summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--share/man/man4/gre.4279
-rw-r--r--sys/conf/files2
-rw-r--r--sys/conf/options1
-rw-r--r--sys/net/if_gre.c781
-rw-r--r--sys/net/if_gre.h166
-rw-r--r--sys/netinet/in_proto.c12
-rw-r--r--sys/netinet/ip_gre.c360
-rw-r--r--sys/netinet/ip_gre.h43
8 files changed, 1644 insertions, 0 deletions
diff --git a/share/man/man4/gre.4 b/share/man/man4/gre.4
new file mode 100644
index 0000000..825ea99
--- /dev/null
+++ b/share/man/man4/gre.4
@@ -0,0 +1,279 @@
+.\" $NetBSD: gre.4,v 1.28 2002/06/10 02:49:35 itojun Exp $
+.\" $FreeBSD$
+.\"
+.\" Copyright 1998 (c) The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to The NetBSD Foundation
+.\" by Heiko W.Rupp <hwr@pilhuhn.de>
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\" must display the following acknowledgement:
+.\" This product includes software developed by the NetBSD
+.\" Foundation, Inc. and its contributors.
+.\" 4. Neither the name of the The NetBSD Foundation nor the names of its
+.\" contributors may be used to endorse or promote products derived
+.\" from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd June 9, 2002
+.Dt GRE 4
+.Os
+.Sh NAME
+.Nm gre
+.Nd encapsulating network device
+.Sh SYNOPSIS
+.Cd pseudo-device gre
+.Sh DESCRIPTION
+The
+.Nm gre
+network interface pseudo device encapsulates datagrams
+into IP. These encapsulated datagrams are routed to a destination host,
+where they are decapsulated and further routed to their final destination.
+The
+.Dq tunnel
+appears to the inner datagrams as one hop.
+.Pp
+.Nm
+interfaces are dynamically created and destroyed with the
+.Xr ifconfig 8
+.Cm create
+and
+.Cm destroy
+subcommands.
+.Pp
+This driver currently supports the following modes of operation:
+.Bl -tag -width abc
+.It GRE encapsulation (IP protocol number 47)
+Encapsulated datagrams are
+prepended an outer datagram and a GRE header. The GRE header specifies
+the type of the encapsulated datagram and thus allows for tunneling other
+protocols than IP like e.g. AppleTalk. GRE mode is also the default tunnel
+mode on Cisco routers. This is also the default mode of operation of the
+.Sy gre Ns Ar X
+interfaces.
+.It MOBILE encapsulation (IP protocol number 55)
+Datagrams are
+encapsulated into IP, but with a shorter encapsulation. The original
+IP header is modified and the modifications are inserted between the
+so modified header and the original payload. Like
+.Xr gif 4 ,
+only for IP in IP encapsulation.
+.El
+.Pp
+The
+.Sy gre Ns Ar X
+interfaces support a number of
+.Xr ioctl 2 Ns s ,
+such as:
+.Bl -tag -width aaa
+.It GRESADDRS :
+Set the IP address of the local tunnel end. This is the source address
+set by or displayed by ifconfig for the
+.Sy gre Ns Ar X
+interface.
+.It GRESADDRD :
+Set the IP address of the remote tunnel end. This is the destination address
+set by or displayed by ifconfig for the
+.Sy gre Ns Ar X
+interface.
+.It GREGADDRS :
+Query the IP address that is set for the local tunnel end. This is the
+address the encapsulation header carries as local address (i.e. the real
+address of the tunnel start point.)
+.It GREGADDRD :
+Query the IP address that is set for the remote tunnel end. This is the
+address the encapsulated packets are sent to (i.e. the real address of
+the remote tunnel endpoint.)
+.It GRESPROTO :
+Set the operation mode to the specified IP protocol value. The
+protocol is passed to the interface in (struct ifreq)-\*[Gt]ifr_flags.
+The operation mode can also be given as
+.Bl -tag -width link0xxx
+.It link0
+IPPROTO_GRE
+.It -link0
+IPPROTO_MOBILE
+.El
+.Pp
+to
+.Xr ifconfig 8 .
+.Pp
+The link1 flag is not used to choose encapsulation, but to modify the
+internal route search for the remote tunnel endpoint, see the
+.Sx BUGS
+section below.
+.It GREGPROTO :
+Query operation mode.
+.El
+.Pp
+Note that the IP addresses of the tunnel endpoints may be the same as the
+ones defined with
+.Xr ifconfig 8
+for the interface (as if IP is encapsulated), but need not be, as e.g. when
+encapsulating AppleTalk.
+.Sh EXAMPLES
+Configuration example:
+.Bd -literal
+Host X-- Host A ----------------tunnel---------- cisco D------Host E
+ \\ |
+ \\ /
+ +------Host B----------Host C----------+
+.Ed
+On host A
+.Ns ( Nx ) :
+.Bd -literal
+ # route add default B
+ # ifconfig greN create
+ # ifconfig greN A D netmask 0xffffffff linkX up
+ # ifconfig greN tunnel A D
+ # route add E D
+.Ed
+On Host D (Cisco):
+.Bd -literal
+ Interface TunnelX
+ ip unnumbered D ! e.g. address from Ethernet interface
+ tunnel source D ! e.g. address from Ethernet interface
+ tunnel destination A
+ ip route C \*[Lt]some interface and mask\*[Gt]
+ ip route A mask C
+ ip route X mask tunnelX
+.Ed
+OR
+On Host D
+.Ns ( Nx ) :
+.Bd -literal
+ # route add default C
+ # ifconfig greN create
+ # ifconfig greN D A
+ # ifconfig tunnel greN D A
+.Ed
+.Pp
+If all goes well, you should see packets flowing ;-)
+.Pp
+If you want to reach Host A over the tunnel (from Host D (Cisco)), then
+you have to have an alias on Host A for e.g. the Ethernet interface like:
+.Bd -literal
+ ifconfig \*[Lt]etherif\*[Gt] alias Y
+.Ed
+and on the cisco
+.Bd -literal
+ ip route Y mask tunnelX
+.Ed
+.Pp
+A similar setup can be used to create a link between two private networks
+(for example in the 192.168 subnet) over the Internet:
+.Bd -literal
+192.168.1.* --- Router A -------tunnel-------- Router B --- 192.168.2.*
+ \\ /
+ \\ /
+ +----- the Internet ------+
+.Ed
+Assuming router A has the (external) IP address A and the internal address
+192.168.1.1, while router B has external address B and internal address
+192.168.2.1, the following commands will configure the tunnel:
+.Pp
+On router A:
+.Bd -literal
+ # ifconfig greN create
+ # ifconfig greN 192.168.1.1 192.168.2.1 link1
+ # ifconfig greN tunnel A B
+ # route add -net 192.168.2 -netmask 255.255.255.0 192.168.2.1
+.Ed
+.Pp
+On router B:
+.Bd -literal
+ # ifconfig greN create
+ # ifconfig greN 192.168.2.1 192.168.1.1 link1
+ # ifconfig greN tunnel B A
+ # route add -net 192.168.1 -netmask 255.255.255.0 192.168.1.1
+.Ed
+.Pp
+Note that this is a safe situation where the link1 flag (as discussed in the
+.Sx BUGS
+section below) may (and probably should) be set.
+.Sh NOTES
+The MTU of
+.Sy gre Ns Ar X
+interfaces is set to 1476 by default to match the value used by Cisco routers.
+This may not be an optimal value, depending on the link between the two tunnel
+endpoints. It can be adjusted via
+.Xr ifconfig 8 .
+.Pp
+For correct operation, the
+.Nm
+device needs a route to the destination that is less specific than the
+one over the tunnel.
+(Basically, there needs to be a route to the decapsulating host that
+does not run over the tunnel, as this would be a loop.)
+If the addresses are ambiguous, doing the
+.Xr ifconfig 8
+.Li tunnel
+step before the
+.Xr ifconfig 8
+call to set the
+.Sy gre Ns Ar X
+IP addresses will help to find a route outside the tunnel.
+.Pp
+In order to tell
+.Xr ifconfig 8
+to actually mark the interface as up, the keyword
+.Dq up
+must be given last on its command line.
+.Pp
+The kernel must be set to forward datagrams by either option
+.Em GATEWAY
+in the kernel config file or by issuing the appropriate option to
+.Xr sysctl 8 .
+.Sh SEE ALSO
+.Xr atalk 4 ,
+.Xr gif 4 ,
+.Xr inet 4 ,
+.Xr ip 4 ,
+.Xr netintro 4 ,
+.Xr options 4 ,
+.Xr protocols 5 ,
+.Xr ifconfig 8 ,
+.Xr sysctl 8
+.Pp
+A description of GRE encapsulation can be found in RFC 1701 and RFC 1702.
+.Pp
+A description of MOBILE encapsulation can be found in RFC 2004.
+.Sh AUTHORS
+.An Heiko W.Rupp Aq hwr@pilhuhn.de
+.Sh BUGS
+The compute_route() code in if_gre.c toggles the last bit of the
+IP-address to provoke the search for a less specific route than the
+one directly over the tunnel to prevent loops. This is possibly not
+the best solution.
+.Pp
+To avoid the address munging described above, turn on the link1 flag
+on the
+.Xr ifconfig 8
+command line.
+This implies that the GRE packet destination and the ifconfig remote host
+are not the same IP addresses, and that the GRE destination does not route
+over the
+.Sy gre Ns Ar X
+interface itself.
+.Pp
+The GRE RFCs are not yet fully implemented (no GRE options).
diff --git a/sys/conf/files b/sys/conf/files
index d62cab4..ad967e5 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -1054,6 +1054,7 @@ net/if_ethersubr.c optional ether
net/if_faith.c optional faith
net/if_fddisubr.c optional fddi
net/if_gif.c optional gif
+net/if_gre.c optional gre
net/if_iso88025subr.c optional token
net/if_loop.c optional loop
net/if_media.c standard
@@ -1216,6 +1217,7 @@ netinet/if_ether.c optional ether
netinet/igmp.c optional inet
netinet/in.c optional inet
netinet/in_gif.c optional gif inet
+netinet/ip_gre.c optional gre inet
netinet/ip_id.c optional inet
netinet/in_pcb.c optional inet
netinet/in_proto.c optional inet
diff --git a/sys/conf/options b/sys/conf/options
index d7d9e19..8e0dd0f 100644
--- a/sys/conf/options
+++ b/sys/conf/options
@@ -327,6 +327,7 @@ IPTUNNEL opt_ipx.h
LIBMCHAIN
NCP opt_ncp.h
NETATALK opt_atalk.h
+NS opt_ns.h
PPP_BSDCOMP opt_ppp.h
PPP_DEFLATE opt_ppp.h
PPP_FILTER opt_ppp.h
diff --git a/sys/net/if_gre.c b/sys/net/if_gre.c
new file mode 100644
index 0000000..22d7e94
--- /dev/null
+++ b/sys/net/if_gre.c
@@ -0,0 +1,781 @@
+/* $NetBSD: if_gre.c,v 1.42 2002/08/14 00:23:27 itojun Exp $ */
+/* $FreeBSD$ */
+
+/*
+ * Copyright (c) 1998 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Heiko W.Rupp <hwr@pilhuhn.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the NetBSD
+ * Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Encapsulate L3 protocols into IP
+ * See RFC 1701 and 1702 for more details.
+ * If_gre is compatible with Cisco GRE tunnels, so you can
+ * have a NetBSD box as the other end of a tunnel interface of a Cisco
+ * router. See gre(4) for more details.
+ * Also supported: IP in IP encaps (proto 55) as of RFC 2004
+ */
+
+#include <sys/cdefs.h>
+__RCSID("@(#) $FreeBSD$");
+
+#include "opt_inet.h"
+#include "opt_ns.h"
+#include "bpf.h"
+
+#include <sys/param.h>
+#include <sys/kernel.h>
+#include <sys/malloc.h>
+#include <sys/mbuf.h>
+#include <sys/proc.h>
+#include <sys/protosw.h>
+#include <sys/socket.h>
+#include <sys/sockio.h>
+#include <sys/queue.h>
+#include <sys/sysctl.h>
+
+#include <machine/cpu.h>
+
+#include <net/ethernet.h>
+#include <net/if.h>
+#include <net/if_types.h>
+#include <net/netisr.h>
+#include <net/route.h>
+
+#ifdef INET
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/in_var.h>
+#include <netinet/ip.h>
+#include <netinet/ip_gre.h>
+#include <netinet/ip_var.h>
+#include <netinet/ip_encap.h>
+#else
+#error "Huh? if_gre without inet?"
+#endif
+
+#ifdef NS
+#include <netns/ns.h>
+#include <netns/ns_if.h>
+#endif
+
+#ifdef NETATALK
+#include <netatalk/at.h>
+#include <netatalk/at_var.h>
+#include <netatalk/at_extern.h>
+#endif
+
+#if NBPF > 0
+#include <sys/time.h>
+#include <net/bpf.h>
+#endif
+
+#include <net/net_osdep.h>
+#include <net/if_gre.h>
+
+/*
+ * It is not easy to calculate the right value for a GRE MTU.
+ * We leave this task to the admin and use the same default that
+ * other vendors use.
+ */
+#define GREMTU 1476
+
+#define GRENAME "gre"
+
+static MALLOC_DEFINE(M_GRE, GRENAME, "Generic Routing Encapsulation");
+
+struct gre_softc_head gre_softc_list;
+int ip_gre_ttl = GRE_TTL;
+
+int gre_clone_create __P((struct if_clone *, int));
+void gre_clone_destroy __P((struct ifnet *));
+
+struct if_clone gre_cloner =
+ IF_CLONE_INITIALIZER("gre", gre_clone_create, gre_clone_destroy, 0, IF_MAXUNIT);
+
+int gre_compute_route(struct gre_softc *sc);
+
+void greattach __P((void));
+
+#ifdef INET
+extern struct domain inetdomain;
+static const struct protosw in_gre_protosw =
+{ SOCK_RAW, &inetdomain, IPPROTO_GRE, PR_ATOMIC|PR_ADDR,
+ (pr_input_t*)gre_input, (pr_output_t*)rip_output, rip_ctlinput, rip_ctloutput,
+ 0,
+ 0, 0, 0, 0,
+ &rip_usrreqs
+};
+static const struct protosw in_mobile_protosw =
+{ SOCK_RAW, &inetdomain, IPPROTO_MOBILE, PR_ATOMIC|PR_ADDR,
+ (pr_input_t*)gre_mobile_input, (pr_output_t*)rip_output, rip_ctlinput, rip_ctloutput,
+ 0,
+ 0, 0, 0, 0,
+ &rip_usrreqs
+};
+#endif
+
+SYSCTL_DECL(_net_link);
+SYSCTL_NODE(_net_link, IFT_OTHER, gre, CTLFLAG_RW, 0,
+ "Generic Routing Encapsulation");
+#ifndef MAX_GRE_NEST
+/*
+ * This macro controls the default upper limitation on nesting of gre tunnels.
+ * Since, setting a large value to this macro with a careless configuration
+ * may introduce system crash, we don't allow any nestings by default.
+ * If you need to configure nested gre tunnels, you can define this macro
+ * in your kernel configuration file. However, if you do so, please be
+ * careful to configure the tunnels so that it won't make a loop.
+ */
+#define MAX_GRE_NEST 1
+#endif
+static int max_gre_nesting = MAX_GRE_NEST;
+SYSCTL_INT(_net_link_gre, OID_AUTO, max_nesting, CTLFLAG_RW,
+ &max_gre_nesting, 0, "Max nested tunnels");
+
+/* ARGSUSED */
+void
+greattach(void)
+{
+
+ LIST_INIT(&gre_softc_list);
+ if_clone_attach(&gre_cloner);
+}
+
+int
+gre_clone_create(ifc, unit)
+ struct if_clone *ifc;
+ int unit;
+{
+ struct gre_softc *sc;
+
+ sc = malloc(sizeof(struct gre_softc), M_GRE, M_WAITOK);
+ memset(sc, 0, sizeof(struct gre_softc));
+
+ sc->sc_if.if_name = GRENAME;
+ sc->sc_if.if_softc = sc;
+ sc->sc_if.if_unit = unit;
+ sc->sc_if.if_snd.ifq_maxlen = IFQ_MAXLEN;
+ sc->sc_if.if_type = IFT_OTHER;
+ sc->sc_if.if_addrlen = 0;
+ sc->sc_if.if_hdrlen = 24; /* IP + GRE */
+ sc->sc_if.if_mtu = GREMTU;
+ sc->sc_if.if_flags = IFF_POINTOPOINT|IFF_MULTICAST;
+ sc->sc_if.if_output = gre_output;
+ sc->sc_if.if_ioctl = gre_ioctl;
+ sc->g_dst.s_addr = sc->g_src.s_addr = INADDR_ANY;
+ sc->g_proto = IPPROTO_GRE;
+ sc->sc_if.if_flags |= IFF_LINK0;
+ sc->encap = NULL;
+ sc->called = 0;
+ if_attach(&sc->sc_if);
+#if NBPF
+ bpfattach(&sc->sc_if, DLT_NULL, sizeof(u_int32_t));
+#endif
+ LIST_INSERT_HEAD(&gre_softc_list, sc, sc_list);
+ return (0);
+}
+
+void
+gre_clone_destroy(ifp)
+ struct ifnet *ifp;
+{
+ struct gre_softc *sc = ifp->if_softc;
+
+#ifdef INET
+ if (sc->encap != NULL)
+ encap_detach(sc->encap);
+#endif
+ LIST_REMOVE(sc, sc_list);
+#if NBPF
+ bpfdetach(ifp);
+#endif
+ if_detach(ifp);
+ free(sc, M_GRE);
+}
+
+/*
+ * The output routine. Takes a packet and encapsulates it in the protocol
+ * given by sc->g_proto. See also RFC 1701 and RFC 2004
+ */
+int
+gre_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
+ struct rtentry *rt)
+{
+ int error = 0;
+ struct gre_softc *sc = ifp->if_softc;
+ struct greip *gh;
+ struct ip *ip;
+ u_char osrc;
+ u_short etype = 0;
+ struct mobile_h mob_h;
+
+ /*
+ * gre may cause infinite recursion calls when misconfigured.
+ * We'll prevent this by introducing upper limit.
+ */
+ if (++(sc->called) > max_gre_nesting) {
+ printf("%s: gre_output: recursively called too many "
+ "times(%d)\n", if_name(&sc->sc_if), sc->called);
+ m_freem(m);
+ error = EIO; /* is there better errno? */
+ goto end;
+ }
+
+ if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 0 ||
+ sc->g_src.s_addr == INADDR_ANY || sc->g_dst.s_addr == INADDR_ANY) {
+ m_freem(m);
+ error = ENETDOWN;
+ goto end;
+ }
+
+ gh = NULL;
+ ip = NULL;
+ osrc = 0;
+
+#if NBPF
+ if (ifp->if_bpf) {
+ /* see comment of other if_foo.c files */
+ struct mbuf m0;
+ u_int32_t af = dst->sa_family;
+
+ m0.m_next = m;
+ m0.m_len = 4;
+ m0.m_data = (char *)&af;
+
+ bpf_mtap(ifp, &m0);
+ }
+#endif
+
+ m->m_flags &= ~(M_BCAST|M_MCAST);
+
+ if (sc->g_proto == IPPROTO_MOBILE) {
+ if (dst->sa_family == AF_INET) {
+ struct mbuf *m0;
+ int msiz;
+
+ ip = mtod(m, struct ip *);
+
+ /*
+ * RFC2004 specifies that fragmented diagrams shouldn't
+ * be encapsulated.
+ */
+ if ((ip->ip_off & IP_MF) != 0) {
+ _IF_DROP(&ifp->if_snd);
+ m_freem(m);
+ error = EINVAL; /* is there better errno? */
+ goto end;
+ }
+ memset(&mob_h, 0, MOB_H_SIZ_L);
+ mob_h.proto = (ip->ip_p) << 8;
+ mob_h.odst = ip->ip_dst.s_addr;
+ ip->ip_dst.s_addr = sc->g_dst.s_addr;
+
+ /*
+ * If the packet comes from our host, we only change
+ * the destination address in the IP header.
+ * Else we also need to save and change the source
+ */
+ if (in_hosteq(ip->ip_src, sc->g_src)) {
+ msiz = MOB_H_SIZ_S;
+ } else {
+ mob_h.proto |= MOB_H_SBIT;
+ mob_h.osrc = ip->ip_src.s_addr;
+ ip->ip_src.s_addr = sc->g_src.s_addr;
+ msiz = MOB_H_SIZ_L;
+ }
+ mob_h.proto = htons(mob_h.proto);
+ mob_h.hcrc = gre_in_cksum((u_short *)&mob_h, msiz);
+
+ if ((m->m_data - msiz) < m->m_pktdat) {
+ /* need new mbuf */
+ MGETHDR(m0, M_DONTWAIT, MT_HEADER);
+ if (m0 == NULL) {
+ _IF_DROP(&ifp->if_snd);
+ m_freem(m);
+ error = ENOBUFS;
+ goto end;
+ }
+ m0->m_next = m;
+ m->m_data += sizeof(struct ip);
+ m->m_len -= sizeof(struct ip);
+ m0->m_pkthdr.len = m->m_pkthdr.len + msiz;
+ m0->m_len = msiz + sizeof(struct ip);
+ m0->m_data += max_linkhdr;
+ memcpy(mtod(m0, caddr_t), (caddr_t)ip,
+ sizeof(struct ip));
+ m = m0;
+ } else { /* we have some space left in the old one */
+ m->m_data -= msiz;
+ m->m_len += msiz;
+ m->m_pkthdr.len += msiz;
+ bcopy(ip, mtod(m, caddr_t),
+ sizeof(struct ip));
+ }
+ ip = mtod(m, struct ip *);
+ memcpy((caddr_t)(ip + 1), &mob_h, (unsigned)msiz);
+ ip->ip_len = ntohs(ip->ip_len) + msiz;
+ } else { /* AF_INET */
+ _IF_DROP(&ifp->if_snd);
+ m_freem(m);
+ error = EINVAL;
+ goto end;
+ }
+ } else if (sc->g_proto == IPPROTO_GRE) {
+ switch (dst->sa_family) {
+ case AF_INET:
+ ip = mtod(m, struct ip *);
+ etype = ETHERTYPE_IP;
+ break;
+#ifdef NETATALK
+ case AF_APPLETALK:
+ etype = ETHERTYPE_ATALK;
+ break;
+#endif
+#ifdef NS
+ case AF_NS:
+ etype = ETHERTYPE_NS;
+ break;
+#endif
+ default:
+ _IF_DROP(&ifp->if_snd);
+ m_freem(m);
+ error = EAFNOSUPPORT;
+ goto end;
+ }
+ M_PREPEND(m, sizeof(struct greip), M_DONTWAIT);
+ } else {
+ _IF_DROP(&ifp->if_snd);
+ m_freem(m);
+ error = EINVAL;
+ goto end;
+ }
+
+ if (m == NULL) { /* impossible */
+ _IF_DROP(&ifp->if_snd);
+ error = ENOBUFS;
+ goto end;
+ }
+
+ gh = mtod(m, struct greip *);
+ if (sc->g_proto == IPPROTO_GRE) {
+ /* we don't have any GRE flags for now */
+
+ memset((void *)&gh->gi_g, 0, sizeof(struct gre_h));
+ gh->gi_ptype = htons(etype);
+ }
+
+ gh->gi_pr = sc->g_proto;
+ if (sc->g_proto != IPPROTO_MOBILE) {
+ gh->gi_src = sc->g_src;
+ gh->gi_dst = sc->g_dst;
+ ((struct ip*)gh)->ip_hl = (sizeof(struct ip)) >> 2;
+ ((struct ip*)gh)->ip_ttl = ip_gre_ttl;
+ ((struct ip*)gh)->ip_tos = ip->ip_tos;
+ ((struct ip*)gh)->ip_id = ip->ip_id;
+ gh->gi_len = m->m_pkthdr.len;
+ }
+
+ ifp->if_opackets++;
+ ifp->if_obytes += m->m_pkthdr.len;
+ /* send it off */
+ error = ip_output(m, NULL, &sc->route, 0, NULL);
+ end:
+ sc->called = 0;
+ if (error)
+ ifp->if_oerrors++;
+ return (error);
+}
+
+int
+gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+ struct ifreq *ifr = (struct ifreq *)data;
+ struct if_laddrreq *lifr = (struct if_laddrreq *)data;
+ struct in_aliasreq *aifr = (struct in_aliasreq *)data;
+ struct gre_softc *sc = ifp->if_softc;
+ int s;
+ struct sockaddr_in si;
+ struct sockaddr *sa = NULL;
+ int error;
+ struct sockaddr_in sp, sm, dp, dm;
+
+ error = 0;
+
+ s = splnet();
+ switch (cmd) {
+ case SIOCSIFADDR:
+ ifp->if_flags |= IFF_UP;
+ break;
+ case SIOCSIFDSTADDR:
+ break;
+ case SIOCSIFFLAGS:
+ if ((error = suser(curthread)) != 0)
+ break;
+ if ((ifr->ifr_flags & IFF_LINK0) != 0)
+ sc->g_proto = IPPROTO_GRE;
+ else
+ sc->g_proto = IPPROTO_MOBILE;
+ goto recompute;
+ case SIOCSIFMTU:
+ if ((error = suser(curthread)) != 0)
+ break;
+ if (ifr->ifr_mtu < 576) {
+ error = EINVAL;
+ break;
+ }
+ ifp->if_mtu = ifr->ifr_mtu;
+ break;
+ case SIOCGIFMTU:
+ ifr->ifr_mtu = sc->sc_if.if_mtu;
+ break;
+ case SIOCADDMULTI:
+ case SIOCDELMULTI:
+ if ((error = suser(curthread)) != 0)
+ break;
+ if (ifr == 0) {
+ error = EAFNOSUPPORT;
+ break;
+ }
+ switch (ifr->ifr_addr.sa_family) {
+#ifdef INET
+ case AF_INET:
+ break;
+#endif
+ default:
+ error = EAFNOSUPPORT;
+ break;
+ }
+ break;
+ case GRESPROTO:
+ if ((error = suser(curthread)) != 0)
+ break;
+ sc->g_proto = ifr->ifr_flags;
+ switch (sc->g_proto) {
+ case IPPROTO_GRE:
+ ifp->if_flags |= IFF_LINK0;
+ break;
+ case IPPROTO_MOBILE:
+ ifp->if_flags &= ~IFF_LINK0;
+ break;
+ default:
+ error = EPROTONOSUPPORT;
+ break;
+ }
+ goto recompute;
+ case GREGPROTO:
+ ifr->ifr_flags = sc->g_proto;
+ break;
+ case GRESADDRS:
+ case GRESADDRD:
+ if ((error = suser(curthread)) != 0)
+ break;
+ /*
+ * set tunnel endpoints, compute a less specific route
+ * to the remote end and mark if as up
+ */
+ sa = &ifr->ifr_addr;
+ if (cmd == GRESADDRS)
+ sc->g_src = (satosin(sa))->sin_addr;
+ if (cmd == GRESADDRD)
+ sc->g_dst = (satosin(sa))->sin_addr;
+ recompute:
+#ifdef INET
+ if (sc->encap != NULL) {
+ encap_detach(sc->encap);
+ sc->encap = NULL;
+ }
+#endif
+ if ((sc->g_src.s_addr != INADDR_ANY) &&
+ (sc->g_dst.s_addr != INADDR_ANY)) {
+ bzero(&sp, sizeof(sp));
+ bzero(&sm, sizeof(sm));
+ bzero(&dp, sizeof(dp));
+ bzero(&dm, sizeof(dm));
+ sp.sin_len = sm.sin_len = dp.sin_len = dm.sin_len =
+ sizeof(struct sockaddr_in);
+ sp.sin_family = sm.sin_family = dp.sin_family =
+ dm.sin_family = AF_INET;
+ sp.sin_addr = sc->g_src;
+ dp.sin_addr = sc->g_dst;
+ sm.sin_addr.s_addr = dm.sin_addr.s_addr =
+ INADDR_BROADCAST;
+#ifdef INET
+ sc->encap = encap_attach(AF_INET, sc->g_proto,
+ sintosa(&sp), sintosa(&sm), sintosa(&dp),
+ sintosa(&dm), (sc->g_proto == IPPROTO_GRE) ?
+ &in_gre_protosw : &in_mobile_protosw, sc);
+ if (sc->encap == NULL)
+ printf("%s: unable to attach encap\n",
+ if_name(&sc->sc_if));
+#endif
+ if (sc->route.ro_rt != 0) /* free old route */
+ RTFREE(sc->route.ro_rt);
+ if (gre_compute_route(sc) == 0)
+ ifp->if_flags |= IFF_RUNNING;
+ else
+ ifp->if_flags &= ~IFF_RUNNING;
+ }
+ break;
+ case GREGADDRS:
+ memset(&si, 0, sizeof(si));
+ si.sin_family = AF_INET;
+ si.sin_len = sizeof(struct sockaddr_in);
+ si.sin_addr.s_addr = sc->g_src.s_addr;
+ sa = sintosa(&si);
+ ifr->ifr_addr = *sa;
+ break;
+ case GREGADDRD:
+ memset(&si, 0, sizeof(si));
+ si.sin_family = AF_INET;
+ si.sin_len = sizeof(struct sockaddr_in);
+ si.sin_addr.s_addr = sc->g_dst.s_addr;
+ sa = sintosa(&si);
+ ifr->ifr_addr = *sa;
+ break;
+ case SIOCSIFPHYADDR:
+ if ((error = suser(curthread)) != 0)
+ break;
+ if (aifr->ifra_addr.sin_family != AF_INET ||
+ aifr->ifra_dstaddr.sin_family != AF_INET) {
+ error = EAFNOSUPPORT;
+ break;
+ }
+ if (aifr->ifra_addr.sin_len != sizeof(si) ||
+ aifr->ifra_dstaddr.sin_len != sizeof(si)) {
+ error = EINVAL;
+ break;
+ }
+ sc->g_src = aifr->ifra_addr.sin_addr;
+ sc->g_dst = aifr->ifra_dstaddr.sin_addr;
+ goto recompute;
+ case SIOCSLIFPHYADDR:
+ if ((error = suser(curthread)) != 0)
+ break;
+ if (lifr->addr.ss_family != AF_INET ||
+ lifr->dstaddr.ss_family != AF_INET) {
+ error = EAFNOSUPPORT;
+ break;
+ }
+ if (lifr->addr.ss_len != sizeof(si) ||
+ lifr->dstaddr.ss_len != sizeof(si)) {
+ error = EINVAL;
+ break;
+ }
+ sc->g_src = (satosin((struct sockadrr *)&lifr->addr))->sin_addr;
+ sc->g_dst =
+ (satosin((struct sockadrr *)&lifr->dstaddr))->sin_addr;
+ goto recompute;
+ case SIOCDIFPHYADDR:
+ if ((error = suser(curthread)) != 0)
+ break;
+ sc->g_src.s_addr = INADDR_ANY;
+ sc->g_dst.s_addr = INADDR_ANY;
+ goto recompute;
+ case SIOCGLIFPHYADDR:
+ if (sc->g_src.s_addr == INADDR_ANY ||
+ sc->g_dst.s_addr == INADDR_ANY) {
+ error = EADDRNOTAVAIL;
+ break;
+ }
+ memset(&si, 0, sizeof(si));
+ si.sin_family = AF_INET;
+ si.sin_len = sizeof(struct sockaddr_in);
+ si.sin_addr.s_addr = sc->g_src.s_addr;
+ memcpy(&lifr->addr, &si, sizeof(si));
+ si.sin_addr.s_addr = sc->g_dst.s_addr;
+ memcpy(&lifr->dstaddr, &si, sizeof(si));
+ break;
+ case SIOCGIFPSRCADDR:
+ if (sc->g_src.s_addr == INADDR_ANY) {
+ error = EADDRNOTAVAIL;
+ break;
+ }
+ memset(&si, 0, sizeof(si));
+ si.sin_family = AF_INET;
+ si.sin_len = sizeof(struct sockaddr_in);
+ si.sin_addr.s_addr = sc->g_src.s_addr;
+ bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr));
+ break;
+ case SIOCGIFPDSTADDR:
+ if (sc->g_dst.s_addr == INADDR_ANY) {
+ error = EADDRNOTAVAIL;
+ break;
+ }
+ memset(&si, 0, sizeof(si));
+ si.sin_family = AF_INET;
+ si.sin_len = sizeof(struct sockaddr_in);
+ si.sin_addr.s_addr = sc->g_dst.s_addr;
+ bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr));
+ break;
+ default:
+ error = EINVAL;
+ break;
+ }
+
+ splx(s);
+ return (error);
+}
+
+/*
+ * computes a route to our destination that is not the one
+ * which would be taken by ip_output(), as this one will loop back to
+ * us. If the interface is p2p as a--->b, then a routing entry exists
+ * If we now send a packet to b (e.g. ping b), this will come down here
+ * gets src=a, dst=b tacked on and would from ip_ouput() sent back to
+ * if_gre.
+ * Goal here is to compute a route to b that is less specific than
+ * a-->b. We know that this one exists as in normal operation we have
+ * at least a default route which matches.
+ */
+int
+gre_compute_route(struct gre_softc *sc)
+{
+ struct route *ro;
+ u_int32_t a, b, c;
+
+ ro = &sc->route;
+
+ memset(ro, 0, sizeof(struct route));
+ ((struct sockaddr_in *)&ro->ro_dst)->sin_addr = sc->g_dst;
+ ro->ro_dst.sa_family = AF_INET;
+ ro->ro_dst.sa_len = sizeof(ro->ro_dst);
+
+ /*
+ * toggle last bit, so our interface is not found, but a less
+ * specific route. I'd rather like to specify a shorter mask,
+ * but this is not possible. Should work though. XXX
+ * there is a simpler way ...
+ */
+ if ((sc->sc_if.if_flags & IFF_LINK1) == 0) {
+ a = ntohl(sc->g_dst.s_addr);
+ b = a & 0x01;
+ c = a & 0xfffffffe;
+ b = b ^ 0x01;
+ a = b | c;
+ ((struct sockaddr_in *)&ro->ro_dst)->sin_addr.s_addr
+ = htonl(a);
+ }
+
+#ifdef DIAGNOSTIC
+ printf("%s: searching a route to %s", if_name(&sc->sc_if),
+ inet_ntoa(((struct sockaddr_in *)&ro->ro_dst)->sin_addr));
+#endif
+
+ rtalloc(ro);
+
+ /*
+ * check if this returned a route at all and this route is no
+ * recursion to ourself
+ */
+ if (ro->ro_rt == NULL || ro->ro_rt->rt_ifp->if_softc == sc) {
+#ifdef DIAGNOSTIC
+ if (ro->ro_rt == NULL)
+ printf(" - no route found!\n");
+ else
+ printf(" - route loops back to ourself!\n");
+#endif
+ return EADDRNOTAVAIL;
+ }
+
+ /*
+ * now change it back - else ip_output will just drop
+ * the route and search one to this interface ...
+ */
+ if ((sc->sc_if.if_flags & IFF_LINK1) == 0)
+ ((struct sockaddr_in *)&ro->ro_dst)->sin_addr = sc->g_dst;
+
+#ifdef DIAGNOSTIC
+ printf(", choosing %s with gateway %s", if_name(ro->ro_rt->rt_ifp),
+ inet_ntoa(((struct sockaddr_in *)(ro->ro_rt->rt_gateway))->sin_addr));
+ printf("\n");
+#endif
+
+ return 0;
+}
+
+/*
+ * do a checksum of a buffer - much like in_cksum, which operates on
+ * mbufs.
+ */
+u_short
+gre_in_cksum(u_short *p, u_int len)
+{
+ u_int sum = 0;
+ int nwords = len >> 1;
+
+ while (nwords-- != 0)
+ sum += *p++;
+
+ if (len & 1) {
+ union {
+ u_short w;
+ u_char c[2];
+ } u;
+ u.c[0] = *(u_char *)p;
+ u.c[1] = 0;
+ sum += u.w;
+ }
+
+ /* end-around-carry */
+ sum = (sum >> 16) + (sum & 0xffff);
+ sum += (sum >> 16);
+ return (~sum);
+}
+
+static int
+gremodevent(module_t mod, int type, void *data)
+{
+
+ switch (type) {
+ case MOD_LOAD:
+ greattach();
+ break;
+ case MOD_UNLOAD:
+ if_clone_detach(&gre_cloner);
+
+ while (!LIST_EMPTY(&gre_softc_list))
+ gre_clone_destroy(&LIST_FIRST(&gre_softc_list)->sc_if);
+ break;
+ }
+ return 0;
+}
+
+static moduledata_t gre_mod = {
+ "if_gre",
+ gremodevent,
+ 0
+};
+
+DECLARE_MODULE(if_gre, gre_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
+MODULE_VERSION(if_gre, 1);
diff --git a/sys/net/if_gre.h b/sys/net/if_gre.h
new file mode 100644
index 0000000..2254b3b
--- /dev/null
+++ b/sys/net/if_gre.h
@@ -0,0 +1,166 @@
+/* $NetBSD: if_gre.h,v 1.10 2002/02/24 17:22:20 martin Exp $ */
+/* $FreeBSD$ */
+
+/*
+ * Copyright (c) 1998 The NetBSD Foundation, Inc.
+ * All rights reserved
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Heiko W.Rupp <hwr@pilhuhn.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the NetBSD
+ * Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _NET_IF_GRE_H
+#define _NET_IF_GRE_H
+
+#include <sys/ioccom.h>
+#include <sys/queue.h>
+
+struct gre_softc {
+ struct ifnet sc_if;
+ LIST_ENTRY(gre_softc) sc_list;
+ int gre_unit;
+ int gre_flags;
+ struct in_addr g_src; /* source address of gre packets */
+ struct in_addr g_dst; /* destination address of gre packets */
+ struct route route; /* routing entry that determines, where a
+ encapsulated packet should go */
+ u_char g_proto; /* protocol of encapsulator */
+
+ const struct encaptab *encap; /* encapsulation cookie */
+
+ int called; /* infinite recursion preventer */
+};
+
+
+struct gre_h {
+ u_int16_t flags; /* GRE flags */
+ u_int16_t ptype; /* protocol type of payload typically
+ Ether protocol type*/
+/*
+ * from here on: fields are optional, presence indicated by flags
+ *
+ u_int_16 checksum checksum (one-complements of GRE header
+ and payload
+ Present if (ck_pres | rt_pres == 1).
+ Valid if (ck_pres == 1).
+ u_int_16 offset offset from start of routing filed to
+ first octet of active SRE (see below).
+ Present if (ck_pres | rt_pres == 1).
+ Valid if (rt_pres == 1).
+ u_int_32 key inserted by encapsulator e.g. for
+ authentication
+ Present if (key_pres ==1 ).
+ u_int_32 seq_num Sequence number to allow for packet order
+ Present if (seq_pres ==1 ).
+ struct gre_sre[] routing Routing fileds (see below)
+ Present if (rt_pres == 1)
+ */
+} __attribute__((__packed__));
+
+struct greip {
+ struct ip gi_i;
+ struct gre_h gi_g;
+} __attribute__((__packed__));
+
+#define gi_pr gi_i.ip_p
+#define gi_len gi_i.ip_len
+#define gi_src gi_i.ip_src
+#define gi_dst gi_i.ip_dst
+#define gi_ptype gi_g.ptype
+#define gi_flags gi_g.flags
+
+#define GRE_CP 0x8000 /* Checksum Present */
+#define GRE_RP 0x4000 /* Routing Present */
+#define GRE_KP 0x2000 /* Key Present */
+#define GRE_SP 0x1000 /* Sequence Present */
+#define GRE_SS 0x0800 /* Strict Source Route */
+
+/*
+ * gre_sre defines a Source route Entry. These are needed if packets
+ * should be routed over more than one tunnel hop by hop
+ */
+struct gre_sre {
+ u_int16_t sre_family; /* adress family */
+ u_char sre_offset; /* offset to first octet of active entry */
+ u_char sre_length; /* number of octets in the SRE.
+ sre_lengthl==0 -> last entry. */
+ u_char *sre_rtinfo; /* the routing information */
+};
+
+struct greioctl {
+ int unit;
+ struct in_addr addr;
+};
+
+/* for mobile encaps */
+
+struct mobile_h {
+ u_int16_t proto; /* protocol and S-bit */
+ u_int16_t hcrc; /* header checksum */
+ u_int32_t odst; /* original destination address */
+ u_int32_t osrc; /* original source addr, if S-bit set */
+} __attribute__((__packed__));
+
+struct mobip_h {
+ struct ip mi;
+ struct mobile_h mh;
+} __attribute__((__packed__));
+
+
+#define MOB_H_SIZ_S (sizeof(struct mobile_h) - sizeof(u_int32_t))
+#define MOB_H_SIZ_L (sizeof(struct mobile_h))
+#define MOB_H_SBIT 0x0080
+
+#define GRE_TTL 30
+extern int ip_gre_ttl;
+
+/*
+ * ioctls needed to manipulate the interface
+ */
+
+#define GRESADDRS _IOW('i', 101, struct ifreq)
+#define GRESADDRD _IOW('i', 102, struct ifreq)
+#define GREGADDRS _IOWR('i', 103, struct ifreq)
+#define GREGADDRD _IOWR('i', 104, struct ifreq)
+#define GRESPROTO _IOW('i' , 105, struct ifreq)
+#define GREGPROTO _IOWR('i', 106, struct ifreq)
+
+#ifdef _KERNEL
+LIST_HEAD(gre_softc_head, gre_softc);
+extern struct gre_softc_head gre_softc_list;
+
+int gre_ioctl __P((struct ifnet *, u_long, caddr_t));
+int gre_output __P((struct ifnet *, struct mbuf *, struct sockaddr *,
+ struct rtentry *rt));
+u_short gre_in_cksum(u_short *p, u_int len);
+#endif /* _KERNEL */
+
+#endif
diff --git a/sys/netinet/in_proto.c b/sys/netinet/in_proto.c
index b522652..876d8b6 100644
--- a/sys/netinet/in_proto.c
+++ b/sys/netinet/in_proto.c
@@ -160,6 +160,18 @@ struct protosw inetsw[] = {
encap_init, 0, 0, 0,
&rip_usrreqs
},
+{ SOCK_RAW, &inetdomain, IPPROTO_MOBILE, PR_ATOMIC|PR_ADDR|PR_LASTHDR,
+ encap4_input, 0, 0, rip_ctloutput,
+ 0,
+ encap_init, 0, 0, 0,
+ &rip_usrreqs
+},
+{ SOCK_RAW, &inetdomain, IPPROTO_GRE, PR_ATOMIC|PR_ADDR|PR_LASTHDR,
+ encap4_input, 0, 0, rip_ctloutput,
+ 0,
+ encap_init, 0, 0, 0,
+ &rip_usrreqs
+},
# ifdef INET6
{ SOCK_RAW, &inetdomain, IPPROTO_IPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR,
encap4_input, 0, 0, rip_ctloutput,
diff --git a/sys/netinet/ip_gre.c b/sys/netinet/ip_gre.c
new file mode 100644
index 0000000..4701e1f
--- /dev/null
+++ b/sys/netinet/ip_gre.c
@@ -0,0 +1,360 @@
+/* $NetBSD: ip_gre.c,v 1.21 2002/08/14 00:23:30 itojun Exp $ */
+/* $FreeBSD$ */
+
+/*
+ * Copyright (c) 1998 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Heiko W.Rupp <hwr@pilhuhn.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the NetBSD
+ * Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * deencapsulate tunneled packets and send them on
+ * output half is in net/if_gre.[ch]
+ * This currently handles IPPROTO_GRE, IPPROTO_MOBILE
+ */
+
+#include <sys/cdefs.h>
+__RCSID("@(#) $FreeBSD$");
+
+#include "opt_inet.h"
+#include "opt_ns.h"
+#include "opt_atalk.h"
+#include "bpf.h"
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/mbuf.h>
+#include <sys/socket.h>
+#include <sys/socketvar.h>
+#include <sys/protosw.h>
+#include <sys/errno.h>
+#include <sys/time.h>
+#include <sys/kernel.h>
+#include <sys/syslog.h>
+#include <net/bpf.h>
+#include <net/ethernet.h>
+#include <net/if.h>
+#include <net/netisr.h>
+#include <net/route.h>
+#include <net/raw_cb.h>
+
+#ifdef INET
+#include <netinet/in.h>
+#include <netinet/in_var.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/ip_gre.h>
+#include <machine/in_cksum.h>
+#else
+#error ip_gre input without IP?
+#endif
+
+#ifdef NS
+#include <netns/ns.h>
+#include <netns/ns_if.h>
+#endif
+
+#ifdef NETATALK
+#include <netatalk/at.h>
+#include <netatalk/at_var.h>
+#include <netatalk/at_extern.h>
+#endif
+
+/* Needs IP headers. */
+#include <net/if_gre.h>
+
+#include <machine/stdarg.h>
+
+#if 1
+void gre_inet_ntoa(struct in_addr in); /* XXX */
+#endif
+
+struct gre_softc *gre_lookup __P((struct mbuf *, u_int8_t));
+
+int gre_input2 __P((struct mbuf *, int, u_char));
+
+/*
+ * De-encapsulate a packet and feed it back through ip input (this
+ * routine is called whenever IP gets a packet with proto type
+ * IPPROTO_GRE and a local destination address).
+ * This really is simple
+ */
+void
+#if __STDC__
+gre_input(struct mbuf *m, ...)
+#else
+gre_input(m, va_alist)
+ struct mbuf *m;
+ va_dcl
+#endif
+{
+ int off, ret, proto;
+ va_list ap;
+
+ va_start(ap, m);
+ off = va_arg(ap, int);
+ va_end(ap);
+ proto = (mtod(m, struct ip *))->ip_p;
+
+ ret = gre_input2(m, off, proto);
+ /*
+ * ret == 0 : packet not processed, meaning that
+ * no matching tunnel that is up is found.
+ * we inject it to raw ip socket to see if anyone picks it up.
+ */
+ if (ret == 0)
+ rip_input(m, off);
+}
+
+/*
+ * decapsulate.
+ * Does the real work and is called from gre_input() (above)
+ * returns 0 if packet is not yet processed
+ * and 1 if it needs no further processing
+ * proto is the protocol number of the "calling" foo_input()
+ * routine.
+ */
+
+int
+gre_input2(struct mbuf *m ,int hlen, u_char proto)
+{
+ struct greip *gip = mtod(m, struct greip *);
+ int s;
+ struct ifqueue *ifq;
+ struct gre_softc *sc;
+ u_short flags;
+
+ if ((sc = gre_lookup(m, proto)) == NULL) {
+ /* No matching tunnel or tunnel is down. */
+ return (0);
+ }
+
+ sc->sc_if.if_ipackets++;
+ sc->sc_if.if_ibytes += m->m_pkthdr.len;
+
+ switch (proto) {
+ case IPPROTO_GRE:
+ hlen += sizeof (struct gre_h);
+
+ /* process GRE flags as packet can be of variable len */
+ flags = ntohs(gip->gi_flags);
+
+ /* Checksum & Offset are present */
+ if ((flags & GRE_CP) | (flags & GRE_RP))
+ hlen += 4;
+ /* We don't support routing fields (variable length) */
+ if (flags & GRE_RP)
+ return(0);
+ if (flags & GRE_KP)
+ hlen += 4;
+ if (flags & GRE_SP)
+ hlen +=4;
+
+ switch (ntohs(gip->gi_ptype)) { /* ethertypes */
+ case ETHERTYPE_IP: /* shouldn't need a schednetisr(), as */
+ ifq = &ipintrq; /* we are in ip_input */
+ break;
+ break;
+#ifdef NS
+ case ETHERTYPE_NS:
+ ifq = &nsintrq;
+ schednetisr(NETISR_NS);
+ break;
+#endif
+#ifdef NETATALK
+ case ETHERTYPE_ATALK:
+ ifq = &atintrq1;
+ schednetisr(NETISR_ATALK);
+ break;
+#endif
+ case ETHERTYPE_IPV6:
+ /* FALLTHROUGH */
+ default: /* others not yet supported */
+ return(0);
+ }
+ break;
+ default:
+ /* others not yet supported */
+ return(0);
+ }
+
+ m->m_data += hlen;
+ m->m_len -= hlen;
+ m->m_pkthdr.len -= hlen;
+
+#if NBPF > 0
+ if (sc->sc_if.if_bpf) {
+ struct mbuf m0;
+ u_int32_t af = AF_INET;
+
+ m0.m_next = m;
+ m0.m_len = 4;
+ m0.m_data = (char *)&af;
+
+ bpf_mtap(&(sc->sc_if), &m0);
+ }
+#endif /*NBPF > 0*/
+
+ m->m_pkthdr.rcvif = &sc->sc_if;
+
+ s = splnet(); /* possible */
+ if (_IF_QFULL(ifq)) {
+ _IF_DROP(ifq);
+ m_freem(m);
+ } else {
+ IF_ENQUEUE(ifq,m);
+ }
+ splx(s);
+
+ return(1); /* packet is done, no further processing needed */
+}
+
+/*
+ * input routine for IPPRPOTO_MOBILE
+ * This is a little bit diffrent from the other modes, as the
+ * encapsulating header was not prepended, but instead inserted
+ * between IP header and payload
+ */
+
+void
+#if __STDC__
+gre_mobile_input(struct mbuf *m, ...)
+#else
+gre_mobile_input(m, va_alist)
+ struct mbuf *m;
+ va_dcl
+#endif
+{
+ struct ip *ip = mtod(m, struct ip *);
+ struct mobip_h *mip = mtod(m, struct mobip_h *);
+ struct ifqueue *ifq;
+ struct gre_softc *sc;
+ int hlen,s;
+ va_list ap;
+ u_char osrc = 0;
+ int msiz;
+
+ va_start(ap,m);
+ hlen = va_arg(ap, int);
+ va_end(ap);
+
+ if ((sc = gre_lookup(m, IPPROTO_MOBILE)) == NULL) {
+ /* No matching tunnel or tunnel is down. */
+ m_freem(m);
+ return;
+ }
+
+ sc->sc_if.if_ipackets++;
+ sc->sc_if.if_ibytes += m->m_pkthdr.len;
+
+ if(ntohs(mip->mh.proto) & MOB_H_SBIT) {
+ osrc = 1;
+ msiz = MOB_H_SIZ_L;
+ mip->mi.ip_src.s_addr = mip->mh.osrc;
+ } else {
+ msiz = MOB_H_SIZ_S;
+ }
+ mip->mi.ip_dst.s_addr = mip->mh.odst;
+ mip->mi.ip_p = (ntohs(mip->mh.proto) >> 8);
+
+ if (gre_in_cksum((u_short*)&mip->mh,msiz) != 0) {
+ m_freem(m);
+ return;
+ }
+
+ bcopy((caddr_t)(ip) + (ip->ip_hl << 2) + msiz, (caddr_t)(ip) +
+ (ip->ip_hl << 2), m->m_len - msiz - (ip->ip_hl << 2));
+ m->m_len -= msiz;
+ m->m_pkthdr.len -= msiz;
+
+ /*
+ * On FreeBSD, rip_input() supplies us with ip->ip_len
+ * already converted into host byteorder and also decreases
+ * it by the lengh of IP header, however, ip_input() expects
+ * that this field is in the original format (network byteorder
+ * and full size of IP packet), so that adjust accordingly.
+ */
+ ip->ip_len = htons(ip->ip_len + sizeof(struct ip) - msiz);
+
+ ip->ip_sum = 0;
+ ip->ip_sum = in_cksum(m, (ip->ip_hl << 2));
+
+#if NBPF > 0
+ if (sc->sc_if.if_bpf) {
+ struct mbuf m0;
+ u_int af = AF_INET;
+
+ m0.m_next = m;
+ m0.m_len = 4;
+ m0.m_data = (char *)&af;
+
+ bpf_mtap(&(sc->sc_if), &m0);
+ }
+#endif /*NBPFILTER > 0*/
+
+ m->m_pkthdr.rcvif = &sc->sc_if;
+
+ ifq = &ipintrq;
+ s = splnet(); /* possible */
+ if (_IF_QFULL(ifq)) {
+ _IF_DROP(ifq);
+ m_freem(m);
+ } else {
+ IF_ENQUEUE(ifq,m);
+ }
+ splx(s);
+}
+
+/*
+ * Find the gre interface associated with our src/dst/proto set.
+ */
+struct gre_softc *
+gre_lookup(m, proto)
+ struct mbuf *m;
+ u_int8_t proto;
+{
+ struct ip *ip = mtod(m, struct ip *);
+ struct gre_softc *sc;
+
+ for (sc = LIST_FIRST(&gre_softc_list); sc != NULL;
+ sc = LIST_NEXT(sc, sc_list)) {
+ if ((sc->g_dst.s_addr == ip->ip_src.s_addr) &&
+ (sc->g_src.s_addr == ip->ip_dst.s_addr) &&
+ (sc->g_proto == proto) &&
+ ((sc->sc_if.if_flags & IFF_UP) != 0))
+ return (sc);
+ }
+
+ return (NULL);
+}
diff --git a/sys/netinet/ip_gre.h b/sys/netinet/ip_gre.h
new file mode 100644
index 0000000..c3562be
--- /dev/null
+++ b/sys/netinet/ip_gre.h
@@ -0,0 +1,43 @@
+/* $NetBSD: ip_gre.h,v 1.5 2002/06/09 16:33:40 itojun Exp $ */
+/* $FreeBSD$ */
+
+/*
+ * Copyright (c) 1998 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Heiko W.Rupp <hwr@pilhuhn.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the NetBSD
+ * Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef _KERNEL
+void gre_input __P((struct mbuf *, ...));
+void gre_mobile_input __P((struct mbuf *, ...));
+#endif /* _KERNEL */
OpenPOWER on IntegriCloud