Annotation of sys/net/if_gre.c, Revision 1.1
1.1 ! nbrk 1: /* $OpenBSD: if_gre.c,v 1.41 2006/05/28 04:30:16 claudio Exp $ */
! 2: /* $NetBSD: if_gre.c,v 1.9 1999/10/25 19:18:11 drochner Exp $ */
! 3:
! 4: /*
! 5: * Copyright (c) 1998 The NetBSD Foundation, Inc.
! 6: * All rights reserved.
! 7: *
! 8: * This code is derived from software contributed to The NetBSD Foundation
! 9: * by Heiko W.Rupp <hwr@pilhuhn.de>
! 10: *
! 11: * IPv6-over-GRE contributed by Gert Doering <gert@greenie.muc.de>
! 12: *
! 13: * Redistribution and use in source and binary forms, with or without
! 14: * modification, are permitted provided that the following conditions
! 15: * are met:
! 16: * 1. Redistributions of source code must retain the above copyright
! 17: * notice, this list of conditions and the following disclaimer.
! 18: * 2. Redistributions in binary form must reproduce the above copyright
! 19: * notice, this list of conditions and the following disclaimer in the
! 20: * documentation and/or other materials provided with the distribution.
! 21: * 3. All advertising materials mentioning features or use of this software
! 22: * must display the following acknowledgement:
! 23: * This product includes software developed by the NetBSD
! 24: * Foundation, Inc. and its contributors.
! 25: * 4. Neither the name of The NetBSD Foundation nor the names of its
! 26: * contributors may be used to endorse or promote products derived
! 27: * from this software without specific prior written permission.
! 28: *
! 29: * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
! 30: * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
! 31: * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
! 32: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
! 33: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
! 34: * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
! 35: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
! 36: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
! 37: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
! 38: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
! 39: * POSSIBILITY OF SUCH DAMAGE.
! 40: */
! 41:
! 42: /*
! 43: * Encapsulate L3 protocols into IP, per RFC 1701 and 1702.
! 44: * See gre(4) for more details.
! 45: * Also supported: IP in IP encapsulation (proto 55) per RFC 2004.
! 46: */
! 47:
! 48: #include "gre.h"
! 49: #if NGRE > 0
! 50:
! 51: #include "bpfilter.h"
! 52:
! 53: #include <sys/param.h>
! 54: #include <sys/proc.h>
! 55: #include <sys/mbuf.h>
! 56: #include <sys/socket.h>
! 57: #include <sys/sockio.h>
! 58: #include <sys/kernel.h>
! 59: #include <sys/systm.h>
! 60:
! 61: #include <net/if.h>
! 62: #include <net/if_types.h>
! 63: #include <net/netisr.h>
! 64: #include <net/route.h>
! 65:
! 66: #ifdef INET
! 67: #include <netinet/in.h>
! 68: #include <netinet/in_systm.h>
! 69: #include <netinet/in_var.h>
! 70: #include <netinet/ip.h>
! 71: #include <netinet/ip_var.h>
! 72: #include <netinet/if_ether.h>
! 73: #else
! 74: #error "if_gre used without inet"
! 75: #endif
! 76:
! 77: #ifdef NETATALK
! 78: #include <netatalk/at.h>
! 79: #include <netatalk/at_var.h>
! 80: #include <netatalk/at_extern.h>
! 81: #endif
! 82:
! 83: #if NBPFILTER > 0
! 84: #include <net/bpf.h>
! 85: #endif
! 86:
! 87: #include <net/if_gre.h>
! 88:
! 89: #ifndef GRE_RECURSION_LIMIT
! 90: #define GRE_RECURSION_LIMIT 3 /* How many levels of recursion allowed */
! 91: #endif /* GRE_RECURSION_LIMIT */
! 92:
! 93: /*
! 94: * It is not easy to calculate the right value for a GRE MTU.
! 95: * We leave this task to the admin and use the same default that
! 96: * other vendors use.
! 97: */
! 98: #define GREMTU 1476
! 99:
! 100: int gre_clone_create(struct if_clone *, int);
! 101: int gre_clone_destroy(struct ifnet *);
! 102:
! 103: struct gre_softc_head gre_softc_list;
! 104: struct if_clone gre_cloner =
! 105: IF_CLONE_INITIALIZER("gre", gre_clone_create, gre_clone_destroy);
! 106:
! 107: /*
! 108: * We can control the acceptance of GRE and MobileIP packets by
! 109: * altering the sysctl net.inet.gre.allow and net.inet.mobileip.allow values
! 110: * respectively. Zero means drop them, all else is acceptance. We can also
! 111: * control acceptance of WCCPv1-style GRE packets through the
! 112: * net.inet.gre.wccp value, but be aware it depends upon normal GRE being
! 113: * allowed as well.
! 114: *
! 115: */
! 116: int gre_allow = 0;
! 117: int gre_wccp = 0;
! 118: int ip_mobile_allow = 0;
! 119:
! 120: static void gre_compute_route(struct gre_softc *sc);
! 121:
! 122: void
! 123: greattach(int n)
! 124: {
! 125: LIST_INIT(&gre_softc_list);
! 126: if_clone_attach(&gre_cloner);
! 127: }
! 128:
! 129: int
! 130: gre_clone_create(struct if_clone *ifc, int unit)
! 131: {
! 132: struct gre_softc *sc;
! 133: int s;
! 134:
! 135: sc = malloc(sizeof(*sc), M_DEVBUF, M_NOWAIT);
! 136: if (!sc)
! 137: return (ENOMEM);
! 138: bzero(sc, sizeof(*sc));
! 139: snprintf(sc->sc_if.if_xname, sizeof sc->sc_if.if_xname, "%s%d",
! 140: ifc->ifc_name, unit);
! 141: sc->sc_if.if_softc = sc;
! 142: sc->sc_if.if_type = IFT_TUNNEL;
! 143: sc->sc_if.if_addrlen = 0;
! 144: sc->sc_if.if_hdrlen = 24; /* IP + GRE */
! 145: sc->sc_if.if_mtu = GREMTU;
! 146: sc->sc_if.if_flags = IFF_POINTOPOINT|IFF_MULTICAST;
! 147: sc->sc_if.if_output = gre_output;
! 148: sc->sc_if.if_ioctl = gre_ioctl;
! 149: sc->sc_if.if_collisions = 0;
! 150: sc->sc_if.if_ierrors = 0;
! 151: sc->sc_if.if_oerrors = 0;
! 152: sc->sc_if.if_ipackets = 0;
! 153: sc->sc_if.if_opackets = 0;
! 154: sc->g_dst.s_addr = sc->g_src.s_addr = INADDR_ANY;
! 155: sc->g_proto = IPPROTO_GRE;
! 156: sc->sc_if.if_flags |= IFF_LINK0;
! 157:
! 158: if_attach(&sc->sc_if);
! 159: if_alloc_sadl(&sc->sc_if);
! 160:
! 161: #if NBPFILTER > 0
! 162: bpfattach(&sc->sc_if.if_bpf, &sc->sc_if, DLT_NULL,
! 163: sizeof(u_int32_t));
! 164: #endif
! 165: s = splnet();
! 166: LIST_INSERT_HEAD(&gre_softc_list, sc, sc_list);
! 167: splx(s);
! 168:
! 169: return (0);
! 170: }
! 171:
! 172: int
! 173: gre_clone_destroy(struct ifnet *ifp)
! 174: {
! 175: struct gre_softc *sc = ifp->if_softc;
! 176: int s;
! 177:
! 178: s = splnet();
! 179: LIST_REMOVE(sc, sc_list);
! 180: splx(s);
! 181:
! 182: if_detach(ifp);
! 183:
! 184: free(sc, M_DEVBUF);
! 185: return (0);
! 186: }
! 187:
! 188: /*
! 189: * The output routine. Takes a packet and encapsulates it in the protocol
! 190: * given by sc->g_proto. See also RFC 1701 and RFC 2004.
! 191: */
! 192:
! 193: int
! 194: gre_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
! 195: struct rtentry *rt)
! 196: {
! 197: int error = 0;
! 198: struct gre_softc *sc = (struct gre_softc *) (ifp->if_softc);
! 199: struct greip *gh = NULL;
! 200: struct ip *inp = NULL;
! 201: u_int8_t ip_tos = 0;
! 202: u_int16_t etype = 0;
! 203: struct mobile_h mob_h;
! 204: struct m_tag *mtag;
! 205:
! 206: if ((ifp->if_flags & IFF_UP) == 0 ||
! 207: sc->g_src.s_addr == INADDR_ANY || sc->g_dst.s_addr == INADDR_ANY) {
! 208: m_freem(m);
! 209: error = ENETDOWN;
! 210: goto end;
! 211: }
! 212:
! 213: /* Try to limit infinite recursion through misconfiguration. */
! 214: for (mtag = m_tag_find(m, PACKET_TAG_GRE, NULL); mtag;
! 215: mtag = m_tag_find(m, PACKET_TAG_GRE, mtag)) {
! 216: if (!bcmp((caddr_t)(mtag + 1), &ifp, sizeof(struct ifnet *))) {
! 217: IF_DROP(&ifp->if_snd);
! 218: m_freem(m);
! 219: error = EIO;
! 220: goto end;
! 221: }
! 222: }
! 223:
! 224: mtag = m_tag_get(PACKET_TAG_GRE, sizeof(struct ifnet *), M_NOWAIT);
! 225: if (mtag == NULL) {
! 226: IF_DROP(&ifp->if_snd);
! 227: m_freem(m);
! 228: error = ENOBUFS;
! 229: goto end;
! 230: }
! 231: bcopy(&ifp, (caddr_t)(mtag + 1), sizeof(struct ifnet *));
! 232: m_tag_prepend(m, mtag);
! 233:
! 234: m->m_flags &= ~(M_BCAST|M_MCAST);
! 235:
! 236: #if NBPFILTER >0
! 237: if (ifp->if_bpf)
! 238: bpf_mtap_af(ifp->if_bpf, dst->sa_family, m, BPF_DIRECTION_OUT);
! 239: #endif
! 240:
! 241: if (sc->g_proto == IPPROTO_MOBILE) {
! 242: if (ip_mobile_allow == 0) {
! 243: IF_DROP(&ifp->if_snd);
! 244: m_freem(m);
! 245: error = EACCES;
! 246: goto end;
! 247: }
! 248:
! 249: if (dst->sa_family == AF_INET) {
! 250: struct mbuf *m0;
! 251: int msiz;
! 252:
! 253: /*
! 254: * Make sure the complete IP header (with options)
! 255: * is in the first mbuf.
! 256: */
! 257: if (m->m_len < sizeof(struct ip)) {
! 258: m = m_pullup(m, sizeof(struct ip));
! 259: if (m == NULL) {
! 260: IF_DROP(&ifp->if_snd);
! 261: error = ENOBUFS;
! 262: goto end;
! 263: } else
! 264: inp = mtod(m, struct ip *);
! 265:
! 266: if (m->m_len < inp->ip_hl << 2) {
! 267: m = m_pullup(m, inp->ip_hl << 2);
! 268: if (m == NULL) {
! 269: IF_DROP(&ifp->if_snd);
! 270: error = ENOBUFS;
! 271: goto end;
! 272: }
! 273: }
! 274: }
! 275:
! 276: inp = mtod(m, struct ip *);
! 277:
! 278: bzero(&mob_h, MOB_H_SIZ_L);
! 279: mob_h.proto = (inp->ip_p) << 8;
! 280: mob_h.odst = inp->ip_dst.s_addr;
! 281: inp->ip_dst.s_addr = sc->g_dst.s_addr;
! 282:
! 283: /*
! 284: * If the packet comes from our host, we only change
! 285: * the destination address in the IP header.
! 286: * Otherwise we need to save and change the source.
! 287: */
! 288: if (inp->ip_src.s_addr == sc->g_src.s_addr) {
! 289: msiz = MOB_H_SIZ_S;
! 290: } else {
! 291: mob_h.proto |= MOB_H_SBIT;
! 292: mob_h.osrc = inp->ip_src.s_addr;
! 293: inp->ip_src.s_addr = sc->g_src.s_addr;
! 294: msiz = MOB_H_SIZ_L;
! 295: }
! 296:
! 297: HTONS(mob_h.proto);
! 298: mob_h.hcrc = gre_in_cksum((u_int16_t *) &mob_h, msiz);
! 299:
! 300: /* Squeeze in the mobility header */
! 301: if ((m->m_data - msiz) < m->m_pktdat) {
! 302: /* Need new mbuf */
! 303: MGETHDR(m0, M_DONTWAIT, MT_HEADER);
! 304: if (m0 == NULL) {
! 305: IF_DROP(&ifp->if_snd);
! 306: m_freem(m);
! 307: error = ENOBUFS;
! 308: goto end;
! 309: }
! 310: M_MOVE_HDR(m0, m);
! 311:
! 312: m0->m_len = msiz + (inp->ip_hl << 2);
! 313: m0->m_data += max_linkhdr;
! 314: m0->m_pkthdr.len = m->m_pkthdr.len + msiz;
! 315: m->m_data += inp->ip_hl << 2;
! 316: m->m_len -= inp->ip_hl << 2;
! 317:
! 318: bcopy((caddr_t) inp, mtod(m0, caddr_t),
! 319: sizeof(struct ip));
! 320:
! 321: m0->m_next = m;
! 322: m = m0;
! 323: } else { /* we have some space left in the old one */
! 324: m->m_data -= msiz;
! 325: m->m_len += msiz;
! 326: m->m_pkthdr.len += msiz;
! 327: bcopy(inp, mtod(m, caddr_t),
! 328: inp->ip_hl << 2);
! 329: }
! 330:
! 331: /* Copy Mobility header */
! 332: inp = mtod(m, struct ip *);
! 333: bcopy(&mob_h, (caddr_t)(inp + 1), (unsigned) msiz);
! 334: inp->ip_len = htons(ntohs(inp->ip_len) + msiz);
! 335: } else { /* AF_INET */
! 336: IF_DROP(&ifp->if_snd);
! 337: m_freem(m);
! 338: error = EINVAL;
! 339: goto end;
! 340: }
! 341: } else if (sc->g_proto == IPPROTO_GRE) {
! 342: if (gre_allow == 0) {
! 343: IF_DROP(&ifp->if_snd);
! 344: m_freem(m);
! 345: error = EACCES;
! 346: goto end;
! 347: }
! 348:
! 349: switch(dst->sa_family) {
! 350: case AF_INET:
! 351: if (m->m_len < sizeof(struct ip)) {
! 352: m = m_pullup(m, sizeof(struct ip));
! 353: if (m == NULL) {
! 354: IF_DROP(&ifp->if_snd);
! 355: error = ENOBUFS;
! 356: goto end;
! 357: }
! 358: }
! 359:
! 360: inp = mtod(m, struct ip *);
! 361: ip_tos = inp->ip_tos;
! 362: etype = ETHERTYPE_IP;
! 363: break;
! 364: #ifdef NETATALK
! 365: case AF_APPLETALK:
! 366: etype = ETHERTYPE_AT;
! 367: break;
! 368: #endif
! 369: #ifdef INET6
! 370: case AF_INET6:
! 371: etype = ETHERTYPE_IPV6;
! 372: break;
! 373: #endif
! 374: default:
! 375: IF_DROP(&ifp->if_snd);
! 376: m_freem(m);
! 377: error = EAFNOSUPPORT;
! 378: goto end;
! 379: }
! 380:
! 381: M_PREPEND(m, sizeof(struct greip), M_DONTWAIT);
! 382: } else {
! 383: IF_DROP(&ifp->if_snd);
! 384: m_freem(m);
! 385: error = EINVAL;
! 386: goto end;
! 387: }
! 388:
! 389: if (m == NULL) {
! 390: IF_DROP(&ifp->if_snd);
! 391: error = ENOBUFS;
! 392: goto end;
! 393: }
! 394:
! 395: gh = mtod(m, struct greip *);
! 396: if (sc->g_proto == IPPROTO_GRE) {
! 397: /* We don't support any GRE flags for now */
! 398:
! 399: bzero((void *) &gh->gi_g, sizeof(struct gre_h));
! 400: gh->gi_ptype = htons(etype);
! 401: }
! 402:
! 403: gh->gi_pr = sc->g_proto;
! 404: if (sc->g_proto != IPPROTO_MOBILE) {
! 405: gh->gi_src = sc->g_src;
! 406: gh->gi_dst = sc->g_dst;
! 407: ((struct ip *) gh)->ip_hl = (sizeof(struct ip)) >> 2;
! 408: ((struct ip *) gh)->ip_ttl = ip_defttl;
! 409: ((struct ip *) gh)->ip_tos = ip_tos;
! 410: gh->gi_len = htons(m->m_pkthdr.len);
! 411: }
! 412:
! 413: ifp->if_opackets++;
! 414: ifp->if_obytes += m->m_pkthdr.len;
! 415:
! 416: /* Send it off */
! 417: error = ip_output(m, (void *)NULL, &sc->route, 0, (void *)NULL, (void *)NULL);
! 418: end:
! 419: if (error)
! 420: ifp->if_oerrors++;
! 421: return (error);
! 422: }
! 423:
! 424: int
! 425: gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
! 426: {
! 427:
! 428: struct ifreq *ifr = (struct ifreq *) data;
! 429: struct if_laddrreq *lifr = (struct if_laddrreq *)data;
! 430: struct gre_softc *sc = ifp->if_softc;
! 431: int s;
! 432: struct sockaddr_in si;
! 433: struct sockaddr *sa = NULL;
! 434: int error = 0;
! 435: struct proc *prc = curproc; /* XXX */
! 436:
! 437: s = splnet();
! 438: switch(cmd) {
! 439: case SIOCSIFADDR:
! 440: ifp->if_flags |= IFF_UP;
! 441: break;
! 442: case SIOCSIFDSTADDR:
! 443: break;
! 444: case SIOCSIFFLAGS:
! 445: if ((ifr->ifr_flags & IFF_LINK0) != 0)
! 446: sc->g_proto = IPPROTO_GRE;
! 447: else
! 448: sc->g_proto = IPPROTO_MOBILE;
! 449: break;
! 450: case SIOCSIFMTU:
! 451: if (ifr->ifr_mtu < 576) {
! 452: error = EINVAL;
! 453: break;
! 454: }
! 455: ifp->if_mtu = ifr->ifr_mtu;
! 456: break;
! 457: case SIOCGIFMTU:
! 458: ifr->ifr_mtu = sc->sc_if.if_mtu;
! 459: break;
! 460: case SIOCADDMULTI:
! 461: case SIOCDELMULTI:
! 462: if (ifr == 0) {
! 463: error = EAFNOSUPPORT;
! 464: break;
! 465: }
! 466: switch (ifr->ifr_addr.sa_family) {
! 467: #ifdef INET
! 468: case AF_INET:
! 469: break;
! 470: #endif
! 471: #ifdef INET6
! 472: case AF_INET6:
! 473: break;
! 474: #endif
! 475: default:
! 476: error = EAFNOSUPPORT;
! 477: break;
! 478: }
! 479: break;
! 480: case GRESPROTO:
! 481: /* Check for superuser */
! 482: if ((error = suser(prc, 0)) != 0)
! 483: break;
! 484:
! 485: sc->g_proto = ifr->ifr_flags;
! 486: switch (sc->g_proto) {
! 487: case IPPROTO_GRE:
! 488: ifp->if_flags |= IFF_LINK0;
! 489: break;
! 490: case IPPROTO_MOBILE:
! 491: ifp->if_flags &= ~IFF_LINK0;
! 492: break;
! 493: default:
! 494: error = EPROTONOSUPPORT;
! 495: break;
! 496: }
! 497: break;
! 498: case GREGPROTO:
! 499: ifr->ifr_flags = sc->g_proto;
! 500: break;
! 501: case GRESADDRS:
! 502: case GRESADDRD:
! 503: /* Check for superuser */
! 504: if ((error = suser(prc, 0)) != 0)
! 505: break;
! 506:
! 507: /*
! 508: * set tunnel endpoints, compute a less specific route
! 509: * to the remote end and mark if as up
! 510: */
! 511: sa = &ifr->ifr_addr;
! 512: if (cmd == GRESADDRS )
! 513: sc->g_src = (satosin(sa))->sin_addr;
! 514: if (cmd == GRESADDRD )
! 515: sc->g_dst = (satosin(sa))->sin_addr;
! 516: recompute:
! 517: if ((sc->g_src.s_addr != INADDR_ANY) &&
! 518: (sc->g_dst.s_addr != INADDR_ANY)) {
! 519: if (sc->route.ro_rt != 0) {
! 520: /* free old route */
! 521: RTFREE(sc->route.ro_rt);
! 522: sc->route.ro_rt = (struct rtentry *) 0;
! 523: }
! 524: gre_compute_route(sc);
! 525: ifp->if_flags |= IFF_UP;
! 526: }
! 527: break;
! 528: case GREGADDRS:
! 529: bzero(&si, sizeof(si));
! 530: si.sin_family = AF_INET;
! 531: si.sin_len = sizeof(struct sockaddr_in);
! 532: si.sin_addr.s_addr = sc->g_src.s_addr;
! 533: sa = sintosa(&si);
! 534: ifr->ifr_addr = *sa;
! 535: break;
! 536: case GREGADDRD:
! 537: bzero(&si, sizeof(si));
! 538: si.sin_family = AF_INET;
! 539: si.sin_len = sizeof(struct sockaddr_in);
! 540: si.sin_addr.s_addr = sc->g_dst.s_addr;
! 541: sa = sintosa(&si);
! 542: ifr->ifr_addr = *sa;
! 543: break;
! 544: case SIOCSLIFPHYADDR:
! 545: if ((error = suser(prc, 0)) != 0)
! 546: break;
! 547: if (lifr->addr.ss_family != AF_INET ||
! 548: lifr->dstaddr.ss_family != AF_INET) {
! 549: error = EAFNOSUPPORT;
! 550: break;
! 551: }
! 552: if (lifr->addr.ss_len != sizeof(si) ||
! 553: lifr->dstaddr.ss_len != sizeof(si)) {
! 554: error = EINVAL;
! 555: break;
! 556: }
! 557: sc->g_src = (satosin((struct sockadrr *)&lifr->addr))->sin_addr;
! 558: sc->g_dst =
! 559: (satosin((struct sockadrr *)&lifr->dstaddr))->sin_addr;
! 560: goto recompute;
! 561: case SIOCDIFPHYADDR:
! 562: if ((error = suser(prc, 0)) != 0)
! 563: break;
! 564: sc->g_src.s_addr = INADDR_ANY;
! 565: sc->g_dst.s_addr = INADDR_ANY;
! 566: break;
! 567: case SIOCGLIFPHYADDR:
! 568: if (sc->g_src.s_addr == INADDR_ANY ||
! 569: sc->g_dst.s_addr == INADDR_ANY) {
! 570: error = EADDRNOTAVAIL;
! 571: break;
! 572: }
! 573: bzero(&si, sizeof(si));
! 574: si.sin_family = AF_INET;
! 575: si.sin_len = sizeof(struct sockaddr_in);
! 576: si.sin_addr.s_addr = sc->g_src.s_addr;
! 577: memcpy(&lifr->addr, &si, sizeof(si));
! 578: si.sin_addr.s_addr = sc->g_dst.s_addr;
! 579: memcpy(&lifr->dstaddr, &si, sizeof(si));
! 580: break;
! 581: default:
! 582: error = EINVAL;
! 583: }
! 584:
! 585: splx(s);
! 586: return (error);
! 587: }
! 588:
! 589: /*
! 590: * computes a route to our destination that is not the one
! 591: * which would be taken by ip_output(), as this one will loop back to
! 592: * us. If the interface is p2p as a--->b, then a routing entry exists
! 593: * If we now send a packet to b (e.g. ping b), this will come down here
! 594: * gets src=a, dst=b tacked on and would from ip_output() sent back to
! 595: * if_gre.
! 596: * Goal here is to compute a route to b that is less specific than
! 597: * a-->b. We know that this one exists as in normal operation we have
! 598: * at least a default route which matches.
! 599: */
! 600:
! 601: static void
! 602: gre_compute_route(struct gre_softc *sc)
! 603: {
! 604: struct route *ro;
! 605: u_int32_t a, b, c;
! 606:
! 607: ro = &sc->route;
! 608:
! 609: bzero(ro, sizeof(struct route));
! 610: ((struct sockaddr_in *) &ro->ro_dst)->sin_addr = sc->g_dst;
! 611: ro->ro_dst.sa_family = AF_INET;
! 612: ro->ro_dst.sa_len = sizeof(ro->ro_dst);
! 613:
! 614: /*
! 615: * toggle last bit, so our interface is not found, but a less
! 616: * specific route. I'd rather like to specify a shorter mask,
! 617: * but this is not possible. Should work though. XXX
! 618: * there is a simpler way ...
! 619: */
! 620: if ((sc->sc_if.if_flags & IFF_LINK1) == 0) {
! 621: a = ntohl(sc->g_dst.s_addr);
! 622: b = a & 0x01;
! 623: c = a & 0xfffffffe;
! 624: b = b ^ 0x01;
! 625: a = b | c;
! 626: ((struct sockaddr_in *) &ro->ro_dst)->sin_addr.s_addr = htonl(a);
! 627: }
! 628:
! 629: rtalloc(ro);
! 630: if (ro->ro_rt == 0)
! 631: return;
! 632:
! 633: /*
! 634: * Check whether we just created a loop. An even more paranoid
! 635: * check would be against all GRE interfaces, but that would
! 636: * not allow people to link GRE tunnels.
! 637: */
! 638: if (ro->ro_rt->rt_ifp == &sc->sc_if) {
! 639: RTFREE(ro->ro_rt);
! 640: ro->ro_rt = (struct rtentry *) 0;
! 641: return;
! 642: }
! 643:
! 644: /*
! 645: * now change it back - else ip_output will just drop
! 646: * the route and search one to this interface ...
! 647: */
! 648: if ((sc->sc_if.if_flags & IFF_LINK1) == 0)
! 649: ((struct sockaddr_in *) &ro->ro_dst)->sin_addr = sc->g_dst;
! 650: }
! 651:
! 652: /*
! 653: * do a checksum of a buffer - much like in_cksum, which operates on
! 654: * mbufs.
! 655: */
! 656: u_int16_t
! 657: gre_in_cksum(u_int16_t *p, u_int len)
! 658: {
! 659: u_int32_t sum = 0;
! 660: int nwords = len >> 1;
! 661:
! 662: while (nwords-- != 0)
! 663: sum += *p++;
! 664:
! 665: if (len & 1) {
! 666: union {
! 667: u_short w;
! 668: u_char c[2];
! 669: } u;
! 670: u.c[0] = *(u_char *) p;
! 671: u.c[1] = 0;
! 672: sum += u.w;
! 673: }
! 674:
! 675: /* end-around-carry */
! 676: sum = (sum >> 16) + (sum & 0xffff);
! 677: sum += (sum >> 16);
! 678: return (~sum);
! 679: }
! 680: #endif
CVSweb
![[BACK]](/icons/back.gif){kind=icon}
Return to if_gre.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / sys / net