in6_proto.c revision 53541
1/* 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $FreeBSD: head/sys/netinet6/in6_proto.c 53541 1999-11-22 02:45:11Z shin $ 30 */ 31 32/* 33 * Copyright (c) 1982, 1986, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. All advertising materials mentioning features or use of this software 45 * must display the following acknowledgement: 46 * This product includes software developed by the University of 47 * California, Berkeley and its contributors. 48 * 4. Neither the name of the University nor the names of its contributors 49 * may be used to endorse or promote products derived from this software 50 * without specific prior written permission. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 * 64 * @(#)in_proto.c 8.1 (Berkeley) 6/10/93 65 */ 66 67#include "opt_inet.h" 68#include "opt_ipsec.h" 69 70#include <sys/param.h> 71#include <sys/socket.h> 72#include <sys/socketvar.h> 73#include <sys/protosw.h> 74#include <sys/kernel.h> 75#include <sys/domain.h> 76#include <sys/mbuf.h> 77#include <sys/systm.h> 78#include <sys/sysctl.h> 79 80#include <net/if.h> 81#include <net/radix.h> 82#include <net/route.h> 83 84#include <netinet/in.h> 85#include <netinet/in_systm.h> 86#include <netinet/in_var.h> 87#include <netinet/ip.h> 88#include <netinet/ip_var.h> 89#include <netinet6/ip6.h> 90#include <netinet6/ip6_var.h> 91#include <netinet6/icmp6.h> 92 93#include <netinet/tcp.h> 94#include <netinet/tcp_timer.h> 95#include <netinet/tcp_var.h> 96#include <netinet/udp.h> 97#include <netinet/udp_var.h> 98#include <netinet6/tcp6_var.h> 99#include <netinet6/udp6_var.h> 100 101#include <netinet6/pim6_var.h> 102 103#include <netinet6/nd6.h> 104#include <netinet6/in6_prefix.h> 105 106#ifdef IPSEC 107#include <netinet6/ipsec.h> 108#ifdef INET6 109#include <netinet6/ipsec6.h> 110#endif /* INET6 */ 111#include <netinet6/ah.h> 112#ifdef IPSEC_ESP 113#include <netinet6/esp.h> 114#endif 115#include <netinet6/ipcomp.h> 116#endif /*IPSEC*/ 117 118#include <netinet6/ip6protosw.h> 119 120/* #include "gif.h" */ 121#if NGIF > 0 122#include <netinet6/in6_gif.h> 123#endif 124 125#include <net/net_osdep.h> 126 127#define offsetof(type, member) ((size_t)(&((type *)0)->member)) 128 129/* 130 * TCP/IP protocol family: IP6, ICMP6, UDP, TCP. 131 */ 132 133extern struct domain inet6domain; 134static struct pr_usrreqs nousrreqs; 135 136struct ip6protosw inet6sw[] = { 137{ 0, &inet6domain, IPPROTO_IPV6, 0, 138 0, 0, 0, 0, 139 0, 140 ip6_init, 0, frag6_slowtimo, frag6_drain, 141 &nousrreqs, 142}, 143{ SOCK_RAW, &inet6domain, IPPROTO_RAW, PR_ATOMIC | PR_ADDR, 144 rip6_input, rip6_output, 0, rip6_ctloutput, 145 0, 146 0, 0, 0, 0, 147 &rip6_usrreqs 148}, 149{ SOCK_RAW, &inet6domain, IPPROTO_ICMPV6, PR_ATOMIC | PR_ADDR, 150 icmp6_input, rip6_output, 0, rip6_ctloutput, 151 0, 152 icmp6_init, icmp6_fasttimo, 0, 0, 153 &rip6_usrreqs 154}, 155{ SOCK_RAW, &inet6domain, IPPROTO_DSTOPTS,PR_ATOMIC|PR_ADDR, 156 dest6_input, 0, 0, 0, 157 0, 158 0, 0, 0, 0, 159 &nousrreqs 160}, 161{ SOCK_RAW, &inet6domain, IPPROTO_ROUTING,PR_ATOMIC|PR_ADDR, 162 route6_input, 0, 0, 0, 163 0, 164 0, 0, 0, 0, 165 &nousrreqs 166}, 167{ SOCK_RAW, &inet6domain, IPPROTO_FRAGMENT,PR_ATOMIC|PR_ADDR, 168 frag6_input, 0, 0, 0, 169 0, 170 0, 0, 0, 0, 171 &nousrreqs 172}, 173#ifdef IPSEC 174{ SOCK_RAW, &inet6domain, IPPROTO_AH, PR_ATOMIC|PR_ADDR, 175 ah6_input, 0, 0, 0, 176 0, 177 0, 0, 0, 0, 178 &nousrreqs, 179}, 180#ifdef IPSEC_ESP 181{ SOCK_RAW, &inet6domain, IPPROTO_ESP, PR_ATOMIC|PR_ADDR, 182 esp6_input, 0, 0, 0, 183 0, 184 0, 0, 0, 0, 185 &nousrreqs, 186}, 187#endif 188{ SOCK_RAW, &inet6domain, IPPROTO_IPCOMP, PR_ATOMIC|PR_ADDR, 189 ipcomp6_input, 0, 0, 0, 190 0, 191 0, 0, 0, 0, 192 &nousrreqs, 193}, 194#endif /* IPSEC */ 195#if NGIF > 0 196{ SOCK_RAW, &inet6domain, IPPROTO_IPV4, PR_ATOMIC|PR_ADDR, 197 in6_gif_input,0, 0, 0, 198 0, 199 0, 0, 0, 0, 200 &nousrreqs 201}, 202#ifdef INET6 203{ SOCK_RAW, &inet6domain, IPPROTO_IPV6, PR_ATOMIC|PR_ADDR, 204 in6_gif_input,0, 0, 0, 205 0, 206 0, 0, 0, 0, 207 &nousrreqs 208}, 209#endif /* INET6 */ 210#endif /* GIF */ 211/* raw wildcard */ 212{ SOCK_RAW, &inet6domain, 0, PR_ATOMIC | PR_ADDR, 213 rip6_input, rip6_output, 0, rip6_ctloutput, 214 0, 215 0, 0, 0, 0, 216 &rip6_usrreqs 217}, 218}; 219 220extern int in6_inithead __P((void **, int)); 221 222struct domain inet6domain = 223 { AF_INET6, "internet6", 0, 0, 0, 224 (struct protosw *)inet6sw, 225 (struct protosw *)&inet6sw[sizeof(inet6sw)/sizeof(inet6sw[0])], 0, 226 in6_inithead, 227 offsetof(struct sockaddr_in6, sin6_addr) << 3, 228 sizeof(struct sockaddr_in6) }; 229 230DOMAIN_SET(inet6); 231 232/* 233 * Internet configuration info 234 */ 235#ifndef IPV6FORWARDING 236#ifdef GATEWAY6 237#define IPV6FORWARDING 1 /* forward IP6 packets not for us */ 238#else 239#define IPV6FORWARDING 0 /* don't forward IP6 packets not for us */ 240#endif /* GATEWAY6 */ 241#endif /* !IPV6FORWARDING */ 242 243#ifndef IPV6_SENDREDIRECTS 244#define IPV6_SENDREDIRECTS 1 245#endif 246 247int ip6_forwarding = IPV6FORWARDING; /* act as router? */ 248int ip6_sendredirects = IPV6_SENDREDIRECTS; 249int ip6_defhlim = IPV6_DEFHLIM; 250int ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS; 251int ip6_accept_rtadv = 0; /* "IPV6FORWARDING ? 0 : 1" is dangerous */ 252int ip6_maxfragpackets = 200; 253int ip6_log_interval = 5; 254int ip6_hdrnestlimit = 50; /* appropriate? */ 255int ip6_dad_count = 1; /* DupAddrDetectionTransmits */ 256u_int32_t ip6_flow_seq; 257int ip6_auto_flowlabel = 1; 258#if NGIF > 0 259int ip6_gif_hlim = GIF_HLIM; 260#else 261int ip6_gif_hlim = 0; 262#endif 263int ip6_use_deprecated = 1; /* allow deprecated addr (RFC2462 5.5.4) */ 264int ip6_rr_prune = 5; /* router renumbering prefix 265 * walk list every 5 sec. */ 266int ip6_mapped_addr_on = 1; 267 268u_int32_t ip6_id = 0UL; 269int ip6_keepfaith = 0; 270time_t ip6_log_time = (time_t)0L; 271 272/* icmp6 */ 273/* 274 * BSDI4 defines these variables in in_proto.c... 275 * XXX: what if we don't define INET? Should we define pmtu6_expire 276 * or so? (jinmei@kame.net 19990310) 277 */ 278int pmtu_expire = 60*10; 279int pmtu_probe = 60*2; 280 281/* raw IP6 parameters */ 282/* 283 * Nominal space allocated to a raw ip socket. 284 */ 285#define RIPV6SNDQ 8192 286#define RIPV6RCVQ 8192 287 288u_long rip6_sendspace = RIPV6SNDQ; 289u_long rip6_recvspace = RIPV6RCVQ; 290 291/* ICMPV6 parameters */ 292int icmp6_rediraccept = 1; /* accept and process redirects */ 293int icmp6_redirtimeout = 10 * 60; /* 10 minutes */ 294u_int icmp6errratelim = 1000; /* 1000usec = 1msec */ 295 296/* UDP on IP6 parameters */ 297int udp6_sendspace = 9216; /* really max datagram size */ 298int udp6_recvspace = 40 * (1024 + sizeof(struct sockaddr_in6)); 299 /* 40 1K datagrams */ 300 301/* 302 * sysctl related items. 303 */ 304SYSCTL_NODE(_net, PF_INET6, inet6, CTLFLAG_RW, 0, 305 "Internet6 Family"); 306 307/* net.inet6 */ 308SYSCTL_NODE(_net_inet6, IPPROTO_IPV6, ip6, CTLFLAG_RW, 0, "IP6"); 309SYSCTL_NODE(_net_inet6, IPPROTO_ICMPV6, icmp6, CTLFLAG_RW, 0, "ICMP6"); 310SYSCTL_NODE(_net_inet6, IPPROTO_UDP, udp6, CTLFLAG_RW, 0, "UDP6"); 311SYSCTL_NODE(_net_inet6, IPPROTO_TCP, tcp6, CTLFLAG_RW, 0, "TCP6"); 312#ifdef IPSEC 313SYSCTL_NODE(_net_inet6, IPPROTO_ESP, ipsec6, CTLFLAG_RW, 0, "IPSEC6"); 314#endif /* IPSEC */ 315 316/* net.inet6.ip6 */ 317static int 318sysctl_ip6_forwarding SYSCTL_HANDLER_ARGS 319{ 320 int error = 0; 321 int old_ip6_forwarding; 322 int changed; 323 324 error = SYSCTL_OUT(req, arg1, sizeof(int)); 325 if (error || !req->newptr) 326 return (error); 327 old_ip6_forwarding = ip6_forwarding; 328 error = SYSCTL_IN(req, arg1, sizeof(int)); 329 if (error != 0) 330 return (error); 331 changed = (ip6_forwarding ? 1 : 0) ^ (old_ip6_forwarding ? 1 : 0); 332 if (changed == 0) 333 return (error); 334 if (ip6_forwarding != 0) { /* host becomes router */ 335 int s = splnet(); 336 struct nd_prefix *pr, *next; 337 338 for (pr = nd_prefix.lh_first; pr; pr = next) { 339 next = pr->ndpr_next; 340 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 341 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 342 prelist_remove(pr); 343 } 344 splx(s); 345 } else { /* router becomes host */ 346 struct socket so; 347 348 /* XXX: init dummy so */ 349 bzero(&so, sizeof(so)); 350 while(!LIST_EMPTY(&rr_prefix)) 351 delete_each_prefix(&so, LIST_FIRST(&rr_prefix), 352 PR_ORIG_KERNEL); 353 } 354 355 return (error); 356} 357 358SYSCTL_OID(_net_inet6_ip6, IPV6CTL_FORWARDING, forwarding, 359 CTLTYPE_INT|CTLFLAG_RW, &ip6_forwarding, 0, sysctl_ip6_forwarding, 360 "I", ""); 361SYSCTL_INT(_net_inet6_ip6, IPV6CTL_SENDREDIRECTS, 362 redirect, CTLFLAG_RW, &ip6_sendredirects, 0, ""); 363SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFHLIM, 364 hlim, CTLFLAG_RW, &ip6_defhlim, 0, ""); 365SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS, 366 maxfragpackets, CTLFLAG_RW, &ip6_maxfragpackets, 0, ""); 367SYSCTL_INT(_net_inet6_ip6, IPV6CTL_ACCEPT_RTADV, 368 accept_rtadv, CTLFLAG_RW, &ip6_accept_rtadv, 0, ""); 369SYSCTL_INT(_net_inet6_ip6, IPV6CTL_KEEPFAITH, 370 keepfaith, CTLFLAG_RW, &ip6_keepfaith, 0, ""); 371SYSCTL_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL, 372 log_interval, CTLFLAG_RW, &ip6_log_interval, 0, ""); 373SYSCTL_INT(_net_inet6_ip6, IPV6CTL_HDRNESTLIMIT, 374 hdrnestlimit, CTLFLAG_RW, &ip6_hdrnestlimit, 0, ""); 375SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT, 376 dad_count, CTLFLAG_RW, &ip6_dad_count, 0, ""); 377SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, 378 auto_flowlabel, CTLFLAG_RW, &ip6_auto_flowlabel, 0, ""); 379SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFMCASTHLIM, 380 defmcasthlim, CTLFLAG_RW, &ip6_defmcasthlim, 0, ""); 381SYSCTL_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM, 382 gifhlim, CTLFLAG_RW, &ip6_gif_hlim, 0, ""); 383SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEPRECATED, 384 use_deprecated, CTLFLAG_RW, &ip6_use_deprecated, 0, ""); 385SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RR_PRUNE, 386 rr_prune, CTLFLAG_RW, &ip6_rr_prune, 0, ""); 387SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAPPED_ADDR, 388 mapped_addr, CTLFLAG_RW, &ip6_mapped_addr_on, 0, ""); 389 390/* net.inet6.icmp6 */ 391SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRACCEPT, 392 rediraccept, CTLFLAG_RW, &icmp6_rediraccept, 0, ""); 393SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRTIMEOUT, 394 redirtimeout, CTLFLAG_RW, &icmp6_redirtimeout, 0, ""); 395SYSCTL_STRUCT(_net_inet6_icmp6, ICMPV6CTL_STATS, stats, CTLFLAG_RD, 396 &icmp6stat, icmp6stat, ""); 397SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ERRRATELIMIT, 398 errratelimit, CTLFLAG_RW, &icmp6errratelim, 0, ""); 399SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_PRUNE, 400 nd6_prune, CTLFLAG_RW, &nd6_prune, 0, ""); 401SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DELAY, 402 nd6_delay, CTLFLAG_RW, &nd6_delay, 0, ""); 403SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_UMAXTRIES, 404 nd6_umaxtries, CTLFLAG_RW, &nd6_umaxtries, 0, ""); 405SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MMAXTRIES, 406 nd6_mmaxtries, CTLFLAG_RW, &nd6_mmaxtries, 0, ""); 407SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_USELOOPBACK, 408 nd6_useloopback, CTLFLAG_RW, &nd6_useloopback, 0, ""); 409SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_PROXYALL, 410 nd6_proxyall, CTLFLAG_RW, &nd6_proxyall, 0, ""); 411