in6_proto.c revision 166938 
1/*	$FreeBSD: head/sys/netinet6/in6_proto.c 166938 2007-02-24 11:38:47Z bms $	*/
2/*	$KAME: in6_proto.c,v 1.91 2001/05/27 13:28:35 itojun Exp $	*/
3
4/*-
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 *    notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 *    may be used to endorse or promote products derived from this software
18 *    without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33/*-
34 * Copyright (c) 1982, 1986, 1993
35 *	The Regents of the University of California.  All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 *    notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 *    notice, this list of conditions and the following disclaimer in the
44 *    documentation and/or other materials provided with the distribution.
45 * 4. Neither the name of the University nor the names of its contributors
46 *    may be used to endorse or promote products derived from this software
47 *    without specific prior written permission.
48 *
49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
52 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59 * SUCH DAMAGE.
60 *
61 *	@(#)in_proto.c	8.1 (Berkeley) 6/10/93
62 */
63
64#include "opt_inet.h"
65#include "opt_inet6.h"
66#include "opt_ipsec.h"
67#include "opt_ipstealth.h"
68#include "opt_carp.h"
69#include "opt_sctp.h"
70
71#include <sys/param.h>
72#include <sys/socket.h>
73#include <sys/socketvar.h>
74#include <sys/protosw.h>
75#include <sys/kernel.h>
76#include <sys/domain.h>
77#include <sys/mbuf.h>
78#include <sys/systm.h>
79#include <sys/sysctl.h>
80
81#include <net/if.h>
82#include <net/radix.h>
83#include <net/route.h>
84
85#include <netinet/in.h>
86#include <netinet/in_systm.h>
87#include <netinet/in_var.h>
88#include <netinet/ip_encap.h>
89#include <netinet/ip.h>
90#include <netinet/ip_var.h>
91#include <netinet/ip6.h>
92#include <netinet6/ip6_var.h>
93#include <netinet/icmp6.h>
94
95#include <netinet/tcp.h>
96#include <netinet/tcp_timer.h>
97#include <netinet/tcp_var.h>
98#include <netinet/udp.h>
99#include <netinet/udp_var.h>
100#include <netinet6/tcp6_var.h>
101#include <netinet6/raw_ip6.h>
102#include <netinet6/udp6_var.h>
103#include <netinet6/pim6_var.h>
104#include <netinet6/nd6.h>
105
106#ifdef IPSEC
107#include <netinet6/ipsec.h>
108#ifdef INET6
109#include <netinet6/ipsec6.h>
110#endif
111#include <netinet6/ah.h>
112#ifdef INET6
113#include <netinet6/ah6.h>
114#endif
115#ifdef IPSEC_ESP
116#include <netinet6/esp.h>
117#ifdef INET6
118#include <netinet6/esp6.h>
119#endif
120#endif
121#include <netinet6/ipcomp.h>
122#ifdef INET6
123#include <netinet6/ipcomp6.h>
124#endif
125#endif /* IPSEC */
126
127#ifdef DEV_CARP
128#include <netinet/ip_carp.h>
129#endif
130
131#ifdef SCTP
132#include <netinet/in_pcb.h>
133#include <netinet/sctp_pcb.h>
134#include <netinet/sctp.h>
135#include <netinet/sctp_var.h>
136#include <netinet6/sctp6_var.h>
137#endif /* SCTP */
138
139#ifdef FAST_IPSEC
140#include <netipsec/ipsec6.h>
141#define	IPSEC
142#define	IPSEC_ESP
143#define	ah6_input	ipsec6_common_input
144#define	esp6_input	ipsec6_common_input
145#define	ipcomp6_input	ipsec6_common_input
146#endif /* FAST_IPSEC */
147
148#include <netinet6/ip6protosw.h>
149
150/*
151 * TCP/IP protocol family: IP6, ICMP6, UDP, TCP.
152 */
153
154extern	struct domain inet6domain;
155static	struct pr_usrreqs nousrreqs;
156
157#define PR_LISTEN	0
158#define PR_ABRTACPTDIS	0
159
160struct ip6protosw inet6sw[] = {
161{
162	.pr_type =		0,
163	.pr_domain =		&inet6domain,
164	.pr_protocol =		IPPROTO_IPV6,
165	.pr_init =		ip6_init,
166	.pr_slowtimo =		frag6_slowtimo,
167	.pr_drain =		frag6_drain,
168	.pr_usrreqs =		&nousrreqs,
169},
170{
171	.pr_type =		SOCK_DGRAM,
172	.pr_domain =		&inet6domain,
173	.pr_protocol =		IPPROTO_UDP,
174	.pr_flags =		PR_ATOMIC|PR_ADDR,
175	.pr_input =		udp6_input,
176	.pr_ctlinput =		udp6_ctlinput,
177	.pr_ctloutput =		ip6_ctloutput,
178	.pr_usrreqs =		&udp6_usrreqs,
179},
180{
181	.pr_type =		SOCK_STREAM,
182	.pr_domain =		&inet6domain,
183	.pr_protocol =		IPPROTO_TCP,
184	.pr_flags =		PR_CONNREQUIRED|PR_WANTRCVD|PR_LISTEN,
185	.pr_input =		tcp6_input,
186	.pr_ctlinput =		tcp6_ctlinput,
187	.pr_ctloutput =		tcp_ctloutput,
188#ifndef INET	/* don't call initialization and timeout routines twice */
189	.pr_init =		tcp_init,
190	.pr_fasttimo =		tcp_fasttimo,
191	.pr_slowtimo =		tcp_slowtimo,
192#endif
193	.pr_drain =		tcp_drain,
194	.pr_usrreqs =		&tcp6_usrreqs,
195},
196#ifdef SCTP
197{
198	.pr_type = 	SOCK_DGRAM,
199	.pr_domain =  	&inet6domain,
200        .pr_protocol = 	IPPROTO_SCTP,
201        .pr_flags = 	PR_WANTRCVD,
202        .pr_input = 	sctp6_input,
203        .pr_ctlinput =  sctp6_ctlinput,
204        .pr_ctloutput = sctp_ctloutput,
205        .pr_drain = 	sctp_drain,
206        .pr_usrreqs = 	&sctp6_usrreqs
207},
208{
209	.pr_type = 	SOCK_SEQPACKET,
210	.pr_domain =  	&inet6domain,
211        .pr_protocol = 	IPPROTO_SCTP,
212        .pr_flags = 	PR_WANTRCVD,
213        .pr_input = 	sctp6_input,
214        .pr_ctlinput =  sctp6_ctlinput,
215        .pr_ctloutput = sctp_ctloutput,
216        .pr_drain = 	sctp_drain,
217        .pr_usrreqs = 	&sctp6_usrreqs
218},
219
220{
221	.pr_type = 	SOCK_STREAM,
222	.pr_domain =  	&inet6domain,
223        .pr_protocol = 	IPPROTO_SCTP,
224        .pr_flags = 	PR_WANTRCVD,
225        .pr_input = 	sctp6_input,
226        .pr_ctlinput =  sctp6_ctlinput,
227        .pr_ctloutput = sctp_ctloutput,
228        .pr_drain = 	sctp_drain,
229        .pr_usrreqs = 	&sctp6_usrreqs
230},
231#endif /* SCTP */
232{
233	.pr_type =		SOCK_RAW,
234	.pr_domain =		&inet6domain,
235	.pr_protocol =		IPPROTO_RAW,
236	.pr_flags =		PR_ATOMIC|PR_ADDR,
237	.pr_input =		rip6_input,
238	.pr_output =		rip6_output,
239	.pr_ctlinput =		rip6_ctlinput,
240	.pr_ctloutput =		rip6_ctloutput,
241	.pr_usrreqs =		&rip6_usrreqs
242},
243{
244	.pr_type =		SOCK_RAW,
245	.pr_domain =		&inet6domain,
246	.pr_protocol =		IPPROTO_ICMPV6,
247	.pr_flags =		PR_ATOMIC|PR_ADDR|PR_LASTHDR,
248	.pr_input =		icmp6_input,
249	.pr_output =		rip6_output,
250	.pr_ctlinput =		rip6_ctlinput,
251	.pr_ctloutput =		rip6_ctloutput,
252	.pr_init =		icmp6_init,
253	.pr_fasttimo =		icmp6_fasttimo,
254	.pr_usrreqs =		&rip6_usrreqs
255},
256{
257	.pr_type =		SOCK_RAW,
258	.pr_domain =		&inet6domain,
259	.pr_protocol =		IPPROTO_DSTOPTS,
260	.pr_flags =		PR_ATOMIC|PR_ADDR,
261	.pr_input =		dest6_input,
262	.pr_usrreqs =		&nousrreqs
263},
264{
265	.pr_type =		SOCK_RAW,
266	.pr_domain =		&inet6domain,
267	.pr_protocol =		IPPROTO_ROUTING,
268	.pr_flags =		PR_ATOMIC|PR_ADDR,
269	.pr_input =		route6_input,
270	.pr_usrreqs =		&nousrreqs
271},
272{
273	.pr_type =		SOCK_RAW,
274	.pr_domain =		&inet6domain,
275	.pr_protocol =		IPPROTO_FRAGMENT,
276	.pr_flags =		PR_ATOMIC|PR_ADDR,
277	.pr_input =		frag6_input,
278	.pr_usrreqs =		&nousrreqs
279},
280#ifdef IPSEC
281{
282	.pr_type =		SOCK_RAW,
283	.pr_domain =		&inet6domain,
284	.pr_protocol =		IPPROTO_AH,
285	.pr_flags =		PR_ATOMIC|PR_ADDR,
286	.pr_input =		ah6_input,
287	.pr_usrreqs =		&nousrreqs,
288},
289#ifdef IPSEC_ESP
290{
291	.pr_type =		SOCK_RAW,
292	.pr_domain =		&inet6domain,
293	.pr_protocol =		IPPROTO_ESP,
294	.pr_flags =		PR_ATOMIC|PR_ADDR,
295	.pr_input =		esp6_input,
296	.pr_ctlinput =		esp6_ctlinput,
297	.pr_usrreqs =		&nousrreqs,
298},
299#endif
300{
301	.pr_type =		SOCK_RAW,
302	.pr_domain =		&inet6domain,
303	.pr_protocol =		IPPROTO_IPCOMP,
304	.pr_flags =		PR_ATOMIC|PR_ADDR,
305	.pr_input =		ipcomp6_input,
306	.pr_usrreqs =		&nousrreqs,
307},
308#endif /* IPSEC */
309#ifdef INET
310{
311	.pr_type =		SOCK_RAW,
312	.pr_domain =		&inet6domain,
313	.pr_protocol =		IPPROTO_IPV4,
314	.pr_flags =		PR_ATOMIC|PR_ADDR|PR_LASTHDR,
315	.pr_input =		encap6_input,
316	.pr_output =		rip6_output,
317	.pr_ctloutput =		rip6_ctloutput,
318	.pr_init =		encap_init,
319	.pr_usrreqs =		&rip6_usrreqs
320},
321#endif /* INET */
322{
323	.pr_type =		SOCK_RAW,
324	.pr_domain =		&inet6domain,
325	.pr_protocol =		IPPROTO_IPV6,
326	.pr_flags =		PR_ATOMIC|PR_ADDR|PR_LASTHDR,
327	.pr_input =		encap6_input,
328	.pr_output =		rip6_output,
329	.pr_ctloutput =		rip6_ctloutput,
330	.pr_init =		encap_init,
331	.pr_usrreqs =		&rip6_usrreqs
332},
333{
334	.pr_type =		SOCK_RAW,
335	.pr_domain =		&inet6domain,
336	.pr_protocol =		IPPROTO_PIM,
337	.pr_flags =		PR_ATOMIC|PR_ADDR|PR_LASTHDR,
338	.pr_input =		encap6_input,
339	.pr_output =		rip6_output,
340	.pr_ctloutput =		rip6_ctloutput,
341	.pr_usrreqs =		&rip6_usrreqs
342},
343#ifdef DEV_CARP
344{
345	.pr_type =		SOCK_RAW,
346	.pr_domain =		&inet6domain,
347	.pr_protocol =		IPPROTO_CARP,
348	.pr_flags =		PR_ATOMIC|PR_ADDR,
349	.pr_input =		carp6_input,
350	.pr_output =		rip6_output,
351	.pr_ctloutput =		rip6_ctloutput,
352	.pr_usrreqs =		&rip6_usrreqs
353},
354#endif /* DEV_CARP */
355/* raw wildcard */
356{
357	.pr_type =		SOCK_RAW,
358	.pr_domain =		&inet6domain,
359	.pr_flags =		PR_ATOMIC|PR_ADDR,
360	.pr_input =		rip6_input,
361	.pr_output =		rip6_output,
362	.pr_ctloutput =		rip6_ctloutput,
363	.pr_usrreqs =		&rip6_usrreqs
364},
365};
366
367extern int in6_inithead __P((void **, int));
368
369struct domain inet6domain = {
370	.dom_family =		AF_INET6,
371	.dom_name =		"internet6",
372	.dom_protosw =		(struct protosw *)inet6sw,
373	.dom_protoswNPROTOSW =	(struct protosw *)
374				&inet6sw[sizeof(inet6sw)/sizeof(inet6sw[0])],
375	.dom_rtattach =		in6_inithead,
376	.dom_rtoffset =		offsetof(struct sockaddr_in6, sin6_addr) << 3,
377	.dom_maxrtkey =		sizeof(struct sockaddr_in6),
378	.dom_ifattach =		in6_domifattach,
379	.dom_ifdetach =		in6_domifdetach
380};
381
382DOMAIN_SET(inet6);
383
384/*
385 * Internet configuration info
386 */
387#ifndef	IPV6FORWARDING
388#ifdef GATEWAY6
389#define	IPV6FORWARDING	1	/* forward IP6 packets not for us */
390#else
391#define	IPV6FORWARDING	0	/* don't forward IP6 packets not for us */
392#endif /* GATEWAY6 */
393#endif /* !IPV6FORWARDING */
394
395#ifndef	IPV6_SENDREDIRECTS
396#define	IPV6_SENDREDIRECTS	1
397#endif
398
399int	ip6_forwarding = IPV6FORWARDING;	/* act as router? */
400int	ip6_sendredirects = IPV6_SENDREDIRECTS;
401int	ip6_defhlim = IPV6_DEFHLIM;
402int	ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS;
403int	ip6_accept_rtadv = 0;	/* "IPV6FORWARDING ? 0 : 1" is dangerous */
404int	ip6_maxfragpackets;	/* initialized in frag6.c:frag6_init() */
405int	ip6_maxfrags;	/* initialized in frag6.c:frag6_init() */
406int	ip6_log_interval = 5;
407int	ip6_hdrnestlimit = 50;	/* appropriate? */
408int	ip6_dad_count = 1;	/* DupAddrDetectionTransmits */
409int	ip6_auto_flowlabel = 1;
410int	ip6_gif_hlim = 0;
411int	ip6_use_deprecated = 1;	/* allow deprecated addr (RFC2462 5.5.4) */
412int	ip6_rr_prune = 5;	/* router renumbering prefix
413				 * walk list every 5 sec. */
414int	ip6_mcast_pmtu = 0;	/* enable pMTU discovery for multicast? */
415int	ip6_v6only = 1;
416
417int	ip6_keepfaith = 0;
418time_t	ip6_log_time = (time_t)0L;
419#ifdef IPSTEALTH
420int	ip6stealth = 0;
421#endif
422
423/* icmp6 */
424/*
425 * BSDI4 defines these variables in in_proto.c...
426 * XXX: what if we don't define INET? Should we define pmtu6_expire
427 * or so? (jinmei@kame.net 19990310)
428 */
429int pmtu_expire = 60*10;
430int pmtu_probe = 60*2;
431
432/* raw IP6 parameters */
433/*
434 * Nominal space allocated to a raw ip socket.
435 */
436#define	RIPV6SNDQ	8192
437#define	RIPV6RCVQ	8192
438
439u_long	rip6_sendspace = RIPV6SNDQ;
440u_long	rip6_recvspace = RIPV6RCVQ;
441
442/* ICMPV6 parameters */
443int	icmp6_rediraccept = 1;		/* accept and process redirects */
444int	icmp6_redirtimeout = 10 * 60;	/* 10 minutes */
445int	icmp6errppslim = 100;		/* 100pps */
446int	icmp6_nodeinfo = 3;		/* enable/disable NI response */
447
448/* UDP on IP6 parameters */
449int	udp6_sendspace = 9216;		/* really max datagram size */
450int	udp6_recvspace = 40 * (1024 + sizeof(struct sockaddr_in6));
451					/* 40 1K datagrams */
452
453/*
454 * sysctl related items.
455 */
456SYSCTL_NODE(_net,	PF_INET6,	inet6,	CTLFLAG_RW,	0,
457	"Internet6 Family");
458
459/* net.inet6 */
460SYSCTL_NODE(_net_inet6,	IPPROTO_IPV6,	ip6,	CTLFLAG_RW, 0,	"IP6");
461SYSCTL_NODE(_net_inet6,	IPPROTO_ICMPV6,	icmp6,	CTLFLAG_RW, 0,	"ICMP6");
462SYSCTL_NODE(_net_inet6,	IPPROTO_UDP,	udp6,	CTLFLAG_RW, 0,	"UDP6");
463SYSCTL_NODE(_net_inet6,	IPPROTO_TCP,	tcp6,	CTLFLAG_RW, 0,	"TCP6");
464#ifdef SCTP
465SYSCTL_NODE(_net_inet6,	IPPROTO_SCTP,	sctp6,	CTLFLAG_RW, 0,	"SCTP6");
466#endif
467#ifdef IPSEC
468SYSCTL_NODE(_net_inet6,	IPPROTO_ESP,	ipsec6,	CTLFLAG_RW, 0,	"IPSEC6");
469#endif /* IPSEC */
470
471/* net.inet6.ip6 */
472static int
473sysctl_ip6_temppltime(SYSCTL_HANDLER_ARGS)
474{
475	int error = 0;
476	int old;
477
478	error = SYSCTL_OUT(req, arg1, sizeof(int));
479	if (error || !req->newptr)
480		return (error);
481	old = ip6_temp_preferred_lifetime;
482	error = SYSCTL_IN(req, arg1, sizeof(int));
483	if (ip6_temp_preferred_lifetime <
484	    ip6_desync_factor + ip6_temp_regen_advance) {
485		ip6_temp_preferred_lifetime = old;
486		return (EINVAL);
487	}
488	return (error);
489}
490
491static int
492sysctl_ip6_tempvltime(SYSCTL_HANDLER_ARGS)
493{
494	int error = 0;
495	int old;
496
497	error = SYSCTL_OUT(req, arg1, sizeof(int));
498	if (error || !req->newptr)
499		return (error);
500	old = ip6_temp_valid_lifetime;
501	error = SYSCTL_IN(req, arg1, sizeof(int));
502	if (ip6_temp_valid_lifetime < ip6_temp_preferred_lifetime) {
503		ip6_temp_preferred_lifetime = old;
504		return (EINVAL);
505	}
506	return (error);
507}
508
509SYSCTL_INT(_net_inet6_ip6, IPV6CTL_FORWARDING,
510	forwarding, CTLFLAG_RW, 	&ip6_forwarding,	0, "");
511SYSCTL_INT(_net_inet6_ip6, IPV6CTL_SENDREDIRECTS,
512	redirect, CTLFLAG_RW,		&ip6_sendredirects,	0, "");
513SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFHLIM,
514	hlim, CTLFLAG_RW,		&ip6_defhlim,	0, "");
515SYSCTL_STRUCT(_net_inet6_ip6, IPV6CTL_STATS, stats, CTLFLAG_RD,
516	&ip6stat, ip6stat, "");
517SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS,
518	maxfragpackets, CTLFLAG_RW,	&ip6_maxfragpackets,	0, "");
519SYSCTL_INT(_net_inet6_ip6, IPV6CTL_ACCEPT_RTADV,
520	accept_rtadv, CTLFLAG_RW,	&ip6_accept_rtadv,	0, "");
521SYSCTL_INT(_net_inet6_ip6, IPV6CTL_KEEPFAITH,
522	keepfaith, CTLFLAG_RW,		&ip6_keepfaith,	0, "");
523SYSCTL_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL,
524	log_interval, CTLFLAG_RW,	&ip6_log_interval,	0, "");
525SYSCTL_INT(_net_inet6_ip6, IPV6CTL_HDRNESTLIMIT,
526	hdrnestlimit, CTLFLAG_RW,	&ip6_hdrnestlimit,	0, "");
527SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT,
528	dad_count, CTLFLAG_RW,	&ip6_dad_count,	0, "");
529SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL,
530	auto_flowlabel, CTLFLAG_RW,	&ip6_auto_flowlabel,	0, "");
531SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFMCASTHLIM,
532	defmcasthlim, CTLFLAG_RW,	&ip6_defmcasthlim,	0, "");
533SYSCTL_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM,
534	gifhlim, CTLFLAG_RW,	&ip6_gif_hlim,			0, "");
535SYSCTL_STRING(_net_inet6_ip6, IPV6CTL_KAME_VERSION,
536	kame_version, CTLFLAG_RD,	__KAME_VERSION,		0, "");
537SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEPRECATED,
538	use_deprecated, CTLFLAG_RW,	&ip6_use_deprecated,	0, "");
539SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RR_PRUNE,
540	rr_prune, CTLFLAG_RW,	&ip6_rr_prune,			0, "");
541SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USETEMPADDR,
542	use_tempaddr, CTLFLAG_RW, &ip6_use_tempaddr,		0, "");
543SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime,
544	   CTLTYPE_INT|CTLFLAG_RW, &ip6_temp_preferred_lifetime, 0,
545	   sysctl_ip6_temppltime, "I", "");
546SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime,
547	   CTLTYPE_INT|CTLFLAG_RW, &ip6_temp_valid_lifetime, 0,
548	   sysctl_ip6_tempvltime, "I", "");
549SYSCTL_INT(_net_inet6_ip6, IPV6CTL_V6ONLY,
550	v6only,	CTLFLAG_RW,	&ip6_v6only,			0, "");
551TUNABLE_INT("net.inet6.ip6.auto_linklocal", &ip6_auto_linklocal);
552SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_LINKLOCAL,
553	auto_linklocal, CTLFLAG_RW, &ip6_auto_linklocal,	0, "");
554SYSCTL_STRUCT(_net_inet6_ip6, IPV6CTL_RIP6STATS, rip6stats, CTLFLAG_RD,
555	&rip6stat, rip6stat, "");
556SYSCTL_INT(_net_inet6_ip6, IPV6CTL_PREFER_TEMPADDR,
557	prefer_tempaddr, CTLFLAG_RW, &ip6_prefer_tempaddr,	0, "");
558SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE,
559	use_defaultzone, CTLFLAG_RW, &ip6_use_defzone,		0,"");
560SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGS,
561	maxfrags, CTLFLAG_RW,		&ip6_maxfrags,	0, "");
562SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MCAST_PMTU,
563	mcast_pmtu, CTLFLAG_RW, 	&ip6_mcast_pmtu,	0, "");
564#ifdef IPSTEALTH
565SYSCTL_INT(_net_inet6_ip6, IPV6CTL_STEALTH, stealth, CTLFLAG_RW,
566	&ip6stealth, 0, "");
567#endif
568
569/* net.inet6.icmp6 */
570SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRACCEPT,
571	rediraccept, CTLFLAG_RW,	&icmp6_rediraccept,	0, "");
572SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRTIMEOUT,
573	redirtimeout, CTLFLAG_RW,	&icmp6_redirtimeout,	0, "");
574SYSCTL_STRUCT(_net_inet6_icmp6, ICMPV6CTL_STATS, stats, CTLFLAG_RD,
575	&icmp6stat, icmp6stat, "");
576SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_PRUNE,
577	nd6_prune, CTLFLAG_RW,		&nd6_prune,	0, "");
578SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DELAY,
579	nd6_delay, CTLFLAG_RW,		&nd6_delay,	0, "");
580SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_UMAXTRIES,
581	nd6_umaxtries, CTLFLAG_RW,	&nd6_umaxtries,	0, "");
582SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MMAXTRIES,
583	nd6_mmaxtries, CTLFLAG_RW,	&nd6_mmaxtries,	0, "");
584SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_USELOOPBACK,
585	nd6_useloopback, CTLFLAG_RW,	&nd6_useloopback, 0, "");
586SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_NODEINFO,
587	nodeinfo, CTLFLAG_RW,	&icmp6_nodeinfo,	0, "");
588SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ERRPPSLIMIT,
589	errppslimit, CTLFLAG_RW,	&icmp6errppslim,	0, "");
590SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MAXNUDHINT,
591	nd6_maxnudhint, CTLFLAG_RW,	&nd6_maxnudhint, 0, "");
592SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG,
593	nd6_debug, CTLFLAG_RW,	&nd6_debug,		0, "");
594