CoCalc -- in6

GitHub Repository: freebsd/freebsd-src
Path: blob/main/sys/netinet6/in6_proto.c
³⁹⁴⁷⁵ views
1
/*-
2
 * SPDX-License-Identifier: BSD-3-Clause
3
 *
4
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5
 * All rights reserved.
6
 *
7
 * Redistribution and use in source and binary forms, with or without
8
 * modification, are permitted provided that the following conditions
9
 * are met:
10
 * 1. Redistributions of source code must retain the above copyright
11
 *    notice, this list of conditions and the following disclaimer.
12
 * 2. Redistributions in binary form must reproduce the above copyright
13
 *    notice, this list of conditions and the following disclaimer in the
14
 *    documentation and/or other materials provided with the distribution.
15
 * 3. Neither the name of the project nor the names of its contributors
16
 *    may be used to endorse or promote products derived from this software
17
 *    without specific prior written permission.
18
 *
19
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29
 * SUCH DAMAGE.
30
 *
31
 *	$KAME: in6_proto.c,v 1.91 2001/05/27 13:28:35 itojun Exp $
32
 */
33

34
/*-
35
 * Copyright (c) 1982, 1986, 1993
36
 *	The Regents of the University of California.  All rights reserved.
37
 *
38
 * Redistribution and use in source and binary forms, with or without
39
 * modification, are permitted provided that the following conditions
40
 * are met:
41
 * 1. Redistributions of source code must retain the above copyright
42
 *    notice, this list of conditions and the following disclaimer.
43
 * 2. Redistributions in binary form must reproduce the above copyright
44
 *    notice, this list of conditions and the following disclaimer in the
45
 *    documentation and/or other materials provided with the distribution.
46
 * 3. Neither the name of the University nor the names of its contributors
47
 *    may be used to endorse or promote products derived from this software
48
 *    without specific prior written permission.
49
 *
50
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60
 * SUCH DAMAGE.
61
 */
62

63
#include <sys/cdefs.h>
64
#include "opt_inet.h"
65
#include "opt_inet6.h"
66
#include "opt_ipsec.h"
67
#include "opt_ipstealth.h"
68
#include "opt_sctp.h"
69
#include "opt_route.h"
70

71
#include <sys/param.h>
72
#include <sys/socket.h>
73
#include <sys/socketvar.h>
74
#include <sys/proc.h>
75
#include <sys/protosw.h>
76
#include <sys/jail.h>
77
#include <sys/kernel.h>
78
#include <sys/malloc.h>
79
#include <sys/domain.h>
80
#include <sys/mbuf.h>
81
#include <sys/systm.h>
82
#include <sys/sysctl.h>
83

84
#include <net/if.h>
85
#include <net/if_var.h>
86
#include <netinet/in.h>
87
#include <netinet/ip6.h>
88
#include <netinet6/in6_var.h>
89
#include <netinet6/ip6_var.h>
90
#include <netinet/icmp6.h>
91
#include <netinet6/nd6.h>
92
#include <netinet6/raw_ip6.h>
93

94
/* netinet6/raw_ip6.c */
95
extern struct protosw rip6_protosw;
96
/* netinet6/udp6_usrreq.c */
97
extern struct protosw udp6_protosw, udplite6_protosw;
98
/* netinet/tcp_usrreq.c */
99
extern struct protosw tcp6_protosw;
100
/* netinet/sctp6_usrreq.c */
101
extern struct protosw sctp6_seqpacket_protosw, sctp6_stream_protosw;
102

103
/*
104
 * TCP/IP protocol family: IP6, ICMP6, UDP, TCP.
105
 */
106
FEATURE(inet6, "Internet Protocol version 6");
107

108
struct domain inet6domain = {
109
	.dom_family =		AF_INET6,
110
	.dom_name =		"internet6",
111
	.dom_rtattach =		in6_inithead,
112
#ifdef VIMAGE
113
	.dom_rtdetach =		in6_detachhead,
114
#endif
115
	.dom_ifattach =		in6_domifattach,
116
	.dom_ifdetach =		in6_domifdetach,
117
	.dom_ifmtu    =		in6_domifmtu,
118
	.dom_nprotosw =		14,
119
	.dom_protosw = {
120
		&tcp6_protosw,
121
		&udp6_protosw,
122
#ifdef SCTP
123
		&sctp6_seqpacket_protosw,
124
		&sctp6_stream_protosw,
125
#else
126
		NULL, NULL,
127
#endif
128
		&udplite6_protosw,
129
		&rip6_protosw,
130
		/* Spacer 8 times for loadable protocols. XXXGL: why 8? */
131
		NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
132
	},
133
};
134

135
DOMAIN_SET(inet6);
136

137
/*
138
 * Internet configuration info
139
 */
140
#ifndef	IPV6FORWARDING
141
#ifdef GATEWAY6
142
#define	IPV6FORWARDING	1	/* forward IP6 packets not for us */
143
#else
144
#define	IPV6FORWARDING	0	/* don't forward IP6 packets not for us */
145
#endif /* GATEWAY6 */
146
#endif /* !IPV6FORWARDING */
147

148
#ifndef	IPV6_SENDREDIRECTS
149
#define	IPV6_SENDREDIRECTS	1
150
#endif
151

152
VNET_DEFINE(int, ip6_forwarding) = IPV6FORWARDING;	/* act as router? */
153
VNET_DEFINE(int, ip6_sendredirects) = IPV6_SENDREDIRECTS;
154
VNET_DEFINE(int, ip6_defhlim) = IPV6_DEFHLIM;
155
VNET_DEFINE(int, ip6_defmcasthlim) = IPV6_DEFAULT_MULTICAST_HOPS;
156
VNET_DEFINE(int, ip6_accept_rtadv) = 0;
157
VNET_DEFINE(int, ip6_no_radr) = 0;
158
VNET_DEFINE(int, ip6_norbit_raif) = 0;
159
VNET_DEFINE(int, ip6_rfc6204w3) = 0;
160
VNET_DEFINE(int, ip6_hdrnestlimit) = 15;/* How many header options will we
161
					 * process? */
162
VNET_DEFINE(int, ip6_dad_count) = 1;	/* DupAddrDetectionTransmits */
163
VNET_DEFINE(int, ip6_auto_flowlabel) = 1;
164
VNET_DEFINE(int, ip6_use_deprecated) = 1;/* allow deprecated addr
165
					 * (RFC2462 5.5.4) */
166
VNET_DEFINE(int, ip6_rr_prune) = 5;	/* router renumbering prefix
167
					 * walk list every 5 sec. */
168
VNET_DEFINE(int, ip6_mcast_pmtu) = 0;	/* enable pMTU discovery for multicast? */
169
VNET_DEFINE(int, ip6_v6only) = 1;
170
VNET_DEFINE(u_int, ip6_stableaddr_maxretries) = IP6_IDGEN_RETRIES;
171

172
#ifdef IPSTEALTH
173
VNET_DEFINE(int, ip6stealth) = 0;
174
#endif
175
VNET_DEFINE(bool, ip6_log_cannot_forward) = 1;
176

177
/*
178
 * BSDI4 defines these variables in in_proto.c...
179
 * XXX: what if we don't define INET? Should we define pmtu6_expire
180
 * or so? ([email protected] 19990310)
181
 */
182
VNET_DEFINE(int, pmtu_expire) = 60*10;
183
VNET_DEFINE(int, pmtu_probe) = 60*2;
184

185
VNET_DEFINE_STATIC(int, ip6_log_interval) = 5;
186
VNET_DEFINE_STATIC(int, ip6_log_count) = 0;
187
VNET_DEFINE_STATIC(struct timeval, ip6_log_last) = { 0 };
188

189
#define	V_ip6_log_interval	VNET(ip6_log_interval)
190
#define	V_ip6_log_count		VNET(ip6_log_count)
191
#define	V_ip6_log_last		VNET(ip6_log_last)
192

193
/*
194
 * sysctl related items.
195
 */
196
SYSCTL_NODE(_net, PF_INET6, inet6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
197
    "Internet6 Family");
198

199
/* net.inet6 */
200
SYSCTL_NODE(_net_inet6,	IPPROTO_IPV6, ip6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
201
    "IP6");
202
SYSCTL_NODE(_net_inet6,	IPPROTO_ICMPV6, icmp6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
203
    "ICMP6");
204
SYSCTL_NODE(_net_inet6,	IPPROTO_UDP, udp6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
205
    "UDP6");
206
SYSCTL_NODE(_net_inet6,	IPPROTO_TCP, tcp6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
207
    "TCP6");
208
#if defined(SCTP) || defined(SCTP_SUPPORT)
209
SYSCTL_NODE(_net_inet6,	IPPROTO_SCTP, sctp6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
210
    "SCTP6");
211
#endif
212
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
213
SYSCTL_NODE(_net_inet6,	IPPROTO_ESP, ipsec6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
214
    "IPSEC6");
215
#endif /* IPSEC */
216

217
/* net.inet6.ip6 */
218
static int
219
sysctl_ip6_temppltime(SYSCTL_HANDLER_ARGS)
220
{
221
	int error, val, ndf;
222

223
	val = V_ip6_temp_preferred_lifetime;
224
	error = sysctl_handle_int(oidp, &val, 0, req);
225
	if (error != 0 || !req->newptr)
226
		return (error);
227
	ndf =  TEMP_MAX_DESYNC_FACTOR_BASE + (val >> 2) + (val >> 3);
228
	if (val < ndf + V_ip6_temp_regen_advance ||
229
	    val > V_ip6_temp_valid_lifetime)
230
		return (EINVAL);
231
	V_ip6_temp_preferred_lifetime = val;
232
	V_ip6_temp_max_desync_factor = ndf;
233
	V_ip6_desync_factor = arc4random() % ndf;
234
	return (0);
235
}
236

237
static int
238
sysctl_ip6_tempvltime(SYSCTL_HANDLER_ARGS)
239
{
240
	int error, val;
241

242
	val = V_ip6_temp_valid_lifetime;
243
	error = sysctl_handle_int(oidp, &val, 0, req);
244
	if (error != 0 || !req->newptr)
245
		return (error);
246
	if (val < V_ip6_temp_preferred_lifetime)
247
		return (EINVAL);
248
	V_ip6_temp_valid_lifetime = val;
249
	return (0);
250
}
251

252
int
253
ip6_log_ratelimit(void)
254
{
255

256
	return (ppsratecheck(&V_ip6_log_last, &V_ip6_log_count,
257
	    V_ip6_log_interval));
258
}
259

260
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_FORWARDING, forwarding,
261
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_forwarding), 0,
262
	"Enable forwarding of IPv6 packets between interfaces");
263
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_SENDREDIRECTS, redirect,
264
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_sendredirects), 0,
265
	"Send ICMPv6 redirects for unforwardable IPv6 packets");
266
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFHLIM, hlim,
267
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_defhlim), 0,
268
	"Default hop limit to use for outgoing IPv6 packets");
269
SYSCTL_VNET_PCPUSTAT(_net_inet6_ip6, IPV6CTL_STATS, stats, struct ip6stat,
270
	ip6stat,
271
	"IP6 statistics (struct ip6stat, netinet6/ip6_var.h)");
272
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_ACCEPT_RTADV, accept_rtadv,
273
	CTLFLAG_VNET | CTLFLAG_RWTUN, &VNET_NAME(ip6_accept_rtadv), 0,
274
	"Default value of per-interface flag for accepting ICMPv6 RA messages");
275
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_NO_RADR, no_radr,
276
	CTLFLAG_VNET | CTLFLAG_RWTUN, &VNET_NAME(ip6_no_radr), 0,
277
	"Default value of per-interface flag to control whether routers "
278
	"sending ICMPv6 RA messages on that interface are added into the "
279
	"default router list");
280
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_NORBIT_RAIF, norbit_raif,
281
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_norbit_raif), 0,
282
	"Always set clear the R flag in ICMPv6 NA messages when accepting RA "
283
	"on the interface");
284
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RFC6204W3, rfc6204w3,
285
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_rfc6204w3), 0,
286
	"Accept the default router list from ICMPv6 RA messages even "
287
	"when packet forwarding is enabled");
288
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL, log_interval,
289
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_log_interval), 0,
290
	"Frequency in seconds at which to log IPv6 forwarding errors");
291
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_HDRNESTLIMIT, hdrnestlimit,
292
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_hdrnestlimit), 0,
293
	"Default maximum number of IPv6 extension headers permitted on "
294
	"incoming IPv6 packets, 0 for no artificial limit");
295
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT, dad_count,
296
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_dad_count), 0,
297
	"Number of ICMPv6 NS messages sent during duplicate address detection");
298
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, auto_flowlabel,
299
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_auto_flowlabel), 0,
300
	"Provide an IPv6 flowlabel in outbound packets");
301
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFMCASTHLIM, defmcasthlim,
302
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_defmcasthlim), 0,
303
	"Default hop limit for IPv6 multicast packets originating from this "
304
	"node");
305
SYSCTL_STRING(_net_inet6_ip6, IPV6CTL_KAME_VERSION, kame_version,
306
	CTLFLAG_RD, __KAME_VERSION, 0,
307
	"KAME version string");
308
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEPRECATED, use_deprecated,
309
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_use_deprecated), 0,
310
	"Allow the use of addresses whose preferred lifetimes have expired");
311
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RR_PRUNE, rr_prune,
312
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_rr_prune), 0,
313
	""); /* XXX unused */
314
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USETEMPADDR, use_tempaddr,
315
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_use_tempaddr), 0,
316
	"Create RFC3041 temporary addresses for autoconfigured addresses");
317
SYSCTL_BOOL(_net_inet6_ip6, IPV6CTL_USESTABLEADDR, use_stableaddr,
318
	CTLFLAG_VNET | CTLFLAG_RWTUN, &VNET_NAME(ip6_use_stableaddr), 0,
319
	"Create RFC7217 semantically opaque address for autoconfigured addresses (default for new interfaces)");
320
SYSCTL_UINT(_net_inet6_ip6, IPV6CTL_STABLEADDR_MAXRETRIES, stableaddr_maxretries,
321
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_stableaddr_maxretries), IP6_IDGEN_RETRIES,
322
	"RFC7217 semantically opaque address DAD max retries");
323
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_STABLEADDR_NETIFSRC, stableaddr_netifsource,
324
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_stableaddr_netifsource), IP6_STABLEADDR_NETIFSRC_NAME,
325
	"RFC7217 semantically opaque address Net_Iface source (0 - name, 1 - ID, 2 - MAC addr)");
326
SYSCTL_PROC(_net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime,
327
	CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
328
	NULL, 0, sysctl_ip6_temppltime, "I",
329
	"Maximum preferred lifetime for temporary addresses");
330
SYSCTL_PROC(_net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime,
331
	CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
332
	NULL, 0, sysctl_ip6_tempvltime, "I",
333
	"Maximum valid lifetime for temporary addresses");
334
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_V6ONLY, v6only,
335
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_v6only), 0,
336
	"Restrict AF_INET6 sockets to IPv6 addresses only");
337
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_LINKLOCAL, auto_linklocal,
338
	CTLFLAG_VNET | CTLFLAG_RWTUN, &VNET_NAME(ip6_auto_linklocal), 0,
339
	"Default value of per-interface flag for automatically adding an IPv6 "
340
	"link-local address to interfaces when attached");
341
SYSCTL_VNET_PCPUSTAT(_net_inet6_ip6, IPV6CTL_RIP6STATS, rip6stats,
342
	struct rip6stat, rip6stat,
343
	"Raw IP6 statistics (struct rip6stat, netinet6/raw_ip6.h)");
344
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_PREFER_TEMPADDR, prefer_tempaddr,
345
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_prefer_tempaddr), 0,
346
	"Prefer RFC3041 temporary addresses in source address selection");
347
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE, use_defaultzone,
348
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_use_defzone), 0,
349
	"Use the default scope zone when none is specified");
350
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MCAST_PMTU, mcast_pmtu,
351
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_mcast_pmtu), 0,
352
	"Enable path MTU discovery for multicast packets");
353
#ifdef IPSTEALTH
354
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_STEALTH, stealth, CTLFLAG_VNET | CTLFLAG_RW,
355
	&VNET_NAME(ip6stealth), 0,
356
	"Forward IPv6 packets without decrementing their TTL");
357
#endif
358
SYSCTL_BOOL(_net_inet6_ip6, OID_AUTO,
359
	log_cannot_forward, CTLFLAG_VNET | CTLFLAG_RW,
360
	&VNET_NAME(ip6_log_cannot_forward), 1,
361
	"Log packets that cannot be forwarded");
362

363
Product

Resources

Company
