1 /* linux/net/ipv4/arp.c
3 * Copyright (C) 1994 by Florian La Roche
5 * This module implements the Address Resolution Protocol ARP (RFC 826),
6 * which is used to convert IP addresses (or in the future maybe other
7 * high-level addresses) into a low-level hardware address (like an Ethernet
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
16 * Alan Cox : Removed the Ethernet assumptions in
18 * Alan Cox : Fixed some small errors in the ARP
20 * Alan Cox : Allow >4K in /proc
21 * Alan Cox : Make ARP add its own protocol entry
22 * Ross Martin : Rewrote arp_rcv() and arp_get_info()
23 * Stephen Henson : Add AX25 support to arp_get_info()
24 * Alan Cox : Drop data when a device is downed.
25 * Alan Cox : Use init_timer().
26 * Alan Cox : Double lock fixes.
27 * Martin Seine : Move the arphdr structure
28 * to if_arp.h for compatibility.
29 * with BSD based programs.
30 * Andrew Tridgell : Added ARP netmask code and
31 * re-arranged proxy handling.
32 * Alan Cox : Changed to use notifiers.
33 * Niibe Yutaka : Reply for this device or proxies only.
34 * Alan Cox : Don't proxy across hardware types!
35 * Jonathan Naylor : Added support for NET/ROM.
36 * Mike Shaver : RFC1122 checks.
37 * Jonathan Naylor : Only lookup the hardware address for
38 * the correct hardware type.
39 * Germano Caronni : Assorted subtle races.
40 * Craig Schlenter : Don't modify permanent entry
42 * Russ Nelson : Tidied up a few bits.
43 * Alexey Kuznetsov: Major changes to caching and behaviour,
44 * eg intelligent arp probing and
46 * of host down events.
47 * Alan Cox : Missing unlock in device events.
48 * Eckes : ARP ioctl control errors.
49 * Alexey Kuznetsov: Arp free fix.
50 * Manuel Rodriguez: Gratuitous ARP.
51 * Jonathan Layes : Added arpd support through kerneld
52 * message queue (960314)
53 * Mike Shaver : /proc/sys/net/ipv4/arp_* support
54 * Mike McLagan : Routing by source
55 * Stuart Cheshire : Metricom and grat arp fixes
56 * *** FOR 2.1 clean this up ***
57 * Lawrence V. Stefani: (08/12/96) Added FDDI support.
58 * Alan Cox : Took the AP1000 nasty FDDI hack and
59 * folded into the mainstream FDDI code.
60 * Ack spit, Linus how did you allow that
62 * Jes Sorensen : Make FDDI work again in 2.1.x and
63 * clean up the APFDDI & gen. FDDI bits.
64 * Alexey Kuznetsov: new arp state machine;
65 * now it is in net/core/neighbour.c.
66 * Krzysztof Halasa: Added Frame Relay ARP support.
67 * Arnaldo C. Melo : convert /proc/net/arp to seq_file
68 * Shmulik Hen: Split arp_send to arp_create and
69 * arp_xmit so intermediate drivers like
70 * bonding can change the skb before
71 * sending (e.g. insert 8021q tag).
72 * Harald Welte : convert to make use of jenkins hash
73 * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support.
76 #include <linux/module.h>
77 #include <linux/types.h>
78 #include <linux/string.h>
79 #include <linux/kernel.h>
80 #include <linux/capability.h>
81 #include <linux/socket.h>
82 #include <linux/sockios.h>
83 #include <linux/errno.h>
86 #include <linux/inet.h>
87 #include <linux/inetdevice.h>
88 #include <linux/netdevice.h>
89 #include <linux/etherdevice.h>
90 #include <linux/fddidevice.h>
91 #include <linux/if_arp.h>
92 #include <linux/trdevice.h>
93 #include <linux/skbuff.h>
94 #include <linux/proc_fs.h>
95 #include <linux/seq_file.h>
96 #include <linux/stat.h>
97 #include <linux/init.h>
98 #include <linux/net.h>
99 #include <linux/rcupdate.h>
100 #include <linux/jhash.h>
101 #include <linux/slab.h>
103 #include <linux/sysctl.h>
106 #include <net/net_namespace.h>
108 #include <net/icmp.h>
109 #include <net/route.h>
110 #include <net/protocol.h>
112 #include <net/sock.h>
114 #include <net/ax25.h>
115 #include <net/netrom.h>
116 #if defined(CONFIG_ATM_CLIP) || defined(CONFIG_ATM_CLIP_MODULE)
117 #include <net/atmclip.h>
118 struct neigh_table *clip_tbl_hook;
119 EXPORT_SYMBOL(clip_tbl_hook);
122 #include <asm/system.h>
123 #include <linux/uaccess.h>
125 #include <linux/netfilter_arp.h>
128 * Interface to generic neighbour cache.
130 static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 rnd);
131 static int arp_constructor(struct neighbour *neigh);
132 static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb);
133 static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb);
134 static void parp_redo(struct sk_buff *skb);
136 static const struct neigh_ops arp_generic_ops = {
138 .solicit = arp_solicit,
139 .error_report = arp_error_report,
140 .output = neigh_resolve_output,
141 .connected_output = neigh_connected_output,
142 .hh_output = dev_queue_xmit,
143 .queue_xmit = dev_queue_xmit,
146 static const struct neigh_ops arp_hh_ops = {
148 .solicit = arp_solicit,
149 .error_report = arp_error_report,
150 .output = neigh_resolve_output,
151 .connected_output = neigh_resolve_output,
152 .hh_output = dev_queue_xmit,
153 .queue_xmit = dev_queue_xmit,
156 static const struct neigh_ops arp_direct_ops = {
158 .output = dev_queue_xmit,
159 .connected_output = dev_queue_xmit,
160 .hh_output = dev_queue_xmit,
161 .queue_xmit = dev_queue_xmit,
164 static const struct neigh_ops arp_broken_ops = {
166 .solicit = arp_solicit,
167 .error_report = arp_error_report,
168 .output = neigh_compat_output,
169 .connected_output = neigh_compat_output,
170 .hh_output = dev_queue_xmit,
171 .queue_xmit = dev_queue_xmit,
174 struct neigh_table arp_tbl = {
176 .entry_size = sizeof(struct neighbour) + 4,
179 .constructor = arp_constructor,
180 .proxy_redo = parp_redo,
184 .base_reachable_time = 30 * HZ,
185 .retrans_time = 1 * HZ,
186 .gc_staletime = 60 * HZ,
187 .reachable_time = 30 * HZ,
188 .delay_probe_time = 5 * HZ,
192 .anycast_delay = 1 * HZ,
193 .proxy_delay = (8 * HZ) / 10,
197 .gc_interval = 30 * HZ,
202 EXPORT_SYMBOL(arp_tbl);
204 int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
210 ip_eth_mc_map(addr, haddr);
212 case ARPHRD_IEEE802_TR:
213 ip_tr_mc_map(addr, haddr);
215 case ARPHRD_INFINIBAND:
216 ip_ib_mc_map(addr, dev->broadcast, haddr);
219 ip_ipgre_mc_map(addr, dev->broadcast, haddr);
223 memcpy(haddr, dev->broadcast, dev->addr_len);
231 static u32 arp_hash(const void *pkey,
232 const struct net_device *dev,
235 return jhash_2words(*(u32 *)pkey, dev->ifindex, hash_rnd);
238 static int arp_constructor(struct neighbour *neigh)
240 __be32 addr = *(__be32 *)neigh->primary_key;
241 struct net_device *dev = neigh->dev;
242 struct in_device *in_dev;
243 struct neigh_parms *parms;
246 in_dev = __in_dev_get_rcu(dev);
247 if (in_dev == NULL) {
252 neigh->type = inet_addr_type(dev_net(dev), addr);
254 parms = in_dev->arp_parms;
255 __neigh_parms_put(neigh->parms);
256 neigh->parms = neigh_parms_clone(parms);
259 if (!dev->header_ops) {
260 neigh->nud_state = NUD_NOARP;
261 neigh->ops = &arp_direct_ops;
262 neigh->output = neigh->ops->queue_xmit;
264 /* Good devices (checked by reading texts, but only Ethernet is
267 ARPHRD_ETHER: (ethernet, apfddi)
270 ARPHRD_METRICOM: (strip)
274 ARPHRD_IPDDP will also work, if author repairs it.
275 I did not it, because this driver does not work even
280 /* So... these "amateur" devices are hopeless.
281 The only thing, that I can say now:
282 It is very sad that we need to keep ugly obsolete
283 code to make them happy.
285 They should be moved to more reasonable state, now
286 they use rebuild_header INSTEAD OF hard_start_xmit!!!
287 Besides that, they are sort of out of date
288 (a lot of redundant clones/copies, useless in 2.1),
289 I wonder why people believe that they work.
295 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
297 #if defined(CONFIG_NETROM) || defined(CONFIG_NETROM_MODULE)
300 neigh->ops = &arp_broken_ops;
301 neigh->output = neigh->ops->output;
308 if (neigh->type == RTN_MULTICAST) {
309 neigh->nud_state = NUD_NOARP;
310 arp_mc_map(addr, neigh->ha, dev, 1);
311 } else if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) {
312 neigh->nud_state = NUD_NOARP;
313 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
314 } else if (neigh->type == RTN_BROADCAST ||
315 (dev->flags & IFF_POINTOPOINT)) {
316 neigh->nud_state = NUD_NOARP;
317 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
320 if (dev->header_ops->cache)
321 neigh->ops = &arp_hh_ops;
323 neigh->ops = &arp_generic_ops;
325 if (neigh->nud_state & NUD_VALID)
326 neigh->output = neigh->ops->connected_output;
328 neigh->output = neigh->ops->output;
333 static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb)
335 dst_link_failure(skb);
339 static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
343 struct net_device *dev = neigh->dev;
344 __be32 target = *(__be32 *)neigh->primary_key;
345 int probes = atomic_read(&neigh->probes);
346 struct in_device *in_dev;
349 in_dev = __in_dev_get_rcu(dev);
354 switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
356 case 0: /* By default announce any local IP */
357 if (skb && inet_addr_type(dev_net(dev),
358 ip_hdr(skb)->saddr) == RTN_LOCAL)
359 saddr = ip_hdr(skb)->saddr;
361 case 1: /* Restrict announcements of saddr in same subnet */
364 saddr = ip_hdr(skb)->saddr;
365 if (inet_addr_type(dev_net(dev), saddr) == RTN_LOCAL) {
366 /* saddr should be known to target */
367 if (inet_addr_onlink(in_dev, target, saddr))
372 case 2: /* Avoid secondary IPs, get a primary/preferred one */
378 saddr = inet_select_addr(dev, target, RT_SCOPE_LINK);
380 probes -= neigh->parms->ucast_probes;
382 if (!(neigh->nud_state & NUD_VALID))
384 "trying to ucast probe in NUD_INVALID\n");
386 read_lock_bh(&neigh->lock);
388 probes -= neigh->parms->app_probes;
397 arp_send(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
398 dst_ha, dev->dev_addr, NULL);
400 read_unlock_bh(&neigh->lock);
403 static int arp_ignore(struct in_device *in_dev, __be32 sip, __be32 tip)
407 switch (IN_DEV_ARP_IGNORE(in_dev)) {
408 case 0: /* Reply, the tip is already validated */
410 case 1: /* Reply only if tip is configured on the incoming interface */
412 scope = RT_SCOPE_HOST;
415 * Reply only if tip is configured on the incoming interface
416 * and is in same subnet as sip
418 scope = RT_SCOPE_HOST;
420 case 3: /* Do not reply for scope host addresses */
422 scope = RT_SCOPE_LINK;
424 case 4: /* Reserved */
429 case 8: /* Do not reply */
434 return !inet_confirm_addr(in_dev, sip, tip, scope);
437 static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
441 /*unsigned long now; */
442 struct net *net = dev_net(dev);
444 rt = ip_route_output(net, sip, tip, 0, 0);
447 if (rt->dst.dev != dev) {
448 NET_INC_STATS_BH(net, LINUX_MIB_ARPFILTER);
455 /* OBSOLETE FUNCTIONS */
458 * Find an arp mapping in the cache. If not found, post a request.
460 * It is very UGLY routine: it DOES NOT use skb->dst->neighbour,
461 * even if it exists. It is supposed that skb->dev was mangled
462 * by a virtual device (eql, shaper). Nobody but broken devices
463 * is allowed to use this function, it is scheduled to be removed. --ANK
466 static int arp_set_predefined(int addr_hint, unsigned char *haddr,
467 __be32 paddr, struct net_device *dev)
471 printk(KERN_DEBUG "ARP: arp called for own IP address\n");
472 memcpy(haddr, dev->dev_addr, dev->addr_len);
475 arp_mc_map(paddr, haddr, dev, 1);
478 memcpy(haddr, dev->broadcast, dev->addr_len);
485 int arp_find(unsigned char *haddr, struct sk_buff *skb)
487 struct net_device *dev = skb->dev;
492 printk(KERN_DEBUG "arp_find is called with dst==NULL\n");
497 paddr = skb_rtable(skb)->rt_gateway;
499 if (arp_set_predefined(inet_addr_type(dev_net(dev), paddr), haddr,
503 n = __neigh_lookup(&arp_tbl, &paddr, dev, 1);
507 if (n->nud_state & NUD_VALID || neigh_event_send(n, skb) == 0) {
508 neigh_ha_snapshot(haddr, n, dev);
517 EXPORT_SYMBOL(arp_find);
519 /* END OF OBSOLETE FUNCTIONS */
521 struct neighbour *__arp_bind_neighbour(struct dst_entry *dst, __be32 nexthop)
523 struct net_device *dev = dst->dev;
525 if (dev->flags & (IFF_LOOPBACK | IFF_POINTOPOINT))
527 return __neigh_lookup_errno(
528 #if defined(CONFIG_ATM_CLIP) || defined(CONFIG_ATM_CLIP_MODULE)
529 dev->type == ARPHRD_ATM ?
532 &arp_tbl, &nexthop, dev);
535 int arp_bind_neighbour(struct dst_entry *dst)
537 struct net_device *dev = dst->dev;
538 struct neighbour *n = dst_get_neighbour(dst);
543 n = __arp_bind_neighbour(dst, ((struct rtable *)dst)->rt_gateway);
546 dst_set_neighbour(dst, n);
552 * Check if we can use proxy ARP for this path
554 static inline int arp_fwd_proxy(struct in_device *in_dev,
555 struct net_device *dev, struct rtable *rt)
557 struct in_device *out_dev;
560 if (rt->dst.dev == dev)
563 if (!IN_DEV_PROXY_ARP(in_dev))
565 imi = IN_DEV_MEDIUM_ID(in_dev);
571 /* place to check for proxy_arp for routes */
573 out_dev = __in_dev_get_rcu(rt->dst.dev);
575 omi = IN_DEV_MEDIUM_ID(out_dev);
577 return omi != imi && omi != -1;
581 * Check for RFC3069 proxy arp private VLAN (allow to send back to same dev)
583 * RFC3069 supports proxy arp replies back to the same interface. This
584 * is done to support (ethernet) switch features, like RFC 3069, where
585 * the individual ports are not allowed to communicate with each
586 * other, BUT they are allowed to talk to the upstream router. As
587 * described in RFC 3069, it is possible to allow these hosts to
588 * communicate through the upstream router, by proxy_arp'ing.
590 * RFC 3069: "VLAN Aggregation for Efficient IP Address Allocation"
592 * This technology is known by different names:
593 * In RFC 3069 it is called VLAN Aggregation.
594 * Cisco and Allied Telesyn call it Private VLAN.
595 * Hewlett-Packard call it Source-Port filtering or port-isolation.
596 * Ericsson call it MAC-Forced Forwarding (RFC Draft).
599 static inline int arp_fwd_pvlan(struct in_device *in_dev,
600 struct net_device *dev, struct rtable *rt,
601 __be32 sip, __be32 tip)
603 /* Private VLAN is only concerned about the same ethernet segment */
604 if (rt->dst.dev != dev)
607 /* Don't reply on self probes (often done by windowz boxes)*/
611 if (IN_DEV_PROXY_ARP_PVLAN(in_dev))
618 * Interface to link layer: send routine and receive handler.
622 * Create an arp packet. If (dest_hw == NULL), we create a broadcast
625 struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
626 struct net_device *dev, __be32 src_ip,
627 const unsigned char *dest_hw,
628 const unsigned char *src_hw,
629 const unsigned char *target_hw)
633 unsigned char *arp_ptr;
639 skb = alloc_skb(arp_hdr_len(dev) + LL_ALLOCATED_SPACE(dev), GFP_ATOMIC);
643 skb_reserve(skb, LL_RESERVED_SPACE(dev));
644 skb_reset_network_header(skb);
645 arp = (struct arphdr *) skb_put(skb, arp_hdr_len(dev));
647 skb->protocol = htons(ETH_P_ARP);
649 src_hw = dev->dev_addr;
651 dest_hw = dev->broadcast;
654 * Fill the device header for the ARP frame
656 if (dev_hard_header(skb, dev, ptype, dest_hw, src_hw, skb->len) < 0)
660 * Fill out the arp protocol part.
662 * The arp hardware type should match the device type, except for FDDI,
663 * which (according to RFC 1390) should always equal 1 (Ethernet).
666 * Exceptions everywhere. AX.25 uses the AX.25 PID value not the
667 * DIX code for the protocol. Make these device structure fields.
671 arp->ar_hrd = htons(dev->type);
672 arp->ar_pro = htons(ETH_P_IP);
675 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
677 arp->ar_hrd = htons(ARPHRD_AX25);
678 arp->ar_pro = htons(AX25_P_IP);
681 #if defined(CONFIG_NETROM) || defined(CONFIG_NETROM_MODULE)
683 arp->ar_hrd = htons(ARPHRD_NETROM);
684 arp->ar_pro = htons(AX25_P_IP);
689 #if defined(CONFIG_FDDI) || defined(CONFIG_FDDI_MODULE)
691 arp->ar_hrd = htons(ARPHRD_ETHER);
692 arp->ar_pro = htons(ETH_P_IP);
695 #if defined(CONFIG_TR) || defined(CONFIG_TR_MODULE)
696 case ARPHRD_IEEE802_TR:
697 arp->ar_hrd = htons(ARPHRD_IEEE802);
698 arp->ar_pro = htons(ETH_P_IP);
703 arp->ar_hln = dev->addr_len;
705 arp->ar_op = htons(type);
707 arp_ptr = (unsigned char *)(arp + 1);
709 memcpy(arp_ptr, src_hw, dev->addr_len);
710 arp_ptr += dev->addr_len;
711 memcpy(arp_ptr, &src_ip, 4);
713 if (target_hw != NULL)
714 memcpy(arp_ptr, target_hw, dev->addr_len);
716 memset(arp_ptr, 0, dev->addr_len);
717 arp_ptr += dev->addr_len;
718 memcpy(arp_ptr, &dest_ip, 4);
726 EXPORT_SYMBOL(arp_create);
729 * Send an arp packet.
731 void arp_xmit(struct sk_buff *skb)
733 /* Send it off, maybe filter it using firewalling first. */
734 NF_HOOK(NFPROTO_ARP, NF_ARP_OUT, skb, NULL, skb->dev, dev_queue_xmit);
736 EXPORT_SYMBOL(arp_xmit);
739 * Create and send an arp packet.
741 void arp_send(int type, int ptype, __be32 dest_ip,
742 struct net_device *dev, __be32 src_ip,
743 const unsigned char *dest_hw, const unsigned char *src_hw,
744 const unsigned char *target_hw)
749 * No arp on this interface.
752 if (dev->flags&IFF_NOARP)
755 skb = arp_create(type, ptype, dest_ip, dev, src_ip,
756 dest_hw, src_hw, target_hw);
762 EXPORT_SYMBOL(arp_send);
765 * Process an arp request.
768 static int arp_process(struct sk_buff *skb)
770 struct net_device *dev = skb->dev;
771 struct in_device *in_dev = __in_dev_get_rcu(dev);
773 unsigned char *arp_ptr;
777 u16 dev_type = dev->type;
780 struct net *net = dev_net(dev);
782 /* arp_rcv below verifies the ARP header and verifies the device
793 if (arp->ar_pro != htons(ETH_P_IP) ||
794 htons(dev_type) != arp->ar_hrd)
798 case ARPHRD_IEEE802_TR:
802 * ETHERNET, Token Ring and Fibre Channel (which are IEEE 802
803 * devices, according to RFC 2625) devices will accept ARP
804 * hardware types of either 1 (Ethernet) or 6 (IEEE 802.2).
805 * This is the case also of FDDI, where the RFC 1390 says that
806 * FDDI devices should accept ARP hardware of (1) Ethernet,
807 * however, to be more robust, we'll accept both 1 (Ethernet)
810 if ((arp->ar_hrd != htons(ARPHRD_ETHER) &&
811 arp->ar_hrd != htons(ARPHRD_IEEE802)) ||
812 arp->ar_pro != htons(ETH_P_IP))
816 if (arp->ar_pro != htons(AX25_P_IP) ||
817 arp->ar_hrd != htons(ARPHRD_AX25))
821 if (arp->ar_pro != htons(AX25_P_IP) ||
822 arp->ar_hrd != htons(ARPHRD_NETROM))
827 /* Understand only these message types */
829 if (arp->ar_op != htons(ARPOP_REPLY) &&
830 arp->ar_op != htons(ARPOP_REQUEST))
836 arp_ptr = (unsigned char *)(arp + 1);
838 arp_ptr += dev->addr_len;
839 memcpy(&sip, arp_ptr, 4);
841 arp_ptr += dev->addr_len;
842 memcpy(&tip, arp_ptr, 4);
844 * Check for bad requests for 127.x.x.x and requests for multicast
845 * addresses. If this is one such, delete it.
847 if (ipv4_is_loopback(tip) || ipv4_is_multicast(tip))
851 * Special case: We must set Frame Relay source Q.922 address
853 if (dev_type == ARPHRD_DLCI)
854 sha = dev->broadcast;
857 * Process entry. The idea here is we want to send a reply if it is a
858 * request for us or if it is a request for someone else that we hold
859 * a proxy for. We want to add an entry to our cache if it is a reply
860 * to us or if it is a request for our address.
861 * (The assumption for this last is that if someone is requesting our
862 * address, they are probably intending to talk to us, so it saves time
863 * if we cache their address. Their address is also probably not in
864 * our cache, since ours is not in their cache.)
866 * Putting this another way, we only care about replies if they are to
867 * us, in which case we add them to the cache. For requests, we care
868 * about those for us and those for our proxies. We reply to both,
869 * and in the case of requests for us we add the requester to the arp
873 /* Special case: IPv4 duplicate address detection packet (RFC2131) */
875 if (arp->ar_op == htons(ARPOP_REQUEST) &&
876 inet_addr_type(net, tip) == RTN_LOCAL &&
877 !arp_ignore(in_dev, sip, tip))
878 arp_send(ARPOP_REPLY, ETH_P_ARP, sip, dev, tip, sha,
883 if (arp->ar_op == htons(ARPOP_REQUEST) &&
884 ip_route_input_noref(skb, tip, sip, 0, dev) == 0) {
886 rt = skb_rtable(skb);
887 addr_type = rt->rt_type;
889 if (addr_type == RTN_LOCAL) {
892 dont_send = arp_ignore(in_dev, sip, tip);
893 if (!dont_send && IN_DEV_ARPFILTER(in_dev))
894 dont_send = arp_filter(sip, tip, dev);
896 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
898 arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
899 dev, tip, sha, dev->dev_addr,
905 } else if (IN_DEV_FORWARD(in_dev)) {
906 if (addr_type == RTN_UNICAST &&
907 (arp_fwd_proxy(in_dev, dev, rt) ||
908 arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
909 (rt->dst.dev != dev &&
910 pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) {
911 n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
915 if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
916 skb->pkt_type == PACKET_HOST ||
917 in_dev->arp_parms->proxy_delay == 0) {
918 arp_send(ARPOP_REPLY, ETH_P_ARP, sip,
919 dev, tip, sha, dev->dev_addr,
922 pneigh_enqueue(&arp_tbl,
923 in_dev->arp_parms, skb);
931 /* Update our ARP tables */
933 n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
935 if (IPV4_DEVCONF_ALL(dev_net(dev), ARP_ACCEPT)) {
936 /* Unsolicited ARP is not accepted by default.
937 It is possible, that this option should be enabled for some
938 devices (strip is candidate)
941 (arp->ar_op == htons(ARPOP_REPLY) ||
942 (arp->ar_op == htons(ARPOP_REQUEST) && tip == sip)) &&
943 inet_addr_type(net, sip) == RTN_UNICAST)
944 n = __neigh_lookup(&arp_tbl, &sip, dev, 1);
948 int state = NUD_REACHABLE;
951 /* If several different ARP replies follows back-to-back,
952 use the FIRST one. It is possible, if several proxy
953 agents are active. Taking the first reply prevents
954 arp trashing and chooses the fastest router.
956 override = time_after(jiffies, n->updated + n->parms->locktime);
958 /* Broadcast replies and request packets
959 do not assert neighbour reachability.
961 if (arp->ar_op != htons(ARPOP_REPLY) ||
962 skb->pkt_type != PACKET_HOST)
964 neigh_update(n, sha, state,
965 override ? NEIGH_UPDATE_F_OVERRIDE : 0);
974 static void parp_redo(struct sk_buff *skb)
981 * Receive an arp request from the device layer.
984 static int arp_rcv(struct sk_buff *skb, struct net_device *dev,
985 struct packet_type *pt, struct net_device *orig_dev)
989 /* ARP header, plus 2 device addresses, plus 2 IP addresses. */
990 if (!pskb_may_pull(skb, arp_hdr_len(dev)))
994 if (arp->ar_hln != dev->addr_len ||
995 dev->flags & IFF_NOARP ||
996 skb->pkt_type == PACKET_OTHERHOST ||
997 skb->pkt_type == PACKET_LOOPBACK ||
1001 skb = skb_share_check(skb, GFP_ATOMIC);
1005 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1007 return NF_HOOK(NFPROTO_ARP, NF_ARP_IN, skb, dev, NULL, arp_process);
1016 * User level interface (ioctl)
1020 * Set (create) an ARP cache entry.
1023 static int arp_req_set_proxy(struct net *net, struct net_device *dev, int on)
1026 IPV4_DEVCONF_ALL(net, PROXY_ARP) = on;
1029 if (__in_dev_get_rtnl(dev)) {
1030 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, on);
1036 static int arp_req_set_public(struct net *net, struct arpreq *r,
1037 struct net_device *dev)
1039 __be32 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1040 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1042 if (mask && mask != htonl(0xFFFFFFFF))
1044 if (!dev && (r->arp_flags & ATF_COM)) {
1045 dev = dev_getbyhwaddr_rcu(net, r->arp_ha.sa_family,
1051 if (pneigh_lookup(&arp_tbl, net, &ip, dev, 1) == NULL)
1056 return arp_req_set_proxy(net, dev, 1);
1059 static int arp_req_set(struct net *net, struct arpreq *r,
1060 struct net_device *dev)
1063 struct neighbour *neigh;
1066 if (r->arp_flags & ATF_PUBL)
1067 return arp_req_set_public(net, r, dev);
1069 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1070 if (r->arp_flags & ATF_PERM)
1071 r->arp_flags |= ATF_COM;
1073 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1082 switch (dev->type) {
1083 #if defined(CONFIG_FDDI) || defined(CONFIG_FDDI_MODULE)
1086 * According to RFC 1390, FDDI devices should accept ARP
1087 * hardware types of 1 (Ethernet). However, to be more
1088 * robust, we'll accept hardware types of either 1 (Ethernet)
1089 * or 6 (IEEE 802.2).
1091 if (r->arp_ha.sa_family != ARPHRD_FDDI &&
1092 r->arp_ha.sa_family != ARPHRD_ETHER &&
1093 r->arp_ha.sa_family != ARPHRD_IEEE802)
1098 if (r->arp_ha.sa_family != dev->type)
1103 neigh = __neigh_lookup_errno(&arp_tbl, &ip, dev);
1104 err = PTR_ERR(neigh);
1105 if (!IS_ERR(neigh)) {
1106 unsigned state = NUD_STALE;
1107 if (r->arp_flags & ATF_PERM)
1108 state = NUD_PERMANENT;
1109 err = neigh_update(neigh, (r->arp_flags & ATF_COM) ?
1110 r->arp_ha.sa_data : NULL, state,
1111 NEIGH_UPDATE_F_OVERRIDE |
1112 NEIGH_UPDATE_F_ADMIN);
1113 neigh_release(neigh);
1118 static unsigned arp_state_to_flags(struct neighbour *neigh)
1120 if (neigh->nud_state&NUD_PERMANENT)
1121 return ATF_PERM | ATF_COM;
1122 else if (neigh->nud_state&NUD_VALID)
1129 * Get an ARP cache entry.
1132 static int arp_req_get(struct arpreq *r, struct net_device *dev)
1134 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1135 struct neighbour *neigh;
1138 neigh = neigh_lookup(&arp_tbl, &ip, dev);
1140 read_lock_bh(&neigh->lock);
1141 memcpy(r->arp_ha.sa_data, neigh->ha, dev->addr_len);
1142 r->arp_flags = arp_state_to_flags(neigh);
1143 read_unlock_bh(&neigh->lock);
1144 r->arp_ha.sa_family = dev->type;
1145 strlcpy(r->arp_dev, dev->name, sizeof(r->arp_dev));
1146 neigh_release(neigh);
1152 int arp_invalidate(struct net_device *dev, __be32 ip)
1154 struct neighbour *neigh = neigh_lookup(&arp_tbl, &ip, dev);
1158 if (neigh->nud_state & ~NUD_NOARP)
1159 err = neigh_update(neigh, NULL, NUD_FAILED,
1160 NEIGH_UPDATE_F_OVERRIDE|
1161 NEIGH_UPDATE_F_ADMIN);
1162 neigh_release(neigh);
1167 EXPORT_SYMBOL(arp_invalidate);
1169 static int arp_req_delete_public(struct net *net, struct arpreq *r,
1170 struct net_device *dev)
1172 __be32 ip = ((struct sockaddr_in *) &r->arp_pa)->sin_addr.s_addr;
1173 __be32 mask = ((struct sockaddr_in *)&r->arp_netmask)->sin_addr.s_addr;
1175 if (mask == htonl(0xFFFFFFFF))
1176 return pneigh_delete(&arp_tbl, net, &ip, dev);
1181 return arp_req_set_proxy(net, dev, 0);
1184 static int arp_req_delete(struct net *net, struct arpreq *r,
1185 struct net_device *dev)
1189 if (r->arp_flags & ATF_PUBL)
1190 return arp_req_delete_public(net, r, dev);
1192 ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
1194 struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0);
1202 return arp_invalidate(dev, ip);
1206 * Handle an ARP layer I/O control request.
1209 int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1213 struct net_device *dev = NULL;
1218 if (!capable(CAP_NET_ADMIN))
1221 err = copy_from_user(&r, arg, sizeof(struct arpreq));
1229 if (r.arp_pa.sa_family != AF_INET)
1230 return -EPFNOSUPPORT;
1232 if (!(r.arp_flags & ATF_PUBL) &&
1233 (r.arp_flags & (ATF_NETMASK | ATF_DONTPUB)))
1235 if (!(r.arp_flags & ATF_NETMASK))
1236 ((struct sockaddr_in *)&r.arp_netmask)->sin_addr.s_addr =
1237 htonl(0xFFFFFFFFUL);
1241 dev = __dev_get_by_name(net, r.arp_dev);
1245 /* Mmmm... It is wrong... ARPHRD_NETROM==0 */
1246 if (!r.arp_ha.sa_family)
1247 r.arp_ha.sa_family = dev->type;
1249 if ((r.arp_flags & ATF_COM) && r.arp_ha.sa_family != dev->type)
1251 } else if (cmd == SIOCGARP) {
1258 err = arp_req_delete(net, &r, dev);
1261 err = arp_req_set(net, &r, dev);
1264 err = arp_req_get(&r, dev);
1269 if (cmd == SIOCGARP && !err && copy_to_user(arg, &r, sizeof(r)))
1274 static int arp_netdev_event(struct notifier_block *this, unsigned long event,
1277 struct net_device *dev = ptr;
1280 case NETDEV_CHANGEADDR:
1281 neigh_changeaddr(&arp_tbl, dev);
1282 rt_cache_flush(dev_net(dev), 0);
1291 static struct notifier_block arp_netdev_notifier = {
1292 .notifier_call = arp_netdev_event,
1295 /* Note, that it is not on notifier chain.
1296 It is necessary, that this routine was called after route cache will be
1299 void arp_ifdown(struct net_device *dev)
1301 neigh_ifdown(&arp_tbl, dev);
1306 * Called once on startup.
1309 static struct packet_type arp_packet_type __read_mostly = {
1310 .type = cpu_to_be16(ETH_P_ARP),
1314 static int arp_proc_init(void);
1316 void __init arp_init(void)
1318 neigh_table_init(&arp_tbl);
1320 dev_add_pack(&arp_packet_type);
1322 #ifdef CONFIG_SYSCTL
1323 neigh_sysctl_register(NULL, &arp_tbl.parms, "ipv4", NULL);
1325 register_netdevice_notifier(&arp_netdev_notifier);
1328 #ifdef CONFIG_PROC_FS
1329 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
1331 /* ------------------------------------------------------------------------ */
1333 * ax25 -> ASCII conversion
1335 static char *ax2asc2(ax25_address *a, char *buf)
1340 for (n = 0, s = buf; n < 6; n++) {
1341 c = (a->ax25_call[n] >> 1) & 0x7F;
1348 n = (a->ax25_call[6] >> 1) & 0x0F;
1357 if (*buf == '\0' || *buf == '-')
1362 #endif /* CONFIG_AX25 */
1364 #define HBUFFERLEN 30
1366 static void arp_format_neigh_entry(struct seq_file *seq,
1367 struct neighbour *n)
1369 char hbuffer[HBUFFERLEN];
1372 struct net_device *dev = n->dev;
1373 int hatype = dev->type;
1375 read_lock(&n->lock);
1376 /* Convert hardware address to XX:XX:XX:XX ... form. */
1377 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
1378 if (hatype == ARPHRD_AX25 || hatype == ARPHRD_NETROM)
1379 ax2asc2((ax25_address *)n->ha, hbuffer);
1382 for (k = 0, j = 0; k < HBUFFERLEN - 3 && j < dev->addr_len; j++) {
1383 hbuffer[k++] = hex_asc_hi(n->ha[j]);
1384 hbuffer[k++] = hex_asc_lo(n->ha[j]);
1390 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE)
1393 sprintf(tbuf, "%pI4", n->primary_key);
1394 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1395 tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name);
1396 read_unlock(&n->lock);
1399 static void arp_format_pneigh_entry(struct seq_file *seq,
1400 struct pneigh_entry *n)
1402 struct net_device *dev = n->dev;
1403 int hatype = dev ? dev->type : 0;
1406 sprintf(tbuf, "%pI4", n->key);
1407 seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n",
1408 tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00",
1409 dev ? dev->name : "*");
1412 static int arp_seq_show(struct seq_file *seq, void *v)
1414 if (v == SEQ_START_TOKEN) {
1415 seq_puts(seq, "IP address HW type Flags "
1416 "HW address Mask Device\n");
1418 struct neigh_seq_state *state = seq->private;
1420 if (state->flags & NEIGH_SEQ_IS_PNEIGH)
1421 arp_format_pneigh_entry(seq, v);
1423 arp_format_neigh_entry(seq, v);
1429 static void *arp_seq_start(struct seq_file *seq, loff_t *pos)
1431 /* Don't want to confuse "arp -a" w/ magic entries,
1432 * so we tell the generic iterator to skip NUD_NOARP.
1434 return neigh_seq_start(seq, pos, &arp_tbl, NEIGH_SEQ_SKIP_NOARP);
1437 /* ------------------------------------------------------------------------ */
1439 static const struct seq_operations arp_seq_ops = {
1440 .start = arp_seq_start,
1441 .next = neigh_seq_next,
1442 .stop = neigh_seq_stop,
1443 .show = arp_seq_show,
1446 static int arp_seq_open(struct inode *inode, struct file *file)
1448 return seq_open_net(inode, file, &arp_seq_ops,
1449 sizeof(struct neigh_seq_state));
1452 static const struct file_operations arp_seq_fops = {
1453 .owner = THIS_MODULE,
1454 .open = arp_seq_open,
1456 .llseek = seq_lseek,
1457 .release = seq_release_net,
1461 static int __net_init arp_net_init(struct net *net)
1463 if (!proc_net_fops_create(net, "arp", S_IRUGO, &arp_seq_fops))
1468 static void __net_exit arp_net_exit(struct net *net)
1470 proc_net_remove(net, "arp");
1473 static struct pernet_operations arp_net_ops = {
1474 .init = arp_net_init,
1475 .exit = arp_net_exit,
1478 static int __init arp_proc_init(void)
1480 return register_pernet_subsys(&arp_net_ops);
1483 #else /* CONFIG_PROC_FS */
1485 static int __init arp_proc_init(void)
1490 #endif /* CONFIG_PROC_FS */
projects / librecmc / linux-libre.git / blob