1 /* $OpenBSD: ip_gre.c,v 1.49 2014/04/14 09:06:42 mpi Exp $ */ 2 /* $NetBSD: ip_gre.c,v 1.9 1999/10/25 19:18:11 drochner Exp $ */ 3 4 /* 5 * Copyright (c) 1998 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Heiko W.Rupp <hwr@pilhuhn.de> 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * decapsulate tunneled packets and send them on 35 * output half is in net/if_gre.[ch] 36 * This currently handles IPPROTO_GRE, IPPROTO_MOBILE 37 */ 38 39 40 #include "gre.h" 41 #if NGRE > 0 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/mbuf.h> 46 #include <sys/protosw.h> 47 #include <sys/socket.h> 48 #include <sys/socketvar.h> 49 #include <sys/proc.h> 50 #include <sys/sysctl.h> 51 #include <net/if.h> 52 #include <net/netisr.h> 53 #include <net/route.h> 54 #include <net/bpf.h> 55 56 #ifdef INET 57 #include <netinet/in.h> 58 #include <netinet/in_systm.h> 59 #include <netinet/ip.h> 60 #include <netinet/ip_var.h> 61 #include <netinet/ip_gre.h> 62 #include <netinet/if_ether.h> 63 #include <netinet/in_pcb.h> 64 #else 65 #error "ip_gre used without inet" 66 #endif 67 68 #ifdef MPLS 69 #include <netmpls/mpls.h> 70 #endif 71 72 #include "bpfilter.h" 73 #include "pf.h" 74 75 #if NPF > 0 76 #include <net/pfvar.h> 77 #endif 78 79 #ifdef PIPEX 80 #include <net/pipex.h> 81 #endif 82 83 /* Needs IP headers. */ 84 #include <net/if_gre.h> 85 86 struct gre_softc *gre_lookup(struct mbuf *, u_int8_t); 87 int gre_input2(struct mbuf *, int, u_char); 88 89 /* 90 * Decapsulate. 91 * Does the real work and is called from gre_input() (above) 92 * returns 0 if packet is not yet processed 93 * and 1 if it needs no further processing 94 * proto is the protocol number of the "calling" foo_input() 95 * routine. 96 */ 97 98 int 99 gre_input2(struct mbuf *m, int hlen, u_char proto) 100 { 101 struct greip *gip; 102 int s; 103 struct ifqueue *ifq; 104 struct gre_softc *sc; 105 u_short flags; 106 u_int af; 107 108 if ((sc = gre_lookup(m, proto)) == NULL) { 109 /* No matching tunnel or tunnel is down. */ 110 return (0); 111 } 112 113 if (m->m_len < sizeof(*gip)) { 114 m = m_pullup(m, sizeof(*gip)); 115 if (m == NULL) 116 return (ENOBUFS); 117 } 118 gip = mtod(m, struct greip *); 119 120 m->m_pkthdr.rcvif = &sc->sc_if; 121 m->m_pkthdr.ph_rtableid = sc->sc_if.if_rdomain; 122 123 sc->sc_if.if_ipackets++; 124 sc->sc_if.if_ibytes += m->m_pkthdr.len; 125 126 switch (proto) { 127 case IPPROTO_GRE: 128 hlen += sizeof (struct gre_h); 129 130 /* process GRE flags as packet can be of variable len */ 131 flags = ntohs(gip->gi_flags); 132 133 /* Checksum & Offset are present */ 134 if ((flags & GRE_CP) | (flags & GRE_RP)) 135 hlen += 4; 136 137 /* We don't support routing fields (variable length) */ 138 if (flags & GRE_RP) 139 return (0); 140 141 if (flags & GRE_KP) 142 hlen += 4; 143 144 if (flags & GRE_SP) 145 hlen += 4; 146 147 switch (ntohs(gip->gi_ptype)) { /* ethertypes */ 148 case GREPROTO_WCCP: 149 /* WCCP/GRE: 150 * So far as I can see (and test) it seems that Cisco's WCCP 151 * GRE tunnel is precisely a IP-in-GRE tunnel that differs 152 * only in its protocol number. At least, it works for me. 153 * 154 * The Internet Draft can be found if you look for 155 * draft-forster-wrec-wccp-v1-00.txt 156 * 157 * So yes, we're doing a fall-through (unless, of course, 158 * net.inet.gre.wccp is 0). 159 */ 160 if (!gre_wccp) 161 return (0); 162 case ETHERTYPE_IP: /* shouldn't need a schednetisr(), as */ 163 ifq = &ipintrq; /* we are in ip_input */ 164 af = AF_INET; 165 break; 166 #ifdef INET6 167 case ETHERTYPE_IPV6: 168 ifq = &ip6intrq; 169 schednetisr(NETISR_IPV6); 170 af = AF_INET6; 171 break; 172 #endif 173 case 0: 174 /* keepalive reply, retrigger hold timer */ 175 gre_recv_keepalive(sc); 176 m_freem(m); 177 return (1); 178 #ifdef MPLS 179 case ETHERTYPE_MPLS: 180 case ETHERTYPE_MPLS_MCAST: 181 ifq = &mplsintrq; 182 schednetisr(NETISR_MPLS); 183 af = AF_MPLS; 184 break; 185 #endif 186 default: /* others not yet supported */ 187 return (0); 188 } 189 break; 190 default: 191 /* others not yet supported */ 192 return (0); 193 } 194 195 if (hlen > m->m_pkthdr.len) { 196 m_freem(m); 197 return (EINVAL); 198 } 199 m_adj(m, hlen); 200 201 #if NBPFILTER > 0 202 if (sc->sc_if.if_bpf) 203 bpf_mtap_af(sc->sc_if.if_bpf, af, m, BPF_DIRECTION_IN); 204 #endif 205 206 #if NPF > 0 207 pf_pkt_addr_changed(m); 208 #endif 209 210 s = splnet(); /* possible */ 211 IF_INPUT_ENQUEUE(ifq, m); 212 splx(s); 213 214 return (1); /* packet is done, no further processing needed */ 215 } 216 217 /* 218 * Decapsulate a packet and feed it back through ip_input (this 219 * routine is called whenever IP gets a packet with proto type 220 * IPPROTO_GRE and a local destination address). 221 */ 222 void 223 gre_input(struct mbuf *m, ...) 224 { 225 int hlen, ret; 226 va_list ap; 227 228 va_start(ap, m); 229 hlen = va_arg(ap, int); 230 va_end(ap); 231 232 if (!gre_allow) { 233 m_freem(m); 234 return; 235 } 236 237 #ifdef PIPEX 238 if (pipex_enable) { 239 struct pipex_session *session; 240 241 if ((session = pipex_pptp_lookup_session(m)) != NULL) { 242 if (pipex_pptp_input(m, session) == NULL) 243 return; 244 } 245 } 246 #endif 247 248 ret = gre_input2(m, hlen, IPPROTO_GRE); 249 /* 250 * ret == 0: packet not processed, but input from here 251 * means no matching tunnel that is up is found. 252 * we inject it to raw ip socket to see if anyone picks it up. 253 * possible that we received a WCCPv1-style GRE packet 254 * but we're not set to accept them. 255 */ 256 if (!ret) 257 rip_input(m, hlen, IPPROTO_GRE); 258 } 259 260 /* 261 * Input routine for IPPROTO_MOBILE. 262 * This is a little bit different from the other modes, as the 263 * encapsulating header was not prepended, but instead inserted 264 * between IP header and payload. 265 */ 266 267 void 268 gre_mobile_input(struct mbuf *m, ...) 269 { 270 struct ip *ip; 271 struct mobip_h *mip; 272 struct ifqueue *ifq; 273 struct gre_softc *sc; 274 int hlen, s; 275 va_list ap; 276 u_char osrc = 0; 277 int msiz; 278 279 va_start(ap, m); 280 hlen = va_arg(ap, int); 281 va_end(ap); 282 283 if (!ip_mobile_allow) { 284 m_freem(m); 285 return; 286 } 287 288 if ((sc = gre_lookup(m, IPPROTO_MOBILE)) == NULL) { 289 /* No matching tunnel or tunnel is down. */ 290 m_freem(m); 291 return; 292 } 293 294 if (m->m_len < sizeof(*mip)) { 295 m = m_pullup(m, sizeof(*mip)); 296 if (m == NULL) 297 return; 298 } 299 ip = mtod(m, struct ip *); 300 mip = mtod(m, struct mobip_h *); 301 302 m->m_pkthdr.rcvif = &sc->sc_if; 303 304 sc->sc_if.if_ipackets++; 305 sc->sc_if.if_ibytes += m->m_pkthdr.len; 306 307 if (ntohs(mip->mh.proto) & MOB_H_SBIT) { 308 osrc = 1; 309 msiz = MOB_H_SIZ_L; 310 mip->mi.ip_src.s_addr = mip->mh.osrc; 311 } else 312 msiz = MOB_H_SIZ_S; 313 314 if (m->m_len < (ip->ip_hl << 2) + msiz) { 315 m = m_pullup(m, (ip->ip_hl << 2) + msiz); 316 if (m == NULL) 317 return; 318 ip = mtod(m, struct ip *); 319 mip = mtod(m, struct mobip_h *); 320 } 321 322 mip->mi.ip_dst.s_addr = mip->mh.odst; 323 mip->mi.ip_p = (ntohs(mip->mh.proto) >> 8); 324 325 if (gre_in_cksum((u_short *) &mip->mh, msiz) != 0) { 326 m_freem(m); 327 return; 328 } 329 330 memmove(ip + (ip->ip_hl << 2), ip + (ip->ip_hl << 2) + msiz, 331 m->m_len - msiz - (ip->ip_hl << 2)); 332 333 m->m_len -= msiz; 334 ip->ip_len = htons(ntohs(ip->ip_len) - msiz); 335 m->m_pkthdr.len -= msiz; 336 337 ip->ip_sum = 0; 338 ip->ip_sum = in_cksum(m,(ip->ip_hl << 2)); 339 340 ifq = &ipintrq; 341 342 #if NBPFILTER > 0 343 if (sc->sc_if.if_bpf) 344 bpf_mtap_af(sc->sc_if.if_bpf, AF_INET, m, BPF_DIRECTION_IN); 345 #endif 346 347 s = splnet(); /* possible */ 348 IF_INPUT_ENQUEUE(ifq, m); 349 splx(s); 350 } 351 352 /* 353 * Find the gre interface associated with our src/dst/proto set. 354 */ 355 struct gre_softc * 356 gre_lookup(struct mbuf *m, u_int8_t proto) 357 { 358 struct ip *ip = mtod(m, struct ip *); 359 struct gre_softc *sc; 360 361 LIST_FOREACH(sc, &gre_softc_list, sc_list) { 362 if ((sc->g_dst.s_addr == ip->ip_src.s_addr) && 363 (sc->g_src.s_addr == ip->ip_dst.s_addr) && 364 (sc->g_proto == proto) && 365 (rtable_l2(sc->g_rtableid) == 366 rtable_l2(m->m_pkthdr.ph_rtableid)) && 367 ((sc->sc_if.if_flags & IFF_UP) != 0)) 368 return (sc); 369 } 370 371 return (NULL); 372 } 373 374 int 375 gre_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, 376 size_t newlen) 377 { 378 /* All sysctl names at this level are terminal. */ 379 if (namelen != 1) 380 return (ENOTDIR); 381 382 switch (name[0]) { 383 case GRECTL_ALLOW: 384 return (sysctl_int(oldp, oldlenp, newp, newlen, &gre_allow)); 385 case GRECTL_WCCP: 386 return (sysctl_int(oldp, oldlenp, newp, newlen, &gre_wccp)); 387 default: 388 return (ENOPROTOOPT); 389 } 390 /* NOTREACHED */ 391 } 392 393 int 394 ipmobile_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, 395 void *newp, size_t newlen) 396 { 397 /* All sysctl names at this level are terminal. */ 398 if (namelen != 1) 399 return (ENOTDIR); 400 401 switch (name[0]) { 402 case MOBILEIPCTL_ALLOW: 403 return (sysctl_int(oldp, oldlenp, newp, newlen, 404 &ip_mobile_allow)); 405 default: 406 return (ENOPROTOOPT); 407 } 408 /* NOTREACHED */ 409 } 410 411 int 412 gre_usrreq(struct socket *so, int req, struct mbuf *m, struct mbuf *nam, 413 struct mbuf *control, struct proc *p) 414 { 415 #ifdef PIPEX 416 struct inpcb *inp = sotoinpcb(so); 417 418 if (inp != NULL && inp->inp_pipex && req == PRU_SEND) { 419 int s; 420 struct sockaddr_in *sin4; 421 struct in_addr *ina_dst; 422 struct pipex_session *session; 423 424 s = splsoftnet(); 425 ina_dst = NULL; 426 if ((so->so_state & SS_ISCONNECTED) != 0) { 427 inp = sotoinpcb(so); 428 if (inp) 429 ina_dst = &inp->inp_laddr; 430 } else if (nam) { 431 sin4 = mtod(nam, struct sockaddr_in *); 432 if (nam->m_len == sizeof(struct sockaddr_in) && 433 sin4->sin_family == AF_INET) 434 ina_dst = &sin4->sin_addr; 435 } 436 if (ina_dst != NULL && 437 (session = pipex_pptp_userland_lookup_session_ipv4(m, 438 *ina_dst))) 439 m = pipex_pptp_userland_output(m, session); 440 splx(s); 441 442 if (m == NULL) 443 return (ENOMEM); 444 } 445 #endif 446 return rip_usrreq(so, req, m, nam, control, p); 447 } 448 #endif /* if NGRE > 0 */ 449