![[first]](../icons/first.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[last]](../icons/last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[bottom]](../icons/bottom.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
1 /*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * The Internet Protocol (IP) module.
7 *
8 * Version: @(#)ip.c 1.0.16b 9/1/93
9 *
10 * Authors: Ross Biro, <bir7@leland.Stanford.Edu>
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Donald Becker, <becker@super.org>
13 * Alan Cox, <gw4pts@gw4pts.ampr.org>
14 * Richard Underwood
15 * Stefan Becker, <stefanb@yello.ping.de>
16 * Jorge Cwik, <jorge@laser.satlink.net>
17 * Arnt Gulbrandsen, <agulbra@nvg.unit.no>
18 *
19 *
20 * Fixes:
21 * Alan Cox : Commented a couple of minor bits of surplus code
22 * Alan Cox : Undefining IP_FORWARD doesn't include the code
23 * (just stops a compiler warning).
24 * Alan Cox : Frames with >=MAX_ROUTE record routes, strict routes or loose routes
25 * are junked rather than corrupting things.
26 * Alan Cox : Frames to bad broadcast subnets are dumped
27 * We used to process them non broadcast and
28 * boy could that cause havoc.
29 * Alan Cox : ip_forward sets the free flag on the
30 * new frame it queues. Still crap because
31 * it copies the frame but at least it
32 * doesn't eat memory too.
33 * Alan Cox : Generic queue code and memory fixes.
34 * Fred Van Kempen : IP fragment support (borrowed from NET2E)
35 * Gerhard Koerting: Forward fragmented frames correctly.
36 * Gerhard Koerting: Fixes to my fix of the above 8-).
37 * Gerhard Koerting: IP interface addressing fix.
38 * Linus Torvalds : More robustness checks
39 * Alan Cox : Even more checks: Still not as robust as it ought to be
40 * Alan Cox : Save IP header pointer for later
41 * Alan Cox : ip option setting
42 * Alan Cox : Use ip_tos/ip_ttl settings
43 * Alan Cox : Fragmentation bogosity removed
44 * (Thanks to Mark.Bush@prg.ox.ac.uk)
45 * Dmitry Gorodchanin : Send of a raw packet crash fix.
46 * Alan Cox : Silly ip bug when an overlength
47 * fragment turns up. Now frees the
48 * queue.
49 * Linus Torvalds/ : Memory leakage on fragmentation
50 * Alan Cox : handling.
51 * Gerhard Koerting: Forwarding uses IP priority hints
52 * Teemu Rantanen : Fragment problems.
53 * Alan Cox : General cleanup, comments and reformat
54 * Alan Cox : SNMP statistics
55 * Alan Cox : BSD address rule semantics. Also see
56 * UDP as there is a nasty checksum issue
57 * if you do things the wrong way.
58 * Alan Cox : Always defrag, moved IP_FORWARD to the config.in file
59 * Alan Cox : IP options adjust sk->priority.
60 * Pedro Roque : Fix mtu/length error in ip_forward.
61 * Alan Cox : Avoid ip_chk_addr when possible.
62 * Richard Underwood : IP multicasting.
63 * Alan Cox : Cleaned up multicast handlers.
64 * Alan Cox : RAW sockets demultiplex in the BSD style.
65 * Gunther Mayer : Fix the SNMP reporting typo
66 * Alan Cox : Always in group 224.0.0.1
67 * Pauline Middelink : Fast ip_checksum update when forwarding
68 * Masquerading support.
69 * Alan Cox : Multicast loopback error for 224.0.0.1
70 * Alan Cox : IP_MULTICAST_LOOP option.
71 * Alan Cox : Use notifiers.
72 * Bjorn Ekwall : Removed ip_csum (from slhc.c too)
73 * Bjorn Ekwall : Moved ip_fast_csum to ip.h (inline!)
74 * Stefan Becker : Send out ICMP HOST REDIRECT
75 * Arnt Gulbrandsen : ip_build_xmit
76 * Alan Cox : Per socket routing cache
77 * Alan Cox : Fixed routing cache, added header cache.
78 * Alan Cox : Loopback didnt work right in original ip_build_xmit - fixed it.
79 * Alan Cox : Only send ICMP_REDIRECT if src/dest are the same net.
80 * Alan Cox : Incoming IP option handling.
81 * Alan Cox : Set saddr on raw output frames as per BSD.
82 * Alan Cox : Stopped broadcast source route explosions.
83 * Alan Cox : Can disable source routing
84 * Takeshi Sone : Masquerading didn't work.
85 * Dave Bonn,Alan Cox : Faster IP forwarding whenever possible.
86 * Alan Cox : Memory leaks, tramples, misc debugging.
87 * Alan Cox : Fixed multicast (by popular demand 8))
88 * Alan Cox : Fixed forwarding (by even more popular demand 8))
89 * Alan Cox : Fixed SNMP statistics [I think]
90 * Gerhard Koerting : IP fragmentation forwarding fix
91 * Alan Cox : Device lock against page fault.
92 * Alan Cox : IP_HDRINCL facility.
93 * Werner Almesberger : Zero fragment bug
94 *
95 *
96 *
97 * To Fix:
98 * IP option processing is mostly not needed. ip_forward needs to know about routing rules
99 * and time stamp but that's about all. Use the route mtu field here too
100 * IP fragmentation wants rewriting cleanly. The RFC815 algorithm is much more efficient
101 * and could be made very efficient with the addition of some virtual memory hacks to permit
102 * the allocation of a buffer that can then be 'grown' by twiddling page tables.
103 * Output fragmentation wants updating along with the buffer management to use a single
104 * interleaved copy algorithm so that fragmenting has a one copy overhead. Actual packet
105 * output should probably do its own fragmentation at the UDP/RAW layer. TCP shouldn't cause
106 * fragmentation anyway.
107 *
108 * FIXME: copy frag 0 iph to qp->iph
109 *
110 * This program is free software; you can redistribute it and/or
111 * modify it under the terms of the GNU General Public License
112 * as published by the Free Software Foundation; either version
113 * 2 of the License, or (at your option) any later version.
114 */
115
116 #include <asm/segment.h>
117 #include <asm/system.h>
118 #include <linux/types.h>
119 #include <linux/kernel.h>
120 #include <linux/sched.h>
121 #include <linux/mm.h>
122 #include <linux/string.h>
123 #include <linux/errno.h>
124 #include <linux/config.h>
125
126 #include <linux/socket.h>
127 #include <linux/sockios.h>
128 #include <linux/in.h>
129 #include <linux/inet.h>
130 #include <linux/netdevice.h>
131 #include <linux/etherdevice.h>
132 #include <linux/proc_fs.h>
133 #include <linux/stat.h>
134
135 #include <net/snmp.h>
136 #include <net/ip.h>
137 #include <net/protocol.h>
138 #include <net/route.h>
139 #include <net/tcp.h>
140 #include <net/udp.h>
141 #include <linux/skbuff.h>
142 #include <net/sock.h>
143 #include <net/arp.h>
144 #include <net/icmp.h>
145 #include <net/raw.h>
146 #include <net/checksum.h>
147 #include <linux/igmp.h>
148 #include <linux/ip_fw.h>
149 #include <linux/mroute.h>
150
151 #define CONFIG_IP_DEFRAG
152
153 extern int last_retran;
154 extern void sort_send(struct sock *sk);
155
156 #define min(a,b) ((a)<(b)?(a):(b))
157
158 /*
159 * SNMP management statistics
160 */
161
162 #ifdef CONFIG_IP_FORWARD
163 struct ip_mib ip_statistics={1,64,}; /* Forwarding=Yes, Default TTL=64 */
164 #else
165 struct ip_mib ip_statistics={2,64,}; /* Forwarding=No, Default TTL=64 */
166 #endif
167
168 /*
169 * Handle the issuing of an ioctl() request
170 * for the ip device. This is scheduled to
171 * disappear
172 */
173
174 int ip_ioctl(struct sock *sk, int cmd, unsigned long arg)
/* ![[next]](../icons/right.png)
![[first]](../icons/n_first.png)
![[top]](../icons/top.png)
*/
175 {
176 switch(cmd)
177 {
178 default:
179 return(-EINVAL);
180 }
181 }
182
183
184 /*
185 * Take an skb, and fill in the MAC header.
186 */
187
188 static int ip_send(struct sk_buff *skb, unsigned long daddr, int len, struct device *dev, unsigned long saddr)
/* ![[previous]](../icons/left.png)
*/
189 {
190 int mac = 0;
191
192 skb->dev = dev;
193 skb->arp = 1;
194 if (dev->hard_header)
195 {
196 /*
197 * Build a hardware header. Source address is our mac, destination unknown
198 * (rebuild header will sort this out)
199 */
200 skb_reserve(skb,(dev->hard_header_len+15)&~15); /* 16 byte aligned IP headers are good */
201 mac = dev->hard_header(skb, dev, ETH_P_IP, NULL, NULL, len);
202 if (mac < 0)
203 {
204 mac = -mac;
205 skb->arp = 0;
206 skb->raddr = daddr; /* next routing address */
207 }
208 }
209 return mac;
210 }
211
212 static int ip_send_room(struct sk_buff *skb, unsigned long daddr, int len, struct device *dev, unsigned long saddr)
/* */
213 {
214 int mac = 0;
215
216 skb->dev = dev;
217 skb->arp = 1;
218 if (dev->hard_header)
219 {
220 skb_reserve(skb,MAX_HEADER);
221 mac = dev->hard_header(skb, dev, ETH_P_IP, NULL, NULL, len);
222 if (mac < 0)
223 {
224 mac = -mac;
225 skb->arp = 0;
226 skb->raddr = daddr; /* next routing address */
227 }
228 }
229 return mac;
230 }
231
232 int ip_id_count = 0;
233
234 /*
235 * This routine builds the appropriate hardware/IP headers for
236 * the routine. It assumes that if *dev != NULL then the
237 * protocol knows what it's doing, otherwise it uses the
238 * routing/ARP tables to select a device struct.
239 */
240 int ip_build_header(struct sk_buff *skb, unsigned long saddr, unsigned long daddr,
/* */
241 struct device **dev, int type, struct options *opt, int len, int tos, int ttl)
242 {
243 struct rtable *rt;
244 unsigned long raddr;
245 int tmp;
246 unsigned long src;
247 struct iphdr *iph;
248
249 /*
250 * See if we need to look up the device.
251 */
252
253 #ifdef CONFIG_IP_MULTICAST
254 if(MULTICAST(daddr) && *dev==NULL && skb->sk && *skb->sk->ip_mc_name)
255 *dev=dev_get(skb->sk->ip_mc_name);
256 #endif
257 if (*dev == NULL)
258 {
259 if(skb->localroute)
260 rt = ip_rt_local(daddr, NULL, &src);
261 else
262 rt = ip_rt_route(daddr, NULL, &src);
263 if (rt == NULL)
264 {
265 ip_statistics.IpOutNoRoutes++;
266 return(-ENETUNREACH);
267 }
268
269 *dev = rt->rt_dev;
270 /*
271 * If the frame is from us and going off machine it MUST MUST MUST
272 * have the output device ip address and never the loopback
273 */
274 if (LOOPBACK(saddr) && !LOOPBACK(daddr))
275 saddr = src;/*rt->rt_dev->pa_addr;*/
276 raddr = rt->rt_gateway;
277
278 }
279 else
280 {
281 /*
282 * We still need the address of the first hop.
283 */
284 if(skb->localroute)
285 rt = ip_rt_local(daddr, NULL, &src);
286 else
287 rt = ip_rt_route(daddr, NULL, &src);
288 /*
289 * If the frame is from us and going off machine it MUST MUST MUST
290 * have the output device ip address and never the loopback
291 */
292 if (LOOPBACK(saddr) && !LOOPBACK(daddr))
293 saddr = src;/*rt->rt_dev->pa_addr;*/
294
295 raddr = (rt == NULL) ? 0 : rt->rt_gateway;
296 }
297
298 /*
299 * No source addr so make it our addr
300 */
301 if (saddr == 0)
302 saddr = src;
303
304 /*
305 * No gateway so aim at the real destination
306 */
307 if (raddr == 0)
308 raddr = daddr;
309
310 /*
311 * Now build the MAC header.
312 */
313
314 if(type==IPPROTO_TCP)
315 tmp = ip_send_room(skb, raddr, len, *dev, saddr);
316 else
317 tmp = ip_send(skb, raddr, len, *dev, saddr);
318
319 /*
320 * Book keeping
321 */
322
323 skb->dev = *dev;
324 skb->saddr = saddr;
325 if (skb->sk)
326 skb->sk->saddr = saddr;
327
328 /*
329 * Now build the IP header.
330 */
331
332 /*
333 * If we are using IPPROTO_RAW, then we don't need an IP header, since
334 * one is being supplied to us by the user
335 */
336
337 if(type == IPPROTO_RAW)
338 return (tmp);
339
340 /*
341 * Build the IP addresses
342 */
343
344 iph=(struct iphdr *)skb_put(skb,sizeof(struct iphdr));
345
346 iph->version = 4;
347 iph->ihl = 5;
348 iph->tos = tos;
349 iph->frag_off = 0;
350 iph->ttl = ttl;
351 iph->daddr = daddr;
352 iph->saddr = saddr;
353 iph->protocol = type;
354 skb->ip_hdr = iph;
355
356 return(20 + tmp); /* IP header plus MAC header size */
357 }
358
359
360 /*
361 * Generate a checksum for an outgoing IP datagram.
362 */
363
364 void ip_send_check(struct iphdr *iph)
/* */
365 {
366 iph->check = 0;
367 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
368 }
369
370 /************************ Fragment Handlers From NET2E **********************************/
371
372
373 /*
374 * This fragment handler is a bit of a heap. On the other hand it works quite
375 * happily and handles things quite well.
376 */
377
378 static struct ipq *ipqueue = NULL; /* IP fragment queue */
379
380 /*
381 * Create a new fragment entry.
382 */
383
384 static struct ipfrag *ip_frag_create(int offset, int end, struct sk_buff *skb, unsigned char *ptr)
/* */
385 {
386 struct ipfrag *fp;
387
388 fp = (struct ipfrag *) kmalloc(sizeof(struct ipfrag), GFP_ATOMIC);
389 if (fp == NULL)
390 {
391 NETDEBUG(printk("IP: frag_create: no memory left !\n"));
392 return(NULL);
393 }
394 memset(fp, 0, sizeof(struct ipfrag));
395
396 /* Fill in the structure. */
397 fp->offset = offset;
398 fp->end = end;
399 fp->len = end - offset;
400 fp->skb = skb;
401 fp->ptr = ptr;
402
403 return(fp);
404 }
405
406
407 /*
408 * Find the correct entry in the "incomplete datagrams" queue for
409 * this IP datagram, and return the queue entry address if found.
410 */
411
412 static struct ipq *ip_find(struct iphdr *iph)
/* */
413 {
414 struct ipq *qp;
415 struct ipq *qplast;
416
417 cli();
418 qplast = NULL;
419 for(qp = ipqueue; qp != NULL; qplast = qp, qp = qp->next)
420 {
421 if (iph->id== qp->iph->id && iph->saddr == qp->iph->saddr &&
422 iph->daddr == qp->iph->daddr && iph->protocol == qp->iph->protocol)
423 {
424 del_timer(&qp->timer); /* So it doesn't vanish on us. The timer will be reset anyway */
425 sti();
426 return(qp);
427 }
428 }
429 sti();
430 return(NULL);
431 }
432
433
434 /*
435 * Remove an entry from the "incomplete datagrams" queue, either
436 * because we completed, reassembled and processed it, or because
437 * it timed out.
438 */
439
440 static void ip_free(struct ipq *qp)
/* */
441 {
442 struct ipfrag *fp;
443 struct ipfrag *xp;
444
445 /*
446 * Stop the timer for this entry.
447 */
448
449 del_timer(&qp->timer);
450
451 /* Remove this entry from the "incomplete datagrams" queue. */
452 cli();
453 if (qp->prev == NULL)
454 {
455 ipqueue = qp->next;
456 if (ipqueue != NULL)
457 ipqueue->prev = NULL;
458 }
459 else
460 {
461 qp->prev->next = qp->next;
462 if (qp->next != NULL)
463 qp->next->prev = qp->prev;
464 }
465
466 /* Release all fragment data. */
467
468 fp = qp->fragments;
469 while (fp != NULL)
470 {
471 xp = fp->next;
472 IS_SKB(fp->skb);
473 kfree_skb(fp->skb,FREE_READ);
474 kfree_s(fp, sizeof(struct ipfrag));
475 fp = xp;
476 }
477
478 /* Release the IP header. */
479 kfree_s(qp->iph, 64 + 8);
480
481 /* Finally, release the queue descriptor itself. */
482 kfree_s(qp, sizeof(struct ipq));
483 sti();
484 }
485
486
487 /*
488 * Oops- a fragment queue timed out. Kill it and send an ICMP reply.
489 */
490
491 static void ip_expire(unsigned long arg)
/* */
492 {
493 struct ipq *qp;
494
495 qp = (struct ipq *)arg;
496
497 /*
498 * Send an ICMP "Fragment Reassembly Timeout" message.
499 */
500
501 ip_statistics.IpReasmTimeout++;
502 ip_statistics.IpReasmFails++;
503 /* This if is always true... shrug */
504 if(qp->fragments!=NULL)
505 icmp_send(qp->fragments->skb,ICMP_TIME_EXCEEDED,
506 ICMP_EXC_FRAGTIME, 0, qp->dev);
507
508 /*
509 * Nuke the fragment queue.
510 */
511 ip_free(qp);
512 }
513
514
515 /*
516 * Add an entry to the 'ipq' queue for a newly received IP datagram.
517 * We will (hopefully :-) receive all other fragments of this datagram
518 * in time, so we just create a queue for this datagram, in which we
519 * will insert the received fragments at their respective positions.
520 */
521
522 static struct ipq *ip_create(struct sk_buff *skb, struct iphdr *iph, struct device *dev)
/* */
523 {
524 struct ipq *qp;
525 int ihlen;
526
527 qp = (struct ipq *) kmalloc(sizeof(struct ipq), GFP_ATOMIC);
528 if (qp == NULL)
529 {
530 NETDEBUG(printk("IP: create: no memory left !\n"));
531 return(NULL);
532 skb->dev = qp->dev;
533 }
534 memset(qp, 0, sizeof(struct ipq));
535
536 /*
537 * Allocate memory for the IP header (plus 8 octets for ICMP).
538 */
539
540 ihlen = iph->ihl * 4;
541 qp->iph = (struct iphdr *) kmalloc(64 + 8, GFP_ATOMIC);
542 if (qp->iph == NULL)
543 {
544 NETDEBUG(printk("IP: create: no memory left !\n"));
545 kfree_s(qp, sizeof(struct ipq));
546 return(NULL);
547 }
548
549 memcpy(qp->iph, iph, ihlen + 8);
550 qp->len = 0;
551 qp->ihlen = ihlen;
552 qp->fragments = NULL;
553 qp->dev = dev;
554
555 /* Start a timer for this entry. */
556 qp->timer.expires = jiffies + IP_FRAG_TIME; /* about 30 seconds */
557 qp->timer.data = (unsigned long) qp; /* pointer to queue */
558 qp->timer.function = ip_expire; /* expire function */
559 add_timer(&qp->timer);
560
561 /* Add this entry to the queue. */
562 qp->prev = NULL;
563 cli();
564 qp->next = ipqueue;
565 if (qp->next != NULL)
566 qp->next->prev = qp;
567 ipqueue = qp;
568 sti();
569 return(qp);
570 }
571
572
573 /*
574 * See if a fragment queue is complete.
575 */
576
577 static int ip_done(struct ipq *qp)
/* */
578 {
579 struct ipfrag *fp;
580 int offset;
581
582 /* Only possible if we received the final fragment. */
583 if (qp->len == 0)
584 return(0);
585
586 /* Check all fragment offsets to see if they connect. */
587 fp = qp->fragments;
588 offset = 0;
589 while (fp != NULL)
590 {
591 if (fp->offset > offset)
592 return(0); /* fragment(s) missing */
593 offset = fp->end;
594 fp = fp->next;
595 }
596
597 /* All fragments are present. */
598 return(1);
599 }
600
601
602 /*
603 * Build a new IP datagram from all its fragments.
604 *
605 * FIXME: We copy here because we lack an effective way of handling lists
606 * of bits on input. Until the new skb data handling is in I'm not going
607 * to touch this with a bargepole.
608 */
609
610 static struct sk_buff *ip_glue(struct ipq *qp)
/* */
611 {
612 struct sk_buff *skb;
613 struct iphdr *iph;
614 struct ipfrag *fp;
615 unsigned char *ptr;
616 int count, len;
617
618 /*
619 * Allocate a new buffer for the datagram.
620 */
621 len = qp->ihlen + qp->len;
622
623 if ((skb = dev_alloc_skb(len)) == NULL)
624 {
625 ip_statistics.IpReasmFails++;
626 NETDEBUG(printk("IP: queue_glue: no memory for gluing queue %p\n", qp));
627 ip_free(qp);
628 return(NULL);
629 }
630
631 /* Fill in the basic details. */
632 skb_put(skb,len);
633 skb->h.raw = skb->data;
634 skb->free = 1;
635
636 /* Copy the original IP headers into the new buffer. */
637 ptr = (unsigned char *) skb->h.raw;
638 memcpy(ptr, ((unsigned char *) qp->iph), qp->ihlen);
639 ptr += qp->ihlen;
640
641 count = 0;
642
643 /* Copy the data portions of all fragments into the new buffer. */
644 fp = qp->fragments;
645 while(fp != NULL)
646 {
647 if(count+fp->len > skb->len)
648 {
649 NETDEBUG(printk("Invalid fragment list: Fragment over size.\n"));
650 ip_free(qp);
651 kfree_skb(skb,FREE_WRITE);
652 ip_statistics.IpReasmFails++;
653 return NULL;
654 }
655 memcpy((ptr + fp->offset), fp->ptr, fp->len);
656 count += fp->len;
657 fp = fp->next;
658 }
659
660 /* We glued together all fragments, so remove the queue entry. */
661 ip_free(qp);
662
663 /* Done with all fragments. Fixup the new IP header. */
664 iph = skb->h.iph;
665 iph->frag_off = 0;
666 iph->tot_len = htons((iph->ihl * 4) + count);
667 skb->ip_hdr = iph;
668
669 ip_statistics.IpReasmOKs++;
670 return(skb);
671 }
672
673
674 /*
675 * Process an incoming IP datagram fragment.
676 */
677
678 static struct sk_buff *ip_defrag(struct iphdr *iph, struct sk_buff *skb, struct device *dev)
/* */
679 {
680 struct ipfrag *prev, *next, *tmp;
681 struct ipfrag *tfp;
682 struct ipq *qp;
683 struct sk_buff *skb2;
684 unsigned char *ptr;
685 int flags, offset;
686 int i, ihl, end;
687
688 ip_statistics.IpReasmReqds++;
689
690 /* Find the entry of this IP datagram in the "incomplete datagrams" queue. */
691 qp = ip_find(iph);
692
693 /* Is this a non-fragmented datagram? */
694 offset = ntohs(iph->frag_off);
695 flags = offset & ~IP_OFFSET;
696 offset &= IP_OFFSET;
697 if (((flags & IP_MF) == 0) && (offset == 0))
698 {
699 if (qp != NULL)
700 ip_free(qp); /* Huh? How could this exist?? */
701 return(skb);
702 }
703
704 offset <<= 3; /* offset is in 8-byte chunks */
705
706 /*
707 * If the queue already existed, keep restarting its timer as long
708 * as we still are receiving fragments. Otherwise, create a fresh
709 * queue entry.
710 */
711
712 if (qp != NULL)
713 {
714 del_timer(&qp->timer);
715 qp->timer.expires = jiffies + IP_FRAG_TIME; /* about 30 seconds */
716 qp->timer.data = (unsigned long) qp; /* pointer to queue */
717 qp->timer.function = ip_expire; /* expire function */
718 add_timer(&qp->timer);
719 }
720 else
721 {
722 /*
723 * If we failed to create it, then discard the frame
724 */
725 if ((qp = ip_create(skb, iph, dev)) == NULL)
726 {
727 skb->sk = NULL;
728 kfree_skb(skb, FREE_READ);
729 ip_statistics.IpReasmFails++;
730 return NULL;
731 }
732 }
733
734 /*
735 * Determine the position of this fragment.
736 */
737
738 ihl = iph->ihl * 4;
739 end = offset + ntohs(iph->tot_len) - ihl;
740
741 /*
742 * Point into the IP datagram 'data' part.
743 */
744
745 ptr = skb->data + ihl;
746
747 /*
748 * Is this the final fragment?
749 */
750
751 if ((flags & IP_MF) == 0)
752 qp->len = end;
753
754 /*
755 * Find out which fragments are in front and at the back of us
756 * in the chain of fragments so far. We must know where to put
757 * this fragment, right?
758 */
759
760 prev = NULL;
761 for(next = qp->fragments; next != NULL; next = next->next)
762 {
763 if (next->offset > offset)
764 break; /* bingo! */
765 prev = next;
766 }
767
768 /*
769 * We found where to put this one.
770 * Check for overlap with preceding fragment, and, if needed,
771 * align things so that any overlaps are eliminated.
772 */
773 if (prev != NULL && offset < prev->end)
774 {
775 i = prev->end - offset;
776 offset += i; /* ptr into datagram */
777 ptr += i; /* ptr into fragment data */
778 }
779
780 /*
781 * Look for overlap with succeeding segments.
782 * If we can merge fragments, do it.
783 */
784
785 for(tmp=next; tmp != NULL; tmp = tfp)
786 {
787 tfp = tmp->next;
788 if (tmp->offset >= end)
789 break; /* no overlaps at all */
790
791 i = end - next->offset; /* overlap is 'i' bytes */
792 tmp->len -= i; /* so reduce size of */
793 tmp->offset += i; /* next fragment */
794 tmp->ptr += i;
795 /*
796 * If we get a frag size of <= 0, remove it and the packet
797 * that it goes with.
798 */
799 if (tmp->len <= 0)
800 {
801 if (tmp->prev != NULL)
802 tmp->prev->next = tmp->next;
803 else
804 qp->fragments = tmp->next;
805
806 if (tfp->next != NULL)
807 tmp->next->prev = tmp->prev;
808
809 next=tfp; /* We have killed the original next frame */
810
811 kfree_skb(tmp->skb,FREE_READ);
812 kfree_s(tmp, sizeof(struct ipfrag));
813 }
814 }
815
816 /*
817 * Insert this fragment in the chain of fragments.
818 */
819
820 tfp = NULL;
821 tfp = ip_frag_create(offset, end, skb, ptr);
822
823 /*
824 * No memory to save the fragment - so throw the lot
825 */
826
827 if (!tfp)
828 {
829 skb->sk = NULL;
830 kfree_skb(skb, FREE_READ);
831 return NULL;
832 }
833 tfp->prev = prev;
834 tfp->next = next;
835 if (prev != NULL)
836 prev->next = tfp;
837 else
838 qp->fragments = tfp;
839
840 if (next != NULL)
841 next->prev = tfp;
842
843 /*
844 * OK, so we inserted this new fragment into the chain.
845 * Check if we now have a full IP datagram which we can
846 * bump up to the IP layer...
847 */
848
849 if (ip_done(qp))
850 {
851 skb2 = ip_glue(qp); /* glue together the fragments */
852 return(skb2);
853 }
854 return(NULL);
855 }
856
857
858 /*
859 * This IP datagram is too large to be sent in one piece. Break it up into
860 * smaller pieces (each of size equal to the MAC header plus IP header plus
861 * a block of the data of the original IP data part) that will yet fit in a
862 * single device frame, and queue such a frame for sending by calling the
863 * ip_queue_xmit(). Note that this is recursion, and bad things will happen
864 * if this function causes a loop...
865 *
866 * Yes this is inefficient, feel free to submit a quicker one.
867 *
868 * **Protocol Violation**
869 * We copy all the options to each fragment. !FIXME!
870 */
871
872 void ip_fragment(struct sock *sk, struct sk_buff *skb, struct device *dev, int is_frag)
/* */
873 {
874 struct iphdr *iph;
875 unsigned char *raw;
876 unsigned char *ptr;
877 struct sk_buff *skb2;
878 int left, mtu, hlen, len;
879 int offset;
880 unsigned long flags;
881
882 /*
883 * Point into the IP datagram header.
884 */
885
886 raw = skb->data;
887 #if 0
888 iph = (struct iphdr *) (raw + dev->hard_header_len);
889 skb->ip_hdr = iph;
890 #else
891 iph = skb->ip_hdr;
892 #endif
893
894 /*
895 * Setup starting values.
896 */
897
898 hlen = iph->ihl * 4;
899 left = ntohs(iph->tot_len) - hlen; /* Space per frame */
900 hlen += dev->hard_header_len; /* Total header size */
901 mtu = (dev->mtu - hlen); /* Size of data space */
902 ptr = (raw + hlen); /* Where to start from */
903
904 /*
905 * Check for any "DF" flag. [DF means do not fragment]
906 */
907
908 if (ntohs(iph->frag_off) & IP_DF)
909 {
910 /*
911 * Reply giving the MTU of the failed hop.
912 */
913 ip_statistics.IpFragFails++;
914 icmp_send(skb,ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, dev->mtu, dev);
915 return;
916 }
917
918 /*
919 * The protocol doesn't seem to say what to do in the case that the
920 * frame + options doesn't fit the mtu. As it used to fall down dead
921 * in this case we were fortunate it didn't happen
922 */
923
924 if(mtu<8)
925 {
926 /* It's wrong but it's better than nothing */
927 icmp_send(skb,ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED,dev->mtu, dev);
928 ip_statistics.IpFragFails++;
929 return;
930 }
931
932 /*
933 * Fragment the datagram.
934 */
935
936 /*
937 * The initial offset is 0 for a complete frame. When
938 * fragmenting fragments it's wherever this one starts.
939 */
940
941 if (is_frag & 2)
942 offset = (ntohs(iph->frag_off) & IP_OFFSET) << 3;
943 else
944 offset = 0;
945
946
947 /*
948 * Keep copying data until we run out.
949 */
950
951 while(left > 0)
952 {
953 len = left;
954 /* IF: it doesn't fit, use 'mtu' - the data space left */
955 if (len > mtu)
956 len = mtu;
957 /* IF: we are not sending upto and including the packet end
958 then align the next start on an eight byte boundary */
959 if (len < left)
960 {
961 len/=8;
962 len*=8;
963 }
964 /*
965 * Allocate buffer.
966 */
967
968 if ((skb2 = alloc_skb(len + hlen+15,GFP_ATOMIC)) == NULL)
969 {
970 NETDEBUG(printk("IP: frag: no memory for new fragment!\n"));
971 ip_statistics.IpFragFails++;
972 return;
973 }
974
975 /*
976 * Set up data on packet
977 */
978
979 skb2->arp = skb->arp;
980 if(skb->free==0)
981 printk("IP fragmenter: BUG free!=1 in fragmenter\n");
982 skb2->free = 1;
983 skb_put(skb2,len + hlen);
984 skb2->h.raw=(char *) skb2->data;
985 /*
986 * Charge the memory for the fragment to any owner
987 * it might possess
988 */
989
990 save_flags(flags);
991 if (sk)
992 {
993 cli();
994 sk->wmem_alloc += skb2->truesize;
995 skb2->sk=sk;
996 }
997 restore_flags(flags);
998 skb2->raddr = skb->raddr; /* For rebuild_header - must be here */
999
1000 /*
1001 * Copy the packet header into the new buffer.
1002 */
1003
1004 memcpy(skb2->h.raw, raw, hlen);
1005
1006 /*
1007 * Copy a block of the IP datagram.
1008 */
1009 memcpy(skb2->h.raw + hlen, ptr, len);
1010 left -= len;
1011
1012 skb2->h.raw+=dev->hard_header_len;
1013
1014 /*
1015 * Fill in the new header fields.
1016 */
1017 iph = (struct iphdr *)(skb2->h.raw/*+dev->hard_header_len*/);
1018 iph->frag_off = htons((offset >> 3));
1019 skb2->ip_hdr = iph;
1020 /*
1021 * Added AC : If we are fragmenting a fragment thats not the
1022 * last fragment then keep MF on each bit
1023 */
1024 if (left > 0 || (is_frag & 1))
1025 iph->frag_off |= htons(IP_MF);
1026 ptr += len;
1027 offset += len;
1028
1029 /*
1030 * Put this fragment into the sending queue.
1031 */
1032
1033 ip_statistics.IpFragCreates++;
1034
1035 ip_queue_xmit(sk, dev, skb2, 2);
1036 }
1037 ip_statistics.IpFragOKs++;
1038 }
1039
1040
1041
1042 #ifdef CONFIG_IP_FORWARD
1043
1044 /*
1045 * Forward an IP datagram to its next destination.
1046 */
1047
1048 int ip_forward(struct sk_buff *skb, struct device *dev, int is_frag, unsigned long target_addr, int target_strict)
/* */
1049 {
1050 struct device *dev2; /* Output device */
1051 struct iphdr *iph; /* Our header */
1052 struct sk_buff *skb2; /* Output packet */
1053 struct rtable *rt; /* Route we use */
1054 unsigned char *ptr; /* Data pointer */
1055 unsigned long raddr; /* Router IP address */
1056 #ifdef CONFIG_IP_FIREWALL
1057 int fw_res = 0; /* Forwarding result */
1058 #ifdef CONFIG_IP_MASQUERADE
1059 struct sk_buff *skb_in = skb; /* So we can remember if the masquerader did some swaps */
1060 #endif
1061
1062 /*
1063 * See if we are allowed to forward this.
1064 * Note: demasqueraded fragments are always 'back'warded.
1065 */
1066
1067
1068 if(!(is_frag&4))
1069 {
1070 fw_res=ip_fw_chk(skb->h.iph, dev, ip_fw_fwd_chain, ip_fw_fwd_policy, 0);
1071 switch (fw_res) {
1072 case 1:
1073 #ifdef CONFIG_IP_MASQUERADE
1074 case 2:
1075 #endif
1076 break;
1077 case -1:
1078 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0, dev);
1079 /* fall thru */
1080 default:
1081 return -1;
1082 }
1083 }
1084 #endif
1085 /*
1086 * According to the RFC, we must first decrease the TTL field. If
1087 * that reaches zero, we must reply an ICMP control message telling
1088 * that the packet's lifetime expired.
1089 *
1090 * Exception:
1091 * We may not generate an ICMP for an ICMP. icmp_send does the
1092 * enforcement of this so we can forget it here. It is however
1093 * sometimes VERY important.
1094 */
1095
1096 iph = skb->h.iph;
1097 iph->ttl--;
1098
1099 /*
1100 * Re-compute the IP header checksum.
1101 * This is inefficient. We know what has happened to the header
1102 * and could thus adjust the checksum as Phil Karn does in KA9Q
1103 */
1104
1105 iph->check = ntohs(iph->check) + 0x0100;
1106 if ((iph->check & 0xFF00) == 0)
1107 iph->check++; /* carry overflow */
1108 iph->check = htons(iph->check);
1109
1110 if (iph->ttl <= 0)
1111 {
1112 /* Tell the sender its packet died... */
1113 icmp_send(skb, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL, 0, dev);
1114 return -1;
1115 }
1116
1117 /*
1118 * OK, the packet is still valid. Fetch its destination address,
1119 * and give it to the IP sender for further processing.
1120 */
1121
1122 rt = ip_rt_route(target_addr, NULL, NULL);
1123 if (rt == NULL)
1124 {
1125 /*
1126 * Tell the sender its packet cannot be delivered. Again
1127 * ICMP is screened later.
1128 */
1129 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_NET_UNREACH, 0, dev);
1130 return -1;
1131 }
1132
1133
1134 /*
1135 * Gosh. Not only is the packet valid; we even know how to
1136 * forward it onto its final destination. Can we say this
1137 * is being plain lucky?
1138 * If the router told us that there is no GW, use the dest.
1139 * IP address itself- we seem to be connected directly...
1140 */
1141
1142 raddr = rt->rt_gateway;
1143
1144 if (raddr != 0)
1145 {
1146 /*
1147 * Strict routing permits no gatewaying
1148 */
1149
1150 if(target_strict)
1151 {
1152 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_SR_FAILED, 0, dev);
1153 return -1;
1154 }
1155
1156 /*
1157 * There is a gateway so find the correct route for it.
1158 * Gateways cannot in turn be gatewayed.
1159 */
1160
1161 rt = ip_rt_route(raddr, NULL, NULL);
1162 if (rt == NULL)
1163 {
1164 /*
1165 * Tell the sender its packet cannot be delivered...
1166 */
1167 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0, dev);
1168 return -1;
1169 }
1170 if (rt->rt_gateway != 0)
1171 raddr = rt->rt_gateway;
1172 }
1173 else
1174 raddr = target_addr;
1175
1176 /*
1177 * Having picked a route we can now send the frame out.
1178 */
1179
1180 dev2 = rt->rt_dev;
1181
1182 /*
1183 * In IP you never have to forward a frame on the interface that it
1184 * arrived upon. We now generate an ICMP HOST REDIRECT giving the route
1185 * we calculated.
1186 */
1187 #ifndef CONFIG_IP_NO_ICMP_REDIRECT
1188 if (dev == dev2 && !((iph->saddr^iph->daddr)&dev->pa_mask) && (rt->rt_flags&RTF_MODIFIED))
1189 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, raddr, dev);
1190 #endif
1191
1192 /*
1193 * We now may allocate a new buffer, and copy the datagram into it.
1194 * If the indicated interface is up and running, kick it.
1195 */
1196
1197 if (dev2->flags & IFF_UP)
1198 {
1199 #ifdef CONFIG_IP_MASQUERADE
1200 /*
1201 * If this fragment needs masquerading, make it so...
1202 * (Dont masquerade de-masqueraded fragments)
1203 */
1204 if (!(is_frag&4) && fw_res==2)
1205 ip_fw_masquerade(&skb, dev2);
1206 #endif
1207 IS_SKB(skb);
1208
1209 if(skb_headroom(skb)<dev2->hard_header_len)
1210 {
1211 skb2 = alloc_skb(dev2->hard_header_len + skb->len + 15, GFP_ATOMIC);
1212 IS_SKB(skb2);
1213
1214 /*
1215 * This is rare and since IP is tolerant of network failures
1216 * quite harmless.
1217 */
1218
1219 if (skb2 == NULL)
1220 {
1221 NETDEBUG(printk("\nIP: No memory available for IP forward\n"));
1222 return -1;
1223 }
1224
1225 /*
1226 * Add the physical headers.
1227 */
1228
1229 ip_send(skb2,raddr,skb->len,dev2,dev2->pa_addr);
1230
1231 /*
1232 * We have to copy the bytes over as the new header wouldn't fit
1233 * the old buffer. This should be very rare.
1234 */
1235
1236 ptr = skb_put(skb2,skb->len);
1237 skb2->free = 1;
1238 skb2->h.raw = ptr;
1239
1240 /*
1241 * Copy the packet data into the new buffer.
1242 */
1243 memcpy(ptr, skb->h.raw, skb->len);
1244 }
1245 else
1246 {
1247 /*
1248 * Build a new MAC header.
1249 */
1250
1251 skb2 = skb;
1252 skb2->dev=dev2;
1253 skb->arp=1;
1254 skb->raddr=raddr;
1255 if(dev2->hard_header)
1256 {
1257 if(dev2->hard_header(skb, dev2, ETH_P_IP, NULL, NULL, skb->len)<0)
1258 skb->arp=0;
1259 }
1260 ip_statistics.IpForwDatagrams++;
1261 }
1262 /*
1263 * See if it needs fragmenting. Note in ip_rcv we tagged
1264 * the fragment type. This must be right so that
1265 * the fragmenter does the right thing.
1266 */
1267
1268 if(skb2->len > dev2->mtu + dev2->hard_header_len)
1269 {
1270 ip_fragment(NULL,skb2,dev2, is_frag);
1271 kfree_skb(skb2,FREE_WRITE);
1272 }
1273 else
1274 {
1275 #ifdef CONFIG_IP_ACCT
1276 /*
1277 * Count mapping we shortcut
1278 */
1279
1280 ip_fw_chk(iph,dev,ip_acct_chain,IP_FW_F_ACCEPT,1);
1281 #endif
1282
1283 /*
1284 * Map service types to priority. We lie about
1285 * throughput being low priority, but it's a good
1286 * choice to help improve general usage.
1287 */
1288 if(iph->tos & IPTOS_LOWDELAY)
1289 dev_queue_xmit(skb2, dev2, SOPRI_INTERACTIVE);
1290 else if(iph->tos & IPTOS_THROUGHPUT)
1291 dev_queue_xmit(skb2, dev2, SOPRI_BACKGROUND);
1292 else
1293 dev_queue_xmit(skb2, dev2, SOPRI_NORMAL);
1294 }
1295 }
1296 else
1297 return -1;
1298
1299 /*
1300 * Tell the caller if their buffer is free.
1301 */
1302
1303 if(skb==skb2)
1304 return 0;
1305
1306 #ifdef CONFIG_IP_MASQUERADE
1307 /*
1308 * The original is free. Free our copy and
1309 * tell the caller not to free.
1310 */
1311 if(skb!=skb_in)
1312 {
1313 kfree_skb(skb_in, FREE_WRITE);
1314 return 0;
1315 }
1316 #endif
1317 return 1;
1318 }
1319
1320
1321 #endif
1322
1323 /*
1324 * This function receives all incoming IP datagrams.
1325 *
1326 * On entry skb->data points to the start of the IP header and
1327 * the MAC header has been removed.
1328 */
1329
1330 int ip_rcv(struct sk_buff *skb, struct device *dev, struct packet_type *pt)
/* */
1331 {
1332 struct iphdr *iph = skb->h.iph;
1333 struct sock *raw_sk=NULL;
1334 unsigned char hash;
1335 unsigned char flag = 0;
1336 struct inet_protocol *ipprot;
1337 int brd=IS_MYADDR;
1338 unsigned long target_addr;
1339 int target_strict=0;
1340 int is_frag=0;
1341 #ifdef CONFIG_IP_FIREWALL
1342 int err;
1343 #endif
1344
1345 #ifdef CONFIG_NET_IPV6
1346 /*
1347 * Intercept IPv6 frames. We dump ST-II and invalid types just below..
1348 */
1349
1350 if(iph->version == 6)
1351 return ipv6_rcv(skb,dev,pt);
1352 #endif
1353
1354 ip_statistics.IpInReceives++;
1355
1356 /*
1357 * Tag the ip header of this packet so we can find it
1358 */
1359
1360 skb->ip_hdr = iph;
1361
1362 /*
1363 * RFC1122: 3.1.2.2 MUST silently discard any IP frame that fails the checksum.
1364 * RFC1122: 3.1.2.3 MUST discard a frame with invalid source address [NEEDS FIXING].
1365 *
1366 * Is the datagram acceptable?
1367 *
1368 * 1. Length at least the size of an ip header
1369 * 2. Version of 4
1370 * 3. Checksums correctly. [Speed optimisation for later, skip loopback checksums]
1371 * 4. Doesn't have a bogus length
1372 * (5. We ought to check for IP multicast addresses and undefined types.. does this matter ?)
1373 */
1374
1375 if (skb->len<sizeof(struct iphdr) || iph->ihl<5 || iph->version != 4 || ip_fast_csum((unsigned char *)iph, iph->ihl) !=0
1376 || skb->len < ntohs(iph->tot_len))
1377 {
1378 ip_statistics.IpInHdrErrors++;
1379 kfree_skb(skb, FREE_WRITE);
1380 return(0);
1381 }
1382
1383 /*
1384 * Our transport medium may have padded the buffer out. Now we know it
1385 * is IP we can trim to the true length of the frame.
1386 * Note this now means skb->len holds ntohs(iph->tot_len).
1387 */
1388
1389 skb_trim(skb,ntohs(iph->tot_len));
1390
1391 /*
1392 * See if the firewall wants to dispose of the packet.
1393 */
1394
1395 #ifdef CONFIG_IP_FIREWALL
1396
1397 if ((err=ip_fw_chk(iph,dev,ip_fw_blk_chain,ip_fw_blk_policy, 0))<1)
1398 {
1399 if(err==-1)
1400 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0, dev);
1401 kfree_skb(skb, FREE_WRITE);
1402 return 0;
1403 }
1404
1405 #endif
1406
1407
1408 /*
1409 * Next analyse the packet for options. Studies show under one packet in
1410 * a thousand have options....
1411 */
1412
1413 target_addr = iph->daddr;
1414
1415 if (iph->ihl != 5)
1416 {
1417 /* Humph.. options. Lots of annoying fiddly bits */
1418
1419 /*
1420 * This is straight from the RFC. It might even be right ;)
1421 *
1422 * RFC 1122: 3.2.1.8 STREAMID option is obsolete and MUST be ignored.
1423 * RFC 1122: 3.2.1.8 MUST NOT crash on a zero length option.
1424 * RFC 1122: 3.2.1.8 MUST support acting as final destination of a source route.
1425 */
1426
1427 int opt_space=4*(iph->ihl-5);
1428 int opt_size;
1429 unsigned char *opt_ptr=skb->h.raw+sizeof(struct iphdr);
1430
1431 skb->ip_summed=0; /* Our free checksum is bogus for this case */
1432
1433 while(opt_space>0)
1434 {
1435 if(*opt_ptr==IPOPT_NOOP)
1436 {
1437 opt_ptr++;
1438 opt_space--;
1439 continue;
1440 }
1441 if(*opt_ptr==IPOPT_END)
1442 break; /* Done */
1443 if(opt_space<2 || (opt_size=opt_ptr[1])<2 || opt_ptr[1]>opt_space)
1444 {
1445 /*
1446 * RFC 1122: 3.2.2.5 SHOULD send parameter problem reports.
1447 */
1448 icmp_send(skb, ICMP_PARAMETERPROB, 0, 0, skb->dev);
1449 kfree_skb(skb, FREE_READ);
1450 return -EINVAL;
1451 }
1452 switch(opt_ptr[0])
1453 {
1454 case IPOPT_SEC:
1455 /* Should we drop this ?? */
1456 break;
1457 case IPOPT_SSRR: /* These work almost the same way */
1458 target_strict=1;
1459 /* Fall through */
1460 case IPOPT_LSRR:
1461 #ifdef CONFIG_IP_NOSR
1462 kfree_skb(skb, FREE_READ);
1463 return -EINVAL;
1464 #endif
1465 case IPOPT_RR:
1466 /*
1467 * RFC 1122: 3.2.1.8 Support for RR is OPTIONAL.
1468 */
1469 if (iph->daddr!=skb->dev->pa_addr && (brd = ip_chk_addr(iph->daddr)) == 0)
1470 break;
1471 if((opt_size<3) || ( opt_ptr[0]==IPOPT_RR && opt_ptr[2] > opt_size-4 ))
1472 {
1473 if(ip_chk_addr(iph->daddr))
1474 icmp_send(skb, ICMP_PARAMETERPROB, 0, 0, skb->dev);
1475 kfree_skb(skb, FREE_READ);
1476 return -EINVAL;
1477 }
1478 if(opt_ptr[2] > opt_size-4 )
1479 break;
1480 /* Bytes are [IPOPT_xxRR][Length][EntryPointer][Entry0][Entry1].... */
1481 /* This isn't going to be too portable - FIXME */
1482 if(opt_ptr[0]!=IPOPT_RR)
1483 {
1484 int t;
1485 target_addr=*(u32 *)(&opt_ptr[opt_ptr[2]]); /* Get hop */
1486 t=ip_chk_addr(target_addr);
1487 if(t==IS_MULTICAST||t==IS_BROADCAST)
1488 {
1489 if(ip_chk_addr(iph->daddr))
1490 icmp_send(skb, ICMP_PARAMETERPROB, 0, 0, skb->dev);
1491 kfree_skb(skb,FREE_READ);
1492 return -EINVAL;
1493 }
1494 }
1495 *(u32 *)(&opt_ptr[opt_ptr[2]])=skb->dev->pa_addr; /* Record hop */
1496 break;
1497 case IPOPT_TIMESTAMP:
1498 /*
1499 * RFC 1122: 3.2.1.8 The timestamp option is OPTIONAL but if implemented
1500 * MUST meet various rules (read the spec).
1501 */
1502 NETDEBUG(printk("ICMP: Someone finish the timestamp routine ;)\n"));
1503 break;
1504 default:
1505 break;
1506 }
1507 opt_ptr+=opt_size;
1508 opt_space-=opt_size;
1509 }
1510
1511 }
1512
1513
1514 /*
1515 * Remember if the frame is fragmented.
1516 */
1517
1518 if(iph->frag_off)
1519 {
1520 if (iph->frag_off & htons(IP_MF))
1521 is_frag|=1;
1522 /*
1523 * Last fragment ?
1524 */
1525
1526 if (iph->frag_off & htons(IP_OFFSET))
1527 is_frag|=2;
1528 }
1529
1530 /*
1531 * Do any IP forwarding required. chk_addr() is expensive -- avoid it someday.
1532 *
1533 * This is inefficient. While finding out if it is for us we could also compute
1534 * the routing table entry. This is where the great unified cache theory comes
1535 * in as and when someone implements it
1536 *
1537 * For most hosts over 99% of packets match the first conditional
1538 * and don't go via ip_chk_addr. Note: brd is set to IS_MYADDR at
1539 * function entry.
1540 */
1541
1542 if ( iph->daddr == skb->dev->pa_addr || (brd = ip_chk_addr(iph->daddr)) != 0)
1543 {
1544 #ifdef CONFIG_IP_MULTICAST
1545 if(!(dev->flags&IFF_ALLMULTI) && brd==IS_MULTICAST && iph->daddr!=IGMP_ALL_HOSTS && !(dev->flags&IFF_LOOPBACK))
1546 {
1547 /*
1548 * Check it is for one of our groups
1549 */
1550 struct ip_mc_list *ip_mc=dev->ip_mc_list;
1551 do
1552 {
1553 if(ip_mc==NULL)
1554 {
1555 kfree_skb(skb, FREE_WRITE);
1556 return 0;
1557 }
1558 if(ip_mc->multiaddr==iph->daddr)
1559 break;
1560 ip_mc=ip_mc->next;
1561 }
1562 while(1);
1563 }
1564 #endif
1565
1566 #ifdef CONFIG_IP_MASQUERADE
1567 /*
1568 * Do we need to de-masquerade this fragment?
1569 */
1570 if (ip_fw_demasquerade(skb))
1571 {
1572 struct iphdr *iph=skb->h.iph;
1573 if(ip_forward(skb, dev, is_frag|4, iph->daddr, 0))
1574 kfree_skb(skb, FREE_WRITE);
1575 return(0);
1576 }
1577 #endif
1578
1579 /*
1580 * Account for the packet
1581 */
1582
1583 #ifdef CONFIG_IP_ACCT
1584 ip_fw_chk(iph,dev,ip_acct_chain,IP_FW_F_ACCEPT,1);
1585 #endif
1586
1587 /*
1588 * Reassemble IP fragments.
1589 */
1590
1591 if(is_frag)
1592 {
1593 /* Defragment. Obtain the complete packet if there is one */
1594 skb=ip_defrag(iph,skb,dev);
1595 if(skb==NULL)
1596 return 0;
1597 skb->dev = dev;
1598 iph=skb->h.iph;
1599 }
1600
1601 /*
1602 * Point into the IP datagram, just past the header.
1603 */
1604
1605 skb->ip_hdr = iph;
1606 skb->h.raw += iph->ihl*4;
1607
1608 /*
1609 * Deliver to raw sockets. This is fun as to avoid copies we want to make no surplus copies.
1610 *
1611 * RFC 1122: SHOULD pass TOS value up to the transport layer.
1612 */
1613
1614 hash = iph->protocol & (SOCK_ARRAY_SIZE-1);
1615
1616 /*
1617 * If there maybe a raw socket we must check - if not we don't care less
1618 */
1619
1620 if((raw_sk=raw_prot.sock_array[hash])!=NULL)
1621 {
1622 struct sock *sknext=NULL;
1623 struct sk_buff *skb1;
1624 raw_sk=get_sock_raw(raw_sk, iph->protocol, iph->saddr, iph->daddr);
1625 if(raw_sk) /* Any raw sockets */
1626 {
1627 do
1628 {
1629 /* Find the next */
1630 sknext=get_sock_raw(raw_sk->next, iph->protocol, iph->saddr, iph->daddr);
1631 if(sknext)
1632 skb1=skb_clone(skb, GFP_ATOMIC);
1633 else
1634 break; /* One pending raw socket left */
1635 if(skb1)
1636 raw_rcv(raw_sk, skb1, dev, iph->saddr,iph->daddr);
1637 raw_sk=sknext;
1638 }
1639 while(raw_sk!=NULL);
1640
1641 /*
1642 * Here either raw_sk is the last raw socket, or NULL if none
1643 */
1644
1645 /*
1646 * We deliver to the last raw socket AFTER the protocol checks as it avoids a surplus copy
1647 */
1648 }
1649 }
1650
1651 /*
1652 * skb->h.raw now points at the protocol beyond the IP header.
1653 */
1654
1655 hash = iph->protocol & (MAX_INET_PROTOS -1);
1656 for (ipprot = (struct inet_protocol *)inet_protos[hash];ipprot != NULL;ipprot=(struct inet_protocol *)ipprot->next)
1657 {
1658 struct sk_buff *skb2;
1659
1660 if (ipprot->protocol != iph->protocol)
1661 continue;
1662 /*
1663 * See if we need to make a copy of it. This will
1664 * only be set if more than one protocol wants it.
1665 * and then not for the last one. If there is a pending
1666 * raw delivery wait for that
1667 */
1668
1669 if (ipprot->copy || raw_sk)
1670 {
1671 skb2 = skb_clone(skb, GFP_ATOMIC);
1672 if(skb2==NULL)
1673 continue;
1674 }
1675 else
1676 {
1677 skb2 = skb;
1678 }
1679 flag = 1;
1680
1681 /*
1682 * Pass on the datagram to each protocol that wants it,
1683 * based on the datagram protocol. We should really
1684 * check the protocol handler's return values here...
1685 */
1686
1687 ipprot->handler(skb2, dev, NULL, iph->daddr,
1688 (ntohs(iph->tot_len) - (iph->ihl * 4)),
1689 iph->saddr, 0, ipprot);
1690
1691 }
1692
1693 /*
1694 * All protocols checked.
1695 * If this packet was a broadcast, we may *not* reply to it, since that
1696 * causes (proven, grin) ARP storms and a leakage of memory (i.e. all
1697 * ICMP reply messages get queued up for transmission...)
1698 */
1699
1700 if(raw_sk!=NULL) /* Shift to last raw user */
1701 raw_rcv(raw_sk, skb, dev, iph->saddr, iph->daddr);
1702 else if (!flag) /* Free and report errors */
1703 {
1704 if (brd != IS_BROADCAST && brd!=IS_MULTICAST)
1705 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, 0, dev);
1706 kfree_skb(skb, FREE_WRITE);
1707 }
1708
1709 return(0);
1710 }
1711
1712 /*
1713 * Do any IP forwarding required.
1714 */
1715
1716 /*
1717 * Don't forward multicast or broadcast frames.
1718 */
1719
1720 if(skb->pkt_type!=PACKET_HOST || brd==IS_BROADCAST)
1721 {
1722 kfree_skb(skb,FREE_WRITE);
1723 return 0;
1724 }
1725
1726 /*
1727 * The packet is for another target. Forward the frame
1728 */
1729
1730 #ifdef CONFIG_IP_FORWARD
1731 if(ip_forward(skb, dev, is_frag, target_addr, target_strict))
1732 kfree_skb(skb, FREE_WRITE);
1733 #else
1734 /* printk("Machine %lx tried to use us as a forwarder to %lx but we have forwarding disabled!\n",
1735 iph->saddr,iph->daddr);*/
1736 ip_statistics.IpInAddrErrors++;
1737 kfree_skb(skb, FREE_WRITE);
1738 #endif
1739 return(0);
1740 }
1741
1742
1743 /*
1744 * Loop a packet back to the sender.
1745 */
1746
1747 static void ip_loopback(struct device *old_dev, struct sk_buff *skb)
/* */
1748 {
1749 struct device *dev=&loopback_dev;
1750 int len=ntohs(skb->ip_hdr->tot_len);
1751 struct sk_buff *newskb=dev_alloc_skb(len+dev->hard_header_len+15);
1752
1753 if(newskb==NULL)
1754 return;
1755
1756 newskb->link3=NULL;
1757 newskb->sk=NULL;
1758 newskb->dev=dev;
1759 newskb->saddr=skb->saddr;
1760 newskb->daddr=skb->daddr;
1761 newskb->raddr=skb->raddr;
1762 newskb->free=1;
1763 newskb->lock=0;
1764 newskb->users=0;
1765 newskb->pkt_type=skb->pkt_type;
1766
1767 /*
1768 * Put a MAC header on the packet
1769 */
1770 ip_send(newskb, skb->ip_hdr->daddr, len, dev, skb->ip_hdr->saddr);
1771 /*
1772 * Add the rest of the data space.
1773 */
1774 newskb->ip_hdr=(struct iphdr *)skb_put(newskb, len);
1775 /*
1776 * Copy the data
1777 */
1778 memcpy(newskb->ip_hdr,skb->ip_hdr,len);
1779
1780 /* Recurse. The device check against IFF_LOOPBACK will stop infinite recursion */
1781
1782 /*printk("Loopback output queued [%lX to %lX].\n", newskb->ip_hdr->saddr,newskb->ip_hdr->daddr);*/
1783 ip_queue_xmit(NULL, dev, newskb, 1);
1784 }
1785
1786
1787 /*
1788 * Queues a packet to be sent, and starts the transmitter
1789 * if necessary. if free = 1 then we free the block after
1790 * transmit, otherwise we don't. If free==2 we not only
1791 * free the block but also don't assign a new ip seq number.
1792 * This routine also needs to put in the total length,
1793 * and compute the checksum
1794 */
1795
1796 void ip_queue_xmit(struct sock *sk, struct device *dev,
/* */
1797 struct sk_buff *skb, int free)
1798 {
1799 struct iphdr *iph;
1800 /* unsigned char *ptr;*/
1801
1802 /* Sanity check */
1803 if (dev == NULL)
1804 {
1805 NETDEBUG(printk("IP: ip_queue_xmit dev = NULL\n"));
1806 return;
1807 }
1808
1809 IS_SKB(skb);
1810
1811 /*
1812 * Do some book-keeping in the packet for later
1813 */
1814
1815
1816 skb->dev = dev;
1817 skb->when = jiffies;
1818
1819 /*
1820 * Find the IP header and set the length. This is bad
1821 * but once we get the skb data handling code in the
1822 * hardware will push its header sensibly and we will
1823 * set skb->ip_hdr to avoid this mess and the fixed
1824 * header length problem
1825 */
1826
1827 #if 0
1828 ptr = skb->data;
1829 ptr += dev->hard_header_len;
1830 iph = (struct iphdr *)ptr;
1831 skb->ip_hdr = iph;
1832 #else
1833 iph = skb->ip_hdr;
1834 #endif
1835 iph->tot_len = ntohs(skb->len-(((unsigned char *)iph)-skb->data));
1836
1837 #ifdef CONFIG_IP_FIREWALL
1838 if(ip_fw_chk(iph, dev, ip_fw_blk_chain, ip_fw_blk_policy, 0) < 1)
1839 /* just don't send this packet */
1840 return;
1841 #endif
1842
1843 /*
1844 * No reassigning numbers to fragments...
1845 */
1846
1847 if(free!=2)
1848 iph->id = htons(ip_id_count++);
1849 else
1850 free=1;
1851
1852 /* All buffers without an owner socket get freed */
1853 if (sk == NULL)
1854 free = 1;
1855
1856 skb->free = free;
1857
1858 /*
1859 * Do we need to fragment. Again this is inefficient.
1860 * We need to somehow lock the original buffer and use
1861 * bits of it.
1862 */
1863
1864 if(ntohs(iph->tot_len)> dev->mtu)
1865 {
1866 ip_fragment(sk,skb,dev,0);
1867 IS_SKB(skb);
1868 kfree_skb(skb,FREE_WRITE);
1869 return;
1870 }
1871
1872 /*
1873 * Add an IP checksum
1874 */
1875
1876 ip_send_check(iph);
1877
1878 /*
1879 * Print the frame when debugging
1880 */
1881
1882 /*
1883 * More debugging. You cannot queue a packet already on a list
1884 * Spot this and moan loudly.
1885 */
1886 if (skb->next != NULL)
1887 {
1888 NETDEBUG(printk("ip_queue_xmit: next != NULL\n"));
1889 skb_unlink(skb);
1890 }
1891
1892 /*
1893 * If a sender wishes the packet to remain unfreed
1894 * we add it to his send queue. This arguably belongs
1895 * in the TCP level since nobody else uses it. BUT
1896 * remember IPng might change all the rules.
1897 */
1898
1899 if (!free)
1900 {
1901 unsigned long flags;
1902 /* The socket now has more outstanding blocks */
1903
1904 sk->packets_out++;
1905
1906 /* Protect the list for a moment */
1907 save_flags(flags);
1908 cli();
1909
1910 if (skb->link3 != NULL)
1911 {
1912 NETDEBUG(printk("ip.c: link3 != NULL\n"));
1913 skb->link3 = NULL;
1914 }
1915 if (sk->send_head == NULL)
1916 {
1917 sk->send_tail = skb;
1918 sk->send_head = skb;
1919 }
1920 else
1921 {
1922 sk->send_tail->link3 = skb;
1923 sk->send_tail = skb;
1924 }
1925 /* skb->link3 is NULL */
1926
1927 /* Interrupt restore */
1928 restore_flags(flags);
1929 }
1930 else
1931 /* Remember who owns the buffer */
1932 skb->sk = sk;
1933
1934 /*
1935 * If the indicated interface is up and running, send the packet.
1936 */
1937
1938 ip_statistics.IpOutRequests++;
1939 #ifdef CONFIG_IP_ACCT
1940 ip_fw_chk(iph,dev,ip_acct_chain,IP_FW_F_ACCEPT,1);
1941 #endif
1942
1943 #ifdef CONFIG_IP_MULTICAST
1944
1945 /*
1946 * Multicasts are looped back for other local users
1947 */
1948
1949 if (MULTICAST(iph->daddr) && !(dev->flags&IFF_LOOPBACK))
1950 {
1951 if(sk==NULL || sk->ip_mc_loop)
1952 {
1953 if(iph->daddr==IGMP_ALL_HOSTS || (dev->flags&IFF_ALLMULTI))
1954 {
1955 ip_loopback(dev,skb);
1956 }
1957 else
1958 {
1959 struct ip_mc_list *imc=dev->ip_mc_list;
1960 while(imc!=NULL)
1961 {
1962 if(imc->multiaddr==iph->daddr)
1963 {
1964 ip_loopback(dev,skb);
1965 break;
1966 }
1967 imc=imc->next;
1968 }
1969 }
1970 }
1971 /* Multicasts with ttl 0 must not go beyond the host */
1972
1973 if(skb->ip_hdr->ttl==0)
1974 {
1975 kfree_skb(skb, FREE_READ);
1976 return;
1977 }
1978 }
1979 #endif
1980 if((dev->flags&IFF_BROADCAST) && (iph->daddr==dev->pa_brdaddr||iph->daddr==0xFFFFFFFF) && !(dev->flags&IFF_LOOPBACK))
1981 ip_loopback(dev,skb);
1982
1983 if (dev->flags & IFF_UP)
1984 {
1985 /*
1986 * If we have an owner use its priority setting,
1987 * otherwise use NORMAL
1988 */
1989
1990 if (sk != NULL)
1991 {
1992 dev_queue_xmit(skb, dev, sk->priority);
1993 }
1994 else
1995 {
1996 dev_queue_xmit(skb, dev, SOPRI_NORMAL);
1997 }
1998 }
1999 else
2000 {
2001 if(sk)
2002 sk->err = ENETDOWN;
2003 ip_statistics.IpOutDiscards++;
2004 if (free)
2005 kfree_skb(skb, FREE_WRITE);
2006 }
2007 }
2008
2009
2010
2011 #ifdef CONFIG_IP_MULTICAST
2012
2013 /*
2014 * Write an multicast group list table for the IGMP daemon to
2015 * read.
2016 */
2017
2018 int ip_mc_procinfo(char *buffer, char **start, off_t offset, int length, int dummy)
/* */
2019 {
2020 off_t pos=0, begin=0;
2021 struct ip_mc_list *im;
2022 unsigned long flags;
2023 int len=0;
2024 struct device *dev;
2025
2026 len=sprintf(buffer,"Device : Count\tGroup Users Timer\n");
2027 save_flags(flags);
2028 cli();
2029
2030 for(dev = dev_base; dev; dev = dev->next)
2031 {
2032 if((dev->flags&IFF_UP)&&(dev->flags&IFF_MULTICAST))
2033 {
2034 len+=sprintf(buffer+len,"%-10s: %5d\n",
2035 dev->name, dev->mc_count);
2036 for(im = dev->ip_mc_list; im; im = im->next)
2037 {
2038 len+=sprintf(buffer+len,
2039 "\t\t\t%08lX %5d %d:%08lX\n",
2040 im->multiaddr, im->users,
2041 im->tm_running, im->timer.expires-jiffies);
2042 pos=begin+len;
2043 if(pos<offset)
2044 {
2045 len=0;
2046 begin=pos;
2047 }
2048 if(pos>offset+length)
2049 break;
2050 }
2051 }
2052 }
2053 restore_flags(flags);
2054 *start=buffer+(offset-begin);
2055 len-=(offset-begin);
2056 if(len>length)
2057 len=length;
2058 return len;
2059 }
2060
2061
2062 /*
2063 * Socket option code for IP. This is the end of the line after any TCP,UDP etc options on
2064 * an IP socket.
2065 *
2066 * We implement IP_TOS (type of service), IP_TTL (time to live).
2067 *
2068 * Next release we will sort out IP_OPTIONS since for some people are kind of important.
2069 */
2070
2071 static struct device *ip_mc_find_devfor(unsigned long addr)
/* */
2072 {
2073 struct device *dev;
2074 for(dev = dev_base; dev; dev = dev->next)
2075 {
2076 if((dev->flags&IFF_UP)&&(dev->flags&IFF_MULTICAST)&&
2077 (dev->pa_addr==addr))
2078 return dev;
2079 }
2080
2081 return NULL;
2082 }
2083
2084 #endif
2085
2086 int ip_setsockopt(struct sock *sk, int level, int optname, char *optval, int optlen)
/* */
2087 {
2088 int val,err;
2089 unsigned char ucval;
2090 #if defined(CONFIG_IP_FIREWALL) || defined(CONFIG_IP_ACCT)
2091 struct ip_fw tmp_fw;
2092 #endif
2093 if (optval == NULL)
2094 {
2095 val=0;
2096 ucval=0;
2097 }
2098 else
2099 {
2100 err=verify_area(VERIFY_READ, optval, sizeof(int));
2101 if(err)
2102 return err;
2103 val = get_user((int *) optval);
2104 ucval=get_user((unsigned char *) optval);
2105 }
2106
2107 if(level!=SOL_IP)
2108 return -EOPNOTSUPP;
2109 #ifdef CONFIG_IP_MROUTE
2110 if(optname>=MRT_BASE && optname <=MRT_BASE+10)
2111 {
2112 return ip_mroute_setsockopt(sk,optname,optval,optlen);
2113 }
2114 #endif
2115
2116 switch(optname)
2117 {
2118 case IP_TOS:
2119 if(val<0||val>255)
2120 return -EINVAL;
2121 sk->ip_tos=val;
2122 if(val==IPTOS_LOWDELAY)
2123 sk->priority=SOPRI_INTERACTIVE;
2124 if(val==IPTOS_THROUGHPUT)
2125 sk->priority=SOPRI_BACKGROUND;
2126 return 0;
2127 case IP_TTL:
2128 if(val<1||val>255)
2129 return -EINVAL;
2130 sk->ip_ttl=val;
2131 return 0;
2132 case IP_HDRINCL:
2133 if(sk->type!=SOCK_RAW)
2134 return -ENOPROTOOPT;
2135 sk->ip_hdrincl=val?1:0;
2136 return 0;
2137 #ifdef CONFIG_IP_MULTICAST
2138 case IP_MULTICAST_TTL:
2139 {
2140 sk->ip_mc_ttl=(int)ucval;
2141 return 0;
2142 }
2143 case IP_MULTICAST_LOOP:
2144 {
2145 if(ucval!=0 && ucval!=1)
2146 return -EINVAL;
2147 sk->ip_mc_loop=(int)ucval;
2148 return 0;
2149 }
2150 case IP_MULTICAST_IF:
2151 {
2152 struct in_addr addr;
2153 struct device *dev=NULL;
2154
2155 /*
2156 * Check the arguments are allowable
2157 */
2158
2159 err=verify_area(VERIFY_READ, optval, sizeof(addr));
2160 if(err)
2161 return err;
2162
2163 memcpy_fromfs(&addr,optval,sizeof(addr));
2164
2165
2166 /*
2167 * What address has been requested
2168 */
2169
2170 if(addr.s_addr==INADDR_ANY) /* Default */
2171 {
2172 sk->ip_mc_name[0]=0;
2173 return 0;
2174 }
2175
2176 /*
2177 * Find the device
2178 */
2179
2180 dev=ip_mc_find_devfor(addr.s_addr);
2181
2182 /*
2183 * Did we find one
2184 */
2185
2186 if(dev)
2187 {
2188 strcpy(sk->ip_mc_name,dev->name);
2189 return 0;
2190 }
2191 return -EADDRNOTAVAIL;
2192 }
2193
2194 case IP_ADD_MEMBERSHIP:
2195 {
2196
2197 /*
2198 * FIXME: Add/Del membership should have a semaphore protecting them from re-entry
2199 */
2200 struct ip_mreq mreq;
2201 unsigned long route_src;
2202 struct rtable *rt;
2203 struct device *dev=NULL;
2204
2205 /*
2206 * Check the arguments.
2207 */
2208
2209 err=verify_area(VERIFY_READ, optval, sizeof(mreq));
2210 if(err)
2211 return err;
2212
2213 memcpy_fromfs(&mreq,optval,sizeof(mreq));
2214
2215 /*
2216 * Get device for use later
2217 */
2218
2219 if(mreq.imr_interface.s_addr==INADDR_ANY)
2220 {
2221 /*
2222 * Not set so scan.
2223 */
2224 if((rt=ip_rt_route(mreq.imr_multiaddr.s_addr,NULL, &route_src))!=NULL)
2225 {
2226 dev=rt->rt_dev;
2227 rt->rt_use--;
2228 }
2229 }
2230 else
2231 {
2232 /*
2233 * Find a suitable device.
2234 */
2235
2236 dev=ip_mc_find_devfor(mreq.imr_interface.s_addr);
2237 }
2238
2239 /*
2240 * No device, no cookies.
2241 */
2242
2243 if(!dev)
2244 return -ENODEV;
2245
2246 /*
2247 * Join group.
2248 */
2249
2250 return ip_mc_join_group(sk,dev,mreq.imr_multiaddr.s_addr);
2251 }
2252
2253 case IP_DROP_MEMBERSHIP:
2254 {
2255 struct ip_mreq mreq;
2256 struct rtable *rt;
2257 unsigned long route_src;
2258 struct device *dev=NULL;
2259
2260 /*
2261 * Check the arguments
2262 */
2263
2264 err=verify_area(VERIFY_READ, optval, sizeof(mreq));
2265 if(err)
2266 return err;
2267
2268 memcpy_fromfs(&mreq,optval,sizeof(mreq));
2269
2270 /*
2271 * Get device for use later
2272 */
2273
2274 if(mreq.imr_interface.s_addr==INADDR_ANY)
2275 {
2276 if((rt=ip_rt_route(mreq.imr_multiaddr.s_addr,NULL, &route_src))!=NULL)
2277 {
2278 dev=rt->rt_dev;
2279 rt->rt_use--;
2280 }
2281 }
2282 else
2283 {
2284
2285 dev=ip_mc_find_devfor(mreq.imr_interface.s_addr);
2286 }
2287
2288 /*
2289 * Did we find a suitable device.
2290 */
2291
2292 if(!dev)
2293 return -ENODEV;
2294
2295 /*
2296 * Leave group
2297 */
2298
2299 return ip_mc_leave_group(sk,dev,mreq.imr_multiaddr.s_addr);
2300 }
2301 #endif
2302 #ifdef CONFIG_IP_FIREWALL
2303 case IP_FW_ADD_BLK:
2304 case IP_FW_DEL_BLK:
2305 case IP_FW_ADD_FWD:
2306 case IP_FW_DEL_FWD:
2307 case IP_FW_CHK_BLK:
2308 case IP_FW_CHK_FWD:
2309 case IP_FW_FLUSH_BLK:
2310 case IP_FW_FLUSH_FWD:
2311 case IP_FW_ZERO_BLK:
2312 case IP_FW_ZERO_FWD:
2313 case IP_FW_POLICY_BLK:
2314 case IP_FW_POLICY_FWD:
2315 if(!suser())
2316 return -EPERM;
2317 if(optlen>sizeof(tmp_fw) || optlen<1)
2318 return -EINVAL;
2319 err=verify_area(VERIFY_READ,optval,optlen);
2320 if(err)
2321 return err;
2322 memcpy_fromfs(&tmp_fw,optval,optlen);
2323 err=ip_fw_ctl(optname, &tmp_fw,optlen);
2324 return -err; /* -0 is 0 after all */
2325
2326 #endif
2327 #ifdef CONFIG_IP_ACCT
2328 case IP_ACCT_DEL:
2329 case IP_ACCT_ADD:
2330 case IP_ACCT_FLUSH:
2331 case IP_ACCT_ZERO:
2332 if(!suser())
2333 return -EPERM;
2334 if(optlen>sizeof(tmp_fw) || optlen<1)
2335 return -EINVAL;
2336 err=verify_area(VERIFY_READ,optval,optlen);
2337 if(err)
2338 return err;
2339 memcpy_fromfs(&tmp_fw, optval,optlen);
2340 err=ip_acct_ctl(optname, &tmp_fw,optlen);
2341 return -err; /* -0 is 0 after all */
2342 #endif
2343 /* IP_OPTIONS and friends go here eventually */
2344 default:
2345 return(-ENOPROTOOPT);
2346 }
2347 }
2348
2349 /*
2350 * Get the options. Note for future reference. The GET of IP options gets the
2351 * _received_ ones. The set sets the _sent_ ones.
2352 */
2353
2354 int ip_getsockopt(struct sock *sk, int level, int optname, char *optval, int *optlen)
/* */
2355 {
2356 int val,err;
2357 #ifdef CONFIG_IP_MULTICAST
2358 int len;
2359 #endif
2360
2361 if(level!=SOL_IP)
2362 return -EOPNOTSUPP;
2363
2364 #ifdef CONFIG_IP_MROUTE
2365 if(optname>=MRT_BASE && optname <=MRT_BASE+10)
2366 {
2367 return ip_mroute_getsockopt(sk,optname,optval,optlen);
2368 }
2369 #endif
2370
2371 switch(optname)
2372 {
2373 case IP_TOS:
2374 val=sk->ip_tos;
2375 break;
2376 case IP_TTL:
2377 val=sk->ip_ttl;
2378 break;
2379 case IP_HDRINCL:
2380 val=sk->ip_hdrincl;
2381 break;
2382 #ifdef CONFIG_IP_MULTICAST
2383 case IP_MULTICAST_TTL:
2384 val=sk->ip_mc_ttl;
2385 break;
2386 case IP_MULTICAST_LOOP:
2387 val=sk->ip_mc_loop;
2388 break;
2389 case IP_MULTICAST_IF:
2390 err=verify_area(VERIFY_WRITE, optlen, sizeof(int));
2391 if(err)
2392 return err;
2393 len=strlen(sk->ip_mc_name);
2394 err=verify_area(VERIFY_WRITE, optval, len);
2395 if(err)
2396 return err;
2397 put_user(len,(int *) optlen);
2398 memcpy_tofs((void *)optval,sk->ip_mc_name, len);
2399 return 0;
2400 #endif
2401 default:
2402 return(-ENOPROTOOPT);
2403 }
2404 err=verify_area(VERIFY_WRITE, optlen, sizeof(int));
2405 if(err)
2406 return err;
2407 put_user(sizeof(int),(int *) optlen);
2408
2409 err=verify_area(VERIFY_WRITE, optval, sizeof(int));
2410 if(err)
2411 return err;
2412 put_user(val,(int *) optval);
2413
2414 return(0);
2415 }
2416
2417 /*
2418 * Build and send a packet, with as little as one copy
2419 *
2420 * Doesn't care much about ip options... option length can be
2421 * different for fragment at 0 and other fragments.
2422 *
2423 * Note that the fragment at the highest offset is sent first,
2424 * so the getfrag routine can fill in the TCP/UDP checksum header
2425 * field in the last fragment it sends... actually it also helps
2426 * the reassemblers, they can put most packets in at the head of
2427 * the fragment queue, and they know the total size in advance. This
2428 * last feature will measurable improve the Linux fragment handler.
2429 *
2430 * The callback has five args, an arbitrary pointer (copy of frag),
2431 * the source IP address (may depend on the routing table), the
2432 * destination adddress (char *), the offset to copy from, and the
2433 * length to be copied.
2434 *
2435 */
2436
2437 int ip_build_xmit(struct sock *sk,
/* */
2438 void getfrag (const void *,
2439 int,
2440 char *,
2441 unsigned int,
2442 unsigned int),
2443 const void *frag,
2444 unsigned short int length,
2445 int daddr,
2446 int flags,
2447 int type)
2448 {
2449 struct rtable *rt;
2450 unsigned int fraglen, maxfraglen, fragheaderlen;
2451 int offset, mf;
2452 unsigned long saddr;
2453 unsigned short id;
2454 struct iphdr *iph;
2455 int local=0;
2456 struct device *dev;
2457 int nfrags=0;
2458
2459 ip_statistics.IpOutRequests++;
2460
2461
2462 #ifdef CONFIG_IP_MULTICAST
2463 if(sk && MULTICAST(daddr) && *sk->ip_mc_name)
2464 {
2465 dev=dev_get(sk->ip_mc_name);
2466 if(!dev)
2467 return -ENODEV;
2468 rt=NULL;
2469 if (sk->saddr && (!LOOPBACK(sk->saddr) || LOOPBACK(daddr)))
2470 saddr = sk->saddr;
2471 else
2472 saddr = dev->pa_addr;
2473 }
2474 else
2475 {
2476 #endif
2477 /*
2478 * Perform the IP routing decisions
2479 */
2480
2481 if(sk->localroute || flags&MSG_DONTROUTE)
2482 local=1;
2483
2484 rt = sk->ip_route_cache;
2485
2486 /*
2487 * See if the routing cache is outdated. We need to clean this up once we are happy it is reliable
2488 * by doing the invalidation actively in the route change and header change.
2489 */
2490
2491 saddr=sk->ip_route_saddr;
2492 if(!rt || sk->ip_route_stamp != rt_stamp || daddr!=sk->ip_route_daddr || sk->ip_route_local!=local || sk->saddr!=sk->ip_route_saddr)
2493 {
2494 if(local)
2495 rt = ip_rt_local(daddr, NULL, &saddr);
2496 else
2497 rt = ip_rt_route(daddr, NULL, &saddr);
2498 sk->ip_route_local=local;
2499 sk->ip_route_daddr=daddr;
2500 sk->ip_route_saddr=saddr;
2501 sk->ip_route_stamp=rt_stamp;
2502 sk->ip_route_cache=rt;
2503 sk->ip_hcache_ver=NULL;
2504 sk->ip_hcache_state= 0;
2505 }
2506 else if(rt)
2507 {
2508 /*
2509 * Attempt header caches only if the cached route is being reused. Header cache
2510 * is not ultra cheap to set up. This means we only set it up on the second packet,
2511 * so one shot communications are not slowed. We assume (seems reasonable) that 2 is
2512 * probably going to be a stream of data.
2513 */
2514 if(rt->rt_dev->header_cache && sk->ip_hcache_state!= -1)
2515 {
2516 if(sk->ip_hcache_ver==NULL || sk->ip_hcache_stamp!=*sk->ip_hcache_ver)
2517 rt->rt_dev->header_cache(rt->rt_dev,sk,saddr,daddr);
2518 else
2519 /* Can't cache. Remember this */
2520 sk->ip_hcache_state= -1;
2521 }
2522 }
2523
2524 if (rt == NULL)
2525 {
2526 ip_statistics.IpOutNoRoutes++;
2527 return(-ENETUNREACH);
2528 }
2529
2530 if (sk->saddr && (!LOOPBACK(sk->saddr) || LOOPBACK(daddr)))
2531 saddr = sk->saddr;
2532
2533 dev=rt->rt_dev;
2534 #ifdef CONFIG_IP_MULTICAST
2535 }
2536 #endif
2537
2538 /*
2539 * Now compute the buffer space we require
2540 */
2541
2542 /*
2543 * Try the simple case first. This leaves broadcast, multicast, fragmented frames, and by
2544 * choice RAW frames within 20 bytes of maximum size(rare) to the long path
2545 */
2546
2547 if(length+20 <= dev->mtu && !MULTICAST(daddr) && daddr!=0xFFFFFFFF && daddr!=dev->pa_brdaddr)
2548 {
2549 int error;
2550 struct sk_buff *skb=sock_alloc_send_skb(sk, length+20+15+dev->hard_header_len,0, 0,&error);
2551 if(skb==NULL)
2552 {
2553 ip_statistics.IpOutDiscards++;
2554 return error;
2555 }
2556 skb->dev=dev;
2557 skb->free=1;
2558 skb->when=jiffies;
2559 skb->sk=sk;
2560 skb->arp=0;
2561 skb->saddr=saddr;
2562 length+=20; /* We do this twice so the subtract once is quicker */
2563 skb->raddr=(rt&&rt->rt_gateway)?rt->rt_gateway:daddr;
2564 skb_reserve(skb,(dev->hard_header_len+15)&~15);
2565 if(sk->ip_hcache_state>0)
2566 {
2567 memcpy(skb_push(skb,dev->hard_header_len),sk->ip_hcache_data,dev->hard_header_len);
2568 skb->arp=1;
2569 }
2570 else if(dev->hard_header)
2571 {
2572 if(dev->hard_header(skb,dev,ETH_P_IP,NULL,NULL,0)>0)
2573 skb->arp=1;
2574 }
2575 else
2576 skb->arp=1;
2577 skb->ip_hdr=iph=(struct iphdr *)skb_put(skb,length);
2578 dev_lock_list();
2579 if(!sk->ip_hdrincl)
2580 {
2581 iph->version=4;
2582 iph->ihl=5;
2583 iph->tos=sk->ip_tos;
2584 iph->tot_len = htons(length);
2585 iph->id=htons(ip_id_count++);
2586 iph->frag_off = 0;
2587 iph->ttl=sk->ip_ttl;
2588 iph->protocol=type;
2589 iph->saddr=saddr;
2590 iph->daddr=daddr;
2591 iph->check=0;
2592 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
2593 getfrag(frag,saddr,(void *)(iph+1),0, length-20);
2594 }
2595 else
2596 getfrag(frag,saddr,(void *)iph,0,length);
2597 dev_unlock_list();
2598 #ifdef CONFIG_IP_ACCT
2599 ip_fw_chk((void *)skb->data,dev,ip_acct_chain, IP_FW_F_ACCEPT,1);
2600 #endif
2601 if(dev->flags&IFF_UP)
2602 dev_queue_xmit(skb,dev,sk->priority);
2603 else
2604 {
2605 ip_statistics.IpOutDiscards++;
2606 kfree_skb(skb, FREE_WRITE);
2607 }
2608 return 0;
2609 }
2610
2611
2612 fragheaderlen = dev->hard_header_len;
2613 if(!sk->ip_hdrincl)
2614 fragheaderlen += 20;
2615
2616 /*
2617 * Fragheaderlen is the size of 'overhead' on each buffer. Now work
2618 * out the size of the frames to send.
2619 */
2620
2621 maxfraglen = ((dev->mtu-20) & ~7) + fragheaderlen;
2622
2623 /*
2624 * Start at the end of the frame by handling the remainder.
2625 */
2626
2627 offset = length - (length % (maxfraglen - fragheaderlen));
2628
2629 /*
2630 * Amount of memory to allocate for final fragment.
2631 */
2632
2633 fraglen = length - offset + fragheaderlen;
2634
2635 if(length-offset==0)
2636 {
2637 fraglen = maxfraglen;
2638 offset -= maxfraglen-fragheaderlen;
2639 }
2640
2641
2642 /*
2643 * The last fragment will not have MF (more fragments) set.
2644 */
2645
2646 mf = 0;
2647
2648 /*
2649 * Can't fragment raw packets
2650 */
2651
2652 if (sk->ip_hdrincl && offset > 0)
2653 return(-EMSGSIZE);
2654
2655 /*
2656 * Lock the device lists.
2657 */
2658
2659 dev_lock_list();
2660
2661 /*
2662 * Get an identifier
2663 */
2664
2665 id = htons(ip_id_count++);
2666
2667 /*
2668 * Being outputting the bytes.
2669 */
2670
2671 do
2672 {
2673 struct sk_buff * skb;
2674 int error;
2675 char *data;
2676
2677 /*
2678 * Get the memory we require with some space left for alignment.
2679 */
2680
2681 skb = sock_alloc_send_skb(sk, fraglen+15, 0, 0, &error);
2682 if (skb == NULL)
2683 {
2684 ip_statistics.IpOutDiscards++;
2685 if(nfrags>1)
2686 ip_statistics.IpFragCreates++;
2687 dev_unlock_list();
2688 return(error);
2689 }
2690
2691 /*
2692 * Fill in the control structures
2693 */
2694
2695 skb->next = skb->prev = NULL;
2696 skb->dev = dev;
2697 skb->when = jiffies;
2698 skb->free = 1; /* dubious, this one */
2699 skb->sk = sk;
2700 skb->arp = 0;
2701 skb->saddr = saddr;
2702 skb->raddr = (rt&&rt->rt_gateway) ? rt->rt_gateway : daddr;
2703 skb_reserve(skb,(dev->hard_header_len+15)&~15);
2704 data = skb_put(skb, fraglen-dev->hard_header_len);
2705
2706 /*
2707 * Save us ARP and stuff. In the optimal case we do no route lookup (route cache ok)
2708 * no ARP lookup (arp cache ok) and output. The cache checks are still too slow but
2709 * this can be fixed later. For gateway routes we ought to have a rt->.. header cache
2710 * pointer to speed header cache builds for identical targets.
2711 */
2712
2713 if(sk->ip_hcache_state>0)
2714 {
2715 memcpy(skb_push(skb,dev->hard_header_len),sk->ip_hcache_data, dev->hard_header_len);
2716 skb->arp=1;
2717 }
2718 else if (dev->hard_header)
2719 {
2720 if(dev->hard_header(skb, dev, ETH_P_IP,
2721 NULL, NULL, 0)>0)
2722 skb->arp=1;
2723 }
2724
2725 /*
2726 * Find where to start putting bytes.
2727 */
2728
2729 skb->ip_hdr = iph = (struct iphdr *)data;
2730
2731 /*
2732 * Only write IP header onto non-raw packets
2733 */
2734
2735 if(!sk->ip_hdrincl)
2736 {
2737
2738 iph->version = 4;
2739 iph->ihl = 5; /* ugh */
2740 iph->tos = sk->ip_tos;
2741 iph->tot_len = htons(fraglen - fragheaderlen + iph->ihl*4);
2742 iph->id = id;
2743 iph->frag_off = htons(offset>>3);
2744 iph->frag_off |= mf;
2745 #ifdef CONFIG_IP_MULTICAST
2746 if (MULTICAST(daddr))
2747 iph->ttl = sk->ip_mc_ttl;
2748 else
2749 #endif
2750 iph->ttl = sk->ip_ttl;
2751 iph->protocol = type;
2752 iph->check = 0;
2753 iph->saddr = saddr;
2754 iph->daddr = daddr;
2755 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
2756 data += iph->ihl*4;
2757
2758 /*
2759 * Any further fragments will have MF set.
2760 */
2761
2762 mf = htons(IP_MF);
2763 }
2764
2765 /*
2766 * User data callback
2767 */
2768
2769 getfrag(frag, saddr, data, offset, fraglen-fragheaderlen);
2770
2771 /*
2772 * Account for the fragment.
2773 */
2774
2775 #ifdef CONFIG_IP_ACCT
2776 if(!offset)
2777 ip_fw_chk(iph, dev, ip_acct_chain, IP_FW_F_ACCEPT, 1);
2778 #endif
2779 offset -= (maxfraglen-fragheaderlen);
2780 fraglen = maxfraglen;
2781
2782 #ifdef CONFIG_IP_MULTICAST
2783
2784 /*
2785 * Multicasts are looped back for other local users
2786 */
2787
2788 if (MULTICAST(daddr) && !(dev->flags&IFF_LOOPBACK))
2789 {
2790 /*
2791 * Loop back any frames. The check for IGMP_ALL_HOSTS is because
2792 * you are always magically a member of this group.
2793 *
2794 * Always loop back all host messages when running as a multicast router.
2795 */
2796
2797 if(sk==NULL || sk->ip_mc_loop)
2798 {
2799 if(skb->daddr==IGMP_ALL_HOSTS || (dev->flags&IFF_ALLMULTI))
2800 ip_loopback(rt?rt->rt_dev:dev,skb);
2801 else
2802 {
2803 struct ip_mc_list *imc=rt?rt->rt_dev->ip_mc_list:dev->ip_mc_list;
2804 while(imc!=NULL)
2805 {
2806 if(imc->multiaddr==daddr)
2807 {
2808 ip_loopback(rt?rt->rt_dev:dev,skb);
2809 break;
2810 }
2811 imc=imc->next;
2812 }
2813 }
2814 }
2815
2816 /*
2817 * Multicasts with ttl 0 must not go beyond the host. Fixme: avoid the
2818 * extra clone.
2819 */
2820
2821 if(skb->ip_hdr->ttl==0)
2822 kfree_skb(skb, FREE_READ);
2823 }
2824 #endif
2825
2826 nfrags++;
2827
2828 /*
2829 * BSD loops broadcasts
2830 */
2831
2832 if((dev->flags&IFF_BROADCAST) && (daddr==0xFFFFFFFF || daddr==dev->pa_brdaddr) && !(dev->flags&IFF_LOOPBACK))
2833 ip_loopback(dev,skb);
2834
2835 /*
2836 * Now queue the bytes into the device.
2837 */
2838
2839 if (dev->flags & IFF_UP)
2840 {
2841 dev_queue_xmit(skb, dev, sk->priority);
2842 }
2843 else
2844 {
2845 /*
2846 * Whoops...
2847 */
2848
2849 ip_statistics.IpOutDiscards++;
2850 if(nfrags>1)
2851 ip_statistics.IpFragCreates+=nfrags;
2852 kfree_skb(skb, FREE_WRITE);
2853 dev_unlock_list();
2854 /*
2855 * BSD behaviour.
2856 */
2857 if(sk!=NULL)
2858 sk->err=ENETDOWN;
2859 return(0); /* lose rest of fragments */
2860 }
2861 }
2862 while (offset >= 0);
2863 if(nfrags>1)
2864 ip_statistics.IpFragCreates+=nfrags;
2865 dev_unlock_list();
2866 return(0);
2867 }
2868
2869
2870 /*
2871 * IP protocol layer initialiser
2872 */
2873
2874 static struct packet_type ip_packet_type =
2875 {
2876 0, /* MUTTER ntohs(ETH_P_IP),*/
2877 NULL, /* All devices */
2878 ip_rcv,
2879 NULL,
2880 NULL,
2881 };
2882
2883 /*
2884 * Device notifier
2885 */
2886
2887 static int ip_rt_event(unsigned long event, void *ptr)
/* */
2888 {
2889 if(event==NETDEV_DOWN)
2890 ip_rt_flush(ptr);
2891 return NOTIFY_DONE;
2892 }
2893
2894 struct notifier_block ip_rt_notifier={
2895 ip_rt_event,
2896 NULL,
2897 0
2898 };
2899
2900 /*
2901 * IP registers the packet type and then calls the subprotocol initialisers
2902 */
2903
2904 void ip_init(void)
/* ![[last]](../icons/n_last.png)
*/
2905 {
2906 ip_packet_type.type=htons(ETH_P_IP);
2907 dev_add_pack(&ip_packet_type);
2908
2909 /* So we flush routes when a device is downed */
2910 register_netdevice_notifier(&ip_rt_notifier);
2911
2912 /* ip_raw_init();
2913 ip_packet_init();
2914 ip_tcp_init();
2915 ip_udp_init();*/
2916
2917 #ifdef CONFIG_IP_MULTICAST
2918 proc_net_register(&(struct proc_dir_entry) {
2919 PROC_NET_IGMP, 4, "igmp",
2920 S_IFREG | S_IRUGO, 1, 0, 0,
2921 0, &proc_net_inode_operations,
2922 ip_mc_procinfo
2923 });
2924 #endif
2925 }
2926
![[bottom]](../icons/n_bottom.png){kind=icon}
*/