Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2017 Cisco and/or its affiliates. |
| 3 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | * you may not use this file except in compliance with the License. |
| 5 | * You may obtain a copy of the License at: |
| 6 | * |
| 7 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | * |
| 9 | * Unless required by applicable law or agreed to in writing, software |
| 10 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | * See the License for the specific language governing permissions and |
| 13 | * limitations under the License. |
| 14 | */ |
| 15 | /** |
| 16 | * @file |
| 17 | * @brief IPv6 to IPv4 translation |
| 18 | */ |
| 19 | #ifndef __included_ip6_to_ip4_h__ |
| 20 | #define __included_ip6_to_ip4_h__ |
| 21 | |
| 22 | #include <vnet/ip/ip.h> |
| 23 | |
| 24 | /** |
| 25 | * IPv6 to IPv4 set call back function type |
| 26 | */ |
| 27 | typedef int (*ip6_to_ip4_set_fn_t) (ip6_header_t * ip6, ip4_header_t * ip4, |
| 28 | void *ctx); |
| 29 | |
| 30 | /* *INDENT-OFF* */ |
| 31 | static u8 icmp6_to_icmp_updater_pointer_table[] = |
| 32 | { 0, 1, ~0, ~0, |
| 33 | 2, 2, 9, 8, |
| 34 | 12, 12, 12, 12, |
| 35 | 12, 12, 12, 12, |
| 36 | 12, 12, 12, 12, |
| 37 | 12, 12, 12, 12, |
| 38 | 24, 24, 24, 24, |
| 39 | 24, 24, 24, 24, |
| 40 | 24, 24, 24, 24, |
| 41 | 24, 24, 24, 24 |
| 42 | }; |
| 43 | /* *INDENT-ON* */ |
| 44 | |
| 45 | #define frag_id_6to4(id) ((id) ^ ((id) >> 16)) |
| 46 | |
| 47 | /** |
| 48 | * @brief Parse some useful information from IPv6 header. |
| 49 | * |
| 50 | * @param ip6 IPv6 header. |
| 51 | * @param buff_len Buffer length. |
| 52 | * @param l4_protocol L4 protocol number. |
| 53 | * @param l4_offset L4 header offset. |
| 54 | * @param frag_hdr_offset Fragment header offset if present, 0 otherwise. |
| 55 | * |
| 56 | * @returns 0 on success, non-zero value otherwise. |
| 57 | */ |
| 58 | static_always_inline int |
| 59 | ip6_parse (const ip6_header_t * ip6, u32 buff_len, |
| 60 | u8 * l4_protocol, u16 * l4_offset, u16 * frag_hdr_offset) |
| 61 | { |
| 62 | if (ip6->protocol == IP_PROTOCOL_IPV6_FRAGMENTATION) |
| 63 | { |
| 64 | *l4_protocol = ((ip6_frag_hdr_t *) (ip6 + 1))->next_hdr; |
| 65 | *frag_hdr_offset = sizeof (*ip6); |
| 66 | *l4_offset = sizeof (*ip6) + sizeof (ip6_frag_hdr_t); |
| 67 | } |
| 68 | else |
| 69 | { |
| 70 | *l4_protocol = ip6->protocol; |
| 71 | *frag_hdr_offset = 0; |
| 72 | *l4_offset = sizeof (*ip6); |
| 73 | } |
| 74 | |
| 75 | return (buff_len < (*l4_offset + 4)) || |
| 76 | (clib_net_to_host_u16 (ip6->payload_length) < |
| 77 | (*l4_offset + 4 - sizeof (*ip6))); |
| 78 | } |
| 79 | |
| 80 | /** |
| 81 | * @brief Get TCP/UDP port number or ICMP id from IPv6 packet. |
| 82 | * |
| 83 | * @param ip6 IPv6 header. |
| 84 | * @param sender 1 get sender port, 0 get receiver port. |
| 85 | * @param buffer_len Buffer length. |
| 86 | * |
| 87 | * @returns Port number on success, 0 otherwise. |
| 88 | */ |
| 89 | always_inline u16 |
| 90 | ip6_get_port (ip6_header_t * ip6, u8 sender, u16 buffer_len) |
| 91 | { |
| 92 | u8 l4_protocol; |
| 93 | u16 l4_offset; |
| 94 | u16 frag_offset; |
| 95 | u8 *l4; |
| 96 | |
| 97 | if (ip6_parse (ip6, buffer_len, &l4_protocol, &l4_offset, &frag_offset)) |
| 98 | return 0; |
| 99 | |
| 100 | if (frag_offset && |
| 101 | ip6_frag_hdr_offset (((ip6_frag_hdr_t *) |
| 102 | u8_ptr_add (ip6, frag_offset)))) |
| 103 | return 0; //Can't deal with non-first fragment for now |
| 104 | |
| 105 | l4 = u8_ptr_add (ip6, l4_offset); |
| 106 | if (l4_protocol == IP_PROTOCOL_TCP || l4_protocol == IP_PROTOCOL_UDP) |
| 107 | { |
| 108 | return (sender) ? ((udp_header_t *) (l4))->src_port : ((udp_header_t |
| 109 | *) |
| 110 | (l4))->dst_port; |
| 111 | } |
| 112 | else if (l4_protocol == IP_PROTOCOL_ICMP6) |
| 113 | { |
| 114 | icmp46_header_t *icmp = (icmp46_header_t *) (l4); |
| 115 | if (icmp->type == ICMP6_echo_request) |
| 116 | { |
| 117 | return (sender) ? ((u16 *) (icmp))[2] : -1; |
| 118 | } |
| 119 | else if (icmp->type == ICMP6_echo_reply) |
| 120 | { |
| 121 | return (sender) ? -1 : ((u16 *) (icmp))[2]; |
| 122 | } |
| 123 | } |
| 124 | return 0; |
| 125 | } |
| 126 | |
| 127 | /** |
| 128 | * @brief Convert type and code value from ICMP6 to ICMP4. |
| 129 | * |
| 130 | * @param icmp ICMP header. |
| 131 | * @param inner_ip6 Inner IPv6 header if present, 0 otherwise. |
| 132 | * |
| 133 | * @returns 0 on success, non-zero value otherwise. |
| 134 | */ |
| 135 | static_always_inline int |
| 136 | icmp6_to_icmp_header (icmp46_header_t * icmp, ip6_header_t ** inner_ip6) |
| 137 | { |
| 138 | *inner_ip6 = NULL; |
| 139 | switch (icmp->type) |
| 140 | { |
| 141 | case ICMP6_echo_request: |
| 142 | icmp->type = ICMP4_echo_request; |
| 143 | break; |
| 144 | case ICMP6_echo_reply: |
| 145 | icmp->type = ICMP4_echo_reply; |
| 146 | break; |
| 147 | case ICMP6_destination_unreachable: |
| 148 | *inner_ip6 = (ip6_header_t *) u8_ptr_add (icmp, 8); |
| 149 | |
| 150 | switch (icmp->code) |
| 151 | { |
| 152 | case ICMP6_destination_unreachable_no_route_to_destination: //0 |
| 153 | case ICMP6_destination_unreachable_beyond_scope_of_source_address: //2 |
| 154 | case ICMP6_destination_unreachable_address_unreachable: //3 |
| 155 | icmp->type = ICMP4_destination_unreachable; |
| 156 | icmp->code = |
| 157 | ICMP4_destination_unreachable_destination_unreachable_host; |
| 158 | break; |
| 159 | case ICMP6_destination_unreachable_destination_administratively_prohibited: //1 |
| 160 | icmp->type = |
| 161 | ICMP4_destination_unreachable; |
| 162 | icmp->code = |
| 163 | ICMP4_destination_unreachable_communication_administratively_prohibited; |
| 164 | break; |
| 165 | case ICMP6_destination_unreachable_port_unreachable: |
| 166 | icmp->type = ICMP4_destination_unreachable; |
| 167 | icmp->code = ICMP4_destination_unreachable_port_unreachable; |
| 168 | break; |
| 169 | default: |
| 170 | return -1; |
| 171 | } |
| 172 | break; |
| 173 | case ICMP6_packet_too_big: |
| 174 | *inner_ip6 = (ip6_header_t *) u8_ptr_add (icmp, 8); |
| 175 | |
| 176 | icmp->type = ICMP4_destination_unreachable; |
| 177 | icmp->code = 4; |
| 178 | { |
| 179 | u32 advertised_mtu = clib_net_to_host_u32 (*((u32 *) (icmp + 1))); |
| 180 | advertised_mtu -= 20; |
| 181 | //FIXME: = minimum(advertised MTU-20, MTU_of_IPv4_nexthop, (MTU_of_IPv6_nexthop)-20) |
| 182 | ((u16 *) (icmp))[3] = clib_host_to_net_u16 (advertised_mtu); |
| 183 | } |
| 184 | break; |
| 185 | |
| 186 | case ICMP6_time_exceeded: |
| 187 | *inner_ip6 = (ip6_header_t *) u8_ptr_add (icmp, 8); |
| 188 | |
| 189 | icmp->type = ICMP4_time_exceeded; |
| 190 | break; |
| 191 | |
| 192 | case ICMP6_parameter_problem: |
| 193 | *inner_ip6 = (ip6_header_t *) u8_ptr_add (icmp, 8); |
| 194 | |
| 195 | switch (icmp->code) |
| 196 | { |
| 197 | case ICMP6_parameter_problem_erroneous_header_field: |
| 198 | icmp->type = ICMP4_parameter_problem; |
| 199 | icmp->code = ICMP4_parameter_problem_pointer_indicates_error; |
| 200 | u32 pointer = clib_net_to_host_u32 (*((u32 *) (icmp + 1))); |
| 201 | if (pointer >= 40) |
| 202 | return -1; |
| 203 | |
| 204 | ((u8 *) (icmp + 1))[0] = |
| 205 | icmp6_to_icmp_updater_pointer_table[pointer]; |
| 206 | break; |
| 207 | case ICMP6_parameter_problem_unrecognized_next_header: |
| 208 | icmp->type = ICMP4_destination_unreachable; |
| 209 | icmp->code = ICMP4_destination_unreachable_port_unreachable; |
| 210 | break; |
| 211 | case ICMP6_parameter_problem_unrecognized_option: |
| 212 | default: |
| 213 | return -1; |
| 214 | } |
| 215 | break; |
| 216 | default: |
| 217 | return -1; |
| 218 | break; |
| 219 | } |
| 220 | return 0; |
| 221 | } |
| 222 | |
| 223 | /** |
| 224 | * @brief Translate TOS value from IPv6 to IPv4. |
| 225 | * |
| 226 | * @param ip6 IPv6 header. |
| 227 | * |
| 228 | * @returns IPv4 TOS value. |
| 229 | */ |
| 230 | static_always_inline u8 |
| 231 | ip6_translate_tos (const ip6_header_t * ip6) |
| 232 | { |
| 233 | return (clib_net_to_host_u32 (ip6->ip_version_traffic_class_and_flow_label) |
| 234 | & 0x0ff00000) >> 20; |
| 235 | } |
| 236 | |
| 237 | /** |
| 238 | * @brief Translate ICMP6 packet to ICMP4. |
| 239 | * |
| 240 | * @param p Buffer to translate. |
| 241 | * @param fn The function to translate outer header. |
| 242 | * @param ctx A context passed in the outer header translate function. |
| 243 | * @param inner_fn The function to translate inner header. |
| 244 | * @param inner_ctx A context passed in the inner header translate function. |
| 245 | * |
| 246 | * @returns 0 on success, non-zero value otherwise. |
| 247 | */ |
| 248 | always_inline int |
| 249 | icmp6_to_icmp (vlib_buffer_t * p, ip6_to_ip4_set_fn_t fn, void *ctx, |
| 250 | ip6_to_ip4_set_fn_t inner_fn, void *inner_ctx) |
| 251 | { |
| 252 | ip6_header_t *ip6, *inner_ip6; |
| 253 | ip4_header_t *ip4, *inner_ip4; |
| 254 | u32 ip6_pay_len; |
| 255 | icmp46_header_t *icmp; |
| 256 | ip_csum_t csum; |
| 257 | int rv; |
| 258 | |
| 259 | ip6 = vlib_buffer_get_current (p); |
| 260 | ip6_pay_len = clib_net_to_host_u16 (ip6->payload_length); |
| 261 | icmp = (icmp46_header_t *) (ip6 + 1); |
| 262 | ASSERT (ip6_pay_len + sizeof (*ip6) <= p->current_length); |
| 263 | |
| 264 | //No extensions headers allowed here |
| 265 | if (ip6->protocol != IP_PROTOCOL_ICMP6) |
| 266 | return -1; |
| 267 | |
| 268 | //There are no fragmented ICMP messages, so no extension header for now |
| 269 | if (icmp6_to_icmp_header (icmp, &inner_ip6)) |
| 270 | return -1; |
| 271 | |
| 272 | if (inner_ip6) |
| 273 | { |
| 274 | u16 *inner_L4_checksum, inner_l4_offset, inner_frag_offset, |
| 275 | inner_frag_id; |
| 276 | u8 *inner_l4, inner_protocol; |
| 277 | |
| 278 | //We have two headers to translate |
| 279 | // FROM |
| 280 | // [ IPv6 ]<- ext ->[IC][ IPv6 ]<- ext ->[L4 header ... |
| 281 | // Handled cases: |
| 282 | // [ IPv6 ][IC][ IPv6 ][L4 header ... |
| 283 | // [ IPv6 ][IC][ IPv6 ][Fr][L4 header ... |
| 284 | // TO |
| 285 | // [ IPv4][IC][ IPv4][L4 header ... |
| 286 | |
| 287 | if (ip6_parse (inner_ip6, ip6_pay_len - 8, |
| 288 | &inner_protocol, &inner_l4_offset, &inner_frag_offset)) |
| 289 | return -1; |
| 290 | |
| 291 | inner_l4 = u8_ptr_add (inner_ip6, inner_l4_offset); |
| 292 | inner_ip4 = |
| 293 | (ip4_header_t *) u8_ptr_add (inner_l4, -sizeof (*inner_ip4)); |
| 294 | if (inner_frag_offset) |
| 295 | { |
| 296 | ip6_frag_hdr_t *inner_frag = |
| 297 | (ip6_frag_hdr_t *) u8_ptr_add (inner_ip6, inner_frag_offset); |
| 298 | inner_frag_id = frag_id_6to4 (inner_frag->identification); |
| 299 | } |
| 300 | else |
| 301 | { |
| 302 | inner_frag_id = 0; |
| 303 | } |
| 304 | |
| 305 | //Do the translation of the inner packet |
| 306 | if (inner_protocol == IP_PROTOCOL_TCP) |
| 307 | { |
| 308 | inner_L4_checksum = (u16 *) u8_ptr_add (inner_l4, 16); |
| 309 | } |
| 310 | else if (inner_protocol == IP_PROTOCOL_UDP) |
| 311 | { |
| 312 | inner_L4_checksum = (u16 *) u8_ptr_add (inner_l4, 6); |
| 313 | } |
| 314 | else if (inner_protocol == IP_PROTOCOL_ICMP6) |
| 315 | { |
| 316 | icmp46_header_t *inner_icmp = (icmp46_header_t *) inner_l4; |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 317 | //It cannot be of a different type as ip6_icmp_to_icmp6_in_place succeeded |
| 318 | inner_icmp->type = (inner_icmp->type == ICMP6_echo_request) ? |
| 319 | ICMP4_echo_request : ICMP4_echo_reply; |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 320 | inner_protocol = IP_PROTOCOL_ICMP; //Will be copied to ip6 later |
| 321 | inner_L4_checksum = &inner_icmp->checksum; |
| 322 | } |
| 323 | else |
| 324 | { |
| 325 | return -1; |
| 326 | } |
| 327 | |
| 328 | csum = *inner_L4_checksum; |
| 329 | csum = ip_csum_sub_even (csum, inner_ip6->src_address.as_u64[0]); |
| 330 | csum = ip_csum_sub_even (csum, inner_ip6->src_address.as_u64[1]); |
| 331 | csum = ip_csum_sub_even (csum, inner_ip6->dst_address.as_u64[0]); |
| 332 | csum = ip_csum_sub_even (csum, inner_ip6->dst_address.as_u64[1]); |
Matus Fabian | 029f3d2 | 2017-06-15 02:28:50 -0700 | [diff] [blame] | 333 | *inner_L4_checksum = ip_csum_fold (csum); |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 334 | |
| 335 | if ((rv = inner_fn (inner_ip6, inner_ip4, inner_ctx)) != 0) |
| 336 | return rv; |
| 337 | |
| 338 | inner_ip4->ip_version_and_header_length = |
| 339 | IP4_VERSION_AND_HEADER_LENGTH_NO_OPTIONS; |
| 340 | inner_ip4->tos = ip6_translate_tos (inner_ip6); |
| 341 | inner_ip4->length = |
| 342 | u16_net_add (inner_ip6->payload_length, |
| 343 | sizeof (*ip4) + sizeof (*ip6) - inner_l4_offset); |
| 344 | inner_ip4->fragment_id = inner_frag_id; |
| 345 | inner_ip4->flags_and_fragment_offset = |
| 346 | clib_host_to_net_u16 (IP4_HEADER_FLAG_MORE_FRAGMENTS); |
| 347 | inner_ip4->ttl = inner_ip6->hop_limit; |
| 348 | inner_ip4->protocol = inner_protocol; |
| 349 | inner_ip4->checksum = ip4_header_checksum (inner_ip4); |
| 350 | |
| 351 | if (inner_ip4->protocol == IP_PROTOCOL_ICMP) |
| 352 | { |
Matus Fabian | 029f3d2 | 2017-06-15 02:28:50 -0700 | [diff] [blame] | 353 | //Recompute ICMP checksum |
| 354 | icmp46_header_t *inner_icmp = (icmp46_header_t *) inner_l4; |
| 355 | inner_icmp->checksum = 0; |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 356 | csum = |
Matus Fabian | 029f3d2 | 2017-06-15 02:28:50 -0700 | [diff] [blame] | 357 | ip_incremental_checksum (0, inner_icmp, |
| 358 | clib_net_to_host_u16 (inner_ip4->length) |
| 359 | - sizeof (*inner_ip4)); |
| 360 | inner_icmp->checksum = ~ip_csum_fold (csum); |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 361 | } |
| 362 | else |
| 363 | { |
| 364 | //Update to new pseudo-header |
Matus Fabian | 029f3d2 | 2017-06-15 02:28:50 -0700 | [diff] [blame] | 365 | csum = *inner_L4_checksum; |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 366 | csum = ip_csum_add_even (csum, inner_ip4->src_address.as_u32); |
| 367 | csum = ip_csum_add_even (csum, inner_ip4->dst_address.as_u32); |
Matus Fabian | 029f3d2 | 2017-06-15 02:28:50 -0700 | [diff] [blame] | 368 | *inner_L4_checksum = ip_csum_fold (csum); |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 369 | } |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 370 | |
| 371 | //Move up icmp header |
| 372 | ip4 = (ip4_header_t *) u8_ptr_add (inner_l4, -2 * sizeof (*ip4) - 8); |
| 373 | clib_memcpy (u8_ptr_add (inner_l4, -sizeof (*ip4) - 8), icmp, 8); |
| 374 | icmp = (icmp46_header_t *) u8_ptr_add (inner_l4, -sizeof (*ip4) - 8); |
| 375 | } |
| 376 | else |
| 377 | { |
| 378 | //Only one header to translate |
| 379 | ip4 = (ip4_header_t *) u8_ptr_add (ip6, sizeof (*ip6) - sizeof (*ip4)); |
| 380 | } |
| 381 | |
| 382 | vlib_buffer_advance (p, (u32) (((u8 *) ip4) - ((u8 *) ip6))); |
| 383 | |
| 384 | if ((rv = fn (ip6, ip4, ctx)) != 0) |
| 385 | return rv; |
| 386 | |
| 387 | ip4->ip_version_and_header_length = |
| 388 | IP4_VERSION_AND_HEADER_LENGTH_NO_OPTIONS; |
| 389 | ip4->tos = ip6_translate_tos (ip6); |
| 390 | ip4->fragment_id = 0; |
| 391 | ip4->flags_and_fragment_offset = 0; |
| 392 | ip4->ttl = ip6->hop_limit; |
| 393 | ip4->protocol = IP_PROTOCOL_ICMP; |
| 394 | //TODO fix the length depending on offset length |
| 395 | ip4->length = u16_net_add (ip6->payload_length, |
| 396 | (inner_ip6 == |
| 397 | NULL) ? sizeof (*ip4) : (2 * sizeof (*ip4) - |
| 398 | sizeof (*ip6))); |
| 399 | ip4->checksum = ip4_header_checksum (ip4); |
| 400 | |
| 401 | //Recompute ICMP checksum |
| 402 | icmp->checksum = 0; |
| 403 | csum = |
| 404 | ip_incremental_checksum (0, icmp, |
| 405 | clib_net_to_host_u16 (ip4->length) - |
| 406 | sizeof (*ip4)); |
| 407 | icmp->checksum = ~ip_csum_fold (csum); |
| 408 | |
| 409 | return 0; |
| 410 | } |
| 411 | |
| 412 | /** |
| 413 | * @brief Translate IPv6 fragmented packet to IPv4. |
| 414 | * |
| 415 | * @param p Buffer to translate. |
| 416 | * @param fn The function to translate header. |
| 417 | * @param ctx A context passed in the header translate function. |
| 418 | * |
| 419 | * @returns 0 on success, non-zero value otherwise. |
| 420 | */ |
| 421 | always_inline int |
| 422 | ip6_to_ip4_fragmented (vlib_buffer_t * p, ip6_to_ip4_set_fn_t fn, void *ctx) |
| 423 | { |
| 424 | ip6_header_t *ip6; |
| 425 | ip6_frag_hdr_t *frag; |
| 426 | ip4_header_t *ip4; |
| 427 | u16 frag_id; |
| 428 | u8 frag_more; |
| 429 | u16 frag_offset; |
| 430 | u8 l4_protocol; |
| 431 | u16 l4_offset; |
| 432 | int rv; |
| 433 | |
| 434 | ip6 = vlib_buffer_get_current (p); |
| 435 | |
| 436 | if (ip6_parse |
| 437 | (ip6, p->current_length, &l4_protocol, &l4_offset, &frag_offset)) |
| 438 | return -1; |
| 439 | |
| 440 | frag = (ip6_frag_hdr_t *) u8_ptr_add (ip6, frag_offset); |
| 441 | ip4 = (ip4_header_t *) u8_ptr_add (ip6, l4_offset - sizeof (*ip4)); |
| 442 | vlib_buffer_advance (p, l4_offset - sizeof (*ip4)); |
| 443 | |
| 444 | frag_id = frag_id_6to4 (frag->identification); |
| 445 | frag_more = ip6_frag_hdr_more (frag); |
| 446 | frag_offset = ip6_frag_hdr_offset (frag); |
| 447 | |
| 448 | if ((rv = fn (ip6, ip4, ctx)) != 0) |
| 449 | return rv; |
| 450 | |
| 451 | ip4->ip_version_and_header_length = |
| 452 | IP4_VERSION_AND_HEADER_LENGTH_NO_OPTIONS; |
| 453 | ip4->tos = ip6_translate_tos (ip6); |
| 454 | ip4->length = u16_net_add (ip6->payload_length, |
| 455 | sizeof (*ip4) - l4_offset + sizeof (*ip6)); |
| 456 | ip4->fragment_id = frag_id; |
| 457 | ip4->flags_and_fragment_offset = |
| 458 | clib_host_to_net_u16 (frag_offset | |
| 459 | (frag_more ? IP4_HEADER_FLAG_MORE_FRAGMENTS : 0)); |
| 460 | ip4->ttl = ip6->hop_limit; |
| 461 | ip4->protocol = |
| 462 | (l4_protocol == IP_PROTOCOL_ICMP6) ? IP_PROTOCOL_ICMP : l4_protocol; |
| 463 | ip4->checksum = ip4_header_checksum (ip4); |
| 464 | |
| 465 | return 0; |
| 466 | } |
| 467 | |
| 468 | /** |
| 469 | * @brief Translate IPv6 UDP/TCP packet to IPv4. |
| 470 | * |
| 471 | * @param p Buffer to translate. |
| 472 | * @param fn The function to translate header. |
| 473 | * @param ctx A context passed in the header translate function. |
| 474 | * |
| 475 | * @returns 0 on success, non-zero value otherwise. |
| 476 | */ |
| 477 | always_inline int |
| 478 | ip6_to_ip4_tcp_udp (vlib_buffer_t * p, ip6_to_ip4_set_fn_t fn, void *ctx, |
| 479 | u8 udp_checksum) |
| 480 | { |
| 481 | ip6_header_t *ip6; |
| 482 | u16 *checksum; |
Matus Fabian | b1291e2 | 2017-05-05 04:57:16 -0700 | [diff] [blame] | 483 | ip_csum_t csum = 0; |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 484 | ip4_header_t *ip4; |
| 485 | u16 fragment_id; |
| 486 | u16 flags; |
| 487 | u16 frag_offset; |
| 488 | u8 l4_protocol; |
| 489 | u16 l4_offset; |
| 490 | int rv; |
| 491 | |
| 492 | ip6 = vlib_buffer_get_current (p); |
| 493 | |
| 494 | if (ip6_parse |
| 495 | (ip6, p->current_length, &l4_protocol, &l4_offset, &frag_offset)) |
| 496 | return -1; |
| 497 | |
| 498 | if (l4_protocol == IP_PROTOCOL_TCP) |
| 499 | { |
| 500 | tcp_header_t *tcp = ip6_next_header (ip6); |
| 501 | checksum = &tcp->checksum; |
| 502 | } |
| 503 | else |
| 504 | { |
| 505 | udp_header_t *udp = ip6_next_header (ip6); |
| 506 | checksum = &udp->checksum; |
| 507 | //UDP checksum is optional over IPv4 |
| 508 | if (!udp_checksum) |
| 509 | goto no_csum; |
| 510 | } |
| 511 | |
| 512 | csum = ip_csum_sub_even (*checksum, ip6->src_address.as_u64[0]); |
| 513 | csum = ip_csum_sub_even (csum, ip6->src_address.as_u64[1]); |
| 514 | csum = ip_csum_sub_even (csum, ip6->dst_address.as_u64[0]); |
| 515 | csum = ip_csum_sub_even (csum, ip6->dst_address.as_u64[1]); |
Matus Fabian | 029f3d2 | 2017-06-15 02:28:50 -0700 | [diff] [blame] | 516 | *checksum = ip_csum_fold (csum); |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 517 | |
| 518 | no_csum: |
| 519 | ip4 = (ip4_header_t *) u8_ptr_add (ip6, l4_offset - sizeof (*ip4)); |
| 520 | |
| 521 | vlib_buffer_advance (p, l4_offset - sizeof (*ip4)); |
| 522 | |
| 523 | if (PREDICT_FALSE (frag_offset)) |
| 524 | { |
| 525 | //Only the first fragment |
| 526 | ip6_frag_hdr_t *hdr = (ip6_frag_hdr_t *) u8_ptr_add (ip6, frag_offset); |
| 527 | fragment_id = frag_id_6to4 (hdr->identification); |
| 528 | flags = clib_host_to_net_u16 (IP4_HEADER_FLAG_MORE_FRAGMENTS); |
| 529 | } |
| 530 | else |
| 531 | { |
| 532 | fragment_id = 0; |
| 533 | flags = 0; |
| 534 | } |
| 535 | |
| 536 | if ((rv = fn (ip6, ip4, ctx)) != 0) |
| 537 | return rv; |
| 538 | |
| 539 | ip4->ip_version_and_header_length = |
| 540 | IP4_VERSION_AND_HEADER_LENGTH_NO_OPTIONS; |
| 541 | ip4->tos = ip6_translate_tos (ip6); |
| 542 | ip4->length = u16_net_add (ip6->payload_length, |
| 543 | sizeof (*ip4) + sizeof (*ip6) - l4_offset); |
| 544 | ip4->fragment_id = fragment_id; |
| 545 | ip4->flags_and_fragment_offset = flags; |
| 546 | ip4->ttl = ip6->hop_limit; |
| 547 | ip4->protocol = l4_protocol; |
| 548 | ip4->checksum = ip4_header_checksum (ip4); |
| 549 | |
| 550 | //UDP checksum is optional over IPv4 |
| 551 | if (!udp_checksum && l4_protocol == IP_PROTOCOL_UDP) |
| 552 | { |
| 553 | *checksum = 0; |
| 554 | } |
| 555 | else |
| 556 | { |
Matus Fabian | 029f3d2 | 2017-06-15 02:28:50 -0700 | [diff] [blame] | 557 | csum = ip_csum_add_even (*checksum, ip4->dst_address.as_u32); |
Matus Fabian | a774b53 | 2017-05-02 03:15:22 -0700 | [diff] [blame] | 558 | csum = ip_csum_add_even (csum, ip4->src_address.as_u32); |
| 559 | *checksum = ip_csum_fold (csum); |
| 560 | } |
| 561 | |
| 562 | return 0; |
| 563 | } |
| 564 | |
| 565 | #endif /* __included_ip6_to_ip4_h__ */ |
| 566 | |
| 567 | /* |
| 568 | * fd.io coding-style-patch-verification: ON |
| 569 | * |
| 570 | * Local Variables: |
| 571 | * eval: (c-set-style "gnu") |
| 572 | * End: |
| 573 | */ |