if_ethersubr.c revision 103556
1/* 2 * Copyright (c) 1982, 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)if_ethersubr.c 8.1 (Berkeley) 6/10/93 34 * $FreeBSD: head/sys/net/if_ethersubr.c 103556 2002-09-18 19:50:48Z phk $ 35 */ 36 37#include "opt_atalk.h" 38#include "opt_inet.h" 39#include "opt_inet6.h" 40#include "opt_ipx.h" 41#include "opt_bdg.h" 42#include "opt_mac.h" 43#include "opt_netgraph.h" 44 45#include <sys/param.h> 46#include <sys/systm.h> 47#include <sys/kernel.h> 48#include <sys/mac.h> 49#include <sys/malloc.h> 50#include <sys/mbuf.h> 51#include <sys/random.h> 52#include <sys/socket.h> 53#include <sys/sockio.h> 54#include <sys/sysctl.h> 55 56#include <net/if.h> 57#include <net/netisr.h> 58#include <net/route.h> 59#include <net/if_llc.h> 60#include <net/if_dl.h> 61#include <net/if_types.h> 62#include <net/bpf.h> 63#include <net/ethernet.h> 64#include <net/bridge.h> 65 66#if defined(INET) || defined(INET6) 67#include <netinet/in.h> 68#include <netinet/in_var.h> 69#include <netinet/if_ether.h> 70#include <netinet/ip_fw.h> 71#include <netinet/ip_dummynet.h> 72#endif 73#ifdef INET6 74#include <netinet6/nd6.h> 75#endif 76 77#ifdef IPX 78#include <netipx/ipx.h> 79#include <netipx/ipx_if.h> 80int (*ef_inputp)(struct ifnet*, struct ether_header *eh, struct mbuf *m); 81int (*ef_outputp)(struct ifnet *ifp, struct mbuf **mp, 82 struct sockaddr *dst, short *tp, int *hlen); 83#endif 84 85#ifdef NS 86#include <netns/ns.h> 87#include <netns/ns_if.h> 88ushort ns_nettype; 89int ether_outputdebug = 0; 90int ether_inputdebug = 0; 91#endif 92 93#ifdef NETATALK 94#include <netatalk/at.h> 95#include <netatalk/at_var.h> 96#include <netatalk/at_extern.h> 97 98#define llc_snap_org_code llc_un.type_snap.org_code 99#define llc_snap_ether_type llc_un.type_snap.ether_type 100 101extern u_char at_org_code[3]; 102extern u_char aarp_org_code[3]; 103#endif /* NETATALK */ 104 105/* netgraph node hooks for ng_ether(4) */ 106void (*ng_ether_input_p)(struct ifnet *ifp, 107 struct mbuf **mp, struct ether_header *eh); 108void (*ng_ether_input_orphan_p)(struct ifnet *ifp, 109 struct mbuf *m, struct ether_header *eh); 110int (*ng_ether_output_p)(struct ifnet *ifp, struct mbuf **mp); 111void (*ng_ether_attach_p)(struct ifnet *ifp); 112void (*ng_ether_detach_p)(struct ifnet *ifp); 113 114int (*vlan_input_p)(struct ether_header *eh, struct mbuf *m); 115int (*vlan_input_tag_p)(struct ether_header *eh, struct mbuf *m, 116 u_int16_t t); 117 118/* bridge support */ 119int do_bridge; 120bridge_in_t *bridge_in_ptr; 121bdg_forward_t *bdg_forward_ptr; 122bdgtakeifaces_t *bdgtakeifaces_ptr; 123struct bdg_softc *ifp2sc; 124 125static int ether_resolvemulti(struct ifnet *, struct sockaddr **, 126 struct sockaddr *); 127u_char etherbroadcastaddr[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 128#define senderr(e) do { error = (e); goto bad;} while (0) 129#define IFP2AC(IFP) ((struct arpcom *)IFP) 130 131int 132ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, 133 struct ip_fw **rule, struct ether_header *eh, int shared); 134static int ether_ipfw; 135 136/* 137 * Ethernet output routine. 138 * Encapsulate a packet of type family for the local net. 139 * Use trailer local net encapsulation if enough data in first 140 * packet leaves a multiple of 512 bytes of data in remainder. 141 * Assumes that ifp is actually pointer to arpcom structure. 142 */ 143int 144ether_output(ifp, m, dst, rt0) 145 register struct ifnet *ifp; 146 struct mbuf *m; 147 struct sockaddr *dst; 148 struct rtentry *rt0; 149{ 150 short type; 151 int error = 0, hdrcmplt = 0; 152 u_char esrc[6], edst[6]; 153 register struct rtentry *rt; 154 register struct ether_header *eh; 155 int loop_copy = 0; 156 int hlen; /* link layer header lenght */ 157 struct arpcom *ac = IFP2AC(ifp); 158 159#ifdef MAC 160 error = mac_check_ifnet_transmit(ifp, m); 161 if (error) 162 senderr(error); 163#endif 164 165 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) 166 senderr(ENETDOWN); 167 rt = rt0; 168 if (rt) { 169 if ((rt->rt_flags & RTF_UP) == 0) { 170 rt0 = rt = rtalloc1(dst, 1, 0UL); 171 if (rt0) 172 rt->rt_refcnt--; 173 else 174 senderr(EHOSTUNREACH); 175 } 176 if (rt->rt_flags & RTF_GATEWAY) { 177 if (rt->rt_gwroute == 0) 178 goto lookup; 179 if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) { 180 rtfree(rt); rt = rt0; 181 lookup: rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1, 182 0UL); 183 if ((rt = rt->rt_gwroute) == 0) 184 senderr(EHOSTUNREACH); 185 } 186 } 187 if (rt->rt_flags & RTF_REJECT) 188 if (rt->rt_rmx.rmx_expire == 0 || 189 time_second < rt->rt_rmx.rmx_expire) 190 senderr(rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 191 } 192 hlen = ETHER_HDR_LEN; 193 switch (dst->sa_family) { 194#ifdef INET 195 case AF_INET: 196 if (!arpresolve(ifp, rt, m, dst, edst, rt0)) 197 return (0); /* if not yet resolved */ 198 type = htons(ETHERTYPE_IP); 199 break; 200#endif 201#ifdef INET6 202 case AF_INET6: 203 if (!nd6_storelladdr(&ac->ac_if, rt, m, dst, (u_char *)edst)) { 204 /* Something bad happened */ 205 return(0); 206 } 207 type = htons(ETHERTYPE_IPV6); 208 break; 209#endif 210#ifdef IPX 211 case AF_IPX: 212 if (ef_outputp) { 213 error = ef_outputp(ifp, &m, dst, &type, &hlen); 214 if (error) 215 goto bad; 216 } else 217 type = htons(ETHERTYPE_IPX); 218 bcopy((caddr_t)&(((struct sockaddr_ipx *)dst)->sipx_addr.x_host), 219 (caddr_t)edst, sizeof (edst)); 220 break; 221#endif 222#ifdef NETATALK 223 case AF_APPLETALK: 224 { 225 struct at_ifaddr *aa; 226 227 if ((aa = at_ifawithnet((struct sockaddr_at *)dst)) == NULL) { 228 goto bad; 229 } 230 if (!aarpresolve(ac, m, (struct sockaddr_at *)dst, edst)) 231 return (0); 232 /* 233 * In the phase 2 case, need to prepend an mbuf for the llc header. 234 * Since we must preserve the value of m, which is passed to us by 235 * value, we m_copy() the first mbuf, and use it for our llc header. 236 */ 237 if ( aa->aa_flags & AFA_PHASE2 ) { 238 struct llc llc; 239 240 M_PREPEND(m, sizeof(struct llc), M_TRYWAIT); 241 llc.llc_dsap = llc.llc_ssap = LLC_SNAP_LSAP; 242 llc.llc_control = LLC_UI; 243 bcopy(at_org_code, llc.llc_snap_org_code, sizeof(at_org_code)); 244 llc.llc_snap_ether_type = htons( ETHERTYPE_AT ); 245 bcopy(&llc, mtod(m, caddr_t), sizeof(struct llc)); 246 type = htons(m->m_pkthdr.len); 247 hlen = sizeof(struct llc) + ETHER_HDR_LEN; 248 } else { 249 type = htons(ETHERTYPE_AT); 250 } 251 break; 252 } 253#endif /* NETATALK */ 254#ifdef NS 255 case AF_NS: 256 switch(ns_nettype){ 257 default: 258 case 0x8137: /* Novell Ethernet_II Ethernet TYPE II */ 259 type = 0x8137; 260 break; 261 case 0x0: /* Novell 802.3 */ 262 type = htons( m->m_pkthdr.len); 263 break; 264 case 0xe0e0: /* Novell 802.2 and Token-Ring */ 265 M_PREPEND(m, 3, M_TRYWAIT); 266 type = htons( m->m_pkthdr.len); 267 cp = mtod(m, u_char *); 268 *cp++ = 0xE0; 269 *cp++ = 0xE0; 270 *cp++ = 0x03; 271 break; 272 } 273 bcopy((caddr_t)&(((struct sockaddr_ns *)dst)->sns_addr.x_host), 274 (caddr_t)edst, sizeof (edst)); 275 /* 276 * XXX if ns_thishost is the same as the node's ethernet 277 * address then just the default code will catch this anyhow. 278 * So I'm not sure if this next clause should be here at all? 279 * [JRE] 280 */ 281 if (!bcmp((caddr_t)edst, (caddr_t)&ns_thishost, sizeof(edst))){ 282 m->m_pkthdr.rcvif = ifp; 283 inq = &nsintrq; 284 if (IF_HANDOFF(inq, m, NULL)) 285 schednetisr(NETISR_NS); 286 return (error); 287 } 288 if (!bcmp((caddr_t)edst, (caddr_t)&ns_broadhost, sizeof(edst))){ 289 m->m_flags |= M_BCAST; 290 } 291 break; 292#endif /* NS */ 293 294 case pseudo_AF_HDRCMPLT: 295 hdrcmplt = 1; 296 eh = (struct ether_header *)dst->sa_data; 297 (void)memcpy(esrc, eh->ether_shost, sizeof (esrc)); 298 /* FALLTHROUGH */ 299 300 case AF_UNSPEC: 301 loop_copy = -1; /* if this is for us, don't do it */ 302 eh = (struct ether_header *)dst->sa_data; 303 (void)memcpy(edst, eh->ether_dhost, sizeof (edst)); 304 type = eh->ether_type; 305 break; 306 307 default: 308 printf("%s%d: can't handle af%d\n", ifp->if_name, ifp->if_unit, 309 dst->sa_family); 310 senderr(EAFNOSUPPORT); 311 } 312 313 /* 314 * Add local net header. If no space in first mbuf, 315 * allocate another. 316 */ 317 M_PREPEND(m, sizeof (struct ether_header), M_DONTWAIT); 318 if (m == 0) 319 senderr(ENOBUFS); 320 eh = mtod(m, struct ether_header *); 321 (void)memcpy(&eh->ether_type, &type, 322 sizeof(eh->ether_type)); 323 (void)memcpy(eh->ether_dhost, edst, sizeof (edst)); 324 if (hdrcmplt) 325 (void)memcpy(eh->ether_shost, esrc, 326 sizeof(eh->ether_shost)); 327 else 328 (void)memcpy(eh->ether_shost, ac->ac_enaddr, 329 sizeof(eh->ether_shost)); 330 331 /* 332 * If a simplex interface, and the packet is being sent to our 333 * Ethernet address or a broadcast address, loopback a copy. 334 * XXX To make a simplex device behave exactly like a duplex 335 * device, we should copy in the case of sending to our own 336 * ethernet address (thus letting the original actually appear 337 * on the wire). However, we don't do that here for security 338 * reasons and compatibility with the original behavior. 339 */ 340 if ((ifp->if_flags & IFF_SIMPLEX) && (loop_copy != -1)) { 341 int csum_flags = 0; 342 343 if (m->m_pkthdr.csum_flags & CSUM_IP) 344 csum_flags |= (CSUM_IP_CHECKED|CSUM_IP_VALID); 345 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) 346 csum_flags |= (CSUM_DATA_VALID|CSUM_PSEUDO_HDR); 347 if ((m->m_flags & M_BCAST) || (loop_copy > 0)) { 348 struct mbuf *n = m_copy(m, 0, (int)M_COPYALL); 349 350 n->m_pkthdr.csum_flags |= csum_flags; 351 if (csum_flags & CSUM_DATA_VALID) 352 n->m_pkthdr.csum_data = 0xffff; 353 354 (void) if_simloop(ifp, n, dst->sa_family, hlen); 355 } else if (bcmp(eh->ether_dhost, 356 eh->ether_shost, ETHER_ADDR_LEN) == 0) { 357 m->m_pkthdr.csum_flags |= csum_flags; 358 if (csum_flags & CSUM_DATA_VALID) 359 m->m_pkthdr.csum_data = 0xffff; 360 (void) if_simloop(ifp, m, dst->sa_family, hlen); 361 return (0); /* XXX */ 362 } 363 } 364 365 /* Handle ng_ether(4) processing, if any */ 366 if (ng_ether_output_p != NULL) { 367 if ((error = (*ng_ether_output_p)(ifp, &m)) != 0) { 368bad: if (m != NULL) 369 m_freem(m); 370 return (error); 371 } 372 if (m == NULL) 373 return (0); 374 } 375 376 /* Continue with link-layer output */ 377 return ether_output_frame(ifp, m); 378} 379 380/* 381 * Ethernet link layer output routine to send a raw frame to the device. 382 * 383 * This assumes that the 14 byte Ethernet header is present and contiguous 384 * in the first mbuf (if BRIDGE'ing). 385 */ 386int 387ether_output_frame(ifp, m) 388 struct ifnet *ifp; 389 struct mbuf *m; 390{ 391 int error = 0; 392 struct ip_fw *rule = NULL; 393 394 /* Extract info from dummynet tag, ignore others */ 395 for (; m->m_type == MT_TAG; m = m->m_next) 396 if (m->m_flags == PACKET_TAG_DUMMYNET) 397 rule = ((struct dn_pkt *)m)->rule; 398 399 if (rule) /* packet was already bridged */ 400 goto no_bridge; 401 402 if (BDG_ACTIVE(ifp) ) { 403 struct ether_header *eh; /* a ptr suffices */ 404 405 m->m_pkthdr.rcvif = NULL; 406 eh = mtod(m, struct ether_header *); 407 m_adj(m, ETHER_HDR_LEN); 408 m = bdg_forward_ptr(m, eh, ifp); 409 if (m != NULL) 410 m_freem(m); 411 return (0); 412 } 413 414no_bridge: 415 if (IPFW_LOADED && ether_ipfw != 0) { 416 struct ether_header save_eh, *eh; 417 418 eh = mtod(m, struct ether_header *); 419 save_eh = *eh; 420 m_adj(m, ETHER_HDR_LEN); 421 if (ether_ipfw_chk(&m, ifp, &rule, eh, 0) == 0) { 422 if (m) { 423 m_freem(m); 424 return ENOBUFS; /* pkt dropped */ 425 } else 426 return 0; /* consumed e.g. in a pipe */ 427 } 428 /* packet was ok, restore the ethernet header */ 429 if ( (void *)(eh + 1) == (void *)m->m_data) { 430 m->m_data -= ETHER_HDR_LEN ; 431 m->m_len += ETHER_HDR_LEN ; 432 m->m_pkthdr.len += ETHER_HDR_LEN ; 433 } else { 434 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); 435 if (m == NULL) /* nope... */ 436 return ENOBUFS; 437 bcopy(&save_eh, mtod(m, struct ether_header *), 438 ETHER_HDR_LEN); 439 } 440 } 441 442 /* 443 * Queue message on interface, update output statistics if 444 * successful, and start output if interface not yet active. 445 */ 446 if (! IF_HANDOFF(&ifp->if_snd, m, ifp)) 447 return (ENOBUFS); 448 return (error); 449} 450 451/* 452 * ipfw processing for ethernet packets (in and out). 453 * The second parameter is NULL from ether_demux, and ifp from 454 * ether_output_frame. This section of code could be used from 455 * bridge.c as well as long as we use some extra info 456 * to distinguish that case from ether_output_frame(); 457 */ 458int 459ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, 460 struct ip_fw **rule, struct ether_header *eh, int shared) 461{ 462 struct ether_header save_eh = *eh; /* might be a ptr in m */ 463 int i; 464 struct ip_fw_args args; 465 466 if (*rule != NULL /*&& fw_one_pass*/) /* HACK! need to obey fw_one_pass */ 467 return 1; /* dummynet packet, already partially processed */ 468 469 /* 470 * I need some amt of data to be contiguous, and in case others need 471 * the packet (shared==1) also better be in the first mbuf. 472 */ 473 i = min( (*m0)->m_pkthdr.len, max_protohdr); 474 if ( shared || (*m0)->m_len < i) { 475 *m0 = m_pullup(*m0, i); 476 if (*m0 == NULL) 477 return 0; 478 } 479 480 args.m = *m0; /* the packet we are looking at */ 481 args.oif = dst; /* destination, if any */ 482 args.divert_rule = 0; /* we do not support divert yet */ 483 args.rule = *rule; /* matching rule to restart */ 484 args.next_hop = NULL; /* we do not support forward yet */ 485 args.eh = &save_eh; /* MAC header for bridged/MAC packets */ 486 i = ip_fw_chk_ptr(&args); 487 *m0 = args.m; 488 *rule = args.rule; 489 490 if ( (i & IP_FW_PORT_DENY_FLAG) || *m0 == NULL) /* drop */ 491 return 0; 492 493 if (i == 0) /* a PASS rule. */ 494 return 1; 495 496 if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG)) { 497 /* 498 * Pass the pkt to dummynet, which consumes it. 499 * If shared, make a copy and keep the original. 500 */ 501 struct mbuf *m ; 502 503 if (shared) { 504 m = m_copypacket(*m0, M_DONTWAIT); 505 if (m == NULL) 506 return 0; 507 } else { 508 m = *m0 ; /* pass the original to dummynet */ 509 *m0 = NULL ; /* and nothing back to the caller */ 510 } 511 /* 512 * Prepend the header, optimize for the common case of 513 * eh pointing into the mbuf. 514 */ 515 if ( (void *)(eh + 1) == (void *)m->m_data) { 516 m->m_data -= ETHER_HDR_LEN ; 517 m->m_len += ETHER_HDR_LEN ; 518 m->m_pkthdr.len += ETHER_HDR_LEN ; 519 } else { 520 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); 521 if (m == NULL) /* nope... */ 522 return 0; 523 bcopy(&save_eh, mtod(m, struct ether_header *), 524 ETHER_HDR_LEN); 525 } 526 ip_dn_io_ptr(m, (i & 0xffff), 527 dst ? DN_TO_ETH_OUT: DN_TO_ETH_DEMUX, &args); 528 return 0; 529 } 530 /* 531 * XXX at some point add support for divert/forward actions. 532 * If none of the above matches, we have to drop the pkt. 533 */ 534 return 0; 535} 536 537/* 538 * Process a received Ethernet packet. We have two different interfaces: 539 * one (conventional) assumes the packet in the mbuf, with the ethernet 540 * header provided separately in *eh. The second one (new) has everything 541 * in the mbuf, and we can tell it because eh == NULL. 542 * The caller MUST MAKE SURE that there are at least 543 * sizeof(struct ether_header) bytes in the first mbuf. 544 * 545 * This allows us to concentrate in one place a bunch of code which 546 * is replicated in all device drivers. Also, many functions called 547 * from ether_input() try to put the eh back into the mbuf, so we 548 * can later propagate the 'contiguous packet' interface to them, 549 * and handle the old interface just here. 550 * 551 * NOTA BENE: for many drivers "eh" is a pointer into the first mbuf or 552 * cluster, right before m_data. So be very careful when working on m, 553 * as you could destroy *eh !! 554 * 555 * First we perform any link layer operations, then continue 556 * to the upper layers with ether_demux(). 557 */ 558void 559ether_input(struct ifnet *ifp, struct ether_header *eh, struct mbuf *m) 560{ 561 struct ether_header save_eh; 562 563 if (eh == NULL) { 564 if (m->m_len < sizeof(struct ether_header)) { 565 /* XXX error in the caller. */ 566 m_freem(m); 567 return; 568 } 569 if (ifp->if_bpf != NULL) 570 bpf_mtap(ifp, m); 571 m->m_pkthdr.rcvif = ifp; 572 eh = mtod(m, struct ether_header *); 573 m->m_data += sizeof(struct ether_header); 574 m->m_len -= sizeof(struct ether_header); 575 m->m_pkthdr.len = m->m_len; 576 } else if (ifp->if_bpf != NULL) { 577 struct m_hdr mh; 578 579 /* This kludge is OK; BPF treats the "mbuf" as read-only */ 580 mh.mh_next = m; 581 mh.mh_data = (char *)eh; 582 mh.mh_len = ETHER_HDR_LEN; 583 bpf_mtap(ifp, (struct mbuf *)&mh); 584 } 585 586#ifdef MAC 587 mac_create_mbuf_from_ifnet(ifp, m); 588#endif 589 590 ifp->if_ibytes += m->m_pkthdr.len + sizeof (*eh); 591 592 /* Handle ng_ether(4) processing, if any */ 593 if (ng_ether_input_p != NULL) { 594 (*ng_ether_input_p)(ifp, &m, eh); 595 if (m == NULL) 596 return; 597 } 598 599 /* Check for bridging mode */ 600 if (BDG_ACTIVE(ifp) ) { 601 struct ifnet *bif; 602 603 /* Check with bridging code */ 604 if ((bif = bridge_in_ptr(ifp, eh)) == BDG_DROP) { 605 m_freem(m); 606 return; 607 } 608 if (bif != BDG_LOCAL) { 609 struct mbuf *oldm = m ; 610 611 save_eh = *eh ; /* because it might change */ 612 m = bdg_forward_ptr(m, eh, bif); /* needs forwarding */ 613 /* 614 * Do not continue if bdg_forward_ptr() processed our 615 * packet (and cleared the mbuf pointer m) or if 616 * it dropped (m_free'd) the packet itself. 617 */ 618 if (m == NULL) { 619 if (bif == BDG_BCAST || bif == BDG_MCAST) 620 printf("bdg_forward drop MULTICAST PKT\n"); 621 return; 622 } 623 if (m != oldm) /* m changed! */ 624 eh = &save_eh ; 625 } 626 if (bif == BDG_LOCAL 627 || bif == BDG_BCAST 628 || bif == BDG_MCAST) 629 goto recvLocal; /* receive locally */ 630 631 /* If not local and not multicast, just drop it */ 632 if (m != NULL) 633 m_freem(m); 634 return; 635 } 636 637recvLocal: 638 /* Continue with upper layer processing */ 639 ether_demux(ifp, eh, m); 640 /* First chunk of an mbuf contains good junk */ 641 if (harvest.ethernet) 642 random_harvest(m, 16, 3, 0, RANDOM_NET); 643} 644 645/* 646 * Upper layer processing for a received Ethernet packet. 647 */ 648void 649ether_demux(ifp, eh, m) 650 struct ifnet *ifp; 651 struct ether_header *eh; 652 struct mbuf *m; 653{ 654 struct ifqueue *inq; 655 u_short ether_type; 656#if defined(NETATALK) 657 register struct llc *l; 658#endif 659 struct ip_fw *rule = NULL; 660 661 /* Extract info from dummynet tag, ignore others */ 662 for (;m->m_type == MT_TAG; m = m->m_next) 663 if (m->m_flags == PACKET_TAG_DUMMYNET) { 664 rule = ((struct dn_pkt *)m)->rule; 665 ifp = m->m_next->m_pkthdr.rcvif; 666 } 667 668 if (rule) /* packet was already bridged */ 669 goto post_stats; 670 671 if (! (BDG_ACTIVE(ifp) ) ) 672 /* Discard packet if upper layers shouldn't see it because it was 673 unicast to a different Ethernet address. If the driver is working 674 properly, then this situation can only happen when the interface 675 is in promiscuous mode. */ 676 if ((ifp->if_flags & IFF_PROMISC) != 0 677 && (eh->ether_dhost[0] & 1) == 0 678 && bcmp(eh->ether_dhost, 679 IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0 680 && (ifp->if_flags & IFF_PPROMISC) == 0) { 681 m_freem(m); 682 return; 683 } 684 685 /* Discard packet if interface is not up */ 686 if ((ifp->if_flags & IFF_UP) == 0) { 687 m_freem(m); 688 return; 689 } 690 if (eh->ether_dhost[0] & 1) { 691 if (bcmp((caddr_t)etherbroadcastaddr, (caddr_t)eh->ether_dhost, 692 sizeof(etherbroadcastaddr)) == 0) 693 m->m_flags |= M_BCAST; 694 else 695 m->m_flags |= M_MCAST; 696 } 697 if (m->m_flags & (M_BCAST|M_MCAST)) 698 ifp->if_imcasts++; 699 700post_stats: 701 if (IPFW_LOADED && ether_ipfw != 0) { 702 if (ether_ipfw_chk(&m, NULL, &rule, eh, 0 ) == 0) { 703 if (m) 704 m_freem(m); 705 return; 706 } 707 } 708 709 ether_type = ntohs(eh->ether_type); 710 711 switch (ether_type) { 712#ifdef INET 713 case ETHERTYPE_IP: 714 if (ipflow_fastforward(m)) 715 return; 716 schednetisr(NETISR_IP); 717 inq = &ipintrq; 718 break; 719 720 case ETHERTYPE_ARP: 721 if (ifp->if_flags & IFF_NOARP) { 722 /* Discard packet if ARP is disabled on interface */ 723 m_freem(m); 724 return; 725 } 726 schednetisr(NETISR_ARP); 727 inq = &arpintrq; 728 break; 729#endif 730#ifdef IPX 731 case ETHERTYPE_IPX: 732 if (ef_inputp && ef_inputp(ifp, eh, m) == 0) 733 return; 734 schednetisr(NETISR_IPX); 735 inq = &ipxintrq; 736 break; 737#endif 738#ifdef INET6 739 case ETHERTYPE_IPV6: 740 schednetisr(NETISR_IPV6); 741 inq = &ip6intrq; 742 break; 743#endif 744#ifdef NS 745 case 0x8137: /* Novell Ethernet_II Ethernet TYPE II */ 746 schednetisr(NETISR_NS); 747 inq = &nsintrq; 748 break; 749 750#endif /* NS */ 751#ifdef NETATALK 752 case ETHERTYPE_AT: 753 schednetisr(NETISR_ATALK); 754 inq = &atintrq1; 755 break; 756 case ETHERTYPE_AARP: 757 /* probably this should be done with a NETISR as well */ 758 aarpinput(IFP2AC(ifp), m); /* XXX */ 759 return; 760#endif /* NETATALK */ 761 case ETHERTYPE_VLAN: 762 /* XXX lock ? */ 763 if (vlan_input_p != NULL) 764 (*vlan_input_p)(eh, m); 765 else { 766 m->m_pkthdr.rcvif->if_noproto++; 767 m_freem(m); 768 } 769 /* XXX unlock ? */ 770 return; 771 default: 772#ifdef IPX 773 if (ef_inputp && ef_inputp(ifp, eh, m) == 0) 774 return; 775#endif /* IPX */ 776#ifdef NS 777 checksum = mtod(m, ushort *); 778 /* Novell 802.3 */ 779 if ((ether_type <= ETHERMTU) && 780 ((*checksum == 0xffff) || (*checksum == 0xE0E0))){ 781 if(*checksum == 0xE0E0) { 782 m->m_pkthdr.len -= 3; 783 m->m_len -= 3; 784 m->m_data += 3; 785 } 786 schednetisr(NETISR_NS); 787 inq = &nsintrq; 788 break; 789 } 790#endif /* NS */ 791#if defined(NETATALK) 792 if (ether_type > ETHERMTU) 793 goto dropanyway; 794 l = mtod(m, struct llc *); 795 switch (l->llc_dsap) { 796 case LLC_SNAP_LSAP: 797 switch (l->llc_control) { 798 case LLC_UI: 799 if (l->llc_ssap != LLC_SNAP_LSAP) 800 goto dropanyway; 801 802 if (Bcmp(&(l->llc_snap_org_code)[0], at_org_code, 803 sizeof(at_org_code)) == 0 && 804 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AT) { 805 inq = &atintrq2; 806 m_adj( m, sizeof( struct llc )); 807 schednetisr(NETISR_ATALK); 808 break; 809 } 810 811 if (Bcmp(&(l->llc_snap_org_code)[0], aarp_org_code, 812 sizeof(aarp_org_code)) == 0 && 813 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AARP) { 814 m_adj( m, sizeof( struct llc )); 815 aarpinput(IFP2AC(ifp), m); /* XXX */ 816 return; 817 } 818 819 default: 820 goto dropanyway; 821 } 822 break; 823 dropanyway: 824 default: 825 if (ng_ether_input_orphan_p != NULL) 826 (*ng_ether_input_orphan_p)(ifp, m, eh); 827 else 828 m_freem(m); 829 return; 830 } 831#else /* NETATALK */ 832 if (ng_ether_input_orphan_p != NULL) 833 (*ng_ether_input_orphan_p)(ifp, m, eh); 834 else 835 m_freem(m); 836 return; 837#endif /* NETATALK */ 838 } 839 840 (void) IF_HANDOFF(inq, m, NULL); 841} 842 843/* 844 * Perform common duties while attaching to interface list 845 */ 846void 847ether_ifattach(ifp, bpf) 848 register struct ifnet *ifp; 849 int bpf; 850{ 851 register struct ifaddr *ifa; 852 register struct sockaddr_dl *sdl; 853 854 ifp->if_type = IFT_ETHER; 855 ifp->if_addrlen = 6; 856 ifp->if_hdrlen = 14; 857 if_attach(ifp); 858 ifp->if_mtu = ETHERMTU; 859 ifp->if_resolvemulti = ether_resolvemulti; 860 if (ifp->if_baudrate == 0) 861 ifp->if_baudrate = 10000000; 862 ifp->if_broadcastaddr = etherbroadcastaddr; 863 ifa = ifaddr_byindex(ifp->if_index); 864 KASSERT(ifa != NULL, ("%s: no lladdr!\n", __func__)); 865 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 866 sdl->sdl_type = IFT_ETHER; 867 sdl->sdl_alen = ifp->if_addrlen; 868 bcopy((IFP2AC(ifp))->ac_enaddr, LLADDR(sdl), ifp->if_addrlen); 869 if (bpf) 870 bpfattach(ifp, DLT_EN10MB, sizeof(struct ether_header)); 871 if (ng_ether_attach_p != NULL) 872 (*ng_ether_attach_p)(ifp); 873 if (BDG_LOADED) 874 bdgtakeifaces_ptr(); 875} 876 877/* 878 * Perform common duties while detaching an Ethernet interface 879 */ 880void 881ether_ifdetach(ifp, bpf) 882 struct ifnet *ifp; 883 int bpf; 884{ 885 if (ng_ether_detach_p != NULL) 886 (*ng_ether_detach_p)(ifp); 887 if (bpf) 888 bpfdetach(ifp); 889 if_detach(ifp); 890 if (BDG_LOADED) 891 bdgtakeifaces_ptr(); 892} 893 894SYSCTL_DECL(_net_link); 895SYSCTL_NODE(_net_link, IFT_ETHER, ether, CTLFLAG_RW, 0, "Ethernet"); 896SYSCTL_INT(_net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW, 897 ðer_ipfw,0,"Pass ether pkts through firewall"); 898 899int 900ether_ioctl(ifp, command, data) 901 struct ifnet *ifp; 902 int command; 903 caddr_t data; 904{ 905 struct ifaddr *ifa = (struct ifaddr *) data; 906 struct ifreq *ifr = (struct ifreq *) data; 907 int error = 0; 908 909 switch (command) { 910 case SIOCSIFADDR: 911 ifp->if_flags |= IFF_UP; 912 913 switch (ifa->ifa_addr->sa_family) { 914#ifdef INET 915 case AF_INET: 916 ifp->if_init(ifp->if_softc); /* before arpwhohas */ 917 arp_ifinit(ifp, ifa); 918 break; 919#endif 920#ifdef IPX 921 /* 922 * XXX - This code is probably wrong 923 */ 924 case AF_IPX: 925 { 926 register struct ipx_addr *ina = &(IA_SIPX(ifa)->sipx_addr); 927 struct arpcom *ac = IFP2AC(ifp); 928 929 if (ipx_nullhost(*ina)) 930 ina->x_host = 931 *(union ipx_host *) 932 ac->ac_enaddr; 933 else { 934 bcopy((caddr_t) ina->x_host.c_host, 935 (caddr_t) ac->ac_enaddr, 936 sizeof(ac->ac_enaddr)); 937 } 938 939 /* 940 * Set new address 941 */ 942 ifp->if_init(ifp->if_softc); 943 break; 944 } 945#endif 946#ifdef NS 947 /* 948 * XXX - This code is probably wrong 949 */ 950 case AF_NS: 951 { 952 register struct ns_addr *ina = &(IA_SNS(ifa)->sns_addr); 953 struct arpcom *ac = IFP2AC(ifp); 954 955 if (ns_nullhost(*ina)) 956 ina->x_host = 957 *(union ns_host *) (ac->ac_enaddr); 958 else { 959 bcopy((caddr_t) ina->x_host.c_host, 960 (caddr_t) ac->ac_enaddr, 961 sizeof(ac->ac_enaddr)); 962 } 963 964 /* 965 * Set new address 966 */ 967 ifp->if_init(ifp->if_softc); 968 break; 969 } 970#endif 971 default: 972 ifp->if_init(ifp->if_softc); 973 break; 974 } 975 break; 976 977 case SIOCGIFADDR: 978 { 979 struct sockaddr *sa; 980 981 sa = (struct sockaddr *) & ifr->ifr_data; 982 bcopy(IFP2AC(ifp)->ac_enaddr, 983 (caddr_t) sa->sa_data, ETHER_ADDR_LEN); 984 } 985 break; 986 987 case SIOCSIFMTU: 988 /* 989 * Set the interface MTU. 990 */ 991 if (ifr->ifr_mtu > ETHERMTU) { 992 error = EINVAL; 993 } else { 994 ifp->if_mtu = ifr->ifr_mtu; 995 } 996 break; 997 } 998 return (error); 999} 1000 1001int 1002ether_resolvemulti(ifp, llsa, sa) 1003 struct ifnet *ifp; 1004 struct sockaddr **llsa; 1005 struct sockaddr *sa; 1006{ 1007 struct sockaddr_dl *sdl; 1008 struct sockaddr_in *sin; 1009#ifdef INET6 1010 struct sockaddr_in6 *sin6; 1011#endif 1012 u_char *e_addr; 1013 1014 switch(sa->sa_family) { 1015 case AF_LINK: 1016 /* 1017 * No mapping needed. Just check that it's a valid MC address. 1018 */ 1019 sdl = (struct sockaddr_dl *)sa; 1020 e_addr = LLADDR(sdl); 1021 if ((e_addr[0] & 1) != 1) 1022 return EADDRNOTAVAIL; 1023 *llsa = 0; 1024 return 0; 1025 1026#ifdef INET 1027 case AF_INET: 1028 sin = (struct sockaddr_in *)sa; 1029 if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) 1030 return EADDRNOTAVAIL; 1031 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 1032 M_WAITOK|M_ZERO); 1033 sdl->sdl_len = sizeof *sdl; 1034 sdl->sdl_family = AF_LINK; 1035 sdl->sdl_index = ifp->if_index; 1036 sdl->sdl_type = IFT_ETHER; 1037 sdl->sdl_alen = ETHER_ADDR_LEN; 1038 e_addr = LLADDR(sdl); 1039 ETHER_MAP_IP_MULTICAST(&sin->sin_addr, e_addr); 1040 *llsa = (struct sockaddr *)sdl; 1041 return 0; 1042#endif 1043#ifdef INET6 1044 case AF_INET6: 1045 sin6 = (struct sockaddr_in6 *)sa; 1046 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 1047 /* 1048 * An IP6 address of 0 means listen to all 1049 * of the Ethernet multicast address used for IP6. 1050 * (This is used for multicast routers.) 1051 */ 1052 ifp->if_flags |= IFF_ALLMULTI; 1053 *llsa = 0; 1054 return 0; 1055 } 1056 if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) 1057 return EADDRNOTAVAIL; 1058 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 1059 M_WAITOK|M_ZERO); 1060 sdl->sdl_len = sizeof *sdl; 1061 sdl->sdl_family = AF_LINK; 1062 sdl->sdl_index = ifp->if_index; 1063 sdl->sdl_type = IFT_ETHER; 1064 sdl->sdl_alen = ETHER_ADDR_LEN; 1065 e_addr = LLADDR(sdl); 1066 ETHER_MAP_IPV6_MULTICAST(&sin6->sin6_addr, e_addr); 1067 *llsa = (struct sockaddr *)sdl; 1068 return 0; 1069#endif 1070 1071 default: 1072 /* 1073 * Well, the text isn't quite right, but it's the name 1074 * that counts... 1075 */ 1076 return EAFNOSUPPORT; 1077 } 1078} 1079