1 /* 2 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 /* 6 * Copyright (c) 1983 Regents of the University of California. 7 * All rights reserved. The Berkeley software License Agreement 8 * specifies the terms and conditions for redistribution. 9 */ 10 11 #pragma ident "%Z%%M% %I% %E% SMI" 12 13 #include "defs.h" 14 #include "strings.h" 15 #include "ifconfig.h" 16 #include <compat.h> 17 18 #include <sys/dlpi.h> 19 #include <libdlpi.h> 20 21 #include <inet/ip.h> 22 23 #define LOOPBACK_IF "lo0" 24 #define NONE_STR "none" 25 #define ARP_MOD_NAME "arp" 26 #define TUN_NAME "tun" 27 #define ATUN_NAME "atun" 28 #define TUN6TO4_NAME "6to4tun" 29 30 typedef struct if_flags { 31 uint64_t iff_value; 32 char *iff_name; 33 } if_flags_t; 34 35 static if_flags_t if_flags_tbl[] = { 36 { IFF_UP, "UP" }, 37 { IFF_BROADCAST, "BROADCAST" }, 38 { IFF_DEBUG, "DEBUG" }, 39 { IFF_LOOPBACK, "LOOPBACK" }, 40 { IFF_POINTOPOINT, "POINTOPOINT" }, 41 { IFF_NOTRAILERS, "NOTRAILERS" }, 42 { IFF_RUNNING, "RUNNING" }, 43 { IFF_NOARP, "NOARP" }, 44 { IFF_PROMISC, "PROMISC" }, 45 { IFF_ALLMULTI, "ALLMULTI" }, 46 { IFF_INTELLIGENT, "INTELLIGENT" }, 47 { IFF_MULTICAST, "MULTICAST" }, 48 { IFF_MULTI_BCAST, "MULTI_BCAST" }, 49 { IFF_UNNUMBERED, "UNNUMBERED" }, 50 { IFF_DHCPRUNNING, "DHCP" }, 51 { IFF_PRIVATE, "PRIVATE" }, 52 { IFF_NOXMIT, "NOXMIT" }, 53 { IFF_NOLOCAL, "NOLOCAL" }, 54 { IFF_DEPRECATED, "DEPRECATED" }, 55 { IFF_ADDRCONF, "ADDRCONF" }, 56 { IFF_ROUTER, "ROUTER" }, 57 { IFF_NONUD, "NONUD" }, 58 { IFF_ANYCAST, "ANYCAST" }, 59 { IFF_NORTEXCH, "NORTEXCH" }, 60 { IFF_IPV4, "IPv4" }, 61 { IFF_IPV6, "IPv6" }, 62 { IFF_MIPRUNNING, "MIP" }, 63 { IFF_NOFAILOVER, "NOFAILOVER" }, 64 { IFF_FAILED, "FAILED" }, 65 { IFF_STANDBY, "STANDBY" }, 66 { IFF_INACTIVE, "INACTIVE" }, 67 { IFF_OFFLINE, "OFFLINE" }, 68 { IFF_XRESOLV, "XRESOLV" }, 69 { IFF_COS_ENABLED, "CoS" }, 70 { IFF_PREFERRED, "PREFERRED" }, 71 { IFF_TEMPORARY, "TEMPORARY" }, 72 { IFF_FIXEDMTU, "FIXEDMTU" }, 73 { IFF_VIRTUAL, "VIRTUAL" }, 74 { IFF_DUPLICATE, "DUPLICATE" } 75 }; 76 77 static struct lifreq lifr; 78 /* current interface name a particular function is accessing */ 79 static char name[LIFNAMSIZ]; 80 /* foreach interface saved name */ 81 static char origname[LIFNAMSIZ]; 82 static char savedname[LIFNAMSIZ]; /* For addif */ 83 static int setaddr; 84 85 /* 86 * Make sure the algorithm variables hold more than the sizeof an algorithm 87 * in PF_KEY. (For now, more than a uint8_t.) The NO_***_?ALG indicates that 88 * there was no algorithm requested, and in the ipsec_req that service should 89 * be disabled. (E.g. if ah_aalg remains NO_AH_AALG, then AH will be 90 * disabled on that tunnel.) 91 */ 92 #define NO_AH_AALG 256 93 #define NO_ESP_AALG 256 94 #define NO_ESP_EALG 256 95 96 /* 97 * iface_t 98 * used by setifether to create a list of interfaces to mark 99 * down-up when changing the ethernet address of an interface 100 */ 101 typedef struct iface { 102 struct lifreq lifr; 103 struct iface *next; /* pointer to the next list element */ 104 } iface_t; 105 106 static iface_t *logifs = NULL; /* list of logical interfaces */ 107 static iface_t *phyif = NULL; /* physical interface */ 108 109 int s; 110 int af = AF_INET; /* default address family */ 111 int debug = 0; 112 int all = 0; /* setifdhcp() needs to know this */ 113 int verbose = 0; 114 int v4compat = 0; /* Compatible printing format */ 115 116 /* 117 * Function prototypes for command functions. 118 */ 119 static int addif(char *arg, int64_t param); 120 static int inetplumb(char *arg, int64_t param); 121 static int inetunplumb(char *arg, int64_t param); 122 static int removeif(char *arg, int64_t param); 123 static int setdebugflag(char *arg, int64_t param); 124 static int setifaddr(char *arg, int64_t param); 125 static int setifbroadaddr(char *arg, int64_t param); 126 static int setifdstaddr(char *arg, int64_t param); 127 static int setifether(char *arg, int64_t param); 128 static int setifflags(char *arg, int64_t param); 129 static int setifindex(char *arg, int64_t param); 130 static int setifmetric(char *arg, int64_t param); 131 static int setifmtu(char *arg, int64_t param); 132 static int setifnetmask(char *arg, int64_t param); 133 static int setifprefixlen(char *arg, int64_t param); 134 static int setifrevarp(char *arg, int64_t param); 135 static int setifsubnet(char *arg, int64_t param); 136 static int setiftdst(char *arg, int64_t param); 137 static int setiftoken(char *arg, int64_t param); 138 static int setiftsrc(char *arg, int64_t param); 139 static int setverboseflag(char *arg, int64_t param); 140 static int set_tun_ah_alg(char *arg, int64_t param); 141 static int set_tun_esp_auth_alg(char *arg, int64_t param); 142 static int set_tun_esp_encr_alg(char *arg, int64_t param); 143 static int modlist(char *arg, int64_t param); 144 static int modinsert(char *arg, int64_t param); 145 static int modremove(char *arg, int64_t param); 146 static int setifgroupname(char *arg, int64_t param); 147 static int configinfo(char *arg, int64_t param); 148 static void print_config_flags(uint64_t flags); 149 static void print_flags(uint64_t flags); 150 static void print_ifether(char *ifname); 151 static int set_tun_encap_limit(char *arg, int64_t param); 152 static int clr_tun_encap_limit(char *arg, int64_t param); 153 static int set_tun_hop_limit(char *arg, int64_t param); 154 static int setzone(char *arg, int64_t param); 155 static int setallzones(char *arg, int64_t param); 156 static int setifsrc(char *arg, int64_t param); 157 158 /* 159 * Address family specific function prototypes. 160 */ 161 static void in_getaddr(char *s, struct sockaddr *saddr, int *plenp); 162 static void in_status(int force, uint64_t flags); 163 static void in_configinfo(int force, uint64_t flags); 164 static void in6_getaddr(char *s, struct sockaddr *saddr, int *plenp); 165 static void in6_status(int force, uint64_t flags); 166 static void in6_configinfo(int force, uint64_t flags); 167 168 /* 169 * Misc support functions 170 */ 171 static int devfs_entry(di_node_t node, di_minor_t minor, void *arg); 172 static void foreachinterface(void (*func)(), int argc, char *argv[], 173 int af, int64_t onflags, int64_t offflags, 174 int64_t lifc_flags); 175 static void ifconfig(int argc, char *argv[], int af, struct lifreq *lifrp); 176 static boolean_t in_getmask(struct sockaddr_in *saddr, 177 boolean_t addr_set); 178 static int in_getprefixlen(char *addr, boolean_t slash, int plen); 179 static boolean_t in_prefixlentomask(int prefixlen, int maxlen, 180 uchar_t *mask); 181 static int settaddr(char *, int (*)(icfg_handle_t, 182 const struct sockaddr *, socklen_t)); 183 static void status(void); 184 static void ifstatus(const char *); 185 static void usage(void); 186 static int strioctl(int s, int cmd, char *buf, int buflen); 187 static int setifdhcp(const char *caller, const char *ifname, 188 int argc, char *argv[]); 189 static int ip_domux2fd(int *, int *, int *, int *); 190 static int ip_plink(int, int, int, int); 191 static int modop(char *arg, char op); 192 static int get_lun(char *); 193 static void selectifs(int argc, char *argv[], int af, 194 struct lifreq *lifrp); 195 static int updownifs(iface_t *ifs, int up); 196 197 #define max(a, b) ((a) < (b) ? (b) : (a)) 198 199 /* 200 * DHCP_EXIT_IF_FAILURE indicates that the operation failed, but if there 201 * are more interfaces to act on (i.e., ifconfig was invoked with -a), keep 202 * on going rather than exit with an error. 203 */ 204 205 #define DHCP_EXIT_IF_FAILURE -1 206 207 #define NEXTARG 0xffffff /* command takes an argument */ 208 #define OPTARG 0xfffffe /* command takes an optional argument */ 209 #define AF_ANY (-1) 210 211 /* Refer to the comments in ifconfig() on the netmask "hack" */ 212 #define NETMASK_CMD "netmask" 213 struct sockaddr_storage g_netmask; 214 enum { G_NETMASK_NIL, G_NETMASK_PENDING, G_NETMASK_SET } 215 g_netmask_set = G_NETMASK_NIL; 216 217 struct cmd { 218 char *c_name; 219 int64_t c_parameter; /* NEXTARG means next argv */ 220 int (*c_func)(char *, int64_t); 221 int c_abortonfail; /* don't continue parsing args */ 222 /* for the current interface */ 223 int c_af; /* address family restrictions */ 224 } cmds[] = { 225 { "up", IFF_UP, setifflags, 0, AF_ANY }, 226 { "down", -IFF_UP, setifflags, 0, AF_ANY }, 227 { "trailers", -IFF_NOTRAILERS, setifflags, 0, AF_ANY }, 228 { "-trailers", IFF_NOTRAILERS, setifflags, 0, AF_ANY }, 229 { "arp", -IFF_NOARP, setifflags, 0, AF_INET }, 230 { "-arp", IFF_NOARP, setifflags, 0, AF_INET }, 231 { "router", IFF_ROUTER, setifflags, 0, AF_ANY }, 232 { "-router", -IFF_ROUTER, setifflags, 0, AF_ANY }, 233 { "private", IFF_PRIVATE, setifflags, 0, AF_ANY }, 234 { "-private", -IFF_PRIVATE, setifflags, 0, AF_ANY }, 235 { "xmit", -IFF_NOXMIT, setifflags, 0, AF_ANY }, 236 { "-xmit", IFF_NOXMIT, setifflags, 0, AF_ANY }, 237 { "-nud", IFF_NONUD, setifflags, 0, AF_INET6 }, 238 { "nud", -IFF_NONUD, setifflags, 0, AF_INET6 }, 239 { "anycast", IFF_ANYCAST, setifflags, 0, AF_ANY }, 240 { "-anycast", -IFF_ANYCAST, setifflags, 0, AF_ANY }, 241 { "local", -IFF_NOLOCAL, setifflags, 0, AF_ANY }, 242 { "-local", IFF_NOLOCAL, setifflags, 0, AF_ANY }, 243 { "deprecated", IFF_DEPRECATED, setifflags, 0, AF_ANY }, 244 { "-deprecated", -IFF_DEPRECATED, setifflags, 0, AF_ANY }, 245 { "preferred", IFF_PREFERRED, setifflags, 0, AF_INET6 }, 246 { "-preferred", -IFF_PREFERRED, setifflags, 0, AF_INET6 }, 247 { "debug", 0, setdebugflag, 0, AF_ANY }, 248 { "verbose", 0, setverboseflag, 0, AF_ANY }, 249 { NETMASK_CMD, NEXTARG, setifnetmask, 0, AF_INET }, 250 { "metric", NEXTARG, setifmetric, 0, AF_ANY }, 251 { "mtu", NEXTARG, setifmtu, 0, AF_ANY }, 252 { "index", NEXTARG, setifindex, 0, AF_ANY }, 253 { "broadcast", NEXTARG, setifbroadaddr, 0, AF_INET }, 254 { "auto-revarp", 0, setifrevarp, 1, AF_INET }, 255 { "plumb", 0, inetplumb, 1, AF_ANY }, 256 { "unplumb", 0, inetunplumb, 0, AF_ANY }, 257 { "subnet", NEXTARG, setifsubnet, 0, AF_ANY }, 258 { "token", NEXTARG, setiftoken, 0, AF_INET6 }, 259 { "tsrc", NEXTARG, setiftsrc, 0, AF_ANY }, 260 { "tdst", NEXTARG, setiftdst, 0, AF_ANY }, 261 { "encr_auth_algs", NEXTARG, set_tun_esp_auth_alg, 0, AF_ANY }, 262 { "encr_algs", NEXTARG, set_tun_esp_encr_alg, 0, AF_ANY }, 263 { "auth_algs", NEXTARG, set_tun_ah_alg, 0, AF_ANY }, 264 { "addif", NEXTARG, addif, 1, AF_ANY }, 265 { "removeif", NEXTARG, removeif, 1, AF_ANY }, 266 { "modlist", 0, modlist, 1, AF_ANY }, 267 { "modinsert", NEXTARG, modinsert, 1, AF_ANY }, 268 { "modremove", NEXTARG, modremove, 1, AF_ANY }, 269 { "failover", -IFF_NOFAILOVER, setifflags, 1, AF_ANY }, 270 { "-failover", IFF_NOFAILOVER, setifflags, 1, AF_ANY }, 271 { "standby", IFF_STANDBY, setifflags, 1, AF_ANY }, 272 { "-standby", -IFF_STANDBY, setifflags, 1, AF_ANY }, 273 { "failed", IFF_FAILED, setifflags, 1, AF_ANY }, 274 { "-failed", -IFF_FAILED, setifflags, 1, AF_ANY }, 275 { "group", NEXTARG, setifgroupname, 1, AF_ANY }, 276 { "configinfo", 0, configinfo, 1, AF_ANY }, 277 { "encaplimit", NEXTARG, set_tun_encap_limit, 0, AF_ANY }, 278 { "-encaplimit", 0, clr_tun_encap_limit, 0, AF_ANY }, 279 { "thoplimit", NEXTARG, set_tun_hop_limit, 0, AF_ANY }, 280 { "set", NEXTARG, setifaddr, 0, AF_ANY }, 281 { "destination", NEXTARG, setifdstaddr, 0, AF_ANY }, 282 { "zone", NEXTARG, setzone, 0, AF_ANY }, 283 { "-zone", 0, setzone, 0, AF_ANY }, 284 { "all-zones", 0, setallzones, 0, AF_ANY }, 285 { "ether", OPTARG, setifether, 0, AF_ANY }, 286 { "usesrc", NEXTARG, setifsrc, 0, AF_ANY }, 287 { 0, 0, setifaddr, 0, AF_ANY }, 288 { 0, 0, setifdstaddr, 0, AF_ANY }, 289 { 0, 0, 0, 0, 0 }, 290 }; 291 292 293 typedef struct if_config_cmd { 294 uint64_t iff_flag; 295 char *iff_name; 296 } if_config_cmd_t; 297 298 static if_config_cmd_t if_config_cmd_tbl[] = { 299 { IFF_UP, "up" }, 300 { IFF_NOTRAILERS, "-trailers" }, 301 { IFF_PRIVATE, "private" }, 302 { IFF_NOXMIT, "-xmit" }, 303 { IFF_ANYCAST, "anycast" }, 304 { IFF_NOLOCAL, "-local" }, 305 { IFF_DEPRECATED, "deprecated" }, 306 { IFF_NOFAILOVER, "-failover" }, 307 { IFF_STANDBY, "standby" }, 308 { IFF_FAILED, "failed" }, 309 { IFF_PREFERRED, "preferred" }, 310 { 0, 0 }, 311 }; 312 313 typedef struct ni { 314 char ni_name[LIFNAMSIZ]; 315 struct ni *ni_next; 316 } ni_t; 317 318 static ni_t *ni_list = NULL; 319 static int num_ni = 0; 320 321 /* End defines and structure definitions for ifconfig -a plumb */ 322 323 /* Known address families */ 324 struct afswtch { 325 char *af_name; 326 short af_af; 327 void (*af_status)(); 328 void (*af_getaddr)(); 329 void (*af_configinfo)(); 330 } afs[] = { 331 { "inet", AF_INET, in_status, in_getaddr, in_configinfo }, 332 { "inet6", AF_INET6, in6_status, in6_getaddr, in6_configinfo }, 333 { 0, 0, 0, 0, 0 } 334 }; 335 336 #define SOCKET_AF(af) (((af) == AF_UNSPEC) ? AF_INET : (af)) 337 338 struct afswtch *afp; /* the address family being set or asked about */ 339 340 int 341 main(int argc, char *argv[]) 342 { 343 /* Include IFF_NOXMIT, IFF_TEMPORARY and all zone interfaces */ 344 int64_t lifc_flags = LIFC_NOXMIT | LIFC_TEMPORARY | LIFC_ALLZONES; 345 char *default_ip_str; 346 347 if (argc < 2) { 348 usage(); 349 exit(1); 350 } 351 argc--, argv++; 352 if (strlen(*argv) > sizeof (name) - 1) { 353 (void) fprintf(stderr, "%s: interface name too long\n", *argv); 354 exit(1); 355 } 356 (void) strncpy(name, *argv, sizeof (name)); 357 name[sizeof (name) - 1] = '\0'; 358 (void) strncpy(origname, name, sizeof (origname)); /* For addif */ 359 default_ip_str = NULL; 360 v4compat = get_compat_flag(&default_ip_str); 361 if (v4compat == DEFAULT_PROT_BAD_VALUE) { 362 (void) fprintf(stderr, 363 "ifconfig: %s: Bad value for %s in %s\n", default_ip_str, 364 DEFAULT_IP, INET_DEFAULT_FILE); 365 free(default_ip_str); 366 exit(2); 367 } 368 free(default_ip_str); 369 argc--, argv++; 370 if (argc > 0) { 371 struct afswtch *myafp; 372 373 for (myafp = afp = afs; myafp->af_name; myafp++) { 374 if (strcmp(myafp->af_name, *argv) == 0) { 375 afp = myafp; argc--; argv++; 376 break; 377 } 378 } 379 af = lifr.lifr_addr.ss_family = afp->af_af; 380 if (af == AF_INET6) { 381 v4compat = 0; 382 } 383 } 384 385 s = socket(SOCKET_AF(af), SOCK_DGRAM, 0); 386 if (s < 0) { 387 Perror0_exit("socket"); 388 } 389 390 /* 391 * Special interface names is any combination of these flags. 392 * Note that due to the ifconfig syntax they have to be combined 393 * as a single '-' option. 394 * -a All interfaces 395 * -u "up" interfaces 396 * -d "down" interfaces 397 * -D Interfaces not controlled by DHCP 398 * -4 IPv4 interfaces 399 * -6 IPv6 interfaces 400 * -X Turn on debug (not documented) 401 * -v Turn on verbose 402 * -Z Only interfaces in caller's zone 403 */ 404 405 if (name[0] == '-') { 406 /* One or more options */ 407 int64_t onflags = 0; 408 int64_t offflags = 0; 409 int c; 410 char *av[2] = { "ifconfig", name }; 411 412 while ((c = getopt(2, av, "audDXZ46v")) != -1) { 413 switch ((char)c) { 414 case 'a': 415 all = 1; 416 break; 417 case 'u': 418 onflags |= IFF_UP; 419 break; 420 case 'd': 421 offflags |= IFF_UP; 422 break; 423 case 'D': 424 offflags |= IFF_DHCPRUNNING; 425 break; 426 case 'X': 427 debug += 3; 428 break; 429 case 'Z': 430 lifc_flags &= ~LIFC_ALLZONES; 431 break; 432 case '4': 433 /* 434 * -4 is not a compatable flag, therefore 435 * we assume they want v4compat turned off 436 */ 437 v4compat = 0; 438 onflags |= IFF_IPV4; 439 break; 440 case '6': 441 /* 442 * If they want IPv6, well then we'll assume 443 * they don't want IPv4 compat 444 */ 445 v4compat = 0; 446 onflags |= IFF_IPV6; 447 break; 448 case 'v': 449 verbose = 1; 450 break; 451 case '?': 452 usage(); 453 exit(1); 454 } 455 } 456 if (!all) { 457 (void) fprintf(stderr, 458 "ifconfig: %s: no such interface\n", 459 name); 460 exit(1); 461 } 462 foreachinterface(ifconfig, argc, argv, af, onflags, offflags, 463 lifc_flags); 464 } else { 465 ifconfig(argc, argv, af, (struct lifreq *)NULL); 466 } 467 return (0); 468 } 469 470 /* 471 * For each interface, call (*func)(argc, argv, af, lifrp). 472 * Only call function if onflags and offflags are set or clear, respectively, 473 * in the interfaces flags field. 474 */ 475 static void 476 foreachinterface(void (*func)(), int argc, char *argv[], int af, 477 int64_t onflags, int64_t offflags, int64_t lifc_flags) 478 { 479 int n; 480 char *buf; 481 struct lifnum lifn; 482 struct lifconf lifc; 483 struct lifreq *lifrp; 484 struct lifreq lifrl; /* Local lifreq struct */ 485 int numifs; 486 unsigned bufsize; 487 ni_t *nip; 488 int plumball = 0; 489 int save_af = af; 490 491 /* 492 * Special case: 493 * ifconfig -a plumb should find all network interfaces 494 * in the machine by traversing the devinfo tree. 495 * Also, there is no need to SIOCGLIF* ioctls, since 496 * those interfaces have already been plumbed 497 */ 498 if (argc > 0 && (strcmp(*argv, "plumb") == 0)) { 499 /* 500 * Look through the kernel's devinfo tree for 501 * network devices 502 */ 503 di_node_t root; 504 505 /* 506 * DINFOCACHE is equivalent to DINFOSUBTREE | DINFOMINOR | 507 * DINFOPROP | DINFOFORCE. 508 */ 509 if ((root = di_init("/", DINFOCACHE)) == DI_NODE_NIL) { 510 (void) fprintf(stderr, "ifconfig: di_init failed;" 511 " check the devinfo driver.\n"); 512 exit(1); 513 } 514 515 (void) di_walk_minor(root, DDI_NT_NET, DI_CHECK_ALIAS, NULL, 516 devfs_entry); 517 di_fini(root); 518 519 /* 520 * Now, translate the linked list into 521 * a struct lifreq buffer 522 */ 523 bufsize = num_ni * sizeof (struct lifreq); 524 if ((buf = malloc(bufsize)) == NULL) 525 Perror0_exit("foreachinterface: malloc failed"); 526 527 lifc.lifc_family = AF_UNSPEC; 528 lifc.lifc_flags = lifc_flags; 529 lifc.lifc_len = bufsize; 530 lifc.lifc_buf = buf; 531 532 for (n = 0, lifrp = lifc.lifc_req; n < num_ni; n++, lifrp++) { 533 nip = ni_list; 534 (void) strncpy(lifrp->lifr_name, nip->ni_name, 535 sizeof (lifr.lifr_name)); 536 ni_list = nip->ni_next; 537 free(nip); 538 } 539 540 plumball = 1; 541 } else { 542 lifn.lifn_family = AF_UNSPEC; 543 lifn.lifn_flags = lifc_flags; 544 if (ioctl(s, SIOCGLIFNUM, (char *)&lifn) < 0) { 545 Perror0_exit("Could not determine number" 546 " of interfaces"); 547 } 548 numifs = lifn.lifn_count; 549 if (debug) 550 (void) printf("ifconfig: %d interfaces\n", numifs); 551 552 bufsize = numifs * sizeof (struct lifreq); 553 if ((buf = malloc(bufsize)) == NULL) { 554 Perror0("out of memory\n"); 555 (void) close(s); 556 return; 557 } 558 559 lifc.lifc_family = AF_UNSPEC; 560 lifc.lifc_flags = lifc_flags; 561 lifc.lifc_len = bufsize; 562 lifc.lifc_buf = buf; 563 564 if (ioctl(s, SIOCGLIFCONF, (char *)&lifc) < 0) { 565 Perror0("SIOCGLIFCONF"); 566 (void) close(s); 567 free(buf); 568 return; 569 } 570 } 571 572 lifrp = lifc.lifc_req; 573 for (n = lifc.lifc_len / sizeof (struct lifreq); n > 0; n--, lifrp++) { 574 575 if (!plumball) { 576 /* 577 * We must close and recreate the socket each time 578 * since we don't know what type of socket it is now 579 * (each status function may change it). 580 */ 581 582 (void) close(s); 583 584 af = lifrp->lifr_addr.ss_family; 585 s = socket(SOCKET_AF(af), SOCK_DGRAM, 0); 586 if (s == -1) { 587 /* 588 * Perror0() assumes the name to be in the 589 * globally defined lifreq structure. 590 */ 591 (void) strncpy(lifr.lifr_name, 592 lifrp->lifr_name, sizeof (lifr.lifr_name)); 593 Perror0_exit("socket"); 594 } 595 } 596 597 /* 598 * Only service interfaces that match the on and off 599 * flags masks. 600 */ 601 if (onflags || offflags) { 602 (void) memset(&lifrl, 0, sizeof (lifrl)); 603 (void) strncpy(lifrl.lifr_name, lifrp->lifr_name, 604 sizeof (lifrl.lifr_name)); 605 if (ioctl(s, SIOCGLIFFLAGS, (caddr_t)&lifrl) < 0) { 606 /* 607 * Perror0() assumes the name to be in the 608 * globally defined lifreq structure. 609 */ 610 (void) strncpy(lifr.lifr_name, 611 lifrp->lifr_name, sizeof (lifr.lifr_name)); 612 Perror0_exit("foreachinterface: SIOCGLIFFLAGS"); 613 } 614 if ((lifrl.lifr_flags & onflags) != onflags) 615 continue; 616 if ((~lifrl.lifr_flags & offflags) != offflags) 617 continue; 618 } 619 620 if (!plumball) { 621 (void) strncpy(lifrl.lifr_name, lifrp->lifr_name, 622 sizeof (lifrl.lifr_name)); 623 if (ioctl(s, SIOCGLIFADDR, (caddr_t)&lifrl) < 0) { 624 /* 625 * Perror0() assumes the name to be in the 626 * globally defined lifreq structure. 627 */ 628 (void) strncpy(lifr.lifr_name, 629 lifrp->lifr_name, sizeof (lifr.lifr_name)); 630 Perror0("foreachinterface: SIOCGLIFADDR"); 631 continue; 632 } 633 if (lifrl.lifr_addr.ss_family != af) { 634 /* Switch address family */ 635 af = lifrl.lifr_addr.ss_family; 636 (void) close(s); 637 638 s = socket(SOCKET_AF(af), SOCK_DGRAM, 0); 639 if (s == -1) { 640 /* 641 * Perror0() assumes the name to be in 642 * the globally defined lifreq 643 * structure. 644 */ 645 (void) strncpy(lifr.lifr_name, 646 lifrp->lifr_name, 647 sizeof (lifr.lifr_name)); 648 Perror0_exit("socket"); 649 } 650 } 651 } 652 653 /* 654 * Reset global state 655 * setaddr: Used by parser to tear apart source and dest 656 * name and origname contain the name of the 'current' 657 * interface. 658 */ 659 setaddr = 0; 660 (void) strncpy(name, lifrp->lifr_name, sizeof (name)); 661 (void) strncpy(origname, name, sizeof (origname)); 662 663 (*func)(argc, argv, save_af, lifrp); 664 /* the func could have overwritten origname, so restore */ 665 (void) strncpy(name, origname, sizeof (name)); 666 } 667 free(buf); 668 } 669 670 static void 671 tun_reality_check(void) 672 { 673 struct iftun_req treq; 674 ipsec_req_t *ipsr; 675 676 (void) strncpy(treq.ifta_lifr_name, name, sizeof (treq.ifta_lifr_name)); 677 if (strchr(name, ':') != NULL) { 678 /* Return, we don't need to check. */ 679 return; 680 } 681 if (ioctl(s, SIOCGTUNPARAM, (caddr_t)&treq) < 0 || 682 (treq.ifta_flags & IFTUN_SECURITY) == 0) { 683 /* 684 * Either not a tunnel (the SIOCGTUNPARAM fails on 685 * non-tunnels), or the security flag is not set. Either 686 * way, return. 687 */ 688 return; 689 } 690 691 ipsr = (ipsec_req_t *)&treq.ifta_secinfo; 692 693 if (ipsr->ipsr_esp_req != 0 && 694 ipsr->ipsr_esp_auth_alg == SADB_AALG_NONE && 695 ipsr->ipsr_ah_req == 0) 696 (void) fprintf(stderr, "ifconfig: WARNING - tunnel with " 697 "only ESP and potentially no authentication.\n"); 698 } 699 700 /* 701 * for the specified interface call (*func)(argc, argv, af, lifrp). 702 */ 703 704 static void 705 ifconfig(int argc, char *argv[], int af, struct lifreq *lifrp) 706 { 707 static boolean_t scan_netmask = _B_FALSE; 708 int ret; 709 710 if (argc == 0) { 711 status(); 712 return; 713 } 714 715 if (strcmp(*argv, "auto-dhcp") == 0 || strcmp(*argv, "dhcp") == 0) { 716 /* 717 * Some errors are ignored in the case where more than one 718 * interface is being operated on. 719 */ 720 ret = setifdhcp("ifconfig", name, argc, argv); 721 if (ret == DHCP_EXIT_IF_FAILURE) { 722 if (!all) 723 exit(DHCP_EXIT_FAILURE); 724 } else if (ret != DHCP_EXIT_SUCCESS) { 725 exit(ret); 726 } 727 return; 728 } 729 730 /* 731 * The following is a "hack" to get around the existing interface 732 * setting mechanism. Currently, each interface attribute, 733 * such as address, netmask, broadcast, ... is set separately. But 734 * sometimes two or more attributes must be set together. For 735 * example, setting an address without a netmask does not make sense. 736 * Yet they can be set separately for IPv4 address using the current 737 * ifconfig(1M) syntax. The kernel then "infers" the correct netmask 738 * using the deprecated "IP address classes." This is simply not 739 * correct. 740 * 741 * The "hack" below is to go thru the whole command list looking for 742 * the netmask command first. Then use this netmask to set the 743 * address. This does not provide an extensible way to accommodate 744 * future need for setting more than one attributes together. 745 * 746 * Note that if the "netmask" command argument is a "+", we need 747 * to save this info and do the query after we know the address to 748 * be set. The reason is that if "addif" is used, the working 749 * interface name will be changed later when the logical interface 750 * is created. In in_getmask(), if an address is not provided, 751 * it will use the working interface's address to do the query. 752 * It will be wrong now as we don't know the logical interface's name. 753 * 754 * ifconfig(1M) is too overloaded and the code is so convoluted 755 * that it is "safer" not to re-architect the code to fix the above 756 * issue, hence this "hack." We may be better off to have a new 757 * command with better syntax for configuring network interface 758 * parameters... 759 */ 760 if (!scan_netmask && afp->af_af == AF_INET) { 761 int largc; 762 char **largv; 763 764 /* Only go thru the command list once to find the netmask. */ 765 scan_netmask = _B_TRUE; 766 767 /* 768 * Currently, if multiple netmask commands are specified, the 769 * last one will be used as the final netmask. So we need 770 * to scan the whole list to preserve this behavior. 771 */ 772 for (largc = argc, largv = argv; largc > 0; largc--, largv++) { 773 if (strcmp(*largv, NETMASK_CMD) == 0) { 774 if (--largc == 0) 775 break; 776 largv++; 777 if (strcmp(*largv, "+") == 0) { 778 g_netmask_set = G_NETMASK_PENDING; 779 } else { 780 in_getaddr(*largv, (struct sockaddr *) 781 &g_netmask, NULL); 782 g_netmask_set = G_NETMASK_SET; 783 } 784 /* Continue the scan. */ 785 } 786 } 787 } 788 789 while (argc > 0) { 790 struct cmd *p; 791 boolean_t found_cmd; 792 793 if (debug) 794 (void) printf("ifconfig: argv %s\n", *argv); 795 796 found_cmd = _B_FALSE; 797 for (p = cmds; p->c_func; p++) { 798 if (p->c_name) { 799 if (strcmp(*argv, p->c_name) == 0) { 800 /* 801 * indicate that the command was 802 * found and check to see if 803 * the address family is valid 804 */ 805 found_cmd = _B_TRUE; 806 if (p->c_af == AF_ANY || 807 af == p->c_af) 808 break; 809 } 810 } else { 811 if (p->c_af == AF_ANY || 812 af == p->c_af) 813 break; 814 } 815 } 816 /* 817 * If we found the keyword, but the address family 818 * did not match spit out an error 819 */ 820 if (found_cmd && p->c_name == 0) { 821 (void) fprintf(stderr, "ifconfig: Operation %s not" 822 " supported for %s\n", *argv, afp->af_name); 823 exit(1); 824 } 825 /* 826 * else (no keyword found), we assume it's an address 827 * of some sort 828 */ 829 if (p->c_name == 0 && setaddr) 830 p++; /* got src, do dst */ 831 if (p->c_func) { 832 if (p->c_af == AF_INET6) { 833 v4compat = 0; 834 } 835 if (p->c_parameter == NEXTARG || 836 p->c_parameter == OPTARG) { 837 argc--, argv++; 838 if (argc == 0 && p->c_parameter == NEXTARG) { 839 (void) fprintf(stderr, 840 "ifconfig: no argument for %s\n", 841 p->c_name); 842 exit(1); 843 } 844 } 845 /* 846 * Call the function if: 847 * 848 * there's no address family 849 * restriction 850 * OR 851 * we don't know the address yet 852 * (because we were called from 853 * main) 854 * OR 855 * there is a restriction AND 856 * the address families match 857 */ 858 if ((p->c_af == AF_ANY) || 859 (lifrp == (struct lifreq *)NULL) || 860 (lifrp->lifr_addr.ss_family == p->c_af)) { 861 ret = (*p->c_func)(*argv, p->c_parameter); 862 /* 863 * If c_func failed and we should 864 * abort processing for this 865 * interface on failure, return 866 * now rather than going on to 867 * process other commands for 868 * the same interface. 869 */ 870 if (ret != 0 && p->c_abortonfail) 871 return; 872 } 873 } 874 argc--, argv++; 875 } 876 877 /* Check to see if there's a security hole in the tunnel setup. */ 878 tun_reality_check(); 879 } 880 881 /* ARGSUSED */ 882 static int 883 setdebugflag(char *val, int64_t arg) 884 { 885 debug++; 886 return (0); 887 } 888 889 /* ARGSUSED */ 890 static int 891 setverboseflag(char *val, int64_t arg) 892 { 893 verbose++; 894 return (0); 895 } 896 897 /* 898 * This function fills in the given lifreq's lifr_addr field based on 899 * g_netmask_set. 900 */ 901 static void 902 set_mask_lifreq(struct lifreq *lifr, struct sockaddr_storage *addr, 903 struct sockaddr_storage *mask) 904 { 905 assert(addr != NULL); 906 assert(mask != NULL); 907 908 switch (g_netmask_set) { 909 case G_NETMASK_SET: 910 lifr->lifr_addr = g_netmask; 911 break; 912 913 case G_NETMASK_PENDING: 914 /* 915 * "+" is used as the argument to "netmask" command. Query 916 * the database on the correct netmask based on the address to 917 * be set. 918 */ 919 assert(afp->af_af == AF_INET); 920 g_netmask = *addr; 921 if (!in_getmask((struct sockaddr_in *)&g_netmask, _B_TRUE)) { 922 lifr->lifr_addr = *mask; 923 g_netmask_set = G_NETMASK_NIL; 924 } else { 925 lifr->lifr_addr = g_netmask; 926 g_netmask_set = G_NETMASK_SET; 927 } 928 break; 929 930 case G_NETMASK_NIL: 931 default: 932 lifr->lifr_addr = *mask; 933 break; 934 } 935 } 936 937 /* 938 * Set the interface address. Handles <addr>, <addr>/<n> as well as /<n> 939 * syntax for setting the address, the address plus netmask, and just 940 * the netmask respectively. 941 */ 942 /* ARGSUSED */ 943 static int 944 setifaddr(char *addr, int64_t param) 945 { 946 int prefixlen = 0; 947 struct sockaddr_storage laddr; 948 struct sockaddr_storage netmask; 949 struct sockaddr_in6 *sin6; 950 struct sockaddr_in *sin; 951 struct sockaddr_storage sav_netmask; 952 953 if (addr[0] == '/') 954 return (setifprefixlen(addr, 0)); 955 956 (*afp->af_getaddr)(addr, (struct sockaddr *)&laddr, &prefixlen); 957 958 (void) memset(&netmask, 0, sizeof (netmask)); 959 netmask.ss_family = afp->af_af; 960 switch (prefixlen) { 961 case NO_PREFIX: 962 /* Nothing there - ok */ 963 break; 964 case BAD_ADDR: 965 (void) fprintf(stderr, "ifconfig: Bad prefix length in %s\n", 966 addr); 967 exit(1); 968 default: 969 if (afp->af_af == AF_INET6) { 970 sin6 = (struct sockaddr_in6 *)&netmask; 971 if (!in_prefixlentomask(prefixlen, IPV6_ABITS, 972 (uchar_t *)&sin6->sin6_addr)) { 973 (void) fprintf(stderr, "ifconfig: " 974 "Bad prefix length: %d\n", 975 prefixlen); 976 exit(1); 977 } 978 } else { 979 sin = (struct sockaddr_in *)&netmask; 980 if (!in_prefixlentomask(prefixlen, IP_ABITS, 981 (uchar_t *)&sin->sin_addr)) { 982 (void) fprintf(stderr, "ifconfig: " 983 "Bad prefix length: %d\n", 984 prefixlen); 985 exit(1); 986 } 987 } 988 /* 989 * Just in case of funny setting of both prefix and netmask, 990 * prefix should override the netmask command. 991 */ 992 g_netmask_set = G_NETMASK_NIL; 993 break; 994 } 995 /* Tell parser that an address was set */ 996 setaddr++; 997 /* save copy of netmask to restore in case of error */ 998 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 999 if (ioctl(s, SIOCGLIFNETMASK, (caddr_t)&lifr) < 0) 1000 Perror0_exit("SIOCGLIFNETMASK"); 1001 sav_netmask = lifr.lifr_addr; 1002 1003 /* 1004 * If setting the address and not the mask, clear any existing mask 1005 * and the kernel will then assign the default (netmask has been set 1006 * to 0 in this case). If setting both (either by using a prefix or 1007 * using the netmask command), set the mask first, so the address will 1008 * be interpreted correctly. 1009 */ 1010 set_mask_lifreq(&lifr, &laddr, &netmask); 1011 if (ioctl(s, SIOCSLIFNETMASK, (caddr_t)&lifr) < 0) 1012 Perror0_exit("SIOCSLIFNETMASK"); 1013 1014 if (debug) { 1015 char abuf[INET6_ADDRSTRLEN]; 1016 void *addr = (afp->af_af == AF_INET) ? 1017 (void *)&((struct sockaddr_in *)&laddr)->sin_addr : 1018 (void *)&((struct sockaddr_in6 *)&laddr)->sin6_addr; 1019 1020 (void) printf("Setting %s af %d addr %s\n", 1021 lifr.lifr_name, afp->af_af, 1022 inet_ntop(afp->af_af, addr, abuf, sizeof (abuf))); 1023 } 1024 lifr.lifr_addr = laddr; 1025 lifr.lifr_addr.ss_family = afp->af_af; 1026 if (ioctl(s, SIOCSLIFADDR, (caddr_t)&lifr) < 0) { 1027 /* 1028 * Restore the netmask 1029 */ 1030 int saverr = errno; 1031 1032 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1033 lifr.lifr_addr = sav_netmask; 1034 (void) ioctl(s, SIOCSLIFNETMASK, (caddr_t)&lifr); 1035 errno = saverr; 1036 Perror0_exit("SIOCSLIFADDR"); 1037 } 1038 1039 return (0); 1040 } 1041 1042 /* 1043 * The following functions are stolen from the ipseckey(1m) program. 1044 * Perhaps they should be somewhere common, but for now, we just maintain 1045 * two versions. We do this because of the different semantics for which 1046 * algorithms we select ("requested" for ifconfig vs. "actual" for key). 1047 */ 1048 1049 static ulong_t 1050 parsenum(char *num) 1051 { 1052 ulong_t rc; 1053 char *end = NULL; 1054 1055 errno = 0; 1056 rc = strtoul(num, &end, 0); 1057 if (errno != 0 || end == num || *end != '\0') { 1058 rc = (ulong_t)-1; 1059 } 1060 1061 return (rc); 1062 } 1063 1064 /* 1065 * Parse and reverse parse possible algorithm values, include numbers. 1066 * Mostly stolen from ipseckey.c. See the comments above parsenum() for why 1067 * this isn't common to ipseckey.c. 1068 * 1069 * NOTE: Static buffer in this function for the return value. Since ifconfig 1070 * isn't multithreaded, this isn't a huge problem. 1071 */ 1072 1073 #define NBUF_SIZE 20 /* Enough to print a large integer. */ 1074 1075 static char * 1076 rparsealg(uint8_t alg_value, int proto_num) 1077 { 1078 struct ipsecalgent *alg; 1079 static char numprint[128]; /* Enough to hold an algorithm name. */ 1080 1081 /* Special-case 0 to return "<any-none>" */ 1082 if (alg_value == 0) 1083 return ("<any-none>"); 1084 1085 alg = getipsecalgbynum(alg_value, proto_num, NULL); 1086 if (alg != NULL) { 1087 (void) strlcpy(numprint, alg->a_names[0], sizeof (numprint)); 1088 freeipsecalgent(alg); 1089 } else { 1090 (void) snprintf(numprint, sizeof (numprint), "%d", alg_value); 1091 } 1092 1093 return (numprint); 1094 } 1095 1096 static uint_t 1097 parsealg(char *algname, int proto_num) 1098 { 1099 struct ipsecalgent *alg; 1100 ulong_t invalue; 1101 1102 if (algname == NULL) { 1103 (void) fprintf(stderr, "ifconfig: Unexpected end of command " 1104 "line.\n"); 1105 exit(1); 1106 } 1107 1108 /* 1109 * Special-case "none". Use strcasecmp because its length is 1110 * bound. 1111 */ 1112 if (strcasecmp("none", algname) == 0) { 1113 return ((proto_num == IPSEC_PROTO_ESP) ? 1114 NO_ESP_EALG : NO_ESP_AALG); 1115 } 1116 1117 alg = getipsecalgbyname(algname, proto_num, NULL); 1118 if (alg != NULL) { 1119 invalue = alg->a_alg_num; 1120 freeipsecalgent(alg); 1121 return ((uint_t)invalue); 1122 } 1123 1124 /* 1125 * Since algorithms can be loaded during kernel run-time, check for 1126 * numeric algorithm values too. 1127 */ 1128 invalue = parsenum(algname); 1129 if ((invalue & (ulong_t)0xff) == invalue) 1130 return ((uint_t)invalue); 1131 1132 (void) fprintf(stderr, "ifconfig: %s algorithm type %s unknown.\n", 1133 (proto_num == IPSEC_PROTO_ESP) ? 1134 "Encryption" : "Authentication", algname); 1135 exit(1); 1136 /* NOTREACHED */ 1137 } 1138 1139 /* 1140 * Actual ifconfig functions to set tunnel security properties. 1141 */ 1142 1143 enum ipsec_alg_type { ESP_ENCR_ALG = 1, ESP_AUTH_ALG, AH_AUTH_ALG }; 1144 1145 boolean_t first_set_tun = _B_TRUE; 1146 boolean_t encr_alg_set = _B_FALSE; 1147 1148 static int 1149 set_tun_algs(int which_alg, int alg) 1150 { 1151 struct iftun_req treq; 1152 ipsec_req_t *ipsr; 1153 1154 (void) strncpy(treq.ifta_lifr_name, name, sizeof (treq.ifta_lifr_name)); 1155 if (strchr(name, ':') != NULL) { 1156 errno = EPERM; 1157 Perror0_exit("Tunnel params on logical interfaces"); 1158 } 1159 if (ioctl(s, SIOCGTUNPARAM, (caddr_t)&treq) < 0) { 1160 if (errno == EOPNOTSUPP || errno == EINVAL) 1161 Perror0_exit("Not a tunnel"); 1162 else Perror0_exit("SIOCGTUNPARAM"); 1163 } 1164 1165 ipsr = (ipsec_req_t *)&treq.ifta_secinfo; 1166 1167 if (treq.ifta_vers != IFTUN_VERSION) { 1168 (void) fprintf(stderr, 1169 "Kernel tunnel secinfo version mismatch.\n"); 1170 exit(1); 1171 } 1172 1173 /* 1174 * If I'm just starting off this ifconfig, I want a clean slate, 1175 * otherwise, I've captured the current tunnel security settings. 1176 * In the case of continuation, I merely add to the settings. 1177 */ 1178 if (first_set_tun) { 1179 first_set_tun = _B_FALSE; 1180 (void) memset(ipsr, 0, sizeof (*ipsr)); 1181 } 1182 1183 treq.ifta_flags = IFTUN_SECURITY; 1184 1185 switch (which_alg) { 1186 case ESP_ENCR_ALG: 1187 if (alg == NO_ESP_EALG) { 1188 if (ipsr->ipsr_esp_auth_alg == SADB_AALG_NONE) 1189 ipsr->ipsr_esp_req = 0; 1190 ipsr->ipsr_esp_alg = SADB_EALG_NONE; 1191 } else { 1192 encr_alg_set = _B_TRUE; 1193 ipsr->ipsr_esp_req = 1194 IPSEC_PREF_REQUIRED | IPSEC_PREF_UNIQUE; 1195 ipsr->ipsr_esp_alg = alg; 1196 } 1197 break; 1198 case ESP_AUTH_ALG: 1199 if (alg == NO_ESP_AALG) { 1200 if (ipsr->ipsr_esp_alg == SADB_EALG_NONE || 1201 ipsr->ipsr_esp_alg == SADB_EALG_NULL) 1202 ipsr->ipsr_esp_req = 0; 1203 ipsr->ipsr_esp_auth_alg = SADB_AALG_NONE; 1204 } else { 1205 ipsr->ipsr_esp_req = 1206 IPSEC_PREF_REQUIRED | IPSEC_PREF_UNIQUE; 1207 ipsr->ipsr_esp_auth_alg = alg; 1208 1209 /* Let the user specify NULL encryption implicitly. */ 1210 if (ipsr->ipsr_esp_alg == SADB_EALG_NONE && 1211 !encr_alg_set) 1212 ipsr->ipsr_esp_alg = SADB_EALG_NULL; 1213 } 1214 break; 1215 case AH_AUTH_ALG: 1216 if (alg == NO_AH_AALG) { 1217 ipsr->ipsr_ah_req = 0; 1218 ipsr->ipsr_auth_alg = SADB_AALG_NONE; 1219 } else { 1220 ipsr->ipsr_ah_req = 1221 IPSEC_PREF_REQUIRED | IPSEC_PREF_UNIQUE; 1222 ipsr->ipsr_auth_alg = alg; 1223 } 1224 break; 1225 /* Will never hit DEFAULT */ 1226 } 1227 1228 if (ioctl(s, SIOCSTUNPARAM, (caddr_t)&treq) < 0) { 1229 Perror2_exit("set tunnel security properties", 1230 treq.ifta_lifr_name); 1231 } 1232 1233 return (0); 1234 } 1235 1236 /* ARGSUSED */ 1237 static int 1238 set_tun_esp_encr_alg(char *addr, int64_t param) 1239 { 1240 return (set_tun_algs(ESP_ENCR_ALG, 1241 parsealg(addr, IPSEC_PROTO_ESP))); 1242 } 1243 1244 /* ARGSUSED */ 1245 static int 1246 set_tun_esp_auth_alg(char *addr, int64_t param) 1247 { 1248 return (set_tun_algs(ESP_AUTH_ALG, 1249 parsealg(addr, IPSEC_PROTO_AH))); 1250 } 1251 1252 /* ARGSUSED */ 1253 static int 1254 set_tun_ah_alg(char *addr, int64_t param) 1255 { 1256 return (set_tun_algs(AH_AUTH_ALG, 1257 parsealg(addr, IPSEC_PROTO_AH))); 1258 } 1259 1260 /* ARGSUSED */ 1261 static int 1262 setifrevarp(char *arg, int64_t param) 1263 { 1264 struct sockaddr_in laddr; 1265 1266 if (afp->af_af == AF_INET6) { 1267 (void) fprintf(stderr, 1268 "ifconfig: revarp not possible on IPv6 interface %s\n", 1269 name); 1270 exit(1); 1271 } 1272 if (doifrevarp(name, &laddr)) { 1273 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1274 laddr.sin_family = AF_INET; 1275 (void) memcpy(&lifr.lifr_addr, &laddr, sizeof (laddr)); 1276 if (ioctl(s, SIOCSLIFADDR, (caddr_t)&lifr) < 0) 1277 Perror0_exit("SIOCSLIFADDR"); 1278 } 1279 return (0); 1280 } 1281 1282 /* ARGSUSED */ 1283 static int 1284 setifsubnet(char *addr, int64_t param) 1285 { 1286 int prefixlen = 0; 1287 struct sockaddr_storage subnet; 1288 1289 (*afp->af_getaddr)(addr, &subnet, &prefixlen); 1290 1291 switch (prefixlen) { 1292 case NO_PREFIX: 1293 (void) fprintf(stderr, 1294 "ifconfig: Missing prefix length in subnet %s\n", addr); 1295 exit(1); 1296 /* NOTREACHED */ 1297 case BAD_ADDR: 1298 (void) fprintf(stderr, 1299 "ifconfig: Bad prefix length in %s\n", addr); 1300 exit(1); 1301 default: 1302 break; 1303 } 1304 1305 lifr.lifr_addr = subnet; 1306 lifr.lifr_addrlen = prefixlen; 1307 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1308 if (ioctl(s, SIOCSLIFSUBNET, (caddr_t)&lifr) < 0) 1309 Perror0_exit("SIOCSLIFSUBNET"); 1310 1311 return (0); 1312 } 1313 1314 /* ARGSUSED */ 1315 static int 1316 setifnetmask(char *addr, int64_t param) 1317 { 1318 struct sockaddr_in netmask; 1319 1320 assert(afp->af_af != AF_INET6); 1321 1322 if (strcmp(addr, "+") == 0) { 1323 if (!in_getmask(&netmask, _B_FALSE)) 1324 return (0); 1325 (void) printf("Setting netmask of %s to %s\n", name, 1326 inet_ntoa(netmask.sin_addr)); 1327 } else { 1328 in_getaddr(addr, (struct sockaddr *)&netmask, NULL); 1329 } 1330 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1331 (void) memcpy(&lifr.lifr_addr, &netmask, sizeof (netmask)); 1332 if (ioctl(s, SIOCSLIFNETMASK, (caddr_t)&lifr) < 0) 1333 Perror0_exit("SIOCSLIFNETMASK"); 1334 return (0); 1335 } 1336 1337 /* 1338 * Parse '/<n>' as a netmask. 1339 */ 1340 /* ARGSUSED */ 1341 static int 1342 setifprefixlen(char *addr, int64_t param) 1343 { 1344 int prefixlen; 1345 int af = afp->af_af; 1346 1347 prefixlen = in_getprefixlen(addr, _B_TRUE, 1348 (af == AF_INET) ? IP_ABITS : IPV6_ABITS); 1349 if (prefixlen < 0) { 1350 (void) fprintf(stderr, 1351 "ifconfig: Bad prefix length in %s\n", addr); 1352 exit(1); 1353 } 1354 (void) memset(&lifr.lifr_addr, 0, sizeof (lifr.lifr_addr)); 1355 lifr.lifr_addr.ss_family = af; 1356 if (af == AF_INET6) { 1357 struct sockaddr_in6 *sin6; 1358 1359 sin6 = (struct sockaddr_in6 *)&lifr.lifr_addr; 1360 if (!in_prefixlentomask(prefixlen, IPV6_ABITS, 1361 (uchar_t *)&sin6->sin6_addr)) { 1362 (void) fprintf(stderr, "ifconfig: " 1363 "Bad prefix length: %d\n", 1364 prefixlen); 1365 exit(1); 1366 } 1367 } else if (af == AF_INET) { 1368 struct sockaddr_in *sin; 1369 1370 sin = (struct sockaddr_in *)&lifr.lifr_addr; 1371 if (!in_prefixlentomask(prefixlen, IP_ABITS, 1372 (uchar_t *)&sin->sin_addr)) { 1373 (void) fprintf(stderr, "ifconfig: " 1374 "Bad prefix length: %d\n", 1375 prefixlen); 1376 exit(1); 1377 } 1378 } else { 1379 (void) fprintf(stderr, "ifconfig: setting prefix only supported" 1380 " for address family inet or inet6\n"); 1381 exit(1); 1382 } 1383 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1384 if (ioctl(s, SIOCSLIFNETMASK, (caddr_t)&lifr) < 0) 1385 Perror0_exit("SIOCSLIFNETMASK"); 1386 return (0); 1387 } 1388 1389 /* ARGSUSED */ 1390 static int 1391 setifbroadaddr(char *addr, int64_t param) 1392 { 1393 struct sockaddr_in broadaddr; 1394 1395 assert(afp->af_af != AF_INET6); 1396 1397 if (strcmp(addr, "+") == 0) { 1398 /* 1399 * This doesn't set the broadcast address at all. Rather, it 1400 * gets, then sets the interface's address, relying on the fact 1401 * that resetting the address will reset the broadcast address. 1402 */ 1403 (void) strncpy(lifr.lifr_name, name, 1404 sizeof (lifr.lifr_name)); 1405 if (ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr) < 0) { 1406 if (errno != EADDRNOTAVAIL) 1407 Perror0_exit("SIOCGLIFADDR"); 1408 return (0); 1409 } 1410 if (ioctl(s, SIOCSLIFADDR, (caddr_t)&lifr) < 0) 1411 Perror0_exit("SIOCGLIFADDR"); 1412 1413 return (0); 1414 } 1415 in_getaddr(addr, (struct sockaddr *)&broadaddr, NULL); 1416 1417 (void) memcpy(&lifr.lifr_addr, &broadaddr, sizeof (broadaddr)); 1418 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1419 if (ioctl(s, SIOCSLIFBRDADDR, (caddr_t)&lifr) < 0) 1420 Perror0_exit("SIOCSLIFBRDADDR"); 1421 return (0); 1422 } 1423 1424 /* 1425 * set interface destination address 1426 */ 1427 /* ARGSUSED */ 1428 static int 1429 setifdstaddr(char *addr, int64_t param) 1430 { 1431 (*afp->af_getaddr)(addr, (struct sockaddr *)&lifr.lifr_addr, NULL); 1432 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1433 if (ioctl(s, SIOCSLIFDSTADDR, (caddr_t)&lifr) < 0) 1434 Perror0_exit("setifdstaddr: SIOCSLIFDSTADDR"); 1435 return (0); 1436 } 1437 1438 /* ARGSUSED */ 1439 static int 1440 setifflags(char *val, int64_t value) 1441 { 1442 int phyintlen, origphyintlen; 1443 1444 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1445 if (ioctl(s, SIOCGLIFFLAGS, (caddr_t)&lifr) < 0) 1446 Perror0_exit("setifflags: SIOCGLIFFLAGS"); 1447 1448 if (value == IFF_NOFAILOVER) { 1449 /* 1450 * Fail if '-failover' is set after a prior addif created the 1451 * alias on a different interface. This can happen when the 1452 * interface is part of an IPMP group. 1453 */ 1454 phyintlen = strcspn(name, ":"); 1455 origphyintlen = strcspn(origname, ":"); 1456 if (phyintlen != origphyintlen || 1457 strncmp(name, origname, phyintlen) != 0) { 1458 (void) fprintf(stderr, "ifconfig: can't set -failover " 1459 "on failed/standby/offlined interface %s\n", 1460 origname); 1461 exit(1); 1462 } 1463 } 1464 1465 if (value < 0) { 1466 value = -value; 1467 lifr.lifr_flags &= ~value; 1468 if ((value & IFF_UP) && (lifr.lifr_flags & IFF_DUPLICATE)) { 1469 /* 1470 * If the user is trying to mark an interface with a 1471 * duplicate address as "down," then fetch the address 1472 * and set it. This will cause IP to clear the 1473 * IFF_DUPLICATE flag and stop the automatic recovery 1474 * timer. 1475 */ 1476 value = lifr.lifr_flags; 1477 if (ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr) >= 0) 1478 (void) ioctl(s, SIOCSLIFADDR, (caddr_t)&lifr); 1479 lifr.lifr_flags = value; 1480 } 1481 } else { 1482 lifr.lifr_flags |= value; 1483 } 1484 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1485 if (ioctl(s, SIOCSLIFFLAGS, (caddr_t)&lifr) < 0) { 1486 Perror0_exit("setifflags: SIOCSLIFFLAGS"); 1487 } 1488 return (0); 1489 } 1490 1491 /* ARGSUSED */ 1492 static int 1493 setifmetric(char *val, int64_t param) 1494 { 1495 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1496 lifr.lifr_metric = atoi(val); 1497 if (ioctl(s, SIOCSLIFMETRIC, (caddr_t)&lifr) < 0) 1498 Perror0_exit("setifmetric: SIOCSLIFMETRIC"); 1499 return (0); 1500 } 1501 1502 /* ARGSUSED */ 1503 static int 1504 setifmtu(char *val, int64_t param) 1505 { 1506 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1507 lifr.lifr_mtu = atoi(val); 1508 if (ioctl(s, SIOCSLIFMTU, (caddr_t)&lifr) < 0) 1509 Perror0_exit("setifmtu: SIOCSLIFMTU"); 1510 return (0); 1511 } 1512 1513 /* ARGSUSED */ 1514 static int 1515 setifindex(char *val, int64_t param) 1516 { 1517 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1518 lifr.lifr_index = atoi(val); 1519 if (ioctl(s, SIOCSLIFINDEX, (caddr_t)&lifr) < 0) 1520 Perror0_exit("setifindex: SIOCSLIFINDEX"); 1521 return (0); 1522 } 1523 1524 /* ARGSUSED */ 1525 static int 1526 setifether(char *addr, int64_t param) 1527 { 1528 uchar_t *ea; 1529 iface_t *current; 1530 int maclen; 1531 1532 if (addr == NULL) { 1533 ifstatus(name); 1534 print_ifether(name); 1535 return (0); 1536 } 1537 1538 phyif = NULL; 1539 logifs = NULL; 1540 1541 /* 1542 * if the IP interface in the arguments is a logical 1543 * interface, exit with an error now. 1544 */ 1545 if (strchr(name, ':') != NULL) { 1546 (void) fprintf(stderr, "ifconfig: cannot change" 1547 " ethernet address of a logical interface\n"); 1548 exit(1); 1549 } 1550 1551 ea = _link_aton(addr, &maclen); 1552 if (ea == NULL) { 1553 if (maclen == -1) 1554 (void) fprintf(stderr, 1555 "ifconfig: %s: bad address\n", addr); 1556 else 1557 (void) fprintf(stderr, "ifconfig: malloc() failed\n"); 1558 exit(1); 1559 } 1560 1561 (void) strncpy(savedname, name, sizeof (savedname)); 1562 1563 /* 1564 * Call selectifs only for the IP interfaces that are ipv4. 1565 * offflags == IFF_IPV6 because you should not change the 1566 * Ethernet address of an ipv6 interface 1567 */ 1568 foreachinterface(selectifs, 0, (char **)NULL, 0, 0, IFF_IPV6, 0); 1569 1570 /* If physical interface not found, exit now */ 1571 if (phyif == NULL) { 1572 (void) fprintf(stderr, 1573 "ifconfig: interface %s not found\n", savedname); 1574 exit(1); 1575 } 1576 1577 /* Restore */ 1578 (void) strncpy(name, savedname, sizeof (name)); 1579 (void) strncpy(origname, savedname, sizeof (origname)); 1580 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1581 1582 /* 1583 * close and reopen the socket 1584 * we don't know which type of socket we have now 1585 */ 1586 (void) close(s); 1587 s = socket(SOCKET_AF(AF_UNSPEC), SOCK_DGRAM, 0); 1588 if (s < 0) { 1589 Perror0_exit("socket"); 1590 } 1591 1592 /* 1593 * mark down the logical interfaces first, 1594 * and then the physical interface 1595 */ 1596 if (updownifs(logifs, 0) < 0 || updownifs(phyif, 0) < 0) { 1597 Perror0_exit("mark down interface failed"); 1598 } 1599 1600 /* 1601 * Change the physical address 1602 */ 1603 if (dlpi_set_address(savedname, ea, maclen) == -1) { 1604 (void) fprintf(stderr, 1605 "ifconfig: failed setting mac address on %s\n", 1606 savedname); 1607 } 1608 1609 /* 1610 * if any interfaces were marked down before changing the 1611 * ethernet address, put them up again. 1612 * First the physical interface, then the logical ones. 1613 */ 1614 if (updownifs(phyif, 1) < 0 || updownifs(logifs, 1) < 0) { 1615 Perror0_exit("mark down interface failed"); 1616 } 1617 1618 /* Free the memory allocated by selectifs */ 1619 free(phyif); 1620 for (current = logifs; current != NULL; current = logifs) { 1621 logifs = logifs->next; 1622 free(current); 1623 } 1624 1625 return (0); 1626 } 1627 1628 /* 1629 * Print an interface's Ethernet address, if it has one. 1630 */ 1631 static void 1632 print_ifether(char *ifname) 1633 { 1634 int protocol; 1635 icfg_if_t interface; 1636 icfg_handle_t handle; 1637 int fd; 1638 1639 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1640 1641 fd = socket(AF_INET, SOCK_DGRAM, 0); 1642 if (fd == -1 || ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1) { 1643 /* 1644 * It's possible the interface is only configured for 1645 * IPv6; check again with AF_INET6. 1646 */ 1647 (void) close(fd); 1648 fd = socket(AF_INET6, SOCK_DGRAM, 0); 1649 if (fd == -1 || ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1) { 1650 (void) close(fd); 1651 return; 1652 } 1653 } 1654 (void) close(fd); 1655 1656 /* Virtual interfaces don't have MAC addresses */ 1657 if (lifr.lifr_flags & IFF_VIRTUAL) 1658 return; 1659 1660 /* 1661 * We must be careful to set if_protocol based on the current 1662 * properties of the interface. For instance, if "ip.tun0" is 1663 * configured only as an IPv6 tunnel, then if_protocol must be 1664 * set to AF_INET6 or icfg_get_tunnel_lower() will fail and 1665 * we will falsely conclude that it's not a tunnel. 1666 */ 1667 interface.if_protocol = AF_INET; 1668 if (lifr.lifr_flags & IFF_IPV6) 1669 interface.if_protocol = AF_INET6; 1670 1671 (void) strncpy(interface.if_name, ifname, sizeof (interface.if_name)); 1672 1673 if (icfg_open(&handle, &interface) == ICFG_SUCCESS) { 1674 if (icfg_get_tunnel_lower(handle, &protocol) == ICFG_SUCCESS) { 1675 /* Tunnel op succeeded -- it's a tunnel so skip */ 1676 icfg_close(handle); 1677 return; 1678 } 1679 icfg_close(handle); 1680 } 1681 1682 dlpi_print_address(ifname); 1683 } 1684 1685 /* 1686 * static void selectifs(int argc, char *argv[], int af, struct lifreq *rp) 1687 * 1688 * Called inside setifether() to create a list of interfaces to 1689 * mark down/up when changing the Ethernet address. 1690 * If the current interface is the physical interface passed 1691 * as an argument to ifconfig, update phyif. 1692 * If the current interface is a logical interface associated 1693 * to the physical interface, add it to the logifs list. 1694 */ 1695 /* ARGSUSED */ 1696 static void 1697 selectifs(int argc, char *argv[], int af, struct lifreq *rp) 1698 { 1699 char *colonp; 1700 int length; 1701 iface_t *current; 1702 1703 /* 1704 * savedname= name of the IP interface to which you want to 1705 * change ethernet address 1706 * name= name of the current IP interface 1707 */ 1708 colonp = strchr(name, ':'); 1709 if (colonp == NULL) 1710 length = max(strlen(savedname), strlen(name)); 1711 else 1712 length = max(strlen(savedname), colonp - name); 1713 if (strncmp(savedname, name, length) == 0) { 1714 (void) strcpy(lifr.lifr_name, name); 1715 if (ioctl(s, SIOCGLIFFLAGS, &lifr) < 0) { 1716 Perror0("selectifs: SIOCGLIFFLAGS"); 1717 return; 1718 } 1719 1720 if ((current = malloc(sizeof (iface_t))) == NULL) { 1721 Perror0_exit("selectifs: malloc failed\n"); 1722 } 1723 1724 if (colonp == NULL) { 1725 /* this is the physical interface */ 1726 phyif = current; 1727 bcopy(&lifr, &phyif->lifr, sizeof (struct lifreq)); 1728 phyif->next = NULL; 1729 } else { 1730 /* this is a logical interface */ 1731 bcopy(&lifr, ¤t->lifr, sizeof (struct lifreq)); 1732 current->next = logifs; 1733 logifs = current; 1734 } 1735 } 1736 } 1737 1738 /* 1739 * static int updownifs(iface_t *ifs, int up) 1740 * 1741 * It takes in input a list of IP interfaces (ifs) 1742 * and a flag (up). 1743 * It marks each interface in the list down (up = 0) 1744 * or up (up > 0). This is done ONLY if the IP 1745 * interface was originally up. 1746 * 1747 * Return values: 1748 * 0 = everything OK 1749 * -1 = problem 1750 */ 1751 static int 1752 updownifs(iface_t *ifs, int up) 1753 { 1754 iface_t *current; 1755 int ret = 0; 1756 int save_errno; 1757 char savename[LIFNAMSIZ]; 1758 uint64_t orig_flags; 1759 1760 for (current = ifs; current != NULL; current = current->next) { 1761 if (current->lifr.lifr_flags & IFF_UP) { 1762 orig_flags = current->lifr.lifr_flags; 1763 if (!up) 1764 current->lifr.lifr_flags &= ~IFF_UP; 1765 if (ioctl(s, SIOCSLIFFLAGS, ¤t->lifr) < 0) { 1766 save_errno = errno; 1767 (void) strcpy(savename, 1768 current->lifr.lifr_name); 1769 ret = -1; 1770 } 1771 if (!up) /* restore the original flags */ 1772 current->lifr.lifr_flags = orig_flags; 1773 } 1774 } 1775 1776 if (ret == -1) { 1777 (void) strcpy(lifr.lifr_name, savename); 1778 errno = save_errno; 1779 } 1780 return (ret); 1781 } 1782 1783 /* 1784 * Create the next unused logical interface using the original name 1785 * and assign the address (and mask if '/<n>' is part of the address). 1786 * Use the new logical interface for subsequent subcommands by updating 1787 * the name variable. 1788 * 1789 * This allows syntax like: 1790 * ifconfig le0 addif 109.106.86.130 netmask + up \ 1791 * addif 109.106.86.131 netmask + up 1792 */ 1793 /* ARGSUSED */ 1794 static int 1795 addif(char *str, int64_t param) 1796 { 1797 int prefixlen = 0; 1798 struct sockaddr_storage laddr; 1799 struct sockaddr_storage mask; 1800 1801 (void) strncpy(name, origname, sizeof (name)); 1802 1803 if (strchr(name, ':') != NULL) { 1804 (void) fprintf(stderr, 1805 "ifconfig: addif: bad physical interface name %s\n", 1806 name); 1807 exit(1); 1808 } 1809 1810 /* 1811 * clear so parser will interpret next address as source followed 1812 * by possible dest 1813 */ 1814 setaddr = 0; 1815 (*afp->af_getaddr)(str, (struct sockaddr *)&laddr, &prefixlen); 1816 1817 switch (prefixlen) { 1818 case NO_PREFIX: 1819 /* Nothing there - ok */ 1820 break; 1821 case BAD_ADDR: 1822 (void) fprintf(stderr, 1823 "ifconfig: Bad prefix length in %s\n", str); 1824 exit(1); 1825 default: 1826 (void) memset(&mask, 0, sizeof (mask)); 1827 mask.ss_family = afp->af_af; 1828 if (afp->af_af == AF_INET6) { 1829 struct sockaddr_in6 *sin6; 1830 sin6 = (struct sockaddr_in6 *)&mask; 1831 if (!in_prefixlentomask(prefixlen, IPV6_ABITS, 1832 (uchar_t *)&sin6->sin6_addr)) { 1833 (void) fprintf(stderr, "ifconfig: " 1834 "Bad prefix length: %d\n", 1835 prefixlen); 1836 exit(1); 1837 } 1838 } else { 1839 struct sockaddr_in *sin; 1840 1841 sin = (struct sockaddr_in *)&mask; 1842 if (!in_prefixlentomask(prefixlen, IP_ABITS, 1843 (uchar_t *)&sin->sin_addr)) { 1844 (void) fprintf(stderr, "ifconfig: " 1845 "Bad prefix length: %d\n", 1846 prefixlen); 1847 exit(1); 1848 } 1849 } 1850 g_netmask_set = G_NETMASK_NIL; 1851 break; 1852 } 1853 1854 /* 1855 * This is a "hack" to get around the problem of SIOCLIFADDIF. The 1856 * problem is that this ioctl does not include the netmask when 1857 * adding a logical interface. This is the same problem described 1858 * in the ifconfig() comments. To get around this problem, we first 1859 * add the logical interface with a 0 address. After that, we set 1860 * the netmask if provided. Finally we set the interface address. 1861 */ 1862 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1863 (void) memset(&lifr.lifr_addr, 0, sizeof (lifr.lifr_addr)); 1864 1865 /* Note: no need to do DAD here since the interface isn't up yet. */ 1866 1867 if (ioctl(s, SIOCLIFADDIF, (caddr_t)&lifr) < 0) 1868 Perror0_exit("addif: SIOCLIFADDIF"); 1869 1870 (void) printf("Created new logical interface %s\n", 1871 lifr.lifr_name); 1872 (void) strncpy(name, lifr.lifr_name, sizeof (name)); 1873 1874 /* 1875 * Check and see if any "netmask" command is used and perform the 1876 * necessary operation. 1877 */ 1878 set_mask_lifreq(&lifr, &laddr, &mask); 1879 /* 1880 * Only set the netmask if "netmask" command is used or a prefix is 1881 * provided. 1882 */ 1883 if (g_netmask_set == G_NETMASK_SET || prefixlen >= 0) { 1884 if (ioctl(s, SIOCSLIFNETMASK, (caddr_t)&lifr) < 0) 1885 Perror0_exit("addif: SIOCSLIFNETMASK"); 1886 } 1887 1888 /* Finally, we set the interface address. */ 1889 lifr.lifr_addr = laddr; 1890 if (ioctl(s, SIOCSLIFADDR, (caddr_t)&lifr) < 0) 1891 Perror0_exit("SIOCSLIFADDR"); 1892 1893 /* 1894 * let parser know we got a source. 1895 * Next address, if given, should be dest 1896 */ 1897 setaddr++; 1898 return (0); 1899 } 1900 1901 /* 1902 * Remove a logical interface based on its IP address. Unlike addif 1903 * there is no '/<n>' here. 1904 * Verifies that the interface is down before it is removed. 1905 */ 1906 /* ARGSUSED */ 1907 static int 1908 removeif(char *str, int64_t param) 1909 { 1910 struct sockaddr_storage laddr; 1911 1912 if (strchr(name, ':') != NULL) { 1913 (void) fprintf(stderr, 1914 "ifconfig: removeif: bad physical interface name %s\n", 1915 name); 1916 exit(1); 1917 } 1918 1919 (*afp->af_getaddr)(str, &laddr, NULL); 1920 lifr.lifr_addr = laddr; 1921 1922 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1923 if (ioctl(s, SIOCLIFREMOVEIF, (caddr_t)&lifr) < 0) { 1924 if (errno == EBUSY) { 1925 /* This can only happen if ipif_id = 0 */ 1926 (void) fprintf(stderr, 1927 "ifconfig: removeif: can't remove interface: %s\n", 1928 name); 1929 exit(1); 1930 } 1931 Perror0_exit("removeif: SIOCLIFREMOVEIF"); 1932 } 1933 return (0); 1934 } 1935 1936 /* 1937 * Set the address token for IPv6. 1938 */ 1939 /* ARGSUSED */ 1940 static int 1941 setiftoken(char *addr, int64_t param) 1942 { 1943 int prefixlen = 0; 1944 struct sockaddr_in6 token; 1945 1946 in6_getaddr(addr, (struct sockaddr *)&token, &prefixlen); 1947 switch (prefixlen) { 1948 case NO_PREFIX: 1949 (void) fprintf(stderr, 1950 "ifconfig: Missing prefix length in subnet %s\n", addr); 1951 exit(1); 1952 /* NOTREACHED */ 1953 case BAD_ADDR: 1954 (void) fprintf(stderr, 1955 "ifconfig: Bad prefix length in %s\n", addr); 1956 exit(1); 1957 default: 1958 break; 1959 } 1960 (void) memcpy(&lifr.lifr_addr, &token, sizeof (token)); 1961 lifr.lifr_addrlen = prefixlen; 1962 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 1963 if (ioctl(s, SIOCSLIFTOKEN, (caddr_t)&lifr) < 0) { 1964 Perror0_exit("setiftoken: SIOCSLIFTOKEN"); 1965 } 1966 return (0); 1967 } 1968 1969 /* 1970 * Return value: 0 on success, -1 on failure. 1971 */ 1972 static int 1973 connect_to_mpathd(int family) 1974 { 1975 int s; 1976 struct sockaddr_storage ss; 1977 struct sockaddr_in *sin = (struct sockaddr_in *)&ss; 1978 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&ss; 1979 struct in6_addr loopback_addr = IN6ADDR_LOOPBACK_INIT; 1980 int addrlen; 1981 int ret; 1982 int on; 1983 1984 s = socket(family, SOCK_STREAM, 0); 1985 if (s < 0) { 1986 Perror0_exit("connect_to_mpathd: socket"); 1987 } 1988 (void) bzero((char *)&ss, sizeof (ss)); 1989 ss.ss_family = family; 1990 /* 1991 * Need to bind to a privileged port. For non-root, this 1992 * will fail. in.mpathd verifies that only commands coming 1993 * from privileged ports succeed so that ordinary users 1994 * can't connect and start talking to in.mpathd 1995 */ 1996 on = 1; 1997 if (setsockopt(s, IPPROTO_TCP, TCP_ANONPRIVBIND, &on, 1998 sizeof (on)) < 0) { 1999 Perror0_exit("connect_to_mpathd: setsockopt"); 2000 } 2001 switch (family) { 2002 case AF_INET: 2003 sin->sin_port = 0; 2004 sin->sin_addr.s_addr = htonl(INADDR_LOOPBACK); 2005 addrlen = sizeof (struct sockaddr_in); 2006 break; 2007 case AF_INET6: 2008 sin6->sin6_port = 0; 2009 sin6->sin6_addr = loopback_addr; 2010 addrlen = sizeof (struct sockaddr_in6); 2011 break; 2012 } 2013 ret = bind(s, (struct sockaddr *)&ss, addrlen); 2014 if (ret != 0) { 2015 (void) close(s); 2016 return (-1); 2017 } 2018 2019 switch (family) { 2020 case AF_INET: 2021 sin->sin_port = htons(MPATHD_PORT); 2022 break; 2023 case AF_INET6: 2024 sin6->sin6_port = htons(MPATHD_PORT); 2025 break; 2026 } 2027 ret = connect(s, (struct sockaddr *)&ss, addrlen); 2028 (void) close(s); 2029 return (ret); 2030 } 2031 2032 /* ARGSUSED */ 2033 static int 2034 setifgroupname(char *grpname, int64_t param) 2035 { 2036 if (debug) { 2037 (void) printf("Setting groupname %s on interface %s\n", 2038 grpname, name); 2039 } 2040 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2041 (void) strncpy(lifr.lifr_groupname, grpname, 2042 sizeof (lifr.lifr_groupname)); 2043 if (ioctl(s, SIOCSLIFGROUPNAME, (caddr_t)&lifr) < 0) { 2044 Perror0_exit("setifgroupname: SIOCSLIFGROUPNAME"); 2045 } 2046 2047 /* 2048 * If the SUNW_NO_MPATHD environment variable is set then don't 2049 * bother starting up in.mpathd. See PSARC/2002/249 for the 2050 * depressing details on this bit of stupidity. 2051 */ 2052 if (getenv("SUNW_NO_MPATHD") != NULL) { 2053 return (0); 2054 } 2055 2056 /* 2057 * Try to connect to in.mpathd using IPv4. If we succeed, 2058 * we conclude that in.mpathd is running, and quit. 2059 */ 2060 if (connect_to_mpathd(AF_INET) == 0) { 2061 /* connect succeeded, mpathd is already running */ 2062 return (0); 2063 } 2064 /* 2065 * Try to connect to in.mpathd using IPv6. If we succeed, 2066 * we conclude that in.mpathd is running, and quit. 2067 */ 2068 if (connect_to_mpathd(AF_INET6) == 0) { 2069 /* connect succeeded, mpathd is already running */ 2070 return (0); 2071 } 2072 2073 /* 2074 * in.mpathd may not be running. Start it now. If it is already 2075 * running, in.mpathd will take care of handling multiple incarnations 2076 * of itself. ifconfig only tries to optimize performance by not 2077 * starting another incarnation of in.mpathd. 2078 */ 2079 switch (fork()) { 2080 2081 case -1: 2082 Perror0_exit("setifgroupname: fork"); 2083 /* NOTREACHED */ 2084 case 0: 2085 (void) execl(MPATHD_PATH, MPATHD_PATH, NULL); 2086 _exit(1); 2087 /* NOTREACHED */ 2088 default: 2089 return (0); 2090 } 2091 } 2092 2093 2094 /* 2095 * To list all the modules above a given network interface. 2096 */ 2097 /* ARGSUSED */ 2098 static int 2099 modlist(char *null, int64_t param) 2100 { 2101 int muxfd; 2102 int ipfd_lowstr; 2103 int arpfd_lowstr; 2104 int num_mods; 2105 int i; 2106 struct str_list strlist; 2107 int orig_arpid; 2108 2109 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2110 if (ip_domux2fd(&muxfd, &ipfd_lowstr, &arpfd_lowstr, 2111 &orig_arpid) < 0) { 2112 return (-1); 2113 } 2114 if ((num_mods = ioctl(ipfd_lowstr, I_LIST, NULL)) < 0) { 2115 Perror0("cannot I_LIST to get the number of modules"); 2116 } else { 2117 if (debug > 0) { 2118 (void) printf("Listing (%d) modules above %s\n", 2119 num_mods, name); 2120 } 2121 2122 strlist.sl_nmods = num_mods; 2123 strlist.sl_modlist = malloc(sizeof (struct str_mlist) * 2124 num_mods); 2125 if (strlist.sl_modlist == NULL) { 2126 Perror0("cannot malloc"); 2127 } else { 2128 if (ioctl(ipfd_lowstr, I_LIST, (caddr_t)&strlist) < 0) { 2129 Perror0("cannot I_LIST for module names"); 2130 } else { 2131 for (i = 0; i < strlist.sl_nmods; i++) { 2132 (void) printf("%d %s\n", i, 2133 strlist.sl_modlist[i].l_name); 2134 } 2135 } 2136 free(strlist.sl_modlist); 2137 } 2138 } 2139 return (ip_plink(muxfd, ipfd_lowstr, arpfd_lowstr, orig_arpid)); 2140 } 2141 2142 #define MODINSERT_OP 'i' 2143 #define MODREMOVE_OP 'r' 2144 2145 /* 2146 * To insert a module to the stream of the interface. It is just a 2147 * wrapper. The real function is modop(). 2148 */ 2149 /* ARGSUSED */ 2150 static int 2151 modinsert(char *arg, int64_t param) 2152 { 2153 return (modop(arg, MODINSERT_OP)); 2154 } 2155 2156 /* 2157 * To remove a module from the stream of the interface. It is just a 2158 * wrapper. The real function is modop(). 2159 */ 2160 /* ARGSUSED */ 2161 static int 2162 modremove(char *arg, int64_t param) 2163 { 2164 return (modop(arg, MODREMOVE_OP)); 2165 } 2166 2167 /* 2168 * Open a stream on /dev/udp, pop off all undesired modules (note that 2169 * the user may have configured autopush to add modules above or below 2170 * udp), and push the arp module onto raw IP. 2171 */ 2172 static int 2173 open_arp_on_udp(char *udp_dev_name) 2174 { 2175 int fd; 2176 boolean_t popped; 2177 2178 if ((fd = open(udp_dev_name, O_RDWR)) == -1) { 2179 Perror2("open", udp_dev_name); 2180 return (-1); 2181 } 2182 errno = 0; 2183 popped = _B_FALSE; 2184 while (ioctl(fd, I_POP, 0) != -1) 2185 popped = _B_TRUE; 2186 if (!popped) { 2187 Perror2("cannot pop", udp_dev_name); 2188 } else if (errno != EINVAL) { 2189 Perror2("pop", udp_dev_name); 2190 } else if (ioctl(fd, I_PUSH, ARP_MOD_NAME) == -1) { 2191 Perror2("arp PUSH", udp_dev_name); 2192 } else { 2193 return (fd); 2194 } 2195 (void) close(fd); 2196 return (-1); 2197 } 2198 2199 /* 2200 * Helper function for mod*() functions. It gets a fd to the lower IP 2201 * stream and I_PUNLINK's the lower stream. It also initializes the 2202 * global variable lifr. 2203 * 2204 * Param: 2205 * int *udp_fd: (referenced) fd to /dev/udp (upper IP stream). 2206 * int *fd: (referenced) fd to the lower IP stream. 2207 * 2208 * Return: 2209 * -1 if operation fails, 0 otherwise. 2210 * 2211 * Please see the big block comment above plumb_one_device() 2212 * for the logic of the PLINK/PUNLINK 2213 */ 2214 static int 2215 ip_domux2fd(int *muxfd, int *ipfd_lowstr, int *arpfd_lowstr, int *orig_arpid) 2216 { 2217 int ip_fd; 2218 uint64_t flags; 2219 char *udp_dev_name; 2220 char *ip_dev_name; 2221 2222 *orig_arpid = 0; 2223 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2224 if (ioctl(s, SIOCGLIFFLAGS, (caddr_t)&lifr) < 0) { 2225 Perror0_exit("status: SIOCGLIFFLAGS"); 2226 } 2227 flags = lifr.lifr_flags; 2228 if (flags & IFF_IPV4) { 2229 udp_dev_name = UDP_DEV_NAME; 2230 ip_dev_name = IP_DEV_NAME; 2231 } else if (flags & IFF_IPV6) { 2232 udp_dev_name = UDP6_DEV_NAME; 2233 ip_dev_name = IP6_DEV_NAME; 2234 } else { 2235 return (-1); 2236 } 2237 2238 if ((ip_fd = open(ip_dev_name, O_RDWR)) < 0) { 2239 Perror2("open", ip_dev_name); 2240 return (-1); 2241 } 2242 if (ioctl(ip_fd, SIOCGLIFMUXID, (caddr_t)&lifr) < 0) { 2243 Perror2("SIOCGLIFMUXID", ip_dev_name); 2244 return (-1); 2245 } 2246 if (debug > 0) { 2247 (void) printf("ARP_muxid %d IP_muxid %d\n", 2248 lifr.lifr_arp_muxid, lifr.lifr_ip_muxid); 2249 } 2250 2251 if ((*muxfd = open_arp_on_udp(udp_dev_name)) == -1) 2252 return (-1); 2253 2254 if (lifr.lifr_arp_muxid != 0) { 2255 if ((*arpfd_lowstr = ioctl(*muxfd, _I_MUXID2FD, 2256 lifr.lifr_arp_muxid)) < 0) { 2257 if ((errno == EINVAL) && 2258 (flags & (IFF_NOARP | IFF_IPV6))) { 2259 /* 2260 * Some plumbing utilities set the muxid to 2261 * -1 or some invalid value to signify that 2262 * there is no arp stream. Set the muxid to 0 2263 * before trying to unplumb the IP stream. 2264 * IP does not allow the IP stream to be 2265 * unplumbed if it sees a non-null arp muxid, 2266 * for consistency of IP-ARP streams. 2267 */ 2268 *orig_arpid = lifr.lifr_arp_muxid; 2269 lifr.lifr_arp_muxid = 0; 2270 (void) ioctl(*muxfd, SIOCSLIFMUXID, 2271 (caddr_t)&lifr); 2272 *arpfd_lowstr = -1; 2273 } else { 2274 Perror0("_I_MUXID2FD"); 2275 return (-1); 2276 } 2277 } else if (ioctl(*muxfd, I_PUNLINK, 2278 lifr.lifr_arp_muxid) < 0) { 2279 Perror2("I_PUNLINK", udp_dev_name); 2280 return (-1); 2281 } 2282 } else { 2283 *arpfd_lowstr = -1; 2284 } 2285 2286 if ((*ipfd_lowstr = ioctl(*muxfd, _I_MUXID2FD, 2287 lifr.lifr_ip_muxid)) < 0) { 2288 Perror0("_I_MUXID2FD"); 2289 /* Undo any changes we made */ 2290 if (*orig_arpid != 0) { 2291 lifr.lifr_arp_muxid = *orig_arpid; 2292 (void) ioctl(*muxfd, SIOCSLIFMUXID, (caddr_t)&lifr); 2293 } 2294 return (-1); 2295 } 2296 if (ioctl(*muxfd, I_PUNLINK, lifr.lifr_ip_muxid) < 0) { 2297 Perror2("I_PUNLINK", udp_dev_name); 2298 /* Undo any changes we made */ 2299 if (*orig_arpid != 0) { 2300 lifr.lifr_arp_muxid = *orig_arpid; 2301 (void) ioctl(*muxfd, SIOCSLIFMUXID, (caddr_t)&lifr); 2302 } 2303 return (-1); 2304 } 2305 return (0); 2306 } 2307 2308 /* 2309 * Helper function for mod*() functions. It I_PLINK's back the upper and 2310 * lower IP streams. Note that this function must be called after 2311 * ip_domux2fd(). In ip_domux2fd(), the global variable lifr is initialized 2312 * and ip_plink() needs information in lifr. So ip_domux2fd() and ip_plink() 2313 * must be called in pairs. 2314 * 2315 * Param: 2316 * int udp_fd: fd to /dev/udp (upper IP stream). 2317 * int fd: fd to the lower IP stream. 2318 * 2319 * Return: 2320 * -1 if operation fails, 0 otherwise. 2321 * 2322 * Please see the big block comment above plumb_one_device() 2323 * for the logic of the PLINK/PUNLINK 2324 */ 2325 static int 2326 ip_plink(int muxfd, int ipfd_lowstr, int arpfd_lowstr, int orig_arpid) 2327 { 2328 int ip_muxid; 2329 2330 ip_muxid = ioctl(muxfd, I_PLINK, ipfd_lowstr); 2331 if (ip_muxid < 0) { 2332 Perror2("I_PLINK", UDP_DEV_NAME); 2333 return (-1); 2334 } 2335 2336 /* 2337 * If there is an arp stream, plink it. If there is no 2338 * arp stream, then it is possible that the plumbing 2339 * utility could have stored any value in the arp_muxid. 2340 * If so, restore it from orig_arpid. 2341 */ 2342 if (arpfd_lowstr != -1) { 2343 if (ioctl(muxfd, I_PLINK, arpfd_lowstr) < 0) { 2344 Perror2("I_PLINK", UDP_DEV_NAME); 2345 return (-1); 2346 } 2347 } else if (orig_arpid != 0) { 2348 /* Undo the changes we did in ip_domux2fd */ 2349 lifr.lifr_arp_muxid = orig_arpid; 2350 lifr.lifr_ip_muxid = ip_muxid; 2351 (void) ioctl(muxfd, SIOCSLIFMUXID, (caddr_t)&lifr); 2352 } 2353 2354 return (0); 2355 } 2356 2357 /* 2358 * The real function to perform module insertion/removal. 2359 * 2360 * Param: 2361 * char *arg: the argument string module_name@position 2362 * char op: operation, either MODINSERT_OP or MODREMOVE_OP. 2363 * 2364 * Return: 2365 * Before doing ip_domux2fd(), this function calls exit(1) in case of 2366 * error. After ip_domux2fd() is done, it returns -1 for error, 0 2367 * otherwise. 2368 */ 2369 static int 2370 modop(char *arg, char op) 2371 { 2372 char *pos_p; 2373 int muxfd; 2374 int ipfd_lowstr; /* IP stream (lower stream of mux) to be plinked */ 2375 int arpfd_lowstr; /* ARP stream (lower stream of mux) to be plinked */ 2376 struct strmodconf mod; 2377 char *at_char = "@"; 2378 char *arg_str; 2379 int orig_arpid; 2380 2381 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2382 2383 /* Need to save the original string for -a option. */ 2384 if ((arg_str = malloc(strlen(arg) + 1)) == NULL) { 2385 Perror0("cannot malloc"); 2386 return (-1); 2387 } 2388 (void) strcpy(arg_str, arg); 2389 2390 if (*arg_str == *at_char) { 2391 (void) fprintf(stderr, 2392 "ifconfig: must supply a module name\n"); 2393 exit(1); 2394 } 2395 mod.mod_name = strtok(arg_str, at_char); 2396 if (strlen(mod.mod_name) > FMNAMESZ) { 2397 (void) fprintf(stderr, "ifconfig: module name too long: %s\n", 2398 mod.mod_name); 2399 exit(1); 2400 } 2401 2402 /* 2403 * Need to make sure that the core TCP/IP stack modules are not 2404 * removed. Otherwise, "bad" things can happen. If a module 2405 * is removed and inserted back, it loses its old state. But 2406 * the modules above it still have the old state. E.g. IP assumes 2407 * fast data path while tunnel after re-inserted assumes that it can 2408 * receive M_DATA only in fast data path for which it does not have 2409 * any state. This is a general caveat of _I_REMOVE/_I_INSERT. 2410 */ 2411 if (op == MODREMOVE_OP && 2412 (strcmp(mod.mod_name, ARP_MOD_NAME) == 0 || 2413 strcmp(mod.mod_name, IP_MOD_NAME) == 0 || 2414 strcmp(mod.mod_name, TUN_NAME) == 0 || 2415 strcmp(mod.mod_name, ATUN_NAME) == 0 || 2416 strcmp(mod.mod_name, TUN6TO4_NAME) == 0)) { 2417 (void) fprintf(stderr, "ifconfig: cannot remove %s\n", 2418 mod.mod_name); 2419 exit(1); 2420 } 2421 2422 if ((pos_p = strtok(NULL, at_char)) == NULL) { 2423 (void) fprintf(stderr, "ifconfig: must supply a position\n"); 2424 exit(1); 2425 } 2426 mod.pos = atoi(pos_p); 2427 2428 if (ip_domux2fd(&muxfd, &ipfd_lowstr, &arpfd_lowstr, 2429 &orig_arpid) < 0) { 2430 free(arg_str); 2431 return (-1); 2432 } 2433 switch (op) { 2434 case MODINSERT_OP: 2435 if (debug > 0) { 2436 (void) printf("Inserting module %s at %d\n", 2437 mod.mod_name, mod.pos); 2438 } 2439 if (ioctl(ipfd_lowstr, _I_INSERT, (caddr_t)&mod) < 0) { 2440 Perror2("fail to insert module", mod.mod_name); 2441 } 2442 break; 2443 case MODREMOVE_OP: 2444 if (debug > 0) { 2445 (void) printf("Removing module %s at %d\n", 2446 mod.mod_name, mod.pos); 2447 } 2448 if (ioctl(ipfd_lowstr, _I_REMOVE, (caddr_t)&mod) < 0) { 2449 Perror2("fail to remove module", mod.mod_name); 2450 } 2451 break; 2452 default: 2453 /* Should never get to here. */ 2454 (void) fprintf(stderr, "Unknown operation\n"); 2455 break; 2456 } 2457 free(arg_str); 2458 return (ip_plink(muxfd, ipfd_lowstr, arpfd_lowstr, orig_arpid)); 2459 } 2460 2461 /* 2462 * Set tunnel source address 2463 */ 2464 /* ARGSUSED */ 2465 static int 2466 setiftsrc(char *addr, int64_t param) 2467 { 2468 return (settaddr(addr, icfg_set_tunnel_src)); 2469 } 2470 2471 /* 2472 * Set tunnel destination address 2473 */ 2474 /* ARGSUSED */ 2475 static int 2476 setiftdst(char *addr, int64_t param) 2477 { 2478 return (settaddr(addr, icfg_set_tunnel_dest)); 2479 } 2480 2481 /* 2482 * sets tunnels src|dst address. settaddr() expects the following: 2483 * addr: Points to a printable string containing the address to be 2484 * set, e.g. 129.153.128.110. 2485 * fn: Pointer to a libinetcfg routine that will do the actual work. 2486 * The only valid functions are icfg_set_tunnel_src and 2487 * icfg_set_tunnel_dest. 2488 */ 2489 static int 2490 settaddr(char *addr, 2491 int (*fn)(icfg_handle_t, const struct sockaddr *, socklen_t)) 2492 { 2493 icfg_handle_t handle; 2494 icfg_if_t interface; 2495 struct sockaddr_storage laddr; 2496 int lower; 2497 int rc; 2498 2499 if (strchr(name, ':') != NULL) { 2500 errno = EPERM; 2501 Perror0_exit("Tunnel params on logical interfaces"); 2502 } 2503 (void) strncpy(interface.if_name, name, sizeof (interface.if_name)); 2504 interface.if_protocol = SOCKET_AF(af); 2505 2506 /* Open interface. */ 2507 if ((rc = icfg_open(&handle, &interface)) != ICFG_SUCCESS) 2508 Perror0_exit((char *)icfg_errmsg(rc)); 2509 2510 rc = icfg_get_tunnel_lower(handle, &lower); 2511 if (rc != ICFG_SUCCESS) 2512 Perror0_exit((char *)icfg_errmsg(rc)); 2513 2514 if (lower == AF_INET) { 2515 in_getaddr(addr, (struct sockaddr *)&laddr, NULL); 2516 } else { 2517 in6_getaddr(addr, (struct sockaddr *)&laddr, NULL); 2518 } 2519 2520 /* Call fn to do the real work, and close the interface. */ 2521 rc = (*fn)(handle, (struct sockaddr *)&laddr, 2522 sizeof (struct sockaddr_storage)); 2523 icfg_close(handle); 2524 2525 if (rc != ICFG_SUCCESS) 2526 Perror0_exit((char *)icfg_errmsg(rc)); 2527 2528 return (0); 2529 } 2530 2531 /* Set tunnel encapsulation limit. */ 2532 /* ARGSUSED */ 2533 static int 2534 set_tun_encap_limit(char *arg, int64_t param) 2535 { 2536 short limit; 2537 icfg_if_t interface; 2538 icfg_handle_t handle; 2539 int rc; 2540 2541 if (strchr(name, ':') != NULL) { 2542 errno = EPERM; 2543 Perror0_exit("Tunnel params on logical interfaces"); 2544 } 2545 2546 if ((sscanf(arg, "%hd", &limit) != 1) || (limit < 0) || 2547 (limit > 255)) { 2548 errno = EINVAL; 2549 Perror0_exit("Invalid encapsulation limit"); 2550 } 2551 2552 /* Open interface for configuration. */ 2553 (void) strncpy(interface.if_name, name, sizeof (interface.if_name)); 2554 interface.if_protocol = SOCKET_AF(af); 2555 if (icfg_open(&handle, &interface) != ICFG_SUCCESS) 2556 Perror0_exit("couldn't open interface"); 2557 2558 rc = icfg_set_tunnel_encaplimit(handle, (int)limit); 2559 icfg_close(handle); 2560 2561 if (rc != ICFG_SUCCESS) 2562 Perror0_exit("Could not configure tunnel encapsulation limit"); 2563 2564 return (0); 2565 } 2566 2567 /* Disable encapsulation limit. */ 2568 /* ARGSUSED */ 2569 static int 2570 clr_tun_encap_limit(char *arg, int64_t param) 2571 { 2572 icfg_if_t interface; 2573 icfg_handle_t handle; 2574 int rc; 2575 2576 if (strchr(name, ':') != NULL) { 2577 errno = EPERM; 2578 Perror0_exit("Tunnel params on logical interfaces"); 2579 } 2580 2581 /* Open interface for configuration. */ 2582 (void) strncpy(interface.if_name, name, sizeof (interface.if_name)); 2583 interface.if_protocol = SOCKET_AF(af); 2584 if (icfg_open(&handle, &interface) != ICFG_SUCCESS) 2585 Perror0_exit("couldn't open interface"); 2586 2587 rc = icfg_set_tunnel_encaplimit(handle, -1); 2588 icfg_close(handle); 2589 2590 if (rc != ICFG_SUCCESS) 2591 Perror0_exit((char *)icfg_errmsg(rc)); 2592 2593 return (0); 2594 } 2595 2596 /* Set tunnel hop limit. */ 2597 /* ARGSUSED */ 2598 static int 2599 set_tun_hop_limit(char *arg, int64_t param) 2600 { 2601 unsigned short limit; 2602 icfg_if_t interface; 2603 icfg_handle_t handle; 2604 int rc; 2605 2606 if (strchr(name, ':') != NULL) { 2607 errno = EPERM; 2608 Perror0_exit("Tunnel params on logical interfaces"); 2609 } 2610 2611 /* 2612 * Check limit here since it's really only an 8-bit unsigned quantity. 2613 */ 2614 if ((sscanf(arg, "%hu", &limit) != 1) || (limit > 255)) { 2615 errno = EINVAL; 2616 Perror0_exit("Invalid hop limit"); 2617 } 2618 2619 /* Open interface for configuration. */ 2620 (void) strncpy(interface.if_name, name, sizeof (interface.if_name)); 2621 interface.if_protocol = SOCKET_AF(af); 2622 if (icfg_open(&handle, &interface) != ICFG_SUCCESS) 2623 Perror0_exit("couldn't open interface"); 2624 2625 rc = icfg_set_tunnel_hoplimit(handle, (uint8_t)limit); 2626 icfg_close(handle); 2627 2628 if (rc != ICFG_SUCCESS) 2629 Perror0_exit("Could not configure tunnel hop limit"); 2630 2631 return (0); 2632 } 2633 2634 /* Set zone ID */ 2635 static int 2636 setzone(char *arg, int64_t param) 2637 { 2638 zoneid_t zoneid = GLOBAL_ZONEID; 2639 2640 if (param == NEXTARG) { 2641 /* zone must be active */ 2642 if ((zoneid = getzoneidbyname(arg)) == -1) { 2643 (void) fprintf(stderr, 2644 "ifconfig: unknown zone '%s'\n", arg); 2645 exit(1); 2646 } 2647 } 2648 (void) strlcpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2649 lifr.lifr_zoneid = zoneid; 2650 if (ioctl(s, SIOCSLIFZONE, (caddr_t)&lifr) == -1) 2651 Perror0_exit("SIOCSLIFZONE"); 2652 return (0); 2653 } 2654 2655 /* Put interface into all zones */ 2656 /* ARGSUSED */ 2657 static int 2658 setallzones(char *arg, int64_t param) 2659 { 2660 (void) strlcpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2661 lifr.lifr_zoneid = ALL_ZONES; 2662 if (ioctl(s, SIOCSLIFZONE, (caddr_t)&lifr) == -1) 2663 Perror0_exit("SIOCSLIFZONE"); 2664 return (0); 2665 } 2666 2667 /* Set source address to use */ 2668 /* ARGSUSED */ 2669 static int 2670 setifsrc(char *arg, int64_t param) 2671 { 2672 uint_t ifindex = 0; 2673 int rval; 2674 2675 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2676 2677 /* 2678 * Argument can be either an interface name or "none". The latter means 2679 * that any previous selection is cleared. 2680 */ 2681 2682 rval = strcmp(arg, name); 2683 if (rval == 0) { 2684 (void) fprintf(stderr, 2685 "ifconfig: Cannot specify same interface for usesrc" 2686 " group\n"); 2687 exit(1); 2688 } 2689 2690 rval = strcmp(arg, NONE_STR); 2691 if (rval != 0) { 2692 if ((ifindex = if_nametoindex(arg)) == 0) { 2693 (void) strncpy(lifr.lifr_name, arg, LIFNAMSIZ); 2694 Perror0_exit("Could not get interface index"); 2695 } 2696 lifr.lifr_index = ifindex; 2697 } else { 2698 if (ioctl(s, SIOCGLIFUSESRC, (caddr_t)&lifr) != 0) 2699 Perror0_exit("Not a valid usesrc consumer"); 2700 lifr.lifr_index = 0; 2701 } 2702 2703 if (debug) 2704 (void) printf("setifsrc: lifr_name %s, lifr_index %d\n", 2705 lifr.lifr_name, lifr.lifr_index); 2706 2707 if (ioctl(s, SIOCSLIFUSESRC, (caddr_t)&lifr) == -1) { 2708 if (rval == 0) 2709 Perror0_exit("Cannot reset usesrc group"); 2710 else 2711 Perror0_exit("Could not set source interface"); 2712 } 2713 2714 return (0); 2715 } 2716 2717 /* 2718 * Print the interface status line associated with `ifname' 2719 */ 2720 static void 2721 ifstatus(const char *ifname) 2722 { 2723 uint64_t flags; 2724 char if_usesrc_name[LIFNAMSIZ]; 2725 char *newbuf; 2726 int n, numifs, rval = 0; 2727 struct lifreq *lifrp; 2728 struct lifsrcof lifs; 2729 2730 (void) strncpy(lifr.lifr_name, ifname, sizeof (lifr.lifr_name)); 2731 if (ioctl(s, SIOCGLIFFLAGS, (caddr_t)&lifr) < 0) { 2732 Perror0_exit("status: SIOCGLIFFLAGS"); 2733 } 2734 flags = lifr.lifr_flags; 2735 2736 /* 2737 * In V4 compatibility mode, we don't print the IFF_IPV4 flag or 2738 * interfaces with IFF_IPV6 set. 2739 */ 2740 if (v4compat) { 2741 flags &= ~IFF_IPV4; 2742 if (flags & IFF_IPV6) 2743 return; 2744 } 2745 2746 (void) printf("%s: ", ifname); 2747 print_flags(flags); 2748 2749 (void) strncpy(lifr.lifr_name, ifname, sizeof (lifr.lifr_name)); 2750 if (ioctl(s, SIOCGLIFMETRIC, (caddr_t)&lifr) < 0) { 2751 Perror0_exit("status: SIOCGLIFMETRIC"); 2752 } else { 2753 if (lifr.lifr_metric) 2754 (void) printf(" metric %d", lifr.lifr_metric); 2755 } 2756 if (ioctl(s, SIOCGLIFMTU, (caddr_t)&lifr) >= 0) 2757 (void) printf(" mtu %d", lifr.lifr_metric); 2758 2759 /* don't print index or zone when in compatibility mode */ 2760 if (!v4compat) { 2761 if (ioctl(s, SIOCGLIFINDEX, (caddr_t)&lifr) >= 0) 2762 (void) printf(" index %d", lifr.lifr_index); 2763 if (ioctl(s, SIOCGLIFZONE, (caddr_t)&lifr) >= 0 && 2764 lifr.lifr_zoneid != getzoneid()) { 2765 char zone_name[ZONENAME_MAX]; 2766 2767 if (lifr.lifr_zoneid == ALL_ZONES) { 2768 (void) printf("\n\tall-zones"); 2769 } else if (getzonenamebyid(lifr.lifr_zoneid, zone_name, 2770 sizeof (zone_name)) < 0) { 2771 (void) printf("\n\tzone %d", lifr.lifr_zoneid); 2772 } else { 2773 (void) printf("\n\tzone %s", zone_name); 2774 } 2775 } 2776 } 2777 2778 if (ioctl(s, SIOCGLIFINDEX, (caddr_t)&lifr) >= 0) { 2779 lifs.lifs_ifindex = lifr.lifr_index; 2780 2781 /* 2782 * Find the number of interfaces that use this interfaces' 2783 * address as a source address 2784 */ 2785 lifs.lifs_buf = NULL; 2786 lifs.lifs_maxlen = 0; 2787 for (;;) { 2788 /* The first pass will give the bufsize we need */ 2789 rval = ioctl(s, SIOCGLIFSRCOF, (char *)&lifs); 2790 if (rval < 0) { 2791 if (lifs.lifs_buf != NULL) { 2792 free(lifs.lifs_buf); 2793 lifs.lifs_buf = NULL; 2794 } 2795 lifs.lifs_len = 0; 2796 break; 2797 } 2798 if (lifs.lifs_len <= lifs.lifs_maxlen) 2799 break; 2800 /* Use kernel's size + a small margin to avoid loops */ 2801 lifs.lifs_maxlen = lifs.lifs_len + 2802 5 * sizeof (struct lifreq); 2803 /* For the first pass, realloc acts like malloc */ 2804 newbuf = realloc(lifs.lifs_buf, lifs.lifs_maxlen); 2805 if (newbuf == NULL) { 2806 if (lifs.lifs_buf != NULL) { 2807 free(lifs.lifs_buf); 2808 lifs.lifs_buf = NULL; 2809 } 2810 lifs.lifs_len = 0; 2811 break; 2812 } 2813 lifs.lifs_buf = newbuf; 2814 } 2815 2816 2817 numifs = lifs.lifs_len / sizeof (struct lifreq); 2818 if (numifs > 0) { 2819 lifrp = lifs.lifs_req; 2820 (void) printf("\n\tsrcof"); 2821 for (n = numifs; n > 0; n--, lifrp++) { 2822 (void) printf(" %s", lifrp->lifr_name); 2823 } 2824 } 2825 2826 if (lifs.lifs_buf != NULL) 2827 free(lifs.lifs_buf); 2828 } 2829 2830 /* Find the interface whose source address this interface uses */ 2831 if (ioctl(s, SIOCGLIFUSESRC, (caddr_t)&lifr) == 0) { 2832 if (lifr.lifr_index != 0) { 2833 if (if_indextoname(lifr.lifr_index, 2834 if_usesrc_name) == NULL) { 2835 (void) printf("\n\tusesrc ifIndex %d", 2836 lifr.lifr_index); 2837 } else { 2838 (void) printf("\n\tusesrc %s", if_usesrc_name); 2839 } 2840 } 2841 } 2842 2843 (void) putchar('\n'); 2844 } 2845 2846 2847 /* 2848 * Print the status of the interface. If an address family was 2849 * specified, show it and it only; otherwise, show them all. 2850 */ 2851 static void 2852 status(void) 2853 { 2854 struct afswtch *p = afp; 2855 uint64_t flags; 2856 2857 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2858 if (ioctl(s, SIOCGLIFFLAGS, (caddr_t)&lifr) < 0) { 2859 Perror0_exit("status: SIOCGLIFFLAGS"); 2860 } 2861 2862 flags = lifr.lifr_flags; 2863 2864 /* 2865 * Only print the interface status if the address family matches 2866 * the interface family flag. 2867 */ 2868 if (p != NULL) { 2869 if (((p->af_af == AF_INET6) && (flags & IFF_IPV4)) || 2870 ((p->af_af == AF_INET) && (flags & IFF_IPV6))) 2871 return; 2872 } 2873 2874 /* 2875 * In V4 compatibility mode, don't print IFF_IPV6 interfaces. 2876 */ 2877 if (v4compat && (flags & IFF_IPV6)) 2878 return; 2879 2880 ifstatus(name); 2881 2882 if (p != NULL) { 2883 (*p->af_status)(1, flags); 2884 } else { 2885 for (p = afs; p->af_name; p++) { 2886 (void) close(s); 2887 s = socket(SOCKET_AF(p->af_af), SOCK_DGRAM, 0); 2888 /* set global af for use in p->af_status */ 2889 af = p->af_af; 2890 if (s == -1) { 2891 Perror0_exit("socket"); 2892 } 2893 (*p->af_status)(0, flags); 2894 } 2895 2896 /* 2897 * Historically, 'ether' has been an address family, 2898 * so print it here. 2899 */ 2900 print_ifether(name); 2901 } 2902 } 2903 2904 /* 2905 * Print the status of the interface in a format that can be used to 2906 * reconfigure the interface later. Code stolen from status() above. 2907 */ 2908 /* ARGSUSED */ 2909 static int 2910 configinfo(char *null, int64_t param) 2911 { 2912 struct afswtch *p = afp; 2913 uint64_t flags; 2914 char phydevname[LIFNAMSIZ]; 2915 char if_usesrc_name[LIFNAMSIZ]; 2916 char *cp; 2917 2918 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2919 if (ioctl(s, SIOCGLIFFLAGS, (caddr_t)&lifr) < 0) { 2920 Perror0_exit("status: SIOCGLIFFLAGS"); 2921 } 2922 flags = lifr.lifr_flags; 2923 2924 if (debug) { 2925 (void) printf("configinfo: name %s flags 0x%llx af_af %d\n", 2926 name, flags, p != NULL ? p->af_af : -1); 2927 } 2928 2929 /* remove LIF component */ 2930 (void) strncpy(phydevname, name, sizeof (phydevname)); 2931 cp = strchr(phydevname, ':'); 2932 if (cp) { 2933 *cp = 0; 2934 } 2935 phydevname[sizeof (phydevname) - 1] = '\0'; 2936 2937 /* 2938 * if the interface is IPv4 2939 * if we have a IPv6 address family restriction return 2940 * so it won't print 2941 * if we are in IPv4 compatibility mode, clear out IFF_IPV4 2942 * so we don't print it. 2943 */ 2944 if (flags & IFF_IPV4) { 2945 if (p && p->af_af == AF_INET6) 2946 return (-1); 2947 if (v4compat) 2948 flags &= ~IFF_IPV4; 2949 2950 (void) printf("%s inet plumb", phydevname); 2951 } else if (flags & IFF_IPV6) { 2952 /* 2953 * else if the interface is IPv6 2954 * if we have a IPv4 address family restriction return 2955 * or we are in IPv4 compatibiltiy mode, return. 2956 */ 2957 if (p && p->af_af == AF_INET) 2958 return (-1); 2959 if (v4compat) 2960 return (-1); 2961 2962 (void) printf("%s inet6 plumb", phydevname); 2963 } 2964 2965 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 2966 if (ioctl(s, SIOCGLIFMETRIC, (caddr_t)&lifr) < 0) { 2967 Perror0_exit("configinfo: SIOCGLIFMETRIC"); 2968 } else { 2969 if (lifr.lifr_metric) 2970 (void) printf(" metric %d ", lifr.lifr_metric); 2971 } 2972 if (((flags & (IFF_VIRTUAL|IFF_LOOPBACK)) != IFF_VIRTUAL) && 2973 ioctl(s, SIOCGLIFMTU, (caddr_t)&lifr) >= 0) 2974 (void) printf(" mtu %d", lifr.lifr_metric); 2975 2976 /* don't print index when in compatibility mode */ 2977 if (!v4compat) { 2978 if (ioctl(s, SIOCGLIFINDEX, (caddr_t)&lifr) >= 0) 2979 (void) printf(" index %d", lifr.lifr_index); 2980 } 2981 2982 if (ioctl(s, SIOCGLIFUSESRC, (caddr_t)&lifr) == 0) { 2983 if (lifr.lifr_index != 0) { 2984 if (if_indextoname(lifr.lifr_index, 2985 if_usesrc_name) != NULL) { 2986 (void) printf(" usesrc %s", if_usesrc_name); 2987 } 2988 } 2989 } 2990 2991 if (p != NULL) { 2992 (*p->af_configinfo)(1, flags); 2993 } else { 2994 for (p = afs; p->af_name; p++) { 2995 (void) close(s); 2996 s = socket(SOCKET_AF(p->af_af), SOCK_DGRAM, 0); 2997 /* set global af for use in p->af_configinfo */ 2998 af = p->af_af; 2999 if (s == -1) { 3000 Perror0_exit("socket"); 3001 } 3002 (*p->af_configinfo)(0, flags); 3003 } 3004 } 3005 3006 (void) printf("\n"); 3007 3008 return (0); 3009 } 3010 3011 static void 3012 print_tsec(struct iftun_req *tparams) 3013 { 3014 ipsec_req_t *ipsr; 3015 3016 (void) printf("\ttunnel security settings "); 3017 /* 3018 * Deal with versioning, for now just point 3019 * an ipsec_req_t at ifta_secinfo. If versions 3020 * change, something else will overlay ifta_secinfo. 3021 */ 3022 assert(tparams->ifta_vers == IFTUN_VERSION); 3023 3024 if (tparams->ifta_flags & IFTUN_COMPLEX_SECURITY) { 3025 (void) printf("--> use 'ipsecconf -ln -i %s'", 3026 tparams->ifta_lifr_name); 3027 } else { 3028 ipsr = (ipsec_req_t *)(&tparams->ifta_secinfo); 3029 if (ipsr->ipsr_ah_req & IPSEC_PREF_REQUIRED) { 3030 (void) printf("ah (%s) ", 3031 rparsealg(ipsr->ipsr_auth_alg, IPSEC_PROTO_AH)); 3032 } 3033 if (ipsr->ipsr_esp_req & IPSEC_PREF_REQUIRED) { 3034 (void) printf("esp (%s", 3035 rparsealg(ipsr->ipsr_esp_alg, IPSEC_PROTO_ESP)); 3036 (void) printf("/%s)", 3037 rparsealg(ipsr->ipsr_esp_auth_alg, IPSEC_PROTO_AH)); 3038 } 3039 } 3040 (void) printf("\n"); 3041 } 3042 3043 static void 3044 tun_status(void) 3045 { 3046 icfg_if_t interface; 3047 int rc; 3048 icfg_handle_t handle; 3049 int protocol; 3050 char srcbuf[INET6_ADDRSTRLEN]; 3051 char dstbuf[INET6_ADDRSTRLEN]; 3052 boolean_t tabbed; 3053 uint8_t hoplimit; 3054 int16_t encaplimit; 3055 struct sockaddr_storage taddr; 3056 socklen_t socklen = sizeof (taddr); 3057 3058 (void) strncpy(interface.if_name, name, sizeof (interface.if_name)); 3059 interface.if_protocol = SOCKET_AF(af); 3060 if ((rc = icfg_open(&handle, &interface)) != ICFG_SUCCESS) 3061 Perror0_exit((char *)icfg_errmsg(rc)); 3062 3063 /* 3064 * only print tunnel info for lun 0. If ioctl fails, assume 3065 * we are not a tunnel 3066 */ 3067 if (strchr(name, ':') != NULL || 3068 icfg_get_tunnel_lower(handle, &protocol) != ICFG_SUCCESS) { 3069 icfg_close(handle); 3070 return; 3071 } 3072 3073 switch (protocol) { 3074 case AF_INET: 3075 (void) printf("\tinet"); 3076 break; 3077 case AF_INET6: 3078 (void) printf("\tinet6"); 3079 break; 3080 default: 3081 Perror0_exit("\ttunnel: Illegal lower stream\n\t"); 3082 break; 3083 } 3084 3085 rc = icfg_get_tunnel_src(handle, (struct sockaddr *)&taddr, &socklen); 3086 if (rc == ICFG_NOT_SET) { 3087 (void) strlcpy(srcbuf, (protocol == AF_INET) ? "0.0.0.0" : 3088 "::", sizeof (srcbuf)); 3089 } else if (rc != ICFG_SUCCESS) { 3090 Perror0_exit((char *)icfg_errmsg(rc)); 3091 } else { 3092 rc = icfg_sockaddr_to_str(protocol, (struct sockaddr *)&taddr, 3093 srcbuf, sizeof (srcbuf)); 3094 if (rc != ICFG_SUCCESS) { 3095 Perror0_exit((char *)icfg_errmsg(rc)); 3096 } 3097 } 3098 3099 (void) printf(" tunnel src %s ", srcbuf); 3100 3101 rc = icfg_get_tunnel_dest(handle, (struct sockaddr *)&taddr, &socklen); 3102 if (rc == ICFG_NOT_SET) { 3103 (void) printf("\n"); 3104 } else { 3105 rc = icfg_sockaddr_to_str(protocol, (struct sockaddr *)&taddr, 3106 dstbuf, sizeof (dstbuf)); 3107 if (rc != ICFG_SUCCESS) { 3108 Perror0_exit((char *)icfg_errmsg(rc)); 3109 } 3110 (void) printf("tunnel dst %s\n", dstbuf); 3111 } 3112 3113 if (handle->ifh_tunnel_params != NULL && 3114 (handle->ifh_tunnel_params->ifta_flags & IFTUN_SECURITY)) 3115 print_tsec(handle->ifh_tunnel_params); 3116 3117 /* 3118 * tabbed indicates tabbed and printed. Use it tell us whether 3119 * to tab and that we've printed something here, so we need a 3120 * newline 3121 */ 3122 tabbed = _B_FALSE; 3123 3124 if (icfg_get_tunnel_hoplimit(handle, &hoplimit) == ICFG_SUCCESS) { 3125 (void) printf("\ttunnel hop limit %d ", hoplimit); 3126 tabbed = _B_TRUE; 3127 } 3128 3129 if ((protocol == AF_INET6) && 3130 (icfg_get_tunnel_encaplimit(handle, &encaplimit) == 3131 ICFG_SUCCESS)) { 3132 if (!tabbed) { 3133 (void) printf("\t"); 3134 tabbed = _B_TRUE; 3135 } 3136 if (encaplimit >= 0) { 3137 (void) printf("tunnel encapsulation limit %d", 3138 encaplimit); 3139 } else { 3140 (void) printf("tunnel encapsulation limit disabled"); 3141 } 3142 } 3143 3144 if (tabbed) 3145 (void) printf("\n"); 3146 3147 icfg_close(handle); 3148 } 3149 3150 static void 3151 in_status(int force, uint64_t flags) 3152 { 3153 struct sockaddr_in *sin, *laddr; 3154 struct sockaddr_in netmask = { AF_INET }; 3155 3156 if (debug) 3157 (void) printf("in_status(%s) flags 0x%llx\n", name, flags); 3158 3159 /* only print status for IPv4 interfaces */ 3160 if (!(flags & IFF_IPV4)) 3161 return; 3162 3163 /* if the interface is a tunnel, print the tunnel status */ 3164 tun_status(); 3165 3166 if (!(flags & IFF_NOLOCAL)) { 3167 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3168 if (ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr) < 0) { 3169 if (errno == EADDRNOTAVAIL || errno == EAFNOSUPPORT || 3170 errno == ENXIO) { 3171 if (!force) 3172 return; 3173 (void) memset(&lifr.lifr_addr, 0, 3174 sizeof (lifr.lifr_addr)); 3175 } else 3176 Perror0_exit("in_status: SIOCGLIFADDR"); 3177 } 3178 sin = (struct sockaddr_in *)&lifr.lifr_addr; 3179 (void) printf("\tinet %s ", inet_ntoa(sin->sin_addr)); 3180 laddr = sin; 3181 } else { 3182 (void) printf("\tinet "); 3183 } 3184 3185 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3186 if (ioctl(s, SIOCGLIFSUBNET, (caddr_t)&lifr) < 0) { 3187 if (errno == EADDRNOTAVAIL || errno == EAFNOSUPPORT || 3188 errno == ENXIO) { 3189 if (!force) 3190 return; 3191 (void) memset(&lifr.lifr_addr, 0, 3192 sizeof (lifr.lifr_addr)); 3193 } else { 3194 Perror0_exit("in_status: SIOCGLIFSUBNET"); 3195 } 3196 } 3197 sin = (struct sockaddr_in *)&lifr.lifr_addr; 3198 if ((flags & IFF_NOLOCAL) || 3199 sin->sin_addr.s_addr != laddr->sin_addr.s_addr) { 3200 (void) printf("subnet %s/%d ", inet_ntoa(sin->sin_addr), 3201 lifr.lifr_addrlen); 3202 } 3203 if (sin->sin_family != AF_INET) { 3204 (void) printf("Wrong family: %d\n", sin->sin_family); 3205 } 3206 3207 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3208 if (ioctl(s, SIOCGLIFNETMASK, (caddr_t)&lifr) < 0) { 3209 if (errno != EADDRNOTAVAIL) 3210 Perror0_exit("in_status: SIOCGLIFNETMASK"); 3211 (void) memset(&lifr.lifr_addr, 0, sizeof (lifr.lifr_addr)); 3212 } else 3213 netmask.sin_addr = 3214 ((struct sockaddr_in *)&lifr.lifr_addr)->sin_addr; 3215 if (flags & IFF_POINTOPOINT) { 3216 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3217 if (ioctl(s, SIOCGLIFDSTADDR, (caddr_t)&lifr) < 0) { 3218 if (errno == EADDRNOTAVAIL) 3219 (void) memset(&lifr.lifr_addr, 0, 3220 sizeof (lifr.lifr_addr)); 3221 else 3222 Perror0_exit("in_status: SIOCGLIFDSTADDR"); 3223 } 3224 sin = (struct sockaddr_in *)&lifr.lifr_dstaddr; 3225 (void) printf("--> %s ", inet_ntoa(sin->sin_addr)); 3226 } 3227 (void) printf("netmask %x ", ntohl(netmask.sin_addr.s_addr)); 3228 if (flags & IFF_BROADCAST) { 3229 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3230 if (ioctl(s, SIOCGLIFBRDADDR, (caddr_t)&lifr) < 0) { 3231 if (errno == EADDRNOTAVAIL) 3232 (void) memset(&lifr.lifr_addr, 0, 3233 sizeof (lifr.lifr_addr)); 3234 else 3235 Perror0_exit("in_status: SIOCGLIFBRDADDR"); 3236 } 3237 sin = (struct sockaddr_in *)&lifr.lifr_addr; 3238 if (sin->sin_addr.s_addr != 0) { 3239 (void) printf("broadcast %s", 3240 inet_ntoa(sin->sin_addr)); 3241 } 3242 } 3243 /* If there is a groupname, print it for lun 0 alone */ 3244 if (strchr(name, ':') == NULL) { 3245 (void) memset(lifr.lifr_groupname, 0, 3246 sizeof (lifr.lifr_groupname)); 3247 if (ioctl(s, SIOCGLIFGROUPNAME, (caddr_t)&lifr) >= 0) { 3248 if (strlen(lifr.lifr_groupname) > 0) { 3249 (void) printf("\n\tgroupname %s", 3250 lifr.lifr_groupname); 3251 } 3252 } 3253 } 3254 (void) putchar('\n'); 3255 } 3256 3257 static void 3258 in6_status(int force, uint64_t flags) 3259 { 3260 char abuf[INET6_ADDRSTRLEN]; 3261 struct sockaddr_in6 *sin6, *laddr6; 3262 3263 if (debug) 3264 (void) printf("in6_status(%s) flags 0x%llx\n", name, flags); 3265 3266 if (!(flags & IFF_IPV6)) 3267 return; 3268 3269 /* if the interface is a tunnel, print the tunnel status */ 3270 tun_status(); 3271 3272 if (!(flags & IFF_NOLOCAL)) { 3273 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3274 if (ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr) < 0) { 3275 if (errno == EADDRNOTAVAIL || errno == EAFNOSUPPORT || 3276 errno == ENXIO) { 3277 if (!force) 3278 return; 3279 (void) memset(&lifr.lifr_addr, 0, 3280 sizeof (lifr.lifr_addr)); 3281 } else 3282 Perror0_exit("in_status6: SIOCGLIFADDR"); 3283 } 3284 sin6 = (struct sockaddr_in6 *)&lifr.lifr_addr; 3285 (void) printf("\tinet6 %s/%d ", 3286 inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, 3287 abuf, sizeof (abuf)), 3288 lifr.lifr_addrlen); 3289 laddr6 = sin6; 3290 } else { 3291 (void) printf("\tinet6 "); 3292 } 3293 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3294 if (ioctl(s, SIOCGLIFSUBNET, (caddr_t)&lifr) < 0) { 3295 if (errno == EADDRNOTAVAIL || errno == EAFNOSUPPORT || 3296 errno == ENXIO) { 3297 if (!force) 3298 return; 3299 (void) memset(&lifr.lifr_addr, 0, 3300 sizeof (lifr.lifr_addr)); 3301 } else 3302 Perror0_exit("in_status6: SIOCGLIFSUBNET"); 3303 } 3304 sin6 = (struct sockaddr_in6 *)&lifr.lifr_addr; 3305 if ((flags & IFF_NOLOCAL) || 3306 !IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &laddr6->sin6_addr)) { 3307 (void) printf("subnet %s/%d ", 3308 inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, 3309 abuf, sizeof (abuf)), 3310 lifr.lifr_addrlen); 3311 } 3312 if (sin6->sin6_family != AF_INET6) { 3313 (void) printf("Wrong family: %d\n", sin6->sin6_family); 3314 } 3315 if (flags & IFF_POINTOPOINT) { 3316 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3317 if (ioctl(s, SIOCGLIFDSTADDR, (caddr_t)&lifr) < 0) { 3318 if (errno == EADDRNOTAVAIL) 3319 (void) memset(&lifr.lifr_addr, 0, 3320 sizeof (lifr.lifr_addr)); 3321 else 3322 Perror0_exit("in_status6: SIOCGLIFDSTADDR"); 3323 } 3324 sin6 = (struct sockaddr_in6 *)&lifr.lifr_dstaddr; 3325 (void) printf("--> %s ", 3326 inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, 3327 abuf, sizeof (abuf))); 3328 } 3329 if (verbose) { 3330 (void) putchar('\n'); 3331 (void) putchar('\t'); 3332 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3333 if (ioctl(s, SIOCGLIFTOKEN, (caddr_t)&lifr) < 0) { 3334 if (errno == EADDRNOTAVAIL || errno == EINVAL) 3335 (void) memset(&lifr.lifr_addr, 0, 3336 sizeof (lifr.lifr_addr)); 3337 else 3338 Perror0_exit("in_status6: SIOCGLIFTOKEN"); 3339 } else { 3340 sin6 = (struct sockaddr_in6 *)&lifr.lifr_addr; 3341 (void) printf("token %s/%d ", 3342 inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, 3343 abuf, sizeof (abuf)), 3344 lifr.lifr_addrlen); 3345 } 3346 if (ioctl(s, SIOCGLIFLNKINFO, (caddr_t)&lifr) < 0) { 3347 if (errno != EINVAL) { 3348 Perror0_exit("in_status6: SIOCGLIFLNKINFO"); 3349 } 3350 } else { 3351 (void) printf("maxhops %u, reachtime %u ms, " 3352 "reachretrans %u ms, maxmtu %u ", 3353 lifr.lifr_ifinfo.lir_maxhops, 3354 lifr.lifr_ifinfo.lir_reachtime, 3355 lifr.lifr_ifinfo.lir_reachretrans, 3356 lifr.lifr_ifinfo.lir_maxmtu); 3357 } 3358 } 3359 /* If there is a groupname, print it for lun 0 alone */ 3360 if (strchr(name, ':') == NULL) { 3361 (void) memset(lifr.lifr_groupname, 0, 3362 sizeof (lifr.lifr_groupname)); 3363 if (ioctl(s, SIOCGLIFGROUPNAME, (caddr_t)&lifr) >= 0) { 3364 if (strlen(lifr.lifr_groupname) > 0) { 3365 (void) printf("\n\tgroupname %s", 3366 lifr.lifr_groupname); 3367 } 3368 } 3369 } 3370 (void) putchar('\n'); 3371 } 3372 3373 static void 3374 in_configinfo(int force, uint64_t flags) 3375 { 3376 struct sockaddr_in *sin, *laddr; 3377 struct sockaddr_in netmask = { AF_INET }; 3378 3379 if (debug) 3380 (void) printf("in_configinfo(%s) flags 0x%llx\n", name, flags); 3381 3382 /* only configinfo info for IPv4 interfaces */ 3383 if (!(flags & IFF_IPV4)) 3384 return; 3385 3386 if (!(flags & IFF_NOLOCAL)) { 3387 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3388 if (ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr) < 0) { 3389 if (errno == EADDRNOTAVAIL || errno == EAFNOSUPPORT || 3390 errno == ENXIO) { 3391 if (!force) 3392 return; 3393 (void) memset(&lifr.lifr_addr, 0, 3394 sizeof (lifr.lifr_addr)); 3395 } else 3396 Perror0_exit("in_configinfo: SIOCGLIFADDR"); 3397 } 3398 sin = (struct sockaddr_in *)&lifr.lifr_addr; 3399 if (get_lun(name) != 0) { 3400 (void) printf(" addif %s ", inet_ntoa(sin->sin_addr)); 3401 } else { 3402 (void) printf(" set %s ", inet_ntoa(sin->sin_addr)); 3403 } 3404 laddr = sin; 3405 } 3406 3407 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3408 if (ioctl(s, SIOCGLIFSUBNET, (caddr_t)&lifr) < 0) { 3409 if (errno == EADDRNOTAVAIL || errno == EAFNOSUPPORT || 3410 errno == ENXIO) { 3411 if (!force) 3412 return; 3413 (void) memset(&lifr.lifr_addr, 0, 3414 sizeof (lifr.lifr_addr)); 3415 } else { 3416 Perror0_exit("in_configinfo: SIOCGLIFSUBNET"); 3417 } 3418 } 3419 sin = (struct sockaddr_in *)&lifr.lifr_addr; 3420 3421 if ((flags & IFF_NOLOCAL) || 3422 sin->sin_addr.s_addr != laddr->sin_addr.s_addr) { 3423 (void) printf(" subnet %s/%d ", inet_ntoa(sin->sin_addr), 3424 lifr.lifr_addrlen); 3425 } 3426 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3427 if (ioctl(s, SIOCGLIFNETMASK, (caddr_t)&lifr) < 0) { 3428 if (errno != EADDRNOTAVAIL) 3429 Perror0_exit("in_configinfo: SIOCGLIFNETMASK"); 3430 (void) memset(&lifr.lifr_addr, 0, sizeof (lifr.lifr_addr)); 3431 } else 3432 netmask.sin_addr = 3433 ((struct sockaddr_in *)&lifr.lifr_addr)->sin_addr; 3434 if (flags & IFF_POINTOPOINT) { 3435 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3436 if (ioctl(s, SIOCGLIFDSTADDR, (caddr_t)&lifr) < 0) { 3437 if (errno == EADDRNOTAVAIL) 3438 (void) memset(&lifr.lifr_addr, 0, 3439 sizeof (lifr.lifr_addr)); 3440 else 3441 Perror0_exit("in_configinfo: SIOCGLIFDSTADDR"); 3442 } 3443 sin = (struct sockaddr_in *)&lifr.lifr_dstaddr; 3444 (void) printf(" destination %s ", inet_ntoa(sin->sin_addr)); 3445 } 3446 (void) printf(" netmask 0x%x ", ntohl(netmask.sin_addr.s_addr)); 3447 if (flags & IFF_BROADCAST) { 3448 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3449 if (ioctl(s, SIOCGLIFBRDADDR, (caddr_t)&lifr) < 0) { 3450 if (errno == EADDRNOTAVAIL) 3451 (void) memset(&lifr.lifr_addr, 0, 3452 sizeof (lifr.lifr_addr)); 3453 else 3454 Perror0_exit("in_configinfo: SIOCGLIFBRDADDR"); 3455 } 3456 sin = (struct sockaddr_in *)&lifr.lifr_addr; 3457 if (sin->sin_addr.s_addr != 0) { 3458 (void) printf(" broadcast %s ", 3459 inet_ntoa(sin->sin_addr)); 3460 } 3461 } 3462 3463 /* If there is a groupname, print it for lun 0 alone */ 3464 if (get_lun(name) == 0) { 3465 (void) memset(lifr.lifr_groupname, 0, 3466 sizeof (lifr.lifr_groupname)); 3467 if (ioctl(s, SIOCGLIFGROUPNAME, (caddr_t)&lifr) >= 0) { 3468 if (strlen(lifr.lifr_groupname) > 0) { 3469 (void) printf(" group %s ", 3470 lifr.lifr_groupname); 3471 } 3472 } 3473 } 3474 3475 /* Print flags to configure */ 3476 print_config_flags(flags); 3477 3478 /* IFF_NOARP applies to AF_INET only */ 3479 if (flags & IFF_NOARP) { 3480 (void) printf("-arp "); 3481 } 3482 } 3483 3484 static void 3485 in6_configinfo(int force, uint64_t flags) 3486 { 3487 char abuf[INET6_ADDRSTRLEN]; 3488 struct sockaddr_in6 *sin6, *laddr6; 3489 3490 if (debug) 3491 (void) printf("in6_configinfo(%s) flags 0x%llx\n", name, 3492 flags); 3493 3494 if (!(flags & IFF_IPV6)) 3495 return; 3496 3497 if (!(flags & IFF_NOLOCAL)) { 3498 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3499 if (ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr) < 0) { 3500 if (errno == EADDRNOTAVAIL || errno == EAFNOSUPPORT || 3501 errno == ENXIO) { 3502 if (!force) 3503 return; 3504 (void) memset(&lifr.lifr_addr, 0, 3505 sizeof (lifr.lifr_addr)); 3506 } else 3507 Perror0_exit("in6_configinfo: SIOCGLIFADDR"); 3508 } 3509 sin6 = (struct sockaddr_in6 *)&lifr.lifr_addr; 3510 if (get_lun(name) != 0) { 3511 (void) printf(" addif %s/%d ", 3512 inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, 3513 abuf, sizeof (abuf)), 3514 lifr.lifr_addrlen); 3515 } else { 3516 (void) printf(" set %s/%d ", 3517 inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, 3518 abuf, sizeof (abuf)), 3519 lifr.lifr_addrlen); 3520 } 3521 laddr6 = sin6; 3522 } 3523 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3524 if (ioctl(s, SIOCGLIFSUBNET, (caddr_t)&lifr) < 0) { 3525 if (errno == EADDRNOTAVAIL || errno == EAFNOSUPPORT || 3526 errno == ENXIO) { 3527 if (!force) 3528 return; 3529 (void) memset(&lifr.lifr_addr, 0, 3530 sizeof (lifr.lifr_addr)); 3531 } else 3532 Perror0_exit("in6_configinfo: SIOCGLIFSUBNET"); 3533 } 3534 sin6 = (struct sockaddr_in6 *)&lifr.lifr_addr; 3535 if ((flags & IFF_NOLOCAL) || 3536 !IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &laddr6->sin6_addr)) { 3537 (void) printf(" subnet %s/%d ", 3538 inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, 3539 abuf, sizeof (abuf)), 3540 lifr.lifr_addrlen); 3541 } 3542 3543 if (flags & IFF_POINTOPOINT) { 3544 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3545 if (ioctl(s, SIOCGLIFDSTADDR, (caddr_t)&lifr) < 0) { 3546 if (errno == EADDRNOTAVAIL) 3547 (void) memset(&lifr.lifr_addr, 0, 3548 sizeof (lifr.lifr_addr)); 3549 else 3550 Perror0_exit("in6_configinfo: SIOCGLIFDSTADDR"); 3551 } 3552 sin6 = (struct sockaddr_in6 *)&lifr.lifr_dstaddr; 3553 (void) printf(" destination %s ", 3554 inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, 3555 abuf, sizeof (abuf))); 3556 } 3557 3558 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3559 if (ioctl(s, SIOCGLIFTOKEN, (caddr_t)&lifr) < 0) { 3560 if (errno == EADDRNOTAVAIL || errno == EINVAL) 3561 (void) memset(&lifr.lifr_addr, 0, 3562 sizeof (lifr.lifr_addr)); 3563 else 3564 Perror0_exit("in6_configinfo: SIOCGLIFTOKEN"); 3565 } else { 3566 sin6 = (struct sockaddr_in6 *)&lifr.lifr_addr; 3567 (void) printf(" token %s/%d ", 3568 inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, 3569 abuf, sizeof (abuf)), 3570 lifr.lifr_addrlen); 3571 } 3572 3573 /* If there is a groupname, print it for lun 0 alone */ 3574 if (get_lun(name) == 0) { 3575 (void) memset(lifr.lifr_groupname, 0, 3576 sizeof (lifr.lifr_groupname)); 3577 if (ioctl(s, SIOCGLIFGROUPNAME, (caddr_t)&lifr) >= 0) { 3578 if (strlen(lifr.lifr_groupname) > 0) { 3579 (void) printf(" group %s ", 3580 lifr.lifr_groupname); 3581 } 3582 } 3583 } 3584 3585 /* Print flags to configure */ 3586 print_config_flags(flags); 3587 3588 /* IFF_NONUD applies to AF_INET6 only */ 3589 if (flags & IFF_NONUD) { 3590 (void) printf("-nud "); 3591 } 3592 } 3593 3594 /* ARGSUSED */ 3595 static int 3596 get_lun(char *rsrc) 3597 { 3598 char resource[LIFNAMSIZ]; 3599 char *cp; 3600 3601 (void) strcpy(resource, rsrc); 3602 3603 /* remove LIF component */ 3604 cp = strchr(resource, ':'); 3605 if (cp) { 3606 cp++; 3607 return (atoi(cp)); 3608 } 3609 3610 return (0); 3611 } 3612 3613 /* 3614 * We need to plink both the arp-device stream and the arp-ip-device stream. 3615 * However the muxid is stored only in IP. Plumbing 2 streams individually 3616 * is not atomic, and if ifconfig is killed, the resulting plumbing can 3617 * be inconsistent. For eg. if only the arp stream is plumbed, we have lost 3618 * the muxid, and the half-baked plumbing can neither be unplumbed nor 3619 * replumbed, thus requiring a reboot. To avoid the above the following 3620 * scheme is used. 3621 * 3622 * Ifconfig asks IP to enforce atomicity of plumbing the arp and IP streams. 3623 * This is done by pushing arp on to the mux (/dev/udp). ARP adds some 3624 * extra information in the I_PLINK and I_PUNLINK ioctls to let IP know 3625 * that the plumbing/unplumbing has to be done atomically. Ifconfig plumbs 3626 * the IP stream first, and unplumbs it last. The kernel (IP) does not 3627 * allow IP stream to be unplumbed without unplumbing arp stream. Similarly 3628 * it does not allow arp stream to be plumbed before IP stream is plumbed. 3629 * There is no need to use SIOCSLIFMUXID, since the whole operation is atomic, 3630 * and IP uses the info in the I_PLINK message to get the muxid. 3631 * 3632 * a. STREAMS does not allow us to use /dev/ip itself as the mux. So we use 3633 * /dev/udp[6]. 3634 * b. SIOCGLIFMUXID returns the muxid corresponding to the V4 or V6 stream 3635 * depending on the open i.e. V4 vs V6 open. So we need to use /dev/udp 3636 * or /dev/udp6. 3637 * c. We need to push ARP in order to get the required kernel support for 3638 * atomic plumbings. The actual work done by ARP is explained in arp.c 3639 * Without pushing ARP, we will still be able to plumb/unplumb. But 3640 * it is not atomic, and is supported by the kernel for backward 3641 * compatibility for other utilities like atmifconfig etc. In this case 3642 * the utility must use SIOCSLIFMUXID. 3643 */ 3644 static void 3645 plumb_one_device(dlpi_if_attr_t *diap, int ip_fd, int af) 3646 { 3647 int arp_fd = -1; 3648 int arp_muxid = -1, ip_muxid; 3649 int mux_fd; 3650 char *udp_dev_name; 3651 dlpi_if_attr_t dia; 3652 3653 if (debug) 3654 (void) printf("plumb_one_device: ifname %s, ppa %d\n", 3655 diap->ifname, diap->ppa); 3656 3657 if (diap->style == DL_STYLE2 && dlpi_detach(ip_fd, -1) < 0) 3658 Perror0_exit("dlpi_detach"); 3659 3660 if (ioctl(ip_fd, I_PUSH, IP_MOD_NAME) == -1) 3661 Perror2_exit("I_PUSH", IP_MOD_NAME); 3662 3663 /* 3664 * Push the ARP module onto the interface stream. IP uses 3665 * this to send resolution requests up to ARP. We need to 3666 * do this before the SLIFNAME ioctl is sent down because 3667 * the interface becomes publicly known as soon as the SLIFNAME 3668 * ioctl completes. Thus some other process trying to bring up 3669 * the interface after SLIFNAME but before we have pushed ARP 3670 * could hang. We pop the module again later if it is not needed. 3671 */ 3672 if (ioctl(ip_fd, I_PUSH, ARP_MOD_NAME) == -1) 3673 Perror2_exit("I_PUSH", ARP_MOD_NAME); 3674 3675 /* 3676 * Set IFF_IPV4/IFF_IPV6 flags. 3677 * At this point in time the kernel also allows an 3678 * override of the CANTCHANGE flags. 3679 */ 3680 3681 lifr.lifr_name[0] = '\0'; 3682 if (ioctl(ip_fd, SIOCGLIFFLAGS, (char *)&lifr) == -1) 3683 Perror0_exit("plumb_one_device: SIOCGLIFFLAGS"); 3684 3685 /* Set the name string and the IFF_IPV* flag */ 3686 if (af == AF_INET6) { 3687 lifr.lifr_flags |= IFF_IPV6; 3688 lifr.lifr_flags &= ~(IFF_BROADCAST | IFF_IPV4); 3689 } else { 3690 lifr.lifr_flags |= IFF_IPV4; 3691 lifr.lifr_flags &= ~IFF_IPV6; 3692 } 3693 3694 /* record the device and module names as interface name */ 3695 lifr.lifr_ppa = diap->ppa; 3696 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3697 3698 /* set the interface name */ 3699 if (ioctl(ip_fd, SIOCSLIFNAME, (char *)&lifr) == -1) { 3700 if (errno != EEXIST) 3701 Perror0_exit("SIOCSLIFNAME for ip"); 3702 /* 3703 * This difference between the way we behave for EEXIST 3704 * and that with other errors exists to preserve legacy 3705 * behaviour. Earlier when foreachinterface() and matcif() 3706 * were doing the duplicate interface name checks, for 3707 * already existing interfaces, inetplumb() returned "0". 3708 * To preserve this behaviour, Perror0() and return are 3709 * called for EEXIST. 3710 */ 3711 Perror0("SIOCSLIFNAME for ip"); 3712 return; 3713 } 3714 3715 /* Get the full set of existing flags for this stream */ 3716 if (ioctl(ip_fd, SIOCGLIFFLAGS, (char *)&lifr) == -1) 3717 Perror0_exit("plumb_one_device: SIOCFLIFFLAGS"); 3718 3719 if (debug) { 3720 (void) printf("plumb_one_device: %s got flags: \n", 3721 lifr.lifr_name); 3722 print_flags(lifr.lifr_flags); 3723 (void) putchar('\n'); 3724 } 3725 3726 /* Check if arp is not actually needed */ 3727 if (lifr.lifr_flags & (IFF_NOARP|IFF_IPV6)) { 3728 if (ioctl(ip_fd, I_POP, 0) == -1) 3729 Perror2_exit("I_POP", ARP_MOD_NAME); 3730 } 3731 3732 /* 3733 * Open "/dev/udp" for use as a multiplexor to PLINK the 3734 * interface stream under. We use "/dev/udp" instead of "/dev/ip" 3735 * since STREAMS will not let you PLINK a driver under itself, 3736 * and "/dev/ip" is typically the driver at the bottom of 3737 * the stream for tunneling interfaces. 3738 */ 3739 if (af == AF_INET6) 3740 udp_dev_name = UDP6_DEV_NAME; 3741 else 3742 udp_dev_name = UDP_DEV_NAME; 3743 if ((mux_fd = open_arp_on_udp(udp_dev_name)) == -1) 3744 exit(EXIT_FAILURE); 3745 3746 /* Check if arp is not needed */ 3747 if (lifr.lifr_flags & (IFF_NOARP|IFF_IPV6)) { 3748 /* 3749 * PLINK the interface stream so that ifconfig can exit 3750 * without tearing down the stream. 3751 */ 3752 if ((ip_muxid = ioctl(mux_fd, I_PLINK, ip_fd)) == -1) { 3753 Perror0_exit("I_PLINK for ip"); 3754 } 3755 (void) close(mux_fd); 3756 return; 3757 } 3758 3759 /* 3760 * This interface does use ARP, so set up a separate stream 3761 * from the interface to ARP. 3762 * 3763 * Note: modules specified by the user are pushed 3764 * only on the interface stream, not on the ARP stream. 3765 */ 3766 3767 if (debug) 3768 (void) printf("plumb_one_device: ifname: %s\n", 3769 diap->ifname); 3770 arp_fd = dlpi_if_open(diap->ifname, &dia, _B_FALSE); 3771 3772 if (dia.style == DL_STYLE2 && dlpi_detach(arp_fd, -1) < 0) 3773 Perror0_exit("dlpi_detach"); 3774 3775 if (ioctl(arp_fd, I_PUSH, ARP_MOD_NAME) == -1) 3776 Perror2_exit("I_PUSH", ARP_MOD_NAME); 3777 3778 /* 3779 * Tell ARP the name and unit number for this interface. 3780 * Note that arp has no support for transparent ioctls. 3781 */ 3782 if (strioctl(arp_fd, SIOCSLIFNAME, (char *)&lifr, 3783 sizeof (lifr)) == -1) { 3784 if (errno != EEXIST) 3785 Perror0_exit("SIOCSLIFNAME for arp"); 3786 Perror0("SIOCSLIFNAME for arp"); 3787 (void) close(arp_fd); 3788 (void) close(mux_fd); 3789 return; 3790 } 3791 /* 3792 * PLINK the IP and ARP streams so that ifconfig can exit 3793 * without tearing down the stream. 3794 */ 3795 if ((ip_muxid = ioctl(mux_fd, I_PLINK, ip_fd)) == -1) { 3796 Perror0_exit("I_PLINK for ip"); 3797 } 3798 if ((arp_muxid = ioctl(mux_fd, I_PLINK, arp_fd)) == -1) { 3799 (void) ioctl(mux_fd, I_PUNLINK, ip_muxid); 3800 Perror0_exit("I_PLINK for arp"); 3801 } 3802 3803 if (debug) 3804 (void) printf("arp muxid = %d\n", arp_muxid); 3805 (void) close(arp_fd); 3806 (void) close(mux_fd); 3807 } 3808 3809 3810 /* 3811 * If this is a physical interface then remove it. 3812 * If it is a logical interface name use SIOCLIFREMOVEIF to 3813 * remove it. In both cases fail if it doesn't exist. 3814 */ 3815 /* ARGSUSED */ 3816 static int 3817 inetunplumb(char *arg, int64_t param) 3818 { 3819 int ip_muxid, arp_muxid; 3820 int mux_fd; 3821 char *udp_dev_name; 3822 char *strptr; 3823 uint64_t flags; 3824 boolean_t changed_arp_muxid = _B_FALSE; 3825 int save_errno; 3826 3827 strptr = strchr(name, ':'); 3828 if (strptr != NULL || strcmp(name, LOOPBACK_IF) == 0) { 3829 /* Can't unplumb logical interface zero */ 3830 if (strptr != NULL && strcmp(strptr, ":0") == 0) { 3831 (void) fprintf(stderr, "ifconfig: unplumb:" 3832 " Cannot unplumb %s: Invalid interface\n", name); 3833 exit(1); 3834 } 3835 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3836 (void) memset(&lifr.lifr_addr, 0, sizeof (lifr.lifr_addr)); 3837 3838 if (ioctl(s, SIOCLIFREMOVEIF, (caddr_t)&lifr) < 0) 3839 Perror0_exit("unplumb: SIOCLIFREMOVEIF"); 3840 return (0); 3841 } 3842 3843 /* 3844 * We used /dev/udp or udp6 to set up the mux. So we have to use 3845 * the same now for PUNLINK also. 3846 */ 3847 if (afp->af_af == AF_INET6) 3848 udp_dev_name = UDP6_DEV_NAME; 3849 else 3850 udp_dev_name = UDP_DEV_NAME; 3851 3852 if ((mux_fd = open_arp_on_udp(udp_dev_name)) == -1) 3853 exit(EXIT_FAILURE); 3854 3855 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3856 if (ioctl(mux_fd, SIOCGLIFFLAGS, (caddr_t)&lifr) < 0) { 3857 Perror0_exit("unplumb: SIOCGLIFFLAGS"); 3858 } 3859 flags = lifr.lifr_flags; 3860 if (ioctl(mux_fd, SIOCGLIFMUXID, (caddr_t)&lifr) < 0) { 3861 Perror0_exit("unplumb: SIOCGLIFMUXID"); 3862 } 3863 arp_muxid = lifr.lifr_arp_muxid; 3864 ip_muxid = lifr.lifr_ip_muxid; 3865 /* 3866 * We don't have a good way of knowing whether the arp stream is 3867 * plumbed. We can't rely on IFF_NOARP because someone could 3868 * have turned it off later using "ifconfig xxx -arp". 3869 */ 3870 if (arp_muxid != 0) { 3871 if (debug) 3872 (void) printf("arp_muxid %d\n", arp_muxid); 3873 if (ioctl(mux_fd, I_PUNLINK, arp_muxid) < 0) { 3874 if ((errno == EINVAL) && 3875 (flags & (IFF_NOARP | IFF_IPV6))) { 3876 /* 3877 * Some plumbing utilities set the muxid to 3878 * -1 or some invalid value to signify that 3879 * there is no arp stream. Set the muxid to 0 3880 * before trying to unplumb the IP stream. 3881 * IP does not allow the IP stream to be 3882 * unplumbed if it sees a non-null arp muxid, 3883 * for consistency of IP-ARP streams. 3884 */ 3885 lifr.lifr_arp_muxid = 0; 3886 (void) ioctl(mux_fd, SIOCSLIFMUXID, 3887 (caddr_t)&lifr); 3888 changed_arp_muxid = _B_TRUE; 3889 } else { 3890 Perror0("I_PUNLINK for arp"); 3891 } 3892 } 3893 } 3894 if (debug) 3895 (void) printf("ip_muxid %d\n", ip_muxid); 3896 3897 if (ioctl(mux_fd, I_PUNLINK, ip_muxid) < 0) { 3898 if (changed_arp_muxid) { 3899 /* 3900 * Some error occurred, and we need to restore 3901 * everything back to what it was. 3902 */ 3903 save_errno = errno; 3904 lifr.lifr_arp_muxid = arp_muxid; 3905 lifr.lifr_ip_muxid = ip_muxid; 3906 (void) ioctl(mux_fd, SIOCSLIFMUXID, (caddr_t)&lifr); 3907 errno = save_errno; 3908 } 3909 Perror0_exit("I_PUNLINK for ip"); 3910 } 3911 (void) close(mux_fd); 3912 return (0); 3913 } 3914 3915 /* 3916 * If this is a physical interface then create it unless it is already 3917 * present. If it is a logical interface name use SIOCLIFADDIF to 3918 * create and (and fail it if already exists.) 3919 * As a special case send SIOCLIFADDIF for the loopback interface. This 3920 * is needed since there is no other notion of plumbing the loopback 3921 * interface. 3922 */ 3923 /* ARGSUSED */ 3924 static int 3925 inetplumb(char *arg, int64_t param) 3926 { 3927 char *strptr; 3928 int dev_fd; 3929 dlpi_if_attr_t dia; 3930 boolean_t islo; 3931 3932 strptr = strchr(name, ':'); 3933 islo = (strcmp(name, LOOPBACK_IF) == 0); 3934 3935 if (strptr != NULL || islo) { 3936 (void) memset(&lifr, 0, sizeof (lifr)); 3937 (void) strlcpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 3938 if (islo && ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr) >= 0) { 3939 if (debug) { 3940 (void) fprintf(stderr, 3941 "ifconfig: %s already exists\n", name); 3942 } 3943 return (0); 3944 } 3945 if (ioctl(s, SIOCLIFADDIF, (caddr_t)&lifr) < 0) { 3946 if (errno == EEXIST) { 3947 if (debug) { 3948 (void) fprintf(stderr, 3949 "ifconfig: %s already exists\n", 3950 name); 3951 } 3952 } else { 3953 Perror2_exit("plumb: SIOCLIFADDIF", name); 3954 } 3955 } 3956 /* 3957 * IP can create the new logical interface on a different 3958 * physical interface in the same IPMP group. Take the new 3959 * interface into account for further operations. 3960 */ 3961 (void) strncpy(name, lifr.lifr_name, sizeof (name)); 3962 return (0); 3963 } 3964 3965 if (debug) 3966 (void) printf("inetplumb: %s af %d\n", name, afp->af_af); 3967 3968 if ((dev_fd = dlpi_if_open(name, &dia, _B_FALSE)) < 0) { 3969 Perror2_exit("plumb", name); 3970 /* NOTREACHED */ 3971 } 3972 3973 plumb_one_device(&dia, dev_fd, afp->af_af); 3974 (void) close(dev_fd); 3975 return (0); 3976 } 3977 3978 void 3979 Perror0(char *cmd) 3980 { 3981 int save_errno; 3982 3983 save_errno = errno; 3984 (void) fprintf(stderr, "ifconfig: "); 3985 errno = save_errno; 3986 switch (errno) { 3987 3988 case ENXIO: 3989 (void) fprintf(stderr, "%s: %s: no such interface\n", 3990 cmd, lifr.lifr_name); 3991 break; 3992 3993 case EPERM: 3994 (void) fprintf(stderr, "%s: %s: permission denied\n", 3995 cmd, lifr.lifr_name); 3996 break; 3997 3998 case EEXIST: 3999 (void) fprintf(stderr, "%s: %s: already exists\n", 4000 cmd, lifr.lifr_name); 4001 break; 4002 4003 default: { 4004 char buf[BUFSIZ]; 4005 4006 (void) snprintf(buf, sizeof (buf), "%s: %s", 4007 cmd, lifr.lifr_name); 4008 perror(buf); 4009 } 4010 } 4011 } 4012 4013 void 4014 Perror0_exit(char *cmd) 4015 { 4016 Perror0(cmd); 4017 exit(1); 4018 /* NOTREACHED */ 4019 } 4020 4021 void 4022 Perror2(char *cmd, char *str) 4023 { 4024 int save_errno; 4025 4026 save_errno = errno; 4027 (void) fprintf(stderr, "ifconfig: "); 4028 errno = save_errno; 4029 switch (errno) { 4030 4031 case ENXIO: 4032 (void) fprintf(stderr, "%s: %s: no such interface\n", 4033 cmd, str); 4034 break; 4035 4036 case EPERM: 4037 (void) fprintf(stderr, "%s: %s: permission denied\n", 4038 cmd, str); 4039 break; 4040 4041 default: { 4042 char buf[BUFSIZ]; 4043 4044 (void) snprintf(buf, sizeof (buf), "%s: %s", cmd, str); 4045 perror(buf); 4046 } 4047 } 4048 } 4049 4050 /* 4051 * Print out error message (Perror2()) and exit 4052 */ 4053 void 4054 Perror2_exit(char *cmd, char *str) 4055 { 4056 Perror2(cmd, str); 4057 exit(1); 4058 /* NOTREACHED */ 4059 } 4060 4061 /* 4062 * If the last argument is non-NULL allow a <addr>/<n> syntax and 4063 * pass out <n> in *plenp. 4064 * If <n> doesn't parse return BAD_ADDR as *plenp. 4065 * If no /<n> is present return NO_PREFIX as *plenp. 4066 */ 4067 static void 4068 in_getaddr(char *s, struct sockaddr *saddr, int *plenp) 4069 { 4070 /* LINTED: alignment */ 4071 struct sockaddr_in *sin = (struct sockaddr_in *)saddr; 4072 struct hostent *hp; 4073 struct netent *np; 4074 char str[BUFSIZ]; 4075 int error_num; 4076 4077 (void) strncpy(str, s, sizeof (str)); 4078 4079 /* 4080 * Look for '/'<n> is plenp 4081 */ 4082 if (plenp != NULL) { 4083 char *cp; 4084 4085 *plenp = in_getprefixlen(str, _B_TRUE, IP_ABITS); 4086 if (*plenp == BAD_ADDR) 4087 return; 4088 cp = strchr(str, '/'); 4089 if (cp != NULL) 4090 *cp = '\0'; 4091 } else if (strchr(str, '/') != NULL) { 4092 (void) fprintf(stderr, "ifconfig: %s: unexpected '/'\n", str); 4093 exit(1); 4094 } 4095 4096 (void) memset(sin, 0, sizeof (*sin)); 4097 4098 /* 4099 * Try to catch attempts to set the broadcast address to all 1's. 4100 */ 4101 if (strcmp(str, "255.255.255.255") == 0 || 4102 (strtoul(str, (char **)NULL, 0) == 0xffffffffUL)) { 4103 sin->sin_family = AF_INET; 4104 sin->sin_addr.s_addr = 0xffffffff; 4105 return; 4106 } 4107 4108 hp = getipnodebyname(str, AF_INET, 0, &error_num); 4109 if (hp) { 4110 sin->sin_family = hp->h_addrtype; 4111 (void) memcpy(&sin->sin_addr, hp->h_addr, hp->h_length); 4112 freehostent(hp); 4113 return; 4114 } 4115 np = getnetbyname(str); 4116 if (np) { 4117 sin->sin_family = np->n_addrtype; 4118 sin->sin_addr = inet_makeaddr(np->n_net, INADDR_ANY); 4119 return; 4120 } 4121 if (error_num == TRY_AGAIN) { 4122 (void) fprintf(stderr, "ifconfig: %s: bad address " 4123 "(try again later)\n", s); 4124 } else { 4125 (void) fprintf(stderr, "ifconfig: %s: bad address\n", s); 4126 } 4127 exit(1); 4128 } 4129 4130 /* 4131 * If the last argument is non-NULL allow a <addr>/<n> syntax and 4132 * pass out <n> in *plenp. 4133 * If <n> doesn't parse return BAD_ADDR as *plenp. 4134 * If no /<n> is present return NO_PREFIX as *plenp. 4135 */ 4136 static void 4137 in6_getaddr(char *s, struct sockaddr *saddr, int *plenp) 4138 { 4139 /* LINTED: alignment */ 4140 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)saddr; 4141 struct hostent *hp; 4142 char str[BUFSIZ]; 4143 int error_num; 4144 4145 (void) strncpy(str, s, sizeof (str)); 4146 4147 /* 4148 * Look for '/'<n> is plenp 4149 */ 4150 if (plenp != NULL) { 4151 char *cp; 4152 4153 *plenp = in_getprefixlen(str, _B_TRUE, IPV6_ABITS); 4154 if (*plenp == BAD_ADDR) 4155 return; 4156 cp = strchr(str, '/'); 4157 if (cp != NULL) 4158 *cp = '\0'; 4159 } else if (strchr(str, '/') != NULL) { 4160 (void) fprintf(stderr, "ifconfig: %s: unexpected '/'\n", str); 4161 exit(1); 4162 } 4163 4164 (void) memset(sin6, 0, sizeof (*sin6)); 4165 4166 hp = getipnodebyname(str, AF_INET6, 0, &error_num); 4167 if (hp) { 4168 sin6->sin6_family = hp->h_addrtype; 4169 (void) memcpy(&sin6->sin6_addr, hp->h_addr, hp->h_length); 4170 freehostent(hp); 4171 return; 4172 } 4173 if (error_num == TRY_AGAIN) { 4174 (void) fprintf(stderr, "ifconfig: %s: bad address " 4175 "(try again later)\n", s); 4176 } else { 4177 (void) fprintf(stderr, "ifconfig: %s: bad address\n", s); 4178 } 4179 exit(1); 4180 } 4181 4182 /* 4183 * If "slash" is zero this parses the whole string as 4184 * an integer. With "slash" non zero it parses the tail part as an integer. 4185 * 4186 * If it is not a valid integer this returns BAD_ADDR. 4187 * If there is /<n> present this returns NO_PREFIX. 4188 */ 4189 static int 4190 in_getprefixlen(char *addr, boolean_t slash, int max_plen) 4191 { 4192 int prefixlen; 4193 char *str, *end; 4194 4195 if (slash) { 4196 str = strchr(addr, '/'); 4197 if (str == NULL) 4198 return (NO_PREFIX); 4199 str++; 4200 } else 4201 str = addr; 4202 4203 prefixlen = strtol(str, &end, 10); 4204 if (prefixlen < 0) 4205 return (BAD_ADDR); 4206 if (str == end) 4207 return (BAD_ADDR); 4208 if (max_plen != 0 && max_plen < prefixlen) 4209 return (BAD_ADDR); 4210 return (prefixlen); 4211 } 4212 4213 /* 4214 * Convert a prefix length to a mask. 4215 * Returns 1 if ok. 0 otherwise. 4216 * Assumes the mask array is zero'ed by the caller. 4217 */ 4218 static boolean_t 4219 in_prefixlentomask(int prefixlen, int maxlen, uchar_t *mask) 4220 { 4221 if (prefixlen < 0 || prefixlen > maxlen) 4222 return (0); 4223 4224 while (prefixlen > 0) { 4225 if (prefixlen >= 8) { 4226 *mask++ = 0xFF; 4227 prefixlen -= 8; 4228 continue; 4229 } 4230 *mask |= 1 << (8 - prefixlen); 4231 prefixlen--; 4232 } 4233 return (1); 4234 } 4235 4236 static void 4237 print_flags(uint64_t flags) 4238 { 4239 boolean_t first = _B_TRUE; 4240 int cnt, i; 4241 4242 (void) printf("flags=%llx", flags); 4243 cnt = sizeof (if_flags_tbl) / sizeof (if_flags_t); 4244 for (i = 0; i < cnt; i++) { 4245 if (flags & if_flags_tbl[i].iff_value) { 4246 if (first) { 4247 (void) printf("<"); 4248 first = _B_FALSE; 4249 } else { 4250 /* 4251 * It has to be here and not with the 4252 * printf below because for the last one, 4253 * we don't want a comma before the ">". 4254 */ 4255 (void) printf(","); 4256 } 4257 (void) printf("%s", if_flags_tbl[i].iff_name); 4258 } 4259 } 4260 if (!first) 4261 (void) printf(">"); 4262 } 4263 4264 static void 4265 print_config_flags(uint64_t flags) 4266 { 4267 int cnt, i; 4268 4269 cnt = sizeof (if_config_cmd_tbl) / sizeof (if_config_cmd_t); 4270 for (i = 0; i < cnt; i++) { 4271 if (flags & if_config_cmd_tbl[i].iff_flag) { 4272 (void) printf("%s ", if_config_cmd_tbl[i].iff_name); 4273 } 4274 } 4275 } 4276 4277 /* 4278 * Use the configured directory lookup mechanism (e.g. files/NIS/NIS+/...) 4279 * to find the network mask. Returns true if we found one to set. 4280 * 4281 * The parameter addr_set controls whether we should get the address of 4282 * the working interface for the netmask query. If addr_set is true, 4283 * we will use the address provided. Otherwise, we will find the working 4284 * interface's address and use it instead. 4285 */ 4286 static boolean_t 4287 in_getmask(struct sockaddr_in *saddr, boolean_t addr_set) 4288 { 4289 struct sockaddr_in ifaddr; 4290 4291 /* 4292 * Read the address from the interface if it is not passed in. 4293 */ 4294 if (!addr_set) { 4295 (void) strncpy(lifr.lifr_name, name, sizeof (lifr.lifr_name)); 4296 if (ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr) < 0) { 4297 if (errno != EADDRNOTAVAIL) { 4298 (void) fprintf(stderr, "Need net number for " 4299 "mask\n"); 4300 } 4301 return (_B_FALSE); 4302 } 4303 ifaddr = *((struct sockaddr_in *)&lifr.lifr_addr); 4304 } else { 4305 ifaddr.sin_addr = saddr->sin_addr; 4306 } 4307 if (getnetmaskbyaddr(ifaddr.sin_addr, &saddr->sin_addr) == 0) { 4308 saddr->sin_family = AF_INET; 4309 return (_B_TRUE); 4310 } 4311 return (_B_FALSE); 4312 } 4313 4314 static int 4315 strioctl(int s, int cmd, char *buf, int buflen) 4316 { 4317 struct strioctl ioc; 4318 4319 (void) memset(&ioc, 0, sizeof (ioc)); 4320 ioc.ic_cmd = cmd; 4321 ioc.ic_timout = 0; 4322 ioc.ic_len = buflen; 4323 ioc.ic_dp = buf; 4324 return (ioctl(s, I_STR, (char *)&ioc)); 4325 } 4326 4327 static void 4328 add_ni(char *name) 4329 { 4330 ni_t **pp; 4331 ni_t *p; 4332 4333 for (pp = &ni_list; (p = *pp) != NULL; pp = &(p->ni_next)) { 4334 if (strcmp(p->ni_name, name) == 0) { 4335 if (debug > 2) 4336 (void) fprintf(stderr, "'%s' is a duplicate\n", 4337 name); 4338 return; 4339 } 4340 } 4341 4342 if (debug > 2) 4343 (void) fprintf(stderr, "adding '%s'\n", 4344 name); 4345 4346 if ((p = malloc(sizeof (ni_t))) == NULL) 4347 return; 4348 4349 (void) strlcpy(p->ni_name, name, sizeof (p->ni_name)); 4350 p->ni_next = NULL; 4351 4352 *pp = p; 4353 num_ni++; 4354 } 4355 4356 /* ARGSUSED2 */ 4357 static int 4358 devfs_entry(di_node_t node, di_minor_t minor, void *arg) 4359 { 4360 char *provider; 4361 int fd; 4362 uint_t ppa; 4363 dl_info_ack_t dlia; 4364 char ifname[LIFNAMSIZ]; 4365 4366 provider = di_minor_name(minor); 4367 4368 if (strlen(provider) > LIFNAMSIZ) 4369 return (DI_WALK_CONTINUE); 4370 4371 if (debug > 2) 4372 fprintf(stderr, "provider = %s\n", provider); 4373 4374 if ((fd = dlpi_open(provider)) < 0) 4375 return (DI_WALK_CONTINUE); 4376 4377 if (debug > 2) 4378 fprintf(stderr, "getting DL_INFO_ACK\n"); 4379 4380 if (dlpi_info(fd, -1, &dlia, NULL, NULL, NULL, NULL, NULL, NULL) < 0) 4381 goto done; 4382 4383 if (dlia.dl_provider_style == DL_STYLE1) { 4384 if (debug > 2) 4385 fprintf(stderr, "provider is DL_STYLE1\n"); 4386 add_ni(provider); 4387 goto done; 4388 } 4389 4390 if (debug > 2) 4391 fprintf(stderr, "provider is DL_STYLE2\n"); 4392 4393 if (di_minor_type(minor) != DDM_ALIAS) { 4394 if (debug > 2) 4395 (void) fprintf(stderr, 4396 "non-alias node, ignoring\n"); 4397 goto done; 4398 } 4399 4400 if (debug > 2) 4401 (void) fprintf(stderr, 4402 "alias node, using instance\n"); 4403 ppa = di_instance(node); 4404 4405 if (dlpi_attach(fd, -1, ppa) < 0) { 4406 if (debug > 2) 4407 (void) fprintf(stderr, 4408 "non-existent PPA, ignoring\n"); 4409 goto done; 4410 } 4411 4412 (void) snprintf(ifname, LIFNAMSIZ, "%s%d", provider, ppa); 4413 add_ni(ifname); 4414 4415 done: 4416 (void) dlpi_close(fd); 4417 return (DI_WALK_CONTINUE); 4418 } 4419 4420 /* 4421 * dhcp-related routines 4422 */ 4423 4424 static int 4425 setifdhcp(const char *caller, const char *ifname, int argc, char *argv[]) 4426 { 4427 dhcp_ipc_request_t *request; 4428 dhcp_ipc_reply_t *reply = NULL; 4429 int timeout = DHCP_IPC_WAIT_DEFAULT; 4430 dhcp_ipc_type_t type = DHCP_START; 4431 int error; 4432 boolean_t is_primary = _B_FALSE; 4433 boolean_t started = _B_FALSE; 4434 4435 for (argv++; --argc > 0; argv++) { 4436 4437 if (strcmp(*argv, "primary") == 0) { 4438 is_primary = _B_TRUE; 4439 continue; 4440 } 4441 4442 if (strcmp(*argv, "wait") == 0) { 4443 if (--argc <= 0) { 4444 usage(); 4445 return (DHCP_EXIT_BADARGS); 4446 } 4447 argv++; 4448 4449 if (strcmp(*argv, "forever") == 0) { 4450 timeout = DHCP_IPC_WAIT_FOREVER; 4451 continue; 4452 } 4453 4454 if (sscanf(*argv, "%d", &timeout) != 1) { 4455 usage(); 4456 return (DHCP_EXIT_BADARGS); 4457 } 4458 4459 if (timeout < 0) { 4460 usage(); 4461 return (DHCP_EXIT_BADARGS); 4462 } 4463 continue; 4464 } 4465 4466 type = dhcp_string_to_request(*argv); 4467 if (type == -1) { 4468 usage(); 4469 return (DHCP_EXIT_BADARGS); 4470 } 4471 } 4472 4473 /* 4474 * Only try to start agent on start or inform; in all other cases it 4475 * has to already be running for anything to make sense. 4476 */ 4477 if (type == DHCP_START || type == DHCP_INFORM) { 4478 if (dhcp_start_agent(DHCP_IPC_MAX_WAIT) == -1) { 4479 (void) fprintf(stderr, "%s: unable to start %s\n", 4480 caller, DHCP_AGENT_PATH); 4481 return (DHCP_EXIT_FAILURE); 4482 } 4483 started = _B_TRUE; 4484 } 4485 4486 if (is_primary) 4487 type |= DHCP_PRIMARY; 4488 4489 if (af != AF_INET) 4490 type |= DHCP_V6; 4491 4492 request = dhcp_ipc_alloc_request(type, ifname, NULL, 0, DHCP_TYPE_NONE); 4493 if (request == NULL) { 4494 (void) fprintf(stderr, "%s: out of memory\n", caller); 4495 return (DHCP_EXIT_SYSTEM); 4496 } 4497 4498 error = dhcp_ipc_make_request(request, &reply, timeout); 4499 if (error != 0) { 4500 free(request); 4501 /* 4502 * Re-map connect error to not under control if we didn't try a 4503 * start operation, as this has to be true and results in a 4504 * clearer message, not to mention preserving compatibility 4505 * with the days when we always started dhcpagent for every 4506 * request. 4507 */ 4508 if (error == DHCP_IPC_E_CONNECT && !started) 4509 error = DHCP_IPC_E_UNKIF; 4510 (void) fprintf(stderr, "%s: %s: %s\n", caller, ifname, 4511 dhcp_ipc_strerror(error)); 4512 return (DHCP_EXIT_FAILURE); 4513 } 4514 4515 error = reply->return_code; 4516 if (error != 0) { 4517 free(request); 4518 free(reply); 4519 4520 if (error == DHCP_IPC_E_TIMEOUT && timeout == 0) 4521 return (DHCP_EXIT_SUCCESS); 4522 4523 (void) fprintf(stderr, "%s: %s: %s\n", caller, ifname, 4524 dhcp_ipc_strerror(error)); 4525 4526 if (error == DHCP_IPC_E_TIMEOUT) 4527 return (DHCP_EXIT_TIMEOUT); 4528 else 4529 return (DHCP_EXIT_IF_FAILURE); 4530 } 4531 4532 if (DHCP_IPC_CMD(type) == DHCP_STATUS) { 4533 (void) printf("%s", dhcp_status_hdr_string()); 4534 (void) printf("%s", dhcp_status_reply_to_string(reply)); 4535 } 4536 4537 free(request); 4538 free(reply); 4539 return (DHCP_EXIT_SUCCESS); 4540 } 4541 4542 static void 4543 usage(void) 4544 { 4545 (void) fprintf(stderr, 4546 "usage: ifconfig <interface> | -a[ 4 | 6 | D ][ u | d ][ Z ]\n"); 4547 4548 (void) fprintf(stderr, "%s", 4549 "\t[ <addr_family> ]\n" 4550 "\t[ <address>[/<prefix_length>] [ <dest_address> ] ]\n" 4551 "\t[ set [ <address>][/<prefix_length>] ]" 4552 " [ <address>/<prefix_length>] ]\n" 4553 "\t[ destination <dest_address> ]\n" 4554 "\t[ addif <address>[/<prefix_length>]" 4555 " [ <dest_address> ] ]\n" 4556 "\t[ removeif <address>[/<prefix_length>] ]\n" 4557 "\t[ arp | -arp ]\n" 4558 "\t[ auto-revarp ]\n" 4559 "\t[ broadcast <broad_addr> ]\n" 4560 "\t[ index <if_index> ]\n" 4561 "\t[ metric <n> ] [ mtu <n> ]\n" 4562 "\t[ netmask <mask> ]\n" 4563 "\t[ plumb ] [ unplumb ]\n" 4564 "\t[ preferred | -preferred ]\n" 4565 "\t[ private | -private ]\n" 4566 "\t[ local | -local ]\n" 4567 "\t[ router | -router ]\n" 4568 "\t[ subnet <subnet_address>]\n" 4569 "\t[ trailers | -trailers ]\n" 4570 "\t[ token <address>/<prefix_length> ]\n" 4571 "\t[ tsrc <tunnel_src_address> ]\n" 4572 "\t[ tdst <tunnel_dest_address> ]\n" 4573 "\t[ auth_algs <tunnel_AH_authentication_algorithm> ]\n" 4574 "\t[ encr_algs <tunnel_ESP_encryption_algorithm> ]\n" 4575 "\t[ encr_auth_algs <tunnel_ESP_authentication_algorithm> ]\n" 4576 "\t[ up ] [ down ]\n" 4577 "\t[ xmit | -xmit ]\n" 4578 "\t[ modlist ]\n" 4579 "\t[ modinsert <module_name@position> ]\n" 4580 "\t[ modremove <module_name@position> ]\n" 4581 "\t[ group <groupname>] | [ group \"\"]\n" 4582 "\t[ deprecated | -deprecated ]\n" 4583 "\t[ standby | -standby ]\n" 4584 "\t[ failover | -failover ]\n" 4585 "\t[ zone <zonename> | -zone ]\n" 4586 "\t[ usesrc <interface> ]\n" 4587 "\t[ all-zones ]\n"); 4588 4589 (void) fprintf(stderr, "or\n"); 4590 (void) fprintf(stderr, 4591 "\tifconfig <interface> | -a[ 4 | 6 | D ] [ u | d ]\n"); 4592 4593 (void) fprintf(stderr, "%s", "\tauto-dhcp | dhcp\n" 4594 "\t[ wait <time> | forever ]\n\t[ primary ]\n" 4595 "\tstart | drop | ping | release | status | inform\n"); 4596 } 4597