Date: Wed, 12 Dec 2001 13:14:55 -0600 From: "Jim Fleming" <jfleming@anet.com> To: "Julian Elischer" <julian@elischer.org> Cc: "Jordan Hubbard" <jkh@winston.freebsd.org>, "Andre Oppermann" <oppermann@pipeline.ch>, <freebsd-arch@FreeBSD.ORG> Subject: Re: RIFRAF Routing Changes for FreeBSD Message-ID: <061501c18341$49f6aba0$1000a8c0@Unir.com> References: <Pine.BSF.4.21.0112121044560.5654-100000@InterJet.elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > + /* Check for possible new Galaxy setting */
> > + if(((src_addr&0x0E00)!=0)&&((src_addr&0xFFFF0000)==(dst_addr&0xFFFF0000))){
> > + galaxy_in=(src_addr&0x0E00)>>8;
E000 in both cases....not 0E00
----- Original Message -----
From: "Julian Elischer" <julian@elischer.org>
To: "Jim Fleming" <jfleming@anet.com>
Cc: "Jordan Hubbard" <jkh@winston.freebsd.org>; "Andre Oppermann" <oppermann@pipeline.ch>; <freebsd-arch@FreeBSD.ORG>
Sent: Wednesday, December 12, 2001 12:45 PM
Subject: Re: RIFRAF Routing Changes for FreeBSD
> Now it belongs in freebsd-net :-)
>
>
> On Wed, 12 Dec 2001, Jim Fleming wrote:
>
> >
> > ----- Original Message -----
> > From: "Jordan Hubbard" <jkh@winston.freebsd.org>
> > To: "Jim Fleming" <jfleming@anet.com>
> > Cc: "Andre Oppermann" <oppermann@pipeline.ch>; <freebsd-arch@FreeBSD.ORG>
> > Sent: Wednesday, December 12, 2001 11:39 AM
> > Subject: Re: RIFRAF Routing Changes for FreeBSD
> >
> >
> > > > It all boils down to fairness.
> > > > Which list do you think is more fair ?
> > >
> > > I think it boils down to something simpler than that: What does this
> > > have to do with FreeBSD?
> > >
> > > The freebsd-arch list isn't for general discussion about things which
> > > _might_ be relevant to FreeBSD users, such as potentially interesting
> > > 3rd-party technologies or a great sale on hardware at Fred's PC Shack
> > > this week. This list is for discussing proposed changes to FreeBSD,
> > > ideally with sample code (which is applicable and ported to FreeBSD)
> > > attached. That's all there is to it. If you want to discuss more
> > > speculative or contraversial issues, freebsd-chat is the right mailing
> > > list for that kind of thing.
> > >
> > > - Jordan
> > >
> > This may help...
> > http://www.dot-biz.com/IPv4/Tutorial/
> > http://www.RepliGate.net
> >
> > The Netfilter Project: Packet Mangling for Linux 2.4
> > http://netfilter.samba.org
> >
> > Jim Fleming
> > http://www.IPv8.info
> > IPv16....One Better !!
> >
> > ----- Original Message -----
> > From: "Charlie Root" <root@IPv8.UNIR.COM>
> > To: <jfleming@anet.com>
> > Sent: Wednesday, December 12, 2001 4:45 AM
> >
> >
> > > diff -c -r /unir/sys/netinet/ip.h netinet/ip.h
> > > *** /unir/sys/netinet/ip.h Wed Dec 22 19:13:20 1999
> > > --- netinet/ip.h Tue Dec 11 13:59:38 2001
> > > ***************
> > > *** 43,48 ****
> > > --- 43,53 ----
> > > */
> > > #define IPVERSION 4
> > >
> > > + #define IPXX_V4 4
> > > + #define IPXX_V5 5
> > > + #define IPXX_V7 7
> > > + #define IPXX_V8 8
> > > +
> > > /*
> > > * Structure of an internet header, naked of options.
> > > */
> > > ***************
> > > *** 61,73 ****
> > > #endif /* not _IP_VHL */
> > > u_char ip_tos; /* type of service */
> > > u_short ip_len; /* total length */
> > > ! u_short ip_id; /* identification */
> > > u_short ip_off; /* fragment offset field */
> > > #define IP_RF 0x8000 /* reserved fragment flag */
> > > #define IP_DF 0x4000 /* dont fragment flag */
> > > #define IP_MF 0x2000 /* more fragments flag */
> > > #define IP_OFFMASK 0x1fff /* mask for fragmenting bits */
> > > u_char ip_ttl; /* time to live */
> > > u_char ip_p; /* protocol */
> > > u_short ip_sum; /* checksum */
> > > struct in_addr ip_src,ip_dst; /* source and dest address */
> > > --- 66,89 ----
> > > #endif /* not _IP_VHL */
> > > u_char ip_tos; /* type of service */
> > > u_short ip_len; /* total length */
> > > ! #define IPXX_UNIRVERSE_DEFAULT 0 /* Default IPv8 UnirVerse Value */
> > > ! u_char ip_gate; /* UnirVerse/StarGate */
> > > ! u_char ip_id; /* identification */
> > > u_short ip_off; /* fragment offset field */
> > > + #define IPXX_FLAG 0x8000 /* IPvXX flag */
> > > #define IP_RF 0x8000 /* reserved fragment flag */
> > > #define IP_DF 0x4000 /* dont fragment flag */
> > > #define IP_MF 0x2000 /* more fragments flag */
> > > #define IP_OFFMASK 0x1fff /* mask for fragmenting bits */
> > > u_char ip_ttl; /* time to live */
> > > + #define IPXX_GALAXY 033 /* IPv8 Galaxy Value for 3:219 .INFO */
> > > + #define IPXX_P_MASK 0x3F
> > > + #define IPXX_ICMP_VAL 1
> > > + #define IPXX_ICMP_FLAG 0x40
> > > + #define IPXX_TCP_VAL 6
> > > + #define IPXX_TCP_FLAG 0x80
> > > + #define IPXX_UDP_VAL 16
> > > + #define IPXX_UDP_FLAG 0xC0
> > > u_char ip_p; /* protocol */
> > > u_short ip_sum; /* checksum */
> > > struct in_addr ip_src,ip_dst; /* source and dest address */
> > > diff -c -r /unir/sys/netinet/ip_icmp.c netinet/ip_icmp.c
> > > *** /unir/sys/netinet/ip_icmp.c Tue Jul 3 11:01:46 2001
> > > --- netinet/ip_icmp.c Tue Dec 11 14:00:00 2001
> > > ***************
> > > *** 121,132 ****
> > > #endif
> > >
> > > static void icmp_reflect __P((struct mbuf *));
> > > ! static void icmp_send __P((struct mbuf *, struct mbuf *));
> > > static int ip_next_mtu __P((int, int));
> > >
> > > extern struct protosw inetsw[];
> > >
> > > /*
> > > * Generate an error packet of type error
> > > * in response to bad packet ip.
> > > */
> > > --- 121,396 ----
> > > #endif
> > >
> > > static void icmp_reflect __P((struct mbuf *));
> > > ! static void icmp_send __P((struct mbuf *, struct mbuf *, int));
> > > static int ip_next_mtu __P((int, int));
> > >
> > > extern struct protosw inetsw[];
> > >
> > > /*
> > > + * Table used to reverse the 4-bit source and destination values
> > > + * in the 8-bit TOS field.
> > > + */
> > > +
> > > + unsigned char reverse_nibbles[256] = {
> > > + /*00*/ 0x00,
> > > + /*01*/ 0x10,
> > > + /*02*/ 0x20,
> > > + /*03*/ 0x30,
> > > + /*04*/ 0x40,
> > > + /*05*/ 0x50,
> > > + /*06*/ 0x60,
> > > + /*07*/ 0x70,
> > > + /*08*/ 0x80,
> > > + /*09*/ 0x90,
> > > + /*0a*/ 0xa0,
> > > + /*0b*/ 0xb0,
> > > + /*0c*/ 0xc0,
> > > + /*0d*/ 0xd0,
> > > + /*0e*/ 0xe0,
> > > + /*0f*/ 0xf0,
> > > + /*10*/ 0x01,
> > > + /*11*/ 0x11,
> > > + /*12*/ 0x21,
> > > + /*13*/ 0x31,
> > > + /*14*/ 0x41,
> > > + /*15*/ 0x51,
> > > + /*16*/ 0x61,
> > > + /*17*/ 0x71,
> > > + /*18*/ 0x81,
> > > + /*19*/ 0x91,
> > > + /*1a*/ 0xa1,
> > > + /*1b*/ 0xb1,
> > > + /*1c*/ 0xc1,
> > > + /*1d*/ 0xd1,
> > > + /*1e*/ 0xe1,
> > > + /*1f*/ 0xf1,
> > > + /*20*/ 0x02,
> > > + /*21*/ 0x12,
> > > + /*22*/ 0x22,
> > > + /*23*/ 0x32,
> > > + /*24*/ 0x42,
> > > + /*25*/ 0x52,
> > > + /*26*/ 0x62,
> > > + /*27*/ 0x72,
> > > + /*28*/ 0x82,
> > > + /*29*/ 0x92,
> > > + /*2a*/ 0xa2,
> > > + /*2b*/ 0xb2,
> > > + /*2c*/ 0xc2,
> > > + /*2d*/ 0xd2,
> > > + /*2e*/ 0xe2,
> > > + /*2f*/ 0xf2,
> > > + /*30*/ 0x03,
> > > + /*31*/ 0x13,
> > > + /*32*/ 0x23,
> > > + /*33*/ 0x33,
> > > + /*34*/ 0x43,
> > > + /*35*/ 0x53,
> > > + /*36*/ 0x63,
> > > + /*37*/ 0x73,
> > > + /*38*/ 0x83,
> > > + /*39*/ 0x93,
> > > + /*3a*/ 0xa3,
> > > + /*3b*/ 0xb3,
> > > + /*3c*/ 0xc3,
> > > + /*3d*/ 0xd3,
> > > + /*3e*/ 0xe3,
> > > + /*3f*/ 0xf3,
> > > + /*40*/ 0x04,
> > > + /*41*/ 0x14,
> > > + /*42*/ 0x24,
> > > + /*43*/ 0x34,
> > > + /*44*/ 0x44,
> > > + /*45*/ 0x54,
> > > + /*46*/ 0x64,
> > > + /*47*/ 0x74,
> > > + /*48*/ 0x84,
> > > + /*49*/ 0x94,
> > > + /*4a*/ 0xa4,
> > > + /*4b*/ 0xb4,
> > > + /*4c*/ 0xc4,
> > > + /*4d*/ 0xd4,
> > > + /*4e*/ 0xe4,
> > > + /*4f*/ 0xf4,
> > > + /*50*/ 0x05,
> > > + /*51*/ 0x15,
> > > + /*52*/ 0x25,
> > > + /*53*/ 0x35,
> > > + /*54*/ 0x45,
> > > + /*55*/ 0x55,
> > > + /*56*/ 0x65,
> > > + /*57*/ 0x75,
> > > + /*58*/ 0x85,
> > > + /*59*/ 0x95,
> > > + /*5a*/ 0xa5,
> > > + /*5b*/ 0xb5,
> > > + /*5c*/ 0xc5,
> > > + /*5d*/ 0xd5,
> > > + /*5e*/ 0xe5,
> > > + /*5f*/ 0xf5,
> > > + /*60*/ 0x06,
> > > + /*61*/ 0x16,
> > > + /*62*/ 0x26,
> > > + /*63*/ 0x36,
> > > + /*64*/ 0x46,
> > > + /*65*/ 0x56,
> > > + /*66*/ 0x66,
> > > + /*67*/ 0x76,
> > > + /*68*/ 0x86,
> > > + /*69*/ 0x96,
> > > + /*6a*/ 0xa6,
> > > + /*6b*/ 0xb6,
> > > + /*6c*/ 0xc6,
> > > + /*6d*/ 0xd6,
> > > + /*6e*/ 0xe6,
> > > + /*6f*/ 0xf6,
> > > + /*70*/ 0x07,
> > > + /*71*/ 0x17,
> > > + /*72*/ 0x27,
> > > + /*73*/ 0x37,
> > > + /*74*/ 0x47,
> > > + /*75*/ 0x57,
> > > + /*76*/ 0x67,
> > > + /*77*/ 0x77,
> > > + /*78*/ 0x87,
> > > + /*79*/ 0x97,
> > > + /*7a*/ 0xa7,
> > > + /*7b*/ 0xb7,
> > > + /*7c*/ 0xc7,
> > > + /*7d*/ 0xd7,
> > > + /*7e*/ 0xe7,
> > > + /*7f*/ 0xf7,
> > > + /*80*/ 0x08,
> > > + /*81*/ 0x18,
> > > + /*82*/ 0x28,
> > > + /*83*/ 0x38,
> > > + /*84*/ 0x48,
> > > + /*85*/ 0x58,
> > > + /*86*/ 0x68,
> > > + /*87*/ 0x78,
> > > + /*88*/ 0x88,
> > > + /*89*/ 0x98,
> > > + /*8a*/ 0xa8,
> > > + /*8b*/ 0xb8,
> > > + /*8c*/ 0xc8,
> > > + /*8d*/ 0xd8,
> > > + /*8e*/ 0xe8,
> > > + /*8f*/ 0xf8,
> > > + /*90*/ 0x09,
> > > + /*91*/ 0x19,
> > > + /*92*/ 0x29,
> > > + /*93*/ 0x39,
> > > + /*94*/ 0x49,
> > > + /*95*/ 0x59,
> > > + /*96*/ 0x69,
> > > + /*97*/ 0x79,
> > > + /*98*/ 0x89,
> > > + /*99*/ 0x99,
> > > + /*9a*/ 0xa9,
> > > + /*9b*/ 0xb9,
> > > + /*9c*/ 0xc9,
> > > + /*9d*/ 0xd9,
> > > + /*9e*/ 0xe9,
> > > + /*9f*/ 0xf9,
> > > + /*a0*/ 0x0a,
> > > + /*a1*/ 0x1a,
> > > + /*a2*/ 0x2a,
> > > + /*a3*/ 0x3a,
> > > + /*a4*/ 0x4a,
> > > + /*a5*/ 0x5a,
> > > + /*a6*/ 0x6a,
> > > + /*a7*/ 0x7a,
> > > + /*a8*/ 0x8a,
> > > + /*a9*/ 0x9a,
> > > + /*aa*/ 0xaa,
> > > + /*ab*/ 0xba,
> > > + /*ac*/ 0xca,
> > > + /*ad*/ 0xda,
> > > + /*ae*/ 0xea,
> > > + /*af*/ 0xfa,
> > > + /*b0*/ 0x0b,
> > > + /*b1*/ 0x1b,
> > > + /*b2*/ 0x2b,
> > > + /*b3*/ 0x3b,
> > > + /*b4*/ 0x4b,
> > > + /*b5*/ 0x5b,
> > > + /*b6*/ 0x6b,
> > > + /*b7*/ 0x7b,
> > > + /*b8*/ 0x8b,
> > > + /*b9*/ 0x9b,
> > > + /*ba*/ 0xab,
> > > + /*bb*/ 0xbb,
> > > + /*bc*/ 0xcb,
> > > + /*bd*/ 0xdb,
> > > + /*be*/ 0xeb,
> > > + /*bf*/ 0xfb,
> > > + /*c0*/ 0x0c,
> > > + /*c1*/ 0x1c,
> > > + /*c2*/ 0x2c,
> > > + /*c3*/ 0x3c,
> > > + /*c4*/ 0x4c,
> > > + /*c5*/ 0x5c,
> > > + /*c6*/ 0x6c,
> > > + /*c7*/ 0x7c,
> > > + /*c8*/ 0x8c,
> > > + /*c9*/ 0x9c,
> > > + /*ca*/ 0xac,
> > > + /*cb*/ 0xbc,
> > > + /*cc*/ 0xcc,
> > > + /*cd*/ 0xdc,
> > > + /*ce*/ 0xec,
> > > + /*cf*/ 0xfc,
> > > + /*d0*/ 0x0d,
> > > + /*d1*/ 0x1d,
> > > + /*d2*/ 0x2d,
> > > + /*d3*/ 0x3d,
> > > + /*d4*/ 0x4d,
> > > + /*d5*/ 0x5d,
> > > + /*d6*/ 0x6d,
> > > + /*d7*/ 0x7d,
> > > + /*d8*/ 0x8d,
> > > + /*d9*/ 0x9d,
> > > + /*da*/ 0xad,
> > > + /*db*/ 0xbd,
> > > + /*dc*/ 0xcd,
> > > + /*dd*/ 0xdd,
> > > + /*de*/ 0xed,
> > > + /*df*/ 0xfd,
> > > + /*e0*/ 0x0e,
> > > + /*e1*/ 0x1e,
> > > + /*e2*/ 0x2e,
> > > + /*e3*/ 0x3e,
> > > + /*e4*/ 0x4e,
> > > + /*e5*/ 0x5e,
> > > + /*e6*/ 0x6e,
> > > + /*e7*/ 0x7e,
> > > + /*e8*/ 0x8e,
> > > + /*e9*/ 0x9e,
> > > + /*ea*/ 0xae,
> > > + /*eb*/ 0xbe,
> > > + /*ec*/ 0xce,
> > > + /*ed*/ 0xde,
> > > + /*ee*/ 0xee,
> > > + /*ef*/ 0xfe,
> > > + /*f0*/ 0x0f,
> > > + /*f1*/ 0x1f,
> > > + /*f2*/ 0x2f,
> > > + /*f3*/ 0x3f,
> > > + /*f4*/ 0x4f,
> > > + /*f5*/ 0x5f,
> > > + /*f6*/ 0x6f,
> > > + /*f7*/ 0x7f,
> > > + /*f8*/ 0x8f,
> > > + /*f9*/ 0x9f,
> > > + /*fa*/ 0xaf,
> > > + /*fb*/ 0xbf,
> > > + /*fc*/ 0xcf,
> > > + /*fd*/ 0xdf,
> > > + /*fe*/ 0xef,
> > > + /*ff*/ 0xff
> > > + };
> > > +
> > > + /*
> > > * Generate an error packet of type error
> > > * in response to bad packet ip.
> > > */
> > > ***************
> > > *** 226,232 ****
> > > nip->ip_len = m->m_len;
> > > nip->ip_vhl = IP_VHL_BORING;
> > > nip->ip_p = IPPROTO_ICMP;
> > > ! nip->ip_tos = 0;
> > > icmp_reflect(m);
> > >
> > > freeit:
> > > --- 490,496 ----
> > > nip->ip_len = m->m_len;
> > > nip->ip_vhl = IP_VHL_BORING;
> > > nip->ip_p = IPPROTO_ICMP;
> > > ! nip->ip_tos = 0x44; /* Network Management Flow */
> > > icmp_reflect(m);
> > >
> > > freeit:
> > > ***************
> > > *** 610,615 ****
> > > --- 874,880 ----
> > > struct in_addr t;
> > > struct mbuf *opts = 0;
> > > int optlen = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
> > > + int flags = 0;
> > >
> > > if (!in_canforward(ip->ip_src) &&
> > > ((ntohl(ip->ip_src.s_addr) & IN_CLASSA_NET) !=
> > > ***************
> > > *** 617,622 ****
> > > --- 882,895 ----
> > > m_freem(m); /* Bad return address */
> > > goto done; /* Ip_output() will check for broadcast */
> > > }
> > > + /* Handle IPv8 TOS and UnirVerse fields */
> > > + if(((ip->ip_tos&0xF0)!=0) && ((ip->ip_tos&0x0F)!=0)){
> > > + ip->ip_tos = reverse_nibbles[ip->ip_tos];
> > > + if(ip->ip_gate != IPXX_UNIRVERSE_DEFAULT){
> > > + ip->ip_gate = reverse_nibbles[ip->ip_gate];
> > > + flags |= IP_UNIRVERSE_SET;
> > > + }
> > > + }
> > > t = ip->ip_dst;
> > > ip->ip_dst = ip->ip_src;
> > > /*
> > > ***************
> > > *** 719,725 ****
> > > (unsigned)(m->m_len - sizeof(struct ip)));
> > > }
> > > m->m_flags &= ~(M_BCAST|M_MCAST);
> > > ! icmp_send(m, opts);
> > > done:
> > > if (opts)
> > > (void)m_free(opts);
> > > --- 992,998 ----
> > > (unsigned)(m->m_len - sizeof(struct ip)));
> > > }
> > > m->m_flags &= ~(M_BCAST|M_MCAST);
> > > ! icmp_send(m,opts,flags);
> > > done:
> > > if (opts)
> > > (void)m_free(opts);
> > > ***************
> > > *** 730,738 ****
> > > * after supplying a checksum.
> > > */
> > > static void
> > > ! icmp_send(m, opts)
> > > register struct mbuf *m;
> > > struct mbuf *opts;
> > > {
> > > register struct ip *ip = mtod(m, struct ip *);
> > > register int hlen;
> > > --- 1003,1012 ----
> > > * after supplying a checksum.
> > > */
> > > static void
> > > ! icmp_send(m,opts,flags)
> > > register struct mbuf *m;
> > > struct mbuf *opts;
> > > + int flags;
> > > {
> > > register struct ip *ip = mtod(m, struct ip *);
> > > register int hlen;
> > > ***************
> > > *** 757,763 ****
> > > }
> > > #endif
> > > bzero(&ro, sizeof ro);
> > > ! (void) ip_output(m, opts, &ro, 0, NULL);
> > > if (ro.ro_rt)
> > > RTFREE(ro.ro_rt);
> > > }
> > > --- 1031,1037 ----
> > > }
> > > #endif
> > > bzero(&ro, sizeof ro);
> > > ! (void) ip_output(m, opts, &ro, flags, NULL);
> > > if (ro.ro_rt)
> > > RTFREE(ro.ro_rt);
> > > }
> > > diff -c -r /unir/sys/netinet/ip_input.c netinet/ip_input.c
> > > *** /unir/sys/netinet/ip_input.c Wed Aug 29 21:41:37 2001
> > > --- netinet/ip_input.c Wed Dec 12 09:57:20 2001
> > > ***************
> > > *** 258,266 ****
> > > maxnipq = nmbclusters / 4;
> > > ip_maxfragpackets = nmbclusters / 4;
> > >
> > > - #ifndef RANDOM_IP_ID
> > > ip_id = time_second & 0xffff;
> > > ! #endif
> > > ipintrq.ifq_maxlen = ipqmaxlen;
> > >
> > > register_netisr(NETISR_IP, ipintr);
> > > --- 258,275 ----
> > > maxnipq = nmbclusters / 4;
> > > ip_maxfragpackets = nmbclusters / 4;
> > >
> > > ip_id = time_second & 0xffff;
> > > ! /* initialize all the StarGate id counters */
> > > ! for(i=0; i<256; i++){
> > > ! ip_id_[i] = time_second & 0xffff;
> > > ! }
> > > ! for(i=0; i<65536; i++){
> > > ! src_gate[i] = 0x00;
> > > ! dst_gate[i] = 0x00;
> > > ! }
> > > ! galaxy_in=0;
> > > ! galaxy_out=0;
> > > !
> > > ipintrq.ifq_maxlen = ipqmaxlen;
> > >
> > > register_netisr(NETISR_IP, ipintr);
> > > ***************
> > > *** 269,274 ****
> > > --- 278,285 ----
> > > static struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET };
> > > static struct route ipforward_rt;
> > >
> > > + extern unsigned char reverse_nibbles[];
> > > +
> > > /*
> > > * Ip input routine. Checksum and byte swap header. If fragmented
> > > * try to reassemble. Process options. Pass to next level.
> > > ***************
> > > *** 287,292 ****
> > > --- 298,305 ----
> > > u_int32_t divert_info = 0; /* packet divert/tee info */
> > > #endif
> > > struct ip_fw_chain *rule = NULL;
> > > + u_int32_t src_addr;
> > > + u_int32_t dst_addr;
> > >
> > > #ifdef IPDIVERT
> > > /* Get and reset firewall cookie */
> > > ***************
> > > *** 346,351 ****
> > > --- 359,365 ----
> > > ip = mtod(m, struct ip *);
> > > }
> > >
> > > +
> > > /* 127/8 must not appear on wire - RFC1122 */
> > > if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
> > > (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
> > > ***************
> > > *** 402,407 ****
> > > --- 416,483 ----
> > > if (ipsec_gethist(m, NULL))
> > > goto pass;
> > > #endif
> > > +
> > > + /* Process IPvXX ICMP++ packets that are special QoS codes */
> > > + if((ip->ip_p==IPPROTO_ICMP) && (((ip->ip_tos&0xF0)==0)||((ip->ip_tos&0x0F)==0))){
> > > + src_addr = ntohl(ip->ip_src.s_addr);
> > > + dst_addr = ntohl(ip->ip_dst.s_addr);
> > > + /* QoS(4)=Network Management */
> > > + switch(ip->ip_tos){
> > > + case 0x04:
> > > + /* Check for Galaxy PeaceKeeper */
> > > + /* PPPPPPPP.PPPPPPPP.GGG00000.XXXX0000 */
> > > + if((src_addr&0x1F0F)==0){
> > > + dst_gate[src_addr>>16] >>= 4;
> > > + dst_gate[src_addr>>16] |= src_addr&0xF0;
> > > + /* Check for possible new Galaxy setting */
> > > + if(((src_addr&0x0E00)!=0)&&((src_addr&0xFFFF0000)==(dst_addr&0xFFFF0000))){
> > > + galaxy_out=(src_addr&0x0E00)>>8;
> > > + log(LOG_WARNING,"Outbound Galactic Routing set to %d\n",galaxy_out);
> > > + }
> > > + else{
> > > + galaxy_out=0;
> > > + }
> > > + }
> > > + break;
> > > + case 0x40:
> > > + /* Check for Galaxy PeaceKeeper */
> > > + /* PPPPPPPP.PPPPPPPP.GGG00000.XXXX0000 */
> > > + if((src_addr&0x1F0F)==0){
> > > + src_gate[src_addr>>16] >>= 4;
> > > + src_gate[src_addr>>16] |= src_addr&0xF0;
> > > + /* Check for possible new Galaxy setting */
> > > + if(((src_addr&0x0E00)!=0)&&((src_addr&0xFFFF0000)==(dst_addr&0xFFFF0000))){
> > > + galaxy_in=(src_addr&0x0E00)>>8;
> > > + log(LOG_WARNING,"Inbound Galactic Routing set to %d\n",galaxy_in);
> > > + }
> > > + else{
> > > + galaxy_in=0;
> > > + }
> > > + }
> > > + break;
> > > + default:
> > > + log(LOG_WARNING,"Unknown ICMP+ QoS Code from %s\n",
> > > + inet_ntoa(ip->ip_src));
> > > + }
> > > + }
> > > + /* Process IPvXX-style Packets */
> > > + if((ip->ip_off&0x8000)!=0){
> > > + /* Process non-Galaxy 0 Packets */
> > > + if(((ip->ip_p&0xC0) != 0)&&
> > > + ((ip->ip_p&0x07) != galaxy_in)){
> > > + printf("Dropped packet not from our galaxy\n");
> > > + ipstat.ips_badaddr++;
> > > + goto bad;
> > > + }
> > > + else{
> > > + /* Packet is Galaxy 0, are we ? */
> > > + if(galaxy_in != 0){
> > > + printf("Dropped packet not from our galaxy\n");
> > > + ipstat.ips_badaddr++;
> > > + goto bad;
> > > + }
> > > + }
> > > + }
> > >
> > > /*
> > > * IpHack's section.
> > > diff -c -r /unir/sys/netinet/ip_mroute.c netinet/ip_mroute.c
> > > *** /unir/sys/netinet/ip_mroute.c Thu Jul 19 06:37:26 2001
> > > --- netinet/ip_mroute.c Tue Dec 11 14:00:20 2001
> > > ***************
> > > *** 1581,1590 ****
> > > */
> > > ip_copy = mtod(mb_copy, struct ip *);
> > > *ip_copy = multicast_encap_iphdr;
> > > #ifdef RANDOM_IP_ID
> > > ip_copy->ip_id = ip_randomid();
> > > #else
> > > ! ip_copy->ip_id = htons(ip_id++);
> > > #endif
> > > ip_copy->ip_len += len;
> > > ip_copy->ip_src = vifp->v_lcl_addr;
> > > --- 1581,1597 ----
> > > */
> > > ip_copy = mtod(mb_copy, struct ip *);
> > > *ip_copy = multicast_encap_iphdr;
> > > + ip_copy->ip_gate=0;
> > > #ifdef RANDOM_IP_ID
> > > ip_copy->ip_id = ip_randomid();
> > > #else
> > > ! if(ip_copy->ip_tos != 0){
> > > ! ip_copy->ip_id = ip_id_[ip_copy->ip_gate]++;
> > > ! }
> > > ! else{
> > > ! ip_copy->ip_id = ip_id++;
> > > ! ip_copy->ip_gate = ip_id>>8;
> > > ! }
> > > #endif
> > > ip_copy->ip_len += len;
> > > ip_copy->ip_src = vifp->v_lcl_addr;
> > > diff -c -r /unir/sys/netinet/ip_output.c netinet/ip_output.c
> > > *** /unir/sys/netinet/ip_output.c Thu Jul 19 06:37:26 2001
> > > --- netinet/ip_output.c Wed Dec 12 10:28:11 2001
> > > ***************
> > > *** 52,57 ****
> > > --- 52,58 ----
> > > #include <sys/socket.h>
> > > #include <sys/socketvar.h>
> > > #include <sys/proc.h>
> > > + #include <sys/time.h>
> > >
> > > #include <net/if.h>
> > > #include <net/route.h>
> > > ***************
> > > *** 88,101 ****
> > > #include <netinet/ip_dummynet.h>
> > > #endif
> > >
> > > ! #ifdef IPFIREWALL_FORWARD_DEBUG
> > > ! #define print_ip(a) printf("%ld.%ld.%ld.%ld",(ntohl(a.s_addr)>>24)&0xFF,\
> > > (ntohl(a.s_addr)>>16)&0xFF,\
> > > (ntohl(a.s_addr)>>8)&0xFF,\
> > > (ntohl(a.s_addr))&0xFF);
> > > - #endif
> > >
> > > u_short ip_id;
> > >
> > > static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
> > > static struct ifnet *ip_multicast_if __P((struct in_addr *, int *));
> > > --- 89,105 ----
> > > #include <netinet/ip_dummynet.h>
> > > #endif
> > >
> > > ! #define print_ip(a) printf("%ld.%ld.%ld.%ld ",(ntohl(a.s_addr)>>24)&0xFF,\
> > > (ntohl(a.s_addr)>>16)&0xFF,\
> > > (ntohl(a.s_addr)>>8)&0xFF,\
> > > (ntohl(a.s_addr))&0xFF);
> > >
> > > u_short ip_id;
> > > + u_char ip_id_[256];
> > > + u_char src_gate[65536];
> > > + u_char dst_gate[65536];
> > > + u_char galaxy_out;
> > > + u_char galaxy_in;
> > >
> > > static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
> > > static struct ifnet *ip_multicast_if __P((struct in_addr *, int *));
> > > ***************
> > > *** 127,132 ****
> > > --- 131,137 ----
> > > int flags;
> > > struct ip_moptions *imo;
> > > {
> > > + struct timeval random_time;
> > > struct ip *ip, *mhip;
> > > struct ifnet *ifp;
> > > struct mbuf *m = m0;
> > > ***************
> > > *** 207,219 ****
> > > /*
> > > * Fill in IP header.
> > > */
> > > if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) {
> > > ip->ip_vhl = IP_MAKE_VHL(IPVERSION, hlen >> 2);
> > > ip->ip_off &= IP_DF;
> > > #ifdef RANDOM_IP_ID
> > > ip->ip_id = ip_randomid();
> > > #else
> > > ! ip->ip_id = htons(ip_id++);
> > > #endif
> > > ipstat.ips_localout++;
> > > } else {
> > > --- 212,252 ----
> > > /*
> > > * Fill in IP header.
> > > */
> > > +
> > > + /* Set UnirVerse on QoS-agile Packets */
> > > + if(ip->ip_tos != 0){
> > > + /* Allow reflectors and forwarders to prevent setting */
> > > + if((flags & IP_UNIRVERSE_SET) == 0){
> > > + getmicrotime(&random_time);
> > > + if(random_time.tv_usec&0x01){
> > > + ip->ip_gate =
> > > + ((src_gate[(ntohl(ip->ip_src.s_addr)>>16)&0xFFFF])&0xF0) |
> > > + (((dst_gate[(ntohl(ip->ip_dst.s_addr)>>16)&0xFFFF])>>4)&0x0F);
> > > + }
> > > + else{
> > > + ip->ip_gate =
> > > + (((src_gate[(ntohl(ip->ip_src.s_addr)>>16)&0xFFFF])<<4)&0xF0) |
> > > + ((dst_gate[(ntohl(ip->ip_dst.s_addr)>>16)&0xFFFF])&0x0F);
> > > + }
> > > + }
> > > + }
> > > + else{
> > > + ip->ip_gate = IPXX_UNIRVERSE_DEFAULT;
> > > + }
> > > + /* Set id based on UnirVerse */
> > > if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) {
> > > ip->ip_vhl = IP_MAKE_VHL(IPVERSION, hlen >> 2);
> > > ip->ip_off &= IP_DF;
> > > #ifdef RANDOM_IP_ID
> > > ip->ip_id = ip_randomid();
> > > #else
> > > ! if(ip->ip_tos != 0){
> > > ! ip->ip_id = ip_id_[ip->ip_gate]++;
> > > ! }
> > > ! else{
> > > ! ip->ip_id = ip_id++;
> > > ! ip->ip_gate = ip_id>>8;
> > > ! }
> > > #endif
> > > ipstat.ips_localout++;
> > > } else {
> > > ***************
> > > *** 431,436 ****
> > > --- 464,470 ----
> > > }
> > >
> > > sendit:
> > > +
> > > #ifdef IPSEC
> > > /* get SP for this packet */
> > > if (so == NULL)
> > > diff -c -r /unir/sys/netinet/ip_var.h netinet/ip_var.h
> > > *** /unir/sys/netinet/ip_var.h Thu Jul 19 06:37:26 2001
> > > --- netinet/ip_var.h Tue Dec 11 14:00:41 2001
> > > ***************
> > > *** 133,138 ****
> > > --- 133,140 ----
> > > /* flags passed to ip_output as last parameter */
> > > #define IP_FORWARDING 0x1 /* most of ip header exists */
> > > #define IP_RAWOUTPUT 0x2 /* raw ip header exists */
> > > + #define IP_UNIRVERSE_SET 0x4 /* UnirVerse set in header */
> > > +
> > > #define IP_ROUTETOIF SO_DONTROUTE /* bypass routing tables */
> > > #define IP_ALLOWBROADCAST SO_BROADCAST /* can send broadcast packets */
> > >
> > > ***************
> > > *** 142,150 ****
> > > struct sockopt;
> > >
> > > extern struct ipstat ipstat;
> > > ! #ifndef RANDOM_IP_ID
> > > ! extern u_short ip_id; /* ip packet ctr, for ids */
> > > ! #endif
> > > extern int ip_defttl; /* default IP ttl */
> > > extern int ipforwarding; /* ip forwarding */
> > > extern u_char ip_protox[];
> > > --- 144,157 ----
> > > struct sockopt;
> > >
> > > extern struct ipstat ipstat;
> > > !
> > > ! extern u_short ip_id; /* ip packet ctr, for ids */
> > > ! extern u_char ip_id_[]; /* id counters for each StarGate */
> > > ! extern u_char src_gate[];
> > > ! extern u_char dst_gate[];
> > > ! extern u_char galaxy_in;
> > > ! extern u_char galaxy_out;
> > > !
> > > extern int ip_defttl; /* default IP ttl */
> > > extern int ipforwarding; /* ip forwarding */
> > > extern u_char ip_protox[];
> > > diff -c -r /unir/sys/netinet/raw_ip.c netinet/raw_ip.c
> > > *** /unir/sys/netinet/raw_ip.c Sun Jul 29 19:32:40 2001
> > > --- netinet/raw_ip.c Tue Dec 11 14:01:10 2001
> > > ***************
> > > *** 239,249 ****
> > > m_freem(m);
> > > return EINVAL;
> > > }
> > > - if (ip->ip_id == 0)
> > > #ifdef RANDOM_IP_ID
> > > ip->ip_id = ip_randomid();
> > > #else
> > > ! ip->ip_id = htons(ip_id++);
> > > #endif
> > > /* XXX prevent ip_output from overwriting header fields */
> > > flags |= IP_RAWOUTPUT;
> > > --- 239,259 ----
> > > m_freem(m);
> > > return EINVAL;
> > > }
> > > #ifdef RANDOM_IP_ID
> > > + if (ip->ip_id == 0){
> > > ip->ip_id = ip_randomid();
> > > + }
> > > #else
> > > ! if (ip->ip_id == 0){
> > > ! if(ip->ip_tos != 0){
> > > ! ip->ip_id = ip_id_[ip->ip_gate]++;
> > > ! ip->ip_gate = IPXX_UNIRVERSE_DEFAULT;
> > > ! }
> > > ! else{
> > > ! ip->ip_id = ip_id++;
> > > ! ip->ip_gate = ip_id>>8;
> > > ! }
> > > ! }
> > > #endif
> > > /* XXX prevent ip_output from overwriting header fields */
> > > flags |= IP_RAWOUTPUT;
> > >
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-arch" in the body of the message
> >
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?061501c18341$49f6aba0$1000a8c0>