2 * Linux NET3: IP/IP protocol decoder.
4 * Version: $Id: ipip.c,v 1.50 2001/10/02 02:22:36 davem Exp $
7 * Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
10 * Alan Cox : Merged and made usable non modular (its so tiny its silly as
11 * a module taking up 2 pages).
12 * Alan Cox : Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph)
13 * to keep ip_forward happy.
14 * Alan Cox : More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8).
15 * Kai Schulte : Fixed #defines for IP_FIREWALL->FIREWALL
16 * David Woodhouse : Perform some basic ICMP handling.
17 * IPIP Routing without decapsulation.
18 * Carlos Picoto : GRE over IP support
19 * Alexey Kuznetsov: Reworked. Really, now it is truncated version of ipv4/ip_gre.c.
20 * I do not want to merge them together.
22 * This program is free software; you can redistribute it and/or
23 * modify it under the terms of the GNU General Public License
24 * as published by the Free Software Foundation; either version
25 * 2 of the License, or (at your option) any later version.
29 /* tunnel.c: an IP tunnel driver
31 The purpose of this driver is to provide an IP tunnel through
32 which you can tunnel network traffic transparently across subnets.
34 This was written by looking at Nick Holloway's dummy driver
35 Thanks for the great code!
37 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
40 Cleaned up the code a little and added some pre-1.3.0 tweaks.
41 dev->hard_header/hard_header_len changed to use no headers.
42 Comments/bracketing tweaked.
43 Made the tunnels use dev->name not tunnel: when error reporting.
46 -Alan Cox (Alan.Cox@linux.org) 21 March 95
49 Changed to tunnel to destination gateway in addition to the
50 tunnel's pointopoint address
51 Almost completely rewritten
52 Note: There is currently no firewall or ICMP handling done.
54 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/13/96
58 /* Things I wish I had known when writing the tunnel driver:
60 When the tunnel_xmit() function is called, the skb contains the
61 packet to be sent (plus a great deal of extra info), and dev
62 contains the tunnel device that _we_ are.
64 When we are passed a packet, we are expected to fill in the
65 source address with our source IP address.
67 What is the proper way to allocate, copy and free a buffer?
68 After you allocate it, it is a "0 length" chunk of memory
69 starting at zero. If you want to add headers to the buffer
70 later, you'll have to call "skb_reserve(skb, amount)" with
71 the amount of memory you want reserved. Then, you call
72 "skb_put(skb, amount)" with the amount of space you want in
73 the buffer. skb_put() returns a pointer to the top (#0) of
74 that buffer. skb->len is set to the amount of space you have
75 "allocated" with skb_put(). You can then write up to skb->len
76 bytes to that buffer. If you need more, you can call skb_put()
77 again with the additional amount of space you need. You can
78 find out how much more space you can allocate by calling
80 Now, to add header space, call "skb_push(skb, header_len)".
81 This creates space at the beginning of the buffer and returns
82 a pointer to this new space. If later you need to strip a
83 header from a buffer, call "skb_pull(skb, header_len)".
84 skb_headroom() will return how much space is left at the top
85 of the buffer (before the main data). Remember, this headroom
86 space must be reserved before the skb_put() function is called.
90 This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c
92 For comments look at net/ipv4/ip_gre.c --ANK
96 #include <linux/config.h>
97 #include <linux/module.h>
98 #include <linux/types.h>
99 #include <linux/sched.h>
100 #include <linux/kernel.h>
101 #include <asm/uaccess.h>
102 #include <linux/skbuff.h>
103 #include <linux/netdevice.h>
104 #include <linux/in.h>
105 #include <linux/tcp.h>
106 #include <linux/udp.h>
107 #include <linux/if_arp.h>
108 #include <linux/mroute.h>
109 #include <linux/init.h>
110 #include <linux/netfilter_ipv4.h>
112 #include <net/sock.h>
114 #include <net/icmp.h>
115 #include <net/protocol.h>
116 #include <net/ipip.h>
117 #include <net/inet_ecn.h>
120 #define HASH(addr) ((addr^(addr>>4))&0xF)
122 static int ipip_fb_tunnel_init(struct net_device *dev);
123 static int ipip_tunnel_init(struct net_device *dev);
125 static struct net_device ipip_fb_tunnel_dev = {
127 init: ipip_fb_tunnel_init,
130 static struct ip_tunnel ipip_fb_tunnel = {
131 dev: &ipip_fb_tunnel_dev,
132 parms: { name: "tunl0", }
135 static struct ip_tunnel *tunnels_r_l[HASH_SIZE];
136 static struct ip_tunnel *tunnels_r[HASH_SIZE];
137 static struct ip_tunnel *tunnels_l[HASH_SIZE];
138 static struct ip_tunnel *tunnels_wc[1];
139 static struct ip_tunnel **tunnels[4] = { tunnels_wc, tunnels_l, tunnels_r, tunnels_r_l };
141 static rwlock_t ipip_lock = RW_LOCK_UNLOCKED;
143 static struct ip_tunnel * ipip_tunnel_lookup(u32 remote, u32 local)
145 unsigned h0 = HASH(remote);
146 unsigned h1 = HASH(local);
149 for (t = tunnels_r_l[h0^h1]; t; t = t->next) {
150 if (local == t->parms.iph.saddr &&
151 remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
154 for (t = tunnels_r[h0]; t; t = t->next) {
155 if (remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
158 for (t = tunnels_l[h1]; t; t = t->next) {
159 if (local == t->parms.iph.saddr && (t->dev->flags&IFF_UP))
162 if ((t = tunnels_wc[0]) != NULL && (t->dev->flags&IFF_UP))
167 static struct ip_tunnel **ipip_bucket(struct ip_tunnel *t)
169 u32 remote = t->parms.iph.daddr;
170 u32 local = t->parms.iph.saddr;
182 return &tunnels[prio][h];
186 static void ipip_tunnel_unlink(struct ip_tunnel *t)
188 struct ip_tunnel **tp;
190 for (tp = ipip_bucket(t); *tp; tp = &(*tp)->next) {
192 write_lock_bh(&ipip_lock);
194 write_unlock_bh(&ipip_lock);
200 static void ipip_tunnel_link(struct ip_tunnel *t)
202 struct ip_tunnel **tp = ipip_bucket(t);
205 write_lock_bh(&ipip_lock);
207 write_unlock_bh(&ipip_lock);
210 struct ip_tunnel * ipip_tunnel_locate(struct ip_tunnel_parm *parms, int create)
212 u32 remote = parms->iph.daddr;
213 u32 local = parms->iph.saddr;
214 struct ip_tunnel *t, **tp, *nt;
215 struct net_device *dev;
227 for (tp = &tunnels[prio][h]; (t = *tp) != NULL; tp = &t->next) {
228 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr)
235 dev = kmalloc(sizeof(*dev) + sizeof(*t), GFP_KERNEL);
240 memset(dev, 0, sizeof(*dev) + sizeof(*t));
241 dev->priv = (void*)(dev+1);
242 nt = (struct ip_tunnel*)dev->priv;
244 dev->init = ipip_tunnel_init;
245 dev->features |= NETIF_F_DYNALLOC;
246 memcpy(&nt->parms, parms, sizeof(*parms));
247 nt->parms.name[IFNAMSIZ-1] = '\0';
248 strcpy(dev->name, nt->parms.name);
249 if (dev->name[0] == 0) {
251 for (i=1; i<100; i++) {
252 sprintf(dev->name, "tunl%d", i);
253 if (__dev_get_by_name(dev->name) == NULL)
258 memcpy(nt->parms.name, dev->name, IFNAMSIZ);
260 if (register_netdevice(dev) < 0)
264 ipip_tunnel_link(nt);
265 /* Do not decrement MOD_USE_COUNT here. */
274 static void ipip_tunnel_destructor(struct net_device *dev)
276 if (dev != &ipip_fb_tunnel_dev) {
281 static void ipip_tunnel_uninit(struct net_device *dev)
283 if (dev == &ipip_fb_tunnel_dev) {
284 write_lock_bh(&ipip_lock);
285 tunnels_wc[0] = NULL;
286 write_unlock_bh(&ipip_lock);
288 ipip_tunnel_unlink((struct ip_tunnel*)dev->priv);
292 void ipip_err(struct sk_buff *skb, u32 info)
294 #ifndef I_WISH_WORLD_WERE_PERFECT
296 /* It is not :-( All the routers (except for Linux) return only
297 8 bytes of packet payload. It means, that precise relaying of
298 ICMP in the real Internet is absolutely infeasible.
300 struct iphdr *iph = (struct iphdr*)skb->data;
301 int type = skb->h.icmph->type;
302 int code = skb->h.icmph->code;
307 case ICMP_PARAMETERPROB:
310 case ICMP_DEST_UNREACH:
313 case ICMP_PORT_UNREACH:
314 /* Impossible event. */
316 case ICMP_FRAG_NEEDED:
317 /* Soft state for pmtu is maintained by IP core. */
320 /* All others are translated to HOST_UNREACH.
321 rfc2003 contains "deep thoughts" about NET_UNREACH,
322 I believe they are just ether pollution. --ANK
327 case ICMP_TIME_EXCEEDED:
328 if (code != ICMP_EXC_TTL)
333 read_lock(&ipip_lock);
334 t = ipip_tunnel_lookup(iph->daddr, iph->saddr);
335 if (t == NULL || t->parms.iph.daddr == 0)
337 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
340 if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO)
344 t->err_time = jiffies;
346 read_unlock(&ipip_lock);
349 struct iphdr *iph = (struct iphdr*)dp;
350 int hlen = iph->ihl<<2;
352 int type = skb->h.icmph->type;
353 int code = skb->h.icmph->code;
357 struct sk_buff *skb2;
360 if (len < hlen + sizeof(struct iphdr))
362 eiph = (struct iphdr*)(dp + hlen);
367 case ICMP_PARAMETERPROB:
368 if (skb->h.icmph->un.gateway < hlen)
371 /* So... This guy found something strange INSIDE encapsulated
372 packet. Well, he is fool, but what can we do ?
374 rel_type = ICMP_PARAMETERPROB;
375 rel_info = skb->h.icmph->un.gateway - hlen;
378 case ICMP_DEST_UNREACH:
381 case ICMP_PORT_UNREACH:
382 /* Impossible event. */
384 case ICMP_FRAG_NEEDED:
385 /* And it is the only really necesary thing :-) */
386 rel_info = ntohs(skb->h.icmph->un.frag.mtu);
387 if (rel_info < hlen+68)
390 /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */
391 if (rel_info > ntohs(eiph->tot_len))
395 /* All others are translated to HOST_UNREACH.
396 rfc2003 contains "deep thoughts" about NET_UNREACH,
397 I believe, it is just ether pollution. --ANK
399 rel_type = ICMP_DEST_UNREACH;
400 rel_code = ICMP_HOST_UNREACH;
404 case ICMP_TIME_EXCEEDED:
405 if (code != ICMP_EXC_TTL)
410 /* Prepare fake skb to feed it to icmp_send */
411 skb2 = skb_clone(skb, GFP_ATOMIC);
414 dst_release(skb2->dst);
416 skb_pull(skb2, skb->data - (u8*)eiph);
417 skb2->nh.raw = skb2->data;
419 /* Try to guess incoming interface */
420 if (ip_route_output(&rt, eiph->saddr, 0, RT_TOS(eiph->tos), 0)) {
424 skb2->dev = rt->u.dst.dev;
426 /* route "incoming" packet */
427 if (rt->rt_flags&RTCF_LOCAL) {
430 if (ip_route_output(&rt, eiph->daddr, eiph->saddr, eiph->tos, 0) ||
431 rt->u.dst.dev->type != ARPHRD_IPGRE) {
438 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) ||
439 skb2->dst->dev->type != ARPHRD_IPGRE) {
445 /* change mtu on this route */
446 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
447 if (rel_info > skb2->dst->pmtu) {
451 skb2->dst->pmtu = rel_info;
452 rel_info = htonl(rel_info);
453 } else if (type == ICMP_TIME_EXCEEDED) {
454 struct ip_tunnel *t = (struct ip_tunnel*)skb2->dev->priv;
455 if (t->parms.iph.ttl) {
456 rel_type = ICMP_DEST_UNREACH;
457 rel_code = ICMP_HOST_UNREACH;
461 icmp_send(skb2, rel_type, rel_code, rel_info);
467 static inline void ipip_ecn_decapsulate(struct iphdr *outer_iph, struct sk_buff *skb)
469 struct iphdr *inner_iph = skb->nh.iph;
471 if (INET_ECN_is_ce(outer_iph->tos) &&
472 INET_ECN_is_not_ce(inner_iph->tos))
473 IP_ECN_set_ce(inner_iph);
476 int ipip_rcv(struct sk_buff *skb)
479 struct ip_tunnel *tunnel;
481 if (!pskb_may_pull(skb, sizeof(struct iphdr)))
485 skb->mac.raw = skb->nh.raw;
486 skb->nh.raw = skb->data;
487 memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
488 skb->protocol = htons(ETH_P_IP);
489 skb->pkt_type = PACKET_HOST;
491 read_lock(&ipip_lock);
492 if ((tunnel = ipip_tunnel_lookup(iph->saddr, iph->daddr)) != NULL) {
493 tunnel->stat.rx_packets++;
494 tunnel->stat.rx_bytes += skb->len;
495 skb->dev = tunnel->dev;
496 dst_release(skb->dst);
499 ipip_ecn_decapsulate(iph, skb);
501 read_unlock(&ipip_lock);
504 read_unlock(&ipip_lock);
506 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, 0);
512 /* Need this wrapper because NF_HOOK takes the function address */
513 static inline int do_ip_send(struct sk_buff *skb)
519 * This function assumes it is being called from dev_queue_xmit()
520 * and that skb is filled properly by that function.
523 static int ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
525 struct ip_tunnel *tunnel = (struct ip_tunnel*)dev->priv;
526 struct net_device_stats *stats = &tunnel->stat;
527 struct iphdr *tiph = &tunnel->parms.iph;
528 u8 tos = tunnel->parms.iph.tos;
529 u16 df = tiph->frag_off;
530 struct rtable *rt; /* Route to the other host */
531 struct net_device *tdev; /* Device to other host */
532 struct iphdr *old_iph = skb->nh.iph;
533 struct iphdr *iph; /* Our new IP header */
534 int max_headroom; /* The extra header space needed */
535 u32 dst = tiph->daddr;
538 if (tunnel->recursion++) {
539 tunnel->stat.collisions++;
543 if (skb->protocol != htons(ETH_P_IP))
551 if ((rt = (struct rtable*)skb->dst) == NULL) {
552 tunnel->stat.tx_fifo_errors++;
555 if ((dst = rt->rt_gateway) == 0)
559 if (ip_route_output(&rt, dst, tiph->saddr, RT_TOS(tos), tunnel->parms.link)) {
560 tunnel->stat.tx_carrier_errors++;
563 tdev = rt->u.dst.dev;
567 tunnel->stat.collisions++;
572 mtu = rt->u.dst.pmtu - sizeof(struct iphdr);
574 mtu = skb->dst ? skb->dst->pmtu : dev->mtu;
577 tunnel->stat.collisions++;
581 if (skb->dst && mtu < skb->dst->pmtu)
582 skb->dst->pmtu = mtu;
584 df |= (old_iph->frag_off&htons(IP_DF));
586 if ((old_iph->frag_off&htons(IP_DF)) && mtu < ntohs(old_iph->tot_len)) {
587 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
592 if (tunnel->err_count > 0) {
593 if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) {
595 dst_link_failure(skb);
597 tunnel->err_count = 0;
601 * Okay, now see if we can stuff it in the buffer as-is.
603 max_headroom = (((tdev->hard_header_len+15)&~15)+sizeof(struct iphdr));
605 if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) {
606 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
615 skb_set_owner_w(new_skb, skb->sk);
618 old_iph = skb->nh.iph;
621 skb->h.raw = skb->nh.raw;
622 skb->nh.raw = skb_push(skb, sizeof(struct iphdr));
623 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
624 dst_release(skb->dst);
625 skb->dst = &rt->u.dst;
628 * Push down and install the IPIP header.
633 iph->ihl = sizeof(struct iphdr)>>2;
635 iph->protocol = IPPROTO_IPIP;
636 iph->tos = INET_ECN_encapsulate(tos, old_iph->tos);
637 iph->daddr = rt->rt_dst;
638 iph->saddr = rt->rt_src;
640 if ((iph->ttl = tiph->ttl) == 0)
641 iph->ttl = old_iph->ttl;
650 dst_link_failure(skb);
659 ipip_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
662 struct ip_tunnel_parm p;
670 if (dev == &ipip_fb_tunnel_dev) {
671 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
675 t = ipip_tunnel_locate(&p, 0);
678 t = (struct ip_tunnel*)dev->priv;
679 memcpy(&p, &t->parms, sizeof(p));
680 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
687 if (!capable(CAP_NET_ADMIN))
691 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
695 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP ||
696 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)))
699 p.iph.frag_off |= htons(IP_DF);
701 t = ipip_tunnel_locate(&p, cmd == SIOCADDTUNNEL);
703 if (dev != &ipip_fb_tunnel_dev && cmd == SIOCCHGTUNNEL &&
704 t != &ipip_fb_tunnel) {
711 if (((dev->flags&IFF_POINTOPOINT) && !p.iph.daddr) ||
712 (!(dev->flags&IFF_POINTOPOINT) && p.iph.daddr)) {
716 t = (struct ip_tunnel*)dev->priv;
717 ipip_tunnel_unlink(t);
718 t->parms.iph.saddr = p.iph.saddr;
719 t->parms.iph.daddr = p.iph.daddr;
720 memcpy(dev->dev_addr, &p.iph.saddr, 4);
721 memcpy(dev->broadcast, &p.iph.daddr, 4);
723 netdev_state_change(dev);
729 if (cmd == SIOCCHGTUNNEL) {
730 t->parms.iph.ttl = p.iph.ttl;
731 t->parms.iph.tos = p.iph.tos;
732 t->parms.iph.frag_off = p.iph.frag_off;
734 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
737 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
742 if (!capable(CAP_NET_ADMIN))
745 if (dev == &ipip_fb_tunnel_dev) {
747 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
750 if ((t = ipip_tunnel_locate(&p, 0)) == NULL)
753 if (t == &ipip_fb_tunnel)
757 err = unregister_netdevice(dev);
769 static struct net_device_stats *ipip_tunnel_get_stats(struct net_device *dev)
771 return &(((struct ip_tunnel*)dev->priv)->stat);
774 static int ipip_tunnel_change_mtu(struct net_device *dev, int new_mtu)
776 if (new_mtu < 68 || new_mtu > 0xFFF8 - sizeof(struct iphdr))
782 static void ipip_tunnel_init_gen(struct net_device *dev)
784 struct ip_tunnel *t = (struct ip_tunnel*)dev->priv;
786 dev->uninit = ipip_tunnel_uninit;
787 dev->destructor = ipip_tunnel_destructor;
788 dev->hard_start_xmit = ipip_tunnel_xmit;
789 dev->get_stats = ipip_tunnel_get_stats;
790 dev->do_ioctl = ipip_tunnel_ioctl;
791 dev->change_mtu = ipip_tunnel_change_mtu;
793 dev->type = ARPHRD_TUNNEL;
794 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr);
795 dev->mtu = 1500 - sizeof(struct iphdr);
796 dev->flags = IFF_NOARP;
799 memcpy(dev->dev_addr, &t->parms.iph.saddr, 4);
800 memcpy(dev->broadcast, &t->parms.iph.daddr, 4);
803 static int ipip_tunnel_init(struct net_device *dev)
805 struct net_device *tdev = NULL;
806 struct ip_tunnel *tunnel;
809 tunnel = (struct ip_tunnel*)dev->priv;
810 iph = &tunnel->parms.iph;
812 ipip_tunnel_init_gen(dev);
816 if (!ip_route_output(&rt, iph->daddr, iph->saddr, RT_TOS(iph->tos), tunnel->parms.link)) {
817 tdev = rt->u.dst.dev;
820 dev->flags |= IFF_POINTOPOINT;
823 if (!tdev && tunnel->parms.link)
824 tdev = __dev_get_by_index(tunnel->parms.link);
827 dev->hard_header_len = tdev->hard_header_len + sizeof(struct iphdr);
828 dev->mtu = tdev->mtu - sizeof(struct iphdr);
830 dev->iflink = tunnel->parms.link;
836 static int ipip_fb_tunnel_open(struct net_device *dev)
842 static int ipip_fb_tunnel_close(struct net_device *dev)
849 int __init ipip_fb_tunnel_init(struct net_device *dev)
853 ipip_tunnel_init_gen(dev);
855 dev->open = ipip_fb_tunnel_open;
856 dev->stop = ipip_fb_tunnel_close;
859 iph = &ipip_fb_tunnel.parms.iph;
861 iph->protocol = IPPROTO_IPIP;
865 tunnels_wc[0] = &ipip_fb_tunnel;
869 static struct inet_protocol ipip_protocol = {
871 err_handler: ipip_err,
872 protocol: IPPROTO_IPIP,
876 static char banner[] __initdata =
877 KERN_INFO "IPv4 over IPv4 tunneling driver\n";
879 int __init ipip_init(void)
883 ipip_fb_tunnel_dev.priv = (void*)&ipip_fb_tunnel;
884 register_netdev(&ipip_fb_tunnel_dev);
885 inet_add_protocol(&ipip_protocol);
889 static void __exit ipip_fini(void)
891 if ( inet_del_protocol(&ipip_protocol) < 0 )
892 printk(KERN_INFO "ipip close: can't remove protocol\n");
894 unregister_netdev(&ipip_fb_tunnel_dev);
898 module_init(ipip_init);
900 module_exit(ipip_fini);
901 MODULE_LICENSE("GPL");