make-ip-conf.pl patch (#4, cumulative)
David Scott Page
page at cs.utexas.edu
Mon May 20 11:58:10 EDT 2002
Hi,
Yet another make-ip-conf.pl patch. Along with the changes in the
previous patches, this patch includes some miscellaneous cleanup
(e.g., removing lines naming elements that have a single,
non-port-qualified reference, various reordering of lines), and adds
limited broadcast to the list of invalid source ip addresses passed to
CheckIPHeader.
--
Scott Page
diff -Naur click-20020518/conf/make-ip-conf.pl click-20020518a/conf/make-ip-conf.pl
--- click-20020518/conf/make-ip-conf.pl Wed Dec 5 00:13:27 2001
+++ click-20020518a/conf/make-ip-conf.pl Mon May 20 15:36:38 2002
@@ -17,13 +17,13 @@
# WARRANTY, EXPRESS OR IMPLIED, is provided in the LICENSE file, which is
# also accessible at http://www.pdos.lcs.mit.edu/click/license.html
-# Make a Click IP router configuration.
-# The output is only useful with the Linux kernel module.
-# This script generates a configuration using PollDevices. You can change
-# it to use FromDevices; see the comment above the $ifs array, below.
-
-
-# IP router setup for blackisle -> plebic -> darkstar
+# Make a Click IP router configuration. This script generates a
+# configuration using PollDevices. You can change it to use
+# FromDevices; see the comment above the $ifs array, below. The
+# output is intended for the Linux kernel module; however, by
+# replacing "toh :: ToHost\n" with "toh :: Print(toh)->Discard;\n",
+# below, and making the change from PollDevices to FromDevices, the
+# configuration will also work at userlevel.
# Change this array to suit your router.
# One line per network interface, containing:
@@ -32,23 +32,27 @@
# The router's IP address on that interface;
# The netmask on that interface; and
# The router's Ethernet address on that interface.
-
+#
+# IP router setup for blackisle -> plebic -> darkstar
my $ifs = [ [ "eth0", 1, "18.26.4.92", "255.255.255.0", "00:00:C0:3B:71:EF" ],
[ "eth1", 1, "1.0.0.1", "255.0.0.0", "00:00:C0:CA:68:EF" ],
# [ "eth2", 1, "2.0.0.1", "255.0.0.0", "00:00:C0:8A:67:EF" ],
];
+# Static routes to hosts/networks beyond adjacent networks specified in $ifs.
+# One line per route, containing:
+# The destination address (host or network);
+# The mask;
+# The gateway IP address (next hop);
+# The output network interface IP address.
+# A default route can be specified as the last entry.
+my $srts = [ [ "0.0.0.0", "0.0.0.0", "18.26.4.1", "18.26.4.92" ]
+ ];
-if ($#ARGV >= 0) {
- $ifs = [];
- for ($i = 0; $i < $ARGV[0]; $i++) {
- push @$ifs, [ "eth" . $i, 1, "1.0.0.2", "255.0.0.0", "00:00:c0:8a:67:ef" ];
- }
-}
-
+print "// Generated by make-ip-conf.pl\n";
my $nifs = $#$ifs + 1;
+my $nsrts = $#$srts + 1;
-print "// Generated by make-ip-conf.pl\n";
my $i;
for($i = 0; $i < $nifs; $i++){
printf("// %s %s %s\n",
@@ -58,11 +62,13 @@
}
print "\n";
-print "tol :: ToLinux;\n";
-printf("t :: Tee(%d);\n", $nifs + 1);
-print "t[$nifs] -> tol;\n";
-print "\n";
+print "toh :: ToHost;\n";
+# Link level devices, classification, and ARP.
+# ARP updates are copied to each ARPQuerier and the host.
+printf("arpt :: Tee(%d);\n", $nifs + 1);
+print "arpt[$nifs] -> toh;\n";
+print "\n";
for($i = 0; $i < $nifs; $i++){
my $eth = $ifs->[$i]->[0];
my $ip = $ifs->[$i]->[2];
@@ -75,60 +81,87 @@
12/0800,
-);
$fromdevice($eth) -> [0]c$i;
-out$i :: Queue(200) -> todevice$i :: ToDevice($eth);
+out$i :: Queue(200) -> ToDevice($eth);
+c$i\[0] -> ARPResponder($ip $ena) -> out$i;
arpq$i :: ARPQuerier($ip, $ena);
-c$i [1] -> t;
-t[$i] -> [1]arpq$i;
+c$i\[1] -> arpt;
+arpt[$i] -> [1]arpq$i;
arpq$i -> out$i;
-ar$i :: ARPResponder($ip $ena);
-c$i [0] -> ar$i -> out$i;
+c$i\[3] -> Print(xx$i) -> Discard;
EOF
}
-my $ipharg = "";
-for($i = 0; $i < $nifs; $i++){
- my $ii = ip2i($ifs->[$i]->[2]);
- my $mask = ip2i($ifs->[$i]->[3]);
- $ipharg .= i2ip(($ii & $mask) | ~$mask) . " ";
-}
+# IP level processing.
+my $invsrcip = ""; # List of invalid IP *source* addresses at net i/f.
print "rt :: StaticIPLookup(\n";
+# Deliver to local host.
for($i = 0; $i < $nifs; $i++){
my $ii = ip2i($ifs->[$i]->[2]);
- my $mask = ip2i($ifs->[$i]->[3]);
- printf(" %s/32 0,\n", $ifs->[$i]->[2]);
- printf(" %s/32 0,\n",
- i2ip(($ii & $mask) | ~$mask));
- printf(" %s/32 0,\n",
- i2ip($ii & $mask));
-}
+ my($mask) = ip2i($ifs->[$i]->[3]);
+ printf(" %s/32 0,\n", i2ip( $ii )); # This host.
+ my $dirbcast = i2ip(($ii & $mask) | ~$mask);# Directed broadcast.
+ printf(" %s/32 0,\n", $dirbcast );
+ $invsrcip .= $dirbcast . " ";
+ printf(" %s/32 0,\n", i2ip($ii & $mask)); # Directed broadcast (obsolete).
+}
+print " 255.255.255.255/32 0,\n"; # Limited broadcast.
+$invsrcip .= "255.255.255.255" . " " ;
+print " 0.0.0.0/32 0,\n"; # Limited broadcast (obsolete).
+# Forward to connected (sub)networks.
for($i = 0; $i < $nifs; $i++){
my $ii = ip2i($ifs->[$i]->[2]);
- my $mask = ip2i($ifs->[$i]->[3]);
- printf(" %s/%s %d,\n",
+ my($mask) = ip2i($ifs->[$i]->[3]);
+ printf(" %s/%s %d%s",
i2ip($ii & $mask),
i2ip($mask),
- $i + 1);
+ $i + 1,
+ (($i + 1 < $nifs) ? ",\n" : ""));
}
-print " 255.255.255.255/32 0.0.0.0 0,\n";
-print " 0.0.0.0/32 0,\n";
-print " 0.0.0.0/0 18.26.4.1 1);\n"; # XXX
+printf("%s", ($nsrts > 0 ) ? ",\n" : "\n");
+# Forward to static routes. Depends on @ifs ordering.
+for($i = 0; $i < $nsrts; $i++){
+ my $ii = ip2i($srts->[$i]->[0]);
+ my($mask) = ip2i($srts->[$i]->[1]);
+ my $gw = $srts->[$i]->[2];
+ my $if = $srts->[$i]->[3];
+ my $out;
+ for($out = 0; $out < $nifs; $out++){
+ my $ij = ip2i($ifs->[$out]->[2]);
+ if( $ij == ip2i( $if )) { last; }
+ }
+ printf(" %s/%s %s %d%s",
+ i2ip($ii & $mask),
+ i2ip($mask),
+ $gw,
+ $out + 1,
+ (($i + 1 < $nsrts) ? ",\n" : "\n"));
+}
+print ");\n";
+print "\n" ;
+# IP network receive.
print <<EOF;
-
-rt[0] -> EtherEncap(0x0800, 1:1:1:1:1:1, 2:2:2:2:2:2) -> tol;
ip :: Strip(14)
- -> CheckIPHeader($ipharg)
+ -> CheckIPHeader($invsrcip)
-> [0]rt;
EOF
-
for($i = 0; $i < $nifs; $i++){
my $paint = $i + 1;
- print "c$i [2] -> Paint($paint) -> ip;\n";
+ print "c$i\[2] -> Paint($paint) -> ip;\n";
}
print "\n";
+# Local delivery path.
+print <<EOF;
+rt[0] -> IPReassembler -> ipc :: IPClassifier( icmp type echo, - );
+ipc[0] -> ICMPPingResponder -> [0]rt;
+ipc[1] -> EtherEncap(0x0800, 1:1:1:1:1:1, 2:2:2:2:2:2) -> toh;
+
+EOF
+
+# Forward path.
for($i = 0; $i < $nifs; $i++){
my $i1 = $i + 1;
my $ipa = $ifs->[$i]->[2];
@@ -140,13 +173,13 @@
-> dt$i :: DecIPTTL
-> fr$i :: IPFragmenter(1500)
-> [0]arpq$i;
-dt$i [1] -> ICMPError($ipa, 11, 0) -> [0]rt;
-fr$i [1] -> ICMPError($ipa, 3, 4) -> [0]rt;
-gio$i [1] -> ICMPError($ipa, 12, 1) -> [0]rt;
-cp$i [1] -> ICMPError($ipa, 5, 1) -> [0]rt;
-c$i [3] -> Print(xx$i) -> Discard;
+dt$i\[1] -> ICMPError($ipa, 11, 0) -> [0]rt;
+fr$i\[1] -> ICMPError($ipa, 3, 4) -> [0]rt;
+gio$i\[1] -> ICMPError($ipa, 12, 1) -> [0]rt;
+cp$i\[1] -> ICMPError($ipa, 5, 1) -> [0]rt;
EOF
}
+
sub ip2i {
my($ip) = @_;
More information about the click
mailing list