1
2
3
4
5
6
7
8
9
10#include <linux/mm.h>
11#include <linux/module.h>
12#include <linux/sysctl.h>
13#include <linux/config.h>
14#include <net/snmp.h>
15#include <net/ip.h>
16#include <net/route.h>
17#include <net/tcp.h>
18
19
20extern int sysctl_ip_nonlocal_bind;
21
22
23extern int sysctl_icmp_echo_ignore_all;
24extern int sysctl_icmp_echo_ignore_broadcasts;
25extern int sysctl_icmp_ignore_bogus_error_responses;
26
27
28extern int sysctl_ipfrag_low_thresh;
29extern int sysctl_ipfrag_high_thresh;
30extern int sysctl_ipfrag_time;
31extern int sysctl_ipfrag_secret_interval;
32
33
34extern int sysctl_ip_dynaddr;
35
36
37extern int sysctl_icmp_ratelimit;
38extern int sysctl_icmp_ratemask;
39
40
41extern int sysctl_igmp_max_memberships;
42
43
44extern int inet_peer_threshold;
45extern int inet_peer_minttl;
46extern int inet_peer_maxttl;
47extern int inet_peer_gc_mintime;
48extern int inet_peer_gc_maxtime;
49
50#ifdef CONFIG_SYSCTL
51static int tcp_retr1_max = 255;
52static int ip_local_port_range_min[] = { 1, 1 };
53static int ip_local_port_range_max[] = { 65535, 65535 };
54#endif
55
56struct ipv4_config ipv4_config;
57
58extern ctl_table ipv4_route_table[];
59
60#ifdef CONFIG_SYSCTL
61
62static
63int ipv4_sysctl_forward(ctl_table *ctl, int write, struct file * filp,
64 void *buffer, size_t *lenp)
65{
66 int val = ipv4_devconf.forwarding;
67 int ret;
68
69 ret = proc_dointvec(ctl, write, filp, buffer, lenp);
70
71 if (write && ipv4_devconf.forwarding != val)
72 inet_forward_change();
73
74 return ret;
75}
76
77static int ipv4_sysctl_forward_strategy(ctl_table *table, int *name, int nlen,
78 void *oldval, size_t *oldlenp,
79 void *newval, size_t newlen,
80 void **context)
81{
82 int *valp = table->data;
83 int new;
84
85 if (!newval || !newlen)
86 return 0;
87
88 if (newlen != sizeof(int))
89 return -EINVAL;
90
91 if (get_user(new, (int *)newval))
92 return -EFAULT;
93
94 if (new == *valp)
95 return 0;
96
97 if (oldval && oldlenp) {
98 size_t len;
99
100 if (get_user(len, oldlenp))
101 return -EFAULT;
102
103 if (len) {
104 if (len > table->maxlen)
105 len = table->maxlen;
106 if (copy_to_user(oldval, valp, len))
107 return -EFAULT;
108 if (put_user(len, oldlenp))
109 return -EFAULT;
110 }
111 }
112
113 *valp = new;
114 inet_forward_change();
115 return 1;
116}
117
118ctl_table ipv4_table[] = {
119 {
120 .ctl_name = NET_IPV4_TCP_TIMESTAMPS,
121 .procname = "tcp_timestamps",
122 .data = &sysctl_tcp_timestamps,
123 .maxlen = sizeof(int),
124 .mode = 0644,
125 .proc_handler = &proc_dointvec
126 },
127 {
128 .ctl_name = NET_IPV4_TCP_WINDOW_SCALING,
129 .procname = "tcp_window_scaling",
130 .data = &sysctl_tcp_window_scaling,
131 .maxlen = sizeof(int),
132 .mode = 0644,
133 .proc_handler = &proc_dointvec
134 },
135 {
136 .ctl_name = NET_IPV4_TCP_SACK,
137 .procname = "tcp_sack",
138 .data = &sysctl_tcp_sack,
139 .maxlen = sizeof(int),
140 .mode = 0644,
141 .proc_handler = &proc_dointvec
142 },
143 {
144 .ctl_name = NET_IPV4_TCP_RETRANS_COLLAPSE,
145 .procname = "tcp_retrans_collapse",
146 .data = &sysctl_tcp_retrans_collapse,
147 .maxlen = sizeof(int),
148 .mode = 0644,
149 .proc_handler = &proc_dointvec
150 },
151 {
152 .ctl_name = NET_IPV4_FORWARD,
153 .procname = "ip_forward",
154 .data = &ipv4_devconf.forwarding,
155 .maxlen = sizeof(int),
156 .mode = 0644,
157 .proc_handler = &ipv4_sysctl_forward,
158 .strategy = &ipv4_sysctl_forward_strategy
159 },
160 {
161 .ctl_name = NET_IPV4_DEFAULT_TTL,
162 .procname = "ip_default_ttl",
163 .data = &sysctl_ip_default_ttl,
164 .maxlen = sizeof(int),
165 .mode = 0644,
166 .proc_handler = &ipv4_doint_and_flush,
167 .strategy = &ipv4_doint_and_flush_strategy,
168 },
169 {
170 .ctl_name = NET_IPV4_AUTOCONFIG,
171 .procname = "ip_autoconfig",
172 .data = &ipv4_config.autoconfig,
173 .maxlen = sizeof(int),
174 .mode = 0644,
175 .proc_handler = &proc_dointvec
176 },
177 {
178 .ctl_name = NET_IPV4_NO_PMTU_DISC,
179 .procname = "ip_no_pmtu_disc",
180 .data = &ipv4_config.no_pmtu_disc,
181 .maxlen = sizeof(int),
182 .mode = 0644,
183 .proc_handler = &proc_dointvec
184 },
185 {
186 .ctl_name = NET_IPV4_NONLOCAL_BIND,
187 .procname = "ip_nonlocal_bind",
188 .data = &sysctl_ip_nonlocal_bind,
189 .maxlen = sizeof(int),
190 .mode = 0644,
191 .proc_handler = &proc_dointvec
192 },
193 {
194 .ctl_name = NET_IPV4_TCP_SYN_RETRIES,
195 .procname = "tcp_syn_retries",
196 .data = &sysctl_tcp_syn_retries,
197 .maxlen = sizeof(int),
198 .mode = 0644,
199 .proc_handler = &proc_dointvec
200 },
201 {
202 .ctl_name = NET_TCP_SYNACK_RETRIES,
203 .procname = "tcp_synack_retries",
204 .data = &sysctl_tcp_synack_retries,
205 .maxlen = sizeof(int),
206 .mode = 0644,
207 .proc_handler = &proc_dointvec
208 },
209 {
210 .ctl_name = NET_TCP_MAX_ORPHANS,
211 .procname = "tcp_max_orphans",
212 .data = &sysctl_tcp_max_orphans,
213 .maxlen = sizeof(int),
214 .mode = 0644,
215 .proc_handler = &proc_dointvec
216 },
217 {
218 .ctl_name = NET_TCP_MAX_TW_BUCKETS,
219 .procname = "tcp_max_tw_buckets",
220 .data = &sysctl_tcp_max_tw_buckets,
221 .maxlen = sizeof(int),
222 .mode = 0644,
223 .proc_handler = &proc_dointvec
224 },
225 {
226 .ctl_name = NET_IPV4_IPFRAG_HIGH_THRESH,
227 .procname = "ipfrag_high_thresh",
228 .data = &sysctl_ipfrag_high_thresh,
229 .maxlen = sizeof(int),
230 .mode = 0644,
231 .proc_handler = &proc_dointvec
232 },
233 {
234 .ctl_name = NET_IPV4_IPFRAG_LOW_THRESH,
235 .procname = "ipfrag_low_thresh",
236 .data = &sysctl_ipfrag_low_thresh,
237 .maxlen = sizeof(int),
238 .mode = 0644,
239 .proc_handler = &proc_dointvec
240 },
241 {
242 .ctl_name = NET_IPV4_DYNADDR,
243 .procname = "ip_dynaddr",
244 .data = &sysctl_ip_dynaddr,
245 .maxlen = sizeof(int),
246 .mode = 0644,
247 .proc_handler = &proc_dointvec
248 },
249 {
250 .ctl_name = NET_IPV4_IPFRAG_TIME,
251 .procname = "ipfrag_time",
252 .data = &sysctl_ipfrag_time,
253 .maxlen = sizeof(int),
254 .mode = 0644,
255 .proc_handler = &proc_dointvec_jiffies,
256 .strategy = &sysctl_jiffies
257 },
258 {
259 .ctl_name = NET_IPV4_TCP_KEEPALIVE_TIME,
260 .procname = "tcp_keepalive_time",
261 .data = &sysctl_tcp_keepalive_time,
262 .maxlen = sizeof(int),
263 .mode = 0644,
264 .proc_handler = &proc_dointvec_jiffies,
265 .strategy = &sysctl_jiffies
266 },
267 {
268 .ctl_name = NET_IPV4_TCP_KEEPALIVE_PROBES,
269 .procname = "tcp_keepalive_probes",
270 .data = &sysctl_tcp_keepalive_probes,
271 .maxlen = sizeof(int),
272 .mode = 0644,
273 .proc_handler = &proc_dointvec
274 },
275 {
276 .ctl_name = NET_IPV4_TCP_KEEPALIVE_INTVL,
277 .procname = "tcp_keepalive_intvl",
278 .data = &sysctl_tcp_keepalive_intvl,
279 .maxlen = sizeof(int),
280 .mode = 0644,
281 .proc_handler = &proc_dointvec_jiffies,
282 .strategy = &sysctl_jiffies
283 },
284 {
285 .ctl_name = NET_IPV4_TCP_RETRIES1,
286 .procname = "tcp_retries1",
287 .data = &sysctl_tcp_retries1,
288 .maxlen = sizeof(int),
289 .mode = 0644,
290 .proc_handler = &proc_dointvec_minmax,
291 .strategy = &sysctl_intvec,
292 .extra2 = &tcp_retr1_max
293 },
294 {
295 .ctl_name = NET_IPV4_TCP_RETRIES2,
296 .procname = "tcp_retries2",
297 .data = &sysctl_tcp_retries2,
298 .maxlen = sizeof(int),
299 .mode = 0644,
300 .proc_handler = &proc_dointvec
301 },
302 {
303 .ctl_name = NET_IPV4_TCP_FIN_TIMEOUT,
304 .procname = "tcp_fin_timeout",
305 .data = &sysctl_tcp_fin_timeout,
306 .maxlen = sizeof(int),
307 .mode = 0644,
308 .proc_handler = &proc_dointvec_jiffies,
309 .strategy = &sysctl_jiffies
310 },
311#ifdef CONFIG_SYN_COOKIES
312 {
313 .ctl_name = NET_TCP_SYNCOOKIES,
314 .procname = "tcp_syncookies",
315 .data = &sysctl_tcp_syncookies,
316 .maxlen = sizeof(int),
317 .mode = 0644,
318 .proc_handler = &proc_dointvec
319 },
320#endif
321 {
322 .ctl_name = NET_TCP_TW_RECYCLE,
323 .procname = "tcp_tw_recycle",
324 .data = &sysctl_tcp_tw_recycle,
325 .maxlen = sizeof(int),
326 .mode = 0644,
327 .proc_handler = &proc_dointvec
328 },
329 {
330 .ctl_name = NET_TCP_ABORT_ON_OVERFLOW,
331 .procname = "tcp_abort_on_overflow",
332 .data = &sysctl_tcp_abort_on_overflow,
333 .maxlen = sizeof(int),
334 .mode = 0644,
335 .proc_handler = &proc_dointvec
336 },
337 {
338 .ctl_name = NET_TCP_STDURG,
339 .procname = "tcp_stdurg",
340 .data = &sysctl_tcp_stdurg,
341 .maxlen = sizeof(int),
342 .mode = 0644,
343 .proc_handler = &proc_dointvec
344 },
345 {
346 .ctl_name = NET_TCP_RFC1337,
347 .procname = "tcp_rfc1337",
348 .data = &sysctl_tcp_rfc1337,
349 .maxlen = sizeof(int),
350 .mode = 0644,
351 .proc_handler = &proc_dointvec
352 },
353 {
354 .ctl_name = NET_TCP_MAX_SYN_BACKLOG,
355 .procname = "tcp_max_syn_backlog",
356 .data = &sysctl_max_syn_backlog,
357 .maxlen = sizeof(int),
358 .mode = 0644,
359 .proc_handler = &proc_dointvec
360 },
361 {
362 .ctl_name = NET_IPV4_LOCAL_PORT_RANGE,
363 .procname = "ip_local_port_range",
364 .data = &sysctl_local_port_range,
365 .maxlen = sizeof(sysctl_local_port_range),
366 .mode = 0644,
367 .proc_handler = &proc_dointvec_minmax,
368 .strategy = &sysctl_intvec,
369 .extra1 = ip_local_port_range_min,
370 .extra2 = ip_local_port_range_max
371 },
372 {
373 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_ALL,
374 .procname = "icmp_echo_ignore_all",
375 .data = &sysctl_icmp_echo_ignore_all,
376 .maxlen = sizeof(int),
377 .mode = 0644,
378 .proc_handler = &proc_dointvec
379 },
380 {
381 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS,
382 .procname = "icmp_echo_ignore_broadcasts",
383 .data = &sysctl_icmp_echo_ignore_broadcasts,
384 .maxlen = sizeof(int),
385 .mode = 0644,
386 .proc_handler = &proc_dointvec
387 },
388 {
389 .ctl_name = NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES,
390 .procname = "icmp_ignore_bogus_error_responses",
391 .data = &sysctl_icmp_ignore_bogus_error_responses,
392 .maxlen = sizeof(int),
393 .mode = 0644,
394 .proc_handler = &proc_dointvec
395 },
396 {
397 .ctl_name = NET_IPV4_ROUTE,
398 .procname = "route",
399 .maxlen = 0,
400 .mode = 0555,
401 .child = ipv4_route_table
402 },
403#ifdef CONFIG_IP_MULTICAST
404 {
405 .ctl_name = NET_IPV4_IGMP_MAX_MEMBERSHIPS,
406 .procname = "igmp_max_memberships",
407 .data = &sysctl_igmp_max_memberships,
408 .maxlen = sizeof(int),
409 .mode = 0644,
410 .proc_handler = &proc_dointvec
411 },
412
413#endif
414 {
415 .ctl_name = NET_IPV4_INET_PEER_THRESHOLD,
416 .procname = "inet_peer_threshold",
417 .data = &inet_peer_threshold,
418 .maxlen = sizeof(int),
419 .mode = 0644,
420 .proc_handler = &proc_dointvec
421 },
422 {
423 .ctl_name = NET_IPV4_INET_PEER_MINTTL,
424 .procname = "inet_peer_minttl",
425 .data = &inet_peer_minttl,
426 .maxlen = sizeof(int),
427 .mode = 0644,
428 .proc_handler = &proc_dointvec_jiffies,
429 .strategy = &sysctl_jiffies
430 },
431 {
432 .ctl_name = NET_IPV4_INET_PEER_MAXTTL,
433 .procname = "inet_peer_maxttl",
434 .data = &inet_peer_maxttl,
435 .maxlen = sizeof(int),
436 .mode = 0644,
437 .proc_handler = &proc_dointvec_jiffies,
438 .strategy = &sysctl_jiffies
439 },
440 {
441 .ctl_name = NET_IPV4_INET_PEER_GC_MINTIME,
442 .procname = "inet_peer_gc_mintime",
443 .data = &inet_peer_gc_mintime,
444 .maxlen = sizeof(int),
445 .mode = 0644,
446 .proc_handler = &proc_dointvec_jiffies,
447 .strategy = &sysctl_jiffies
448 },
449 {
450 .ctl_name = NET_IPV4_INET_PEER_GC_MAXTIME,
451 .procname = "inet_peer_gc_maxtime",
452 .data = &inet_peer_gc_maxtime,
453 .maxlen = sizeof(int),
454 .mode = 0644,
455 .proc_handler = &proc_dointvec_jiffies,
456 .strategy = &sysctl_jiffies
457 },
458 {
459 .ctl_name = NET_TCP_ORPHAN_RETRIES,
460 .procname = "tcp_orphan_retries",
461 .data = &sysctl_tcp_orphan_retries,
462 .maxlen = sizeof(int),
463 .mode = 0644,
464 .proc_handler = &proc_dointvec
465 },
466 {
467 .ctl_name = NET_TCP_FACK,
468 .procname = "tcp_fack",
469 .data = &sysctl_tcp_fack,
470 .maxlen = sizeof(int),
471 .mode = 0644,
472 .proc_handler = &proc_dointvec
473 },
474 {
475 .ctl_name = NET_TCP_REORDERING,
476 .procname = "tcp_reordering",
477 .data = &sysctl_tcp_reordering,
478 .maxlen = sizeof(int),
479 .mode = 0644,
480 .proc_handler = &proc_dointvec
481 },
482 {
483 .ctl_name = NET_TCP_ECN,
484 .procname = "tcp_ecn",
485 .data = &sysctl_tcp_ecn,
486 .maxlen = sizeof(int),
487 .mode = 0644,
488 .proc_handler = &proc_dointvec
489 },
490 {
491 .ctl_name = NET_TCP_DSACK,
492 .procname = "tcp_dsack",
493 .data = &sysctl_tcp_dsack,
494 .maxlen = sizeof(int),
495 .mode = 0644,
496 .proc_handler = &proc_dointvec
497 },
498 {
499 .ctl_name = NET_TCP_MEM,
500 .procname = "tcp_mem",
501 .data = &sysctl_tcp_mem,
502 .maxlen = sizeof(sysctl_tcp_mem),
503 .mode = 0644,
504 .proc_handler = &proc_dointvec
505 },
506 {
507 .ctl_name = NET_TCP_WMEM,
508 .procname = "tcp_wmem",
509 .data = &sysctl_tcp_wmem,
510 .maxlen = sizeof(sysctl_tcp_wmem),
511 .mode = 0644,
512 .proc_handler = &proc_dointvec
513 },
514 {
515 .ctl_name = NET_TCP_RMEM,
516 .procname = "tcp_rmem",
517 .data = &sysctl_tcp_rmem,
518 .maxlen = sizeof(sysctl_tcp_rmem),
519 .mode = 0644,
520 .proc_handler = &proc_dointvec
521 },
522 {
523 .ctl_name = NET_TCP_APP_WIN,
524 .procname = "tcp_app_win",
525 .data = &sysctl_tcp_app_win,
526 .maxlen = sizeof(int),
527 .mode = 0644,
528 .proc_handler = &proc_dointvec
529 },
530 {
531 .ctl_name = NET_TCP_ADV_WIN_SCALE,
532 .procname = "tcp_adv_win_scale",
533 .data = &sysctl_tcp_adv_win_scale,
534 .maxlen = sizeof(int),
535 .mode = 0644,
536 .proc_handler = &proc_dointvec
537 },
538 {
539 .ctl_name = NET_IPV4_ICMP_RATELIMIT,
540 .procname = "icmp_ratelimit",
541 .data = &sysctl_icmp_ratelimit,
542 .maxlen = sizeof(int),
543 .mode = 0644,
544 .proc_handler = &proc_dointvec
545 },
546 {
547 .ctl_name = NET_IPV4_ICMP_RATEMASK,
548 .procname = "icmp_ratemask",
549 .data = &sysctl_icmp_ratemask,
550 .maxlen = sizeof(int),
551 .mode = 0644,
552 .proc_handler = &proc_dointvec
553 },
554 {
555 .ctl_name = NET_TCP_TW_REUSE,
556 .procname = "tcp_tw_reuse",
557 .data = &sysctl_tcp_tw_reuse,
558 .maxlen = sizeof(int),
559 .mode = 0644,
560 .proc_handler = &proc_dointvec
561 },
562 {
563 .ctl_name = NET_TCP_FRTO,
564 .procname = "tcp_frto",
565 .data = &sysctl_tcp_frto,
566 .maxlen = sizeof(int),
567 .mode = 0644,
568 .proc_handler = &proc_dointvec
569 },
570 {
571 .ctl_name = NET_TCP_LOW_LATENCY,
572 .procname = "tcp_low_latency",
573 .data = &sysctl_tcp_low_latency,
574 .maxlen = sizeof(int),
575 .mode = 0644,
576 .proc_handler = &proc_dointvec
577 },
578 {
579 .ctl_name = NET_IPV4_IPFRAG_SECRET_INTERVAL,
580 .procname = "ipfrag_secret_interval",
581 .data = &sysctl_ipfrag_secret_interval,
582 .maxlen = sizeof(int),
583 .mode = 0644,
584 .proc_handler = &proc_dointvec_jiffies,
585 .strategy = &sysctl_jiffies
586 },
587 { .ctl_name = 0 }
588};
589
590#endif
591
592EXPORT_SYMBOL(ipv4_config);
593
