root/net/ipv4/icmp.c

/* [previous][next][first][last][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. icmp_out_count
  2. icmp_glue_bits
  3. icmp_build_xmit
  4. icmp_send
  5. icmp_unreach
  6. icmp_redirect
  7. icmp_echo
  8. icmp_timestamp
  9. icmp_address
  10. icmp_discard
  11. icmp_rcv
  12. icmp_init

   1 /*
   2  *      NET3:   Implementation of the ICMP protocol layer. 
   3  *      
   4  *              Alan Cox, <alan@cymru.net>
   5  *
   6  *      This program is free software; you can redistribute it and/or
   7  *      modify it under the terms of the GNU General Public License
   8  *      as published by the Free Software Foundation; either version
   9  *      2 of the License, or (at your option) any later version.
  10  *
  11  *      Some of the function names and the icmp unreach table for this
  12  *      module were derived from [icmp.c 1.0.11 06/02/93] by
  13  *      Ross Biro, Fred N. van Kempen, Mark Evans, Alan Cox, Gerhard Koerting.
  14  *      Other than that this module is a complete rewrite.
  15  *
  16  *      Fixes:
  17  *              Mike Shaver     :       RFC1122 checks.
  18  *              Alan Cox        :       Multicast ping reply as self.
  19  *              Alan Cox        :       Fix atomicity lockup in ip_build_xmit call
  20  *
  21  *
  22  *
  23  * RFC1122 Status: (boy, are there a lot of rules for ICMP)
  24  *  3.2.2 (Generic ICMP stuff)
  25  *   MUST discard messages of unknown type. (OK)
  26  *   MUST copy at least the first 8 bytes from the offending packet
  27  *     when sending ICMP errors. (OK)
  28  *   MUST pass received ICMP errors up to protocol level. (OK)
  29  *   SHOULD send ICMP errors with TOS == 0. (OK)
  30  *   MUST NOT send ICMP errors in reply to:
  31  *     ICMP errors (OK)
  32  *     Broadcast/multicast datagrams (OK)
  33  *     MAC broadcasts (OK)
  34  *     Non-initial fragments (OK)
  35  *     Datagram with a source address that isn't a single host. (OK)
  36  *  3.2.2.1 (Destination Unreachable)
  37  *   All the rules govern the IP layer, and are dealt with in ip.c, not here.
  38  *  3.2.2.2 (Redirect)
  39  *   Host SHOULD NOT send ICMP_REDIRECTs.  (OK)
  40  *   MUST update routing table in response to host or network redirects. 
  41  *     (host OK, network NOT YET) [Intentionally -- AC]
  42  *   SHOULD drop redirects if they're not from directly connected gateway
  43  *     (OK -- we drop it if it's not from our old gateway, which is close
  44  *      enough)
  45  * 3.2.2.3 (Source Quench)
  46  *   MUST pass incoming SOURCE_QUENCHs to transport layer (OK)
  47  *   Other requirements are dealt with at the transport layer.
  48  * 3.2.2.4 (Time Exceeded)
  49  *   MUST pass TIME_EXCEEDED to transport layer (OK)
  50  *   Other requirements dealt with at IP (generating TIME_EXCEEDED).
  51  * 3.2.2.5 (Parameter Problem)
  52  *   SHOULD generate these, but it doesn't say for what.  So we're OK. =)
  53  *   MUST pass received PARAMPROBLEM to transport layer (NOT YET)
  54  *      [Solaris 2.X seems to assert EPROTO when this occurs] -- AC
  55  * 3.2.2.6 (Echo Request/Reply)
  56  *   MUST reply to ECHO_REQUEST, and give app to do ECHO stuff (OK, OK)
  57  *   MAY discard broadcast ECHO_REQUESTs. (We don't, but that's OK.)
  58  *   MUST reply using same source address as the request was sent to.
  59  *     We're OK for unicast ECHOs, and it doesn't say anything about
  60  *     how to handle broadcast ones, since it's optional.
  61  *   MUST copy data from REQUEST to REPLY (OK)
  62  *     unless it would require illegal fragmentation (N/A)
  63  *   MUST pass REPLYs to transport/user layer (OK)
  64  *   MUST use any provided source route (reversed) for REPLY. (NOT YET)
  65  * 3.2.2.7 (Information Request/Reply)
  66  *   MUST NOT implement this. (I guess that means silently discard...?) (OK)
  67  * 3.2.2.8 (Timestamp Request/Reply)
  68  *   MAY implement (OK)
  69  *   SHOULD be in-kernel for "minimum variability" (OK)
  70  *   MAY discard broadcast REQUESTs.  (OK, but see source for inconsistency)
  71  *   MUST reply using same source address as the request was sent to. (OK)
  72  *   MUST reverse source route, as per ECHO (NOT YET)
  73  *   MUST pass REPLYs to transport/user layer (requires RAW, just like ECHO) (OK)
  74  *   MUST update clock for timestamp at least 15 times/sec (OK)
  75  *   MUST be "correct within a few minutes" (OK)
  76  * 3.2.2.9 (Address Mask Request/Reply)
  77  *   MAY implement (OK)
  78  *   MUST send a broadcast REQUEST if using this system to set netmask
  79  *     (OK... we don't use it)
  80  *   MUST discard received REPLYs if not using this system (OK)
  81  *   MUST NOT send replies unless specifically made agent for this sort
  82  *     of thing. (OK)
  83  */
  84 
  85 #include <linux/config.h>
  86 #include <linux/types.h>
  87 #include <linux/sched.h>
  88 #include <linux/kernel.h>
  89 #include <linux/fcntl.h>
  90 #include <linux/socket.h>
  91 #include <linux/in.h>
  92 #include <linux/inet.h>
  93 #include <linux/netdevice.h>
  94 #include <linux/string.h>
  95 #include <net/snmp.h>
  96 #include <net/ip.h>
  97 #include <net/route.h>
  98 #include <net/protocol.h>
  99 #include <net/icmp.h>
 100 #include <net/tcp.h>
 101 #include <net/snmp.h>
 102 #include <linux/skbuff.h>
 103 #include <net/sock.h>
 104 #include <linux/errno.h>
 105 #include <linux/timer.h>
 106 #include <asm/system.h>
 107 #include <asm/segment.h>
 108 #include <net/checksum.h>
 109 
 110 #define min(a,b)        ((a)<(b)?(a):(b))
 111 
 112 /*
 113  *      Statistics
 114  */
 115  
 116 struct icmp_mib icmp_statistics;
 117 
 118 /* An array of errno for error messages from dest unreach. */
 119 /* RFC 1122: 3.2.2.1 States that NET_UNREACH, HOS_UNREACH and SR_FAIELD MUST be considered 'transient errrs'. */
 120 
 121 struct icmp_err icmp_err_convert[] = {
 122   { ENETUNREACH,        0 },    /*      ICMP_NET_UNREACH        */
 123   { EHOSTUNREACH,       0 },    /*      ICMP_HOST_UNREACH       */
 124   { ENOPROTOOPT,        1 },    /*      ICMP_PROT_UNREACH       */
 125   { ECONNREFUSED,       1 },    /*      ICMP_PORT_UNREACH       */
 126   { EOPNOTSUPP,         0 },    /*      ICMP_FRAG_NEEDED        */
 127   { EOPNOTSUPP,         0 },    /*      ICMP_SR_FAILED          */
 128   { ENETUNREACH,        1 },    /*      ICMP_NET_UNKNOWN        */
 129   { EHOSTDOWN,          1 },    /*      ICMP_HOST_UNKNOWN       */
 130   { ENONET,             1 },    /*      ICMP_HOST_ISOLATED      */
 131   { ENETUNREACH,        1 },    /*      ICMP_NET_ANO            */
 132   { EHOSTUNREACH,       1 },    /*      ICMP_HOST_ANO           */
 133   { EOPNOTSUPP,         0 },    /*      ICMP_NET_UNR_TOS        */
 134   { EOPNOTSUPP,         0 }     /*      ICMP_HOST_UNR_TOS       */
 135 };
 136 
 137 /*
 138  *      A spare long used to speed up statistics udpating
 139  */
 140  
 141 unsigned long dummy;
 142 
 143 /*
 144  *      ICMP control array. This specifies what to do with each ICMP.
 145  */
 146  
 147 struct icmp_control
 148 {
 149         unsigned long *output;          /* Address to increment on output */
 150         unsigned long *input;           /* Address to increment on input */
 151         void (*handler)(struct icmphdr *icmph, struct sk_buff *skb, struct device *dev, __u32 saddr, __u32 daddr, int len);
 152         unsigned long error;            /* This ICMP is classed as an error message */  
 153 };
 154 
 155 static struct icmp_control icmp_pointers[19];
 156 
 157 /*
 158  *      Build xmit assembly blocks
 159  */
 160 
 161 struct icmp_bxm
 162 {
 163         void *data_ptr;
 164         int data_len;
 165         struct icmphdr icmph;
 166         unsigned long csum;
 167         struct options replyopts;
 168         unsigned char  optbuf[40];
 169 };
 170 
 171 /*
 172  *      The ICMP socket. This is the most convenient way to flow control
 173  *      our ICMP output as well as maintain a clean interface throughout
 174  *      all layers. All Socketless IP sends will soon be gone.
 175  */
 176         
 177 struct socket icmp_socket;
 178 
 179 /*
 180  *      Send an ICMP frame.
 181  */
 182  
 183 
 184 /*
 185  *      Maintain the counters used in the SNMP statistics for outgoing ICMP
 186  */
 187  
 188 static void icmp_out_count(int type)
     /* [previous][next][first][last][top][bottom][index][help] */
 189 {
 190         if(type>18)
 191                 return;
 192         (*icmp_pointers[type].output)++;
 193         icmp_statistics.IcmpOutMsgs++;
 194 }
 195  
 196 /*
 197  *      Checksum each fragment, and on the first include the headers and final checksum.
 198  */
 199  
 200 static void icmp_glue_bits(const void *p, __u32 saddr, char *to, unsigned int offset, unsigned int fraglen)
     /* [previous][next][first][last][top][bottom][index][help] */
 201 {
 202         struct icmp_bxm *icmp_param = (struct icmp_bxm *)p;
 203         struct icmphdr *icmph;
 204         unsigned long csum;
 205 
 206         if (offset) {
 207                 icmp_param->csum=csum_partial_copy(icmp_param->data_ptr+offset-sizeof(struct icmphdr), 
 208                                 to, fraglen,icmp_param->csum);
 209                 return;
 210         }
 211 
 212         /*
 213          *      First fragment includes header. Note that we've done
 214          *      the other fragments first, so that we get the checksum
 215          *      for the whole packet here.
 216          */
 217         csum = csum_partial_copy((void *)&icmp_param->icmph,
 218                 to, sizeof(struct icmphdr), 
 219                 icmp_param->csum);
 220         csum = csum_partial_copy(icmp_param->data_ptr,
 221                 to+sizeof(struct icmphdr),
 222                 fraglen-sizeof(struct icmphdr), csum);
 223         icmph=(struct icmphdr *)to;
 224         icmph->checksum = csum_fold(csum);
 225 }
 226  
 227 /*
 228  *      Driving logic for building and sending ICMP messages.
 229  */
 230 
 231 static void icmp_build_xmit(struct icmp_bxm *icmp_param, __u32 saddr, __u32 daddr)
     /* [previous][next][first][last][top][bottom][index][help] */
 232 {
 233         struct sock *sk=icmp_socket.data;
 234         icmp_param->icmph.checksum=0;
 235         icmp_param->csum=0;
 236         icmp_out_count(icmp_param->icmph.type);
 237         ip_build_xmit(sk, icmp_glue_bits, icmp_param, 
 238                 icmp_param->data_len+sizeof(struct icmphdr),
 239                 daddr, saddr, &icmp_param->replyopts, 0, IPPROTO_ICMP, 1);
 240 }
 241 
 242 
 243 /*
 244  *      Send an ICMP message in response to a situation
 245  *
 246  *      RFC 1122: 3.2.2 MUST send at least the IP header and 8 bytes of header. MAY send more (we don't).
 247  *                      MUST NOT change this header information.
 248  *                      MUST NOT reply to a multicast/broadcast IP address.
 249  *                      MUST NOT reply to a multicast/broadcast MAC address.
 250  *                      MUST reply to only the first fragment.
 251  */
 252 
 253 void icmp_send(struct sk_buff *skb_in, int type, int code, unsigned long info, struct device *dev)
     /* [previous][next][first][last][top][bottom][index][help] */
 254 {
 255         struct iphdr *iph;
 256         struct icmphdr *icmph;
 257         int atype;
 258         struct icmp_bxm icmp_param;
 259         __u32 saddr;
 260         
 261         /*
 262          *      Find the original header
 263          */
 264          
 265         iph = skb_in->ip_hdr;
 266         
 267         /*
 268          *      No replies to physical multicast/broadcast
 269          */
 270          
 271         if(skb_in->pkt_type!=PACKET_HOST)
 272                 return;
 273                 
 274         /*
 275          *      Now check at the protocol level
 276          */
 277          
 278         atype=ip_chk_addr(iph->daddr);
 279         if(atype==IS_BROADCAST||atype==IS_MULTICAST)
 280                 return;
 281                 
 282         /*
 283          *      Only reply to fragment 0. We byte re-order the constant
 284          *      mask for efficiency.
 285          */
 286          
 287         if(iph->frag_off&htons(IP_OFFSET))
 288                 return;
 289                 
 290         /* 
 291          *      If we send an ICMP error to an ICMP error a mess would result..
 292          */
 293          
 294         if(icmp_pointers[type].error)
 295         {
 296                 /*
 297                  *      We are an error, check if we are replying to an ICMP error
 298                  */
 299                  
 300                 if(iph->protocol==IPPROTO_ICMP)
 301                 {
 302                         icmph = (struct icmphdr *)((char *)iph + (iph->ihl<<2));
 303                         /*
 304                          *      Assume any unknown ICMP type is an error. This isn't
 305                          *      specified by the RFC, but think about it..
 306                          */
 307                         if(icmph->type>18 || icmp_pointers[icmph->type].error)
 308                                 return;
 309                 }
 310         }
 311         
 312         /*
 313          *      Tell our driver what to send
 314          */
 315          
 316         saddr=iph->daddr;
 317         if(saddr!=dev->pa_addr && ip_chk_addr(saddr)!=IS_MYADDR)
 318                 saddr=dev->pa_addr;
 319         
 320         icmp_param.icmph.type=type;
 321         icmp_param.icmph.code=code;
 322         icmp_param.icmph.un.gateway = info;
 323         icmp_param.data_ptr=iph;
 324         icmp_param.data_len=(iph->ihl<<2)+8;    /* RFC says return header + 8 bytes */
 325         
 326         /*
 327          *      Set it to build.
 328          */
 329 
 330         if (ip_options_echo(&icmp_param.replyopts, NULL, saddr, iph->saddr, skb_in) == 0)
 331           icmp_build_xmit(&icmp_param, saddr, iph->saddr);
 332 }
 333 
 334 
 335 /* 
 336  *      Handle ICMP_DEST_UNREACH, ICMP_TIME_EXCEED, and ICMP_QUENCH. 
 337  */
 338  
 339 static void icmp_unreach(struct icmphdr *icmph, struct sk_buff *skb, struct device *dev, __u32 saddr, __u32 daddr, int len)
     /* [previous][next][first][last][top][bottom][index][help] */
 340 {
 341         struct iphdr *iph;
 342         int hash;
 343         struct inet_protocol *ipprot;
 344         unsigned char *dp;      
 345         
 346         iph = (struct iphdr *) (icmph + 1);
 347         
 348         dp= ((unsigned char *)iph)+(iph->ihl<<2);
 349         
 350         if(icmph->type==ICMP_DEST_UNREACH)
 351         {
 352                 switch(icmph->code & 15)
 353                 {
 354                         case ICMP_NET_UNREACH:
 355                                 break;
 356                         case ICMP_HOST_UNREACH:
 357                                 break;
 358                         case ICMP_PROT_UNREACH:
 359                                 printk("ICMP: %s:%d: protocol unreachable.\n",
 360                                         in_ntoa(iph->daddr), ntohs(iph->protocol));
 361                                 break;
 362                         case ICMP_PORT_UNREACH:
 363                                 break;
 364                         case ICMP_FRAG_NEEDED:
 365 #ifdef CONFIG_NO_PATH_MTU_DISCOVERY
 366                                 printk("ICMP: %s: fragmentation needed and DF set.\n",
 367                                                                 in_ntoa(iph->daddr));
 368                                 break;
 369 #else
 370                         {
 371                                 unsigned short old_mtu = ntohs(iph->tot_len);
 372                                 unsigned short new_mtu = ntohs(icmph->un.echo.sequence);
 373 
 374                                 if (new_mtu < 68 || new_mtu >= old_mtu)
 375                                 {
 376                                         /*
 377                                          *      It is either dumb router, which does not
 378                                          *      understand Path MTU Disc. protocol
 379                                          *      or broken (f.e. Linux<=1.3.37 8) router.
 380                                          *      Try to guess...
 381                                          *      The table is taken from RFC-1191.
 382                                          */
 383                                         if (old_mtu > 32000)
 384                                                 new_mtu = 32000;
 385                                         else if (old_mtu > 17914)
 386                                                 new_mtu = 17914;
 387                                         else if (old_mtu > 8166)
 388                                                 new_mtu = 8166;
 389                                         else if (old_mtu > 4352)
 390                                                 new_mtu = 4352;
 391                                         else if (old_mtu > 2002)
 392                                                 new_mtu = 2002;
 393                                         else if (old_mtu > 1492)
 394                                                 new_mtu = 1492;
 395                                         else if (old_mtu > 576)
 396                                                 new_mtu = 576;
 397                                         else if (old_mtu > 296)
 398                                                 new_mtu = 296;
 399                                         else
 400                                                 new_mtu = 68;
 401                                 }
 402                                 /*
 403                                  * Ugly trick to pass MTU to protocol layer.
 404                                  * Really we should add argument "info" to error handler.
 405                                  */
 406                                 iph->id = htons(new_mtu);
 407                                 break;
 408                         }
 409 #endif
 410                         case ICMP_SR_FAILED:
 411                                 printk("ICMP: %s: Source Route Failed.\n", in_ntoa(iph->daddr));
 412                                 break;
 413                         default:
 414                                 break;
 415                 }
 416                 if(icmph->code>12)      /* Invalid type */
 417                         return;
 418         }
 419         
 420         /*
 421          *      Throw it at our lower layers
 422          *
 423          *      RFC 1122: 3.2.2 MUST extract the protocol ID from the passed header.
 424          *      RFC 1122: 3.2.2.1 MUST pass ICMP unreach messages to the transport layer.
 425          *      RFC 1122: 3.2.2.2 MUST pass ICMP time expired messages to transport layer.
 426          */
 427 
 428         /*
 429          *      Get the protocol(s). 
 430          */
 431          
 432         hash = iph->protocol & (MAX_INET_PROTOS -1);
 433 
 434         /*
 435          *      This can't change while we are doing it. 
 436          *
 437          *      FIXME: Deliver to appropriate raw sockets too.
 438          */
 439          
 440         ipprot = (struct inet_protocol *) inet_protos[hash];
 441         while(ipprot != NULL) 
 442         {
 443                 struct inet_protocol *nextip;
 444 
 445                 nextip = (struct inet_protocol *) ipprot->next;
 446         
 447                 /* 
 448                  *      Pass it off to everyone who wants it. 
 449                  */
 450 
 451                 /* RFC1122: OK. Passes appropriate ICMP errors to the */
 452                 /* appropriate protocol layer (MUST), as per 3.2.2. */
 453 
 454                 if (iph->protocol == ipprot->protocol && ipprot->err_handler) 
 455                 {
 456                         ipprot->err_handler(icmph->type, icmph->code, dp,
 457                                             iph->daddr, iph->saddr, ipprot);
 458                 }
 459 
 460                 ipprot = nextip;
 461         }
 462         kfree_skb(skb, FREE_READ);
 463 }
 464 
 465 
 466 /*
 467  *      Handle ICMP_REDIRECT. 
 468  */
 469 
 470 static void icmp_redirect(struct icmphdr *icmph, struct sk_buff *skb, struct device *dev, __u32 source, __u32 daddr, int len)
     /* [previous][next][first][last][top][bottom][index][help] */
 471 {
 472         struct iphdr *iph;
 473         unsigned long ip;
 474 
 475         /*
 476          *      Get the copied header of the packet that caused the redirect
 477          */
 478          
 479         iph = (struct iphdr *) (icmph + 1);
 480         ip = iph->daddr;
 481 
 482 #ifdef CONFIG_IP_FORWARD
 483         /*
 484          *      We are a router. Routers should not respond to ICMP_REDIRECT messages.
 485          */
 486         printk("icmp: ICMP redirect from %s on %s ignored.\n", in_ntoa(source), dev->name);
 487 #else   
 488         switch(icmph->code & 7) 
 489         {
 490                 case ICMP_REDIR_NET:
 491                         /*
 492                          *      This causes a problem with subnetted networks. What we should do
 493                          *      is use ICMP_ADDRESS to get the subnet mask of the problem route
 494                          *      and set both. But we don't..
 495                          */
 496 #ifdef not_a_good_idea
 497                         ip_rt_add((RTF_DYNAMIC | RTF_MODIFIED | RTF_GATEWAY),
 498                                 ip, 0, icmph->un.gateway, dev,0, 0, 0);
 499 #endif
 500                         /*
 501                          *      As per RFC recommendations now handle it as
 502                          *      a host redirect.
 503                          */
 504                          
 505                 case ICMP_REDIR_HOST:
 506                         /*
 507                          *      Add better route to host.
 508                          *      But first check that the redirect
 509                          *      comes from the old gateway..
 510                          *      And make sure it's an ok host address
 511                          *      (not some confused thing sending our
 512                          *      address)
 513                          */
 514                         printk("ICMP redirect from %s\n", in_ntoa(source));
 515                         ip_rt_redirect(source, ip, icmph->un.gateway, dev);
 516                         break;
 517                 case ICMP_REDIR_NETTOS:
 518                 case ICMP_REDIR_HOSTTOS:
 519                         printk("ICMP: cannot handle TOS redirects yet!\n");
 520                         break;
 521                 default:
 522                         break;
 523         }
 524 #endif          
 525         /*
 526          *      Discard the original packet
 527          */
 528          
 529         kfree_skb(skb, FREE_READ);
 530 }
 531 
 532 /*
 533  *      Handle ICMP_ECHO ("ping") requests. 
 534  *
 535  *      RFC 1122: 3.2.2.6 MUST have an echo server that answers ICMP echo requests.
 536  *      RFC 1122: 3.2.2.6 Data received in the ICMP_ECHO request MUST be included in the reply.
 537  *      See also WRT handling of options once they are done and working.
 538  */
 539  
 540 static void icmp_echo(struct icmphdr *icmph, struct sk_buff *skb, struct device *dev, __u32 saddr, __u32 daddr, int len)
     /* [previous][next][first][last][top][bottom][index][help] */
 541 {
 542         struct icmp_bxm icmp_param;
 543         icmp_param.icmph=*icmph;
 544         icmp_param.icmph.type=ICMP_ECHOREPLY;
 545         icmp_param.data_ptr=(icmph+1);
 546         icmp_param.data_len=len;
 547         if (ip_options_echo(&icmp_param.replyopts, NULL, daddr, saddr, skb)==0)
 548                 icmp_build_xmit(&icmp_param, daddr, saddr);
 549         kfree_skb(skb, FREE_READ);
 550 }
 551 
 552 /*
 553  *      Handle ICMP Timestamp requests. 
 554  *      RFC 1122: 3.2.2.8 MAY implement ICMP timestamp requests.
 555  *                SHOULD be in the kernel for minimum random latency.
 556  *                MUST be accurate to a few minutes.
 557  *                MUST be updated at least at 15Hz.
 558  */
 559  
 560 static void icmp_timestamp(struct icmphdr *icmph, struct sk_buff *skb, struct device *dev, __u32 saddr, __u32 daddr, int len)
     /* [previous][next][first][last][top][bottom][index][help] */
 561 {
 562         __u32 times[3];         /* So the new timestamp works on ALPHA's.. */
 563         struct icmp_bxm icmp_param;
 564         
 565         /*
 566          *      Too short.
 567          */
 568          
 569         if(len<12)
 570         {
 571                 icmp_statistics.IcmpInErrors++;
 572                 kfree_skb(skb, FREE_READ);
 573                 return;
 574         }
 575         
 576         /*
 577          *      Fill in the current time as ms since midnight UT: 
 578          */
 579          
 580         {
 581                 struct timeval tv;
 582                 do_gettimeofday(&tv);
 583                 times[1] = htonl((tv.tv_sec % 86400) * 1000 + tv.tv_usec / 1000);
 584         }
 585         times[2] = times[1];
 586         memcpy((void *)&times[0], icmph+1, 4);          /* Incoming stamp */
 587         icmp_param.icmph=*icmph;
 588         icmp_param.icmph.type=ICMP_TIMESTAMPREPLY;
 589         icmp_param.icmph.code=0;
 590         icmp_param.data_ptr=&times;
 591         icmp_param.data_len=12;
 592         if (ip_options_echo(&icmp_param.replyopts, NULL, daddr, saddr, skb)==0)
 593                 icmp_build_xmit(&icmp_param, daddr, saddr);
 594         kfree_skb(skb,FREE_READ);
 595 }
 596 
 597 
 598 /* 
 599  *      Handle ICMP_ADDRESS_MASK requests.  (RFC950)
 600  *
 601  * RFC1122 (3.2.2.9).  A host MUST only send replies to 
 602  * ADDRESS_MASK requests if it's been configured as an address mask 
 603  * agent.  Receiving a request doesn't constitute implicit permission to 
 604  * act as one. Of course, implementing this correctly requires (SHOULD) 
 605  * a way to turn the functionality on and off.  Another one for sysctl(), 
 606  * I guess. -- MS 
 607  * Botched with a CONFIG option for now - Linus add scts sysctl please.. 
 608  */
 609  
 610 static void icmp_address(struct icmphdr *icmph, struct sk_buff *skb, struct device *dev, __u32 saddr, __u32 daddr, int len)
     /* [previous][next][first][last][top][bottom][index][help] */
 611 {
 612 #ifdef CONFIG_IP_ADDR_AGENT
 613         __u32 answer;
 614         struct icmp_bxm icmp_param;
 615         icmp_param.icmph.type=ICMP_ADDRESSREPLY;
 616         icmp_param.icmph.code=0;
 617         icmp_param.icmph.un.echo.id = icmph->un.echo.id;
 618         icmp_param.icmph.un.echo.sequence = icmph->un.echo.sequence;
 619         icmp_param.data_ptr=&dev->pa_mask;
 620         icmp_param.data_len=4;
 621         if (ip_options_echo(&icmp_param.replyopts, NULL, daddr, saddr, skb)==0)
 622                 icmp_build_xmit(&icmp_param, daddr, saddr);
 623 #endif  
 624         kfree_skb(skb, FREE_READ);      
 625 }
 626 
 627 static void icmp_discard(struct icmphdr *icmph, struct sk_buff *skb, struct device *dev, __u32 saddr, __u32 daddr, int len)
     /* [previous][next][first][last][top][bottom][index][help] */
 628 {
 629         kfree_skb(skb, FREE_READ);
 630 }
 631 
 632 /* 
 633  *      Deal with incoming ICMP packets. 
 634  */
 635  
 636 int icmp_rcv(struct sk_buff *skb, struct device *dev, struct options *opt,
     /* [previous][next][first][last][top][bottom][index][help] */
 637          __u32 daddr, unsigned short len,
 638          __u32 saddr, int redo, struct inet_protocol *protocol)
 639 {
 640         struct icmphdr *icmph=(void *)skb->h.raw;
 641         icmp_statistics.IcmpInMsgs++;
 642         
 643         /*
 644          *      Validate the packet
 645          */
 646         
 647         if (ip_compute_csum((unsigned char *) icmph, len)) 
 648         {
 649                 /* Failed checksum! */
 650                 icmp_statistics.IcmpInErrors++;
 651                 printk("ICMP: failed checksum from %s!\n", in_ntoa(saddr));
 652                 kfree_skb(skb, FREE_READ);
 653                 return(0);
 654         }
 655         
 656         /*
 657          *      18 is the highest 'known' icmp type. Anything else is a mystery
 658          *
 659          *      RFC 1122: 3.2.2  Unknown ICMP messages types MUST be silently discarded.
 660          */
 661          
 662         if(icmph->type > 18)
 663         {
 664                 icmp_statistics.IcmpInErrors++;         /* Is this right - or do we ignore ? */
 665                 kfree_skb(skb,FREE_READ);
 666                 return(0);
 667         }
 668         
 669         /*
 670          *      Parse the ICMP message 
 671          */
 672 
 673         if (daddr!=dev->pa_addr && ip_chk_addr(daddr) != IS_MYADDR)
 674         {
 675                 /*
 676                  *      RFC 1122: 3.2.2.6 An ICMP_ECHO to broadcast MAY be silently ignored (we don't as it is used
 677                  *      by some network mapping tools).
 678                  *      RFC 1122: 3.2.2.8 An ICMP_TIMESTAMP MAY be silently discarded if to broadcast/multicast.
 679                  */
 680                 if (icmph->type != ICMP_ECHO) 
 681                 {
 682                         icmp_statistics.IcmpInErrors++;
 683                         kfree_skb(skb, FREE_READ);
 684                         return(0);
 685                 }
 686                 /*
 687                  *      Reply the multicast/broadcast using a legal
 688                  *      interface - in this case the device we got
 689                  *      it from.
 690                  */
 691                 daddr=dev->pa_addr;
 692         }
 693         
 694         len-=sizeof(struct icmphdr);
 695         (*icmp_pointers[icmph->type].input)++;
 696         (icmp_pointers[icmph->type].handler)(icmph,skb,skb->dev,saddr,daddr,len);
 697         return 0;
 698 }
 699 
 700 /*
 701  *      This table is the definition of how we handle ICMP.
 702  */
 703  
 704 static struct icmp_control icmp_pointers[19] = {
 705 /* ECHO REPLY (0) */
 706  { &icmp_statistics.IcmpOutEchoReps, &icmp_statistics.IcmpInEchoReps, icmp_discard, 0 },
 707  { &dummy, &icmp_statistics.IcmpInErrors, icmp_discard, 1 },
 708  { &dummy, &icmp_statistics.IcmpInErrors, icmp_discard, 1 },
 709 /* DEST UNREACH (3) */
 710  { &icmp_statistics.IcmpOutDestUnreachs, &icmp_statistics.IcmpInDestUnreachs, icmp_unreach, 1 },
 711 /* SOURCE QUENCH (4) */
 712  { &icmp_statistics.IcmpOutSrcQuenchs, &icmp_statistics.IcmpInSrcQuenchs, icmp_unreach, 1 },
 713 /* REDIRECT (5) */
 714  { &icmp_statistics.IcmpOutRedirects, &icmp_statistics.IcmpInRedirects, icmp_redirect, 1 },
 715  { &dummy, &icmp_statistics.IcmpInErrors, icmp_discard, 1 },
 716  { &dummy, &icmp_statistics.IcmpInErrors, icmp_discard, 1 },
 717 /* ECHO (8) */
 718  { &icmp_statistics.IcmpOutEchos, &icmp_statistics.IcmpInEchos, icmp_echo, 0 },
 719  { &dummy, &icmp_statistics.IcmpInErrors, icmp_discard, 1 },
 720  { &dummy, &icmp_statistics.IcmpInErrors, icmp_discard, 1 },
 721 /* TIME EXCEEDED (11) */
 722  { &icmp_statistics.IcmpOutTimeExcds, &icmp_statistics.IcmpInTimeExcds, icmp_unreach, 1 },
 723 /* PARAMETER PROBLEM (12) */
 724 /* FIXME: RFC1122 3.2.2.5 - MUST pass PARAM_PROB messages to transport layer */
 725  { &icmp_statistics.IcmpOutParmProbs, &icmp_statistics.IcmpInParmProbs, icmp_discard, 1 },
 726 /* TIMESTAMP (13) */
 727  { &icmp_statistics.IcmpOutTimestamps, &icmp_statistics.IcmpInTimestamps, icmp_timestamp, 0 },
 728 /* TIMESTAMP REPLY (14) */
 729  { &icmp_statistics.IcmpOutTimestampReps, &icmp_statistics.IcmpInTimestampReps, icmp_discard, 0 },
 730 /* INFO (15) */
 731  { &dummy, &dummy, icmp_discard, 0 },
 732 /* INFO REPLY (16) */
 733  { &dummy, &dummy, icmp_discard, 0 },
 734 /* ADDR MASK (17) */
 735  { &icmp_statistics.IcmpOutAddrMasks, &icmp_statistics.IcmpInAddrMasks, icmp_address, 0 },
 736 /* ADDR MASK REPLY (18) */
 737  { &icmp_statistics.IcmpOutAddrMaskReps, &icmp_statistics.IcmpInAddrMaskReps, icmp_discard, 0 }
 738 };
 739 
 740 void icmp_init(struct proto_ops *ops)
     /* [previous][next][first][last][top][bottom][index][help] */
 741 {
 742         struct sock *sk;
 743         int err;
 744         icmp_socket.type=SOCK_RAW;
 745         icmp_socket.ops=ops;
 746         if((err=ops->create(&icmp_socket, IPPROTO_ICMP))<0)
 747                 panic("Failed to create the ICMP control socket.\n");
 748         sk=icmp_socket.data;
 749         sk->allocation=GFP_ATOMIC;
 750         sk->num = 256;                  /* Don't receive any data */
 751 }
 752 

/* [previous][next][first][last][top][bottom][index][help] */