![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ip_input.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / sys / netinet|
Return to ip_input.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / sys / netinet |
1.1 root 1: /*
2: * Copyright (c) 1982, 1986, 1988 Regents of the University of California.
3: * All rights reserved.
4: *
5: * Redistribution is only permitted until one year after the first shipment
6: * of 4.4BSD by the Regents. Otherwise, redistribution and use in source and
7: * binary forms are permitted provided that: (1) source distributions retain
8: * this entire copyright notice and comment, and (2) distributions including
9: * binaries display the following acknowledgement: This product includes
10: * software developed by the University of California, Berkeley and its
11: * contributors'' in the documentation or other materials provided with the
12: * distribution and in all advertising materials mentioning features or use
13: * of this software. Neither the name of the University nor the names of
14: * its contributors may be used to endorse or promote products derived from
15: * this software without specific prior written permission.
16: * THIS SOFTWARE IS PROVIDED AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
17: * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
18: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
19: *
20: * @(#)ip_input.c 7.17 (Berkeley) 7/25/90
21: */
22:
23: #include "param.h"
24: #include "systm.h"
25: #include "malloc.h"
26: #include "mbuf.h"
27: #include "domain.h"
28: #include "protosw.h"
29: #include "socket.h"
30: #include "errno.h"
31: #include "time.h"
32: #include "kernel.h"
33:
34: #include "../net/if.h"
35: #include "../net/route.h"
36:
37: #include "in.h"
38: #include "in_systm.h"
39: #include "ip.h"
40: #include "in_pcb.h"
41: #include "in_var.h"
42: #include "ip_var.h"
43: #include "ip_icmp.h"
44:
45: #ifndef IPFORWARDING
46: #ifdef GATEWAY
47: #define IPFORWARDING 1 /* forward IP packets not for us */
48: #else /* GATEWAY */
49: #define IPFORWARDING 0 /* don't forward IP packets not for us */
50: #endif /* GATEWAY */
51: #endif /* IPFORWARDING */
52: #ifndef IPSENDREDIRECTS
53: #define IPSENDREDIRECTS 1
54: #endif
55: int ipforwarding = IPFORWARDING;
56: int ipsendredirects = IPSENDREDIRECTS;
57: #ifdef DEBUG
58: int ipprintfs = 0;
59: #endif
60:
61: u_char ip_protox[IPPROTO_MAX];
62: int ipqmaxlen = IFQ_MAXLEN;
63: struct in_ifaddr *in_ifaddr; /* first inet address */
64:
65: /*
66: * We need to save the IP options in case a protocol wants to respond
67: * to an incoming packet over the same route if the packet got here
68: * using IP source routing. This allows connection establishment and
69: * maintenance when the remote end is on a network that is not known
70: * to us.
71: */
72: int ip_nhops = 0;
73: static struct ip_srcrt {
74: struct in_addr dst; /* final destination */
75: char nop; /* one NOP to align */
76: char srcopt[IPOPT_OFFSET + 1]; /* OPTVAL, OLEN and OFFSET */
77: struct in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)];
78: } ip_srcrt;
79:
80: #ifdef GATEWAY
81: extern int if_index;
82: u_long *ip_ifmatrix;
83: #endif
84:
85: /*
86: * IP initialization: fill in IP protocol switch table.
87: * All protocols not implemented in kernel go to raw IP protocol handler.
88: */
89: ip_init()
90: {
91: register struct protosw *pr;
92: register int i;
93:
94: pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW);
95: if (pr == 0)
96: panic("ip_init");
97: for (i = 0; i < IPPROTO_MAX; i++)
98: ip_protox[i] = pr - inetsw;
99: for (pr = inetdomain.dom_protosw;
100: pr < inetdomain.dom_protoswNPROTOSW; pr++)
101: if (pr->pr_domain->dom_family == PF_INET &&
102: pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
103: ip_protox[pr->pr_protocol] = pr - inetsw;
104: ipq.next = ipq.prev = &ipq;
105: ip_id = time.tv_sec & 0xffff;
106: ipintrq.ifq_maxlen = ipqmaxlen;
107: #ifdef GATEWAY
108: i = (if_index + 1) * (if_index + 1) * sizeof (u_long);
109: if ((ip_ifmatrix = (u_long *) malloc(i, M_RTABLE, M_WAITOK)) == 0)
110: panic("no memory for ip_ifmatrix");
111: #endif
112: }
113:
114: struct ip *ip_reass();
115: struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET };
116: struct route ipforward_rt;
117:
118: /*
119: * Ip input routine. Checksum and byte swap header. If fragmented
120: * try to reassemble. Process options. Pass to next level.
121: */
122: ipintr()
123: {
124: register struct ip *ip;
125: register struct mbuf *m;
126: register struct ipq *fp;
127: register struct in_ifaddr *ia;
128: int hlen, s;
129:
130: next:
131: /*
132: * Get next datagram off input queue and get IP header
133: * in first mbuf.
134: */
135: s = splimp();
136: IF_DEQUEUE(&ipintrq, m);
137: splx(s);
138: if (m == 0)
139: return;
140: #ifdef DIAGNOSTIC
141: if ((m->m_flags & M_PKTHDR) == 0)
142: panic("ipintr no HDR");
143: #endif
144: /*
145: * If no IP addresses have been set yet but the interfaces
146: * are receiving, can't do anything with incoming packets yet.
147: */
148: if (in_ifaddr == NULL)
149: goto bad;
150: ipstat.ips_total++;
151: if (m->m_len < sizeof (struct ip) &&
152: (m = m_pullup(m, sizeof (struct ip))) == 0) {
153: ipstat.ips_toosmall++;
154: goto next;
155: }
156: ip = mtod(m, struct ip *);
157: hlen = ip->ip_hl << 2;
158: if (hlen < sizeof(struct ip)) { /* minimum header length */
159: ipstat.ips_badhlen++;
160: goto bad;
161: }
162: if (hlen > m->m_len) {
163: if ((m = m_pullup(m, hlen)) == 0) {
164: ipstat.ips_badhlen++;
165: goto next;
166: }
167: ip = mtod(m, struct ip *);
168: }
169: if (ip->ip_sum = in_cksum(m, hlen)) {
170: ipstat.ips_badsum++;
171: goto bad;
172: }
173:
174: /*
175: * Convert fields to host representation.
176: */
177: NTOHS(ip->ip_len);
178: if (ip->ip_len < hlen) {
179: ipstat.ips_badlen++;
180: goto bad;
181: }
182: NTOHS(ip->ip_id);
183: NTOHS(ip->ip_off);
184:
185: /*
186: * Check that the amount of data in the buffers
187: * is as at least much as the IP header would have us expect.
188: * Trim mbufs if longer than we expect.
189: * Drop packet if shorter than we expect.
190: */
191: if (m->m_pkthdr.len < ip->ip_len) {
192: ipstat.ips_tooshort++;
193: goto bad;
194: }
195: if (m->m_pkthdr.len > ip->ip_len) {
196: if (m->m_len == m->m_pkthdr.len) {
197: m->m_len = ip->ip_len;
198: m->m_pkthdr.len = ip->ip_len;
199: } else
200: m_adj(m, ip->ip_len - m->m_pkthdr.len);
201: }
202:
203: /*
204: * Process options and, if not destined for us,
205: * ship it on. ip_dooptions returns 1 when an
206: * error was detected (causing an icmp message
207: * to be sent and the original packet to be freed).
208: */
209: ip_nhops = 0; /* for source routed packets */
210: if (hlen > sizeof (struct ip) && ip_dooptions(m))
211: goto next;
212:
213: /*
214: * Check our list of addresses, to see if the packet is for us.
215: */
216: for (ia = in_ifaddr; ia; ia = ia->ia_next) {
217: #define satosin(sa) ((struct sockaddr_in *)(sa))
218:
219: if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr)
220: goto ours;
221: if (
222: #ifdef DIRECTED_BROADCAST
223: ia->ia_ifp == m->m_pkthdr.rcvif &&
224: #endif
225: (ia->ia_ifp->if_flags & IFF_BROADCAST)) {
226: u_long t;
227:
228: if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
229: ip->ip_dst.s_addr)
230: goto ours;
231: if (ip->ip_dst.s_addr == ia->ia_netbroadcast.s_addr)
232: goto ours;
233: /*
234: * Look for all-0's host part (old broadcast addr),
235: * either for subnet or net.
236: */
237: t = ntohl(ip->ip_dst.s_addr);
238: if (t == ia->ia_subnet)
239: goto ours;
240: if (t == ia->ia_net)
241: goto ours;
242: }
243: }
244: if (ip->ip_dst.s_addr == (u_long)INADDR_BROADCAST)
245: goto ours;
246: if (ip->ip_dst.s_addr == INADDR_ANY)
247: goto ours;
248:
249: /*
250: * Not for us; forward if possible and desirable.
251: */
252: if (ipforwarding == 0) {
253: ipstat.ips_cantforward++;
254: m_freem(m);
255: } else
256: ip_forward(m, 0);
257: goto next;
258:
259: ours:
260: /*
261: * If offset or IP_MF are set, must reassemble.
262: * Otherwise, nothing need be done.
263: * (We could look in the reassembly queue to see
264: * if the packet was previously fragmented,
265: * but it's not worth the time; just let them time out.)
266: */
267: if (ip->ip_off &~ IP_DF) {
268: if (m->m_flags & M_EXT) { /* XXX */
269: if ((m = m_pullup(m, sizeof (struct ip))) == 0) {
270: ipstat.ips_toosmall++;
271: goto next;
272: }
273: ip = mtod(m, struct ip *);
274: }
275: /*
276: * Look for queue of fragments
277: * of this datagram.
278: */
279: for (fp = ipq.next; fp != &ipq; fp = fp->next)
280: if (ip->ip_id == fp->ipq_id &&
281: ip->ip_src.s_addr == fp->ipq_src.s_addr &&
282: ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
283: ip->ip_p == fp->ipq_p)
284: goto found;
285: fp = 0;
286: found:
287:
288: /*
289: * Adjust ip_len to not reflect header,
290: * set ip_mff if more fragments are expected,
291: * convert offset of this to bytes.
292: */
293: ip->ip_len -= hlen;
294: ((struct ipasfrag *)ip)->ipf_mff = 0;
295: if (ip->ip_off & IP_MF)
296: ((struct ipasfrag *)ip)->ipf_mff = 1;
297: ip->ip_off <<= 3;
298:
299: /*
300: * If datagram marked as having more fragments
301: * or if this is not the first fragment,
302: * attempt reassembly; if it succeeds, proceed.
303: */
304: if (((struct ipasfrag *)ip)->ipf_mff || ip->ip_off) {
305: ipstat.ips_fragments++;
306: ip = ip_reass((struct ipasfrag *)ip, fp);
307: if (ip == 0)
308: goto next;
309: else
310: ipstat.ips_reassembled++;
311: m = dtom(ip);
312: } else
313: if (fp)
314: ip_freef(fp);
315: } else
316: ip->ip_len -= hlen;
317:
318: /*
319: * Switch out to protocol's input routine.
320: */
321: ipstat.ips_delivered++;
322: (*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen);
323: goto next;
324: bad:
325: m_freem(m);
326: goto next;
327: }
328:
329: /*
330: * Take incoming datagram fragment and try to
331: * reassemble it into whole datagram. If a chain for
332: * reassembly of this datagram already exists, then it
333: * is given as fp; otherwise have to make a chain.
334: */
335: struct ip *
336: ip_reass(ip, fp)
337: register struct ipasfrag *ip;
338: register struct ipq *fp;
339: {
340: register struct mbuf *m = dtom(ip);
341: register struct ipasfrag *q;
342: struct mbuf *t;
343: int hlen = ip->ip_hl << 2;
344: int i, next;
345:
346: /*
347: * Presence of header sizes in mbufs
348: * would confuse code below.
349: */
350: m->m_data += hlen;
351: m->m_len -= hlen;
352:
353: /*
354: * If first fragment to arrive, create a reassembly queue.
355: */
356: if (fp == 0) {
357: if ((t = m_get(M_DONTWAIT, MT_FTABLE)) == NULL)
358: goto dropfrag;
359: fp = mtod(t, struct ipq *);
360: insque(fp, &ipq);
361: fp->ipq_ttl = IPFRAGTTL;
362: fp->ipq_p = ip->ip_p;
363: fp->ipq_id = ip->ip_id;
364: fp->ipq_next = fp->ipq_prev = (struct ipasfrag *)fp;
365: fp->ipq_src = ((struct ip *)ip)->ip_src;
366: fp->ipq_dst = ((struct ip *)ip)->ip_dst;
367: q = (struct ipasfrag *)fp;
368: goto insert;
369: }
370:
371: /*
372: * Find a segment which begins after this one does.
373: */
374: for (q = fp->ipq_next; q != (struct ipasfrag *)fp; q = q->ipf_next)
375: if (q->ip_off > ip->ip_off)
376: break;
377:
378: /*
379: * If there is a preceding segment, it may provide some of
380: * our data already. If so, drop the data from the incoming
381: * segment. If it provides all of our data, drop us.
382: */
383: if (q->ipf_prev != (struct ipasfrag *)fp) {
384: i = q->ipf_prev->ip_off + q->ipf_prev->ip_len - ip->ip_off;
385: if (i > 0) {
386: if (i >= ip->ip_len)
387: goto dropfrag;
388: m_adj(dtom(ip), i);
389: ip->ip_off += i;
390: ip->ip_len -= i;
391: }
392: }
393:
394: /*
395: * While we overlap succeeding segments trim them or,
396: * if they are completely covered, dequeue them.
397: */
398: while (q != (struct ipasfrag *)fp && ip->ip_off + ip->ip_len > q->ip_off) {
399: i = (ip->ip_off + ip->ip_len) - q->ip_off;
400: if (i < q->ip_len) {
401: q->ip_len -= i;
402: q->ip_off += i;
403: m_adj(dtom(q), i);
404: break;
405: }
406: q = q->ipf_next;
407: m_freem(dtom(q->ipf_prev));
408: ip_deq(q->ipf_prev);
409: }
410:
411: insert:
412: /*
413: * Stick new segment in its place;
414: * check for complete reassembly.
415: */
416: ip_enq(ip, q->ipf_prev);
417: next = 0;
418: for (q = fp->ipq_next; q != (struct ipasfrag *)fp; q = q->ipf_next) {
419: if (q->ip_off != next)
420: return (0);
421: next += q->ip_len;
422: }
423: if (q->ipf_prev->ipf_mff)
424: return (0);
425:
426: /*
427: * Reassembly is complete; concatenate fragments.
428: */
429: q = fp->ipq_next;
430: m = dtom(q);
431: t = m->m_next;
432: m->m_next = 0;
433: m_cat(m, t);
434: q = q->ipf_next;
435: while (q != (struct ipasfrag *)fp) {
436: t = dtom(q);
437: q = q->ipf_next;
438: m_cat(m, t);
439: }
440:
441: /*
442: * Create header for new ip packet by
443: * modifying header of first packet;
444: * dequeue and discard fragment reassembly header.
445: * Make header visible.
446: */
447: ip = fp->ipq_next;
448: ip->ip_len = next;
449: ((struct ip *)ip)->ip_src = fp->ipq_src;
450: ((struct ip *)ip)->ip_dst = fp->ipq_dst;
451: remque(fp);
452: (void) m_free(dtom(fp));
453: m = dtom(ip);
454: m->m_len += (ip->ip_hl << 2);
455: m->m_data -= (ip->ip_hl << 2);
456: return ((struct ip *)ip);
457:
458: dropfrag:
459: ipstat.ips_fragdropped++;
460: m_freem(m);
461: return (0);
462: }
463:
464: /*
465: * Free a fragment reassembly header and all
466: * associated datagrams.
467: */
468: ip_freef(fp)
469: struct ipq *fp;
470: {
471: register struct ipasfrag *q, *p;
472:
473: for (q = fp->ipq_next; q != (struct ipasfrag *)fp; q = p) {
474: p = q->ipf_next;
475: ip_deq(q);
476: m_freem(dtom(q));
477: }
478: remque(fp);
479: (void) m_free(dtom(fp));
480: }
481:
482: /*
483: * Put an ip fragment on a reassembly chain.
484: * Like insque, but pointers in middle of structure.
485: */
486: ip_enq(p, prev)
487: register struct ipasfrag *p, *prev;
488: {
489:
490: p->ipf_prev = prev;
491: p->ipf_next = prev->ipf_next;
492: prev->ipf_next->ipf_prev = p;
493: prev->ipf_next = p;
494: }
495:
496: /*
497: * To ip_enq as remque is to insque.
498: */
499: ip_deq(p)
500: register struct ipasfrag *p;
501: {
502:
503: p->ipf_prev->ipf_next = p->ipf_next;
504: p->ipf_next->ipf_prev = p->ipf_prev;
505: }
506:
507: /*
508: * IP timer processing;
509: * if a timer expires on a reassembly
510: * queue, discard it.
511: */
512: ip_slowtimo()
513: {
514: register struct ipq *fp;
515: int s = splnet();
516:
517: fp = ipq.next;
518: if (fp == 0) {
519: splx(s);
520: return;
521: }
522: while (fp != &ipq) {
523: --fp->ipq_ttl;
524: fp = fp->next;
525: if (fp->prev->ipq_ttl == 0) {
526: ipstat.ips_fragtimeout++;
527: ip_freef(fp->prev);
528: }
529: }
530: splx(s);
531: }
532:
533: /*
534: * Drain off all datagram fragments.
535: */
536: ip_drain()
537: {
538:
539: while (ipq.next != &ipq) {
540: ipstat.ips_fragdropped++;
541: ip_freef(ipq.next);
542: }
543: }
544:
545: extern struct in_ifaddr *ifptoia();
546: struct in_ifaddr *ip_rtaddr();
547:
548: /*
549: * Do option processing on a datagram,
550: * possibly discarding it if bad options are encountered,
551: * or forwarding it if source-routed.
552: * Returns 1 if packet has been forwarded/freed,
553: * 0 if the packet should be processed further.
554: */
555: ip_dooptions(m)
556: struct mbuf *m;
557: {
558: register struct ip *ip = mtod(m, struct ip *);
559: register u_char *cp;
560: register struct ip_timestamp *ipt;
561: register struct in_ifaddr *ia;
562: int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0;
563: struct in_addr *sin;
564: n_time ntime;
565:
566: cp = (u_char *)(ip + 1);
567: cnt = (ip->ip_hl << 2) - sizeof (struct ip);
568: for (; cnt > 0; cnt -= optlen, cp += optlen) {
569: opt = cp[IPOPT_OPTVAL];
570: if (opt == IPOPT_EOL)
571: break;
572: if (opt == IPOPT_NOP)
573: optlen = 1;
574: else {
575: optlen = cp[IPOPT_OLEN];
576: if (optlen <= 0 || optlen > cnt) {
577: code = &cp[IPOPT_OLEN] - (u_char *)ip;
578: goto bad;
579: }
580: }
581: switch (opt) {
582:
583: default:
584: break;
585:
586: /*
587: * Source routing with record.
588: * Find interface with current destination address.
589: * If none on this machine then drop if strictly routed,
590: * or do nothing if loosely routed.
591: * Record interface address and bring up next address
592: * component. If strictly routed make sure next
593: * address is on directly accessible net.
594: */
595: case IPOPT_LSRR:
596: case IPOPT_SSRR:
597: if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
598: code = &cp[IPOPT_OFFSET] - (u_char *)ip;
599: goto bad;
600: }
601: ipaddr.sin_addr = ip->ip_dst;
602: ia = (struct in_ifaddr *)
603: ifa_ifwithaddr((struct sockaddr *)&ipaddr);
604: if (ia == 0) {
605: if (opt == IPOPT_SSRR) {
606: type = ICMP_UNREACH;
607: code = ICMP_UNREACH_SRCFAIL;
608: goto bad;
609: }
610: /*
611: * Loose routing, and not at next destination
612: * yet; nothing to do except forward.
613: */
614: break;
615: }
616: off--; /* 0 origin */
617: if (off > optlen - sizeof(struct in_addr)) {
618: /*
619: * End of source route. Should be for us.
620: */
621: save_rte(cp, ip->ip_src);
622: break;
623: }
624: /*
625: * locate outgoing interface
626: */
627: bcopy((caddr_t)(cp + off), (caddr_t)&ipaddr.sin_addr,
628: sizeof(ipaddr.sin_addr));
629: if (opt == IPOPT_SSRR) {
630: #define INA struct in_ifaddr *
631: #define SA struct sockaddr *
632: if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr)) == 0)
633: ia = in_iaonnetof(in_netof(ipaddr.sin_addr));
634: } else
635: ia = ip_rtaddr(ipaddr.sin_addr);
636: if (ia == 0) {
637: type = ICMP_UNREACH;
638: code = ICMP_UNREACH_SRCFAIL;
639: goto bad;
640: }
641: ip->ip_dst = ipaddr.sin_addr;
642: bcopy((caddr_t)&(IA_SIN(ia)->sin_addr),
643: (caddr_t)(cp + off), sizeof(struct in_addr));
644: cp[IPOPT_OFFSET] += sizeof(struct in_addr);
645: forward = 1;
646: break;
647:
648: case IPOPT_RR:
649: if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
650: code = &cp[IPOPT_OFFSET] - (u_char *)ip;
651: goto bad;
652: }
653: /*
654: * If no space remains, ignore.
655: */
656: off--; /* 0 origin */
657: if (off > optlen - sizeof(struct in_addr))
658: break;
659: bcopy((caddr_t)(&ip->ip_dst), (caddr_t)&ipaddr.sin_addr,
660: sizeof(ipaddr.sin_addr));
661: /*
662: * locate outgoing interface; if we're the destination,
663: * use the incoming interface (should be same).
664: */
665: if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == 0 &&
666: (ia = ip_rtaddr(ipaddr.sin_addr)) == 0) {
667: type = ICMP_UNREACH;
668: code = ICMP_UNREACH_HOST;
669: goto bad;
670: }
671: bcopy((caddr_t)&(IA_SIN(ia)->sin_addr),
672: (caddr_t)(cp + off), sizeof(struct in_addr));
673: cp[IPOPT_OFFSET] += sizeof(struct in_addr);
674: break;
675:
676: case IPOPT_TS:
677: code = cp - (u_char *)ip;
678: ipt = (struct ip_timestamp *)cp;
679: if (ipt->ipt_len < 5)
680: goto bad;
681: if (ipt->ipt_ptr > ipt->ipt_len - sizeof (long)) {
682: if (++ipt->ipt_oflw == 0)
683: goto bad;
684: break;
685: }
686: sin = (struct in_addr *)(cp + ipt->ipt_ptr - 1);
687: switch (ipt->ipt_flg) {
688:
689: case IPOPT_TS_TSONLY:
690: break;
691:
692: case IPOPT_TS_TSANDADDR:
693: if (ipt->ipt_ptr + sizeof(n_time) +
694: sizeof(struct in_addr) > ipt->ipt_len)
695: goto bad;
696: ia = ifptoia(m->m_pkthdr.rcvif);
697: bcopy((caddr_t)&IA_SIN(ia)->sin_addr,
698: (caddr_t)sin, sizeof(struct in_addr));
699: ipt->ipt_ptr += sizeof(struct in_addr);
700: break;
701:
702: case IPOPT_TS_PRESPEC:
703: if (ipt->ipt_ptr + sizeof(n_time) +
704: sizeof(struct in_addr) > ipt->ipt_len)
705: goto bad;
706: bcopy((caddr_t)sin, (caddr_t)&ipaddr.sin_addr,
707: sizeof(struct in_addr));
708: if (ifa_ifwithaddr((SA)&ipaddr) == 0)
709: continue;
710: ipt->ipt_ptr += sizeof(struct in_addr);
711: break;
712:
713: default:
714: goto bad;
715: }
716: ntime = iptime();
717: bcopy((caddr_t)&ntime, (caddr_t)cp + ipt->ipt_ptr - 1,
718: sizeof(n_time));
719: ipt->ipt_ptr += sizeof(n_time);
720: }
721: }
722: if (forward) {
723: ip_forward(m, 1);
724: return (1);
725: } else
726: return (0);
727: bad:
728: icmp_error(m, type, code);
729: return (1);
730: }
731:
732: /*
733: * Given address of next destination (final or next hop),
734: * return internet address info of interface to be used to get there.
735: */
736: struct in_ifaddr *
737: ip_rtaddr(dst)
738: struct in_addr dst;
739: {
740: register struct sockaddr_in *sin;
741:
742: sin = (struct sockaddr_in *) &ipforward_rt.ro_dst;
743:
744: if (ipforward_rt.ro_rt == 0 || dst.s_addr != sin->sin_addr.s_addr) {
745: if (ipforward_rt.ro_rt) {
746: RTFREE(ipforward_rt.ro_rt);
747: ipforward_rt.ro_rt = 0;
748: }
749: sin->sin_family = AF_INET;
750: sin->sin_len = sizeof(*sin);
751: sin->sin_addr = dst;
752:
753: rtalloc(&ipforward_rt);
754: }
755: if (ipforward_rt.ro_rt == 0)
756: return ((struct in_ifaddr *)0);
757: return ((struct in_ifaddr *) ipforward_rt.ro_rt->rt_ifa);
758: }
759:
760: /*
761: * Save incoming source route for use in replies,
762: * to be picked up later by ip_srcroute if the receiver is interested.
763: */
764: save_rte(option, dst)
765: u_char *option;
766: struct in_addr dst;
767: {
768: unsigned olen;
769:
770: olen = option[IPOPT_OLEN];
771: #ifdef DEBUG
772: if (ipprintfs)
773: printf("save_rte: olen %d\n", olen);
774: #endif
775: if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst)))
776: return;
777: bcopy((caddr_t)option, (caddr_t)ip_srcrt.srcopt, olen);
778: ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
779: ip_srcrt.dst = dst;
780: }
781:
782: /*
783: * Retrieve incoming source route for use in replies,
784: * in the same form used by setsockopt.
785: * The first hop is placed before the options, will be removed later.
786: */
787: struct mbuf *
788: ip_srcroute()
789: {
790: register struct in_addr *p, *q;
791: register struct mbuf *m;
792:
793: if (ip_nhops == 0)
794: return ((struct mbuf *)0);
795: m = m_get(M_DONTWAIT, MT_SOOPTS);
796: if (m == 0)
797: return ((struct mbuf *)0);
798:
799: #define OPTSIZ (sizeof(ip_srcrt.nop) + sizeof(ip_srcrt.srcopt))
800:
801: /* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */
802: m->m_len = ip_nhops * sizeof(struct in_addr) + sizeof(struct in_addr) +
803: OPTSIZ;
804: #ifdef DEBUG
805: if (ipprintfs)
806: printf("ip_srcroute: nhops %d mlen %d", ip_nhops, m->m_len);
807: #endif
808:
809: /*
810: * First save first hop for return route
811: */
812: p = &ip_srcrt.route[ip_nhops - 1];
813: *(mtod(m, struct in_addr *)) = *p--;
814: #ifdef DEBUG
815: if (ipprintfs)
816: printf(" hops %X", ntohl(*mtod(m, struct in_addr *)));
817: #endif
818:
819: /*
820: * Copy option fields and padding (nop) to mbuf.
821: */
822: ip_srcrt.nop = IPOPT_NOP;
823: ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF;
824: bcopy((caddr_t)&ip_srcrt.nop,
825: mtod(m, caddr_t) + sizeof(struct in_addr), OPTSIZ);
826: q = (struct in_addr *)(mtod(m, caddr_t) +
827: sizeof(struct in_addr) + OPTSIZ);
828: #undef OPTSIZ
829: /*
830: * Record return path as an IP source route,
831: * reversing the path (pointers are now aligned).
832: */
833: while (p >= ip_srcrt.route) {
834: #ifdef DEBUG
835: if (ipprintfs)
836: printf(" %X", ntohl(*q));
837: #endif
838: *q++ = *p--;
839: }
840: /*
841: * Last hop goes to final destination.
842: */
843: *q = ip_srcrt.dst;
844: #ifdef DEBUG
845: if (ipprintfs)
846: printf(" %X\n", ntohl(*q));
847: #endif
848: return (m);
849: }
850:
851: /*
852: * Strip out IP options, at higher
853: * level protocol in the kernel.
854: * Second argument is buffer to which options
855: * will be moved, and return value is their length.
856: * XXX should be deleted; last arg currently ignored.
857: */
858: ip_stripoptions(m, mopt)
859: register struct mbuf *m;
860: struct mbuf *mopt;
861: {
862: register int i;
863: struct ip *ip = mtod(m, struct ip *);
864: register caddr_t opts;
865: int olen;
866:
867: olen = (ip->ip_hl<<2) - sizeof (struct ip);
868: opts = (caddr_t)(ip + 1);
869: i = m->m_len - (sizeof (struct ip) + olen);
870: bcopy(opts + olen, opts, (unsigned)i);
871: m->m_len -= olen;
872: if (m->m_flags & M_PKTHDR)
873: m->m_pkthdr.len -= olen;
874: ip->ip_hl = sizeof(struct ip) >> 2;
875: }
876:
877: u_char inetctlerrmap[PRC_NCMDS] = {
878: 0, 0, 0, 0,
879: 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH,
880: EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
881: EMSGSIZE, EHOSTUNREACH, 0, 0,
882: 0, 0, 0, 0,
883: ENOPROTOOPT
884: };
885:
886: /*
887: * Forward a packet. If some error occurs return the sender
888: * an icmp packet. Note we can't always generate a meaningful
889: * icmp message because icmp doesn't have a large enough repertoire
890: * of codes and types.
891: *
892: * If not forwarding, just drop the packet. This could be confusing
893: * if ipforwarding was zero but some routing protocol was advancing
894: * us as a gateway to somewhere. However, we must let the routing
895: * protocol deal with that.
896: *
897: * The srcrt parameter indicates whether the packet is being forwarded
898: * via a source route.
899: */
900: ip_forward(m, srcrt)
901: struct mbuf *m;
902: int srcrt;
903: {
904: register struct ip *ip = mtod(m, struct ip *);
905: register struct sockaddr_in *sin;
906: register struct rtentry *rt;
907: int error, type = 0, code;
908: struct mbuf *mcopy;
909: struct in_addr dest;
910:
911: dest.s_addr = 0;
912: #ifdef DEBUG
913: if (ipprintfs)
914: printf("forward: src %x dst %x ttl %x\n", ip->ip_src,
915: ip->ip_dst, ip->ip_ttl);
916: #endif
917: if (m->m_flags & M_BCAST || in_canforward(ip->ip_dst) == 0) {
918: ipstat.ips_cantforward++;
919: m_freem(m);
920: return;
921: }
922: HTONS(ip->ip_id);
923: if (ip->ip_ttl <= IPTTLDEC) {
924: icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, dest);
925: return;
926: }
927: ip->ip_ttl -= IPTTLDEC;
928:
929: sin = (struct sockaddr_in *)&ipforward_rt.ro_dst;
930: if ((rt = ipforward_rt.ro_rt) == 0 ||
931: ip->ip_dst.s_addr != sin->sin_addr.s_addr) {
932: if (ipforward_rt.ro_rt) {
933: RTFREE(ipforward_rt.ro_rt);
934: ipforward_rt.ro_rt = 0;
935: }
936: sin->sin_family = AF_INET;
937: sin->sin_len = sizeof(*sin);
938: sin->sin_addr = ip->ip_dst;
939:
940: rtalloc(&ipforward_rt);
941: if (ipforward_rt.ro_rt == 0) {
942: icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, dest);
943: return;
944: }
945: rt = ipforward_rt.ro_rt;
946: }
947:
948: /*
949: * Save at most 64 bytes of the packet in case
950: * we need to generate an ICMP message to the src.
951: */
952: mcopy = m_copy(m, 0, imin((int)ip->ip_len, 64));
953:
954: #ifdef GATEWAY
955: ip_ifmatrix[rt->rt_ifp->if_index +
956: if_index * m->m_pkthdr.rcvif->if_index]++;
957: #endif
958: /*
959: * If forwarding packet using same interface that it came in on,
960: * perhaps should send a redirect to sender to shortcut a hop.
961: * Only send redirect if source is sending directly to us,
962: * and if packet was not source routed (or has any options).
963: * Also, don't send redirect if forwarding using a default route
964: * or a route modified by a redirect.
965: */
966: #define satosin(sa) ((struct sockaddr_in *)(sa))
967: if (rt->rt_ifp == m->m_pkthdr.rcvif &&
968: (rt->rt_flags & (RTF_DYNAMIC|RTF_MODIFIED)) == 0 &&
969: satosin(rt_key(rt))->sin_addr.s_addr != 0 &&
970: ipsendredirects && !srcrt) {
971: struct in_ifaddr *ia;
972: u_long src = ntohl(ip->ip_src.s_addr);
973: u_long dst = ntohl(ip->ip_dst.s_addr);
974:
975: if ((ia = ifptoia(m->m_pkthdr.rcvif)) &&
976: (src & ia->ia_subnetmask) == ia->ia_subnet) {
977: if (rt->rt_flags & RTF_GATEWAY)
978: dest = satosin(rt->rt_gateway)->sin_addr;
979: else
980: dest = ip->ip_dst;
981: /*
982: * If the destination is reached by a route to host,
983: * is on a subnet of a local net, or is directly
984: * on the attached net (!), use host redirect.
985: * (We may be the correct first hop for other subnets.)
986: */
987: #define RTA(rt) ((struct in_ifaddr *)(rt->rt_ifa))
988: type = ICMP_REDIRECT;
989: if ((rt->rt_flags & RTF_HOST) ||
990: (rt->rt_flags & RTF_GATEWAY) == 0)
991: code = ICMP_REDIRECT_HOST;
992: else if (RTA(rt)->ia_subnetmask != RTA(rt)->ia_netmask &&
993: (dst & RTA(rt)->ia_netmask) == RTA(rt)->ia_net)
994: code = ICMP_REDIRECT_HOST;
995: else
996: code = ICMP_REDIRECT_NET;
997: #ifdef DEBUG
998: if (ipprintfs)
999: printf("redirect (%d) to %x\n", code, dest.s_addr);
1000: #endif
1001: }
1002: }
1003:
1004: error = ip_output(m, (struct mbuf *)0, &ipforward_rt, IP_FORWARDING);
1005: if (error)
1006: ipstat.ips_cantforward++;
1007: else {
1008: ipstat.ips_forward++;
1009: if (type)
1010: ipstat.ips_redirectsent++;
1011: else {
1012: if (mcopy)
1013: m_freem(mcopy);
1014: return;
1015: }
1016: }
1017: if (mcopy == NULL)
1018: return;
1019: switch (error) {
1020:
1021: case 0: /* forwarded, but need redirect */
1022: /* type, code set above */
1023: break;
1024:
1025: case ENETUNREACH: /* shouldn't happen, checked above */
1026: case EHOSTUNREACH:
1027: case ENETDOWN:
1028: case EHOSTDOWN:
1029: default:
1030: type = ICMP_UNREACH;
1031: code = ICMP_UNREACH_HOST;
1032: break;
1033:
1034: case EMSGSIZE:
1035: type = ICMP_UNREACH;
1036: code = ICMP_UNREACH_NEEDFRAG;
1037: ipstat.ips_cantfrag++;
1038: break;
1039:
1040: case ENOBUFS:
1041: type = ICMP_SOURCEQUENCH;
1042: code = 0;
1043: break;
1044: }
1045: icmp_error(mcopy, type, code, dest);
1046: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.