1 diff -Nurp linux-2.6.22-592/drivers/net/gre.c linux-2.6.22-593/drivers/net/gre.c
2 --- linux-2.6.22-592/drivers/net/gre.c 1969-12-31 19:00:00.000000000 -0500
3 +++ linux-2.6.22-593/drivers/net/gre.c 2008-02-28 13:51:50.000000000 -0500
6 + * Linux NET3: GRE over IP protocol decoder.
8 + * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
10 + * This program is free software; you can redistribute it and/or
11 + * modify it under the terms of the GNU General Public License
12 + * as published by the Free Software Foundation; either version
13 + * 2 of the License, or (at your option) any later version.
17 +#include <linux/capability.h>
18 +#include <linux/module.h>
19 +#include <linux/types.h>
20 +#include <linux/sched.h>
21 +#include <linux/kernel.h>
22 +#include <asm/uaccess.h>
23 +#include <linux/skbuff.h>
24 +#include <linux/netdevice.h>
25 +#include <linux/in.h>
26 +#include <linux/tcp.h>
27 +#include <linux/udp.h>
28 +#include <linux/if_arp.h>
29 +#include <linux/mroute.h>
30 +#include <linux/init.h>
31 +#include <linux/in6.h>
32 +#include <linux/inetdevice.h>
33 +#include <linux/etherdevice.h> /**XXX added XXX */
34 +#include <linux/igmp.h>
35 +#include <linux/netfilter_ipv4.h>
36 +#include <linux/if_ether.h>
38 +#include <net/sock.h>
40 +#include <net/icmp.h>
41 +#include <net/protocol.h>
42 +#include <net/ipip.h>
44 +#include <net/checksum.h>
45 +#include <net/dsfield.h>
46 +#include <net/inet_ecn.h>
47 +#include <net/xfrm.h>
50 +#include <net/ipv6.h>
51 +#include <net/ip6_fib.h>
52 +#include <net/ip6_route.h>
55 +//#define GRE_DEBUG 1
58 + Problems & solutions
59 + --------------------
61 + 1. The most important issue is detecting local dead loops.
62 + They would cause complete host lockup in transmit, which
63 + would be "resolved" by stack overflow or, if queueing is enabled,
64 + with infinite looping in net_bh.
66 + We cannot track such dead loops during route installation,
67 + it is infeasible task. The most general solutions would be
68 + to keep skb->encapsulation counter (sort of local ttl),
69 + and silently drop packet when it expires. It is the best
70 + solution, but it supposes maintaing new variable in ALL
71 + skb, even if no tunneling is used.
73 + Current solution: t->recursion lock breaks dead loops. It looks
74 + like dev->tbusy flag, but I preferred new variable, because
75 + the semantics is different. One day, when hard_start_xmit
76 + will be multithreaded we will have to use skb->encapsulation.
80 + 2. Networking dead loops would not kill routers, but would really
81 + kill network. IP hop limit plays role of "t->recursion" in this case,
82 + if we copy it from packet being encapsulated to upper header.
83 + It is very good solution, but it introduces two problems:
85 + - Routing protocols, using packets with ttl=1 (OSPF, RIP2),
86 + do not work over tunnels.
87 + - traceroute does not work. I planned to relay ICMP from tunnel,
88 + so that this problem would be solved and traceroute output
89 + would even more informative. This idea appeared to be wrong:
90 + only Linux complies to rfc1812 now (yes, guys, Linux is the only
91 + true router now :-)), all routers (at least, in neighbourhood of mine)
92 + return only 8 bytes of payload. It is the end.
94 + Hence, if we want that OSPF worked or traceroute said something reasonable,
95 + we should search for another solution.
97 + One of them is to parse packet trying to detect inner encapsulation
98 + made by our node. It is difficult or even impossible, especially,
99 + taking into account fragmentation. TO be short, tt is not solution at all.
101 + Current solution: The solution was UNEXPECTEDLY SIMPLE.
102 + We force DF flag on tunnels with preconfigured hop limit,
103 + that is ALL. :-) Well, it does not remove the problem completely,
104 + but exponential growth of network traffic is changed to linear
105 + (branches, that exceed pmtu are pruned) and tunnel mtu
106 + fastly degrades to value <68, where looping stops.
107 + Yes, it is not good if there exists a router in the loop,
108 + which does not force DF, even when encapsulating packets have DF set.
109 + But it is not our problem! Nobody could accuse us, we made
110 + all that we could make. Even if it is your gated who injected
111 + fatal route to network, even if it were you who configured
112 + fatal static route: you are innocent. :-)
116 + 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain
117 + practically identical code. It would be good to glue them
118 + together, but it is not very evident, how to make them modular.
119 + sit is integral part of IPv6, ipip and gre are naturally modular.
120 + We could extract common parts (hash table, ioctl etc)
121 + to a separate module (ip_tunnel.c).
126 +static int ipgre_tunnel_init(struct net_device *dev);
127 +static void ipgre_ip_tunnel_setup(struct net_device *dev);
128 +static void ipgre_eth_tunnel_setup(struct net_device *dev);
130 +/* Fallback tunnel: no source, no destination, no key, no options */
132 +static int ipgre_fb_tunnel_init(struct net_device *dev);
134 +static struct net_device *ipgre_fb_tunnel_dev;
136 +/* Tunnel hash table */
146 + We require exact key match i.e. if a key is present in packet
147 + it will match only tunnel with the same key; if it is not present,
148 + it will match only keyless tunnel.
150 + All keysless packets, if not matched configured keyless tunnels
151 + will match fallback tunnel.
154 +#define HASH_SIZE 1024
155 +#define HASH(addr) (ntohl(addr)&1023)
157 +static struct ip_tunnel *tunnels[4][HASH_SIZE];
159 +#define tunnels_r_l (tunnels[3])
160 +#define tunnels_r (tunnels[2])
161 +#define tunnels_l (tunnels[1])
162 +#define tunnels_wc (tunnels[0])
164 +static DEFINE_RWLOCK(ipgre_lock);
166 +/* Given src, dst and key, find appropriate for input tunnel. */
168 +static struct ip_tunnel * ipgre_tunnel_lookup(__be32 remote, __be32 local, __be32 key)
171 + unsigned hash_value = HASH(key);
172 + struct ip_tunnel *t;
174 + t = tunnels_r_l[hash_value];
176 + if (t && (t->parms.i_key == key) && (t->dev->flags&IFF_UP)) {
180 + t = tunnels_r[hash_value];
181 + if (t && (t->parms.i_key == key) && (t->dev->flags&IFF_UP))
184 + t = tunnels_l[hash_value];
185 + if (t && (t->parms.i_key == key) && (t->dev->flags&IFF_UP))
187 + t = tunnels_wc[hash_value];
188 + if (t && (t->parms.i_key == key) && (t->dev->flags&IFF_UP))
190 + if (ipgre_fb_tunnel_dev->flags&IFF_UP)
191 + return netdev_priv(ipgre_fb_tunnel_dev);
195 +static struct ip_tunnel **ipgre_bucket(struct ip_tunnel *t)
197 + __be32 remote = t->parms.iph.daddr;
198 + __be32 local = t->parms.iph.saddr;
199 + __be32 key = t->parms.i_key;
200 + unsigned h = HASH(key);
205 + if (remote && !MULTICAST(remote)) {
207 + //h ^= HASH(remote);
210 + return &tunnels[prio][h];
213 +static void ipgre_tunnel_link(struct ip_tunnel *t)
215 + struct ip_tunnel **tp = ipgre_bucket(t);
218 + write_lock_bh(&ipgre_lock);
220 + write_unlock_bh(&ipgre_lock);
223 +static void ipgre_tunnel_unlink(struct ip_tunnel *t)
225 + struct ip_tunnel **tp;
227 + for (tp = ipgre_bucket(t); *tp; tp = &(*tp)->next) {
229 + write_lock_bh(&ipgre_lock);
231 + write_unlock_bh(&ipgre_lock);
237 +static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int create)
239 + __be32 remote = parms->iph.daddr;
240 + __be32 local = parms->iph.saddr;
241 + __be32 key = parms->i_key;
242 + __be16 proto = parms->proto_type;
243 + struct ip_tunnel *t, **tp, *nt;
244 + struct net_device *dev;
245 + unsigned h = HASH(key);
247 + char name[IFNAMSIZ];
251 + if (remote && !MULTICAST(remote)) {
253 + //h ^= HASH(remote);
255 + for (tp = &tunnels[prio][h]; (t = *tp) != NULL; tp = &t->next) {
256 + if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) {
257 + if (key == t->parms.i_key)
264 + printk(KERN_CRIT "Adding tunnel %s with key %d\n", parms->name, ntohl(key));
266 + if (parms->name[0])
267 + strlcpy(name, parms->name, IFNAMSIZ);
270 + for (i=1; i<100; i++) {
271 + sprintf(name, "gre%d", i);
272 + if (__dev_get_by_name(&init_net, name) == NULL)
279 + /* Tunnel creation: check payload type and call appropriate
284 + dev = alloc_netdev(sizeof(*t), name, ipgre_ip_tunnel_setup);
287 + dev = alloc_netdev(sizeof(*t), name, ipgre_eth_tunnel_setup);
296 + dev->init = ipgre_tunnel_init;
297 + nt = netdev_priv(dev);
298 + nt->parms = *parms;
300 + if (register_netdevice(dev) < 0) {
306 + ipgre_tunnel_link(nt);
313 +static void ipgre_tunnel_uninit(struct net_device *dev)
315 + ipgre_tunnel_unlink(netdev_priv(dev));
320 +static void ipgre_err(struct sk_buff *skb, u32 info)
322 +#ifndef I_WISH_WORLD_WERE_PERFECT
324 +/* It is not :-( All the routers (except for Linux) return only
325 + 8 bytes of packet payload. It means, that precise relaying of
326 + ICMP in the real Internet is absolutely infeasible.
328 + Moreover, Cisco "wise men" put GRE key to the third word
329 + in GRE header. It makes impossible maintaining even soft state for keyed
330 + GRE tunnels with enabled checksum. Tell them "thank you".
332 + Well, I wonder, rfc1812 was written by Cisco employee,
333 + what the hell these idiots break standrads established
337 + struct iphdr *iph = (struct iphdr*)skb->data;
338 + __be16 *p = (__be16*)(skb->data+(iph->ihl<<2));
339 + int grehlen = (iph->ihl<<2) + 4;
340 + int type = icmp_hdr(skb)->type;
341 + int code = icmp_hdr(skb)->code;
342 + struct ip_tunnel *t;
346 + if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) {
347 + if (flags&(GRE_VERSION|GRE_ROUTING))
349 + if (flags&GRE_KEY) {
351 + if (flags&GRE_CSUM)
356 + /* If only 8 bytes returned, keyed message will be dropped here */
357 + if (skb_headlen(skb) < grehlen)
362 + case ICMP_PARAMETERPROB:
365 + case ICMP_DEST_UNREACH:
367 + case ICMP_SR_FAILED:
368 + case ICMP_PORT_UNREACH:
369 + /* Impossible event. */
371 + case ICMP_FRAG_NEEDED:
372 + /* Soft state for pmtu is maintained by IP core. */
375 + /* All others are translated to HOST_UNREACH.
376 + rfc2003 contains "deep thoughts" about NET_UNREACH,
377 + I believe they are just ether pollution. --ANK
382 + case ICMP_TIME_EXCEEDED:
383 + if (code != ICMP_EXC_TTL)
388 + read_lock(&ipgre_lock);
389 + t = ipgre_tunnel_lookup(iph->daddr, iph->saddr, (flags&GRE_KEY) ? *(((__be32*)p) + (grehlen>>2) - 1) : 0);
390 + if (t == NULL || t->parms.iph.daddr == 0 || MULTICAST(t->parms.iph.daddr))
393 + if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
396 + if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO)
400 + t->err_time = jiffies;
402 + read_unlock(&ipgre_lock);
405 + struct iphdr *iph = (struct iphdr*)dp;
406 + struct iphdr *eiph;
407 + __be16 *p = (__be16*)(dp+(iph->ihl<<2));
408 + int type = skb->h.icmph->type;
409 + int code = skb->h.icmph->code;
412 + __be32 rel_info = 0;
415 + int grehlen = (iph->ihl<<2) + 4;
416 + struct sk_buff *skb2;
420 + if (skb->dev->nd_net != &init_net)
423 + if (p[1] != htons(ETH_P_IP))
427 + if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) {
428 + if (flags&(GRE_VERSION|GRE_ROUTING))
430 + if (flags&GRE_CSUM)
437 + if (len < grehlen + sizeof(struct iphdr))
439 + eiph = (struct iphdr*)(dp + grehlen);
444 + case ICMP_PARAMETERPROB:
445 + n = ntohl(skb->h.icmph->un.gateway) >> 24;
446 + if (n < (iph->ihl<<2))
449 + /* So... This guy found something strange INSIDE encapsulated
450 + packet. Well, he is fool, but what can we do ?
452 + rel_type = ICMP_PARAMETERPROB;
454 + rel_info = htonl(n << 24);
457 + case ICMP_DEST_UNREACH:
459 + case ICMP_SR_FAILED:
460 + case ICMP_PORT_UNREACH:
461 + /* Impossible event. */
463 + case ICMP_FRAG_NEEDED:
464 + /* And it is the only really necessary thing :-) */
465 + n = ntohs(skb->h.icmph->un.frag.mtu);
466 + if (n < grehlen+68)
469 + /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */
470 + if (n > ntohs(eiph->tot_len))
472 + rel_info = htonl(n);
475 + /* All others are translated to HOST_UNREACH.
476 + rfc2003 contains "deep thoughts" about NET_UNREACH,
477 + I believe, it is just ether pollution. --ANK
479 + rel_type = ICMP_DEST_UNREACH;
480 + rel_code = ICMP_HOST_UNREACH;
484 + case ICMP_TIME_EXCEEDED:
485 + if (code != ICMP_EXC_TTL)
490 + /* Prepare fake skb to feed it to icmp_send */
491 + skb2 = skb_clone(skb, GFP_ATOMIC);
494 + dst_release(skb2->dst);
496 + skb_pull(skb2, skb->data - (u8*)eiph);
497 + skb_reset_network_header(skb2);
499 + /* Try to guess incoming interface */
500 + memset(&fl, 0, sizeof(fl));
501 + fl.fl_net = &init_net;
502 + fl.fl4_dst = eiph->saddr;
503 + fl.fl4_tos = RT_TOS(eiph->tos);
504 + fl.proto = IPPROTO_GRE;
505 + if (ip_route_output_key(&rt, &fl)) {
509 + skb2->dev = rt->u.dst.dev;
511 + /* route "incoming" packet */
512 + if (rt->rt_flags&RTCF_LOCAL) {
515 + fl.fl4_dst = eiph->daddr;
516 + fl.fl4_src = eiph->saddr;
517 + fl.fl4_tos = eiph->tos;
518 + if (ip_route_output_key(&rt, &fl) ||
519 + rt->u.dst.dev->type != ARPHRD_IPGRE) {
526 + if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) ||
527 + skb2->dst->dev->type != ARPHRD_IPGRE) {
533 + /* change mtu on this route */
534 + if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
535 + if (n > dst_mtu(skb2->dst)) {
539 + skb2->dst->ops->update_pmtu(skb2->dst, n);
540 + } else if (type == ICMP_TIME_EXCEEDED) {
541 + struct ip_tunnel *t = netdev_priv(skb2->dev);
542 + if (t->parms.iph.ttl) {
543 + rel_type = ICMP_DEST_UNREACH;
544 + rel_code = ICMP_HOST_UNREACH;
548 + icmp_send(skb2, rel_type, rel_code, rel_info);
553 +static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb)
555 + if (INET_ECN_is_ce(iph->tos)) {
556 + if (skb->protocol == htons(ETH_P_IP)) {
557 + IP_ECN_set_ce(ip_hdr(skb));
558 + } else if (skb->protocol == htons(ETH_P_IPV6)) {
559 + IP6_ECN_set_ce(ipv6_hdr(skb));
565 +ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb)
568 + if (skb->protocol == htons(ETH_P_IP))
569 + inner = old_iph->tos;
570 + else if (skb->protocol == htons(ETH_P_IPV6))
571 + inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph);
572 + return INET_ECN_encapsulate(tos, inner);
575 +static int ipgre_rcv(struct sk_buff *skb)
583 + struct ip_tunnel *tunnel;
587 + if (skb->dev->nd_net != &init_net) {
591 + if (!pskb_may_pull(skb, 16))
596 + flags = *(__be16*)h;
599 + printk(KERN_DEBUG "gre.c [601] src:%x dst:%x proto:%d %x", iph->saddr, iph->daddr, iph->protocol, skb->data);
601 + proto = ntohs(*(__be16*)(h+2)); /* XXX added XXX */
603 + if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) {
604 + /* - Version must be 0.
605 + - We do not support routing headers.
607 + if (flags&(GRE_VERSION|GRE_ROUTING))
610 + if (flags&GRE_CSUM) {
611 + switch (skb->ip_summed) {
612 + case CHECKSUM_COMPLETE:
613 + csum = csum_fold(skb->csum);
617 + case CHECKSUM_NONE:
619 + csum = __skb_checksum_complete(skb);
620 + skb->ip_summed = CHECKSUM_COMPLETE;
624 + if (flags&GRE_KEY) {
625 + key = *(__be32*)(h + offset);
628 + if (flags&GRE_SEQ) {
629 + seqno = ntohl(*(__be32*)(h + offset));
634 + read_lock(&ipgre_lock);
635 + if ((tunnel = ipgre_tunnel_lookup(iph->saddr, iph->daddr, key)) != NULL) {
636 + secpath_reset(skb);
638 + skb->protocol = *(__be16*)(h + 2);
639 + /* WCCP version 1 and 2 protocol decoding.
640 + * - Change protocol to IP
641 + * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header
644 + skb->protocol == htons(ETH_P_WCCP)) {
645 + skb->protocol = htons(ETH_P_IP);
646 + if ((*(h + offset) & 0xF0) != 0x40)
650 + //skb->mac.raw = skb->nh.raw;
651 + skb_reset_mac_header(skb);
652 + __pskb_pull(skb, offset);
653 + skb_reset_network_header(skb);
654 + skb_postpull_rcsum(skb, skb_transport_header(skb), offset);
655 + if(proto == ETH_P_ETH)
658 + unsigned char* tmp_hdr = skb->data;
659 + printk(KERN_DEBUG "gre.c [658] %x %x %x %x %x %x\tskb %x\n", tmp_hdr[0], tmp_hdr[1], tmp_hdr[2], tmp_hdr[3], tmp_hdr[4], tmp_hdr[5], skb->data);
661 + skb->protocol = eth_type_trans(skb, tunnel->dev);
663 + /* XXX added these lines to make arp work? XXX */
664 + /*skb->mac.raw = skb->data;*/
665 + skb->network_header = skb->network_header + ETH_HLEN;
666 + /* XXX added these lines to make arp work? XXX */
669 + tmp_hdr = skb->data;
670 + printk(KERN_DEBUG "gre.c [669] %x %x %x %x %x %x\tskb %x\n", tmp_hdr[0], tmp_hdr[1], tmp_hdr[2], tmp_hdr[3], tmp_hdr[4], tmp_hdr[5], skb->data);
671 + printk(KERN_ALERT "gre.c [671] received ethernet on gre %x %x\n",skb->protocol, ((skb->nh).iph)->protocol);
673 + memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
676 + skb->pkt_type = PACKET_HOST;
677 +#ifdef CONFIG_NET_IPGRE_BROADCAST
678 + if (MULTICAST(iph->daddr)) {
679 + /* Looped back packet, drop it! */
680 + if (((struct rtable*)skb->dst)->fl.iif == 0)
682 + tunnel->stat.multicast++;
683 + skb->pkt_type = PACKET_BROADCAST;
687 + if (((flags&GRE_CSUM) && csum) ||
688 + (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) {
689 + tunnel->stat.rx_crc_errors++;
690 + tunnel->stat.rx_errors++;
693 + if (tunnel->parms.i_flags&GRE_SEQ) {
694 + if (!(flags&GRE_SEQ) ||
695 + (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) {
696 + tunnel->stat.rx_fifo_errors++;
697 + tunnel->stat.rx_errors++;
700 + tunnel->i_seqno = seqno + 1;
702 + tunnel->stat.rx_packets++;
703 + tunnel->stat.rx_bytes += skb->len;
704 + skb->dev = tunnel->dev;
705 + dst_release(skb->dst);
708 + ipgre_ecn_decapsulate(iph, skb);
710 + read_unlock(&ipgre_lock);
713 + icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
716 + read_unlock(&ipgre_lock);
722 +static int ipgre_ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
724 + struct ip_tunnel *tunnel = netdev_priv(dev);
725 + struct net_device_stats *stats = &tunnel->stat;
726 + struct iphdr *old_iph = ip_hdr(skb);
727 + struct iphdr *tiph;
730 + struct rtable *rt; /* Route to the other host */
731 + struct net_device *tdev; /* Device to other host */
732 + struct iphdr *iph; /* Our new IP header */
733 + int max_headroom; /* The extra header space needed */
738 + if (tunnel->recursion++) {
739 + tunnel->stat.collisions++;
743 + if (dev->hard_header) {
745 + tiph = (struct iphdr*)skb->data;
747 + gre_hlen = tunnel->hlen;
748 + tiph = &tunnel->parms.iph;
751 + if ((dst = tiph->daddr) == 0) {
754 + if (skb->dst == NULL) {
755 + tunnel->stat.tx_fifo_errors++;
759 + if (skb->protocol == htons(ETH_P_IP)) {
760 + rt = (struct rtable*)skb->dst;
761 + if ((dst = rt->rt_gateway) == 0)
762 + goto tx_error_icmp;
765 + else if (skb->protocol == htons(ETH_P_IPV6)) {
766 + struct in6_addr *addr6;
768 + struct neighbour *neigh = skb->dst->neighbour;
773 + addr6 = (struct in6_addr*)&neigh->primary_key;
774 + addr_type = ipv6_addr_type(addr6);
776 + if (addr_type == IPV6_ADDR_ANY) {
777 + addr6 = &ipv6_hdr(skb)->daddr;
778 + addr_type = ipv6_addr_type(addr6);
781 + if ((addr_type & IPV6_ADDR_COMPATv4) == 0)
782 + goto tx_error_icmp;
792 + if (skb->protocol == htons(ETH_P_IP))
793 + tos = old_iph->tos;
798 + struct flowi fl = { .fl_net = &init_net,
799 + .oif = tunnel->parms.link,
802 + .saddr = tiph->saddr,
803 + .tos = RT_TOS(tos) } },
804 + .proto = IPPROTO_GRE };
805 + if (ip_route_output_key(&rt, &fl)) {
806 + tunnel->stat.tx_carrier_errors++;
810 + tdev = rt->u.dst.dev;
815 + tunnel->stat.collisions++;
819 + df = tiph->frag_off;
821 + mtu = dst_mtu(&rt->u.dst) - tunnel->hlen;
823 + mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu;
826 + skb->dst->ops->update_pmtu(skb->dst, mtu);
828 + if (skb->protocol == htons(ETH_P_IP)) {
829 + df |= (old_iph->frag_off&htons(IP_DF));
831 + if ((old_iph->frag_off&htons(IP_DF)) &&
832 + mtu < ntohs(old_iph->tot_len)) {
833 + icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
839 + else if (skb->protocol == htons(ETH_P_IPV6)) {
840 + struct rt6_info *rt6 = (struct rt6_info*)skb->dst;
842 + if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) {
843 + if ((tunnel->parms.iph.daddr && !MULTICAST(tunnel->parms.iph.daddr)) ||
844 + rt6->rt6i_dst.plen == 128) {
845 + rt6->rt6i_flags |= RTF_MODIFIED;
846 + skb->dst->metrics[RTAX_MTU-1] = mtu;
850 + if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) {
851 + icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev);
858 + if (tunnel->err_count > 0) {
859 + if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) {
860 + tunnel->err_count--;
862 + dst_link_failure(skb);
864 + tunnel->err_count = 0;
867 + max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen;
869 + if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) {
870 + struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
873 + stats->tx_dropped++;
874 + dev_kfree_skb(skb);
875 + tunnel->recursion--;
879 + skb_set_owner_w(new_skb, skb->sk);
880 + dev_kfree_skb(skb);
882 + old_iph = ip_hdr(skb);
885 + skb->transport_header = skb->network_header;
886 + skb_push(skb, gre_hlen);
887 + memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
888 + IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
890 + dst_release(skb->dst);
891 + skb->dst = &rt->u.dst;
894 + * Push down and install the IPIP header.
899 + iph->ihl = sizeof(struct iphdr) >> 2;
900 + iph->frag_off = df;
901 + iph->protocol = IPPROTO_GRE;
902 + iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb);
903 + iph->daddr = rt->rt_dst;
904 + iph->saddr = rt->rt_src;
906 + if ((iph->ttl = tiph->ttl) == 0) {
907 + if (skb->protocol == htons(ETH_P_IP))
908 + iph->ttl = old_iph->ttl;
910 + else if (skb->protocol == htons(ETH_P_IPV6))
911 + iph->ttl = ((struct ipv6hdr*)old_iph)->hop_limit;
914 + iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT);
917 + ((__be16*)(iph+1))[0] = tunnel->parms.o_flags;
918 + ((__be16*)(iph+1))[1] = skb->protocol;
920 + if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) {
921 + __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4);
923 + if (tunnel->parms.o_flags&GRE_SEQ) {
925 + *ptr = htonl(tunnel->o_seqno);
928 + if (tunnel->parms.o_flags&GRE_KEY) {
929 + *ptr = tunnel->parms.o_key;
932 + if (tunnel->parms.o_flags&GRE_CSUM) {
934 + *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr));
941 + tunnel->recursion--;
945 + dst_link_failure(skb);
948 + stats->tx_errors++;
949 + dev_kfree_skb(skb);
950 + tunnel->recursion--;
954 +static int ipgre_eth_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
956 + struct ip_tunnel *tunnel = netdev_priv(dev);
957 + struct net_device_stats *stats = &tunnel->stat;
958 + struct iphdr *old_iph = ip_hdr(skb);
959 + struct iphdr *tiph = &tunnel->parms.iph;
962 + struct rtable *rt; /* Route to the other host */
963 + struct net_device *tdev; /* Device to other host */
964 + int gre_hlen = tunnel->hlen; /* XXX changed XXX*/
965 + //struct etheriphdr *ethiph;
966 + struct iphdr *iph; /* Our new IP header */
967 + int max_headroom; /* The extra header space needed */
971 + printk(KERN_ALERT "gre.c:972 Starting xmit\n");
974 + if (tunnel->recursion++) {
975 + stats->collisions++;
979 + /* Need valid non-multicast daddr. */
980 + if (tiph->daddr == 0 || MULTICAST(tiph->daddr))
985 + if (skb->protocol == htons(ETH_P_IP))
986 + tos = old_iph->tos;
990 + printk(KERN_ALERT "gre.c:991 Passed tos assignment.\n");
995 + struct flowi fl = { .fl_net = &init_net,
996 + .oif = tunnel->parms.link,
998 + { .daddr = tiph->daddr,
999 + .saddr = tiph->saddr,
1000 + .tos = RT_TOS(tos) } },
1001 + .proto = IPPROTO_GRE };
1002 + if (ip_route_output_key(&rt, &fl)) {
1003 + stats->tx_carrier_errors++;
1004 + goto tx_error_icmp;
1007 + tdev = rt->u.dst.dev;
1009 + printk(KERN_ALERT "gre.c:1006 Passed the route retrieval\n");
1011 + if (tdev == dev) {
1013 + stats->collisions++;
1017 + printk(KERN_ALERT "gre.c:1018 Passed tdev collision check.\n");
1020 + /* Check MTU stuff if kernel panic */
1021 + df = tiph->frag_off;
1023 + mtu = dst_mtu(&rt->u.dst) - tunnel->hlen;
1025 + mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu;
1028 + skb->dst->ops->update_pmtu(skb->dst, mtu);
1031 + printk(KERN_ALERT "gre.c:1032 Passed the pmtu setting.\n");
1034 + if (skb->protocol == htons(ETH_P_IP)) {
1035 + df |= (old_iph->frag_off&htons(IP_DF));
1037 + if ((old_iph->frag_off & htons(IP_DF)) &&
1038 + mtu < ntohs(old_iph->tot_len)) {
1039 + icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
1045 + else if (skb->protocol == htons(ETH_P_IPV6)) {
1046 + struct rt6_info *rt6 = (struct rt6_info*)skb->dst;
1048 + if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) {
1049 + if (tiph->daddr || rt6->rt6i_dst.plen == 128) {
1050 + rt6->rt6i_flags |= RTF_MODIFIED;
1051 + skb->dst->metrics[RTAX_MTU-1] = mtu;
1055 + /* @@@ Is this correct? */
1056 + if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) {
1057 + icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev);
1064 + printk(KERN_ALERT "gre.c:1065 Passed the fragmentation check.\n");
1067 + if (tunnel->err_count > 0) {
1068 + if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) {
1069 + tunnel->err_count--;
1070 + dst_link_failure(skb);
1072 + tunnel->err_count = 0;
1075 + max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen;
1077 + if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) {
1078 + struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
1081 + stats->tx_dropped++;
1082 + dev_kfree_skb(skb);
1083 + tunnel->recursion--;
1087 + skb_set_owner_w(new_skb, skb->sk);
1088 + dev_kfree_skb(skb);
1090 + old_iph = ip_hdr(skb);
1093 + printk(KERN_ALERT "gre.c:1094 Passed the headroom calculation\n");
1097 +/* XXX skb->h.raw = skb->nh.raw; XXX */
1098 +// skb->h.raw = skb->mac.raw;
1099 + skb->transport_header = skb->mac_header; // Added by valas
1101 + skb_push(skb, gre_hlen);
1102 + memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
1103 + dst_release(skb->dst);
1104 + skb->dst = &rt->u.dst;
1107 + * Push down and install the etherip header.
1110 + iph = ip_hdr(skb);
1112 + iph->ihl = sizeof(struct iphdr) >> 2;
1113 + iph->frag_off = df;
1114 + iph->protocol = IPPROTO_GRE;
1115 + iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb);
1116 + iph->daddr = rt->rt_dst;
1117 + iph->saddr = rt->rt_src;
1119 +/* ethiph->version = htons(ETHERIP_VERSION); */
1121 + printk(KERN_ALERT "gre.c:1121 Passed outer IP header construction.\n");
1124 + if ((iph->ttl = tiph->ttl) == 0) {
1125 + if (skb->protocol == htons(ETH_P_IP))
1126 + iph->ttl = old_iph->ttl;
1128 + else if (skb->protocol == htons(ETH_P_IPV6))
1129 + iph->ttl = ((struct ipv6hdr*)old_iph)->hop_limit;
1132 + iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT);
1135 + printk(KERN_ALERT "gre.c:1006 Passed the TTL check.\n");
1138 + ((__be16*)(iph+1))[0] = tunnel->parms.o_flags;
1139 + ((__be16*)(iph+1))[1] = htons(tunnel->parms.proto_type);
1141 + if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) {
1142 + __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4);
1144 + if (tunnel->parms.o_flags&GRE_SEQ) {
1145 + ++tunnel->o_seqno;
1146 + *ptr = htonl(tunnel->o_seqno);
1149 + if (tunnel->parms.o_flags&GRE_KEY) {
1150 + *ptr = tunnel->parms.o_key;
1153 + if (tunnel->parms.o_flags&GRE_CSUM) {
1155 + *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr));
1159 + printk(KERN_ALERT "gre.c:1006 Passed the tunnel transmit.\n");
1165 + tunnel->recursion--;
1169 + dst_link_failure(skb);
1172 + stats->tx_errors++;
1173 + dev_kfree_skb(skb);
1174 + tunnel->recursion--;
1180 +ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
1183 + struct ip_tunnel_parm p;
1184 + struct ip_tunnel *t;
1186 + printk(KERN_ALERT "1174 GRE: entering gre ioctl. command is: %d\n", cmd);
1189 + case SIOCGETTUNNEL:
1191 + if (dev == ipgre_fb_tunnel_dev) {
1192 + if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
1196 + t = ipgre_tunnel_locate(&p, 0);
1199 + t = netdev_priv(dev);
1200 + memcpy(&p, &t->parms, sizeof(p));
1201 + if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
1205 + case SIOCADDTUNNEL:
1206 + case SIOCCHGTUNNEL:
1208 + if (!capable(CAP_NET_ADMIN))
1212 + if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1216 + if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE ||
1217 + p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) ||
1218 + ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING)))
1221 + p.iph.frag_off |= htons(IP_DF);
1223 + if (!(p.i_flags&GRE_KEY))
1225 + if (!(p.o_flags&GRE_KEY))
1228 + t = ipgre_tunnel_locate(&p, cmd == SIOCADDTUNNEL);
1229 + if (t) printk(KERN_ALERT "1174 GRE: proto %s %d\n", p.name, p.proto_type);
1230 + if (dev != ipgre_fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
1232 + if (t->dev != dev) {
1237 + unsigned nflags=0;
1239 + t = netdev_priv(dev);
1241 + if (MULTICAST(p.iph.daddr))
1242 + nflags = IFF_BROADCAST;
1243 + else if (p.iph.daddr)
1244 + nflags = IFF_POINTOPOINT;
1246 + /* XXX:Set back IFF_BROADCAST if
1247 + * transporting ethernet */
1248 + printk(KERN_ALERT "1193 GRE: proto %s %d\n", p.name, p.proto_type);
1249 + if (p.proto_type == ETH_P_ETH)
1250 + nflags = IFF_BROADCAST;
1252 + if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) {
1256 + ipgre_tunnel_unlink(t);
1257 + t->parms.iph.saddr = p.iph.saddr;
1258 + t->parms.iph.daddr = p.iph.daddr;
1259 + t->parms.i_key = p.i_key;
1260 + t->parms.o_key = p.o_key;
1261 + /* XXX:Copy in the protocol field */
1262 + t->parms.proto_type = p.proto_type;
1263 + if (t->parms.proto_type != ETH_P_ETH)
1265 + memcpy(dev->dev_addr, &p.iph.saddr, 4);
1266 + memcpy(dev->broadcast, &p.iph.daddr, 4);
1268 + ipgre_tunnel_link(t);
1269 + netdev_state_change(dev);
1275 + if (cmd == SIOCCHGTUNNEL) {
1276 + t->parms.iph.ttl = p.iph.ttl;
1277 + t->parms.iph.tos = p.iph.tos;
1278 + t->parms.iph.frag_off = p.iph.frag_off;
1280 + if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
1283 + err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
1286 + case SIOCDELTUNNEL:
1288 + if (!capable(CAP_NET_ADMIN))
1291 + if (dev == ipgre_fb_tunnel_dev) {
1293 + if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1296 + if ((t = ipgre_tunnel_locate(&p, 0)) == NULL)
1299 + if (t == netdev_priv(ipgre_fb_tunnel_dev))
1303 + unregister_netdevice(dev); // added by Valas
1314 +static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev)
1316 + return &(((struct ip_tunnel*)netdev_priv(dev))->stat);
1319 +static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu)
1321 + struct ip_tunnel *tunnel = netdev_priv(dev);
1322 + if (new_mtu < 68 || new_mtu > 0xFFF8 - tunnel->hlen)
1324 + dev->mtu = new_mtu;
1328 +#ifdef CONFIG_NET_IPGRE_BROADCAST
1329 +/* Nice toy. Unfortunately, useless in real life :-)
1330 + It allows to construct virtual multiprotocol broadcast "LAN"
1331 + over the Internet, provided multicast routing is tuned.
1334 + I have no idea was this bicycle invented before me,
1335 + so that I had to set ARPHRD_IPGRE to a random value.
1336 + I have an impression, that Cisco could make something similar,
1337 + but this feature is apparently missing in IOS<=11.2(8).
1339 + I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks
1340 + with broadcast 224.66.66.66. If you have access to mbone, play with me :-)
1342 + ping -t 255 224.66.66.66
1344 + If nobody answers, mbone does not work.
1346 + ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255
1347 + ip addr add 10.66.66.<somewhat>/24 dev Universe
1348 + ifconfig Universe up
1349 + ifconfig Universe add fe80::<Your_real_addr>/10
1350 + ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96
1353 + ftp fec0:6666:6666::193.233.7.65
1358 +static int ipgre_header(struct sk_buff *skb, struct net_device *dev, unsigned short type,
1359 + void *daddr, void *saddr, unsigned len)
1361 + struct ip_tunnel *t = netdev_priv(dev);
1362 + struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen);
1363 + __be16 *p = (__be16*)(iph+1);
1365 + memcpy(iph, &t->parms.iph, sizeof(struct iphdr));
1366 + p[0] = t->parms.o_flags;
1367 + p[1] = htons(type);
1370 + * Set the source hardware address.
1374 + memcpy(&iph->saddr, saddr, 4);
1377 + memcpy(&iph->daddr, daddr, 4);
1380 + if (iph->daddr && !MULTICAST(iph->daddr))
1386 +static int ipgre_open(struct net_device *dev)
1388 + struct ip_tunnel *t = netdev_priv(dev);
1390 + if (MULTICAST(t->parms.iph.daddr)) {
1391 + struct flowi fl = { .fl_net = &init_net,
1392 + .oif = t->parms.link,
1393 + .nl_u = { .ip4_u =
1394 + { .daddr = t->parms.iph.daddr,
1395 + .saddr = t->parms.iph.saddr,
1396 + .tos = RT_TOS(t->parms.iph.tos) } },
1397 + .proto = IPPROTO_GRE };
1398 + struct rtable *rt;
1399 + if (ip_route_output_key(&rt, &fl))
1400 + return -EADDRNOTAVAIL;
1401 + dev = rt->u.dst.dev;
1403 + if (__in_dev_get_rtnl(dev) == NULL)
1404 + return -EADDRNOTAVAIL;
1405 + t->mlink = dev->ifindex;
1406 + ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr);
1411 +static int ipgre_close(struct net_device *dev)
1413 + struct ip_tunnel *t = netdev_priv(dev);
1414 + if (MULTICAST(t->parms.iph.daddr) && t->mlink) {
1415 + struct in_device *in_dev = inetdev_by_index(&init_net, t->mlink);
1417 + ip_mc_dec_group(in_dev, t->parms.iph.daddr);
1418 + in_dev_put(in_dev);
1426 +static void ipgre_ip_tunnel_setup(struct net_device *dev)
1428 + SET_MODULE_OWNER(dev);
1429 + dev->uninit = ipgre_tunnel_uninit;
1430 + dev->destructor = free_netdev;
1431 + dev->hard_start_xmit = ipgre_ip_tunnel_xmit;
1432 + dev->get_stats = ipgre_tunnel_get_stats;
1433 + dev->do_ioctl = ipgre_tunnel_ioctl;
1434 + dev->change_mtu = ipgre_tunnel_change_mtu;
1436 + dev->type = ARPHRD_IPGRE;
1437 + dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4;
1438 + dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4;
1439 + dev->flags = IFF_NOARP;
1441 + dev->addr_len = 4;
1444 +/* Tunnel setup for ipgre_eth */
1445 +static void ipgre_eth_tunnel_setup(struct net_device *dev)
1447 + SET_MODULE_OWNER(dev);
1450 + dev->uninit = ipgre_tunnel_uninit;
1451 + dev->destructor = free_netdev;
1452 + dev->hard_start_xmit = ipgre_eth_tunnel_xmit;
1453 + dev->get_stats = ipgre_tunnel_get_stats;
1454 + dev->do_ioctl = ipgre_tunnel_ioctl;
1455 + dev->change_mtu = ipgre_tunnel_change_mtu;
1457 + dev->hard_header_len = ETH_HLEN + sizeof(struct iphdr) + 4;
1458 + dev->tx_queue_len = 0;
1459 + random_ether_addr(dev->dev_addr);
1462 + unsigned char* d = dev->dev_addr;
1463 + printk(KERN_ALERT "Here is the address we got:%x%x%x%x%x%x\n",d[0],d[1],d[2],d[3],d[4],d[5]);
1470 +static int ipgre_tunnel_init(struct net_device *dev)
1472 + struct net_device *tdev = NULL;
1473 + struct ip_tunnel *tunnel;
1474 + struct iphdr *iph;
1475 + int hlen = LL_MAX_HEADER;
1476 + int mtu = ETH_DATA_LEN;
1477 + int addend = sizeof(struct iphdr) + 4;
1479 + tunnel = netdev_priv(dev);
1480 + iph = &tunnel->parms.iph;
1482 + tunnel->dev = dev;
1483 + strcpy(tunnel->parms.name, dev->name);
1485 + if (tunnel->parms.proto_type != ETH_P_ETH)
1487 + memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
1488 + memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
1491 + /* Guess output device to choose reasonable mtu and hard_header_len */
1494 + struct flowi fl = { .fl_net = &init_net,
1495 + .oif = tunnel->parms.link,
1496 + .nl_u = { .ip4_u =
1497 + { .daddr = iph->daddr,
1498 + .saddr = iph->saddr,
1499 + .tos = RT_TOS(iph->tos) } },
1500 + .proto = IPPROTO_GRE };
1501 + struct rtable *rt;
1502 + if (!ip_route_output_key(&rt, &fl)) {
1503 + tdev = rt->u.dst.dev;
1507 + if (tunnel->parms.proto_type == ETH_P_ETH)
1509 + dev->flags |= IFF_BROADCAST;
1513 + dev->flags |= IFF_POINTOPOINT;
1516 +#ifdef CONFIG_NET_IPGRE_BROADCAST
1517 + if (MULTICAST(iph->daddr)) {
1520 + dev->flags = IFF_BROADCAST;
1521 + dev->hard_header = ipgre_header;
1522 + dev->open = ipgre_open;
1523 + dev->stop = ipgre_close;
1528 + if (!tdev && tunnel->parms.link)
1529 + tdev = __dev_get_by_index(&init_net, tunnel->parms.link);
1532 + hlen = tdev->hard_header_len;
1535 + dev->iflink = tunnel->parms.link;
1537 + /* Precalculate GRE options length */
1538 + if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) {
1539 + if (tunnel->parms.o_flags&GRE_CSUM)
1541 + if (tunnel->parms.o_flags&GRE_KEY)
1543 + if (tunnel->parms.o_flags&GRE_SEQ)
1546 + dev->hard_header_len = hlen + addend;
1547 + dev->mtu = mtu - addend;
1548 + tunnel->hlen = addend;
1552 +static int __init ipgre_fb_tunnel_init(struct net_device *dev)
1554 + struct ip_tunnel *tunnel = netdev_priv(dev);
1555 + struct iphdr *iph = &tunnel->parms.iph;
1557 + tunnel->dev = dev;
1558 + strcpy(tunnel->parms.name, dev->name);
1561 + iph->protocol = IPPROTO_GRE;
1563 + tunnel->hlen = sizeof(struct iphdr) + 4;
1566 + tunnels_wc[0] = tunnel;
1571 +static struct net_protocol ipgre_protocol = {
1572 + .handler = ipgre_rcv,
1573 + .err_handler = ipgre_err,
1578 + * And now the modules code and kernel interface.
1581 +static int __init ipgre_init(void)
1585 + printk(KERN_INFO "GRE over IPv4 tunneling driver\n");
1587 + if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) {
1588 + printk(KERN_INFO "ipgre init: can't add protocol\n");
1592 + ipgre_fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "gre0",
1593 + ipgre_ip_tunnel_setup);
1594 + if (!ipgre_fb_tunnel_dev) {
1599 + ipgre_fb_tunnel_dev->init = ipgre_fb_tunnel_init;
1601 + if ((err = register_netdev(ipgre_fb_tunnel_dev)))
1606 + free_netdev(ipgre_fb_tunnel_dev);
1608 + inet_del_protocol(&ipgre_protocol, IPPROTO_GRE);
1612 +static void __exit ipgre_destroy_tunnels(void)
1616 + for (prio = 0; prio < 4; prio++) {
1618 + for (h = 0; h < HASH_SIZE; h++) {
1619 + struct ip_tunnel *t;
1620 + while ((t = tunnels[prio][h]) != NULL)
1621 + unregister_netdevice(t->dev);
1626 +static void __exit ipgre_fini(void)
1628 + if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0)
1629 + printk(KERN_INFO "ipgre close: can't remove protocol\n");
1632 + ipgre_destroy_tunnels();
1636 +module_init(ipgre_init);
1637 +module_exit(ipgre_fini);
1638 +MODULE_LICENSE("GPL");
1639 diff -Nurp linux-2.6.22-592/drivers/net/Makefile linux-2.6.22-593/drivers/net/Makefile
1640 --- linux-2.6.22-592/drivers/net/Makefile 2008-02-28 13:51:47.000000000 -0500
1641 +++ linux-2.6.22-593/drivers/net/Makefile 2008-02-28 13:51:50.000000000 -0500
1643 # Makefile for the Linux network (ethercard) device drivers.
1647 obj-y +=ztun.o shortbridge.o
1648 obj-$(CONFIG_E1000) += e1000/
1649 obj-$(CONFIG_E1000E) += e1000e/
1650 diff -Nurp linux-2.6.22-592/include/linux/if_ether.h linux-2.6.22-593/include/linux/if_ether.h
1651 --- linux-2.6.22-592/include/linux/if_ether.h 2007-07-08 19:32:17.000000000 -0400
1652 +++ linux-2.6.22-593/include/linux/if_ether.h 2008-02-28 13:51:50.000000000 -0500
1654 #define ETH_P_DIAG 0x6005 /* DEC Diagnostics */
1655 #define ETH_P_CUST 0x6006 /* DEC Customer use */
1656 #define ETH_P_SCA 0x6007 /* DEC Systems Comms Arch */
1657 +#define ETH_P_ETH 0x6558 /* Ethernet in Ethernet */
1658 #define ETH_P_RARP 0x8035 /* Reverse Addr Res packet */
1659 #define ETH_P_ATALK 0x809B /* Appletalk DDP */
1660 #define ETH_P_AARP 0x80F3 /* Appletalk AARP */
1661 diff -Nurp linux-2.6.22-592/include/linux/if_tunnel.h linux-2.6.22-593/include/linux/if_tunnel.h
1662 --- linux-2.6.22-592/include/linux/if_tunnel.h 2007-07-08 19:32:17.000000000 -0400
1663 +++ linux-2.6.22-593/include/linux/if_tunnel.h 2008-02-28 13:51:50.000000000 -0500
1664 @@ -25,6 +25,7 @@ struct ip_tunnel_parm
1668 + __be16 proto_type; /*Added*/
1672 diff -Nurp linux-2.6.22-592/net/ipv4/ip_gre.c linux-2.6.22-593/net/ipv4/ip_gre.c
1673 --- linux-2.6.22-592/net/ipv4/ip_gre.c 2008-02-28 13:51:40.000000000 -0500
1674 +++ linux-2.6.22-593/net/ipv4/ip_gre.c 2008-02-28 14:05:12.000000000 -0500
1676 #include <linux/init.h>
1677 #include <linux/in6.h>
1678 #include <linux/inetdevice.h>
1679 +#include <linux/etherdevice.h> /**XXX added XXX */
1680 #include <linux/igmp.h>
1681 #include <linux/netfilter_ipv4.h>
1682 #include <linux/if_ether.h>
1684 #include <net/ip6_route.h>
1687 +//#define GRE_DEBUG 1
1690 Problems & solutions
1691 --------------------
1695 static int ipgre_tunnel_init(struct net_device *dev);
1696 -static void ipgre_tunnel_setup(struct net_device *dev);
1697 +static void ipgre_ip_tunnel_setup(struct net_device *dev);
1698 +static void ipgre_eth_tunnel_setup(struct net_device *dev);
1700 /* Fallback tunnel: no source, no destination, no key, no options */
1702 @@ -243,6 +247,7 @@ static struct ip_tunnel * ipgre_tunnel_l
1703 __be32 remote = parms->iph.daddr;
1704 __be32 local = parms->iph.saddr;
1705 __be32 key = parms->i_key;
1706 + __be16 proto = parms->proto_type;
1707 struct ip_tunnel *t, **tp, *nt;
1708 struct net_device *dev;
1709 char name[IFNAMSIZ];
1710 @@ -256,6 +261,8 @@ static struct ip_tunnel * ipgre_tunnel_l
1714 + printk(KERN_CRIT "Adding tunnel %s with key %d\n", parms->name, ntohl(key));
1717 strlcpy(name, parms->name, IFNAMSIZ);
1719 @@ -268,8 +275,21 @@ static struct ip_tunnel * ipgre_tunnel_l
1724 + /* Tunnel creation: check payload type and call appropriate
1729 + dev = alloc_netdev(sizeof(*t), name, ipgre_ip_tunnel_setup);
1732 + dev = alloc_netdev(sizeof(*t), name, ipgre_eth_tunnel_setup);
1738 - dev = alloc_netdev(sizeof(*t), name, ipgre_tunnel_setup);
1742 @@ -562,6 +582,7 @@ static int ipgre_rcv(struct sk_buff *skb
1744 struct ip_tunnel *tunnel;
1748 if (skb->dev->nd_net != &init_net) {
1750 @@ -574,6 +595,11 @@ static int ipgre_rcv(struct sk_buff *skb
1752 flags = *(__be16*)h;
1755 + printk(KERN_DEBUG "gre.c [601] src:%x dst:%x proto:%d %x", iph->saddr, iph->daddr, iph->protocol, skb->data);
1757 + proto = ntohs(*(__be16*)(h+2)); /* XXX added XXX */
1759 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) {
1760 /* - Version must be 0.
1761 - We do not support routing headers.
1762 @@ -625,7 +651,28 @@ static int ipgre_rcv(struct sk_buff *skb
1763 __pskb_pull(skb, offset);
1764 skb_reset_network_header(skb);
1765 skb_postpull_rcsum(skb, skb_transport_header(skb), offset);
1766 - skb->pkt_type = PACKET_HOST;
1767 + if(proto == ETH_P_ETH)
1770 + unsigned char* tmp_hdr = skb->data;
1771 + printk(KERN_DEBUG "gre.c [658] %x %x %x %x %x %x\tskb %x\n", tmp_hdr[0], tmp_hdr[1], tmp_hdr[2], tmp_hdr[3], tmp_hdr[4], tmp_hdr[5], skb->data);
1773 + skb->protocol = eth_type_trans(skb, tunnel->dev);
1775 + /* XXX added these lines to make arp work? XXX */
1776 + /*skb->mac.raw = skb->data;*/
1777 + skb->network_header = skb->network_header + ETH_HLEN;
1778 + /* XXX added these lines to make arp work? XXX */
1781 + tmp_hdr = skb->data;
1782 + printk(KERN_DEBUG "gre.c [669] %x %x %x %x %x %x\tskb %x\n", tmp_hdr[0], tmp_hdr[1], tmp_hdr[2], tmp_hdr[3], tmp_hdr[4], tmp_hdr[5], skb->data);
1783 + printk(KERN_ALERT "gre.c [671] received ethernet on gre %x %x\n",skb->protocol, ((skb->nh).iph)->protocol);
1785 + memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
1788 + skb->pkt_type = PACKET_HOST;
1789 #ifdef CONFIG_NET_IPGRE_BROADCAST
1790 if (MULTICAST(iph->daddr)) {
1791 /* Looped back packet, drop it! */
1792 @@ -671,7 +718,7 @@ drop_nolock:
1796 -static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
1797 +static int ipgre_ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
1799 struct ip_tunnel *tunnel = netdev_priv(dev);
1800 struct net_device_stats *stats = &tunnel->stat;
1801 @@ -904,6 +951,231 @@ tx_error:
1805 +static int ipgre_eth_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
1807 + struct ip_tunnel *tunnel = netdev_priv(dev);
1808 + struct net_device_stats *stats = &tunnel->stat;
1809 + struct iphdr *old_iph = ip_hdr(skb);
1810 + struct iphdr *tiph = &tunnel->parms.iph;
1813 + struct rtable *rt; /* Route to the other host */
1814 + struct net_device *tdev; /* Device to other host */
1815 + int gre_hlen = tunnel->hlen; /* XXX changed XXX*/
1816 + //struct etheriphdr *ethiph;
1817 + struct iphdr *iph; /* Our new IP header */
1818 + int max_headroom; /* The extra header space needed */
1822 + printk(KERN_ALERT "gre.c:972 Starting xmit\n");
1825 + if (tunnel->recursion++) {
1826 + stats->collisions++;
1830 + /* Need valid non-multicast daddr. */
1831 + if (tiph->daddr == 0 || MULTICAST(tiph->daddr))
1836 + if (skb->protocol == htons(ETH_P_IP))
1837 + tos = old_iph->tos;
1841 + printk(KERN_ALERT "gre.c:991 Passed tos assignment.\n");
1846 + struct flowi fl = { .fl_net = &init_net,
1847 + .oif = tunnel->parms.link,
1848 + .nl_u = { .ip4_u =
1849 + { .daddr = tiph->daddr,
1850 + .saddr = tiph->saddr,
1851 + .tos = RT_TOS(tos) } },
1852 + .proto = IPPROTO_GRE };
1853 + if (ip_route_output_key(&rt, &fl)) {
1854 + stats->tx_carrier_errors++;
1855 + goto tx_error_icmp;
1858 + tdev = rt->u.dst.dev;
1860 + printk(KERN_ALERT "gre.c:1006 Passed the route retrieval\n");
1862 + if (tdev == dev) {
1864 + stats->collisions++;
1868 + printk(KERN_ALERT "gre.c:1018 Passed tdev collision check.\n");
1871 + /* Check MTU stuff if kernel panic */
1872 + df = tiph->frag_off;
1874 + mtu = dst_mtu(&rt->u.dst) - tunnel->hlen;
1876 + mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu;
1879 + skb->dst->ops->update_pmtu(skb->dst, mtu);
1882 + printk(KERN_ALERT "gre.c:1032 Passed the pmtu setting.\n");
1885 + if (skb->protocol == htons(ETH_P_IP)) {
1886 + df |= (old_iph->frag_off&htons(IP_DF));
1888 + if ((old_iph->frag_off & htons(IP_DF)) &&
1889 + mtu < ntohs(old_iph->tot_len)) {
1890 + icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
1896 + else if (skb->protocol == htons(ETH_P_IPV6)) {
1897 + struct rt6_info *rt6 = (struct rt6_info*)skb->dst;
1899 + if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) {
1900 + if (tiph->daddr || rt6->rt6i_dst.plen == 128) {
1901 + rt6->rt6i_flags |= RTF_MODIFIED;
1902 + skb->dst->metrics[RTAX_MTU-1] = mtu;
1906 + /* @@@ Is this correct? */
1907 + if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) {
1908 + icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev);
1915 + printk(KERN_ALERT "gre.c:1065 Passed the fragmentation check.\n");
1918 + if (tunnel->err_count > 0) {
1919 + if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) {
1920 + tunnel->err_count--;
1921 + dst_link_failure(skb);
1923 + tunnel->err_count = 0;
1926 + max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen;
1928 + if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) {
1929 + struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
1932 + stats->tx_dropped++;
1933 + dev_kfree_skb(skb);
1934 + tunnel->recursion--;
1938 + skb_set_owner_w(new_skb, skb->sk);
1939 + dev_kfree_skb(skb);
1941 + old_iph = ip_hdr(skb);
1944 + printk(KERN_ALERT "gre.c:1094 Passed the headroom calculation\n");
1948 +/* XXX skb->h.raw = skb->nh.raw; XXX */
1949 +// skb->h.raw = skb->mac.raw;
1950 + skb->transport_header = skb->mac_header; // Added by valas
1952 + skb_push(skb, gre_hlen);
1953 + memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
1954 + dst_release(skb->dst);
1955 + skb->dst = &rt->u.dst;
1958 + * Push down and install the etherip header.
1961 + iph = ip_hdr(skb);
1963 + iph->ihl = sizeof(struct iphdr) >> 2;
1964 + iph->frag_off = df;
1965 + iph->protocol = IPPROTO_GRE;
1966 + iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb);
1967 + iph->daddr = rt->rt_dst;
1968 + iph->saddr = rt->rt_src;
1970 +/* ethiph->version = htons(ETHERIP_VERSION); */
1972 + printk(KERN_ALERT "gre.c:1121 Passed outer IP header construction.\n");
1975 + if ((iph->ttl = tiph->ttl) == 0) {
1976 + if (skb->protocol == htons(ETH_P_IP))
1977 + iph->ttl = old_iph->ttl;
1979 + else if (skb->protocol == htons(ETH_P_IPV6))
1980 + iph->ttl = ((struct ipv6hdr*)old_iph)->hop_limit;
1983 + iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT);
1986 + printk(KERN_ALERT "gre.c:1006 Passed the TTL check.\n");
1989 + ((__be16*)(iph+1))[0] = tunnel->parms.o_flags;
1990 + ((__be16*)(iph+1))[1] = htons(tunnel->parms.proto_type);
1992 + if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) {
1993 + __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4);
1995 + if (tunnel->parms.o_flags&GRE_SEQ) {
1996 + ++tunnel->o_seqno;
1997 + *ptr = htonl(tunnel->o_seqno);
2000 + if (tunnel->parms.o_flags&GRE_KEY) {
2001 + *ptr = tunnel->parms.o_key;
2004 + if (tunnel->parms.o_flags&GRE_CSUM) {
2006 + *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr));
2010 + printk(KERN_ALERT "gre.c:1006 Passed the tunnel transmit.\n");
2016 + tunnel->recursion--;
2020 + dst_link_failure(skb);
2023 + stats->tx_errors++;
2024 + dev_kfree_skb(skb);
2025 + tunnel->recursion--;
2031 ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
2033 @@ -911,6 +1183,8 @@ ipgre_tunnel_ioctl (struct net_device *d
2034 struct ip_tunnel_parm p;
2035 struct ip_tunnel *t;
2037 + printk(KERN_ALERT "1174 GRE: entering gre ioctl. command is: %d\n", cmd);
2042 @@ -952,7 +1226,7 @@ ipgre_tunnel_ioctl (struct net_device *d
2045 t = ipgre_tunnel_locate(&p, cmd == SIOCADDTUNNEL);
2047 + if (t) printk(KERN_ALERT "1174 GRE: proto %s %x\n", p.name, p.proto_type);
2048 if (dev != ipgre_fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
2050 if (t->dev != dev) {
2051 @@ -968,6 +1242,12 @@ ipgre_tunnel_ioctl (struct net_device *d
2052 nflags = IFF_BROADCAST;
2053 else if (p.iph.daddr)
2054 nflags = IFF_POINTOPOINT;
2056 + /* XXX:Set back IFF_BROADCAST if
2057 + * transporting ethernet */
2058 + printk(KERN_ALERT "1193 GRE: proto %s %d\n", p.name, p.proto_type);
2059 + if (p.proto_type == ETH_P_ETH)
2060 + nflags = IFF_BROADCAST;
2062 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) {
2064 @@ -978,6 +1258,8 @@ ipgre_tunnel_ioctl (struct net_device *d
2065 t->parms.iph.daddr = p.iph.daddr;
2066 t->parms.i_key = p.i_key;
2067 t->parms.o_key = p.o_key;
2068 + /* XXX:Copy in the protocol field */
2069 + t->parms.proto_type = p.proto_type;
2070 memcpy(dev->dev_addr, &p.iph.saddr, 4);
2071 memcpy(dev->broadcast, &p.iph.daddr, 4);
2072 ipgre_tunnel_link(t);
2073 @@ -1139,12 +1421,12 @@ static int ipgre_close(struct net_device
2077 -static void ipgre_tunnel_setup(struct net_device *dev)
2078 +static void ipgre_ip_tunnel_setup(struct net_device *dev)
2080 SET_MODULE_OWNER(dev);
2081 dev->uninit = ipgre_tunnel_uninit;
2082 dev->destructor = free_netdev;
2083 - dev->hard_start_xmit = ipgre_tunnel_xmit;
2084 + dev->hard_start_xmit = ipgre_ip_tunnel_xmit;
2085 dev->get_stats = ipgre_tunnel_get_stats;
2086 dev->do_ioctl = ipgre_tunnel_ioctl;
2087 dev->change_mtu = ipgre_tunnel_change_mtu;
2088 @@ -1157,6 +1439,36 @@ static void ipgre_tunnel_setup(struct ne
2092 +/* Tunnel setup for ipgre_eth */
2093 +static void ipgre_eth_tunnel_setup(struct net_device *dev)
2095 + SET_MODULE_OWNER(dev);
2098 + dev->uninit = ipgre_tunnel_uninit;
2099 + dev->destructor = free_netdev;
2100 + dev->hard_start_xmit = ipgre_eth_tunnel_xmit;
2101 + dev->get_stats = ipgre_tunnel_get_stats;
2102 + dev->do_ioctl = ipgre_tunnel_ioctl;
2103 + dev->change_mtu = ipgre_tunnel_change_mtu;
2105 + dev->type = ARPHRD_IPGRE;
2106 + dev->hard_header_len = ETH_HLEN + sizeof(struct iphdr) + 4;
2107 + dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4;
2109 + dev->tx_queue_len = 0;
2110 + random_ether_addr(dev->dev_addr);
2113 + unsigned char* d = dev->dev_addr;
2114 + printk(KERN_ALERT "Here is the address we got:%x%x%x%x%x%x\n",d[0],d[1],d[2],d[3],d[4],d[5]);
2118 + dev->addr_len = 4;
2122 static int ipgre_tunnel_init(struct net_device *dev)
2124 struct net_device *tdev = NULL;
2125 @@ -1191,7 +1503,14 @@ static int ipgre_tunnel_init(struct net_
2129 - dev->flags |= IFF_POINTOPOINT;
2130 + if (tunnel->parms.proto_type == ETH_P_ETH)
2132 + dev->flags |= IFF_BROADCAST;
2136 + dev->flags |= IFF_POINTOPOINT;
2139 #ifdef CONFIG_NET_IPGRE_BROADCAST
2140 if (MULTICAST(iph->daddr)) {
2141 @@ -1270,7 +1589,7 @@ static int __init ipgre_init(void)
2144 ipgre_fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "gre0",
2145 - ipgre_tunnel_setup);
2146 + ipgre_ip_tunnel_setup);
2147 if (!ipgre_fb_tunnel_dev) {