ip_divert.c (54175) | ip_divert.c (55009) |
---|---|
1/* 2 * Copyright (c) 1982, 1986, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 16 unchanged lines hidden (view full) --- 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * | 1/* 2 * Copyright (c) 1982, 1986, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 16 unchanged lines hidden (view full) --- 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * |
33 * $FreeBSD: head/sys/netinet/ip_divert.c 54175 1999-12-06 00:43:07Z archie $ | 33 * $FreeBSD: head/sys/netinet/ip_divert.c 55009 1999-12-22 19:13:38Z shin $ |
34 */ 35 36#include "opt_inet.h" 37#include "opt_ipfw.h" 38#include "opt_ipdivert.h" | 34 */ 35 36#include "opt_inet.h" 37#include "opt_ipfw.h" 38#include "opt_ipdivert.h" |
39#include "opt_ipsec.h" |
|
39 40#ifndef INET 41#error "IPDIVERT requires INET." 42#endif 43 44#include <sys/param.h> 45#include <sys/malloc.h> 46#include <sys/mbuf.h> --- 74 unchanged lines hidden (view full) --- 121 maxsockets, ZONE_INTERRUPT, 0); 122} 123 124/* 125 * IPPROTO_DIVERT is not a real IP protocol; don't allow any packets 126 * with that protocol number to enter the system from the outside. 127 */ 128void | 40 41#ifndef INET 42#error "IPDIVERT requires INET." 43#endif 44 45#include <sys/param.h> 46#include <sys/malloc.h> 47#include <sys/mbuf.h> --- 74 unchanged lines hidden (view full) --- 122 maxsockets, ZONE_INTERRUPT, 0); 123} 124 125/* 126 * IPPROTO_DIVERT is not a real IP protocol; don't allow any packets 127 * with that protocol number to enter the system from the outside. 128 */ 129void |
129div_input(struct mbuf *m, int hlen) | 130div_input(struct mbuf *m, int off, int proto) |
130{ 131 ipstat.ips_noproto++; 132 m_freem(m); 133} 134 135/* 136 * Divert a packet by passing it up to the divert socket at port 'port'. 137 * --- 153 unchanged lines hidden (view full) --- 291 /* Convert fields to host order for ip_output() */ 292 NTOHS(ip->ip_len); 293 NTOHS(ip->ip_off); 294 295 /* Send packet to output processing */ 296 ipstat.ips_rawout++; /* XXX */ 297 error = ip_output(m, inp->inp_options, &inp->inp_route, 298 (so->so_options & SO_DONTROUTE) | | 131{ 132 ipstat.ips_noproto++; 133 m_freem(m); 134} 135 136/* 137 * Divert a packet by passing it up to the divert socket at port 'port'. 138 * --- 153 unchanged lines hidden (view full) --- 292 /* Convert fields to host order for ip_output() */ 293 NTOHS(ip->ip_len); 294 NTOHS(ip->ip_off); 295 296 /* Send packet to output processing */ 297 ipstat.ips_rawout++; /* XXX */ 298 error = ip_output(m, inp->inp_options, &inp->inp_route, 299 (so->so_options & SO_DONTROUTE) | |
299 IP_ALLOWBROADCAST | IP_RAWOUTPUT, inp->inp_moptions); | 300 IP_ALLOWBROADCAST | IP_RAWOUTPUT | IP_SOCKINMRCVIF, 301 inp->inp_moptions); |
300 } else { 301 struct ifaddr *ifa; 302 303 /* If no luck with the name above. check by IP address. */ 304 if (m->m_pkthdr.rcvif == NULL) { 305 /* 306 * Make sure there are no distractions 307 * for ifa_ifwithaddr. Clear the port and the ifname. --- 31 unchanged lines hidden (view full) --- 339 int error, s; 340 341 inp = sotoinpcb(so); 342 if (inp) 343 panic("div_attach"); 344 if (p && (error = suser(p)) != 0) 345 return error; 346 | 302 } else { 303 struct ifaddr *ifa; 304 305 /* If no luck with the name above. check by IP address. */ 306 if (m->m_pkthdr.rcvif == NULL) { 307 /* 308 * Make sure there are no distractions 309 * for ifa_ifwithaddr. Clear the port and the ifname. --- 31 unchanged lines hidden (view full) --- 341 int error, s; 342 343 inp = sotoinpcb(so); 344 if (inp) 345 panic("div_attach"); 346 if (p && (error = suser(p)) != 0) 347 return error; 348 |
349 error = soreserve(so, div_sendspace, div_recvspace); 350 if (error) 351 return error; |
|
347 s = splnet(); 348 error = in_pcballoc(so, &divcbinfo, p); 349 splx(s); 350 if (error) 351 return error; | 352 s = splnet(); 353 error = in_pcballoc(so, &divcbinfo, p); 354 splx(s); 355 if (error) 356 return error; |
352 error = soreserve(so, div_sendspace, div_recvspace); 353 if (error) 354 return error; | |
355 inp = (struct inpcb *)so->so_pcb; 356 inp->inp_ip_p = proto; 357 inp->inp_flags |= INP_HDRINCL; 358 /* The socket is always "connected" because 359 we always know "where" to send the packet */ 360 so->so_state |= SS_ISCONNECTED; | 357 inp = (struct inpcb *)so->so_pcb; 358 inp->inp_ip_p = proto; 359 inp->inp_flags |= INP_HDRINCL; 360 /* The socket is always "connected" because 361 we always know "where" to send the packet */ 362 so->so_state |= SS_ISCONNECTED; |
363#ifdef IPSEC 364 error = ipsec_init_policy(so, &inp->inp_sp); 365 if (error != 0) { 366 in_pcbdetach(inp); 367 return error; 368 } 369#endif /*IPSEC*/ |
|
361 return 0; 362} 363 364static int 365div_detach(struct socket *so) 366{ 367 struct inpcb *inp; 368 --- 40 unchanged lines hidden (view full) --- 409 return 0; 410} 411 412static int 413div_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, 414 struct mbuf *control, struct proc *p) 415{ 416 /* Packet must have a header (but that's about it) */ | 370 return 0; 371} 372 373static int 374div_detach(struct socket *so) 375{ 376 struct inpcb *inp; 377 --- 40 unchanged lines hidden (view full) --- 418 return 0; 419} 420 421static int 422div_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, 423 struct mbuf *control, struct proc *p) 424{ 425 /* Packet must have a header (but that's about it) */ |
417 if (m->m_len < sizeof (struct ip) || | 426 if (m->m_len < sizeof (struct ip) && |
418 (m = m_pullup(m, sizeof (struct ip))) == 0) { 419 ipstat.ips_toosmall++; 420 m_freem(m); 421 return EINVAL; 422 } 423 424 /* Send packet */ 425 return div_output(so, m, nam, control); 426} 427 428struct pr_usrreqs div_usrreqs = { 429 div_abort, pru_accept_notsupp, div_attach, div_bind, 430 pru_connect_notsupp, pru_connect2_notsupp, in_control, div_detach, 431 div_disconnect, pru_listen_notsupp, in_setpeeraddr, pru_rcvd_notsupp, 432 pru_rcvoob_notsupp, div_send, pru_sense_null, div_shutdown, 433 in_setsockaddr, sosend, soreceive, sopoll 434}; | 427 (m = m_pullup(m, sizeof (struct ip))) == 0) { 428 ipstat.ips_toosmall++; 429 m_freem(m); 430 return EINVAL; 431 } 432 433 /* Send packet */ 434 return div_output(so, m, nam, control); 435} 436 437struct pr_usrreqs div_usrreqs = { 438 div_abort, pru_accept_notsupp, div_attach, div_bind, 439 pru_connect_notsupp, pru_connect2_notsupp, in_control, div_detach, 440 div_disconnect, pru_listen_notsupp, in_setpeeraddr, pru_rcvd_notsupp, 441 pru_rcvoob_notsupp, div_send, pru_sense_null, div_shutdown, 442 in_setsockaddr, sosend, soreceive, sopoll 443}; |