4 * ip.c (C) 1995-1998 Darren Reed
6 * See the IPFILTER.LICENCE file for details on licencing.
9 static const char sccsid[] = "%W% %G% (C)1995";
10 static const char rcsid[] = "@(#)$Id$";
12 #include <sys/param.h>
13 #include <sys/types.h>
14 #include <netinet/in_systm.h>
15 #include <sys/socket.h>
17 #include <netinet/in.h>
18 #include <netinet/ip.h>
19 #include <sys/param.h>
20 # include <net/route.h>
21 # include <netinet/if_ether.h>
22 # include <netinet/ip_var.h>
31 static char *ipbuf = NULL, *ethbuf = NULL;
35 chksum(u_short *buf, int len)
38 int nwords = len >> 1;
40 for(; nwords > 0; nwords--)
42 sum = (sum>>16) + (sum & 0xffff);
49 send_ether(int nfd, char *buf, int len, struct in_addr gwip)
51 static struct in_addr last_gw;
52 static char last_arp[6] = { 0, 0, 0, 0, 0, 0};
58 ethbuf = (char *)calloc(1, 65536+1024);
60 eh = (ether_header_t *)s;
62 bcopy((char *)buf, s + sizeof(*eh), len);
63 if (gwip.s_addr == last_gw.s_addr)
65 bcopy(last_arp, (char *) &eh->ether_dhost, 6);
67 else if (arp((char *)&gwip, (char *) &eh->ether_dhost) == -1)
72 eh->ether_type = htons(ETHERTYPE_IP);
73 last_gw.s_addr = gwip.s_addr;
74 err = sendip(nfd, s, sizeof(*eh) + len);
82 send_ip(int nfd, int mtu, ip_t *ip, struct in_addr gwip, int frag)
84 static struct in_addr last_gw, local_ip;
85 static char local_arp[6] = { 0, 0, 0, 0, 0, 0};
86 static char last_arp[6] = { 0, 0, 0, 0, 0, 0};
87 static u_short id = 0;
94 ipbuf = (char *)malloc(65536);
97 perror("malloc failed");
102 eh = (ether_header_t *)ipbuf;
104 bzero((char *) &eh->ether_shost, sizeof(eh->ether_shost));
105 if (last_gw.s_addr && (gwip.s_addr == last_gw.s_addr))
107 bcopy(last_arp, (char *) &eh->ether_dhost, 6);
109 else if (arp((char *)&gwip, (char *) &eh->ether_dhost) == -1)
114 bcopy((char *) &eh->ether_dhost, last_arp, sizeof(last_arp));
115 eh->ether_type = htons(ETHERTYPE_IP);
117 bcopy((char *)ip, (char *)&ipsv, sizeof(*ip));
118 last_gw.s_addr = gwip.s_addr;
120 ip->ip_len = htons(iplen);
123 IP_V_A(ip, IPVERSION);
125 ip->ip_id = htons(id++);
130 if (ip->ip_src.s_addr != local_ip.s_addr) {
131 (void) arp((char *)&ip->ip_src, (char *) &local_arp);
132 bcopy(local_arp, (char *) &eh->ether_shost,sizeof(last_arp));
133 local_ip = ip->ip_src;
135 bcopy(local_arp, (char *) &eh->ether_shost, 6);
137 if (!frag || (sizeof(*eh) + iplen < mtu))
140 ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2);
142 bcopy((char *)ip, ipbuf + sizeof(*eh), iplen);
143 err = sendip(nfd, ipbuf, sizeof(*eh) + iplen);
148 * Actually, this is bogus because we're putting all IP
149 * options in every packet, which isn't always what should be
150 * done. Will do for now.
155 int i, sent = 0, ts, hlen, olen;
157 hlen = IP_HL(ip) << 2;
158 if (mtu < (hlen + 8)) {
159 fprintf(stderr, "mtu (%d) < ip header size (%d) + 8\n",
161 fprintf(stderr, "can't fragment data\n");
164 ol = (IP_HL(ip) << 2) - sizeof(*ip);
165 for (i = 0, s = (char*)(ip + 1); ol > 0; )
166 if (*s == IPOPT_EOL) {
169 } else if (*s == IPOPT_NOP) {
174 olen = (int)(*(u_char *)(s + 1));
176 if (IPOPT_COPIED(*s))
178 bcopy(s, optcpy + i, olen);
188 while ((i & 3) && (i & 3) != 3)
189 optcpy[i++] = IPOPT_NOP;
191 optcpy[i++] = IPOPT_EOL;
194 bcopy((char *)eh, (char *)ð, sizeof(eth));
195 s = (char *)ip + hlen;
196 iplen = ntohs(ip->ip_len) - hlen;
197 ip->ip_off |= htons(IP_MF);
201 if ((sent + (mtu - hlen)) >= iplen)
203 ip->ip_off ^= htons(IP_MF);
208 ip->ip_off &= htons(0xe000);
209 ip->ip_off |= htons(sent >> 3);
211 ip->ip_len = htons(ts);
213 ip->ip_sum = chksum((u_short *)ip, hlen);
214 bcopy((char *)ip, ipbuf + sizeof(*eh), hlen);
215 bcopy(s + sent, ipbuf + sizeof(*eh) + hlen, ts - hlen);
216 err = sendip(nfd, ipbuf, sizeof(*eh) + ts);
218 bcopy((char *)ð, ipbuf, sizeof(eth));
220 if (!(ntohs(ip->ip_off) & IP_MF))
222 else if (!(ip->ip_off & htons(0x1fff)))
224 hlen = i + sizeof(*ip);
225 IP_HL_A(ip, (sizeof(*ip) + i) >> 2);
226 bcopy(optcpy, (char *)(ip + 1), i);
231 bcopy((char *)&ipsv, (char *)ip, sizeof(*ip));
240 send_tcp(int nfd, int mtu, ip_t *ip, struct in_addr gwip)
242 static tcp_seq iss = 2;
244 int thlen, i, iplen, hlen;
249 hlen = IP_HL(ip) << 2;
250 t = (tcphdr_t *)((char *)ip + hlen);
251 ip2 = (struct ip *)lbuf;
252 t2 = (tcphdr_t *)((char *)ip2 + hlen);
253 thlen = TCP_OFF(t) << 2;
255 thlen = sizeof(tcphdr_t);
256 bzero((char *)ip2, sizeof(*ip2) + sizeof(*t2));
257 ip->ip_p = IPPROTO_TCP;
258 ip2->ip_p = ip->ip_p;
259 ip2->ip_src = ip->ip_src;
260 ip2->ip_dst = ip->ip_dst;
261 bcopy((char *)ip + hlen, (char *)t2, thlen);
264 t2->th_win = htons(4096);
267 i = sizeof(struct tcpiphdr) / sizeof(long);
269 if ((t2->th_flags == TH_SYN) && !ntohs(ip->ip_off) &&
270 (lbuf[i] != htonl(0x020405b4))) {
271 lbuf[i] = htonl(0x020405b4);
272 bcopy((char *)ip + hlen + thlen, (char *)ip + hlen + thlen + 4,
273 iplen - thlen - hlen);
276 TCP_OFF_A(t2, thlen >> 2);
277 ip2->ip_len = htons(thlen);
278 ip->ip_len = hlen + thlen;
280 t2->th_sum = chksum((u_short *)ip2, thlen + sizeof(ip_t));
282 bcopy((char *)t2, (char *)ip + hlen, thlen);
283 return (send_ip(nfd, mtu, ip, gwip, 1));
291 send_udp(int nfd, int mtu, ip_t *ip, struct in_addr gwip)
297 ti = (struct tcpiphdr *)lbuf;
298 bzero((char *)ti, sizeof(*ti));
299 thlen = sizeof(udphdr_t);
300 ti->ti_pr = ip->ip_p;
301 ti->ti_src = ip->ip_src;
302 ti->ti_dst = ip->ip_dst;
303 bcopy((char *)ip + (IP_HL(ip) << 2),
304 (char *)&ti->ti_sport, sizeof(udphdr_t));
306 ti->ti_len = htons(thlen);
307 ip->ip_len = (IP_HL(ip) << 2) + thlen;
309 ti->ti_sum = chksum((u_short *)ti, thlen + sizeof(ip_t));
311 bcopy((char *)&ti->ti_sport,
312 (char *)ip + (IP_HL(ip) << 2), sizeof(udphdr_t));
313 return (send_ip(nfd, mtu, ip, gwip, 1));
318 * send an icmp packet.
321 send_icmp(int nfd, int mtu, ip_t *ip, in_addr gwip)
325 ic = (struct icmp *)((char *)ip + (IP_HL(ip) << 2));
328 ic->icmp_cksum = chksum((u_short *)ic, sizeof(struct icmp));
330 return (send_ip(nfd, mtu, ip, gwip, 1));
335 send_packet(int nfd, int mtu, ip_t *ip, struct in_addr gwip)
343 ( return send_tcp(nfd, mtu, ip, gwip));
345 ( return send_udp(nfd, mtu, ip, gwip));
347 ( return send_icmp(nfd, mtu, ip, gwip));
349 ( return send_ip(nfd, mtu, ip, gwip, 1));