|
version 1.1.1.4, 2019/10/22 13:49:55
|
version 1.1.1.5.2.1, 2023/09/27 11:08:00
|
|
Line 19
|
Line 19
|
| #include "netgraph.h" |
#include "netgraph.h" |
| #include "util.h" |
#include "util.h" |
| |
|
| |
#include <sys/limits.h> |
| #include <sys/types.h> |
#include <sys/types.h> |
| #include <sys/sockio.h> |
#include <sys/sockio.h> |
| #include <sys/sysctl.h> |
#include <sys/sysctl.h> |
|
Line 63
|
Line 64
|
| |
|
| #include <string.h> |
#include <string.h> |
| |
|
| |
#ifdef SIOCSIFDESCR |
| |
#include <time.h> |
| |
#endif |
| |
|
| /* |
/* |
| * DEFINITIONS |
* DEFINITIONS |
| */ |
*/ |
|
Line 98
|
Line 103
|
| static void IfaceNgIpv6Shutdown(Bund b); |
static void IfaceNgIpv6Shutdown(Bund b); |
| |
|
| #ifdef USE_NG_NETFLOW |
#ifdef USE_NG_NETFLOW |
| static int IfaceInitNetflow(Bund b, char *path, char *hook, char in, char out, int v6); | static int IfaceInitNetflow(Bund b, char *path, char *hook, char out, int v6); |
| static int IfaceSetupNetflow(Bund b, char in, char out, int v6); |
static int IfaceSetupNetflow(Bund b, char in, char out, int v6); |
| static void IfaceShutdownNetflow(Bund b, char in, char out, int v6); | static void IfaceShutdownNetflow(Bund b, char out, int v6); |
| #endif |
#endif |
| |
|
| #ifdef USE_NG_IPACCT |
#ifdef USE_NG_IPACCT |
|
Line 129
|
Line 134
|
| static void IfaceShutdownLimits(Bund b); |
static void IfaceShutdownLimits(Bund b); |
| #endif |
#endif |
| |
|
| static int IfaceSetCommand(Context ctx, int ac, char *av[], void *arg); | static int IfaceSetCommand(Context ctx, int ac, const char *const av[], const void *arg); |
| static void IfaceSessionTimeout(void *arg); |
static void IfaceSessionTimeout(void *arg); |
| static void IfaceIdleTimeout(void *arg); |
static void IfaceIdleTimeout(void *arg); |
| |
|
|
Line 188
|
Line 193
|
| IfaceSetCommand, NULL, 2, (void *) SET_ENABLE }, |
IfaceSetCommand, NULL, 2, (void *) SET_ENABLE }, |
| { "disable [opt ...]", "Disable option", |
{ "disable [opt ...]", "Disable option", |
| IfaceSetCommand, NULL, 2, (void *) SET_DISABLE }, |
IfaceSetCommand, NULL, 2, (void *) SET_DISABLE }, |
| { NULL }, | { NULL, NULL, NULL, NULL, 0, NULL }, |
| }; |
}; |
| |
|
| /* |
/* |
|
Line 611 IfaceUp(Bund b, int ready)
|
Line 616 IfaceUp(Bund b, int ready)
|
| iface->tables = acl; |
iface->tables = acl; |
| if (strncmp(acl->rule, "peer_addr", 9) == 0) { |
if (strncmp(acl->rule, "peer_addr", 9) == 0) { |
| char hisaddr[20]; |
char hisaddr[20]; |
| ExecCmd(LG_IFACE2, b->name, "%s table %d add %s", | ExecCmd(LG_IFACE2, b->name, "%s -q table %d add %s", |
| PATH_IPFW, acl->real_number, |
PATH_IPFW, acl->real_number, |
| u_addrtoa(&iface->peer_addr, hisaddr, sizeof(hisaddr))); |
u_addrtoa(&iface->peer_addr, hisaddr, sizeof(hisaddr))); |
| } else { |
} else { |
| ExecCmd(LG_IFACE2, b->name, "%s table %d add %s", PATH_IPFW, acl->real_number, acl->rule); | ExecCmd(LG_IFACE2, b->name, "%s -q table %d add %s", PATH_IPFW, acl->real_number, acl->rule); |
| } |
} |
| acls = acls->next; |
acls = acls->next; |
| }; |
}; |
|
Line 650 IfaceDown(Bund b)
|
Line 655 IfaceDown(Bund b)
|
| IfaceState const iface = &b->iface; |
IfaceState const iface = &b->iface; |
| #ifdef USE_IPFW |
#ifdef USE_IPFW |
| struct acl_pool **rp, *rp1; |
struct acl_pool **rp, *rp1; |
| char cb[32768]; | char cb[LINE_MAX - sizeof(PATH_IPFW) - 14]; |
| struct acl *acl, *aclnext; |
struct acl *acl, *aclnext; |
| #endif |
#endif |
| |
|
|
Line 695 IfaceDown(Bund b)
|
Line 700 IfaceDown(Bund b)
|
| while (acl != NULL) { |
while (acl != NULL) { |
| if (strncmp(acl->rule, "peer_addr", 9) == 0) { |
if (strncmp(acl->rule, "peer_addr", 9) == 0) { |
| char hisaddr[20]; |
char hisaddr[20]; |
| ExecCmd(LG_IFACE2, b->name, "%s table %d delete %s", | ExecCmd(LG_IFACE2, b->name, "%s -q table %d delete %s", |
| PATH_IPFW, acl->real_number, |
PATH_IPFW, acl->real_number, |
| u_addrtoa(&iface->peer_addr, hisaddr, sizeof(hisaddr))); |
u_addrtoa(&iface->peer_addr, hisaddr, sizeof(hisaddr))); |
| } else { |
} else { |
| char buf[ACL_LEN]; |
char buf[ACL_LEN]; |
| ExecCmd(LG_IFACE2, b->name, "%s table %d delete %s", | ExecCmd(LG_IFACE2, b->name, "%s -q table %d delete %s", |
| PATH_IPFW, acl->real_number, |
PATH_IPFW, acl->real_number, |
| IfaceFixAclForDelete(acl->rule, buf, sizeof(buf))); |
IfaceFixAclForDelete(acl->rule, buf, sizeof(buf))); |
| } |
} |
|
Line 967 static char*
|
Line 972 static char*
|
| IfaceFixAclForDelete(char *r, char *buf, size_t len) |
IfaceFixAclForDelete(char *r, char *buf, size_t len) |
| { |
{ |
| static const char sep[] = " \t"; |
static const char sep[] = " \t"; |
| char *limit, *s; | char *limit, *orig, *s; |
| int i, state = 0; |
int i, state = 0; |
| |
|
| /* |
/* |
|
Line 978 IfaceFixAclForDelete(char *r, char *buf, size_t len)
|
Line 983 IfaceFixAclForDelete(char *r, char *buf, size_t len)
|
| * 1: not first iteration, do copy. |
* 1: not first iteration, do copy. |
| */ |
*/ |
| |
|
| |
orig = r; |
| s = buf; |
s = buf; |
| limit = buf + len; |
limit = buf + len; |
| |
|
|
Line 993 IfaceFixAclForDelete(char *r, char *buf, size_t len)
|
Line 999 IfaceFixAclForDelete(char *r, char *buf, size_t len)
|
| continue; |
continue; |
| } |
} |
| if (limit - s < i + 1 + state) /* Check space. */ |
if (limit - s < i + 1 + state) /* Check space. */ |
| return r; | return orig; |
| if (state != 0) /* Insert separator. */ |
if (state != 0) /* Insert separator. */ |
| *s++ = ' '; |
*s++ = ' '; |
| memcpy(s, r, i); /* Copy IP address from the rule. */ |
memcpy(s, r, i); /* Copy IP address from the rule. */ |
|
Line 1108 IfaceIpIfaceUp(Bund b, int ready)
|
Line 1114 IfaceIpIfaceUp(Bund b, int ready)
|
| u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)), |
u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)), |
| *b->params.authname ? b->params.authname : "-", |
*b->params.authname ? b->params.authname : "-", |
| ns1buf, ns2buf, *b->params.peeraddr ? b->params.peeraddr : "-", |
ns1buf, ns2buf, *b->params.peeraddr ? b->params.peeraddr : "-", |
| b->params.filter_id ? b->params.filter_id : "-"); | #ifdef USE_RADIUS |
| | b->params.filter_id ? b->params.filter_id : |
| | #endif |
| | "-"); |
| if (res != 0) { |
if (res != 0) { |
| FsmFailure(&b->ipcp.fsm, FAIL_NEGOT_FAILURE); |
FsmFailure(&b->ipcp.fsm, FAIL_NEGOT_FAILURE); |
| return (-1); |
return (-1); |
|
Line 1140 IfaceIpIfaceDown(Bund b)
|
Line 1149 IfaceIpIfaceDown(Bund b)
|
| u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)), |
u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)), |
| *b->params.authname ? b->params.authname : "-", |
*b->params.authname ? b->params.authname : "-", |
| *b->params.peeraddr ? b->params.peeraddr : "-", |
*b->params.peeraddr ? b->params.peeraddr : "-", |
| b->params.filter_id ? b->params.filter_id : "-"); | #ifdef USE_RADIUS |
| | b->params.filter_id ? b->params.filter_id : |
| | #endif |
| | "-"); |
| } |
} |
| |
|
| /* Delete dynamic routes */ |
/* Delete dynamic routes */ |
|
Line 1252 IfaceIpv6IfaceUp(Bund b, int ready)
|
Line 1264 IfaceIpv6IfaceUp(Bund b, int ready)
|
| u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname, |
u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname, |
| *b->params.authname ? b->params.authname : "-", |
*b->params.authname ? b->params.authname : "-", |
| *b->params.peeraddr ? b->params.peeraddr : "-", |
*b->params.peeraddr ? b->params.peeraddr : "-", |
| b->params.filter_id ? b->params.filter_id : "-"); | #ifdef USE_RADIUS |
| | b->params.filter_id ? b->params.filter_id : |
| | #endif |
| | "-"); |
| if (res != 0) { |
if (res != 0) { |
| FsmFailure(&b->ipv6cp.fsm, FAIL_NEGOT_FAILURE); |
FsmFailure(&b->ipv6cp.fsm, FAIL_NEGOT_FAILURE); |
| return (-1); |
return (-1); |
|
Line 1285 IfaceIpv6IfaceDown(Bund b)
|
Line 1300 IfaceIpv6IfaceDown(Bund b)
|
| u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname, |
u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname, |
| *b->params.authname ? b->params.authname : "-", |
*b->params.authname ? b->params.authname : "-", |
| *b->params.peeraddr ? b->params.peeraddr : "-", |
*b->params.peeraddr ? b->params.peeraddr : "-", |
| b->params.filter_id ? b->params.filter_id : "-"); | #ifdef USE_RADIUS |
| | b->params.filter_id ? b->params.filter_id : |
| | #endif |
| | "-"); |
| } |
} |
| |
|
| /* Delete dynamic routes */ |
/* Delete dynamic routes */ |
|
Line 1442 IfaceIsDemand(int proto, Mbuf pkt)
|
Line 1460 IfaceIsDemand(int proto, Mbuf pkt)
|
| if (MBLEN(pkt) < sizeof(struct ip)) |
if (MBLEN(pkt) < sizeof(struct ip)) |
| return (0); |
return (0); |
| |
|
| ip = (struct ip *)MBDATA(pkt); | ip = (struct ip *)(void *)MBDATA(pkt); |
| switch (ip->ip_p) { |
switch (ip->ip_p) { |
| case IPPROTO_IGMP: /* No multicast stuff */ |
case IPPROTO_IGMP: /* No multicast stuff */ |
| return(0); |
return(0); |
|
Line 1454 IfaceIsDemand(int proto, Mbuf pkt)
|
Line 1472 IfaceIsDemand(int proto, Mbuf pkt)
|
| if (MBLEN(pkt) < (ip->ip_hl * 4 + sizeof(struct icmphdr))) |
if (MBLEN(pkt) < (ip->ip_hl * 4 + sizeof(struct icmphdr))) |
| return (0); |
return (0); |
| |
|
| icmp = (struct icmphdr *) ((u_int32_t *) ip + ip->ip_hl); | icmp = (struct icmphdr *) ((u_int32_t *)(void *) ip + ip->ip_hl); |
| |
|
| switch (icmp->icmp_type) /* No ICMP replies */ |
switch (icmp->icmp_type) /* No ICMP replies */ |
| { |
{ |
|
Line 1475 IfaceIsDemand(int proto, Mbuf pkt)
|
Line 1493 IfaceIsDemand(int proto, Mbuf pkt)
|
| if (MBLEN(pkt) < (ip->ip_hl * 4 + sizeof(struct udphdr))) |
if (MBLEN(pkt) < (ip->ip_hl * 4 + sizeof(struct udphdr))) |
| return (0); |
return (0); |
| |
|
| udp = (struct udphdr *) ((u_int32_t *) ip + ip->ip_hl); | udp = (struct udphdr *) ((u_int32_t *)(void *) ip + ip->ip_hl); |
| |
|
| #define NTP_PORT 123 |
#define NTP_PORT 123 |
| if (ntohs(udp->uh_dport) == NTP_PORT) /* No NTP packets */ |
if (ntohs(udp->uh_dport) == NTP_PORT) /* No NTP packets */ |
|
Line 1489 IfaceIsDemand(int proto, Mbuf pkt)
|
Line 1507 IfaceIsDemand(int proto, Mbuf pkt)
|
| if (MBLEN(pkt) < (ip->ip_hl * 4 + sizeof(struct tcphdr))) |
if (MBLEN(pkt) < (ip->ip_hl * 4 + sizeof(struct tcphdr))) |
| return (0); |
return (0); |
| |
|
| tcp = (struct tcphdr *) ((u_int32_t *) ip + ip->ip_hl); | tcp = (struct tcphdr *) ((u_int32_t *)(void *) ip + ip->ip_hl); |
| |
|
| if (tcp->th_flags & TH_RST) /* No TCP reset packets */ |
if (tcp->th_flags & TH_RST) /* No TCP reset packets */ |
| return(0); |
return(0); |
|
Line 1511 IfaceIsDemand(int proto, Mbuf pkt)
|
Line 1529 IfaceIsDemand(int proto, Mbuf pkt)
|
| */ |
*/ |
| |
|
| static int |
static int |
| IfaceSetCommand(Context ctx, int ac, char *av[], void *arg) | IfaceSetCommand(Context ctx, int ac, const char *const av[], const void *arg) |
| { |
{ |
| IfaceState const iface = &ctx->bund->iface; |
IfaceState const iface = &ctx->bund->iface; |
| int empty_arg; |
int empty_arg; |
|
Line 1544 IfaceSetCommand(Context ctx, int ac, char *av[], void
|
Line 1562 IfaceSetCommand(Context ctx, int ac, char *av[], void
|
| struct u_range self_addr; |
struct u_range self_addr; |
| struct u_addr peer_addr; |
struct u_addr peer_addr; |
| int self_addr_force = 0, peer_addr_force = 0; |
int self_addr_force = 0, peer_addr_force = 0; |
| char *arg; | const char *arg1; |
| |
|
| /* Parse */ |
/* Parse */ |
| if (ac != 2) |
if (ac != 2) |
| return(-1); |
return(-1); |
| arg = av[0]; | arg1 = av[0]; |
| if (arg[0] == '!') { | if (arg1[0] == '!') { |
| self_addr_force = 1; |
self_addr_force = 1; |
| arg++; | arg1++; |
| } |
} |
| if (!ParseRange(arg, &self_addr, ALLOW_IPV4|ALLOW_IPV6)) | if (!ParseRange(arg1, &self_addr, ALLOW_IPV4|ALLOW_IPV6)) |
| Error("Bad IP address \"%s\"", av[0]); |
Error("Bad IP address \"%s\"", av[0]); |
| arg = av[1]; | arg1 = av[1]; |
| if (arg[0] == '!') { | if (arg1[0] == '!') { |
| peer_addr_force = 1; |
peer_addr_force = 1; |
| arg++; | arg1++; |
| } |
} |
| if (!ParseAddr(arg, &peer_addr, ALLOW_IPV4|ALLOW_IPV6)) | if (!ParseAddr(arg1, &peer_addr, ALLOW_IPV4|ALLOW_IPV6)) |
| Error("Bad IP address \"%s\"", av[1]); |
Error("Bad IP address \"%s\"", av[1]); |
| if (self_addr.addr.family != peer_addr.family) |
if (self_addr.addr.family != peer_addr.family) |
| Error("Addresses must be from the same protocol family"); |
Error("Addresses must be from the same protocol family"); |
|
Line 1645 IfaceSetCommand(Context ctx, int ac, char *av[], void
|
Line 1663 IfaceSetCommand(Context ctx, int ac, char *av[], void
|
| break; |
break; |
| case 1: |
case 1: |
| if (strcmp(iface->ifname, av[0]) != 0) { |
if (strcmp(iface->ifname, av[0]) != 0) { |
| int ifmaxlen = IF_NAMESIZE - ctx->bund->tmpl * IFNUMLEN; | unsigned ifmaxlen = IF_NAMESIZE - ctx->bund->tmpl * IFNUMLEN; |
| if (strlen(av[0]) >= ifmaxlen) |
if (strlen(av[0]) >= ifmaxlen) |
| Error("Interface name too long, >%d characters", ifmaxlen-1); | Error("Interface name too long, >%u characters", ifmaxlen-1); |
| if ((strncmp(av[0], "ng", 2) == 0) && |
if ((strncmp(av[0], "ng", 2) == 0) && |
| ((ctx->bund->tmpl && av[0][2] == 0) || |
((ctx->bund->tmpl && av[0][2] == 0) || |
| (av[0][2] >= '0' && av[0][2] <= '9'))) |
(av[0][2] >= '0' && av[0][2] <= '9'))) |
|
Line 1736 IfaceSetCommand(Context ctx, int ac, char *av[], void
|
Line 1754 IfaceSetCommand(Context ctx, int ac, char *av[], void
|
| */ |
*/ |
| |
|
| int |
int |
| IfaceStat(Context ctx, int ac, char *av[], void *arg) | IfaceStat(Context ctx, int ac, const char *const av[], const void *arg) |
| { |
{ |
| Bund const b = ctx->bund; |
Bund const b = ctx->bund; |
| IfaceState const iface = &b->iface; |
IfaceState const iface = &b->iface; |
|
Line 1749 IfaceStat(Context ctx, int ac, char *av[], void *arg)
|
Line 1767 IfaceStat(Context ctx, int ac, char *av[], void *arg)
|
| struct acl *a; |
struct acl *a; |
| #endif |
#endif |
| |
|
| |
(void)ac; |
| |
(void)av; |
| |
(void)arg; |
| |
|
| Printf("Interface configuration:\r\n"); |
Printf("Interface configuration:\r\n"); |
| Printf("\tName : %s\r\n", iface->conf.ifname); |
Printf("\tName : %s\r\n", iface->conf.ifname); |
| #ifdef SIOCSIFDESCR |
#ifdef SIOCSIFDESCR |
|
Line 1885 IfaceSetMTU(Bund b, int mtu)
|
Line 1907 IfaceSetMTU(Bund b, int mtu)
|
| int s; |
int s; |
| |
|
| /* Get socket */ |
/* Get socket */ |
| if ((s = socket(PF_INET, SOCK_DGRAM, 0)) < 0) { | if ((s = socket(PF_LOCAL, SOCK_DGRAM, 0)) < 0) { |
| Perror("[%s] IFACE: Can't get socket to set MTU", b->name); |
Perror("[%s] IFACE: Can't get socket to set MTU", b->name); |
| return; |
return; |
| } |
} |
|
Line 1934 IfaceChangeFlags(Bund b, int clear, int set)
|
Line 1956 IfaceChangeFlags(Bund b, int clear, int set)
|
| Log(LG_IFACE2, ("[%s] IFACE: Change interface %s flags: -%d +%d", |
Log(LG_IFACE2, ("[%s] IFACE: Change interface %s flags: -%d +%d", |
| b->name, b->iface.ifname, clear, set)); |
b->name, b->iface.ifname, clear, set)); |
| |
|
| if ((s = socket(PF_INET, SOCK_DGRAM, 0)) < 0) { | if ((s = socket(PF_LOCAL, SOCK_DGRAM, 0)) < 0) { |
| Perror("[%s] IFACE: Can't get socket to change interface flags", b->name); |
Perror("[%s] IFACE: Can't get socket to change interface flags", b->name); |
| return; |
return; |
| } |
} |
|
Line 1942 IfaceChangeFlags(Bund b, int clear, int set)
|
Line 1964 IfaceChangeFlags(Bund b, int clear, int set)
|
| memset(&ifrq, '\0', sizeof(ifrq)); |
memset(&ifrq, '\0', sizeof(ifrq)); |
| strlcpy(ifrq.ifr_name, b->iface.ifname, sizeof(ifrq.ifr_name)); |
strlcpy(ifrq.ifr_name, b->iface.ifname, sizeof(ifrq.ifr_name)); |
| if (ioctl(s, SIOCGIFFLAGS, &ifrq) < 0) { |
if (ioctl(s, SIOCGIFFLAGS, &ifrq) < 0) { |
| Perror("[%s] IFACE: ioctl(SIOCGIFFLAGS, %s)", b->name, b->iface.ifname); | Perror("[%s] IFACE: ioctl(%s, %s)", b->name, b->iface.ifname, "SIOCGIFFLAGS"); |
| close(s); |
close(s); |
| return; |
return; |
| } |
} |
|
Line 1955 IfaceChangeFlags(Bund b, int clear, int set)
|
Line 1977 IfaceChangeFlags(Bund b, int clear, int set)
|
| ifrq.ifr_flagshigh = new_flags >> 16; |
ifrq.ifr_flagshigh = new_flags >> 16; |
| |
|
| if (ioctl(s, SIOCSIFFLAGS, &ifrq) < 0) { |
if (ioctl(s, SIOCSIFFLAGS, &ifrq) < 0) { |
| Perror("[%s] IFACE: ioctl(SIOCSIFFLAGS, %s)", b->name, b->iface.ifname); | Perror("[%s] IFACE: ioctl(%s, %s)", b->name, b->iface.ifname, "SIOCSIFFLAGS"); |
| close(s); |
close(s); |
| return; |
return; |
| } |
} |
|
Line 1970 add_scope(struct sockaddr *sa, int ifindex)
|
Line 1992 add_scope(struct sockaddr *sa, int ifindex)
|
| |
|
| if (sa->sa_family != AF_INET6) |
if (sa->sa_family != AF_INET6) |
| return; |
return; |
| sa6 = (struct sockaddr_in6 *)sa; | sa6 = (struct sockaddr_in6 *)(void *)sa; |
| if (!IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr) && |
if (!IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr) && |
| !IN6_IS_ADDR_MC_LINKLOCAL(&sa6->sin6_addr)) |
!IN6_IS_ADDR_MC_LINKLOCAL(&sa6->sin6_addr)) |
| return; |
return; |
|
Line 2010 IfaceChangeAddr(Bund b, int add, struct u_range *self,
|
Line 2032 IfaceChangeAddr(Bund b, int add, struct u_range *self,
|
| memset(&ifra, '\0', sizeof(ifra)); |
memset(&ifra, '\0', sizeof(ifra)); |
| strlcpy(ifra.ifra_name, b->iface.ifname, sizeof(ifra.ifra_name)); |
strlcpy(ifra.ifra_name, b->iface.ifname, sizeof(ifra.ifra_name)); |
| |
|
| me4 = (struct sockaddr_in *)&ifra.ifra_addr; | me4 = (struct sockaddr_in *)(void *)&ifra.ifra_addr; |
| memcpy(me4, &ssself, sizeof(*me4)); |
memcpy(me4, &ssself, sizeof(*me4)); |
| |
|
| msk4 = (struct sockaddr_in *)&ifra.ifra_mask; | msk4 = (struct sockaddr_in *)(void *)&ifra.ifra_mask; |
| memcpy(msk4, &ssmsk, sizeof(*msk4)); |
memcpy(msk4, &ssmsk, sizeof(*msk4)); |
| |
|
| peer4 = (struct sockaddr_in *)&ifra.ifra_broadaddr; | peer4 = (struct sockaddr_in *)(void *)&ifra.ifra_broadaddr; |
| if (peer == NULL || peer->family == AF_UNSPEC) { |
if (peer == NULL || peer->family == AF_UNSPEC) { |
| peer4->sin_family = AF_INET; |
peer4->sin_family = AF_INET; |
| peer4->sin_len = sizeof(*peer4); |
peer4->sin_len = sizeof(*peer4); |
|
Line 2167 IfaceCorrectMSS(Mbuf pkt, uint16_t maxmss)
|
Line 2189 IfaceCorrectMSS(Mbuf pkt, uint16_t maxmss)
|
| if (pkt == NULL) |
if (pkt == NULL) |
| return; |
return; |
| |
|
| iphdr = (struct ip *)MBDATAU(pkt); | iphdr = (struct ip *)(void *)MBDATAU(pkt); |
| hlen = iphdr->ip_hl << 2; |
hlen = iphdr->ip_hl << 2; |
| pktlen = MBLEN(pkt) - hlen; |
pktlen = MBLEN(pkt) - hlen; |
| tc = (struct tcphdr *)(MBDATAU(pkt) + hlen); | tc = (struct tcphdr *)(void *)(MBDATAU(pkt) + hlen); |
| hlen = tc->th_off << 2; |
hlen = tc->th_off << 2; |
| |
|
| /* Invalid header length or header without options. */ |
/* Invalid header length or header without options. */ |
|
Line 2194 IfaceCorrectMSS(Mbuf pkt, uint16_t maxmss)
|
Line 2216 IfaceCorrectMSS(Mbuf pkt, uint16_t maxmss)
|
| if (*opt == TCPOPT_MAXSEG) { |
if (*opt == TCPOPT_MAXSEG) { |
| if (optlen != TCPOLEN_MAXSEG) |
if (optlen != TCPOLEN_MAXSEG) |
| continue; |
continue; |
| mss = (u_int16_t *)(opt + 2); | mss = (u_int16_t *)(void *)(opt + 2); |
| if (ntohs(*mss) > maxmss) { |
if (ntohs(*mss) > maxmss) { |
| accumulate = *mss; |
accumulate = *mss; |
| *mss = htons(maxmss); |
*mss = htons(maxmss); |
|
Line 2255 IfaceNgIpInit(Bund b, int ready)
|
Line 2277 IfaceNgIpInit(Bund b, int ready)
|
| if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN) || |
if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN) || |
| Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)) { |
Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)) { |
| if (IfaceInitNetflow(b, path, hook, |
if (IfaceInitNetflow(b, path, hook, |
| Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)?1:0, |
|
| Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)?1:0, 0)) |
Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)?1:0, 0)) |
| goto fail; |
goto fail; |
| if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)) |
if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)) |
|
Line 2266 IfaceNgIpInit(Bund b, int ready)
|
Line 2287 IfaceNgIpInit(Bund b, int ready)
|
| #else /* NG_NETFLOW_CONF_INGRESS */ |
#else /* NG_NETFLOW_CONF_INGRESS */ |
| /* Connect a netflow node if configured */ |
/* Connect a netflow node if configured */ |
| if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)) { |
if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)) { |
| if (IfaceInitNetflow(b, path, hook, 1, 0, 0)) | if (IfaceInitNetflow(b, path, hook, 0, 0)) |
| goto fail; |
goto fail; |
| b->iface.nfin_up = 1; |
b->iface.nfin_up = 1; |
| } |
} |
| |
|
| if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)) { |
if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)) { |
| if (IfaceInitNetflow(b, path, hook, 0, 1, 0)) | if (IfaceInitNetflow(b, path, hook, 1, 0)) |
| goto fail; |
goto fail; |
| b->iface.nfout_up = 1; |
b->iface.nfout_up = 1; |
| } |
} |
|
Line 2360 IfaceNgIpShutdown(Bund b)
|
Line 2381 IfaceNgIpShutdown(Bund b)
|
| #ifdef USE_NG_NETFLOW |
#ifdef USE_NG_NETFLOW |
| #ifdef NG_NETFLOW_CONF_INGRESS |
#ifdef NG_NETFLOW_CONF_INGRESS |
| if (b->iface.nfin_up || b->iface.nfout_up) |
if (b->iface.nfin_up || b->iface.nfout_up) |
| IfaceShutdownNetflow(b, b->iface.nfin_up, b->iface.nfout_up, 0); | IfaceShutdownNetflow(b, b->iface.nfout_up, 0); |
| b->iface.nfin_up = 0; |
b->iface.nfin_up = 0; |
| b->iface.nfout_up = 0; |
b->iface.nfout_up = 0; |
| #else /* NG_NETFLOW_CONF_INGRESS */ |
#else /* NG_NETFLOW_CONF_INGRESS */ |
| if (b->iface.nfin_up) |
if (b->iface.nfin_up) |
| IfaceShutdownNetflow(b, 1, 0, 0); | IfaceShutdownNetflow(b, 0, 0); |
| b->iface.nfin_up = 0; |
b->iface.nfin_up = 0; |
| if (b->iface.nfout_up) |
if (b->iface.nfout_up) |
| IfaceShutdownNetflow(b, 0, 1, 0); | IfaceShutdownNetflow(b, 1, 0); |
| b->iface.nfout_up = 0; |
b->iface.nfout_up = 0; |
| #endif /* NG_NETFLOW_CONF_INGRESS */ |
#endif /* NG_NETFLOW_CONF_INGRESS */ |
| #endif |
#endif |
|
Line 2419 IfaceNgIpv6Init(Bund b, int ready)
|
Line 2440 IfaceNgIpv6Init(Bund b, int ready)
|
| if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN) || |
if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN) || |
| Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)) { |
Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)) { |
| if (IfaceInitNetflow(b, path, hook, |
if (IfaceInitNetflow(b, path, hook, |
| Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)?1:0, |
|
| Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)?1:0, 1)) |
Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)?1:0, 1)) |
| goto fail; |
goto fail; |
| if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)) |
if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)) |
|
Line 2430 IfaceNgIpv6Init(Bund b, int ready)
|
Line 2450 IfaceNgIpv6Init(Bund b, int ready)
|
| #else /* NG_NETFLOW_CONF_INGRESS */ |
#else /* NG_NETFLOW_CONF_INGRESS */ |
| /* Connect a netflow node if configured */ |
/* Connect a netflow node if configured */ |
| if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)) { |
if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)) { |
| if (IfaceInitNetflow(b, path, hook, 1, 0, 1)) | if (IfaceInitNetflow(b, path, hook, 0, 1)) |
| goto fail; |
goto fail; |
| b->iface.nfin_up = 1; |
b->iface.nfin_up = 1; |
| } |
} |
| |
|
| if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)) { |
if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_OUT)) { |
| if (IfaceInitNetflow(b, path, hook, 0, 1, 1)) | if (IfaceInitNetflow(b, path, hook, 1, 1)) |
| goto fail; |
goto fail; |
| b->iface.nfout_up = 1; |
b->iface.nfout_up = 1; |
| } |
} |
|
Line 2504 IfaceNgIpv6Shutdown(Bund b)
|
Line 2524 IfaceNgIpv6Shutdown(Bund b)
|
| #ifdef USE_NG_NETFLOW |
#ifdef USE_NG_NETFLOW |
| #ifdef NG_NETFLOW_CONF_INGRESS |
#ifdef NG_NETFLOW_CONF_INGRESS |
| if (b->iface.nfin_up || b->iface.nfout_up) |
if (b->iface.nfin_up || b->iface.nfout_up) |
| IfaceShutdownNetflow(b, b->iface.nfin_up, b->iface.nfout_up, 1); | IfaceShutdownNetflow(b, b->iface.nfout_up, 1); |
| b->iface.nfin_up = 0; |
b->iface.nfin_up = 0; |
| b->iface.nfout_up = 0; |
b->iface.nfout_up = 0; |
| #else /* NG_NETFLOW_CONF_INGRESS */ |
#else /* NG_NETFLOW_CONF_INGRESS */ |
| if (b->iface.nfin_up) |
if (b->iface.nfin_up) |
| IfaceShutdownNetflow(b, 1, 0, 1); | IfaceShutdownNetflow(b, 0, 1); |
| b->iface.nfin_up = 0; |
b->iface.nfin_up = 0; |
| if (b->iface.nfout_up) |
if (b->iface.nfout_up) |
| IfaceShutdownNetflow(b, 0, 1, 1); | IfaceShutdownNetflow(b, 1, 1); |
| b->iface.nfout_up = 0; |
b->iface.nfout_up = 0; |
| #endif /* NG_NETFLOW_CONF_INGRESS */ |
#endif /* NG_NETFLOW_CONF_INGRESS */ |
| #endif |
#endif |
|
Line 2841 IfaceShutdownIpacct(Bund b)
|
Line 2861 IfaceShutdownIpacct(Bund b)
|
| |
|
| #ifdef USE_NG_NETFLOW |
#ifdef USE_NG_NETFLOW |
| static int |
static int |
| IfaceInitNetflow(Bund b, char *path, char *hook, char in, char out, int v6) | IfaceInitNetflow(Bund b, char *path, char *hook, char out, int v6) |
| { |
{ |
| struct ngm_connect cn; |
struct ngm_connect cn; |
| int nif; |
int nif; |
|
Line 2955 fail:
|
Line 2975 fail:
|
| } |
} |
| |
|
| static void |
static void |
| IfaceShutdownNetflow(Bund b, char in, char out, int v6) | IfaceShutdownNetflow(Bund b, char out, int v6) |
| { |
{ |
| char path[NG_PATHSIZ]; |
char path[NG_PATHSIZ]; |
| char hook[NG_HOOKSIZ]; |
char hook[NG_HOOKSIZ]; |
| int nif; |
int nif; |
| |
|
| #ifdef NG_NETFLOW_CONF_INGRESS |
#ifdef NG_NETFLOW_CONF_INGRESS |
| |
(void)out; |
| nif = gNetflowIface + b->id*2; |
nif = gNetflowIface + b->id*2; |
| #else |
#else |
| nif = gNetflowIface + b->id*4 + out*2; |
nif = gNetflowIface + b->id*4 + out*2; |
|
Line 3753 IfaceSetName(Bund b, const char * ifname)
|
Line 3774 IfaceSetName(Bund b, const char * ifname)
|
| return(0); |
return(0); |
| |
|
| /* Get socket */ |
/* Get socket */ |
| if ((s = socket(PF_INET, SOCK_DGRAM, 0)) < 0) { | if ((s = socket(PF_LOCAL, SOCK_DGRAM, 0)) < 0) { |
| Perror("[%s] IFACE: Can't get socket to set name", b->name); |
Perror("[%s] IFACE: Can't get socket to set name", b->name); |
| return(-1); |
return(-1); |
| } |
} |
|
Line 3761 IfaceSetName(Bund b, const char * ifname)
|
Line 3782 IfaceSetName(Bund b, const char * ifname)
|
| /* Set name of interface */ |
/* Set name of interface */ |
| memset(&ifr, 0, sizeof(ifr)); |
memset(&ifr, 0, sizeof(ifr)); |
| strlcpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name)); |
strlcpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name)); |
| ifr.ifr_data = (caddr_t)ifname; | |
| | #ifdef __clang__ |
| | #pragma clang diagnostic push |
| | #pragma clang diagnostic ignored "-Wcast-qual" |
| | #endif |
| | ifr.ifr_data = (char *)ifname; |
| | #ifdef __clang__ |
| | #pragma clang diagnostic pop |
| | #endif |
| | |
| Log(LG_IFACE2, ("[%s] IFACE: setting \"%s\" name to \"%s\"", |
Log(LG_IFACE2, ("[%s] IFACE: setting \"%s\" name to \"%s\"", |
| b->name, iface->ifname, ifname)); |
b->name, iface->ifname, ifname)); |
| |
|
| if (ioctl(s, SIOCSIFNAME, (caddr_t)&ifr) < 0) { |
if (ioctl(s, SIOCSIFNAME, (caddr_t)&ifr) < 0) { |
| if (errno != EEXIST) { |
if (errno != EEXIST) { |
| Perror("[%s] IFACE: ioctl(%s, SIOCSIFNAME)", b->name, iface->ifname); | Perror("[%s] IFACE: ioctl(%s, %s)", b->name, iface->ifname, "SIOCSIFNAME"); |
| close(s); |
close(s); |
| return(-1); |
return(-1); |
| } |
} |
|
Line 3798 IfaceSetName(Bund b, const char * ifname)
|
Line 3828 IfaceSetName(Bund b, const char * ifname)
|
| * %o for local outer ("physical") address of bundle's first link |
* %o for local outer ("physical") address of bundle's first link |
| * %O for peer outer ("physical") address of bundle's first link |
* %O for peer outer ("physical") address of bundle's first link |
| * %P for peer outer ("physical") port of bundle's first link |
* %P for peer outer ("physical") port of bundle's first link |
| |
* %s for last interface description change time, in unixtime (seconds) |
| * %S for interface status (DoD/UP/DOWN) |
* %S for interface status (DoD/UP/DOWN) |
| * %t for type of bundle's first link (pppoe, pptp, l2tp etc.) |
* %t for type of bundle's first link (pppoe, pptp, l2tp etc.) |
| * %u for self auth name (or dash if self auth name not used) |
* %u for self auth name (or dash if self auth name not used) |
|
Line 3826 IfaceSetDescr(Bund b, const char * template)
|
Line 3857 IfaceSetDescr(Bund b, const char * template)
|
| */ |
*/ |
| if (mib[0] < 0 && sysctlnametomib("net.ifdescr_maxlen", mib, &miblen) < 0) { |
if (mib[0] < 0 && sysctlnametomib("net.ifdescr_maxlen", mib, &miblen) < 0) { |
| mib[0] = 0; |
mib[0] = 0; |
| Perror("[%s] IFACE: sysctl net.ifdescr_maxlen failed", b->name); | Perror("[%s] IFACE: sysctl net.ifdescr_maxlen failed", b->name); |
| } |
} |
| |
|
| /* |
/* |
|
Line 3923 IfaceSetDescr(Bund b, const char * template)
|
Line 3954 IfaceSetDescr(Bund b, const char * template)
|
| /* peer MAC address */ |
/* peer MAC address */ |
| case 'M': |
case 'M': |
| if (b->links[0]) { |
if (b->links[0]) { |
| PhysType const pt = b->links[0]->type; | const struct phystype * pt = b->links[0]->type; |
| if (pt && pt->peermacaddr) { |
if (pt && pt->peermacaddr) { |
| (*pt->peermacaddr)(b->links[0], buf, sizeof(buf)); |
(*pt->peermacaddr)(b->links[0], buf, sizeof(buf)); |
| DST_COPY(buf); |
DST_COPY(buf); |
|
Line 3934 IfaceSetDescr(Bund b, const char * template)
|
Line 3965 IfaceSetDescr(Bund b, const char * template)
|
| DST_COPY("-"); |
DST_COPY("-"); |
| } |
} |
| break; |
break; |
| /* local "physycal" address */ | /* local "physical" address */ |
| case 'o': |
case 'o': |
| if (b->links[0] && PhysGetSelfAddr(b->links[0], buf, sizeof(buf)) == 0) { |
if (b->links[0] && PhysGetSelfAddr(b->links[0], buf, sizeof(buf)) == 0) { |
| DST_COPY(buf); |
DST_COPY(buf); |
|
Line 3942 IfaceSetDescr(Bund b, const char * template)
|
Line 3973 IfaceSetDescr(Bund b, const char * template)
|
| DST_COPY("-"); |
DST_COPY("-"); |
| } |
} |
| break; |
break; |
| /* peer "physycal" address */ | /* peer "physical" address */ |
| case 'O': |
case 'O': |
| if (b->links[0] && PhysGetPeerAddr(b->links[0], buf, sizeof(buf)) == 0) { |
if (b->links[0] && PhysGetPeerAddr(b->links[0], buf, sizeof(buf)) == 0) { |
| DST_COPY(buf); |
DST_COPY(buf); |
|
Line 3958 IfaceSetDescr(Bund b, const char * template)
|
Line 3989 IfaceSetDescr(Bund b, const char * template)
|
| DST_COPY("-"); |
DST_COPY("-"); |
| } |
} |
| break; |
break; |
| |
/* timestamp of interface description change */ |
| |
case 's': |
| |
snprintf(buf, sizeof(buf), "%jd", (intmax_t)time(NULL)); |
| |
DST_COPY(buf); |
| |
break; |
| /* interface status */ |
/* interface status */ |
| case 'S': |
case 'S': |
| DST_COPY(iface->up ? (iface->dod ? "DoD" : "UP") : "DOWN"); |
DST_COPY(iface->up ? (iface->dod ? "DoD" : "UP") : "DOWN"); |
|
Line 4005 IfaceSetDescr(Bund b, const char * template)
|
Line 4041 IfaceSetDescr(Bund b, const char * template)
|
| return(0); /* we have not set system interface name yet */ |
return(0); /* we have not set system interface name yet */ |
| |
|
| /* Get socket */ |
/* Get socket */ |
| if ((s = socket(PF_INET, SOCK_DGRAM, 0)) < 0) { | if ((s = socket(PF_LOCAL, SOCK_DGRAM, 0)) < 0) { |
| Perror("[%s] IFACE: Can't get socket to set description for %s", |
Perror("[%s] IFACE: Can't get socket to set description for %s", |
| b->name, ifname); |
b->name, ifname); |
| return(-1); |
return(-1); |
|
Line 4058 IfaceAddGroup(Bund b, const char * ifgroup)
|
Line 4094 IfaceAddGroup(Bund b, const char * ifgroup)
|
| } |
} |
| |
|
| /* Get socket */ |
/* Get socket */ |
| if ((s = socket(PF_INET, SOCK_DGRAM, 0)) < 0) { | if ((s = socket(PF_LOCAL, SOCK_DGRAM, 0)) < 0) { |
| Perror("[%s] IFACE: Can't get socket to add group", b->name); |
Perror("[%s] IFACE: Can't get socket to add group", b->name); |
| return(-1); |
return(-1); |
| } |
} |
|
Line 4073 IfaceAddGroup(Bund b, const char * ifgroup)
|
Line 4109 IfaceAddGroup(Bund b, const char * ifgroup)
|
| |
|
| i = ioctl(s, SIOCAIFGROUP, (caddr_t)&ifgr); |
i = ioctl(s, SIOCAIFGROUP, (caddr_t)&ifgr); |
| if (i < 0 && i != EEXIST) { |
if (i < 0 && i != EEXIST) { |
| Perror("[%s] IFACE: ioctl(%s, SIOCAIFGROUP)", b->name, iface->ifname); | Perror("[%s] IFACE: ioctl(%s, %s)", b->name, iface->ifname, "SIOCAIFGROUP"); |
| close(s); |
close(s); |
| return(-1); |
return(-1); |
| } |
} |
|
Line 4093 IfaceDelGroup(Bund b, const char * ifgroup)
|
Line 4129 IfaceDelGroup(Bund b, const char * ifgroup)
|
| int s; |
int s; |
| |
|
| /* Get socket */ |
/* Get socket */ |
| if ((s = socket(PF_INET, SOCK_DGRAM, 0)) < 0) { | if ((s = socket(PF_LOCAL, SOCK_DGRAM, 0)) < 0) { |
| Perror("[%s] IFACE: Can't get socket to delete from group", b->name); |
Perror("[%s] IFACE: Can't get socket to delete from group", b->name); |
| return(-1); |
return(-1); |
| } |
} |
|
Line 4112 IfaceDelGroup(Bund b, const char * ifgroup)
|
Line 4148 IfaceDelGroup(Bund b, const char * ifgroup)
|
| b->name, iface->ifname, ifgroup)); |
b->name, iface->ifname, ifgroup)); |
| |
|
| if (ioctl(s, SIOCDIFGROUP, (caddr_t)&ifgr) == -1) { |
if (ioctl(s, SIOCDIFGROUP, (caddr_t)&ifgr) == -1) { |
| Perror("[%s] IFACE: ioctl(%s, SIOCDIFGROUP)", b->name, iface->ifname); | Perror("[%s] IFACE: ioctl(%s, %s)", b->name, iface->ifname, "SIOCDIFGROUP"); |
| close(s); |
close(s); |
| return(-1); |
return(-1); |
| } |
} |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to iface.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / mpd / src