search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix gcc80 -Wbool-operation warnings in fortune(6) and hack(6).
[dragonfly.git] / sys / net / stf / if_stf.c
blobdf81c7a1dab5f3c345238e99f695f49dc5935699
1 /* $FreeBSD: src/sys/net/if_stf.c,v 1.1.2.11 2003/01/23 21:06:44 sam Exp $ */
2 /* $KAME: if_stf.c,v 1.73 2001/12/03 11:08:30 keiichi Exp $ */
3
4 /*
5 * Copyright (C) 2000 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 /*
34 * 6to4 interface, based on RFC3056.
35 *
36 * 6to4 interface is NOT capable of link-layer (I mean, IPv4) multicasting.
37 * There is no address mapping defined from IPv6 multicast address to IPv4
38 * address. Therefore, we do not have IFF_MULTICAST on the interface.
39 *
40 * Due to the lack of address mapping for link-local addresses, we cannot
41 * throw packets toward link-local addresses (fe80::x). Also, we cannot throw
42 * packets to link-local multicast addresses (ff02::x).
43 *
44 * Here are interesting symptoms due to the lack of link-local address:
45 *
46 * Unicast routing exchange:
47 * - RIPng: Impossible. Uses link-local multicast packet toward ff02::9,
48 * and link-local addresses as nexthop.
49 * - OSPFv6: Impossible. OSPFv6 assumes that there's link-local address
50 * assigned to the link, and makes use of them. Also, HELLO packets use
51 * link-local multicast addresses (ff02::5 and ff02::6).
52 * - BGP4+: Maybe. You can only use global address as nexthop, and global
53 * address as TCP endpoint address.
54 *
55 * Multicast routing protocols:
56 * - PIM: Hello packet cannot be used to discover adjacent PIM routers.
57 * Adjacent PIM routers must be configured manually (is it really spec-wise
58 * correct thing to do?).
59 *
60 * ICMPv6:
61 * - Redirects cannot be used due to the lack of link-local address.
62 *
63 * stf interface does not have, and will not need, a link-local address.
64 * It seems to have no real benefit and does not help the above symptoms much.
65 * Even if we assign link-locals to interface, we cannot really
66 * use link-local unicast/multicast on top of 6to4 cloud (since there's no
67 * encapsulation defined for link-local address), and the above analysis does
68 * not change. RFC3056 does not mandate the assignment of link-local address
69 * either.
70 *
71 * 6to4 interface has security issues. Refer to
72 * http://playground.iijlab.net/i-d/draft-itojun-ipv6-transition-abuse-00.txt
73 * for details. The code tries to filter out some of malicious packets.
74 * Note that there is no way to be 100% secure.
75 */
76
77 #include "opt_inet.h"
78 #include "opt_inet6.h"
79
80 #include <sys/param.h>
81 #include <sys/systm.h>
82 #include <sys/socket.h>
83 #include <sys/sockio.h>
84 #include <sys/mbuf.h>
85 #include <sys/errno.h>
86 #include <sys/protosw.h>
87 #include <sys/kernel.h>
88 #include <machine/cpu.h>
89
90 #include <sys/malloc.h>
91
92 #include <net/if.h>
93 #include <net/route.h>
94 #include <net/netisr.h>
95 #include <net/if_types.h>
96 #include <net/ifq_var.h>
97 #include <net/netisr2.h>
98 #include "if_stf.h"
99
100 #include <netinet/in.h>
101 #include <netinet/in_systm.h>
102 #include <netinet/ip.h>
103 #include <netinet/ip_var.h>
104 #include <netinet/in_var.h>
105
106 #include <netinet/ip6.h>
107 #include <netinet6/ip6_var.h>
108 #include <netinet6/in6_var.h>
109 #include <netinet/ip_ecn.h>
110
111 #include <netinet/ip_encap.h>
112
113 #include <machine/stdarg.h>
114
115 #include <net/net_osdep.h>
116
117 #include <net/bpf.h>
118
119 #define IN6_IS_ADDR_6TO4(x) (ntohs((x)->s6_addr16[0]) == 0x2002)
120 #define GET_V4(x) ((struct in_addr *)(&(x)->s6_addr16[1]))
121
122 struct stf_softc {
123 struct ifnet sc_if; /* common area */
124 struct route *route_pcpu;
125 const struct encaptab *encap_cookie;
126 };
127
128 static struct stf_softc *stf;
129
130 static MALLOC_DEFINE(M_STF, "stf", "6to4 Tunnel Interface");
131 static int ip_stf_ttl = 40;
132
133 extern struct domain inetdomain;
134 struct protosw in_stf_protosw =
135 {
136 .pr_type = SOCK_RAW,
137 .pr_domain = &inetdomain,
138 .pr_protocol = IPPROTO_IPV6,
139 .pr_flags = PR_ATOMIC|PR_ADDR,
140
141 .pr_input = in_stf_input,
142 .pr_output = rip_output,
143 .pr_ctlinput = NULL,
144 .pr_ctloutput = rip_ctloutput,
145
146 .pr_usrreqs = &rip_usrreqs
147 };
148
149 static int stfmodevent (module_t, int, void *);
150 static int stf_encapcheck (const struct mbuf *, int, int, void *);
151 static struct in6_ifaddr *stf_getsrcifa6 (struct ifnet *);
152 static int stf_output (struct ifnet *, struct mbuf *, struct sockaddr *,
153 struct rtentry *);
154 static int stf_checkaddr4 (struct stf_softc *, struct in_addr *,
155 struct ifnet *);
156 static int stf_checkaddr6 (struct stf_softc *, struct in6_addr *,
157 struct ifnet *);
158 static void stf_rtrequest (int, struct rtentry *);
159 static int stf_ioctl (struct ifnet *, u_long, caddr_t, struct ucred *);
160
161 static int
162 stfmodevent(module_t mod, int type, void *data)
163 {
164 struct stf_softc *sc;
165 int err, cpu;
166 const struct encaptab *p;
167
168 switch (type) {
169 case MOD_LOAD:
170 stf = kmalloc(sizeof(struct stf_softc), M_STF,
171 M_WAITOK | M_ZERO);
172 sc = stf;
173
174 bzero(sc, sizeof(*sc));
175 if_initname(&(sc->sc_if), "stf", 0);
176
177 p = encap_attach_func(AF_INET, IPPROTO_IPV6, stf_encapcheck,
178 (void *)&in_stf_protosw, sc);
179 if (p == NULL) {
180 kprintf("%s: attach failed\n", if_name(&sc->sc_if));
181 return (ENOMEM);
182 }
183 sc->encap_cookie = p;
184 sc->route_pcpu = kmalloc(netisr_ncpus * sizeof(struct route),
185 M_STF, M_WAITOK | M_ZERO);
186
187 sc->sc_if.if_mtu = IPV6_MMTU;
188 sc->sc_if.if_flags = 0;
189 sc->sc_if.if_ioctl = stf_ioctl;
190 sc->sc_if.if_output = stf_output;
191 sc->sc_if.if_type = IFT_STF;
192 #if 0
193 /* turn off ingress filter */
194 sc->sc_if.if_flags |= IFF_LINK2;
195 #endif
196 ifq_set_maxlen(&sc->sc_if.if_snd, IFQ_MAXLEN);
197 if_attach(&sc->sc_if, NULL);
198 bpfattach(&sc->sc_if, DLT_NULL, sizeof(u_int));
199 break;
200 case MOD_UNLOAD:
201 sc = stf;
202 bpfdetach(&sc->sc_if);
203 if_detach(&sc->sc_if);
204 err = encap_detach(sc->encap_cookie);
205 KASSERT(err == 0, ("Unexpected error detaching encap_cookie"));
206 for (cpu = 0; cpu < netisr_ncpus; ++cpu) {
207 if (sc->route_pcpu[cpu].ro_rt != NULL) {
208 rtfree_async(sc->route_pcpu[cpu].ro_rt);
209 sc->route_pcpu[cpu].ro_rt = NULL;
210 }
211 }
212 kfree(sc->route_pcpu, M_STF);
213 kfree(sc, M_STF);
214 break;
215 }
216
217 return (0);
218 }
219
220 static moduledata_t stf_mod = {
221 "if_stf",
222 stfmodevent,
223 0
224 };
225
226 DECLARE_MODULE(if_stf, stf_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
227
228 static int
229 stf_encapcheck(const struct mbuf *m, int off, int proto, void *arg)
230 {
231 struct ip ip;
232 struct in6_ifaddr *ia6;
233 struct stf_softc *sc;
234 struct in_addr a, b;
235
236 sc = (struct stf_softc *)arg;
237 if (sc == NULL)
238 return 0;
239
240 if ((sc->sc_if.if_flags & IFF_UP) == 0)
241 return 0;
242
243 /* IFF_LINK0 means "no decapsulation" */
244 if ((sc->sc_if.if_flags & IFF_LINK0) != 0)
245 return 0;
246
247 if (proto != IPPROTO_IPV6)
248 return 0;
249
250 m_copydata(m, 0, sizeof(ip), (caddr_t)&ip);
251
252 if (ip.ip_v != 4)
253 return 0;
254
255 ia6 = stf_getsrcifa6(&sc->sc_if);
256 if (ia6 == NULL)
257 return 0;
258
259 /*
260 * check if IPv4 dst matches the IPv4 address derived from the
261 * local 6to4 address.
262 * success on: dst = 10.1.1.1, ia6->ia_addr = 2002:0a01:0101:...
263 */
264 if (bcmp(GET_V4(&ia6->ia_addr.sin6_addr), &ip.ip_dst,
265 sizeof(ip.ip_dst)) != 0)
266 return 0;
267
268 /*
269 * check if IPv4 src matches the IPv4 address derived from the
270 * local 6to4 address masked by prefixmask.
271 * success on: src = 10.1.1.1, ia6->ia_addr = 2002:0a00:.../24
272 * fail on: src = 10.1.1.1, ia6->ia_addr = 2002:0b00:.../24
273 */
274 bzero(&a, sizeof(a));
275 a.s_addr = GET_V4(&ia6->ia_addr.sin6_addr)->s_addr;
276 a.s_addr &= GET_V4(&ia6->ia_prefixmask.sin6_addr)->s_addr;
277 b = ip.ip_src;
278 b.s_addr &= GET_V4(&ia6->ia_prefixmask.sin6_addr)->s_addr;
279 if (a.s_addr != b.s_addr)
280 return 0;
281
282 /* stf interface makes single side match only */
283 return 32;
284 }
285
286 static struct in6_ifaddr *
287 stf_getsrcifa6(struct ifnet *ifp)
288 {
289 struct ifaddr_container *ifac;
290 struct sockaddr_in6 *sin6;
291 struct in_addr in;
292
293 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) {
294 struct ifaddr *ia = ifac->ifa;
295 struct in_ifaddr_container *iac;
296
297 if (ia->ifa_addr == NULL)
298 continue;
299 if (ia->ifa_addr->sa_family != AF_INET6)
300 continue;
301 sin6 = (struct sockaddr_in6 *)ia->ifa_addr;
302 if (!IN6_IS_ADDR_6TO4(&sin6->sin6_addr))
303 continue;
304
305 bcopy(GET_V4(&sin6->sin6_addr), &in, sizeof(in));
306 LIST_FOREACH(iac, INADDR_HASH(in.s_addr), ia_hash) {
307 if (iac->ia->ia_addr.sin_addr.s_addr == in.s_addr)
308 break;
309 }
310 if (iac == NULL)
311 continue;
312
313 return (struct in6_ifaddr *)ia;
314 }
315
316 return NULL;
317 }
318
319 static int
320 stf_output_serialized(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
321 struct rtentry *rt)
322 {
323 struct stf_softc *sc;
324 struct sockaddr_in6 *dst6;
325 struct in_addr *in4;
326 struct sockaddr_in *dst4;
327 u_int8_t tos;
328 struct ip *ip;
329 struct ip6_hdr *ip6;
330 struct in6_ifaddr *ia6;
331 struct route *ro;
332 static const uint32_t af = AF_INET6;
333
334 ASSERT_NETISR_NCPUS(mycpuid);
335
336 sc = (struct stf_softc*)ifp;
337 dst6 = (struct sockaddr_in6 *)dst;
338
339 /* just in case */
340 if ((ifp->if_flags & IFF_UP) == 0) {
341 m_freem(m);
342 return ENETDOWN;
343 }
344
345 /*
346 * If we don't have an ip4 address that match my inner ip6 address,
347 * we shouldn't generate output. Without this check, we'll end up
348 * using wrong IPv4 source.
349 */
350 ia6 = stf_getsrcifa6(ifp);
351 if (ia6 == NULL) {
352 m_freem(m);
353 return ENETDOWN;
354 }
355
356 if (m->m_len < sizeof(*ip6)) {
357 m = m_pullup(m, sizeof(*ip6));
358 if (!m)
359 return ENOBUFS;
360 }
361 ip6 = mtod(m, struct ip6_hdr *);
362 tos = (ntohl(ip6->ip6_flow) >> 20) & 0xff;
363
364 /*
365 * Pickup the right outer dst addr from the list of candidates.
366 * ip6_dst has priority as it may be able to give us shorter IPv4 hops.
367 */
368 if (IN6_IS_ADDR_6TO4(&ip6->ip6_dst))
369 in4 = GET_V4(&ip6->ip6_dst);
370 else if (IN6_IS_ADDR_6TO4(&dst6->sin6_addr))
371 in4 = GET_V4(&dst6->sin6_addr);
372 else {
373 m_freem(m);
374 return ENETUNREACH;
375 }
376
377 if (ifp->if_bpf) {
378 bpf_gettoken();
379 if (ifp->if_bpf)
380 bpf_ptap(ifp->if_bpf, m, &af, sizeof(af));
381 bpf_reltoken();
382 }
383
384 M_PREPEND(m, sizeof(struct ip), M_NOWAIT);
385 if (m && m->m_len < sizeof(struct ip))
386 m = m_pullup(m, sizeof(struct ip));
387 if (m == NULL)
388 return ENOBUFS;
389 ip = mtod(m, struct ip *);
390
391 bzero(ip, sizeof(*ip));
392
393 bcopy(GET_V4(&((struct sockaddr_in6 *)&ia6->ia_addr)->sin6_addr),
394 &ip->ip_src, sizeof(ip->ip_src));
395 bcopy(in4, &ip->ip_dst, sizeof(ip->ip_dst));
396 ip->ip_p = IPPROTO_IPV6;
397 ip->ip_ttl = ip_stf_ttl;
398 ip->ip_len = m->m_pkthdr.len; /*host order*/
399 if (ifp->if_flags & IFF_LINK1)
400 ip_ecn_ingress(ECN_ALLOWED, &ip->ip_tos, &tos);
401 else
402 ip_ecn_ingress(ECN_NOCARE, &ip->ip_tos, &tos);
403
404 ro = &sc->route_pcpu[mycpuid];
405 dst4 = (struct sockaddr_in *)&ro->ro_dst;
406 if (dst4->sin_family != AF_INET ||
407 bcmp(&dst4->sin_addr, &ip->ip_dst, sizeof(ip->ip_dst)) != 0) {
408 /* cache route doesn't match */
409 dst4->sin_family = AF_INET;
410 dst4->sin_len = sizeof(struct sockaddr_in);
411 bcopy(&ip->ip_dst, &dst4->sin_addr, sizeof(dst4->sin_addr));
412 if (ro->ro_rt) {
413 RTFREE(ro->ro_rt);
414 ro->ro_rt = NULL;
415 }
416 }
417 if (ro->ro_rt != NULL && (ro->ro_rt->rt_flags & RTF_UP) == 0) {
418 RTFREE(ro->ro_rt);
419 ro->ro_rt = NULL;
420 }
421
422 if (ro->ro_rt == NULL) {
423 rtalloc(ro);
424 if (ro->ro_rt == NULL) {
425 m_freem(m);
426 return ENETUNREACH;
427 }
428 }
429
430 return ip_output(m, NULL, ro, IP_DEBUGROUTE, NULL, NULL);
431 }
432
433 static int
434 stf_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
435 struct rtentry *rt)
436 {
437 struct ifaltq_subque *ifsq = ifq_get_subq_default(&ifp->if_snd);
438 int error;
439
440 ifsq_serialize_hw(ifsq);
441 error = stf_output_serialized(ifp, m, dst, rt);
442 ifsq_deserialize_hw(ifsq);
443
444 return error;
445 }
446
447 /*
448 * Parameters:
449 * inifp: incoming interface
450 */
451 static int
452 stf_checkaddr4(struct stf_softc *sc, struct in_addr *in, struct ifnet *inifp)
453 {
454 struct in_ifaddr_container *iac;
455
456 /*
457 * reject packets with the following address:
458 * 224.0.0.0/4 0.0.0.0/8 127.0.0.0/8 255.0.0.0/8
459 */
460 if (IN_MULTICAST(ntohl(in->s_addr)))
461 return -1;
462 switch ((ntohl(in->s_addr) & 0xff000000) >> 24) {
463 case 0: case 127: case 255:
464 return -1;
465 }
466
467 /*
468 * reject packets with broadcast
469 */
470 TAILQ_FOREACH(iac, &in_ifaddrheads[mycpuid], ia_link) {
471 struct in_ifaddr *ia4 = iac->ia;
472
473 if ((ia4->ia_ifa.ifa_ifp->if_flags & IFF_BROADCAST) == 0)
474 continue;
475 if (in->s_addr == ia4->ia_broadaddr.sin_addr.s_addr)
476 return -1;
477 }
478
479 /*
480 * perform ingress filter
481 */
482 if (sc && (sc->sc_if.if_flags & IFF_LINK2) == 0 && inifp) {
483 struct sockaddr_in sin;
484 struct rtentry *rt;
485
486 bzero(&sin, sizeof(sin));
487 sin.sin_family = AF_INET;
488 sin.sin_len = sizeof(struct sockaddr_in);
489 sin.sin_addr = *in;
490 rt = rtpurelookup((struct sockaddr *)&sin);
491 if (!rt || rt->rt_ifp != inifp) {
492 #if 0
493 log(LOG_WARNING, "%s: packet from 0x%x dropped "
494 "due to ingress filter\n", if_name(&sc->sc_if),
495 (u_int32_t)ntohl(sin.sin_addr.s_addr));
496 #endif
497 if (rt)
498 rtfree(rt);
499 return -1;
500 }
501 rtfree(rt);
502 }
503
504 return 0;
505 }
506
507 /*
508 * Parameters:
509 * inifp: incoming interface
510 */
511 static int
512 stf_checkaddr6(struct stf_softc *sc, struct in6_addr *in6, struct ifnet *inifp)
513 {
514 /*
515 * check 6to4 addresses
516 */
517 if (IN6_IS_ADDR_6TO4(in6))
518 return stf_checkaddr4(sc, GET_V4(in6), inifp);
519
520 /*
521 * reject anything that look suspicious. the test is implemented
522 * in ip6_input too, but we check here as well to
523 * (1) reject bad packets earlier, and
524 * (2) to be safe against future ip6_input change.
525 */
526 if (IN6_IS_ADDR_V4COMPAT(in6) || IN6_IS_ADDR_V4MAPPED(in6))
527 return -1;
528
529 return 0;
530 }
531
532 int
533 in_stf_input(struct mbuf **mp, int *offp, int proto)
534 {
535 struct mbuf *m;
536 struct stf_softc *sc;
537 struct ip *ip;
538 struct ip6_hdr *ip6;
539 u_int8_t otos, itos;
540 struct ifnet *ifp;
541 int off;
542 static const uint32_t af = AF_INET6;
543
544 m = *mp;
545 off = *offp;
546
547 if (proto != IPPROTO_IPV6) {
548 m_freem(m);
549 return(IPPROTO_DONE);
550 }
551
552 ip = mtod(m, struct ip *);
553
554 sc = (struct stf_softc *)encap_getarg(m);
555
556 if (sc == NULL || (sc->sc_if.if_flags & IFF_UP) == 0) {
557 m_freem(m);
558 return(IPPROTO_DONE);
559 }
560
561 ifp = &sc->sc_if;
562
563 /*
564 * perform sanity check against outer src/dst.
565 * for source, perform ingress filter as well.
566 */
567 if (stf_checkaddr4(sc, &ip->ip_dst, NULL) < 0 ||
568 stf_checkaddr4(sc, &ip->ip_src, m->m_pkthdr.rcvif) < 0) {
569 m_freem(m);
570 return(IPPROTO_DONE);
571 }
572
573 otos = ip->ip_tos;
574 m_adj(m, off);
575
576 if (m->m_len < sizeof(*ip6)) {
577 m = m_pullup(m, sizeof(*ip6));
578 if (!m)
579 return(IPPROTO_DONE);
580 }
581 ip6 = mtod(m, struct ip6_hdr *);
582
583 /*
584 * perform sanity check against inner src/dst.
585 * for source, perform ingress filter as well.
586 */
587 if (stf_checkaddr6(sc, &ip6->ip6_dst, NULL) < 0 ||
588 stf_checkaddr6(sc, &ip6->ip6_src, m->m_pkthdr.rcvif) < 0) {
589 m_freem(m);
590 return(IPPROTO_DONE);
591 }
592
593 itos = (ntohl(ip6->ip6_flow) >> 20) & 0xff;
594 if ((ifp->if_flags & IFF_LINK1) != 0)
595 ip_ecn_egress(ECN_ALLOWED, &otos, &itos);
596 else
597 ip_ecn_egress(ECN_NOCARE, &otos, &itos);
598 ip6->ip6_flow &= ~htonl(0xff << 20);
599 ip6->ip6_flow |= htonl((u_int32_t)itos << 20);
600
601 m->m_pkthdr.rcvif = ifp;
602
603 if (ifp->if_bpf) {
604 bpf_gettoken();
605 if (ifp->if_bpf)
606 bpf_ptap(ifp->if_bpf, m, &af, sizeof(af));
607 bpf_reltoken();
608 }
609
610 /*
611 * Put the packet to the network layer input queue according to the
612 * specified address family.
613 * See net/if_gif.c for possible issues with packet processing
614 * reorder due to extra queueing.
615 */
616 IFNET_STAT_INC(ifp, ipackets, 1);
617 IFNET_STAT_INC(ifp, ibytes, m->m_pkthdr.len);
618 netisr_queue(NETISR_IPV6, m);
619 return(IPPROTO_DONE);
620 }
621
622 /* ARGSUSED */
623 static void
624 stf_rtrequest(int cmd, struct rtentry *rt)
625 {
626
627 if (rt)
628 rt->rt_rmx.rmx_mtu = IPV6_MMTU;
629 }
630
631 static int
632 stf_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
633 {
634 struct ifaddr *ifa;
635 struct ifreq *ifr;
636 struct sockaddr_in6 *sin6;
637 int error;
638
639 error = 0;
640 switch (cmd) {
641 case SIOCSIFADDR:
642 ifa = (struct ifaddr *)data;
643 if (ifa == NULL || ifa->ifa_addr->sa_family != AF_INET6) {
644 error = EAFNOSUPPORT;
645 break;
646 }
647 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
648 if (IN6_IS_ADDR_6TO4(&sin6->sin6_addr)) {
649 ifa->ifa_rtrequest = stf_rtrequest;
650 ifp->if_flags |= IFF_UP;
651 } else
652 error = EINVAL;
653 break;
654
655 case SIOCADDMULTI:
656 case SIOCDELMULTI:
657 ifr = (struct ifreq *)data;
658 if (ifr && ifr->ifr_addr.sa_family == AF_INET6)
659 ;
660 else
661 error = EAFNOSUPPORT;
662 break;
663
664 default:
665 error = EINVAL;
666 break;
667 }
668
669 return error;
670 }
DragonFly BSD