Date: Wed, 1 Apr 2009 20:23:47 +0000 (UTC) From: Paolo Pisati <piso@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r190633 - in head: sbin/ipfw sys sys/amd64/include/xen sys/arm/arm sys/contrib/pf sys/dev/ata sys/dev/cxgb sys/dev/sound/usb sys/dev/usb sys/dev/usb/bluetooth sys/dev/usb/controller sys... Message-ID: <200904012023.n31KNl71041878@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: piso Date: Wed Apr 1 20:23:47 2009 New Revision: 190633 URL: http://svn.freebsd.org/changeset/base/190633 Log: Implement an ipfw action to reassemble ip packets: reass. Modified: head/sbin/ipfw/ (props changed) head/sbin/ipfw/ipfw.8 head/sbin/ipfw/ipfw2.c head/sbin/ipfw/ipfw2.h head/sbin/ipfw/main.c head/sys/ (props changed) head/sys/amd64/include/xen/ (props changed) head/sys/arm/arm/cpufunc_asm_sheeva.S (props changed) head/sys/contrib/pf/ (props changed) head/sys/dev/ata/ata-usb.c (props changed) head/sys/dev/cxgb/ (props changed) head/sys/dev/sound/usb/uaudio.c (props changed) head/sys/dev/sound/usb/uaudio.h (props changed) head/sys/dev/sound/usb/uaudio_pcm.c (props changed) head/sys/dev/sound/usb/uaudioreg.h (props changed) head/sys/dev/usb/README.TXT (props changed) head/sys/dev/usb/bluetooth/TODO.TXT (props changed) head/sys/dev/usb/bluetooth/ng_ubt.c (props changed) head/sys/dev/usb/bluetooth/ng_ubt_var.h (props changed) head/sys/dev/usb/bluetooth/ubtbcmfw.c (props changed) head/sys/dev/usb/controller/at91dci.c (props changed) head/sys/dev/usb/controller/at91dci.h (props changed) head/sys/dev/usb/controller/at91dci_atmelarm.c (props changed) head/sys/dev/usb/controller/atmegadci.c (props changed) head/sys/dev/usb/controller/atmegadci.h (props changed) head/sys/dev/usb/controller/atmegadci_atmelarm.c (props changed) head/sys/dev/usb/controller/ehci.c (props changed) head/sys/dev/usb/controller/ehci.h (props changed) head/sys/dev/usb/controller/ehci_ixp4xx.c (props changed) head/sys/dev/usb/controller/ehci_mbus.c (props changed) head/sys/dev/usb/controller/ehci_pci.c (props changed) head/sys/dev/usb/controller/musb_otg.c (props changed) head/sys/dev/usb/controller/musb_otg.h (props changed) head/sys/dev/usb/controller/musb_otg_atmelarm.c (props changed) head/sys/dev/usb/controller/ohci.c (props changed) head/sys/dev/usb/controller/ohci.h (props changed) head/sys/dev/usb/controller/ohci_atmelarm.c (props changed) head/sys/dev/usb/controller/ohci_pci.c (props changed) head/sys/dev/usb/controller/uhci.c (props changed) head/sys/dev/usb/controller/uhci.h (props changed) head/sys/dev/usb/controller/uhci_pci.c (props changed) head/sys/dev/usb/controller/usb_controller.c (props changed) head/sys/dev/usb/controller/uss820dci.c (props changed) head/sys/dev/usb/controller/uss820dci.h (props changed) head/sys/dev/usb/controller/uss820dci_atmelarm.c (props changed) head/sys/dev/usb/input/uhid.c (props changed) head/sys/dev/usb/input/ukbd.c (props changed) head/sys/dev/usb/input/ums.c (props changed) head/sys/dev/usb/input/usb_rdesc.h (props changed) head/sys/dev/usb/misc/udbp.c (props changed) head/sys/dev/usb/misc/udbp.h (props changed) head/sys/dev/usb/misc/ufm.c (props changed) head/sys/dev/usb/net/if_aue.c (props changed) head/sys/dev/usb/net/if_auereg.h (props changed) head/sys/dev/usb/net/if_axe.c (props changed) head/sys/dev/usb/net/if_axereg.h (props changed) head/sys/dev/usb/net/if_cdce.c (props changed) head/sys/dev/usb/net/if_cdcereg.h (props changed) head/sys/dev/usb/net/if_cue.c (props changed) head/sys/dev/usb/net/if_cuereg.h (props changed) head/sys/dev/usb/net/if_kue.c (props changed) head/sys/dev/usb/net/if_kuefw.h (props changed) head/sys/dev/usb/net/if_kuereg.h (props changed) head/sys/dev/usb/net/if_rue.c (props changed) head/sys/dev/usb/net/if_ruereg.h (props changed) head/sys/dev/usb/net/if_udav.c (props changed) head/sys/dev/usb/net/if_udavreg.h (props changed) head/sys/dev/usb/net/usb_ethernet.c (props changed) head/sys/dev/usb/net/usb_ethernet.h (props changed) head/sys/dev/usb/quirk/usb_quirk.c (props changed) head/sys/dev/usb/quirk/usb_quirk.h (props changed) head/sys/dev/usb/serial/u3g.c (props changed) head/sys/dev/usb/serial/uark.c (props changed) head/sys/dev/usb/serial/ubsa.c (props changed) head/sys/dev/usb/serial/ubser.c (props changed) head/sys/dev/usb/serial/uchcom.c (props changed) head/sys/dev/usb/serial/ucycom.c (props changed) head/sys/dev/usb/serial/ufoma.c (props changed) head/sys/dev/usb/serial/uftdi.c (props changed) head/sys/dev/usb/serial/uftdi_reg.h (props changed) head/sys/dev/usb/serial/ugensa.c (props changed) head/sys/dev/usb/serial/uipaq.c (props changed) head/sys/dev/usb/serial/ulpt.c (props changed) head/sys/dev/usb/serial/umct.c (props changed) head/sys/dev/usb/serial/umodem.c (props changed) head/sys/dev/usb/serial/umoscom.c (props changed) head/sys/dev/usb/serial/uplcom.c (props changed) head/sys/dev/usb/serial/usb_serial.c (props changed) head/sys/dev/usb/serial/usb_serial.h (props changed) head/sys/dev/usb/serial/uslcom.c (props changed) head/sys/dev/usb/serial/uvisor.c (props changed) head/sys/dev/usb/serial/uvscom.c (props changed) head/sys/dev/usb/storage/rio500_usb.h (props changed) head/sys/dev/usb/storage/umass.c (props changed) head/sys/dev/usb/storage/urio.c (props changed) head/sys/dev/usb/storage/ustorage_fs.c (props changed) head/sys/dev/usb/template/usb_template.c (props changed) head/sys/dev/usb/template/usb_template.h (props changed) head/sys/dev/usb/template/usb_template_cdce.c (props changed) head/sys/dev/usb/template/usb_template_msc.c (props changed) head/sys/dev/usb/template/usb_template_mtp.c (props changed) head/sys/dev/usb/ufm_ioctl.h (props changed) head/sys/dev/usb/usb.h (props changed) head/sys/dev/usb/usb_bus.h (props changed) head/sys/dev/usb/usb_busdma.c (props changed) head/sys/dev/usb/usb_busdma.h (props changed) head/sys/dev/usb/usb_cdc.h (props changed) head/sys/dev/usb/usb_compat_linux.c (props changed) head/sys/dev/usb/usb_compat_linux.h (props changed) head/sys/dev/usb/usb_controller.h (props changed) head/sys/dev/usb/usb_core.c (props changed) head/sys/dev/usb/usb_core.h (props changed) head/sys/dev/usb/usb_debug.c (props changed) head/sys/dev/usb/usb_debug.h (props changed) head/sys/dev/usb/usb_defs.h (props changed) head/sys/dev/usb/usb_dev.c (props changed) head/sys/dev/usb/usb_dev.h (props changed) head/sys/dev/usb/usb_device.c (props changed) head/sys/dev/usb/usb_device.h (props changed) head/sys/dev/usb/usb_dynamic.c (props changed) head/sys/dev/usb/usb_dynamic.h (props changed) head/sys/dev/usb/usb_endian.h (props changed) head/sys/dev/usb/usb_error.c (props changed) head/sys/dev/usb/usb_error.h (props changed) head/sys/dev/usb/usb_generic.c (props changed) head/sys/dev/usb/usb_generic.h (props changed) head/sys/dev/usb/usb_handle_request.c (props changed) head/sys/dev/usb/usb_handle_request.h (props changed) head/sys/dev/usb/usb_hid.c (props changed) head/sys/dev/usb/usb_hid.h (props changed) head/sys/dev/usb/usb_hub.c (props changed) head/sys/dev/usb/usb_hub.h (props changed) head/sys/dev/usb/usb_if.m (props changed) head/sys/dev/usb/usb_ioctl.h (props changed) head/sys/dev/usb/usb_lookup.c (props changed) head/sys/dev/usb/usb_lookup.h (props changed) head/sys/dev/usb/usb_mbuf.c (props changed) head/sys/dev/usb/usb_mbuf.h (props changed) head/sys/dev/usb/usb_mfunc.h (props changed) head/sys/dev/usb/usb_msctest.c (props changed) head/sys/dev/usb/usb_msctest.h (props changed) head/sys/dev/usb/usb_parse.c (props changed) head/sys/dev/usb/usb_parse.h (props changed) head/sys/dev/usb/usb_pci.h (props changed) head/sys/dev/usb/usb_process.c (props changed) head/sys/dev/usb/usb_process.h (props changed) head/sys/dev/usb/usb_request.c (props changed) head/sys/dev/usb/usb_request.h (props changed) head/sys/dev/usb/usb_revision.h (props changed) head/sys/dev/usb/usb_sw_transfer.c (props changed) head/sys/dev/usb/usb_sw_transfer.h (props changed) head/sys/dev/usb/usb_transfer.c (props changed) head/sys/dev/usb/usb_transfer.h (props changed) head/sys/dev/usb/usb_util.c (props changed) head/sys/dev/usb/usb_util.h (props changed) head/sys/dev/usb/usbdevs (props changed) head/sys/dev/usb/usbhid.h (props changed) head/sys/dev/usb/wlan/if_rum.c (props changed) head/sys/dev/usb/wlan/if_rumfw.h (props changed) head/sys/dev/usb/wlan/if_rumreg.h (props changed) head/sys/dev/usb/wlan/if_rumvar.h (props changed) head/sys/dev/usb/wlan/if_ural.c (props changed) head/sys/dev/usb/wlan/if_uralreg.h (props changed) head/sys/dev/usb/wlan/if_uralvar.h (props changed) head/sys/dev/usb/wlan/if_zyd.c (props changed) head/sys/dev/usb/wlan/if_zydfw.h (props changed) head/sys/dev/usb/wlan/if_zydreg.h (props changed) head/sys/dev/usb/wlan/usb_wlan.h (props changed) head/sys/dev/xen/netfront/ (props changed) head/sys/dev/xen/xenpci/ (props changed) head/sys/legacy/dev/ata/ata-usb.c (props changed) head/sys/legacy/dev/sound/usb/uaudio.c (props changed) head/sys/legacy/dev/sound/usb/uaudio.h (props changed) head/sys/legacy/dev/sound/usb/uaudio_pcm.c (props changed) head/sys/legacy/dev/sound/usb/uaudioreg.h (props changed) head/sys/legacy/dev/usb/ (props changed) head/sys/legacy/dev/usb/ehci_ixp4xx.c (props changed) head/sys/mips/mips/elf64_machdep.c (props changed) head/sys/netinet/ip_fw.h head/sys/netinet/ip_fw2.c head/sys/netinet/ip_fw_pfil.c head/sys/xen/evtchn.h (props changed) head/sys/xen/hypervisor.h (props changed) head/sys/xen/xen_intr.h (props changed) Modified: head/sbin/ipfw/ipfw.8 ============================================================================== --- head/sbin/ipfw/ipfw.8 Wed Apr 1 19:23:46 2009 (r190632) +++ head/sbin/ipfw/ipfw.8 Wed Apr 1 20:23:47 2009 (r190633) @@ -866,6 +866,13 @@ in any subsequent forwarding decisions. Initially this is limited to the values 0 through 15, see .Xr setfib 8 . Processing continues at the next rule. +.It Cm reass +Queue and reassemble ip fragments. +If the packet is not fragmented, counters are updated and processing continues with the next rule. +If the packet is the last logical fragment, the packet is reassembled and, if +.Va net.inet.ip.fw.one_pass +is set to 0, processing continues with the next rule, else packet is allowed to pass and search terminates. +If the packet is a fragment in the middle, it is consumed and processing stops immediately. .El .Ss RULE BODY The body of a rule contains zero or more patterns (such as Modified: head/sbin/ipfw/ipfw2.c ============================================================================== --- head/sbin/ipfw/ipfw2.c Wed Apr 1 19:23:46 2009 (r190632) +++ head/sbin/ipfw/ipfw2.c Wed Apr 1 20:23:47 2009 (r190633) @@ -211,6 +211,7 @@ static struct _s_x rule_actions[] = { { "check-state", TOK_CHECKSTATE }, { "//", TOK_COMMENT }, { "nat", TOK_NAT }, + { "reass", TOK_REASS }, { "setfib", TOK_SETFIB }, { NULL, 0 } /* terminator */ }; @@ -1089,6 +1090,10 @@ show_ipfw(struct ip_fw *rule, int pcwidt case O_SETFIB: PRINT_UINT_ARG("setfib ", cmd->arg1); break; + + case O_REASS: + printf("reass"); + break; default: printf("** unrecognized action %d len %d ", @@ -2781,6 +2786,10 @@ chkarg: ac--; av++; break; } + + case TOK_REASS: + action->opcode = O_REASS; + break; default: errx(EX_DATAERR, "invalid action %s\n", av[-1]); Modified: head/sbin/ipfw/ipfw2.h ============================================================================== --- head/sbin/ipfw/ipfw2.h Wed Apr 1 19:23:46 2009 (r190632) +++ head/sbin/ipfw/ipfw2.h Wed Apr 1 20:23:47 2009 (r190633) @@ -95,6 +95,7 @@ enum tokens { TOK_UNREACH, TOK_CHECKSTATE, TOK_NAT, + TOK_REASS, TOK_ALTQ, TOK_LOG, Modified: head/sbin/ipfw/main.c ============================================================================== --- head/sbin/ipfw/main.c Wed Apr 1 19:23:46 2009 (r190632) +++ head/sbin/ipfw/main.c Wed Apr 1 20:23:47 2009 (r190633) @@ -54,7 +54,7 @@ help(void) "RULE-BODY: check-state [PARAMS] | ACTION [PARAMS] ADDR [OPTION_LIST]\n" "ACTION: check-state | allow | count | deny | unreach{,6} CODE |\n" " skipto N | {divert|tee} PORT | forward ADDR |\n" -" pipe N | queue N | nat N | setfib FIB\n" +" pipe N | queue N | nat N | setfib FIB | reass\n" "PARAMS: [log [logamount LOGLIMIT]] [altq QUEUE_NAME]\n" "ADDR: [ MAC dst src ether_type ] \n" " [ ip from IPADDR [ PORT ] to IPADDR [ PORTLIST ] ]\n" Modified: head/sys/netinet/ip_fw.h ============================================================================== --- head/sys/netinet/ip_fw.h Wed Apr 1 19:23:46 2009 (r190632) +++ head/sys/netinet/ip_fw.h Wed Apr 1 20:23:47 2009 (r190633) @@ -139,7 +139,8 @@ enum ipfw_opcodes { /* arguments (4 byt O_FORWARD_IP, /* fwd sockaddr */ O_FORWARD_MAC, /* fwd mac */ O_NAT, /* nope */ - + O_REASS, /* none */ + /* * More opcodes. */ @@ -574,6 +575,7 @@ enum { IP_FW_NETGRAPH, IP_FW_NGTEE, IP_FW_NAT, + IP_FW_REASS, }; /* flags for divert mtag */ Modified: head/sys/netinet/ip_fw2.c ============================================================================== --- head/sys/netinet/ip_fw2.c Wed Apr 1 19:23:46 2009 (r190632) +++ head/sys/netinet/ip_fw2.c Wed Apr 1 20:23:47 2009 (r190633) @@ -898,6 +898,9 @@ ipfw_log(struct ip_fw *f, u_int hlen, st case O_NAT: action = "Nat"; break; + case O_REASS: + action = "Reass"; + break; default: action = "UNKNOWN"; break; @@ -3375,6 +3378,55 @@ check_body: goto done; } + case O_REASS: { + int ip_off; + + f->pcnt++; + f->bcnt += pktlen; + ip_off = (args->eh != NULL) ? ntohs(ip->ip_off) : ip->ip_off; + if (ip_off & (IP_MF | IP_OFFMASK)) { + /* + * ip_reass() expects len & off in host + * byte order: fix them in case we come + * from layer2. + */ + if (args->eh != NULL) { + ip->ip_len = ntohs(ip->ip_len); + ip->ip_off = ntohs(ip->ip_off); + } + + m = ip_reass(m); + args->m = m; + + /* + * IP header checksum fixup after + * reassembly and leave header + * in network byte order. + */ + if (m != NULL) { + int hlen; + + ip = mtod(m, struct ip *); + hlen = ip->ip_hl << 2; + /* revert len & off for layer2 pkts */ + if (args->eh != NULL) + ip->ip_len = htons(ip->ip_len); + ip->ip_sum = 0; + if (hlen == sizeof(struct ip)) + ip->ip_sum = in_cksum_hdr(ip); + else + ip->ip_sum = in_cksum(m, hlen); + retval = IP_FW_REASS; + args->rule = f; + goto done; + } else { + retval = IP_FW_DENY; + goto done; + } + } + goto next_rule; + } + default: panic("-- unknown opcode %d\n", cmd->opcode); } /* end of switch() on opcodes */ @@ -4024,6 +4076,7 @@ check_ipfw_struct(struct ip_fw *rule, in case O_UNREACH6: #endif case O_SKIPTO: + case O_REASS: check_size: if (cmdlen != F_INSN_SIZE(ipfw_insn)) goto bad_size; Modified: head/sys/netinet/ip_fw_pfil.c ============================================================================== --- head/sys/netinet/ip_fw_pfil.c Wed Apr 1 19:23:46 2009 (r190632) +++ head/sys/netinet/ip_fw_pfil.c Wed Apr 1 20:23:47 2009 (r190633) @@ -200,6 +200,9 @@ again: case IP_FW_NAT: goto again; /* continue with packet */ + case IP_FW_REASS: + goto again; + default: KASSERT(0, ("%s: unknown retval", __func__)); } @@ -329,6 +332,9 @@ again: case IP_FW_NAT: goto again; /* continue with packet */ + case IP_FW_REASS: + goto again; + default: KASSERT(0, ("%s: unknown retval", __func__)); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904012023.n31KNl71041878>