Count packets dropped by pfildiff -r1.388 -r1.389 src/sys/netinet/ip_input.c
(ozaki-r)
--- src/sys/netinet/ip_input.c 2019/01/17 02:47:15 1.388
+++ src/sys/netinet/ip_input.c 2019/05/13 07:47:59 1.389
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: ip_input.c,v 1.388 2019/01/17 02:47:15 knakahara Exp $ */ | 1 | /* $NetBSD: ip_input.c,v 1.389 2019/05/13 07:47:59 ozaki-r Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 4 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -81,27 +81,27 @@ | @@ -81,27 +81,27 @@ | |||
81 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 81 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
82 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 82 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
83 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 83 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
84 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 84 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
85 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 85 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
86 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 86 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
87 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 87 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
88 | * SUCH DAMAGE. | 88 | * SUCH DAMAGE. | |
89 | * | 89 | * | |
90 | * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 | 90 | * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 | |
91 | */ | 91 | */ | |
92 | 92 | |||
93 | #include <sys/cdefs.h> | 93 | #include <sys/cdefs.h> | |
94 | __KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.388 2019/01/17 02:47:15 knakahara Exp $"); | 94 | __KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.389 2019/05/13 07:47:59 ozaki-r Exp $"); | |
95 | 95 | |||
96 | #ifdef _KERNEL_OPT | 96 | #ifdef _KERNEL_OPT | |
97 | #include "opt_inet.h" | 97 | #include "opt_inet.h" | |
98 | #include "opt_gateway.h" | 98 | #include "opt_gateway.h" | |
99 | #include "opt_ipsec.h" | 99 | #include "opt_ipsec.h" | |
100 | #include "opt_mrouting.h" | 100 | #include "opt_mrouting.h" | |
101 | #include "opt_mbuftrace.h" | 101 | #include "opt_mbuftrace.h" | |
102 | #include "opt_inet_csum.h" | 102 | #include "opt_inet_csum.h" | |
103 | #include "opt_net_mpsafe.h" | 103 | #include "opt_net_mpsafe.h" | |
104 | #endif | 104 | #endif | |
105 | 105 | |||
106 | #include "arp.h" | 106 | #include "arp.h" | |
107 | 107 | |||
@@ -568,26 +568,27 @@ ip_input(struct mbuf *m) | @@ -568,26 +568,27 @@ ip_input(struct mbuf *m) | |||
568 | */ | 568 | */ | |
569 | #if defined(IPSEC) | 569 | #if defined(IPSEC) | |
570 | if (!ipsec_used || !ipsec_skip_pfil(m)) | 570 | if (!ipsec_used || !ipsec_skip_pfil(m)) | |
571 | #else | 571 | #else | |
572 | if (1) | 572 | if (1) | |
573 | #endif | 573 | #endif | |
574 | { | 574 | { | |
575 | struct in_addr odst = ip->ip_dst; | 575 | struct in_addr odst = ip->ip_dst; | |
576 | bool freed; | 576 | bool freed; | |
577 | 577 | |||
578 | freed = pfil_run_hooks(inet_pfil_hook, &m, ifp, PFIL_IN) != 0; | 578 | freed = pfil_run_hooks(inet_pfil_hook, &m, ifp, PFIL_IN) != 0; | |
579 | if (freed || m == NULL) { | 579 | if (freed || m == NULL) { | |
580 | m = NULL; | 580 | m = NULL; | |
581 | IP_STATINC(IP_STAT_PFILDROP_IN); | |||
581 | goto out; | 582 | goto out; | |
582 | } | 583 | } | |
583 | KASSERT(m->m_len >= sizeof(struct ip)); | 584 | KASSERT(m->m_len >= sizeof(struct ip)); | |
584 | ip = mtod(m, struct ip *); | 585 | ip = mtod(m, struct ip *); | |
585 | hlen = ip->ip_hl << 2; | 586 | hlen = ip->ip_hl << 2; | |
586 | KASSERT(m->m_len >= hlen); | 587 | KASSERT(m->m_len >= hlen); | |
587 | 588 | |||
588 | /* | 589 | /* | |
589 | * XXX The setting of "srcrt" here is to prevent ip_forward() | 590 | * XXX The setting of "srcrt" here is to prevent ip_forward() | |
590 | * from generating ICMP redirects for packets that have | 591 | * from generating ICMP redirects for packets that have | |
591 | * been redirected by a hook back out on to the same LAN that | 592 | * been redirected by a hook back out on to the same LAN that | |
592 | * they came from and is not an indication that the packet | 593 | * they came from and is not an indication that the packet | |
593 | * is being influenced by source routing options. This | 594 | * is being influenced by source routing options. This |
--- src/sys/netinet/ip_output.c 2019/02/04 10:48:46 1.310
+++ src/sys/netinet/ip_output.c 2019/05/13 07:47:59 1.311
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: ip_output.c,v 1.310 2019/02/04 10:48:46 mrg Exp $ */ | 1 | /* $NetBSD: ip_output.c,v 1.311 2019/05/13 07:47:59 ozaki-r Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 4 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -81,27 +81,27 @@ | @@ -81,27 +81,27 @@ | |||
81 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 81 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
82 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 82 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
83 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 83 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
84 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 84 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
85 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 85 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
86 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 86 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
87 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 87 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
88 | * SUCH DAMAGE. | 88 | * SUCH DAMAGE. | |
89 | * | 89 | * | |
90 | * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 | 90 | * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 | |
91 | */ | 91 | */ | |
92 | 92 | |||
93 | #include <sys/cdefs.h> | 93 | #include <sys/cdefs.h> | |
94 | __KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.310 2019/02/04 10:48:46 mrg Exp $"); | 94 | __KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.311 2019/05/13 07:47:59 ozaki-r Exp $"); | |
95 | 95 | |||
96 | #ifdef _KERNEL_OPT | 96 | #ifdef _KERNEL_OPT | |
97 | #include "opt_inet.h" | 97 | #include "opt_inet.h" | |
98 | #include "opt_ipsec.h" | 98 | #include "opt_ipsec.h" | |
99 | #include "opt_mrouting.h" | 99 | #include "opt_mrouting.h" | |
100 | #include "opt_net_mpsafe.h" | 100 | #include "opt_net_mpsafe.h" | |
101 | #include "opt_mpls.h" | 101 | #include "opt_mpls.h" | |
102 | #endif | 102 | #endif | |
103 | 103 | |||
104 | #include "arp.h" | 104 | #include "arp.h" | |
105 | 105 | |||
106 | #include <sys/param.h> | 106 | #include <sys/param.h> | |
107 | #include <sys/kmem.h> | 107 | #include <sys/kmem.h> | |
@@ -612,30 +612,30 @@ sendit: | @@ -612,30 +612,30 @@ sendit: | |||
612 | 612 | |||
613 | /* Perform IPsec processing, if any. */ | 613 | /* Perform IPsec processing, if any. */ | |
614 | error = ipsec4_output(m, inp, flags, &mtu, &natt_frag, | 614 | error = ipsec4_output(m, inp, flags, &mtu, &natt_frag, | |
615 | &ipsec_done); | 615 | &ipsec_done); | |
616 | if (error || ipsec_done) | 616 | if (error || ipsec_done) | |
617 | goto done; | 617 | goto done; | |
618 | } | 618 | } | |
619 | #endif | 619 | #endif | |
620 | 620 | |||
621 | /* | 621 | /* | |
622 | * Run through list of hooks for output packets. | 622 | * Run through list of hooks for output packets. | |
623 | */ | 623 | */ | |
624 | error = pfil_run_hooks(inet_pfil_hook, &m, ifp, PFIL_OUT); | 624 | error = pfil_run_hooks(inet_pfil_hook, &m, ifp, PFIL_OUT); | |
625 | if (error) | 625 | if (error || m == NULL) { | |
626 | goto done; | 626 | IP_STATINC(IP_STAT_PFILDROP_OUT); | |
627 | if (m == NULL) | |||
628 | goto done; | 627 | goto done; | |
628 | } | |||
629 | 629 | |||
630 | ip = mtod(m, struct ip *); | 630 | ip = mtod(m, struct ip *); | |
631 | hlen = ip->ip_hl << 2; | 631 | hlen = ip->ip_hl << 2; | |
632 | 632 | |||
633 | m->m_pkthdr.csum_data |= hlen << 16; | 633 | m->m_pkthdr.csum_data |= hlen << 16; | |
634 | 634 | |||
635 | /* | 635 | /* | |
636 | * search for the source address structure to | 636 | * search for the source address structure to | |
637 | * maintain output statistics, and verify address | 637 | * maintain output statistics, and verify address | |
638 | * validity | 638 | * validity | |
639 | */ | 639 | */ | |
640 | KASSERT(ia == NULL); | 640 | KASSERT(ia == NULL); | |
641 | sockaddr_in_init(&usrc.sin, &ip->ip_src, 0); | 641 | sockaddr_in_init(&usrc.sin, &ip->ip_src, 0); |
--- src/sys/netinet/ip_var.h 2018/09/14 05:09:51 1.127
+++ src/sys/netinet/ip_var.h 2019/05/13 07:47:59 1.128
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: ip_var.h,v 1.127 2018/09/14 05:09:51 maxv Exp $ */ | 1 | /* $NetBSD: ip_var.h,v 1.128 2019/05/13 07:47:59 ozaki-r Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (c) 1982, 1986, 1993 | 4 | * Copyright (c) 1982, 1986, 1993 | |
5 | * The Regents of the University of California. All rights reserved. | 5 | * The Regents of the University of California. All rights reserved. | |
6 | * | 6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | 9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | 10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | 11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | 12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | 13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | 14 | * documentation and/or other materials provided with the distribution. | |
@@ -137,28 +137,30 @@ struct ip_pktopts { | @@ -137,28 +137,30 @@ struct ip_pktopts { | |||
137 | #define IP_STAT_OFRAGMENTS 19 /* output fragments created */ | 137 | #define IP_STAT_OFRAGMENTS 19 /* output fragments created */ | |
138 | #define IP_STAT_CANTFRAG 20 /* don't fragment flag was set, etc. */ | 138 | #define IP_STAT_CANTFRAG 20 /* don't fragment flag was set, etc. */ | |
139 | #define IP_STAT_BADOPTIONS 21 /* error in option processing */ | 139 | #define IP_STAT_BADOPTIONS 21 /* error in option processing */ | |
140 | #define IP_STAT_NOROUTE 22 /* packets discarded due to no route */ | 140 | #define IP_STAT_NOROUTE 22 /* packets discarded due to no route */ | |
141 | #define IP_STAT_BADVERS 23 /* ip version != 4 */ | 141 | #define IP_STAT_BADVERS 23 /* ip version != 4 */ | |
142 | #define IP_STAT_RAWOUT 24 /* total raw ip packets generated */ | 142 | #define IP_STAT_RAWOUT 24 /* total raw ip packets generated */ | |
143 | #define IP_STAT_BADFRAGS 25 /* malformed fragments (bad length) */ | 143 | #define IP_STAT_BADFRAGS 25 /* malformed fragments (bad length) */ | |
144 | #define IP_STAT_RCVMEMDROP 26 /* frags dropped for lack of memory */ | 144 | #define IP_STAT_RCVMEMDROP 26 /* frags dropped for lack of memory */ | |
145 | #define IP_STAT_TOOLONG 27 /* ip length > max ip packet size */ | 145 | #define IP_STAT_TOOLONG 27 /* ip length > max ip packet size */ | |
146 | #define IP_STAT_NOGIF 28 /* no match gif found */ | 146 | #define IP_STAT_NOGIF 28 /* no match gif found */ | |
147 | #define IP_STAT_BADADDR 29 /* invalid address on header */ | 147 | #define IP_STAT_BADADDR 29 /* invalid address on header */ | |
148 | #define IP_STAT_NOL2TP 30 /* no match l2tp found */ | 148 | #define IP_STAT_NOL2TP 30 /* no match l2tp found */ | |
149 | #define IP_STAT_NOIPSEC 31 /* no match ipsec(4) found */ | 149 | #define IP_STAT_NOIPSEC 31 /* no match ipsec(4) found */ | |
150 | #define IP_STAT_PFILDROP_IN 32 /* dropped by pfil (PFIL_IN) */ | |||
151 | #define IP_STAT_PFILDROP_OUT 33 /* dropped by pfil (PFIL_OUT) */ | |||
150 | 152 | |||
151 | #define IP_NSTATS 32 | 153 | #define IP_NSTATS 34 | |
152 | 154 | |||
153 | #ifdef _KERNEL | 155 | #ifdef _KERNEL | |
154 | 156 | |||
155 | #ifdef _KERNEL_OPT | 157 | #ifdef _KERNEL_OPT | |
156 | #include "opt_gateway.h" | 158 | #include "opt_gateway.h" | |
157 | #include "opt_mbuftrace.h" | 159 | #include "opt_mbuftrace.h" | |
158 | #endif | 160 | #endif | |
159 | 161 | |||
160 | /* | 162 | /* | |
161 | * The following flags can be passed to ip_output() as last parameter | 163 | * The following flags can be passed to ip_output() as last parameter | |
162 | */ | 164 | */ | |
163 | #define IP_FORWARDING 0x0001 /* most of ip header exists */ | 165 | #define IP_FORWARDING 0x0001 /* most of ip header exists */ | |
164 | #define IP_RAWOUTPUT 0x0002 /* raw ip header exists */ | 166 | #define IP_RAWOUTPUT 0x0002 /* raw ip header exists */ |
--- src/sys/netinet6/ip6_forward.c 2018/05/01 07:21:39 1.95
+++ src/sys/netinet6/ip6_forward.c 2019/05/13 07:47:59 1.96
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: ip6_forward.c,v 1.95 2018/05/01 07:21:39 maxv Exp $ */ | 1 | /* $NetBSD: ip6_forward.c,v 1.96 2019/05/13 07:47:59 ozaki-r Exp $ */ | |
2 | /* $KAME: ip6_forward.c,v 1.109 2002/09/11 08:10:17 sakane Exp $ */ | 2 | /* $KAME: ip6_forward.c,v 1.109 2002/09/11 08:10:17 sakane Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -21,27 +21,27 @@ | @@ -21,27 +21,27 @@ | |||
21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | 23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | |
24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
30 | * SUCH DAMAGE. | 30 | * SUCH DAMAGE. | |
31 | */ | 31 | */ | |
32 | 32 | |||
33 | #include <sys/cdefs.h> | 33 | #include <sys/cdefs.h> | |
34 | __KERNEL_RCSID(0, "$NetBSD: ip6_forward.c,v 1.95 2018/05/01 07:21:39 maxv Exp $"); | 34 | __KERNEL_RCSID(0, "$NetBSD: ip6_forward.c,v 1.96 2019/05/13 07:47:59 ozaki-r Exp $"); | |
35 | 35 | |||
36 | #ifdef _KERNEL_OPT | 36 | #ifdef _KERNEL_OPT | |
37 | #include "opt_gateway.h" | 37 | #include "opt_gateway.h" | |
38 | #include "opt_ipsec.h" | 38 | #include "opt_ipsec.h" | |
39 | #endif | 39 | #endif | |
40 | 40 | |||
41 | #include <sys/param.h> | 41 | #include <sys/param.h> | |
42 | #include <sys/systm.h> | 42 | #include <sys/systm.h> | |
43 | #include <sys/mbuf.h> | 43 | #include <sys/mbuf.h> | |
44 | #include <sys/errno.h> | 44 | #include <sys/errno.h> | |
45 | #include <sys/time.h> | 45 | #include <sys/time.h> | |
46 | #include <sys/kernel.h> | 46 | #include <sys/kernel.h> | |
47 | #include <sys/syslog.h> | 47 | #include <sys/syslog.h> | |
@@ -383,30 +383,34 @@ ip6_forward(struct mbuf *m, int srcrt) | @@ -383,30 +383,34 @@ ip6_forward(struct mbuf *m, int srcrt) | |||
383 | } | 383 | } | |
384 | 384 | |||
385 | /* | 385 | /* | |
386 | * clear embedded scope identifiers if necessary. | 386 | * clear embedded scope identifiers if necessary. | |
387 | * in6_clearscope will touch the addresses only when necessary. | 387 | * in6_clearscope will touch the addresses only when necessary. | |
388 | */ | 388 | */ | |
389 | in6_clearscope(&ip6->ip6_src); | 389 | in6_clearscope(&ip6->ip6_src); | |
390 | in6_clearscope(&ip6->ip6_dst); | 390 | in6_clearscope(&ip6->ip6_dst); | |
391 | 391 | |||
392 | /* | 392 | /* | |
393 | * Run through list of hooks for output packets. | 393 | * Run through list of hooks for output packets. | |
394 | */ | 394 | */ | |
395 | if ((error = pfil_run_hooks(inet6_pfil_hook, &m, rt->rt_ifp, | 395 | if ((error = pfil_run_hooks(inet6_pfil_hook, &m, rt->rt_ifp, | |
396 | PFIL_OUT)) != 0) | 396 | PFIL_OUT)) != 0) { | |
397 | IP6_STATINC(IP6_STAT_PFILDROP_OUT); | |||
397 | goto senderr; | 398 | goto senderr; | |
398 | if (m == NULL) | 399 | } | |
400 | if (m == NULL) { | |||
401 | IP6_STATINC(IP6_STAT_PFILDROP_OUT); | |||
399 | goto freecopy; | 402 | goto freecopy; | |
403 | } | |||
400 | ip6 = mtod(m, struct ip6_hdr *); | 404 | ip6 = mtod(m, struct ip6_hdr *); | |
401 | 405 | |||
402 | error = ip6_if_output(rt->rt_ifp, origifp, m, dst, rt); | 406 | error = ip6_if_output(rt->rt_ifp, origifp, m, dst, rt); | |
403 | if (error) { | 407 | if (error) { | |
404 | in6_ifstat_inc(rt->rt_ifp, ifs6_out_discard); | 408 | in6_ifstat_inc(rt->rt_ifp, ifs6_out_discard); | |
405 | IP6_STATINC(IP6_STAT_CANTFORWARD); | 409 | IP6_STATINC(IP6_STAT_CANTFORWARD); | |
406 | } else { | 410 | } else { | |
407 | IP6_STATINC(IP6_STAT_FORWARD); | 411 | IP6_STATINC(IP6_STAT_FORWARD); | |
408 | in6_ifstat_inc(rt->rt_ifp, ifs6_out_forward); | 412 | in6_ifstat_inc(rt->rt_ifp, ifs6_out_forward); | |
409 | if (type) | 413 | if (type) | |
410 | IP6_STATINC(IP6_STAT_REDIRECTSENT); | 414 | IP6_STATINC(IP6_STAT_REDIRECTSENT); | |
411 | else { | 415 | else { | |
412 | #ifdef GATEWAY | 416 | #ifdef GATEWAY |
--- src/sys/netinet6/ip6_input.c 2019/01/17 02:47:15 1.207
+++ src/sys/netinet6/ip6_input.c 2019/05/13 07:47:59 1.208
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: ip6_input.c,v 1.207 2019/01/17 02:47:15 knakahara Exp $ */ | 1 | /* $NetBSD: ip6_input.c,v 1.208 2019/05/13 07:47:59 ozaki-r Exp $ */ | |
2 | /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ | 2 | /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -52,27 +52,27 @@ | @@ -52,27 +52,27 @@ | |||
52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
59 | * SUCH DAMAGE. | 59 | * SUCH DAMAGE. | |
60 | * | 60 | * | |
61 | * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 | 61 | * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 | |
62 | */ | 62 | */ | |
63 | 63 | |||
64 | #include <sys/cdefs.h> | 64 | #include <sys/cdefs.h> | |
65 | __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.207 2019/01/17 02:47:15 knakahara Exp $"); | 65 | __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.208 2019/05/13 07:47:59 ozaki-r Exp $"); | |
66 | 66 | |||
67 | #ifdef _KERNEL_OPT | 67 | #ifdef _KERNEL_OPT | |
68 | #include "opt_gateway.h" | 68 | #include "opt_gateway.h" | |
69 | #include "opt_inet.h" | 69 | #include "opt_inet.h" | |
70 | #include "opt_inet6.h" | 70 | #include "opt_inet6.h" | |
71 | #include "opt_ipsec.h" | 71 | #include "opt_ipsec.h" | |
72 | #include "opt_net_mpsafe.h" | 72 | #include "opt_net_mpsafe.h" | |
73 | #endif | 73 | #endif | |
74 | 74 | |||
75 | #include <sys/param.h> | 75 | #include <sys/param.h> | |
76 | #include <sys/systm.h> | 76 | #include <sys/systm.h> | |
77 | #include <sys/mbuf.h> | 77 | #include <sys/mbuf.h> | |
78 | #include <sys/domain.h> | 78 | #include <sys/domain.h> | |
@@ -338,32 +338,34 @@ ip6_input(struct mbuf *m, struct ifnet * | @@ -338,32 +338,34 @@ ip6_input(struct mbuf *m, struct ifnet * | |||
338 | * Note that filters must _never_ set this flag, as another filter | 338 | * Note that filters must _never_ set this flag, as another filter | |
339 | * in the list may have previously cleared it. | 339 | * in the list may have previously cleared it. | |
340 | * | 340 | * | |
341 | * Don't call hooks if the packet has already been processed by | 341 | * Don't call hooks if the packet has already been processed by | |
342 | * IPsec (encapsulated, tunnel mode). | 342 | * IPsec (encapsulated, tunnel mode). | |
343 | */ | 343 | */ | |
344 | #if defined(IPSEC) | 344 | #if defined(IPSEC) | |
345 | if (!ipsec_used || !ipsec_skip_pfil(m)) | 345 | if (!ipsec_used || !ipsec_skip_pfil(m)) | |
346 | #else | 346 | #else | |
347 | if (1) | 347 | if (1) | |
348 | #endif | 348 | #endif | |
349 | { | 349 | { | |
350 | struct in6_addr odst; | 350 | struct in6_addr odst; | |
351 | int error; | |||
351 | 352 | |||
352 | odst = ip6->ip6_dst; | 353 | odst = ip6->ip6_dst; | |
353 | if (pfil_run_hooks(inet6_pfil_hook, &m, rcvif, PFIL_IN) != 0) | 354 | error = pfil_run_hooks(inet6_pfil_hook, &m, rcvif, PFIL_IN); | |
354 | return; | 355 | if (error != 0 || m == NULL) { | |
355 | if (m == NULL) | 356 | IP6_STATINC(IP6_STAT_PFILDROP_IN); | |
356 | return; | 357 | return; | |
358 | } | |||
357 | KASSERT(m->m_len >= sizeof(struct ip6_hdr)); | 359 | KASSERT(m->m_len >= sizeof(struct ip6_hdr)); | |
358 | ip6 = mtod(m, struct ip6_hdr *); | 360 | ip6 = mtod(m, struct ip6_hdr *); | |
359 | srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); | 361 | srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); | |
360 | } | 362 | } | |
361 | 363 | |||
362 | IP6_STATINC(IP6_STAT_NXTHIST + ip6->ip6_nxt); | 364 | IP6_STATINC(IP6_STAT_NXTHIST + ip6->ip6_nxt); | |
363 | 365 | |||
364 | #ifdef ALTQ | 366 | #ifdef ALTQ | |
365 | if (altq_input != NULL) { | 367 | if (altq_input != NULL) { | |
366 | SOFTNET_LOCK(); | 368 | SOFTNET_LOCK(); | |
367 | if ((*altq_input)(m, AF_INET6) == 0) { | 369 | if ((*altq_input)(m, AF_INET6) == 0) { | |
368 | SOFTNET_UNLOCK(); | 370 | SOFTNET_UNLOCK(); | |
369 | /* packet is dropped by traffic conditioner */ | 371 | /* packet is dropped by traffic conditioner */ |
--- src/sys/netinet6/ip6_output.c 2019/04/03 19:23:38 1.218
+++ src/sys/netinet6/ip6_output.c 2019/05/13 07:47:59 1.219
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: ip6_output.c,v 1.218 2019/04/03 19:23:38 maxv Exp $ */ | 1 | /* $NetBSD: ip6_output.c,v 1.219 2019/05/13 07:47:59 ozaki-r Exp $ */ | |
2 | /* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */ | 2 | /* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -52,27 +52,27 @@ | @@ -52,27 +52,27 @@ | |||
52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
59 | * SUCH DAMAGE. | 59 | * SUCH DAMAGE. | |
60 | * | 60 | * | |
61 | * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 | 61 | * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 | |
62 | */ | 62 | */ | |
63 | 63 | |||
64 | #include <sys/cdefs.h> | 64 | #include <sys/cdefs.h> | |
65 | __KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.218 2019/04/03 19:23:38 maxv Exp $"); | 65 | __KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.219 2019/05/13 07:47:59 ozaki-r Exp $"); | |
66 | 66 | |||
67 | #ifdef _KERNEL_OPT | 67 | #ifdef _KERNEL_OPT | |
68 | #include "opt_inet.h" | 68 | #include "opt_inet.h" | |
69 | #include "opt_inet6.h" | 69 | #include "opt_inet6.h" | |
70 | #include "opt_ipsec.h" | 70 | #include "opt_ipsec.h" | |
71 | #endif | 71 | #endif | |
72 | 72 | |||
73 | #include <sys/param.h> | 73 | #include <sys/param.h> | |
74 | #include <sys/malloc.h> | 74 | #include <sys/malloc.h> | |
75 | #include <sys/mbuf.h> | 75 | #include <sys/mbuf.h> | |
76 | #include <sys/errno.h> | 76 | #include <sys/errno.h> | |
77 | #include <sys/socket.h> | 77 | #include <sys/socket.h> | |
78 | #include <sys/socketvar.h> | 78 | #include <sys/socketvar.h> | |
@@ -746,30 +746,31 @@ ip6_output( | @@ -746,30 +746,31 @@ ip6_output( | |||
746 | 746 | |||
747 | if (ip6_hopopts_input(&dummy1, &dummy2, &m, &hoff)) { | 747 | if (ip6_hopopts_input(&dummy1, &dummy2, &m, &hoff)) { | |
748 | /* m was already freed at this point */ | 748 | /* m was already freed at this point */ | |
749 | error = EINVAL; | 749 | error = EINVAL; | |
750 | goto done; | 750 | goto done; | |
751 | } | 751 | } | |
752 | 752 | |||
753 | ip6 = mtod(m, struct ip6_hdr *); | 753 | ip6 = mtod(m, struct ip6_hdr *); | |
754 | } | 754 | } | |
755 | 755 | |||
756 | /* | 756 | /* | |
757 | * Run through list of hooks for output packets. | 757 | * Run through list of hooks for output packets. | |
758 | */ | 758 | */ | |
759 | if ((error = pfil_run_hooks(inet6_pfil_hook, &m, ifp, PFIL_OUT)) != 0) | 759 | error = pfil_run_hooks(inet6_pfil_hook, &m, ifp, PFIL_OUT); | |
760 | goto done; | 760 | if (error != 0 || m == NULL) { | |
761 | if (m == NULL) | 761 | IP6_STATINC(IP6_STAT_PFILDROP_OUT); | |
762 | goto done; | 762 | goto done; | |
763 | } | |||
763 | ip6 = mtod(m, struct ip6_hdr *); | 764 | ip6 = mtod(m, struct ip6_hdr *); | |
764 | 765 | |||
765 | /* | 766 | /* | |
766 | * Send the packet to the outgoing interface. | 767 | * Send the packet to the outgoing interface. | |
767 | * If necessary, do IPv6 fragmentation before sending. | 768 | * If necessary, do IPv6 fragmentation before sending. | |
768 | * | 769 | * | |
769 | * the logic here is rather complex: | 770 | * the logic here is rather complex: | |
770 | * 1: normal case (dontfrag == 0, alwaysfrag == 0) | 771 | * 1: normal case (dontfrag == 0, alwaysfrag == 0) | |
771 | * 1-a: send as is if tlen <= path mtu | 772 | * 1-a: send as is if tlen <= path mtu | |
772 | * 1-b: fragment if tlen > path mtu | 773 | * 1-b: fragment if tlen > path mtu | |
773 | * | 774 | * | |
774 | * 2: if user asks us not to fragment (dontfrag == 1) | 775 | * 2: if user asks us not to fragment (dontfrag == 1) | |
775 | * 2-a: send as is if tlen <= interface mtu | 776 | * 2-a: send as is if tlen <= interface mtu |
--- src/sys/netinet6/ip6_var.h 2018/11/29 09:51:21 1.81
+++ src/sys/netinet6/ip6_var.h 2019/05/13 07:47:59 1.82
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: ip6_var.h,v 1.81 2018/11/29 09:51:21 ozaki-r Exp $ */ | 1 | /* $NetBSD: ip6_var.h,v 1.82 2019/05/13 07:47:59 ozaki-r Exp $ */ | |
2 | /* $KAME: ip6_var.h,v 1.33 2000/06/11 14:59:20 jinmei Exp $ */ | 2 | /* $KAME: ip6_var.h,v 1.33 2000/06/11 14:59:20 jinmei Exp $ */ | |
3 | 3 | |||
4 | /* | 4 | /* | |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | * All rights reserved. | 6 | * All rights reserved. | |
7 | * | 7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | 10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | 11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | 12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | 13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | 14 | * notice, this list of conditions and the following disclaimer in the | |
@@ -176,28 +176,30 @@ struct ip6_pktopts { | @@ -176,28 +176,30 @@ struct ip6_pktopts { | |||
176 | /* space for 16 counters */ | 176 | /* space for 16 counters */ | |
177 | #define IP6_STAT_SOURCES_OTHERSCOPE 366 /* number of times that an address that | 177 | #define IP6_STAT_SOURCES_OTHERSCOPE 366 /* number of times that an address that | |
178 | has a different scope from the dest. | 178 | has a different scope from the dest. | |
179 | is chosen */ | 179 | is chosen */ | |
180 | /* space for 16 counters */ | 180 | /* space for 16 counters */ | |
181 | #define IP6_STAT_SOURCES_DEPRECATED 382 /* number of times that a deprecated | 181 | #define IP6_STAT_SOURCES_DEPRECATED 382 /* number of times that a deprecated | |
182 | address is chosen */ | 182 | address is chosen */ | |
183 | /* space for 16 counters */ | 183 | /* space for 16 counters */ | |
184 | #define IP6_STAT_FORWARD_CACHEHIT 398 | 184 | #define IP6_STAT_FORWARD_CACHEHIT 398 | |
185 | #define IP6_STAT_FORWARD_CACHEMISS 399 | 185 | #define IP6_STAT_FORWARD_CACHEMISS 399 | |
186 | #define IP6_STAT_FASTFORWARD 400 /* packets fast forwarded */ | 186 | #define IP6_STAT_FASTFORWARD 400 /* packets fast forwarded */ | |
187 | #define IP6_STAT_FASTFORWARDFLOWS 401 /* number of fast forward flows */ | 187 | #define IP6_STAT_FASTFORWARDFLOWS 401 /* number of fast forward flows */ | |
188 | #define IP6_STAT_NOIPSEC 402 /* no match ipsec(4) found */ | 188 | #define IP6_STAT_NOIPSEC 402 /* no match ipsec(4) found */ | |
189 | #define IP6_STAT_PFILDROP_IN 403 /* dropped by pfil (PFIL_IN) */ | |||
190 | #define IP6_STAT_PFILDROP_OUT 404 /* dropped by pfil (PFIL_OUT) */ | |||
189 | 191 | |||
190 | #define IP6_NSTATS 403 | 192 | #define IP6_NSTATS 405 | |
191 | 193 | |||
192 | #define IP6FLOW_HASHBITS 6 /* should not be a multiple of 8 */ | 194 | #define IP6FLOW_HASHBITS 6 /* should not be a multiple of 8 */ | |
193 | 195 | |||
194 | /* | 196 | /* | |
195 | * Structure for an IPv6 flow (ip6_fastforward). | 197 | * Structure for an IPv6 flow (ip6_fastforward). | |
196 | */ | 198 | */ | |
197 | struct ip6flow { | 199 | struct ip6flow { | |
198 | TAILQ_ENTRY(ip6flow) ip6f_list; /* next in active list */ | 200 | TAILQ_ENTRY(ip6flow) ip6f_list; /* next in active list */ | |
199 | TAILQ_ENTRY(ip6flow) ip6f_hash; /* next ip6flow in bucket */ | 201 | TAILQ_ENTRY(ip6flow) ip6f_hash; /* next ip6flow in bucket */ | |
200 | size_t ip6f_hashidx; /* own hash index of ipflowtable[] */ | 202 | size_t ip6f_hashidx; /* own hash index of ipflowtable[] */ | |
201 | struct in6_addr ip6f_dst; /* destination address */ | 203 | struct in6_addr ip6f_dst; /* destination address */ | |
202 | struct in6_addr ip6f_src; /* source address */ | 204 | struct in6_addr ip6f_src; /* source address */ | |
203 | struct route ip6f_ro; /* associated route entry */ | 205 | struct route ip6f_ro; /* associated route entry */ |