/*
* Free a fragment reassembly header and all
* associated datagrams.
*/
void ip_freef(struct ipq *fp)
{
struct ipasfrag *q, *p;
for (q = (struct ipasfrag *) fp->ipq_next; q != (struct ipasfrag *)fp;
q = p) {
p = (struct ipasfrag *) q->ipf_next;
ip_deq(q);
m_freem(dtom(q));
}
remque_32(fp);
(void) m_free(dtom(fp));
}
/* FUNCTION: tcp_close()
*
* Close a TCP control block:
* discard all space held by the tcp
* discard internet protocol block
* wake up any sleepers
*
*
* PARAM1: struct tcpcb *tp
*
* RETURNS:
*/
struct tcpcb *
tcp_close(struct tcpcb *tp)
{
struct tcpiphdr *t;
struct inpcb *inp = tp->t_inpcb;
struct socket *so = inp->inp_socket;
t = tp->seg_next;
while (t != (struct tcpiphdr *)tp)
{
struct mbuf *m;
t = (struct tcpiphdr *)t->ti_next;
m = dtom(t->ti_prev);
remque(t->ti_prev);
M_FREEM(m);
}
if (tp->t_template)
TPH_FREE(tp->t_template);
TCB_FREE(tp);
inp->inp_ppcb = (char *)NULL;
soisdisconnected(so);
in_pcbdetach(inp);
tcpstat.tcps_closed++;
return ((struct tcpcb *)NULL);
}
/*
* Disconnect raw socket.
*/
void
raw_disconnect(struct rawcb *rp)
{
#ifdef notdef
if (rp->rcb_faddr)
m_freem(dtom(rp->rcb_faddr));
rp->rcb_faddr = 0;
#endif
}
/*
* Disconnect and possibly release resources.
*/
void
raw_disconnect(struct rawcb *rp)
{
#ifdef notdef
if (rp->rcb_faddr)
m_freem(dtom(rp->rcb_faddr));
rp->rcb_faddr = 0;
#endif
if (rp->rcb_socket->so_state & SS_NOFDREF)
raw_detach(rp);
}
/*
* Detach the raw connection block and discard
* socket resources.
*/
void
raw_detach(struct rawcb *rp)
{
struct socket *so = rp->rcb_socket;
so->so_pcb = 0;
sofree(so);
LIST_REMOVE(rp, rcb_list);
#ifdef notdef
if (rp->rcb_laddr)
m_freem(dtom(rp->rcb_laddr));
rp->rcb_laddr = 0;
#endif
free((caddr_t)(rp), M_PCB, 0);
}
/*
* Detach the raw connection block and discard
* socket resources.
*/
void
raw_detach(struct rawcb *rp)
{
struct socket *so = rp->rcb_socket;
KASSERT(so->so_pcb == rp, ("raw_detach: so_pcb != rp"));
so->so_pcb = NULL;
mtx_lock(&rawcb_mtx);
LIST_REMOVE(rp, list);
mtx_unlock(&rawcb_mtx);
#ifdef notdef
if (rp->rcb_laddr)
m_freem(dtom(rp->rcb_laddr));
rp->rcb_laddr = 0;
#endif
free((caddr_t)(rp), M_PCB);
}
/*
* Detach the raw connection block and discard
* socket resources.
*/
void
raw_detach(struct rawcb *rp)
{
struct socket *so = rp->rcb_socket;
so->so_pcb = NULL;
KASSERT(so->so_lock == softnet_lock); /* XXX */
LIST_REMOVE(rp, rcb_list); /* remove last reference */
/* sofree drops the socket's lock. */
sofree(so);
#ifdef notdef
if (rp->rcb_laddr)
m_freem(dtom(rp->rcb_laddr));
rp->rcb_laddr = 0;
#endif
free((void *)rp, M_PCB);
mutex_enter(softnet_lock);
}
/*
* Detach the raw connection block and discard
* socket resources.
*/
void
raw_detach(struct rawcb *rp)
{
struct socket *so = rp->rcb_socket;
so->so_pcb = 0;
so->so_flags |= SOF_PCBCLEARING;
sofree(so);
if (!lck_mtx_try_lock(raw_mtx)) {
socket_unlock(so, 0);
lck_mtx_lock(raw_mtx);
socket_lock(so, 0);
}
LIST_REMOVE(rp, list);
lck_mtx_unlock(raw_mtx);
#ifdef notdef
if (rp->rcb_laddr)
m_freem(dtom(rp->rcb_laddr));
rp->rcb_laddr = 0;
#endif
rp->rcb_socket = NULL;
FREE((caddr_t)(rp), M_PCB);
}
void Lpx_PCB_dispense(struct lpxpcb *lpxp )
{
struct stream_pcb *cb = NULL;
DEBUG_PRINT(DEBUG_MASK_PCB_TRACE, ("Lpx_PCB_dispense: Entered.\n"));
if (lpxp == 0) {
return;
}
cb = (struct stream_pcb *)lpxp->lpxp_pcb;
if (cb != 0) {
register struct lpx_stream_q *q;
for (q = cb->s_q.si_next; q != &cb->s_q; q = q->si_next) {
q = q->si_prev;
remque(q->si_next);
}
m_freem(dtom(cb->s_lpx));
FREE(cb, M_PCB);
lpxp->lpxp_pcb = 0;
}
// Free Lock.
if (lpxp->lpxp_mtx != NULL) {
lck_mtx_free(lpxp->lpxp_mtx, lpxp->lpxp_mtx_grp);
}
lck_rw_lock_exclusive(lpxp->lpxp_head->lpxp_list_rw);
remque(lpxp);
lck_rw_unlock_exclusive(lpxp->lpxp_head->lpxp_list_rw);
FREE(lpxp, M_PCB);
}
/*
* Ip input routine. Checksum and byte swap header. If fragmented
* try to reassemble. Process options. Pass to next level.
*/
void
ip_input(struct mbuf *m)
{
Slirp *slirp = m->slirp;
struct ip *ip;
int hlen;
DEBUG_CALL("ip_input");
DEBUG_ARG("m = %lx", (long)m);
DEBUG_ARG("m_len = %d", m->m_len);
if (m->m_len < sizeof (struct ip)) {
return;
}
ip = mtod(m, struct ip *);
if (ip->ip_v != IPVERSION) {
goto bad;
}
hlen = ip->ip_hl << 2;
if (hlen<sizeof(struct ip ) || hlen>m->m_len) {/* min header length */
goto bad; /* or packet too short */
}
/* keep ip header intact for ICMP reply
* ip->ip_sum = cksum(m, hlen);
* if (ip->ip_sum) {
*/
if(cksum(m,hlen)) {
goto bad;
}
/*
* Convert fields to host representation.
*/
NTOHS(ip->ip_len);
if (ip->ip_len < hlen) {
goto bad;
}
NTOHS(ip->ip_id);
NTOHS(ip->ip_off);
/*
* Check that the amount of data in the buffers
* is as at least much as the IP header would have us expect.
* Trim mbufs if longer than we expect.
* Drop packet if shorter than we expect.
*/
if (m->m_len < ip->ip_len) {
goto bad;
}
if (slirp->restricted) {
if ((ip->ip_dst.s_addr & slirp->vnetwork_mask.s_addr) ==
slirp->vnetwork_addr.s_addr) {
if (ip->ip_dst.s_addr == 0xffffffff && ip->ip_p != IPPROTO_UDP)
goto bad;
} else {
uint32_t inv_mask = ~slirp->vnetwork_mask.s_addr;
struct ex_list *ex_ptr;
if ((ip->ip_dst.s_addr & inv_mask) == inv_mask) {
goto bad;
}
for (ex_ptr = slirp->exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next)
if (ex_ptr->ex_addr.s_addr == ip->ip_dst.s_addr)
break;
if (!ex_ptr)
goto bad;
}
}
/* Should drop packet if mbuf too long? hmmm... */
if (m->m_len > ip->ip_len)
m_adj(m, ip->ip_len - m->m_len);
/* check ip_ttl for a correct ICMP reply */
if(ip->ip_ttl==0 || ip->ip_ttl==1) {
icmp_error(m, ICMP_TIMXCEED,ICMP_TIMXCEED_INTRANS, 0,"ttl");
goto bad;
}
/*
* If offset or IP_MF are set, must reassemble.
* Otherwise, nothing need be done.
* (We could look in the reassembly queue to see
* if the packet was previously fragmented,
* but it's not worth the time; just let them time out.)
*
* XXX This should fail, don't fragment yet
*/
if (ip->ip_off &~ IP_DF) {
struct ipq *fp;
struct qlink *l;
/*
* Look for queue of fragments
* of this datagram.
*/
for (l = slirp->ipq.ip_link.next; l != &slirp->ipq.ip_link;
l = l->next) {
fp = container_of(l, struct ipq, ip_link);
if (ip->ip_id == fp->ipq_id &&
ip->ip_src.s_addr == fp->ipq_src.s_addr &&
ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
ip->ip_p == fp->ipq_p)
goto found;
}
fp = NULL;
found:
/*
* Adjust ip_len to not reflect header,
* set ip_mff if more fragments are expected,
* convert offset of this to bytes.
*/
ip->ip_len -= hlen;
if (ip->ip_off & IP_MF)
ip->ip_tos |= 1;
else
ip->ip_tos &= ~1;
ip->ip_off <<= 3;
/*
* If datagram marked as having more fragments
* or if this is not the first fragment,
* attempt reassembly; if it succeeds, proceed.
*/
if (ip->ip_tos & 1 || ip->ip_off) {
ip = ip_reass(slirp, ip, fp);
if (ip == NULL)
return;
m = dtom(slirp, ip);
} else if (fp)
ip_freef(slirp, fp);
} else
/*
* Allocate memory for mbufs.
* and place on the mbuf free list.
* The canwait argument is currently ignored.
*
* MUST be called at splimp!
*/
BOOL
m_alloc(int howmany, int canwait)
{
/*
* Note that mbufs must be aligned on MSIZE boundary
* for dtom to work correctly. This is archieved by allocating size for one
* additional mbuf per chunk so that given memory can be aligned properly.
*/
struct mbuf *m;
struct memHeader *mh;
ULONG size;
#if defined(__AROS__)
D(bug("[AROSTCP](uipc_mbuf.c) m_alloc()\n"));
#endif
size = MSIZE * (howmany + 1) + sizeof(struct memHeader);
/*
* check if allowed to allocate more
*/
if (mbstat.m_memused + size > mbconf.maxmem * 1024) {
#if defined(__AROS__)
D(bug("[AROSTCP](uipc_mbuf.c) m_alloc: max amount of memory already used (%ld bytes).\n",
mbstat.m_memused));
#endif
__log(LOG_ERR, "m_alloc: max amount of memory already used (%ld bytes).",
mbstat.m_memused);
return FALSE;
}
mh = AllocMem(size, MEMF_PUBLIC); /* public since used from interrupts */
if (mh == NULL) {
#if defined(__AROS__)
D(bug("[AROSTCP](uipc_mbuf.c) m_alloc: Cannot allocate memory for mbufs\n"));
#endif
__log(LOG_ERR, "m_alloc: Cannot allocate memory for mbufs.");
return FALSE;
}
/*
* initialize the memHeader and link it to the chain of allocated memory
* blocks
*/
mbstat.m_memused += size; /* add to the total */
mh->size = size;
mh->next = mbufmem;
mbufmem = mh;
mh++; /* pass by the memHeader */
/*
* update the statistics
*/
mbstat.m_mbufs += howmany;
/*
* link mbufs into the free list
*/
m = dtom(((caddr_t)mh) + MSIZE - 1); /* correctly aligned mbuf pointer */
while(howmany--) {
m->m_next = mfree;
mfree = m++;
}
return TRUE;
}
/*
* Ip input routine. Checksum and byte swap header. If fragmented
* try to reassemble. Process options. Pass to next level.
*/
void
ipintr()
{
register struct ip *ip;
register struct mbuf *m;
register struct ipq *fp;
register struct in_ifaddr *ia;
int hlen, s;
next:
/*
* Get next datagram off input queue and get IP header
* in first mbuf.
*/
s = splimp();
IF_DEQUEUE(&ipintrq, m);
splx(s);
if (m == 0)
return;
#ifdef DIAGNOSTIC
if ((m->m_flags & M_PKTHDR) == 0)
panic("ipintr no HDR");
#endif
/*
* If no IP addresses have been set yet but the interfaces
* are receiving, can't do anything with incoming packets yet.
*/
if (in_ifaddr == NULL)
goto bad;
ipstat.ips_total++;
if (m->m_len < sizeof (struct ip) &&
(m = m_pullup(m, sizeof (struct ip))) == 0) {
ipstat.ips_toosmall++;
goto next;
}
ip = mtod(m, struct ip *);
if (ip->ip_v != IPVERSION) {
ipstat.ips_badvers++;
goto bad;
}
hlen = ip->ip_hl << 2;
if (hlen < sizeof(struct ip)) { /* minimum header length */
ipstat.ips_badhlen++;
goto bad;
}
if (hlen > m->m_len) {
if ((m = m_pullup(m, hlen)) == 0) {
ipstat.ips_badhlen++;
goto next;
}
ip = mtod(m, struct ip *);
}
ip->ip_sum = in_cksum(m, hlen);
if (ip->ip_sum) {
ipstat.ips_badsum++;
goto bad;
}
/*
* Convert fields to host representation.
*/
NTOHS(ip->ip_len);
if (ip->ip_len < hlen) {
ipstat.ips_badlen++;
goto bad;
}
NTOHS(ip->ip_id);
NTOHS(ip->ip_off);
/*
* Check that the amount of data in the buffers
* is as at least much as the IP header would have us expect.
* Trim mbufs if longer than we expect.
* Drop packet if shorter than we expect.
*/
if (m->m_pkthdr.len < ip->ip_len) {
ipstat.ips_tooshort++;
goto bad;
}
if (m->m_pkthdr.len > ip->ip_len) {
if (m->m_len == m->m_pkthdr.len) {
m->m_len = ip->ip_len;
m->m_pkthdr.len = ip->ip_len;
} else
m_adj(m, ip->ip_len - m->m_pkthdr.len);
}
/*
* Process options and, if not destined for us,
* ship it on. ip_dooptions returns 1 when an
* error was detected (causing an icmp message
* to be sent and the original packet to be freed).
*/
ip_nhops = 0; /* for source routed packets */
if (hlen > sizeof (struct ip) && ip_dooptions(m))
goto next;
/*
* Check our list of addresses, to see if the packet is for us.
*/
for (ia = in_ifaddr; ia; ia = ia->ia_next) {
#define satosin(sa) ((struct sockaddr_in *)(sa))
if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr)
goto ours;
if (
#ifdef DIRECTED_BROADCAST
ia->ia_ifp == m->m_pkthdr.rcvif &&
#endif
(ia->ia_ifp->if_flags & IFF_BROADCAST)) {
u_long t;
if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
ip->ip_dst.s_addr)
goto ours;
if (ip->ip_dst.s_addr == ia->ia_netbroadcast.s_addr)
goto ours;
/*
* Look for all-0's host part (old broadcast addr),
* either for subnet or net.
*/
t = ntohl(ip->ip_dst.s_addr);
if (t == ia->ia_subnet)
goto ours;
if (t == ia->ia_net)
goto ours;
}
}
if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
struct in_multi *inm;
#ifdef MROUTING
extern struct socket *ip_mrouter;
if (ip_mrouter) {
/*
* If we are acting as a multicast router, all
* incoming multicast packets are passed to the
* kernel-level multicast forwarding function.
* The packet is returned (relatively) intact; if
* ip_mforward() returns a non-zero value, the packet
* must be discarded, else it may be accepted below.
*
* (The IP ident field is put in the same byte order
* as expected when ip_mforward() is called from
* ip_output().)
*/
ip->ip_id = htons(ip->ip_id);
if (ip_mforward(m, m->m_pkthdr.rcvif) != 0) {
ipstat.ips_cantforward++;
m_freem(m);
goto next;
}
ip->ip_id = ntohs(ip->ip_id);
/*
* The process-level routing demon needs to receive
* all multicast IGMP packets, whether or not this
* host belongs to their destination groups.
*/
if (ip->ip_p == IPPROTO_IGMP)
goto ours;
ipstat.ips_forward++;
}
#endif
/*
* See if we belong to the destination multicast group on the
* arrival interface.
*/
IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);
if (inm == NULL) {
ipstat.ips_cantforward++;
m_freem(m);
goto next;
}
goto ours;
}
if (ip->ip_dst.s_addr == (u_long)INADDR_BROADCAST)
goto ours;
if (ip->ip_dst.s_addr == INADDR_ANY)
goto ours;
/*
* Not for us; forward if possible and desirable.
*/
if (ipforwarding == 0) {
ipstat.ips_cantforward++;
m_freem(m);
} else
ip_forward(m, 0);
goto next;
ours:
/*
* If offset or IP_MF are set, must reassemble.
* Otherwise, nothing need be done.
* (We could look in the reassembly queue to see
* if the packet was previously fragmented,
* but it's not worth the time; just let them time out.)
*/
if (ip->ip_off &~ IP_DF) {
if (m->m_flags & M_EXT) { /* XXX */
if ((m = m_pullup(m, sizeof (struct ip))) == 0) {
ipstat.ips_toosmall++;
goto next;
}
ip = mtod(m, struct ip *);
}
/*
* Look for queue of fragments
* of this datagram.
*/
for (fp = ipq.next; fp != &ipq; fp = fp->next)
if (ip->ip_id == fp->ipq_id &&
ip->ip_src.s_addr == fp->ipq_src.s_addr &&
ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
ip->ip_p == fp->ipq_p)
goto found;
fp = 0;
found:
/*
* Adjust ip_len to not reflect header,
* set ip_mff if more fragments are expected,
* convert offset of this to bytes.
*/
ip->ip_len -= hlen;
((struct ipasfrag *)ip)->ipf_mff &= ~1;
if (ip->ip_off & IP_MF)
((struct ipasfrag *)ip)->ipf_mff |= 1;
ip->ip_off <<= 3;
/*
* If datagram marked as having more fragments
* or if this is not the first fragment,
* attempt reassembly; if it succeeds, proceed.
*/
if (((struct ipasfrag *)ip)->ipf_mff & 1 || ip->ip_off) {
ipstat.ips_fragments++;
ip = ip_reass((struct ipasfrag *)ip, fp);
if (ip == 0)
goto next;
ipstat.ips_reassembled++;
m = dtom(ip);
} else
if (fp)
ip_freef(fp);
} else
/*
* Ip input routine. Checksum and byte swap header. If fragmented
* try to reassemble. Process options. Pass to next level.
*/
void
ip_input(struct mbuf *m)
{
register struct ip *ip;
int hlen;
DEBUG_CALL("ip_input");
DEBUG_ARG("m = %lx", (long)m);
DEBUG_ARG("m_len = %d", m->m_len);
STAT(ipstat.ips_total++);
if (m->m_len < (int)sizeof (struct ip)) {
STAT(ipstat.ips_toosmall++);
return;
}
ip = mtod(m, struct ip *);
if (ip->ip_v != IPVERSION) {
STAT(ipstat.ips_badvers++);
goto bad;
}
hlen = ip->ip_hl << 2;
if (hlen < (int)sizeof(struct ip ) || hlen>m->m_len) {/* min header length */
STAT(ipstat.ips_badhlen++); /* or packet too short */
goto bad;
}
/* keep ip header intact for ICMP reply
* ip->ip_sum = cksum(m, hlen);
* if (ip->ip_sum) {
*/
if(cksum(m,hlen)) {
STAT(ipstat.ips_badsum++);
goto bad;
}
/*
* Convert fields to host representation.
*/
NTOHS(ip->ip_len);
if (ip->ip_len < hlen) {
STAT(ipstat.ips_badlen++);
goto bad;
}
NTOHS(ip->ip_id);
NTOHS(ip->ip_off);
/*
* Check that the amount of data in the buffers
* is as at least much as the IP header would have us expect.
* Trim mbufs if longer than we expect.
* Drop packet if shorter than we expect.
*/
if (m->m_len < ip->ip_len) {
STAT(ipstat.ips_tooshort++);
goto bad;
}
if (slirp_restrict) {
if (ip_geth(ip->ip_dst) != special_addr_ip) {
if (ip_getn(ip->ip_dst) == 0xffffffffu && ip->ip_p != IPPROTO_UDP)
goto bad;
} else {
int host = ip_geth(ip->ip_dst) & 0xff;
struct ex_list *ex_ptr;
if (host == 0xff)
goto bad;
for (ex_ptr = exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next)
if (ex_ptr->ex_addr == host)
break;
if (!ex_ptr)
goto bad;
}
}
/* Should drop packet if mbuf too long? hmmm... */
if (m->m_len > ip->ip_len)
m_adj(m, ip->ip_len - m->m_len);
/* check ip_ttl for a correct ICMP reply */
if(ip->ip_ttl==0 || ip->ip_ttl==1) {
icmp_error(m, ICMP_TIMXCEED,ICMP_TIMXCEED_INTRANS, 0,"ttl");
goto bad;
}
/*
* Process options and, if not destined for us,
* ship it on. ip_dooptions returns 1 when an
* error was detected (causing an icmp message
* to be sent and the original packet to be freed).
*/
/* We do no IP options */
/* if (hlen > sizeof (struct ip) && ip_dooptions(m))
* goto next;
*/
/*
* If offset or IP_MF are set, must reassemble.
* Otherwise, nothing need be done.
* (We could look in the reassembly queue to see
* if the packet was previously fragmented,
* but it's not worth the time; just let them time out.)
*
* XXX This should fail, don't fragment yet
*/
if (ip->ip_off &~ IP_DF) {
register struct ipq *fp;
struct qlink *l;
/*
* Look for queue of fragments
* of this datagram.
*/
for (l = ipq.ip_link.next; l != &ipq.ip_link; l = l->next) {
fp = container_of(l, struct ipq, ip_link);
if (ip->ip_id == fp->ipq_id &&
ip_equal(ip->ip_src, fp->ipq_src) &&
ip_equal(ip->ip_dst, fp->ipq_dst) &&
ip->ip_p == fp->ipq_p)
goto found;
}
fp = NULL;
found:
/*
* Adjust ip_len to not reflect header,
* set ip_mff if more fragments are expected,
* convert offset of this to bytes.
*/
ip->ip_len -= hlen;
if (ip->ip_off & IP_MF)
ip->ip_tos |= 1;
else
ip->ip_tos &= ~1;
ip->ip_off <<= 3;
/*
* If datagram marked as having more fragments
* or if this is not the first fragment,
* attempt reassembly; if it succeeds, proceed.
*/
if (ip->ip_tos & 1 || ip->ip_off) {
STAT(ipstat.ips_fragments++);
ip = ip_reass(ip, fp);
if (ip == NULL)
return;
STAT(ipstat.ips_reassembled++);
m = dtom(ip);
} else if (fp)
ip_freef(fp);
} else
/*
* Ip input routine. Checksum and byte swap header. If fragmented
* try to reassemble. Process options. Pass to next level.
*/
void ip_input(struct mbuf *m)
{
struct ip *ip;
int hlen;
DEBUG_CALL("ip_input");
DEBUG_ARG("m = %lx", (long)m);
DEBUG_ARG("m_len = %d", m->m_len);
ipstat.ips_total++;
if (m->m_len < sizeof (struct ip)) {
ipstat.ips_toosmall++;
return;
}
ip = mtod(m, struct ip *);
if (ip->ip_v != IPVERSION) {
ipstat.ips_badvers++;
goto bad;
}
hlen = ip->ip_hl << 2;
if (hlen<sizeof(struct ip ) || hlen>m->m_len) {/* min header length */
ipstat.ips_badhlen++; /* or packet too short */
goto bad;
}
/* keep ip header intact for ICMP reply
* ip->ip_sum = cksum(m, hlen);
* if (ip->ip_sum) {
*/
if(cksum(m,hlen)) {
ipstat.ips_badsum++;
goto bad;
}
/*
* Convert fields to host representation.
*/
NTOHS(ip->ip_len);
if (ip->ip_len < hlen) {
ipstat.ips_badlen++;
goto bad;
}
NTOHS(ip->ip_id);
NTOHS(ip->ip_off);
/*
* Check that the amount of data in the buffers
* is as at least much as the IP header would have us expect.
* Trim mbufs if longer than we expect.
* Drop packet if shorter than we expect.
*/
if (m->m_len < ip->ip_len) {
ipstat.ips_tooshort++;
goto bad;
}
/* Should drop packet if mbuf too long? hmmm... */
if (m->m_len > ip->ip_len)
m_adj(m, ip->ip_len - m->m_len);
/* check ip_ttl for a correct ICMP reply */
if(ip->ip_ttl==0 || ip->ip_ttl==1) {
icmp_error(m, ICMP_TIMXCEED,ICMP_TIMXCEED_INTRANS, 0,"ttl");
goto bad;
}
/*
* Process options and, if not destined for us,
* ship it on. ip_dooptions returns 1 when an
* error was detected (causing an icmp message
* to be sent and the original packet to be freed).
*/
/* We do no IP options */
/* if (hlen > sizeof (struct ip) && ip_dooptions(m))
* goto next;
*/
/*
* If offset or IP_MF are set, must reassemble.
* Otherwise, nothing need be done.
* (We could look in the reassembly queue to see
* if the packet was previously fragmented,
* but it's not worth the time; just let them time out.)
*
* XXX This should fail, don't fragment yet
*/
if (ip->ip_off &~ IP_DF) {
register struct ipq *fp;
/*
* Look for queue of fragments
* of this datagram.
*/
for (fp = (struct ipq *) ipq.next; fp != &ipq;
fp = (struct ipq *) fp->next)
if (ip->ip_id == fp->ipq_id &&
ip->ip_src.s_addr == fp->ipq_src.s_addr &&
ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
ip->ip_p == fp->ipq_p)
goto found;
fp = 0;
found:
/*
* Adjust ip_len to not reflect header,
* set ip_mff if more fragments are expected,
* convert offset of this to bytes.
*/
ip->ip_len -= hlen;
if (ip->ip_off & IP_MF)
((struct ipasfrag *)ip)->ipf_mff |= 1;
else
((struct ipasfrag *)ip)->ipf_mff &= ~1;
ip->ip_off <<= 3;
/*
* If datagram marked as having more fragments
* or if this is not the first fragment,
* attempt reassembly; if it succeeds, proceed.
*/
if (((struct ipasfrag *)ip)->ipf_mff & 1 || ip->ip_off) {
ipstat.ips_fragments++;
ip = ip_reass((struct ipasfrag *)ip, fp);
if (ip == 0)
return;
ipstat.ips_reassembled++;
m = dtom(ip);
} else
if (fp)
ip_freef(fp);
} else
ip->ip_len -= hlen;
/*
* Switch out to protocol's input routine.
*/
ipstat.ips_delivered++;
switch (ip->ip_p) {
case IPPROTO_TCP:
tcp_input(m, hlen, (struct socket *)NULL);
break;
case IPPROTO_UDP:
udp_input(m, hlen);
break;
case IPPROTO_ICMP:
icmp_input(m, hlen);
break;
default:
ipstat.ips_noproto++;
m_free(m);
}
return;
bad:
m_freem(m);
return;
}
/*
* Take incoming datagram fragment and try to
* reassemble it into whole datagram. If a chain for
* reassembly of this datagram already exists, then it
* is given as fp; otherwise have to make a chain.
*/
struct ip *ip_reass(struct ipasfrag *ip, struct ipq *fp)
{
struct mbuf *m = dtom(ip);
struct ipasfrag *q;
int hlen = ip->ip_hl << 2;
int i, next;
DEBUG_CALL("ip_reass");
DEBUG_ARG("ip = %lx", (long)ip);
DEBUG_ARG("fp = %lx", (long)fp);
DEBUG_ARG("m = %lx", (long)m);
/*
* Presence of header sizes in mbufs
* would confuse code below.
* Fragment m_data is concatenated.
*/
m->m_data += hlen;
m->m_len -= hlen;
/*
* If first fragment to arrive, create a reassembly queue.
*/
if (fp == 0) {
struct mbuf *t;
if ((t = m_get()) == NULL) goto dropfrag;
fp = mtod(t, struct ipq *);
insque_32(fp, &ipq);
fp->ipq_ttl = IPFRAGTTL;
fp->ipq_p = ip->ip_p;
fp->ipq_id = ip->ip_id;
fp->ipq_next = fp->ipq_prev = (ipasfragp_32)fp;
fp->ipq_src = ((struct ip *)ip)->ip_src;
fp->ipq_dst = ((struct ip *)ip)->ip_dst;
q = (struct ipasfrag *)fp;
goto insert;
}
/*
* Find a segment which begins after this one does.
*/
for (q = (struct ipasfrag *)fp->ipq_next; q != (struct ipasfrag *)fp;
q = (struct ipasfrag *)q->ipf_next)
if (q->ip_off > ip->ip_off)
break;
/*
* If there is a preceding segment, it may provide some of
* our data already. If so, drop the data from the incoming
* segment. If it provides all of our data, drop us.
*/
if (q->ipf_prev != (ipasfragp_32)fp) {
i = ((struct ipasfrag *)(q->ipf_prev))->ip_off +
((struct ipasfrag *)(q->ipf_prev))->ip_len - ip->ip_off;
if (i > 0) {
if (i >= ip->ip_len)
goto dropfrag;
m_adj(dtom(ip), i);
ip->ip_off += i;
ip->ip_len -= i;
}
}
/*
* While we overlap succeeding segments trim them or,
* if they are completely covered, dequeue them.
*/
while (q != (struct ipasfrag *)fp && ip->ip_off + ip->ip_len > q->ip_off) {
i = (ip->ip_off + ip->ip_len) - q->ip_off;
if (i < q->ip_len) {
q->ip_len -= i;
q->ip_off += i;
m_adj(dtom(q), i);
break;
}
q = (struct ipasfrag *) q->ipf_next;
m_freem(dtom((struct ipasfrag *) q->ipf_prev));
ip_deq((struct ipasfrag *) q->ipf_prev);
}
insert:
/*
* Stick new segment in its place;
* check for complete reassembly.
*/
ip_enq(ip, (struct ipasfrag *) q->ipf_prev);
next = 0;
for (q = (struct ipasfrag *) fp->ipq_next; q != (struct ipasfrag *)fp;
q = (struct ipasfrag *) q->ipf_next) {
if (q->ip_off != next)
return (0);
next += q->ip_len;
}
if (((struct ipasfrag *)(q->ipf_prev))->ipf_mff & 1)
return (0);
/*
* Reassembly is complete; concatenate fragments.
*/
q = (struct ipasfrag *) fp->ipq_next;
m = dtom(q);
q = (struct ipasfrag *) q->ipf_next;
while (q != (struct ipasfrag *)fp) {
struct mbuf *t;
t = dtom(q);
q = (struct ipasfrag *) q->ipf_next;
m_cat(m, t);
}
/*
* Create header for new ip packet by
* modifying header of first packet;
* dequeue and discard fragment reassembly header.
* Make header visible.
*/
ip = (struct ipasfrag *) fp->ipq_next;
/*
* If the fragments concatenated to an mbuf that's
* bigger than the total size of the fragment, then and
* m_ext buffer was alloced. But fp->ipq_next points to
* the old buffer (in the mbuf), so we must point ip
* into the new buffer.
*/
if (m->m_flags & M_EXT) {
int delta;
delta = (char *)ip - m->m_dat;
ip = (struct ipasfrag *)(m->m_ext + delta);
}
/* DEBUG_ARG("ip = %lx", (long)ip);
* ip=(struct ipasfrag *)m->m_data; */
ip->ip_len = next;
ip->ipf_mff &= ~1;
((struct ip *)ip)->ip_src = fp->ipq_src;
((struct ip *)ip)->ip_dst = fp->ipq_dst;
remque_32(fp);
(void) m_free(dtom(fp));
m = dtom(ip);
m->m_len += (ip->ip_hl << 2);
m->m_data -= (ip->ip_hl << 2);
return ((struct ip *)ip);
dropfrag:
ipstat.ips_fragdropped++;
m_freem(m);
return (0);
}
/*
* Ip input routine. Checksum and byte swap header. If fragmented
* try to reassamble. If complete and fragment queue exists, discard.
* Process options. Pass to next level.
*/
ipintr()
{
register struct ip *ip;
register struct mbuf *m;
struct mbuf *m0;
register int i;
register struct ipq *fp;
register struct in_ifaddr *ia;
struct ifnet *ifp;
int hlen, s;
/* IOdebug( "ipintr: called" ); */
next:
/*
* Get next datagram off input queue and get IP header
* in first mbuf.
*/
s = splimp();
IF_DEQUEUEIF(&ipintrq, m, ifp);
splx(s);
if (m == NULL)
{
/* IOdebug( "ipintr: no more mbufs" ); */
return;
}
/*
* If no IP addresses have been set yet but the interfaces
* are receiving, can't do anything with incoming packets yet.
*/
if (in_ifaddr == NULL)
goto bad;
ipstat.ips_total++;
if ((m->m_off > MMAXOFF || m->m_len < sizeof (struct ip)) &&
(m = m_pullup(m, sizeof (struct ip))) == 0) {
ipstat.ips_toosmall++;
goto next;
}
ip = mtod(m, struct ip *);
hlen = ip->ip_hl << 2;
if (hlen < sizeof(struct ip)) { /* minimum header length */
ipstat.ips_badhlen++;
goto bad;
}
if (hlen > m->m_len) {
if ((m = m_pullup(m, hlen)) == 0) {
ipstat.ips_badhlen++;
goto next;
}
ip = mtod(m, struct ip *);
}
if (ipcksum)
if (ip->ip_sum = in_cksum(m, hlen)) {
ipstat.ips_badsum++;
/* IOdebug( "ipintr: bad checksum" ); */
goto bad;
}
/*
* Convert fields to host representation.
*/
ip->ip_len = ntohs((u_short)ip->ip_len);
if (ip->ip_len < hlen) {
ipstat.ips_badlen++;
goto bad;
}
ip->ip_id = ntohs(ip->ip_id);
ip->ip_off = ntohs((u_short)ip->ip_off);
/*
* Check that the amount of data in the buffers
* is as at least much as the IP header would have us expect.
* Trim mbufs if longer than we expect.
* Drop packet if shorter than we expect.
*/
i = -(u_short)ip->ip_len;
m0 = m;
for (;;) {
i += m->m_len;
if (m->m_next == 0)
break;
m = m->m_next;
}
if (i != 0) {
if (i < 0) {
ipstat.ips_tooshort++;
m = m0;
goto bad;
}
if (i <= m->m_len)
m->m_len -= i;
else
m_adj(m0, -i);
}
m = m0;
/*
* Process options and, if not destined for us,
* ship it on. ip_dooptions returns 1 when an
* error was detected (causing an icmp message
* to be sent and the original packet to be freed).
*/
ip_nhops = 0; /* for source routed packets */
if (hlen > sizeof (struct ip) && ip_dooptions(ip, ifp))
goto next;
/*
* Check our list of addresses, to see if the packet is for us.
*/
/* IOdebug( "ipintr: checking address" ); */
for (ia = in_ifaddr; ia; ia = ia->ia_next) {
#define satosin(sa) ((struct sockaddr_in *)(sa))
if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr)
goto ours;
if (
#ifdef DIRECTED_BROADCAST
ia->ia_ifp == ifp &&
#endif
(ia->ia_ifp->if_flags & IFF_BROADCAST)) {
u_long t;
if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
ip->ip_dst.s_addr)
goto ours;
if (ip->ip_dst.s_addr == ia->ia_netbroadcast.s_addr)
goto ours;
/*
* Look for all-0's host part (old broadcast addr),
* either for subnet or net.
*/
t = ntohl(ip->ip_dst.s_addr);
if (t == ia->ia_subnet)
goto ours;
if (t == ia->ia_net)
goto ours;
}
}
if (ip->ip_dst.s_addr == (u_long)INADDR_BROADCAST)
goto ours;
if (ip->ip_dst.s_addr == INADDR_ANY)
goto ours;
/*
* Not for us; forward if possible and desirable.
*/
ip_forward(ip, ifp);
/* IOdebug( "ipintr: not for us" ); */
goto next;
ours:
/* IOdebug( "ipintr: ours" ); */
/*
* If offset or IP_MF are set, must reassemble.
* Otherwise, nothing need be done.
* (We could look in the reassembly queue to see
* if the packet was previously fragmented,
* but it's not worth the time; just let them time out.)
*/
if (ip->ip_off &~ IP_DF) {
/*
* Look for queue of fragments
* of this datagram.
*/
for (fp = ipq.next; fp != &ipq; fp = fp->next)
if (ip->ip_id == fp->ipq_id &&
ip->ip_src.s_addr == fp->ipq_src.s_addr &&
ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
ip->ip_p == fp->ipq_p)
goto found;
fp = 0;
found:
/*
* Adjust ip_len to not reflect header,
* set ip_mff if more fragments are expected,
* convert offset of this to bytes.
*/
ip->ip_len -= hlen;
((struct ipasfrag *)ip)->ipf_mff = 0;
if (ip->ip_off & IP_MF)
((struct ipasfrag *)ip)->ipf_mff = 1;
ip->ip_off <<= 3;
/*
* If datagram marked as having more fragments
* or if this is not the first fragment,
* attempt reassembly; if it succeeds, proceed.
*/
if (((struct ipasfrag *)ip)->ipf_mff || ip->ip_off)
{
/* IOdebug( "ipintr: attempting reassembly" ); */
ipstat.ips_fragments++;
ip = ip_reass((struct ipasfrag *)ip, fp);
if (ip == NULL)
{
/* IOdebug( "ipintr: attempt failed" ); */
goto next;
}
m = dtom(ip);
}
else
if (fp)
ip_freef(fp);
} else
ip->ip_len -= hlen;
/*
* Switch out to protocol's input routine.
*/
/* IOdebug( "ipintr: handling packet of len %d", ip->ip_len ); */
(*inetsw[ip_protox[ip->ip_p]].pr_input)(m, ifp);
/* IOdebug( "ipintr: handled" ); */
goto next;
bad:
/* IOdebug( "ipintr: bad input" ); */
m_freem(m);
goto next;
}
