1 /* $OpenBSD: if_ether.c,v 1.154 2015/06/07 01:25:27 krw Exp $ */ 2 /* $NetBSD: if_ether.c,v 1.31 1996/05/11 12:59:58 mycroft Exp $ */ 3 4 /* 5 * Copyright (c) 1982, 1986, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)if_ether.c 8.1 (Berkeley) 6/10/93 33 */ 34 35 /* 36 * Ethernet address resolution protocol. 37 * TODO: 38 * add "inuse/lock" bit (or ref. count) along with valid bit 39 */ 40 41 #include "carp.h" 42 43 #include "bridge.h" 44 45 #include <sys/param.h> 46 #include <sys/systm.h> 47 #include <sys/mbuf.h> 48 #include <sys/socket.h> 49 #include <sys/timeout.h> 50 #include <sys/kernel.h> 51 #include <sys/syslog.h> 52 #include <sys/queue.h> 53 #include <sys/pool.h> 54 55 #include <net/if.h> 56 #include <net/if_var.h> 57 #include <net/if_dl.h> 58 #include <net/route.h> 59 #include <net/if_types.h> 60 #include <net/netisr.h> 61 62 #include <netinet/in.h> 63 #include <netinet/in_var.h> 64 #include <netinet/if_ether.h> 65 #if NCARP > 0 66 #include <netinet/ip_carp.h> 67 #endif 68 #if NBRIDGE > 0 69 #include <net/if_bridge.h> 70 #endif 71 72 #define SDL(s) ((struct sockaddr_dl *)s) 73 74 /* 75 * ARP trailer negotiation. Trailer protocol is not IP specific, 76 * but ARP request/response use IP addresses. 77 */ 78 #define ETHERTYPE_IPTRAILERS ETHERTYPE_TRAIL 79 80 struct llinfo_arp { 81 LIST_ENTRY(llinfo_arp) la_list; 82 struct rtentry *la_rt; /* backpointer to rtentry */ 83 long la_asked; /* last time we QUERIED */ 84 struct mbuf_list la_ml; /* packet hold queue */ 85 }; 86 #define LA_HOLD_QUEUE 10 87 #define LA_HOLD_TOTAL 100 88 89 /* timer values */ 90 int arpt_prune = (5*60*1); /* walk list every 5 minutes */ 91 int arpt_keep = (20*60); /* once resolved, good for 20 more minutes */ 92 int arpt_down = 20; /* once declared down, don't send for 20 secs */ 93 94 void arptfree(struct llinfo_arp *); 95 void arptimer(void *); 96 struct llinfo_arp *arplookup(u_int32_t, int, int, u_int); 97 void in_arpinput(struct mbuf *); 98 99 LIST_HEAD(, llinfo_arp) llinfo_arp; 100 struct pool arp_pool; /* pool for llinfo_arp structures */ 101 /* XXX hate magic numbers */ 102 struct niqueue arpintrq = NIQUEUE_INITIALIZER(50, NETISR_ARP); 103 int arp_inuse, arp_allocated; 104 int arp_maxtries = 5; 105 int arpinit_done; 106 int la_hold_total; 107 108 #ifdef NFSCLIENT 109 /* revarp state */ 110 struct in_addr revarp_myip, revarp_srvip; 111 int revarp_finished; 112 int revarp_in_progress; 113 struct ifnet *revarp_ifp; 114 #endif /* NFSCLIENT */ 115 116 #ifdef DDB 117 118 void db_print_sa(struct sockaddr *); 119 void db_print_ifa(struct ifaddr *); 120 void db_print_llinfo(caddr_t); 121 int db_show_radix_node(struct radix_node *, void *, u_int); 122 #endif 123 124 /* 125 * Timeout routine. Age arp_tab entries periodically. 126 */ 127 /* ARGSUSED */ 128 void 129 arptimer(void *arg) 130 { 131 struct timeout *to = (struct timeout *)arg; 132 int s; 133 struct llinfo_arp *la, *nla; 134 135 s = splsoftnet(); 136 timeout_add_sec(to, arpt_prune); 137 for (la = LIST_FIRST(&llinfo_arp); la != NULL; la = nla) { 138 struct rtentry *rt = la->la_rt; 139 140 nla = LIST_NEXT(la, la_list); 141 if (rt->rt_expire && rt->rt_expire <= time_second) 142 arptfree(la); /* timer has expired; clear */ 143 } 144 splx(s); 145 } 146 147 void 148 arp_rtrequest(int req, struct rtentry *rt) 149 { 150 struct sockaddr *gate = rt->rt_gateway; 151 struct llinfo_arp *la = (struct llinfo_arp *)rt->rt_llinfo; 152 struct ifnet *ifp = rt->rt_ifp; 153 struct ifaddr *ifa; 154 struct mbuf *m; 155 156 if (!arpinit_done) { 157 static struct timeout arptimer_to; 158 159 arpinit_done = 1; 160 pool_init(&arp_pool, sizeof(struct llinfo_arp), 0, 0, 0, "arp", 161 NULL); 162 /* 163 * We generate expiration times from time.tv_sec 164 * so avoid accidently creating permanent routes. 165 */ 166 if (time_second == 0) { 167 time_second++; 168 } 169 170 timeout_set(&arptimer_to, arptimer, &arptimer_to); 171 timeout_add_sec(&arptimer_to, 1); 172 } 173 174 if (rt->rt_flags & (RTF_GATEWAY|RTF_BROADCAST)) 175 return; 176 177 switch (req) { 178 179 case RTM_ADD: 180 /* 181 * XXX: If this is a manually added route to interface 182 * such as older version of routed or gated might provide, 183 * restore cloning bit. 184 */ 185 if ((rt->rt_flags & RTF_HOST) == 0 && rt_mask(rt) && 186 satosin(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 187 rt->rt_flags |= RTF_CLONING; 188 if (rt->rt_flags & RTF_CLONING || 189 ((rt->rt_flags & (RTF_LLINFO | RTF_LOCAL)) && !la)) { 190 /* 191 * Give this route an expiration time, even though 192 * it's a "permanent" route, so that routes cloned 193 * from it do not need their expiration time set. 194 */ 195 rt->rt_expire = time_second; 196 if ((rt->rt_flags & RTF_CLONING) != 0) 197 break; 198 } 199 /* Announce a new entry if requested. */ 200 if (rt->rt_flags & RTF_ANNOUNCE) 201 arprequest(ifp, 202 &satosin(rt_key(rt))->sin_addr.s_addr, 203 &satosin(rt_key(rt))->sin_addr.s_addr, 204 (u_char *)LLADDR(SDL(gate))); 205 /*FALLTHROUGH*/ 206 case RTM_RESOLVE: 207 if (gate->sa_family != AF_LINK || 208 gate->sa_len < sizeof(struct sockaddr_dl)) { 209 log(LOG_DEBUG, "%s: bad gateway value: %s\n", __func__, 210 ifp->if_xname); 211 break; 212 } 213 SDL(gate)->sdl_type = ifp->if_type; 214 SDL(gate)->sdl_index = ifp->if_index; 215 if (la != 0) 216 break; /* This happens on a route change */ 217 /* 218 * Case 2: This route may come from cloning, or a manual route 219 * add with a LL address. 220 */ 221 la = pool_get(&arp_pool, PR_NOWAIT | PR_ZERO); 222 rt->rt_llinfo = (caddr_t)la; 223 if (la == NULL) { 224 log(LOG_DEBUG, "%s: malloc failed\n", __func__); 225 break; 226 } 227 arp_inuse++; 228 arp_allocated++; 229 ml_init(&la->la_ml); 230 la->la_rt = rt; 231 rt->rt_flags |= RTF_LLINFO; 232 LIST_INSERT_HEAD(&llinfo_arp, la, la_list); 233 234 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 235 if ((ifa->ifa_addr->sa_family == AF_INET) && 236 ifatoia(ifa)->ia_addr.sin_addr.s_addr == 237 satosin(rt_key(rt))->sin_addr.s_addr) 238 break; 239 } 240 if (ifa) { 241 rt->rt_expire = 0; 242 /* 243 * XXX Since lo0 is in the default rdomain we 244 * should not (ab)use it for any route related 245 * to an interface of a different rdomain. 246 */ 247 rt->rt_ifp = lo0ifp; 248 249 /* 250 * make sure to set rt->rt_ifa to the interface 251 * address we are using, otherwise we will have trouble 252 * with source address selection. 253 */ 254 if (ifa != rt->rt_ifa) { 255 ifafree(rt->rt_ifa); 256 ifa->ifa_refcnt++; 257 rt->rt_ifa = ifa; 258 } 259 } 260 break; 261 262 case RTM_DELETE: 263 if (la == NULL) 264 break; 265 arp_inuse--; 266 LIST_REMOVE(la, la_list); 267 rt->rt_llinfo = 0; 268 rt->rt_flags &= ~RTF_LLINFO; 269 while ((m = ml_dequeue(&la->la_ml)) != NULL) { 270 la_hold_total--; 271 m_freem(m); 272 } 273 pool_put(&arp_pool, la); 274 } 275 } 276 277 /* 278 * Broadcast an ARP request. Caller specifies: 279 * - arp header source ip address 280 * - arp header target ip address 281 * - arp header source ethernet address 282 */ 283 void 284 arprequest(struct ifnet *ifp, u_int32_t *sip, u_int32_t *tip, u_int8_t *enaddr) 285 { 286 struct mbuf *m; 287 struct ether_header *eh; 288 struct ether_arp *ea; 289 struct sockaddr sa; 290 291 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 292 return; 293 m->m_len = sizeof(*ea); 294 m->m_pkthdr.len = sizeof(*ea); 295 m->m_pkthdr.ph_rtableid = ifp->if_rdomain; 296 MH_ALIGN(m, sizeof(*ea)); 297 ea = mtod(m, struct ether_arp *); 298 eh = (struct ether_header *)sa.sa_data; 299 memset(ea, 0, sizeof(*ea)); 300 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 301 eh->ether_type = htons(ETHERTYPE_ARP); /* if_output will not swap */ 302 ea->arp_hrd = htons(ARPHRD_ETHER); 303 ea->arp_pro = htons(ETHERTYPE_IP); 304 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 305 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 306 ea->arp_op = htons(ARPOP_REQUEST); 307 memcpy(eh->ether_shost, enaddr, sizeof(eh->ether_shost)); 308 memcpy(ea->arp_sha, enaddr, sizeof(ea->arp_sha)); 309 memcpy(ea->arp_spa, sip, sizeof(ea->arp_spa)); 310 memcpy(ea->arp_tpa, tip, sizeof(ea->arp_tpa)); 311 sa.sa_family = pseudo_AF_HDRCMPLT; 312 sa.sa_len = sizeof(sa); 313 m->m_flags |= M_BCAST; 314 (*ifp->if_output)(ifp, m, &sa, (struct rtentry *)0); 315 } 316 317 /* 318 * Resolve an IP address into an ethernet address. If success, 319 * desten is filled in. If there is no entry in arptab, 320 * set one up and broadcast a request for the IP address. 321 * Hold onto this mbuf and resend it once the address 322 * is finally resolved. A return value of 0 indicates 323 * that desten has been filled in and the packet should be sent 324 * normally; A return value of EAGAIN indicates that the packet 325 * has been taken over here, either now or for later transmission. 326 * Any other return value indicates an error. 327 */ 328 int 329 arpresolve(struct arpcom *ac, struct rtentry *rt0, struct mbuf *m, 330 struct sockaddr *dst, u_char *desten) 331 { 332 struct llinfo_arp *la; 333 struct sockaddr_dl *sdl; 334 struct rtentry *rt = NULL; 335 struct mbuf *mh; 336 char addr[INET_ADDRSTRLEN]; 337 int error; 338 339 if (m->m_flags & M_BCAST) { /* broadcast */ 340 memcpy(desten, etherbroadcastaddr, sizeof(etherbroadcastaddr)); 341 return (0); 342 } 343 if (m->m_flags & M_MCAST) { /* multicast */ 344 ETHER_MAP_IP_MULTICAST(&satosin(dst)->sin_addr, desten); 345 return (0); 346 } 347 348 if (rt0 != NULL) { 349 error = rt_checkgate(&ac->ac_if, rt0, dst, 350 m->m_pkthdr.ph_rtableid, &rt); 351 if (error) { 352 m_freem(m); 353 return (error); 354 } 355 356 if ((rt->rt_flags & RTF_LLINFO) == 0) { 357 log(LOG_DEBUG, "arpresolve: %s: route contains no arp" 358 " information\n", inet_ntop(AF_INET, 359 &satosin(rt_key(rt))->sin_addr, addr, 360 sizeof(addr))); 361 m_freem(m); 362 return (EINVAL); 363 } 364 365 la = (struct llinfo_arp *)rt->rt_llinfo; 366 if (la == NULL) 367 log(LOG_DEBUG, "arpresolve: %s: route without link " 368 "local address\n", inet_ntop(AF_INET, 369 &satosin(dst)->sin_addr, addr, sizeof(addr))); 370 } else { 371 if ((la = arplookup(satosin(dst)->sin_addr.s_addr, 1, 0, 372 ac->ac_if.if_rdomain)) != NULL) 373 rt = la->la_rt; 374 else 375 log(LOG_DEBUG, 376 "arpresolve: %s: can't allocate llinfo\n", 377 inet_ntop(AF_INET, &satosin(dst)->sin_addr, 378 addr, sizeof(addr))); 379 } 380 if (la == NULL || rt == NULL) { 381 m_freem(m); 382 return (EINVAL); 383 } 384 sdl = SDL(rt->rt_gateway); 385 if (sdl->sdl_alen > 0 && sdl->sdl_alen != ETHER_ADDR_LEN) { 386 log(LOG_DEBUG, "%s: %s: incorrect arp information\n", __func__, 387 inet_ntop(AF_INET, &satosin(dst)->sin_addr, 388 addr, sizeof(addr))); 389 m_freem(m); 390 return (EINVAL); 391 } 392 /* 393 * Check the address family and length is valid, the address 394 * is resolved; otherwise, try to resolve. 395 */ 396 if ((rt->rt_expire == 0 || rt->rt_expire > time_second) && 397 sdl->sdl_family == AF_LINK && sdl->sdl_alen != 0) { 398 memcpy(desten, LLADDR(sdl), sdl->sdl_alen); 399 return (0); 400 } 401 if (((struct ifnet *)ac)->if_flags & IFF_NOARP) { 402 m_freem(m); 403 return (EINVAL); 404 } 405 406 /* 407 * There is an arptab entry, but no ethernet address 408 * response yet. Insert mbuf in hold queue if below limit 409 * if above the limit free the queue without queuing the new packet. 410 */ 411 if (la_hold_total < LA_HOLD_TOTAL && la_hold_total < nmbclust / 64) { 412 if (ml_len(&la->la_ml) >= LA_HOLD_QUEUE) { 413 mh = ml_dequeue(&la->la_ml); 414 la_hold_total--; 415 m_freem(mh); 416 } 417 ml_enqueue(&la->la_ml, m); 418 la_hold_total++; 419 } else { 420 while ((mh = ml_dequeue(&la->la_ml)) != NULL) { 421 la_hold_total--; 422 m_freem(mh); 423 } 424 m_freem(m); 425 } 426 427 /* 428 * Re-send the ARP request when appropriate. 429 */ 430 #ifdef DIAGNOSTIC 431 if (rt->rt_expire == 0) { 432 /* This should never happen. (Should it? -gwr) */ 433 printf("arpresolve: unresolved and rt_expire == 0\n"); 434 /* Set expiration time to now (expired). */ 435 rt->rt_expire = time_second; 436 } 437 #endif 438 if (rt->rt_expire) { 439 rt->rt_flags &= ~RTF_REJECT; 440 if (la->la_asked == 0 || rt->rt_expire != time_second) { 441 rt->rt_expire = time_second; 442 if (la->la_asked++ < arp_maxtries) 443 arprequest(&ac->ac_if, 444 &satosin(rt->rt_ifa->ifa_addr)->sin_addr.s_addr, 445 &satosin(dst)->sin_addr.s_addr, 446 #if NCARP > 0 447 (rt->rt_ifp->if_type == IFT_CARP) ? 448 ((struct arpcom *) rt->rt_ifp->if_softc 449 )->ac_enaddr : 450 #endif 451 ac->ac_enaddr); 452 else { 453 rt->rt_flags |= RTF_REJECT; 454 rt->rt_expire += arpt_down; 455 la->la_asked = 0; 456 while ((mh = ml_dequeue(&la->la_ml)) != NULL) { 457 la_hold_total--; 458 m_freem(mh); 459 } 460 } 461 } 462 } 463 return (EAGAIN); 464 } 465 466 /* 467 * Common length and type checks are done here, 468 * then the protocol-specific routine is called. 469 */ 470 void 471 arpintr(void) 472 { 473 struct mbuf *m; 474 struct arphdr *ar; 475 int len; 476 477 while ((m = niq_dequeue(&arpintrq)) != NULL) { 478 #ifdef DIAGNOSTIC 479 if ((m->m_flags & M_PKTHDR) == 0) 480 panic("arpintr"); 481 #endif 482 483 len = sizeof(struct arphdr); 484 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 485 continue; 486 487 ar = mtod(m, struct arphdr *); 488 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) { 489 m_freem(m); 490 continue; 491 } 492 493 len += 2 * (ar->ar_hln + ar->ar_pln); 494 if (m->m_len < len && (m = m_pullup(m, len)) == NULL) 495 continue; 496 497 switch (ntohs(ar->ar_pro)) { 498 case ETHERTYPE_IP: 499 case ETHERTYPE_IPTRAILERS: 500 in_arpinput(m); 501 continue; 502 } 503 m_freem(m); 504 } 505 } 506 507 /* 508 * ARP for Internet protocols on Ethernet. 509 * Algorithm is that given in RFC 826. 510 * In addition, a sanity check is performed on the sender 511 * protocol address, to catch impersonators. 512 * We no longer handle negotiations for use of trailer protocol: 513 * Formerly, ARP replied for protocol type ETHERTYPE_TRAIL sent 514 * along with IP replies if we wanted trailers sent to us, 515 * and also sent them in response to IP replies. 516 * This allowed either end to announce the desire to receive 517 * trailer packets. 518 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either, 519 * but formerly didn't normally send requests. 520 */ 521 void 522 in_arpinput(struct mbuf *m) 523 { 524 struct ether_arp *ea; 525 struct ifnet *ifp = m->m_pkthdr.rcvif; 526 struct arpcom *ac = (struct arpcom *)ifp; 527 struct ether_header *eh; 528 struct llinfo_arp *la = 0; 529 struct rtentry *rt; 530 struct ifaddr *ifa; 531 struct sockaddr_dl *sdl; 532 struct sockaddr sa; 533 struct in_addr isaddr, itaddr, myaddr; 534 struct mbuf *mh; 535 u_int8_t *enaddr = NULL; 536 #if NCARP > 0 537 u_int8_t *ether_shost = NULL; 538 #endif 539 char addr[INET_ADDRSTRLEN]; 540 int op, changed = 0; 541 unsigned int len; 542 543 ea = mtod(m, struct ether_arp *); 544 op = ntohs(ea->arp_op); 545 if ((op != ARPOP_REQUEST) && (op != ARPOP_REPLY)) 546 goto out; 547 #if notyet 548 if ((op == ARPOP_REPLY) && (m->m_flags & (M_BCAST|M_MCAST))) { 549 log(LOG_ERR, 550 "arp: received reply to broadcast or multicast address\n"); 551 goto out; 552 } 553 #endif 554 555 memcpy(&itaddr, ea->arp_tpa, sizeof(itaddr)); 556 memcpy(&isaddr, ea->arp_spa, sizeof(isaddr)); 557 558 /* First try: check target against our addresses */ 559 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 560 if (ifa->ifa_addr->sa_family != AF_INET) 561 continue; 562 563 if (itaddr.s_addr != ifatoia(ifa)->ia_addr.sin_addr.s_addr) 564 continue; 565 566 #if NCARP > 0 567 if (ifp->if_type == IFT_CARP && 568 ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) == 569 (IFF_UP|IFF_RUNNING))) { 570 if (op == ARPOP_REPLY) 571 break; 572 if (carp_iamatch(ifatoia(ifa), ea->arp_sha, 573 &enaddr, ðer_shost)) 574 break; 575 else 576 goto out; 577 } 578 #endif 579 break; 580 } 581 582 /* Second try: check source against our addresses */ 583 if (ifa == NULL) { 584 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 585 if (ifa->ifa_addr->sa_family != AF_INET) 586 continue; 587 588 if (isaddr.s_addr == 589 ifatoia(ifa)->ia_addr.sin_addr.s_addr) 590 break; 591 } 592 } 593 594 /* Third try: not one of our addresses, just find an usable ia */ 595 if (ifa == NULL) { 596 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 597 if (ifa->ifa_addr->sa_family == AF_INET) 598 break; 599 } 600 } 601 602 if (ifa == NULL) 603 goto out; 604 605 if (!enaddr) 606 enaddr = ac->ac_enaddr; 607 myaddr = ifatoia(ifa)->ia_addr.sin_addr; 608 609 if (!memcmp(ea->arp_sha, enaddr, sizeof(ea->arp_sha))) 610 goto out; /* it's from me, ignore it. */ 611 if (ETHER_IS_MULTICAST(&ea->arp_sha[0])) 612 if (!memcmp(ea->arp_sha, etherbroadcastaddr, 613 sizeof (ea->arp_sha))) { 614 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 615 log(LOG_ERR, "arp: ether address is broadcast for " 616 "IP address %s!\n", addr); 617 goto out; 618 } 619 if (myaddr.s_addr && isaddr.s_addr == myaddr.s_addr) { 620 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 621 log(LOG_ERR, 622 "duplicate IP address %s sent from ethernet address %s\n", 623 addr, ether_sprintf(ea->arp_sha)); 624 itaddr = myaddr; 625 goto reply; 626 } 627 la = arplookup(isaddr.s_addr, itaddr.s_addr == myaddr.s_addr, 0, 628 rtable_l2(m->m_pkthdr.ph_rtableid)); 629 if (la && (rt = la->la_rt) && (sdl = SDL(rt->rt_gateway))) { 630 if (sdl->sdl_alen) { 631 if (memcmp(ea->arp_sha, LLADDR(sdl), sdl->sdl_alen)) { 632 if (rt->rt_flags & 633 (RTF_PERMANENT_ARP|RTF_LOCAL)) { 634 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 635 log(LOG_WARNING, 636 "arp: attempt to overwrite permanent " 637 "entry for %s by %s on %s\n", addr, 638 ether_sprintf(ea->arp_sha), 639 ac->ac_if.if_xname); 640 goto out; 641 } else if (rt->rt_ifp != &ac->ac_if) { 642 #if NCARP > 0 643 if (ac->ac_if.if_type != IFT_CARP) 644 #endif 645 { 646 inet_ntop(AF_INET, &isaddr, 647 addr, sizeof(addr)); 648 log(LOG_WARNING, 649 "arp: attempt to overwrite entry for" 650 " %s on %s by %s on %s\n", addr, 651 rt->rt_ifp->if_xname, 652 ether_sprintf(ea->arp_sha), 653 ac->ac_if.if_xname); 654 } 655 goto out; 656 } else { 657 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 658 log(LOG_INFO, 659 "arp info overwritten for %s by %s on %s\n", 660 addr, 661 ether_sprintf(ea->arp_sha), 662 ac->ac_if.if_xname); 663 rt->rt_expire = 1; /* no longer static */ 664 } 665 changed = 1; 666 } 667 } else if (rt->rt_ifp != &ac->ac_if && 668 #if NBRIDGE > 0 669 !SAME_BRIDGE(ac->ac_if.if_bridgeport, 670 rt->rt_ifp->if_bridgeport) && 671 #endif 672 #if NCARP > 0 673 !(rt->rt_ifp->if_type == IFT_CARP && 674 rt->rt_ifp->if_carpdev == &ac->ac_if) && 675 !(ac->ac_if.if_type == IFT_CARP && 676 ac->ac_if.if_carpdev == rt->rt_ifp) && 677 #endif 678 1) { 679 inet_ntop(AF_INET, &isaddr, addr, sizeof(addr)); 680 log(LOG_WARNING, 681 "arp: attempt to add entry for %s " 682 "on %s by %s on %s\n", addr, 683 rt->rt_ifp->if_xname, 684 ether_sprintf(ea->arp_sha), 685 ac->ac_if.if_xname); 686 goto out; 687 } 688 sdl->sdl_alen = sizeof(ea->arp_sha); 689 memcpy(LLADDR(sdl), ea->arp_sha, sizeof(ea->arp_sha)); 690 if (rt->rt_expire) 691 rt->rt_expire = time_second + arpt_keep; 692 rt->rt_flags &= ~RTF_REJECT; 693 /* Notify userland that an ARP resolution has been done. */ 694 if (la->la_asked || changed) 695 rt_sendmsg(rt, RTM_RESOLVE, rt->rt_ifp->if_rdomain); 696 la->la_asked = 0; 697 while ((len = ml_len(&la->la_ml)) != 0) { 698 mh = ml_dequeue(&la->la_ml); 699 la_hold_total--; 700 701 (*ac->ac_if.if_output)(&ac->ac_if, mh, rt_key(rt), rt); 702 703 if (ml_len(&la->la_ml) == len) { 704 /* mbuf is back in queue. Discard. */ 705 while ((mh = ml_dequeue(&la->la_ml)) != NULL) { 706 la_hold_total--; 707 m_freem(mh); 708 } 709 break; 710 } 711 } 712 } 713 reply: 714 if (op != ARPOP_REQUEST) { 715 out: 716 m_freem(m); 717 return; 718 } 719 if (itaddr.s_addr == myaddr.s_addr) { 720 /* I am the target */ 721 memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); 722 memcpy(ea->arp_sha, enaddr, sizeof(ea->arp_sha)); 723 } else { 724 la = arplookup(itaddr.s_addr, 0, SIN_PROXY, 725 rtable_l2(m->m_pkthdr.ph_rtableid)); 726 if (la == NULL) 727 goto out; 728 rt = la->la_rt; 729 if (rt->rt_ifp->if_type == IFT_CARP && ifp->if_type != IFT_CARP) 730 goto out; 731 memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); 732 sdl = SDL(rt->rt_gateway); 733 memcpy(ea->arp_sha, LLADDR(sdl), sizeof(ea->arp_sha)); 734 } 735 736 memcpy(ea->arp_tpa, ea->arp_spa, sizeof(ea->arp_spa)); 737 memcpy(ea->arp_spa, &itaddr, sizeof(ea->arp_spa)); 738 ea->arp_op = htons(ARPOP_REPLY); 739 ea->arp_pro = htons(ETHERTYPE_IP); /* let's be sure! */ 740 eh = (struct ether_header *)sa.sa_data; 741 memcpy(eh->ether_dhost, ea->arp_tha, sizeof(eh->ether_dhost)); 742 #if NCARP > 0 743 if (ether_shost) 744 enaddr = ether_shost; 745 #endif 746 memcpy(eh->ether_shost, enaddr, sizeof(eh->ether_shost)); 747 748 eh->ether_type = htons(ETHERTYPE_ARP); 749 sa.sa_family = pseudo_AF_HDRCMPLT; 750 sa.sa_len = sizeof(sa); 751 (*ac->ac_if.if_output)(&ac->ac_if, m, &sa, (struct rtentry *)0); 752 return; 753 } 754 755 /* 756 * Free an arp entry. 757 */ 758 void 759 arptfree(struct llinfo_arp *la) 760 { 761 struct rtentry *rt = la->la_rt; 762 struct sockaddr_dl *sdl; 763 u_int tid = 0; 764 765 if (rt == NULL) 766 panic("arptfree"); 767 if (rt->rt_refcnt > 0 && (sdl = SDL(rt->rt_gateway)) && 768 sdl->sdl_family == AF_LINK) { 769 sdl->sdl_alen = 0; 770 la->la_asked = 0; 771 rt->rt_flags &= ~RTF_REJECT; 772 return; 773 } 774 775 if (rt->rt_ifp) 776 tid = rt->rt_ifp->if_rdomain; 777 778 rtdeletemsg(rt, tid); 779 } 780 781 /* 782 * Lookup or enter a new address in arptab. 783 */ 784 struct llinfo_arp * 785 arplookup(u_int32_t addr, int create, int proxy, u_int tableid) 786 { 787 struct rtentry *rt; 788 struct sockaddr_inarp sin; 789 int flags; 790 791 memset(&sin, 0, sizeof(sin)); 792 sin.sin_len = sizeof(sin); 793 sin.sin_family = AF_INET; 794 sin.sin_addr.s_addr = addr; 795 sin.sin_other = proxy ? SIN_PROXY : 0; 796 flags = (create) ? (RT_REPORT|RT_RESOLVE) : 0; 797 798 rt = rtalloc((struct sockaddr *)&sin, flags, tableid); 799 if (rt == NULL) 800 return (0); 801 rt->rt_refcnt--; 802 if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 || 803 rt->rt_gateway->sa_family != AF_LINK) { 804 if (create) { 805 if (rt->rt_refcnt <= 0 && 806 (rt->rt_flags & RTF_CLONED) != 0) { 807 rtdeletemsg(rt, tableid); 808 } 809 } 810 return (0); 811 } 812 return ((struct llinfo_arp *)rt->rt_llinfo); 813 } 814 815 /* 816 * Check whether we do proxy ARP for this address and we point to ourselves. 817 */ 818 int 819 arpproxy(struct in_addr in, u_int rdomain) 820 { 821 struct llinfo_arp *la; 822 struct ifnet *ifp; 823 int found = 0; 824 825 la = arplookup(in.s_addr, 0, SIN_PROXY, rdomain); 826 if (la == NULL) 827 return (0); 828 829 TAILQ_FOREACH(ifp, &ifnet, if_list) { 830 if (ifp->if_rdomain != rdomain) 831 continue; 832 833 if (!memcmp(LLADDR((struct sockaddr_dl *)la->la_rt->rt_gateway), 834 LLADDR(ifp->if_sadl), 835 ETHER_ADDR_LEN)) { 836 found = 1; 837 break; 838 } 839 } 840 841 return (found); 842 } 843 844 void 845 arp_ifinit(struct arpcom *ac, struct ifaddr *ifa) 846 { 847 848 /* Warn the user if another station has this IP address. */ 849 arprequest(&ac->ac_if, 850 &satosin(ifa->ifa_addr)->sin_addr.s_addr, 851 &satosin(ifa->ifa_addr)->sin_addr.s_addr, 852 ac->ac_enaddr); 853 ifa->ifa_rtrequest = arp_rtrequest; 854 } 855 856 /* 857 * Called from Ethernet interrupt handlers 858 * when ether packet type ETHERTYPE_REVARP 859 * is received. Common length and type checks are done here, 860 * then the protocol-specific routine is called. 861 */ 862 void 863 revarpinput(struct mbuf *m) 864 { 865 struct arphdr *ar; 866 867 if (m->m_len < sizeof(struct arphdr)) 868 goto out; 869 ar = mtod(m, struct arphdr *); 870 if (ntohs(ar->ar_hrd) != ARPHRD_ETHER) 871 goto out; 872 if (m->m_len < sizeof(struct arphdr) + 2 * (ar->ar_hln + ar->ar_pln)) 873 goto out; 874 switch (ntohs(ar->ar_pro)) { 875 876 case ETHERTYPE_IP: 877 case ETHERTYPE_IPTRAILERS: 878 in_revarpinput(m); 879 return; 880 881 default: 882 break; 883 } 884 out: 885 m_freem(m); 886 } 887 888 /* 889 * RARP for Internet protocols on Ethernet. 890 * Algorithm is that given in RFC 903. 891 * We are only using for bootstrap purposes to get an ip address for one of 892 * our interfaces. Thus we support no user-interface. 893 * 894 * Since the contents of the RARP reply are specific to the interface that 895 * sent the request, this code must ensure that they are properly associated. 896 * 897 * Note: also supports ARP via RARP packets, per the RFC. 898 */ 899 void 900 in_revarpinput(struct mbuf *m) 901 { 902 #ifdef NFSCLIENT 903 struct ifnet *ifp; 904 #endif /* NFSCLIENT */ 905 struct ether_arp *ar; 906 int op; 907 908 ar = mtod(m, struct ether_arp *); 909 op = ntohs(ar->arp_op); 910 switch (op) { 911 case ARPOP_REQUEST: 912 case ARPOP_REPLY: /* per RFC */ 913 in_arpinput(m); 914 return; 915 case ARPOP_REVREPLY: 916 break; 917 case ARPOP_REVREQUEST: /* handled by rarpd(8) */ 918 default: 919 goto out; 920 } 921 #ifdef NFSCLIENT 922 if (!revarp_in_progress) 923 goto out; 924 ifp = m->m_pkthdr.rcvif; 925 if (ifp != revarp_ifp) /* !same interface */ 926 goto out; 927 if (revarp_finished) 928 goto wake; 929 if (memcmp(ar->arp_tha, ((struct arpcom *)ifp)->ac_enaddr, 930 sizeof(ar->arp_tha))) 931 goto out; 932 memcpy(&revarp_srvip, ar->arp_spa, sizeof(revarp_srvip)); 933 memcpy(&revarp_myip, ar->arp_tpa, sizeof(revarp_myip)); 934 revarp_finished = 1; 935 wake: /* Do wakeup every time in case it was missed. */ 936 wakeup((caddr_t)&revarp_myip); 937 #endif 938 939 out: 940 m_freem(m); 941 } 942 943 /* 944 * Send a RARP request for the ip address of the specified interface. 945 * The request should be RFC 903-compliant. 946 */ 947 void 948 revarprequest(struct ifnet *ifp) 949 { 950 struct sockaddr sa; 951 struct mbuf *m; 952 struct ether_header *eh; 953 struct ether_arp *ea; 954 struct arpcom *ac = (struct arpcom *)ifp; 955 956 if ((m = m_gethdr(M_DONTWAIT, MT_DATA)) == NULL) 957 return; 958 m->m_len = sizeof(*ea); 959 m->m_pkthdr.len = sizeof(*ea); 960 MH_ALIGN(m, sizeof(*ea)); 961 ea = mtod(m, struct ether_arp *); 962 eh = (struct ether_header *)sa.sa_data; 963 memset(ea, 0, sizeof(*ea)); 964 memcpy(eh->ether_dhost, etherbroadcastaddr, sizeof(eh->ether_dhost)); 965 eh->ether_type = htons(ETHERTYPE_REVARP); 966 ea->arp_hrd = htons(ARPHRD_ETHER); 967 ea->arp_pro = htons(ETHERTYPE_IP); 968 ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ 969 ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ 970 ea->arp_op = htons(ARPOP_REVREQUEST); 971 memcpy(eh->ether_shost, ac->ac_enaddr, sizeof(ea->arp_tha)); 972 memcpy(ea->arp_sha, ac->ac_enaddr, sizeof(ea->arp_sha)); 973 memcpy(ea->arp_tha, ac->ac_enaddr, sizeof(ea->arp_tha)); 974 sa.sa_family = pseudo_AF_HDRCMPLT; 975 sa.sa_len = sizeof(sa); 976 m->m_flags |= M_BCAST; 977 ifp->if_output(ifp, m, &sa, (struct rtentry *)0); 978 } 979 980 #ifdef NFSCLIENT 981 /* 982 * RARP for the ip address of the specified interface, but also 983 * save the ip address of the server that sent the answer. 984 * Timeout if no response is received. 985 */ 986 int 987 revarpwhoarewe(struct ifnet *ifp, struct in_addr *serv_in, 988 struct in_addr *clnt_in) 989 { 990 int result, count = 20; 991 992 if (revarp_finished) 993 return EIO; 994 995 revarp_ifp = ifp; 996 revarp_in_progress = 1; 997 while (count--) { 998 revarprequest(ifp); 999 result = tsleep((caddr_t)&revarp_myip, PSOCK, "revarp", hz/2); 1000 if (result != EWOULDBLOCK) 1001 break; 1002 } 1003 revarp_in_progress = 0; 1004 if (!revarp_finished) 1005 return ENETUNREACH; 1006 1007 memcpy(serv_in, &revarp_srvip, sizeof(*serv_in)); 1008 memcpy(clnt_in, &revarp_myip, sizeof(*clnt_in)); 1009 return 0; 1010 } 1011 1012 /* For compatibility: only saves interface address. */ 1013 int 1014 revarpwhoami(struct in_addr *in, struct ifnet *ifp) 1015 { 1016 struct in_addr server; 1017 return (revarpwhoarewe(ifp, &server, in)); 1018 } 1019 #endif /* NFSCLIENT */ 1020 1021 #ifdef DDB 1022 1023 #include <machine/db_machdep.h> 1024 #include <ddb/db_output.h> 1025 1026 void 1027 db_print_sa(struct sockaddr *sa) 1028 { 1029 int len; 1030 u_char *p; 1031 1032 if (sa == NULL) { 1033 db_printf("[NULL]"); 1034 return; 1035 } 1036 1037 p = (u_char *)sa; 1038 len = sa->sa_len; 1039 db_printf("["); 1040 while (len > 0) { 1041 db_printf("%d", *p); 1042 p++; 1043 len--; 1044 if (len) 1045 db_printf(","); 1046 } 1047 db_printf("]\n"); 1048 } 1049 1050 void 1051 db_print_ifa(struct ifaddr *ifa) 1052 { 1053 if (ifa == NULL) 1054 return; 1055 db_printf(" ifa_addr="); 1056 db_print_sa(ifa->ifa_addr); 1057 db_printf(" ifa_dsta="); 1058 db_print_sa(ifa->ifa_dstaddr); 1059 db_printf(" ifa_mask="); 1060 db_print_sa(ifa->ifa_netmask); 1061 db_printf(" flags=0x%x, refcnt=%d, metric=%d\n", 1062 ifa->ifa_flags, ifa->ifa_refcnt, ifa->ifa_metric); 1063 } 1064 1065 void 1066 db_print_llinfo(caddr_t li) 1067 { 1068 struct llinfo_arp *la; 1069 1070 if (li == 0) 1071 return; 1072 la = (struct llinfo_arp *)li; 1073 db_printf(" la_rt=%p la_asked=0x%lx\n", la->la_rt, la->la_asked); 1074 } 1075 1076 /* 1077 * Function to pass to rn_walktree(). 1078 * Return non-zero error to abort walk. 1079 */ 1080 int 1081 db_show_radix_node(struct radix_node *rn, void *w, u_int id) 1082 { 1083 struct rtentry *rt = (struct rtentry *)rn; 1084 1085 db_printf("rtentry=%p", rt); 1086 1087 db_printf(" flags=0x%x refcnt=%d use=%llu expire=%lld rtableid=%u\n", 1088 rt->rt_flags, rt->rt_refcnt, rt->rt_use, rt->rt_expire, id); 1089 1090 db_printf(" key="); db_print_sa(rt_key(rt)); 1091 db_printf(" mask="); db_print_sa(rt_mask(rt)); 1092 db_printf(" gw="); db_print_sa(rt->rt_gateway); 1093 1094 db_printf(" ifp=%p ", rt->rt_ifp); 1095 if (rt->rt_ifp) 1096 db_printf("(%s)", rt->rt_ifp->if_xname); 1097 else 1098 db_printf("(NULL)"); 1099 1100 db_printf(" ifa=%p\n", rt->rt_ifa); 1101 db_print_ifa(rt->rt_ifa); 1102 1103 db_printf(" gwroute=%p llinfo=%p\n", rt->rt_gwroute, rt->rt_llinfo); 1104 db_print_llinfo(rt->rt_llinfo); 1105 return (0); 1106 } 1107 1108 /* 1109 * Function to print all the route trees. 1110 * Use this from ddb: "call db_show_arptab" 1111 */ 1112 int 1113 db_show_arptab(void) 1114 { 1115 struct radix_node_head *rnh; 1116 rnh = rtable_get(0, AF_INET); 1117 db_printf("Route tree for AF_INET\n"); 1118 if (rnh == NULL) { 1119 db_printf(" (not initialized)\n"); 1120 return (0); 1121 } 1122 rn_walktree(rnh, db_show_radix_node, NULL); 1123 return (0); 1124 } 1125 #endif 1126