New version for On-Waves

The .tarball-version file should contain the *source version* uniquely
identifying the git commit, and not the Debian package name.

With https://gerrit.osmocom.org/#/c/osmo-ci/+/10343/ there is a correct
.tarball-version file in the .tar.xz of the nightly source packages.

Change-Id: I1466936033c2f60edd1078eb41f3508d87da4402
Related: OS#3449

configure.ac

@@ -65,7 +65,7 @@ AC_ARG_ENABLE([gtp-linux],
 	[enable_gtp_linux="$enableval"], [enable_gtp_linux="no"])
 
 AS_IF([test "x$enable_gtp_linux" = "xyes"], [
-	PKG_CHECK_MODULES([LIBGTPNL], [libgtpnl >= 1.0.0])
+	PKG_CHECK_MODULES([LIBGTPNL], [libgtpnl >= 1.2.0])
 ])
 
 AM_CONDITIONAL([ENABLE_GTP_KERNEL], [test "$enable_gtp_linux" = "yes"])
@@ -135,9 +135,9 @@ adl_FUNC_GETOPT_LONG
 
 AM_INIT_AUTOMAKE([foreign])
 
-PKG_CHECK_MODULES(LIBOSMOCORE, libosmocore >= 0.6.4)
-PKG_CHECK_MODULES(LIBOSMOVTY, libosmovty >= 0.3.0)
-PKG_CHECK_MODULES(LIBOSMOCTRL, libosmoctrl)
+PKG_CHECK_MODULES(LIBOSMOCORE, libosmocore >= 0.11.0)
+PKG_CHECK_MODULES(LIBOSMOVTY, libosmovty >= 0.11.0)
+PKG_CHECK_MODULES(LIBOSMOCTRL, libosmoctrl >= 0.11.0)
 
 AC_ARG_ENABLE(sanitize,
 	[AS_HELP_STRING(

debian/changelog

@@ -1,3 +1,141 @@
+osmo-ggsn (1.2.2+ow2) unstable; urgency=medium
+
+  * Release version for On-Waves
+  * From commit ee44b82b967929eaf8867d967a22428972b58d0a 
+
+ -- Daniel Willmann <dwillmann@sysmocom.de>  Fri, 31 Aug 2018 18:02:47 +0200
+
+osmo-ggsn (1.2.2+ow1) unstable; urgency=medium
+
+  * Release new version for On-Waves
+  * commit b673d1c438488fb74abda344e563d733e5ce451a 
+
+ -- Daniel Willmann <dwillmann@sysmocom.de>  Fri, 31 Aug 2018 18:02:02 +0200
+
+osmo-ggsn (1.2.2) unstable; urgency=medium
+
+  [ Vadim Yanitskiy ]
+  * ggsn_vty.c: fix: use CONFIG_NODE as parent by default
+
+  [ Philipp Maier ]
+  * ggsn: fix misinterpreted length field in ipcp_contains_option()
+  * ggsn: make sure ipcp_option_hdr and and ipcp_hdr are packed
+
+ -- Pau Espin Pedrol <pespin@sysmocom.de>  Thu, 31 May 2018 12:44:54 +0200
+
+osmo-ggsn (1.2.1) unstable; urgency=medium
+
+  * debian/rules: Fix debian packaging after 1.2.0 release
+
+ -- Pau Espin Pedrol <pespin@sysmocom.de>  Fri, 04 May 2018 12:19:58 +0200
+
+osmo-ggsn (1.2.0) unstable; urgency=medium
+
+  [ Neels Hofmeyr ]
+  * fix compiler warnings: return 0 in main(), in 3 tests
+  * add --enable-sanitize config option
+  * sanitize build: ensure uint16/32 alignment in gtpie_test and in46a_test
+  * configure: add --enable-werror
+  * jenkins.sh: use --enable-werror configure flag, not CFLAGS
+
+  [ Harald Welte ]
+  * sgsnemu: Don't leak FILE handle in proc_read()
+  * sgsnemu: Fix format string in printing tun-device name
+  * sgsnemu: Make sure buffer has space for terminating-NUL
+  * sgsnemu: Free strings in error path
+  * gtp: Fix buffer overflow in imsi_gtp2str()
+  * gtp: Explicit OSMO_ASSERT to ensure pdp variable is set
+  * tun: Don't copy 16byte IPv6 address to 'struct in_addr'
+  * ippool: Correctly compute size of static pool
+  * remove unused argument to alloc_ippool_blacklist()
+  * factor out netdev_ip_local_get() from tun_ip_local_get()
+  * Properly NULL-out blacklist in alloc_ippool_blacklist()
+  * gtp_kernel: Change gtp_kernel_init() function signature
+  * gtp-kernel: Re-add support for kernel GTP-U acceleration
+  * gtp-kernel: Get rid of hard-coded kernel GTP device name
+  * gtp-kernel: shut down kernel GTP device in apn_down()
+  * gtp-kernel: Align logging for APN start in kernel-gtp case with that of TUN
+  * gtp-kernel: Avoid global state variable
+  * gtp-kernel: Make sure repeated calls to gtp_kernel_init() are safe
+  * gtp-kernel: proper cleanup in error path
+  * gtp-kernel: Get rid of SYS_ERR where not applicable
+  * gtp-kernel: Add function name to pdp_debug() function calls
+  * gtp-kernel: Add device nime in pdp_debug() log statements
+  * contrib/jenkins.sh: Allow jenkins job to specify if kernel GTP is used
+  * ggsn.c: Fix byte order of IPCP IPv4 DNS servers
+  * ggsn: Ignore PCO with length 0, don't abort processing
+  * README.md: Remove misleading sentence on sgsnemu
+  * Add talloc context introspection via VTY
+  * fix segfault in case of kernel gtp-u
+  * lib/tun.c: Generalize tun_sifflags() to netdev_sifflags
+  * lib/tun.c: generalize tun_*route() to netdev_*route()
+  * lib/tun.c: Generalize tun_{set,add}addr*() functions
+  * lib/tun: split generic network device related stuff to lib/netdev
+  * lib/netdev.c: Cosmetic changes (coding style / cleanups)
+  * ggsn: Don't explicitly use tun_setaddr() API anymore
+  * sgsnemu: Convert from tun_setaddr() to tun_addaddr()
+  * lib/tun: Remove tun_setaddr() API, as everyone is using tun_addaddr() now
+  * Move kernel GTP support from ggsn/ to lib/
+  * ggsn: don't use gtp_kernel_tunnel_{add,del}() for userspace tun
+
+  [ Pau Espin Pedrol ]
+  * ggsn_vty: Stop using deprecated API vty_install_default
+  * contrib/jenkins.sh: Enable Werror in C(PP)FLAGS
+  * examples: Add secondary ipv6 google DNS to osmo-ggsn.cfg
+  * tun_setaddr6: Fix log typo
+  * cosmetic: Reorder tun_addaddr to get rid of decl of tun_setaddr4
+  * ggsn.c: Print version of unhandled ip packet
+  * Remove unused empty src/Makefile.in
+  * tests: Split ipv6 specific tests into a new test group
+  * Add support for IPv4v6 End User Addresses
+  * contrib: jenkins.sh: Build libgtpnl as dep when building with gtp kernel support
+  * cosmetic: sgsnemu.c: Fix trailing whitespace
+  * ggsn.c: Improve logging info on link-local ipv6 addr not found
+  * tun.c: tun_addaddr: Fix segfault and wrong usage of tun_nlattr
+  * Set tun_addaddr ipv agnostic and add support for ipv6
+  * ggsn: Add 'ipv6 link-local' vty cmd
+  * ggsn_vty.c: Print ipv6 link-local cmd when writing config to file
+  * gtp.c: Fix trailing whitespace
+  * gtp.c: Determine GTP version from header
+  * gtp.c: Log unsupported GTP version number
+  * gtp/pdp: Fix trailing whitespace
+  * gtp/pdp: Remove unused APIs pdp_ntoeua pdp_euaton
+  * gtp.c: gtp_gpdu_ind: Convert ifelse to switch statement
+  * gtp.c: gtp_gpdu_ind: Early return to avoid use of uninitialized var
+  * gtp/gtp.c: Remove unused function char2ul_t
+  * gtp/gtp.c: Mark non exported functions as static
+  * gtp/gtp.c: Use uint8_t for version param in static functions
+  * ggsn: encaps_tun: Avoid forwarding packet if EUA is unassigned, fix crash
+  * ggsn: Validate packet src addr from MS
+  * ggsn: Parse PCO_IPCP
+  * ggsn: Parse PCO_IPCP for IPv4v6 pdp ctx
+  * ggsn: Print all addresses on successful pdp ctx creation
+  * ggsn.c: cb_tun_ind: Convert ifelse to switch statement
+  * ggsn.c: cb_tun_ind: log dst addr of packet without pdp ctx
+  * ggsn.c: cb_tun_ind: Don't drop packets targeting pdp ctx ll addr
+  * sgsnemu: Fix bad ptr during context deallocation
+  * sgsnemu: listen param is a host, not an interface
+  * use osmo_init_logging2
+
+  [ Max ]
+  * Log APN and tun names for packets
+  * Enable sanitize for CI tests
+  * Fix stow-enabled jenkins build failure
+  * Add GTP message names
+
+  [ Viktor Tsymbalyuk ]
+  * sgsnemu: sgsnemu stopped after recieving "Request accepted" from ggsn
+  * sgsnemu: created "pinghost" and "createif" modes for mutual exclusion
+  * sgsnemu: fix: no outgoing GTP-U in "createif" mode
+
+  [ Martin Hauke ]
+  * build: Remove AC_PROG_CXX, C++ is never used
+
+  [ Stefan Sperling ]
+  * remove the -f option from osmo-ggsn.service
+
+ -- Pau Espin Pedrol <pespin@sysmocom.de>  Thu, 03 May 2018 16:05:27 +0200
+
 osmo-ggsn (1.1.0) unstable; urgency=medium
 
   * libgtp: pdp.h: Addition of new tx_gpdu_seq struct member member

debian/control

@@ -22,7 +22,7 @@ Description: Osmocom Gateway GPRS Support Node (GGSN)
  operators as the interface between the Internet and the rest of the
  mobile network infrastructure.
 
-Package: libgtp2
+Package: libgtp3
 Architecture: any
 Multi-Arch: same
 Section: libs
@@ -41,7 +41,7 @@ Architecture: any
 Multi-Arch: same
 Section: libdevel
 Depends: ${misc:Depends},
-         libgtp2 (= ${binary:Version})
+         libgtp3 (= ${binary:Version})
 Description: Development files for libgtp
  OsmoGGSN is a Gateway GPRS Support Node (GGSN). It is used by mobile
  operators as the interface between the Internet and the rest of the
@@ -54,7 +54,7 @@ Package: osmo-ggsn-dbg
 Section: debug
 Architecture: any
 Priority: extra
-Depends: ${shlibs:Depends}, ${misc:Depends}, libgtp2 (= ${binary:Version}), osmo-ggsn (= ${binary:Version})
+Depends: ${shlibs:Depends}, ${misc:Depends}, libgtp3 (= ${binary:Version}), osmo-ggsn (= ${binary:Version})
 Multi-Arch: same
 Description: Debug symbols for OsmoGGSN
  OsmoGGSN is a Gateway GPRS Support Node (GGSN). It is used by mobile
@@ -65,7 +65,7 @@ Package: libgtp-dbg
 Section: debug
 Architecture: any
 Priority: extra
-Depends: ${shlibs:Depends}, ${misc:Depends}, libgtp2 (= ${binary:Version})
+Depends: ${shlibs:Depends}, ${misc:Depends}, libgtp3 (= ${binary:Version})
 Multi-Arch: same
 Description: Debug symbols for OsmoGGSN
  OsmoGGSN is a Gateway GPRS Support Node (GGSN). It is used by mobile

debian/rules

@@ -16,8 +16,4 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all
 
 override_dh_strip:
 	dh_strip -posmo-ggsn --dbg-package=osmo-ggsn-dbg
-	dh_strip -plibgtp2 --dbg-package=libgtp-dbg
-
-override_dh_autoreconf:
-	echo $(VERSION) > .tarball-version
-	dh_autoreconf
+	dh_strip -plibgtp3 --dbg-package=libgtp-dbg

ggsn/Makefile.am

@@ -12,8 +12,4 @@ osmo_ggsn_LDADD += $(LIBGTPNL_LIBS)
 endif
 
 osmo_ggsn_DEPENDENCIES = ../gtp/libgtp.la ../lib/libmisc.a
-osmo_ggsn_SOURCES = ggsn_vty.c ggsn.c ggsn.h gtp-kernel.h icmpv6.c icmpv6.h checksum.c checksum.h
-
-if ENABLE_GTP_KERNEL
-osmo_ggsn_SOURCES += gtp-kernel.c
-endif
+osmo_ggsn_SOURCES = ggsn_vty.c ggsn.c ggsn.h icmpv6.c icmpv6.h checksum.c checksum.h

ggsn/ggsn.c

@@ -63,9 +63,9 @@
 #include "../lib/ippool.h"
 #include "../lib/syserr.h"
 #include "../lib/in46_addr.h"
+#include "../lib/gtp-kernel.h"
 #include "../gtp/pdp.h"
 #include "../gtp/gtp.h"
-#include "gtp-kernel.h"
 #include "icmpv6.h"
 #include "ggsn.h"
 
@@ -125,13 +125,14 @@ int apn_stop(struct apn_ctx *apn, bool force)
 			LOGPAPN( LOGL_INFO, apn, "Running %s\n", apn->tun.cfg.ipdown_script);
 			tun_runscript(apn->tun.tun, apn->tun.cfg.ipdown_script);
 		}
-		/* release tun device */
-		LOGPAPN(LOGL_INFO, apn, "Closing TUN device %s\n", apn->tun.tun->devname);
-		osmo_fd_unregister(&apn->tun.fd);
+		if (apn->cfg.gtpu_mode == APN_GTPU_MODE_TUN) {
+			/* release tun device */
+			LOGPAPN(LOGL_INFO, apn, "Closing TUN device %s\n", apn->tun.tun->devname);
+			osmo_fd_unregister(&apn->tun.fd);
+		}
 		tun_free(apn->tun.tun);
 		apn->tun.tun = NULL;
 	}
-	gtp_kernel_stop(apn->tun.cfg.dev_name);
 
 	if (apn->v4.pool) {
 		LOGPAPN(LOGL_INFO, apn, "Releasing IPv4 pool\n");
@@ -195,6 +196,7 @@ int apn_start(struct apn_ctx *apn)
 	struct in46_prefix ipv6_tun_linklocal_ip;
 	struct in46_prefix *blacklist;
 	int blacklist_size;
+	struct gsn_t *gsn = apn->ggsn->gsn;
 	int rc;
 
 	if (apn->started)
@@ -204,7 +206,7 @@ int apn_start(struct apn_ctx *apn)
 	switch (apn->cfg.gtpu_mode) {
 	case APN_GTPU_MODE_TUN:
 		LOGPAPN(LOGL_INFO, apn, "Opening TUN device %s\n", apn->tun.cfg.dev_name);
-		if (tun_new(&apn->tun.tun, apn->tun.cfg.dev_name)) {
+		if (tun_new(&apn->tun.tun, apn->tun.cfg.dev_name, false, -1, -1)) {
 			LOGPAPN(LOGL_ERROR, apn, "Failed to configure tun device\n");
 			return -1;
 		}
@@ -216,66 +218,6 @@ int apn_start(struct apn_ctx *apn)
 
 		/* Set TUN library callback */
 		tun_set_cb_ind(apn->tun.tun, cb_tun_ind);
-
-		if (apn->v4.cfg.ifconfig_prefix.addr.len) {
-			LOGPAPN(LOGL_INFO, apn, "Setting tun IP address %s\n",
-				in46p_ntoa(&apn->v4.cfg.ifconfig_prefix));
-			if (tun_setaddr(apn->tun.tun, &apn->v4.cfg.ifconfig_prefix.addr, NULL,
-					apn->v4.cfg.ifconfig_prefix.prefixlen)) {
-				LOGPAPN(LOGL_ERROR, apn, "Failed to set tun IPv4 address %s: %s\n",
-					in46p_ntoa(&apn->v4.cfg.ifconfig_prefix), strerror(errno));
-				apn_stop(apn, false);
-				return -1;
-			}
-		}
-
-		if (apn->v6.cfg.ifconfig_prefix.addr.len) {
-			LOGPAPN(LOGL_INFO, apn, "Setting tun IPv6 address %s\n",
-				in46p_ntoa(&apn->v6.cfg.ifconfig_prefix));
-			if (tun_setaddr(apn->tun.tun, &apn->v6.cfg.ifconfig_prefix.addr, NULL,
-					apn->v6.cfg.ifconfig_prefix.prefixlen)) {
-				LOGPAPN(LOGL_ERROR, apn, "Failed to set tun IPv6 address %s: %s. "
-					"Ensure you have ipv6 support and not used the disable_ipv6 sysctl?\n",
-					in46p_ntoa(&apn->v6.cfg.ifconfig_prefix), strerror(errno));
-				apn_stop(apn, false);
-				return -1;
-			}
-		}
-
-		if (apn->v6.cfg.ll_prefix.addr.len) {
-			LOGPAPN(LOGL_INFO, apn, "Setting tun IPv6 link-local address %s\n",
-				in46p_ntoa(&apn->v6.cfg.ll_prefix));
-			if (tun_addaddr(apn->tun.tun, &apn->v6.cfg.ll_prefix.addr, NULL,
-					apn->v6.cfg.ll_prefix.prefixlen)) {
-				LOGPAPN(LOGL_ERROR, apn, "Failed to set tun IPv6 link-local address %s: %s. "
-					"Ensure you have ipv6 support and not used the disable_ipv6 sysctl?\n",
-					in46p_ntoa(&apn->v6.cfg.ll_prefix), strerror(errno));
-				apn_stop(apn, false);
-				return -1;
-			}
-			apn->v6_lladdr = apn->v6.cfg.ll_prefix.addr.v6;
-		}
-
-		if (apn->tun.cfg.ipup_script) {
-			LOGPAPN(LOGL_INFO, apn, "Running ip-up script %s\n",
-				apn->tun.cfg.ipup_script);
-			tun_runscript(apn->tun.tun, apn->tun.cfg.ipup_script);
-		}
-
-		if (apn->cfg.apn_type_mask & (APN_TYPE_IPv6|APN_TYPE_IPv4v6) &&
-		    apn->v6.cfg.ll_prefix.addr.len == 0) {
-			rc = tun_ip_local_get(apn->tun.tun, &ipv6_tun_linklocal_ip, 1, IP_TYPE_IPv6_LINK);
-			if (rc < 1) {
-				LOGPAPN(LOGL_ERROR, apn, "Cannot obtain IPv6 link-local address of interface: %s\n",
-					rc ? strerror(errno) : "tun interface has no link-local IP assigned");
-				apn_stop(apn, false);
-				return -1;
-			}
-			apn->v6_lladdr = ipv6_tun_linklocal_ip.addr.v6;
-		}
-
-		/* set back-pointer from TUN device to APN */
-		apn->tun.tun->priv = apn;
 		break;
 	case APN_GTPU_MODE_KERNEL_GTP:
 		LOGPAPN(LOGL_INFO, apn, "Opening Kernel GTP device %s\n", apn->tun.cfg.dev_name);
@@ -284,9 +226,17 @@ int apn_start(struct apn_ctx *apn)
 			apn_stop(apn, false);
 			return -1;
 		}
+		if (gsn == NULL) {
+			/* skip bringing up the APN now if the GSN is not initialized yet.
+			 * This happens during initial load of the config file, as the
+			 * "no shutdown" in the ggsn node only happens after the "apn" nodes
+			 * are brought up */
+			LOGPAPN(LOGL_NOTICE, apn, "Skipping APN start\n");
+			return 0;
+		}
 		/* use GTP kernel module for data packet encapsulation */
-		if (gtp_kernel_init(apn->ggsn->gsn, apn->tun.cfg.dev_name,
-				    &apn->v4.cfg.ifconfig_prefix, apn->tun.cfg.ipup_script) < 0) {
+		if (tun_new(&apn->tun.tun, apn->tun.cfg.dev_name, true, gsn->fd0, gsn->fd1u)) {
+			LOGPAPN(LOGL_ERROR, apn, "Failed to configure Kernel GTP device\n");
 			return -1;
 		}
 		break;
@@ -295,6 +245,68 @@ int apn_start(struct apn_ctx *apn)
 		return -1;
 	}
 
+	/* common initialization below */
+
+	/* set back-pointer from TUN device to APN */
+	apn->tun.tun->priv = apn;
+
+	if (apn->v4.cfg.ifconfig_prefix.addr.len) {
+		LOGPAPN(LOGL_INFO, apn, "Setting tun IP address %s\n",
+			in46p_ntoa(&apn->v4.cfg.ifconfig_prefix));
+		if (tun_addaddr(apn->tun.tun, &apn->v4.cfg.ifconfig_prefix.addr, NULL,
+				apn->v4.cfg.ifconfig_prefix.prefixlen)) {
+			LOGPAPN(LOGL_ERROR, apn, "Failed to set tun IPv4 address %s: %s\n",
+				in46p_ntoa(&apn->v4.cfg.ifconfig_prefix), strerror(errno));
+			apn_stop(apn, false);
+			return -1;
+		}
+	}
+
+	if (apn->v6.cfg.ifconfig_prefix.addr.len) {
+		LOGPAPN(LOGL_INFO, apn, "Setting tun IPv6 address %s\n",
+			in46p_ntoa(&apn->v6.cfg.ifconfig_prefix));
+		if (tun_addaddr(apn->tun.tun, &apn->v6.cfg.ifconfig_prefix.addr, NULL,
+				apn->v6.cfg.ifconfig_prefix.prefixlen)) {
+			LOGPAPN(LOGL_ERROR, apn, "Failed to set tun IPv6 address %s: %s. "
+				"Ensure you have ipv6 support and not used the disable_ipv6 sysctl?\n",
+				in46p_ntoa(&apn->v6.cfg.ifconfig_prefix), strerror(errno));
+			apn_stop(apn, false);
+			return -1;
+		}
+	}
+
+	if (apn->v6.cfg.ll_prefix.addr.len) {
+		LOGPAPN(LOGL_INFO, apn, "Setting tun IPv6 link-local address %s\n",
+			in46p_ntoa(&apn->v6.cfg.ll_prefix));
+		if (tun_addaddr(apn->tun.tun, &apn->v6.cfg.ll_prefix.addr, NULL,
+				apn->v6.cfg.ll_prefix.prefixlen)) {
+			LOGPAPN(LOGL_ERROR, apn, "Failed to set tun IPv6 link-local address %s: %s. "
+				"Ensure you have ipv6 support and not used the disable_ipv6 sysctl?\n",
+				in46p_ntoa(&apn->v6.cfg.ll_prefix), strerror(errno));
+			apn_stop(apn, false);
+			return -1;
+		}
+		apn->v6_lladdr = apn->v6.cfg.ll_prefix.addr.v6;
+	}
+
+	if (apn->tun.cfg.ipup_script) {
+		LOGPAPN(LOGL_INFO, apn, "Running ip-up script %s\n",
+			apn->tun.cfg.ipup_script);
+		tun_runscript(apn->tun.tun, apn->tun.cfg.ipup_script);
+	}
+
+	if (apn->cfg.apn_type_mask & (APN_TYPE_IPv6|APN_TYPE_IPv4v6) &&
+	    apn->v6.cfg.ll_prefix.addr.len == 0) {
+		rc = tun_ip_local_get(apn->tun.tun, &ipv6_tun_linklocal_ip, 1, IP_TYPE_IPv6_LINK);
+		if (rc < 1) {
+			LOGPAPN(LOGL_ERROR, apn, "Cannot obtain IPv6 link-local address of interface: %s\n",
+				rc ? strerror(errno) : "tun interface has no link-local IP assigned");
+			apn_stop(apn, false);
+			return -1;
+		}
+		apn->v6_lladdr = ipv6_tun_linklocal_ip.addr.v6;
+	}
+
 	/* Create IPv4 pool */
 	if (apn->v4.cfg.dynamic_prefix.addr.len) {
 		LOGPAPN(LOGL_INFO, apn, "Creating IPv4 pool %s\n",
@@ -368,9 +380,11 @@ static int delete_context(struct pdp_t *pdp)
 			LOGPPDP(LOGL_ERROR, pdp, "Cannot find/free IP Pool member\n");
 	}
 
-	if (gtp_kernel_tunnel_del(pdp, apn->tun.cfg.dev_name)) {
-		LOGPPDP(LOGL_ERROR, pdp, "Cannot delete tunnel from kernel:%s\n",
-			strerror(errno));
+	if (apn->cfg.gtpu_mode == APN_GTPU_MODE_KERNEL_GTP) {
+		if (gtp_kernel_tunnel_del(pdp, apn->tun.cfg.dev_name)) {
+			LOGPPDP(LOGL_ERROR, pdp, "Cannot delete tunnel from kernel:%s\n",
+				strerror(errno));
+		}
 	}
 
 	return 0;
@@ -389,26 +403,29 @@ struct ipcp_option_hdr {
 	uint8_t type;
 	uint8_t len;
 	uint8_t data[0];
-};
+} __attribute__ ((packed));
 
 struct ipcp_hdr {
 	uint8_t code;
 	uint8_t id;
 	uint16_t len;
 	uint8_t options[0];
-};
+} __attribute__ ((packed));
 
 /* determine if IPCP contains given option */
-static struct ipcp_option_hdr *ipcp_contains_option(struct ipcp_hdr *ipcp, enum ipcp_options opt)
+static uint8_t *ipcp_contains_option(uint8_t *ipcp, size_t ipcp_len, enum ipcp_options opt, size_t opt_minlen)
 {
-	uint8_t *cur = ipcp->options;
+	uint8_t *cur_opt = ipcp + sizeof(struct ipcp_hdr);
 
 	/* iterate over Options and check if protocol contained */
-	while (cur + 2 <= ((uint8_t *)ipcp) + ipcp->len) {
-		struct ipcp_option_hdr *cur_opt = (struct ipcp_option_hdr *) cur;
-		if (cur_opt->type == opt)
+	while (cur_opt + 2 <= ipcp + ipcp_len) {
+		uint8_t type = cur_opt[0];
+		uint8_t len = cur_opt[1]; /* length value includes 2 bytes type/length */
+		if (len < 2)
+			return NULL;
+		if (type == opt && len >= 2 + opt_minlen)
 			return cur_opt;
-		cur += cur_opt->len;
+		cur_opt += len;
 	}
 	return NULL;
 }
@@ -446,15 +463,15 @@ enum pco_protocols {
 };
 
 /* determine if PCO contains given protocol */
-static uint8_t *pco_contains_proto(struct ul255_t *pco, uint16_t prot)
+static uint8_t *pco_contains_proto(struct ul255_t *pco, size_t offset, uint16_t prot, size_t prot_minlen)
 {
-	uint8_t *cur = pco->v + 1;
+	uint8_t *cur = pco->v + 1 + offset;
 
 	/* iterate over PCO and check if protocol contained */
 	while (cur + 3 <= pco->v + pco->l) {
 		uint16_t cur_prot = osmo_load16be(cur);
 		uint8_t cur_len = cur[2];
-		if (cur_prot == prot)
+		if (cur_prot == prot && cur_len >= prot_minlen)
 			return cur;
 		cur += cur_len + 3;
 	}
@@ -486,46 +503,59 @@ static struct ippoolm_t *pdp_get_peer_ipv(struct pdp_t *pdp, bool is_ipv6) {
 }
 
 /* construct an IPCP PCO response from request*/
-static int build_ipcp_pco(struct apn_ctx *apn, struct pdp_t *pdp, struct msgb *msg)
+static void build_ipcp_pco(struct apn_ctx *apn, struct pdp_t *pdp, struct msgb *msg)
 {
 	const struct in46_addr *dns1 = &apn->v4.cfg.dns[0];
 	const struct in46_addr *dns2 = &apn->v4.cfg.dns[1];
-	struct ipcp_hdr *ipcp;
+	uint8_t *ipcp;
+	uint16_t ipcp_len;
 	uint8_t *len1, *len2, *pco_ipcp;
-	uint8_t *start = msg->tail;
 	unsigned int len_appended;
+	ptrdiff_t consumed;
+	size_t remain, offset = 0;
 
-	if (!(pco_ipcp = pco_contains_proto(&pdp->pco_req, PCO_P_IPCP)))
-		return 0;
-	ipcp = (struct ipcp_hdr*) (pco_ipcp + 3);  /* 2=type + 1=len */
+	/* pco_contains_proto() returns a potentially unaligned pointer into pco_req->v (see OS#3194) */
+	pco_ipcp = pco_contains_proto(&pdp->pco_req, offset, PCO_P_IPCP, sizeof(struct ipcp_hdr));
+	while (pco_ipcp) {
+		uint8_t *start = msg->tail;
 
-	/* Three byte T16L header */
-	msgb_put_u16(msg, 0x8021);	/* IPCP */
-	len1 = msgb_put(msg, 1);	/* Length of contents: delay */
+		ipcp = (pco_ipcp + 3);  /* 2=type + 1=len */
+		consumed = (ipcp - &pdp->pco_req.v[0]);
+		remain = sizeof(pdp->pco_req.v) - consumed;
+		ipcp_len = osmo_load16be(ipcp + 2); /* 1=code + 1=id */
+		if (remain < 0 || remain < ipcp_len)
+			return;
 
-	msgb_put_u8(msg, 0x02);		/* ACK */
-	msgb_put_u8(msg, ipcp->id);	/* ID: Needs to match request */
-	msgb_put_u8(msg, 0x00);		/* Length MSB */
-	len2 = msgb_put(msg, 1);	/* Length LSB: delay */
+		/* Three byte T16L header */
+		msgb_put_u16(msg, 0x8021);	/* IPCP */
+		len1 = msgb_put(msg, 1);	/* Length of contents: delay */
 
-	if (dns1->len == 4 && ipcp_contains_option(ipcp, IPCP_OPT_PRIMARY_DNS)) {
-		msgb_put_u8(msg, 0x81);		/* DNS1 Tag */
-		msgb_put_u8(msg, 2 + dns1->len);/* DNS1 Length, incl. TL */
-		msgb_put_u32(msg, ntohl(dns1->v4.s_addr));
+		msgb_put_u8(msg, 0x02);		/* ACK */
+		msgb_put_u8(msg, ipcp[1]);	/* ID: Needs to match request */
+		msgb_put_u8(msg, 0x00);		/* Length MSB */
+		len2 = msgb_put(msg, 1);	/* Length LSB: delay */
+
+		if (dns1->len == 4 && ipcp_contains_option(ipcp, ipcp_len, IPCP_OPT_PRIMARY_DNS, 4)) {
+			msgb_put_u8(msg, 0x81);		/* DNS1 Tag */
+			msgb_put_u8(msg, 2 + dns1->len);/* DNS1 Length, incl. TL */
+			msgb_put_u32(msg, ntohl(dns1->v4.s_addr));
+		}
+
+		if (dns2->len == 4 && ipcp_contains_option(ipcp, ipcp_len, IPCP_OPT_SECONDARY_DNS, 4)) {
+			msgb_put_u8(msg, 0x83);		/* DNS2 Tag */
+			msgb_put_u8(msg, 2 + dns2->len);/* DNS2 Length, incl. TL */
+			msgb_put_u32(msg, ntohl(dns2->v4.s_addr));
+		}
+
+		/* patch in length values */
+		len_appended = msg->tail - start;
+		*len1 = len_appended - 3;
+		*len2 = len_appended - 3;
+
+		offset += 3 + ipcp_len;
+		pco_ipcp = pco_contains_proto(&pdp->pco_req, offset, PCO_P_IPCP, sizeof(struct ipcp_hdr));
 	}
 
-	if (dns2->len == 4 && ipcp_contains_option(ipcp, IPCP_OPT_SECONDARY_DNS)) {
-		msgb_put_u8(msg, 0x83);		/* DNS2 Tag */
-		msgb_put_u8(msg, 2 + dns2->len);/* DNS2 Length, incl. TL */
-		msgb_put_u32(msg, ntohl(dns2->v4.s_addr));
-	}
-
-	/* patch in length values */
-	len_appended = msg->tail - start;
-	*len1 = len_appended - 3;
-	*len2 = len_appended - 3;
-
-	return 0;
 }
 
 /* process one PCO request from a MS/UE, putting together the proper responses */
@@ -541,7 +571,7 @@ static void process_pco(struct apn_ctx *apn, struct pdp_t *pdp)
 	if (peer_v4)
 		build_ipcp_pco(apn, pdp, msg);
 
-	if (pco_contains_proto(&pdp->pco_req, PCO_P_DNS_IPv6_ADDR)) {
+	if (pco_contains_proto(&pdp->pco_req, 0, PCO_P_DNS_IPv6_ADDR, 0)) {
 		for (i = 0; i < ARRAY_SIZE(apn->v6.cfg.dns); i++) {
 			struct in46_addr *i46a = &apn->v6.cfg.dns[i];
 			if (i46a->len != 16)
@@ -550,7 +580,7 @@ static void process_pco(struct apn_ctx *apn, struct pdp_t *pdp)
 		}
 	}
 
-	if (pco_contains_proto(&pdp->pco_req, PCO_P_DNS_IPv4_ADDR)) {
+	if (pco_contains_proto(&pdp->pco_req, 0, PCO_P_DNS_IPv4_ADDR, 0)) {
 		for (i = 0; i < ARRAY_SIZE(apn->v4.cfg.dns); i++) {
 			struct in46_addr *i46a = &apn->v4.cfg.dns[i];
 			if (i46a->len != 4)
@@ -676,7 +706,7 @@ int create_context_ind(struct pdp_t *pdp)
 
 	in46a_to_eua(addr, num_addr, &pdp->eua);
 
-	if (apn_supports_ipv4(apn)) {
+	if (apn->cfg.gtpu_mode == APN_GTPU_MODE_KERNEL_GTP && apn_supports_ipv4(apn)) {
 		/* TODO: In IPv6, EUA doesn't contain the actual IP addr/prefix! */
 		if (gtp_kernel_tunnel_add(pdp, apn->tun.cfg.dev_name) < 0) {
 			LOGPPDP(LOGL_ERROR, pdp, "Cannot add tunnel to kernel: %s\n", strerror(errno));
@@ -1097,7 +1127,8 @@ int main(int argc, char **argv)
 	if (rc < 0)
 		exit(1);
 
-	g_ctrlh = ctrl_interface_setup(NULL, OSMO_CTRL_PORT_GGSN, NULL);
+	g_ctrlh = ctrl_interface_setup_dynip(NULL, ctrl_vty_get_bind_addr(),
+					     OSMO_CTRL_PORT_GGSN, NULL);
 	if (!g_ctrlh) {
 		LOGP(DGGSN, LOGL_ERROR, "Failed to create CTRL interface.\n");
 		exit(1);

ggsn/ggsn_vty.c

@@ -948,6 +948,10 @@ static int ggsn_vty_go_parent(struct vty *vty)
 			vty->index_sub = &apn->ggsn->cfg.description;
 		}
 		break;
+	default:
+		vty->node = CONFIG_NODE;
+		vty->index = NULL;
+		vty->index_sub = NULL;
 	}
 
 	return vty->node;

gtp/Makefile.am

@@ -1,7 +1,9 @@
 # This is _NOT_ the library release version, it's an API version.
 # Please read chapter "Library interface versions" of the libtool documentation
 # before making any modifications: https://www.gnu.org/software/libtool/manual/html_node/Versioning.html
-LIBVERSION=2:0:0
+# If major=current-age is increased, remember to update the dh_strip line in debian/rules!
+LIBVERSION=3:0:0
+
 lib_LTLIBRARIES = libgtp.la
 
 include_HEADERS = gtp.h pdp.h gtpie.h
@@ -11,7 +13,3 @@ AM_CFLAGS = -O2 -fno-builtin -Wall -DSBINDIR='"$(sbindir)"' -ggdb $(LIBOSMOCORE_
 libgtp_la_SOURCES = gtp.c gtp.h gtpie.c gtpie.h pdp.c pdp.h lookupa.c lookupa.h queue.c queue.h
 libgtp_la_LDFLAGS = -version-info $(LIBVERSION) -no-undefined
 libgtp_la_LIBADD = $(LIBOSMOCORE_LIBS)
-
-
-
-

gtp/gtp.c

@@ -190,6 +190,15 @@ int gtp_set_cb_conf(struct gsn_t *gsn,
 	return 0;
 }
 
+static void emit_cb_recovery(struct gsn_t *gsn, struct sockaddr_in * peer,
+			     struct pdp_t * pdp, uint8_t recovery)
+{
+	if (gsn->cb_recovery)
+		gsn->cb_recovery(peer, recovery);
+	if (gsn->cb_recovery2)
+		gsn->cb_recovery2(peer, pdp, recovery);
+}
+
 int gtp_set_cb_recovery(struct gsn_t *gsn,
 			int (*cb) (struct sockaddr_in * peer, uint8_t recovery))
 {
@@ -197,6 +206,20 @@ int gtp_set_cb_recovery(struct gsn_t *gsn,
 	return 0;
 }
 
+/* cb_recovery()
+ * pdp may be NULL if Recovery IE was received from a message independent
+ * of any PDP ctx (such as Echo Response), or because pdp ctx is unknown to the
+ * local setup. In case pdp is known, caller may want to keep that pdp alive to
+ * handle subsequent msg cb as this specific pdp ctx is still valid according to
+ * specs.
+ */
+int gtp_set_cb_recovery2(struct gsn_t *gsn,
+			int (*cb_recovery2) (struct sockaddr_in * peer, struct pdp_t * pdp, uint8_t recovery))
+{
+	gsn->cb_recovery2 = cb_recovery2;
+	return 0;
+}
+
 int gtp_set_cb_data_ind(struct gsn_t *gsn,
 			       int (*cb_data_ind) (struct pdp_t * pdp,
 						   void *pack, unsigned len))
@@ -977,8 +1000,7 @@ int gtp_echo_conf(struct gsn_t *gsn, int version, struct sockaddr_in *peer,
 	if (gsn->cb_conf)
 		gsn->cb_conf(type, recovery, NULL, cbp);
 
-	if (gsn->cb_recovery)
-		gsn->cb_recovery(peer, recovery);
+	emit_cb_recovery(gsn, peer, NULL, recovery);
 
 	return 0;
 }
@@ -1310,6 +1332,8 @@ int gtp_create_pdp_ind(struct gsn_t *gsn, int version,
 	struct pdp_t pdp_buf;
 	union gtpie_member *ie[GTPIE_SIZE];
 	uint8_t recovery;
+	bool recovery_recvd = false;
+	int rc;
 
 	uint16_t seq = get_seq(pack);
 	int hlen = get_hlen(pack);
@@ -1410,8 +1434,8 @@ int gtp_create_pdp_ind(struct gsn_t *gsn, int version,
 
 	/* Recovery (optional) */
 	if (!gtpie_gettv1(ie, GTPIE_RECOVERY, 0, &recovery)) {
-		if (gsn->cb_recovery)
-			gsn->cb_recovery(peer, recovery);
+		/* we use recovery futher down after announcing new pdp ctx to user */
+		recovery_recvd = true;
 	}
 
 	/* Selection mode (conditional) */
@@ -1612,6 +1636,9 @@ int gtp_create_pdp_ind(struct gsn_t *gsn, int version,
 			/* Switch to using the old pdp context */
 			pdp = pdp_old;
 
+			if (recovery_recvd)
+				emit_cb_recovery(gsn, peer, pdp, recovery);
+
 			/* Confirm to peer that things were "successful" */
 			return gtp_create_pdp_resp(gsn, version, pdp,
 						   GTPCAUSE_ACC_REQ);
@@ -1633,13 +1660,16 @@ int gtp_create_pdp_ind(struct gsn_t *gsn, int version,
 
 	/* Callback function to validata login */
 	if (gsn->cb_create_context_ind != 0)
-		return gsn->cb_create_context_ind(pdp);
+		rc = gsn->cb_create_context_ind(pdp);
 	else {
 		GTP_LOGPKG(LOGL_ERROR, peer, pack, len,
 			    "No create_context_ind callback defined\n");
-		return gtp_create_pdp_resp(gsn, version, pdp,
+		rc = gtp_create_pdp_resp(gsn, version, pdp,
 					   GTPCAUSE_NOT_SUPPORTED);
 	}
+	if (recovery_recvd)
+		emit_cb_recovery(gsn, peer, pdp, recovery);
+	return rc;
 }
 
 /* Handle Create PDP Context Response */
@@ -1696,8 +1726,7 @@ int gtp_create_pdp_conf(struct gsn_t *gsn, int version,
 
 	/* Extract recovery (optional) */
 	if (!gtpie_gettv1(ie, GTPIE_RECOVERY, 0, &recovery)) {
-		if (gsn->cb_recovery)
-			gsn->cb_recovery(peer, recovery);
+		emit_cb_recovery(gsn, peer, pdp, recovery);
 	}
 
 	/* Extract protocol configuration options (optional) */
@@ -2106,8 +2135,7 @@ static int gtp_update_pdp_ind(struct gsn_t *gsn, uint8_t version,
 
 	/* Recovery (optional) */
 	if (!gtpie_gettv1(ie, GTPIE_RECOVERY, 0, &recovery)) {
-		if (gsn->cb_recovery)
-			gsn->cb_recovery(peer, recovery);
+		emit_cb_recovery(gsn, peer, pdp, recovery);
 	}
 
 	if (version == 0) {
@@ -2267,8 +2295,7 @@ static int gtp_update_pdp_conf(struct gsn_t *gsn, uint8_t version,
 
 	/* Extract recovery (optional) */
 	if (!gtpie_gettv1(ie, GTPIE_RECOVERY, 0, &recovery)) {
-		if (gsn->cb_recovery)
-			gsn->cb_recovery(peer, recovery);
+		emit_cb_recovery(gsn, peer, pdp, recovery);
 	}
 
 	/* Check all conditional information elements */
@@ -2337,16 +2364,66 @@ err_out:
 	return EOF;
 }
 
-/* API: Send Delete PDP Context Request */
+/* API: Deprecated. Send Delete PDP Context Request And free pdp ctx. */
 int gtp_delete_context_req(struct gsn_t *gsn, struct pdp_t *pdp, void *cbp,
 			   int teardown)
+{
+	struct pdp_t *linked_pdp;
+	struct pdp_t *secondary_pdp;
+	int n;
+
+	if (pdp_getgtp1(&linked_pdp, pdp->teic_own)) {
+		LOGP(DLGTP, LOGL_ERROR,
+			"Unknown linked PDP context: %u\n", pdp->teic_own);
+		return EOF;
+	}
+
+	if (gtp_delete_context_req2(gsn, pdp, cbp, teardown) == EOF)
+		return EOF;
+
+	if (teardown) {		/* Remove all contexts */
+		for (n = 0; n < PDP_MAXNSAPI; n++) {
+			if (linked_pdp->secondary_tei[n]) {
+				if (pdp_getgtp1
+				    (&secondary_pdp,
+				     linked_pdp->secondary_tei[n])) {
+					LOGP(DLGTP, LOGL_ERROR,
+						"Unknown secondary PDP context\n");
+					return EOF;
+				}
+				if (linked_pdp != secondary_pdp) {
+					if (gsn->cb_delete_context)
+						gsn->cb_delete_context
+						    (secondary_pdp);
+					pdp_freepdp(secondary_pdp);
+				}
+			}
+		}
+		if (gsn->cb_delete_context)
+			gsn->cb_delete_context(linked_pdp);
+		pdp_freepdp(linked_pdp);
+	} else {
+		if (gsn->cb_delete_context)
+			gsn->cb_delete_context(pdp);
+		if (pdp == linked_pdp) {
+			linked_pdp->secondary_tei[pdp->nsapi & 0xf0] = 0;
+			linked_pdp->nodata = 1;
+		} else
+			pdp_freepdp(pdp);
+	}
+
+	return 0;
+}
+
+/* API: Send Delete PDP Context Request. PDP CTX shall be free'd by user at cb_conf(GTP_DELETE_PDP_RSP) */
+int gtp_delete_context_req2(struct gsn_t *gsn, struct pdp_t *pdp, void *cbp,
+			   int teardown)
 {
 	union gtp_packet packet;
 	unsigned int length =
 	    get_default_gtp(pdp->version, GTP_DELETE_PDP_REQ, &packet);
 	struct in_addr addr;
 	struct pdp_t *linked_pdp;
-	struct pdp_t *secondary_pdp;
 	int n;
 	int count = 0;
 
@@ -2383,37 +2460,6 @@ int gtp_delete_context_req(struct gsn_t *gsn, struct pdp_t *pdp, void *cbp,
 
 	gtp_req(gsn, pdp->version, pdp, &packet, length, &addr, cbp);
 
-	if (teardown) {		/* Remove all contexts */
-		for (n = 0; n < PDP_MAXNSAPI; n++) {
-			if (linked_pdp->secondary_tei[n]) {
-				if (pdp_getgtp1
-				    (&secondary_pdp,
-				     linked_pdp->secondary_tei[n])) {
-					LOGP(DLGTP, LOGL_ERROR,
-						"Unknown secondary PDP context\n");
-					return EOF;
-				}
-				if (linked_pdp != secondary_pdp) {
-					if (gsn->cb_delete_context)
-						gsn->cb_delete_context
-						    (secondary_pdp);
-					pdp_freepdp(secondary_pdp);
-				}
-			}
-		}
-		if (gsn->cb_delete_context)
-			gsn->cb_delete_context(linked_pdp);
-		pdp_freepdp(linked_pdp);
-	} else {
-		if (gsn->cb_delete_context)
-			gsn->cb_delete_context(pdp);
-		if (pdp == linked_pdp) {
-			linked_pdp->secondary_tei[pdp->nsapi & 0xf0] = 0;
-			linked_pdp->nodata = 1;
-		} else
-			pdp_freepdp(pdp);
-	}
-
 	return 0;
 }
 
@@ -2553,6 +2599,9 @@ int gtp_delete_pdp_ind(struct gsn_t *gsn, int version,
 				if (linked_pdp->secondary_tei[n])
 					count++;
 			if (count <= 1) {
+				GTP_LOGPKG(LOGL_NOTICE, peer, pack, len,
+					   "Ignoring CTX DEL without teardown and count=%d\n",
+					   count);
 				return 0;	/* 29.060 7.3.5 Ignore message */
 			}
 		}
@@ -2570,19 +2619,32 @@ int gtp_delete_pdp_conf(struct gsn_t *gsn, int version,
 	uint8_t cause;
 	void *cbp = NULL;
 	uint8_t type = 0;
+	struct pdp_t *pdp = NULL;
 	int hlen = get_hlen(pack);
 
 	/* Remove packet from queue */
 	if (gtp_conf(gsn, version, peer, pack, len, &type, &cbp))
 		return EOF;
 
+	/* Find the context in question. It may not be available if gtp_delete_context_req
+	 * was used and as a result the PDP ctx was already freed */
+	if (pdp_getgtp1(&pdp, get_tei(pack))) {
+		gsn->err_unknownpdp++;
+		GTP_LOGPKG(LOGL_NOTICE, peer, pack, len,
+			    "Unknown PDP context: %u (expected if gtp_delete_context_req is used)\n",
+			     get_tei(pack));
+		if (gsn->cb_conf)
+			gsn->cb_conf(type, EOF, NULL, cbp);
+		return EOF;
+	}
+
 	/* Decode information elements */
 	if (gtpie_decaps(ie, version, pack + hlen, len - hlen)) {
 		gsn->invalid++;
 		GTP_LOGPKG(LOGL_ERROR, peer, pack, len,
 			    "Invalid message format\n");
 		if (gsn->cb_conf)
-			gsn->cb_conf(type, EOF, NULL, cbp);
+			gsn->cb_conf(type, EOF, pdp, cbp);
 		return EOF;
 	}
 
@@ -2592,7 +2654,7 @@ int gtp_delete_pdp_conf(struct gsn_t *gsn, int version,
 		GTP_LOGPKG(LOGL_ERROR, peer, pack, len,
 			    "Missing mandatory information field\n");
 		if (gsn->cb_conf)
-			gsn->cb_conf(type, EOF, NULL, cbp);
+			gsn->cb_conf(type, EOF, pdp, cbp);
 		return EOF;
 	}
 
@@ -2602,13 +2664,13 @@ int gtp_delete_pdp_conf(struct gsn_t *gsn, int version,
 		GTP_LOGPKG(LOGL_ERROR, peer, pack, len,
 			    "Unexpected cause value received: %d\n", cause);
 		if (gsn->cb_conf)
-			gsn->cb_conf(type, cause, NULL, cbp);
+			gsn->cb_conf(type, cause, pdp, cbp);
 		return EOF;
 	}
 
 	/* Callback function to notify application */
 	if (gsn->cb_conf)
-		gsn->cb_conf(type, cause, NULL, cbp);
+		gsn->cb_conf(type, cause, pdp, cbp);
 
 	return 0;
 }
@@ -2830,23 +2892,23 @@ int gtp_decaps0(struct gsn_t *gsn)
 
 		if ((gsn->mode == GTP_MODE_GGSN) &&
 		    ((pheader->type == GTP_CREATE_PDP_RSP) ||
-		     (pheader->type == GTP_UPDATE_PDP_RSP) ||
-		     (pheader->type == GTP_DELETE_PDP_RSP))) {
+		     (pheader->type == GTP_UPDATE_PDP_RSP))) {
 			gsn->unexpect++;
 			GTP_LOGPKG(LOGL_ERROR, &peer, buffer,
 				    status,
-				    "Unexpected GTPv0 Signalling Message\n");
+				    "Unexpected GTPv0 Signalling Message '%s'\n",
+				    get_value_string(gtp_type_names, pheader->type));
 			continue;	/* Silently discard 29.60: 11.1.4 */
 		}
 
 		if ((gsn->mode == GTP_MODE_SGSN) &&
 		    ((pheader->type == GTP_CREATE_PDP_REQ) ||
-		     (pheader->type == GTP_UPDATE_PDP_REQ) ||
-		     (pheader->type == GTP_DELETE_PDP_REQ))) {
+		     (pheader->type == GTP_UPDATE_PDP_REQ))) {
 			gsn->unexpect++;
 			GTP_LOGPKG(LOGL_ERROR, &peer, buffer,
 				    status,
-				    "Unexpected GTPv0 Signalling Message\n");
+				    "Unexpected GTPv0 Signalling Message '%s'\n",
+				    get_value_string(gtp_type_names, pheader->type));
 			continue;	/* Silently discard 29.60: 11.1.4 */
 		}
 
@@ -3007,23 +3069,23 @@ int gtp_decaps1c(struct gsn_t *gsn)
 
 		if ((gsn->mode == GTP_MODE_GGSN) &&
 		    ((pheader->type == GTP_CREATE_PDP_RSP) ||
-		     (pheader->type == GTP_UPDATE_PDP_RSP) ||
-		     (pheader->type == GTP_DELETE_PDP_RSP))) {
+		     (pheader->type == GTP_UPDATE_PDP_RSP))) {
 			gsn->unexpect++;
 			GTP_LOGPKG(LOGL_ERROR, &peer, buffer,
 				    status,
-				    "Unexpected GTPv1 Signalling Message\n");
+				    "Unexpected GTPv1 Signalling Message '%s'\n",
+				    get_value_string(gtp_type_names, pheader->type));
 			continue;	/* Silently discard 29.60: 11.1.4 */
 		}
 
 		if ((gsn->mode == GTP_MODE_SGSN) &&
 		    ((pheader->type == GTP_CREATE_PDP_REQ) ||
-		     (pheader->type == GTP_UPDATE_PDP_REQ) ||
-		     (pheader->type == GTP_DELETE_PDP_REQ))) {
+		     (pheader->type == GTP_UPDATE_PDP_REQ))) {
 			gsn->unexpect++;
 			GTP_LOGPKG(LOGL_ERROR, &peer, buffer,
 				    status,
-				    "Unexpected GTPv1 Signalling Message\n");
+				    "Unexpected GTPv1 Signalling Message '%s'\n",
+				    get_value_string(gtp_type_names, pheader->type));
 			continue;	/* Silently discard 29.60: 11.1.4 */
 		}
 

gtp/gtp.h

@@ -13,6 +13,7 @@
 #define _GTP_H
 
 #include <osmocom/core/utils.h>
+#include <osmocom/core/defs.h>
 
 #define GTP_MODE_GGSN 1
 #define GTP_MODE_SGSN 2
@@ -270,6 +271,7 @@ struct gsn_t {
 	int (*cb_conf) (int type, int cause, struct pdp_t * pdp, void *cbp);
 	int (*cb_data_ind) (struct pdp_t * pdp, void *pack, unsigned len);
 	int (*cb_recovery) (struct sockaddr_in * peer, uint8_t recovery);
+	int (*cb_recovery2) (struct sockaddr_in * peer, struct pdp_t * pdp, uint8_t recovery);
 
 	/* Counters */
 
@@ -323,7 +325,10 @@ extern int gtp_update_context(struct gsn_t *gsn, struct pdp_t *pdp,
 			      void *cbp, struct in_addr *inetaddr);
 
 extern int gtp_delete_context_req(struct gsn_t *gsn, struct pdp_t *pdp,
-				  void *cbp, int teardown);
+				  void *cbp, int teardown)
+		OSMO_DEPRECATED("Use gtp_delete_context_req2() instead, to avoid freeing pdp ctx before reply");
+extern int gtp_delete_context_req2(struct gsn_t *gsn, struct pdp_t *pdp,
+				   void *cbp, int teardown);
 
 extern int gtp_data_req(struct gsn_t *gsn, struct pdp_t *pdp,
 			void *pack, unsigned len);
@@ -357,6 +362,11 @@ extern int gtp_set_cb_conf(struct gsn_t *gsn,
 
 int gtp_set_cb_recovery(struct gsn_t *gsn,
 			int (*cb) (struct sockaddr_in * peer,
+				   uint8_t recovery))
+	OSMO_DEPRECATED("Use gtp_set_cb_recovery2() instead, to obtain pdp ctx originating the recovery");
+int gtp_set_cb_recovery2(struct gsn_t *gsn,
+			int (*cb) (struct sockaddr_in * peer,
+				   struct pdp_t * pdp,
 				   uint8_t recovery));
 
 /* Internal functions (not part of the API */

lib/Makefile.am

@@ -1,7 +1,12 @@
 noinst_LIBRARIES = libmisc.a
 
-noinst_HEADERS = gnugetopt.h ippool.h lookup.h syserr.h tun.h in46_addr.h
+noinst_HEADERS = gnugetopt.h ippool.h lookup.h syserr.h tun.h in46_addr.h netdev.h gtp-kernel.h
 
 AM_CFLAGS = -O2 -fno-builtin -Wall -DSBINDIR='"$(sbindir)"' -ggdb $(LIBOSMOCORE_CFLAGS)
 
-libmisc_a_SOURCES = getopt1.c getopt.c ippool.c lookup.c tun.c debug.c in46_addr.c
+libmisc_a_SOURCES = getopt1.c getopt.c ippool.c lookup.c tun.c debug.c in46_addr.c netdev.c
+
+if ENABLE_GTP_KERNEL
+AM_CFLAGS += -DGTP_KERNEL $(LIBGTPNL_CFLAGS)
+libmisc_a_SOURCES += gtp-kernel.c
+endif

lib/gtp-kernel.c

@@ -77,56 +77,20 @@ static int gtp_kernel_init_once(void)
 	return 0;
 }
 
-int gtp_kernel_init(struct gsn_t *gsn, const char *devname, struct in46_prefix *prefix, const char *ipup)
+int gtp_kernel_create(int dest_ns, const char *devname, int fd0, int fd1u)
 {
-	struct in_addr net;
-	const char *net_arg;
-
-	if (!gtp_nl.nl)
-		gtp_kernel_init_once();
-
-	if (prefix->addr.len != 4) {
-		LOGP(DGGSN, LOGL_ERROR, "we only support IPv4 in this path :/");
+	if (gtp_kernel_init_once() < 0)
 		return -1;
-	}
-	net = prefix->addr.v4;
 
-	if (gtp_dev_create(-1, devname, gsn->fd0, gsn->fd1u) < 0) {
-		LOGP(DGGSN, LOGL_ERROR, "cannot create GTP tunnel device: %s\n",
-			strerror(errno));
+	return gtp_dev_create(dest_ns, devname, fd0, fd1u);
+}
+
+int gtp_kernel_create_sgsn(int dest_ns, const char *devname, int fd0, int fd1u)
+{
+	if (gtp_kernel_init_once() < 0)
 		return -1;
-	}
 
-	net_arg = in46p_ntoa(prefix);
-
-	DEBUGP(DGGSN, "Setting route to reach %s via %s\n", net_arg, devname);
-
-	if (gtp_dev_config(devname, &net, prefix->prefixlen) < 0) {
-		LOGP(DGGSN, LOGL_ERROR, "Cannot add route to reach network %s\n", net_arg);
-	}
-
-	/* launch script if it is set to bring up the route to reach
-	 * the MS, eg. ip ro add 10.0.0.0/8 dev gtp0. Better add this
-	 * using native rtnetlink interface given that we know the
-	 * MS network mask, later.
-	 */
-	if (ipup) {
-		char cmd[1024];
-		int err;
-
-		/* eg. /home/ggsn/ipup gtp0 10.0.0.0/8 */
-		snprintf(cmd, sizeof(cmd), "%s %s %s", ipup, devname, net_arg);
-		cmd[sizeof(cmd)-1] = '\0';
-
-		err = system(cmd);
-		if (err < 0) {
-			LOGP(DGGSN, LOGL_ERROR, "Failed to launch script `%s'\n", ipup);
-			return -1;
-		}
-	}
-	LOGP(DGGSN, LOGL_NOTICE, "GTP kernel configured\n");
-
-	return 0;
+	return gtp_dev_create_sgsn(dest_ns, devname, fd0, fd1u);
 }
 
 void gtp_kernel_stop(const char *devname)

lib/gtp-kernel.h

@@ -7,18 +7,20 @@ extern int debug;
 extern char *ipup;
 
 #ifdef GTP_KERNEL
-int gtp_kernel_init(struct gsn_t *gsn, const char *devname, struct in46_prefix *prefix, const char *ipup);
+int gtp_kernel_create(int dest_ns, const char *devname, int fd0, int fd1u);
+int gtp_kernel_create_sgsn(int dest_ns, const char *devname, int fd0, int fd1u);
 void gtp_kernel_stop(const char *devname);
 
 int gtp_kernel_tunnel_add(struct pdp_t *pdp, const char *devname);
 int gtp_kernel_tunnel_del(struct pdp_t *pdp, const char *devname);
 
 #else
-static inline int gtp_kernel_init(struct gsn_t *gsn, const char *devname, struct in46_prefix *prefix, const char *ipup)
+static inline int gtp_kernel_create(int dest_ns, const char *devname, int fd0, int fd1u)
 {
 	SYS_ERR(DGGSN, LOGL_ERROR, 0, "ggsn compiled without GTP kernel support!\n");
 	return -1;
 }
+#define gtp_kernel_create_sgsn gtp_kernel_create
 
 static inline void gtp_kernel_stop(const char *devname) {}
 

lib/netdev.c

@@ -0,0 +1,727 @@
+/*
+ * TUN interface functions.
+ * Copyright (C) 2002, 2003, 2004 Mondru AB.
+ * Copyright (C) 2017-2018 by Harald Welte <laforge@gnumonks.org>
+ *
+ * The contents of this file may be used under the terms of the GNU
+ * General Public License Version 2, provided that the above copyright
+ * notice and this permission notice is included in all copies or
+ * substantial portions of the software.
+ *
+ */
+
+/*
+ * netdev.c: Contains generic network device related functionality.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <unistd.h>
+#include <string.h>
+#include <errno.h>
+#include <fcntl.h>
+
+#include <stdio.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/time.h>
+#include <sys/ioctl.h>
+#include <sys/socket.h>
+#include <errno.h>
+#include <net/route.h>
+#include <net/if.h>
+
+#if defined(__linux__)
+#include <linux/netlink.h>
+#include <linux/rtnetlink.h>
+
+#elif defined (__FreeBSD__)
+#include <net/if_var.h>
+#include <netinet/in_var.h>
+
+#elif defined (__APPLE__)
+#include <net/if.h>
+
+#else
+#error  "Unknown platform!"
+#endif
+
+#include "netdev.h"
+#include "syserr.h"
+
+#if defined(__linux__)
+
+#include <linux/ipv6.h>
+
+static int netdev_nlattr(struct nlmsghdr *n, int nsize, int type, void *d, int dlen)
+{
+	int len = RTA_LENGTH(dlen);
+	int alen = NLMSG_ALIGN(n->nlmsg_len);
+	struct rtattr *rta = (struct rtattr *)(((void *)n) + alen);
+	if (alen + len > nsize)
+		return -1;
+	rta->rta_len = len;
+	rta->rta_type = type;
+	memcpy(RTA_DATA(rta), d, dlen);
+	n->nlmsg_len = alen + len;
+	return 0;
+}
+#endif
+
+static int netdev_sifflags(const char *devname, int flags)
+{
+	struct ifreq ifr;
+	int fd;
+
+	memset(&ifr, '\0', sizeof(ifr));
+	ifr.ifr_flags = flags;
+	strncpy(ifr.ifr_name, devname, IFNAMSIZ);
+	ifr.ifr_name[IFNAMSIZ - 1] = 0;	/* Make sure to terminate */
+	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
+		return -1;
+	}
+	if (ioctl(fd, SIOCSIFFLAGS, &ifr)) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno,
+			"ioctl(SIOCSIFFLAGS) failed");
+		close(fd);
+		return -1;
+	}
+	close(fd);
+	return 0;
+}
+
+int netdev_setaddr4(const char *devname, struct in_addr *addr,
+		    struct in_addr *dstaddr, struct in_addr *netmask)
+{
+	struct ifreq ifr;
+	int fd;
+
+	memset(&ifr, '\0', sizeof(ifr));
+	ifr.ifr_addr.sa_family = AF_INET;
+	ifr.ifr_dstaddr.sa_family = AF_INET;
+
+#if defined(__linux__)
+	ifr.ifr_netmask.sa_family = AF_INET;
+#elif defined(__FreeBSD__) || defined (__APPLE__)
+	((struct sockaddr_in *)&ifr.ifr_addr)->sin_len =
+	    sizeof(struct sockaddr_in);
+	((struct sockaddr_in *)&ifr.ifr_dstaddr)->sin_len =
+	    sizeof(struct sockaddr_in);
+#endif
+
+	strncpy(ifr.ifr_name, devname, IFNAMSIZ);
+	ifr.ifr_name[IFNAMSIZ - 1] = 0;	/* Make sure to terminate */
+
+	/* Create a channel to the NET kernel. */
+	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
+		return -1;
+	}
+
+	if (addr) {		/* Set the interface address */
+		memcpy(&((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr, addr,
+		       sizeof(*addr));
+		if (ioctl(fd, SIOCSIFADDR, (void *)&ifr) < 0) {
+			if (errno != EEXIST) {
+				SYS_ERR(DTUN, LOGL_ERROR, errno,
+					"ioctl(SIOCSIFADDR) failed");
+			} else {
+				SYS_ERR(DTUN, LOGL_NOTICE, errno,
+					"ioctl(SIOCSIFADDR): Address already exists");
+			}
+			close(fd);
+			return -1;
+		}
+	}
+
+	if (dstaddr) {		/* Set the destination address */
+		memcpy(&((struct sockaddr_in *)&ifr.ifr_dstaddr)->sin_addr,
+		       dstaddr, sizeof(*dstaddr));
+		if (ioctl(fd, SIOCSIFDSTADDR, (caddr_t) & ifr) < 0) {
+			SYS_ERR(DTUN, LOGL_ERROR, errno,
+				"ioctl(SIOCSIFDSTADDR) failed");
+			close(fd);
+			return -1;
+		}
+	}
+
+	if (netmask) {		/* Set the netmask */
+#if defined(__linux__)
+		memcpy(&((struct sockaddr_in *)&ifr.ifr_netmask)->sin_addr,
+		       netmask, sizeof(*netmask));
+#elif defined(__FreeBSD__) || defined (__APPLE__)
+		((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr.s_addr =
+		    netmask->s_addr;
+#endif
+
+		if (ioctl(fd, SIOCSIFNETMASK, (void *)&ifr) < 0) {
+			SYS_ERR(DTUN, LOGL_ERROR, errno,
+				"ioctl(SIOCSIFNETMASK) failed");
+			close(fd);
+			return -1;
+		}
+	}
+
+	close(fd);
+
+	netdev_sifflags(devname, IFF_UP | IFF_RUNNING);
+
+	/* On linux the route to the interface is set automatically
+	   on FreeBSD we have to do this manually */
+#if defined(__FreeBSD__) || defined (__APPLE__)
+	netdev_addroute(dstaddr, addr, &this->netmask);
+#endif
+
+	return 0;
+}
+
+int netdev_setaddr6(const char *devname, struct in6_addr *addr, struct in6_addr *dstaddr,
+		    size_t prefixlen)
+{
+	struct in6_ifreq ifr;
+	int fd;
+
+	memset(&ifr, 0, sizeof(ifr));
+
+#if defined(__linux__)
+	ifr.ifr6_prefixlen = prefixlen;
+	ifr.ifr6_ifindex = if_nametoindex(devname);
+	if (ifr.ifr6_ifindex == 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, 0, "Error getting ifindex for %s\n", devname);
+		return -1;
+	}
+#elif defined(__FreeBSD__) || defined (__APPLE__)
+	strncpy(ifr.ifr_name, devname, IFNAMSIZ);
+#endif
+
+	/* Create a channel to the NET kernel */
+	if ((fd = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, 0, "socket() failed");
+		return -1;
+	}
+
+#if defined(__linux__)
+	if (addr) {
+		memcpy(&ifr.ifr6_addr, addr, sizeof(*addr));
+		if (ioctl(fd, SIOCSIFADDR, (void *) &ifr) < 0) {
+			if (errno != EEXIST) {
+				SYS_ERR(DTUN, LOGL_ERROR, 0, "ioctl(SIOCSIFADDR) failed");
+			} else {
+				SYS_ERR(DTUN, LOGL_NOTICE, 0, "ioctl(SIOCSIFADDR): Address already exists");
+			}
+			close(fd);
+			return -1;
+		}
+	}
+
+#if 0
+	/* FIXME: looks like this is not possible/necessary for IPv6? */
+	if (dstaddr) {
+		memcpy(&ifr.ifr6_addr, dstaddr, sizeof(*dstaddr));
+		if (ioctl(fd, SIOCSIFDSTADDR, (caddr_t *) &ifr) < 0) {
+			SYS_ERR(DTUN, LOGL_ERROR, "ioctl(SIOCSIFDSTADDR) failed");
+			close(fd);
+			return -1;
+		}
+	}
+#endif
+
+#elif defined(__FreeBSD__) || defined (__APPLE__)
+	if (addr)
+		memcpy(&ifr.ifr_ifru.ifru_addr, addr, sizeof(ifr.ifr_ifru.ifru_addr));
+	if (dstaddr)
+		memcpy(&ifr.ifr_ifru.ifru_dstaddr, dstaddr, sizeof(ifr.ifr_ifru.ifru_dstaddr));
+
+	if (ioctl(fd, SIOCSIFADDR_IN6, (struct ifreq *)&ifr) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, 0, "ioctl(SIOCSIFADDR_IN6) failed");
+		close(fd);
+		return -1;
+	}
+#endif
+
+	close(fd);
+
+	netdev_sifflags(devname, IFF_UP | IFF_RUNNING);
+
+	/* On linux the route to the interface is set automatically
+	   on FreeBSD we have to do this manually */
+#if 0	/* FIXME */
+//#if defined(__FreeBSD__) || defined (__APPLE__)
+	netdev_addroute6(dstaddr, addr, prefixlen);
+#endif
+
+	return 0;
+}
+
+int netdev_addaddr4(const char *devname, struct in_addr *addr,
+		    struct in_addr *dstaddr, struct in_addr *netmask)
+{
+	int fd;
+#if defined(__linux__)
+	struct {
+		struct nlmsghdr n;
+		struct ifaddrmsg i;
+		char buf[TUN_NLBUFSIZE];
+	} req;
+
+	struct sockaddr_nl local;
+	socklen_t addr_len;
+	int status;
+
+	struct sockaddr_nl nladdr;
+	struct iovec iov;
+	struct msghdr msg;
+
+	memset(&req, 0, sizeof(req));
+	req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
+	req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE;
+	req.n.nlmsg_type = RTM_NEWADDR;
+	req.i.ifa_family = AF_INET;
+	req.i.ifa_prefixlen = 32;	/* 32 FOR IPv4 */
+	req.i.ifa_flags = 0;
+	req.i.ifa_scope = RT_SCOPE_HOST;	/* TODO or 0 */
+	req.i.ifa_index = if_nametoindex(devname);
+	if (!req.i.ifa_index) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "Unable to get ifindex for %s", devname);
+		return -1;
+	}
+
+	netdev_nlattr(&req.n, sizeof(req), IFA_ADDRESS, addr, sizeof(*addr));
+	if (dstaddr)
+		netdev_nlattr(&req.n, sizeof(req), IFA_LOCAL, dstaddr, sizeof(*dstaddr));
+
+	if ((fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
+		return -1;
+	}
+
+	memset(&local, 0, sizeof(local));
+	local.nl_family = AF_NETLINK;
+	local.nl_groups = 0;
+
+	if (bind(fd, (struct sockaddr *)&local, sizeof(local)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "bind() failed");
+		close(fd);
+		return -1;
+	}
+
+	addr_len = sizeof(local);
+	if (getsockname(fd, (struct sockaddr *)&local, &addr_len) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno,
+			"getsockname() failed");
+		close(fd);
+		return -1;
+	}
+
+	if (addr_len != sizeof(local)) {
+		SYS_ERR(DTUN, LOGL_ERROR, 0,
+			"Wrong address length %d", addr_len);
+		close(fd);
+		return -1;
+	}
+
+	if (local.nl_family != AF_NETLINK) {
+		SYS_ERR(DTUN, LOGL_ERROR, 0,
+			"Wrong address family %d", local.nl_family);
+		close(fd);
+		return -1;
+	}
+
+	iov.iov_base = (void *)&req.n;
+	iov.iov_len = req.n.nlmsg_len;
+
+	msg.msg_name = (void *)&nladdr;
+	msg.msg_namelen = sizeof(nladdr);
+	msg.msg_iov = &iov;
+	msg.msg_iovlen = 1;
+	msg.msg_control = NULL;
+	msg.msg_controllen = 0;
+	msg.msg_flags = 0;
+
+	memset(&nladdr, 0, sizeof(nladdr));
+	nladdr.nl_family = AF_NETLINK;
+	nladdr.nl_pid = 0;
+	nladdr.nl_groups = 0;
+
+	req.n.nlmsg_seq = 0;
+	req.n.nlmsg_flags |= NLM_F_ACK;
+
+	status = sendmsg(fd, &msg, 0);
+	if (status != req.n.nlmsg_len) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "sendmsg() failed, returned %d", status);
+		close(fd);
+		return -1;
+	}
+
+	status = netdev_sifflags(devname, IFF_UP | IFF_RUNNING);
+	if (status == -1) {
+		close(fd);
+		return -1;
+	}
+#elif defined (__FreeBSD__) || defined (__APPLE__)
+	struct ifaliasreq areq;
+
+	memset(&areq, 0, sizeof(areq));
+
+	/* Set up interface name */
+	strncpy(areq.ifra_name, devname, IFNAMSIZ);
+	areq.ifra_name[IFNAMSIZ - 1] = 0;	/* Make sure to terminate */
+
+	((struct sockaddr_in *)&areq.ifra_addr)->sin_family = AF_INET;
+	((struct sockaddr_in *)&areq.ifra_addr)->sin_len =
+	    sizeof(areq.ifra_addr);
+	((struct sockaddr_in *)&areq.ifra_addr)->sin_addr.s_addr = addr->s_addr;
+
+	((struct sockaddr_in *)&areq.ifra_mask)->sin_family = AF_INET;
+	((struct sockaddr_in *)&areq.ifra_mask)->sin_len =
+	    sizeof(areq.ifra_mask);
+	((struct sockaddr_in *)&areq.ifra_mask)->sin_addr.s_addr =
+	    netmask->s_addr;
+
+	/* For some reason FreeBSD uses ifra_broadcast for specifying dstaddr */
+	((struct sockaddr_in *)&areq.ifra_broadaddr)->sin_family = AF_INET;
+	((struct sockaddr_in *)&areq.ifra_broadaddr)->sin_len =
+	    sizeof(areq.ifra_broadaddr);
+	((struct sockaddr_in *)&areq.ifra_broadaddr)->sin_addr.s_addr =
+	    dstaddr->s_addr;
+
+	/* Create a channel to the NET kernel. */
+	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
+		return -1;
+	}
+
+	if (ioctl(fd, SIOCAIFADDR, (void *)&areq) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno,
+			"ioctl(SIOCAIFADDR) failed");
+		close(fd);
+		return -1;
+	}
+#endif
+	close(fd);
+	return 0;
+}
+
+int netdev_addaddr6(const char *devname, struct in6_addr *addr,
+		    struct in6_addr *dstaddr, int prefixlen)
+{
+	int fd;
+#if defined(__linux__)
+	struct {
+		struct nlmsghdr n;
+		struct ifaddrmsg i;
+		char buf[TUN_NLBUFSIZE];
+	} req;
+
+	struct sockaddr_nl local;
+	socklen_t addr_len;
+	int status;
+
+	struct sockaddr_nl nladdr;
+	struct iovec iov;
+	struct msghdr msg;
+
+	memset(&req, 0, sizeof(req));
+	req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
+	req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE;
+	req.n.nlmsg_type = RTM_NEWADDR;
+	req.i.ifa_family = AF_INET6;
+	req.i.ifa_prefixlen = 64;	/* 64 FOR IPv6 */
+	req.i.ifa_flags = 0;
+	req.i.ifa_scope = RT_SCOPE_HOST;	/* TODO or 0 */
+	req.i.ifa_index = if_nametoindex(devname);
+	if (!req.i.ifa_index) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "Unable to get ifindex for %s", devname);
+		return -1;
+	}
+
+	netdev_nlattr(&req.n, sizeof(req), IFA_ADDRESS, addr, sizeof(*addr));
+	if (dstaddr)
+		netdev_nlattr(&req.n, sizeof(req), IFA_LOCAL, dstaddr, sizeof(*dstaddr));
+
+	if ((fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
+		return -1;
+	}
+
+	memset(&local, 0, sizeof(local));
+	local.nl_family = AF_NETLINK;
+	local.nl_groups = 0;
+
+	if (bind(fd, (struct sockaddr *)&local, sizeof(local)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "bind() failed");
+		close(fd);
+		return -1;
+	}
+
+	addr_len = sizeof(local);
+	if (getsockname(fd, (struct sockaddr *)&local, &addr_len) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno,
+			"getsockname() failed");
+		close(fd);
+		return -1;
+	}
+
+	if (addr_len != sizeof(local)) {
+		SYS_ERR(DTUN, LOGL_ERROR, 0,
+			"Wrong address length %d", addr_len);
+		close(fd);
+		return -1;
+	}
+
+	if (local.nl_family != AF_NETLINK) {
+		SYS_ERR(DTUN, LOGL_ERROR, 0,
+			"Wrong address family %d", local.nl_family);
+		close(fd);
+		return -1;
+	}
+
+	iov.iov_base = (void *)&req.n;
+	iov.iov_len = req.n.nlmsg_len;
+
+	msg.msg_name = (void *)&nladdr;
+	msg.msg_namelen = sizeof(nladdr);
+	msg.msg_iov = &iov;
+	msg.msg_iovlen = 1;
+	msg.msg_control = NULL;
+	msg.msg_controllen = 0;
+	msg.msg_flags = 0;
+
+	memset(&nladdr, 0, sizeof(nladdr));
+	nladdr.nl_family = AF_NETLINK;
+	nladdr.nl_pid = 0;
+	nladdr.nl_groups = 0;
+
+	req.n.nlmsg_seq = 0;
+	req.n.nlmsg_flags |= NLM_F_ACK;
+
+	status = sendmsg(fd, &msg, 0);
+	if (status != req.n.nlmsg_len) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "sendmsg() failed, returned %d", status);
+		close(fd);
+		return -1;
+	}
+
+	status = netdev_sifflags(devname, IFF_UP | IFF_RUNNING);
+	if (status == -1) {
+		close(fd);
+		return -1;
+	}
+#elif defined (__FreeBSD__) || defined (__APPLE__)
+	struct ifaliasreq areq;
+
+	memset(&areq, 0, sizeof(areq));
+
+	/* Set up interface name */
+	strncpy(areq.ifra_name, devname, IFNAMSIZ);
+	areq.ifra_name[IFNAMSIZ - 1] = 0;	/* Make sure to terminate */
+
+	((struct sockaddr_in6 *)&areq.ifra_addr)->sin6_family = AF_INET6;
+	((struct sockaddr_in6 *)&areq.ifra_addr)->sin6_len = sizeof(areq.ifra_addr);
+	((struct sockaddr_in6 *)&areq.ifra_addr)->sin6_addr.s6_addr = addr->s6_addr;
+
+	((struct sockaddr_in6 *)&areq.ifra_mask)->sin6_family = AF_INET6;
+	((struct sockaddr_in6 *)&areq.ifra_mask)->sin6_len = sizeof(areq.ifra_mask);
+	((struct sockaddr_in6 *)&areq.ifra_mask)->sin6_addr.s6_addr = netmask->s6_addr;
+
+	/* For some reason FreeBSD uses ifra_broadcast for specifying dstaddr */
+	((struct sockaddr_in6 *)&areq.ifra_broadaddr)->sin6_family = AF_INET6;
+	((struct sockaddr_in6 *)&areq.ifra_broadaddr)->sin6_len = sizeof(areq.ifra_broadaddr);
+	((struct sockaddr_in6 *)&areq.ifra_broadaddr)->sin6_addr.s6_addr = dstaddr->s6_addr;
+
+	/* Create a channel to the NET kernel. */
+	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
+		return -1;
+	}
+
+	if (ioctl(fd, SIOCAIFADDR, (void *)&areq) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno,
+			"ioctl(SIOCAIFADDR) failed");
+		close(fd);
+		return -1;
+	}
+#endif
+	close(fd);
+	return 0;
+}
+
+static int netdev_route(struct in_addr *dst, struct in_addr *gateway, struct in_addr *mask, int delete)
+{
+	int fd;
+#if defined(__linux__)
+	struct rtentry r;
+
+	memset(&r, '\0', sizeof(r));
+	r.rt_flags = RTF_UP | RTF_GATEWAY;	/* RTF_HOST not set */
+
+	/* Create a channel to the NET kernel. */
+	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
+		return -1;
+	}
+
+	r.rt_dst.sa_family = AF_INET;
+	r.rt_gateway.sa_family = AF_INET;
+	r.rt_genmask.sa_family = AF_INET;
+	memcpy(&((struct sockaddr_in *)&r.rt_dst)->sin_addr, dst, sizeof(*dst));
+	memcpy(&((struct sockaddr_in *)&r.rt_gateway)->sin_addr, gateway,
+	       sizeof(*gateway));
+	memcpy(&((struct sockaddr_in *)&r.rt_genmask)->sin_addr, mask,
+	       sizeof(*mask));
+
+	if (delete) {
+		if (ioctl(fd, SIOCDELRT, (void *)&r) < 0) {
+			SYS_ERR(DTUN, LOGL_ERROR, errno,
+				"ioctl(SIOCDELRT) failed");
+			close(fd);
+			return -1;
+		}
+	} else {
+		if (ioctl(fd, SIOCADDRT, (void *)&r) < 0) {
+			SYS_ERR(DTUN, LOGL_ERROR, errno,
+				"ioctl(SIOCADDRT) failed");
+			close(fd);
+			return -1;
+		}
+	}
+#elif defined(__FreeBSD__) || defined (__APPLE__)
+	struct {
+		struct rt_msghdr rt;
+		struct sockaddr_in dst;
+		struct sockaddr_in gate;
+		struct sockaddr_in mask;
+	} req;
+	struct rt_msghdr *rtm;
+
+	if ((fd = socket(AF_ROUTE, SOCK_RAW, 0)) == -1) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
+		return -1;
+	}
+
+	memset(&req, 0x00, sizeof(req));
+
+	rtm = &req.rt;
+
+	rtm->rtm_msglen = sizeof(req);
+	rtm->rtm_version = RTM_VERSION;
+	if (delete) {
+		rtm->rtm_type = RTM_DELETE;
+	} else {
+		rtm->rtm_type = RTM_ADD;
+	}
+	rtm->rtm_flags = RTF_UP | RTF_GATEWAY | RTF_STATIC;	/* TODO */
+	rtm->rtm_addrs = RTA_DST | RTA_GATEWAY | RTA_NETMASK;
+	rtm->rtm_pid = getpid();
+	rtm->rtm_seq = 0044;	/* TODO */
+
+	req.dst.sin_family = AF_INET;
+	req.dst.sin_len = sizeof(req.dst);
+	req.mask.sin_family = AF_INET;
+	req.mask.sin_len = sizeof(req.mask);
+	req.gate.sin_family = AF_INET;
+	req.gate.sin_len = sizeof(req.gate);
+
+	req.dst.sin_addr.s_addr = dst->s_addr;
+	req.mask.sin_addr.s_addr = mask->s_addr;
+	req.gate.sin_addr.s_addr = gateway->s_addr;
+
+	if (write(fd, rtm, rtm->rtm_msglen) < 0) {
+		SYS_ERR(DTUN, LOGL_ERROR, errno, "write() failed");
+		close(fd);
+		return -1;
+	}
+#endif
+	close(fd);
+	return 0;
+}
+
+int netdev_addroute(struct in_addr *dst, struct in_addr *gateway, struct in_addr *mask)
+{
+	return netdev_route(dst, gateway, mask, 0);
+}
+
+int netdev_delroute(struct in_addr *dst, struct in_addr *gateway, struct in_addr *mask)
+{
+	return netdev_route(dst, gateway, mask, 1);
+}
+
+#include <ifaddrs.h>
+
+/*! Obtain the local address of a network device
+ *  \param[in] devname Target device owning the IP
+ *  \param[out] prefix_list List of prefix structures to fill with each IPv4/6 and prefix length found.
+ *  \param[in] prefix_size Amount of elements allowed to be fill in the prefix_list array.
+ *  \param[in] flags Specify which kind of IP to look for: IP_TYPE_IPv4, IP_TYPE_IPv6_LINK, IP_TYPE_IPv6_NONLINK
+ *  \returns The number of ips found following the criteria specified by flags, -1 on error.
+ *
+ * This function will fill prefix_list with up to prefix_size IPs following the
+ * criteria specified by flags parameter. It returns the number of IPs matching
+ * the criteria. As a result, the number returned can be bigger than
+ * prefix_size. It can be used with prefix_size=0 to get an estimate of the size
+ * needed for prefix_list.
+ */
+int netdev_ip_local_get(const char *devname, struct in46_prefix *prefix_list, size_t prefix_size, int flags)
+{
+	static const uint8_t ll_prefix[] = { 0xfe,0x80, 0,0, 0,0, 0,0 };
+	struct ifaddrs *ifaddr, *ifa;
+	struct in46_addr netmask;
+	size_t count = 0;
+	bool is_ipv6_ll;
+
+	if (getifaddrs(&ifaddr) == -1) {
+		return -1;
+	}
+
+	for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) {
+		if (ifa->ifa_addr == NULL)
+			continue;
+
+		if (strcmp(ifa->ifa_name, devname))
+			continue;
+
+		if (ifa->ifa_addr->sa_family == AF_INET && (flags & IP_TYPE_IPv4)) {
+			struct sockaddr_in *sin4 = (struct sockaddr_in *) ifa->ifa_addr;
+			struct sockaddr_in *netmask4 = (struct sockaddr_in *) ifa->ifa_netmask;
+
+			if (count < prefix_size) {
+				netmask.len = sizeof(netmask4->sin_addr);
+				netmask.v4 = netmask4->sin_addr;
+				prefix_list[count].addr.len = sizeof(sin4->sin_addr);
+				prefix_list[count].addr.v4 = sin4->sin_addr;
+				prefix_list[count].prefixlen = in46a_netmasklen(&netmask);
+			}
+			count++;
+		}
+
+		if (ifa->ifa_addr->sa_family == AF_INET6 && (flags & IP_TYPE_IPv6)) {
+			struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) ifa->ifa_addr;
+			struct sockaddr_in6 *netmask6 = (struct sockaddr_in6 *) ifa->ifa_netmask;
+
+			is_ipv6_ll = !memcmp(sin6->sin6_addr.s6_addr, ll_prefix, sizeof(ll_prefix));
+			if ((flags & IP_TYPE_IPv6_NONLINK) && is_ipv6_ll)
+				continue;
+			if ((flags & IP_TYPE_IPv6_LINK) && !is_ipv6_ll)
+				continue;
+
+			if (count < prefix_size) {
+				netmask.len = sizeof(netmask6->sin6_addr);
+				netmask.v6 = netmask6->sin6_addr;
+				prefix_list[count].addr.len = sizeof(sin6->sin6_addr);
+				prefix_list[count].addr.v6 = sin6->sin6_addr;
+				prefix_list[count].prefixlen = in46a_netmasklen(&netmask);
+			}
+			count++;
+		}
+	}
+
+	freeifaddrs(ifaddr);
+	return count;
+}

lib/netdev.h

@@ -0,0 +1,72 @@
+#pragma once
+/*
+ * TUN interface functions.
+ * Copyright (C) 2002, 2003 Mondru AB.
+ * Copyright (C) 2017-2018 by Harald Welte <laforge@gnumonks.org>
+ *
+ * The contents of this file may be used under the terms of the GNU
+ * General Public License Version 2, provided that the above copyright
+ * notice and this permission notice is included in all copies or
+ * substantial portions of the software.
+ *
+ */
+
+#include <net/if.h>
+
+#include "../lib/in46_addr.h"
+
+#define TUN_NLBUFSIZE   1024
+
+#include "config.h"
+
+/* ipv6 ip type flags for tun_ipv6_local_get() */
+enum {
+	IP_TYPE_IPv4 = 1,
+	IP_TYPE_IPv6_LINK = 2,
+	IP_TYPE_IPv6_NONLINK = 4,
+};
+#define IP_TYPE_IPv6 (IP_TYPE_IPv6_LINK | IP_TYPE_IPv6_NONLINK)
+
+
+#ifndef HAVE_IPHDR
+struct iphdr
+  {
+#if __BYTE_ORDER == __LITTLE_ENDIAN
+    unsigned int ihl:4;
+    unsigned int version:4;
+#elif __BYTE_ORDER == __BIG_ENDIAN
+    unsigned int version:4;
+    unsigned int ihl:4;
+#else
+# error	"Please fix <bits/endian.h>"
+#endif
+    u_int8_t tos;
+    u_int16_t tot_len;
+    u_int16_t id;
+    u_int16_t frag_off;
+    u_int8_t ttl;
+    u_int8_t protocol;
+    u_int16_t check;
+    u_int32_t saddr;
+    u_int32_t daddr;
+    /*The options start here. */
+  };
+#endif /* !HAVE_IPHDR */
+
+extern int netdev_setaddr4(const char *devname, struct in_addr *addr,
+			   struct in_addr *dstaddr, struct in_addr *netmask);
+
+extern int netdev_setaddr6(const char *devname, struct in6_addr *addr, struct in6_addr *dstaddr,
+			   size_t prefixlen);
+
+extern int netdev_addaddr4(const char *devname, struct in_addr *addr,
+			   struct in_addr *dstaddr, struct in_addr *netmask);
+
+extern int netdev_addaddr6(const char *devname, struct in6_addr *addr,
+			   struct in6_addr *dstaddr, int prefixlen);
+
+extern int netdev_addroute(struct in_addr *dst, struct in_addr *gateway, struct in_addr *mask);
+extern int netdev_delroute(struct in_addr *dst, struct in_addr *gateway, struct in_addr *mask);
+
+extern int netdev_ip_local_get(const char *devname, struct in46_prefix *prefix_list,
+				size_t prefix_size, int flags);

lib/tun.c

@@ -1,7 +1,7 @@
 /*
  * TUN interface functions.
  * Copyright (C) 2002, 2003, 2004 Mondru AB.
- * Copyright (C) 2017 by Harald Welte <laforge@gnumonks.org>
+ * Copyright (C) 2017-2018 by Harald Welte <laforge@gnumonks.org>
  *
  * The contents of this file may be used under the terms of the GNU
  * General Public License Version 2, provided that the above copyright
@@ -19,6 +19,7 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <stdbool.h>
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
@@ -42,8 +43,6 @@
 
 #if defined(__linux__)
 #include <linux/if_tun.h>
-#include <linux/netlink.h>
-#include <linux/rtnetlink.h>
 
 #elif defined (__FreeBSD__)
 #include <net/if_tun.h>
@@ -59,575 +58,81 @@
 
 #include "tun.h"
 #include "syserr.h"
-
-#if defined(__linux__)
-
-#include <linux/ipv6.h>
-
-static int tun_nlattr(struct nlmsghdr *n, int nsize, int type, void *d, int dlen)
-{
-	int len = RTA_LENGTH(dlen);
-	int alen = NLMSG_ALIGN(n->nlmsg_len);
-	struct rtattr *rta = (struct rtattr *)(((void *)n) + alen);
-	if (alen + len > nsize)
-		return -1;
-	rta->rta_len = len;
-	rta->rta_type = type;
-	memcpy(RTA_DATA(rta), d, dlen);
-	n->nlmsg_len = alen + len;
-	return 0;
-}
-#endif
-
-static int tun_sifflags(struct tun_t *this, int flags)
-{
-	struct ifreq ifr;
-	int fd;
-
-	memset(&ifr, '\0', sizeof(ifr));
-	ifr.ifr_flags = flags;
-	strncpy(ifr.ifr_name, this->devname, IFNAMSIZ);
-	ifr.ifr_name[IFNAMSIZ - 1] = 0;	/* Make sure to terminate */
-	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
-		return -1;
-	}
-	if (ioctl(fd, SIOCSIFFLAGS, &ifr)) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno,
-			"ioctl(SIOCSIFFLAGS) failed");
-		close(fd);
-		return -1;
-	}
-	close(fd);
-	return 0;
-}
+#include "gtp-kernel.h"
 
 static int tun_setaddr4(struct tun_t *this, struct in_addr *addr,
 			struct in_addr *dstaddr, struct in_addr *netmask)
 {
-	struct ifreq ifr;
-	int fd;
+	int rc;
+	rc = netdev_setaddr4(this->devname, addr, dstaddr, netmask);
+	if (rc < 0)
+		return rc;
 
-	memset(&ifr, '\0', sizeof(ifr));
-	ifr.ifr_addr.sa_family = AF_INET;
-	ifr.ifr_dstaddr.sa_family = AF_INET;
-
-#if defined(__linux__)
-	ifr.ifr_netmask.sa_family = AF_INET;
-
-#elif defined(__FreeBSD__) || defined (__APPLE__)
-	((struct sockaddr_in *)&ifr.ifr_addr)->sin_len =
-	    sizeof(struct sockaddr_in);
-	((struct sockaddr_in *)&ifr.ifr_dstaddr)->sin_len =
-	    sizeof(struct sockaddr_in);
-#endif
-
-	strncpy(ifr.ifr_name, this->devname, IFNAMSIZ);
-	ifr.ifr_name[IFNAMSIZ - 1] = 0;	/* Make sure to terminate */
-
-	/* Create a channel to the NET kernel. */
-	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
-		return -1;
-	}
-
-	if (addr) {		/* Set the interface address */
+	if (addr)
 		this->addr.s_addr = addr->s_addr;
-		memcpy(&((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr, addr,
-		       sizeof(*addr));
-		if (ioctl(fd, SIOCSIFADDR, (void *)&ifr) < 0) {
-			if (errno != EEXIST) {
-				SYS_ERR(DTUN, LOGL_ERROR, errno,
-					"ioctl(SIOCSIFADDR) failed");
-			} else {
-				SYS_ERR(DTUN, LOGL_NOTICE, errno,
-					"ioctl(SIOCSIFADDR): Address already exists");
-			}
-			close(fd);
-			return -1;
-		}
-	}
-
-	if (dstaddr) {		/* Set the destination address */
+	if (dstaddr)
 		this->dstaddr.s_addr = dstaddr->s_addr;
-		memcpy(&((struct sockaddr_in *)&ifr.ifr_dstaddr)->sin_addr,
-		       dstaddr, sizeof(*dstaddr));
-		if (ioctl(fd, SIOCSIFDSTADDR, (caddr_t) & ifr) < 0) {
-			SYS_ERR(DTUN, LOGL_ERROR, errno,
-				"ioctl(SIOCSIFDSTADDR) failed");
-			close(fd);
-			return -1;
-		}
-	}
-
-	if (netmask) {		/* Set the netmask */
+	if (netmask)
 		this->netmask.s_addr = netmask->s_addr;
-#if defined(__linux__)
-		memcpy(&((struct sockaddr_in *)&ifr.ifr_netmask)->sin_addr,
-		       netmask, sizeof(*netmask));
-
-#elif defined(__FreeBSD__) || defined (__APPLE__)
-		((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr.s_addr =
-		    netmask->s_addr;
-#endif
-
-		if (ioctl(fd, SIOCSIFNETMASK, (void *)&ifr) < 0) {
-			SYS_ERR(DTUN, LOGL_ERROR, errno,
-				"ioctl(SIOCSIFNETMASK) failed");
-			close(fd);
-			return -1;
-		}
-	}
-
-	close(fd);
 	this->addrs++;
-
-	/* On linux the route to the interface is set automatically
-	   on FreeBSD we have to do this manually */
-
-	/* TODO: How does it work on Solaris? */
-
-	tun_sifflags(this, IFF_UP | IFF_RUNNING);
-
 #if defined(__FreeBSD__) || defined (__APPLE__)
-	tun_addroute(this, dstaddr, addr, &this->netmask);
 	this->routes = 1;
 #endif
 
-	return 0;
+	return rc;
 }
 
 static int tun_setaddr6(struct tun_t *this, struct in6_addr *addr, struct in6_addr *dstaddr,
 			size_t prefixlen)
 {
-	struct in6_ifreq ifr;
-	int fd;
-
-	memset(&ifr, 0, sizeof(ifr));
-
-#if defined(__linux__)
-	ifr.ifr6_prefixlen = prefixlen;
-	ifr.ifr6_ifindex = if_nametoindex(this->devname);
-	if (ifr.ifr6_ifindex == 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, 0, "Error getting ifindex for %s\n", this->devname);
-		return -1;
-	}
-#elif defined(__FreeBSD__) || defined (__APPLE__)
-	strncpy(ifr.ifr_name, this->devname, IFNAMSIZ);
-#endif
-
-	/* Create a channel to the NET kernel */
-	if ((fd = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, 0, "socket() failed");
-		return -1;
-	}
-
-#if defined(__linux__)
-	if (addr) {
-		memcpy(&ifr.ifr6_addr, addr, sizeof(*addr));
-		if (ioctl(fd, SIOCSIFADDR, (void *) &ifr) < 0) {
-			if (errno != EEXIST) {
-				SYS_ERR(DTUN, LOGL_ERROR, 0, "ioctl(SIOCSIFADDR) failed");
-			} else {
-				SYS_ERR(DTUN, LOGL_NOTICE, 0, "ioctl(SIOCSIFADDR): Address already exists");
-			}
-			close(fd);
-			return -1;
-		}
-	}
-
-#if 0
-	/* FIXME: looks like this is not possible/necessary for IPv6? */
-	if (dstaddr) {
-		memcpy(&this->dstaddr, dstaddr, sizeof(*dstaddr));
-		memcpy(&ifr.ifr6_addr, dstaddr, sizeof(*dstaddr));
-		if (ioctl(fd, SIOCSIFDSTADDR, (caddr_t *) &ifr) < 0) {
-			SYS_ERR(DTUN, LOGL_ERROR, "ioctl(SIOCSIFDSTADDR) failed");
-			close(fd);
-			return -1;
-		}
-	}
-#endif
-
-#elif defined(__FreeBSD__) || defined (__APPLE__)
-	if (addr)
-		memcpy(&ifr.ifr_ifru.ifru_addr, addr, sizeof(ifr.ifr_ifru.ifru_addr));
+	int rc;
+	rc = netdev_setaddr6(this->devname, addr, dstaddr, prefixlen);
+	if (rc < 0)
+		return rc;
 	if (dstaddr)
-		memcpy(&ifr.ifr_ifru.ifru_dstaddr, dstaddr, sizeof(ifr.ifr_ifru.ifru_dstaddr));
-
-	if (ioctl(fd, SIOCSIFADDR_IN6, (struct ifreq *)&ifr) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, 0, "ioctl(SIOCSIFADDR_IN6) failed");
-		close(fd);
-		return -1;
-	}
-#endif
-
-	close(fd);
+		memcpy(&this->dstaddr, dstaddr, sizeof(*dstaddr));
 	this->addrs++;
-
-	/* On linux the route to the interface is set automatically
-	   on FreeBSD we have to do this manually */
-
-	/* TODO: How does it work on Solaris? */
-
-	tun_sifflags(this, IFF_UP | IFF_RUNNING);
-
-#if 0	/* FIXME */
-//#if defined(__FreeBSD__) || defined (__APPLE__)
-	tun_addroute6(this, dstaddr, addr, prefixlen);
+#if defined(__FreeBSD__) || defined (__APPLE__)
 	this->routes = 1;
 #endif
 
-	return 0;
+	return rc;
 }
 
-int tun_setaddr(struct tun_t *this, struct in46_addr *addr, struct in46_addr *dstaddr, size_t prefixlen)
+static int tun_addaddr4(struct tun_t *this, struct in_addr *addr,
+			struct in_addr *dstaddr, struct in_addr *netmask)
 {
-	struct in_addr netmask;
-	switch (addr->len) {
-	case 4:
-		netmask.s_addr = htonl(0xffffffff << (32 - prefixlen));
-		return tun_setaddr4(this, &addr->v4, dstaddr ? &dstaddr->v4 : NULL, &netmask);
-	case 16:
-		return tun_setaddr6(this, &addr->v6, dstaddr ? &dstaddr->v6 : NULL, prefixlen);
-	default:
-		return -1;
-	}
-}
-
-static int tun_addaddr4(struct tun_t *this,
-		struct in_addr *addr,
-		struct in_addr *dstaddr, struct in_addr *netmask)
-{
-
-#if defined(__linux__)
-	struct {
-		struct nlmsghdr n;
-		struct ifaddrmsg i;
-		char buf[TUN_NLBUFSIZE];
-	} req;
-
-	struct sockaddr_nl local;
-	socklen_t addr_len;
-	int fd;
-	int status;
-
-	struct sockaddr_nl nladdr;
-	struct iovec iov;
-	struct msghdr msg;
-
-	if (!this->addrs)	/* Use ioctl for first addr to make ping work */
-		return tun_setaddr4(this, addr, dstaddr, netmask);
-
-	memset(&req, 0, sizeof(req));
-	req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
-	req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE;
-	req.n.nlmsg_type = RTM_NEWADDR;
-	req.i.ifa_family = AF_INET;
-	req.i.ifa_prefixlen = 32;	/* 32 FOR IPv4 */
-	req.i.ifa_flags = 0;
-	req.i.ifa_scope = RT_SCOPE_HOST;	/* TODO or 0 */
-	req.i.ifa_index = if_nametoindex(this->devname);
-	if (!req.i.ifa_index) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "Unable to get ifindex for %s", this->devname);
-		return -1;
-	}
-
-	tun_nlattr(&req.n, sizeof(req), IFA_ADDRESS, addr, sizeof(*addr));
-	if (dstaddr)
-		tun_nlattr(&req.n, sizeof(req), IFA_LOCAL, dstaddr, sizeof(*dstaddr));
-
-	if ((fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
-		return -1;
-	}
-
-	memset(&local, 0, sizeof(local));
-	local.nl_family = AF_NETLINK;
-	local.nl_groups = 0;
-
-	if (bind(fd, (struct sockaddr *)&local, sizeof(local)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "bind() failed");
-		close(fd);
-		return -1;
-	}
-
-	addr_len = sizeof(local);
-	if (getsockname(fd, (struct sockaddr *)&local, &addr_len) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno,
-			"getsockname() failed");
-		close(fd);
-		return -1;
-	}
-
-	if (addr_len != sizeof(local)) {
-		SYS_ERR(DTUN, LOGL_ERROR, 0,
-			"Wrong address length %d", addr_len);
-		close(fd);
-		return -1;
-	}
-
-	if (local.nl_family != AF_NETLINK) {
-		SYS_ERR(DTUN, LOGL_ERROR, 0,
-			"Wrong address family %d", local.nl_family);
-		close(fd);
-		return -1;
-	}
-
-	iov.iov_base = (void *)&req.n;
-	iov.iov_len = req.n.nlmsg_len;
-
-	msg.msg_name = (void *)&nladdr;
-	msg.msg_namelen = sizeof(nladdr);
-	msg.msg_iov = &iov;
-	msg.msg_iovlen = 1;
-	msg.msg_control = NULL;
-	msg.msg_controllen = 0;
-	msg.msg_flags = 0;
-
-	memset(&nladdr, 0, sizeof(nladdr));
-	nladdr.nl_family = AF_NETLINK;
-	nladdr.nl_pid = 0;
-	nladdr.nl_groups = 0;
-
-	req.n.nlmsg_seq = 0;
-	req.n.nlmsg_flags |= NLM_F_ACK;
-
-	status = sendmsg(fd, &msg, 0);
-	if (status != req.n.nlmsg_len) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "sendmsg() failed, returned %d", status);
-		close(fd);
-		return -1;
-	}
-
-	status = tun_sifflags(this, IFF_UP | IFF_RUNNING);
-	if (status == -1) {
-		close(fd);
-		return -1;
-	}
-
-
-	close(fd);
-	this->addrs++;
-	return 0;
-
-#elif defined (__FreeBSD__) || defined (__APPLE__)
-
-	int fd;
-	struct ifaliasreq areq;
+	int rc;
 
 	/* TODO: Is this needed on FreeBSD? */
 	if (!this->addrs)	/* Use ioctl for first addr to make ping work */
 		return tun_setaddr4(this, addr, dstaddr, netmask);	/* TODO dstaddr */
 
-	memset(&areq, 0, sizeof(areq));
+	rc = netdev_addaddr4(this->devname, addr, dstaddr, netmask);
+	if (rc < 0)
+		return rc;
 
-	/* Set up interface name */
-	strncpy(areq.ifra_name, this->devname, IFNAMSIZ);
-	areq.ifra_name[IFNAMSIZ - 1] = 0;	/* Make sure to terminate */
-
-	((struct sockaddr_in *)&areq.ifra_addr)->sin_family = AF_INET;
-	((struct sockaddr_in *)&areq.ifra_addr)->sin_len =
-	    sizeof(areq.ifra_addr);
-	((struct sockaddr_in *)&areq.ifra_addr)->sin_addr.s_addr = addr->s_addr;
-
-	((struct sockaddr_in *)&areq.ifra_mask)->sin_family = AF_INET;
-	((struct sockaddr_in *)&areq.ifra_mask)->sin_len =
-	    sizeof(areq.ifra_mask);
-	((struct sockaddr_in *)&areq.ifra_mask)->sin_addr.s_addr =
-	    netmask->s_addr;
-
-	/* For some reason FreeBSD uses ifra_broadcast for specifying dstaddr */
-	((struct sockaddr_in *)&areq.ifra_broadaddr)->sin_family = AF_INET;
-	((struct sockaddr_in *)&areq.ifra_broadaddr)->sin_len =
-	    sizeof(areq.ifra_broadaddr);
-	((struct sockaddr_in *)&areq.ifra_broadaddr)->sin_addr.s_addr =
-	    dstaddr->s_addr;
-
-	/* Create a channel to the NET kernel. */
-	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
-		return -1;
-	}
-
-	if (ioctl(fd, SIOCAIFADDR, (void *)&areq) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno,
-			"ioctl(SIOCAIFADDR) failed");
-		close(fd);
-		return -1;
-	}
-
-	close(fd);
 	this->addrs++;
-	return 0;
-
-#endif
 
+	return rc;
 }
 
 static int tun_addaddr6(struct tun_t *this,
 		struct in6_addr *addr,
 		struct in6_addr *dstaddr, int prefixlen)
 {
-
-#if defined(__linux__)
-	struct {
-		struct nlmsghdr n;
-		struct ifaddrmsg i;
-		char buf[TUN_NLBUFSIZE];
-	} req;
-
-	struct sockaddr_nl local;
-	socklen_t addr_len;
-	int fd;
-	int status;
-
-	struct sockaddr_nl nladdr;
-	struct iovec iov;
-	struct msghdr msg;
+	int rc;
 
 	if (!this->addrs)	/* Use ioctl for first addr to make ping work */
 		return tun_setaddr6(this, addr, dstaddr, prefixlen);
 
-	memset(&req, 0, sizeof(req));
-	req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
-	req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE;
-	req.n.nlmsg_type = RTM_NEWADDR;
-	req.i.ifa_family = AF_INET6;
-	req.i.ifa_prefixlen = 64;	/* 64 FOR IPv6 */
-	req.i.ifa_flags = 0;
-	req.i.ifa_scope = RT_SCOPE_HOST;	/* TODO or 0 */
-	req.i.ifa_index = if_nametoindex(this->devname);
-	if (!req.i.ifa_index) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "Unable to get ifindex for %s", this->devname);
-		return -1;
-	}
+	rc = netdev_addaddr6(this->devname, addr, dstaddr, prefixlen);
+	if (rc < 0)
+		return rc;
 
-	tun_nlattr(&req.n, sizeof(req), IFA_ADDRESS, addr, sizeof(*addr));
-	if (dstaddr)
-		tun_nlattr(&req.n, sizeof(req), IFA_LOCAL, dstaddr, sizeof(*dstaddr));
-
-	if ((fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
-		return -1;
-	}
-
-	memset(&local, 0, sizeof(local));
-	local.nl_family = AF_NETLINK;
-	local.nl_groups = 0;
-
-	if (bind(fd, (struct sockaddr *)&local, sizeof(local)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "bind() failed");
-		close(fd);
-		return -1;
-	}
-
-	addr_len = sizeof(local);
-	if (getsockname(fd, (struct sockaddr *)&local, &addr_len) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno,
-			"getsockname() failed");
-		close(fd);
-		return -1;
-	}
-
-	if (addr_len != sizeof(local)) {
-		SYS_ERR(DTUN, LOGL_ERROR, 0,
-			"Wrong address length %d", addr_len);
-		close(fd);
-		return -1;
-	}
-
-	if (local.nl_family != AF_NETLINK) {
-		SYS_ERR(DTUN, LOGL_ERROR, 0,
-			"Wrong address family %d", local.nl_family);
-		close(fd);
-		return -1;
-	}
-
-	iov.iov_base = (void *)&req.n;
-	iov.iov_len = req.n.nlmsg_len;
-
-	msg.msg_name = (void *)&nladdr;
-	msg.msg_namelen = sizeof(nladdr);
-	msg.msg_iov = &iov;
-	msg.msg_iovlen = 1;
-	msg.msg_control = NULL;
-	msg.msg_controllen = 0;
-	msg.msg_flags = 0;
-
-	memset(&nladdr, 0, sizeof(nladdr));
-	nladdr.nl_family = AF_NETLINK;
-	nladdr.nl_pid = 0;
-	nladdr.nl_groups = 0;
-
-	req.n.nlmsg_seq = 0;
-	req.n.nlmsg_flags |= NLM_F_ACK;
-
-	status = sendmsg(fd, &msg, 0);
-	if (status != req.n.nlmsg_len) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "sendmsg() failed, returned %d", status);
-		close(fd);
-		return -1;
-	}
-
-	status = tun_sifflags(this, IFF_UP | IFF_RUNNING);
-	if (status == -1) {
-		close(fd);
-		return -1;
-	}
-
-
-	close(fd);
 	this->addrs++;
-	return 0;
-
-#elif defined (__FreeBSD__) || defined (__APPLE__)
-
-	int fd;
-	struct ifaliasreq areq;
-
-	/* TODO: Is this needed on FreeBSD? */
-	if (!this->addrs)	/* Use ioctl for first addr to make ping work */
-		return tun_setaddr6(this, addr, dstaddr, netmask);	/* TODO dstaddr */
-
-	memset(&areq, 0, sizeof(areq));
-
-	/* Set up interface name */
-	strncpy(areq.ifra_name, this->devname, IFNAMSIZ);
-	areq.ifra_name[IFNAMSIZ - 1] = 0;	/* Make sure to terminate */
-
-	((struct sockaddr_in6 *)&areq.ifra_addr)->sin6_family = AF_INET6;
-	((struct sockaddr_in6 *)&areq.ifra_addr)->sin6_len = sizeof(areq.ifra_addr);
-	((struct sockaddr_in6 *)&areq.ifra_addr)->sin6_addr.s6_addr = addr->s6_addr;
-
-	((struct sockaddr_in6 *)&areq.ifra_mask)->sin6_family = AF_INET6;
-	((struct sockaddr_in6 *)&areq.ifra_mask)->sin6_len = sizeof(areq.ifra_mask);
-	((struct sockaddr_in6 *)&areq.ifra_mask)->sin6_addr.s6_addr = netmask->s6_addr;
-
-	/* For some reason FreeBSD uses ifra_broadcast for specifying dstaddr */
-	((struct sockaddr_in6 *)&areq.ifra_broadaddr)->sin6_family = AF_INET6;
-	((struct sockaddr_in6 *)&areq.ifra_broadaddr)->sin6_len = sizeof(areq.ifra_broadaddr);
-	((struct sockaddr_in6 *)&areq.ifra_broadaddr)->sin6_addr.s6_addr = dstaddr->s6_addr;
-
-	/* Create a channel to the NET kernel. */
-	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
-		return -1;
-	}
-
-	if (ioctl(fd, SIOCAIFADDR, (void *)&areq) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno,
-			"ioctl(SIOCAIFADDR) failed");
-		close(fd);
-		return -1;
-	}
-
-	close(fd);
-	this->addrs++;
-	return 0;
-
-#endif
 
+	return rc;
 }
 
 int tun_addaddr(struct tun_t *this, struct in46_addr *addr, struct in46_addr *dstaddr, size_t prefixlen)
@@ -644,122 +149,7 @@ int tun_addaddr(struct tun_t *this, struct in46_addr *addr, struct in46_addr *ds
 	}
 }
 
-static int tun_route(struct tun_t *this,
-	      struct in_addr *dst,
-	      struct in_addr *gateway, struct in_addr *mask, int delete)
-{
-
-#if defined(__linux__)
-
-	struct rtentry r;
-	int fd;
-
-	memset(&r, '\0', sizeof(r));
-	r.rt_flags = RTF_UP | RTF_GATEWAY;	/* RTF_HOST not set */
-
-	/* Create a channel to the NET kernel. */
-	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
-		return -1;
-	}
-
-	r.rt_dst.sa_family = AF_INET;
-	r.rt_gateway.sa_family = AF_INET;
-	r.rt_genmask.sa_family = AF_INET;
-	memcpy(&((struct sockaddr_in *)&r.rt_dst)->sin_addr, dst, sizeof(*dst));
-	memcpy(&((struct sockaddr_in *)&r.rt_gateway)->sin_addr, gateway,
-	       sizeof(*gateway));
-	memcpy(&((struct sockaddr_in *)&r.rt_genmask)->sin_addr, mask,
-	       sizeof(*mask));
-
-	if (delete) {
-		if (ioctl(fd, SIOCDELRT, (void *)&r) < 0) {
-			SYS_ERR(DTUN, LOGL_ERROR, errno,
-				"ioctl(SIOCDELRT) failed");
-			close(fd);
-			return -1;
-		}
-	} else {
-		if (ioctl(fd, SIOCADDRT, (void *)&r) < 0) {
-			SYS_ERR(DTUN, LOGL_ERROR, errno,
-				"ioctl(SIOCADDRT) failed");
-			close(fd);
-			return -1;
-		}
-	}
-	close(fd);
-	return 0;
-
-#elif defined(__FreeBSD__) || defined (__APPLE__)
-
-	struct {
-		struct rt_msghdr rt;
-		struct sockaddr_in dst;
-		struct sockaddr_in gate;
-		struct sockaddr_in mask;
-	} req;
-
-	int fd;
-	struct rt_msghdr *rtm;
-
-	if ((fd = socket(AF_ROUTE, SOCK_RAW, 0)) == -1) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "socket() failed");
-		return -1;
-	}
-
-	memset(&req, 0x00, sizeof(req));
-
-	rtm = &req.rt;
-
-	rtm->rtm_msglen = sizeof(req);
-	rtm->rtm_version = RTM_VERSION;
-	if (delete) {
-		rtm->rtm_type = RTM_DELETE;
-	} else {
-		rtm->rtm_type = RTM_ADD;
-	}
-	rtm->rtm_flags = RTF_UP | RTF_GATEWAY | RTF_STATIC;	/* TODO */
-	rtm->rtm_addrs = RTA_DST | RTA_GATEWAY | RTA_NETMASK;
-	rtm->rtm_pid = getpid();
-	rtm->rtm_seq = 0044;	/* TODO */
-
-	req.dst.sin_family = AF_INET;
-	req.dst.sin_len = sizeof(req.dst);
-	req.mask.sin_family = AF_INET;
-	req.mask.sin_len = sizeof(req.mask);
-	req.gate.sin_family = AF_INET;
-	req.gate.sin_len = sizeof(req.gate);
-
-	req.dst.sin_addr.s_addr = dst->s_addr;
-	req.mask.sin_addr.s_addr = mask->s_addr;
-	req.gate.sin_addr.s_addr = gateway->s_addr;
-
-	if (write(fd, rtm, rtm->rtm_msglen) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "write() failed");
-		close(fd);
-		return -1;
-	}
-	close(fd);
-	return 0;
-#endif
-
-}
-
-int tun_addroute(struct tun_t *this,
-		 struct in_addr *dst,
-		 struct in_addr *gateway, struct in_addr *mask)
-{
-	return tun_route(this, dst, gateway, mask, 0);
-}
-
-int tun_delroute(struct tun_t *this,
-		 struct in_addr *dst,
-		 struct in_addr *gateway, struct in_addr *mask)
-{
-	return tun_route(this, dst, gateway, mask, 1);
-}
-
-int tun_new(struct tun_t **tun, const char *dev_name)
+int tun_new(struct tun_t **tun, const char *dev_name, bool use_kernel, int fd0, int fd1u)
 {
 
 #if defined(__linux__)
@@ -782,31 +172,50 @@ int tun_new(struct tun_t **tun, const char *dev_name)
 	(*tun)->routes = 0;
 
 #if defined(__linux__)
-	/* Open the actual tun device */
-	if (((*tun)->fd = open("/dev/net/tun", O_RDWR)) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "open() failed");
-		goto err_free;
+	if (!use_kernel) {
+		/* Open the actual tun device */
+		if (((*tun)->fd = open("/dev/net/tun", O_RDWR)) < 0) {
+			SYS_ERR(DTUN, LOGL_ERROR, errno, "open() failed");
+			goto err_free;
+		}
+
+		/* Set device flags. For some weird reason this is also the method
+		   used to obtain the network interface name */
+		memset(&ifr, 0, sizeof(ifr));
+		if (dev_name)
+			strcpy(ifr.ifr_name, dev_name);
+		ifr.ifr_flags = IFF_TUN | IFF_NO_PI;	/* Tun device, no packet info */
+		if (ioctl((*tun)->fd, TUNSETIFF, (void *)&ifr) < 0) {
+			SYS_ERR(DTUN, LOGL_ERROR, errno, "ioctl() failed");
+			goto err_close;
+		}
+
+		strncpy((*tun)->devname, ifr.ifr_name, IFNAMSIZ);
+		(*tun)->devname[IFNAMSIZ - 1] = 0;
+
+		ioctl((*tun)->fd, TUNSETNOCSUM, 1);	/* Disable checksums */
+		return 0;
+	} else {
+		strncpy((*tun)->devname, dev_name, IFNAMSIZ);
+		(*tun)->devname[IFNAMSIZ - 1] = 0;
+		(*tun)->fd = -1;
+
+		if (gtp_kernel_create(-1, dev_name, fd0, fd1u) < 0) {
+			LOGP(DTUN, LOGL_ERROR, "cannot create GTP tunnel device: %s\n",
+				strerror(errno));
+			return -1;
+		}
+		LOGP(DTUN, LOGL_NOTICE, "GTP kernel configured\n");
+		return 0;
 	}
 
-	/* Set device flags. For some weird reason this is also the method
-	   used to obtain the network interface name */
-	memset(&ifr, 0, sizeof(ifr));
-	if (dev_name)
-		strcpy(ifr.ifr_name, dev_name);
-	ifr.ifr_flags = IFF_TUN | IFF_NO_PI;	/* Tun device, no packet info */
-	if (ioctl((*tun)->fd, TUNSETIFF, (void *)&ifr) < 0) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "ioctl() failed");
-		goto err_close;
-	}
-
-	strncpy((*tun)->devname, ifr.ifr_name, IFNAMSIZ);
-	(*tun)->devname[IFNAMSIZ - 1] = 0;
-
-	ioctl((*tun)->fd, TUNSETNOCSUM, 1);	/* Disable checksums */
-	return 0;
-
 #elif defined(__FreeBSD__) || defined (__APPLE__)
 
+	if (use_kernel) {
+		LOGP(DTUN, LOGL_ERROR, "No kernel GTP-U support in FreeBSD!\n");
+		return -1;
+	}
+
 	/* Find suitable device */
 	for (devnum = 0; devnum < 255; devnum++) {	/* TODO 255 */
 		snprintf(devname, sizeof(devname), "/dev/tun%d", devnum);
@@ -858,13 +267,17 @@ int tun_free(struct tun_t *tun)
 {
 
 	if (tun->routes) {
-		tun_delroute(tun, &tun->dstaddr, &tun->addr, &tun->netmask);
+		netdev_delroute(&tun->dstaddr, &tun->addr, &tun->netmask);
 	}
 
-	if (close(tun->fd)) {
-		SYS_ERR(DTUN, LOGL_ERROR, errno, "close() failed");
+	if (tun->fd >= 0) {
+		if (close(tun->fd)) {
+			SYS_ERR(DTUN, LOGL_ERROR, errno, "close() failed");
+		}
 	}
 
+	gtp_kernel_stop(tun->devname);
+
 	/* TODO: For solaris we need to unlink streams */
 
 	free(tun);
@@ -925,79 +338,6 @@ int tun_runscript(struct tun_t *tun, char *script)
 	return 0;
 }
 
-#include <ifaddrs.h>
-
-/*! Obtain the local address of a network device
- *  \param[in] devname Target device owning the IP
- *  \param[out] prefix_list List of prefix structures to fill with each IPv4/6 and prefix length found.
- *  \param[in] prefix_size Amount of elements allowed to be fill in the prefix_list array.
- *  \param[in] flags Specify which kind of IP to look for: IP_TYPE_IPv4, IP_TYPE_IPv6_LINK, IP_TYPE_IPv6_NONLINK
- *  \returns The number of ips found following the criteria specified by flags, -1 on error.
- *
- * This function will fill prefix_list with up to prefix_size IPs following the
- * criteria specified by flags parameter. It returns the number of IPs matching
- * the criteria. As a result, the number returned can be bigger than
- * prefix_size. It can be used with prefix_size=0 to get an estimate of the size
- * needed for prefix_list.
- */
-int netdev_ip_local_get(const char *devname, struct in46_prefix *prefix_list, size_t prefix_size, int flags)
-{
-	static const uint8_t ll_prefix[] = { 0xfe,0x80, 0,0, 0,0, 0,0 };
-	struct ifaddrs *ifaddr, *ifa;
-	struct in46_addr netmask;
-	size_t count = 0;
-	bool is_ipv6_ll;
-
-	if (getifaddrs(&ifaddr) == -1) {
-		return -1;
-	}
-
-	for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) {
-		if (ifa->ifa_addr == NULL)
-			continue;
-
-		if (strcmp(ifa->ifa_name, devname))
-			continue;
-
-		if (ifa->ifa_addr->sa_family == AF_INET && (flags & IP_TYPE_IPv4)) {
-			struct sockaddr_in *sin4 = (struct sockaddr_in *) ifa->ifa_addr;
-			struct sockaddr_in *netmask4 = (struct sockaddr_in *) ifa->ifa_netmask;
-
-			if (count < prefix_size) {
-				netmask.len = sizeof(netmask4->sin_addr);
-				netmask.v4 = netmask4->sin_addr;
-				prefix_list[count].addr.len = sizeof(sin4->sin_addr);
-				prefix_list[count].addr.v4 = sin4->sin_addr;
-				prefix_list[count].prefixlen = in46a_netmasklen(&netmask);
-			}
-			count++;
-		}
-
-		if (ifa->ifa_addr->sa_family == AF_INET6 && (flags & IP_TYPE_IPv6)) {
-			struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) ifa->ifa_addr;
-			struct sockaddr_in6 *netmask6 = (struct sockaddr_in6 *) ifa->ifa_netmask;
-
-			is_ipv6_ll = !memcmp(sin6->sin6_addr.s6_addr, ll_prefix, sizeof(ll_prefix));
-			if ((flags & IP_TYPE_IPv6_NONLINK) && is_ipv6_ll)
-				continue;
-			if ((flags & IP_TYPE_IPv6_LINK) && !is_ipv6_ll)
-				continue;
-
-			if (count < prefix_size) {
-				netmask.len = sizeof(netmask6->sin6_addr);
-				netmask.v6 = netmask6->sin6_addr;
-				prefix_list[count].addr.len = sizeof(sin6->sin6_addr);
-				prefix_list[count].addr.v6 = sin6->sin6_addr;
-				prefix_list[count].prefixlen = in46a_netmasklen(&netmask);
-			}
-			count++;
-		}
-	}
-
-	freeifaddrs(ifaddr);
-	return count;
-}
-
 /*! Obtain the local address of the tun device.
  *  \param[in] tun Target device owning the IP
  *  \param[out] prefix_list List of prefix structures to fill with each IPv4/6 and prefix length found.

lib/tun.h

@@ -1,7 +1,7 @@
 /*
  * TUN interface functions.
  * Copyright (C) 2002, 2003 Mondru AB.
- * Copyright (C) 2017 by Harald Welte <laforge@gnumonks.org>
+ * Copyright (C) 2017-2018 by Harald Welte <laforge@gnumonks.org>
  *
  * The contents of this file may be used under the terms of the GNU
  * General Public License Version 2, provided that the above copyright
@@ -13,6 +13,7 @@
 #ifndef _TUN_H
 #define _TUN_H
 
+#include <stdbool.h>
 #include <net/if.h>
 
 #include "../lib/in46_addr.h"
@@ -20,43 +21,9 @@
 #define PACKET_MAX      8196	/* Maximum packet size we receive */
 #define TUN_SCRIPTSIZE   256
 #define TUN_ADDRSIZE     128
-#define TUN_NLBUFSIZE   1024
 
 #include "config.h"
-
-/* ipv6 ip type flags for tun_ipv6_local_get() */
-enum {
-	IP_TYPE_IPv4 = 1,
-	IP_TYPE_IPv6_LINK = 2,
-	IP_TYPE_IPv6_NONLINK = 4,
-};
-#define IP_TYPE_IPv6 (IP_TYPE_IPv6_LINK | IP_TYPE_IPv6_NONLINK)
-
-
-#ifndef HAVE_IPHDR
-struct iphdr
-  {
-#if __BYTE_ORDER == __LITTLE_ENDIAN
-    unsigned int ihl:4;
-    unsigned int version:4;
-#elif __BYTE_ORDER == __BIG_ENDIAN
-    unsigned int version:4;
-    unsigned int ihl:4;
-#else
-# error	"Please fix <bits/endian.h>"
-#endif
-    u_int8_t tos;
-    u_int16_t tot_len;
-    u_int16_t id;
-    u_int16_t frag_off;
-    u_int8_t ttl;
-    u_int8_t protocol;
-    u_int16_t check;
-    u_int32_t saddr;
-    u_int32_t daddr;
-    /*The options start here. */
-  };
-#endif /* !HAVE_IPHDR */
+#include "netdev.h"
 
 /* ***********************************************************
  * Information storage for each tun instance
@@ -75,7 +42,7 @@ struct tun_t {
 	void *priv;
 };
 
-extern int tun_new(struct tun_t **tun, const char *dev_name);
+extern int tun_new(struct tun_t **tun, const char *dev_name, bool use_kernel, int fd0, int fd1u);
 extern int tun_free(struct tun_t *tun);
 extern int tun_decaps(struct tun_t *this);
 extern int tun_encaps(struct tun_t *tun, void *pack, unsigned len);
@@ -83,21 +50,12 @@ extern int tun_encaps(struct tun_t *tun, void *pack, unsigned len);
 extern int tun_addaddr(struct tun_t *this, struct in46_addr *addr,
 		       struct in46_addr *dstaddr, size_t prefixlen);
 
-extern int tun_setaddr(struct tun_t *this, struct in46_addr *our_adr,
-		       struct in46_addr *his_adr, size_t prefixlen);
-
-int tun_addroute(struct tun_t *this, struct in_addr *dst,
-		 struct in_addr *gateway, struct in_addr *mask);
-
 extern int tun_set_cb_ind(struct tun_t *this,
 			  int (*cb_ind) (struct tun_t * tun, void *pack,
 					 unsigned len));
 
 extern int tun_runscript(struct tun_t *tun, char *script);
 
-int netdev_ip_local_get(const char *devname, struct in46_prefix *prefix_list,
-			size_t prefix_size, int flags);
-
 int tun_ip_local_get(const struct tun_t *tun, struct in46_prefix *prefix_list,
 		     size_t prefix_size, int flags);
 

sgsnemu/Makefile.am

@@ -5,5 +5,11 @@ AM_LDFLAGS = @EXEC_LDFLAGS@
 AM_CFLAGS = -O2 -D_GNU_SOURCE -fno-builtin -Wall -DSBINDIR='"$(sbindir)"' -ggdb $(LIBOSMOCORE_CFLAGS)
 
 sgsnemu_LDADD = @EXEC_LDADD@ -lgtp -L../gtp ../lib/libmisc.a $(LIBOSMOCORE_LIBS)
+
+if ENABLE_GTP_KERNEL
+AM_CFLAGS += -DGTP_KERNEL $(LIBGTPNL_CFLAGS)
+sgsnemu_LDADD += $(LIBGTPNL_LIBS)
+endif
+
 sgsnemu_DEPENDENCIES = ../gtp/libgtp.la ../lib/libmisc.a
 sgsnemu_SOURCES = sgsnemu.c cmdline.c cmdline.h

sgsnemu/sgsnemu.c

@@ -1432,12 +1432,11 @@ static int create_pdp_conf(struct pdp_t *pdp, void *cbp, int cause)
 		if (addr.len == 16)
 			prefixlen = 64;
 		/* printf("Setting up interface and routing\n"); */
-		/* FIXME: use tun_addattr() not tun_setaddr() */
-		tun_setaddr(tun, &addr, &addr, prefixlen);
+		tun_addaddr(tun, &addr, &addr, prefixlen);
 		if (options.defaultroute) {
 			struct in_addr rm;
 			rm.s_addr = 0;
-			tun_addroute(tun, &rm, &addr.v4, &rm);
+			netdev_addroute(&rm, &addr.v4, &rm);
 		}
 		if (options.ipup)
 			tun_runscript(tun, options.ipup);
@@ -1572,7 +1571,7 @@ int main(int argc, char **argv)
 	if (options.createif) {
 		printf("Setting up interface\n");
 		/* Create a tunnel interface */
-		if (tun_new((struct tun_t **)&tun, options.tun_dev_name)) {
+		if (tun_new((struct tun_t **)&tun, options.tun_dev_name, false, -1, -1)) {
 			SYS_ERR(DSGSN, LOGL_ERROR, 0,
 				"Failed to create tun");
 			exit(1);
@@ -1588,7 +1587,7 @@ int main(int argc, char **argv)
 		if (options.defaultroute) {
 			struct in_addr rm;
 			rm.s_addr = 0;
-			tun_addroute(tun, &rm, &options.destaddr.v4, &rm);
+			netdev_addroute(&rm, &options.destaddr.v4, &rm);
 		}
 		if (options.ipup)
 			tun_runscript(tun, options.ipup);