diff options
Diffstat (limited to 'sys/netinet6/ip6_forward.c')
-rw-r--r-- | sys/netinet6/ip6_forward.c | 85 |
1 files changed, 43 insertions, 42 deletions
diff --git a/sys/netinet6/ip6_forward.c b/sys/netinet6/ip6_forward.c index 8bf0595..ec25a31 100644 --- a/sys/netinet6/ip6_forward.c +++ b/sys/netinet6/ip6_forward.c @@ -48,6 +48,7 @@ __FBSDID("$FreeBSD$"); #include <sys/time.h> #include <sys/kernel.h> #include <sys/syslog.h> +#include <sys/vimage.h> #include <net/if.h> #include <net/route.h> @@ -117,7 +118,7 @@ ip6_forward(struct mbuf *m, int srcrt) * before forwarding packet actually. */ if (ipsec6_in_reject(m, NULL)) { - ipsec6stat.in_polvio++; + V_ipsec6stat.in_polvio++; m_freem(m); return; } @@ -132,10 +133,10 @@ ip6_forward(struct mbuf *m, int srcrt) if ((m->m_flags & (M_BCAST|M_MCAST)) != 0 || IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) || IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) { - ip6stat.ip6s_cantforward++; + V_ip6stat.ip6s_cantforward++; /* XXX in6_ifstat_inc(rt->rt_ifp, ifs6_in_discard) */ - if (ip6_log_time + ip6_log_interval < time_second) { - ip6_log_time = time_second; + if (V_ip6_log_time + V_ip6_log_interval < time_second) { + V_ip6_log_time = time_second; log(LOG_DEBUG, "cannot forward " "from %s to %s nxt %d received on %s\n", @@ -149,7 +150,7 @@ ip6_forward(struct mbuf *m, int srcrt) } #ifdef IPSTEALTH - if (!ip6stealth) { + if (!V_ip6stealth) { #endif if (ip6->ip6_hlim <= IPV6_HLIMDEC) { /* XXX in6_ifstat_inc(rt->rt_ifp, ifs6_in_discard) */ @@ -179,8 +180,8 @@ ip6_forward(struct mbuf *m, int srcrt) sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_OUTBOUND, IP_FORWARDING, &error); if (sp == NULL) { - ipsec6stat.out_inval++; - ip6stat.ip6s_cantforward++; + V_ipsec6stat.out_inval++; + V_ip6stat.ip6s_cantforward++; if (mcopy) { #if 0 /* XXX: what icmp ? */ @@ -200,8 +201,8 @@ ip6_forward(struct mbuf *m, int srcrt) /* * This packet is just discarded. */ - ipsec6stat.out_polvio++; - ip6stat.ip6s_cantforward++; + V_ipsec6stat.out_polvio++; + V_ip6stat.ip6s_cantforward++; KEY_FREESP(&sp); if (mcopy) { #if 0 @@ -223,7 +224,7 @@ ip6_forward(struct mbuf *m, int srcrt) if (sp->req == NULL) { /* XXX should be panic ? */ printf("ip6_forward: No IPsec request specified.\n"); - ip6stat.ip6s_cantforward++; + V_ip6stat.ip6s_cantforward++; KEY_FREESP(&sp); if (mcopy) { #if 0 @@ -307,7 +308,7 @@ ip6_forward(struct mbuf *m, int srcrt) /* don't show these error codes to the user */ break; } - ip6stat.ip6s_cantforward++; + V_ip6stat.ip6s_cantforward++; if (mcopy) { #if 0 /* XXX: what icmp ? */ @@ -352,22 +353,22 @@ ip6_forward(struct mbuf *m, int srcrt) goto skip_routing; #endif - dst = (struct sockaddr_in6 *)&ip6_forward_rt.ro_dst; + dst = (struct sockaddr_in6 *)&V_ip6_forward_rt.ro_dst; if (!srcrt) { /* ip6_forward_rt.ro_dst.sin6_addr is equal to ip6->ip6_dst */ - if (ip6_forward_rt.ro_rt == 0 || - (ip6_forward_rt.ro_rt->rt_flags & RTF_UP) == 0) { - if (ip6_forward_rt.ro_rt) { - RTFREE(ip6_forward_rt.ro_rt); - ip6_forward_rt.ro_rt = 0; + if (V_ip6_forward_rt.ro_rt == 0 || + (V_ip6_forward_rt.ro_rt->rt_flags & RTF_UP) == 0) { + if (V_ip6_forward_rt.ro_rt) { + RTFREE(V_ip6_forward_rt.ro_rt); + V_ip6_forward_rt.ro_rt = 0; } /* this probably fails but give it a try again */ - rtalloc((struct route *)&ip6_forward_rt); + rtalloc((struct route *)&V_ip6_forward_rt); } - if (ip6_forward_rt.ro_rt == 0) { - ip6stat.ip6s_noroute++; + if (V_ip6_forward_rt.ro_rt == 0) { + V_ip6stat.ip6s_noroute++; in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_noroute); if (mcopy) { icmp6_error(mcopy, ICMP6_DST_UNREACH, @@ -376,20 +377,20 @@ ip6_forward(struct mbuf *m, int srcrt) m_freem(m); return; } - } else if ((rt = ip6_forward_rt.ro_rt) == 0 || + } else if ((rt = V_ip6_forward_rt.ro_rt) == 0 || !IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &dst->sin6_addr)) { - if (ip6_forward_rt.ro_rt) { - RTFREE(ip6_forward_rt.ro_rt); - ip6_forward_rt.ro_rt = 0; + if (V_ip6_forward_rt.ro_rt) { + RTFREE(V_ip6_forward_rt.ro_rt); + V_ip6_forward_rt.ro_rt = 0; } bzero(dst, sizeof(*dst)); dst->sin6_len = sizeof(struct sockaddr_in6); dst->sin6_family = AF_INET6; dst->sin6_addr = ip6->ip6_dst; - rtalloc((struct route *)&ip6_forward_rt); - if (ip6_forward_rt.ro_rt == 0) { - ip6stat.ip6s_noroute++; + rtalloc((struct route *)&V_ip6_forward_rt); + if (V_ip6_forward_rt.ro_rt == 0) { + V_ip6stat.ip6s_noroute++; in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_noroute); if (mcopy) { icmp6_error(mcopy, ICMP6_DST_UNREACH, @@ -399,7 +400,7 @@ ip6_forward(struct mbuf *m, int srcrt) return; } } - rt = ip6_forward_rt.ro_rt; + rt = V_ip6_forward_rt.ro_rt; #ifdef IPSEC skip_routing:; #endif @@ -416,14 +417,14 @@ ip6_forward(struct mbuf *m, int srcrt) src_in6 = ip6->ip6_src; if (in6_setscope(&src_in6, rt->rt_ifp, &outzone)) { /* XXX: this should not happen */ - ip6stat.ip6s_cantforward++; - ip6stat.ip6s_badscope++; + V_ip6stat.ip6s_cantforward++; + V_ip6stat.ip6s_badscope++; m_freem(m); return; } if (in6_setscope(&src_in6, m->m_pkthdr.rcvif, &inzone)) { - ip6stat.ip6s_cantforward++; - ip6stat.ip6s_badscope++; + V_ip6stat.ip6s_cantforward++; + V_ip6stat.ip6s_badscope++; m_freem(m); return; } @@ -432,12 +433,12 @@ ip6_forward(struct mbuf *m, int srcrt) && !ipsecrt #endif ) { - ip6stat.ip6s_cantforward++; - ip6stat.ip6s_badscope++; + V_ip6stat.ip6s_cantforward++; + V_ip6stat.ip6s_badscope++; in6_ifstat_inc(rt->rt_ifp, ifs6_in_discard); - if (ip6_log_time + ip6_log_interval < time_second) { - ip6_log_time = time_second; + if (V_ip6_log_time + V_ip6_log_interval < time_second) { + V_ip6_log_time = time_second; log(LOG_DEBUG, "cannot forward " "src %s, dst %s, nxt %d, rcvif %s, outif %s\n", @@ -464,8 +465,8 @@ ip6_forward(struct mbuf *m, int srcrt) if (in6_setscope(&dst_in6, m->m_pkthdr.rcvif, &inzone) != 0 || in6_setscope(&dst_in6, rt->rt_ifp, &outzone) != 0 || inzone != outzone) { - ip6stat.ip6s_cantforward++; - ip6stat.ip6s_badscope++; + V_ip6stat.ip6s_cantforward++; + V_ip6stat.ip6s_badscope++; m_freem(m); return; } @@ -523,7 +524,7 @@ ip6_forward(struct mbuf *m, int srcrt) * Also, don't send redirect if forwarding using a route * modified by a redirect. */ - if (ip6_sendredirects && rt->rt_ifp == m->m_pkthdr.rcvif && !srcrt && + if (V_ip6_sendredirects && rt->rt_ifp == m->m_pkthdr.rcvif && !srcrt && #ifdef IPSEC !ipsecrt && #endif /* IPSEC */ @@ -607,12 +608,12 @@ pass: error = nd6_output(rt->rt_ifp, origifp, m, dst, rt); if (error) { in6_ifstat_inc(rt->rt_ifp, ifs6_out_discard); - ip6stat.ip6s_cantforward++; + V_ip6stat.ip6s_cantforward++; } else { - ip6stat.ip6s_forward++; + V_ip6stat.ip6s_forward++; in6_ifstat_inc(rt->rt_ifp, ifs6_out_forward); if (type) - ip6stat.ip6s_redirectsent++; + V_ip6stat.ip6s_redirectsent++; else { if (mcopy) goto freecopy; |