ip_input.c revision 76c3e51cb98d68249ec485cb910cebf2dc6965bd
/* $Id$ */
/** @file
* NAT - IP input.
*/
/*
* Copyright (C) 2006-2010 Oracle Corporation
*
* This file is part of VirtualBox Open Source Edition (OSE), as
* available from http://www.virtualbox.org. This file is free software;
* General Public License (GPL) as published by the Free Software
* Foundation, in version 2 as it comes in the "COPYING" file of the
* VirtualBox OSE distribution. VirtualBox OSE is distributed in the
* hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
*/
/*
* This code is based on:
*
* Copyright (c) 1982, 1986, 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)ip_input.c 8.2 (Berkeley) 1/4/94
* ip_input.c,v 1.11 1994/11/16 10:17:08 jkh Exp
*/
/*
* Changes and additions relating to SLiRP are
* Copyright (c) 1995 Danny Gasparovski.
*
* Please read the file COPYRIGHT for the
* terms and conditions of the copyright.
*/
#include <slirp.h>
#include "ip_icmp.h"
#include "alias.h"
/*
* IP initialization: fill in IP protocol switch table.
* All protocols not implemented in kernel go to raw IP protocol handler.
*/
void
{
int i = 0;
for (i = 0; i < IPREASS_NHASH; ++i)
TAILQ_INIT(&ipq[i]);
maxfragsperpacket = 16;
nipq = 0;
}
{
struct m_tag *t;
return (struct libalias *)&t[1];
return la;
}
/*
* Ip input routine. Checksum and byte swap header. If fragmented
* try to reassemble. Process options. Pass to next level.
*/
void
{
int hlen = 0;
int mlen = 0;
LogFlow(("ip_input: m = %lx\n", (long)m));
{
int rc;
}
{
goto bad_free_m;
}
{
goto bad_free_m;
}
{
/* min header length */
goto bad_free_m;
}
/* keep ip header intact for ICMP reply
* ip->ip_sum = cksum(m, hlen);
* if (ip->ip_sum) {
*/
{
ipstat.ips_badsum++;
goto bad_free_m;
}
/*
* Convert fields to host representation.
*/
{
ipstat.ips_badlen++;
goto bad_free_m;
}
/*
* Check that the amount of data in the buffers
* is as at least much as the IP header would have us expect.
* Trim mbufs if longer than we expect.
* Drop packet if shorter than we expect.
*/
{
goto bad_free_m;
}
/* Should drop packet if mbuf too long? hmmm... */
/* check ip_ttl for a correct ICMP reply */
{
goto no_free_m;
}
/*
* If offset or IP_MF are set, must reassemble.
* Otherwise, nothing need be done.
* (We could look in the reassembly queue to see
* if the packet was previously fragmented,
* but it's not worth the time; just let them time out.)
*
*/
{
if (m == NULL)
goto no_free_m;
}
else
/*
* Switch out to protocol's input routine.
*/
{
case IPPROTO_TCP:
break;
case IPPROTO_UDP:
break;
case IPPROTO_ICMP:
break;
default:
}
goto no_free_m;
Log2(("NAT: IP datagram to %R[IP4] with size(%d) claimed as bad\n",
return;
}
struct mbuf *
{
/* If maxnipq or maxfragsperpacket are 0, never accept fragments. */
if ( maxnipq == 0
|| maxfragsperpacket == 0)
{
return (NULL);
}
/*
* Look for queue of fragments
* of this datagram.
*/
goto found;
/*
* Attempt to trim the number of allocated fragment queues if it
* exceeds the administrative limit.
*/
{
/*
* drop something from the tail of the current queue
* before proceeding further
*/
{
/* gak */
for (i = 0; i < IPREASS_NHASH; i++)
{
if (pTail)
{
break;
}
}
}
else
{
}
}
/*
* Adjust ip_len to not reflect header,
* convert offset of this to bytes.
*/
{
/*
* Make sure that fragments have a data length
* that's a non-zero multiple of 8 bytes.
*/
{
goto dropfrag;
}
}
else
/*
* Attempt reassembly; if it succeeds, proceed.
* ip_reass() will return a different mbuf.
*/
/* Previous ip_reass() started here. */
/*
* Presence of header sizes in mbufs
* would confuse code below.
*/
/*
* If first fragment to arrive, create a reassembly queue.
*/
{
goto dropfrag;
nipq++;
goto done;
}
else
{
fp->ipq_nfrags++;
}
/*
* Find a segment which begins after this one does.
*/
break;
/*
* If there is a preceding segment, it may provide some of
* our data already. If so, drop the data from the incoming
* segment. If it provides all of our data, drop us, otherwise
* stick new segment in the proper place.
*
* If some of the data is dropped from the the preceding
* segment, then it's checksum is invalidated.
*/
if (p)
{
if (i > 0)
{
goto dropfrag;
m_adj(m, i);
}
p->m_nextpkt = m;
}
else
{
}
/*
* While we overlap succeeding segments trim them or,
* if they are completely covered, dequeue them.
*/
q = nq)
{
{
m_adj(q, i);
break;
}
fp->ipq_nfrags--;
}
/*
* Check for complete reassembly and perform frag per packet
* limiting.
*
* Frag limiting is performed here so that the nth frag has
* a chance to complete the packet before we drop the packet.
* As a result, n+1 frags are actually allowed per packet, but
* only n will ever be stored. (n = maxfragsperpacket.)
*
*/
next = 0;
{
{
{
}
goto done;
}
}
/* Make sure the last packet didn't have the IP_MF flag */
{
{
}
goto done;
}
/*
* Reassembly is complete. Make sure the packet is a sane size.
*/
{
goto done;
}
/*
* Concatenate fragments.
*/
m = q;
{
}
/*
* Create header for new ip packet by modifying header of first
* packet; dequeue and discard fragment reassembly header.
* Make header visible.
*/
nipq--;
/* some debugging cruft by sklower, below, will go away soon */
#if 0
m_fixhdr(m);
#endif
return (m);
fp->ipq_nfrags--;
done:
return NULL;
}
void
{
struct mbuf *q;
{
}
nipq--;
}
/*
* IP timer processing;
* if a timer expires on a reassembly
* queue, discard it.
*/
void
{
/* XXX: the fragment expiration is the same but requier
* additional loop see (see ip_input.c in FreeBSD tree)
*/
int i;
LogFlow(("ip_slowtimo:\n"));
for (i = 0; i < IPREASS_NHASH; i++)
{
{
{
}
}
}
/*
* If we are over the maximum number of fragments
* (due to the limit being lowered), drain off
* enough to get down to the new limit.
*/
{
for (i = 0; i < IPREASS_NHASH; i++)
{
{
}
}
}
}
/*
* Strip out IP options, at higher
* level protocol in the kernel.
* Second argument is buffer to which options
* will be moved, and return value is their length.
* (XXX) should be deleted; last arg currently ignored.
*/
void
{
register int i;
int olen;
}