diff options
author | Kazuya Goda <goda@cvs.openbsd.org> | 2015-12-03 12:42:04 +0000 |
---|---|---|
committer | Kazuya Goda <goda@cvs.openbsd.org> | 2015-12-03 12:42:04 +0000 |
commit | e7e11e4251e7fbdf2f2df72c55ecef04d1c30a84 (patch) | |
tree | bd10d2e37945862e473b9a43f8075ba1ea2b0099 /sys | |
parent | 8bba96356b9261c4ccc0d781edba2e4fa72b3e94 (diff) |
Implement etherip(4) driver
This commit is not removing the existing EtherIP part of gif(4) and
it keeps EtherIP of gif(4) working.
ok jbg@ sthen@ mpi@ reyk@ yasuoka@
Diffstat (limited to 'sys')
-rw-r--r-- | sys/conf/GENERIC | 3 | ||||
-rw-r--r-- | sys/conf/files | 4 | ||||
-rw-r--r-- | sys/net/if_etherip.c | 673 | ||||
-rw-r--r-- | sys/net/if_etherip.h | 83 | ||||
-rw-r--r-- | sys/netinet/in_proto.c | 14 | ||||
-rw-r--r-- | sys/netinet6/in6_proto.c | 14 |
6 files changed, 787 insertions, 4 deletions
diff --git a/sys/conf/GENERIC b/sys/conf/GENERIC index 22f982647f2..55e8f31a8bd 100644 --- a/sys/conf/GENERIC +++ b/sys/conf/GENERIC @@ -1,4 +1,4 @@ -# $OpenBSD: GENERIC,v 1.222 2015/10/24 10:52:05 reyk Exp $ +# $OpenBSD: GENERIC,v 1.223 2015/12/03 12:42:03 goda Exp $ # # Machine-independent option; used by all architectures for their # GENERIC kernel @@ -91,6 +91,7 @@ pseudo-device systrace 1 # system call tracing device pseudo-device bpfilter # packet filter pseudo-device bridge # network bridging support pseudo-device carp # CARP protocol support +pseudo-device etherip # EtherIP (RFC 3378) pseudo-device gif # IPv[46] over IPv[46] tunnel (RFC1933) pseudo-device gre # GRE encapsulation interface pseudo-device loop # network loopback diff --git a/sys/conf/files b/sys/conf/files index 0c04f43aa6d..212a2923f3e 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -1,4 +1,4 @@ -# $OpenBSD: files,v 1.608 2015/12/01 18:28:29 goda Exp $ +# $OpenBSD: files,v 1.609 2015/12/03 12:42:03 goda Exp $ # $NetBSD: files,v 1.87 1996/05/19 17:17:50 jonathan Exp $ # @(#)files.newconf 7.5 (Berkeley) 5/10/93 @@ -531,6 +531,7 @@ pseudo-device ppp: ifnet pseudo-device tun: ifnet pseudo-device bpfilter: ifnet pseudo-device enc: ifnet +pseudo-device etherip: ifnet, ether, ifmedia pseudo-device bridge: ifnet, ether pseudo-device vlan: ifnet, ether pseudo-device carp: ifnet, ether @@ -759,6 +760,7 @@ file net/bpf.c bpfilter needs-count file net/bpf_filter.c bpfilter file net/if.c file net/if_ethersubr.c ether needs-flag +file net/if_etherip.c etherip needs-flag file net/if_spppsubr.c sppp file net/if_loop.c loop file net/if_media.c ifmedia diff --git a/sys/net/if_etherip.c b/sys/net/if_etherip.c new file mode 100644 index 00000000000..c9b1cc57c8a --- /dev/null +++ b/sys/net/if_etherip.c @@ -0,0 +1,673 @@ +/* + * Copyright (c) 2015 Kazuya GODA <goda@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "bpfilter.h" +#include "pf.h" +#include "gif.h" + +#include <sys/param.h> +#include <sys/systm.h> +#include <sys/mbuf.h> +#include <sys/socket.h> +#include <sys/sockio.h> +#include <sys/ioctl.h> +#include <sys/device.h> +#include <sys/errno.h> +#include <sys/protosw.h> +#include <sys/sysctl.h> + +#include <net/if.h> +#include <net/if_var.h> +#include <net/if_dl.h> +#include <net/if_media.h> +#include <netinet/in.h> +#include <netinet/in_systm.h> +#include <netinet/in_var.h> +#include <netinet/ip.h> +#include <netinet/ip_var.h> +#include <netinet/if_ether.h> +#include <netinet/ip_ether.h> +#ifdef INET6 +#include <netinet/ip6.h> +#include <netinet6/ip6_var.h> +#include <netinet6/in6_var.h> +#endif + +#if NBPFILTER > 0 +#include <net/bpf.h> +#endif + +#if NPF > 0 +#include <net/pfvar.h> +#endif + +#include <net/if_etherip.h> + +struct etherip_softc { + struct arpcom sc_ac; + struct ifmedia sc_media; + struct sockaddr_storage sc_src; + struct sockaddr_storage sc_dst; + LIST_ENTRY(etherip_softc) sc_entry; +}; + +LIST_HEAD(etherip_softc_list, etherip_softc); + +#if 0 +/* + * TODO: + * At this stage, etherip_allow and etheripstat are defined + * at netinet/ip_ether.c. When implementation of etherip is + * removed from gif(4), there are moved here. + */ + +/* + * We can control the acceptance of EtherIP packets by altering the sysctl + * net.inet.etherip.allow value. Zero means drop them, all else is acceptance. + */ +int etherip_allow = 0; + +struct etheripstat etheripstat; +#endif + +void etheripattach(int); +static int etherip_clone_create(struct if_clone *, int); +static int etherip_clone_destroy(struct ifnet *); +static int etherip_ioctl(struct ifnet *, u_long, caddr_t); +static void etherip_start(struct ifnet *); +static int etherip_media_change(struct ifnet *); +static void etherip_media_status(struct ifnet *, struct ifmediareq *); +static int etherip_set_tunnel_addr(struct ifnet *, struct sockaddr_storage *, + struct sockaddr_storage *); + +struct etherip_softc_list etherip_softc_list; +struct if_clone etherip_cloner = + IF_CLONE_INITIALIZER("etherip", etherip_clone_create, etherip_clone_destroy); + + +void +etheripattach(int count) +{ + + if_clone_attach(ðerip_cloner); +} + +static int +etherip_clone_create(struct if_clone *ifc, int unit) +{ + struct ifnet *ifp; + struct etherip_softc *sc; + + if ((sc = malloc(sizeof(*sc), + M_DEVBUF, M_NOWAIT|M_ZERO)) == NULL) + return (ENOMEM); + + ifp = &sc->sc_ac.ac_if; + snprintf(ifp->if_xname, sizeof ifp->if_xname, "etherip%d", unit); + ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; + ether_fakeaddr(ifp); + + ifp->if_softc = sc; + ifp->if_ioctl = etherip_ioctl; + ifp->if_start = etherip_start; + IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); + IFQ_SET_READY(&ifp->if_snd); + + ifp->if_capabilities = IFCAP_VLAN_MTU; + + ifmedia_init(&sc->sc_media, 0, etherip_media_change, + etherip_media_status); + ifmedia_add(&sc->sc_media, IFM_ETHER | IFM_AUTO, 0, NULL); + ifmedia_set(&sc->sc_media, IFM_ETHER | IFM_AUTO); + + if_attach(ifp); + ether_ifattach(ifp); + + LIST_INSERT_HEAD(ðerip_softc_list, sc, sc_entry); + + return (0); +} + +static int +etherip_clone_destroy(struct ifnet *ifp) +{ + struct etherip_softc *sc = ifp->if_softc; + + LIST_REMOVE(sc, sc_entry); + + ifmedia_delete_instance(&sc->sc_media, IFM_INST_ANY); + ether_ifdetach(ifp); + if_detach(ifp); + free(sc, M_DEVBUF, 0); + + return (0); +} + +static int +etherip_media_change(struct ifnet *ifp) +{ + return (0); +} + +static void +etherip_media_status(struct ifnet *ifp, struct ifmediareq *imr) +{ + imr->ifm_active = IFM_ETHER | IFM_AUTO; + imr->ifm_status = IFM_AVALID | IFM_ACTIVE; +} + +static void +etherip_start(struct ifnet *ifp) +{ + struct etherip_softc *sc = ifp->if_softc; + struct mbuf *m; + int s, error; + + for (;;) { + s = splnet(); + IFQ_DEQUEUE(&ifp->if_snd, m); + splx(s); + if (m == NULL) + break; + ifp->if_opackets++; + +#if NBPFILTER > 0 + if (ifp->if_bpf) + bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); +#endif + if (sc->sc_src.ss_family != AF_UNSPEC && sc->sc_dst.ss_family != AF_UNSPEC) { + ifp->if_flags |= IFF_OACTIVE; + switch (sc->sc_src.ss_family) { + case AF_INET: + error = ip_etherip_output(ifp, m); + break; +#ifdef INET6 + case AF_INET6: + error = ip6_etherip_output(ifp, m); + break; +#endif + default: + error = ENETDOWN; + } + ifp->if_flags &= ~IFF_OACTIVE; + } else + m_freem(m); + } + +} + + +static int +etherip_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) +{ + struct etherip_softc *sc = ifp->if_softc; + struct if_laddrreq *lifr = (struct if_laddrreq *)data; + struct ifreq *ifr = (struct ifreq *)data; + struct sockaddr_storage *src, *dst; + struct proc *p = curproc; + int s, error; + + switch (cmd) { + case SIOCSIFADDR: + ifp->if_flags |= IFF_UP; + /* FALLTHROUGH */ + + case SIOCSIFFLAGS: + if (ifp->if_flags & IFF_UP) + ifp->if_flags |= IFF_RUNNING; + else + ifp->if_flags &= ~IFF_RUNNING; + + error = 0; + break; + + case SIOCSLIFPHYADDR: + if ((error = suser(p, 0)) != 0) + break; + + src = &lifr->addr; + dst = &lifr->dstaddr; + if (src->ss_family == AF_UNSPEC || dst->ss_family == AF_UNSPEC) + return EADDRNOTAVAIL; + + switch (src->ss_family) { + case AF_INET: + if (src->ss_len != sizeof(struct sockaddr_in) || + dst->ss_len != sizeof(struct sockaddr_in)) + return EINVAL; + break; +#ifdef INET6 + case AF_INET6: + if (src->ss_len != sizeof(struct sockaddr_in6) || + dst->ss_len != sizeof(struct sockaddr_in6)) + return EINVAL; + break; +#endif + default: + return EAFNOSUPPORT; + } + + error = etherip_set_tunnel_addr(ifp, src, dst); + break; + + case SIOCDIFPHYADDR: + if ((error = suser(p, 0)) != 0) + break; + + s = splsoftnet(); + ifp->if_flags &= ~IFF_RUNNING; + bzero(&sc->sc_src, sizeof(sc->sc_src)); + bzero(&sc->sc_dst, sizeof(sc->sc_dst)); + splx(s); + error = 0; + break; + + case SIOCGLIFPHYADDR: + if (sc->sc_dst.ss_family == AF_UNSPEC) + return EADDRNOTAVAIL; + + bzero(&lifr->addr, sizeof(lifr->addr)); + bzero(&lifr->dstaddr, sizeof(lifr->dstaddr)); + memcpy(&lifr->addr, &sc->sc_src, sc->sc_src.ss_len); + memcpy(&lifr->dstaddr, &sc->sc_dst, sc->sc_dst.ss_len); + + error = 0; + break; + + case SIOCSIFMEDIA: + case SIOCGIFMEDIA: + error = ifmedia_ioctl(ifp, ifr, &sc->sc_media, cmd); + break; + + default: + error = ether_ioctl(ifp, &sc->sc_ac, cmd, data); + break; + } + + return (error); +} + +static int +etherip_set_tunnel_addr(struct ifnet *ifp, struct sockaddr_storage *src, + struct sockaddr_storage *dst) +{ + struct etherip_softc *sc, *tsc; + int s, error = 0; + + sc = ifp->if_softc; + + s = splnet(); + LIST_FOREACH (tsc, ðerip_softc_list, sc_entry) { + if (tsc == sc) + continue; + + if (tsc->sc_src.ss_family != src->ss_family || + tsc->sc_dst.ss_family != dst->ss_family || + tsc->sc_src.ss_len != src->ss_len || + tsc->sc_dst.ss_len != dst->ss_len) + continue; + + if (memcmp(&tsc->sc_dst, dst, dst->ss_len) == 0 && + memcmp(&tsc->sc_src, src, src->ss_len) == 0) { + error = EADDRNOTAVAIL; + goto out; + } + } + + memcpy(&sc->sc_src, src, src->ss_len); + memcpy(&sc->sc_dst, dst, dst->ss_len); +out: + splx(s); + + return error; +} + +int +ip_etherip_output(struct ifnet *ifp, struct mbuf *m) +{ + struct etherip_softc *sc = (struct etherip_softc *)ifp->if_softc; + struct sockaddr_in *src, *dst; + struct etherip_header *eip; + struct ip *ip; + int error; + + src = (struct sockaddr_in *)&sc->sc_src; + dst = (struct sockaddr_in *)&sc->sc_dst; + + if (src == NULL || dst == NULL || + src->sin_family != AF_INET || dst->sin_family != AF_INET) { + m_freem(m); + return EAFNOSUPPORT; + } + + m->m_flags &= ~(M_BCAST|M_MCAST); + + M_PREPEND(m, sizeof(struct etherip_header), M_DONTWAIT); + if (m == NULL) { + etheripstat.etherip_adrops++; + return ENOBUFS; + } + eip = mtod(m, struct etherip_header *); + eip->eip_ver = ETHERIP_VERSION; + eip->eip_res = 0; + eip->eip_pad = 0; + + M_PREPEND(m, sizeof(struct ip), M_DONTWAIT); + if (m == NULL) { + etheripstat.etherip_adrops++; + return ENOBUFS; + } + ip = mtod(m, struct ip *); + memset(ip, 0, sizeof(struct ip)); + + ip->ip_v = IPVERSION; + ip->ip_hl = sizeof(struct ip) >> 2; + ip->ip_id = htons(ip_randomid()); + ip->ip_tos = IPTOS_LOWDELAY; + ip->ip_p = IPPROTO_ETHERIP; + ip->ip_len = htons(m->m_pkthdr.len); + ip->ip_ttl = IPDEFTTL; + ip->ip_src = src->sin_addr; + if (dst->sin_addr.s_addr == INADDR_ANY) { + m_freem(m); + return ENETUNREACH; + } + ip->ip_dst = dst->sin_addr; + +#if NPF > 0 + pf_pkt_addr_changed(m); +#endif + etheripstat.etherip_opackets++; + etheripstat.etherip_obytes += (m->m_pkthdr.len - + (sizeof(struct ip) + sizeof(struct etherip_header))); + + error = ip_output(m, NULL, NULL, IP_RAWOUTPUT, NULL, NULL, 0); + if (error) + ifp->if_oerrors++; + + return error; +} + +void +ip_etherip_input(struct mbuf *m, ...) +{ + struct mbuf_list ml = MBUF_LIST_INITIALIZER(); + struct etherip_softc *sc; + const struct ip *ip; + struct etherip_header *eip; + struct sockaddr_in *src, *dst; + struct ifnet *ifp = NULL; + int off; + va_list ap; + + va_start(ap, m); + off = va_arg(ap, int); + va_end(ap); + + ip = mtod(m, struct ip *); + + if (ip->ip_p != IPPROTO_ETHERIP) { + m_freem(m); + ipstat.ips_noproto++; + return; + } + + if (!etherip_allow) { + m_freem(m); + etheripstat.etherip_pdrops++; + return; + } + + LIST_FOREACH(sc, ðerip_softc_list, sc_entry) { + if (sc->sc_src.ss_family != AF_INET || + sc->sc_dst.ss_family != AF_INET) + continue; + + src = (struct sockaddr_in *)&sc->sc_src; + dst = (struct sockaddr_in *)&sc->sc_dst; + + if (src->sin_addr.s_addr != ip->ip_dst.s_addr || + dst->sin_addr.s_addr != ip->ip_src.s_addr) + continue; + + ifp = &sc->sc_ac.ac_if; + break; + } + + if (ifp == NULL) { +#if NGIF > 0 + /* + * This path is nessesary for gif(4) and etherip(4) coexistence. + * This is tricky but the path will be removed soon when + * implementation of etherip is removed from gif(4). + */ + etherip_input(m, off); +#else + etheripstat.etherip_noifdrops++; + m_freem(m); +#endif /* NGIF */ + return; + } + + m_adj(m, off); + m = m_pullup(m, sizeof(struct etherip_header)); + if (m == NULL) { + etheripstat.etherip_adrops++; + return; + } + + eip = mtod(m, struct etherip_header *); + if (eip->eip_ver != ETHERIP_VERSION && eip->eip_pad) { + etheripstat.etherip_adrops++; + m_freem(m); + return; + } + + etheripstat.etherip_ipackets++; + etheripstat.etherip_ibytes += (m->m_pkthdr.len - + sizeof(struct etherip_header)); + + m_adj(m, sizeof(struct etherip_header)); + m = m_pullup(m, sizeof(struct ether_header)); + if (m == NULL) { + etheripstat.etherip_adrops++; + return; + } + m->m_flags &= ~(M_BCAST|M_MCAST); + + ifp->if_ipackets++; + + ml_enqueue(&ml, m); + if_input(ifp, &ml); + + return; +} + +#ifdef INET6 +int +ip6_etherip_output(struct ifnet *ifp, struct mbuf *m) +{ + struct etherip_softc *sc = (struct etherip_softc *)ifp->if_softc; + struct sockaddr_in6 *src, *dst; + struct etherip_header *eip; + struct ip6_hdr *ip6; + int error; + + src = (struct sockaddr_in6 *)&sc->sc_src; + dst = (struct sockaddr_in6 *)&sc->sc_dst; + + if (src == NULL || dst == NULL || + src->sin6_family != AF_INET6 || dst->sin6_family != AF_INET6) { + m_freem(m); + return EAFNOSUPPORT; + } + + m->m_flags &= ~(M_BCAST|M_MCAST); + + M_PREPEND(m, sizeof(struct etherip_header), M_DONTWAIT); + if (m == NULL) { + etheripstat.etherip_adrops++; + return ENOBUFS; + } + eip = mtod(m, struct etherip_header *); + eip->eip_ver = ETHERIP_VERSION; + eip->eip_res = 0; + eip->eip_pad = 0; + + M_PREPEND(m, sizeof(struct ip6_hdr), M_DONTWAIT); + if (m == NULL) { + etheripstat.etherip_adrops++; + return ENOBUFS; + } + ip6 = mtod(m, struct ip6_hdr *); + ip6->ip6_flow = 0; + ip6->ip6_vfc &= ~IPV6_VERSION_MASK; + ip6->ip6_vfc |= IPV6_VERSION; + ip6->ip6_nxt = IPPROTO_ETHERIP; + ip6->ip6_hlim = ip6_defhlim; + ip6->ip6_plen = htons(m->m_pkthdr.len - sizeof(struct ip6_hdr)); + ip6->ip6_src = src->sin6_addr; + if (!IN6_IS_ADDR_UNSPECIFIED(&dst->sin6_addr)) + ip6->ip6_dst = dst->sin6_addr; + else { + m_freem(m); + return ENETUNREACH; + } + +#if NPF > 0 + pf_pkt_addr_changed(m); +#endif + etheripstat.etherip_opackets++; + etheripstat.etherip_obytes += (m->m_pkthdr.len - + (sizeof(struct ip6_hdr) + sizeof(struct etherip_header))); + + error = ip6_output(m, 0, NULL, IPV6_MINMTU, 0, NULL); + if (error) + ifp->if_oerrors++; + + return error; +} + +int +ip6_etherip_input(struct mbuf **mp, int *offp, int proto) +{ + struct mbuf *m = *mp; + struct mbuf_list ml = MBUF_LIST_INITIALIZER(); + int off = *offp; + struct etherip_softc *sc; + const struct ip6_hdr *ip6; + struct etherip_header *eip; + struct sockaddr_in6 *src6, *dst6; + struct ifnet *ifp = NULL; + + + if (!etherip_allow) { + m_freem(m); + etheripstat.etherip_pdrops++; + return IPPROTO_NONE; + } + + ip6 = mtod(m, const struct ip6_hdr *); + + LIST_FOREACH(sc, ðerip_softc_list, sc_entry) { + if (sc->sc_src.ss_family != AF_INET6 || + sc->sc_dst.ss_family != AF_INET6) + continue; + + src6 = (struct sockaddr_in6 *)&sc->sc_src; + dst6 = (struct sockaddr_in6 *)&sc->sc_dst; + + if (!IN6_ARE_ADDR_EQUAL(&src6->sin6_addr, &ip6->ip6_dst) || + !IN6_ARE_ADDR_EQUAL(&dst6->sin6_addr, &ip6->ip6_src)) + continue; + + ifp = &sc->sc_ac.ac_if; + break; + } + + if (ifp == NULL) { +#if NGIF > 0 + /* + * This path is nessesary for gif(4) and etherip(4) coexistence. + * This is tricky but the path will be removed soon when + * implementation of etherip is removed from gif(4). + */ + return etherip_input6(mp, offp, proto); +#else + etheripstat.etherip_noifdrops++; + m_freem(m); + return IPPROTO_DONE; +#endif /* NGIF */ + } + + m_adj(m, off); + m = m_pullup(m, sizeof(struct etherip_header)); + if (m == NULL) { + etheripstat.etherip_adrops++; + return IPPROTO_DONE; + } + + eip = mtod(m, struct etherip_header *); + if ((eip->eip_ver != ETHERIP_VERSION) || eip->eip_pad) { + etheripstat.etherip_adrops++; + m_freem(m); + return IPPROTO_DONE; + } + etheripstat.etherip_ipackets++; + etheripstat.etherip_ibytes += (m->m_pkthdr.len - + sizeof(struct etherip_header)); + + m_adj(m, sizeof(struct etherip_header)); + m = m_pullup(m, sizeof(struct ether_header)); + if (m == NULL) { + etheripstat.etherip_adrops++; + return IPPROTO_DONE; + } + + m->m_flags &= ~(M_BCAST|M_MCAST); + + ifp->if_ipackets++; + + ml_enqueue(&ml, m); + if_input(ifp, &ml); + + return IPPROTO_DONE; +} + +#endif /* INET6 */ + +int +ip_etherip_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, + void *newp, size_t newlen) +{ + /* All sysctl names at this level are terminal. */ + if (namelen != 1) + return (ENOTDIR); + + switch (name[0]) { + case ETHERIPCTL_ALLOW: + return (sysctl_int(oldp, oldlenp, newp, newlen, + ðerip_allow)); + case ETHERIPCTL_STATS: + if (newp != NULL) + return (EPERM); + return (sysctl_struct(oldp, oldlenp, newp, newlen, + ðeripstat, sizeof(etheripstat))); + default: + return (ENOPROTOOPT); + } + /* NOTREACHED */ +} diff --git a/sys/net/if_etherip.h b/sys/net/if_etherip.h new file mode 100644 index 00000000000..dbf4e3b6719 --- /dev/null +++ b/sys/net/if_etherip.h @@ -0,0 +1,83 @@ +/* + * Copyright (c) 2015 Kazuya GODA <goda@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef _NET_IF_ETHERIP_H_ +#define _NET_IF_ETHERIP_H_ + +#if 0 +/* + * TODO: + * At this stage, struct etheripstat and struct etherip_header, and EtherIP sysctl + * objects are present at netinet/ip_ether.h . + * When implementation of etherip is removed from gif(4), there are moved here. + */ + +extern int etherip_allow; +extern struct etheripstat etheripstat; + +struct etheripstat { + u_int32_t etherip_hdrops; /* packet shorter than header shows */ + u_int32_t etherip_qfull; /* bridge queue full, packet dropped */ + u_int32_t etherip_noifdrops; /* no interface/bridge information */ + u_int32_t etherip_pdrops; /* packet dropped due to policy */ + u_int32_t etherip_adrops; /* all other drops */ + u_int32_t etherip_ipackets; /* total input packets */ + u_int32_t etherip_opackets; /* total output packets */ + u_int64_t etherip_ibytes; /* input bytes */ + u_int64_t etherip_obytes; /* output bytes */ +}; + +struct etherip_header { +#if BYTE_ORDER == LITTLE_ENDIAN + u_int eip_res:4; /* reserved */ + u_int eip_ver:4; /* version */ +#endif +#if BYTE_ORDER == BIG_ENDIAN + u_int eip_ver:4; /* version */ + u_int eip_res:4; /* reserved */ +#endif + u_int8_t eip_pad; /* required padding byte */ +} __packed; + +#define ETHERIP_VERSION 0x03 + +/* + * Names for Ether-IP sysctl objects + */ +#define ETHERIPCTL_ALLOW 1 /* accept incoming EtherIP packets */ +#define ETHERIPCTL_STATS 2 /* etherip stats */ +#define ETHERIPCTL_MAXID 3 + +#define ETHERIPCTL_NAMES { \ + { 0, 0 }, \ + { "allow", CTLTYPE_INT }, \ + { "stats", CTLTYPE_STRUCT }, \ +} + + +#endif /* 0 */ + +int ip_etherip_sysctl(int *, u_int, void *, size_t *, void *, size_t); +int ip_etherip_output(struct ifnet *, struct mbuf *); +void ip_etherip_input(struct mbuf *, ...); + +#ifdef INET6 +int ip6_etherip_output(struct ifnet *, struct mbuf *); +int ip6_etherip_input(struct mbuf **, int *, int); +#endif /* INET6 */ + + +#endif /* _NET_IF_ETHERIP_H_ */ diff --git a/sys/netinet/in_proto.c b/sys/netinet/in_proto.c index aea062d16f7..51e0e139c65 100644 --- a/sys/netinet/in_proto.c +++ b/sys/netinet/in_proto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in_proto.c,v 1.68 2015/10/07 10:50:35 mpi Exp $ */ +/* $OpenBSD: in_proto.c,v 1.69 2015/12/03 12:42:03 goda Exp $ */ /* $NetBSD: in_proto.c,v 1.14 1996/02/18 18:58:32 christos Exp $ */ /* @@ -170,6 +170,11 @@ #include <netinet/ip_divert.h> #endif +#include "etherip.h" +#if NETHERIP > 0 +#include <net/if_etherip.h> +#endif + u_char ip_protox[IPPROTO_MAX]; struct protosw inetsw[] = { @@ -299,6 +304,13 @@ struct protosw inetsw[] = { divert_init, 0, 0, 0, divert_sysctl }, #endif /* NPF > 0 */ +#if NETHERIP > 0 +{ SOCK_RAW, &inetdomain, IPPROTO_ETHERIP, PR_ATOMIC|PR_ADDR, + ip_etherip_input, rip_output, 0, rip_ctloutput, + rip_usrreq, + 0, 0, 0, 0, ip_etherip_sysctl +}, +#endif /* NETHERIP */ /* raw wildcard */ { SOCK_RAW, &inetdomain, 0, PR_ATOMIC|PR_ADDR, rip_input, rip_output, 0, rip_ctloutput, diff --git a/sys/netinet6/in6_proto.c b/sys/netinet6/in6_proto.c index 2e02e30b21c..dc75f5486b4 100644 --- a/sys/netinet6/in6_proto.c +++ b/sys/netinet6/in6_proto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in6_proto.c,v 1.82 2015/10/07 10:50:35 mpi Exp $ */ +/* $OpenBSD: in6_proto.c,v 1.83 2015/12/03 12:42:03 goda Exp $ */ /* $KAME: in6_proto.c,v 1.66 2000/10/10 15:35:47 itojun Exp $ */ /* @@ -115,6 +115,11 @@ #include <netinet6/ip6_divert.h> #endif +#include "etherip.h" +#if NETHERIP > 0 +#include <net/if_etherip.h> +#endif + /* * TCP/IP protocol family: IP6, ICMP6, UDP, TCP. */ @@ -234,6 +239,13 @@ struct ip6protosw inet6sw[] = { divert6_init, 0, 0, 0, divert6_sysctl }, #endif /* NPF > 0 */ +#if NETHERIP > 0 +{ SOCK_RAW, &inet6domain, IPPROTO_ETHERIP,PR_ATOMIC|PR_ADDR, + ip6_etherip_input, rip6_output, 0, rip6_ctloutput, + rip6_usrreq, + 0, 0, 0, 0, ip_etherip_sysctl +}, +#endif /* NETHERIP */ /* raw wildcard */ { SOCK_RAW, &inet6domain, 0, PR_ATOMIC|PR_ADDR, rip6_input, rip6_output, 0, rip6_ctloutput, |