1/* $NetBSD: ip_gre.c,v 1.21 2002/08/14 00:23:30 itojun Exp $ */
2/* $FreeBSD: head/sys/netinet/ip_gre.c 123922 2003-12-28 03:56:00Z sam $ */
| 1/* $NetBSD: ip_gre.c,v 1.29 2003/09/05 23:02:43 itojun Exp $ */
2/* $FreeBSD: head/sys/netinet/ip_gre.c 123992 2003-12-30 11:41:43Z sobomax $ */
|
3
4/*
5 * Copyright (c) 1998 The NetBSD Foundation, Inc.
6 * All rights reserved.
7 *
8 * This code is derived from software contributed to The NetBSD Foundation
9 * by Heiko W.Rupp <hwr@pilhuhn.de>
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. All advertising materials mentioning features or use of this software
20 * must display the following acknowledgement:
21 * This product includes software developed by the NetBSD
22 * Foundation, Inc. and its contributors.
23 * 4. Neither the name of The NetBSD Foundation nor the names of its
24 * contributors may be used to endorse or promote products derived
25 * from this software without specific prior written permission.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
37 * POSSIBILITY OF SUCH DAMAGE.
38 */
39
40/*
41 * deencapsulate tunneled packets and send them on
42 * output half is in net/if_gre.[ch]
43 * This currently handles IPPROTO_GRE, IPPROTO_MOBILE
44 */
45
46#include "opt_inet.h"
47#include "opt_atalk.h"
48
49#include <sys/param.h>
50#include <sys/systm.h>
51#include <sys/mbuf.h>
52#include <sys/socket.h>
53#include <sys/socketvar.h>
54#include <sys/protosw.h>
55#include <sys/errno.h>
56#include <sys/time.h>
57#include <sys/kernel.h>
58#include <sys/syslog.h>
59#include <net/bpf.h>
60#include <net/ethernet.h>
61#include <net/if.h>
62#include <net/netisr.h>
63#include <net/route.h>
64#include <net/raw_cb.h>
65
66#ifdef INET
67#include <netinet/in.h>
68#include <netinet/in_var.h>
69#include <netinet/in_systm.h>
70#include <netinet/ip.h>
71#include <netinet/ip_var.h>
72#include <netinet/ip_gre.h>
73#include <machine/in_cksum.h>
74#else
75#error ip_gre input without IP?
76#endif
77
78#ifdef NETATALK
79#include <netatalk/at.h>
80#include <netatalk/at_var.h>
81#include <netatalk/at_extern.h>
82#endif
83
84/* Needs IP headers. */
85#include <net/if_gre.h>
86
87#include <machine/stdarg.h>
88
89#if 1
90void gre_inet_ntoa(struct in_addr in); /* XXX */
91#endif
92
93static struct gre_softc *gre_lookup(struct mbuf *, u_int8_t);
94
95static int gre_input2(struct mbuf *, int, u_char);
96
97/*
98 * De-encapsulate a packet and feed it back through ip input (this
99 * routine is called whenever IP gets a packet with proto type
100 * IPPROTO_GRE and a local destination address).
101 * This really is simple
102 */
103void
104#if __STDC__
105gre_input(struct mbuf *m, ...)
106#else
107gre_input(m, va_alist)
| 3
4/*
5 * Copyright (c) 1998 The NetBSD Foundation, Inc.
6 * All rights reserved.
7 *
8 * This code is derived from software contributed to The NetBSD Foundation
9 * by Heiko W.Rupp <hwr@pilhuhn.de>
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. All advertising materials mentioning features or use of this software
20 * must display the following acknowledgement:
21 * This product includes software developed by the NetBSD
22 * Foundation, Inc. and its contributors.
23 * 4. Neither the name of The NetBSD Foundation nor the names of its
24 * contributors may be used to endorse or promote products derived
25 * from this software without specific prior written permission.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
37 * POSSIBILITY OF SUCH DAMAGE.
38 */
39
40/*
41 * deencapsulate tunneled packets and send them on
42 * output half is in net/if_gre.[ch]
43 * This currently handles IPPROTO_GRE, IPPROTO_MOBILE
44 */
45
46#include "opt_inet.h"
47#include "opt_atalk.h"
48
49#include <sys/param.h>
50#include <sys/systm.h>
51#include <sys/mbuf.h>
52#include <sys/socket.h>
53#include <sys/socketvar.h>
54#include <sys/protosw.h>
55#include <sys/errno.h>
56#include <sys/time.h>
57#include <sys/kernel.h>
58#include <sys/syslog.h>
59#include <net/bpf.h>
60#include <net/ethernet.h>
61#include <net/if.h>
62#include <net/netisr.h>
63#include <net/route.h>
64#include <net/raw_cb.h>
65
66#ifdef INET
67#include <netinet/in.h>
68#include <netinet/in_var.h>
69#include <netinet/in_systm.h>
70#include <netinet/ip.h>
71#include <netinet/ip_var.h>
72#include <netinet/ip_gre.h>
73#include <machine/in_cksum.h>
74#else
75#error ip_gre input without IP?
76#endif
77
78#ifdef NETATALK
79#include <netatalk/at.h>
80#include <netatalk/at_var.h>
81#include <netatalk/at_extern.h>
82#endif
83
84/* Needs IP headers. */
85#include <net/if_gre.h>
86
87#include <machine/stdarg.h>
88
89#if 1
90void gre_inet_ntoa(struct in_addr in); /* XXX */
91#endif
92
93static struct gre_softc *gre_lookup(struct mbuf *, u_int8_t);
94
95static int gre_input2(struct mbuf *, int, u_char);
96
97/*
98 * De-encapsulate a packet and feed it back through ip input (this
99 * routine is called whenever IP gets a packet with proto type
100 * IPPROTO_GRE and a local destination address).
101 * This really is simple
102 */
103void
104#if __STDC__
105gre_input(struct mbuf *m, ...)
106#else
107gre_input(m, va_alist)
|
108 struct mbuf *m;
109 va_dcl
| 108 struct mbuf *m;
109 va_dcl
|
110#endif
111{
112 int off, ret, proto;
113 va_list ap;
114
115 va_start(ap, m);
116 off = va_arg(ap, int);
117 va_end(ap);
118 proto = (mtod(m, struct ip *))->ip_p;
119
120 ret = gre_input2(m, off, proto);
121 /*
122 * ret == 0 : packet not processed, meaning that
123 * no matching tunnel that is up is found.
124 * we inject it to raw ip socket to see if anyone picks it up.
125 */
126 if (ret == 0)
127 rip_input(m, off);
128}
129
130/*
131 * decapsulate.
132 * Does the real work and is called from gre_input() (above)
133 * returns 0 if packet is not yet processed
134 * and 1 if it needs no further processing
135 * proto is the protocol number of the "calling" foo_input()
136 * routine.
137 */
| 110#endif
111{
112 int off, ret, proto;
113 va_list ap;
114
115 va_start(ap, m);
116 off = va_arg(ap, int);
117 va_end(ap);
118 proto = (mtod(m, struct ip *))->ip_p;
119
120 ret = gre_input2(m, off, proto);
121 /*
122 * ret == 0 : packet not processed, meaning that
123 * no matching tunnel that is up is found.
124 * we inject it to raw ip socket to see if anyone picks it up.
125 */
126 if (ret == 0)
127 rip_input(m, off);
128}
129
130/*
131 * decapsulate.
132 * Does the real work and is called from gre_input() (above)
133 * returns 0 if packet is not yet processed
134 * and 1 if it needs no further processing
135 * proto is the protocol number of the "calling" foo_input()
136 * routine.
137 */
|
138
| |
139static int
140gre_input2(struct mbuf *m ,int hlen, u_char proto)
141{
| 138static int
139gre_input2(struct mbuf *m ,int hlen, u_char proto)
140{
|
142 struct greip *gip = mtod(m, struct greip *);
| 141 struct greip *gip;
|
143 int isr;
144 struct gre_softc *sc;
| 142 int isr;
143 struct gre_softc *sc;
|
145 u_short flags;
| 144 u_int16_t flags;
|
146
147 if ((sc = gre_lookup(m, proto)) == NULL) {
148 /* No matching tunnel or tunnel is down. */
149 return (0);
150 }
151
| 145
146 if ((sc = gre_lookup(m, proto)) == NULL) {
147 /* No matching tunnel or tunnel is down. */
148 return (0);
149 }
150
|
| 151 if (m->m_len < sizeof(*gip)) {
152 m = m_pullup(m, sizeof(*gip));
153 if (m == NULL)
154 return (ENOBUFS);
155 }
156 gip = mtod(m, struct greip *);
157
|
152 sc->sc_if.if_ipackets++;
153 sc->sc_if.if_ibytes += m->m_pkthdr.len;
154
155 switch (proto) {
156 case IPPROTO_GRE:
| 158 sc->sc_if.if_ipackets++;
159 sc->sc_if.if_ibytes += m->m_pkthdr.len;
160
161 switch (proto) {
162 case IPPROTO_GRE:
|
157 hlen += sizeof (struct gre_h);
| 163 hlen += sizeof(struct gre_h);
|
158
159 /* process GRE flags as packet can be of variable len */
160 flags = ntohs(gip->gi_flags);
161
162 /* Checksum & Offset are present */
163 if ((flags & GRE_CP) | (flags & GRE_RP))
164 hlen += 4;
165 /* We don't support routing fields (variable length) */
166 if (flags & GRE_RP)
| 164
165 /* process GRE flags as packet can be of variable len */
166 flags = ntohs(gip->gi_flags);
167
168 /* Checksum & Offset are present */
169 if ((flags & GRE_CP) | (flags & GRE_RP))
170 hlen += 4;
171 /* We don't support routing fields (variable length) */
172 if (flags & GRE_RP)
|
167 return(0);
| 173 return (0);
|
168 if (flags & GRE_KP)
169 hlen += 4;
170 if (flags & GRE_SP)
| 174 if (flags & GRE_KP)
175 hlen += 4;
176 if (flags & GRE_SP)
|
171 hlen +=4;
| 177 hlen += 4;
|
172
173 switch (ntohs(gip->gi_ptype)) { /* ethertypes */
174 case ETHERTYPE_IP: /* shouldn't need a schednetisr(), as */
175 case WCCP_PROTOCOL_TYPE: /* we are in ip_input */
176 isr = NETISR_IP;
177 break;
178#ifdef NETATALK
179 case ETHERTYPE_ATALK:
180 isr = NETISR_ATALK1;
181 break;
182#endif
183 case ETHERTYPE_IPV6:
184 /* FALLTHROUGH */
185 default: /* others not yet supported */
| 178
179 switch (ntohs(gip->gi_ptype)) { /* ethertypes */
180 case ETHERTYPE_IP: /* shouldn't need a schednetisr(), as */
181 case WCCP_PROTOCOL_TYPE: /* we are in ip_input */
182 isr = NETISR_IP;
183 break;
184#ifdef NETATALK
185 case ETHERTYPE_ATALK:
186 isr = NETISR_ATALK1;
187 break;
188#endif
189 case ETHERTYPE_IPV6:
190 /* FALLTHROUGH */
191 default: /* others not yet supported */
|
186 return(0);
| 192 return (0);
|
187 }
188 break;
189 default:
190 /* others not yet supported */
| 193 }
194 break;
195 default:
196 /* others not yet supported */
|
191 return(0);
| 197 return (0);
|
192 }
193
| 198 }
199
|
194 m->m_data += hlen;
195 m->m_len -= hlen;
| 200 if (hlen > m->m_pkthdr.len) {
201 m_freem(m);
202 return (EINVAL);
203 }
204 m_adj(m, hlen);
|
196 m->m_pkthdr.len -= hlen;
197
198 if (sc->sc_if.if_bpf) {
199 u_int32_t af = AF_INET;
200 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m);
201 }
202
203 m->m_pkthdr.rcvif = &sc->sc_if;
204
205 netisr_dispatch(isr, m);
206
| 205 m->m_pkthdr.len -= hlen;
206
207 if (sc->sc_if.if_bpf) {
208 u_int32_t af = AF_INET;
209 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m);
210 }
211
212 m->m_pkthdr.rcvif = &sc->sc_if;
213
214 netisr_dispatch(isr, m);
215
|
207 return(1); /* packet is done, no further processing needed */
| 216 return (1); /* packet is done, no further processing needed */
|
208}
209
210/*
211 * input routine for IPPRPOTO_MOBILE
212 * This is a little bit diffrent from the other modes, as the
213 * encapsulating header was not prepended, but instead inserted
214 * between IP header and payload
215 */
216
217void
218#if __STDC__
219gre_mobile_input(struct mbuf *m, ...)
220#else
221gre_mobile_input(m, va_alist)
222 struct mbuf *m;
223 va_dcl
224#endif
225{
| 217}
218
219/*
220 * input routine for IPPRPOTO_MOBILE
221 * This is a little bit diffrent from the other modes, as the
222 * encapsulating header was not prepended, but instead inserted
223 * between IP header and payload
224 */
225
226void
227#if __STDC__
228gre_mobile_input(struct mbuf *m, ...)
229#else
230gre_mobile_input(m, va_alist)
231 struct mbuf *m;
232 va_dcl
233#endif
234{
|
226 struct ip *ip = mtod(m, struct ip *);
227 struct mobip_h *mip = mtod(m, struct mobip_h *);
| 235 struct ip *ip;
236 struct mobip_h *mip;
|
228 struct gre_softc *sc;
229 int hlen;
230 va_list ap;
| 237 struct gre_softc *sc;
238 int hlen;
239 va_list ap;
|
231 u_char osrc = 0;
| |
232 int msiz;
233
| 240 int msiz;
241
|
234 va_start(ap,m);
| 242 va_start(ap, m);
|
235 hlen = va_arg(ap, int);
236 va_end(ap);
237
238 if ((sc = gre_lookup(m, IPPROTO_MOBILE)) == NULL) {
239 /* No matching tunnel or tunnel is down. */
240 m_freem(m);
241 return;
242 }
243
| 243 hlen = va_arg(ap, int);
244 va_end(ap);
245
246 if ((sc = gre_lookup(m, IPPROTO_MOBILE)) == NULL) {
247 /* No matching tunnel or tunnel is down. */
248 m_freem(m);
249 return;
250 }
251
|
| 252 if (m->m_len < sizeof(*mip)) {
253 m = m_pullup(m, sizeof(*mip));
254 if (m == NULL)
255 return;
256 }
257 ip = mtod(m, struct ip *);
258 mip = mtod(m, struct mobip_h *);
259
|
244 sc->sc_if.if_ipackets++;
245 sc->sc_if.if_ibytes += m->m_pkthdr.len;
246
| 260 sc->sc_if.if_ipackets++;
261 sc->sc_if.if_ibytes += m->m_pkthdr.len;
262
|
247 if(ntohs(mip->mh.proto) & MOB_H_SBIT) {
248 osrc = 1;
| 263 if (ntohs(mip->mh.proto) & MOB_H_SBIT) {
|
249 msiz = MOB_H_SIZ_L;
250 mip->mi.ip_src.s_addr = mip->mh.osrc;
| 264 msiz = MOB_H_SIZ_L;
265 mip->mi.ip_src.s_addr = mip->mh.osrc;
|
251 } else {
| 266 } else
|
252 msiz = MOB_H_SIZ_S;
| 267 msiz = MOB_H_SIZ_S;
|
| 268
269 if (m->m_len < (ip->ip_hl << 2) + msiz) {
270 m = m_pullup(m, (ip->ip_hl << 2) + msiz);
271 if (m == NULL)
272 return;
273 ip = mtod(m, struct ip *);
274 mip = mtod(m, struct mobip_h *);
|
253 }
| 275 }
|
| 276
|
254 mip->mi.ip_dst.s_addr = mip->mh.odst;
255 mip->mi.ip_p = (ntohs(mip->mh.proto) >> 8);
256
| 277 mip->mi.ip_dst.s_addr = mip->mh.odst;
278 mip->mi.ip_p = (ntohs(mip->mh.proto) >> 8);
279
|
257 if (gre_in_cksum((u_short*)&mip->mh,msiz) != 0) {
| 280 if (gre_in_cksum((u_int16_t *)&mip->mh, msiz) != 0) {
|
258 m_freem(m);
259 return;
260 }
261
262 bcopy((caddr_t)(ip) + (ip->ip_hl << 2) + msiz, (caddr_t)(ip) +
263 (ip->ip_hl << 2), m->m_len - msiz - (ip->ip_hl << 2));
264 m->m_len -= msiz;
265 m->m_pkthdr.len -= msiz;
266
267 /*
268 * On FreeBSD, rip_input() supplies us with ip->ip_len
269 * already converted into host byteorder and also decreases
270 * it by the lengh of IP header, however, ip_input() expects
271 * that this field is in the original format (network byteorder
272 * and full size of IP packet), so that adjust accordingly.
273 */
274 ip->ip_len = htons(ip->ip_len + sizeof(struct ip) - msiz);
275
276 ip->ip_sum = 0;
277 ip->ip_sum = in_cksum(m, (ip->ip_hl << 2));
278
279 if (sc->sc_if.if_bpf) {
280 u_int32_t af = AF_INET;
281 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m);
282 }
283
284 m->m_pkthdr.rcvif = &sc->sc_if;
285
286 netisr_dispatch(NETISR_IP, m);
287}
288
289/*
290 * Find the gre interface associated with our src/dst/proto set.
291 */
292static struct gre_softc *
293gre_lookup(m, proto)
294 struct mbuf *m;
295 u_int8_t proto;
296{
297 struct ip *ip = mtod(m, struct ip *);
298 struct gre_softc *sc;
299
300 for (sc = LIST_FIRST(&gre_softc_list); sc != NULL;
301 sc = LIST_NEXT(sc, sc_list)) {
302 if ((sc->g_dst.s_addr == ip->ip_src.s_addr) &&
303 (sc->g_src.s_addr == ip->ip_dst.s_addr) &&
304 (sc->g_proto == proto) &&
305 ((sc->sc_if.if_flags & IFF_UP) != 0))
306 return (sc);
307 }
308
309 return (NULL);
310}
| 281 m_freem(m);
282 return;
283 }
284
285 bcopy((caddr_t)(ip) + (ip->ip_hl << 2) + msiz, (caddr_t)(ip) +
286 (ip->ip_hl << 2), m->m_len - msiz - (ip->ip_hl << 2));
287 m->m_len -= msiz;
288 m->m_pkthdr.len -= msiz;
289
290 /*
291 * On FreeBSD, rip_input() supplies us with ip->ip_len
292 * already converted into host byteorder and also decreases
293 * it by the lengh of IP header, however, ip_input() expects
294 * that this field is in the original format (network byteorder
295 * and full size of IP packet), so that adjust accordingly.
296 */
297 ip->ip_len = htons(ip->ip_len + sizeof(struct ip) - msiz);
298
299 ip->ip_sum = 0;
300 ip->ip_sum = in_cksum(m, (ip->ip_hl << 2));
301
302 if (sc->sc_if.if_bpf) {
303 u_int32_t af = AF_INET;
304 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m);
305 }
306
307 m->m_pkthdr.rcvif = &sc->sc_if;
308
309 netisr_dispatch(NETISR_IP, m);
310}
311
312/*
313 * Find the gre interface associated with our src/dst/proto set.
314 */
315static struct gre_softc *
316gre_lookup(m, proto)
317 struct mbuf *m;
318 u_int8_t proto;
319{
320 struct ip *ip = mtod(m, struct ip *);
321 struct gre_softc *sc;
322
323 for (sc = LIST_FIRST(&gre_softc_list); sc != NULL;
324 sc = LIST_NEXT(sc, sc_list)) {
325 if ((sc->g_dst.s_addr == ip->ip_src.s_addr) &&
326 (sc->g_src.s_addr == ip->ip_dst.s_addr) &&
327 (sc->g_proto == proto) &&
328 ((sc->sc_if.if_flags & IFF_UP) != 0))
329 return (sc);
330 }
331
332 return (NULL);
333}
|