svn commit: r225151 - user/hrs/ipv6/sys/netinet6

Hiroki Sato hrs at FreeBSD.org
Wed Aug 24 19:27:50 UTC 2011 

Author: hrs
Date: Wed Aug 24 19:27:49 2011
New Revision: 225151
URL: http://svn.freebsd.org/changeset/base/225151

Log:
  Add ip6.rfc6204w3 to support accepting the default router lists from RAs even
  when ip6.forwarding=1.
  
  Obtained from:	m0n0wall r475

Modified:
  user/hrs/ipv6/sys/netinet6/in6.h
  user/hrs/ipv6/sys/netinet6/in6_proto.c
  user/hrs/ipv6/sys/netinet6/ip6_var.h
  user/hrs/ipv6/sys/netinet6/nd6_rtr.c

Modified: user/hrs/ipv6/sys/netinet6/in6.h
==============================================================================
--- user/hrs/ipv6/sys/netinet6/in6.h	Wed Aug 24 19:01:37 2011	(r225150)
+++ user/hrs/ipv6/sys/netinet6/in6.h	Wed Aug 24 19:27:49 2011	(r225151)
@@ -614,7 +614,9 @@ struct ip6_mtuinfo {
 #define	IPV6CTL_NO_RADR		48	/* No defroute from RA */
 #define	IPV6CTL_NORBIT_RAIF	49	/* Disable R-bit in NA on RA
 					 * receiving IF. */
-#define	IPV6CTL_MAXID		50
+#define	IPV6CTL_RFC6204W3	50	/* Accept defroute even when forwarding
+					   enabled */
+#define	IPV6CTL_MAXID		51
 #endif /* __BSD_VISIBLE */
 
 /*

Modified: user/hrs/ipv6/sys/netinet6/in6_proto.c
==============================================================================
--- user/hrs/ipv6/sys/netinet6/in6_proto.c	Wed Aug 24 19:01:37 2011	(r225150)
+++ user/hrs/ipv6/sys/netinet6/in6_proto.c	Wed Aug 24 19:27:49 2011	(r225151)
@@ -399,6 +399,7 @@ VNET_DEFINE(int, ip6_defmcasthlim) = IPV
 VNET_DEFINE(int, ip6_accept_rtadv) = 0;
 VNET_DEFINE(int, ip6_no_radr) = 0;
 VNET_DEFINE(int, ip6_norbit_raif) = 0;
+VNET_DEFINE(int, ip6_rfc6204w3) = 0;
 VNET_DEFINE(int, ip6_maxfragpackets);	/* initialized in frag6.c:frag6_init() */
 VNET_DEFINE(int, ip6_maxfrags);		/* initialized in frag6.c:frag6_init() */
 VNET_DEFINE(int, ip6_log_interval) = 5;
@@ -536,6 +537,10 @@ SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_
 	&VNET_NAME(ip6_norbit_raif), 0,
 	"Always set 0 to R flag in ICMPv6 NA messages when accepting RA"
 	" on the interface.");
+SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_RFC6204W3, rfc6204w3,
+	CTLFLAG_RW, &VNET_NAME(ip6_rfc6204w3), 0,
+	"Accept the default router list from ICMPv6 RA messages even "
+	"when packet forwarding enabled.");
 SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
 	&VNET_NAME(ip6_keepfaith), 0, "");
 SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL, log_interval,

Modified: user/hrs/ipv6/sys/netinet6/ip6_var.h
==============================================================================
--- user/hrs/ipv6/sys/netinet6/ip6_var.h	Wed Aug 24 19:01:37 2011	(r225150)
+++ user/hrs/ipv6/sys/netinet6/ip6_var.h	Wed Aug 24 19:27:49 2011	(r225151)
@@ -319,6 +319,8 @@ VNET_DECLARE(int, ip6_accept_rtadv);	/* 
 VNET_DECLARE(int, ip6_no_radr);		/* No defroute from RA */
 VNET_DECLARE(int, ip6_norbit_raif);	/* Disable R-bit in NA on RA
 					 * receiving IF. */
+VNET_DECLARE(int, ip6_rfc6204w3);	/* Accept defroute from RA even when
+					   forwarding enabled */
 VNET_DECLARE(int, ip6_keepfaith);	/* Firewall Aided Internet Translator */
 VNET_DECLARE(int, ip6_log_interval);
 VNET_DECLARE(time_t, ip6_log_time);
@@ -332,6 +334,7 @@ VNET_DECLARE(int, ip6_dad_count);	/* Dup
 #define	V_ip6_accept_rtadv		VNET(ip6_accept_rtadv)
 #define	V_ip6_no_radr			VNET(ip6_no_radr)
 #define	V_ip6_norbit_raif		VNET(ip6_norbit_raif)
+#define	V_ip6_rfc6204w3			VNET(ip6_rfc6204w3)
 #define	V_ip6_keepfaith			VNET(ip6_keepfaith)
 #define	V_ip6_log_interval		VNET(ip6_log_interval)
 #define	V_ip6_log_time			VNET(ip6_log_time)

Modified: user/hrs/ipv6/sys/netinet6/nd6_rtr.c
==============================================================================
--- user/hrs/ipv6/sys/netinet6/nd6_rtr.c	Wed Aug 24 19:01:37 2011	(r225150)
+++ user/hrs/ipv6/sys/netinet6/nd6_rtr.c	Wed Aug 24 19:27:49 2011	(r225151)
@@ -269,11 +269,13 @@ nd6_ra_input(struct mbuf *m, int off, in
 	dr0.rtaddr = saddr6;
 	dr0.flags  = nd_ra->nd_ra_flags_reserved;
 	/*
-	 * Effectively-disable the route in the RA packet
-	 * when ND6_IFF_NO_RADR on the receiving interface or
-	 * ip6.forwarding=1.
+	 * Effectively-disable routes from RA messages when
+	 * ND6_IFF_NO_RADR enabled on the receiving interface or
+	 * (ip6.forwarding == 1 && ip6.rfc6204w3 != 1).
 	 */
-	if (ndi->flags & ND6_IFF_NO_RADR || V_ip6_forwarding)
+	if (ndi->flags & ND6_IFF_NO_RADR)
+		dr0.rtlifetime = 0;
+	else if (V_ip6_forwarding && !V_ip6_rfc6204w3)
 		dr0.rtlifetime = 0;
 	else
 		dr0.rtlifetime = ntohs(nd_ra->nd_ra_router_lifetime);

More information about the svn-src-user mailing list