Module Name: src
Committed By: tonnerre
Date: Sat Jul 25 23:12:09 UTC 2009
Modified Files:
src/sys/netinet6: nd6.c nd6_rtr.c
Log Message:
Instead of using the net.inet6.ip6.accept_rtadv sysctl for all devices,
make net.inet6.ip6.accept_rtadv the default for individual per-device
settings so people can use the ndp(8) utility to set per-device whether
or not to accept route advertisements.
rtadvd changes to follow.
(Debated on tech-net@ before but almost two weeks passed by without any
comment on the patch.)
To generate a diff of this commit:
cvs rdiff -u -r1.131 -r1.132 src/sys/netinet6/nd6.c
cvs rdiff -u -r1.78 -r1.79 src/sys/netinet6/nd6_rtr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.131 src/sys/netinet6/nd6.c:1.132
--- src/sys/netinet6/nd6.c:1.131 Fri Nov 7 00:20:18 2008
+++ src/sys/netinet6/nd6.c Sat Jul 25 23:12:09 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: nd6.c,v 1.131 2008/11/07 00:20:18 dyoung Exp $ */
+/* $NetBSD: nd6.c,v 1.132 2009/07/25 23:12:09 tonnerre Exp $ */
/* $KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.131 2008/11/07 00:20:18 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.132 2009/07/25 23:12:09 tonnerre Exp $");
#include "opt_ipsec.h"
@@ -176,7 +176,8 @@
* we won't accept RAs by default even if we set ND6_IFF_ACCEPT_RTADV
* here.
*/
- nd->flags = (ND6_IFF_PERFORMNUD | ND6_IFF_ACCEPT_RTADV);
+ nd->flags = (ND6_IFF_PERFORMNUD |
+ ip6_accept_rtadv ? ND6_IFF_ACCEPT_RTADV : 0);
/* XXX: we cannot call nd6_setmtu since ifp is not fully initialized */
nd6_setmtu0(ifp, nd);
@@ -710,6 +711,7 @@
void
nd6_purge(struct ifnet *ifp)
{
+ struct nd_ifinfo *ndi = ND_IFINFO(ifp);
struct llinfo_nd6 *ln, *nln;
struct nd_defrouter *dr, *ndr;
struct nd_prefix *pr, *npr;
@@ -764,7 +766,8 @@
if (nd6_defifindex == ifp->if_index)
nd6_setdefaultiface(0);
- if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */
+ /* XXX: too restrictive? */
+ if (!ip6_forwarding && (ndi->flags & ND6_IFF_ACCEPT_RTADV)) {
/* refresh default router list */
defrouter_select();
}
@@ -1672,6 +1675,7 @@
int code /* type dependent information */
)
{
+ struct nd_ifinfo *ndi = ND_IFINFO(ifp);
struct rtentry *rt = NULL;
struct llinfo_nd6 *ln = NULL;
int is_newentry;
@@ -1880,7 +1884,8 @@
* for those are not autoconfigured hosts, we explicitly avoid such
* cases for safety.
*/
- if (do_update && ln->ln_router && !ip6_forwarding && ip6_accept_rtadv)
+ if (do_update && ln->ln_router && !ip6_forwarding &&
+ (ndi->flags & ND6_IFF_ACCEPT_RTADV))
defrouter_select();
return rt;
Index: src/sys/netinet6/nd6_rtr.c
diff -u src/sys/netinet6/nd6_rtr.c:1.78 src/sys/netinet6/nd6_rtr.c:1.79
--- src/sys/netinet6/nd6_rtr.c:1.78 Wed Mar 18 16:00:23 2009
+++ src/sys/netinet6/nd6_rtr.c Sat Jul 25 23:12:09 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: nd6_rtr.c,v 1.78 2009/03/18 16:00:23 cegger Exp $ */
+/* $NetBSD: nd6_rtr.c,v 1.79 2009/07/25 23:12:09 tonnerre Exp $ */
/* $KAME: nd6_rtr.c,v 1.95 2001/02/07 08:09:47 itojun Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: nd6_rtr.c,v 1.78 2009/03/18 16:00:23 cegger Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6_rtr.c,v 1.79 2009/07/25 23:12:09 tonnerre Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -113,6 +113,7 @@
nd6_rs_input(struct mbuf *m, int off, int icmp6len)
{
struct ifnet *ifp = m->m_pkthdr.rcvif;
+ struct nd_ifinfo *ndi = ND_IFINFO(ifp);
struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
struct nd_router_solicit *nd_rs;
struct in6_addr saddr6 = ip6->ip6_src;
@@ -121,7 +122,7 @@
union nd_opts ndopts;
/* If I'm not a router, ignore it. */
- if (ip6_accept_rtadv != 0 || !ip6_forwarding)
+ if ((ndi->flags & ND6_IFF_ACCEPT_RTADV) || !ip6_forwarding)
goto freeit;
/* Sanity checks */
@@ -209,8 +210,6 @@
* the system-wide variable allows the acceptance, and
* per-interface variable allows RAs on the receiving interface.
*/
- if (ip6_accept_rtadv == 0)
- goto freeit;
if (!(ndi->flags & ND6_IFF_ACCEPT_RTADV))
goto freeit;
@@ -482,6 +481,7 @@
void
defrtrlist_del(struct nd_defrouter *dr)
{
+ struct nd_ifinfo *ndi = ND_IFINFO(dr->ifp);
struct nd_defrouter *deldr = NULL;
struct nd_prefix *pr;
@@ -489,7 +489,8 @@
* Flush all the routing table entries that use the router
* as a next hop.
*/
- if (!ip6_forwarding && ip6_accept_rtadv) /* XXX: better condition? */
+ /* XXX: better condition? */
+ if (!ip6_forwarding && (ndi->flags & ND6_IFF_ACCEPT_RTADV))
rt6_flush(&dr->rtaddr, dr->ifp);
if (dr->installed) {
@@ -608,6 +609,7 @@
void
defrouter_select(void)
{
+ struct nd_ifinfo *ndi;
int s = splsoftnet();
struct nd_defrouter *dr, *selected_dr = NULL, *installed_dr = NULL;
struct rtentry *rt = NULL;
@@ -619,7 +621,7 @@
* if the node is not an autoconfigured host, we explicitly exclude
* such cases here for safety.
*/
- if (ip6_forwarding || !ip6_accept_rtadv) {
+ if (ip6_forwarding) {
nd6log((LOG_WARNING,
"defrouter_select: called unexpectedly (forwarding=%d, "
"accept_rtadv=%d)\n", ip6_forwarding, ip6_accept_rtadv));
@@ -643,6 +645,10 @@
*/
for (dr = TAILQ_FIRST(&nd_defrouter); dr;
dr = TAILQ_NEXT(dr, dr_entry)) {
+ ndi = ND_IFINFO(dr->ifp);
+ if ((ndi->flags & ND6_IFF_ACCEPT_RTADV))
+ continue;
+
if (selected_dr == NULL &&
(rt = nd6_lookup(&dr->rtaddr, 0, dr->ifp)) != NULL &&
(ln = (struct llinfo_nd6 *)rt->rt_llinfo) != NULL &&
