1 /* 2 * Copyright (c) 1982, 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)if_ethersubr.c 8.1 (Berkeley) 6/10/93 34 * $FreeBSD: src/sys/net/if_ethersubr.c,v 1.70.2.33 2003/04/28 15:45:53 archie Exp $ 35 */ 36 37 #include "opt_atalk.h" 38 #include "opt_inet.h" 39 #include "opt_inet6.h" 40 #include "opt_ipx.h" 41 #include "opt_bdg.h" 42 #include "opt_netgraph.h" 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/kernel.h> 47 #include <sys/malloc.h> 48 #include <sys/mbuf.h> 49 #include <sys/socket.h> 50 #include <sys/sockio.h> 51 #include <sys/sysctl.h> 52 53 #include <net/if.h> 54 #include <net/netisr.h> 55 #include <net/route.h> 56 #include <net/if_llc.h> 57 #include <net/if_dl.h> 58 #include <net/if_types.h> 59 #include <net/bpf.h> 60 #include <net/ethernet.h> 61 #include <net/bridge.h> 62 63 #if defined(INET) || defined(INET6) 64 #include <netinet/in.h> 65 #include <netinet/in_var.h> 66 #include <netinet/if_ether.h> 67 #include <netinet/ip_fw.h> 68 #include <netinet/ip_dummynet.h> 69 #endif 70 #ifdef INET6 71 #include <netinet6/nd6.h> 72 #endif 73 74 #ifdef IPX 75 #include <netipx/ipx.h> 76 #include <netipx/ipx_if.h> 77 int (*ef_inputp)(struct ifnet*, struct ether_header *eh, struct mbuf *m); 78 int (*ef_outputp)(struct ifnet *ifp, struct mbuf **mp, 79 struct sockaddr *dst, short *tp, int *hlen); 80 #endif 81 82 #ifdef NS 83 #include <netns/ns.h> 84 #include <netns/ns_if.h> 85 ushort ns_nettype; 86 int ether_outputdebug = 0; 87 int ether_inputdebug = 0; 88 #endif 89 90 #ifdef NETATALK 91 #include <netatalk/at.h> 92 #include <netatalk/at_var.h> 93 #include <netatalk/at_extern.h> 94 95 #define llc_snap_org_code llc_un.type_snap.org_code 96 #define llc_snap_ether_type llc_un.type_snap.ether_type 97 98 extern u_char at_org_code[3]; 99 extern u_char aarp_org_code[3]; 100 #endif /* NETATALK */ 101 102 /* netgraph node hooks for ng_ether(4) */ 103 void (*ng_ether_input_p)(struct ifnet *ifp, 104 struct mbuf **mp, struct ether_header *eh); 105 void (*ng_ether_input_orphan_p)(struct ifnet *ifp, 106 struct mbuf *m, struct ether_header *eh); 107 int (*ng_ether_output_p)(struct ifnet *ifp, struct mbuf **mp); 108 void (*ng_ether_attach_p)(struct ifnet *ifp); 109 void (*ng_ether_detach_p)(struct ifnet *ifp); 110 111 int (*vlan_input_p)(struct ether_header *eh, struct mbuf *m); 112 int (*vlan_input_tag_p)(struct ether_header *eh, struct mbuf *m, 113 u_int16_t t); 114 115 /* bridge support */ 116 int do_bridge; 117 bridge_in_t *bridge_in_ptr; 118 bdg_forward_t *bdg_forward_ptr; 119 bdgtakeifaces_t *bdgtakeifaces_ptr; 120 struct bdg_softc *ifp2sc; 121 122 static int ether_resolvemulti(struct ifnet *, struct sockaddr **, 123 struct sockaddr *); 124 u_char etherbroadcastaddr[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 125 #define senderr(e) do { error = (e); goto bad;} while (0) 126 #define IFP2AC(IFP) ((struct arpcom *)IFP) 127 128 int 129 ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, 130 struct ip_fw **rule, struct ether_header *eh, int shared); 131 static int ether_ipfw; 132 133 /* 134 * Ethernet output routine. 135 * Encapsulate a packet of type family for the local net. 136 * Use trailer local net encapsulation if enough data in first 137 * packet leaves a multiple of 512 bytes of data in remainder. 138 * Assumes that ifp is actually pointer to arpcom structure. 139 */ 140 int 141 ether_output(ifp, m, dst, rt0) 142 register struct ifnet *ifp; 143 struct mbuf *m; 144 struct sockaddr *dst; 145 struct rtentry *rt0; 146 { 147 short type; 148 int error = 0, hdrcmplt = 0; 149 u_char esrc[6], edst[6]; 150 register struct rtentry *rt; 151 register struct ether_header *eh; 152 int loop_copy = 0; 153 int hlen; /* link layer header lenght */ 154 struct arpcom *ac = IFP2AC(ifp); 155 156 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) 157 senderr(ENETDOWN); 158 rt = rt0; 159 if (rt) { 160 if ((rt->rt_flags & RTF_UP) == 0) { 161 rt0 = rt = rtalloc1(dst, 1, 0UL); 162 if (rt0) 163 rt->rt_refcnt--; 164 else 165 senderr(EHOSTUNREACH); 166 } 167 if (rt->rt_flags & RTF_GATEWAY) { 168 if (rt->rt_gwroute == 0) 169 goto lookup; 170 if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) { 171 rtfree(rt); rt = rt0; 172 lookup: rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1, 173 0UL); 174 if ((rt = rt->rt_gwroute) == 0) 175 senderr(EHOSTUNREACH); 176 } 177 } 178 if (rt->rt_flags & RTF_REJECT) 179 if (rt->rt_rmx.rmx_expire == 0 || 180 time_second < rt->rt_rmx.rmx_expire) 181 senderr(rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 182 } 183 hlen = ETHER_HDR_LEN; 184 switch (dst->sa_family) { 185 #ifdef INET 186 case AF_INET: 187 if (!arpresolve(ifp, rt, m, dst, edst, rt0)) 188 return (0); /* if not yet resolved */ 189 type = htons(ETHERTYPE_IP); 190 break; 191 #endif 192 #ifdef INET6 193 case AF_INET6: 194 if (!nd6_storelladdr(&ac->ac_if, rt, m, dst, (u_char *)edst)) { 195 /* Something bad happened */ 196 return(0); 197 } 198 type = htons(ETHERTYPE_IPV6); 199 break; 200 #endif 201 #ifdef IPX 202 case AF_IPX: 203 if (ef_outputp) { 204 error = ef_outputp(ifp, &m, dst, &type, &hlen); 205 if (error) 206 goto bad; 207 } else 208 type = htons(ETHERTYPE_IPX); 209 bcopy((caddr_t)&(((struct sockaddr_ipx *)dst)->sipx_addr.x_host), 210 (caddr_t)edst, sizeof (edst)); 211 break; 212 #endif 213 #ifdef NETATALK 214 case AF_APPLETALK: 215 { 216 struct at_ifaddr *aa; 217 218 if ((aa = at_ifawithnet((struct sockaddr_at *)dst)) == NULL) { 219 goto bad; 220 } 221 if (!aarpresolve(ac, m, (struct sockaddr_at *)dst, edst)) 222 return (0); 223 /* 224 * In the phase 2 case, need to prepend an mbuf for the llc header. 225 * Since we must preserve the value of m, which is passed to us by 226 * value, we m_copy() the first mbuf, and use it for our llc header. 227 */ 228 if ( aa->aa_flags & AFA_PHASE2 ) { 229 struct llc llc; 230 231 M_PREPEND(m, sizeof(struct llc), M_WAIT); 232 llc.llc_dsap = llc.llc_ssap = LLC_SNAP_LSAP; 233 llc.llc_control = LLC_UI; 234 bcopy(at_org_code, llc.llc_snap_org_code, sizeof(at_org_code)); 235 llc.llc_snap_ether_type = htons( ETHERTYPE_AT ); 236 bcopy(&llc, mtod(m, caddr_t), sizeof(struct llc)); 237 type = htons(m->m_pkthdr.len); 238 hlen = sizeof(struct llc) + ETHER_HDR_LEN; 239 } else { 240 type = htons(ETHERTYPE_AT); 241 } 242 break; 243 } 244 #endif /* NETATALK */ 245 #ifdef NS 246 case AF_NS: 247 switch(ns_nettype){ 248 default: 249 case 0x8137: /* Novell Ethernet_II Ethernet TYPE II */ 250 type = 0x8137; 251 break; 252 case 0x0: /* Novell 802.3 */ 253 type = htons( m->m_pkthdr.len); 254 break; 255 case 0xe0e0: /* Novell 802.2 and Token-Ring */ 256 M_PREPEND(m, 3, M_WAIT); 257 type = htons( m->m_pkthdr.len); 258 cp = mtod(m, u_char *); 259 *cp++ = 0xE0; 260 *cp++ = 0xE0; 261 *cp++ = 0x03; 262 break; 263 } 264 bcopy((caddr_t)&(((struct sockaddr_ns *)dst)->sns_addr.x_host), 265 (caddr_t)edst, sizeof (edst)); 266 /* 267 * XXX if ns_thishost is the same as the node's ethernet 268 * address then just the default code will catch this anyhow. 269 * So I'm not sure if this next clause should be here at all? 270 * [JRE] 271 */ 272 if (!bcmp((caddr_t)edst, (caddr_t)&ns_thishost, sizeof(edst))){ 273 m->m_pkthdr.rcvif = ifp; 274 inq = &nsintrq; 275 if (IF_HANDOFF(inq, m, NULL)) 276 schednetisr(NETISR_NS); 277 return (error); 278 } 279 if (!bcmp((caddr_t)edst, (caddr_t)&ns_broadhost, sizeof(edst))){ 280 m->m_flags |= M_BCAST; 281 } 282 break; 283 #endif /* NS */ 284 285 case pseudo_AF_HDRCMPLT: 286 hdrcmplt = 1; 287 eh = (struct ether_header *)dst->sa_data; 288 (void)memcpy(esrc, eh->ether_shost, sizeof (esrc)); 289 /* FALLTHROUGH */ 290 291 case AF_UNSPEC: 292 loop_copy = -1; /* if this is for us, don't do it */ 293 eh = (struct ether_header *)dst->sa_data; 294 (void)memcpy(edst, eh->ether_dhost, sizeof (edst)); 295 type = eh->ether_type; 296 break; 297 298 default: 299 printf("%s%d: can't handle af%d\n", ifp->if_name, ifp->if_unit, 300 dst->sa_family); 301 senderr(EAFNOSUPPORT); 302 } 303 304 /* 305 * Add local net header. If no space in first mbuf, 306 * allocate another. 307 */ 308 M_PREPEND(m, sizeof (struct ether_header), M_DONTWAIT); 309 if (m == 0) 310 senderr(ENOBUFS); 311 eh = mtod(m, struct ether_header *); 312 (void)memcpy(&eh->ether_type, &type, 313 sizeof(eh->ether_type)); 314 (void)memcpy(eh->ether_dhost, edst, sizeof (edst)); 315 if (hdrcmplt) 316 (void)memcpy(eh->ether_shost, esrc, 317 sizeof(eh->ether_shost)); 318 else 319 (void)memcpy(eh->ether_shost, ac->ac_enaddr, 320 sizeof(eh->ether_shost)); 321 322 /* 323 * If a simplex interface, and the packet is being sent to our 324 * Ethernet address or a broadcast address, loopback a copy. 325 * XXX To make a simplex device behave exactly like a duplex 326 * device, we should copy in the case of sending to our own 327 * ethernet address (thus letting the original actually appear 328 * on the wire). However, we don't do that here for security 329 * reasons and compatibility with the original behavior. 330 */ 331 if ((ifp->if_flags & IFF_SIMPLEX) && (loop_copy != -1)) { 332 int csum_flags = 0; 333 334 if (m->m_pkthdr.csum_flags & CSUM_IP) 335 csum_flags |= (CSUM_IP_CHECKED|CSUM_IP_VALID); 336 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) 337 csum_flags |= (CSUM_DATA_VALID|CSUM_PSEUDO_HDR); 338 if ((m->m_flags & M_BCAST) || (loop_copy > 0)) { 339 struct mbuf *n; 340 341 if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) { 342 n->m_pkthdr.csum_flags |= csum_flags; 343 if (csum_flags & CSUM_DATA_VALID) 344 n->m_pkthdr.csum_data = 0xffff; 345 (void)if_simloop(ifp, n, dst->sa_family, hlen); 346 } else 347 ifp->if_iqdrops++; 348 } else if (bcmp(eh->ether_dhost, 349 eh->ether_shost, ETHER_ADDR_LEN) == 0) { 350 m->m_pkthdr.csum_flags |= csum_flags; 351 if (csum_flags & CSUM_DATA_VALID) 352 m->m_pkthdr.csum_data = 0xffff; 353 (void) if_simloop(ifp, m, dst->sa_family, hlen); 354 return (0); /* XXX */ 355 } 356 } 357 358 /* Handle ng_ether(4) processing, if any */ 359 if (ng_ether_output_p != NULL) { 360 if ((error = (*ng_ether_output_p)(ifp, &m)) != 0) { 361 bad: if (m != NULL) 362 m_freem(m); 363 return (error); 364 } 365 if (m == NULL) 366 return (0); 367 } 368 369 /* Continue with link-layer output */ 370 return ether_output_frame(ifp, m); 371 } 372 373 /* 374 * Ethernet link layer output routine to send a raw frame to the device. 375 * 376 * This assumes that the 14 byte Ethernet header is present and contiguous 377 * in the first mbuf (if BRIDGE'ing). 378 */ 379 int 380 ether_output_frame(ifp, m) 381 struct ifnet *ifp; 382 struct mbuf *m; 383 { 384 int error = 0; 385 int s; 386 struct ip_fw *rule = NULL; 387 388 /* Extract info from dummynet tag, ignore others */ 389 for (; m->m_type == MT_TAG; m = m->m_next) 390 if (m->m_flags == PACKET_TAG_DUMMYNET) 391 rule = ((struct dn_pkt *)m)->rule; 392 393 if (rule) /* packet was already bridged */ 394 goto no_bridge; 395 396 if (BDG_ACTIVE(ifp) ) { 397 struct ether_header *eh; /* a ptr suffices */ 398 399 m->m_pkthdr.rcvif = NULL; 400 eh = mtod(m, struct ether_header *); 401 m_adj(m, ETHER_HDR_LEN); 402 m = bdg_forward_ptr(m, eh, ifp); 403 if (m != NULL) 404 m_freem(m); 405 return (0); 406 } 407 408 no_bridge: 409 s = splimp(); 410 if (IPFW_LOADED && ether_ipfw != 0) { 411 struct ether_header save_eh, *eh; 412 413 eh = mtod(m, struct ether_header *); 414 save_eh = *eh; 415 m_adj(m, ETHER_HDR_LEN); 416 if (ether_ipfw_chk(&m, ifp, &rule, eh, 0) == 0) { 417 if (m) { 418 m_freem(m); 419 return ENOBUFS; /* pkt dropped */ 420 } else 421 return 0; /* consumed e.g. in a pipe */ 422 } 423 /* packet was ok, restore the ethernet header */ 424 if ( (void *)(eh + 1) == (void *)m->m_data) { 425 m->m_data -= ETHER_HDR_LEN ; 426 m->m_len += ETHER_HDR_LEN ; 427 m->m_pkthdr.len += ETHER_HDR_LEN ; 428 } else { 429 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); 430 if (m == NULL) /* nope... */ 431 return ENOBUFS; 432 bcopy(&save_eh, mtod(m, struct ether_header *), 433 ETHER_HDR_LEN); 434 } 435 } 436 437 /* 438 * Queue message on interface, update output statistics if 439 * successful, and start output if interface not yet active. 440 */ 441 if (!IF_HANDOFF(&ifp->if_snd, m, ifp)) 442 error = ENOBUFS; 443 splx(s); 444 return (error); 445 } 446 447 /* 448 * ipfw processing for ethernet packets (in and out). 449 * The second parameter is NULL from ether_demux, and ifp from 450 * ether_output_frame. This section of code could be used from 451 * bridge.c as well as long as we use some extra info 452 * to distinguish that case from ether_output_frame(); 453 */ 454 int 455 ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, 456 struct ip_fw **rule, struct ether_header *eh, int shared) 457 { 458 struct ether_header save_eh = *eh; /* might be a ptr in m */ 459 int i; 460 struct ip_fw_args args; 461 462 if (*rule != NULL && fw_one_pass) 463 return 1; /* dummynet packet, already partially processed */ 464 465 /* 466 * I need some amt of data to be contiguous, and in case others need 467 * the packet (shared==1) also better be in the first mbuf. 468 */ 469 i = min( (*m0)->m_pkthdr.len, max_protohdr); 470 if ( shared || (*m0)->m_len < i) { 471 *m0 = m_pullup(*m0, i); 472 if (*m0 == NULL) 473 return 0; 474 } 475 476 args.m = *m0; /* the packet we are looking at */ 477 args.oif = dst; /* destination, if any */ 478 args.divert_rule = 0; /* we do not support divert yet */ 479 args.rule = *rule; /* matching rule to restart */ 480 args.next_hop = NULL; /* we do not support forward yet */ 481 args.eh = &save_eh; /* MAC header for bridged/MAC packets */ 482 i = ip_fw_chk_ptr(&args); 483 *m0 = args.m; 484 *rule = args.rule; 485 486 if ( (i & IP_FW_PORT_DENY_FLAG) || *m0 == NULL) /* drop */ 487 return 0; 488 489 if (i == 0) /* a PASS rule. */ 490 return 1; 491 492 if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG)) { 493 /* 494 * Pass the pkt to dummynet, which consumes it. 495 * If shared, make a copy and keep the original. 496 */ 497 struct mbuf *m ; 498 499 if (shared) { 500 m = m_copypacket(*m0, M_DONTWAIT); 501 if (m == NULL) 502 return 0; 503 } else { 504 m = *m0 ; /* pass the original to dummynet */ 505 *m0 = NULL ; /* and nothing back to the caller */ 506 } 507 /* 508 * Prepend the header, optimize for the common case of 509 * eh pointing into the mbuf. 510 */ 511 if ( (void *)(eh + 1) == (void *)m->m_data) { 512 m->m_data -= ETHER_HDR_LEN ; 513 m->m_len += ETHER_HDR_LEN ; 514 m->m_pkthdr.len += ETHER_HDR_LEN ; 515 } else { 516 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); 517 if (m == NULL) /* nope... */ 518 return 0; 519 bcopy(&save_eh, mtod(m, struct ether_header *), 520 ETHER_HDR_LEN); 521 } 522 ip_dn_io_ptr(m, (i & 0xffff), 523 dst ? DN_TO_ETH_OUT: DN_TO_ETH_DEMUX, &args); 524 return 0; 525 } 526 /* 527 * XXX at some point add support for divert/forward actions. 528 * If none of the above matches, we have to drop the pkt. 529 */ 530 return 0; 531 } 532 533 /* 534 * Process a received Ethernet packet. We have two different interfaces: 535 * one (conventional) assumes the packet in the mbuf, with the ethernet 536 * header provided separately in *eh. The second one (new) has everything 537 * in the mbuf, and we can tell it because eh == NULL. 538 * The caller MUST MAKE SURE that there are at least 539 * sizeof(struct ether_header) bytes in the first mbuf. 540 * 541 * This allows us to concentrate in one place a bunch of code which 542 * is replicated in all device drivers. Also, many functions called 543 * from ether_input() try to put the eh back into the mbuf, so we 544 * can later propagate the 'contiguous packet' interface to them, 545 * and handle the old interface just here. 546 * 547 * NOTA BENE: for many drivers "eh" is a pointer into the first mbuf or 548 * cluster, right before m_data. So be very careful when working on m, 549 * as you could destroy *eh !! 550 * 551 * First we perform any link layer operations, then continue 552 * to the upper layers with ether_demux(). 553 */ 554 void 555 ether_input(struct ifnet *ifp, struct ether_header *eh, struct mbuf *m) 556 { 557 struct ether_header save_eh; 558 559 if (eh == NULL) { 560 if (m->m_len < sizeof(struct ether_header)) { 561 /* XXX error in the caller. */ 562 m_freem(m); 563 return; 564 } 565 m->m_pkthdr.rcvif = ifp; 566 eh = mtod(m, struct ether_header *); 567 m->m_data += sizeof(struct ether_header); 568 m->m_len -= sizeof(struct ether_header); 569 m->m_pkthdr.len = m->m_len; 570 } 571 572 /* Check for a BPF tap */ 573 if (ifp->if_bpf != NULL) { 574 struct m_hdr mh; 575 576 /* This kludge is OK; BPF treats the "mbuf" as read-only */ 577 mh.mh_next = m; 578 mh.mh_data = (char *)eh; 579 mh.mh_len = ETHER_HDR_LEN; 580 bpf_mtap(ifp, (struct mbuf *)&mh); 581 } 582 583 ifp->if_ibytes += m->m_pkthdr.len + sizeof (*eh); 584 585 /* Handle ng_ether(4) processing, if any */ 586 if (ng_ether_input_p != NULL) { 587 (*ng_ether_input_p)(ifp, &m, eh); 588 if (m == NULL) 589 return; 590 } 591 592 /* Check for bridging mode */ 593 if (BDG_ACTIVE(ifp) ) { 594 struct ifnet *bif; 595 596 /* Check with bridging code */ 597 if ((bif = bridge_in_ptr(ifp, eh)) == BDG_DROP) { 598 m_freem(m); 599 return; 600 } 601 if (bif != BDG_LOCAL) { 602 struct mbuf *oldm = m ; 603 604 save_eh = *eh ; /* because it might change */ 605 m = bdg_forward_ptr(m, eh, bif); /* needs forwarding */ 606 /* 607 * Do not continue if bdg_forward_ptr() processed our 608 * packet (and cleared the mbuf pointer m) or if 609 * it dropped (m_free'd) the packet itself. 610 */ 611 if (m == NULL) { 612 if (bif == BDG_BCAST || bif == BDG_MCAST) 613 printf("bdg_forward drop MULTICAST PKT\n"); 614 return; 615 } 616 eh = &save_eh ; 617 } 618 if (bif == BDG_LOCAL 619 || bif == BDG_BCAST 620 || bif == BDG_MCAST) 621 goto recvLocal; /* receive locally */ 622 623 /* If not local and not multicast, just drop it */ 624 if (m != NULL) 625 m_freem(m); 626 return; 627 } 628 629 recvLocal: 630 /* Continue with upper layer processing */ 631 ether_demux(ifp, eh, m); 632 } 633 634 /* 635 * Upper layer processing for a received Ethernet packet. 636 */ 637 void 638 ether_demux(ifp, eh, m) 639 struct ifnet *ifp; 640 struct ether_header *eh; 641 struct mbuf *m; 642 { 643 struct ifqueue *inq; 644 u_short ether_type; 645 #if defined(NETATALK) 646 register struct llc *l; 647 #endif 648 struct ip_fw *rule = NULL; 649 650 /* Extract info from dummynet tag, ignore others */ 651 for (;m->m_type == MT_TAG; m = m->m_next) 652 if (m->m_flags == PACKET_TAG_DUMMYNET) { 653 rule = ((struct dn_pkt *)m)->rule; 654 ifp = m->m_next->m_pkthdr.rcvif; 655 } 656 657 if (rule) /* packet was already bridged */ 658 goto post_stats; 659 660 if (! (BDG_ACTIVE(ifp) ) ) 661 /* Discard packet if upper layers shouldn't see it because it was 662 unicast to a different Ethernet address. If the driver is working 663 properly, then this situation can only happen when the interface 664 is in promiscuous mode. */ 665 if ((ifp->if_flags & IFF_PROMISC) != 0 666 && (eh->ether_dhost[0] & 1) == 0 667 && bcmp(eh->ether_dhost, 668 IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0 669 && (ifp->if_ipending & IFF_PPROMISC) == 0) { 670 m_freem(m); 671 return; 672 } 673 674 /* Discard packet if interface is not up */ 675 if ((ifp->if_flags & IFF_UP) == 0) { 676 m_freem(m); 677 return; 678 } 679 if (eh->ether_dhost[0] & 1) { 680 if (bcmp((caddr_t)etherbroadcastaddr, (caddr_t)eh->ether_dhost, 681 sizeof(etherbroadcastaddr)) == 0) 682 m->m_flags |= M_BCAST; 683 else 684 m->m_flags |= M_MCAST; 685 } 686 if (m->m_flags & (M_BCAST|M_MCAST)) 687 ifp->if_imcasts++; 688 689 post_stats: 690 if (IPFW_LOADED && ether_ipfw != 0) { 691 if (ether_ipfw_chk(&m, NULL, &rule, eh, 0 ) == 0) { 692 if (m) 693 m_freem(m); 694 return; 695 } 696 } 697 698 ether_type = ntohs(eh->ether_type); 699 700 switch (ether_type) { 701 #ifdef INET 702 case ETHERTYPE_IP: 703 if (ipflow_fastforward(m)) 704 return; 705 schednetisr(NETISR_IP); 706 inq = &ipintrq; 707 break; 708 709 case ETHERTYPE_ARP: 710 if (ifp->if_flags & IFF_NOARP) { 711 /* Discard packet if ARP is disabled on interface */ 712 m_freem(m); 713 return; 714 } 715 schednetisr(NETISR_ARP); 716 inq = &arpintrq; 717 break; 718 #endif 719 #ifdef IPX 720 case ETHERTYPE_IPX: 721 if (ef_inputp && ef_inputp(ifp, eh, m) == 0) 722 return; 723 schednetisr(NETISR_IPX); 724 inq = &ipxintrq; 725 break; 726 #endif 727 #ifdef INET6 728 case ETHERTYPE_IPV6: 729 schednetisr(NETISR_IPV6); 730 inq = &ip6intrq; 731 break; 732 #endif 733 #ifdef NS 734 case 0x8137: /* Novell Ethernet_II Ethernet TYPE II */ 735 schednetisr(NETISR_NS); 736 inq = &nsintrq; 737 break; 738 739 #endif /* NS */ 740 #ifdef NETATALK 741 case ETHERTYPE_AT: 742 schednetisr(NETISR_ATALK); 743 inq = &atintrq1; 744 break; 745 case ETHERTYPE_AARP: 746 /* probably this should be done with a NETISR as well */ 747 aarpinput(IFP2AC(ifp), m); /* XXX */ 748 return; 749 #endif /* NETATALK */ 750 case ETHERTYPE_VLAN: 751 /* XXX lock ? */ 752 if (vlan_input_p != NULL) 753 (*vlan_input_p)(eh, m); 754 else { 755 m->m_pkthdr.rcvif->if_noproto++; 756 m_freem(m); 757 } 758 /* XXX unlock ? */ 759 return; 760 default: 761 #ifdef IPX 762 if (ef_inputp && ef_inputp(ifp, eh, m) == 0) 763 return; 764 #endif /* IPX */ 765 #ifdef NS 766 checksum = mtod(m, ushort *); 767 /* Novell 802.3 */ 768 if ((ether_type <= ETHERMTU) && 769 ((*checksum == 0xffff) || (*checksum == 0xE0E0))){ 770 if(*checksum == 0xE0E0) { 771 m->m_pkthdr.len -= 3; 772 m->m_len -= 3; 773 m->m_data += 3; 774 } 775 schednetisr(NETISR_NS); 776 inq = &nsintrq; 777 break; 778 } 779 #endif /* NS */ 780 #if defined(NETATALK) 781 if (ether_type > ETHERMTU) 782 goto dropanyway; 783 l = mtod(m, struct llc *); 784 switch (l->llc_dsap) { 785 case LLC_SNAP_LSAP: 786 switch (l->llc_control) { 787 case LLC_UI: 788 if (l->llc_ssap != LLC_SNAP_LSAP) 789 goto dropanyway; 790 791 if (Bcmp(&(l->llc_snap_org_code)[0], at_org_code, 792 sizeof(at_org_code)) == 0 && 793 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AT) { 794 inq = &atintrq2; 795 m_adj( m, sizeof( struct llc )); 796 schednetisr(NETISR_ATALK); 797 break; 798 } 799 800 if (Bcmp(&(l->llc_snap_org_code)[0], aarp_org_code, 801 sizeof(aarp_org_code)) == 0 && 802 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AARP) { 803 m_adj( m, sizeof( struct llc )); 804 aarpinput(IFP2AC(ifp), m); /* XXX */ 805 return; 806 } 807 808 default: 809 goto dropanyway; 810 } 811 break; 812 dropanyway: 813 default: 814 if (ng_ether_input_orphan_p != NULL) 815 (*ng_ether_input_orphan_p)(ifp, m, eh); 816 else 817 m_freem(m); 818 return; 819 } 820 #else /* NETATALK */ 821 if (ng_ether_input_orphan_p != NULL) 822 (*ng_ether_input_orphan_p)(ifp, m, eh); 823 else 824 m_freem(m); 825 return; 826 #endif /* NETATALK */ 827 } 828 829 (void) IF_HANDOFF(inq, m, NULL); 830 } 831 832 /* 833 * Perform common duties while attaching to interface list 834 */ 835 void 836 ether_ifattach(ifp, bpf) 837 register struct ifnet *ifp; 838 int bpf; 839 { 840 register struct ifaddr *ifa; 841 register struct sockaddr_dl *sdl; 842 843 ifp->if_type = IFT_ETHER; 844 ifp->if_addrlen = 6; 845 ifp->if_hdrlen = 14; 846 if_attach(ifp); 847 ifp->if_mtu = ETHERMTU; 848 ifp->if_resolvemulti = ether_resolvemulti; 849 if (ifp->if_baudrate == 0) 850 ifp->if_baudrate = 10000000; 851 ifa = ifnet_addrs[ifp->if_index - 1]; 852 KASSERT(ifa != NULL, ("%s: no lladdr!\n", __FUNCTION__)); 853 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 854 sdl->sdl_type = IFT_ETHER; 855 sdl->sdl_alen = ifp->if_addrlen; 856 bcopy((IFP2AC(ifp))->ac_enaddr, LLADDR(sdl), ifp->if_addrlen); 857 if (bpf) 858 bpfattach(ifp, DLT_EN10MB, sizeof(struct ether_header)); 859 if (ng_ether_attach_p != NULL) 860 (*ng_ether_attach_p)(ifp); 861 if (BDG_LOADED) 862 bdgtakeifaces_ptr(); 863 } 864 865 /* 866 * Perform common duties while detaching an Ethernet interface 867 */ 868 void 869 ether_ifdetach(ifp, bpf) 870 struct ifnet *ifp; 871 int bpf; 872 { 873 if (ng_ether_detach_p != NULL) 874 (*ng_ether_detach_p)(ifp); 875 if (bpf) 876 bpfdetach(ifp); 877 if_detach(ifp); 878 if (BDG_LOADED) 879 bdgtakeifaces_ptr(); 880 } 881 882 SYSCTL_DECL(_net_link); 883 SYSCTL_NODE(_net_link, IFT_ETHER, ether, CTLFLAG_RW, 0, "Ethernet"); 884 SYSCTL_INT(_net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW, 885 ðer_ipfw,0,"Pass ether pkts through firewall"); 886 887 int 888 ether_ioctl(ifp, command, data) 889 struct ifnet *ifp; 890 int command; 891 caddr_t data; 892 { 893 struct ifaddr *ifa = (struct ifaddr *) data; 894 struct ifreq *ifr = (struct ifreq *) data; 895 int error = 0; 896 897 switch (command) { 898 case SIOCSIFADDR: 899 ifp->if_flags |= IFF_UP; 900 901 switch (ifa->ifa_addr->sa_family) { 902 #ifdef INET 903 case AF_INET: 904 ifp->if_init(ifp->if_softc); /* before arpwhohas */ 905 arp_ifinit(ifp, ifa); 906 break; 907 #endif 908 #ifdef IPX 909 /* 910 * XXX - This code is probably wrong 911 */ 912 case AF_IPX: 913 { 914 register struct ipx_addr *ina = &(IA_SIPX(ifa)->sipx_addr); 915 struct arpcom *ac = IFP2AC(ifp); 916 917 if (ipx_nullhost(*ina)) 918 ina->x_host = 919 *(union ipx_host *) 920 ac->ac_enaddr; 921 else { 922 bcopy((caddr_t) ina->x_host.c_host, 923 (caddr_t) ac->ac_enaddr, 924 sizeof(ac->ac_enaddr)); 925 } 926 927 /* 928 * Set new address 929 */ 930 ifp->if_init(ifp->if_softc); 931 break; 932 } 933 #endif 934 #ifdef NS 935 /* 936 * XXX - This code is probably wrong 937 */ 938 case AF_NS: 939 { 940 register struct ns_addr *ina = &(IA_SNS(ifa)->sns_addr); 941 struct arpcom *ac = IFP2AC(ifp); 942 943 if (ns_nullhost(*ina)) 944 ina->x_host = 945 *(union ns_host *) (ac->ac_enaddr); 946 else { 947 bcopy((caddr_t) ina->x_host.c_host, 948 (caddr_t) ac->ac_enaddr, 949 sizeof(ac->ac_enaddr)); 950 } 951 952 /* 953 * Set new address 954 */ 955 ifp->if_init(ifp->if_softc); 956 break; 957 } 958 #endif 959 default: 960 ifp->if_init(ifp->if_softc); 961 break; 962 } 963 break; 964 965 case SIOCGIFADDR: 966 { 967 struct sockaddr *sa; 968 969 sa = (struct sockaddr *) & ifr->ifr_data; 970 bcopy(IFP2AC(ifp)->ac_enaddr, 971 (caddr_t) sa->sa_data, ETHER_ADDR_LEN); 972 } 973 break; 974 975 case SIOCSIFMTU: 976 /* 977 * Set the interface MTU. 978 */ 979 if (ifr->ifr_mtu > ETHERMTU) { 980 error = EINVAL; 981 } else { 982 ifp->if_mtu = ifr->ifr_mtu; 983 } 984 break; 985 } 986 return (error); 987 } 988 989 int 990 ether_resolvemulti(ifp, llsa, sa) 991 struct ifnet *ifp; 992 struct sockaddr **llsa; 993 struct sockaddr *sa; 994 { 995 struct sockaddr_dl *sdl; 996 struct sockaddr_in *sin; 997 #ifdef INET6 998 struct sockaddr_in6 *sin6; 999 #endif 1000 u_char *e_addr; 1001 1002 switch(sa->sa_family) { 1003 case AF_LINK: 1004 /* 1005 * No mapping needed. Just check that it's a valid MC address. 1006 */ 1007 sdl = (struct sockaddr_dl *)sa; 1008 e_addr = LLADDR(sdl); 1009 if ((e_addr[0] & 1) != 1) 1010 return EADDRNOTAVAIL; 1011 *llsa = 0; 1012 return 0; 1013 1014 #ifdef INET 1015 case AF_INET: 1016 sin = (struct sockaddr_in *)sa; 1017 if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) 1018 return EADDRNOTAVAIL; 1019 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 1020 M_WAITOK|M_ZERO); 1021 sdl->sdl_len = sizeof *sdl; 1022 sdl->sdl_family = AF_LINK; 1023 sdl->sdl_index = ifp->if_index; 1024 sdl->sdl_type = IFT_ETHER; 1025 sdl->sdl_alen = ETHER_ADDR_LEN; 1026 e_addr = LLADDR(sdl); 1027 ETHER_MAP_IP_MULTICAST(&sin->sin_addr, e_addr); 1028 *llsa = (struct sockaddr *)sdl; 1029 return 0; 1030 #endif 1031 #ifdef INET6 1032 case AF_INET6: 1033 sin6 = (struct sockaddr_in6 *)sa; 1034 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 1035 /* 1036 * An IP6 address of 0 means listen to all 1037 * of the Ethernet multicast address used for IP6. 1038 * (This is used for multicast routers.) 1039 */ 1040 ifp->if_flags |= IFF_ALLMULTI; 1041 *llsa = 0; 1042 return 0; 1043 } 1044 if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) 1045 return EADDRNOTAVAIL; 1046 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 1047 M_WAITOK|M_ZERO); 1048 sdl->sdl_len = sizeof *sdl; 1049 sdl->sdl_family = AF_LINK; 1050 sdl->sdl_index = ifp->if_index; 1051 sdl->sdl_type = IFT_ETHER; 1052 sdl->sdl_alen = ETHER_ADDR_LEN; 1053 e_addr = LLADDR(sdl); 1054 ETHER_MAP_IPV6_MULTICAST(&sin6->sin6_addr, e_addr); 1055 *llsa = (struct sockaddr *)sdl; 1056 return 0; 1057 #endif 1058 1059 default: 1060 /* 1061 * Well, the text isn't quite right, but it's the name 1062 * that counts... 1063 */ 1064 return EAFNOSUPPORT; 1065 } 1066 } 1067