📄 ip_rte_support.ex.c
字号:
/* processing is not required. */
if (packet_is_labeled)
{
intf_ici_fdstruct_ptr->packet_is_labeled = OPC_TRUE;
intf_ici_fdstruct_ptr->intf_recvd_index = input_intf_tbl_index;
intf_ici_fdstruct_ptr->interface_received = inet_rte_intf_addr_get (iface_info_ptr, addr_family);
if (ip_mpls_is_enabled (iprmd_ptr))
{
intf_ici_fdstruct_ptr->mpls_redirect = OPC_TRUE;
}
else
{
intf_ici_fdstruct_ptr->destroy_pkt = OPC_TRUE;
intf_ici_fdstruct_ptr->drop_reason = prg_string_copy ("Labeled packet received on non MPLS enabled node");
}
FRET (OPC_TRUE);
}
/* If this node is configured as a firewall then the */
/* datagram may have an additional delay caused by */
/* proxy server besides the routing delay. Associate */
/* this delay, which is computed earlier, with the */
/* packet. If the node is not a firewall then the delay */
/* is always zero. */
intf_ici_fdstruct_ptr->proxy_delay = proxy_delay;
/* If VPN tunnel is enabled on this node. The vpn delay */
/* may be added.Otherwise, delay is zero. */
intf_ici_fdstruct_ptr->vpn_delay = vpn_delay;
/* Taking MANET protocol type information in ici field */
if (ip_manet_is_enabled (iprmd_ptr))
{
intf_ici_fdstruct_ptr->manet_protocol_type = iprmd_ptr->manet_info_ptr->rte_protocol;
}
/* If this node is a load balancer, check whether this */
/* packet is to be load balanced. */
if (ip_load_balancer_is_enabled (iprmd_ptr))
{
/* If the destination address equals the interface */
/* address, then it is destined for the load balancer */
/* and should be processed. */
if (ip_rte_load_balancer_packet_mine (pk_fd_ptr->dest_addr, iprmd_ptr, &output_table_index) == OPC_TRUE)
{
lb_addr = inet_ipv4_address_get (pk_fd_ptr->dest_addr);
ip_rte_load_balancer_handle_packet (iprmd_ptr, pkpptr);
/* If the source address has been set to */
/* OMSC_LOAD_BALANCER_ADDRESS_NONE or the */
/* destination address is unchanged, then */
/* there is an error. Discard the packet */
/* and warn the user. */
if ((ip_address_equal (inet_ipv4_address_get (pk_fd_ptr->src_addr), OMSC_LOAD_BALANCER_ADDRESS_NONE)) ||
(ip_address_equal (inet_ipv4_address_get (pk_fd_ptr->dest_addr), lb_addr)))
{
ip_rte_load_balancer_log ();
/* Since the load balancer did not know what*/
/* to do with the packet, drop it. */
ip_rte_dgram_discard (iprmd_ptr, *pkpptr, intf_ici_ptr, "Load Balancer Translation Error");
/* Warns that the packet has not been accepted. */
FRET (OPC_FALSE);
}
}
}
/* Obtain the destination IP address information. */
/* Do not use inet_address_copy because dest_addr is a */
/* local variable. */
dest_addr = pk_fd_ptr->dest_addr;
multicast_dest_addr = inet_address_is_multicast (dest_addr);
/* Initialize the flag that stores whether this packet should */
/* be forced to the lower layer to be false. A packet coming */
/* from the higher layer in a LAN node should be forced to the */
/* lower layer. */
force_fwd = OPC_FALSE;
/* Check if this packet came from a higher layer or from */
/* oms_basetraf_src. Conceptually, both cases imply that */
/* this process must route the pk to the lower layers. */
if (OPC_FALSE == packet_from_lower_layer)
{
/* Assign a unique identity to this packet - unique among */
/* packets injected into the net by this host. This is used */
/* while reassembling data fragments on the destination. */
/* However, oms_basetraf_src model set it to "-1" as bgutil */
/* tracer packets never get fragmented. */
/* Note: IP datagrams which are already assigned an */
/* identifier (e.g. fragmented multicast data packets) may */
/* be received from ip_pim_sm child process. Datagrams which*/
/* are not yet assigned an identifier will have their ident */
/* field set to 0. */
if ((pk_fd_ptr->ident != -1) && (pk_fd_ptr->ident == 0))
{
pk_fd_ptr->ident = iprmd_ptr->dgram_id++;
}
/* Indicate that the packet has not been processed yet. */
/* This will be used while servicing the datagram in */
/* the "svc_cmpl" state. */
intf_ici_fdstruct_ptr->processed = OPC_FALSE;
intf_ici_fdstruct_ptr->intf_recvd_index = iprmd_ptr->first_loopback_intf_index;
/* Return NIL pointer if packet arrives from higher layer */
*rcvd_iface_info_pptr = OPC_NIL;
/* Set the packet insertion time. This will be later */
/* used to compute packet latency. */
intf_ici_fdstruct_ptr->pkt_insertion_time = op_sim_time ();
if (pk_fd_ptr->protocol == IpC_Protocol_Rsvp)
{
/* The packet is accompanied by an ICI. Get the ICI. */
rsvp_ici_ptr = op_intrpt_ici ();
if (multicast_dest_addr)
{
/* Get multicast ports and set them in the ICI structure. */
op_ici_attr_get (rsvp_ici_ptr, "multicast_major_port", &mcast_major_port);
op_ici_attr_get (rsvp_ici_ptr, "multicast_minor_port", &mcast_minor_port);
intf_ici_fdstruct_ptr->multicast_major_port = mcast_major_port;
intf_ici_fdstruct_ptr->multicast_minor_port = mcast_minor_port;
}
}
else if (multicast_dest_addr)
{
/** The higher layer has specified multicast, so **/
/** get the major and minor port information to **/
/** which we want to send the multicast packet. **/
/** The major and minor port information will be **/
/** specified either in an ICI or in the **/
/** parent-to-child memory. **/
/* Check whether port information was specified */
/* in the ICI */
mcast_ici_ptr = op_intrpt_ici ();
if (mcast_ici_ptr != OPC_NIL)
{
op_ici_attr_get (mcast_ici_ptr, "multicast_major_port", &mcast_major_port);
op_ici_attr_get (mcast_ici_ptr, "multicast_minor_port", &mcast_minor_port);
/* Get the virtual mac address */
op_ici_attr_get (mcast_ici_ptr, "src_mac_addr", &vmac_addr);
/* Set the virtual mac address */
intf_ici_fdstruct_ptr->virtual_mac_address = vmac_addr;
/* Destroy the multicast ICI. */
op_ici_destroy (mcast_ici_ptr);
}
else
{
/* The major and minor port information has been */
/* specified in the parent-to-child memory. */
mcast_major_port = iprmd_ptr->ip_ptc_mem.ip_mcast_ptc_info.major_port;
mcast_minor_port = iprmd_ptr->ip_ptc_mem.ip_mcast_ptc_info.minor_port;
}
/* Store the multicast major and minor port information in */
/* the ICI that will be associated with the packet */
/* throughout its life cycle within IP. */
intf_ici_fdstruct_ptr->multicast_major_port = mcast_major_port;
intf_ici_fdstruct_ptr->multicast_minor_port = mcast_minor_port;
}
/* Check if this packet originated from one of the MANET */
/* (Aodv/Dsr/Tora/DYMO) child processes. */
if ((pk_fd_ptr->protocol == IpC_Protocol_Dsr) ||
(pk_fd_ptr->protocol == IpC_Protocol_Aodv) ||
(pk_fd_ptr->protocol == IpC_Protocol_Dymo) || //koo
(pk_fd_ptr->protocol == IpC_Protocol_Tora))
{
/* This packet originated from either DSR, AODV, Dymo or from TORA. */
/* Appropriately set the boolean to indicate this. */
packet_from_manet = OPC_TRUE;
}
/* Check whether we need to set the force_fwd flag */
if (iprmd_ptr->within_lan_node == OPC_TRUE)
{
/* The surrounding node is a LAN node. The IP datagram */
/* should be forwarded to the lower layer, irrespective of */
/* the ultimate destination. */
force_fwd = OPC_TRUE;
}
/* The packet is from the higher layer. Set the input interface */
/* name to "Local". */
input_intf_name = local_intf_name;
}
else
{
/* Packet is from lower layer. */
/* Drop the packet if one of the following conditions is true. */
/* 1. The interface is shutdown or */
/* 2. The IP version of the packet is not enabled on this */
/* interface or */
/* 3. The packet is an IPv4 packet and the interface is a */
/* No IP Address interface. */
/* NOTE: Checks 2 and 3 must be made only for packets coming */
/* from the network and not for packets delivered by this node */
/* to itself when tunneling a packet. This is important because */
/* v6 packets may be encapsulated in v4 packets and delivered */
/* back to this node on a stream that does not support v4. */
if ((ip_rte_intf_status_get (iface_info_ptr) == IpC_Intf_Status_Shutdown) ||
(!tunnel_pkt_at_src && (! ip_rte_intf_ip_version_active (iface_info_ptr, addr_family) ||
((InetC_Addr_Family_v4 == addr_family) && ip_rte_intf_no_ip_address (iface_info_ptr)))))
{
/* A "Shutdown" interface can't recieve traffic */
/* Drop the packet and write log message. */
ipnl_shutdown_intf_recv_log_write (iprmd_ptr->node_id, ip_rte_intf_name_get (iface_info_ptr), op_pk_id (*pkpptr));
ip_rte_dgram_discard (iprmd_ptr, *pkpptr, intf_ici_ptr, "Shutdown or No IP Address Interface");
/* Return FALSE indicating packet was dropped */
FRET (OPC_FALSE);
}
/* We also need to drop the packet if it was was */
/* received on a member interface that is down */
if (ip_rte_intf_is_group (iface_info_ptr))
{
/* Get the index of the member interface on which */
/* packet was received. */
member_intf_index = iprmd_ptr->group_info_ptr->instrm_to_member_index_array[instrm];
/* Get a handle to the group specific information of*/
/* the interface. */
intf_group_info_ptr = iface_info_ptr->phys_intf_info_ptr->group_info_ptr;
/* If the member interface is down, drop the packet.*/
if (OPC_FALSE == intf_group_info_ptr->member_intf_array[member_intf_index].status)
{
ipnl_inactive_member_intf_recv_log_write (iprmd_ptr->node_id,
intf_group_info_ptr->member_intf_array[member_intf_index].intf_name,
ip_rte_intf_name_get (iface_info_ptr), op_pk_id (*pkpptr));
ip_rte_dgram_discard (iprmd_ptr, *pkpptr, intf_ici_ptr, "Shutdown Member Interface");
/* Return FALSE indicating packet was dropped */
FRET (OPC_FALSE);
}
}
/* If the packet is a DSR/AODV/DYMO/Tora packet, check if MANET is */
/* enabled on this node. If not destroy the packet */
if (!(ip_manet_is_enabled (iprmd_ptr)) &&
((pk_fd_ptr->protocol == IpC_Protocol_Dsr) ||
(pk_fd_ptr->protocol == IpC_Protocol_Aodv) ||
(pk_fd_ptr->protocol == IpC_Protocol_Dymo) || //koo
(pk_fd_ptr->protocol == IpC_Protocol_Tora)))
{
/* The packet that arrived from the lower layer is a */
/* DSR, AODV, DYMO or Tora packet, but this protocol is not */
/* enabled on this node. */
/* Destroy the packet after writing a log message */
switch (pk_fd_ptr->protocol)
{
case IpC_Protocol_Dsr: protocol_name = "DSR";
break;
case IpC_Protocol_Aodv: protocol_name = "AODV";
break;
case IpC_Protocol_Dymo: protocol_name = "DYMO"; //koo
break;
case IpC_Protocol_Tora: protocol_name = "TORA";
break;
default: protocol_name = "Unknown";
break;
}
ip_nl_dsr_not_enabled_log_write (protocol_name);
ip_rte_dgram_discard (iprmd_ptr, *pkpptr, intf_ici_ptr, "MANET packet received when MANET protocols are not running on this node");
/* Return FALSE indicating packet was dropped */
FRET (OPC_FALSE);
}
/* Set the input interface name. */
input_intf_name = ip_rte_intf_name_get (iface_info_ptr);
/* Do not perform the following tasks for GRE/IP-IP tunnel */
/* packets that are originating from this node, since the */
/* inner packet has been subjected to these checks. */
/* - RECEIVE FILTER */
/* - PIX VERIFY REVERSE PATH */
/* - NETWORK ADDRESS TRANSLATION */
/* - QOS CAR POLICING */
if (OPC_FALSE == tunnel_pkt_at_src)
{
/* On a PIX firewall, if there is no ACL set up, then the packet cannot be sent */
/* from a low security interface to a high security interface. Therefore, we keep */
/* track of whether a filter is configured on this interface. */
if ((iface_info_ptr->filter_info_ptr != OPC_NIL) &&
(iface_info_ptr->filter_info_ptr->pre_filter_in != OPC_NIL))
filter_present = OPC_TRUE;
/* If any packet filter is configured for this interface */
/* then check if the packet satisfies the packet filter */
/* conditions. If no the this packet should be filtered out */
/* and should be dropped */
if (filter_present)
{
/* Check if Packet passes the Packet filter, if no then */
/* drop the packet */
if (Inet_Acl_Apply_Packet (iprmd_ptr, iface_info_ptr->filter_info_ptr->pre_filter_in, *pkpptr,
&rte_map_next_addr, &rte_map_output_table_index, &route_table_lookup, input_intf_name) == OPC_FALSE)
{
/* If this is a policy checker demand then output */
/* the information that the packet is being dropped */
/* What happend to the flow in this life cycle */
if (op_pk_encap_flag_is_set (*pkpptr, OMSC_SECURITY_ENCAP_FLAG_INDEX))
ip_ot_security_demand_results_log (*pkpptr, iprmd_ptr->node_name, OPC_FALSE,
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -