Changeset 49042 in vbox

Timestamp:

Oct 11, 2013 12:39:51 AM (11 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

89825

Message:

Do not configure IPv6 addresses and netif::output_ip6 method on the
proxy netif if IPv6 is disabled for this NAT network.

Location:

trunk/src/VBox/NetworkServices/NAT

Files:

: 2 edited

VBoxNetLwipNAT.cpp (modified) (6 diffs)
proxy.h (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/src/VBox/NetworkServices/NAT/VBoxNetLwipNAT.cpp

-              r49016
+              r49042
+{
     AssertPtrReturnVoid(arg);
     VBoxNetLwipNAT *pThis = (VBoxNetLwipNAT *)arg;
+    VBoxNetLwipNAT *pNat = static_cast<VBoxNetLwipNAT *>(arg);
     HRESULT hrc = com::Initialize();
 …
     netif_set_link_up(pNetif);
+    /*
+     * XXX: lwIP currently only ever calls mld6_joingroup() in
+     * nd6_tmr() for fresh tentative addresses, which is a wrong place
+     * to do it - but I'm not keen on fixing this properly for now
+     * (with correct handling of interface up and down transitions,
+     * etc).  So stick it here as a kludge.
+     */
+    for (int i = 0; i <= 1; ++i) {
+        ip6_addr_t *paddr = netif_ip6_addr(pNetif, i);
+        ip6_addr_t solicited_node_multicast_address;
+        ip6_addr_set_solicitednode(&solicited_node_multicast_address,
+                                   paddr->addr[3]);
+        mld6_joingroup(paddr, &solicited_node_multicast_address);
+    }
+    /*
+     * XXX: We must join the solicited-node multicast for the
+     * addresses we do IPv6 NA-proxy for.  We map IPv6 loopback to
+     * proxy address + 1.  We only need the low 24 bits, and those are
+     * fixed.
+     */
+    {
+        ip6_addr_t solicited_node_multicast_address;
+        ip6_addr_set_solicitednode(&solicited_node_multicast_address,
+                                   /* last 24 bits of the address */
+                                   PP_HTONL(0x00000002));
+        mld6_netif_joingroup(pNetif,  &solicited_node_multicast_address);
+    if (pNat->m_ProxyOptions.ipv6_enabled) {
+        /*
+         * XXX: lwIP currently only ever calls mld6_joingroup() in
+         * nd6_tmr() for fresh tentative addresses, which is a wrong place
+         * to do it - but I'm not keen on fixing this properly for now
+         * (with correct handling of interface up and down transitions,
+         * etc).  So stick it here as a kludge.
+         */
+        for (int i = 0; i <= 1; ++i) {
+            ip6_addr_t *paddr = netif_ip6_addr(pNetif, i);
+            ip6_addr_t solicited_node_multicast_address;
+            ip6_addr_set_solicitednode(&solicited_node_multicast_address,
+                                       paddr->addr[3]);
+            mld6_joingroup(paddr, &solicited_node_multicast_address);
+        }
+        /*
+         * XXX: We must join the solicited-node multicast for the
+         * addresses we do IPv6 NA-proxy for.  We map IPv6 loopback to
+         * proxy address + 1.  We only need the low 24 bits, and those are
+         * fixed.
+         */
+        {
+            ip6_addr_t solicited_node_multicast_address;
+            ip6_addr_set_solicitednode(&solicited_node_multicast_address,
+                                       /* last 24 bits of the address */
+                                       PP_HTONL(0x00000002));
+            mld6_netif_joingroup(pNetif,  &solicited_node_multicast_address);
+        }
+    }
 …
     natServiceProcessRegisteredPf(g_pLwipNat->m_vecPortForwardRule4);
     natServiceProcessRegisteredPf(g_pLwipNat->m_vecPortForwardRule6);
+}
 …
     pNetif->linkoutput = netifLinkoutput; /* ether-level-pipe */
     pNetif->output = lwip_etharp_output; /* ip-pipe */
+    pNetif->output_ip6 = ethip6_output;
+    /* IPv6 link-local address in slot 0 */
+    netif_create_ip6_linklocal_address(pNetif, /* :from_mac_48bit */ 1);
+    netif_ip6_addr_set_state(pNetif, 0, IP6_ADDR_PREFERRED); // skip DAD
+    /*
+     * RFC 4193 Locally Assigned Global ID (ULA) in slot 1
+     * [fd17:625c:f037:XXXX::1] where XXXX, 16 bit Subnet ID, are two
+     * bytes from the middle of the IPv4 address, e.g. :dead: for
+     * 10.222.173.1
+     */
+    u8_t nethi = ip4_addr2(&pNetif->ip_addr);
+    u8_t netlo = ip4_addr3(&pNetif->ip_addr);
+    ip6_addr_t *paddr = netif_ip6_addr(pNetif, 1);
+    IP6_ADDR(paddr, 0,   0xFD, 0x17,   0x62, 0x5C);
+    IP6_ADDR(paddr, 1,   0xF0, 0x37,  nethi, netlo);
+    IP6_ADDR(paddr, 2,   0x00, 0x00,   0x00, 0x00);
+    IP6_ADDR(paddr, 3,   0x00, 0x00,   0x00, 0x01);
+    netif_ip6_addr_set_state(pNetif, 1, IP6_ADDR_PREFERRED);
+    if (pNat->m_ProxyOptions.ipv6_enabled) {
+        pNetif->output_ip6 = ethip6_output;
+        /* IPv6 link-local address in slot 0 */
+        netif_create_ip6_linklocal_address(pNetif, /* :from_mac_48bit */ 1);
+        netif_ip6_addr_set_state(pNetif, 0, IP6_ADDR_PREFERRED); // skip DAD
+        /*
+         * RFC 4193 Locally Assigned Global ID (ULA) in slot 1
+         * [fd17:625c:f037:XXXX::1] where XXXX, 16 bit Subnet ID, are two
+         * bytes from the middle of the IPv4 address, e.g. :dead: for
+         * 10.222.173.1
+         */
+        u8_t nethi = ip4_addr2(&pNetif->ip_addr);
+        u8_t netlo = ip4_addr3(&pNetif->ip_addr);
+        ip6_addr_t *paddr = netif_ip6_addr(pNetif, 1);
+        IP6_ADDR(paddr, 0,   0xFD, 0x17,   0x62, 0x5C);
+        IP6_ADDR(paddr, 1,   0xF0, 0x37,  nethi, netlo);
+        IP6_ADDR(paddr, 2,   0x00, 0x00,   0x00, 0x00);
+        IP6_ADDR(paddr, 3,   0x00, 0x00,   0x00, 0x01);
+        netif_ip6_addr_set_state(pNetif, 1, IP6_ADDR_PREFERRED);
 #if LWIP_IPV6_SEND_ROUTER_SOLICIT
     pNetif->rs_count = 0;
+        pNetif->rs_count = 0;
 #endif
+    }
     LogFlowFunc(("LEAVE: %d\n", rcLwip));
 …
     LogFlowFuncEnter();
+    m_ProxyOptions.ipv6_enabled = 0;
+    m_ProxyOptions.ipv6_defroute = 0;
     m_ProxyOptions.tftp_root = NULL;
     m_ProxyOptions.src4 = NULL;
 …
                                                   net.asOutParam());
     AssertComRCReturn(hrc, VERR_NOT_FOUND);
+    BOOL fIPv6Enabled = FALSE;
+    hrc = net->COMGETTER(IPv6Enabled)(&fIPv6Enabled);
+    AssertComRCReturn(hrc, VERR_NOT_FOUND);
+    BOOL fIPv6DefaultRoute = FALSE;
+    if (fIPv6Enabled)
+    {
+        hrc = net->COMGETTER(AdvertiseDefaultIPv6RouteEnabled)(&fIPv6DefaultRoute);
+        AssertComRCReturn(hrc, VERR_NOT_FOUND);
+    }
+    m_ProxyOptions.ipv6_enabled = fIPv6Enabled;
+    m_ProxyOptions.ipv6_defroute = fIPv6DefaultRoute;
 #if !defined(RT_OS_WINDOWS)
     /* XXX: Temporaly disabled this code on Windows for further debugging */

trunk/src/VBox/NetworkServices/NAT/proxy.h

r49016	r49042
31	31
32	32	struct proxy_options {
	33	int ipv6_enabled;
	34	int ipv6_defroute;
33	35	const char *tftp_root;
34	36	const struct sockaddr_in *src4;

Note: See TracChangeset for help on using the changeset viewer.

Changeset 49042 in vbox

Legend:

trunk/src/VBox/NetworkServices/NAT/VBoxNetLwipNAT.cpp

trunk/src/VBox/NetworkServices/NAT/proxy.h

Download in other formats: