On 06 Apr 2014, at 20:44, Bjoern A. Zeeb <bzeeb-li...@lists.zabbadoz.net> wrote:
> > On 06 Apr 2014, at 16:42 , Michael Tuexen <michael.tue...@lurchi.franken.de> > wrote: > >> On 06 Apr 2014, at 17:05, Bjoern A. Zeeb <bzeeb-li...@lists.zabbadoz.net> >> wrote: >> >>> >>> On 06 Apr 2014, at 11:42 , Michael Tuexen >>> <michael.tue...@lurchi.franken.de> wrote: >>> >>>> On 05 Apr 2014, at 23:02, Bernd Walter <ti...@cicely7.cicely.de> wrote: >>>> >>>>> So far I've tested this on FreeBSD-9.2 BETA2 r254053M only. >>>>> The modifications are to allow IPv6 multicast support within jail >>>>> which only makes a difference for multicast addresses and some multicast >>>>> loopback checksum bugs - both changes are open PR. >>>>> >>>>> I've created an AF_INET6 SCTP one to many socket to receive incoming >>>>> messages. >>>>> The process was started within a jail. >>>>> Now netstat -anW lists all host IPv6 IPs, not just those of the jail. >>>>> Also not sure why this AF_INET6 socket is shown as sctp46. >>>> This should be handled as a v6 only socket depending on your >>>> setting of net.inet6.ip6.v6only sysctl variable by the SCTP stack. >>>> However, netstat has no information about this and can not distinguish >>>> between sctp6 and sctp46, so it reports sctp46 always. You can file >>>> a PR about this. >>>> >>>> The questions about the addresses and the jails: The SCTP code has >>>> no jail specific code. If you bind a socket to the wildcard address >>>> (which is what to do by not binding at all), the SCTP stack lists >>>> all addresses it know about. I'm not sure what would happen, if >>>> you send a packet to an address not owned by the jail. >>>> You might want to file a separate PR about the support of jails. >>> >>> Aehm, the SCTP code was filtering addresses at one point and made sure only >>> jail-visible addresses were seen or bound very much like normal PCB >>> handling. If this is not the case (anymore) SCTP shall not be allowed >>> inside jails again. >> Can you point me to the "normal PCB handling"? Maybe I'm just overlooking >> something… > > I guess what helps you more is looking for prison_* calls in the SCTP stack > (and equally in in*_pcb*, tcp_*, udp_*). Thanks for the hint. Best regards Michael > > > >>>> Best regards >>>> Michael >>>>> >>>>> This is the relevant C++ code part to open the socket: >>>>> int >>>>> setup_sctp_socket(uint16_t port) >>>>> { >>>>> int sc = socket(AF_INET6, SOCK_SEQPACKET, IPPROTO_SCTP); >>>>> { >>>>> // reuse address >>>>> long val = 1; >>>>> setsockopt(sc, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)); >>>>> // XXX error handling >>>>> } >>>>> { >>>>> // no delay >>>>> long val = 1; >>>>> setsockopt(sc, SOL_SOCKET, SCTP_NODELAY, &val, sizeof(val)); >>>>> // XXX error handling >>>>> } >>>>> { >>>>> // eeor mode (last write needs MSG_EOR to declare end of >>>>> message) >>>>> // Linux has MSG_MORE negative send flag >>>>> long val = 1; >>>>> setsockopt(sc, SOL_SOCKET, SCTP_EXPLICIT_EOR, &val, >>>>> sizeof(val)); >>>>> // XXX error handling >>>>> } >>>>> #if 0 >>>>> { >>>>> struct sctp_initmsg init; >>>>> bzero(&init, sizeof(init)); >>>>> init.sinit_num_ostreams = HDB_STREAMS; >>>>> init.sinit_max_instreams = HDB_STREAMS; >>>>> // SOL_SCTP instead of IPPROTO_SCTP on Linux >>>>> setsockopt(sc, IPPROTO_SCTP, SCTP_INITMSG, &init, >>>>> (socklen_t)sizeof(struct sctp_initmsg)); >>>>> // XXX error handling >>>>> } >>>>> #endif >>>>> { >>>>> struct sockaddr_in6 addr; >>>>> bzero(&addr, sizeof(addr)); >>>>> addr.sin6_len = sizeof(addr); >>>>> addr.sin6_family = AF_INET6; >>>>> addr.sin6_port = htons(port); >>>>> bind(sc, (struct sockaddr *)&addr, sizeof(struct sockaddr_in)); >>>>> // XXX error handling >>>>> } >>>>> { >>>>> // enable heartbeats at 1000ms >>>>> struct sctp_paddrparams paddr_params; >>>>> bzero(&paddr_params, sizeof(paddr_params)); >>>>> paddr_params.spp_address.ss_family = AF_INET6; >>>>> paddr_params.spp_flags = SPP_HB_ENABLE; >>>>> paddr_params.spp_hbinterval = 1000; >>>>> // SOL_SCTP instead of IPPROTO_SCTP on Linux >>>>> setsockopt(sc, IPPROTO_SCTP, SCTP_PEER_ADDR_PARAMS, >>>>> &paddr_params, sizeof(paddr_params)); >>>>> // XXX error handling >>>>> } >>>>> { >>>>> struct sctp_event_subscribe events; >>>>> bzero(&events, sizeof(events)); >>>>> >>>>> events.sctp_data_io_event = 1; // we need io_events to know >>>>> where the message came from >>>>> >>>>> // subscribe to other events as well for testing >>>>> events.sctp_association_event = 1; >>>>> events.sctp_address_event = 1; >>>>> events.sctp_send_failure_event = 1; >>>>> events.sctp_peer_error_event = 1; >>>>> events.sctp_shutdown_event = 1; >>>>> events.sctp_partial_delivery_event = 1; >>>>> events.sctp_adaptation_layer_event = 1; >>>>> events.sctp_authentication_event = 1; >>>>> events.sctp_sender_dry_event = 1; >>>>> events.sctp_stream_reset_event = 1; >>>>> >>>>> setsockopt(sc, IPPROTO_SCTP, SCTP_EVENTS, &events, >>>>> sizeof(events)); >>>>> // XXX error handling >>>>> } >>>>> { >>>>> // setup send and receive buffers (default on FreeBSD 9.x) >>>>> long val; >>>>> val = 1864135; >>>>> setsockopt(sc, SOL_SOCKET, SO_RCVBUF, &val, sizeof(val)); >>>>> // XXX error handling >>>>> val = 1864135; >>>>> setsockopt(sc, SOL_SOCKET, SO_SNDBUF, &val, sizeof(val)); >>>>> // XXX error handling >>>>> } >>>>> listen (sc, 1); // listen is required to allow incoming associations, >>>>> but no listen queue >>>>> // XXX error handling >>>>> >>>>> return sc; >>>>> } >>>>> >>>>> -- >>>>> B.Walter <be...@bwct.de> http://www.bwct.de >>>>> Modbus/TCP Ethernet I/O Baugruppen, ARM basierte FreeBSD Rechner uvm. >>>>> _______________________________________________ >>>>> freebsd-net@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net >>>>> To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" >>>>> >>>> >>>> _______________________________________________ >>>> freebsd-net@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net >>>> To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" >>> >>> — >>> Bjoern A. Zeeb ????????? ??? ??????? ??????: >>> '??? ??? ???? ?????? ??????? ?? ?? ??????? ??????? ??? ????? ????? ???? >>> ?????? ?? ????? ????', ????????? ?????????, "??? ????? ?? ?????", ?.??? >>> >>> >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" > > — > Bjoern A. Zeeb ????????? ??? ??????? ??????: > '??? ??? ???? ?????? ??????? ?? ?? ??????? ??????? ??? ????? ????? ???? > ?????? ?? ????? ????', ????????? ?????????, "??? ????? ?? ?????", ?.??? > > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"