1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
|
/*
* Copyright (c) 1989 Stephen Deering
* Copyright (c) 1992, 1993
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Stephen Deering of Stanford University.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)ip_mroute.c 8.2 (Berkeley) 11/15/93
* $Id$
*/
/*
* Procedures for the kernel part of DVMRP,
* a Distance-Vector Multicast Routing Protocol.
* (See RFC-1075.)
*
* Written by David Waitzman, BBN Labs, August 1988.
* Modified by Steve Deering, Stanford, February 1989.
*
* MROUTING 1.1
*/
#ifndef MROUTING
int ip_mrtproto; /* for netstat only */
#else
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/errno.h>
#include <sys/ioctl.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/protosw.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/time.h>
#include <net/if.h>
#include <net/route.h>
#include <net/raw_cb.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/in_pcb.h>
#include <netinet/in_var.h>
#include <netinet/ip_var.h>
#include <netinet/igmp.h>
#include <netinet/igmp_var.h>
#include <netinet/ip_mroute.h>
/* Static forwards */
static int ip_mrouter_init __P((struct socket *));
static int add_vif __P((struct vifctl *));
static int del_vif __P((vifi_t *vifip));
static int add_lgrp __P((struct lgrplctl *));
static int del_lgrp __P((struct lgrplctl *));
static int grplst_member __P((struct vif *, struct in_addr));
static u_long nethash __P((struct in_addr in));
static int add_mrt __P((struct mrtctl *));
static int del_mrt __P((struct in_addr *));
static struct mrt *mrtfind __P((struct in_addr));
static void phyint_send __P((struct mbuf *, struct vif *));
static void tunnel_send __P((struct mbuf *, struct vif *));
#define INSIZ sizeof(struct in_addr)
#define same(a1, a2) (bcmp((caddr_t)(a1), (caddr_t)(a2), INSIZ) == 0)
#define satosin(sa) ((struct sockaddr_in *)(sa))
/*
* Globals. All but ip_mrouter and ip_mrtproto could be static,
* except for netstat or debugging purposes.
*/
struct socket *ip_mrouter = NULL;
int ip_mrtproto = IGMP_DVMRP; /* for netstat only */
struct mrt *mrttable[MRTHASHSIZ];
struct vif viftable[MAXVIFS];
struct mrtstat mrtstat;
/*
* Private variables.
*/
static vifi_t numvifs = 0;
static struct mrt *cached_mrt = NULL;
static u_long cached_origin;
static u_long cached_originmask;
/*
* Handle DVMRP setsockopt commands to modify the multicast routing tables.
*/
int
ip_mrouter_cmd(cmd, so, m)
register int cmd;
register struct socket *so;
register struct mbuf *m;
{
register int error = 0;
if (cmd != DVMRP_INIT && so != ip_mrouter)
error = EACCES;
else switch (cmd) {
case DVMRP_INIT:
error = ip_mrouter_init(so);
break;
case DVMRP_DONE:
error = ip_mrouter_done();
break;
case DVMRP_ADD_VIF:
if (m == NULL || m->m_len < sizeof(struct vifctl))
error = EINVAL;
else
error = add_vif(mtod(m, struct vifctl *));
break;
case DVMRP_DEL_VIF:
if (m == NULL || m->m_len < sizeof(short))
error = EINVAL;
else
error = del_vif(mtod(m, vifi_t *));
break;
case DVMRP_ADD_LGRP:
if (m == NULL || m->m_len < sizeof(struct lgrplctl))
error = EINVAL;
else
error = add_lgrp(mtod(m, struct lgrplctl *));
break;
case DVMRP_DEL_LGRP:
if (m == NULL || m->m_len < sizeof(struct lgrplctl))
error = EINVAL;
else
error = del_lgrp(mtod(m, struct lgrplctl *));
break;
case DVMRP_ADD_MRT:
if (m == NULL || m->m_len < sizeof(struct mrtctl))
error = EINVAL;
else
error = add_mrt(mtod(m, struct mrtctl *));
break;
case DVMRP_DEL_MRT:
if (m == NULL || m->m_len < sizeof(struct in_addr))
error = EINVAL;
else
error = del_mrt(mtod(m, struct in_addr *));
break;
default:
error = EOPNOTSUPP;
break;
}
return (error);
}
/*
* Enable multicast routing
*/
static int
ip_mrouter_init(so)
register struct socket *so;
{
if (so->so_type != SOCK_RAW ||
so->so_proto->pr_protocol != IPPROTO_IGMP)
return (EOPNOTSUPP);
if (ip_mrouter != NULL)
return (EADDRINUSE);
ip_mrouter = so;
return (0);
}
/*
* Disable multicast routing
*/
int
ip_mrouter_done()
{
register vifi_t vifi;
register int i;
register struct ifnet *ifp;
register int s;
struct ifreq ifr;
s = splnet();
/*
* For each phyint in use, free its local group list and
* disable promiscuous reception of all IP multicasts.
*/
for (vifi = 0; vifi < numvifs; vifi++) {
if (viftable[vifi].v_lcl_addr.s_addr != 0 &&
!(viftable[vifi].v_flags & VIFF_TUNNEL)) {
if (viftable[vifi].v_lcl_grps)
free(viftable[vifi].v_lcl_grps, M_MRTABLE);
satosin(&ifr.ifr_addr)->sin_family = AF_INET;
satosin(&ifr.ifr_addr)->sin_addr.s_addr = INADDR_ANY;
ifp = viftable[vifi].v_ifp;
(*ifp->if_ioctl)(ifp, SIOCDELMULTI, (caddr_t)&ifr);
}
}
bzero((caddr_t)viftable, sizeof(viftable));
numvifs = 0;
/*
* Free any multicast route entries.
*/
for (i = 0; i < MRTHASHSIZ; i++)
if (mrttable[i])
free(mrttable[i], M_MRTABLE);
bzero((caddr_t)mrttable, sizeof(mrttable));
cached_mrt = NULL;
ip_mrouter = NULL;
splx(s);
return (0);
}
/*
* Add a vif to the vif table
*/
static int
add_vif(vifcp)
register struct vifctl *vifcp;
{
register struct vif *vifp = viftable + vifcp->vifc_vifi;
register struct ifaddr *ifa;
register struct ifnet *ifp;
struct ifreq ifr;
register int error, s;
static struct sockaddr_in sin = { sizeof(sin), AF_INET };
if (vifcp->vifc_vifi >= MAXVIFS)
return (EINVAL);
if (vifp->v_lcl_addr.s_addr != 0)
return (EADDRINUSE);
/* Find the interface with an address in AF_INET family */
sin.sin_addr = vifcp->vifc_lcl_addr;
ifa = ifa_ifwithaddr((struct sockaddr *)&sin);
if (ifa == 0)
return (EADDRNOTAVAIL);
s = splnet();
if (vifcp->vifc_flags & VIFF_TUNNEL)
vifp->v_rmt_addr = vifcp->vifc_rmt_addr;
else {
/* Make sure the interface supports multicast */
ifp = ifa->ifa_ifp;
if ((ifp->if_flags & IFF_MULTICAST) == 0) {
splx(s);
return (EOPNOTSUPP);
}
/*
* Enable promiscuous reception of all IP multicasts
* from the interface.
*/
satosin(&ifr.ifr_addr)->sin_family = AF_INET;
satosin(&ifr.ifr_addr)->sin_addr.s_addr = INADDR_ANY;
error = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, (caddr_t)&ifr);
if (error) {
splx(s);
return (error);
}
}
vifp->v_flags = vifcp->vifc_flags;
vifp->v_threshold = vifcp->vifc_threshold;
vifp->v_lcl_addr = vifcp->vifc_lcl_addr;
vifp->v_ifp = ifa->ifa_ifp;
/* Adjust numvifs up if the vifi is higher than numvifs */
if (numvifs <= vifcp->vifc_vifi)
numvifs = vifcp->vifc_vifi + 1;
splx(s);
return (0);
}
/*
* Delete a vif from the vif table
*/
static int
del_vif(vifip)
register vifi_t *vifip;
{
register struct vif *vifp = viftable + *vifip;
register struct ifnet *ifp;
register int i, s;
struct ifreq ifr;
if (*vifip >= numvifs)
return (EINVAL);
if (vifp->v_lcl_addr.s_addr == 0)
return (EADDRNOTAVAIL);
s = splnet();
if (!(vifp->v_flags & VIFF_TUNNEL)) {
if (vifp->v_lcl_grps)
free(vifp->v_lcl_grps, M_MRTABLE);
satosin(&ifr.ifr_addr)->sin_family = AF_INET;
satosin(&ifr.ifr_addr)->sin_addr.s_addr = INADDR_ANY;
ifp = vifp->v_ifp;
(*ifp->if_ioctl)(ifp, SIOCDELMULTI, (caddr_t)&ifr);
}
bzero((caddr_t)vifp, sizeof (*vifp));
/* Adjust numvifs down */
for (i = numvifs - 1; i >= 0; i--)
if (viftable[i].v_lcl_addr.s_addr != 0)
break;
numvifs = i + 1;
splx(s);
return (0);
}
/*
* Add the multicast group in the lgrpctl to the list of local multicast
* group memberships associated with the vif indexed by gcp->lgc_vifi.
*/
static int
add_lgrp(gcp)
register struct lgrplctl *gcp;
{
register struct vif *vifp;
register int s;
if (gcp->lgc_vifi >= numvifs)
return (EINVAL);
vifp = viftable + gcp->lgc_vifi;
if (vifp->v_lcl_addr.s_addr == 0 || (vifp->v_flags & VIFF_TUNNEL))
return (EADDRNOTAVAIL);
/* If not enough space in existing list, allocate a larger one */
s = splnet();
if (vifp->v_lcl_grps_n + 1 >= vifp->v_lcl_grps_max) {
register int num;
register struct in_addr *ip;
num = vifp->v_lcl_grps_max;
if (num <= 0)
num = 32; /* initial number */
else
num += num; /* double last number */
ip = (struct in_addr *)malloc(num * sizeof(*ip),
M_MRTABLE, M_NOWAIT);
if (ip == NULL) {
splx(s);
return (ENOBUFS);
}
bzero((caddr_t)ip, num * sizeof(*ip)); /* XXX paranoid */
bcopy((caddr_t)vifp->v_lcl_grps, (caddr_t)ip,
vifp->v_lcl_grps_n * sizeof(*ip));
vifp->v_lcl_grps_max = num;
if (vifp->v_lcl_grps)
free(vifp->v_lcl_grps, M_MRTABLE);
vifp->v_lcl_grps = ip;
splx(s);
}
vifp->v_lcl_grps[vifp->v_lcl_grps_n++] = gcp->lgc_gaddr;
if (gcp->lgc_gaddr.s_addr == vifp->v_cached_group)
vifp->v_cached_result = 1;
splx(s);
return (0);
}
/*
* Delete the the local multicast group associated with the vif
* indexed by gcp->lgc_vifi.
*/
static int
del_lgrp(gcp)
register struct lgrplctl *gcp;
{
register struct vif *vifp;
register int i, error, s;
if (gcp->lgc_vifi >= numvifs)
return (EINVAL);
vifp = viftable + gcp->lgc_vifi;
if (vifp->v_lcl_addr.s_addr == 0 || (vifp->v_flags & VIFF_TUNNEL))
return (EADDRNOTAVAIL);
s = splnet();
if (gcp->lgc_gaddr.s_addr == vifp->v_cached_group)
vifp->v_cached_result = 0;
error = EADDRNOTAVAIL;
for (i = 0; i < vifp->v_lcl_grps_n; ++i)
if (same(&gcp->lgc_gaddr, &vifp->v_lcl_grps[i])) {
error = 0;
vifp->v_lcl_grps_n--;
bcopy((caddr_t)&vifp->v_lcl_grps[i + 1],
(caddr_t)&vifp->v_lcl_grps[i],
(vifp->v_lcl_grps_n - i) * sizeof(struct in_addr));
error = 0;
break;
}
splx(s);
return (error);
}
/*
* Return 1 if gaddr is a member of the local group list for vifp.
*/
static int
grplst_member(vifp, gaddr)
register struct vif *vifp;
struct in_addr gaddr;
{
register int i, s;
register u_long addr;
mrtstat.mrts_grp_lookups++;
addr = gaddr.s_addr;
if (addr == vifp->v_cached_group)
return (vifp->v_cached_result);
mrtstat.mrts_grp_misses++;
for (i = 0; i < vifp->v_lcl_grps_n; ++i)
if (addr == vifp->v_lcl_grps[i].s_addr) {
s = splnet();
vifp->v_cached_group = addr;
vifp->v_cached_result = 1;
splx(s);
return (1);
}
s = splnet();
vifp->v_cached_group = addr;
vifp->v_cached_result = 0;
splx(s);
return (0);
}
/*
* A simple hash function: returns MRTHASHMOD of the low-order octet of
* the argument's network or subnet number.
*/
static u_long
nethash(in)
struct in_addr in;
{
register u_long n;
n = in_netof(in);
while ((n & 0xff) == 0)
n >>= 8;
return (MRTHASHMOD(n));
}
/*
* Add an mrt entry
*/
static int
add_mrt(mrtcp)
register struct mrtctl *mrtcp;
{
struct mrt *rt;
u_long hash;
int s;
if (rt = mrtfind(mrtcp->mrtc_origin)) {
/* Just update the route */
s = splnet();
rt->mrt_parent = mrtcp->mrtc_parent;
VIFM_COPY(mrtcp->mrtc_children, rt->mrt_children);
VIFM_COPY(mrtcp->mrtc_leaves, rt->mrt_leaves);
splx(s);
return (0);
}
s = splnet();
rt = (struct mrt *)malloc(sizeof(*rt), M_MRTABLE, M_NOWAIT);
if (rt == NULL) {
splx(s);
return (ENOBUFS);
}
/*
* insert new entry at head of hash chain
*/
rt->mrt_origin = mrtcp->mrtc_origin;
rt->mrt_originmask = mrtcp->mrtc_originmask;
rt->mrt_parent = mrtcp->mrtc_parent;
VIFM_COPY(mrtcp->mrtc_children, rt->mrt_children);
VIFM_COPY(mrtcp->mrtc_leaves, rt->mrt_leaves);
/* link into table */
hash = nethash(mrtcp->mrtc_origin);
rt->mrt_next = mrttable[hash];
mrttable[hash] = rt;
splx(s);
return (0);
}
/*
* Delete an mrt entry
*/
static int
del_mrt(origin)
register struct in_addr *origin;
{
register struct mrt *rt, *prev_rt;
register u_long hash = nethash(*origin);
register int s;
for (prev_rt = rt = mrttable[hash]; rt; prev_rt = rt, rt = rt->mrt_next)
if (origin->s_addr == rt->mrt_origin.s_addr)
break;
if (!rt)
return (ESRCH);
s = splnet();
if (rt == cached_mrt)
cached_mrt = NULL;
if (prev_rt == rt)
mrttable[hash] = rt->mrt_next;
else
prev_rt->mrt_next = rt->mrt_next;
free(rt, M_MRTABLE);
splx(s);
return (0);
}
/*
* Find a route for a given origin IP address.
*/
static struct mrt *
mrtfind(origin)
struct in_addr origin;
{
register struct mrt *rt;
register u_int hash;
register int s;
mrtstat.mrts_mrt_lookups++;
if (cached_mrt != NULL &&
(origin.s_addr & cached_originmask) == cached_origin)
return (cached_mrt);
mrtstat.mrts_mrt_misses++;
hash = nethash(origin);
for (rt = mrttable[hash]; rt; rt = rt->mrt_next)
if ((origin.s_addr & rt->mrt_originmask.s_addr) ==
rt->mrt_origin.s_addr) {
s = splnet();
cached_mrt = rt;
cached_origin = rt->mrt_origin.s_addr;
cached_originmask = rt->mrt_originmask.s_addr;
splx(s);
return (rt);
}
return (NULL);
}
/*
* IP multicast forwarding function. This function assumes that the packet
* pointed to by "ip" has arrived on (or is about to be sent to) the interface
* pointed to by "ifp", and the packet is to be relayed to other networks
* that have members of the packet's destination IP multicast group.
*
* The packet is returned unscathed to the caller, unless it is tunneled
* or erroneous, in which case a non-zero return value tells the caller to
* discard it.
*/
#define IP_HDR_LEN 20 /* # bytes of fixed IP header (excluding options) */
#define TUNNEL_LEN 12 /* # bytes of IP option for tunnel encapsulation */
int
ip_mforward(m, ifp)
register struct mbuf *m;
register struct ifnet *ifp;
{
register struct ip *ip = mtod(m, struct ip *);
register struct mrt *rt;
register struct vif *vifp;
register int vifi;
register u_char *ipoptions;
u_long tunnel_src;
if (ip->ip_hl < (IP_HDR_LEN + TUNNEL_LEN) >> 2 ||
(ipoptions = (u_char *)(ip + 1))[1] != IPOPT_LSRR ) {
/*
* Packet arrived via a physical interface.
*/
tunnel_src = 0;
} else {
/*
* Packet arrived through a tunnel.
*
* A tunneled packet has a single NOP option and a
* two-element loose-source-and-record-route (LSRR)
* option immediately following the fixed-size part of
* the IP header. At this point in processing, the IP
* header should contain the following IP addresses:
*
* original source - in the source address field
* destination group - in the destination address field
* remote tunnel end-point - in the first element of LSRR
* one of this host's addrs - in the second element of LSRR
*
* NOTE: RFC-1075 would have the original source and
* remote tunnel end-point addresses swapped. However,
* that could cause delivery of ICMP error messages to
* innocent applications on intermediate routing
* hosts! Therefore, we hereby change the spec.
*/
/*
* Verify that the tunnel options are well-formed.
*/
if (ipoptions[0] != IPOPT_NOP ||
ipoptions[2] != 11 || /* LSRR option length */
ipoptions[3] != 12 || /* LSRR address pointer */
(tunnel_src = *(u_long *)(&ipoptions[4])) == 0) {
mrtstat.mrts_bad_tunnel++;
return (1);
}
/*
* Delete the tunnel options from the packet.
*/
ovbcopy((caddr_t)(ipoptions + TUNNEL_LEN), (caddr_t)ipoptions,
(unsigned)(m->m_len - (IP_HDR_LEN + TUNNEL_LEN)));
m->m_len -= TUNNEL_LEN;
ip->ip_len -= TUNNEL_LEN;
ip->ip_hl -= TUNNEL_LEN >> 2;
}
/*
* Don't forward a packet with time-to-live of zero or one,
* or a packet destined to a local-only group.
*/
if (ip->ip_ttl <= 1 ||
ntohl(ip->ip_dst.s_addr) <= INADDR_MAX_LOCAL_GROUP)
return ((int)tunnel_src);
/*
* Don't forward if we don't have a route for the packet's origin.
*/
if (!(rt = mrtfind(ip->ip_src))) {
mrtstat.mrts_no_route++;
return ((int)tunnel_src);
}
/*
* Don't forward if it didn't arrive from the parent vif for its origin.
*/
vifi = rt->mrt_parent;
if (tunnel_src == 0 ) {
if ((viftable[vifi].v_flags & VIFF_TUNNEL) ||
viftable[vifi].v_ifp != ifp )
return ((int)tunnel_src);
} else {
if (!(viftable[vifi].v_flags & VIFF_TUNNEL) ||
viftable[vifi].v_rmt_addr.s_addr != tunnel_src )
return ((int)tunnel_src);
}
/*
* For each vif, decide if a copy of the packet should be forwarded.
* Forward if:
* - the ttl exceeds the vif's threshold AND
* - the vif is a child in the origin's route AND
* - ( the vif is not a leaf in the origin's route OR
* the destination group has members on the vif )
*
* (This might be speeded up with some sort of cache -- someday.)
*/
for (vifp = viftable, vifi = 0; vifi < numvifs; vifp++, vifi++) {
if (ip->ip_ttl > vifp->v_threshold &&
VIFM_ISSET(vifi, rt->mrt_children) &&
(!VIFM_ISSET(vifi, rt->mrt_leaves) ||
grplst_member(vifp, ip->ip_dst))) {
if (vifp->v_flags & VIFF_TUNNEL)
tunnel_send(m, vifp);
else
phyint_send(m, vifp);
}
}
return ((int)tunnel_src);
}
static void
phyint_send(m, vifp)
register struct mbuf *m;
register struct vif *vifp;
{
register struct ip *ip = mtod(m, struct ip *);
register struct mbuf *mb_copy;
register struct ip_moptions *imo;
register int error;
struct ip_moptions simo;
mb_copy = m_copy(m, 0, M_COPYALL);
if (mb_copy == NULL)
return;
imo = &simo;
imo->imo_multicast_ifp = vifp->v_ifp;
imo->imo_multicast_ttl = ip->ip_ttl - 1;
imo->imo_multicast_loop = 1;
error = ip_output(mb_copy, NULL, NULL, IP_FORWARDING, imo);
}
static void
tunnel_send(m, vifp)
register struct mbuf *m;
register struct vif *vifp;
{
register struct ip *ip = mtod(m, struct ip *);
register struct mbuf *mb_copy, *mb_opts;
register struct ip *ip_copy;
register int error;
register u_char *cp;
/*
* Make sure that adding the tunnel options won't exceed the
* maximum allowed number of option bytes.
*/
if (ip->ip_hl > (60 - TUNNEL_LEN) >> 2) {
mrtstat.mrts_cant_tunnel++;
return;
}
/*
* Get a private copy of the IP header so that changes to some
* of the IP fields don't damage the original header, which is
* examined later in ip_input.c.
*/
mb_copy = m_copy(m, IP_HDR_LEN, M_COPYALL);
if (mb_copy == NULL)
return;
MGETHDR(mb_opts, M_DONTWAIT, MT_HEADER);
if (mb_opts == NULL) {
m_freem(mb_copy);
return;
}
/*
* Make mb_opts be the new head of the packet chain.
* Any options of the packet were left in the old packet chain head
*/
mb_opts->m_next = mb_copy;
mb_opts->m_len = IP_HDR_LEN + TUNNEL_LEN;
mb_opts->m_data += MSIZE - mb_opts->m_len;
ip_copy = mtod(mb_opts, struct ip *);
/*
* Copy the base ip header to the new head mbuf.
*/
*ip_copy = *ip;
ip_copy->ip_ttl--;
ip_copy->ip_dst = vifp->v_rmt_addr; /* remote tunnel end-point */
/*
* Adjust the ip header length to account for the tunnel options.
*/
ip_copy->ip_hl += TUNNEL_LEN >> 2;
ip_copy->ip_len += TUNNEL_LEN;
/*
* Add the NOP and LSRR after the base ip header
*/
cp = (u_char *)(ip_copy + 1);
*cp++ = IPOPT_NOP;
*cp++ = IPOPT_LSRR;
*cp++ = 11; /* LSRR option length */
*cp++ = 8; /* LSSR pointer to second element */
*(u_long*)cp = vifp->v_lcl_addr.s_addr; /* local tunnel end-point */
cp += 4;
*(u_long*)cp = ip->ip_dst.s_addr; /* destination group */
error = ip_output(mb_opts, NULL, NULL, IP_FORWARDING, NULL);
}
#endif
|
