![[first]](../icons/first.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[last]](../icons/last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[bottom]](../icons/bottom.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
1 /*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * The Internet Protocol (IP) module.
7 *
8 * Version: @(#)ip.c 1.0.16b 9/1/93
9 *
10 * Authors: Ross Biro, <bir7@leland.Stanford.Edu>
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Donald Becker, <becker@super.org>
13 * Alan Cox, <gw4pts@gw4pts.ampr.org>
14 * Richard Underwood
15 * Stefan Becker, <stefanb@yello.ping.de>
16 * Jorge Cwik, <jorge@laser.satlink.net>
17 * Arnt Gulbrandsen, <agulbra@nvg.unit.no>
18 *
19 *
20 * Fixes:
21 * Alan Cox : Commented a couple of minor bits of surplus code
22 * Alan Cox : Undefining IP_FORWARD doesn't include the code
23 * (just stops a compiler warning).
24 * Alan Cox : Frames with >=MAX_ROUTE record routes, strict routes or loose routes
25 * are junked rather than corrupting things.
26 * Alan Cox : Frames to bad broadcast subnets are dumped
27 * We used to process them non broadcast and
28 * boy could that cause havoc.
29 * Alan Cox : ip_forward sets the free flag on the
30 * new frame it queues. Still crap because
31 * it copies the frame but at least it
32 * doesn't eat memory too.
33 * Alan Cox : Generic queue code and memory fixes.
34 * Fred Van Kempen : IP fragment support (borrowed from NET2E)
35 * Gerhard Koerting: Forward fragmented frames correctly.
36 * Gerhard Koerting: Fixes to my fix of the above 8-).
37 * Gerhard Koerting: IP interface addressing fix.
38 * Linus Torvalds : More robustness checks
39 * Alan Cox : Even more checks: Still not as robust as it ought to be
40 * Alan Cox : Save IP header pointer for later
41 * Alan Cox : ip option setting
42 * Alan Cox : Use ip_tos/ip_ttl settings
43 * Alan Cox : Fragmentation bogosity removed
44 * (Thanks to Mark.Bush@prg.ox.ac.uk)
45 * Dmitry Gorodchanin : Send of a raw packet crash fix.
46 * Alan Cox : Silly ip bug when an overlength
47 * fragment turns up. Now frees the
48 * queue.
49 * Linus Torvalds/ : Memory leakage on fragmentation
50 * Alan Cox : handling.
51 * Gerhard Koerting: Forwarding uses IP priority hints
52 * Teemu Rantanen : Fragment problems.
53 * Alan Cox : General cleanup, comments and reformat
54 * Alan Cox : SNMP statistics
55 * Alan Cox : BSD address rule semantics. Also see
56 * UDP as there is a nasty checksum issue
57 * if you do things the wrong way.
58 * Alan Cox : Always defrag, moved IP_FORWARD to the config.in file
59 * Alan Cox : IP options adjust sk->priority.
60 * Pedro Roque : Fix mtu/length error in ip_forward.
61 * Alan Cox : Avoid ip_chk_addr when possible.
62 * Richard Underwood : IP multicasting.
63 * Alan Cox : Cleaned up multicast handlers.
64 * Alan Cox : RAW sockets demultiplex in the BSD style.
65 * Gunther Mayer : Fix the SNMP reporting typo
66 * Alan Cox : Always in group 224.0.0.1
67 * Pauline Middelink : Fast ip_checksum update when forwarding
68 * Masquerading support.
69 * Alan Cox : Multicast loopback error for 224.0.0.1
70 * Alan Cox : IP_MULTICAST_LOOP option.
71 * Alan Cox : Use notifiers.
72 * Bjorn Ekwall : Removed ip_csum (from slhc.c too)
73 * Bjorn Ekwall : Moved ip_fast_csum to ip.h (inline!)
74 * Stefan Becker : Send out ICMP HOST REDIRECT
75 * Arnt Gulbrandsen : ip_build_xmit
76 * Alan Cox : Per socket routing cache
77 * Alan Cox : Fixed routing cache, added header cache.
78 * Alan Cox : Loopback didnt work right in original ip_build_xmit - fixed it.
79 * Alan Cox : Only send ICMP_REDIRECT if src/dest are the same net.
80 * Alan Cox : Incoming IP option handling.
81 * Alan Cox : Set saddr on raw output frames as per BSD.
82 * Alan Cox : Stopped broadcast source route explosions.
83 * Alan Cox : Can disable source routing
84 * Takeshi Sone : Masquerading didn't work.
85 * Dave Bonn,Alan Cox : Faster IP forwarding whenever possible.
86 * Alan Cox : Memory leaks, tramples, misc debugging.
87 * Alan Cox : Fixed multicast (by popular demand 8))
88 * Alan Cox : Fixed forwarding (by even more popular demand 8))
89 * Alan Cox : Fixed SNMP statistics [I think]
90 * Gerhard Koerting : IP fragmentation forwarding fix
91 * Alan Cox : Device lock against page fault.
92 * Alan Cox : IP_HDRINCL facility.
93 *
94 *
95 *
96 * To Fix:
97 * IP option processing is mostly not needed. ip_forward needs to know about routing rules
98 * and time stamp but that's about all. Use the route mtu field here too
99 * IP fragmentation wants rewriting cleanly. The RFC815 algorithm is much more efficient
100 * and could be made very efficient with the addition of some virtual memory hacks to permit
101 * the allocation of a buffer that can then be 'grown' by twiddling page tables.
102 * Output fragmentation wants updating along with the buffer management to use a single
103 * interleaved copy algorithm so that fragmenting has a one copy overhead. Actual packet
104 * output should probably do its own fragmentation at the UDP/RAW layer. TCP shouldn't cause
105 * fragmentation anyway.
106 *
107 * FIXME: copy frag 0 iph to qp->iph
108 *
109 * This program is free software; you can redistribute it and/or
110 * modify it under the terms of the GNU General Public License
111 * as published by the Free Software Foundation; either version
112 * 2 of the License, or (at your option) any later version.
113 */
114
115 #include <asm/segment.h>
116 #include <asm/system.h>
117 #include <linux/types.h>
118 #include <linux/kernel.h>
119 #include <linux/sched.h>
120 #include <linux/mm.h>
121 #include <linux/string.h>
122 #include <linux/errno.h>
123 #include <linux/config.h>
124
125 #include <linux/socket.h>
126 #include <linux/sockios.h>
127 #include <linux/in.h>
128 #include <linux/inet.h>
129 #include <linux/netdevice.h>
130 #include <linux/etherdevice.h>
131 #include <linux/proc_fs.h>
132 #include <linux/stat.h>
133
134 #include <net/snmp.h>
135 #include <net/ip.h>
136 #include <net/protocol.h>
137 #include <net/route.h>
138 #include <net/tcp.h>
139 #include <net/udp.h>
140 #include <linux/skbuff.h>
141 #include <net/sock.h>
142 #include <net/arp.h>
143 #include <net/icmp.h>
144 #include <net/raw.h>
145 #include <net/checksum.h>
146 #include <linux/igmp.h>
147 #include <linux/ip_fw.h>
148 #include <linux/mroute.h>
149
150 #define CONFIG_IP_DEFRAG
151
152 extern int last_retran;
153 extern void sort_send(struct sock *sk);
154
155 #define min(a,b) ((a)<(b)?(a):(b))
156
157 /*
158 * SNMP management statistics
159 */
160
161 #ifdef CONFIG_IP_FORWARD
162 struct ip_mib ip_statistics={1,64,}; /* Forwarding=Yes, Default TTL=64 */
163 #else
164 struct ip_mib ip_statistics={2,64,}; /* Forwarding=No, Default TTL=64 */
165 #endif
166
167 /*
168 * Handle the issuing of an ioctl() request
169 * for the ip device. This is scheduled to
170 * disappear
171 */
172
173 int ip_ioctl(struct sock *sk, int cmd, unsigned long arg)
/* ![[next]](../icons/right.png)
![[first]](../icons/n_first.png)
![[top]](../icons/top.png)
*/
174 {
175 switch(cmd)
176 {
177 default:
178 return(-EINVAL);
179 }
180 }
181
182
183 /*
184 * Take an skb, and fill in the MAC header.
185 */
186
187 static int ip_send(struct sk_buff *skb, unsigned long daddr, int len, struct device *dev, unsigned long saddr)
/* ![[previous]](../icons/left.png)
*/
188 {
189 int mac = 0;
190
191 skb->dev = dev;
192 skb->arp = 1;
193 if (dev->hard_header)
194 {
195 /*
196 * Build a hardware header. Source address is our mac, destination unknown
197 * (rebuild header will sort this out)
198 */
199 skb_reserve(skb,(dev->hard_header_len+15)&~15); /* 16 byte aligned IP headers are good */
200 mac = dev->hard_header(skb, dev, ETH_P_IP, NULL, NULL, len);
201 if (mac < 0)
202 {
203 mac = -mac;
204 skb->arp = 0;
205 skb->raddr = daddr; /* next routing address */
206 }
207 }
208 return mac;
209 }
210
211 static int ip_send_room(struct sk_buff *skb, unsigned long daddr, int len, struct device *dev, unsigned long saddr)
/* */
212 {
213 int mac = 0;
214
215 skb->dev = dev;
216 skb->arp = 1;
217 if (dev->hard_header)
218 {
219 skb_reserve(skb,MAX_HEADER);
220 mac = dev->hard_header(skb, dev, ETH_P_IP, NULL, NULL, len);
221 if (mac < 0)
222 {
223 mac = -mac;
224 skb->arp = 0;
225 skb->raddr = daddr; /* next routing address */
226 }
227 }
228 return mac;
229 }
230
231 int ip_id_count = 0;
232
233 /*
234 * This routine builds the appropriate hardware/IP headers for
235 * the routine. It assumes that if *dev != NULL then the
236 * protocol knows what it's doing, otherwise it uses the
237 * routing/ARP tables to select a device struct.
238 */
239 int ip_build_header(struct sk_buff *skb, unsigned long saddr, unsigned long daddr,
/* */
240 struct device **dev, int type, struct options *opt, int len, int tos, int ttl)
241 {
242 struct rtable *rt;
243 unsigned long raddr;
244 int tmp;
245 unsigned long src;
246 struct iphdr *iph;
247
248 /*
249 * See if we need to look up the device.
250 */
251
252 #ifdef CONFIG_IP_MULTICAST
253 if(MULTICAST(daddr) && *dev==NULL && skb->sk && *skb->sk->ip_mc_name)
254 *dev=dev_get(skb->sk->ip_mc_name);
255 #endif
256 if (*dev == NULL)
257 {
258 if(skb->localroute)
259 rt = ip_rt_local(daddr, NULL, &src);
260 else
261 rt = ip_rt_route(daddr, NULL, &src);
262 if (rt == NULL)
263 {
264 ip_statistics.IpOutNoRoutes++;
265 return(-ENETUNREACH);
266 }
267
268 *dev = rt->rt_dev;
269 /*
270 * If the frame is from us and going off machine it MUST MUST MUST
271 * have the output device ip address and never the loopback
272 */
273 if (LOOPBACK(saddr) && !LOOPBACK(daddr))
274 saddr = src;/*rt->rt_dev->pa_addr;*/
275 raddr = rt->rt_gateway;
276
277 }
278 else
279 {
280 /*
281 * We still need the address of the first hop.
282 */
283 if(skb->localroute)
284 rt = ip_rt_local(daddr, NULL, &src);
285 else
286 rt = ip_rt_route(daddr, NULL, &src);
287 /*
288 * If the frame is from us and going off machine it MUST MUST MUST
289 * have the output device ip address and never the loopback
290 */
291 if (LOOPBACK(saddr) && !LOOPBACK(daddr))
292 saddr = src;/*rt->rt_dev->pa_addr;*/
293
294 raddr = (rt == NULL) ? 0 : rt->rt_gateway;
295 }
296
297 /*
298 * No source addr so make it our addr
299 */
300 if (saddr == 0)
301 saddr = src;
302
303 /*
304 * No gateway so aim at the real destination
305 */
306 if (raddr == 0)
307 raddr = daddr;
308
309 /*
310 * Now build the MAC header.
311 */
312
313 if(type==IPPROTO_TCP)
314 tmp = ip_send_room(skb, raddr, len, *dev, saddr);
315 else
316 tmp = ip_send(skb, raddr, len, *dev, saddr);
317
318 /*
319 * Book keeping
320 */
321
322 skb->dev = *dev;
323 skb->saddr = saddr;
324 if (skb->sk)
325 skb->sk->saddr = saddr;
326
327 /*
328 * Now build the IP header.
329 */
330
331 /*
332 * If we are using IPPROTO_RAW, then we don't need an IP header, since
333 * one is being supplied to us by the user
334 */
335
336 if(type == IPPROTO_RAW)
337 return (tmp);
338
339 /*
340 * Build the IP addresses
341 */
342
343 iph=(struct iphdr *)skb_put(skb,sizeof(struct iphdr));
344
345 iph->version = 4;
346 iph->ihl = 5;
347 iph->tos = tos;
348 iph->frag_off = 0;
349 iph->ttl = ttl;
350 iph->daddr = daddr;
351 iph->saddr = saddr;
352 iph->protocol = type;
353 skb->ip_hdr = iph;
354
355 return(20 + tmp); /* IP header plus MAC header size */
356 }
357
358
359 /*
360 * Generate a checksum for an outgoing IP datagram.
361 */
362
363 void ip_send_check(struct iphdr *iph)
/* */
364 {
365 iph->check = 0;
366 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
367 }
368
369 /************************ Fragment Handlers From NET2E **********************************/
370
371
372 /*
373 * This fragment handler is a bit of a heap. On the other hand it works quite
374 * happily and handles things quite well.
375 */
376
377 static struct ipq *ipqueue = NULL; /* IP fragment queue */
378
379 /*
380 * Create a new fragment entry.
381 */
382
383 static struct ipfrag *ip_frag_create(int offset, int end, struct sk_buff *skb, unsigned char *ptr)
/* */
384 {
385 struct ipfrag *fp;
386
387 fp = (struct ipfrag *) kmalloc(sizeof(struct ipfrag), GFP_ATOMIC);
388 if (fp == NULL)
389 {
390 NETDEBUG(printk("IP: frag_create: no memory left !\n"));
391 return(NULL);
392 }
393 memset(fp, 0, sizeof(struct ipfrag));
394
395 /* Fill in the structure. */
396 fp->offset = offset;
397 fp->end = end;
398 fp->len = end - offset;
399 fp->skb = skb;
400 fp->ptr = ptr;
401
402 return(fp);
403 }
404
405
406 /*
407 * Find the correct entry in the "incomplete datagrams" queue for
408 * this IP datagram, and return the queue entry address if found.
409 */
410
411 static struct ipq *ip_find(struct iphdr *iph)
/* */
412 {
413 struct ipq *qp;
414 struct ipq *qplast;
415
416 cli();
417 qplast = NULL;
418 for(qp = ipqueue; qp != NULL; qplast = qp, qp = qp->next)
419 {
420 if (iph->id== qp->iph->id && iph->saddr == qp->iph->saddr &&
421 iph->daddr == qp->iph->daddr && iph->protocol == qp->iph->protocol)
422 {
423 del_timer(&qp->timer); /* So it doesn't vanish on us. The timer will be reset anyway */
424 sti();
425 return(qp);
426 }
427 }
428 sti();
429 return(NULL);
430 }
431
432
433 /*
434 * Remove an entry from the "incomplete datagrams" queue, either
435 * because we completed, reassembled and processed it, or because
436 * it timed out.
437 */
438
439 static void ip_free(struct ipq *qp)
/* */
440 {
441 struct ipfrag *fp;
442 struct ipfrag *xp;
443
444 /*
445 * Stop the timer for this entry.
446 */
447
448 del_timer(&qp->timer);
449
450 /* Remove this entry from the "incomplete datagrams" queue. */
451 cli();
452 if (qp->prev == NULL)
453 {
454 ipqueue = qp->next;
455 if (ipqueue != NULL)
456 ipqueue->prev = NULL;
457 }
458 else
459 {
460 qp->prev->next = qp->next;
461 if (qp->next != NULL)
462 qp->next->prev = qp->prev;
463 }
464
465 /* Release all fragment data. */
466
467 fp = qp->fragments;
468 while (fp != NULL)
469 {
470 xp = fp->next;
471 IS_SKB(fp->skb);
472 kfree_skb(fp->skb,FREE_READ);
473 kfree_s(fp, sizeof(struct ipfrag));
474 fp = xp;
475 }
476
477 /* Release the IP header. */
478 kfree_s(qp->iph, 64 + 8);
479
480 /* Finally, release the queue descriptor itself. */
481 kfree_s(qp, sizeof(struct ipq));
482 sti();
483 }
484
485
486 /*
487 * Oops- a fragment queue timed out. Kill it and send an ICMP reply.
488 */
489
490 static void ip_expire(unsigned long arg)
/* */
491 {
492 struct ipq *qp;
493
494 qp = (struct ipq *)arg;
495
496 /*
497 * Send an ICMP "Fragment Reassembly Timeout" message.
498 */
499
500 ip_statistics.IpReasmTimeout++;
501 ip_statistics.IpReasmFails++;
502 /* This if is always true... shrug */
503 if(qp->fragments!=NULL)
504 icmp_send(qp->fragments->skb,ICMP_TIME_EXCEEDED,
505 ICMP_EXC_FRAGTIME, 0, qp->dev);
506
507 /*
508 * Nuke the fragment queue.
509 */
510 ip_free(qp);
511 }
512
513
514 /*
515 * Add an entry to the 'ipq' queue for a newly received IP datagram.
516 * We will (hopefully :-) receive all other fragments of this datagram
517 * in time, so we just create a queue for this datagram, in which we
518 * will insert the received fragments at their respective positions.
519 */
520
521 static struct ipq *ip_create(struct sk_buff *skb, struct iphdr *iph, struct device *dev)
/* */
522 {
523 struct ipq *qp;
524 int ihlen;
525
526 qp = (struct ipq *) kmalloc(sizeof(struct ipq), GFP_ATOMIC);
527 if (qp == NULL)
528 {
529 NETDEBUG(printk("IP: create: no memory left !\n"));
530 return(NULL);
531 skb->dev = qp->dev;
532 }
533 memset(qp, 0, sizeof(struct ipq));
534
535 /*
536 * Allocate memory for the IP header (plus 8 octets for ICMP).
537 */
538
539 ihlen = iph->ihl * 4;
540 qp->iph = (struct iphdr *) kmalloc(64 + 8, GFP_ATOMIC);
541 if (qp->iph == NULL)
542 {
543 NETDEBUG(printk("IP: create: no memory left !\n"));
544 kfree_s(qp, sizeof(struct ipq));
545 return(NULL);
546 }
547
548 memcpy(qp->iph, iph, ihlen + 8);
549 qp->len = 0;
550 qp->ihlen = ihlen;
551 qp->fragments = NULL;
552 qp->dev = dev;
553
554 /* Start a timer for this entry. */
555 qp->timer.expires = jiffies + IP_FRAG_TIME; /* about 30 seconds */
556 qp->timer.data = (unsigned long) qp; /* pointer to queue */
557 qp->timer.function = ip_expire; /* expire function */
558 add_timer(&qp->timer);
559
560 /* Add this entry to the queue. */
561 qp->prev = NULL;
562 cli();
563 qp->next = ipqueue;
564 if (qp->next != NULL)
565 qp->next->prev = qp;
566 ipqueue = qp;
567 sti();
568 return(qp);
569 }
570
571
572 /*
573 * See if a fragment queue is complete.
574 */
575
576 static int ip_done(struct ipq *qp)
/* */
577 {
578 struct ipfrag *fp;
579 int offset;
580
581 /* Only possible if we received the final fragment. */
582 if (qp->len == 0)
583 return(0);
584
585 /* Check all fragment offsets to see if they connect. */
586 fp = qp->fragments;
587 offset = 0;
588 while (fp != NULL)
589 {
590 if (fp->offset > offset)
591 return(0); /* fragment(s) missing */
592 offset = fp->end;
593 fp = fp->next;
594 }
595
596 /* All fragments are present. */
597 return(1);
598 }
599
600
601 /*
602 * Build a new IP datagram from all its fragments.
603 *
604 * FIXME: We copy here because we lack an effective way of handling lists
605 * of bits on input. Until the new skb data handling is in I'm not going
606 * to touch this with a bargepole.
607 */
608
609 static struct sk_buff *ip_glue(struct ipq *qp)
/* */
610 {
611 struct sk_buff *skb;
612 struct iphdr *iph;
613 struct ipfrag *fp;
614 unsigned char *ptr;
615 int count, len;
616
617 /*
618 * Allocate a new buffer for the datagram.
619 */
620 len = qp->ihlen + qp->len;
621
622 if ((skb = dev_alloc_skb(len)) == NULL)
623 {
624 ip_statistics.IpReasmFails++;
625 NETDEBUG(printk("IP: queue_glue: no memory for gluing queue %p\n", qp));
626 ip_free(qp);
627 return(NULL);
628 }
629
630 /* Fill in the basic details. */
631 skb_put(skb,len);
632 skb->h.raw = skb->data;
633 skb->free = 1;
634
635 /* Copy the original IP headers into the new buffer. */
636 ptr = (unsigned char *) skb->h.raw;
637 memcpy(ptr, ((unsigned char *) qp->iph), qp->ihlen);
638 ptr += qp->ihlen;
639
640 count = 0;
641
642 /* Copy the data portions of all fragments into the new buffer. */
643 fp = qp->fragments;
644 while(fp != NULL)
645 {
646 if(count+fp->len > skb->len)
647 {
648 NETDEBUG(printk("Invalid fragment list: Fragment over size.\n"));
649 ip_free(qp);
650 kfree_skb(skb,FREE_WRITE);
651 ip_statistics.IpReasmFails++;
652 return NULL;
653 }
654 memcpy((ptr + fp->offset), fp->ptr, fp->len);
655 count += fp->len;
656 fp = fp->next;
657 }
658
659 /* We glued together all fragments, so remove the queue entry. */
660 ip_free(qp);
661
662 /* Done with all fragments. Fixup the new IP header. */
663 iph = skb->h.iph;
664 iph->frag_off = 0;
665 iph->tot_len = htons((iph->ihl * 4) + count);
666 skb->ip_hdr = iph;
667
668 ip_statistics.IpReasmOKs++;
669 return(skb);
670 }
671
672
673 /*
674 * Process an incoming IP datagram fragment.
675 */
676
677 static struct sk_buff *ip_defrag(struct iphdr *iph, struct sk_buff *skb, struct device *dev)
/* */
678 {
679 struct ipfrag *prev, *next, *tmp;
680 struct ipfrag *tfp;
681 struct ipq *qp;
682 struct sk_buff *skb2;
683 unsigned char *ptr;
684 int flags, offset;
685 int i, ihl, end;
686
687 ip_statistics.IpReasmReqds++;
688
689 /* Find the entry of this IP datagram in the "incomplete datagrams" queue. */
690 qp = ip_find(iph);
691
692 /* Is this a non-fragmented datagram? */
693 offset = ntohs(iph->frag_off);
694 flags = offset & ~IP_OFFSET;
695 offset &= IP_OFFSET;
696 if (((flags & IP_MF) == 0) && (offset == 0))
697 {
698 if (qp != NULL)
699 ip_free(qp); /* Huh? How could this exist?? */
700 return(skb);
701 }
702
703 offset <<= 3; /* offset is in 8-byte chunks */
704
705 /*
706 * If the queue already existed, keep restarting its timer as long
707 * as we still are receiving fragments. Otherwise, create a fresh
708 * queue entry.
709 */
710
711 if (qp != NULL)
712 {
713 del_timer(&qp->timer);
714 qp->timer.expires = jiffies + IP_FRAG_TIME; /* about 30 seconds */
715 qp->timer.data = (unsigned long) qp; /* pointer to queue */
716 qp->timer.function = ip_expire; /* expire function */
717 add_timer(&qp->timer);
718 }
719 else
720 {
721 /*
722 * If we failed to create it, then discard the frame
723 */
724 if ((qp = ip_create(skb, iph, dev)) == NULL)
725 {
726 skb->sk = NULL;
727 kfree_skb(skb, FREE_READ);
728 ip_statistics.IpReasmFails++;
729 return NULL;
730 }
731 }
732
733 /*
734 * Determine the position of this fragment.
735 */
736
737 ihl = iph->ihl * 4;
738 end = offset + ntohs(iph->tot_len) - ihl;
739
740 /*
741 * Point into the IP datagram 'data' part.
742 */
743
744 ptr = skb->data + ihl;
745
746 /*
747 * Is this the final fragment?
748 */
749
750 if ((flags & IP_MF) == 0)
751 qp->len = end;
752
753 /*
754 * Find out which fragments are in front and at the back of us
755 * in the chain of fragments so far. We must know where to put
756 * this fragment, right?
757 */
758
759 prev = NULL;
760 for(next = qp->fragments; next != NULL; next = next->next)
761 {
762 if (next->offset > offset)
763 break; /* bingo! */
764 prev = next;
765 }
766
767 /*
768 * We found where to put this one.
769 * Check for overlap with preceding fragment, and, if needed,
770 * align things so that any overlaps are eliminated.
771 */
772 if (prev != NULL && offset < prev->end)
773 {
774 i = prev->end - offset;
775 offset += i; /* ptr into datagram */
776 ptr += i; /* ptr into fragment data */
777 }
778
779 /*
780 * Look for overlap with succeeding segments.
781 * If we can merge fragments, do it.
782 */
783
784 for(tmp=next; tmp != NULL; tmp = tfp)
785 {
786 tfp = tmp->next;
787 if (tmp->offset >= end)
788 break; /* no overlaps at all */
789
790 i = end - next->offset; /* overlap is 'i' bytes */
791 tmp->len -= i; /* so reduce size of */
792 tmp->offset += i; /* next fragment */
793 tmp->ptr += i;
794 /*
795 * If we get a frag size of <= 0, remove it and the packet
796 * that it goes with.
797 */
798 if (tmp->len <= 0)
799 {
800 if (tmp->prev != NULL)
801 tmp->prev->next = tmp->next;
802 else
803 qp->fragments = tmp->next;
804
805 if (tfp->next != NULL)
806 tmp->next->prev = tmp->prev;
807
808 next=tfp; /* We have killed the original next frame */
809
810 kfree_skb(tmp->skb,FREE_READ);
811 kfree_s(tmp, sizeof(struct ipfrag));
812 }
813 }
814
815 /*
816 * Insert this fragment in the chain of fragments.
817 */
818
819 tfp = NULL;
820 tfp = ip_frag_create(offset, end, skb, ptr);
821
822 /*
823 * No memory to save the fragment - so throw the lot
824 */
825
826 if (!tfp)
827 {
828 skb->sk = NULL;
829 kfree_skb(skb, FREE_READ);
830 return NULL;
831 }
832 tfp->prev = prev;
833 tfp->next = next;
834 if (prev != NULL)
835 prev->next = tfp;
836 else
837 qp->fragments = tfp;
838
839 if (next != NULL)
840 next->prev = tfp;
841
842 /*
843 * OK, so we inserted this new fragment into the chain.
844 * Check if we now have a full IP datagram which we can
845 * bump up to the IP layer...
846 */
847
848 if (ip_done(qp))
849 {
850 skb2 = ip_glue(qp); /* glue together the fragments */
851 return(skb2);
852 }
853 return(NULL);
854 }
855
856
857 /*
858 * This IP datagram is too large to be sent in one piece. Break it up into
859 * smaller pieces (each of size equal to the MAC header plus IP header plus
860 * a block of the data of the original IP data part) that will yet fit in a
861 * single device frame, and queue such a frame for sending by calling the
862 * ip_queue_xmit(). Note that this is recursion, and bad things will happen
863 * if this function causes a loop...
864 *
865 * Yes this is inefficient, feel free to submit a quicker one.
866 *
867 * **Protocol Violation**
868 * We copy all the options to each fragment. !FIXME!
869 */
870
871 void ip_fragment(struct sock *sk, struct sk_buff *skb, struct device *dev, int is_frag)
/* */
872 {
873 struct iphdr *iph;
874 unsigned char *raw;
875 unsigned char *ptr;
876 struct sk_buff *skb2;
877 int left, mtu, hlen, len;
878 int offset;
879 unsigned long flags;
880
881 /*
882 * Point into the IP datagram header.
883 */
884
885 raw = skb->data;
886 #if 0
887 iph = (struct iphdr *) (raw + dev->hard_header_len);
888 skb->ip_hdr = iph;
889 #else
890 iph = skb->ip_hdr;
891 #endif
892
893 /*
894 * Setup starting values.
895 */
896
897 hlen = iph->ihl * 4;
898 left = ntohs(iph->tot_len) - hlen; /* Space per frame */
899 hlen += dev->hard_header_len; /* Total header size */
900 mtu = (dev->mtu - hlen); /* Size of data space */
901 ptr = (raw + hlen); /* Where to start from */
902
903 /*
904 * Check for any "DF" flag. [DF means do not fragment]
905 */
906
907 if (ntohs(iph->frag_off) & IP_DF)
908 {
909 /*
910 * Reply giving the MTU of the failed hop.
911 */
912 ip_statistics.IpFragFails++;
913 icmp_send(skb,ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, dev->mtu, dev);
914 return;
915 }
916
917 /*
918 * The protocol doesn't seem to say what to do in the case that the
919 * frame + options doesn't fit the mtu. As it used to fall down dead
920 * in this case we were fortunate it didn't happen
921 */
922
923 if(mtu<8)
924 {
925 /* It's wrong but it's better than nothing */
926 icmp_send(skb,ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED,dev->mtu, dev);
927 ip_statistics.IpFragFails++;
928 return;
929 }
930
931 /*
932 * Fragment the datagram.
933 */
934
935 /*
936 * The initial offset is 0 for a complete frame. When
937 * fragmenting fragments it's wherever this one starts.
938 */
939
940 if (is_frag & 2)
941 offset = (ntohs(iph->frag_off) & IP_OFFSET) << 3;
942 else
943 offset = 0;
944
945
946 /*
947 * Keep copying data until we run out.
948 */
949
950 while(left > 0)
951 {
952 len = left;
953 /* IF: it doesn't fit, use 'mtu' - the data space left */
954 if (len > mtu)
955 len = mtu;
956 /* IF: we are not sending upto and including the packet end
957 then align the next start on an eight byte boundary */
958 if (len < left)
959 {
960 len/=8;
961 len*=8;
962 }
963 /*
964 * Allocate buffer.
965 */
966
967 if ((skb2 = alloc_skb(len + hlen+15,GFP_ATOMIC)) == NULL)
968 {
969 NETDEBUG(printk("IP: frag: no memory for new fragment!\n"));
970 ip_statistics.IpFragFails++;
971 return;
972 }
973
974 /*
975 * Set up data on packet
976 */
977
978 skb2->arp = skb->arp;
979 if(skb->free==0)
980 printk("IP fragmenter: BUG free!=1 in fragmenter\n");
981 skb2->free = 1;
982 skb_put(skb2,len + hlen);
983 skb2->h.raw=(char *) skb2->data;
984 /*
985 * Charge the memory for the fragment to any owner
986 * it might possess
987 */
988
989 save_flags(flags);
990 if (sk)
991 {
992 cli();
993 sk->wmem_alloc += skb2->truesize;
994 skb2->sk=sk;
995 }
996 restore_flags(flags);
997 skb2->raddr = skb->raddr; /* For rebuild_header - must be here */
998
999 /*
1000 * Copy the packet header into the new buffer.
1001 */
1002
1003 memcpy(skb2->h.raw, raw, hlen);
1004
1005 /*
1006 * Copy a block of the IP datagram.
1007 */
1008 memcpy(skb2->h.raw + hlen, ptr, len);
1009 left -= len;
1010
1011 skb2->h.raw+=dev->hard_header_len;
1012
1013 /*
1014 * Fill in the new header fields.
1015 */
1016 iph = (struct iphdr *)(skb2->h.raw/*+dev->hard_header_len*/);
1017 iph->frag_off = htons((offset >> 3));
1018 skb2->ip_hdr = iph;
1019 /*
1020 * Added AC : If we are fragmenting a fragment thats not the
1021 * last fragment then keep MF on each bit
1022 */
1023 if (left > 0 || (is_frag & 1))
1024 iph->frag_off |= htons(IP_MF);
1025 ptr += len;
1026 offset += len;
1027
1028 /*
1029 * Put this fragment into the sending queue.
1030 */
1031
1032 ip_statistics.IpFragCreates++;
1033
1034 ip_queue_xmit(sk, dev, skb2, 2);
1035 }
1036 ip_statistics.IpFragOKs++;
1037 }
1038
1039
1040
1041 #ifdef CONFIG_IP_FORWARD
1042
1043 /*
1044 * Forward an IP datagram to its next destination.
1045 */
1046
1047 int ip_forward(struct sk_buff *skb, struct device *dev, int is_frag, unsigned long target_addr, int target_strict)
/* */
1048 {
1049 struct device *dev2; /* Output device */
1050 struct iphdr *iph; /* Our header */
1051 struct sk_buff *skb2; /* Output packet */
1052 struct rtable *rt; /* Route we use */
1053 unsigned char *ptr; /* Data pointer */
1054 unsigned long raddr; /* Router IP address */
1055 #ifdef CONFIG_IP_FIREWALL
1056 int fw_res = 0; /* Forwarding result */
1057
1058 /*
1059 * See if we are allowed to forward this.
1060 * Note: demasqueraded fragments are always 'back'warded.
1061 */
1062
1063
1064 if(!(is_frag&4))
1065 {
1066 fw_res=ip_fw_chk(skb->h.iph, dev, ip_fw_fwd_chain, ip_fw_fwd_policy, 0);
1067 switch (fw_res) {
1068 case 1:
1069 #ifdef CONFIG_IP_MASQUERADE
1070 case 2:
1071 #endif
1072 break;
1073 case -1:
1074 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0, dev);
1075 /* fall thru */
1076 default:
1077 return -1;
1078 }
1079 }
1080 #endif
1081 /*
1082 * According to the RFC, we must first decrease the TTL field. If
1083 * that reaches zero, we must reply an ICMP control message telling
1084 * that the packet's lifetime expired.
1085 *
1086 * Exception:
1087 * We may not generate an ICMP for an ICMP. icmp_send does the
1088 * enforcement of this so we can forget it here. It is however
1089 * sometimes VERY important.
1090 */
1091
1092 iph = skb->h.iph;
1093 iph->ttl--;
1094
1095 /*
1096 * Re-compute the IP header checksum.
1097 * This is inefficient. We know what has happened to the header
1098 * and could thus adjust the checksum as Phil Karn does in KA9Q
1099 */
1100
1101 iph->check = ntohs(iph->check) + 0x0100;
1102 if ((iph->check & 0xFF00) == 0)
1103 iph->check++; /* carry overflow */
1104 iph->check = htons(iph->check);
1105
1106 if (iph->ttl <= 0)
1107 {
1108 /* Tell the sender its packet died... */
1109 icmp_send(skb, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL, 0, dev);
1110 return -1;
1111 }
1112
1113 /*
1114 * OK, the packet is still valid. Fetch its destination address,
1115 * and give it to the IP sender for further processing.
1116 */
1117
1118 rt = ip_rt_route(target_addr, NULL, NULL);
1119 if (rt == NULL)
1120 {
1121 /*
1122 * Tell the sender its packet cannot be delivered. Again
1123 * ICMP is screened later.
1124 */
1125 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_NET_UNREACH, 0, dev);
1126 return -1;
1127 }
1128
1129
1130 /*
1131 * Gosh. Not only is the packet valid; we even know how to
1132 * forward it onto its final destination. Can we say this
1133 * is being plain lucky?
1134 * If the router told us that there is no GW, use the dest.
1135 * IP address itself- we seem to be connected directly...
1136 */
1137
1138 raddr = rt->rt_gateway;
1139
1140 if (raddr != 0)
1141 {
1142 /*
1143 * Strict routing permits no gatewaying
1144 */
1145
1146 if(target_strict)
1147 {
1148 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_SR_FAILED, 0, dev);
1149 return -1;
1150 }
1151
1152 /*
1153 * There is a gateway so find the correct route for it.
1154 * Gateways cannot in turn be gatewayed.
1155 */
1156
1157 rt = ip_rt_route(raddr, NULL, NULL);
1158 if (rt == NULL)
1159 {
1160 /*
1161 * Tell the sender its packet cannot be delivered...
1162 */
1163 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0, dev);
1164 return -1;
1165 }
1166 if (rt->rt_gateway != 0)
1167 raddr = rt->rt_gateway;
1168 }
1169 else
1170 raddr = target_addr;
1171
1172 /*
1173 * Having picked a route we can now send the frame out.
1174 */
1175
1176 dev2 = rt->rt_dev;
1177
1178 /*
1179 * In IP you never have to forward a frame on the interface that it
1180 * arrived upon. We now generate an ICMP HOST REDIRECT giving the route
1181 * we calculated.
1182 */
1183 #ifndef CONFIG_IP_NO_ICMP_REDIRECT
1184 if (dev == dev2 && !((iph->saddr^iph->daddr)&dev->pa_mask) && (rt->rt_flags&RTF_MODIFIED))
1185 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, raddr, dev);
1186 #endif
1187
1188 /*
1189 * We now may allocate a new buffer, and copy the datagram into it.
1190 * If the indicated interface is up and running, kick it.
1191 */
1192
1193 if (dev2->flags & IFF_UP)
1194 {
1195 #ifdef CONFIG_IP_MASQUERADE
1196 /*
1197 * If this fragment needs masquerading, make it so...
1198 * (Dont masquerade de-masqueraded fragments)
1199 */
1200 if (!(is_frag&4) && fw_res==2)
1201 ip_fw_masquerade(&skb, dev2);
1202 #endif
1203 IS_SKB(skb);
1204
1205 if(skb_headroom(skb)<dev2->hard_header_len)
1206 {
1207 skb2 = alloc_skb(dev2->hard_header_len + skb->len + 15, GFP_ATOMIC);
1208 IS_SKB(skb2);
1209
1210 /*
1211 * This is rare and since IP is tolerant of network failures
1212 * quite harmless.
1213 */
1214
1215 if (skb2 == NULL)
1216 {
1217 NETDEBUG(printk("\nIP: No memory available for IP forward\n"));
1218 return -1;
1219 }
1220
1221 /*
1222 * Add the physical headers.
1223 */
1224
1225 ip_send(skb2,raddr,skb->len,dev2,dev2->pa_addr);
1226
1227 /*
1228 * We have to copy the bytes over as the new header wouldn't fit
1229 * the old buffer. This should be very rare.
1230 */
1231
1232 ptr = skb_put(skb2,skb->len);
1233 skb2->free = 1;
1234 skb2->h.raw = ptr;
1235
1236 /*
1237 * Copy the packet data into the new buffer.
1238 */
1239 memcpy(ptr, skb->h.raw, skb->len);
1240 }
1241 else
1242 {
1243 /*
1244 * Build a new MAC header.
1245 */
1246
1247 skb2 = skb;
1248 skb2->dev=dev2;
1249 skb->arp=1;
1250 skb->raddr=raddr;
1251 if(dev2->hard_header)
1252 {
1253 if(dev2->hard_header(skb, dev2, ETH_P_IP, NULL, NULL, skb->len)<0)
1254 skb->arp=0;
1255 }
1256 ip_statistics.IpForwDatagrams++;
1257 }
1258 /*
1259 * See if it needs fragmenting. Note in ip_rcv we tagged
1260 * the fragment type. This must be right so that
1261 * the fragmenter does the right thing.
1262 */
1263
1264 if(skb2->len > dev2->mtu + dev2->hard_header_len)
1265 {
1266 ip_fragment(NULL,skb2,dev2, is_frag);
1267 kfree_skb(skb2,FREE_WRITE);
1268 }
1269 else
1270 {
1271 #ifdef CONFIG_IP_ACCT
1272 /*
1273 * Count mapping we shortcut
1274 */
1275
1276 ip_fw_chk(iph,dev,ip_acct_chain,IP_FW_F_ACCEPT,1);
1277 #endif
1278
1279 /*
1280 * Map service types to priority. We lie about
1281 * throughput being low priority, but it's a good
1282 * choice to help improve general usage.
1283 */
1284 if(iph->tos & IPTOS_LOWDELAY)
1285 dev_queue_xmit(skb2, dev2, SOPRI_INTERACTIVE);
1286 else if(iph->tos & IPTOS_THROUGHPUT)
1287 dev_queue_xmit(skb2, dev2, SOPRI_BACKGROUND);
1288 else
1289 dev_queue_xmit(skb2, dev2, SOPRI_NORMAL);
1290 }
1291 }
1292 else
1293 return -1;
1294
1295 /*
1296 * Tell the caller if their buffer is free.
1297 */
1298
1299 if(skb==skb2)
1300 return 0;
1301 return 1;
1302 }
1303
1304
1305 #endif
1306
1307 /*
1308 * This function receives all incoming IP datagrams.
1309 *
1310 * On entry skb->data points to the start of the IP header and
1311 * the MAC header has been removed.
1312 */
1313
1314 int ip_rcv(struct sk_buff *skb, struct device *dev, struct packet_type *pt)
/* */
1315 {
1316 struct iphdr *iph = skb->h.iph;
1317 struct sock *raw_sk=NULL;
1318 unsigned char hash;
1319 unsigned char flag = 0;
1320 struct inet_protocol *ipprot;
1321 int brd=IS_MYADDR;
1322 unsigned long target_addr;
1323 int target_strict=0;
1324 int is_frag=0;
1325 #ifdef CONFIG_IP_FIREWALL
1326 int err;
1327 #endif
1328
1329 #ifdef CONFIG_NET_IPV6
1330 /*
1331 * Intercept IPv6 frames. We dump ST-II and invalid types just below..
1332 */
1333
1334 if(iph->version == 6)
1335 return ipv6_rcv(skb,dev,pt);
1336 #endif
1337
1338 ip_statistics.IpInReceives++;
1339
1340 /*
1341 * Tag the ip header of this packet so we can find it
1342 */
1343
1344 skb->ip_hdr = iph;
1345
1346 /*
1347 * RFC1122: 3.1.2.2 MUST silently discard any IP frame that fails the checksum.
1348 * RFC1122: 3.1.2.3 MUST discard a frame with invalid source address [NEEDS FIXING].
1349 *
1350 * Is the datagram acceptable?
1351 *
1352 * 1. Length at least the size of an ip header
1353 * 2. Version of 4
1354 * 3. Checksums correctly. [Speed optimisation for later, skip loopback checksums]
1355 * 4. Doesn't have a bogus length
1356 * (5. We ought to check for IP multicast addresses and undefined types.. does this matter ?)
1357 */
1358
1359 if (skb->len<sizeof(struct iphdr) || iph->ihl<5 || iph->version != 4 || ip_fast_csum((unsigned char *)iph, iph->ihl) !=0
1360 || skb->len < ntohs(iph->tot_len))
1361 {
1362 ip_statistics.IpInHdrErrors++;
1363 kfree_skb(skb, FREE_WRITE);
1364 return(0);
1365 }
1366
1367 /*
1368 * Our transport medium may have padded the buffer out. Now we know it
1369 * is IP we can trim to the true length of the frame.
1370 * Note this now means skb->len holds ntohs(iph->tot_len).
1371 */
1372
1373 skb_trim(skb,ntohs(iph->tot_len));
1374
1375 /*
1376 * See if the firewall wants to dispose of the packet.
1377 */
1378
1379 #ifdef CONFIG_IP_FIREWALL
1380
1381 if ((err=ip_fw_chk(iph,dev,ip_fw_blk_chain,ip_fw_blk_policy, 0))<1)
1382 {
1383 if(err==-1)
1384 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0, dev);
1385 kfree_skb(skb, FREE_WRITE);
1386 return 0;
1387 }
1388
1389 #endif
1390
1391
1392 /*
1393 * Next analyse the packet for options. Studies show under one packet in
1394 * a thousand have options....
1395 */
1396
1397 target_addr = iph->daddr;
1398
1399 if (iph->ihl != 5)
1400 {
1401 /* Humph.. options. Lots of annoying fiddly bits */
1402
1403 /*
1404 * This is straight from the RFC. It might even be right ;)
1405 *
1406 * RFC 1122: 3.2.1.8 STREAMID option is obsolete and MUST be ignored.
1407 * RFC 1122: 3.2.1.8 MUST NOT crash on a zero length option.
1408 * RFC 1122: 3.2.1.8 MUST support acting as final destination of a source route.
1409 */
1410
1411 int opt_space=4*(iph->ihl-5);
1412 int opt_size;
1413 unsigned char *opt_ptr=skb->h.raw+sizeof(struct iphdr);
1414
1415 skb->ip_summed=0; /* Our free checksum is bogus for this case */
1416
1417 while(opt_space>0)
1418 {
1419 if(*opt_ptr==IPOPT_NOOP)
1420 {
1421 opt_ptr++;
1422 opt_space--;
1423 continue;
1424 }
1425 if(*opt_ptr==IPOPT_END)
1426 break; /* Done */
1427 if(opt_space<2 || (opt_size=opt_ptr[1])<2 || opt_ptr[1]>opt_space)
1428 {
1429 /*
1430 * RFC 1122: 3.2.2.5 SHOULD send parameter problem reports.
1431 */
1432 icmp_send(skb, ICMP_PARAMETERPROB, 0, 0, skb->dev);
1433 kfree_skb(skb, FREE_READ);
1434 return -EINVAL;
1435 }
1436 switch(opt_ptr[0])
1437 {
1438 case IPOPT_SEC:
1439 /* Should we drop this ?? */
1440 break;
1441 case IPOPT_SSRR: /* These work almost the same way */
1442 target_strict=1;
1443 /* Fall through */
1444 case IPOPT_LSRR:
1445 #ifdef CONFIG_IP_NOSR
1446 kfree_skb(skb, FREE_READ);
1447 return -EINVAL;
1448 #endif
1449 case IPOPT_RR:
1450 /*
1451 * RFC 1122: 3.2.1.8 Support for RR is OPTIONAL.
1452 */
1453 if (iph->daddr!=skb->dev->pa_addr && (brd = ip_chk_addr(iph->daddr)) == 0)
1454 break;
1455 if((opt_size<3) || ( opt_ptr[0]==IPOPT_RR && opt_ptr[2] > opt_size-4 ))
1456 {
1457 if(ip_chk_addr(iph->daddr))
1458 icmp_send(skb, ICMP_PARAMETERPROB, 0, 0, skb->dev);
1459 kfree_skb(skb, FREE_READ);
1460 return -EINVAL;
1461 }
1462 if(opt_ptr[2] > opt_size-4 )
1463 break;
1464 /* Bytes are [IPOPT_xxRR][Length][EntryPointer][Entry0][Entry1].... */
1465 /* This isn't going to be too portable - FIXME */
1466 if(opt_ptr[0]!=IPOPT_RR)
1467 {
1468 int t;
1469 target_addr=*(u32 *)(&opt_ptr[opt_ptr[2]]); /* Get hop */
1470 t=ip_chk_addr(target_addr);
1471 if(t==IS_MULTICAST||t==IS_BROADCAST)
1472 {
1473 if(ip_chk_addr(iph->daddr))
1474 icmp_send(skb, ICMP_PARAMETERPROB, 0, 0, skb->dev);
1475 kfree_skb(skb,FREE_READ);
1476 return -EINVAL;
1477 }
1478 }
1479 *(u32 *)(&opt_ptr[opt_ptr[2]])=skb->dev->pa_addr; /* Record hop */
1480 break;
1481 case IPOPT_TIMESTAMP:
1482 /*
1483 * RFC 1122: 3.2.1.8 The timestamp option is OPTIONAL but if implemented
1484 * MUST meet various rules (read the spec).
1485 */
1486 NETDEBUG(printk("ICMP: Someone finish the timestamp routine ;)\n"));
1487 break;
1488 default:
1489 break;
1490 }
1491 opt_ptr+=opt_size;
1492 opt_space-=opt_size;
1493 }
1494
1495 }
1496
1497
1498 /*
1499 * Remember if the frame is fragmented.
1500 */
1501
1502 if(iph->frag_off)
1503 {
1504 if (iph->frag_off & htons(IP_MF))
1505 is_frag|=1;
1506 /*
1507 * Last fragment ?
1508 */
1509
1510 if (iph->frag_off & htons(IP_OFFSET))
1511 is_frag|=2;
1512 }
1513
1514 /*
1515 * Do any IP forwarding required. chk_addr() is expensive -- avoid it someday.
1516 *
1517 * This is inefficient. While finding out if it is for us we could also compute
1518 * the routing table entry. This is where the great unified cache theory comes
1519 * in as and when someone implements it
1520 *
1521 * For most hosts over 99% of packets match the first conditional
1522 * and don't go via ip_chk_addr. Note: brd is set to IS_MYADDR at
1523 * function entry.
1524 */
1525
1526 if ( iph->daddr == skb->dev->pa_addr || (brd = ip_chk_addr(iph->daddr)) != 0)
1527 {
1528 #ifdef CONFIG_IP_MULTICAST
1529 if(!(dev->flags&IFF_ALLMULTI) && brd==IS_MULTICAST && iph->daddr!=IGMP_ALL_HOSTS && !(dev->flags&IFF_LOOPBACK))
1530 {
1531 /*
1532 * Check it is for one of our groups
1533 */
1534 struct ip_mc_list *ip_mc=dev->ip_mc_list;
1535 do
1536 {
1537 if(ip_mc==NULL)
1538 {
1539 kfree_skb(skb, FREE_WRITE);
1540 return 0;
1541 }
1542 if(ip_mc->multiaddr==iph->daddr)
1543 break;
1544 ip_mc=ip_mc->next;
1545 }
1546 while(1);
1547 }
1548 #endif
1549
1550 #ifdef CONFIG_IP_MASQUERADE
1551 /*
1552 * Do we need to de-masquerade this fragment?
1553 */
1554 if (ip_fw_demasquerade(skb))
1555 {
1556 struct iphdr *iph=skb->h.iph;
1557 if(ip_forward(skb, dev, is_frag|4, iph->daddr, 0))
1558 kfree_skb(skb, FREE_WRITE);
1559 return(0);
1560 }
1561 #endif
1562
1563 /*
1564 * Account for the packet
1565 */
1566
1567 #ifdef CONFIG_IP_ACCT
1568 ip_fw_chk(iph,dev,ip_acct_chain,IP_FW_F_ACCEPT,1);
1569 #endif
1570
1571 /*
1572 * Reassemble IP fragments.
1573 */
1574
1575 if(is_frag)
1576 {
1577 /* Defragment. Obtain the complete packet if there is one */
1578 skb=ip_defrag(iph,skb,dev);
1579 if(skb==NULL)
1580 return 0;
1581 skb->dev = dev;
1582 iph=skb->h.iph;
1583 }
1584
1585 /*
1586 * Point into the IP datagram, just past the header.
1587 */
1588
1589 skb->ip_hdr = iph;
1590 skb->h.raw += iph->ihl*4;
1591
1592 /*
1593 * Deliver to raw sockets. This is fun as to avoid copies we want to make no surplus copies.
1594 *
1595 * RFC 1122: SHOULD pass TOS value up to the transport layer.
1596 */
1597
1598 hash = iph->protocol & (SOCK_ARRAY_SIZE-1);
1599
1600 /*
1601 * If there maybe a raw socket we must check - if not we don't care less
1602 */
1603
1604 if((raw_sk=raw_prot.sock_array[hash])!=NULL)
1605 {
1606 struct sock *sknext=NULL;
1607 struct sk_buff *skb1;
1608 raw_sk=get_sock_raw(raw_sk, iph->protocol, iph->saddr, iph->daddr);
1609 if(raw_sk) /* Any raw sockets */
1610 {
1611 do
1612 {
1613 /* Find the next */
1614 sknext=get_sock_raw(raw_sk->next, iph->protocol, iph->saddr, iph->daddr);
1615 if(sknext)
1616 skb1=skb_clone(skb, GFP_ATOMIC);
1617 else
1618 break; /* One pending raw socket left */
1619 if(skb1)
1620 raw_rcv(raw_sk, skb1, dev, iph->saddr,iph->daddr);
1621 raw_sk=sknext;
1622 }
1623 while(raw_sk!=NULL);
1624
1625 /*
1626 * Here either raw_sk is the last raw socket, or NULL if none
1627 */
1628
1629 /*
1630 * We deliver to the last raw socket AFTER the protocol checks as it avoids a surplus copy
1631 */
1632 }
1633 }
1634
1635 /*
1636 * skb->h.raw now points at the protocol beyond the IP header.
1637 */
1638
1639 hash = iph->protocol & (MAX_INET_PROTOS -1);
1640 for (ipprot = (struct inet_protocol *)inet_protos[hash];ipprot != NULL;ipprot=(struct inet_protocol *)ipprot->next)
1641 {
1642 struct sk_buff *skb2;
1643
1644 if (ipprot->protocol != iph->protocol)
1645 continue;
1646 /*
1647 * See if we need to make a copy of it. This will
1648 * only be set if more than one protocol wants it.
1649 * and then not for the last one. If there is a pending
1650 * raw delivery wait for that
1651 */
1652
1653 if (ipprot->copy || raw_sk)
1654 {
1655 skb2 = skb_clone(skb, GFP_ATOMIC);
1656 if(skb2==NULL)
1657 continue;
1658 }
1659 else
1660 {
1661 skb2 = skb;
1662 }
1663 flag = 1;
1664
1665 /*
1666 * Pass on the datagram to each protocol that wants it,
1667 * based on the datagram protocol. We should really
1668 * check the protocol handler's return values here...
1669 */
1670
1671 ipprot->handler(skb2, dev, NULL, iph->daddr,
1672 (ntohs(iph->tot_len) - (iph->ihl * 4)),
1673 iph->saddr, 0, ipprot);
1674
1675 }
1676
1677 /*
1678 * All protocols checked.
1679 * If this packet was a broadcast, we may *not* reply to it, since that
1680 * causes (proven, grin) ARP storms and a leakage of memory (i.e. all
1681 * ICMP reply messages get queued up for transmission...)
1682 */
1683
1684 if(raw_sk!=NULL) /* Shift to last raw user */
1685 raw_rcv(raw_sk, skb, dev, iph->saddr, iph->daddr);
1686 else if (!flag) /* Free and report errors */
1687 {
1688 if (brd != IS_BROADCAST && brd!=IS_MULTICAST)
1689 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, 0, dev);
1690 kfree_skb(skb, FREE_WRITE);
1691 }
1692
1693 return(0);
1694 }
1695
1696 /*
1697 * Do any IP forwarding required.
1698 */
1699
1700 /*
1701 * Don't forward multicast or broadcast frames.
1702 */
1703
1704 if(skb->pkt_type!=PACKET_HOST || brd==IS_BROADCAST)
1705 {
1706 kfree_skb(skb,FREE_WRITE);
1707 return 0;
1708 }
1709
1710 /*
1711 * The packet is for another target. Forward the frame
1712 */
1713
1714 #ifdef CONFIG_IP_FORWARD
1715 if(ip_forward(skb, dev, is_frag, target_addr, target_strict))
1716 kfree_skb(skb, FREE_WRITE);
1717 #else
1718 /* printk("Machine %lx tried to use us as a forwarder to %lx but we have forwarding disabled!\n",
1719 iph->saddr,iph->daddr);*/
1720 ip_statistics.IpInAddrErrors++;
1721 kfree_skb(skb, FREE_WRITE);
1722 #endif
1723 return(0);
1724 }
1725
1726
1727 /*
1728 * Loop a packet back to the sender.
1729 */
1730
1731 static void ip_loopback(struct device *old_dev, struct sk_buff *skb)
/* */
1732 {
1733 struct device *dev=&loopback_dev;
1734 int len=ntohs(skb->ip_hdr->tot_len);
1735 struct sk_buff *newskb=dev_alloc_skb(len+dev->hard_header_len+15);
1736
1737 if(newskb==NULL)
1738 return;
1739
1740 newskb->link3=NULL;
1741 newskb->sk=NULL;
1742 newskb->dev=dev;
1743 newskb->saddr=skb->saddr;
1744 newskb->daddr=skb->daddr;
1745 newskb->raddr=skb->raddr;
1746 newskb->free=1;
1747 newskb->lock=0;
1748 newskb->users=0;
1749 newskb->pkt_type=skb->pkt_type;
1750
1751 /*
1752 * Put a MAC header on the packet
1753 */
1754 ip_send(newskb, skb->ip_hdr->daddr, len, dev, skb->ip_hdr->saddr);
1755 /*
1756 * Add the rest of the data space.
1757 */
1758 newskb->ip_hdr=(struct iphdr *)skb_put(newskb, len);
1759 /*
1760 * Copy the data
1761 */
1762 memcpy(newskb->ip_hdr,skb->ip_hdr,len);
1763
1764 /* Recurse. The device check against IFF_LOOPBACK will stop infinite recursion */
1765
1766 /*printk("Loopback output queued [%lX to %lX].\n", newskb->ip_hdr->saddr,newskb->ip_hdr->daddr);*/
1767 ip_queue_xmit(NULL, dev, newskb, 1);
1768 }
1769
1770
1771 /*
1772 * Queues a packet to be sent, and starts the transmitter
1773 * if necessary. if free = 1 then we free the block after
1774 * transmit, otherwise we don't. If free==2 we not only
1775 * free the block but also don't assign a new ip seq number.
1776 * This routine also needs to put in the total length,
1777 * and compute the checksum
1778 */
1779
1780 void ip_queue_xmit(struct sock *sk, struct device *dev,
/* */
1781 struct sk_buff *skb, int free)
1782 {
1783 struct iphdr *iph;
1784 /* unsigned char *ptr;*/
1785
1786 /* Sanity check */
1787 if (dev == NULL)
1788 {
1789 NETDEBUG(printk("IP: ip_queue_xmit dev = NULL\n"));
1790 return;
1791 }
1792
1793 IS_SKB(skb);
1794
1795 /*
1796 * Do some book-keeping in the packet for later
1797 */
1798
1799
1800 skb->dev = dev;
1801 skb->when = jiffies;
1802
1803 /*
1804 * Find the IP header and set the length. This is bad
1805 * but once we get the skb data handling code in the
1806 * hardware will push its header sensibly and we will
1807 * set skb->ip_hdr to avoid this mess and the fixed
1808 * header length problem
1809 */
1810
1811 #if 0
1812 ptr = skb->data;
1813 ptr += dev->hard_header_len;
1814 iph = (struct iphdr *)ptr;
1815 skb->ip_hdr = iph;
1816 #else
1817 iph = skb->ip_hdr;
1818 #endif
1819 iph->tot_len = ntohs(skb->len-(((unsigned char *)iph)-skb->data));
1820
1821 #ifdef CONFIG_IP_FIREWALL
1822 if(ip_fw_chk(iph, dev, ip_fw_blk_chain, ip_fw_blk_policy, 0) != 1)
1823 /* just don't send this packet */
1824 return;
1825 #endif
1826
1827 /*
1828 * No reassigning numbers to fragments...
1829 */
1830
1831 if(free!=2)
1832 iph->id = htons(ip_id_count++);
1833 else
1834 free=1;
1835
1836 /* All buffers without an owner socket get freed */
1837 if (sk == NULL)
1838 free = 1;
1839
1840 skb->free = free;
1841
1842 /*
1843 * Do we need to fragment. Again this is inefficient.
1844 * We need to somehow lock the original buffer and use
1845 * bits of it.
1846 */
1847
1848 if(ntohs(iph->tot_len)> dev->mtu)
1849 {
1850 ip_fragment(sk,skb,dev,0);
1851 IS_SKB(skb);
1852 kfree_skb(skb,FREE_WRITE);
1853 return;
1854 }
1855
1856 /*
1857 * Add an IP checksum
1858 */
1859
1860 ip_send_check(iph);
1861
1862 /*
1863 * Print the frame when debugging
1864 */
1865
1866 /*
1867 * More debugging. You cannot queue a packet already on a list
1868 * Spot this and moan loudly.
1869 */
1870 if (skb->next != NULL)
1871 {
1872 NETDEBUG(printk("ip_queue_xmit: next != NULL\n"));
1873 skb_unlink(skb);
1874 }
1875
1876 /*
1877 * If a sender wishes the packet to remain unfreed
1878 * we add it to his send queue. This arguably belongs
1879 * in the TCP level since nobody else uses it. BUT
1880 * remember IPng might change all the rules.
1881 */
1882
1883 if (!free)
1884 {
1885 unsigned long flags;
1886 /* The socket now has more outstanding blocks */
1887
1888 sk->packets_out++;
1889
1890 /* Protect the list for a moment */
1891 save_flags(flags);
1892 cli();
1893
1894 if (skb->link3 != NULL)
1895 {
1896 NETDEBUG(printk("ip.c: link3 != NULL\n"));
1897 skb->link3 = NULL;
1898 }
1899 if (sk->send_head == NULL)
1900 {
1901 sk->send_tail = skb;
1902 sk->send_head = skb;
1903 }
1904 else
1905 {
1906 sk->send_tail->link3 = skb;
1907 sk->send_tail = skb;
1908 }
1909 /* skb->link3 is NULL */
1910
1911 /* Interrupt restore */
1912 restore_flags(flags);
1913 }
1914 else
1915 /* Remember who owns the buffer */
1916 skb->sk = sk;
1917
1918 /*
1919 * If the indicated interface is up and running, send the packet.
1920 */
1921
1922 ip_statistics.IpOutRequests++;
1923 #ifdef CONFIG_IP_ACCT
1924 ip_fw_chk(iph,dev,ip_acct_chain,IP_FW_F_ACCEPT,1);
1925 #endif
1926
1927 #ifdef CONFIG_IP_MULTICAST
1928
1929 /*
1930 * Multicasts are looped back for other local users
1931 */
1932
1933 if (MULTICAST(iph->daddr) && !(dev->flags&IFF_LOOPBACK))
1934 {
1935 if(sk==NULL || sk->ip_mc_loop)
1936 {
1937 if(iph->daddr==IGMP_ALL_HOSTS || (dev->flags&IFF_ALLMULTI))
1938 {
1939 ip_loopback(dev,skb);
1940 }
1941 else
1942 {
1943 struct ip_mc_list *imc=dev->ip_mc_list;
1944 while(imc!=NULL)
1945 {
1946 if(imc->multiaddr==iph->daddr)
1947 {
1948 ip_loopback(dev,skb);
1949 break;
1950 }
1951 imc=imc->next;
1952 }
1953 }
1954 }
1955 /* Multicasts with ttl 0 must not go beyond the host */
1956
1957 if(skb->ip_hdr->ttl==0)
1958 {
1959 kfree_skb(skb, FREE_READ);
1960 return;
1961 }
1962 }
1963 #endif
1964 if((dev->flags&IFF_BROADCAST) && (iph->daddr==dev->pa_brdaddr||iph->daddr==0xFFFFFFFF) && !(dev->flags&IFF_LOOPBACK))
1965 ip_loopback(dev,skb);
1966
1967 if (dev->flags & IFF_UP)
1968 {
1969 /*
1970 * If we have an owner use its priority setting,
1971 * otherwise use NORMAL
1972 */
1973
1974 if (sk != NULL)
1975 {
1976 dev_queue_xmit(skb, dev, sk->priority);
1977 }
1978 else
1979 {
1980 dev_queue_xmit(skb, dev, SOPRI_NORMAL);
1981 }
1982 }
1983 else
1984 {
1985 if(sk)
1986 sk->err = ENETDOWN;
1987 ip_statistics.IpOutDiscards++;
1988 if (free)
1989 kfree_skb(skb, FREE_WRITE);
1990 }
1991 }
1992
1993
1994
1995 #ifdef CONFIG_IP_MULTICAST
1996
1997 /*
1998 * Write an multicast group list table for the IGMP daemon to
1999 * read.
2000 */
2001
2002 int ip_mc_procinfo(char *buffer, char **start, off_t offset, int length, int dummy)
/* */
2003 {
2004 off_t pos=0, begin=0;
2005 struct ip_mc_list *im;
2006 unsigned long flags;
2007 int len=0;
2008 struct device *dev;
2009
2010 len=sprintf(buffer,"Device : Count\tGroup Users Timer\n");
2011 save_flags(flags);
2012 cli();
2013
2014 for(dev = dev_base; dev; dev = dev->next)
2015 {
2016 if((dev->flags&IFF_UP)&&(dev->flags&IFF_MULTICAST))
2017 {
2018 len+=sprintf(buffer+len,"%-10s: %5d\n",
2019 dev->name, dev->mc_count);
2020 for(im = dev->ip_mc_list; im; im = im->next)
2021 {
2022 len+=sprintf(buffer+len,
2023 "\t\t\t%08lX %5d %d:%08lX\n",
2024 im->multiaddr, im->users,
2025 im->tm_running, im->timer.expires-jiffies);
2026 pos=begin+len;
2027 if(pos<offset)
2028 {
2029 len=0;
2030 begin=pos;
2031 }
2032 if(pos>offset+length)
2033 break;
2034 }
2035 }
2036 }
2037 restore_flags(flags);
2038 *start=buffer+(offset-begin);
2039 len-=(offset-begin);
2040 if(len>length)
2041 len=length;
2042 return len;
2043 }
2044
2045
2046 /*
2047 * Socket option code for IP. This is the end of the line after any TCP,UDP etc options on
2048 * an IP socket.
2049 *
2050 * We implement IP_TOS (type of service), IP_TTL (time to live).
2051 *
2052 * Next release we will sort out IP_OPTIONS since for some people are kind of important.
2053 */
2054
2055 static struct device *ip_mc_find_devfor(unsigned long addr)
/* */
2056 {
2057 struct device *dev;
2058 for(dev = dev_base; dev; dev = dev->next)
2059 {
2060 if((dev->flags&IFF_UP)&&(dev->flags&IFF_MULTICAST)&&
2061 (dev->pa_addr==addr))
2062 return dev;
2063 }
2064
2065 return NULL;
2066 }
2067
2068 #endif
2069
2070 int ip_setsockopt(struct sock *sk, int level, int optname, char *optval, int optlen)
/* */
2071 {
2072 int val,err;
2073 unsigned char ucval;
2074 #if defined(CONFIG_IP_FIREWALL) || defined(CONFIG_IP_ACCT)
2075 struct ip_fw tmp_fw;
2076 #endif
2077 if (optval == NULL)
2078 {
2079 val=0;
2080 ucval=0;
2081 }
2082 else
2083 {
2084 err=verify_area(VERIFY_READ, optval, sizeof(int));
2085 if(err)
2086 return err;
2087 val = get_user((int *) optval);
2088 ucval=get_user((unsigned char *) optval);
2089 }
2090
2091 if(level!=SOL_IP)
2092 return -EOPNOTSUPP;
2093 #ifdef CONFIG_IP_MROUTE
2094 if(optname>=MRT_BASE && optname <=MRT_BASE+10)
2095 {
2096 return ip_mroute_setsockopt(sk,optname,optval,optlen);
2097 }
2098 #endif
2099
2100 switch(optname)
2101 {
2102 case IP_TOS:
2103 if(val<0||val>255)
2104 return -EINVAL;
2105 sk->ip_tos=val;
2106 if(val==IPTOS_LOWDELAY)
2107 sk->priority=SOPRI_INTERACTIVE;
2108 if(val==IPTOS_THROUGHPUT)
2109 sk->priority=SOPRI_BACKGROUND;
2110 return 0;
2111 case IP_TTL:
2112 if(val<1||val>255)
2113 return -EINVAL;
2114 sk->ip_ttl=val;
2115 return 0;
2116 case IP_HDRINCL:
2117 if(sk->type!=SOCK_RAW)
2118 return -ENOPROTOOPT;
2119 sk->ip_hdrincl=val?1:0;
2120 return 0;
2121 #ifdef CONFIG_IP_MULTICAST
2122 case IP_MULTICAST_TTL:
2123 {
2124 sk->ip_mc_ttl=(int)ucval;
2125 return 0;
2126 }
2127 case IP_MULTICAST_LOOP:
2128 {
2129 if(ucval!=0 && ucval!=1)
2130 return -EINVAL;
2131 sk->ip_mc_loop=(int)ucval;
2132 return 0;
2133 }
2134 case IP_MULTICAST_IF:
2135 {
2136 struct in_addr addr;
2137 struct device *dev=NULL;
2138
2139 /*
2140 * Check the arguments are allowable
2141 */
2142
2143 err=verify_area(VERIFY_READ, optval, sizeof(addr));
2144 if(err)
2145 return err;
2146
2147 memcpy_fromfs(&addr,optval,sizeof(addr));
2148
2149
2150 /*
2151 * What address has been requested
2152 */
2153
2154 if(addr.s_addr==INADDR_ANY) /* Default */
2155 {
2156 sk->ip_mc_name[0]=0;
2157 return 0;
2158 }
2159
2160 /*
2161 * Find the device
2162 */
2163
2164 dev=ip_mc_find_devfor(addr.s_addr);
2165
2166 /*
2167 * Did we find one
2168 */
2169
2170 if(dev)
2171 {
2172 strcpy(sk->ip_mc_name,dev->name);
2173 return 0;
2174 }
2175 return -EADDRNOTAVAIL;
2176 }
2177
2178 case IP_ADD_MEMBERSHIP:
2179 {
2180
2181 /*
2182 * FIXME: Add/Del membership should have a semaphore protecting them from re-entry
2183 */
2184 struct ip_mreq mreq;
2185 unsigned long route_src;
2186 struct rtable *rt;
2187 struct device *dev=NULL;
2188
2189 /*
2190 * Check the arguments.
2191 */
2192
2193 err=verify_area(VERIFY_READ, optval, sizeof(mreq));
2194 if(err)
2195 return err;
2196
2197 memcpy_fromfs(&mreq,optval,sizeof(mreq));
2198
2199 /*
2200 * Get device for use later
2201 */
2202
2203 if(mreq.imr_interface.s_addr==INADDR_ANY)
2204 {
2205 /*
2206 * Not set so scan.
2207 */
2208 if((rt=ip_rt_route(mreq.imr_multiaddr.s_addr,NULL, &route_src))!=NULL)
2209 {
2210 dev=rt->rt_dev;
2211 rt->rt_use--;
2212 }
2213 }
2214 else
2215 {
2216 /*
2217 * Find a suitable device.
2218 */
2219
2220 dev=ip_mc_find_devfor(mreq.imr_interface.s_addr);
2221 }
2222
2223 /*
2224 * No device, no cookies.
2225 */
2226
2227 if(!dev)
2228 return -ENODEV;
2229
2230 /*
2231 * Join group.
2232 */
2233
2234 return ip_mc_join_group(sk,dev,mreq.imr_multiaddr.s_addr);
2235 }
2236
2237 case IP_DROP_MEMBERSHIP:
2238 {
2239 struct ip_mreq mreq;
2240 struct rtable *rt;
2241 unsigned long route_src;
2242 struct device *dev=NULL;
2243
2244 /*
2245 * Check the arguments
2246 */
2247
2248 err=verify_area(VERIFY_READ, optval, sizeof(mreq));
2249 if(err)
2250 return err;
2251
2252 memcpy_fromfs(&mreq,optval,sizeof(mreq));
2253
2254 /*
2255 * Get device for use later
2256 */
2257
2258 if(mreq.imr_interface.s_addr==INADDR_ANY)
2259 {
2260 if((rt=ip_rt_route(mreq.imr_multiaddr.s_addr,NULL, &route_src))!=NULL)
2261 {
2262 dev=rt->rt_dev;
2263 rt->rt_use--;
2264 }
2265 }
2266 else
2267 {
2268
2269 dev=ip_mc_find_devfor(mreq.imr_interface.s_addr);
2270 }
2271
2272 /*
2273 * Did we find a suitable device.
2274 */
2275
2276 if(!dev)
2277 return -ENODEV;
2278
2279 /*
2280 * Leave group
2281 */
2282
2283 return ip_mc_leave_group(sk,dev,mreq.imr_multiaddr.s_addr);
2284 }
2285 #endif
2286 #ifdef CONFIG_IP_FIREWALL
2287 case IP_FW_ADD_BLK:
2288 case IP_FW_DEL_BLK:
2289 case IP_FW_ADD_FWD:
2290 case IP_FW_DEL_FWD:
2291 case IP_FW_CHK_BLK:
2292 case IP_FW_CHK_FWD:
2293 case IP_FW_FLUSH_BLK:
2294 case IP_FW_FLUSH_FWD:
2295 case IP_FW_ZERO_BLK:
2296 case IP_FW_ZERO_FWD:
2297 case IP_FW_POLICY_BLK:
2298 case IP_FW_POLICY_FWD:
2299 if(!suser())
2300 return -EPERM;
2301 if(optlen>sizeof(tmp_fw) || optlen<1)
2302 return -EINVAL;
2303 err=verify_area(VERIFY_READ,optval,optlen);
2304 if(err)
2305 return err;
2306 memcpy_fromfs(&tmp_fw,optval,optlen);
2307 err=ip_fw_ctl(optname, &tmp_fw,optlen);
2308 return -err; /* -0 is 0 after all */
2309
2310 #endif
2311 #ifdef CONFIG_IP_ACCT
2312 case IP_ACCT_DEL:
2313 case IP_ACCT_ADD:
2314 case IP_ACCT_FLUSH:
2315 case IP_ACCT_ZERO:
2316 if(!suser())
2317 return -EPERM;
2318 if(optlen>sizeof(tmp_fw) || optlen<1)
2319 return -EINVAL;
2320 err=verify_area(VERIFY_READ,optval,optlen);
2321 if(err)
2322 return err;
2323 memcpy_fromfs(&tmp_fw, optval,optlen);
2324 err=ip_acct_ctl(optname, &tmp_fw,optlen);
2325 return -err; /* -0 is 0 after all */
2326 #endif
2327 /* IP_OPTIONS and friends go here eventually */
2328 default:
2329 return(-ENOPROTOOPT);
2330 }
2331 }
2332
2333 /*
2334 * Get the options. Note for future reference. The GET of IP options gets the
2335 * _received_ ones. The set sets the _sent_ ones.
2336 */
2337
2338 int ip_getsockopt(struct sock *sk, int level, int optname, char *optval, int *optlen)
/* */
2339 {
2340 int val,err;
2341 #ifdef CONFIG_IP_MULTICAST
2342 int len;
2343 #endif
2344
2345 if(level!=SOL_IP)
2346 return -EOPNOTSUPP;
2347
2348 #ifdef CONFIG_IP_MROUTE
2349 if(optname>=MRT_BASE && optname <=MRT_BASE+10)
2350 {
2351 return ip_mroute_getsockopt(sk,optname,optval,optlen);
2352 }
2353 #endif
2354
2355 switch(optname)
2356 {
2357 case IP_TOS:
2358 val=sk->ip_tos;
2359 break;
2360 case IP_TTL:
2361 val=sk->ip_ttl;
2362 break;
2363 case IP_HDRINCL:
2364 val=sk->ip_hdrincl;
2365 break;
2366 #ifdef CONFIG_IP_MULTICAST
2367 case IP_MULTICAST_TTL:
2368 val=sk->ip_mc_ttl;
2369 break;
2370 case IP_MULTICAST_LOOP:
2371 val=sk->ip_mc_loop;
2372 break;
2373 case IP_MULTICAST_IF:
2374 err=verify_area(VERIFY_WRITE, optlen, sizeof(int));
2375 if(err)
2376 return err;
2377 len=strlen(sk->ip_mc_name);
2378 err=verify_area(VERIFY_WRITE, optval, len);
2379 if(err)
2380 return err;
2381 put_user(len,(int *) optlen);
2382 memcpy_tofs((void *)optval,sk->ip_mc_name, len);
2383 return 0;
2384 #endif
2385 default:
2386 return(-ENOPROTOOPT);
2387 }
2388 err=verify_area(VERIFY_WRITE, optlen, sizeof(int));
2389 if(err)
2390 return err;
2391 put_user(sizeof(int),(int *) optlen);
2392
2393 err=verify_area(VERIFY_WRITE, optval, sizeof(int));
2394 if(err)
2395 return err;
2396 put_user(val,(int *) optval);
2397
2398 return(0);
2399 }
2400
2401 /*
2402 * Build and send a packet, with as little as one copy
2403 *
2404 * Doesn't care much about ip options... option length can be
2405 * different for fragment at 0 and other fragments.
2406 *
2407 * Note that the fragment at the highest offset is sent first,
2408 * so the getfrag routine can fill in the TCP/UDP checksum header
2409 * field in the last fragment it sends... actually it also helps
2410 * the reassemblers, they can put most packets in at the head of
2411 * the fragment queue, and they know the total size in advance. This
2412 * last feature will measurable improve the Linux fragment handler.
2413 *
2414 * The callback has five args, an arbitrary pointer (copy of frag),
2415 * the source IP address (may depend on the routing table), the
2416 * destination adddress (char *), the offset to copy from, and the
2417 * length to be copied.
2418 *
2419 */
2420
2421 int ip_build_xmit(struct sock *sk,
/* */
2422 void getfrag (const void *,
2423 int,
2424 char *,
2425 unsigned int,
2426 unsigned int),
2427 const void *frag,
2428 unsigned short int length,
2429 int daddr,
2430 int flags,
2431 int type)
2432 {
2433 struct rtable *rt;
2434 unsigned int fraglen, maxfraglen, fragheaderlen;
2435 int offset, mf;
2436 unsigned long saddr;
2437 unsigned short id;
2438 struct iphdr *iph;
2439 int local=0;
2440 struct device *dev;
2441 int nfrags=0;
2442
2443 ip_statistics.IpOutRequests++;
2444
2445
2446 #ifdef CONFIG_IP_MULTICAST
2447 if(sk && MULTICAST(daddr) && *sk->ip_mc_name)
2448 {
2449 dev=dev_get(sk->ip_mc_name);
2450 if(!dev)
2451 return -ENODEV;
2452 rt=NULL;
2453 if (sk->saddr && (!LOOPBACK(sk->saddr) || LOOPBACK(daddr)))
2454 saddr = sk->saddr;
2455 else
2456 saddr = dev->pa_addr;
2457 }
2458 else
2459 {
2460 #endif
2461 /*
2462 * Perform the IP routing decisions
2463 */
2464
2465 if(sk->localroute || flags&MSG_DONTROUTE)
2466 local=1;
2467
2468 rt = sk->ip_route_cache;
2469
2470 /*
2471 * See if the routing cache is outdated. We need to clean this up once we are happy it is reliable
2472 * by doing the invalidation actively in the route change and header change.
2473 */
2474
2475 saddr=sk->ip_route_saddr;
2476 if(!rt || sk->ip_route_stamp != rt_stamp || daddr!=sk->ip_route_daddr || sk->ip_route_local!=local || sk->saddr!=sk->ip_route_saddr)
2477 {
2478 if(local)
2479 rt = ip_rt_local(daddr, NULL, &saddr);
2480 else
2481 rt = ip_rt_route(daddr, NULL, &saddr);
2482 sk->ip_route_local=local;
2483 sk->ip_route_daddr=daddr;
2484 sk->ip_route_saddr=saddr;
2485 sk->ip_route_stamp=rt_stamp;
2486 sk->ip_route_cache=rt;
2487 sk->ip_hcache_ver=NULL;
2488 sk->ip_hcache_state= 0;
2489 }
2490 else if(rt)
2491 {
2492 /*
2493 * Attempt header caches only if the cached route is being reused. Header cache
2494 * is not ultra cheap to set up. This means we only set it up on the second packet,
2495 * so one shot communications are not slowed. We assume (seems reasonable) that 2 is
2496 * probably going to be a stream of data.
2497 */
2498 if(rt->rt_dev->header_cache && sk->ip_hcache_state!= -1)
2499 {
2500 if(sk->ip_hcache_ver==NULL || sk->ip_hcache_stamp!=*sk->ip_hcache_ver)
2501 rt->rt_dev->header_cache(rt->rt_dev,sk,saddr,daddr);
2502 else
2503 /* Can't cache. Remember this */
2504 sk->ip_hcache_state= -1;
2505 }
2506 }
2507
2508 if (rt == NULL)
2509 {
2510 ip_statistics.IpOutNoRoutes++;
2511 return(-ENETUNREACH);
2512 }
2513
2514 if (sk->saddr && (!LOOPBACK(sk->saddr) || LOOPBACK(daddr)))
2515 saddr = sk->saddr;
2516
2517 dev=rt->rt_dev;
2518 #ifdef CONFIG_IP_MULTICAST
2519 }
2520 #endif
2521
2522 /*
2523 * Now compute the buffer space we require
2524 */
2525
2526 /*
2527 * Try the simple case first. This leaves broadcast, multicast, fragmented frames, and by
2528 * choice RAW frames within 20 bytes of maximum size(rare) to the long path
2529 */
2530
2531 if(length+20 <= dev->mtu && !MULTICAST(daddr) && daddr!=0xFFFFFFFF && daddr!=dev->pa_brdaddr)
2532 {
2533 int error;
2534 struct sk_buff *skb=sock_alloc_send_skb(sk, length+20+15+dev->hard_header_len,0,&error);
2535 if(skb==NULL)
2536 {
2537 ip_statistics.IpOutDiscards++;
2538 return error;
2539 }
2540 skb->dev=dev;
2541 skb->free=1;
2542 skb->when=jiffies;
2543 skb->sk=sk;
2544 skb->arp=0;
2545 skb->saddr=saddr;
2546 length+=20; /* We do this twice so the subtract once is quicker */
2547 skb->raddr=(rt&&rt->rt_gateway)?rt->rt_gateway:daddr;
2548 skb_reserve(skb,(dev->hard_header_len+15)&~15);
2549 if(sk->ip_hcache_state>0)
2550 {
2551 memcpy(skb_push(skb,dev->hard_header_len),sk->ip_hcache_data,dev->hard_header_len);
2552 skb->arp=1;
2553 }
2554 else if(dev->hard_header)
2555 {
2556 if(dev->hard_header(skb,dev,ETH_P_IP,NULL,NULL,0)>0)
2557 skb->arp=1;
2558 }
2559 skb->ip_hdr=iph=(struct iphdr *)skb_put(skb,length);
2560 dev_lock_list();
2561 if(!sk->ip_hdrincl)
2562 {
2563 iph->version=4;
2564 iph->ihl=5;
2565 iph->tos=sk->ip_tos;
2566 iph->tot_len = htons(length);
2567 iph->id=htons(ip_id_count++);
2568 iph->frag_off = 0;
2569 iph->ttl=sk->ip_ttl;
2570 iph->protocol=type;
2571 iph->saddr=saddr;
2572 iph->daddr=daddr;
2573 iph->check=0;
2574 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
2575 getfrag(frag,saddr,(void *)(iph+1),0, length-20);
2576 }
2577 else
2578 getfrag(frag,saddr,(void *)iph,0,length);
2579 dev_unlock_list();
2580 #ifdef CONFIG_IP_ACCT
2581 ip_fw_chk((void *)skb->data,dev,ip_acct_chain, IP_FW_F_ACCEPT,1);
2582 #endif
2583 if(dev->flags&IFF_UP)
2584 dev_queue_xmit(skb,dev,sk->priority);
2585 else
2586 {
2587 ip_statistics.IpOutDiscards++;
2588 kfree_skb(skb, FREE_WRITE);
2589 }
2590 return 0;
2591 }
2592
2593
2594 fragheaderlen = dev->hard_header_len;
2595 if(!sk->ip_hdrincl)
2596 fragheaderlen += 20;
2597
2598 /*
2599 * Fragheaderlen is the size of 'overhead' on each buffer. Now work
2600 * out the size of the frames to send.
2601 */
2602
2603 maxfraglen = ((dev->mtu-20) & ~7) + fragheaderlen;
2604
2605 /*
2606 * Start at the end of the frame by handling the remainder.
2607 */
2608
2609 offset = length - (length % (maxfraglen - fragheaderlen));
2610
2611 /*
2612 * Amount of memory to allocate for final fragment.
2613 */
2614
2615 fraglen = length - offset + fragheaderlen;
2616
2617 if(fraglen==0)
2618 {
2619 fraglen = maxfraglen;
2620 offset -= maxfraglen-fragheaderlen;
2621 }
2622
2623
2624 /*
2625 * The last fragment will not have MF (more fragments) set.
2626 */
2627
2628 mf = 0;
2629
2630 /*
2631 * Can't fragment raw packets
2632 */
2633
2634 if (sk->ip_hdrincl && offset > 0)
2635 return(-EMSGSIZE);
2636
2637 /*
2638 * Lock the device lists.
2639 */
2640
2641 dev_lock_list();
2642
2643 /*
2644 * Get an identifier
2645 */
2646
2647 id = htons(ip_id_count++);
2648
2649 /*
2650 * Being outputting the bytes.
2651 */
2652
2653 do
2654 {
2655 struct sk_buff * skb;
2656 int error;
2657 char *data;
2658
2659 /*
2660 * Get the memory we require with some space left for alignment.
2661 */
2662
2663 skb = sock_alloc_send_skb(sk, fraglen+15, 0, &error);
2664 if (skb == NULL)
2665 {
2666 ip_statistics.IpOutDiscards++;
2667 if(nfrags>1)
2668 ip_statistics.IpFragCreates++;
2669 dev_unlock_list();
2670 return(error);
2671 }
2672
2673 /*
2674 * Fill in the control structures
2675 */
2676
2677 skb->next = skb->prev = NULL;
2678 skb->dev = dev;
2679 skb->when = jiffies;
2680 skb->free = 1; /* dubious, this one */
2681 skb->sk = sk;
2682 skb->arp = 0;
2683 skb->saddr = saddr;
2684 skb->raddr = (rt&&rt->rt_gateway) ? rt->rt_gateway : daddr;
2685 skb_reserve(skb,(dev->hard_header_len+15)&~15);
2686 data = skb_put(skb, fraglen-dev->hard_header_len);
2687
2688 /*
2689 * Save us ARP and stuff. In the optimal case we do no route lookup (route cache ok)
2690 * no ARP lookup (arp cache ok) and output. The cache checks are still too slow but
2691 * this can be fixed later. For gateway routes we ought to have a rt->.. header cache
2692 * pointer to speed header cache builds for identical targets.
2693 */
2694
2695 if(sk->ip_hcache_state>0)
2696 {
2697 memcpy(skb_push(skb,dev->hard_header_len),sk->ip_hcache_data, dev->hard_header_len);
2698 skb->arp=1;
2699 }
2700 else if (dev->hard_header)
2701 {
2702 if(dev->hard_header(skb, dev, ETH_P_IP,
2703 NULL, NULL, 0)>0)
2704 skb->arp=1;
2705 }
2706
2707 /*
2708 * Find where to start putting bytes.
2709 */
2710
2711 skb->ip_hdr = iph = (struct iphdr *)data;
2712
2713 /*
2714 * Only write IP header onto non-raw packets
2715 */
2716
2717 if(!sk->ip_hdrincl)
2718 {
2719
2720 iph->version = 4;
2721 iph->ihl = 5; /* ugh */
2722 iph->tos = sk->ip_tos;
2723 iph->tot_len = htons(fraglen - fragheaderlen + iph->ihl*4);
2724 iph->id = id;
2725 iph->frag_off = htons(offset>>3);
2726 iph->frag_off |= mf;
2727 #ifdef CONFIG_IP_MULTICAST
2728 if (MULTICAST(daddr))
2729 iph->ttl = sk->ip_mc_ttl;
2730 else
2731 #endif
2732 iph->ttl = sk->ip_ttl;
2733 iph->protocol = type;
2734 iph->check = 0;
2735 iph->saddr = saddr;
2736 iph->daddr = daddr;
2737 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
2738 data += iph->ihl*4;
2739
2740 /*
2741 * Any further fragments will have MF set.
2742 */
2743
2744 mf = htons(IP_MF);
2745 }
2746
2747 /*
2748 * User data callback
2749 */
2750
2751 getfrag(frag, saddr, data, offset, fraglen-fragheaderlen);
2752
2753 /*
2754 * Account for the fragment.
2755 */
2756
2757 #ifdef CONFIG_IP_ACCT
2758 if(!offset)
2759 ip_fw_chk(iph, dev, ip_acct_chain, IP_FW_F_ACCEPT, 1);
2760 #endif
2761 offset -= (maxfraglen-fragheaderlen);
2762 fraglen = maxfraglen;
2763
2764 #ifdef CONFIG_IP_MULTICAST
2765
2766 /*
2767 * Multicasts are looped back for other local users
2768 */
2769
2770 if (MULTICAST(daddr) && !(dev->flags&IFF_LOOPBACK))
2771 {
2772 /*
2773 * Loop back any frames. The check for IGMP_ALL_HOSTS is because
2774 * you are always magically a member of this group.
2775 *
2776 * Always loop back all host messages when running as a multicast router.
2777 */
2778
2779 if(sk==NULL || sk->ip_mc_loop)
2780 {
2781 if(skb->daddr==IGMP_ALL_HOSTS || (dev->flags&IFF_ALLMULTI))
2782 ip_loopback(rt?rt->rt_dev:dev,skb);
2783 else
2784 {
2785 struct ip_mc_list *imc=rt?rt->rt_dev->ip_mc_list:dev->ip_mc_list;
2786 while(imc!=NULL)
2787 {
2788 if(imc->multiaddr==daddr)
2789 {
2790 ip_loopback(rt?rt->rt_dev:dev,skb);
2791 break;
2792 }
2793 imc=imc->next;
2794 }
2795 }
2796 }
2797
2798 /*
2799 * Multicasts with ttl 0 must not go beyond the host. Fixme: avoid the
2800 * extra clone.
2801 */
2802
2803 if(skb->ip_hdr->ttl==0)
2804 kfree_skb(skb, FREE_READ);
2805 }
2806 #endif
2807
2808 nfrags++;
2809
2810 /*
2811 * BSD loops broadcasts
2812 */
2813
2814 if((dev->flags&IFF_BROADCAST) && (daddr==0xFFFFFFFF || daddr==dev->pa_brdaddr) && !(dev->flags&IFF_LOOPBACK))
2815 ip_loopback(dev,skb);
2816
2817 /*
2818 * Now queue the bytes into the device.
2819 */
2820
2821 if (dev->flags & IFF_UP)
2822 {
2823 dev_queue_xmit(skb, dev, sk->priority);
2824 }
2825 else
2826 {
2827 /*
2828 * Whoops...
2829 */
2830
2831 ip_statistics.IpOutDiscards++;
2832 if(nfrags>1)
2833 ip_statistics.IpFragCreates+=nfrags;
2834 kfree_skb(skb, FREE_WRITE);
2835 dev_unlock_list();
2836 /*
2837 * BSD behaviour.
2838 */
2839 if(sk!=NULL)
2840 sk->err=ENETDOWN;
2841 return(0); /* lose rest of fragments */
2842 }
2843 }
2844 while (offset >= 0);
2845 if(nfrags>1)
2846 ip_statistics.IpFragCreates+=nfrags;
2847 dev_unlock_list();
2848 return(0);
2849 }
2850
2851
2852 /*
2853 * IP protocol layer initialiser
2854 */
2855
2856 static struct packet_type ip_packet_type =
2857 {
2858 0, /* MUTTER ntohs(ETH_P_IP),*/
2859 NULL, /* All devices */
2860 ip_rcv,
2861 NULL,
2862 NULL,
2863 };
2864
2865 /*
2866 * Device notifier
2867 */
2868
2869 static int ip_rt_event(unsigned long event, void *ptr)
/* */
2870 {
2871 if(event==NETDEV_DOWN)
2872 ip_rt_flush(ptr);
2873 return NOTIFY_DONE;
2874 }
2875
2876 struct notifier_block ip_rt_notifier={
2877 ip_rt_event,
2878 NULL,
2879 0
2880 };
2881
2882 /*
2883 * IP registers the packet type and then calls the subprotocol initialisers
2884 */
2885
2886 void ip_init(void)
/* ![[last]](../icons/n_last.png)
*/
2887 {
2888 ip_packet_type.type=htons(ETH_P_IP);
2889 dev_add_pack(&ip_packet_type);
2890
2891 /* So we flush routes when a device is downed */
2892 register_netdevice_notifier(&ip_rt_notifier);
2893
2894 /* ip_raw_init();
2895 ip_packet_init();
2896 ip_tcp_init();
2897 ip_udp_init();*/
2898
2899 #ifdef CONFIG_IP_MULTICAST
2900 proc_net_register(&(struct proc_dir_entry) {
2901 PROC_NET_IGMP, 4, "igmp",
2902 S_IFREG | S_IRUGO, 1, 0, 0,
2903 0, &proc_net_inode_operations,
2904 ip_mc_procinfo
2905 });
2906 #endif
2907 }
2908
![[bottom]](../icons/n_bottom.png){kind=icon}
*/