1 /* 2 * Copyright (c) 1982, 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)if_ethersubr.c 8.1 (Berkeley) 6/10/93 34 * $FreeBSD: src/sys/net/if_ethersubr.c,v 1.70.2.33 2003/04/28 15:45:53 archie Exp $ 35 * $DragonFly: src/sys/net/if_ethersubr.c,v 1.17 2004/07/17 09:43:05 joerg Exp $ 36 */ 37 38 #include "opt_atalk.h" 39 #include "opt_inet.h" 40 #include "opt_inet6.h" 41 #include "opt_ipx.h" 42 #include "opt_bdg.h" 43 #include "opt_netgraph.h" 44 45 #include <sys/param.h> 46 #include <sys/systm.h> 47 #include <sys/kernel.h> 48 #include <sys/malloc.h> 49 #include <sys/mbuf.h> 50 #include <sys/socket.h> 51 #include <sys/sockio.h> 52 #include <sys/sysctl.h> 53 54 #include <net/if.h> 55 #include <net/netisr.h> 56 #include <net/route.h> 57 #include <net/if_llc.h> 58 #include <net/if_dl.h> 59 #include <net/if_types.h> 60 #include <net/bpf.h> 61 #include <net/ethernet.h> 62 #include <net/bridge/bridge.h> 63 64 #if defined(INET) || defined(INET6) 65 #include <netinet/in.h> 66 #include <netinet/in_var.h> 67 #include <netinet/if_ether.h> 68 #include <net/ipfw/ip_fw.h> 69 #include <net/dummynet/ip_dummynet.h> 70 #endif 71 #ifdef INET6 72 #include <netinet6/nd6.h> 73 #endif 74 75 #ifdef IPX 76 #include <netproto/ipx/ipx.h> 77 #include <netproto/ipx/ipx_if.h> 78 int (*ef_inputp)(struct ifnet*, struct ether_header *eh, struct mbuf *m); 79 int (*ef_outputp)(struct ifnet *ifp, struct mbuf **mp, 80 struct sockaddr *dst, short *tp, int *hlen); 81 #endif 82 83 #ifdef NS 84 #include <netns/ns.h> 85 #include <netns/ns_if.h> 86 ushort ns_nettype; 87 int ether_outputdebug = 0; 88 int ether_inputdebug = 0; 89 #endif 90 91 #ifdef NETATALK 92 #include <netproto/atalk/at.h> 93 #include <netproto/atalk/at_var.h> 94 #include <netproto/atalk/at_extern.h> 95 96 #define llc_snap_org_code llc_un.type_snap.org_code 97 #define llc_snap_ether_type llc_un.type_snap.ether_type 98 99 extern u_char at_org_code[3]; 100 extern u_char aarp_org_code[3]; 101 #endif /* NETATALK */ 102 103 /* netgraph node hooks for ng_ether(4) */ 104 void (*ng_ether_input_p)(struct ifnet *ifp, 105 struct mbuf **mp, struct ether_header *eh); 106 void (*ng_ether_input_orphan_p)(struct ifnet *ifp, 107 struct mbuf *m, struct ether_header *eh); 108 int (*ng_ether_output_p)(struct ifnet *ifp, struct mbuf **mp); 109 void (*ng_ether_attach_p)(struct ifnet *ifp); 110 void (*ng_ether_detach_p)(struct ifnet *ifp); 111 112 int (*vlan_input_p)(struct ether_header *eh, struct mbuf *m); 113 int (*vlan_input_tag_p)(struct ether_header *eh, struct mbuf *m, 114 u_int16_t t); 115 116 /* bridge support */ 117 int do_bridge; 118 bridge_in_t *bridge_in_ptr; 119 bdg_forward_t *bdg_forward_ptr; 120 bdgtakeifaces_t *bdgtakeifaces_ptr; 121 struct bdg_softc *ifp2sc; 122 123 static int ether_resolvemulti(struct ifnet *, struct sockaddr **, 124 struct sockaddr *); 125 const uint8_t etherbroadcastaddr[ETHER_ADDR_LEN] = { 126 0xff, 0xff, 0xff, 0xff, 0xff, 0xff 127 }; 128 129 #define senderr(e) do { error = (e); goto bad;} while (0) 130 #define IFP2AC(IFP) ((struct arpcom *)IFP) 131 132 int 133 ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, 134 struct ip_fw **rule, struct ether_header *eh, int shared); 135 static int ether_ipfw; 136 137 /* 138 * Ethernet output routine. 139 * Encapsulate a packet of type family for the local net. 140 * Use trailer local net encapsulation if enough data in first 141 * packet leaves a multiple of 512 bytes of data in remainder. 142 * Assumes that ifp is actually pointer to arpcom structure. 143 */ 144 int 145 ether_output(ifp, m, dst, rt0) 146 struct ifnet *ifp; 147 struct mbuf *m; 148 struct sockaddr *dst; 149 struct rtentry *rt0; 150 { 151 short type; 152 int error = 0, hdrcmplt = 0; 153 u_char esrc[6], edst[6]; 154 struct rtentry *rt; 155 struct ether_header *eh; 156 int loop_copy = 0; 157 int hlen; /* link layer header lenght */ 158 struct arpcom *ac = IFP2AC(ifp); 159 160 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) 161 senderr(ENETDOWN); 162 rt = rt0; 163 if (rt) { 164 if ((rt->rt_flags & RTF_UP) == 0) { 165 rt0 = rt = rtalloc1(dst, 1, 0UL); 166 if (rt0) 167 rt->rt_refcnt--; 168 else 169 senderr(EHOSTUNREACH); 170 } 171 if (rt->rt_flags & RTF_GATEWAY) { 172 if (rt->rt_gwroute == 0) 173 goto lookup; 174 if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) { 175 rtfree(rt); rt = rt0; 176 lookup: rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1, 177 0UL); 178 if ((rt = rt->rt_gwroute) == 0) 179 senderr(EHOSTUNREACH); 180 } 181 } 182 if (rt->rt_flags & RTF_REJECT) 183 if (rt->rt_rmx.rmx_expire == 0 || 184 time_second < rt->rt_rmx.rmx_expire) 185 senderr(rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 186 } 187 hlen = ETHER_HDR_LEN; 188 switch (dst->sa_family) { 189 #ifdef INET 190 case AF_INET: 191 if (!arpresolve(ifp, rt, m, dst, edst, rt0)) 192 return (0); /* if not yet resolved */ 193 type = htons(ETHERTYPE_IP); 194 break; 195 #endif 196 #ifdef INET6 197 case AF_INET6: 198 if (!nd6_storelladdr(&ac->ac_if, rt, m, dst, (u_char *)edst)) { 199 /* Something bad happened */ 200 return(0); 201 } 202 type = htons(ETHERTYPE_IPV6); 203 break; 204 #endif 205 #ifdef IPX 206 case AF_IPX: 207 if (ef_outputp) { 208 error = ef_outputp(ifp, &m, dst, &type, &hlen); 209 if (error) 210 goto bad; 211 } else 212 type = htons(ETHERTYPE_IPX); 213 bcopy((caddr_t)&(((struct sockaddr_ipx *)dst)->sipx_addr.x_host), 214 (caddr_t)edst, sizeof (edst)); 215 break; 216 #endif 217 #ifdef NETATALK 218 case AF_APPLETALK: 219 { 220 struct at_ifaddr *aa; 221 222 if ((aa = at_ifawithnet((struct sockaddr_at *)dst)) == NULL) { 223 goto bad; 224 } 225 if (!aarpresolve(ac, m, (struct sockaddr_at *)dst, edst)) 226 return (0); 227 /* 228 * In the phase 2 case, need to prepend an mbuf for the llc header. 229 * Since we must preserve the value of m, which is passed to us by 230 * value, we m_copy() the first mbuf, and use it for our llc header. 231 */ 232 if ( aa->aa_flags & AFA_PHASE2 ) { 233 struct llc llc; 234 235 M_PREPEND(m, sizeof(struct llc), MB_WAIT); 236 llc.llc_dsap = llc.llc_ssap = LLC_SNAP_LSAP; 237 llc.llc_control = LLC_UI; 238 bcopy(at_org_code, llc.llc_snap_org_code, sizeof(at_org_code)); 239 llc.llc_snap_ether_type = htons( ETHERTYPE_AT ); 240 bcopy(&llc, mtod(m, caddr_t), sizeof(struct llc)); 241 type = htons(m->m_pkthdr.len); 242 hlen = sizeof(struct llc) + ETHER_HDR_LEN; 243 } else { 244 type = htons(ETHERTYPE_AT); 245 } 246 break; 247 } 248 #endif /* NETATALK */ 249 #ifdef NS 250 case AF_NS: 251 switch(ns_nettype){ 252 default: 253 case 0x8137: /* Novell Ethernet_II Ethernet TYPE II */ 254 type = 0x8137; 255 break; 256 case 0x0: /* Novell 802.3 */ 257 type = htons( m->m_pkthdr.len); 258 break; 259 case 0xe0e0: /* Novell 802.2 and Token-Ring */ 260 M_PREPEND(m, 3, MB_WAIT); 261 type = htons( m->m_pkthdr.len); 262 cp = mtod(m, u_char *); 263 *cp++ = 0xE0; 264 *cp++ = 0xE0; 265 *cp++ = 0x03; 266 break; 267 } 268 bcopy((caddr_t)&(((struct sockaddr_ns *)dst)->sns_addr.x_host), 269 (caddr_t)edst, sizeof (edst)); 270 /* 271 * XXX if ns_thishost is the same as the node's ethernet 272 * address then just the default code will catch this anyhow. 273 * So I'm not sure if this next clause should be here at all? 274 * [JRE] 275 */ 276 if (!bcmp((caddr_t)edst, (caddr_t)&ns_thishost, sizeof(edst))){ 277 m->m_pkthdr.rcvif = ifp; 278 netisr_dispatch(NETISR_NS, m); 279 return (error); 280 } 281 if (!bcmp((caddr_t)edst, (caddr_t)&ns_broadhost, sizeof(edst))){ 282 m->m_flags |= M_BCAST; 283 } 284 break; 285 #endif /* NS */ 286 287 case pseudo_AF_HDRCMPLT: 288 hdrcmplt = 1; 289 eh = (struct ether_header *)dst->sa_data; 290 (void)memcpy(esrc, eh->ether_shost, sizeof (esrc)); 291 /* FALLTHROUGH */ 292 293 case AF_UNSPEC: 294 loop_copy = -1; /* if this is for us, don't do it */ 295 eh = (struct ether_header *)dst->sa_data; 296 (void)memcpy(edst, eh->ether_dhost, sizeof (edst)); 297 type = eh->ether_type; 298 break; 299 300 default: 301 printf("%s: can't handle af%d\n", ifp->if_xname, 302 dst->sa_family); 303 senderr(EAFNOSUPPORT); 304 } 305 306 /* 307 * Add local net header. If no space in first mbuf, 308 * allocate another. 309 */ 310 M_PREPEND(m, sizeof (struct ether_header), MB_DONTWAIT); 311 if (m == 0) 312 senderr(ENOBUFS); 313 eh = mtod(m, struct ether_header *); 314 (void)memcpy(&eh->ether_type, &type, 315 sizeof(eh->ether_type)); 316 (void)memcpy(eh->ether_dhost, edst, sizeof (edst)); 317 if (hdrcmplt) 318 (void)memcpy(eh->ether_shost, esrc, 319 sizeof(eh->ether_shost)); 320 else 321 (void)memcpy(eh->ether_shost, ac->ac_enaddr, 322 sizeof(eh->ether_shost)); 323 324 /* 325 * If a simplex interface, and the packet is being sent to our 326 * Ethernet address or a broadcast address, loopback a copy. 327 * XXX To make a simplex device behave exactly like a duplex 328 * device, we should copy in the case of sending to our own 329 * ethernet address (thus letting the original actually appear 330 * on the wire). However, we don't do that here for security 331 * reasons and compatibility with the original behavior. 332 */ 333 if ((ifp->if_flags & IFF_SIMPLEX) && (loop_copy != -1)) { 334 int csum_flags = 0; 335 336 if (m->m_pkthdr.csum_flags & CSUM_IP) 337 csum_flags |= (CSUM_IP_CHECKED|CSUM_IP_VALID); 338 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) 339 csum_flags |= (CSUM_DATA_VALID|CSUM_PSEUDO_HDR); 340 if ((m->m_flags & M_BCAST) || (loop_copy > 0)) { 341 struct mbuf *n; 342 343 if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) { 344 n->m_pkthdr.csum_flags |= csum_flags; 345 if (csum_flags & CSUM_DATA_VALID) 346 n->m_pkthdr.csum_data = 0xffff; 347 (void)if_simloop(ifp, n, dst->sa_family, hlen); 348 } else 349 ifp->if_iqdrops++; 350 } else if (bcmp(eh->ether_dhost, 351 eh->ether_shost, ETHER_ADDR_LEN) == 0) { 352 m->m_pkthdr.csum_flags |= csum_flags; 353 if (csum_flags & CSUM_DATA_VALID) 354 m->m_pkthdr.csum_data = 0xffff; 355 (void) if_simloop(ifp, m, dst->sa_family, hlen); 356 return (0); /* XXX */ 357 } 358 } 359 360 /* Handle ng_ether(4) processing, if any */ 361 if (ng_ether_output_p != NULL) { 362 if ((error = (*ng_ether_output_p)(ifp, &m)) != 0) { 363 bad: if (m != NULL) 364 m_freem(m); 365 return (error); 366 } 367 if (m == NULL) 368 return (0); 369 } 370 371 /* Continue with link-layer output */ 372 return ether_output_frame(ifp, m); 373 } 374 375 /* 376 * Ethernet link layer output routine to send a raw frame to the device. 377 * 378 * This assumes that the 14 byte Ethernet header is present and contiguous 379 * in the first mbuf (if BRIDGE'ing). 380 */ 381 int 382 ether_output_frame(ifp, m) 383 struct ifnet *ifp; 384 struct mbuf *m; 385 { 386 int error = 0; 387 int s; 388 struct ip_fw *rule = NULL; 389 390 /* Extract info from dummynet tag, ignore others */ 391 for (; m->m_type == MT_TAG; m = m->m_next) 392 if (m->m_flags == PACKET_TAG_DUMMYNET) 393 rule = ((struct dn_pkt *)m)->rule; 394 395 if (rule) /* packet was already bridged */ 396 goto no_bridge; 397 398 if (BDG_ACTIVE(ifp) ) { 399 struct ether_header *eh; /* a ptr suffices */ 400 401 m->m_pkthdr.rcvif = NULL; 402 eh = mtod(m, struct ether_header *); 403 m_adj(m, ETHER_HDR_LEN); 404 m = bdg_forward_ptr(m, eh, ifp); 405 if (m != NULL) 406 m_freem(m); 407 return (0); 408 } 409 410 no_bridge: 411 s = splimp(); 412 if (IPFW_LOADED && ether_ipfw != 0) { 413 struct ether_header save_eh, *eh; 414 415 eh = mtod(m, struct ether_header *); 416 save_eh = *eh; 417 m_adj(m, ETHER_HDR_LEN); 418 if (ether_ipfw_chk(&m, ifp, &rule, eh, 0) == 0) { 419 if (m) { 420 m_freem(m); 421 return ENOBUFS; /* pkt dropped */ 422 } else 423 return 0; /* consumed e.g. in a pipe */ 424 } 425 /* packet was ok, restore the ethernet header */ 426 if ( (void *)(eh + 1) == (void *)m->m_data) { 427 m->m_data -= ETHER_HDR_LEN ; 428 m->m_len += ETHER_HDR_LEN ; 429 m->m_pkthdr.len += ETHER_HDR_LEN ; 430 } else { 431 M_PREPEND(m, ETHER_HDR_LEN, MB_DONTWAIT); 432 if (m == NULL) /* nope... */ 433 return ENOBUFS; 434 bcopy(&save_eh, mtod(m, struct ether_header *), 435 ETHER_HDR_LEN); 436 } 437 } 438 439 /* 440 * Queue message on interface, update output statistics if 441 * successful, and start output if interface not yet active. 442 */ 443 if (!IF_HANDOFF(&ifp->if_snd, m, ifp)) 444 error = ENOBUFS; 445 splx(s); 446 return (error); 447 } 448 449 /* 450 * ipfw processing for ethernet packets (in and out). 451 * The second parameter is NULL from ether_demux, and ifp from 452 * ether_output_frame. This section of code could be used from 453 * bridge.c as well as long as we use some extra info 454 * to distinguish that case from ether_output_frame(); 455 */ 456 int 457 ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, 458 struct ip_fw **rule, struct ether_header *eh, int shared) 459 { 460 struct ether_header save_eh = *eh; /* might be a ptr in m */ 461 int i; 462 struct ip_fw_args args; 463 464 if (*rule != NULL && fw_one_pass) 465 return 1; /* dummynet packet, already partially processed */ 466 467 /* 468 * I need some amt of data to be contiguous, and in case others need 469 * the packet (shared==1) also better be in the first mbuf. 470 */ 471 i = min( (*m0)->m_pkthdr.len, max_protohdr); 472 if ( shared || (*m0)->m_len < i) { 473 *m0 = m_pullup(*m0, i); 474 if (*m0 == NULL) 475 return 0; 476 } 477 478 args.m = *m0; /* the packet we are looking at */ 479 args.oif = dst; /* destination, if any */ 480 args.divert_rule = 0; /* we do not support divert yet */ 481 args.rule = *rule; /* matching rule to restart */ 482 args.next_hop = NULL; /* we do not support forward yet */ 483 args.eh = &save_eh; /* MAC header for bridged/MAC packets */ 484 i = ip_fw_chk_ptr(&args); 485 *m0 = args.m; 486 *rule = args.rule; 487 488 if ( (i & IP_FW_PORT_DENY_FLAG) || *m0 == NULL) /* drop */ 489 return 0; 490 491 if (i == 0) /* a PASS rule. */ 492 return 1; 493 494 if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG)) { 495 /* 496 * Pass the pkt to dummynet, which consumes it. 497 * If shared, make a copy and keep the original. 498 */ 499 struct mbuf *m ; 500 501 if (shared) { 502 m = m_copypacket(*m0, MB_DONTWAIT); 503 if (m == NULL) 504 return 0; 505 } else { 506 m = *m0 ; /* pass the original to dummynet */ 507 *m0 = NULL ; /* and nothing back to the caller */ 508 } 509 /* 510 * Prepend the header, optimize for the common case of 511 * eh pointing into the mbuf. 512 */ 513 if ( (void *)(eh + 1) == (void *)m->m_data) { 514 m->m_data -= ETHER_HDR_LEN ; 515 m->m_len += ETHER_HDR_LEN ; 516 m->m_pkthdr.len += ETHER_HDR_LEN ; 517 } else { 518 M_PREPEND(m, ETHER_HDR_LEN, MB_DONTWAIT); 519 if (m == NULL) /* nope... */ 520 return 0; 521 bcopy(&save_eh, mtod(m, struct ether_header *), 522 ETHER_HDR_LEN); 523 } 524 ip_dn_io_ptr(m, (i & 0xffff), 525 dst ? DN_TO_ETH_OUT: DN_TO_ETH_DEMUX, &args); 526 return 0; 527 } 528 /* 529 * XXX at some point add support for divert/forward actions. 530 * If none of the above matches, we have to drop the pkt. 531 */ 532 return 0; 533 } 534 535 /* 536 * Process a received Ethernet packet. We have two different interfaces: 537 * one (conventional) assumes the packet in the mbuf, with the ethernet 538 * header provided separately in *eh. The second one (new) has everything 539 * in the mbuf, and we can tell it because eh == NULL. 540 * The caller MUST MAKE SURE that there are at least 541 * sizeof(struct ether_header) bytes in the first mbuf. 542 * 543 * This allows us to concentrate in one place a bunch of code which 544 * is replicated in all device drivers. Also, many functions called 545 * from ether_input() try to put the eh back into the mbuf, so we 546 * can later propagate the 'contiguous packet' interface to them, 547 * and handle the old interface just here. 548 * 549 * NOTA BENE: for many drivers "eh" is a pointer into the first mbuf or 550 * cluster, right before m_data. So be very careful when working on m, 551 * as you could destroy *eh !! 552 * 553 * First we perform any link layer operations, then continue 554 * to the upper layers with ether_demux(). 555 */ 556 void 557 ether_input(struct ifnet *ifp, struct ether_header *eh, struct mbuf *m) 558 { 559 struct ether_header save_eh; 560 561 if (eh == NULL) { 562 if (m->m_len < sizeof(struct ether_header)) { 563 /* XXX error in the caller. */ 564 m_freem(m); 565 return; 566 } 567 m->m_pkthdr.rcvif = ifp; 568 eh = mtod(m, struct ether_header *); 569 m->m_data += sizeof(struct ether_header); 570 m->m_len -= sizeof(struct ether_header); 571 m->m_pkthdr.len = m->m_len; 572 } 573 574 /* Check for a BPF tap */ 575 if (ifp->if_bpf != NULL) { 576 struct m_hdr mh; 577 578 /* This kludge is OK; BPF treats the "mbuf" as read-only */ 579 mh.mh_next = m; 580 mh.mh_data = (char *)eh; 581 mh.mh_len = ETHER_HDR_LEN; 582 bpf_mtap(ifp, (struct mbuf *)&mh); 583 } 584 585 ifp->if_ibytes += m->m_pkthdr.len + sizeof (*eh); 586 587 /* Handle ng_ether(4) processing, if any */ 588 if (ng_ether_input_p != NULL) { 589 (*ng_ether_input_p)(ifp, &m, eh); 590 if (m == NULL) 591 return; 592 } 593 594 /* Check for bridging mode */ 595 if (BDG_ACTIVE(ifp) ) { 596 struct ifnet *bif; 597 598 /* Check with bridging code */ 599 if ((bif = bridge_in_ptr(ifp, eh)) == BDG_DROP) { 600 m_freem(m); 601 return; 602 } 603 if (bif != BDG_LOCAL) { 604 save_eh = *eh ; /* because it might change */ 605 m = bdg_forward_ptr(m, eh, bif); /* needs forwarding */ 606 /* 607 * Do not continue if bdg_forward_ptr() processed our 608 * packet (and cleared the mbuf pointer m) or if 609 * it dropped (m_free'd) the packet itself. 610 */ 611 if (m == NULL) { 612 if (bif == BDG_BCAST || bif == BDG_MCAST) 613 printf("bdg_forward drop MULTICAST PKT\n"); 614 return; 615 } 616 eh = &save_eh ; 617 } 618 if (bif == BDG_LOCAL 619 || bif == BDG_BCAST 620 || bif == BDG_MCAST) 621 goto recvLocal; /* receive locally */ 622 623 /* If not local and not multicast, just drop it */ 624 if (m != NULL) 625 m_freem(m); 626 return; 627 } 628 629 recvLocal: 630 /* Continue with upper layer processing */ 631 ether_demux(ifp, eh, m); 632 } 633 634 /* 635 * Upper layer processing for a received Ethernet packet. 636 */ 637 void 638 ether_demux(ifp, eh, m) 639 struct ifnet *ifp; 640 struct ether_header *eh; 641 struct mbuf *m; 642 { 643 int isr; 644 u_short ether_type; 645 #if defined(NETATALK) 646 struct llc *l; 647 #endif 648 struct ip_fw *rule = NULL; 649 650 /* Extract info from dummynet tag, ignore others */ 651 for (;m->m_type == MT_TAG; m = m->m_next) 652 if (m->m_flags == PACKET_TAG_DUMMYNET) { 653 rule = ((struct dn_pkt *)m)->rule; 654 ifp = m->m_next->m_pkthdr.rcvif; 655 } 656 657 if (rule) /* packet was already bridged */ 658 goto post_stats; 659 660 if (! (BDG_ACTIVE(ifp) ) ) 661 /* Discard packet if upper layers shouldn't see it because it was 662 unicast to a different Ethernet address. If the driver is working 663 properly, then this situation can only happen when the interface 664 is in promiscuous mode. */ 665 if ((ifp->if_flags & IFF_PROMISC) != 0 666 && (eh->ether_dhost[0] & 1) == 0 667 && bcmp(eh->ether_dhost, 668 IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0 669 && (ifp->if_flags & IFF_PPROMISC) == 0) { 670 m_freem(m); 671 return; 672 } 673 674 /* Discard packet if interface is not up */ 675 if ((ifp->if_flags & IFF_UP) == 0) { 676 m_freem(m); 677 return; 678 } 679 if (eh->ether_dhost[0] & 1) { 680 if (bcmp(ifp->if_broadcastaddr, eh->ether_dhost, 681 ifp->if_addrlen) == 0) 682 m->m_flags |= M_BCAST; 683 else 684 m->m_flags |= M_MCAST; 685 } 686 if (m->m_flags & (M_BCAST|M_MCAST)) 687 ifp->if_imcasts++; 688 689 post_stats: 690 if (IPFW_LOADED && ether_ipfw != 0) { 691 if (ether_ipfw_chk(&m, NULL, &rule, eh, 0 ) == 0) { 692 if (m) 693 m_freem(m); 694 return; 695 } 696 } 697 698 ether_type = ntohs(eh->ether_type); 699 700 switch (ether_type) { 701 #ifdef INET 702 case ETHERTYPE_IP: 703 if (ipflow_fastforward(m)) 704 return; 705 isr = NETISR_IP; 706 break; 707 708 case ETHERTYPE_ARP: 709 if (ifp->if_flags & IFF_NOARP) { 710 /* Discard packet if ARP is disabled on interface */ 711 m_freem(m); 712 return; 713 } 714 isr = NETISR_ARP; 715 break; 716 #endif 717 #ifdef IPX 718 case ETHERTYPE_IPX: 719 if (ef_inputp && ef_inputp(ifp, eh, m) == 0) 720 return; 721 isr = NETISR_IPX; 722 break; 723 #endif 724 #ifdef INET6 725 case ETHERTYPE_IPV6: 726 isr = NETISR_IPV6; 727 break; 728 #endif 729 #ifdef NS 730 case 0x8137: /* Novell Ethernet_II Ethernet TYPE II */ 731 isr = NETISR_NS; 732 break; 733 734 #endif /* NS */ 735 #ifdef NETATALK 736 case ETHERTYPE_AT: 737 isr = NETISR_ATALK1; 738 break; 739 case ETHERTYPE_AARP: 740 isr = NETISR_AARP; 741 break; 742 #endif /* NETATALK */ 743 case ETHERTYPE_VLAN: 744 /* XXX lock ? */ 745 if (vlan_input_p != NULL) 746 (*vlan_input_p)(eh, m); 747 else { 748 m->m_pkthdr.rcvif->if_noproto++; 749 m_freem(m); 750 } 751 /* XXX unlock ? */ 752 return; 753 default: 754 #ifdef IPX 755 if (ef_inputp && ef_inputp(ifp, eh, m) == 0) 756 return; 757 #endif /* IPX */ 758 #ifdef NS 759 checksum = mtod(m, ushort *); 760 /* Novell 802.3 */ 761 if ((ether_type <= ETHERMTU) && 762 ((*checksum == 0xffff) || (*checksum == 0xE0E0))) { 763 if (*checksum == 0xE0E0) { 764 m->m_pkthdr.len -= 3; 765 m->m_len -= 3; 766 m->m_data += 3; 767 } 768 isr = NETISR_NS; 769 break; 770 } 771 #endif /* NS */ 772 #ifdef NETATALK 773 if (ether_type > ETHERMTU) 774 goto dropanyway; 775 l = mtod(m, struct llc *); 776 if (l->llc_dsap == LLC_SNAP_LSAP && 777 l->llc_ssap == LLC_SNAP_LSAP && 778 l->llc_control == LLC_UI) { 779 if (Bcmp(&(l->llc_snap_org_code)[0], at_org_code, 780 sizeof(at_org_code)) == 0 && 781 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AT) { 782 m_adj(m, sizeof(struct llc)); 783 isr = NETISR_ATALK2; 784 break; 785 } 786 if (Bcmp(&(l->llc_snap_org_code)[0], aarp_org_code, 787 sizeof(aarp_org_code)) == 0 && 788 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AARP) { 789 m_adj(m, sizeof(struct llc)); 790 isr = NETISR_AARP; 791 break; 792 } 793 } 794 dropanyway: 795 #endif /* NETATALK */ 796 if (ng_ether_input_orphan_p != NULL) 797 (*ng_ether_input_orphan_p)(ifp, m, eh); 798 else 799 m_freem(m); 800 return; 801 } 802 netisr_dispatch(isr, m); 803 } 804 805 /* 806 * Perform common duties while attaching to interface list 807 */ 808 809 void 810 ether_ifattach(struct ifnet *ifp, uint8_t *lla) 811 { 812 ether_ifattach_bpf(ifp, lla, DLT_EN10MB, sizeof(struct ether_header)); 813 } 814 815 void 816 ether_ifattach_bpf(struct ifnet *ifp, uint8_t *lla, u_int dlt, u_int hdrlen) 817 { 818 struct ifaddr *ifa; 819 struct sockaddr_dl *sdl; 820 821 ifp->if_type = IFT_ETHER; 822 ifp->if_addrlen = ETHER_ADDR_LEN; 823 ifp->if_broadcastaddr = etherbroadcastaddr; 824 ifp->if_hdrlen = 14; 825 if_attach(ifp); 826 ifp->if_mtu = ETHERMTU; 827 ifp->if_resolvemulti = ether_resolvemulti; 828 if (ifp->if_baudrate == 0) 829 ifp->if_baudrate = 10000000; 830 ifa = ifnet_addrs[ifp->if_index - 1]; 831 KASSERT(ifa != NULL, ("%s: no lladdr!\n", __FUNCTION__)); 832 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 833 sdl->sdl_type = IFT_ETHER; 834 sdl->sdl_alen = ifp->if_addrlen; 835 bcopy(lla, LLADDR(sdl), ifp->if_addrlen); 836 /* 837 * XXX Keep the current drivers happy. 838 * XXX Remove once all drivers have been cleaned up 839 */ 840 if (lla != IFP2AC(ifp)->ac_enaddr) 841 bcopy(lla, IFP2AC(ifp)->ac_enaddr, ifp->if_addrlen); 842 bpfattach(ifp, dlt, hdrlen); 843 if (ng_ether_attach_p != NULL) 844 (*ng_ether_attach_p)(ifp); 845 if (BDG_LOADED) 846 bdgtakeifaces_ptr(); 847 848 if_printf(ifp, "MAC address: %6D\n", lla, ":"); 849 } 850 851 /* 852 * Perform common duties while detaching an Ethernet interface 853 */ 854 void 855 ether_ifdetach(struct ifnet *ifp) 856 { 857 if (ng_ether_detach_p != NULL) 858 (*ng_ether_detach_p)(ifp); 859 bpfdetach(ifp); 860 if_detach(ifp); 861 if (BDG_LOADED) 862 bdgtakeifaces_ptr(); 863 } 864 865 SYSCTL_DECL(_net_link); 866 SYSCTL_NODE(_net_link, IFT_ETHER, ether, CTLFLAG_RW, 0, "Ethernet"); 867 SYSCTL_INT(_net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW, 868 ðer_ipfw,0,"Pass ether pkts through firewall"); 869 870 int 871 ether_ioctl(ifp, command, data) 872 struct ifnet *ifp; 873 int command; 874 caddr_t data; 875 { 876 struct ifaddr *ifa = (struct ifaddr *) data; 877 struct ifreq *ifr = (struct ifreq *) data; 878 int error = 0; 879 880 switch (command) { 881 case SIOCSIFADDR: 882 ifp->if_flags |= IFF_UP; 883 884 switch (ifa->ifa_addr->sa_family) { 885 #ifdef INET 886 case AF_INET: 887 ifp->if_init(ifp->if_softc); /* before arpwhohas */ 888 arp_ifinit(ifp, ifa); 889 break; 890 #endif 891 #ifdef IPX 892 /* 893 * XXX - This code is probably wrong 894 */ 895 case AF_IPX: 896 { 897 struct ipx_addr *ina = &(IA_SIPX(ifa)->sipx_addr); 898 struct arpcom *ac = IFP2AC(ifp); 899 900 if (ipx_nullhost(*ina)) 901 ina->x_host = 902 *(union ipx_host *) 903 ac->ac_enaddr; 904 else { 905 bcopy((caddr_t) ina->x_host.c_host, 906 (caddr_t) ac->ac_enaddr, 907 sizeof(ac->ac_enaddr)); 908 } 909 910 /* 911 * Set new address 912 */ 913 ifp->if_init(ifp->if_softc); 914 break; 915 } 916 #endif 917 #ifdef NS 918 /* 919 * XXX - This code is probably wrong 920 */ 921 case AF_NS: 922 { 923 struct ns_addr *ina = &(IA_SNS(ifa)->sns_addr); 924 struct arpcom *ac = IFP2AC(ifp); 925 926 if (ns_nullhost(*ina)) 927 ina->x_host = 928 *(union ns_host *) (ac->ac_enaddr); 929 else { 930 bcopy((caddr_t) ina->x_host.c_host, 931 (caddr_t) ac->ac_enaddr, 932 sizeof(ac->ac_enaddr)); 933 } 934 935 /* 936 * Set new address 937 */ 938 ifp->if_init(ifp->if_softc); 939 break; 940 } 941 #endif 942 default: 943 ifp->if_init(ifp->if_softc); 944 break; 945 } 946 break; 947 948 case SIOCGIFADDR: 949 { 950 struct sockaddr *sa; 951 952 sa = (struct sockaddr *) & ifr->ifr_data; 953 bcopy(IFP2AC(ifp)->ac_enaddr, 954 (caddr_t) sa->sa_data, ETHER_ADDR_LEN); 955 } 956 break; 957 958 case SIOCSIFMTU: 959 /* 960 * Set the interface MTU. 961 */ 962 if (ifr->ifr_mtu > ETHERMTU) { 963 error = EINVAL; 964 } else { 965 ifp->if_mtu = ifr->ifr_mtu; 966 } 967 break; 968 default: 969 error = EINVAL; 970 break; 971 } 972 return (error); 973 } 974 975 int 976 ether_resolvemulti(ifp, llsa, sa) 977 struct ifnet *ifp; 978 struct sockaddr **llsa; 979 struct sockaddr *sa; 980 { 981 struct sockaddr_dl *sdl; 982 struct sockaddr_in *sin; 983 #ifdef INET6 984 struct sockaddr_in6 *sin6; 985 #endif 986 u_char *e_addr; 987 988 switch(sa->sa_family) { 989 case AF_LINK: 990 /* 991 * No mapping needed. Just check that it's a valid MC address. 992 */ 993 sdl = (struct sockaddr_dl *)sa; 994 e_addr = LLADDR(sdl); 995 if ((e_addr[0] & 1) != 1) 996 return EADDRNOTAVAIL; 997 *llsa = 0; 998 return 0; 999 1000 #ifdef INET 1001 case AF_INET: 1002 sin = (struct sockaddr_in *)sa; 1003 if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) 1004 return EADDRNOTAVAIL; 1005 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 1006 M_WAITOK|M_ZERO); 1007 sdl->sdl_len = sizeof *sdl; 1008 sdl->sdl_family = AF_LINK; 1009 sdl->sdl_index = ifp->if_index; 1010 sdl->sdl_type = IFT_ETHER; 1011 sdl->sdl_alen = ETHER_ADDR_LEN; 1012 e_addr = LLADDR(sdl); 1013 ETHER_MAP_IP_MULTICAST(&sin->sin_addr, e_addr); 1014 *llsa = (struct sockaddr *)sdl; 1015 return 0; 1016 #endif 1017 #ifdef INET6 1018 case AF_INET6: 1019 sin6 = (struct sockaddr_in6 *)sa; 1020 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 1021 /* 1022 * An IP6 address of 0 means listen to all 1023 * of the Ethernet multicast address used for IP6. 1024 * (This is used for multicast routers.) 1025 */ 1026 ifp->if_flags |= IFF_ALLMULTI; 1027 *llsa = 0; 1028 return 0; 1029 } 1030 if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) 1031 return EADDRNOTAVAIL; 1032 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 1033 M_WAITOK|M_ZERO); 1034 sdl->sdl_len = sizeof *sdl; 1035 sdl->sdl_family = AF_LINK; 1036 sdl->sdl_index = ifp->if_index; 1037 sdl->sdl_type = IFT_ETHER; 1038 sdl->sdl_alen = ETHER_ADDR_LEN; 1039 e_addr = LLADDR(sdl); 1040 ETHER_MAP_IPV6_MULTICAST(&sin6->sin6_addr, e_addr); 1041 *llsa = (struct sockaddr *)sdl; 1042 return 0; 1043 #endif 1044 1045 default: 1046 /* 1047 * Well, the text isn't quite right, but it's the name 1048 * that counts... 1049 */ 1050 return EAFNOSUPPORT; 1051 } 1052 } 1053 1054 #if 0 1055 /* 1056 * This is for reference. We have a table-driven version 1057 * of the little-endian crc32 generator, which is faster 1058 * than the double-loop. 1059 */ 1060 uint32_t 1061 ether_crc32_le(const uint8_t *buf, size_t len) 1062 { 1063 uint32_t c, crc, carry; 1064 size_t i, j; 1065 1066 crc = 0xffffffffU; /* initial value */ 1067 1068 for (i = 0; i < len; i++) { 1069 c = buf[i]; 1070 for (j = 0; j < 8; j++) { 1071 carry = ((crc & 0x01) ? 1 : 0) ^ (c & 0x01); 1072 crc >>= 1; 1073 c >>= 1; 1074 if (carry) 1075 crc = (crc ^ ETHER_CRC_POLY_LE); 1076 } 1077 } 1078 1079 return(crc); 1080 } 1081 #else 1082 uint32_t 1083 ether_crc32_le(const uint8_t *buf, size_t len) 1084 { 1085 static const uint32_t crctab[] = { 1086 0x00000000, 0x1db71064, 0x3b6e20c8, 0x26d930ac, 1087 0x76dc4190, 0x6b6b51f4, 0x4db26158, 0x5005713c, 1088 0xedb88320, 0xf00f9344, 0xd6d6a3e8, 0xcb61b38c, 1089 0x9b64c2b0, 0x86d3d2d4, 0xa00ae278, 0xbdbdf21c 1090 }; 1091 uint32_t crc; 1092 size_t i; 1093 1094 crc = 0xffffffffU; /* initial value */ 1095 1096 for (i = 0; i < len; i++) { 1097 crc ^= buf[i]; 1098 crc = (crc >> 4) ^ crctab[crc & 0xf]; 1099 crc = (crc >> 4) ^ crctab[crc & 0xf]; 1100 } 1101 1102 return(crc); 1103 } 1104 #endif 1105 1106 uint32_t 1107 ether_crc32_be(const uint8_t *buf, size_t len) 1108 { 1109 uint32_t c, crc, carry; 1110 size_t i, j; 1111 1112 crc = 0xffffffffU; /* initial value */ 1113 1114 for (i = 0; i < len; i++) { 1115 c = buf[i]; 1116 for (j = 0; j < 8; j++) { 1117 carry = ((crc & 0x80000000U) ? 1 : 0) ^ (c & 0x01); 1118 crc <<= 1; 1119 c >>= 1; 1120 if (carry) 1121 crc = (crc ^ ETHER_CRC_POLY_BE) | carry; 1122 } 1123 } 1124 1125 return(crc); 1126 } 1127