0,
1858 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH,
1859 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
1860 EMSGSIZE, EHOSTUNREACH, 0, 0,
1861 0, 0, 0, 0,
1862 ENOPROTOOPT, ECONNREFUSED
1863};
1864
1865/*
1866 * Forward a packet. If some error occurs return the sender
1867 * an icmp packet. Note we can't always generate a meaningful
1868 * icmp message because icmp doesn't have a large enough repertoire
1869 * of codes and types.
1870 *
1871 * If not forwarding, just drop the packet. This could be confusing
1872 * if ipforwarding was zero but some routing protocol was advancing
1873 * us as a gateway to somewhere. However, we must let the routing
1874 * protocol deal with that.
1875 *
1876 * The using_srcrt parameter indicates whether the packet is being forwarded
1877 * via a source route.
1878 */
1879void
1880ip_forward(struct mbuf *m, boolean_t using_srcrt, struct sockaddr_in *next_hop)
1881{
1882 struct ip *ip = mtod(m, struct ip *);
1883 struct sockaddr_in *ipforward_rtaddr;
1884 struct rtentry *rt;
1885 int error, type = 0, code = 0, destmtu = 0;
1886 struct mbuf *mcopy;
1887 n_long dest;
1888 struct in_addr pkt_dst;
1889 struct route *cache_rt = &ipforward_rt[mycpuid];
1890
1891 dest = INADDR_ANY;
1892 /*
1893 * Cache the destination address of the packet; this may be
1894 * changed by use of 'ipfw fwd'.
1895 */
1896 pkt_dst = (next_hop != NULL) ? next_hop->sin_addr : ip->ip_dst;
1897
1898#ifdef DIAGNOSTIC
1899 if (ipprintfs)
1900 kprintf("forward: src %x dst %x ttl %x\n",
1901 ip->ip_src.s_addr, pkt_dst.s_addr, ip->ip_ttl);
1902#endif
1903
1904 if (m->m_flags & (M_BCAST | M_MCAST) || !in_canforward(pkt_dst)) {
1905 ipstat.ips_cantforward++;
1906 m_freem(m);
1907 return;
1908 }
1909 if (!ipstealth && ip->ip_ttl <= IPTTLDEC) {
1910 icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, dest, 0);
1911 return;
1912 }
1913
1914 ipforward_rtaddr = (struct sockaddr_in *) &cache_rt->ro_dst;
1915 if (cache_rt->ro_rt == NULL ||
1916 ipforward_rtaddr->sin_addr.s_addr != pkt_dst.s_addr) {
1917 if (cache_rt->ro_rt != NULL) {
1918 RTFREE(cache_rt->ro_rt);
1919 cache_rt->ro_rt = NULL;
1920 }
1921 ipforward_rtaddr->sin_family = AF_INET;
1922 ipforward_rtaddr->sin_len = sizeof(struct sockaddr_in);
1923 ipforward_rtaddr->sin_addr = pkt_dst;
1924 rtalloc_ign(cache_rt, RTF_PRCLONING);
1925 if (cache_rt->ro_rt == NULL) {
1926 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, dest, 0);
1927 return;
1928 }
1929 }
1930 rt = cache_rt->ro_rt;
1931
1932 /*
1933 * Save the IP header and at most 8 bytes of the payload,
1934 * in case we need to generate an ICMP message to the src.
1935 *
1936 * XXX this can be optimized a lot by saving the data in a local
1937 * buffer on the stack (72 bytes at most), and only allocating the
1938 * mbuf if really necessary. The vast majority of the packets
1939 * are forwarded without having to send an ICMP back (either
1940 * because unnecessary, or because rate limited), so we are
1941 * really we are wasting a lot of work here.
1942 *
1943 * We don't use m_copy() because it might return a reference
1944 * to a shared cluster. Both this function and ip_output()
1945 * assume exclusive access to the IP header in `m', so any
1946 * data in a cluster may change before we reach icmp_error().
1947 */
1948 MGETHDR(mcopy, MB_DONTWAIT, m->m_type);
1949 if (mcopy != NULL && !m_dup_pkthdr(mcopy, m, MB_DONTWAIT)) {
1950 /*
1951 * It's probably ok if the pkthdr dup fails (because
1952 * the deep copy of the tag chain failed), but for now
1953 * be conservative and just discard the copy since
1954 * code below may some day want the tags.
1955 */
1956 m_free(mcopy);
1957 mcopy = NULL;
1958 }
1959 if (mcopy != NULL) {
1960 mcopy->m_len = imin((IP_VHL_HL(ip->ip_vhl) << 2) + 8,
1961 (int)ip->ip_len);
1962 mcopy->m_pkthdr.len = mcopy->m_len;
1963 m_copydata(m, 0, mcopy->m_len, mtod(mcopy, caddr_t));
1964 }
1965
1966 if (!ipstealth)
1967 ip->ip_ttl -= IPTTLDEC;
1968
1969 /*
1970 * If forwarding packet using same interface that it came in on,
1971 * perhaps should send a redirect to sender to shortcut a hop.
1972 * Only send redirect if source is sending directly to us,
1973 * and if packet was not source routed (or has any options).
1974 * Also, don't send redirect if forwarding using a default route
1975 * or a route modified by a redirect.
1976 */
1977 if (rt->rt_ifp == m->m_pkthdr.rcvif &&
1978 !(rt->rt_flags & (RTF_DYNAMIC | RTF_MODIFIED)) &&
1979 satosin(rt_key(rt))->sin_addr.s_addr != INADDR_ANY &&
1980 ipsendredirects && !using_srcrt && next_hop == NULL) {
1981 u_long src = ntohl(ip->ip_src.s_addr);
1982 struct in_ifaddr *rt_ifa = (struct in_ifaddr *)rt->rt_ifa;
1983
1984 if (rt_ifa != NULL &&
1985 (src & rt_ifa->ia_subnetmask) == rt_ifa->ia_subnet) {
1986 if (rt->rt_flags & RTF_GATEWAY)
1987 dest = satosin(rt->rt_gateway)->sin_addr.s_addr;
1988 else
1989 dest = pkt_dst.s_addr;
1990 /*
1991 * Router requirements says to only send
1992 * host redirects.
1993 */
1994 type = ICMP_REDIRECT;
1995 code = ICMP_REDIRECT_HOST;
1996#ifdef DIAGNOSTIC
1997 if (ipprintfs)
1998 kprintf("redirect (%d) to %x\n", code, dest);
1999#endif
2000 }
2001 }
2002
2003 error = ip_output(m, NULL, cache_rt, IP_FORWARDING, NULL, NULL);
2004 if (error == 0) {
2005 ipstat.ips_forward++;
2006 if (type == 0) {
2007 if (mcopy) {
2008 ipflow_create(cache_rt, mcopy);
2009 m_freem(mcopy);
2010 }
2011 return; /* most common case */
2012 } else {
2013 ipstat.ips_redirectsent++;
2014 }
2015 } else {
2016 ipstat.ips_cantforward++;
2017 }
2018
2019 if (mcopy == NULL)
2020 return;
2021
2022 /*
2023 * Send ICMP message.
2024 */
2025
2026 switch (error) {
2027
2028 case 0: /* forwarded, but need redirect */
2029 /* type, code set above */
2030 break;
2031
2032 case ENETUNREACH: /* shouldn't happen, checked above */
2033 case EHOSTUNREACH:
2034 case ENETDOWN:
2035 case EHOSTDOWN:
2036 default:
2037 type = ICMP_UNREACH;
2038 code = ICMP_UNREACH_HOST;
2039 break;
2040
2041 case EMSGSIZE:
2042 type = ICMP_UNREACH;
2043 code = ICMP_UNREACH_NEEDFRAG;
2044#ifdef IPSEC
2045 /*
2046 * If the packet is routed over IPsec tunnel, tell the
2047 * originator the tunnel MTU.
2048 * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
2049 * XXX quickhack!!!
2050 */
2051 if (cache_rt->ro_rt != NULL) {
2052 struct secpolicy *sp = NULL;
2053 int ipsecerror;
2054 int ipsechdr;
2055 struct route *ro;
2056
2057 sp = ipsec4_getpolicybyaddr(mcopy,
2058 IPSEC_DIR_OUTBOUND,
2059 IP_FORWARDING,
2060 &ipsecerror);
2061
2062 if (sp == NULL)
2063 destmtu = cache_rt->ro_rt->rt_ifp->if_mtu;
2064 else {
2065 /* count IPsec header size */
2066 ipsechdr = ipsec4_hdrsiz(mcopy,
2067 IPSEC_DIR_OUTBOUND,
2068 NULL);
2069
2070 /*
2071 * find the correct route for outer IPv4
2072 * header, compute tunnel MTU.
2073 *
2074 */
2075 if (sp->req != NULL && sp->req->sav != NULL &&
2076 sp->req->sav->sah != NULL) {
2077 ro = &sp->req->sav->sah->sa_route;
2078 if (ro->ro_rt != NULL &&
2079 ro->ro_rt->rt_ifp != NULL) {
2080 destmtu =
2081 ro->ro_rt->rt_ifp->if_mtu;
2082 destmtu -= ipsechdr;
2083 }
2084 }
2085
2086 key_freesp(sp);
2087 }
2088 }
2089#elif FAST_IPSEC
2090 /*
2091 * If the packet is routed over IPsec tunnel, tell the
2092 * originator the tunnel MTU.
2093 * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
2094 * XXX quickhack!!!
2095 */
2096 if (cache_rt->ro_rt != NULL) {
2097 struct secpolicy *sp = NULL;
2098 int ipsecerror;
2099 int ipsechdr;
2100 struct route *ro;
2101
2102 sp = ipsec_getpolicybyaddr(mcopy,
2103 IPSEC_DIR_OUTBOUND,
2104 IP_FORWARDING,
2105 &ipsecerror);
2106
2107 if (sp == NULL)
2108 destmtu = cache_rt->ro_rt->rt_ifp->if_mtu;
2109 else {
2110 /* count IPsec header size */
2111 ipsechdr = ipsec4_hdrsiz(mcopy,
2112 IPSEC_DIR_OUTBOUND,
2113 NULL);
2114
2115 /*
2116 * find the correct route for outer IPv4
2117 * header, compute tunnel MTU.
2118 */
2119
2120 if (sp->req != NULL &&
2121 sp->req->sav != NULL &&
2122 sp->req->sav->sah != NULL) {
2123 ro = &sp->req->sav->sah->sa_route;
2124 if (ro->ro_rt != NULL &&
2125 ro->ro_rt->rt_ifp != NULL) {
2126 destmtu =
2127 ro->ro_rt->rt_ifp->if_mtu;
2128 destmtu -= ipsechdr;
2129 }
2130 }
2131
2132 KEY_FREESP(&sp);
2133 }
2134 }
2135#else /* !IPSEC && !FAST_IPSEC */
2136 if (cache_rt->ro_rt != NULL)
2137 destmtu = cache_rt->ro_rt->rt_ifp->if_mtu;
2138#endif /*IPSEC*/
2139 ipstat.ips_cantfrag++;
2140 break;
2141
2142 case ENOBUFS:
2143 /*
2144 * A router should not generate ICMP_SOURCEQUENCH as
2145 * required in RFC1812 Requirements for IP Version 4 Routers.
2146 * Source quench could be a big problem under DoS attacks,
2147 * or if the underlying interface is rate-limited.
2148 * Those who need source quench packets may re-enable them
2149 * via the net.inet.ip.sendsourcequench sysctl.
2150 */
2151 if (!ip_sendsourcequench) {
2152 m_freem(mcopy);
2153 return;
2154 } else {
2155 type = ICMP_SOURCEQUENCH;
2156 code = 0;
2157 }
2158 break;
2159
2160 case EACCES: /* ipfw denied packet */
2161 m_freem(mcopy);
2162 return;
2163 }
2164 icmp_error(mcopy, type, code, dest, destmtu);
2165}
2166
2167void
2168ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip,
2169 struct mbuf *m)
2170{
2171 if (inp->inp_socket->so_options & SO_TIMESTAMP) {
2172 struct timeval tv;
2173
2174 microtime(&tv);
2175 *mp = sbcreatecontrol((caddr_t) &tv, sizeof(tv),
2176 SCM_TIMESTAMP, SOL_SOCKET);
2177 if (*mp)
2178 mp = &(*mp)->m_next;
2179 }
2180 if (inp->inp_flags & INP_RECVDSTADDR) {
2181 *mp = sbcreatecontrol((caddr_t) &ip->ip_dst,
2182 sizeof(struct in_addr), IP_RECVDSTADDR, IPPROTO_IP);
2183 if (*mp)
2184 mp = &(*mp)->m_next;
2185 }
2186 if (inp->inp_flags & INP_RECVTTL) {
2187 *mp = sbcreatecontrol((caddr_t) &ip->ip_ttl,
2188 sizeof(u_char), IP_RECVTTL, IPPROTO_IP);
2189 if (*mp)
2190 mp = &(*mp)->m_next;
2191 }
2192#ifdef notyet
2193 /* XXX
2194 * Moving these out of udp_input() made them even more broken
2195 * than they already were.
2196 */
2197 /* options were tossed already */
2198 if (inp->inp_flags & INP_RECVOPTS) {
2199 *mp = sbcreatecontrol((caddr_t) opts_deleted_above,
2200 sizeof(struct in_addr), IP_RECVOPTS, IPPROTO_IP);
2201 if (*mp)
2202 mp = &(*mp)->m_next;
2203 }
2204 /* ip_srcroute doesn't do what we want here, need to fix */
2205 if (inp->inp_flags & INP_RECVRETOPTS) {
2206 *mp = sbcreatecontrol((caddr_t) ip_srcroute(m),
2207 sizeof(struct in_addr), IP_RECVRETOPTS, IPPROTO_IP);
2208 if (*mp)
2209 mp = &(*mp)->m_next;
2210 }
2211#endif
2212 if (inp->inp_flags & INP_RECVIF) {
2213 struct ifnet *ifp;
2214 struct sdlbuf {
2215 struct sockaddr_dl sdl;
2216 u_char pad[32];
2217 } sdlbuf;
2218 struct sockaddr_dl *sdp;
2219 struct sockaddr_dl *sdl2 = &sdlbuf.sdl;
2220
2221 if (((ifp = m->m_pkthdr.rcvif)) &&
2222 ((ifp->if_index != 0) && (ifp->if_index <= if_index))) {
2223 sdp = IF_LLSOCKADDR(ifp);
2224 /*
2225 * Change our mind and don't try copy.
2226 */
2227 if ((sdp->sdl_family != AF_LINK) ||
2228 (sdp->sdl_len > sizeof(sdlbuf))) {
2229 goto makedummy;
2230 }
2231 bcopy(sdp, sdl2, sdp->sdl_len);
2232 } else {
2233makedummy:
2234 sdl2->sdl_len =
2235 offsetof(struct sockaddr_dl, sdl_data[0]);
2236 sdl2->sdl_family = AF_LINK;
2237 sdl2->sdl_index = 0;
2238 sdl2->sdl_nlen = sdl2->sdl_alen = sdl2->sdl_slen = 0;
2239 }
2240 *mp = sbcreatecontrol((caddr_t) sdl2, sdl2->sdl_len,
2241 IP_RECVIF, IPPROTO_IP);
2242 if (*mp)
2243 mp = &(*mp)->m_next;
2244 }
2245}
2246
2247/*
2248 * XXX these routines are called from the upper part of the kernel.
2249 *
2250 * They could also be moved to ip_mroute.c, since all the RSVP
2251 * handling is done there already.
2252 */
2253int
2254ip_rsvp_init(struct socket *so)
2255{
2256 if (so->so_type != SOCK_RAW ||
2257 so->so_proto->pr_protocol != IPPROTO_RSVP)
2258 return EOPNOTSUPP;
2259
2260 if (ip_rsvpd != NULL)
2261 return EADDRINUSE;
2262
2263 ip_rsvpd = so;
2264 /*
2265 * This may seem silly, but we need to be sure we don't over-increment
2266 * the RSVP counter, in case something slips up.
2267 */
2268 if (!ip_rsvp_on) {
2269 ip_rsvp_on = 1;
2270 rsvp_on++;
2271 }
2272
2273 return 0;
2274}
2275
2276int
2277ip_rsvp_done(void)
2278{
2279 ip_rsvpd = NULL;
2280 /*
2281 * This may seem silly, but we need to be sure we don't over-decrement
2282 * the RSVP counter, in case something slips up.
2283 */
2284 if (ip_rsvp_on) {
2285 ip_rsvp_on = 0;
2286 rsvp_on--;
2287 }
2288 return 0;
2289}
2290
2291void
2292rsvp_input(struct mbuf *m, ...) /* XXX must fixup manually */
2293{
2294 int off, proto;
2295 __va_list ap;
2296
2297 __va_start(ap, m);
2298 off = __va_arg(ap, int);
2299 proto = __va_arg(ap, int);
2300 __va_end(ap);
2301
2302 if (rsvp_input_p) { /* call the real one if loaded */
2303 rsvp_input_p(m, off, proto);
2304 return;
2305 }
2306
2307 /* Can still get packets with rsvp_on = 0 if there is a local member
2308 * of the group to which the RSVP packet is addressed. But in this
2309 * case we want to throw the packet away.
2310 */
2311
2312 if (!rsvp_on) {
2313 m_freem(m);
2314 return;
2315 }
2316
2317 if (ip_rsvpd != NULL) {
2318 rip_input(m, off, proto);
2319 return;
2320 }
2321 /* Drop the packet */
2322 m_freem(m);
2323}
DragonFly Project Source