PERFORCE change 40331 for review
Sam Leffler
sam at FreeBSD.org
Thu Oct 23 12:22:36 PDT 2003
http://perforce.freebsd.org/chv.cgi?CH=40331
Change 40331 by sam at sam_ebb on 2003/10/23 12:22:27
integration of tcp hostcache snapshot from andre
Affected files ...
.. //depot/projects/netperf/sys/conf/files#15 edit
.. //depot/projects/netperf/sys/net/if_arcsubr.c#2 edit
.. //depot/projects/netperf/sys/net/if_ef.c#2 edit
.. //depot/projects/netperf/sys/net/if_ethersubr.c#7 edit
.. //depot/projects/netperf/sys/net/if_faith.c#5 edit
.. //depot/projects/netperf/sys/net/if_fddisubr.c#2 edit
.. //depot/projects/netperf/sys/net/if_iso88025subr.c#3 edit
.. //depot/projects/netperf/sys/net/if_loop.c#8 edit
.. //depot/projects/netperf/sys/net/if_ppp.c#3 edit
.. //depot/projects/netperf/sys/net/route.c#17 edit
.. //depot/projects/netperf/sys/net/route.h#7 edit
.. //depot/projects/netperf/sys/net/rtsock.c#6 edit
.. //depot/projects/netperf/sys/netatalk/ddp_output.c#3 edit
.. //depot/projects/netperf/sys/netinet/icmp_var.h#2 edit
.. //depot/projects/netperf/sys/netinet/in_pcb.c#6 edit
.. //depot/projects/netperf/sys/netinet/in_pcb.h#7 edit
.. //depot/projects/netperf/sys/netinet/in_rmx.c#8 edit
.. //depot/projects/netperf/sys/netinet/in_var.h#3 edit
.. //depot/projects/netperf/sys/netinet/ip_divert.c#7 edit
.. //depot/projects/netperf/sys/netinet/ip_fastforward.c#1 add
.. //depot/projects/netperf/sys/netinet/ip_flow.c#5 delete
.. //depot/projects/netperf/sys/netinet/ip_flow.h#4 delete
.. //depot/projects/netperf/sys/netinet/ip_fw.h#2 edit
.. //depot/projects/netperf/sys/netinet/ip_fw2.c#11 edit
.. //depot/projects/netperf/sys/netinet/ip_icmp.c#6 edit
.. //depot/projects/netperf/sys/netinet/ip_input.c#14 edit
.. //depot/projects/netperf/sys/netinet/ip_output.c#10 edit
.. //depot/projects/netperf/sys/netinet/ip_var.h#8 edit
.. //depot/projects/netperf/sys/netinet/raw_ip.c#7 edit
.. //depot/projects/netperf/sys/netinet/tcp.h#2 edit
.. //depot/projects/netperf/sys/netinet/tcp_hostcache.c#1 add
.. //depot/projects/netperf/sys/netinet/tcp_input.c#6 edit
.. //depot/projects/netperf/sys/netinet/tcp_output.c#3 edit
.. //depot/projects/netperf/sys/netinet/tcp_subr.c#5 edit
.. //depot/projects/netperf/sys/netinet/tcp_syncache.c#6 edit
.. //depot/projects/netperf/sys/netinet/tcp_timer.c#2 edit
.. //depot/projects/netperf/sys/netinet/tcp_usrreq.c#3 edit
.. //depot/projects/netperf/sys/netinet/tcp_var.h#2 edit
.. //depot/projects/netperf/sys/netinet/udp_usrreq.c#6 edit
.. //depot/projects/netperf/sys/netinet6/icmp6.c#9 edit
.. //depot/projects/netperf/sys/netinet6/in6_pcb.c#9 edit
.. //depot/projects/netperf/sys/netinet6/in6_rmx.c#9 edit
.. //depot/projects/netperf/sys/netinet6/in6_src.c#8 edit
.. //depot/projects/netperf/sys/netinet6/ip6_forward.c#10 edit
.. //depot/projects/netperf/sys/netinet6/ip6_input.c#12 edit
.. //depot/projects/netperf/sys/netinet6/ip6_output.c#17 edit
.. //depot/projects/netperf/sys/netinet6/raw_ip6.c#4 edit
.. //depot/projects/netperf/sys/netinet6/udp6_output.c#3 edit
.. //depot/projects/netperf/sys/netipx/ipx_input.c#4 edit
.. //depot/projects/netperf/sys/netipx/ipx_outputfl.c#2 edit
.. //depot/projects/netperf/sys/sys/mbuf.h#5 edit
Differences ...
==== //depot/projects/netperf/sys/conf/files#15 (text+ko) ====
@@ -1424,7 +1424,7 @@
netinet/ip_ecn.c optional inet6
netinet/ip_encap.c optional inet
netinet/ip_encap.c optional inet6
-netinet/ip_flow.c optional inet
+netinet/ip_fastforward.c optional inet
netinet/ip_fw2.c optional ipfirewall
netinet/ip_icmp.c optional inet
netinet/ip_input.c optional inet
@@ -1432,6 +1432,7 @@
netinet/ip_output.c optional inet
netinet/raw_ip.c optional inet
netinet/tcp_debug.c optional tcpdebug
+netinet/tcp_hostcache.c optional inet
netinet/tcp_input.c optional inet
netinet/tcp_output.c optional inet
netinet/tcp_subr.c optional inet
==== //depot/projects/netperf/sys/net/if_arcsubr.c#2 (text+ko) ====
@@ -543,14 +543,14 @@
#ifdef INET
case ARCTYPE_IP:
m_adj(m, ARC_HDRNEWLEN);
- if (ipflow_fastforward(m))
+ if (ip_fastforward(m))
return;
isr = NETISR_IP;
break;
case ARCTYPE_IP_OLD:
m_adj(m, ARC_HDRLEN);
- if (ipflow_fastforward(m))
+ if (ip_fastforward(m))
return;
isr = NETISR_IP;
break;
==== //depot/projects/netperf/sys/net/if_ef.c#2 (text+ko) ====
@@ -252,8 +252,8 @@
#endif
#ifdef INET
case ETHERTYPE_IP:
- if (ipflow_fastforward(m))
- return (0);
+ if (ip_fastforward(m))
+ return;
isr = NETISR_IP;
break;
==== //depot/projects/netperf/sys/net/if_ethersubr.c#7 (text+ko) ====
@@ -720,7 +720,7 @@
switch (ether_type) {
#ifdef INET
case ETHERTYPE_IP:
- if (ipflow_fastforward(m))
+ if (ip_fastforward(m))
return;
isr = NETISR_IP;
break;
==== //depot/projects/netperf/sys/net/if_faith.c#5 (text+ko) ====
@@ -271,17 +271,8 @@
struct rt_addrinfo *info;
{
RT_LOCK_ASSERT(rt);
-
- if (rt) {
- rt->rt_rmx.rmx_mtu = rt->rt_ifp->if_mtu; /* for ISO */
- /*
- * For optimal performance, the send and receive buffers
- * should be at least twice the MTU plus a little more for
- * overhead.
- */
- rt->rt_rmx.rmx_recvpipe =
- rt->rt_rmx.rmx_sendpipe = 3 * FAITHMTU;
- }
+ if (rt)
+ rt->rt_rmx.rmx_mtu = rt->rt_ifp->if_mtu;
}
/*
==== //depot/projects/netperf/sys/net/if_fddisubr.c#2 (text+ko) ====
@@ -471,7 +471,7 @@
switch (type) {
#ifdef INET
case ETHERTYPE_IP:
- if (ipflow_fastforward(m))
+ if (ip_fastforward(m))
return;
isr = NETISR_IP;
break;
==== //depot/projects/netperf/sys/net/if_iso88025subr.c#3 (text+ko) ====
@@ -556,7 +556,7 @@
#ifdef INET
case ETHERTYPE_IP:
th->iso88025_shost[0] &= ~(TR_RII);
- if (ipflow_fastforward(m))
+ if (ip_fastforward(m))
return;
isr = NETISR_IP;
break;
==== //depot/projects/netperf/sys/net/if_loop.c#8 (text+ko) ====
@@ -357,17 +357,8 @@
struct rt_addrinfo *info;
{
RT_LOCK_ASSERT(rt);
-
- if (rt) {
- rt->rt_rmx.rmx_mtu = rt->rt_ifp->if_mtu; /* for ISO */
- /*
- * For optimal performance, the send and receive buffers
- * should be at least twice the MTU plus a little more for
- * overhead.
- */
- rt->rt_rmx.rmx_recvpipe =
- rt->rt_rmx.rmx_sendpipe = 3 * LOMTU;
- }
+ if (rt)
+ rt->rt_rmx.rmx_mtu = rt->rt_ifp->if_mtu;
}
/*
==== //depot/projects/netperf/sys/net/if_ppp.c#3 (text+ko) ====
@@ -1538,8 +1538,8 @@
m->m_pkthdr.len -= PPP_HDRLEN;
m->m_data += PPP_HDRLEN;
m->m_len -= PPP_HDRLEN;
- if (ipflow_fastforward(m))
- return;
+ if (ip_fastforward(m))
+ return;
isr = NETISR_IP;
break;
#endif
==== //depot/projects/netperf/sys/net/route.c#17 (text+ko) ====
@@ -139,7 +139,7 @@
*/
newrt = rt = (struct rtentry *)rn;
nflags = rt->rt_flags & ~ignflags;
- if (report && (nflags & (RTF_CLONING | RTF_PRCLONING))) {
+ if (report && (nflags & RTF_CLONING)) {
/*
* We are apparently adding (report = 0 in delete).
* If it requires that it be cloned, do so.
@@ -548,7 +548,7 @@
*/
if (flags & RTF_HOST) {
netmask = 0;
- flags &= ~(RTF_CLONING | RTF_PRCLONING);
+ flags &= ~RTF_CLONING;
}
switch (req) {
case RTM_DELETE:
@@ -570,7 +570,7 @@
* Now search what's left of the subtree for any cloned
* routes which might have been formed from this node.
*/
- if ((rt->rt_flags & (RTF_CLONING | RTF_PRCLONING)) &&
+ if ((rt->rt_flags & RTF_CLONING) &&
rt_mask(rt)) {
rnh->rnh_walktree_from(rnh, dst, rt_mask(rt),
rt_fixdelete, rt);
@@ -617,7 +617,7 @@
ifa = rt->rt_ifa;
/* XXX locking? */
flags = rt->rt_flags &
- ~(RTF_CLONING | RTF_PRCLONING | RTF_STATIC);
+ ~(RTF_CLONING | RTF_STATIC);
flags |= RTF_WASCLONED;
gateway = rt->rt_gateway;
if ((netmask = rt->rt_genmask) == 0)
@@ -678,11 +678,11 @@
/*
* Uh-oh, we already have one of these in the tree.
* We do a special hack: if the route that's already
- * there was generated by the protocol-cloning
- * mechanism, then we just blow it away and retry
- * the insertion of the new one.
+ * there was generated by the cloning mechanism
+ * then we just blow it away and retry the insertion
+ * of the new one.
*/
- rt2 = rtalloc1(dst, 0, RTF_PRCLONING);
+ rt2 = rtalloc1(dst, 0, 0);
if (rt2 && rt2->rt_parent) {
rtrequest(RTM_DELETE,
rt_key(rt2),
@@ -724,7 +724,7 @@
("no route to clone from"));
rt->rt_rmx = (*ret_nrt)->rt_rmx; /* copy metrics */
rt->rt_rmx.rmx_pksent = 0; /* reset packet counter */
- if ((*ret_nrt)->rt_flags & (RTF_CLONING | RTF_PRCLONING)) {
+ if ((*ret_nrt)->rt_flags & RTF_CLONING) {
/*
* NB: We do not bump the refcnt on the parent
* entry under the assumption that it will
@@ -800,7 +800,7 @@
struct rtentry *rt0 = vp;
if (rt->rt_parent == rt0 &&
- !(rt->rt_flags & (RTF_PINNED | RTF_CLONING | RTF_PRCLONING))) {
+ !(rt->rt_flags & (RTF_PINNED | RTF_CLONING))) {
return rtrequest(RTM_DELETE, rt_key(rt),
(struct sockaddr *)0, rt_mask(rt),
rt->rt_flags, (struct rtentry **)0);
@@ -841,7 +841,7 @@
#endif
if (!rt->rt_parent ||
- (rt->rt_flags & (RTF_PINNED | RTF_CLONING | RTF_PRCLONING))) {
+ (rt->rt_flags & (RTF_PINNED | RTF_CLONING))) {
#ifdef DEBUG
if(rtfcdebug) printf("no parent, pinned or cloning\n");
#endif
@@ -992,9 +992,10 @@
* correct choice anyway), and avoid the resulting reference loops
* by disallowing any route to run through itself as a gateway.
* This is obviously mandatory when we get rt->rt_output().
+ * XXX: After removal of PRCLONING this probably not needed anymore.
*/
if (rt->rt_flags & RTF_GATEWAY) {
- rt->rt_gwroute = rtalloc1(gate, 1, RTF_PRCLONING);
+ rt->rt_gwroute = rtalloc1(gate, 1, 0);
if (rt->rt_gwroute == rt) {
RTFREE_LOCKED(rt->rt_gwroute);
rt->rt_gwroute = 0;
==== //depot/projects/netperf/sys/net/route.h#7 (text+ko) ====
@@ -58,6 +58,12 @@
* These numbers are used by reliable protocols for determining
* retransmission behavior and are included in the routing structure.
*/
+struct rt_metrics_lite {
+ u_long rmx_mtu; /* MTU for this path */
+ u_long rmx_expire; /* lifetime for route, e.g. redirect */
+ u_long rmx_pksent; /* packets sent using this route */
+};
+
struct rt_metrics {
u_long rmx_locks; /* Kernel must leave these values alone */
u_long rmx_mtu; /* MTU for this path */
@@ -104,10 +110,10 @@
long rt_refcnt; /* # held references */
u_long rt_flags; /* up/down?, host/net */
struct ifnet *rt_ifp; /* the answer: interface to use */
- struct ifaddr *rt_ifa; /* the answer: interface to use */
+ struct ifaddr *rt_ifa; /* the answer: interface address to use */
struct sockaddr *rt_genmask; /* for generation of cloned routes */
caddr_t rt_llinfo; /* pointer to link level info cache */
- struct rt_metrics rt_rmx; /* metrics used by rx'ing protocols */
+ struct rt_metrics_lite rt_rmx; /* metrics used by rx'ing protocols */
struct rtentry *rt_gwroute; /* implied entry for gatewayed routes */
int (*rt_output)(struct ifnet *, struct mbuf *, struct sockaddr *,
struct rtentry *);
@@ -151,7 +157,7 @@
#define RTF_PROTO2 0x4000 /* protocol specific routing flag */
#define RTF_PROTO1 0x8000 /* protocol specific routing flag */
-#define RTF_PRCLONING 0x10000 /* protocol requires cloning */
+/* 0x10000 unused */
#define RTF_WASCLONED 0x20000 /* route generated through cloning */
#define RTF_PROTO3 0x40000 /* protocol specific routing flag */
/* 0x80000 unused */
==== //depot/projects/netperf/sys/net/rtsock.c#6 (text+ko) ====
@@ -86,7 +86,8 @@
static int sysctl_dumpentry(struct radix_node *rn, void *vw);
static int sysctl_iflist(int af, struct walkarg *w);
static int route_output(struct mbuf *, struct socket *);
-static void rt_setmetrics(u_long, struct rt_metrics *, struct rt_metrics *);
+static void rt_setmetrics(u_long, struct rt_metrics *, struct rt_metrics_lite *);
+static void rt_getmetrics(struct rt_metrics_lite *, struct rt_metrics *);
static void rt_dispatch(struct mbuf *, struct sockaddr *);
/*
@@ -354,9 +355,6 @@
RT_LOCK(saved_nrt);
rt_setmetrics(rtm->rtm_inits,
&rtm->rtm_rmx, &saved_nrt->rt_rmx);
- saved_nrt->rt_rmx.rmx_locks &= ~(rtm->rtm_inits);
- saved_nrt->rt_rmx.rmx_locks |=
- (rtm->rtm_inits & rtm->rtm_rmx.rmx_locks);
saved_nrt->rt_refcnt--;
saved_nrt->rt_genmask = info.rti_info[RTAX_GENMASK];
RT_UNLOCK(saved_nrt);
@@ -427,7 +425,7 @@
(void)rt_msg2(rtm->rtm_type, &info, (caddr_t)rtm,
(struct walkarg *)0);
rtm->rtm_flags = rt->rt_flags;
- rtm->rtm_rmx = rt->rt_rmx;
+ rt_getmetrics(&rt->rt_rmx, &rtm->rtm_rmx);
rtm->rtm_addrs = info.rti_addrs;
break;
@@ -477,9 +475,7 @@
rt->rt_genmask = info.rti_info[RTAX_GENMASK];
/* FALLTHROUGH */
case RTM_LOCK:
- rt->rt_rmx.rmx_locks &= ~(rtm->rtm_inits);
- rt->rt_rmx.rmx_locks |=
- (rtm->rtm_inits & rtm->rtm_rmx.rmx_locks);
+ /* We don't support locks anymore */
break;
}
RT_UNLOCK(rt);
@@ -541,20 +537,28 @@
}
static void
-rt_setmetrics(u_long which, struct rt_metrics *in, struct rt_metrics *out)
+rt_setmetrics(u_long which, struct rt_metrics *in, struct rt_metrics_lite *out)
{
#define metric(f, e) if (which & (f)) out->e = in->e;
- metric(RTV_RPIPE, rmx_recvpipe);
- metric(RTV_SPIPE, rmx_sendpipe);
- metric(RTV_SSTHRESH, rmx_ssthresh);
- metric(RTV_RTT, rmx_rtt);
- metric(RTV_RTTVAR, rmx_rttvar);
- metric(RTV_HOPCOUNT, rmx_hopcount);
+ /*
+ * Only these are stored in the routing entry since introduction
+ * of tcp hostcache. The rest is ignored.
+ */
metric(RTV_MTU, rmx_mtu);
metric(RTV_EXPIRE, rmx_expire);
#undef metric
}
+static void
+rt_getmetrics(struct rt_metrics_lite *in, struct rt_metrics *out)
+{
+#define metric(e) out->e = in->e;
+ bzero(out, sizeof(*out));
+ metric(rmx_mtu);
+ metric(rmx_expire);
+#undef metric
+}
+
#define ROUNDUP(a) \
((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))
@@ -944,8 +948,8 @@
struct rt_msghdr *rtm = (struct rt_msghdr *)w->w_tmem;
rtm->rtm_flags = rt->rt_flags;
- rtm->rtm_use = rt->rt_use;
- rtm->rtm_rmx = rt->rt_rmx;
+ rtm->rtm_use = rt->rt_rmx.rmx_pksent;
+ rt_getmetrics(&rt->rt_rmx, &rtm->rtm_rmx);
rtm->rtm_index = rt->rt_ifp->if_index;
rtm->rtm_errno = rtm->rtm_pid = rtm->rtm_seq = 0;
rtm->rtm_addrs = info.rti_addrs;
==== //depot/projects/netperf/sys/netatalk/ddp_output.c#3 (text+ko) ====
@@ -217,7 +217,7 @@
elh->el_type = ELAP_DDPEXTEND;
elh->el_dnode = gate.sat_addr.s_node;
}
- ro->ro_rt->rt_use++;
+ ro->ro_rt->rt_rmx.rmx_pksent++;
#ifdef NETATALK_DEBUG
printf ("ddp_route: from %d.%d to %d.%d, via %d.%d (%s%d)\n",
==== //depot/projects/netperf/sys/netinet/icmp_var.h#2 (text+ko) ====
@@ -81,11 +81,12 @@
extern int badport_bandlim(int);
#define BANDLIM_UNLIMITED -1
#define BANDLIM_ICMP_UNREACH 0
-#define BANDLIM_ICMP_ECHO 1
-#define BANDLIM_ICMP_TSTAMP 2
-#define BANDLIM_RST_CLOSEDPORT 3 /* No connection, and no listeners */
-#define BANDLIM_RST_OPENPORT 4 /* No connection, listener */
-#define BANDLIM_MAX 4
+#define BANDLIM_ICMP_UNREACH_HOST 1
+#define BANDLIM_ICMP_ECHO 2
+#define BANDLIM_ICMP_TSTAMP 3
+#define BANDLIM_RST_CLOSEDPORT 4 /* No connection, and no listeners */
+#define BANDLIM_RST_OPENPORT 5 /* No connection, listener */
+#define BANDLIM_MAX 5
#endif
#endif
==== //depot/projects/netperf/sys/netinet/in_pcb.c#6 (text+ko) ====
@@ -536,7 +536,6 @@
if (error)
return (error);
}
-
if (!TAILQ_EMPTY(&in_ifaddrhead)) {
/*
* If the destination address is INADDR_ANY,
@@ -554,7 +553,8 @@
&in_ifaddrhead)->ia_broadaddr)->sin_addr;
}
if (laddr.s_addr == INADDR_ANY) {
- register struct route *ro;
+ struct route *ro;
+ struct route sro;
ia = (struct in_ifaddr *)0;
/*
@@ -563,19 +563,10 @@
* Note that we should check the address family of the cached
* destination, in case of sharing the cache with IPv6.
*/
- ro = &inp->inp_route;
- if (ro->ro_rt &&
- (ro->ro_dst.sa_family != AF_INET ||
- satosin(&ro->ro_dst)->sin_addr.s_addr != faddr.s_addr ||
- inp->inp_socket->so_options & SO_DONTROUTE)) {
- RTFREE(ro->ro_rt);
- ro->ro_rt = (struct rtentry *)0;
- }
- if ((inp->inp_socket->so_options & SO_DONTROUTE) == 0 && /*XXX*/
- (ro->ro_rt == (struct rtentry *)0 ||
- ro->ro_rt->rt_ifp == (struct ifnet *)0)) {
- /* No route yet, so try to acquire one */
- bzero(&ro->ro_dst, sizeof(struct sockaddr_in));
+ ro = &sro;
+ bzero(ro, sizeof(*ro));
+ if ((inp->inp_socket->so_options & SO_DONTROUTE) == 0) {
+ /* Find out route to destination */
ro->ro_dst.sa_family = AF_INET;
ro->ro_dst.sa_len = sizeof(struct sockaddr_in);
((struct sockaddr_in *)&ro->ro_dst)->sin_addr = faddr;
@@ -589,6 +580,8 @@
*/
if (ro->ro_rt && !(ro->ro_rt->rt_ifp->if_flags & IFF_LOOPBACK))
ia = ifatoia(ro->ro_rt->rt_ifa);
+ if (ro->ro_rt)
+ RTFREE(ro->ro_rt);
if (ia == 0) {
bzero(&sa, sizeof(sa));
sa.sin_addr = faddr;
@@ -675,8 +668,6 @@
}
if (inp->inp_options)
(void)m_free(inp->inp_options);
- if (inp->inp_route.ro_rt)
- RTFREE(inp->inp_route.ro_rt);
ip_freemoptions(inp->inp_moptions);
inp->inp_vflag = 0;
INP_LOCK_DESTROY(inp);
@@ -850,60 +841,6 @@
}
/*
- * Check for alternatives when higher level complains
- * about service problems. For now, invalidate cached
- * routing information. If the route was created dynamically
- * (by a redirect), time to try a default gateway again.
- */
-void
-in_losing(inp)
- struct inpcb *inp;
-{
- register struct rtentry *rt;
- struct rt_addrinfo info;
-
- if ((rt = inp->inp_route.ro_rt)) {
- RT_LOCK(rt);
- inp->inp_route.ro_rt = NULL;
- bzero((caddr_t)&info, sizeof(info));
- info.rti_flags = rt->rt_flags;
- info.rti_info[RTAX_DST] = rt_key(rt);
- info.rti_info[RTAX_GATEWAY] = rt->rt_gateway;
- info.rti_info[RTAX_NETMASK] = rt_mask(rt);
- rt_missmsg(RTM_LOSING, &info, rt->rt_flags, 0);
- if (rt->rt_flags & RTF_DYNAMIC) {
- RT_UNLOCK(rt); /* XXX refcnt? */
- (void) rtrequest1(RTM_DELETE, &info, NULL);
- } else
- rtfree(rt);
- /*
- * A new route can be allocated
- * the next time output is attempted.
- */
- }
-}
-
-/*
- * After a routing change, flush old routing
- * and allocate a (hopefully) better one.
- */
-struct inpcb *
-in_rtchange(inp, errno)
- register struct inpcb *inp;
- int errno;
-{
- if (inp->inp_route.ro_rt) {
- RTFREE(inp->inp_route.ro_rt);
- inp->inp_route.ro_rt = 0;
- /*
- * A new route can be allocated the next time
- * output is attempted.
- */
- }
- return inp;
-}
-
-/*
* Lookup a PCB based on the local address and port.
*/
struct inpcb *
==== //depot/projects/netperf/sys/netinet/in_pcb.h#7 (text+ko) ====
@@ -94,31 +94,22 @@
/*
* XXX
- * At some point struct route should possibly change to:
- * struct rtentry *rt
- * struct in_endpoints *ie;
+ * the defines for inc_* are hacks and should be changed to direct references
*/
struct in_conninfo {
u_int8_t inc_flags;
u_int8_t inc_len;
u_int16_t inc_pad; /* XXX alignment for in_endpoints */
- /* protocol dependent part; cached route */
+ /* protocol dependent part */
struct in_endpoints inc_ie;
- union {
- /* placeholder for routing entry */
- struct route inc4_route;
- struct route_in6 inc6_route;
- } inc_dependroute;
};
#define inc_isipv6 inc_flags /* temp compatability */
#define inc_fport inc_ie.ie_fport
#define inc_lport inc_ie.ie_lport
#define inc_faddr inc_ie.ie_faddr
#define inc_laddr inc_ie.ie_laddr
-#define inc_route inc_dependroute.inc4_route
#define inc6_faddr inc_ie.ie6_faddr
#define inc6_laddr inc_ie.ie6_laddr
-#define inc6_route inc_dependroute.inc6_route
struct icmp6_filter;
@@ -156,7 +147,6 @@
#define inp_lport inp_inc.inc_lport
#define inp_faddr inp_inc.inc_faddr
#define inp_laddr inp_inc.inc_laddr
-#define inp_route inp_inc.inc_route
#define inp_ip_tos inp_depend4.inp4_ip_tos
#define inp_options inp_depend4.inp4_options
#define inp_moptions inp_depend4.inp4_moptions
@@ -182,7 +172,6 @@
#define in6p_faddr inp_inc.inc6_faddr
#define in6p_laddr inp_inc.inc6_laddr
-#define in6p_route inp_inc.inc6_route
#define in6p_ip6_hlim inp_depend6.inp6_hlim
#define in6p_hops inp_depend6.inp6_hops /* default hop limit */
#define in6p_ip6_nxt inp_ip_p
@@ -327,9 +316,6 @@
extern int ipport_hilastauto;
void in_pcbpurgeif0(struct inpcbinfo *, struct ifnet *);
-void in_losing(struct inpcb *);
-struct inpcb *
- in_rtchange(struct inpcb *, int);
int in_pcballoc(struct socket *, struct inpcbinfo *, struct thread *);
int in_pcbbind(struct inpcb *, struct sockaddr *, struct thread *);
int in_pcbbind_setup(struct inpcb *, struct sockaddr *, in_addr_t *,
==== //depot/projects/netperf/sys/netinet/in_rmx.c#8 (text+ko) ====
@@ -73,15 +73,6 @@
struct radix_node *ret;
/*
- * For IP, all unicast non-host routes are automatically cloning.
- */
- if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr)))
- rt->rt_flags |= RTF_MULTICAST;
-
- if (!(rt->rt_flags & (RTF_HOST | RTF_CLONING | RTF_MULTICAST)))
- rt->rt_flags |= RTF_PRCLONING;
-
- /*
* A little bit of help for both IP output and input:
* For host routes, we make sure that RTF_BROADCAST
* is set for anything that looks like a broadcast address.
@@ -94,8 +85,7 @@
*
* We also mark routes to multicast addresses as such, because
* it's easy to do and might be useful (but this is much more
- * dubious since it's so easy to inspect the address). (This
- * is done above.)
+ * dubious since it's so easy to inspect the address).
*/
if (rt->rt_flags & RTF_HOST) {
if (in_broadcast(sin->sin_addr, rt->rt_ifp)) {
@@ -105,9 +95,10 @@
rt->rt_flags |= RTF_LOCAL;
}
}
+ if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr)))
+ rt->rt_flags |= RTF_MULTICAST;
- if (!rt->rt_rmx.rmx_mtu && !(rt->rt_rmx.rmx_locks & RTV_MTU) &&
- rt->rt_ifp)
+ if (!rt->rt_rmx.rmx_mtu && rt->rt_ifp)
rt->rt_rmx.rmx_mtu = rt->rt_ifp->if_mtu;
ret = rn_addroute(v_arg, n_arg, head, treenodes);
@@ -118,8 +109,7 @@
* Find out if it is because of an
* ARP entry and delete it if so.
*/
- rt2 = rtalloc1((struct sockaddr *)sin, 0,
- RTF_CLONING | RTF_PRCLONING);
+ rt2 = rtalloc1((struct sockaddr *)sin, 0, RTF_CLONING);
if (rt2) {
if (rt2->rt_flags & RTF_LLINFO &&
rt2->rt_flags & RTF_HOST &&
@@ -138,14 +128,6 @@
RTFREE_LOCKED(rt2);
}
}
-
- /*
- * If the new route created successfully, and we are forwarding,
- * flush any cached routes to avoid using a stale value.
- */
- if (ret != NULL && ipforwarding)
- ip_forward_cacheinval();
-
return ret;
}
@@ -398,7 +380,7 @@
* so that behavior is not needed there.
*/
RT_LOCK(rt);
- rt->rt_flags &= ~(RTF_CLONING | RTF_PRCLONING);
+ rt->rt_flags &= ~RTF_CLONING;
RT_UNLOCK(rt);
err = rtrequest(RTM_DELETE, (struct sockaddr *)rt_key(rt),
rt->rt_gateway, rt_mask(rt), rt->rt_flags, 0);
==== //depot/projects/netperf/sys/netinet/in_var.h#3 (text+ko) ====
@@ -230,9 +230,7 @@
void ip_input(struct mbuf *);
int in_ifadown(struct ifaddr *ifa, int);
void in_ifscrub(struct ifnet *, struct in_ifaddr *);
-int ipflow_fastforward(struct mbuf *);
-void ipflow_create(const struct route *, struct mbuf *);
-void ipflow_slowtimo(void);
+int ip_fastforward(struct mbuf *);
#endif /* _KERNEL */
==== //depot/projects/netperf/sys/netinet/ip_divert.c#7 (text+ko) ====
@@ -333,7 +333,7 @@
/* Send packet to output processing */
ipstat.ips_rawout++; /* XXX */
error = ip_output((struct mbuf *)&divert_tag,
- inp->inp_options, &inp->inp_route,
+ inp->inp_options, NULL,
(so->so_options & SO_DONTROUTE) |
IP_ALLOWBROADCAST | IP_RAWOUTPUT,
inp->inp_moptions, NULL);
==== //depot/projects/netperf/sys/netinet/ip_fw.h#2 (text+ko) ====
@@ -28,6 +28,7 @@
#ifndef _IPFW2_H
#define _IPFW2_H
#define IPFW2 1
+
/*
* The kernel representation of ipfw rules is made of a list of
* 'instructions' (for all practical purposes equivalent to BPF
==== //depot/projects/netperf/sys/netinet/ip_fw2.c#11 (text+ko) ====
@@ -461,13 +461,16 @@
dst->sin_len = sizeof(*dst);
dst->sin_addr = src;
- rtalloc_ign(&ro, RTF_CLONING|RTF_PRCLONING);
+ rtalloc_ign(&ro, RTF_CLONING);
}
- if ((ro.ro_rt == NULL) || (ifp == NULL) ||
- (ro.ro_rt->rt_ifp->if_index != ifp->if_index))
+ if (ro.ro_rt == NULL)
+ return 0;
+ if ((ifp == NULL) || (ro.ro_rt->rt_ifp->if_index != ifp->if_index)) {
+ RTFREE(ro.ro_rt);
return 0;
-
+ }
+ RTFREE(ro.ro_rt);
return 1;
}
@@ -1159,7 +1162,6 @@
struct mbuf *m;
struct ip *ip;
struct tcphdr *tcp;
- struct route sro; /* fake route */
MGETHDR(m, M_DONTWAIT, MT_HEADER);
if (m == 0)
@@ -1225,12 +1227,8 @@
*/
ip->ip_ttl = ip_defttl;
ip->ip_len = m->m_pkthdr.len;
- bzero (&sro, sizeof (sro));
- ip_rtaddr(ip->ip_dst, &sro);
m->m_flags |= M_SKIP_FIREWALL;
- ip_output(m, NULL, &sro, 0, NULL, NULL);
- if (sro.ro_rt)
- RTFREE(sro.ro_rt);
+ ip_output(m, NULL, NULL, 0, NULL, NULL);
}
/*
==== //depot/projects/netperf/sys/netinet/ip_icmp.c#6 (text+ko) ====
@@ -52,11 +52,15 @@
#include <net/route.h>
#include <netinet/in.h>
+#include <netinet/in_pcb.h>
#include <netinet/in_systm.h>
#include <netinet/in_var.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <netinet/ip_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcp_var.h>
+#include <netinet/tcpip.h>
#include <netinet/icmp_var.h>
#ifdef IPSEC
@@ -120,7 +124,7 @@
#endif
static void icmp_reflect(struct mbuf *);
-static void icmp_send(struct mbuf *, struct mbuf *, struct route *);
+static void icmp_send(struct mbuf *, struct mbuf *);
static int ip_next_mtu(int, int);
extern struct protosw inetsw[];
@@ -165,6 +169,18 @@
if (n->m_flags & (M_BCAST|M_MCAST))
goto freeit;
/*
+ * Limit sending of ICMP host unreachable messages.
+ * If we are acting as a router and someone is doing a sweep
+ * scan (eg. nmap and/or numerous windows worms) for destinations
+ * we are the gateway for but are not reachable (ie. a /24 on a
+ * interface and only a couple of hosts on the ethernet) we would
+ * generate a storm of ICMP host unreachable messages.
+ */
+ if (type == ICMP_UNREACH && code == ICMP_UNREACH_HOST) {
+ if (badport_bandlim(BANDLIM_ICMP_UNREACH_HOST) < 0)
+ goto freeit;
+ }
+ /*
* First, formulate icmp message
*/
m = m_gethdr(M_DONTWAIT, MT_HEADER);
@@ -233,27 +249,34 @@
m_freem(n);
}
-static struct sockaddr_in icmpsrc = { sizeof (struct sockaddr_in), AF_INET };
-static struct sockaddr_in icmpdst = { sizeof (struct sockaddr_in), AF_INET };
-static struct sockaddr_in icmpgw = { sizeof (struct sockaddr_in), AF_INET };
-
/*
* Process a received ICMP message.
*/
void
icmp_input(m, off)
- register struct mbuf *m;
+ struct mbuf *m;
int off;
{
int hlen = off;
- register struct icmp *icp;
- register struct ip *ip = mtod(m, struct ip *);
+ struct icmp *icp;
+ struct in_ifaddr *ia;
+ struct ip *ip = mtod(m, struct ip *);
int icmplen = ip->ip_len;
- register int i;
- struct in_ifaddr *ia;
+ int i, code;
void (*ctlfunc)(int, struct sockaddr *, void *);
- int code;
+ struct sockaddr_in icmpsrc, icmpdst, icmpgw;
+ /* Initialize */
+ bzero(&icmpsrc, sizeof(icmpsrc));
+ icmpsrc.sin_len = sizeof(struct sockaddr_in);
+ icmpsrc.sin_family = AF_INET;
+ bzero(&icmpdst, sizeof(icmpdst));
+ icmpdst.sin_len = sizeof(struct sockaddr_in);
+ icmpdst.sin_family = AF_INET;
+ bzero(&icmpgw, sizeof(icmpgw));
+ icmpgw.sin_len = sizeof(struct sockaddr_in);
+ icmpgw.sin_family = AF_INET;
+
/*
* Locate icmp structure in mbuf, and check
* that not corrupted and of at least minimum length.
@@ -387,7 +410,7 @@
printf("deliver to protocol %d\n", icp->icmp_ip.ip_p);
#endif
icmpsrc.sin_addr = icp->icmp_ip.ip_dst;
-#if 1
+
/*
* MTU discovery:
* If we got a needfrag and there is a host route to the
@@ -397,40 +420,38 @@
* notice that the MTU has changed and adapt accordingly.
* If no new MTU was suggested, then we guess a new one
* less than the current value. If the new MTU is
- * unreasonably small (arbitrarily set at 296), then
- * we reset the MTU to the interface value and enable the
- * lock bit, indicating that we are no longer doing MTU
- * discovery.
+ * unreasonably small (defined by sysctl tcp_minmss), then
+ * we don't update the MTU value.
+ *
+ * XXX: All this should be done in tcp_mtudisc() because
+ * the way we do it now, everyone can send us bogus ICMP
+ * MSGSIZE packets for any destination. By doing this far
+ * higher in the chain we have a matching tcp connection.
+ * Thus spoofing is much harder. However there is no easy
+ * non-hackish way to pass the new MTU up to tcp_mtudisc().
+ * Also see next XXX regarding IPv4 AH TCP.
*/
if (code == PRC_MSGSIZE) {
- struct rtentry *rt;
int mtu;
+ struct in_conninfo inc;
+
+ bzero(&inc, sizeof(inc));
+ inc.inc_flags = 0; /* IPv4 */
+ inc.inc_faddr = icmpsrc.sin_addr;
+
+ mtu = ntohs(icp->icmp_nextmtu);
+ if (!mtu)
+ mtu = ip_next_mtu(mtu, 1);
- rt = rtalloc1((struct sockaddr *)&icmpsrc, 0,
- RTF_CLONING | RTF_PRCLONING);
- if (rt && (rt->rt_flags & RTF_HOST)
- && !(rt->rt_rmx.rmx_locks & RTV_MTU)) {
- mtu = ntohs(icp->icmp_nextmtu);
- if (!mtu)
- mtu = ip_next_mtu(rt->rt_rmx.rmx_mtu,
- 1);
+ if (mtu >= max(296, (tcp_minmss + sizeof(struct tcpiphdr))))
+ tcp_hc_updatemtu(&inc, mtu);
+
#ifdef DEBUG_MTUDISC
- printf("MTU for %s reduced to %d\n",
- inet_ntoa(icmpsrc.sin_addr), mtu);
+ printf("MTU for %s reduced to %d\n",
+ inet_ntoa(icmpsrc.sin_addr), mtu);
#endif
- if (mtu < 296) {
- /* rt->rt_rmx.rmx_mtu =
- rt->rt_ifp->if_mtu; */
- rt->rt_rmx.rmx_locks |= RTV_MTU;
- } else if (rt->rt_rmx.rmx_mtu > mtu) {
- rt->rt_rmx.rmx_mtu = mtu;
- }
- }
- if (rt)
- rtfree(rt);
}
-#endif
/*
* XXX if the packet contains [IPv4 AH TCP], we can't make a
* notification to TCP layer.
@@ -607,7 +628,6 @@
struct in_addr t;
struct mbuf *opts = 0;
int optlen = (ip->ip_hl << 2) - sizeof(struct ip);
- struct route *ro = NULL, rt;
if (!in_canforward(ip->ip_src) &&
((ntohl(ip->ip_src.s_addr) & IN_CLASSA_NET) !=
@@ -618,8 +638,6 @@
}
t = ip->ip_dst;
ip->ip_dst = ip->ip_src;
- ro = &rt;
- bzero(ro, sizeof(*ro));
/*
* If the incoming packet was addressed directly to us,
* use dst as the src for the reply. Otherwise (broadcast
@@ -640,7 +658,7 @@
goto match;
}
}
- ia = ip_rtaddr(ip->ip_dst, ro);
+ ia = ip_rtaddr(ip->ip_dst);
/* We need a route to do anything useful. */
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the p4-projects
mailing list