Sync usage with man page.
[netbsd-mini2440.git] / sys / netinet6 / ip6_input.c
blob504cce50ed551c4aa03877107780587b32f5f832
1 /* $NetBSD: ip6_input.c,v 1.127 2009/05/01 03:23:39 martin Exp $ */
2 /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */
4 /*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
34 * Copyright (c) 1982, 1986, 1988, 1993
35 * The Regents of the University of California. All rights reserved.
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. Neither the name of the University nor the names of its contributors
46 * may be used to endorse or promote products derived from this software
47 * without specific prior written permission.
49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59 * SUCH DAMAGE.
61 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94
64 #include <sys/cdefs.h>
65 __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.127 2009/05/01 03:23:39 martin Exp $");
67 #include "opt_inet.h"
68 #include "opt_inet6.h"
69 #include "opt_ipsec.h"
70 #include "opt_pfil_hooks.h"
71 #include "opt_compat_netbsd.h"
73 #include <sys/param.h>
74 #include <sys/systm.h>
75 #include <sys/malloc.h>
76 #include <sys/mbuf.h>
77 #include <sys/domain.h>
78 #include <sys/protosw.h>
79 #include <sys/socket.h>
80 #include <sys/socketvar.h>
81 #include <sys/errno.h>
82 #include <sys/time.h>
83 #include <sys/kernel.h>
84 #include <sys/syslog.h>
85 #include <sys/proc.h>
86 #include <sys/sysctl.h>
88 #include <net/if.h>
89 #include <net/if_types.h>
90 #include <net/if_dl.h>
91 #include <net/route.h>
92 #include <net/netisr.h>
93 #ifdef PFIL_HOOKS
94 #include <net/pfil.h>
95 #endif
97 #include <netinet/in.h>
98 #include <netinet/in_systm.h>
99 #ifdef INET
100 #include <netinet/ip.h>
101 #include <netinet/ip_icmp.h>
102 #endif /* INET */
103 #include <netinet/ip6.h>
104 #include <netinet6/in6_var.h>
105 #include <netinet6/ip6_var.h>
106 #include <netinet6/ip6_private.h>
107 #include <netinet6/in6_pcb.h>
108 #include <netinet/icmp6.h>
109 #include <netinet6/scope6_var.h>
110 #include <netinet6/in6_ifattach.h>
111 #include <netinet6/nd6.h>
113 #ifdef IPSEC
114 #include <netinet6/ipsec.h>
115 #include <netinet6/ipsec_private.h>
116 #endif
118 #ifdef FAST_IPSEC
119 #include <netipsec/ipsec.h>
120 #include <netipsec/ipsec6.h>
121 #include <netipsec/key.h>
122 #endif /* FAST_IPSEC */
124 #ifdef COMPAT_50
125 #include <compat/sys/time.h>
126 #include <compat/sys/socket.h>
127 #endif
129 #include <netinet6/ip6protosw.h>
131 #include "faith.h"
132 #include "gif.h"
134 #if NGIF > 0
135 #include <netinet6/in6_gif.h>
136 #endif
138 #include <net/net_osdep.h>
140 extern struct domain inet6domain;
142 u_char ip6_protox[IPPROTO_MAX];
143 static int ip6qmaxlen = IFQ_MAXLEN;
144 struct in6_ifaddr *in6_ifaddr;
145 struct ifqueue ip6intrq;
147 extern callout_t in6_tmpaddrtimer_ch;
149 int ip6_forward_srcrt; /* XXX */
150 int ip6_sourcecheck; /* XXX */
151 int ip6_sourcecheck_interval; /* XXX */
153 #ifdef PFIL_HOOKS
154 struct pfil_head inet6_pfil_hook;
155 #endif
157 percpu_t *ip6stat_percpu;
159 static void ip6_init2(void *);
160 static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *);
162 static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *);
163 static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int);
164 static void sysctl_net_inet6_ip6_setup(struct sysctllog **);
167 * IP6 initialization: fill in IP6 protocol switch table.
168 * All protocols not implemented in kernel go to raw IP6 protocol handler.
170 void
171 ip6_init(void)
173 const struct ip6protosw *pr;
174 int i;
176 sysctl_net_inet6_ip6_setup(NULL);
177 pr = (const struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW);
178 if (pr == 0)
179 panic("ip6_init");
180 for (i = 0; i < IPPROTO_MAX; i++)
181 ip6_protox[i] = pr - inet6sw;
182 for (pr = (const struct ip6protosw *)inet6domain.dom_protosw;
183 pr < (const struct ip6protosw *)inet6domain.dom_protoswNPROTOSW; pr++)
184 if (pr->pr_domain->dom_family == PF_INET6 &&
185 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
186 ip6_protox[pr->pr_protocol] = pr - inet6sw;
187 ip6intrq.ifq_maxlen = ip6qmaxlen;
188 scope6_init();
189 addrsel_policy_init();
190 nd6_init();
191 frag6_init();
192 ip6_desync_factor = arc4random() % MAX_TEMP_DESYNC_FACTOR;
194 ip6_init2((void *)0);
195 #ifdef GATEWAY
196 ip6flow_init(ip6_hashsize);
197 #endif
199 #ifdef PFIL_HOOKS
200 /* Register our Packet Filter hook. */
201 inet6_pfil_hook.ph_type = PFIL_TYPE_AF;
202 inet6_pfil_hook.ph_af = AF_INET6;
203 i = pfil_head_register(&inet6_pfil_hook);
204 if (i != 0)
205 printf("ip6_init: WARNING: unable to register pfil hook, "
206 "error %d\n", i);
207 #endif /* PFIL_HOOKS */
209 ip6stat_percpu = percpu_alloc(sizeof(uint64_t) * IP6_NSTATS);
212 static void
213 ip6_init2(void *dummy)
216 /* nd6_timer_init */
217 callout_init(&nd6_timer_ch, CALLOUT_MPSAFE);
218 callout_reset(&nd6_timer_ch, hz, nd6_timer, NULL);
220 /* timer for regeneranation of temporary addresses randomize ID */
221 callout_init(&in6_tmpaddrtimer_ch, CALLOUT_MPSAFE);
222 callout_reset(&in6_tmpaddrtimer_ch,
223 (ip6_temp_preferred_lifetime - ip6_desync_factor -
224 ip6_temp_regen_advance) * hz,
225 in6_tmpaddrtimer, NULL);
229 * IP6 input interrupt handling. Just pass the packet to ip6_input.
231 void
232 ip6intr(void)
234 int s;
235 struct mbuf *m;
237 mutex_enter(softnet_lock);
238 KERNEL_LOCK(1, NULL);
239 for (;;) {
240 s = splnet();
241 IF_DEQUEUE(&ip6intrq, m);
242 splx(s);
243 if (m == 0)
244 break;
245 /* drop the packet if IPv6 operation is disabled on the IF */
246 if ((ND_IFINFO(m->m_pkthdr.rcvif)->flags & ND6_IFF_IFDISABLED)) {
247 m_freem(m);
248 break;
250 ip6_input(m);
252 KERNEL_UNLOCK_ONE(NULL);
253 mutex_exit(softnet_lock);
256 extern struct route ip6_forward_rt;
258 void
259 ip6_input(struct mbuf *m)
261 struct ip6_hdr *ip6;
262 int hit, off = sizeof(struct ip6_hdr), nest;
263 u_int32_t plen;
264 u_int32_t rtalert = ~0;
265 int nxt, ours = 0, rh_present = 0;
266 struct ifnet *deliverifp = NULL;
267 int srcrt = 0;
268 const struct rtentry *rt;
269 union {
270 struct sockaddr dst;
271 struct sockaddr_in6 dst6;
272 } u;
273 #ifdef FAST_IPSEC
274 struct m_tag *mtag;
275 struct tdb_ident *tdbi;
276 struct secpolicy *sp;
277 int s, error;
278 #endif
280 #ifdef IPSEC
282 * should the inner packet be considered authentic?
283 * see comment in ah4_input().
285 m->m_flags &= ~M_AUTHIPHDR;
286 m->m_flags &= ~M_AUTHIPDGM;
287 #endif
290 * make sure we don't have onion peering information into m_tag.
292 ip6_delaux(m);
295 * mbuf statistics
297 if (m->m_flags & M_EXT) {
298 if (m->m_next)
299 IP6_STATINC(IP6_STAT_MEXT2M);
300 else
301 IP6_STATINC(IP6_STAT_MEXT1);
302 } else {
303 #define M2MMAX 32
304 if (m->m_next) {
305 if (m->m_flags & M_LOOP) {
306 /*XXX*/ IP6_STATINC(IP6_STAT_M2M + lo0ifp->if_index);
307 } else if (m->m_pkthdr.rcvif->if_index < M2MMAX) {
308 IP6_STATINC(IP6_STAT_M2M +
309 m->m_pkthdr.rcvif->if_index);
310 } else
311 IP6_STATINC(IP6_STAT_M2M);
312 } else
313 IP6_STATINC(IP6_STAT_M1);
314 #undef M2MMAX
317 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_receive);
318 IP6_STATINC(IP6_STAT_TOTAL);
321 * If the IPv6 header is not aligned, slurp it up into a new
322 * mbuf with space for link headers, in the event we forward
323 * it. Otherwise, if it is aligned, make sure the entire base
324 * IPv6 header is in the first mbuf of the chain.
326 if (IP6_HDR_ALIGNED_P(mtod(m, void *)) == 0) {
327 struct ifnet *inifp = m->m_pkthdr.rcvif;
328 if ((m = m_copyup(m, sizeof(struct ip6_hdr),
329 (max_linkhdr + 3) & ~3)) == NULL) {
330 /* XXXJRT new stat, please */
331 IP6_STATINC(IP6_STAT_TOOSMALL);
332 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
333 return;
335 } else if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) {
336 struct ifnet *inifp = m->m_pkthdr.rcvif;
337 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
338 IP6_STATINC(IP6_STAT_TOOSMALL);
339 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
340 return;
344 ip6 = mtod(m, struct ip6_hdr *);
346 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
347 IP6_STATINC(IP6_STAT_BADVERS);
348 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
349 goto bad;
352 #if defined(IPSEC)
353 /* IPv6 fast forwarding is not compatible with IPsec. */
354 m->m_flags &= ~M_CANFASTFWD;
355 #else
357 * Assume that we can create a fast-forward IP flow entry
358 * based on this packet.
360 m->m_flags |= M_CANFASTFWD;
361 #endif
363 #ifdef PFIL_HOOKS
365 * Run through list of hooks for input packets. If there are any
366 * filters which require that additional packets in the flow are
367 * not fast-forwarded, they must clear the M_CANFASTFWD flag.
368 * Note that filters must _never_ set this flag, as another filter
369 * in the list may have previously cleared it.
372 * let ipfilter look at packet on the wire,
373 * not the decapsulated packet.
375 #ifdef IPSEC
376 if (!ipsec_getnhist(m))
377 #elif defined(FAST_IPSEC)
378 if (!ipsec_indone(m))
379 #else
380 if (1)
381 #endif
383 struct in6_addr odst;
385 odst = ip6->ip6_dst;
386 if (pfil_run_hooks(&inet6_pfil_hook, &m, m->m_pkthdr.rcvif,
387 PFIL_IN) != 0)
388 return;
389 if (m == NULL)
390 return;
391 ip6 = mtod(m, struct ip6_hdr *);
392 srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst);
394 #endif /* PFIL_HOOKS */
396 IP6_STATINC(IP6_STAT_NXTHIST + ip6->ip6_nxt);
398 #ifdef ALTQ
399 if (altq_input != NULL && (*altq_input)(m, AF_INET6) == 0) {
400 /* packet is dropped by traffic conditioner */
401 return;
403 #endif
406 * Check against address spoofing/corruption.
408 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) ||
409 IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) {
411 * XXX: "badscope" is not very suitable for a multicast source.
413 IP6_STATINC(IP6_STAT_BADSCOPE);
414 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
415 goto bad;
418 * The following check is not documented in specs. A malicious
419 * party may be able to use IPv4 mapped addr to confuse tcp/udp stack
420 * and bypass security checks (act as if it was from 127.0.0.1 by using
421 * IPv6 src ::ffff:127.0.0.1). Be cautious.
423 * This check chokes if we are in an SIIT cloud. As none of BSDs
424 * support IPv4-less kernel compilation, we cannot support SIIT
425 * environment at all. So, it makes more sense for us to reject any
426 * malicious packets for non-SIIT environment, than try to do a
427 * partial support for SIIT environment.
429 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
430 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {
431 IP6_STATINC(IP6_STAT_BADSCOPE);
432 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
433 goto bad;
435 #if 0
437 * Reject packets with IPv4 compatible addresses (auto tunnel).
439 * The code forbids auto tunnel relay case in RFC1933 (the check is
440 * stronger than RFC1933). We may want to re-enable it if mech-xx
441 * is revised to forbid relaying case.
443 if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) ||
444 IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) {
445 IP6_STATINC(IP6_STAT_BADSCOPE);
446 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
447 goto bad;
449 #endif
452 * Disambiguate address scope zones (if there is ambiguity).
453 * We first make sure that the original source or destination address
454 * is not in our internal form for scoped addresses. Such addresses
455 * are not necessarily invalid spec-wise, but we cannot accept them due
456 * to the usage conflict.
457 * in6_setscope() then also checks and rejects the cases where src or
458 * dst are the loopback address and the receiving interface
459 * is not loopback.
461 if (__predict_false(
462 m_makewritable(&m, 0, sizeof(struct ip6_hdr), M_DONTWAIT)))
463 goto bad;
464 ip6 = mtod(m, struct ip6_hdr *);
465 if (in6_clearscope(&ip6->ip6_src) || in6_clearscope(&ip6->ip6_dst)) {
466 IP6_STATINC(IP6_STAT_BADSCOPE); /* XXX */
467 goto bad;
469 if (in6_setscope(&ip6->ip6_src, m->m_pkthdr.rcvif, NULL) ||
470 in6_setscope(&ip6->ip6_dst, m->m_pkthdr.rcvif, NULL)) {
471 IP6_STATINC(IP6_STAT_BADSCOPE);
472 goto bad;
476 * Multicast check
478 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
479 struct in6_multi *in6m = 0;
481 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mcast);
483 * See if we belong to the destination multicast group on the
484 * arrival interface.
486 IN6_LOOKUP_MULTI(ip6->ip6_dst, m->m_pkthdr.rcvif, in6m);
487 if (in6m)
488 ours = 1;
489 else if (!ip6_mrouter) {
490 uint64_t *ip6s = IP6_STAT_GETREF();
491 ip6s[IP6_STAT_NOTMEMBER]++;
492 ip6s[IP6_STAT_CANTFORWARD]++;
493 IP6_STAT_PUTREF();
494 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard);
495 goto bad;
497 deliverifp = m->m_pkthdr.rcvif;
498 goto hbhcheck;
501 sockaddr_in6_init(&u.dst6, &ip6->ip6_dst, 0, 0, 0);
504 * Unicast check
506 rt = rtcache_lookup2(&ip6_forward_rt, &u.dst, 1, &hit);
507 if (hit)
508 IP6_STATINC(IP6_STAT_FORWARD_CACHEHIT);
509 else
510 IP6_STATINC(IP6_STAT_FORWARD_CACHEMISS);
512 #define rt6_getkey(__rt) satocsin6(rt_getkey(__rt))
515 * Accept the packet if the forwarding interface to the destination
516 * according to the routing table is the loopback interface,
517 * unless the associated route has a gateway.
518 * Note that this approach causes to accept a packet if there is a
519 * route to the loopback interface for the destination of the packet.
520 * But we think it's even useful in some situations, e.g. when using
521 * a special daemon which wants to intercept the packet.
523 if (rt != NULL &&
524 (rt->rt_flags & (RTF_HOST|RTF_GATEWAY)) == RTF_HOST &&
525 !(rt->rt_flags & RTF_CLONED) &&
526 #if 0
528 * The check below is redundant since the comparison of
529 * the destination and the key of the rtentry has
530 * already done through looking up the routing table.
532 IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &rt6_getkey(rt)->sin6_addr) &&
533 #endif
534 rt->rt_ifp->if_type == IFT_LOOP) {
535 struct in6_ifaddr *ia6 = (struct in6_ifaddr *)rt->rt_ifa;
536 if (ia6->ia6_flags & IN6_IFF_ANYCAST)
537 m->m_flags |= M_ANYCAST6;
539 * packets to a tentative, duplicated, or somehow invalid
540 * address must not be accepted.
542 if (!(ia6->ia6_flags & IN6_IFF_NOTREADY)) {
543 /* this address is ready */
544 ours = 1;
545 deliverifp = ia6->ia_ifp; /* correct? */
546 goto hbhcheck;
547 } else {
548 /* address is not ready, so discard the packet. */
549 nd6log((LOG_INFO,
550 "ip6_input: packet to an unready address %s->%s\n",
551 ip6_sprintf(&ip6->ip6_src),
552 ip6_sprintf(&ip6->ip6_dst)));
554 goto bad;
559 * FAITH (Firewall Aided Internet Translator)
561 #if defined(NFAITH) && 0 < NFAITH
562 if (ip6_keepfaith) {
563 if (rt != NULL && rt->rt_ifp != NULL &&
564 rt->rt_ifp->if_type == IFT_FAITH) {
565 /* XXX do we need more sanity checks? */
566 ours = 1;
567 deliverifp = rt->rt_ifp; /* faith */
568 goto hbhcheck;
571 #endif
573 #if 0
576 * Last resort: check in6_ifaddr for incoming interface.
577 * The code is here until I update the "goto ours hack" code above
578 * working right.
580 struct ifaddr *ifa;
581 IFADDR_FOREACH(ifa, m->m_pkthdr.rcvif) {
582 if (ifa->ifa_addr == NULL)
583 continue; /* just for safety */
584 if (ifa->ifa_addr->sa_family != AF_INET6)
585 continue;
586 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ip6->ip6_dst)) {
587 ours = 1;
588 deliverifp = ifa->ifa_ifp;
589 goto hbhcheck;
593 #endif
596 * Now there is no reason to process the packet if it's not our own
597 * and we're not a router.
599 if (!ip6_forwarding) {
600 IP6_STATINC(IP6_STAT_CANTFORWARD);
601 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard);
602 goto bad;
605 hbhcheck:
607 * record address information into m_tag, if we don't have one yet.
608 * note that we are unable to record it, if the address is not listed
609 * as our interface address (e.g. multicast addresses, addresses
610 * within FAITH prefixes and such).
612 if (deliverifp && ip6_getdstifaddr(m) == NULL) {
613 struct in6_ifaddr *ia6;
615 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst);
616 if (ia6 != NULL && ip6_setdstifaddr(m, ia6) == NULL) {
618 * XXX maybe we should drop the packet here,
619 * as we could not provide enough information
620 * to the upper layers.
626 * Process Hop-by-Hop options header if it's contained.
627 * m may be modified in ip6_hopopts_input().
628 * If a JumboPayload option is included, plen will also be modified.
630 plen = (u_int32_t)ntohs(ip6->ip6_plen);
631 if (ip6->ip6_nxt == IPPROTO_HOPOPTS) {
632 struct ip6_hbh *hbh;
634 if (ip6_hopopts_input(&plen, &rtalert, &m, &off)) {
635 #if 0 /*touches NULL pointer*/
636 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard);
637 #endif
638 return; /* m have already been freed */
641 /* adjust pointer */
642 ip6 = mtod(m, struct ip6_hdr *);
645 * if the payload length field is 0 and the next header field
646 * indicates Hop-by-Hop Options header, then a Jumbo Payload
647 * option MUST be included.
649 if (ip6->ip6_plen == 0 && plen == 0) {
651 * Note that if a valid jumbo payload option is
652 * contained, ip6_hopopts_input() must set a valid
653 * (non-zero) payload length to the variable plen.
655 IP6_STATINC(IP6_STAT_BADOPTIONS);
656 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard);
657 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
658 icmp6_error(m, ICMP6_PARAM_PROB,
659 ICMP6_PARAMPROB_HEADER,
660 (char *)&ip6->ip6_plen - (char *)ip6);
661 return;
663 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr),
664 sizeof(struct ip6_hbh));
665 if (hbh == NULL) {
666 IP6_STATINC(IP6_STAT_TOOSHORT);
667 return;
669 KASSERT(IP6_HDR_ALIGNED_P(hbh));
670 nxt = hbh->ip6h_nxt;
673 * accept the packet if a router alert option is included
674 * and we act as an IPv6 router.
676 if (rtalert != ~0 && ip6_forwarding)
677 ours = 1;
678 } else
679 nxt = ip6->ip6_nxt;
682 * Check that the amount of data in the buffers
683 * is as at least much as the IPv6 header would have us expect.
684 * Trim mbufs if longer than we expect.
685 * Drop packet if shorter than we expect.
687 if (m->m_pkthdr.len - sizeof(struct ip6_hdr) < plen) {
688 IP6_STATINC(IP6_STAT_TOOSHORT);
689 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated);
690 goto bad;
692 if (m->m_pkthdr.len > sizeof(struct ip6_hdr) + plen) {
693 if (m->m_len == m->m_pkthdr.len) {
694 m->m_len = sizeof(struct ip6_hdr) + plen;
695 m->m_pkthdr.len = sizeof(struct ip6_hdr) + plen;
696 } else
697 m_adj(m, sizeof(struct ip6_hdr) + plen - m->m_pkthdr.len);
701 * Forward if desirable.
703 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
705 * If we are acting as a multicast router, all
706 * incoming multicast packets are passed to the
707 * kernel-level multicast forwarding function.
708 * The packet is returned (relatively) intact; if
709 * ip6_mforward() returns a non-zero value, the packet
710 * must be discarded, else it may be accepted below.
712 if (ip6_mrouter && ip6_mforward(ip6, m->m_pkthdr.rcvif, m)) {
713 IP6_STATINC(IP6_STAT_CANTFORWARD);
714 m_freem(m);
715 return;
717 if (!ours) {
718 m_freem(m);
719 return;
721 } else if (!ours) {
722 ip6_forward(m, srcrt);
723 return;
726 ip6 = mtod(m, struct ip6_hdr *);
729 * Malicious party may be able to use IPv4 mapped addr to confuse
730 * tcp/udp stack and bypass security checks (act as if it was from
731 * 127.0.0.1 by using IPv6 src ::ffff:127.0.0.1). Be cautious.
733 * For SIIT end node behavior, you may want to disable the check.
734 * However, you will become vulnerable to attacks using IPv4 mapped
735 * source.
737 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
738 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {
739 IP6_STATINC(IP6_STAT_BADSCOPE);
740 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
741 goto bad;
745 * Tell launch routine the next header
747 #ifdef IFA_STATS
748 if (deliverifp != NULL) {
749 struct in6_ifaddr *ia6;
750 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst);
751 if (ia6)
752 ia6->ia_ifa.ifa_data.ifad_inbytes += m->m_pkthdr.len;
754 #endif
755 IP6_STATINC(IP6_STAT_DELIVERED);
756 in6_ifstat_inc(deliverifp, ifs6_in_deliver);
757 nest = 0;
759 rh_present = 0;
760 while (nxt != IPPROTO_DONE) {
761 if (ip6_hdrnestlimit && (++nest > ip6_hdrnestlimit)) {
762 IP6_STATINC(IP6_STAT_TOOMANYHDR);
763 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
764 goto bad;
768 * protection against faulty packet - there should be
769 * more sanity checks in header chain processing.
771 if (m->m_pkthdr.len < off) {
772 IP6_STATINC(IP6_STAT_TOOSHORT);
773 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated);
774 goto bad;
777 if (nxt == IPPROTO_ROUTING) {
778 if (rh_present++) {
779 in6_ifstat_inc(m->m_pkthdr.rcvif,
780 ifs6_in_hdrerr);
781 IP6_STATINC(IP6_STAT_BADOPTIONS);
782 goto bad;
786 #ifdef IPSEC
788 * enforce IPsec policy checking if we are seeing last header.
789 * note that we do not visit this with protocols with pcb layer
790 * code - like udp/tcp/raw ip.
792 if ((inet6sw[ip6_protox[nxt]].pr_flags & PR_LASTHDR) != 0 &&
793 ipsec6_in_reject(m, NULL)) {
794 IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO);
795 goto bad;
797 #endif
798 #ifdef FAST_IPSEC
800 * enforce IPsec policy checking if we are seeing last header.
801 * note that we do not visit this with protocols with pcb layer
802 * code - like udp/tcp/raw ip.
804 if ((inet6sw[ip_protox[nxt]].pr_flags & PR_LASTHDR) != 0) {
806 * Check if the packet has already had IPsec processing
807 * done. If so, then just pass it along. This tag gets
808 * set during AH, ESP, etc. input handling, before the
809 * packet is returned to the ip input queue for delivery.
811 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
812 s = splsoftnet();
813 if (mtag != NULL) {
814 tdbi = (struct tdb_ident *)(mtag + 1);
815 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
816 } else {
817 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
818 IP_FORWARDING, &error);
820 if (sp != NULL) {
822 * Check security policy against packet attributes.
824 error = ipsec_in_reject(sp, m);
825 KEY_FREESP(&sp);
826 } else {
827 /* XXX error stat??? */
828 error = EINVAL;
829 DPRINTF(("ip6_input: no SP, packet discarded\n"));/*XXX*/
831 splx(s);
832 if (error)
833 goto bad;
835 #endif /* FAST_IPSEC */
838 nxt = (*inet6sw[ip6_protox[nxt]].pr_input)(&m, &off, nxt);
840 return;
841 bad:
842 m_freem(m);
846 * set/grab in6_ifaddr correspond to IPv6 destination address.
848 static struct m_tag *
849 ip6_setdstifaddr(struct mbuf *m, const struct in6_ifaddr *ia)
851 struct m_tag *mtag;
853 mtag = ip6_addaux(m);
854 if (mtag != NULL) {
855 struct ip6aux *ip6a;
857 ip6a = (struct ip6aux *)(mtag + 1);
858 in6_setscope(&ip6a->ip6a_src, ia->ia_ifp, &ip6a->ip6a_scope_id);
859 ip6a->ip6a_src = ia->ia_addr.sin6_addr;
860 ip6a->ip6a_flags = ia->ia6_flags;
862 return mtag; /* NULL if failed to set */
865 const struct ip6aux *
866 ip6_getdstifaddr(struct mbuf *m)
868 struct m_tag *mtag;
870 mtag = ip6_findaux(m);
871 if (mtag != NULL)
872 return (struct ip6aux *)(mtag + 1);
873 else
874 return NULL;
878 * Hop-by-Hop options header processing. If a valid jumbo payload option is
879 * included, the real payload length will be stored in plenp.
881 * rtalertp - XXX: should be stored more smart way
883 static int
884 ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp,
885 struct mbuf **mp, int *offp)
887 struct mbuf *m = *mp;
888 int off = *offp, hbhlen;
889 struct ip6_hbh *hbh;
891 /* validation of the length of the header */
892 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m,
893 sizeof(struct ip6_hdr), sizeof(struct ip6_hbh));
894 if (hbh == NULL) {
895 IP6_STATINC(IP6_STAT_TOOSHORT);
896 return -1;
898 hbhlen = (hbh->ip6h_len + 1) << 3;
899 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr),
900 hbhlen);
901 if (hbh == NULL) {
902 IP6_STATINC(IP6_STAT_TOOSHORT);
903 return -1;
905 KASSERT(IP6_HDR_ALIGNED_P(hbh));
906 off += hbhlen;
907 hbhlen -= sizeof(struct ip6_hbh);
909 if (ip6_process_hopopts(m, (u_int8_t *)hbh + sizeof(struct ip6_hbh),
910 hbhlen, rtalertp, plenp) < 0)
911 return (-1);
913 *offp = off;
914 *mp = m;
915 return (0);
919 * Search header for all Hop-by-hop options and process each option.
920 * This function is separate from ip6_hopopts_input() in order to
921 * handle a case where the sending node itself process its hop-by-hop
922 * options header. In such a case, the function is called from ip6_output().
924 * The function assumes that hbh header is located right after the IPv6 header
925 * (RFC2460 p7), opthead is pointer into data content in m, and opthead to
926 * opthead + hbhlen is located in continuous memory region.
929 ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen,
930 u_int32_t *rtalertp, u_int32_t *plenp)
932 struct ip6_hdr *ip6;
933 int optlen = 0;
934 u_int8_t *opt = opthead;
935 u_int16_t rtalert_val;
936 u_int32_t jumboplen;
937 const int erroff = sizeof(struct ip6_hdr) + sizeof(struct ip6_hbh);
939 for (; hbhlen > 0; hbhlen -= optlen, opt += optlen) {
940 switch (*opt) {
941 case IP6OPT_PAD1:
942 optlen = 1;
943 break;
944 case IP6OPT_PADN:
945 if (hbhlen < IP6OPT_MINLEN) {
946 IP6_STATINC(IP6_STAT_TOOSMALL);
947 goto bad;
949 optlen = *(opt + 1) + 2;
950 break;
951 case IP6OPT_RTALERT:
952 /* XXX may need check for alignment */
953 if (hbhlen < IP6OPT_RTALERT_LEN) {
954 IP6_STATINC(IP6_STAT_TOOSMALL);
955 goto bad;
957 if (*(opt + 1) != IP6OPT_RTALERT_LEN - 2) {
958 /* XXX stat */
959 icmp6_error(m, ICMP6_PARAM_PROB,
960 ICMP6_PARAMPROB_HEADER,
961 erroff + opt + 1 - opthead);
962 return (-1);
964 optlen = IP6OPT_RTALERT_LEN;
965 memcpy((void *)&rtalert_val, (void *)(opt + 2), 2);
966 *rtalertp = ntohs(rtalert_val);
967 break;
968 case IP6OPT_JUMBO:
969 /* XXX may need check for alignment */
970 if (hbhlen < IP6OPT_JUMBO_LEN) {
971 IP6_STATINC(IP6_STAT_TOOSMALL);
972 goto bad;
974 if (*(opt + 1) != IP6OPT_JUMBO_LEN - 2) {
975 /* XXX stat */
976 icmp6_error(m, ICMP6_PARAM_PROB,
977 ICMP6_PARAMPROB_HEADER,
978 erroff + opt + 1 - opthead);
979 return (-1);
981 optlen = IP6OPT_JUMBO_LEN;
984 * IPv6 packets that have non 0 payload length
985 * must not contain a jumbo payload option.
987 ip6 = mtod(m, struct ip6_hdr *);
988 if (ip6->ip6_plen) {
989 IP6_STATINC(IP6_STAT_BADOPTIONS);
990 icmp6_error(m, ICMP6_PARAM_PROB,
991 ICMP6_PARAMPROB_HEADER,
992 erroff + opt - opthead);
993 return (-1);
997 * We may see jumbolen in unaligned location, so
998 * we'd need to perform bcopy().
1000 memcpy(&jumboplen, opt + 2, sizeof(jumboplen));
1001 jumboplen = (u_int32_t)htonl(jumboplen);
1003 #if 1
1005 * if there are multiple jumbo payload options,
1006 * *plenp will be non-zero and the packet will be
1007 * rejected.
1008 * the behavior may need some debate in ipngwg -
1009 * multiple options does not make sense, however,
1010 * there's no explicit mention in specification.
1012 if (*plenp != 0) {
1013 IP6_STATINC(IP6_STAT_BADOPTIONS);
1014 icmp6_error(m, ICMP6_PARAM_PROB,
1015 ICMP6_PARAMPROB_HEADER,
1016 erroff + opt + 2 - opthead);
1017 return (-1);
1019 #endif
1022 * jumbo payload length must be larger than 65535.
1024 if (jumboplen <= IPV6_MAXPACKET) {
1025 IP6_STATINC(IP6_STAT_BADOPTIONS);
1026 icmp6_error(m, ICMP6_PARAM_PROB,
1027 ICMP6_PARAMPROB_HEADER,
1028 erroff + opt + 2 - opthead);
1029 return (-1);
1031 *plenp = jumboplen;
1033 break;
1034 default: /* unknown option */
1035 if (hbhlen < IP6OPT_MINLEN) {
1036 IP6_STATINC(IP6_STAT_TOOSMALL);
1037 goto bad;
1039 optlen = ip6_unknown_opt(opt, m,
1040 erroff + opt - opthead);
1041 if (optlen == -1)
1042 return (-1);
1043 optlen += 2;
1044 break;
1048 return (0);
1050 bad:
1051 m_freem(m);
1052 return (-1);
1056 * Unknown option processing.
1057 * The third argument `off' is the offset from the IPv6 header to the option,
1058 * which is necessary if the IPv6 header the and option header and IPv6 header
1059 * is not continuous in order to return an ICMPv6 error.
1062 ip6_unknown_opt(u_int8_t *optp, struct mbuf *m, int off)
1064 struct ip6_hdr *ip6;
1066 switch (IP6OPT_TYPE(*optp)) {
1067 case IP6OPT_TYPE_SKIP: /* ignore the option */
1068 return ((int)*(optp + 1));
1069 case IP6OPT_TYPE_DISCARD: /* silently discard */
1070 m_freem(m);
1071 return (-1);
1072 case IP6OPT_TYPE_FORCEICMP: /* send ICMP even if multicasted */
1073 IP6_STATINC(IP6_STAT_BADOPTIONS);
1074 icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_OPTION, off);
1075 return (-1);
1076 case IP6OPT_TYPE_ICMP: /* send ICMP if not multicasted */
1077 IP6_STATINC(IP6_STAT_BADOPTIONS);
1078 ip6 = mtod(m, struct ip6_hdr *);
1079 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) ||
1080 (m->m_flags & (M_BCAST|M_MCAST)))
1081 m_freem(m);
1082 else
1083 icmp6_error(m, ICMP6_PARAM_PROB,
1084 ICMP6_PARAMPROB_OPTION, off);
1085 return (-1);
1088 m_freem(m); /* XXX: NOTREACHED */
1089 return (-1);
1093 * Create the "control" list for this pcb.
1095 * The routine will be called from upper layer handlers like tcp6_input().
1096 * Thus the routine assumes that the caller (tcp6_input) have already
1097 * called IP6_EXTHDR_CHECK() and all the extension headers are located in the
1098 * very first mbuf on the mbuf chain.
1099 * We may want to add some infinite loop prevention or sanity checks for safety.
1100 * (This applies only when you are using KAME mbuf chain restriction, i.e.
1101 * you are using IP6_EXTHDR_CHECK() not m_pulldown())
1103 void
1104 ip6_savecontrol(struct in6pcb *in6p, struct mbuf **mp,
1105 struct ip6_hdr *ip6, struct mbuf *m)
1107 #ifdef RFC2292
1108 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y))
1109 #else
1110 #define IS2292(x, y) (y)
1111 #endif
1113 if (in6p->in6p_socket->so_options & SO_TIMESTAMP
1114 #ifdef SO_OTIMESTAMP
1115 || in6p->in6p_socket->so_options & SO_OTIMESTAMP
1116 #endif
1118 struct timeval tv;
1120 microtime(&tv);
1121 #ifdef SO_OTIMESTAMP
1122 if (in6p->in6p_socket->so_options & SO_OTIMESTAMP) {
1123 struct timeval50 tv50;
1124 timeval_to_timeval50(&tv, &tv50);
1125 *mp = sbcreatecontrol((void *) &tv50, sizeof(tv50),
1126 SCM_OTIMESTAMP, SOL_SOCKET);
1127 } else
1128 #endif
1129 *mp = sbcreatecontrol((void *) &tv, sizeof(tv),
1130 SCM_TIMESTAMP, SOL_SOCKET);
1131 if (*mp)
1132 mp = &(*mp)->m_next;
1135 /* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */
1136 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION)
1137 return;
1139 /* RFC 2292 sec. 5 */
1140 if ((in6p->in6p_flags & IN6P_PKTINFO) != 0) {
1141 struct in6_pktinfo pi6;
1143 memcpy(&pi6.ipi6_addr, &ip6->ip6_dst, sizeof(struct in6_addr));
1144 in6_clearscope(&pi6.ipi6_addr); /* XXX */
1145 pi6.ipi6_ifindex = m->m_pkthdr.rcvif ?
1146 m->m_pkthdr.rcvif->if_index : 0;
1147 *mp = sbcreatecontrol((void *) &pi6,
1148 sizeof(struct in6_pktinfo),
1149 IS2292(IPV6_2292PKTINFO, IPV6_PKTINFO), IPPROTO_IPV6);
1150 if (*mp)
1151 mp = &(*mp)->m_next;
1154 if (in6p->in6p_flags & IN6P_HOPLIMIT) {
1155 int hlim = ip6->ip6_hlim & 0xff;
1157 *mp = sbcreatecontrol((void *) &hlim, sizeof(int),
1158 IS2292(IPV6_2292HOPLIMIT, IPV6_HOPLIMIT), IPPROTO_IPV6);
1159 if (*mp)
1160 mp = &(*mp)->m_next;
1163 if ((in6p->in6p_flags & IN6P_TCLASS) != 0) {
1164 u_int32_t flowinfo;
1165 int tclass;
1167 flowinfo = (u_int32_t)ntohl(ip6->ip6_flow & IPV6_FLOWINFO_MASK);
1168 flowinfo >>= 20;
1170 tclass = flowinfo & 0xff;
1171 *mp = sbcreatecontrol((void *)&tclass, sizeof(tclass),
1172 IPV6_TCLASS, IPPROTO_IPV6);
1174 if (*mp)
1175 mp = &(*mp)->m_next;
1179 * IPV6_HOPOPTS socket option. Recall that we required super-user
1180 * privilege for the option (see ip6_ctloutput), but it might be too
1181 * strict, since there might be some hop-by-hop options which can be
1182 * returned to normal user.
1183 * See also RFC3542 section 8 (or RFC2292 section 6).
1185 if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0) {
1187 * Check if a hop-by-hop options header is contatined in the
1188 * received packet, and if so, store the options as ancillary
1189 * data. Note that a hop-by-hop options header must be
1190 * just after the IPv6 header, which fact is assured through
1191 * the IPv6 input processing.
1193 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *);
1194 if (xip6->ip6_nxt == IPPROTO_HOPOPTS) {
1195 struct ip6_hbh *hbh;
1196 int hbhlen;
1197 struct mbuf *ext;
1199 ext = ip6_pullexthdr(m, sizeof(struct ip6_hdr),
1200 xip6->ip6_nxt);
1201 if (ext == NULL) {
1202 IP6_STATINC(IP6_STAT_TOOSHORT);
1203 return;
1205 hbh = mtod(ext, struct ip6_hbh *);
1206 hbhlen = (hbh->ip6h_len + 1) << 3;
1207 if (hbhlen != ext->m_len) {
1208 m_freem(ext);
1209 IP6_STATINC(IP6_STAT_TOOSHORT);
1210 return;
1214 * XXX: We copy whole the header even if a jumbo
1215 * payload option is included, which option is to
1216 * be removed before returning in the RFC 2292.
1217 * Note: this constraint is removed in RFC3542.
1219 *mp = sbcreatecontrol((void *)hbh, hbhlen,
1220 IS2292(IPV6_2292HOPOPTS, IPV6_HOPOPTS),
1221 IPPROTO_IPV6);
1222 if (*mp)
1223 mp = &(*mp)->m_next;
1224 m_freem(ext);
1228 /* IPV6_DSTOPTS and IPV6_RTHDR socket options */
1229 if (in6p->in6p_flags & (IN6P_DSTOPTS | IN6P_RTHDR)) {
1230 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *);
1231 int nxt = xip6->ip6_nxt, off = sizeof(struct ip6_hdr);
1234 * Search for destination options headers or routing
1235 * header(s) through the header chain, and stores each
1236 * header as ancillary data.
1237 * Note that the order of the headers remains in
1238 * the chain of ancillary data.
1240 for (;;) { /* is explicit loop prevention necessary? */
1241 struct ip6_ext *ip6e = NULL;
1242 int elen;
1243 struct mbuf *ext = NULL;
1246 * if it is not an extension header, don't try to
1247 * pull it from the chain.
1249 switch (nxt) {
1250 case IPPROTO_DSTOPTS:
1251 case IPPROTO_ROUTING:
1252 case IPPROTO_HOPOPTS:
1253 case IPPROTO_AH: /* is it possible? */
1254 break;
1255 default:
1256 goto loopend;
1259 ext = ip6_pullexthdr(m, off, nxt);
1260 if (ext == NULL) {
1261 IP6_STATINC(IP6_STAT_TOOSHORT);
1262 return;
1264 ip6e = mtod(ext, struct ip6_ext *);
1265 if (nxt == IPPROTO_AH)
1266 elen = (ip6e->ip6e_len + 2) << 2;
1267 else
1268 elen = (ip6e->ip6e_len + 1) << 3;
1269 if (elen != ext->m_len) {
1270 m_freem(ext);
1271 IP6_STATINC(IP6_STAT_TOOSHORT);
1272 return;
1274 KASSERT(IP6_HDR_ALIGNED_P(ip6e));
1276 switch (nxt) {
1277 case IPPROTO_DSTOPTS:
1278 if (!(in6p->in6p_flags & IN6P_DSTOPTS))
1279 break;
1281 *mp = sbcreatecontrol((void *)ip6e, elen,
1282 IS2292(IPV6_2292DSTOPTS, IPV6_DSTOPTS),
1283 IPPROTO_IPV6);
1284 if (*mp)
1285 mp = &(*mp)->m_next;
1286 break;
1288 case IPPROTO_ROUTING:
1289 if (!(in6p->in6p_flags & IN6P_RTHDR))
1290 break;
1292 *mp = sbcreatecontrol((void *)ip6e, elen,
1293 IS2292(IPV6_2292RTHDR, IPV6_RTHDR),
1294 IPPROTO_IPV6);
1295 if (*mp)
1296 mp = &(*mp)->m_next;
1297 break;
1299 case IPPROTO_HOPOPTS:
1300 case IPPROTO_AH: /* is it possible? */
1301 break;
1303 default:
1305 * other cases have been filtered in the above.
1306 * none will visit this case. here we supply
1307 * the code just in case (nxt overwritten or
1308 * other cases).
1310 m_freem(ext);
1311 goto loopend;
1315 /* proceed with the next header. */
1316 off += elen;
1317 nxt = ip6e->ip6e_nxt;
1318 ip6e = NULL;
1319 m_freem(ext);
1320 ext = NULL;
1322 loopend:
1326 #undef IS2292
1329 void
1330 ip6_notify_pmtu(struct in6pcb *in6p, const struct sockaddr_in6 *dst,
1331 uint32_t *mtu)
1333 struct socket *so;
1334 struct mbuf *m_mtu;
1335 struct ip6_mtuinfo mtuctl;
1337 so = in6p->in6p_socket;
1339 if (mtu == NULL)
1340 return;
1342 #ifdef DIAGNOSTIC
1343 if (so == NULL) /* I believe this is impossible */
1344 panic("ip6_notify_pmtu: socket is NULL");
1345 #endif
1347 memset(&mtuctl, 0, sizeof(mtuctl)); /* zero-clear for safety */
1348 mtuctl.ip6m_mtu = *mtu;
1349 mtuctl.ip6m_addr = *dst;
1350 if (sa6_recoverscope(&mtuctl.ip6m_addr))
1351 return;
1353 if ((m_mtu = sbcreatecontrol((void *)&mtuctl, sizeof(mtuctl),
1354 IPV6_PATHMTU, IPPROTO_IPV6)) == NULL)
1355 return;
1357 if (sbappendaddr(&so->so_rcv, (const struct sockaddr *)dst, NULL, m_mtu)
1358 == 0) {
1359 m_freem(m_mtu);
1360 /* XXX: should count statistics */
1361 } else
1362 sorwakeup(so);
1364 return;
1368 * pull single extension header from mbuf chain. returns single mbuf that
1369 * contains the result, or NULL on error.
1371 static struct mbuf *
1372 ip6_pullexthdr(struct mbuf *m, size_t off, int nxt)
1374 struct ip6_ext ip6e;
1375 size_t elen;
1376 struct mbuf *n;
1378 #ifdef DIAGNOSTIC
1379 switch (nxt) {
1380 case IPPROTO_DSTOPTS:
1381 case IPPROTO_ROUTING:
1382 case IPPROTO_HOPOPTS:
1383 case IPPROTO_AH: /* is it possible? */
1384 break;
1385 default:
1386 printf("ip6_pullexthdr: invalid nxt=%d\n", nxt);
1388 #endif
1390 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e);
1391 if (nxt == IPPROTO_AH)
1392 elen = (ip6e.ip6e_len + 2) << 2;
1393 else
1394 elen = (ip6e.ip6e_len + 1) << 3;
1396 MGET(n, M_DONTWAIT, MT_DATA);
1397 if (n && elen >= MLEN) {
1398 MCLGET(n, M_DONTWAIT);
1399 if ((n->m_flags & M_EXT) == 0) {
1400 m_free(n);
1401 n = NULL;
1404 if (!n)
1405 return NULL;
1407 n->m_len = 0;
1408 if (elen >= M_TRAILINGSPACE(n)) {
1409 m_free(n);
1410 return NULL;
1413 m_copydata(m, off, elen, mtod(n, void *));
1414 n->m_len = elen;
1415 return n;
1419 * Get pointer to the previous header followed by the header
1420 * currently processed.
1421 * XXX: This function supposes that
1422 * M includes all headers,
1423 * the next header field and the header length field of each header
1424 * are valid, and
1425 * the sum of each header length equals to OFF.
1426 * Because of these assumptions, this function must be called very
1427 * carefully. Moreover, it will not be used in the near future when
1428 * we develop `neater' mechanism to process extension headers.
1430 u_int8_t *
1431 ip6_get_prevhdr(struct mbuf *m, int off)
1433 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
1435 if (off == sizeof(struct ip6_hdr))
1436 return (&ip6->ip6_nxt);
1437 else {
1438 int len, nxt;
1439 struct ip6_ext *ip6e = NULL;
1441 nxt = ip6->ip6_nxt;
1442 len = sizeof(struct ip6_hdr);
1443 while (len < off) {
1444 ip6e = (struct ip6_ext *)(mtod(m, char *) + len);
1446 switch (nxt) {
1447 case IPPROTO_FRAGMENT:
1448 len += sizeof(struct ip6_frag);
1449 break;
1450 case IPPROTO_AH:
1451 len += (ip6e->ip6e_len + 2) << 2;
1452 break;
1453 default:
1454 len += (ip6e->ip6e_len + 1) << 3;
1455 break;
1457 nxt = ip6e->ip6e_nxt;
1459 if (ip6e)
1460 return (&ip6e->ip6e_nxt);
1461 else
1462 return NULL;
1467 * get next header offset. m will be retained.
1470 ip6_nexthdr(struct mbuf *m, int off, int proto, int *nxtp)
1472 struct ip6_hdr ip6;
1473 struct ip6_ext ip6e;
1474 struct ip6_frag fh;
1476 /* just in case */
1477 if (m == NULL)
1478 panic("ip6_nexthdr: m == NULL");
1479 if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len < off)
1480 return -1;
1482 switch (proto) {
1483 case IPPROTO_IPV6:
1484 /* do not chase beyond intermediate IPv6 headers */
1485 if (off != 0)
1486 return -1;
1487 if (m->m_pkthdr.len < off + sizeof(ip6))
1488 return -1;
1489 m_copydata(m, off, sizeof(ip6), (void *)&ip6);
1490 if (nxtp)
1491 *nxtp = ip6.ip6_nxt;
1492 off += sizeof(ip6);
1493 return off;
1495 case IPPROTO_FRAGMENT:
1497 * terminate parsing if it is not the first fragment,
1498 * it does not make sense to parse through it.
1500 if (m->m_pkthdr.len < off + sizeof(fh))
1501 return -1;
1502 m_copydata(m, off, sizeof(fh), (void *)&fh);
1503 if ((fh.ip6f_offlg & IP6F_OFF_MASK) != 0)
1504 return -1;
1505 if (nxtp)
1506 *nxtp = fh.ip6f_nxt;
1507 off += sizeof(struct ip6_frag);
1508 return off;
1510 case IPPROTO_AH:
1511 if (m->m_pkthdr.len < off + sizeof(ip6e))
1512 return -1;
1513 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e);
1514 if (nxtp)
1515 *nxtp = ip6e.ip6e_nxt;
1516 off += (ip6e.ip6e_len + 2) << 2;
1517 if (m->m_pkthdr.len < off)
1518 return -1;
1519 return off;
1521 case IPPROTO_HOPOPTS:
1522 case IPPROTO_ROUTING:
1523 case IPPROTO_DSTOPTS:
1524 if (m->m_pkthdr.len < off + sizeof(ip6e))
1525 return -1;
1526 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e);
1527 if (nxtp)
1528 *nxtp = ip6e.ip6e_nxt;
1529 off += (ip6e.ip6e_len + 1) << 3;
1530 if (m->m_pkthdr.len < off)
1531 return -1;
1532 return off;
1534 case IPPROTO_NONE:
1535 case IPPROTO_ESP:
1536 case IPPROTO_IPCOMP:
1537 /* give up */
1538 return -1;
1540 default:
1541 return -1;
1546 * get offset for the last header in the chain. m will be kept untainted.
1549 ip6_lasthdr(struct mbuf *m, int off, int proto, int *nxtp)
1551 int newoff;
1552 int nxt;
1554 if (!nxtp) {
1555 nxt = -1;
1556 nxtp = &nxt;
1558 for (;;) {
1559 newoff = ip6_nexthdr(m, off, proto, nxtp);
1560 if (newoff < 0)
1561 return off;
1562 else if (newoff < off)
1563 return -1; /* invalid */
1564 else if (newoff == off)
1565 return newoff;
1567 off = newoff;
1568 proto = *nxtp;
1572 struct m_tag *
1573 ip6_addaux(struct mbuf *m)
1575 struct m_tag *mtag;
1577 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL);
1578 if (!mtag) {
1579 mtag = m_tag_get(PACKET_TAG_INET6, sizeof(struct ip6aux),
1580 M_NOWAIT);
1581 if (mtag) {
1582 m_tag_prepend(m, mtag);
1583 memset(mtag + 1, 0, sizeof(struct ip6aux));
1586 return mtag;
1589 struct m_tag *
1590 ip6_findaux(struct mbuf *m)
1592 struct m_tag *mtag;
1594 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL);
1595 return mtag;
1598 void
1599 ip6_delaux(struct mbuf *m)
1601 struct m_tag *mtag;
1603 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL);
1604 if (mtag)
1605 m_tag_delete(m, mtag);
1608 #ifdef GATEWAY
1610 * sysctl helper routine for net.inet.ip6.maxflows. Since
1611 * we could reduce this value, call ip6flow_reap();
1613 static int
1614 sysctl_net_inet6_ip6_maxflows(SYSCTLFN_ARGS)
1616 int error;
1618 error = sysctl_lookup(SYSCTLFN_CALL(rnode));
1619 if (error || newp == NULL)
1620 return (error);
1622 mutex_enter(softnet_lock);
1623 KERNEL_LOCK(1, NULL);
1625 ip6flow_reap(0);
1627 KERNEL_UNLOCK_ONE(NULL);
1628 mutex_exit(softnet_lock);
1630 return (0);
1633 static int
1634 sysctl_net_inet6_ip6_hashsize(SYSCTLFN_ARGS)
1636 int error, tmp;
1637 struct sysctlnode node;
1639 node = *rnode;
1640 tmp = ip6_hashsize;
1641 node.sysctl_data = &tmp;
1642 error = sysctl_lookup(SYSCTLFN_CALL(&node));
1643 if (error || newp == NULL)
1644 return (error);
1646 if ((tmp & (tmp - 1)) == 0 && tmp != 0) {
1648 * Can only fail due to malloc()
1650 mutex_enter(softnet_lock);
1651 KERNEL_LOCK(1, NULL);
1653 error = ip6flow_invalidate_all(tmp);
1655 KERNEL_UNLOCK_ONE(NULL);
1656 mutex_exit(softnet_lock);
1657 } else {
1659 * EINVAL if not a power of 2
1661 error = EINVAL;
1664 return error;
1666 #endif /* GATEWAY */
1669 * System control for IP6
1672 const u_char inet6ctlerrmap[PRC_NCMDS] = {
1673 0, 0, 0, 0,
1674 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH,
1675 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
1676 EMSGSIZE, EHOSTUNREACH, 0, 0,
1677 0, 0, 0, 0,
1678 ENOPROTOOPT
1681 static int
1682 sysctl_net_inet6_ip6_stats(SYSCTLFN_ARGS)
1685 return (NETSTAT_SYSCTL(ip6stat_percpu, IP6_NSTATS));
1688 static void
1689 sysctl_net_inet6_ip6_setup(struct sysctllog **clog)
1691 #ifdef RFC2292
1692 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y))
1693 #else
1694 #define IS2292(x, y) (y)
1695 #endif
1697 sysctl_createv(clog, 0, NULL, NULL,
1698 CTLFLAG_PERMANENT,
1699 CTLTYPE_NODE, "net", NULL,
1700 NULL, 0, NULL, 0,
1701 CTL_NET, CTL_EOL);
1702 sysctl_createv(clog, 0, NULL, NULL,
1703 CTLFLAG_PERMANENT,
1704 CTLTYPE_NODE, "inet6",
1705 SYSCTL_DESCR("PF_INET6 related settings"),
1706 NULL, 0, NULL, 0,
1707 CTL_NET, PF_INET6, CTL_EOL);
1708 sysctl_createv(clog, 0, NULL, NULL,
1709 CTLFLAG_PERMANENT,
1710 CTLTYPE_NODE, "ip6",
1711 SYSCTL_DESCR("IPv6 related settings"),
1712 NULL, 0, NULL, 0,
1713 CTL_NET, PF_INET6, IPPROTO_IPV6, CTL_EOL);
1715 sysctl_createv(clog, 0, NULL, NULL,
1716 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1717 CTLTYPE_INT, "forwarding",
1718 SYSCTL_DESCR("Enable forwarding of INET6 datagrams"),
1719 NULL, 0, &ip6_forwarding, 0,
1720 CTL_NET, PF_INET6, IPPROTO_IPV6,
1721 IPV6CTL_FORWARDING, CTL_EOL);
1722 sysctl_createv(clog, 0, NULL, NULL,
1723 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1724 CTLTYPE_INT, "redirect",
1725 SYSCTL_DESCR("Enable sending of ICMPv6 redirect messages"),
1726 NULL, 0, &ip6_sendredirects, 0,
1727 CTL_NET, PF_INET6, IPPROTO_IPV6,
1728 IPV6CTL_SENDREDIRECTS, CTL_EOL);
1729 sysctl_createv(clog, 0, NULL, NULL,
1730 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1731 CTLTYPE_INT, "hlim",
1732 SYSCTL_DESCR("Hop limit for an INET6 datagram"),
1733 NULL, 0, &ip6_defhlim, 0,
1734 CTL_NET, PF_INET6, IPPROTO_IPV6,
1735 IPV6CTL_DEFHLIM, CTL_EOL);
1736 #ifdef notyet
1737 sysctl_createv(clog, 0, NULL, NULL,
1738 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1739 CTLTYPE_INT, "mtu", NULL,
1740 NULL, 0, &, 0,
1741 CTL_NET, PF_INET6, IPPROTO_IPV6,
1742 IPV6CTL_DEFMTU, CTL_EOL);
1743 #endif
1744 #ifdef __no_idea__
1745 sysctl_createv(clog, 0, NULL, NULL,
1746 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1747 CTLTYPE_INT, "forwsrcrt", NULL,
1748 NULL, 0, &?, 0,
1749 CTL_NET, PF_INET6, IPPROTO_IPV6,
1750 IPV6CTL_FORWSRCRT, CTL_EOL);
1751 sysctl_createv(clog, 0, NULL, NULL,
1752 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1753 CTLTYPE_STRUCT, "mrtstats", NULL,
1754 NULL, 0, &?, sizeof(?),
1755 CTL_NET, PF_INET6, IPPROTO_IPV6,
1756 IPV6CTL_MRTSTATS, CTL_EOL);
1757 sysctl_createv(clog, 0, NULL, NULL,
1758 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1759 CTLTYPE_?, "mrtproto", NULL,
1760 NULL, 0, &?, sizeof(?),
1761 CTL_NET, PF_INET6, IPPROTO_IPV6,
1762 IPV6CTL_MRTPROTO, CTL_EOL);
1763 #endif
1764 sysctl_createv(clog, 0, NULL, NULL,
1765 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1766 CTLTYPE_INT, "maxfragpackets",
1767 SYSCTL_DESCR("Maximum number of fragments to buffer "
1768 "for reassembly"),
1769 NULL, 0, &ip6_maxfragpackets, 0,
1770 CTL_NET, PF_INET6, IPPROTO_IPV6,
1771 IPV6CTL_MAXFRAGPACKETS, CTL_EOL);
1772 #ifdef __no_idea__
1773 sysctl_createv(clog, 0, NULL, NULL,
1774 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1775 CTLTYPE_INT, "sourcecheck", NULL,
1776 NULL, 0, &?, 0,
1777 CTL_NET, PF_INET6, IPPROTO_IPV6,
1778 IPV6CTL_SOURCECHECK, CTL_EOL);
1779 sysctl_createv(clog, 0, NULL, NULL,
1780 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1781 CTLTYPE_INT, "sourcecheck_logint", NULL,
1782 NULL, 0, &?, 0,
1783 CTL_NET, PF_INET6, IPPROTO_IPV6,
1784 IPV6CTL_SOURCECHECK_LOGINT, CTL_EOL);
1785 #endif
1786 sysctl_createv(clog, 0, NULL, NULL,
1787 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1788 CTLTYPE_INT, "accept_rtadv",
1789 SYSCTL_DESCR("Accept router advertisements"),
1790 NULL, 0, &ip6_accept_rtadv, 0,
1791 CTL_NET, PF_INET6, IPPROTO_IPV6,
1792 IPV6CTL_ACCEPT_RTADV, CTL_EOL);
1793 sysctl_createv(clog, 0, NULL, NULL,
1794 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1795 CTLTYPE_INT, "keepfaith",
1796 SYSCTL_DESCR("Activate faith interface"),
1797 NULL, 0, &ip6_keepfaith, 0,
1798 CTL_NET, PF_INET6, IPPROTO_IPV6,
1799 IPV6CTL_KEEPFAITH, CTL_EOL);
1800 sysctl_createv(clog, 0, NULL, NULL,
1801 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1802 CTLTYPE_INT, "log_interval",
1803 SYSCTL_DESCR("Minumum interval between logging "
1804 "unroutable packets"),
1805 NULL, 0, &ip6_log_interval, 0,
1806 CTL_NET, PF_INET6, IPPROTO_IPV6,
1807 IPV6CTL_LOG_INTERVAL, CTL_EOL);
1808 sysctl_createv(clog, 0, NULL, NULL,
1809 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1810 CTLTYPE_INT, "hdrnestlimit",
1811 SYSCTL_DESCR("Maximum number of nested IPv6 headers"),
1812 NULL, 0, &ip6_hdrnestlimit, 0,
1813 CTL_NET, PF_INET6, IPPROTO_IPV6,
1814 IPV6CTL_HDRNESTLIMIT, CTL_EOL);
1815 sysctl_createv(clog, 0, NULL, NULL,
1816 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1817 CTLTYPE_INT, "dad_count",
1818 SYSCTL_DESCR("Number of Duplicate Address Detection "
1819 "probes to send"),
1820 NULL, 0, &ip6_dad_count, 0,
1821 CTL_NET, PF_INET6, IPPROTO_IPV6,
1822 IPV6CTL_DAD_COUNT, CTL_EOL);
1823 sysctl_createv(clog, 0, NULL, NULL,
1824 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1825 CTLTYPE_INT, "auto_flowlabel",
1826 SYSCTL_DESCR("Assign random IPv6 flow labels"),
1827 NULL, 0, &ip6_auto_flowlabel, 0,
1828 CTL_NET, PF_INET6, IPPROTO_IPV6,
1829 IPV6CTL_AUTO_FLOWLABEL, CTL_EOL);
1830 sysctl_createv(clog, 0, NULL, NULL,
1831 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1832 CTLTYPE_INT, "defmcasthlim",
1833 SYSCTL_DESCR("Default multicast hop limit"),
1834 NULL, 0, &ip6_defmcasthlim, 0,
1835 CTL_NET, PF_INET6, IPPROTO_IPV6,
1836 IPV6CTL_DEFMCASTHLIM, CTL_EOL);
1837 #if NGIF > 0
1838 sysctl_createv(clog, 0, NULL, NULL,
1839 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1840 CTLTYPE_INT, "gifhlim",
1841 SYSCTL_DESCR("Default hop limit for a gif tunnel datagram"),
1842 NULL, 0, &ip6_gif_hlim, 0,
1843 CTL_NET, PF_INET6, IPPROTO_IPV6,
1844 IPV6CTL_GIF_HLIM, CTL_EOL);
1845 #endif /* NGIF */
1846 sysctl_createv(clog, 0, NULL, NULL,
1847 CTLFLAG_PERMANENT,
1848 CTLTYPE_STRING, "kame_version",
1849 SYSCTL_DESCR("KAME Version"),
1850 NULL, 0, __UNCONST(__KAME_VERSION), 0,
1851 CTL_NET, PF_INET6, IPPROTO_IPV6,
1852 IPV6CTL_KAME_VERSION, CTL_EOL);
1853 sysctl_createv(clog, 0, NULL, NULL,
1854 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1855 CTLTYPE_INT, "use_deprecated",
1856 SYSCTL_DESCR("Allow use of deprecated addresses as "
1857 "source addresses"),
1858 NULL, 0, &ip6_use_deprecated, 0,
1859 CTL_NET, PF_INET6, IPPROTO_IPV6,
1860 IPV6CTL_USE_DEPRECATED, CTL_EOL);
1861 sysctl_createv(clog, 0, NULL, NULL,
1862 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1863 CTLTYPE_INT, "rr_prune", NULL,
1864 NULL, 0, &ip6_rr_prune, 0,
1865 CTL_NET, PF_INET6, IPPROTO_IPV6,
1866 IPV6CTL_RR_PRUNE, CTL_EOL);
1867 sysctl_createv(clog, 0, NULL, NULL,
1868 CTLFLAG_PERMANENT
1869 #ifndef INET6_BINDV6ONLY
1870 |CTLFLAG_READWRITE,
1871 #endif
1872 CTLTYPE_INT, "v6only",
1873 SYSCTL_DESCR("Disallow PF_INET6 sockets from connecting "
1874 "to PF_INET sockets"),
1875 NULL, 0, &ip6_v6only, 0,
1876 CTL_NET, PF_INET6, IPPROTO_IPV6,
1877 IPV6CTL_V6ONLY, CTL_EOL);
1878 sysctl_createv(clog, 0, NULL, NULL,
1879 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1880 CTLTYPE_INT, "anonportmin",
1881 SYSCTL_DESCR("Lowest ephemeral port number to assign"),
1882 sysctl_net_inet_ip_ports, 0, &ip6_anonportmin, 0,
1883 CTL_NET, PF_INET6, IPPROTO_IPV6,
1884 IPV6CTL_ANONPORTMIN, CTL_EOL);
1885 sysctl_createv(clog, 0, NULL, NULL,
1886 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1887 CTLTYPE_INT, "anonportmax",
1888 SYSCTL_DESCR("Highest ephemeral port number to assign"),
1889 sysctl_net_inet_ip_ports, 0, &ip6_anonportmax, 0,
1890 CTL_NET, PF_INET6, IPPROTO_IPV6,
1891 IPV6CTL_ANONPORTMAX, CTL_EOL);
1892 #ifndef IPNOPRIVPORTS
1893 sysctl_createv(clog, 0, NULL, NULL,
1894 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1895 CTLTYPE_INT, "lowportmin",
1896 SYSCTL_DESCR("Lowest privileged ephemeral port number "
1897 "to assign"),
1898 sysctl_net_inet_ip_ports, 0, &ip6_lowportmin, 0,
1899 CTL_NET, PF_INET6, IPPROTO_IPV6,
1900 IPV6CTL_LOWPORTMIN, CTL_EOL);
1901 sysctl_createv(clog, 0, NULL, NULL,
1902 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1903 CTLTYPE_INT, "lowportmax",
1904 SYSCTL_DESCR("Highest privileged ephemeral port number "
1905 "to assign"),
1906 sysctl_net_inet_ip_ports, 0, &ip6_lowportmax, 0,
1907 CTL_NET, PF_INET6, IPPROTO_IPV6,
1908 IPV6CTL_LOWPORTMAX, CTL_EOL);
1909 #endif /* IPNOPRIVPORTS */
1910 sysctl_createv(clog, 0, NULL, NULL,
1911 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1912 CTLTYPE_INT, "use_tempaddr",
1913 SYSCTL_DESCR("Use temporary address"),
1914 NULL, 0, &ip6_use_tempaddr, 0,
1915 CTL_NET, PF_INET6, IPPROTO_IPV6,
1916 CTL_CREATE, CTL_EOL);
1917 sysctl_createv(clog, 0, NULL, NULL,
1918 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1919 CTLTYPE_INT, "temppltime",
1920 SYSCTL_DESCR("preferred lifetime of a temporary address"),
1921 NULL, 0, &ip6_temp_preferred_lifetime, 0,
1922 CTL_NET, PF_INET6, IPPROTO_IPV6,
1923 CTL_CREATE, CTL_EOL);
1924 sysctl_createv(clog, 0, NULL, NULL,
1925 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1926 CTLTYPE_INT, "tempvltime",
1927 SYSCTL_DESCR("valid lifetime of a temporary address"),
1928 NULL, 0, &ip6_temp_valid_lifetime, 0,
1929 CTL_NET, PF_INET6, IPPROTO_IPV6,
1930 CTL_CREATE, CTL_EOL);
1931 sysctl_createv(clog, 0, NULL, NULL,
1932 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1933 CTLTYPE_INT, "maxfrags",
1934 SYSCTL_DESCR("Maximum fragments in reassembly queue"),
1935 NULL, 0, &ip6_maxfrags, 0,
1936 CTL_NET, PF_INET6, IPPROTO_IPV6,
1937 IPV6CTL_MAXFRAGS, CTL_EOL);
1938 sysctl_createv(clog, 0, NULL, NULL,
1939 CTLFLAG_PERMANENT,
1940 CTLTYPE_STRUCT, "stats",
1941 SYSCTL_DESCR("IPv6 statistics"),
1942 sysctl_net_inet6_ip6_stats, 0, NULL, 0,
1943 CTL_NET, PF_INET6, IPPROTO_IPV6,
1944 IPV6CTL_STATS, CTL_EOL);
1945 sysctl_createv(clog, 0, NULL, NULL,
1946 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1947 CTLTYPE_INT, "use_defaultzone",
1948 SYSCTL_DESCR("Whether to use the default scope zones"),
1949 NULL, 0, &ip6_use_defzone, 0,
1950 CTL_NET, PF_INET6, IPPROTO_IPV6,
1951 IPV6CTL_USE_DEFAULTZONE, CTL_EOL);
1952 sysctl_createv(clog, 0, NULL, NULL,
1953 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1954 CTLTYPE_INT, "mcast_pmtu",
1955 SYSCTL_DESCR("Enable pMTU discovery for multicast packet"),
1956 NULL, 0, &ip6_mcast_pmtu, 0,
1957 CTL_NET, PF_INET6, IPPROTO_IPV6,
1958 CTL_CREATE, CTL_EOL);
1959 #ifdef GATEWAY
1960 sysctl_createv(clog, 0, NULL, NULL,
1961 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1962 CTLTYPE_INT, "maxflows",
1963 SYSCTL_DESCR("Number of flows for fast forwarding (IPv6)"),
1964 sysctl_net_inet6_ip6_maxflows, 0, &ip6_maxflows, 0,
1965 CTL_NET, PF_INET6, IPPROTO_IPV6,
1966 CTL_CREATE, CTL_EOL);
1967 sysctl_createv(clog, 0, NULL, NULL,
1968 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1969 CTLTYPE_INT, "hashsize",
1970 SYSCTL_DESCR("Size of hash table for fast forwarding (IPv6)"),
1971 sysctl_net_inet6_ip6_hashsize, 0, &ip6_hashsize, 0,
1972 CTL_NET, PF_INET6, IPPROTO_IPV6,
1973 CTL_CREATE, CTL_EOL);
1974 #endif
1977 void
1978 ip6_statinc(u_int stat)
1981 KASSERT(stat < IP6_NSTATS);
1982 IP6_STATINC(stat);