summaryrefslogtreecommitdiff
path: root/sys/net
diff options
context:
space:
mode:
authorYASUOKA Masahiko <yasuoka@cvs.openbsd.org>2011-07-08 18:30:18 +0000
committerYASUOKA Masahiko <yasuoka@cvs.openbsd.org>2011-07-08 18:30:18 +0000
commit10fcba53ef6983f49604f8f0da1619428df97c97 (patch)
treecfcb48c33f5803859f0a19286ecac3e7e8f14b24 /sys/net
parent48142241ec73b235e102c03fa64123d49a404e71 (diff)
Include PIPEX in kernel by default. And add new sysctl variable
`net.pipex.enable' to enable PIPEX. By default, pipex is disabled and it will not process packets from wire. Update man pages and update HOWTO_PIPEX_NPPPD.txt for testers. discussed with dlg@, ok deraadt@ mcbride@ claudio@
Diffstat (limited to 'sys/net')
-rw-r--r--sys/net/if_ethersubr.c14
-rw-r--r--sys/net/pipex.c22
-rw-r--r--sys/net/pipex.h20
3 files changed, 47 insertions, 9 deletions
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index d5b77eb20aa..0321a33726f 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_ethersubr.c,v 1.149 2011/07/04 23:58:26 claudio Exp $ */
+/* $OpenBSD: if_ethersubr.c,v 1.150 2011/07/08 18:30:16 yasuoka Exp $ */
/* $NetBSD: if_ethersubr.c,v 1.19 1996/05/07 02:40:30 thorpej Exp $ */
/*
@@ -750,14 +750,14 @@ decapsulate:
eh_tmp = mtod(m, struct ether_header *);
bcopy(eh, eh_tmp, sizeof(struct ether_header));
#ifdef PIPEX
- {
- struct pipex_session *session;
+ if (pipex_enable) {
+ struct pipex_session *session;
- if ((session = pipex_pppoe_lookup_session(m)) != NULL) {
- pipex_pppoe_input(m, session);
- goto done;
+ if ((session = pipex_pppoe_lookup_session(m)) != NULL) {
+ pipex_pppoe_input(m, session);
+ goto done;
+ }
}
- }
#endif
if (etype == ETHERTYPE_PPPOEDISC)
inq = &pppoediscinq;
diff --git a/sys/net/pipex.c b/sys/net/pipex.c
index 6ee41c1e46c..f5db7bf21e2 100644
--- a/sys/net/pipex.c
+++ b/sys/net/pipex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pipex.c,v 1.18 2011/07/07 22:32:51 mcbride Exp $ */
+/* $OpenBSD: pipex.c,v 1.19 2011/07/08 18:30:17 yasuoka Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
@@ -36,6 +36,7 @@
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/select.h>
+#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <sys/conf.h>
#include <sys/time.h>
@@ -84,6 +85,7 @@
/*
* static/global variables
*/
+int pipex_enable = 0;
struct pipex_hash_head
pipex_session_list, /* master session list */
pipex_close_wait_list, /* expired session list */
@@ -2978,3 +2980,21 @@ pipex_sockaddr_compar_addr(struct sockaddr *a, struct sockaddr *b)
panic("pipex_sockaddr_compar_addr: unknown address family");
return -1;
}
+
+int
+pipex_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
+ size_t newlen)
+{
+ /* All sysctl names at this level are terminal. */
+ if (namelen != 1)
+ return (ENOTDIR);
+
+ switch (name[0]) {
+ case PIPEXCTL_ENABLE:
+ return (sysctl_int(oldp, oldlenp, newp, newlen,
+ &pipex_enable));
+ default:
+ return (ENOPROTOOPT);
+ }
+ /* NOTREACHED */
+}
diff --git a/sys/net/pipex.h b/sys/net/pipex.h
index 063ea59e596..391e69ea54d 100644
--- a/sys/net/pipex.h
+++ b/sys/net/pipex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pipex.h,v 1.8 2011/04/02 11:52:44 dlg Exp $ */
+/* $OpenBSD: pipex.h,v 1.9 2011/07/08 18:30:17 yasuoka Exp $ */
/*
* Copyright (c) 2009 Internet Initiative Japan Inc.
@@ -29,6 +29,23 @@
#ifndef NET_PIPEX_H
#define NET_PIPEX_H 1
+/*
+ * Names for pipex sysctl objects
+ */
+#define PIPEXCTL_ENABLE 1
+#define PIPEXCTL_MAXID 2
+
+#define PIPEXCTL_NAMES { \
+ { 0, 0 }, \
+ { "enable", CTLTYPE_INT }, \
+}
+
+#define PIPEXCTL_VARS { \
+ NULL, \
+ &pipex_enable \
+ NULL \
+}
+
#define PIPEX_ENABLE 1
#define PIPEX_DISABLE 0
@@ -163,6 +180,7 @@ struct pipex_session_descr_req {
#define PIPEXSIFDESCR _IOW ('p', 8, struct pipex_session_descr_req)
#ifdef _KERNEL
+extern int pipex_enable;
struct pipex_session;