summaryrefslogtreecommitdiffstats
path: root/src/vnet/ip/ip4_input.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/vnet/ip/ip4_input.c')
-rw-r--r--src/vnet/ip/ip4_input.c163
1 files changed, 12 insertions, 151 deletions
diff --git a/src/vnet/ip/ip4_input.c b/src/vnet/ip/ip4_input.c
index 3b08f4b0089..121f40f473d 100644
--- a/src/vnet/ip/ip4_input.c
+++ b/src/vnet/ip/ip4_input.c
@@ -37,7 +37,7 @@
* WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
-#include <vnet/ip/ip.h>
+#include <vnet/ip/ip4_input.h>
#include <vnet/ethernet/ethernet.h>
#include <vnet/ppp/ppp.h>
#include <vnet/hdlc/hdlc.h>
@@ -60,16 +60,6 @@ format_ip4_input_trace (u8 * s, va_list * va)
return s;
}
-typedef enum
-{
- IP4_INPUT_NEXT_DROP,
- IP4_INPUT_NEXT_PUNT,
- IP4_INPUT_NEXT_LOOKUP,
- IP4_INPUT_NEXT_LOOKUP_MULTICAST,
- IP4_INPUT_NEXT_ICMP_ERROR,
- IP4_INPUT_N_NEXT,
-} ip4_input_next_t;
-
/* Validate IP v4 packets and pass them either to forwarding code
or drop/punt exception packets. */
always_inline uword
@@ -109,10 +99,9 @@ ip4_input_inline (vlib_main_t * vm,
{
vlib_buffer_t *p0, *p1;
ip4_header_t *ip0, *ip1;
- u32 sw_if_index0, pi0, ip_len0, cur_len0, next0;
- u32 sw_if_index1, pi1, ip_len1, cur_len1, next1;
- i32 len_diff0, len_diff1;
- u8 error0, error1, arc0, arc1;
+ u32 sw_if_index0, pi0, next0;
+ u32 sw_if_index1, pi1, next1;
+ u8 arc0, arc1;
/* Prefetch next iteration. */
{
@@ -144,8 +133,6 @@ ip4_input_inline (vlib_main_t * vm,
sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
sw_if_index1 = vnet_buffer (p1)->sw_if_index[VLIB_RX];
- error0 = error1 = IP4_ERROR_NONE;
-
if (PREDICT_FALSE (ip4_address_is_multicast (&ip0->dst_address)))
{
arc0 = lm->mcast_feature_arc_index;
@@ -155,8 +142,6 @@ ip4_input_inline (vlib_main_t * vm,
{
arc0 = lm->ucast_feature_arc_index;
next0 = IP4_INPUT_NEXT_LOOKUP;
- if (PREDICT_FALSE (ip0->ttl < 1))
- error0 = IP4_ERROR_TIME_EXPIRED;
}
if (PREDICT_FALSE (ip4_address_is_multicast (&ip1->dst_address)))
@@ -168,8 +153,6 @@ ip4_input_inline (vlib_main_t * vm,
{
arc1 = lm->ucast_feature_arc_index;
next1 = IP4_INPUT_NEXT_LOOKUP;
- if (PREDICT_FALSE (ip1->ttl < 1))
- error1 = IP4_ERROR_TIME_EXPIRED;
}
vnet_buffer (p0)->ip.adj_index[VLIB_RX] = ~0;
@@ -180,82 +163,9 @@ ip4_input_inline (vlib_main_t * vm,
vlib_increment_simple_counter (cm, thread_index, sw_if_index0, 1);
vlib_increment_simple_counter (cm, thread_index, sw_if_index1, 1);
-
- /* Punt packets with options or wrong version. */
- if (PREDICT_FALSE (ip0->ip_version_and_header_length != 0x45))
- error0 = (ip0->ip_version_and_header_length & 0xf) != 5 ?
- IP4_ERROR_OPTIONS : IP4_ERROR_VERSION;
-
- if (PREDICT_FALSE (ip1->ip_version_and_header_length != 0x45))
- error1 = (ip1->ip_version_and_header_length & 0xf) != 5 ?
- IP4_ERROR_OPTIONS : IP4_ERROR_VERSION;
-
- /* Verify header checksum. */
- if (verify_checksum)
- {
- ip_csum_t sum0, sum1;
-
- ip4_partial_header_checksum_x1 (ip0, sum0);
- ip4_partial_header_checksum_x1 (ip1, sum1);
-
- error0 = 0xffff != ip_csum_fold (sum0) ?
- IP4_ERROR_BAD_CHECKSUM : error0;
- error1 = 0xffff != ip_csum_fold (sum1) ?
- IP4_ERROR_BAD_CHECKSUM : error1;
- }
-
- /* Drop fragmentation offset 1 packets. */
- error0 = ip4_get_fragment_offset (ip0) == 1 ?
- IP4_ERROR_FRAGMENT_OFFSET_ONE : error0;
- error1 = ip4_get_fragment_offset (ip1) == 1 ?
- IP4_ERROR_FRAGMENT_OFFSET_ONE : error1;
-
- /* Verify lengths. */
- ip_len0 = clib_net_to_host_u16 (ip0->length);
- ip_len1 = clib_net_to_host_u16 (ip1->length);
-
- /* IP length must be at least minimal IP header. */
- error0 = ip_len0 < sizeof (ip0[0]) ? IP4_ERROR_TOO_SHORT : error0;
- error1 = ip_len1 < sizeof (ip1[0]) ? IP4_ERROR_TOO_SHORT : error1;
-
- cur_len0 = vlib_buffer_length_in_chain (vm, p0);
- cur_len1 = vlib_buffer_length_in_chain (vm, p1);
-
- len_diff0 = cur_len0 - ip_len0;
- len_diff1 = cur_len1 - ip_len1;
-
- error0 = len_diff0 < 0 ? IP4_ERROR_BAD_LENGTH : error0;
- error1 = len_diff1 < 0 ? IP4_ERROR_BAD_LENGTH : error1;
-
- p0->error = error_node->errors[error0];
- p1->error = error_node->errors[error1];
-
- if (PREDICT_FALSE (error0 != IP4_ERROR_NONE))
- {
- if (error0 == IP4_ERROR_TIME_EXPIRED)
- {
- icmp4_error_set_vnet_buffer (p0, ICMP4_time_exceeded,
- ICMP4_time_exceeded_ttl_exceeded_in_transit,
- 0);
- next0 = IP4_INPUT_NEXT_ICMP_ERROR;
- }
- else
- next0 = error0 != IP4_ERROR_OPTIONS ?
- IP4_INPUT_NEXT_DROP : IP4_INPUT_NEXT_PUNT;
- }
- if (PREDICT_FALSE (error1 != IP4_ERROR_NONE))
- {
- if (error1 == IP4_ERROR_TIME_EXPIRED)
- {
- icmp4_error_set_vnet_buffer (p1, ICMP4_time_exceeded,
- ICMP4_time_exceeded_ttl_exceeded_in_transit,
- 0);
- next1 = IP4_INPUT_NEXT_ICMP_ERROR;
- }
- else
- next1 = error1 != IP4_ERROR_OPTIONS ?
- IP4_INPUT_NEXT_DROP : IP4_INPUT_NEXT_PUNT;
- }
+ ip4_input_check_x2 (vm, error_node,
+ p0, p1, ip0, ip1,
+ &next0, &next1, verify_checksum);
vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
to_next, n_left_to_next,
@@ -265,9 +175,8 @@ ip4_input_inline (vlib_main_t * vm,
{
vlib_buffer_t *p0;
ip4_header_t *ip0;
- u32 sw_if_index0, pi0, ip_len0, cur_len0, next0;
- i32 len_diff0;
- u8 error0, arc0;
+ u32 sw_if_index0, pi0, next0;
+ u8 arc0;
pi0 = from[0];
to_next[0] = pi0;
@@ -281,8 +190,6 @@ ip4_input_inline (vlib_main_t * vm,
sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
- error0 = IP4_ERROR_NONE;
-
if (PREDICT_FALSE (ip4_address_is_multicast (&ip0->dst_address)))
{
arc0 = lm->mcast_feature_arc_index;
@@ -292,60 +199,14 @@ ip4_input_inline (vlib_main_t * vm,
{
arc0 = lm->ucast_feature_arc_index;
next0 = IP4_INPUT_NEXT_LOOKUP;
- if (PREDICT_FALSE (ip0->ttl < 1))
- error0 = IP4_ERROR_TIME_EXPIRED;
}
vnet_buffer (p0)->ip.adj_index[VLIB_RX] = ~0;
vnet_feature_arc_start (arc0, sw_if_index0, &next0, p0);
vlib_increment_simple_counter (cm, thread_index, sw_if_index0, 1);
-
- /* Punt packets with options or wrong version. */
- if (PREDICT_FALSE (ip0->ip_version_and_header_length != 0x45))
- error0 = (ip0->ip_version_and_header_length & 0xf) != 5 ?
- IP4_ERROR_OPTIONS : IP4_ERROR_VERSION;
-
- /* Verify header checksum. */
- if (verify_checksum)
- {
- ip_csum_t sum0;
-
- ip4_partial_header_checksum_x1 (ip0, sum0);
- error0 =
- 0xffff !=
- ip_csum_fold (sum0) ? IP4_ERROR_BAD_CHECKSUM : error0;
- }
-
- /* Drop fragmentation offset 1 packets. */
- error0 =
- ip4_get_fragment_offset (ip0) ==
- 1 ? IP4_ERROR_FRAGMENT_OFFSET_ONE : error0;
-
- /* Verify lengths. */
- ip_len0 = clib_net_to_host_u16 (ip0->length);
-
- /* IP length must be at least minimal IP header. */
- error0 = ip_len0 < sizeof (ip0[0]) ? IP4_ERROR_TOO_SHORT : error0;
-
- cur_len0 = vlib_buffer_length_in_chain (vm, p0);
- len_diff0 = cur_len0 - ip_len0;
- error0 = len_diff0 < 0 ? IP4_ERROR_BAD_LENGTH : error0;
-
- p0->error = error_node->errors[error0];
- if (PREDICT_FALSE (error0 != IP4_ERROR_NONE))
- {
- if (error0 == IP4_ERROR_TIME_EXPIRED)
- {
- icmp4_error_set_vnet_buffer (p0, ICMP4_time_exceeded,
- ICMP4_time_exceeded_ttl_exceeded_in_transit,
- 0);
- next0 = IP4_INPUT_NEXT_ICMP_ERROR;
- }
- else
- next0 = error0 != IP4_ERROR_OPTIONS ?
- IP4_INPUT_NEXT_DROP : IP4_INPUT_NEXT_PUNT;
- }
+ ip4_input_check_x1 (vm, error_node, p0, ip0, &next0,
+ verify_checksum);
vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
to_next, n_left_to_next,
@@ -406,7 +267,7 @@ ip4_input_no_checksum (vlib_main_t * vm,
return ip4_input_inline (vm, node, frame, /* verify_checksum */ 0);
}
-static char *ip4_error_strings[] = {
+char *ip4_error_strings[] = {
#define _(sym,string) string,
foreach_ip4_error
#undef _