File:  [DragonFly] / src / sys / netinet / ip_input.c
Revision 1.22: download - view: text, annotated - select for diffs
Sat Apr 24 01:40:34 2004 UTC (10 years, 7 months ago) by hsu
Branches: MAIN
CVS tags: HEAD
Drop packet if the length checks fail in ip_demux().

    1: /*
    2:  * Copyright (c) 1982, 1986, 1988, 1993
    3:  *	The Regents of the University of California.  All rights reserved.
    4:  *
    5:  * Redistribution and use in source and binary forms, with or without
    6:  * modification, are permitted provided that the following conditions
    7:  * are met:
    8:  * 1. Redistributions of source code must retain the above copyright
    9:  *    notice, this list of conditions and the following disclaimer.
   10:  * 2. Redistributions in binary form must reproduce the above copyright
   11:  *    notice, this list of conditions and the following disclaimer in the
   12:  *    documentation and/or other materials provided with the distribution.
   13:  * 3. All advertising materials mentioning features or use of this software
   14:  *    must display the following acknowledgement:
   15:  *	This product includes software developed by the University of
   16:  *	California, Berkeley and its contributors.
   17:  * 4. Neither the name of the University nor the names of its contributors
   18:  *    may be used to endorse or promote products derived from this software
   19:  *    without specific prior written permission.
   20:  *
   21:  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
   22:  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   23:  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   24:  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
   25:  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   26:  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   27:  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   28:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   29:  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   30:  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   31:  * SUCH DAMAGE.
   32:  *
   33:  *	@(#)ip_input.c	8.2 (Berkeley) 1/4/94
   34:  * $FreeBSD: src/sys/netinet/ip_input.c,v 1.130.2.52 2003/03/07 07:01:28 silby Exp $
   35:  * $DragonFly: src/sys/netinet/ip_input.c,v 1.22 2004/04/24 01:40:34 hsu Exp $
   36:  */
   37: 
   38: #define	_IP_VHL
   39: 
   40: #include "opt_bootp.h"
   41: #include "opt_ipfw.h"
   42: #include "opt_ipdn.h"
   43: #include "opt_ipdivert.h"
   44: #include "opt_ipfilter.h"
   45: #include "opt_ipstealth.h"
   46: #include "opt_ipsec.h"
   47: #include "opt_pfil_hooks.h"
   48: #include "opt_random_ip_id.h"
   49: 
   50: #include <sys/param.h>
   51: #include <sys/systm.h>
   52: #include <sys/mbuf.h>
   53: #include <sys/malloc.h>
   54: #include <sys/domain.h>
   55: #include <sys/protosw.h>
   56: #include <sys/socket.h>
   57: #include <sys/time.h>
   58: #include <sys/kernel.h>
   59: #include <sys/syslog.h>
   60: #include <sys/sysctl.h>
   61: #include <sys/in_cksum.h>
   62: 
   63: #include <sys/thread2.h>
   64: #include <sys/msgport2.h>
   65: 
   66: #include <net/if.h>
   67: #include <net/if_types.h>
   68: #include <net/if_var.h>
   69: #include <net/if_dl.h>
   70: #ifdef PFIL_HOOKS
   71: #include <net/pfil.h>
   72: #endif
   73: #include <net/route.h>
   74: #include <net/netisr.h>
   75: #include <net/intrq.h>
   76: 
   77: #include <netinet/in.h>
   78: #include <netinet/in_systm.h>
   79: #include <netinet/in_var.h>
   80: #include <netinet/ip.h>
   81: #include <netinet/in_pcb.h>
   82: #include <netinet/ip_var.h>
   83: #include <netinet/ip_icmp.h>
   84: 
   85: #include <netinet/ipprotosw.h>
   86: 
   87: #include <sys/socketvar.h>
   88: 
   89: #include <net/ipfw/ip_fw.h>
   90: #include <net/dummynet/ip_dummynet.h>
   91: 
   92: #ifdef IPSEC
   93: #include <netinet6/ipsec.h>
   94: #include <netproto/key/key.h>
   95: #endif
   96: 
   97: #ifdef FAST_IPSEC
   98: #include <netipsec/ipsec.h>
   99: #include <netipsec/key.h>
  100: #endif
  101: 
  102: int rsvp_on = 0;
  103: static int ip_rsvp_on;
  104: struct socket *ip_rsvpd;
  105: 
  106: int ipforwarding = 0;
  107: SYSCTL_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW,
  108:     &ipforwarding, 0, "Enable IP forwarding between interfaces");
  109: 
  110: static int ipsendredirects = 1; /* XXX */
  111: SYSCTL_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW,
  112:     &ipsendredirects, 0, "Enable sending IP redirects");
  113: 
  114: int ip_defttl = IPDEFTTL;
  115: SYSCTL_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW,
  116:     &ip_defttl, 0, "Maximum TTL on IP packets");
  117: 
  118: static int ip_dosourceroute = 0;
  119: SYSCTL_INT(_net_inet_ip, IPCTL_SOURCEROUTE, sourceroute, CTLFLAG_RW,
  120:     &ip_dosourceroute, 0, "Enable forwarding source routed IP packets");
  121: 
  122: static int ip_acceptsourceroute = 0;
  123: SYSCTL_INT(_net_inet_ip, IPCTL_ACCEPTSOURCEROUTE, accept_sourceroute,
  124:     CTLFLAG_RW, &ip_acceptsourceroute, 0,
  125:     "Enable accepting source routed IP packets");
  126: 
  127: static int ip_keepfaith = 0;
  128: SYSCTL_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
  129:     &ip_keepfaith, 0,
  130:     "Enable packet capture for FAITH IPv4->IPv6 translater daemon");
  131: 
  132: static int nipq = 0;	/* total # of reass queues */
  133: static int maxnipq;
  134: SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragpackets, CTLFLAG_RW,
  135:     &maxnipq, 0,
  136:     "Maximum number of IPv4 fragment reassembly queue entries");
  137: 
  138: static int maxfragsperpacket;
  139: SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW,
  140:     &maxfragsperpacket, 0,
  141:     "Maximum number of IPv4 fragments allowed per packet");
  142: 
  143: static int ip_sendsourcequench = 0;
  144: SYSCTL_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW,
  145:     &ip_sendsourcequench, 0,
  146:     "Enable the transmission of source quench packets");
  147: 
  148: /*
  149:  * XXX - Setting ip_checkinterface mostly implements the receive side of
  150:  * the Strong ES model described in RFC 1122, but since the routing table
  151:  * and transmit implementation do not implement the Strong ES model,
  152:  * setting this to 1 results in an odd hybrid.
  153:  *
  154:  * XXX - ip_checkinterface currently must be disabled if you use ipnat
  155:  * to translate the destination address to another local interface.
  156:  *
  157:  * XXX - ip_checkinterface must be disabled if you add IP aliases
  158:  * to the loopback interface instead of the interface where the
  159:  * packets for those addresses are received.
  160:  */
  161: static int ip_checkinterface = 0;
  162: SYSCTL_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW,
  163:     &ip_checkinterface, 0, "Verify packet arrives on correct interface");
  164: 
  165: #ifdef DIAGNOSTIC
  166: static int ipprintfs = 0;
  167: #endif
  168: 
  169: static struct ifqueue ipintrq;
  170: static int ipqmaxlen = IFQ_MAXLEN;
  171: 
  172: extern	struct domain inetdomain;
  173: extern	struct ipprotosw inetsw[];
  174: u_char	ip_protox[IPPROTO_MAX];
  175: struct	in_ifaddrhead in_ifaddrhead;		/* first inet address */
  176: struct	in_ifaddrhashhead *in_ifaddrhashtbl;	/* inet addr hash table */
  177: u_long	in_ifaddrhmask;				/* mask for hash table */
  178: 
  179: SYSCTL_INT(_net_inet_ip, IPCTL_INTRQMAXLEN, intr_queue_maxlen, CTLFLAG_RW,
  180:     &ipintrq.ifq_maxlen, 0, "Maximum size of the IP input queue");
  181: SYSCTL_INT(_net_inet_ip, IPCTL_INTRQDROPS, intr_queue_drops, CTLFLAG_RD,
  182:     &ipintrq.ifq_drops, 0, "Number of packets dropped from the IP input queue");
  183: 
  184: struct ipstat ipstat;
  185: SYSCTL_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW,
  186:     &ipstat, ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)");
  187: 
  188: /* Packet reassembly stuff */
  189: #define	IPREASS_NHASH_LOG2	6
  190: #define	IPREASS_NHASH		(1 << IPREASS_NHASH_LOG2)
  191: #define	IPREASS_HMASK		(IPREASS_NHASH - 1)
  192: #define	IPREASS_HASH(x,y)						\
  193:     (((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK)
  194: 
  195: static struct ipq ipq[IPREASS_NHASH];
  196: const  int    ipintrq_present = 1;
  197: 
  198: #ifdef IPCTL_DEFMTU
  199: SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
  200:     &ip_mtu, 0, "Default MTU");
  201: #endif
  202: 
  203: #ifdef IPSTEALTH
  204: static int ipstealth = 0;
  205: SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, &ipstealth, 0, "");
  206: #else
  207: static const int ipstealth = 0;
  208: #endif
  209: 
  210: 
  211: /* Firewall hooks */
  212: ip_fw_chk_t *ip_fw_chk_ptr;
  213: int fw_enable = 1;
  214: int fw_one_pass = 1;
  215: 
  216: /* Dummynet hooks */
  217: ip_dn_io_t *ip_dn_io_ptr;
  218: 
  219: #ifdef PFIL_HOOKS
  220: struct pfil_head inet_pfil_hook;
  221: #endif
  222: 
  223: /*
  224:  * XXX this is ugly -- the following two global variables are
  225:  * used to store packet state while it travels through the stack.
  226:  * Note that the code even makes assumptions on the size and
  227:  * alignment of fields inside struct ip_srcrt so e.g. adding some
  228:  * fields will break the code. This needs to be fixed.
  229:  *
  230:  * We need to save the IP options in case a protocol wants to respond
  231:  * to an incoming packet over the same route if the packet got here
  232:  * using IP source routing.  This allows connection establishment and
  233:  * maintenance when the remote end is on a network that is not known
  234:  * to us.
  235:  */
  236: static int ip_nhops = 0;
  237: 
  238: static	struct ip_srcrt {
  239: 	struct	in_addr dst;			/* final destination */
  240: 	char	nop;				/* one NOP to align */
  241: 	char	srcopt[IPOPT_OFFSET + 1];	/* OPTVAL, OLEN and OFFSET */
  242: 	struct	in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)];
  243: } ip_srcrt;
  244: 
  245: static void		save_rte (u_char *, struct in_addr);
  246: static int		ip_dooptions (struct mbuf *m, int,
  247: 					struct sockaddr_in *next_hop);
  248: static void		ip_forward (struct mbuf *m, int srcrt,
  249: 					struct sockaddr_in *next_hop);
  250: static void		ip_freef (struct ipq *);
  251: static int		ip_input_handler (struct netmsg *);
  252: static struct mbuf	*ip_reass (struct mbuf *, struct ipq *,
  253: 					struct ipq *, u_int32_t *, u_int16_t *);
  254: 
  255: /*
  256:  * IP initialization: fill in IP protocol switch table.
  257:  * All protocols not implemented in kernel go to raw IP protocol handler.
  258:  */
  259: void
  260: ip_init()
  261: {
  262: 	struct ipprotosw *pr;
  263: 	int i;
  264: 
  265: 	TAILQ_INIT(&in_ifaddrhead);
  266: 	in_ifaddrhashtbl = hashinit(INADDR_NHASH, M_IFADDR, &in_ifaddrhmask);
  267: 	pr = (struct ipprotosw *)pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW);
  268: 	if (pr == NULL)
  269: 		panic("ip_init");
  270: 	for (i = 0; i < IPPROTO_MAX; i++)
  271: 		ip_protox[i] = pr - inetsw;
  272: 	for (pr = (struct ipprotosw *)inetdomain.dom_protosw;
  273: 	     pr < (struct ipprotosw *)inetdomain.dom_protoswNPROTOSW; pr++)
  274: 		if (pr->pr_domain->dom_family == PF_INET &&
  275: 		    pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
  276: 			ip_protox[pr->pr_protocol] = pr - inetsw;
  277: 
  278: #ifdef PFIL_HOOKS
  279: 	inet_pfil_hook.ph_type = PFIL_TYPE_AF;
  280: 	inet_pfil_hook.ph_af = AF_INET;
  281: 	if ((i = pfil_head_register(&inet_pfil_hook)) != 0)
  282: 		printf("%s: WARNING: unable to register pfil hook, "
  283: 			"error %d\n", __func__, i);
  284: #endif
  285: 
  286: 	for (i = 0; i < IPREASS_NHASH; i++)
  287: 	    ipq[i].next = ipq[i].prev = &ipq[i];
  288: 
  289: 	maxnipq = nmbclusters / 32;
  290: 	maxfragsperpacket = 16;
  291: 
  292: #ifndef RANDOM_IP_ID
  293: 	ip_id = time_second & 0xffff;
  294: #endif
  295: 	ipintrq.ifq_maxlen = ipqmaxlen;
  296: 
  297: 	netisr_register(NETISR_IP, ip_mport, ip_input_handler);
  298: }
  299: 
  300: /*
  301:  * XXX watch out this one. It is perhaps used as a cache for
  302:  * the most recently used route ? it is cleared in in_addroute()
  303:  * when a new route is successfully created.
  304:  */
  305: struct route ipforward_rt;
  306: static struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET };
  307: 
  308: /* Do transport protocol processing. */
  309: static void
  310: transport_processing_oncpu(struct mbuf *m, int hlen, struct ip *ip,
  311: 			   struct sockaddr_in *nexthop)
  312: {
  313: 	/*
  314: 	 * Switch out to protocol's input routine.
  315: 	 */
  316: 	if (nexthop && ip->ip_p == IPPROTO_TCP) {
  317: 		/* TCP needs IPFORWARD info if available */
  318: 		struct m_hdr tag;
  319: 
  320: 		tag.mh_type = MT_TAG;
  321: 		tag.mh_flags = PACKET_TAG_IPFORWARD;
  322: 		tag.mh_data = (caddr_t)nexthop;
  323: 		tag.mh_next = m;
  324: 
  325: 		(*inetsw[ip_protox[ip->ip_p]].pr_input)
  326: 		    ((struct mbuf *)&tag, hlen, ip->ip_p);
  327: 	} else {
  328: 		(*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen, ip->ip_p);
  329: 	}
  330: }
  331: 
  332: struct netmsg_transport_packet {
  333: 	struct lwkt_msg		nm_lmsg;
  334: 	struct mbuf		*nm_mbuf;
  335: 	int			nm_hlen;
  336: 	boolean_t		nm_hasnexthop;
  337: 	struct sockaddr_in	nm_nexthop;
  338: };
  339: 
  340: static int
  341: transport_processing_handler(lwkt_msg_t lmsg)
  342: {
  343: 	struct netmsg_transport_packet *msg = (void *)lmsg;
  344: 	struct sockaddr_in *nexthop;
  345: 	struct ip *ip;
  346: 
  347: 	ip = mtod(msg->nm_mbuf, struct ip *);
  348: 	nexthop = msg->nm_hasnexthop ? &msg->nm_nexthop : NULL;
  349: 	transport_processing_oncpu(msg->nm_mbuf, msg->nm_hlen, ip, nexthop);
  350: 	lwkt_replymsg(lmsg, 0);
  351: 	return(EASYNC);
  352: }
  353: 
  354: static int
  355: ip_input_handler(struct netmsg *msg0)
  356: {
  357: 	struct mbuf *m = ((struct netmsg_packet *)msg0)->nm_packet;
  358: 
  359: 	ip_input(m);
  360: 	lwkt_replymsg(&msg0->nm_lmsg, 0);
  361: 	return(EASYNC);
  362: }
  363: 
  364: /*
  365:  * Ip input routine.  Checksum and byte swap header.  If fragmented
  366:  * try to reassemble.  Process options.  Pass to next level.
  367:  */
  368: void
  369: ip_input(struct mbuf *m)
  370: {
  371: 	struct ip *ip;
  372: 	struct ipq *fp;
  373: 	struct in_ifaddr *ia = NULL;
  374: 	struct ifaddr *ifa;
  375: 	int i, hlen, checkif;
  376: 	u_short sum;
  377: 	struct in_addr pkt_dst;
  378: 	u_int32_t divert_info = 0;		/* packet divert/tee info */
  379: 	struct ip_fw_args args;
  380: 	boolean_t using_srcrt = FALSE;		/* forward (by PFIL_HOOKS) */
  381: 	boolean_t needredispatch = FALSE;
  382: #ifdef PFIL_HOOKS
  383: 	struct in_addr odst;			/* original dst address(NAT) */
  384: #endif
  385: #ifdef FAST_IPSEC
  386: 	struct m_tag *mtag;
  387: 	struct tdb_ident *tdbi;
  388: 	struct secpolicy *sp;
  389: 	int s, error;
  390: #endif
  391: 
  392: 	args.eh = NULL;
  393: 	args.oif = NULL;
  394: 	args.rule = NULL;
  395: 	args.divert_rule = 0;			/* divert cookie */
  396: 	args.next_hop = NULL;
  397: 
  398: 	/* Grab info from MT_TAG mbufs prepended to the chain. */
  399: 	for (; m && m->m_type == MT_TAG; m = m->m_next) {
  400: 		switch(m->_m_tag_id) {
  401: 		default:
  402: 			printf("ip_input: unrecognised MT_TAG tag %d\n",
  403: 			    m->_m_tag_id);
  404: 			break;
  405: 
  406: 		case PACKET_TAG_DUMMYNET:
  407: 			args.rule = ((struct dn_pkt *)m)->rule;
  408: 			break;
  409: 
  410: 		case PACKET_TAG_DIVERT:
  411: 			args.divert_rule = (int)m->m_hdr.mh_data & 0xffff;
  412: 			break;
  413: 
  414: 		case PACKET_TAG_IPFORWARD:
  415: 			args.next_hop = (struct sockaddr_in *)m->m_hdr.mh_data;
  416: 			break;
  417: 		}
  418: 	}
  419: 
  420: 	KASSERT(m != NULL && (m->m_flags & M_PKTHDR) != 0,
  421: 	    ("ip_input: no HDR"));
  422: 
  423: 	if (args.rule) {	/* dummynet already filtered us */
  424: 		ip = mtod(m, struct ip *);
  425: 		hlen = IP_VHL_HL(ip->ip_vhl) << 2;
  426: 		goto iphack;
  427: 	}
  428: 
  429: 	ipstat.ips_total++;
  430: 
  431: 	/* length checks already done in ip_demux() */
  432: 	KASSERT(m->m_len >= sizeof(ip), ("IP header not in one mbuf"));
  433: 
  434: 	ip = mtod(m, struct ip *);
  435: 
  436: 	if (IP_VHL_V(ip->ip_vhl) != IPVERSION) {
  437: 		ipstat.ips_badvers++;
  438: 		goto bad;
  439: 	}
  440: 
  441: 	hlen = IP_VHL_HL(ip->ip_vhl) << 2;
  442: 	/* length checks already done in ip_demux() */
  443: 	KASSERT(hlen >= sizeof(struct ip), ("IP header len too small"));
  444: 	KASSERT(m->m_len >= hlen, ("packet shorter than IP header length"));
  445: 
  446: 	/* 127/8 must not appear on wire - RFC1122 */
  447: 	if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
  448: 	    (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
  449: 		if (!(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK)) {
  450: 			ipstat.ips_badaddr++;
  451: 			goto bad;
  452: 		}
  453: 	}
  454: 
  455: 	if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
  456: 		sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
  457: 	} else {
  458: 		if (hlen == sizeof(struct ip)) {
  459: 			sum = in_cksum_hdr(ip);
  460: 		} else {
  461: 			sum = in_cksum(m, hlen);
  462: 		}
  463: 	}
  464: 	if (sum) {
  465: 		ipstat.ips_badsum++;
  466: 		goto bad;
  467: 	}
  468: 
  469: 	/*
  470: 	 * Convert fields to host representation.
  471: 	 */
  472: 	ip->ip_len = ntohs(ip->ip_len);
  473: 	if (ip->ip_len < hlen) {
  474: 		ipstat.ips_badlen++;
  475: 		goto bad;
  476: 	}
  477: 	ip->ip_off = ntohs(ip->ip_off);
  478: 
  479: 	/*
  480: 	 * Check that the amount of data in the buffers
  481: 	 * is as at least much as the IP header would have us expect.
  482: 	 * Trim mbufs if longer than we expect.
  483: 	 * Drop packet if shorter than we expect.
  484: 	 */
  485: 	if (m->m_pkthdr.len < ip->ip_len) {
  486: 		ipstat.ips_tooshort++;
  487: 		goto bad;
  488: 	}
  489: 	if (m->m_pkthdr.len > ip->ip_len) {
  490: 		if (m->m_len == m->m_pkthdr.len) {
  491: 			m->m_len = ip->ip_len;
  492: 			m->m_pkthdr.len = ip->ip_len;
  493: 		} else
  494: 			m_adj(m, ip->ip_len - m->m_pkthdr.len);
  495: 	}
  496: #if defined(IPSEC) && !defined(IPSEC_FILTERGIF)
  497: 	/*
  498: 	 * Bypass packet filtering for packets from a tunnel (gif).
  499: 	 */
  500: 	if (ipsec_gethist(m, NULL))
  501: 		goto pass;
  502: #endif
  503: 
  504: 	/*
  505: 	 * IpHack's section.
  506: 	 * Right now when no processing on packet has done
  507: 	 * and it is still fresh out of network we do our black
  508: 	 * deals with it.
  509: 	 * - Firewall: deny/allow/divert
  510: 	 * - Xlate: translate packet's addr/port (NAT).
  511: 	 * - Pipe: pass pkt through dummynet.
  512: 	 * - Wrap: fake packet's addr/port <unimpl.>
  513: 	 * - Encapsulate: put it in another IP and send out. <unimp.>
  514: 	 */
  515: 
  516: iphack:
  517: 
  518: #ifdef PFIL_HOOKS
  519: 	/*
  520: 	 * Run through list of hooks for input packets.
  521: 	 *
  522: 	 * NB: Beware of the destination address changing (e.g.
  523: 	 *     by NAT rewriting). When this happens, tell
  524: 	 *     ip_forward to do the right thing.
  525: 	 */
  526: 	odst = ip->ip_dst;
  527: 	if (pfil_run_hooks(&inet_pfil_hook, &m, m->m_pkthdr.rcvif, PFIL_IN))
  528: 		return;
  529: 	if (m == NULL)			/* consumed by filter */
  530: 		return;
  531: 	ip = mtod(m, struct ip *);
  532: 	using_srcrt = (odst.s_addr != ip->ip_dst.s_addr);
  533: #endif
  534: 
  535: 	if (fw_enable && IPFW_LOADED) {
  536: 		/*
  537: 		 * If we've been forwarded from the output side, then
  538: 		 * skip the firewall a second time
  539: 		 */
  540: 		if (args.next_hop)
  541: 			goto ours;
  542: 
  543: 		args.m = m;
  544: 		i = ip_fw_chk_ptr(&args);
  545: 		m = args.m;
  546: 
  547: 		if ( (i & IP_FW_PORT_DENY_FLAG) || m == NULL) { /* drop */
  548: 			if (m)
  549: 				m_freem(m);
  550: 			return;
  551: 		}
  552: 		ip = mtod(m, struct ip *); /* just in case m changed */
  553: 		if (i == 0 && args.next_hop == NULL)	/* common case */
  554: 			goto pass;
  555: 		if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG)) {
  556: 			/* Send packet to the appropriate pipe */
  557: 			ip_dn_io_ptr(m, i&0xffff, DN_TO_IP_IN, &args);
  558: 			return;
  559: 		}
  560: #ifdef IPDIVERT
  561: 		if (i != 0 && !(i & IP_FW_PORT_DYNT_FLAG)) {
  562: 			/* Divert or tee packet */
  563: 			divert_info = i;
  564: 			goto ours;
  565: 		}
  566: #endif
  567: 		if (i == 0 && args.next_hop != NULL)
  568: 			goto pass;
  569: 		/*
  570: 		 * if we get here, the packet must be dropped
  571: 		 */
  572: 		m_freem(m);
  573: 		return;
  574: 	}
  575: pass:
  576: 
  577: 	/*
  578: 	 * Process options and, if not destined for us,
  579: 	 * ship it on.  ip_dooptions returns 1 when an
  580: 	 * error was detected (causing an icmp message
  581: 	 * to be sent and the original packet to be freed).
  582: 	 */
  583: 	ip_nhops = 0;		/* for source routed packets */
  584: 	if (hlen > sizeof(struct ip) && ip_dooptions(m, 0, args.next_hop))
  585: 		return;
  586: 
  587: 	/* greedy RSVP, snatches any PATH packet of the RSVP protocol and no
  588: 	 * matter if it is destined to another node, or whether it is
  589: 	 * a multicast one, RSVP wants it! and prevents it from being forwarded
  590: 	 * anywhere else. Also checks if the rsvp daemon is running before
  591: 	 * grabbing the packet.
  592: 	 */
  593: 	if (rsvp_on && ip->ip_p == IPPROTO_RSVP)
  594: 		goto ours;
  595: 
  596: 	/*
  597: 	 * Check our list of addresses, to see if the packet is for us.
  598: 	 * If we don't have any addresses, assume any unicast packet
  599: 	 * we receive might be for us (and let the upper layers deal
  600: 	 * with it).
  601: 	 */
  602: 	if (TAILQ_EMPTY(&in_ifaddrhead) && !(m->m_flags & (M_MCAST | M_BCAST)))
  603: 		goto ours;
  604: 
  605: 	/*
  606: 	 * Cache the destination address of the packet; this may be
  607: 	 * changed by use of 'ipfw fwd'.
  608: 	 */
  609: 	pkt_dst = args.next_hop ? args.next_hop->sin_addr : ip->ip_dst;
  610: 
  611: 	/*
  612: 	 * Enable a consistency check between the destination address
  613: 	 * and the arrival interface for a unicast packet (the RFC 1122
  614: 	 * strong ES model) if IP forwarding is disabled and the packet
  615: 	 * is not locally generated and the packet is not subject to
  616: 	 * 'ipfw fwd'.
  617: 	 *
  618: 	 * XXX - Checking also should be disabled if the destination
  619: 	 * address is ipnat'ed to a different interface.
  620: 	 *
  621: 	 * XXX - Checking is incompatible with IP aliases added
  622: 	 * to the loopback interface instead of the interface where
  623: 	 * the packets are received.
  624: 	 */
  625: 	checkif = ip_checkinterface &&
  626: 		  !ipforwarding &&
  627: 		  m->m_pkthdr.rcvif != NULL &&
  628: 		  !(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) &&
  629: 		  (args.next_hop == NULL);
  630: 
  631: 	/*
  632: 	 * Check for exact addresses in the hash bucket.
  633: 	 */
  634: 	LIST_FOREACH(ia, INADDR_HASH(pkt_dst.s_addr), ia_hash) {
  635: 		/*
  636: 		 * If the address matches, verify that the packet
  637: 		 * arrived via the correct interface if checking is
  638: 		 * enabled.
  639: 		 */
  640: 		if (IA_SIN(ia)->sin_addr.s_addr == pkt_dst.s_addr &&
  641: 		    (!checkif || ia->ia_ifp == m->m_pkthdr.rcvif))
  642: 			goto ours;
  643: 	}
  644: 	/*
  645: 	 * Check for broadcast addresses.
  646: 	 *
  647: 	 * Only accept broadcast packets that arrive via the matching
  648: 	 * interface.  Reception of forwarded directed broadcasts would
  649: 	 * be handled via ip_forward() and ether_output() with the loopback
  650: 	 * into the stack for SIMPLEX interfaces handled by ether_output().
  651: 	 */
  652: 	if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
  653: 		TAILQ_FOREACH(ifa, &m->m_pkthdr.rcvif->if_addrhead, ifa_link) {
  654: 			if (ifa->ifa_addr->sa_family != AF_INET)
  655: 				continue;
  656: 			ia = ifatoia(ifa);
  657: 			if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
  658: 								pkt_dst.s_addr)
  659: 				goto ours;
  660: 			if (ia->ia_netbroadcast.s_addr == pkt_dst.s_addr)
  661: 				goto ours;
  662: #ifdef BOOTP_COMPAT
  663: 			if (IA_SIN(ia)->sin_addr.s_addr == INADDR_ANY)
  664: 				goto ours;
  665: #endif
  666: 		}
  667: 	}
  668: 	if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
  669: 		struct in_multi *inm;
  670: 		if (ip_mrouter) {
  671: 			/*
  672: 			 * If we are acting as a multicast router, all
  673: 			 * incoming multicast packets are passed to the
  674: 			 * kernel-level multicast forwarding function.
  675: 			 * The packet is returned (relatively) intact; if
  676: 			 * ip_mforward() returns a non-zero value, the packet
  677: 			 * must be discarded, else it may be accepted below.
  678: 			 */
  679: 			if (ip_mforward &&
  680: 			    ip_mforward(ip, m->m_pkthdr.rcvif, m, NULL) != 0) {
  681: 				ipstat.ips_cantforward++;
  682: 				m_freem(m);
  683: 				return;
  684: 			}
  685: 
  686: 			/*
  687: 			 * The process-level routing daemon needs to receive
  688: 			 * all multicast IGMP packets, whether or not this
  689: 			 * host belongs to their destination groups.
  690: 			 */
  691: 			if (ip->ip_p == IPPROTO_IGMP)
  692: 				goto ours;
  693: 			ipstat.ips_forward++;
  694: 		}
  695: 		/*
  696: 		 * See if we belong to the destination multicast group on the
  697: 		 * arrival interface.
  698: 		 */
  699: 		IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);
  700: 		if (inm == NULL) {
  701: 			ipstat.ips_notmember++;
  702: 			m_freem(m);
  703: 			return;
  704: 		}
  705: 		goto ours;
  706: 	}
  707: 	if (ip->ip_dst.s_addr == INADDR_BROADCAST)
  708: 		goto ours;
  709: 	if (ip->ip_dst.s_addr == INADDR_ANY)
  710: 		goto ours;
  711: 
  712: 	/*
  713: 	 * FAITH(Firewall Aided Internet Translator)
  714: 	 */
  715: 	if (m->m_pkthdr.rcvif && m->m_pkthdr.rcvif->if_type == IFT_FAITH) {
  716: 		if (ip_keepfaith) {
  717: 			if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_ICMP)
  718: 				goto ours;
  719: 		}
  720: 		m_freem(m);
  721: 		return;
  722: 	}
  723: 
  724: 	/*
  725: 	 * Not for us; forward if possible and desirable.
  726: 	 */
  727: 	if (!ipforwarding) {
  728: 		ipstat.ips_cantforward++;
  729: 		m_freem(m);
  730: 	} else {
  731: #ifdef IPSEC
  732: 		/*
  733: 		 * Enforce inbound IPsec SPD.
  734: 		 */
  735: 		if (ipsec4_in_reject(m, NULL)) {
  736: 			ipsecstat.in_polvio++;
  737: 			goto bad;
  738: 		}
  739: #endif
  740: #ifdef FAST_IPSEC
  741: 		mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
  742: 		s = splnet();
  743: 		if (mtag != NULL) {
  744: 			tdbi = (struct tdb_ident *)(mtag + 1);
  745: 			sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
  746: 		} else {
  747: 			sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
  748: 						   IP_FORWARDING, &error);
  749: 		}
  750: 		if (sp == NULL) {	/* NB: can happen if error */
  751: 			splx(s);
  752: 			/*XXX error stat???*/
  753: 			DPRINTF(("ip_input: no SP for forwarding\n"));	/*XXX*/
  754: 			goto bad;
  755: 		}
  756: 
  757: 		/*
  758: 		 * Check security policy against packet attributes.
  759: 		 */
  760: 		error = ipsec_in_reject(sp, m);
  761: 		KEY_FREESP(&sp);
  762: 		splx(s);
  763: 		if (error) {
  764: 			ipstat.ips_cantforward++;
  765: 			goto bad;
  766: 		}
  767: #endif
  768: 		ip_forward(m, using_srcrt, args.next_hop);
  769: 	}
  770: 	return;
  771: 
  772: ours:
  773: 
  774: 	/*
  775: 	 * IPSTEALTH: Process non-routing options only
  776: 	 * if the packet is destined for us.
  777: 	 */
  778: 	if (ipstealth &&
  779: 	    hlen > sizeof(struct ip) &&
  780: 	    ip_dooptions(m, 1, args.next_hop))
  781: 		return;
  782: 
  783: 	/* Count the packet in the ip address stats */
  784: 	if (ia != NULL) {
  785: 		ia->ia_ifa.if_ipackets++;
  786: 		ia->ia_ifa.if_ibytes += m->m_pkthdr.len;
  787: 	}
  788: 
  789: 	/*
  790: 	 * If offset or IP_MF are set, must reassemble.
  791: 	 * Otherwise, nothing need be done.
  792: 	 * (We could look in the reassembly queue to see
  793: 	 * if the packet was previously fragmented,
  794: 	 * but it's not worth the time; just let them time out.)
  795: 	 */
  796: 	if (ip->ip_off & (IP_MF | IP_OFFMASK)) {
  797: 
  798: 		/* If maxnipq is 0, never accept fragments. */
  799: 		if (maxnipq == 0) {
  800: 			ipstat.ips_fragments++;
  801: 			ipstat.ips_fragdropped++;
  802: 			goto bad;
  803: 		}
  804: 
  805: 		sum = IPREASS_HASH(ip->ip_src.s_addr, ip->ip_id);
  806: 		/*
  807: 		 * Look for queue of fragments
  808: 		 * of this datagram.
  809: 		 */
  810: 		for (fp = ipq[sum].next; fp != &ipq[sum]; fp = fp->next)
  811: 			if (ip->ip_id == fp->ipq_id &&
  812: 			    ip->ip_src.s_addr == fp->ipq_src.s_addr &&
  813: 			    ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
  814: 			    ip->ip_p == fp->ipq_p)
  815: 				goto found;
  816: 
  817: 		fp = NULL;
  818: 
  819: 		/*
  820: 		 * Enforce upper bound on number of fragmented packets
  821: 		 * for which we attempt reassembly;
  822: 		 * If maxnipq is -1, accept all fragments without limitation.
  823: 		 */
  824: 		if ((nipq > maxnipq) && (maxnipq > 0)) {
  825: 			/*
  826: 			 * drop something from the tail of the current queue
  827: 			 * before proceeding further
  828: 			 */
  829: 			if (ipq[sum].prev == &ipq[sum]) {   /* gak */
  830: 				for (i = 0; i < IPREASS_NHASH; i++) {
  831: 					if (ipq[i].prev != &ipq[i]) {
  832: 						ipstat.ips_fragtimeout +=
  833: 						    ipq[i].prev->ipq_nfrags;
  834: 						ip_freef(ipq[i].prev);
  835: 						break;
  836: 					}
  837: 				}
  838: 			} else {
  839: 				ipstat.ips_fragtimeout +=
  840: 				    ipq[sum].prev->ipq_nfrags;
  841: 				ip_freef(ipq[sum].prev);
  842: 			}
  843: 		}
  844: found:
  845: 		/*
  846: 		 * Adjust ip_len to not reflect header,
  847: 		 * convert offset of this to bytes.
  848: 		 */
  849: 		ip->ip_len -= hlen;
  850: 		if (ip->ip_off & IP_MF) {
  851: 			/*
  852: 			 * Make sure that fragments have a data length
  853: 			 * that's a non-zero multiple of 8 bytes.
  854: 			 */
  855: 			if (ip->ip_len == 0 || (ip->ip_len & 0x7) != 0) {
  856: 				ipstat.ips_toosmall++; /* XXX */
  857: 				goto bad;
  858: 			}
  859: 			m->m_flags |= M_FRAG;
  860: 		} else
  861: 			m->m_flags &= ~M_FRAG;
  862: 		ip->ip_off <<= 3;
  863: 
  864: 		/*
  865: 		 * Attempt reassembly; if it succeeds, proceed.
  866: 		 * ip_reass() will return a different mbuf, and update
  867: 		 * the divert info in divert_info and args.divert_rule.
  868: 		 */
  869: 		ipstat.ips_fragments++;
  870: 		m->m_pkthdr.header = ip;
  871: 		m = ip_reass(m, fp, &ipq[sum], &divert_info, &args.divert_rule);
  872: 		if (m == NULL)
  873: 			return;
  874: 		ipstat.ips_reassembled++;
  875: 		needredispatch = TRUE;
  876: 		ip = mtod(m, struct ip *);
  877: 		/* Get the header length of the reassembled packet */
  878: 		hlen = IP_VHL_HL(ip->ip_vhl) << 2;
  879: #ifdef IPDIVERT
  880: 		/* Restore original checksum before diverting packet */
  881: 		if (divert_info != 0) {
  882: 			ip->ip_len += hlen;
  883: 			ip->ip_len = htons(ip->ip_len);
  884: 			ip->ip_off = htons(ip->ip_off);
  885: 			ip->ip_sum = 0;
  886: 			if (hlen == sizeof(struct ip))
  887: 				ip->ip_sum = in_cksum_hdr(ip);
  888: 			else
  889: 				ip->ip_sum = in_cksum(m, hlen);
  890: 			ip->ip_off = ntohs(ip->ip_off);
  891: 			ip->ip_len = ntohs(ip->ip_len);
  892: 			ip->ip_len -= hlen;
  893: 		}
  894: #endif
  895: 	} else {
  896: 		ip->ip_len -= hlen;
  897: 	}
  898: 
  899: #ifdef IPDIVERT
  900: 	/*
  901: 	 * Divert or tee packet to the divert protocol if required.
  902: 	 */
  903: 	if (divert_info != 0) {
  904: 		struct mbuf *clone = NULL;
  905: 
  906: 		/* Clone packet if we're doing a 'tee' */
  907: 		if ((divert_info & IP_FW_PORT_TEE_FLAG) != 0)
  908: 			clone = m_dup(m, M_DONTWAIT);
  909: 
  910: 		/* Restore packet header fields to original values */
  911: 		ip->ip_len += hlen;
  912: 		ip->ip_len = htons(ip->ip_len);
  913: 		ip->ip_off = htons(ip->ip_off);
  914: 
  915: 		/* Deliver packet to divert input routine */
  916: 		divert_packet(m, 1, divert_info & 0xffff, args.divert_rule);
  917: 		ipstat.ips_delivered++;
  918: 
  919: 		/* If 'tee', continue with original packet */
  920: 		if (clone == NULL)
  921: 			return;
  922: 		m = clone;
  923: 		ip = mtod(m, struct ip *);
  924: 		ip->ip_len += hlen;
  925: 		/*
  926: 		 * Jump backwards to complete processing of the
  927: 		 * packet. But first clear divert_info to avoid
  928: 		 * entering this block again.
  929: 		 * We do not need to clear args.divert_rule
  930: 		 * or args.next_hop as they will not be used.
  931: 		 */
  932: 		divert_info = 0;
  933: 		goto pass;
  934: 	}
  935: #endif
  936: 
  937: #ifdef IPSEC
  938: 	/*
  939: 	 * enforce IPsec policy checking if we are seeing last header.
  940: 	 * note that we do not visit this with protocols with pcb layer
  941: 	 * code - like udp/tcp/raw ip.
  942: 	 */
  943: 	if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) &&
  944: 	    ipsec4_in_reject(m, NULL)) {
  945: 		ipsecstat.in_polvio++;
  946: 		goto bad;
  947: 	}
  948: #endif
  949: #if FAST_IPSEC
  950: 	/*
  951: 	 * enforce IPsec policy checking if we are seeing last header.
  952: 	 * note that we do not visit this with protocols with pcb layer
  953: 	 * code - like udp/tcp/raw ip.
  954: 	 */
  955: 	if (inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) {
  956: 		/*
  957: 		 * Check if the packet has already had IPsec processing
  958: 		 * done.  If so, then just pass it along.  This tag gets
  959: 		 * set during AH, ESP, etc. input handling, before the
  960: 		 * packet is returned to the ip input queue for delivery.
  961: 		 */
  962: 		mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
  963: 		s = splnet();
  964: 		if (mtag != NULL) {
  965: 			tdbi = (struct tdb_ident *)(mtag + 1);
  966: 			sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
  967: 		} else {
  968: 			sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
  969: 						   IP_FORWARDING, &error);
  970: 		}
  971: 		if (sp != NULL) {
  972: 			/*
  973: 			 * Check security policy against packet attributes.
  974: 			 */
  975: 			error = ipsec_in_reject(sp, m);
  976: 			KEY_FREESP(&sp);
  977: 		} else {
  978: 			/* XXX error stat??? */
  979: 			error = EINVAL;
  980: DPRINTF(("ip_input: no SP, packet discarded\n"));/*XXX*/
  981: 			goto bad;
  982: 		}
  983: 		splx(s);
  984: 		if (error)
  985: 			goto bad;
  986: 	}
  987: #endif /* FAST_IPSEC */
  988: 
  989: 	ipstat.ips_delivered++;
  990: 	if (needredispatch) {
  991: 		struct netmsg_transport_packet *msg;
  992: 		lwkt_port_t port;
  993: 
  994: 		msg = malloc(sizeof(struct netmsg_transport_packet),
  995: 				M_LWKTMSG, M_INTWAIT | M_NULLOK);
  996: 		if (msg == NULL)
  997: 			goto bad;
  998: 
  999: 		lwkt_initmsg(&msg->nm_lmsg, &netisr_afree_rport, 0,
 1000: 			lwkt_cmd_func(transport_processing_handler),
 1001: 			lwkt_cmd_op_none);
 1002: 		msg->nm_mbuf = m;
 1003: 		msg->nm_hlen = hlen;
 1004: 		msg->nm_hasnexthop = (args.next_hop != NULL);
 1005: 		if (msg->nm_hasnexthop)
 1006: 			msg->nm_nexthop = *args.next_hop;  /* structure copy */
 1007: 
 1008: 		ip->ip_off = htons(ip->ip_off);
 1009: 		ip->ip_len = htons(ip->ip_len);
 1010: 		port = ip_mport(m);
 1011: 		if (port == NULL)
 1012: 			goto bad;
 1013: 		ip->ip_len = ntohs(ip->ip_len);
 1014: 		ip->ip_off = ntohs(ip->ip_off);
 1015: 
 1016: 		lwkt_sendmsg(port, &msg->nm_lmsg);
 1017: 	} else {
 1018: 		transport_processing_oncpu(m, hlen, ip, args.next_hop);
 1019: 	}
 1020: 	return;
 1021: 
 1022: bad:
 1023: 	m_freem(m);
 1024: }
 1025: 
 1026: /*
 1027:  * Take incoming datagram fragment and try to reassemble it into
 1028:  * whole datagram.  If a chain for reassembly of this datagram already
 1029:  * exists, then it is given as fp; otherwise have to make a chain.
 1030:  *
 1031:  * When IPDIVERT enabled, keep additional state with each packet that
 1032:  * tells us if we need to divert or tee the packet we're building.
 1033:  * In particular, *divinfo includes the port and TEE flag,
 1034:  * *divert_rule is the number of the matching rule.
 1035:  */
 1036: 
 1037: static struct mbuf *
 1038: ip_reass(struct mbuf *m, struct ipq *fp, struct ipq *where,
 1039: 	 u_int32_t *divinfo, u_int16_t *divert_rule)
 1040: {
 1041: 	struct ip *ip = mtod(m, struct ip *);
 1042: 	struct mbuf *p = NULL, *q, *nq;
 1043: 	struct mbuf *t;
 1044: 	int hlen = IP_VHL_HL(ip->ip_vhl) << 2;
 1045: 	int i, next;
 1046: 
 1047: 	/*
 1048: 	 * Presence of header sizes in mbufs
 1049: 	 * would confuse code below.
 1050: 	 */
 1051: 	m->m_data += hlen;
 1052: 	m->m_len -= hlen;
 1053: 
 1054: 	/*
 1055: 	 * If first fragment to arrive, create a reassembly queue.
 1056: 	 */
 1057: 	if (fp == NULL) {
 1058: 		if ((t = m_get(M_DONTWAIT, MT_FTABLE)) == NULL)
 1059: 			goto dropfrag;
 1060: 		fp = mtod(t, struct ipq *);
 1061: 		insque(fp, where);
 1062: 		nipq++;
 1063: 		fp->ipq_nfrags = 1;
 1064: 		fp->ipq_ttl = IPFRAGTTL;
 1065: 		fp->ipq_p = ip->ip_p;
 1066: 		fp->ipq_id = ip->ip_id;
 1067: 		fp->ipq_src = ip->ip_src;
 1068: 		fp->ipq_dst = ip->ip_dst;
 1069: 		fp->ipq_frags = m;
 1070: 		m->m_nextpkt = NULL;
 1071: #ifdef IPDIVERT
 1072: 		fp->ipq_div_info = 0;
 1073: 		fp->ipq_div_cookie = 0;
 1074: #endif
 1075: 		goto inserted;
 1076: 	} else {
 1077: 		fp->ipq_nfrags++;
 1078: 	}
 1079: 
 1080: #define	GETIP(m)	((struct ip*)((m)->m_pkthdr.header))
 1081: 
 1082: 	/*
 1083: 	 * Find a segment which begins after this one does.
 1084: 	 */
 1085: 	for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt)
 1086: 		if (GETIP(q)->ip_off > ip->ip_off)
 1087: 			break;
 1088: 
 1089: 	/*
 1090: 	 * If there is a preceding segment, it may provide some of
 1091: 	 * our data already.  If so, drop the data from the incoming
 1092: 	 * segment.  If it provides all of our data, drop us, otherwise
 1093: 	 * stick new segment in the proper place.
 1094: 	 *
 1095: 	 * If some of the data is dropped from the the preceding
 1096: 	 * segment, then it's checksum is invalidated.
 1097: 	 */
 1098: 	if (p) {
 1099: 		i = GETIP(p)->ip_off + GETIP(p)->ip_len - ip->ip_off;
 1100: 		if (i > 0) {
 1101: 			if (i >= ip->ip_len)
 1102: 				goto dropfrag;
 1103: 			m_adj(m, i);
 1104: 			m->m_pkthdr.csum_flags = 0;
 1105: 			ip->ip_off += i;
 1106: 			ip->ip_len -= i;
 1107: 		}
 1108: 		m->m_nextpkt = p->m_nextpkt;
 1109: 		p->m_nextpkt = m;
 1110: 	} else {
 1111: 		m->m_nextpkt = fp->ipq_frags;
 1112: 		fp->ipq_frags = m;
 1113: 	}
 1114: 
 1115: 	/*
 1116: 	 * While we overlap succeeding segments trim them or,
 1117: 	 * if they are completely covered, dequeue them.
 1118: 	 */
 1119: 	for (; q != NULL && ip->ip_off + ip->ip_len > GETIP(q)->ip_off;
 1120: 	     q = nq) {
 1121: 		i = (ip->ip_off + ip->ip_len) - GETIP(q)->ip_off;
 1122: 		if (i < GETIP(q)->ip_len) {
 1123: 			GETIP(q)->ip_len -= i;
 1124: 			GETIP(q)->ip_off += i;
 1125: 			m_adj(q, i);
 1126: 			q->m_pkthdr.csum_flags = 0;
 1127: 			break;
 1128: 		}
 1129: 		nq = q->m_nextpkt;
 1130: 		m->m_nextpkt = nq;
 1131: 		ipstat.ips_fragdropped++;
 1132: 		fp->ipq_nfrags--;
 1133: 		m_freem(q);
 1134: 	}
 1135: 
 1136: inserted:
 1137: 
 1138: #ifdef IPDIVERT
 1139: 	/*
 1140: 	 * Transfer firewall instructions to the fragment structure.
 1141: 	 * Only trust info in the fragment at offset 0.
 1142: 	 */
 1143: 	if (ip->ip_off == 0) {
 1144: 		fp->ipq_div_info = *divinfo;
 1145: 		fp->ipq_div_cookie = *divert_rule;
 1146: 	}
 1147: 	*divinfo = 0;
 1148: 	*divert_rule = 0;
 1149: #endif
 1150: 
 1151: 	/*
 1152: 	 * Check for complete reassembly and perform frag per packet
 1153: 	 * limiting.
 1154: 	 *
 1155: 	 * Frag limiting is performed here so that the nth frag has
 1156: 	 * a chance to complete the packet before we drop the packet.
 1157: 	 * As a result, n+1 frags are actually allowed per packet, but
 1158: 	 * only n will ever be stored. (n = maxfragsperpacket.)
 1159: 	 *
 1160: 	 */
 1161: 	next = 0;
 1162: 	for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt) {
 1163: 		if (GETIP(q)->ip_off != next) {
 1164: 			if (fp->ipq_nfrags > maxfragsperpacket) {
 1165: 				ipstat.ips_fragdropped += fp->ipq_nfrags;
 1166: 				ip_freef(fp);
 1167: 			}
 1168: 			return (NULL);
 1169: 		}
 1170: 		next += GETIP(q)->ip_len;
 1171: 	}
 1172: 	/* Make sure the last packet didn't have the IP_MF flag */
 1173: 	if (p->m_flags & M_FRAG) {
 1174: 		if (fp->ipq_nfrags > maxfragsperpacket) {
 1175: 			ipstat.ips_fragdropped += fp->ipq_nfrags;
 1176: 			ip_freef(fp);
 1177: 		}
 1178: 		return (NULL);
 1179: 	}
 1180: 
 1181: 	/*
 1182: 	 * Reassembly is complete.  Make sure the packet is a sane size.
 1183: 	 */
 1184: 	q = fp->ipq_frags;
 1185: 	ip = GETIP(q);
 1186: 	if (next + (IP_VHL_HL(ip->ip_vhl) << 2) > IP_MAXPACKET) {
 1187: 		ipstat.ips_toolong++;
 1188: 		ipstat.ips_fragdropped += fp->ipq_nfrags;
 1189: 		ip_freef(fp);
 1190: 		return (NULL);
 1191: 	}
 1192: 
 1193: 	/*
 1194: 	 * Concatenate fragments.
 1195: 	 */
 1196: 	m = q;
 1197: 	t = m->m_next;
 1198: 	m->m_next = NULL;
 1199: 	m_cat(m, t);
 1200: 	nq = q->m_nextpkt;
 1201: 	q->m_nextpkt = NULL;
 1202: 	for (q = nq; q != NULL; q = nq) {
 1203: 		nq = q->m_nextpkt;
 1204: 		q->m_nextpkt = NULL;
 1205: 		m->m_pkthdr.csum_flags &= q->m_pkthdr.csum_flags;
 1206: 		m->m_pkthdr.csum_data += q->m_pkthdr.csum_data;
 1207: 		m_cat(m, q);
 1208: 	}
 1209: 
 1210: #ifdef IPDIVERT
 1211: 	/*
 1212: 	 * Extract firewall instructions from the fragment structure.
 1213: 	 */
 1214: 	*divinfo = fp->ipq_div_info;
 1215: 	*divert_rule = fp->ipq_div_cookie;
 1216: #endif
 1217: 
 1218: 	/*
 1219: 	 * Create header for new ip packet by
 1220: 	 * modifying header of first packet;
 1221: 	 * dequeue and discard fragment reassembly header.
 1222: 	 * Make header visible.
 1223: 	 */
 1224: 	ip->ip_len = next;
 1225: 	ip->ip_src = fp->ipq_src;
 1226: 	ip->ip_dst = fp->ipq_dst;
 1227: 	remque(fp);
 1228: 	nipq--;
 1229: 	(void) m_free(dtom(fp));
 1230: 	m->m_len += (IP_VHL_HL(ip->ip_vhl) << 2);
 1231: 	m->m_data -= (IP_VHL_HL(ip->ip_vhl) << 2);
 1232: 	/* some debugging cruft by sklower, below, will go away soon */
 1233: 	if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */
 1234: 		int plen = 0;
 1235: 
 1236: 		for (t = m; t; t = t->m_next)
 1237: 			plen += t->m_len;
 1238: 		m->m_pkthdr.len = plen;
 1239: 	}
 1240: 	return (m);
 1241: 
 1242: dropfrag:
 1243: #ifdef IPDIVERT
 1244: 	*divinfo = 0;
 1245: 	*divert_rule = 0;
 1246: #endif
 1247: 	ipstat.ips_fragdropped++;
 1248: 	if (fp != NULL)
 1249: 		fp->ipq_nfrags--;
 1250: 	m_freem(m);
 1251: 	return (NULL);
 1252: 
 1253: #undef GETIP
 1254: }
 1255: 
 1256: /*
 1257:  * Free a fragment reassembly header and all
 1258:  * associated datagrams.
 1259:  */
 1260: static void
 1261: ip_freef(struct ipq *fp)
 1262: {
 1263: 	struct mbuf *q;
 1264: 
 1265: 	while (fp->ipq_frags) {
 1266: 		q = fp->ipq_frags;
 1267: 		fp->ipq_frags = q->m_nextpkt;
 1268: 		m_freem(q);
 1269: 	}
 1270: 	remque(fp);
 1271: 	(void) m_free(dtom(fp));
 1272: 	nipq--;
 1273: }
 1274: 
 1275: /*
 1276:  * IP timer processing;
 1277:  * if a timer expires on a reassembly
 1278:  * queue, discard it.
 1279:  */
 1280: void
 1281: ip_slowtimo()
 1282: {
 1283: 	struct ipq *fp;
 1284: 	int s = splnet();
 1285: 	int i;
 1286: 
 1287: 	for (i = 0; i < IPREASS_NHASH; i++) {
 1288: 		fp = ipq[i].next;
 1289: 		if (fp == NULL)
 1290: 			continue;
 1291: 		while (fp != &ipq[i]) {
 1292: 			--fp->ipq_ttl;
 1293: 			fp = fp->next;
 1294: 			if (fp->prev->ipq_ttl == 0) {
 1295: 				ipstat.ips_fragtimeout += fp->prev->ipq_nfrags;
 1296: 				ip_freef(fp->prev);
 1297: 			}
 1298: 		}
 1299: 	}
 1300: 	/*
 1301: 	 * If we are over the maximum number of fragments
 1302: 	 * (due to the limit being lowered), drain off
 1303: 	 * enough to get down to the new limit.
 1304: 	 */
 1305: 	if (maxnipq >= 0 && nipq > maxnipq) {
 1306: 		for (i = 0; i < IPREASS_NHASH; i++) {
 1307: 			while (nipq > maxnipq &&
 1308: 				(ipq[i].next != &ipq[i])) {
 1309: 				ipstat.ips_fragdropped +=
 1310: 				    ipq[i].next->ipq_nfrags;
 1311: 				ip_freef(ipq[i].next);
 1312: 			}
 1313: 		}
 1314: 	}
 1315: 	ipflow_slowtimo();
 1316: 	splx(s);
 1317: }
 1318: 
 1319: /*
 1320:  * Drain off all datagram fragments.
 1321:  */
 1322: void
 1323: ip_drain()
 1324: {
 1325: 	int i;
 1326: 
 1327: 	for (i = 0; i < IPREASS_NHASH; i++) {
 1328: 		while (ipq[i].next != &ipq[i]) {
 1329: 			ipstat.ips_fragdropped += ipq[i].next->ipq_nfrags;
 1330: 			ip_freef(ipq[i].next);
 1331: 		}
 1332: 	}
 1333: 	in_rtqdrain();
 1334: }
 1335: 
 1336: /*
 1337:  * Do option processing on a datagram,
 1338:  * possibly discarding it if bad options are encountered,
 1339:  * or forwarding it if source-routed.
 1340:  * The pass argument is used when operating in the IPSTEALTH
 1341:  * mode to tell what options to process:
 1342:  * [LS]SRR (pass 0) or the others (pass 1).
 1343:  * The reason for as many as two passes is that when doing IPSTEALTH,
 1344:  * non-routing options should be processed only if the packet is for us.
 1345:  * Returns 1 if packet has been forwarded/freed,
 1346:  * 0 if the packet should be processed further.
 1347:  */
 1348: static int
 1349: ip_dooptions(struct mbuf *m, int pass, struct sockaddr_in *next_hop)
 1350: {
 1351: 	struct ip *ip = mtod(m, struct ip *);
 1352: 	u_char *cp;
 1353: 	struct in_ifaddr *ia;
 1354: 	int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB;
 1355: 	boolean_t forward = FALSE;
 1356: 	struct in_addr *sin, dst;
 1357: 	n_time ntime;
 1358: 
 1359: 	dst = ip->ip_dst;
 1360: 	cp = (u_char *)(ip + 1);
 1361: 	cnt = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
 1362: 	for (; cnt > 0; cnt -= optlen, cp += optlen) {
 1363: 		opt = cp[IPOPT_OPTVAL];
 1364: 		if (opt == IPOPT_EOL)
 1365: 			break;
 1366: 		if (opt == IPOPT_NOP)
 1367: 			optlen = 1;
 1368: 		else {
 1369: 			if (cnt < IPOPT_OLEN + sizeof(*cp)) {
 1370: 				code = &cp[IPOPT_OLEN] - (u_char *)ip;
 1371: 				goto bad;
 1372: 			}
 1373: 			optlen = cp[IPOPT_OLEN];
 1374: 			if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
 1375: 				code = &cp[IPOPT_OLEN] - (u_char *)ip;
 1376: 				goto bad;
 1377: 			}
 1378: 		}
 1379: 		switch (opt) {
 1380: 
 1381: 		default:
 1382: 			break;
 1383: 
 1384: 		/*
 1385: 		 * Source routing with record.
 1386: 		 * Find interface with current destination address.
 1387: 		 * If none on this machine then drop if strictly routed,
 1388: 		 * or do nothing if loosely routed.
 1389: 		 * Record interface address and bring up next address
 1390: 		 * component.  If strictly routed make sure next
 1391: 		 * address is on directly accessible net.
 1392: 		 */
 1393: 		case IPOPT_LSRR:
 1394: 		case IPOPT_SSRR:
 1395: 			if (ipstealth && pass > 0)
 1396: 				break;
 1397: 			if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
 1398: 				code = &cp[IPOPT_OLEN] - (u_char *)ip;
 1399: 				goto bad;
 1400: 			}
 1401: 			if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
 1402: 				code = &cp[IPOPT_OFFSET] - (u_char *)ip;
 1403: 				goto bad;
 1404: 			}
 1405: 			ipaddr.sin_addr = ip->ip_dst;
 1406: 			ia = (struct in_ifaddr *)
 1407: 				ifa_ifwithaddr((struct sockaddr *)&ipaddr);
 1408: 			if (ia == NULL) {
 1409: 				if (opt == IPOPT_SSRR) {
 1410: 					type = ICMP_UNREACH;
 1411: 					code = ICMP_UNREACH_SRCFAIL;
 1412: 					goto bad;
 1413: 				}
 1414: 				if (!ip_dosourceroute)
 1415: 					goto nosourcerouting;
 1416: 				/*
 1417: 				 * Loose routing, and not at next destination
 1418: 				 * yet; nothing to do except forward.
 1419: 				 */
 1420: 				break;
 1421: 			}
 1422: 			off--;			/* 0 origin */
 1423: 			if (off > optlen - (int)sizeof(struct in_addr)) {
 1424: 				/*
 1425: 				 * End of source route.  Should be for us.
 1426: 				 */
 1427: 				if (!ip_acceptsourceroute)
 1428: 					goto nosourcerouting;
 1429: 				save_rte(cp, ip->ip_src);
 1430: 				break;
 1431: 			}
 1432: 			if (ipstealth)
 1433: 				goto dropit;
 1434: 			if (!ip_dosourceroute) {
 1435: 				if (ipforwarding) {
 1436: 					char buf[16]; /* aaa.bbb.ccc.ddd\0 */
 1437: 					/*
 1438: 					 * Acting as a router, so generate ICMP
 1439: 					 */
 1440: nosourcerouting:
 1441: 					strcpy(buf, inet_ntoa(ip->ip_dst));
 1442: 					log(LOG_WARNING,
 1443: 					    "attempted source route from %s to %s\n",
 1444: 					    inet_ntoa(ip->ip_src), buf);
 1445: 					type = ICMP_UNREACH;
 1446: 					code = ICMP_UNREACH_SRCFAIL;
 1447: 					goto bad;
 1448: 				} else {
 1449: 					/*
 1450: 					 * Not acting as a router,
 1451: 					 * so silently drop.
 1452: 					 */
 1453: dropit:
 1454: 					ipstat.ips_cantforward++;
 1455: 					m_freem(m);
 1456: 					return (1);
 1457: 				}
 1458: 			}
 1459: 
 1460: 			/*
 1461: 			 * locate outgoing interface
 1462: 			 */
 1463: 			(void)memcpy(&ipaddr.sin_addr, cp + off,
 1464: 			    sizeof(ipaddr.sin_addr));
 1465: 
 1466: 			if (opt == IPOPT_SSRR) {
 1467: #define	INA	struct in_ifaddr *
 1468: #define	SA	struct sockaddr *
 1469: 				if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr))
 1470: 									== NULL)
 1471: 					ia = (INA)ifa_ifwithnet((SA)&ipaddr);
 1472: 			} else
 1473: 				ia = ip_rtaddr(ipaddr.sin_addr, &ipforward_rt);
 1474: 			if (ia == NULL) {
 1475: 				type = ICMP_UNREACH;
 1476: 				code = ICMP_UNREACH_SRCFAIL;
 1477: 				goto bad;
 1478: 			}
 1479: 			ip->ip_dst = ipaddr.sin_addr;
 1480: 			(void)memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
 1481: 			    sizeof(struct in_addr));
 1482: 			cp[IPOPT_OFFSET] += sizeof(struct in_addr);
 1483: 			/*
 1484: 			 * Let ip_intr's mcast routing check handle mcast pkts
 1485: 			 */
 1486: 			forward = !IN_MULTICAST(ntohl(ip->ip_dst.s_addr));
 1487: 			break;
 1488: 
 1489: 		case IPOPT_RR:
 1490: 			if (ipstealth && pass == 0)
 1491: 				break;
 1492: 			if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
 1493: 				code = &cp[IPOPT_OFFSET] - (u_char *)ip;
 1494: 				goto bad;
 1495: 			}
 1496: 			if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
 1497: 				code = &cp[IPOPT_OFFSET] - (u_char *)ip;
 1498: 				goto bad;
 1499: 			}
 1500: 			/*
 1501: 			 * If no space remains, ignore.
 1502: 			 */
 1503: 			off--;			/* 0 origin */
 1504: 			if (off > optlen - (int)sizeof(struct in_addr))
 1505: 				break;
 1506: 			(void)memcpy(&ipaddr.sin_addr, &ip->ip_dst,
 1507: 			    sizeof(ipaddr.sin_addr));
 1508: 			/*
 1509: 			 * locate outgoing interface; if we're the destination,
 1510: 			 * use the incoming interface (should be same).
 1511: 			 */
 1512: 			if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == NULL &&
 1513: 			    (ia = ip_rtaddr(ipaddr.sin_addr, &ipforward_rt))
 1514: 								     == NULL) {
 1515: 				type = ICMP_UNREACH;
 1516: 				code = ICMP_UNREACH_HOST;
 1517: 				goto bad;
 1518: 			}
 1519: 			(void)memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
 1520: 			    sizeof(struct in_addr));
 1521: 			cp[IPOPT_OFFSET] += sizeof(struct in_addr);
 1522: 			break;
 1523: 
 1524: 		case IPOPT_TS:
 1525: 			if (ipstealth && pass == 0)
 1526: 				break;
 1527: 			code = cp - (u_char *)ip;
 1528: 			if (optlen < 4 || optlen > 40) {
 1529: 				code = &cp[IPOPT_OLEN] - (u_char *)ip;
 1530: 				goto bad;
 1531: 			}
 1532: 			if ((off = cp[IPOPT_OFFSET]) < 5) {
 1533: 				code = &cp[IPOPT_OLEN] - (u_char *)ip;
 1534: 				goto bad;
 1535: 			}
 1536: 			if (off > optlen - (int)sizeof(int32_t)) {
 1537: 				cp[IPOPT_OFFSET + 1] += (1 << 4);
 1538: 				if ((cp[IPOPT_OFFSET + 1] & 0xf0) == 0) {
 1539: 					code = &cp[IPOPT_OFFSET] - (u_char *)ip;
 1540: 					goto bad;
 1541: 				}
 1542: 				break;
 1543: 			}
 1544: 			off--;				/* 0 origin */
 1545: 			sin = (struct in_addr *)(cp + off);
 1546: 			switch (cp[IPOPT_OFFSET + 1] & 0x0f) {
 1547: 
 1548: 			case IPOPT_TS_TSONLY:
 1549: 				break;
 1550: 
 1551: 			case IPOPT_TS_TSANDADDR:
 1552: 				if (off + sizeof(n_time) +
 1553: 				    sizeof(struct in_addr) > optlen) {
 1554: 					code = &cp[IPOPT_OFFSET] - (u_char *)ip;
 1555: 					goto bad;
 1556: 				}
 1557: 				ipaddr.sin_addr = dst;
 1558: 				ia = (INA)ifaof_ifpforaddr((SA)&ipaddr,
 1559: 							    m->m_pkthdr.rcvif);
 1560: 				if (ia == NULL)
 1561: 					continue;
 1562: 				(void)memcpy(sin, &IA_SIN(ia)->sin_addr,
 1563: 				    sizeof(struct in_addr));
 1564: 				cp[IPOPT_OFFSET] += sizeof(struct in_addr);
 1565: 				off += sizeof(struct in_addr);
 1566: 				break;
 1567: 
 1568: 			case IPOPT_TS_PRESPEC:
 1569: 				if (off + sizeof(n_time) +
 1570: 				    sizeof(struct in_addr) > optlen) {
 1571: 					code = &cp[IPOPT_OFFSET] - (u_char *)ip;
 1572: 					goto bad;
 1573: 				}
 1574: 				(void)memcpy(&ipaddr.sin_addr, sin,
 1575: 				    sizeof(struct in_addr));
 1576: 				if (ifa_ifwithaddr((SA)&ipaddr) == NULL)
 1577: 					continue;
 1578: 				cp[IPOPT_OFFSET] += sizeof(struct in_addr);
 1579: 				off += sizeof(struct in_addr);
 1580: 				break;
 1581: 
 1582: 			default:
 1583: 				code = &cp[IPOPT_OFFSET + 1] - (u_char *)ip;
 1584: 				goto bad;
 1585: 			}
 1586: 			ntime = iptime();
 1587: 			(void)memcpy(cp + off, &ntime, sizeof(n_time));
 1588: 			cp[IPOPT_OFFSET] += sizeof(n_time);
 1589: 		}
 1590: 	}
 1591: 	if (forward && ipforwarding) {
 1592: 		ip_forward(m, 1, next_hop);
 1593: 		return (1);
 1594: 	}
 1595: 	return (0);
 1596: bad:
 1597: 	icmp_error(m, type, code, 0, NULL);
 1598: 	ipstat.ips_badoptions++;
 1599: 	return (1);
 1600: }
 1601: 
 1602: /*
 1603:  * Given address of next destination (final or next hop),
 1604:  * return internet address info of interface to be used to get there.
 1605:  */
 1606: struct in_ifaddr *
 1607: ip_rtaddr(struct in_addr dst, struct route *rt)
 1608: {
 1609: 	struct sockaddr_in *sin;
 1610: 
 1611: 	sin = (struct sockaddr_in *)&rt->ro_dst;
 1612: 
 1613: 	if (rt->ro_rt == NULL || dst.s_addr != sin->sin_addr.s_addr) {
 1614: 		if (rt->ro_rt) {
 1615: 			RTFREE(rt->ro_rt);
 1616: 			rt->ro_rt = NULL;
 1617: 		}
 1618: 		sin->sin_family = AF_INET;
 1619: 		sin->sin_len = sizeof(*sin);
 1620: 		sin->sin_addr = dst;
 1621: 		rtalloc_ign(rt, RTF_PRCLONING);
 1622: 	}
 1623: 
 1624: 	if (rt->ro_rt == NULL)
 1625: 		return (NULL);
 1626: 
 1627: 	return (ifatoia(rt->ro_rt->rt_ifa));
 1628: }
 1629: 
 1630: /*
 1631:  * Save incoming source route for use in replies,
 1632:  * to be picked up later by ip_srcroute if the receiver is interested.
 1633:  */
 1634: void
 1635: save_rte(u_char *option, struct in_addr dst)
 1636: {
 1637: 	unsigned olen;
 1638: 
 1639: 	olen = option[IPOPT_OLEN];
 1640: #ifdef DIAGNOSTIC
 1641: 	if (ipprintfs)
 1642: 		printf("save_rte: olen %d\n", olen);
 1643: #endif
 1644: 	if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst)))
 1645: 		return;
 1646: 	bcopy(option, ip_srcrt.srcopt, olen);
 1647: 	ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
 1648: 	ip_srcrt.dst = dst;
 1649: }
 1650: 
 1651: /*
 1652:  * Retrieve incoming source route for use in replies,
 1653:  * in the same form used by setsockopt.
 1654:  * The first hop is placed before the options, will be removed later.
 1655:  */
 1656: struct mbuf *
 1657: ip_srcroute()
 1658: {
 1659: 	struct in_addr *p, *q;
 1660: 	struct mbuf *m;
 1661: 
 1662: 	if (ip_nhops == 0)
 1663: 		return (NULL);
 1664: 	m = m_get(M_DONTWAIT, MT_HEADER);
 1665: 	if (m == NULL)
 1666: 		return (NULL);
 1667: 
 1668: #define	OPTSIZ	(sizeof(ip_srcrt.nop) + sizeof(ip_srcrt.srcopt))
 1669: 
 1670: 	/* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */
 1671: 	m->m_len = ip_nhops * sizeof(struct in_addr) + sizeof(struct in_addr) +
 1672: 	    OPTSIZ;
 1673: #ifdef DIAGNOSTIC
 1674: 	if (ipprintfs)
 1675: 		printf("ip_srcroute: nhops %d mlen %d", ip_nhops, m->m_len);
 1676: #endif
 1677: 
 1678: 	/*
 1679: 	 * First save first hop for return route
 1680: 	 */
 1681: 	p = &ip_srcrt.route[ip_nhops - 1];
 1682: 	*(mtod(m, struct in_addr *)) = *p--;
 1683: #ifdef DIAGNOSTIC
 1684: 	if (ipprintfs)
 1685: 		printf(" hops %lx", ntohl(mtod(m, struct in_addr *)->s_addr));
 1686: #endif
 1687: 
 1688: 	/*
 1689: 	 * Copy option fields and padding (nop) to mbuf.
 1690: 	 */
 1691: 	ip_srcrt.nop = IPOPT_NOP;
 1692: 	ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF;
 1693: 	(void)memcpy(mtod(m, caddr_t) + sizeof(struct in_addr), &ip_srcrt.nop,
 1694: 	    OPTSIZ);
 1695: 	q = (struct in_addr *)(mtod(m, caddr_t) +
 1696: 	    sizeof(struct in_addr) + OPTSIZ);
 1697: #undef OPTSIZ
 1698: 	/*
 1699: 	 * Record return path as an IP source route,
 1700: 	 * reversing the path (pointers are now aligned).
 1701: 	 */
 1702: 	while (p >= ip_srcrt.route) {
 1703: #ifdef DIAGNOSTIC
 1704: 		if (ipprintfs)
 1705: 			printf(" %lx", ntohl(q->s_addr));
 1706: #endif
 1707: 		*q++ = *p--;
 1708: 	}
 1709: 	/*
 1710: 	 * Last hop goes to final destination.
 1711: 	 */
 1712: 	*q = ip_srcrt.dst;
 1713: #ifdef DIAGNOSTIC
 1714: 	if (ipprintfs)
 1715: 		printf(" %lx\n", ntohl(q->s_addr));
 1716: #endif
 1717: 	return (m);
 1718: }
 1719: 
 1720: /*
 1721:  * Strip out IP options.
 1722:  */
 1723: void
 1724: ip_stripoptions(struct mbuf *m)
 1725: {
 1726: 	int datalen;
 1727: 	struct ip *ip = mtod(m, struct ip *);
 1728: 	caddr_t opts;
 1729: 	int optlen;
 1730: 
 1731: 	optlen = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
 1732: 	opts = (caddr_t)(ip + 1);
 1733: 	datalen = m->m_len - (sizeof(struct ip) + optlen);
 1734: 	bcopy(opts + optlen, opts, datalen);
 1735: 	m->m_len -= optlen;
 1736: 	if (m->m_flags & M_PKTHDR)
 1737: 		m->m_pkthdr.len -= optlen;
 1738: 	ip->ip_vhl = IP_MAKE_VHL(IPVERSION, sizeof(struct ip) >> 2);
 1739: }
 1740: 
 1741: u_char inetctlerrmap[PRC_NCMDS] = {
 1742: 	0,		0,		0,		0,
 1743: 	0,		EMSGSIZE,	EHOSTDOWN,	EHOSTUNREACH,
 1744: 	EHOSTUNREACH,	EHOSTUNREACH,	ECONNREFUSED,	ECONNREFUSED,
 1745: 	EMSGSIZE,	EHOSTUNREACH,	0,		0,
 1746: 	0,		0,		0,		0,
 1747: 	ENOPROTOOPT,	ECONNREFUSED
 1748: };
 1749: 
 1750: /*
 1751:  * Forward a packet.  If some error occurs return the sender
 1752:  * an icmp packet.  Note we can't always generate a meaningful
 1753:  * icmp message because icmp doesn't have a large enough repertoire
 1754:  * of codes and types.
 1755:  *
 1756:  * If not forwarding, just drop the packet.  This could be confusing
 1757:  * if ipforwarding was zero but some routing protocol was advancing
 1758:  * us as a gateway to somewhere.  However, we must let the routing
 1759:  * protocol deal with that.
 1760:  *
 1761:  * The using_srcrt parameter indicates whether the packet is being forwarded
 1762:  * via a source route.
 1763:  */
 1764: static void
 1765: ip_forward(struct mbuf *m, int using_srcrt, struct sockaddr_in *next_hop)
 1766: {
 1767: 	struct ip *ip = mtod(m, struct ip *);
 1768: 	struct sockaddr_in *sin;
 1769: 	struct rtentry *rt;
 1770: 	int error, type = 0, code = 0;
 1771: 	struct mbuf *mcopy;
 1772: 	n_long dest;
 1773: 	struct in_addr pkt_dst;
 1774: 	struct ifnet *destifp;
 1775: 	struct m_hdr tag;
 1776: #if defined(IPSEC) || defined(FAST_IPSEC)
 1777: 	struct ifnet dummyifp;
 1778: #endif
 1779: 
 1780: 	dest = 0;
 1781: 	/*
 1782: 	 * Cache the destination address of the packet; this may be
 1783: 	 * changed by use of 'ipfw fwd'.
 1784: 	 */
 1785: 	pkt_dst = next_hop ? next_hop->sin_addr : ip->ip_dst;
 1786: 
 1787: #ifdef DIAGNOSTIC
 1788: 	if (ipprintfs)
 1789: 		printf("forward: src %lx dst %lx ttl %x\n",
 1790: 		       ip->ip_src.s_addr, pkt_dst.s_addr, ip->ip_ttl);
 1791: #endif
 1792: 
 1793: 	if (m->m_flags & (M_BCAST | M_MCAST) || !in_canforward(pkt_dst)) {
 1794: 		ipstat.ips_cantforward++;
 1795: 		m_freem(m);
 1796: 		return;
 1797: 	}
 1798: 	if (!ipstealth && ip->ip_ttl <= IPTTLDEC) {
 1799: 		icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, dest, NULL);
 1800: 		return;
 1801: 	}
 1802: 
 1803: 	sin = (struct sockaddr_in *)&ipforward_rt.ro_dst;
 1804: 	if ((rt = ipforward_rt.ro_rt) == NULL ||
 1805: 	    pkt_dst.s_addr != sin->sin_addr.s_addr) {
 1806: 		if (ipforward_rt.ro_rt) {
 1807: 			RTFREE(ipforward_rt.ro_rt);
 1808: 			ipforward_rt.ro_rt = NULL;
 1809: 		}
 1810: 		sin->sin_family = AF_INET;
 1811: 		sin->sin_len = sizeof(*sin);
 1812: 		sin->sin_addr = pkt_dst;
 1813: 
 1814: 		rtalloc_ign(&ipforward_rt, RTF_PRCLONING);
 1815: 		if (ipforward_rt.ro_rt == NULL) {
 1816: 			icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, dest,
 1817: 				   NULL);
 1818: 			return;
 1819: 		}
 1820: 		rt = ipforward_rt.ro_rt;
 1821: 	}
 1822: 
 1823: 	/*
 1824: 	 * Save the IP header and at most 8 bytes of the payload,
 1825: 	 * in case we need to generate an ICMP message to the src.
 1826: 	 *
 1827: 	 * XXX this can be optimized a lot by saving the data in a local
 1828: 	 * buffer on the stack (72 bytes at most), and only allocating the
 1829: 	 * mbuf if really necessary. The vast majority of the packets
 1830: 	 * are forwarded without having to send an ICMP back (either
 1831: 	 * because unnecessary, or because rate limited), so we are
 1832: 	 * really we are wasting a lot of work here.
 1833: 	 *
 1834: 	 * We don't use m_copy() because it might return a reference
 1835: 	 * to a shared cluster. Both this function and ip_output()
 1836: 	 * assume exclusive access to the IP header in `m', so any
 1837: 	 * data in a cluster may change before we reach icmp_error().
 1838: 	 */
 1839: 	MGET(mcopy, M_DONTWAIT, m->m_type);
 1840: 	if (mcopy != NULL && !m_dup_pkthdr(mcopy, m, M_DONTWAIT)) {
 1841: 		/*
 1842: 		 * It's probably ok if the pkthdr dup fails (because
 1843: 		 * the deep copy of the tag chain failed), but for now
 1844: 		 * be conservative and just discard the copy since
 1845: 		 * code below may some day want the tags.
 1846: 		 */
 1847: 		m_free(mcopy);
 1848: 		mcopy = NULL;
 1849: 	}
 1850: 	if (mcopy != NULL) {
 1851: 		mcopy->m_len = imin((IP_VHL_HL(ip->ip_vhl) << 2) + 8,
 1852: 		    (int)ip->ip_len);
 1853: 		m_copydata(m, 0, mcopy->m_len, mtod(mcopy, caddr_t));
 1854: 	}
 1855: 
 1856: 	if (!ipstealth)
 1857: 		ip->ip_ttl -= IPTTLDEC;
 1858: 
 1859: 	/*
 1860: 	 * If forwarding packet using same interface that it came in on,
 1861: 	 * perhaps should send a redirect to sender to shortcut a hop.
 1862: 	 * Only send redirect if source is sending directly to us,
 1863: 	 * and if packet was not source routed (or has any options).
 1864: 	 * Also, don't send redirect if forwarding using a default route
 1865: 	 * or a route modified by a redirect.
 1866: 	 */
 1867: 	if (rt->rt_ifp == m->m_pkthdr.rcvif &&
 1868: 	    !(rt->rt_flags & (RTF_DYNAMIC | RTF_MODIFIED)) &&
 1869: 	    satosin(rt_key(rt))->sin_addr.s_addr != INADDR_ANY &&
 1870: 	    ipsendredirects && !using_srcrt && next_hop != NULL) {
 1871: 		u_long src = ntohl(ip->ip_src.s_addr);
 1872: 
 1873: #define	RTA(rt) ((struct in_ifaddr *)(rt->rt_ifa))
 1874: 		if (RTA(rt) != NULL &&
 1875: 		    (src & RTA(rt)->ia_subnetmask) == RTA(rt)->ia_subnet) {
 1876: 			if (rt->rt_flags & RTF_GATEWAY)
 1877: 				dest = satosin(rt->rt_gateway)->sin_addr.s_addr;
 1878: 			else
 1879: 				dest = pkt_dst.s_addr;
 1880: 			/*
 1881: 			 * Router requirements says to only send
 1882: 			 * host redirects.
 1883: 			 */
 1884: 			type = ICMP_REDIRECT;
 1885: 			code = ICMP_REDIRECT_HOST;
 1886: #ifdef DIAGNOSTIC
 1887: 			if (ipprintfs)
 1888: 				printf("redirect (%d) to %lx\n", code, dest);
 1889: #endif
 1890: 		}
 1891: 	}
 1892: 
 1893: 	if (next_hop) {
 1894: 		/* Pass IPFORWARD info if available */
 1895: 
 1896: 		tag.mh_type = MT_TAG;
 1897: 		tag.mh_flags = PACKET_TAG_IPFORWARD;
 1898: 		tag.mh_data = (caddr_t)next_hop;
 1899: 		tag.mh_next = m;
 1900: 		m = (struct mbuf *)&tag;
 1901: 	}
 1902: 
 1903: 	error = ip_output(m, NULL, &ipforward_rt, IP_FORWARDING, NULL, NULL);
 1904: 
 1905: 	if (error)
 1906: 		ipstat.ips_cantforward++;
 1907: 	else {
 1908: 		ipstat.ips_forward++;
 1909: 		if (type)
 1910: 			ipstat.ips_redirectsent++;
 1911: 		else {
 1912: 			if (mcopy) {
 1913: 				ipflow_create(&ipforward_rt, mcopy);
 1914: 				m_freem(mcopy);
 1915: 			}
 1916: 			return;
 1917: 		}
 1918: 	}
 1919: 	if (mcopy == NULL)
 1920: 		return;
 1921: 	destifp = NULL;
 1922: 
 1923: 	switch (error) {
 1924: 
 1925: 	case 0:				/* forwarded, but need redirect */
 1926: 		/* type, code set above */
 1927: 		break;
 1928: 
 1929: 	case ENETUNREACH:		/* shouldn't happen, checked above */
 1930: 	case EHOSTUNREACH:
 1931: 	case ENETDOWN:
 1932: 	case EHOSTDOWN:
 1933: 	default:
 1934: 		type = ICMP_UNREACH;
 1935: 		code = ICMP_UNREACH_HOST;
 1936: 		break;
 1937: 
 1938: 	case EMSGSIZE:
 1939: 		type = ICMP_UNREACH;
 1940: 		code = ICMP_UNREACH_NEEDFRAG;
 1941: #ifdef IPSEC
 1942: 		/*
 1943: 		 * If the packet is routed over IPsec tunnel, tell the
 1944: 		 * originator the tunnel MTU.
 1945: 		 *	tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
 1946: 		 * XXX quickhack!!!
 1947: 		 */
 1948: 		if (ipforward_rt.ro_rt) {
 1949: 			struct secpolicy *sp = NULL;
 1950: 			int ipsecerror;
 1951: 			int ipsechdr;
 1952: 			struct route *ro;
 1953: 
 1954: 			sp = ipsec4_getpolicybyaddr(mcopy,
 1955: 						    IPSEC_DIR_OUTBOUND,
 1956: 						    IP_FORWARDING,
 1957: 						    &ipsecerror);
 1958: 
 1959: 			if (sp == NULL)
 1960: 				destifp = ipforward_rt.ro_rt->rt_ifp;
 1961: 			else {
 1962: 				/* count IPsec header size */
 1963: 				ipsechdr = ipsec4_hdrsiz(mcopy,
 1964: 							 IPSEC_DIR_OUTBOUND,
 1965: 							 NULL);
 1966: 
 1967: 				/*
 1968: 				 * find the correct route for outer IPv4
 1969: 				 * header, compute tunnel MTU.
 1970: 				 *
 1971: 				 * XXX BUG ALERT
 1972: 				 * The "dummyifp" code relies upon the fact
 1973: 				 * that icmp_error() touches only ifp->if_mtu.
 1974: 				 */
 1975: 				/*XXX*/
 1976: 				destifp = NULL;
 1977: 				if (sp->req != NULL
 1978: 				 && sp->req->sav != NULL
 1979: 				 && sp->req->sav->sah != NULL) {
 1980: 					ro = &sp->req->sav->sah->sa_route;
 1981: 					if (ro->ro_rt && ro->ro_rt->rt_ifp) {
 1982: 						dummyifp.if_mtu =
 1983: 						    ro->ro_rt->rt_ifp->if_mtu;
 1984: 						dummyifp.if_mtu -= ipsechdr;
 1985: 						destifp = &dummyifp;
 1986: 					}
 1987: 				}
 1988: 
 1989: 				key_freesp(sp);
 1990: 			}
 1991: 		}
 1992: #elif FAST_IPSEC
 1993: 		/*
 1994: 		 * If the packet is routed over IPsec tunnel, tell the
 1995: 		 * originator the tunnel MTU.
 1996: 		 *	tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
 1997: 		 * XXX quickhack!!!
 1998: 		 */
 1999: 		if (ipforward_rt.ro_rt) {
 2000: 			struct secpolicy *sp = NULL;
 2001: 			int ipsecerror;
 2002: 			int ipsechdr;
 2003: 			struct route *ro;
 2004: 
 2005: 			sp = ipsec_getpolicybyaddr(mcopy,
 2006: 						   IPSEC_DIR_OUTBOUND,
 2007: 						   IP_FORWARDING,
 2008: 						   &ipsecerror);
 2009: 
 2010: 			if (sp == NULL)
 2011: 				destifp = ipforward_rt.ro_rt->rt_ifp;
 2012: 			else {
 2013: 				/* count IPsec header size */
 2014: 				ipsechdr = ipsec4_hdrsiz(mcopy,
 2015: 							 IPSEC_DIR_OUTBOUND,
 2016: 							 NULL);
 2017: 
 2018: 				/*
 2019: 				 * find the correct route for outer IPv4
 2020: 				 * header, compute tunnel MTU.
 2021: 				 *
 2022: 				 * XXX BUG ALERT
 2023: 				 * The "dummyifp" code relies upon the fact
 2024: 				 * that icmp_error() touches only ifp->if_mtu.
 2025: 				 */
 2026: 				/*XXX*/
 2027: 				destifp = NULL;
 2028: 				if (sp->req != NULL
 2029: 				 && sp->req->sav != NULL
 2030: 				 && sp->req->sav->sah != NULL) {
 2031: 					ro = &sp->req->sav->sah->sa_route;
 2032: 					if (ro->ro_rt && ro->ro_rt->rt_ifp) {
 2033: 						dummyifp.if_mtu =
 2034: 						    ro->ro_rt->rt_ifp->if_mtu;
 2035: 						dummyifp.if_mtu -= ipsechdr;
 2036: 						destifp = &dummyifp;
 2037: 					}
 2038: 				}
 2039: 
 2040: 				KEY_FREESP(&sp);
 2041: 			}
 2042: 		}
 2043: #else /* !IPSEC && !FAST_IPSEC */
 2044: 		if (ipforward_rt.ro_rt)
 2045: 			destifp = ipforward_rt.ro_rt->rt_ifp;
 2046: #endif /*IPSEC*/
 2047: 		ipstat.ips_cantfrag++;
 2048: 		break;
 2049: 
 2050: 	case ENOBUFS:
 2051: 		/*
 2052: 		 * A router should not generate ICMP_SOURCEQUENCH as
 2053: 		 * required in RFC1812 Requirements for IP Version 4 Routers.
 2054: 		 * Source quench could be a big problem under DoS attacks,
 2055: 		 * or if the underlying interface is rate-limited.
 2056: 		 * Those who need source quench packets may re-enable them
 2057: 		 * via the net.inet.ip.sendsourcequench sysctl.
 2058: 		 */
 2059: 		if (!ip_sendsourcequench) {
 2060: 			m_freem(mcopy);
 2061: 			return;
 2062: 		} else {
 2063: 			type = ICMP_SOURCEQUENCH;
 2064: 			code = 0;
 2065: 		}
 2066: 		break;
 2067: 
 2068: 	case EACCES:			/* ipfw denied packet */
 2069: 		m_freem(mcopy);
 2070: 		return;
 2071: 	}
 2072: 	icmp_error(mcopy, type, code, dest, destifp);
 2073: }
 2074: 
 2075: void
 2076: ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip,
 2077: 	       struct mbuf *m)
 2078: {
 2079: 	if (inp->inp_socket->so_options & SO_TIMESTAMP) {
 2080: 		struct timeval tv;
 2081: 
 2082: 		microtime(&tv);
 2083: 		*mp = sbcreatecontrol((caddr_t) &tv, sizeof(tv),
 2084: 		    SCM_TIMESTAMP, SOL_SOCKET);
 2085: 		if (*mp)
 2086: 			mp = &(*mp)->m_next;
 2087: 	}
 2088: 	if (inp->inp_flags & INP_RECVDSTADDR) {
 2089: 		*mp = sbcreatecontrol((caddr_t) &ip->ip_dst,
 2090: 		    sizeof(struct in_addr), IP_RECVDSTADDR, IPPROTO_IP);
 2091: 		if (*mp)
 2092: 			mp = &(*mp)->m_next;
 2093: 	}
 2094: #ifdef notyet
 2095: 	/* XXX
 2096: 	 * Moving these out of udp_input() made them even more broken
 2097: 	 * than they already were.
 2098: 	 */
 2099: 	/* options were tossed already */
 2100: 	if (inp->inp_flags & INP_RECVOPTS) {
 2101: 		*mp = sbcreatecontrol((caddr_t) opts_deleted_above,
 2102: 		    sizeof(struct in_addr), IP_RECVOPTS, IPPROTO_IP);
 2103: 		if (*mp)
 2104: 			mp = &(*mp)->m_next;
 2105: 	}
 2106: 	/* ip_srcroute doesn't do what we want here, need to fix */
 2107: 	if (inp->inp_flags & INP_RECVRETOPTS) {
 2108: 		*mp = sbcreatecontrol((caddr_t) ip_srcroute(),
 2109: 		    sizeof(struct in_addr), IP_RECVRETOPTS, IPPROTO_IP);
 2110: 		if (*mp)
 2111: 			mp = &(*mp)->m_next;
 2112: 	}
 2113: #endif
 2114: 	if (inp->inp_flags & INP_RECVIF) {
 2115: 		struct ifnet *ifp;
 2116: 		struct sdlbuf {
 2117: 			struct sockaddr_dl sdl;
 2118: 			u_char	pad[32];
 2119: 		} sdlbuf;
 2120: 		struct sockaddr_dl *sdp;
 2121: 		struct sockaddr_dl *sdl2 = &sdlbuf.sdl;
 2122: 
 2123: 		if (((ifp = m->m_pkthdr.rcvif)) &&
 2124: 		    ((ifp->if_index != 0) && (ifp->if_index <= if_index))) {
 2125: 			sdp = (struct sockaddr_dl *)
 2126: 			    ifnet_addrs[ifp->if_index - 1]->ifa_addr;
 2127: 			/*
 2128: 			 * Change our mind and don't try copy.
 2129: 			 */
 2130: 			if ((sdp->sdl_family != AF_LINK) ||
 2131: 			    (sdp->sdl_len > sizeof(sdlbuf))) {
 2132: 				goto makedummy;
 2133: 			}
 2134: 			bcopy(sdp, sdl2, sdp->sdl_len);
 2135: 		} else {
 2136: makedummy:
 2137: 			sdl2->sdl_len =
 2138: 			    offsetof(struct sockaddr_dl, sdl_data[0]);
 2139: 			sdl2->sdl_family = AF_LINK;
 2140: 			sdl2->sdl_index = 0;
 2141: 			sdl2->sdl_nlen = sdl2->sdl_alen = sdl2->sdl_slen = 0;
 2142: 		}
 2143: 		*mp = sbcreatecontrol((caddr_t) sdl2, sdl2->sdl_len,
 2144: 			IP_RECVIF, IPPROTO_IP);
 2145: 		if (*mp)
 2146: 			mp = &(*mp)->m_next;
 2147: 	}
 2148: }
 2149: 
 2150: /*
 2151:  * XXX these routines are called from the upper part of the kernel.
 2152:  *
 2153:  * They could also be moved to ip_mroute.c, since all the RSVP
 2154:  *  handling is done there already.
 2155:  */
 2156: int
 2157: ip_rsvp_init(struct socket *so)
 2158: {
 2159: 	if (so->so_type != SOCK_RAW ||
 2160: 	    so->so_proto->pr_protocol != IPPROTO_RSVP)
 2161: 		return EOPNOTSUPP;
 2162: 
 2163: 	if (ip_rsvpd != NULL)
 2164: 		return EADDRINUSE;
 2165: 
 2166: 	ip_rsvpd = so;
 2167: 	/*
 2168: 	 * This may seem silly, but we need to be sure we don't over-increment
 2169: 	 * the RSVP counter, in case something slips up.
 2170: 	 */
 2171: 	if (!ip_rsvp_on) {
 2172: 		ip_rsvp_on = 1;
 2173: 		rsvp_on++;
 2174: 	}
 2175: 
 2176: 	return 0;
 2177: }
 2178: 
 2179: int
 2180: ip_rsvp_done(void)
 2181: {
 2182: 	ip_rsvpd = NULL;
 2183: 	/*
 2184: 	 * This may seem silly, but we need to be sure we don't over-decrement
 2185: 	 * the RSVP counter, in case something slips up.
 2186: 	 */
 2187: 	if (ip_rsvp_on) {
 2188: 		ip_rsvp_on = 0;
 2189: 		rsvp_on--;
 2190: 	}
 2191: 	return 0;
 2192: }
 2193: 
 2194: void
 2195: rsvp_input(struct mbuf *m, int off, int proto)	/* XXX must fixup manually */
 2196: {
 2197: 	if (rsvp_input_p) { /* call the real one if loaded */
 2198: 		rsvp_input_p(m, off, proto);
 2199: 		return;
 2200: 	}
 2201: 
 2202: 	/* Can still get packets with rsvp_on = 0 if there is a local member
 2203: 	 * of the group to which the RSVP packet is addressed.  But in this
 2204: 	 * case we want to throw the packet away.
 2205: 	 */
 2206: 
 2207: 	if (!rsvp_on) {
 2208: 		m_freem(m);
 2209: 		return;
 2210: 	}
 2211: 
 2212: 	if (ip_rsvpd != NULL) {
 2213: 		rip_input(m, off, proto);
 2214: 		return;
 2215: 	}
 2216: 	/* Drop the packet */
 2217: 	m_freem(m);
 2218: }