sys/netinet6/nd6.c: add ND6_IFF_ACCEPT_RTADV flag

[Hiroki Sato <hrs@xxxxxxxxxx>]

Hi,

 Here is a patch to add the new flag ND6_IFF_ACCEPT_RTADV to
 implement a knob to contorol whether to accept RAs in per-interface
 basis (obtained from KAME via FreeBSD).


Add a new flag "ND6_IFF_ACCEPT_RTADV" into nd_ifinfo to
control whether to accept RAs per-interface basis.
This flag is enabled by default.

Obtained from:	KAME (via FreeBSD)

Index: nd6.c
===================================================================
RCS file: /cvs/src/sys/netinet6/nd6.c,v
retrieving revision 1.12
diff -d -u -I\$FreeBSD:.*\$ -I\$NetBSD:.*\$ -I\$OpenBSD:.*\$ -I\$DragonFly:.*\$ -I\$Id:.*\$ -I\$hrs:.*\$ -r1.12 nd6.c
--- nd6.c	21 Dec 2004 02:54:47 -0000	1.12
+++ nd6.c	28 Dec 2004 09:41:21 -0000
@@ -192,7 +192,12 @@
 	ND.reachable = ND_COMPUTE_RTIME(ND.basereachable);
 	ND.retrans = RETRANS_TIMER;
 	ND.receivedra = 0;
-	ND.flags = ND6_IFF_PERFORMNUD;
+	/*
+	 * Note that the default value of ip6_accept_rtadv is 0, which means
+	 * we won't accept RAs by default even if we set ND6_IFF_ACCEPT_RTADV
+	 * here.
+	 */
+	ND.flags = (ND6_IFF_PERFORMNUD | ND6_IFF_ACCEPT_RTADV);
 	nd6_setmtu(ifp);
 #undef ND
 }
Index: nd6.h
===================================================================
RCS file: /cvs/src/sys/netinet6/nd6.h,v
retrieving revision 1.4
diff -d -u -I\$FreeBSD:.*\$ -I\$NetBSD:.*\$ -I\$OpenBSD:.*\$ -I\$DragonFly:.*\$ -I\$Id:.*\$ -I\$hrs:.*\$ -r1.4 nd6.h
--- nd6.h	22 Nov 2003 19:30:56 -0000	1.4
+++ nd6.h	28 Dec 2004 09:41:40 -0000
@@ -88,6 +88,7 @@
 };
 
 #define ND6_IFF_PERFORMNUD	0x1
+#define ND6_IFF_ACCEPT_RTADV	0x2
 
 struct in6_nbrinfo {
 	char ifname[IFNAMSIZ];	/* if name, e.g. "en0" */
Index: nd6_rtr.c
===================================================================
RCS file: /cvs/src/sys/netinet6/nd6_rtr.c,v
retrieving revision 1.6
diff -d -u -I\$FreeBSD:.*\$ -I\$NetBSD:.*\$ -I\$OpenBSD:.*\$ -I\$DragonFly:.*\$ -I\$Id:.*\$ -I\$hrs:.*\$ -r1.6 nd6_rtr.c
--- nd6_rtr.c	21 Dec 2004 02:54:47 -0000	1.6
+++ nd6_rtr.c	28 Dec 2004 09:42:41 -0000
@@ -218,8 +218,15 @@
 	union nd_opts ndopts;
 	struct nd_defrouter *dr;
 
+	/*
+	 * We only accept RAs only when
+	 * the system-wide variable allows the acceptance, and
+	 * per-interface variable allows RAs on the receiving interface.
+	 */
 	if (ip6_accept_rtadv == 0)
 		goto freeit;
+	if (!(ndi->flags & ND6_IFF_ACCEPT_RTADV))
+		goto freeit;
 
 	if (ip6->ip6_hlim != 255) {
 		nd6log((LOG_ERR,

Attachment: pgp00023.pgp
Description: PGP signature