ISC DHCP  4.3.6
A reference DHCPv4 and DHCPv6 implementation
nit.c
Go to the documentation of this file.
1 /* nit.c
2 
3  Network Interface Tap (NIT) network interface code, by Ted Lemon
4  with one crucial tidbit of help from Stu Grossmen. */
5 
6 /*
7  * Copyright (c) 2004,2007,2009,2014 by Internet Systems Consortium, Inc. ("ISC")
8  * Copyright (c) 1996-2003 by Internet Software Consortium
9  *
10  * Permission to use, copy, modify, and distribute this software for any
11  * purpose with or without fee is hereby granted, provided that the above
12  * copyright notice and this permission notice appear in all copies.
13  *
14  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
15  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
16  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
17  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
18  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
20  * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21  *
22  * Internet Systems Consortium, Inc.
23  * 950 Charter Street
24  * Redwood City, CA 94063
25  * <info@isc.org>
26  * https://www.isc.org/
27  *
28  */
29 
30 #include "dhcpd.h"
31 #if defined (USE_NIT_SEND) || defined (USE_NIT_RECEIVE)
32 #include <sys/ioctl.h>
33 #include <sys/uio.h>
34 
35 #include <sys/time.h>
36 #include <net/nit.h>
37 #include <net/nit_if.h>
38 #include <net/nit_pf.h>
39 #include <net/nit_buf.h>
40 #include <sys/stropts.h>
41 #include <net/packetfilt.h>
42 
43 #include <netinet/in_systm.h>
44 #include "includes/netinet/ip.h"
45 #include "includes/netinet/udp.h"
47 
48 /* Reinitializes the specified interface after an address change. This
49  is not required for packet-filter APIs. */
50 
51 #ifdef USE_NIT_SEND
52 void if_reinitialize_send (info)
53  struct interface_info *info;
54 {
55 }
56 #endif
57 
58 #ifdef USE_NIT_RECEIVE
59 void if_reinitialize_receive (info)
60  struct interface_info *info;
61 {
62 }
63 #endif
64 
65 /* Called by get_interface_list for each interface that's discovered.
66  Opens a packet filter for each interface and adds it to the select
67  mask. */
68 
69 int if_register_nit (info)
70  struct interface_info *info;
71 {
72  int sock;
73  char filename[50];
74  struct ifreq ifr;
75  struct strioctl sio;
76 
77  /* Open a NIT device */
78  sock = open ("/dev/nit", O_RDWR | O_CLOEXEC);
79  if (sock < 0)
80  log_fatal ("Can't open NIT device for %s: %m", info -> name);
81 
82  /* Set the NIT device to point at this interface. */
83  sio.ic_cmd = NIOCBIND;
84  sio.ic_len = sizeof *(info -> ifp);
85  sio.ic_dp = (char *)(info -> ifp);
86  sio.ic_timout = INFTIM;
87  if (ioctl (sock, I_STR, &sio) < 0)
88  log_fatal ("Can't attach interface %s to nit device: %m",
89  info -> name);
90 
91  /* Get the low-level address... */
92  sio.ic_cmd = SIOCGIFADDR;
93  sio.ic_len = sizeof ifr;
94  sio.ic_dp = (char *)&ifr;
95  sio.ic_timout = INFTIM;
96  if (ioctl (sock, I_STR, &sio) < 0)
97  log_fatal ("Can't get physical layer address for %s: %m",
98  info -> name);
99 
100  /* XXX code below assumes ethernet interface! */
101  info -> hw_address.hlen = 7;
102  info -> hw_address.hbuf [0] = ARPHRD_ETHER;
103  memcpy (&info -> hw_address.hbuf [1],
104  ifr.ifr_ifru.ifru_addr.sa_data, 6);
105 
106  if (ioctl (sock, I_PUSH, "pf") < 0)
107  log_fatal ("Can't push packet filter onto NIT for %s: %m",
108  info -> name);
109 
110  return sock;
111 }
112 #endif /* USE_NIT_SEND || USE_NIT_RECEIVE */
113 
114 #ifdef USE_NIT_SEND
115 void if_register_send (info)
116  struct interface_info *info;
117 {
118  /* If we're using the nit API for sending and receiving,
119  we don't need to register this interface twice. */
120 #ifndef USE_NIT_RECEIVE
121  struct packetfilt pf;
122  struct strioctl sio;
123 
124  info -> wfdesc = if_register_nit (info);
125 
126  pf.Pf_Priority = 0;
127  pf.Pf_FilterLen = 1;
128  pf.Pf_Filter [0] = ENF_PUSHZERO;
129 
130  /* Set up an NIT filter that rejects everything... */
131  sio.ic_cmd = NIOCSETF;
132  sio.ic_len = sizeof pf;
133  sio.ic_dp = (char *)&pf;
134  sio.ic_timout = INFTIM;
135  if (ioctl (info -> wfdesc, I_STR, &sio) < 0)
136  log_fatal ("Can't set NIT filter: %m");
137 #else
138  info -> wfdesc = info -> rfdesc;
139 #endif
141  log_info ("Sending on NIT/%s%s%s",
142  print_hw_addr (info -> hw_address.hbuf [0],
143  info -> hw_address.hlen - 1,
144  &info -> hw_address.hbuf [1]),
145  (info -> shared_network ? "/" : ""),
146  (info -> shared_network ?
147  info -> shared_network -> name : ""));
148 }
149 
150 void if_deregister_send (info)
151  struct interface_info *info;
152 {
153  /* If we're using the nit API for sending and receiving,
154  we don't need to register this interface twice. */
155 #ifndef USE_NIT_RECEIVE
156  close (info -> wfdesc);
157 #endif
158  info -> wfdesc = -1;
160  log_info ("Disabling output on NIT/%s%s%s",
161  print_hw_addr (info -> hw_address.hbuf [0],
162  info -> hw_address.hlen - 1,
163  &info -> hw_address.hbuf [1]),
164  (info -> shared_network ? "/" : ""),
165  (info -> shared_network ?
166  info -> shared_network -> name : ""));
167 }
168 #endif /* USE_NIT_SEND */
169 
170 #ifdef USE_NIT_RECEIVE
171 /* Packet filter program...
172  XXX Changes to the filter program may require changes to the constant
173  offsets used in if_register_send to patch the NIT program! XXX */
174 
175 void if_register_receive (info)
176  struct interface_info *info;
177 {
178  int flag = 1;
179  u_int32_t x;
180  struct packetfilt pf;
181  struct strioctl sio;
182  u_int16_t addr [2];
183  struct timeval t;
184 
185  /* Open a NIT device and hang it on this interface... */
186  info -> rfdesc = if_register_nit (info);
187 
188  /* Set the snap length to 0, which means always take the whole
189  packet. */
190  x = 0;
191  if (ioctl (info -> rfdesc, NIOCSSNAP, &x) < 0)
192  log_fatal ("Can't set NIT snap length on %s: %m", info -> name);
193 
194  /* Set the stream to byte stream mode */
195  if (ioctl (info -> rfdesc, I_SRDOPT, RMSGN) != 0)
196  log_info ("I_SRDOPT failed on %s: %m", info -> name);
197 
198 #if 0
199  /* Push on the chunker... */
200  if (ioctl (info -> rfdesc, I_PUSH, "nbuf") < 0)
201  log_fatal ("Can't push chunker onto NIT STREAM: %m");
202 
203  /* Set the timeout to zero. */
204  t.tv_sec = 0;
205  t.tv_usec = 0;
206  if (ioctl (info -> rfdesc, NIOCSTIME, &t) < 0)
207  log_fatal ("Can't set chunk timeout: %m");
208 #endif
209 
210  /* Ask for no header... */
211  x = 0;
212  if (ioctl (info -> rfdesc, NIOCSFLAGS, &x) < 0)
213  log_fatal ("Can't set NIT flags on %s: %m", info -> name);
214 
215  /* Set up the NIT filter program. */
216  /* XXX Unlike the BPF filter program, this one won't work if the
217  XXX IP packet is fragmented or if there are options on the IP
218  XXX header. */
219  pf.Pf_Priority = 0;
220  pf.Pf_FilterLen = 0;
221 
222  pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHWORD + 6;
223  pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHLIT + ENF_CAND;
224  pf.Pf_Filter [pf.Pf_FilterLen++] = htons (ETHERTYPE_IP);
225  pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHLIT;
226  pf.Pf_Filter [pf.Pf_FilterLen++] = htons (IPPROTO_UDP);
227  pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHWORD + 11;
228  pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHLIT + ENF_AND;
229  pf.Pf_Filter [pf.Pf_FilterLen++] = htons (0xFF);
230  pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_CAND;
231  pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHWORD + 18;
232  pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHLIT + ENF_CAND;
233  pf.Pf_Filter [pf.Pf_FilterLen++] = local_port;
234 
235  /* Install the filter... */
236  sio.ic_cmd = NIOCSETF;
237  sio.ic_len = sizeof pf;
238  sio.ic_dp = (char *)&pf;
239  sio.ic_timout = INFTIM;
240  if (ioctl (info -> rfdesc, I_STR, &sio) < 0)
241  log_fatal ("Can't set NIT filter on %s: %m", info -> name);
242 
244  log_info ("Listening on NIT/%s%s%s",
245  print_hw_addr (info -> hw_address.hbuf [0],
246  info -> hw_address.hlen - 1,
247  &info -> hw_address.hbuf [1]),
248  (info -> shared_network ? "/" : ""),
249  (info -> shared_network ?
250  info -> shared_network -> name : ""));
251 }
252 
253 void if_deregister_receive (info)
254  struct interface_info *info;
255 {
256  /* If we're using the nit API for sending and receiving,
257  we don't need to register this interface twice. */
258  close (info -> rfdesc);
259  info -> rfdesc = -1;
260 
262  log_info ("Disabling input on NIT/%s%s%s",
263  print_hw_addr (info -> hw_address.hbuf [0],
264  info -> hw_address.hlen - 1,
265  &info -> hw_address.hbuf [1]),
266  (info -> shared_network ? "/" : ""),
267  (info -> shared_network ?
268  info -> shared_network -> name : ""));
269 }
270 #endif /* USE_NIT_RECEIVE */
271 
272 #ifdef USE_NIT_SEND
273 ssize_t send_packet (interface, packet, raw, len, from, to, hto)
274  struct interface_info *interface;
275  struct packet *packet;
276  struct dhcp_packet *raw;
277  size_t len;
278  struct in_addr from;
279  struct sockaddr_in *to;
280  struct hardware *hto;
281 {
282  unsigned hbufp, ibufp;
283  double hh [16];
284  double ih [1536 / sizeof (double)];
285  unsigned char *buf = (unsigned char *)ih;
286  struct sockaddr *junk;
287  struct strbuf ctl, data;
288  struct sockaddr_in foo;
289  int result;
290 
291  if (!strcmp (interface -> name, "fallback"))
292  return send_fallback (interface, packet, raw,
293  len, from, to, hto);
294 
295  if (hto == NULL && interface->anycast_mac_addr.hlen)
296  hto = &interface->anycast_mac_addr;
297 
298  /* Start with the sockaddr struct... */
299  junk = (struct sockaddr *)&hh [0];
300  hbufp = (((unsigned char *)&junk -> sa_data [0]) -
301  (unsigned char *)&hh[0]);
302  ibufp = 0;
303 
304  /* Assemble the headers... */
305  assemble_hw_header (interface, (unsigned char *)junk, &hbufp, hto);
306  assemble_udp_ip_header (interface, buf, &ibufp,
307  from.s_addr, to -> sin_addr.s_addr,
308  to -> sin_port, (unsigned char *)raw, len);
309 
310  /* Copy the data into the buffer (yuk). */
311  memcpy (buf + ibufp, raw, len);
312 
313  /* Set up the sockaddr structure... */
314 #if USE_SIN_LEN
315  junk -> sa_len = hbufp - 2; /* XXX */
316 #endif
317  junk -> sa_family = AF_UNSPEC;
318 
319  /* Set up the msg_buf structure... */
320  ctl.buf = (char *)&hh [0];
321  ctl.maxlen = ctl.len = hbufp;
322  data.buf = (char *)&ih [0];
323  data.maxlen = data.len = ibufp + len;
324 
325  result = putmsg (interface -> wfdesc, &ctl, &data, 0);
326  if (result < 0)
327  log_error ("send_packet: %m");
328  return result;
329 }
330 #endif /* USE_NIT_SEND */
331 
332 #ifdef USE_NIT_RECEIVE
333 ssize_t receive_packet (interface, buf, len, from, hfrom)
334  struct interface_info *interface;
335  unsigned char *buf;
336  size_t len;
337  struct sockaddr_in *from;
338  struct hardware *hfrom;
339 {
340  int nread;
341  int length = 0;
342  int offset = 0;
343  unsigned char ibuf [1536];
344  int bufix = 0;
345  unsigned paylen;
346 
347  length = read (interface -> rfdesc, ibuf, sizeof ibuf);
348  if (length <= 0)
349  return length;
350 
351  /* Decode the physical header... */
352  offset = decode_hw_header (interface, ibuf, bufix, hfrom);
353 
354  /* If a physical layer checksum failed (dunno of any
355  physical layer that supports this, but WTH), skip this
356  packet. */
357  if (offset < 0) {
358  return 0;
359  }
360 
361  bufix += offset;
362  length -= offset;
363 
364  /* Decode the IP and UDP headers... */
365  offset = decode_udp_ip_header (interface, ibuf, bufix,
366  from, length, &paylen, 1);
367 
368  /* If the IP or UDP checksum was bad, skip the packet... */
369  if (offset < 0)
370  return 0;
371 
372  bufix += offset;
373  length -= offset;
374 
375  if (length < paylen)
376  log_fatal("Internal inconsistency at %s:%d.", MDL);
377 
378  /* Copy out the data in the packet... */
379  memcpy(buf, &ibuf[bufix], paylen);
380  return paylen;
381 }
382 
384  struct interface_info *ip;
385 {
386  return 1;
387 }
388 
390  struct interface_info *ip;
391 {
392  return 1;
393 }
394 
396  struct interface_info *ip;
397 {
398  return 1;
399 }
400 
401 void maybe_setup_fallback ()
402 {
403  isc_result_t status;
404  struct interface_info *fbi = (struct interface_info *)0;
405  if (setup_fallback (&fbi, MDL)) {
406  if_register_fallback (fbi);
407  status = omapi_register_io_object ((omapi_object_t *)fbi,
408  if_readsocket, 0,
409  fallback_discard, 0, 0);
410  if (status != ISC_R_SUCCESS)
411  log_fatal ("Can't register I/O handle for %s: %s",
412  fbi -> name, isc_result_totext (status));
413  interface_dereference (&fbi, MDL);
414  }
415 }
416 #endif
void if_register_send(struct interface_info *)
isc_result_t omapi_register_io_object(omapi_object_t *, int(*)(omapi_object_t *), int(*)(omapi_object_t *), isc_result_t(*)(omapi_object_t *), isc_result_t(*)(omapi_object_t *), isc_result_t(*)(omapi_object_t *))
Definition: dispatch.c:199
void assemble_udp_ip_header(struct interface_info *, unsigned char *, unsigned *, u_int32_t, u_int32_t, u_int32_t, unsigned char *, unsigned)
#define ETHERTYPE_IP
Definition: if_ether.h:57
u_int8_t hlen
Definition: dhcpd.h:489
int if_readsocket(omapi_object_t *h)
Definition: discover.c:996
char name[IFNAMSIZ]
Definition: dhcpd.h:1376
void if_reinitialize_send(struct interface_info *)
ssize_t decode_udp_ip_header(struct interface_info *, unsigned char *, unsigned, struct sockaddr_in *, unsigned, unsigned *, int)
#define MDL
Definition: omapip.h:568
int can_receive_unicast_unconfigured(struct interface_info *)
int setup_fallback(struct interface_info **fp, const char *file, int line)
Definition: discover.c:1007
int log_error(const char *,...) __attribute__((__format__(__printf__
void if_deregister_receive(struct interface_info *)
void maybe_setup_fallback(void)
void if_deregister_send(struct interface_info *)
void log_fatal(const char *,...) __attribute__((__format__(__printf__
u_int16_t local_port
Definition: dhclient.c:92
Definition: dhcpd.h:405
void assemble_hw_header(struct interface_info *, unsigned char *, unsigned *, struct hardware *)
Definition: ip.h:47
ssize_t send_packet(struct interface_info *, struct packet *, struct dhcp_packet *, size_t, struct in_addr, struct sockaddr_in *, struct hardware *)
struct hardware hw_address
Definition: dhcpd.h:1354
int int log_info(const char *,...) __attribute__((__format__(__printf__
int quiet_interface_discovery
Definition: discover.c:44
void if_register_fallback(struct interface_info *)
ssize_t send_fallback(struct interface_info *, struct packet *, struct dhcp_packet *, size_t, struct in_addr, struct sockaddr_in *, struct hardware *)
int supports_multiple_interfaces(struct interface_info *)
u_int8_t hbuf[HARDWARE_ADDR_LEN+1]
Definition: dhcpd.h:490
struct hardware anycast_mac_addr
Definition: dhcpd.h:1405
ssize_t receive_packet(struct interface_info *, unsigned char *, size_t, struct sockaddr_in *, struct hardware *)
ssize_t decode_hw_header(struct interface_info *, unsigned char *, unsigned, struct hardware *)
void if_reinitialize_receive(struct interface_info *)
int can_unicast_without_arp(struct interface_info *)
void if_register_receive(struct interface_info *)
isc_result_t fallback_discard(omapi_object_t *)