ip6_input.c revision 1.102
1 /* $NetBSD: ip6_input.c,v 1.102 2007/04/22 19:47:41 christos Exp $ */ 2 /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.102 2007/04/22 19:47:41 christos Exp $"); 66 67 #include "opt_inet.h" 68 #include "opt_inet6.h" 69 #include "opt_ipsec.h" 70 #include "opt_pfil_hooks.h" 71 72 #include <sys/param.h> 73 #include <sys/systm.h> 74 #include <sys/malloc.h> 75 #include <sys/mbuf.h> 76 #include <sys/domain.h> 77 #include <sys/protosw.h> 78 #include <sys/socket.h> 79 #include <sys/socketvar.h> 80 #include <sys/errno.h> 81 #include <sys/time.h> 82 #include <sys/kernel.h> 83 #include <sys/syslog.h> 84 #include <sys/proc.h> 85 #include <sys/sysctl.h> 86 87 #include <net/if.h> 88 #include <net/if_types.h> 89 #include <net/if_dl.h> 90 #include <net/route.h> 91 #include <net/netisr.h> 92 #ifdef PFIL_HOOKS 93 #include <net/pfil.h> 94 #endif 95 96 #include <netinet/in.h> 97 #include <netinet/in_systm.h> 98 #ifdef INET 99 #include <netinet/ip.h> 100 #include <netinet/ip_icmp.h> 101 #endif /* INET */ 102 #include <netinet/ip6.h> 103 #include <netinet6/in6_var.h> 104 #include <netinet6/ip6_var.h> 105 #include <netinet6/in6_pcb.h> 106 #include <netinet/icmp6.h> 107 #include <netinet6/scope6_var.h> 108 #include <netinet6/in6_ifattach.h> 109 #include <netinet6/nd6.h> 110 111 #ifdef IPSEC 112 #include <netinet6/ipsec.h> 113 #endif 114 115 #ifdef FAST_IPSEC 116 #include <netipsec/ipsec.h> 117 #include <netipsec/ipsec6.h> 118 #include <netipsec/key.h> 119 #endif /* FAST_IPSEC */ 120 121 #include <netinet6/ip6protosw.h> 122 123 #include "faith.h" 124 #include "gif.h" 125 126 #if NGIF > 0 127 #include <netinet6/in6_gif.h> 128 #endif 129 130 #include <net/net_osdep.h> 131 132 extern struct domain inet6domain; 133 134 u_char ip6_protox[IPPROTO_MAX]; 135 static int ip6qmaxlen = IFQ_MAXLEN; 136 struct in6_ifaddr *in6_ifaddr; 137 struct ifqueue ip6intrq; 138 139 extern struct callout in6_tmpaddrtimer_ch; 140 141 int ip6_forward_srcrt; /* XXX */ 142 int ip6_sourcecheck; /* XXX */ 143 int ip6_sourcecheck_interval; /* XXX */ 144 145 #ifdef PFIL_HOOKS 146 struct pfil_head inet6_pfil_hook; 147 #endif 148 149 struct ip6stat ip6stat; 150 151 static void ip6_init2 __P((void *)); 152 static struct m_tag *ip6_setdstifaddr __P((struct mbuf *, struct in6_ifaddr *)); 153 154 static int ip6_hopopts_input __P((u_int32_t *, u_int32_t *, struct mbuf **, int *)); 155 static struct mbuf *ip6_pullexthdr __P((struct mbuf *, size_t, int)); 156 157 /* 158 * IP6 initialization: fill in IP6 protocol switch table. 159 * All protocols not implemented in kernel go to raw IP6 protocol handler. 160 */ 161 void 162 ip6_init() 163 { 164 const struct ip6protosw *pr; 165 int i; 166 167 pr = (const struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW); 168 if (pr == 0) 169 panic("ip6_init"); 170 for (i = 0; i < IPPROTO_MAX; i++) 171 ip6_protox[i] = pr - inet6sw; 172 for (pr = (const struct ip6protosw *)inet6domain.dom_protosw; 173 pr < (const struct ip6protosw *)inet6domain.dom_protoswNPROTOSW; pr++) 174 if (pr->pr_domain->dom_family == PF_INET6 && 175 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW) 176 ip6_protox[pr->pr_protocol] = pr - inet6sw; 177 ip6intrq.ifq_maxlen = ip6qmaxlen; 178 scope6_init(); 179 addrsel_policy_init(); 180 nd6_init(); 181 frag6_init(); 182 ip6_desync_factor = arc4random() % MAX_TEMP_DESYNC_FACTOR; 183 184 ip6_init2((void *)0); 185 #ifdef GATEWAY 186 ip6flow_init(ip6_hashsize); 187 #endif 188 189 #ifdef PFIL_HOOKS 190 /* Register our Packet Filter hook. */ 191 inet6_pfil_hook.ph_type = PFIL_TYPE_AF; 192 inet6_pfil_hook.ph_af = AF_INET6; 193 i = pfil_head_register(&inet6_pfil_hook); 194 if (i != 0) 195 printf("ip6_init: WARNING: unable to register pfil hook, " 196 "error %d\n", i); 197 #endif /* PFIL_HOOKS */ 198 } 199 200 static void 201 ip6_init2(void *dummy) 202 { 203 204 /* nd6_timer_init */ 205 callout_init(&nd6_timer_ch); 206 callout_reset(&nd6_timer_ch, hz, nd6_timer, NULL); 207 208 /* timer for regeneranation of temporary addresses randomize ID */ 209 callout_init(&in6_tmpaddrtimer_ch); 210 callout_reset(&in6_tmpaddrtimer_ch, 211 (ip6_temp_preferred_lifetime - ip6_desync_factor - 212 ip6_temp_regen_advance) * hz, 213 in6_tmpaddrtimer, NULL); 214 } 215 216 /* 217 * IP6 input interrupt handling. Just pass the packet to ip6_input. 218 */ 219 void 220 ip6intr() 221 { 222 int s; 223 struct mbuf *m; 224 225 for (;;) { 226 s = splnet(); 227 IF_DEQUEUE(&ip6intrq, m); 228 splx(s); 229 if (m == 0) 230 return; 231 /* drop the packet if IPv6 operation is disabled on the IF */ 232 if ((ND_IFINFO(m->m_pkthdr.rcvif)->flags & ND6_IFF_IFDISABLED)) { 233 m_freem(m); 234 return; 235 } 236 ip6_input(m); 237 } 238 } 239 240 extern struct route_in6 ip6_forward_rt; 241 242 void 243 ip6_input(struct mbuf *m) 244 { 245 struct ip6_hdr *ip6; 246 int off = sizeof(struct ip6_hdr), nest; 247 u_int32_t plen; 248 u_int32_t rtalert = ~0; 249 int nxt, ours = 0; 250 struct ifnet *deliverifp = NULL; 251 int srcrt = 0; 252 #ifdef FAST_IPSEC 253 struct m_tag *mtag; 254 struct tdb_ident *tdbi; 255 struct secpolicy *sp; 256 int s, error; 257 #endif 258 259 #ifdef IPSEC 260 /* 261 * should the inner packet be considered authentic? 262 * see comment in ah4_input(). 263 */ 264 m->m_flags &= ~M_AUTHIPHDR; 265 m->m_flags &= ~M_AUTHIPDGM; 266 #endif 267 268 /* 269 * make sure we don't have onion peering information into m_tag. 270 */ 271 ip6_delaux(m); 272 273 /* 274 * mbuf statistics 275 */ 276 if (m->m_flags & M_EXT) { 277 if (m->m_next) 278 ip6stat.ip6s_mext2m++; 279 else 280 ip6stat.ip6s_mext1++; 281 } else { 282 #define M2MMAX __arraycount(ip6stat.ip6s_m2m) 283 if (m->m_next) { 284 if (m->m_flags & M_LOOP) { 285 ip6stat.ip6s_m2m[lo0ifp->if_index]++; /* XXX */ 286 } else if (m->m_pkthdr.rcvif->if_index < M2MMAX) 287 ip6stat.ip6s_m2m[m->m_pkthdr.rcvif->if_index]++; 288 else 289 ip6stat.ip6s_m2m[0]++; 290 } else 291 ip6stat.ip6s_m1++; 292 #undef M2MMAX 293 } 294 295 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_receive); 296 ip6stat.ip6s_total++; 297 298 /* 299 * If the IPv6 header is not aligned, slurp it up into a new 300 * mbuf with space for link headers, in the event we forward 301 * it. Otherwise, if it is aligned, make sure the entire base 302 * IPv6 header is in the first mbuf of the chain. 303 */ 304 if (IP6_HDR_ALIGNED_P(mtod(m, void *)) == 0) { 305 struct ifnet *inifp = m->m_pkthdr.rcvif; 306 if ((m = m_copyup(m, sizeof(struct ip6_hdr), 307 (max_linkhdr + 3) & ~3)) == NULL) { 308 /* XXXJRT new stat, please */ 309 ip6stat.ip6s_toosmall++; 310 in6_ifstat_inc(inifp, ifs6_in_hdrerr); 311 return; 312 } 313 } else if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) { 314 struct ifnet *inifp = m->m_pkthdr.rcvif; 315 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) { 316 ip6stat.ip6s_toosmall++; 317 in6_ifstat_inc(inifp, ifs6_in_hdrerr); 318 return; 319 } 320 } 321 322 ip6 = mtod(m, struct ip6_hdr *); 323 324 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) { 325 ip6stat.ip6s_badvers++; 326 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); 327 goto bad; 328 } 329 330 #if defined(IPSEC) 331 /* IPv6 fast forwarding is not compatible with IPsec. */ 332 m->m_flags &= ~M_CANFASTFWD; 333 #else 334 /* 335 * Assume that we can create a fast-forward IP flow entry 336 * based on this packet. 337 */ 338 m->m_flags |= M_CANFASTFWD; 339 #endif 340 341 #ifdef PFIL_HOOKS 342 /* 343 * Run through list of hooks for input packets. If there are any 344 * filters which require that additional packets in the flow are 345 * not fast-forwarded, they must clear the M_CANFASTFWD flag. 346 * Note that filters must _never_ set this flag, as another filter 347 * in the list may have previously cleared it. 348 */ 349 /* 350 * let ipfilter look at packet on the wire, 351 * not the decapsulated packet. 352 */ 353 #ifdef IPSEC 354 if (!ipsec_getnhist(m)) 355 #elif defined(FAST_IPSEC) 356 if (!ipsec_indone(m)) 357 #else 358 if (1) 359 #endif 360 { 361 struct in6_addr odst; 362 363 odst = ip6->ip6_dst; 364 if (pfil_run_hooks(&inet6_pfil_hook, &m, m->m_pkthdr.rcvif, 365 PFIL_IN) != 0) 366 return; 367 if (m == NULL) 368 return; 369 ip6 = mtod(m, struct ip6_hdr *); 370 srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); 371 } 372 #endif /* PFIL_HOOKS */ 373 374 ip6stat.ip6s_nxthist[ip6->ip6_nxt]++; 375 376 #ifdef ALTQ 377 if (altq_input != NULL && (*altq_input)(m, AF_INET6) == 0) { 378 /* packet is dropped by traffic conditioner */ 379 return; 380 } 381 #endif 382 383 /* 384 * Check against address spoofing/corruption. 385 */ 386 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) || 387 IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) { 388 /* 389 * XXX: "badscope" is not very suitable for a multicast source. 390 */ 391 ip6stat.ip6s_badscope++; 392 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 393 goto bad; 394 } 395 /* 396 * The following check is not documented in specs. A malicious 397 * party may be able to use IPv4 mapped addr to confuse tcp/udp stack 398 * and bypass security checks (act as if it was from 127.0.0.1 by using 399 * IPv6 src ::ffff:127.0.0.1). Be cautious. 400 * 401 * This check chokes if we are in an SIIT cloud. As none of BSDs 402 * support IPv4-less kernel compilation, we cannot support SIIT 403 * environment at all. So, it makes more sense for us to reject any 404 * malicious packets for non-SIIT environment, than try to do a 405 * partial support for SIIT environment. 406 */ 407 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 408 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 409 ip6stat.ip6s_badscope++; 410 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 411 goto bad; 412 } 413 #if 0 414 /* 415 * Reject packets with IPv4 compatible addresses (auto tunnel). 416 * 417 * The code forbids auto tunnel relay case in RFC1933 (the check is 418 * stronger than RFC1933). We may want to re-enable it if mech-xx 419 * is revised to forbid relaying case. 420 */ 421 if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) || 422 IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) { 423 ip6stat.ip6s_badscope++; 424 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 425 goto bad; 426 } 427 #endif 428 429 /* 430 * Disambiguate address scope zones (if there is ambiguity). 431 * We first make sure that the original source or destination address 432 * is not in our internal form for scoped addresses. Such addresses 433 * are not necessarily invalid spec-wise, but we cannot accept them due 434 * to the usage conflict. 435 * in6_setscope() then also checks and rejects the cases where src or 436 * dst are the loopback address and the receiving interface 437 * is not loopback. 438 */ 439 if (__predict_false( 440 m_makewritable(&m, 0, sizeof(struct ip6_hdr), M_DONTWAIT))) 441 goto bad; 442 ip6 = mtod(m, struct ip6_hdr *); 443 if (in6_clearscope(&ip6->ip6_src) || in6_clearscope(&ip6->ip6_dst)) { 444 ip6stat.ip6s_badscope++; /* XXX */ 445 goto bad; 446 } 447 if (in6_setscope(&ip6->ip6_src, m->m_pkthdr.rcvif, NULL) || 448 in6_setscope(&ip6->ip6_dst, m->m_pkthdr.rcvif, NULL)) { 449 ip6stat.ip6s_badscope++; 450 goto bad; 451 } 452 453 /* 454 * Multicast check 455 */ 456 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 457 struct in6_multi *in6m = 0; 458 459 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mcast); 460 /* 461 * See if we belong to the destination multicast group on the 462 * arrival interface. 463 */ 464 IN6_LOOKUP_MULTI(ip6->ip6_dst, m->m_pkthdr.rcvif, in6m); 465 if (in6m) 466 ours = 1; 467 else if (!ip6_mrouter) { 468 ip6stat.ip6s_notmember++; 469 ip6stat.ip6s_cantforward++; 470 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 471 goto bad; 472 } 473 deliverifp = m->m_pkthdr.rcvif; 474 goto hbhcheck; 475 } 476 477 /* 478 * Unicast check 479 */ 480 if (!IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, 481 &((const struct sockaddr_in6 *)rtcache_getdst((const struct route *)&ip6_forward_rt))->sin6_addr)) 482 rtcache_free((struct route *)&ip6_forward_rt); 483 else 484 rtcache_check((struct route *)&ip6_forward_rt); 485 if (ip6_forward_rt.ro_rt != NULL) { 486 /* XXX Revalidated route is accounted wrongly. */ 487 ip6stat.ip6s_forward_cachehit++; 488 } else { 489 struct sockaddr_in6 *dst6; 490 491 ip6stat.ip6s_forward_cachemiss++; 492 493 dst6 = &ip6_forward_rt.ro_dst; 494 memset(dst6, 0, sizeof(*dst6)); 495 dst6->sin6_len = sizeof(struct sockaddr_in6); 496 dst6->sin6_family = AF_INET6; 497 dst6->sin6_addr = ip6->ip6_dst; 498 499 rtcache_init((struct route *)&ip6_forward_rt); 500 } 501 502 #define rt6_key(r) ((struct sockaddr_in6 *)((r)->rt_nodes->rn_key)) 503 504 /* 505 * Accept the packet if the forwarding interface to the destination 506 * according to the routing table is the loopback interface, 507 * unless the associated route has a gateway. 508 * Note that this approach causes to accept a packet if there is a 509 * route to the loopback interface for the destination of the packet. 510 * But we think it's even useful in some situations, e.g. when using 511 * a special daemon which wants to intercept the packet. 512 */ 513 if (ip6_forward_rt.ro_rt != NULL && 514 (ip6_forward_rt.ro_rt->rt_flags & 515 (RTF_HOST|RTF_GATEWAY)) == RTF_HOST && 516 !(ip6_forward_rt.ro_rt->rt_flags & RTF_CLONED) && 517 #if 0 518 /* 519 * The check below is redundant since the comparison of 520 * the destination and the key of the rtentry has 521 * already done through looking up the routing table. 522 */ 523 IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, 524 &rt6_key(ip6_forward_rt.ro_rt)->sin6_addr) && 525 #endif 526 ip6_forward_rt.ro_rt->rt_ifp->if_type == IFT_LOOP) { 527 struct in6_ifaddr *ia6 = 528 (struct in6_ifaddr *)ip6_forward_rt.ro_rt->rt_ifa; 529 if (ia6->ia6_flags & IN6_IFF_ANYCAST) 530 m->m_flags |= M_ANYCAST6; 531 /* 532 * packets to a tentative, duplicated, or somehow invalid 533 * address must not be accepted. 534 */ 535 if (!(ia6->ia6_flags & IN6_IFF_NOTREADY)) { 536 /* this address is ready */ 537 ours = 1; 538 deliverifp = ia6->ia_ifp; /* correct? */ 539 goto hbhcheck; 540 } else { 541 /* address is not ready, so discard the packet. */ 542 nd6log((LOG_INFO, 543 "ip6_input: packet to an unready address %s->%s\n", 544 ip6_sprintf(&ip6->ip6_src), 545 ip6_sprintf(&ip6->ip6_dst))); 546 547 goto bad; 548 } 549 } 550 551 /* 552 * FAITH (Firewall Aided Internet Translator) 553 */ 554 #if defined(NFAITH) && 0 < NFAITH 555 if (ip6_keepfaith) { 556 if (ip6_forward_rt.ro_rt != NULL && 557 ip6_forward_rt.ro_rt->rt_ifp != NULL && 558 ip6_forward_rt.ro_rt->rt_ifp->if_type == IFT_FAITH) { 559 /* XXX do we need more sanity checks? */ 560 ours = 1; 561 deliverifp = ip6_forward_rt.ro_rt->rt_ifp; /* faith */ 562 goto hbhcheck; 563 } 564 } 565 #endif 566 567 #if 0 568 { 569 /* 570 * Last resort: check in6_ifaddr for incoming interface. 571 * The code is here until I update the "goto ours hack" code above 572 * working right. 573 */ 574 struct ifaddr *ifa; 575 TAILQ_FOREACH(ifa, &m->m_pkthdr.rcvif->if_addrlist, ifa_list) { 576 if (ifa->ifa_addr == NULL) 577 continue; /* just for safety */ 578 if (ifa->ifa_addr->sa_family != AF_INET6) 579 continue; 580 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ip6->ip6_dst)) { 581 ours = 1; 582 deliverifp = ifa->ifa_ifp; 583 goto hbhcheck; 584 } 585 } 586 } 587 #endif 588 589 /* 590 * Now there is no reason to process the packet if it's not our own 591 * and we're not a router. 592 */ 593 if (!ip6_forwarding) { 594 ip6stat.ip6s_cantforward++; 595 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 596 goto bad; 597 } 598 599 hbhcheck: 600 /* 601 * record address information into m_tag, if we don't have one yet. 602 * note that we are unable to record it, if the address is not listed 603 * as our interface address (e.g. multicast addresses, addresses 604 * within FAITH prefixes and such). 605 */ 606 if (deliverifp && !ip6_getdstifaddr(m)) { 607 struct in6_ifaddr *ia6; 608 609 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst); 610 if (ia6) { 611 if (!ip6_setdstifaddr(m, ia6)) { 612 /* 613 * XXX maybe we should drop the packet here, 614 * as we could not provide enough information 615 * to the upper layers. 616 */ 617 } 618 } 619 } 620 621 /* 622 * Process Hop-by-Hop options header if it's contained. 623 * m may be modified in ip6_hopopts_input(). 624 * If a JumboPayload option is included, plen will also be modified. 625 */ 626 plen = (u_int32_t)ntohs(ip6->ip6_plen); 627 if (ip6->ip6_nxt == IPPROTO_HOPOPTS) { 628 struct ip6_hbh *hbh; 629 630 if (ip6_hopopts_input(&plen, &rtalert, &m, &off)) { 631 #if 0 /*touches NULL pointer*/ 632 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 633 #endif 634 return; /* m have already been freed */ 635 } 636 637 /* adjust pointer */ 638 ip6 = mtod(m, struct ip6_hdr *); 639 640 /* 641 * if the payload length field is 0 and the next header field 642 * indicates Hop-by-Hop Options header, then a Jumbo Payload 643 * option MUST be included. 644 */ 645 if (ip6->ip6_plen == 0 && plen == 0) { 646 /* 647 * Note that if a valid jumbo payload option is 648 * contained, ip6_hopopts_input() must set a valid 649 * (non-zero) payload length to the variable plen. 650 */ 651 ip6stat.ip6s_badoptions++; 652 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 653 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); 654 icmp6_error(m, ICMP6_PARAM_PROB, 655 ICMP6_PARAMPROB_HEADER, 656 (char *)&ip6->ip6_plen - (char *)ip6); 657 return; 658 } 659 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr), 660 sizeof(struct ip6_hbh)); 661 if (hbh == NULL) { 662 ip6stat.ip6s_tooshort++; 663 return; 664 } 665 KASSERT(IP6_HDR_ALIGNED_P(hbh)); 666 nxt = hbh->ip6h_nxt; 667 668 /* 669 * accept the packet if a router alert option is included 670 * and we act as an IPv6 router. 671 */ 672 if (rtalert != ~0 && ip6_forwarding) 673 ours = 1; 674 } else 675 nxt = ip6->ip6_nxt; 676 677 /* 678 * Check that the amount of data in the buffers 679 * is as at least much as the IPv6 header would have us expect. 680 * Trim mbufs if longer than we expect. 681 * Drop packet if shorter than we expect. 682 */ 683 if (m->m_pkthdr.len - sizeof(struct ip6_hdr) < plen) { 684 ip6stat.ip6s_tooshort++; 685 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated); 686 goto bad; 687 } 688 if (m->m_pkthdr.len > sizeof(struct ip6_hdr) + plen) { 689 if (m->m_len == m->m_pkthdr.len) { 690 m->m_len = sizeof(struct ip6_hdr) + plen; 691 m->m_pkthdr.len = sizeof(struct ip6_hdr) + plen; 692 } else 693 m_adj(m, sizeof(struct ip6_hdr) + plen - m->m_pkthdr.len); 694 } 695 696 /* 697 * Forward if desirable. 698 */ 699 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 700 /* 701 * If we are acting as a multicast router, all 702 * incoming multicast packets are passed to the 703 * kernel-level multicast forwarding function. 704 * The packet is returned (relatively) intact; if 705 * ip6_mforward() returns a non-zero value, the packet 706 * must be discarded, else it may be accepted below. 707 */ 708 if (ip6_mrouter && ip6_mforward(ip6, m->m_pkthdr.rcvif, m)) { 709 ip6stat.ip6s_cantforward++; 710 m_freem(m); 711 return; 712 } 713 if (!ours) { 714 m_freem(m); 715 return; 716 } 717 } else if (!ours) { 718 ip6_forward(m, srcrt); 719 return; 720 } 721 722 ip6 = mtod(m, struct ip6_hdr *); 723 724 /* 725 * Malicious party may be able to use IPv4 mapped addr to confuse 726 * tcp/udp stack and bypass security checks (act as if it was from 727 * 127.0.0.1 by using IPv6 src ::ffff:127.0.0.1). Be cautious. 728 * 729 * For SIIT end node behavior, you may want to disable the check. 730 * However, you will become vulnerable to attacks using IPv4 mapped 731 * source. 732 */ 733 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 734 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 735 ip6stat.ip6s_badscope++; 736 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 737 goto bad; 738 } 739 740 /* 741 * Tell launch routine the next header 742 */ 743 #ifdef IFA_STATS 744 if (deliverifp != NULL) { 745 struct in6_ifaddr *ia6; 746 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst); 747 if (ia6) 748 ia6->ia_ifa.ifa_data.ifad_inbytes += m->m_pkthdr.len; 749 } 750 #endif 751 ip6stat.ip6s_delivered++; 752 in6_ifstat_inc(deliverifp, ifs6_in_deliver); 753 nest = 0; 754 755 while (nxt != IPPROTO_DONE) { 756 if (ip6_hdrnestlimit && (++nest > ip6_hdrnestlimit)) { 757 ip6stat.ip6s_toomanyhdr++; 758 goto bad; 759 } 760 761 /* 762 * protection against faulty packet - there should be 763 * more sanity checks in header chain processing. 764 */ 765 if (m->m_pkthdr.len < off) { 766 ip6stat.ip6s_tooshort++; 767 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated); 768 goto bad; 769 } 770 771 #ifdef IPSEC 772 /* 773 * enforce IPsec policy checking if we are seeing last header. 774 * note that we do not visit this with protocols with pcb layer 775 * code - like udp/tcp/raw ip. 776 */ 777 if ((inet6sw[ip6_protox[nxt]].pr_flags & PR_LASTHDR) != 0 && 778 ipsec6_in_reject(m, NULL)) { 779 ipsec6stat.in_polvio++; 780 goto bad; 781 } 782 #endif 783 #ifdef FAST_IPSEC 784 /* 785 * enforce IPsec policy checking if we are seeing last header. 786 * note that we do not visit this with protocols with pcb layer 787 * code - like udp/tcp/raw ip. 788 */ 789 if ((inet6sw[ip_protox[nxt]].pr_flags & PR_LASTHDR) != 0) { 790 /* 791 * Check if the packet has already had IPsec processing 792 * done. If so, then just pass it along. This tag gets 793 * set during AH, ESP, etc. input handling, before the 794 * packet is returned to the ip input queue for delivery. 795 */ 796 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL); 797 s = splsoftnet(); 798 if (mtag != NULL) { 799 tdbi = (struct tdb_ident *)(mtag + 1); 800 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND); 801 } else { 802 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND, 803 IP_FORWARDING, &error); 804 } 805 if (sp != NULL) { 806 /* 807 * Check security policy against packet attributes. 808 */ 809 error = ipsec_in_reject(sp, m); 810 KEY_FREESP(&sp); 811 } else { 812 /* XXX error stat??? */ 813 error = EINVAL; 814 DPRINTF(("ip6_input: no SP, packet discarded\n"));/*XXX*/ 815 goto bad; 816 } 817 splx(s); 818 if (error) 819 goto bad; 820 } 821 #endif /* FAST_IPSEC */ 822 823 824 nxt = (*inet6sw[ip6_protox[nxt]].pr_input)(&m, &off, nxt); 825 } 826 return; 827 bad: 828 m_freem(m); 829 } 830 831 /* 832 * set/grab in6_ifaddr correspond to IPv6 destination address. 833 */ 834 static struct m_tag * 835 ip6_setdstifaddr(m, ia6) 836 struct mbuf *m; 837 struct in6_ifaddr *ia6; 838 { 839 struct m_tag *mtag; 840 841 mtag = ip6_addaux(m); 842 if (mtag) 843 ((struct ip6aux *)(mtag + 1))->ip6a_dstia6 = ia6; 844 return mtag; /* NULL if failed to set */ 845 } 846 847 struct in6_ifaddr * 848 ip6_getdstifaddr(m) 849 struct mbuf *m; 850 { 851 struct m_tag *mtag; 852 853 mtag = ip6_findaux(m); 854 if (mtag) 855 return ((struct ip6aux *)(mtag + 1))->ip6a_dstia6; 856 else 857 return NULL; 858 } 859 860 /* 861 * Hop-by-Hop options header processing. If a valid jumbo payload option is 862 * included, the real payload length will be stored in plenp. 863 */ 864 static int 865 ip6_hopopts_input(plenp, rtalertp, mp, offp) 866 u_int32_t *plenp; 867 u_int32_t *rtalertp; /* XXX: should be stored more smart way */ 868 struct mbuf **mp; 869 int *offp; 870 { 871 struct mbuf *m = *mp; 872 int off = *offp, hbhlen; 873 struct ip6_hbh *hbh; 874 875 /* validation of the length of the header */ 876 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, 877 sizeof(struct ip6_hdr), sizeof(struct ip6_hbh)); 878 if (hbh == NULL) { 879 ip6stat.ip6s_tooshort++; 880 return -1; 881 } 882 hbhlen = (hbh->ip6h_len + 1) << 3; 883 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr), 884 hbhlen); 885 if (hbh == NULL) { 886 ip6stat.ip6s_tooshort++; 887 return -1; 888 } 889 KASSERT(IP6_HDR_ALIGNED_P(hbh)); 890 off += hbhlen; 891 hbhlen -= sizeof(struct ip6_hbh); 892 893 if (ip6_process_hopopts(m, (u_int8_t *)hbh + sizeof(struct ip6_hbh), 894 hbhlen, rtalertp, plenp) < 0) 895 return (-1); 896 897 *offp = off; 898 *mp = m; 899 return (0); 900 } 901 902 /* 903 * Search header for all Hop-by-hop options and process each option. 904 * This function is separate from ip6_hopopts_input() in order to 905 * handle a case where the sending node itself process its hop-by-hop 906 * options header. In such a case, the function is called from ip6_output(). 907 * 908 * The function assumes that hbh header is located right after the IPv6 header 909 * (RFC2460 p7), opthead is pointer into data content in m, and opthead to 910 * opthead + hbhlen is located in continuous memory region. 911 */ 912 int 913 ip6_process_hopopts(m, opthead, hbhlen, rtalertp, plenp) 914 struct mbuf *m; 915 u_int8_t *opthead; 916 int hbhlen; 917 u_int32_t *rtalertp; 918 u_int32_t *plenp; 919 { 920 struct ip6_hdr *ip6; 921 int optlen = 0; 922 u_int8_t *opt = opthead; 923 u_int16_t rtalert_val; 924 u_int32_t jumboplen; 925 const int erroff = sizeof(struct ip6_hdr) + sizeof(struct ip6_hbh); 926 927 for (; hbhlen > 0; hbhlen -= optlen, opt += optlen) { 928 switch (*opt) { 929 case IP6OPT_PAD1: 930 optlen = 1; 931 break; 932 case IP6OPT_PADN: 933 if (hbhlen < IP6OPT_MINLEN) { 934 ip6stat.ip6s_toosmall++; 935 goto bad; 936 } 937 optlen = *(opt + 1) + 2; 938 break; 939 case IP6OPT_RTALERT: 940 /* XXX may need check for alignment */ 941 if (hbhlen < IP6OPT_RTALERT_LEN) { 942 ip6stat.ip6s_toosmall++; 943 goto bad; 944 } 945 if (*(opt + 1) != IP6OPT_RTALERT_LEN - 2) { 946 /* XXX stat */ 947 icmp6_error(m, ICMP6_PARAM_PROB, 948 ICMP6_PARAMPROB_HEADER, 949 erroff + opt + 1 - opthead); 950 return (-1); 951 } 952 optlen = IP6OPT_RTALERT_LEN; 953 bcopy((void *)(opt + 2), (void *)&rtalert_val, 2); 954 *rtalertp = ntohs(rtalert_val); 955 break; 956 case IP6OPT_JUMBO: 957 /* XXX may need check for alignment */ 958 if (hbhlen < IP6OPT_JUMBO_LEN) { 959 ip6stat.ip6s_toosmall++; 960 goto bad; 961 } 962 if (*(opt + 1) != IP6OPT_JUMBO_LEN - 2) { 963 /* XXX stat */ 964 icmp6_error(m, ICMP6_PARAM_PROB, 965 ICMP6_PARAMPROB_HEADER, 966 erroff + opt + 1 - opthead); 967 return (-1); 968 } 969 optlen = IP6OPT_JUMBO_LEN; 970 971 /* 972 * IPv6 packets that have non 0 payload length 973 * must not contain a jumbo payload option. 974 */ 975 ip6 = mtod(m, struct ip6_hdr *); 976 if (ip6->ip6_plen) { 977 ip6stat.ip6s_badoptions++; 978 icmp6_error(m, ICMP6_PARAM_PROB, 979 ICMP6_PARAMPROB_HEADER, 980 erroff + opt - opthead); 981 return (-1); 982 } 983 984 /* 985 * We may see jumbolen in unaligned location, so 986 * we'd need to perform bcopy(). 987 */ 988 bcopy(opt + 2, &jumboplen, sizeof(jumboplen)); 989 jumboplen = (u_int32_t)htonl(jumboplen); 990 991 #if 1 992 /* 993 * if there are multiple jumbo payload options, 994 * *plenp will be non-zero and the packet will be 995 * rejected. 996 * the behavior may need some debate in ipngwg - 997 * multiple options does not make sense, however, 998 * there's no explicit mention in specification. 999 */ 1000 if (*plenp != 0) { 1001 ip6stat.ip6s_badoptions++; 1002 icmp6_error(m, ICMP6_PARAM_PROB, 1003 ICMP6_PARAMPROB_HEADER, 1004 erroff + opt + 2 - opthead); 1005 return (-1); 1006 } 1007 #endif 1008 1009 /* 1010 * jumbo payload length must be larger than 65535. 1011 */ 1012 if (jumboplen <= IPV6_MAXPACKET) { 1013 ip6stat.ip6s_badoptions++; 1014 icmp6_error(m, ICMP6_PARAM_PROB, 1015 ICMP6_PARAMPROB_HEADER, 1016 erroff + opt + 2 - opthead); 1017 return (-1); 1018 } 1019 *plenp = jumboplen; 1020 1021 break; 1022 default: /* unknown option */ 1023 if (hbhlen < IP6OPT_MINLEN) { 1024 ip6stat.ip6s_toosmall++; 1025 goto bad; 1026 } 1027 optlen = ip6_unknown_opt(opt, m, 1028 erroff + opt - opthead); 1029 if (optlen == -1) 1030 return (-1); 1031 optlen += 2; 1032 break; 1033 } 1034 } 1035 1036 return (0); 1037 1038 bad: 1039 m_freem(m); 1040 return (-1); 1041 } 1042 1043 /* 1044 * Unknown option processing. 1045 * The third argument `off' is the offset from the IPv6 header to the option, 1046 * which is necessary if the IPv6 header the and option header and IPv6 header 1047 * is not continuous in order to return an ICMPv6 error. 1048 */ 1049 int 1050 ip6_unknown_opt(optp, m, off) 1051 u_int8_t *optp; 1052 struct mbuf *m; 1053 int off; 1054 { 1055 struct ip6_hdr *ip6; 1056 1057 switch (IP6OPT_TYPE(*optp)) { 1058 case IP6OPT_TYPE_SKIP: /* ignore the option */ 1059 return ((int)*(optp + 1)); 1060 case IP6OPT_TYPE_DISCARD: /* silently discard */ 1061 m_freem(m); 1062 return (-1); 1063 case IP6OPT_TYPE_FORCEICMP: /* send ICMP even if multicasted */ 1064 ip6stat.ip6s_badoptions++; 1065 icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_OPTION, off); 1066 return (-1); 1067 case IP6OPT_TYPE_ICMP: /* send ICMP if not multicasted */ 1068 ip6stat.ip6s_badoptions++; 1069 ip6 = mtod(m, struct ip6_hdr *); 1070 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) || 1071 (m->m_flags & (M_BCAST|M_MCAST))) 1072 m_freem(m); 1073 else 1074 icmp6_error(m, ICMP6_PARAM_PROB, 1075 ICMP6_PARAMPROB_OPTION, off); 1076 return (-1); 1077 } 1078 1079 m_freem(m); /* XXX: NOTREACHED */ 1080 return (-1); 1081 } 1082 1083 /* 1084 * Create the "control" list for this pcb. 1085 * 1086 * The routine will be called from upper layer handlers like tcp6_input(). 1087 * Thus the routine assumes that the caller (tcp6_input) have already 1088 * called IP6_EXTHDR_CHECK() and all the extension headers are located in the 1089 * very first mbuf on the mbuf chain. 1090 * We may want to add some infinite loop prevention or sanity checks for safety. 1091 * (This applies only when you are using KAME mbuf chain restriction, i.e. 1092 * you are using IP6_EXTHDR_CHECK() not m_pulldown()) 1093 */ 1094 void 1095 ip6_savecontrol(in6p, mp, ip6, m) 1096 struct in6pcb *in6p; 1097 struct mbuf **mp; 1098 struct ip6_hdr *ip6; 1099 struct mbuf *m; 1100 { 1101 #ifdef RFC2292 1102 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) 1103 #else 1104 #define IS2292(x, y) (y) 1105 #endif 1106 1107 #ifdef SO_TIMESTAMP 1108 if (in6p->in6p_socket->so_options & SO_TIMESTAMP) { 1109 struct timeval tv; 1110 1111 microtime(&tv); 1112 *mp = sbcreatecontrol((void *) &tv, sizeof(tv), 1113 SCM_TIMESTAMP, SOL_SOCKET); 1114 if (*mp) 1115 mp = &(*mp)->m_next; 1116 } 1117 #endif 1118 1119 /* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */ 1120 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) 1121 return; 1122 1123 /* RFC 2292 sec. 5 */ 1124 if ((in6p->in6p_flags & IN6P_PKTINFO) != 0) { 1125 struct in6_pktinfo pi6; 1126 1127 bcopy(&ip6->ip6_dst, &pi6.ipi6_addr, sizeof(struct in6_addr)); 1128 in6_clearscope(&pi6.ipi6_addr); /* XXX */ 1129 pi6.ipi6_ifindex = m->m_pkthdr.rcvif ? 1130 m->m_pkthdr.rcvif->if_index : 0; 1131 *mp = sbcreatecontrol((void *) &pi6, 1132 sizeof(struct in6_pktinfo), 1133 IS2292(IPV6_2292PKTINFO, IPV6_PKTINFO), IPPROTO_IPV6); 1134 if (*mp) 1135 mp = &(*mp)->m_next; 1136 } 1137 1138 if (in6p->in6p_flags & IN6P_HOPLIMIT) { 1139 int hlim = ip6->ip6_hlim & 0xff; 1140 1141 *mp = sbcreatecontrol((void *) &hlim, sizeof(int), 1142 IS2292(IPV6_2292HOPLIMIT, IPV6_HOPLIMIT), IPPROTO_IPV6); 1143 if (*mp) 1144 mp = &(*mp)->m_next; 1145 } 1146 1147 if ((in6p->in6p_flags & IN6P_TCLASS) != 0) { 1148 u_int32_t flowinfo; 1149 int tclass; 1150 1151 flowinfo = (u_int32_t)ntohl(ip6->ip6_flow & IPV6_FLOWINFO_MASK); 1152 flowinfo >>= 20; 1153 1154 tclass = flowinfo & 0xff; 1155 *mp = sbcreatecontrol((void *)&tclass, sizeof(tclass), 1156 IPV6_TCLASS, IPPROTO_IPV6); 1157 1158 if (*mp) 1159 mp = &(*mp)->m_next; 1160 } 1161 1162 /* 1163 * IPV6_HOPOPTS socket option. Recall that we required super-user 1164 * privilege for the option (see ip6_ctloutput), but it might be too 1165 * strict, since there might be some hop-by-hop options which can be 1166 * returned to normal user. 1167 * See also RFC3542 section 8 (or RFC2292 section 6). 1168 */ 1169 if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0) { 1170 /* 1171 * Check if a hop-by-hop options header is contatined in the 1172 * received packet, and if so, store the options as ancillary 1173 * data. Note that a hop-by-hop options header must be 1174 * just after the IPv6 header, which fact is assured through 1175 * the IPv6 input processing. 1176 */ 1177 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *); 1178 if (xip6->ip6_nxt == IPPROTO_HOPOPTS) { 1179 struct ip6_hbh *hbh; 1180 int hbhlen; 1181 struct mbuf *ext; 1182 1183 ext = ip6_pullexthdr(m, sizeof(struct ip6_hdr), 1184 xip6->ip6_nxt); 1185 if (ext == NULL) { 1186 ip6stat.ip6s_tooshort++; 1187 return; 1188 } 1189 hbh = mtod(ext, struct ip6_hbh *); 1190 hbhlen = (hbh->ip6h_len + 1) << 3; 1191 if (hbhlen != ext->m_len) { 1192 m_freem(ext); 1193 ip6stat.ip6s_tooshort++; 1194 return; 1195 } 1196 1197 /* 1198 * XXX: We copy whole the header even if a jumbo 1199 * payload option is included, which option is to 1200 * be removed before returning in the RFC 2292. 1201 * Note: this constraint is removed in RFC3542. 1202 */ 1203 *mp = sbcreatecontrol((void *)hbh, hbhlen, 1204 IS2292(IPV6_2292HOPOPTS, IPV6_HOPOPTS), 1205 IPPROTO_IPV6); 1206 if (*mp) 1207 mp = &(*mp)->m_next; 1208 m_freem(ext); 1209 } 1210 } 1211 1212 /* IPV6_DSTOPTS and IPV6_RTHDR socket options */ 1213 if (in6p->in6p_flags & (IN6P_DSTOPTS | IN6P_RTHDR)) { 1214 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *); 1215 int nxt = xip6->ip6_nxt, off = sizeof(struct ip6_hdr); 1216 1217 /* 1218 * Search for destination options headers or routing 1219 * header(s) through the header chain, and stores each 1220 * header as ancillary data. 1221 * Note that the order of the headers remains in 1222 * the chain of ancillary data. 1223 */ 1224 for (;;) { /* is explicit loop prevention necessary? */ 1225 struct ip6_ext *ip6e = NULL; 1226 int elen; 1227 struct mbuf *ext = NULL; 1228 1229 /* 1230 * if it is not an extension header, don't try to 1231 * pull it from the chain. 1232 */ 1233 switch (nxt) { 1234 case IPPROTO_DSTOPTS: 1235 case IPPROTO_ROUTING: 1236 case IPPROTO_HOPOPTS: 1237 case IPPROTO_AH: /* is it possible? */ 1238 break; 1239 default: 1240 goto loopend; 1241 } 1242 1243 ext = ip6_pullexthdr(m, off, nxt); 1244 if (ext == NULL) { 1245 ip6stat.ip6s_tooshort++; 1246 return; 1247 } 1248 ip6e = mtod(ext, struct ip6_ext *); 1249 if (nxt == IPPROTO_AH) 1250 elen = (ip6e->ip6e_len + 2) << 2; 1251 else 1252 elen = (ip6e->ip6e_len + 1) << 3; 1253 if (elen != ext->m_len) { 1254 m_freem(ext); 1255 ip6stat.ip6s_tooshort++; 1256 return; 1257 } 1258 KASSERT(IP6_HDR_ALIGNED_P(ip6e)); 1259 1260 switch (nxt) { 1261 case IPPROTO_DSTOPTS: 1262 if (!in6p->in6p_flags & IN6P_DSTOPTS) 1263 break; 1264 1265 *mp = sbcreatecontrol((void *)ip6e, elen, 1266 IS2292(IPV6_2292DSTOPTS, IPV6_DSTOPTS), 1267 IPPROTO_IPV6); 1268 if (*mp) 1269 mp = &(*mp)->m_next; 1270 break; 1271 1272 case IPPROTO_ROUTING: 1273 if (!in6p->in6p_flags & IN6P_RTHDR) 1274 break; 1275 1276 *mp = sbcreatecontrol((void *)ip6e, elen, 1277 IS2292(IPV6_2292RTHDR, IPV6_RTHDR), 1278 IPPROTO_IPV6); 1279 if (*mp) 1280 mp = &(*mp)->m_next; 1281 break; 1282 1283 case IPPROTO_HOPOPTS: 1284 case IPPROTO_AH: /* is it possible? */ 1285 break; 1286 1287 default: 1288 /* 1289 * other cases have been filtered in the above. 1290 * none will visit this case. here we supply 1291 * the code just in case (nxt overwritten or 1292 * other cases). 1293 */ 1294 m_freem(ext); 1295 goto loopend; 1296 1297 } 1298 1299 /* proceed with the next header. */ 1300 off += elen; 1301 nxt = ip6e->ip6e_nxt; 1302 ip6e = NULL; 1303 m_freem(ext); 1304 ext = NULL; 1305 } 1306 loopend: 1307 ; 1308 } 1309 } 1310 #undef IS2292 1311 1312 1313 void 1314 ip6_notify_pmtu(struct in6pcb *in6p, const struct sockaddr_in6 *dst, 1315 uint32_t *mtu) 1316 { 1317 struct socket *so; 1318 struct mbuf *m_mtu; 1319 struct ip6_mtuinfo mtuctl; 1320 1321 so = in6p->in6p_socket; 1322 1323 if (mtu == NULL) 1324 return; 1325 1326 #ifdef DIAGNOSTIC 1327 if (so == NULL) /* I believe this is impossible */ 1328 panic("ip6_notify_pmtu: socket is NULL"); 1329 #endif 1330 1331 memset(&mtuctl, 0, sizeof(mtuctl)); /* zero-clear for safety */ 1332 mtuctl.ip6m_mtu = *mtu; 1333 mtuctl.ip6m_addr = *dst; 1334 if (sa6_recoverscope(&mtuctl.ip6m_addr)) 1335 return; 1336 1337 if ((m_mtu = sbcreatecontrol((void *)&mtuctl, sizeof(mtuctl), 1338 IPV6_PATHMTU, IPPROTO_IPV6)) == NULL) 1339 return; 1340 1341 if (sbappendaddr(&so->so_rcv, (const struct sockaddr *)dst, NULL, m_mtu) 1342 == 0) { 1343 m_freem(m_mtu); 1344 /* XXX: should count statistics */ 1345 } else 1346 sorwakeup(so); 1347 1348 return; 1349 } 1350 1351 /* 1352 * pull single extension header from mbuf chain. returns single mbuf that 1353 * contains the result, or NULL on error. 1354 */ 1355 static struct mbuf * 1356 ip6_pullexthdr(m, off, nxt) 1357 struct mbuf *m; 1358 size_t off; 1359 int nxt; 1360 { 1361 struct ip6_ext ip6e; 1362 size_t elen; 1363 struct mbuf *n; 1364 1365 #ifdef DIAGNOSTIC 1366 switch (nxt) { 1367 case IPPROTO_DSTOPTS: 1368 case IPPROTO_ROUTING: 1369 case IPPROTO_HOPOPTS: 1370 case IPPROTO_AH: /* is it possible? */ 1371 break; 1372 default: 1373 printf("ip6_pullexthdr: invalid nxt=%d\n", nxt); 1374 } 1375 #endif 1376 1377 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); 1378 if (nxt == IPPROTO_AH) 1379 elen = (ip6e.ip6e_len + 2) << 2; 1380 else 1381 elen = (ip6e.ip6e_len + 1) << 3; 1382 1383 MGET(n, M_DONTWAIT, MT_DATA); 1384 if (n && elen >= MLEN) { 1385 MCLGET(n, M_DONTWAIT); 1386 if ((n->m_flags & M_EXT) == 0) { 1387 m_free(n); 1388 n = NULL; 1389 } 1390 } 1391 if (!n) 1392 return NULL; 1393 1394 n->m_len = 0; 1395 if (elen >= M_TRAILINGSPACE(n)) { 1396 m_free(n); 1397 return NULL; 1398 } 1399 1400 m_copydata(m, off, elen, mtod(n, void *)); 1401 n->m_len = elen; 1402 return n; 1403 } 1404 1405 /* 1406 * Get pointer to the previous header followed by the header 1407 * currently processed. 1408 * XXX: This function supposes that 1409 * M includes all headers, 1410 * the next header field and the header length field of each header 1411 * are valid, and 1412 * the sum of each header length equals to OFF. 1413 * Because of these assumptions, this function must be called very 1414 * carefully. Moreover, it will not be used in the near future when 1415 * we develop `neater' mechanism to process extension headers. 1416 */ 1417 u_int8_t * 1418 ip6_get_prevhdr(m, off) 1419 struct mbuf *m; 1420 int off; 1421 { 1422 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 1423 1424 if (off == sizeof(struct ip6_hdr)) 1425 return (&ip6->ip6_nxt); 1426 else { 1427 int len, nxt; 1428 struct ip6_ext *ip6e = NULL; 1429 1430 nxt = ip6->ip6_nxt; 1431 len = sizeof(struct ip6_hdr); 1432 while (len < off) { 1433 ip6e = (struct ip6_ext *)(mtod(m, char *) + len); 1434 1435 switch (nxt) { 1436 case IPPROTO_FRAGMENT: 1437 len += sizeof(struct ip6_frag); 1438 break; 1439 case IPPROTO_AH: 1440 len += (ip6e->ip6e_len + 2) << 2; 1441 break; 1442 default: 1443 len += (ip6e->ip6e_len + 1) << 3; 1444 break; 1445 } 1446 nxt = ip6e->ip6e_nxt; 1447 } 1448 if (ip6e) 1449 return (&ip6e->ip6e_nxt); 1450 else 1451 return NULL; 1452 } 1453 } 1454 1455 /* 1456 * get next header offset. m will be retained. 1457 */ 1458 int 1459 ip6_nexthdr(m, off, proto, nxtp) 1460 struct mbuf *m; 1461 int off; 1462 int proto; 1463 int *nxtp; 1464 { 1465 struct ip6_hdr ip6; 1466 struct ip6_ext ip6e; 1467 struct ip6_frag fh; 1468 1469 /* just in case */ 1470 if (m == NULL) 1471 panic("ip6_nexthdr: m == NULL"); 1472 if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len < off) 1473 return -1; 1474 1475 switch (proto) { 1476 case IPPROTO_IPV6: 1477 /* do not chase beyond intermediate IPv6 headers */ 1478 if (off != 0) 1479 return -1; 1480 if (m->m_pkthdr.len < off + sizeof(ip6)) 1481 return -1; 1482 m_copydata(m, off, sizeof(ip6), (void *)&ip6); 1483 if (nxtp) 1484 *nxtp = ip6.ip6_nxt; 1485 off += sizeof(ip6); 1486 return off; 1487 1488 case IPPROTO_FRAGMENT: 1489 /* 1490 * terminate parsing if it is not the first fragment, 1491 * it does not make sense to parse through it. 1492 */ 1493 if (m->m_pkthdr.len < off + sizeof(fh)) 1494 return -1; 1495 m_copydata(m, off, sizeof(fh), (void *)&fh); 1496 if ((fh.ip6f_offlg & IP6F_OFF_MASK) != 0) 1497 return -1; 1498 if (nxtp) 1499 *nxtp = fh.ip6f_nxt; 1500 off += sizeof(struct ip6_frag); 1501 return off; 1502 1503 case IPPROTO_AH: 1504 if (m->m_pkthdr.len < off + sizeof(ip6e)) 1505 return -1; 1506 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); 1507 if (nxtp) 1508 *nxtp = ip6e.ip6e_nxt; 1509 off += (ip6e.ip6e_len + 2) << 2; 1510 if (m->m_pkthdr.len < off) 1511 return -1; 1512 return off; 1513 1514 case IPPROTO_HOPOPTS: 1515 case IPPROTO_ROUTING: 1516 case IPPROTO_DSTOPTS: 1517 if (m->m_pkthdr.len < off + sizeof(ip6e)) 1518 return -1; 1519 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); 1520 if (nxtp) 1521 *nxtp = ip6e.ip6e_nxt; 1522 off += (ip6e.ip6e_len + 1) << 3; 1523 if (m->m_pkthdr.len < off) 1524 return -1; 1525 return off; 1526 1527 case IPPROTO_NONE: 1528 case IPPROTO_ESP: 1529 case IPPROTO_IPCOMP: 1530 /* give up */ 1531 return -1; 1532 1533 default: 1534 return -1; 1535 } 1536 } 1537 1538 /* 1539 * get offset for the last header in the chain. m will be kept untainted. 1540 */ 1541 int 1542 ip6_lasthdr(m, off, proto, nxtp) 1543 struct mbuf *m; 1544 int off; 1545 int proto; 1546 int *nxtp; 1547 { 1548 int newoff; 1549 int nxt; 1550 1551 if (!nxtp) { 1552 nxt = -1; 1553 nxtp = &nxt; 1554 } 1555 for (;;) { 1556 newoff = ip6_nexthdr(m, off, proto, nxtp); 1557 if (newoff < 0) 1558 return off; 1559 else if (newoff < off) 1560 return -1; /* invalid */ 1561 else if (newoff == off) 1562 return newoff; 1563 1564 off = newoff; 1565 proto = *nxtp; 1566 } 1567 } 1568 1569 struct m_tag * 1570 ip6_addaux(m) 1571 struct mbuf *m; 1572 { 1573 struct m_tag *mtag; 1574 1575 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); 1576 if (!mtag) { 1577 mtag = m_tag_get(PACKET_TAG_INET6, sizeof(struct ip6aux), 1578 M_NOWAIT); 1579 if (mtag) { 1580 m_tag_prepend(m, mtag); 1581 bzero(mtag + 1, sizeof(struct ip6aux)); 1582 } 1583 } 1584 return mtag; 1585 } 1586 1587 struct m_tag * 1588 ip6_findaux(m) 1589 struct mbuf *m; 1590 { 1591 struct m_tag *mtag; 1592 1593 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); 1594 return mtag; 1595 } 1596 1597 void 1598 ip6_delaux(m) 1599 struct mbuf *m; 1600 { 1601 struct m_tag *mtag; 1602 1603 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); 1604 if (mtag) 1605 m_tag_delete(m, mtag); 1606 } 1607 1608 #ifdef GATEWAY 1609 /* 1610 * sysctl helper routine for net.inet.ip6.maxflows. Since 1611 * we could reduce this value, call ip6flow_reap(); 1612 */ 1613 static int 1614 sysctl_net_inet6_ip6_maxflows(SYSCTLFN_ARGS) 1615 { 1616 int s; 1617 1618 s = sysctl_lookup(SYSCTLFN_CALL(rnode)); 1619 if (s || newp == NULL) 1620 return (s); 1621 1622 s = splsoftnet(); 1623 ip6flow_reap(0); 1624 splx(s); 1625 1626 return (0); 1627 } 1628 1629 static int 1630 sysctl_net_inet6_ip6_hashsize(SYSCTLFN_ARGS) 1631 { 1632 int error, tmp; 1633 struct sysctlnode node; 1634 1635 node = *rnode; 1636 tmp = ip6_hashsize; 1637 node.sysctl_data = &tmp; 1638 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1639 if (error || newp == NULL) 1640 return (error); 1641 1642 if ((tmp & (tmp - 1)) == 0 && tmp != 0) { 1643 /* 1644 * Can only fail due to malloc() 1645 */ 1646 if (ip6flow_invalidate_all(tmp)) 1647 return ENOMEM; 1648 } else { 1649 /* 1650 * EINVAL if not a power of 2 1651 */ 1652 return EINVAL; 1653 } 1654 1655 return (0); 1656 } 1657 #endif /* GATEWAY */ 1658 1659 static int 1660 sysctl_net_inet6_ip6_rht0(SYSCTLFN_ARGS) 1661 { 1662 int error, tmp; 1663 struct sysctlnode node; 1664 1665 node = *rnode; 1666 tmp = ip6_rht0; 1667 node.sysctl_data = &tmp; 1668 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1669 if (error || newp == NULL) 1670 return error; 1671 1672 switch (tmp) { 1673 case -1: /* disable processing */ 1674 case 0: /* disable for host, enable for router */ 1675 case 1: /* enable for all */ 1676 break; 1677 default: 1678 return EINVAL; 1679 } 1680 ip6_rht0 = tmp; 1681 return 0; 1682 } 1683 1684 /* 1685 * System control for IP6 1686 */ 1687 1688 u_char inet6ctlerrmap[PRC_NCMDS] = { 1689 0, 0, 0, 0, 1690 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH, 1691 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED, 1692 EMSGSIZE, EHOSTUNREACH, 0, 0, 1693 0, 0, 0, 0, 1694 ENOPROTOOPT 1695 }; 1696 1697 SYSCTL_SETUP(sysctl_net_inet6_ip6_setup, "sysctl net.inet6.ip6 subtree setup") 1698 { 1699 #ifdef RFC2292 1700 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) 1701 #else 1702 #define IS2292(x, y) (y) 1703 #endif 1704 1705 sysctl_createv(clog, 0, NULL, NULL, 1706 CTLFLAG_PERMANENT, 1707 CTLTYPE_NODE, "net", NULL, 1708 NULL, 0, NULL, 0, 1709 CTL_NET, CTL_EOL); 1710 sysctl_createv(clog, 0, NULL, NULL, 1711 CTLFLAG_PERMANENT, 1712 CTLTYPE_NODE, "inet6", 1713 SYSCTL_DESCR("PF_INET6 related settings"), 1714 NULL, 0, NULL, 0, 1715 CTL_NET, PF_INET6, CTL_EOL); 1716 sysctl_createv(clog, 0, NULL, NULL, 1717 CTLFLAG_PERMANENT, 1718 CTLTYPE_NODE, "ip6", 1719 SYSCTL_DESCR("IPv6 related settings"), 1720 NULL, 0, NULL, 0, 1721 CTL_NET, PF_INET6, IPPROTO_IPV6, CTL_EOL); 1722 1723 sysctl_createv(clog, 0, NULL, NULL, 1724 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1725 CTLTYPE_INT, "forwarding", 1726 SYSCTL_DESCR("Enable forwarding of INET6 datagrams"), 1727 NULL, 0, &ip6_forwarding, 0, 1728 CTL_NET, PF_INET6, IPPROTO_IPV6, 1729 IPV6CTL_FORWARDING, CTL_EOL); 1730 sysctl_createv(clog, 0, NULL, NULL, 1731 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1732 CTLTYPE_INT, "redirect", 1733 SYSCTL_DESCR("Enable sending of ICMPv6 redirect messages"), 1734 NULL, 0, &ip6_sendredirects, 0, 1735 CTL_NET, PF_INET6, IPPROTO_IPV6, 1736 IPV6CTL_SENDREDIRECTS, CTL_EOL); 1737 sysctl_createv(clog, 0, NULL, NULL, 1738 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1739 CTLTYPE_INT, "hlim", 1740 SYSCTL_DESCR("Hop limit for an INET6 datagram"), 1741 NULL, 0, &ip6_defhlim, 0, 1742 CTL_NET, PF_INET6, IPPROTO_IPV6, 1743 IPV6CTL_DEFHLIM, CTL_EOL); 1744 #ifdef notyet 1745 sysctl_createv(clog, 0, NULL, NULL, 1746 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1747 CTLTYPE_INT, "mtu", NULL, 1748 NULL, 0, &, 0, 1749 CTL_NET, PF_INET6, IPPROTO_IPV6, 1750 IPV6CTL_DEFMTU, CTL_EOL); 1751 #endif 1752 #ifdef __no_idea__ 1753 sysctl_createv(clog, 0, NULL, NULL, 1754 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1755 CTLTYPE_INT, "forwsrcrt", NULL, 1756 NULL, 0, &?, 0, 1757 CTL_NET, PF_INET6, IPPROTO_IPV6, 1758 IPV6CTL_FORWSRCRT, CTL_EOL); 1759 sysctl_createv(clog, 0, NULL, NULL, 1760 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1761 CTLTYPE_STRUCT, "mrtstats", NULL, 1762 NULL, 0, &?, sizeof(?), 1763 CTL_NET, PF_INET6, IPPROTO_IPV6, 1764 IPV6CTL_MRTSTATS, CTL_EOL); 1765 sysctl_createv(clog, 0, NULL, NULL, 1766 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1767 CTLTYPE_?, "mrtproto", NULL, 1768 NULL, 0, &?, sizeof(?), 1769 CTL_NET, PF_INET6, IPPROTO_IPV6, 1770 IPV6CTL_MRTPROTO, CTL_EOL); 1771 #endif 1772 sysctl_createv(clog, 0, NULL, NULL, 1773 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1774 CTLTYPE_INT, "maxfragpackets", 1775 SYSCTL_DESCR("Maximum number of fragments to buffer " 1776 "for reassembly"), 1777 NULL, 0, &ip6_maxfragpackets, 0, 1778 CTL_NET, PF_INET6, IPPROTO_IPV6, 1779 IPV6CTL_MAXFRAGPACKETS, CTL_EOL); 1780 #ifdef __no_idea__ 1781 sysctl_createv(clog, 0, NULL, NULL, 1782 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1783 CTLTYPE_INT, "sourcecheck", NULL, 1784 NULL, 0, &?, 0, 1785 CTL_NET, PF_INET6, IPPROTO_IPV6, 1786 IPV6CTL_SOURCECHECK, CTL_EOL); 1787 sysctl_createv(clog, 0, NULL, NULL, 1788 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1789 CTLTYPE_INT, "sourcecheck_logint", NULL, 1790 NULL, 0, &?, 0, 1791 CTL_NET, PF_INET6, IPPROTO_IPV6, 1792 IPV6CTL_SOURCECHECK_LOGINT, CTL_EOL); 1793 #endif 1794 sysctl_createv(clog, 0, NULL, NULL, 1795 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1796 CTLTYPE_INT, "accept_rtadv", 1797 SYSCTL_DESCR("Accept router advertisements"), 1798 NULL, 0, &ip6_accept_rtadv, 0, 1799 CTL_NET, PF_INET6, IPPROTO_IPV6, 1800 IPV6CTL_ACCEPT_RTADV, CTL_EOL); 1801 sysctl_createv(clog, 0, NULL, NULL, 1802 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1803 CTLTYPE_INT, "keepfaith", 1804 SYSCTL_DESCR("Activate faith interface"), 1805 NULL, 0, &ip6_keepfaith, 0, 1806 CTL_NET, PF_INET6, IPPROTO_IPV6, 1807 IPV6CTL_KEEPFAITH, CTL_EOL); 1808 sysctl_createv(clog, 0, NULL, NULL, 1809 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1810 CTLTYPE_INT, "log_interval", 1811 SYSCTL_DESCR("Minumum interval between logging " 1812 "unroutable packets"), 1813 NULL, 0, &ip6_log_interval, 0, 1814 CTL_NET, PF_INET6, IPPROTO_IPV6, 1815 IPV6CTL_LOG_INTERVAL, CTL_EOL); 1816 sysctl_createv(clog, 0, NULL, NULL, 1817 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1818 CTLTYPE_INT, "hdrnestlimit", 1819 SYSCTL_DESCR("Maximum number of nested IPv6 headers"), 1820 NULL, 0, &ip6_hdrnestlimit, 0, 1821 CTL_NET, PF_INET6, IPPROTO_IPV6, 1822 IPV6CTL_HDRNESTLIMIT, CTL_EOL); 1823 sysctl_createv(clog, 0, NULL, NULL, 1824 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1825 CTLTYPE_INT, "dad_count", 1826 SYSCTL_DESCR("Number of Duplicate Address Detection " 1827 "probes to send"), 1828 NULL, 0, &ip6_dad_count, 0, 1829 CTL_NET, PF_INET6, IPPROTO_IPV6, 1830 IPV6CTL_DAD_COUNT, CTL_EOL); 1831 sysctl_createv(clog, 0, NULL, NULL, 1832 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1833 CTLTYPE_INT, "auto_flowlabel", 1834 SYSCTL_DESCR("Assign random IPv6 flow labels"), 1835 NULL, 0, &ip6_auto_flowlabel, 0, 1836 CTL_NET, PF_INET6, IPPROTO_IPV6, 1837 IPV6CTL_AUTO_FLOWLABEL, CTL_EOL); 1838 sysctl_createv(clog, 0, NULL, NULL, 1839 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1840 CTLTYPE_INT, "defmcasthlim", 1841 SYSCTL_DESCR("Default multicast hop limit"), 1842 NULL, 0, &ip6_defmcasthlim, 0, 1843 CTL_NET, PF_INET6, IPPROTO_IPV6, 1844 IPV6CTL_DEFMCASTHLIM, CTL_EOL); 1845 #if NGIF > 0 1846 sysctl_createv(clog, 0, NULL, NULL, 1847 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1848 CTLTYPE_INT, "gifhlim", 1849 SYSCTL_DESCR("Default hop limit for a gif tunnel datagram"), 1850 NULL, 0, &ip6_gif_hlim, 0, 1851 CTL_NET, PF_INET6, IPPROTO_IPV6, 1852 IPV6CTL_GIF_HLIM, CTL_EOL); 1853 #endif /* NGIF */ 1854 sysctl_createv(clog, 0, NULL, NULL, 1855 CTLFLAG_PERMANENT, 1856 CTLTYPE_STRING, "kame_version", 1857 SYSCTL_DESCR("KAME Version"), 1858 NULL, 0, __UNCONST(__KAME_VERSION), 0, 1859 CTL_NET, PF_INET6, IPPROTO_IPV6, 1860 IPV6CTL_KAME_VERSION, CTL_EOL); 1861 sysctl_createv(clog, 0, NULL, NULL, 1862 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1863 CTLTYPE_INT, "use_deprecated", 1864 SYSCTL_DESCR("Allow use of deprecated addresses as " 1865 "source addresses"), 1866 NULL, 0, &ip6_use_deprecated, 0, 1867 CTL_NET, PF_INET6, IPPROTO_IPV6, 1868 IPV6CTL_USE_DEPRECATED, CTL_EOL); 1869 sysctl_createv(clog, 0, NULL, NULL, 1870 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1871 CTLTYPE_INT, "rr_prune", NULL, 1872 NULL, 0, &ip6_rr_prune, 0, 1873 CTL_NET, PF_INET6, IPPROTO_IPV6, 1874 IPV6CTL_RR_PRUNE, CTL_EOL); 1875 sysctl_createv(clog, 0, NULL, NULL, 1876 CTLFLAG_PERMANENT 1877 #ifndef INET6_BINDV6ONLY 1878 |CTLFLAG_READWRITE, 1879 #endif 1880 CTLTYPE_INT, "v6only", 1881 SYSCTL_DESCR("Disallow PF_INET6 sockets from connecting " 1882 "to PF_INET sockets"), 1883 NULL, 0, &ip6_v6only, 0, 1884 CTL_NET, PF_INET6, IPPROTO_IPV6, 1885 IPV6CTL_V6ONLY, CTL_EOL); 1886 sysctl_createv(clog, 0, NULL, NULL, 1887 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1888 CTLTYPE_INT, "anonportmin", 1889 SYSCTL_DESCR("Lowest ephemeral port number to assign"), 1890 sysctl_net_inet_ip_ports, 0, &ip6_anonportmin, 0, 1891 CTL_NET, PF_INET6, IPPROTO_IPV6, 1892 IPV6CTL_ANONPORTMIN, CTL_EOL); 1893 sysctl_createv(clog, 0, NULL, NULL, 1894 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1895 CTLTYPE_INT, "anonportmax", 1896 SYSCTL_DESCR("Highest ephemeral port number to assign"), 1897 sysctl_net_inet_ip_ports, 0, &ip6_anonportmax, 0, 1898 CTL_NET, PF_INET6, IPPROTO_IPV6, 1899 IPV6CTL_ANONPORTMAX, CTL_EOL); 1900 #ifndef IPNOPRIVPORTS 1901 sysctl_createv(clog, 0, NULL, NULL, 1902 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1903 CTLTYPE_INT, "lowportmin", 1904 SYSCTL_DESCR("Lowest privileged ephemeral port number " 1905 "to assign"), 1906 sysctl_net_inet_ip_ports, 0, &ip6_lowportmin, 0, 1907 CTL_NET, PF_INET6, IPPROTO_IPV6, 1908 IPV6CTL_LOWPORTMIN, CTL_EOL); 1909 sysctl_createv(clog, 0, NULL, NULL, 1910 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1911 CTLTYPE_INT, "lowportmax", 1912 SYSCTL_DESCR("Highest privileged ephemeral port number " 1913 "to assign"), 1914 sysctl_net_inet_ip_ports, 0, &ip6_lowportmax, 0, 1915 CTL_NET, PF_INET6, IPPROTO_IPV6, 1916 IPV6CTL_LOWPORTMAX, CTL_EOL); 1917 #endif /* IPNOPRIVPORTS */ 1918 sysctl_createv(clog, 0, NULL, NULL, 1919 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1920 CTLTYPE_INT, "use_tempaddr", 1921 SYSCTL_DESCR("Use temporary address"), 1922 NULL, 0, &ip6_use_tempaddr, 0, 1923 CTL_NET, PF_INET6, IPPROTO_IPV6, 1924 CTL_CREATE, CTL_EOL); 1925 sysctl_createv(clog, 0, NULL, NULL, 1926 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1927 CTLTYPE_INT, "temppltime", 1928 SYSCTL_DESCR("preferred lifetime of a temporary address"), 1929 NULL, 0, &ip6_temp_preferred_lifetime, 0, 1930 CTL_NET, PF_INET6, IPPROTO_IPV6, 1931 CTL_CREATE, CTL_EOL); 1932 sysctl_createv(clog, 0, NULL, NULL, 1933 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1934 CTLTYPE_INT, "tempvltime", 1935 SYSCTL_DESCR("valid lifetime of a temporary address"), 1936 NULL, 0, &ip6_temp_valid_lifetime, 0, 1937 CTL_NET, PF_INET6, IPPROTO_IPV6, 1938 CTL_CREATE, CTL_EOL); 1939 sysctl_createv(clog, 0, NULL, NULL, 1940 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1941 CTLTYPE_INT, "maxfrags", 1942 SYSCTL_DESCR("Maximum fragments in reassembly queue"), 1943 NULL, 0, &ip6_maxfrags, 0, 1944 CTL_NET, PF_INET6, IPPROTO_IPV6, 1945 IPV6CTL_MAXFRAGS, CTL_EOL); 1946 sysctl_createv(clog, 0, NULL, NULL, 1947 CTLFLAG_PERMANENT, 1948 CTLTYPE_STRUCT, "stats", 1949 SYSCTL_DESCR("IPv6 statistics"), 1950 NULL, 0, &ip6stat, sizeof(ip6stat), 1951 CTL_NET, PF_INET6, IPPROTO_IPV6, 1952 IPV6CTL_STATS, CTL_EOL); 1953 sysctl_createv(clog, 0, NULL, NULL, 1954 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1955 CTLTYPE_INT, "use_defaultzone", 1956 SYSCTL_DESCR("Whether to use the default scope zones"), 1957 NULL, 0, &ip6_use_defzone, 0, 1958 CTL_NET, PF_INET6, IPPROTO_IPV6, 1959 IPV6CTL_USE_DEFAULTZONE, CTL_EOL); 1960 sysctl_createv(clog, 0, NULL, NULL, 1961 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1962 CTLTYPE_INT, "mcast_pmtu", 1963 SYSCTL_DESCR("Enable pMTU discovery for multicast packet"), 1964 NULL, 0, &ip6_mcast_pmtu, 0, 1965 CTL_NET, PF_INET6, IPPROTO_IPV6, 1966 CTL_CREATE, CTL_EOL); 1967 #ifdef GATEWAY 1968 sysctl_createv(clog, 0, NULL, NULL, 1969 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1970 CTLTYPE_INT, "maxflows", 1971 SYSCTL_DESCR("Number of flows for fast forwarding (IPv6)"), 1972 sysctl_net_inet6_ip6_maxflows, 0, &ip6_maxflows, 0, 1973 CTL_NET, PF_INET6, IPPROTO_IPV6, 1974 CTL_CREATE, CTL_EOL); 1975 sysctl_createv(clog, 0, NULL, NULL, 1976 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1977 CTLTYPE_INT, "hashsize", 1978 SYSCTL_DESCR("Size of hash table for fast forwarding (IPv6)"), 1979 sysctl_net_inet6_ip6_hashsize, 0, &ip6_hashsize, 0, 1980 CTL_NET, PF_INET6, IPPROTO_IPV6, 1981 CTL_CREATE, CTL_EOL); 1982 #endif 1983 sysctl_createv(clog, 0, NULL, NULL, 1984 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1985 CTLTYPE_INT, "rht0", 1986 SYSCTL_DESCR("Processing of routing header type 0 (IPv6)"), 1987 sysctl_net_inet6_ip6_rht0, 0, &ip6_rht0, 0, 1988 CTL_NET, PF_INET6, IPPROTO_IPV6, 1989 CTL_CREATE, CTL_EOL); 1990 } 1991
Indexes created Tue Sep 23 21:09:50 GMT 2025