|
Lines 116-121
Link Here
|
| 116 |
&VNET_NAME(log_redirect), 0, |
116 |
&VNET_NAME(log_redirect), 0, |
| 117 |
"Log ICMP redirects to the console"); |
117 |
"Log ICMP redirects to the console"); |
| 118 |
|
118 |
|
|
|
119 |
static VNET_DEFINE(int, log_icmps) = 0; |
| 120 |
#define V_log_icmps VNET(log_icmps) |
| 121 |
SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, log_icmps, CTLFLAG_RW, |
| 122 |
&VNET_NAME(log_icmps), 0, |
| 123 |
"Log ICMP's to the console"); |
| 124 |
|
| 119 |
static VNET_DEFINE(char, reply_src[IFNAMSIZ]); |
125 |
static VNET_DEFINE(char, reply_src[IFNAMSIZ]); |
| 120 |
#define V_reply_src VNET(reply_src) |
126 |
#define V_reply_src VNET(reply_src) |
| 121 |
SYSCTL_VNET_STRING(_net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW, |
127 |
SYSCTL_VNET_STRING(_net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW, |
|
Lines 148-157
Link Here
|
| 148 |
SYSCTL_INT(_net_inet_icmp, OID_AUTO, tstamprepl, CTLFLAG_RW, |
154 |
SYSCTL_INT(_net_inet_icmp, OID_AUTO, tstamprepl, CTLFLAG_RW, |
| 149 |
&VNET_NAME(icmptstamprepl), 0, "Respond to ICMP Timestamp packets"); |
155 |
&VNET_NAME(icmptstamprepl), 0, "Respond to ICMP Timestamp packets"); |
| 150 |
|
156 |
|
| 151 |
#ifdef ICMPPRINTFS |
|
|
| 152 |
int icmpprintfs = 0; |
| 153 |
#endif |
| 154 |
|
| 155 |
static void icmp_reflect(struct mbuf *); |
157 |
static void icmp_reflect(struct mbuf *); |
| 156 |
static void icmp_send(struct mbuf *, struct mbuf *); |
158 |
static void icmp_send(struct mbuf *, struct mbuf *); |
| 157 |
|
159 |
|
|
Lines 218-227
Link Here
|
| 218 |
unsigned icmplen, icmpelen, nlen; |
220 |
unsigned icmplen, icmpelen, nlen; |
| 219 |
|
221 |
|
| 220 |
KASSERT((u_int)type <= ICMP_MAXTYPE, ("%s: illegal ICMP type", __func__)); |
222 |
KASSERT((u_int)type <= ICMP_MAXTYPE, ("%s: illegal ICMP type", __func__)); |
| 221 |
#ifdef ICMPPRINTFS |
223 |
|
| 222 |
if (icmpprintfs) |
224 |
if (V_log_icmps) |
| 223 |
printf("icmp_error(%p, %x, %d)\n", oip, type, code); |
225 |
printf("icmp_error(%p, %x, %d)\n", oip, type, code); |
| 224 |
#endif |
226 |
|
| 225 |
if (type != ICMP_REDIRECT) |
227 |
if (type != ICMP_REDIRECT) |
| 226 |
ICMPSTAT_INC(icps_error); |
228 |
ICMPSTAT_INC(icps_error); |
| 227 |
/* |
229 |
/* |
|
Lines 373-386
Link Here
|
| 373 |
* Locate icmp structure in mbuf, and check |
375 |
* Locate icmp structure in mbuf, and check |
| 374 |
* that not corrupted and of at least minimum length. |
376 |
* that not corrupted and of at least minimum length. |
| 375 |
*/ |
377 |
*/ |
| 376 |
#ifdef ICMPPRINTFS |
378 |
|
| 377 |
if (icmpprintfs) { |
379 |
if (V_log_icmps) { |
| 378 |
char buf[4 * sizeof "123"]; |
380 |
char buf[4 * sizeof "123"]; |
| 379 |
strcpy(buf, inet_ntoa(ip->ip_src)); |
381 |
strcpy(buf, inet_ntoa(ip->ip_src)); |
| 380 |
printf("icmp_input from %s to %s, len %d\n", |
382 |
printf("icmp_input from %s to %s, len %d, fib %d\n", |
| 381 |
buf, inet_ntoa(ip->ip_dst), icmplen); |
383 |
buf, inet_ntoa(ip->ip_dst), icmplen, M_GETFIB(m)); |
| 382 |
} |
384 |
} |
| 383 |
#endif |
385 |
|
| 384 |
if (icmplen < ICMP_MINLEN) { |
386 |
if (icmplen < ICMP_MINLEN) { |
| 385 |
ICMPSTAT_INC(icps_tooshort); |
387 |
ICMPSTAT_INC(icps_tooshort); |
| 386 |
goto freeit; |
388 |
goto freeit; |
|
Lines 414-424
Link Here
|
| 414 |
} |
416 |
} |
| 415 |
} |
417 |
} |
| 416 |
|
418 |
|
| 417 |
#ifdef ICMPPRINTFS |
419 |
if (V_log_icmps) |
| 418 |
if (icmpprintfs) |
|
|
| 419 |
printf("icmp_input, type %d code %d\n", icp->icmp_type, |
420 |
printf("icmp_input, type %d code %d\n", icp->icmp_type, |
| 420 |
icp->icmp_code); |
421 |
icp->icmp_code); |
| 421 |
#endif |
|
|
| 422 |
|
422 |
|
| 423 |
/* |
423 |
/* |
| 424 |
* Message type specific processing. |
424 |
* Message type specific processing. |
|
Lines 508-517
Link Here
|
| 508 |
/* Discard ICMP's in response to multicast packets */ |
508 |
/* Discard ICMP's in response to multicast packets */ |
| 509 |
if (IN_MULTICAST(ntohl(icp->icmp_ip.ip_dst.s_addr))) |
509 |
if (IN_MULTICAST(ntohl(icp->icmp_ip.ip_dst.s_addr))) |
| 510 |
goto badcode; |
510 |
goto badcode; |
| 511 |
#ifdef ICMPPRINTFS |
511 |
|
| 512 |
if (icmpprintfs) |
512 |
if (V_log_icmps) |
| 513 |
printf("deliver to protocol %d\n", icp->icmp_ip.ip_p); |
513 |
printf("deliver to protocol %d\n", icp->icmp_ip.ip_p); |
| 514 |
#endif |
514 |
|
| 515 |
icmpsrc.sin_addr = icp->icmp_ip.ip_dst; |
515 |
icmpsrc.sin_addr = icp->icmp_ip.ip_dst; |
| 516 |
/* |
516 |
/* |
| 517 |
* XXX if the packet contains [IPv4 AH TCP], we can't make a |
517 |
* XXX if the packet contains [IPv4 AH TCP], we can't make a |
|
Lines 642-656
Link Here
|
| 642 |
*/ |
642 |
*/ |
| 643 |
icmpgw.sin_addr = ip->ip_src; |
643 |
icmpgw.sin_addr = ip->ip_src; |
| 644 |
icmpdst.sin_addr = icp->icmp_gwaddr; |
644 |
icmpdst.sin_addr = icp->icmp_gwaddr; |
| 645 |
#ifdef ICMPPRINTFS |
645 |
|
| 646 |
if (icmpprintfs) { |
646 |
if (V_log_icmps) { |
| 647 |
char buf[4 * sizeof "123"]; |
647 |
char buf[4 * sizeof "123"]; |
| 648 |
strcpy(buf, inet_ntoa(icp->icmp_ip.ip_dst)); |
648 |
strcpy(buf, inet_ntoa(icp->icmp_ip.ip_dst)); |
| 649 |
|
649 |
|
| 650 |
printf("redirect dst %s to %s\n", |
650 |
printf("redirect dst %s to %s\n", |
| 651 |
buf, inet_ntoa(icp->icmp_gwaddr)); |
651 |
buf, inet_ntoa(icp->icmp_gwaddr)); |
| 652 |
} |
652 |
} |
| 653 |
#endif |
653 |
|
| 654 |
icmpsrc.sin_addr = icp->icmp_ip.ip_dst; |
654 |
icmpsrc.sin_addr = icp->icmp_ip.ip_dst; |
| 655 |
for ( fibnum = 0; fibnum < rt_numfibs; fibnum++) { |
655 |
for ( fibnum = 0; fibnum < rt_numfibs; fibnum++) { |
| 656 |
in_rtredirect((struct sockaddr *)&icmpsrc, |
656 |
in_rtredirect((struct sockaddr *)&icmpsrc, |
|
Lines 818-828
Link Here
|
| 818 |
mtod(opts, struct in_addr *)->s_addr = 0; |
818 |
mtod(opts, struct in_addr *)->s_addr = 0; |
| 819 |
} |
819 |
} |
| 820 |
if (opts) { |
820 |
if (opts) { |
| 821 |
#ifdef ICMPPRINTFS |
821 |
|
| 822 |
if (icmpprintfs) |
822 |
if (V_log_icmps) |
| 823 |
printf("icmp_reflect optlen %d rt %d => ", |
823 |
printf("icmp_reflect optlen %d rt %d => ", |
| 824 |
optlen, opts->m_len); |
824 |
optlen, opts->m_len); |
| 825 |
#endif |
825 |
|
| 826 |
for (cnt = optlen; cnt > 0; cnt -= len, cp += len) { |
826 |
for (cnt = optlen; cnt > 0; cnt -= len, cp += len) { |
| 827 |
opt = cp[IPOPT_OPTVAL]; |
827 |
opt = cp[IPOPT_OPTVAL]; |
| 828 |
if (opt == IPOPT_EOL) |
828 |
if (opt == IPOPT_EOL) |
|
Lines 856-865
Link Here
|
| 856 |
opts->m_len++; |
856 |
opts->m_len++; |
| 857 |
} |
857 |
} |
| 858 |
} |
858 |
} |
| 859 |
#ifdef ICMPPRINTFS |
859 |
|
| 860 |
if (icmpprintfs) |
860 |
if (V_log_icmps) |
| 861 |
printf("%d\n", opts->m_len); |
861 |
printf("%d\n", opts->m_len); |
| 862 |
#endif |
862 |
|
| 863 |
} |
863 |
} |
| 864 |
ip_stripoptions(m); |
864 |
ip_stripoptions(m); |
| 865 |
} |
865 |
} |
|
Lines 891-904
Link Here
|
| 891 |
m->m_data -= hlen; |
891 |
m->m_data -= hlen; |
| 892 |
m->m_len += hlen; |
892 |
m->m_len += hlen; |
| 893 |
m->m_pkthdr.rcvif = (struct ifnet *)0; |
893 |
m->m_pkthdr.rcvif = (struct ifnet *)0; |
| 894 |
#ifdef ICMPPRINTFS |
894 |
|
| 895 |
if (icmpprintfs) { |
895 |
if (V_log_icmps) { |
| 896 |
char buf[4 * sizeof "123"]; |
896 |
char buf[4 * sizeof "123"]; |
| 897 |
strcpy(buf, inet_ntoa(ip->ip_dst)); |
897 |
strcpy(buf, inet_ntoa(ip->ip_dst)); |
| 898 |
printf("icmp_send dst %s src %s\n", |
898 |
printf("icmp_send dst %s src %s fib %d\n", |
| 899 |
buf, inet_ntoa(ip->ip_src)); |
899 |
buf, inet_ntoa(ip->ip_src), M_GETFIB(m)); |
| 900 |
} |
900 |
} |
| 901 |
#endif |
901 |
|
| 902 |
(void) ip_output(m, opts, NULL, 0, NULL, NULL); |
902 |
(void) ip_output(m, opts, NULL, 0, NULL, NULL); |
| 903 |
} |
903 |
} |
| 904 |
|
904 |
|