Hi, this diff adds a sysctl to disable kernel icmp echo processing and pass it
to userland via raw sockets. I'm terrible with names but I chose userecho, so
net.inet.icmp.userecho.
I did some basic tests and it seems to work ok.
I kinda need this to tunnel ip over icmp echo.
Index: netinet/icmp_var.h
===================================================================
RCS file: /cvs/src/sys/netinet/icmp_var.h,v
retrieving revision 1.13
diff -d -u -p -w -r1.13 icmp_var.h
--- netinet/icmp_var.h 13 Dec 2007 20:00:53 -0000 1.13
+++ netinet/icmp_var.h 15 Jul 2011 22:47:17 -0000
@@ -65,7 +65,8 @@ struct icmpstat {
#define ICMPCTL_REDIRTIMEOUT 5 /* Remove routes added via
redirects */
#define ICMPCTL_TSTAMPREPL 6 /* allow replies to timestamp
requests */
#define ICMPCTL_STATS 7 /* ICMP statistics */
-#define ICMPCTL_MAXID 8
+#define ICMPCTL_USERECHO 8 /* ICMP echo requests in raw sockets */
+#define ICMPCTL_MAXID 9
#define ICMPCTL_NAMES { \
{ 0, 0 }, \
@@ -75,7 +76,8 @@ struct icmpstat {
{ "rediraccept", CTLTYPE_INT }, \
{ "redirtimeout", CTLTYPE_INT }, \
{ "tstamprepl", CTLTYPE_INT }, \
- { "stats", CTLTYPE_STRUCT } \
+ { "stats", CTLTYPE_STRUCT }, \
+ { "userecho", CTLTYPE_INT } \
}
#define ICMPCTL_VARS { \
@@ -86,7 +88,8 @@ struct icmpstat {
&icmp_rediraccept, \
NULL, \
&icmptstamprepl, \
- NULL \
+ NULL, \
+ &icmpuserecho, \
}
#ifdef _KERNEL
Index: netinet/ip_icmp.c
===================================================================
RCS file: /cvs/src/sys/netinet/ip_icmp.c,v
retrieving revision 1.94
diff -d -u -p -w -r1.94 ip_icmp.c
--- netinet/ip_icmp.c 6 Jul 2011 01:57:37 -0000 1.94
+++ netinet/ip_icmp.c 15 Jul 2011 22:47:17 -0000
@@ -106,6 +106,7 @@
*/
int icmpmaskrepl = 0;
+int icmpuserecho = 0;
int icmpbmcastecho = 0;
int icmptstamprepl = 1;
#ifdef ICMPPRINTFS
@@ -482,6 +483,8 @@ icmp_input(struct mbuf *m, ...)
break;
case ICMP_ECHO:
+ if (icmpuserecho)
+ goto raw;
if (!icmpbmcastecho &&
(m->m_flags & (M_MCAST | M_BCAST)) != 0) {
icmpstat.icps_bmcastecho++;
