![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ip_input.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDTahoe / sys / netinet|
Return to ip_input.c CVS log | Up to [CSRG BSD Unix] / 43BSDTahoe / sys / netinet |
1.1 root 1: /*
2: * Copyright (c) 1982, 1986 Regents of the University of California.
3: * All rights reserved.
4: *
5: * Redistribution and use in source and binary forms are permitted
6: * provided that the above copyright notice and this paragraph are
7: * duplicated in all such forms and that any documentation,
8: * advertising materials, and other materials related to such
9: * distribution and use acknowledge that the software was developed
10: * by the University of California, Berkeley. The name of the
11: * University may not be used to endorse or promote products derived
12: * from this software without specific prior written permission.
13: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
14: * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
15: * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
16: *
17: * @(#)ip_input.c 7.10 (Berkeley) 6/29/88
18: */
19:
20: #include "param.h"
21: #include "systm.h"
22: #include "mbuf.h"
23: #include "domain.h"
24: #include "protosw.h"
25: #include "socket.h"
26: #include "errno.h"
27: #include "time.h"
28: #include "kernel.h"
29:
30: #include "../net/if.h"
31: #include "../net/route.h"
32:
33: #include "in.h"
34: #include "in_pcb.h"
35: #include "in_systm.h"
36: #include "in_var.h"
37: #include "ip.h"
38: #include "ip_var.h"
39: #include "ip_icmp.h"
40: #include "tcp.h"
41:
42: u_char ip_protox[IPPROTO_MAX];
43: int ipqmaxlen = IFQ_MAXLEN;
44: struct in_ifaddr *in_ifaddr; /* first inet address */
45:
46: /*
47: * We need to save the IP options in case a protocol wants to respond
48: * to an incoming packet over the same route if the packet got here
49: * using IP source routing. This allows connection establishment and
50: * maintenance when the remote end is on a network that is not known
51: * to us.
52: */
53: int ip_nhops = 0;
54: static struct ip_srcrt {
55: char nop; /* one NOP to align */
56: char srcopt[IPOPT_OFFSET + 1]; /* OPTVAL, OLEN and OFFSET */
57: struct in_addr route[MAX_IPOPTLEN];
58: } ip_srcrt;
59:
60: /*
61: * IP initialization: fill in IP protocol switch table.
62: * All protocols not implemented in kernel go to raw IP protocol handler.
63: */
64: ip_init()
65: {
66: register struct protosw *pr;
67: register int i;
68:
69: pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW);
70: if (pr == 0)
71: panic("ip_init");
72: for (i = 0; i < IPPROTO_MAX; i++)
73: ip_protox[i] = pr - inetsw;
74: for (pr = inetdomain.dom_protosw;
75: pr < inetdomain.dom_protoswNPROTOSW; pr++)
76: if (pr->pr_domain->dom_family == PF_INET &&
77: pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
78: ip_protox[pr->pr_protocol] = pr - inetsw;
79: ipq.next = ipq.prev = &ipq;
80: ip_id = time.tv_sec & 0xffff;
81: ipintrq.ifq_maxlen = ipqmaxlen;
82: }
83:
84: u_char ipcksum = 1;
85: struct ip *ip_reass();
86: struct sockaddr_in ipaddr = { AF_INET };
87: struct route ipforward_rt;
88:
89: /*
90: * Ip input routine. Checksum and byte swap header. If fragmented
91: * try to reassamble. If complete and fragment queue exists, discard.
92: * Process options. Pass to next level.
93: */
94: ipintr()
95: {
96: register struct ip *ip;
97: register struct mbuf *m;
98: struct mbuf *m0;
99: register int i;
100: register struct ipq *fp;
101: register struct in_ifaddr *ia;
102: struct ifnet *ifp;
103: int hlen, s;
104:
105: next:
106: /*
107: * Get next datagram off input queue and get IP header
108: * in first mbuf.
109: */
110: s = splimp();
111: IF_DEQUEUEIF(&ipintrq, m, ifp);
112: splx(s);
113: if (m == 0)
114: return;
115: /*
116: * If no IP addresses have been set yet but the interfaces
117: * are receiving, can't do anything with incoming packets yet.
118: */
119: if (in_ifaddr == NULL)
120: goto bad;
121: ipstat.ips_total++;
122: if ((m->m_off > MMAXOFF || m->m_len < sizeof (struct ip)) &&
123: (m = m_pullup(m, sizeof (struct ip))) == 0) {
124: ipstat.ips_toosmall++;
125: goto next;
126: }
127: ip = mtod(m, struct ip *);
128: hlen = ip->ip_hl << 2;
129: if (hlen < sizeof(struct ip)) { /* minimum header length */
130: ipstat.ips_badhlen++;
131: goto bad;
132: }
133: if (hlen > m->m_len) {
134: if ((m = m_pullup(m, hlen)) == 0) {
135: ipstat.ips_badhlen++;
136: goto next;
137: }
138: ip = mtod(m, struct ip *);
139: }
140: if (ipcksum)
141: if (ip->ip_sum = in_cksum(m, hlen)) {
142: ipstat.ips_badsum++;
143: goto bad;
144: }
145:
146: /*
147: * Convert fields to host representation.
148: */
149: ip->ip_len = ntohs((u_short)ip->ip_len);
150: if (ip->ip_len < hlen) {
151: ipstat.ips_badlen++;
152: goto bad;
153: }
154: ip->ip_id = ntohs(ip->ip_id);
155: ip->ip_off = ntohs((u_short)ip->ip_off);
156:
157: /*
158: * Check that the amount of data in the buffers
159: * is as at least much as the IP header would have us expect.
160: * Trim mbufs if longer than we expect.
161: * Drop packet if shorter than we expect.
162: */
163: i = -(u_short)ip->ip_len;
164: m0 = m;
165: for (;;) {
166: i += m->m_len;
167: if (m->m_next == 0)
168: break;
169: m = m->m_next;
170: }
171: if (i != 0) {
172: if (i < 0) {
173: ipstat.ips_tooshort++;
174: m = m0;
175: goto bad;
176: }
177: if (i <= m->m_len)
178: m->m_len -= i;
179: else
180: m_adj(m0, -i);
181: }
182: m = m0;
183:
184: /*
185: * Process options and, if not destined for us,
186: * ship it on. ip_dooptions returns 1 when an
187: * error was detected (causing an icmp message
188: * to be sent and the original packet to be freed).
189: */
190: ip_nhops = 0; /* for source routed packets */
191: if (hlen > sizeof (struct ip) && ip_dooptions(ip, ifp))
192: goto next;
193:
194: /*
195: * Check our list of addresses, to see if the packet is for us.
196: */
197: for (ia = in_ifaddr; ia; ia = ia->ia_next) {
198: #define satosin(sa) ((struct sockaddr_in *)(sa))
199:
200: if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr)
201: goto ours;
202: if (
203: #ifdef DIRECTED_BROADCAST
204: ia->ia_ifp == ifp &&
205: #endif
206: (ia->ia_ifp->if_flags & IFF_BROADCAST)) {
207: u_long t;
208:
209: if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
210: ip->ip_dst.s_addr)
211: goto ours;
212: if (ip->ip_dst.s_addr == ia->ia_netbroadcast.s_addr)
213: goto ours;
214: /*
215: * Look for all-0's host part (old broadcast addr),
216: * either for subnet or net.
217: */
218: t = ntohl(ip->ip_dst.s_addr);
219: if (t == ia->ia_subnet)
220: goto ours;
221: if (t == ia->ia_net)
222: goto ours;
223: }
224: }
225: if (ip->ip_dst.s_addr == (u_long)INADDR_BROADCAST)
226: goto ours;
227: if (ip->ip_dst.s_addr == INADDR_ANY)
228: goto ours;
229:
230: /*
231: * Not for us; forward if possible and desirable.
232: */
233: ip_forward(ip, ifp);
234: goto next;
235:
236: ours:
237: /*
238: * If offset or IP_MF are set, must reassemble.
239: * Otherwise, nothing need be done.
240: * (We could look in the reassembly queue to see
241: * if the packet was previously fragmented,
242: * but it's not worth the time; just let them time out.)
243: */
244: if (ip->ip_off &~ IP_DF) {
245: /*
246: * Look for queue of fragments
247: * of this datagram.
248: */
249: for (fp = ipq.next; fp != &ipq; fp = fp->next)
250: if (ip->ip_id == fp->ipq_id &&
251: ip->ip_src.s_addr == fp->ipq_src.s_addr &&
252: ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
253: ip->ip_p == fp->ipq_p)
254: goto found;
255: fp = 0;
256: found:
257:
258: /*
259: * Adjust ip_len to not reflect header,
260: * set ip_mff if more fragments are expected,
261: * convert offset of this to bytes.
262: */
263: ip->ip_len -= hlen;
264: ((struct ipasfrag *)ip)->ipf_mff = 0;
265: if (ip->ip_off & IP_MF)
266: ((struct ipasfrag *)ip)->ipf_mff = 1;
267: ip->ip_off <<= 3;
268:
269: /*
270: * If datagram marked as having more fragments
271: * or if this is not the first fragment,
272: * attempt reassembly; if it succeeds, proceed.
273: */
274: if (((struct ipasfrag *)ip)->ipf_mff || ip->ip_off) {
275: ipstat.ips_fragments++;
276: ip = ip_reass((struct ipasfrag *)ip, fp);
277: if (ip == 0)
278: goto next;
279: m = dtom(ip);
280: } else
281: if (fp)
282: ip_freef(fp);
283: } else
284: ip->ip_len -= hlen;
285:
286: /*
287: * Switch out to protocol's input routine.
288: */
289: (*inetsw[ip_protox[ip->ip_p]].pr_input)(m, ifp);
290: goto next;
291: bad:
292: m_freem(m);
293: goto next;
294: }
295:
296: /*
297: * Take incoming datagram fragment and try to
298: * reassemble it into whole datagram. If a chain for
299: * reassembly of this datagram already exists, then it
300: * is given as fp; otherwise have to make a chain.
301: */
302: struct ip *
303: ip_reass(ip, fp)
304: register struct ipasfrag *ip;
305: register struct ipq *fp;
306: {
307: register struct mbuf *m = dtom(ip);
308: register struct ipasfrag *q;
309: struct mbuf *t;
310: int hlen = ip->ip_hl << 2;
311: int i, next;
312:
313: /*
314: * Presence of header sizes in mbufs
315: * would confuse code below.
316: */
317: m->m_off += hlen;
318: m->m_len -= hlen;
319:
320: /*
321: * If first fragment to arrive, create a reassembly queue.
322: */
323: if (fp == 0) {
324: if ((t = m_get(M_DONTWAIT, MT_FTABLE)) == NULL)
325: goto dropfrag;
326: fp = mtod(t, struct ipq *);
327: insque(fp, &ipq);
328: fp->ipq_ttl = IPFRAGTTL;
329: fp->ipq_p = ip->ip_p;
330: fp->ipq_id = ip->ip_id;
331: fp->ipq_next = fp->ipq_prev = (struct ipasfrag *)fp;
332: fp->ipq_src = ((struct ip *)ip)->ip_src;
333: fp->ipq_dst = ((struct ip *)ip)->ip_dst;
334: q = (struct ipasfrag *)fp;
335: goto insert;
336: }
337:
338: /*
339: * Find a segment which begins after this one does.
340: */
341: for (q = fp->ipq_next; q != (struct ipasfrag *)fp; q = q->ipf_next)
342: if (q->ip_off > ip->ip_off)
343: break;
344:
345: /*
346: * If there is a preceding segment, it may provide some of
347: * our data already. If so, drop the data from the incoming
348: * segment. If it provides all of our data, drop us.
349: */
350: if (q->ipf_prev != (struct ipasfrag *)fp) {
351: i = q->ipf_prev->ip_off + q->ipf_prev->ip_len - ip->ip_off;
352: if (i > 0) {
353: if (i >= ip->ip_len)
354: goto dropfrag;
355: m_adj(dtom(ip), i);
356: ip->ip_off += i;
357: ip->ip_len -= i;
358: }
359: }
360:
361: /*
362: * While we overlap succeeding segments trim them or,
363: * if they are completely covered, dequeue them.
364: */
365: while (q != (struct ipasfrag *)fp && ip->ip_off + ip->ip_len > q->ip_off) {
366: i = (ip->ip_off + ip->ip_len) - q->ip_off;
367: if (i < q->ip_len) {
368: q->ip_len -= i;
369: q->ip_off += i;
370: m_adj(dtom(q), i);
371: break;
372: }
373: q = q->ipf_next;
374: m_freem(dtom(q->ipf_prev));
375: ip_deq(q->ipf_prev);
376: }
377:
378: insert:
379: /*
380: * Stick new segment in its place;
381: * check for complete reassembly.
382: */
383: ip_enq(ip, q->ipf_prev);
384: next = 0;
385: for (q = fp->ipq_next; q != (struct ipasfrag *)fp; q = q->ipf_next) {
386: if (q->ip_off != next)
387: return (0);
388: next += q->ip_len;
389: }
390: if (q->ipf_prev->ipf_mff)
391: return (0);
392:
393: /*
394: * Reassembly is complete; concatenate fragments.
395: */
396: q = fp->ipq_next;
397: m = dtom(q);
398: t = m->m_next;
399: m->m_next = 0;
400: m_cat(m, t);
401: q = q->ipf_next;
402: while (q != (struct ipasfrag *)fp) {
403: t = dtom(q);
404: q = q->ipf_next;
405: m_cat(m, t);
406: }
407:
408: /*
409: * Create header for new ip packet by
410: * modifying header of first packet;
411: * dequeue and discard fragment reassembly header.
412: * Make header visible.
413: */
414: ip = fp->ipq_next;
415: ip->ip_len = next;
416: ((struct ip *)ip)->ip_src = fp->ipq_src;
417: ((struct ip *)ip)->ip_dst = fp->ipq_dst;
418: remque(fp);
419: (void) m_free(dtom(fp));
420: m = dtom(ip);
421: m->m_len += (ip->ip_hl << 2);
422: m->m_off -= (ip->ip_hl << 2);
423: return ((struct ip *)ip);
424:
425: dropfrag:
426: ipstat.ips_fragdropped++;
427: m_freem(m);
428: return (0);
429: }
430:
431: /*
432: * Free a fragment reassembly header and all
433: * associated datagrams.
434: */
435: ip_freef(fp)
436: struct ipq *fp;
437: {
438: register struct ipasfrag *q, *p;
439:
440: for (q = fp->ipq_next; q != (struct ipasfrag *)fp; q = p) {
441: p = q->ipf_next;
442: ip_deq(q);
443: m_freem(dtom(q));
444: }
445: remque(fp);
446: (void) m_free(dtom(fp));
447: }
448:
449: /*
450: * Put an ip fragment on a reassembly chain.
451: * Like insque, but pointers in middle of structure.
452: */
453: ip_enq(p, prev)
454: register struct ipasfrag *p, *prev;
455: {
456:
457: p->ipf_prev = prev;
458: p->ipf_next = prev->ipf_next;
459: prev->ipf_next->ipf_prev = p;
460: prev->ipf_next = p;
461: }
462:
463: /*
464: * To ip_enq as remque is to insque.
465: */
466: ip_deq(p)
467: register struct ipasfrag *p;
468: {
469:
470: p->ipf_prev->ipf_next = p->ipf_next;
471: p->ipf_next->ipf_prev = p->ipf_prev;
472: }
473:
474: /*
475: * IP timer processing;
476: * if a timer expires on a reassembly
477: * queue, discard it.
478: */
479: ip_slowtimo()
480: {
481: register struct ipq *fp;
482: int s = splnet();
483:
484: fp = ipq.next;
485: if (fp == 0) {
486: splx(s);
487: return;
488: }
489: while (fp != &ipq) {
490: --fp->ipq_ttl;
491: fp = fp->next;
492: if (fp->prev->ipq_ttl == 0) {
493: ipstat.ips_fragtimeout++;
494: ip_freef(fp->prev);
495: }
496: }
497: splx(s);
498: }
499:
500: /*
501: * Drain off all datagram fragments.
502: */
503: ip_drain()
504: {
505:
506: while (ipq.next != &ipq) {
507: ipstat.ips_fragdropped++;
508: ip_freef(ipq.next);
509: }
510: }
511:
512: extern struct in_ifaddr *ifptoia();
513: struct in_ifaddr *ip_rtaddr();
514:
515: /*
516: * Do option processing on a datagram,
517: * possibly discarding it if bad options
518: * are encountered.
519: */
520: ip_dooptions(ip, ifp)
521: register struct ip *ip;
522: struct ifnet *ifp;
523: {
524: register u_char *cp;
525: int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB;
526: register struct ip_timestamp *ipt;
527: register struct in_ifaddr *ia;
528: struct in_addr *sin;
529: n_time ntime;
530:
531: cp = (u_char *)(ip + 1);
532: cnt = (ip->ip_hl << 2) - sizeof (struct ip);
533: for (; cnt > 0; cnt -= optlen, cp += optlen) {
534: opt = cp[IPOPT_OPTVAL];
535: if (opt == IPOPT_EOL)
536: break;
537: if (opt == IPOPT_NOP)
538: optlen = 1;
539: else {
540: optlen = cp[IPOPT_OLEN];
541: if (optlen <= 0 || optlen > cnt) {
542: code = &cp[IPOPT_OLEN] - (u_char *)ip;
543: goto bad;
544: }
545: }
546: switch (opt) {
547:
548: default:
549: break;
550:
551: /*
552: * Source routing with record.
553: * Find interface with current destination address.
554: * If none on this machine then drop if strictly routed,
555: * or do nothing if loosely routed.
556: * Record interface address and bring up next address
557: * component. If strictly routed make sure next
558: * address on directly accessible net.
559: */
560: case IPOPT_LSRR:
561: case IPOPT_SSRR:
562: if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
563: code = &cp[IPOPT_OFFSET] - (u_char *)ip;
564: goto bad;
565: }
566: ipaddr.sin_addr = ip->ip_dst;
567: ia = (struct in_ifaddr *)
568: ifa_ifwithaddr((struct sockaddr *)&ipaddr);
569: if (ia == 0) {
570: if (opt == IPOPT_SSRR) {
571: type = ICMP_UNREACH;
572: code = ICMP_UNREACH_SRCFAIL;
573: goto bad;
574: }
575: /*
576: * Loose routing, and not at next destination
577: * yet; nothing to do except forward.
578: */
579: break;
580: }
581: off--; /* 0 origin */
582: if (off > optlen - sizeof(struct in_addr)) {
583: /*
584: * End of source route. Should be for us.
585: */
586: save_rte(cp, ip->ip_src);
587: break;
588: }
589: /*
590: * locate outgoing interface
591: */
592: bcopy((caddr_t)(cp + off), (caddr_t)&ipaddr.sin_addr,
593: sizeof(ipaddr.sin_addr));
594: if ((opt == IPOPT_SSRR &&
595: in_iaonnetof(in_netof(ipaddr.sin_addr)) == 0) ||
596: (ia = ip_rtaddr(ipaddr.sin_addr)) == 0) {
597: type = ICMP_UNREACH;
598: code = ICMP_UNREACH_SRCFAIL;
599: goto bad;
600: }
601: ip->ip_dst = ipaddr.sin_addr;
602: bcopy((caddr_t)&(IA_SIN(ia)->sin_addr),
603: (caddr_t)(cp + off), sizeof(struct in_addr));
604: cp[IPOPT_OFFSET] += sizeof(struct in_addr);
605: break;
606:
607: case IPOPT_RR:
608: if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
609: code = &cp[IPOPT_OFFSET] - (u_char *)ip;
610: goto bad;
611: }
612: /*
613: * If no space remains, ignore.
614: */
615: off--; /* 0 origin */
616: if (off > optlen - sizeof(struct in_addr))
617: break;
618: bcopy((caddr_t)(&ip->ip_dst), (caddr_t)&ipaddr.sin_addr,
619: sizeof(ipaddr.sin_addr));
620: /*
621: * locate outgoing interface
622: */
623: if ((ia = ip_rtaddr(ipaddr.sin_addr)) == 0) {
624: type = ICMP_UNREACH;
625: code = ICMP_UNREACH_HOST;
626: goto bad;
627: }
628: bcopy((caddr_t)&(IA_SIN(ia)->sin_addr),
629: (caddr_t)(cp + off), sizeof(struct in_addr));
630: cp[IPOPT_OFFSET] += sizeof(struct in_addr);
631: break;
632:
633: case IPOPT_TS:
634: code = cp - (u_char *)ip;
635: ipt = (struct ip_timestamp *)cp;
636: if (ipt->ipt_len < 5)
637: goto bad;
638: if (ipt->ipt_ptr > ipt->ipt_len - sizeof (long)) {
639: if (++ipt->ipt_oflw == 0)
640: goto bad;
641: break;
642: }
643: sin = (struct in_addr *)(cp + ipt->ipt_ptr - 1);
644: switch (ipt->ipt_flg) {
645:
646: case IPOPT_TS_TSONLY:
647: break;
648:
649: case IPOPT_TS_TSANDADDR:
650: if (ipt->ipt_ptr + sizeof(n_time) +
651: sizeof(struct in_addr) > ipt->ipt_len)
652: goto bad;
653: ia = ifptoia(ifp);
654: bcopy((caddr_t)&IA_SIN(ia)->sin_addr,
655: (caddr_t)sin, sizeof(struct in_addr));
656: ipt->ipt_ptr += sizeof(struct in_addr);
657: break;
658:
659: case IPOPT_TS_PRESPEC:
660: if (ipt->ipt_ptr + sizeof(n_time) +
661: sizeof(struct in_addr) > ipt->ipt_len)
662: goto bad;
663: bcopy((caddr_t)sin, (caddr_t)&ipaddr.sin_addr,
664: sizeof(struct in_addr));
665: if (ifa_ifwithaddr((struct sockaddr *)&ipaddr) == 0)
666: continue;
667: ipt->ipt_ptr += sizeof(struct in_addr);
668: break;
669:
670: default:
671: goto bad;
672: }
673: ntime = iptime();
674: bcopy((caddr_t)&ntime, (caddr_t)cp + ipt->ipt_ptr - 1,
675: sizeof(n_time));
676: ipt->ipt_ptr += sizeof(n_time);
677: }
678: }
679: return (0);
680: bad:
681: icmp_error(ip, type, code, ifp);
682: return (1);
683: }
684:
685: /*
686: * Given address of next destination (final or next hop),
687: * return internet address info of interface to be used to get there.
688: */
689: struct in_ifaddr *
690: ip_rtaddr(dst)
691: struct in_addr dst;
692: {
693: register struct sockaddr_in *sin;
694: register struct in_ifaddr *ia;
695:
696: sin = (struct sockaddr_in *) &ipforward_rt.ro_dst;
697:
698: if (ipforward_rt.ro_rt == 0 || dst.s_addr != sin->sin_addr.s_addr) {
699: if (ipforward_rt.ro_rt) {
700: RTFREE(ipforward_rt.ro_rt);
701: ipforward_rt.ro_rt = 0;
702: }
703: sin->sin_family = AF_INET;
704: sin->sin_addr = dst;
705:
706: rtalloc(&ipforward_rt);
707: }
708: if (ipforward_rt.ro_rt == 0)
709: return ((struct in_ifaddr *)0);
710: /*
711: * Find address associated with outgoing interface.
712: */
713: for (ia = in_ifaddr; ia; ia = ia->ia_next)
714: if (ia->ia_ifp == ipforward_rt.ro_rt->rt_ifp)
715: break;
716: return (ia);
717: }
718:
719: /*
720: * Save incoming source route for use in replies,
721: * to be picked up later by ip_srcroute if the receiver is interested.
722: */
723: save_rte(option, dst)
724: u_char *option;
725: struct in_addr dst;
726: {
727: unsigned olen;
728: extern ipprintfs;
729:
730: olen = option[IPOPT_OLEN];
731: if (olen > sizeof(ip_srcrt) - 1) {
732: if (ipprintfs)
733: printf("save_rte: olen %d\n", olen);
734: return;
735: }
736: bcopy((caddr_t)option, (caddr_t)ip_srcrt.srcopt, olen);
737: ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
738: ip_srcrt.route[ip_nhops++] = dst;
739: }
740:
741: /*
742: * Retrieve incoming source route for use in replies,
743: * in the same form used by setsockopt.
744: * The first hop is placed before the options, will be removed later.
745: */
746: struct mbuf *
747: ip_srcroute()
748: {
749: register struct in_addr *p, *q;
750: register struct mbuf *m;
751:
752: if (ip_nhops == 0)
753: return ((struct mbuf *)0);
754: m = m_get(M_DONTWAIT, MT_SOOPTS);
755: if (m == 0)
756: return ((struct mbuf *)0);
757: m->m_len = ip_nhops * sizeof(struct in_addr) + IPOPT_OFFSET + 1 + 1;
758:
759: /*
760: * First save first hop for return route
761: */
762: p = &ip_srcrt.route[ip_nhops - 1];
763: *(mtod(m, struct in_addr *)) = *p--;
764:
765: /*
766: * Copy option fields and padding (nop) to mbuf.
767: */
768: ip_srcrt.nop = IPOPT_NOP;
769: bcopy((caddr_t)&ip_srcrt, mtod(m, caddr_t) + sizeof(struct in_addr),
770: IPOPT_OFFSET + 1 + 1);
771: q = (struct in_addr *)(mtod(m, caddr_t) +
772: sizeof(struct in_addr) + IPOPT_OFFSET + 1 + 1);
773: /*
774: * Record return path as an IP source route,
775: * reversing the path (pointers are now aligned).
776: */
777: while (p >= ip_srcrt.route)
778: *q++ = *p--;
779: return (m);
780: }
781:
782: /*
783: * Strip out IP options, at higher
784: * level protocol in the kernel.
785: * Second argument is buffer to which options
786: * will be moved, and return value is their length.
787: */
788: ip_stripoptions(ip, mopt)
789: struct ip *ip;
790: struct mbuf *mopt;
791: {
792: register int i;
793: register struct mbuf *m;
794: register caddr_t opts;
795: int olen;
796:
797: olen = (ip->ip_hl<<2) - sizeof (struct ip);
798: m = dtom(ip);
799: opts = (caddr_t)(ip + 1);
800: if (mopt) {
801: mopt->m_len = olen;
802: mopt->m_off = MMINOFF;
803: bcopy(opts, mtod(mopt, caddr_t), (unsigned)olen);
804: }
805: i = m->m_len - (sizeof (struct ip) + olen);
806: bcopy(opts + olen, opts, (unsigned)i);
807: m->m_len -= olen;
808: ip->ip_hl = sizeof(struct ip) >> 2;
809: }
810:
811: u_char inetctlerrmap[PRC_NCMDS] = {
812: 0, 0, 0, 0,
813: 0, 0, EHOSTDOWN, EHOSTUNREACH,
814: ENETUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
815: EMSGSIZE, EHOSTUNREACH, 0, 0,
816: 0, 0, 0, 0,
817: ENOPROTOOPT
818: };
819:
820: #ifndef IPFORWARDING
821: #define IPFORWARDING 1
822: #endif
823: #ifndef IPSENDREDIRECTS
824: #define IPSENDREDIRECTS 1
825: #endif
826: int ipprintfs = 0;
827: int ipforwarding = IPFORWARDING;
828: extern int in_interfaces;
829: int ipsendredirects = IPSENDREDIRECTS;
830:
831: /*
832: * Forward a packet. If some error occurs return the sender
833: * an icmp packet. Note we can't always generate a meaningful
834: * icmp message because icmp doesn't have a large enough repertoire
835: * of codes and types.
836: *
837: * If not forwarding (possibly because we have only a single external
838: * network), just drop the packet. This could be confusing if ipforwarding
839: * was zero but some routing protocol was advancing us as a gateway
840: * to somewhere. However, we must let the routing protocol deal with that.
841: */
842: ip_forward(ip, ifp)
843: register struct ip *ip;
844: struct ifnet *ifp;
845: {
846: register int error, type = 0, code;
847: register struct sockaddr_in *sin;
848: struct mbuf *mcopy;
849: struct in_addr dest;
850:
851: dest.s_addr = 0;
852: if (ipprintfs)
853: printf("forward: src %x dst %x ttl %x\n", ip->ip_src,
854: ip->ip_dst, ip->ip_ttl);
855: ip->ip_id = htons(ip->ip_id);
856: if (ipforwarding == 0 || in_interfaces <= 1) {
857: ipstat.ips_cantforward++;
858: #ifdef GATEWAY
859: type = ICMP_UNREACH, code = ICMP_UNREACH_NET;
860: goto sendicmp;
861: #else
862: m_freem(dtom(ip));
863: return;
864: #endif
865: }
866: if (in_canforward(ip->ip_dst) == 0) {
867: m_freem(dtom(ip));
868: return;
869: }
870: if (ip->ip_ttl <= IPTTLDEC) {
871: type = ICMP_TIMXCEED, code = ICMP_TIMXCEED_INTRANS;
872: goto sendicmp;
873: }
874: ip->ip_ttl -= IPTTLDEC;
875:
876: /*
877: * Save at most 64 bytes of the packet in case
878: * we need to generate an ICMP message to the src.
879: */
880: mcopy = m_copy(dtom(ip), 0, imin((int)ip->ip_len, 64));
881:
882: sin = (struct sockaddr_in *)&ipforward_rt.ro_dst;
883: if (ipforward_rt.ro_rt == 0 ||
884: ip->ip_dst.s_addr != sin->sin_addr.s_addr) {
885: if (ipforward_rt.ro_rt) {
886: RTFREE(ipforward_rt.ro_rt);
887: ipforward_rt.ro_rt = 0;
888: }
889: sin->sin_family = AF_INET;
890: sin->sin_addr = ip->ip_dst;
891:
892: rtalloc(&ipforward_rt);
893: }
894: /*
895: * If forwarding packet using same interface that it came in on,
896: * perhaps should send a redirect to sender to shortcut a hop.
897: * Only send redirect if source is sending directly to us,
898: * and if packet was not source routed (or has any options).
899: * Also, don't send redirect if forwarding using a default route
900: * or a route modfied by a redirect.
901: */
902: #define satosin(sa) ((struct sockaddr_in *)(sa))
903: if (ipforward_rt.ro_rt && ipforward_rt.ro_rt->rt_ifp == ifp &&
904: (ipforward_rt.ro_rt->rt_flags & (RTF_DYNAMIC|RTF_MODIFIED)) == 0 &&
905: satosin(&ipforward_rt.ro_rt->rt_dst)->sin_addr.s_addr != 0 &&
906: ipsendredirects && ip->ip_hl == (sizeof(struct ip) >> 2)) {
907: struct in_ifaddr *ia;
908: u_long src = ntohl(ip->ip_src.s_addr);
909: u_long dst = ntohl(ip->ip_dst.s_addr);
910:
911: if ((ia = ifptoia(ifp)) &&
912: (src & ia->ia_subnetmask) == ia->ia_subnet) {
913: if (ipforward_rt.ro_rt->rt_flags & RTF_GATEWAY)
914: dest = satosin(&ipforward_rt.ro_rt->rt_gateway)->sin_addr;
915: else
916: dest = ip->ip_dst;
917: /*
918: * If the destination is reached by a route to host,
919: * is on a subnet of a local net, or is directly
920: * on the attached net (!), use host redirect.
921: * (We may be the correct first hop for other subnets.)
922: */
923: type = ICMP_REDIRECT;
924: code = ICMP_REDIRECT_NET;
925: if ((ipforward_rt.ro_rt->rt_flags & RTF_HOST) ||
926: (ipforward_rt.ro_rt->rt_flags & RTF_GATEWAY) == 0)
927: code = ICMP_REDIRECT_HOST;
928: else for (ia = in_ifaddr; ia = ia->ia_next; )
929: if ((dst & ia->ia_netmask) == ia->ia_net) {
930: if (ia->ia_subnetmask != ia->ia_netmask)
931: code = ICMP_REDIRECT_HOST;
932: break;
933: }
934: if (ipprintfs)
935: printf("redirect (%d) to %x\n", code, dest);
936: }
937: }
938:
939: error = ip_output(dtom(ip), (struct mbuf *)0, &ipforward_rt,
940: IP_FORWARDING);
941: if (error)
942: ipstat.ips_cantforward++;
943: else if (type)
944: ipstat.ips_redirectsent++;
945: else {
946: if (mcopy)
947: m_freem(mcopy);
948: ipstat.ips_forward++;
949: return;
950: }
951: if (mcopy == NULL)
952: return;
953: ip = mtod(mcopy, struct ip *);
954: type = ICMP_UNREACH;
955: switch (error) {
956:
957: case 0: /* forwarded, but need redirect */
958: type = ICMP_REDIRECT;
959: /* code set above */
960: break;
961:
962: case ENETUNREACH:
963: case ENETDOWN:
964: if (in_localaddr(ip->ip_dst))
965: code = ICMP_UNREACH_HOST;
966: else
967: code = ICMP_UNREACH_NET;
968: break;
969:
970: case EMSGSIZE:
971: code = ICMP_UNREACH_NEEDFRAG;
972: break;
973:
974: case EPERM:
975: code = ICMP_UNREACH_PORT;
976: break;
977:
978: case ENOBUFS:
979: type = ICMP_SOURCEQUENCH;
980: break;
981:
982: case EHOSTDOWN:
983: case EHOSTUNREACH:
984: code = ICMP_UNREACH_HOST;
985: break;
986: }
987: sendicmp:
988: icmp_error(ip, type, code, ifp, dest);
989: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.