d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MFP4: @176978-176982, 176984, 176990-176994, 177441

Browse Source 
"Whitspace" churn after the VIMAGE/VNET whirls.

Remove the need for some "init" functions within the network
stack, like pim6_init(), icmp_init() or significantly shorten
others like ip6_init() and nd6_init(), using static initialization
again where possible and formerly missed.

Move (most) variables back to the place they used to be before the
container structs and VIMAGE_GLOABLS (before r185088) and try to
reduce the diff to stable/7 and earlier as good as possible,
to help out-of-tree consumers to update from 6.x or 7.x to 8 or 9.

This also removes some header file pollution for putatively
static global variables.

Revert VIMAGE specific changes in ipfilter::ip_auth.c, that are
no longer needed.

Reviewed by:	jhb
Discussed with:	rwatson
Sponsored by:	The FreeBSD Foundation
Sponsored by:	CK Software GmbH
MFC after:	6 days
This commit is contained in:
Bjoern A. Zeeb 2010-04-29 11:52:42 +00:00
parent deb3b115e2
commit 82cea7e6f3
52 changed files with 418 additions and 688 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sys/contrib/ipfilter/netinet/ip_auth.c
View File

@ -70,11 +70,6 @@ struct file;
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#if !defined(_KERNEL) && defined(__FreeBSD_version) && \
__FreeBSD_version >= 800049
# define V_ip_do_randomid ip_do_randomid
# define V_ip_id ip_id
#endif
#if !defined(_KERNEL) && !defined(__osf__) && !defined(__sgi)
# define KERNEL
# define _KERNEL

6
sys/net/if.c
View File

@ -163,9 +163,11 @@ static void if_detach_internal(struct ifnet *, int);
extern void nd6_setmtu(struct ifnet *);
#endif
VNET_DEFINE(int, if_index);
int ifqmaxlen = IFQ_MAXLEN;
VNET_DEFINE(struct ifnethead, ifnet); /* depend on static init XXX */
VNET_DEFINE(struct ifgrouphead, ifg_head);
VNET_DEFINE(int, if_index);
static VNET_DEFINE(int, if_indexlim) = 8;
/* Table of ifnet by index. */
@ -174,8 +176,6 @@ static VNET_DEFINE(struct ifindex_entry *, ifindex_table);
#define V_if_indexlim VNET(if_indexlim)
#define V_ifindex_table VNET(ifindex_table)
int ifqmaxlen = IFQ_MAXLEN;
/*
* The global network interface list (V_ifnet) and related state (such as
* if_index, if_indexlim, and ifindex_table) are protected by an sxlock and

20
sys/net/if_gif.c
View File

@ -94,20 +94,9 @@
*/
static struct mtx gif_mtx;
static MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface");
static VNET_DEFINE(LIST_HEAD(, gif_softc), gif_softc_list);
#define V_gif_softc_list VNET(gif_softc_list)
#ifdef INET
VNET_DEFINE(int, ip_gif_ttl) = GIF_TTL;
#define V_ip_gif_ttl VNET(ip_gif_ttl)
#endif
#ifdef INET6
VNET_DEFINE(int, ip6_gif_hlim) = GIF_HLIM;
#define V_ip6_gif_hlim VNET(ip6_gif_hlim)
#endif
void (*ng_gif_input_p)(struct ifnet *ifp, struct mbuf **mp, int af);
void (*ng_gif_input_orphan_p)(struct ifnet *ifp, struct mbuf *m, int af);
void (*ng_gif_attach_p)(struct ifnet *ifp);
@ -135,19 +124,11 @@ SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0,
*/
#define MAX_GIF_NEST 1
#endif
static VNET_DEFINE(int, max_gif_nesting) = MAX_GIF_NEST;
#define V_max_gif_nesting VNET(max_gif_nesting)
SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_RW,
&VNET_NAME(max_gif_nesting), 0, "Max nested tunnels");
#ifdef INET6
SYSCTL_DECL(_net_inet6_ip6);
SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM, gifhlim, CTLFLAG_RW,
&VNET_NAME(ip6_gif_hlim), 0, "");
#endif
/*
* By default, we disallow creation of multiple tunnels between the same
* pair of addresses. Some applications require this functionality so
@ -159,7 +140,6 @@ static VNET_DEFINE(int, parallel_tunnels) = 1;
static VNET_DEFINE(int, parallel_tunnels) = 0;
#endif
#define V_parallel_tunnels VNET(parallel_tunnels)
SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, parallel_tunnels, CTLFLAG_RW,
&VNET_NAME(parallel_tunnels), 0, "Allow parallel tunnels?");

4
sys/net/if_gif.h
View File

@ -118,10 +118,6 @@ int gif_ioctl(struct ifnet *, u_long, caddr_t);
int gif_set_tunnel(struct ifnet *, struct sockaddr *, struct sockaddr *);
void gif_delete_tunnel(struct ifnet *);
int gif_encapcheck(const struct mbuf *, int, int, void *);
VNET_DECLARE(int, ip_gif_ttl);
#define V_ip_gif_ttl VNET(ip_gif_ttl)
#endif /* _KERNEL */
#define GIFGOPTS _IOWR('i', 150, struct ifreq)

16
sys/net/route.c
View File

@ -88,16 +88,15 @@ SYSCTL_INT(_net, OID_AUTO, add_addr_allfibs, CTLFLAG_RW,
&rt_add_addr_allfibs, 0, "");
TUNABLE_INT("net.add_addr_allfibs", &rt_add_addr_allfibs);
VNET_DEFINE(struct radix_node_head *, rt_tables);
static VNET_DEFINE(uma_zone_t, rtzone); /* Routing table UMA zone. */
VNET_DEFINE(int, rttrash); /* routes not in table but not freed */
VNET_DEFINE(struct rtstat, rtstat);
#define V_rt_tables VNET(rt_tables)
#define V_rtzone VNET(rtzone)
#define V_rttrash VNET(rttrash)
#define V_rtstat VNET(rtstat)
VNET_DEFINE(struct radix_node_head *, rt_tables);
#define V_rt_tables VNET(rt_tables)
VNET_DEFINE(int, rttrash); /* routes not in table but not freed */
#define V_rttrash VNET(rttrash)
/* compare two sockaddr structures */
#define sa_equal(a1, a2) (bcmp((a1), (a2), (a1)->sa_len) == 0)
@ -114,6 +113,9 @@ VNET_DEFINE(struct rtstat, rtstat);
*/
#define RNTORT(p) ((struct rtentry *)(p))
static VNET_DEFINE(uma_zone_t, rtzone); /* Routing table UMA zone. */
#define V_rtzone VNET(rtzone)
#if 0
/* default fib for tunnels to use */
u_int tunnel_fib = 0;

1
sys/netinet/icmp6.h
View File

@ -652,7 +652,6 @@ struct rtentry;
struct rttimer;
struct in6_multi;
# endif
void icmp6_init(void);
void icmp6_paramerror(struct mbuf *, int);
void icmp6_error(struct mbuf *, int, int, int);
void icmp6_error2(struct mbuf *, int, int, int, struct ifnet *);

10
sys/netinet/if_ether.c
View File

@ -82,16 +82,15 @@ SYSCTL_DECL(_net_link_ether);
SYSCTL_NODE(_net_link_ether, PF_INET, inet, CTLFLAG_RW, 0, "");
SYSCTL_NODE(_net_link_ether, PF_ARP, arp, CTLFLAG_RW, 0, "");
VNET_DEFINE(int, useloopback) = 1; /* use loopback interface for
* local traffic */
/* timer values */
static VNET_DEFINE(int, arpt_keep) = (20*60); /* once resolved, good for 20
* minutes */
static VNET_DEFINE(int, arp_maxtries) = 5;
VNET_DEFINE(int, useloopback) = 1; /* use loopback interface for
* local traffic */
static VNET_DEFINE(int, arp_proxyall) = 0;
static VNET_DEFINE(int, arpt_down) = 20; /* keep incomplete entries for
* 20 seconds */
static VNET_DEFINE(int, arp_maxtries) = 5;
static VNET_DEFINE(int, arp_proxyall);
static VNET_DEFINE(struct arpstat, arpstat); /* ARP statistics, see if_arp.h */
#define V_arpt_keep VNET(arpt_keep)
@ -103,7 +102,6 @@ static VNET_DEFINE(struct arpstat, arpstat); /* ARP statistics, see if_arp.h */
SYSCTL_VNET_INT(_net_link_ether_inet, OID_AUTO, max_age, CTLFLAG_RW,
&VNET_NAME(arpt_keep), 0,
"ARP entry lifetime in seconds");
SYSCTL_VNET_INT(_net_link_ether_inet, OID_AUTO, maxtries, CTLFLAG_RW,
&VNET_NAME(arp_maxtries), 0,
"ARP resolution attempts before returning error");

11
sys/netinet/in.c
View File

@ -77,20 +77,19 @@ static int in_ifinit(struct ifnet *,
static void in_purgemaddrs(struct ifnet *);
static VNET_DEFINE(int, subnetsarelocal);
static VNET_DEFINE(int, sameprefixcarponly);
VNET_DECLARE(struct inpcbinfo, ripcbinfo);
#define V_subnetsarelocal VNET(subnetsarelocal)
#define V_sameprefixcarponly VNET(sameprefixcarponly)
#define V_ripcbinfo VNET(ripcbinfo)
SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, subnets_are_local, CTLFLAG_RW,
&VNET_NAME(subnetsarelocal), 0,
"Treat all subnets as directly connected");
static VNET_DEFINE(int, sameprefixcarponly);
#define V_sameprefixcarponly VNET(sameprefixcarponly)
SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, same_prefix_carp_only, CTLFLAG_RW,
&VNET_NAME(sameprefixcarponly), 0,
"Refuse to create same prefixes on different interfaces");
VNET_DECLARE(struct inpcbinfo, ripcbinfo);
#define V_ripcbinfo VNET(ripcbinfo)
/*
* Return 1 if an internet address is for a ``local'' host
* (one to which we have a connection). If subnetsarelocal

2
sys/netinet/in_gif.c
View File

@ -85,6 +85,8 @@ struct protosw in_gif_protosw = {
.pr_usrreqs = &rip_usrreqs
};
VNET_DEFINE(int, ip_gif_ttl) = GIF_TTL;
#define V_ip_gif_ttl VNET(ip_gif_ttl)
SYSCTL_VNET_INT(_net_inet_ip, IPCTL_GIF_TTL, gifttl, CTLFLAG_RW,
&VNET_NAME(ip_gif_ttl), 0, "");

1
sys/netinet/in_proto.c
View File

@ -208,7 +208,6 @@ struct protosw inetsw[] = {
.pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
.pr_input = icmp_input,
.pr_ctloutput = rip_ctloutput,
.pr_init = icmp_init,
.pr_usrreqs = &rip_usrreqs
},
{

21
sys/netinet/in_rmx.c
View File

@ -131,22 +131,22 @@ in_matroute(void *v_arg, struct radix_node_head *head)
return rn;
}
static VNET_DEFINE(int, rtq_reallyold);
static VNET_DEFINE(int, rtq_minreallyold);
static VNET_DEFINE(int, rtq_toomany);
static VNET_DEFINE(int, rtq_reallyold) = 60*60; /* one hour is "really old" */
#define V_rtq_reallyold VNET(rtq_reallyold)
#define V_rtq_minreallyold VNET(rtq_minreallyold)
#define V_rtq_toomany VNET(rtq_toomany)
SYSCTL_VNET_INT(_net_inet_ip, IPCTL_RTEXPIRE, rtexpire, CTLFLAG_RW,
&VNET_NAME(rtq_reallyold), 0,
"Default expiration time on dynamically learned routes");
/* never automatically crank down to less */
static VNET_DEFINE(int, rtq_minreallyold) = 10;
#define V_rtq_minreallyold VNET(rtq_minreallyold)
SYSCTL_VNET_INT(_net_inet_ip, IPCTL_RTMINEXPIRE, rtminexpire, CTLFLAG_RW,
&VNET_NAME(rtq_minreallyold), 0,
"Minimum time to attempt to hold onto dynamically learned routes");
/* 128 cached routes is "too many" */
static VNET_DEFINE(int, rtq_toomany) = 128;
#define V_rtq_toomany VNET(rtq_toomany)
SYSCTL_VNET_INT(_net_inet_ip, IPCTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW,
&VNET_NAME(rtq_toomany), 0,
"Upper limit on dynamically learned routes");
@ -239,7 +239,7 @@ in_rtqkill(struct radix_node *rn, void *rock)
}
#define RTQ_TIMEOUT 60*10 /* run no less than once every ten minutes */
static VNET_DEFINE(int, rtq_timeout);
static VNET_DEFINE(int, rtq_timeout) = RTQ_TIMEOUT;
static VNET_DEFINE(struct callout, rtq_timer);
#define V_rtq_timeout VNET(rtq_timeout)
@ -362,11 +362,6 @@ in_inithead(void **head, int off)
if (off == 0) /* XXX MRT see above */
return 1; /* only do the rest for a real routing table */
V_rtq_reallyold = 60*60; /* one hour is "really old" */
V_rtq_minreallyold = 10; /* never automatically crank down to less */
V_rtq_toomany = 128; /* 128 cached routes is "too many" */
V_rtq_timeout = RTQ_TIMEOUT;
rnh = *head;
rnh->rnh_addaddr = in_addroute;
rnh->rnh_matchaddr = in_matroute;

59
sys/netinet/ip_icmp.c
View File

@ -75,65 +75,60 @@ __FBSDID("$FreeBSD$");
* routines to turnaround packets back to the originator, and
* host table maintenance routines.
*/
VNET_DEFINE(struct icmpstat, icmpstat);
static VNET_DEFINE(int, icmpmaskrepl);
static VNET_DEFINE(u_int, icmpmaskfake);
static VNET_DEFINE(int, drop_redirect);
static VNET_DEFINE(int, log_redirect);
static VNET_DEFINE(int, icmplim);
static VNET_DEFINE(int, icmplim_output);
static VNET_DEFINE(char, reply_src[IFNAMSIZ]);
static VNET_DEFINE(int, icmp_rfi);
static VNET_DEFINE(int, icmp_quotelen);
static VNET_DEFINE(int, icmpbmcastecho);
#define V_icmpmaskrepl VNET(icmpmaskrepl)
#define V_icmpmaskfake VNET(icmpmaskfake)
#define V_drop_redirect VNET(drop_redirect)
#define V_log_redirect VNET(log_redirect)
#define V_icmplim VNET(icmplim)
#define V_icmplim_output VNET(icmplim_output)
#define V_reply_src VNET(reply_src)
#define V_icmp_rfi VNET(icmp_rfi)
#define V_icmp_quotelen VNET(icmp_quotelen)
#define V_icmpbmcastecho VNET(icmpbmcastecho)
SYSCTL_VNET_STRUCT(_net_inet_icmp, ICMPCTL_STATS, stats, CTLFLAG_RW,
&VNET_NAME(icmpstat), icmpstat, "");
static VNET_DEFINE(int, icmpmaskrepl) = 0;
#define V_icmpmaskrepl VNET(icmpmaskrepl)
SYSCTL_VNET_INT(_net_inet_icmp, ICMPCTL_MASKREPL, maskrepl, CTLFLAG_RW,
&VNET_NAME(icmpmaskrepl), 0,
"Reply to ICMP Address Mask Request packets.");
static VNET_DEFINE(u_int, icmpmaskfake) = 0;
#define V_icmpmaskfake VNET(icmpmaskfake)
SYSCTL_VNET_UINT(_net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW,
&VNET_NAME(icmpmaskfake), 0,
"Fake reply to ICMP Address Mask Request packets.");
static VNET_DEFINE(int, drop_redirect) = 0;
#define V_drop_redirect VNET(drop_redirect)
SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, drop_redirect, CTLFLAG_RW,
&VNET_NAME(drop_redirect), 0,
"Ignore ICMP redirects");
static VNET_DEFINE(int, log_redirect) = 0;
#define V_log_redirect VNET(log_redirect)
SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, log_redirect, CTLFLAG_RW,
&VNET_NAME(log_redirect), 0,
"Log ICMP redirects to the console");
static VNET_DEFINE(int, icmplim) = 200;
#define V_icmplim VNET(icmplim)
SYSCTL_VNET_INT(_net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, CTLFLAG_RW,
&VNET_NAME(icmplim), 0,
"Maximum number of ICMP responses per second");
static VNET_DEFINE(int, icmplim_output) = 1;
#define V_icmplim_output VNET(icmplim_output)
SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, icmplim_output, CTLFLAG_RW,
&VNET_NAME(icmplim_output), 0,
"Enable rate limiting of ICMP responses");
static VNET_DEFINE(char, reply_src[IFNAMSIZ]);
#define V_reply_src VNET(reply_src)
SYSCTL_VNET_STRING(_net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW,
&VNET_NAME(reply_src), IFNAMSIZ,
"icmp reply source for non-local packets.");
static VNET_DEFINE(int, icmp_rfi) = 0;
#define V_icmp_rfi VNET(icmp_rfi)
SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, reply_from_interface, CTLFLAG_RW,
&VNET_NAME(icmp_rfi), 0,
"ICMP reply from incoming interface for non-local packets");
static VNET_DEFINE(int, icmp_quotelen) = 8;
#define V_icmp_quotelen VNET(icmp_quotelen)
SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW,
&VNET_NAME(icmp_quotelen), 0,
"Number of bytes from original packet to quote in ICMP reply");
@ -141,7 +136,8 @@ SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW,
/*
* ICMP broadcast echo sysctl
*/
static VNET_DEFINE(int, icmpbmcastecho) = 0;
#define V_icmpbmcastecho VNET(icmpbmcastecho)
SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, bmcastecho, CTLFLAG_RW,
&VNET_NAME(icmpbmcastecho), 0,
"");
@ -156,21 +152,6 @@ static void icmp_send(struct mbuf *, struct mbuf *);
extern struct protosw inetsw[];
void
icmp_init(void)
{
V_icmpmaskrepl = 0;
V_icmpmaskfake = 0;
V_drop_redirect = 0;
V_log_redirect = 0;
V_icmplim = 200;
V_icmplim_output = 1;
V_icmp_rfi = 0;
V_icmp_quotelen = 8;
V_icmpbmcastecho = 0;
}
/*
* Kernel module interface for updating icmpstat. The argument is an index
* into icmpstat treated as an array of u_long. While this encodes the

1
sys/netinet/ip_icmp.h
View File

@ -208,7 +208,6 @@ struct icmp {
#ifdef _KERNEL
void icmp_error(struct mbuf *, int, int, uint32_t, int);
void icmp_input(struct mbuf *, int);
void icmp_init(void);
int ip_next_mtu(int, int);
#endif

72
sys/netinet/ip_input.c
View File

@ -89,66 +89,40 @@ __FBSDID("$FreeBSD$");
CTASSERT(sizeof(struct ip) == 20);
#endif
static VNET_DEFINE(int, ipsendredirects) = 1; /* XXX */
static VNET_DEFINE(int, ip_checkinterface);
static VNET_DEFINE(int, ip_keepfaith);
static VNET_DEFINE(int, ip_sendsourcequench);
#define V_ipsendredirects VNET(ipsendredirects)
#define V_ip_checkinterface VNET(ip_checkinterface)
#define V_ip_keepfaith VNET(ip_keepfaith)
#define V_ip_sendsourcequench VNET(ip_sendsourcequench)
VNET_DEFINE(int, ip_defttl) = IPDEFTTL;
VNET_DEFINE(int, ip_do_randomid);
VNET_DEFINE(int, ipforwarding);
VNET_DEFINE(struct in_ifaddrhead, in_ifaddrhead); /* first inet address */
VNET_DEFINE(struct in_ifaddrhashhead *, in_ifaddrhashtbl); /* inet addr hash table */
VNET_DEFINE(u_long, in_ifaddrhmask); /* mask for hash table */
VNET_DEFINE(struct ipstat, ipstat);
static VNET_DEFINE(int, ip_rsvp_on);
VNET_DEFINE(struct socket *, ip_rsvpd);
VNET_DEFINE(int, rsvp_on);
#define V_ip_rsvp_on VNET(ip_rsvp_on)
static VNET_DEFINE(TAILQ_HEAD(ipqhead, ipq), ipq[IPREASS_NHASH]);
static VNET_DEFINE(int, maxnipq); /* Administrative limit on # reass queues. */
static VNET_DEFINE(int, maxfragsperpacket);
static VNET_DEFINE(int, nipq); /* Total # of reass queues */
#define V_ipq VNET(ipq)
#define V_maxnipq VNET(maxnipq)
#define V_maxfragsperpacket VNET(maxfragsperpacket)
#define V_nipq VNET(nipq)
VNET_DEFINE(int, ipstealth);
struct rwlock in_ifaddr_lock;
RW_SYSINIT(in_ifaddr_lock, &in_ifaddr_lock, "in_ifaddr_lock");
VNET_DEFINE(int, rsvp_on);
VNET_DEFINE(int, ipforwarding);
SYSCTL_VNET_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW,
&VNET_NAME(ipforwarding), 0,
"Enable IP forwarding between interfaces");
static VNET_DEFINE(int, ipsendredirects) = 1; /* XXX */
#define V_ipsendredirects VNET(ipsendredirects)
SYSCTL_VNET_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW,
&VNET_NAME(ipsendredirects), 0,
"Enable sending IP redirects");
VNET_DEFINE(int, ip_defttl) = IPDEFTTL;
SYSCTL_VNET_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW,
&VNET_NAME(ip_defttl), 0,
"Maximum TTL on IP packets");
static VNET_DEFINE(int, ip_keepfaith);
#define V_ip_keepfaith VNET(ip_keepfaith)
SYSCTL_VNET_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
&VNET_NAME(ip_keepfaith), 0,
"Enable packet capture for FAITH IPv4->IPv6 translater daemon");
static VNET_DEFINE(int, ip_sendsourcequench);
#define V_ip_sendsourcequench VNET(ip_sendsourcequench)
SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW,
&VNET_NAME(ip_sendsourcequench), 0,
"Enable the transmission of source quench packets");
VNET_DEFINE(int, ip_do_randomid);
SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW,
&VNET_NAME(ip_do_randomid), 0,
"Assign random ip_id values");
@ -166,6 +140,8 @@ SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW,
* to the loopback interface instead of the interface where the
* packets for those addresses are received.
*/
static VNET_DEFINE(int, ip_checkinterface);
#define V_ip_checkinterface VNET(ip_checkinterface)
SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW,
&VNET_NAME(ip_checkinterface), 0,
"Verify packet arrives on correct interface");
@ -182,16 +158,22 @@ static struct netisr_handler ip_nh = {
extern struct domain inetdomain;
extern struct protosw inetsw[];
u_char ip_protox[IPPROTO_MAX];
VNET_DEFINE(struct in_ifaddrhead, in_ifaddrhead); /* first inet address */
VNET_DEFINE(struct in_ifaddrhashhead *, in_ifaddrhashtbl); /* inet addr hash table */
VNET_DEFINE(u_long, in_ifaddrhmask); /* mask for hash table */
VNET_DEFINE(struct ipstat, ipstat);
SYSCTL_VNET_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW,
&VNET_NAME(ipstat), ipstat,
"IP statistics (struct ipstat, netinet/ip_var.h)");
static VNET_DEFINE(uma_zone_t, ipq_zone);
#define V_ipq_zone VNET(ipq_zone)
static VNET_DEFINE(TAILQ_HEAD(ipqhead, ipq), ipq[IPREASS_NHASH]);
static struct mtx ipqlock;
#define V_ipq_zone VNET(ipq_zone)
#define V_ipq VNET(ipq)
#define IPQ_LOCK() mtx_lock(&ipqlock)
#define IPQ_UNLOCK() mtx_unlock(&ipqlock)
#define IPQ_LOCK_INIT() mtx_init(&ipqlock, "ipqlock", NULL, MTX_DEF)
@ -201,10 +183,16 @@ static void maxnipq_update(void);
static void ipq_zone_change(void *);
static void ip_drain_locked(void);
static VNET_DEFINE(int, maxnipq); /* Administrative limit on # reass queues. */
static VNET_DEFINE(int, nipq); /* Total # of reass queues */
#define V_maxnipq VNET(maxnipq)
#define V_nipq VNET(nipq)
SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, fragpackets, CTLFLAG_RD,
&VNET_NAME(nipq), 0,
"Current number of IPv4 fragment reassembly queue entries");
static VNET_DEFINE(int, maxfragsperpacket);
#define V_maxfragsperpacket VNET(maxfragsperpacket)
SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW,
&VNET_NAME(maxfragsperpacket), 0,
"Maximum number of IPv4 fragments allowed per packet");
@ -217,6 +205,7 @@ SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
#endif
#ifdef IPSTEALTH
VNET_DEFINE(int, ipstealth);
SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW,
&VNET_NAME(ipstealth), 0,
"IP stealth mode, no TTL decrementation on forwarding");
@ -1740,6 +1729,11 @@ ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip,
* locking. This code remains in ip_input.c as ip_mroute.c is optionally
* compiled.
*/
static VNET_DEFINE(int, ip_rsvp_on);
VNET_DEFINE(struct socket *, ip_rsvpd);
#define V_ip_rsvp_on VNET(ip_rsvp_on)
int
ip_rsvp_init(struct socket *so)
{

13
sys/netinet/ip_var.h
View File

@ -181,9 +181,13 @@ VNET_DECLARE(int, ipforwarding); /* ip forwarding */
#ifdef IPSTEALTH
VNET_DECLARE(int, ipstealth); /* stealth forwarding */
#endif
VNET_DECLARE(int, rsvp_on);
extern u_char ip_protox[];
VNET_DECLARE(struct socket *, ip_rsvpd); /* reservation protocol daemon*/
VNET_DECLARE(struct socket *, ip_mrouter); /* multicast routing daemon */
extern int (*legal_vif_num)(int);
extern u_long (*ip_mcast_src)(int);
VNET_DECLARE(int, rsvp_on);
extern struct pr_usrreqs rip_usrreqs;
#define V_ipstat VNET(ipstat)
#define V_ip_id VNET(ip_id)
@ -192,14 +196,9 @@ VNET_DECLARE(struct socket *, ip_mrouter); /* multicast routing daemon */
#ifdef IPSTEALTH
#define V_ipstealth VNET(ipstealth)
#endif
#define V_rsvp_on VNET(rsvp_on)
#define V_ip_rsvpd VNET(ip_rsvpd)
#define V_ip_mrouter VNET(ip_mrouter)
extern u_char ip_protox[];
extern int (*legal_vif_num)(int);
extern u_long (*ip_mcast_src)(int);
extern struct pr_usrreqs rip_usrreqs;
#define V_rsvp_on VNET(rsvp_on)
void inp_freemoptions(struct ip_moptions *);
int inp_getmoptions(struct inpcb *, struct sockopt *);

4
sys/netinet/tcp_hostcache.c
View File

@ -107,9 +107,9 @@ __FBSDID("$FreeBSD$");
#define TCP_HOSTCACHE_PRUNE 5*60 /* every 5 minutes */
static VNET_DEFINE(struct tcp_hostcache, tcp_hostcache);
static VNET_DEFINE(struct callout, tcp_hc_callout);
#define V_tcp_hostcache VNET(tcp_hostcache)
static VNET_DEFINE(struct callout, tcp_hc_callout);
#define V_tcp_hc_callout VNET(tcp_hc_callout)
static struct hc_metrics *tcp_hc_lookup(struct in_conninfo *);

39
sys/netinet/tcp_input.c
View File

@ -99,20 +99,6 @@ __FBSDID("$FreeBSD$");
static const int tcprexmtthresh = 3;
VNET_DEFINE(struct tcpstat, tcpstat);
VNET_DEFINE(int, blackhole);
VNET_DEFINE(int, tcp_delack_enabled);
VNET_DEFINE(int, drop_synfin);
VNET_DEFINE(int, tcp_do_rfc3042);
VNET_DEFINE(int, tcp_do_rfc3390);
VNET_DEFINE(int, tcp_do_ecn);
VNET_DEFINE(int, tcp_ecn_maxretries);
VNET_DEFINE(int, tcp_insecure_rst);
VNET_DEFINE(int, tcp_do_autorcvbuf);
VNET_DEFINE(int, tcp_autorcvbuf_inc);
VNET_DEFINE(int, tcp_autorcvbuf_max);
VNET_DEFINE(int, tcp_do_rfc3465);
VNET_DEFINE(int, tcp_abc_l_var);
SYSCTL_VNET_STRUCT(_net_inet_tcp, TCPCTL_STATS, stats, CTLFLAG_RW,
&VNET_NAME(tcpstat), tcpstat,
"TCP statistics (struct tcpstat, netinet/tcp_var.h)");
@ -122,56 +108,79 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW,
&tcp_log_in_vain, 0,
"Log all incoming TCP segments to closed ports");
VNET_DEFINE(int, blackhole) = 0;
#define V_blackhole VNET(blackhole)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW,
&VNET_NAME(blackhole), 0,
"Do not send RST on segments to closed ports");
VNET_DEFINE(int, tcp_delack_enabled) = 1;
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, delayed_ack, CTLFLAG_RW,
&VNET_NAME(tcp_delack_enabled), 0,
"Delay ACK to try and piggyback it onto a data packet");
VNET_DEFINE(int, drop_synfin) = 0;
#define V_drop_synfin VNET(drop_synfin)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, drop_synfin, CTLFLAG_RW,
&VNET_NAME(drop_synfin), 0,
"Drop TCP packets with SYN+FIN set");
VNET_DEFINE(int, tcp_do_rfc3042) = 1;
#define V_tcp_do_rfc3042 VNET(tcp_do_rfc3042)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, rfc3042, CTLFLAG_RW,
&VNET_NAME(tcp_do_rfc3042), 0,
"Enable RFC 3042 (Limited Transmit)");
VNET_DEFINE(int, tcp_do_rfc3390) = 1;
#define V_tcp_do_rfc3390 VNET(tcp_do_rfc3390)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, rfc3390, CTLFLAG_RW,
&VNET_NAME(tcp_do_rfc3390), 0,
"Enable RFC 3390 (Increasing TCP's Initial Congestion Window)");
VNET_DEFINE(int, tcp_do_rfc3465) = 1;
#define V_tcp_do_rfc3465 VNET(tcp_do_rfc3465)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, rfc3465, CTLFLAG_RW,
&VNET_NAME(tcp_do_rfc3465), 0,
"Enable RFC 3465 (Appropriate Byte Counting)");
VNET_DEFINE(int, tcp_abc_l_var) = 2;
#define V_tcp_abc_l_var VNET(tcp_abc_l_var)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, abc_l_var, CTLFLAG_RW,
&VNET_NAME(tcp_abc_l_var), 2,
"Cap the max cwnd increment during slow-start to this number of segments");
SYSCTL_NODE(_net_inet_tcp, OID_AUTO, ecn, CTLFLAG_RW, 0, "TCP ECN");
VNET_DEFINE(int, tcp_do_ecn) = 0;
SYSCTL_VNET_INT(_net_inet_tcp_ecn, OID_AUTO, enable, CTLFLAG_RW,
&VNET_NAME(tcp_do_ecn), 0,
"TCP ECN support");
VNET_DEFINE(int, tcp_ecn_maxretries) = 1;
SYSCTL_VNET_INT(_net_inet_tcp_ecn, OID_AUTO, maxretries, CTLFLAG_RW,
&VNET_NAME(tcp_ecn_maxretries), 0,
"Max retries before giving up on ECN");
VNET_DEFINE(int, tcp_insecure_rst) = 0;
#define V_tcp_insecure_rst VNET(tcp_insecure_rst)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, insecure_rst, CTLFLAG_RW,
&VNET_NAME(tcp_insecure_rst), 0,
"Follow the old (insecure) criteria for accepting RST packets");
VNET_DEFINE(int, tcp_do_autorcvbuf) = 1;
#define V_tcp_do_autorcvbuf VNET(tcp_do_autorcvbuf)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, recvbuf_auto, CTLFLAG_RW,
&VNET_NAME(tcp_do_autorcvbuf), 0,
"Enable automatic receive buffer sizing");
VNET_DEFINE(int, tcp_autorcvbuf_inc) = 16*1024;
#define V_tcp_autorcvbuf_inc VNET(tcp_autorcvbuf_inc)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, recvbuf_inc, CTLFLAG_RW,
&VNET_NAME(tcp_autorcvbuf_inc), 0,
"Incrementor step size of automatic receive buffer");
VNET_DEFINE(int, tcp_autorcvbuf_max) = 256*1024;
#define V_tcp_autorcvbuf_max VNET(tcp_autorcvbuf_max)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, recvbuf_max, CTLFLAG_RW,
&VNET_NAME(tcp_autorcvbuf_max), 0,
"Max size of automatic receive buffer");
@ -181,8 +190,8 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, read_locking, CTLFLAG_RW,
&tcp_read_locking, 0, "Enable read locking strategy");
VNET_DEFINE(struct inpcbhead, tcb);
VNET_DEFINE(struct inpcbinfo, tcbinfo);
#define tcb6 tcb /* for KAME src sync over BSD*'s */
VNET_DEFINE(struct inpcbinfo, tcbinfo);
static void tcp_dooptions(struct tcpopt *, u_char *, int, int);
static void tcp_do_segment(struct mbuf *, struct tcphdr *,

21
sys/netinet/tcp_output.c
View File

@ -87,43 +87,46 @@ __FBSDID("$FreeBSD$");
extern struct mbuf *m_copypack();
#endif
VNET_DEFINE(int, path_mtu_discovery);
VNET_DEFINE(int, ss_fltsz);
VNET_DEFINE(int, ss_fltsz_local);
VNET_DEFINE(int, tcp_do_newreno);
VNET_DEFINE(int, tcp_do_tso);
VNET_DEFINE(int, tcp_do_autosndbuf);
VNET_DEFINE(int, tcp_autosndbuf_inc);
VNET_DEFINE(int, tcp_autosndbuf_max);
VNET_DEFINE(int, path_mtu_discovery) = 1;
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, path_mtu_discovery, CTLFLAG_RW,
&VNET_NAME(path_mtu_discovery), 1,
"Enable Path MTU Discovery");
VNET_DEFINE(int, ss_fltsz) = 1;
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, slowstart_flightsize, CTLFLAG_RW,
&VNET_NAME(ss_fltsz), 1,
"Slow start flight size");
VNET_DEFINE(int, ss_fltsz_local) = 4;
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, local_slowstart_flightsize,
CTLFLAG_RW, &VNET_NAME(ss_fltsz_local), 1,
"Slow start flight size for local networks");
VNET_DEFINE(int, tcp_do_newreno) = 1;
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, newreno, CTLFLAG_RW,
&VNET_NAME(tcp_do_newreno), 0,
"Enable NewReno Algorithms");
VNET_DEFINE(int, tcp_do_tso) = 1;
#define V_tcp_do_tso VNET(tcp_do_tso)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, tso, CTLFLAG_RW,
&VNET_NAME(tcp_do_tso), 0,
"Enable TCP Segmentation Offload");
VNET_DEFINE(int, tcp_do_autosndbuf) = 1;
#define V_tcp_do_autosndbuf VNET(tcp_do_autosndbuf)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, sendbuf_auto, CTLFLAG_RW,
&VNET_NAME(tcp_do_autosndbuf), 0,
"Enable automatic send buffer sizing");
VNET_DEFINE(int, tcp_autosndbuf_inc) = 8*1024;
#define V_tcp_autosndbuf_inc VNET(tcp_autosndbuf_inc)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, sendbuf_inc, CTLFLAG_RW,
&VNET_NAME(tcp_autosndbuf_inc), 0,
"Incrementor step size of automatic send buffer");
VNET_DEFINE(int, tcp_autosndbuf_max) = 256*1024;
#define V_tcp_autosndbuf_max VNET(tcp_autosndbuf_max)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, sendbuf_max, CTLFLAG_RW,
&VNET_NAME(tcp_autosndbuf_max), 0,
"Max size of automatic send buffer");

21
sys/netinet/tcp_reass.c
View File

@ -74,30 +74,28 @@ __FBSDID("$FreeBSD$");
#include <netinet/tcp_debug.h>
#endif /* TCPDEBUG */
static VNET_DEFINE(int, tcp_reass_maxseg);
VNET_DEFINE(int, tcp_reass_qsize);
static VNET_DEFINE(int, tcp_reass_maxqlen);
static VNET_DEFINE(int, tcp_reass_overflows);
#define V_tcp_reass_maxseg VNET(tcp_reass_maxseg)
#define V_tcp_reass_maxqlen VNET(tcp_reass_maxqlen)
#define V_tcp_reass_overflows VNET(tcp_reass_overflows)
SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0,
"TCP Segment Reassembly Queue");
static VNET_DEFINE(int, tcp_reass_maxseg) = 0;
#define V_tcp_reass_maxseg VNET(tcp_reass_maxseg)
SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN,
&VNET_NAME(tcp_reass_maxseg), 0,
"Global maximum number of TCP Segments in Reassembly Queue");
VNET_DEFINE(int, tcp_reass_qsize) = 0;
SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, cursegments, CTLFLAG_RD,
&VNET_NAME(tcp_reass_qsize), 0,
"Global number of TCP Segments currently in Reassembly Queue");
static VNET_DEFINE(int, tcp_reass_maxqlen) = 48;
#define V_tcp_reass_maxqlen VNET(tcp_reass_maxqlen)
SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxqlen, CTLFLAG_RW,
&VNET_NAME(tcp_reass_maxqlen), 0,
"Maximum number of TCP Segments per individual Reassembly Queue");
static VNET_DEFINE(int, tcp_reass_overflows) = 0;
#define V_tcp_reass_overflows VNET(tcp_reass_overflows)
SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows, CTLFLAG_RD,
&VNET_NAME(tcp_reass_overflows), 0,
"Global number of TCP Segment Reassembly Queue Overflows");
@ -117,11 +115,6 @@ void
tcp_reass_init(void)
{
V_tcp_reass_maxseg = 0;
V_tcp_reass_qsize = 0;
V_tcp_reass_maxqlen = 48;
V_tcp_reass_overflows = 0;
V_tcp_reass_maxseg = nmbclusters / 16;
TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments",
&V_tcp_reass_maxseg);

17
sys/netinet/tcp_sack.c
View File

@ -123,29 +123,28 @@ __FBSDID("$FreeBSD$");
#include <machine/in_cksum.h>
VNET_DECLARE(struct uma_zone *, sack_hole_zone);
VNET_DEFINE(int, tcp_do_sack);
VNET_DEFINE(int, tcp_sack_maxholes);
VNET_DEFINE(int, tcp_sack_globalmaxholes);
VNET_DEFINE(int, tcp_sack_globalholes);
#define V_sack_hole_zone VNET(sack_hole_zone)
#define V_tcp_do_sack VNET(tcp_do_sack)
#define V_tcp_sack_maxholes VNET(tcp_sack_maxholes)
#define V_tcp_sack_globalmaxholes VNET(tcp_sack_globalmaxholes)
#define V_tcp_sack_globalholes VNET(tcp_sack_globalholes)
SYSCTL_NODE(_net_inet_tcp, OID_AUTO, sack, CTLFLAG_RW, 0, "TCP SACK");
VNET_DEFINE(int, tcp_do_sack) = 1;
#define V_tcp_do_sack VNET(tcp_do_sack)
SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, enable, CTLFLAG_RW,
&VNET_NAME(tcp_do_sack), 0, "Enable/Disable TCP SACK support");
VNET_DEFINE(int, tcp_sack_maxholes) = 128;
#define V_tcp_sack_maxholes VNET(tcp_sack_maxholes)
SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, maxholes, CTLFLAG_RW,
&VNET_NAME(tcp_sack_maxholes), 0,
"Maximum number of TCP SACK holes allowed per connection");
VNET_DEFINE(int, tcp_sack_globalmaxholes) = 65536;
#define V_tcp_sack_globalmaxholes VNET(tcp_sack_globalmaxholes)
SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, globalmaxholes, CTLFLAG_RW,
&VNET_NAME(tcp_sack_globalmaxholes), 0,
"Global maximum number of TCP SACK holes");
VNET_DEFINE(int, tcp_sack_globalholes) = 0;
#define V_tcp_sack_globalholes VNET(tcp_sack_globalholes)
SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, globalholes, CTLFLAG_RD,
&VNET_NAME(tcp_sack_globalholes), 0,
"Global number of TCP SACK holes currently allocated");

90
sys/netinet/tcp_subr.c
View File

@ -111,28 +111,10 @@ __FBSDID("$FreeBSD$");
#include <security/mac/mac_framework.h>
VNET_DEFINE(int, tcp_mssdflt);
VNET_DEFINE(int, tcp_mssdflt) = TCP_MSS;
#ifdef INET6
VNET_DEFINE(int, tcp_v6mssdflt);
VNET_DEFINE(int, tcp_v6mssdflt) = TCP6_MSS;
#endif
VNET_DEFINE(int, tcp_minmss);
VNET_DEFINE(int, tcp_do_rfc1323);
static VNET_DEFINE(int, icmp_may_rst);
static VNET_DEFINE(int, tcp_isn_reseed_interval);
static VNET_DEFINE(int, tcp_inflight_enable);
static VNET_DEFINE(int, tcp_inflight_rttthresh);
static VNET_DEFINE(int, tcp_inflight_min);
static VNET_DEFINE(int, tcp_inflight_max);
static VNET_DEFINE(int, tcp_inflight_stab);
#define V_icmp_may_rst VNET(icmp_may_rst)
#define V_tcp_isn_reseed_interval VNET(tcp_isn_reseed_interval)
#define V_tcp_inflight_enable VNET(tcp_inflight_enable)
#define V_tcp_inflight_rttthresh VNET(tcp_inflight_rttthresh)
#define V_tcp_inflight_min VNET(tcp_inflight_min)
#define V_tcp_inflight_max VNET(tcp_inflight_max)
#define V_tcp_inflight_stab VNET(tcp_inflight_stab)
static int
sysctl_net_inet_tcp_mss_check(SYSCTL_HANDLER_ARGS)
@ -194,10 +176,12 @@ vnet_sysctl_msec_to_ticks(SYSCTL_HANDLER_ARGS)
* with packet generation and sending. Set to zero to disable MINMSS
* checking. This setting prevents us from sending too small packets.
*/
VNET_DEFINE(int, tcp_minmss) = TCP_MINMSS;
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, minmss, CTLFLAG_RW,
&VNET_NAME(tcp_minmss), 0,
"Minmum TCP Maximum Segment Size");
VNET_DEFINE(int, tcp_do_rfc1323) = 1;
SYSCTL_VNET_INT(_net_inet_tcp, TCPCTL_DO_RFC1323, rfc1323, CTLFLAG_RW,
&VNET_NAME(tcp_do_rfc1323), 0,
"Enable rfc1323 (high performance TCP) extensions");
@ -217,10 +201,14 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, do_tcpdrain, CTLFLAG_RW, &do_tcpdrain, 0,
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, pcbcount, CTLFLAG_RD,
&VNET_NAME(tcbinfo.ipi_count), 0, "Number of active PCBs");
static VNET_DEFINE(int, icmp_may_rst) = 1;
#define V_icmp_may_rst VNET(icmp_may_rst)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, icmp_may_rst, CTLFLAG_RW,
&VNET_NAME(icmp_may_rst), 0,
"Certain ICMP unreachable messages may abort connections in SYN_SENT");
static VNET_DEFINE(int, tcp_isn_reseed_interval) = 0;
#define V_tcp_isn_reseed_interval VNET(tcp_isn_reseed_interval)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, isn_reseed_interval, CTLFLAG_RW,
&VNET_NAME(tcp_isn_reseed_interval), 0,
"Seconds between reseeding of ISN secret");
@ -233,6 +221,8 @@ SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, isn_reseed_interval, CTLFLAG_RW,
SYSCTL_NODE(_net_inet_tcp, OID_AUTO, inflight, CTLFLAG_RW, 0,
"TCP inflight data limiting");
static VNET_DEFINE(int, tcp_inflight_enable) = 1;
#define V_tcp_inflight_enable VNET(tcp_inflight_enable)
SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, enable, CTLFLAG_RW,
&VNET_NAME(tcp_inflight_enable), 0,
"Enable automatic TCP inflight data limiting");
@ -242,19 +232,27 @@ SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, debug, CTLFLAG_RW,
&tcp_inflight_debug, 0,
"Debug TCP inflight calculations");
static VNET_DEFINE(int, tcp_inflight_rttthresh);
#define V_tcp_inflight_rttthresh VNET(tcp_inflight_rttthresh)
SYSCTL_VNET_PROC(_net_inet_tcp_inflight, OID_AUTO, rttthresh,
CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(tcp_inflight_rttthresh), 0,
vnet_sysctl_msec_to_ticks, "I",
"RTT threshold below which inflight will deactivate itself");
static VNET_DEFINE(int, tcp_inflight_min) = 6144;
#define V_tcp_inflight_min VNET(tcp_inflight_min)
SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, min, CTLFLAG_RW,
&VNET_NAME(tcp_inflight_min), 0,
"Lower-bound for TCP inflight window");
static VNET_DEFINE(int, tcp_inflight_max) = TCP_MAXWIN << TCP_MAX_WINSHIFT;
#define V_tcp_inflight_max VNET(tcp_inflight_max)
SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, max, CTLFLAG_RW,
&VNET_NAME(tcp_inflight_max), 0,
"Upper-bound for TCP inflight window");
static VNET_DEFINE(int, tcp_inflight_stab) = 20;
#define V_tcp_inflight_stab VNET(tcp_inflight_stab)
SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, stab, CTLFLAG_RW,
&VNET_NAME(tcp_inflight_stab), 0,
"Inflight Algorithm Stabilization 20 = 2 packets");
@ -329,53 +327,6 @@ tcp_init(void)
{
int hashsize;
V_blackhole = 0;
V_tcp_delack_enabled = 1;
V_drop_synfin = 0;
V_tcp_do_rfc3042 = 1;
V_tcp_do_rfc3390 = 1;
V_tcp_do_ecn = 0;
V_tcp_ecn_maxretries = 1;
V_tcp_insecure_rst = 0;
V_tcp_do_autorcvbuf = 1;
V_tcp_autorcvbuf_inc = 16*1024;
V_tcp_autorcvbuf_max = 256*1024;
V_tcp_do_rfc3465 = 1;
V_tcp_abc_l_var = 2;
V_tcp_mssdflt = TCP_MSS;
#ifdef INET6
V_tcp_v6mssdflt = TCP6_MSS;
#endif
V_tcp_minmss = TCP_MINMSS;
V_tcp_do_rfc1323 = 1;
V_icmp_may_rst = 1;
V_tcp_isn_reseed_interval = 0;
V_tcp_inflight_enable = 1;
V_tcp_inflight_min = 6144;
V_tcp_inflight_max = TCP_MAXWIN << TCP_MAX_WINSHIFT;
V_tcp_inflight_stab = 20;
V_path_mtu_discovery = 1;
V_ss_fltsz = 1;
V_ss_fltsz_local = 4;
V_tcp_do_newreno = 1;
V_tcp_do_tso = 1;
V_tcp_do_autosndbuf = 1;
V_tcp_autosndbuf_inc = 8*1024;
V_tcp_autosndbuf_max = 256*1024;
V_nolocaltimewait = 0;
V_tcp_do_sack = 1;
V_tcp_sack_maxholes = 128;
V_tcp_sack_globalmaxholes = 65536;
V_tcp_sack_globalholes = 0;
V_tcp_inflight_rttthresh = TCPTV_INFLIGHT_RTTTHRESH;
TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack);
hashsize = TCBHASHSIZE;
TUNABLE_INT_FETCH("net.inet.tcp.tcbhashsize", &hashsize);
if (!powerof2(hashsize)) {
@ -385,16 +336,21 @@ tcp_init(void)
in_pcbinfo_init(&V_tcbinfo, "tcp", &V_tcb, hashsize, hashsize,
"tcp_inpcb", tcp_inpcb_init, NULL, UMA_ZONE_NOFREE);
V_tcp_inflight_rttthresh = TCPTV_INFLIGHT_RTTTHRESH;
/*
* These have to be type stable for the benefit of the timers.
*/
V_tcpcb_zone = uma_zcreate("tcpcb", sizeof(struct tcpcb_mem),
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
uma_zone_set_max(V_tcpcb_zone, maxsockets);
tcp_tw_init();
syncache_init();
tcp_hc_init();
tcp_reass_init();
TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack);
V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole),
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);

19
sys/netinet/tcp_syncache.c
View File

@ -97,19 +97,14 @@ __FBSDID("$FreeBSD$");
#include <security/mac/mac_framework.h>
static VNET_DEFINE(struct tcp_syncache, tcp_syncache);
static VNET_DEFINE(int, tcp_syncookies);
static VNET_DEFINE(int, tcp_syncookiesonly);
VNET_DEFINE(int, tcp_sc_rst_sock_fail);
#define V_tcp_syncache VNET(tcp_syncache)
static VNET_DEFINE(int, tcp_syncookies) = 1;
#define V_tcp_syncookies VNET(tcp_syncookies)
#define V_tcp_syncookiesonly VNET(tcp_syncookiesonly)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, syncookies, CTLFLAG_RW,
&VNET_NAME(tcp_syncookies), 0,
"Use TCP SYN cookies if the syncache overflows");
static VNET_DEFINE(int, tcp_syncookiesonly) = 0;
#define V_tcp_syncookiesonly VNET(tcp_syncookiesonly)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, syncookies_only, CTLFLAG_RW,
&VNET_NAME(tcp_syncookiesonly), 0,
"Use only TCP SYN cookies");
@ -148,6 +143,9 @@ static struct syncache
#define TCP_SYNCACHE_HASHSIZE 512
#define TCP_SYNCACHE_BUCKETLIMIT 30
static VNET_DEFINE(struct tcp_syncache, tcp_syncache);
#define V_tcp_syncache VNET(tcp_syncache)
SYSCTL_NODE(_net_inet_tcp, OID_AUTO, syncache, CTLFLAG_RW, 0, "TCP SYN cache");
SYSCTL_VNET_INT(_net_inet_tcp_syncache, OID_AUTO, bucketlimit, CTLFLAG_RDTUN,
@ -170,6 +168,7 @@ SYSCTL_VNET_INT(_net_inet_tcp_syncache, OID_AUTO, rexmtlimit, CTLFLAG_RW,
&VNET_NAME(tcp_syncache.rexmt_limit), 0,
"Limit on SYN/ACK retransmissions");
VNET_DEFINE(int, tcp_sc_rst_sock_fail) = 1;
SYSCTL_VNET_INT(_net_inet_tcp_syncache, OID_AUTO, rst_on_sock_fail,
CTLFLAG_RW, &VNET_NAME(tcp_sc_rst_sock_fail), 0,
"Send reset on socket allocation failure");
@ -224,10 +223,6 @@ syncache_init(void)
{
int i;
V_tcp_syncookies = 1;
V_tcp_syncookiesonly = 0;
V_tcp_sc_rst_sock_fail = 1;
V_tcp_syncache.cache_count = 0;
V_tcp_syncache.hashsize = TCP_SYNCACHE_HASHSIZE;
V_tcp_syncache.bucket_limit = TCP_SYNCACHE_BUCKETLIMIT;

8
sys/netinet/tcp_timewait.c
View File

@ -92,6 +92,8 @@ __FBSDID("$FreeBSD$");
#include <security/mac/mac_framework.h>
static VNET_DEFINE(uma_zone_t, tcptw_zone);
#define V_tcptw_zone VNET(tcptw_zone)
static int maxtcptw;
/*
@ -100,11 +102,7 @@ static int maxtcptw;
* queue pointers in each tcptw structure, are protected using the global
* tcbinfo lock, which must be held over queue iteration and modification.
*/
static VNET_DEFINE(uma_zone_t, tcptw_zone);
static VNET_DEFINE(TAILQ_HEAD(, tcptw), twq_2msl);
VNET_DEFINE(int, nolocaltimewait);
#define V_tcptw_zone VNET(tcptw_zone)
#define V_twq_2msl VNET(twq_2msl)
static void tcp_tw_2msl_reset(struct tcptw *, int);
@ -149,6 +147,8 @@ SYSCTL_PROC(_net_inet_tcp, OID_AUTO, maxtcptw, CTLTYPE_INT|CTLFLAG_RW,
&maxtcptw, 0, sysctl_maxtcptw, "IU",
"Maximum number of compressed TCP TIME_WAIT entries");
VNET_DEFINE(int, nolocaltimewait) = 0;
#define V_nolocaltimewait VNET(nolocaltimewait)
SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, nolocaltimewait, CTLFLAG_RW,
&VNET_NAME(nolocaltimewait), 0,
"Do not create compressed TCP TIME_WAIT entries for local connections");

56
sys/netinet/tcp_var.h
View File

@ -42,12 +42,12 @@
* Kernel variables for tcp.
*/
VNET_DECLARE(int, tcp_do_rfc1323);
#define V_tcp_do_rfc1323 VNET(tcp_do_rfc1323)
VNET_DECLARE(int, tcp_reass_qsize);
VNET_DECLARE(struct uma_zone *, tcp_reass_zone);
#define V_tcp_do_rfc1323 VNET(tcp_do_rfc1323)
#define V_tcp_reass_qsize VNET(tcp_reass_qsize)
#define V_tcp_reass_zone VNET(tcp_reass_zone)
#endif /* _KERNEL */
/* TCP segment queue entry */
@ -558,11 +558,10 @@ SYSCTL_DECL(_net_inet_tcp_sack);
MALLOC_DECLARE(M_TCPLOG);
#endif
extern int tcp_log_in_vain;
VNET_DECLARE(struct inpcbhead, tcb); /* queue of active tcpcb's */
VNET_DECLARE(struct inpcbinfo, tcbinfo);
VNET_DECLARE(struct tcpstat, tcpstat); /* tcp statistics */
extern int tcp_log_in_vain;
VNET_DECLARE(int, tcp_mssdflt); /* XXX */
VNET_DECLARE(int, tcp_minmss);
VNET_DECLARE(int, tcp_delack_enabled);
@ -570,7 +569,6 @@ VNET_DECLARE(int, tcp_do_newreno);
VNET_DECLARE(int, path_mtu_discovery);
VNET_DECLARE(int, ss_fltsz);
VNET_DECLARE(int, ss_fltsz_local);
#define V_tcb VNET(tcb)
#define V_tcbinfo VNET(tcbinfo)
#define V_tcpstat VNET(tcpstat)
@ -582,55 +580,13 @@ VNET_DECLARE(int, ss_fltsz_local);
#define V_ss_fltsz VNET(ss_fltsz)
#define V_ss_fltsz_local VNET(ss_fltsz_local)
VNET_DECLARE(int, blackhole);
VNET_DECLARE(int, drop_synfin);
VNET_DECLARE(int, tcp_do_rfc3042);
VNET_DECLARE(int, tcp_do_rfc3390);
VNET_DECLARE(int, tcp_insecure_rst);
VNET_DECLARE(int, tcp_do_autorcvbuf);
VNET_DECLARE(int, tcp_autorcvbuf_inc);
VNET_DECLARE(int, tcp_autorcvbuf_max);
VNET_DECLARE(int, tcp_do_rfc3465);
VNET_DECLARE(int, tcp_abc_l_var);
#define V_blackhole VNET(blackhole)
#define V_drop_synfin VNET(drop_synfin)
#define V_tcp_do_rfc3042 VNET(tcp_do_rfc3042)
#define V_tcp_do_rfc3390 VNET(tcp_do_rfc3390)
#define V_tcp_insecure_rst VNET(tcp_insecure_rst)
#define V_tcp_do_autorcvbuf VNET(tcp_do_autorcvbuf)
#define V_tcp_autorcvbuf_inc VNET(tcp_autorcvbuf_inc)
#define V_tcp_autorcvbuf_max VNET(tcp_autorcvbuf_max)
#define V_tcp_do_rfc3465 VNET(tcp_do_rfc3465)
#define V_tcp_abc_l_var VNET(tcp_abc_l_var)
VNET_DECLARE(int, tcp_do_tso);
VNET_DECLARE(int, tcp_do_autosndbuf);
VNET_DECLARE(int, tcp_autosndbuf_inc);
VNET_DECLARE(int, tcp_autosndbuf_max);
#define V_tcp_do_tso VNET(tcp_do_tso)
#define V_tcp_do_autosndbuf VNET(tcp_do_autosndbuf)
#define V_tcp_autosndbuf_inc VNET(tcp_autosndbuf_inc)
#define V_tcp_autosndbuf_max VNET(tcp_autosndbuf_max)
VNET_DECLARE(int, nolocaltimewait);
#define V_nolocaltimewait VNET(nolocaltimewait)
VNET_DECLARE(int, tcp_do_sack); /* SACK enabled/disabled */
VNET_DECLARE(int, tcp_sack_maxholes);
VNET_DECLARE(int, tcp_sack_globalmaxholes);
VNET_DECLARE(int, tcp_sack_globalholes);
VNET_DECLARE(int, tcp_sc_rst_sock_fail); /* RST on sock alloc failure */
#define V_tcp_do_sack VNET(tcp_do_sack)
#define V_tcp_sc_rst_sock_fail VNET(tcp_sc_rst_sock_fail)
VNET_DECLARE(int, tcp_do_ecn); /* TCP ECN enabled/disabled */
VNET_DECLARE(int, tcp_ecn_maxretries);
#define V_tcp_do_sack VNET(tcp_do_sack)
#define V_tcp_sack_maxholes VNET(tcp_sack_maxholes)
#define V_tcp_sack_globalmaxholes VNET(tcp_sack_globalmaxholes)
#define V_tcp_sack_globalholes VNET(tcp_sack_globalholes)
#define V_tcp_sc_rst_sock_fail VNET(tcp_sc_rst_sock_fail)
#define V_tcp_do_ecn VNET(tcp_do_ecn)
#define V_tcp_ecn_maxretries VNET(tcp_ecn_maxretries)

7
sys/netinet/udp_usrreq.c
View File

@ -94,8 +94,6 @@ __FBSDID("$FreeBSD$");
* Per RFC 768, August, 1980.
*/
VNET_DEFINE(int, udp_blackhole);
/*
* BSD 4.2 defaulted the udp checksum to be off. Turning off udp checksums
* removes the only data integrity mechanism for packets and malformed
@ -110,6 +108,7 @@ int udp_log_in_vain = 0;
SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_RW,
&udp_log_in_vain, 0, "Log all incoming UDP packets");
VNET_DEFINE(int, udp_blackhole) = 0;
SYSCTL_VNET_INT(_net_inet_udp, OID_AUTO, blackhole, CTLFLAG_RW,
&VNET_NAME(udp_blackhole), 0,
"Do not send port unreachables for refused connects");
@ -133,14 +132,13 @@ SYSCTL_ULONG(_net_inet_udp, UDPCTL_RECVSPACE, recvspace, CTLFLAG_RW,
VNET_DEFINE(struct inpcbhead, udb); /* from udp_var.h */
VNET_DEFINE(struct inpcbinfo, udbinfo);
static VNET_DEFINE(uma_zone_t, udpcb_zone);
VNET_DEFINE(struct udpstat, udpstat); /* from udp_var.h */
#define V_udpcb_zone VNET(udpcb_zone)
#ifndef UDBHASHSIZE
#define UDBHASHSIZE 128
#endif
VNET_DEFINE(struct udpstat, udpstat); /* from udp_var.h */
SYSCTL_VNET_STRUCT(_net_inet_udp, UDPCTL_STATS, stats, CTLFLAG_RW,
&VNET_NAME(udpstat), udpstat,
"UDP statistics (struct udpstat, netinet/udp_var.h)");
@ -179,7 +177,6 @@ void
udp_init(void)
{
V_udp_blackhole = 0;
in_pcbinfo_init(&V_udbinfo, "udp", &V_udb, UDBHASHSIZE, UDBHASHSIZE,
"udp_inpcb", udp_inpcb_init, NULL, UMA_ZONE_NOFREE);
V_udpcb_zone = uma_zcreate("udpcb", sizeof(struct udpcb),

10
sys/netinet/udp_var.h
View File

@ -129,19 +129,17 @@ void kmod_udpstat_inc(int statnum);
SYSCTL_DECL(_net_inet_udp);
extern struct pr_usrreqs udp_usrreqs;
VNET_DECLARE(struct inpcbhead, udb);
VNET_DECLARE(struct inpcbinfo, udbinfo);
VNET_DECLARE(struct udpstat, udpstat);
VNET_DECLARE(int, udp_blackhole);
#define V_udb VNET(udb)
#define V_udbinfo VNET(udbinfo)
#define V_udpstat VNET(udpstat)
#define V_udp_blackhole VNET(udp_blackhole)
extern u_long udp_sendspace;
extern u_long udp_recvspace;
VNET_DECLARE(struct udpstat, udpstat);
VNET_DECLARE(int, udp_blackhole);
#define V_udpstat VNET(udpstat)
#define V_udp_blackhole VNET(udp_blackhole)
extern int udp_log_in_vain;
int udp_newudpcb(struct inpcb *);

5
sys/netinet6/frag6.c
View File

@ -106,16 +106,17 @@ void
frag6_init(void)
{
V_ip6q.ip6q_next = V_ip6q.ip6q_prev = &V_ip6q;
V_ip6_maxfragpackets = nmbclusters / 4;
V_ip6_maxfrags = nmbclusters / 4;
V_ip6q.ip6q_next = V_ip6q.ip6q_prev = &V_ip6q;
if (!IS_DEFAULT_VNET(curvnet))
return;
IP6Q_LOCK_INIT();
EVENTHANDLER_REGISTER(nmbclusters_change,
frag6_change, NULL, EVENTHANDLER_PRI_ANY);
IP6Q_LOCK_INIT();
}
/*

21
sys/netinet6/icmp6.c
View File

@ -113,23 +113,22 @@ __FBSDID("$FreeBSD$");
extern struct domain inet6domain;
VNET_DEFINE(struct icmp6stat, icmp6stat);
VNET_DECLARE(struct inpcbinfo, ripcbinfo);
VNET_DECLARE(struct inpcbhead, ripcb);
VNET_DECLARE(int, icmp6errppslim);
static VNET_DEFINE(int, icmp6errpps_count) = 0;
static VNET_DEFINE(struct timeval, icmp6errppslim_last);
VNET_DECLARE(int, icmp6_nodeinfo);
#define V_ripcbinfo VNET(ripcbinfo)
#define V_ripcb VNET(ripcb)
#define V_icmp6errppslim VNET(icmp6errppslim)
#define V_icmp6errpps_count VNET(icmp6errpps_count)
#define V_icmp6errppslim_last VNET(icmp6errppslim_last)
#define V_icmp6_nodeinfo VNET(icmp6_nodeinfo)
VNET_DEFINE(struct icmp6stat, icmp6stat);
static VNET_DEFINE(int, icmp6errpps_count);
static VNET_DEFINE(struct timeval, icmp6errppslim_last);
#define V_icmp6errpps_count VNET(icmp6errpps_count)
#define V_icmp6errppslim_last VNET(icmp6errppslim_last)
static void icmp6_errcount(struct icmp6errstat *, int, int);
static int icmp6_rip6_input(struct mbuf **, int);
static int icmp6_ratelimit(const struct in6_addr *, const int, const int);
@ -144,14 +143,6 @@ static int ni6_store_addrs __P((struct icmp6_nodeinfo *, struct icmp6_nodeinfo *
struct ifnet *, int));
static int icmp6_notify_error(struct mbuf **, int, int, int);
void
icmp6_init(void)
{
V_icmp6errpps_count = 0;
}
/*
* Kernel module interface for updating icmp6stat. The argument is an index
* into icmp6stat treated as an array of u_quad_t. While this encodes the

9
sys/netinet6/in6_gif.c
View File

@ -41,8 +41,10 @@ __FBSDID("$FreeBSD$");
#include <sys/sockio.h>
#include <sys/mbuf.h>
#include <sys/errno.h>
#include <sys/kernel.h>
#include <sys/queue.h>
#include <sys/syslog.h>
#include <sys/sysctl.h>
#include <sys/protosw.h>
#include <sys/malloc.h>
@ -69,6 +71,13 @@ __FBSDID("$FreeBSD$");
#include <net/if_gif.h>
VNET_DEFINE(int, ip6_gif_hlim) = GIF_HLIM;
#define V_ip6_gif_hlim VNET(ip6_gif_hlim)
SYSCTL_DECL(_net_inet6_ip6);
SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM, gifhlim, CTLFLAG_RW,
&VNET_NAME(ip6_gif_hlim), 0, "");
static int gif_validate6(const struct ip6_hdr *, struct gif_softc *,
struct ifnet *);

11
sys/netinet6/in6_ifattach.c
View File

@ -67,10 +67,15 @@ __FBSDID("$FreeBSD$");
#include <netinet6/mld6_var.h>
#include <netinet6/scope6_var.h>
VNET_DEFINE(unsigned long, in6_maxmtu);
VNET_DEFINE(int, ip6_auto_linklocal);
VNET_DEFINE(struct callout, in6_tmpaddrtimer_ch);
VNET_DEFINE(unsigned long, in6_maxmtu) = 0;
#ifdef IP6_AUTO_LINKLOCAL
VNET_DEFINE(int, ip6_auto_linklocal) = IP6_AUTO_LINKLOCAL;
#else
VNET_DEFINE(int, ip6_auto_linklocal) = 1; /* enabled by default */
#endif
VNET_DEFINE(struct callout, in6_tmpaddrtimer_ch);
#define V_in6_tmpaddrtimer_ch VNET(in6_tmpaddrtimer_ch)
VNET_DECLARE(struct inpcbinfo, ripcbinfo);

84
sys/netinet6/in6_proto.c
View File

@ -234,7 +234,6 @@ struct ip6protosw inet6sw[] = {
.pr_output = rip6_output,
.pr_ctlinput = rip6_ctlinput,
.pr_ctloutput = rip6_ctloutput,
.pr_init = icmp6_init,
.pr_fasttimo = icmp6_fasttimo,
.pr_slowtimo = icmp6_slowtimo,
.pr_usrreqs = &rip6_usrreqs
@ -378,25 +377,44 @@ VNET_DOMAIN_SET(inet6);
/*
* Internet configuration info
*/
VNET_DEFINE(int, ip6_forwarding);
VNET_DEFINE(int, ip6_sendredirects);
VNET_DEFINE(int, ip6_defhlim);
VNET_DEFINE(int, ip6_defmcasthlim);
VNET_DEFINE(int, ip6_accept_rtadv);
VNET_DEFINE(int, ip6_maxfragpackets);
VNET_DEFINE(int, ip6_maxfrags);
VNET_DEFINE(int, ip6_log_interval);
VNET_DEFINE(int, ip6_hdrnestlimit);
VNET_DEFINE(int, ip6_dad_count);
VNET_DEFINE(int, ip6_auto_flowlabel);
VNET_DEFINE(int, ip6_use_deprecated);
VNET_DEFINE(int, ip6_rr_prune);
VNET_DEFINE(int, ip6_mcast_pmtu);
VNET_DEFINE(int, ip6_v6only);
VNET_DEFINE(int, ip6_keepfaith);
VNET_DEFINE(time_t, ip6_log_time);
VNET_DEFINE(int, ip6stealth);
VNET_DEFINE(int, nd6_onlink_ns_rfc4861);
#ifndef IPV6FORWARDING
#ifdef GATEWAY6
#define IPV6FORWARDING 1 /* forward IP6 packets not for us */
#else
#define IPV6FORWARDING 0 /* don't forward IP6 packets not for us */
#endif /* GATEWAY6 */
#endif /* !IPV6FORWARDING */
#ifndef IPV6_SENDREDIRECTS
#define IPV6_SENDREDIRECTS 1
#endif
VNET_DEFINE(int, ip6_forwarding) = IPV6FORWARDING; /* act as router? */
VNET_DEFINE(int, ip6_sendredirects) = IPV6_SENDREDIRECTS;
VNET_DEFINE(int, ip6_defhlim) = IPV6_DEFHLIM;
VNET_DEFINE(int, ip6_defmcasthlim) = IPV6_DEFAULT_MULTICAST_HOPS;
VNET_DEFINE(int, ip6_accept_rtadv) = 0;
VNET_DEFINE(int, ip6_maxfragpackets); /* initialized in frag6.c:frag6_init() */
VNET_DEFINE(int, ip6_maxfrags); /* initialized in frag6.c:frag6_init() */
VNET_DEFINE(int, ip6_log_interval) = 5;
VNET_DEFINE(int, ip6_hdrnestlimit) = 15;/* How many header options will we
* process? */
VNET_DEFINE(int, ip6_dad_count) = 1; /* DupAddrDetectionTransmits */
VNET_DEFINE(int, ip6_auto_flowlabel) = 1;
VNET_DEFINE(int, ip6_use_deprecated) = 1;/* allow deprecated addr
* (RFC2462 5.5.4) */
VNET_DEFINE(int, ip6_rr_prune) = 5; /* router renumbering prefix
* walk list every 5 sec. */
VNET_DEFINE(int, ip6_mcast_pmtu) = 0; /* enable pMTU discovery for multicast? */
VNET_DEFINE(int, ip6_v6only) = 1;
VNET_DEFINE(int, ip6_keepfaith) = 0;
VNET_DEFINE(time_t, ip6_log_time) = (time_t)0L;
#ifdef IPSTEALTH
VNET_DEFINE(int, ip6stealth) = 0;
#endif
VNET_DEFINE(int, nd6_onlink_ns_rfc4861) = 0;/* allow 'on-link' nd6 NS
* (RFC 4861) */
/* icmp6 */
/*
@ -404,26 +422,31 @@ VNET_DEFINE(int, nd6_onlink_ns_rfc4861);
* XXX: what if we don't define INET? Should we define pmtu6_expire
* or so? (jinmei@kame.net 19990310)
*/
VNET_DEFINE(int, pmtu_expire);
VNET_DEFINE(int, pmtu_probe);
VNET_DEFINE(int, pmtu_expire) = 60*10;
VNET_DEFINE(int, pmtu_probe) = 60*2;
/* raw IP6 parameters */
/*
* Nominal space allocated to a raw ip socket.
*/
VNET_DEFINE(u_long, rip6_sendspace);
VNET_DEFINE(u_long, rip6_recvspace);
#define RIPV6SNDQ 8192
#define RIPV6RCVQ 8192
VNET_DEFINE(u_long, rip6_sendspace) = RIPV6SNDQ;
VNET_DEFINE(u_long, rip6_recvspace) = RIPV6RCVQ;
/* ICMPV6 parameters */
VNET_DEFINE(int, icmp6_rediraccept);
VNET_DEFINE(int, icmp6_redirtimeout);
VNET_DEFINE(int, icmp6errppslim);
VNET_DEFINE(int, icmp6_rediraccept) = 1;/* accept and process redirects */
VNET_DEFINE(int, icmp6_redirtimeout) = 10 * 60; /* 10 minutes */
VNET_DEFINE(int, icmp6errppslim) = 100; /* 100pps */
/* control how to respond to NI queries */
VNET_DEFINE(int, icmp6_nodeinfo);
VNET_DEFINE(int, icmp6_nodeinfo) =
(ICMP6_NODEINFO_FQDNOK|ICMP6_NODEINFO_NODEADDROK);
/* UDP on IP6 parameters */
VNET_DEFINE(int, udp6_sendspace);
VNET_DEFINE(int, udp6_recvspace);
VNET_DEFINE(int, udp6_sendspace) = 9216;/* really max datagram size */
VNET_DEFINE(int, udp6_recvspace) = 40 * (1024 + sizeof(struct sockaddr_in6));
/* 40 1K datagrams */
/*
* sysctl related items.
@ -571,7 +594,6 @@ SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MAXNUDHINT, nd6_maxnudhint,
CTLFLAG_RW, &VNET_NAME(nd6_maxnudhint), 0, "");
SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG, nd6_debug, CTLFLAG_RW,
&VNET_NAME(nd6_debug), 0, "");
SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861,
nd6_onlink_ns_rfc4861, CTLFLAG_RW, &VNET_NAME(nd6_onlink_ns_rfc4861),
0, "Accept 'on-link' nd6 NS in compliance with RFC 4861.");

23
sys/netinet6/in6_rmx.c
View File

@ -204,20 +204,21 @@ in6_matroute(void *v_arg, struct radix_node_head *head)
SYSCTL_DECL(_net_inet6_ip6);
static VNET_DEFINE(int, rtq_reallyold6);
static VNET_DEFINE(int, rtq_minreallyold6);
static VNET_DEFINE(int, rtq_toomany6);
static VNET_DEFINE(int, rtq_reallyold6) = 60*60;
/* one hour is ``really old'' */
#define V_rtq_reallyold6 VNET(rtq_reallyold6)
#define V_rtq_minreallyold6 VNET(rtq_minreallyold6)
#define V_rtq_toomany6 VNET(rtq_toomany6)
SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_RTEXPIRE, rtexpire, CTLFLAG_RW,
&VNET_NAME(rtq_reallyold6) , 0, "");
static VNET_DEFINE(int, rtq_minreallyold6) = 10;
/* never automatically crank down to less */
#define V_rtq_minreallyold6 VNET(rtq_minreallyold6)
SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_RTMINEXPIRE, rtminexpire, CTLFLAG_RW,
&VNET_NAME(rtq_minreallyold6) , 0, "");
static VNET_DEFINE(int, rtq_toomany6) = 128;
/* 128 cached routes is ``too many'' */
#define V_rtq_toomany6 VNET(rtq_toomany6)
SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW,
&VNET_NAME(rtq_toomany6) , 0, "");
@ -277,7 +278,7 @@ in6_rtqkill(struct radix_node *rn, void *rock)
}
#define RTQ_TIMEOUT 60*10 /* run no less than once every ten minutes */
static VNET_DEFINE(int, rtq_timeout6);
static VNET_DEFINE(int, rtq_timeout6) = RTQ_TIMEOUT;
static VNET_DEFINE(struct callout, rtq_timer6);
#define V_rtq_timeout6 VNET(rtq_timeout6)
@ -346,7 +347,6 @@ struct mtuex_arg {
struct radix_node_head *rnh;
time_t nextstop;
};
static VNET_DEFINE(struct callout, rtq_mtutimer);
#define V_rtq_mtutimer VNET(rtq_mtutimer)
@ -422,11 +422,6 @@ in6_inithead(void **head, int off)
if (off == 0) /* See above */
return 1; /* only do the rest for the real thing */
V_rtq_reallyold6 = 60*60; /* one hour is ``really old'' */
V_rtq_minreallyold6 = 10; /* never automatically crank down to less */
V_rtq_toomany6 = 128; /* 128 cached routes is ``too many'' */
V_rtq_timeout6 = RTQ_TIMEOUT;
rnh = *head;
KASSERT(rnh == rt_tables_get_rnh(0, AF_INET6), ("rnh?"));
rnh->rnh_addaddr = in6_addroute;

7
sys/netinet6/in6_src.c
View File

@ -122,12 +122,11 @@ static struct sx addrsel_sxlock;
#define ADDRSEL_XUNLOCK() sx_xunlock(&addrsel_sxlock)
#define ADDR_LABEL_NOTAPP (-1)
static VNET_DEFINE(struct in6_addrpolicy, defaultaddrpolicy);
VNET_DEFINE(int, ip6_prefer_tempaddr);
#define V_defaultaddrpolicy VNET(defaultaddrpolicy)
VNET_DEFINE(int, ip6_prefer_tempaddr) = 0;
static int selectroute __P((struct sockaddr_in6 *, struct ip6_pktopts *,
struct ip6_moptions *, struct route_in6 *, struct ifnet **,
struct rtentry **, int));
@ -952,8 +951,6 @@ void
addrsel_policy_init(void)
{
V_ip6_prefer_tempaddr = 0;
init_policy_queue();
/* initialize the "last resort" policy */

9
sys/netinet6/in6_var.h
View File

@ -487,12 +487,7 @@ struct in6_rrenumreq {
#ifdef _KERNEL
VNET_DECLARE(struct in6_ifaddrhead, in6_ifaddrhead);
VNET_DECLARE(struct icmp6stat, icmp6stat);
VNET_DECLARE(unsigned long, in6_maxmtu);
#define V_in6_ifaddrhead VNET(in6_ifaddrhead)
#define V_icmp6stat VNET(icmp6stat)
#define V_in6_maxmtu VNET(in6_maxmtu)
extern struct rwlock in6_ifaddr_lock;
#define IN6_IFADDR_LOCK_ASSERT( ) rw_assert(&in6_ifaddr_lock, RA_LOCKED)
@ -503,6 +498,8 @@ extern struct rwlock in6_ifaddr_lock;
#define IN6_IFADDR_WLOCK_ASSERT() rw_assert(&in6_ifaddr_lock, RA_WLOCKED)
#define IN6_IFADDR_WUNLOCK() rw_wunlock(&in6_ifaddr_lock)
VNET_DECLARE(struct icmp6stat, icmp6stat);
#define V_icmp6stat VNET(icmp6stat)
#define in6_ifstat_inc(ifp, tag) \
do { \
if (ifp) \
@ -511,6 +508,8 @@ do { \
extern struct in6_addr zeroin6_addr;
extern u_char inet6ctlerrmap[];
VNET_DECLARE(unsigned long, in6_maxmtu);
#define V_in6_maxmtu VNET(in6_maxmtu)
#endif /* _KERNEL */
/*

107
sys/netinet6/ip6_input.c
View File

@ -116,6 +116,7 @@ __FBSDID("$FreeBSD$");
extern struct domain inet6domain;
u_char ip6_protox[IPPROTO_MAX];
VNET_DEFINE(struct in6_ifaddrhead, in6_ifaddrhead);
static struct netisr_handler ip6_nh = {
.nh_name = "ip6",
@ -124,36 +125,16 @@ static struct netisr_handler ip6_nh = {
.nh_policy = NETISR_POLICY_FLOW,
};
VNET_DEFINE(struct in6_ifaddrhead, in6_ifaddrhead);
VNET_DEFINE(struct ip6stat, ip6stat);
VNET_DECLARE(struct callout, in6_tmpaddrtimer_ch);
VNET_DECLARE(int, dad_init);
VNET_DECLARE(int, pmtu_expire);
VNET_DECLARE(int, pmtu_probe);
VNET_DECLARE(u_long, rip6_sendspace);
VNET_DECLARE(u_long, rip6_recvspace);
VNET_DECLARE(int, icmp6errppslim);
VNET_DECLARE(int, icmp6_nodeinfo);
VNET_DECLARE(int, udp6_sendspace);
VNET_DECLARE(int, udp6_recvspace);
#define V_in6_tmpaddrtimer_ch VNET(in6_tmpaddrtimer_ch)
#define V_dad_init VNET(dad_init)
#define V_pmtu_expire VNET(pmtu_expire)
#define V_pmtu_probe VNET(pmtu_probe)
#define V_rip6_sendspace VNET(rip6_sendspace)
#define V_rip6_recvspace VNET(rip6_recvspace)
#define V_icmp6errppslim VNET(icmp6errppslim)
#define V_icmp6_nodeinfo VNET(icmp6_nodeinfo)
#define V_udp6_sendspace VNET(udp6_sendspace)
#define V_udp6_recvspace VNET(udp6_recvspace)
VNET_DEFINE(struct pfil_head, inet6_pfil_hook);
VNET_DEFINE(struct ip6stat, ip6stat);
struct rwlock in6_ifaddr_lock;
RW_SYSINIT(in6_ifaddr_lock, &in6_ifaddr_lock, "in6_ifaddr_lock");
VNET_DEFINE (struct pfil_head, inet6_pfil_hook);
static void ip6_init2(void *);
static struct ip6aux *ip6_setdstifaddr(struct mbuf *, struct in6_ifaddr *);
static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *);
@ -171,82 +152,11 @@ ip6_init(void)
struct ip6protosw *pr;
int i;
V_in6_maxmtu = 0;
#ifdef IP6_AUTO_LINKLOCAL
V_ip6_auto_linklocal = IP6_AUTO_LINKLOCAL;
#else
V_ip6_auto_linklocal = 1; /* enabled by default */
#endif
TUNABLE_INT_FETCH("net.inet6.ip6.auto_linklocal",
&V_ip6_auto_linklocal);
#ifndef IPV6FORWARDING
#ifdef GATEWAY6
#define IPV6FORWARDING 1 /* forward IP6 packets not for us */
#else
#define IPV6FORWARDING 0 /* don't forward IP6 packets not for us */
#endif /* GATEWAY6 */
#endif /* !IPV6FORWARDING */
#ifndef IPV6_SENDREDIRECTS
#define IPV6_SENDREDIRECTS 1
#endif
V_ip6_forwarding = IPV6FORWARDING; /* act as router? */
V_ip6_sendredirects = IPV6_SENDREDIRECTS;
V_ip6_defhlim = IPV6_DEFHLIM;
V_ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS;
V_ip6_accept_rtadv = 0;
V_ip6_log_interval = 5;
V_ip6_hdrnestlimit = 15; /* How many header options will we process? */
V_ip6_dad_count = 1; /* DupAddrDetectionTransmits */
V_ip6_auto_flowlabel = 1;
V_ip6_use_deprecated = 1;/* allow deprecated addr (RFC2462 5.5.4) */
V_ip6_rr_prune = 5; /* router renumbering prefix
* walk list every 5 sec. */
V_ip6_mcast_pmtu = 0; /* enable pMTU discovery for multicast? */
V_ip6_v6only = 1;
V_ip6_keepfaith = 0;
V_ip6_log_time = (time_t)0L;
#ifdef IPSTEALTH
V_ip6stealth = 0;
#endif
V_nd6_onlink_ns_rfc4861 = 0; /* allow 'on-link' nd6 NS (RFC 4861) */
V_pmtu_expire = 60*10;
V_pmtu_probe = 60*2;
/* raw IP6 parameters */
/*
* Nominal space allocated to a raw ip socket.
*/
#define RIPV6SNDQ 8192
#define RIPV6RCVQ 8192
V_rip6_sendspace = RIPV6SNDQ;
V_rip6_recvspace = RIPV6RCVQ;
/* ICMPV6 parameters */
V_icmp6_rediraccept = 1; /* accept and process redirects */
V_icmp6_redirtimeout = 10 * 60; /* 10 minutes */
V_icmp6errppslim = 100; /* 100pps */
/* control how to respond to NI queries */
V_icmp6_nodeinfo = (ICMP6_NODEINFO_FQDNOK|ICMP6_NODEINFO_NODEADDROK);
/* UDP on IP6 parameters */
V_udp6_sendspace = 9216; /* really max datagram size */
V_udp6_recvspace = 40 * (1024 + sizeof(struct sockaddr_in6));
/* 40 1K datagrams */
V_dad_init = 0;
TAILQ_INIT(&V_in6_ifaddrhead);
scope6_init();
addrsel_policy_init();
nd6_init();
frag6_init();
V_ip6_desync_factor = arc4random() % MAX_TEMP_DESYNC_FACTOR;
/* Initialize packet filter hooks. */
V_inet6_pfil_hook.ph_type = PFIL_TYPE_AF;
V_inet6_pfil_hook.ph_af = AF_INET6;
@ -254,6 +164,13 @@ ip6_init(void)
printf("%s: WARNING: unable to register pfil hook, "
"error %d\n", __func__, i);
scope6_init();
addrsel_policy_init();
nd6_init();
frag6_init();
V_ip6_desync_factor = arc4random() % MAX_TEMP_DESYNC_FACTOR;
/* Skip global initialization stuff for non-default instances. */
if (!IS_DEFAULT_VNET(curvnet))
return;

19
sys/netinet6/ip6_mroute.c
View File

@ -130,7 +130,6 @@ static MALLOC_DEFINE(M_MRTABLE6, "mf6c", "multicast forwarding cache entry");
static int ip6_mdq(struct mbuf *, struct ifnet *, struct mf6c *);
static void phyint_send(struct ip6_hdr *, struct mif6 *, struct mbuf *);
static void pim6_init(void);
static int register_send(struct ip6_hdr *, struct mif6 *, struct mbuf *);
static int set_pim6(int *);
static int socket_send(struct socket *, struct mbuf *,
@ -148,12 +147,11 @@ static const struct ip6protosw in6_pim_protosw = {
.pr_input = pim6_input,
.pr_output = rip6_output,
.pr_ctloutput = rip6_ctloutput,
.pr_init = pim6_init,
.pr_usrreqs = &rip6_usrreqs
};
static int pim6_encapcheck(const struct mbuf *, int, int, void *);
static VNET_DEFINE(int, ip6_mrouter_ver);
static VNET_DEFINE(int, ip6_mrouter_ver) = 0;
#define V_ip6_mrouter_ver VNET(ip6_mrouter_ver)
SYSCTL_DECL(_net_inet6);
@ -212,7 +210,7 @@ static struct mtx mif6_mtx;
#define MIF6_LOCK_DESTROY() mtx_destroy(&mif6_mtx)
#ifdef MRT6DEBUG
static VNET_DEFINE(u_int, mrt6debug); /* debug level */
static VNET_DEFINE(u_int, mrt6debug) = 0; /* debug level */
#define V_mrt6debug VNET(mrt6debug)
#define DEBUG_MFC 0x02
#define DEBUG_FORWARD 0x04
@ -338,15 +336,6 @@ int X_ip6_mrouter_set(struct socket *, struct sockopt *);
int X_ip6_mrouter_get(struct socket *, struct sockopt *);
int X_mrt6_ioctl(u_long, caddr_t);
static void
pim6_init(void)
{
#ifdef MRT6DEBUG
V_mrt6debug = 0; /* debug level */
#endif
}
/*
* Handle MRT setsockopt commands to modify the multicast routing tables.
*/
@ -533,11 +522,7 @@ static int
ip6_mrouter_init(struct socket *so, int v, int cmd)
{
V_ip6_mrouter_ver = 0;
#ifdef MRT6DEBUG
V_mrt6debug = 0;
if (V_mrt6debug)
log(LOG_DEBUG,
"ip6_mrouter_init: so_type = %d, pr_protocol = %d\n",

53
sys/netinet6/ip6_var.h
View File

@ -295,12 +295,20 @@ VNET_DECLARE(struct ip6stat, ip6stat); /* statistics */
VNET_DECLARE(int, ip6_defhlim); /* default hop limit */
VNET_DECLARE(int, ip6_defmcasthlim); /* default multicast hop limit */
VNET_DECLARE(int, ip6_forwarding); /* act as router? */
VNET_DECLARE(int, ip6_gif_hlim); /* Hop limit for gif encap packet */
VNET_DECLARE(int, ip6_use_deprecated); /* allow deprecated addr as source */
VNET_DECLARE(int, ip6_rr_prune); /* router renumbering prefix
* walk list every 5 sec. */
VNET_DECLARE(int, ip6_mcast_pmtu); /* enable pMTU discovery for multicast? */
VNET_DECLARE(int, ip6_v6only);
#define V_ip6stat VNET(ip6stat)
#define V_ip6_defhlim VNET(ip6_defhlim)
#define V_ip6_defmcasthlim VNET(ip6_defmcasthlim)
#define V_ip6_forwarding VNET(ip6_forwarding)
#define V_ip6_use_deprecated VNET(ip6_use_deprecated)
#define V_ip6_rr_prune VNET(ip6_rr_prune)
#define V_ip6_mcast_pmtu VNET(ip6_mcast_pmtu)
#define V_ip6_v6only VNET(ip6_v6only)
VNET_DECLARE(struct socket *, ip6_mrouter); /* multicast routing daemon */
VNET_DECLARE(int, ip6_sendredirects); /* send IP redirects when forwarding? */
VNET_DECLARE(int, ip6_maxfragpackets); /* Maximum packets in reassembly
@ -314,31 +322,6 @@ VNET_DECLARE(time_t, ip6_log_time);
VNET_DECLARE(int, ip6_hdrnestlimit); /* upper limit of # of extension
* headers */
VNET_DECLARE(int, ip6_dad_count); /* DupAddrDetectionTransmits */
VNET_DECLARE(int, ip6_auto_flowlabel);
VNET_DECLARE(int, ip6_auto_linklocal);
VNET_DECLARE(int, ip6_use_tempaddr); /* Whether to use temporary addresses */
VNET_DECLARE(int, ip6_prefer_tempaddr); /* Whether to prefer temporary
* addresses in the source address
* selection */
#ifdef IPSTEALTH
VNET_DECLARE(int, ip6stealth);
#endif
VNET_DECLARE(int, ip6_use_defzone); /* Whether to use the default scope
* zone when unspecified */
#define V_ip6stat VNET(ip6stat)
#define V_ip6_defhlim VNET(ip6_defhlim)
#define V_ip6_defmcasthlim VNET(ip6_defmcasthlim)
#define V_ip6_forwarding VNET(ip6_forwarding)
#define V_ip6_gif_hlim VNET(ip6_gif_hlim)
#define V_ip6_use_deprecated VNET(ip6_use_deprecated)
#define V_ip6_rr_prune VNET(ip6_rr_prune)
#define V_ip6_mcast_pmtu VNET(ip6_mcast_pmtu)
#define V_ip6_v6only VNET(ip6_v6only)
#define V_ip6_mrouter VNET(ip6_mrouter)
#define V_ip6_sendredirects VNET(ip6_sendredirects)
#define V_ip6_maxfragpackets VNET(ip6_maxfragpackets)
@ -349,17 +332,29 @@ VNET_DECLARE(int, ip6_use_defzone); /* Whether to use the default scope
#define V_ip6_log_time VNET(ip6_log_time)
#define V_ip6_hdrnestlimit VNET(ip6_hdrnestlimit)
#define V_ip6_dad_count VNET(ip6_dad_count)
VNET_DECLARE(int, ip6_auto_flowlabel);
VNET_DECLARE(int, ip6_auto_linklocal);
#define V_ip6_auto_flowlabel VNET(ip6_auto_flowlabel)
#define V_ip6_auto_linklocal VNET(ip6_auto_linklocal)
VNET_DECLARE(int, ip6_use_tempaddr); /* Whether to use temporary addresses */
VNET_DECLARE(int, ip6_prefer_tempaddr); /* Whether to prefer temporary
* addresses in the source address
* selection */
#define V_ip6_use_tempaddr VNET(ip6_use_tempaddr)
#define V_ip6_prefer_tempaddr VNET(ip6_prefer_tempaddr)
#ifdef IPSTEALTH
#define V_ip6stealth VNET(ip6stealth)
#endif
VNET_DECLARE(int, ip6_use_defzone); /* Whether to use the default scope
* zone when unspecified */
#define V_ip6_use_defzone VNET(ip6_use_defzone)
VNET_DECLARE (struct pfil_head, inet6_pfil_hook); /* packet filter hooks */
#define V_inet6_pfil_hook VNET(inet6_pfil_hook)
#ifdef IPSTEALTH
VNET_DECLARE(int, ip6stealth);
#define V_ip6stealth VNET(ip6stealth)
#endif
extern struct pr_usrreqs rip6_usrreqs;
struct sockopt;

77
sys/netinet6/nd6.c
View File

@ -82,21 +82,31 @@ __FBSDID("$FreeBSD$");
#define SIN6(s) ((struct sockaddr_in6 *)s)
VNET_DEFINE(int, nd6_prune);
VNET_DEFINE(int, nd6_delay);
VNET_DEFINE(int, nd6_umaxtries);
VNET_DEFINE(int, nd6_mmaxtries);
VNET_DEFINE(int, nd6_useloopback);
VNET_DEFINE(int, nd6_gctimer);
/* timer values */
VNET_DEFINE(int, nd6_prune) = 1; /* walk list every 1 seconds */
VNET_DEFINE(int, nd6_delay) = 5; /* delay first probe time 5 second */
VNET_DEFINE(int, nd6_umaxtries) = 3; /* maximum unicast query */
VNET_DEFINE(int, nd6_mmaxtries) = 3; /* maximum multicast query */
VNET_DEFINE(int, nd6_useloopback) = 1; /* use loopback interface for
* local traffic */
VNET_DEFINE(int, nd6_gctimer) = (60 * 60 * 24); /* 1 day: garbage
* collection timer */
/* preventing too many loops in ND option parsing */
static VNET_DEFINE(int, nd6_maxndopt);
VNET_DEFINE(int, nd6_maxnudhint);
static VNET_DEFINE(int, nd6_maxqueuelen);
static VNET_DEFINE(int, nd6_maxndopt) = 10; /* max # of ND options allowed */
VNET_DEFINE(int, nd6_maxnudhint) = 0; /* max # of subsequent upper
* layer hints */
static VNET_DEFINE(int, nd6_maxqueuelen) = 1; /* max pkts cached in unresolved
* ND entries */
#define V_nd6_maxndopt VNET(nd6_maxndopt)
#define V_nd6_maxqueuelen VNET(nd6_maxqueuelen)
VNET_DEFINE(int, nd6_debug);
#ifdef ND6_DEBUG
VNET_DEFINE(int, nd6_debug) = 1;
#else
VNET_DEFINE(int, nd6_debug) = 0;
#endif
/* for debugging? */
#if 0
@ -106,7 +116,7 @@ static int nd6_inuse, nd6_allocated;
VNET_DEFINE(struct nd_drhead, nd_defrouter);
VNET_DEFINE(struct nd_prhead, nd_prefix);
VNET_DEFINE(int, nd6_recalc_reachtm_interval);
VNET_DEFINE(int, nd6_recalc_reachtm_interval) = ND6_RECALC_REACHTM_INTERVAL;
#define V_nd6_recalc_reachtm_interval VNET(nd6_recalc_reachtm_interval)
static struct sockaddr_in6 all1_sa;
@ -125,56 +135,13 @@ static VNET_DEFINE(struct callout, nd6_slowtimo_ch);
VNET_DEFINE(struct callout, nd6_timer_ch);
VNET_DECLARE(int, dad_ignore_ns);
VNET_DECLARE(int, dad_maxtry);
#define V_dad_ignore_ns VNET(dad_ignore_ns)
#define V_dad_maxtry VNET(dad_maxtry)
void
nd6_init(void)
{
int i;
V_nd6_prune = 1; /* walk list every 1 seconds */
V_nd6_delay = 5; /* delay first probe time 5 second */
V_nd6_umaxtries = 3; /* maximum unicast query */
V_nd6_mmaxtries = 3; /* maximum multicast query */
V_nd6_useloopback = 1; /* use loopback interface for local traffic */
V_nd6_gctimer = (60 * 60 * 24); /* 1 day: garbage collection timer */
/* preventing too many loops in ND option parsing */
V_nd6_maxndopt = 10; /* max # of ND options allowed */
V_nd6_maxnudhint = 0; /* max # of subsequent upper layer hints */
V_nd6_maxqueuelen = 1; /* max pkts cached in unresolved ND entries */
#ifdef ND6_DEBUG
V_nd6_debug = 1;
#else
V_nd6_debug = 0;
#endif
V_nd6_recalc_reachtm_interval = ND6_RECALC_REACHTM_INTERVAL;
V_dad_ignore_ns = 0; /* ignore NS in DAD - specwise incorrect*/
V_dad_maxtry = 15; /* max # of *tries* to transmit DAD packet */
/*
* XXX just to get this to compile KMM
*/
#ifdef notyet
V_llinfo_nd6.ln_next = &V_llinfo_nd6;
V_llinfo_nd6.ln_prev = &V_llinfo_nd6;
#endif
LIST_INIT(&V_nd_prefix);
V_ip6_use_tempaddr = 0;
V_ip6_temp_preferred_lifetime = DEF_TEMP_PREFERRED_LIFETIME;
V_ip6_temp_valid_lifetime = DEF_TEMP_VALID_LIFETIME;
V_ip6_temp_regen_advance = TEMPADDR_REGEN_ADVANCE;
V_ip6_desync_factor = 0;
all1_sa.sin6_family = AF_INET6;
all1_sa.sin6_len = sizeof(struct sockaddr_in6);
for (i = 0; i < sizeof(all1_sa.sin6_addr); i++)
@ -182,13 +149,13 @@ nd6_init(void)
/* initialization of the default router list */
TAILQ_INIT(&V_nd_defrouter);
/* start timer */
callout_init(&V_nd6_slowtimo_ch, 0);
callout_reset(&V_nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz,
nd6_slowtimo, curvnet);
}
#ifdef VIMAGE
void
nd6_destroy()

9
sys/netinet6/nd6.h
View File

@ -330,8 +330,6 @@ VNET_DECLARE(struct nd_drhead, nd_defrouter);
VNET_DECLARE(struct nd_prhead, nd_prefix);
VNET_DECLARE(int, nd6_debug);
VNET_DECLARE(int, nd6_onlink_ns_rfc4861);
VNET_DECLARE(struct callout, nd6_timer_ch);
#define V_nd6_prune VNET(nd6_prune)
#define V_nd6_delay VNET(nd6_delay)
#define V_nd6_umaxtries VNET(nd6_umaxtries)
@ -343,6 +341,10 @@ VNET_DECLARE(struct callout, nd6_timer_ch);
#define V_nd_prefix VNET(nd_prefix)
#define V_nd6_debug VNET(nd6_debug)
#define V_nd6_onlink_ns_rfc4861 VNET(nd6_onlink_ns_rfc4861)
#define nd6log(x) do { if (V_nd6_debug) log x; } while (/*CONSTCOND*/ 0)
VNET_DECLARE(struct callout, nd6_timer_ch);
#define V_nd6_timer_ch VNET(nd6_timer_ch)
/* nd6_rtr.c */
@ -351,15 +353,12 @@ VNET_DECLARE(int, ip6_desync_factor); /* seconds */
VNET_DECLARE(u_int32_t, ip6_temp_preferred_lifetime); /* seconds */
VNET_DECLARE(u_int32_t, ip6_temp_valid_lifetime); /* seconds */
VNET_DECLARE(int, ip6_temp_regen_advance); /* seconds */
#define V_nd6_defifindex VNET(nd6_defifindex)
#define V_ip6_desync_factor VNET(ip6_desync_factor)
#define V_ip6_temp_preferred_lifetime VNET(ip6_temp_preferred_lifetime)
#define V_ip6_temp_valid_lifetime VNET(ip6_temp_valid_lifetime)
#define V_ip6_temp_regen_advance VNET(ip6_temp_regen_advance)
#define nd6log(x) do { if (V_nd6_debug) log x; } while (/*CONSTCOND*/ 0)
union nd_opts {
struct nd_opt_hdr *nd_opt_array[8]; /* max = target address list */
struct {

8
sys/netinet6/nd6_nbr.c
View File

@ -89,9 +89,8 @@ static void nd6_dad_ns_output(struct dadq *, struct ifaddr *);
static void nd6_dad_ns_input(struct ifaddr *);
static void nd6_dad_na_input(struct ifaddr *);
VNET_DEFINE(int, dad_ignore_ns);
VNET_DEFINE(int, dad_maxtry);
VNET_DEFINE(int, dad_ignore_ns) = 0; /* ignore NS in DAD - specwise incorrect*/
VNET_DEFINE(int, dad_maxtry) = 15; /* max # of *tries* to transmit DAD packet */
#define V_dad_ignore_ns VNET(dad_ignore_ns)
#define V_dad_maxtry VNET(dad_maxtry)
@ -1124,9 +1123,8 @@ struct dadq {
};
static VNET_DEFINE(TAILQ_HEAD(, dadq), dadq);
VNET_DEFINE(int, dad_init) = 0;
#define V_dadq VNET(dadq)
VNET_DEFINE(int, dad_init);
#define V_dad_init VNET(dad_init)
static struct dadq *

12
sys/netinet6/nd6_rtr.c
View File

@ -90,14 +90,16 @@ VNET_DECLARE(int, nd6_recalc_reachtm_interval);
#define V_nd6_recalc_reachtm_interval VNET(nd6_recalc_reachtm_interval)
static VNET_DEFINE(struct ifnet *, nd6_defifp);
VNET_DEFINE(int, nd6_defifindex);
#define V_nd6_defifp VNET(nd6_defifp)
VNET_DEFINE(int, nd6_defifindex);
VNET_DEFINE(int, ip6_use_tempaddr);
VNET_DEFINE(int, ip6_use_tempaddr) = 0;
VNET_DEFINE(int, ip6_desync_factor);
VNET_DEFINE(u_int32_t, ip6_temp_preferred_lifetime);
VNET_DEFINE(u_int32_t, ip6_temp_valid_lifetime);
VNET_DEFINE(int, ip6_temp_regen_advance);
VNET_DEFINE(u_int32_t, ip6_temp_preferred_lifetime) = DEF_TEMP_PREFERRED_LIFETIME;
VNET_DEFINE(u_int32_t, ip6_temp_valid_lifetime) = DEF_TEMP_VALID_LIFETIME;
VNET_DEFINE(int, ip6_temp_regen_advance) = TEMPADDR_REGEN_ADVANCE;
/* RTPREF_MEDIUM has to be 0! */
#define RTPREF_HIGH 1

4
sys/netinet6/raw_ip6.c
View File

@ -119,11 +119,11 @@ VNET_DECLARE(struct inpcbinfo, ripcbinfo);
#define V_ripcb VNET(ripcb)
#define V_ripcbinfo VNET(ripcbinfo)
VNET_DEFINE(struct rip6stat, rip6stat);
extern u_long rip_sendspace;
extern u_long rip_recvspace;
VNET_DEFINE(struct rip6stat, rip6stat);
/*
* Hooks for multicast routing. They all default to NULL, so leave them not
* initialized and rely on BSS being set to 0.

12
sys/netinet6/scope6.c
View File

@ -50,6 +50,11 @@ __FBSDID("$FreeBSD$");
#include <netinet6/ip6_var.h>
#include <netinet6/scope6_var.h>
#ifdef ENABLE_DEFAULT_SCOPE
VNET_DEFINE(int, ip6_use_defzone) = 1;
#else
VNET_DEFINE(int, ip6_use_defzone) = 0;
#endif
/*
* The scope6_lock protects the global sid default stored in
@ -62,8 +67,6 @@ static struct mtx scope6_lock;
#define SCOPE6_LOCK_ASSERT() mtx_assert(&scope6_lock, MA_OWNED)
static VNET_DEFINE(struct scope6_id, sid_default);
VNET_DEFINE(int, ip6_use_defzone);
#define V_sid_default VNET(sid_default)
#define SID(ifp) \
@ -73,11 +76,6 @@ void
scope6_init(void)
{
#ifdef ENABLE_DEFAULT_SCOPE
V_ip6_use_defzone = 1;
#else
V_ip6_use_defzone = 0;
#endif
bzero(&V_sid_default, sizeof(V_sid_default));
if (!IS_DEFAULT_VNET(curvnet))

5
sys/netipsec/ah_var.h
View File

@ -72,10 +72,11 @@ struct ahstat {
#ifdef _KERNEL
VNET_DECLARE(int, ah_enable);
#define V_ah_enable VNET(ah_enable)
VNET_DECLARE(int, ah_cleartos);
#define V_ah_cleartos VNET(ah_cleartos)
VNET_DECLARE(struct ahstat, ahstat);
#define V_ah_enable VNET(ah_enable)
#define V_ah_cleartos VNET(ah_cleartos)
#define V_ahstat VNET(ahstat)
#endif /* _KERNEL */
#endif /*_NETIPSEC_AH_VAR_H_*/

3
sys/netipsec/esp_var.h
View File

@ -73,8 +73,9 @@ struct espstat {
#ifdef _KERNEL
VNET_DECLARE(int, esp_enable);
#define V_esp_enable VNET(esp_enable)
VNET_DECLARE(struct espstat, espstat);
#define V_esp_enable VNET(esp_enable)
#define V_espstat VNET(espstat)
#endif /* _KERNEL */
#endif /*_NETIPSEC_ESP_VAR_H_*/

3
sys/netipsec/ipcomp_var.h
View File

@ -66,8 +66,9 @@ struct ipcompstat {
#ifdef _KERNEL
VNET_DECLARE(int, ipcomp_enable);
#define V_ipcomp_enable VNET(ipcomp_enable)
VNET_DECLARE(struct ipcompstat, ipcompstat);
#define V_ipcomp_enable VNET(ipcomp_enable)
#define V_ipcompstat VNET(ipcompstat)
#endif /* _KERNEL */
#endif /*_NETIPSEC_IPCOMP_VAR_H_*/

3
sys/netipsec/ipip_var.h
View File

@ -60,8 +60,9 @@ struct ipipstat
#ifdef _KERNEL
VNET_DECLARE(int, ipip_allow);
#define V_ipip_allow VNET(ipip_allow)
VNET_DECLARE(struct ipipstat, ipipstat);
#define V_ipip_allow VNET(ipip_allow)
#define V_ipipstat VNET(ipipstat)
#endif /* _KERNEL */
#endif /* _NETINET_IPIP_H_ */

1
sys/netipsec/ipsec.c
View File

@ -102,6 +102,7 @@ VNET_DEFINE(int, ipsec_debug) = 1;
#else
VNET_DEFINE(int, ipsec_debug) = 0;
#endif
/* NB: name changed so netstat doesn't use it. */
VNET_DEFINE(struct ipsecstat, ipsec4stat);
VNET_DEFINE(int, ip4_ah_offsetmask) = 0; /* maybe IP_DF? */

52
sys/netipsec/ipsec.h
View File

@ -334,39 +334,39 @@ struct ipsec_history {
VNET_DECLARE(int, ipsec_debug);
#define V_ipsec_debug VNET(ipsec_debug)
VNET_DECLARE(struct ipsecstat, ipsec4stat);
#define V_ipsec4stat VNET(ipsec4stat)
VNET_DECLARE(int, ip4_ah_offsetmask);
#define V_ip4_ah_offsetmask VNET(ip4_ah_offsetmask)
VNET_DECLARE(int, ip4_ipsec_dfbit);
#define V_ip4_ipsec_dfbit VNET(ip4_ipsec_dfbit)
VNET_DECLARE(int, ip4_esp_trans_deflev);
#define V_ip4_esp_trans_deflev VNET(ip4_esp_trans_deflev)
VNET_DECLARE(int, ip4_esp_net_deflev);
#define V_ip4_esp_net_deflev VNET(ip4_esp_net_deflev)
VNET_DECLARE(int, ip4_ah_trans_deflev);
#define V_ip4_ah_trans_deflev VNET(ip4_ah_trans_deflev)
VNET_DECLARE(int, ip4_ah_net_deflev);
#define V_ip4_ah_net_deflev VNET(ip4_ah_net_deflev)
VNET_DECLARE(struct secpolicy, ip4_def_policy);
#define V_ip4_def_policy VNET(ip4_def_policy)
VNET_DECLARE(int, ip4_ipsec_ecn);
#define V_ip4_ipsec_ecn VNET(ip4_ipsec_ecn)
VNET_DECLARE(int, ip4_esp_randpad);
#define V_ip4_esp_randpad VNET(ip4_esp_randpad)
VNET_DECLARE(int, crypto_support);
#define V_crypto_support VNET(crypto_support)
extern int ip4_ah_cleartos;
#ifdef REGRESSION
VNET_DECLARE(int, ipsec_replay);
#define V_ipsec_replay VNET(ipsec_replay)
VNET_DECLARE(int, ipsec_integrity);
#define V_ipsec_replay VNET(ipsec_replay)
#define V_ipsec_integrity VNET(ipsec_integrity)
#endif
VNET_DECLARE(struct ipsecstat, ipsec4stat);
VNET_DECLARE(struct secpolicy, ip4_def_policy);
VNET_DECLARE(int, ip4_esp_trans_deflev);
VNET_DECLARE(int, ip4_esp_net_deflev);
VNET_DECLARE(int, ip4_ah_trans_deflev);
VNET_DECLARE(int, ip4_ah_net_deflev);
VNET_DECLARE(int, ip4_ah_offsetmask);
VNET_DECLARE(int, ip4_ipsec_dfbit);
VNET_DECLARE(int, ip4_ipsec_ecn);
VNET_DECLARE(int, ip4_esp_randpad);
VNET_DECLARE(int, crypto_support);
#define V_ipsec4stat VNET(ipsec4stat)
#define V_ip4_def_policy VNET(ip4_def_policy)
#define V_ip4_esp_trans_deflev VNET(ip4_esp_trans_deflev)
#define V_ip4_esp_net_deflev VNET(ip4_esp_net_deflev)
#define V_ip4_ah_trans_deflev VNET(ip4_ah_trans_deflev)
#define V_ip4_ah_net_deflev VNET(ip4_ah_net_deflev)
#define V_ip4_ah_offsetmask VNET(ip4_ah_offsetmask)
#define V_ip4_ipsec_dfbit VNET(ip4_ipsec_dfbit)
#define V_ip4_ipsec_ecn VNET(ip4_ipsec_ecn)
#define V_ip4_esp_randpad VNET(ip4_esp_randpad)
#define V_crypto_support VNET(crypto_support)
#define ipseclog(x) do { if (V_ipsec_debug) log x; } while (0)
/* for openbsd compatibility */
#define DPRINTF(x) do { if (V_ipsec_debug) printf x; } while (0)

11
sys/netipsec/ipsec6.h
View File

@ -42,16 +42,17 @@
#ifdef _KERNEL
VNET_DECLARE(struct ipsecstat, ipsec6stat);
#define V_ipsec6stat VNET(ipsec6stat)
VNET_DECLARE(int, ip6_esp_trans_deflev);
#define V_ip6_esp_trans_deflev VNET(ip6_esp_trans_deflev)
VNET_DECLARE(int, ip6_esp_net_deflev);
#define V_ip6_esp_net_deflev VNET(ip6_esp_net_deflev)
VNET_DECLARE(int, ip6_ah_trans_deflev);
#define V_ip6_ah_trans_deflev VNET(ip6_ah_trans_deflev)
VNET_DECLARE(int, ip6_ah_net_deflev);
#define V_ip6_ah_net_deflev VNET(ip6_ah_net_deflev)
VNET_DECLARE(int, ip6_ipsec_ecn);
#define V_ipsec6stat VNET(ipsec6stat)
#define V_ip6_esp_trans_deflev VNET(ip6_esp_trans_deflev)
#define V_ip6_esp_net_deflev VNET(ip6_esp_net_deflev)
#define V_ip6_ah_trans_deflev VNET(ip6_ah_trans_deflev)
#define V_ip6_ah_net_deflev VNET(ip6_ah_net_deflev)
#define V_ip6_ipsec_ecn VNET(ip6_ipsec_ecn)
struct inpcb;

21
sys/netipsec/key.c
View File

@ -114,27 +114,27 @@
VNET_DEFINE(u_int32_t, key_debug_level) = 0;
static VNET_DEFINE(u_int, key_spi_trycnt) = 1000;
#define V_key_spi_trycnt VNET(key_spi_trycnt)
static VNET_DEFINE(u_int32_t, key_spi_minval) = 0x100;
#define V_key_spi_minval VNET(key_spi_minval)
static VNET_DEFINE(u_int32_t, key_spi_maxval) = 0x0fffffff; /* XXX */
#define V_key_spi_maxval VNET(key_spi_maxval)
static VNET_DEFINE(u_int32_t, policy_id) = 0;
#define V_policy_id VNET(policy_id)
/*interval to initialize randseed,1(m)*/
static VNET_DEFINE(u_int, key_int_random) = 60;
#define V_key_int_random VNET(key_int_random)
/* interval to expire acquiring, 30(s)*/
static VNET_DEFINE(u_int, key_larval_lifetime) = 30;
#define V_key_larval_lifetime VNET(key_larval_lifetime)
/* counter for blocking SADB_ACQUIRE.*/
static VNET_DEFINE(int, key_blockacq_count) = 10;
#define V_key_blockacq_count VNET(key_blockacq_count)
/* lifetime for blocking SADB_ACQUIRE.*/
static VNET_DEFINE(int, key_blockacq_lifetime) = 20;
#define V_key_blockacq_lifetime VNET(key_blockacq_lifetime)
/* preferred old sa rather than new sa.*/
static VNET_DEFINE(int, key_preferred_oldsa) = 1;
#define V_key_spi_trycnt VNET(key_spi_trycnt)
#define V_key_spi_minval VNET(key_spi_minval)
#define V_key_spi_maxval VNET(key_spi_maxval)
#define V_policy_id VNET(policy_id)
#define V_key_int_random VNET(key_int_random)
#define V_key_larval_lifetime VNET(key_larval_lifetime)
#define V_key_blockacq_count VNET(key_blockacq_count)
#define V_key_blockacq_lifetime VNET(key_blockacq_lifetime)
#define V_key_preferred_oldsa VNET(key_preferred_oldsa)
static VNET_DEFINE(u_int32_t, acq_seq) = 0;
@ -270,10 +270,11 @@ static const int maxsize[] = {
};
static VNET_DEFINE(int, ipsec_esp_keymin) = 256;
#define V_ipsec_esp_keymin VNET(ipsec_esp_keymin)
static VNET_DEFINE(int, ipsec_esp_auth) = 0;
#define V_ipsec_esp_auth VNET(ipsec_esp_auth)
static VNET_DEFINE(int, ipsec_ah_keymin) = 128;
#define V_ipsec_esp_keymin VNET(ipsec_esp_keymin)
#define V_ipsec_esp_auth VNET(ipsec_esp_auth)
#define V_ipsec_ah_keymin VNET(ipsec_ah_keymin)
#ifdef SYSCTL_DECL

3
sys/netipsec/xform_esp.c
View File

@ -85,8 +85,7 @@ SYSCTL_VNET_INT(_net_inet_esp, OID_AUTO,
SYSCTL_VNET_STRUCT(_net_inet_esp, IPSECCTL_STATS,
stats, CTLFLAG_RD, &VNET_NAME(espstat), espstat, "");
/* max iv length over all algorithms */
static VNET_DEFINE(int, esp_max_ivlen) = 0;
static VNET_DEFINE(int, esp_max_ivlen); /* max iv length over all algorithms */
#define V_esp_max_ivlen VNET(esp_max_ivlen)
static int esp_input_cb(struct cryptop *op);