From owner-freebsd-hackers@FreeBSD.ORG Mon May 26 18:12:13 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5818137B401 for ; Mon, 26 May 2003 18:12:13 -0700 (PDT) Received: from heron.mail.pas.earthlink.net (heron.mail.pas.earthlink.net [207.217.120.189]) by mx1.FreeBSD.org (Postfix) with ESMTP id B752643F75 for ; Mon, 26 May 2003 18:12:12 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from dialup-67.30.96.194.dial1.sanjose1.level3.net ([67.30.96.194] helo=mindspring.com) by heron.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128) (Exim 3.33 #1) id 19KT0b-0003MT-00; Mon, 26 May 2003 18:12:10 -0700 Message-ID: <3ED2BAF5.2B6EC508@mindspring.com> Date: Mon, 26 May 2003 18:10:13 -0700 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: ashish@symonds.net References: <1231.203.192.199.30.1053976846.squirrel@secure.symonds.net> Content-Type: multipart/mixed; boundary="------------CD4EAD0DFBF412668992335C" X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a49db6559609bc3f7572dd0e0a2da75257548b785378294e88350badd9bab72f9c350badd9bab72f9c cc: freebsd-hackers@freebsd.org Subject: [PATCH] Re: changing the ToS in IP Header X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2003 01:12:13 -0000 This is a multi-part message in MIME format. --------------CD4EAD0DFBF412668992335C Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Ashish Kulkarni wrote: > as I mentioned earlier, I want to do it for all outgoing packets on an > interface, not on per socket basis. I actually was hoping that somene > would provide me pointers to where I should look in the source (me being a > newcomer to BSD as such) to implement a sysctl that will allow me to > change the tos, eg. "net.inet.ip.tos". I'd have prefered to use a packet > mangling firewall, but afaik there are none which do that so I'll have to > do it the hard way ;-) The attached patch adds a new sysctl oid for support of a "net.inet.ip.default_tos" (default: 0). I sent it as a context diff, in case the kernel has changed more than a little since the last time I updated. Note: I only compile-tested this. -- Terry --------------CD4EAD0DFBF412668992335C Content-Type: text/plain; charset=us-ascii; name="iptos.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="iptos.diff" Index: in_pcb.c =================================================================== RCS file: /cvs/src/sys/netinet/in_pcb.c,v retrieving revision 1.120 diff -c -r1.120 in_pcb.c *** in_pcb.c 21 Feb 2003 05:28:27 -0000 1.120 --- in_pcb.c 26 May 2003 20:56:30 -0000 *************** *** 31,37 **** * SUCH DAMAGE. * * @(#)in_pcb.c 8.4 (Berkeley) 5/24/95 ! * $FreeBSD: src/sys/netinet/in_pcb.c,v 1.120 2003/02/21 05:28:27 cjc Exp $ */ #include "opt_ipsec.h" --- 31,37 ---- * SUCH DAMAGE. * * @(#)in_pcb.c 8.4 (Berkeley) 5/24/95 ! * $FreeBSD$ */ #include "opt_ipsec.h" *************** *** 104,109 **** --- 104,114 ---- int ipport_reservedhigh = IPPORT_RESERVED - 1; /* 1023 */ int ipport_reservedlow = 0; + /* + * Default type of service for all IP packets. + */ + int ip_default_tos = 0; + #define RANGECHK(var, min, max) \ if ((var) < (min)) { (var) = (min); } \ else if ((var) > (max)) { (var) = (max); } *************** *** 124,129 **** --- 129,145 ---- return error; } + static int + sysctl_net_iptos_check(SYSCTL_HANDLER_ARGS) + { + int error = sysctl_handle_int(oidp, + oidp->oid_arg1, oidp->oid_arg2, req); + if (!error) { + RANGECHK(ip_default_tos, 0, 255); + } + return error; + } + #undef RANGECHK SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, "IP Ports"); *************** *** 144,149 **** --- 160,167 ---- CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedhigh, 0, ""); SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedlow, CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedlow, 0, ""); + SYSCTL_PROC(_net_inet_ip, OID_AUTO, default_tos, CTLTYPE_INT|CTLFLAG_RW, + &ip_default_tos, 0, &sysctl_net_iptos_check, "I", ""); /* * in_pcb.c: manage the Protocol Control Blocks. *************** *** 174,179 **** --- 192,198 ---- inp->inp_gencnt = ++pcbinfo->ipi_gencnt; inp->inp_pcbinfo = pcbinfo; inp->inp_socket = so; + inp->inp_ip_tos = (u_char)ip_default_tos; #ifdef IPSEC error = ipsec_init_policy(so, &inp->inp_sp); if (error != 0) { --------------CD4EAD0DFBF412668992335C--