Remove virtual tunnel support from the mrouting code. The virtual tunnel

code breaks multicast on gif(4) interfaces and it is far better to configure
a real gif(4) tunnel instead of a multicast tunnel as the latter is almost
not manageable. OK norby@, mblamer@

3 files changed, 6 insertions, 121 deletions

diff --git a/sys/netinet/ip_ipip.c b/sys/netinet/ip_ipip.c
index f14d2e2d82d..416501730a4 100644
--- a/sys/netinet/ip_ipip.c
+++ b/sys/netinet/ip_ipip.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_ipip.c,v 1.36 2006/03/25 22:41:48 djm Exp $ */
+/*	$OpenBSD: ip_ipip.c,v 1.37 2006/04/25 15:49:35 claudio Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -185,15 +185,6 @@ ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp)
 
 	ipo = mtod(m, struct ip *);
 
-#ifdef MROUTING
-	if (ipo->ip_v == IPVERSION && ipo->ip_p == IPPROTO_IPV4) {
-		if (IN_MULTICAST(((struct ip *)((char *) ipo + iphlen))->ip_dst.s_addr)) {
-			ipip_mroute_input (m, iphlen);
-			return;
-		}
-	}
-#endif /* MROUTING */
-
 	/* Keep outer ecn field. */
 	switch (v >> 4) {
 #ifdef INET
diff --git a/sys/netinet/ip_mroute.c b/sys/netinet/ip_mroute.c
index 85c32162088..fb810290ea1 100644
--- a/sys/netinet/ip_mroute.c
+++ b/sys/netinet/ip_mroute.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_mroute.c,v 1.42 2005/04/25 17:55:51 brad Exp $	*/
+/*	$OpenBSD: ip_mroute.c,v 1.43 2006/04/25 15:49:35 claudio Exp $	*/
 /*	$NetBSD: ip_mroute.c,v 1.85 2004/04/26 01:31:57 matt Exp $	*/
 
 /*
@@ -320,13 +320,6 @@ static vifi_t	   numvifs = 0;
 static int have_encap_tunnel = 0;
 
 /*
- * one-back cache used by ipip_mroute_input to locate a tunnel's vif
- * given a datagram's src ip address.
- */
-static struct in_addr last_encap_src;
-static struct vif *last_encap_vif;
-
-/*
  * whether or not special PIM assert processing is enabled.
  */
 static int pim_assert;
@@ -854,25 +847,8 @@ add_vif(struct mbuf *m)
 	}
 
 	if (vifcp->vifc_flags & VIFF_TUNNEL) {
-		if (vifcp->vifc_flags & VIFF_SRCRT) {
-			log(LOG_ERR, "Source routed tunnels not supported.\n");
-			return (EOPNOTSUPP);
-		}
-
-		/* Create a fake encapsulation interface. */
-		ifp = (struct ifnet *)malloc(sizeof(*ifp), M_MRTABLE, M_WAITOK);
-		bzero(ifp, sizeof(*ifp));
-		snprintf(ifp->if_xname, sizeof ifp->if_xname,
-		    "mdecap%d", vifcp->vifc_vifi);
-
-		/* Prepare cached route entry. */
-		bzero(&vifp->v_route, sizeof(vifp->v_route));
-
-		/*
-		 * Tell ipip_mroute_input() to start looking at
-		 * encapsulated packets.
-		 */
-		have_encap_tunnel = 1;
+		/* tunnels are no longer supported use gif(4) instead */
+		return (EOPNOTSUPP);
 #ifdef PIM
 	} else if (vifcp->vifc_flags & VIFF_REGISTER) {
 		ifp = &multicast_register_if;
@@ -971,11 +947,7 @@ reset_vif(struct vif *vifp)
 	}
 
 	if (vifp->v_flags & VIFF_TUNNEL) {
-		free(vifp->v_ifp, M_MRTABLE);
-		if (vifp == last_encap_vif) {
-			last_encap_vif = NULL;
-			last_encap_src = zeroin_addr;
-		}
+		/* empty */
 	} else if (vifp->v_flags & VIFF_REGISTER) {
 #ifdef PIM
 		reg_vif_num = VIFI_INVALID;
@@ -1927,82 +1899,6 @@ encap_send(struct ip *ip, struct vif *vifp, struct mbuf *m)
 }
 
 /*
- * De-encapsulate a packet and feed it back through ip input (this
- * routine is called whenever IP gets a packet with proto type
- * ENCAP_PROTO and a local destination address).
- */
-void
-ipip_mroute_input(struct mbuf *m, ...)
-{
-	int hlen;
-	struct ip *ip = mtod(m, struct ip *);
-	int s;
-	struct ifqueue *ifq;
-	struct vif *vifp;
-	va_list ap;
-
-	va_start(ap, m);
-	hlen = va_arg(ap, int);
-	va_end(ap);
-
-	if (!have_encap_tunnel) {
-		rip_input(m, 0);
-		return;
-	}
-
-	/*
-	 * dump the packet if we don't have an encapsulating tunnel
-	 * with the source.
-	 * Note:  This code assumes that the remote site IP address
-	 * uniquely identifies the tunnel (i.e., that this site has
-	 * at most one tunnel with the remote site).
-	 */
-	if (!in_hosteq(ip->ip_src, last_encap_src)) {
-		struct vif *vife;
-
-		vifp = viftable;
-		vife = vifp + numvifs;
-		for (; vifp < vife; vifp++)
-			if (vifp->v_flags & VIFF_TUNNEL &&
-			    in_hosteq(vifp->v_rmt_addr, ip->ip_src))
-				break;
-		if (vifp == vife) {
-			mrtstat.mrts_cant_tunnel++; /*XXX*/
-			m_freem(m);
-			if (mrtdebug)
-				log(LOG_DEBUG,
-				    "ip_mforward: no tunnel with %x\n",
-				    ntohl(ip->ip_src.s_addr));
-			return;
-		}
-		last_encap_vif = vifp;
-		last_encap_src = ip->ip_src;
-	} else
-		vifp = last_encap_vif;
-
-	m->m_data += hlen;
-	m->m_len -= hlen;
-	m->m_pkthdr.len -= hlen;
-	m->m_pkthdr.rcvif = vifp->v_ifp;
-	ifq = &ipintrq;
-	s = splnet();
-	if (IF_QFULL(ifq)) {
-		IF_DROP(ifq);
-		m_freem(m);
-	} else {
-		IF_ENQUEUE(ifq, m);
-		/*
-		 * normally we would need a "schednetisr(NETISR_IP)"
-		 * here but we were called by ip_input and it is going
-		 * to loop back & try to dequeue the packet we just
-		 * queued as soon as we return so we avoid the
-		 * unnecessary software interrrupt.
-		 */
-	}
-	splx(s);
-}
-
-/*
  * Token bucket filter module
  */
 static void
diff --git a/sys/netinet/ip_mroute.h b/sys/netinet/ip_mroute.h
index c335aeb6b5e..a773288eb86 100644
--- a/sys/netinet/ip_mroute.h
+++ b/sys/netinet/ip_mroute.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_mroute.h,v 1.13 2006/03/30 14:28:28 norby Exp $	*/
+/*	$OpenBSD: ip_mroute.h,v 1.14 2006/04/25 15:49:35 claudio Exp $	*/
 /*	$NetBSD: ip_mroute.h,v 1.23 2004/04/21 17:49:46 itojun Exp $	*/
 
 #ifndef _NETINET_IP_MROUTE_H_
@@ -349,7 +349,5 @@ void	rsvp_input(struct mbuf *, int, int);
 int	ip_mforward(struct mbuf *, struct ifnet *);
 #endif /* RSVP_ISI */
 
-void	ipip_mroute_input(struct mbuf *, ...);
-
 #endif /* _KERNEL */
 #endif /* _NETINET_IP_MROUTE_H_ */