ip_fastfwd.c revision 122702
1/* 2 * Copyright (c) 2003 Andre Oppermann, Internet Business Solutions AG 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. The name of the author may not be used to endorse or promote 14 * products derived from this software without specific prior written 15 * permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $FreeBSD: head/sys/netinet/ip_fastfwd.c 122702 2003-11-14 21:02:22Z andre $ 30 */ 31 32/* 33 * ip_fastforward gets its speed from processing the forwarded packet to 34 * completion (if_output on the other side) without any queues or netisr's. 35 * The receiving interface DMAs the packet into memory, the upper half of 36 * driver calls ip_fastforward, we do our routing table lookup and directly 37 * send it off to the outgoing interface which DMAs the packet to the 38 * network card. The only part of the packet we touch with the CPU is the 39 * IP header. We are essentially limited by bus bandwidth and how fast the 40 * network card/driver can set up receives and transmits. 41 * 42 * We handle basic errors, ip header errors, checksum errors, 43 * destination unreachable, fragmentation and fragmentation needed and 44 * report them via icmp to the sender. 45 * 46 * Else if something is not pure IPv4 unicast forwarding we fall back to 47 * the normal ip_input processing path. We should only be called from 48 * interfaces connected to the outside world. 49 * 50 * Firewalling is fully supported including divert, ipfw fwd and ipfilter 51 * ipnat and address rewrite. 52 * 53 * IPSEC is not supported if this host is a tunnel broker. IPSEC is 54 * supported for connections to/from local host. 55 * 56 * We try to do the least expensive (in CPU ops) checks and operations 57 * first to catch junk with as little overhead as possible. 58 * 59 * We take full advantage of hardware support for ip checksum and 60 * fragmentation offloading. 61 * 62 * We don't do ICMP redirect in the fast forwarding path. I have had my own 63 * cases where two core routers with Zebra routing suite would send millions 64 * ICMP redirects to connected hosts if the router to dest was not the default 65 * gateway. In one case it was filling the routing table of a host with close 66 * 300'000 cloned redirect entries until it ran out of kernel memory. However 67 * the networking code proved very robust and it didn't crash or went ill 68 * otherwise. 69 */ 70 71/* 72 * Many thanks to Matt Thomas of NetBSD for basic structure of ip_flow.c which 73 * is being followed here. 74 */ 75 76#include "opt_ipfw.h" 77#include "opt_ipdn.h" 78#include "opt_ipdivert.h" 79#include "opt_ipfilter.h" 80#include "opt_ipstealth.h" 81#include "opt_mac.h" 82#include "opt_pfil_hooks.h" 83 84#include <sys/param.h> 85#include <sys/systm.h> 86#include <sys/kernel.h> 87#include <sys/mac.h> 88#include <sys/malloc.h> 89#include <sys/mbuf.h> 90#include <sys/protosw.h> 91#include <sys/socket.h> 92#include <sys/sysctl.h> 93 94#include <net/pfil.h> 95#include <net/if.h> 96#include <net/if_types.h> 97#include <net/if_var.h> 98#include <net/if_dl.h> 99#include <net/route.h> 100 101#include <netinet/in.h> 102#include <netinet/in_systm.h> 103#include <netinet/in_var.h> 104#include <netinet/ip.h> 105#include <netinet/ip_var.h> 106#include <netinet/ip_icmp.h> 107 108#include <machine/in_cksum.h> 109 110#include <netinet/ip_fw.h> 111#include <netinet/ip_dummynet.h> 112 113static int ipfastforward_active = 0; 114SYSCTL_INT(_net_inet_ip, OID_AUTO, fastforwarding, CTLFLAG_RW, 115 &ipfastforward_active, 0, "Enable fast IP forwarding"); 116 117/* 118 * Try to forward a packet based on the destination address. 119 * This is a fast path optimized for the plain forwarding case. 120 * If the packet is handled (and consumed) here then we return 1; 121 * otherwise 0 is returned and the packet should be delivered 122 * to ip_input for full processing. 123 */ 124int 125ip_fastforward(struct mbuf *m) 126{ 127 struct ip *ip; 128 struct mbuf *m0 = NULL; 129#ifdef IPDIVERT 130 struct ip *tip; 131 struct mbuf *teem = NULL; 132#endif 133 struct mbuf *tag = NULL; 134 struct route ro; 135 struct sockaddr_in *dst = NULL; 136 struct in_ifaddr *ia = NULL; 137 struct ifaddr *ifa = NULL; 138 struct ifnet *ifp = NULL; 139 struct ip_fw_args args; 140 in_addr_t odest, dest; 141 u_short sum; 142 int error = 0; 143 int hlen, ipfw, mtu; 144 145 /* 146 * Are we active and forwarding packets? 147 */ 148 if (!ipfastforward_active || !ipforwarding) 149 return 0; 150 151 /* 152 * If there is any MT_TAG we fall back to ip_input because we can't 153 * handle TAGs here. Should never happen as we get directly called 154 * from the if_output routines. 155 */ 156 if (m->m_type == MT_TAG) { 157 KASSERT(0, ("%s: packet with MT_TAG not expected", __func__)); 158 return 0; 159 } 160 161 M_ASSERTVALID(m); 162 M_ASSERTPKTHDR(m); 163 164 /* 165 * Step 1: check for packet drop conditions (and sanity checks) 166 */ 167 168 /* 169 * Is entire packet big enough? 170 */ 171 if (m->m_pkthdr.len < sizeof(struct ip)) { 172 ipstat.ips_tooshort++; 173 goto drop; 174 } 175 176 /* 177 * Is first mbuf large enough for ip header and is header present? 178 */ 179 if (m->m_len < sizeof (struct ip) && 180 (m = m_pullup(m, sizeof (struct ip))) == 0) { 181 ipstat.ips_toosmall++; 182 goto drop; 183 } 184 185 ip = mtod(m, struct ip *); 186 187 /* 188 * Is it IPv4? 189 */ 190 if (ip->ip_v != IPVERSION) { 191 ipstat.ips_badvers++; 192 goto drop; 193 } 194 195 /* 196 * Is IP header length correct and is it in first mbuf? 197 */ 198 hlen = ip->ip_hl << 2; 199 if (hlen < sizeof(struct ip)) { /* minimum header length */ 200 ipstat.ips_badlen++; 201 goto drop; 202 } 203 if (hlen > m->m_len) { 204 if ((m = m_pullup(m, hlen)) == 0) { 205 ipstat.ips_badhlen++; 206 goto drop; 207 } 208 ip = mtod(m, struct ip *); 209 } 210 211 /* 212 * Checksum correct? 213 */ 214 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) 215 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID); 216 else { 217 if (hlen == sizeof(struct ip)) 218 sum = in_cksum_hdr(ip); 219 else 220 sum = in_cksum(m, hlen); 221 } 222 if (sum) { 223 ipstat.ips_badsum++; 224 goto drop; 225 } 226 m->m_pkthdr.csum_flags |= (CSUM_IP_CHECKED | CSUM_IP_VALID); 227 228 /* 229 * Convert to host representation 230 */ 231 ip->ip_len = ntohs(ip->ip_len); 232 ip->ip_off = ntohs(ip->ip_off); 233 234 /* 235 * Is IP length longer than packet we have got? 236 */ 237 if (m->m_pkthdr.len < ip->ip_len) { 238 ipstat.ips_tooshort++; 239 goto drop; 240 } 241 242 /* 243 * Is packet longer than IP header tells us? If yes, truncate packet. 244 */ 245 if (m->m_pkthdr.len > ip->ip_len) { 246 if (m->m_len == m->m_pkthdr.len) { 247 m->m_len = ip->ip_len; 248 m->m_pkthdr.len = ip->ip_len; 249 } else 250 m_adj(m, ip->ip_len - m->m_pkthdr.len); 251 } 252 253 /* 254 * Is packet from or to 127/8? 255 */ 256 if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET || 257 (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) { 258 ipstat.ips_badaddr++; 259 goto drop; 260 } 261 262 /* 263 * Step 2: fallback conditions to normal ip_input path processing 264 */ 265 266 /* 267 * Only IP packets without options 268 */ 269 if (ip->ip_hl != (sizeof(struct ip) >> 2)) 270 goto fallback; 271 272 /* 273 * Only unicast IP, not from loopback, no L2 or IP broadcast, 274 * no multicast, no INADDR_ANY 275 * 276 * XXX: Probably some of these checks could be direct drop 277 * conditions. However it is not clear whether there are some 278 * hacks or obscure behaviours which make it neccessary to 279 * let ip_input handle it. We play safe here and let ip_input 280 * deal with it until it is proven that we can directly drop it. 281 */ 282 if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) || 283 ntohl(ip->ip_src.s_addr) == (u_long)INADDR_BROADCAST || 284 ntohl(ip->ip_dst.s_addr) == (u_long)INADDR_BROADCAST || 285 IN_MULTICAST(ntohl(ip->ip_src.s_addr)) || 286 IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) || 287 ip->ip_dst.s_addr == INADDR_ANY ) 288 goto fallback; 289 290 /* 291 * Is it for a local address on this host? 292 */ 293 LIST_FOREACH(ia, INADDR_HASH(ip->ip_dst.s_addr), ia_hash) { 294 if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr) 295 goto fallback; 296 } 297 298 /* 299 * Or is it for a local IP broadcast address on this host? 300 */ 301 if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) { 302 TAILQ_FOREACH(ifa, &m->m_pkthdr.rcvif->if_addrhead, ifa_link) { 303 if (ifa->ifa_addr->sa_family != AF_INET) 304 continue; 305 ia = ifatoia(ifa); 306 if (ia->ia_netbroadcast.s_addr == ip->ip_dst.s_addr) 307 goto fallback; 308 if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr == 309 ip->ip_dst.s_addr) 310 goto fallback; 311 continue; 312fallback: 313 /* return packet back to netisr for slow processing */ 314 ip->ip_len = htons(ip->ip_len); 315 ip->ip_off = htons(ip->ip_off); 316 return 0; 317 } 318 } 319 ipstat.ips_total++; 320 321 /* 322 * Step 3: incoming packet firewall processing 323 */ 324 325 odest = dest = ip->ip_dst.s_addr; 326#ifdef PFIL_HOOKS 327 /* 328 * Run through list of ipfilter hooks for input packets 329 */ 330 if (pfil_run_hooks(&inet_pfil_hook, &m, m->m_pkthdr.rcvif, PFIL_IN) || 331 m == NULL) 332 return 1; 333 334 M_ASSERTVALID(m); 335 M_ASSERTPKTHDR(m); 336 337 ip = mtod(m, struct ip *); /* m may have changed by pfil hook */ 338 dest = ip->ip_dst.s_addr; 339#endif 340 341 /* 342 * Run through ipfw for input packets 343 */ 344 if (fw_enable && IPFW_LOADED) { 345 bzero(&args, sizeof(args)); 346 args.m = m; 347 ipfw = 0; 348 349 ipfw = ip_fw_chk_ptr(&args); 350 m = args.m; 351 352 M_ASSERTVALID(m); 353 M_ASSERTPKTHDR(m); 354 355 /* 356 * Packet denied, drop it 357 */ 358 if ((ipfw & IP_FW_PORT_DENY_FLAG) || m == NULL) 359 goto drop; 360 /* 361 * Send packet to the appropriate pipe 362 */ 363 if (DUMMYNET_LOADED && (ipfw & IP_FW_PORT_DYNT_FLAG) != 0) { 364 ip_dn_io_ptr(m, ipfw & 0xffff, DN_TO_IP_IN, &args); 365 return 1; 366 } 367#ifdef IPDIVERT 368 /* 369 * Divert packet 370 */ 371 if (ipfw != 0 && (ipfw & IP_FW_PORT_DYNT_FLAG) == 0) { 372 /* 373 * See if this is a fragment 374 */ 375 if (ip->ip_off & (IP_MF | IP_OFFMASK)) { 376 MGETHDR(tag, M_DONTWAIT, MT_TAG); 377 if (tag == NULL) 378 goto drop; 379 tag->m_flags = PACKET_TAG_DIVERT; 380 tag->m_data = (caddr_t)(u_long)args.divert_rule; 381 tag->m_next = m; 382 /* XXX: really bloody hack, see ip_input */ 383 tag->m_nextpkt = (struct mbuf *)1; 384 m = tag; 385 tag = NULL; 386 387 goto droptoours; 388 } 389 /* 390 * Tee packet 391 */ 392 if ((ipfw & IP_FW_PORT_TEE_FLAG) != 0) 393 teem = m_dup(m, M_DONTWAIT); 394 else 395 teem = m; 396 if (teem == NULL) 397 goto passin; 398 399 /* 400 * Delayed checksums are not compatible 401 */ 402 if (teem->m_pkthdr.csum_flags & CSUM_DELAY_DATA) { 403 in_delayed_cksum(teem); 404 teem->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA; 405 } 406 /* 407 * Restore packet header fields to original values 408 */ 409 tip = mtod(teem, struct ip *); 410 tip->ip_len = htons(tip->ip_len); 411 tip->ip_off = htons(tip->ip_off); 412 /* 413 * Deliver packet to divert input routine 414 */ 415 divert_packet(teem, 0, ipfw & 0xffff, args.divert_rule); 416 /* 417 * If this was not tee, we are done 418 */ 419 if ((ipfw & IP_FW_PORT_TEE_FLAG) == 0) 420 return 1; 421 /* Continue if it was tee */ 422 goto passin; 423 } 424#endif 425 if (ipfw == 0 && args.next_hop != NULL) { 426 dest = args.next_hop->sin_addr.s_addr; 427 goto passin; 428 } 429 /* 430 * Let through or not? 431 */ 432 if (ipfw != 0) 433 goto drop; 434 } 435passin: 436 ip = mtod(m, struct ip *); /* if m changed during fw processing */ 437 438 /* 439 * Destination address changed? 440 */ 441 if (odest != dest) { 442 /* 443 * Is it now for a local address on this host? 444 */ 445 LIST_FOREACH(ia, INADDR_HASH(ip->ip_dst.s_addr), ia_hash) { 446 if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr) 447 goto forwardlocal; 448 } 449 /* 450 * Go on with new destination address 451 */ 452 } 453 454 /* 455 * Step 4: decrement TTL and look up route 456 */ 457 458 /* 459 * Check TTL 460 */ 461#ifdef IPSTEALTH 462 if (!ipstealth) { 463#endif 464 if (ip->ip_ttl <= IPTTLDEC) { 465 icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, NULL, NULL); 466 return 1; 467 } 468 469 /* 470 * Decrement the TTL and incrementally change the checksum. 471 * Don't bother doing this with hw checksum offloading. 472 */ 473 ip->ip_ttl -= IPTTLDEC; 474 if (ip->ip_sum >= (u_int16_t) ~htons(IPTTLDEC << 8)) 475 ip->ip_sum -= ~htons(IPTTLDEC << 8); 476 else 477 ip->ip_sum += htons(IPTTLDEC << 8); 478#ifdef IPSTEALTH 479 } 480#endif 481 482 /* 483 * Find route to destination. 484 */ 485 bzero(&ro, sizeof(ro)); 486 dst = (struct sockaddr_in *)&ro.ro_dst; 487 dst->sin_family = AF_INET; 488 dst->sin_len = sizeof(*dst); 489 dst->sin_addr.s_addr = dest; 490 rtalloc_ign(&ro, (RTF_PRCLONING | RTF_CLONING)); 491 492 /* 493 * Route there and interface still up? 494 */ 495 if (ro.ro_rt && 496 (ro.ro_rt->rt_flags & RTF_UP) && 497 (ro.ro_rt->rt_ifp->if_flags & IFF_UP)) { 498 ia = ifatoia(ro.ro_rt->rt_ifa); 499 ifp = ro.ro_rt->rt_ifp; 500 if (ro.ro_rt->rt_flags & RTF_GATEWAY) 501 dst = (struct sockaddr_in *)ro.ro_rt->rt_gateway; 502 } else { 503 ipstat.ips_noroute++; 504 ipstat.ips_cantforward++; 505 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, NULL, NULL); 506 if (ro.ro_rt) 507 RTFREE(ro.ro_rt); 508 return 1; 509 } 510 511 /* 512 * Step 5: outgoing firewall packet processing 513 */ 514 515#ifdef PFIL_HOOKS 516 /* 517 * Run through list of hooks for output packets. 518 */ 519 if (pfil_run_hooks(&inet_pfil_hook, &m, ifp, PFIL_OUT) || m == NULL) { 520 RTFREE(ro.ro_rt); 521 return 1; 522 } 523 524 M_ASSERTVALID(m); 525 M_ASSERTPKTHDR(m); 526 527 ip = mtod(m, struct ip *); 528 dest = ip->ip_dst.s_addr; 529#endif 530 if (fw_enable && IPFW_LOADED && !args.next_hop) { 531 bzero(&args, sizeof(args)); 532 args.m = m; 533 args.oif = ifp; 534 ipfw = 0; 535 536 ipfw = ip_fw_chk_ptr(&args); 537 m = args.m; 538 539 M_ASSERTVALID(m); 540 M_ASSERTPKTHDR(m); 541 542 if ((ipfw & IP_FW_PORT_DENY_FLAG) || m == NULL) { 543 RTFREE(ro.ro_rt); 544 goto drop; 545 } 546 if (DUMMYNET_LOADED && (ipfw & IP_FW_PORT_DYNT_FLAG) != 0) { 547 /* 548 * XXX note: if the ifp or rt entry are deleted 549 * while a pkt is in dummynet, we are in trouble! 550 */ 551 args.ro = &ro; /* dummynet does not save it */ 552 args.dst = dst; 553 554 ip_dn_io_ptr(m, ipfw & 0xffff, DN_TO_IP_OUT, &args); 555 RTFREE(ro.ro_rt); 556 return 1; 557 } 558#ifdef IPDIVERT 559 if (ipfw != 0 && (ipfw & IP_FW_PORT_DYNT_FLAG) == 0) { 560 /* 561 * See if this is a fragment 562 */ 563 if (ip->ip_off & (IP_MF | IP_OFFMASK)) { 564 MGETHDR(tag, M_DONTWAIT, MT_TAG); 565 if (tag == NULL) { 566 RTFREE(ro.ro_rt); 567 goto drop; 568 } 569 tag->m_flags = PACKET_TAG_DIVERT; 570 tag->m_data = (caddr_t)(u_int32_t)args.divert_rule; 571 tag->m_next = m; 572 /* XXX: really bloody hack, see ip_input */ 573 tag->m_nextpkt = (struct mbuf *)1; 574 m = tag; 575 tag = NULL; 576 577 goto droptoours; 578 } 579 /* 580 * Tee packet 581 */ 582 if ((ipfw & IP_FW_PORT_TEE_FLAG) != 0) 583 teem = m_dup(m, M_DONTWAIT); 584 else 585 teem = m; 586 if (teem == NULL) 587 goto passout; 588 589 /* 590 * Delayed checksums are not compatible with divert 591 */ 592 if (teem->m_pkthdr.csum_flags & CSUM_DELAY_DATA) { 593 in_delayed_cksum(teem); 594 teem->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA; 595 } 596 /* 597 * Restore packet header fields to original values 598 */ 599 tip = mtod(teem, struct ip *); 600 tip->ip_len = htons(tip->ip_len); 601 tip->ip_off = htons(tip->ip_off); 602 /* 603 * Deliver packet to divert input routine 604 */ 605 divert_packet(teem, 0, ipfw & 0xffff, args.divert_rule); 606 /* 607 * If this was not tee, we are done 608 */ 609 if ((ipfw & IP_FW_PORT_TEE_FLAG) == 0) { 610 RTFREE(ro.ro_rt); 611 return 1; 612 } 613 /* Continue if it was tee */ 614 goto passout; 615 } 616#endif 617 if (ipfw == 0 && args.next_hop != NULL) { 618 dest = args.next_hop->sin_addr.s_addr; 619 goto passout; 620 } 621 /* 622 * Let through or not? 623 */ 624 if (ipfw != 0) 625 goto drop; 626 } 627passout: 628 ip = mtod(m, struct ip *); 629 630 /* 631 * Destination address changed? 632 */ 633 if (odest != dest) { 634 /* 635 * Is it now for a local address on this host? 636 */ 637 LIST_FOREACH(ia, INADDR_HASH(ip->ip_dst.s_addr), ia_hash) { 638 if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr) { 639forwardlocal: 640 if (args.next_hop) { 641 /* XXX leak */ 642 MGETHDR(tag, M_DONTWAIT, MT_TAG); 643 if (tag == NULL) { 644 if (ro.ro_rt) 645 RTFREE(ro.ro_rt); 646 goto drop; 647 } 648 tag->m_flags = PACKET_TAG_IPFORWARD; 649 tag->m_data = (caddr_t)args.next_hop; 650 tag->m_next = m; 651 /* XXX: really bloody hack, 652 * see ip_input */ 653 tag->m_nextpkt = (struct mbuf *)1; 654 m = tag; 655 tag = NULL; 656 } 657#ifdef IPDIVERT 658droptoours: /* Used for DIVERT */ 659#endif 660 MGETHDR(tag, M_DONTWAIT, MT_TAG); 661 if (tag == NULL) { 662 if (ro.ro_rt) 663 RTFREE(ro.ro_rt); 664 goto drop; 665 } 666 tag->m_flags = PACKET_TAG_IPFASTFWD_OURS; 667 tag->m_data = NULL; 668 tag->m_next = m; 669 /* XXX: really bloody hack, see ip_input */ 670 tag->m_nextpkt = (struct mbuf *)1; 671 m = tag; 672 tag = NULL; 673 674 /* ip still points to the real packet */ 675 ip->ip_len = htons(ip->ip_len); 676 ip->ip_off = htons(ip->ip_off); 677 678 /* 679 * Return packet for processing by ip_input 680 */ 681 if (ro.ro_rt) 682 RTFREE(ro.ro_rt); 683 return 0; 684 } 685 } 686 /* 687 * Redo route lookup with new destination address 688 */ 689 RTFREE(ro.ro_rt); 690 bzero(&ro, sizeof(ro)); 691 dst = (struct sockaddr_in *)&ro.ro_dst; 692 dst->sin_family = AF_INET; 693 dst->sin_len = sizeof(*dst); 694 dst->sin_addr.s_addr = dest; 695 rtalloc_ign(&ro, (RTF_PRCLONING | RTF_CLONING)); 696 697 /* 698 * Route there and interface still up? 699 */ 700 if (ro.ro_rt && 701 (ro.ro_rt->rt_flags & RTF_UP) && 702 (ro.ro_rt->rt_ifp->if_flags & IFF_UP)) { 703 ia = ifatoia(ro.ro_rt->rt_ifa); 704 ifp = ro.ro_rt->rt_ifp; 705 if (ro.ro_rt->rt_flags & RTF_GATEWAY) 706 dst = (struct sockaddr_in *)ro.ro_rt->rt_gateway; 707 } else { 708 ipstat.ips_noroute++; 709 ipstat.ips_cantforward++; 710 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, 711 NULL, NULL); 712 if (ro.ro_rt) 713 RTFREE(ro.ro_rt); 714 return 1; 715 } 716 } 717 718 /* 719 * Step 6: send off the packet 720 */ 721 722 /* 723 * Check if packet fits MTU or if hardware will fragement for us 724 */ 725 if (ro.ro_rt->rt_rmx.rmx_mtu) 726 mtu = min(ro.ro_rt->rt_rmx.rmx_mtu, ifp->if_mtu); 727 else 728 mtu = ifp->if_mtu; 729 730 if (ip->ip_len <= mtu || 731 (ifp->if_hwassist & CSUM_FRAGMENT && (ip->ip_off & IP_DF) == 0)) { 732 /* 733 * Restore packet header fields to original values 734 */ 735 ip->ip_len = htons(ip->ip_len); 736 ip->ip_off = htons(ip->ip_off); 737 /* 738 * Send off the packet via outgoing interface 739 */ 740 error = (*ifp->if_output)(ifp, m, 741 (struct sockaddr *)dst, ro.ro_rt); 742 if (ia) { 743 ia->ia_ifa.if_opackets++; 744 ia->ia_ifa.if_obytes += m->m_pkthdr.len; 745 } 746 } else { 747 /* 748 * Handle EMSGSIZE with icmp reply 749 * needfrag for TCP MTU discovery 750 */ 751 if (ip->ip_off & IP_DF) { 752 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_NEEDFRAG, 753 NULL, ifp); 754 ipstat.ips_cantfrag++; 755 RTFREE(ro.ro_rt); 756 return 1; 757 } else { 758 /* 759 * We have to fragement the packet 760 */ 761 m->m_pkthdr.csum_flags |= CSUM_IP; 762 if (ip_fragment(ip, &m, mtu, ifp->if_hwassist, 763 (~ifp->if_hwassist & CSUM_DELAY_IP))) { 764 RTFREE(ro.ro_rt); 765 goto drop; 766 } 767 KASSERT(m != NULL, ("null mbuf and no error")); 768 /* 769 * Send off the fragments via outgoing interface 770 */ 771 error = 0; 772 do { 773 m0 = m->m_nextpkt; 774 m->m_nextpkt = NULL; 775 776 error = (*ifp->if_output)(ifp, m, 777 (struct sockaddr *)dst, ro.ro_rt); 778 if (error) 779 break; 780 } while ((m = m0) != NULL); 781 if (error) { 782 /* Reclaim remaining fragments */ 783 for (; m; m = m0) { 784 m0 = m->m_nextpkt; 785 m->m_nextpkt = NULL; 786 m_freem(m); 787 } 788 } else 789 ipstat.ips_fragmented++; 790 } 791 } 792 793 if (error != 0) 794 ipstat.ips_odropped++; 795 else { 796 ro.ro_rt->rt_rmx.rmx_pksent++; 797 ipstat.ips_forward++; 798 ipstat.ips_fastforward++; 799 } 800 RTFREE(ro.ro_rt); 801 return 1; 802drop: 803 if (m) 804 m_freem(m); 805 return 1; 806} 807