1 /* $NetBSD: ip_gre.c,v 1.21 2002/08/14 00:23:30 itojun Exp $ */ 2 /* $FreeBSD$ */ 3 4 /* 5 * Copyright (c) 1998 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Heiko W.Rupp <hwr@pilhuhn.de> 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. All advertising materials mentioning features or use of this software 20 * must display the following acknowledgement: 21 * This product includes software developed by the NetBSD 22 * Foundation, Inc. and its contributors. 23 * 4. Neither the name of The NetBSD Foundation nor the names of its 24 * contributors may be used to endorse or promote products derived 25 * from this software without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 * POSSIBILITY OF SUCH DAMAGE. 38 */ 39 40 /* 41 * deencapsulate tunneled packets and send them on 42 * output half is in net/if_gre.[ch] 43 * This currently handles IPPROTO_GRE, IPPROTO_MOBILE 44 */ 45 46 #include "opt_inet.h" 47 #include "opt_ns.h" 48 #include "opt_atalk.h" 49 #include "bpf.h" 50 51 #include <sys/param.h> 52 #include <sys/systm.h> 53 #include <sys/mbuf.h> 54 #include <sys/socket.h> 55 #include <sys/socketvar.h> 56 #include <sys/protosw.h> 57 #include <sys/errno.h> 58 #include <sys/time.h> 59 #include <sys/kernel.h> 60 #include <sys/syslog.h> 61 #include <net/bpf.h> 62 #include <net/ethernet.h> 63 #include <net/if.h> 64 #include <net/netisr.h> 65 #include <net/route.h> 66 #include <net/raw_cb.h> 67 68 #ifdef INET 69 #include <netinet/in.h> 70 #include <netinet/in_var.h> 71 #include <netinet/in_systm.h> 72 #include <netinet/ip.h> 73 #include <netinet/ip_var.h> 74 #include <netinet/ip_gre.h> 75 #include <machine/in_cksum.h> 76 #else 77 #error ip_gre input without IP? 78 #endif 79 80 #ifdef NS 81 #include <netns/ns.h> 82 #include <netns/ns_if.h> 83 #endif 84 85 #ifdef NETATALK 86 #include <netatalk/at.h> 87 #include <netatalk/at_var.h> 88 #include <netatalk/at_extern.h> 89 #endif 90 91 /* Needs IP headers. */ 92 #include <net/if_gre.h> 93 94 #include <machine/stdarg.h> 95 96 #if 1 97 void gre_inet_ntoa(struct in_addr in); /* XXX */ 98 #endif 99 100 static struct gre_softc *gre_lookup __P((struct mbuf *, u_int8_t)); 101 102 static int gre_input2 __P((struct mbuf *, int, u_char)); 103 104 /* 105 * De-encapsulate a packet and feed it back through ip input (this 106 * routine is called whenever IP gets a packet with proto type 107 * IPPROTO_GRE and a local destination address). 108 * This really is simple 109 */ 110 void 111 #if __STDC__ 112 gre_input(struct mbuf *m, ...) 113 #else 114 gre_input(m, va_alist) 115 struct mbuf *m; 116 va_dcl 117 #endif 118 { 119 int off, ret, proto; 120 va_list ap; 121 122 va_start(ap, m); 123 off = va_arg(ap, int); 124 va_end(ap); 125 proto = (mtod(m, struct ip *))->ip_p; 126 127 ret = gre_input2(m, off, proto); 128 /* 129 * ret == 0 : packet not processed, meaning that 130 * no matching tunnel that is up is found. 131 * we inject it to raw ip socket to see if anyone picks it up. 132 */ 133 if (ret == 0) 134 rip_input(m, off); 135 } 136 137 /* 138 * decapsulate. 139 * Does the real work and is called from gre_input() (above) 140 * returns 0 if packet is not yet processed 141 * and 1 if it needs no further processing 142 * proto is the protocol number of the "calling" foo_input() 143 * routine. 144 */ 145 146 static int 147 gre_input2(struct mbuf *m ,int hlen, u_char proto) 148 { 149 struct greip *gip = mtod(m, struct greip *); 150 int s; 151 struct ifqueue *ifq; 152 struct gre_softc *sc; 153 u_short flags; 154 155 if ((sc = gre_lookup(m, proto)) == NULL) { 156 /* No matching tunnel or tunnel is down. */ 157 return (0); 158 } 159 160 sc->sc_if.if_ipackets++; 161 sc->sc_if.if_ibytes += m->m_pkthdr.len; 162 163 switch (proto) { 164 case IPPROTO_GRE: 165 hlen += sizeof (struct gre_h); 166 167 /* process GRE flags as packet can be of variable len */ 168 flags = ntohs(gip->gi_flags); 169 170 /* Checksum & Offset are present */ 171 if ((flags & GRE_CP) | (flags & GRE_RP)) 172 hlen += 4; 173 /* We don't support routing fields (variable length) */ 174 if (flags & GRE_RP) 175 return(0); 176 if (flags & GRE_KP) 177 hlen += 4; 178 if (flags & GRE_SP) 179 hlen +=4; 180 181 switch (ntohs(gip->gi_ptype)) { /* ethertypes */ 182 case ETHERTYPE_IP: /* shouldn't need a schednetisr(), as */ 183 ifq = &ipintrq; /* we are in ip_input */ 184 break; 185 #ifdef NS 186 case ETHERTYPE_NS: 187 ifq = &nsintrq; 188 schednetisr(NETISR_NS); 189 break; 190 #endif 191 #ifdef NETATALK 192 case ETHERTYPE_ATALK: 193 ifq = &atintrq1; 194 schednetisr(NETISR_ATALK); 195 break; 196 #endif 197 case ETHERTYPE_IPV6: 198 /* FALLTHROUGH */ 199 default: /* others not yet supported */ 200 return(0); 201 } 202 break; 203 default: 204 /* others not yet supported */ 205 return(0); 206 } 207 208 m->m_data += hlen; 209 m->m_len -= hlen; 210 m->m_pkthdr.len -= hlen; 211 212 #if NBPF > 0 213 if (sc->sc_if.if_bpf) { 214 struct mbuf m0; 215 u_int32_t af = AF_INET; 216 217 m0.m_next = m; 218 m0.m_len = 4; 219 m0.m_data = (char *)⁡ 220 221 bpf_mtap(&(sc->sc_if), &m0); 222 } 223 #endif /*NBPF > 0*/ 224 225 m->m_pkthdr.rcvif = &sc->sc_if; 226 227 s = splnet(); /* possible */ 228 if (_IF_QFULL(ifq)) { 229 _IF_DROP(ifq); 230 m_freem(m); 231 } else { 232 IF_ENQUEUE(ifq,m); 233 } 234 splx(s); 235 236 return(1); /* packet is done, no further processing needed */ 237 } 238 239 /* 240 * input routine for IPPRPOTO_MOBILE 241 * This is a little bit diffrent from the other modes, as the 242 * encapsulating header was not prepended, but instead inserted 243 * between IP header and payload 244 */ 245 246 void 247 #if __STDC__ 248 gre_mobile_input(struct mbuf *m, ...) 249 #else 250 gre_mobile_input(m, va_alist) 251 struct mbuf *m; 252 va_dcl 253 #endif 254 { 255 struct ip *ip = mtod(m, struct ip *); 256 struct mobip_h *mip = mtod(m, struct mobip_h *); 257 struct ifqueue *ifq; 258 struct gre_softc *sc; 259 int hlen,s; 260 va_list ap; 261 u_char osrc = 0; 262 int msiz; 263 264 va_start(ap,m); 265 hlen = va_arg(ap, int); 266 va_end(ap); 267 268 if ((sc = gre_lookup(m, IPPROTO_MOBILE)) == NULL) { 269 /* No matching tunnel or tunnel is down. */ 270 m_freem(m); 271 return; 272 } 273 274 sc->sc_if.if_ipackets++; 275 sc->sc_if.if_ibytes += m->m_pkthdr.len; 276 277 if(ntohs(mip->mh.proto) & MOB_H_SBIT) { 278 osrc = 1; 279 msiz = MOB_H_SIZ_L; 280 mip->mi.ip_src.s_addr = mip->mh.osrc; 281 } else { 282 msiz = MOB_H_SIZ_S; 283 } 284 mip->mi.ip_dst.s_addr = mip->mh.odst; 285 mip->mi.ip_p = (ntohs(mip->mh.proto) >> 8); 286 287 if (gre_in_cksum((u_short*)&mip->mh,msiz) != 0) { 288 m_freem(m); 289 return; 290 } 291 292 bcopy((caddr_t)(ip) + (ip->ip_hl << 2) + msiz, (caddr_t)(ip) + 293 (ip->ip_hl << 2), m->m_len - msiz - (ip->ip_hl << 2)); 294 m->m_len -= msiz; 295 m->m_pkthdr.len -= msiz; 296 297 /* 298 * On FreeBSD, rip_input() supplies us with ip->ip_len 299 * already converted into host byteorder and also decreases 300 * it by the lengh of IP header, however, ip_input() expects 301 * that this field is in the original format (network byteorder 302 * and full size of IP packet), so that adjust accordingly. 303 */ 304 ip->ip_len = htons(ip->ip_len + sizeof(struct ip) - msiz); 305 306 ip->ip_sum = 0; 307 ip->ip_sum = in_cksum(m, (ip->ip_hl << 2)); 308 309 #if NBPF > 0 310 if (sc->sc_if.if_bpf) { 311 struct mbuf m0; 312 u_int af = AF_INET; 313 314 m0.m_next = m; 315 m0.m_len = 4; 316 m0.m_data = (char *)⁡ 317 318 bpf_mtap(&(sc->sc_if), &m0); 319 } 320 #endif /*NBPFILTER > 0*/ 321 322 m->m_pkthdr.rcvif = &sc->sc_if; 323 324 ifq = &ipintrq; 325 s = splnet(); /* possible */ 326 if (_IF_QFULL(ifq)) { 327 _IF_DROP(ifq); 328 m_freem(m); 329 } else { 330 IF_ENQUEUE(ifq,m); 331 } 332 splx(s); 333 } 334 335 /* 336 * Find the gre interface associated with our src/dst/proto set. 337 */ 338 static struct gre_softc * 339 gre_lookup(m, proto) 340 struct mbuf *m; 341 u_int8_t proto; 342 { 343 struct ip *ip = mtod(m, struct ip *); 344 struct gre_softc *sc; 345 346 for (sc = LIST_FIRST(&gre_softc_list); sc != NULL; 347 sc = LIST_NEXT(sc, sc_list)) { 348 if ((sc->g_dst.s_addr == ip->ip_src.s_addr) && 349 (sc->g_src.s_addr == ip->ip_dst.s_addr) && 350 (sc->g_proto == proto) && 351 ((sc->sc_if.if_flags & IFF_UP) != 0)) 352 return (sc); 353 } 354 355 return (NULL); 356 } 357