 @@ -1,1477 +1,1475 @@
-/*	$NetBSD: ip_input.c,v 1.275.4.1.8.1 2011/01/07 03:16:14 matt Exp $	*/
+/*	$NetBSD: ip_input.c,v 1.275.4.1.8.2 2011/01/07 03:17:44 matt Exp $	*/
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the project nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 /*-
  * Copyright (c) 1998 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Public Access Networks Corporation ("Panix").  It was developed under
  * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * Copyright (c) 1982, 1986, 1988, 1993
  *	The Regents of the University of California.  All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
  *	@(#)ip_input.c	8.2 (Berkeley) 1/4/94
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.275.4.1.8.1 2011/01/07 03:16:14 matt Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.275.4.1.8.2 2011/01/07 03:17:44 matt Exp $");
 #include "opt_inet.h"
 #include "opt_gateway.h"
 #include "opt_pfil_hooks.h"
 #include "opt_ipsec.h"
 #include "opt_mrouting.h"
 #include "opt_mbuftrace.h"
 #include "opt_inet_csum.h"
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
 #include <sys/domain.h>
 #include <sys/protosw.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
 #include <sys/errno.h>
 #include <sys/time.h>
 #include <sys/kernel.h>
 #include <sys/pool.h>
 #include <sys/sysctl.h>
 #include <sys/kauth.h>
 #include <net/if.h>
 #include <net/if_dl.h>
 #include <net/route.h>
 #include <net/pfil.h>
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #include <netinet/ip.h>
 #include <netinet/in_pcb.h>
 #include <netinet/in_proto.h>
 #include <netinet/in_var.h>
 #include <netinet/ip_var.h>
 #include <netinet/ip_private.h>
 #include <netinet/ip_icmp.h>
 /* just for gif_ttl */
 #include <netinet/in_gif.h>
 #include "gif.h"
 #include <net/if_gre.h>
 #include "gre.h"
 #ifdef MROUTING
 #include <netinet/ip_mroute.h>
 #endif
 #ifdef IPSEC
 #include <netinet6/ipsec.h>
 #include <netinet6/ipsec_private.h>
 #include <netkey/key.h>
 #endif
 #ifdef FAST_IPSEC
 #include <netipsec/ipsec.h>
 #include <netipsec/key.h>
 #endif	/* FAST_IPSEC*/
 #ifndef	IPFORWARDING
 #ifdef GATEWAY
 #define	IPFORWARDING	1	/* forward IP packets not for us */
 #else /* GATEWAY */
 #define	IPFORWARDING	0	/* don't forward IP packets not for us */
 #endif /* GATEWAY */
 #endif /* IPFORWARDING */
 #ifndef	IPSENDREDIRECTS
 #define	IPSENDREDIRECTS	1
 #endif
 #ifndef IPFORWSRCRT
 #define	IPFORWSRCRT	1	/* forward source-routed packets */
 #endif
 #ifndef IPALLOWSRCRT
 #define	IPALLOWSRCRT	1	/* allow source-routed packets */
 #endif
 #ifndef IPMTUDISC
 #define IPMTUDISC	1
 #endif
 #ifndef IPMTUDISCTIMEOUT
 #define IPMTUDISCTIMEOUT (10 * 60)	/* as per RFC 1191 */
 #endif
 /*
  * Note: DIRECTED_BROADCAST is handled this way so that previous
  * configuration using this option will Just Work.
  */
 #ifndef IPDIRECTEDBCAST
 #ifdef DIRECTED_BROADCAST
 #define IPDIRECTEDBCAST	1
 #else
 #define	IPDIRECTEDBCAST	0
 #endif /* DIRECTED_BROADCAST */
 #endif /* IPDIRECTEDBCAST */
 int	ipforwarding = IPFORWARDING;
 int	ipsendredirects = IPSENDREDIRECTS;
 int	ip_defttl = IPDEFTTL;
 int	ip_forwsrcrt = IPFORWSRCRT;
 int	ip_directedbcast = IPDIRECTEDBCAST;
 int	ip_allowsrcrt = IPALLOWSRCRT;
 int	ip_mtudisc = IPMTUDISC;
 int	ip_mtudisc_timeout = IPMTUDISCTIMEOUT;
 #ifdef DIAGNOSTIC
 int	ipprintfs = 0;
 #endif
 int	ip_do_randomid = 0;
 /*
  * XXX - Setting ip_checkinterface mostly implements the receive side of
  * the Strong ES model described in RFC 1122, but since the routing table
  * and transmit implementation do not implement the Strong ES model,
  * setting this to 1 results in an odd hybrid.
+ *
  * XXX - ip_checkinterface currently must be disabled if you use ipnat
  * to translate the destination address to another local interface.
+ *
  * XXX - ip_checkinterface must be disabled if you add IP aliases
  * to the loopback interface instead of the interface where the
  * packets for those addresses are received.
  */
 int	ip_checkinterface = 0;
 struct rttimer_queue *ip_mtudisc_timeout_q = NULL;
 int	ipqmaxlen = IFQ_MAXLEN;
 u_long	in_ifaddrhash;				/* size of hash table - 1 */
 int	in_ifaddrentries;			/* total number of addrs */
 struct in_ifaddrhead in_ifaddrhead;
 struct	in_ifaddrhashhead *in_ifaddrhashtbl;
 u_long	in_multihash;				/* size of hash table - 1 */
 int	in_multientries;			/* total number of addrs */
 struct	in_multihashhead *in_multihashtbl;
 struct	ifqueue ipintrq;
 uint16_t ip_id;
 percpu_t *ipstat_percpu;
 #ifdef PFIL_HOOKS
 struct pfil_head inet_pfil_hook;
 #endif
 /*
  * Cached copy of nmbclusters. If nbclusters is different,
  * recalculate IP parameters derived from nmbclusters.
  */
 static int	ip_nmbclusters;			/* copy of nmbclusters */
 static void	ip_nmbclusters_changed(void);	/* recalc limits */
 #define CHECK_NMBCLUSTER_PARAMS()				\
 do {								\
 	if (__predict_false(ip_nmbclusters != nmbclusters))	\
 		ip_nmbclusters_changed();			\
 } while (/*CONSTCOND*/0)
 /* IP datagram reassembly queues (hashed) */
 #define IPREASS_NHASH_LOG2      6
 #define IPREASS_NHASH           (1 << IPREASS_NHASH_LOG2)
 #define IPREASS_HMASK           (IPREASS_NHASH - 1)
 #define IPREASS_HASH(x,y) \
 	(((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK)
 struct ipqhead ipq[IPREASS_NHASH];
 int	ipq_locked;
 static int	ip_nfragpackets;	/* packets in reass queue */
 static int	ip_nfrags;		/* total fragments in reass queues */
 int	ip_maxfragpackets = 200;	/* limit on packets. XXX sysctl */
 int	ip_maxfrags;		        /* limit on fragments. XXX sysctl */
 /*
  * Additive-Increase/Multiplicative-Decrease (AIMD) strategy for
  * IP reassembly queue buffer managment.
+ *
  * We keep a count of total IP fragments (NB: not fragmented packets!)
  * awaiting reassembly (ip_nfrags) and a limit (ip_maxfrags) on fragments.
  * If ip_nfrags exceeds ip_maxfrags the limit, we drop half the
  * total fragments in  reassembly queues.This AIMD policy avoids
  * repeatedly deleting single packets under heavy fragmentation load
  * (e.g., from lossy NFS peers).
  */
 static u_int	ip_reass_ttl_decr(u_int ticks);
 static void	ip_reass_drophalf(void);
 static inline int ipq_lock_try(void);
 static inline void ipq_unlock(void);
 static inline int
 ipq_lock_try(void)
+{
 	int s;
 	/*
 	 * Use splvm() -- we're blocking things that would cause
 	 * mbuf allocation.
 	 */
 	s = splvm();
 	if (ipq_locked) {
 		splx(s);
 		return (0);
+	}
 	ipq_locked = 1;
 	splx(s);
 	return (1);
+}
 static inline void
 ipq_unlock(void)
+{
 	int s;
 	s = splvm();
 	ipq_locked = 0;
 	splx(s);
+}
 #ifdef DIAGNOSTIC
 #define	IPQ_LOCK()							\
 do {									\
 	if (ipq_lock_try() == 0) {					\
 		printf("%s:%d: ipq already locked\n", __FILE__, __LINE__); \
 		panic("ipq_lock");					\
 	}								\
 } while (/*CONSTCOND*/ 0)
 #define	IPQ_LOCK_CHECK()						\
 do {									\
 	if (ipq_locked == 0) {						\
 		printf("%s:%d: ipq lock not held\n", __FILE__, __LINE__); \
 		panic("ipq lock check");				\
 	}								\
 } while (/*CONSTCOND*/ 0)
 #else
 #define	IPQ_LOCK()		(void) ipq_lock_try()
 #define	IPQ_LOCK_CHECK()	/* nothing */
 #endif
 #define	IPQ_UNLOCK()		ipq_unlock()
 struct pool inmulti_pool;
 struct pool ipqent_pool;
 #ifdef INET_CSUM_COUNTERS
 #include <sys/device.h>
 struct evcnt ip_hwcsum_bad = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
     NULL, "inet", "hwcsum bad");
 struct evcnt ip_hwcsum_ok = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
     NULL, "inet", "hwcsum ok");
 struct evcnt ip_swcsum = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
     NULL, "inet", "swcsum");
 #define	INET_CSUM_COUNTER_INCR(ev)	(ev)->ev_count++
 EVCNT_ATTACH_STATIC(ip_hwcsum_bad);
 EVCNT_ATTACH_STATIC(ip_hwcsum_ok);
 EVCNT_ATTACH_STATIC(ip_swcsum);
 #else
 #define	INET_CSUM_COUNTER_INCR(ev)	/* nothing */
 #endif /* INET_CSUM_COUNTERS */
 /*
  * We need to save the IP options in case a protocol wants to respond
  * to an incoming packet over the same route if the packet got here
  * using IP source routing.  This allows connection establishment and
  * maintenance when the remote end is on a network that is not known
  * to us.
  */
 int	ip_nhops = 0;
 static	struct ip_srcrt {
 	struct	in_addr dst;			/* final destination */
 	char	nop;				/* one NOP to align */
 	char	srcopt[IPOPT_OFFSET + 1];	/* OPTVAL, OLEN and OFFSET */
 	struct	in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)];
 } ip_srcrt;
 static void save_rte(u_char *, struct in_addr);
 #ifdef MBUFTRACE
 struct mowner ip_rx_mowner = MOWNER_INIT("internet", "rx");
 struct mowner ip_tx_mowner = MOWNER_INIT("internet", "tx");
 #endif
 /*
  * Compute IP limits derived from the value of nmbclusters.
  */
 static void
 ip_nmbclusters_changed(void)
+{
 	ip_maxfrags = nmbclusters / 4;
 	ip_nmbclusters =  nmbclusters;
+}
 /*
  * IP initialization: fill in IP protocol switch table.
  * All protocols not implemented in kernel go to raw IP protocol handler.
  */
 void
 ip_init(void)
+{
 	const struct protosw *pr;
 	int i;
 	pool_init(&inmulti_pool, sizeof(struct in_multi), 0, 0, 0, "inmltpl",
 	    NULL, IPL_SOFTNET);
 	pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl",
 	    NULL, IPL_VM);
 	pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW);
 	if (pr == 0)
 		panic("ip_init");
 	for (i = 0; i < IPPROTO_MAX; i++)
 		ip_protox[i] = pr - inetsw;
 	for (pr = inetdomain.dom_protosw;
 	    pr < inetdomain.dom_protoswNPROTOSW; pr++)
 		if (pr->pr_domain->dom_family == PF_INET &&
 		    pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
 			ip_protox[pr->pr_protocol] = pr - inetsw;
 	for (i = 0; i < IPREASS_NHASH; i++)
 	    	LIST_INIT(&ipq[i]);
 	ip_initid();
 	ip_id = time_second & 0xfffff;
 	ipintrq.ifq_maxlen = ipqmaxlen;
 	ip_nmbclusters_changed();
 	TAILQ_INIT(&in_ifaddrhead);
 	in_ifaddrhashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, true,
 	    &in_ifaddrhash);
 	in_multihashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, true,
 	    &in_multihash);
 	ip_mtudisc_timeout_q = rt_timer_queue_create(ip_mtudisc_timeout);
 #ifdef GATEWAY
 	ipflow_init(ip_hashsize);
 #endif
 #ifdef PFIL_HOOKS
 	/* Register our Packet Filter hook. */
 	inet_pfil_hook.ph_type = PFIL_TYPE_AF;
 	inet_pfil_hook.ph_af   = AF_INET;
 	i = pfil_head_register(&inet_pfil_hook);
 	if (i != 0)
 		printf("ip_init: WARNING: unable to register pfil hook, "
 		    "error %d\n", i);
 #endif /* PFIL_HOOKS */
 #ifdef MBUFTRACE
 	MOWNER_ATTACH(&ip_tx_mowner);
 	MOWNER_ATTACH(&ip_rx_mowner);
 #endif /* MBUFTRACE */
 	ipstat_percpu = percpu_alloc(sizeof(uint64_t) * IP_NSTATS);
+}
 struct	sockaddr_in ipaddr = {
 	.sin_len = sizeof(ipaddr),
 	.sin_family = AF_INET,
 };
 struct	route ipforward_rt;
 /*
  * IP software interrupt routine
  */
 void
 ipintr(void)
+{
 	int s;
 	struct mbuf *m;
 	mutex_enter(softnet_lock);
 	KERNEL_LOCK(1, NULL);
 	while (!IF_IS_EMPTY(&ipintrq)) {
 		s = splnet();
 		IF_DEQUEUE(&ipintrq, m);
 		splx(s);
 		if (m == NULL)
 			break;
 		KERNEL_UNLOCK_ONE(NULL);
 		ip_input(m);
 		KERNEL_LOCK(1, NULL);
+	}
 	KERNEL_UNLOCK_ONE(NULL);
 	mutex_exit(softnet_lock);
+}
 /*
  * Ip input routine.  Checksum and byte swap header.  If fragmented
  * try to reassemble.  Process options.  Pass to next level.
  */
 void
 ip_input(struct mbuf *m)
+{
 	struct ip *ip = NULL;
 	struct ipq *fp;
 	struct in_ifaddr *ia;
 	struct ifaddr *ifa;
 	struct ipqent *ipqe;
 	int hlen = 0, mff, len;
 	int downmatch;
 	int checkif;
 	int srcrt = 0;
 	int s;
 	u_int hash;
 #ifdef FAST_IPSEC
 	struct m_tag *mtag;
 	struct tdb_ident *tdbi;
 	struct secpolicy *sp;
 	int error;
 #endif /* FAST_IPSEC */
 	MCLAIM(m, &ip_rx_mowner);
 #ifdef	DIAGNOSTIC
 	if ((m->m_flags & M_PKTHDR) == 0)
 		panic("ipintr no HDR");
 #endif
 	/*
 	 * If no IP addresses have been set yet but the interfaces
 	 * are receiving, can't do anything with incoming packets yet.
 	 */
 	if (TAILQ_FIRST(&in_ifaddrhead) == 0)
 		goto bad;
 	IP_STATINC(IP_STAT_TOTAL);
 	/*
 	 * If the IP header is not aligned, slurp it up into a new
 	 * mbuf with space for link headers, in the event we forward
 	 * it.  Otherwise, if it is aligned, make sure the entire
 	 * base IP header is in the first mbuf of the chain.
 	 */
 	if (IP_HDR_ALIGNED_P(mtod(m, void *)) == 0) {
 		if ((m = m_copyup(m, sizeof(struct ip),
 				  (max_linkhdr + 3) & ~3)) == NULL) {
 			/* XXXJRT new stat, please */
 			IP_STATINC(IP_STAT_TOOSMALL);
 			return;
+		}
 	} else if (__predict_false(m->m_len < sizeof (struct ip))) {
 		if ((m = m_pullup(m, sizeof (struct ip))) == NULL) {
 			IP_STATINC(IP_STAT_TOOSMALL);
 			return;
+		}
+	}
 	ip = mtod(m, struct ip *);
 	if (ip->ip_v != IPVERSION) {
 		IP_STATINC(IP_STAT_BADVERS);
 		goto bad;
+	}
 	hlen = ip->ip_hl << 2;
 	if (hlen < sizeof(struct ip)) {	/* minimum header length */
 		IP_STATINC(IP_STAT_BADHLEN);
 		goto bad;
+	}
 	if (hlen > m->m_len) {
 		if ((m = m_pullup(m, hlen)) == 0) {
 			IP_STATINC(IP_STAT_BADHLEN);
 			return;
+		}
 		ip = mtod(m, struct ip *);
+	}
 	/*
 	 * RFC1122: packets with a multicast source address are
 	 * not allowed.
 	 */
 	if (IN_MULTICAST(ip->ip_src.s_addr)) {
 		IP_STATINC(IP_STAT_BADADDR);
 		goto bad;
+	}
 	/* 127/8 must not appear on wire - RFC1122 */
 	if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
 	    (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
 		if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) {
 			IP_STATINC(IP_STAT_BADADDR);
 			goto bad;
+		}
+	}
 	switch (m->m_pkthdr.csum_flags &
 		((m->m_pkthdr.rcvif->if_csum_flags_rx & M_CSUM_IPv4) |
 		 M_CSUM_IPv4_BAD)) {
 	case M_CSUM_IPv4|M_CSUM_IPv4_BAD:
 		INET_CSUM_COUNTER_INCR(&ip_hwcsum_bad);
 		goto badcsum;
 	case M_CSUM_IPv4:
 		/* Checksum was okay. */
 		INET_CSUM_COUNTER_INCR(&ip_hwcsum_ok);
 		break;
 	default:
 		/*
 		 * Must compute it ourselves.  Maybe skip checksum on
 		 * loopback interfaces.
 		 */
 		if (__predict_true(!(m->m_pkthdr.rcvif->if_flags &
 				     IFF_LOOPBACK) || ip_do_loopback_cksum)) {
 			INET_CSUM_COUNTER_INCR(&ip_swcsum);
 			if (in_cksum(m, hlen) != 0)
 				goto badcsum;
+		}
 		break;
+	}
 	/* Retrieve the packet length. */
 	len = ntohs(ip->ip_len);
 	/*
 	 * Check for additional length bogosity
 	 */
 	if (len < hlen) {
 		IP_STATINC(IP_STAT_BADLEN);
 		goto bad;
+	}
 	/*
 	 * Check that the amount of data in the buffers
 	 * is as at least much as the IP header would have us expect.
 	 * Trim mbufs if longer than we expect.
 	 * Drop packet if shorter than we expect.
 	 */
 	if (m->m_pkthdr.len < len) {
 		IP_STATINC(IP_STAT_TOOSHORT);
 		goto bad;
+	}
 	if (m->m_pkthdr.len > len) {
 		if (m->m_len == m->m_pkthdr.len) {
 			m->m_len = len;
 			m->m_pkthdr.len = len;
 		} else
 			m_adj(m, len - m->m_pkthdr.len);
+	}
 #if defined(IPSEC)
 	/* ipflow (IP fast forwarding) is not compatible with IPsec. */
 	m->m_flags &= ~M_CANFASTFWD;
 #else
 	/*
 	 * Assume that we can create a fast-forward IP flow entry
 	 * based on this packet.
 	 */
 	m->m_flags |= M_CANFASTFWD;
 #endif
 #ifdef PFIL_HOOKS
 	/*
 	 * Run through list of hooks for input packets.  If there are any
 	 * filters which require that additional packets in the flow are
 	 * not fast-forwarded, they must clear the M_CANFASTFWD flag.
 	 * Note that filters must _never_ set this flag, as another filter
 	 * in the list may have previously cleared it.
 	 */
 	/*
 	 * let ipfilter look at packet on the wire,
 	 * not the decapsulated packet.
 	 */
 #ifdef IPSEC
 	if (!ipsec_getnhist(m))
 #elif defined(FAST_IPSEC)
 	if (!ipsec_indone(m))
 #else
 	if (1)
 #endif
+	{
 		struct in_addr odst;
 		odst = ip->ip_dst;
 		if (pfil_run_hooks(&inet_pfil_hook, &m, m->m_pkthdr.rcvif,
 		    PFIL_IN) != 0)
 			return;
 		if (m == NULL)
 			return;
 		ip = mtod(m, struct ip *);
 		hlen = ip->ip_hl << 2;
 		/*
 		 * XXX The setting of "srcrt" here is to prevent ip_forward()
 		 * from generating ICMP redirects for packets that have
 		 * been redirected by a hook back out on to the same LAN that
 		 * they came from and is not an indication that the packet
 		 * is being inffluenced by source routing options.  This
 		 * allows things like
 		 * "rdr tlp0 0/0 port 80 -> 1.1.1.200 3128 tcp"
 		 * where tlp0 is both on the 1.1.1.0/24 network and is the
 		 * default route for hosts on 1.1.1.0/24.  Of course this
 		 * also requires a "map tlp0 ..." to complete the story.
 		 * One might argue whether or not this kind of network config.
 		 * should be supported in this manner...
 		 */
 		srcrt = (odst.s_addr != ip->ip_dst.s_addr);
+	}
 #endif /* PFIL_HOOKS */
 #ifdef ALTQ
 	/* XXX Temporary until ALTQ is changed to use a pfil hook */
 	if (altq_input != NULL && (*altq_input)(m, AF_INET) == 0) {
 		/* packet dropped by traffic conditioner */
 		return;
+	}
 #endif
 	/*
 	 * Process options and, if not destined for us,
 	 * ship it on.  ip_dooptions returns 1 when an
 	 * error was detected (causing an icmp message
 	 * to be sent and the original packet to be freed).
 	 */
 	ip_nhops = 0;		/* for source routed packets */
 	if (hlen > sizeof (struct ip) && ip_dooptions(m))
 		return;
 	/*
 	 * Enable a consistency check between the destination address
 	 * and the arrival interface for a unicast packet (the RFC 1122
 	 * strong ES model) if IP forwarding is disabled and the packet
 	 * is not locally generated.
+	 *
 	 * XXX - Checking also should be disabled if the destination
 	 * address is ipnat'ed to a different interface.
+	 *
 	 * XXX - Checking is incompatible with IP aliases added
 	 * to the loopback interface instead of the interface where
 	 * the packets are received.
+	 *
 	 * XXX - We need to add a per ifaddr flag for this so that
 	 * we get finer grain control.
 	 */
 	checkif = ip_checkinterface && (ipforwarding == 0) &&
 	    (m->m_pkthdr.rcvif != NULL) &&
 	    ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0);
 	/*
 	 * Check our list of addresses, to see if the packet is for us.
+	 *
 	 * Traditional 4.4BSD did not consult IFF_UP at all.
 	 * The behavior here is to treat addresses on !IFF_UP interface
 	 * as not mine.
 	 */
 	downmatch = 0;
 	LIST_FOREACH(ia, &IN_IFADDR_HASH(ip->ip_dst.s_addr), ia_hash) {
 		if (in_hosteq(ia->ia_addr.sin_addr, ip->ip_dst)) {
 			if (checkif && ia->ia_ifp != m->m_pkthdr.rcvif)
 				continue;
 			if ((ia->ia_ifp->if_flags & IFF_UP) != 0)
 				break;
 			else
 				downmatch++;
+		}
+	}
 	if (ia != NULL)
 		goto ours;
 	if (m->m_pkthdr.rcvif && m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
 		IFADDR_FOREACH(ifa, m->m_pkthdr.rcvif) {
 			if (ifa->ifa_addr->sa_family != AF_INET)
 				continue;
 			ia = ifatoia(ifa);
 			if (in_hosteq(ip->ip_dst, ia->ia_broadaddr.sin_addr) ||
 			    in_hosteq(ip->ip_dst, ia->ia_netbroadcast) ||
 			    /*
 			     * Look for all-0's host part (old broadcast addr),
 			     * either for subnet or net.
 			     */
 			    ip->ip_dst.s_addr == ia->ia_subnet ||
 			    ip->ip_dst.s_addr == ia->ia_net)
 				goto ours;
 			/*
 			 * An interface with IP address zero accepts
 			 * all packets that arrive on that interface.
 			 */
 			if (in_nullhost(ia->ia_addr.sin_addr))
 				goto ours;
+		}
+	}
 	if (IN_MULTICAST(ip->ip_dst.s_addr)) {
 		struct in_multi *inm;
 #ifdef MROUTING
 		extern struct socket *ip_mrouter;
 		if (ip_mrouter) {
 			/*
 			 * If we are acting as a multicast router, all
 			 * incoming multicast packets are passed to the
 			 * kernel-level multicast forwarding function.
 			 * The packet is returned (relatively) intact; if
 			 * ip_mforward() returns a non-zero value, the packet
 			 * must be discarded, else it may be accepted below.
+			 *
 			 * (The IP ident field is put in the same byte order
 			 * as expected when ip_mforward() is called from
 			 * ip_output().)
 			 */
 			if (ip_mforward(m, m->m_pkthdr.rcvif) != 0) {
 				IP_STATINC(IP_STAT_CANTFORWARD);
 				m_freem(m);
 				return;
+			}
 			/*
 			 * The process-level routing demon needs to receive
 			 * all multicast IGMP packets, whether or not this
 			 * host belongs to their destination groups.
 			 */
 			if (ip->ip_p == IPPROTO_IGMP)
 				goto ours;
 			IP_STATINC(IP_STAT_CANTFORWARD);
+		}
 #endif
 		/*
 		 * See if we belong to the destination multicast group on the
 		 * arrival interface.
 		 */
 		IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);
 		if (inm == NULL) {
 			IP_STATINC(IP_STAT_CANTFORWARD);
 			m_freem(m);
 			return;
+		}
 		goto ours;
+	}
 	if (ip->ip_dst.s_addr == INADDR_BROADCAST ||
 	    in_nullhost(ip->ip_dst))
 		goto ours;
 	/*
 	 * Not for us; forward if possible and desirable.
 	 */
 	if (ipforwarding == 0) {
 		IP_STATINC(IP_STAT_CANTFORWARD);
 		m_freem(m);
 	} else {
 		/*
 		 * If ip_dst matched any of my address on !IFF_UP interface,
 		 * and there's no IFF_UP interface that matches ip_dst,
 		 * send icmp unreach.  Forwarding it will result in in-kernel
 		 * forwarding loop till TTL goes to 0.
 		 */
 		if (downmatch) {
 			icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, 0, 0);
 			IP_STATINC(IP_STAT_CANTFORWARD);
 			return;
+		}
 #ifdef IPSEC
 		if (ipsec4_in_reject(m, NULL)) {
 			IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
 			goto bad;
+		}
 #endif
 #ifdef FAST_IPSEC
 		mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
 		s = splsoftnet();
 		if (mtag != NULL) {
 			tdbi = (struct tdb_ident *)(mtag + 1);
 			sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
 		} else {
 			sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
 						   IP_FORWARDING, &error);
+		}
 		if (sp == NULL) {	/* NB: can happen if error */
 			splx(s);
 			/*XXX error stat???*/
 			DPRINTF(("ip_input: no SP for forwarding\n"));	/*XXX*/
 			goto bad;
+		}
 		/*
 		 * Check security policy against packet attributes.
 		 */
 		error = ipsec_in_reject(sp, m);
 		KEY_FREESP(&sp);
 		splx(s);
 		if (error) {
 			IP_STATINC(IP_STAT_CANTFORWARD);
 			goto bad;
+		}
 		/*
 		 * Peek at the outbound SP for this packet to determine if
 		 * it's a Fast Forward candidate.
 		 */
 		mtag = m_tag_find(m, PACKET_TAG_IPSEC_PENDING_TDB, NULL);
 		if (mtag != NULL)
 			m->m_flags &= ~M_CANFASTFWD;
 		else {
 			s = splsoftnet();
 			sp = ipsec4_checkpolicy(m, IPSEC_DIR_OUTBOUND,
 			    (IP_FORWARDING |
 			     (ip_directedbcast ? IP_ALLOWBROADCAST : 0)),
 			    &error, NULL);
 			if (sp != NULL) {
 				m->m_flags &= ~M_CANFASTFWD;
 				KEY_FREESP(&sp);
+			}
 			splx(s);
+		}
 #endif	/* FAST_IPSEC */
 		ip_forward(m, srcrt);
+	}
 	return;
 ours:
 	/*
 	 * If offset or IP_MF are set, must reassemble.
 	 * Otherwise, nothing need be done.
 	 * (We could look in the reassembly queue to see
 	 * if the packet was previously fragmented,
 	 * but it's not worth the time; just let them time out.)
 	 */
 	if (ip->ip_off & ~htons(IP_DF|IP_RF)) {
 		uint16_t off;
 		/*
 		 * Prevent TCP blind data attacks by not allowing non-initial
 		 * fragments to start at less than 68 bytes (minimal fragment
 		 * size) and making sure the first fragment is at least 68
 		 * bytes.
 		 */
 		off = (ntohs(ip->ip_off) & IP_OFFMASK) << 3;
 		if ((off > 0 ? off + hlen : len) < IP_MINFRAGSIZE - 1) {
 			IP_STATINC(IP_STAT_BADFRAGS);
 			goto bad;
+		}
 		/*
 		 * Look for queue of fragments
 		 * of this datagram.
 		 */
 		IPQ_LOCK();
 		hash = IPREASS_HASH(ip->ip_src.s_addr, ip->ip_id);
 		LIST_FOREACH(fp, &ipq[hash], ipq_q) {
 			if (ip->ip_id == fp->ipq_id &&
 			    in_hosteq(ip->ip_src, fp->ipq_src) &&
 			    in_hosteq(ip->ip_dst, fp->ipq_dst) &&
 			    ip->ip_p == fp->ipq_p) {
 				/*
 				 * Make sure the TOS is matches previous
 				 * fragments.
 				 */
 				if (ip->ip_tos != fp->ipq_tos) {
 					IP_STATINC(IP_STAT_BADFRAGS);
 					IPQ_UNLOCK();
 					goto bad;
+				}
 				goto found;
+			}
+		}
 		fp = 0;
 found:
 		/*
 		 * Adjust ip_len to not reflect header,
 		 * set ipqe_mff if more fragments are expected,
 		 * convert offset of this to bytes.
 		 */
 		ip->ip_len = htons(ntohs(ip->ip_len) - hlen);
 		mff = (ip->ip_off & htons(IP_MF)) != 0;
 		if (mff) {
 		        /*
 		         * Make sure that fragments have a data length
 			 * that's a non-zero multiple of 8 bytes.
 		         */
 			if (ntohs(ip->ip_len) == 0 ||
 			    (ntohs(ip->ip_len) & 0x7) != 0) {
 				IP_STATINC(IP_STAT_BADFRAGS);
 				IPQ_UNLOCK();
 				goto bad;
+			}
+		}
 		ip->ip_off = htons((ntohs(ip->ip_off) & IP_OFFMASK) << 3);
 		/*
 		 * If datagram marked as having more fragments
 		 * or if this is not the first fragment,
 		 * attempt reassembly; if it succeeds, proceed.
 		 */
 		if (mff || ip->ip_off != htons(0)) {
 			IP_STATINC(IP_STAT_FRAGMENTS);
 			s = splvm();
 			ipqe = pool_get(&ipqent_pool, PR_NOWAIT);
 			splx(s);
 			if (ipqe == NULL) {
 				IP_STATINC(IP_STAT_RCVMEMDROP);
 				IPQ_UNLOCK();
 				goto bad;
+			}
 			ipqe->ipqe_mff = mff;
 			ipqe->ipqe_m = m;
 			ipqe->ipqe_ip = ip;
 			m = ip_reass(ipqe, fp, &ipq[hash]);
 			if (m == 0) {
 				IPQ_UNLOCK();
 				return;
+			}
 			IP_STATINC(IP_STAT_REASSEMBLED);
 			ip = mtod(m, struct ip *);
 			hlen = ip->ip_hl << 2;
 			ip->ip_len = htons(ntohs(ip->ip_len) + hlen);
 		} else
 			if (fp)
 				ip_freef(fp);
 		IPQ_UNLOCK();
+	}
 #if defined(IPSEC)
 	/*
 	 * enforce IPsec policy checking if we are seeing last header.
 	 * note that we do not visit this with protocols with pcb layer
 	 * code - like udp/tcp/raw ip.
 	 */
 	if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) != 0 &&
 	    ipsec4_in_reject(m, NULL)) {
 		IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
 		goto bad;
+	}
 #endif
 #ifdef FAST_IPSEC
 	/*
 	 * enforce IPsec policy checking if we are seeing last header.
 	 * note that we do not visit this with protocols with pcb layer
 	 * code - like udp/tcp/raw ip.
 	 */
 	if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) != 0) {
 		/*
 		 * Check if the packet has already had IPsec processing
 		 * done.  If so, then just pass it along.  This tag gets
 		 * set during AH, ESP, etc. input handling, before the
 		 * packet is returned to the ip input queue for delivery.
 		 */
 		mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
 		s = splsoftnet();
 		if (mtag != NULL) {
 			tdbi = (struct tdb_ident *)(mtag + 1);
 			sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
 		} else {
 			sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
 						   IP_FORWARDING, &error);
+		}
 		if (sp != NULL) {
 			/*
 			 * Check security policy against packet attributes.
 			 */
 			error = ipsec_in_reject(sp, m);
 			KEY_FREESP(&sp);
 		} else {
 			/* XXX error stat??? */
 			error = EINVAL;
 DPRINTF(("ip_input: no SP, packet discarded\n"));/*XXX*/
+		}
 		splx(s);
 		if (error)
 			goto bad;
+	}
 #endif /* FAST_IPSEC */
 	/*
 	 * Switch out to protocol's input routine.
 	 */
 #if IFA_STATS
 	if (ia && ip)
 		ia->ia_ifa.ifa_data.ifad_inbytes += ntohs(ip->ip_len);
 #endif
 	IP_STATINC(IP_STAT_DELIVERED);
+    {
 	int off = hlen, nh = ip->ip_p;
 	(*inetsw[ip_protox[nh]].pr_input)(m, off, nh);
 	return;
+    }
 bad:
 	m_freem(m);
 	return;
 badcsum:
 	IP_STATINC(IP_STAT_BADSUM);
 	m_freem(m);
+}
 /*
  * Take incoming datagram fragment and try to
  * reassemble it into whole datagram.  If a chain for
  * reassembly of this datagram already exists, then it
  * is given as fp; otherwise have to make a chain.
  */
 struct mbuf *
 ip_reass(struct ipqent *ipqe, struct ipq *fp, struct ipqhead *ipqhead)
+{
 	struct mbuf *m = ipqe->ipqe_m;
 	struct ipqent *nq, *p, *q;
 	struct ip *ip;
 	struct mbuf *t;
 	int hlen = ipqe->ipqe_ip->ip_hl << 2;
 	int i, next, s;
 	IPQ_LOCK_CHECK();
 	/*
 	 * Presence of header sizes in mbufs
 	 * would confuse code below.
 	 */
 	m->m_data += hlen;
 	m->m_len -= hlen;
 #ifdef	notyet
 	/* make sure fragment limit is up-to-date */
 	CHECK_NMBCLUSTER_PARAMS();
 	/* If we have too many fragments, drop the older half. */
 	if (ip_nfrags >= ip_maxfrags)
 		ip_reass_drophalf(void);
 #endif
 	/*
 	 * We are about to add a fragment; increment frag count.
 	 */
 	ip_nfrags++;
 	/*
 	 * If first fragment to arrive, create a reassembly queue.
 	 */
 	if (fp == 0) {
 		/*
 		 * Enforce upper bound on number of fragmented packets
 		 * for which we attempt reassembly;
 		 * If maxfrag is 0, never accept fragments.
 		 * If maxfrag is -1, accept all fragments without limitation.
 		 */
 		if (ip_maxfragpackets < 0)
+			;
 		else if (ip_nfragpackets >= ip_maxfragpackets)
 			goto dropfrag;
 		ip_nfragpackets++;
 		MALLOC(fp, struct ipq *, sizeof (struct ipq),
 		    M_FTABLE, M_NOWAIT);
 		if (fp == NULL)
 			goto dropfrag;
 		LIST_INSERT_HEAD(ipqhead, fp, ipq_q);
 		fp->ipq_nfrags = 1;
 		fp->ipq_ttl = IPFRAGTTL;
 		fp->ipq_p = ipqe->ipqe_ip->ip_p;
 		fp->ipq_id = ipqe->ipqe_ip->ip_id;
 		fp->ipq_tos = ipqe->ipqe_ip->ip_tos;
 		TAILQ_INIT(&fp->ipq_fragq);
 		fp->ipq_src = ipqe->ipqe_ip->ip_src;
 		fp->ipq_dst = ipqe->ipqe_ip->ip_dst;
 		p = NULL;
 		goto insert;
 	} else {
 		fp->ipq_nfrags++;
+	}
 	/*
 	 * Find a segment which begins after this one does.
 	 */
 	for (p = NULL, q = TAILQ_FIRST(&fp->ipq_fragq); q != NULL;
 	    p = q, q = TAILQ_NEXT(q, ipqe_q))
 		if (ntohs(q->ipqe_ip->ip_off) > ntohs(ipqe->ipqe_ip->ip_off))
 			break;
 	/*
 	 * If there is a preceding segment, it may provide some of
 	 * our data already.  If so, drop the data from the incoming
 	 * segment.  If it provides all of our data, drop us.
 	 */
 	if (p != NULL) {
 		i = ntohs(p->ipqe_ip->ip_off) + ntohs(p->ipqe_ip->ip_len) -
 		    ntohs(ipqe->ipqe_ip->ip_off);
 		if (i > 0) {
 			if (i >= ntohs(ipqe->ipqe_ip->ip_len))
 				goto dropfrag;
 			m_adj(ipqe->ipqe_m, i);
 			ipqe->ipqe_ip->ip_off =
 			    htons(ntohs(ipqe->ipqe_ip->ip_off) + i);
 			ipqe->ipqe_ip->ip_len =
 			    htons(ntohs(ipqe->ipqe_ip->ip_len) - i);
+		}
+	}
 	/*
 	 * While we overlap succeeding segments trim them or,
 	 * if they are completely covered, dequeue them.
 	 */
 	for (; q != NULL &&
 	    ntohs(ipqe->ipqe_ip->ip_off) + ntohs(ipqe->ipqe_ip->ip_len) >
 	    ntohs(q->ipqe_ip->ip_off); q = nq) {
 		i = (ntohs(ipqe->ipqe_ip->ip_off) +
 		    ntohs(ipqe->ipqe_ip->ip_len)) - ntohs(q->ipqe_ip->ip_off);
 		if (i < ntohs(q->ipqe_ip->ip_len)) {
 			q->ipqe_ip->ip_len =
 			    htons(ntohs(q->ipqe_ip->ip_len) - i);
 			q->ipqe_ip->ip_off =
 			    htons(ntohs(q->ipqe_ip->ip_off) + i);
 			m_adj(q->ipqe_m, i);
 			break;
+		}
 		nq = TAILQ_NEXT(q, ipqe_q);
 		m_freem(q->ipqe_m);
 		TAILQ_REMOVE(&fp->ipq_fragq, q, ipqe_q);
 		s = splvm();
 		pool_put(&ipqent_pool, q);
 		splx(s);
 		fp->ipq_nfrags--;
 		ip_nfrags--;
+	}
 insert:
 	/*
 	 * Stick new segment in its place;
 	 * check for complete reassembly.
 	 */
 	if (p == NULL) {
 		TAILQ_INSERT_HEAD(&fp->ipq_fragq, ipqe, ipqe_q);
 	} else {
 		TAILQ_INSERT_AFTER(&fp->ipq_fragq, p, ipqe, ipqe_q);
+	}
 	next = 0;
 	for (p = NULL, q = TAILQ_FIRST(&fp->ipq_fragq); q != NULL;
 	    p = q, q = TAILQ_NEXT(q, ipqe_q)) {
 		if (ntohs(q->ipqe_ip->ip_off) != next)
 			return (0);
 		next += ntohs(q->ipqe_ip->ip_len);
+	}
 	if (p->ipqe_mff)
 		return (0);
 	/*
 	 * Reassembly is complete.  Check for a bogus message size and
 	 * concatenate fragments.
 	 */
 	q = TAILQ_FIRST(&fp->ipq_fragq);
 	ip = q->ipqe_ip;
 	if ((next + (ip->ip_hl << 2)) > IP_MAXPACKET) {
 		IP_STATINC(IP_STAT_TOOLONG);
 		ip_freef(fp);
 		return (0);
+	}
 	m = q->ipqe_m;
 	t = m->m_next;
 	m->m_next = 0;
 	m_cat(m, t);
 	nq = TAILQ_NEXT(q, ipqe_q);
 	s = splvm();
 	pool_put(&ipqent_pool, q);
 	splx(s);
 	for (q = nq; q != NULL; q = nq) {
 		t = q->ipqe_m;
 		nq = TAILQ_NEXT(q, ipqe_q);
 		s = splvm();
 		pool_put(&ipqent_pool, q);
 		splx(s);
 		m_cat(m, t);
+	}
 	ip_nfrags -= fp->ipq_nfrags;
 	/*
 	 * Create header for new ip packet by
 	 * modifying header of first packet;
 	 * dequeue and discard fragment reassembly header.
 	 * Make header visible.
 	 */
 	ip->ip_len = htons(next);
 	ip->ip_src = fp->ipq_src;
 	ip->ip_dst = fp->ipq_dst;
 	LIST_REMOVE(fp, ipq_q);
 	FREE(fp, M_FTABLE);
 	ip_nfragpackets--;
 	m->m_len += (ip->ip_hl << 2);
 	m->m_data -= (ip->ip_hl << 2);
 	/* some debugging cruft by sklower, below, will go away soon */
 	if (m->m_flags & M_PKTHDR) { /* XXX this should be done elsewhere */
 		int plen = 0;
 		for (t = m; t; t = t->m_next)
 			plen += t->m_len;
 		m->m_pkthdr.len = plen;
 		m->m_pkthdr.csum_flags = 0;
+	}
 	return (m);
 dropfrag:
 	if (fp != 0)
 		fp->ipq_nfrags--;
 	ip_nfrags--;
 	IP_STATINC(IP_STAT_FRAGDROPPED);
 	m_freem(m);
 	s = splvm();
 	pool_put(&ipqent_pool, ipqe);
 	splx(s);
 	return (0);
+}
 /*
  * Free a fragment reassembly header and all
  * associated datagrams.
  */
 void
 ip_freef(struct ipq *fp)
+{
 	struct ipqent *q, *p;
 	u_int nfrags = 0;
 	int s;
 	IPQ_LOCK_CHECK();
 	for (q = TAILQ_FIRST(&fp->ipq_fragq); q != NULL; q = p) {
 		p = TAILQ_NEXT(q, ipqe_q);
 		m_freem(q->ipqe_m);
 		nfrags++;
 		TAILQ_REMOVE(&fp->ipq_fragq, q, ipqe_q);
 		s = splvm();
 		pool_put(&ipqent_pool, q);
 		splx(s);
+	}
 	if (nfrags != fp->ipq_nfrags)
 	    printf("ip_freef: nfrags %d != %d\n", fp->ipq_nfrags, nfrags);
 	ip_nfrags -= nfrags;
 	LIST_REMOVE(fp, ipq_q);
 	FREE(fp, M_FTABLE);
 	ip_nfragpackets--;
+}
 /*
  * IP reassembly TTL machinery for  multiplicative drop.
  */
 static u_int	fragttl_histo[(IPFRAGTTL+1)];
 /*
  * Decrement TTL of all reasembly queue entries by `ticks'.
  * Count number of distinct fragments (as opposed to partial, fragmented
  * datagrams) in the reassembly queue.  While we  traverse the entire
  * reassembly queue, compute and return the median TTL over all fragments.
  */
 static u_int
 ip_reass_ttl_decr(u_int ticks)
+{
 	u_int nfrags, median, dropfraction, keepfraction;
 	struct ipq *fp, *nfp;
 	int i;
 	nfrags = 0;
 	memset(fragttl_histo, 0, sizeof fragttl_histo);
 	for (i = 0; i < IPREASS_NHASH; i++) {
 		for (fp = LIST_FIRST(&ipq[i]); fp != NULL; fp = nfp) {
 			fp->ipq_ttl = ((fp->ipq_ttl  <= ticks) ?
 : fp->ipq_ttl - ticks);
 			nfp = LIST_NEXT(fp, ipq_q);
 			if (fp->ipq_ttl == 0) {
 				IP_STATINC(IP_STAT_FRAGTIMEOUT);
 				ip_freef(fp);
 			} else {
 				nfrags += fp->ipq_nfrags;
 				fragttl_histo[fp->ipq_ttl] += fp->ipq_nfrags;
+			}
+		}
+	}
 	KASSERT(ip_nfrags == nfrags);
 	/* Find median (or other drop fraction) in histogram. */
 	dropfraction = (ip_nfrags / 2);
 	keepfraction = ip_nfrags - dropfraction;
 	for (i = IPFRAGTTL, median = 0; i >= 0; i--) {
 		median +=  fragttl_histo[i];
 		if (median >= keepfraction)
 			break;
+	}
 	/* Return TTL of median (or other fraction). */
 	return (u_int)i;
+}
 void
 ip_reass_drophalf(void)
+{
 	u_int median_ticks;
 	/*
 	 * Compute median TTL of all fragments, and count frags
 	 * with that TTL or lower (roughly half of all fragments).
 	 */
 	median_ticks = ip_reass_ttl_decr(0);
 	/* Drop half. */
 	median_ticks = ip_reass_ttl_decr(median_ticks);
+}
 /*
  * IP timer processing;
  * if a timer expires on a reassembly
  * queue, discard it.
  */
 void
 ip_slowtimo(void)
+{
 	static u_int dropscanidx = 0;
 	u_int i;
 	u_int median_ttl;
 	mutex_enter(softnet_lock);
 	KERNEL_LOCK(1, NULL);
 	IPQ_LOCK();
 	/* Age TTL of all fragments by 1 tick .*/
 	median_ttl = ip_reass_ttl_decr(1);
 	/* make sure fragment limit is up-to-date */
 	CHECK_NMBCLUSTER_PARAMS();
 	/* If we have too many fragments, drop the older half. */
 	if (ip_nfrags > ip_maxfrags)
 		ip_reass_ttl_decr(median_ttl);
 	/*
 	 * If we are over the maximum number of fragmented packets
 	 * (due to the limit being lowered), drain off
 	 * enough to get down to the new limit. Start draining
 	 * from the reassembly hashqueue most recently drained.
 	 */
 	if (ip_maxfragpackets < 0)
+		;
 	else {
 		int wrapped = 0;
 		i = dropscanidx;
 		while (ip_nfragpackets > ip_maxfragpackets && wrapped == 0) {
 			while (LIST_FIRST(&ipq[i]) != NULL)
 				ip_freef(LIST_FIRST(&ipq[i]));
 			if (++i >= IPREASS_NHASH) {
 				i = 0;
+			}
 			/*
 			 * Dont scan forever even if fragment counters are
 			 * wrong: stop after scanning entire reassembly queue.
 			 */
 			if (i == dropscanidx)
 			    wrapped = 1;
+		}
 		dropscanidx = i;
+	}
 	IPQ_UNLOCK();
 	KERNEL_UNLOCK_ONE(NULL);
 	mutex_exit(softnet_lock);
+}
 /*
  * Drain off all datagram fragments.  Don't acquire softnet_lock as
  * can be called from hardware interrupt context.
  */
 void
 ip_drain(void)
+{
 	KERNEL_LOCK(1, NULL);
 	/*
 	 * We may be called from a device's interrupt context.  If
 	 * the ipq is already busy, just bail out now.
 	 */
 	if (ipq_lock_try() != 0) {
 		/*
 		 * Drop half the total fragments now. If more mbufs are
 		 * needed, we will be called again soon.
 		 */
 		ip_reass_drophalf();
 		IPQ_UNLOCK();
+	}
 	KERNEL_UNLOCK_ONE(NULL);
+}
 /*
  * Do option processing on a datagram,
  * possibly discarding it if bad options are encountered,
  * or forwarding it if source-routed.
  * Returns 1 if packet has been forwarded/freed,
  * 0 if the packet should be processed further.
  */
 int