root/net/inet/ip.c

/* [previous][next][first][last][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. ip_print
  2. ip_ioctl
  3. strict_route
  4. loose_route
  5. print_ipprot
  6. ip_route_check
  7. build_options
  8. ip_send
  9. ip_build_header
  10. do_options
  11. ip_fast_csum
  12. ip_compute_csum
  13. ip_csum
  14. ip_send_check
  15. ip_frag_create
  16. ip_find
  17. ip_free
  18. ip_expire
  19. ip_create
  20. ip_done
  21. ip_glue
  22. ip_defrag
  23. ip_fragment
  24. ip_forward
  25. ip_rcv
  26. ip_queue_xmit
  27. ip_do_retransmit
  28. ip_retransmit
  29. ip_setsockopt
  30. ip_getsockopt

   1 /*
   2  * INET         An implementation of the TCP/IP protocol suite for the LINUX
   3  *              operating system.  INET is implemented using the  BSD Socket
   4  *              interface as the means of communication with the user level.
   5  *
   6  *              The Internet Protocol (IP) module.
   7  *
   8  * Version:     @(#)ip.c        1.0.16b 9/1/93
   9  *
  10  * Authors:     Ross Biro, <bir7@leland.Stanford.Edu>
  11  *              Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
  12  *              Donald Becker, <becker@super.org>
  13  *              Alan Cox, <gw4pts@gw4pts.ampr.org>
  14  *
  15  * Fixes:
  16  *              Alan Cox        :       Commented a couple of minor bits of surplus code
  17  *              Alan Cox        :       Undefining IP_FORWARD doesn't include the code
  18  *                                      (just stops a compiler warning).
  19  *              Alan Cox        :       Frames with >=MAX_ROUTE record routes, strict routes or loose routes
  20  *                                      are junked rather than corrupting things.
  21  *              Alan Cox        :       Frames to bad broadcast subnets are dumped
  22  *                                      We used to process them non broadcast and
  23  *                                      boy could that cause havoc.
  24  *              Alan Cox        :       ip_forward sets the free flag on the 
  25  *                                      new frame it queues. Still crap because
  26  *                                      it copies the frame but at least it 
  27  *                                      doesn't eat memory too.
  28  *              Alan Cox        :       Generic queue code and memory fixes.
  29  *              Fred Van Kempen :       IP fragment support (borrowed from NET2E)
  30  *              Gerhard Koerting:       Forward fragmented frames correctly.
  31  *              Gerhard Koerting:       Fixes to my fix of the above 8-).
  32  *              Gerhard Koerting:       IP interface addressing fix.
  33  *              Linus Torvalds  :       More robustness checks
  34  *              Alan Cox        :       Even more checks: Still not as robust as it ought to be
  35  *              Alan Cox        :       Save IP header pointer for later
  36  *              Alan Cox        :       ip option setting
  37  *              Alan Cox        :       Use ip_tos/ip_ttl settings
  38  *              Alan Cox        :       Fragmentation bogosity removed
  39  *                                      (Thanks to Mark.Bush@prg.ox.ac.uk)
  40  *              Dmitry Gorodchanin :    Send of a raw packet crash fix.
  41  *              Alan Cox        :       Silly ip bug when an overlength
  42  *                                      fragment turns up. Now frees the
  43  *                                      queue.
  44  *              Linus Torvalds/ :       Memory leakage on fragmentation 
  45  *              Alan Cox        :       handling.
  46  *              Gerhard Koerting:       Forwarding uses IP priority hints
  47  *
  48  * To Fix:
  49  *              IP option processing is mostly not needed. ip_forward needs to know about routing rules
  50  *              and time stamp but that's about all.
  51  *
  52  *              This program is free software; you can redistribute it and/or
  53  *              modify it under the terms of the GNU General Public License
  54  *              as published by the Free Software Foundation; either version
  55  *              2 of the License, or (at your option) any later version.
  56  */
  57 #include <asm/segment.h>
  58 #include <asm/system.h>
  59 #include <linux/types.h>
  60 #include <linux/kernel.h>
  61 #include <linux/sched.h>
  62 #include <linux/string.h>
  63 #include <linux/errno.h>
  64 #include <linux/socket.h>
  65 #include <linux/sockios.h>
  66 #include <linux/in.h>
  67 #include "inet.h"
  68 #include "dev.h"
  69 #include "eth.h"
  70 #include "ip.h"
  71 #include "protocol.h"
  72 #include "route.h"
  73 #include "tcp.h"
  74 #include "skbuff.h"
  75 #include "sock.h"
  76 #include "arp.h"
  77 #include "icmp.h"
  78 
  79 #define CONFIG_IP_FORWARD
  80 #define CONFIG_IP_DEFRAG
  81 
  82 extern int last_retran;
  83 extern void sort_send(struct sock *sk);
  84 
  85 #define min(a,b)        ((a)<(b)?(a):(b))
  86 
  87 void
  88 ip_print(struct iphdr *ip)
     /* [previous][next][first][last][top][bottom][index][help] */
  89 {
  90   unsigned char buff[32];
  91   unsigned char *ptr;
  92   int addr, len, i;
  93 
  94   if (inet_debug != DBG_IP) return;
  95 
  96   /* Dump the IP header. */
  97   printk("IP: ihl=%d, version=%d, tos=%d, tot_len=%d\n",
  98            ip->ihl, ip->version, ip->tos, ntohs(ip->tot_len));
  99   printk("    id=%X, ttl=%d, prot=%d, check=%X\n",
 100            ip->id, ip->ttl, ip->protocol, ip->check);
 101   printk("    frag_off=%d\n", ip->frag_off);
 102   printk("    soucre=%s ", in_ntoa(ip->saddr));
 103   printk("dest=%s\n", in_ntoa(ip->daddr));
 104   printk("    ----\n");
 105 
 106   /* Dump the data. */
 107   ptr = (unsigned char *)(ip + 1);
 108   addr = 0;
 109   len = ntohs(ip->tot_len) - (4 * ip->ihl);
 110   while (len > 0) {
 111         printk("    %04X: ", addr);
 112         for(i = 0; i < 16; i++) {
 113                 if (len > 0) {
 114                         printk("%02X ", (*ptr & 0xFF));
 115                         buff[i] = *ptr++;
 116                         if (buff[i] < 32 || buff[i] > 126) buff[i] = '.';
 117                 } else {
 118                         printk("   ");
 119                         buff[i] = ' ';
 120                 }
 121                 addr++;
 122                 len--;
 123         };
 124         buff[i] = '\0';
 125         printk("  \"%s\"\n", buff);
 126   }
 127   printk("    ----\n\n");
 128 }
 129 
 130 
 131 int
 132 ip_ioctl(struct sock *sk, int cmd, unsigned long arg)
     /* [previous][next][first][last][top][bottom][index][help] */
 133 {
 134   switch(cmd) {
 135         case DDIOCSDBG:
 136                 return(dbg_ioctl((void *) arg, DBG_IP));
 137         default:
 138                 return(-EINVAL);
 139   }
 140 }
 141 
 142 
 143 /* these two routines will do routining. */
 144 static void
 145 strict_route(struct iphdr *iph, struct options *opt)
     /* [previous][next][first][last][top][bottom][index][help] */
 146 {
 147 }
 148 
 149 
 150 static void
 151 loose_route(struct iphdr *iph, struct options *opt)
     /* [previous][next][first][last][top][bottom][index][help] */
 152 {
 153 }
 154 
 155 
 156 static void
 157 print_ipprot(struct inet_protocol *ipprot)
     /* [previous][next][first][last][top][bottom][index][help] */
 158 {
 159   DPRINTF((DBG_IP, "handler = %X, protocol = %d, copy=%d \n",
 160            ipprot->handler, ipprot->protocol, ipprot->copy));
 161 }
 162 
 163 
 164 /* This routine will check to see if we have lost a gateway. */
 165 void
 166 ip_route_check(unsigned long daddr)
     /* [previous][next][first][last][top][bottom][index][help] */
 167 {
 168 }
 169 
 170 
 171 #if 0
 172 /* this routine puts the options at the end of an ip header. */
 173 static int
 174 build_options(struct iphdr *iph, struct options *opt)
     /* [previous][next][first][last][top][bottom][index][help] */
 175 {
 176   unsigned char *ptr;
 177   /* currently we don't support any options. */
 178   ptr = (unsigned char *)(iph+1);
 179   *ptr = 0;
 180   return (4);
 181 }
 182 #endif
 183 
 184 
 185 /* Take an skb, and fill in the MAC header. */
 186 static int
 187 ip_send(struct sk_buff *skb, unsigned long daddr, int len, struct device *dev,
     /* [previous][next][first][last][top][bottom][index][help] */
 188         unsigned long saddr)
 189 {
 190   unsigned char *ptr;
 191   int mac;
 192 
 193   ptr = skb->data;
 194   mac = 0;
 195   skb->arp = 1;
 196   if (dev->hard_header) {
 197         mac = dev->hard_header(ptr, dev, ETH_P_IP, daddr, saddr, len);
 198   }
 199   if (mac < 0) {
 200         mac = -mac;
 201         skb->arp = 0;
 202   }
 203   skb->dev = dev;
 204   return(mac);
 205 }
 206 
 207 
 208 /*
 209  * This routine builds the appropriate hardware/IP headers for
 210  * the routine.  It assumes that if *dev != NULL then the
 211  * protocol knows what it's doing, otherwise it uses the
 212  * routing/ARP tables to select a device struct.
 213  */
 214 int
 215 ip_build_header(struct sk_buff *skb, unsigned long saddr, unsigned long daddr,
     /* [previous][next][first][last][top][bottom][index][help] */
 216                 struct device **dev, int type, struct options *opt, int len, int tos, int ttl)
 217 {
 218   static struct options optmem;
 219   struct iphdr *iph;
 220   struct rtable *rt;
 221   unsigned char *buff;
 222   unsigned long raddr;
 223   static int count = 0;
 224   int tmp;
 225 
 226   if (saddr == 0) 
 227         saddr = my_addr();
 228         
 229   DPRINTF((DBG_IP, "ip_build_header (skb=%X, saddr=%X, daddr=%X, *dev=%X,\n"
 230            "                 type=%d, opt=%X, len = %d)\n",
 231            skb, saddr, daddr, *dev, type, opt, len));
 232            
 233   buff = skb->data;
 234 
 235   /* See if we need to look up the device. */
 236   if (*dev == NULL) {
 237         rt = rt_route(daddr, &optmem);
 238         if (rt == NULL) 
 239                 return(-ENETUNREACH);
 240 
 241         *dev = rt->rt_dev;
 242         if (saddr == 0x0100007FL && daddr != 0x0100007FL) 
 243                 saddr = rt->rt_dev->pa_addr;
 244         raddr = rt->rt_gateway;
 245 
 246         DPRINTF((DBG_IP, "ip_build_header: saddr set to %s\n", in_ntoa(saddr)));
 247         opt = &optmem;
 248   } else {
 249         /* We still need the address of the first hop. */
 250         rt = rt_route(daddr, &optmem);
 251         raddr = (rt == NULL) ? 0 : rt->rt_gateway;
 252   }
 253   if (raddr == 0)
 254         raddr = daddr;
 255 
 256   /* Now build the MAC header. */
 257   tmp = ip_send(skb, raddr, len, *dev, saddr);
 258   buff += tmp;
 259   len -= tmp;
 260 
 261   skb->dev = *dev;
 262   skb->saddr = saddr;
 263   if (skb->sk) skb->sk->saddr = saddr;
 264 
 265   /* Now build the IP header. */
 266 
 267   /* If we are using IPPROTO_RAW, then we don't need an IP header, since
 268      one is being supplied to us by the user */
 269 
 270   if(type == IPPROTO_RAW) return (tmp);
 271 
 272   iph = (struct iphdr *)buff;
 273   iph->version  = 4;
 274   iph->tos      = tos;
 275   iph->frag_off = 0;
 276   iph->ttl      = ttl;
 277   iph->daddr    = daddr;
 278   iph->saddr    = saddr;
 279   iph->protocol = type;
 280   iph->ihl      = 5;
 281   iph->id       = htons(count++);
 282 
 283   /* Setup the IP options. */
 284 #ifdef Not_Yet_Avail
 285   build_options(iph, opt);
 286 #endif
 287 
 288   return(20 + tmp);     /* IP header plus MAC header size */
 289 }
 290 
 291 
 292 static int
 293 do_options(struct iphdr *iph, struct options *opt)
     /* [previous][next][first][last][top][bottom][index][help] */
 294 {
 295   unsigned char *buff;
 296   int done = 0;
 297   int i, len = sizeof(struct iphdr);
 298 
 299   /* Zero out the options. */
 300   opt->record_route.route_size = 0;
 301   opt->loose_route.route_size  = 0;
 302   opt->strict_route.route_size = 0;
 303   opt->tstamp.ptr              = 0;
 304   opt->security                = 0;
 305   opt->compartment             = 0;
 306   opt->handling                = 0;
 307   opt->stream                  = 0;
 308   opt->tcc                     = 0;
 309   return(0);
 310 
 311   /* Advance the pointer to start at the options. */
 312   buff = (unsigned char *)(iph + 1);
 313 
 314   /* Now start the processing. */
 315   while (!done && len < iph->ihl*4) switch(*buff) {
 316         case IPOPT_END:
 317                 done = 1;
 318                 break;
 319         case IPOPT_NOOP:
 320                 buff++;
 321                 len++;
 322                 break;
 323         case IPOPT_SEC:
 324                 buff++;
 325                 if (*buff != 11) return(1);
 326                 buff++;
 327                 opt->security = ntohs(*(unsigned short *)buff);
 328                 buff += 2;
 329                 opt->compartment = ntohs(*(unsigned short *)buff);
 330                 buff += 2;
 331                 opt->handling = ntohs(*(unsigned short *)buff);
 332                 buff += 2;
 333                 opt->tcc = ((*buff) << 16) + ntohs(*(unsigned short *)(buff+1));
 334                 buff += 3;
 335                 len += 11;
 336                 break;
 337         case IPOPT_LSRR:
 338                 buff++;
 339                 if ((*buff - 3)% 4 != 0) return(1);
 340                 len += *buff;
 341                 opt->loose_route.route_size = (*buff -3)/4;
 342                 buff++;
 343                 if (*buff % 4 != 0) return(1);
 344                 opt->loose_route.pointer = *buff/4 - 1;
 345                 buff++;
 346                 buff++;
 347                 for (i = 0; i < opt->loose_route.route_size; i++) {
 348                         if(i>=MAX_ROUTE)
 349                                 return(1);
 350                         opt->loose_route.route[i] = *(unsigned long *)buff;
 351                         buff += 4;
 352                 }
 353                 break;
 354         case IPOPT_SSRR:
 355                 buff++;
 356                 if ((*buff - 3)% 4 != 0) return(1);
 357                 len += *buff;
 358                 opt->strict_route.route_size = (*buff -3)/4;
 359                 buff++;
 360                 if (*buff % 4 != 0) return(1);
 361                 opt->strict_route.pointer = *buff/4 - 1;
 362                 buff++;
 363                 buff++;
 364                 for (i = 0; i < opt->strict_route.route_size; i++) {
 365                         if(i>=MAX_ROUTE)
 366                                 return(1);
 367                         opt->strict_route.route[i] = *(unsigned long *)buff;
 368                         buff += 4;
 369                 }
 370                 break;
 371         case IPOPT_RR:
 372                 buff++;
 373                 if ((*buff - 3)% 4 != 0) return(1);
 374                 len += *buff;
 375                 opt->record_route.route_size = (*buff -3)/4;
 376                 buff++;
 377                 if (*buff % 4 != 0) return(1);
 378                 opt->record_route.pointer = *buff/4 - 1;
 379                 buff++;
 380                 buff++;
 381                 for (i = 0; i < opt->record_route.route_size; i++) {
 382                         if(i>=MAX_ROUTE)
 383                                 return 1;
 384                         opt->record_route.route[i] = *(unsigned long *)buff;
 385                         buff += 4;
 386                 }
 387                 break;
 388         case IPOPT_SID:
 389                 len += 4;
 390                 buff +=2;
 391                 opt->stream = *(unsigned short *)buff;
 392                 buff += 2;
 393                 break;
 394         case IPOPT_TIMESTAMP:
 395                 buff++;
 396                 len += *buff;
 397                 if (*buff % 4 != 0) return(1);
 398                 opt->tstamp.len = *buff / 4 - 1;
 399                 buff++;
 400                 if ((*buff - 1) % 4 != 0) return(1);
 401                 opt->tstamp.ptr = (*buff-1)/4;
 402                 buff++;
 403                 opt->tstamp.x.full_char = *buff;
 404                 buff++;
 405                 for (i = 0; i < opt->tstamp.len; i++) {
 406                         opt->tstamp.data[i] = *(unsigned long *)buff;
 407                         buff += 4;
 408                 }
 409                 break;
 410         default:
 411                 return(1);
 412   }
 413 
 414   if (opt->record_route.route_size == 0) {
 415         if (opt->strict_route.route_size != 0) {
 416                 memcpy(&(opt->record_route), &(opt->strict_route),
 417                                              sizeof(opt->record_route));
 418         } else if (opt->loose_route.route_size != 0) {
 419                 memcpy(&(opt->record_route), &(opt->loose_route),
 420                                              sizeof(opt->record_route));
 421         }
 422   }
 423 
 424   if (opt->strict_route.route_size != 0 &&
 425       opt->strict_route.route_size != opt->strict_route.pointer) {
 426         strict_route(iph, opt);
 427         return(0);
 428   }
 429 
 430   if (opt->loose_route.route_size != 0 &&
 431       opt->loose_route.route_size != opt->loose_route.pointer) {
 432         loose_route(iph, opt);
 433         return(0);
 434   }
 435 
 436   return(0);
 437 }
 438 
 439 /* This is a version of ip_compute_csum() optimized for IP headers, which
 440    always checksum on 4 octet boundaries. */
 441 static inline unsigned short
 442 ip_fast_csum(unsigned char * buff, int wlen)
     /* [previous][next][first][last][top][bottom][index][help] */
 443 {
 444     unsigned long sum = 0;
 445 
 446     if (wlen) {
 447         unsigned long bogus;
 448          __asm__("clc\n"
 449                 "1:\t"
 450                 "lodsl\n\t"
 451                 "adcl %3, %0\n\t"
 452                 "decl %2\n\t"
 453                 "jne 1b\n\t"
 454                 "adcl $0, %0\n\t"
 455                 "movl %0, %3\n\t"
 456                 "shrl $16, %3\n\t"
 457                 "addw %w3, %w0\n\t"
 458                 "adcw $0, %w0"
 459             : "=r" (sum), "=S" (buff), "=r" (wlen), "=a" (bogus)
 460             : "0"  (sum),  "1" (buff),  "2" (wlen));
 461     }
 462     return (~sum) & 0xffff;
 463 }
 464 
 465 /*
 466  * This routine does all the checksum computations that don't
 467  * require anything special (like copying or special headers).
 468  */
 469 unsigned short
 470 ip_compute_csum(unsigned char * buff, int len)
     /* [previous][next][first][last][top][bottom][index][help] */
 471 {
 472   unsigned long sum = 0;
 473 
 474   /* Do the first multiple of 4 bytes and convert to 16 bits. */
 475   if (len > 3) {
 476         __asm__("clc\n"
 477                 "1:\t"
 478                 "lodsl\n\t"
 479                 "adcl %%eax, %%ebx\n\t"
 480                 "loop 1b\n\t"
 481                 "adcl $0, %%ebx\n\t"
 482                 "movl %%ebx, %%eax\n\t"
 483                 "shrl $16, %%eax\n\t"
 484                 "addw %%ax, %%bx\n\t"
 485                 "adcw $0, %%bx"
 486                 : "=b" (sum) , "=S" (buff)
 487                 : "0" (sum), "c" (len >> 2) ,"1" (buff)
 488                 : "ax", "cx", "si", "bx" );
 489   }
 490   if (len & 2) {
 491         __asm__("lodsw\n\t"
 492                 "addw %%ax, %%bx\n\t"
 493                 "adcw $0, %%bx"
 494                 : "=b" (sum), "=S" (buff)
 495                 : "0" (sum), "1" (buff)
 496                 : "bx", "ax", "si");
 497   }
 498   if (len & 1) {
 499         __asm__("lodsb\n\t"
 500                 "movb $0, %%ah\n\t"
 501                 "addw %%ax, %%bx\n\t"
 502                 "adcw $0, %%bx"
 503                 : "=b" (sum), "=S" (buff)
 504                 : "0" (sum), "1" (buff)
 505                 : "bx", "ax", "si");
 506   }
 507   sum =~sum;
 508   return(sum & 0xffff);
 509 }
 510 
 511 /* Check the header of an incoming IP datagram.  This version is still used in slhc.c. */
 512 int
 513 ip_csum(struct iphdr *iph)
     /* [previous][next][first][last][top][bottom][index][help] */
 514 {
 515   return ip_fast_csum((unsigned char *)iph, iph->ihl);
 516 }
 517 
 518 /* Generate a checksym for an outgoing IP datagram. */
 519 static void
 520 ip_send_check(struct iphdr *iph)
     /* [previous][next][first][last][top][bottom][index][help] */
 521 {
 522    iph->check = 0;
 523    iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
 524 }
 525 
 526 /************************ Fragment Handlers From NET2E not yet with tweaks to beat 4K **********************************/
 527 
 528 static struct ipq *ipqueue = NULL;              /* IP fragment queue    */
 529  /* Create a new fragment entry. */
 530 static struct ipfrag *ip_frag_create(int offset, int end, struct sk_buff *skb, unsigned char *ptr)
     /* [previous][next][first][last][top][bottom][index][help] */
 531 {
 532         struct ipfrag *fp;
 533  
 534         fp = (struct ipfrag *) kmalloc(sizeof(struct ipfrag), GFP_ATOMIC);
 535         if (fp == NULL) 
 536         {
 537                 printk("IP: frag_create: no memory left !\n");
 538                 return(NULL);
 539         }
 540         memset(fp, 0, sizeof(struct ipfrag));
 541 
 542         /* Fill in the structure. */
 543         fp->offset = offset;
 544         fp->end = end;
 545         fp->len = end - offset;
 546         fp->skb = skb;
 547         fp->ptr = ptr;
 548  
 549         return(fp);
 550 }
 551  
 552  
 553 /*
 554  * Find the correct entry in the "incomplete datagrams" queue for
 555  * this IP datagram, and return the queue entry address if found.
 556  */
 557 static struct ipq *ip_find(struct iphdr *iph)
     /* [previous][next][first][last][top][bottom][index][help] */
 558 {
 559         struct ipq *qp;
 560         struct ipq *qplast;
 561  
 562         cli();
 563         qplast = NULL;
 564         for(qp = ipqueue; qp != NULL; qplast = qp, qp = qp->next) 
 565         {
 566                 if (iph->id== qp->iph->id && iph->saddr == qp->iph->saddr &&
 567                         iph->daddr == qp->iph->daddr && iph->protocol == qp->iph->protocol) 
 568                 {
 569                         del_timer(&qp->timer);  /* So it doesnt vanish on us. The timer will be reset anyway */
 570                         sti();
 571                         return(qp);
 572                 }
 573         }
 574         sti();
 575         return(NULL);
 576 }
 577  
 578  
 579 /*
 580  * Remove an entry from the "incomplete datagrams" queue, either
 581  * because we completed, reassembled and processed it, or because
 582  * it timed out.
 583  */
 584 
 585 static void ip_free(struct ipq *qp)
     /* [previous][next][first][last][top][bottom][index][help] */
 586 {
 587         struct ipfrag *fp;
 588         struct ipfrag *xp;
 589 
 590         /* Stop the timer for this entry. */
 591 /*      printk("ip_free\n");*/
 592         del_timer(&qp->timer);
 593 
 594         /* Remove this entry from the "incomplete datagrams" queue. */
 595         cli();
 596         if (qp->prev == NULL) 
 597         {
 598                 ipqueue = qp->next;
 599                 if (ipqueue != NULL) 
 600                         ipqueue->prev = NULL;
 601         } 
 602         else 
 603         {
 604                 qp->prev->next = qp->next;
 605                 if (qp->next != NULL) 
 606                         qp->next->prev = qp->prev;
 607         }
 608  
 609         /* Release all fragment data. */
 610 /*      printk("ip_free: kill frag data\n");*/
 611         fp = qp->fragments;
 612         while (fp != NULL) 
 613         {
 614                 xp = fp->next;
 615                 IS_SKB(fp->skb);
 616                 kfree_skb(fp->skb,FREE_READ);
 617                 kfree_s(fp, sizeof(struct ipfrag));
 618                 fp = xp;
 619         }
 620         
 621 /*      printk("ip_free: cleanup\n");*/
 622  
 623         /* Release the MAC header. */
 624         kfree_s(qp->mac, qp->maclen);
 625  
 626         /* Release the IP header. */
 627         kfree_s(qp->iph, qp->ihlen + 8);
 628  
 629         /* Finally, release the queue descriptor itself. */
 630         kfree_s(qp, sizeof(struct ipq));
 631 /*      printk("ip_free:done\n");*/
 632         sti();
 633  }
 634  
 635  
 636  /* Oops- a fragment queue timed out.  Kill it and send an ICMP reply. */
 637  
 638 static void ip_expire(unsigned long arg)
     /* [previous][next][first][last][top][bottom][index][help] */
 639 {
 640         struct ipq *qp;
 641  
 642         qp = (struct ipq *)arg;
 643         DPRINTF((DBG_IP, "IP: queue_expire: fragment queue 0x%X timed out!\n", qp));
 644  
 645         /* Send an ICMP "Fragment Reassembly Timeout" message. */
 646 #if 0           
 647         icmp_send(qp->iph->ip_src.s_addr, ICMP_TIME_EXCEEDED,
 648                     ICMP_EXC_FRAGTIME, qp->iph);
 649 #endif           
 650         if(qp->fragments!=NULL)
 651                 icmp_send(qp->fragments->skb,ICMP_TIME_EXCEEDED,
 652                                 ICMP_EXC_FRAGTIME, qp->dev);
 653  
 654         /* Nuke the fragment queue. */
 655         ip_free(qp);
 656 }
 657  
 658  
 659 /*
 660  * Add an entry to the 'ipq' queue for a newly received IP datagram.
 661  * We will (hopefully :-) receive all other fragments of this datagram
 662  * in time, so we just create a queue for this datagram, in which we
 663  * will insert the received fragments at their respective positions.
 664  */
 665 
 666 static struct ipq *ip_create(struct sk_buff *skb, struct iphdr *iph, struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 667 {
 668         struct ipq *qp;
 669         int maclen;
 670         int ihlen;
 671 
 672         qp = (struct ipq *) kmalloc(sizeof(struct ipq), GFP_ATOMIC);
 673         if (qp == NULL) 
 674         {
 675                 printk("IP: create: no memory left !\n");
 676                 return(NULL);
 677         }
 678         memset(qp, 0, sizeof(struct ipq));
 679 
 680         /* Allocate memory for the MAC header. */
 681         maclen = ((unsigned long) iph) - ((unsigned long) skb->data);
 682         qp->mac = (unsigned char *) kmalloc(maclen, GFP_ATOMIC);
 683         if (qp->mac == NULL) 
 684         {
 685                 printk("IP: create: no memory left !\n");
 686                 kfree_s(qp, sizeof(struct ipq));
 687                 return(NULL);
 688         }
 689 
 690         /* Allocate memory for the IP header (plus 8 octects for ICMP). */
 691         ihlen = (iph->ihl * sizeof(unsigned long));
 692         qp->iph = (struct iphdr *) kmalloc(ihlen + 8, GFP_ATOMIC);
 693         if (qp->iph == NULL) 
 694         {
 695                 printk("IP: create: no memory left !\n");
 696                 kfree_s(qp->mac, maclen);
 697                 kfree_s(qp, sizeof(struct ipq));
 698                 return(NULL);
 699         }
 700 
 701         /* Fill in the structure. */
 702         memcpy(qp->mac, skb->data, maclen);
 703         memcpy(qp->iph, iph, ihlen + 8);
 704         qp->len = 0;
 705         qp->ihlen = ihlen;
 706         qp->maclen = maclen;
 707         qp->fragments = NULL;
 708         qp->dev = dev;
 709 /*      printk("Protocol = %d\n",qp->iph->protocol);*/
 710         
 711         /* Start a timer for this entry. */
 712         qp->timer.expires = IP_FRAG_TIME;               /* about 30 seconds     */
 713         qp->timer.data = (unsigned long) qp;            /* pointer to queue     */
 714         qp->timer.function = ip_expire;                 /* expire function      */
 715         add_timer(&qp->timer);
 716 
 717         /* Add this entry to the queue. */
 718         qp->prev = NULL;
 719         cli();
 720         qp->next = ipqueue;
 721         if (qp->next != NULL) 
 722                 qp->next->prev = qp;
 723         ipqueue = qp;
 724         sti();
 725         return(qp);
 726 }
 727  
 728  
 729  /* See if a fragment queue is complete. */
 730 static int ip_done(struct ipq *qp)
     /* [previous][next][first][last][top][bottom][index][help] */
 731 {
 732         struct ipfrag *fp;
 733         int offset;
 734  
 735         /* Only possible if we received the final fragment. */
 736         if (qp->len == 0) 
 737                 return(0);
 738  
 739         /* Check all fragment offsets to see if they connect. */
 740         fp = qp->fragments;
 741         offset = 0;
 742         while (fp != NULL) 
 743         {
 744                 if (fp->offset > offset) 
 745                         return(0);      /* fragment(s) missing */
 746                 offset = fp->end;
 747                 fp = fp->next;
 748         }
 749  
 750         /* All fragments are present. */
 751         return(1);
 752  }
 753  
 754  
 755 /* Build a new IP datagram from all its fragments. */
 756 static struct sk_buff *ip_glue(struct ipq *qp)
     /* [previous][next][first][last][top][bottom][index][help] */
 757 {
 758         struct sk_buff *skb;
 759         struct iphdr *iph;
 760         struct ipfrag *fp;
 761         unsigned char *ptr;
 762         int count, len;
 763  
 764         /* Allocate a new buffer for the datagram. */
 765         len = sizeof(struct sk_buff)+qp->maclen + qp->ihlen + qp->len;
 766         if ((skb = alloc_skb(len,GFP_ATOMIC)) == NULL) 
 767         {
 768                 printk("IP: queue_glue: no memory for glueing queue 0x%X\n", (int) qp);
 769                 ip_free(qp);
 770                 return(NULL);
 771         }
 772  
 773         /* Fill in the basic details. */
 774         skb->len = (len - qp->maclen);
 775         skb->h.raw = skb->data;
 776         skb->free = 1;
 777  
 778         /* Copy the original MAC and IP headers into the new buffer. */
 779         ptr = (unsigned char *) skb->h.raw;
 780         memcpy(ptr, ((unsigned char *) qp->mac), qp->maclen);
 781 /*      printk("Copied %d bytes of mac header.\n",qp->maclen);*/
 782         ptr += qp->maclen;
 783         memcpy(ptr, ((unsigned char *) qp->iph), qp->ihlen);
 784 /*      printk("Copied %d byte of ip header.\n",qp->ihlen);*/
 785         ptr += qp->ihlen;
 786         skb->h.raw += qp->maclen;
 787         
 788 /*      printk("Protocol = %d\n",skb->h.iph->protocol);*/
 789         count = 0;
 790  
 791         /* Copy the data portions of all fragments into the new buffer. */
 792         fp = qp->fragments;
 793         while(fp != NULL) 
 794         {
 795                 if(count+fp->len>skb->len)
 796                 {
 797                         printk("Invalid fragment list: Fragment over size.\n");
 798                         ip_free(qp);
 799                         kfree_skb(skb,FREE_WRITE);
 800                         return NULL;
 801                 }
 802 /*              printk("Fragment %d size %d\n",fp->offset,fp->len);*/
 803                 memcpy((ptr + fp->offset), fp->ptr, fp->len);
 804                 count += fp->len;
 805                 fp = fp->next;
 806         }
 807  
 808         /* We glued together all fragments, so remove the queue entry. */
 809         ip_free(qp);
 810  
 811         /* Done with all fragments. Fixup the new IP header. */
 812         iph = skb->h.iph;
 813         iph->frag_off = 0;
 814         iph->tot_len = htons((iph->ihl * sizeof(unsigned long)) + count);
 815         skb->ip_hdr = iph;
 816         return(skb);
 817 }
 818  
 819 
 820 /* Process an incoming IP datagram fragment. */
 821 static struct sk_buff *ip_defrag(struct iphdr *iph, struct sk_buff *skb, struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 822 {
 823         struct ipfrag *prev, *next;
 824         struct ipfrag *tfp;
 825         struct ipq *qp;
 826         struct sk_buff *skb2;
 827         unsigned char *ptr;
 828         int flags, offset;
 829         int i, ihl, end;
 830 
 831         /* Find the entry of this IP datagram in the "incomplete datagrams" queue. */
 832         qp = ip_find(iph);
 833  
 834         /* Is this a non-fragmented datagram? */
 835         offset = ntohs(iph->frag_off);
 836         flags = offset & ~IP_OFFSET;
 837         offset &= IP_OFFSET;
 838         if (((flags & IP_MF) == 0) && (offset == 0)) {
 839                 if (qp != NULL)
 840                         ip_free(qp);    /* Huh? How could this exist?? */
 841                 return(skb);
 842         }
 843         offset <<= 3;           /* offset is in 8-byte chunks */
 844  
 845         /*
 846          * If the queue already existed, keep restarting its timer as long
 847          * as we still are receiving fragments.  Otherwise, create a fresh
 848          * queue entry.
 849          */
 850         if (qp != NULL) {
 851                 del_timer(&qp->timer);
 852                 qp->timer.expires = IP_FRAG_TIME;       /* about 30 seconds */
 853                 qp->timer.data = (unsigned long) qp;    /* pointer to queue */
 854                 qp->timer.function = ip_expire;         /* expire function */
 855                 add_timer(&qp->timer);
 856         } else {
 857                 if ((qp = ip_create(skb, iph, dev)) == NULL) {
 858                         skb->sk = NULL;
 859                         kfree_skb(skb, FREE_READ);
 860                         return NULL;
 861                 }
 862         }
 863 
 864         /* Determine the position of this fragment. */
 865         ihl = (iph->ihl * sizeof(unsigned long));
 866         end = offset + ntohs(iph->tot_len) - ihl;
 867  
 868         /* Point into the IP datagram 'data' part. */
 869         ptr = skb->data + dev->hard_header_len + ihl;
 870  
 871         /* Is this the final fragment? */
 872         if ((flags & IP_MF) == 0) 
 873                 qp->len = end;
 874  
 875         /*
 876          * Find out which fragments are in front and at the back of us
 877          * in the chain of fragments so far.  We must know where to put
 878          * this fragment, right?
 879          */
 880         prev = NULL;
 881         for(next = qp->fragments; next != NULL; next = next->next) 
 882         {
 883                 if (next->offset > offset) 
 884                         break;  /* bingo! */
 885                 prev = next;
 886         }       
 887  
 888         /*
 889          * We found where to put this one.
 890          * Check for overlap with preceeding fragment, and, if needed,
 891          * align things so that any overlaps are eliminated.
 892          */
 893         if (prev != NULL && offset < prev->end) 
 894         {
 895                 i = prev->end - offset;
 896                 offset += i;    /* ptr into datagram */
 897                 ptr += i;       /* ptr into fragment data */
 898                 DPRINTF((DBG_IP, "IP: defrag: fixed low overlap %d bytes\n", i));
 899         }       
 900  
 901         /*
 902          * Look for overlap with succeeding segments.
 903          * If we can merge fragments, do it.
 904          */
 905    
 906         for(; next != NULL; next = tfp) 
 907         {
 908                 tfp = next->next;
 909                 if (next->offset >= end) 
 910                         break;          /* no overlaps at all */
 911  
 912                 i = end - next->offset;                 /* overlap is 'i' bytes */
 913                 next->len -= i;                         /* so reduce size of    */
 914                 next->offset += i;                      /* next fragment        */
 915                 next->ptr += i;
 916                 
 917                 /* If we get a frag size of <= 0, remove it. */
 918                 if (next->len <= 0) 
 919                 {
 920                         DPRINTF((DBG_IP, "IP: defrag: removing frag 0x%X (len %d)\n",
 921                                                         next, next->len));
 922                         if (next->prev != NULL) 
 923                                 next->prev->next = next->next;
 924                         else 
 925                                 qp->fragments = next->next;
 926                 
 927                         if (tfp->next != NULL) 
 928                                 next->next->prev = next->prev;
 929                         
 930                         kfree_skb(next->skb, FREE_READ);
 931                         kfree_s(next, sizeof(struct ipfrag));
 932                 }
 933                 DPRINTF((DBG_IP, "IP: defrag: fixed high overlap %d bytes\n", i));
 934         }
 935  
 936         /* Insert this fragment in the chain of fragments. */
 937         tfp = NULL;
 938         tfp = ip_frag_create(offset, end, skb, ptr);
 939         if (!tfp) {
 940                 skb->sk = NULL;
 941                 kfree_skb(skb, FREE_READ);
 942                 return NULL;
 943         }
 944         tfp->prev = prev;
 945         tfp->next = next;
 946         if (prev != NULL) 
 947                 prev->next = tfp;
 948         else 
 949                 qp->fragments = tfp;
 950    
 951         if (next != NULL) 
 952                 next->prev = tfp;
 953  
 954         /*
 955          * OK, so we inserted this new fragment into the chain.
 956          * Check if we now have a full IP datagram which we can
 957          * bump up to the IP layer...
 958          */
 959    
 960         if (ip_done(qp)) 
 961         {
 962                 skb2 = ip_glue(qp);             /* glue together the fragments */
 963                 return(skb2);
 964         }
 965         return(NULL);
 966  }
 967  
 968  
 969  /*
 970   * This IP datagram is too large to be sent in one piece.  Break it up into
 971   * smaller pieces (each of size equal to the MAC header plus IP header plus
 972   * a block of the data of the original IP data part) that will yet fit in a
 973   * single device frame, and queue such a frame for sending by calling the
 974   * ip_queue_xmit().  Note that this is recursion, and bad things will happen
 975   * if this function causes a loop...
 976   */
 977  void ip_fragment(struct sock *sk, struct sk_buff *skb, struct device *dev, int is_frag)
     /* [previous][next][first][last][top][bottom][index][help] */
 978  {
 979         struct iphdr *iph;
 980         unsigned char *raw;
 981         unsigned char *ptr;
 982         struct sk_buff *skb2;
 983         int left, mtu, hlen, len;
 984         int offset;
 985  
 986         /* Point into the IP datagram header. */
 987         raw = skb->data;
 988         iph = (struct iphdr *) (raw + dev->hard_header_len);
 989 
 990         skb->ip_hdr = iph;
 991                 
 992         /* Setup starting values. */
 993         hlen = (iph->ihl * sizeof(unsigned long));
 994         left = ntohs(iph->tot_len) - hlen;
 995         hlen += dev->hard_header_len;
 996         mtu = (dev->mtu - hlen);
 997         ptr = (raw + hlen);
 998         
 999         DPRINTF((DBG_IP, "IP: Fragmentation Desired\n"));
1000         DPRINTF((DBG_IP, "    DEV=%s, MTU=%d, LEN=%d SRC=%s",
1001                 dev->name, dev->mtu, left, in_ntoa(iph->saddr)));
1002         DPRINTF((DBG_IP, " DST=%s\n", in_ntoa(iph->daddr)));
1003 
1004         if (mtu < 8)
1005                 return;
1006         /* Check for any "DF" flag. */
1007         if (ntohs(iph->frag_off) & IP_DF) 
1008         {
1009                 DPRINTF((DBG_IP, "IP: Fragmentation Desired, but DF set !\n"));
1010                 DPRINTF((DBG_IP, "    DEV=%s, MTU=%d, LEN=%d SRC=%s",
1011                         dev->name, dev->mtu, left, in_ntoa(iph->saddr)));
1012                 DPRINTF((DBG_IP, " DST=%s\n", in_ntoa(iph->daddr)));
1013  
1014                 icmp_send(skb,ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, dev); 
1015                 return;
1016         }
1017  
1018         /* Fragment the datagram. */
1019         if (is_frag & 2)
1020           offset = (ntohs(iph->frag_off) & 0x1fff) << 3;
1021         else
1022           offset = 0;
1023         while(left > 0) 
1024         {
1025                 len = left;
1026                 /* IF: it doesn't fit, use 'mtu' - the data space left */
1027                 if (len > mtu)
1028                         len = mtu;
1029                 /* IF: we are not sending upto and including the packet end
1030                    then align the next start on an eight byte boundary */
1031                 if (len < left)
1032                 {
1033                         len/=8;
1034                         len*=8;
1035                 }
1036                 DPRINTF((DBG_IP,"IP: frag: creating fragment of %d bytes (%d total)\n",
1037                                                         len, len + hlen));
1038  
1039                 /* Allocate buffer. */
1040                 if ((skb2 = alloc_skb(sizeof(struct sk_buff) + len + hlen,GFP_ATOMIC)) == NULL) 
1041                 {
1042                         printk("IP: frag: no memory for new fragment!\n");
1043                         return;
1044                 }
1045                 skb2->arp = skb->arp;
1046                 skb2->free = skb->free;
1047                 skb2->len = len + hlen;
1048                 skb2->h.raw=(char *) skb2->data;
1049  
1050                 if (sk) 
1051                         sk->wmem_alloc += skb2->mem_len;
1052  
1053                 /* Copy the packet header into the new buffer. */
1054                 memcpy(skb2->h.raw, raw, hlen);
1055  
1056                 /* Copy a block of the IP datagram. */
1057                 memcpy(skb2->h.raw + hlen, ptr, len);
1058                 left -= len;
1059 
1060                 skb2->h.raw+=dev->hard_header_len; 
1061                 /* Fill in the new header fields. */
1062                 iph = (struct iphdr *)(skb2->h.raw/*+dev->hard_header_len*/);
1063                 iph->frag_off = htons((offset >> 3));
1064                 /* Added AC : If we are fragmenting a fragment thats not the
1065                    last fragment then keep MF on each bit */
1066                 if (left > 0 || (is_frag & 1)) 
1067                         iph->frag_off |= htons(IP_MF);
1068                 ptr += len;
1069                 offset += len;
1070 /*              printk("Queue frag\n");*/
1071  
1072                 /* Put this fragment into the sending queue. */
1073                 ip_queue_xmit(sk, dev, skb2, 1);
1074 /*              printk("Queued\n");*/
1075         }
1076  }
1077  
1078 
1079 
1080 #ifdef CONFIG_IP_FORWARD
1081 
1082 /* Forward an IP datagram to its next destination. */
1083 static void
1084 ip_forward(struct sk_buff *skb, struct device *dev, int is_frag)
     /* [previous][next][first][last][top][bottom][index][help] */
1085 {
1086   struct device *dev2;
1087   struct iphdr *iph;
1088   struct sk_buff *skb2;
1089   struct rtable *rt;
1090   unsigned char *ptr;
1091   unsigned long raddr;
1092 
1093   /*
1094    * Only forward packets that were fired at us when we are in promiscuous
1095    * mode. In standard mode we rely on the driver to filter for us.
1096    */
1097    
1098   if(dev->flags&IFF_PROMISC)
1099   {
1100         if(memcmp((char *)&skb[1],dev->dev_addr,dev->addr_len))
1101                 return;
1102   }
1103   
1104   /*
1105    * According to the RFC, we must first decrease the TTL field. If
1106    * that reaches zero, we must reply an ICMP control message telling
1107    * that the packet's lifetime expired.
1108    */
1109   iph = skb->h.iph;
1110   iph->ttl--;
1111   if (iph->ttl <= 0) {
1112         DPRINTF((DBG_IP, "\nIP: *** datagram expired: TTL=0 (ignored) ***\n"));
1113         DPRINTF((DBG_IP, "    SRC = %s   ", in_ntoa(iph->saddr)));
1114         DPRINTF((DBG_IP, "    DST = %s (ignored)\n", in_ntoa(iph->daddr)));
1115 
1116         /* Tell the sender its packet died... */
1117         icmp_send(skb, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL, dev);
1118         return;
1119   }
1120 
1121   /* Re-compute the IP header checksum. */
1122   ip_send_check(iph);
1123 
1124   /*
1125    * OK, the packet is still valid.  Fetch its destination address,
1126    * and give it to the IP sender for further processing.
1127    */
1128   rt = rt_route(iph->daddr, NULL);
1129   if (rt == NULL) {
1130         DPRINTF((DBG_IP, "\nIP: *** routing (phase I) failed ***\n"));
1131 
1132         /* Tell the sender its packet cannot be delivered... */
1133         icmp_send(skb, ICMP_DEST_UNREACH, ICMP_NET_UNREACH, dev);
1134         return;
1135   }
1136 
1137 
1138   /*
1139    * Gosh.  Not only is the packet valid; we even know how to
1140    * forward it onto its final destination.  Can we say this
1141    * is being plain lucky?
1142    * If the router told us that there is no GW, use the dest.
1143    * IP address itself- we seem to be connected directly...
1144    */
1145   raddr = rt->rt_gateway;
1146   if (raddr != 0) {
1147         rt = rt_route(raddr, NULL);
1148         if (rt == NULL) {
1149                 DPRINTF((DBG_IP, "\nIP: *** routing (phase II) failed ***\n"));
1150 
1151                 /* Tell the sender its packet cannot be delivered... */
1152                 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, dev);
1153                 return;
1154         }
1155         if (rt->rt_gateway != 0) raddr = rt->rt_gateway;
1156   } else raddr = iph->daddr;
1157   dev2 = rt->rt_dev;
1158 
1159 
1160   if (dev == dev2)
1161         return;
1162   /*
1163    * We now allocate a new buffer, and copy the datagram into it.
1164    * If the indicated interface is up and running, kick it.
1165    */
1166   DPRINTF((DBG_IP, "\nIP: *** fwd %s -> ", in_ntoa(iph->saddr)));
1167   DPRINTF((DBG_IP, "%s (via %s), LEN=%d\n",
1168                         in_ntoa(raddr), dev2->name, skb->len));
1169 
1170   if (dev2->flags & IFF_UP) {
1171         skb2 = (struct sk_buff *) alloc_skb(sizeof(struct sk_buff) +
1172                        dev2->hard_header_len + skb->len, GFP_ATOMIC);
1173         if (skb2 == NULL) {
1174                 printk("\nIP: No memory available for IP forward\n");
1175                 return;
1176         }
1177         ptr = skb2->data;
1178         skb2->sk = NULL;
1179         skb2->free = 1;
1180         skb2->len = skb->len + dev2->hard_header_len;
1181         skb2->mem_addr = skb2;
1182         skb2->mem_len = sizeof(struct sk_buff) + skb2->len;
1183         skb2->next = NULL;
1184         skb2->h.raw = ptr;
1185 
1186         /* Copy the packet data into the new buffer. */
1187         memcpy(ptr + dev2->hard_header_len, skb->h.raw, skb->len);
1188                 
1189         /* Now build the MAC header. */
1190         (void) ip_send(skb2, raddr, skb->len, dev2, dev2->pa_addr);
1191 
1192         if(skb2->len > dev2->mtu)
1193         {
1194                 ip_fragment(NULL,skb2,dev2, is_frag);
1195                 kfree_skb(skb2,FREE_WRITE);
1196         }
1197         else
1198         {
1199                 if(iph->tos & IPTOS_LOWDELAY)
1200                         dev2->queue_xmit(skb2, dev2, SOPRI_INTERACTIVE);
1201                 else if(iph->tos & IPTOS_THROUGHPUT)
1202                         dev2->queue_xmit(skb2, dev2, SOPRI_BACKGROUND);
1203                 else
1204                         dev2->queue_xmit(skb2, dev2, SOPRI_NORMAL);
1205         }
1206   }
1207 }
1208 
1209 
1210 #endif
1211 
1212 /* This function receives all incoming IP datagrams. */
1213 int
1214 ip_rcv(struct sk_buff *skb, struct device *dev, struct packet_type *pt)
     /* [previous][next][first][last][top][bottom][index][help] */
1215 {
1216   struct iphdr *iph = skb->h.iph;
1217   unsigned char hash;
1218   unsigned char flag = 0;
1219   unsigned char opts_p = 0;     /* Set iff the packet has options. */
1220   struct inet_protocol *ipprot;
1221   static struct options opt; /* since we don't use these yet, and they
1222                                 take up stack space. */
1223   int brd;
1224   int is_frag=0;
1225 
1226   DPRINTF((DBG_IP, "<<\n"));
1227 
1228   skb->ip_hdr = iph;            /* Fragments can cause ICMP errors too! */
1229   /* Is the datagram acceptable? */
1230   if (skb->len<sizeof(struct iphdr) || iph->ihl<5 || iph->version != 4 || ip_fast_csum((unsigned char *)iph, iph->ihl) !=0) {
1231         DPRINTF((DBG_IP, "\nIP: *** datagram error ***\n"));
1232         DPRINTF((DBG_IP, "    SRC = %s   ", in_ntoa(iph->saddr)));
1233         DPRINTF((DBG_IP, "    DST = %s (ignored)\n", in_ntoa(iph->daddr)));
1234         skb->sk = NULL;
1235         kfree_skb(skb, FREE_WRITE);
1236         return(0);
1237   }
1238   
1239   if (iph->ihl != 5) {          /* Fast path for the typical optionless IP packet. */
1240       ip_print(iph);            /* Bogus, only for debugging. */
1241       memset((char *) &opt, 0, sizeof(opt));
1242       if (do_options(iph, &opt) != 0)
1243           return 0;
1244       opts_p = 1;
1245   }
1246 
1247   if (iph->frag_off & 0x0020)
1248         is_frag|=1;
1249   if (ntohs(iph->frag_off) & 0x1fff)
1250         is_frag|=2;
1251         
1252   /* Do any IP forwarding required.  chk_addr() is expensive -- avoid it someday. */
1253   if ((brd = chk_addr(iph->daddr)) == 0) {
1254 #ifdef CONFIG_IP_FORWARD
1255         ip_forward(skb, dev, is_frag);
1256 #else
1257         printk("Machine %x tried to use us as a forwarder to %x but we have forwarding disabled!\n",
1258                         iph->saddr,iph->daddr);
1259 #endif                  
1260         skb->sk = NULL;
1261         kfree_skb(skb, FREE_WRITE);
1262         return(0);
1263   }
1264 
1265   /*
1266    * Reassemble IP fragments. 
1267    */
1268 
1269   if(is_frag)
1270   {
1271 #ifdef CONFIG_IP_DEFRAG
1272         skb=ip_defrag(iph,skb,dev);
1273         if(skb==NULL)
1274         {
1275                 return 0;
1276         }
1277         iph=skb->h.iph;
1278 #else
1279         printk("\nIP: *** datagram fragmentation not yet implemented ***\n");
1280         printk("    SRC = %s   ", in_ntoa(iph->saddr));
1281         printk("    DST = %s (ignored)\n", in_ntoa(iph->daddr));
1282         icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, dev);
1283         skb->sk = NULL;
1284         kfree_skb(skb, FREE_WRITE);
1285         return(0);
1286 #endif
1287   }
1288 
1289 
1290 
1291   if(brd==IS_INVBCAST)
1292   {
1293 /*      printk("Invalid broadcast address from %x [target %x] (Probably they have a wrong netmask)\n",
1294                 iph->saddr,iph->daddr);*/
1295         skb->sk=NULL;
1296         kfree_skb(skb,FREE_WRITE);
1297         return(0);
1298   }
1299   
1300   /* Point into the IP datagram, just past the header. */
1301 
1302   skb->ip_hdr = iph;
1303   skb->h.raw += iph->ihl*4;
1304   hash = iph->protocol & (MAX_INET_PROTOS -1);
1305   for (ipprot = (struct inet_protocol *)inet_protos[hash];
1306        ipprot != NULL;
1307        ipprot=(struct inet_protocol *)ipprot->next)
1308     {
1309        struct sk_buff *skb2;
1310 
1311        if (ipprot->protocol != iph->protocol) continue;
1312        DPRINTF((DBG_IP, "Using protocol = %X:\n", ipprot));
1313        print_ipprot(ipprot);
1314 
1315        /*
1316         * See if we need to make a copy of it.  This will
1317         * only be set if more than one protocol wants it. 
1318         * and then not for the last one.
1319         */
1320        if (ipprot->copy) {
1321                 skb2 = alloc_skb(skb->mem_len, GFP_ATOMIC);
1322                 if (skb2 == NULL) 
1323                         continue;
1324                 memcpy(skb2, skb, skb->mem_len);
1325                 skb2->mem_addr = skb2;
1326                 skb2->ip_hdr = (struct iphdr *)(
1327                                 (unsigned long)skb2 +
1328                                 (unsigned long) skb->ip_hdr -
1329                                 (unsigned long)skb);
1330                 skb2->h.raw = (unsigned char *)(
1331                                 (unsigned long)skb2 +
1332                                 (unsigned long) skb->h.raw -
1333                                 (unsigned long)skb);
1334                 skb2->free=1;
1335         } else {
1336                 skb2 = skb;
1337         }
1338         flag = 1;
1339 
1340        /*
1341         * Pass on the datagram to each protocol that wants it,
1342         * based on the datagram protocol.  We should really
1343         * check the protocol handler's return values here...
1344         */
1345         ipprot->handler(skb2, dev, opts_p ? &opt : 0, iph->daddr,
1346                         (ntohs(iph->tot_len) - (iph->ihl * 4)),
1347                         iph->saddr, 0, ipprot);
1348 
1349   }
1350 
1351   /*
1352    * All protocols checked.
1353    * If this packet was a broadcast, we may *not* reply to it, since that
1354    * causes (proven, grin) ARP storms and a leakage of memory (i.e. all
1355    * ICMP reply messages get queued up for transmission...)
1356    */
1357   if (!flag) {
1358         if (brd != IS_BROADCAST)
1359                 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, dev);
1360         skb->sk = NULL;
1361         kfree_skb(skb, FREE_WRITE);
1362   }
1363 
1364   return(0);
1365 }
1366 
1367 
1368 /*
1369  * Queues a packet to be sent, and starts the transmitter
1370  * if necessary.  if free = 1 then we free the block after
1371  * transmit, otherwise we don't.
1372  * This routine also needs to put in the total length, and
1373  * compute the checksum.
1374  */
1375 void
1376 ip_queue_xmit(struct sock *sk, struct device *dev, 
     /* [previous][next][first][last][top][bottom][index][help] */
1377               struct sk_buff *skb, int free)
1378 {
1379   struct iphdr *iph;
1380   unsigned char *ptr;
1381 
1382   if (sk == NULL) free = 1;
1383   if (dev == NULL) {
1384         printk("IP: ip_queue_xmit dev = NULL\n");
1385         return;
1386   }
1387   IS_SKB(skb);
1388   skb->free = free;
1389   skb->dev = dev;
1390   skb->when = jiffies;
1391   
1392   DPRINTF((DBG_IP, ">>\n"));
1393   ptr = skb->data;
1394   ptr += dev->hard_header_len;
1395   iph = (struct iphdr *)ptr;
1396   skb->ip_hdr = iph;
1397   iph->tot_len = ntohs(skb->len-dev->hard_header_len);
1398 
1399   if(skb->len > dev->mtu)
1400   {
1401 /*      printk("Fragment!\n");*/
1402         ip_fragment(sk,skb,dev,0);
1403         IS_SKB(skb);
1404         kfree_skb(skb,FREE_WRITE);
1405         return;
1406   }
1407   
1408   ip_send_check(iph);
1409   ip_print(iph);
1410   skb->next = NULL;
1411 
1412   /* See if this is the one trashing our queue. Ross? */
1413   skb->magic = 1;
1414   if (!free) {
1415         skb->link3 = NULL;
1416         sk->packets_out++;
1417         cli();
1418         if (sk->send_head == NULL) {
1419                 sk->send_tail = skb;
1420                 sk->send_head = skb;
1421         } else {
1422                 /* See if we've got a problem. */
1423                 if (sk->send_tail == NULL) {
1424                         printk("IP: ***bug sk->send_tail == NULL != sk->send_head\n");
1425                         sort_send(sk);
1426                 } else {
1427                         sk->send_tail->link3 = skb;
1428                         sk->send_tail = skb;
1429                 }
1430         }
1431         sti();
1432         reset_timer(sk, TIME_WRITE, sk->rto);
1433   } else {
1434         skb->sk = sk;
1435   }
1436 
1437   /* If the indicated interface is up and running, kick it. */
1438   if (dev->flags & IFF_UP) {
1439         if (sk != NULL) {
1440                 dev->queue_xmit(skb, dev, sk->priority);
1441         } 
1442         else {
1443                 dev->queue_xmit(skb, dev, SOPRI_NORMAL);
1444         }
1445   } else {
1446         if (free) kfree_skb(skb, FREE_WRITE);
1447   }
1448 }
1449 
1450 
1451 void
1452 ip_do_retransmit(struct sock *sk, int all)
     /* [previous][next][first][last][top][bottom][index][help] */
1453 {
1454   struct sk_buff * skb;
1455   struct proto *prot;
1456   struct device *dev;
1457   int retransmits;
1458 
1459   prot = sk->prot;
1460   skb = sk->send_head;
1461   retransmits = sk->retransmits;
1462   while (skb != NULL) {
1463         dev = skb->dev;
1464         /* I know this can't happen but as it does.. */
1465         if(dev==NULL)
1466         {
1467                 printk("ip_retransmit: NULL device bug!\n");
1468                 goto oops;
1469         }
1470 
1471         IS_SKB(skb);
1472         
1473         /*
1474          * The rebuild_header function sees if the ARP is done.
1475          * If not it sends a new ARP request, and if so it builds
1476          * the header.
1477          */
1478         cli();  /* We might get interrupted by an arp reply here and fill
1479                    the frame in twice. Because of the technique used this
1480                    would be a little sad */
1481         if (!skb->arp) {
1482                 if (dev->rebuild_header(skb->data, dev)) {
1483                         sti();  /* Failed to rebuild - next */
1484                         if (!all) break;
1485                         skb = (struct sk_buff *)skb->link3;
1486                         continue;
1487                 }
1488         }
1489         skb->arp = 1;
1490         sti();
1491         skb->when = jiffies;
1492 
1493         /* If the interface is (still) up and running, kick it. */
1494         if (dev->flags & IFF_UP) {
1495                 if (sk && !skb_device_locked(skb))
1496                         dev->queue_xmit(skb, dev, sk->priority);
1497         /*        else dev->queue_xmit(skb, dev, SOPRI_NORMAL ); CANNOT HAVE SK=NULL HERE */
1498         }
1499 
1500 oops:   retransmits++;
1501         sk->prot->retransmits ++;
1502         if (!all) break;
1503 
1504         /* This should cut it off before we send too many packets. */
1505         if (sk->retransmits > sk->cong_window) break;
1506         skb = (struct sk_buff *)skb->link3;
1507   }
1508 }
1509 
1510 /*
1511  * This is the normal code called for timeouts.  It does the retransmission
1512  * and then does backoff.  ip_do_retransmit is separated out because
1513  * tcp_ack needs to send stuff from the retransmit queue without
1514  * initiating a backoff.
1515  */
1516 
1517 void
1518 ip_retransmit(struct sock *sk, int all)
     /* [previous][next][first][last][top][bottom][index][help] */
1519 {
1520   ip_do_retransmit(sk, all);
1521 
1522   /*
1523    * Increase the timeout each time we retransmit.  Note that
1524    * we do not increase the rtt estimate.  rto is initialized
1525    * from rtt, but increases here.  Jacobson (SIGCOMM 88) suggests
1526    * that doubling rto each time is the least we can get away with.
1527    * In KA9Q, Karns uses this for the first few times, and then
1528    * goes to quadratic.  netBSD doubles, but only goes up to *64,
1529    * and clamps at 1 to 64 sec afterwards.  Note that 120 sec is
1530    * defined in the protocol as the maximum possible RTT.  I guess
1531    * we'll have to use something other than TCP to talk to the
1532    * University of Mars.
1533    */
1534 
1535   sk->retransmits++;
1536   sk->backoff++;
1537   sk->rto = min(sk->rto << 1, 120*HZ);
1538   reset_timer(sk, TIME_WRITE, sk->rto);
1539 }
1540 
1541 /*
1542  *      Socket option code for IP. This is the end of the line after any TCP,UDP etc options on
1543  *      an IP socket.
1544  */
1545  
1546 int ip_setsockopt(struct sock *sk, int level, int optname, char *optval, int optlen)
     /* [previous][next][first][last][top][bottom][index][help] */
1547 {
1548         int val,err;
1549         
1550         if (optval == NULL) 
1551                 return(-EINVAL);
1552 
1553         err=verify_area(VERIFY_READ, optval, sizeof(int));
1554         if(err)
1555                 return err;
1556         
1557         val = get_fs_long((unsigned long *)optval);
1558 
1559         if(level!=SOL_IP)
1560                 return -EOPNOTSUPP;
1561 
1562         switch(optname)
1563         {
1564                 case IP_TOS:
1565                         if(val<0||val>255)
1566                                 return -EINVAL;
1567                         sk->ip_tos=val;
1568                         return 0;
1569                 case IP_TTL:
1570                         if(val<1||val>255)
1571                                 return -EINVAL;
1572                         sk->ip_ttl=val;
1573                         return 0;
1574                 /* IP_OPTIONS and friends go here eventually */
1575                 default:
1576                         return(-ENOPROTOOPT);
1577         }
1578 }
1579 
1580 int ip_getsockopt(struct sock *sk, int level, int optname, char *optval, int *optlen)
     /* [previous][next][first][last][top][bottom][index][help] */
1581 {
1582         int val,err;
1583         
1584         if(level!=SOL_IP)
1585                 return -EOPNOTSUPP;
1586                 
1587         switch(optname)
1588         {
1589                 case IP_TOS:
1590                         val=sk->ip_tos;
1591                         break;
1592                 case IP_TTL:
1593                         val=sk->ip_ttl;
1594                         break;
1595                 default:
1596                         return(-ENOPROTOOPT);
1597         }
1598         err=verify_area(VERIFY_WRITE, optlen, sizeof(int));
1599         if(err)
1600                 return err;
1601         put_fs_long(sizeof(int),(unsigned long *) optlen);
1602 
1603         err=verify_area(VERIFY_WRITE, optval, sizeof(int));
1604         if(err)
1605                 return err;
1606         put_fs_long(val,(unsigned long *)optval);
1607 
1608         return(0);
1609 }

/* [previous][next][first][last][top][bottom][index][help] */