static const union icmpinfofield icmp_noinfo;
+static const char *sender_name(struct netlink_client *sender /* or NULL */)
+{
+ return sender?sender->name:"(local)";
+}
+
static void netlink_packet_deliver(struct netlink *st,
struct netlink_client *client,
struct buffer_if *buf);
st->outcount++;
}
-/* Deliver a packet. "client" is the _origin_ of the packet, not its
- destination, and is NULL for packets from the host and packets
+/* Deliver a packet. "sender"==NULL for packets from the host and packets
generated internally in secnet. */
static void netlink_packet_deliver(struct netlink *st,
- struct netlink_client *client,
+ struct netlink_client *sender,
struct buffer_if *buf)
{
if (buf->size < (int)sizeof(struct iphdr)) {
Message(M_ERR,"%s: trying to deliver a too-short packet"
- " from %s!\n",st->name, client?client->name:"(local)");
+ " from %s!\n",st->name, sender_name(sender));
BUF_FREE(buf);
return;
}
return;
}
- /* Packets from the host (client==NULL) may always be routed. Packets
+ /* Packets from the host (sender==NULL) may always be routed. Packets
from clients with the allow_route option will also be routed. */
- if (!client || (client && (client->options & OPT_ALLOWROUTE)))
+ if (!sender || (sender && (sender->options & OPT_ALLOWROUTE)))
allow_route=True;
/* If !allow_route, we check the routing table anyway, and if
}
static void netlink_packet_forward(struct netlink *st,
- struct netlink_client *client,
+ struct netlink_client *sender,
struct buffer_if *buf)
{
if (buf->size < (int)sizeof(struct iphdr)) return;
iph->check=0;
iph->check=ip_fast_csum((uint8_t *)iph,iph->ihl);
- netlink_packet_deliver(st,client,buf);
+ netlink_packet_deliver(st,sender,buf);
BUF_ASSERT_FREE(buf);
}
/* Deal with packets addressed explicitly to us */
static void netlink_packet_local(struct netlink *st,
- struct netlink_client *client,
+ struct netlink_client *sender,
struct buffer_if *buf)
{
struct icmphdr *h;
}
h=(struct icmphdr *)buf->start;
- if ((ntohs(h->iph.frag)&(IPHDR_FRAG_OFF|IPHDR_FRAG_MORE))!=0) {
- Message(M_WARNING,"%s: fragmented packet addressed to secnet; "
- "ignoring it\n",st->name);
+ unsigned fraginfo = ntohs(h->iph.frag);
+ if ((fraginfo&(IPHDR_FRAG_OFF|IPHDR_FRAG_MORE))!=0) {
+ if (!(fraginfo & IPHDR_FRAG_OFF))
+ /* report only for first fragment */
+ Message(M_WARNING,"%s: fragmented packet addressed to secnet; "
+ "ignoring it\n",st->name);
BUF_FREE(buf);
return;
}
/* If cid==NULL packet is from host, otherwise cid specifies which tunnel
it came from. */
-static void netlink_incoming(struct netlink *st, struct netlink_client *client,
+static void netlink_incoming(struct netlink *st, struct netlink_client *sender,
struct buffer_if *buf)
{
uint32_t source,dest;
struct iphdr *iph;
char errmsgbuf[50];
- const char *sourcedesc=client?client->name:"host";
+ const char *sourcedesc=sender?sender->name:"host";
BUF_ASSERT_USED(buf);
BUF_FREE(buf);
return;
}
- assert(buf->size >= (int)sizeof(struct icmphdr));
+ assert(buf->size >= (int)sizeof(struct iphdr));
iph=(struct iphdr *)buf->start;
source=ntohl(iph->saddr);
/* Check source. If we don't like the source, there's no point
generating ICMP because we won't know how to get it to the
source of the packet. */
- if (client) {
+ if (sender) {
/* Check that the packet source is appropriate for the tunnel
it came down */
- if (!ipset_contains_addr(client->networks,source)) {
+ if (!ipset_contains_addr(sender->networks,source)) {
string_t s,d;
s=ipaddr_to_string(source);
d=ipaddr_to_string(dest);
Message(M_WARNING,"%s: packet from tunnel %s with bad "
- "source address (s=%s,d=%s)\n",st->name,client->name,s,d);
+ "source address (s=%s,d=%s)\n",st->name,sender->name,s,d);
free(s); free(d);
BUF_FREE(buf);
return;
where it came from. It's up to external software to check
address validity and generate ICMP, etc. */
if (st->ptp) {
- if (client) {
+ if (sender) {
netlink_host_deliver(st,source,dest,buf);
} else {
netlink_client_deliver(st,st->clients,source,dest,buf);
/* st->secnet_address needs checking before matching destination
addresses */
if (dest==st->secnet_address) {
- netlink_packet_local(st,client,buf);
+ netlink_packet_local(st,sender,buf);
BUF_ASSERT_FREE(buf);
return;
}
- netlink_packet_forward(st,client,buf);
+ netlink_packet_forward(st,sender,buf);
BUF_ASSERT_FREE(buf);
}
}
static void netlink_inst_reg(void *sst, netlink_deliver_fn *deliver,
- void *dst)
+ void *dst, uint32_t *localmtu_r)
{
struct netlink_client *c=sst;
+ struct netlink *st=c->nst;
c->deliver=deliver;
c->dst=dst;
+
+ if (localmtu_r)
+ *localmtu_r=st->mtu;
}
static struct flagstr netlink_option_table[]={
~ian / secnet.git / blobdiff