]> git.saurik.com Git - apple/xnu.git/blob - bsd/net/bridge.c
xnu-124.13.tar.gz
[apple/xnu.git] / bsd / net / bridge.c
1 /*
2 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * The contents of this file constitute Original Code as defined in and
7 * are subject to the Apple Public Source License Version 1.1 (the
8 * "License"). You may not use this file except in compliance with the
9 * License. Please obtain a copy of the License at
10 * http://www.apple.com/publicsource and read it before using this file.
11 *
12 * This Original Code and all software distributed under the License are
13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17 * License for the specific language governing rights and limitations
18 * under the License.
19 *
20 * @APPLE_LICENSE_HEADER_END@
21 */
22 /*
23 * Copyright (c) 1998 Luigi Rizzo
24 *
25 * Redistribution and use in source and binary forms, with or without
26 * modification, are permitted provided that the following conditions
27 * are met:
28 * 1. Redistributions of source code must retain the above copyright
29 * notice, this list of conditions and the following disclaimer.
30 * 2. Redistributions in binary form must reproduce the above copyright
31 * notice, this list of conditions and the following disclaimer in the
32 * documentation and/or other materials provided with the distribution.
33 *
34 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
35 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
36 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
37 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
38 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
39 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
40 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
41 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
42 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
43 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
44 * SUCH DAMAGE.
45 *
46 */
47
48 /*
49 * This code implements bridging in FreeBSD. It only acts on ethernet
50 * type of interfaces (others are still usable for routing).
51 * A bridging table holds the source MAC address/dest. interface for each
52 * known node. The table is indexed using an hash of the source address.
53 *
54 * Input packets are tapped near the end of the input routine in each
55 * driver (near the call to bpf_mtap, or before the call to ether_input)
56 * and analysed calling bridge_in(). Depending on the result, the packet
57 * can be forwarded to one or more output interfaces using bdg_forward(),
58 * and/or sent to the upper layer (e.g. in case of multicast).
59 *
60 * Output packets are intercepted near the end of ether_output(),
61 * the correct destination is selected calling bdg_dst_lookup(),
62 * and then forwarding is done using bdg_forward().
63 * Bridging is controlled by the sysctl variable net.link.ether.bridge
64 *
65 * The arp code is also modified to let a machine answer to requests
66 * irrespective of the port the request came from.
67 *
68 * In case of loops in the bridging topology, the bridge detects this
69 * event and temporarily mutes output bridging on one of the ports.
70 * Periodically, interfaces are unmuted by bdg_timeout(). (For the
71 * mute flag i am temporarily using IFF_LINK2 but this has to
72 * change.) Muting is only implemented as a safety measure, and also as
73 * a mechanism to support a user-space implementation of the spanning
74 * tree algorithm. In the final release, unmuting will only occur
75 * because of explicit action of the user-level daemon.
76 *
77 * To build a bridging kernel, use the following option
78 * option BRIDGE
79 * and then at runtime set the sysctl variable to enable bridging.
80 *
81 * Only one interface is supposed to have addresses set (but
82 * there are no problems in practice if you set addresses for more
83 * than one interface).
84 * Bridging will act before routing, but nothing prevents a machine
85 * from doing both (modulo bugs in the implementation...).
86 *
87 * THINGS TO REMEMBER
88 * - bridging requires some (small) modifications to the interface
89 * driver. Currently (980911) the "ed", "de", "tx", "lnc" drivers
90 * have been modified and tested. "fxp", "ep", "fe" have been
91 * modified but not tested. See the "ed" and "de" drivers as
92 * examples on how to operate.
93 * - bridging is incompatible with multicast routing on the same
94 * machine. There is not an easy fix to this.
95 * - loop detection is still not very robust.
96 * - the interface of bdg_forward() could be improved.
97 */
98
99 #include <sys/param.h>
100 #include <sys/mbuf.h>
101 #include <sys/malloc.h>
102 #include <sys/systm.h>
103 #include <sys/socket.h> /* for net/if.h */
104 #include <sys/kernel.h>
105 #include <sys/sysctl.h>
106
107 #include <net/if.h>
108 #include <net/if_types.h>
109
110 #include <netinet/in.h> /* for struct arpcom */
111 #include <netinet/in_systm.h>
112 #include <netinet/in_var.h>
113 #include <netinet/ip.h>
114 #include <netinet/if_ether.h> /* for struct arpcom */
115
116 #include "opt_ipfw.h"
117 #include "opt_ipdn.h"
118
119 #if defined(IPFIREWALL) && defined(DUMMYNET)
120 #include <net/route.h>
121 #include <netinet/ip_fw.h>
122 #include <netinet/ip_dummynet.h>
123 #endif
124
125 #include <net/bridge.h>
126
127 /*
128 * For debugging, you can use the following macros.
129 * remember, rdtsc() only works on Pentium-class machines
130
131 quad_t ticks;
132 DDB(ticks = rdtsc();)
133 ... interesting code ...
134 DDB(bdg_fw_ticks += (u_long)(rdtsc() - ticks) ; bdg_fw_count++ ;)
135
136 *
137 */
138
139 #define DDB(x) x
140 #define DEB(x)
141
142 /*
143 * System initialization
144 */
145
146 static void bdginit(void *);
147 static void flush_table(void);
148
149 SYSINIT(interfaces, SI_SUB_PROTO_IF, SI_ORDER_FIRST, bdginit, NULL)
150
151 static int bdg_ipfw = 0 ;
152 int do_bridge = 0;
153 bdg_hash_table *bdg_table = NULL ;
154
155 /*
156 * we need additional info for the bridge. The bdg_ifp2sc[] array
157 * provides a pointer to this struct using the if_index.
158 * bdg_softc has a backpointer to the struct ifnet, the bridge
159 * flags, and a group (bridging occurs only between port of the
160 * same group).
161 */
162 struct bdg_softc {
163 struct ifnet *ifp ;
164 /* ((struct arpcom *)ifp)->ac_enaddr is the eth. addr */
165 int flags ;
166 int group ;
167 } ;
168
169 static struct bdg_softc **ifp2sc = NULL ;
170
171 #if 0 /* new code using ifp2sc */
172 #define SAMEGROUP(ifp,src) (src == NULL || \
173 ifp2sc[ifp->if_index]->group == ifp2sc[src->if_index]->group )
174 #define MUTED(ifp) (ifp2sc[ifp->if_index]->flags & IFF_MUTE)
175 #define MUTE(ifp) ifp2sc[ifp->if_index]->flags |= IFF_MUTE
176 #define UNMUTE(ifp) ifp2sc[ifp->if_index]->flags &= ~IFF_MUTE
177 #else
178 #define SAMEGROUP(a,b) 1
179 #define MUTED(ifp) (ifp->if_flags & IFF_MUTE)
180 #define MUTE(ifp) ifp->if_flags |= IFF_MUTE
181 #define UNMUTE(ifp) ifp->if_flags &= ~IFF_MUTE
182 #endif
183
184 static int
185 sysctl_bdg SYSCTL_HANDLER_ARGS
186 {
187 int error, oldval = do_bridge ;
188
189 error = sysctl_handle_int(oidp,
190 oidp->oid_arg1, oidp->oid_arg2, req);
191 printf("called sysctl for bridge name %s arg2 %d val %d->%d\n",
192 oidp->oid_name, oidp->oid_arg2,
193 oldval, do_bridge);
194 if (bdg_table == NULL)
195 do_bridge = 0 ;
196 if (oldval != do_bridge) {
197 flush_table();
198 }
199 return error ;
200 }
201
202 SYSCTL_DECL(_net_link_ether);
203 SYSCTL_PROC(_net_link_ether, OID_AUTO, bridge, CTLTYPE_INT|CTLFLAG_RW,
204 &do_bridge, 0, &sysctl_bdg, "I", "Bridging");
205
206 SYSCTL_INT(_net_link_ether, OID_AUTO, bridge_ipfw, CTLFLAG_RW, &bdg_ipfw,0,"");
207 #if 1 /* diagnostic vars */
208 int bdg_in_count = 0 , bdg_in_ticks = 0 , bdg_fw_count = 0, bdg_fw_ticks = 0 ;
209 SYSCTL_INT(_net_link_ether, OID_AUTO, bdginc, CTLFLAG_RW, &bdg_in_count,0,"");
210 SYSCTL_INT(_net_link_ether, OID_AUTO, bdgint, CTLFLAG_RW, &bdg_in_ticks,0,"");
211 SYSCTL_INT(_net_link_ether, OID_AUTO, bdgfwc, CTLFLAG_RW, &bdg_fw_count,0,"");
212 SYSCTL_INT(_net_link_ether, OID_AUTO, bdgfwt, CTLFLAG_RW, &bdg_fw_ticks,0,"");
213 #endif
214 static struct bdg_stats bdg_stats ;
215 SYSCTL_STRUCT(_net_link_ether, PF_BDG, bdgstats,
216 CTLFLAG_RD, &bdg_stats , bdg_stats, "bridge statistics");
217
218 static int bdg_loops ;
219
220 /*
221 * completely flush the bridge table.
222 */
223 static void
224 flush_table()
225 {
226 int s,i;
227
228 if (bdg_table == NULL)
229 return ;
230 s = splimp();
231 for (i=0; i< HASH_SIZE; i++)
232 bdg_table[i].name= NULL; /* clear table */
233 splx(s);
234 }
235
236 /* wrapper for funnel */
237 void
238 bdg_timeout_funneled(void * dummy)
239 {
240 boolean_t funnel_state;
241
242 funnel_state = thread_funnel_set(network_flock, TRUE);
243 bdg_timeout(dummy);
244 funnel_state = thread_funnel_set(network_flock, FALSE);
245 }
246
247 /*
248 * called periodically to flush entries etc.
249 */
250 static void
251 bdg_timeout(void *dummy)
252 {
253 struct ifnet *ifp ;
254 int s ;
255 static int slowtimer = 0 ;
256 boolean_t funnel_state;
257
258
259 if (do_bridge) {
260 static int age_index = 0 ; /* index of table position to age */
261 int l = age_index + HASH_SIZE/4 ;
262 /*
263 * age entries in the forwarding table.
264 */
265 if (l > HASH_SIZE)
266 l = HASH_SIZE ;
267 for (; age_index < l ; age_index++)
268 if (bdg_table[age_index].used)
269 bdg_table[age_index].used = 0 ;
270 else if (bdg_table[age_index].name) {
271 /* printf("xx flushing stale entry %d\n", age_index); */
272 bdg_table[age_index].name = NULL ;
273 }
274 if (age_index >= HASH_SIZE)
275 age_index = 0 ;
276
277 if (--slowtimer <= 0 ) {
278 slowtimer = 5 ;
279
280 for (ifp = ifnet.tqh_first; ifp; ifp = ifp->if_link.tqe_next) {
281 if (ifp->if_type != IFT_ETHER)
282 continue ;
283 if ( 0 == ( ifp->if_flags & IFF_UP) ) {
284 s = splimp();
285 if_up(ifp);
286 splx(s);
287 }
288 if ( 0 == ( ifp->if_flags & IFF_PROMISC) ) {
289 int ret ;
290 s = splimp();
291 ret = ifpromisc(ifp, 1);
292 splx(s);
293 printf(">> now %s%d flags 0x%x promisc %d\n",
294 ifp->if_name, ifp->if_unit,
295 ifp->if_flags, ret);
296 }
297 if (MUTED(ifp)) {
298 printf(">> unmuting %s%d\n", ifp->if_name, ifp->if_unit);
299 UNMUTE(ifp) ;
300 }
301 }
302 bdg_loops = 0 ;
303 }
304 }
305 timeout(bdg_timeout_funneled, (void *)0, 2*hz );
306
307 }
308
309 /*
310 * local MAC addresses are held in a small array. This makes comparisons
311 * much faster.
312 */
313 unsigned char bdg_addresses[6*BDG_MAX_PORTS];
314 int bdg_ports ;
315
316 /*
317 * initialization of bridge code.
318 */
319 static void
320 bdginit(dummy)
321 void *dummy;
322 {
323 int i ;
324 struct ifnet *ifp;
325 struct arpcom *ac ;
326 u_char *eth_addr ;
327 /*
328 * initialization of bridge code
329 */
330 if (bdg_table == NULL)
331 bdg_table = (struct hash_table *)
332 _MALLOC(HASH_SIZE * sizeof(struct hash_table),
333 M_IFADDR, M_WAITOK);
334 flush_table();
335
336 ifp2sc = _MALLOC(if_index * sizeof(struct bdg_softc *), M_IFADDR, M_WAITOK );
337 bzero(ifp2sc, if_index * sizeof(struct bdg_softc *) );
338
339 bzero(&bdg_stats, sizeof(bdg_stats) );
340 bdg_ports = 0 ;
341 eth_addr = bdg_addresses ;
342
343 printf("BRIDGE 981214, have %d interfaces\n", if_index);
344 for (i = 0 , ifp = ifnet.tqh_first ; i < if_index ;
345 i++, ifp = ifp->if_link.tqe_next)
346 if (ifp->if_type == IFT_ETHER) { /* ethernet ? */
347 ac = (struct arpcom *)ifp;
348 sprintf(bdg_stats.s[ifp->if_index].name,
349 "%s%d", ifp->if_name, ifp->if_unit);
350 printf("-- index %d %s type %d phy %d addrl %d addr %6D\n",
351 ifp->if_index,
352 bdg_stats.s[ifp->if_index].name,
353 (int)ifp->if_type, (int) ifp->if_physical,
354 (int)ifp->if_addrlen,
355 ac->ac_enaddr, "." );
356 bcopy(ac->ac_enaddr, eth_addr, 6);
357 eth_addr += 6 ;
358
359 ifp2sc[bdg_ports] = _MALLOC(sizeof(struct bdg_softc),
360 M_IFADDR, M_WAITOK );
361 ifp2sc[bdg_ports]->ifp = ifp ;
362 ifp2sc[bdg_ports]->flags = 0 ;
363 ifp2sc[bdg_ports]->group = 0 ;
364 bdg_ports ++ ;
365 }
366 bdg_timeout(0);
367 do_bridge=0;
368 }
369
370 /*
371 * bridge_in() is invoked to perform bridging decision on input packets.
372 * On Input:
373 * m packet to be bridged. The mbuf need not to hold the
374 * whole packet, only the first 14 bytes suffice. We
375 * assume them to be contiguous. No alignment assumptions
376 * because they are not a problem on i386 class machines.
377 *
378 * On Return: destination of packet, one of
379 * BDG_BCAST broadcast
380 * BDG_MCAST multicast
381 * BDG_LOCAL is only for a local address (do not forward)
382 * BDG_DROP drop the packet
383 * ifp ifp of the destination interface.
384 *
385 * Forwarding is not done directly to give a chance to some drivers
386 * to fetch more of the packet, or simply drop it completely.
387 */
388
389
390 struct ifnet *
391 bridge_in(struct mbuf *m)
392 {
393 int index;
394 struct ifnet *ifp = m->m_pkthdr.rcvif, *dst , *old ;
395 int dropit = MUTED(ifp) ;
396 struct ether_header *eh;
397
398 eh = mtod(m, struct ether_header *);
399
400 /*
401 * hash the source address
402 */
403 index= HASH_FN(eh->ether_shost);
404 bdg_table[index].used = 1 ;
405 old = bdg_table[index].name ;
406 if ( old ) { /* the entry is valid. */
407 if (!BDG_MATCH( eh->ether_shost, bdg_table[index].etheraddr) ) {
408 printf("collision at %d\n", index);
409 bdg_table[index].name = NULL ;
410 } else if (old != ifp) {
411 /*
412 * found a loop. Either a machine has moved, or there
413 * is a misconfiguration/reconfiguration of the network.
414 * First, do not forward this packet!
415 * Record the relocation anyways; then, if loops persist,
416 * suspect a reconfiguration and disable forwarding
417 * from the old interface.
418 */
419 bdg_table[index].name = ifp ; /* relocate address */
420 printf("-- loop (%d) %6D to %s%d from %s%d (%s)\n",
421 bdg_loops, eh->ether_shost, ".",
422 ifp->if_name, ifp->if_unit,
423 old->if_name, old->if_unit,
424 old->if_flags & IFF_MUTE ? "muted":"ignore");
425 dropit = 1 ;
426 if ( !MUTED(old) ) {
427 if (++bdg_loops > 10)
428 MUTE(old) ;
429 }
430 }
431 }
432
433 /*
434 * now write the source address into the table
435 */
436 if (bdg_table[index].name == NULL) {
437 DEB(printf("new addr %6D at %d for %s%d\n",
438 eh->ether_shost, ".", index, ifp->if_name, ifp->if_unit);)
439 bcopy(eh->ether_shost, bdg_table[index].etheraddr, 6);
440 bdg_table[index].name = ifp ;
441 }
442 dst = bridge_dst_lookup(m);
443 /* Return values:
444 * BDG_BCAST, BDG_MCAST, BDG_LOCAL, BDG_UNKNOWN, BDG_DROP, ifp.
445 * For muted interfaces, the first 3 are changed in BDG_LOCAL,
446 * and others to BDG_DROP. Also, for incoming packets, ifp is changed
447 * to BDG_DROP in case ifp == src . These mods are not necessary
448 * for outgoing packets from ether_output().
449 */
450 BDG_STAT(ifp, BDG_IN);
451 switch ((int)dst) {
452 case (int)BDG_BCAST:
453 case (int)BDG_MCAST:
454 case (int)BDG_LOCAL:
455 case (int)BDG_UNKNOWN:
456 case (int)BDG_DROP:
457 BDG_STAT(ifp, dst);
458 break ;
459 default :
460 if (dst == ifp || dropit )
461 BDG_STAT(ifp, BDG_DROP);
462 else
463 BDG_STAT(ifp, BDG_FORWARD);
464 break ;
465 }
466
467 if ( dropit ) {
468 if (dst == BDG_BCAST || dst == BDG_MCAST || dst == BDG_LOCAL)
469 return BDG_LOCAL ;
470 else
471 return BDG_DROP ;
472 } else {
473 return (dst == ifp ? BDG_DROP : dst ) ;
474 }
475 }
476
477 /*
478 * Forward to dst, excluding src port and (if not a single interface)
479 * muted interfaces. The packet is freed if marked as such
480 * and not for a local destination.
481 * A cleaner implementation would be to make bdg_forward()
482 * always consume the packet, leaving to the caller the task
483 * to make a copy if it needs it. As it is now, bdg_forward()
484 * can keep a copy alive in some cases.
485 */
486 int
487 bdg_forward (struct mbuf **m0, struct ifnet *dst)
488 {
489 struct ifnet *src = (*m0)->m_pkthdr.rcvif; /* could be NULL in output */
490 struct ifnet *ifp ;
491 struct ip *ip;
492 int error=0, s ;
493 int once = 0; /* execute the loop only once */
494 int canfree = 1 ; /* can free the buf at the end */
495 struct mbuf *m ;
496
497 struct ether_header *eh = mtod(*m0, struct ether_header *); /* XXX */
498
499 if (dst == BDG_DROP) { /* this should not happen */
500 printf("xx bdg_forward for BDG_DROP)\n");
501 m_freem(*m0) ;
502 *m0 = NULL ;
503 return 0;
504 }
505 if (dst == BDG_LOCAL) { /* this should not happen as well */
506 printf("xx ouch, bdg_forward for local pkt\n");
507 return 0;
508 }
509 if (dst == BDG_BCAST || dst == BDG_MCAST || dst == BDG_UNKNOWN) {
510 ifp = ifnet.tqh_first ;
511 once = 0 ;
512 if (dst != BDG_UNKNOWN)
513 canfree = 0 ;
514 } else {
515 ifp = dst ;
516 once = 1 ; /* and also canfree */
517 }
518 #if IPFIREWALL
519 /*
520 * do filtering in a very similar way to what is done
521 * in ip_output. Only for IP packets, and only pass/fail/dummynet
522 * is supported. The tricky thing is to make sure that enough of
523 * the packet (basically, Eth+IP+TCP/UDP headers) is contiguous
524 * so that calls to m_pullup in ip_fw_chk will not kill the
525 * ethernet header.
526 */
527 if (ip_fw_chk_ptr) {
528 u_int16_t dummy ;
529 struct ip_fw_chain *rule;
530 int off;
531
532 m = *m0 ;
533 if (m->m_type == MT_DUMMYNET) {
534 /*
535 * the packet was already tagged, so part of the
536 * processing was already done, and we need to go down.
537 */
538 rule = (struct ip_fw_chain *)(m->m_data) ;
539 (*m0) = m = m->m_next ;
540
541 src = m->m_pkthdr.rcvif; /* could be NULL in output */
542 eh = mtod(m, struct ether_header *); /* XXX */
543 canfree = 1 ; /* for sure, a copy is not needed later. */
544 goto forward; /* HACK! */
545 } else
546 rule = NULL ;
547 if (bdg_ipfw == 0)
548 goto forward ;
549 if (src == NULL)
550 goto forward ; /* do not apply to packets from ether_output */
551 if (canfree == 0 ) /* need to make a copy */
552 m = m_copypacket(*m0, M_DONTWAIT);
553 if (m == NULL) {
554 /* fail... */
555 return 0 ;
556 }
557
558 dummy = 0 ;
559 /*
560 * before calling the firewall, swap fields the same as IP does.
561 * here we assume the pkt is an IP one and the header is contiguous
562 */
563 eh = mtod(m, struct ether_header *);
564 ip = (struct ip *)(eh + 1 ) ;
565 NTOHS(ip->ip_len);
566 NTOHS(ip->ip_id);
567 NTOHS(ip->ip_off);
568
569 /*
570 * The third parameter to the firewall code is the dst. interface.
571 * Since we apply checks only on input pkts we use NULL.
572 */
573 off = (*ip_fw_chk_ptr)(NULL, 0, NULL, &dummy, &m, &rule, NULL) ;
574 if (m == NULL) { /* pkt discarded by firewall */
575 if (canfree)
576 *m0 = NULL ;
577 return 0 ;
578 }
579 /*
580 * on return, the mbuf pointer might have changed. Restore
581 * *m0 (if it was the same as m), eh, ip and then
582 * restore original ordering.
583 */
584 eh = mtod(m, struct ether_header *);
585 ip = (struct ip *)(eh + 1 ) ;
586 if (canfree) /* m was a reference to *m0, so update *m0 */
587 *m0 = m ;
588 HTONS(ip->ip_len);
589 HTONS(ip->ip_id);
590 HTONS(ip->ip_off);
591 if (off == 0) {
592 if (canfree == 0)
593 m_freem(m);
594 goto forward ;
595 }
596 #if DUMMYNET
597 if (off & 0x10000) {
598 /*
599 * pass the pkt to dummynet. Need to include m, dst, rule.
600 * Dummynet consumes the packet in all cases.
601 */
602 dummynet_io((off & 0xffff), DN_TO_BDG_FWD, m, dst, NULL, 0, rule);
603 if (canfree) /* dummynet has consumed the original one */
604 *m0 = NULL ;
605 return 0 ;
606 }
607 #endif
608 /* if none of the above matches, we have to drop the pkt */
609 if (m)
610 m_freem(m);
611 if (canfree && m != *m0) {
612 m_freem(*m0);
613 *m0 = NULL ;
614 }
615 return 0 ;
616 }
617 forward:
618 #endif /* COMPAT_IPFW */
619 if (canfree && once)
620 m = *m0 ;
621 else
622 m = NULL ;
623
624 for ( ; ifp ; ifp = ifp->if_link.tqe_next ) {
625 if (ifp != src && ifp->if_type == IFT_ETHER &&
626 (ifp->if_flags & (IFF_UP|IFF_RUNNING)) == (IFF_UP|IFF_RUNNING) &&
627 SAMEGROUP(ifp, src) && !MUTED(ifp) ) {
628 if (m == NULL) { /* do i need to make a copy ? */
629 if (canfree && ifp->if_link.tqe_next == NULL) /* last one! */
630 m = *m0 ;
631 else /* on a P5-90, m_packetcopy takes 540 ticks */
632 m = m_copypacket(*m0, M_DONTWAIT);
633 if (m == NULL) {
634 printf("bdg_forward: sorry, m_copy failed!\n");
635 return ENOBUFS ;
636 }
637 }
638 /*
639 * execute last part of ether_output.
640 */
641 s = splimp();
642 /*
643 * Queue message on interface, and start output if interface
644 * not yet active.
645 */
646 if (IF_QFULL(&ifp->if_snd)) {
647 IF_DROP(&ifp->if_snd);
648 MUTE(ifp); /* good measure... */
649 splx(s);
650 error = ENOBUFS ;
651 } else {
652 ifp->if_obytes += m->m_pkthdr.len ;
653 if (m->m_flags & M_MCAST)
654 ifp->if_omcasts++;
655 IF_ENQUEUE(&ifp->if_snd, m);
656 if ((ifp->if_flags & IFF_OACTIVE) == 0)
657 (*ifp->if_start)(ifp);
658 splx(s);
659 if (m == *m0)
660 *m0 = NULL ; /* the packet is gone... */
661 m = NULL ;
662 }
663 BDG_STAT(ifp, BDG_OUT);
664 }
665 if (once)
666 break ;
667 }
668
669 /* cleanup any mbuf leftover. */
670 if (m)
671 m_freem(m);
672 if (m == *m0)
673 *m0 = NULL ;
674 if (canfree && *m0) {
675 m_freem(*m0);
676 *m0 = NULL ;
677 }
678 return error ;
679 }