L4协议的注册:
位于IPv4之上的L4协议是由net_protocol数据结构定义的
1: struct net_protocol { 2: int (*handler)(struct sk_buff *skb); 3: void (*err_handler)(struct sk_buff *skb, u32 info); 4: int (*gso_send_check)(struct sk_buff *skb); 5: struct sk_buff *(*gso_segment)(struct sk_buff *skb, 6: int features); 7: struct sk_buff **(*gro_receive)(struct sk_buff **head, 8: struct sk_buff *skb); 9: int (*gro_complete)(struct sk_buff *skb); 10: unsigned int no_policy:1, 11: netns_ok:1; 12: };handler,由此协议注册的函数,来作为送进来的封包的处理函数。
err_handler,由icmp协议处理函数所用的函数,用于通知l4协议有关接收到icmp unreachable消息的时间。
no_policy,此字段在网络协议中的某些关键点都会被查询,用于使协议免于ipsec策略检查:1是指没有必要针对此协议检查ipsec策略。
1: /* 2: * Add a protocol handler to the hash tables 3: */ 4: 5: int inet_add_protocol(const struct net_protocol *prot, unsigned char protocol) 6: { 7: int hash, ret; 8: 9: hash = protocol & (MAX_INET_PROTOS - 1); 10: 11: spin_lock_bh(&inet_proto_lock); 12: if (inet_protos[hash]) { 13: ret = -1; 14: } else { 15: inet_protos[hash] = prot; 16: ret = 0; 17: } 18: spin_unlock_bh(&inet_proto_lock); 19: 20: return ret; 21: } 22: 23: /* 24: * Remove a protocol from the hash tables. 25: */ 26: 27: int inet_del_protocol(const struct net_protocol *prot, unsigned char protocol) 28: { 29: int hash, ret; 30: 31: hash = protocol & (MAX_INET_PROTOS - 1); 32: 33: spin_lock_bh(&inet_proto_lock); 34: if (inet_protos[hash] == prot) { 35: inet_protos[hash] = NULL; 36: ret = 0; 37: } else { 38: ret = -1; 39: } 40: spin_unlock_bh(&inet_proto_lock); 41: 42: synchronize_net(); 43: 44: return ret; 45: }
L3到L4的传递:ip_local_deliver_finish
1: static int ip_local_deliver_finish(struct sk_buff *skb) 2: { 3: struct net *net = dev_net(skb->dev); 4: 5: __skb_pull(skb, ip_hdrlen(skb)); 6: 7: /* Point into the IP datagram, just past the header. */ 8: skb_reset_transport_header(skb); 9: 10: rcu_read_lock(); 11: { 12: int protocol = ip_hdr(skb)->protocol; 13: int hash, raw; 14: const struct net_protocol *ipprot; 15: 16: resubmit: 17: raw = raw_local_deliver(skb, protocol); 18: 19: hash = protocol & (MAX_INET_PROTOS - 1); 20: ipprot = rcu_dereference(inet_protos[hash]); 21: if (ipprot != NULL) { 22: int ret; 23: 24: if (!net_eq(net, &init_net) && !ipprot->netns_ok) { 25: if (net_ratelimit()) 26: printk("%s: proto %d isn't netns-ready\n", 27: __func__, protocol); 28: kfree_skb(skb); 29: goto out; 30: } 31: 32: if (!ipprot->no_policy) { 33: if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) { 34: kfree_skb(skb); 35: goto out; 36: } 37: nf_reset(skb); 38: } 39: ret = ipprot->handler(skb); 40: if (ret < 0) { 41: protocol = -ret; 42: goto resubmit; 43: } 44: IP_INC_STATS_BH(net, IPSTATS_MIB_INDELIVERS); 45: } else { 46: if (!raw) { 47: if (xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) { 48: IP_INC_STATS_BH(net, IPSTATS_MIB_INUNKNOWNPROTOS); 49: icmp_send(skb, ICMP_DEST_UNREACH, 50: ICMP_PROT_UNREACH, 0); 51: } 52: } else 53: IP_INC_STATS_BH(net, IPSTATS_MIB_INDELIVERS); 54: kfree_skb(skb); 55: } 56: } 57: out: 58: rcu_read_unlock(); 59: 60: return 0; 61: }
扫一扫
2507
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
