ip6_input.c revision 1.115
1 /* $NetBSD: ip6_input.c,v 1.115 2008/04/08 23:37:43 thorpej Exp $ */ 2 /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.115 2008/04/08 23:37:43 thorpej Exp $"); 66 67 #include "opt_inet.h" 68 #include "opt_inet6.h" 69 #include "opt_ipsec.h" 70 #include "opt_pfil_hooks.h" 71 72 #include <sys/param.h> 73 #include <sys/systm.h> 74 #include <sys/malloc.h> 75 #include <sys/mbuf.h> 76 #include <sys/domain.h> 77 #include <sys/protosw.h> 78 #include <sys/socket.h> 79 #include <sys/socketvar.h> 80 #include <sys/errno.h> 81 #include <sys/time.h> 82 #include <sys/kernel.h> 83 #include <sys/syslog.h> 84 #include <sys/proc.h> 85 #include <sys/sysctl.h> 86 87 #include <net/if.h> 88 #include <net/if_types.h> 89 #include <net/if_dl.h> 90 #include <net/route.h> 91 #include <net/netisr.h> 92 #ifdef PFIL_HOOKS 93 #include <net/pfil.h> 94 #endif 95 96 #include <netinet/in.h> 97 #include <netinet/in_systm.h> 98 #ifdef INET 99 #include <netinet/ip.h> 100 #include <netinet/ip_icmp.h> 101 #endif /* INET */ 102 #include <netinet/ip6.h> 103 #include <netinet6/in6_var.h> 104 #include <netinet6/ip6_var.h> 105 #include <netinet6/in6_pcb.h> 106 #include <netinet/icmp6.h> 107 #include <netinet6/scope6_var.h> 108 #include <netinet6/in6_ifattach.h> 109 #include <netinet6/nd6.h> 110 111 #ifdef IPSEC 112 #include <netinet6/ipsec.h> 113 #endif 114 115 #ifdef FAST_IPSEC 116 #include <netipsec/ipsec.h> 117 #include <netipsec/ipsec6.h> 118 #include <netipsec/key.h> 119 #endif /* FAST_IPSEC */ 120 121 #include <netinet6/ip6protosw.h> 122 123 #include "faith.h" 124 #include "gif.h" 125 126 #if NGIF > 0 127 #include <netinet6/in6_gif.h> 128 #endif 129 130 #include <net/net_osdep.h> 131 132 extern struct domain inet6domain; 133 134 u_char ip6_protox[IPPROTO_MAX]; 135 static int ip6qmaxlen = IFQ_MAXLEN; 136 struct in6_ifaddr *in6_ifaddr; 137 struct ifqueue ip6intrq; 138 139 extern callout_t in6_tmpaddrtimer_ch; 140 141 int ip6_forward_srcrt; /* XXX */ 142 int ip6_sourcecheck; /* XXX */ 143 int ip6_sourcecheck_interval; /* XXX */ 144 145 #ifdef PFIL_HOOKS 146 struct pfil_head inet6_pfil_hook; 147 #endif 148 149 uint64_t ip6stat[IP6_NSTATS]; 150 151 static void ip6_init2(void *); 152 static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *); 153 154 static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *); 155 static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int); 156 157 /* 158 * IP6 initialization: fill in IP6 protocol switch table. 159 * All protocols not implemented in kernel go to raw IP6 protocol handler. 160 */ 161 void 162 ip6_init(void) 163 { 164 const struct ip6protosw *pr; 165 int i; 166 167 pr = (const struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW); 168 if (pr == 0) 169 panic("ip6_init"); 170 for (i = 0; i < IPPROTO_MAX; i++) 171 ip6_protox[i] = pr - inet6sw; 172 for (pr = (const struct ip6protosw *)inet6domain.dom_protosw; 173 pr < (const struct ip6protosw *)inet6domain.dom_protoswNPROTOSW; pr++) 174 if (pr->pr_domain->dom_family == PF_INET6 && 175 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW) 176 ip6_protox[pr->pr_protocol] = pr - inet6sw; 177 ip6intrq.ifq_maxlen = ip6qmaxlen; 178 scope6_init(); 179 addrsel_policy_init(); 180 nd6_init(); 181 frag6_init(); 182 ip6_desync_factor = arc4random() % MAX_TEMP_DESYNC_FACTOR; 183 184 ip6_init2((void *)0); 185 #ifdef GATEWAY 186 ip6flow_init(ip6_hashsize); 187 #endif 188 189 #ifdef PFIL_HOOKS 190 /* Register our Packet Filter hook. */ 191 inet6_pfil_hook.ph_type = PFIL_TYPE_AF; 192 inet6_pfil_hook.ph_af = AF_INET6; 193 i = pfil_head_register(&inet6_pfil_hook); 194 if (i != 0) 195 printf("ip6_init: WARNING: unable to register pfil hook, " 196 "error %d\n", i); 197 #endif /* PFIL_HOOKS */ 198 } 199 200 static void 201 ip6_init2(void *dummy) 202 { 203 204 /* nd6_timer_init */ 205 callout_init(&nd6_timer_ch, 0); 206 callout_reset(&nd6_timer_ch, hz, nd6_timer, NULL); 207 208 /* timer for regeneranation of temporary addresses randomize ID */ 209 callout_init(&in6_tmpaddrtimer_ch, 0); 210 callout_reset(&in6_tmpaddrtimer_ch, 211 (ip6_temp_preferred_lifetime - ip6_desync_factor - 212 ip6_temp_regen_advance) * hz, 213 in6_tmpaddrtimer, NULL); 214 } 215 216 /* 217 * IP6 input interrupt handling. Just pass the packet to ip6_input. 218 */ 219 void 220 ip6intr(void) 221 { 222 int s; 223 struct mbuf *m; 224 225 for (;;) { 226 s = splnet(); 227 IF_DEQUEUE(&ip6intrq, m); 228 splx(s); 229 if (m == 0) 230 return; 231 /* drop the packet if IPv6 operation is disabled on the IF */ 232 if ((ND_IFINFO(m->m_pkthdr.rcvif)->flags & ND6_IFF_IFDISABLED)) { 233 m_freem(m); 234 return; 235 } 236 ip6_input(m); 237 } 238 } 239 240 extern struct route ip6_forward_rt; 241 242 void 243 ip6_input(struct mbuf *m) 244 { 245 struct ip6_hdr *ip6; 246 int hit, off = sizeof(struct ip6_hdr), nest; 247 u_int32_t plen; 248 u_int32_t rtalert = ~0; 249 int nxt, ours = 0, rh_present = 0; 250 struct ifnet *deliverifp = NULL; 251 int srcrt = 0; 252 const struct rtentry *rt; 253 union { 254 struct sockaddr dst; 255 struct sockaddr_in6 dst6; 256 } u; 257 #ifdef FAST_IPSEC 258 struct m_tag *mtag; 259 struct tdb_ident *tdbi; 260 struct secpolicy *sp; 261 int s, error; 262 #endif 263 264 #ifdef IPSEC 265 /* 266 * should the inner packet be considered authentic? 267 * see comment in ah4_input(). 268 */ 269 m->m_flags &= ~M_AUTHIPHDR; 270 m->m_flags &= ~M_AUTHIPDGM; 271 #endif 272 273 /* 274 * make sure we don't have onion peering information into m_tag. 275 */ 276 ip6_delaux(m); 277 278 /* 279 * mbuf statistics 280 */ 281 if (m->m_flags & M_EXT) { 282 if (m->m_next) 283 ip6stat[IP6_STAT_MEXT2M]++; 284 else 285 ip6stat[IP6_STAT_MEXT1]++; 286 } else { 287 #define M2MMAX 32 288 if (m->m_next) { 289 if (m->m_flags & M_LOOP) { 290 /*XXX*/ ip6stat[IP6_STAT_M2M + lo0ifp->if_index]++; 291 } else if (m->m_pkthdr.rcvif->if_index < M2MMAX) { 292 ip6stat[IP6_STAT_M2M + 293 m->m_pkthdr.rcvif->if_index]++; 294 } else 295 ip6stat[IP6_STAT_M2M]++; 296 } else 297 ip6stat[IP6_STAT_M1]++; 298 #undef M2MMAX 299 } 300 301 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_receive); 302 ip6stat[IP6_STAT_TOTAL]++; 303 304 /* 305 * If the IPv6 header is not aligned, slurp it up into a new 306 * mbuf with space for link headers, in the event we forward 307 * it. Otherwise, if it is aligned, make sure the entire base 308 * IPv6 header is in the first mbuf of the chain. 309 */ 310 if (IP6_HDR_ALIGNED_P(mtod(m, void *)) == 0) { 311 struct ifnet *inifp = m->m_pkthdr.rcvif; 312 if ((m = m_copyup(m, sizeof(struct ip6_hdr), 313 (max_linkhdr + 3) & ~3)) == NULL) { 314 /* XXXJRT new stat, please */ 315 ip6stat[IP6_STAT_TOOSMALL]++; 316 in6_ifstat_inc(inifp, ifs6_in_hdrerr); 317 return; 318 } 319 } else if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) { 320 struct ifnet *inifp = m->m_pkthdr.rcvif; 321 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) { 322 ip6stat[IP6_STAT_TOOSMALL]++; 323 in6_ifstat_inc(inifp, ifs6_in_hdrerr); 324 return; 325 } 326 } 327 328 ip6 = mtod(m, struct ip6_hdr *); 329 330 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) { 331 ip6stat[IP6_STAT_BADVERS]++; 332 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); 333 goto bad; 334 } 335 336 #if defined(IPSEC) 337 /* IPv6 fast forwarding is not compatible with IPsec. */ 338 m->m_flags &= ~M_CANFASTFWD; 339 #else 340 /* 341 * Assume that we can create a fast-forward IP flow entry 342 * based on this packet. 343 */ 344 m->m_flags |= M_CANFASTFWD; 345 #endif 346 347 #ifdef PFIL_HOOKS 348 /* 349 * Run through list of hooks for input packets. If there are any 350 * filters which require that additional packets in the flow are 351 * not fast-forwarded, they must clear the M_CANFASTFWD flag. 352 * Note that filters must _never_ set this flag, as another filter 353 * in the list may have previously cleared it. 354 */ 355 /* 356 * let ipfilter look at packet on the wire, 357 * not the decapsulated packet. 358 */ 359 #ifdef IPSEC 360 if (!ipsec_getnhist(m)) 361 #elif defined(FAST_IPSEC) 362 if (!ipsec_indone(m)) 363 #else 364 if (1) 365 #endif 366 { 367 struct in6_addr odst; 368 369 odst = ip6->ip6_dst; 370 if (pfil_run_hooks(&inet6_pfil_hook, &m, m->m_pkthdr.rcvif, 371 PFIL_IN) != 0) 372 return; 373 if (m == NULL) 374 return; 375 ip6 = mtod(m, struct ip6_hdr *); 376 srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); 377 } 378 #endif /* PFIL_HOOKS */ 379 380 ip6stat[IP6_STAT_NXTHIST + ip6->ip6_nxt]++; 381 382 #ifdef ALTQ 383 if (altq_input != NULL && (*altq_input)(m, AF_INET6) == 0) { 384 /* packet is dropped by traffic conditioner */ 385 return; 386 } 387 #endif 388 389 /* 390 * Check against address spoofing/corruption. 391 */ 392 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) || 393 IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) { 394 /* 395 * XXX: "badscope" is not very suitable for a multicast source. 396 */ 397 ip6stat[IP6_STAT_BADSCOPE]++; 398 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 399 goto bad; 400 } 401 /* 402 * The following check is not documented in specs. A malicious 403 * party may be able to use IPv4 mapped addr to confuse tcp/udp stack 404 * and bypass security checks (act as if it was from 127.0.0.1 by using 405 * IPv6 src ::ffff:127.0.0.1). Be cautious. 406 * 407 * This check chokes if we are in an SIIT cloud. As none of BSDs 408 * support IPv4-less kernel compilation, we cannot support SIIT 409 * environment at all. So, it makes more sense for us to reject any 410 * malicious packets for non-SIIT environment, than try to do a 411 * partial support for SIIT environment. 412 */ 413 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 414 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 415 ip6stat[IP6_STAT_BADSCOPE]++; 416 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 417 goto bad; 418 } 419 #if 0 420 /* 421 * Reject packets with IPv4 compatible addresses (auto tunnel). 422 * 423 * The code forbids auto tunnel relay case in RFC1933 (the check is 424 * stronger than RFC1933). We may want to re-enable it if mech-xx 425 * is revised to forbid relaying case. 426 */ 427 if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) || 428 IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) { 429 ip6stat[IP6_STAT_BADSCOPE]++; 430 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 431 goto bad; 432 } 433 #endif 434 435 /* 436 * Disambiguate address scope zones (if there is ambiguity). 437 * We first make sure that the original source or destination address 438 * is not in our internal form for scoped addresses. Such addresses 439 * are not necessarily invalid spec-wise, but we cannot accept them due 440 * to the usage conflict. 441 * in6_setscope() then also checks and rejects the cases where src or 442 * dst are the loopback address and the receiving interface 443 * is not loopback. 444 */ 445 if (__predict_false( 446 m_makewritable(&m, 0, sizeof(struct ip6_hdr), M_DONTWAIT))) 447 goto bad; 448 ip6 = mtod(m, struct ip6_hdr *); 449 if (in6_clearscope(&ip6->ip6_src) || in6_clearscope(&ip6->ip6_dst)) { 450 ip6stat[IP6_STAT_BADSCOPE]++;/*XXX*/ 451 goto bad; 452 } 453 if (in6_setscope(&ip6->ip6_src, m->m_pkthdr.rcvif, NULL) || 454 in6_setscope(&ip6->ip6_dst, m->m_pkthdr.rcvif, NULL)) { 455 ip6stat[IP6_STAT_BADSCOPE]++; 456 goto bad; 457 } 458 459 /* 460 * Multicast check 461 */ 462 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 463 struct in6_multi *in6m = 0; 464 465 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mcast); 466 /* 467 * See if we belong to the destination multicast group on the 468 * arrival interface. 469 */ 470 IN6_LOOKUP_MULTI(ip6->ip6_dst, m->m_pkthdr.rcvif, in6m); 471 if (in6m) 472 ours = 1; 473 else if (!ip6_mrouter) { 474 ip6stat[IP6_STAT_NOTMEMBER]++; 475 ip6stat[IP6_STAT_CANTFORWARD]++; 476 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 477 goto bad; 478 } 479 deliverifp = m->m_pkthdr.rcvif; 480 goto hbhcheck; 481 } 482 483 sockaddr_in6_init(&u.dst6, &ip6->ip6_dst, 0, 0, 0); 484 485 /* 486 * Unicast check 487 */ 488 rt = rtcache_lookup2(&ip6_forward_rt, &u.dst, 1, &hit); 489 if (hit) 490 ip6stat[IP6_STAT_FORWARD_CACHEHIT]++; 491 else 492 ip6stat[IP6_STAT_FORWARD_CACHEMISS]++; 493 494 #define rt6_getkey(__rt) satocsin6(rt_getkey(__rt)) 495 496 /* 497 * Accept the packet if the forwarding interface to the destination 498 * according to the routing table is the loopback interface, 499 * unless the associated route has a gateway. 500 * Note that this approach causes to accept a packet if there is a 501 * route to the loopback interface for the destination of the packet. 502 * But we think it's even useful in some situations, e.g. when using 503 * a special daemon which wants to intercept the packet. 504 */ 505 if (rt != NULL && 506 (rt->rt_flags & (RTF_HOST|RTF_GATEWAY)) == RTF_HOST && 507 !(rt->rt_flags & RTF_CLONED) && 508 #if 0 509 /* 510 * The check below is redundant since the comparison of 511 * the destination and the key of the rtentry has 512 * already done through looking up the routing table. 513 */ 514 IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &rt6_getkey(rt)->sin6_addr) && 515 #endif 516 rt->rt_ifp->if_type == IFT_LOOP) { 517 struct in6_ifaddr *ia6 = (struct in6_ifaddr *)rt->rt_ifa; 518 if (ia6->ia6_flags & IN6_IFF_ANYCAST) 519 m->m_flags |= M_ANYCAST6; 520 /* 521 * packets to a tentative, duplicated, or somehow invalid 522 * address must not be accepted. 523 */ 524 if (!(ia6->ia6_flags & IN6_IFF_NOTREADY)) { 525 /* this address is ready */ 526 ours = 1; 527 deliverifp = ia6->ia_ifp; /* correct? */ 528 goto hbhcheck; 529 } else { 530 /* address is not ready, so discard the packet. */ 531 nd6log((LOG_INFO, 532 "ip6_input: packet to an unready address %s->%s\n", 533 ip6_sprintf(&ip6->ip6_src), 534 ip6_sprintf(&ip6->ip6_dst))); 535 536 goto bad; 537 } 538 } 539 540 /* 541 * FAITH (Firewall Aided Internet Translator) 542 */ 543 #if defined(NFAITH) && 0 < NFAITH 544 if (ip6_keepfaith) { 545 if (rt != NULL && rt->rt_ifp != NULL && 546 rt->rt_ifp->if_type == IFT_FAITH) { 547 /* XXX do we need more sanity checks? */ 548 ours = 1; 549 deliverifp = rt->rt_ifp; /* faith */ 550 goto hbhcheck; 551 } 552 } 553 #endif 554 555 #if 0 556 { 557 /* 558 * Last resort: check in6_ifaddr for incoming interface. 559 * The code is here until I update the "goto ours hack" code above 560 * working right. 561 */ 562 struct ifaddr *ifa; 563 IFADDR_FOREACH(ifa, m->m_pkthdr.rcvif) { 564 if (ifa->ifa_addr == NULL) 565 continue; /* just for safety */ 566 if (ifa->ifa_addr->sa_family != AF_INET6) 567 continue; 568 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ip6->ip6_dst)) { 569 ours = 1; 570 deliverifp = ifa->ifa_ifp; 571 goto hbhcheck; 572 } 573 } 574 } 575 #endif 576 577 /* 578 * Now there is no reason to process the packet if it's not our own 579 * and we're not a router. 580 */ 581 if (!ip6_forwarding) { 582 ip6stat[IP6_STAT_CANTFORWARD]++; 583 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 584 goto bad; 585 } 586 587 hbhcheck: 588 /* 589 * record address information into m_tag, if we don't have one yet. 590 * note that we are unable to record it, if the address is not listed 591 * as our interface address (e.g. multicast addresses, addresses 592 * within FAITH prefixes and such). 593 */ 594 if (deliverifp && ip6_getdstifaddr(m) == NULL) { 595 struct in6_ifaddr *ia6; 596 597 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst); 598 if (ia6 != NULL && ip6_setdstifaddr(m, ia6) == NULL) { 599 /* 600 * XXX maybe we should drop the packet here, 601 * as we could not provide enough information 602 * to the upper layers. 603 */ 604 } 605 } 606 607 /* 608 * Process Hop-by-Hop options header if it's contained. 609 * m may be modified in ip6_hopopts_input(). 610 * If a JumboPayload option is included, plen will also be modified. 611 */ 612 plen = (u_int32_t)ntohs(ip6->ip6_plen); 613 if (ip6->ip6_nxt == IPPROTO_HOPOPTS) { 614 struct ip6_hbh *hbh; 615 616 if (ip6_hopopts_input(&plen, &rtalert, &m, &off)) { 617 #if 0 /*touches NULL pointer*/ 618 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 619 #endif 620 return; /* m have already been freed */ 621 } 622 623 /* adjust pointer */ 624 ip6 = mtod(m, struct ip6_hdr *); 625 626 /* 627 * if the payload length field is 0 and the next header field 628 * indicates Hop-by-Hop Options header, then a Jumbo Payload 629 * option MUST be included. 630 */ 631 if (ip6->ip6_plen == 0 && plen == 0) { 632 /* 633 * Note that if a valid jumbo payload option is 634 * contained, ip6_hopopts_input() must set a valid 635 * (non-zero) payload length to the variable plen. 636 */ 637 ip6stat[IP6_STAT_BADOPTIONS]++; 638 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 639 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); 640 icmp6_error(m, ICMP6_PARAM_PROB, 641 ICMP6_PARAMPROB_HEADER, 642 (char *)&ip6->ip6_plen - (char *)ip6); 643 return; 644 } 645 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr), 646 sizeof(struct ip6_hbh)); 647 if (hbh == NULL) { 648 ip6stat[IP6_STAT_TOOSHORT]++; 649 return; 650 } 651 KASSERT(IP6_HDR_ALIGNED_P(hbh)); 652 nxt = hbh->ip6h_nxt; 653 654 /* 655 * accept the packet if a router alert option is included 656 * and we act as an IPv6 router. 657 */ 658 if (rtalert != ~0 && ip6_forwarding) 659 ours = 1; 660 } else 661 nxt = ip6->ip6_nxt; 662 663 /* 664 * Check that the amount of data in the buffers 665 * is as at least much as the IPv6 header would have us expect. 666 * Trim mbufs if longer than we expect. 667 * Drop packet if shorter than we expect. 668 */ 669 if (m->m_pkthdr.len - sizeof(struct ip6_hdr) < plen) { 670 ip6stat[IP6_STAT_TOOSHORT]++; 671 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated); 672 goto bad; 673 } 674 if (m->m_pkthdr.len > sizeof(struct ip6_hdr) + plen) { 675 if (m->m_len == m->m_pkthdr.len) { 676 m->m_len = sizeof(struct ip6_hdr) + plen; 677 m->m_pkthdr.len = sizeof(struct ip6_hdr) + plen; 678 } else 679 m_adj(m, sizeof(struct ip6_hdr) + plen - m->m_pkthdr.len); 680 } 681 682 /* 683 * Forward if desirable. 684 */ 685 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 686 /* 687 * If we are acting as a multicast router, all 688 * incoming multicast packets are passed to the 689 * kernel-level multicast forwarding function. 690 * The packet is returned (relatively) intact; if 691 * ip6_mforward() returns a non-zero value, the packet 692 * must be discarded, else it may be accepted below. 693 */ 694 if (ip6_mrouter && ip6_mforward(ip6, m->m_pkthdr.rcvif, m)) { 695 ip6stat[IP6_STAT_CANTFORWARD]++; 696 m_freem(m); 697 return; 698 } 699 if (!ours) { 700 m_freem(m); 701 return; 702 } 703 } else if (!ours) { 704 ip6_forward(m, srcrt); 705 return; 706 } 707 708 ip6 = mtod(m, struct ip6_hdr *); 709 710 /* 711 * Malicious party may be able to use IPv4 mapped addr to confuse 712 * tcp/udp stack and bypass security checks (act as if it was from 713 * 127.0.0.1 by using IPv6 src ::ffff:127.0.0.1). Be cautious. 714 * 715 * For SIIT end node behavior, you may want to disable the check. 716 * However, you will become vulnerable to attacks using IPv4 mapped 717 * source. 718 */ 719 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 720 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 721 ip6stat[IP6_STAT_BADSCOPE]++; 722 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 723 goto bad; 724 } 725 726 /* 727 * Tell launch routine the next header 728 */ 729 #ifdef IFA_STATS 730 if (deliverifp != NULL) { 731 struct in6_ifaddr *ia6; 732 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst); 733 if (ia6) 734 ia6->ia_ifa.ifa_data.ifad_inbytes += m->m_pkthdr.len; 735 } 736 #endif 737 ip6stat[IP6_STAT_DELIVERED]++; 738 in6_ifstat_inc(deliverifp, ifs6_in_deliver); 739 nest = 0; 740 741 rh_present = 0; 742 while (nxt != IPPROTO_DONE) { 743 if (ip6_hdrnestlimit && (++nest > ip6_hdrnestlimit)) { 744 ip6stat[IP6_STAT_TOOMANYHDR]++; 745 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); 746 goto bad; 747 } 748 749 /* 750 * protection against faulty packet - there should be 751 * more sanity checks in header chain processing. 752 */ 753 if (m->m_pkthdr.len < off) { 754 ip6stat[IP6_STAT_TOOSHORT]++; 755 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated); 756 goto bad; 757 } 758 759 if (nxt == IPPROTO_ROUTING) { 760 if (rh_present++) { 761 in6_ifstat_inc(m->m_pkthdr.rcvif, 762 ifs6_in_hdrerr); 763 ip6stat[IP6_STAT_BADOPTIONS]++; 764 goto bad; 765 } 766 } 767 768 #ifdef IPSEC 769 /* 770 * enforce IPsec policy checking if we are seeing last header. 771 * note that we do not visit this with protocols with pcb layer 772 * code - like udp/tcp/raw ip. 773 */ 774 if ((inet6sw[ip6_protox[nxt]].pr_flags & PR_LASTHDR) != 0 && 775 ipsec6_in_reject(m, NULL)) { 776 ipsec6stat.in_polvio++; 777 goto bad; 778 } 779 #endif 780 #ifdef FAST_IPSEC 781 /* 782 * enforce IPsec policy checking if we are seeing last header. 783 * note that we do not visit this with protocols with pcb layer 784 * code - like udp/tcp/raw ip. 785 */ 786 if ((inet6sw[ip_protox[nxt]].pr_flags & PR_LASTHDR) != 0) { 787 /* 788 * Check if the packet has already had IPsec processing 789 * done. If so, then just pass it along. This tag gets 790 * set during AH, ESP, etc. input handling, before the 791 * packet is returned to the ip input queue for delivery. 792 */ 793 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL); 794 s = splsoftnet(); 795 if (mtag != NULL) { 796 tdbi = (struct tdb_ident *)(mtag + 1); 797 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND); 798 } else { 799 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND, 800 IP_FORWARDING, &error); 801 } 802 if (sp != NULL) { 803 /* 804 * Check security policy against packet attributes. 805 */ 806 error = ipsec_in_reject(sp, m); 807 KEY_FREESP(&sp); 808 } else { 809 /* XXX error stat??? */ 810 error = EINVAL; 811 DPRINTF(("ip6_input: no SP, packet discarded\n"));/*XXX*/ 812 } 813 splx(s); 814 if (error) 815 goto bad; 816 } 817 #endif /* FAST_IPSEC */ 818 819 820 nxt = (*inet6sw[ip6_protox[nxt]].pr_input)(&m, &off, nxt); 821 } 822 return; 823 bad: 824 m_freem(m); 825 } 826 827 /* 828 * set/grab in6_ifaddr correspond to IPv6 destination address. 829 */ 830 static struct m_tag * 831 ip6_setdstifaddr(struct mbuf *m, const struct in6_ifaddr *ia) 832 { 833 struct m_tag *mtag; 834 835 mtag = ip6_addaux(m); 836 if (mtag != NULL) { 837 struct ip6aux *ip6a; 838 839 ip6a = (struct ip6aux *)(mtag + 1); 840 in6_setscope(&ip6a->ip6a_src, ia->ia_ifp, &ip6a->ip6a_scope_id); 841 ip6a->ip6a_src = ia->ia_addr.sin6_addr; 842 ip6a->ip6a_flags = ia->ia6_flags; 843 } 844 return mtag; /* NULL if failed to set */ 845 } 846 847 const struct ip6aux * 848 ip6_getdstifaddr(struct mbuf *m) 849 { 850 struct m_tag *mtag; 851 852 mtag = ip6_findaux(m); 853 if (mtag != NULL) 854 return (struct ip6aux *)(mtag + 1); 855 else 856 return NULL; 857 } 858 859 /* 860 * Hop-by-Hop options header processing. If a valid jumbo payload option is 861 * included, the real payload length will be stored in plenp. 862 * 863 * rtalertp - XXX: should be stored more smart way 864 */ 865 static int 866 ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp, 867 struct mbuf **mp, int *offp) 868 { 869 struct mbuf *m = *mp; 870 int off = *offp, hbhlen; 871 struct ip6_hbh *hbh; 872 873 /* validation of the length of the header */ 874 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, 875 sizeof(struct ip6_hdr), sizeof(struct ip6_hbh)); 876 if (hbh == NULL) { 877 ip6stat[IP6_STAT_TOOSHORT]++; 878 return -1; 879 } 880 hbhlen = (hbh->ip6h_len + 1) << 3; 881 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr), 882 hbhlen); 883 if (hbh == NULL) { 884 ip6stat[IP6_STAT_TOOSHORT]++; 885 return -1; 886 } 887 KASSERT(IP6_HDR_ALIGNED_P(hbh)); 888 off += hbhlen; 889 hbhlen -= sizeof(struct ip6_hbh); 890 891 if (ip6_process_hopopts(m, (u_int8_t *)hbh + sizeof(struct ip6_hbh), 892 hbhlen, rtalertp, plenp) < 0) 893 return (-1); 894 895 *offp = off; 896 *mp = m; 897 return (0); 898 } 899 900 /* 901 * Search header for all Hop-by-hop options and process each option. 902 * This function is separate from ip6_hopopts_input() in order to 903 * handle a case where the sending node itself process its hop-by-hop 904 * options header. In such a case, the function is called from ip6_output(). 905 * 906 * The function assumes that hbh header is located right after the IPv6 header 907 * (RFC2460 p7), opthead is pointer into data content in m, and opthead to 908 * opthead + hbhlen is located in continuous memory region. 909 */ 910 int 911 ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen, 912 u_int32_t *rtalertp, u_int32_t *plenp) 913 { 914 struct ip6_hdr *ip6; 915 int optlen = 0; 916 u_int8_t *opt = opthead; 917 u_int16_t rtalert_val; 918 u_int32_t jumboplen; 919 const int erroff = sizeof(struct ip6_hdr) + sizeof(struct ip6_hbh); 920 921 for (; hbhlen > 0; hbhlen -= optlen, opt += optlen) { 922 switch (*opt) { 923 case IP6OPT_PAD1: 924 optlen = 1; 925 break; 926 case IP6OPT_PADN: 927 if (hbhlen < IP6OPT_MINLEN) { 928 ip6stat[IP6_STAT_TOOSMALL]++; 929 goto bad; 930 } 931 optlen = *(opt + 1) + 2; 932 break; 933 case IP6OPT_RTALERT: 934 /* XXX may need check for alignment */ 935 if (hbhlen < IP6OPT_RTALERT_LEN) { 936 ip6stat[IP6_STAT_TOOSMALL]++; 937 goto bad; 938 } 939 if (*(opt + 1) != IP6OPT_RTALERT_LEN - 2) { 940 /* XXX stat */ 941 icmp6_error(m, ICMP6_PARAM_PROB, 942 ICMP6_PARAMPROB_HEADER, 943 erroff + opt + 1 - opthead); 944 return (-1); 945 } 946 optlen = IP6OPT_RTALERT_LEN; 947 bcopy((void *)(opt + 2), (void *)&rtalert_val, 2); 948 *rtalertp = ntohs(rtalert_val); 949 break; 950 case IP6OPT_JUMBO: 951 /* XXX may need check for alignment */ 952 if (hbhlen < IP6OPT_JUMBO_LEN) { 953 ip6stat[IP6_STAT_TOOSMALL]++; 954 goto bad; 955 } 956 if (*(opt + 1) != IP6OPT_JUMBO_LEN - 2) { 957 /* XXX stat */ 958 icmp6_error(m, ICMP6_PARAM_PROB, 959 ICMP6_PARAMPROB_HEADER, 960 erroff + opt + 1 - opthead); 961 return (-1); 962 } 963 optlen = IP6OPT_JUMBO_LEN; 964 965 /* 966 * IPv6 packets that have non 0 payload length 967 * must not contain a jumbo payload option. 968 */ 969 ip6 = mtod(m, struct ip6_hdr *); 970 if (ip6->ip6_plen) { 971 ip6stat[IP6_STAT_BADOPTIONS]++; 972 icmp6_error(m, ICMP6_PARAM_PROB, 973 ICMP6_PARAMPROB_HEADER, 974 erroff + opt - opthead); 975 return (-1); 976 } 977 978 /* 979 * We may see jumbolen in unaligned location, so 980 * we'd need to perform bcopy(). 981 */ 982 bcopy(opt + 2, &jumboplen, sizeof(jumboplen)); 983 jumboplen = (u_int32_t)htonl(jumboplen); 984 985 #if 1 986 /* 987 * if there are multiple jumbo payload options, 988 * *plenp will be non-zero and the packet will be 989 * rejected. 990 * the behavior may need some debate in ipngwg - 991 * multiple options does not make sense, however, 992 * there's no explicit mention in specification. 993 */ 994 if (*plenp != 0) { 995 ip6stat[IP6_STAT_BADOPTIONS]++; 996 icmp6_error(m, ICMP6_PARAM_PROB, 997 ICMP6_PARAMPROB_HEADER, 998 erroff + opt + 2 - opthead); 999 return (-1); 1000 } 1001 #endif 1002 1003 /* 1004 * jumbo payload length must be larger than 65535. 1005 */ 1006 if (jumboplen <= IPV6_MAXPACKET) { 1007 ip6stat[IP6_STAT_BADOPTIONS]++; 1008 icmp6_error(m, ICMP6_PARAM_PROB, 1009 ICMP6_PARAMPROB_HEADER, 1010 erroff + opt + 2 - opthead); 1011 return (-1); 1012 } 1013 *plenp = jumboplen; 1014 1015 break; 1016 default: /* unknown option */ 1017 if (hbhlen < IP6OPT_MINLEN) { 1018 ip6stat[IP6_STAT_TOOSMALL]++; 1019 goto bad; 1020 } 1021 optlen = ip6_unknown_opt(opt, m, 1022 erroff + opt - opthead); 1023 if (optlen == -1) 1024 return (-1); 1025 optlen += 2; 1026 break; 1027 } 1028 } 1029 1030 return (0); 1031 1032 bad: 1033 m_freem(m); 1034 return (-1); 1035 } 1036 1037 /* 1038 * Unknown option processing. 1039 * The third argument `off' is the offset from the IPv6 header to the option, 1040 * which is necessary if the IPv6 header the and option header and IPv6 header 1041 * is not continuous in order to return an ICMPv6 error. 1042 */ 1043 int 1044 ip6_unknown_opt(u_int8_t *optp, struct mbuf *m, int off) 1045 { 1046 struct ip6_hdr *ip6; 1047 1048 switch (IP6OPT_TYPE(*optp)) { 1049 case IP6OPT_TYPE_SKIP: /* ignore the option */ 1050 return ((int)*(optp + 1)); 1051 case IP6OPT_TYPE_DISCARD: /* silently discard */ 1052 m_freem(m); 1053 return (-1); 1054 case IP6OPT_TYPE_FORCEICMP: /* send ICMP even if multicasted */ 1055 ip6stat[IP6_STAT_BADOPTIONS]++; 1056 icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_OPTION, off); 1057 return (-1); 1058 case IP6OPT_TYPE_ICMP: /* send ICMP if not multicasted */ 1059 ip6stat[IP6_STAT_BADOPTIONS]++; 1060 ip6 = mtod(m, struct ip6_hdr *); 1061 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) || 1062 (m->m_flags & (M_BCAST|M_MCAST))) 1063 m_freem(m); 1064 else 1065 icmp6_error(m, ICMP6_PARAM_PROB, 1066 ICMP6_PARAMPROB_OPTION, off); 1067 return (-1); 1068 } 1069 1070 m_freem(m); /* XXX: NOTREACHED */ 1071 return (-1); 1072 } 1073 1074 /* 1075 * Create the "control" list for this pcb. 1076 * 1077 * The routine will be called from upper layer handlers like tcp6_input(). 1078 * Thus the routine assumes that the caller (tcp6_input) have already 1079 * called IP6_EXTHDR_CHECK() and all the extension headers are located in the 1080 * very first mbuf on the mbuf chain. 1081 * We may want to add some infinite loop prevention or sanity checks for safety. 1082 * (This applies only when you are using KAME mbuf chain restriction, i.e. 1083 * you are using IP6_EXTHDR_CHECK() not m_pulldown()) 1084 */ 1085 void 1086 ip6_savecontrol(struct in6pcb *in6p, struct mbuf **mp, 1087 struct ip6_hdr *ip6, struct mbuf *m) 1088 { 1089 #ifdef RFC2292 1090 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) 1091 #else 1092 #define IS2292(x, y) (y) 1093 #endif 1094 1095 #ifdef SO_TIMESTAMP 1096 if (in6p->in6p_socket->so_options & SO_TIMESTAMP) { 1097 struct timeval tv; 1098 1099 microtime(&tv); 1100 *mp = sbcreatecontrol((void *) &tv, sizeof(tv), 1101 SCM_TIMESTAMP, SOL_SOCKET); 1102 if (*mp) 1103 mp = &(*mp)->m_next; 1104 } 1105 #endif 1106 1107 /* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */ 1108 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) 1109 return; 1110 1111 /* RFC 2292 sec. 5 */ 1112 if ((in6p->in6p_flags & IN6P_PKTINFO) != 0) { 1113 struct in6_pktinfo pi6; 1114 1115 bcopy(&ip6->ip6_dst, &pi6.ipi6_addr, sizeof(struct in6_addr)); 1116 in6_clearscope(&pi6.ipi6_addr); /* XXX */ 1117 pi6.ipi6_ifindex = m->m_pkthdr.rcvif ? 1118 m->m_pkthdr.rcvif->if_index : 0; 1119 *mp = sbcreatecontrol((void *) &pi6, 1120 sizeof(struct in6_pktinfo), 1121 IS2292(IPV6_2292PKTINFO, IPV6_PKTINFO), IPPROTO_IPV6); 1122 if (*mp) 1123 mp = &(*mp)->m_next; 1124 } 1125 1126 if (in6p->in6p_flags & IN6P_HOPLIMIT) { 1127 int hlim = ip6->ip6_hlim & 0xff; 1128 1129 *mp = sbcreatecontrol((void *) &hlim, sizeof(int), 1130 IS2292(IPV6_2292HOPLIMIT, IPV6_HOPLIMIT), IPPROTO_IPV6); 1131 if (*mp) 1132 mp = &(*mp)->m_next; 1133 } 1134 1135 if ((in6p->in6p_flags & IN6P_TCLASS) != 0) { 1136 u_int32_t flowinfo; 1137 int tclass; 1138 1139 flowinfo = (u_int32_t)ntohl(ip6->ip6_flow & IPV6_FLOWINFO_MASK); 1140 flowinfo >>= 20; 1141 1142 tclass = flowinfo & 0xff; 1143 *mp = sbcreatecontrol((void *)&tclass, sizeof(tclass), 1144 IPV6_TCLASS, IPPROTO_IPV6); 1145 1146 if (*mp) 1147 mp = &(*mp)->m_next; 1148 } 1149 1150 /* 1151 * IPV6_HOPOPTS socket option. Recall that we required super-user 1152 * privilege for the option (see ip6_ctloutput), but it might be too 1153 * strict, since there might be some hop-by-hop options which can be 1154 * returned to normal user. 1155 * See also RFC3542 section 8 (or RFC2292 section 6). 1156 */ 1157 if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0) { 1158 /* 1159 * Check if a hop-by-hop options header is contatined in the 1160 * received packet, and if so, store the options as ancillary 1161 * data. Note that a hop-by-hop options header must be 1162 * just after the IPv6 header, which fact is assured through 1163 * the IPv6 input processing. 1164 */ 1165 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *); 1166 if (xip6->ip6_nxt == IPPROTO_HOPOPTS) { 1167 struct ip6_hbh *hbh; 1168 int hbhlen; 1169 struct mbuf *ext; 1170 1171 ext = ip6_pullexthdr(m, sizeof(struct ip6_hdr), 1172 xip6->ip6_nxt); 1173 if (ext == NULL) { 1174 ip6stat[IP6_STAT_TOOSHORT]++; 1175 return; 1176 } 1177 hbh = mtod(ext, struct ip6_hbh *); 1178 hbhlen = (hbh->ip6h_len + 1) << 3; 1179 if (hbhlen != ext->m_len) { 1180 m_freem(ext); 1181 ip6stat[IP6_STAT_TOOSHORT]++; 1182 return; 1183 } 1184 1185 /* 1186 * XXX: We copy whole the header even if a jumbo 1187 * payload option is included, which option is to 1188 * be removed before returning in the RFC 2292. 1189 * Note: this constraint is removed in RFC3542. 1190 */ 1191 *mp = sbcreatecontrol((void *)hbh, hbhlen, 1192 IS2292(IPV6_2292HOPOPTS, IPV6_HOPOPTS), 1193 IPPROTO_IPV6); 1194 if (*mp) 1195 mp = &(*mp)->m_next; 1196 m_freem(ext); 1197 } 1198 } 1199 1200 /* IPV6_DSTOPTS and IPV6_RTHDR socket options */ 1201 if (in6p->in6p_flags & (IN6P_DSTOPTS | IN6P_RTHDR)) { 1202 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *); 1203 int nxt = xip6->ip6_nxt, off = sizeof(struct ip6_hdr); 1204 1205 /* 1206 * Search for destination options headers or routing 1207 * header(s) through the header chain, and stores each 1208 * header as ancillary data. 1209 * Note that the order of the headers remains in 1210 * the chain of ancillary data. 1211 */ 1212 for (;;) { /* is explicit loop prevention necessary? */ 1213 struct ip6_ext *ip6e = NULL; 1214 int elen; 1215 struct mbuf *ext = NULL; 1216 1217 /* 1218 * if it is not an extension header, don't try to 1219 * pull it from the chain. 1220 */ 1221 switch (nxt) { 1222 case IPPROTO_DSTOPTS: 1223 case IPPROTO_ROUTING: 1224 case IPPROTO_HOPOPTS: 1225 case IPPROTO_AH: /* is it possible? */ 1226 break; 1227 default: 1228 goto loopend; 1229 } 1230 1231 ext = ip6_pullexthdr(m, off, nxt); 1232 if (ext == NULL) { 1233 ip6stat[IP6_STAT_TOOSHORT]++; 1234 return; 1235 } 1236 ip6e = mtod(ext, struct ip6_ext *); 1237 if (nxt == IPPROTO_AH) 1238 elen = (ip6e->ip6e_len + 2) << 2; 1239 else 1240 elen = (ip6e->ip6e_len + 1) << 3; 1241 if (elen != ext->m_len) { 1242 m_freem(ext); 1243 ip6stat[IP6_STAT_TOOSHORT]++; 1244 return; 1245 } 1246 KASSERT(IP6_HDR_ALIGNED_P(ip6e)); 1247 1248 switch (nxt) { 1249 case IPPROTO_DSTOPTS: 1250 if (!in6p->in6p_flags & IN6P_DSTOPTS) 1251 break; 1252 1253 *mp = sbcreatecontrol((void *)ip6e, elen, 1254 IS2292(IPV6_2292DSTOPTS, IPV6_DSTOPTS), 1255 IPPROTO_IPV6); 1256 if (*mp) 1257 mp = &(*mp)->m_next; 1258 break; 1259 1260 case IPPROTO_ROUTING: 1261 if (!in6p->in6p_flags & IN6P_RTHDR) 1262 break; 1263 1264 *mp = sbcreatecontrol((void *)ip6e, elen, 1265 IS2292(IPV6_2292RTHDR, IPV6_RTHDR), 1266 IPPROTO_IPV6); 1267 if (*mp) 1268 mp = &(*mp)->m_next; 1269 break; 1270 1271 case IPPROTO_HOPOPTS: 1272 case IPPROTO_AH: /* is it possible? */ 1273 break; 1274 1275 default: 1276 /* 1277 * other cases have been filtered in the above. 1278 * none will visit this case. here we supply 1279 * the code just in case (nxt overwritten or 1280 * other cases). 1281 */ 1282 m_freem(ext); 1283 goto loopend; 1284 1285 } 1286 1287 /* proceed with the next header. */ 1288 off += elen; 1289 nxt = ip6e->ip6e_nxt; 1290 ip6e = NULL; 1291 m_freem(ext); 1292 ext = NULL; 1293 } 1294 loopend: 1295 ; 1296 } 1297 } 1298 #undef IS2292 1299 1300 1301 void 1302 ip6_notify_pmtu(struct in6pcb *in6p, const struct sockaddr_in6 *dst, 1303 uint32_t *mtu) 1304 { 1305 struct socket *so; 1306 struct mbuf *m_mtu; 1307 struct ip6_mtuinfo mtuctl; 1308 1309 so = in6p->in6p_socket; 1310 1311 if (mtu == NULL) 1312 return; 1313 1314 #ifdef DIAGNOSTIC 1315 if (so == NULL) /* I believe this is impossible */ 1316 panic("ip6_notify_pmtu: socket is NULL"); 1317 #endif 1318 1319 memset(&mtuctl, 0, sizeof(mtuctl)); /* zero-clear for safety */ 1320 mtuctl.ip6m_mtu = *mtu; 1321 mtuctl.ip6m_addr = *dst; 1322 if (sa6_recoverscope(&mtuctl.ip6m_addr)) 1323 return; 1324 1325 if ((m_mtu = sbcreatecontrol((void *)&mtuctl, sizeof(mtuctl), 1326 IPV6_PATHMTU, IPPROTO_IPV6)) == NULL) 1327 return; 1328 1329 if (sbappendaddr(&so->so_rcv, (const struct sockaddr *)dst, NULL, m_mtu) 1330 == 0) { 1331 m_freem(m_mtu); 1332 /* XXX: should count statistics */ 1333 } else 1334 sorwakeup(so); 1335 1336 return; 1337 } 1338 1339 /* 1340 * pull single extension header from mbuf chain. returns single mbuf that 1341 * contains the result, or NULL on error. 1342 */ 1343 static struct mbuf * 1344 ip6_pullexthdr(struct mbuf *m, size_t off, int nxt) 1345 { 1346 struct ip6_ext ip6e; 1347 size_t elen; 1348 struct mbuf *n; 1349 1350 #ifdef DIAGNOSTIC 1351 switch (nxt) { 1352 case IPPROTO_DSTOPTS: 1353 case IPPROTO_ROUTING: 1354 case IPPROTO_HOPOPTS: 1355 case IPPROTO_AH: /* is it possible? */ 1356 break; 1357 default: 1358 printf("ip6_pullexthdr: invalid nxt=%d\n", nxt); 1359 } 1360 #endif 1361 1362 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); 1363 if (nxt == IPPROTO_AH) 1364 elen = (ip6e.ip6e_len + 2) << 2; 1365 else 1366 elen = (ip6e.ip6e_len + 1) << 3; 1367 1368 MGET(n, M_DONTWAIT, MT_DATA); 1369 if (n && elen >= MLEN) { 1370 MCLGET(n, M_DONTWAIT); 1371 if ((n->m_flags & M_EXT) == 0) { 1372 m_free(n); 1373 n = NULL; 1374 } 1375 } 1376 if (!n) 1377 return NULL; 1378 1379 n->m_len = 0; 1380 if (elen >= M_TRAILINGSPACE(n)) { 1381 m_free(n); 1382 return NULL; 1383 } 1384 1385 m_copydata(m, off, elen, mtod(n, void *)); 1386 n->m_len = elen; 1387 return n; 1388 } 1389 1390 /* 1391 * Get pointer to the previous header followed by the header 1392 * currently processed. 1393 * XXX: This function supposes that 1394 * M includes all headers, 1395 * the next header field and the header length field of each header 1396 * are valid, and 1397 * the sum of each header length equals to OFF. 1398 * Because of these assumptions, this function must be called very 1399 * carefully. Moreover, it will not be used in the near future when 1400 * we develop `neater' mechanism to process extension headers. 1401 */ 1402 u_int8_t * 1403 ip6_get_prevhdr(struct mbuf *m, int off) 1404 { 1405 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 1406 1407 if (off == sizeof(struct ip6_hdr)) 1408 return (&ip6->ip6_nxt); 1409 else { 1410 int len, nxt; 1411 struct ip6_ext *ip6e = NULL; 1412 1413 nxt = ip6->ip6_nxt; 1414 len = sizeof(struct ip6_hdr); 1415 while (len < off) { 1416 ip6e = (struct ip6_ext *)(mtod(m, char *) + len); 1417 1418 switch (nxt) { 1419 case IPPROTO_FRAGMENT: 1420 len += sizeof(struct ip6_frag); 1421 break; 1422 case IPPROTO_AH: 1423 len += (ip6e->ip6e_len + 2) << 2; 1424 break; 1425 default: 1426 len += (ip6e->ip6e_len + 1) << 3; 1427 break; 1428 } 1429 nxt = ip6e->ip6e_nxt; 1430 } 1431 if (ip6e) 1432 return (&ip6e->ip6e_nxt); 1433 else 1434 return NULL; 1435 } 1436 } 1437 1438 /* 1439 * get next header offset. m will be retained. 1440 */ 1441 int 1442 ip6_nexthdr(struct mbuf *m, int off, int proto, int *nxtp) 1443 { 1444 struct ip6_hdr ip6; 1445 struct ip6_ext ip6e; 1446 struct ip6_frag fh; 1447 1448 /* just in case */ 1449 if (m == NULL) 1450 panic("ip6_nexthdr: m == NULL"); 1451 if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len < off) 1452 return -1; 1453 1454 switch (proto) { 1455 case IPPROTO_IPV6: 1456 /* do not chase beyond intermediate IPv6 headers */ 1457 if (off != 0) 1458 return -1; 1459 if (m->m_pkthdr.len < off + sizeof(ip6)) 1460 return -1; 1461 m_copydata(m, off, sizeof(ip6), (void *)&ip6); 1462 if (nxtp) 1463 *nxtp = ip6.ip6_nxt; 1464 off += sizeof(ip6); 1465 return off; 1466 1467 case IPPROTO_FRAGMENT: 1468 /* 1469 * terminate parsing if it is not the first fragment, 1470 * it does not make sense to parse through it. 1471 */ 1472 if (m->m_pkthdr.len < off + sizeof(fh)) 1473 return -1; 1474 m_copydata(m, off, sizeof(fh), (void *)&fh); 1475 if ((fh.ip6f_offlg & IP6F_OFF_MASK) != 0) 1476 return -1; 1477 if (nxtp) 1478 *nxtp = fh.ip6f_nxt; 1479 off += sizeof(struct ip6_frag); 1480 return off; 1481 1482 case IPPROTO_AH: 1483 if (m->m_pkthdr.len < off + sizeof(ip6e)) 1484 return -1; 1485 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); 1486 if (nxtp) 1487 *nxtp = ip6e.ip6e_nxt; 1488 off += (ip6e.ip6e_len + 2) << 2; 1489 if (m->m_pkthdr.len < off) 1490 return -1; 1491 return off; 1492 1493 case IPPROTO_HOPOPTS: 1494 case IPPROTO_ROUTING: 1495 case IPPROTO_DSTOPTS: 1496 if (m->m_pkthdr.len < off + sizeof(ip6e)) 1497 return -1; 1498 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); 1499 if (nxtp) 1500 *nxtp = ip6e.ip6e_nxt; 1501 off += (ip6e.ip6e_len + 1) << 3; 1502 if (m->m_pkthdr.len < off) 1503 return -1; 1504 return off; 1505 1506 case IPPROTO_NONE: 1507 case IPPROTO_ESP: 1508 case IPPROTO_IPCOMP: 1509 /* give up */ 1510 return -1; 1511 1512 default: 1513 return -1; 1514 } 1515 } 1516 1517 /* 1518 * get offset for the last header in the chain. m will be kept untainted. 1519 */ 1520 int 1521 ip6_lasthdr(struct mbuf *m, int off, int proto, int *nxtp) 1522 { 1523 int newoff; 1524 int nxt; 1525 1526 if (!nxtp) { 1527 nxt = -1; 1528 nxtp = &nxt; 1529 } 1530 for (;;) { 1531 newoff = ip6_nexthdr(m, off, proto, nxtp); 1532 if (newoff < 0) 1533 return off; 1534 else if (newoff < off) 1535 return -1; /* invalid */ 1536 else if (newoff == off) 1537 return newoff; 1538 1539 off = newoff; 1540 proto = *nxtp; 1541 } 1542 } 1543 1544 struct m_tag * 1545 ip6_addaux(struct mbuf *m) 1546 { 1547 struct m_tag *mtag; 1548 1549 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); 1550 if (!mtag) { 1551 mtag = m_tag_get(PACKET_TAG_INET6, sizeof(struct ip6aux), 1552 M_NOWAIT); 1553 if (mtag) { 1554 m_tag_prepend(m, mtag); 1555 bzero(mtag + 1, sizeof(struct ip6aux)); 1556 } 1557 } 1558 return mtag; 1559 } 1560 1561 struct m_tag * 1562 ip6_findaux(struct mbuf *m) 1563 { 1564 struct m_tag *mtag; 1565 1566 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); 1567 return mtag; 1568 } 1569 1570 void 1571 ip6_delaux(struct mbuf *m) 1572 { 1573 struct m_tag *mtag; 1574 1575 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); 1576 if (mtag) 1577 m_tag_delete(m, mtag); 1578 } 1579 1580 #ifdef GATEWAY 1581 /* 1582 * sysctl helper routine for net.inet.ip6.maxflows. Since 1583 * we could reduce this value, call ip6flow_reap(); 1584 */ 1585 static int 1586 sysctl_net_inet6_ip6_maxflows(SYSCTLFN_ARGS) 1587 { 1588 int s; 1589 1590 s = sysctl_lookup(SYSCTLFN_CALL(rnode)); 1591 if (s || newp == NULL) 1592 return (s); 1593 1594 s = splsoftnet(); 1595 ip6flow_reap(0); 1596 splx(s); 1597 1598 return (0); 1599 } 1600 1601 static int 1602 sysctl_net_inet6_ip6_hashsize(SYSCTLFN_ARGS) 1603 { 1604 int error, tmp; 1605 struct sysctlnode node; 1606 1607 node = *rnode; 1608 tmp = ip6_hashsize; 1609 node.sysctl_data = &tmp; 1610 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1611 if (error || newp == NULL) 1612 return (error); 1613 1614 if ((tmp & (tmp - 1)) == 0 && tmp != 0) { 1615 /* 1616 * Can only fail due to malloc() 1617 */ 1618 if (ip6flow_invalidate_all(tmp)) 1619 return ENOMEM; 1620 } else { 1621 /* 1622 * EINVAL if not a power of 2 1623 */ 1624 return EINVAL; 1625 } 1626 1627 return (0); 1628 } 1629 #endif /* GATEWAY */ 1630 1631 /* 1632 * System control for IP6 1633 */ 1634 1635 u_char inet6ctlerrmap[PRC_NCMDS] = { 1636 0, 0, 0, 0, 1637 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH, 1638 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED, 1639 EMSGSIZE, EHOSTUNREACH, 0, 0, 1640 0, 0, 0, 0, 1641 ENOPROTOOPT 1642 }; 1643 1644 SYSCTL_SETUP(sysctl_net_inet6_ip6_setup, "sysctl net.inet6.ip6 subtree setup") 1645 { 1646 #ifdef RFC2292 1647 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) 1648 #else 1649 #define IS2292(x, y) (y) 1650 #endif 1651 1652 sysctl_createv(clog, 0, NULL, NULL, 1653 CTLFLAG_PERMANENT, 1654 CTLTYPE_NODE, "net", NULL, 1655 NULL, 0, NULL, 0, 1656 CTL_NET, CTL_EOL); 1657 sysctl_createv(clog, 0, NULL, NULL, 1658 CTLFLAG_PERMANENT, 1659 CTLTYPE_NODE, "inet6", 1660 SYSCTL_DESCR("PF_INET6 related settings"), 1661 NULL, 0, NULL, 0, 1662 CTL_NET, PF_INET6, CTL_EOL); 1663 sysctl_createv(clog, 0, NULL, NULL, 1664 CTLFLAG_PERMANENT, 1665 CTLTYPE_NODE, "ip6", 1666 SYSCTL_DESCR("IPv6 related settings"), 1667 NULL, 0, NULL, 0, 1668 CTL_NET, PF_INET6, IPPROTO_IPV6, CTL_EOL); 1669 1670 sysctl_createv(clog, 0, NULL, NULL, 1671 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1672 CTLTYPE_INT, "forwarding", 1673 SYSCTL_DESCR("Enable forwarding of INET6 datagrams"), 1674 NULL, 0, &ip6_forwarding, 0, 1675 CTL_NET, PF_INET6, IPPROTO_IPV6, 1676 IPV6CTL_FORWARDING, CTL_EOL); 1677 sysctl_createv(clog, 0, NULL, NULL, 1678 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1679 CTLTYPE_INT, "redirect", 1680 SYSCTL_DESCR("Enable sending of ICMPv6 redirect messages"), 1681 NULL, 0, &ip6_sendredirects, 0, 1682 CTL_NET, PF_INET6, IPPROTO_IPV6, 1683 IPV6CTL_SENDREDIRECTS, CTL_EOL); 1684 sysctl_createv(clog, 0, NULL, NULL, 1685 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1686 CTLTYPE_INT, "hlim", 1687 SYSCTL_DESCR("Hop limit for an INET6 datagram"), 1688 NULL, 0, &ip6_defhlim, 0, 1689 CTL_NET, PF_INET6, IPPROTO_IPV6, 1690 IPV6CTL_DEFHLIM, CTL_EOL); 1691 #ifdef notyet 1692 sysctl_createv(clog, 0, NULL, NULL, 1693 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1694 CTLTYPE_INT, "mtu", NULL, 1695 NULL, 0, &, 0, 1696 CTL_NET, PF_INET6, IPPROTO_IPV6, 1697 IPV6CTL_DEFMTU, CTL_EOL); 1698 #endif 1699 #ifdef __no_idea__ 1700 sysctl_createv(clog, 0, NULL, NULL, 1701 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1702 CTLTYPE_INT, "forwsrcrt", NULL, 1703 NULL, 0, &?, 0, 1704 CTL_NET, PF_INET6, IPPROTO_IPV6, 1705 IPV6CTL_FORWSRCRT, CTL_EOL); 1706 sysctl_createv(clog, 0, NULL, NULL, 1707 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1708 CTLTYPE_STRUCT, "mrtstats", NULL, 1709 NULL, 0, &?, sizeof(?), 1710 CTL_NET, PF_INET6, IPPROTO_IPV6, 1711 IPV6CTL_MRTSTATS, CTL_EOL); 1712 sysctl_createv(clog, 0, NULL, NULL, 1713 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1714 CTLTYPE_?, "mrtproto", NULL, 1715 NULL, 0, &?, sizeof(?), 1716 CTL_NET, PF_INET6, IPPROTO_IPV6, 1717 IPV6CTL_MRTPROTO, CTL_EOL); 1718 #endif 1719 sysctl_createv(clog, 0, NULL, NULL, 1720 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1721 CTLTYPE_INT, "maxfragpackets", 1722 SYSCTL_DESCR("Maximum number of fragments to buffer " 1723 "for reassembly"), 1724 NULL, 0, &ip6_maxfragpackets, 0, 1725 CTL_NET, PF_INET6, IPPROTO_IPV6, 1726 IPV6CTL_MAXFRAGPACKETS, CTL_EOL); 1727 #ifdef __no_idea__ 1728 sysctl_createv(clog, 0, NULL, NULL, 1729 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1730 CTLTYPE_INT, "sourcecheck", NULL, 1731 NULL, 0, &?, 0, 1732 CTL_NET, PF_INET6, IPPROTO_IPV6, 1733 IPV6CTL_SOURCECHECK, CTL_EOL); 1734 sysctl_createv(clog, 0, NULL, NULL, 1735 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1736 CTLTYPE_INT, "sourcecheck_logint", NULL, 1737 NULL, 0, &?, 0, 1738 CTL_NET, PF_INET6, IPPROTO_IPV6, 1739 IPV6CTL_SOURCECHECK_LOGINT, CTL_EOL); 1740 #endif 1741 sysctl_createv(clog, 0, NULL, NULL, 1742 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1743 CTLTYPE_INT, "accept_rtadv", 1744 SYSCTL_DESCR("Accept router advertisements"), 1745 NULL, 0, &ip6_accept_rtadv, 0, 1746 CTL_NET, PF_INET6, IPPROTO_IPV6, 1747 IPV6CTL_ACCEPT_RTADV, CTL_EOL); 1748 sysctl_createv(clog, 0, NULL, NULL, 1749 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1750 CTLTYPE_INT, "keepfaith", 1751 SYSCTL_DESCR("Activate faith interface"), 1752 NULL, 0, &ip6_keepfaith, 0, 1753 CTL_NET, PF_INET6, IPPROTO_IPV6, 1754 IPV6CTL_KEEPFAITH, CTL_EOL); 1755 sysctl_createv(clog, 0, NULL, NULL, 1756 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1757 CTLTYPE_INT, "log_interval", 1758 SYSCTL_DESCR("Minumum interval between logging " 1759 "unroutable packets"), 1760 NULL, 0, &ip6_log_interval, 0, 1761 CTL_NET, PF_INET6, IPPROTO_IPV6, 1762 IPV6CTL_LOG_INTERVAL, CTL_EOL); 1763 sysctl_createv(clog, 0, NULL, NULL, 1764 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1765 CTLTYPE_INT, "hdrnestlimit", 1766 SYSCTL_DESCR("Maximum number of nested IPv6 headers"), 1767 NULL, 0, &ip6_hdrnestlimit, 0, 1768 CTL_NET, PF_INET6, IPPROTO_IPV6, 1769 IPV6CTL_HDRNESTLIMIT, CTL_EOL); 1770 sysctl_createv(clog, 0, NULL, NULL, 1771 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1772 CTLTYPE_INT, "dad_count", 1773 SYSCTL_DESCR("Number of Duplicate Address Detection " 1774 "probes to send"), 1775 NULL, 0, &ip6_dad_count, 0, 1776 CTL_NET, PF_INET6, IPPROTO_IPV6, 1777 IPV6CTL_DAD_COUNT, CTL_EOL); 1778 sysctl_createv(clog, 0, NULL, NULL, 1779 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1780 CTLTYPE_INT, "auto_flowlabel", 1781 SYSCTL_DESCR("Assign random IPv6 flow labels"), 1782 NULL, 0, &ip6_auto_flowlabel, 0, 1783 CTL_NET, PF_INET6, IPPROTO_IPV6, 1784 IPV6CTL_AUTO_FLOWLABEL, CTL_EOL); 1785 sysctl_createv(clog, 0, NULL, NULL, 1786 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1787 CTLTYPE_INT, "defmcasthlim", 1788 SYSCTL_DESCR("Default multicast hop limit"), 1789 NULL, 0, &ip6_defmcasthlim, 0, 1790 CTL_NET, PF_INET6, IPPROTO_IPV6, 1791 IPV6CTL_DEFMCASTHLIM, CTL_EOL); 1792 #if NGIF > 0 1793 sysctl_createv(clog, 0, NULL, NULL, 1794 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1795 CTLTYPE_INT, "gifhlim", 1796 SYSCTL_DESCR("Default hop limit for a gif tunnel datagram"), 1797 NULL, 0, &ip6_gif_hlim, 0, 1798 CTL_NET, PF_INET6, IPPROTO_IPV6, 1799 IPV6CTL_GIF_HLIM, CTL_EOL); 1800 #endif /* NGIF */ 1801 sysctl_createv(clog, 0, NULL, NULL, 1802 CTLFLAG_PERMANENT, 1803 CTLTYPE_STRING, "kame_version", 1804 SYSCTL_DESCR("KAME Version"), 1805 NULL, 0, __UNCONST(__KAME_VERSION), 0, 1806 CTL_NET, PF_INET6, IPPROTO_IPV6, 1807 IPV6CTL_KAME_VERSION, CTL_EOL); 1808 sysctl_createv(clog, 0, NULL, NULL, 1809 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1810 CTLTYPE_INT, "use_deprecated", 1811 SYSCTL_DESCR("Allow use of deprecated addresses as " 1812 "source addresses"), 1813 NULL, 0, &ip6_use_deprecated, 0, 1814 CTL_NET, PF_INET6, IPPROTO_IPV6, 1815 IPV6CTL_USE_DEPRECATED, CTL_EOL); 1816 sysctl_createv(clog, 0, NULL, NULL, 1817 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1818 CTLTYPE_INT, "rr_prune", NULL, 1819 NULL, 0, &ip6_rr_prune, 0, 1820 CTL_NET, PF_INET6, IPPROTO_IPV6, 1821 IPV6CTL_RR_PRUNE, CTL_EOL); 1822 sysctl_createv(clog, 0, NULL, NULL, 1823 CTLFLAG_PERMANENT 1824 #ifndef INET6_BINDV6ONLY 1825 |CTLFLAG_READWRITE, 1826 #endif 1827 CTLTYPE_INT, "v6only", 1828 SYSCTL_DESCR("Disallow PF_INET6 sockets from connecting " 1829 "to PF_INET sockets"), 1830 NULL, 0, &ip6_v6only, 0, 1831 CTL_NET, PF_INET6, IPPROTO_IPV6, 1832 IPV6CTL_V6ONLY, CTL_EOL); 1833 sysctl_createv(clog, 0, NULL, NULL, 1834 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1835 CTLTYPE_INT, "anonportmin", 1836 SYSCTL_DESCR("Lowest ephemeral port number to assign"), 1837 sysctl_net_inet_ip_ports, 0, &ip6_anonportmin, 0, 1838 CTL_NET, PF_INET6, IPPROTO_IPV6, 1839 IPV6CTL_ANONPORTMIN, CTL_EOL); 1840 sysctl_createv(clog, 0, NULL, NULL, 1841 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1842 CTLTYPE_INT, "anonportmax", 1843 SYSCTL_DESCR("Highest ephemeral port number to assign"), 1844 sysctl_net_inet_ip_ports, 0, &ip6_anonportmax, 0, 1845 CTL_NET, PF_INET6, IPPROTO_IPV6, 1846 IPV6CTL_ANONPORTMAX, CTL_EOL); 1847 #ifndef IPNOPRIVPORTS 1848 sysctl_createv(clog, 0, NULL, NULL, 1849 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1850 CTLTYPE_INT, "lowportmin", 1851 SYSCTL_DESCR("Lowest privileged ephemeral port number " 1852 "to assign"), 1853 sysctl_net_inet_ip_ports, 0, &ip6_lowportmin, 0, 1854 CTL_NET, PF_INET6, IPPROTO_IPV6, 1855 IPV6CTL_LOWPORTMIN, CTL_EOL); 1856 sysctl_createv(clog, 0, NULL, NULL, 1857 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1858 CTLTYPE_INT, "lowportmax", 1859 SYSCTL_DESCR("Highest privileged ephemeral port number " 1860 "to assign"), 1861 sysctl_net_inet_ip_ports, 0, &ip6_lowportmax, 0, 1862 CTL_NET, PF_INET6, IPPROTO_IPV6, 1863 IPV6CTL_LOWPORTMAX, CTL_EOL); 1864 #endif /* IPNOPRIVPORTS */ 1865 sysctl_createv(clog, 0, NULL, NULL, 1866 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1867 CTLTYPE_INT, "use_tempaddr", 1868 SYSCTL_DESCR("Use temporary address"), 1869 NULL, 0, &ip6_use_tempaddr, 0, 1870 CTL_NET, PF_INET6, IPPROTO_IPV6, 1871 CTL_CREATE, CTL_EOL); 1872 sysctl_createv(clog, 0, NULL, NULL, 1873 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1874 CTLTYPE_INT, "temppltime", 1875 SYSCTL_DESCR("preferred lifetime of a temporary address"), 1876 NULL, 0, &ip6_temp_preferred_lifetime, 0, 1877 CTL_NET, PF_INET6, IPPROTO_IPV6, 1878 CTL_CREATE, CTL_EOL); 1879 sysctl_createv(clog, 0, NULL, NULL, 1880 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1881 CTLTYPE_INT, "tempvltime", 1882 SYSCTL_DESCR("valid lifetime of a temporary address"), 1883 NULL, 0, &ip6_temp_valid_lifetime, 0, 1884 CTL_NET, PF_INET6, IPPROTO_IPV6, 1885 CTL_CREATE, CTL_EOL); 1886 sysctl_createv(clog, 0, NULL, NULL, 1887 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1888 CTLTYPE_INT, "maxfrags", 1889 SYSCTL_DESCR("Maximum fragments in reassembly queue"), 1890 NULL, 0, &ip6_maxfrags, 0, 1891 CTL_NET, PF_INET6, IPPROTO_IPV6, 1892 IPV6CTL_MAXFRAGS, CTL_EOL); 1893 sysctl_createv(clog, 0, NULL, NULL, 1894 CTLFLAG_PERMANENT, 1895 CTLTYPE_STRUCT, "stats", 1896 SYSCTL_DESCR("IPv6 statistics"), 1897 NULL, 0, ip6stat, sizeof(ip6stat), 1898 CTL_NET, PF_INET6, IPPROTO_IPV6, 1899 IPV6CTL_STATS, CTL_EOL); 1900 sysctl_createv(clog, 0, NULL, NULL, 1901 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1902 CTLTYPE_INT, "use_defaultzone", 1903 SYSCTL_DESCR("Whether to use the default scope zones"), 1904 NULL, 0, &ip6_use_defzone, 0, 1905 CTL_NET, PF_INET6, IPPROTO_IPV6, 1906 IPV6CTL_USE_DEFAULTZONE, CTL_EOL); 1907 sysctl_createv(clog, 0, NULL, NULL, 1908 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1909 CTLTYPE_INT, "mcast_pmtu", 1910 SYSCTL_DESCR("Enable pMTU discovery for multicast packet"), 1911 NULL, 0, &ip6_mcast_pmtu, 0, 1912 CTL_NET, PF_INET6, IPPROTO_IPV6, 1913 CTL_CREATE, CTL_EOL); 1914 #ifdef GATEWAY 1915 sysctl_createv(clog, 0, NULL, NULL, 1916 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1917 CTLTYPE_INT, "maxflows", 1918 SYSCTL_DESCR("Number of flows for fast forwarding (IPv6)"), 1919 sysctl_net_inet6_ip6_maxflows, 0, &ip6_maxflows, 0, 1920 CTL_NET, PF_INET6, IPPROTO_IPV6, 1921 CTL_CREATE, CTL_EOL); 1922 sysctl_createv(clog, 0, NULL, NULL, 1923 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1924 CTLTYPE_INT, "hashsize", 1925 SYSCTL_DESCR("Size of hash table for fast forwarding (IPv6)"), 1926 sysctl_net_inet6_ip6_hashsize, 0, &ip6_hashsize, 0, 1927 CTL_NET, PF_INET6, IPPROTO_IPV6, 1928 CTL_CREATE, CTL_EOL); 1929 #endif 1930 } 1931
Indexes created Tue Sep 23 14:10:03 GMT 2025