[src/netbsd-1-5]: src pullup (approved by releng-1-5)

[itojun <itojun%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/577b74d9e4e7
branches:  netbsd-1-5
changeset: 489284:577b74d9e4e7
user:      itojun <itojun%NetBSD.org@localhost>
date:      Sun Aug 27 01:25:07 2000 +0000

description:
pullup (approved by releng-1-5)

 > implement net.inet6.ip6.{anon,low}port{min,max} sysctl variable.

 > cvs rdiff -r1.67 -r1.68 basesrc/lib/libc/gen/sysctl.3
 > cvs rdiff -r1.53 -r1.54 basesrc/sbin/sysctl/sysctl.8
 > cvs rdiff -r1.18 -r1.19 syssrc/sys/netinet6/in6.h
 > cvs rdiff -r1.29 -r1.30 syssrc/sys/netinet6/in6_pcb.c
 > cvs rdiff -r1.3 -r1.4 syssrc/sys/netinet6/in6_src.c
 > cvs rdiff -r1.25 -r1.26 syssrc/sys/netinet6/ip6_input.c
 > cvs rdiff -r1.14 -r1.15 syssrc/sys/netinet6/ip6_var.h

diffstat:

 lib/libc/gen/sysctl.3    |  24 +++++++++++++++++++-
 sbin/sysctl/sysctl.8     |   6 ++++-
 sys/netinet6/in6.h       |  19 +++++++++++++--
 sys/netinet6/in6_pcb.c   |   9 +++++-
 sys/netinet6/in6_src.c   |  12 ++++----
 sys/netinet6/ip6_input.c |  58 ++++++++++++++++++++++++++++++++++++++++++++++-
 sys/netinet6/ip6_var.h   |   9 +++++-
 7 files changed, 120 insertions(+), 17 deletions(-)

diffs (265 lines):

diff -r e58a0bba0491 -r 577b74d9e4e7 lib/libc/gen/sysctl.3
--- a/lib/libc/gen/sysctl.3     Sun Aug 27 01:11:27 2000 +0000
+++ b/lib/libc/gen/sysctl.3     Sun Aug 27 01:25:07 2000 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: sysctl.3,v 1.58.2.3 2000/08/27 00:51:08 itojun Exp $
+.\"    $NetBSD: sysctl.3,v 1.58.2.4 2000/08/27 01:25:07 itojun Exp $
 .\"
 .\" Copyright (c) 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -877,6 +877,10 @@
 .It ip6        use_deprecated  integer yes
 .It ip6        rr_prune        integer yes
 .It ip6        bindv6only      integer yes
+.It ip6        anonportmin     integer yes
+.It ip6        anonportmax     integer yes
+.It ip6        lowportmin      integer yes
+.It ip6        lowportmax      integer yes
 .It icmp6      rediraccept     integer yes
 .It icmp6      redirtimeout    integer yes
 .It icmp6      nd6_prune       integer yes
@@ -975,6 +979,24 @@
 Please refer to
 .Xr ip6 4
 for detail.
+.It Li ip6.anonportmin
+The lowest port number to use for TCP and UDP ephemeral port allocation.
+This cannot be set to less than 1024 or greater than 65535.
+.It Li ip6.anonportmax
+The highest port number to use for TCP and UDP ephemeral port allocation.
+This cannot be set to less than 1024 or greater than 65535, and must
+be greater than
+.Li ip6.anonportmin .
+.It Li ip6.lowportmin
+The lowest port number to use for TCP and UDP reserved port allocation.
+This cannot be set to less than 0 or greater than 1024, and must
+be smaller than
+.Li ip6.lowportmax .
+.It Li ip6.lowportmax
+The highest port number to use for TCP and UDP reserved port allocation.
+This cannot be set to less than 0 or greater than 1024, and must
+be greater than
+.Li ip6.lowportmin .
 .It Li icmp6.rediraccept
 If set to non-zero, the host will accept ICMPv6 redirect packets.
 Note that IPv6 routers will never accept ICMPv6 redirect packets,
diff -r e58a0bba0491 -r 577b74d9e4e7 sbin/sysctl/sysctl.8
--- a/sbin/sysctl/sysctl.8      Sun Aug 27 01:11:27 2000 +0000
+++ b/sbin/sysctl/sysctl.8      Sun Aug 27 01:25:07 2000 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: sysctl.8,v 1.47.4.2 2000/08/27 00:51:11 itojun Exp $
+.\"    $NetBSD: sysctl.8,v 1.47.4.3 2000/08/27 01:25:08 itojun Exp $
 .\"
 .\" Copyright (c) 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -255,6 +255,8 @@
 .It net.inet6.icmp6.rediraccept        integer yes
 .It net.inet6.icmp6.redirtimeout       integer yes
 .It net.inet6.ip6.accept_rtadv integer yes
+.It net.inet6.ip6.anonportmax  integer yes
+.It net.inet6.ip6.anonportmin  integer yes
 .It net.inet6.ip6.auto_flowlabel       integer yes
 .It net.inet6.ip6.bindv6only   integer yes
 .It net.inet6.ip6.dad_count    integer yes
@@ -266,6 +268,8 @@
 .It net.inet6.ip6.kame_version string  no
 .It net.inet6.ip6.keepfaith    integer yes
 .It net.inet6.ip6.log_interval integer yes
+.It net.inet6.ip6.lowportmax   integer yes
+.It net.inet6.ip6.lowportmin   integer yes
 .It net.inet6.ip6.maxfragpackets       integer yes
 .It net.inet6.ip6.redirect     integer yes
 .It net.inet6.ip6.rr_prune     integer yes
diff -r e58a0bba0491 -r 577b74d9e4e7 sys/netinet6/in6.h
--- a/sys/netinet6/in6.h        Sun Aug 27 01:11:27 2000 +0000
+++ b/sys/netinet6/in6.h        Sun Aug 27 01:25:07 2000 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: in6.h,v 1.15.2.1 2000/07/16 05:56:27 itojun Exp $      */
-/*     $KAME: in6.h,v 1.52 2000/07/15 15:28:02 itojun Exp $    */
+/*     $NetBSD: in6.h,v 1.15.2.2 2000/08/27 01:25:07 itojun Exp $      */
+/*     $KAME: in6.h,v 1.57 2000/08/26 10:00:45 itojun Exp $    */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -523,8 +523,14 @@
 #define IPV6CTL_USE_DEPRECATED 21      /* use deprecated addr (RFC2462 5.5.4) */
 #define IPV6CTL_RR_PRUNE       22      /* walk timer for router renumbering */
 #define IPV6CTL_BINDV6ONLY     24
+/* 25 to 27: reserved */
+#define IPV6CTL_ANONPORTMIN    28      /* minimum ephemeral port */
+#define IPV6CTL_ANONPORTMAX    29      /* maximum ephemeral port */
+#define IPV6CTL_LOWPORTMIN     30      /* minimum reserved port */
+#define IPV6CTL_LOWPORTMAX     31      /* maximum reserved port */
 /* New entries should be added here from current IPV6CTL_MAXID value. */
-#define IPV6CTL_MAXID          25
+/* to define items, should talk with KAME guys first, for *BSD compatibility */
+#define IPV6CTL_MAXID          32
 
 #define IPV6CTL_NAMES { \
        { 0, 0 }, \
@@ -552,6 +558,13 @@
        { "rr_prune", CTLTYPE_INT }, \
        { 0, 0 }, \
        { "bindv6only", CTLTYPE_INT }, \
+       { 0, 0 }, \
+       { 0, 0 }, \
+       { 0, 0 }, \
+       { "anonportmin", CTLTYPE_INT }, \
+       { "anonportmax", CTLTYPE_INT }, \
+       { "lowportmin", CTLTYPE_INT }, \
+       { "lowportmax", CTLTYPE_INT }, \
 }
 
 #endif /* !_XOPEN_SOURCE */
diff -r e58a0bba0491 -r 577b74d9e4e7 sys/netinet6/in6_pcb.c
--- a/sys/netinet6/in6_pcb.c    Sun Aug 27 01:11:27 2000 +0000
+++ b/sys/netinet6/in6_pcb.c    Sun Aug 27 01:25:07 2000 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: in6_pcb.c,v 1.26.2.1 2000/07/03 08:31:59 itojun Exp $  */
-/*     $KAME: in6_pcb.c,v 1.55 2000/07/02 07:50:30 itojun Exp $        */
+/*     $NetBSD: in6_pcb.c,v 1.26.2.2 2000/08/27 01:25:08 itojun Exp $  */
+/*     $KAME: in6_pcb.c,v 1.63 2000/08/26 10:00:45 itojun Exp $        */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -104,6 +104,11 @@
 
 struct in6_addr zeroin6_addr;
 
+int ip6_anonportmin = IPV6PORT_ANONMIN;
+int ip6_anonportmax = IPV6PORT_ANONMAX;
+int ip6_lowportmin  = IPV6PORT_RESERVEDMIN;
+int ip6_lowportmax  = IPV6PORT_RESERVEDMAX;
+
 int
 in6_pcballoc(so, head)
        struct socket *so;
diff -r e58a0bba0491 -r 577b74d9e4e7 sys/netinet6/in6_src.c
--- a/sys/netinet6/in6_src.c    Sun Aug 27 01:11:27 2000 +0000
+++ b/sys/netinet6/in6_src.c    Sun Aug 27 01:25:07 2000 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: in6_src.c,v 1.1.2.1 2000/08/27 01:11:27 itojun Exp $   */
-/*     $KAME: in6_src.c,v 1.27 2000/06/21 08:07:13 itojun Exp $        */
+/*     $NetBSD: in6_src.c,v 1.1.2.2 2000/08/27 01:25:08 itojun Exp $   */
+/*     $KAME: in6_src.c,v 1.34 2000/08/26 10:00:45 itojun Exp $        */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -346,11 +346,11 @@
                if (p == 0 || (suser(p->p_ucred, &p->p_acflag) != 0))
                        return (EACCES);
 #endif
-               min = IPV6PORT_RESERVEDMIN;
-               max = IPV6PORT_RESERVEDMAX;
+               min = ip6_lowportmin;
+               max = ip6_lowportmax;
        } else {
-               min = IPV6PORT_ANONMIN;
-               max = IPV6PORT_ANONMAX;
+               min = ip6_anonportmin;
+               max = ip6_anonportmax;
        }
 
        /* value out of range */
diff -r e58a0bba0491 -r 577b74d9e4e7 sys/netinet6/ip6_input.c
--- a/sys/netinet6/ip6_input.c  Sun Aug 27 01:11:27 2000 +0000
+++ b/sys/netinet6/ip6_input.c  Sun Aug 27 01:25:07 2000 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: ip6_input.c,v 1.22.2.1 2000/07/03 22:48:19 thorpej Exp $       */
-/*     $KAME: ip6_input.c,v 1.95 2000/07/02 07:49:37 jinmei Exp $      */
+/*     $NetBSD: ip6_input.c,v 1.22.2.2 2000/08/27 01:25:08 itojun Exp $        */
+/*     $KAME: ip6_input.c,v 1.119 2000/08/26 10:00:45 itojun Exp $     */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -1346,6 +1346,8 @@
        void *newp;
        size_t newlen;
 {
+       int old, error;
+
        /* All sysctl names at this level are terminal. */
        if (namelen != 1)
                return ENOTDIR;
@@ -1397,6 +1399,58 @@
                return sysctl_int(oldp, oldlenp, newp, newlen,
                                &ip6_bindv6only);
 #endif
+       case IPV6CTL_ANONPORTMIN:
+               old = ip6_anonportmin;
+               error = sysctl_int(oldp, oldlenp, newp, newlen,
+                   &ip6_anonportmin);
+               if (ip6_anonportmin >= ip6_anonportmax || ip6_anonportmin < 0 ||
+                   ip6_anonportmin > 65535
+#ifndef IPNOPRIVPORTS
+                   || ip6_anonportmin < IPV6PORT_RESERVED
+#endif
+                   ) {
+                       ip6_anonportmin = old;
+                       return (EINVAL);
+               }
+               return (error);
+       case IPV6CTL_ANONPORTMAX:
+               old = ip6_anonportmax;
+               error = sysctl_int(oldp, oldlenp, newp, newlen,
+                   &ip6_anonportmax);
+               if (ip6_anonportmin >= ip6_anonportmax || ip6_anonportmax < 0 ||
+                   ip6_anonportmax > 65535
+#ifndef IPNOPRIVPORTS
+                   || ip6_anonportmax < IPV6PORT_RESERVED
+#endif
+                   ) {
+                       ip6_anonportmax = old;
+                       return (EINVAL);
+               }
+               return (error);
+#ifndef IPNOPRIVPORTS
+       case IPV6CTL_LOWPORTMIN:
+               old = ip6_lowportmin;
+               error = sysctl_int(oldp, oldlenp, newp, newlen,
+                   &ip6_lowportmin);
+               if (ip6_lowportmin >= ip6_lowportmax ||
+                   ip6_lowportmin > IPV6PORT_RESERVEDMAX ||
+                   ip6_lowportmin < IPV6PORT_RESERVEDMIN) {
+                       ip6_lowportmin = old;
+                       return (EINVAL);
+               }
+               return (error);
+       case IPV6CTL_LOWPORTMAX:
+               old = ip6_lowportmax;
+               error = sysctl_int(oldp, oldlenp, newp, newlen,
+                   &ip6_lowportmax);
+               if (ip6_lowportmin >= ip6_lowportmax ||
+                   ip6_lowportmax > IPV6PORT_RESERVEDMAX ||
+                   ip6_lowportmax < IPV6PORT_RESERVEDMIN) {
+                       ip6_lowportmax = old;
+                       return (EINVAL);
+               }
+               return (error);
+#endif
        default:
                return EOPNOTSUPP;
        }
diff -r e58a0bba0491 -r 577b74d9e4e7 sys/netinet6/ip6_var.h
--- a/sys/netinet6/ip6_var.h    Sun Aug 27 01:11:27 2000 +0000
+++ b/sys/netinet6/ip6_var.h    Sun Aug 27 01:25:07 2000 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: ip6_var.h,v 1.12.4.1 2000/07/14 06:14:34 itojun Exp $  */
-/*     $KAME: ip6_var.h,v 1.28 2000/03/09 00:46:12 itojun Exp $        */
+/*     $NetBSD: ip6_var.h,v 1.12.4.2 2000/08/27 01:25:08 itojun Exp $  */
+/*     $KAME: ip6_var.h,v 1.33 2000/06/11 14:59:20 jinmei Exp $        */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -230,6 +230,11 @@
 extern u_int32_t ip6_flow_seq;
 extern int ip6_auto_flowlabel;
 
+extern int   ip6_anonportmin;          /* minimum ephemeral port */
+extern int   ip6_anonportmax;          /* maximum ephemeral port */
+extern int   ip6_lowportmin;           /* minimum reserved port */
+extern int   ip6_lowportmax;           /* maximum reserved port */
+
 struct in6pcb;
 
 int    icmp6_ctloutput __P((int, struct socket *, int, int, struct mbuf **));