The current implementation of net_conn_input() can accept different
packet types, with completely different processing code, resulting in a
function which is pretty bloated, sliced with conditionally enabled code
and hard to understand and therefore maintain.
This commit splits that function into smaller ones, specialized for
different packet types (and entry levels). The following functions have
been extracted from the original one:
- net_conn_packet_input() for early packet processing (covering
AF_PACKET family sockets)
- net_conn_raw_ip_input() for raw IP packets processing (covering
AF_INET(6)/SOCK_RAW sockets)
- net_conn_can_input() for CAN packets processing (covering AF_CAN
family sockets)
The net_conn_input() function stripped from above cases now only takes
care of packets that have been processed by respective L4 and are
intended for regular TCP/UDP sockets.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
As the network packet filter drops packets without any indication
that the packet is dropped, it can be difficult to monitor what
is going on in the system when receiving data. The user can
now monitor the statistics and see if packets are being dropped
because of packet filter activity.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Introduce changes in the networking stack which allow to create raw IP
sockets, so that applications can send and receive raw IP datagrams.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The ARP code has set the protocol type of the packet to
0x806, so do not change it when preparing to send to 0x800
which is the IP protocol type. Lets trust the previously
called functions to set the ptype correctly and do not set
it here.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of setting the upper protocol type in ethernet_send()
by checking the protocol type bits, use the ptype that is already
set by the caller. This allows new protocol types to be supported
and makes the system extensible.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Catch "Destination Unreachable" ICMPv4 messages and update PMTU for
a given destination IPv4 address.
Use that PMTU when sending data to the destination.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Utilize a code spell-checking tool to scan for and correct spelling errors
in all files within the `subsys/net/ip` directory.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
The Xilinx AXI Ethernet subsystem is capable of RX/Tx checksum
offloading. While it supports computing IP and UDP/TCP checksums, it
does not support computing ICMP checksums and only computes IP checksums
for ICMP messages. Thus, this patch adds an additional configuration for
ethernet drivers that indicates for which protocols checksum offloading
is (to be) supported. This flag is then considered by the IP subsystem
in determining when flags need to be computed in software.
Signed-off-by: Eric Ackermann <eric.ackermann@cispa.de>
Add support for IPv4 conflict detection, as specified in RFC 5227.
The new feature is optional and disabled by default.
Address conflict detection was implemented as a part of the IPv4
autoconf feature can be generalized to be available for all address
types.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Refactor the IP tunneling support as the input callback was removed
in previous commit. The data will flow through the recv callback now
as expected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
IGMP queries sent out by a proxy querier can have
a source IP address 0.0.0.0
Allow these incoming packets.
Fixes#69917
Signed-off-by: Savin Weeraratne <savin.weeraratne@audinate.com>
As discussed during DHCPv4 server integration, group DHCPv4 client files
with DHCPv4 server in a single lib directory.
Renamed internal "dhcpv4.h" header to "dhcpv4_internal.h" so that it's
not confused with the public "dhcpv4.h" header.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If we receive a packet where the source address is our own
address, then we should drop it.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we receive a packet from non localhost interface, then
drop it if either source or destination address is a localhost
address.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Modify internal L4 protocols APIs, to allow to enforce checksum
calculation, regardless of the checksum HW offloading capability.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Some DHCPv4 servers do not respect BROADCAST flag set on DHCP Discover,
replying with unicast packet, making it impossible to obtain DHCP
address by Zephyr in such cases.
RFC1542 chapter 3.1.1 makes the following statement about the BROADCAST
flag:
This addition to the protocol is a workaround for old host
implementations. Such implementations SHOULD be modified so
that they may receive unicast BOOTREPLY messages, thus making
use of this workaround unnecessary. In general, the use of
this mechanism is discouraged.
Making it clear that being able to process unicast replies from the DHCP
server is not only an optional behavior, but a recommended solution.
Therefore, introduce a support for unicast DHCPv4 in Zephyr. To achieve
this, add additional filtering rule at the IPv4 level - in case DHCPv4
is enabled, there is an active query and the packet is destined for the
DHCPv4 module, let it through for the DHCPv4 module to process,
regardless of the destination IP address.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The additional hooks provide infrastructure to construct
rules on another network stack levels. Main benefit of this
approach is packets are pre-parsed and e.g. IP filter is
easier to implement. These hooks are equivalent of prerouting
and local_in in linux's netfilter.
Signed-off-by: Marcin Gasiorek <marcin.gasiorek@nordicsemi.no>
Adds support for incoming and outgoing IPv4 fragmented packet support,
allowing a single packet that is too large to be sent to be split up
and sent successfully.
Signed-off-by: Jamie McCrae <spam@helper3000.net>
Logging v1 has been removed and log_strdup wrapper function is no
longer needed. Removing the function and its use in the tree.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
To be able to accept DHCP discover/request incoming packets the ip stack
neeeds to accept unspecified src addr if the destination is broadcast
address.
Signed-off-by: Olof Winge <olof@skyshaper.net>
In order to bring consistency in-tree, migrate all subsystems code to
the new prefix <zephyr/...>. Note that the conversion has been scripted,
refer to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Replace unpacked in_addr structures with raw buffers in net_ipv4_hdr
struct, to prevent compiler warnings about unaligned access.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Make sure that in_addr/in6_addr structure size match the respective
binary IP address size with BUILD_ASSERT.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This can be used to implement tunneling, VPN etc. The virtual
interfaces can be chained together to support multilayer
network interfaces.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add a function that allow caller to create IPv4 header with
possibility to set various fields in the header.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
net_icmp4_input() may net_pkt_unref() a packet. The header mustn't be
accessed after this or the system may crash.
Signed-off-by: Oliver Hitz <oliver@net-track.ch>
Remove temporary interception of TCP, UDP for TTCN-3 based
TCP2 sanity check.
As a part of adding IPv6 support, TCP2 will register test
callbacks/inputs with net_conn_register().
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
opts_len renamed to total_opts_len in previous changes.
But it's not replaced at one place.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
If IPv4 header options has wrong options length
(e.g. options length is more that actual data),
then parser decrements opts_len without checking
actual data length. Which crashes the network stack.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Timestamp and RecordRoute options are supported
in only ICMPv4 EchoRequest call as per
RFC 1122 3.2.2.6.
Fixes#14668
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
IPv4 header options length will be stored in ipv4_opts_len
in net_pkt structure. Now IPv4 header length will be in
net_pkt ip_hdr_len + ipv4_opts_len. So modified relevant
places of ip header length calculation for IPv4.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
Allow user to disable native IP stack and use offloaded IP
stack instead. It is also possible to enable both at the same
time if needed.
Fixes#18105
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive IPv4 packet where source address is unspecified
(all zeros), then we need to drop it.
Fixes#17427
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Make sure we are able to receive UDP packets with broadcast
destination address. If CONFIG_NET_IPV4_ACCEPT_ZERO_BROADCAST
is set, then check here also non-standard broadcast address
that is described in RFC 1122 chapter 3.3.6.
Fixes#11617
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The "is this packet for us?" filter in net_ipv4_input() has a minor
logic error which fails to discard many packets which are.. not for us.
Fixes: #14647
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
Since the new packet flow came in, payload comes at the end so udp
length for instance is known only when we "finalize" the packet.
However such finalization was still under the condition of chksum
offload, like it used to be in the former flow (udp headers were
inserted). This is obviously wrong but that was not caught with
existing driver in master as none of these drivers offloading
chksum calculation.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Now that legacy - and unrelated - function named net_pkt_get_data has
been removed, we can rename net_pkt_get_data_new relevantly.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
IPv4 header might come with options, unlike IPv6, these are not
encapsulated in option header but are fully part of the IPv4 header.
Zephyr must handles these. Now silently ignoring their content and
setting the cursor to the payload properly.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
