Pull up revisions: src/share/man/man7/sysctl.7 revision 1.73 via patch src/sys/netinet6/icmp6.c revision 1.161 via patch src/sys/netinet6/in6.c revision 1.161 via patch src/sys/netinet6/in6_proto.c revision 1.97 via patch src/sys/netinet6/in6_var.h revision 1.65 via patch src/sys/netinet6/ip6_input.c revision 1.139 via patch src/sys/netinet6/ip6_var.h revision 1.59 via patch src/sys/netinet6/nd6.c revision 1.143 via patch src/sys/netinet6/nd6.h revision 1.57 via patch src/sys/netinet6/nd6_rtr.c revision 1.83 via patch (requested by christos in ticket #905). Patch by Loganaden Velvindron. 4 new sysctls to avoid ipv6 DoS attacks from OpenBSDdiff -r1.68 -r1.68.6.1 src/share/man/man7/sysctl.7
(jdc)
--- src/share/man/man7/sysctl.7 2011/11/03 00:29:00 1.68
+++ src/share/man/man7/sysctl.7 2013/07/08 07:40:34 1.68.6.1
--- src/sys/netinet6/icmp6.c 2011/12/31 20:41:59 1.159
+++ src/sys/netinet6/icmp6.c 2013/07/08 07:40:34 1.159.6.1
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: icmp6.c,v 1.159 2011/12/31 20:41:59 christos Exp $ */ | 1 | /* $NetBSD: icmp6.c,v 1.159.6.1 2013/07/08 07:40:34 jdc Exp $ */ | |
2 | /* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */ | 2 | /* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -52,27 +52,27 @@ | @@ -52,27 +52,27 @@ | |||
52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
59 | * SUCH DAMAGE. | 59 | * SUCH DAMAGE. | |
60 | * | 60 | * | |
61 | * @(#)ip_icmp.c 8.2 (Berkeley) 1/4/94 | 61 | * @(#)ip_icmp.c 8.2 (Berkeley) 1/4/94 | |
62 | */ | 62 | */ | |
63 | 63 | |||
64 | #include <sys/cdefs.h> | 64 | #include <sys/cdefs.h> | |
65 | __KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.159 2011/12/31 20:41:59 christos Exp $"); | 65 | __KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.159.6.1 2013/07/08 07:40:34 jdc Exp $"); | |
66 | 66 | |||
67 | #include "opt_inet.h" | 67 | #include "opt_inet.h" | |
68 | #include "opt_ipsec.h" | 68 | #include "opt_ipsec.h" | |
69 | 69 | |||
70 | #include <sys/param.h> | 70 | #include <sys/param.h> | |
71 | #include <sys/systm.h> | 71 | #include <sys/systm.h> | |
72 | #include <sys/malloc.h> | 72 | #include <sys/malloc.h> | |
73 | #include <sys/mbuf.h> | 73 | #include <sys/mbuf.h> | |
74 | #include <sys/protosw.h> | 74 | #include <sys/protosw.h> | |
75 | #include <sys/socket.h> | 75 | #include <sys/socket.h> | |
76 | #include <sys/socketvar.h> | 76 | #include <sys/socketvar.h> | |
77 | #include <sys/time.h> | 77 | #include <sys/time.h> | |
78 | #include <sys/kernel.h> | 78 | #include <sys/kernel.h> | |
@@ -2274,26 +2274,28 @@ icmp6_redirect_input(struct mbuf *m, int | @@ -2274,26 +2274,28 @@ icmp6_redirect_input(struct mbuf *m, int | |||
2274 | struct sockaddr_in6 sdst; | 2274 | struct sockaddr_in6 sdst; | |
2275 | struct sockaddr_in6 sgw; | 2275 | struct sockaddr_in6 sgw; | |
2276 | struct sockaddr_in6 ssrc; | 2276 | struct sockaddr_in6 ssrc; | |
2277 | unsigned long rtcount; | 2277 | unsigned long rtcount; | |
2278 | struct rtentry *newrt = NULL; | 2278 | struct rtentry *newrt = NULL; | |
2279 | 2279 | |||
2280 | /* | 2280 | /* | |
2281 | * do not install redirect route, if the number of entries | 2281 | * do not install redirect route, if the number of entries | |
2282 | * is too much (> hiwat). note that, the node (= host) will | 2282 | * is too much (> hiwat). note that, the node (= host) will | |
2283 | * work just fine even if we do not install redirect route | 2283 | * work just fine even if we do not install redirect route | |
2284 | * (there will be additional hops, though). | 2284 | * (there will be additional hops, though). | |
2285 | */ | 2285 | */ | |
2286 | rtcount = rt_timer_count(icmp6_redirect_timeout_q); | 2286 | rtcount = rt_timer_count(icmp6_redirect_timeout_q); | |
2287 | if (0 <= ip6_maxdynroutes && rtcount >= ip6_maxdynroutes) | |||
2288 | goto freeit; | |||
2287 | if (0 <= icmp6_redirect_hiwat && rtcount > icmp6_redirect_hiwat) | 2289 | if (0 <= icmp6_redirect_hiwat && rtcount > icmp6_redirect_hiwat) | |
2288 | return; | 2290 | return; | |
2289 | else if (0 <= icmp6_redirect_lowat && | 2291 | else if (0 <= icmp6_redirect_lowat && | |
2290 | rtcount > icmp6_redirect_lowat) { | 2292 | rtcount > icmp6_redirect_lowat) { | |
2291 | /* | 2293 | /* | |
2292 | * XXX nuke a victim, install the new one. | 2294 | * XXX nuke a victim, install the new one. | |
2293 | */ | 2295 | */ | |
2294 | } | 2296 | } | |
2295 | 2297 | |||
2296 | memset(&sdst, 0, sizeof(sdst)); | 2298 | memset(&sdst, 0, sizeof(sdst)); | |
2297 | memset(&sgw, 0, sizeof(sgw)); | 2299 | memset(&sgw, 0, sizeof(sgw)); | |
2298 | memset(&ssrc, 0, sizeof(ssrc)); | 2300 | memset(&ssrc, 0, sizeof(ssrc)); | |
2299 | sdst.sin6_family = sgw.sin6_family = ssrc.sin6_family = AF_INET6; | 2301 | sdst.sin6_family = sgw.sin6_family = ssrc.sin6_family = AF_INET6; |
--- src/sys/netinet6/in6.c 2011/11/19 22:51:26 1.159
+++ src/sys/netinet6/in6.c 2013/07/08 07:40:34 1.159.8.1
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: in6.c,v 1.159 2011/11/19 22:51:26 tls Exp $ */ | 1 | /* $NetBSD: in6.c,v 1.159.8.1 2013/07/08 07:40:34 jdc Exp $ */ | |
2 | /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ | 2 | /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -52,27 +52,27 @@ | @@ -52,27 +52,27 @@ | |||
52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
59 | * SUCH DAMAGE. | 59 | * SUCH DAMAGE. | |
60 | * | 60 | * | |
61 | * @(#)in.c 8.2 (Berkeley) 11/15/93 | 61 | * @(#)in.c 8.2 (Berkeley) 11/15/93 | |
62 | */ | 62 | */ | |
63 | 63 | |||
64 | #include <sys/cdefs.h> | 64 | #include <sys/cdefs.h> | |
65 | __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.159 2011/11/19 22:51:26 tls Exp $"); | 65 | __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.159.8.1 2013/07/08 07:40:34 jdc Exp $"); | |
66 | 66 | |||
67 | #include "opt_inet.h" | 67 | #include "opt_inet.h" | |
68 | #include "opt_pfil_hooks.h" | 68 | #include "opt_pfil_hooks.h" | |
69 | #include "opt_compat_netbsd.h" | 69 | #include "opt_compat_netbsd.h" | |
70 | 70 | |||
71 | #include <sys/param.h> | 71 | #include <sys/param.h> | |
72 | #include <sys/ioctl.h> | 72 | #include <sys/ioctl.h> | |
73 | #include <sys/errno.h> | 73 | #include <sys/errno.h> | |
74 | #include <sys/malloc.h> | 74 | #include <sys/malloc.h> | |
75 | #include <sys/socket.h> | 75 | #include <sys/socket.h> | |
76 | #include <sys/socketvar.h> | 76 | #include <sys/socketvar.h> | |
77 | #include <sys/sockio.h> | 77 | #include <sys/sockio.h> | |
78 | #include <sys/systm.h> | 78 | #include <sys/systm.h> | |
@@ -2271,26 +2271,28 @@ in6_domifattach(struct ifnet *ifp) | @@ -2271,26 +2271,28 @@ in6_domifattach(struct ifnet *ifp) | |||
2271 | { | 2271 | { | |
2272 | struct in6_ifextra *ext; | 2272 | struct in6_ifextra *ext; | |
2273 | 2273 | |||
2274 | ext = malloc(sizeof(*ext), M_IFADDR, M_WAITOK|M_ZERO); | 2274 | ext = malloc(sizeof(*ext), M_IFADDR, M_WAITOK|M_ZERO); | |
2275 | 2275 | |||
2276 | ext->in6_ifstat = malloc(sizeof(struct in6_ifstat), | 2276 | ext->in6_ifstat = malloc(sizeof(struct in6_ifstat), | |
2277 | M_IFADDR, M_WAITOK|M_ZERO); | 2277 | M_IFADDR, M_WAITOK|M_ZERO); | |
2278 | 2278 | |||
2279 | ext->icmp6_ifstat = malloc(sizeof(struct icmp6_ifstat), | 2279 | ext->icmp6_ifstat = malloc(sizeof(struct icmp6_ifstat), | |
2280 | M_IFADDR, M_WAITOK|M_ZERO); | 2280 | M_IFADDR, M_WAITOK|M_ZERO); | |
2281 | 2281 | |||
2282 | ext->nd_ifinfo = nd6_ifattach(ifp); | 2282 | ext->nd_ifinfo = nd6_ifattach(ifp); | |
2283 | ext->scope6_id = scope6_ifattach(ifp); | 2283 | ext->scope6_id = scope6_ifattach(ifp); | |
2284 | ext->nprefixes = 0; | |||
2285 | ext->ndefrouters = 0; | |||
2284 | return ext; | 2286 | return ext; | |
2285 | } | 2287 | } | |
2286 | 2288 | |||
2287 | void | 2289 | void | |
2288 | in6_domifdetach(struct ifnet *ifp, void *aux) | 2290 | in6_domifdetach(struct ifnet *ifp, void *aux) | |
2289 | { | 2291 | { | |
2290 | struct in6_ifextra *ext = (struct in6_ifextra *)aux; | 2292 | struct in6_ifextra *ext = (struct in6_ifextra *)aux; | |
2291 | 2293 | |||
2292 | nd6_ifdetach(ext->nd_ifinfo); | 2294 | nd6_ifdetach(ext->nd_ifinfo); | |
2293 | free(ext->in6_ifstat, M_IFADDR); | 2295 | free(ext->in6_ifstat, M_IFADDR); | |
2294 | free(ext->icmp6_ifstat, M_IFADDR); | 2296 | free(ext->icmp6_ifstat, M_IFADDR); | |
2295 | scope6_ifdetach(ext->scope6_id); | 2297 | scope6_ifdetach(ext->scope6_id); | |
2296 | free(ext, M_IFADDR); | 2298 | free(ext, M_IFADDR); |
--- src/sys/netinet6/in6_proto.c 2011/12/31 20:41:59 1.95
+++ src/sys/netinet6/in6_proto.c 2013/07/08 07:40:34 1.95.6.1
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: in6_proto.c,v 1.95 2011/12/31 20:41:59 christos Exp $ */ | 1 | /* $NetBSD: in6_proto.c,v 1.95.6.1 2013/07/08 07:40:34 jdc Exp $ */ | |
2 | /* $KAME: in6_proto.c,v 1.66 2000/10/10 15:35:47 itojun Exp $ */ | 2 | /* $KAME: in6_proto.c,v 1.66 2000/10/10 15:35:47 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -52,27 +52,27 @@ | @@ -52,27 +52,27 @@ | |||
52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
59 | * SUCH DAMAGE. | 59 | * SUCH DAMAGE. | |
60 | * | 60 | * | |
61 | * @(#)in_proto.c 8.1 (Berkeley) 6/10/93 | 61 | * @(#)in_proto.c 8.1 (Berkeley) 6/10/93 | |
62 | */ | 62 | */ | |
63 | 63 | |||
64 | #include <sys/cdefs.h> | 64 | #include <sys/cdefs.h> | |
65 | __KERNEL_RCSID(0, "$NetBSD: in6_proto.c,v 1.95 2011/12/31 20:41:59 christos Exp $"); | 65 | __KERNEL_RCSID(0, "$NetBSD: in6_proto.c,v 1.95.6.1 2013/07/08 07:40:34 jdc Exp $"); | |
66 | 66 | |||
67 | #include "opt_gateway.h" | 67 | #include "opt_gateway.h" | |
68 | #include "opt_inet.h" | 68 | #include "opt_inet.h" | |
69 | #include "opt_ipsec.h" | 69 | #include "opt_ipsec.h" | |
70 | #include "opt_iso.h" | 70 | #include "opt_iso.h" | |
71 | 71 | |||
72 | #include <sys/param.h> | 72 | #include <sys/param.h> | |
73 | #include <sys/socket.h> | 73 | #include <sys/socket.h> | |
74 | #include <sys/protosw.h> | 74 | #include <sys/protosw.h> | |
75 | #include <sys/kernel.h> | 75 | #include <sys/kernel.h> | |
76 | #include <sys/domain.h> | 76 | #include <sys/domain.h> | |
77 | #include <sys/mbuf.h> | 77 | #include <sys/mbuf.h> | |
78 | 78 | |||
@@ -465,26 +465,30 @@ int ip6_defhlim = IPV6_DEFHLIM; | @@ -465,26 +465,30 @@ int ip6_defhlim = IPV6_DEFHLIM; | |||
465 | int ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS; | 465 | int ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS; | |
466 | int ip6_accept_rtadv = 0; /* "IPV6FORWARDING ? 0 : 1" is dangerous */ | 466 | int ip6_accept_rtadv = 0; /* "IPV6FORWARDING ? 0 : 1" is dangerous */ | |
467 | int ip6_maxfragpackets = 200; | 467 | int ip6_maxfragpackets = 200; | |
468 | int ip6_maxfrags = 200; | 468 | int ip6_maxfrags = 200; | |
469 | int ip6_log_interval = 5; | 469 | int ip6_log_interval = 5; | |
470 | int ip6_hdrnestlimit = 50; /* appropriate? */ | 470 | int ip6_hdrnestlimit = 50; /* appropriate? */ | |
471 | int ip6_dad_count = 1; /* DupAddrDetectionTransmits */ | 471 | int ip6_dad_count = 1; /* DupAddrDetectionTransmits */ | |
472 | int ip6_auto_flowlabel = 1; | 472 | int ip6_auto_flowlabel = 1; | |
473 | int ip6_use_deprecated = 1; /* allow deprecated addr (RFC2462 5.5.4) */ | 473 | int ip6_use_deprecated = 1; /* allow deprecated addr (RFC2462 5.5.4) */ | |
474 | int ip6_rr_prune = 5; /* router renumbering prefix | 474 | int ip6_rr_prune = 5; /* router renumbering prefix | |
475 | * walk list every 5 sec. */ | 475 | * walk list every 5 sec. */ | |
476 | int ip6_mcast_pmtu = 0; /* enable pMTU discovery for multicast? */ | 476 | int ip6_mcast_pmtu = 0; /* enable pMTU discovery for multicast? */ | |
477 | int ip6_v6only = 1; | 477 | int ip6_v6only = 1; | |
478 | int ip6_neighborgcthresh = 2048; /* Threshold # of NDP entries for GC */ | |||
479 | int ip6_maxifprefixes = 16; /* Max acceptable prefixes via RA per IF */ | |||
480 | int ip6_maxifdefrouters = 16; /* Max acceptable def routers via RA */ | |||
481 | int ip6_maxdynroutes = 4096; /* Max # of routes created via redirect */ | |||
478 | 482 | |||
479 | int ip6_keepfaith = 0; | 483 | int ip6_keepfaith = 0; | |
480 | time_t ip6_log_time = 0; | 484 | time_t ip6_log_time = 0; | |
481 | int ip6_rtadv_maxroutes = 100; /* (arbitrary) initial maximum number of | 485 | int ip6_rtadv_maxroutes = 100; /* (arbitrary) initial maximum number of | |
482 | * routes via rtadv expected to be | 486 | * routes via rtadv expected to be | |
483 | * significantly larger than common use. | 487 | * significantly larger than common use. | |
484 | * if you need to count: 3 extra initial | 488 | * if you need to count: 3 extra initial | |
485 | * routes, plus 1 per interface after the | 489 | * routes, plus 1 per interface after the | |
486 | * first one, then one per non-linklocal | 490 | * first one, then one per non-linklocal | |
487 | * prefix */ | 491 | * prefix */ | |
488 | 492 | |||
489 | /* icmp6 */ | 493 | /* icmp6 */ | |
490 | /* | 494 | /* |
--- src/sys/netinet6/in6_var.h 2009/01/15 23:22:15 1.64
+++ src/sys/netinet6/in6_var.h 2013/07/08 07:40:34 1.64.24.1
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: in6_var.h,v 1.64 2009/01/15 23:22:15 christos Exp $ */ | 1 | /* $NetBSD: in6_var.h,v 1.64.24.1 2013/07/08 07:40:34 jdc Exp $ */ | |
2 | /* $KAME: in6_var.h,v 1.81 2002/06/08 11:16:51 itojun Exp $ */ | 2 | /* $KAME: in6_var.h,v 1.81 2002/06/08 11:16:51 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -84,26 +84,28 @@ | @@ -84,26 +84,28 @@ | |||
84 | struct in6_addrlifetime { | 84 | struct in6_addrlifetime { | |
85 | time_t ia6t_expire; /* valid lifetime expiration time */ | 85 | time_t ia6t_expire; /* valid lifetime expiration time */ | |
86 | time_t ia6t_preferred; /* preferred lifetime expiration time */ | 86 | time_t ia6t_preferred; /* preferred lifetime expiration time */ | |
87 | u_int32_t ia6t_vltime; /* valid lifetime */ | 87 | u_int32_t ia6t_vltime; /* valid lifetime */ | |
88 | u_int32_t ia6t_pltime; /* prefix lifetime */ | 88 | u_int32_t ia6t_pltime; /* prefix lifetime */ | |
89 | }; | 89 | }; | |
90 | 90 | |||
91 | struct nd_ifinfo; | 91 | struct nd_ifinfo; | |
92 | struct in6_ifextra { | 92 | struct in6_ifextra { | |
93 | struct in6_ifstat *in6_ifstat; | 93 | struct in6_ifstat *in6_ifstat; | |
94 | struct icmp6_ifstat *icmp6_ifstat; | 94 | struct icmp6_ifstat *icmp6_ifstat; | |
95 | struct nd_ifinfo *nd_ifinfo; | 95 | struct nd_ifinfo *nd_ifinfo; | |
96 | struct scope6_id *scope6_id; | 96 | struct scope6_id *scope6_id; | |
97 | int nprefixes; | |||
98 | int ndefrouters; | |||
97 | }; | 99 | }; | |
98 | 100 | |||
99 | struct in6_ifaddr { | 101 | struct in6_ifaddr { | |
100 | struct ifaddr ia_ifa; /* protocol-independent info */ | 102 | struct ifaddr ia_ifa; /* protocol-independent info */ | |
101 | #define ia_ifp ia_ifa.ifa_ifp | 103 | #define ia_ifp ia_ifa.ifa_ifp | |
102 | #define ia_flags ia_ifa.ifa_flags | 104 | #define ia_flags ia_ifa.ifa_flags | |
103 | struct sockaddr_in6 ia_addr; /* interface address */ | 105 | struct sockaddr_in6 ia_addr; /* interface address */ | |
104 | struct sockaddr_in6 ia_net; /* network number of interface */ | 106 | struct sockaddr_in6 ia_net; /* network number of interface */ | |
105 | struct sockaddr_in6 ia_dstaddr; /* space for destination addr */ | 107 | struct sockaddr_in6 ia_dstaddr; /* space for destination addr */ | |
106 | struct sockaddr_in6 ia_prefixmask; /* prefix mask */ | 108 | struct sockaddr_in6 ia_prefixmask; /* prefix mask */ | |
107 | u_int32_t ia_plen; /* prefix length */ | 109 | u_int32_t ia_plen; /* prefix length */ | |
108 | struct in6_ifaddr *ia_next; /* next in6 list of IP6 addresses */ | 110 | struct in6_ifaddr *ia_next; /* next in6 list of IP6 addresses */ | |
109 | LIST_HEAD(in6_multihead, in6_multi) ia6_multiaddrs; | 111 | LIST_HEAD(in6_multihead, in6_multi) ia6_multiaddrs; |
--- src/sys/netinet6/ip6_input.c 2012/01/10 20:01:56 1.136
+++ src/sys/netinet6/ip6_input.c 2013/07/08 07:40:34 1.136.6.1
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: ip6_input.c,v 1.136 2012/01/10 20:01:56 drochner Exp $ */ | 1 | /* $NetBSD: ip6_input.c,v 1.136.6.1 2013/07/08 07:40:34 jdc Exp $ */ | |
2 | /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ | 2 | /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -52,27 +52,27 @@ | @@ -52,27 +52,27 @@ | |||
52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
59 | * SUCH DAMAGE. | 59 | * SUCH DAMAGE. | |
60 | * | 60 | * | |
61 | * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 | 61 | * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 | |
62 | */ | 62 | */ | |
63 | 63 | |||
64 | #include <sys/cdefs.h> | 64 | #include <sys/cdefs.h> | |
65 | __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.136 2012/01/10 20:01:56 drochner Exp $"); | 65 | __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.136.6.1 2013/07/08 07:40:34 jdc Exp $"); | |
66 | 66 | |||
67 | #include "opt_gateway.h" | 67 | #include "opt_gateway.h" | |
68 | #include "opt_inet.h" | 68 | #include "opt_inet.h" | |
69 | #include "opt_inet6.h" | 69 | #include "opt_inet6.h" | |
70 | #include "opt_ipsec.h" | 70 | #include "opt_ipsec.h" | |
71 | #include "opt_pfil_hooks.h" | 71 | #include "opt_pfil_hooks.h" | |
72 | #include "opt_compat_netbsd.h" | 72 | #include "opt_compat_netbsd.h" | |
73 | 73 | |||
74 | #include <sys/param.h> | 74 | #include <sys/param.h> | |
75 | #include <sys/systm.h> | 75 | #include <sys/systm.h> | |
76 | #include <sys/malloc.h> | 76 | #include <sys/malloc.h> | |
77 | #include <sys/mbuf.h> | 77 | #include <sys/mbuf.h> | |
78 | #include <sys/domain.h> | 78 | #include <sys/domain.h> | |
@@ -1979,22 +1979,54 @@ sysctl_net_inet6_ip6_setup(struct sysctl | @@ -1979,22 +1979,54 @@ sysctl_net_inet6_ip6_setup(struct sysctl | |||
1979 | CTLTYPE_INT, "maxflows", | 1979 | CTLTYPE_INT, "maxflows", | |
1980 | SYSCTL_DESCR("Number of flows for fast forwarding (IPv6)"), | 1980 | SYSCTL_DESCR("Number of flows for fast forwarding (IPv6)"), | |
1981 | sysctl_net_inet6_ip6_maxflows, 0, &ip6_maxflows, 0, | 1981 | sysctl_net_inet6_ip6_maxflows, 0, &ip6_maxflows, 0, | |
1982 | CTL_NET, PF_INET6, IPPROTO_IPV6, | 1982 | CTL_NET, PF_INET6, IPPROTO_IPV6, | |
1983 | CTL_CREATE, CTL_EOL); | 1983 | CTL_CREATE, CTL_EOL); | |
1984 | sysctl_createv(clog, 0, NULL, NULL, | 1984 | sysctl_createv(clog, 0, NULL, NULL, | |
1985 | CTLFLAG_PERMANENT|CTLFLAG_READWRITE, | 1985 | CTLFLAG_PERMANENT|CTLFLAG_READWRITE, | |
1986 | CTLTYPE_INT, "hashsize", | 1986 | CTLTYPE_INT, "hashsize", | |
1987 | SYSCTL_DESCR("Size of hash table for fast forwarding (IPv6)"), | 1987 | SYSCTL_DESCR("Size of hash table for fast forwarding (IPv6)"), | |
1988 | sysctl_net_inet6_ip6_hashsize, 0, &ip6_hashsize, 0, | 1988 | sysctl_net_inet6_ip6_hashsize, 0, &ip6_hashsize, 0, | |
1989 | CTL_NET, PF_INET6, IPPROTO_IPV6, | 1989 | CTL_NET, PF_INET6, IPPROTO_IPV6, | |
1990 | CTL_CREATE, CTL_EOL); | 1990 | CTL_CREATE, CTL_EOL); | |
1991 | #endif | 1991 | #endif | |
1992 | sysctl_createv(clog, 0, NULL, NULL, | |||
1993 | CTLFLAG_PERMANENT|CTLFLAG_READWRITE, | |||
1994 | CTLTYPE_INT, "neighborgcthresh", | |||
1995 | SYSCTL_DESCR("Maximum number of entries in neighbor" | |||
1996 | " cache"), | |||
1997 | NULL, 1, &ip6_neighborgcthresh, 0, | |||
1998 | CTL_NET, PF_INET6, IPPROTO_IPV6, | |||
1999 | CTL_CREATE, CTL_EOL); | |||
2000 | sysctl_createv(clog, 0, NULL, NULL, | |||
2001 | CTLFLAG_PERMANENT|CTLFLAG_READWRITE, | |||
2002 | CTLTYPE_INT, "maxifprefixes", | |||
2003 | SYSCTL_DESCR("Maximum number of prefixes created by" | |||
2004 | " route advertisement per interface"), | |||
2005 | NULL, 1, &ip6_maxifprefixes, 0, | |||
2006 | CTL_NET, PF_INET6, IPPROTO_IPV6, | |||
2007 | CTL_CREATE, CTL_EOL); | |||
2008 | sysctl_createv(clog, 0, NULL, NULL, | |||
2009 | CTLFLAG_PERMANENT|CTLFLAG_READWRITE, | |||
2010 | CTLTYPE_INT, "maxifdefrouters", | |||
2011 | SYSCTL_DESCR("Maximum number of default routers created" | |||
2012 | " by route advertisement per interface"), | |||
2013 | NULL, 1, &ip6_maxifdefrouters, 0, | |||
2014 | CTL_NET, PF_INET6, IPPROTO_IPV6, | |||
2015 | CTL_CREATE, CTL_EOL); | |||
2016 | sysctl_createv(clog, 0, NULL, NULL, | |||
2017 | CTLFLAG_PERMANENT|CTLFLAG_READWRITE, | |||
2018 | CTLTYPE_INT, "maxdynroutes", | |||
2019 | SYSCTL_DESCR("Maximum number of routes created via" | |||
2020 | " redirect"), | |||
2021 | NULL, 1, &ip6_maxdynroutes, 0, | |||
2022 | CTL_NET, PF_INET6, IPPROTO_IPV6, | |||
2023 | CTL_CREATE, CTL_EOL); | |||
1992 | } | 2024 | } | |
1993 | 2025 | |||
1994 | void | 2026 | void | |
1995 | ip6_statinc(u_int stat) | 2027 | ip6_statinc(u_int stat) | |
1996 | { | 2028 | { | |
1997 | 2029 | |||
1998 | KASSERT(stat < IP6_NSTATS); | 2030 | KASSERT(stat < IP6_NSTATS); | |
1999 | IP6_STATINC(stat); | 2031 | IP6_STATINC(stat); | |
2000 | } | 2032 | } |
--- src/sys/netinet6/ip6_var.h 2012/01/19 13:19:34 1.58
+++ src/sys/netinet6/ip6_var.h 2013/07/08 07:40:34 1.58.6.1
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: ip6_var.h,v 1.58 2012/01/19 13:19:34 liamjfoy Exp $ */ | 1 | /* $NetBSD: ip6_var.h,v 1.58.6.1 2013/07/08 07:40:34 jdc Exp $ */ | |
2 | /* $KAME: ip6_var.h,v 1.33 2000/06/11 14:59:20 jinmei Exp $ */ | 2 | /* $KAME: ip6_var.h,v 1.33 2000/06/11 14:59:20 jinmei Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -262,26 +262,30 @@ struct ip6aux { | @@ -262,26 +262,30 @@ struct ip6aux { | |||
262 | #define IPV6_MINMTU 0x04 /* use minimum MTU (IPV6_USE_MIN_MTU) */ | 262 | #define IPV6_MINMTU 0x04 /* use minimum MTU (IPV6_USE_MIN_MTU) */ | |
263 | 263 | |||
264 | extern u_int32_t ip6_id; /* fragment identifier */ | 264 | extern u_int32_t ip6_id; /* fragment identifier */ | |
265 | extern int ip6_defhlim; /* default hop limit */ | 265 | extern int ip6_defhlim; /* default hop limit */ | |
266 | extern int ip6_defmcasthlim; /* default multicast hop limit */ | 266 | extern int ip6_defmcasthlim; /* default multicast hop limit */ | |
267 | extern int ip6_forwarding; /* act as router? */ | 267 | extern int ip6_forwarding; /* act as router? */ | |
268 | extern int ip6_sendredirect; /* send ICMPv6 redirect? */ | 268 | extern int ip6_sendredirect; /* send ICMPv6 redirect? */ | |
269 | extern int ip6_forward_srcrt; /* forward src-routed? */ | 269 | extern int ip6_forward_srcrt; /* forward src-routed? */ | |
270 | extern int ip6_use_deprecated; /* allow deprecated addr as source */ | 270 | extern int ip6_use_deprecated; /* allow deprecated addr as source */ | |
271 | extern int ip6_rr_prune; /* router renumbering prefix | 271 | extern int ip6_rr_prune; /* router renumbering prefix | |
272 | * walk list every 5 sec. */ | 272 | * walk list every 5 sec. */ | |
273 | extern int ip6_mcast_pmtu; /* enable pMTU discovery for multicast? */ | 273 | extern int ip6_mcast_pmtu; /* enable pMTU discovery for multicast? */ | |
274 | extern int ip6_v6only; | 274 | extern int ip6_v6only; | |
275 | extern int ip6_neighborgcthresh; /* Threshold # of NDP entries for GC */ | |||
276 | extern int ip6_maxifprefixes; /* Max acceptable prefixes via RA per IF */ | |||
277 | extern int ip6_maxifdefrouters; /* Max acceptable def routers via RA */ | |||
278 | extern int ip6_maxdynroutes; /* Max # of routes created via redirect */ | |||
275 | 279 | |||
276 | extern struct socket *ip6_mrouter; /* multicast routing daemon */ | 280 | extern struct socket *ip6_mrouter; /* multicast routing daemon */ | |
277 | extern int ip6_sendredirects; /* send IP redirects when forwarding? */ | 281 | extern int ip6_sendredirects; /* send IP redirects when forwarding? */ | |
278 | extern int ip6_maxfragpackets; /* Maximum packets in reassembly queue */ | 282 | extern int ip6_maxfragpackets; /* Maximum packets in reassembly queue */ | |
279 | extern int ip6_maxfrags; /* Maximum fragments in reassembly queue */ | 283 | extern int ip6_maxfrags; /* Maximum fragments in reassembly queue */ | |
280 | extern int ip6_sourcecheck; /* Verify source interface */ | 284 | extern int ip6_sourcecheck; /* Verify source interface */ | |
281 | extern int ip6_sourcecheck_interval; /* Interval between log messages */ | 285 | extern int ip6_sourcecheck_interval; /* Interval between log messages */ | |
282 | extern int ip6_accept_rtadv; /* Acts as a host not a router */ | 286 | extern int ip6_accept_rtadv; /* Acts as a host not a router */ | |
283 | extern int ip6_rtadv_maxroutes; /* maximum number of routes via rtadv */ | 287 | extern int ip6_rtadv_maxroutes; /* maximum number of routes via rtadv */ | |
284 | extern int ip6_keepfaith; /* Firewall Aided Internet Translator */ | 288 | extern int ip6_keepfaith; /* Firewall Aided Internet Translator */ | |
285 | extern int ip6_log_interval; | 289 | extern int ip6_log_interval; | |
286 | extern time_t ip6_log_time; | 290 | extern time_t ip6_log_time; | |
287 | extern int ip6_hdrnestlimit; /* upper limit of # of extension headers */ | 291 | extern int ip6_hdrnestlimit; /* upper limit of # of extension headers */ |
--- src/sys/netinet6/nd6.c 2012/02/03 03:32:45 1.141
+++ src/sys/netinet6/nd6.c 2013/07/08 07:40:34 1.141.6.1
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: nd6.c,v 1.141 2012/02/03 03:32:45 christos Exp $ */ | 1 | /* $NetBSD: nd6.c,v 1.141.6.1 2013/07/08 07:40:34 jdc Exp $ */ | |
2 | /* $KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $ */ | 2 | /* $KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -21,27 +21,27 @@ | @@ -21,27 +21,27 @@ | |||
21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | 23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | |
24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
30 | * SUCH DAMAGE. | 30 | * SUCH DAMAGE. | |
31 | */ | 31 | */ | |
32 | 32 | |||
33 | #include <sys/cdefs.h> | 33 | #include <sys/cdefs.h> | |
34 | __KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.141 2012/02/03 03:32:45 christos Exp $"); | 34 | __KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.141.6.1 2013/07/08 07:40:34 jdc Exp $"); | |
35 | 35 | |||
36 | #include "opt_ipsec.h" | 36 | #include "opt_ipsec.h" | |
37 | 37 | |||
38 | #include <sys/param.h> | 38 | #include <sys/param.h> | |
39 | #include <sys/systm.h> | 39 | #include <sys/systm.h> | |
40 | #include <sys/callout.h> | 40 | #include <sys/callout.h> | |
41 | #include <sys/malloc.h> | 41 | #include <sys/malloc.h> | |
42 | #include <sys/mbuf.h> | 42 | #include <sys/mbuf.h> | |
43 | #include <sys/socket.h> | 43 | #include <sys/socket.h> | |
44 | #include <sys/socketvar.h> | 44 | #include <sys/socketvar.h> | |
45 | #include <sys/sockio.h> | 45 | #include <sys/sockio.h> | |
46 | #include <sys/time.h> | 46 | #include <sys/time.h> | |
47 | #include <sys/kernel.h> | 47 | #include <sys/kernel.h> | |
@@ -125,26 +125,37 @@ static int regen_tmpaddr(struct in6_ifad | @@ -125,26 +125,37 @@ static int regen_tmpaddr(struct in6_ifad | |||
125 | static struct llinfo_nd6 *nd6_free(struct rtentry *, int); | 125 | static struct llinfo_nd6 *nd6_free(struct rtentry *, int); | |
126 | static void nd6_llinfo_timer(void *); | 126 | static void nd6_llinfo_timer(void *); | |
127 | static void clear_llinfo_pqueue(struct llinfo_nd6 *); | 127 | static void clear_llinfo_pqueue(struct llinfo_nd6 *); | |
128 | 128 | |||
129 | callout_t nd6_slowtimo_ch; | 129 | callout_t nd6_slowtimo_ch; | |
130 | callout_t nd6_timer_ch; | 130 | callout_t nd6_timer_ch; | |
131 | extern callout_t in6_tmpaddrtimer_ch; | 131 | extern callout_t in6_tmpaddrtimer_ch; | |
132 | 132 | |||
133 | static int fill_drlist(void *, size_t *, size_t); | 133 | static int fill_drlist(void *, size_t *, size_t); | |
134 | static int fill_prlist(void *, size_t *, size_t); | 134 | static int fill_prlist(void *, size_t *, size_t); | |
135 | 135 | |||
136 | MALLOC_DEFINE(M_IP6NDP, "NDP", "IPv6 Neighbour Discovery"); | 136 | MALLOC_DEFINE(M_IP6NDP, "NDP", "IPv6 Neighbour Discovery"); | |
137 | 137 | |||
138 | #define LN_DEQUEUE(ln) do { \ | |||
139 | (ln)->ln_next->ln_prev = (ln)->ln_prev; \ | |||
140 | (ln)->ln_prev->ln_next = (ln)->ln_next; \ | |||
141 | } while (/*CONSTCOND*/0) | |||
142 | #define LN_INSERTHEAD(ln) do { \ | |||
143 | (ln)->ln_next = llinfo_nd6.ln_next; \ | |||
144 | llinfo_nd6.ln_next = (ln); \ | |||
145 | (ln)->ln_prev = &llinfo_nd6; \ | |||
146 | (ln)->ln_next->ln_prev = (ln); \ | |||
147 | } while (/*CONSTCOND*/0) | |||
148 | ||||
138 | void | 149 | void | |
139 | nd6_init(void) | 150 | nd6_init(void) | |
140 | { | 151 | { | |
141 | static int nd6_init_done = 0; | 152 | static int nd6_init_done = 0; | |
142 | 153 | |||
143 | if (nd6_init_done) { | 154 | if (nd6_init_done) { | |
144 | log(LOG_NOTICE, "nd6_init called more than once(ignored)\n"); | 155 | log(LOG_NOTICE, "nd6_init called more than once(ignored)\n"); | |
145 | return; | 156 | return; | |
146 | } | 157 | } | |
147 | 158 | |||
148 | /* initialization of the default router list */ | 159 | /* initialization of the default router list */ | |
149 | TAILQ_INIT(&nd_defrouter); | 160 | TAILQ_INIT(&nd_defrouter); | |
150 | 161 | |||
@@ -466,27 +477,27 @@ nd6_llinfo_timer(void *arg) | @@ -466,27 +477,27 @@ nd6_llinfo_timer(void *arg) | |||
466 | ln->ln_hold = m0; | 477 | ln->ln_hold = m0; | |
467 | clear_llinfo_pqueue(ln); | 478 | clear_llinfo_pqueue(ln); | |
468 | } | 479 | } | |
469 | (void)nd6_free(rt, 0); | 480 | (void)nd6_free(rt, 0); | |
470 | ln = NULL; | 481 | ln = NULL; | |
471 | } | 482 | } | |
472 | break; | 483 | break; | |
473 | case ND6_LLINFO_REACHABLE: | 484 | case ND6_LLINFO_REACHABLE: | |
474 | if (!ND6_LLINFO_PERMANENT(ln)) { | 485 | if (!ND6_LLINFO_PERMANENT(ln)) { | |
475 | ln->ln_state = ND6_LLINFO_STALE; | 486 | ln->ln_state = ND6_LLINFO_STALE; | |
476 | nd6_llinfo_settimer(ln, (long)nd6_gctimer * hz); | 487 | nd6_llinfo_settimer(ln, (long)nd6_gctimer * hz); | |
477 | } | 488 | } | |
478 | break; | 489 | break; | |
479 | 490 | case ND6_LLINFO_PURGE: | ||
480 | case ND6_LLINFO_STALE: | 491 | case ND6_LLINFO_STALE: | |
481 | /* Garbage Collection(RFC 2461 5.3) */ | 492 | /* Garbage Collection(RFC 2461 5.3) */ | |
482 | if (!ND6_LLINFO_PERMANENT(ln)) { | 493 | if (!ND6_LLINFO_PERMANENT(ln)) { | |
483 | (void)nd6_free(rt, 1); | 494 | (void)nd6_free(rt, 1); | |
484 | ln = NULL; | 495 | ln = NULL; | |
485 | } | 496 | } | |
486 | break; | 497 | break; | |
487 | 498 | |||
488 | case ND6_LLINFO_DELAY: | 499 | case ND6_LLINFO_DELAY: | |
489 | if (ndi && (ndi->flags & ND6_IFF_PERFORMNUD) != 0) { | 500 | if (ndi && (ndi->flags & ND6_IFF_PERFORMNUD) != 0) { | |
490 | /* We need NUD */ | 501 | /* We need NUD */ | |
491 | ln->ln_asked = 1; | 502 | ln->ln_asked = 1; | |
492 | ln->ln_state = ND6_LLINFO_PROBE; | 503 | ln->ln_state = ND6_LLINFO_PROBE; | |
@@ -1326,26 +1337,55 @@ nd6_rtrequest(int req, struct rtentry *r | @@ -1326,26 +1337,55 @@ nd6_rtrequest(int req, struct rtentry *r | |||
1326 | * When req == RTM_RESOLVE, rt is created and | 1337 | * When req == RTM_RESOLVE, rt is created and | |
1327 | * initialized in rtrequest(), so rt_expire is 0. | 1338 | * initialized in rtrequest(), so rt_expire is 0. | |
1328 | */ | 1339 | */ | |
1329 | ln->ln_state = ND6_LLINFO_NOSTATE; | 1340 | ln->ln_state = ND6_LLINFO_NOSTATE; | |
1330 | nd6_llinfo_settimer(ln, 0); | 1341 | nd6_llinfo_settimer(ln, 0); | |
1331 | } | 1342 | } | |
1332 | RT_DPRINTF("rt->_rt_key = %p\n", (void *)rt->_rt_key); | 1343 | RT_DPRINTF("rt->_rt_key = %p\n", (void *)rt->_rt_key); | |
1333 | rt->rt_flags |= RTF_LLINFO; | 1344 | rt->rt_flags |= RTF_LLINFO; | |
1334 | ln->ln_next = llinfo_nd6.ln_next; | 1345 | ln->ln_next = llinfo_nd6.ln_next; | |
1335 | llinfo_nd6.ln_next = ln; | 1346 | llinfo_nd6.ln_next = ln; | |
1336 | ln->ln_prev = &llinfo_nd6; | 1347 | ln->ln_prev = &llinfo_nd6; | |
1337 | ln->ln_next->ln_prev = ln; | 1348 | ln->ln_next->ln_prev = ln; | |
1338 | 1349 | |||
1350 | /* | |||
1351 | * If we have too many cache entries, initiate immediate | |||
1352 | * purging for some "less recently used" entries. Note that | |||
1353 | * we cannot directly call nd6_free() here because it would | |||
1354 | * cause re-entering rtable related routines triggering an LOR | |||
1355 | * problem for FreeBSD. | |||
1356 | */ | |||
1357 | if (ip6_neighborgcthresh >= 0 && | |||
1358 | nd6_inuse >= ip6_neighborgcthresh) { | |||
1359 | int i; | |||
1360 | ||||
1361 | for (i = 0; i < 10 && llinfo_nd6.ln_prev != ln; i++) { | |||
1362 | struct llinfo_nd6 *ln_end = llinfo_nd6.ln_prev; | |||
1363 | ||||
1364 | /* Move this entry to the head */ | |||
1365 | LN_DEQUEUE(ln_end); | |||
1366 | LN_INSERTHEAD(ln_end); | |||
1367 | ||||
1368 | if (ND6_LLINFO_PERMANENT(ln_end)) | |||
1369 | continue; | |||
1370 | ||||
1371 | if (ln_end->ln_state > ND6_LLINFO_INCOMPLETE) | |||
1372 | ln_end->ln_state = ND6_LLINFO_STALE; | |||
1373 | else | |||
1374 | ln_end->ln_state = ND6_LLINFO_PURGE; | |||
1375 | nd6_llinfo_settimer(ln_end, 0); | |||
1376 | } | |||
1377 | } | |||
1378 | ||||
1339 | RT_DPRINTF("rt->_rt_key = %p\n", (void *)rt->_rt_key); | 1379 | RT_DPRINTF("rt->_rt_key = %p\n", (void *)rt->_rt_key); | |
1340 | /* | 1380 | /* | |
1341 | * check if rt_getkey(rt) is an address assigned | 1381 | * check if rt_getkey(rt) is an address assigned | |
1342 | * to the interface. | 1382 | * to the interface. | |
1343 | */ | 1383 | */ | |
1344 | ifa = (struct ifaddr *)in6ifa_ifpwithaddr(ifp, | 1384 | ifa = (struct ifaddr *)in6ifa_ifpwithaddr(ifp, | |
1345 | &satocsin6(rt_getkey(rt))->sin6_addr); | 1385 | &satocsin6(rt_getkey(rt))->sin6_addr); | |
1346 | RT_DPRINTF("rt->_rt_key = %p\n", (void *)rt->_rt_key); | 1386 | RT_DPRINTF("rt->_rt_key = %p\n", (void *)rt->_rt_key); | |
1347 | if (ifa != NULL) { | 1387 | if (ifa != NULL) { | |
1348 | const void *mac; | 1388 | const void *mac; | |
1349 | nd6_llinfo_settimer(ln, -1); | 1389 | nd6_llinfo_settimer(ln, -1); | |
1350 | ln->ln_state = ND6_LLINFO_REACHABLE; | 1390 | ln->ln_state = ND6_LLINFO_REACHABLE; | |
1351 | ln->ln_byhint = 0; | 1391 | ln->ln_byhint = 0; | |
@@ -2037,26 +2077,34 @@ nd6_output(struct ifnet *ifp, struct ifn | @@ -2037,26 +2077,34 @@ nd6_output(struct ifnet *ifp, struct ifn | |||
2037 | if (ln == NULL || rt == NULL) { | 2077 | if (ln == NULL || rt == NULL) { | |
2038 | if ((ifp->if_flags & IFF_POINTOPOINT) == 0 && | 2078 | if ((ifp->if_flags & IFF_POINTOPOINT) == 0 && | |
2039 | !(ND_IFINFO(ifp)->flags & ND6_IFF_PERFORMNUD)) { | 2079 | !(ND_IFINFO(ifp)->flags & ND6_IFF_PERFORMNUD)) { | |
2040 | log(LOG_DEBUG, | 2080 | log(LOG_DEBUG, | |
2041 | "nd6_output: can't allocate llinfo for %s " | 2081 | "nd6_output: can't allocate llinfo for %s " | |
2042 | "(ln=%p, rt=%p)\n", | 2082 | "(ln=%p, rt=%p)\n", | |
2043 | ip6_sprintf(&dst->sin6_addr), ln, rt); | 2083 | ip6_sprintf(&dst->sin6_addr), ln, rt); | |
2044 | senderr(EIO); /* XXX: good error? */ | 2084 | senderr(EIO); /* XXX: good error? */ | |
2045 | } | 2085 | } | |
2046 | 2086 | |||
2047 | goto sendpkt; /* send anyway */ | 2087 | goto sendpkt; /* send anyway */ | |
2048 | } | 2088 | } | |
2049 | 2089 | |||
2090 | /* | |||
2091 | * Move this entry to the head of the queue so that it is less likely | |||
2092 | * for this entry to be a target of forced garbage collection (see | |||
2093 | * nd6_rtrequest()). | |||
2094 | */ | |||
2095 | LN_DEQUEUE(ln); | |||
2096 | LN_INSERTHEAD(ln); | |||
2097 | ||||
2050 | /* We don't have to do link-layer address resolution on a p2p link. */ | 2098 | /* We don't have to do link-layer address resolution on a p2p link. */ | |
2051 | if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && | 2099 | if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && | |
2052 | ln->ln_state < ND6_LLINFO_REACHABLE) { | 2100 | ln->ln_state < ND6_LLINFO_REACHABLE) { | |
2053 | ln->ln_state = ND6_LLINFO_STALE; | 2101 | ln->ln_state = ND6_LLINFO_STALE; | |
2054 | nd6_llinfo_settimer(ln, (long)nd6_gctimer * hz); | 2102 | nd6_llinfo_settimer(ln, (long)nd6_gctimer * hz); | |
2055 | } | 2103 | } | |
2056 | 2104 | |||
2057 | /* | 2105 | /* | |
2058 | * The first time we send a packet to a neighbor whose entry is | 2106 | * The first time we send a packet to a neighbor whose entry is | |
2059 | * STALE, we have to change the state to DELAY and a sets a timer to | 2107 | * STALE, we have to change the state to DELAY and a sets a timer to | |
2060 | * expire in DELAY_FIRST_PROBE_TIME seconds to ensure do | 2108 | * expire in DELAY_FIRST_PROBE_TIME seconds to ensure do | |
2061 | * neighbor unreachability detection on expiration. | 2109 | * neighbor unreachability detection on expiration. | |
2062 | * (RFC 2461 7.3.3) | 2110 | * (RFC 2461 7.3.3) |
--- src/sys/netinet6/nd6.h 2011/11/19 22:51:29 1.56
+++ src/sys/netinet6/nd6.h 2013/07/08 07:40:34 1.56.8.1
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: nd6.h,v 1.56 2011/11/19 22:51:29 tls Exp $ */ | 1 | /* $NetBSD: nd6.h,v 1.56.8.1 2013/07/08 07:40:34 jdc Exp $ */ | |
2 | /* $KAME: nd6.h,v 1.95 2002/06/08 11:31:06 itojun Exp $ */ | 2 | /* $KAME: nd6.h,v 1.95 2002/06/08 11:31:06 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -41,26 +41,27 @@ struct llinfo_nd6 { | @@ -41,26 +41,27 @@ struct llinfo_nd6 { | |||
41 | struct llinfo_nd6 *ln_prev; | 41 | struct llinfo_nd6 *ln_prev; | |
42 | struct rtentry *ln_rt; | 42 | struct rtentry *ln_rt; | |
43 | struct mbuf *ln_hold; /* last packet until resolved/timeout */ | 43 | struct mbuf *ln_hold; /* last packet until resolved/timeout */ | |
44 | long ln_asked; /* number of queries already sent for this addr */ | 44 | long ln_asked; /* number of queries already sent for this addr */ | |
45 | u_long ln_expire; /* lifetime for NDP state transition */ | 45 | u_long ln_expire; /* lifetime for NDP state transition */ | |
46 | short ln_state; /* reachability state */ | 46 | short ln_state; /* reachability state */ | |
47 | short ln_router; /* 2^0: ND6 router bit */ | 47 | short ln_router; /* 2^0: ND6 router bit */ | |
48 | int ln_byhint; /* # of times we made it reachable by UL hint */ | 48 | int ln_byhint; /* # of times we made it reachable by UL hint */ | |
49 | 49 | |||
50 | long ln_ntick; | 50 | long ln_ntick; | |
51 | struct callout ln_timer_ch; | 51 | struct callout ln_timer_ch; | |
52 | }; | 52 | }; | |
53 | 53 | |||
54 | #define ND6_LLINFO_PURGE -3 | |||
54 | #define ND6_LLINFO_NOSTATE -2 | 55 | #define ND6_LLINFO_NOSTATE -2 | |
55 | /* | 56 | /* | |
56 | * We don't need the WAITDELETE state any more, but we keep the definition | 57 | * We don't need the WAITDELETE state any more, but we keep the definition | |
57 | * in a comment line instead of removing it. This is necessary to avoid | 58 | * in a comment line instead of removing it. This is necessary to avoid | |
58 | * unintentionally reusing the value for another purpose, which might | 59 | * unintentionally reusing the value for another purpose, which might | |
59 | * affect backward compatibility with old applications. | 60 | * affect backward compatibility with old applications. | |
60 | * (20000711 jinmei@kame.net) | 61 | * (20000711 jinmei@kame.net) | |
61 | */ | 62 | */ | |
62 | /* #define ND6_LLINFO_WAITDELETE -1 */ | 63 | /* #define ND6_LLINFO_WAITDELETE -1 */ | |
63 | #define ND6_LLINFO_INCOMPLETE 0 | 64 | #define ND6_LLINFO_INCOMPLETE 0 | |
64 | #define ND6_LLINFO_REACHABLE 1 | 65 | #define ND6_LLINFO_REACHABLE 1 | |
65 | #define ND6_LLINFO_STALE 2 | 66 | #define ND6_LLINFO_STALE 2 | |
66 | #define ND6_LLINFO_DELAY 3 | 67 | #define ND6_LLINFO_DELAY 3 | |
@@ -293,26 +294,28 @@ struct nd_prefix { | @@ -293,26 +294,28 @@ struct nd_prefix { | |||
293 | 294 | |||
294 | time_t ndpr_expire; /* expiration time of the prefix */ | 295 | time_t ndpr_expire; /* expiration time of the prefix */ | |
295 | time_t ndpr_preferred; /* preferred time of the prefix */ | 296 | time_t ndpr_preferred; /* preferred time of the prefix */ | |
296 | time_t ndpr_lastupdate; /* reception time of last advertisement */ | 297 | time_t ndpr_lastupdate; /* reception time of last advertisement */ | |
297 | 298 | |||
298 | struct prf_ra ndpr_flags; | 299 | struct prf_ra ndpr_flags; | |
299 | u_int32_t ndpr_stateflags; /* actual state flags */ | 300 | u_int32_t ndpr_stateflags; /* actual state flags */ | |
300 | /* list of routers that advertise the prefix: */ | 301 | /* list of routers that advertise the prefix: */ | |
301 | LIST_HEAD(pr_rtrhead, nd_pfxrouter) ndpr_advrtrs; | 302 | LIST_HEAD(pr_rtrhead, nd_pfxrouter) ndpr_advrtrs; | |
302 | u_char ndpr_plen; | 303 | u_char ndpr_plen; | |
303 | int ndpr_refcnt; /* reference couter from addresses */ | 304 | int ndpr_refcnt; /* reference couter from addresses */ | |
304 | }; | 305 | }; | |
305 | 306 | |||
307 | #define ndpr_next ndpr_entry.le_next | |||
308 | ||||
306 | #define ndpr_raf ndpr_flags | 309 | #define ndpr_raf ndpr_flags | |
307 | #define ndpr_raf_onlink ndpr_flags.onlink | 310 | #define ndpr_raf_onlink ndpr_flags.onlink | |
308 | #define ndpr_raf_auto ndpr_flags.autonomous | 311 | #define ndpr_raf_auto ndpr_flags.autonomous | |
309 | #define ndpr_raf_router ndpr_flags.router | 312 | #define ndpr_raf_router ndpr_flags.router | |
310 | 313 | |||
311 | /* | 314 | /* | |
312 | * Message format for use in obtaining information about prefixes | 315 | * Message format for use in obtaining information about prefixes | |
313 | * from inet6 sysctl function | 316 | * from inet6 sysctl function | |
314 | */ | 317 | */ | |
315 | struct inet6_ndpr_msghdr { | 318 | struct inet6_ndpr_msghdr { | |
316 | u_short inpm_msglen; /* to skip over non-understood messages */ | 319 | u_short inpm_msglen; /* to skip over non-understood messages */ | |
317 | u_char inpm_version; /* future binary compatibility */ | 320 | u_char inpm_version; /* future binary compatibility */ | |
318 | u_char inpm_type; /* message type */ | 321 | u_char inpm_type; /* message type */ |
--- src/sys/netinet6/nd6_rtr.c 2011/11/19 22:51:29 1.82
+++ src/sys/netinet6/nd6_rtr.c 2013/07/08 07:40:34 1.82.8.1
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: nd6_rtr.c,v 1.82 2011/11/19 22:51:29 tls Exp $ */ | 1 | /* $NetBSD: nd6_rtr.c,v 1.82.8.1 2013/07/08 07:40:34 jdc Exp $ */ | |
2 | /* $KAME: nd6_rtr.c,v 1.95 2001/02/07 08:09:47 itojun Exp $ */ | 2 | /* $KAME: nd6_rtr.c,v 1.95 2001/02/07 08:09:47 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -21,27 +21,27 @@ | @@ -21,27 +21,27 @@ | |||
21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | 23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | |
24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
30 | * SUCH DAMAGE. | 30 | * SUCH DAMAGE. | |
31 | */ | 31 | */ | |
32 | 32 | |||
33 | #include <sys/cdefs.h> | 33 | #include <sys/cdefs.h> | |
34 | __KERNEL_RCSID(0, "$NetBSD: nd6_rtr.c,v 1.82 2011/11/19 22:51:29 tls Exp $"); | 34 | __KERNEL_RCSID(0, "$NetBSD: nd6_rtr.c,v 1.82.8.1 2013/07/08 07:40:34 jdc Exp $"); | |
35 | 35 | |||
36 | #include <sys/param.h> | 36 | #include <sys/param.h> | |
37 | #include <sys/systm.h> | 37 | #include <sys/systm.h> | |
38 | #include <sys/malloc.h> | 38 | #include <sys/malloc.h> | |
39 | #include <sys/mbuf.h> | 39 | #include <sys/mbuf.h> | |
40 | #include <sys/socket.h> | 40 | #include <sys/socket.h> | |
41 | #include <sys/sockio.h> | 41 | #include <sys/sockio.h> | |
42 | #include <sys/time.h> | 42 | #include <sys/time.h> | |
43 | #include <sys/kernel.h> | 43 | #include <sys/kernel.h> | |
44 | #include <sys/errno.h> | 44 | #include <sys/errno.h> | |
45 | #include <sys/ioctl.h> | 45 | #include <sys/ioctl.h> | |
46 | #include <sys/syslog.h> | 46 | #include <sys/syslog.h> | |
47 | #include <sys/cprng.h> | 47 | #include <sys/cprng.h> | |
@@ -69,28 +69,29 @@ static struct nd_defrouter *defrtrlist_u | @@ -69,28 +69,29 @@ static struct nd_defrouter *defrtrlist_u | |||
69 | static int prelist_update(struct nd_prefixctl *, struct nd_defrouter *, | 69 | static int prelist_update(struct nd_prefixctl *, struct nd_defrouter *, | |
70 | struct mbuf *, int); | 70 | struct mbuf *, int); | |
71 | static struct in6_ifaddr *in6_ifadd(struct nd_prefixctl *, int); | 71 | static struct in6_ifaddr *in6_ifadd(struct nd_prefixctl *, int); | |
72 | static struct nd_pfxrouter *pfxrtr_lookup(struct nd_prefix *, | 72 | static struct nd_pfxrouter *pfxrtr_lookup(struct nd_prefix *, | |
73 | struct nd_defrouter *); | 73 | struct nd_defrouter *); | |
74 | static void pfxrtr_add(struct nd_prefix *, struct nd_defrouter *); | 74 | static void pfxrtr_add(struct nd_prefix *, struct nd_defrouter *); | |
75 | static void pfxrtr_del(struct nd_pfxrouter *); | 75 | static void pfxrtr_del(struct nd_pfxrouter *); | |
76 | static struct nd_pfxrouter *find_pfxlist_reachable_router | 76 | static struct nd_pfxrouter *find_pfxlist_reachable_router | |
77 | (struct nd_prefix *); | 77 | (struct nd_prefix *); | |
78 | static void defrouter_delreq(struct nd_defrouter *); | 78 | static void defrouter_delreq(struct nd_defrouter *); | |
79 | static void nd6_rtmsg(int, struct rtentry *); | 79 | static void nd6_rtmsg(int, struct rtentry *); | |
80 | 80 | |||
81 | static int in6_init_prefix_ltimes(struct nd_prefix *); | 81 | static int in6_init_prefix_ltimes(struct nd_prefix *); | |
82 | static void in6_init_address_ltimes(struct nd_prefix *ndpr, | 82 | static void in6_init_address_ltimes(struct nd_prefix *, | |
83 | struct in6_addrlifetime *lt6); | 83 | struct in6_addrlifetime *); | |
84 | static void purge_detached(struct ifnet *); | |||
84 | 85 | |||
85 | static int rt6_deleteroute(struct rtentry *, void *); | 86 | static int rt6_deleteroute(struct rtentry *, void *); | |
86 | 87 | |||
87 | extern int nd6_recalc_reachtm_interval; | 88 | extern int nd6_recalc_reachtm_interval; | |
88 | 89 | |||
89 | static struct ifnet *nd6_defifp; | 90 | static struct ifnet *nd6_defifp; | |
90 | int nd6_defifindex; | 91 | int nd6_defifindex; | |
91 | 92 | |||
92 | int ip6_use_tempaddr = 0; | 93 | int ip6_use_tempaddr = 0; | |
93 | 94 | |||
94 | int ip6_desync_factor; | 95 | int ip6_desync_factor; | |
95 | u_int32_t ip6_temp_preferred_lifetime = DEF_TEMP_PREFERRED_LIFETIME; | 96 | u_int32_t ip6_temp_preferred_lifetime = DEF_TEMP_PREFERRED_LIFETIME; | |
96 | u_int32_t ip6_temp_valid_lifetime = DEF_TEMP_VALID_LIFETIME; | 97 | u_int32_t ip6_temp_valid_lifetime = DEF_TEMP_VALID_LIFETIME; | |
@@ -478,26 +479,27 @@ defrouter_lookup(const struct in6_addr * | @@ -478,26 +479,27 @@ defrouter_lookup(const struct in6_addr * | |||
478 | if (dr->ifp == ifp && IN6_ARE_ADDR_EQUAL(addr, &dr->rtaddr)) | 479 | if (dr->ifp == ifp && IN6_ARE_ADDR_EQUAL(addr, &dr->rtaddr)) | |
479 | break; | 480 | break; | |
480 | } | 481 | } | |
481 | 482 | |||
482 | return dr; /* search failed */ | 483 | return dr; /* search failed */ | |
483 | } | 484 | } | |
484 | 485 | |||
485 | void | 486 | void | |
486 | defrtrlist_del(struct nd_defrouter *dr) | 487 | defrtrlist_del(struct nd_defrouter *dr) | |
487 | { | 488 | { | |
488 | struct nd_ifinfo *ndi = ND_IFINFO(dr->ifp); | 489 | struct nd_ifinfo *ndi = ND_IFINFO(dr->ifp); | |
489 | struct nd_defrouter *deldr = NULL; | 490 | struct nd_defrouter *deldr = NULL; | |
490 | struct nd_prefix *pr; | 491 | struct nd_prefix *pr; | |
492 | struct in6_ifextra *ext = dr->ifp->if_afdata[AF_INET6]; | |||
491 | 493 | |||
492 | /* | 494 | /* | |
493 | * Flush all the routing table entries that use the router | 495 | * Flush all the routing table entries that use the router | |
494 | * as a next hop. | 496 | * as a next hop. | |
495 | */ | 497 | */ | |
496 | /* XXX: better condition? */ | 498 | /* XXX: better condition? */ | |
497 | if (!ip6_forwarding && nd6_accepts_rtadv(ndi)) | 499 | if (!ip6_forwarding && nd6_accepts_rtadv(ndi)) | |
498 | rt6_flush(&dr->rtaddr, dr->ifp); | 500 | rt6_flush(&dr->rtaddr, dr->ifp); | |
499 | 501 | |||
500 | if (dr->installed) { | 502 | if (dr->installed) { | |
501 | deldr = dr; | 503 | deldr = dr; | |
502 | defrouter_delreq(dr); | 504 | defrouter_delreq(dr); | |
503 | } | 505 | } | |
@@ -511,26 +513,32 @@ defrtrlist_del(struct nd_defrouter *dr) | @@ -511,26 +513,32 @@ defrtrlist_del(struct nd_defrouter *dr) | |||
511 | if ((pfxrtr = pfxrtr_lookup(pr, dr)) != NULL) | 513 | if ((pfxrtr = pfxrtr_lookup(pr, dr)) != NULL) | |
512 | pfxrtr_del(pfxrtr); | 514 | pfxrtr_del(pfxrtr); | |
513 | } | 515 | } | |
514 | pfxlist_onlink_check(); | 516 | pfxlist_onlink_check(); | |
515 | 517 | |||
516 | /* | 518 | /* | |
517 | * If the router is the primary one, choose a new one. | 519 | * If the router is the primary one, choose a new one. | |
518 | * Note that defrouter_select() will remove the current gateway | 520 | * Note that defrouter_select() will remove the current gateway | |
519 | * from the routing table. | 521 | * from the routing table. | |
520 | */ | 522 | */ | |
521 | if (deldr) | 523 | if (deldr) | |
522 | defrouter_select(); | 524 | defrouter_select(); | |
523 | 525 | |||
526 | ext->ndefrouters--; | |||
527 | if (ext->ndefrouters < 0) { | |||
528 | log(LOG_WARNING, "defrtrlist_del: negative count on %s\n", | |||
529 | dr->ifp->if_xname); | |||
530 | } | |||
531 | ||||
524 | free(dr, M_IP6NDP); | 532 | free(dr, M_IP6NDP); | |
525 | } | 533 | } | |
526 | 534 | |||
527 | /* | 535 | /* | |
528 | * Remove the default route for a given router. | 536 | * Remove the default route for a given router. | |
529 | * This is just a subroutine function for defrouter_select(), and should | 537 | * This is just a subroutine function for defrouter_select(), and should | |
530 | * not be called from anywhere else. | 538 | * not be called from anywhere else. | |
531 | */ | 539 | */ | |
532 | static void | 540 | static void | |
533 | defrouter_delreq(struct nd_defrouter *dr) | 541 | defrouter_delreq(struct nd_defrouter *dr) | |
534 | { | 542 | { | |
535 | union { | 543 | union { | |
536 | struct sockaddr_in6 sin6; | 544 | struct sockaddr_in6 sin6; | |
@@ -767,26 +775,33 @@ defrtrlist_update(struct nd_defrouter *n | @@ -767,26 +775,33 @@ defrtrlist_update(struct nd_defrouter *n | |||
767 | * However, since defrtrlist_del() has many side | 775 | * However, since defrtrlist_del() has many side | |
768 | * effects, we intentionally do so here. | 776 | * effects, we intentionally do so here. | |
769 | * defrouter_select() below will handle routing | 777 | * defrouter_select() below will handle routing | |
770 | * changes later. | 778 | * changes later. | |
771 | */ | 779 | */ | |
772 | TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); | 780 | TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); | |
773 | n = dr; | 781 | n = dr; | |
774 | goto insert; | 782 | goto insert; | |
775 | } | 783 | } | |
776 | splx(s); | 784 | splx(s); | |
777 | return (dr); | 785 | return (dr); | |
778 | } | 786 | } | |
779 | 787 | |||
788 | struct in6_ifextra *ext = new->ifp->if_afdata[AF_INET6]; | |||
789 | if (ip6_maxifdefrouters >= 0 && | |||
790 | ext->ndefrouters >= ip6_maxifdefrouters) { | |||
791 | splx(s); | |||
792 | return (NULL); | |||
793 | } | |||
794 | ||||
780 | /* entry does not exist */ | 795 | /* entry does not exist */ | |
781 | if (new->rtlifetime == 0) { | 796 | if (new->rtlifetime == 0) { | |
782 | splx(s); | 797 | splx(s); | |
783 | return (NULL); | 798 | return (NULL); | |
784 | } | 799 | } | |
785 | 800 | |||
786 | if (ip6_rtadv_maxroutes <= nd6_numroutes) { | 801 | if (ip6_rtadv_maxroutes <= nd6_numroutes) { | |
787 | ICMP6_STATINC(ICMP6_STAT_DROPPED_RAROUTE); | 802 | ICMP6_STATINC(ICMP6_STAT_DROPPED_RAROUTE); | |
788 | splx(s); | 803 | splx(s); | |
789 | return (NULL); | 804 | return (NULL); | |
790 | } | 805 | } | |
791 | 806 | |||
792 | n = (struct nd_defrouter *)malloc(sizeof(*n), M_IP6NDP, M_NOWAIT); | 807 | n = (struct nd_defrouter *)malloc(sizeof(*n), M_IP6NDP, M_NOWAIT); | |
@@ -808,26 +823,28 @@ insert: | @@ -808,26 +823,28 @@ insert: | |||
808 | /* insert at the end of the group */ | 823 | /* insert at the end of the group */ | |
809 | for (dr = TAILQ_FIRST(&nd_defrouter); dr; | 824 | for (dr = TAILQ_FIRST(&nd_defrouter); dr; | |
810 | dr = TAILQ_NEXT(dr, dr_entry)) { | 825 | dr = TAILQ_NEXT(dr, dr_entry)) { | |
811 | if (rtpref(n) > rtpref(dr)) | 826 | if (rtpref(n) > rtpref(dr)) | |
812 | break; | 827 | break; | |
813 | } | 828 | } | |
814 | if (dr) | 829 | if (dr) | |
815 | TAILQ_INSERT_BEFORE(dr, n, dr_entry); | 830 | TAILQ_INSERT_BEFORE(dr, n, dr_entry); | |
816 | else | 831 | else | |
817 | TAILQ_INSERT_TAIL(&nd_defrouter, n, dr_entry); | 832 | TAILQ_INSERT_TAIL(&nd_defrouter, n, dr_entry); | |
818 | 833 | |||
819 | defrouter_select(); | 834 | defrouter_select(); | |
820 | 835 | |||
836 | ext->ndefrouters++; | |||
837 | ||||
821 | splx(s); | 838 | splx(s); | |
822 | 839 | |||
823 | return (n); | 840 | return (n); | |
824 | } | 841 | } | |
825 | 842 | |||
826 | static struct nd_pfxrouter * | 843 | static struct nd_pfxrouter * | |
827 | pfxrtr_lookup(struct nd_prefix *pr, struct nd_defrouter *dr) | 844 | pfxrtr_lookup(struct nd_prefix *pr, struct nd_defrouter *dr) | |
828 | { | 845 | { | |
829 | struct nd_pfxrouter *search; | 846 | struct nd_pfxrouter *search; | |
830 | 847 | |||
831 | LIST_FOREACH(search, &pr->ndpr_advrtrs, pfr_entry) { | 848 | LIST_FOREACH(search, &pr->ndpr_advrtrs, pfr_entry) { | |
832 | if (search->router == dr) | 849 | if (search->router == dr) | |
833 | break; | 850 | break; | |
@@ -865,33 +882,79 @@ nd6_prefix_lookup(struct nd_prefixctl *k | @@ -865,33 +882,79 @@ nd6_prefix_lookup(struct nd_prefixctl *k | |||
865 | 882 | |||
866 | LIST_FOREACH(search, &nd_prefix, ndpr_entry) { | 883 | LIST_FOREACH(search, &nd_prefix, ndpr_entry) { | |
867 | if (key->ndpr_ifp == search->ndpr_ifp && | 884 | if (key->ndpr_ifp == search->ndpr_ifp && | |
868 | key->ndpr_plen == search->ndpr_plen && | 885 | key->ndpr_plen == search->ndpr_plen && | |
869 | in6_are_prefix_equal(&key->ndpr_prefix.sin6_addr, | 886 | in6_are_prefix_equal(&key->ndpr_prefix.sin6_addr, | |
870 | &search->ndpr_prefix.sin6_addr, key->ndpr_plen)) { | 887 | &search->ndpr_prefix.sin6_addr, key->ndpr_plen)) { | |
871 | break; | 888 | break; | |
872 | } | 889 | } | |
873 | } | 890 | } | |
874 | 891 | |||
875 | return (search); | 892 | return (search); | |
876 | } | 893 | } | |
877 | 894 | |||
895 | static void | |||
896 | purge_detached(struct ifnet *ifp) | |||
897 | { | |||
898 | struct nd_prefix *pr, *pr_next; | |||
899 | struct in6_ifaddr *ia; | |||
900 | struct ifaddr *ifa, *ifa_next; | |||
901 | ||||
902 | for (pr = nd_prefix.lh_first; pr; pr = pr_next) { | |||
903 | pr_next = pr->ndpr_next; | |||
904 | ||||
905 | /* | |||
906 | * This function is called when we need to make more room for | |||
907 | * new prefixes rather than keeping old, possibly stale ones. | |||
908 | * Detached prefixes would be a good candidate; if all routers | |||
909 | * that advertised the prefix expired, the prefix is also | |||
910 | * probably stale. | |||
911 | */ | |||
912 | if (pr->ndpr_ifp != ifp || | |||
913 | IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr) || | |||
914 | ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && | |||
915 | !LIST_EMPTY(&pr->ndpr_advrtrs))) | |||
916 | continue; | |||
917 | ||||
918 | for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa_next) { | |||
919 | ifa_next = ifa->ifa_list.tqe_next; | |||
920 | if (ifa->ifa_addr->sa_family != AF_INET6) | |||
921 | continue; | |||
922 | ia = (struct in6_ifaddr *)ifa; | |||
923 | if ((ia->ia6_flags & IN6_IFF_AUTOCONF) == | |||
924 | IN6_IFF_AUTOCONF && ia->ia6_ndpr == pr) { | |||
925 | in6_purgeaddr(ifa); | |||
926 | } | |||
927 | } | |||
928 | if (pr->ndpr_refcnt == 0) | |||
929 | prelist_remove(pr); | |||
930 | } | |||
931 | } | |||
932 | ||||
878 | int | 933 | int | |
879 | nd6_prelist_add(struct nd_prefixctl *pr, struct nd_defrouter *dr, | 934 | nd6_prelist_add(struct nd_prefixctl *pr, struct nd_defrouter *dr, | |
880 | struct nd_prefix **newp) | 935 | struct nd_prefix **newp) | |
881 | { | 936 | { | |
882 | struct nd_prefix *new = NULL; | 937 | struct nd_prefix *new = NULL; | |
883 | int i, s; | 938 | int i, s; | |
884 | int error; | 939 | int error; | |
940 | struct in6_ifextra *ext = pr->ndpr_ifp->if_afdata[AF_INET6]; | |||
941 | ||||
942 | if (ip6_maxifprefixes >= 0) { | |||
943 | if (ext->nprefixes >= ip6_maxifprefixes / 2) | |||
944 | purge_detached(pr->ndpr_ifp); | |||
945 | if (ext->nprefixes >= ip6_maxifprefixes) | |||
946 | return ENOMEM; | |||
947 | } | |||
885 | 948 | |||
886 | error = 0; | 949 | error = 0; | |
887 | new = malloc(sizeof(*new), M_IP6NDP, M_NOWAIT|M_ZERO); | 950 | new = malloc(sizeof(*new), M_IP6NDP, M_NOWAIT|M_ZERO); | |
888 | if (new == NULL) | 951 | if (new == NULL) | |
889 | return ENOMEM; | 952 | return ENOMEM; | |
890 | new->ndpr_ifp = pr->ndpr_ifp; | 953 | new->ndpr_ifp = pr->ndpr_ifp; | |
891 | new->ndpr_prefix = pr->ndpr_prefix; | 954 | new->ndpr_prefix = pr->ndpr_prefix; | |
892 | new->ndpr_plen = pr->ndpr_plen; | 955 | new->ndpr_plen = pr->ndpr_plen; | |
893 | new->ndpr_vltime = pr->ndpr_vltime; | 956 | new->ndpr_vltime = pr->ndpr_vltime; | |
894 | new->ndpr_pltime = pr->ndpr_pltime; | 957 | new->ndpr_pltime = pr->ndpr_pltime; | |
895 | new->ndpr_flags = pr->ndpr_flags; | 958 | new->ndpr_flags = pr->ndpr_flags; | |
896 | if ((error = in6_init_prefix_ltimes(new)) != 0) { | 959 | if ((error = in6_init_prefix_ltimes(new)) != 0) { | |
897 | free(new, M_IP6NDP); | 960 | free(new, M_IP6NDP); | |
@@ -919,35 +982,37 @@ nd6_prelist_add(struct nd_prefixctl *pr, | @@ -919,35 +982,37 @@ nd6_prelist_add(struct nd_prefixctl *pr, | |||
919 | int e; | 982 | int e; | |
920 | 983 | |||
921 | if ((e = nd6_prefix_onlink(new)) != 0) { | 984 | if ((e = nd6_prefix_onlink(new)) != 0) { | |
922 | nd6log((LOG_ERR, "nd6_prelist_add: failed to make " | 985 | nd6log((LOG_ERR, "nd6_prelist_add: failed to make " | |
923 | "the prefix %s/%d on-link on %s (errno=%d)\n", | 986 | "the prefix %s/%d on-link on %s (errno=%d)\n", | |
924 | ip6_sprintf(&pr->ndpr_prefix.sin6_addr), | 987 | ip6_sprintf(&pr->ndpr_prefix.sin6_addr), | |
925 | pr->ndpr_plen, if_name(pr->ndpr_ifp), e)); | 988 | pr->ndpr_plen, if_name(pr->ndpr_ifp), e)); | |
926 | /* proceed anyway. XXX: is it correct? */ | 989 | /* proceed anyway. XXX: is it correct? */ | |
927 | } | 990 | } | |
928 | } | 991 | } | |
929 | 992 | |||
930 | if (dr) | 993 | if (dr) | |
931 | pfxrtr_add(new, dr); | 994 | pfxrtr_add(new, dr); | |
995 | ext->nprefixes++; | |||
932 | 996 | |||
933 | return 0; | 997 | return 0; | |
934 | } | 998 | } | |
935 | 999 | |||
936 | void | 1000 | void | |
937 | prelist_remove(struct nd_prefix *pr) | 1001 | prelist_remove(struct nd_prefix *pr) | |
938 | { | 1002 | { | |
939 | struct nd_pfxrouter *pfr, *next; | 1003 | struct nd_pfxrouter *pfr, *next; | |
940 | int e, s; | 1004 | int e, s; | |
1005 | struct in6_ifextra *ext = pr->ndpr_ifp->if_afdata[AF_INET6]; | |||
941 | 1006 | |||
942 | /* make sure to invalidate the prefix until it is really freed. */ | 1007 | /* make sure to invalidate the prefix until it is really freed. */ | |
943 | pr->ndpr_vltime = 0; | 1008 | pr->ndpr_vltime = 0; | |
944 | pr->ndpr_pltime = 0; | 1009 | pr->ndpr_pltime = 0; | |
945 | #if 0 | 1010 | #if 0 | |
946 | /* | 1011 | /* | |
947 | * Though these flags are now meaningless, we'd rather keep the value | 1012 | * Though these flags are now meaningless, we'd rather keep the value | |
948 | * not to confuse users when executing "ndp -p". | 1013 | * not to confuse users when executing "ndp -p". | |
949 | */ | 1014 | */ | |
950 | pr->ndpr_raf_onlink = 0; | 1015 | pr->ndpr_raf_onlink = 0; | |
951 | pr->ndpr_raf_auto = 0; | 1016 | pr->ndpr_raf_auto = 0; | |
952 | #endif | 1017 | #endif | |
953 | if ((pr->ndpr_stateflags & NDPRF_ONLINK) != 0 && | 1018 | if ((pr->ndpr_stateflags & NDPRF_ONLINK) != 0 && | |
@@ -962,26 +1027,32 @@ prelist_remove(struct nd_prefix *pr) | @@ -962,26 +1027,32 @@ prelist_remove(struct nd_prefix *pr) | |||
962 | if (pr->ndpr_refcnt > 0) | 1027 | if (pr->ndpr_refcnt > 0) | |
963 | return; /* notice here? */ | 1028 | return; /* notice here? */ | |
964 | 1029 | |||
965 | s = splsoftnet(); | 1030 | s = splsoftnet(); | |
966 | /* unlink ndpr_entry from nd_prefix list */ | 1031 | /* unlink ndpr_entry from nd_prefix list */ | |
967 | LIST_REMOVE(pr, ndpr_entry); | 1032 | LIST_REMOVE(pr, ndpr_entry); | |
968 | 1033 | |||
969 | /* free list of routers that adversed the prefix */ | 1034 | /* free list of routers that adversed the prefix */ | |
970 | for (pfr = LIST_FIRST(&pr->ndpr_advrtrs); pfr != NULL; pfr = next) { | 1035 | for (pfr = LIST_FIRST(&pr->ndpr_advrtrs); pfr != NULL; pfr = next) { | |
971 | next = LIST_NEXT(pfr, pfr_entry); | 1036 | next = LIST_NEXT(pfr, pfr_entry); | |
972 | 1037 | |||
973 | free(pfr, M_IP6NDP); | 1038 | free(pfr, M_IP6NDP); | |
974 | } | 1039 | } | |
1040 | ||||
1041 | ext->nprefixes--; | |||
1042 | if (ext->nprefixes < 0) { | |||
1043 | log(LOG_WARNING, "prelist_remove: negative count on %s\n", | |||
1044 | pr->ndpr_ifp->if_xname); | |||
1045 | } | |||
975 | splx(s); | 1046 | splx(s); | |
976 | 1047 | |||
977 | free(pr, M_IP6NDP); | 1048 | free(pr, M_IP6NDP); | |
978 | 1049 | |||
979 | pfxlist_onlink_check(); | 1050 | pfxlist_onlink_check(); | |
980 | } | 1051 | } | |
981 | 1052 | |||
982 | static int | 1053 | static int | |
983 | prelist_update(struct nd_prefixctl *new, | 1054 | prelist_update(struct nd_prefixctl *new, | |
984 | struct nd_defrouter *dr, /* may be NULL */ | 1055 | struct nd_defrouter *dr, /* may be NULL */ | |
985 | struct mbuf *m, | 1056 | struct mbuf *m, | |
986 | int mcast) | 1057 | int mcast) | |
987 | { | 1058 | { |