root/net/inet/ip.c

/* [previous][next][first][last][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. ip_print
  2. ip_ioctl
  3. strict_route
  4. loose_route
  5. print_ipprot
  6. ip_route_check
  7. build_options
  8. ip_send
  9. ip_build_header
  10. do_options
  11. ip_fast_csum
  12. ip_compute_csum
  13. ip_csum
  14. ip_send_check
  15. ip_frag_create
  16. ip_find
  17. ip_free
  18. ip_expire
  19. ip_create
  20. ip_done
  21. ip_glue
  22. ip_defrag
  23. ip_fragment
  24. ip_forward
  25. ip_rcv
  26. ip_queue_xmit
  27. ip_do_retransmit
  28. ip_retransmit
  29. ip_setsockopt
  30. ip_getsockopt

   1 /*
   2  * INET         An implementation of the TCP/IP protocol suite for the LINUX
   3  *              operating system.  INET is implemented using the  BSD Socket
   4  *              interface as the means of communication with the user level.
   5  *
   6  *              The Internet Protocol (IP) module.
   7  *
   8  * Version:     @(#)ip.c        1.0.16b 9/1/93
   9  *
  10  * Authors:     Ross Biro, <bir7@leland.Stanford.Edu>
  11  *              Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
  12  *              Donald Becker, <becker@super.org>
  13  *
  14  * Fixes:
  15  *              Alan Cox        :       Commented a couple of minor bits of surplus code
  16  *              Alan Cox        :       Undefining IP_FORWARD doesn't include the code
  17  *                                      (just stops a compiler warning).
  18  *              Alan Cox        :       Frames with >=MAX_ROUTE record routes, strict routes or loose routes
  19  *                                      are junked rather than corrupting things.
  20  *              Alan Cox        :       Frames to bad broadcast subnets are dumped
  21  *                                      We used to process them non broadcast and
  22  *                                      boy could that cause havoc.
  23  *              Alan Cox        :       ip_forward sets the free flag on the 
  24  *                                      new frame it queues. Still crap because
  25  *                                      it copies the frame but at least it 
  26  *                                      doesn't eat memory too.
  27  *              Alan Cox        :       Generic queue code and memory fixes.
  28  *              Fred Van Kempen :       IP fragment support (borrowed from NET2E)
  29  *              Gerhard Koerting:       Forward fragmented frames correctly.
  30  *              Gerhard Koerting:       Fixes to my fix of the above 8-).
  31  *              Gerhard Koerting:       IP interface addressing fix.
  32  *              Linus Torvalds  :       More robustness checks
  33  *              Alan Cox        :       Even more checks: Still not as robust as it ought to be
  34  *              Alan Cox        :       Save IP header pointer for later
  35  *              Alan Cox        :       ip option setting
  36  *              Alan Cox        :       Use ip_tos/ip_ttl settings
  37  *              Alan Cox        :       Fragmentation bogosity removed
  38  *                                      (Thanks to Mark.Bush@prg.ox.ac.uk)
  39  *              Dmitry Gorodchanin :    Send of a raw packet crash fix.
  40  *              Alan Cox        :       Silly ip bug when an overlength
  41  *                                      fragment turns up. Now frees the
  42  *                                      queue.
  43  *
  44  * To Fix:
  45  *              IP option processing is mostly not needed. ip_forward needs to know about routing rules
  46  *              and time stamp but that's about all.
  47  *
  48  *              This program is free software; you can redistribute it and/or
  49  *              modify it under the terms of the GNU General Public License
  50  *              as published by the Free Software Foundation; either version
  51  *              2 of the License, or (at your option) any later version.
  52  */
  53 #include <asm/segment.h>
  54 #include <asm/system.h>
  55 #include <linux/types.h>
  56 #include <linux/kernel.h>
  57 #include <linux/sched.h>
  58 #include <linux/string.h>
  59 #include <linux/errno.h>
  60 #include <linux/socket.h>
  61 #include <linux/sockios.h>
  62 #include <linux/in.h>
  63 #include "inet.h"
  64 #include "dev.h"
  65 #include "eth.h"
  66 #include "ip.h"
  67 #include "protocol.h"
  68 #include "route.h"
  69 #include "tcp.h"
  70 #include "skbuff.h"
  71 #include "sock.h"
  72 #include "arp.h"
  73 #include "icmp.h"
  74 
  75 #define CONFIG_IP_FORWARD
  76 #define CONFIG_IP_DEFRAG
  77 
  78 extern int last_retran;
  79 extern void sort_send(struct sock *sk);
  80 
  81 #define min(a,b)        ((a)<(b)?(a):(b))
  82 
  83 void
  84 ip_print(struct iphdr *ip)
     /* [previous][next][first][last][top][bottom][index][help] */
  85 {
  86   unsigned char buff[32];
  87   unsigned char *ptr;
  88   int addr, len, i;
  89 
  90   if (inet_debug != DBG_IP) return;
  91 
  92   /* Dump the IP header. */
  93   printk("IP: ihl=%d, version=%d, tos=%d, tot_len=%d\n",
  94            ip->ihl, ip->version, ip->tos, ntohs(ip->tot_len));
  95   printk("    id=%X, ttl=%d, prot=%d, check=%X\n",
  96            ip->id, ip->ttl, ip->protocol, ip->check);
  97   printk("    frag_off=%d\n", ip->frag_off);
  98   printk("    soucre=%s ", in_ntoa(ip->saddr));
  99   printk("dest=%s\n", in_ntoa(ip->daddr));
 100   printk("    ----\n");
 101 
 102   /* Dump the data. */
 103   ptr = (unsigned char *)(ip + 1);
 104   addr = 0;
 105   len = ntohs(ip->tot_len) - (4 * ip->ihl);
 106   while (len > 0) {
 107         printk("    %04X: ", addr);
 108         for(i = 0; i < 16; i++) {
 109                 if (len > 0) {
 110                         printk("%02X ", (*ptr & 0xFF));
 111                         buff[i] = *ptr++;
 112                         if (buff[i] < 32 || buff[i] > 126) buff[i] = '.';
 113                 } else {
 114                         printk("   ");
 115                         buff[i] = ' ';
 116                 }
 117                 addr++;
 118                 len--;
 119         };
 120         buff[i] = '\0';
 121         printk("  \"%s\"\n", buff);
 122   }
 123   printk("    ----\n\n");
 124 }
 125 
 126 
 127 int
 128 ip_ioctl(struct sock *sk, int cmd, unsigned long arg)
     /* [previous][next][first][last][top][bottom][index][help] */
 129 {
 130   switch(cmd) {
 131         case DDIOCSDBG:
 132                 return(dbg_ioctl((void *) arg, DBG_IP));
 133         default:
 134                 return(-EINVAL);
 135   }
 136 }
 137 
 138 
 139 /* these two routines will do routining. */
 140 static void
 141 strict_route(struct iphdr *iph, struct options *opt)
     /* [previous][next][first][last][top][bottom][index][help] */
 142 {
 143 }
 144 
 145 
 146 static void
 147 loose_route(struct iphdr *iph, struct options *opt)
     /* [previous][next][first][last][top][bottom][index][help] */
 148 {
 149 }
 150 
 151 
 152 static void
 153 print_ipprot(struct inet_protocol *ipprot)
     /* [previous][next][first][last][top][bottom][index][help] */
 154 {
 155   DPRINTF((DBG_IP, "handler = %X, protocol = %d, copy=%d \n",
 156            ipprot->handler, ipprot->protocol, ipprot->copy));
 157 }
 158 
 159 
 160 /* This routine will check to see if we have lost a gateway. */
 161 void
 162 ip_route_check(unsigned long daddr)
     /* [previous][next][first][last][top][bottom][index][help] */
 163 {
 164 }
 165 
 166 
 167 #if 0
 168 /* this routine puts the options at the end of an ip header. */
 169 static int
 170 build_options(struct iphdr *iph, struct options *opt)
     /* [previous][next][first][last][top][bottom][index][help] */
 171 {
 172   unsigned char *ptr;
 173   /* currently we don't support any options. */
 174   ptr = (unsigned char *)(iph+1);
 175   *ptr = 0;
 176   return (4);
 177 }
 178 #endif
 179 
 180 
 181 /* Take an skb, and fill in the MAC header. */
 182 static int
 183 ip_send(struct sk_buff *skb, unsigned long daddr, int len, struct device *dev,
     /* [previous][next][first][last][top][bottom][index][help] */
 184         unsigned long saddr)
 185 {
 186   unsigned char *ptr;
 187   int mac;
 188 
 189   ptr = skb->data;
 190   mac = 0;
 191   skb->arp = 1;
 192   if (dev->hard_header) {
 193         mac = dev->hard_header(ptr, dev, ETH_P_IP, daddr, saddr, len);
 194   }
 195   if (mac < 0) {
 196         mac = -mac;
 197         skb->arp = 0;
 198   }
 199   skb->dev = dev;
 200   return(mac);
 201 }
 202 
 203 
 204 /*
 205  * This routine builds the appropriate hardware/IP headers for
 206  * the routine.  It assumes that if *dev != NULL then the
 207  * protocol knows what it's doing, otherwise it uses the
 208  * routing/ARP tables to select a device struct.
 209  */
 210 int
 211 ip_build_header(struct sk_buff *skb, unsigned long saddr, unsigned long daddr,
     /* [previous][next][first][last][top][bottom][index][help] */
 212                 struct device **dev, int type, struct options *opt, int len, int tos, int ttl)
 213 {
 214   static struct options optmem;
 215   struct iphdr *iph;
 216   struct rtable *rt;
 217   unsigned char *buff;
 218   unsigned long raddr;
 219   static int count = 0;
 220   int tmp;
 221 
 222   if (saddr == 0) 
 223         saddr = my_addr();
 224         
 225   DPRINTF((DBG_IP, "ip_build_header (skb=%X, saddr=%X, daddr=%X, *dev=%X,\n"
 226            "                 type=%d, opt=%X, len = %d)\n",
 227            skb, saddr, daddr, *dev, type, opt, len));
 228            
 229   buff = skb->data;
 230 
 231   /* See if we need to look up the device. */
 232   if (*dev == NULL) {
 233         rt = rt_route(daddr, &optmem);
 234         if (rt == NULL) 
 235                 return(-ENETUNREACH);
 236 
 237         *dev = rt->rt_dev;
 238         if (saddr == 0x0100007FL && daddr != 0x0100007FL) 
 239                 saddr = rt->rt_dev->pa_addr;
 240         raddr = rt->rt_gateway;
 241 
 242         DPRINTF((DBG_IP, "ip_build_header: saddr set to %s\n", in_ntoa(saddr)));
 243         opt = &optmem;
 244   } else {
 245         /* We still need the address of the first hop. */
 246         rt = rt_route(daddr, &optmem);
 247         raddr = (rt == NULL) ? 0 : rt->rt_gateway;
 248   }
 249   if (raddr == 0)
 250         raddr = daddr;
 251 
 252   /* Now build the MAC header. */
 253   tmp = ip_send(skb, raddr, len, *dev, saddr);
 254   buff += tmp;
 255   len -= tmp;
 256 
 257   skb->dev = *dev;
 258   skb->saddr = saddr;
 259   if (skb->sk) skb->sk->saddr = saddr;
 260 
 261   /* Now build the IP header. */
 262 
 263   /* If we are using IPPROTO_RAW, then we don't need an IP header, since
 264      one is being supplied to us by the user */
 265 
 266   if(type == IPPROTO_RAW) return (tmp);
 267 
 268   iph = (struct iphdr *)buff;
 269   iph->version  = 4;
 270   iph->tos      = tos;
 271   iph->frag_off = 0;
 272   iph->ttl      = ttl;
 273   iph->daddr    = daddr;
 274   iph->saddr    = saddr;
 275   iph->protocol = type;
 276   iph->ihl      = 5;
 277   iph->id       = htons(count++);
 278 
 279   /* Setup the IP options. */
 280 #ifdef Not_Yet_Avail
 281   build_options(iph, opt);
 282 #endif
 283 
 284   return(20 + tmp);     /* IP header plus MAC header size */
 285 }
 286 
 287 
 288 static int
 289 do_options(struct iphdr *iph, struct options *opt)
     /* [previous][next][first][last][top][bottom][index][help] */
 290 {
 291   unsigned char *buff;
 292   int done = 0;
 293   int i, len = sizeof(struct iphdr);
 294 
 295   /* Zero out the options. */
 296   opt->record_route.route_size = 0;
 297   opt->loose_route.route_size  = 0;
 298   opt->strict_route.route_size = 0;
 299   opt->tstamp.ptr              = 0;
 300   opt->security                = 0;
 301   opt->compartment             = 0;
 302   opt->handling                = 0;
 303   opt->stream                  = 0;
 304   opt->tcc                     = 0;
 305   return(0);
 306 
 307   /* Advance the pointer to start at the options. */
 308   buff = (unsigned char *)(iph + 1);
 309 
 310   /* Now start the processing. */
 311   while (!done && len < iph->ihl*4) switch(*buff) {
 312         case IPOPT_END:
 313                 done = 1;
 314                 break;
 315         case IPOPT_NOOP:
 316                 buff++;
 317                 len++;
 318                 break;
 319         case IPOPT_SEC:
 320                 buff++;
 321                 if (*buff != 11) return(1);
 322                 buff++;
 323                 opt->security = ntohs(*(unsigned short *)buff);
 324                 buff += 2;
 325                 opt->compartment = ntohs(*(unsigned short *)buff);
 326                 buff += 2;
 327                 opt->handling = ntohs(*(unsigned short *)buff);
 328                 buff += 2;
 329                 opt->tcc = ((*buff) << 16) + ntohs(*(unsigned short *)(buff+1));
 330                 buff += 3;
 331                 len += 11;
 332                 break;
 333         case IPOPT_LSRR:
 334                 buff++;
 335                 if ((*buff - 3)% 4 != 0) return(1);
 336                 len += *buff;
 337                 opt->loose_route.route_size = (*buff -3)/4;
 338                 buff++;
 339                 if (*buff % 4 != 0) return(1);
 340                 opt->loose_route.pointer = *buff/4 - 1;
 341                 buff++;
 342                 buff++;
 343                 for (i = 0; i < opt->loose_route.route_size; i++) {
 344                         if(i>=MAX_ROUTE)
 345                                 return(1);
 346                         opt->loose_route.route[i] = *(unsigned long *)buff;
 347                         buff += 4;
 348                 }
 349                 break;
 350         case IPOPT_SSRR:
 351                 buff++;
 352                 if ((*buff - 3)% 4 != 0) return(1);
 353                 len += *buff;
 354                 opt->strict_route.route_size = (*buff -3)/4;
 355                 buff++;
 356                 if (*buff % 4 != 0) return(1);
 357                 opt->strict_route.pointer = *buff/4 - 1;
 358                 buff++;
 359                 buff++;
 360                 for (i = 0; i < opt->strict_route.route_size; i++) {
 361                         if(i>=MAX_ROUTE)
 362                                 return(1);
 363                         opt->strict_route.route[i] = *(unsigned long *)buff;
 364                         buff += 4;
 365                 }
 366                 break;
 367         case IPOPT_RR:
 368                 buff++;
 369                 if ((*buff - 3)% 4 != 0) return(1);
 370                 len += *buff;
 371                 opt->record_route.route_size = (*buff -3)/4;
 372                 buff++;
 373                 if (*buff % 4 != 0) return(1);
 374                 opt->record_route.pointer = *buff/4 - 1;
 375                 buff++;
 376                 buff++;
 377                 for (i = 0; i < opt->record_route.route_size; i++) {
 378                         if(i>=MAX_ROUTE)
 379                                 return 1;
 380                         opt->record_route.route[i] = *(unsigned long *)buff;
 381                         buff += 4;
 382                 }
 383                 break;
 384         case IPOPT_SID:
 385                 len += 4;
 386                 buff +=2;
 387                 opt->stream = *(unsigned short *)buff;
 388                 buff += 2;
 389                 break;
 390         case IPOPT_TIMESTAMP:
 391                 buff++;
 392                 len += *buff;
 393                 if (*buff % 4 != 0) return(1);
 394                 opt->tstamp.len = *buff / 4 - 1;
 395                 buff++;
 396                 if ((*buff - 1) % 4 != 0) return(1);
 397                 opt->tstamp.ptr = (*buff-1)/4;
 398                 buff++;
 399                 opt->tstamp.x.full_char = *buff;
 400                 buff++;
 401                 for (i = 0; i < opt->tstamp.len; i++) {
 402                         opt->tstamp.data[i] = *(unsigned long *)buff;
 403                         buff += 4;
 404                 }
 405                 break;
 406         default:
 407                 return(1);
 408   }
 409 
 410   if (opt->record_route.route_size == 0) {
 411         if (opt->strict_route.route_size != 0) {
 412                 memcpy(&(opt->record_route), &(opt->strict_route),
 413                                              sizeof(opt->record_route));
 414         } else if (opt->loose_route.route_size != 0) {
 415                 memcpy(&(opt->record_route), &(opt->loose_route),
 416                                              sizeof(opt->record_route));
 417         }
 418   }
 419 
 420   if (opt->strict_route.route_size != 0 &&
 421       opt->strict_route.route_size != opt->strict_route.pointer) {
 422         strict_route(iph, opt);
 423         return(0);
 424   }
 425 
 426   if (opt->loose_route.route_size != 0 &&
 427       opt->loose_route.route_size != opt->loose_route.pointer) {
 428         loose_route(iph, opt);
 429         return(0);
 430   }
 431 
 432   return(0);
 433 }
 434 
 435 /* This is a version of ip_compute_csum() optimized for IP headers, which
 436    always checksum on 4 octet boundaries. */
 437 static inline unsigned short
 438 ip_fast_csum(unsigned char * buff, int wlen)
     /* [previous][next][first][last][top][bottom][index][help] */
 439 {
 440     unsigned long sum = 0;
 441 
 442     if (wlen) {
 443         unsigned long bogus;
 444          __asm__("clc\n"
 445                 "1:\t"
 446                 "lodsl\n\t"
 447                 "adcl %3, %0\n\t"
 448                 "decl %2\n\t"
 449                 "jne 1b\n\t"
 450                 "adcl $0, %0\n\t"
 451                 "movl %0, %3\n\t"
 452                 "shrl $16, %3\n\t"
 453                 "addw %w3, %w0\n\t"
 454                 "adcw $0, %w0"
 455             : "=r" (sum), "=S" (buff), "=r" (wlen), "=a" (bogus)
 456             : "0"  (sum),  "1" (buff),  "2" (wlen));
 457     }
 458     return (~sum) & 0xffff;
 459 }
 460 
 461 /*
 462  * This routine does all the checksum computations that don't
 463  * require anything special (like copying or special headers).
 464  */
 465 unsigned short
 466 ip_compute_csum(unsigned char * buff, int len)
     /* [previous][next][first][last][top][bottom][index][help] */
 467 {
 468   unsigned long sum = 0;
 469 
 470   /* Do the first multiple of 4 bytes and convert to 16 bits. */
 471   if (len > 3) {
 472         __asm__("clc\n"
 473                 "1:\t"
 474                 "lodsl\n\t"
 475                 "adcl %%eax, %%ebx\n\t"
 476                 "loop 1b\n\t"
 477                 "adcl $0, %%ebx\n\t"
 478                 "movl %%ebx, %%eax\n\t"
 479                 "shrl $16, %%eax\n\t"
 480                 "addw %%ax, %%bx\n\t"
 481                 "adcw $0, %%bx"
 482                 : "=b" (sum) , "=S" (buff)
 483                 : "0" (sum), "c" (len >> 2) ,"1" (buff)
 484                 : "ax", "cx", "si", "bx" );
 485   }
 486   if (len & 2) {
 487         __asm__("lodsw\n\t"
 488                 "addw %%ax, %%bx\n\t"
 489                 "adcw $0, %%bx"
 490                 : "=b" (sum), "=S" (buff)
 491                 : "0" (sum), "1" (buff)
 492                 : "bx", "ax", "si");
 493   }
 494   if (len & 1) {
 495         __asm__("lodsb\n\t"
 496                 "movb $0, %%ah\n\t"
 497                 "addw %%ax, %%bx\n\t"
 498                 "adcw $0, %%bx"
 499                 : "=b" (sum), "=S" (buff)
 500                 : "0" (sum), "1" (buff)
 501                 : "bx", "ax", "si");
 502   }
 503   sum =~sum;
 504   return(sum & 0xffff);
 505 }
 506 
 507 /* Check the header of an incoming IP datagram.  This version is still used in slhc.c. */
 508 int
 509 ip_csum(struct iphdr *iph)
     /* [previous][next][first][last][top][bottom][index][help] */
 510 {
 511   return ip_fast_csum((unsigned char *)iph, iph->ihl);
 512 }
 513 
 514 /* Generate a checksym for an outgoing IP datagram. */
 515 static void
 516 ip_send_check(struct iphdr *iph)
     /* [previous][next][first][last][top][bottom][index][help] */
 517 {
 518    iph->check = 0;
 519    iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
 520 }
 521 
 522 /************************ Fragment Handlers From NET2E not yet with tweaks to beat 4K **********************************/
 523 
 524 static struct ipq *ipqueue = NULL;              /* IP fragment queue    */
 525  /* Create a new fragment entry. */
 526 static struct ipfrag *ip_frag_create(int offset, int end, struct sk_buff *skb, unsigned char *ptr)
     /* [previous][next][first][last][top][bottom][index][help] */
 527 {
 528         struct ipfrag *fp;
 529  
 530         fp = (struct ipfrag *) kmalloc(sizeof(struct ipfrag), GFP_ATOMIC);
 531         if (fp == NULL) 
 532         {
 533                 printk("IP: frag_create: no memory left !\n");
 534                 return(NULL);
 535         }
 536         memset(fp, 0, sizeof(struct ipfrag));
 537 
 538         /* Fill in the structure. */
 539         fp->offset = offset;
 540         fp->end = end;
 541         fp->len = end - offset;
 542         fp->skb = skb;
 543         fp->ptr = ptr;
 544  
 545         return(fp);
 546 }
 547  
 548  
 549 /*
 550  * Find the correct entry in the "incomplete datagrams" queue for
 551  * this IP datagram, and return the queue entry address if found.
 552  */
 553 static struct ipq *ip_find(struct iphdr *iph)
     /* [previous][next][first][last][top][bottom][index][help] */
 554 {
 555         struct ipq *qp;
 556         struct ipq *qplast;
 557  
 558         cli();
 559         qplast = NULL;
 560         for(qp = ipqueue; qp != NULL; qplast = qp, qp = qp->next) 
 561         {
 562                 if (iph->id== qp->iph->id && iph->saddr == qp->iph->saddr &&
 563                         iph->daddr == qp->iph->daddr && iph->protocol == qp->iph->protocol) 
 564                 {
 565                         del_timer(&qp->timer);  /* So it doesnt vanish on us. The timer will be reset anyway */
 566                         sti();
 567                         return(qp);
 568                 }
 569         }
 570         sti();
 571         return(NULL);
 572 }
 573  
 574  
 575 /*
 576  * Remove an entry from the "incomplete datagrams" queue, either
 577  * because we completed, reassembled and processed it, or because
 578  * it timed out.
 579  */
 580 
 581 static void ip_free(struct ipq *qp)
     /* [previous][next][first][last][top][bottom][index][help] */
 582 {
 583         struct ipfrag *fp;
 584         struct ipfrag *xp;
 585 
 586         /* Stop the timer for this entry. */
 587 /*      printk("ip_free\n");*/
 588         del_timer(&qp->timer);
 589 
 590         /* Remove this entry from the "incomplete datagrams" queue. */
 591         cli();
 592         if (qp->prev == NULL) 
 593         {
 594                 ipqueue = qp->next;
 595                 if (ipqueue != NULL) 
 596                         ipqueue->prev = NULL;
 597         } 
 598         else 
 599         {
 600                 qp->prev->next = qp->next;
 601                 if (qp->next != NULL) 
 602                         qp->next->prev = qp->prev;
 603         }
 604  
 605         /* Release all fragment data. */
 606 /*      printk("ip_free: kill frag data\n");*/
 607         fp = qp->fragments;
 608         while (fp != NULL) 
 609         {
 610                 xp = fp->next;
 611                 IS_SKB(fp->skb);
 612                 kfree_skb(fp->skb,FREE_READ);
 613                 kfree_s(fp, sizeof(struct ipfrag));
 614                 fp = xp;
 615         }
 616         
 617 /*      printk("ip_free: cleanup\n");*/
 618  
 619         /* Release the MAC header. */
 620         kfree_s(qp->mac, qp->maclen);
 621  
 622         /* Release the IP header. */
 623         kfree_s(qp->iph, qp->ihlen + 8);
 624  
 625         /* Finally, release the queue descriptor itself. */
 626         kfree_s(qp, sizeof(struct ipq));
 627 /*      printk("ip_free:done\n");*/
 628         sti();
 629  }
 630  
 631  
 632  /* Oops- a fragment queue timed out.  Kill it and send an ICMP reply. */
 633  
 634 static void ip_expire(unsigned long arg)
     /* [previous][next][first][last][top][bottom][index][help] */
 635 {
 636         struct ipq *qp;
 637  
 638         qp = (struct ipq *)arg;
 639         DPRINTF((DBG_IP, "IP: queue_expire: fragment queue 0x%X timed out!\n", qp));
 640  
 641         /* Send an ICMP "Fragment Reassembly Timeout" message. */
 642 #if 0           
 643         icmp_send(qp->iph->ip_src.s_addr, ICMP_TIME_EXCEEDED,
 644                     ICMP_EXC_FRAGTIME, qp->iph);
 645 #endif           
 646         if(qp->fragments!=NULL)
 647                 icmp_send(qp->fragments->skb,ICMP_TIME_EXCEEDED,
 648                                 ICMP_EXC_FRAGTIME, qp->dev);
 649  
 650         /* Nuke the fragment queue. */
 651         ip_free(qp);
 652 }
 653  
 654  
 655 /*
 656  * Add an entry to the 'ipq' queue for a newly received IP datagram.
 657  * We will (hopefully :-) receive all other fragments of this datagram
 658  * in time, so we just create a queue for this datagram, in which we
 659  * will insert the received fragments at their respective positions.
 660  */
 661 
 662 static struct ipq *ip_create(struct sk_buff *skb, struct iphdr *iph, struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 663 {
 664         struct ipq *qp;
 665         int maclen;
 666         int ihlen;
 667 
 668         qp = (struct ipq *) kmalloc(sizeof(struct ipq), GFP_ATOMIC);
 669         if (qp == NULL) 
 670         {
 671                 printk("IP: create: no memory left !\n");
 672                 return(NULL);
 673         }
 674         memset(qp, 0, sizeof(struct ipq));
 675 
 676         /* Allocate memory for the MAC header. */
 677         maclen = ((unsigned long) iph) - ((unsigned long) skb->data);
 678         qp->mac = (unsigned char *) kmalloc(maclen, GFP_ATOMIC);
 679         if (qp->mac == NULL) 
 680         {
 681                 printk("IP: create: no memory left !\n");
 682                 kfree_s(qp, sizeof(struct ipq));
 683                 return(NULL);
 684         }
 685 
 686         /* Allocate memory for the IP header (plus 8 octects for ICMP). */
 687         ihlen = (iph->ihl * sizeof(unsigned long));
 688         qp->iph = (struct iphdr *) kmalloc(ihlen + 8, GFP_ATOMIC);
 689         if (qp->iph == NULL) 
 690         {
 691                 printk("IP: create: no memory left !\n");
 692                 kfree_s(qp->mac, maclen);
 693                 kfree_s(qp, sizeof(struct ipq));
 694                 return(NULL);
 695         }
 696 
 697         /* Fill in the structure. */
 698         memcpy(qp->mac, skb->data, maclen);
 699         memcpy(qp->iph, iph, ihlen + 8);
 700         qp->len = 0;
 701         qp->ihlen = ihlen;
 702         qp->maclen = maclen;
 703         qp->fragments = NULL;
 704         qp->dev = dev;
 705 /*      printk("Protocol = %d\n",qp->iph->protocol);*/
 706         
 707         /* Start a timer for this entry. */
 708         qp->timer.expires = IP_FRAG_TIME;               /* about 30 seconds     */
 709         qp->timer.data = (unsigned long) qp;            /* pointer to queue     */
 710         qp->timer.function = ip_expire;                 /* expire function      */
 711         add_timer(&qp->timer);
 712 
 713         /* Add this entry to the queue. */
 714         qp->prev = NULL;
 715         cli();
 716         qp->next = ipqueue;
 717         if (qp->next != NULL) 
 718                 qp->next->prev = qp;
 719         ipqueue = qp;
 720         sti();
 721         return(qp);
 722 }
 723  
 724  
 725  /* See if a fragment queue is complete. */
 726 static int ip_done(struct ipq *qp)
     /* [previous][next][first][last][top][bottom][index][help] */
 727 {
 728         struct ipfrag *fp;
 729         int offset;
 730  
 731         /* Only possible if we received the final fragment. */
 732         if (qp->len == 0) 
 733                 return(0);
 734  
 735         /* Check all fragment offsets to see if they connect. */
 736         fp = qp->fragments;
 737         offset = 0;
 738         while (fp != NULL) 
 739         {
 740                 if (fp->offset > offset) 
 741                         return(0);      /* fragment(s) missing */
 742                 offset = fp->end;
 743                 fp = fp->next;
 744         }
 745  
 746         /* All fragments are present. */
 747         return(1);
 748  }
 749  
 750  
 751 /* Build a new IP datagram from all its fragments. */
 752 static struct sk_buff *ip_glue(struct ipq *qp)
     /* [previous][next][first][last][top][bottom][index][help] */
 753 {
 754         struct sk_buff *skb;
 755         struct iphdr *iph;
 756         struct ipfrag *fp;
 757         unsigned char *ptr;
 758         int count, len;
 759  
 760         /* Allocate a new buffer for the datagram. */
 761         len = sizeof(struct sk_buff)+qp->maclen + qp->ihlen + qp->len;
 762         if ((skb = alloc_skb(len,GFP_ATOMIC)) == NULL) 
 763         {
 764                 printk("IP: queue_glue: no memory for glueing queue 0x%X\n", (int) qp);
 765                 ip_free(qp);
 766                 return(NULL);
 767         }
 768  
 769         /* Fill in the basic details. */
 770         skb->len = (len - qp->maclen);
 771         skb->h.raw = skb->data;
 772         skb->free = 1;
 773  
 774         /* Copy the original MAC and IP headers into the new buffer. */
 775         ptr = (unsigned char *) skb->h.raw;
 776         memcpy(ptr, ((unsigned char *) qp->mac), qp->maclen);
 777 /*      printk("Copied %d bytes of mac header.\n",qp->maclen);*/
 778         ptr += qp->maclen;
 779         memcpy(ptr, ((unsigned char *) qp->iph), qp->ihlen);
 780 /*      printk("Copied %d byte of ip header.\n",qp->ihlen);*/
 781         ptr += qp->ihlen;
 782         skb->h.raw += qp->maclen;
 783         
 784 /*      printk("Protocol = %d\n",skb->h.iph->protocol);*/
 785         count = 0;
 786  
 787         /* Copy the data portions of all fragments into the new buffer. */
 788         fp = qp->fragments;
 789         while(fp != NULL) 
 790         {
 791                 if(count+fp->len>skb->len)
 792                 {
 793                         printk("Invalid fragment list: Fragment over size.\n");
 794                         ip_free(qp);
 795                         kfree_skb(skb,FREE_WRITE);
 796                         return NULL;
 797                 }
 798 /*              printk("Fragment %d size %d\n",fp->offset,fp->len);*/
 799                 memcpy((ptr + fp->offset), fp->ptr, fp->len);
 800                 count += fp->len;
 801                 fp = fp->next;
 802         }
 803  
 804         /* We glued together all fragments, so remove the queue entry. */
 805         ip_free(qp);
 806  
 807         /* Done with all fragments. Fixup the new IP header. */
 808         iph = skb->h.iph;
 809         iph->frag_off = 0;
 810         iph->tot_len = htons((iph->ihl * sizeof(unsigned long)) + count);
 811         skb->ip_hdr = iph;
 812         return(skb);
 813 }
 814  
 815 
 816 /* Process an incoming IP datagram fragment. */
 817 static struct sk_buff *ip_defrag(struct iphdr *iph, struct sk_buff *skb, struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 818 {
 819         struct ipfrag *prev, *next;
 820         struct ipfrag *tfp;
 821         struct ipq *qp;
 822         struct sk_buff *skb2;
 823         unsigned char *ptr;
 824         int flags, offset;
 825         int i, ihl, end;
 826 
 827         /* Find the entry of this IP datagram in the "incomplete datagrams" queue. */
 828         qp = ip_find(iph);
 829  
 830         /* Is this a non-fragmented datagram? */
 831         offset = ntohs(iph->frag_off);
 832         flags = offset & ~IP_OFFSET;
 833         offset &= IP_OFFSET;
 834         if (((flags & IP_MF) == 0) && (offset == 0)) 
 835         {
 836                 if (qp != NULL) 
 837                         ip_free(qp);    /* Huh? How could this exist?? */
 838                 return(skb);
 839         }
 840         offset <<= 3;           /* offset is in 8-byte chunks */
 841  
 842         /*
 843          * If the queue already existed, keep restarting its timer as long
 844          * as we still are receiving fragments.  Otherwise, create a fresh
 845          * queue entry.
 846          */
 847         if (qp != NULL) 
 848         {
 849                 del_timer(&qp->timer);
 850                 qp->timer.expires = IP_FRAG_TIME;       /* about 30 seconds     */
 851                 qp->timer.data = (unsigned long) qp;    /* pointer to queue     */
 852                 qp->timer.function = ip_expire;         /* expire function      */
 853                 add_timer(&qp->timer);
 854         } 
 855         else 
 856         {
 857                 if ((qp = ip_create(skb, iph, dev)) == NULL) 
 858                         return(NULL);
 859         }
 860  
 861         /* Determine the position of this fragment. */
 862         ihl = (iph->ihl * sizeof(unsigned long));
 863         end = offset + ntohs(iph->tot_len) - ihl;
 864  
 865         /* Point into the IP datagram 'data' part. */
 866         ptr = skb->data + dev->hard_header_len + ihl;
 867  
 868         /* Is this the final fragment? */
 869         if ((flags & IP_MF) == 0) 
 870                 qp->len = end;
 871  
 872         /*
 873          * Find out which fragments are in front and at the back of us
 874          * in the chain of fragments so far.  We must know where to put
 875          * this fragment, right?
 876          */
 877         prev = NULL;
 878         for(next = qp->fragments; next != NULL; next = next->next) 
 879         {
 880                 if (next->offset > offset) 
 881                         break;  /* bingo! */
 882                 prev = next;
 883         }       
 884  
 885         /*
 886          * We found where to put this one.
 887          * Check for overlap with preceeding fragment, and, if needed,
 888          * align things so that any overlaps are eliminated.
 889          */
 890         if (prev != NULL && offset < prev->end) 
 891         {
 892                 i = prev->end - offset;
 893                 offset += i;    /* ptr into datagram */
 894                 ptr += i;       /* ptr into fragment data */
 895                 DPRINTF((DBG_IP, "IP: defrag: fixed low overlap %d bytes\n", i));
 896         }       
 897  
 898         /*
 899          * Look for overlap with succeeding segments.
 900          * If we can merge fragments, do it.
 901          */
 902    
 903         for(; next != NULL; next = tfp) 
 904         {
 905                 tfp = next->next;
 906                 if (next->offset >= end) 
 907                         break;          /* no overlaps at all */
 908  
 909                 i = end - next->offset;                 /* overlap is 'i' bytes */
 910                 next->len -= i;                         /* so reduce size of    */
 911                 next->offset += i;                      /* next fragment        */
 912                 next->ptr += i;
 913                 
 914                 /* If we get a frag size of <= 0, remove it. */
 915                 if (next->len <= 0) 
 916                 {
 917                         DPRINTF((DBG_IP, "IP: defrag: removing frag 0x%X (len %d)\n",
 918                                                         next, next->len));
 919                         if (next->prev != NULL) 
 920                                 next->prev->next = next->next;
 921                         else 
 922                                 qp->fragments = next->next;
 923                 
 924                         if (tfp->next != NULL) 
 925                                 next->next->prev = next->prev;
 926                         
 927                         kfree_s(next, sizeof(struct ipfrag));
 928                 }
 929                 DPRINTF((DBG_IP, "IP: defrag: fixed high overlap %d bytes\n", i));
 930         }
 931  
 932         /* Insert this fragment in the chain of fragments. */
 933         tfp = NULL;
 934         tfp = ip_frag_create(offset, end, skb, ptr);
 935         tfp->prev = prev;
 936         tfp->next = next;
 937         if (prev != NULL) 
 938                 prev->next = tfp;
 939         else 
 940                 qp->fragments = tfp;
 941    
 942         if (next != NULL) 
 943                 next->prev = tfp;
 944  
 945         /*
 946          * OK, so we inserted this new fragment into the chain.
 947          * Check if we now have a full IP datagram which we can
 948          * bump up to the IP layer...
 949          */
 950    
 951         if (ip_done(qp)) 
 952         {
 953                 skb2 = ip_glue(qp);             /* glue together the fragments */
 954                 return(skb2);
 955         }
 956         return(NULL);
 957  }
 958  
 959  
 960  /*
 961   * This IP datagram is too large to be sent in one piece.  Break it up into
 962   * smaller pieces (each of size equal to the MAC header plus IP header plus
 963   * a block of the data of the original IP data part) that will yet fit in a
 964   * single device frame, and queue such a frame for sending by calling the
 965   * ip_queue_xmit().  Note that this is recursion, and bad things will happen
 966   * if this function causes a loop...
 967   */
 968  void ip_fragment(struct sock *sk, struct sk_buff *skb, struct device *dev, int is_frag)
     /* [previous][next][first][last][top][bottom][index][help] */
 969  {
 970         struct iphdr *iph;
 971         unsigned char *raw;
 972         unsigned char *ptr;
 973         struct sk_buff *skb2;
 974         int left, mtu, hlen, len;
 975         int offset;
 976  
 977         /* Point into the IP datagram header. */
 978         raw = skb->data;
 979         iph = (struct iphdr *) (raw + dev->hard_header_len);
 980 
 981         skb->ip_hdr = iph;
 982                 
 983         /* Setup starting values. */
 984         hlen = (iph->ihl * sizeof(unsigned long));
 985         left = ntohs(iph->tot_len) - hlen;
 986         hlen += dev->hard_header_len;
 987         mtu = (dev->mtu - hlen);
 988         ptr = (raw + hlen);
 989         
 990         DPRINTF((DBG_IP, "IP: Fragmentation Desired\n"));
 991         DPRINTF((DBG_IP, "    DEV=%s, MTU=%d, LEN=%d SRC=%s",
 992                 dev->name, dev->mtu, left, in_ntoa(iph->saddr)));
 993         DPRINTF((DBG_IP, " DST=%s\n", in_ntoa(iph->daddr)));
 994  
 995         /* Check for any "DF" flag. */
 996         if (ntohs(iph->frag_off) & IP_DF) 
 997         {
 998                 DPRINTF((DBG_IP, "IP: Fragmentation Desired, but DF set !\n"));
 999                 DPRINTF((DBG_IP, "    DEV=%s, MTU=%d, LEN=%d SRC=%s",
1000                         dev->name, dev->mtu, left, in_ntoa(iph->saddr)));
1001                 DPRINTF((DBG_IP, " DST=%s\n", in_ntoa(iph->daddr)));
1002  
1003                 /*
1004                  * FIXME:
1005                  * We should send an ICMP warning message here!
1006                  */
1007                  
1008                 icmp_send(skb,ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, dev); 
1009                 return;
1010         }
1011  
1012         /* Fragment the datagram. */
1013         if (is_frag & 2)
1014           offset = (ntohs(iph->frag_off) & 0x1fff) << 3;
1015         else
1016           offset = 0;
1017         while(left > 0) 
1018         {
1019                 len = left;
1020 #ifdef OLD              
1021                 if (len+8 > mtu) 
1022                         len = (dev->mtu - hlen - 8);
1023                 if ((left - len) >= 8) 
1024                 {
1025                         len /= 8;
1026                         len *= 8;
1027                 }
1028 #else
1029                 /* IF: it doesn't fit, use 'mtu' - the data space left */
1030                 if (len > mtu)
1031                         len = mtu;
1032                 /* IF: we are not sending upto and including the packet end
1033                    then align the next start on an eight byte boundary */
1034                 if (len < left)
1035                 {
1036                         len/=8;
1037                         len*=8;
1038                 }
1039 #endif                          
1040                 DPRINTF((DBG_IP,"IP: frag: creating fragment of %d bytes (%d total)\n",
1041                                                         len, len + hlen));
1042  
1043                 /* Allocate buffer. */
1044                 if ((skb2 = alloc_skb(sizeof(struct sk_buff) + len + hlen,GFP_ATOMIC)) == NULL) 
1045                 {
1046                         printk("IP: frag: no memory for new fragment!\n");
1047                         return;
1048                 }
1049                 skb2->arp = skb->arp;
1050                 skb2->free = skb->free;
1051                 skb2->len = len + hlen;
1052                 skb2->h.raw=(char *) skb2->data;
1053  
1054                 if (sk) 
1055                         sk->wmem_alloc += skb2->mem_len;
1056  
1057                 /* Copy the packet header into the new buffer. */
1058                 memcpy(skb2->h.raw, raw, hlen);
1059  
1060                 /* Copy a block of the IP datagram. */
1061                 memcpy(skb2->h.raw + hlen, ptr, len);
1062                 left -= len;
1063 
1064                 skb2->h.raw+=dev->hard_header_len; 
1065                 /* Fill in the new header fields. */
1066                 iph = (struct iphdr *)(skb2->h.raw/*+dev->hard_header_len*/);
1067                 iph->frag_off = htons((offset >> 3));
1068                 /* Added AC : If we are fragmenting a fragment thats not the
1069                    last fragment then keep MF on each bit */
1070                 if (left > 0 || (is_frag & 1)) 
1071                         iph->frag_off |= htons(IP_MF);
1072                 ptr += len;
1073                 offset += len;
1074 /*              printk("Queue frag\n");*/
1075  
1076                 /* Put this fragment into the sending queue. */
1077                 ip_queue_xmit(sk, dev, skb2, 1);
1078 /*              printk("Queued\n");*/
1079         }
1080  }
1081  
1082 
1083 
1084 #ifdef CONFIG_IP_FORWARD
1085 
1086 /* Forward an IP datagram to its next destination. */
1087 static void
1088 ip_forward(struct sk_buff *skb, struct device *dev, int is_frag)
     /* [previous][next][first][last][top][bottom][index][help] */
1089 {
1090   struct device *dev2;
1091   struct iphdr *iph;
1092   struct sk_buff *skb2;
1093   struct rtable *rt;
1094   unsigned char *ptr;
1095   unsigned long raddr;
1096 
1097   /*
1098    * Only forward packets that were fired at us when we are in promiscuous
1099    * mode. In standard mode we rely on the driver to filter for us.
1100    */
1101    
1102   if(dev->flags&IFF_PROMISC)
1103   {
1104         if(memcmp((char *)&skb[1],dev->dev_addr,dev->addr_len))
1105                 return;
1106   }
1107   
1108   /*
1109    * According to the RFC, we must first decrease the TTL field. If
1110    * that reaches zero, we must reply an ICMP control message telling
1111    * that the packet's lifetime expired.
1112    */
1113   iph = skb->h.iph;
1114   iph->ttl--;
1115   if (iph->ttl <= 0) {
1116         DPRINTF((DBG_IP, "\nIP: *** datagram expired: TTL=0 (ignored) ***\n"));
1117         DPRINTF((DBG_IP, "    SRC = %s   ", in_ntoa(iph->saddr)));
1118         DPRINTF((DBG_IP, "    DST = %s (ignored)\n", in_ntoa(iph->daddr)));
1119 
1120         /* Tell the sender its packet died... */
1121         icmp_send(skb, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL, dev);
1122         return;
1123   }
1124 
1125   /* Re-compute the IP header checksum. */
1126   ip_send_check(iph);
1127 
1128   /*
1129    * OK, the packet is still valid.  Fetch its destination address,
1130    * and give it to the IP sender for further processing.
1131    */
1132   rt = rt_route(iph->daddr, NULL);
1133   if (rt == NULL) {
1134         DPRINTF((DBG_IP, "\nIP: *** routing (phase I) failed ***\n"));
1135 
1136         /* Tell the sender its packet cannot be delivered... */
1137         icmp_send(skb, ICMP_DEST_UNREACH, ICMP_NET_UNREACH, dev);
1138         return;
1139   }
1140 
1141 
1142   /*
1143    * Gosh.  Not only is the packet valid; we even know how to
1144    * forward it onto its final destination.  Can we say this
1145    * is being plain lucky?
1146    * If the router told us that there is no GW, use the dest.
1147    * IP address itself- we seem to be connected directly...
1148    */
1149   raddr = rt->rt_gateway;
1150   if (raddr != 0) {
1151         rt = rt_route(raddr, NULL);
1152         if (rt == NULL) {
1153                 DPRINTF((DBG_IP, "\nIP: *** routing (phase II) failed ***\n"));
1154 
1155                 /* Tell the sender its packet cannot be delivered... */
1156                 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, dev);
1157                 return;
1158         }
1159         if (rt->rt_gateway != 0) raddr = rt->rt_gateway;
1160   } else raddr = iph->daddr;
1161   dev2 = rt->rt_dev;
1162 
1163 
1164   if (dev == dev2)
1165         return;
1166   /*
1167    * We now allocate a new buffer, and copy the datagram into it.
1168    * If the indicated interface is up and running, kick it.
1169    */
1170   DPRINTF((DBG_IP, "\nIP: *** fwd %s -> ", in_ntoa(iph->saddr)));
1171   DPRINTF((DBG_IP, "%s (via %s), LEN=%d\n",
1172                         in_ntoa(raddr), dev2->name, skb->len));
1173 
1174   if (dev2->flags & IFF_UP) {
1175         skb2 = (struct sk_buff *) alloc_skb(sizeof(struct sk_buff) +
1176                        dev2->hard_header_len + skb->len, GFP_ATOMIC);
1177         if (skb2 == NULL) {
1178                 printk("\nIP: No memory available for IP forward\n");
1179                 return;
1180         }
1181         ptr = skb2->data;
1182         skb2->sk = NULL;
1183         skb2->free = 1;
1184         skb2->len = skb->len + dev2->hard_header_len;
1185         skb2->mem_addr = skb2;
1186         skb2->mem_len = sizeof(struct sk_buff) + skb2->len;
1187         skb2->next = NULL;
1188         skb2->h.raw = ptr;
1189 
1190         /* Copy the packet data into the new buffer. */
1191         memcpy(ptr + dev2->hard_header_len, skb->h.raw, skb->len);
1192                 
1193         /* Now build the MAC header. */
1194         (void) ip_send(skb2, raddr, skb->len, dev2, dev2->pa_addr);
1195 
1196         if(skb2->len > dev2->mtu)
1197         {
1198                 ip_fragment(NULL,skb2,dev2, is_frag);
1199                 kfree_skb(skb2,FREE_WRITE);
1200         }
1201         else
1202                 dev2->queue_xmit(skb2, dev2, SOPRI_NORMAL);
1203   }
1204 }
1205 
1206 
1207 #endif
1208 
1209 /* This function receives all incoming IP datagrams. */
1210 int
1211 ip_rcv(struct sk_buff *skb, struct device *dev, struct packet_type *pt)
     /* [previous][next][first][last][top][bottom][index][help] */
1212 {
1213   struct iphdr *iph = skb->h.iph;
1214   unsigned char hash;
1215   unsigned char flag = 0;
1216   unsigned char opts_p = 0;     /* Set iff the packet has options. */
1217   struct inet_protocol *ipprot;
1218   static struct options opt; /* since we don't use these yet, and they
1219                                 take up stack space. */
1220   int brd;
1221   int is_frag=0;
1222 
1223   DPRINTF((DBG_IP, "<<\n"));
1224 
1225   skb->ip_hdr = iph;            /* Fragments can cause ICMP errors too! */
1226   /* Is the datagram acceptable? */
1227   if (skb->len<sizeof(struct iphdr) || iph->ihl<5 || iph->version != 4 || ip_fast_csum((unsigned char *)iph, iph->ihl) !=0) {
1228         DPRINTF((DBG_IP, "\nIP: *** datagram error ***\n"));
1229         DPRINTF((DBG_IP, "    SRC = %s   ", in_ntoa(iph->saddr)));
1230         DPRINTF((DBG_IP, "    DST = %s (ignored)\n", in_ntoa(iph->daddr)));
1231         skb->sk = NULL;
1232         kfree_skb(skb, FREE_WRITE);
1233         return(0);
1234   }
1235   
1236   if (iph->ihl != 5) {          /* Fast path for the typical optionless IP packet. */
1237       ip_print(iph);            /* Bogus, only for debugging. */
1238       memset((char *) &opt, 0, sizeof(opt));
1239       if (do_options(iph, &opt) != 0)
1240           return 0;
1241       opts_p = 1;
1242   }
1243 
1244   if (iph->frag_off & 0x0020)
1245         is_frag|=1;
1246   if (ntohs(iph->frag_off) & 0x1fff)
1247         is_frag|=2;
1248         
1249   /* Do any IP forwarding required.  chk_addr() is expensive -- avoid it someday. */
1250   if ((brd = chk_addr(iph->daddr)) == 0) {
1251 #ifdef CONFIG_IP_FORWARD
1252         ip_forward(skb, dev, is_frag);
1253 #else
1254         printk("Machine %x tried to use us as a forwarder to %x but we have forwarding disabled!\n",
1255                         iph->saddr,iph->daddr);
1256 #endif                  
1257         skb->sk = NULL;
1258         kfree_skb(skb, FREE_WRITE);
1259         return(0);
1260   }
1261 
1262   /*
1263    * Reassemble IP fragments. 
1264    */
1265 
1266   if(is_frag)
1267   {
1268 #ifdef CONFIG_IP_DEFRAG
1269         skb=ip_defrag(iph,skb,dev);
1270         if(skb==NULL)
1271         {
1272                 return 0;
1273         }
1274         iph=skb->h.iph;
1275 #else
1276         printk("\nIP: *** datagram fragmentation not yet implemented ***\n");
1277         printk("    SRC = %s   ", in_ntoa(iph->saddr));
1278         printk("    DST = %s (ignored)\n", in_ntoa(iph->daddr));
1279         icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, dev);
1280         skb->sk = NULL;
1281         kfree_skb(skb, FREE_WRITE);
1282         return(0);
1283 #endif
1284   }
1285 
1286 
1287 
1288   if(brd==IS_INVBCAST)
1289   {
1290 /*      printk("Invalid broadcast address from %x [target %x] (Probably they have a wrong netmask)\n",
1291                 iph->saddr,iph->daddr);*/
1292         skb->sk=NULL;
1293         kfree_skb(skb,FREE_WRITE);
1294         return(0);
1295   }
1296   
1297   /* Point into the IP datagram, just past the header. */
1298 
1299   skb->ip_hdr = iph;
1300   skb->h.raw += iph->ihl*4;
1301   hash = iph->protocol & (MAX_INET_PROTOS -1);
1302   for (ipprot = (struct inet_protocol *)inet_protos[hash];
1303        ipprot != NULL;
1304        ipprot=(struct inet_protocol *)ipprot->next)
1305     {
1306        struct sk_buff *skb2;
1307 
1308        if (ipprot->protocol != iph->protocol) continue;
1309        DPRINTF((DBG_IP, "Using protocol = %X:\n", ipprot));
1310        print_ipprot(ipprot);
1311 
1312        /*
1313         * See if we need to make a copy of it.  This will
1314         * only be set if more than one protocol wants it. 
1315         * and then not for the last one.
1316         */
1317        if (ipprot->copy) {
1318                 skb2 = alloc_skb(skb->mem_len, GFP_ATOMIC);
1319                 if (skb2 == NULL) 
1320                         continue;
1321                 memcpy(skb2, skb, skb->mem_len);
1322                 skb2->mem_addr = skb2;
1323                 skb2->ip_hdr = (struct iphdr *)(
1324                                 (unsigned long)skb2 +
1325                                 (unsigned long) skb->ip_hdr -
1326                                 (unsigned long)skb);
1327                 skb2->h.raw = (unsigned char *)(
1328                                 (unsigned long)skb2 +
1329                                 (unsigned long) skb->h.raw -
1330                                 (unsigned long)skb);
1331                 skb2->free=1;
1332         } else {
1333                 skb2 = skb;
1334         }
1335         flag = 1;
1336 
1337        /*
1338         * Pass on the datagram to each protocol that wants it,
1339         * based on the datagram protocol.  We should really
1340         * check the protocol handler's return values here...
1341         */
1342         ipprot->handler(skb2, dev, opts_p ? &opt : 0, iph->daddr,
1343                         (ntohs(iph->tot_len) - (iph->ihl * 4)),
1344                         iph->saddr, 0, ipprot);
1345 
1346   }
1347 
1348   /*
1349    * All protocols checked.
1350    * If this packet was a broadcast, we may *not* reply to it, since that
1351    * causes (proven, grin) ARP storms and a leakage of memory (i.e. all
1352    * ICMP reply messages get queued up for transmission...)
1353    */
1354   if (!flag) {
1355         if (brd != IS_BROADCAST)
1356                 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, dev);
1357         skb->sk = NULL;
1358         kfree_skb(skb, FREE_WRITE);
1359   }
1360 
1361   return(0);
1362 }
1363 
1364 
1365 /*
1366  * Queues a packet to be sent, and starts the transmitter
1367  * if necessary.  if free = 1 then we free the block after
1368  * transmit, otherwise we don't.
1369  * This routine also needs to put in the total length, and
1370  * compute the checksum.
1371  */
1372 void
1373 ip_queue_xmit(struct sock *sk, struct device *dev, 
     /* [previous][next][first][last][top][bottom][index][help] */
1374               struct sk_buff *skb, int free)
1375 {
1376   struct iphdr *iph;
1377   unsigned char *ptr;
1378 
1379   if (sk == NULL) free = 1;
1380   if (dev == NULL) {
1381         printk("IP: ip_queue_xmit dev = NULL\n");
1382         return;
1383   }
1384   IS_SKB(skb);
1385   skb->free = free;
1386   skb->dev = dev;
1387   skb->when = jiffies;
1388   
1389   DPRINTF((DBG_IP, ">>\n"));
1390   ptr = skb->data;
1391   ptr += dev->hard_header_len;
1392   iph = (struct iphdr *)ptr;
1393   skb->ip_hdr = iph;
1394   iph->tot_len = ntohs(skb->len-dev->hard_header_len);
1395 
1396   if(skb->len > dev->mtu)
1397   {
1398 /*      printk("Fragment!\n");*/
1399         ip_fragment(sk,skb,dev,0);
1400         IS_SKB(skb);
1401         kfree_skb(skb,FREE_WRITE);
1402         return;
1403   }
1404   
1405   ip_send_check(iph);
1406   ip_print(iph);
1407   skb->next = NULL;
1408 
1409   /* See if this is the one trashing our queue. Ross? */
1410   skb->magic = 1;
1411   if (!free) {
1412         skb->link3 = NULL;
1413         sk->packets_out++;
1414         cli();
1415         if (sk->send_head == NULL) {
1416                 sk->send_tail = skb;
1417                 sk->send_head = skb;
1418         } else {
1419                 /* See if we've got a problem. */
1420                 if (sk->send_tail == NULL) {
1421                         printk("IP: ***bug sk->send_tail == NULL != sk->send_head\n");
1422                         sort_send(sk);
1423                 } else {
1424                         sk->send_tail->link3 = skb;
1425                         sk->send_tail = skb;
1426                 }
1427         }
1428         sti();
1429         reset_timer(sk, TIME_WRITE, sk->rto);
1430   } else {
1431         skb->sk = sk;
1432   }
1433 
1434   /* If the indicated interface is up and running, kick it. */
1435   if (dev->flags & IFF_UP) {
1436         if (sk != NULL) {
1437                 dev->queue_xmit(skb, dev, sk->priority);
1438         } 
1439         else {
1440                 dev->queue_xmit(skb, dev, SOPRI_NORMAL);
1441         }
1442   } else {
1443         if (free) kfree_skb(skb, FREE_WRITE);
1444   }
1445 }
1446 
1447 
1448 void
1449 ip_do_retransmit(struct sock *sk, int all)
     /* [previous][next][first][last][top][bottom][index][help] */
1450 {
1451   struct sk_buff * skb;
1452   struct proto *prot;
1453   struct device *dev;
1454   int retransmits;
1455 
1456   prot = sk->prot;
1457   skb = sk->send_head;
1458   retransmits = sk->retransmits;
1459   while (skb != NULL) {
1460         dev = skb->dev;
1461         /* I know this can't happen but as it does.. */
1462         if(dev==NULL)
1463         {
1464                 printk("ip_retransmit: NULL device bug!\n");
1465                 goto oops;
1466         }
1467 
1468         IS_SKB(skb);
1469         
1470         /*
1471          * The rebuild_header function sees if the ARP is done.
1472          * If not it sends a new ARP request, and if so it builds
1473          * the header.
1474          */
1475         cli();  /* We might get interrupted by an arp reply here and fill
1476                    the frame in twice. Because of the technique used this
1477                    would be a little sad */
1478         if (!skb->arp) {
1479                 if (dev->rebuild_header(skb->data, dev)) {
1480                         sti();  /* Failed to rebuild - next */
1481                         if (!all) break;
1482                         skb = (struct sk_buff *)skb->link3;
1483                         continue;
1484                 }
1485         }
1486         skb->arp = 1;
1487         sti();
1488         skb->when = jiffies;
1489 
1490         /* If the interface is (still) up and running, kick it. */
1491         if (dev->flags & IFF_UP) {
1492                 if (sk && !skb_device_locked(skb))
1493                         dev->queue_xmit(skb, dev, sk->priority);
1494         /*        else dev->queue_xmit(skb, dev, SOPRI_NORMAL ); CANNOT HAVE SK=NULL HERE */
1495         }
1496 
1497 oops:   retransmits++;
1498         sk->prot->retransmits ++;
1499         if (!all) break;
1500 
1501         /* This should cut it off before we send too many packets. */
1502         if (sk->retransmits > sk->cong_window) break;
1503         skb = (struct sk_buff *)skb->link3;
1504   }
1505 }
1506 
1507 /*
1508  * This is the normal code called for timeouts.  It does the retransmission
1509  * and then does backoff.  ip_do_retransmit is separated out because
1510  * tcp_ack needs to send stuff from the retransmit queue without
1511  * initiating a backoff.
1512  */
1513 
1514 void
1515 ip_retransmit(struct sock *sk, int all)
     /* [previous][next][first][last][top][bottom][index][help] */
1516 {
1517   ip_do_retransmit(sk, all);
1518 
1519   /*
1520    * Increase the timeout each time we retransmit.  Note that
1521    * we do not increase the rtt estimate.  rto is initialized
1522    * from rtt, but increases here.  Jacobson (SIGCOMM 88) suggests
1523    * that doubling rto each time is the least we can get away with.
1524    * In KA9Q, Karns uses this for the first few times, and then
1525    * goes to quadratic.  netBSD doubles, but only goes up to *64,
1526    * and clamps at 1 to 64 sec afterwards.  Note that 120 sec is
1527    * defined in the protocol as the maximum possible RTT.  I guess
1528    * we'll have to use something other than TCP to talk to the
1529    * University of Mars.
1530    */
1531 
1532   sk->retransmits++;
1533   sk->backoff++;
1534   sk->rto = min(sk->rto << 1, 120*HZ);
1535   reset_timer(sk, TIME_WRITE, sk->rto);
1536 }
1537 
1538 /*
1539  *      Socket option code for IP. This is the end of the line after any TCP,UDP etc options on
1540  *      an IP socket.
1541  */
1542  
1543 int ip_setsockopt(struct sock *sk, int level, int optname, char *optval, int optlen)
     /* [previous][next][first][last][top][bottom][index][help] */
1544 {
1545         int val,err;
1546         
1547         if (optval == NULL) 
1548                 return(-EINVAL);
1549 
1550         err=verify_area(VERIFY_READ, optval, sizeof(int));
1551         if(err)
1552                 return err;
1553         
1554         val = get_fs_long((unsigned long *)optval);
1555 
1556         if(level!=SOL_IP)
1557                 return -EOPNOTSUPP;
1558 
1559         switch(optname)
1560         {
1561                 case IP_TOS:
1562                         if(val<0||val>255)
1563                                 return -EINVAL;
1564                         sk->ip_tos=val;
1565                         return 0;
1566                 case IP_TTL:
1567                         if(val<1||val>255)
1568                                 return -EINVAL;
1569                         sk->ip_ttl=val;
1570                         return 0;
1571                 /* IP_OPTIONS and friends go here eventually */
1572                 default:
1573                         return(-ENOPROTOOPT);
1574         }
1575 }
1576 
1577 int ip_getsockopt(struct sock *sk, int level, int optname, char *optval, int *optlen)
     /* [previous][next][first][last][top][bottom][index][help] */
1578 {
1579         int val,err;
1580         
1581         if(level!=SOL_IP)
1582                 return -EOPNOTSUPP;
1583                 
1584         switch(optname)
1585         {
1586                 case IP_TOS:
1587                         val=sk->ip_tos;
1588                         break;
1589                 case IP_TTL:
1590                         val=sk->ip_ttl;
1591                         break;
1592                 default:
1593                         return(-ENOPROTOOPT);
1594         }
1595         err=verify_area(VERIFY_WRITE, optlen, sizeof(int));
1596         if(err)
1597                 return err;
1598         put_fs_long(sizeof(int),(unsigned long *) optlen);
1599 
1600         err=verify_area(VERIFY_WRITE, optval, sizeof(int));
1601         if(err)
1602                 return err;
1603         put_fs_long(val,(unsigned long *)optval);
1604 
1605         return(0);
1606 }

/* [previous][next][first][last][top][bottom][index][help] */