1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Copyright (c) 1980, 1986, 1993
|
|
|
|
* The Regents of the University of California. All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
|
|
* must display the following acknowledgement:
|
|
|
|
* This product includes software developed by the University of
|
|
|
|
* California, Berkeley and its contributors.
|
|
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
|
|
|
* @(#)if.c 8.3 (Berkeley) 1/4/94
|
1999-08-28 01:08:13 +00:00
|
|
|
* $FreeBSD$
|
1994-05-24 10:09:53 +00:00
|
|
|
*/
|
|
|
|
|
1997-12-16 17:40:42 +00:00
|
|
|
#include "opt_compat.h"
|
1999-12-07 17:39:16 +00:00
|
|
|
#include "opt_inet6.h"
|
1999-12-30 18:29:55 +00:00
|
|
|
#include "opt_inet.h"
|
1997-12-16 17:40:42 +00:00
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <sys/param.h>
|
1997-09-02 01:19:47 +00:00
|
|
|
#include <sys/malloc.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <sys/mbuf.h>
|
|
|
|
#include <sys/systm.h>
|
|
|
|
#include <sys/proc.h>
|
|
|
|
#include <sys/socket.h>
|
|
|
|
#include <sys/socketvar.h>
|
|
|
|
#include <sys/protosw.h>
|
|
|
|
#include <sys/kernel.h>
|
1997-03-24 11:33:46 +00:00
|
|
|
#include <sys/sockio.h>
|
1995-09-22 17:57:48 +00:00
|
|
|
#include <sys/syslog.h>
|
1995-12-20 21:53:53 +00:00
|
|
|
#include <sys/sysctl.h>
|
2001-02-21 06:39:57 +00:00
|
|
|
#include <sys/jail.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
#include <net/if.h>
|
2000-06-16 20:14:43 +00:00
|
|
|
#include <net/if_arp.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <net/if_dl.h>
|
2000-08-15 00:48:38 +00:00
|
|
|
#include <net/if_types.h>
|
1994-10-08 01:40:23 +00:00
|
|
|
#include <net/radix.h>
|
1999-12-17 06:46:07 +00:00
|
|
|
#include <net/route.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1999-12-30 18:29:55 +00:00
|
|
|
#if defined(INET) || defined(INET6)
|
1999-11-22 02:45:11 +00:00
|
|
|
/*XXX*/
|
|
|
|
#include <netinet/in.h>
|
1999-12-30 18:29:55 +00:00
|
|
|
#include <netinet/in_var.h>
|
2000-02-01 15:49:37 +00:00
|
|
|
#ifdef INET6
|
2000-07-16 01:46:42 +00:00
|
|
|
#include <netinet6/in6_var.h>
|
|
|
|
#include <netinet6/in6_ifattach.h>
|
2000-02-01 15:49:37 +00:00
|
|
|
#endif
|
1999-11-22 02:45:11 +00:00
|
|
|
#endif
|
|
|
|
|
1995-08-28 09:19:25 +00:00
|
|
|
/*
|
|
|
|
* System initialization
|
|
|
|
*/
|
|
|
|
|
1998-06-07 17:13:14 +00:00
|
|
|
static int ifconf __P((u_long, caddr_t));
|
1995-09-09 18:10:37 +00:00
|
|
|
static void ifinit __P((void *));
|
1995-12-09 20:47:15 +00:00
|
|
|
static void if_qflush __P((struct ifqueue *));
|
|
|
|
static void if_slowtimo __P((void *));
|
|
|
|
static void link_rtrequest __P((int, struct rtentry *, struct sockaddr *));
|
1999-12-17 06:46:07 +00:00
|
|
|
static int if_rtdel __P((struct radix_node *, void *));
|
1995-12-09 20:47:15 +00:00
|
|
|
|
1995-08-28 09:19:25 +00:00
|
|
|
SYSINIT(interfaces, SI_SUB_PROTO_IF, SI_ORDER_FIRST, ifinit, NULL)
|
|
|
|
|
1997-10-12 20:26:33 +00:00
|
|
|
MALLOC_DEFINE(M_IFADDR, "ifaddr", "interface address");
|
|
|
|
MALLOC_DEFINE(M_IFMADDR, "ether_multi", "link-level multicast address");
|
1995-08-28 09:19:25 +00:00
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
int ifqmaxlen = IFQ_MAXLEN;
|
1996-12-11 20:38:25 +00:00
|
|
|
struct ifnethead ifnet; /* depend on static init XXX */
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
#ifdef INET6
|
|
|
|
/*
|
|
|
|
* XXX: declare here to avoid to include many inet6 related files..
|
|
|
|
* should be more generalized?
|
|
|
|
*/
|
|
|
|
extern void nd6_setmtu __P((struct ifnet *));
|
|
|
|
#endif
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Network interface utility routines.
|
|
|
|
*
|
|
|
|
* Routines with ifa_ifwith* names take sockaddr *'s as
|
|
|
|
* parameters.
|
|
|
|
*/
|
1995-08-28 09:19:25 +00:00
|
|
|
/* ARGSUSED*/
|
1994-05-24 10:09:53 +00:00
|
|
|
void
|
1995-11-18 13:01:19 +00:00
|
|
|
ifinit(dummy)
|
|
|
|
void *dummy;
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
1999-04-26 09:02:40 +00:00
|
|
|
struct ifnet *ifp;
|
|
|
|
int s;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1999-04-26 09:02:40 +00:00
|
|
|
s = splimp();
|
2001-02-04 13:13:25 +00:00
|
|
|
TAILQ_FOREACH(ifp, &ifnet, if_link) {
|
1999-02-01 20:03:27 +00:00
|
|
|
if (ifp->if_snd.ifq_maxlen == 0) {
|
|
|
|
printf("%s%d XXX: driver didn't set ifq_maxlen\n",
|
|
|
|
ifp->if_name, ifp->if_unit);
|
1994-05-24 10:09:53 +00:00
|
|
|
ifp->if_snd.ifq_maxlen = ifqmaxlen;
|
1999-02-01 20:03:27 +00:00
|
|
|
}
|
2001-01-21 22:34:43 +00:00
|
|
|
/* XXX This is an access violation of the mutex internals. */
|
2001-01-30 22:28:03 +00:00
|
|
|
if (ifp->if_snd.ifq_mtx.mtx_description == NULL) {
|
Lock down the network interface queues. The queue mutex must be obtained
before adding/removing packets from the queue. Also, the if_obytes and
if_omcasts fields should only be manipulated under protection of the mutex.
IF_ENQUEUE, IF_PREPEND, and IF_DEQUEUE perform all necessary locking on
the queue. An IF_LOCK macro is provided, as well as the old (mutex-less)
versions of the macros in the form _IF_ENQUEUE, _IF_QFULL, for code which
needs them, but their use is discouraged.
Two new macros are introduced: IF_DRAIN() to drain a queue, and IF_HANDOFF,
which takes care of locking/enqueue, and also statistics updating/start
if necessary.
2000-11-25 07:35:38 +00:00
|
|
|
printf("%s%d XXX: driver didn't initialize queue mtx\n",
|
|
|
|
ifp->if_name, ifp->if_unit);
|
|
|
|
mtx_init(&ifp->if_snd.ifq_mtx, "unknown", MTX_DEF);
|
|
|
|
}
|
|
|
|
}
|
1999-04-26 09:02:40 +00:00
|
|
|
splx(s);
|
1994-05-24 10:09:53 +00:00
|
|
|
if_slowtimo(0);
|
|
|
|
}
|
|
|
|
|
1996-07-30 19:17:07 +00:00
|
|
|
int if_index = 0;
|
|
|
|
struct ifaddr **ifnet_addrs;
|
1999-11-22 02:45:11 +00:00
|
|
|
struct ifnet **ifindex2ifnet = NULL;
|
1995-12-09 20:47:15 +00:00
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Attach an interface to the
|
|
|
|
* list of "active" interfaces.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
if_attach(ifp)
|
|
|
|
struct ifnet *ifp;
|
|
|
|
{
|
|
|
|
unsigned socksize, ifasize;
|
1996-01-24 21:12:23 +00:00
|
|
|
int namelen, masklen;
|
|
|
|
char workbuf[64];
|
1994-05-24 10:09:53 +00:00
|
|
|
register struct sockaddr_dl *sdl;
|
|
|
|
register struct ifaddr *ifa;
|
|
|
|
static int if_indexlim = 8;
|
1996-12-11 20:38:25 +00:00
|
|
|
static int inited;
|
1994-08-18 22:36:09 +00:00
|
|
|
|
1996-12-11 20:38:25 +00:00
|
|
|
if (!inited) {
|
|
|
|
TAILQ_INIT(&ifnet);
|
|
|
|
inited = 1;
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1996-12-11 20:38:25 +00:00
|
|
|
TAILQ_INSERT_TAIL(&ifnet, ifp, if_link);
|
1994-05-24 10:09:53 +00:00
|
|
|
ifp->if_index = ++if_index;
|
1996-12-13 21:29:07 +00:00
|
|
|
/*
|
|
|
|
* XXX -
|
|
|
|
* The old code would work if the interface passed a pre-existing
|
|
|
|
* chain of ifaddrs to this code. We don't trust our callers to
|
|
|
|
* properly initialize the tailq, however, so we no longer allow
|
|
|
|
* this unlikely case.
|
|
|
|
*/
|
|
|
|
TAILQ_INIT(&ifp->if_addrhead);
|
1999-11-22 02:45:11 +00:00
|
|
|
TAILQ_INIT(&ifp->if_prefixhead);
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_INIT(&ifp->if_multiaddrs);
|
1998-04-06 11:43:12 +00:00
|
|
|
getmicrotime(&ifp->if_lastchange);
|
1994-05-24 10:09:53 +00:00
|
|
|
if (ifnet_addrs == 0 || if_index >= if_indexlim) {
|
|
|
|
unsigned n = (if_indexlim <<= 1) * sizeof(ifa);
|
2000-12-08 21:51:06 +00:00
|
|
|
caddr_t q = malloc(n, M_IFADDR, M_WAITOK | M_ZERO);
|
1994-05-24 10:09:53 +00:00
|
|
|
if (ifnet_addrs) {
|
|
|
|
bcopy((caddr_t)ifnet_addrs, (caddr_t)q, n/2);
|
|
|
|
free((caddr_t)ifnet_addrs, M_IFADDR);
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
ifnet_addrs = (struct ifaddr **)q;
|
|
|
|
|
|
|
|
/* grow ifindex2ifnet */
|
|
|
|
n = if_indexlim * sizeof(struct ifnet *);
|
2000-12-08 21:51:06 +00:00
|
|
|
q = malloc(n, M_IFADDR, M_WAITOK | M_ZERO);
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifindex2ifnet) {
|
|
|
|
bcopy((caddr_t)ifindex2ifnet, q, n/2);
|
|
|
|
free((caddr_t)ifindex2ifnet, M_IFADDR);
|
|
|
|
}
|
|
|
|
ifindex2ifnet = (struct ifnet **)q;
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
ifindex2ifnet[if_index] = ifp;
|
|
|
|
|
Lock down the network interface queues. The queue mutex must be obtained
before adding/removing packets from the queue. Also, the if_obytes and
if_omcasts fields should only be manipulated under protection of the mutex.
IF_ENQUEUE, IF_PREPEND, and IF_DEQUEUE perform all necessary locking on
the queue. An IF_LOCK macro is provided, as well as the old (mutex-less)
versions of the macros in the form _IF_ENQUEUE, _IF_QFULL, for code which
needs them, but their use is discouraged.
Two new macros are introduced: IF_DRAIN() to drain a queue, and IF_HANDOFF,
which takes care of locking/enqueue, and also statistics updating/start
if necessary.
2000-11-25 07:35:38 +00:00
|
|
|
mtx_init(&ifp->if_snd.ifq_mtx, ifp->if_name, MTX_DEF);
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* create a Link Level name for this device
|
|
|
|
*/
|
1998-12-04 22:54:57 +00:00
|
|
|
namelen = snprintf(workbuf, sizeof(workbuf),
|
|
|
|
"%s%d", ifp->if_name, ifp->if_unit);
|
1994-05-24 10:09:53 +00:00
|
|
|
#define _offsetof(t, m) ((int)((caddr_t)&((t *)0)->m))
|
1996-01-24 21:12:23 +00:00
|
|
|
masklen = _offsetof(struct sockaddr_dl, sdl_data[0]) + namelen;
|
1994-05-24 10:09:53 +00:00
|
|
|
socksize = masklen + ifp->if_addrlen;
|
|
|
|
#define ROUNDUP(a) (1 + (((a) - 1) | (sizeof(long) - 1)))
|
|
|
|
if (socksize < sizeof(*sdl))
|
|
|
|
socksize = sizeof(*sdl);
|
1998-07-20 13:21:56 +00:00
|
|
|
socksize = ROUNDUP(socksize);
|
1994-05-24 10:09:53 +00:00
|
|
|
ifasize = sizeof(*ifa) + 2 * socksize;
|
2000-12-08 21:51:06 +00:00
|
|
|
ifa = (struct ifaddr *)malloc(ifasize, M_IFADDR, M_WAITOK | M_ZERO);
|
1994-10-08 01:40:23 +00:00
|
|
|
if (ifa) {
|
1994-05-24 10:09:53 +00:00
|
|
|
sdl = (struct sockaddr_dl *)(ifa + 1);
|
|
|
|
sdl->sdl_len = socksize;
|
|
|
|
sdl->sdl_family = AF_LINK;
|
1996-01-24 21:12:23 +00:00
|
|
|
bcopy(workbuf, sdl->sdl_data, namelen);
|
|
|
|
sdl->sdl_nlen = namelen;
|
1994-05-24 10:09:53 +00:00
|
|
|
sdl->sdl_index = ifp->if_index;
|
|
|
|
sdl->sdl_type = ifp->if_type;
|
|
|
|
ifnet_addrs[if_index - 1] = ifa;
|
|
|
|
ifa->ifa_ifp = ifp;
|
|
|
|
ifa->ifa_rtrequest = link_rtrequest;
|
|
|
|
ifa->ifa_addr = (struct sockaddr *)sdl;
|
|
|
|
sdl = (struct sockaddr_dl *)(socksize + (caddr_t)sdl);
|
|
|
|
ifa->ifa_netmask = (struct sockaddr *)sdl;
|
|
|
|
sdl->sdl_len = masklen;
|
|
|
|
while (namelen != 0)
|
|
|
|
sdl->sdl_data[--namelen] = 0xff;
|
1996-12-13 21:29:07 +00:00
|
|
|
TAILQ_INSERT_HEAD(&ifp->if_addrhead, ifa, ifa_link);
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
}
|
1999-04-16 21:22:55 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Detach an interface, removing it from the
|
|
|
|
* list of "active" interfaces.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
if_detach(ifp)
|
|
|
|
struct ifnet *ifp;
|
|
|
|
{
|
|
|
|
struct ifaddr *ifa;
|
1999-12-17 06:46:07 +00:00
|
|
|
struct radix_node_head *rnh;
|
|
|
|
int s;
|
|
|
|
int i;
|
1999-04-16 21:22:55 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove routes and flush queues.
|
|
|
|
*/
|
1999-12-17 06:46:07 +00:00
|
|
|
s = splnet();
|
1999-04-16 21:22:55 +00:00
|
|
|
if_down(ifp);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove address from ifnet_addrs[] and maybe decrement if_index.
|
|
|
|
* Clean up all addresses.
|
|
|
|
*/
|
1999-12-10 16:31:25 +00:00
|
|
|
ifnet_addrs[ifp->if_index - 1] = 0;
|
|
|
|
while (if_index > 0 && ifnet_addrs[if_index - 1] == 0)
|
1999-04-16 21:22:55 +00:00
|
|
|
if_index--;
|
|
|
|
|
|
|
|
for (ifa = TAILQ_FIRST(&ifp->if_addrhead); ifa;
|
|
|
|
ifa = TAILQ_FIRST(&ifp->if_addrhead)) {
|
1999-12-30 18:29:55 +00:00
|
|
|
#ifdef INET
|
1999-12-10 16:31:25 +00:00
|
|
|
/* XXX: Ugly!! ad hoc just for INET */
|
|
|
|
if (ifa->ifa_addr && ifa->ifa_addr->sa_family == AF_INET) {
|
|
|
|
struct ifaliasreq ifr;
|
|
|
|
|
|
|
|
bzero(&ifr, sizeof(ifr));
|
1999-12-30 18:29:55 +00:00
|
|
|
ifr.ifra_addr = *ifa->ifa_addr;
|
1999-12-10 16:31:25 +00:00
|
|
|
if (ifa->ifa_dstaddr)
|
|
|
|
ifr.ifra_broadaddr = *ifa->ifa_dstaddr;
|
|
|
|
if (in_control(NULL, SIOCDIFADDR, (caddr_t)&ifr, ifp,
|
|
|
|
NULL) == 0)
|
|
|
|
continue;
|
|
|
|
}
|
1999-12-30 18:29:55 +00:00
|
|
|
#endif /* INET */
|
|
|
|
#ifdef INET6
|
|
|
|
if (ifa->ifa_addr && ifa->ifa_addr->sa_family == AF_INET6) {
|
2000-07-16 01:46:42 +00:00
|
|
|
in6_purgeaddr(ifa, ifp);
|
|
|
|
/* ifp_addrhead is already updated */
|
|
|
|
continue;
|
1999-12-30 18:29:55 +00:00
|
|
|
}
|
|
|
|
#endif /* INET6 */
|
1999-04-16 21:22:55 +00:00
|
|
|
TAILQ_REMOVE(&ifp->if_addrhead, ifa, ifa_link);
|
|
|
|
IFAFREE(ifa);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
1999-04-16 21:22:55 +00:00
|
|
|
|
1999-12-17 06:46:07 +00:00
|
|
|
/*
|
|
|
|
* Delete all remaining routes using this interface
|
|
|
|
* Unfortuneatly the only way to do this is to slog through
|
|
|
|
* the entire routing table looking for routes which point
|
|
|
|
* to this interface...oh well...
|
|
|
|
*/
|
|
|
|
for (i = 1; i <= AF_MAX; i++) {
|
|
|
|
if ((rnh = rt_tables[i]) == NULL)
|
|
|
|
continue;
|
|
|
|
(void) rnh->rnh_walktree(rnh, if_rtdel, ifp);
|
|
|
|
}
|
|
|
|
|
2000-07-16 01:46:42 +00:00
|
|
|
#ifdef INET6
|
|
|
|
/* nuke all IPv6 kernel structs related to ifp */
|
|
|
|
in6_ifdetach(ifp);
|
|
|
|
#endif
|
|
|
|
|
1999-04-16 21:22:55 +00:00
|
|
|
TAILQ_REMOVE(&ifnet, ifp, if_link);
|
Lock down the network interface queues. The queue mutex must be obtained
before adding/removing packets from the queue. Also, the if_obytes and
if_omcasts fields should only be manipulated under protection of the mutex.
IF_ENQUEUE, IF_PREPEND, and IF_DEQUEUE perform all necessary locking on
the queue. An IF_LOCK macro is provided, as well as the old (mutex-less)
versions of the macros in the form _IF_ENQUEUE, _IF_QFULL, for code which
needs them, but their use is discouraged.
Two new macros are introduced: IF_DRAIN() to drain a queue, and IF_HANDOFF,
which takes care of locking/enqueue, and also statistics updating/start
if necessary.
2000-11-25 07:35:38 +00:00
|
|
|
mtx_destroy(&ifp->if_snd.ifq_mtx);
|
1999-12-17 06:46:07 +00:00
|
|
|
splx(s);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Delete Routes for a Network Interface
|
|
|
|
*
|
|
|
|
* Called for each routing entry via the rnh->rnh_walktree() call above
|
|
|
|
* to delete all route entries referencing a detaching network interface.
|
|
|
|
*
|
|
|
|
* Arguments:
|
|
|
|
* rn pointer to node in the routing table
|
|
|
|
* arg argument passed to rnh->rnh_walktree() - detaching interface
|
|
|
|
*
|
|
|
|
* Returns:
|
|
|
|
* 0 successful
|
|
|
|
* errno failed - reason indicated
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
if_rtdel(rn, arg)
|
|
|
|
struct radix_node *rn;
|
|
|
|
void *arg;
|
|
|
|
{
|
|
|
|
struct rtentry *rt = (struct rtentry *)rn;
|
|
|
|
struct ifnet *ifp = arg;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
if (rt->rt_ifp == ifp) {
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Protect (sorta) against walktree recursion problems
|
|
|
|
* with cloned routes
|
|
|
|
*/
|
|
|
|
if ((rt->rt_flags & RTF_UP) == 0)
|
|
|
|
return (0);
|
|
|
|
|
|
|
|
err = rtrequest(RTM_DELETE, rt_key(rt), rt->rt_gateway,
|
|
|
|
rt_mask(rt), rt->rt_flags,
|
|
|
|
(struct rtentry **) NULL);
|
|
|
|
if (err) {
|
|
|
|
log(LOG_WARNING, "if_rtdel: error %d\n", err);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return (0);
|
1999-04-16 21:22:55 +00:00
|
|
|
}
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Locate an interface based on a complete address.
|
|
|
|
*/
|
|
|
|
/*ARGSUSED*/
|
|
|
|
struct ifaddr *
|
|
|
|
ifa_ifwithaddr(addr)
|
|
|
|
register struct sockaddr *addr;
|
|
|
|
{
|
|
|
|
register struct ifnet *ifp;
|
|
|
|
register struct ifaddr *ifa;
|
|
|
|
|
|
|
|
#define equal(a1, a2) \
|
|
|
|
(bcmp((caddr_t)(a1), (caddr_t)(a2), ((struct sockaddr *)(a1))->sa_len) == 0)
|
2001-02-04 13:13:25 +00:00
|
|
|
TAILQ_FOREACH(ifp, &ifnet, if_link)
|
2001-02-04 16:08:18 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1994-05-24 10:09:53 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != addr->sa_family)
|
|
|
|
continue;
|
|
|
|
if (equal(addr, ifa->ifa_addr))
|
|
|
|
return (ifa);
|
|
|
|
if ((ifp->if_flags & IFF_BROADCAST) && ifa->ifa_broadaddr &&
|
1999-11-22 02:45:11 +00:00
|
|
|
/* IP6 doesn't have broadcast */
|
|
|
|
ifa->ifa_broadaddr->sa_len != 0 &&
|
1994-05-24 10:09:53 +00:00
|
|
|
equal(ifa->ifa_broadaddr, addr))
|
|
|
|
return (ifa);
|
|
|
|
}
|
|
|
|
return ((struct ifaddr *)0);
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* Locate the point to point interface with a given destination address.
|
|
|
|
*/
|
|
|
|
/*ARGSUSED*/
|
|
|
|
struct ifaddr *
|
|
|
|
ifa_ifwithdstaddr(addr)
|
|
|
|
register struct sockaddr *addr;
|
|
|
|
{
|
|
|
|
register struct ifnet *ifp;
|
|
|
|
register struct ifaddr *ifa;
|
|
|
|
|
2001-02-04 13:13:25 +00:00
|
|
|
TAILQ_FOREACH(ifp, &ifnet, if_link)
|
1994-05-24 10:09:53 +00:00
|
|
|
if (ifp->if_flags & IFF_POINTOPOINT)
|
2001-02-04 16:08:18 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1994-05-24 10:09:53 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != addr->sa_family)
|
|
|
|
continue;
|
1995-02-24 11:47:31 +00:00
|
|
|
if (ifa->ifa_dstaddr && equal(addr, ifa->ifa_dstaddr))
|
1994-05-24 10:09:53 +00:00
|
|
|
return (ifa);
|
|
|
|
}
|
|
|
|
return ((struct ifaddr *)0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find an interface on a specific network. If many, choice
|
|
|
|
* is most specific found.
|
|
|
|
*/
|
|
|
|
struct ifaddr *
|
|
|
|
ifa_ifwithnet(addr)
|
|
|
|
struct sockaddr *addr;
|
|
|
|
{
|
|
|
|
register struct ifnet *ifp;
|
|
|
|
register struct ifaddr *ifa;
|
|
|
|
struct ifaddr *ifa_maybe = (struct ifaddr *) 0;
|
|
|
|
u_int af = addr->sa_family;
|
|
|
|
char *addr_data = addr->sa_data, *cplim;
|
|
|
|
|
1997-08-22 22:47:27 +00:00
|
|
|
/*
|
|
|
|
* AF_LINK addresses can be looked up directly by their index number,
|
|
|
|
* so do that if we can.
|
|
|
|
*/
|
1994-05-24 10:09:53 +00:00
|
|
|
if (af == AF_LINK) {
|
|
|
|
register struct sockaddr_dl *sdl = (struct sockaddr_dl *)addr;
|
|
|
|
if (sdl->sdl_index && sdl->sdl_index <= if_index)
|
|
|
|
return (ifnet_addrs[sdl->sdl_index - 1]);
|
|
|
|
}
|
1997-08-22 22:47:27 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
1997-08-22 22:47:27 +00:00
|
|
|
* Scan though each interface, looking for ones that have
|
|
|
|
* addresses in this address family.
|
|
|
|
*/
|
2001-02-04 13:13:25 +00:00
|
|
|
TAILQ_FOREACH(ifp, &ifnet, if_link) {
|
2001-02-04 16:08:18 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1995-05-27 04:37:24 +00:00
|
|
|
register char *cp, *cp2, *cp3;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1995-06-28 05:31:03 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != af)
|
1997-08-22 22:47:27 +00:00
|
|
|
next: continue;
|
1999-11-22 02:45:11 +00:00
|
|
|
if (
|
|
|
|
#ifdef INET6 /* XXX: for maching gif tunnel dst as routing entry gateway */
|
|
|
|
addr->sa_family != AF_INET6 &&
|
|
|
|
#endif
|
|
|
|
ifp->if_flags & IFF_POINTOPOINT) {
|
1997-08-22 22:47:27 +00:00
|
|
|
/*
|
1999-11-22 02:45:11 +00:00
|
|
|
* This is a bit broken as it doesn't
|
|
|
|
* take into account that the remote end may
|
1997-08-22 22:47:27 +00:00
|
|
|
* be a single node in the network we are
|
|
|
|
* looking for.
|
1999-11-22 02:45:11 +00:00
|
|
|
* The trouble is that we don't know the
|
1997-08-22 22:47:27 +00:00
|
|
|
* netmask for the remote end.
|
|
|
|
*/
|
1996-07-24 19:59:53 +00:00
|
|
|
if (ifa->ifa_dstaddr != 0
|
|
|
|
&& equal(addr, ifa->ifa_dstaddr))
|
1995-05-27 04:37:24 +00:00
|
|
|
return (ifa);
|
1995-06-15 00:19:56 +00:00
|
|
|
} else {
|
1997-08-28 01:17:12 +00:00
|
|
|
/*
|
|
|
|
* if we have a special address handler,
|
|
|
|
* then use it instead of the generic one.
|
|
|
|
*/
|
|
|
|
if (ifa->ifa_claim_addr) {
|
|
|
|
if ((*ifa->ifa_claim_addr)(ifa, addr)) {
|
|
|
|
return (ifa);
|
|
|
|
} else {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1997-08-22 22:47:27 +00:00
|
|
|
/*
|
|
|
|
* Scan all the bits in the ifa's address.
|
|
|
|
* If a bit dissagrees with what we are
|
|
|
|
* looking for, mask it with the netmask
|
|
|
|
* to see if it really matters.
|
|
|
|
* (A byte at a time)
|
|
|
|
*/
|
1995-06-28 05:31:03 +00:00
|
|
|
if (ifa->ifa_netmask == 0)
|
|
|
|
continue;
|
1995-05-27 04:37:24 +00:00
|
|
|
cp = addr_data;
|
|
|
|
cp2 = ifa->ifa_addr->sa_data;
|
|
|
|
cp3 = ifa->ifa_netmask->sa_data;
|
1997-08-22 22:47:27 +00:00
|
|
|
cplim = ifa->ifa_netmask->sa_len
|
|
|
|
+ (char *)ifa->ifa_netmask;
|
1995-05-27 04:37:24 +00:00
|
|
|
while (cp3 < cplim)
|
|
|
|
if ((*cp++ ^ *cp2++) & *cp3++)
|
1997-08-22 22:47:27 +00:00
|
|
|
goto next; /* next address! */
|
|
|
|
/*
|
|
|
|
* If the netmask of what we just found
|
|
|
|
* is more specific than what we had before
|
|
|
|
* (if we had one) then remember the new one
|
|
|
|
* before continuing to search
|
|
|
|
* for an even better one.
|
|
|
|
*/
|
1995-05-27 04:37:24 +00:00
|
|
|
if (ifa_maybe == 0 ||
|
|
|
|
rn_refines((caddr_t)ifa->ifa_netmask,
|
|
|
|
(caddr_t)ifa_maybe->ifa_netmask))
|
|
|
|
ifa_maybe = ifa;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
return (ifa_maybe);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find an interface address specific to an interface best matching
|
|
|
|
* a given address.
|
|
|
|
*/
|
|
|
|
struct ifaddr *
|
|
|
|
ifaof_ifpforaddr(addr, ifp)
|
|
|
|
struct sockaddr *addr;
|
|
|
|
register struct ifnet *ifp;
|
|
|
|
{
|
|
|
|
register struct ifaddr *ifa;
|
|
|
|
register char *cp, *cp2, *cp3;
|
|
|
|
register char *cplim;
|
|
|
|
struct ifaddr *ifa_maybe = 0;
|
|
|
|
u_int af = addr->sa_family;
|
|
|
|
|
|
|
|
if (af >= AF_MAX)
|
|
|
|
return (0);
|
2001-02-04 16:08:18 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1994-05-24 10:09:53 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != af)
|
|
|
|
continue;
|
1996-08-07 04:09:05 +00:00
|
|
|
if (ifa_maybe == 0)
|
|
|
|
ifa_maybe = ifa;
|
1994-05-24 10:09:53 +00:00
|
|
|
if (ifa->ifa_netmask == 0) {
|
|
|
|
if (equal(addr, ifa->ifa_addr) ||
|
|
|
|
(ifa->ifa_dstaddr && equal(addr, ifa->ifa_dstaddr)))
|
|
|
|
return (ifa);
|
|
|
|
continue;
|
|
|
|
}
|
1995-05-27 04:37:24 +00:00
|
|
|
if (ifp->if_flags & IFF_POINTOPOINT) {
|
|
|
|
if (equal(addr, ifa->ifa_dstaddr))
|
|
|
|
return (ifa);
|
1995-06-15 00:19:56 +00:00
|
|
|
} else {
|
1995-05-27 04:37:24 +00:00
|
|
|
cp = addr->sa_data;
|
|
|
|
cp2 = ifa->ifa_addr->sa_data;
|
|
|
|
cp3 = ifa->ifa_netmask->sa_data;
|
|
|
|
cplim = ifa->ifa_netmask->sa_len + (char *)ifa->ifa_netmask;
|
|
|
|
for (; cp3 < cplim; cp3++)
|
|
|
|
if ((*cp++ ^ *cp2++) & *cp3)
|
|
|
|
break;
|
|
|
|
if (cp3 == cplim)
|
|
|
|
return (ifa);
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
return (ifa_maybe);
|
|
|
|
}
|
|
|
|
|
|
|
|
#include <net/route.h>
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Default action when installing a route with a Link Level gateway.
|
|
|
|
* Lookup an appropriate real ifa to point to.
|
|
|
|
* This should be moved to /sys/net/link.c eventually.
|
|
|
|
*/
|
1995-12-09 20:47:15 +00:00
|
|
|
static void
|
1994-05-24 10:09:53 +00:00
|
|
|
link_rtrequest(cmd, rt, sa)
|
|
|
|
int cmd;
|
|
|
|
register struct rtentry *rt;
|
|
|
|
struct sockaddr *sa;
|
|
|
|
{
|
|
|
|
register struct ifaddr *ifa;
|
|
|
|
struct sockaddr *dst;
|
|
|
|
struct ifnet *ifp;
|
|
|
|
|
|
|
|
if (cmd != RTM_ADD || ((ifa = rt->rt_ifa) == 0) ||
|
|
|
|
((ifp = ifa->ifa_ifp) == 0) || ((dst = rt_key(rt)) == 0))
|
|
|
|
return;
|
1994-10-08 01:40:23 +00:00
|
|
|
ifa = ifaof_ifpforaddr(dst, ifp);
|
|
|
|
if (ifa) {
|
1994-05-24 10:09:53 +00:00
|
|
|
IFAFREE(rt->rt_ifa);
|
|
|
|
rt->rt_ifa = ifa;
|
|
|
|
ifa->ifa_refcnt++;
|
|
|
|
if (ifa->ifa_rtrequest && ifa->ifa_rtrequest != link_rtrequest)
|
|
|
|
ifa->ifa_rtrequest(cmd, rt, sa);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Mark an interface down and notify protocols of
|
|
|
|
* the transition.
|
|
|
|
* NOTE: must be called at splnet or eqivalent.
|
|
|
|
*/
|
|
|
|
void
|
1998-12-16 18:30:43 +00:00
|
|
|
if_unroute(ifp, flag, fam)
|
1994-05-24 10:09:53 +00:00
|
|
|
register struct ifnet *ifp;
|
1998-12-16 18:30:43 +00:00
|
|
|
int flag, fam;
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
|
|
|
register struct ifaddr *ifa;
|
|
|
|
|
1998-12-16 18:30:43 +00:00
|
|
|
ifp->if_flags &= ~flag;
|
1998-04-06 11:43:12 +00:00
|
|
|
getmicrotime(&ifp->if_lastchange);
|
1998-12-16 18:30:43 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
|
|
|
|
if (fam == PF_UNSPEC || (fam == ifa->ifa_addr->sa_family))
|
|
|
|
pfctlinput(PRC_IFDOWN, ifa->ifa_addr);
|
1994-05-24 10:09:53 +00:00
|
|
|
if_qflush(&ifp->if_snd);
|
|
|
|
rt_ifmsg(ifp);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Mark an interface up and notify protocols of
|
|
|
|
* the transition.
|
|
|
|
* NOTE: must be called at splnet or eqivalent.
|
|
|
|
*/
|
|
|
|
void
|
1998-12-16 18:30:43 +00:00
|
|
|
if_route(ifp, flag, fam)
|
1994-05-24 10:09:53 +00:00
|
|
|
register struct ifnet *ifp;
|
1998-12-16 18:30:43 +00:00
|
|
|
int flag, fam;
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
1997-02-12 18:54:32 +00:00
|
|
|
register struct ifaddr *ifa;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1998-12-16 18:30:43 +00:00
|
|
|
ifp->if_flags |= flag;
|
1998-04-06 11:43:12 +00:00
|
|
|
getmicrotime(&ifp->if_lastchange);
|
1998-12-16 18:30:43 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
|
|
|
|
if (fam == PF_UNSPEC || (fam == ifa->ifa_addr->sa_family))
|
|
|
|
pfctlinput(PRC_IFUP, ifa->ifa_addr);
|
1994-05-24 10:09:53 +00:00
|
|
|
rt_ifmsg(ifp);
|
1999-11-22 02:45:11 +00:00
|
|
|
#ifdef INET6
|
|
|
|
in6_if_up(ifp);
|
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
|
1998-12-16 18:30:43 +00:00
|
|
|
/*
|
|
|
|
* Mark an interface down and notify protocols of
|
|
|
|
* the transition.
|
|
|
|
* NOTE: must be called at splnet or eqivalent.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
if_down(ifp)
|
|
|
|
register struct ifnet *ifp;
|
|
|
|
{
|
|
|
|
|
|
|
|
if_unroute(ifp, IFF_UP, AF_UNSPEC);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Mark an interface up and notify protocols of
|
|
|
|
* the transition.
|
|
|
|
* NOTE: must be called at splnet or eqivalent.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
if_up(ifp)
|
|
|
|
register struct ifnet *ifp;
|
|
|
|
{
|
|
|
|
|
|
|
|
if_route(ifp, IFF_UP, AF_UNSPEC);
|
|
|
|
}
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Flush an interface queue.
|
|
|
|
*/
|
1995-12-09 20:47:15 +00:00
|
|
|
static void
|
1994-05-24 10:09:53 +00:00
|
|
|
if_qflush(ifq)
|
|
|
|
register struct ifqueue *ifq;
|
|
|
|
{
|
|
|
|
register struct mbuf *m, *n;
|
|
|
|
|
|
|
|
n = ifq->ifq_head;
|
1994-10-08 01:40:23 +00:00
|
|
|
while ((m = n) != 0) {
|
1994-05-24 10:09:53 +00:00
|
|
|
n = m->m_act;
|
|
|
|
m_freem(m);
|
|
|
|
}
|
|
|
|
ifq->ifq_head = 0;
|
|
|
|
ifq->ifq_tail = 0;
|
|
|
|
ifq->ifq_len = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Handle interface watchdog timer routines. Called
|
|
|
|
* from softclock, we decrement timers (if set) and
|
|
|
|
* call the appropriate interface routine on expiration.
|
|
|
|
*/
|
1995-12-09 20:47:15 +00:00
|
|
|
static void
|
1994-05-24 10:09:53 +00:00
|
|
|
if_slowtimo(arg)
|
|
|
|
void *arg;
|
|
|
|
{
|
|
|
|
register struct ifnet *ifp;
|
|
|
|
int s = splimp();
|
|
|
|
|
2001-02-04 13:13:25 +00:00
|
|
|
TAILQ_FOREACH(ifp, &ifnet, if_link) {
|
1994-05-24 10:09:53 +00:00
|
|
|
if (ifp->if_timer == 0 || --ifp->if_timer)
|
|
|
|
continue;
|
|
|
|
if (ifp->if_watchdog)
|
1995-12-05 02:01:59 +00:00
|
|
|
(*ifp->if_watchdog)(ifp);
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
splx(s);
|
|
|
|
timeout(if_slowtimo, (void *)0, hz / IFNET_SLOWHZ);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Map interface name to
|
|
|
|
* interface structure pointer.
|
|
|
|
*/
|
|
|
|
struct ifnet *
|
1999-12-13 15:57:11 +00:00
|
|
|
ifunit(char *name)
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
1998-06-08 20:33:29 +00:00
|
|
|
char namebuf[IFNAMSIZ + 1];
|
1999-12-13 15:57:11 +00:00
|
|
|
char *cp;
|
|
|
|
struct ifnet *ifp;
|
1994-05-24 10:09:53 +00:00
|
|
|
int unit;
|
1999-12-13 15:57:11 +00:00
|
|
|
unsigned len, m;
|
|
|
|
char c;
|
|
|
|
|
|
|
|
len = strlen(name);
|
|
|
|
if (len < 2 || len > IFNAMSIZ)
|
|
|
|
return NULL;
|
|
|
|
cp = name + len - 1;
|
|
|
|
c = *cp;
|
|
|
|
if (c < '0' || c > '9')
|
|
|
|
return NULL; /* trailing garbage */
|
|
|
|
unit = 0;
|
|
|
|
m = 1;
|
|
|
|
do {
|
|
|
|
if (cp == name)
|
|
|
|
return NULL; /* no interface name */
|
|
|
|
unit += (c - '0') * m;
|
|
|
|
if (unit > 1000000)
|
|
|
|
return NULL; /* number is unreasonable */
|
|
|
|
m *= 10;
|
|
|
|
c = *--cp;
|
|
|
|
} while (c >= '0' && c <= '9');
|
1994-05-24 10:09:53 +00:00
|
|
|
len = cp - name + 1;
|
1999-12-13 15:57:11 +00:00
|
|
|
bcopy(name, namebuf, len);
|
|
|
|
namebuf[len] = '\0';
|
1998-06-08 20:33:29 +00:00
|
|
|
/*
|
|
|
|
* Now search all the interfaces for this name/number
|
|
|
|
*/
|
2001-02-04 13:13:25 +00:00
|
|
|
TAILQ_FOREACH(ifp, &ifnet, if_link) {
|
1999-12-13 15:57:11 +00:00
|
|
|
if (strcmp(ifp->if_name, namebuf))
|
1994-05-24 10:09:53 +00:00
|
|
|
continue;
|
|
|
|
if (unit == ifp->if_unit)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return (ifp);
|
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Map interface name in a sockaddr_dl to
|
|
|
|
* interface structure pointer.
|
|
|
|
*/
|
|
|
|
struct ifnet *
|
|
|
|
if_withname(sa)
|
|
|
|
struct sockaddr *sa;
|
|
|
|
{
|
|
|
|
char ifname[IFNAMSIZ+1];
|
|
|
|
struct sockaddr_dl *sdl = (struct sockaddr_dl *)sa;
|
|
|
|
|
|
|
|
if ( (sa->sa_family != AF_LINK) || (sdl->sdl_nlen == 0) ||
|
|
|
|
(sdl->sdl_nlen > IFNAMSIZ) )
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* ifunit wants a null-terminated name. It may not be null-terminated
|
|
|
|
* in the sockaddr. We don't want to change the caller's sockaddr,
|
|
|
|
* and there might not be room to put the trailing null anyway, so we
|
|
|
|
* make a local copy that we know we can null terminate safely.
|
|
|
|
*/
|
|
|
|
|
|
|
|
bcopy(sdl->sdl_data, ifname, sdl->sdl_nlen);
|
|
|
|
ifname[sdl->sdl_nlen] = '\0';
|
|
|
|
return ifunit(ifname);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Interface ioctls.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
ifioctl(so, cmd, data, p)
|
|
|
|
struct socket *so;
|
1998-06-07 17:13:14 +00:00
|
|
|
u_long cmd;
|
1994-05-24 10:09:53 +00:00
|
|
|
caddr_t data;
|
|
|
|
struct proc *p;
|
|
|
|
{
|
|
|
|
register struct ifnet *ifp;
|
|
|
|
register struct ifreq *ifr;
|
1999-06-19 18:42:31 +00:00
|
|
|
struct ifstat *ifs;
|
1994-05-24 10:09:53 +00:00
|
|
|
int error;
|
1999-11-22 02:45:11 +00:00
|
|
|
short oif_flags;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
|
|
|
|
case SIOCGIFCONF:
|
|
|
|
case OSIOCGIFCONF:
|
|
|
|
return (ifconf(cmd, data));
|
|
|
|
}
|
|
|
|
ifr = (struct ifreq *)data;
|
|
|
|
ifp = ifunit(ifr->ifr_name);
|
|
|
|
if (ifp == 0)
|
|
|
|
return (ENXIO);
|
|
|
|
switch (cmd) {
|
|
|
|
|
|
|
|
case SIOCGIFFLAGS:
|
|
|
|
ifr->ifr_flags = ifp->if_flags;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFMETRIC:
|
|
|
|
ifr->ifr_metric = ifp->if_metric;
|
|
|
|
break;
|
|
|
|
|
1994-08-08 10:49:26 +00:00
|
|
|
case SIOCGIFMTU:
|
|
|
|
ifr->ifr_mtu = ifp->if_mtu;
|
|
|
|
break;
|
|
|
|
|
1994-12-21 22:57:05 +00:00
|
|
|
case SIOCGIFPHYS:
|
|
|
|
ifr->ifr_phys = ifp->if_physical;
|
|
|
|
break;
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
case SIOCSIFFLAGS:
|
1999-04-27 11:18:52 +00:00
|
|
|
error = suser(p);
|
1994-10-08 01:40:23 +00:00
|
|
|
if (error)
|
1994-05-24 10:09:53 +00:00
|
|
|
return (error);
|
1999-02-19 13:41:35 +00:00
|
|
|
ifr->ifr_prevflags = ifp->if_flags;
|
1999-06-06 09:17:51 +00:00
|
|
|
if (ifp->if_flags & IFF_SMART) {
|
|
|
|
/* Smart drivers twiddle their own routes */
|
1999-06-06 09:28:01 +00:00
|
|
|
} else if (ifp->if_flags & IFF_UP &&
|
1999-06-06 09:17:51 +00:00
|
|
|
(ifr->ifr_flags & IFF_UP) == 0) {
|
1994-05-24 10:09:53 +00:00
|
|
|
int s = splimp();
|
|
|
|
if_down(ifp);
|
|
|
|
splx(s);
|
1999-06-06 09:17:51 +00:00
|
|
|
} else if (ifr->ifr_flags & IFF_UP &&
|
|
|
|
(ifp->if_flags & IFF_UP) == 0) {
|
1994-05-24 10:09:53 +00:00
|
|
|
int s = splimp();
|
|
|
|
if_up(ifp);
|
|
|
|
splx(s);
|
|
|
|
}
|
|
|
|
ifp->if_flags = (ifp->if_flags & IFF_CANTCHANGE) |
|
|
|
|
(ifr->ifr_flags &~ IFF_CANTCHANGE);
|
|
|
|
if (ifp->if_ioctl)
|
|
|
|
(void) (*ifp->if_ioctl)(ifp, cmd, data);
|
1998-04-06 11:43:12 +00:00
|
|
|
getmicrotime(&ifp->if_lastchange);
|
1994-05-24 10:09:53 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCSIFMETRIC:
|
1999-04-27 11:18:52 +00:00
|
|
|
error = suser(p);
|
1994-10-08 01:40:23 +00:00
|
|
|
if (error)
|
1994-05-24 10:09:53 +00:00
|
|
|
return (error);
|
|
|
|
ifp->if_metric = ifr->ifr_metric;
|
1998-04-06 11:43:12 +00:00
|
|
|
getmicrotime(&ifp->if_lastchange);
|
1994-05-24 10:09:53 +00:00
|
|
|
break;
|
|
|
|
|
1994-12-21 22:57:05 +00:00
|
|
|
case SIOCSIFPHYS:
|
1999-04-27 11:18:52 +00:00
|
|
|
error = suser(p);
|
1996-06-10 23:07:36 +00:00
|
|
|
if (error)
|
1997-08-28 01:17:12 +00:00
|
|
|
return error;
|
1996-06-10 23:07:36 +00:00
|
|
|
if (!ifp->if_ioctl)
|
|
|
|
return EOPNOTSUPP;
|
|
|
|
error = (*ifp->if_ioctl)(ifp, cmd, data);
|
|
|
|
if (error == 0)
|
1998-04-06 11:43:12 +00:00
|
|
|
getmicrotime(&ifp->if_lastchange);
|
1996-06-10 23:07:36 +00:00
|
|
|
return(error);
|
1994-12-21 22:57:05 +00:00
|
|
|
|
1994-08-08 10:49:26 +00:00
|
|
|
case SIOCSIFMTU:
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
u_long oldmtu = ifp->if_mtu;
|
|
|
|
|
1999-04-27 11:18:52 +00:00
|
|
|
error = suser(p);
|
1994-10-08 01:40:23 +00:00
|
|
|
if (error)
|
1994-08-08 10:49:26 +00:00
|
|
|
return (error);
|
|
|
|
if (ifp->if_ioctl == NULL)
|
|
|
|
return (EOPNOTSUPP);
|
1999-08-06 13:53:03 +00:00
|
|
|
if (ifr->ifr_mtu < IF_MINMTU || ifr->ifr_mtu > IF_MAXMTU)
|
1994-08-08 10:58:30 +00:00
|
|
|
return (EINVAL);
|
1996-06-10 23:07:36 +00:00
|
|
|
error = (*ifp->if_ioctl)(ifp, cmd, data);
|
2000-01-24 08:53:39 +00:00
|
|
|
if (error == 0) {
|
1998-04-06 11:43:12 +00:00
|
|
|
getmicrotime(&ifp->if_lastchange);
|
2000-01-24 08:53:39 +00:00
|
|
|
rt_ifmsg(ifp);
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
|
|
|
* If the link MTU changed, do network layer specific procedure.
|
|
|
|
*/
|
|
|
|
if (ifp->if_mtu != oldmtu) {
|
|
|
|
#ifdef INET6
|
|
|
|
nd6_setmtu(ifp);
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
return (error);
|
|
|
|
}
|
1994-08-08 10:49:26 +00:00
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
case SIOCADDMULTI:
|
|
|
|
case SIOCDELMULTI:
|
1999-04-27 11:18:52 +00:00
|
|
|
error = suser(p);
|
1994-10-08 01:40:23 +00:00
|
|
|
if (error)
|
1994-05-24 10:09:53 +00:00
|
|
|
return (error);
|
1997-01-13 21:26:53 +00:00
|
|
|
|
|
|
|
/* Don't allow group membership on non-multicast interfaces. */
|
|
|
|
if ((ifp->if_flags & IFF_MULTICAST) == 0)
|
|
|
|
return EOPNOTSUPP;
|
|
|
|
|
|
|
|
/* Don't let users screw up protocols' entries. */
|
|
|
|
if (ifr->ifr_addr.sa_family != AF_LINK)
|
|
|
|
return EINVAL;
|
|
|
|
|
|
|
|
if (cmd == SIOCADDMULTI) {
|
|
|
|
struct ifmultiaddr *ifma;
|
|
|
|
error = if_addmulti(ifp, &ifr->ifr_addr, &ifma);
|
|
|
|
} else {
|
|
|
|
error = if_delmulti(ifp, &ifr->ifr_addr);
|
|
|
|
}
|
|
|
|
if (error == 0)
|
1998-04-06 11:43:12 +00:00
|
|
|
getmicrotime(&ifp->if_lastchange);
|
1997-01-13 21:26:53 +00:00
|
|
|
return error;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
2000-10-04 23:16:29 +00:00
|
|
|
case SIOCSIFPHYADDR:
|
|
|
|
case SIOCDIFPHYADDR:
|
|
|
|
#ifdef INET6
|
|
|
|
case SIOCSIFPHYADDR_IN6:
|
|
|
|
#endif
|
1997-05-03 21:07:13 +00:00
|
|
|
case SIOCSIFMEDIA:
|
1997-10-07 07:40:35 +00:00
|
|
|
case SIOCSIFGENERIC:
|
1999-04-27 11:18:52 +00:00
|
|
|
error = suser(p);
|
1997-05-03 21:07:13 +00:00
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
if (ifp->if_ioctl == 0)
|
|
|
|
return (EOPNOTSUPP);
|
|
|
|
error = (*ifp->if_ioctl)(ifp, cmd, data);
|
|
|
|
if (error == 0)
|
1998-04-06 11:43:12 +00:00
|
|
|
getmicrotime(&ifp->if_lastchange);
|
1997-05-03 21:07:13 +00:00
|
|
|
return error;
|
|
|
|
|
1999-06-19 18:42:31 +00:00
|
|
|
case SIOCGIFSTATUS:
|
|
|
|
ifs = (struct ifstat *)data;
|
|
|
|
ifs->ascii[0] = '\0';
|
|
|
|
|
1997-05-03 21:07:13 +00:00
|
|
|
case SIOCGIFMEDIA:
|
1997-10-07 07:40:35 +00:00
|
|
|
case SIOCGIFGENERIC:
|
1997-05-03 21:07:13 +00:00
|
|
|
if (ifp->if_ioctl == 0)
|
|
|
|
return (EOPNOTSUPP);
|
|
|
|
return ((*ifp->if_ioctl)(ifp, cmd, data));
|
|
|
|
|
2000-06-16 20:14:43 +00:00
|
|
|
case SIOCSIFLLADDR:
|
|
|
|
error = suser(p);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
2000-08-15 00:48:38 +00:00
|
|
|
return if_setlladdr(ifp,
|
|
|
|
ifr->ifr_addr.sa_data, ifr->ifr_addr.sa_len);
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
default:
|
1999-11-22 02:45:11 +00:00
|
|
|
oif_flags = ifp->if_flags;
|
1994-05-24 10:09:53 +00:00
|
|
|
if (so->so_proto == 0)
|
|
|
|
return (EOPNOTSUPP);
|
|
|
|
#ifndef COMPAT_43
|
1999-11-22 02:45:11 +00:00
|
|
|
error = ((*so->so_proto->pr_usrreqs->pru_control)(so, cmd,
|
1996-07-11 16:32:50 +00:00
|
|
|
data,
|
1997-09-07 11:09:22 +00:00
|
|
|
ifp, p));
|
1994-05-24 10:09:53 +00:00
|
|
|
#else
|
|
|
|
{
|
|
|
|
int ocmd = cmd;
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
|
|
|
|
case SIOCSIFDSTADDR:
|
|
|
|
case SIOCSIFADDR:
|
|
|
|
case SIOCSIFBRDADDR:
|
|
|
|
case SIOCSIFNETMASK:
|
|
|
|
#if BYTE_ORDER != BIG_ENDIAN
|
|
|
|
if (ifr->ifr_addr.sa_family == 0 &&
|
|
|
|
ifr->ifr_addr.sa_len < 16) {
|
|
|
|
ifr->ifr_addr.sa_family = ifr->ifr_addr.sa_len;
|
|
|
|
ifr->ifr_addr.sa_len = 16;
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
if (ifr->ifr_addr.sa_len == 0)
|
|
|
|
ifr->ifr_addr.sa_len = 16;
|
|
|
|
#endif
|
|
|
|
break;
|
|
|
|
|
|
|
|
case OSIOCGIFADDR:
|
|
|
|
cmd = SIOCGIFADDR;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case OSIOCGIFDSTADDR:
|
|
|
|
cmd = SIOCGIFDSTADDR;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case OSIOCGIFBRDADDR:
|
|
|
|
cmd = SIOCGIFBRDADDR;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case OSIOCGIFNETMASK:
|
|
|
|
cmd = SIOCGIFNETMASK;
|
|
|
|
}
|
1996-07-11 16:32:50 +00:00
|
|
|
error = ((*so->so_proto->pr_usrreqs->pru_control)(so,
|
|
|
|
cmd,
|
|
|
|
data,
|
1997-04-27 20:01:29 +00:00
|
|
|
ifp, p));
|
1994-05-24 10:09:53 +00:00
|
|
|
switch (ocmd) {
|
|
|
|
|
|
|
|
case OSIOCGIFADDR:
|
|
|
|
case OSIOCGIFDSTADDR:
|
|
|
|
case OSIOCGIFBRDADDR:
|
|
|
|
case OSIOCGIFNETMASK:
|
|
|
|
*(u_short *)&ifr->ifr_addr = ifr->ifr_addr.sa_family;
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
#endif /* COMPAT_43 */
|
|
|
|
|
|
|
|
if ((oif_flags ^ ifp->if_flags) & IFF_UP) {
|
|
|
|
#ifdef INET6
|
2000-02-01 15:49:37 +00:00
|
|
|
DELAY(100);/* XXX: temporal workaround for fxp issue*/
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifp->if_flags & IFF_UP) {
|
|
|
|
int s = splimp();
|
|
|
|
in6_if_up(ifp);
|
|
|
|
splx(s);
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
#endif
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
return (error);
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
1995-09-22 17:57:48 +00:00
|
|
|
/*
|
|
|
|
* Set/clear promiscuous mode on interface ifp based on the truth value
|
|
|
|
* of pswitch. The calls are reference counted so that only the first
|
|
|
|
* "on" request actually has an effect, as does the final "off" request.
|
|
|
|
* Results are undefined if the "off" and "on" requests are not matched.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
ifpromisc(ifp, pswitch)
|
|
|
|
struct ifnet *ifp;
|
|
|
|
int pswitch;
|
|
|
|
{
|
|
|
|
struct ifreq ifr;
|
1997-02-14 15:30:54 +00:00
|
|
|
int error;
|
1995-09-22 17:57:48 +00:00
|
|
|
|
|
|
|
if (pswitch) {
|
|
|
|
/*
|
|
|
|
* If the device is not configured up, we cannot put it in
|
|
|
|
* promiscuous mode.
|
|
|
|
*/
|
|
|
|
if ((ifp->if_flags & IFF_UP) == 0)
|
|
|
|
return (ENETDOWN);
|
|
|
|
if (ifp->if_pcount++ != 0)
|
|
|
|
return (0);
|
|
|
|
ifp->if_flags |= IFF_PROMISC;
|
1995-09-27 15:00:49 +00:00
|
|
|
log(LOG_INFO, "%s%d: promiscuous mode enabled\n",
|
1995-09-22 17:57:48 +00:00
|
|
|
ifp->if_name, ifp->if_unit);
|
|
|
|
} else {
|
|
|
|
if (--ifp->if_pcount > 0)
|
|
|
|
return (0);
|
|
|
|
ifp->if_flags &= ~IFF_PROMISC;
|
1999-08-30 11:55:30 +00:00
|
|
|
log(LOG_INFO, "%s%d: promiscuous mode disabled\n",
|
|
|
|
ifp->if_name, ifp->if_unit);
|
1995-09-22 17:57:48 +00:00
|
|
|
}
|
|
|
|
ifr.ifr_flags = ifp->if_flags;
|
1997-02-14 15:30:54 +00:00
|
|
|
error = (*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr);
|
|
|
|
if (error == 0)
|
|
|
|
rt_ifmsg(ifp);
|
|
|
|
return error;
|
1995-09-22 17:57:48 +00:00
|
|
|
}
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Return interface configuration
|
|
|
|
* of system. List may be used
|
|
|
|
* in later ioctl's (above) to get
|
|
|
|
* other information.
|
|
|
|
*/
|
|
|
|
/*ARGSUSED*/
|
1995-12-09 20:47:15 +00:00
|
|
|
static int
|
1994-05-24 10:09:53 +00:00
|
|
|
ifconf(cmd, data)
|
1998-06-07 17:13:14 +00:00
|
|
|
u_long cmd;
|
1994-05-24 10:09:53 +00:00
|
|
|
caddr_t data;
|
|
|
|
{
|
|
|
|
register struct ifconf *ifc = (struct ifconf *)data;
|
2001-02-03 11:46:35 +00:00
|
|
|
register struct ifnet *ifp = TAILQ_FIRST(&ifnet);
|
1994-05-24 10:09:53 +00:00
|
|
|
register struct ifaddr *ifa;
|
|
|
|
struct ifreq ifr, *ifrp;
|
|
|
|
int space = ifc->ifc_len, error = 0;
|
|
|
|
|
|
|
|
ifrp = ifc->ifc_req;
|
2001-02-03 11:46:35 +00:00
|
|
|
for (; space > sizeof (ifr) && ifp; ifp = TAILQ_NEXT(ifp, if_link)) {
|
1996-01-24 21:12:23 +00:00
|
|
|
char workbuf[64];
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
int ifnlen, addrs;
|
1995-05-30 08:16:23 +00:00
|
|
|
|
1998-12-04 22:54:57 +00:00
|
|
|
ifnlen = snprintf(workbuf, sizeof(workbuf),
|
|
|
|
"%s%d", ifp->if_name, ifp->if_unit);
|
1996-01-24 21:12:23 +00:00
|
|
|
if(ifnlen + 1 > sizeof ifr.ifr_name) {
|
1994-10-05 20:11:28 +00:00
|
|
|
error = ENAMETOOLONG;
|
2000-02-28 19:30:25 +00:00
|
|
|
break;
|
1994-10-05 20:11:28 +00:00
|
|
|
} else {
|
1996-01-24 21:12:23 +00:00
|
|
|
strcpy(ifr.ifr_name, workbuf);
|
1994-10-05 20:11:28 +00:00
|
|
|
}
|
|
|
|
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
addrs = 0;
|
2001-02-03 11:46:35 +00:00
|
|
|
ifa = TAILQ_FIRST(&ifp->if_addrhead);
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
for ( ; space > sizeof (ifr) && ifa;
|
2001-02-03 11:46:35 +00:00
|
|
|
ifa = TAILQ_NEXT(ifa, ifa_link)) {
|
1994-05-24 10:09:53 +00:00
|
|
|
register struct sockaddr *sa = ifa->ifa_addr;
|
2001-02-21 06:39:57 +00:00
|
|
|
if (jailed(curproc->p_ucred) &&
|
|
|
|
prison_if(curproc->p_ucred, sa))
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
continue;
|
|
|
|
addrs++;
|
1994-05-24 10:09:53 +00:00
|
|
|
#ifdef COMPAT_43
|
|
|
|
if (cmd == OSIOCGIFCONF) {
|
|
|
|
struct osockaddr *osa =
|
|
|
|
(struct osockaddr *)&ifr.ifr_addr;
|
|
|
|
ifr.ifr_addr = *sa;
|
|
|
|
osa->sa_family = sa->sa_family;
|
|
|
|
error = copyout((caddr_t)&ifr, (caddr_t)ifrp,
|
|
|
|
sizeof (ifr));
|
|
|
|
ifrp++;
|
|
|
|
} else
|
|
|
|
#endif
|
|
|
|
if (sa->sa_len <= sizeof(*sa)) {
|
|
|
|
ifr.ifr_addr = *sa;
|
|
|
|
error = copyout((caddr_t)&ifr, (caddr_t)ifrp,
|
|
|
|
sizeof (ifr));
|
|
|
|
ifrp++;
|
|
|
|
} else {
|
2000-04-21 17:48:48 +00:00
|
|
|
if (space < sizeof (ifr) + sa->sa_len -
|
|
|
|
sizeof(*sa))
|
2000-02-28 19:30:25 +00:00
|
|
|
break;
|
1994-05-24 10:09:53 +00:00
|
|
|
space -= sa->sa_len - sizeof(*sa);
|
|
|
|
error = copyout((caddr_t)&ifr, (caddr_t)ifrp,
|
|
|
|
sizeof (ifr.ifr_name));
|
|
|
|
if (error == 0)
|
|
|
|
error = copyout((caddr_t)sa,
|
|
|
|
(caddr_t)&ifrp->ifr_addr, sa->sa_len);
|
|
|
|
ifrp = (struct ifreq *)
|
|
|
|
(sa->sa_len + (caddr_t)&ifrp->ifr_addr);
|
|
|
|
}
|
|
|
|
if (error)
|
|
|
|
break;
|
|
|
|
space -= sizeof (ifr);
|
|
|
|
}
|
2000-02-28 19:30:25 +00:00
|
|
|
if (error)
|
|
|
|
break;
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
if (!addrs) {
|
|
|
|
bzero((caddr_t)&ifr.ifr_addr, sizeof(ifr.ifr_addr));
|
|
|
|
error = copyout((caddr_t)&ifr, (caddr_t)ifrp,
|
|
|
|
sizeof (ifr));
|
|
|
|
if (error)
|
|
|
|
break;
|
2000-02-28 19:30:25 +00:00
|
|
|
space -= sizeof (ifr);
|
|
|
|
ifrp++;
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
ifc->ifc_len -= space;
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
1997-01-07 19:15:32 +00:00
|
|
|
/*
|
|
|
|
* Just like if_promisc(), but for all-multicast-reception mode.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
if_allmulti(ifp, onswitch)
|
|
|
|
struct ifnet *ifp;
|
|
|
|
int onswitch;
|
|
|
|
{
|
|
|
|
int error = 0;
|
|
|
|
int s = splimp();
|
|
|
|
|
|
|
|
if (onswitch) {
|
|
|
|
if (ifp->if_amcount++ == 0) {
|
|
|
|
ifp->if_flags |= IFF_ALLMULTI;
|
|
|
|
error = ifp->if_ioctl(ifp, SIOCSIFFLAGS, 0);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if (ifp->if_amcount > 1) {
|
|
|
|
ifp->if_amcount--;
|
|
|
|
} else {
|
|
|
|
ifp->if_amcount = 0;
|
|
|
|
ifp->if_flags &= ~IFF_ALLMULTI;
|
|
|
|
error = ifp->if_ioctl(ifp, SIOCSIFFLAGS, 0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
splx(s);
|
1997-02-14 15:30:54 +00:00
|
|
|
|
|
|
|
if (error == 0)
|
|
|
|
rt_ifmsg(ifp);
|
1997-01-07 19:15:32 +00:00
|
|
|
return error;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add a multicast listenership to the interface in question.
|
1999-11-22 02:45:11 +00:00
|
|
|
* The link layer provides a routine which converts
|
1997-01-07 19:15:32 +00:00
|
|
|
*/
|
|
|
|
int
|
1997-01-08 13:20:25 +00:00
|
|
|
if_addmulti(ifp, sa, retifma)
|
1997-01-07 19:15:32 +00:00
|
|
|
struct ifnet *ifp; /* interface to manipulate */
|
|
|
|
struct sockaddr *sa; /* address to add */
|
1997-01-08 15:23:17 +00:00
|
|
|
struct ifmultiaddr **retifma;
|
1997-01-07 19:15:32 +00:00
|
|
|
{
|
|
|
|
struct sockaddr *llsa, *dupsa;
|
|
|
|
int error, s;
|
|
|
|
struct ifmultiaddr *ifma;
|
|
|
|
|
1997-07-07 17:36:06 +00:00
|
|
|
/*
|
|
|
|
* If the matching multicast address already exists
|
|
|
|
* then don't add a new one, just add a reference
|
|
|
|
*/
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
|
1997-07-07 17:36:06 +00:00
|
|
|
if (equal(sa, ifma->ifma_addr)) {
|
|
|
|
ifma->ifma_refcount++;
|
|
|
|
if (retifma)
|
|
|
|
*retifma = ifma;
|
|
|
|
return 0;
|
|
|
|
}
|
1997-01-07 19:15:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Give the link layer a chance to accept/reject it, and also
|
|
|
|
* find out which AF_LINK address this maps to, if it isn't one
|
|
|
|
* already.
|
|
|
|
*/
|
|
|
|
if (ifp->if_resolvemulti) {
|
|
|
|
error = ifp->if_resolvemulti(ifp, &llsa, sa);
|
|
|
|
if (error) return error;
|
|
|
|
} else {
|
|
|
|
llsa = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
MALLOC(ifma, struct ifmultiaddr *, sizeof *ifma, M_IFMADDR, M_WAITOK);
|
|
|
|
MALLOC(dupsa, struct sockaddr *, sa->sa_len, M_IFMADDR, M_WAITOK);
|
|
|
|
bcopy(sa, dupsa, sa->sa_len);
|
|
|
|
|
|
|
|
ifma->ifma_addr = dupsa;
|
|
|
|
ifma->ifma_lladdr = llsa;
|
|
|
|
ifma->ifma_ifp = ifp;
|
|
|
|
ifma->ifma_refcount = 1;
|
1997-01-08 13:20:25 +00:00
|
|
|
ifma->ifma_protospec = 0;
|
1997-01-13 21:26:53 +00:00
|
|
|
rt_newmaddrmsg(RTM_NEWMADDR, ifma);
|
1997-01-08 13:20:25 +00:00
|
|
|
|
1997-01-07 19:15:32 +00:00
|
|
|
/*
|
|
|
|
* Some network interfaces can scan the address list at
|
|
|
|
* interrupt time; lock them out.
|
|
|
|
*/
|
|
|
|
s = splimp();
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_INSERT_HEAD(&ifp->if_multiaddrs, ifma, ifma_link);
|
1997-01-07 19:15:32 +00:00
|
|
|
splx(s);
|
1997-01-08 13:20:25 +00:00
|
|
|
*retifma = ifma;
|
1997-01-07 19:15:32 +00:00
|
|
|
|
|
|
|
if (llsa != 0) {
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
|
1997-01-07 19:15:32 +00:00
|
|
|
if (equal(ifma->ifma_addr, llsa))
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (ifma) {
|
|
|
|
ifma->ifma_refcount++;
|
|
|
|
} else {
|
|
|
|
MALLOC(ifma, struct ifmultiaddr *, sizeof *ifma,
|
|
|
|
M_IFMADDR, M_WAITOK);
|
1997-01-13 21:26:53 +00:00
|
|
|
MALLOC(dupsa, struct sockaddr *, llsa->sa_len,
|
|
|
|
M_IFMADDR, M_WAITOK);
|
|
|
|
bcopy(llsa, dupsa, llsa->sa_len);
|
|
|
|
ifma->ifma_addr = dupsa;
|
1997-01-07 19:15:32 +00:00
|
|
|
ifma->ifma_ifp = ifp;
|
|
|
|
ifma->ifma_refcount = 1;
|
1997-07-07 17:36:06 +00:00
|
|
|
s = splimp();
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_INSERT_HEAD(&ifp->if_multiaddrs, ifma, ifma_link);
|
1997-07-07 17:36:06 +00:00
|
|
|
splx(s);
|
1997-01-07 19:15:32 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* We are certain we have added something, so call down to the
|
|
|
|
* interface to let them know about it.
|
|
|
|
*/
|
|
|
|
s = splimp();
|
|
|
|
ifp->if_ioctl(ifp, SIOCADDMULTI, 0);
|
|
|
|
splx(s);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove a reference to a multicast address on this interface. Yell
|
|
|
|
* if the request does not match an existing membership.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
if_delmulti(ifp, sa)
|
|
|
|
struct ifnet *ifp;
|
|
|
|
struct sockaddr *sa;
|
|
|
|
{
|
|
|
|
struct ifmultiaddr *ifma;
|
|
|
|
int s;
|
|
|
|
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link)
|
1997-01-07 19:15:32 +00:00
|
|
|
if (equal(sa, ifma->ifma_addr))
|
|
|
|
break;
|
|
|
|
if (ifma == 0)
|
|
|
|
return ENOENT;
|
|
|
|
|
|
|
|
if (ifma->ifma_refcount > 1) {
|
|
|
|
ifma->ifma_refcount--;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
1997-01-13 21:26:53 +00:00
|
|
|
rt_newmaddrmsg(RTM_DELMADDR, ifma);
|
1997-01-07 19:15:32 +00:00
|
|
|
sa = ifma->ifma_lladdr;
|
|
|
|
s = splimp();
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_REMOVE(&ifp->if_multiaddrs, ifma, ifma_link);
|
1997-01-07 19:15:32 +00:00
|
|
|
splx(s);
|
|
|
|
free(ifma->ifma_addr, M_IFMADDR);
|
|
|
|
free(ifma, M_IFMADDR);
|
|
|
|
if (sa == 0)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Now look for the link-layer address which corresponds to
|
|
|
|
* this network address. It had been squirreled away in
|
|
|
|
* ifma->ifma_lladdr for this purpose (so we don't have
|
|
|
|
* to call ifp->if_resolvemulti() again), and we saved that
|
|
|
|
* value in sa above. If some nasty deleted the
|
|
|
|
* link-layer address out from underneath us, we can deal because
|
|
|
|
* the address we stored was is not the same as the one which was
|
|
|
|
* in the record for the link-layer address. (So we don't complain
|
|
|
|
* in that case.)
|
|
|
|
*/
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link)
|
1997-01-07 19:15:32 +00:00
|
|
|
if (equal(sa, ifma->ifma_addr))
|
|
|
|
break;
|
|
|
|
if (ifma == 0)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
if (ifma->ifma_refcount > 1) {
|
|
|
|
ifma->ifma_refcount--;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
s = splimp();
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_REMOVE(&ifp->if_multiaddrs, ifma, ifma_link);
|
1998-08-12 22:51:59 +00:00
|
|
|
ifp->if_ioctl(ifp, SIOCDELMULTI, 0);
|
1997-01-07 19:15:32 +00:00
|
|
|
splx(s);
|
|
|
|
free(ifma->ifma_addr, M_IFMADDR);
|
|
|
|
free(sa, M_IFMADDR);
|
|
|
|
free(ifma, M_IFMADDR);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2000-08-15 00:48:38 +00:00
|
|
|
/*
|
|
|
|
* Set the link layer address on an interface.
|
|
|
|
*
|
|
|
|
* At this time we only support certain types of interfaces,
|
|
|
|
* and we don't allow the length of the address to change.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
if_setlladdr(struct ifnet *ifp, const u_char *lladdr, int len)
|
|
|
|
{
|
|
|
|
struct sockaddr_dl *sdl;
|
|
|
|
struct ifaddr *ifa;
|
|
|
|
|
|
|
|
ifa = ifnet_addrs[ifp->if_index - 1];
|
|
|
|
if (ifa == NULL)
|
|
|
|
return (EINVAL);
|
|
|
|
sdl = (struct sockaddr_dl *)ifa->ifa_addr;
|
|
|
|
if (sdl == NULL)
|
|
|
|
return (EINVAL);
|
|
|
|
if (len != sdl->sdl_alen) /* don't allow length to change */
|
|
|
|
return (EINVAL);
|
|
|
|
switch (ifp->if_type) {
|
|
|
|
case IFT_ETHER: /* these types use struct arpcom */
|
|
|
|
case IFT_FDDI:
|
|
|
|
case IFT_XETHER:
|
|
|
|
case IFT_ISO88025:
|
|
|
|
case IFT_PROPVIRTUAL: /* XXX waiting for IFT_8021_VLAN */
|
|
|
|
bcopy(lladdr, ((struct arpcom *)ifp->if_softc)->ac_enaddr, len);
|
|
|
|
bcopy(lladdr, LLADDR(sdl), len);
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
return (ENODEV);
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* If the interface is already up, we need
|
|
|
|
* to re-init it in order to reprogram its
|
|
|
|
* address filter.
|
|
|
|
*/
|
|
|
|
if ((ifp->if_flags & IFF_UP) != 0) {
|
|
|
|
ifp->if_flags &= ~IFF_UP;
|
|
|
|
(*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, NULL);
|
|
|
|
ifp->if_flags |= IFF_UP;
|
|
|
|
(*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, NULL);
|
|
|
|
}
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
1997-01-08 13:20:25 +00:00
|
|
|
struct ifmultiaddr *
|
|
|
|
ifmaof_ifpforaddr(sa, ifp)
|
|
|
|
struct sockaddr *sa;
|
|
|
|
struct ifnet *ifp;
|
|
|
|
{
|
|
|
|
struct ifmultiaddr *ifma;
|
|
|
|
|
2001-02-06 10:12:15 +00:00
|
|
|
TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link)
|
1997-01-08 13:20:25 +00:00
|
|
|
if (equal(ifma->ifma_addr, sa))
|
|
|
|
break;
|
|
|
|
|
|
|
|
return ifma;
|
|
|
|
}
|
|
|
|
|
1995-12-20 21:53:53 +00:00
|
|
|
SYSCTL_NODE(_net, PF_LINK, link, CTLFLAG_RW, 0, "Link layers");
|
1996-07-11 16:32:50 +00:00
|
|
|
SYSCTL_NODE(_net_link, 0, generic, CTLFLAG_RW, 0, "Generic link-management");
|