sys/netinet/ip_input.c

*23184Smckusick/*
*23184Smckusick * Copyright (c) 1982 Regents of the University of California.
*23184Smckusick * All rights reserved.  The Berkeley software License Agreement
*23184Smckusick * specifies the terms and conditions for redistribution.
*23184Smckusick *
*23184Smckusick *	@(#)ip_input.c	6.11 (Berkeley) 06/08/85
*23184Smckusick */
4571Swnj
17060Sbloom#include "param.h"
17060Sbloom#include "systm.h"
17060Sbloom#include "mbuf.h"
17060Sbloom#include "domain.h"
17060Sbloom#include "protosw.h"
17060Sbloom#include "socket.h"
17060Sbloom#include "errno.h"
17060Sbloom#include "time.h"
17060Sbloom#include "kernel.h"
8695Sroot
8695Sroot#include "../net/if.h"
8695Sroot#include "../net/route.h"
10892Ssam
17060Sbloom#include "in.h"
17060Sbloom#include "in_pcb.h"
17060Sbloom#include "in_systm.h"
18376Skarels#include "in_var.h"
17060Sbloom#include "ip.h"
17060Sbloom#include "ip_var.h"
17060Sbloom#include "ip_icmp.h"
17060Sbloom#include "tcp.h"
4495Swnj
4898Swnju_char	ip_protox[IPPROTO_MAX];
6210Swnjint	ipqmaxlen = IFQ_MAXLEN;
18376Skarelsstruct	in_ifaddr *in_ifaddr;			/* first inet address */
4898Swnj
4801Swnj/*
5172Swnj * IP initialization: fill in IP protocol switch table.
5161Swnj * All protocols not implemented in kernel go to raw IP protocol handler.
4801Swnj */
4801Swnjip_init()
4801Swnj{
4898Swnj	register struct protosw *pr;
4898Swnj	register int i;
4495Swnj
4898Swnj	pr = pffindproto(PF_INET, IPPROTO_RAW);
4898Swnj	if (pr == 0)
4898Swnj		panic("ip_init");
4898Swnj	for (i = 0; i < IPPROTO_MAX; i++)
9030Sroot		ip_protox[i] = pr - inetsw;
9030Sroot	for (pr = inetdomain.dom_protosw;
17551Skarels	    pr < inetdomain.dom_protoswNPROTOSW; pr++)
16990Skarels		if (pr->pr_domain->dom_family == PF_INET &&
4898Swnj		    pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
9030Sroot			ip_protox[pr->pr_protocol] = pr - inetsw;
4801Swnj	ipq.next = ipq.prev = &ipq;
8172Sroot	ip_id = time.tv_sec & 0xffff;
6210Swnj	ipintrq.ifq_maxlen = ipqmaxlen;
4801Swnj}
4801Swnj
4898Swnju_char	ipcksum = 1;
4640Swnjstruct	ip *ip_reass();
6338Ssamstruct	sockaddr_in ipaddr = { AF_INET };
4640Swnj
4640Swnj/*
4640Swnj * Ip input routine.  Checksum and byte swap header.  If fragmented
4640Swnj * try to reassamble.  If complete and fragment queue exists, discard.
4640Swnj * Process options.  Pass to next level.
4640Swnj */
5084Swnjipintr()
4495Swnj{
4923Swnj	register struct ip *ip;
5084Swnj	register struct mbuf *m;
8597Sroot	struct mbuf *m0;
4640Swnj	register int i;
4495Swnj	register struct ipq *fp;
18376Skarels	register struct in_ifaddr *ia;
5084Swnj	int hlen, s;
4495Swnj
5084Swnjnext:
4640Swnj	/*
5084Swnj	 * Get next datagram off input queue and get IP header
5084Swnj	 * in first mbuf.
4640Swnj	 */
5084Swnj	s = splimp();
5084Swnj	IF_DEQUEUE(&ipintrq, m);
5084Swnj	splx(s);
5218Swnj	if (m == 0)
5084Swnj		return;
5306Sroot	if ((m->m_off > MMAXOFF || m->m_len < sizeof (struct ip)) &&
11232Ssam	    (m = m_pullup(m, sizeof (struct ip))) == 0) {
11232Ssam		ipstat.ips_toosmall++;
11232Ssam		goto next;
11232Ssam	}
4640Swnj	ip = mtod(m, struct ip *);
18376Skarels	hlen = ip->ip_hl << 2;
18376Skarels	if (hlen < 10) {	/* minimum header length */
18376Skarels		ipstat.ips_badhlen++;
21117Skarels		goto bad;
18376Skarels	}
18376Skarels	if (hlen > m->m_len) {
11232Ssam		if ((m = m_pullup(m, hlen)) == 0) {
11232Ssam			ipstat.ips_badhlen++;
11232Ssam			goto next;
11232Ssam		}
5161Swnj		ip = mtod(m, struct ip *);
5161Swnj	}
4951Swnj	if (ipcksum)
5217Swnj		if (ip->ip_sum = in_cksum(m, hlen)) {
4951Swnj			ipstat.ips_badsum++;
4951Swnj			goto bad;
4495Swnj		}
4951Swnj
4951Swnj	/*
4951Swnj	 * Convert fields to host representation.
4951Swnj	 */
4907Swnj	ip->ip_len = ntohs((u_short)ip->ip_len);
11232Ssam	if (ip->ip_len < hlen) {
11232Ssam		ipstat.ips_badlen++;
11232Ssam		goto bad;
11232Ssam	}
4640Swnj	ip->ip_id = ntohs(ip->ip_id);
4951Swnj	ip->ip_off = ntohs((u_short)ip->ip_off);
4495Swnj
4543Swnj	/*
4640Swnj	 * Check that the amount of data in the buffers
4640Swnj	 * is as at least much as the IP header would have us expect.
4640Swnj	 * Trim mbufs if longer than we expect.
4640Swnj	 * Drop packet if shorter than we expect.
4543Swnj	 */
6475Sroot	i = -ip->ip_len;
5161Swnj	m0 = m;
6475Sroot	for (;;) {
4495Swnj		i += m->m_len;
6475Sroot		if (m->m_next == 0)
6475Sroot			break;
6475Sroot		m = m->m_next;
6088Sroot	}
6475Sroot	if (i != 0) {
6475Sroot		if (i < 0) {
5161Swnj			ipstat.ips_tooshort++;
17358Skarels			m = m0;
4951Swnj			goto bad;
5161Swnj		}
6475Sroot		if (i <= m->m_len)
6475Sroot			m->m_len -= i;
6475Sroot		else
6475Sroot			m_adj(m0, -i);
4495Swnj	}
6475Sroot	m = m0;
4495Swnj
4640Swnj	/*
4640Swnj	 * Process options and, if not destined for us,
6583Ssam	 * ship it on.  ip_dooptions returns 1 when an
6583Ssam	 * error was detected (causing an icmp message
21117Skarels	 * to be sent and the original packet to be freed).
4640Swnj	 */
6583Ssam	if (hlen > sizeof (struct ip) && ip_dooptions(ip))
6583Ssam		goto next;
6210Swnj
6338Ssam	/*
18376Skarels	 * Check our list of addresses, to see if the packet is for us.
6338Ssam	 */
18376Skarels	for (ia = in_ifaddr; ia; ia = ia->ia_next) {
18376Skarels#define	satosin(sa)	((struct sockaddr_in *)(sa))
6338Ssam
18376Skarels		if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr)
18376Skarels			break;
18376Skarels		if ((ia->ia_ifp->if_flags & IFF_BROADCAST) &&
18376Skarels		    satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
18376Skarels			ip->ip_dst.s_addr)
18376Skarels			    break;
18376Skarels		/*
18376Skarels		 * Look for all-0's host part (old broadcast addr).
18376Skarels		 */
18376Skarels		if ((ia->ia_ifp->if_flags & IFF_BROADCAST) &&
18376Skarels		    ia->ia_subnet == ntohl(ip->ip_dst.s_addr))
18376Skarels			break;
6338Ssam	}
18376Skarels	if (ia == (struct in_ifaddr *)0) {
6583Ssam		ip_forward(ip);
5084Swnj		goto next;
4543Swnj	}
4495Swnj
4640Swnj	/*
4640Swnj	 * Look for queue of fragments
4640Swnj	 * of this datagram.
4640Swnj	 */
4640Swnj	for (fp = ipq.next; fp != &ipq; fp = fp->next)
4640Swnj		if (ip->ip_id == fp->ipq_id &&
4640Swnj		    ip->ip_src.s_addr == fp->ipq_src.s_addr &&
4640Swnj		    ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
4640Swnj		    ip->ip_p == fp->ipq_p)
4640Swnj			goto found;
4640Swnj	fp = 0;
4640Swnjfound:
4495Swnj
4640Swnj	/*
4640Swnj	 * Adjust ip_len to not reflect header,
4640Swnj	 * set ip_mff if more fragments are expected,
4640Swnj	 * convert offset of this to bytes.
4640Swnj	 */
4640Swnj	ip->ip_len -= hlen;
4898Swnj	((struct ipasfrag *)ip)->ipf_mff = 0;
4640Swnj	if (ip->ip_off & IP_MF)
4898Swnj		((struct ipasfrag *)ip)->ipf_mff = 1;
4640Swnj	ip->ip_off <<= 3;
4495Swnj
4640Swnj	/*
4640Swnj	 * If datagram marked as having more fragments
4640Swnj	 * or if this is not the first fragment,
4640Swnj	 * attempt reassembly; if it succeeds, proceed.
4640Swnj	 */
4898Swnj	if (((struct ipasfrag *)ip)->ipf_mff || ip->ip_off) {
4898Swnj		ip = ip_reass((struct ipasfrag *)ip, fp);
4640Swnj		if (ip == 0)
5084Swnj			goto next;
4640Swnj		hlen = ip->ip_hl << 2;
4640Swnj		m = dtom(ip);
4640Swnj	} else
4640Swnj		if (fp)
10735Ssam			ip_freef(fp);
4951Swnj
4951Swnj	/*
4951Swnj	 * Switch out to protocol's input routine.
4951Swnj	 */
9030Sroot	(*inetsw[ip_protox[ip->ip_p]].pr_input)(m);
5084Swnj	goto next;
4951Swnjbad:
4951Swnj	m_freem(m);
5084Swnj	goto next;
4640Swnj}
4495Swnj
4640Swnj/*
4640Swnj * Take incoming datagram fragment and try to
4951Swnj * reassemble it into whole datagram.  If a chain for
4640Swnj * reassembly of this datagram already exists, then it
4640Swnj * is given as fp; otherwise have to make a chain.
4640Swnj */
4640Swnjstruct ip *
4640Swnjip_reass(ip, fp)
4898Swnj	register struct ipasfrag *ip;
4640Swnj	register struct ipq *fp;
4640Swnj{
4640Swnj	register struct mbuf *m = dtom(ip);
4898Swnj	register struct ipasfrag *q;
4640Swnj	struct mbuf *t;
4640Swnj	int hlen = ip->ip_hl << 2;
4640Swnj	int i, next;
4543Swnj
4640Swnj	/*
4640Swnj	 * Presence of header sizes in mbufs
4640Swnj	 * would confuse code below.
4640Swnj	 */
4640Swnj	m->m_off += hlen;
4640Swnj	m->m_len -= hlen;
4495Swnj
4640Swnj	/*
4640Swnj	 * If first fragment to arrive, create a reassembly queue.
4640Swnj	 */
4640Swnj	if (fp == 0) {
9641Ssam		if ((t = m_get(M_WAIT, MT_FTABLE)) == NULL)
4640Swnj			goto dropfrag;
4640Swnj		fp = mtod(t, struct ipq *);
4640Swnj		insque(fp, &ipq);
4640Swnj		fp->ipq_ttl = IPFRAGTTL;
4640Swnj		fp->ipq_p = ip->ip_p;
4640Swnj		fp->ipq_id = ip->ip_id;
4898Swnj		fp->ipq_next = fp->ipq_prev = (struct ipasfrag *)fp;
4898Swnj		fp->ipq_src = ((struct ip *)ip)->ip_src;
4898Swnj		fp->ipq_dst = ((struct ip *)ip)->ip_dst;
5161Swnj		q = (struct ipasfrag *)fp;
5161Swnj		goto insert;
4640Swnj	}
4495Swnj
4640Swnj	/*
4640Swnj	 * Find a segment which begins after this one does.
4640Swnj	 */
4898Swnj	for (q = fp->ipq_next; q != (struct ipasfrag *)fp; q = q->ipf_next)
4640Swnj		if (q->ip_off > ip->ip_off)
4640Swnj			break;
4495Swnj
4640Swnj	/*
4640Swnj	 * If there is a preceding segment, it may provide some of
4640Swnj	 * our data already.  If so, drop the data from the incoming
4640Swnj	 * segment.  If it provides all of our data, drop us.
4640Swnj	 */
4898Swnj	if (q->ipf_prev != (struct ipasfrag *)fp) {
4898Swnj		i = q->ipf_prev->ip_off + q->ipf_prev->ip_len - ip->ip_off;
4640Swnj		if (i > 0) {
4640Swnj			if (i >= ip->ip_len)
4640Swnj				goto dropfrag;
4640Swnj			m_adj(dtom(ip), i);
4640Swnj			ip->ip_off += i;
4640Swnj			ip->ip_len -= i;
4640Swnj		}
4640Swnj	}
4543Swnj
4640Swnj	/*
4640Swnj	 * While we overlap succeeding segments trim them or,
4640Swnj	 * if they are completely covered, dequeue them.
4640Swnj	 */
4898Swnj	while (q != (struct ipasfrag *)fp && ip->ip_off + ip->ip_len > q->ip_off) {
4640Swnj		i = (ip->ip_off + ip->ip_len) - q->ip_off;
4640Swnj		if (i < q->ip_len) {
4640Swnj			q->ip_len -= i;
6256Sroot			q->ip_off += i;
4640Swnj			m_adj(dtom(q), i);
4640Swnj			break;
4495Swnj		}
4898Swnj		q = q->ipf_next;
4898Swnj		m_freem(dtom(q->ipf_prev));
4898Swnj		ip_deq(q->ipf_prev);
4543Swnj	}
4495Swnj
5161Swnjinsert:
4640Swnj	/*
4640Swnj	 * Stick new segment in its place;
4640Swnj	 * check for complete reassembly.
4640Swnj	 */
4898Swnj	ip_enq(ip, q->ipf_prev);
4640Swnj	next = 0;
4898Swnj	for (q = fp->ipq_next; q != (struct ipasfrag *)fp; q = q->ipf_next) {
4640Swnj		if (q->ip_off != next)
4640Swnj			return (0);
4640Swnj		next += q->ip_len;
4640Swnj	}
4898Swnj	if (q->ipf_prev->ipf_mff)
4640Swnj		return (0);
4495Swnj
4640Swnj	/*
4640Swnj	 * Reassembly is complete; concatenate fragments.
4640Swnj	 */
4640Swnj	q = fp->ipq_next;
4640Swnj	m = dtom(q);
4640Swnj	t = m->m_next;
4640Swnj	m->m_next = 0;
4640Swnj	m_cat(m, t);
6298Swnj	q = q->ipf_next;
6298Swnj	while (q != (struct ipasfrag *)fp) {
6298Swnj		t = dtom(q);
6298Swnj		q = q->ipf_next;
6298Swnj		m_cat(m, t);
6298Swnj	}
4495Swnj
4640Swnj	/*
4640Swnj	 * Create header for new ip packet by
4640Swnj	 * modifying header of first packet;
4640Swnj	 * dequeue and discard fragment reassembly header.
4640Swnj	 * Make header visible.
4640Swnj	 */
4640Swnj	ip = fp->ipq_next;
4640Swnj	ip->ip_len = next;
4898Swnj	((struct ip *)ip)->ip_src = fp->ipq_src;
4898Swnj	((struct ip *)ip)->ip_dst = fp->ipq_dst;
4640Swnj	remque(fp);
4907Swnj	(void) m_free(dtom(fp));
4640Swnj	m = dtom(ip);
4898Swnj	m->m_len += sizeof (struct ipasfrag);
4898Swnj	m->m_off -= sizeof (struct ipasfrag);
4898Swnj	return ((struct ip *)ip);
4495Swnj
4640Swnjdropfrag:
4640Swnj	m_freem(m);
4640Swnj	return (0);
4495Swnj}
4495Swnj
4640Swnj/*
4640Swnj * Free a fragment reassembly header and all
4640Swnj * associated datagrams.
4640Swnj */
4640Swnjip_freef(fp)
4640Swnj	struct ipq *fp;
4495Swnj{
10735Ssam	register struct ipasfrag *q, *p;
4495Swnj
10735Ssam	for (q = fp->ipq_next; q != (struct ipasfrag *)fp; q = p) {
10735Ssam		p = q->ipf_next;
10735Ssam		ip_deq(q);
4640Swnj		m_freem(dtom(q));
10735Ssam	}
10735Ssam	remque(fp);
10735Ssam	(void) m_free(dtom(fp));
4495Swnj}
4495Swnj
4640Swnj/*
4640Swnj * Put an ip fragment on a reassembly chain.
4640Swnj * Like insque, but pointers in middle of structure.
4640Swnj */
4640Swnjip_enq(p, prev)
4898Swnj	register struct ipasfrag *p, *prev;
4495Swnj{
4951Swnj
4898Swnj	p->ipf_prev = prev;
4898Swnj	p->ipf_next = prev->ipf_next;
4898Swnj	prev->ipf_next->ipf_prev = p;
4898Swnj	prev->ipf_next = p;
4495Swnj}
4495Swnj
4640Swnj/*
4640Swnj * To ip_enq as remque is to insque.
4640Swnj */
4640Swnjip_deq(p)
4898Swnj	register struct ipasfrag *p;
4640Swnj{
4951Swnj
4898Swnj	p->ipf_prev->ipf_next = p->ipf_next;
4898Swnj	p->ipf_next->ipf_prev = p->ipf_prev;
4495Swnj}
4495Swnj
4640Swnj/*
4640Swnj * IP timer processing;
4640Swnj * if a timer expires on a reassembly
4640Swnj * queue, discard it.
4640Swnj */
4801Swnjip_slowtimo()
4495Swnj{
4495Swnj	register struct ipq *fp;
4640Swnj	int s = splnet();
4951Swnj
5243Sroot	fp = ipq.next;
5243Sroot	if (fp == 0) {
5243Sroot		splx(s);
5243Sroot		return;
5243Sroot	}
10735Ssam	while (fp != &ipq) {
10735Ssam		--fp->ipq_ttl;
10735Ssam		fp = fp->next;
10735Ssam		if (fp->prev->ipq_ttl == 0)
10735Ssam			ip_freef(fp->prev);
10735Ssam	}
4640Swnj	splx(s);
4495Swnj}
4495Swnj
4951Swnj/*
4951Swnj * Drain off all datagram fragments.
4951Swnj */
4801Swnjip_drain()
4801Swnj{
4801Swnj
4951Swnj	while (ipq.next != &ipq)
10735Ssam		ip_freef(ipq.next);
4801Swnj}
4923Swnj
4640Swnj/*
4640Swnj * Do option processing on a datagram,
4640Swnj * possibly discarding it if bad options
4640Swnj * are encountered.
4640Swnj */
4640Swnjip_dooptions(ip)
4640Swnj	struct ip *ip;
4495Swnj{
4640Swnj	register u_char *cp;
6583Ssam	int opt, optlen, cnt, code, type;
4923Swnj	struct in_addr *sin;
4801Swnj	register struct ip_timestamp *ipt;
18376Skarels	register struct ifaddr *ifa;
4951Swnj	struct in_addr t;
4495Swnj
4640Swnj	cp = (u_char *)(ip + 1);
4640Swnj	cnt = (ip->ip_hl << 2) - sizeof (struct ip);
4640Swnj	for (; cnt > 0; cnt -= optlen, cp += optlen) {
4640Swnj		opt = cp[0];
4640Swnj		if (opt == IPOPT_EOL)
4640Swnj			break;
4640Swnj		if (opt == IPOPT_NOP)
4640Swnj			optlen = 1;
16392Ssam		else {
4640Swnj			optlen = cp[1];
17551Skarels			if (optlen <= 0 || optlen >= cnt)
17551Skarels				goto bad;
16392Ssam		}
4640Swnj		switch (opt) {
4495Swnj
4640Swnj		default:
4640Swnj			break;
4495Swnj
4951Swnj		/*
4951Swnj		 * Source routing with record.
4951Swnj		 * Find interface with current destination address.
4951Swnj		 * If none on this machine then drop if strictly routed,
4951Swnj		 * or do nothing if loosely routed.
4951Swnj		 * Record interface address and bring up next address
4951Swnj		 * component.  If strictly routed make sure next
4951Swnj		 * address on directly accessible net.
4951Swnj		 */
4640Swnj		case IPOPT_LSRR:
7508Sroot		case IPOPT_SSRR:
4801Swnj			if (cp[2] < 4 || cp[2] > optlen - (sizeof (long) - 1))
4640Swnj				break;
4923Swnj			sin = (struct in_addr *)(cp + cp[2]);
6338Ssam			ipaddr.sin_addr = *sin;
18376Skarels			ifa = ifa_ifwithaddr((struct sockaddr *)&ipaddr);
6583Ssam			type = ICMP_UNREACH, code = ICMP_UNREACH_SRCFAIL;
18376Skarels			if (ifa == 0) {
4951Swnj				if (opt == IPOPT_SSRR)
4951Swnj					goto bad;
4951Swnj				break;
4640Swnj			}
4951Swnj			t = ip->ip_dst; ip->ip_dst = *sin; *sin = t;
4951Swnj			cp[2] += 4;
4951Swnj			if (cp[2] > optlen - (sizeof (long) - 1))
4951Swnj				break;
4951Swnj			ip->ip_dst = sin[1];
6338Ssam			if (opt == IPOPT_SSRR &&
18376Skarels			    in_iaonnetof(in_netof(ip->ip_dst)) == 0)
4951Swnj				goto bad;
4640Swnj			break;
4495Swnj
4640Swnj		case IPOPT_TS:
6583Ssam			code = cp - (u_char *)ip;
6583Ssam			type = ICMP_PARAMPROB;
4801Swnj			ipt = (struct ip_timestamp *)cp;
4801Swnj			if (ipt->ipt_len < 5)
4640Swnj				goto bad;
4801Swnj			if (ipt->ipt_ptr > ipt->ipt_len - sizeof (long)) {
4801Swnj				if (++ipt->ipt_oflw == 0)
4640Swnj					goto bad;
4495Swnj				break;
4640Swnj			}
4923Swnj			sin = (struct in_addr *)(cp+cp[2]);
4801Swnj			switch (ipt->ipt_flg) {
4495Swnj
4640Swnj			case IPOPT_TS_TSONLY:
4640Swnj				break;
4640Swnj
4640Swnj			case IPOPT_TS_TSANDADDR:
4801Swnj				if (ipt->ipt_ptr + 8 > ipt->ipt_len)
4640Swnj					goto bad;
18376Skarels				if (in_ifaddr == 0)
6338Ssam					goto bad;	/* ??? */
18376Skarels				*sin++ = IA_SIN(in_ifaddr)->sin_addr;
4640Swnj				break;
4640Swnj
4640Swnj			case IPOPT_TS_PRESPEC:
6338Ssam				ipaddr.sin_addr = *sin;
18376Skarels				if (ifa_ifwithaddr((struct sockaddr *)&ipaddr) == 0)
4951Swnj					continue;
4801Swnj				if (ipt->ipt_ptr + 8 > ipt->ipt_len)
4640Swnj					goto bad;
4801Swnj				ipt->ipt_ptr += 4;
4640Swnj				break;
4640Swnj
4495Swnj			default:
4640Swnj				goto bad;
4495Swnj			}
4923Swnj			*(n_time *)sin = iptime();
4801Swnj			ipt->ipt_ptr += 4;
4640Swnj		}
4495Swnj	}
6583Ssam	return (0);
4640Swnjbad:
6583Ssam	icmp_error(ip, type, code);
6583Ssam	return (1);
4495Swnj}
4495Swnj
4640Swnj/*
4951Swnj * Strip out IP options, at higher
4951Swnj * level protocol in the kernel.
4951Swnj * Second argument is buffer to which options
4951Swnj * will be moved, and return value is their length.
4640Swnj */
5217Swnjip_stripoptions(ip, mopt)
4640Swnj	struct ip *ip;
5217Swnj	struct mbuf *mopt;
4495Swnj{
4640Swnj	register int i;
4640Swnj	register struct mbuf *m;
4640Swnj	int olen;
4640Swnj
4640Swnj	olen = (ip->ip_hl<<2) - sizeof (struct ip);
4951Swnj	m = dtom(ip);
4951Swnj	ip++;
5217Swnj	if (mopt) {
5217Swnj		mopt->m_len = olen;
5217Swnj		mopt->m_off = MMINOFF;
16544Skarels		bcopy((caddr_t)ip, mtod(mopt, caddr_t), (unsigned)olen);
5217Swnj	}
4640Swnj	i = m->m_len - (sizeof (struct ip) + olen);
4907Swnj	bcopy((caddr_t)ip+olen, (caddr_t)ip, (unsigned)i);
5243Sroot	m->m_len -= olen;
4495Swnj}
6583Ssam
14670Ssamu_char inetctlerrmap[PRC_NCMDS] = {
6583Ssam	ECONNABORTED,	ECONNABORTED,	0,		0,
14670Ssam	0,		0,		EHOSTDOWN,	EHOSTUNREACH,
14670Ssam	ENETUNREACH,	EHOSTUNREACH,	ECONNREFUSED,	ECONNREFUSED,
14670Ssam	EMSGSIZE,	0,		0,		0,
6583Ssam	0,		0,		0,		0
6583Ssam};
6583Ssam
6583Ssamint	ipprintfs = 0;
6583Ssamint	ipforwarding = 1;
6583Ssam/*
6583Ssam * Forward a packet.  If some error occurs return the sender
18376Skarels * an icmp packet.  Note we can't always generate a meaningful
6583Ssam * icmp message because icmp doesn't have a large enough repetoire
6583Ssam * of codes and types.
6583Ssam */
6583Ssamip_forward(ip)
6583Ssam	register struct ip *ip;
6583Ssam{
6583Ssam	register int error, type, code;
18376Skarels	struct mbuf *mcopy;
6583Ssam
6583Ssam	if (ipprintfs)
6583Ssam		printf("forward: src %x dst %x ttl %x\n", ip->ip_src,
6583Ssam			ip->ip_dst, ip->ip_ttl);
18376Skarels	ip->ip_id = htons(ip->ip_id);
6583Ssam	if (ipforwarding == 0) {
6583Ssam		/* can't tell difference between net and host */
6583Ssam		type = ICMP_UNREACH, code = ICMP_UNREACH_NET;
6583Ssam		goto sendicmp;
6583Ssam	}
6583Ssam	if (ip->ip_ttl < IPTTLDEC) {
6583Ssam		type = ICMP_TIMXCEED, code = ICMP_TIMXCEED_INTRANS;
6583Ssam		goto sendicmp;
6583Ssam	}
6583Ssam	ip->ip_ttl -= IPTTLDEC;
6609Ssam
6609Ssam	/*
6609Ssam	 * Save at most 64 bytes of the packet in case
6609Ssam	 * we need to generate an ICMP message to the src.
6609Ssam	 */
7843Sroot	mcopy = m_copy(dtom(ip), 0, imin(ip->ip_len, 64));
6583Ssam
18376Skarels	error = ip_output(dtom(ip), (struct mbuf *)0, (struct route *)0,
18376Skarels		IP_FORWARDING);
11540Ssam	if (error == 0) {
6609Ssam		if (mcopy)
6609Ssam			m_freem(mcopy);
21117Skarels		ipstat.ips_forward++;
6583Ssam		return;
6609Ssam	}
21117Skarels	ipstat.ips_cantforward++;
11540Ssam	if (mcopy == NULL)
11540Ssam		return;
6609Ssam	ip = mtod(mcopy, struct ip *);
6609Ssam	type = ICMP_UNREACH, code = 0;		/* need ``undefined'' */
6609Ssam	switch (error) {
6609Ssam
6609Ssam	case ENETUNREACH:
6609Ssam	case ENETDOWN:
6583Ssam		code = ICMP_UNREACH_NET;
6609Ssam		break;
6609Ssam
6609Ssam	case EMSGSIZE:
6583Ssam		code = ICMP_UNREACH_NEEDFRAG;
6609Ssam		break;
6609Ssam
6609Ssam	case EPERM:
6609Ssam		code = ICMP_UNREACH_PORT;
6609Ssam		break;
6609Ssam
6609Ssam	case ENOBUFS:
6609Ssam		type = ICMP_SOURCEQUENCH;
6609Ssam		break;
6609Ssam
6609Ssam	case EHOSTDOWN:
6609Ssam	case EHOSTUNREACH:
6609Ssam		code = ICMP_UNREACH_HOST;
6609Ssam		break;
6609Ssam	}
6583Ssamsendicmp:
6583Ssam	icmp_error(ip, type, code);
6583Ssam}