PERFORCE change 166842 for review

Gabor Pali pgj at FreeBSD.org
Thu Jul 30 22:34:06 UTC 2009 

http://perforce.freebsd.org/chv.cgi?CH=166842

Change 166842 by pgj at petymeg-current on 2009/07/30 22:34:04

	Add support for AH statistics.

Affected files ...

.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat.h#51 edit
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_internal.h#48 edit
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_stat.c#18 edit
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_util.c#56 edit

Differences ...

==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat.h#51 (text+ko) ====

@@ -89,8 +89,10 @@
 #define	NETSTAT_PFKEY_IN_MSGTYPE_MAX	256
 #define NETSTAT_PFKEY_OUT_MSGTYPE_MAX	256
 
-/* ESP: */
+/* IPsec: */
 #define NETSTAT_ESP_HIST_MAX		ESP_ALG_MAX
+#define NETSTAT_AH_HIST_MAX		AH_ALG_MAX
+
 
 /* Enum for TCP states: */
 enum tcp_state {
@@ -156,6 +158,7 @@
 #ifdef IPSEC
     stat_pfkey,
     stat_ESP,
+    stat_AH,
 #endif
     stat_MAX,
     stat_Invalid,
@@ -208,6 +211,7 @@
 #ifdef IPSEC
 struct pfkey_stat;
 struct esp_stat;
+struct ah_stat;
 #endif
 
 __BEGIN_DECLS
@@ -974,5 +978,29 @@
 u_int32_t   netstat_esps_get_crypto(const struct esp_stat *);
 u_int32_t   netstat_esps_get_tunnel(const struct esp_stat *);
 u_int32_t   netstat_esps_get_hist(const struct esp_stat *, int);
+
+const struct ah_stat	*netstat_get_ahstats(const struct stat_type *);
+const char  *netstat_ipsec_ahname(int);
+
+u_int32_t   netstat_ahs_get_hdrops(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_nopf(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_notdb(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_badkcr(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_badauth(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_noxform(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_qfull(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_wrap(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_replay(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_badauthl(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_input(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_output(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_invalid(const struct ah_stat *);
+u_int64_t   netstat_ahs_get_ibytes(const struct ah_stat *);
+u_int64_t   netstat_ahs_get_obytes(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_toobig(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_pdrops(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_crypto(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_tunnel(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_hist(const struct ah_stat *, int);
 #endif /* !IPSEC */
 #endif /* !_NETSTAT_H_ */

==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_internal.h#48 (text+ko) ====

@@ -68,6 +68,7 @@
 #ifdef IPSEC
 #include <netipsec/keysock.h>
 #include <netipsec/esp_var.h>
+#include <netipsec/ah_var.h>
 #endif
 
 #include "netstat.h"
@@ -380,6 +381,10 @@
 struct esp_stat {
 	struct espstat s;
 };
+
+struct ah_stat {
+	struct ahstat s;
+};
 #endif
 
 /* Timestamp type. */

==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_stat.c#18 (text+ko) ====

@@ -89,6 +89,7 @@
 #ifdef IPSEC
 	{ PFKEYSTAT_VERSION, "net.key.stats", "_pfkeystat" },
 	{ ESPSTAT_VERSION, "net.inet.esp.stats", "_espstat" },
+	{ AHSTAT_VERSION, "net.inet.ah.stats", "_ahstat" },
 #endif
 };
 

==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_util.c#56 (text+ko) ====

@@ -1938,6 +1938,40 @@
 #undef ESP_ACC
 #undef ESP_ACC64
 #undef ESP_ACCA
+
+#define AH_ACC(field) \
+    STATS_ACCX(u_int32_t,ah,field,ahs_##field)
+
+#define AH_ACC64(field) \
+    STATS_ACCX(u_int64_t,ah,field,ahs_##field)
+
+#define AH_ACCA(field,size) \
+    STATS_ACCXA(u_int32_t,ah,field,ahs_##field,size)
+
+STATS_GET(ah,AH);
+AH_ACC(hdrops);
+AH_ACC(nopf);
+AH_ACC(notdb);
+AH_ACC(badkcr);
+AH_ACC(badauth);
+AH_ACC(noxform);
+AH_ACC(qfull);
+AH_ACC(wrap);
+AH_ACC(replay);
+AH_ACC(badauthl);
+AH_ACC(input);
+AH_ACC(output);
+AH_ACC(invalid);
+AH_ACC64(ibytes);
+AH_ACC64(obytes);
+AH_ACC(toobig);
+AH_ACC(pdrops);
+AH_ACC(crypto);
+AH_ACC(tunnel);
+AH_ACCA(hist,AH_ALG_MAX);
+#undef AH_ACC
+#undef AH_ACC64
+#undef AH_ACCA
 #endif /* !IPSEC */
 
 static	const char *icmpnames[ICMP_MAXTYPE + 1] = {
@@ -2299,6 +2333,31 @@
 	{ -1, NULL },
 };
 
+static struct val2str ipsec_ahnames[] = {
+	{ SADB_AALG_NONE, "none" },
+	{ SADB_AALG_MD5HMAC, "hmac-md5" },
+	{ SADB_AALG_SHA1HMAC, "hmac-sha1" },
+	{ SADB_X_AALG_MD5, "md5" },
+	{ SADB_X_AALG_SHA, "sha" },
+	{ SADB_X_AALG_NULL, "null" },
+#ifdef SADB_X_AALG_SHA2_256
+	{ SADB_X_AALG_SHA2_256, "hmac-sha2-256" },
+#endif
+#ifdef SADB_X_AALG_SHA2_384
+	{ SADB_X_AALG_SHA2_512, "hmac-sha2-384" },
+#endif
+#ifdef SADB_X_AALG_SHA2_512
+	{ SADB_X_AALG_SHA2_512, "hmac-sha2-512" },
+#endif
+#ifdef SADB_X_AALG_RIPEMD160HMAC
+	{ SADB_X_AALG_RIPEMD160HMAC, "hmac-ripemd160" },
+#endif
+#ifdef SADB_X_AALG_AES_XCBC_MAC
+	{ SADB_X_AALG_AES_XCBC_MAC, "aes-xcbc-mac" },
+#endif
+	{ -1, NULL },
+};
+
 const char *
 resolve_val2str_name(int proto, const struct val2str *name)
 {
@@ -2324,6 +2383,12 @@
 }
 
 const char *
+netstat_ipsec_ahname(int proto)
+{
+	return (resolve_val2str_name(proto, ipsec_ahnames));
+}
+
+const char *
 routename(in_addr_t in, int numeric)
 {
 	char *cp;

More information about the p4-projects mailing list