Date: Sun, 2 Sep 2007 12:48:21 GMT From: Ana Kukec <anchie@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 125967 for review Message-ID: <200709021248.l82CmLRP002846@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=125967 Change 125967 by anchie@anchie_malimis on 2007/09/02 12:47:25 Virtualization of netinet6 integer variables. Affected files ... .. //depot/projects/vimage/src/sys/net/if_faith.c#2 edit .. //depot/projects/vimage/src/sys/netinet/in_pcb.c#14 edit .. //depot/projects/vimage/src/sys/netinet/tcp_input.c#21 edit .. //depot/projects/vimage/src/sys/netinet6/frag6.c#9 edit .. //depot/projects/vimage/src/sys/netinet6/icmp6.c#13 edit .. //depot/projects/vimage/src/sys/netinet6/in6.c#11 edit .. //depot/projects/vimage/src/sys/netinet6/in6_proto.c#11 edit .. //depot/projects/vimage/src/sys/netinet6/in6_src.c#12 edit .. //depot/projects/vimage/src/sys/netinet6/ip6_forward.c#9 edit .. //depot/projects/vimage/src/sys/netinet6/ip6_input.c#20 edit .. //depot/projects/vimage/src/sys/netinet6/ip6_mroute.c#8 edit .. //depot/projects/vimage/src/sys/netinet6/ip6_output.c#10 edit .. //depot/projects/vimage/src/sys/netinet6/ip6_var.h#7 edit .. //depot/projects/vimage/src/sys/netinet6/nd6.c#17 edit .. //depot/projects/vimage/src/sys/netinet6/nd6_nbr.c#9 edit .. //depot/projects/vimage/src/sys/netinet6/nd6_rtr.c#7 edit .. //depot/projects/vimage/src/sys/netinet6/sctp6_usrreq.c#17 edit .. //depot/projects/vimage/src/sys/netinet6/vinet6.h#10 edit .. //depot/projects/vimage/src/sys/netipsec/ipsec_input.c#9 edit Differences ... ==== //depot/projects/vimage/src/sys/net/if_faith.c#2 (text+ko) ==== @@ -41,6 +41,7 @@ */ #include "opt_inet.h" #include "opt_inet6.h" +#include "opt_vimage.h" #include <sys/param.h> #include <sys/systm.h> @@ -54,6 +55,7 @@ #include <sys/queue.h> #include <sys/types.h> #include <sys/malloc.h> +#include <sys/vimage.h> #include <net/if.h> #include <net/if_clone.h> @@ -76,6 +78,7 @@ #include <netinet6/in6_var.h> #include <netinet/ip6.h> #include <netinet6/ip6_var.h> +#include <netinet6/vinet6.h> #endif #define FAITHNAME "faith" @@ -323,11 +326,12 @@ faithprefix(in6) struct in6_addr *in6; { + INIT_VNET_INET6(curvnet); struct rtentry *rt; struct sockaddr_in6 sin6; int ret; - if (ip6_keepfaith == 0) + if (V_ip6_keepfaith == 0) return 0; bzero(&sin6, sizeof(sin6)); ==== //depot/projects/vimage/src/sys/netinet/in_pcb.c#14 (text+ko) ==== @@ -75,6 +75,7 @@ #ifdef INET6 #include <netinet/ip6.h> #include <netinet6/ip6_var.h> +#include <netinet6/vinet6.h> #endif /* INET6 */ @@ -194,6 +195,7 @@ int in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo) { + INIT_VNET_INET6(curvnet); struct inpcb *inp; int error; @@ -222,7 +224,7 @@ #ifdef INET6 if (INP_SOCKAF(so) == AF_INET6) { inp->inp_vflag |= INP_IPV6PROTO; - if (ip6_v6only) + if (V_ip6_v6only) inp->inp_flags |= IN6P_IPV6_V6ONLY; } #endif @@ -230,7 +232,7 @@ pcbinfo->ipi_count++; so->so_pcb = (caddr_t)inp; #ifdef INET6 - if (ip6_auto_flowlabel) + if (V_ip6_auto_flowlabel) inp->inp_flags |= IN6P_AUTOFLOWLABEL; #endif INP_LOCK(inp); ==== //depot/projects/vimage/src/sys/netinet/tcp_input.c#21 (text+ko) ==== @@ -762,7 +762,7 @@ * handling - worse, they are not exactly the same. * I believe 5.5.4 is the best one, so we follow 5.5.4. */ - if (isipv6 && !ip6_use_deprecated) { + if (isipv6 && !V_ip6_use_deprecated) { struct in6_ifaddr *ia6; if ((ia6 = ip6_getdstifaddr(m)) && ==== //depot/projects/vimage/src/sys/netinet6/frag6.c#9 (text+ko) ==== @@ -95,9 +95,10 @@ static void frag6_change(void *tag) { + INIT_VNET_INET6(curvnet); - ip6_maxfragpackets = nmbclusters / 4; - ip6_maxfrags = nmbclusters / 4; + V_ip6_maxfragpackets = nmbclusters / 4; + V_ip6_maxfrags = nmbclusters / 4; } void @@ -111,8 +112,8 @@ if (!IS_DEFAULT_VNET(curvnet)) return; #endif - ip6_maxfragpackets = nmbclusters / 4; - ip6_maxfrags = nmbclusters / 4; + V_ip6_maxfragpackets = nmbclusters / 4; + V_ip6_maxfrags = nmbclusters / 4; EVENTHANDLER_REGISTER(nmbclusters_change, frag6_change, NULL, EVENTHANDLER_PRI_ANY); @@ -227,9 +228,9 @@ * If maxfrag is 0, never accept fragments. * If maxfrag is -1, accept all fragments without limitation. */ - if (ip6_maxfrags < 0) + if (V_ip6_maxfrags < 0) ; - else if (V_frag6_nfrags >= (u_int)ip6_maxfrags) + else if (V_frag6_nfrags >= (u_int)V_ip6_maxfrags) goto dropfrag; for (q6 = V_ip6q.ip6q_next; q6 != &V_ip6q; q6 = q6->ip6q_next) @@ -251,9 +252,9 @@ * If maxfragpackets is -1, accept all fragments without * limitation. */ - if (ip6_maxfragpackets < 0) + if (V_ip6_maxfragpackets < 0) ; - else if (V_frag6_nfragpackets >= (u_int)ip6_maxfragpackets) + else if (V_frag6_nfragpackets >= (u_int)V_ip6_maxfragpackets) goto dropfrag; V_frag6_nfragpackets++; q6 = (struct ip6q *)malloc(sizeof(struct ip6q), M_FTABLE, @@ -718,7 +719,7 @@ * (due to the limit being lowered), drain off * enough to get down to the new limit. */ - while (V_frag6_nfragpackets > (u_int)ip6_maxfragpackets && + while (V_frag6_nfragpackets > (u_int)V_ip6_maxfragpackets && V_ip6q.ip6q_prev) { V_ip6stat.ip6s_fragoverflow++; /* XXX in6_ifstat_inc(ifp, ifs6_reass_fail) */ ==== //depot/projects/vimage/src/sys/netinet6/icmp6.c#13 (text+ko) ==== @@ -111,12 +111,10 @@ extern struct domain inet6domain; -#ifndef VIMAGE struct icmp6stat icmp6stat; extern struct inpcbinfo ripcbinfo; extern struct inpcbhead ripcb; -#endif extern int icmp6errppslim; static int icmp6errpps_count = 0; static struct timeval icmp6errppslim_last; @@ -140,6 +138,7 @@ void icmp6_init(void) { + icmp6errpps_count = 0; mld6_init(); } @@ -2037,6 +2036,7 @@ void icmp6_reflect(struct mbuf *m, size_t off) { + INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6; struct icmp6_hdr *icmp6; struct in6_ifaddr *ia; @@ -2169,7 +2169,7 @@ /* XXX: This may not be the outgoing interface */ ip6->ip6_hlim = ND_IFINFO(m->m_pkthdr.rcvif)->chlim; } else - ip6->ip6_hlim = ip6_defhlim; + ip6->ip6_hlim = V_ip6_defhlim; icmp6->icmp6_cksum = 0; icmp6->icmp6_cksum = in6_cksum(m, IPPROTO_ICMPV6, @@ -2243,7 +2243,7 @@ return; /* XXX if we are router, we don't update route by icmp6 redirect */ - if (ip6_forwarding) + if (V_ip6_forwarding) goto freeit; if (!icmp6_rediraccept) goto freeit; @@ -2440,7 +2440,7 @@ icmp6_errcount(&V_icmp6stat.icp6s_outerrhist, ND_REDIRECT, 0); /* if we are not router, we don't send icmp6 redirect */ - if (!ip6_forwarding) + if (!V_ip6_forwarding) goto fail; /* sanity check */ ==== //depot/projects/vimage/src/sys/netinet6/in6.c#11 (text+ko) ==== @@ -2050,6 +2050,7 @@ struct in6_ifaddr * in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) { + INIT_VNET_INET6(curvnet); int dst_scope = in6_addrscope(dst), blen = -1, tlen; struct ifaddr *ifa; struct in6_ifaddr *besta = 0; @@ -2073,7 +2074,7 @@ if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) continue; if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { - if (ip6_use_deprecated) + if (V_ip6_use_deprecated) dep[0] = (struct in6_ifaddr *)ifa; continue; } @@ -2107,7 +2108,7 @@ if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) continue; if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { - if (ip6_use_deprecated) + if (V_ip6_use_deprecated) dep[1] = (struct in6_ifaddr *)ifa; continue; } ==== //depot/projects/vimage/src/sys/netinet6/in6_proto.c#11 (text+ko) ==== @@ -83,6 +83,7 @@ #include <net/if.h> #include <net/radix.h> #include <net/route.h> +#include <net/if_gif.h> #include <netinet/in.h> #include <netinet/in_systm.h> @@ -348,6 +349,12 @@ extern int in6_detachhead(void **, int); #endif +static void +ip6_test_init(void) +{ + printf("---> ip6_test_init() \n"); +} + struct domain inet6domain = { .dom_family = AF_INET6, .dom_name = "internet6", @@ -361,7 +368,10 @@ .dom_rtoffset = offsetof(struct sockaddr_in6, sin6_addr) << 3, .dom_maxrtkey = sizeof(struct sockaddr_in6), .dom_ifattach = in6_domifattach, - .dom_ifdetach = in6_domifdetach + .dom_ifdetach = in6_domifdetach, +#ifdef VIMAGE + .dom_init = ip6_test_init +#endif }; DOMAIN_SET(inet6); @@ -369,6 +379,7 @@ /* * Internet configuration info */ +#ifndef VIMAGE #ifndef IPV6FORWARDING #ifdef GATEWAY6 #define IPV6FORWARDING 1 /* forward IP6 packets not for us */ @@ -404,6 +415,7 @@ #ifdef IPSTEALTH int ip6stealth = 0; #endif +#endif /* !VIMAGE */ /* icmp6 */ /* @@ -492,38 +504,38 @@ return (error); } -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_FORWARDING, - forwarding, CTLFLAG_RW, &ip6_forwarding, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_SENDREDIRECTS, - redirect, CTLFLAG_RW, &ip6_sendredirects, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFHLIM, - hlim, CTLFLAG_RW, &ip6_defhlim, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_FORWARDING, + forwarding, CTLFLAG_RW, ip6_forwarding, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_SENDREDIRECTS, + redirect, CTLFLAG_RW, ip6_sendredirects, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_DEFHLIM, + hlim, CTLFLAG_RW, ip6_defhlim, 0, ""); SYSCTL_V_STRUCT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_STATS, stats, CTLFLAG_RD, ip6stat, ip6stat, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS, - maxfragpackets, CTLFLAG_RW, &ip6_maxfragpackets, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_ACCEPT_RTADV, - accept_rtadv, CTLFLAG_RW, &ip6_accept_rtadv, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_KEEPFAITH, - keepfaith, CTLFLAG_RW, &ip6_keepfaith, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL, - log_interval, CTLFLAG_RW, &ip6_log_interval, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_HDRNESTLIMIT, - hdrnestlimit, CTLFLAG_RW, &ip6_hdrnestlimit, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT, - dad_count, CTLFLAG_RW, &ip6_dad_count, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, - auto_flowlabel, CTLFLAG_RW, &ip6_auto_flowlabel, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFMCASTHLIM, - defmcasthlim, CTLFLAG_RW, &ip6_defmcasthlim, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM, - gifhlim, CTLFLAG_RW, &ip6_gif_hlim, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS, + maxfragpackets, CTLFLAG_RW, ip6_maxfragpackets, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_ACCEPT_RTADV, + accept_rtadv, CTLFLAG_RW, ip6_accept_rtadv, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_KEEPFAITH, + keepfaith, CTLFLAG_RW, ip6_keepfaith, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_LOG_INTERVAL, + log_interval, CTLFLAG_RW, ip6_log_interval, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_HDRNESTLIMIT, + hdrnestlimit, CTLFLAG_RW, ip6_hdrnestlimit, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_DAD_COUNT, + dad_count, CTLFLAG_RW, ip6_dad_count, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, + auto_flowlabel, CTLFLAG_RW, ip6_auto_flowlabel, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_DEFMCASTHLIM, + defmcasthlim, CTLFLAG_RW, ip6_defmcasthlim, 0, ""); +SYSCTL_V_INT(V_NET, vnet_gif, _net_inet6_ip6, IPV6CTL_GIF_HLIM, + gifhlim, CTLFLAG_RW, ip6_gif_hlim, 0, ""); SYSCTL_STRING(_net_inet6_ip6, IPV6CTL_KAME_VERSION, kame_version, CTLFLAG_RD, __KAME_VERSION, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEPRECATED, - use_deprecated, CTLFLAG_RW, &ip6_use_deprecated, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RR_PRUNE, - rr_prune, CTLFLAG_RW, &ip6_rr_prune, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_USE_DEPRECATED, + use_deprecated, CTLFLAG_RW, ip6_use_deprecated, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RR_PRUNE, + rr_prune, CTLFLAG_RW, ip6_rr_prune, 0, ""); SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USETEMPADDR, use_tempaddr, CTLFLAG_RW, &ip6_use_tempaddr, 0, ""); SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime, @@ -532,8 +544,8 @@ SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime, CTLTYPE_INT|CTLFLAG_RW, &ip6_temp_valid_lifetime, 0, sysctl_ip6_tempvltime, "I", ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_V6ONLY, - v6only, CTLFLAG_RW, &ip6_v6only, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_V6ONLY, + v6only, CTLFLAG_RW, ip6_v6only, 0, ""); #ifndef VIMAGE TUNABLE_INT("net.inet6.ip6.auto_linklocal", &ip6_auto_linklocal); #endif @@ -545,13 +557,13 @@ prefer_tempaddr, CTLFLAG_RW, &ip6_prefer_tempaddr, 0, ""); SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE, use_defaultzone, CTLFLAG_RW, &ip6_use_defzone, 0,""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGS, - maxfrags, CTLFLAG_RW, &ip6_maxfrags, 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MCAST_PMTU, - mcast_pmtu, CTLFLAG_RW, &ip6_mcast_pmtu, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_MAXFRAGS, + maxfrags, CTLFLAG_RW, ip6_maxfrags, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_MCAST_PMTU, + mcast_pmtu, CTLFLAG_RW, ip6_mcast_pmtu, 0, ""); #ifdef IPSTEALTH -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_STEALTH, stealth, CTLFLAG_RW, - &ip6stealth, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_STEALTH, stealth, CTLFLAG_RW, + ip6stealth, 0, ""); #endif /* net.inet6.icmp6 */ ==== //depot/projects/vimage/src/sys/netinet6/in6_src.c#12 (text+ko) ==== @@ -281,7 +281,7 @@ (IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) { continue; } - if (!ip6_use_deprecated && IFA6_IS_DEPRECATED(ia)) + if (!V_ip6_use_deprecated && IFA6_IS_DEPRECATED(ia)) continue; /* Rule 1: Prefer same address */ @@ -719,6 +719,7 @@ int in6_selecthlim(struct in6pcb *in6p, struct ifnet *ifp) { + INIT_VNET_INET6(curvnet); if (in6p && in6p->in6p_hops >= 0) return (in6p->in6p_hops); @@ -739,9 +740,9 @@ if (lifp) return (ND_IFINFO(lifp)->chlim); } else - return (ip6_defhlim); + return (V_ip6_defhlim); } - return (ip6_defhlim); + return (V_ip6_defhlim); } /* ==== //depot/projects/vimage/src/sys/netinet6/ip6_forward.c#9 (text+ko) ==== @@ -140,8 +140,8 @@ IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) { V_ip6stat.ip6s_cantforward++; /* XXX in6_ifstat_inc(rt->rt_ifp, ifs6_in_discard) */ - if (ip6_log_time + ip6_log_interval < time_second) { - ip6_log_time = time_second; + if (V_ip6_log_time + V_ip6_log_interval < time_second) { + V_ip6_log_time = time_second; log(LOG_DEBUG, "cannot forward " "from %s to %s nxt %d received on %s\n", @@ -155,7 +155,7 @@ } #ifdef IPSTEALTH - if (!ip6stealth) { + if (!V_ip6stealth) { #endif if (ip6->ip6_hlim <= IPV6_HLIMDEC) { /* XXX in6_ifstat_inc(rt->rt_ifp, ifs6_in_discard) */ @@ -442,8 +442,8 @@ V_ip6stat.ip6s_badscope++; in6_ifstat_inc(rt->rt_ifp, ifs6_in_discard); - if (ip6_log_time + ip6_log_interval < time_second) { - ip6_log_time = time_second; + if (V_ip6_log_time + V_ip6_log_interval < time_second) { + V_ip6_log_time = time_second; log(LOG_DEBUG, "cannot forward " "src %s, dst %s, nxt %d, rcvif %s, outif %s\n", @@ -529,7 +529,7 @@ * Also, don't send redirect if forwarding using a route * modified by a redirect. */ - if (ip6_sendredirects && rt->rt_ifp == m->m_pkthdr.rcvif && !srcrt && + if (V_ip6_sendredirects && rt->rt_ifp == m->m_pkthdr.rcvif && !srcrt && #ifdef IPSEC !ipsecrt && #endif /* IPSEC */ ==== //depot/projects/vimage/src/sys/netinet6/ip6_input.c#20 (text+ko) ==== @@ -88,6 +88,7 @@ #include <net/route.h> #include <net/netisr.h> #include <net/pfil.h> +#include <net/if_gif.h> #include <netinet/in.h> #include <netinet/in_systm.h> @@ -158,6 +159,20 @@ SYSINIT(inet6, SI_SUB_PROTO_BEGIN, SI_ORDER_FIRST, vnet_inet6_register, 0); #endif /* VIMAGE */ +#ifdef VIMAGE +#ifndef IPV6FORWARDING +#ifdef GATEWAY6 +#define IPV6FORWARDING 1 /* forward IP6 packets not for us */ +#else +#define IPV6FORWARDING 0 /* don't forward IP6 packets not for us */ +#endif /* !GATEWAY6 */ +#endif /* !IPV6FORWARDING */ + +#ifndef IPV6_SENDREDIRECTS +#define IPV6_SENDREDIRECTS 1 +#endif +#endif /* !VIMAGE */ + /* * IP6 initialization: fill in IP6 protocol switch table. * All protocols not implemented in kernel go to raw IP6 protocol handler. @@ -165,10 +180,36 @@ void ip6_init(void) { + printf("---> ip6_init() \n"); INIT_VNET_INET6(curvnet); + INIT_VNET_GIF(curvnet); struct ip6protosw *pr; int i; + V_ip6_forwarding = IPV6FORWARDING; /* act as router? */ + V_ip6_sendredirects = IPV6_SENDREDIRECTS; + V_ip6_defhlim = IPV6_DEFHLIM; + V_ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS; + V_ip6_accept_rtadv = 0; /* "IPV6FORWARDING ? 0 : 1" is dangerous */ + V_ip6_maxfragpackets = 0; /* initialized in frag6.c:frag6_init() */ + V_ip6_maxfrags = 0; /* initialized in frag6.c:frag6_init() */ + V_ip6_log_interval = 5; + V_ip6_hdrnestlimit = 15; /* How many header options will we process? */ + V_ip6_dad_count = 1; /* DupAddrDetectionTransmits */ + V_ip6_auto_flowlabel = 1; + V_ip6_gif_hlim = 0; + V_ip6_use_deprecated = 1; /* allow deprecated addr (RFC2462 5.5.4) */ + V_ip6_rr_prune = 5; /* router renumbering prefix + * walk list every 5 sec. */ + V_ip6_mcast_pmtu = 0; /* enable pMTU discovery for multicast? */ + V_ip6_v6only = 1; + + V_ip6_keepfaith = 0; + V_ip6_log_time = (time_t)0L; + #ifdef IPSTEALTH + V_ip6stealth = 0; + #endif + #ifdef IP6_AUTO_LINKLOCAL V_ip6_auto_linklocal = IP6_AUTO_LINKLOCAL; #else @@ -609,7 +650,7 @@ /* * FAITH (Firewall Aided Internet Translator) */ - if (ip6_keepfaith) { + if (V_ip6_keepfaith) { if (V_ip6_forward_rt.ro_rt && V_ip6_forward_rt.ro_rt->rt_ifp && V_ip6_forward_rt.ro_rt->rt_ifp->if_type == IFT_FAITH) { /* XXX do we need more sanity checks? */ @@ -623,7 +664,7 @@ * Now there is no reason to process the packet if it's not our own * and we're not a router. */ - if (!ip6_forwarding) { + if (!V_ip6_forwarding) { V_ip6stat.ip6s_cantforward++; in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); goto bad; @@ -709,7 +750,7 @@ * case we should pass the packet to the multicast routing * daemon. */ - if (rtalert != ~0 && ip6_forwarding) { + if (rtalert != ~0 && V_ip6_forwarding) { switch (rtalert) { case IP6OPT_RTALERT_MLD: ours = 1; @@ -797,7 +838,7 @@ nest = 0; while (nxt != IPPROTO_DONE) { - if (ip6_hdrnestlimit && (++nest > ip6_hdrnestlimit)) { + if (V_ip6_hdrnestlimit && (++nest > V_ip6_hdrnestlimit)) { V_ip6stat.ip6s_toomanyhdr++; goto bad; } @@ -1096,6 +1137,7 @@ void ip6_savecontrol(struct inpcb *in6p, struct mbuf *m, struct mbuf **mp) { + printf("---> tcp6_input() \n"); #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); ==== //depot/projects/vimage/src/sys/netinet6/ip6_mroute.c#8 (text+ko) ==== @@ -1039,8 +1039,8 @@ */ if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) { V_ip6stat.ip6s_cantforward++; - if (ip6_log_time + ip6_log_interval < time_second) { - ip6_log_time = time_second; + if (V_ip6_log_time + V_ip6_log_interval < time_second) { + V_ip6_log_time = time_second; log(LOG_DEBUG, "cannot forward " "from %s to %s nxt %d received on %s\n", @@ -1510,6 +1510,7 @@ static void phyint_send(struct ip6_hdr *ip6, struct mif6 *mifp, struct mbuf *m) { + INIT_VNET_INET6(curvnet); struct mbuf *mb_copy; struct ifnet *ifp = mifp->m6_ifp; int error = 0; @@ -1599,7 +1600,7 @@ * various router may notify pMTU in multicast, which can be * a DDoS to a router */ - if (ip6_mcast_pmtu) + if (V_ip6_mcast_pmtu) icmp6_error(mb_copy, ICMP6_PACKET_TOO_BIG, 0, linkmtu); else { #ifdef MRT6DEBUG ==== //depot/projects/vimage/src/sys/netinet6/ip6_output.c#10 (text+ko) ==== @@ -522,7 +522,7 @@ if (im6o != NULL) ip6->ip6_hlim = im6o->im6o_multicast_hlim; else - ip6->ip6_hlim = ip6_defmcasthlim; + ip6->ip6_hlim = V_ip6_defmcasthlim; } #ifdef IPSEC @@ -2414,6 +2414,7 @@ ip6_setmoptions(int optname, struct ip6_moptions **im6op, struct mbuf *m) { INIT_VNET_NET(curvnet); + INIT_VNET_INET6(curvnet); int error = 0; u_int loop, ifindex; struct ipv6_mreq *mreq; @@ -2435,7 +2436,7 @@ return (ENOBUFS); *im6op = im6o; im6o->im6o_multicast_ifp = NULL; - im6o->im6o_multicast_hlim = ip6_defmcasthlim; + im6o->im6o_multicast_hlim = V_ip6_defmcasthlim; im6o->im6o_multicast_loop = IPV6_DEFAULT_MULTICAST_LOOP; LIST_INIT(&im6o->im6o_memberships); } @@ -2477,7 +2478,7 @@ if (optval < -1 || optval >= 256) error = EINVAL; else if (optval == -1) - im6o->im6o_multicast_hlim = ip6_defmcasthlim; + im6o->im6o_multicast_hlim = V_ip6_defmcasthlim; else im6o->im6o_multicast_hlim = optval; break; @@ -2700,7 +2701,7 @@ * If all options have default values, no need to keep the mbuf. */ if (im6o->im6o_multicast_ifp == NULL && - im6o->im6o_multicast_hlim == ip6_defmcasthlim && + im6o->im6o_multicast_hlim == V_ip6_defmcasthlim && im6o->im6o_multicast_loop == IPV6_DEFAULT_MULTICAST_LOOP && im6o->im6o_memberships.lh_first == NULL) { free(*im6op, M_IP6MOPTS); @@ -2716,6 +2717,7 @@ static int ip6_getmoptions(int optname, struct ip6_moptions *im6o, struct mbuf **mp) { + INIT_VNET_INET6(curvnet); u_int *hlim, *loop, *ifindex; *mp = m_get(M_TRYWAIT, MT_HEADER); /* XXX */ @@ -2735,7 +2737,7 @@ hlim = mtod(*mp, u_int *); (*mp)->m_len = sizeof(u_int); if (im6o == NULL) - *hlim = ip6_defmcasthlim; + *hlim = V_ip6_defmcasthlim; else *hlim = im6o->im6o_multicast_hlim; return (0); @@ -2744,7 +2746,7 @@ loop = mtod(*mp, u_int *); (*mp)->m_len = sizeof(u_int); if (im6o == NULL) - *loop = ip6_defmcasthlim; + *loop = V_ip6_defmcasthlim; else *loop = im6o->im6o_multicast_loop; return (0); ==== //depot/projects/vimage/src/sys/netinet6/ip6_var.h#7 (text+ko) ==== @@ -280,24 +280,29 @@ #ifndef VIMAGE extern struct ip6stat ip6stat; /* statistics */ -#endif extern int ip6_defhlim; /* default hop limit */ extern int ip6_defmcasthlim; /* default multicast hop limit */ extern int ip6_forwarding; /* act as router? */ +#endif extern int ip6_forward_srcrt; /* forward src-routed? */ +#ifndef VIMAGE extern int ip6_gif_hlim; /* Hop limit for gif encap packet */ extern int ip6_use_deprecated; /* allow deprecated addr as source */ extern int ip6_rr_prune; /* router renumbering prefix * walk list every 5 sec. */ extern int ip6_mcast_pmtu; /* enable pMTU discovery for multicast? */ extern int ip6_v6only; +#endif extern struct socket *ip6_mrouter; /* multicast routing daemon */ +#ifndef VIMAGE extern int ip6_sendredirects; /* send IP redirects when forwarding? */ extern int ip6_maxfragpackets; /* Maximum packets in reassembly queue */ extern int ip6_maxfrags; /* Maximum fragments in reassembly queue */ +#endif extern int ip6_sourcecheck; /* Verify source interface */ extern int ip6_sourcecheck_interval; /* Interval between log messages */ +#ifndef VIMAGE extern int ip6_accept_rtadv; /* Acts as a host not a router */ extern int ip6_keepfaith; /* Firewall Aided Internet Translator */ extern int ip6_log_interval; @@ -306,6 +311,7 @@ extern int ip6_dad_count; /* DupAddrDetectionTransmits */ extern int ip6_auto_flowlabel; +#endif extern int ip6_auto_linklocal; extern int ip6_anonportmin; /* minimum ephemeral port */ ==== //depot/projects/vimage/src/sys/netinet6/nd6.c#17 (text+ko) ==== @@ -800,7 +800,7 @@ if (V_nd6_defifindex == ifp->if_index) nd6_setdefaultiface(0); - if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */ + if (!V_ip6_forwarding && V_ip6_accept_rtadv) { /* XXX: too restrictive? */ /* refresh default router list */ defrouter_select(); } @@ -995,7 +995,7 @@ * XXX: we restrict the condition to hosts, because routers usually do * not have the "default router list". */ - if (!ip6_forwarding && TAILQ_FIRST(&V_nd_defrouter) == NULL && + if (!V_ip6_forwarding && TAILQ_FIRST(&V_nd_defrouter) == NULL && V_nd6_defifindex == ifp->if_index) { return (1); } @@ -1034,6 +1034,7 @@ static struct llinfo_nd6 * nd6_free(struct rtentry *rt, int gc) { + INIT_VNET_INET6(curvnet); struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo, *next; struct in6_addr in6 = ((struct sockaddr_in6 *)rt_key(rt))->sin6_addr; struct nd_defrouter *dr; @@ -1046,7 +1047,7 @@ /* cancel timer */ nd6_llinfo_settimer(ln, -1); - if (!ip6_forwarding) { + if (!V_ip6_forwarding) { int s; s = splnet(); dr = defrouter_lookup(&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, @@ -1677,6 +1678,7 @@ nd6_cache_lladdr(struct ifnet *ifp, struct in6_addr *from, char *lladdr, int lladdrlen, int type, int code) { + INIT_VNET_INET6(curvnet); struct rtentry *rt = NULL; struct llinfo_nd6 *ln = NULL; int is_newentry; @@ -1900,7 +1902,7 @@ * for those are not autoconfigured hosts, we explicitly avoid such * cases for safety. */ - if (do_update && ln->ln_router && !ip6_forwarding && ip6_accept_rtadv) + if (do_update && ln->ln_router && !V_ip6_forwarding && V_ip6_accept_rtadv) defrouter_select(); return rt; ==== //depot/projects/vimage/src/sys/netinet6/nd6_nbr.c#9 (text+ko) ==== @@ -304,7 +304,7 @@ goto bad; nd6_na_output(ifp, &in6_all, &taddr6, ((anycast || proxy || !tlladdr) ? 0 : ND_NA_FLAG_OVERRIDE) | - (ip6_forwarding ? ND_NA_FLAG_ROUTER : 0), + (V_ip6_forwarding ? ND_NA_FLAG_ROUTER : 0), tlladdr, (struct sockaddr *)proxydl); goto freeit; } @@ -314,7 +314,7 @@ nd6_na_output(ifp, &saddr6, &taddr6, ((anycast || proxy || !tlladdr) ? 0 : ND_NA_FLAG_OVERRIDE) | - (ip6_forwarding ? ND_NA_FLAG_ROUTER : 0) | ND_NA_FLAG_SOLICITED, + (V_ip6_forwarding ? ND_NA_FLAG_ROUTER : 0) | ND_NA_FLAG_SOLICITED, tlladdr, (struct sockaddr *)proxydl); freeit: m_freem(m); @@ -802,7 +802,7 @@ dr = defrouter_lookup(in6, ifp); if (dr) defrtrlist_del(dr); - else if (!ip6_forwarding) { + else if (!V_ip6_forwarding) { /* * Even if the neighbor is not in the default * router list, the neighbor may be used @@ -1132,7 +1132,7 @@ ia->ia6_flags &= ~IN6_IFF_TENTATIVE; return; } - if (!ip6_dad_count) { + if (!V_ip6_dad_count) { ia->ia6_flags &= ~IN6_IFF_TENTATIVE; return; } @@ -1172,7 +1172,7 @@ */ dp->dad_ifa = ifa; IFAREF(ifa); /* just for safety */ - dp->dad_count = ip6_dad_count; + dp->dad_count = V_ip6_dad_count; dp->dad_ns_icount = dp->dad_na_icount = 0; dp->dad_ns_ocount = dp->dad_ns_tcount = 0; if (delay == 0) { ==== //depot/projects/vimage/src/sys/netinet6/nd6_rtr.c#7 (text+ko) ==== @@ -133,7 +133,7 @@ char ip6bufs[INET6_ADDRSTRLEN], ip6bufd[INET6_ADDRSTRLEN]; /* If I'm not a router, ignore it. */ - if (ip6_accept_rtadv != 0 || ip6_forwarding != 1) + if (V_ip6_accept_rtadv != 0 || V_ip6_forwarding != 1) goto freeit; /* Sanity checks */ @@ -223,7 +223,7 @@ * the system-wide variable allows the acceptance, and * per-interface variable allows RAs on the receiving interface. */ - if (ip6_accept_rtadv == 0) + if (V_ip6_accept_rtadv == 0) goto freeit; if (!(ndi->flags & ND6_IFF_ACCEPT_RTADV)) goto freeit; @@ -561,7 +561,7 @@ * Flush all the routing table entries that use the router * as a next hop. */ - if (!ip6_forwarding && ip6_accept_rtadv) /* XXX: better condition? */ + if (!V_ip6_forwarding && V_ip6_accept_rtadv) /* XXX: better condition? */ rt6_flush(&dr->rtaddr, dr->ifp); if (dr->installed) { @@ -627,10 +627,10 @@ * if the node is not an autoconfigured host, we explicitly exclude * such cases here for safety. */ - if (ip6_forwarding || !ip6_accept_rtadv) { + if (V_ip6_forwarding || !V_ip6_accept_rtadv) { nd6log((LOG_WARNING, "defrouter_select: called unexpectedly (forwarding=%d, " - "accept_rtadv=%d)\n", ip6_forwarding, ip6_accept_rtadv)); + "accept_rtadv=%d)\n", V_ip6_forwarding, V_ip6_accept_rtadv)); splx(s); return; } ==== //depot/projects/vimage/src/sys/netinet6/sctp6_usrreq.c#17 (text+ko) ==== @@ -31,14 +31,17 @@ #include <sys/cdefs.h> __FBSDID("$FreeBSD: src/sys/netinet6/sctp6_usrreq.c,v 1.38 2007/08/27 05:19:48 rrs Exp $"); +#include "opt_vimage.h" #include <netinet/sctp_os.h> #include <sys/proc.h> +#include <sys/vimage.h> #include <netinet/sctp_pcb.h> #include <netinet/sctp_header.h> #include <netinet/sctp_var.h> #if defined(INET6) #include <netinet6/sctp6_var.h> +#include <netinet6/vinet6.h> #endif #include <netinet/sctp_sysctl.h> #include <netinet/sctp_output.h> @@ -664,6 +667,7 @@ sctp6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr, struct mbuf *control, struct thread *p) { + INIT_VNET_INET6(curvnet); struct sctp_inpcb *inp; struct inpcb *in_inp; struct in6pcb *inp6; @@ -720,7 +724,7 @@ } } if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { - if (!ip6_v6only) { + if (!V_ip6_v6only) { struct sockaddr_in sin; /* convert v4-mapped into v4 addr and send */ @@ -776,6 +780,7 @@ static int sctp6_connect(struct socket *so, struct sockaddr *addr, struct thread *p) { + INIT_VNET_INET6(curvnet); uint32_t vrf_id; int error = 0; struct sctp_inpcb *inp; @@ -851,7 +856,7 @@ } } if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { - if (!ip6_v6only) { + if (!V_ip6_v6only) { /* convert v4-mapped into v4 addr */ in6_sin6_2_sin((struct sockaddr_in *)&ss, sin6); addr = (struct sockaddr *)&ss; ==== //depot/projects/vimage/src/sys/netinet6/vinet6.h#10 (text+ko) ==== @@ -90,6 +90,29 @@ TAILQ_HEAD(, dadq) _dadq; int _dad_init; + + //int _icmp6errppslim; + //int _icmp6errpps_count; + //int _icmp6_nodeinfo; + + int _ip6_forwarding; + int _ip6_sendredirects; + int _ip6_defhlim; + int _ip6_defmcasthlim; + int _ip6_accept_rtadv; + int _ip6_maxfragpackets; + int _ip6_maxfrags; + int _ip6_log_interval; + int _ip6_hdrnestlimit; + int _ip6_dad_count; + int _ip6_auto_flowlabel; + int _ip6_use_deprecated; + int _ip6_rr_prune; + int _ip6_mcast_pmtu; + int _ip6_v6only; + int _ip6_keepfaith; + int _ip6stealth; + time_t _ip6_log_time; }; #endif @@ -134,4 +157,27 @@ #define V_dadq VNET_INET6(dadq) #define V_dad_init VNET_INET6(dad_init) +//#define V_icmp6errppslim VNET_INET6(icmp6errppslim) +//#define V_icmp6errpps_count VNET_INET6(icmp6errpps_count) +//#define V_icmp6_nodeinfo VNET_INET6(icmp6_nodeinfo) + +#define V_ip6_forwarding VNET_INET6(ip6_forwarding) +#define V_ip6_sendredirects VNET_INET6(ip6_sendredirects) +#define V_ip6_defhlim VNET_INET6(ip6_defhlim) +#define V_ip6_defmcasthlim VNET_INET6(ip6_defmcasthlim) +#define V_ip6_accept_rtadv VNET_INET6(ip6_accept_rtadv) +#define V_ip6_maxfragpackets VNET_INET6(ip6_maxfragpackets) +#define V_ip6_maxfrags VNET_INET6(ip6_maxfrags) +#define V_ip6_log_interval VNET_INET6(ip6_log_interval) +#define V_ip6_hdrnestlimit VNET_INET6(ip6_hdrnestlimit) >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200709021248.l82CmLRP002846>