From owner-FreeBSD-net-jp@jp.freebsd.org  Tue Jul  3 00:52:16 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id AAA92080;
	Tue, 3 Jul 2001 00:52:16 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from ns.matatabi.or.jp (ns.matatabi.or.jp [210.163.106.162])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id AAA92074
	for <net-jp@jp.FreeBSD.org>; Tue, 3 Jul 2001 00:52:13 +0900 (JST)
	(envelope-from matusita@matatabi.or.jp)
Received: from localhost (localhost [127.0.0.1]) by ns.matatabi.or.jp (8.11.3/3.7W/MATATABI-1.0v9-NS1.2) with ESMTP id f62Fq8v80008 for <net-jp@jp.FreeBSD.org>; Tue, 3 Jul 2001 00:52:09 +0900 (JST)
	(envelope-from matusita@matatabi.or.jp)
X-Face: '*aj"d@ijeQ:/X}]oM5c5Uz{ZZZk90WPt>a^y4$cGQp8:!H\W=hSM;PuNiidkc]/%,;6VGu
 e+`&APmz|P;F~OL/QK%;P2vU>\j4X.8@i%j6[%DTs_3J,Fff0)*oHg$A.cDm&jc#pD24WK@{,"Ef!0
 P\):.2}8jo-BiZ?X&t$V
X-User-Agent: Mew/1.94.2 XEmacs/21.5 (alfalfa)
X-FaceAnim: (-O_O-)(O_O- )(_O-  )(O-   )(-   -)(   -O)(  -O_)( -O_O)(-O_O-)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
X-Dispatcher: imput version 20000228(IM140)
Lines: 231
From: Makoto MATSUSHITA <matusita@matatabi.or.jp>
To: net-jp@jp.FreeBSD.org
Date: Tue, 03 Jul 2001 00:51:58 +0900
Message-Id: <20010703005158X.matusita@matatabi.or.jp>
Reply-To: FreeBSD-net-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-net-jp 3190
Subject: [FreeBSD-net-jp 3190] [patch] Add 'ipv6' (protocol 41) support for ppp(8)
Errors-To: owner-FreeBSD-net-jp@jp.freebsd.org
Sender: owner-FreeBSD-net-jp@jp.freebsd.org
X-Originator: matusita@matatabi.or.jp


net@FreeBSD.org $B$K$b=P$7$?$N$G$9$,!$$3$A$i$K$b=P$7$F$_$^$9(B _o_

$B:G6a<+Bp$G(B ADSL $B@~$r0z$$$F!$(BFreeBSD $B$N(B ppp(8) $B$r;H$C$F(B PPPoE $B$7$F$$$^(B
$B$9!%$G!$(BIPv6 over IPv4 tunnel $B$r$3$N(B PPPoE $BH"$G$d$m$&$H$7$?$s$G$9$,!$(B
$B$I$&$7$F$b(B tunnel packet $B$,(B tun device $B$K$d$C$F$3$J$$(B(PPPoE $BB&$NB-$r(B
tcpdump $B$7$?$i!$(Btunnel packet $B$,$A$c$s$H8+$($F$$$k$K$b4X$o$i$:!$$G$9(B)$B!$(B
$B$H$$$&$3$H$K5$$,$D$-$^$7$?!%$3$N$^$^$G$O(B tunnel $B$,D%$l$J$$$N$GHa$7$$$N(B
$B$G!$$J$<$J$N$+D4$Y$F$_$^$7$?!%(B

$B$=$N7k2L!$LdBj$O(B ppp(8) $B$N(B filtering rule $B$K$"$k!$$H$$$&$3$H$,$o$+$j$^(B
$B$7$?!%$I$&$$$&$3$H$+$H$$$&$H!E!E(B ppp(8) $B$N(B filtering rule $B$O(B

$B!&$b$70l@Z(B rule $B$r=q$+$J$1$l$P!$A4$F$N(B packet $B$,DL$k(B
$B!&$b$7(B 0 $BHV$N(B rule $B$r=q$1$P(B filter $B$,M-8z$K$J$j!$L@<(E*$K(B permit $B$7$?(B
  $BE[$@$1$,DL$k(B($B$=$&$G$J$$E[$ODL$i$J$$(B)

$B$G$9$+$i!$$=$N7k2L!$(Bppp(8) $B$,$7$i$J$$(B tunnel packet $B$K$D$$$F$O(B

$B!&$b$70l@Z(B rule $B$r=q$+$J$1$l$P!$(Btunnel packet $B$,DL$k(B
$B!&$b$7(B filter $B$,M-8z$K$J$C$F$$$l$P!$(Btunnel packet $B$O$+$J$i$:Mn$A$k(B

$B$H$J$C$F$7$^$C$F$$$k$o$1$G$9!%Hs>o$KC1=c$JM}M3$G$9(B:)

***

filter $B$r;H$o$J$1$l$PBg>fIW!$$G$O$"$j$^$9$,!$$;$C$+$/(B ppp $B$K(B filter $B$"(B
$B$k$s$@$+$i$=$l$r;H$$$?$$!$$H;W$C$?$N$G!$(Bfilter $B$r;H$C$?;~$G$b$A$c$s$H(B
tunnel packet $B$rDL$;$k$h$&$K!$(Bpatch $B$r=q$$$F$_$^$7$?!%(B

$B0J2<$N(B patch ($B:G6a$N(B 5-current $B$+$i:n$j$^$7$?(B)$B$rE,MQ$9$k$H!$(Bfilter $B%k!<(B
$B%k$N(B protocol $BItJ,$K(B 'ipv6' $B$H$$$&$N$,=q$1$k$h$&$K$J$j$^$9!%6qBNE*$J=q(B
$B$-J}$O!$(Bigmp $BEy$HF1MM!$$G$9!%FCDj$N(B src/dst $B$KBP$9$k(B permit/deny $B$r=q(B
$B$/$3$H$,$G$-$^$9!%$3$l$G!$L@<(E*$K(B tunnel packet $B$rDL$9(B($B$"$k$$$OMn$9(B)
filter rule $B$r=q$1$k$h$&$K$J$j$^$9!%(B

$B!E!E$H$$$&$o$1$G!$6qBNE*$K2a5n:$$C$F$i$C$7$c$kJ}$,$$$i$C$7$c$$$^$7$?$i!$(B
$B;n$7$F$$$?$@$1$l$P4r$7$$$G$9!%$b$A$m$s!$(Bgif $B$rD%$k:]$K$O!$!V(Bifconfig
gif0 $B<+J,$N(Btun$BB-$K$D$$$?(BIPv4$B%"%I%l%9(B $BAj<jB&$N(BIPv4$B%"%I%l%9!W$H$9$k$3$H(B
$B$K$J$k$+$H;W$$$^$9!%(B

# $B$*$^$1(B: $B>e5-$N$h$&$J>u67$G(B NAT $B$,5!G=$9$k$3$H$O$J$$$N$G(B($B$b$7(BNAT $B$5$l(B
# $B$k$s$@$C$?$iJQ498e$N(B IPv4 address $B$r65$($FM_$7$$$G$9(B)$B!$9M$($kI,MW$O(B
# $B0l@Z$J$$$H;W$C$F$$$^$9!%<B:]!$2?$b;d$O9M$($F$$$^$;$s$,!$4|BT$7$?F0:n(B
# $B$r$A$c$s$H$7$F$/$l$F$$$^$9(B($B$7!$(Blog $B$b$=$&$@$H8@$C$F$$$^$9(B :-)

-- -
Makoto `MAR' MATSUSHITA


Index: command.c
===================================================================
RCS file: /pub/cvsup/FreeBSD.cvs/src/usr.sbin/ppp/command.c,v
retrieving revision 1.259
diff -u -r1.259 command.c
--- command.c	2001/06/18 15:00:20	1.259
+++ command.c	2001/07/01 18:25:16
@@ -2120,7 +2120,7 @@
   "escape characters", "set escape hex-digit ..."},
   {"filter", NULL, filter_Set, LOCAL_AUTH,
   "packet filters", "set filter alive|dial|in|out rule-no permit|deny "
-  "[src_addr[/width]] [dst_addr[/width]] [tcp|udp|icmp|ospf|igmp "
+  "[src_addr[/width]] [dst_addr[/width]] [tcp|udp|icmp|ospf|igmp|ipv6 "
   "[src [lt|eq|gt port]] [dst [lt|eq|gt port]] [estab] [syn] [finrst]]"},
   {"hangup", NULL, SetVariable, LOCAL_AUTH | LOCAL_CX,
   "hangup script", "set hangup chat-script", (const void *) VAR_HANGUP},
Index: filter.c
===================================================================
RCS file: /pub/cvsup/FreeBSD.cvs/src/usr.sbin/ppp/filter.c,v
retrieving revision 1.48
diff -u -r1.48 filter.c
--- filter.c	2001/06/13 21:52:16	1.48
+++ filter.c	2001/07/02 14:47:46
@@ -197,7 +197,7 @@
   switch (argc) {
   case 0:
     /* permit/deny all ICMP types */
-    tgt->f_srcop = OP_NONE;
+    tgt->f_srcop = tgt->f_dstop = OP_NONE;
     break;
 
   case 3:
@@ -209,6 +209,7 @@
       }
       tgt->f_srcop = OP_EQ;
       tgt->f_srcport = type;
+      tgt->f_dstop = OP_NONE;
     }
     break;
 
@@ -286,11 +287,27 @@
     log_Printf(LogWARN, "ParseIgmp: Too many parameters\n");
     return 0;
   } else
-    tgt->f_srcop = OP_NONE;
+    tgt->f_srcop = tgt->f_dstop = OP_NONE;
 
   return 1;
 }
 
+static int
+ParseIPv6(int argc, char const * const *argv, struct filterent *tgt)
+{
+  /*
+   * Filter currently is a catch-all. Requests are either permitted or
+   * dropped.
+   */
+  if (argc != 0) {
+    log_Printf(LogWARN, "ParseIPv6: Too many parameters\n");
+    return 0;
+  } else
+    tgt->f_srcop = tgt->f_dstop = OP_NONE;
+
+  return 1;
+}
+
 #ifdef P_GRE
 static int
 ParseGRE(int argc, char const * const *argv, struct filterent *tgt)
@@ -303,7 +320,7 @@
     log_Printf(LogWARN, "ParseGRE: Too many parameters\n");
     return 0;
   } else
-    tgt->f_srcop = OP_NONE;
+    tgt->f_srcop = tgt->f_dstop = OP_NONE;
 
   return 1;
 }
@@ -321,7 +338,7 @@
     log_Printf(LogWARN, "ParseOspf: Too many parameters\n");
     return 0;
   } else
-    tgt->f_srcop = OP_NONE;
+    tgt->f_srcop = tgt->f_dstop = OP_NONE;
 
   return 1;
 }
@@ -495,6 +512,9 @@
   case P_IPIP:
     val = ParseUdpOrTcp(argc, argv, P_IPIP, &filterdata);
     break;
+  case P_IPV6:
+    val = ParseIPv6(argc, argv, &filterdata);
+    break;
   case P_ICMP:
     val = ParseIcmp(argc, argv, &filterdata);
     break;
@@ -653,7 +673,8 @@
 }
 
 static const char * const protoname[] = {
-  "none", "tcp", "udp", "icmp", "ospf", "igmp", "gre", "ipip"
+  "none", "tcp", "udp", "icmp", "ospf", "igmp",
+  "gre", "esp", "ah", "ipip", "ipv6"
 };
 
 const char *
Index: filter.h
===================================================================
RCS file: /pub/cvsup/FreeBSD.cvs/src/usr.sbin/ppp/filter.h,v
retrieving revision 1.27
diff -u -r1.27 filter.h
--- filter.h	2001/06/13 21:52:16	1.27
+++ filter.h	2001/07/01 18:09:41
@@ -43,6 +43,7 @@
 #define P_ESP	7
 #define P_AH	8
 #define P_IPIP	9
+#define P_IPV6	10
 
 /* Operations - f_srcop, f_dstop */
 #define	OP_NONE	0
Index: ip.c
===================================================================
RCS file: /pub/cvsup/FreeBSD.cvs/src/usr.sbin/ppp/ip.c,v
retrieving revision 1.93
diff -u -r1.93 ip.c
--- ip.c	2001/06/18 15:00:22	1.93
+++ ip.c	2001/07/02 14:43:57
@@ -289,6 +289,15 @@
             sport = dport = 0;
             estab = syn = finrst = -1;
             break;
+          case IPPROTO_IPV6:
+            cproto = P_IPV6;
+            if (datalen < 20) {	/* RFC2893 Section 3.5: 5 * 32bit words */
+              log_Printf(LogFILTER, " error: IPV6 header incorrect\n");
+              return 1;
+            }
+            sport = dport = 0;
+            estab = syn = finrst = -1;
+            break;
           case IPPROTO_UDP:
             cproto = P_UDP;
             if (datalen < 8) {	/* UDP header is 8 octets */
@@ -640,6 +649,20 @@
       len = ntohs(pip->ip_len) - (pip->ip_hl << 2);
       snprintf(logbuf + loglen, sizeof logbuf - loglen,
                "OSPF: %s ---> ", inet_ntoa(pip->ip_src));
+      loglen += strlen(logbuf + loglen);
+      snprintf(logbuf + loglen, sizeof logbuf - loglen,
+               "%s (%d/%d)", inet_ntoa(pip->ip_dst), len, nb);
+      loglen += strlen(logbuf + loglen);
+    }
+    break;
+#endif
+
+#ifdef IPPROTO_IPV6
+  case IPPROTO_IPV6:
+    if (logit && loglen < sizeof logbuf) {
+      len = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+      snprintf(logbuf + loglen, sizeof logbuf - loglen,
+               "IPv6: %s ---> ", inet_ntoa(pip->ip_src));
       loglen += strlen(logbuf + loglen);
       snprintf(logbuf + loglen, sizeof logbuf - loglen,
                "%s (%d/%d)", inet_ntoa(pip->ip_dst), len, nb);
Index: ppp.8
===================================================================
RCS file: /pub/cvsup/FreeBSD.cvs/src/usr.sbin/ppp/ppp.8,v
retrieving revision 1.267
diff -u -r1.267 ppp.8
--- ppp.8	2001/06/20 19:55:58	1.267
+++ ppp.8	2001/07/02 03:56:11
@@ -1746,6 +1746,7 @@
 .Sq icmp ,
 .Sq igmp ,
 .Sq ipip ,
+.Sq ipv6 ,
 .Sq ospf ,
 .Sq udp
 or
