summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2007-02-22 15:31:45 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2007-02-22 15:31:45 +0000
commit676afedb8b59d59ed64d97b2d16d5f3499259866 (patch)
treedde5ec4cb4d1c61ee2334a1844e1f0120389e612
parent227e0d7476a27451a63a1c68568ca238592f92e5 (diff)
Make gif(4) altq aware. This simplifies setting up traffic shaping on gif(4)
tunnels. Additional testing by Marc Winiger. OK kjc@ mbalmer@
-rw-r--r--sys/net/if_gif.c192
1 files changed, 128 insertions, 64 deletions
diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c
index aba00a8e73a..36512c6b400 100644
--- a/sys/net/if_gif.c
+++ b/sys/net/if_gif.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_gif.c,v 1.40 2007/02/10 15:34:22 claudio Exp $ */
+/* $OpenBSD: if_gif.c,v 1.41 2007/02/22 15:31:44 claudio Exp $ */
/* $KAME: if_gif.c,v 1.43 2001/02/20 08:51:07 itojun Exp $ */
/*
@@ -45,14 +45,17 @@
#ifdef INET
#include <netinet/in.h>
+#include <netinet/in_systm.h>
#include <netinet/in_var.h>
#include <netinet/in_gif.h>
+#include <netinet/ip.h>
#endif /* INET */
#ifdef INET6
#ifndef INET
#include <netinet/in.h>
#endif
+#include <netinet/ip6.h>
#include <netinet6/in6_gif.h>
#endif /* INET6 */
@@ -104,7 +107,8 @@ gif_clone_create(ifc, unit)
sc->gif_if.if_start = gif_start;
sc->gif_if.if_output = gif_output;
sc->gif_if.if_type = IFT_GIF;
- sc->gif_if.if_snd.ifq_maxlen = ifqmaxlen;
+ IFQ_SET_MAXLEN(&sc->gif_if.if_snd, ifqmaxlen);
+ IFQ_SET_READY(&sc->gif_if.if_snd);
sc->gif_if.if_softc = sc;
if_attach(&sc->gif_if);
if_alloc_sadl(&sc->gif_if);
@@ -147,42 +151,123 @@ void
gif_start(ifp)
struct ifnet *ifp;
{
-#if NBRIDGE > 0
- struct sockaddr dst;
-#endif /* NBRIDGE */
-
+ struct gif_softc *sc = (struct gif_softc*)ifp;
struct mbuf *m;
+ struct m_tag *mtag;
+ int family;
int s;
+ u_int8_t tp;
-#if NBRIDGE > 0
- bzero(&dst, sizeof(dst));
+ /* is interface up and running? */
+ if ((ifp->if_flags & (IFF_OACTIVE | IFF_UP)) != IFF_UP ||
+ sc->gif_psrc == NULL || sc->gif_pdst == NULL)
+ return;
- /*
- * XXX The assumption here is that only the ethernet bridge
- * uses the start routine of this interface, and it's thus
- * safe to do this.
- */
- dst.sa_family = AF_LINK;
-#endif /* NBRIDGE */
+ /* are the tunnel endpoints valid? */
+#ifdef INET
+ if (sc->gif_psrc->sa_family != AF_INET)
+#endif
+#ifdef INET6
+ if (sc->gif_psrc->sa_family != AF_INET6)
+#endif
+ return;
+
+ s = splnet();
+ ifp->if_flags |= IFF_OACTIVE;
+ splx(s);
- while (ifp->if_snd.ifq_head) {
+ while (1) {
s = splnet();
- IF_DEQUEUE(&ifp->if_snd, m);
+ IFQ_DEQUEUE(&ifp->if_snd, m);
splx(s);
if (m == NULL)
- return;
+ break;
+
+ /*
+ * gif may cause infinite recursion calls when misconfigured.
+ * We'll prevent this by detecting loops.
+ */
+ for (mtag = m_tag_find(m, PACKET_TAG_GIF, NULL); mtag;
+ mtag = m_tag_find(m, PACKET_TAG_GIF, mtag)) {
+ if (!bcmp((caddr_t)(mtag + 1), &ifp,
+ sizeof(struct ifnet *))) {
+ IF_DROP(&ifp->if_snd);
+ log(LOG_NOTICE, "gif_output: "
+ "recursively called too many times\n");
+ m_freem(m);
+ continue;
+ }
+ }
+
+ mtag = m_tag_get(PACKET_TAG_GIF, sizeof(caddr_t), M_NOWAIT);
+ if (mtag == NULL) {
+ m_freem(m);
+ break;
+ }
+ bcopy(&ifp, mtag + 1, sizeof(caddr_t));
+ m_tag_prepend(m, mtag);
+
+ /*
+ * remove multicast and broadcast flags or encapsulated paket
+ * ends up as multicast or broadcast packet.
+ */
+ m->m_flags &= ~(M_BCAST|M_MCAST);
+
+ /* extract address family */
+ tp = *mtod(m, u_int8_t *);
+ tp = (tp >> 4) & 0xff; /* Get the IP version number. */
+#ifdef INET
+ if (tp == IPVERSION)
+ family = AF_INET;
+#endif
+#ifdef INET6
+ if (tp == (IPV6_VERSION >> 4))
+ family = AF_INET6;
+#endif
#if NBRIDGE > 0
- /* Sanity check -- interface should be member of a bridge */
- if (ifp->if_bridge == NULL)
+ /*
+ * Check if the packet is comming via bridge and needs
+ * etherip encapsulation or not.
+ */
+ if (ifp->if_bridge)
+ for (mtag = m_tag_find(m, PACKET_TAG_BRIDGE, NULL);
+ mtag;
+ mtag = m_tag_find(m, PACKET_TAG_BRIDGE, mtag)) {
+ if (!bcmp(&ifp->if_bridge, mtag + 1,
+ sizeof(caddr_t))) {
+ family = AF_LINK;
+ break;
+ }
+ }
+#endif
+
+#if NBPFILTER > 0
+ if (ifp->if_bpf)
+ bpf_mtap_af(ifp->if_bpf, family, m, BPF_DIRECTION_OUT);
+#endif
+ ifp->if_opackets++;
+ ifp->if_obytes += m->m_pkthdr.len;
+
+ switch (sc->gif_psrc->sa_family) {
+#ifdef INET
+ case AF_INET:
+ in_gif_output(ifp, family, m);
+ break;
+#endif
+#ifdef INET6
+ case AF_INET6:
+ in6_gif_output(ifp, family, m);
+ break;
+#endif
+ default:
m_freem(m);
- else
- gif_output(ifp, m, &dst, NULL);
-#else
- m_freem(m);
-#endif /* NBRIDGE */
+ break;
+ }
}
+
+ ifp->if_flags &= ~IFF_OACTIVE;
}
int
@@ -194,7 +279,7 @@ gif_output(ifp, m, dst, rt)
{
struct gif_softc *sc = (struct gif_softc*)ifp;
int error = 0;
- struct m_tag *mtag;
+ int s;
if (!(ifp->if_flags & IFF_UP) ||
sc->gif_psrc == NULL || sc->gif_pdst == NULL) {
@@ -203,58 +288,37 @@ gif_output(ifp, m, dst, rt)
goto end;
}
- /*
- * gif may cause infinite recursion calls when misconfigured.
- * We'll prevent this by detecting loops.
- */
- for (mtag = m_tag_find(m, PACKET_TAG_GIF, NULL); mtag;
- mtag = m_tag_find(m, PACKET_TAG_GIF, mtag)) {
- if (!bcmp((caddr_t)(mtag + 1), &ifp, sizeof(struct ifnet *))) {
- IF_DROP(&ifp->if_snd);
- log(LOG_NOTICE,
- "gif_output: recursively called too many times\n");
- m_freem(m);
- error = EIO; /* is there better errno? */
- goto end;
- }
- }
-
- mtag = m_tag_get(PACKET_TAG_GIF, sizeof(struct ifnet *), M_NOWAIT);
- if (mtag == NULL) {
- IF_DROP(&ifp->if_snd);
- m_freem(m);
- error = ENOMEM;
- goto end;
- }
- bcopy(&ifp, (caddr_t)(mtag + 1), sizeof(struct ifnet *));
- m_tag_prepend(m, mtag);
-
- m->m_flags &= ~(M_BCAST|M_MCAST);
-
-#if NBPFILTER > 0
- if (ifp->if_bpf)
- bpf_mtap_af(ifp->if_bpf, dst->sa_family, m, BPF_DIRECTION_OUT);
-#endif
- ifp->if_opackets++;
- ifp->if_obytes += m->m_pkthdr.len;
-
switch (sc->gif_psrc->sa_family) {
#ifdef INET
case AF_INET:
- error = in_gif_output(ifp, dst->sa_family, m);
break;
#endif
#ifdef INET6
case AF_INET6:
- error = in6_gif_output(ifp, dst->sa_family, m);
break;
#endif
default:
m_freem(m);
error = ENETDOWN;
- break;
+ goto end;
}
+ s = splnet();
+ /*
+ * Queue message on interface, and start output if interface
+ * not yet active.
+ */
+ IFQ_ENQUEUE(&ifp->if_snd, m, NULL, error);
+ if (error) {
+ /* mbuf is already freed */
+ splx(s);
+ return (error);
+ }
+ if ((ifp->if_flags & IFF_OACTIVE) == 0)
+ (*ifp->if_start)(ifp);
+ splx(s);
+ return (error);
+
end:
if (error)
ifp->if_oerrors++;