2 * Copyright (c) 1982, 1986, 1988, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * @(#)raw_ip.c 8.7 (Berkeley) 5/15/95
34 * $FreeBSD: src/sys/netinet/raw_ip.c,v 1.64.2.16 2003/08/24 08:24:38 hsu Exp $
35 * $DragonFly: src/sys/netinet/raw_ip.c,v 1.23 2005/08/15 16:46:21 dillon Exp $
38 #include "opt_inet6.h"
39 #include "opt_ipsec.h"
41 #include <sys/param.h>
42 #include <sys/systm.h>
43 #include <sys/kernel.h>
44 #include <sys/malloc.h>
47 #include <sys/protosw.h>
48 #include <sys/socket.h>
49 #include <sys/socketvar.h>
50 #include <sys/sysctl.h>
51 #include <sys/thread2.h>
53 #include <machine/stdarg.h>
55 #include <vm/vm_zone.h>
58 #include <net/route.h>
61 #include <netinet/in.h>
62 #include <netinet/in_systm.h>
63 #include <netinet/ip.h>
64 #include <netinet/in_pcb.h>
65 #include <netinet/in_var.h>
66 #include <netinet/ip_var.h>
68 #include <net/ip_mroute/ip_mroute.h>
69 #include <net/ipfw/ip_fw.h>
70 #include <net/dummynet/ip_dummynet.h>
73 #include <netproto/ipsec/ipsec.h>
77 #include <netinet6/ipsec.h>
80 struct inpcbinfo ripcbinfo;
82 /* control hooks for ipfw and dummynet */
83 ip_fw_ctl_t *ip_fw_ctl_ptr;
84 ip_dn_ctl_t *ip_dn_ctl_ptr;
87 * hooks for multicast routing. They all default to NULL,
88 * so leave them not initialized and rely on BSS being set to 0.
91 /* The socket used to communicate with the multicast routing daemon. */
92 struct socket *ip_mrouter;
94 /* The various mrouter and rsvp functions */
95 int (*ip_mrouter_set)(struct socket *, struct sockopt *);
96 int (*ip_mrouter_get)(struct socket *, struct sockopt *);
97 int (*ip_mrouter_done)(void);
98 int (*ip_mforward)(struct ip *, struct ifnet *, struct mbuf *,
99 struct ip_moptions *);
100 int (*mrt_ioctl)(int, caddr_t);
101 int (*legal_vif_num)(int);
102 u_long (*ip_mcast_src)(int);
104 void (*rsvp_input_p)(struct mbuf *m, ...);
105 int (*ip_rsvp_vif)(struct socket *, struct sockopt *);
106 void (*ip_rsvp_force_done)(struct socket *);
109 * Nominal space allocated to a raw ip socket.
115 * Raw interface to IP protocol.
119 * Initialize raw connection block queue.
124 in_pcbinfo_init(&ripcbinfo);
126 * XXX We don't use the hash list for raw IP, but it's easier
127 * to allocate a one entry hash list than it is to check all
128 * over the place for hashbase == NULL.
130 ripcbinfo.hashbase = hashinit(1, M_PCB, &ripcbinfo.hashmask);
131 ripcbinfo.porthashbase = hashinit(1, M_PCB, &ripcbinfo.porthashmask);
132 ripcbinfo.wildcardhashbase = hashinit(1, M_PCB,
133 &ripcbinfo.wildcardhashmask);
134 ripcbinfo.ipi_zone = zinit("ripcb", sizeof(struct inpcb),
135 maxsockets, ZONE_INTERRUPT, 0);
139 * Setup generic address and protocol structures
140 * for raw_input routine, then pass them along with
144 rip_input(struct mbuf *m, ...)
146 struct sockaddr_in ripsrc = { sizeof ripsrc, AF_INET };
147 struct ip *ip = mtod(m, struct ip *);
149 struct inpcb *last = NULL;
150 struct mbuf *opts = NULL;
155 off = __va_arg(ap, int);
156 proto = __va_arg(ap, int);
159 ripsrc.sin_addr = ip->ip_src;
160 LIST_FOREACH(inp, &ripcbinfo.pcblisthead, inp_list) {
161 if (inp->inp_flags & INP_PLACEMARKER)
164 if ((inp->inp_vflag & INP_IPV4) == 0)
167 if (inp->inp_ip_p && inp->inp_ip_p != proto)
169 if (inp->inp_laddr.s_addr != INADDR_ANY &&
170 inp->inp_laddr.s_addr != ip->ip_dst.s_addr)
172 if (inp->inp_faddr.s_addr != INADDR_ANY &&
173 inp->inp_faddr.s_addr != ip->ip_src.s_addr)
176 struct mbuf *n = m_copypacket(m, MB_DONTWAIT);
179 /* check AH/ESP integrity. */
180 if (n && ipsec4_in_reject_so(n, last->inp_socket)) {
182 ipsecstat.in_polvio++;
183 /* do not inject data to pcb */
187 /* check AH/ESP integrity. */
188 if (ipsec4_in_reject(n, last)) {
190 /* do not inject data to pcb */
192 #endif /*FAST_IPSEC*/
194 if (last->inp_flags & INP_CONTROLOPTS ||
195 last->inp_socket->so_options & SO_TIMESTAMP)
196 ip_savecontrol(last, &opts, ip, n);
197 if (sbappendaddr(&last->inp_socket->so_rcv,
198 (struct sockaddr *)&ripsrc, n,
200 /* should notify about lost packet */
205 sorwakeup(last->inp_socket);
212 /* check AH/ESP integrity. */
213 if (last && ipsec4_in_reject_so(m, last->inp_socket)) {
215 ipsecstat.in_polvio++;
216 ipstat.ips_delivered--;
217 /* do not inject data to pcb */
221 /* check AH/ESP integrity. */
222 if (last && ipsec4_in_reject(m, last)) {
224 ipstat.ips_delivered--;
225 /* do not inject data to pcb */
227 #endif /*FAST_IPSEC*/
229 if (last->inp_flags & INP_CONTROLOPTS ||
230 last->inp_socket->so_options & SO_TIMESTAMP)
231 ip_savecontrol(last, &opts, ip, m);
232 if (sbappendaddr(&last->inp_socket->so_rcv,
233 (struct sockaddr *)&ripsrc, m, opts) == 0) {
238 sorwakeup(last->inp_socket);
241 ipstat.ips_noproto++;
242 ipstat.ips_delivered--;
247 * Generate IP header and pass packet to ip_output.
248 * Tack on options user may have setup with control call.
251 rip_output(struct mbuf *m, struct socket *so, ...)
254 struct inpcb *inp = so->so_pcb;
256 int flags = (so->so_options & SO_DONTROUTE) | IP_ALLOWBROADCAST;
260 dst = __va_arg(ap, u_long);
264 * If the user handed us a complete IP packet, use it.
265 * Otherwise, allocate an mbuf for a header and fill it in.
267 if ((inp->inp_flags & INP_HDRINCL) == 0) {
268 if (m->m_pkthdr.len + sizeof(struct ip) > IP_MAXPACKET) {
272 M_PREPEND(m, sizeof(struct ip), MB_WAIT);
275 ip = mtod(m, struct ip *);
276 ip->ip_tos = inp->inp_ip_tos;
278 ip->ip_p = inp->inp_ip_p;
279 ip->ip_len = m->m_pkthdr.len;
280 ip->ip_src = inp->inp_laddr;
281 ip->ip_dst.s_addr = dst;
282 ip->ip_ttl = inp->inp_ip_ttl;
284 if (m->m_pkthdr.len > IP_MAXPACKET) {
288 ip = mtod(m, struct ip *);
289 /* don't allow both user specified and setsockopt options,
290 and don't allow packet length sizes that will crash */
291 if (((IP_VHL_HL(ip->ip_vhl) != (sizeof (*ip) >> 2)) &&
293 (ip->ip_len > m->m_pkthdr.len) ||
294 (ip->ip_len < (IP_VHL_HL(ip->ip_vhl) << 2))) {
299 ip->ip_id = ip_newid();
300 /* XXX prevent ip_output from overwriting header fields */
301 flags |= IP_RAWOUTPUT;
305 return (ip_output(m, inp->inp_options, &inp->inp_route, flags,
306 inp->inp_moptions, inp));
310 * Raw IP socket option processing.
313 rip_ctloutput(struct socket *so, struct sockopt *sopt)
315 struct inpcb *inp = so->so_pcb;
318 if (sopt->sopt_level != IPPROTO_IP)
323 switch (sopt->sopt_dir) {
325 switch (sopt->sopt_name) {
327 optval = inp->inp_flags & INP_HDRINCL;
328 error = sooptcopyout(sopt, &optval, sizeof optval);
331 case IP_FW_ADD: /* ADD actually returns the body... */
334 error = ip_fw_ctl_ptr(sopt);
339 case IP_DUMMYNET_GET:
341 error = ip_dn_ctl_ptr(sopt);
354 case MRT_API_SUPPORT:
356 case MRT_ADD_BW_UPCALL:
357 case MRT_DEL_BW_UPCALL:
358 error = ip_mrouter_get ? ip_mrouter_get(so, sopt) :
363 error = ip_ctloutput(so, sopt);
369 switch (sopt->sopt_name) {
371 error = sooptcopyin(sopt, &optval, sizeof optval,
376 inp->inp_flags |= INP_HDRINCL;
378 inp->inp_flags &= ~INP_HDRINCL;
387 error = ip_fw_ctl_ptr(sopt);
392 case IP_DUMMYNET_CONFIGURE:
393 case IP_DUMMYNET_DEL:
394 case IP_DUMMYNET_FLUSH:
396 error = ip_dn_ctl_ptr(sopt);
398 error = ENOPROTOOPT ;
402 error = ip_rsvp_init(so);
406 error = ip_rsvp_done();
410 case IP_RSVP_VIF_OFF:
411 error = ip_rsvp_vif ?
412 ip_rsvp_vif(so, sopt) : EINVAL;
423 case MRT_API_SUPPORT:
425 case MRT_ADD_BW_UPCALL:
426 case MRT_DEL_BW_UPCALL:
427 error = ip_mrouter_set ? ip_mrouter_set(so, sopt) :
432 error = ip_ctloutput(so, sopt);
442 * This function exists solely to receive the PRC_IFDOWN messages which
443 * are sent by if_down(). It looks for an ifaddr whose ifa_addr is sa,
444 * and calls in_ifadown() to remove all routes corresponding to that address.
445 * It also receives the PRC_IFUP messages from if_up() and reinstalls the
449 rip_ctlinput(int cmd, struct sockaddr *sa, void *vip)
451 struct in_ifaddr *ia;
458 TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) {
459 if (ia->ia_ifa.ifa_addr == sa &&
460 (ia->ia_flags & IFA_ROUTE)) {
462 * in_ifscrub kills the interface route.
464 in_ifscrub(ia->ia_ifp, ia);
466 * in_ifadown gets rid of all the rest of
467 * the routes. This is not quite the right
468 * thing to do, but at least if we are running
469 * a routing process they will come back.
471 in_ifadown(&ia->ia_ifa, 0);
478 TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) {
479 if (ia->ia_ifa.ifa_addr == sa)
482 if (ia == 0 || (ia->ia_flags & IFA_ROUTE))
485 ifp = ia->ia_ifa.ifa_ifp;
487 if ((ifp->if_flags & IFF_LOOPBACK) ||
488 (ifp->if_flags & IFF_POINTOPOINT))
491 err = rtinit(&ia->ia_ifa, RTM_ADD, flags);
493 ia->ia_flags |= IFA_ROUTE;
498 u_long rip_sendspace = RIPSNDQ;
499 u_long rip_recvspace = RIPRCVQ;
501 SYSCTL_INT(_net_inet_raw, OID_AUTO, maxdgram, CTLFLAG_RW,
502 &rip_sendspace, 0, "Maximum outgoing raw IP datagram size");
503 SYSCTL_INT(_net_inet_raw, OID_AUTO, recvspace, CTLFLAG_RW,
504 &rip_recvspace, 0, "Maximum incoming raw IP datagram size");
507 rip_attach(struct socket *so, int proto, struct pru_attach_info *ai)
515 if ((error = suser_cred(ai->p_ucred, NULL_CRED_OKAY)) != 0)
518 error = soreserve(so, rip_sendspace, rip_recvspace, ai->sb_rlimit);
522 error = in_pcballoc(so, &ripcbinfo);
526 inp = (struct inpcb *)so->so_pcb;
527 inp->inp_vflag |= INP_IPV4;
528 inp->inp_ip_p = proto;
529 inp->inp_ip_ttl = ip_defttl;
534 rip_detach(struct socket *so)
541 if (so == ip_mrouter && ip_mrouter_done)
543 if (ip_rsvp_force_done)
544 ip_rsvp_force_done(so);
552 rip_abort(struct socket *so)
554 soisdisconnected(so);
555 if (so->so_state & SS_NOFDREF)
556 return rip_detach(so);
561 rip_disconnect(struct socket *so)
563 if ((so->so_state & SS_ISCONNECTED) == 0)
565 return rip_abort(so);
569 rip_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
571 struct inpcb *inp = so->so_pcb;
572 struct sockaddr_in *addr = (struct sockaddr_in *)nam;
574 if (nam->sa_len != sizeof(*addr))
577 if (TAILQ_EMPTY(&ifnet) || ((addr->sin_family != AF_INET) &&
578 (addr->sin_family != AF_IMPLINK)) ||
579 (addr->sin_addr.s_addr != INADDR_ANY &&
580 ifa_ifwithaddr((struct sockaddr *)addr) == 0))
581 return EADDRNOTAVAIL;
582 inp->inp_laddr = addr->sin_addr;
587 rip_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
589 struct inpcb *inp = so->so_pcb;
590 struct sockaddr_in *addr = (struct sockaddr_in *)nam;
592 if (nam->sa_len != sizeof(*addr))
594 if (TAILQ_EMPTY(&ifnet))
595 return EADDRNOTAVAIL;
596 if ((addr->sin_family != AF_INET) &&
597 (addr->sin_family != AF_IMPLINK))
599 inp->inp_faddr = addr->sin_addr;
605 rip_shutdown(struct socket *so)
612 rip_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
613 struct mbuf *control, struct thread *td)
615 struct inpcb *inp = so->so_pcb;
618 if (so->so_state & SS_ISCONNECTED) {
623 dst = inp->inp_faddr.s_addr;
629 dst = ((struct sockaddr_in *)nam)->sin_addr.s_addr;
631 return rip_output(m, so, dst);
634 SYSCTL_PROC(_net_inet_raw, OID_AUTO/*XXX*/, pcblist, CTLFLAG_RD, &ripcbinfo, 0,
635 in_pcblist_global, "S,xinpcb", "List of active raw IP sockets");
637 struct pr_usrreqs rip_usrreqs = {
638 rip_abort, pru_accept_notsupp, rip_attach, rip_bind, rip_connect,
639 pru_connect2_notsupp, in_control, rip_detach, rip_disconnect,
640 pru_listen_notsupp, in_setpeeraddr, pru_rcvd_notsupp,
641 pru_rcvoob_notsupp, rip_send, pru_sense_null, rip_shutdown,
642 in_setsockaddr, sosend, soreceive, sopoll
lentferj's projects / dragonfly.git / blob