If no other route is found, the network interface prefixes are
evaluated. If a matching interface is found, the packet is sent out on
this interface.
Signed-off-by: Christian Taedcke <christian.taedcke@lemonbeat.com>
The address family of the received packet must be set, before routing
it. E.g. the ethernet driver would drop the packet if this is not
done.
Signed-off-by: Christian Taedcke <christian.taedcke@lemonbeat.com>
Allow user to disable native IP stack and use offloaded IP
stack instead. It is also possible to enable both at the same
time if needed.
Fixes#18105
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Make sure that the extension, like HBHO, sub-option length is
not too large.
Fixes#16323
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive IPv6 packet where source address is unspecified
(all zeros), then we need to drop it.
Fixes#17450
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Since the new packet flow came in, payload comes at the end so udp
length for instance is known only when we "finalize" the packet.
However such finalization was still under the condition of chksum
offload, like it used to be in the former flow (udp headers were
inserted). This is obviously wrong but that was not caught with
existing driver in master as none of these drivers offloading
chksum calculation.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Now that legacy - and unrelated - function named net_pkt_get_data has
been removed, we can rename net_pkt_get_data_new relevantly.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
The ipv6_handle_ext_hdr_options() can return negative value
but we stored it into unsigned variable and then checked < 0.
Coverity-CID: 190995
Fixes#13830
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
ICMPv6 network packets are processed and consumed (if not dropped)
within `net_icmpv6_input` function. Therefore they shoud not be
passed to the `net_conn_input` function.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
It is now unused anywhere: former net_pkt_get_src/dst_addr where the
only one using it and that has been changed since.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Though these are currently used by the core only, it will be then used
by net_context as well. This one of the steps to get rid of net_pkt's
appdata/appdatalen attributes.
Also normalizing all ip/proto parameters name to ip_hdr and proto_hdr.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Only next to be removed functions like net_tcp_set_checksum() are left
untouched. All the rest is switched.
Adding net_tcp_finalize() to follow the same logic as for UDP and else.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This optimizes the memory quite a bit since we do not need to clone nor
split the original packet at any time.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This is meant to remove the need for macro NET_IPV6_HDR(), since we
don't know in future if accessing the header that way will be valid.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Use the new net_pkt API to proceed through IPv6 header and all the
extension header as well.
Use udp/tcp input functions relevantly, and call net_conn_input
afterwards.
Note: This commit temporarly disable IPv6 fragmentation support
in the code directly. Which support will be re-enabled afterwards.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Extension headers are specific and use nexthdr attribute from net_pkt.
next_header_proto is the user protocol (if any) that might require
finalization too (calculating the checksum).
However, if there are extension header, we need to skip those and jump
to the position where the user protocol starts.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Also, store the actual next_hdr value and not it's position.
This permits to reduce net_pkt from some bytes.
Such field was unused until now, but it will be soon.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
This API is meant to work with pre-allocated net_pkt.
It assumes net_pkt's buffer cursor is at the right position where to
create the IPv6 header. Once done, the cursor will be placed right
after the newly created IPv6 header.
Finalizing assumes the same.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
As for IPv4, net_conn_input() can be called at one place for udp/tcp.
It will anyway check if given protocol is enabled so no need to check
such support here.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
It was weird to pre-parse ICMPv6 headers in IPv6. Moreover parsing
failure of such header would not generate the right statistic.
Instead, centralizing all into net_icmpv6_input relevantly, and adapting
the test cases which were using that function. In RPL test, removing the
dummy dio test was simpler since dio is anyway tested later on.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Just recalculate the chksum without resetting its value to 0, and test
if return value is 0.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Remove network specific default and max log level setting
and start to use the zephyr logging values for those.
Remove LOG_MODULE_REGISTER() from net_core.h and place the
calls into .c files. This is done in order to avoid weird
compiler errors in some cases and to make the code look similar
as other subsystems.
Fixes#11343Fixes#11659
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive extra data at the end of the IP message, then
discard that data and accept the packet.
Fixes#11649
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Unify the function naming for various network checking functions.
For example:
net_is_ipv6_addr_loopback() -> net_ipv6_is_addr_loopback()
net_is_my_ipv6_maddr() -> net_ipv6_is_my_maddr()
etc.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Make sure that ICMPv6 checksum is correct before continuing
processing the packet.
Fixes#10971
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive an IPv6 packet with organisation scope multicast
address FF08:: then we must drop it as those addresses are
reserved for organisation network traffic only.
Fixes#10961
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive an IPv6 packet with site scope multicast
address FF05:: then we must drop it as those addresses are
reserved for site network traffic only.
Fixes#10960
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
If we receive an IPv6 packet with interface scope multicast
address FF01:: then we must drop it as those addresses are
reserved for local network traffic only.
Fixes#10959
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
We must drop packet that is received from outside and which has
IPv6 loopback address (::1) either as a destination address or
source address.
Fixes#10933
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Cache the used transport protocol in net_pkt. This way we can
avoid traversing IP header to get the last protocol in network
packet. This is mostly an issue in IPv6 which can have a long
list of extension headers after IPv6 header and before the
transport protocol header.
Fixes#10853
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
As the debugging print calls are async, all the strings that might
be overwritten must use log_strdup() which will create a copy
of the printable string.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Instead of one global log level option and one on/off boolean
config option / module, this commit creates one log level option
for each module. This simplifies the logging as it is now possible
to enable different level of debugging output for each network
module individually.
The commit also converts the code to use the new logger
instead of the old sys_log.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
pkt properties should be set prior to routing.
If packet routing is turned on and the packet is
forwarded to an interface, the pkt properties like
ipv6_ext_len or ip_hdr_len will not be initialized.
If a UDP packet is forwarded to an 6lo interface,
it leads to incorrect calculation of UDP header
during UDP header compression (net_udp_get_hdr).
Fixes#10204
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
If a malformed packet with multiple HBHO is received by the Zephyr IP
stack it replies with ICMPv6 type 4 code 1: "Parameter problem
unrecognized Next Header type encountered". This ICMPv6 message has
wrong IPv6 payload length and ICMPv6 checksum.
RFC 8200 in chapter 4.1 states:
Each extension header should occur at most once, except for the
Destination Options header, which should occur at most twice (once
before a Routing header and once before the upper-layer header).
There are two possible solutions to the problem at hand:
1) Respond with ICMPv6 Parameter problem, in this case IPv6 length and
ICMPv6 checksum need to be fixed
2) Drop the malformed packet
This patch implements the easy solution - 2. Basically it changes the
code to drop the malformed packet instead of sending ICMPv6 type 4
code 1.
Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com>
No functionality changes. Just moved IPv6 fragment and related functions
to ipv6_fragment.c for better readability
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
No functionality changes. Just moved IPv6 MLD and related functions
to ipv6_mld.c for better readability.
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>