root/netinet/ip_input.c

DEFINITIONS

1. ipq_lock_try
2. ipq_unlock
3. inet_ntoa
4. ip_init
5. ipintr
6. ipv4_input
7. in_iawithaddr
8. ip_reass
9. ip_freef
10. ip_slowtimo
11. ip_drain
12. ip_flush
13. ip_dooptions
14. ip_rtaddr
15. save_rte
16. ip_weadvertise
17. ip_srcroute
18. ip_stripoptions
19. ip_forward
20. ip_sysctl
21. ip_savecontrol

    1 /*      $OpenBSD: ip_input.c,v 1.151 2007/05/30 04:46:45 henning Exp $  */
    2 /*      $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $   */
    4 /*
    5  * Copyright (c) 1982, 1986, 1988, 1993
    6  *      The Regents of the University of California.  All rights reserved.
    7  *
    8  * Redistribution and use in source and binary forms, with or without
    9  * modification, are permitted provided that the following conditions
   10  * are met:
   11  * 1. Redistributions of source code must retain the above copyright
   12  *    notice, this list of conditions and the following disclaimer.
   13  * 2. Redistributions in binary form must reproduce the above copyright
   14  *    notice, this list of conditions and the following disclaimer in the
   15  *    documentation and/or other materials provided with the distribution.
   16  * 3. Neither the name of the University nor the names of its contributors
   17  *    may be used to endorse or promote products derived from this software
   18  *    without specific prior written permission.
   19  *
   20  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
   21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
   24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   30  * SUCH DAMAGE.
   31  *
   32  *      @(#)ip_input.c  8.2 (Berkeley) 1/4/94
   33  */
   35 #include "pf.h"
   36 #include "carp.h"
   38 #include <sys/param.h>
   39 #include <sys/systm.h>
   40 #include <sys/mbuf.h>
   41 #include <sys/domain.h>
   42 #include <sys/protosw.h>
   43 #include <sys/socket.h>
   44 #include <sys/socketvar.h>
   45 #include <sys/syslog.h>
   46 #include <sys/sysctl.h>
   48 #include <net/if.h>
   49 #include <net/if_dl.h>
   50 #include <net/route.h>
   52 #include <netinet/in.h>
   53 #include <netinet/in_systm.h>
   54 #include <netinet/if_ether.h>
   55 #include <netinet/ip.h>
   56 #include <netinet/in_pcb.h>
   57 #include <netinet/in_var.h>
   58 #include <netinet/ip_var.h>
   59 #include <netinet/ip_icmp.h>
   61 #if NPF > 0
   62 #include <net/pfvar.h>
   63 #endif
   65 #ifdef IPSEC
   66 #include <netinet/ip_ipsp.h>
   67 #endif /* IPSEC */
   69 #if NCARP > 0
   70 #include <net/if_types.h>
   71 #include <netinet/ip_carp.h>
   72 #endif
   74 #define IPMTUDISCTIMEOUT (10 * 60)      /* as per RFC 1191 */
   76 struct ipqhead ipq;
   78 int encdebug = 0;
   79 int ipsec_keep_invalid = IPSEC_DEFAULT_EMBRYONIC_SA_TIMEOUT;
   80 int ipsec_require_pfs = IPSEC_DEFAULT_PFS;
   81 int ipsec_soft_allocations = IPSEC_DEFAULT_SOFT_ALLOCATIONS;
   82 int ipsec_exp_allocations = IPSEC_DEFAULT_EXP_ALLOCATIONS;
   83 int ipsec_soft_bytes = IPSEC_DEFAULT_SOFT_BYTES;
   84 int ipsec_exp_bytes = IPSEC_DEFAULT_EXP_BYTES;
   85 int ipsec_soft_timeout = IPSEC_DEFAULT_SOFT_TIMEOUT;
   86 int ipsec_exp_timeout = IPSEC_DEFAULT_EXP_TIMEOUT;
   87 int ipsec_soft_first_use = IPSEC_DEFAULT_SOFT_FIRST_USE;
   88 int ipsec_exp_first_use = IPSEC_DEFAULT_EXP_FIRST_USE;
   89 int ipsec_expire_acquire = IPSEC_DEFAULT_EXPIRE_ACQUIRE;
   90 char ipsec_def_enc[20];
   91 char ipsec_def_auth[20];
   92 char ipsec_def_comp[20];
   94 /* values controllable via sysctl */
   95 int     ipforwarding = 0;
   96 int     ipmforwarding = 0;
   97 int     ipmultipath = 0;
   98 int     ipsendredirects = 1;
   99 int     ip_dosourceroute = 0;
  100 int     ip_defttl = IPDEFTTL;
  101 int     ip_mtudisc = 1;
u_int   ip_mtudisc_timeout = IPMTUDISCTIMEOUT;
  103 int     ip_directedbcast = 0;
  104 #ifdef DIAGNOSTIC
  105 int     ipprintfs = 0;
  106 #endif
  108 struct rttimer_queue *ip_mtudisc_timeout_q = NULL;
  110 int     ipsec_auth_default_level = IPSEC_AUTH_LEVEL_DEFAULT;
  111 int     ipsec_esp_trans_default_level = IPSEC_ESP_TRANS_LEVEL_DEFAULT;
  112 int     ipsec_esp_network_default_level = IPSEC_ESP_NETWORK_LEVEL_DEFAULT;
  113 int     ipsec_ipcomp_default_level = IPSEC_IPCOMP_LEVEL_DEFAULT;
  115 /* Keep track of memory used for reassembly */
  116 int     ip_maxqueue = 300;
  117 int     ip_frags = 0;
  119 /* from in_pcb.c */
  120 extern int ipport_firstauto;
  121 extern int ipport_lastauto;
  122 extern int ipport_hifirstauto;
  123 extern int ipport_hilastauto;
  124 extern struct baddynamicports baddynamicports;
  126 int *ipctl_vars[IPCTL_MAXID] = IPCTL_VARS;
  128 extern  struct domain inetdomain;
  129 extern  struct protosw inetsw[];
u_char  ip_protox[IPPROTO_MAX];
  131 int     ipqmaxlen = IFQ_MAXLEN;
  132 struct  in_ifaddrhead in_ifaddr;
  133 struct  ifqueue ipintrq;
  135 int     ipq_locked;
  136 static __inline int ipq_lock_try(void);
  137 static __inline void ipq_unlock(void);
  139 struct pool ipqent_pool;
  141 struct ipstat ipstat;
  143 static __inline int
ipq_lock_try()
  145 {
  146         int s;
  148         /* Use splvm() due to mbuf allocation. */
s = splvm();
  150         if (ipq_locked) {
splx(s);
  152                 return (0);
  153         }
ipq_locked = 1;
splx(s);
  156         return (1);
  157 }
  159 #define ipq_lock() ipq_lock_try()
  161 static __inline void
ipq_unlock()
  163 {
  164         int s;
s = splvm();
ipq_locked = 0;
splx(s);
  169 }
  171 char *
inet_ntoa(ina)
  173         struct in_addr ina;
  174 {
  175         static char buf[4*sizeof "123"];
  176         unsigned char *ucp = (unsigned char *)&ina;
snprintf(buf, sizeof buf, "%d.%d.%d.%d",
ucp[0] & 0xff, ucp[1] & 0xff,
ucp[2] & 0xff, ucp[3] & 0xff);
  181         return (buf);
  182 }
  184 /*
  185  * We need to save the IP options in case a protocol wants to respond
  186  * to an incoming packet over the same route if the packet got here
  187  * using IP source routing.  This allows connection establishment and
  188  * maintenance when the remote end is on a network that is not known
  189  * to us.
  190  */
  191 int     ip_nhops = 0;
  192 static  struct ip_srcrt {
  193         struct  in_addr dst;                    /* final destination */
  194         char    nop;                            /* one NOP to align */
  195         char    srcopt[IPOPT_OFFSET + 1];       /* OPTVAL, OLEN and OFFSET */
  196         struct  in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)];
  197 } ip_srcrt;
  199 void save_rte(u_char *, struct in_addr);
  200 int ip_weadvertise(u_int32_t);
  202 /*
  203  * IP initialization: fill in IP protocol switch table.
  204  * All protocols not implemented in kernel go to raw IP protocol handler.
  205  */
  206 void
ip_init()
  208 {
  209         struct protosw *pr;
  210         int i;
  211         const u_int16_t defbaddynamicports_tcp[] = DEFBADDYNAMICPORTS_TCP;
  212         const u_int16_t defbaddynamicports_udp[] = DEFBADDYNAMICPORTS_UDP;
pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl",
NULL);
pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW);
  218         if (pr == 0)
panic("ip_init");
  220         for (i = 0; i < IPPROTO_MAX; i++)
ip_protox[i] = pr - inetsw;
  222         for (pr = inetdomain.dom_protosw;
pr < inetdomain.dom_protoswNPROTOSW; pr++)
  224                 if (pr->pr_domain->dom_family == PF_INET &&
pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
ip_protox[pr->pr_protocol] = pr - inetsw;
LIST_INIT(&ipq);
ipintrq.ifq_maxlen = ipqmaxlen;
TAILQ_INIT(&in_ifaddr);
  230         if (ip_mtudisc != 0)
ip_mtudisc_timeout_q =
rt_timer_queue_create(ip_mtudisc_timeout);
  234         /* Fill in list of ports not to allocate dynamically. */
bzero((void *)&baddynamicports, sizeof(baddynamicports));
  236         for (i = 0; defbaddynamicports_tcp[i] != 0; i++)
DP_SET(baddynamicports.tcp, defbaddynamicports_tcp[i]);
  238         for (i = 0; defbaddynamicports_udp[i] != 0; i++)
DP_SET(baddynamicports.udp, defbaddynamicports_udp[i]);
strlcpy(ipsec_def_enc, IPSEC_DEFAULT_DEF_ENC, sizeof(ipsec_def_enc));
strlcpy(ipsec_def_auth, IPSEC_DEFAULT_DEF_AUTH, sizeof(ipsec_def_auth));
strlcpy(ipsec_def_comp, IPSEC_DEFAULT_DEF_COMP, sizeof(ipsec_def_comp));
  244 }
  246 struct  sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET };
  247 struct  route ipforward_rt;
  248 int     ipforward_rtableid;
  250 void
ipintr()
  252 {
  253         struct mbuf *m;
  254         int s;
  256         while (ipintrq.ifq_head) {
  257                 /*
  258                  * Get next datagram off input queue and get IP header
  259                  * in first mbuf.
  260                  */
s = splnet();
IF_DEQUEUE(&ipintrq, m);
splx(s);
  264                 if (m == 0)
  265                         return;
  266 #ifdef  DIAGNOSTIC
  267                 if ((m->m_flags & M_PKTHDR) == 0)
panic("ipintr no HDR");
  269 #endif
ipv4_input(m);
  271         }
  272 }
  274 /*
  275  * Ip input routine.  Checksum and byte swap header.  If fragmented
  276  * try to reassemble.  Process options.  Pass to next level.
  277  */
  278 void
ipv4_input(m)
  280         struct mbuf *m;
  281 {
  282         struct ip *ip;
  283         struct ipq *fp;
  284         struct in_ifaddr *ia;
  285         struct ipqent *ipqe;
  286         int hlen, mff, len;
in_addr_t pfrdr = 0;
  288 #ifdef IPSEC
  289         int error, s;
  290         struct tdb *tdb;
  291         struct tdb_ident *tdbi;
  292         struct m_tag *mtag;
  293 #endif /* IPSEC */
  295         /*
  296          * If no IP addresses have been set yet but the interfaces
  297          * are receiving, can't do anything with incoming packets yet.
  298          */
  299         if (TAILQ_EMPTY(&in_ifaddr))
  300                 goto bad;
ipstat.ips_total++;
  302         if (m->m_len < sizeof (struct ip) &&
  303             (m = m_pullup(m, sizeof (struct ip))) == NULL) {
ipstat.ips_toosmall++;
  305                 return;
  306         }
ip = mtod(m, struct ip *);
  308         if (ip->ip_v != IPVERSION) {
ipstat.ips_badvers++;
  310                 goto bad;
  311         }
hlen = ip->ip_hl << 2;
  313         if (hlen < sizeof(struct ip)) { /* minimum header length */
ipstat.ips_badhlen++;
  315                 goto bad;
  316         }
  317         if (hlen > m->m_len) {
  318                 if ((m = m_pullup(m, hlen)) == NULL) {
ipstat.ips_badhlen++;
  320                         return;
  321                 }
ip = mtod(m, struct ip *);
  323         }
  325         /* 127/8 must not appear on wire - RFC1122 */
  326         if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
  327             (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
  328                 if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) {
ipstat.ips_badaddr++;
  330                         goto bad;
  331                 }
  332         }
  334         if ((m->m_pkthdr.csum_flags & M_IPV4_CSUM_IN_OK) == 0) {
  335                 if (m->m_pkthdr.csum_flags & M_IPV4_CSUM_IN_BAD) {
ipstat.ips_inhwcsum++;
ipstat.ips_badsum++;
  338                         goto bad;
  339                 }
  341                 if (in_cksum(m, hlen) != 0) {
ipstat.ips_badsum++;
  343                         goto bad;
  344                 }
  345         } else {
m->m_pkthdr.csum_flags &= ~M_IPV4_CSUM_IN_OK;
ipstat.ips_inhwcsum++;
  348         }
  350         /* Retrieve the packet length. */
len = ntohs(ip->ip_len);
  353         /*
  354          * Convert fields to host representation.
  355          */
  356         if (len < hlen) {
ipstat.ips_badlen++;
  358                 goto bad;
  359         }
  361         /*
  362          * Check that the amount of data in the buffers
  363          * is at least as much as the IP header would have us expect.
  364          * Trim mbufs if longer than we expect.
  365          * Drop packet if shorter than we expect.
  366          */
  367         if (m->m_pkthdr.len < len) {
ipstat.ips_tooshort++;
  369                 goto bad;
  370         }
  371         if (m->m_pkthdr.len > len) {
  372                 if (m->m_len == m->m_pkthdr.len) {
m->m_len = len;
m->m_pkthdr.len = len;
  375                 } else
m_adj(m, len - m->m_pkthdr.len);
  377         }
  379 #if NCARP > 0
  380         if (m->m_pkthdr.rcvif->if_type == IFT_CARP &&
m->m_pkthdr.rcvif->if_flags & IFF_LINK0 &&
ip->ip_p != IPPROTO_ICMP &&
carp_lsdrop(m, AF_INET, &ip->ip_src.s_addr,
  384             &ip->ip_dst.s_addr))
  385                 goto bad;
  386 #endif
  388 #if NPF > 0
  389         /*
  390          * Packet filter
  391          */
pfrdr = ip->ip_dst.s_addr;
  393         if (pf_test(PF_IN, m->m_pkthdr.rcvif, &m, NULL) != PF_PASS)
  394                 goto bad;
  395         if (m == NULL)
  396                 return;
ip = mtod(m, struct ip *);
hlen = ip->ip_hl << 2;
pfrdr = (pfrdr != ip->ip_dst.s_addr);
  401 #endif
  403         /*
  404          * Process options and, if not destined for us,
  405          * ship it on.  ip_dooptions returns 1 when an
  406          * error was detected (causing an icmp message
  407          * to be sent and the original packet to be freed).
  408          */
ip_nhops = 0;           /* for source routed packets */
  410         if (hlen > sizeof (struct ip) && ip_dooptions(m)) {
  411                 return;
  412         }
  414         /*
  415          * Check our list of addresses, to see if the packet is for us.
  416          */
  417         if ((ia = in_iawithaddr(ip->ip_dst, m)) != NULL &&
  418             (ia->ia_ifp->if_flags & IFF_UP))
  419                 goto ours;
  421         if (IN_MULTICAST(ip->ip_dst.s_addr)) {
  422                 struct in_multi *inm;
  423 #ifdef MROUTING
  424                 extern struct socket *ip_mrouter;
  426                 if (m->m_flags & M_EXT) {
  427                         if ((m = m_pullup(m, hlen)) == NULL) {
ipstat.ips_toosmall++;
  429                                 return;
  430                         }
ip = mtod(m, struct ip *);
  432                 }
  433                 if (ipmforwarding && ip_mrouter) {
  434                         /*
  435                          * If we are acting as a multicast router, all
  436                          * incoming multicast packets are passed to the
  437                          * kernel-level multicast forwarding function.
  438                          * The packet is returned (relatively) intact; if
  439                          * ip_mforward() returns a non-zero value, the packet
  440                          * must be discarded, else it may be accepted below.
  441                          *
  442                          * (The IP ident field is put in the same byte order
  443                          * as expected when ip_mforward() is called from
  444                          * ip_output().)
  445                          */
  446                         if (ip_mforward(m, m->m_pkthdr.rcvif) != 0) {
ipstat.ips_cantforward++;
m_freem(m);
  449                                 return;
  450                         }
  452                         /*
  453                          * The process-level routing daemon needs to receive
  454                          * all multicast IGMP packets, whether or not this
  455                          * host belongs to their destination groups.
  456                          */
  457                         if (ip->ip_p == IPPROTO_IGMP)
  458                                 goto ours;
ipstat.ips_forward++;
  460                 }
  461 #endif
  462                 /*
  463                  * See if we belong to the destination multicast group on the
  464                  * arrival interface.
  465                  */
IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);
  467                 if (inm == NULL) {
ipstat.ips_notmember++;
  469                         if (!IN_LOCAL_GROUP(ip->ip_dst.s_addr))
ipstat.ips_cantforward++;
m_freem(m);
  472                         return;
  473                 }
  474                 goto ours;
  475         }
  476         if (ip->ip_dst.s_addr == INADDR_BROADCAST ||
ip->ip_dst.s_addr == INADDR_ANY)
  478                 goto ours;
  480 #if NCARP > 0
  481         if (m->m_pkthdr.rcvif->if_type == IFT_CARP &&
m->m_pkthdr.rcvif->if_flags & IFF_LINK0 &&
ip->ip_p == IPPROTO_ICMP &&
carp_lsdrop(m, AF_INET, &ip->ip_src.s_addr,
  485             &ip->ip_dst.s_addr))
  486                 goto bad;
  487 #endif
  488         /*
  489          * Not for us; forward if possible and desirable.
  490          */
  491         if (ipforwarding == 0) {
ipstat.ips_cantforward++;
m_freem(m);
  494                 return;
  495         }
  496 #ifdef IPSEC
  497         if (ipsec_in_use) {
  498                 /*
  499                  * IPsec policy check for forwarded packets. Look at
  500                  * inner-most IPsec SA used.
  501                  */
mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
s = splnet();
  504                 if (mtag != NULL) {
tdbi = (struct tdb_ident *)(mtag + 1);
tdb = gettdb(tdbi->spi, &tdbi->dst, tdbi->proto);
  507                 } else
tdb = NULL;
ipsp_spd_lookup(m, AF_INET, hlen, &error,
IPSP_DIRECTION_IN, tdb, NULL);
splx(s);
  513                 /* Error or otherwise drop-packet indication */
  514                 if (error) {
ipstat.ips_cantforward++;
m_freem(m);
  517                         return;
  518                 }
  520                 /*
  521                  * Fall through, forward packet. Outbound IPsec policy
  522                  * checking will occur in ip_output().
  523                  */
  524         }
  525 #endif /* IPSEC */
ip_forward(m, pfrdr);
  528         return;
ours:
  531         /*
  532          * If offset or IP_MF are set, must reassemble.
  533          * Otherwise, nothing need be done.
  534          * (We could look in the reassembly queue to see
  535          * if the packet was previously fragmented,
  536          * but it's not worth the time; just let them time out.)
  537          */
  538         if (ip->ip_off &~ htons(IP_DF | IP_RF)) {
  539                 if (m->m_flags & M_EXT) {               /* XXX */
  540                         if ((m = m_pullup(m, hlen)) == NULL) {
ipstat.ips_toosmall++;
  542                                 return;
  543                         }
ip = mtod(m, struct ip *);
  545                 }
  547                 /*
  548                  * Look for queue of fragments
  549                  * of this datagram.
  550                  */
ipq_lock();
LIST_FOREACH(fp, &ipq, ipq_q)
  553                         if (ip->ip_id == fp->ipq_id &&
ip->ip_src.s_addr == fp->ipq_src.s_addr &&
ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
ip->ip_p == fp->ipq_p)
  557                                 goto found;
fp = 0;
found:
  561                 /*
  562                  * Adjust ip_len to not reflect header,
  563                  * set ipqe_mff if more fragments are expected,
  564                  * convert offset of this to bytes.
  565                  */
ip->ip_len = htons(ntohs(ip->ip_len) - hlen);
mff = (ip->ip_off & htons(IP_MF)) != 0;
  568                 if (mff) {
  569                         /*
  570                          * Make sure that fragments have a data length
  571                          * that's a non-zero multiple of 8 bytes.
  572                          */
  573                         if (ntohs(ip->ip_len) == 0 ||
  574                             (ntohs(ip->ip_len) & 0x7) != 0) {
ipstat.ips_badfrags++;
ipq_unlock();
  577                                 goto bad;
  578                         }
  579                 }
ip->ip_off = htons(ntohs(ip->ip_off) << 3);
  582                 /*
  583                  * If datagram marked as having more fragments
  584                  * or if this is not the first fragment,
  585                  * attempt reassembly; if it succeeds, proceed.
  586                  */
  587                 if (mff || ip->ip_off) {
ipstat.ips_fragments++;
  589                         if (ip_frags + 1 > ip_maxqueue) {
ip_flush();
ipstat.ips_rcvmemdrop++;
ipq_unlock();
  593                                 goto bad;
  594                         }
ipqe = pool_get(&ipqent_pool, PR_NOWAIT);
  597                         if (ipqe == NULL) {
ipstat.ips_rcvmemdrop++;
ipq_unlock();
  600                                 goto bad;
  601                         }
ip_frags++;
ipqe->ipqe_mff = mff;
ipqe->ipqe_m = m;
ipqe->ipqe_ip = ip;
m = ip_reass(ipqe, fp);
  607                         if (m == 0) {
ipq_unlock();
  609                                 return;
  610                         }
ipstat.ips_reassembled++;
ip = mtod(m, struct ip *);
hlen = ip->ip_hl << 2;
ip->ip_len = htons(ntohs(ip->ip_len) + hlen);
  615                 } else
  616                         if (fp)
ip_freef(fp);
ipq_unlock();
  619         }
  621 #ifdef IPSEC
  622         if (!ipsec_in_use)
  623                 goto skipipsec;
  625         /*
  626          * If it's a protected packet for us, skip the policy check.
  627          * That's because we really only care about the properties of
  628          * the protected packet, and not the intermediate versions.
  629          * While this is not the most paranoid setting, it allows
  630          * some flexibility in handling nested tunnels (in setting up
  631          * the policies).
  632          */
  633         if ((ip->ip_p == IPPROTO_ESP) || (ip->ip_p == IPPROTO_AH) ||
  634             (ip->ip_p == IPPROTO_IPCOMP))
  635           goto skipipsec;
  637         /*
  638          * If the protected packet was tunneled, then we need to
  639          * verify the protected packet's information, not the
  640          * external headers. Thus, skip the policy lookup for the
  641          * external packet, and keep the IPsec information linked on
  642          * the packet header (the encapsulation routines know how
  643          * to deal with that).
  644          */
  645         if ((ip->ip_p == IPPROTO_IPIP) || (ip->ip_p == IPPROTO_IPV6))
  646           goto skipipsec;
  648         /*
  649          * If the protected packet is TCP or UDP, we'll do the
  650          * policy check in the respective input routine, so we can
  651          * check for bypass sockets.
  652          */
  653         if ((ip->ip_p == IPPROTO_TCP) || (ip->ip_p == IPPROTO_UDP))
  654           goto skipipsec;
  656         /*
  657          * IPsec policy check for local-delivery packets. Look at the
  658          * inner-most SA that protected the packet. This is in fact
  659          * a bit too restrictive (it could end up causing packets to
  660          * be dropped that semantically follow the policy, e.g., in
  661          * certain SA-bundle configurations); but the alternative is
  662          * very complicated (and requires keeping track of what
  663          * kinds of tunneling headers have been seen in-between the
  664          * IPsec headers), and I don't think we lose much functionality
  665          * that's needed in the real world (who uses bundles anyway ?).
  666          */
mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
s = splnet();
  669         if (mtag) {
tdbi = (struct tdb_ident *)(mtag + 1);
tdb = gettdb(tdbi->spi, &tdbi->dst, tdbi->proto);
  672         } else
tdb = NULL;
ipsp_spd_lookup(m, AF_INET, hlen, &error, IPSP_DIRECTION_IN,
tdb, NULL);
splx(s);
  678         /* Error or otherwise drop-packet indication. */
  679         if (error) {
ipstat.ips_cantforward++;
m_freem(m);
  682                 return;
  683         }
skipipsec:
  686         /* Otherwise, just fall through and deliver the packet */
  687 #endif /* IPSEC */
  689         /*
  690          * Switch out to protocol's input routine.
  691          */
ipstat.ips_delivered++;
  693         (*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen, NULL, 0);
  694         return;
bad:
m_freem(m);
  697 }
  699 struct in_ifaddr *
in_iawithaddr(ina, m)
  701         struct in_addr ina;
  702         struct mbuf *m;
  703 {
  704         struct in_ifaddr *ia;
TAILQ_FOREACH(ia, &in_ifaddr, ia_list) {
  707                 if ((ina.s_addr == ia->ia_addr.sin_addr.s_addr) ||
  708                     ((ia->ia_ifp->if_flags & (IFF_LOOPBACK|IFF_LINK1)) ==
  709                         (IFF_LOOPBACK|IFF_LINK1) &&
ia->ia_subnet == (ina.s_addr & ia->ia_subnetmask)))
  711                         return ia;
  712                 if (((ip_directedbcast == 0) || (m && ip_directedbcast &&
ia->ia_ifp == m->m_pkthdr.rcvif)) &&
  714                     (ia->ia_ifp->if_flags & IFF_BROADCAST)) {
  715                         if (ina.s_addr == ia->ia_broadaddr.sin_addr.s_addr ||
ina.s_addr == ia->ia_netbroadcast.s_addr ||
  717                             /*
  718                              * Look for all-0's host part (old broadcast addr),
  719                              * either for subnet or net.
  720                              */
ina.s_addr == ia->ia_subnet ||
ina.s_addr == ia->ia_net) {
  723                                 /* Make sure M_BCAST is set */
  724                                 if (m)
m->m_flags |= M_BCAST;
  726                                 return ia;
  727                             }
  728                 }
  729         }
  731         return NULL;
  732 }
  734 /*
  735  * Take incoming datagram fragment and try to
  736  * reassemble it into whole datagram.  If a chain for
  737  * reassembly of this datagram already exists, then it
  738  * is given as fp; otherwise have to make a chain.
  739  */
  740 struct mbuf *
ip_reass(ipqe, fp)
  742         struct ipqent *ipqe;
  743         struct ipq *fp;
  744 {
  745         struct mbuf *m = ipqe->ipqe_m;
  746         struct ipqent *nq, *p, *q;
  747         struct ip *ip;
  748         struct mbuf *t;
  749         int hlen = ipqe->ipqe_ip->ip_hl << 2;
  750         int i, next;
u_int8_t ecn, ecn0;
  753         /*
  754          * Presence of header sizes in mbufs
  755          * would confuse code below.
  756          */
m->m_data += hlen;
m->m_len -= hlen;
  760         /*
  761          * If first fragment to arrive, create a reassembly queue.
  762          */
  763         if (fp == 0) {
MALLOC(fp, struct ipq *, sizeof (struct ipq),
M_FTABLE, M_NOWAIT);
  766                 if (fp == NULL)
  767                         goto dropfrag;
LIST_INSERT_HEAD(&ipq, fp, ipq_q);
fp->ipq_ttl = IPFRAGTTL;
fp->ipq_p = ipqe->ipqe_ip->ip_p;
fp->ipq_id = ipqe->ipqe_ip->ip_id;
LIST_INIT(&fp->ipq_fragq);
fp->ipq_src = ipqe->ipqe_ip->ip_src;
fp->ipq_dst = ipqe->ipqe_ip->ip_dst;
p = NULL;
  776                 goto insert;
  777         }
  779         /*
  780          * Handle ECN by comparing this segment with the first one;
  781          * if CE is set, do not lose CE.
  782          * drop if CE and not-ECT are mixed for the same packet.
  783          */
ecn = ipqe->ipqe_ip->ip_tos & IPTOS_ECN_MASK;
ecn0 = LIST_FIRST(&fp->ipq_fragq)->ipqe_ip->ip_tos & IPTOS_ECN_MASK;
  786         if (ecn == IPTOS_ECN_CE) {
  787                 if (ecn0 == IPTOS_ECN_NOTECT)
  788                         goto dropfrag;
  789                 if (ecn0 != IPTOS_ECN_CE)
LIST_FIRST(&fp->ipq_fragq)->ipqe_ip->ip_tos |= IPTOS_ECN_CE;
  791         }
  792         if (ecn == IPTOS_ECN_NOTECT && ecn0 != IPTOS_ECN_NOTECT)
  793                 goto dropfrag;
  795         /*
  796          * Find a segment which begins after this one does.
  797          */
  798         for (p = NULL, q = LIST_FIRST(&fp->ipq_fragq);
q != LIST_END(&fp->ipq_fragq); p = q, q = LIST_NEXT(q, ipqe_q))
  800                 if (ntohs(q->ipqe_ip->ip_off) > ntohs(ipqe->ipqe_ip->ip_off))
  801                         break;
  803         /*
  804          * If there is a preceding segment, it may provide some of
  805          * our data already.  If so, drop the data from the incoming
  806          * segment.  If it provides all of our data, drop us.
  807          */
  808         if (p != NULL) {
i = ntohs(p->ipqe_ip->ip_off) + ntohs(p->ipqe_ip->ip_len) -
ntohs(ipqe->ipqe_ip->ip_off);
  811                 if (i > 0) {
  812                         if (i >= ntohs(ipqe->ipqe_ip->ip_len))
  813                                 goto dropfrag;
m_adj(ipqe->ipqe_m, i);
ipqe->ipqe_ip->ip_off =
htons(ntohs(ipqe->ipqe_ip->ip_off) + i);
ipqe->ipqe_ip->ip_len =
htons(ntohs(ipqe->ipqe_ip->ip_len) - i);
  819                 }
  820         }
  822         /*
  823          * While we overlap succeeding segments trim them or,
  824          * if they are completely covered, dequeue them.
  825          */
  826         for (; q != NULL &&
ntohs(ipqe->ipqe_ip->ip_off) + ntohs(ipqe->ipqe_ip->ip_len) >
ntohs(q->ipqe_ip->ip_off); q = nq) {
i = (ntohs(ipqe->ipqe_ip->ip_off) +
ntohs(ipqe->ipqe_ip->ip_len)) - ntohs(q->ipqe_ip->ip_off);
  831                 if (i < ntohs(q->ipqe_ip->ip_len)) {
q->ipqe_ip->ip_len =
htons(ntohs(q->ipqe_ip->ip_len) - i);
q->ipqe_ip->ip_off =
htons(ntohs(q->ipqe_ip->ip_off) + i);
m_adj(q->ipqe_m, i);
  837                         break;
  838                 }
nq = LIST_NEXT(q, ipqe_q);
m_freem(q->ipqe_m);
LIST_REMOVE(q, ipqe_q);
pool_put(&ipqent_pool, q);
ip_frags--;
  844         }
insert:
  847         /*
  848          * Stick new segment in its place;
  849          * check for complete reassembly.
  850          */
  851         if (p == NULL) {
LIST_INSERT_HEAD(&fp->ipq_fragq, ipqe, ipqe_q);
  853         } else {
LIST_INSERT_AFTER(p, ipqe, ipqe_q);
  855         }
next = 0;
  857         for (p = NULL, q = LIST_FIRST(&fp->ipq_fragq);
q != LIST_END(&fp->ipq_fragq); p = q, q = LIST_NEXT(q, ipqe_q)) {
  859                 if (ntohs(q->ipqe_ip->ip_off) != next)
  860                         return (0);
next += ntohs(q->ipqe_ip->ip_len);
  862         }
  863         if (p->ipqe_mff)
  864                 return (0);
  866         /*
  867          * Reassembly is complete.  Check for a bogus message size and
  868          * concatenate fragments.
  869          */
q = LIST_FIRST(&fp->ipq_fragq);
ip = q->ipqe_ip;
  872         if ((next + (ip->ip_hl << 2)) > IP_MAXPACKET) {
ipstat.ips_toolong++;
ip_freef(fp);
  875                 return (0);
  876         }
m = q->ipqe_m;
t = m->m_next;
m->m_next = 0;
m_cat(m, t);
nq = LIST_NEXT(q, ipqe_q);
pool_put(&ipqent_pool, q);
ip_frags--;
  884         for (q = nq; q != NULL; q = nq) {
t = q->ipqe_m;
nq = LIST_NEXT(q, ipqe_q);
pool_put(&ipqent_pool, q);
ip_frags--;
m_cat(m, t);
  890         }
  892         /*
  893          * Create header for new ip packet by
  894          * modifying header of first packet;
  895          * dequeue and discard fragment reassembly header.
  896          * Make header visible.
  897          */
ip->ip_len = htons(next);
ip->ip_src = fp->ipq_src;
ip->ip_dst = fp->ipq_dst;
LIST_REMOVE(fp, ipq_q);
FREE(fp, M_FTABLE);
m->m_len += (ip->ip_hl << 2);
m->m_data -= (ip->ip_hl << 2);
  905         /* some debugging cruft by sklower, below, will go away soon */
  906         if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */
  907                 int plen = 0;
  908                 for (t = m; t; t = t->m_next)
plen += t->m_len;
m->m_pkthdr.len = plen;
  911         }
  912         return (m);
dropfrag:
ipstat.ips_fragdropped++;
m_freem(m);
pool_put(&ipqent_pool, ipqe);
ip_frags--;
  919         return (0);
  920 }
  922 /*
  923  * Free a fragment reassembly header and all
  924  * associated datagrams.
  925  */
  926 void
ip_freef(fp)
  928         struct ipq *fp;
  929 {
  930         struct ipqent *q, *p;
  932         for (q = LIST_FIRST(&fp->ipq_fragq); q != LIST_END(&fp->ipq_fragq);
q = p) {
p = LIST_NEXT(q, ipqe_q);
m_freem(q->ipqe_m);
LIST_REMOVE(q, ipqe_q);
pool_put(&ipqent_pool, q);
ip_frags--;
  939         }
LIST_REMOVE(fp, ipq_q);
FREE(fp, M_FTABLE);
  942 }
  944 /*
  945  * IP timer processing;
  946  * if a timer expires on a reassembly queue, discard it.
  947  * clear the forwarding cache, there might be a better route.
  948  */
  949 void
ip_slowtimo()
  951 {
  952         struct ipq *fp, *nfp;
  953         int s = splsoftnet();
ipq_lock();
  956         for (fp = LIST_FIRST(&ipq); fp != LIST_END(&ipq); fp = nfp) {
nfp = LIST_NEXT(fp, ipq_q);
  958                 if (--fp->ipq_ttl == 0) {
ipstat.ips_fragtimeout++;
ip_freef(fp);
  961                 }
  962         }
ipq_unlock();
  964         if (ipforward_rt.ro_rt) {
RTFREE(ipforward_rt.ro_rt);
ipforward_rt.ro_rt = 0;
  967         }
splx(s);
  969 }
  971 /*
  972  * Drain off all datagram fragments.
  973  */
  974 void
ip_drain()
  976 {
  978         if (ipq_lock_try() == 0)
  979                 return;
  980         while (!LIST_EMPTY(&ipq)) {
ipstat.ips_fragdropped++;
ip_freef(LIST_FIRST(&ipq));
  983         }
ipq_unlock();
  985 }
  987 /*
  988  * Flush a bunch of datagram fragments, till we are down to 75%.
  989  */
  990 void
ip_flush()
  992 {
  993         int max = 50;
  995         /* ipq already locked */
  996         while (!LIST_EMPTY(&ipq) && ip_frags > ip_maxqueue * 3 / 4 && --max) {
ipstat.ips_fragdropped++;
ip_freef(LIST_FIRST(&ipq));
  999         }
 1000 }
 1002 /*
 1003  * Do option processing on a datagram,
 1004  * possibly discarding it if bad options are encountered,
 1005  * or forwarding it if source-routed.
 1006  * Returns 1 if packet has been forwarded/freed,
 1007  * 0 if the packet should be processed further.
 1008  */
 1009 int
ip_dooptions(m)
 1011         struct mbuf *m;
 1012 {
 1013         struct ip *ip = mtod(m, struct ip *);
u_char *cp;
 1015         struct ip_timestamp ipt;
 1016         struct in_ifaddr *ia;
 1017         int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0;
 1018         struct in_addr sin, dst;
n_time ntime;
dst = ip->ip_dst;
cp = (u_char *)(ip + 1);
cnt = (ip->ip_hl << 2) - sizeof (struct ip);
 1025         for (; cnt > 0; cnt -= optlen, cp += optlen) {
opt = cp[IPOPT_OPTVAL];
 1027                 if (opt == IPOPT_EOL)
 1028                         break;
 1029                 if (opt == IPOPT_NOP)
optlen = 1;
 1031                 else {
 1032                         if (cnt < IPOPT_OLEN + sizeof(*cp)) {
code = &cp[IPOPT_OLEN] - (u_char *)ip;
 1034                                 goto bad;
 1035                         }
optlen = cp[IPOPT_OLEN];
 1037                         if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
code = &cp[IPOPT_OLEN] - (u_char *)ip;
 1039                                 goto bad;
 1040                         }
 1041                 }
 1043                 switch (opt) {
 1045                 default:
 1046                         break;
 1048                 /*
 1049                  * Source routing with record.
 1050                  * Find interface with current destination address.
 1051                  * If none on this machine then drop if strictly routed,
 1052                  * or do nothing if loosely routed.
 1053                  * Record interface address and bring up next address
 1054                  * component.  If strictly routed make sure next
 1055                  * address is on directly accessible net.
 1056                  */
 1057                 case IPOPT_LSRR:
 1058                 case IPOPT_SSRR:
 1059                         if (!ip_dosourceroute) {
type = ICMP_UNREACH;
code = ICMP_UNREACH_SRCFAIL;
 1062                                 goto bad;
 1063                         }
 1064                         if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
code = &cp[IPOPT_OFFSET] - (u_char *)ip;
 1066                                 goto bad;
 1067                         }
ipaddr.sin_addr = ip->ip_dst;
ia = ifatoia(ifa_ifwithaddr(sintosa(&ipaddr)));
 1070                         if (ia == 0) {
 1071                                 if (opt == IPOPT_SSRR) {
type = ICMP_UNREACH;
code = ICMP_UNREACH_SRCFAIL;
 1074                                         goto bad;
 1075                                 }
 1076                                 /*
 1077                                  * Loose routing, and not at next destination
 1078                                  * yet; nothing to do except forward.
 1079                                  */
 1080                                 break;
 1081                         }
off--;                  /* 0 origin */
 1083                         if ((off + sizeof(struct in_addr)) > optlen) {
 1084                                 /*
 1085                                  * End of source route.  Should be for us.
 1086                                  */
save_rte(cp, ip->ip_src);
 1088                                 break;
 1089                         }
 1091                         /*
 1092                          * locate outgoing interface
 1093                          */
bcopy((caddr_t)(cp + off), (caddr_t)&ipaddr.sin_addr,
 1095                             sizeof(ipaddr.sin_addr));
 1096                         if (opt == IPOPT_SSRR) {
 1097 #define INA     struct in_ifaddr *
 1098 #define SA      struct sockaddr *
 1099                             if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr)) == 0)
ia = (INA)ifa_ifwithnet((SA)&ipaddr);
 1101                         } else
ia = ip_rtaddr(ipaddr.sin_addr);
 1103                         if (ia == 0) {
type = ICMP_UNREACH;
code = ICMP_UNREACH_SRCFAIL;
 1106                                 goto bad;
 1107                         }
ip->ip_dst = ipaddr.sin_addr;
bcopy((caddr_t)&ia->ia_addr.sin_addr,
 1110                             (caddr_t)(cp + off), sizeof(struct in_addr));
cp[IPOPT_OFFSET] += sizeof(struct in_addr);
 1112                         /*
 1113                          * Let ip_intr's mcast routing check handle mcast pkts
 1114                          */
forward = !IN_MULTICAST(ip->ip_dst.s_addr);
 1116                         break;
 1118                 case IPOPT_RR:
 1119                         if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
code = &cp[IPOPT_OLEN] - (u_char *)ip;
 1121                                 goto bad;
 1122                         }
 1123                         if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
code = &cp[IPOPT_OFFSET] - (u_char *)ip;
 1125                                 goto bad;
 1126                         }
 1128                         /*
 1129                          * If no space remains, ignore.
 1130                          */
off--;                  /* 0 origin */
 1132                         if ((off + sizeof(struct in_addr)) > optlen)
 1133                                 break;
bcopy((caddr_t)(&ip->ip_dst), (caddr_t)&ipaddr.sin_addr,
 1135                             sizeof(ipaddr.sin_addr));
 1136                         /*
 1137                          * locate outgoing interface; if we're the destination,
 1138                          * use the incoming interface (should be same).
 1139                          */
 1140                         if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == 0 &&
 1141                             (ia = ip_rtaddr(ipaddr.sin_addr)) == 0) {
type = ICMP_UNREACH;
code = ICMP_UNREACH_HOST;
 1144                                 goto bad;
 1145                         }
bcopy((caddr_t)&ia->ia_addr.sin_addr,
 1147                             (caddr_t)(cp + off), sizeof(struct in_addr));
cp[IPOPT_OFFSET] += sizeof(struct in_addr);
 1149                         break;
 1151                 case IPOPT_TS:
code = cp - (u_char *)ip;
 1153                         if (optlen < sizeof(struct ip_timestamp))
 1154                                 goto bad;
bcopy(cp, &ipt, sizeof(struct ip_timestamp));
 1156                         if (ipt.ipt_ptr < 5 || ipt.ipt_len < 5)
 1157                                 goto bad;
 1158                         if (ipt.ipt_ptr - 1 + sizeof(n_time) > ipt.ipt_len) {
 1159                                 if (++ipt.ipt_oflw == 0)
 1160                                         goto bad;
 1161                                 break;
 1162                         }
bcopy(cp + ipt.ipt_ptr - 1, &sin, sizeof sin);
 1164                         switch (ipt.ipt_flg) {
 1166                         case IPOPT_TS_TSONLY:
 1167                                 break;
 1169                         case IPOPT_TS_TSANDADDR:
 1170                                 if (ipt.ipt_ptr - 1 + sizeof(n_time) +
 1171                                     sizeof(struct in_addr) > ipt.ipt_len)
 1172                                         goto bad;
ipaddr.sin_addr = dst;
ia = (INA)ifaof_ifpforaddr((SA)&ipaddr,
m->m_pkthdr.rcvif);
 1176                                 if (ia == 0)
 1177                                         continue;
bcopy((caddr_t)&ia->ia_addr.sin_addr,
 1179                                     (caddr_t)&sin, sizeof(struct in_addr));
ipt.ipt_ptr += sizeof(struct in_addr);
 1181                                 break;
 1183                         case IPOPT_TS_PRESPEC:
 1184                                 if (ipt.ipt_ptr - 1 + sizeof(n_time) +
 1185                                     sizeof(struct in_addr) > ipt.ipt_len)
 1186                                         goto bad;
bcopy((caddr_t)&sin, (caddr_t)&ipaddr.sin_addr,
 1188                                     sizeof(struct in_addr));
 1189                                 if (ifa_ifwithaddr((SA)&ipaddr) == 0)
 1190                                         continue;
ipt.ipt_ptr += sizeof(struct in_addr);
 1192                                 break;
 1194                         default:
 1195                                 /* XXX can't take &ipt->ipt_flg */
code = (u_char *)&ipt.ipt_ptr -
 1197                                     (u_char *)ip + 1;
 1198                                 goto bad;
 1199                         }
ntime = iptime();
bcopy((caddr_t)&ntime, (caddr_t)cp + ipt.ipt_ptr - 1,
 1202                             sizeof(n_time));
ipt.ipt_ptr += sizeof(n_time);
 1204                 }
 1205         }
 1206         if (forward && ipforwarding) {
ip_forward(m, 1);
 1208                 return (1);
 1209         }
 1210         return (0);
bad:
icmp_error(m, type, code, 0, 0);
ipstat.ips_badoptions++;
 1214         return (1);
 1215 }
 1217 /*
 1218  * Given address of next destination (final or next hop),
 1219  * return internet address info of interface to be used to get there.
 1220  */
 1221 struct in_ifaddr *
ip_rtaddr(dst)
 1223          struct in_addr dst;
 1224 {
 1225         struct sockaddr_in *sin;
sin = satosin(&ipforward_rt.ro_dst);
 1229         if (ipforward_rt.ro_rt == 0 || dst.s_addr != sin->sin_addr.s_addr) {
 1230                 if (ipforward_rt.ro_rt) {
RTFREE(ipforward_rt.ro_rt);
ipforward_rt.ro_rt = 0;
 1233                 }
sin->sin_family = AF_INET;
sin->sin_len = sizeof(*sin);
sin->sin_addr = dst;
rtalloc(&ipforward_rt);
 1239         }
 1240         if (ipforward_rt.ro_rt == 0)
 1241                 return ((struct in_ifaddr *)0);
 1242         return (ifatoia(ipforward_rt.ro_rt->rt_ifa));
 1243 }
 1245 /*
 1246  * Save incoming source route for use in replies,
 1247  * to be picked up later by ip_srcroute if the receiver is interested.
 1248  */
 1249 void
save_rte(option, dst)
u_char *option;
 1252         struct in_addr dst;
 1253 {
 1254         unsigned olen;
olen = option[IPOPT_OLEN];
 1257 #ifdef DIAGNOSTIC
 1258         if (ipprintfs)
printf("save_rte: olen %d\n", olen);
 1260 #endif /* 0 */
 1261         if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst)))
 1262                 return;
bcopy((caddr_t)option, (caddr_t)ip_srcrt.srcopt, olen);
ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
ip_srcrt.dst = dst;
 1266 }
 1268 /*
 1269  * Check whether we do proxy ARP for this address and we point to ourselves.
 1270  * Code shamelessly copied from arplookup().
 1271  */
 1272 int
ip_weadvertise(addr)
u_int32_t addr;
 1275 {
 1276         struct rtentry *rt;
 1277         struct ifnet *ifp;
 1278         struct ifaddr *ifa;
 1279         struct sockaddr_inarp sin;
sin.sin_len = sizeof(sin);
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = addr;
sin.sin_other = SIN_PROXY;
rt = rtalloc1(sintosa(&sin), 0, 0);     /* XXX other tables? */
 1286         if (rt == 0)
 1287                 return 0;
 1289         if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 ||
rt->rt_gateway->sa_family != AF_LINK) {
RTFREE(rt);
 1292                 return 0;
 1293         }
TAILQ_FOREACH(ifp, &ifnet, if_list)
TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
 1297                         if (ifa->ifa_addr->sa_family != rt->rt_gateway->sa_family)
 1298                                 continue;
 1300                         if (!bcmp(LLADDR((struct sockaddr_dl *)ifa->ifa_addr),
LLADDR((struct sockaddr_dl *)rt->rt_gateway),
ETHER_ADDR_LEN)) {
RTFREE(rt);
 1304                                 return 1;
 1305                         }
 1306                 }
RTFREE(rt);
 1309         return 0;
 1310 }
 1312 /*
 1313  * Retrieve incoming source route for use in replies,
 1314  * in the same form used by setsockopt.
 1315  * The first hop is placed before the options, will be removed later.
 1316  */
 1317 struct mbuf *
ip_srcroute()
 1319 {
 1320         struct in_addr *p, *q;
 1321         struct mbuf *m;
 1323         if (ip_nhops == 0)
 1324                 return ((struct mbuf *)0);
m = m_get(M_DONTWAIT, MT_SOOPTS);
 1326         if (m == 0)
 1327                 return ((struct mbuf *)0);
 1329 #define OPTSIZ  (sizeof(ip_srcrt.nop) + sizeof(ip_srcrt.srcopt))
 1331         /* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */
m->m_len = ip_nhops * sizeof(struct in_addr) + sizeof(struct in_addr) +
OPTSIZ;
 1334 #ifdef DIAGNOSTIC
 1335         if (ipprintfs)
printf("ip_srcroute: nhops %d mlen %d", ip_nhops, m->m_len);
 1337 #endif
 1339         /*
 1340          * First save first hop for return route
 1341          */
p = &ip_srcrt.route[ip_nhops - 1];
 1343         *(mtod(m, struct in_addr *)) = *p--;
 1344 #ifdef DIAGNOSTIC
 1345         if (ipprintfs)
printf(" hops %x", ntohl(mtod(m, struct in_addr *)->s_addr));
 1347 #endif
 1349         /*
 1350          * Copy option fields and padding (nop) to mbuf.
 1351          */
ip_srcrt.nop = IPOPT_NOP;
ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF;
bcopy((caddr_t)&ip_srcrt.nop,
mtod(m, caddr_t) + sizeof(struct in_addr), OPTSIZ);
q = (struct in_addr *)(mtod(m, caddr_t) +
 1357             sizeof(struct in_addr) + OPTSIZ);
 1358 #undef OPTSIZ
 1359         /*
 1360          * Record return path as an IP source route,
 1361          * reversing the path (pointers are now aligned).
 1362          */
 1363         while (p >= ip_srcrt.route) {
 1364 #ifdef DIAGNOSTIC
 1365                 if (ipprintfs)
printf(" %x", ntohl(q->s_addr));
 1367 #endif
 1368                 *q++ = *p--;
 1369         }
 1370         /*
 1371          * Last hop goes to final destination.
 1372          */
 1373         *q = ip_srcrt.dst;
 1374 #ifdef DIAGNOSTIC
 1375         if (ipprintfs)
printf(" %x\n", ntohl(q->s_addr));
 1377 #endif
 1378         return (m);
 1379 }
 1381 /*
 1382  * Strip out IP options, at higher
 1383  * level protocol in the kernel.
 1384  * Second argument is buffer to which options
 1385  * will be moved, and return value is their length.
 1386  * XXX should be deleted; last arg currently ignored.
 1387  */
 1388 void
 1389 ip_stripoptions(m, mopt)
 1390         struct mbuf *m;
 1391         struct mbuf *mopt;
 1392 {
 1393         int i;
 1394         struct ip *ip = mtod(m, struct ip *);
caddr_t opts;
 1396         int olen;
olen = (ip->ip_hl<<2) - sizeof (struct ip);
opts = (caddr_t)(ip + 1);
i = m->m_len - (sizeof (struct ip) + olen);
bcopy(opts  + olen, opts, (unsigned)i);
m->m_len -= olen;
 1403         if (m->m_flags & M_PKTHDR)
m->m_pkthdr.len -= olen;
ip->ip_hl = sizeof(struct ip) >> 2;
 1406 }
 1408 int inetctlerrmap[PRC_NCMDS] = {
 1409         0,              0,              0,              0,
 1410         0,              EMSGSIZE,       EHOSTDOWN,      EHOSTUNREACH,
EHOSTUNREACH,   EHOSTUNREACH,   ECONNREFUSED,   ECONNREFUSED,
EMSGSIZE,       EHOSTUNREACH,   0,              0,
 1413         0,              0,              0,              0,
ENOPROTOOPT
 1415 };
 1417 /*
 1418  * Forward a packet.  If some error occurs return the sender
 1419  * an icmp packet.  Note we can't always generate a meaningful
 1420  * icmp message because icmp doesn't have a large enough repertoire
 1421  * of codes and types.
 1422  *
 1423  * If not forwarding, just drop the packet.  This could be confusing
 1424  * if ipforwarding was zero but some routing protocol was advancing
 1425  * us as a gateway to somewhere.  However, we must let the routing
 1426  * protocol deal with that.
 1427  *
 1428  * The srcrt parameter indicates whether the packet is being forwarded
 1429  * via a source route.
 1430  */
 1431 void
ip_forward(m, srcrt)
 1433         struct mbuf *m;
 1434         int srcrt;
 1435 {
 1436         struct ip *ip = mtod(m, struct ip *);
 1437         struct sockaddr_in *sin;
 1438         struct rtentry *rt;
 1439         int error, type = 0, code = 0, destmtu = 0, rtableid = 0;
 1440         struct mbuf *mcopy;
n_long dest;
dest = 0;
 1444 #ifdef DIAGNOSTIC
 1445         if (ipprintfs)
printf("forward: src %x dst %x ttl %x\n", ip->ip_src.s_addr,
ip->ip_dst.s_addr, ip->ip_ttl);
 1448 #endif
 1449         if (m->m_flags & M_BCAST || in_canforward(ip->ip_dst) == 0) {
ipstat.ips_cantforward++;
m_freem(m);
 1452                 return;
 1453         }
 1454         if (ip->ip_ttl <= IPTTLDEC) {
icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, dest, 0);
 1456                 return;
 1457         }
 1459 #if NPF > 0
rtableid = m->m_pkthdr.pf.rtableid;
 1461 #endif
sin = satosin(&ipforward_rt.ro_dst);
 1464         if ((rt = ipforward_rt.ro_rt) == 0 ||
ip->ip_dst.s_addr != sin->sin_addr.s_addr ||
rtableid != ipforward_rtableid) {
 1467                 if (ipforward_rt.ro_rt) {
RTFREE(ipforward_rt.ro_rt);
ipforward_rt.ro_rt = 0;
 1470                 }
sin->sin_family = AF_INET;
sin->sin_len = sizeof(*sin);
sin->sin_addr = ip->ip_dst;
rtalloc_mpath(&ipforward_rt, &ip->ip_src.s_addr, rtableid);
 1476                 if (ipforward_rt.ro_rt == 0) {
icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, dest, 0);
 1478                         return;
 1479                 }
ipforward_rtableid = rtableid;
rt = ipforward_rt.ro_rt;
 1482         }
 1484         /*
 1485          * Save at most 68 bytes of the packet in case
 1486          * we need to generate an ICMP message to the src.
 1487          * Pullup to avoid sharing mbuf cluster between m and mcopy.
 1488          */
mcopy = m_copym(m, 0, min(ntohs(ip->ip_len), 68), M_DONTWAIT);
 1490         if (mcopy)
mcopy = m_pullup(mcopy, min(ntohs(ip->ip_len), 68));
ip->ip_ttl -= IPTTLDEC;
 1495         /*
 1496          * If forwarding packet using same interface that it came in on,
 1497          * perhaps should send a redirect to sender to shortcut a hop.
 1498          * Only send redirect if source is sending directly to us,
 1499          * and if packet was not source routed (or has any options).
 1500          * Also, don't send redirect if forwarding using a default route
 1501          * or a route modified by a redirect.
 1502          * Don't send redirect if we advertise destination's arp address
 1503          * as ours (proxy arp).
 1504          */
 1505         if (rt->rt_ifp == m->m_pkthdr.rcvif &&
 1506             (rt->rt_flags & (RTF_DYNAMIC|RTF_MODIFIED)) == 0 &&
satosin(rt_key(rt))->sin_addr.s_addr != 0 &&
ipsendredirects && !srcrt &&
 1509             !ip_weadvertise(satosin(rt_key(rt))->sin_addr.s_addr)) {
 1510                 if (rt->rt_ifa &&
 1511                     (ip->ip_src.s_addr & ifatoia(rt->rt_ifa)->ia_subnetmask) ==
ifatoia(rt->rt_ifa)->ia_subnet) {
 1513                     if (rt->rt_flags & RTF_GATEWAY)
dest = satosin(rt->rt_gateway)->sin_addr.s_addr;
 1515                     else
dest = ip->ip_dst.s_addr;
 1517                     /* Router requirements says to only send host redirects */
type = ICMP_REDIRECT;
code = ICMP_REDIRECT_HOST;
 1520 #ifdef DIAGNOSTIC
 1521                     if (ipprintfs)
printf("redirect (%d) to %x\n", code, (u_int32_t)dest);
 1523 #endif
 1524                 }
 1525         }
error = ip_output(m, (struct mbuf *)NULL, &ipforward_rt,
 1528             (IP_FORWARDING | (ip_directedbcast ? IP_ALLOWBROADCAST : 0)),
 1529             (void *)NULL, (void *)NULL);
 1530         if (error)
ipstat.ips_cantforward++;
 1532         else {
ipstat.ips_forward++;
 1534                 if (type)
ipstat.ips_redirectsent++;
 1536                 else
 1537                         goto freecopy;
 1538         }
 1539         if (mcopy == NULL)
 1540                 goto freert;
 1542         switch (error) {
 1544         case 0:                         /* forwarded, but need redirect */
 1545                 /* type, code set above */
 1546                 break;
 1548         case ENETUNREACH:               /* shouldn't happen, checked above */
 1549         case EHOSTUNREACH:
 1550         case ENETDOWN:
 1551         case EHOSTDOWN:
 1552         default:
type = ICMP_UNREACH;
code = ICMP_UNREACH_HOST;
 1555                 break;
 1557         case EMSGSIZE:
type = ICMP_UNREACH;
code = ICMP_UNREACH_NEEDFRAG;
 1561 #ifdef IPSEC
 1562                 if (ipforward_rt.ro_rt) {
 1563                         struct rtentry *rt = ipforward_rt.ro_rt;
 1565                         if (rt->rt_rmx.rmx_mtu)
destmtu = rt->rt_rmx.rmx_mtu;
 1567                         else
destmtu = ipforward_rt.ro_rt->rt_ifp->if_mtu;
 1569                 }
 1570 #endif /*IPSEC*/
ipstat.ips_cantfrag++;
 1572                 break;
 1574         case ENOBUFS:
 1575 #if 1
 1576                 /*
 1577                  * a router should not generate ICMP_SOURCEQUENCH as
 1578                  * required in RFC1812 Requirements for IP Version 4 Routers.
 1579                  * source quench could be a big problem under DoS attacks,
 1580                  * or the underlying interface is rate-limited.
 1581                  */
 1582                 goto freecopy;
 1583 #else
type = ICMP_SOURCEQUENCH;
code = 0;
 1586                 break;
 1587 #endif
 1588         }
icmp_error(mcopy, type, code, dest, destmtu);
 1591         goto freert;
freecopy:
 1594         if (mcopy)
m_free(mcopy);
freert:
 1597 #ifndef SMALL_KERNEL
 1598         if (ipmultipath && ipforward_rt.ro_rt &&
 1599             (ipforward_rt.ro_rt->rt_flags & RTF_MPATH)) {
RTFREE(ipforward_rt.ro_rt);
ipforward_rt.ro_rt = 0;
 1602         }
 1603 #endif
 1604         return;
 1605 }
 1607 int
ip_sysctl(name, namelen, oldp, oldlenp, newp, newlen)
 1609         int *name;
u_int namelen;
 1611         void *oldp;
size_t *oldlenp;
 1613         void *newp;
size_t newlen;
 1615 {
 1616         int error;
 1618         /* Almost all sysctl names at this level are terminal. */
 1619         if (namelen != 1 && name[0] != IPCTL_IFQUEUE)
 1620                 return (ENOTDIR);
 1622         switch (name[0]) {
 1623 #ifdef notyet
 1624         case IPCTL_DEFMTU:
 1625                 return (sysctl_int(oldp, oldlenp, newp, newlen, &ip_mtu));
 1626 #endif
 1627         case IPCTL_SOURCEROUTE:
 1628                 /*
 1629                  * Don't allow this to change in a secure environment.
 1630                  */
 1631                 if (newp && securelevel > 0)
 1632                         return (EPERM);
 1633                 return (sysctl_int(oldp, oldlenp, newp, newlen,
 1634                     &ip_dosourceroute));
 1635         case IPCTL_MTUDISC:
error = sysctl_int(oldp, oldlenp, newp, newlen,
 1637                     &ip_mtudisc);
 1638                 if (ip_mtudisc != 0 && ip_mtudisc_timeout_q == NULL) {
ip_mtudisc_timeout_q =
rt_timer_queue_create(ip_mtudisc_timeout);
 1641                 } else if (ip_mtudisc == 0 && ip_mtudisc_timeout_q != NULL) {
rt_timer_queue_destroy(ip_mtudisc_timeout_q, TRUE);
Free(ip_mtudisc_timeout_q);
ip_mtudisc_timeout_q = NULL;
 1645                 }
 1646                 return error;
 1647         case IPCTL_MTUDISCTIMEOUT:
error = sysctl_int(oldp, oldlenp, newp, newlen,
 1649                    &ip_mtudisc_timeout);
 1650                 if (ip_mtudisc_timeout_q != NULL)
rt_timer_queue_change(ip_mtudisc_timeout_q,
ip_mtudisc_timeout);
 1653                 return (error);
 1654         case IPCTL_IPSEC_ENC_ALGORITHM:
 1655                 return (sysctl_tstring(oldp, oldlenp, newp, newlen,
ipsec_def_enc, sizeof(ipsec_def_enc)));
 1657         case IPCTL_IPSEC_AUTH_ALGORITHM:
 1658                 return (sysctl_tstring(oldp, oldlenp, newp, newlen,
ipsec_def_auth,
 1660                                        sizeof(ipsec_def_auth)));
 1661         case IPCTL_IPSEC_IPCOMP_ALGORITHM:
 1662                 return (sysctl_tstring(oldp, oldlenp, newp, newlen,
ipsec_def_comp,
 1664                                        sizeof(ipsec_def_comp)));
 1665         case IPCTL_IFQUEUE:
 1666                 return (sysctl_ifq(name + 1, namelen - 1,
oldp, oldlenp, newp, newlen, &ipintrq));
 1668         default:
 1669                 if (name[0] < IPCTL_MAXID)
 1670                         return (sysctl_int_arr(ipctl_vars, name, namelen,
oldp, oldlenp, newp, newlen));
 1672                 return (EOPNOTSUPP);
 1673         }
 1674         /* NOTREACHED */
 1675 }
 1677 void
ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip,
 1679     struct mbuf *m)
 1680 {
 1681 #ifdef SO_TIMESTAMP
 1682         if (inp->inp_socket->so_options & SO_TIMESTAMP) {
 1683                 struct timeval tv;
microtime(&tv);
 1686                 *mp = sbcreatecontrol((caddr_t) &tv, sizeof(tv),
SCM_TIMESTAMP, SOL_SOCKET);
 1688                 if (*mp)
mp = &(*mp)->m_next;
 1690         }
 1691 #endif
 1692         if (inp->inp_flags & INP_RECVDSTADDR) {
 1693                 *mp = sbcreatecontrol((caddr_t) &ip->ip_dst,
 1694                     sizeof(struct in_addr), IP_RECVDSTADDR, IPPROTO_IP);
 1695                 if (*mp)
mp = &(*mp)->m_next;
 1697         }
 1698 #ifdef notyet
 1699         /* this code is broken and will probably never be fixed. */
 1700         /* options were tossed already */
 1701         if (inp->inp_flags & INP_RECVOPTS) {
 1702                 *mp = sbcreatecontrol((caddr_t) opts_deleted_above,
 1703                     sizeof(struct in_addr), IP_RECVOPTS, IPPROTO_IP);
 1704                 if (*mp)
mp = &(*mp)->m_next;
 1706         }
 1707         /* ip_srcroute doesn't do what we want here, need to fix */
 1708         if (inp->inp_flags & INP_RECVRETOPTS) {
 1709                 *mp = sbcreatecontrol((caddr_t) ip_srcroute(),
 1710                     sizeof(struct in_addr), IP_RECVRETOPTS, IPPROTO_IP);
 1711                 if (*mp)
mp = &(*mp)->m_next;
 1713         }
 1714 #endif
 1715         if (inp->inp_flags & INP_RECVIF) {
 1716                 struct sockaddr_dl sdl;
 1717                 struct ifnet *ifp;
 1719                 if ((ifp = m->m_pkthdr.rcvif) == NULL ||
ifp->if_sadl == NULL) {
bzero(&sdl, sizeof(sdl));
sdl.sdl_len = offsetof(struct sockaddr_dl, sdl_data[0]);
sdl.sdl_family = AF_LINK;
sdl.sdl_index = ifp != NULL ? ifp->if_index : 0;
sdl.sdl_nlen = sdl.sdl_alen = sdl.sdl_slen = 0;
 1726                         *mp = sbcreatecontrol((caddr_t) &sdl, sdl.sdl_len,
IP_RECVIF, IPPROTO_IP);
 1728                 } else {
 1729                         *mp = sbcreatecontrol((caddr_t) ifp->if_sadl,
ifp->if_sadl->sdl_len, IP_RECVIF, IPPROTO_IP);
 1731                 }
 1732                 if (*mp)
mp = &(*mp)->m_next;
 1734         }
 1735         if (inp->inp_flags & INP_RECVTTL) {
 1736                 *mp = sbcreatecontrol((caddr_t) &ip->ip_ttl,
 1737                     sizeof(u_char), IP_RECVTTL, IPPROTO_IP);
 1738                 if (*mp)
mp = &(*mp)->m_next;
 1740         }
 1741 }