2 * Copyright (c) 2003, 2004 Jeffrey M. Hsu. All rights reserved.
3 * Copyright (c) 2003, 2004 The DragonFly Project. All rights reserved.
5 * This code is derived from software contributed to The DragonFly Project
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of The DragonFly Project nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific, prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
30 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * Copyright (c) 1982, 1986, 1988, 1993
36 * The Regents of the University of California. All rights reserved.
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. All advertising materials mentioning features or use of this software
47 * must display the following acknowledgement:
48 * This product includes software developed by the University of
49 * California, Berkeley and its contributors.
50 * 4. Neither the name of the University nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
66 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94
67 * $FreeBSD: src/sys/netinet/ip_input.c,v 1.130.2.52 2003/03/07 07:01:28 silby Exp $
68 * $DragonFly: src/sys/netinet/ip_input.c,v 1.82 2008/07/03 08:22:36 corecode Exp $
73 #include "opt_bootp.h"
76 #include "opt_ipdivert.h"
77 #include "opt_ipfilter.h"
78 #include "opt_ipstealth.h"
79 #include "opt_ipsec.h"
81 #include <sys/param.h>
82 #include <sys/systm.h>
84 #include <sys/malloc.h>
85 #include <sys/mpipe.h>
86 #include <sys/domain.h>
87 #include <sys/protosw.h>
88 #include <sys/socket.h>
90 #include <sys/globaldata.h>
91 #include <sys/thread.h>
92 #include <sys/kernel.h>
93 #include <sys/syslog.h>
94 #include <sys/sysctl.h>
95 #include <sys/in_cksum.h>
97 #include <machine/stdarg.h>
100 #include <net/if_types.h>
101 #include <net/if_var.h>
102 #include <net/if_dl.h>
103 #include <net/pfil.h>
104 #include <net/route.h>
105 #include <net/netisr.h>
107 #include <netinet/in.h>
108 #include <netinet/in_systm.h>
109 #include <netinet/in_var.h>
110 #include <netinet/ip.h>
111 #include <netinet/in_pcb.h>
112 #include <netinet/ip_var.h>
113 #include <netinet/ip_icmp.h>
115 #include <sys/thread2.h>
116 #include <sys/msgport2.h>
117 #include <net/netmsg2.h>
119 #include <sys/socketvar.h>
121 #include <net/ipfw/ip_fw.h>
122 #include <net/dummynet/ip_dummynet.h>
125 #include <netinet6/ipsec.h>
126 #include <netproto/key/key.h>
130 #include <netproto/ipsec/ipsec.h>
131 #include <netproto/ipsec/key.h>
135 static int ip_rsvp_on;
136 struct socket *ip_rsvpd;
138 int ipforwarding = 0;
139 SYSCTL_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW,
140 &ipforwarding, 0, "Enable IP forwarding between interfaces");
142 static int ipsendredirects = 1; /* XXX */
143 SYSCTL_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW,
144 &ipsendredirects, 0, "Enable sending IP redirects");
146 int ip_defttl = IPDEFTTL;
147 SYSCTL_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW,
148 &ip_defttl, 0, "Maximum TTL on IP packets");
150 static int ip_dosourceroute = 0;
151 SYSCTL_INT(_net_inet_ip, IPCTL_SOURCEROUTE, sourceroute, CTLFLAG_RW,
152 &ip_dosourceroute, 0, "Enable forwarding source routed IP packets");
154 static int ip_acceptsourceroute = 0;
155 SYSCTL_INT(_net_inet_ip, IPCTL_ACCEPTSOURCEROUTE, accept_sourceroute,
156 CTLFLAG_RW, &ip_acceptsourceroute, 0,
157 "Enable accepting source routed IP packets");
159 static int ip_keepfaith = 0;
160 SYSCTL_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
162 "Enable packet capture for FAITH IPv4->IPv6 translator daemon");
164 static int nipq = 0; /* total # of reass queues */
166 SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragpackets, CTLFLAG_RW,
168 "Maximum number of IPv4 fragment reassembly queue entries");
170 static int maxfragsperpacket;
171 SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW,
172 &maxfragsperpacket, 0,
173 "Maximum number of IPv4 fragments allowed per packet");
175 static int ip_sendsourcequench = 0;
176 SYSCTL_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW,
177 &ip_sendsourcequench, 0,
178 "Enable the transmission of source quench packets");
180 int ip_do_randomid = 1;
181 SYSCTL_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW,
183 "Assign random ip_id values");
185 * XXX - Setting ip_checkinterface mostly implements the receive side of
186 * the Strong ES model described in RFC 1122, but since the routing table
187 * and transmit implementation do not implement the Strong ES model,
188 * setting this to 1 results in an odd hybrid.
190 * XXX - ip_checkinterface currently must be disabled if you use ipnat
191 * to translate the destination address to another local interface.
193 * XXX - ip_checkinterface must be disabled if you add IP aliases
194 * to the loopback interface instead of the interface where the
195 * packets for those addresses are received.
197 static int ip_checkinterface = 0;
198 SYSCTL_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW,
199 &ip_checkinterface, 0, "Verify packet arrives on correct interface");
202 static int ipprintfs = 0;
205 extern struct domain inetdomain;
206 extern struct protosw inetsw[];
207 u_char ip_protox[IPPROTO_MAX];
208 struct in_ifaddrhead in_ifaddrheads[MAXCPU]; /* first inet address */
209 struct in_ifaddrhashhead *in_ifaddrhashtbls[MAXCPU];
210 /* inet addr hash table */
211 u_long in_ifaddrhmask; /* mask for hash table */
213 struct ip_stats ipstats_percpu[MAXCPU];
216 sysctl_ipstats(SYSCTL_HANDLER_ARGS)
220 for (cpu = 0; cpu < ncpus; ++cpu) {
221 if ((error = SYSCTL_OUT(req, &ipstats_percpu[cpu],
222 sizeof(struct ip_stats))))
224 if ((error = SYSCTL_IN(req, &ipstats_percpu[cpu],
225 sizeof(struct ip_stats))))
231 SYSCTL_PROC(_net_inet_ip, IPCTL_STATS, stats, (CTLTYPE_OPAQUE | CTLFLAG_RW),
232 0, 0, sysctl_ipstats, "S,ip_stats", "IP statistics");
234 SYSCTL_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW,
235 &ipstat, ip_stats, "IP statistics");
238 /* Packet reassembly stuff */
239 #define IPREASS_NHASH_LOG2 6
240 #define IPREASS_NHASH (1 << IPREASS_NHASH_LOG2)
241 #define IPREASS_HMASK (IPREASS_NHASH - 1)
242 #define IPREASS_HASH(x,y) \
243 (((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK)
245 static struct ipq ipq[IPREASS_NHASH];
248 SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
249 &ip_mtu, 0, "Default MTU");
253 static int ipstealth = 0;
254 SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, &ipstealth, 0, "");
256 static const int ipstealth = 0;
261 ip_fw_chk_t *ip_fw_chk_ptr;
262 ip_fw_dn_io_t *ip_fw_dn_io_ptr;
266 struct pfil_head inet_pfil_hook;
269 * XXX this is ugly -- the following two global variables are
270 * used to store packet state while it travels through the stack.
271 * Note that the code even makes assumptions on the size and
272 * alignment of fields inside struct ip_srcrt so e.g. adding some
273 * fields will break the code. This needs to be fixed.
275 * We need to save the IP options in case a protocol wants to respond
276 * to an incoming packet over the same route if the packet got here
277 * using IP source routing. This allows connection establishment and
278 * maintenance when the remote end is on a network that is not known
281 static int ip_nhops = 0;
283 static struct ip_srcrt {
284 struct in_addr dst; /* final destination */
285 char nop; /* one NOP to align */
286 char srcopt[IPOPT_OFFSET + 1]; /* OPTVAL, OLEN and OFFSET */
287 struct in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)];
290 static MALLOC_DEFINE(M_IPQ, "ipq", "IP Fragment Management");
291 static struct malloc_pipe ipq_mpipe;
293 static void save_rte (u_char *, struct in_addr);
294 static int ip_dooptions (struct mbuf *m, int,
295 struct sockaddr_in *next_hop);
296 static void ip_freef (struct ipq *);
297 static void ip_input_handler (struct netmsg *);
298 static struct mbuf *ip_reass (struct mbuf *, struct ipq *,
299 struct ipq *, u_int32_t *);
302 * IP initialization: fill in IP protocol switch table.
303 * All protocols not implemented in kernel go to raw IP protocol handler.
315 * Make sure we can handle a reasonable number of fragments but
316 * cap it at 4000 (XXX).
318 mpipe_init(&ipq_mpipe, M_IPQ, sizeof(struct ipq),
319 IFQ_MAXLEN, 4000, 0, NULL);
320 for (i = 0; i < ncpus; ++i) {
321 TAILQ_INIT(&in_ifaddrheads[i]);
322 in_ifaddrhashtbls[i] =
323 hashinit(INADDR_NHASH, M_IFADDR, &in_ifaddrhmask);
325 pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW);
328 for (i = 0; i < IPPROTO_MAX; i++)
329 ip_protox[i] = pr - inetsw;
330 for (pr = inetdomain.dom_protosw;
331 pr < inetdomain.dom_protoswNPROTOSW; pr++)
332 if (pr->pr_domain->dom_family == PF_INET &&
333 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
334 ip_protox[pr->pr_protocol] = pr - inetsw;
336 inet_pfil_hook.ph_type = PFIL_TYPE_AF;
337 inet_pfil_hook.ph_af = AF_INET;
338 if ((i = pfil_head_register(&inet_pfil_hook)) != 0) {
339 kprintf("%s: WARNING: unable to register pfil hook, "
340 "error %d\n", __func__, i);
343 for (i = 0; i < IPREASS_NHASH; i++)
344 ipq[i].next = ipq[i].prev = &ipq[i];
346 maxnipq = nmbclusters / 32;
347 maxfragsperpacket = 16;
349 ip_id = time_second & 0xffff;
352 * Initialize IP statistics counters for each CPU.
356 for (cpu = 0; cpu < ncpus; ++cpu) {
357 bzero(&ipstats_percpu[cpu], sizeof(struct ip_stats));
360 bzero(&ipstat, sizeof(struct ip_stats));
363 netisr_register(NETISR_IP, ip_mport_in, ip_input_handler);
367 * XXX watch out this one. It is perhaps used as a cache for
368 * the most recently used route ? it is cleared in in_addroute()
369 * when a new route is successfully created.
371 struct route ipforward_rt[MAXCPU];
373 /* Do transport protocol processing. */
375 transport_processing_oncpu(struct mbuf *m, int hlen, struct ip *ip,
376 struct sockaddr_in *nexthop)
379 * Switch out to protocol's input routine.
381 if (nexthop && ip->ip_p == IPPROTO_TCP) {
382 /* TCP needs IPFORWARD info if available */
385 tag.mh_type = MT_TAG;
386 tag.mh_flags = PACKET_TAG_IPFORWARD;
387 tag.mh_data = (caddr_t)nexthop;
390 (*inetsw[ip_protox[ip->ip_p]].pr_input)
391 ((struct mbuf *)&tag, hlen, ip->ip_p);
393 (*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen, ip->ip_p);
397 struct netmsg_transport_packet {
398 struct netmsg nm_netmsg;
399 struct mbuf *nm_mbuf;
401 boolean_t nm_hasnexthop;
402 struct sockaddr_in nm_nexthop;
406 transport_processing_handler(netmsg_t netmsg)
408 struct netmsg_transport_packet *msg = (void *)netmsg;
409 struct sockaddr_in *nexthop;
412 ip = mtod(msg->nm_mbuf, struct ip *);
413 nexthop = msg->nm_hasnexthop ? &msg->nm_nexthop : NULL;
414 transport_processing_oncpu(msg->nm_mbuf, msg->nm_hlen, ip, nexthop);
415 lwkt_replymsg(&msg->nm_netmsg.nm_lmsg, 0);
419 ip_input_handler(struct netmsg *msg0)
421 struct mbuf *m = ((struct netmsg_packet *)msg0)->nm_packet;
424 /* msg0 was embedded in the mbuf, do not reply! */
428 * IP input routine. Checksum and byte swap header. If fragmented
429 * try to reassemble. Process options. Pass to next level.
432 ip_input(struct mbuf *m)
436 struct in_ifaddr *ia = NULL;
437 struct in_ifaddr_container *iac;
438 int i, hlen, checkif;
440 struct in_addr pkt_dst;
441 u_int32_t divert_info = 0; /* packet divert/tee info */
442 struct ip_fw_args args;
443 boolean_t using_srcrt = FALSE; /* forward (by PFIL_HOOKS) */
444 boolean_t needredispatch = FALSE;
445 struct in_addr odst; /* original dst address(NAT) */
448 struct tdb_ident *tdbi;
449 struct secpolicy *sp;
456 args.next_hop = NULL;
458 /* Grab info from MT_TAG mbufs prepended to the chain. */
459 while (m != NULL && m->m_type == MT_TAG) {
460 switch(m->_m_tag_id) {
461 case PACKET_TAG_IPFORWARD:
462 args.next_hop = (struct sockaddr_in *)m->m_hdr.mh_data;
465 kprintf("ip_input: unrecognised MT_TAG tag %d\n",
473 /* Extract info from dummynet tag */
474 mtag = m_tag_find(m, PACKET_TAG_DUMMYNET, NULL);
476 args.rule = ((struct dn_pkt *)m_tag_data(mtag))->dn_priv;
478 m_tag_delete(m, mtag);
482 if (args.rule != NULL) { /* dummynet already filtered us */
483 ip = mtod(m, struct ip *);
484 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
490 /* length checks already done in ip_demux() */
491 KASSERT(m->m_len >= sizeof(ip), ("IP header not in one mbuf"));
493 ip = mtod(m, struct ip *);
495 if (IP_VHL_V(ip->ip_vhl) != IPVERSION) {
496 ipstat.ips_badvers++;
500 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
501 /* length checks already done in ip_demux() */
502 KASSERT(hlen >= sizeof(struct ip), ("IP header len too small"));
503 KASSERT(m->m_len >= hlen, ("packet shorter than IP header length"));
505 /* 127/8 must not appear on wire - RFC1122 */
506 if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
507 (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
508 if (!(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK)) {
509 ipstat.ips_badaddr++;
514 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
515 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
517 if (hlen == sizeof(struct ip)) {
518 sum = in_cksum_hdr(ip);
520 sum = in_cksum(m, hlen);
529 if (altq_input != NULL && (*altq_input)(m, AF_INET) == 0) {
530 /* packet is dropped by traffic conditioner */
535 * Convert fields to host representation.
537 ip->ip_len = ntohs(ip->ip_len);
538 if (ip->ip_len < hlen) {
542 ip->ip_off = ntohs(ip->ip_off);
545 * Check that the amount of data in the buffers
546 * is as at least much as the IP header would have us expect.
547 * Trim mbufs if longer than we expect.
548 * Drop packet if shorter than we expect.
550 if (m->m_pkthdr.len < ip->ip_len) {
551 ipstat.ips_tooshort++;
554 if (m->m_pkthdr.len > ip->ip_len) {
555 if (m->m_len == m->m_pkthdr.len) {
556 m->m_len = ip->ip_len;
557 m->m_pkthdr.len = ip->ip_len;
559 m_adj(m, ip->ip_len - m->m_pkthdr.len);
561 #if defined(IPSEC) && !defined(IPSEC_FILTERGIF)
563 * Bypass packet filtering for packets from a tunnel (gif).
565 if (ipsec_gethist(m, NULL))
571 * Right now when no processing on packet has done
572 * and it is still fresh out of network we do our black
574 * - Firewall: deny/allow/divert
575 * - Xlate: translate packet's addr/port (NAT).
576 * - Pipe: pass pkt through dummynet.
577 * - Wrap: fake packet's addr/port <unimpl.>
578 * - Encapsulate: put it in another IP and send out. <unimp.>
584 * Run through list of hooks for input packets.
586 * NB: Beware of the destination address changing (e.g.
587 * by NAT rewriting). When this happens, tell
588 * ip_forward to do the right thing.
590 if (pfil_has_hooks(&inet_pfil_hook)) {
592 if (pfil_run_hooks(&inet_pfil_hook, &m,
593 m->m_pkthdr.rcvif, PFIL_IN)) {
596 if (m == NULL) /* consumed by filter */
598 ip = mtod(m, struct ip *);
599 using_srcrt = (odst.s_addr != ip->ip_dst.s_addr);
602 if (fw_enable && IPFW_LOADED) {
604 * If we've been forwarded from the output side, then
605 * skip the firewall a second time
607 if (args.next_hop != NULL)
611 i = ip_fw_chk_ptr(&args);
614 if ((i & IP_FW_PORT_DENY_FLAG) || m == NULL) { /* drop */
619 ip = mtod(m, struct ip *); /* just in case m changed */
620 if (i == 0 && args.next_hop == NULL) /* common case */
622 if (i & IP_FW_PORT_DYNT_FLAG) {
623 /* Send packet to the appropriate pipe */
624 ip_fw_dn_io_ptr(m, i&0xffff, DN_TO_IP_IN, &args);
628 if (i != 0 && !(i & IP_FW_PORT_DYNT_FLAG)) {
629 /* Divert or tee packet */
634 if (i == 0 && args.next_hop != NULL)
637 * if we get here, the packet must be dropped
645 * Process options and, if not destined for us,
646 * ship it on. ip_dooptions returns 1 when an
647 * error was detected (causing an icmp message
648 * to be sent and the original packet to be freed).
650 ip_nhops = 0; /* for source routed packets */
651 if (hlen > sizeof(struct ip) && ip_dooptions(m, 0, args.next_hop))
654 /* greedy RSVP, snatches any PATH packet of the RSVP protocol and no
655 * matter if it is destined to another node, or whether it is
656 * a multicast one, RSVP wants it! and prevents it from being forwarded
657 * anywhere else. Also checks if the rsvp daemon is running before
658 * grabbing the packet.
660 if (rsvp_on && ip->ip_p == IPPROTO_RSVP)
664 * Check our list of addresses, to see if the packet is for us.
665 * If we don't have any addresses, assume any unicast packet
666 * we receive might be for us (and let the upper layers deal
669 if (TAILQ_EMPTY(&in_ifaddrheads[mycpuid]) &&
670 !(m->m_flags & (M_MCAST | M_BCAST)))
674 * Cache the destination address of the packet; this may be
675 * changed by use of 'ipfw fwd'.
677 pkt_dst = args.next_hop ? args.next_hop->sin_addr : ip->ip_dst;
680 * Enable a consistency check between the destination address
681 * and the arrival interface for a unicast packet (the RFC 1122
682 * strong ES model) if IP forwarding is disabled and the packet
683 * is not locally generated and the packet is not subject to
686 * XXX - Checking also should be disabled if the destination
687 * address is ipnat'ed to a different interface.
689 * XXX - Checking is incompatible with IP aliases added
690 * to the loopback interface instead of the interface where
691 * the packets are received.
693 checkif = ip_checkinterface &&
695 m->m_pkthdr.rcvif != NULL &&
696 !(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) &&
697 (args.next_hop == NULL);
700 * Check for exact addresses in the hash bucket.
702 LIST_FOREACH(iac, INADDR_HASH(pkt_dst.s_addr), ia_hash) {
706 * If the address matches, verify that the packet
707 * arrived via the correct interface if checking is
710 if (IA_SIN(ia)->sin_addr.s_addr == pkt_dst.s_addr &&
711 (!checkif || ia->ia_ifp == m->m_pkthdr.rcvif))
717 * Check for broadcast addresses.
719 * Only accept broadcast packets that arrive via the matching
720 * interface. Reception of forwarded directed broadcasts would
721 * be handled via ip_forward() and ether_output() with the loopback
722 * into the stack for SIMPLEX interfaces handled by ether_output().
724 if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
725 struct ifaddr_container *ifac;
727 TAILQ_FOREACH(ifac, &m->m_pkthdr.rcvif->if_addrheads[mycpuid],
729 struct ifaddr *ifa = ifac->ifa;
731 if (ifa->ifa_addr == NULL) /* shutdown/startup race */
733 if (ifa->ifa_addr->sa_family != AF_INET)
736 if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
739 if (ia->ia_netbroadcast.s_addr == pkt_dst.s_addr)
742 if (IA_SIN(ia)->sin_addr.s_addr == INADDR_ANY)
747 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
748 struct in_multi *inm;
750 if (ip_mrouter != NULL) {
752 * If we are acting as a multicast router, all
753 * incoming multicast packets are passed to the
754 * kernel-level multicast forwarding function.
755 * The packet is returned (relatively) intact; if
756 * ip_mforward() returns a non-zero value, the packet
757 * must be discarded, else it may be accepted below.
759 if (ip_mforward != NULL &&
760 ip_mforward(ip, m->m_pkthdr.rcvif, m, NULL) != 0) {
761 ipstat.ips_cantforward++;
767 * The process-level routing daemon needs to receive
768 * all multicast IGMP packets, whether or not this
769 * host belongs to their destination groups.
771 if (ip->ip_p == IPPROTO_IGMP)
773 ipstat.ips_forward++;
776 * See if we belong to the destination multicast group on the
779 IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);
781 ipstat.ips_notmember++;
787 if (ip->ip_dst.s_addr == INADDR_BROADCAST)
789 if (ip->ip_dst.s_addr == INADDR_ANY)
793 * FAITH(Firewall Aided Internet Translator)
795 if (m->m_pkthdr.rcvif && m->m_pkthdr.rcvif->if_type == IFT_FAITH) {
797 if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_ICMP)
805 * Not for us; forward if possible and desirable.
808 ipstat.ips_cantforward++;
813 * Enforce inbound IPsec SPD.
815 if (ipsec4_in_reject(m, NULL)) {
816 ipsecstat.in_polvio++;
821 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
824 tdbi = (struct tdb_ident *)m_tag_data(mtag);
825 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
827 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
828 IP_FORWARDING, &error);
830 if (sp == NULL) { /* NB: can happen if error */
832 /*XXX error stat???*/
833 DPRINTF(("ip_input: no SP for forwarding\n")); /*XXX*/
838 * Check security policy against packet attributes.
840 error = ipsec_in_reject(sp, m);
844 ipstat.ips_cantforward++;
848 ip_forward(m, using_srcrt, args.next_hop);
855 * IPSTEALTH: Process non-routing options only
856 * if the packet is destined for us.
859 hlen > sizeof(struct ip) &&
860 ip_dooptions(m, 1, args.next_hop))
863 /* Count the packet in the ip address stats */
865 ia->ia_ifa.if_ipackets++;
866 ia->ia_ifa.if_ibytes += m->m_pkthdr.len;
870 * If offset or IP_MF are set, must reassemble.
871 * Otherwise, nothing need be done.
872 * (We could look in the reassembly queue to see
873 * if the packet was previously fragmented,
874 * but it's not worth the time; just let them time out.)
876 if (ip->ip_off & (IP_MF | IP_OFFMASK)) {
878 /* If maxnipq is 0, never accept fragments. */
880 ipstat.ips_fragments++;
881 ipstat.ips_fragdropped++;
885 sum = IPREASS_HASH(ip->ip_src.s_addr, ip->ip_id);
887 * Look for queue of fragments
890 for (fp = ipq[sum].next; fp != &ipq[sum]; fp = fp->next)
891 if (ip->ip_id == fp->ipq_id &&
892 ip->ip_src.s_addr == fp->ipq_src.s_addr &&
893 ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
894 ip->ip_p == fp->ipq_p)
900 * Enforce upper bound on number of fragmented packets
901 * for which we attempt reassembly;
902 * If maxnipq is -1, accept all fragments without limitation.
904 if ((nipq > maxnipq) && (maxnipq > 0)) {
906 * drop something from the tail of the current queue
907 * before proceeding further
909 if (ipq[sum].prev == &ipq[sum]) { /* gak */
910 for (i = 0; i < IPREASS_NHASH; i++) {
911 if (ipq[i].prev != &ipq[i]) {
912 ipstat.ips_fragtimeout +=
913 ipq[i].prev->ipq_nfrags;
914 ip_freef(ipq[i].prev);
919 ipstat.ips_fragtimeout +=
920 ipq[sum].prev->ipq_nfrags;
921 ip_freef(ipq[sum].prev);
926 * Adjust ip_len to not reflect header,
927 * convert offset of this to bytes.
930 if (ip->ip_off & IP_MF) {
932 * Make sure that fragments have a data length
933 * that's a non-zero multiple of 8 bytes.
935 if (ip->ip_len == 0 || (ip->ip_len & 0x7) != 0) {
936 ipstat.ips_toosmall++; /* XXX */
939 m->m_flags |= M_FRAG;
941 m->m_flags &= ~M_FRAG;
945 * Attempt reassembly; if it succeeds, proceed.
946 * ip_reass() will return a different mbuf, and update
947 * the divert info in divert_info.
949 ipstat.ips_fragments++;
950 m->m_pkthdr.header = ip;
951 m = ip_reass(m, fp, &ipq[sum], &divert_info);
954 ipstat.ips_reassembled++;
955 needredispatch = TRUE;
956 ip = mtod(m, struct ip *);
957 /* Get the header length of the reassembled packet */
958 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
960 /* Restore original checksum before diverting packet */
961 if (divert_info != 0) {
963 ip->ip_len = htons(ip->ip_len);
964 ip->ip_off = htons(ip->ip_off);
966 if (hlen == sizeof(struct ip))
967 ip->ip_sum = in_cksum_hdr(ip);
969 ip->ip_sum = in_cksum(m, hlen);
970 ip->ip_off = ntohs(ip->ip_off);
971 ip->ip_len = ntohs(ip->ip_len);
981 * Divert or tee packet to the divert protocol if required.
983 if (divert_info != 0) {
984 struct mbuf *clone = NULL;
986 /* Clone packet if we're doing a 'tee' */
987 if ((divert_info & IP_FW_PORT_TEE_FLAG) != 0)
988 clone = m_dup(m, MB_DONTWAIT);
990 /* Restore packet header fields to original values */
992 ip->ip_len = htons(ip->ip_len);
993 ip->ip_off = htons(ip->ip_off);
995 /* Deliver packet to divert input routine */
996 divert_packet(m, 1, divert_info & 0xffff);
997 ipstat.ips_delivered++;
999 /* If 'tee', continue with original packet */
1003 ip = mtod(m, struct ip *);
1006 * Jump backwards to complete processing of the
1007 * packet. But first clear divert_info to avoid
1008 * entering this block again.
1009 * We do not need to clear args.divert_rule
1010 * or args.next_hop as they will not be used.
1012 * XXX Better safe than sorry, remove the DIVERT tag.
1014 mtag = m_tag_find(m, PACKET_TAG_IPFW_DIVERT, NULL);
1016 m_tag_delete(m, mtag);
1025 * enforce IPsec policy checking if we are seeing last header.
1026 * note that we do not visit this with protocols with pcb layer
1027 * code - like udp/tcp/raw ip.
1029 if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) &&
1030 ipsec4_in_reject(m, NULL)) {
1031 ipsecstat.in_polvio++;
1037 * enforce IPsec policy checking if we are seeing last header.
1038 * note that we do not visit this with protocols with pcb layer
1039 * code - like udp/tcp/raw ip.
1041 if (inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) {
1043 * Check if the packet has already had IPsec processing
1044 * done. If so, then just pass it along. This tag gets
1045 * set during AH, ESP, etc. input handling, before the
1046 * packet is returned to the ip input queue for delivery.
1048 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
1051 tdbi = (struct tdb_ident *)m_tag_data(mtag);
1052 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
1054 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
1055 IP_FORWARDING, &error);
1059 * Check security policy against packet attributes.
1061 error = ipsec_in_reject(sp, m);
1064 /* XXX error stat??? */
1066 DPRINTF(("ip_input: no SP, packet discarded\n"));/*XXX*/
1073 #endif /* FAST_IPSEC */
1075 ipstat.ips_delivered++;
1076 if (needredispatch) {
1077 struct netmsg_transport_packet *msg;
1080 ip->ip_off = htons(ip->ip_off);
1081 ip->ip_len = htons(ip->ip_len);
1082 port = ip_mport_in(&m);
1086 msg = kmalloc(sizeof(struct netmsg_transport_packet), M_LWKTMSG,
1087 M_INTWAIT | M_NULLOK);
1091 netmsg_init(&msg->nm_netmsg, &netisr_afree_rport, 0,
1092 transport_processing_handler);
1093 msg->nm_hlen = hlen;
1094 msg->nm_hasnexthop = (args.next_hop != NULL);
1095 if (msg->nm_hasnexthop)
1096 msg->nm_nexthop = *args.next_hop; /* structure copy */
1099 ip = mtod(m, struct ip *);
1100 ip->ip_len = ntohs(ip->ip_len);
1101 ip->ip_off = ntohs(ip->ip_off);
1102 lwkt_sendmsg(port, &msg->nm_netmsg.nm_lmsg);
1104 transport_processing_oncpu(m, hlen, ip, args.next_hop);
1113 * Take incoming datagram fragment and try to reassemble it into
1114 * whole datagram. If a chain for reassembly of this datagram already
1115 * exists, then it is given as fp; otherwise have to make a chain.
1117 * When IPDIVERT enabled, keep additional state with each packet that
1118 * tells us if we need to divert or tee the packet we're building.
1119 * In particular, *divinfo includes the port and TEE flag.
1122 static struct mbuf *
1123 ip_reass(struct mbuf *m, struct ipq *fp, struct ipq *where,
1126 struct ip *ip = mtod(m, struct ip *);
1127 struct mbuf *p = NULL, *q, *nq;
1129 int hlen = IP_VHL_HL(ip->ip_vhl) << 2;
1136 * If the hardware has not done csum over this fragment
1137 * then csum_data is not valid at all.
1139 if ((m->m_pkthdr.csum_flags & (CSUM_FRAG_NOT_CHECKED | CSUM_DATA_VALID))
1140 == (CSUM_FRAG_NOT_CHECKED | CSUM_DATA_VALID)) {
1141 m->m_pkthdr.csum_data = 0;
1142 m->m_pkthdr.csum_flags &= ~(CSUM_DATA_VALID | CSUM_PSEUDO_HDR);
1146 * Presence of header sizes in mbufs
1147 * would confuse code below.
1153 * If first fragment to arrive, create a reassembly queue.
1156 if ((fp = mpipe_alloc_nowait(&ipq_mpipe)) == NULL)
1161 fp->ipq_ttl = IPFRAGTTL;
1162 fp->ipq_p = ip->ip_p;
1163 fp->ipq_id = ip->ip_id;
1164 fp->ipq_src = ip->ip_src;
1165 fp->ipq_dst = ip->ip_dst;
1167 m->m_nextpkt = NULL;
1169 fp->ipq_div_info = 0;
1176 #define GETIP(m) ((struct ip*)((m)->m_pkthdr.header))
1179 * Find a segment which begins after this one does.
1181 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt)
1182 if (GETIP(q)->ip_off > ip->ip_off)
1186 * If there is a preceding segment, it may provide some of
1187 * our data already. If so, drop the data from the incoming
1188 * segment. If it provides all of our data, drop us, otherwise
1189 * stick new segment in the proper place.
1191 * If some of the data is dropped from the the preceding
1192 * segment, then it's checksum is invalidated.
1195 i = GETIP(p)->ip_off + GETIP(p)->ip_len - ip->ip_off;
1197 if (i >= ip->ip_len)
1200 m->m_pkthdr.csum_flags = 0;
1204 m->m_nextpkt = p->m_nextpkt;
1207 m->m_nextpkt = fp->ipq_frags;
1212 * While we overlap succeeding segments trim them or,
1213 * if they are completely covered, dequeue them.
1215 for (; q != NULL && ip->ip_off + ip->ip_len > GETIP(q)->ip_off;
1217 i = (ip->ip_off + ip->ip_len) - GETIP(q)->ip_off;
1218 if (i < GETIP(q)->ip_len) {
1219 GETIP(q)->ip_len -= i;
1220 GETIP(q)->ip_off += i;
1222 q->m_pkthdr.csum_flags = 0;
1227 ipstat.ips_fragdropped++;
1229 q->m_nextpkt = NULL;
1237 * Transfer firewall instructions to the fragment structure.
1238 * Only trust info in the fragment at offset 0.
1240 if (ip->ip_off == 0) {
1241 fp->ipq_div_info = *divinfo;
1243 mtag = m_tag_find(m, PACKET_TAG_IPFW_DIVERT, NULL);
1245 m_tag_delete(m, mtag);
1251 * Check for complete reassembly and perform frag per packet
1254 * Frag limiting is performed here so that the nth frag has
1255 * a chance to complete the packet before we drop the packet.
1256 * As a result, n+1 frags are actually allowed per packet, but
1257 * only n will ever be stored. (n = maxfragsperpacket.)
1261 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt) {
1262 if (GETIP(q)->ip_off != next) {
1263 if (fp->ipq_nfrags > maxfragsperpacket) {
1264 ipstat.ips_fragdropped += fp->ipq_nfrags;
1269 next += GETIP(q)->ip_len;
1271 /* Make sure the last packet didn't have the IP_MF flag */
1272 if (p->m_flags & M_FRAG) {
1273 if (fp->ipq_nfrags > maxfragsperpacket) {
1274 ipstat.ips_fragdropped += fp->ipq_nfrags;
1281 * Reassembly is complete. Make sure the packet is a sane size.
1285 if (next + (IP_VHL_HL(ip->ip_vhl) << 2) > IP_MAXPACKET) {
1286 ipstat.ips_toolong++;
1287 ipstat.ips_fragdropped += fp->ipq_nfrags;
1293 * Concatenate fragments.
1300 q->m_nextpkt = NULL;
1301 for (q = nq; q != NULL; q = nq) {
1303 q->m_nextpkt = NULL;
1304 m->m_pkthdr.csum_flags &= q->m_pkthdr.csum_flags;
1305 m->m_pkthdr.csum_data += q->m_pkthdr.csum_data;
1310 * Clean up the 1's complement checksum. Carry over 16 bits must
1311 * be added back. This assumes no more then 65535 packet fragments
1312 * were reassembled. A second carry can also occur (but not a third).
1314 m->m_pkthdr.csum_data = (m->m_pkthdr.csum_data & 0xffff) +
1315 (m->m_pkthdr.csum_data >> 16);
1316 if (m->m_pkthdr.csum_data > 0xFFFF)
1317 m->m_pkthdr.csum_data -= 0xFFFF;
1322 * Extract firewall instructions from the fragment structure.
1324 *divinfo = fp->ipq_div_info;
1328 * Create header for new ip packet by
1329 * modifying header of first packet;
1330 * dequeue and discard fragment reassembly header.
1331 * Make header visible.
1334 ip->ip_src = fp->ipq_src;
1335 ip->ip_dst = fp->ipq_dst;
1338 mpipe_free(&ipq_mpipe, fp);
1339 m->m_len += (IP_VHL_HL(ip->ip_vhl) << 2);
1340 m->m_data -= (IP_VHL_HL(ip->ip_vhl) << 2);
1341 /* some debugging cruft by sklower, below, will go away soon */
1342 if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */
1345 for (n = m; n; n = n->m_next)
1347 m->m_pkthdr.len = plen;
1355 ipstat.ips_fragdropped++;
1365 * Free a fragment reassembly header and all
1366 * associated datagrams.
1369 ip_freef(struct ipq *fp)
1373 while (fp->ipq_frags) {
1375 fp->ipq_frags = q->m_nextpkt;
1376 q->m_nextpkt = NULL;
1380 mpipe_free(&ipq_mpipe, fp);
1385 * IP timer processing;
1386 * if a timer expires on a reassembly
1387 * queue, discard it.
1396 for (i = 0; i < IPREASS_NHASH; i++) {
1400 while (fp != &ipq[i]) {
1403 if (fp->prev->ipq_ttl == 0) {
1404 ipstat.ips_fragtimeout += fp->prev->ipq_nfrags;
1410 * If we are over the maximum number of fragments
1411 * (due to the limit being lowered), drain off
1412 * enough to get down to the new limit.
1414 if (maxnipq >= 0 && nipq > maxnipq) {
1415 for (i = 0; i < IPREASS_NHASH; i++) {
1416 while (nipq > maxnipq &&
1417 (ipq[i].next != &ipq[i])) {
1418 ipstat.ips_fragdropped +=
1419 ipq[i].next->ipq_nfrags;
1420 ip_freef(ipq[i].next);
1429 * Drain off all datagram fragments.
1436 for (i = 0; i < IPREASS_NHASH; i++) {
1437 while (ipq[i].next != &ipq[i]) {
1438 ipstat.ips_fragdropped += ipq[i].next->ipq_nfrags;
1439 ip_freef(ipq[i].next);
1446 * Do option processing on a datagram,
1447 * possibly discarding it if bad options are encountered,
1448 * or forwarding it if source-routed.
1449 * The pass argument is used when operating in the IPSTEALTH
1450 * mode to tell what options to process:
1451 * [LS]SRR (pass 0) or the others (pass 1).
1452 * The reason for as many as two passes is that when doing IPSTEALTH,
1453 * non-routing options should be processed only if the packet is for us.
1454 * Returns 1 if packet has been forwarded/freed,
1455 * 0 if the packet should be processed further.
1458 ip_dooptions(struct mbuf *m, int pass, struct sockaddr_in *next_hop)
1460 struct sockaddr_in ipaddr = { sizeof ipaddr, AF_INET };
1461 struct ip *ip = mtod(m, struct ip *);
1463 struct in_ifaddr *ia;
1464 int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB;
1465 boolean_t forward = FALSE;
1466 struct in_addr *sin, dst;
1470 cp = (u_char *)(ip + 1);
1471 cnt = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
1472 for (; cnt > 0; cnt -= optlen, cp += optlen) {
1473 opt = cp[IPOPT_OPTVAL];
1474 if (opt == IPOPT_EOL)
1476 if (opt == IPOPT_NOP)
1479 if (cnt < IPOPT_OLEN + sizeof(*cp)) {
1480 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1483 optlen = cp[IPOPT_OLEN];
1484 if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
1485 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1495 * Source routing with record.
1496 * Find interface with current destination address.
1497 * If none on this machine then drop if strictly routed,
1498 * or do nothing if loosely routed.
1499 * Record interface address and bring up next address
1500 * component. If strictly routed make sure next
1501 * address is on directly accessible net.
1505 if (ipstealth && pass > 0)
1507 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1508 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1511 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1512 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1515 ipaddr.sin_addr = ip->ip_dst;
1516 ia = (struct in_ifaddr *)
1517 ifa_ifwithaddr((struct sockaddr *)&ipaddr);
1519 if (opt == IPOPT_SSRR) {
1520 type = ICMP_UNREACH;
1521 code = ICMP_UNREACH_SRCFAIL;
1524 if (!ip_dosourceroute)
1525 goto nosourcerouting;
1527 * Loose routing, and not at next destination
1528 * yet; nothing to do except forward.
1532 off--; /* 0 origin */
1533 if (off > optlen - (int)sizeof(struct in_addr)) {
1535 * End of source route. Should be for us.
1537 if (!ip_acceptsourceroute)
1538 goto nosourcerouting;
1539 save_rte(cp, ip->ip_src);
1544 if (!ip_dosourceroute) {
1546 char buf[sizeof "aaa.bbb.ccc.ddd"];
1549 * Acting as a router, so generate ICMP
1552 strcpy(buf, inet_ntoa(ip->ip_dst));
1554 "attempted source route from %s to %s\n",
1555 inet_ntoa(ip->ip_src), buf);
1556 type = ICMP_UNREACH;
1557 code = ICMP_UNREACH_SRCFAIL;
1561 * Not acting as a router,
1565 ipstat.ips_cantforward++;
1572 * locate outgoing interface
1574 memcpy(&ipaddr.sin_addr, cp + off,
1575 sizeof ipaddr.sin_addr);
1577 if (opt == IPOPT_SSRR) {
1578 #define INA struct in_ifaddr *
1579 #define SA struct sockaddr *
1580 if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr))
1582 ia = (INA)ifa_ifwithnet((SA)&ipaddr);
1584 ia = ip_rtaddr(ipaddr.sin_addr,
1585 &ipforward_rt[mycpuid]);
1587 type = ICMP_UNREACH;
1588 code = ICMP_UNREACH_SRCFAIL;
1591 ip->ip_dst = ipaddr.sin_addr;
1592 memcpy(cp + off, &IA_SIN(ia)->sin_addr,
1593 sizeof(struct in_addr));
1594 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1596 * Let ip_intr's mcast routing check handle mcast pkts
1598 forward = !IN_MULTICAST(ntohl(ip->ip_dst.s_addr));
1602 if (ipstealth && pass == 0)
1604 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1605 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1608 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1609 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1613 * If no space remains, ignore.
1615 off--; /* 0 origin */
1616 if (off > optlen - (int)sizeof(struct in_addr))
1618 memcpy(&ipaddr.sin_addr, &ip->ip_dst,
1619 sizeof ipaddr.sin_addr);
1621 * locate outgoing interface; if we're the destination,
1622 * use the incoming interface (should be same).
1624 if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == NULL &&
1625 (ia = ip_rtaddr(ipaddr.sin_addr,
1626 &ipforward_rt[mycpuid]))
1628 type = ICMP_UNREACH;
1629 code = ICMP_UNREACH_HOST;
1632 memcpy(cp + off, &IA_SIN(ia)->sin_addr,
1633 sizeof(struct in_addr));
1634 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1638 if (ipstealth && pass == 0)
1640 code = cp - (u_char *)ip;
1641 if (optlen < 4 || optlen > 40) {
1642 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1645 if ((off = cp[IPOPT_OFFSET]) < 5) {
1646 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1649 if (off > optlen - (int)sizeof(int32_t)) {
1650 cp[IPOPT_OFFSET + 1] += (1 << 4);
1651 if ((cp[IPOPT_OFFSET + 1] & 0xf0) == 0) {
1652 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1657 off--; /* 0 origin */
1658 sin = (struct in_addr *)(cp + off);
1659 switch (cp[IPOPT_OFFSET + 1] & 0x0f) {
1661 case IPOPT_TS_TSONLY:
1664 case IPOPT_TS_TSANDADDR:
1665 if (off + sizeof(n_time) +
1666 sizeof(struct in_addr) > optlen) {
1667 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1670 ipaddr.sin_addr = dst;
1671 ia = (INA)ifaof_ifpforaddr((SA)&ipaddr,
1675 memcpy(sin, &IA_SIN(ia)->sin_addr,
1676 sizeof(struct in_addr));
1677 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1678 off += sizeof(struct in_addr);
1681 case IPOPT_TS_PRESPEC:
1682 if (off + sizeof(n_time) +
1683 sizeof(struct in_addr) > optlen) {
1684 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1687 memcpy(&ipaddr.sin_addr, sin,
1688 sizeof(struct in_addr));
1689 if (ifa_ifwithaddr((SA)&ipaddr) == NULL)
1691 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1692 off += sizeof(struct in_addr);
1696 code = &cp[IPOPT_OFFSET + 1] - (u_char *)ip;
1700 memcpy(cp + off, &ntime, sizeof(n_time));
1701 cp[IPOPT_OFFSET] += sizeof(n_time);
1704 if (forward && ipforwarding) {
1705 ip_forward(m, TRUE, next_hop);
1710 icmp_error(m, type, code, 0, 0);
1711 ipstat.ips_badoptions++;
1716 * Given address of next destination (final or next hop),
1717 * return internet address info of interface to be used to get there.
1720 ip_rtaddr(struct in_addr dst, struct route *ro)
1722 struct sockaddr_in *sin;
1724 sin = (struct sockaddr_in *)&ro->ro_dst;
1726 if (ro->ro_rt == NULL || dst.s_addr != sin->sin_addr.s_addr) {
1727 if (ro->ro_rt != NULL) {
1731 sin->sin_family = AF_INET;
1732 sin->sin_len = sizeof *sin;
1733 sin->sin_addr = dst;
1734 rtalloc_ign(ro, RTF_PRCLONING);
1737 if (ro->ro_rt == NULL)
1740 return (ifatoia(ro->ro_rt->rt_ifa));
1744 * Save incoming source route for use in replies,
1745 * to be picked up later by ip_srcroute if the receiver is interested.
1748 save_rte(u_char *option, struct in_addr dst)
1752 olen = option[IPOPT_OLEN];
1755 kprintf("save_rte: olen %d\n", olen);
1757 if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst)))
1759 bcopy(option, ip_srcrt.srcopt, olen);
1760 ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
1765 * Retrieve incoming source route for use in replies,
1766 * in the same form used by setsockopt.
1767 * The first hop is placed before the options, will be removed later.
1772 struct in_addr *p, *q;
1777 m = m_get(MB_DONTWAIT, MT_HEADER);
1781 #define OPTSIZ (sizeof(ip_srcrt.nop) + sizeof(ip_srcrt.srcopt))
1783 /* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */
1784 m->m_len = ip_nhops * sizeof(struct in_addr) + sizeof(struct in_addr) +
1788 kprintf("ip_srcroute: nhops %d mlen %d", ip_nhops, m->m_len);
1792 * First save first hop for return route
1794 p = &ip_srcrt.route[ip_nhops - 1];
1795 *(mtod(m, struct in_addr *)) = *p--;
1798 kprintf(" hops %x", ntohl(mtod(m, struct in_addr *)->s_addr));
1802 * Copy option fields and padding (nop) to mbuf.
1804 ip_srcrt.nop = IPOPT_NOP;
1805 ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF;
1806 memcpy(mtod(m, caddr_t) + sizeof(struct in_addr), &ip_srcrt.nop,
1808 q = (struct in_addr *)(mtod(m, caddr_t) +
1809 sizeof(struct in_addr) + OPTSIZ);
1812 * Record return path as an IP source route,
1813 * reversing the path (pointers are now aligned).
1815 while (p >= ip_srcrt.route) {
1818 kprintf(" %x", ntohl(q->s_addr));
1823 * Last hop goes to final destination.
1828 kprintf(" %x\n", ntohl(q->s_addr));
1834 * Strip out IP options.
1837 ip_stripoptions(struct mbuf *m)
1840 struct ip *ip = mtod(m, struct ip *);
1844 optlen = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
1845 opts = (caddr_t)(ip + 1);
1846 datalen = m->m_len - (sizeof(struct ip) + optlen);
1847 bcopy(opts + optlen, opts, datalen);
1849 if (m->m_flags & M_PKTHDR)
1850 m->m_pkthdr.len -= optlen;
1851 ip->ip_vhl = IP_MAKE_VHL(IPVERSION, sizeof(struct ip) >> 2);
1854 u_char inetctlerrmap[PRC_NCMDS] = {
1856 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH,
1857 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
1858 EMSGSIZE, EHOSTUNREACH, 0, 0,
1860 ENOPROTOOPT, ECONNREFUSED
1864 * Forward a packet. If some error occurs return the sender
1865 * an icmp packet. Note we can't always generate a meaningful
1866 * icmp message because icmp doesn't have a large enough repertoire
1867 * of codes and types.
1869 * If not forwarding, just drop the packet. This could be confusing
1870 * if ipforwarding was zero but some routing protocol was advancing
1871 * us as a gateway to somewhere. However, we must let the routing
1872 * protocol deal with that.
1874 * The using_srcrt parameter indicates whether the packet is being forwarded
1875 * via a source route.
1878 ip_forward(struct mbuf *m, boolean_t using_srcrt, struct sockaddr_in *next_hop)
1880 struct ip *ip = mtod(m, struct ip *);
1881 struct sockaddr_in *ipforward_rtaddr;
1883 int error, type = 0, code = 0, destmtu = 0;
1886 struct in_addr pkt_dst;
1888 struct route *cache_rt = &ipforward_rt[mycpuid];
1892 * Cache the destination address of the packet; this may be
1893 * changed by use of 'ipfw fwd'.
1895 pkt_dst = (next_hop != NULL) ? next_hop->sin_addr : ip->ip_dst;
1899 kprintf("forward: src %x dst %x ttl %x\n",
1900 ip->ip_src.s_addr, pkt_dst.s_addr, ip->ip_ttl);
1903 if (m->m_flags & (M_BCAST | M_MCAST) || !in_canforward(pkt_dst)) {
1904 ipstat.ips_cantforward++;
1908 if (!ipstealth && ip->ip_ttl <= IPTTLDEC) {
1909 icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, dest, 0);
1913 ipforward_rtaddr = (struct sockaddr_in *) &cache_rt->ro_dst;
1914 if (cache_rt->ro_rt == NULL ||
1915 ipforward_rtaddr->sin_addr.s_addr != pkt_dst.s_addr) {
1916 if (cache_rt->ro_rt != NULL) {
1917 RTFREE(cache_rt->ro_rt);
1918 cache_rt->ro_rt = NULL;
1920 ipforward_rtaddr->sin_family = AF_INET;
1921 ipforward_rtaddr->sin_len = sizeof(struct sockaddr_in);
1922 ipforward_rtaddr->sin_addr = pkt_dst;
1923 rtalloc_ign(cache_rt, RTF_PRCLONING);
1924 if (cache_rt->ro_rt == NULL) {
1925 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, dest, 0);
1929 rt = cache_rt->ro_rt;
1932 * Save the IP header and at most 8 bytes of the payload,
1933 * in case we need to generate an ICMP message to the src.
1935 * XXX this can be optimized a lot by saving the data in a local
1936 * buffer on the stack (72 bytes at most), and only allocating the
1937 * mbuf if really necessary. The vast majority of the packets
1938 * are forwarded without having to send an ICMP back (either
1939 * because unnecessary, or because rate limited), so we are
1940 * really we are wasting a lot of work here.
1942 * We don't use m_copy() because it might return a reference
1943 * to a shared cluster. Both this function and ip_output()
1944 * assume exclusive access to the IP header in `m', so any
1945 * data in a cluster may change before we reach icmp_error().
1947 MGETHDR(mcopy, MB_DONTWAIT, m->m_type);
1948 if (mcopy != NULL && !m_dup_pkthdr(mcopy, m, MB_DONTWAIT)) {
1950 * It's probably ok if the pkthdr dup fails (because
1951 * the deep copy of the tag chain failed), but for now
1952 * be conservative and just discard the copy since
1953 * code below may some day want the tags.
1958 if (mcopy != NULL) {
1959 mcopy->m_len = imin((IP_VHL_HL(ip->ip_vhl) << 2) + 8,
1961 mcopy->m_pkthdr.len = mcopy->m_len;
1962 m_copydata(m, 0, mcopy->m_len, mtod(mcopy, caddr_t));
1966 ip->ip_ttl -= IPTTLDEC;
1969 * If forwarding packet using same interface that it came in on,
1970 * perhaps should send a redirect to sender to shortcut a hop.
1971 * Only send redirect if source is sending directly to us,
1972 * and if packet was not source routed (or has any options).
1973 * Also, don't send redirect if forwarding using a default route
1974 * or a route modified by a redirect.
1976 if (rt->rt_ifp == m->m_pkthdr.rcvif &&
1977 !(rt->rt_flags & (RTF_DYNAMIC | RTF_MODIFIED)) &&
1978 satosin(rt_key(rt))->sin_addr.s_addr != INADDR_ANY &&
1979 ipsendredirects && !using_srcrt && next_hop == NULL) {
1980 u_long src = ntohl(ip->ip_src.s_addr);
1981 struct in_ifaddr *rt_ifa = (struct in_ifaddr *)rt->rt_ifa;
1983 if (rt_ifa != NULL &&
1984 (src & rt_ifa->ia_subnetmask) == rt_ifa->ia_subnet) {
1985 if (rt->rt_flags & RTF_GATEWAY)
1986 dest = satosin(rt->rt_gateway)->sin_addr.s_addr;
1988 dest = pkt_dst.s_addr;
1990 * Router requirements says to only send
1993 type = ICMP_REDIRECT;
1994 code = ICMP_REDIRECT_HOST;
1997 kprintf("redirect (%d) to %x\n", code, dest);
2002 if (next_hop != NULL) {
2003 /* Pass IPFORWARD info if available */
2004 tag.mh_type = MT_TAG;
2005 tag.mh_flags = PACKET_TAG_IPFORWARD;
2006 tag.mh_data = (caddr_t)next_hop;
2008 m = (struct mbuf *)&tag;
2011 error = ip_output(m, NULL, cache_rt, IP_FORWARDING, NULL,
2014 ipstat.ips_forward++;
2017 /* ipflow_create() will free mcopy */
2018 ipflow_create(cache_rt, mcopy);
2020 return; /* most common case */
2022 ipstat.ips_redirectsent++;
2025 ipstat.ips_cantforward++;
2032 * Send ICMP message.
2037 case 0: /* forwarded, but need redirect */
2038 /* type, code set above */
2041 case ENETUNREACH: /* shouldn't happen, checked above */
2046 type = ICMP_UNREACH;
2047 code = ICMP_UNREACH_HOST;
2051 type = ICMP_UNREACH;
2052 code = ICMP_UNREACH_NEEDFRAG;
2055 * If the packet is routed over IPsec tunnel, tell the
2056 * originator the tunnel MTU.
2057 * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
2060 if (cache_rt->ro_rt != NULL) {
2061 struct secpolicy *sp = NULL;
2066 sp = ipsec4_getpolicybyaddr(mcopy,
2072 destmtu = cache_rt->ro_rt->rt_ifp->if_mtu;
2074 /* count IPsec header size */
2075 ipsechdr = ipsec4_hdrsiz(mcopy,
2080 * find the correct route for outer IPv4
2081 * header, compute tunnel MTU.
2084 if (sp->req != NULL && sp->req->sav != NULL &&
2085 sp->req->sav->sah != NULL) {
2086 ro = &sp->req->sav->sah->sa_route;
2087 if (ro->ro_rt != NULL &&
2088 ro->ro_rt->rt_ifp != NULL) {
2090 ro->ro_rt->rt_ifp->if_mtu;
2091 destmtu -= ipsechdr;
2100 * If the packet is routed over IPsec tunnel, tell the
2101 * originator the tunnel MTU.
2102 * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
2105 if (cache_rt->ro_rt != NULL) {
2106 struct secpolicy *sp = NULL;
2111 sp = ipsec_getpolicybyaddr(mcopy,
2117 destmtu = cache_rt->ro_rt->rt_ifp->if_mtu;
2119 /* count IPsec header size */
2120 ipsechdr = ipsec4_hdrsiz(mcopy,
2125 * find the correct route for outer IPv4
2126 * header, compute tunnel MTU.
2129 if (sp->req != NULL &&
2130 sp->req->sav != NULL &&
2131 sp->req->sav->sah != NULL) {
2132 ro = &sp->req->sav->sah->sa_route;
2133 if (ro->ro_rt != NULL &&
2134 ro->ro_rt->rt_ifp != NULL) {
2136 ro->ro_rt->rt_ifp->if_mtu;
2137 destmtu -= ipsechdr;
2144 #else /* !IPSEC && !FAST_IPSEC */
2145 if (cache_rt->ro_rt != NULL)
2146 destmtu = cache_rt->ro_rt->rt_ifp->if_mtu;
2148 ipstat.ips_cantfrag++;
2153 * A router should not generate ICMP_SOURCEQUENCH as
2154 * required in RFC1812 Requirements for IP Version 4 Routers.
2155 * Source quench could be a big problem under DoS attacks,
2156 * or if the underlying interface is rate-limited.
2157 * Those who need source quench packets may re-enable them
2158 * via the net.inet.ip.sendsourcequench sysctl.
2160 if (!ip_sendsourcequench) {
2164 type = ICMP_SOURCEQUENCH;
2169 case EACCES: /* ipfw denied packet */
2173 icmp_error(mcopy, type, code, dest, destmtu);
2177 ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip,
2180 if (inp->inp_socket->so_options & SO_TIMESTAMP) {
2184 *mp = sbcreatecontrol((caddr_t) &tv, sizeof(tv),
2185 SCM_TIMESTAMP, SOL_SOCKET);
2187 mp = &(*mp)->m_next;
2189 if (inp->inp_flags & INP_RECVDSTADDR) {
2190 *mp = sbcreatecontrol((caddr_t) &ip->ip_dst,
2191 sizeof(struct in_addr), IP_RECVDSTADDR, IPPROTO_IP);
2193 mp = &(*mp)->m_next;
2195 if (inp->inp_flags & INP_RECVTTL) {
2196 *mp = sbcreatecontrol((caddr_t) &ip->ip_ttl,
2197 sizeof(u_char), IP_RECVTTL, IPPROTO_IP);
2199 mp = &(*mp)->m_next;
2203 * Moving these out of udp_input() made them even more broken
2204 * than they already were.
2206 /* options were tossed already */
2207 if (inp->inp_flags & INP_RECVOPTS) {
2208 *mp = sbcreatecontrol((caddr_t) opts_deleted_above,
2209 sizeof(struct in_addr), IP_RECVOPTS, IPPROTO_IP);
2211 mp = &(*mp)->m_next;
2213 /* ip_srcroute doesn't do what we want here, need to fix */
2214 if (inp->inp_flags & INP_RECVRETOPTS) {
2215 *mp = sbcreatecontrol((caddr_t) ip_srcroute(),
2216 sizeof(struct in_addr), IP_RECVRETOPTS, IPPROTO_IP);
2218 mp = &(*mp)->m_next;
2221 if (inp->inp_flags & INP_RECVIF) {
2224 struct sockaddr_dl sdl;
2227 struct sockaddr_dl *sdp;
2228 struct sockaddr_dl *sdl2 = &sdlbuf.sdl;
2230 if (((ifp = m->m_pkthdr.rcvif)) &&
2231 ((ifp->if_index != 0) && (ifp->if_index <= if_index))) {
2232 sdp = IF_LLSOCKADDR(ifp);
2234 * Change our mind and don't try copy.
2236 if ((sdp->sdl_family != AF_LINK) ||
2237 (sdp->sdl_len > sizeof(sdlbuf))) {
2240 bcopy(sdp, sdl2, sdp->sdl_len);
2244 offsetof(struct sockaddr_dl, sdl_data[0]);
2245 sdl2->sdl_family = AF_LINK;
2246 sdl2->sdl_index = 0;
2247 sdl2->sdl_nlen = sdl2->sdl_alen = sdl2->sdl_slen = 0;
2249 *mp = sbcreatecontrol((caddr_t) sdl2, sdl2->sdl_len,
2250 IP_RECVIF, IPPROTO_IP);
2252 mp = &(*mp)->m_next;
2257 * XXX these routines are called from the upper part of the kernel.
2259 * They could also be moved to ip_mroute.c, since all the RSVP
2260 * handling is done there already.
2263 ip_rsvp_init(struct socket *so)
2265 if (so->so_type != SOCK_RAW ||
2266 so->so_proto->pr_protocol != IPPROTO_RSVP)
2269 if (ip_rsvpd != NULL)
2274 * This may seem silly, but we need to be sure we don't over-increment
2275 * the RSVP counter, in case something slips up.
2290 * This may seem silly, but we need to be sure we don't over-decrement
2291 * the RSVP counter, in case something slips up.
2301 rsvp_input(struct mbuf *m, ...) /* XXX must fixup manually */
2307 off = __va_arg(ap, int);
2308 proto = __va_arg(ap, int);
2311 if (rsvp_input_p) { /* call the real one if loaded */
2312 rsvp_input_p(m, off, proto);
2316 /* Can still get packets with rsvp_on = 0 if there is a local member
2317 * of the group to which the RSVP packet is addressed. But in this
2318 * case we want to throw the packet away.
2326 if (ip_rsvpd != NULL) {
2327 rip_input(m, off, proto);
2330 /* Drop the packet */