diff options
Diffstat (limited to 'net/ipv4/ip_gre.c')
-rw-r--r-- | net/ipv4/ip_gre.c | 146 |
1 files changed, 1 insertions, 145 deletions
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c index 2ada033406de..4342cba4ff82 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c | |||
@@ -313,9 +313,8 @@ static void ipgre_tunnel_uninit(struct net_device *dev) | |||
313 | 313 | ||
314 | static void ipgre_err(struct sk_buff *skb, u32 info) | 314 | static void ipgre_err(struct sk_buff *skb, u32 info) |
315 | { | 315 | { |
316 | #ifndef I_WISH_WORLD_WERE_PERFECT | ||
317 | 316 | ||
318 | /* It is not :-( All the routers (except for Linux) return only | 317 | /* All the routers (except for Linux) return only |
319 | 8 bytes of packet payload. It means, that precise relaying of | 318 | 8 bytes of packet payload. It means, that precise relaying of |
320 | ICMP in the real Internet is absolutely infeasible. | 319 | ICMP in the real Internet is absolutely infeasible. |
321 | 320 | ||
@@ -398,149 +397,6 @@ static void ipgre_err(struct sk_buff *skb, u32 info) | |||
398 | out: | 397 | out: |
399 | read_unlock(&ipgre_lock); | 398 | read_unlock(&ipgre_lock); |
400 | return; | 399 | return; |
401 | #else | ||
402 | struct iphdr *iph = (struct iphdr*)dp; | ||
403 | struct iphdr *eiph; | ||
404 | __be16 *p = (__be16*)(dp+(iph->ihl<<2)); | ||
405 | const int type = icmp_hdr(skb)->type; | ||
406 | const int code = icmp_hdr(skb)->code; | ||
407 | int rel_type = 0; | ||
408 | int rel_code = 0; | ||
409 | __be32 rel_info = 0; | ||
410 | __u32 n = 0; | ||
411 | __be16 flags; | ||
412 | int grehlen = (iph->ihl<<2) + 4; | ||
413 | struct sk_buff *skb2; | ||
414 | struct flowi fl; | ||
415 | struct rtable *rt; | ||
416 | |||
417 | if (p[1] != htons(ETH_P_IP)) | ||
418 | return; | ||
419 | |||
420 | flags = p[0]; | ||
421 | if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { | ||
422 | if (flags&(GRE_VERSION|GRE_ROUTING)) | ||
423 | return; | ||
424 | if (flags&GRE_CSUM) | ||
425 | grehlen += 4; | ||
426 | if (flags&GRE_KEY) | ||
427 | grehlen += 4; | ||
428 | if (flags&GRE_SEQ) | ||
429 | grehlen += 4; | ||
430 | } | ||
431 | if (len < grehlen + sizeof(struct iphdr)) | ||
432 | return; | ||
433 | eiph = (struct iphdr*)(dp + grehlen); | ||
434 | |||
435 | switch (type) { | ||
436 | default: | ||
437 | return; | ||
438 | case ICMP_PARAMETERPROB: | ||
439 | n = ntohl(icmp_hdr(skb)->un.gateway) >> 24; | ||
440 | if (n < (iph->ihl<<2)) | ||
441 | return; | ||
442 | |||
443 | /* So... This guy found something strange INSIDE encapsulated | ||
444 | packet. Well, he is fool, but what can we do ? | ||
445 | */ | ||
446 | rel_type = ICMP_PARAMETERPROB; | ||
447 | n -= grehlen; | ||
448 | rel_info = htonl(n << 24); | ||
449 | break; | ||
450 | |||
451 | case ICMP_DEST_UNREACH: | ||
452 | switch (code) { | ||
453 | case ICMP_SR_FAILED: | ||
454 | case ICMP_PORT_UNREACH: | ||
455 | /* Impossible event. */ | ||
456 | return; | ||
457 | case ICMP_FRAG_NEEDED: | ||
458 | /* And it is the only really necessary thing :-) */ | ||
459 | n = ntohs(icmp_hdr(skb)->un.frag.mtu); | ||
460 | if (n < grehlen+68) | ||
461 | return; | ||
462 | n -= grehlen; | ||
463 | /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */ | ||
464 | if (n > ntohs(eiph->tot_len)) | ||
465 | return; | ||
466 | rel_info = htonl(n); | ||
467 | break; | ||
468 | default: | ||
469 | /* All others are translated to HOST_UNREACH. | ||
470 | rfc2003 contains "deep thoughts" about NET_UNREACH, | ||
471 | I believe, it is just ether pollution. --ANK | ||
472 | */ | ||
473 | rel_type = ICMP_DEST_UNREACH; | ||
474 | rel_code = ICMP_HOST_UNREACH; | ||
475 | break; | ||
476 | } | ||
477 | break; | ||
478 | case ICMP_TIME_EXCEEDED: | ||
479 | if (code != ICMP_EXC_TTL) | ||
480 | return; | ||
481 | break; | ||
482 | } | ||
483 | |||
484 | /* Prepare fake skb to feed it to icmp_send */ | ||
485 | skb2 = skb_clone(skb, GFP_ATOMIC); | ||
486 | if (skb2 == NULL) | ||
487 | return; | ||
488 | dst_release(skb2->dst); | ||
489 | skb2->dst = NULL; | ||
490 | skb_pull(skb2, skb->data - (u8*)eiph); | ||
491 | skb_reset_network_header(skb2); | ||
492 | |||
493 | /* Try to guess incoming interface */ | ||
494 | memset(&fl, 0, sizeof(fl)); | ||
495 | fl.fl4_dst = eiph->saddr; | ||
496 | fl.fl4_tos = RT_TOS(eiph->tos); | ||
497 | fl.proto = IPPROTO_GRE; | ||
498 | if (ip_route_output_key(dev_net(skb->dev), &rt, &fl)) { | ||
499 | kfree_skb(skb2); | ||
500 | return; | ||
501 | } | ||
502 | skb2->dev = rt->u.dst.dev; | ||
503 | |||
504 | /* route "incoming" packet */ | ||
505 | if (rt->rt_flags&RTCF_LOCAL) { | ||
506 | ip_rt_put(rt); | ||
507 | rt = NULL; | ||
508 | fl.fl4_dst = eiph->daddr; | ||
509 | fl.fl4_src = eiph->saddr; | ||
510 | fl.fl4_tos = eiph->tos; | ||
511 | if (ip_route_output_key(dev_net(skb->dev), &rt, &fl) || | ||
512 | rt->u.dst.dev->type != ARPHRD_IPGRE) { | ||
513 | ip_rt_put(rt); | ||
514 | kfree_skb(skb2); | ||
515 | return; | ||
516 | } | ||
517 | } else { | ||
518 | ip_rt_put(rt); | ||
519 | if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) || | ||
520 | skb2->dst->dev->type != ARPHRD_IPGRE) { | ||
521 | kfree_skb(skb2); | ||
522 | return; | ||
523 | } | ||
524 | } | ||
525 | |||
526 | /* change mtu on this route */ | ||
527 | if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { | ||
528 | if (n > dst_mtu(skb2->dst)) { | ||
529 | kfree_skb(skb2); | ||
530 | return; | ||
531 | } | ||
532 | skb2->dst->ops->update_pmtu(skb2->dst, n); | ||
533 | } else if (type == ICMP_TIME_EXCEEDED) { | ||
534 | struct ip_tunnel *t = netdev_priv(skb2->dev); | ||
535 | if (t->parms.iph.ttl) { | ||
536 | rel_type = ICMP_DEST_UNREACH; | ||
537 | rel_code = ICMP_HOST_UNREACH; | ||
538 | } | ||
539 | } | ||
540 | |||
541 | icmp_send(skb2, rel_type, rel_code, rel_info); | ||
542 | kfree_skb(skb2); | ||
543 | #endif | ||
544 | } | 400 | } |
545 | 401 | ||
546 | static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) | 402 | static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) |