1/* 2 * Copyright (c) 2008-2012 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29/* $FreeBSD: src/sys/netinet6/in6_proto.c,v 1.19 2002/10/16 02:25:05 sam Exp $ */ 30/* $KAME: in6_proto.c,v 1.91 2001/05/27 13:28:35 itojun Exp $ */ 31 32/* 33 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 34 * All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. Neither the name of the project nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 */ 60 61/* 62 * Copyright (c) 1982, 1986, 1993 63 * The Regents of the University of California. All rights reserved. 64 * 65 * Redistribution and use in source and binary forms, with or without 66 * modification, are permitted provided that the following conditions 67 * are met: 68 * 1. Redistributions of source code must retain the above copyright 69 * notice, this list of conditions and the following disclaimer. 70 * 2. Redistributions in binary form must reproduce the above copyright 71 * notice, this list of conditions and the following disclaimer in the 72 * documentation and/or other materials provided with the distribution. 73 * 3. All advertising materials mentioning features or use of this software 74 * must display the following acknowledgement: 75 * This product includes software developed by the University of 76 * California, Berkeley and its contributors. 77 * 4. Neither the name of the University nor the names of its contributors 78 * may be used to endorse or promote products derived from this software 79 * without specific prior written permission. 80 * 81 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 82 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 83 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 84 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 85 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 86 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 87 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 88 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 89 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 90 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 91 * SUCH DAMAGE. 92 * 93 * @(#)in_proto.c 8.1 (Berkeley) 6/10/93 94 */ 95 96 97#include <sys/param.h> 98#include <sys/socket.h> 99#include <sys/socketvar.h> 100#include <sys/protosw.h> 101#include <sys/kernel.h> 102#include <sys/domain.h> 103#include <sys/mbuf.h> 104#include <sys/systm.h> 105#include <sys/sysctl.h> 106 107#include <net/if.h> 108#include <net/radix.h> 109#include <net/route.h> 110 111#include <netinet/in.h> 112#include <netinet/in_systm.h> 113#include <netinet/in_var.h> 114#include <netinet/ip_encap.h> 115#include <netinet/ip.h> 116#include <netinet/ip_var.h> 117#include <netinet/ip6.h> 118#include <netinet6/ip6_var.h> 119#include <netinet/icmp6.h> 120 121#include <netinet/tcp.h> 122#include <netinet/tcp_timer.h> 123#include <netinet/tcp_var.h> 124#include <netinet/udp.h> 125#include <netinet/udp_var.h> 126#include <netinet6/tcp6_var.h> 127#include <netinet6/raw_ip6.h> 128#include <netinet6/udp6_var.h> 129#include <netinet6/pim6_var.h> 130#include <netinet6/nd6.h> 131#include <netinet6/in6_prefix.h> 132#include <netinet6/mld6_var.h> 133 134#include <netinet6/ip6_mroute.h> 135 136#if IPSEC 137#include <netinet6/ipsec.h> 138#if INET6 139#include <netinet6/ipsec6.h> 140#endif 141#include <netinet6/ah.h> 142#if INET6 143#include <netinet6/ah6.h> 144#endif 145#if IPSEC_ESP 146#include <netinet6/esp.h> 147#if INET6 148#include <netinet6/esp6.h> 149#endif 150#endif 151#include <netinet6/ipcomp.h> 152#if INET6 153#include <netinet6/ipcomp6.h> 154#endif 155#endif /*IPSEC*/ 156 157#include <netinet6/ip6protosw.h> 158 159#include <net/net_osdep.h> 160 161/* 162 * TCP/IP protocol family: IP6, ICMP6, UDP, TCP. 163 */ 164 165extern struct domain inet6domain; 166static struct pr_usrreqs nousrreqs; 167lck_mtx_t *inet6_domain_mutex; 168 169#define PR_LISTEN 0 170#define PR_ABRTACPTDIS 0 171 172extern int in6_inithead(void **, int); 173void in6_dinit(void) __attribute__((section("__TEXT, initcode"))); 174 175static int rip6_pr_output(struct mbuf *m, struct socket *so, struct sockaddr_in6 *, struct mbuf *); 176 177struct ip6protosw inet6sw[] = { 178{ 0, &inet6domain, IPPROTO_IPV6, 0, 179 0, 0, 0, 0, 180 0, 181 ip6_init, 0, frag6_slowtimo, frag6_drain, 182 0, 183 &nousrreqs, 184 0, 0, 0, 185 { 0, 0 }, NULL, { 0 } 186}, 187{ SOCK_DGRAM, &inet6domain, IPPROTO_UDP, PR_ATOMIC|PR_ADDR|PR_PROTOLOCK|PR_PCBLOCK, 188 udp6_input, 0, udp6_ctlinput, ip6_ctloutput, 189 0, 190 0, 0, 0, 0, 191 0, 192 &udp6_usrreqs, 193 udp_lock, udp_unlock, udp_getlock, 194 { 0, 0 }, NULL, { 0 } 195}, 196{ SOCK_STREAM, &inet6domain, IPPROTO_TCP, PR_CONNREQUIRED|PR_WANTRCVD|PR_LISTEN|PR_PROTOLOCK|PR_PCBLOCK|PR_DISPOSE, 197 tcp6_input, 0, tcp6_ctlinput, tcp_ctloutput, 198 0, 199#if INET /* don't call initialization and timeout routines twice */ 200 0, 0, 0, tcp_drain, 201#else 202 tcp_init, 0, tcp_slowtimo, tcp_drain, 203#endif 204 0, 205 &tcp6_usrreqs, 206 tcp_lock, tcp_unlock, tcp_getlock, 207 { 0, 0 }, NULL, { 0 } 208}, 209{ SOCK_RAW, &inet6domain, IPPROTO_RAW, PR_ATOMIC|PR_ADDR, 210 rip6_input, rip6_pr_output, rip6_ctlinput, rip6_ctloutput, 211 0, 212 0, 0, 0, 0, 213 0, 214 &rip6_usrreqs, 215 0, rip_unlock, 0, 216 { 0, 0 }, NULL, { 0 } 217}, 218{ SOCK_RAW, &inet6domain, IPPROTO_ICMPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 219 icmp6_input, rip6_pr_output, rip6_ctlinput, rip6_ctloutput, 220 0, 221 icmp6_init, 0, mld_slowtimo, 0, 222 0, 223 &rip6_usrreqs, 224 0, rip_unlock, 0, 225 { 0, 0 }, NULL, { 0 } 226}, 227{ SOCK_DGRAM, &inet6domain, IPPROTO_ICMPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 228 icmp6_input, rip6_pr_output, rip6_ctlinput, icmp6_dgram_ctloutput, 229 0, 230 icmp6_init, 0, mld_slowtimo, 0, 231 0, 232 &icmp6_dgram_usrreqs, 233 0, rip_unlock, 0, 234 { 0, 0 }, NULL, { 0 } 235}, 236{ SOCK_RAW, &inet6domain, IPPROTO_DSTOPTS,PR_ATOMIC|PR_ADDR, 237 dest6_input, 0, 0, 0, 238 0, 239 0, 0, 0, 0, 240 0, 241 &nousrreqs, 242 0, 0, 0, 243 { 0, 0 }, NULL, { 0 } 244}, 245{ SOCK_RAW, &inet6domain, IPPROTO_ROUTING,PR_ATOMIC|PR_ADDR, 246 route6_input, 0, 0, 0, 247 0, 248 0, 0, 0, 0, 249 0, 250 &nousrreqs, 251 0, 0, 0, 252 { 0, 0 }, NULL, { 0 } 253}, 254{ SOCK_RAW, &inet6domain, IPPROTO_FRAGMENT,PR_ATOMIC|PR_ADDR, 255 frag6_input, 0, 0, 0, 256 0, 257 0, 0, 0, 0, 258 0, 259 &nousrreqs, 260 0, 0, 0, 261 { 0, 0 }, NULL, { 0 } 262}, 263#if IPSEC 264{ SOCK_RAW, &inet6domain, IPPROTO_AH, PR_ATOMIC|PR_ADDR|PR_PROTOLOCK, 265 ah6_input, 0, 0, 0, 266 0, 267 0, 0, 0, 0, 268 0, 269 &nousrreqs, 270 0, 0, 0, 271 { 0, 0 }, NULL, { 0 } 272}, 273#if IPSEC_ESP 274{ SOCK_RAW, &inet6domain, IPPROTO_ESP, PR_ATOMIC|PR_ADDR|PR_PROTOLOCK, 275 esp6_input, 0, 276 esp6_ctlinput, 277 0, 278 0, 279 0, 0, 0, 0, 280 0, 281 &nousrreqs, 282 0, 0, 0, 283 { 0, 0 }, NULL, { 0 } 284}, 285#endif 286{ SOCK_RAW, &inet6domain, IPPROTO_IPCOMP, PR_ATOMIC|PR_ADDR|PR_PROTOLOCK, 287 ipcomp6_input, 0, 0, 0, 288 0, 289 0, 0, 0, 0, 290 0, 291 &nousrreqs, 292 0, 0, 0, 293 { 0, 0 }, NULL, { 0 } 294}, 295#endif /* IPSEC */ 296#if INET 297{ SOCK_RAW, &inet6domain, IPPROTO_IPV4, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 298 encap6_input, rip6_pr_output, 0, rip6_ctloutput, 299 0, 300 encap_init, 0, 0, 0, 301 0, 302 &rip6_usrreqs, 303 0, rip_unlock, 0, 304 { 0, 0 }, NULL, { 0 } 305}, 306#endif /*INET*/ 307{ SOCK_RAW, &inet6domain, IPPROTO_IPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 308 encap6_input, rip6_pr_output, 0, rip6_ctloutput, 309 0, 310 encap_init, 0, 0, 0, 311 0, 312 &rip6_usrreqs, 313 0, rip_unlock, 0, 314 { 0, 0 }, NULL, { 0 } 315}, 316#if MROUTING 317{ SOCK_RAW, &inet6domain, IPPROTO_PIM, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 318 pim6_input, rip6_pr_output, 0, rip6_ctloutput, 319 0, 320 0, 0, 0, 0, 321 0, 322 &rip6_usrreqs, 323 0, rip_unlock, 0, 324 { 0, 0 }, NULL, { 0 } 325}, 326#endif 327/* raw wildcard */ 328{ SOCK_RAW, &inet6domain, 0, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 329 rip6_input, rip6_pr_output, 0, rip6_ctloutput, 330 0, 331 0, 0, 0, 0, 332 0, 333 &rip6_usrreqs, 334 0, rip_unlock, 0, 335 { 0, 0 }, NULL, { 0 } 336}, 337}; 338 339 340int in6_proto_count = (sizeof (inet6sw) / sizeof (struct ip6protosw)); 341 342struct domain inet6domain = 343 { AF_INET6, "internet6", in6_dinit, 0, 0, 344 (struct protosw *)inet6sw, 0, 345 in6_inithead, offsetof(struct sockaddr_in6, sin6_addr) << 3, sizeof(struct sockaddr_in6) , 346 sizeof(struct sockaddr_in6), 0, 347 NULL, 0, {0,0} 348 }; 349 350DOMAIN_SET(inet6); 351 352/* Initialize the PF_INET6 domain, and add in the pre-defined protos */ 353void 354in6_dinit(void) 355{ 356 register int i; 357 register struct ip6protosw *pr; 358 register struct domain *dp; 359 static int inet6domain_initted = 0; 360 361 if (!inet6domain_initted) { 362 dp = &inet6domain; 363 364 for (i=0, pr = &inet6sw[0]; i<in6_proto_count; i++, pr++) 365 net_add_proto((struct protosw*)pr, dp); 366 367 inet6_domain_mutex = dp->dom_mtx; 368 inet6domain_initted = 1; 369 } 370} 371 372int rip6_pr_output(__unused struct mbuf *m, __unused struct socket *so, 373 __unused struct sockaddr_in6 *sin6, __unused struct mbuf *m1) 374{ 375 panic("rip6_pr_output\n"); 376 return 0; 377} 378 379/* 380 * Internet configuration info 381 */ 382#ifndef IPV6FORWARDING 383#if GATEWAY6 384#define IPV6FORWARDING 1 /* forward IP6 packets not for us */ 385#else 386#define IPV6FORWARDING 0 /* don't forward IP6 packets not for us */ 387#endif /* GATEWAY6 */ 388#endif /* !IPV6FORWARDING */ 389 390#ifndef IPV6_SENDREDIRECTS 391#define IPV6_SENDREDIRECTS 1 392#endif 393 394int ip6_forwarding = IPV6FORWARDING; /* act as router? */ 395int ip6_sendredirects = IPV6_SENDREDIRECTS; 396int ip6_defhlim = IPV6_DEFHLIM; 397int ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS; 398int ip6_accept_rtadv = 1; /* deprecated */ 399int ip6_maxfragpackets; /* initialized in frag6.c:frag6_init() */ 400int ip6_maxfrags; 401int ip6_log_interval = 5; 402int ip6_hdrnestlimit = 15; /* How many header options will we process? */ 403int ip6_dad_count = 1; /* DupAddrDetectionTransmits */ 404u_int32_t ip6_flow_seq; 405int ip6_auto_flowlabel = 1; 406int ip6_gif_hlim = 0; 407int ip6_use_deprecated = 1; /* allow deprecated addr (RFC2462 5.5.4) */ 408int ip6_rr_prune = 5; /* router renumbering prefix 409 * walk list every 5 sec. */ 410int ip6_mcast_pmtu = 0; /* enable pMTU discovery for multicast? */ 411int ip6_v6only = 0; /* Mapped addresses off by default - Radar 3347718 -- REVISITING FOR 10.7 -- TESTING WITH MAPPED@ OFF */ 412 413int ip6_neighborgcthresh = 1024; /* Threshold # of NDP entries for GC */ 414int ip6_maxifprefixes = 16; /* Max acceptable prefixes via RA per IF */ 415int ip6_maxifdefrouters = 16; /* Max acceptable def routers via RA */ 416int ip6_maxdynroutes = 1024; /* Max # of routes created via redirect */ 417int ip6_only_allow_rfc4193_prefix = 0; /* Only allow RFC4193 style Unique Local IPv6 Unicast prefixes */ 418 419u_int32_t ip6_id = 0UL; 420static int ip6_keepfaith = 0; 421time_t ip6_log_time = (time_t)0L; 422int nd6_onlink_ns_rfc4861 = 0; /* allow 'on-link' nd6 NS (as in RFC 4861) */ 423 424/* icmp6 */ 425/* 426 * BSDI4 defines these variables in in_proto.c... 427 * XXX: what if we don't define INET? Should we define pmtu6_expire 428 * or so? (jinmei@kame.net 19990310) 429 */ 430int pmtu_expire = 60*10; 431int pmtu_probe = 60*2; 432 433/* raw IP6 parameters */ 434/* 435 * Nominal space allocated to a raw ip socket. 436 */ 437#define RIPV6SNDQ 8192 438#define RIPV6RCVQ 8192 439 440u_int32_t rip6_sendspace = RIPV6SNDQ; 441u_int32_t rip6_recvspace = RIPV6RCVQ; 442 443/* ICMPV6 parameters */ 444int icmp6_rediraccept = 1; /* accept and process redirects */ 445int icmp6_redirtimeout = 10 * 60; /* 10 minutes */ 446int icmp6errppslim = 500; /* 500 packets per second */ 447int icmp6_nodeinfo = 3; /* enable/disable NI response */ 448 449/* UDP on IP6 parameters */ 450int udp6_sendspace = 9216; /* really max datagram size */ 451int udp6_recvspace = 40 * (1024 + sizeof(struct sockaddr_in6)); 452 /* 40 1K datagrams */ 453 454/* 455 * sysctl related items. 456 */ 457SYSCTL_NODE(_net, PF_INET6, inet6, CTLFLAG_RW | CTLFLAG_LOCKED, 0, 458 "Internet6 Family"); 459 460/* net.inet6 */ 461SYSCTL_NODE(_net_inet6, IPPROTO_IPV6, ip6, CTLFLAG_RW|CTLFLAG_LOCKED, 0, "IP6"); 462SYSCTL_NODE(_net_inet6, IPPROTO_ICMPV6, icmp6, CTLFLAG_RW|CTLFLAG_LOCKED, 0, "ICMP6"); 463SYSCTL_NODE(_net_inet6, IPPROTO_UDP, udp6, CTLFLAG_RW|CTLFLAG_LOCKED, 0, "UDP6"); 464SYSCTL_NODE(_net_inet6, IPPROTO_TCP, tcp6, CTLFLAG_RW|CTLFLAG_LOCKED, 0, "TCP6"); 465#if IPSEC 466SYSCTL_NODE(_net_inet6, IPPROTO_ESP, ipsec6, CTLFLAG_RW|CTLFLAG_LOCKED, 0, "IPSEC6"); 467#endif /* IPSEC */ 468 469/* net.inet6.ip6 */ 470static int 471sysctl_ip6_temppltime SYSCTL_HANDLER_ARGS 472{ 473#pragma unused(oidp, arg2) 474 int error = 0; 475 int old; 476 477 error = SYSCTL_OUT(req, arg1, sizeof(int)); 478 if (error || !req->newptr) 479 return (error); 480 old = ip6_temp_preferred_lifetime; 481 error = SYSCTL_IN(req, arg1, sizeof(int)); 482 if (ip6_temp_preferred_lifetime > ND6_MAX_LIFETIME || 483 ip6_temp_preferred_lifetime < 484 ip6_desync_factor + ip6_temp_regen_advance) { 485 ip6_temp_preferred_lifetime = old; 486 return(EINVAL); 487 } 488 return(error); 489} 490 491static int 492sysctl_ip6_tempvltime SYSCTL_HANDLER_ARGS 493{ 494#pragma unused(oidp, arg2) 495 int error = 0; 496 int old; 497 498 error = SYSCTL_OUT(req, arg1, sizeof(int)); 499 if (error || !req->newptr) 500 return (error); 501 old = ip6_temp_valid_lifetime; 502 error = SYSCTL_IN(req, arg1, sizeof(int)); 503 if (ip6_temp_valid_lifetime > ND6_MAX_LIFETIME || 504 ip6_temp_valid_lifetime < ip6_temp_preferred_lifetime) { 505 ip6_temp_preferred_lifetime = old; 506 return(EINVAL); 507 } 508 return(error); 509} 510 511SYSCTL_INT(_net_inet6_ip6, IPV6CTL_FORWARDING, 512 forwarding, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_forwarding, 0, ""); 513SYSCTL_INT(_net_inet6_ip6, IPV6CTL_SENDREDIRECTS, 514 redirect, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_sendredirects, 0, ""); 515SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFHLIM, 516 hlim, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_defhlim, 0, ""); 517SYSCTL_STRUCT(_net_inet6_ip6, IPV6CTL_STATS, stats, CTLFLAG_RD | CTLFLAG_LOCKED, 518 &ip6stat, ip6stat, ""); 519SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS, 520 maxfragpackets, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_maxfragpackets, 0, ""); 521SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGS, 522 maxfrags, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_maxfrags, 0, ""); 523SYSCTL_INT(_net_inet6_ip6, IPV6CTL_ACCEPT_RTADV, 524 accept_rtadv, CTLFLAG_RD | CTLFLAG_LOCKED, 525 &ip6_accept_rtadv, 0, ""); 526SYSCTL_INT(_net_inet6_ip6, IPV6CTL_KEEPFAITH, 527 keepfaith, CTLFLAG_RD | CTLFLAG_LOCKED, &ip6_keepfaith, 0, ""); 528SYSCTL_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL, 529 log_interval, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_log_interval, 0, ""); 530SYSCTL_INT(_net_inet6_ip6, IPV6CTL_HDRNESTLIMIT, 531 hdrnestlimit, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_hdrnestlimit, 0, ""); 532SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT, 533 dad_count, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_dad_count, 0, ""); 534SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, 535 auto_flowlabel, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_auto_flowlabel, 0, ""); 536SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFMCASTHLIM, 537 defmcasthlim, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_defmcasthlim, 0, ""); 538SYSCTL_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM, 539 gifhlim, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_gif_hlim, 0, ""); 540SYSCTL_STRING(_net_inet6_ip6, IPV6CTL_KAME_VERSION, 541 kame_version, CTLFLAG_RD | CTLFLAG_LOCKED, (void *)((uintptr_t)(__KAME_VERSION)), 0, ""); 542SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEPRECATED, 543 use_deprecated, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_use_deprecated, 0, ""); 544SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RR_PRUNE, 545 rr_prune, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_rr_prune, 0, ""); 546SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USETEMPADDR, 547 use_tempaddr, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_use_tempaddr, 0, ""); 548SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime, 549 CTLTYPE_INT|CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_temp_preferred_lifetime, 0, 550 sysctl_ip6_temppltime, "I", ""); 551SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime, 552 CTLTYPE_INT|CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_temp_valid_lifetime, 0, 553 sysctl_ip6_tempvltime, "I", ""); 554SYSCTL_INT(_net_inet6_ip6, IPV6CTL_V6ONLY, 555 v6only, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_v6only, 0, ""); 556SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_LINKLOCAL, 557 auto_linklocal, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_auto_linklocal, 0, ""); 558SYSCTL_STRUCT(_net_inet6_ip6, IPV6CTL_RIP6STATS, rip6stats, CTLFLAG_RD | CTLFLAG_LOCKED, 559 &rip6stat, rip6stat, ""); 560SYSCTL_INT(_net_inet6_ip6, IPV6CTL_PREFER_TEMPADDR, 561 prefer_tempaddr, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_prefer_tempaddr, 0, ""); 562SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE, 563 use_defaultzone, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_use_defzone, 0,""); 564SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MCAST_PMTU, 565 mcast_pmtu, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_mcast_pmtu, 0, ""); 566#if MROUTING 567SYSCTL_STRUCT(_net_inet6_ip6, OID_AUTO, mrt6stat, CTLFLAG_RD | CTLFLAG_LOCKED, 568 &mrt6stat, mrt6stat, ""); 569#endif 570SYSCTL_INT(_net_inet6_ip6, IPV6CTL_NEIGHBORGCTHRESH, 571 neighborgcthresh, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_neighborgcthresh, 0, ""); 572SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXIFPREFIXES, 573 maxifprefixes, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_maxifprefixes, 0, ""); 574SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXIFDEFROUTERS, 575 maxifdefrouters, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_maxifdefrouters, 0, ""); 576SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXDYNROUTES, 577 maxdynroutes, CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_maxdynroutes, 0, ""); 578SYSCTL_INT(_net_inet6_ip6, OID_AUTO, 579 only_allow_rfc4193_prefixes, CTLFLAG_RW | CTLFLAG_LOCKED, 580 &ip6_only_allow_rfc4193_prefix, 0, ""); 581 582/* net.inet6.icmp6 */ 583SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRACCEPT, 584 rediraccept, CTLFLAG_RW | CTLFLAG_LOCKED, &icmp6_rediraccept, 0, ""); 585SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRTIMEOUT, 586 redirtimeout, CTLFLAG_RW | CTLFLAG_LOCKED, &icmp6_redirtimeout, 0, ""); 587SYSCTL_STRUCT(_net_inet6_icmp6, ICMPV6CTL_STATS, stats, CTLFLAG_RD | CTLFLAG_LOCKED, 588 &icmp6stat, icmp6stat, ""); 589SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_PRUNE, 590 nd6_prune, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_prune, 0, ""); 591SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DELAY, 592 nd6_delay, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_delay, 0, ""); 593SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_UMAXTRIES, 594 nd6_umaxtries, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_umaxtries, 0, ""); 595SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MMAXTRIES, 596 nd6_mmaxtries, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_mmaxtries, 0, ""); 597SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_USELOOPBACK, 598 nd6_useloopback, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_useloopback, 0, ""); 599SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_ACCEPT_6TO4, 600 nd6_accept_6to4, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_accept_6to4, 0, ""); 601SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_NODEINFO, 602 nodeinfo, CTLFLAG_RW | CTLFLAG_LOCKED, &icmp6_nodeinfo, 0, ""); 603SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ERRPPSLIMIT, 604 errppslimit, CTLFLAG_RW | CTLFLAG_LOCKED, &icmp6errppslim, 0, ""); 605SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MAXNUDHINT, 606 nd6_maxnudhint, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_maxnudhint, 0, ""); 607SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG, 608 nd6_debug, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_debug, 0, ""); 609SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861, 610 nd6_onlink_ns_rfc4861, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_onlink_ns_rfc4861, 0, 611 "Accept 'on-link' nd6 NS in compliance with RFC 4861."); 612SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_OPTIMISTIC_DAD, 613 nd6_optimistic_dad, CTLFLAG_RW | CTLFLAG_LOCKED, &nd6_optimistic_dad, 0, ""); 614