1/* $NetBSD: ip_gre.c,v 1.21 2002/08/14 00:23:30 itojun Exp $ */ 2/* $FreeBSD: head/sys/netinet/ip_gre.c 123922 2003-12-28 03:56:00Z sam $ */
| 1/* $NetBSD: ip_gre.c,v 1.29 2003/09/05 23:02:43 itojun Exp $ */ 2/* $FreeBSD: head/sys/netinet/ip_gre.c 123992 2003-12-30 11:41:43Z sobomax $ */
|
3 4/* 5 * Copyright (c) 1998 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Heiko W.Rupp <hwr@pilhuhn.de> 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. All advertising materials mentioning features or use of this software 20 * must display the following acknowledgement: 21 * This product includes software developed by the NetBSD 22 * Foundation, Inc. and its contributors. 23 * 4. Neither the name of The NetBSD Foundation nor the names of its 24 * contributors may be used to endorse or promote products derived 25 * from this software without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 * POSSIBILITY OF SUCH DAMAGE. 38 */ 39 40/* 41 * deencapsulate tunneled packets and send them on 42 * output half is in net/if_gre.[ch] 43 * This currently handles IPPROTO_GRE, IPPROTO_MOBILE 44 */ 45 46#include "opt_inet.h" 47#include "opt_atalk.h" 48 49#include <sys/param.h> 50#include <sys/systm.h> 51#include <sys/mbuf.h> 52#include <sys/socket.h> 53#include <sys/socketvar.h> 54#include <sys/protosw.h> 55#include <sys/errno.h> 56#include <sys/time.h> 57#include <sys/kernel.h> 58#include <sys/syslog.h> 59#include <net/bpf.h> 60#include <net/ethernet.h> 61#include <net/if.h> 62#include <net/netisr.h> 63#include <net/route.h> 64#include <net/raw_cb.h> 65 66#ifdef INET 67#include <netinet/in.h> 68#include <netinet/in_var.h> 69#include <netinet/in_systm.h> 70#include <netinet/ip.h> 71#include <netinet/ip_var.h> 72#include <netinet/ip_gre.h> 73#include <machine/in_cksum.h> 74#else 75#error ip_gre input without IP? 76#endif 77 78#ifdef NETATALK 79#include <netatalk/at.h> 80#include <netatalk/at_var.h> 81#include <netatalk/at_extern.h> 82#endif 83 84/* Needs IP headers. */ 85#include <net/if_gre.h> 86 87#include <machine/stdarg.h> 88 89#if 1 90void gre_inet_ntoa(struct in_addr in); /* XXX */ 91#endif 92 93static struct gre_softc *gre_lookup(struct mbuf *, u_int8_t); 94 95static int gre_input2(struct mbuf *, int, u_char); 96 97/* 98 * De-encapsulate a packet and feed it back through ip input (this 99 * routine is called whenever IP gets a packet with proto type 100 * IPPROTO_GRE and a local destination address). 101 * This really is simple 102 */ 103void 104#if __STDC__ 105gre_input(struct mbuf *m, ...) 106#else 107gre_input(m, va_alist)
| 3 4/* 5 * Copyright (c) 1998 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Heiko W.Rupp <hwr@pilhuhn.de> 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. All advertising materials mentioning features or use of this software 20 * must display the following acknowledgement: 21 * This product includes software developed by the NetBSD 22 * Foundation, Inc. and its contributors. 23 * 4. Neither the name of The NetBSD Foundation nor the names of its 24 * contributors may be used to endorse or promote products derived 25 * from this software without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 * POSSIBILITY OF SUCH DAMAGE. 38 */ 39 40/* 41 * deencapsulate tunneled packets and send them on 42 * output half is in net/if_gre.[ch] 43 * This currently handles IPPROTO_GRE, IPPROTO_MOBILE 44 */ 45 46#include "opt_inet.h" 47#include "opt_atalk.h" 48 49#include <sys/param.h> 50#include <sys/systm.h> 51#include <sys/mbuf.h> 52#include <sys/socket.h> 53#include <sys/socketvar.h> 54#include <sys/protosw.h> 55#include <sys/errno.h> 56#include <sys/time.h> 57#include <sys/kernel.h> 58#include <sys/syslog.h> 59#include <net/bpf.h> 60#include <net/ethernet.h> 61#include <net/if.h> 62#include <net/netisr.h> 63#include <net/route.h> 64#include <net/raw_cb.h> 65 66#ifdef INET 67#include <netinet/in.h> 68#include <netinet/in_var.h> 69#include <netinet/in_systm.h> 70#include <netinet/ip.h> 71#include <netinet/ip_var.h> 72#include <netinet/ip_gre.h> 73#include <machine/in_cksum.h> 74#else 75#error ip_gre input without IP? 76#endif 77 78#ifdef NETATALK 79#include <netatalk/at.h> 80#include <netatalk/at_var.h> 81#include <netatalk/at_extern.h> 82#endif 83 84/* Needs IP headers. */ 85#include <net/if_gre.h> 86 87#include <machine/stdarg.h> 88 89#if 1 90void gre_inet_ntoa(struct in_addr in); /* XXX */ 91#endif 92 93static struct gre_softc *gre_lookup(struct mbuf *, u_int8_t); 94 95static int gre_input2(struct mbuf *, int, u_char); 96 97/* 98 * De-encapsulate a packet and feed it back through ip input (this 99 * routine is called whenever IP gets a packet with proto type 100 * IPPROTO_GRE and a local destination address). 101 * This really is simple 102 */ 103void 104#if __STDC__ 105gre_input(struct mbuf *m, ...) 106#else 107gre_input(m, va_alist)
|
108 struct mbuf *m; 109 va_dcl
| 108 struct mbuf *m; 109 va_dcl
|
110#endif 111{ 112 int off, ret, proto; 113 va_list ap; 114 115 va_start(ap, m); 116 off = va_arg(ap, int); 117 va_end(ap); 118 proto = (mtod(m, struct ip *))->ip_p; 119 120 ret = gre_input2(m, off, proto); 121 /* 122 * ret == 0 : packet not processed, meaning that 123 * no matching tunnel that is up is found. 124 * we inject it to raw ip socket to see if anyone picks it up. 125 */ 126 if (ret == 0) 127 rip_input(m, off); 128} 129 130/* 131 * decapsulate. 132 * Does the real work and is called from gre_input() (above) 133 * returns 0 if packet is not yet processed 134 * and 1 if it needs no further processing 135 * proto is the protocol number of the "calling" foo_input() 136 * routine. 137 */
| 110#endif 111{ 112 int off, ret, proto; 113 va_list ap; 114 115 va_start(ap, m); 116 off = va_arg(ap, int); 117 va_end(ap); 118 proto = (mtod(m, struct ip *))->ip_p; 119 120 ret = gre_input2(m, off, proto); 121 /* 122 * ret == 0 : packet not processed, meaning that 123 * no matching tunnel that is up is found. 124 * we inject it to raw ip socket to see if anyone picks it up. 125 */ 126 if (ret == 0) 127 rip_input(m, off); 128} 129 130/* 131 * decapsulate. 132 * Does the real work and is called from gre_input() (above) 133 * returns 0 if packet is not yet processed 134 * and 1 if it needs no further processing 135 * proto is the protocol number of the "calling" foo_input() 136 * routine. 137 */
|
138
| |
139static int 140gre_input2(struct mbuf *m ,int hlen, u_char proto) 141{
| 138static int 139gre_input2(struct mbuf *m ,int hlen, u_char proto) 140{
|
142 struct greip *gip = mtod(m, struct greip *);
| 141 struct greip *gip;
|
143 int isr; 144 struct gre_softc *sc;
| 142 int isr; 143 struct gre_softc *sc;
|
145 u_short flags;
| 144 u_int16_t flags;
|
146 147 if ((sc = gre_lookup(m, proto)) == NULL) { 148 /* No matching tunnel or tunnel is down. */ 149 return (0); 150 } 151
| 145 146 if ((sc = gre_lookup(m, proto)) == NULL) { 147 /* No matching tunnel or tunnel is down. */ 148 return (0); 149 } 150
|
| 151 if (m->m_len < sizeof(*gip)) { 152 m = m_pullup(m, sizeof(*gip)); 153 if (m == NULL) 154 return (ENOBUFS); 155 } 156 gip = mtod(m, struct greip *); 157
|
152 sc->sc_if.if_ipackets++; 153 sc->sc_if.if_ibytes += m->m_pkthdr.len; 154 155 switch (proto) { 156 case IPPROTO_GRE:
| 158 sc->sc_if.if_ipackets++; 159 sc->sc_if.if_ibytes += m->m_pkthdr.len; 160 161 switch (proto) { 162 case IPPROTO_GRE:
|
157 hlen += sizeof (struct gre_h);
| 163 hlen += sizeof(struct gre_h);
|
158 159 /* process GRE flags as packet can be of variable len */ 160 flags = ntohs(gip->gi_flags); 161 162 /* Checksum & Offset are present */ 163 if ((flags & GRE_CP) | (flags & GRE_RP)) 164 hlen += 4; 165 /* We don't support routing fields (variable length) */ 166 if (flags & GRE_RP)
| 164 165 /* process GRE flags as packet can be of variable len */ 166 flags = ntohs(gip->gi_flags); 167 168 /* Checksum & Offset are present */ 169 if ((flags & GRE_CP) | (flags & GRE_RP)) 170 hlen += 4; 171 /* We don't support routing fields (variable length) */ 172 if (flags & GRE_RP)
|
167 return(0);
| 173 return (0);
|
168 if (flags & GRE_KP) 169 hlen += 4; 170 if (flags & GRE_SP)
| 174 if (flags & GRE_KP) 175 hlen += 4; 176 if (flags & GRE_SP)
|
171 hlen +=4;
| 177 hlen += 4;
|
172 173 switch (ntohs(gip->gi_ptype)) { /* ethertypes */ 174 case ETHERTYPE_IP: /* shouldn't need a schednetisr(), as */ 175 case WCCP_PROTOCOL_TYPE: /* we are in ip_input */ 176 isr = NETISR_IP; 177 break; 178#ifdef NETATALK 179 case ETHERTYPE_ATALK: 180 isr = NETISR_ATALK1; 181 break; 182#endif 183 case ETHERTYPE_IPV6: 184 /* FALLTHROUGH */ 185 default: /* others not yet supported */
| 178 179 switch (ntohs(gip->gi_ptype)) { /* ethertypes */ 180 case ETHERTYPE_IP: /* shouldn't need a schednetisr(), as */ 181 case WCCP_PROTOCOL_TYPE: /* we are in ip_input */ 182 isr = NETISR_IP; 183 break; 184#ifdef NETATALK 185 case ETHERTYPE_ATALK: 186 isr = NETISR_ATALK1; 187 break; 188#endif 189 case ETHERTYPE_IPV6: 190 /* FALLTHROUGH */ 191 default: /* others not yet supported */
|
186 return(0);
| 192 return (0);
|
187 } 188 break; 189 default: 190 /* others not yet supported */
| 193 } 194 break; 195 default: 196 /* others not yet supported */
|
191 return(0);
| 197 return (0);
|
192 } 193
| 198 } 199
|
194 m->m_data += hlen; 195 m->m_len -= hlen;
| 200 if (hlen > m->m_pkthdr.len) { 201 m_freem(m); 202 return (EINVAL); 203 } 204 m_adj(m, hlen);
|
196 m->m_pkthdr.len -= hlen; 197 198 if (sc->sc_if.if_bpf) { 199 u_int32_t af = AF_INET; 200 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m); 201 } 202 203 m->m_pkthdr.rcvif = &sc->sc_if; 204 205 netisr_dispatch(isr, m); 206
| 205 m->m_pkthdr.len -= hlen; 206 207 if (sc->sc_if.if_bpf) { 208 u_int32_t af = AF_INET; 209 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m); 210 } 211 212 m->m_pkthdr.rcvif = &sc->sc_if; 213 214 netisr_dispatch(isr, m); 215
|
207 return(1); /* packet is done, no further processing needed */
| 216 return (1); /* packet is done, no further processing needed */
|
208} 209 210/* 211 * input routine for IPPRPOTO_MOBILE 212 * This is a little bit diffrent from the other modes, as the 213 * encapsulating header was not prepended, but instead inserted 214 * between IP header and payload 215 */ 216 217void 218#if __STDC__ 219gre_mobile_input(struct mbuf *m, ...) 220#else 221gre_mobile_input(m, va_alist) 222 struct mbuf *m; 223 va_dcl 224#endif 225{
| 217} 218 219/* 220 * input routine for IPPRPOTO_MOBILE 221 * This is a little bit diffrent from the other modes, as the 222 * encapsulating header was not prepended, but instead inserted 223 * between IP header and payload 224 */ 225 226void 227#if __STDC__ 228gre_mobile_input(struct mbuf *m, ...) 229#else 230gre_mobile_input(m, va_alist) 231 struct mbuf *m; 232 va_dcl 233#endif 234{
|
226 struct ip *ip = mtod(m, struct ip *); 227 struct mobip_h *mip = mtod(m, struct mobip_h *);
| 235 struct ip *ip; 236 struct mobip_h *mip;
|
228 struct gre_softc *sc; 229 int hlen; 230 va_list ap;
| 237 struct gre_softc *sc; 238 int hlen; 239 va_list ap;
|
231 u_char osrc = 0;
| |
232 int msiz; 233
| 240 int msiz; 241
|
234 va_start(ap,m);
| 242 va_start(ap, m);
|
235 hlen = va_arg(ap, int); 236 va_end(ap); 237 238 if ((sc = gre_lookup(m, IPPROTO_MOBILE)) == NULL) { 239 /* No matching tunnel or tunnel is down. */ 240 m_freem(m); 241 return; 242 } 243
| 243 hlen = va_arg(ap, int); 244 va_end(ap); 245 246 if ((sc = gre_lookup(m, IPPROTO_MOBILE)) == NULL) { 247 /* No matching tunnel or tunnel is down. */ 248 m_freem(m); 249 return; 250 } 251
|
| 252 if (m->m_len < sizeof(*mip)) { 253 m = m_pullup(m, sizeof(*mip)); 254 if (m == NULL) 255 return; 256 } 257 ip = mtod(m, struct ip *); 258 mip = mtod(m, struct mobip_h *); 259
|
244 sc->sc_if.if_ipackets++; 245 sc->sc_if.if_ibytes += m->m_pkthdr.len; 246
| 260 sc->sc_if.if_ipackets++; 261 sc->sc_if.if_ibytes += m->m_pkthdr.len; 262
|
247 if(ntohs(mip->mh.proto) & MOB_H_SBIT) { 248 osrc = 1;
| 263 if (ntohs(mip->mh.proto) & MOB_H_SBIT) {
|
249 msiz = MOB_H_SIZ_L; 250 mip->mi.ip_src.s_addr = mip->mh.osrc;
| 264 msiz = MOB_H_SIZ_L; 265 mip->mi.ip_src.s_addr = mip->mh.osrc;
|
251 } else {
| 266 } else
|
252 msiz = MOB_H_SIZ_S;
| 267 msiz = MOB_H_SIZ_S;
|
| 268 269 if (m->m_len < (ip->ip_hl << 2) + msiz) { 270 m = m_pullup(m, (ip->ip_hl << 2) + msiz); 271 if (m == NULL) 272 return; 273 ip = mtod(m, struct ip *); 274 mip = mtod(m, struct mobip_h *);
|
253 }
| 275 }
|
| 276
|
254 mip->mi.ip_dst.s_addr = mip->mh.odst; 255 mip->mi.ip_p = (ntohs(mip->mh.proto) >> 8); 256
| 277 mip->mi.ip_dst.s_addr = mip->mh.odst; 278 mip->mi.ip_p = (ntohs(mip->mh.proto) >> 8); 279
|
257 if (gre_in_cksum((u_short*)&mip->mh,msiz) != 0) {
| 280 if (gre_in_cksum((u_int16_t *)&mip->mh, msiz) != 0) {
|
258 m_freem(m); 259 return; 260 } 261 262 bcopy((caddr_t)(ip) + (ip->ip_hl << 2) + msiz, (caddr_t)(ip) + 263 (ip->ip_hl << 2), m->m_len - msiz - (ip->ip_hl << 2)); 264 m->m_len -= msiz; 265 m->m_pkthdr.len -= msiz; 266 267 /* 268 * On FreeBSD, rip_input() supplies us with ip->ip_len 269 * already converted into host byteorder and also decreases 270 * it by the lengh of IP header, however, ip_input() expects 271 * that this field is in the original format (network byteorder 272 * and full size of IP packet), so that adjust accordingly. 273 */ 274 ip->ip_len = htons(ip->ip_len + sizeof(struct ip) - msiz); 275 276 ip->ip_sum = 0; 277 ip->ip_sum = in_cksum(m, (ip->ip_hl << 2)); 278 279 if (sc->sc_if.if_bpf) { 280 u_int32_t af = AF_INET; 281 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m); 282 } 283 284 m->m_pkthdr.rcvif = &sc->sc_if; 285 286 netisr_dispatch(NETISR_IP, m); 287} 288 289/* 290 * Find the gre interface associated with our src/dst/proto set. 291 */ 292static struct gre_softc * 293gre_lookup(m, proto) 294 struct mbuf *m; 295 u_int8_t proto; 296{ 297 struct ip *ip = mtod(m, struct ip *); 298 struct gre_softc *sc; 299 300 for (sc = LIST_FIRST(&gre_softc_list); sc != NULL; 301 sc = LIST_NEXT(sc, sc_list)) { 302 if ((sc->g_dst.s_addr == ip->ip_src.s_addr) && 303 (sc->g_src.s_addr == ip->ip_dst.s_addr) && 304 (sc->g_proto == proto) && 305 ((sc->sc_if.if_flags & IFF_UP) != 0)) 306 return (sc); 307 } 308 309 return (NULL); 310}
| 281 m_freem(m); 282 return; 283 } 284 285 bcopy((caddr_t)(ip) + (ip->ip_hl << 2) + msiz, (caddr_t)(ip) + 286 (ip->ip_hl << 2), m->m_len - msiz - (ip->ip_hl << 2)); 287 m->m_len -= msiz; 288 m->m_pkthdr.len -= msiz; 289 290 /* 291 * On FreeBSD, rip_input() supplies us with ip->ip_len 292 * already converted into host byteorder and also decreases 293 * it by the lengh of IP header, however, ip_input() expects 294 * that this field is in the original format (network byteorder 295 * and full size of IP packet), so that adjust accordingly. 296 */ 297 ip->ip_len = htons(ip->ip_len + sizeof(struct ip) - msiz); 298 299 ip->ip_sum = 0; 300 ip->ip_sum = in_cksum(m, (ip->ip_hl << 2)); 301 302 if (sc->sc_if.if_bpf) { 303 u_int32_t af = AF_INET; 304 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m); 305 } 306 307 m->m_pkthdr.rcvif = &sc->sc_if; 308 309 netisr_dispatch(NETISR_IP, m); 310} 311 312/* 313 * Find the gre interface associated with our src/dst/proto set. 314 */ 315static struct gre_softc * 316gre_lookup(m, proto) 317 struct mbuf *m; 318 u_int8_t proto; 319{ 320 struct ip *ip = mtod(m, struct ip *); 321 struct gre_softc *sc; 322 323 for (sc = LIST_FIRST(&gre_softc_list); sc != NULL; 324 sc = LIST_NEXT(sc, sc_list)) { 325 if ((sc->g_dst.s_addr == ip->ip_src.s_addr) && 326 (sc->g_src.s_addr == ip->ip_dst.s_addr) && 327 (sc->g_proto == proto) && 328 ((sc->sc_if.if_flags & IFF_UP) != 0)) 329 return (sc); 330 } 331 332 return (NULL); 333}
|