1 /* $OpenBSD: if_ether.c,v 1.127 2014/05/07 08:14:59 mpi Exp $ */ 2 /* $NetBSD: if_ether.c,v 1.31 1996/05/11 12:59:58 mycroft Exp $ */ 3 4 /* 5 * Copyright (c) 1982, 1986, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)if_ether.c 8.1 (Berkeley) 6/10/93 33 */ 34 35 /* 36 * Ethernet address resolution protocol. 37 * TODO: 38 * add "inuse/lock" bit (or ref. count) along with valid bit 39 */ 40 41 #ifdef INET 42 #include "carp.h" 43 44 #include "bridge.h" 45 46 #include <sys/param.h> 47 #include <sys/systm.h> 48 #include <sys/mbuf.h> 49 #include <sys/socket.h> 50 #include <sys/timeout.h> 51 #include <sys/kernel.h> 52 #include <sys/syslog.h> 53 54 #include <net/if.h> 55 #include <net/if_dl.h> 56 #include <net/route.h> 57 #include <net/if_types.h> 58 59 #include <netinet/in.h> 60 #include <netinet/in_var.h> 61 #include <netinet/if_ether.h> 62 #if NCARP > 0 63 #include <netinet/ip_carp.h> 64 #endif 65 #if NBRIDGE > 0 66 #include <net/if_bridge.h> 67 #endif 68 69 #define SDL(s) ((struct sockaddr_dl *)s) 70 #define SRP(s) ((struct sockaddr_inarp *)s) 71 72 /* 73 * ARP trailer negotiation. Trailer protocol is not IP specific, 74 * but ARP request/response use IP addresses. 75 */ 76 #define ETHERTYPE_IPTRAILERS ETHERTYPE_TRAIL 77 78 /* timer values */ 79 int arpt_prune = (5*60*1); /* walk list every 5 minutes */ 80 int arpt_keep = (20*60); /* once resolved, good for 20 more minutes */ 81 int arpt_down = 20; /* once declared down, don't send for 20 secs */ 82 #define rt_expire rt_rmx.rmx_expire 83 84 void arptfree(struct llinfo_arp *); 85 void arptimer(void *); 86 struct llinfo_arp *arplookup(u_int32_t, int, int, u_int); 87 void in_arpinput(struct mbuf *); 88 89 LIST_HEAD(, llinfo_arp) llinfo_arp; 90 struct ifqueue arpintrq; 91 int arp_inuse, arp_allocated; 92 int arp_maxtries = 5; 93 int arpinit_done; 94 int la_hold_total; 95 96 #ifdef NFSCLIENT 97 /* revarp state */ 98 struct in_addr revarp_myip, revarp_srvip; 99 int revarp_finished; 100 int revarp_in_progress; 101 struct ifnet *revarp_ifp; 102 #endif /* NFSCLIENT */ 103 104 #ifdef DDB 105 106 void db_print_sa(struct sockaddr *); 107 void db_print_ifa(struct ifaddr *); 108 void db_print_llinfo(caddr_t); 109 int db_show_radix_node(struct radix_node *, void *, u_int); 110 #endif 111 112 static const struct sockaddr_dl null_sdl = { sizeof(null_sdl), AF_LINK }; 113 114 /* 115 * Timeout routine. Age arp_tab entries periodically. 116 */ 117 /* ARGSUSED */ 118 void 119 arptimer(void *arg) 120 { 121 struct timeout *to = (struct timeout *)arg; 122 int s; 123 struct llinfo_arp *la, *nla; 124 125 s = splsoftnet(); 126 timeout_add_sec(to, arpt_prune); 127 for (la = LIST_FIRST(&llinfo_arp); la != NULL; la = nla) { 128 struct rtentry *rt = la->la_rt; 129 130 nla = LIST_NEXT(la, la_list); 131 if (rt->rt_expire && rt->rt_expire <= time_second) 132 arptfree(la); /* timer has expired; clear */ 133 } 134 splx(s); 135 } 136 137 void 138 arp_rtrequest(int req, struct rtentry *rt) 139 { 140 struct sockaddr *gate = rt->rt_gateway; 141 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 142 struct ifnet *ifp = rt->rt_ifp; 143 struct ifaddr *ifa; 144 struct mbuf *m; 145 146 if (!arpinit_done) { 147 static struct timeout arptimer_to; 148 149 arpinit_done = 1; 150 IFQ_SET_MAXLEN(&arpintrq, 50); /* XXX hate magic numbers */ 151 /* 152 * We generate expiration times from time.tv_sec 153 * so avoid accidently creating permanent routes. 154 */ 155 if (time_second == 0) { 156 time_second++; 157 } 158 159 timeout_set(&arptimer_to, arptimer, &arptimer_to); 160 timeout_add_sec(&arptimer_to, 1); 161 } 162 163 if (rt->rt_flags & RTF_GATEWAY) 164 return; 165 166 switch (req) { 167 168 case RTM_ADD: 169 /* 170 * XXX: If this is a manually added route to interface 171 * such as older version of routed or gated might provide, 172 * restore cloning bit. 173 */ 174 if ((rt->rt_flags & RTF_HOST) == 0 && rt_mask(rt) && 175 satosin(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 176 rt->rt_flags |= RTF_CLONING; 177 if (rt->rt_flags & RTF_CLONING) { 178 /* 179 * Case 1: This route should come from a route to iface. 180 */ 181 rt_setgate(rt, rt_key(rt), (struct sockaddr *)&null_sdl, 182 ifp->if_rdomain); 183 gate = rt->rt_gateway; 184 SDL(gate)->sdl_type = ifp->if_type; 185 SDL(gate)->sdl_index = ifp->if_index; 186 /* 187 * Give this route an expiration time, even though 188 * it's a "permanent" route, so that routes cloned 189 * from it do not need their expiration time set. 190 */ 191 rt->rt_expire = time_second; 192 break; 193 } 194 /* Announce a new entry if requested. */ 195 if (rt->rt_flags & RTF_ANNOUNCE) 196 arprequest(ifp, 197 &satosin(rt_key(rt))->sin_addr.s_addr, 198 &satosin(rt_key(rt))->sin_addr.s_addr, 199 (u_char *)LLADDR(SDL(gate))); 200 /*FALLTHROUGH*/ 201 case RTM_RESOLVE: 202 if (gate->sa_family != AF_LINK || 203 gate->sa_len < sizeof(struct sockaddr_dl)) { 204 log(LOG_DEBUG, "%s: bad gateway value: %s\n", __func__, 205 ifp->if_xname); 206 break; 207 } 208 SDL(gate)->sdl_type = ifp->if_type; 209 SDL(gate)->sdl_index = ifp->if_index; 210 if (la != 0) 211 break; /* This happens on a route change */ 212 /* 213 * Case 2: This route may come from cloning, or a manual route 214 * add with a LL address. 215 */ 216 la = malloc(sizeof(*la), M_RTABLE, M_NOWAIT | M_ZERO); 217 rt->rt_llinfo = (caddr_t)la; 218 if (la == NULL) { 219 log(LOG_DEBUG, "%s: malloc failed\n", __func__); 220 break; 221 } 222 arp_inuse++; 223 arp_allocated++; 224 la->la_rt = rt; 225 rt->rt_flags |= RTF_LLINFO; 226 LIST_INSERT_HEAD(&llinfo_arp, la, la_list); 227 228 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 229 if ((ifa->ifa_addr->sa_family == AF_INET) && 230 ifatoia(ifa)->ia_addr.sin_addr.s_addr == 231 satosin(rt_key(rt))->sin_addr.s_addr) 232 break; 233 } 234 if (ifa) { 235 rt->rt_expire = 0; 236 SDL(gate)->sdl_alen = ETHER_ADDR_LEN; 237 memcpy(LLADDR(SDL(gate)), 238 ((struct arpcom *)ifp)->ac_enaddr, ETHER_ADDR_LEN); 239 240 /* 241 * XXX Since lo0 is in the default rdomain we 242 * should not (ab)use it for any route related 243 * to an interface of a different rdomain. 244 */ 245 rt->rt_ifp = lo0ifp; 246 247 /* 248 * make sure to set rt->rt_ifa to the interface 249 * address we are using, otherwise we will have trouble 250 * with source address selection. 251 */ 252 if (ifa != rt->rt_ifa) { 253 ifafree(rt->rt_ifa); 254 ifa->ifa_refcnt++; 255 rt->rt_ifa = ifa; 256 } 257 } 258 break; 259 260 case RTM_DELETE: 261 if (la == 0) 262 break; 263 arp_inuse--; 264 LIST_REMOVE(la, la_list); 265 rt->rt_llinfo = 0; 266 rt->rt_flags &= ~RTF_LLINFO; 267 while ((m = la->la_hold_head) != NULL) { 268 la->la_hold_head = la->la_hold_head->m_nextpkt; 269 la_hold_total--; 270 m_freem(m); 271 } 272 free(la, M_RTABLE); 273 } 274 } 275 276 /* 277 * Broadcast an ARP request. Caller specifies: 278 * - arp header source ip address 279 * - arp header target ip address 280 * - arp header source ethernet address 281 */ 282 void 283 arprequest(struct ifnet *ifp, u_int32_t *sip, u_int32_t *tip, u_int8_t *enaddr) 284 { 285 struct mbuf *m; 286 struct ether_header *eh; 287 struct ether_arp *ea; 288 struct sockaddr sa; 289 290 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 291 return; 292 m->m_len = sizeof(*ea); 293 m->m_pkthdr.len = sizeof(*ea); 294 m->m_pkthdr.ph_rtableid = ifp->if_rdomain; 295 MH_ALIGN(m, sizeof(*ea)); 296 ea = mtod(m, struct ether_arp *); 297 eh = (struct ether_header *)sa.sa_data; 298 memset(ea, 0, sizeof(*ea)); 299 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 300 eh->ether_type = htons(ETHERTYPE_ARP); /* if_output will not swap */ 301 ea->arp_hrd = htons(ARPHRD_ETHER); 302 ea->arp_pro = htons(ETHERTYPE_IP); 303 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 304 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 305 ea->arp_op = htons(ARPOP_REQUEST); 306 memcpy(eh->ether_shost, enaddr, sizeof(eh->ether_shost)); 307 memcpy(ea->arp_sha, enaddr, sizeof(ea->arp_sha)); 308 memcpy(ea->arp_spa, sip, sizeof(ea->arp_spa)); 309 memcpy(ea->arp_tpa, tip, sizeof(ea->arp_tpa)); 310 sa.sa_family = pseudo_AF_HDRCMPLT; 311 sa.sa_len = sizeof(sa); 312 m->m_flags |= M_BCAST; 313 (*ifp->if_output)(ifp, m, &sa, (struct rtentry *)0); 314 } 315 316 /* 317 * Resolve an IP address into an ethernet address. If success, 318 * desten is filled in. If there is no entry in arptab, 319 * set one up and broadcast a request for the IP address. 320 * Hold onto this mbuf and resend it once the address 321 * is finally resolved. A return value of 1 indicates 322 * that desten has been filled in and the packet should be sent 323 * normally; a 0 return indicates that the packet has been 324 * taken over here, either now or for later transmission. 325 */ 326 int 327 arpresolve(struct arpcom *ac, struct rtentry *rt, struct mbuf *m, 328 struct sockaddr *dst, u_char *desten) 329 { 330 struct llinfo_arp *la; 331 struct sockaddr_dl *sdl; 332 struct mbuf *mh; 333 char addr[INET_ADDRSTRLEN]; 334 335 if (m->m_flags & M_BCAST) { /* broadcast */ 336 memcpy(desten, etherbroadcastaddr, sizeof(etherbroadcastaddr)); 337 return (1); 338 } 339 if (m->m_flags & M_MCAST) { /* multicast */ 340 ETHER_MAP_IP_MULTICAST(&satosin(dst)->sin_addr, desten); 341 return (1); 342 } 343 if (rt) { 344 la = (struct llinfo_arp *)rt->rt_llinfo; 345 if (la == NULL) 346 log(LOG_DEBUG, "arpresolve: %s: route without link " 347 "local address\n", inet_ntop(AF_INET, 348 &satosin(dst)->sin_addr, addr, sizeof(addr))); 349 } else { 350 if ((la = arplookup(satosin(dst)->sin_addr.s_addr, RT_REPORT, 0, 351 ac->ac_if.if_rdomain)) != NULL) 352 rt = la->la_rt; 353 else 354 log(LOG_DEBUG, 355 "arpresolve: %s: can't allocate llinfo\n", 356 inet_ntop(AF_INET, &satosin(dst)->sin_addr, 357 addr, sizeof(addr))); 358 } 359 if (la == 0 || rt == 0) { 360 m_freem(m); 361 return (0); 362 } 363 sdl = SDL(rt->rt_gateway); 364 /* 365 * Check the address family and length is valid, the address 366 * is resolved; otherwise, try to resolve. 367 */ 368 if ((rt->rt_expire == 0 || rt->rt_expire > time_second) && 369 sdl->sdl_family == AF_LINK && sdl->sdl_alen != 0) { 370 memcpy(desten, LLADDR(sdl), sdl->sdl_alen); 371 return 1; 372 } 373 if (((struct ifnet *)ac)->if_flags & IFF_NOARP) { 374 m_freem(m); 375 return 0; 376 } 377 378 /* 379 * There is an arptab entry, but no ethernet address 380 * response yet. Insert mbuf in hold queue if below limit 381 * if above the limit free the queue without queuing the new packet. 382 */ 383 if (la_hold_total < MAX_HOLD_TOTAL && la_hold_total < nmbclust / 64) { 384 if (la->la_hold_count >= MAX_HOLD_QUEUE) { 385 mh = la->la_hold_head; 386 la->la_hold_head = la->la_hold_head->m_nextpkt; 387 if (mh == la->la_hold_tail) 388 la->la_hold_tail = NULL; 389 la->la_hold_count--; 390 la_hold_total--; 391 m_freem(mh); 392 } 393 if (la->la_hold_tail == NULL) 394 la->la_hold_head = m; 395 else 396 la->la_hold_tail->m_nextpkt = m; 397 la->la_hold_tail = m; 398 la->la_hold_count++; 399 la_hold_total++; 400 } else { 401 while ((mh = la->la_hold_head) != NULL) { 402 la->la_hold_head = 403 la->la_hold_head->m_nextpkt; 404 la_hold_total--; 405 m_freem(mh); 406 } 407 la->la_hold_tail = NULL; 408 la->la_hold_count = 0; 409 m_freem(m); 410 } 411 412 /* 413 * Re-send the ARP request when appropriate. 414 */ 415 #ifdef DIAGNOSTIC 416 if (rt->rt_expire == 0) { 417 /* This should never happen. (Should it? -gwr) */ 418 printf("arpresolve: unresolved and rt_expire == 0\n"); 419 /* Set expiration time to now (expired). */ 420 rt->rt_expire = time_second; 421 } 422 #endif 423 if (rt->rt_expire) { 424 rt->rt_flags &= ~RTF_REJECT; 425 if (la->la_asked == 0 || rt->rt_expire != time_second) { 426 rt->rt_expire = time_second; 427 if (la->la_asked++ < arp_maxtries) 428 arprequest(&ac->ac_if, 429 &satosin(rt->rt_ifa->ifa_addr)->sin_addr.s_addr, 430 &satosin(dst)->sin_addr.s_addr, 431 #if NCARP > 0 432 (rt->rt_ifp->if_type == IFT_CARP) ? 433 ((struct arpcom *) rt->rt_ifp->if_softc 434 )->ac_enaddr : 435 #endif 436 ac->ac_enaddr); 437 else { 438 rt->rt_flags |= RTF_REJECT; 439 rt->rt_expire += arpt_down; 440 la->la_asked = 0; 441 while ((mh = la->la_hold_head) != NULL) { 442 la->la_hold_head = 443 la->la_hold_head->m_nextpkt; 444 la_hold_total--; 445 m_freem(mh); 446 } 447 la->la_hold_tail = NULL; 448 la->la_hold_count = 0; 449 } 450 } 451 } 452 return (0); 453 } 454 455 /* 456 * Common length and type checks are done here, 457 * then the protocol-specific routine is called. 458 */ 459 void 460 arpintr(void) 461 { 462 struct mbuf *m; 463 struct arphdr *ar; 464 int s, len; 465 466 for (;;) { 467 s = splnet(); 468 IF_DEQUEUE(&arpintrq, m); 469 splx(s); 470 if (m == NULL) 471 break; 472 #ifdef DIAGNOSTIC 473 if ((m->m_flags & M_PKTHDR) == 0) 474 panic("arpintr"); 475 #endif 476 477 len = sizeof(struct arphdr); 478 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 479 continue; 480 481 ar = mtod(m, struct arphdr *); 482 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) { 483 m_freem(m); 484 continue; 485 } 486 487 len += 2 * (ar->ar_hln + ar->ar_pln); 488 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 489 continue; 490 491 switch (ntohs(ar->ar_pro)) { 492 case ETHERTYPE_IP: 493 case ETHERTYPE_IPTRAILERS: 494 in_arpinput(m); 495 continue; 496 } 497 m_freem(m); 498 } 499 } 500 501 /* 502 * ARP for Internet protocols on Ethernet. 503 * Algorithm is that given in RFC 826. 504 * In addition, a sanity check is performed on the sender 505 * protocol address, to catch impersonators. 506 * We no longer handle negotiations for use of trailer protocol: 507 * Formerly, ARP replied for protocol type ETHERTYPE_TRAIL sent 508 * along with IP replies if we wanted trailers sent to us, 509 * and also sent them in response to IP replies. 510 * This allowed either end to announce the desire to receive 511 * trailer packets. 512 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either, 513 * but formerly didn't normally send requests. 514 */ 515 void 516 in_arpinput(struct mbuf *m) 517 { 518 struct ether_arp *ea; 519 struct ifnet *ifp = m->m_pkthdr.rcvif; 520 struct arpcom *ac = (struct arpcom *)ifp; 521 struct ether_header *eh; 522 struct llinfo_arp *la = 0; 523 struct rtentry *rt; 524 struct ifaddr *ifa; 525 struct sockaddr_dl *sdl; 526 struct sockaddr sa; 527 struct in_addr isaddr, itaddr, myaddr; 528 struct mbuf *mh, *mt; 529 u_int8_t *enaddr = NULL; 530 #if NCARP > 0 531 u_int8_t *ether_shost = NULL; 532 #endif 533 char addr[INET_ADDRSTRLEN]; 534 int op; 535 536 ea = mtod(m, struct ether_arp *); 537 op = ntohs(ea->arp_op); 538 if ((op != ARPOP_REQUEST) && (op != ARPOP_REPLY)) 539 goto out; 540 #if notyet 541 if ((op == ARPOP_REPLY) && (m->m_flags & (M_BCAST|M_MCAST))) { 542 log(LOG_ERR, 543 "arp: received reply to broadcast or multicast address\n"); 544 goto out; 545 } 546 #endif 547 548 memcpy(&itaddr, ea->arp_tpa, sizeof(itaddr)); 549 memcpy(&isaddr, ea->arp_spa, sizeof(isaddr)); 550 551 /* First try: check target against our addresses */ 552 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 553 if (ifa->ifa_addr->sa_family != AF_INET) 554 continue; 555 556 if (itaddr.s_addr != ifatoia(ifa)->ia_addr.sin_addr.s_addr) 557 continue; 558 559 #if NCARP > 0 560 if (ifp->if_type == IFT_CARP && 561 ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) == 562 (IFF_UP|IFF_RUNNING))) { 563 if (op == ARPOP_REPLY) 564 break; 565 if (carp_iamatch(ifatoia(ifa), ea->arp_sha, 566 &enaddr, ðer_shost)) 567 break; 568 else 569 goto out; 570 } 571 #endif 572 break; 573 } 574 575 /* Second try: check source against our addresses */ 576 if (ifa == NULL) { 577 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 578 if (ifa->ifa_addr->sa_family != AF_INET) 579 continue; 580 581 if (isaddr.s_addr == 582 ifatoia(ifa)->ia_addr.sin_addr.s_addr) 583 break; 584 } 585 } 586 587 /* Third try: not one of our addresses, just find an usable ia */ 588 if (ifa == NULL) { 589 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 590 if (ifa->ifa_addr->sa_family == AF_INET) 591 break; 592 } 593 } 594 595 if (ifa == NULL) 596 goto out; 597 598 if (!enaddr) 599 enaddr = ac->ac_enaddr; 600 myaddr = ifatoia(ifa)->ia_addr.sin_addr; 601 602 if (!memcmp(ea->arp_sha, enaddr, sizeof(ea->arp_sha))) 603 goto out; /* it's from me, ignore it. */ 604 if (ETHER_IS_MULTICAST(&ea->arp_sha[0])) 605 if (!memcmp(ea->arp_sha, etherbroadcastaddr, 606 sizeof (ea->arp_sha))) { 607 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 608 log(LOG_ERR, "arp: ether address is broadcast for " 609 "IP address %s!\n", addr); 610 goto out; 611 } 612 if (myaddr.s_addr && isaddr.s_addr == myaddr.s_addr) { 613 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 614 log(LOG_ERR, 615 "duplicate IP address %s sent from ethernet address %s\n", 616 addr, ether_sprintf(ea->arp_sha)); 617 itaddr = myaddr; 618 goto reply; 619 } 620 la = arplookup(isaddr.s_addr, itaddr.s_addr == myaddr.s_addr, 0, 621 rtable_l2(m->m_pkthdr.ph_rtableid)); 622 if (la && (rt = la->la_rt) && (sdl = SDL(rt->rt_gateway))) { 623 if (sdl->sdl_alen) { 624 if (memcmp(ea->arp_sha, LLADDR(sdl), sdl->sdl_alen)) { 625 if (rt->rt_flags & RTF_PERMANENT_ARP) { 626 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 627 log(LOG_WARNING, 628 "arp: attempt to overwrite permanent " 629 "entry for %s by %s on %s\n", addr, 630 ether_sprintf(ea->arp_sha), 631 ac->ac_if.if_xname); 632 goto out; 633 } else if (rt->rt_ifp != &ac->ac_if) { 634 #if NCARP > 0 635 if (ac->ac_if.if_type != IFT_CARP) 636 #endif 637 { 638 inet_ntop(AF_INET, &isaddr, 639 addr, sizeof(addr)); 640 log(LOG_WARNING, 641 "arp: attempt to overwrite entry for" 642 " %s on %s by %s on %s\n", addr, 643 rt->rt_ifp->if_xname, 644 ether_sprintf(ea->arp_sha), 645 ac->ac_if.if_xname); 646 } 647 goto out; 648 } else { 649 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 650 log(LOG_INFO, 651 "arp info overwritten for %s by %s on %s\n", 652 addr, 653 ether_sprintf(ea->arp_sha), 654 ac->ac_if.if_xname); 655 rt->rt_expire = 1; /* no longer static */ 656 } 657 } 658 } else if (rt->rt_ifp != &ac->ac_if && 659 #if NBRIDGE > 0 660 !SAME_BRIDGE(ac->ac_if.if_bridgeport, 661 rt->rt_ifp->if_bridgeport) && 662 #endif 663 #if NCARP > 0 664 !(rt->rt_ifp->if_type == IFT_CARP && 665 rt->rt_ifp->if_carpdev == &ac->ac_if) && 666 !(ac->ac_if.if_type == IFT_CARP && 667 ac->ac_if.if_carpdev == rt->rt_ifp) && 668 #endif 669 1) { 670 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 671 log(LOG_WARNING, 672 "arp: attempt to add entry for %s " 673 "on %s by %s on %s\n", addr, 674 rt->rt_ifp->if_xname, 675 ether_sprintf(ea->arp_sha), 676 ac->ac_if.if_xname); 677 goto out; 678 } 679 sdl->sdl_alen = sizeof(ea->arp_sha); 680 memcpy(LLADDR(sdl), ea->arp_sha, sizeof(ea->arp_sha)); 681 if (rt->rt_expire) 682 rt->rt_expire = time_second + arpt_keep; 683 rt->rt_flags &= ~RTF_REJECT; 684 la->la_asked = 0; 685 rt_sendmsg(rt, RTM_RESOLVE, rt->rt_ifp->if_rdomain); 686 while ((mh = la->la_hold_head) != NULL) { 687 if ((la->la_hold_head = mh->m_nextpkt) == NULL) 688 la->la_hold_tail = NULL; 689 la->la_hold_count--; 690 la_hold_total--; 691 mt = la->la_hold_tail; 692 693 (*ac->ac_if.if_output)(&ac->ac_if, mh, rt_key(rt), rt); 694 695 if (la->la_hold_tail == mh) { 696 /* mbuf is back in queue. Discard. */ 697 la->la_hold_tail = mt; 698 if (la->la_hold_tail) 699 la->la_hold_tail->m_nextpkt = NULL; 700 else 701 la->la_hold_head = NULL; 702 la->la_hold_count--; 703 la_hold_total--; 704 m_freem(mh); 705 } 706 } 707 } 708 reply: 709 if (op != ARPOP_REQUEST) { 710 out: 711 m_freem(m); 712 return; 713 } 714 if (itaddr.s_addr == myaddr.s_addr) { 715 /* I am the target */ 716 memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); 717 memcpy(ea->arp_sha, enaddr, sizeof(ea->arp_sha)); 718 } else { 719 la = arplookup(itaddr.s_addr, 0, SIN_PROXY, 720 rtable_l2(m->m_pkthdr.ph_rtableid)); 721 if (la == 0) 722 goto out; 723 rt = la->la_rt; 724 if (rt->rt_ifp->if_type == IFT_CARP && ifp->if_type != IFT_CARP) 725 goto out; 726 memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); 727 sdl = SDL(rt->rt_gateway); 728 memcpy(ea->arp_sha, LLADDR(sdl), sizeof(ea->arp_sha)); 729 } 730 731 memcpy(ea->arp_tpa, ea->arp_spa, sizeof(ea->arp_spa)); 732 memcpy(ea->arp_spa, &itaddr, sizeof(ea->arp_spa)); 733 ea->arp_op = htons(ARPOP_REPLY); 734 ea->arp_pro = htons(ETHERTYPE_IP); /* let's be sure! */ 735 eh = (struct ether_header *)sa.sa_data; 736 memcpy(eh->ether_dhost, ea->arp_tha, sizeof(eh->ether_dhost)); 737 #if NCARP > 0 738 if (ether_shost) 739 enaddr = ether_shost; 740 #endif 741 memcpy(eh->ether_shost, enaddr, sizeof(eh->ether_shost)); 742 743 eh->ether_type = htons(ETHERTYPE_ARP); 744 sa.sa_family = pseudo_AF_HDRCMPLT; 745 sa.sa_len = sizeof(sa); 746 (*ac->ac_if.if_output)(&ac->ac_if, m, &sa, (struct rtentry *)0); 747 return; 748 } 749 750 /* 751 * Free an arp entry. 752 */ 753 void 754 arptfree(struct llinfo_arp *la) 755 { 756 struct rtentry *rt = la->la_rt; 757 struct sockaddr_dl *sdl; 758 u_int tid = 0; 759 760 if (rt == NULL) 761 panic("arptfree"); 762 if (rt->rt_refcnt > 0 && (sdl = SDL(rt->rt_gateway)) && 763 sdl->sdl_family == AF_LINK) { 764 sdl->sdl_alen = 0; 765 la->la_asked = 0; 766 rt->rt_flags &= ~RTF_REJECT; 767 return; 768 } 769 770 if (rt->rt_ifp) 771 tid = rt->rt_ifp->if_rdomain; 772 773 rtdeletemsg(rt, tid); 774 } 775 776 /* 777 * Lookup or enter a new address in arptab. 778 */ 779 struct llinfo_arp * 780 arplookup(u_int32_t addr, int create, int proxy, u_int tableid) 781 { 782 struct rtentry *rt; 783 struct sockaddr_inarp sin; 784 785 memset(&sin, 0, sizeof(sin)); 786 sin.sin_len = sizeof(sin); 787 sin.sin_family = AF_INET; 788 sin.sin_addr.s_addr = addr; 789 sin.sin_other = proxy ? SIN_PROXY : 0; 790 rt = rtalloc1((struct sockaddr *)&sin, create, tableid); 791 if (rt == 0) 792 return (0); 793 rt->rt_refcnt--; 794 if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 || 795 rt->rt_gateway->sa_family != AF_LINK) { 796 if (create) { 797 if (rt->rt_refcnt <= 0 && 798 (rt->rt_flags & RTF_CLONED) != 0) { 799 struct rt_addrinfo info; 800 801 memset(&info, 0, sizeof(info)); 802 info.rti_info[RTAX_DST] = rt_key(rt); 803 info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; 804 info.rti_info[RTAX_NETMASK] = rt_mask(rt); 805 806 rtrequest1(RTM_DELETE, &info, rt->rt_priority, 807 NULL, tableid); 808 } 809 } 810 return (0); 811 } 812 return ((struct llinfo_arp *)rt->rt_llinfo); 813 } 814 815 /* 816 * Check whether we do proxy ARP for this address and we point to ourselves. 817 */ 818 int 819 arpproxy(struct in_addr in, u_int rdomain) 820 { 821 struct llinfo_arp *la; 822 struct ifnet *ifp; 823 int found = 0; 824 825 la = arplookup(in.s_addr, 0, SIN_PROXY, rdomain); 826 if (la == NULL) 827 return (0); 828 829 TAILQ_FOREACH(ifp, &ifnet, if_list) { 830 if (ifp->if_rdomain != rdomain) 831 continue; 832 833 if (!memcmp(LLADDR((struct sockaddr_dl *)la->la_rt->rt_gateway), 834 LLADDR(ifp->if_sadl), 835 ETHER_ADDR_LEN)) { 836 found = 1; 837 break; 838 } 839 } 840 841 return (found); 842 } 843 844 void 845 arp_ifinit(struct arpcom *ac, struct ifaddr *ifa) 846 { 847 848 /* Warn the user if another station has this IP address. */ 849 arprequest(&ac->ac_if, 850 &satosin(ifa->ifa_addr)->sin_addr.s_addr, 851 &satosin(ifa->ifa_addr)->sin_addr.s_addr, 852 ac->ac_enaddr); 853 ifa->ifa_rtrequest = arp_rtrequest; 854 } 855 856 /* 857 * Called from Ethernet interrupt handlers 858 * when ether packet type ETHERTYPE_REVARP 859 * is received. Common length and type checks are done here, 860 * then the protocol-specific routine is called. 861 */ 862 void 863 revarpinput(struct mbuf *m) 864 { 865 struct arphdr *ar; 866 867 if (m->m_len < sizeof(struct arphdr)) 868 goto out; 869 ar = mtod(m, struct arphdr *); 870 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) 871 goto out; 872 if (m->m_len < sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln)) 873 goto out; 874 switch (ntohs(ar->ar_pro)) { 875 876 case ETHERTYPE_IP: 877 case ETHERTYPE_IPTRAILERS: 878 in_revarpinput(m); 879 return; 880 881 default: 882 break; 883 } 884 out: 885 m_freem(m); 886 } 887 888 /* 889 * RARP for Internet protocols on Ethernet. 890 * Algorithm is that given in RFC 903. 891 * We are only using for bootstrap purposes to get an ip address for one of 892 * our interfaces. Thus we support no user-interface. 893 * 894 * Since the contents of the RARP reply are specific to the interface that 895 * sent the request, this code must ensure that they are properly associated. 896 * 897 * Note: also supports ARP via RARP packets, per the RFC. 898 */ 899 void 900 in_revarpinput(struct mbuf *m) 901 { 902 #ifdef NFSCLIENT 903 struct ifnet *ifp; 904 #endif /* NFSCLIENT */ 905 struct ether_arp *ar; 906 int op; 907 908 ar = mtod(m, struct ether_arp *); 909 op = ntohs(ar->arp_op); 910 switch (op) { 911 case ARPOP_REQUEST: 912 case ARPOP_REPLY: /* per RFC */ 913 in_arpinput(m); 914 return; 915 case ARPOP_REVREPLY: 916 break; 917 case ARPOP_REVREQUEST: /* handled by rarpd(8) */ 918 default: 919 goto out; 920 } 921 #ifdef NFSCLIENT 922 if (!revarp_in_progress) 923 goto out; 924 ifp = m->m_pkthdr.rcvif; 925 if (ifp != revarp_ifp) /* !same interface */ 926 goto out; 927 if (revarp_finished) 928 goto wake; 929 if (memcmp(ar->arp_tha, ((struct arpcom *)ifp)->ac_enaddr, 930 sizeof(ar->arp_tha))) 931 goto out; 932 memcpy(&revarp_srvip, ar->arp_spa, sizeof(revarp_srvip)); 933 memcpy(&revarp_myip, ar->arp_tpa, sizeof(revarp_myip)); 934 revarp_finished = 1; 935 wake: /* Do wakeup every time in case it was missed. */ 936 wakeup((caddr_t)&revarp_myip); 937 #endif 938 939 out: 940 m_freem(m); 941 } 942 943 /* 944 * Send a RARP request for the ip address of the specified interface. 945 * The request should be RFC 903-compliant. 946 */ 947 void 948 revarprequest(struct ifnet *ifp) 949 { 950 struct sockaddr sa; 951 struct mbuf *m; 952 struct ether_header *eh; 953 struct ether_arp *ea; 954 struct arpcom *ac = (struct arpcom *)ifp; 955 956 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 957 return; 958 m->m_len = sizeof(*ea); 959 m->m_pkthdr.len = sizeof(*ea); 960 MH_ALIGN(m, sizeof(*ea)); 961 ea = mtod(m, struct ether_arp *); 962 eh = (struct ether_header *)sa.sa_data; 963 memset(ea, 0, sizeof(*ea)); 964 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 965 eh->ether_type = htons(ETHERTYPE_REVARP); 966 ea->arp_hrd = htons(ARPHRD_ETHER); 967 ea->arp_pro = htons(ETHERTYPE_IP); 968 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 969 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 970 ea->arp_op = htons(ARPOP_REVREQUEST); 971 memcpy(eh->ether_shost, ac->ac_enaddr, sizeof(ea->arp_tha)); 972 memcpy(ea->arp_sha, ac->ac_enaddr, sizeof(ea->arp_sha)); 973 memcpy(ea->arp_tha, ac->ac_enaddr, sizeof(ea->arp_tha)); 974 sa.sa_family = pseudo_AF_HDRCMPLT; 975 sa.sa_len = sizeof(sa); 976 m->m_flags |= M_BCAST; 977 ifp->if_output(ifp, m, &sa, (struct rtentry *)0); 978 } 979 980 #ifdef NFSCLIENT 981 /* 982 * RARP for the ip address of the specified interface, but also 983 * save the ip address of the server that sent the answer. 984 * Timeout if no response is received. 985 */ 986 int 987 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in, 988 struct in_addr *clnt_in) 989 { 990 int result, count = 20; 991 992 if (revarp_finished) 993 return EIO; 994 995 revarp_ifp = ifp; 996 revarp_in_progress = 1; 997 while (count--) { 998 revarprequest(ifp); 999 result = tsleep((caddr_t)&revarp_myip, PSOCK, "revarp", hz/2); 1000 if (result != EWOULDBLOCK) 1001 break; 1002 } 1003 revarp_in_progress = 0; 1004 if (!revarp_finished) 1005 return ENETUNREACH; 1006 1007 memcpy(serv_in, &revarp_srvip, sizeof(*serv_in)); 1008 memcpy(clnt_in, &revarp_myip, sizeof(*clnt_in)); 1009 return 0; 1010 } 1011 1012 /* For compatibility: only saves interface address. */ 1013 int 1014 revarpwhoami(struct in_addr *in, struct ifnet *ifp) 1015 { 1016 struct in_addr server; 1017 return (revarpwhoarewe(ifp, &server, in)); 1018 } 1019 #endif /* NFSCLIENT */ 1020 1021 #ifdef DDB 1022 1023 #include <machine/db_machdep.h> 1024 #include <ddb/db_interface.h> 1025 #include <ddb/db_output.h> 1026 1027 void 1028 db_print_sa(struct sockaddr *sa) 1029 { 1030 int len; 1031 u_char *p; 1032 1033 if (sa == 0) { 1034 db_printf("[NULL]"); 1035 return; 1036 } 1037 1038 p = (u_char *)sa; 1039 len = sa->sa_len; 1040 db_printf("["); 1041 while (len > 0) { 1042 db_printf("%d", *p); 1043 p++; 1044 len--; 1045 if (len) 1046 db_printf(","); 1047 } 1048 db_printf("]\n"); 1049 } 1050 1051 void 1052 db_print_ifa(struct ifaddr *ifa) 1053 { 1054 if (ifa == 0) 1055 return; 1056 db_printf(" ifa_addr="); 1057 db_print_sa(ifa->ifa_addr); 1058 db_printf(" ifa_dsta="); 1059 db_print_sa(ifa->ifa_dstaddr); 1060 db_printf(" ifa_mask="); 1061 db_print_sa(ifa->ifa_netmask); 1062 db_printf(" flags=0x%x, refcnt=%d, metric=%d\n", 1063 ifa->ifa_flags, ifa->ifa_refcnt, ifa->ifa_metric); 1064 } 1065 1066 void 1067 db_print_llinfo(caddr_t li) 1068 { 1069 struct llinfo_arp *la; 1070 1071 if (li == 0) 1072 return; 1073 la = (struct llinfo_arp *)li; 1074 db_printf(" la_rt=%p la_hold_head=%p, la_asked=0x%lx\n", 1075 la->la_rt, la->la_hold_head, la->la_asked); 1076 } 1077 1078 /* 1079 * Function to pass to rn_walktree(). 1080 * Return non-zero error to abort walk. 1081 */ 1082 int 1083 db_show_radix_node(struct radix_node *rn, void *w, u_int id) 1084 { 1085 struct rtentry *rt = (struct rtentry *)rn; 1086 1087 db_printf("rtentry=%p", rt); 1088 1089 db_printf(" flags=0x%x refcnt=%d use=%llu expire=%lld rtableid=%u\n", 1090 rt->rt_flags, rt->rt_refcnt, rt->rt_use, rt->rt_expire, id); 1091 1092 db_printf(" key="); db_print_sa(rt_key(rt)); 1093 db_printf(" mask="); db_print_sa(rt_mask(rt)); 1094 db_printf(" gw="); db_print_sa(rt->rt_gateway); 1095 1096 db_printf(" ifp=%p ", rt->rt_ifp); 1097 if (rt->rt_ifp) 1098 db_printf("(%s)", rt->rt_ifp->if_xname); 1099 else 1100 db_printf("(NULL)"); 1101 1102 db_printf(" ifa=%p\n", rt->rt_ifa); 1103 db_print_ifa(rt->rt_ifa); 1104 1105 db_printf(" gwroute=%p llinfo=%p\n", rt->rt_gwroute, rt->rt_llinfo); 1106 db_print_llinfo(rt->rt_llinfo); 1107 return (0); 1108 } 1109 1110 /* 1111 * Function to print all the route trees. 1112 * Use this from ddb: "call db_show_arptab" 1113 */ 1114 int 1115 db_show_arptab(void) 1116 { 1117 struct radix_node_head *rnh; 1118 rnh = rtable_get(0, AF_INET); 1119 db_printf("Route tree for AF_INET\n"); 1120 if (rnh == NULL) { 1121 db_printf(" (not initialized)\n"); 1122 return (0); 1123 } 1124 rn_walktree(rnh, db_show_radix_node, NULL); 1125 return (0); 1126 } 1127 #endif 1128 #endif /* INET */ 1129