![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ip_flow.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Apple XNU] / XNU / bsd / netinet|
Return to ip_flow.c CVS log | Up to [Apple XNU] / XNU / bsd / netinet |
1.1 root 1: /*
2: * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3: *
4: * @APPLE_LICENSE_HEADER_START@
5: *
6: * The contents of this file constitute Original Code as defined in and
7: * are subject to the Apple Public Source License Version 1.1 (the
8: * "License"). You may not use this file except in compliance with the
9: * License. Please obtain a copy of the License at
10: * http://www.apple.com/publicsource and read it before using this file.
11: *
12: * This Original Code and all software distributed under the License are
13: * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14: * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15: * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16: * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17: * License for the specific language governing rights and limitations
18: * under the License.
19: *
20: * @APPLE_LICENSE_HEADER_END@
21: */
22: /*-
23: * Copyright (c) 1998 The NetBSD Foundation, Inc.
24: * All rights reserved.
25: *
26: * This code is derived from software contributed to The NetBSD Foundation
27: * by the 3am Software Foundry ("3am"). It was developed by Matt Thomas.
28: *
29: * Redistribution and use in source and binary forms, with or without
30: * modification, are permitted provided that the following conditions
31: * are met:
32: * 1. Redistributions of source code must retain the above copyright
33: * notice, this list of conditions and the following disclaimer.
34: * 2. Redistributions in binary form must reproduce the above copyright
35: * notice, this list of conditions and the following disclaimer in the
36: * documentation and/or other materials provided with the distribution.
37: * 3. All advertising materials mentioning features or use of this software
38: * must display the following acknowledgement:
39: * This product includes software developed by the NetBSD
40: * Foundation, Inc. and its contributors.
41: * 4. Neither the name of The NetBSD Foundation nor the names of its
42: * contributors may be used to endorse or promote products derived
43: * from this software without specific prior written permission.
44: *
45: * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
46: * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
47: * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
48: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
49: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
50: * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
51: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
52: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
53: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
54: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
55: * POSSIBILITY OF SUCH DAMAGE.
56: *
57: */
58:
59: #include <sys/param.h>
60: #include <sys/systm.h>
61: #include <sys/malloc.h>
62: #include <sys/mbuf.h>
63: #include <sys/protosw.h>
64: #include <sys/socket.h>
65: #include <sys/kernel.h>
66:
67: #include <sys/sysctl.h>
68:
69: #include <net/if.h>
70: #include <net/route.h>
71:
72: #include <netinet/in.h>
73: #include <netinet/in_systm.h>
74: #include <netinet/ip.h>
75: #include <netinet/in_var.h>
76: #include <netinet/ip_var.h>
77: #include <netinet/ip_flow.h>
78: #include <net/dlil.h>
79:
80: #define IPFLOW_TIMER (5 * PR_SLOWHZ)
81: #define IPFLOW_HASHBITS 6 /* should not be a multiple of 8 */
82: #define IPFLOW_HASHSIZE (1 << IPFLOW_HASHBITS)
83: static LIST_HEAD(ipflowhead, ipflow) ipflows[IPFLOW_HASHSIZE];
84: static int ipflow_inuse;
85: #define IPFLOW_MAX 256
86:
87: #if ISFB31
88: #else
89: #define M_IPFLOW M_TEMP
90: #endif
91:
92: static int ipflow_active = 0;
93: SYSCTL_INT(_net_inet_ip, IPCTL_FASTFORWARDING, fastforwarding, CTLFLAG_RW,
94: &ipflow_active, 0, "");
95:
96: MALLOC_DEFINE(M_IPFLOW, "ip_flow", "IP flow");
97:
98: static unsigned
99: ipflow_hash(
100: struct in_addr dst,
101: struct in_addr src,
102: unsigned tos)
103: {
104: unsigned hash = tos;
105: int idx;
106: for (idx = 0; idx < 32; idx += IPFLOW_HASHBITS)
107: hash += (dst.s_addr >> (32 - idx)) + (src.s_addr >> idx);
108: return hash & (IPFLOW_HASHSIZE-1);
109: }
110:
111: static struct ipflow *
112: ipflow_lookup(
113: const struct ip *ip)
114: {
115: unsigned hash;
116: struct ipflow *ipf;
117:
118: hash = ipflow_hash(ip->ip_dst, ip->ip_src, ip->ip_tos);
119:
120: ipf = LIST_FIRST(&ipflows[hash]);
121: while (ipf != NULL) {
122: if (ip->ip_dst.s_addr == ipf->ipf_dst.s_addr
123: && ip->ip_src.s_addr == ipf->ipf_src.s_addr
124: && ip->ip_tos == ipf->ipf_tos)
125: break;
126: ipf = LIST_NEXT(ipf, ipf_next);
127: }
128: return ipf;
129: }
130:
131: int
132: ipflow_fastforward(
133: struct mbuf *m)
134: {
135: struct ip *ip;
136: struct ipflow *ipf;
137: struct rtentry *rt;
138: int error;
139:
140: /*
141: * Are we forwarding packets? Big enough for an IP packet?
142: */
143: if (!ipforwarding || !ipflow_active || m->m_len < sizeof(struct ip))
144: return 0;
145: /*
146: * IP header with no option and valid version and length
147: */
148: ip = mtod(m, struct ip *);
149: if (ip->ip_v != IPVERSION || ip->ip_hl != (sizeof(struct ip) >> 2)
150: || ntohs(ip->ip_len) > m->m_pkthdr.len)
151: return 0;
152: /*
153: * Find a flow.
154: */
155: if ((ipf = ipflow_lookup(ip)) == NULL)
156: return 0;
157:
158: /*
159: * Route and interface still up?
160: */
161: rt = ipf->ipf_ro.ro_rt;
162: if ((rt->rt_flags & RTF_UP) == 0 || (rt->rt_ifp->if_flags & IFF_UP) == 0)
163: return 0;
164:
165: /*
166: * Packet size OK? TTL?
167: */
168: if (m->m_pkthdr.len > rt->rt_ifp->if_mtu || ip->ip_ttl <= IPTTLDEC)
169: return 0;
170:
171: /*
172: * Everything checks out and so we can forward this packet.
173: * Modify the TTL and incrementally change the checksum.
174: */
175: ip->ip_ttl -= IPTTLDEC;
176: if (ip->ip_sum >= htons(0xffff - (IPTTLDEC << 8))) {
177: ip->ip_sum += htons(IPTTLDEC << 8) + 1;
178: } else {
179: ip->ip_sum += htons(IPTTLDEC << 8);
180: }
181:
182: /*
183: * Send the packet on its way. All we can get back is ENOBUFS
184: */
185: ipf->ipf_uses++;
186: ipf->ipf_timer = IPFLOW_TIMER;
187:
188: /* Not sure the rt_dlt is valid here !! XXX */
189: if ((error = dlil_output((u_long)rt->rt_dlt, m, (caddr_t) rt, &ipf->ipf_ro.ro_dst, 0)) != 0) {
190: if (error == ENOBUFS)
191: ipf->ipf_dropped++;
192: else
193: ipf->ipf_errors++;
194: }
195: return 1;
196: }
197:
198: static void
199: ipflow_addstats(
200: struct ipflow *ipf)
201: {
202: ipf->ipf_ro.ro_rt->rt_use += ipf->ipf_uses;
203: ipstat.ips_cantforward += ipf->ipf_errors + ipf->ipf_dropped;
204: ipstat.ips_forward += ipf->ipf_uses;
205: ipstat.ips_fastforward += ipf->ipf_uses;
206: }
207:
208: static void
209: ipflow_free(
210: struct ipflow *ipf)
211: {
212: int s;
213: /*
214: * Remove the flow from the hash table (at elevated IPL).
215: * Once it's off the list, we can deal with it at normal
216: * network IPL.
217: */
218: s = splimp();
219: LIST_REMOVE(ipf, ipf_next);
220: splx(s);
221: ipflow_addstats(ipf);
222: RTFREE(ipf->ipf_ro.ro_rt);
223: ipflow_inuse--;
224: FREE(ipf, M_IPFLOW);
225: }
226:
227: static struct ipflow *
228: ipflow_reap(
229: void)
230: {
231: struct ipflow *ipf, *maybe_ipf = NULL;
232: int idx;
233: int s;
234:
235: for (idx = 0; idx < IPFLOW_HASHSIZE; idx++) {
236: ipf = LIST_FIRST(&ipflows[idx]);
237: while (ipf != NULL) {
238: /*
239: * If this no longer points to a valid route
240: * reclaim it.
241: */
242: if ((ipf->ipf_ro.ro_rt->rt_flags & RTF_UP) == 0)
243: goto done;
244: /*
245: * choose the one that's been least recently used
246: * or has had the least uses in the last 1.5
247: * intervals.
248: */
249: if (maybe_ipf == NULL
250: || ipf->ipf_timer < maybe_ipf->ipf_timer
251: || (ipf->ipf_timer == maybe_ipf->ipf_timer
252: && ipf->ipf_last_uses + ipf->ipf_uses <
253: maybe_ipf->ipf_last_uses +
254: maybe_ipf->ipf_uses))
255: maybe_ipf = ipf;
256: ipf = LIST_NEXT(ipf, ipf_next);
257: }
258: }
259: ipf = maybe_ipf;
260: done:
261: /*
262: * Remove the entry from the flow table.
263: */
264: s = splimp();
265: LIST_REMOVE(ipf, ipf_next);
266: splx(s);
267: ipflow_addstats(ipf);
268: RTFREE(ipf->ipf_ro.ro_rt);
269: return ipf;
270: }
271:
272: void
273: ipflow_slowtimo(
274: void)
275: {
276: struct ipflow *ipf;
277: int idx;
278:
279: for (idx = 0; idx < IPFLOW_HASHSIZE; idx++) {
280: ipf = LIST_FIRST(&ipflows[idx]);
281: while (ipf != NULL) {
282: struct ipflow *next_ipf = LIST_NEXT(ipf, ipf_next);
283: if (--ipf->ipf_timer == 0) {
284: ipflow_free(ipf);
285: } else {
286: ipf->ipf_last_uses = ipf->ipf_uses;
287: ipf->ipf_ro.ro_rt->rt_use += ipf->ipf_uses;
288: ipstat.ips_forward += ipf->ipf_uses;
289: ipstat.ips_fastforward += ipf->ipf_uses;
290: ipf->ipf_uses = 0;
291: }
292: ipf = next_ipf;
293: }
294: }
295: }
296:
297: void
298: ipflow_create(
299: const struct route *ro,
300: struct mbuf *m)
301: {
302: const struct ip *const ip = mtod(m, struct ip *);
303: struct ipflow *ipf;
304: unsigned hash;
305: int s;
306:
307: /*
308: * Don't create cache entries for ICMP messages.
309: */
310: if (!ipflow_active || ip->ip_p == IPPROTO_ICMP)
311: return;
312: /*
313: * See if an existing flow struct exists. If so remove it from it's
314: * list and free the old route. If not, try to malloc a new one
315: * (if we aren't at our limit).
316: */
317: ipf = ipflow_lookup(ip);
318: if (ipf == NULL) {
319: if (ipflow_inuse == IPFLOW_MAX) {
320: ipf = ipflow_reap();
321: } else {
322: ipf = (struct ipflow *) _MALLOC(sizeof(*ipf), M_IPFLOW,
323: M_NOWAIT);
324: if (ipf == NULL)
325: return;
326: ipflow_inuse++;
327: }
328: bzero((caddr_t) ipf, sizeof(*ipf));
329: } else {
330: s = splimp();
331: LIST_REMOVE(ipf, ipf_next);
332: splx(s);
333: ipflow_addstats(ipf);
334: RTFREE(ipf->ipf_ro.ro_rt);
335: ipf->ipf_uses = ipf->ipf_last_uses = 0;
336: ipf->ipf_errors = ipf->ipf_dropped = 0;
337: }
338:
339: /*
340: * Fill in the updated information.
341: */
342: ipf->ipf_ro = *ro;
343: ro->ro_rt->rt_refcnt++;
344: ipf->ipf_dst = ip->ip_dst;
345: ipf->ipf_src = ip->ip_src;
346: ipf->ipf_tos = ip->ip_tos;
347: ipf->ipf_timer = IPFLOW_TIMER;
348: /*
349: * Insert into the approriate bucket of the flow table.
350: */
351: hash = ipflow_hash(ip->ip_dst, ip->ip_src, ip->ip_tos);
352: s = splimp();
353: LIST_INSERT_HEAD(&ipflows[hash], ipf, ipf_next);
354: splx(s);
355: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.