ip_input.c (196039) | ip_input.c (197952) |
---|---|
1/*- 2 * Copyright (c) 1982, 1986, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 16 unchanged lines hidden (view full) --- 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 30 */ 31 32#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1982, 1986, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 16 unchanged lines hidden (view full) --- 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 30 */ 31 32#include <sys/cdefs.h> |
33__FBSDID("$FreeBSD: head/sys/netinet/ip_input.c 196039 2009-08-02 19:43:32Z rwatson $"); | 33__FBSDID("$FreeBSD: head/sys/netinet/ip_input.c 197952 2009-10-11 05:59:43Z julian $"); |
34 35#include "opt_bootp.h" 36#include "opt_ipfw.h" 37#include "opt_ipstealth.h" 38#include "opt_ipsec.h" 39#include "opt_route.h" 40#include "opt_carp.h" 41 --- 123 unchanged lines hidden (view full) --- 165 * XXX - ip_checkinterface must be disabled if you add IP aliases 166 * to the loopback interface instead of the interface where the 167 * packets for those addresses are received. 168 */ 169SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW, 170 &VNET_NAME(ip_checkinterface), 0, 171 "Verify packet arrives on correct interface"); 172 | 34 35#include "opt_bootp.h" 36#include "opt_ipfw.h" 37#include "opt_ipstealth.h" 38#include "opt_ipsec.h" 39#include "opt_route.h" 40#include "opt_carp.h" 41 --- 123 unchanged lines hidden (view full) --- 165 * XXX - ip_checkinterface must be disabled if you add IP aliases 166 * to the loopback interface instead of the interface where the 167 * packets for those addresses are received. 168 */ 169SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW, 170 &VNET_NAME(ip_checkinterface), 0, 171 "Verify packet arrives on correct interface"); 172 |
173struct pfil_head inet_pfil_hook; /* Packet filter hooks */ | 173VNET_DEFINE(struct pfil_head, inet_pfil_hook); /* Packet filter hooks */ |
174 175static struct netisr_handler ip_nh = { 176 .nh_name = "ip", 177 .nh_handler = ip_input, 178 .nh_proto = NETISR_IP, 179 .nh_policy = NETISR_POLICY_FLOW, 180}; 181 --- 131 unchanged lines hidden (view full) --- 313 for (i = 0; i < IPREASS_NHASH; i++) 314 TAILQ_INIT(&V_ipq[i]); 315 V_maxnipq = nmbclusters / 32; 316 V_maxfragsperpacket = 16; 317 V_ipq_zone = uma_zcreate("ipq", sizeof(struct ipq), NULL, NULL, NULL, 318 NULL, UMA_ALIGN_PTR, 0); 319 maxnipq_update(); 320 | 174 175static struct netisr_handler ip_nh = { 176 .nh_name = "ip", 177 .nh_handler = ip_input, 178 .nh_proto = NETISR_IP, 179 .nh_policy = NETISR_POLICY_FLOW, 180}; 181 --- 131 unchanged lines hidden (view full) --- 313 for (i = 0; i < IPREASS_NHASH; i++) 314 TAILQ_INIT(&V_ipq[i]); 315 V_maxnipq = nmbclusters / 32; 316 V_maxfragsperpacket = 16; 317 V_ipq_zone = uma_zcreate("ipq", sizeof(struct ipq), NULL, NULL, NULL, 318 NULL, UMA_ALIGN_PTR, 0); 319 maxnipq_update(); 320 |
321 /* Initialize packet filter hooks. */ 322 V_inet_pfil_hook.ph_type = PFIL_TYPE_AF; 323 V_inet_pfil_hook.ph_af = AF_INET; 324 if ((i = pfil_head_register(&V_inet_pfil_hook)) != 0) 325 printf("%s: WARNING: unable to register pfil hook, " 326 "error %d\n", __func__, i); 327 |
|
321#ifdef FLOWTABLE 322 TUNABLE_INT_FETCH("net.inet.ip.output_flowtable_size", 323 &V_ip_output_flowtable_size); 324 V_ip_ft = flowtable_alloc(V_ip_output_flowtable_size, FL_PCPU); 325#endif 326 327 /* Skip initialization of globals for non-default instances. */ 328 if (!IS_DEFAULT_VNET(curvnet)) --- 14 unchanged lines hidden (view full) --- 343 pr < inetdomain.dom_protoswNPROTOSW; pr++) 344 if (pr->pr_domain->dom_family == PF_INET && 345 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW) { 346 /* Be careful to only index valid IP protocols. */ 347 if (pr->pr_protocol < IPPROTO_MAX) 348 ip_protox[pr->pr_protocol] = pr - inetsw; 349 } 350 | 328#ifdef FLOWTABLE 329 TUNABLE_INT_FETCH("net.inet.ip.output_flowtable_size", 330 &V_ip_output_flowtable_size); 331 V_ip_ft = flowtable_alloc(V_ip_output_flowtable_size, FL_PCPU); 332#endif 333 334 /* Skip initialization of globals for non-default instances. */ 335 if (!IS_DEFAULT_VNET(curvnet)) --- 14 unchanged lines hidden (view full) --- 350 pr < inetdomain.dom_protoswNPROTOSW; pr++) 351 if (pr->pr_domain->dom_family == PF_INET && 352 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW) { 353 /* Be careful to only index valid IP protocols. */ 354 if (pr->pr_protocol < IPPROTO_MAX) 355 ip_protox[pr->pr_protocol] = pr - inetsw; 356 } 357 |
351 /* Initialize packet filter hooks. */ 352 inet_pfil_hook.ph_type = PFIL_TYPE_AF; 353 inet_pfil_hook.ph_af = AF_INET; 354 if ((i = pfil_head_register(&inet_pfil_hook)) != 0) 355 printf("%s: WARNING: unable to register pfil hook, " 356 "error %d\n", __func__, i); 357 | |
358 /* Start ipport_tick. */ 359 callout_init(&ipport_tick_callout, CALLOUT_MPSAFE); 360 callout_reset(&ipport_tick_callout, 1, ipport_tick, NULL); 361 EVENTHANDLER_REGISTER(shutdown_pre_sync, ip_fini, NULL, 362 SHUTDOWN_PRI_DEFAULT); 363 EVENTHANDLER_REGISTER(nmbclusters_change, ipq_zone_change, 364 NULL, EVENTHANDLER_PRI_ANY); 365 --- 139 unchanged lines hidden (view full) --- 505 * Run through list of hooks for input packets. 506 * 507 * NB: Beware of the destination address changing (e.g. 508 * by NAT rewriting). When this happens, tell 509 * ip_forward to do the right thing. 510 */ 511 512 /* Jump over all PFIL processing if hooks are not active. */ | 358 /* Start ipport_tick. */ 359 callout_init(&ipport_tick_callout, CALLOUT_MPSAFE); 360 callout_reset(&ipport_tick_callout, 1, ipport_tick, NULL); 361 EVENTHANDLER_REGISTER(shutdown_pre_sync, ip_fini, NULL, 362 SHUTDOWN_PRI_DEFAULT); 363 EVENTHANDLER_REGISTER(nmbclusters_change, ipq_zone_change, 364 NULL, EVENTHANDLER_PRI_ANY); 365 --- 139 unchanged lines hidden (view full) --- 505 * Run through list of hooks for input packets. 506 * 507 * NB: Beware of the destination address changing (e.g. 508 * by NAT rewriting). When this happens, tell 509 * ip_forward to do the right thing. 510 */ 511 512 /* Jump over all PFIL processing if hooks are not active. */ |
513 if (!PFIL_HOOKED(&inet_pfil_hook)) | 513 if (!PFIL_HOOKED(&V_inet_pfil_hook)) |
514 goto passin; 515 516 odst = ip->ip_dst; | 514 goto passin; 515 516 odst = ip->ip_dst; |
517 if (pfil_run_hooks(&inet_pfil_hook, &m, ifp, PFIL_IN, NULL) != 0) | 517 if (pfil_run_hooks(&V_inet_pfil_hook, &m, ifp, PFIL_IN, NULL) != 0) |
518 return; 519 if (m == NULL) /* consumed by filter */ 520 return; 521 522 ip = mtod(m, struct ip *); 523 dchg = (odst.s_addr != ip->ip_dst.s_addr); 524 ifp = m->m_pkthdr.rcvif; 525 --- 1245 unchanged lines hidden --- | 518 return; 519 if (m == NULL) /* consumed by filter */ 520 return; 521 522 ip = mtod(m, struct ip *); 523 dchg = (odst.s_addr != ip->ip_dst.s_addr); 524 ifp = m->m_pkthdr.rcvif; 525 --- 1245 unchanged lines hidden --- |