]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet/ip_input.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-792.22.5.tar.gz
[apple/xnu.git] / bsd / netinet / ip_input.c
1 /*
2 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1982, 1986, 1988, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94
61 * $FreeBSD: src/sys/netinet/ip_input.c,v 1.130.2.25 2001/08/29 21:41:37 jesper Exp $
62 */
63
64 #define _IP_VHL
65
66 #include <sys/param.h>
67 #include <sys/systm.h>
68 #include <sys/mbuf.h>
69 #include <sys/malloc.h>
70 #include <sys/domain.h>
71 #include <sys/protosw.h>
72 #include <sys/socket.h>
73 #include <sys/time.h>
74 #include <sys/kernel.h>
75 #include <sys/syslog.h>
76 #include <sys/sysctl.h>
77
78 #include <kern/queue.h>
79 #include <kern/locks.h>
80
81 #include <net/if.h>
82 #include <net/if_var.h>
83 #include <net/if_dl.h>
84 #include <net/route.h>
85 #include <net/kpi_protocol.h>
86
87 #include <netinet/in.h>
88 #include <netinet/in_systm.h>
89 #include <netinet/in_var.h>
90 #include <netinet/ip.h>
91 #include <netinet/in_pcb.h>
92 #include <netinet/ip_var.h>
93 #include <netinet/ip_icmp.h>
94 #include <sys/socketvar.h>
95
96 #include <netinet/ip_fw.h>
97 #include <netinet/ip_divert.h>
98
99 #include <netinet/kpi_ipfilter_var.h>
100
101 /* needed for AUTOCONFIGURING: */
102 #include <netinet/udp.h>
103 #include <netinet/udp_var.h>
104 #include <netinet/bootp.h>
105
106 #include <sys/kdebug.h>
107
108 #define DBG_LAYER_BEG NETDBG_CODE(DBG_NETIP, 0)
109 #define DBG_LAYER_END NETDBG_CODE(DBG_NETIP, 2)
110 #define DBG_FNC_IP_INPUT NETDBG_CODE(DBG_NETIP, (2 << 8))
111
112
113 #if IPSEC
114 #include <netinet6/ipsec.h>
115 #include <netkey/key.h>
116 #endif
117
118 #include "faith.h"
119 #if defined(NFAITH) && NFAITH > 0
120 #include <net/if_types.h>
121 #endif
122
123 #if DUMMYNET
124 #include <netinet/ip_dummynet.h>
125 #endif
126
127 #if IPSEC
128 extern int ipsec_bypass;
129 extern lck_mtx_t *sadb_mutex;
130 #endif
131
132 int rsvp_on = 0;
133 static int ip_rsvp_on;
134 struct socket *ip_rsvpd;
135
136 int ipforwarding = 0;
137 SYSCTL_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW,
138 &ipforwarding, 0, "Enable IP forwarding between interfaces");
139
140 static int ipsendredirects = 1; /* XXX */
141 SYSCTL_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW,
142 &ipsendredirects, 0, "Enable sending IP redirects");
143
144 int ip_defttl = IPDEFTTL;
145 SYSCTL_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW,
146 &ip_defttl, 0, "Maximum TTL on IP packets");
147
148 static int ip_dosourceroute = 0;
149 SYSCTL_INT(_net_inet_ip, IPCTL_SOURCEROUTE, sourceroute, CTLFLAG_RW,
150 &ip_dosourceroute, 0, "Enable forwarding source routed IP packets");
151
152 static int ip_acceptsourceroute = 0;
153 SYSCTL_INT(_net_inet_ip, IPCTL_ACCEPTSOURCEROUTE, accept_sourceroute,
154 CTLFLAG_RW, &ip_acceptsourceroute, 0,
155 "Enable accepting source routed IP packets");
156
157 static int ip_keepfaith = 0;
158 SYSCTL_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
159 &ip_keepfaith, 0,
160 "Enable packet capture for FAITH IPv4->IPv6 translater daemon");
161
162 static int nipq = 0; /* total # of reass queues */
163 static int maxnipq;
164 SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragpackets, CTLFLAG_RW,
165 &maxnipq, 0,
166 "Maximum number of IPv4 fragment reassembly queue entries");
167
168 static int maxfragsperpacket;
169 SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW,
170 &maxfragsperpacket, 0,
171 "Maximum number of IPv4 fragments allowed per packet");
172
173 static int maxfrags;
174 SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfrags, CTLFLAG_RW,
175 &maxfrags, 0, "Maximum number of IPv4 fragments allowed");
176
177 static int currentfrags = 0;
178
179 /*
180 * XXX - Setting ip_checkinterface mostly implements the receive side of
181 * the Strong ES model described in RFC 1122, but since the routing table
182 * and transmit implementation do not implement the Strong ES model,
183 * setting this to 1 results in an odd hybrid.
184 *
185 * XXX - ip_checkinterface currently must be disabled if you use ipnat
186 * to translate the destination address to another local interface.
187 *
188 * XXX - ip_checkinterface must be disabled if you add IP aliases
189 * to the loopback interface instead of the interface where the
190 * packets for those addresses are received.
191 */
192 static int ip_checkinterface = 0;
193 SYSCTL_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW,
194 &ip_checkinterface, 0, "Verify packet arrives on correct interface");
195
196 #if DIAGNOSTIC
197 static int ipprintfs = 0;
198 #endif
199
200 extern struct domain inetdomain;
201 extern struct protosw inetsw[];
202 struct protosw *ip_protox[IPPROTO_MAX];
203 static int ipqmaxlen = IFQ_MAXLEN;
204 struct in_ifaddrhead in_ifaddrhead; /* first inet address */
205 struct ifqueue ipintrq;
206 SYSCTL_INT(_net_inet_ip, IPCTL_INTRQMAXLEN, intr_queue_maxlen, CTLFLAG_RW,
207 &ipintrq.ifq_maxlen, 0, "Maximum size of the IP input queue");
208 SYSCTL_INT(_net_inet_ip, IPCTL_INTRQDROPS, intr_queue_drops, CTLFLAG_RD,
209 &ipintrq.ifq_drops, 0, "Number of packets dropped from the IP input queue");
210
211 struct ipstat ipstat;
212 SYSCTL_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RD,
213 &ipstat, ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)");
214
215 /* Packet reassembly stuff */
216 #define IPREASS_NHASH_LOG2 6
217 #define IPREASS_NHASH (1 << IPREASS_NHASH_LOG2)
218 #define IPREASS_HMASK (IPREASS_NHASH - 1)
219 #define IPREASS_HASH(x,y) \
220 (((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK)
221
222 static struct ipq ipq[IPREASS_NHASH];
223 static TAILQ_HEAD(ipq_list, ipq) ipq_list =
224 TAILQ_HEAD_INITIALIZER(ipq_list);
225 const int ipintrq_present = 1;
226 lck_mtx_t *ip_mutex;
227 lck_attr_t *ip_mutex_attr;
228 lck_grp_t *ip_mutex_grp;
229 lck_grp_attr_t *ip_mutex_grp_attr;
230 lck_mtx_t *inet_domain_mutex;
231 extern lck_mtx_t *domain_proto_mtx;
232
233 #if IPCTL_DEFMTU
234 SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
235 &ip_mtu, 0, "Default MTU");
236 #endif
237
238 #if IPSTEALTH
239 static int ipstealth = 0;
240 SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW,
241 &ipstealth, 0, "");
242 #endif
243
244
245 /* Firewall hooks */
246 ip_fw_chk_t *ip_fw_chk_ptr;
247 int fw_enable = 1 ;
248 int fw_one_pass = 1;
249
250 #if DUMMYNET
251 ip_dn_io_t *ip_dn_io_ptr;
252 #endif
253
254 int (*fr_checkp)(struct ip *, int, struct ifnet *, int, struct mbuf **) = NULL;
255
256 SYSCTL_NODE(_net_inet_ip, OID_AUTO, linklocal, CTLFLAG_RW, 0, "link local");
257
258 struct ip_linklocal_stat ip_linklocal_stat;
259 SYSCTL_STRUCT(_net_inet_ip_linklocal, OID_AUTO, stat, CTLFLAG_RD,
260 &ip_linklocal_stat, ip_linklocal_stat,
261 "Number of link local packets with TTL less than 255");
262
263 SYSCTL_NODE(_net_inet_ip_linklocal, OID_AUTO, in, CTLFLAG_RW, 0, "link local input");
264
265 int ip_linklocal_in_allowbadttl = 1;
266 SYSCTL_INT(_net_inet_ip_linklocal_in, OID_AUTO, allowbadttl, CTLFLAG_RW,
267 &ip_linklocal_in_allowbadttl, 0,
268 "Allow incoming link local packets with TTL less than 255");
269
270
271 /*
272 * We need to save the IP options in case a protocol wants to respond
273 * to an incoming packet over the same route if the packet got here
274 * using IP source routing. This allows connection establishment and
275 * maintenance when the remote end is on a network that is not known
276 * to us.
277 */
278 static int ip_nhops = 0;
279 static struct ip_srcrt {
280 struct in_addr dst; /* final destination */
281 char nop; /* one NOP to align */
282 char srcopt[IPOPT_OFFSET + 1]; /* OPTVAL, OLEN and OFFSET */
283 struct in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)];
284 } ip_srcrt;
285
286 #ifdef __APPLE__
287 extern struct mbuf* m_dup(register struct mbuf *m, int how);
288 #endif
289
290 static void save_rte(u_char *, struct in_addr);
291 static int ip_dooptions(struct mbuf *, int, struct sockaddr_in *, struct route *ipforward_rt);
292 static void ip_forward(struct mbuf *, int, struct sockaddr_in *, struct route *ipforward_rt);
293 static void ip_freef(struct ipq *);
294 #if IPDIVERT
295 #ifdef IPDIVERT_44
296 static struct mbuf *ip_reass(struct mbuf *,
297 struct ipq *, struct ipq *, u_int32_t *, u_int16_t *);
298 #else
299 static struct mbuf *ip_reass(struct mbuf *,
300 struct ipq *, struct ipq *, u_int16_t *, u_int16_t *);
301 #endif
302 #else
303 static struct mbuf *ip_reass(struct mbuf *, struct ipq *, struct ipq *);
304 #endif
305 void ipintr(void);
306
307 #if RANDOM_IP_ID
308 extern u_short ip_id;
309 #endif
310
311 extern u_long route_generation;
312 extern int apple_hwcksum_rx;
313
314 /*
315 * IP initialization: fill in IP protocol switch table.
316 * All protocols not implemented in kernel go to raw IP protocol handler.
317 */
318 void
319 ip_init()
320 {
321 register struct protosw *pr;
322 register int i;
323 static ip_initialized = 0;
324 struct timeval timenow;
325
326
327 if (!ip_initialized)
328 {
329 TAILQ_INIT(&in_ifaddrhead);
330 pr = pffindproto_locked(PF_INET, IPPROTO_RAW, SOCK_RAW);
331 if (pr == 0)
332 panic("ip_init");
333 for (i = 0; i < IPPROTO_MAX; i++)
334 ip_protox[i] = pr;
335 for (pr = inetdomain.dom_protosw; pr; pr = pr->pr_next)
336 { if(!((unsigned int)pr->pr_domain)) continue; /* If uninitialized, skip */
337 if (pr->pr_domain->dom_family == PF_INET &&
338 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
339 ip_protox[pr->pr_protocol] = pr;
340 }
341 for (i = 0; i < IPREASS_NHASH; i++)
342 ipq[i].next = ipq[i].prev = &ipq[i];
343
344 maxnipq = nmbclusters / 32;
345 maxfrags = maxnipq * 2;
346 maxfragsperpacket = 128; /* enough for 64k in 512 byte fragments */
347
348 #if RANDOM_IP_ID
349 getmicrouptime(&timenow);
350 ip_id = timenow.tv_sec & 0xffff;
351 #endif
352 ipintrq.ifq_maxlen = ipqmaxlen;
353
354 ipf_init();
355
356 ip_mutex_grp_attr = lck_grp_attr_alloc_init();
357
358 ip_mutex_grp = lck_grp_alloc_init("ip", ip_mutex_grp_attr);
359
360 ip_mutex_attr = lck_attr_alloc_init();
361
362 if ((ip_mutex = lck_mtx_alloc_init(ip_mutex_grp, ip_mutex_attr)) == NULL) {
363 printf("ip_init: can't alloc ip_mutex\n");
364 return;
365 }
366
367 ip_initialized = 1;
368 }
369 }
370
371 static void
372 ip_proto_input(
373 protocol_family_t protocol,
374 mbuf_t packet)
375 {
376 ip_input(packet);
377 }
378
379 /* Initialize the PF_INET domain, and add in the pre-defined protos */
380 void
381 in_dinit()
382 { register int i;
383 register struct protosw *pr;
384 register struct domain *dp;
385 static inetdomain_initted = 0;
386 extern int in_proto_count;
387
388 if (!inetdomain_initted)
389 {
390 kprintf("Initing %d protosw entries\n", in_proto_count);
391 dp = &inetdomain;
392 dp->dom_flags = DOM_REENTRANT;
393
394 for (i=0, pr = &inetsw[0]; i<in_proto_count; i++, pr++)
395 net_add_proto(pr, dp);
396 inet_domain_mutex = dp->dom_mtx;
397 inetdomain_initted = 1;
398
399 lck_mtx_unlock(domain_proto_mtx);
400 proto_register_input(PF_INET, ip_proto_input, NULL);
401 lck_mtx_lock(domain_proto_mtx);
402 }
403 }
404
405 __private_extern__ void
406 ip_proto_dispatch_in(
407 struct mbuf *m,
408 int hlen,
409 u_int8_t proto,
410 ipfilter_t inject_ipfref)
411 {
412 struct ipfilter *filter;
413 int seen = (inject_ipfref == 0);
414 int changed_header = 0;
415 struct ip *ip;
416
417 if (!TAILQ_EMPTY(&ipv4_filters)) {
418 ipf_ref();
419 TAILQ_FOREACH(filter, &ipv4_filters, ipf_link) {
420 if (seen == 0) {
421 if ((struct ipfilter *)inject_ipfref == filter)
422 seen = 1;
423 } else if (filter->ipf_filter.ipf_input) {
424 errno_t result;
425
426 if (changed_header == 0) {
427 changed_header = 1;
428 ip = mtod(m, struct ip *);
429 ip->ip_len = htons(ip->ip_len + hlen);
430 ip->ip_off = htons(ip->ip_off);
431 ip->ip_sum = 0;
432 ip->ip_sum = in_cksum(m, hlen);
433 }
434 result = filter->ipf_filter.ipf_input(
435 filter->ipf_filter.cookie, (mbuf_t*)&m, hlen, proto);
436 if (result == EJUSTRETURN) {
437 ipf_unref();
438 return;
439 }
440 if (result != 0) {
441 ipf_unref();
442 m_freem(m);
443 return;
444 }
445 }
446 }
447 ipf_unref();
448 }
449 /*
450 * If there isn't a specific lock for the protocol
451 * we're about to call, use the generic lock for AF_INET.
452 * otherwise let the protocol deal with its own locking
453 */
454 ip = mtod(m, struct ip *);
455
456 if (changed_header) {
457 ip->ip_len = ntohs(ip->ip_len) - hlen;
458 ip->ip_off = ntohs(ip->ip_off);
459 }
460
461 if (!(ip_protox[ip->ip_p]->pr_flags & PR_PROTOLOCK)) {
462 lck_mtx_lock(inet_domain_mutex);
463 (*ip_protox[ip->ip_p]->pr_input)(m, hlen);
464 lck_mtx_unlock(inet_domain_mutex);
465 }
466 else
467 (*ip_protox[ip->ip_p]->pr_input)(m, hlen);
468
469 }
470
471 /*
472 * ipforward_rt cleared in in_addroute()
473 * when a new route is successfully created.
474 */
475 static struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET };
476
477 /*
478 * Ip input routine. Checksum and byte swap header. If fragmented
479 * try to reassemble. Process options. Pass to next level.
480 */
481 void
482 ip_input(struct mbuf *m)
483 {
484 struct ip *ip;
485 struct ipq *fp;
486 struct in_ifaddr *ia = NULL;
487 int i, hlen, mff, checkif;
488 u_short sum;
489 struct in_addr pkt_dst;
490 u_int32_t div_info = 0; /* packet divert/tee info */
491 struct ip_fw_args args;
492 ipfilter_t inject_filter_ref = 0;
493 struct m_tag *tag;
494 struct route ipforward_rt = { 0 };
495
496 lck_mtx_lock(ip_mutex);
497
498 args.eh = NULL;
499 args.oif = NULL;
500 args.rule = NULL;
501 args.divert_rule = 0; /* divert cookie */
502 args.next_hop = NULL;
503
504 /* Grab info from mtags prepended to the chain */
505 #if DUMMYNET
506 if ((tag = m_tag_locate(m, KERNEL_MODULE_TAG_ID, KERNEL_TAG_TYPE_DUMMYNET, NULL)) != NULL) {
507 struct dn_pkt_tag *dn_tag;
508
509 dn_tag = (struct dn_pkt_tag *)(tag+1);
510 args.rule = dn_tag->rule;
511
512 m_tag_delete(m, tag);
513 }
514 #endif /* DUMMYNET */
515
516 if ((tag = m_tag_locate(m, KERNEL_MODULE_TAG_ID, KERNEL_TAG_TYPE_DIVERT, NULL)) != NULL) {
517 struct divert_tag *div_tag;
518
519 div_tag = (struct divert_tag *)(tag+1);
520 args.divert_rule = div_tag->cookie;
521
522 m_tag_delete(m, tag);
523 }
524 if ((tag = m_tag_locate(m, KERNEL_MODULE_TAG_ID, KERNEL_TAG_TYPE_IPFORWARD, NULL)) != NULL) {
525 struct ip_fwd_tag *ipfwd_tag;
526
527 ipfwd_tag = (struct ip_fwd_tag *)(tag+1);
528 args.next_hop = ipfwd_tag->next_hop;
529
530 m_tag_delete(m, tag);
531 }
532
533 #if DIAGNOSTIC
534 if (m == NULL || (m->m_flags & M_PKTHDR) == 0)
535 panic("ip_input no HDR");
536 #endif
537
538 if (args.rule) { /* dummynet already filtered us */
539 ip = mtod(m, struct ip *);
540 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
541 inject_filter_ref = ipf_get_inject_filter(m);
542 goto iphack ;
543 }
544
545 /*
546 * No need to proccess packet twice if we've
547 * already seen it
548 */
549 inject_filter_ref = ipf_get_inject_filter(m);
550 if (inject_filter_ref != 0) {
551 lck_mtx_unlock(ip_mutex);
552 ip = mtod(m, struct ip *);
553 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
554 ip->ip_len = ntohs(ip->ip_len) - hlen;
555 ip->ip_off = ntohs(ip->ip_off);
556 ip_proto_dispatch_in(m, hlen, ip->ip_p, inject_filter_ref);
557 return;
558 }
559
560 ipstat.ips_total++;
561
562 if (m->m_pkthdr.len < sizeof(struct ip))
563 goto tooshort;
564
565 if (m->m_len < sizeof (struct ip) &&
566 (m = m_pullup(m, sizeof (struct ip))) == 0) {
567 ipstat.ips_toosmall++;
568 lck_mtx_unlock(ip_mutex);
569 return;
570 }
571 ip = mtod(m, struct ip *);
572
573 KERNEL_DEBUG(DBG_LAYER_BEG, ip->ip_dst.s_addr,
574 ip->ip_src.s_addr, ip->ip_p, ip->ip_off, ip->ip_len);
575
576 if (IP_VHL_V(ip->ip_vhl) != IPVERSION) {
577 ipstat.ips_badvers++;
578 goto bad;
579 }
580
581 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
582 if (hlen < sizeof(struct ip)) { /* minimum header length */
583 ipstat.ips_badhlen++;
584 goto bad;
585 }
586 if (hlen > m->m_len) {
587 if ((m = m_pullup(m, hlen)) == 0) {
588 ipstat.ips_badhlen++;
589 lck_mtx_unlock(ip_mutex);
590 return;
591 }
592 ip = mtod(m, struct ip *);
593 }
594
595 /* 127/8 must not appear on wire - RFC1122 */
596 if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
597 (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
598 if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) {
599 ipstat.ips_badaddr++;
600 goto bad;
601 }
602 }
603
604 /* IPv4 Link-Local Addresses as defined in <draft-ietf-zeroconf-ipv4-linklocal-05.txt> */
605 if ((IN_LINKLOCAL(ntohl(ip->ip_dst.s_addr)) ||
606 IN_LINKLOCAL(ntohl(ip->ip_src.s_addr)))) {
607 ip_linklocal_stat.iplls_in_total++;
608 if (ip->ip_ttl != MAXTTL) {
609 ip_linklocal_stat.iplls_in_badttl++;
610 /* Silently drop link local traffic with bad TTL */
611 if (!ip_linklocal_in_allowbadttl)
612 goto bad;
613 }
614 }
615 if ((IF_HWASSIST_CSUM_FLAGS(m->m_pkthdr.rcvif->if_hwassist) == 0)
616 || (apple_hwcksum_rx == 0) ||
617 ((m->m_pkthdr.csum_flags & CSUM_TCP_SUM16) && ip->ip_p != IPPROTO_TCP)) {
618 m->m_pkthdr.csum_flags = 0; /* invalidate HW generated checksum flags */
619 }
620
621 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
622 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
623 } else {
624 sum = in_cksum(m, hlen);
625 }
626 if (sum) {
627 ipstat.ips_badsum++;
628 goto bad;
629 }
630
631 /*
632 * Convert fields to host representation.
633 */
634 NTOHS(ip->ip_len);
635 if (ip->ip_len < hlen) {
636 ipstat.ips_badlen++;
637 goto bad;
638 }
639 NTOHS(ip->ip_off);
640
641 /*
642 * Check that the amount of data in the buffers
643 * is as at least much as the IP header would have us expect.
644 * Trim mbufs if longer than we expect.
645 * Drop packet if shorter than we expect.
646 */
647 if (m->m_pkthdr.len < ip->ip_len) {
648 tooshort:
649 ipstat.ips_tooshort++;
650 goto bad;
651 }
652 if (m->m_pkthdr.len > ip->ip_len) {
653 /* Invalidate hwcksuming */
654 m->m_pkthdr.csum_flags = 0;
655 m->m_pkthdr.csum_data = 0;
656
657 if (m->m_len == m->m_pkthdr.len) {
658 m->m_len = ip->ip_len;
659 m->m_pkthdr.len = ip->ip_len;
660 } else
661 m_adj(m, ip->ip_len - m->m_pkthdr.len);
662 }
663
664 #if IPSEC
665 if (ipsec_bypass == 0 && ipsec_gethist(m, NULL))
666 goto pass;
667 #endif
668
669 /*
670 * IpHack's section.
671 * Right now when no processing on packet has done
672 * and it is still fresh out of network we do our black
673 * deals with it.
674 * - Firewall: deny/allow/divert
675 * - Xlate: translate packet's addr/port (NAT).
676 * - Pipe: pass pkt through dummynet.
677 * - Wrap: fake packet's addr/port <unimpl.>
678 * - Encapsulate: put it in another IP and send out. <unimp.>
679 */
680
681 #if defined(IPFIREWALL) && defined(DUMMYNET)
682 iphack:
683 #endif
684 /*
685 * Check if we want to allow this packet to be processed.
686 * Consider it to be bad if not.
687 */
688 if (fr_checkp) {
689 struct mbuf *m1 = m;
690
691 if (fr_checkp(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1) {
692 lck_mtx_unlock(ip_mutex);
693 return;
694 }
695 ip = mtod(m = m1, struct ip *);
696 }
697 if (fw_enable && IPFW_LOADED) {
698 #if IPFIREWALL_FORWARD
699 /*
700 * If we've been forwarded from the output side, then
701 * skip the firewall a second time
702 */
703 if (args.next_hop)
704 goto ours;
705 #endif /* IPFIREWALL_FORWARD */
706
707 args.m = m;
708 lck_mtx_unlock(ip_mutex);
709
710 i = ip_fw_chk_ptr(&args);
711 m = args.m;
712
713 if ( (i & IP_FW_PORT_DENY_FLAG) || m == NULL) { /* drop */
714 if (m)
715 m_freem(m);
716 return;
717 }
718 ip = mtod(m, struct ip *); /* just in case m changed */
719 if (i == 0 && args.next_hop == NULL) { /* common case */
720 lck_mtx_lock(ip_mutex);
721 goto pass;
722 }
723 #if DUMMYNET
724 if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG) != 0) {
725 /* Send packet to the appropriate pipe */
726 ip_dn_io_ptr(m, i&0xffff, DN_TO_IP_IN, &args);
727 return;
728 }
729 #endif /* DUMMYNET */
730 #if IPDIVERT
731 if (i != 0 && (i & IP_FW_PORT_DYNT_FLAG) == 0) {
732 /* Divert or tee packet */
733 lck_mtx_lock(ip_mutex);
734 div_info = i;
735 goto ours;
736 }
737 #endif
738 #if IPFIREWALL_FORWARD
739 if (i == 0 && args.next_hop != NULL) {
740 lck_mtx_lock(ip_mutex);
741 goto pass;
742 }
743 #endif
744 /*
745 * if we get here, the packet must be dropped
746 */
747 m_freem(m);
748 return;
749 }
750 pass:
751
752 /*
753 * Process options and, if not destined for us,
754 * ship it on. ip_dooptions returns 1 when an
755 * error was detected (causing an icmp message
756 * to be sent and the original packet to be freed).
757 */
758 ip_nhops = 0; /* for source routed packets */
759 if (hlen > sizeof (struct ip) && ip_dooptions(m, 0, args.next_hop, &ipforward_rt)) {
760 lck_mtx_unlock(ip_mutex);
761 return;
762 }
763
764 /* greedy RSVP, snatches any PATH packet of the RSVP protocol and no
765 * matter if it is destined to another node, or whether it is
766 * a multicast one, RSVP wants it! and prevents it from being forwarded
767 * anywhere else. Also checks if the rsvp daemon is running before
768 * grabbing the packet.
769 */
770 if (rsvp_on && ip->ip_p==IPPROTO_RSVP)
771 goto ours;
772
773 /*
774 * Check our list of addresses, to see if the packet is for us.
775 * If we don't have any addresses, assume any unicast packet
776 * we receive might be for us (and let the upper layers deal
777 * with it).
778 */
779 if (TAILQ_EMPTY(&in_ifaddrhead) &&
780 (m->m_flags & (M_MCAST|M_BCAST)) == 0)
781 goto ours;
782
783 /*
784 * Cache the destination address of the packet; this may be
785 * changed by use of 'ipfw fwd'.
786 */
787 pkt_dst = args.next_hop == NULL ?
788 ip->ip_dst : args.next_hop->sin_addr;
789
790 /*
791 * Enable a consistency check between the destination address
792 * and the arrival interface for a unicast packet (the RFC 1122
793 * strong ES model) if IP forwarding is disabled and the packet
794 * is not locally generated and the packet is not subject to
795 * 'ipfw fwd'.
796 *
797 * XXX - Checking also should be disabled if the destination
798 * address is ipnat'ed to a different interface.
799 *
800 * XXX - Checking is incompatible with IP aliases added
801 * to the loopback interface instead of the interface where
802 * the packets are received.
803 */
804 checkif = ip_checkinterface && (ipforwarding == 0) &&
805 ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) &&
806 (args.next_hop == NULL);
807
808 lck_mtx_lock(rt_mtx);
809 TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) {
810 #define satosin(sa) ((struct sockaddr_in *)(sa))
811
812 if (IA_SIN(ia)->sin_addr.s_addr == INADDR_ANY) {
813 lck_mtx_unlock(rt_mtx);
814 goto ours;
815 }
816
817 /*
818 * If the address matches, verify that the packet
819 * arrived via the correct interface if checking is
820 * enabled.
821 */
822 if (IA_SIN(ia)->sin_addr.s_addr == pkt_dst.s_addr &&
823 (!checkif || ia->ia_ifp == m->m_pkthdr.rcvif)) {
824 lck_mtx_unlock(rt_mtx);
825 goto ours;
826 }
827 /*
828 * Only accept broadcast packets that arrive via the
829 * matching interface. Reception of forwarded directed
830 * broadcasts would be handled via ip_forward() and
831 * ether_output() with the loopback into the stack for
832 * SIMPLEX interfaces handled by ether_output().
833 */
834 if ((!checkif || ia->ia_ifp == m->m_pkthdr.rcvif) &&
835 ia->ia_ifp && ia->ia_ifp->if_flags & IFF_BROADCAST) {
836 if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
837 pkt_dst.s_addr) {
838 lck_mtx_unlock(rt_mtx);
839 goto ours;
840 }
841 if (ia->ia_netbroadcast.s_addr == pkt_dst.s_addr) {
842 lck_mtx_unlock(rt_mtx);
843 goto ours;
844 }
845 }
846 }
847 lck_mtx_unlock(rt_mtx);
848 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
849 struct in_multi *inm;
850 if (ip_mrouter) {
851 /*
852 * If we are acting as a multicast router, all
853 * incoming multicast packets are passed to the
854 * kernel-level multicast forwarding function.
855 * The packet is returned (relatively) intact; if
856 * ip_mforward() returns a non-zero value, the packet
857 * must be discarded, else it may be accepted below.
858 */
859 if (ip_mforward &&
860 ip_mforward(ip, m->m_pkthdr.rcvif, m, 0) != 0) {
861 ipstat.ips_cantforward++;
862 m_freem(m);
863 lck_mtx_unlock(ip_mutex);
864 return;
865 }
866
867 /*
868 * The process-level routing daemon needs to receive
869 * all multicast IGMP packets, whether or not this
870 * host belongs to their destination groups.
871 */
872 if (ip->ip_p == IPPROTO_IGMP)
873 goto ours;
874 ipstat.ips_forward++;
875 }
876 /*
877 * See if we belong to the destination multicast group on the
878 * arrival interface.
879 */
880 IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);
881 if (inm == NULL) {
882 ipstat.ips_notmember++;
883 m_freem(m);
884 lck_mtx_unlock(ip_mutex);
885 return;
886 }
887 goto ours;
888 }
889 if (ip->ip_dst.s_addr == (u_long)INADDR_BROADCAST)
890 goto ours;
891 if (ip->ip_dst.s_addr == INADDR_ANY)
892 goto ours;
893
894 /* Allow DHCP/BootP responses through */
895 if (m->m_pkthdr.rcvif != NULL
896 && (m->m_pkthdr.rcvif->if_eflags & IFEF_AUTOCONFIGURING)
897 && hlen == sizeof(struct ip)
898 && ip->ip_p == IPPROTO_UDP) {
899 struct udpiphdr *ui;
900 if (m->m_len < sizeof(struct udpiphdr)
901 && (m = m_pullup(m, sizeof(struct udpiphdr))) == 0) {
902 udpstat.udps_hdrops++;
903 lck_mtx_unlock(ip_mutex);
904 return;
905 }
906 ui = mtod(m, struct udpiphdr *);
907 if (ntohs(ui->ui_dport) == IPPORT_BOOTPC) {
908 goto ours;
909 }
910 ip = mtod(m, struct ip *); /* in case it changed */
911 }
912
913 #if defined(NFAITH) && 0 < NFAITH
914 /*
915 * FAITH(Firewall Aided Internet Translator)
916 */
917 if (m->m_pkthdr.rcvif && m->m_pkthdr.rcvif->if_type == IFT_FAITH) {
918 if (ip_keepfaith) {
919 if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_ICMP)
920 goto ours;
921 }
922 m_freem(m);
923 lck_mtx_unlock(ip_mutex);
924 return;
925 }
926 #endif
927 lck_mtx_unlock(ip_mutex);
928 /*
929 * Not for us; forward if possible and desirable.
930 */
931 if (ipforwarding == 0) {
932 ipstat.ips_cantforward++;
933 m_freem(m);
934 } else {
935 ip_forward(m, 0, args.next_hop, &ipforward_rt);
936 }
937 return;
938
939 ours:
940 #ifndef __APPLE__
941 /* Darwin does not have an if_data in ifaddr */
942 /* Count the packet in the ip address stats */
943 if (ia != NULL) {
944 ia->ia_ifa.if_ipackets++;
945 ia->ia_ifa.if_ibytes += m->m_pkthdr.len;
946 }
947 #endif
948
949 /*
950 * If offset or IP_MF are set, must reassemble.
951 * Otherwise, nothing need be done.
952 * (We could look in the reassembly queue to see
953 * if the packet was previously fragmented,
954 * but it's not worth the time; just let them time out.)
955 */
956 if (ip->ip_off & (IP_MF | IP_OFFMASK | IP_RF)) {
957
958 /* If maxnipq is 0, never accept fragments. */
959 if (maxnipq == 0) {
960 ipstat.ips_fragments++;
961 ipstat.ips_fragdropped++;
962 goto bad;
963 }
964
965 /*
966 * If we will exceed the number of fragments in queues, timeout the
967 * oldest fragemented packet to make space.
968 */
969 if (currentfrags >= maxfrags) {
970 fp = TAILQ_LAST(&ipq_list, ipq_list);
971 ipstat.ips_fragtimeout += fp->ipq_nfrags;
972
973 if (ip->ip_id == fp->ipq_id &&
974 ip->ip_src.s_addr == fp->ipq_src.s_addr &&
975 ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
976 ip->ip_p == fp->ipq_p) {
977 /*
978 * If we match the fragment queue we were going to
979 * discard, drop this packet too.
980 */
981 ipstat.ips_fragdropped++;
982 ip_freef(fp);
983 goto bad;
984 }
985
986 ip_freef(fp);
987 }
988
989 sum = IPREASS_HASH(ip->ip_src.s_addr, ip->ip_id);
990 /*
991 * Look for queue of fragments
992 * of this datagram.
993 */
994 for (fp = ipq[sum].next; fp != &ipq[sum]; fp = fp->next)
995 if (ip->ip_id == fp->ipq_id &&
996 ip->ip_src.s_addr == fp->ipq_src.s_addr &&
997 ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
998 ip->ip_p == fp->ipq_p)
999 goto found;
1000
1001 /*
1002 * Enforce upper bound on number of fragmented packets
1003 * for which we attempt reassembly;
1004 * If maxnipq is -1, accept all fragments without limitation.
1005 */
1006 if ((nipq > maxnipq) && (maxnipq > 0)) {
1007 /*
1008 * drop the oldest fragment before proceeding further
1009 */
1010 fp = TAILQ_LAST(&ipq_list, ipq_list);
1011 ipstat.ips_fragtimeout += fp->ipq_nfrags;
1012 ip_freef(fp);
1013 }
1014
1015 fp = NULL;
1016
1017 found:
1018 /*
1019 * Adjust ip_len to not reflect header,
1020 * convert offset of this to bytes.
1021 */
1022 ip->ip_len -= hlen;
1023 if (ip->ip_off & IP_MF) {
1024 /*
1025 * Make sure that fragments have a data length
1026 * that's a non-zero multiple of 8 bytes.
1027 */
1028 if (ip->ip_len == 0 || (ip->ip_len & 0x7) != 0) {
1029 ipstat.ips_toosmall++; /* XXX */
1030 goto bad;
1031 }
1032 m->m_flags |= M_FRAG;
1033 } else {
1034 /* Clear the flag in case packet comes from loopback */
1035 m->m_flags &= ~M_FRAG;
1036 }
1037 ip->ip_off <<= 3;
1038
1039 /*
1040 * Attempt reassembly; if it succeeds, proceed.
1041 * ip_reass() will return a different mbuf, and update
1042 * the divert info in div_info and args.divert_rule.
1043 */
1044 ipstat.ips_fragments++;
1045 m->m_pkthdr.header = ip;
1046 #if IPDIVERT
1047 m = ip_reass(m,
1048 fp, &ipq[sum], &div_info, &args.divert_rule);
1049 #else
1050 m = ip_reass(m, fp, &ipq[sum]);
1051 #endif
1052 if (m == 0) {
1053 lck_mtx_unlock(ip_mutex);
1054 return;
1055 }
1056 ipstat.ips_reassembled++;
1057 ip = mtod(m, struct ip *);
1058 /* Get the header length of the reassembled packet */
1059 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
1060 #if IPDIVERT
1061 /* Restore original checksum before diverting packet */
1062 if (div_info != 0) {
1063 ip->ip_len += hlen;
1064 HTONS(ip->ip_len);
1065 HTONS(ip->ip_off);
1066 ip->ip_sum = 0;
1067 ip->ip_sum = in_cksum(m, hlen);
1068 NTOHS(ip->ip_off);
1069 NTOHS(ip->ip_len);
1070 ip->ip_len -= hlen;
1071 }
1072 #endif
1073 } else
1074 ip->ip_len -= hlen;
1075
1076 #if IPDIVERT
1077 /*
1078 * Divert or tee packet to the divert protocol if required.
1079 *
1080 * If div_info is zero then cookie should be too, so we shouldn't
1081 * need to clear them here. Assume divert_packet() does so also.
1082 */
1083 if (div_info != 0) {
1084 struct mbuf *clone = NULL;
1085
1086 /* Clone packet if we're doing a 'tee' */
1087 if ((div_info & IP_FW_PORT_TEE_FLAG) != 0)
1088 clone = m_dup(m, M_DONTWAIT);
1089
1090 /* Restore packet header fields to original values */
1091 ip->ip_len += hlen;
1092 HTONS(ip->ip_len);
1093 HTONS(ip->ip_off);
1094
1095 /* Deliver packet to divert input routine */
1096 ipstat.ips_delivered++;
1097 lck_mtx_unlock(ip_mutex);
1098 divert_packet(m, 1, div_info & 0xffff, args.divert_rule);
1099
1100 /* If 'tee', continue with original packet */
1101 if (clone == NULL) {
1102 return;
1103 }
1104 lck_mtx_lock(ip_mutex);
1105 m = clone;
1106 ip = mtod(m, struct ip *);
1107 }
1108 #endif
1109
1110 #if IPSEC
1111 /*
1112 * enforce IPsec policy checking if we are seeing last header.
1113 * note that we do not visit this with protocols with pcb layer
1114 * code - like udp/tcp/raw ip.
1115 */
1116 if (ipsec_bypass == 0 && (ip_protox[ip->ip_p]->pr_flags & PR_LASTHDR) != 0) {
1117 lck_mtx_lock(sadb_mutex);
1118 if (ipsec4_in_reject(m, NULL)) {
1119 ipsecstat.in_polvio++;
1120 lck_mtx_unlock(sadb_mutex);
1121 goto bad;
1122 }
1123 lck_mtx_unlock(sadb_mutex);
1124 }
1125 #endif
1126
1127 /*
1128 * Switch out to protocol's input routine.
1129 */
1130 ipstat.ips_delivered++;
1131 {
1132 if (args.next_hop && ip->ip_p == IPPROTO_TCP) {
1133 /* TCP needs IPFORWARD info if available */
1134 struct m_tag *fwd_tag;
1135 struct ip_fwd_tag *ipfwd_tag;
1136
1137 fwd_tag = m_tag_alloc(KERNEL_MODULE_TAG_ID, KERNEL_TAG_TYPE_IPFORWARD,
1138 sizeof(struct sockaddr_in), M_NOWAIT);
1139 if (fwd_tag == NULL) {
1140 goto bad;
1141 }
1142
1143 ipfwd_tag = (struct ip_fwd_tag *)(fwd_tag+1);
1144 ipfwd_tag->next_hop = args.next_hop;
1145
1146 m_tag_prepend(m, fwd_tag);
1147
1148 KERNEL_DEBUG(DBG_LAYER_END, ip->ip_dst.s_addr,
1149 ip->ip_src.s_addr, ip->ip_p, ip->ip_off, ip->ip_len);
1150
1151 lck_mtx_unlock(ip_mutex);
1152
1153 /* TCP deals with its own locking */
1154 ip_proto_dispatch_in(m, hlen, ip->ip_p, 0);
1155 } else {
1156 KERNEL_DEBUG(DBG_LAYER_END, ip->ip_dst.s_addr,
1157 ip->ip_src.s_addr, ip->ip_p, ip->ip_off, ip->ip_len);
1158
1159 lck_mtx_unlock(ip_mutex);
1160 ip_proto_dispatch_in(m, hlen, ip->ip_p, 0);
1161 }
1162
1163 return;
1164 }
1165 bad:
1166 KERNEL_DEBUG(DBG_LAYER_END, 0,0,0,0,0);
1167 lck_mtx_unlock(ip_mutex);
1168 m_freem(m);
1169 }
1170
1171 /*
1172 * Take incoming datagram fragment and try to reassemble it into
1173 * whole datagram. If a chain for reassembly of this datagram already
1174 * exists, then it is given as fp; otherwise have to make a chain.
1175 *
1176 * When IPDIVERT enabled, keep additional state with each packet that
1177 * tells us if we need to divert or tee the packet we're building.
1178 */
1179
1180 static struct mbuf *
1181 #if IPDIVERT
1182 ip_reass(m, fp, where, divinfo, divcookie)
1183 #else
1184 ip_reass(m, fp, where)
1185 #endif
1186 register struct mbuf *m;
1187 register struct ipq *fp;
1188 struct ipq *where;
1189 #if IPDIVERT
1190 #ifdef IPDIVERT_44
1191 u_int32_t *divinfo;
1192 #else
1193 u_int16_t *divinfo;
1194 #endif
1195 u_int16_t *divcookie;
1196 #endif
1197 {
1198 struct ip *ip = mtod(m, struct ip *);
1199 register struct mbuf *p = 0, *q, *nq;
1200 struct mbuf *t;
1201 int hlen = IP_VHL_HL(ip->ip_vhl) << 2;
1202 int i, next;
1203
1204 /*
1205 * Presence of header sizes in mbufs
1206 * would confuse code below.
1207 */
1208 m->m_data += hlen;
1209 m->m_len -= hlen;
1210
1211 if (m->m_pkthdr.csum_flags & CSUM_TCP_SUM16)
1212 m->m_pkthdr.csum_flags = 0;
1213 /*
1214 * If first fragment to arrive, create a reassembly queue.
1215 */
1216 if (fp == 0) {
1217 if ((t = m_get(M_DONTWAIT, MT_FTABLE)) == NULL)
1218 goto dropfrag;
1219 fp = mtod(t, struct ipq *);
1220 insque((void*)fp, (void*)where);
1221 nipq++;
1222 fp->ipq_nfrags = 1;
1223 fp->ipq_ttl = IPFRAGTTL;
1224 fp->ipq_p = ip->ip_p;
1225 fp->ipq_id = ip->ip_id;
1226 fp->ipq_src = ip->ip_src;
1227 fp->ipq_dst = ip->ip_dst;
1228 fp->ipq_frags = m;
1229 m->m_nextpkt = NULL;
1230 #if IPDIVERT
1231 #ifdef IPDIVERT_44
1232 fp->ipq_div_info = 0;
1233 #else
1234 fp->ipq_divert = 0;
1235 #endif
1236 fp->ipq_div_cookie = 0;
1237 #endif
1238 TAILQ_INSERT_HEAD(&ipq_list, fp, ipq_list);
1239 goto inserted;
1240 } else {
1241 fp->ipq_nfrags++;
1242 }
1243
1244 #define GETIP(m) ((struct ip*)((m)->m_pkthdr.header))
1245
1246 /*
1247 * Find a segment which begins after this one does.
1248 */
1249 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt)
1250 if (GETIP(q)->ip_off > ip->ip_off)
1251 break;
1252
1253 /*
1254 * If there is a preceding segment, it may provide some of
1255 * our data already. If so, drop the data from the incoming
1256 * segment. If it provides all of our data, drop us, otherwise
1257 * stick new segment in the proper place.
1258 *
1259 * If some of the data is dropped from the the preceding
1260 * segment, then it's checksum is invalidated.
1261 */
1262 if (p) {
1263 i = GETIP(p)->ip_off + GETIP(p)->ip_len - ip->ip_off;
1264 if (i > 0) {
1265 if (i >= ip->ip_len)
1266 goto dropfrag;
1267 m_adj(m, i);
1268 m->m_pkthdr.csum_flags = 0;
1269 ip->ip_off += i;
1270 ip->ip_len -= i;
1271 }
1272 m->m_nextpkt = p->m_nextpkt;
1273 p->m_nextpkt = m;
1274 } else {
1275 m->m_nextpkt = fp->ipq_frags;
1276 fp->ipq_frags = m;
1277 }
1278
1279 /*
1280 * While we overlap succeeding segments trim them or,
1281 * if they are completely covered, dequeue them.
1282 */
1283 for (; q != NULL && ip->ip_off + ip->ip_len > GETIP(q)->ip_off;
1284 q = nq) {
1285 i = (ip->ip_off + ip->ip_len) -
1286 GETIP(q)->ip_off;
1287 if (i < GETIP(q)->ip_len) {
1288 GETIP(q)->ip_len -= i;
1289 GETIP(q)->ip_off += i;
1290 m_adj(q, i);
1291 q->m_pkthdr.csum_flags = 0;
1292 break;
1293 }
1294 nq = q->m_nextpkt;
1295 m->m_nextpkt = nq;
1296 ipstat.ips_fragdropped++;
1297 fp->ipq_nfrags--;
1298 m_freem(q);
1299 }
1300
1301 inserted:
1302 currentfrags++;
1303
1304 #if IPDIVERT
1305 /*
1306 * Transfer firewall instructions to the fragment structure.
1307 * Only trust info in the fragment at offset 0.
1308 */
1309 if (ip->ip_off == 0) {
1310 #ifdef IPDIVERT_44
1311 fp->ipq_div_info = *divinfo;
1312 #else
1313 fp->ipq_divert = *divinfo;
1314 #endif
1315 fp->ipq_div_cookie = *divcookie;
1316 }
1317 *divinfo = 0;
1318 *divcookie = 0;
1319 #endif
1320
1321 /*
1322 * Check for complete reassembly and perform frag per packet
1323 * limiting.
1324 *
1325 * Frag limiting is performed here so that the nth frag has
1326 * a chance to complete the packet before we drop the packet.
1327 * As a result, n+1 frags are actually allowed per packet, but
1328 * only n will ever be stored. (n = maxfragsperpacket.)
1329 *
1330 */
1331 next = 0;
1332 for (p = NULL, q = fp->ipq_frags; q; p = q, q = q->m_nextpkt) {
1333 if (GETIP(q)->ip_off != next) {
1334 if (fp->ipq_nfrags > maxfragsperpacket) {
1335 ipstat.ips_fragdropped += fp->ipq_nfrags;
1336 ip_freef(fp);
1337 }
1338 return (0);
1339 }
1340 next += GETIP(q)->ip_len;
1341 }
1342 /* Make sure the last packet didn't have the IP_MF flag */
1343 if (p->m_flags & M_FRAG) {
1344 if (fp->ipq_nfrags > maxfragsperpacket) {
1345 ipstat.ips_fragdropped += fp->ipq_nfrags;
1346 ip_freef(fp);
1347 }
1348 return (0);
1349 }
1350
1351 /*
1352 * Reassembly is complete. Make sure the packet is a sane size.
1353 */
1354 q = fp->ipq_frags;
1355 ip = GETIP(q);
1356 if (next + (IP_VHL_HL(ip->ip_vhl) << 2) > IP_MAXPACKET) {
1357 ipstat.ips_toolong++;
1358 ipstat.ips_fragdropped += fp->ipq_nfrags;
1359 ip_freef(fp);
1360 return (0);
1361 }
1362
1363 /*
1364 * Concatenate fragments.
1365 */
1366 m = q;
1367 t = m->m_next;
1368 m->m_next = 0;
1369 m_cat(m, t);
1370 nq = q->m_nextpkt;
1371 q->m_nextpkt = 0;
1372 for (q = nq; q != NULL; q = nq) {
1373 nq = q->m_nextpkt;
1374 q->m_nextpkt = NULL;
1375 if (q->m_pkthdr.csum_flags & CSUM_TCP_SUM16)
1376 m->m_pkthdr.csum_flags = 0;
1377 else {
1378 m->m_pkthdr.csum_flags &= q->m_pkthdr.csum_flags;
1379 m->m_pkthdr.csum_data += q->m_pkthdr.csum_data;
1380 }
1381 m_cat(m, q);
1382 }
1383
1384 #if IPDIVERT
1385 /*
1386 * Extract firewall instructions from the fragment structure.
1387 */
1388 #ifdef IPDIVERT_44
1389 *divinfo = fp->ipq_div_info;
1390 #else
1391 *divinfo = fp->ipq_divert;
1392 #endif
1393 *divcookie = fp->ipq_div_cookie;
1394 #endif
1395
1396 /*
1397 * Create header for new ip packet by
1398 * modifying header of first packet;
1399 * dequeue and discard fragment reassembly header.
1400 * Make header visible.
1401 */
1402 ip->ip_len = next;
1403 ip->ip_src = fp->ipq_src;
1404 ip->ip_dst = fp->ipq_dst;
1405 remque((void*)fp);
1406 TAILQ_REMOVE(&ipq_list, fp, ipq_list);
1407 currentfrags -= fp->ipq_nfrags;
1408 nipq--;
1409 (void) m_free(dtom(fp));
1410 m->m_len += (IP_VHL_HL(ip->ip_vhl) << 2);
1411 m->m_data -= (IP_VHL_HL(ip->ip_vhl) << 2);
1412 /* some debugging cruft by sklower, below, will go away soon */
1413 if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */
1414 register int plen = 0;
1415 for (t = m; t; t = t->m_next)
1416 plen += t->m_len;
1417 m->m_pkthdr.len = plen;
1418 }
1419 return (m);
1420
1421 dropfrag:
1422 #if IPDIVERT
1423 *divinfo = 0;
1424 *divcookie = 0;
1425 #endif
1426 ipstat.ips_fragdropped++;
1427 if (fp != 0)
1428 fp->ipq_nfrags--;
1429 m_freem(m);
1430 return (0);
1431
1432 #undef GETIP
1433 }
1434
1435 /*
1436 * Free a fragment reassembly header and all
1437 * associated datagrams.
1438 */
1439 static void
1440 ip_freef(fp)
1441 struct ipq *fp;
1442 {
1443 currentfrags -= fp->ipq_nfrags;
1444 m_freem_list(fp->ipq_frags);
1445 remque((void*)fp);
1446 TAILQ_REMOVE(&ipq_list, fp, ipq_list);
1447 (void) m_free(dtom(fp));
1448 nipq--;
1449 }
1450
1451 /*
1452 * IP timer processing;
1453 * if a timer expires on a reassembly
1454 * queue, discard it.
1455 */
1456 void
1457 ip_slowtimo()
1458 {
1459 register struct ipq *fp;
1460 int i;
1461 lck_mtx_lock(ip_mutex);
1462 for (i = 0; i < IPREASS_NHASH; i++) {
1463 fp = ipq[i].next;
1464 if (fp == 0)
1465 continue;
1466 while (fp != &ipq[i]) {
1467 --fp->ipq_ttl;
1468 fp = fp->next;
1469 if (fp->prev->ipq_ttl == 0) {
1470 ipstat.ips_fragtimeout += fp->prev->ipq_nfrags;
1471 ip_freef(fp->prev);
1472 }
1473 }
1474 }
1475 /*
1476 * If we are over the maximum number of fragments
1477 * (due to the limit being lowered), drain off
1478 * enough to get down to the new limit.
1479 */
1480 if (maxnipq >= 0 && nipq > maxnipq) {
1481 for (i = 0; i < IPREASS_NHASH; i++) {
1482 while (nipq > maxnipq &&
1483 (ipq[i].next != &ipq[i])) {
1484 ipstat.ips_fragdropped +=
1485 ipq[i].next->ipq_nfrags;
1486 ip_freef(ipq[i].next);
1487 }
1488 }
1489 }
1490 ipflow_slowtimo();
1491 lck_mtx_unlock(ip_mutex);
1492 }
1493
1494 /*
1495 * Drain off all datagram fragments.
1496 */
1497 void
1498 ip_drain()
1499 {
1500 int i;
1501
1502 lck_mtx_lock(ip_mutex);
1503 for (i = 0; i < IPREASS_NHASH; i++) {
1504 while (ipq[i].next != &ipq[i]) {
1505 ipstat.ips_fragdropped += ipq[i].next->ipq_nfrags;
1506 ip_freef(ipq[i].next);
1507 }
1508 }
1509 lck_mtx_unlock(ip_mutex);
1510 in_rtqdrain();
1511 }
1512
1513 /*
1514 * Do option processing on a datagram,
1515 * possibly discarding it if bad options are encountered,
1516 * or forwarding it if source-routed.
1517 * The pass argument is used when operating in the IPSTEALTH
1518 * mode to tell what options to process:
1519 * [LS]SRR (pass 0) or the others (pass 1).
1520 * The reason for as many as two passes is that when doing IPSTEALTH,
1521 * non-routing options should be processed only if the packet is for us.
1522 * Returns 1 if packet has been forwarded/freed,
1523 * 0 if the packet should be processed further.
1524 */
1525 static int
1526 ip_dooptions(struct mbuf *m, int pass, struct sockaddr_in *next_hop, struct route *ipforward_rt)
1527 {
1528 register struct ip *ip = mtod(m, struct ip *);
1529 register u_char *cp;
1530 register struct ip_timestamp *ipt;
1531 register struct in_ifaddr *ia;
1532 int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0;
1533 struct in_addr *sin, dst;
1534 n_time ntime;
1535
1536 dst = ip->ip_dst;
1537 cp = (u_char *)(ip + 1);
1538 cnt = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof (struct ip);
1539 for (; cnt > 0; cnt -= optlen, cp += optlen) {
1540 opt = cp[IPOPT_OPTVAL];
1541 if (opt == IPOPT_EOL)
1542 break;
1543 if (opt == IPOPT_NOP)
1544 optlen = 1;
1545 else {
1546 if (cnt < IPOPT_OLEN + sizeof(*cp)) {
1547 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1548 goto bad;
1549 }
1550 optlen = cp[IPOPT_OLEN];
1551 if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
1552 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1553 goto bad;
1554 }
1555 }
1556 switch (opt) {
1557
1558 default:
1559 break;
1560
1561 /*
1562 * Source routing with record.
1563 * Find interface with current destination address.
1564 * If none on this machine then drop if strictly routed,
1565 * or do nothing if loosely routed.
1566 * Record interface address and bring up next address
1567 * component. If strictly routed make sure next
1568 * address is on directly accessible net.
1569 */
1570 case IPOPT_LSRR:
1571 case IPOPT_SSRR:
1572 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1573 code = &cp[IPOPT_OLEN] - (u_char *)ip;
1574 goto bad;
1575 }
1576 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1577 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1578 goto bad;
1579 }
1580 ipaddr.sin_addr = ip->ip_dst;
1581 ia = (struct in_ifaddr *)
1582 ifa_ifwithaddr((struct sockaddr *)&ipaddr);
1583 if (ia == 0) {
1584 if (opt == IPOPT_SSRR) {
1585 type = ICMP_UNREACH;
1586 code = ICMP_UNREACH_SRCFAIL;
1587 goto bad;
1588 }
1589 if (!ip_dosourceroute)
1590 goto nosourcerouting;
1591 /*
1592 * Loose routing, and not at next destination
1593 * yet; nothing to do except forward.
1594 */
1595 break;
1596 }
1597 else {
1598 ifafree(&ia->ia_ifa);
1599 ia = NULL;
1600 }
1601 off--; /* 0 origin */
1602 if (off > optlen - (int)sizeof(struct in_addr)) {
1603 /*
1604 * End of source route. Should be for us.
1605 */
1606 if (!ip_acceptsourceroute)
1607 goto nosourcerouting;
1608 save_rte(cp, ip->ip_src);
1609 break;
1610 }
1611
1612 if (!ip_dosourceroute) {
1613 if (ipforwarding) {
1614 char buf[MAX_IPv4_STR_LEN];
1615 char buf2[MAX_IPv4_STR_LEN];
1616 /*
1617 * Acting as a router, so generate ICMP
1618 */
1619 nosourcerouting:
1620 log(LOG_WARNING,
1621 "attempted source route from %s to %s\n",
1622 inet_ntop(AF_INET, &ip->ip_src, buf, sizeof(buf)),
1623 inet_ntop(AF_INET, &ip->ip_dst, buf2, sizeof(buf2)));
1624 type = ICMP_UNREACH;
1625 code = ICMP_UNREACH_SRCFAIL;
1626 goto bad;
1627 } else {
1628 /*
1629 * Not acting as a router, so silently drop.
1630 */
1631 ipstat.ips_cantforward++;
1632 m_freem(m);
1633 return (1);
1634 }
1635 }
1636
1637 /*
1638 * locate outgoing interface
1639 */
1640 (void)memcpy(&ipaddr.sin_addr, cp + off,
1641 sizeof(ipaddr.sin_addr));
1642
1643 if (opt == IPOPT_SSRR) {
1644 #define INA struct in_ifaddr *
1645 #define SA struct sockaddr *
1646 if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr)) == 0) {
1647 ia = (INA)ifa_ifwithnet((SA)&ipaddr);
1648 }
1649 } else {
1650 ia = ip_rtaddr(ipaddr.sin_addr, ipforward_rt);
1651 }
1652 if (ia == 0) {
1653 type = ICMP_UNREACH;
1654 code = ICMP_UNREACH_SRCFAIL;
1655 goto bad;
1656 }
1657 ip->ip_dst = ipaddr.sin_addr;
1658 (void)memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
1659 sizeof(struct in_addr));
1660 ifafree(&ia->ia_ifa);
1661 ia = NULL;
1662 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1663 /*
1664 * Let ip_intr's mcast routing check handle mcast pkts
1665 */
1666 forward = !IN_MULTICAST(ntohl(ip->ip_dst.s_addr));
1667 break;
1668
1669 case IPOPT_RR:
1670 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
1671 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1672 goto bad;
1673 }
1674 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
1675 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
1676 goto bad;
1677 }
1678 /*
1679 * If no space remains, ignore.
1680 */
1681 off--; /* 0 origin */
1682 if (off > optlen - (int)sizeof(struct in_addr))
1683 break;
1684 (void)memcpy(&ipaddr.sin_addr, &ip->ip_dst,
1685 sizeof(ipaddr.sin_addr));
1686 /*
1687 * locate outgoing interface; if we're the destination,
1688 * use the incoming interface (should be same).
1689 */
1690 if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == 0) {
1691 if ((ia = ip_rtaddr(ipaddr.sin_addr, ipforward_rt)) == 0) {
1692 type = ICMP_UNREACH;
1693 code = ICMP_UNREACH_HOST;
1694 goto bad;
1695 }
1696 }
1697 (void)memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
1698 sizeof(struct in_addr));
1699 ifafree(&ia->ia_ifa);
1700 ia = NULL;
1701 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
1702 break;
1703
1704 case IPOPT_TS:
1705 code = cp - (u_char *)ip;
1706 ipt = (struct ip_timestamp *)cp;
1707 if (ipt->ipt_len < 4 || ipt->ipt_len > 40) {
1708 code = (u_char *)&ipt->ipt_len - (u_char *)ip;
1709 goto bad;
1710 }
1711 if (ipt->ipt_ptr < 5) {
1712 code = (u_char *)&ipt->ipt_ptr - (u_char *)ip;
1713 goto bad;
1714 }
1715 if (ipt->ipt_ptr >
1716 ipt->ipt_len - (int)sizeof(int32_t)) {
1717 if (++ipt->ipt_oflw == 0) {
1718 code = (u_char *)&ipt->ipt_ptr -
1719 (u_char *)ip;
1720 goto bad;
1721 }
1722 break;
1723 }
1724 sin = (struct in_addr *)(cp + ipt->ipt_ptr - 1);
1725 switch (ipt->ipt_flg) {
1726
1727 case IPOPT_TS_TSONLY:
1728 break;
1729
1730 case IPOPT_TS_TSANDADDR:
1731 if (ipt->ipt_ptr - 1 + sizeof(n_time) +
1732 sizeof(struct in_addr) > ipt->ipt_len) {
1733 code = (u_char *)&ipt->ipt_ptr -
1734 (u_char *)ip;
1735 goto bad;
1736 }
1737 ipaddr.sin_addr = dst;
1738 ia = (INA)ifaof_ifpforaddr((SA)&ipaddr,
1739 m->m_pkthdr.rcvif);
1740 if (ia == 0)
1741 continue;
1742 (void)memcpy(sin, &IA_SIN(ia)->sin_addr,
1743 sizeof(struct in_addr));
1744 ipt->ipt_ptr += sizeof(struct in_addr);
1745 ifafree(&ia->ia_ifa);
1746 ia = NULL;
1747 break;
1748
1749 case IPOPT_TS_PRESPEC:
1750 if (ipt->ipt_ptr - 1 + sizeof(n_time) +
1751 sizeof(struct in_addr) > ipt->ipt_len) {
1752 code = (u_char *)&ipt->ipt_ptr -
1753 (u_char *)ip;
1754 goto bad;
1755 }
1756 (void)memcpy(&ipaddr.sin_addr, sin,
1757 sizeof(struct in_addr));
1758 if ((ia = (struct in_ifaddr*)ifa_ifwithaddr((SA)&ipaddr)) == 0)
1759 continue;
1760 ifafree(&ia->ia_ifa);
1761 ia = NULL;
1762 ipt->ipt_ptr += sizeof(struct in_addr);
1763 break;
1764
1765 default:
1766 /* XXX can't take &ipt->ipt_flg */
1767 code = (u_char *)&ipt->ipt_ptr -
1768 (u_char *)ip + 1;
1769 goto bad;
1770 }
1771 ntime = iptime();
1772 (void)memcpy(cp + ipt->ipt_ptr - 1, &ntime,
1773 sizeof(n_time));
1774 ipt->ipt_ptr += sizeof(n_time);
1775 }
1776 }
1777 if (forward && ipforwarding) {
1778 ip_forward(m, 1, next_hop, ipforward_rt);
1779 return (1);
1780 }
1781 return (0);
1782 bad:
1783 ip->ip_len -= IP_VHL_HL(ip->ip_vhl) << 2; /* XXX icmp_error adds in hdr length */
1784 lck_mtx_unlock(ip_mutex);
1785 icmp_error(m, type, code, 0, 0);
1786 lck_mtx_lock(ip_mutex);
1787 ipstat.ips_badoptions++;
1788 return (1);
1789 }
1790
1791 /*
1792 * Given address of next destination (final or next hop),
1793 * return internet address info of interface to be used to get there.
1794 */
1795 struct in_ifaddr *
1796 ip_rtaddr(dst, rt)
1797 struct in_addr dst;
1798 struct route *rt;
1799 {
1800 register struct sockaddr_in *sin;
1801
1802 sin = (struct sockaddr_in *)&rt->ro_dst;
1803
1804 lck_mtx_lock(rt_mtx);
1805 if (rt->ro_rt == 0 || dst.s_addr != sin->sin_addr.s_addr ||
1806 rt->ro_rt->generation_id != route_generation) {
1807 if (rt->ro_rt) {
1808 rtfree_locked(rt->ro_rt);
1809 rt->ro_rt = 0;
1810 }
1811 sin->sin_family = AF_INET;
1812 sin->sin_len = sizeof(*sin);
1813 sin->sin_addr = dst;
1814
1815 rtalloc_ign_locked(rt, RTF_PRCLONING);
1816 }
1817 if (rt->ro_rt == 0) {
1818 lck_mtx_unlock(rt_mtx);
1819 return ((struct in_ifaddr *)0);
1820 }
1821
1822 if (rt->ro_rt->rt_ifa)
1823 ifaref(rt->ro_rt->rt_ifa);
1824 lck_mtx_unlock(rt_mtx);
1825 return ((struct in_ifaddr *) rt->ro_rt->rt_ifa);
1826 }
1827
1828 /*
1829 * Save incoming source route for use in replies,
1830 * to be picked up later by ip_srcroute if the receiver is interested.
1831 */
1832 void
1833 save_rte(option, dst)
1834 u_char *option;
1835 struct in_addr dst;
1836 {
1837 unsigned olen;
1838
1839 olen = option[IPOPT_OLEN];
1840 #if DIAGNOSTIC
1841 if (ipprintfs)
1842 printf("save_rte: olen %d\n", olen);
1843 #endif
1844 if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst)))
1845 return;
1846 bcopy(option, ip_srcrt.srcopt, olen);
1847 ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
1848 ip_srcrt.dst = dst;
1849 }
1850
1851 /*
1852 * Retrieve incoming source route for use in replies,
1853 * in the same form used by setsockopt.
1854 * The first hop is placed before the options, will be removed later.
1855 */
1856 struct mbuf *
1857 ip_srcroute()
1858 {
1859 register struct in_addr *p, *q;
1860 register struct mbuf *m;
1861
1862 if (ip_nhops == 0)
1863 return ((struct mbuf *)0);
1864 m = m_get(M_DONTWAIT, MT_HEADER);
1865 if (m == 0)
1866 return ((struct mbuf *)0);
1867
1868 #define OPTSIZ (sizeof(ip_srcrt.nop) + sizeof(ip_srcrt.srcopt))
1869
1870 /* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */
1871 m->m_len = ip_nhops * sizeof(struct in_addr) + sizeof(struct in_addr) +
1872 OPTSIZ;
1873 #if DIAGNOSTIC
1874 if (ipprintfs)
1875 printf("ip_srcroute: nhops %d mlen %d", ip_nhops, m->m_len);
1876 #endif
1877
1878 /*
1879 * First save first hop for return route
1880 */
1881 p = &ip_srcrt.route[ip_nhops - 1];
1882 *(mtod(m, struct in_addr *)) = *p--;
1883 #if DIAGNOSTIC
1884 if (ipprintfs)
1885 printf(" hops %lx", (u_long)ntohl(mtod(m, struct in_addr *)->s_addr));
1886 #endif
1887
1888 /*
1889 * Copy option fields and padding (nop) to mbuf.
1890 */
1891 ip_srcrt.nop = IPOPT_NOP;
1892 ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF;
1893 (void)memcpy(mtod(m, caddr_t) + sizeof(struct in_addr),
1894 &ip_srcrt.nop, OPTSIZ);
1895 q = (struct in_addr *)(mtod(m, caddr_t) +
1896 sizeof(struct in_addr) + OPTSIZ);
1897 #undef OPTSIZ
1898 /*
1899 * Record return path as an IP source route,
1900 * reversing the path (pointers are now aligned).
1901 */
1902 while (p >= ip_srcrt.route) {
1903 #if DIAGNOSTIC
1904 if (ipprintfs)
1905 printf(" %lx", (u_long)ntohl(q->s_addr));
1906 #endif
1907 *q++ = *p--;
1908 }
1909 /*
1910 * Last hop goes to final destination.
1911 */
1912 *q = ip_srcrt.dst;
1913 #if DIAGNOSTIC
1914 if (ipprintfs)
1915 printf(" %lx\n", (u_long)ntohl(q->s_addr));
1916 #endif
1917 return (m);
1918 }
1919
1920 /*
1921 * Strip out IP options, at higher
1922 * level protocol in the kernel.
1923 * Second argument is buffer to which options
1924 * will be moved, and return value is their length.
1925 * XXX should be deleted; last arg currently ignored.
1926 */
1927 void
1928 ip_stripoptions(m, mopt)
1929 register struct mbuf *m;
1930 struct mbuf *mopt;
1931 {
1932 register int i;
1933 struct ip *ip = mtod(m, struct ip *);
1934 register caddr_t opts;
1935 int olen;
1936
1937 olen = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof (struct ip);
1938 opts = (caddr_t)(ip + 1);
1939 i = m->m_len - (sizeof (struct ip) + olen);
1940 bcopy(opts + olen, opts, (unsigned)i);
1941 m->m_len -= olen;
1942 if (m->m_flags & M_PKTHDR)
1943 m->m_pkthdr.len -= olen;
1944 ip->ip_vhl = IP_MAKE_VHL(IPVERSION, sizeof(struct ip) >> 2);
1945 }
1946
1947 u_char inetctlerrmap[PRC_NCMDS] = {
1948 0, 0, 0, 0,
1949 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH,
1950 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
1951 EMSGSIZE, EHOSTUNREACH, 0, 0,
1952 0, 0, 0, 0,
1953 ENOPROTOOPT, ECONNREFUSED
1954 };
1955
1956 /*
1957 * Forward a packet. If some error occurs return the sender
1958 * an icmp packet. Note we can't always generate a meaningful
1959 * icmp message because icmp doesn't have a large enough repertoire
1960 * of codes and types.
1961 *
1962 * If not forwarding, just drop the packet. This could be confusing
1963 * if ipforwarding was zero but some routing protocol was advancing
1964 * us as a gateway to somewhere. However, we must let the routing
1965 * protocol deal with that.
1966 *
1967 * The srcrt parameter indicates whether the packet is being forwarded
1968 * via a source route.
1969 */
1970 static void
1971 ip_forward(struct mbuf *m, int srcrt, struct sockaddr_in *next_hop, struct route *ipforward_rt)
1972 {
1973 register struct ip *ip = mtod(m, struct ip *);
1974 register struct sockaddr_in *sin;
1975 register struct rtentry *rt;
1976 int error, type = 0, code = 0;
1977 struct mbuf *mcopy;
1978 n_long dest;
1979 struct in_addr pkt_dst;
1980 struct ifnet *destifp;
1981 #if IPSEC
1982 struct ifnet dummyifp;
1983 #endif
1984
1985 dest = 0;
1986 /*
1987 * Cache the destination address of the packet; this may be
1988 * changed by use of 'ipfw fwd'.
1989 */
1990 pkt_dst = next_hop ? next_hop->sin_addr : ip->ip_dst;
1991
1992 #if DIAGNOSTIC
1993 if (ipprintfs)
1994 printf("forward: src %lx dst %lx ttl %x\n",
1995 (u_long)ip->ip_src.s_addr, (u_long)pkt_dst.s_addr,
1996 ip->ip_ttl);
1997 #endif
1998
1999
2000 if (m->m_flags & (M_BCAST|M_MCAST) || in_canforward(pkt_dst) == 0) {
2001 ipstat.ips_cantforward++;
2002 m_freem(m);
2003 return;
2004 }
2005 #if IPSTEALTH
2006 if (!ipstealth) {
2007 #endif
2008 if (ip->ip_ttl <= IPTTLDEC) {
2009 icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS,
2010 dest, 0);
2011 return;
2012 }
2013 #if IPSTEALTH
2014 }
2015 #endif
2016
2017 sin = (struct sockaddr_in *)&ipforward_rt->ro_dst;
2018 if ((rt = ipforward_rt->ro_rt) == 0 ||
2019 pkt_dst.s_addr != sin->sin_addr.s_addr ||
2020 ipforward_rt->ro_rt->generation_id != route_generation) {
2021 if (ipforward_rt->ro_rt) {
2022 rtfree(ipforward_rt->ro_rt);
2023 ipforward_rt->ro_rt = 0;
2024 }
2025 sin->sin_family = AF_INET;
2026 sin->sin_len = sizeof(*sin);
2027 sin->sin_addr = pkt_dst;
2028
2029 rtalloc_ign(ipforward_rt, RTF_PRCLONING);
2030 if (ipforward_rt->ro_rt == 0) {
2031 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, dest, 0);
2032 return;
2033 }
2034 rt = ipforward_rt->ro_rt;
2035 }
2036
2037 /*
2038 * Save the IP header and at most 8 bytes of the payload,
2039 * in case we need to generate an ICMP message to the src.
2040 *
2041 * We don't use m_copy() because it might return a reference
2042 * to a shared cluster. Both this function and ip_output()
2043 * assume exclusive access to the IP header in `m', so any
2044 * data in a cluster may change before we reach icmp_error().
2045 */
2046 MGET(mcopy, M_DONTWAIT, m->m_type);
2047 if (mcopy != NULL) {
2048 M_COPY_PKTHDR(mcopy, m);
2049 mcopy->m_len = imin((IP_VHL_HL(ip->ip_vhl) << 2) + 8,
2050 (int)ip->ip_len);
2051 m_copydata(m, 0, mcopy->m_len, mtod(mcopy, caddr_t));
2052 }
2053
2054 #if IPSTEALTH
2055 if (!ipstealth) {
2056 #endif
2057 ip->ip_ttl -= IPTTLDEC;
2058 #if IPSTEALTH
2059 }
2060 #endif
2061
2062 /*
2063 * If forwarding packet using same interface that it came in on,
2064 * perhaps should send a redirect to sender to shortcut a hop.
2065 * Only send redirect if source is sending directly to us,
2066 * and if packet was not source routed (or has any options).
2067 * Also, don't send redirect if forwarding using a default route
2068 * or a route modified by a redirect.
2069 */
2070 #define satosin(sa) ((struct sockaddr_in *)(sa))
2071 if (rt->rt_ifp == m->m_pkthdr.rcvif &&
2072 (rt->rt_flags & (RTF_DYNAMIC|RTF_MODIFIED)) == 0 &&
2073 satosin(rt_key(rt))->sin_addr.s_addr != 0 &&
2074 ipsendredirects && !srcrt) {
2075 #define RTA(rt) ((struct in_ifaddr *)(rt->rt_ifa))
2076 u_long src = ntohl(ip->ip_src.s_addr);
2077
2078 if (RTA(rt) &&
2079 (src & RTA(rt)->ia_subnetmask) == RTA(rt)->ia_subnet) {
2080 if (rt->rt_flags & RTF_GATEWAY)
2081 dest = satosin(rt->rt_gateway)->sin_addr.s_addr;
2082 else
2083 dest = pkt_dst.s_addr;
2084 /* Router requirements says to only send host redirects */
2085 type = ICMP_REDIRECT;
2086 code = ICMP_REDIRECT_HOST;
2087 #if DIAGNOSTIC
2088 if (ipprintfs)
2089 printf("redirect (%d) to %lx\n", code, (u_long)dest);
2090 #endif
2091 }
2092 }
2093
2094 {
2095 if (next_hop) {
2096 /* Pass IPFORWARD info if available */
2097 struct m_tag *tag;
2098 struct ip_fwd_tag *ipfwd_tag;
2099
2100 tag = m_tag_alloc(KERNEL_MODULE_TAG_ID, KERNEL_TAG_TYPE_IPFORWARD,
2101 sizeof(struct sockaddr_in), M_NOWAIT);
2102 if (tag == NULL) {
2103 error = ENOBUFS;
2104 m_freem(m);
2105 return;
2106 }
2107
2108 ipfwd_tag = (struct ip_fwd_tag *)(tag+1);
2109 ipfwd_tag->next_hop = next_hop;
2110
2111 m_tag_prepend(m, tag);
2112 }
2113 error = ip_output_list(m, 0, (struct mbuf *)0, ipforward_rt,
2114 IP_FORWARDING, 0);
2115 }
2116 if (error)
2117 ipstat.ips_cantforward++;
2118 else {
2119 ipstat.ips_forward++;
2120 if (type)
2121 ipstat.ips_redirectsent++;
2122 else {
2123 if (mcopy) {
2124 ipflow_create(ipforward_rt, mcopy);
2125 m_freem(mcopy);
2126 }
2127 return;
2128 }
2129 }
2130 if (mcopy == NULL)
2131 return;
2132 destifp = NULL;
2133
2134 switch (error) {
2135
2136 case 0: /* forwarded, but need redirect */
2137 /* type, code set above */
2138 break;
2139
2140 case ENETUNREACH: /* shouldn't happen, checked above */
2141 case EHOSTUNREACH:
2142 case ENETDOWN:
2143 case EHOSTDOWN:
2144 default:
2145 type = ICMP_UNREACH;
2146 code = ICMP_UNREACH_HOST;
2147 break;
2148
2149 case EMSGSIZE:
2150 type = ICMP_UNREACH;
2151 code = ICMP_UNREACH_NEEDFRAG;
2152 #ifndef IPSEC
2153 if (ipforward_rt->ro_rt)
2154 destifp = ipforward_rt->ro_rt->rt_ifp;
2155 #else
2156 /*
2157 * If the packet is routed over IPsec tunnel, tell the
2158 * originator the tunnel MTU.
2159 * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
2160 * XXX quickhack!!!
2161 */
2162 if (ipforward_rt->ro_rt) {
2163 struct secpolicy *sp = NULL;
2164 int ipsecerror;
2165 int ipsechdr;
2166 struct route *ro;
2167
2168 if (ipsec_bypass) {
2169 destifp = ipforward_rt->ro_rt->rt_ifp;
2170 ipstat.ips_cantfrag++;
2171 break;
2172 }
2173 lck_mtx_lock(sadb_mutex);
2174 sp = ipsec4_getpolicybyaddr(mcopy,
2175 IPSEC_DIR_OUTBOUND,
2176 IP_FORWARDING,
2177 &ipsecerror);
2178
2179 if (sp == NULL)
2180 destifp = ipforward_rt->ro_rt->rt_ifp;
2181 else {
2182 /* count IPsec header size */
2183 ipsechdr = ipsec4_hdrsiz(mcopy,
2184 IPSEC_DIR_OUTBOUND,
2185 NULL);
2186
2187 /*
2188 * find the correct route for outer IPv4
2189 * header, compute tunnel MTU.
2190 *
2191 * XXX BUG ALERT
2192 * The "dummyifp" code relies upon the fact
2193 * that icmp_error() touches only ifp->if_mtu.
2194 */
2195 /*XXX*/
2196 destifp = NULL;
2197 if (sp->req != NULL
2198 && sp->req->sav != NULL
2199 && sp->req->sav->sah != NULL) {
2200 ro = &sp->req->sav->sah->sa_route;
2201 if (ro->ro_rt && ro->ro_rt->rt_ifp) {
2202 dummyifp.if_mtu =
2203 ro->ro_rt->rt_ifp->if_mtu;
2204 dummyifp.if_mtu -= ipsechdr;
2205 destifp = &dummyifp;
2206 }
2207 }
2208
2209 key_freesp(sp);
2210 }
2211 lck_mtx_unlock(sadb_mutex);
2212 }
2213 #endif /*IPSEC*/
2214 ipstat.ips_cantfrag++;
2215 break;
2216
2217 case ENOBUFS:
2218 type = ICMP_SOURCEQUENCH;
2219 code = 0;
2220 break;
2221
2222 case EACCES: /* ipfw denied packet */
2223 m_freem(mcopy);
2224 return;
2225 }
2226 icmp_error(mcopy, type, code, dest, destifp);
2227 }
2228
2229 void
2230 ip_savecontrol(
2231 register struct inpcb *inp,
2232 register struct mbuf **mp,
2233 register struct ip *ip,
2234 register struct mbuf *m)
2235 {
2236 if (inp->inp_socket->so_options & SO_TIMESTAMP) {
2237 struct timeval tv;
2238
2239 microtime(&tv);
2240 *mp = sbcreatecontrol((caddr_t) &tv, sizeof(tv),
2241 SCM_TIMESTAMP, SOL_SOCKET);
2242 if (*mp)
2243 mp = &(*mp)->m_next;
2244 }
2245 if (inp->inp_flags & INP_RECVDSTADDR) {
2246 *mp = sbcreatecontrol((caddr_t) &ip->ip_dst,
2247 sizeof(struct in_addr), IP_RECVDSTADDR, IPPROTO_IP);
2248 if (*mp)
2249 mp = &(*mp)->m_next;
2250 }
2251 #ifdef notyet
2252 /* XXX
2253 * Moving these out of udp_input() made them even more broken
2254 * than they already were.
2255 */
2256 /* options were tossed already */
2257 if (inp->inp_flags & INP_RECVOPTS) {
2258 *mp = sbcreatecontrol((caddr_t) opts_deleted_above,
2259 sizeof(struct in_addr), IP_RECVOPTS, IPPROTO_IP);
2260 if (*mp)
2261 mp = &(*mp)->m_next;
2262 }
2263 /* ip_srcroute doesn't do what we want here, need to fix */
2264 if (inp->inp_flags & INP_RECVRETOPTS) {
2265 *mp = sbcreatecontrol((caddr_t) ip_srcroute(),
2266 sizeof(struct in_addr), IP_RECVRETOPTS, IPPROTO_IP);
2267 if (*mp)
2268 mp = &(*mp)->m_next;
2269 }
2270 #endif
2271 if (inp->inp_flags & INP_RECVIF) {
2272 struct ifnet *ifp;
2273 struct sdlbuf {
2274 struct sockaddr_dl sdl;
2275 u_char pad[32];
2276 } sdlbuf;
2277 struct sockaddr_dl *sdp;
2278 struct sockaddr_dl *sdl2 = &sdlbuf.sdl;
2279
2280 ifnet_head_lock_shared();
2281 if (((ifp = m->m_pkthdr.rcvif))
2282 && ( ifp->if_index && (ifp->if_index <= if_index))) {
2283 struct ifaddr *ifa = ifnet_addrs[ifp->if_index - 1];
2284
2285 if (!ifa || !ifa->ifa_addr)
2286 goto makedummy;
2287
2288 sdp = (struct sockaddr_dl *)ifa->ifa_addr;
2289 /*
2290 * Change our mind and don't try copy.
2291 */
2292 if ((sdp->sdl_family != AF_LINK)
2293 || (sdp->sdl_len > sizeof(sdlbuf))) {
2294 goto makedummy;
2295 }
2296 bcopy(sdp, sdl2, sdp->sdl_len);
2297 } else {
2298 makedummy:
2299 sdl2->sdl_len
2300 = offsetof(struct sockaddr_dl, sdl_data[0]);
2301 sdl2->sdl_family = AF_LINK;
2302 sdl2->sdl_index = 0;
2303 sdl2->sdl_nlen = sdl2->sdl_alen = sdl2->sdl_slen = 0;
2304 }
2305 ifnet_head_done();
2306 *mp = sbcreatecontrol((caddr_t) sdl2, sdl2->sdl_len,
2307 IP_RECVIF, IPPROTO_IP);
2308 if (*mp)
2309 mp = &(*mp)->m_next;
2310 }
2311 if (inp->inp_flags & INP_RECVTTL) {
2312 *mp = sbcreatecontrol((caddr_t)&ip->ip_ttl, sizeof(ip->ip_ttl), IP_RECVTTL, IPPROTO_IP);
2313 if (*mp) mp = &(*mp)->m_next;
2314 }
2315 }
2316
2317 int
2318 ip_rsvp_init(struct socket *so)
2319 {
2320 if (so->so_type != SOCK_RAW ||
2321 so->so_proto->pr_protocol != IPPROTO_RSVP)
2322 return EOPNOTSUPP;
2323
2324 if (ip_rsvpd != NULL)
2325 return EADDRINUSE;
2326
2327 ip_rsvpd = so;
2328 /*
2329 * This may seem silly, but we need to be sure we don't over-increment
2330 * the RSVP counter, in case something slips up.
2331 */
2332 if (!ip_rsvp_on) {
2333 ip_rsvp_on = 1;
2334 rsvp_on++;
2335 }
2336
2337 return 0;
2338 }
2339
2340 int
2341 ip_rsvp_done(void)
2342 {
2343 ip_rsvpd = NULL;
2344 /*
2345 * This may seem silly, but we need to be sure we don't over-decrement
2346 * the RSVP counter, in case something slips up.
2347 */
2348 if (ip_rsvp_on) {
2349 ip_rsvp_on = 0;
2350 rsvp_on--;
2351 }
2352 return 0;
2353 }
mirror of XNU