PERFORCE change 166842 for review
Gabor Pali
pgj at FreeBSD.org
Thu Jul 30 22:34:06 UTC 2009
http://perforce.freebsd.org/chv.cgi?CH=166842
Change 166842 by pgj at petymeg-current on 2009/07/30 22:34:04
Add support for AH statistics.
Affected files ...
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat.h#51 edit
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_internal.h#48 edit
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_stat.c#18 edit
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_util.c#56 edit
Differences ...
==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat.h#51 (text+ko) ====
@@ -89,8 +89,10 @@
#define NETSTAT_PFKEY_IN_MSGTYPE_MAX 256
#define NETSTAT_PFKEY_OUT_MSGTYPE_MAX 256
-/* ESP: */
+/* IPsec: */
#define NETSTAT_ESP_HIST_MAX ESP_ALG_MAX
+#define NETSTAT_AH_HIST_MAX AH_ALG_MAX
+
/* Enum for TCP states: */
enum tcp_state {
@@ -156,6 +158,7 @@
#ifdef IPSEC
stat_pfkey,
stat_ESP,
+ stat_AH,
#endif
stat_MAX,
stat_Invalid,
@@ -208,6 +211,7 @@
#ifdef IPSEC
struct pfkey_stat;
struct esp_stat;
+struct ah_stat;
#endif
__BEGIN_DECLS
@@ -974,5 +978,29 @@
u_int32_t netstat_esps_get_crypto(const struct esp_stat *);
u_int32_t netstat_esps_get_tunnel(const struct esp_stat *);
u_int32_t netstat_esps_get_hist(const struct esp_stat *, int);
+
+const struct ah_stat *netstat_get_ahstats(const struct stat_type *);
+const char *netstat_ipsec_ahname(int);
+
+u_int32_t netstat_ahs_get_hdrops(const struct ah_stat *);
+u_int32_t netstat_ahs_get_nopf(const struct ah_stat *);
+u_int32_t netstat_ahs_get_notdb(const struct ah_stat *);
+u_int32_t netstat_ahs_get_badkcr(const struct ah_stat *);
+u_int32_t netstat_ahs_get_badauth(const struct ah_stat *);
+u_int32_t netstat_ahs_get_noxform(const struct ah_stat *);
+u_int32_t netstat_ahs_get_qfull(const struct ah_stat *);
+u_int32_t netstat_ahs_get_wrap(const struct ah_stat *);
+u_int32_t netstat_ahs_get_replay(const struct ah_stat *);
+u_int32_t netstat_ahs_get_badauthl(const struct ah_stat *);
+u_int32_t netstat_ahs_get_input(const struct ah_stat *);
+u_int32_t netstat_ahs_get_output(const struct ah_stat *);
+u_int32_t netstat_ahs_get_invalid(const struct ah_stat *);
+u_int64_t netstat_ahs_get_ibytes(const struct ah_stat *);
+u_int64_t netstat_ahs_get_obytes(const struct ah_stat *);
+u_int32_t netstat_ahs_get_toobig(const struct ah_stat *);
+u_int32_t netstat_ahs_get_pdrops(const struct ah_stat *);
+u_int32_t netstat_ahs_get_crypto(const struct ah_stat *);
+u_int32_t netstat_ahs_get_tunnel(const struct ah_stat *);
+u_int32_t netstat_ahs_get_hist(const struct ah_stat *, int);
#endif /* !IPSEC */
#endif /* !_NETSTAT_H_ */
==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_internal.h#48 (text+ko) ====
@@ -68,6 +68,7 @@
#ifdef IPSEC
#include <netipsec/keysock.h>
#include <netipsec/esp_var.h>
+#include <netipsec/ah_var.h>
#endif
#include "netstat.h"
@@ -380,6 +381,10 @@
struct esp_stat {
struct espstat s;
};
+
+struct ah_stat {
+ struct ahstat s;
+};
#endif
/* Timestamp type. */
==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_stat.c#18 (text+ko) ====
@@ -89,6 +89,7 @@
#ifdef IPSEC
{ PFKEYSTAT_VERSION, "net.key.stats", "_pfkeystat" },
{ ESPSTAT_VERSION, "net.inet.esp.stats", "_espstat" },
+ { AHSTAT_VERSION, "net.inet.ah.stats", "_ahstat" },
#endif
};
==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_util.c#56 (text+ko) ====
@@ -1938,6 +1938,40 @@
#undef ESP_ACC
#undef ESP_ACC64
#undef ESP_ACCA
+
+#define AH_ACC(field) \
+ STATS_ACCX(u_int32_t,ah,field,ahs_##field)
+
+#define AH_ACC64(field) \
+ STATS_ACCX(u_int64_t,ah,field,ahs_##field)
+
+#define AH_ACCA(field,size) \
+ STATS_ACCXA(u_int32_t,ah,field,ahs_##field,size)
+
+STATS_GET(ah,AH);
+AH_ACC(hdrops);
+AH_ACC(nopf);
+AH_ACC(notdb);
+AH_ACC(badkcr);
+AH_ACC(badauth);
+AH_ACC(noxform);
+AH_ACC(qfull);
+AH_ACC(wrap);
+AH_ACC(replay);
+AH_ACC(badauthl);
+AH_ACC(input);
+AH_ACC(output);
+AH_ACC(invalid);
+AH_ACC64(ibytes);
+AH_ACC64(obytes);
+AH_ACC(toobig);
+AH_ACC(pdrops);
+AH_ACC(crypto);
+AH_ACC(tunnel);
+AH_ACCA(hist,AH_ALG_MAX);
+#undef AH_ACC
+#undef AH_ACC64
+#undef AH_ACCA
#endif /* !IPSEC */
static const char *icmpnames[ICMP_MAXTYPE + 1] = {
@@ -2299,6 +2333,31 @@
{ -1, NULL },
};
+static struct val2str ipsec_ahnames[] = {
+ { SADB_AALG_NONE, "none" },
+ { SADB_AALG_MD5HMAC, "hmac-md5" },
+ { SADB_AALG_SHA1HMAC, "hmac-sha1" },
+ { SADB_X_AALG_MD5, "md5" },
+ { SADB_X_AALG_SHA, "sha" },
+ { SADB_X_AALG_NULL, "null" },
+#ifdef SADB_X_AALG_SHA2_256
+ { SADB_X_AALG_SHA2_256, "hmac-sha2-256" },
+#endif
+#ifdef SADB_X_AALG_SHA2_384
+ { SADB_X_AALG_SHA2_512, "hmac-sha2-384" },
+#endif
+#ifdef SADB_X_AALG_SHA2_512
+ { SADB_X_AALG_SHA2_512, "hmac-sha2-512" },
+#endif
+#ifdef SADB_X_AALG_RIPEMD160HMAC
+ { SADB_X_AALG_RIPEMD160HMAC, "hmac-ripemd160" },
+#endif
+#ifdef SADB_X_AALG_AES_XCBC_MAC
+ { SADB_X_AALG_AES_XCBC_MAC, "aes-xcbc-mac" },
+#endif
+ { -1, NULL },
+};
+
const char *
resolve_val2str_name(int proto, const struct val2str *name)
{
@@ -2324,6 +2383,12 @@
}
const char *
+netstat_ipsec_ahname(int proto)
+{
+ return (resolve_val2str_name(proto, ipsec_ahnames));
+}
+
+const char *
routename(in_addr_t in, int numeric)
{
char *cp;
More information about the p4-projects
mailing list