2 * NET3: Implementation of the ICMP protocol layer.
4 * Alan Cox, <alan@redhat.com>
6 * Version: $Id: icmp.c,v 1.1.1.1 2005/04/11 02:51:13 jack Exp $
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
13 * Some of the function names and the icmp unreach table for this
14 * module were derived from [icmp.c 1.0.11 06/02/93] by
15 * Ross Biro, Fred N. van Kempen, Mark Evans, Alan Cox, Gerhard Koerting.
16 * Other than that this module is a complete rewrite.
19 * Clemens Fruhwirth : introduce global icmp rate limiting
20 * with icmp type masking ability instead
21 * of broken per type icmp timeouts.
22 * Mike Shaver : RFC1122 checks.
23 * Alan Cox : Multicast ping reply as self.
24 * Alan Cox : Fix atomicity lockup in ip_build_xmit
26 * Alan Cox : Added 216,128 byte paths to the MTU
28 * Martin Mares : RFC1812 checks.
29 * Martin Mares : Can be configured to follow redirects
30 * if acting as a router _without_ a
31 * routing protocol (RFC 1812).
32 * Martin Mares : Echo requests may be configured to
33 * be ignored (RFC 1812).
34 * Martin Mares : Limitation of ICMP error message
35 * transmit rate (RFC 1812).
36 * Martin Mares : TOS and Precedence set correctly
38 * Martin Mares : Now copying as much data from the
39 * original packet as we can without
40 * exceeding 576 bytes (RFC 1812).
41 * Willy Konynenberg : Transparent proxying support.
42 * Keith Owens : RFC1191 correction for 4.2BSD based
44 * Thomas Quinot : ICMP Dest Unreach codes up to 15 are
46 * Andi Kleen : Check all packet lengths properly
47 * and moved all kfree_skb() up to
49 * Andi Kleen : Move the rate limit bookkeeping
50 * into the dest entry and use a token
51 * bucket filter (thanks to ANK). Make
52 * the rates sysctl configurable.
53 * Yu Tianli : Fixed two ugly bugs in icmp_send
54 * - IP option length was accounted wrongly
55 * - ICMP header length was not accounted at all.
56 * Tristan Greaves : Added sysctl option to ignore bogus broadcast
57 * responses from broken routers.
61 * - Should use skb_pull() instead of all the manual checking.
62 * This would also greatly simply some upper layer error handlers. --AK
66 #include <linux/config.h>
67 #include <linux/types.h>
68 #include <linux/sched.h>
69 #include <linux/kernel.h>
70 #include <linux/fcntl.h>
71 #include <linux/socket.h>
73 #include <linux/inet.h>
74 #include <linux/netdevice.h>
75 #include <linux/string.h>
76 #include <linux/netfilter_ipv4.h>
79 #include <net/route.h>
80 #include <net/protocol.h>
85 #include <linux/skbuff.h>
87 #include <linux/errno.h>
88 #include <linux/timer.h>
89 #include <linux/init.h>
90 #include <asm/system.h>
91 #include <asm/uaccess.h>
92 #include <net/checksum.h>
95 * Build xmit assembly blocks
106 struct icmphdr icmph;
110 struct ip_options replyopts;
111 unsigned char optbuf[40];
118 struct icmp_mib icmp_statistics[NR_CPUS*2];
120 /* An array of errno for error messages from dest unreach. */
121 /* RFC 1122: 3.2.2.1 States that NET_UNREACH, HOS_UNREACH and SR_FAIELD MUST be considered 'transient errs'. */
123 struct icmp_err icmp_err_convert[] = {
124 { ENETUNREACH, 0 }, /* ICMP_NET_UNREACH */
125 { EHOSTUNREACH, 0 }, /* ICMP_HOST_UNREACH */
126 { ENOPROTOOPT, 1 }, /* ICMP_PROT_UNREACH */
127 { ECONNREFUSED, 1 }, /* ICMP_PORT_UNREACH */
128 { EMSGSIZE, 0 }, /* ICMP_FRAG_NEEDED */
129 { EOPNOTSUPP, 0 }, /* ICMP_SR_FAILED */
130 { ENETUNREACH, 1 }, /* ICMP_NET_UNKNOWN */
131 { EHOSTDOWN, 1 }, /* ICMP_HOST_UNKNOWN */
132 { ENONET, 1 }, /* ICMP_HOST_ISOLATED */
133 { ENETUNREACH, 1 }, /* ICMP_NET_ANO */
134 { EHOSTUNREACH, 1 }, /* ICMP_HOST_ANO */
135 { ENETUNREACH, 0 }, /* ICMP_NET_UNR_TOS */
136 { EHOSTUNREACH, 0 }, /* ICMP_HOST_UNR_TOS */
137 { EHOSTUNREACH, 1 }, /* ICMP_PKT_FILTERED */
138 { EHOSTUNREACH, 1 }, /* ICMP_PREC_VIOLATION */
139 { EHOSTUNREACH, 1 } /* ICMP_PREC_CUTOFF */
142 extern int sysctl_ip_default_ttl;
144 /* Control parameters for ECHO replies. */
145 int sysctl_icmp_echo_ignore_all;
146 int sysctl_icmp_echo_ignore_broadcasts;
148 /* Control parameter - ignore bogus broadcast responses? */
149 int sysctl_icmp_ignore_bogus_error_responses;
152 * Configurable global rate limit.
154 * ratelimit defines tokens/packet consumed for dst->rate_token bucket
155 * ratemask defines which icmp types are ratelimited by setting
159 * dest unreachable (3), source quench (4),
160 * time exceeded (11), parameter problem (12)
163 int sysctl_icmp_ratelimit = 1*HZ;
164 int sysctl_icmp_ratemask = 0x1818;
167 * ICMP control array. This specifies what to do with each ICMP.
172 unsigned long *output; /* Address to increment on output */
173 unsigned long *input; /* Address to increment on input */
174 void (*handler)(struct sk_buff *skb);
175 short error; /* This ICMP is classed as an error message */
178 static struct icmp_control icmp_pointers[NR_ICMP_TYPES+1];
181 * The ICMP socket. This is the most convenient way to flow control
182 * our ICMP output as well as maintain a clean interface throughout
183 * all layers. All Socketless IP sends will soon be gone.
186 struct inode icmp_inode;
187 struct socket *icmp_socket = &icmp_inode.u.socket_i;
189 /* ICMPv4 socket is only a bit non-reenterable (unlike ICMPv6,
190 which is strongly non-reenterable). A bit later it will be made
191 reenterable and the lock may be removed then.
194 static int icmp_xmit_holder = -1;
196 static int icmp_xmit_lock_bh(void)
198 if (!spin_trylock(&icmp_socket->sk->lock.slock)) {
199 if (icmp_xmit_holder == smp_processor_id())
201 spin_lock(&icmp_socket->sk->lock.slock);
203 icmp_xmit_holder = smp_processor_id();
207 static __inline__ int icmp_xmit_lock(void)
211 ret = icmp_xmit_lock_bh();
217 static void icmp_xmit_unlock_bh(void)
219 icmp_xmit_holder = -1;
220 spin_unlock(&icmp_socket->sk->lock.slock);
223 static __inline__ void icmp_xmit_unlock(void)
225 icmp_xmit_unlock_bh();
231 * Send an ICMP frame.
235 * Check transmit rate limitation for given message.
236 * The rate information is held in the destination cache now.
237 * This function is generic and could be used for other purposes
238 * too. It uses a Token bucket filter as suggested by Alexey Kuznetsov.
240 * Note that the same dst_entry fields are modified by functions in
241 * route.c too, but these work for packet destinations while xrlim_allow
242 * works for icmp destinations. This means the rate limiting information
243 * for one "ip object" is shared - and these ICMPs are twice limited:
244 * by source and by destination.
246 * RFC 1812: 4.3.2.8 SHOULD be able to limit error message rate
247 * SHOULD allow setting of rate limits
249 * Shared between ICMPv4 and ICMPv6.
251 #define XRLIM_BURST_FACTOR 6
252 int xrlim_allow(struct dst_entry *dst, int timeout)
257 dst->rate_tokens += now - dst->rate_last;
258 dst->rate_last = now;
259 if (dst->rate_tokens > XRLIM_BURST_FACTOR*timeout)
260 dst->rate_tokens = XRLIM_BURST_FACTOR*timeout;
261 if (dst->rate_tokens >= timeout) {
262 dst->rate_tokens -= timeout;
268 static inline int icmpv4_xrlim_allow(struct rtable *rt, int type, int code)
270 struct dst_entry *dst = &rt->u.dst;
272 if (type > NR_ICMP_TYPES)
275 /* Don't limit PMTU discovery. */
276 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED)
279 /* No rate limit on loopback */
280 if (dst->dev && (dst->dev->flags&IFF_LOOPBACK))
283 /* Limit if icmp type is enabled in ratemask. */
284 if((1 << type) & sysctl_icmp_ratemask)
285 return xrlim_allow(dst, sysctl_icmp_ratelimit);
291 * Maintain the counters used in the SNMP statistics for outgoing ICMP
294 static void icmp_out_count(int type)
296 if (type>NR_ICMP_TYPES)
298 (icmp_pointers[type].output)[(smp_processor_id()*2+!in_softirq())*sizeof(struct icmp_mib)/sizeof(unsigned long)]++;
299 ICMP_INC_STATS(IcmpOutMsgs);
303 * Checksum each fragment, and on the first include the headers and final checksum.
306 static int icmp_glue_bits(const void *p, char *to, unsigned int offset, unsigned int fraglen)
308 struct icmp_bxm *icmp_param = (struct icmp_bxm *)p;
309 struct icmphdr *icmph;
313 icmp_param->csum=skb_copy_and_csum_bits(icmp_param->skb,
314 icmp_param->offset+(offset-icmp_param->head_len),
315 to, fraglen,icmp_param->csum);
320 * First fragment includes header. Note that we've done
321 * the other fragments first, so that we get the checksum
322 * for the whole packet here.
324 csum = csum_partial_copy_nocheck((void *)&icmp_param->data,
325 to, icmp_param->head_len,
327 csum=skb_copy_and_csum_bits(icmp_param->skb,
329 to+icmp_param->head_len,
330 fraglen-icmp_param->head_len,
332 icmph=(struct icmphdr *)to;
333 icmph->checksum = csum_fold(csum);
338 * Driving logic for building and sending ICMP messages.
341 static void icmp_reply(struct icmp_bxm *icmp_param, struct sk_buff *skb)
343 struct sock *sk=icmp_socket->sk;
344 struct ipcm_cookie ipc;
345 struct rtable *rt = (struct rtable*)skb->dst;
348 if (ip_options_echo(&icmp_param->replyopts, skb))
351 if (icmp_xmit_lock_bh())
354 icmp_param->data.icmph.checksum=0;
356 icmp_out_count(icmp_param->data.icmph.type);
358 sk->protinfo.af_inet.tos = skb->nh.iph->tos;
359 sk->protinfo.af_inet.ttl = sysctl_ip_default_ttl;
360 daddr = ipc.addr = rt->rt_src;
362 if (icmp_param->replyopts.optlen) {
363 ipc.opt = &icmp_param->replyopts;
365 daddr = icmp_param->replyopts.faddr;
367 if (ip_route_output(&rt, daddr, rt->rt_spec_dst, RT_TOS(skb->nh.iph->tos), 0))
369 if (icmpv4_xrlim_allow(rt, icmp_param->data.icmph.type,
370 icmp_param->data.icmph.code)) {
371 ip_build_xmit(sk, icmp_glue_bits, icmp_param,
372 icmp_param->data_len+icmp_param->head_len,
373 &ipc, rt, MSG_DONTWAIT);
377 icmp_xmit_unlock_bh();
382 * Send an ICMP message in response to a situation
384 * RFC 1122: 3.2.2 MUST send at least the IP header and 8 bytes of header. MAY send more (we do).
385 * MUST NOT change this header information.
386 * MUST NOT reply to a multicast/broadcast IP address.
387 * MUST NOT reply to a multicast/broadcast MAC address.
388 * MUST reply to only the first fragment.
391 void icmp_send(struct sk_buff *skb_in, int type, int code, u32 info)
395 struct icmp_bxm icmp_param;
396 struct rtable *rt = (struct rtable*)skb_in->dst;
397 struct ipcm_cookie ipc;
405 * Find the original header. It is expected to be valid, of course.
406 * Check this, icmp_send is called from the most obscure devices
409 iph = skb_in->nh.iph;
411 if ((u8*)iph < skb_in->head || (u8*)(iph+1) > skb_in->tail)
415 * No replies to physical multicast/broadcast
417 if (skb_in->pkt_type!=PACKET_HOST)
421 * Now check at the protocol level
423 if (rt->rt_flags&(RTCF_BROADCAST|RTCF_MULTICAST))
427 * Only reply to fragment 0. We byte re-order the constant
428 * mask for efficiency.
430 if (iph->frag_off&htons(IP_OFFSET))
434 * If we send an ICMP error to an ICMP error a mess would result..
436 if (icmp_pointers[type].error) {
438 * We are an error, check if we are replying to an ICMP error
440 if (iph->protocol==IPPROTO_ICMP) {
443 if (skb_copy_bits(skb_in,
444 skb_in->nh.raw + (iph->ihl<<2)
445 + offsetof(struct icmphdr, type)
451 * Assume any unknown ICMP type is an error. This isn't
452 * specified by the RFC, but think about it..
454 if (inner_type>NR_ICMP_TYPES || icmp_pointers[inner_type].error)
459 if (icmp_xmit_lock())
463 * Construct source address and options.
466 #ifdef CONFIG_IP_ROUTE_NAT
468 * Restore original addresses if packet has been translated.
470 if (rt->rt_flags&RTCF_NAT && IPCB(skb_in)->flags&IPSKB_TRANSLATED) {
471 iph->daddr = rt->key.dst;
472 iph->saddr = rt->key.src;
477 if (!(rt->rt_flags & RTCF_LOCAL))
480 tos = icmp_pointers[type].error ?
481 ((iph->tos & IPTOS_TOS_MASK) | IPTOS_PREC_INTERNETCONTROL) :
484 if (ip_route_output(&rt, iph->saddr, saddr, RT_TOS(tos), 0))
487 if (ip_options_echo(&icmp_param.replyopts, skb_in))
492 * Prepare data for ICMP header.
495 icmp_param.data.icmph.type=type;
496 icmp_param.data.icmph.code=code;
497 icmp_param.data.icmph.un.gateway = info;
498 icmp_param.data.icmph.checksum=0;
500 icmp_param.skb=skb_in;
501 icmp_param.offset=skb_in->nh.raw - skb_in->data;
502 icmp_out_count(icmp_param.data.icmph.type);
503 icmp_socket->sk->protinfo.af_inet.tos = tos;
504 icmp_socket->sk->protinfo.af_inet.ttl = sysctl_ip_default_ttl;
505 ipc.addr = iph->saddr;
506 ipc.opt = &icmp_param.replyopts;
507 if (icmp_param.replyopts.srr) {
509 if (ip_route_output(&rt, icmp_param.replyopts.faddr, saddr, RT_TOS(tos), 0))
513 if (!icmpv4_xrlim_allow(rt, type, code))
516 /* RFC says return as much as we can without exceeding 576 bytes. */
518 room = rt->u.dst.pmtu;
521 room -= sizeof(struct iphdr) + icmp_param.replyopts.optlen;
522 room -= sizeof(struct icmphdr);
524 icmp_param.data_len=skb_in->len-icmp_param.offset;
525 if (icmp_param.data_len > room)
526 icmp_param.data_len = room;
527 icmp_param.head_len = sizeof(struct icmphdr);
529 ip_build_xmit(icmp_socket->sk, icmp_glue_bits, &icmp_param,
530 icmp_param.data_len+sizeof(struct icmphdr),
531 &ipc, rt, MSG_DONTWAIT);
541 * Handle ICMP_DEST_UNREACH, ICMP_TIME_EXCEED, and ICMP_QUENCH.
544 static void icmp_unreach(struct sk_buff *skb)
547 struct icmphdr *icmph;
549 struct inet_protocol *ipprot;
554 * Incomplete header ?
555 * Only checks for the IP header, there should be an
556 * additional check for longer headers in upper levels.
559 if (!pskb_may_pull(skb, sizeof(struct iphdr))) {
560 ICMP_INC_STATS_BH(IcmpInErrors);
564 icmph = skb->h.icmph;
565 iph = (struct iphdr *) skb->data;
568 /* Mangled header, drop. */
569 ICMP_INC_STATS_BH(IcmpInErrors);
573 if(icmph->type==ICMP_DEST_UNREACH) {
574 switch(icmph->code & 15) {
575 case ICMP_NET_UNREACH:
577 case ICMP_HOST_UNREACH:
579 case ICMP_PROT_UNREACH:
581 case ICMP_PORT_UNREACH:
583 case ICMP_FRAG_NEEDED:
584 if (ipv4_config.no_pmtu_disc) {
586 printk(KERN_INFO "ICMP: %u.%u.%u.%u: fragmentation needed and DF set.\n",
587 NIPQUAD(iph->daddr));
589 info = ip_rt_frag_needed(iph, ntohs(icmph->un.frag.mtu));
596 printk(KERN_INFO "ICMP: %u.%u.%u.%u: Source Route Failed.\n", NIPQUAD(iph->daddr));
601 if (icmph->code>NR_ICMP_UNREACH)
603 } else if (icmph->type == ICMP_PARAMETERPROB) {
604 info = ntohl(icmph->un.gateway)>>24;
608 * Throw it at our lower layers
610 * RFC 1122: 3.2.2 MUST extract the protocol ID from the passed header.
611 * RFC 1122: 3.2.2.1 MUST pass ICMP unreach messages to the transport layer.
612 * RFC 1122: 3.2.2.2 MUST pass ICMP time expired messages to transport layer.
616 * Check the other end isnt violating RFC 1122. Some routers send
617 * bogus responses to broadcast frames. If you see this message
618 * first check your netmask matches at both ends, if it does then
619 * get the other vendor to fix their kit.
622 if (!sysctl_icmp_ignore_bogus_error_responses)
625 if (inet_addr_type(iph->daddr) == RTN_BROADCAST)
628 printk(KERN_WARNING "%u.%u.%u.%u sent an invalid ICMP error to a broadcast.\n",
629 NIPQUAD(skb->nh.iph->saddr));
634 /* Checkin full IP header plus 8 bytes of protocol to
635 * avoid additional coding at protocol handlers.
637 if (!pskb_may_pull(skb, iph->ihl*4+8))
640 iph = (struct iphdr *) skb->data;
641 protocol = iph->protocol;
644 * Deliver ICMP message to raw sockets. Pretty useless feature?
647 /* Note: See raw.c and net/raw.h, RAWV4_HTABLE_SIZE==MAX_INET_PROTOS */
648 hash = protocol & (MAX_INET_PROTOS - 1);
649 read_lock(&raw_v4_lock);
650 if ((raw_sk = raw_v4_htable[hash]) != NULL)
652 while ((raw_sk = __raw_v4_lookup(raw_sk, protocol, iph->daddr,
653 iph->saddr, skb->dev->ifindex)) != NULL) {
654 raw_err(raw_sk, skb, info);
655 raw_sk = raw_sk->next;
656 iph = (struct iphdr *)skb->data;
659 read_unlock(&raw_v4_lock);
662 * This can't change while we are doing it.
663 * Callers have obtained BR_NETPROTO_LOCK so
667 ipprot = (struct inet_protocol *) inet_protos[hash];
669 struct inet_protocol *nextip;
671 nextip = (struct inet_protocol *) ipprot->next;
674 * Pass it off to everyone who wants it.
677 /* RFC1122: OK. Passes appropriate ICMP errors to the */
678 /* appropriate protocol layer (MUST), as per 3.2.2. */
680 if (protocol == ipprot->protocol && ipprot->err_handler)
681 ipprot->err_handler(skb, info);
690 * Handle ICMP_REDIRECT.
693 static void icmp_redirect(struct sk_buff *skb)
698 if (skb->len < sizeof(struct iphdr)) {
699 ICMP_INC_STATS_BH(IcmpInErrors);
704 * Get the copied header of the packet that caused the redirect
706 if (!pskb_may_pull(skb, sizeof(struct iphdr)))
709 iph = (struct iphdr *) skb->data;
712 switch (skb->h.icmph->code & 7) {
714 case ICMP_REDIR_NETTOS:
716 * As per RFC recommendations now handle it as
720 case ICMP_REDIR_HOST:
721 case ICMP_REDIR_HOSTTOS:
722 ip_rt_redirect(skb->nh.iph->saddr, ip, skb->h.icmph->un.gateway, iph->saddr, iph->tos, skb->dev);
730 * Handle ICMP_ECHO ("ping") requests.
732 * RFC 1122: 3.2.2.6 MUST have an echo server that answers ICMP echo requests.
733 * RFC 1122: 3.2.2.6 Data received in the ICMP_ECHO request MUST be included in the reply.
734 * RFC 1812: 4.3.3.6 SHOULD have a config option for silently ignoring echo requests, MUST have default=NOT.
735 * See also WRT handling of options once they are done and working.
738 static void icmp_echo(struct sk_buff *skb)
740 if (!sysctl_icmp_echo_ignore_all) {
741 struct icmp_bxm icmp_param;
743 icmp_param.data.icmph=*skb->h.icmph;
744 icmp_param.data.icmph.type=ICMP_ECHOREPLY;
747 icmp_param.data_len=skb->len;
748 icmp_param.head_len=sizeof(struct icmphdr);
749 icmp_reply(&icmp_param, skb);
754 * Handle ICMP Timestamp requests.
755 * RFC 1122: 3.2.2.8 MAY implement ICMP timestamp requests.
756 * SHOULD be in the kernel for minimum random latency.
757 * MUST be accurate to a few minutes.
758 * MUST be updated at least at 15Hz.
761 static void icmp_timestamp(struct sk_buff *skb)
764 struct icmp_bxm icmp_param;
771 ICMP_INC_STATS_BH(IcmpInErrors);
776 * Fill in the current time as ms since midnight UT:
778 do_gettimeofday(&tv);
779 icmp_param.data.times[1] = htonl((tv.tv_sec % 86400) * 1000 + tv.tv_usec / 1000);
780 icmp_param.data.times[2] = icmp_param.data.times[1];
781 if (skb_copy_bits(skb, 0, &icmp_param.data.times[0], 4))
783 icmp_param.data.icmph=*skb->h.icmph;
784 icmp_param.data.icmph.type=ICMP_TIMESTAMPREPLY;
785 icmp_param.data.icmph.code=0;
788 icmp_param.data_len=0;
789 icmp_param.head_len=sizeof(struct icmphdr)+12;
790 icmp_reply(&icmp_param, skb);
795 * Handle ICMP_ADDRESS_MASK requests. (RFC950)
797 * RFC1122 (3.2.2.9). A host MUST only send replies to
798 * ADDRESS_MASK requests if it's been configured as an address mask
799 * agent. Receiving a request doesn't constitute implicit permission to
800 * act as one. Of course, implementing this correctly requires (SHOULD)
801 * a way to turn the functionality on and off. Another one for sysctl(),
804 * RFC1812 (4.3.3.9). A router MUST implement it.
805 * A router SHOULD have switch turning it on/off.
806 * This switch MUST be ON by default.
808 * Gratuitous replies, zero-source replies are not implemented,
809 * that complies with RFC. DO NOT implement them!!! All the idea
810 * of broadcast addrmask replies as specified in RFC950 is broken.
811 * The problem is that it is not uncommon to have several prefixes
812 * on one physical interface. Moreover, addrmask agent can even be
813 * not aware of existing another prefixes.
814 * If source is zero, addrmask agent cannot choose correct prefix.
815 * Gratuitous mask announcements suffer from the same problem.
816 * RFC1812 explains it, but still allows to use ADDRMASK,
817 * that is pretty silly. --ANK
819 * All these rules are so bizarre, that I removed kernel addrmask
820 * support at all. It is wrong, it is obsolete, nobody uses it in
823 * Furthermore you can do it with a usermode address agent program
827 static void icmp_address(struct sk_buff *skb)
831 printk(KERN_DEBUG "a guy asks for address mask. Who is it?\n");
836 * RFC1812 (4.3.3.9). A router SHOULD listen all replies, and complain
837 * loudly if an inconsistency is found.
840 static void icmp_address_reply(struct sk_buff *skb)
842 struct rtable *rt = (struct rtable*)skb->dst;
843 struct net_device *dev = skb->dev;
844 struct in_device *in_dev;
845 struct in_ifaddr *ifa;
848 if (skb->len < 4 || !(rt->rt_flags&RTCF_DIRECTSRC))
851 in_dev = in_dev_get(dev);
854 read_lock(&in_dev->lock);
855 if (in_dev->ifa_list &&
856 IN_DEV_LOG_MARTIANS(in_dev) &&
857 IN_DEV_FORWARD(in_dev)) {
858 if (skb_copy_bits(skb, 0, &mask, 4))
860 for (ifa=in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
861 if (mask == ifa->ifa_mask && inet_ifa_match(rt->rt_src, ifa))
864 if (!ifa && net_ratelimit()) {
865 printk(KERN_INFO "Wrong address mask %u.%u.%u.%u from %s/%u.%u.%u.%u\n",
866 NIPQUAD(mask), dev->name, NIPQUAD(rt->rt_src));
869 read_unlock(&in_dev->lock);
873 static void icmp_discard(struct sk_buff *skb)
878 * Deal with incoming ICMP packets.
881 int icmp_rcv(struct sk_buff *skb)
883 struct icmphdr *icmph;
884 struct rtable *rt = (struct rtable*)skb->dst;
886 ICMP_INC_STATS_BH(IcmpInMsgs);
888 switch (skb->ip_summed) {
890 if ((u16)csum_fold(skb->csum) == 0)
892 NETDEBUG(if (net_ratelimit()) printk(KERN_DEBUG "icmp v4 hw csum failure\n"));
894 if ((u16)csum_fold(skb_checksum(skb, 0, skb->len, 0)))
899 if (!pskb_pull(skb, sizeof(struct icmphdr)))
902 icmph = skb->h.icmph;
905 * 18 is the highest 'known' ICMP type. Anything else is a mystery
907 * RFC 1122: 3.2.2 Unknown ICMP messages types MUST be silently discarded.
909 if (icmph->type > NR_ICMP_TYPES)
914 * Parse the ICMP message
917 if (rt->rt_flags&(RTCF_BROADCAST|RTCF_MULTICAST)) {
919 * RFC 1122: 3.2.2.6 An ICMP_ECHO to broadcast MAY be
920 * silently ignored (we let user decide with a sysctl).
921 * RFC 1122: 3.2.2.8 An ICMP_TIMESTAMP MAY be silently
922 * discarded if to broadcast/multicast.
924 if (icmph->type == ICMP_ECHO &&
925 sysctl_icmp_echo_ignore_broadcasts) {
928 if (icmph->type != ICMP_ECHO &&
929 icmph->type != ICMP_TIMESTAMP &&
930 icmph->type != ICMP_ADDRESS &&
931 icmph->type != ICMP_ADDRESSREPLY) {
936 icmp_pointers[icmph->type].input[smp_processor_id()*2*sizeof(struct icmp_mib)/sizeof(unsigned long)]++;
937 (icmp_pointers[icmph->type].handler)(skb);
943 ICMP_INC_STATS_BH(IcmpInErrors);
948 * This table is the definition of how we handle ICMP.
951 static struct icmp_control icmp_pointers[NR_ICMP_TYPES+1] = {
953 { &icmp_statistics[0].IcmpOutEchoReps, &icmp_statistics[0].IcmpInEchoReps, icmp_discard, 0 },
954 { &icmp_statistics[0].dummy, &icmp_statistics[0].IcmpInErrors, icmp_discard, 1 },
955 { &icmp_statistics[0].dummy, &icmp_statistics[0].IcmpInErrors, icmp_discard, 1 },
956 /* DEST UNREACH (3) */
957 { &icmp_statistics[0].IcmpOutDestUnreachs, &icmp_statistics[0].IcmpInDestUnreachs, icmp_unreach, 1 },
958 /* SOURCE QUENCH (4) */
959 { &icmp_statistics[0].IcmpOutSrcQuenchs, &icmp_statistics[0].IcmpInSrcQuenchs, icmp_unreach, 1 },
961 { &icmp_statistics[0].IcmpOutRedirects, &icmp_statistics[0].IcmpInRedirects, icmp_redirect, 1 },
962 { &icmp_statistics[0].dummy, &icmp_statistics[0].IcmpInErrors, icmp_discard, 1 },
963 { &icmp_statistics[0].dummy, &icmp_statistics[0].IcmpInErrors, icmp_discard, 1 },
965 { &icmp_statistics[0].IcmpOutEchos, &icmp_statistics[0].IcmpInEchos, icmp_echo, 0 },
966 { &icmp_statistics[0].dummy, &icmp_statistics[0].IcmpInErrors, icmp_discard, 1 },
967 { &icmp_statistics[0].dummy, &icmp_statistics[0].IcmpInErrors, icmp_discard, 1 },
968 /* TIME EXCEEDED (11) */
969 { &icmp_statistics[0].IcmpOutTimeExcds, &icmp_statistics[0].IcmpInTimeExcds, icmp_unreach, 1 },
970 /* PARAMETER PROBLEM (12) */
971 { &icmp_statistics[0].IcmpOutParmProbs, &icmp_statistics[0].IcmpInParmProbs, icmp_unreach, 1 },
973 { &icmp_statistics[0].IcmpOutTimestamps, &icmp_statistics[0].IcmpInTimestamps, icmp_timestamp, 0 },
974 /* TIMESTAMP REPLY (14) */
975 { &icmp_statistics[0].IcmpOutTimestampReps, &icmp_statistics[0].IcmpInTimestampReps, icmp_discard, 0 },
977 { &icmp_statistics[0].dummy, &icmp_statistics[0].dummy, icmp_discard, 0 },
978 /* INFO REPLY (16) */
979 { &icmp_statistics[0].dummy, &icmp_statistics[0].dummy, icmp_discard, 0 },
981 { &icmp_statistics[0].IcmpOutAddrMasks, &icmp_statistics[0].IcmpInAddrMasks, icmp_address, 0 },
982 /* ADDR MASK REPLY (18) */
983 { &icmp_statistics[0].IcmpOutAddrMaskReps, &icmp_statistics[0].IcmpInAddrMaskReps, icmp_address_reply, 0 }
986 void __init icmp_init(struct net_proto_family *ops)
990 icmp_inode.i_mode = S_IFSOCK;
991 icmp_inode.i_sock = 1;
992 icmp_inode.i_uid = 0;
993 icmp_inode.i_gid = 0;
994 init_waitqueue_head(&icmp_inode.i_wait);
995 init_waitqueue_head(&icmp_inode.u.socket_i.wait);
997 icmp_socket->inode = &icmp_inode;
998 icmp_socket->state = SS_UNCONNECTED;
999 icmp_socket->type=SOCK_RAW;
1001 if ((err=ops->create(icmp_socket, IPPROTO_ICMP))<0)
1002 panic("Failed to create the ICMP control socket.\n");
1003 icmp_socket->sk->allocation=GFP_ATOMIC;
1004 icmp_socket->sk->sndbuf = SK_WMEM_MAX*2;
1005 icmp_socket->sk->protinfo.af_inet.ttl = MAXTTL;
1006 icmp_socket->sk->protinfo.af_inet.pmtudisc = IP_PMTUDISC_DONT;
1008 /* Unhash it so that IP input processing does not even
1009 * see it, we do not wish this socket to see incoming
1012 icmp_socket->sk->prot->unhash(icmp_socket->sk);
projects / linux-2.4.21-pre4.git / blob