int
mpeoutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
struct rtentry *rt)
{
struct shim_hdr shim;
int s;
int error;
int off;
u_int8_t op = 0;
#ifdef DIAGNOSTIC
if (ifp->if_rdomain != rtable_l2(m->m_pkthdr.rdomain)) {
printf("%s: trying to send packet on wrong domain. "
"if %d vs. mbuf %d\n", ifp->if_xname,
ifp->if_rdomain, rtable_l2(m->m_pkthdr.rdomain));
}
#endif
m->m_pkthdr.rcvif = ifp;
/* XXX assumes MPLS is always in rdomain 0 */
m->m_pkthdr.rdomain = 0;
error = 0;
switch (dst->sa_family) {
#ifdef INET
case AF_INET:
if (rt && rt->rt_flags & RTF_MPLS) {
shim.shim_label =
((struct rt_mpls *)rt->rt_llinfo)->mpls_label;
shim.shim_label |= MPLS_BOS_MASK;
op = ((struct rt_mpls *)rt->rt_llinfo)->mpls_operation;
}
if (op != MPLS_OP_PUSH) {
m_freem(m);
error = ENETUNREACH;
goto out;
}
if (mpls_mapttl_ip) {
struct ip *ip;
ip = mtod(m, struct ip *);
shim.shim_label |= htonl(ip->ip_ttl) & MPLS_TTL_MASK;
} else
shim.shim_label |= htonl(mpls_defttl) & MPLS_TTL_MASK;
off = sizeof(sa_family_t) + sizeof(in_addr_t);
M_PREPEND(m, sizeof(shim) + off, M_DONTWAIT);
if (m == NULL) {
error = ENOBUFS;
goto out;
}
*mtod(m, sa_family_t *) = AF_INET;
m_copyback(m, sizeof(sa_family_t), sizeof(in_addr_t),
(caddr_t)&((satosin(dst)->sin_addr)), M_NOWAIT);
break;
#endif
default:
m_freem(m);
error = EPFNOSUPPORT;
goto out;
}
struct ifaddr *
ifa_ifwithroute(int flags, struct sockaddr *dst, struct sockaddr *gateway,
u_int rtableid)
{
struct ifaddr *ifa;
#ifdef IPSEC
/*
* If the destination is a PF_KEY address, we'll look
* for the existence of a encap interface number or address
* in the options list of the gateway. By default, we'll return
* enc0.
*/
if (dst && (dst->sa_family == PF_KEY))
return (encap_findgwifa(gateway));
#endif
if ((flags & RTF_GATEWAY) == 0) {
/*
* If we are adding a route to an interface,
* and the interface is a pt to pt link
* we should search for the destination
* as our clue to the interface. Otherwise
* we can use the local address.
*/
ifa = NULL;
if (flags & RTF_HOST)
ifa = ifa_ifwithdstaddr(dst, rtableid);
if (ifa == NULL)
ifa = ifa_ifwithaddr(gateway, rtableid);
} else {
/*
* If we are adding a route to a remote net
* or host, the gateway may still be on the
* other end of a pt to pt link.
*/
ifa = ifa_ifwithdstaddr(gateway, rtableid);
}
if (ifa == NULL)
ifa = ifa_ifwithnet(gateway, rtableid);
if (ifa == NULL) {
struct rtentry *rt = rtalloc1(gateway, 0, rtable_l2(rtableid));
if (rt == NULL)
return (NULL);
rt->rt_refcnt--;
/* The gateway must be local if the same address family. */
if ((rt->rt_flags & RTF_GATEWAY) &&
rt_key(rt)->sa_family == dst->sa_family)
return (0);
if ((ifa = rt->rt_ifa) == NULL)
return (NULL);
}
if (ifa->ifa_addr->sa_family != dst->sa_family) {
struct ifaddr *oifa = ifa;
ifa = ifaof_ifpforaddr(dst, ifa->ifa_ifp);
if (ifa == NULL)
ifa = oifa;
}
return (ifa);
}
int
gre_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
struct rtentry *rt)
{
int error = 0;
struct gre_softc *sc = (struct gre_softc *) (ifp->if_softc);
struct greip *gh = NULL;
struct ip *inp = NULL;
u_int8_t ip_tos = 0;
u_int16_t etype = 0;
struct mobile_h mob_h;
struct m_tag *mtag;
if ((ifp->if_flags & IFF_UP) == 0 ||
sc->g_src.s_addr == INADDR_ANY || sc->g_dst.s_addr == INADDR_ANY) {
m_freem(m);
error = ENETDOWN;
goto end;
}
#ifdef DIAGNOSTIC
if (ifp->if_rdomain != rtable_l2(m->m_pkthdr.rdomain)) {
printf("%s: trying to send packet on wrong domain. "
"if %d vs. mbuf %d, AF %d\n", ifp->if_xname,
ifp->if_rdomain, rtable_l2(m->m_pkthdr.rdomain),
dst->sa_family);
}
#endif
/* Try to limit infinite recursion through misconfiguration. */
for (mtag = m_tag_find(m, PACKET_TAG_GRE, NULL); mtag;
mtag = m_tag_find(m, PACKET_TAG_GRE, mtag)) {
if (!bcmp((caddr_t)(mtag + 1), &ifp, sizeof(struct ifnet *))) {
IF_DROP(&ifp->if_snd);
m_freem(m);
error = EIO;
goto end;
}
}
mtag = m_tag_get(PACKET_TAG_GRE, sizeof(struct ifnet *), M_NOWAIT);
if (mtag == NULL) {
IF_DROP(&ifp->if_snd);
m_freem(m);
error = ENOBUFS;
goto end;
}
bcopy(&ifp, (caddr_t)(mtag + 1), sizeof(struct ifnet *));
m_tag_prepend(m, mtag);
m->m_flags &= ~(M_BCAST|M_MCAST);
#if NBPFILTER > 0
if (ifp->if_bpf)
bpf_mtap_af(ifp->if_bpf, dst->sa_family, m, BPF_DIRECTION_OUT);
#endif
if (sc->g_proto == IPPROTO_MOBILE) {
if (ip_mobile_allow == 0) {
IF_DROP(&ifp->if_snd);
m_freem(m);
error = EACCES;
goto end;
}
if (dst->sa_family == AF_INET) {
struct mbuf *m0;
int msiz;
/*
* Make sure the complete IP header (with options)
* is in the first mbuf.
*/
if (m->m_len < sizeof(struct ip)) {
m = m_pullup(m, sizeof(struct ip));
if (m == NULL) {
IF_DROP(&ifp->if_snd);
error = ENOBUFS;
goto end;
} else
inp = mtod(m, struct ip *);
if (m->m_len < inp->ip_hl << 2) {
m = m_pullup(m, inp->ip_hl << 2);
if (m == NULL) {
IF_DROP(&ifp->if_snd);
error = ENOBUFS;
goto end;
}
}
}
inp = mtod(m, struct ip *);
bzero(&mob_h, MOB_H_SIZ_L);
mob_h.proto = (inp->ip_p) << 8;
mob_h.odst = inp->ip_dst.s_addr;
inp->ip_dst.s_addr = sc->g_dst.s_addr;
/*
* If the packet comes from our host, we only change
* the destination address in the IP header.
* Otherwise we need to save and change the source.
*/
if (inp->ip_src.s_addr == sc->g_src.s_addr) {
msiz = MOB_H_SIZ_S;
} else {
mob_h.proto |= MOB_H_SBIT;
mob_h.osrc = inp->ip_src.s_addr;
inp->ip_src.s_addr = sc->g_src.s_addr;
msiz = MOB_H_SIZ_L;
}
HTONS(mob_h.proto);
mob_h.hcrc = gre_in_cksum((u_int16_t *) &mob_h, msiz);
/* Squeeze in the mobility header */
if ((m->m_data - msiz) < m->m_pktdat) {
/* Need new mbuf */
MGETHDR(m0, M_DONTWAIT, MT_HEADER);
if (m0 == NULL) {
IF_DROP(&ifp->if_snd);
m_freem(m);
error = ENOBUFS;
goto end;
}
M_MOVE_HDR(m0, m);
m0->m_len = msiz + (inp->ip_hl << 2);
m0->m_data += max_linkhdr;
m0->m_pkthdr.len = m->m_pkthdr.len + msiz;
m->m_data += inp->ip_hl << 2;
m->m_len -= inp->ip_hl << 2;
bcopy((caddr_t) inp, mtod(m0, caddr_t),
sizeof(struct ip));
m0->m_next = m;
m = m0;
} else { /* we have some space left in the old one */
m->m_data -= msiz;
m->m_len += msiz;
m->m_pkthdr.len += msiz;
bcopy(inp, mtod(m, caddr_t),
inp->ip_hl << 2);
}
/* Copy Mobility header */
inp = mtod(m, struct ip *);
bcopy(&mob_h, (caddr_t)(inp + 1), (unsigned) msiz);
inp->ip_len = htons(ntohs(inp->ip_len) + msiz);
} else { /* AF_INET */
/*
* ipsec_common_input() gets called when we receive an IPsec-protected packet
* in IPv4 or IPv6. All it does is find the right TDB and call the appropriate
* transform. The callback takes care of further processing (like ingress
* filtering).
*/
int
ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto,
int udpencap)
{
#define IPSEC_ISTAT(x,y,z) (sproto == IPPROTO_ESP ? (x)++ : \
sproto == IPPROTO_AH ? (y)++ : (z)++)
union sockaddr_union dst_address;
struct timeval tv;
struct tdb *tdbp;
struct ifnet *encif;
u_int32_t spi;
u_int16_t cpi;
int s, error;
IPSEC_ISTAT(espstat.esps_input, ahstat.ahs_input,
ipcompstat.ipcomps_input);
if (m == 0) {
DPRINTF(("ipsec_common_input(): NULL packet received\n"));
IPSEC_ISTAT(espstat.esps_hdrops, ahstat.ahs_hdrops,
ipcompstat.ipcomps_hdrops);
return EINVAL;
}
if ((sproto == IPPROTO_ESP && !esp_enable) ||
(sproto == IPPROTO_AH && !ah_enable) ||
#if NPF > 0
(m->m_pkthdr.pf.flags & PF_TAG_DIVERTED) ||
#endif
(sproto == IPPROTO_IPCOMP && !ipcomp_enable)) {
switch (af) {
#ifdef INET
case AF_INET:
rip_input(m, skip, sproto);
break;
#endif /* INET */
#ifdef INET6
case AF_INET6:
rip6_input(&m, &skip, sproto);
break;
#endif /* INET6 */
default:
DPRINTF(("ipsec_common_input(): unsupported protocol "
"family %d\n", af));
m_freem(m);
IPSEC_ISTAT(espstat.esps_nopf, ahstat.ahs_nopf,
ipcompstat.ipcomps_nopf);
return EPFNOSUPPORT;
}
return 0;
}
if ((sproto == IPPROTO_IPCOMP) && (m->m_flags & M_COMP)) {
m_freem(m);
ipcompstat.ipcomps_pdrops++;
DPRINTF(("ipsec_common_input(): repeated decompression\n"));
return EINVAL;
}
if (m->m_pkthdr.len - skip < 2 * sizeof(u_int32_t)) {
m_freem(m);
IPSEC_ISTAT(espstat.esps_hdrops, ahstat.ahs_hdrops,
ipcompstat.ipcomps_hdrops);
DPRINTF(("ipsec_common_input(): packet too small\n"));
return EINVAL;
}
/* Retrieve the SPI from the relevant IPsec header */
if (sproto == IPPROTO_ESP)
m_copydata(m, skip, sizeof(u_int32_t), (caddr_t) &spi);
else if (sproto == IPPROTO_AH)
m_copydata(m, skip + sizeof(u_int32_t), sizeof(u_int32_t),
(caddr_t) &spi);
else if (sproto == IPPROTO_IPCOMP) {
m_copydata(m, skip + sizeof(u_int16_t), sizeof(u_int16_t),
(caddr_t) &cpi);
spi = ntohl(htons(cpi));
}
/*
* Find tunnel control block and (indirectly) call the appropriate
* kernel crypto routine. The resulting mbuf chain is a valid
* IP packet ready to go through input processing.
*/
memset(&dst_address, 0, sizeof(dst_address));
dst_address.sa.sa_family = af;
switch (af) {
#ifdef INET
case AF_INET:
dst_address.sin.sin_len = sizeof(struct sockaddr_in);
m_copydata(m, offsetof(struct ip, ip_dst),
sizeof(struct in_addr),
(caddr_t) &(dst_address.sin.sin_addr));
break;
#endif /* INET */
#ifdef INET6
case AF_INET6:
dst_address.sin6.sin6_len = sizeof(struct sockaddr_in6);
m_copydata(m, offsetof(struct ip6_hdr, ip6_dst),
sizeof(struct in6_addr),
(caddr_t) &(dst_address.sin6.sin6_addr));
in6_recoverscope(&dst_address.sin6, &dst_address.sin6.sin6_addr,
NULL);
break;
#endif /* INET6 */
default:
DPRINTF(("ipsec_common_input(): unsupported protocol "
"family %d\n", af));
m_freem(m);
IPSEC_ISTAT(espstat.esps_nopf, ahstat.ahs_nopf,
ipcompstat.ipcomps_nopf);
return EPFNOSUPPORT;
}
s = splsoftnet();
tdbp = gettdb(rtable_l2(m->m_pkthdr.ph_rtableid),
spi, &dst_address, sproto);
if (tdbp == NULL) {
splx(s);
DPRINTF(("ipsec_common_input(): could not find SA for "
"packet to %s, spi %08x\n",
ipsp_address(dst_address), ntohl(spi)));
m_freem(m);
IPSEC_ISTAT(espstat.esps_notdb, ahstat.ahs_notdb,
ipcompstat.ipcomps_notdb);
return ENOENT;
}
if (tdbp->tdb_flags & TDBF_INVALID) {
splx(s);
DPRINTF(("ipsec_common_input(): attempted to use invalid SA %s/%08x/%u\n", ipsp_address(dst_address), ntohl(spi), tdbp->tdb_sproto));
m_freem(m);
IPSEC_ISTAT(espstat.esps_invalid, ahstat.ahs_invalid,
ipcompstat.ipcomps_invalid);
return EINVAL;
}
if (udpencap && !(tdbp->tdb_flags & TDBF_UDPENCAP)) {
splx(s);
DPRINTF(("ipsec_common_input(): attempted to use non-udpencap SA %s/%08x/%u\n", ipsp_address(dst_address), ntohl(spi), tdbp->tdb_sproto));
m_freem(m);
espstat.esps_udpinval++;
return EINVAL;
}
if (tdbp->tdb_xform == NULL) {
splx(s);
DPRINTF(("ipsec_common_input(): attempted to use uninitialized SA %s/%08x/%u\n", ipsp_address(dst_address), ntohl(spi), tdbp->tdb_sproto));
m_freem(m);
IPSEC_ISTAT(espstat.esps_noxform, ahstat.ahs_noxform,
ipcompstat.ipcomps_noxform);
return ENXIO;
}
if (sproto != IPPROTO_IPCOMP) {
if ((encif = enc_getif(tdbp->tdb_rdomain,
tdbp->tdb_tap)) == NULL) {
splx(s);
DPRINTF(("ipsec_common_input(): "
"no enc%u interface for SA %s/%08x/%u\n",
tdbp->tdb_tap, ipsp_address(dst_address),
ntohl(spi), tdbp->tdb_sproto));
m_freem(m);
IPSEC_ISTAT(espstat.esps_pdrops,
ahstat.ahs_pdrops,
ipcompstat.ipcomps_pdrops);
return EACCES;
}
/* XXX This conflicts with the scoped nature of IPv6 */
m->m_pkthdr.rcvif = encif;
}
/* Register first use, setup expiration timer. */
if (tdbp->tdb_first_use == 0) {
tdbp->tdb_first_use = time_second;
tv.tv_usec = 0;
tv.tv_sec = tdbp->tdb_exp_first_use + tdbp->tdb_first_use;
if (tdbp->tdb_flags & TDBF_FIRSTUSE)
timeout_add(&tdbp->tdb_first_tmo, hzto(&tv));
tv.tv_sec = tdbp->tdb_first_use + tdbp->tdb_soft_first_use;
if (tdbp->tdb_flags & TDBF_SOFT_FIRSTUSE)
timeout_add(&tdbp->tdb_sfirst_tmo, hzto(&tv));
}
/*
* Call appropriate transform and return -- callback takes care of
* everything else.
*/
error = (*(tdbp->tdb_xform->xf_input))(m, tdbp, skip, protoff);
splx(s);
return error;
}
void
ip6_forward(struct mbuf *m, int srcrt)
{
struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
struct sockaddr_in6 *dst;
struct rtentry *rt;
int error = 0, type = 0, code = 0;
struct mbuf *mcopy = NULL;
struct ifnet *origifp; /* maybe unnecessary */
#ifdef IPSEC
u_int8_t sproto = 0;
struct m_tag *mtag;
union sockaddr_union sdst;
struct tdb_ident *tdbi;
u_int32_t sspi;
struct tdb *tdb;
int s;
#if NPF > 0
struct ifnet *encif;
#endif
#endif /* IPSEC */
u_int rtableid = 0;
/*
* Do not forward packets to multicast destination (should be handled
* by ip6_mforward().
* Do not forward packets with unspecified source. It was discussed
* in July 2000, on ipngwg mailing list.
*/
if ((m->m_flags & (M_BCAST|M_MCAST)) != 0 ||
IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) ||
IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) {
ip6stat.ip6s_cantforward++;
/* XXX in6_ifstat_inc(rt->rt_ifp, ifs6_in_discard) */
if (ip6_log_time + ip6_log_interval < time_second) {
ip6_log_time = time_second;
log(LOG_DEBUG,
"cannot forward "
"from %s to %s nxt %d received on %s\n",
ip6_sprintf(&ip6->ip6_src),
ip6_sprintf(&ip6->ip6_dst),
ip6->ip6_nxt,
m->m_pkthdr.rcvif->if_xname);
}
m_freem(m);
return;
}
if (ip6->ip6_hlim <= IPV6_HLIMDEC) {
/* XXX in6_ifstat_inc(rt->rt_ifp, ifs6_in_discard) */
icmp6_error(m, ICMP6_TIME_EXCEEDED,
ICMP6_TIME_EXCEED_TRANSIT, 0);
return;
}
ip6->ip6_hlim -= IPV6_HLIMDEC;
#if NPF > 0
reroute:
#endif
#ifdef IPSEC
if (!ipsec_in_use)
goto done_spd;
s = splnet();
/*
* Check if there was an outgoing SA bound to the flow
* from a transport protocol.
*/
/* Do we have any pending SAs to apply ? */
mtag = m_tag_find(m, PACKET_TAG_IPSEC_PENDING_TDB, NULL);
if (mtag != NULL) {
#ifdef DIAGNOSTIC
if (mtag->m_tag_len != sizeof (struct tdb_ident))
panic("ip6_forward: tag of length %d (should be %d",
mtag->m_tag_len, sizeof (struct tdb_ident));
#endif
tdbi = (struct tdb_ident *)(mtag + 1);
tdb = gettdb(tdbi->rdomain, tdbi->spi, &tdbi->dst,
tdbi->proto);
if (tdb == NULL)
error = -EINVAL;
m_tag_delete(m, mtag);
} else
tdb = ipsp_spd_lookup(m, AF_INET6, sizeof(struct ip6_hdr),
&error, IPSP_DIRECTION_OUT, NULL, NULL);
if (tdb == NULL) {
splx(s);
if (error == 0) {
/*
* No IPsec processing required, we'll just send the
* packet out.
*/
sproto = 0;
/* Fall through to routing/multicast handling */
} else {
/*
* -EINVAL is used to indicate that the packet should
* be silently dropped, typically because we've asked
* key management for an SA.
*/
if (error == -EINVAL) /* Should silently drop packet */
error = 0;
goto freecopy;
}
} else {
/* Loop detection */
for (mtag = m_tag_first(m); mtag != NULL;
mtag = m_tag_next(m, mtag)) {
if (mtag->m_tag_id != PACKET_TAG_IPSEC_OUT_DONE &&
mtag->m_tag_id !=
PACKET_TAG_IPSEC_OUT_CRYPTO_NEEDED)
continue;
tdbi = (struct tdb_ident *)(mtag + 1);
if (tdbi->spi == tdb->tdb_spi &&
tdbi->proto == tdb->tdb_sproto &&
tdbi->rdomain == tdb->tdb_rdomain &&
!bcmp(&tdbi->dst, &tdb->tdb_dst,
sizeof(union sockaddr_union))) {
splx(s);
sproto = 0; /* mark as no-IPsec-needed */
goto done_spd;
}
}
/* We need to do IPsec */
bcopy(&tdb->tdb_dst, &sdst, sizeof(sdst));
sspi = tdb->tdb_spi;
sproto = tdb->tdb_sproto;
splx(s);
}
/* Fall through to the routing/multicast handling code */
done_spd:
#endif /* IPSEC */
#if NPF > 0
rtableid = m->m_pkthdr.rdomain;
#endif
/*
* Save at most ICMPV6_PLD_MAXLEN (= the min IPv6 MTU -
* size of IPv6 + ICMPv6 headers) bytes of the packet in case
* we need to generate an ICMP6 message to the src.
* Thanks to M_EXT, in most cases copy will not occur.
*
* It is important to save it before IPsec processing as IPsec
* processing may modify the mbuf.
*/
mcopy = m_copy(m, 0, imin(m->m_pkthdr.len, ICMPV6_PLD_MAXLEN));
dst = &ip6_forward_rt.ro_dst;
if (!srcrt) {
/*
* ip6_forward_rt.ro_dst.sin6_addr is equal to ip6->ip6_dst
*/
if (ip6_forward_rt.ro_rt == 0 ||
(ip6_forward_rt.ro_rt->rt_flags & RTF_UP) == 0 ||
ip6_forward_rt.ro_tableid != rtableid) {
if (ip6_forward_rt.ro_rt) {
RTFREE(ip6_forward_rt.ro_rt);
ip6_forward_rt.ro_rt = 0;
}
/* this probably fails but give it a try again */
ip6_forward_rt.ro_tableid = rtableid;
rtalloc_mpath((struct route *)&ip6_forward_rt,
&ip6->ip6_src.s6_addr32[0]);
}
if (ip6_forward_rt.ro_rt == 0) {
ip6stat.ip6s_noroute++;
/* XXX in6_ifstat_inc(rt->rt_ifp, ifs6_in_noroute) */
if (mcopy) {
icmp6_error(mcopy, ICMP6_DST_UNREACH,
ICMP6_DST_UNREACH_NOROUTE, 0);
}
m_freem(m);
return;
}
} else if (ip6_forward_rt.ro_rt == 0 ||
(ip6_forward_rt.ro_rt->rt_flags & RTF_UP) == 0 ||
!IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &dst->sin6_addr) ||
ip6_forward_rt.ro_tableid != rtableid) {
if (ip6_forward_rt.ro_rt) {
RTFREE(ip6_forward_rt.ro_rt);
ip6_forward_rt.ro_rt = 0;
}
bzero(dst, sizeof(*dst));
dst->sin6_len = sizeof(struct sockaddr_in6);
dst->sin6_family = AF_INET6;
dst->sin6_addr = ip6->ip6_dst;
ip6_forward_rt.ro_tableid = rtableid;
rtalloc_mpath((struct route *)&ip6_forward_rt,
&ip6->ip6_src.s6_addr32[0]);
if (ip6_forward_rt.ro_rt == 0) {
ip6stat.ip6s_noroute++;
/* XXX in6_ifstat_inc(rt->rt_ifp, ifs6_in_noroute) */
if (mcopy) {
icmp6_error(mcopy, ICMP6_DST_UNREACH,
ICMP6_DST_UNREACH_NOROUTE, 0);
}
m_freem(m);
return;
}
}
rt = ip6_forward_rt.ro_rt;
/*
* Scope check: if a packet can't be delivered to its destination
* for the reason that the destination is beyond the scope of the
* source address, discard the packet and return an icmp6 destination
* unreachable error with Code 2 (beyond scope of source address).
* [draft-ietf-ipngwg-icmp-v3-00.txt, Section 3.1]
*/
if (in6_addr2scopeid(m->m_pkthdr.rcvif, &ip6->ip6_src) !=
in6_addr2scopeid(rt->rt_ifp, &ip6->ip6_src)) {
ip6stat.ip6s_cantforward++;
ip6stat.ip6s_badscope++;
in6_ifstat_inc(rt->rt_ifp, ifs6_in_discard);
if (ip6_log_time + ip6_log_interval < time_second) {
ip6_log_time = time_second;
log(LOG_DEBUG,
"cannot forward "
"src %s, dst %s, nxt %d, rcvif %s, outif %s\n",
ip6_sprintf(&ip6->ip6_src),
ip6_sprintf(&ip6->ip6_dst),
ip6->ip6_nxt,
m->m_pkthdr.rcvif->if_xname, rt->rt_ifp->if_xname);
}
if (mcopy)
icmp6_error(mcopy, ICMP6_DST_UNREACH,
ICMP6_DST_UNREACH_BEYONDSCOPE, 0);
m_freem(m);
goto freert;
}
#ifdef IPSEC
/*
* Check if the packet needs encapsulation.
* ipsp_process_packet will never come back to here.
* XXX ipsp_process_packet() calls ip6_output(), and there'll be no
* PMTU notification. is it okay?
*/
if (sproto != 0) {
s = splnet();
tdb = gettdb(rtable_l2(m->m_pkthdr.rdomain),
sspi, &sdst, sproto);
if (tdb == NULL) {
splx(s);
error = EHOSTUNREACH;
m_freem(m);
goto senderr; /*XXX*/
}
#if NPF > 0
if ((encif = enc_getif(tdb->tdb_rdomain,
tdb->tdb_tap)) == NULL ||
pf_test6(PF_FWD, encif, &m, NULL) != PF_PASS) {
splx(s);
error = EHOSTUNREACH;
m_freem(m);
goto senderr;
}
if (m == NULL) {
splx(s);
goto senderr;
}
ip6 = mtod(m, struct ip6_hdr *);
/*
* PF_TAG_REROUTE handling or not...
* Packet is entering IPsec so the routing is
* already overruled by the IPsec policy.
* Until now the change was not reconsidered.
* What's the behaviour?
*/
#endif
m->m_flags &= ~(M_BCAST | M_MCAST); /* just in case */
/* Callee frees mbuf */
error = ipsp_process_packet(m, tdb, AF_INET6, 0);
splx(s);
m_freem(mcopy);
goto freert;
}
/*
* Queue a packet. Start transmission if not active.
* Packet is placed in Information field of PPP frame.
*/
int
pppoutput(struct ifnet *ifp, struct mbuf *m0, struct sockaddr *dst,
struct rtentry *rtp)
{
struct ppp_softc *sc = ifp->if_softc;
int protocol, address, control;
u_char *cp;
int s, error;
struct ip *ip;
struct ifqueue *ifq;
enum NPmode mode;
int len;
if (sc->sc_devp == NULL || (ifp->if_flags & IFF_RUNNING) == 0
|| ((ifp->if_flags & IFF_UP) == 0 && dst->sa_family != AF_UNSPEC)) {
error = ENETDOWN; /* sort of */
goto bad;
}
#ifdef DIAGNOSTIC
if (ifp->if_rdomain != rtable_l2(m0->m_pkthdr.ph_rtableid)) {
printf("%s: trying to send packet on wrong domain. "
"if %d vs. mbuf %d, AF %d\n", ifp->if_xname, ifp->if_rdomain,
rtable_l2(m0->m_pkthdr.ph_rtableid), dst->sa_family);
}
#endif
/*
* Compute PPP header.
*/
m0->m_flags &= ~M_HIGHPRI;
switch (dst->sa_family) {
#ifdef INET
case AF_INET:
address = PPP_ALLSTATIONS;
control = PPP_UI;
protocol = PPP_IP;
mode = sc->sc_npmode[NP_IP];
/*
* If this packet has the "low delay" bit set in the IP header,
* put it on the fastq instead.
*/
ip = mtod(m0, struct ip *);
if (ip->ip_tos & IPTOS_LOWDELAY)
m0->m_flags |= M_HIGHPRI;
break;
#endif
case AF_UNSPEC:
address = PPP_ADDRESS(dst->sa_data);
control = PPP_CONTROL(dst->sa_data);
protocol = PPP_PROTOCOL(dst->sa_data);
mode = NPMODE_PASS;
break;
default:
printf("%s: af%d not supported\n", ifp->if_xname, dst->sa_family);
error = EAFNOSUPPORT;
goto bad;
}
/*
* Drop this packet, or return an error, if necessary.
*/
if (mode == NPMODE_ERROR) {
error = ENETDOWN;
goto bad;
}
if (mode == NPMODE_DROP) {
error = 0;
goto bad;
}
/*
* Add PPP header. If no space in first mbuf, allocate another.
* (This assumes M_LEADINGSPACE is always 0 for a cluster mbuf.)
*/
M_PREPEND(m0, PPP_HDRLEN, M_DONTWAIT);
if (m0 == 0) {
error = ENOBUFS;
goto bad;
}
cp = mtod(m0, u_char *);
*cp++ = address;
*cp++ = control;
*cp++ = protocol >> 8;
*cp++ = protocol & 0xff;
if ((m0->m_flags & M_PKTHDR) == 0)
panic("mbuf packet without packet header!");
len = m0->m_pkthdr.len;
if (sc->sc_flags & SC_LOG_OUTPKT) {
printf("%s output: ", ifp->if_xname);
pppdumpm(m0);
}
if ((protocol & 0x8000) == 0) {
#if NBPFILTER > 0
/*
* Apply the pass and active filters to the packet,
* but only if it is a data packet.
*/
*mtod(m0, u_char *) = 1; /* indicates outbound */
if (sc->sc_pass_filt.bf_insns != 0
&& bpf_filter(sc->sc_pass_filt.bf_insns, (u_char *) m0,
len, 0) == 0) {
error = 0; /* drop this packet */
goto bad;
}
/*
* Update the time we sent the most recent packet.
*/
if (sc->sc_active_filt.bf_insns == 0
|| bpf_filter(sc->sc_active_filt.bf_insns, (u_char *) m0, len, 0))
sc->sc_last_sent = time_second;
*mtod(m0, u_char *) = address;
#else
/*
* Update the time we sent the most recent packet.
*/
sc->sc_last_sent = time_second;
#endif
}
#if NBPFILTER > 0
/*
* See if bpf wants to look at the packet.
*/
if (sc->sc_bpf)
bpf_mtap(sc->sc_bpf, m0, BPF_DIRECTION_OUT);
#endif
/*
* Put the packet on the appropriate queue.
*/
s = splsoftnet();
if (mode == NPMODE_QUEUE) {
/* XXX we should limit the number of packets on this queue */
*sc->sc_npqtail = m0;
m0->m_nextpkt = NULL;
sc->sc_npqtail = &m0->m_nextpkt;
} else {
if (m0->m_flags & M_HIGHPRI) {
ifq = &sc->sc_fastq;
if (IF_QFULL(ifq) && dst->sa_family != AF_UNSPEC) {
IF_DROP(ifq);
m_freem(m0);
error = ENOBUFS;
}
else {
IF_ENQUEUE(ifq, m0);
error = 0;
}
} else
IFQ_ENQUEUE(&sc->sc_if.if_snd, m0, NULL, error);
if (error) {
splx(s);
sc->sc_if.if_oerrors++;
sc->sc_stats.ppp_oerrors++;
return (error);
}
(*sc->sc_start)(sc);
}
ifp->if_opackets++;
ifp->if_obytes += len;
splx(s);
return (0);
bad:
m_freem(m0);
return (error);
}
/*
* Ethernet output routine.
* Encapsulate a packet of type family for the local net.
* Assumes that ifp is actually pointer to arpcom structure.
*/
int
ether_output(struct ifnet *ifp0, struct mbuf *m0, struct sockaddr *dst,
struct rtentry *rt0)
{
u_int16_t etype;
int s, len, error = 0;
u_char edst[ETHER_ADDR_LEN];
u_char *esrc;
struct mbuf *m = m0;
struct rtentry *rt;
struct mbuf *mcopy = NULL;
struct ether_header *eh;
struct arpcom *ac = (struct arpcom *)ifp0;
short mflags;
struct ifnet *ifp = ifp0;
#ifdef DIAGNOSTIC
if (ifp->if_rdomain != rtable_l2(m->m_pkthdr.ph_rtableid)) {
printf("%s: trying to send packet on wrong domain. "
"if %d vs. mbuf %d, AF %d\n", ifp->if_xname,
ifp->if_rdomain, rtable_l2(m->m_pkthdr.ph_rtableid),
dst->sa_family);
}
#endif
#if NTRUNK > 0
/* restrict transmission on trunk members to bpf only */
if (ifp->if_type == IFT_IEEE8023ADLAG &&
(m_tag_find(m, PACKET_TAG_DLT, NULL) == NULL))
senderr(EBUSY);
#endif
#if NCARP > 0
if (ifp->if_type == IFT_CARP) {
ifp = ifp->if_carpdev;
ac = (struct arpcom *)ifp;
if ((ifp0->if_flags & (IFF_UP|IFF_RUNNING)) !=
(IFF_UP|IFF_RUNNING))
senderr(ENETDOWN);
}
#endif /* NCARP > 0 */
if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING))
senderr(ENETDOWN);
if ((rt = rt0) != NULL) {
if ((rt->rt_flags & RTF_UP) == 0) {
if ((rt0 = rt = rtalloc1(dst, RT_REPORT,
m->m_pkthdr.ph_rtableid)) != NULL)
rt->rt_refcnt--;
else
senderr(EHOSTUNREACH);
}
if (rt->rt_flags & RTF_GATEWAY) {
if (rt->rt_gwroute == NULL)
goto lookup;
if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) {
rtfree(rt);
rt = rt0;
lookup:
rt->rt_gwroute = rtalloc1(rt->rt_gateway,
RT_REPORT, ifp->if_rdomain);
if ((rt = rt->rt_gwroute) == NULL)
senderr(EHOSTUNREACH);
}
}
if (rt->rt_flags & RTF_REJECT)
if (rt->rt_rmx.rmx_expire == 0 ||
time_second < rt->rt_rmx.rmx_expire)
senderr(rt == rt0 ? EHOSTDOWN : EHOSTUNREACH);
}
esrc = ac->ac_enaddr;
switch (dst->sa_family) {
#ifdef INET
case AF_INET:
if (!arpresolve(ac, rt, m, dst, edst))
return (0); /* if not yet resolved */
/* If broadcasting on a simplex interface, loopback a copy */
if ((m->m_flags & M_BCAST) && (ifp->if_flags & IFF_SIMPLEX) &&
!m->m_pkthdr.pf.routed)
mcopy = m_copy(m, 0, (int)M_COPYALL);
etype = htons(ETHERTYPE_IP);
break;
#endif
#ifdef INET6
case AF_INET6:
if (!nd6_storelladdr(ifp, rt, m, dst, (u_char *)edst))
return (0); /* it must be impossible, but... */
etype = htons(ETHERTYPE_IPV6);
break;
#endif
#ifdef MPLS
case AF_MPLS:
if (rt)
dst = rt_key(rt);
else
senderr(EHOSTUNREACH);
if (!ISSET(ifp->if_xflags, IFXF_MPLS))
senderr(ENETUNREACH);
switch (dst->sa_family) {
case AF_LINK:
if (((struct sockaddr_dl *)dst)->sdl_alen <
sizeof(edst))
senderr(EHOSTUNREACH);
memcpy(edst, LLADDR((struct sockaddr_dl *)dst),
sizeof(edst));
break;
case AF_INET:
if (!arpresolve(ac, rt, m, dst, edst))
return (0); /* if not yet resolved */
break;
default:
senderr(EHOSTUNREACH);
}
/* XXX handling for simplex devices in case of M/BCAST ?? */
if (m->m_flags & (M_BCAST | M_MCAST))
etype = htons(ETHERTYPE_MPLS_MCAST);
else
etype = htons(ETHERTYPE_MPLS);
break;
#endif /* MPLS */
case pseudo_AF_HDRCMPLT:
eh = (struct ether_header *)dst->sa_data;
esrc = eh->ether_shost;
/* FALLTHROUGH */
case AF_UNSPEC:
eh = (struct ether_header *)dst->sa_data;
memcpy(edst, eh->ether_dhost, sizeof(edst));
/* AF_UNSPEC doesn't swap the byte order of the ether_type. */
etype = eh->ether_type;
break;
default:
printf("%s: can't handle af%d\n", ifp->if_xname,
dst->sa_family);
senderr(EAFNOSUPPORT);
}
/* XXX Should we feed-back an unencrypted IPsec packet ? */
if (mcopy)
(void) looutput(ifp, mcopy, dst, rt);
#if NCARP > 0
if (ifp0 != ifp && ifp0->if_type == IFT_CARP)
esrc = carp_get_srclladdr(ifp0, esrc);
#endif
if (ether_addheader(&m, ifp, etype, esrc, edst) == -1)
senderr(ENOBUFS);
#if NBRIDGE > 0
/*
* Interfaces that are bridgeports need special handling for output.
*/
if (ifp->if_bridgeport) {
struct m_tag *mtag;
/*
* Check if this packet has already been sent out through
* this bridgeport, in which case we simply send it out
* without further bridge processing.
*/
for (mtag = m_tag_find(m, PACKET_TAG_BRIDGE, NULL); mtag;
mtag = m_tag_find(m, PACKET_TAG_BRIDGE, mtag)) {
#ifdef DEBUG
/* Check that the information is there */
if (mtag->m_tag_len != sizeof(caddr_t)) {
error = EINVAL;
goto bad;
}
#endif
if (!memcmp(&ifp->if_bridgeport, mtag + 1,
sizeof(caddr_t)))
break;
}
if (mtag == NULL) {
/* Attach a tag so we can detect loops */
mtag = m_tag_get(PACKET_TAG_BRIDGE, sizeof(caddr_t),
M_NOWAIT);
if (mtag == NULL) {
error = ENOBUFS;
goto bad;
}
memcpy(mtag + 1, &ifp->if_bridgeport, sizeof(caddr_t));
m_tag_prepend(m, mtag);
error = bridge_output(ifp, m, NULL, NULL);
return (error);
}
}
#endif
mflags = m->m_flags;
len = m->m_pkthdr.len;
s = splnet();
/*
* Queue message on interface, and start output if interface
* not yet active.
*/
IFQ_ENQUEUE(&ifp->if_snd, m, NULL, error);
if (error) {
/* mbuf is already freed */
splx(s);
return (error);
}
ifp->if_obytes += len;
#if NCARP > 0
if (ifp != ifp0)
ifp0->if_obytes += len;
#endif /* NCARP > 0 */
if (mflags & M_MCAST)
ifp->if_omcasts++;
if_start(ifp);
splx(s);
return (error);
bad:
if (m)
m_freem(m);
return (error);
}