Date: Wed, 12 Dec 2001 10:54:07 -0600 From: "Jim Fleming" <jfleming@anet.com> To: <freebsd-arch@FreeBSD.ORG> Subject: RIFRAF Routing Changes for FreeBSD Message-ID: <041b01c1832d$9e1dbac0$1000a8c0@Unir.com>
next in thread | raw e-mail | index | archive | help
This may help... http://www.dot-biz.com/IPv4/Tutorial/ http://www.RepliGate.net The Netfilter Project: Packet Mangling for Linux 2.4 http://netfilter.samba.org Jim Fleming http://www.IPv8.info IPv16....One Better !! ----- Original Message ----- From: "Charlie Root" <root@IPv8.UNIR.COM> To: <jfleming@anet.com> Sent: Wednesday, December 12, 2001 4:45 AM > diff -c -r /unir/sys/netinet/ip.h netinet/ip.h > *** /unir/sys/netinet/ip.h Wed Dec 22 19:13:20 1999 > --- netinet/ip.h Tue Dec 11 13:59:38 2001 > *************** > *** 43,48 **** > --- 43,53 ---- > */ > #define IPVERSION 4 > > + #define IPXX_V4 4 > + #define IPXX_V5 5 > + #define IPXX_V7 7 > + #define IPXX_V8 8 > + > /* > * Structure of an internet header, naked of options. > */ > *************** > *** 61,73 **** > #endif /* not _IP_VHL */ > u_char ip_tos; /* type of service */ > u_short ip_len; /* total length */ > ! u_short ip_id; /* identification */ > u_short ip_off; /* fragment offset field */ > #define IP_RF 0x8000 /* reserved fragment flag */ > #define IP_DF 0x4000 /* dont fragment flag */ > #define IP_MF 0x2000 /* more fragments flag */ > #define IP_OFFMASK 0x1fff /* mask for fragmenting bits */ > u_char ip_ttl; /* time to live */ > u_char ip_p; /* protocol */ > u_short ip_sum; /* checksum */ > struct in_addr ip_src,ip_dst; /* source and dest address */ > --- 66,89 ---- > #endif /* not _IP_VHL */ > u_char ip_tos; /* type of service */ > u_short ip_len; /* total length */ > ! #define IPXX_UNIRVERSE_DEFAULT 0 /* Default IPv8 UnirVerse Value */ > ! u_char ip_gate; /* UnirVerse/StarGate */ > ! u_char ip_id; /* identification */ > u_short ip_off; /* fragment offset field */ > + #define IPXX_FLAG 0x8000 /* IPvXX flag */ > #define IP_RF 0x8000 /* reserved fragment flag */ > #define IP_DF 0x4000 /* dont fragment flag */ > #define IP_MF 0x2000 /* more fragments flag */ > #define IP_OFFMASK 0x1fff /* mask for fragmenting bits */ > u_char ip_ttl; /* time to live */ > + #define IPXX_GALAXY 033 /* IPv8 Galaxy Value for 3:219 .INFO */ > + #define IPXX_P_MASK 0x3F > + #define IPXX_ICMP_VAL 1 > + #define IPXX_ICMP_FLAG 0x40 > + #define IPXX_TCP_VAL 6 > + #define IPXX_TCP_FLAG 0x80 > + #define IPXX_UDP_VAL 16 > + #define IPXX_UDP_FLAG 0xC0 > u_char ip_p; /* protocol */ > u_short ip_sum; /* checksum */ > struct in_addr ip_src,ip_dst; /* source and dest address */ > diff -c -r /unir/sys/netinet/ip_icmp.c netinet/ip_icmp.c > *** /unir/sys/netinet/ip_icmp.c Tue Jul 3 11:01:46 2001 > --- netinet/ip_icmp.c Tue Dec 11 14:00:00 2001 > *************** > *** 121,132 **** > #endif > > static void icmp_reflect __P((struct mbuf *)); > ! static void icmp_send __P((struct mbuf *, struct mbuf *)); > static int ip_next_mtu __P((int, int)); > > extern struct protosw inetsw[]; > > /* > * Generate an error packet of type error > * in response to bad packet ip. > */ > --- 121,396 ---- > #endif > > static void icmp_reflect __P((struct mbuf *)); > ! static void icmp_send __P((struct mbuf *, struct mbuf *, int)); > static int ip_next_mtu __P((int, int)); > > extern struct protosw inetsw[]; > > /* > + * Table used to reverse the 4-bit source and destination values > + * in the 8-bit TOS field. > + */ > + > + unsigned char reverse_nibbles[256] = { > + /*00*/ 0x00, > + /*01*/ 0x10, > + /*02*/ 0x20, > + /*03*/ 0x30, > + /*04*/ 0x40, > + /*05*/ 0x50, > + /*06*/ 0x60, > + /*07*/ 0x70, > + /*08*/ 0x80, > + /*09*/ 0x90, > + /*0a*/ 0xa0, > + /*0b*/ 0xb0, > + /*0c*/ 0xc0, > + /*0d*/ 0xd0, > + /*0e*/ 0xe0, > + /*0f*/ 0xf0, > + /*10*/ 0x01, > + /*11*/ 0x11, > + /*12*/ 0x21, > + /*13*/ 0x31, > + /*14*/ 0x41, > + /*15*/ 0x51, > + /*16*/ 0x61, > + /*17*/ 0x71, > + /*18*/ 0x81, > + /*19*/ 0x91, > + /*1a*/ 0xa1, > + /*1b*/ 0xb1, > + /*1c*/ 0xc1, > + /*1d*/ 0xd1, > + /*1e*/ 0xe1, > + /*1f*/ 0xf1, > + /*20*/ 0x02, > + /*21*/ 0x12, > + /*22*/ 0x22, > + /*23*/ 0x32, > + /*24*/ 0x42, > + /*25*/ 0x52, > + /*26*/ 0x62, > + /*27*/ 0x72, > + /*28*/ 0x82, > + /*29*/ 0x92, > + /*2a*/ 0xa2, > + /*2b*/ 0xb2, > + /*2c*/ 0xc2, > + /*2d*/ 0xd2, > + /*2e*/ 0xe2, > + /*2f*/ 0xf2, > + /*30*/ 0x03, > + /*31*/ 0x13, > + /*32*/ 0x23, > + /*33*/ 0x33, > + /*34*/ 0x43, > + /*35*/ 0x53, > + /*36*/ 0x63, > + /*37*/ 0x73, > + /*38*/ 0x83, > + /*39*/ 0x93, > + /*3a*/ 0xa3, > + /*3b*/ 0xb3, > + /*3c*/ 0xc3, > + /*3d*/ 0xd3, > + /*3e*/ 0xe3, > + /*3f*/ 0xf3, > + /*40*/ 0x04, > + /*41*/ 0x14, > + /*42*/ 0x24, > + /*43*/ 0x34, > + /*44*/ 0x44, > + /*45*/ 0x54, > + /*46*/ 0x64, > + /*47*/ 0x74, > + /*48*/ 0x84, > + /*49*/ 0x94, > + /*4a*/ 0xa4, > + /*4b*/ 0xb4, > + /*4c*/ 0xc4, > + /*4d*/ 0xd4, > + /*4e*/ 0xe4, > + /*4f*/ 0xf4, > + /*50*/ 0x05, > + /*51*/ 0x15, > + /*52*/ 0x25, > + /*53*/ 0x35, > + /*54*/ 0x45, > + /*55*/ 0x55, > + /*56*/ 0x65, > + /*57*/ 0x75, > + /*58*/ 0x85, > + /*59*/ 0x95, > + /*5a*/ 0xa5, > + /*5b*/ 0xb5, > + /*5c*/ 0xc5, > + /*5d*/ 0xd5, > + /*5e*/ 0xe5, > + /*5f*/ 0xf5, > + /*60*/ 0x06, > + /*61*/ 0x16, > + /*62*/ 0x26, > + /*63*/ 0x36, > + /*64*/ 0x46, > + /*65*/ 0x56, > + /*66*/ 0x66, > + /*67*/ 0x76, > + /*68*/ 0x86, > + /*69*/ 0x96, > + /*6a*/ 0xa6, > + /*6b*/ 0xb6, > + /*6c*/ 0xc6, > + /*6d*/ 0xd6, > + /*6e*/ 0xe6, > + /*6f*/ 0xf6, > + /*70*/ 0x07, > + /*71*/ 0x17, > + /*72*/ 0x27, > + /*73*/ 0x37, > + /*74*/ 0x47, > + /*75*/ 0x57, > + /*76*/ 0x67, > + /*77*/ 0x77, > + /*78*/ 0x87, > + /*79*/ 0x97, > + /*7a*/ 0xa7, > + /*7b*/ 0xb7, > + /*7c*/ 0xc7, > + /*7d*/ 0xd7, > + /*7e*/ 0xe7, > + /*7f*/ 0xf7, > + /*80*/ 0x08, > + /*81*/ 0x18, > + /*82*/ 0x28, > + /*83*/ 0x38, > + /*84*/ 0x48, > + /*85*/ 0x58, > + /*86*/ 0x68, > + /*87*/ 0x78, > + /*88*/ 0x88, > + /*89*/ 0x98, > + /*8a*/ 0xa8, > + /*8b*/ 0xb8, > + /*8c*/ 0xc8, > + /*8d*/ 0xd8, > + /*8e*/ 0xe8, > + /*8f*/ 0xf8, > + /*90*/ 0x09, > + /*91*/ 0x19, > + /*92*/ 0x29, > + /*93*/ 0x39, > + /*94*/ 0x49, > + /*95*/ 0x59, > + /*96*/ 0x69, > + /*97*/ 0x79, > + /*98*/ 0x89, > + /*99*/ 0x99, > + /*9a*/ 0xa9, > + /*9b*/ 0xb9, > + /*9c*/ 0xc9, > + /*9d*/ 0xd9, > + /*9e*/ 0xe9, > + /*9f*/ 0xf9, > + /*a0*/ 0x0a, > + /*a1*/ 0x1a, > + /*a2*/ 0x2a, > + /*a3*/ 0x3a, > + /*a4*/ 0x4a, > + /*a5*/ 0x5a, > + /*a6*/ 0x6a, > + /*a7*/ 0x7a, > + /*a8*/ 0x8a, > + /*a9*/ 0x9a, > + /*aa*/ 0xaa, > + /*ab*/ 0xba, > + /*ac*/ 0xca, > + /*ad*/ 0xda, > + /*ae*/ 0xea, > + /*af*/ 0xfa, > + /*b0*/ 0x0b, > + /*b1*/ 0x1b, > + /*b2*/ 0x2b, > + /*b3*/ 0x3b, > + /*b4*/ 0x4b, > + /*b5*/ 0x5b, > + /*b6*/ 0x6b, > + /*b7*/ 0x7b, > + /*b8*/ 0x8b, > + /*b9*/ 0x9b, > + /*ba*/ 0xab, > + /*bb*/ 0xbb, > + /*bc*/ 0xcb, > + /*bd*/ 0xdb, > + /*be*/ 0xeb, > + /*bf*/ 0xfb, > + /*c0*/ 0x0c, > + /*c1*/ 0x1c, > + /*c2*/ 0x2c, > + /*c3*/ 0x3c, > + /*c4*/ 0x4c, > + /*c5*/ 0x5c, > + /*c6*/ 0x6c, > + /*c7*/ 0x7c, > + /*c8*/ 0x8c, > + /*c9*/ 0x9c, > + /*ca*/ 0xac, > + /*cb*/ 0xbc, > + /*cc*/ 0xcc, > + /*cd*/ 0xdc, > + /*ce*/ 0xec, > + /*cf*/ 0xfc, > + /*d0*/ 0x0d, > + /*d1*/ 0x1d, > + /*d2*/ 0x2d, > + /*d3*/ 0x3d, > + /*d4*/ 0x4d, > + /*d5*/ 0x5d, > + /*d6*/ 0x6d, > + /*d7*/ 0x7d, > + /*d8*/ 0x8d, > + /*d9*/ 0x9d, > + /*da*/ 0xad, > + /*db*/ 0xbd, > + /*dc*/ 0xcd, > + /*dd*/ 0xdd, > + /*de*/ 0xed, > + /*df*/ 0xfd, > + /*e0*/ 0x0e, > + /*e1*/ 0x1e, > + /*e2*/ 0x2e, > + /*e3*/ 0x3e, > + /*e4*/ 0x4e, > + /*e5*/ 0x5e, > + /*e6*/ 0x6e, > + /*e7*/ 0x7e, > + /*e8*/ 0x8e, > + /*e9*/ 0x9e, > + /*ea*/ 0xae, > + /*eb*/ 0xbe, > + /*ec*/ 0xce, > + /*ed*/ 0xde, > + /*ee*/ 0xee, > + /*ef*/ 0xfe, > + /*f0*/ 0x0f, > + /*f1*/ 0x1f, > + /*f2*/ 0x2f, > + /*f3*/ 0x3f, > + /*f4*/ 0x4f, > + /*f5*/ 0x5f, > + /*f6*/ 0x6f, > + /*f7*/ 0x7f, > + /*f8*/ 0x8f, > + /*f9*/ 0x9f, > + /*fa*/ 0xaf, > + /*fb*/ 0xbf, > + /*fc*/ 0xcf, > + /*fd*/ 0xdf, > + /*fe*/ 0xef, > + /*ff*/ 0xff > + }; > + > + /* > * Generate an error packet of type error > * in response to bad packet ip. > */ > *************** > *** 226,232 **** > nip->ip_len = m->m_len; > nip->ip_vhl = IP_VHL_BORING; > nip->ip_p = IPPROTO_ICMP; > ! nip->ip_tos = 0; > icmp_reflect(m); > > freeit: > --- 490,496 ---- > nip->ip_len = m->m_len; > nip->ip_vhl = IP_VHL_BORING; > nip->ip_p = IPPROTO_ICMP; > ! nip->ip_tos = 0x44; /* Network Management Flow */ > icmp_reflect(m); > > freeit: > *************** > *** 610,615 **** > --- 874,880 ---- > struct in_addr t; > struct mbuf *opts = 0; > int optlen = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip); > + int flags = 0; > > if (!in_canforward(ip->ip_src) && > ((ntohl(ip->ip_src.s_addr) & IN_CLASSA_NET) != > *************** > *** 617,622 **** > --- 882,895 ---- > m_freem(m); /* Bad return address */ > goto done; /* Ip_output() will check for broadcast */ > } > + /* Handle IPv8 TOS and UnirVerse fields */ > + if(((ip->ip_tos&0xF0)!=0) && ((ip->ip_tos&0x0F)!=0)){ > + ip->ip_tos = reverse_nibbles[ip->ip_tos]; > + if(ip->ip_gate != IPXX_UNIRVERSE_DEFAULT){ > + ip->ip_gate = reverse_nibbles[ip->ip_gate]; > + flags |= IP_UNIRVERSE_SET; > + } > + } > t = ip->ip_dst; > ip->ip_dst = ip->ip_src; > /* > *************** > *** 719,725 **** > (unsigned)(m->m_len - sizeof(struct ip))); > } > m->m_flags &= ~(M_BCAST|M_MCAST); > ! icmp_send(m, opts); > done: > if (opts) > (void)m_free(opts); > --- 992,998 ---- > (unsigned)(m->m_len - sizeof(struct ip))); > } > m->m_flags &= ~(M_BCAST|M_MCAST); > ! icmp_send(m,opts,flags); > done: > if (opts) > (void)m_free(opts); > *************** > *** 730,738 **** > * after supplying a checksum. > */ > static void > ! icmp_send(m, opts) > register struct mbuf *m; > struct mbuf *opts; > { > register struct ip *ip = mtod(m, struct ip *); > register int hlen; > --- 1003,1012 ---- > * after supplying a checksum. > */ > static void > ! icmp_send(m,opts,flags) > register struct mbuf *m; > struct mbuf *opts; > + int flags; > { > register struct ip *ip = mtod(m, struct ip *); > register int hlen; > *************** > *** 757,763 **** > } > #endif > bzero(&ro, sizeof ro); > ! (void) ip_output(m, opts, &ro, 0, NULL); > if (ro.ro_rt) > RTFREE(ro.ro_rt); > } > --- 1031,1037 ---- > } > #endif > bzero(&ro, sizeof ro); > ! (void) ip_output(m, opts, &ro, flags, NULL); > if (ro.ro_rt) > RTFREE(ro.ro_rt); > } > diff -c -r /unir/sys/netinet/ip_input.c netinet/ip_input.c > *** /unir/sys/netinet/ip_input.c Wed Aug 29 21:41:37 2001 > --- netinet/ip_input.c Wed Dec 12 09:57:20 2001 > *************** > *** 258,266 **** > maxnipq = nmbclusters / 4; > ip_maxfragpackets = nmbclusters / 4; > > - #ifndef RANDOM_IP_ID > ip_id = time_second & 0xffff; > ! #endif > ipintrq.ifq_maxlen = ipqmaxlen; > > register_netisr(NETISR_IP, ipintr); > --- 258,275 ---- > maxnipq = nmbclusters / 4; > ip_maxfragpackets = nmbclusters / 4; > > ip_id = time_second & 0xffff; > ! /* initialize all the StarGate id counters */ > ! for(i=0; i<256; i++){ > ! ip_id_[i] = time_second & 0xffff; > ! } > ! for(i=0; i<65536; i++){ > ! src_gate[i] = 0x00; > ! dst_gate[i] = 0x00; > ! } > ! galaxy_in=0; > ! galaxy_out=0; > ! > ipintrq.ifq_maxlen = ipqmaxlen; > > register_netisr(NETISR_IP, ipintr); > *************** > *** 269,274 **** > --- 278,285 ---- > static struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET }; > static struct route ipforward_rt; > > + extern unsigned char reverse_nibbles[]; > + > /* > * Ip input routine. Checksum and byte swap header. If fragmented > * try to reassemble. Process options. Pass to next level. > *************** > *** 287,292 **** > --- 298,305 ---- > u_int32_t divert_info = 0; /* packet divert/tee info */ > #endif > struct ip_fw_chain *rule = NULL; > + u_int32_t src_addr; > + u_int32_t dst_addr; > > #ifdef IPDIVERT > /* Get and reset firewall cookie */ > *************** > *** 346,351 **** > --- 359,365 ---- > ip = mtod(m, struct ip *); > } > > + > /* 127/8 must not appear on wire - RFC1122 */ > if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET || > (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) { > *************** > *** 402,407 **** > --- 416,483 ---- > if (ipsec_gethist(m, NULL)) > goto pass; > #endif > + > + /* Process IPvXX ICMP++ packets that are special QoS codes */ > + if((ip->ip_p==IPPROTO_ICMP) && (((ip->ip_tos&0xF0)==0)||((ip->ip_tos&0x0F)==0))){ > + src_addr = ntohl(ip->ip_src.s_addr); > + dst_addr = ntohl(ip->ip_dst.s_addr); > + /* QoS(4)=Network Management */ > + switch(ip->ip_tos){ > + case 0x04: > + /* Check for Galaxy PeaceKeeper */ > + /* PPPPPPPP.PPPPPPPP.GGG00000.XXXX0000 */ > + if((src_addr&0x1F0F)==0){ > + dst_gate[src_addr>>16] >>= 4; > + dst_gate[src_addr>>16] |= src_addr&0xF0; > + /* Check for possible new Galaxy setting */ > + if(((src_addr&0x0E00)!=0)&&((src_addr&0xFFFF0000)==(dst_addr&0xFFFF0000))){ > + galaxy_out=(src_addr&0x0E00)>>8; > + log(LOG_WARNING,"Outbound Galactic Routing set to %d\n",galaxy_out); > + } > + else{ > + galaxy_out=0; > + } > + } > + break; > + case 0x40: > + /* Check for Galaxy PeaceKeeper */ > + /* PPPPPPPP.PPPPPPPP.GGG00000.XXXX0000 */ > + if((src_addr&0x1F0F)==0){ > + src_gate[src_addr>>16] >>= 4; > + src_gate[src_addr>>16] |= src_addr&0xF0; > + /* Check for possible new Galaxy setting */ > + if(((src_addr&0x0E00)!=0)&&((src_addr&0xFFFF0000)==(dst_addr&0xFFFF0000))){ > + galaxy_in=(src_addr&0x0E00)>>8; > + log(LOG_WARNING,"Inbound Galactic Routing set to %d\n",galaxy_in); > + } > + else{ > + galaxy_in=0; > + } > + } > + break; > + default: > + log(LOG_WARNING,"Unknown ICMP+ QoS Code from %s\n", > + inet_ntoa(ip->ip_src)); > + } > + } > + /* Process IPvXX-style Packets */ > + if((ip->ip_off&0x8000)!=0){ > + /* Process non-Galaxy 0 Packets */ > + if(((ip->ip_p&0xC0) != 0)&& > + ((ip->ip_p&0x07) != galaxy_in)){ > + printf("Dropped packet not from our galaxy\n"); > + ipstat.ips_badaddr++; > + goto bad; > + } > + else{ > + /* Packet is Galaxy 0, are we ? */ > + if(galaxy_in != 0){ > + printf("Dropped packet not from our galaxy\n"); > + ipstat.ips_badaddr++; > + goto bad; > + } > + } > + } > > /* > * IpHack's section. > diff -c -r /unir/sys/netinet/ip_mroute.c netinet/ip_mroute.c > *** /unir/sys/netinet/ip_mroute.c Thu Jul 19 06:37:26 2001 > --- netinet/ip_mroute.c Tue Dec 11 14:00:20 2001 > *************** > *** 1581,1590 **** > */ > ip_copy = mtod(mb_copy, struct ip *); > *ip_copy = multicast_encap_iphdr; > #ifdef RANDOM_IP_ID > ip_copy->ip_id = ip_randomid(); > #else > ! ip_copy->ip_id = htons(ip_id++); > #endif > ip_copy->ip_len += len; > ip_copy->ip_src = vifp->v_lcl_addr; > --- 1581,1597 ---- > */ > ip_copy = mtod(mb_copy, struct ip *); > *ip_copy = multicast_encap_iphdr; > + ip_copy->ip_gate=0; > #ifdef RANDOM_IP_ID > ip_copy->ip_id = ip_randomid(); > #else > ! if(ip_copy->ip_tos != 0){ > ! ip_copy->ip_id = ip_id_[ip_copy->ip_gate]++; > ! } > ! else{ > ! ip_copy->ip_id = ip_id++; > ! ip_copy->ip_gate = ip_id>>8; > ! } > #endif > ip_copy->ip_len += len; > ip_copy->ip_src = vifp->v_lcl_addr; > diff -c -r /unir/sys/netinet/ip_output.c netinet/ip_output.c > *** /unir/sys/netinet/ip_output.c Thu Jul 19 06:37:26 2001 > --- netinet/ip_output.c Wed Dec 12 10:28:11 2001 > *************** > *** 52,57 **** > --- 52,58 ---- > #include <sys/socket.h> > #include <sys/socketvar.h> > #include <sys/proc.h> > + #include <sys/time.h> > > #include <net/if.h> > #include <net/route.h> > *************** > *** 88,101 **** > #include <netinet/ip_dummynet.h> > #endif > > ! #ifdef IPFIREWALL_FORWARD_DEBUG > ! #define print_ip(a) printf("%ld.%ld.%ld.%ld",(ntohl(a.s_addr)>>24)&0xFF,\ > (ntohl(a.s_addr)>>16)&0xFF,\ > (ntohl(a.s_addr)>>8)&0xFF,\ > (ntohl(a.s_addr))&0xFF); > - #endif > > u_short ip_id; > > static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *)); > static struct ifnet *ip_multicast_if __P((struct in_addr *, int *)); > --- 89,105 ---- > #include <netinet/ip_dummynet.h> > #endif > > ! #define print_ip(a) printf("%ld.%ld.%ld.%ld ",(ntohl(a.s_addr)>>24)&0xFF,\ > (ntohl(a.s_addr)>>16)&0xFF,\ > (ntohl(a.s_addr)>>8)&0xFF,\ > (ntohl(a.s_addr))&0xFF); > > u_short ip_id; > + u_char ip_id_[256]; > + u_char src_gate[65536]; > + u_char dst_gate[65536]; > + u_char galaxy_out; > + u_char galaxy_in; > > static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *)); > static struct ifnet *ip_multicast_if __P((struct in_addr *, int *)); > *************** > *** 127,132 **** > --- 131,137 ---- > int flags; > struct ip_moptions *imo; > { > + struct timeval random_time; > struct ip *ip, *mhip; > struct ifnet *ifp; > struct mbuf *m = m0; > *************** > *** 207,219 **** > /* > * Fill in IP header. > */ > if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) { > ip->ip_vhl = IP_MAKE_VHL(IPVERSION, hlen >> 2); > ip->ip_off &= IP_DF; > #ifdef RANDOM_IP_ID > ip->ip_id = ip_randomid(); > #else > ! ip->ip_id = htons(ip_id++); > #endif > ipstat.ips_localout++; > } else { > --- 212,252 ---- > /* > * Fill in IP header. > */ > + > + /* Set UnirVerse on QoS-agile Packets */ > + if(ip->ip_tos != 0){ > + /* Allow reflectors and forwarders to prevent setting */ > + if((flags & IP_UNIRVERSE_SET) == 0){ > + getmicrotime(&random_time); > + if(random_time.tv_usec&0x01){ > + ip->ip_gate = > + ((src_gate[(ntohl(ip->ip_src.s_addr)>>16)&0xFFFF])&0xF0) | > + (((dst_gate[(ntohl(ip->ip_dst.s_addr)>>16)&0xFFFF])>>4)&0x0F); > + } > + else{ > + ip->ip_gate = > + (((src_gate[(ntohl(ip->ip_src.s_addr)>>16)&0xFFFF])<<4)&0xF0) | > + ((dst_gate[(ntohl(ip->ip_dst.s_addr)>>16)&0xFFFF])&0x0F); > + } > + } > + } > + else{ > + ip->ip_gate = IPXX_UNIRVERSE_DEFAULT; > + } > + /* Set id based on UnirVerse */ > if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) { > ip->ip_vhl = IP_MAKE_VHL(IPVERSION, hlen >> 2); > ip->ip_off &= IP_DF; > #ifdef RANDOM_IP_ID > ip->ip_id = ip_randomid(); > #else > ! if(ip->ip_tos != 0){ > ! ip->ip_id = ip_id_[ip->ip_gate]++; > ! } > ! else{ > ! ip->ip_id = ip_id++; > ! ip->ip_gate = ip_id>>8; > ! } > #endif > ipstat.ips_localout++; > } else { > *************** > *** 431,436 **** > --- 464,470 ---- > } > > sendit: > + > #ifdef IPSEC > /* get SP for this packet */ > if (so == NULL) > diff -c -r /unir/sys/netinet/ip_var.h netinet/ip_var.h > *** /unir/sys/netinet/ip_var.h Thu Jul 19 06:37:26 2001 > --- netinet/ip_var.h Tue Dec 11 14:00:41 2001 > *************** > *** 133,138 **** > --- 133,140 ---- > /* flags passed to ip_output as last parameter */ > #define IP_FORWARDING 0x1 /* most of ip header exists */ > #define IP_RAWOUTPUT 0x2 /* raw ip header exists */ > + #define IP_UNIRVERSE_SET 0x4 /* UnirVerse set in header */ > + > #define IP_ROUTETOIF SO_DONTROUTE /* bypass routing tables */ > #define IP_ALLOWBROADCAST SO_BROADCAST /* can send broadcast packets */ > > *************** > *** 142,150 **** > struct sockopt; > > extern struct ipstat ipstat; > ! #ifndef RANDOM_IP_ID > ! extern u_short ip_id; /* ip packet ctr, for ids */ > ! #endif > extern int ip_defttl; /* default IP ttl */ > extern int ipforwarding; /* ip forwarding */ > extern u_char ip_protox[]; > --- 144,157 ---- > struct sockopt; > > extern struct ipstat ipstat; > ! > ! extern u_short ip_id; /* ip packet ctr, for ids */ > ! extern u_char ip_id_[]; /* id counters for each StarGate */ > ! extern u_char src_gate[]; > ! extern u_char dst_gate[]; > ! extern u_char galaxy_in; > ! extern u_char galaxy_out; > ! > extern int ip_defttl; /* default IP ttl */ > extern int ipforwarding; /* ip forwarding */ > extern u_char ip_protox[]; > diff -c -r /unir/sys/netinet/raw_ip.c netinet/raw_ip.c > *** /unir/sys/netinet/raw_ip.c Sun Jul 29 19:32:40 2001 > --- netinet/raw_ip.c Tue Dec 11 14:01:10 2001 > *************** > *** 239,249 **** > m_freem(m); > return EINVAL; > } > - if (ip->ip_id == 0) > #ifdef RANDOM_IP_ID > ip->ip_id = ip_randomid(); > #else > ! ip->ip_id = htons(ip_id++); > #endif > /* XXX prevent ip_output from overwriting header fields */ > flags |= IP_RAWOUTPUT; > --- 239,259 ---- > m_freem(m); > return EINVAL; > } > #ifdef RANDOM_IP_ID > + if (ip->ip_id == 0){ > ip->ip_id = ip_randomid(); > + } > #else > ! if (ip->ip_id == 0){ > ! if(ip->ip_tos != 0){ > ! ip->ip_id = ip_id_[ip->ip_gate]++; > ! ip->ip_gate = IPXX_UNIRVERSE_DEFAULT; > ! } > ! else{ > ! ip->ip_id = ip_id++; > ! ip->ip_gate = ip_id>>8; > ! } > ! } > #endif > /* XXX prevent ip_output from overwriting header fields */ > flags |= IP_RAWOUTPUT; > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?041b01c1832d$9e1dbac0$1000a8c0>