diff options
author | Gleb Smirnoff <glebius@FreeBSD.org> | 2012-10-06 10:02:11 +0000 |
---|---|---|
committer | Gleb Smirnoff <glebius@FreeBSD.org> | 2012-10-06 10:02:11 +0000 |
commit | 21d172a3f17d63c16991f0313fe5de2353043d5b (patch) | |
tree | 889546ddb486b4afbf10cf3344d3d84a4620dcb4 /sys/netinet/ip_fastfwd.c | |
parent | ea2951beedb7ea869cc7e602d1d8474dfcccd1dd (diff) | |
download | src-21d172a3f17d63c16991f0313fe5de2353043d5b.tar.gz src-21d172a3f17d63c16991f0313fe5de2353043d5b.zip |
A step in resolving mess with byte ordering for AF_INET. After this change:
- All packets in NETISR_IP queue are in net byte order.
- ip_input() is entered in net byte order and converts packet
to host byte order right _after_ processing pfil(9) hooks.
- ip_output() is entered in host byte order and converts packet
to net byte order right _before_ processing pfil(9) hooks.
- ip_fragment() accepts and emits packet in net byte order.
- ip_forward(), ip_mloopback() use host byte order (untouched actually).
- ip_fastforward() no longer modifies packet at all (except ip_ttl).
- Swapping of byte order there and back removed from the following modules:
pf(4), ipfw(4), enc(4), if_bridge(4).
- Swapping of byte order added to ipfilter(4), based on __FreeBSD_version
- __FreeBSD_version bumped.
- pfil(9) manual page updated.
Reviewed by: ray, luigi, eri, melifaro
Tested by: glebius (LE), ray (BE)
Notes
Notes:
svn path=/head/; revision=241245
Diffstat (limited to 'sys/netinet/ip_fastfwd.c')
-rw-r--r-- | sys/netinet/ip_fastfwd.c | 29 |
1 files changed, 7 insertions, 22 deletions
diff --git a/sys/netinet/ip_fastfwd.c b/sys/netinet/ip_fastfwd.c index a1adb85f0968..0eaaafe871a7 100644 --- a/sys/netinet/ip_fastfwd.c +++ b/sys/netinet/ip_fastfwd.c @@ -164,7 +164,7 @@ ip_fastforward(struct mbuf *m) struct sockaddr_in *dst = NULL; struct ifnet *ifp; struct in_addr odest, dest; - u_short sum, ip_len; + uint16_t sum, ip_len, ip_off; int error = 0; int hlen, mtu; #ifdef IPFIREWALL_FORWARD @@ -340,12 +340,6 @@ ip_fastforward(struct mbuf *m) * Step 3: incoming packet firewall processing */ - /* - * Convert to host representation - */ - ip->ip_len = ntohs(ip->ip_len); - ip->ip_off = ntohs(ip->ip_off); - odest.s_addr = dest.s_addr = ip->ip_dst.s_addr; /* @@ -472,8 +466,6 @@ passin: forwardlocal: /* * Return packet for processing by ip_input(). - * Keep host byte order as expected at ip_input's - * "ours"-label. */ m->m_flags |= M_FASTFWD_OURS; if (ro.ro_rt) @@ -500,6 +492,8 @@ passout: /* * Step 6: send off the packet */ + ip_len = ntohs(ip->ip_len); + ip_off = ntohs(ip->ip_off); /* * Check if route is dampned (when ARP is unable to resolve) @@ -515,7 +509,7 @@ passout: /* * Check if there is enough space in the interface queue */ - if ((ifp->if_snd.ifq_len + ip->ip_len / ifp->if_mtu + 1) >= + if ((ifp->if_snd.ifq_len + ip_len / ifp->if_mtu + 1) >= ifp->if_snd.ifq_maxlen) { IPSTAT_INC(ips_odropped); /* would send source quench here but that is depreciated */ @@ -539,13 +533,8 @@ passout: else mtu = ifp->if_mtu; - if (ip->ip_len <= mtu || - (ifp->if_hwassist & CSUM_FRAGMENT && (ip->ip_off & IP_DF) == 0)) { - /* - * Restore packet header fields to original values - */ - ip->ip_len = htons(ip->ip_len); - ip->ip_off = htons(ip->ip_off); + if (ip_len <= mtu || + (ifp->if_hwassist & CSUM_FRAGMENT && (ip_off & IP_DF) == 0)) { /* * Send off the packet via outgoing interface */ @@ -555,7 +544,7 @@ passout: /* * Handle EMSGSIZE with icmp reply needfrag for TCP MTU discovery */ - if (ip->ip_off & IP_DF) { + if (ip_off & IP_DF) { IPSTAT_INC(ips_cantfrag); icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_NEEDFRAG, 0, mtu); @@ -565,10 +554,6 @@ passout: * We have to fragment the packet */ m->m_pkthdr.csum_flags |= CSUM_IP; - /* - * ip_fragment expects ip_len and ip_off in host byte - * order but returns all packets in network byte order - */ if (ip_fragment(ip, &m, mtu, ifp->if_hwassist, (~ifp->if_hwassist & CSUM_DELAY_IP))) { goto drop; |