Merge release-20210419.0-72-g8e40cca4b (automated)

2 files changed, 144 insertions, 25 deletions

diff --git a/pkg/tcpip/network/internal/ip/errors.go b/pkg/tcpip/network/internal/ip/errors.go
new file mode 100644
index 000000000..50fabfd79
--- /dev/null
+++ b/pkg/tcpip/network/internal/ip/errors.go
@@ -0,0 +1,77 @@
+// Copyright 2021 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package ip
+
+import (
+	"fmt"
+
+	"gvisor.dev/gvisor/pkg/tcpip"
+)
+
+// ForwardingError represents an error that occured while trying to forward
+// a packet.
+type ForwardingError interface {
+	isForwardingError()
+	fmt.Stringer
+}
+
+// ErrTTLExceeded indicates that the received packet's TTL has been exceeded.
+type ErrTTLExceeded struct{}
+
+func (*ErrTTLExceeded) isForwardingError() {}
+
+func (*ErrTTLExceeded) String() string { return "ttl exceeded" }
+
+// ErrIPOptProblem indicates the received packet had a problem with an IP
+// option.
+type ErrIPOptProblem struct{}
+
+func (*ErrIPOptProblem) isForwardingError() {}
+
+func (*ErrIPOptProblem) String() string { return "ip option problem" }
+
+// ErrLinkLocalSourceAddress indicates the received packet had a link-local
+// source address.
+type ErrLinkLocalSourceAddress struct{}
+
+func (*ErrLinkLocalSourceAddress) isForwardingError() {}
+
+func (*ErrLinkLocalSourceAddress) String() string { return "link local destination address" }
+
+// ErrLinkLocalDestinationAddress indicates the received packet had a link-local
+// destination address.
+type ErrLinkLocalDestinationAddress struct{}
+
+func (*ErrLinkLocalDestinationAddress) isForwardingError() {}
+
+func (*ErrLinkLocalDestinationAddress) String() string { return "link local destination address" }
+
+// ErrNoRoute indicates the Netstack couldn't find a route for the
+// received packet.
+type ErrNoRoute struct{}
+
+func (*ErrNoRoute) isForwardingError() {}
+
+func (*ErrNoRoute) String() string { return "no route" }
+
+// ErrOther indicates the packet coould not be forwarded for a reason
+// captured by the contained error.
+type ErrOther struct {
+	Err tcpip.Error
+}
+
+func (*ErrOther) isForwardingError() {}
+
+func (e *ErrOther) String() string { return fmt.Sprintf("other tcpip error: %s", e.Err) }
diff --git a/pkg/tcpip/network/internal/ip/stats.go b/pkg/tcpip/network/internal/ip/stats.go
index d06b26309..392f0b0c7 100644
--- a/pkg/tcpip/network/internal/ip/stats.go
+++ b/pkg/tcpip/network/internal/ip/stats.go
@@ -18,73 +18,114 @@ import "gvisor.dev/gvisor/pkg/tcpip"
 
 // LINT.IfChange(MultiCounterIPStats)
 
+// MultiCounterIPForwardingStats holds IP forwarding statistics. Each counter
+// may have several versions.
+type MultiCounterIPForwardingStats struct {
+	// Unrouteable is the number of IP packets received which were dropped
+	// because the netstack could not construct a route to their
+	// destination.
+	Unrouteable tcpip.MultiCounterStat
+
+	// ExhaustedTTL is the number of IP packets received which were dropped
+	// because their TTL was exhausted.
+	ExhaustedTTL tcpip.MultiCounterStat
+
+	// LinkLocalSource is the number of IP packets which were dropped
+	// because they contained a link-local source address.
+	LinkLocalSource tcpip.MultiCounterStat
+
+	// LinkLocalDestination is the number of IP packets which were dropped
+	// because they contained a link-local destination address.
+	LinkLocalDestination tcpip.MultiCounterStat
+
+	// Errors is the number of IP packets received which could not be
+	// successfully forwarded.
+	Errors tcpip.MultiCounterStat
+}
+
 // MultiCounterIPStats holds IP statistics, each counter may have several
 // versions.
 type MultiCounterIPStats struct {
-	// PacketsReceived is the number of IP packets received from the link layer.
+	// PacketsReceived is the number of IP packets received from the link
+	// layer.
 	PacketsReceived tcpip.MultiCounterStat
 
-	// DisabledPacketsReceived is the number of IP packets received from the link
-	// layer when the IP layer is disabled.
+	// DisabledPacketsReceived is the number of IP packets received from
+	// the link layer when the IP layer is disabled.
 	DisabledPacketsReceived tcpip.MultiCounterStat
 
-	// InvalidDestinationAddressesReceived is the number of IP packets received
-	// with an unknown or invalid destination address.
+	// InvalidDestinationAddressesReceived is the number of IP packets
+	// received with an unknown or invalid destination address.
 	InvalidDestinationAddressesReceived tcpip.MultiCounterStat
 
-	// InvalidSourceAddressesReceived is the number of IP packets received with a
-	// source address that should never have been received on the wire.
+	// InvalidSourceAddressesReceived is the number of IP packets received
+	// with a source address that should never have been received on the
+	// wire.
 	InvalidSourceAddressesReceived tcpip.MultiCounterStat
 
-	// PacketsDelivered is the number of incoming IP packets that are successfully
-	// delivered to the transport layer.
+	// PacketsDelivered is the number of incoming IP packets that are
+	// successfully delivered to the transport layer.
 	PacketsDelivered tcpip.MultiCounterStat
 
 	// PacketsSent is the number of IP packets sent via WritePacket.
 	PacketsSent tcpip.MultiCounterStat
 
-	// OutgoingPacketErrors is the number of IP packets which failed to write to a
-	// link-layer endpoint.
+	// OutgoingPacketErrors is the number of IP packets which failed to
+	// write to a link-layer endpoint.
 	OutgoingPacketErrors tcpip.MultiCounterStat
 
-	// MalformedPacketsReceived is the number of IP Packets that were dropped due
-	// to the IP packet header failing validation checks.
+	// MalformedPacketsReceived is the number of IP Packets that were
+	// dropped due to the IP packet header failing validation checks.
 	MalformedPacketsReceived tcpip.MultiCounterStat
 
-	// MalformedFragmentsReceived is the number of IP Fragments that were dropped
-	// due to the fragment failing validation checks.
+	// MalformedFragmentsReceived is the number of IP Fragments that were
+	// dropped due to the fragment failing validation checks.
 	MalformedFragmentsReceived tcpip.MultiCounterStat
 
 	// IPTablesPreroutingDropped is the number of IP packets dropped in the
 	// Prerouting chain.
 	IPTablesPreroutingDropped tcpip.MultiCounterStat
 
-	// IPTablesInputDropped is the number of IP packets dropped in the Input
-	// chain.
+	// IPTablesInputDropped is the number of IP packets dropped in the
+	// Input chain.
 	IPTablesInputDropped tcpip.MultiCounterStat
 
-	// IPTablesOutputDropped is the number of IP packets dropped in the Output
-	// chain.
+	// IPTablesOutputDropped is the number of IP packets dropped in the
+	// Output chain.
 	IPTablesOutputDropped tcpip.MultiCounterStat
 
-	// IPTablesPostroutingDropped is the number of IP packets dropped in the
-	// Postrouting chain.
+	// IPTablesPostroutingDropped is the number of IP packets dropped in
+	// the Postrouting chain.
 	IPTablesPostroutingDropped tcpip.MultiCounterStat
 
-	// TODO(https://gvisor.dev/issues/5529): Move the IPv4-only option stats out
-	// of IPStats.
+	// TODO(https://gvisor.dev/issues/5529): Move the IPv4-only option
+	// stats out of IPStats.
 
 	// OptionTimestampReceived is the number of Timestamp options seen.
 	OptionTimestampReceived tcpip.MultiCounterStat
 
-	// OptionRecordRouteReceived is the number of Record Route options seen.
+	// OptionRecordRouteReceived is the number of Record Route options
+	// seen.
 	OptionRecordRouteReceived tcpip.MultiCounterStat
 
-	// OptionRouterAlertReceived is the number of Router Alert options seen.
+	// OptionRouterAlertReceived is the number of Router Alert options
+	// seen.
 	OptionRouterAlertReceived tcpip.MultiCounterStat
 
 	// OptionUnknownReceived is the number of unknown IP options seen.
 	OptionUnknownReceived tcpip.MultiCounterStat
+
+	// Forwarding collects stats related to IP forwarding.
+	Forwarding MultiCounterIPForwardingStats
+}
+
+// Init sets internal counters to track a and b counters.
+func (m *MultiCounterIPForwardingStats) Init(a, b *tcpip.IPForwardingStats) {
+	m.Unrouteable.Init(a.Unrouteable, b.Unrouteable)
+	m.Errors.Init(a.Errors, b.Errors)
+	m.LinkLocalSource.Init(a.LinkLocalSource, b.LinkLocalSource)
+	m.LinkLocalDestination.Init(a.LinkLocalDestination, b.LinkLocalDestination)
+	m.ExhaustedTTL.Init(a.ExhaustedTTL, b.ExhaustedTTL)
 }
 
 // Init sets internal counters to track a and b counters.
@@ -106,6 +147,7 @@ func (m *MultiCounterIPStats) Init(a, b *tcpip.IPStats) {
 	m.OptionRecordRouteReceived.Init(a.OptionRecordRouteReceived, b.OptionRecordRouteReceived)
 	m.OptionRouterAlertReceived.Init(a.OptionRouterAlertReceived, b.OptionRouterAlertReceived)
 	m.OptionUnknownReceived.Init(a.OptionUnknownReceived, b.OptionUnknownReceived)
+	m.Forwarding.Init(&a.Forwarding, &b.Forwarding)
 }
 
 // LINT.ThenChange(:MultiCounterIPStats, ../../../tcpip.go:IPStats)