pfkey.c revision 1.1.44.1
1 /* $NetBSD: pfkey.c,v 1.1.44.1 2019/08/19 15:56:49 martin Exp $ */ 2 /* $KAME: ipsec.c,v 1.33 2003/07/25 09:54:32 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1983, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 */ 61 62 #include <sys/cdefs.h> 63 #ifndef lint 64 #if 0 65 static char sccsid[] = "from: @(#)inet.c 8.4 (Berkeley) 4/20/94"; 66 #else 67 #ifdef __NetBSD__ 68 __RCSID("$NetBSD: pfkey.c,v 1.1.44.1 2019/08/19 15:56:49 martin Exp $"); 69 #endif 70 #endif 71 #endif /* not lint */ 72 73 #include <sys/param.h> 74 #include <sys/queue.h> 75 #include <sys/socket.h> 76 #include <sys/sysctl.h> 77 78 #ifdef IPSEC 79 #include <netipsec/keysock.h> 80 #endif 81 82 #include <err.h> 83 #include <stdio.h> 84 #include <string.h> 85 #include <unistd.h> 86 #include "netstat.h" 87 #include "prog_ops.h" 88 89 #ifdef IPSEC 90 91 static const char *pfkey_msgtypenames[] = { 92 "reserved", "getspi", "update", "add", "delete", 93 "get", "acquire", "register", "expire", "flush", 94 "dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd", 95 "x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush", 96 "x_spdsetidx", "x_spdexpire", "x_spddelete2" 97 }; 98 99 static const char *pfkey_msgtype_names(int); 100 101 static const char * 102 pfkey_msgtype_names(int x) 103 { 104 const int max = 105 sizeof(pfkey_msgtypenames)/sizeof(pfkey_msgtypenames[0]); 106 static char buf[20]; 107 108 if (x < max && pfkey_msgtypenames[x]) 109 return pfkey_msgtypenames[x]; 110 snprintf(buf, sizeof(buf), "#%d", x); 111 return buf; 112 } 113 114 void 115 pfkey_stats(u_long off, const char *name) 116 { 117 uint64_t pfkeystat[PFKEY_NSTATS]; 118 int first, type; 119 120 if (use_sysctl) { 121 size_t size = sizeof(pfkeystat); 122 123 if (prog_sysctlbyname("net.key.stats", pfkeystat, &size, 124 NULL, 0) == -1) 125 return; 126 } else { 127 warnx("%s stats not available via KVM.", name); 128 return; 129 } 130 131 printf ("%s:\n", name); 132 133 #define p(f, m) if (pfkeystat[f] || sflag <= 1) \ 134 printf(m, (unsigned long long)pfkeystat[f], plural(pfkeystat[f])) 135 136 /* userland -> kernel */ 137 p(PFKEY_STAT_OUT_TOTAL, "\t%llu request%s sent from userland\n"); 138 p(PFKEY_STAT_OUT_BYTES, "\t%llu byte%s sent from userland\n"); 139 for (first = 1, type = 0; type < 256; type++) { 140 if (pfkeystat[PFKEY_STAT_OUT_MSGTYPE + type] == 0) 141 continue; 142 if (first) { 143 printf("\thistogram by message type:\n"); 144 first = 0; 145 } 146 printf("\t\t%s: %llu\n", pfkey_msgtype_names(type), 147 (unsigned long long)pfkeystat[PFKEY_STAT_OUT_MSGTYPE + type]); 148 } 149 p(PFKEY_STAT_OUT_INVLEN, "\t%llu message%s with invalid length field\n"); 150 p(PFKEY_STAT_OUT_INVVER, "\t%llu message%s with invalid version field\n"); 151 p(PFKEY_STAT_OUT_INVMSGTYPE, "\t%llu message%s with invalid message type field\n"); 152 p(PFKEY_STAT_OUT_TOOSHORT, "\t%llu message%s too short\n"); 153 p(PFKEY_STAT_OUT_NOMEM, "\t%llu message%s with memory allocation failure\n"); 154 p(PFKEY_STAT_OUT_DUPEXT, "\t%llu message%s with duplicate extension\n"); 155 p(PFKEY_STAT_OUT_INVEXTTYPE, "\t%llu message%s with invalid extension type\n"); 156 p(PFKEY_STAT_OUT_INVSATYPE, "\t%llu message%s with invalid sa type\n"); 157 p(PFKEY_STAT_OUT_INVADDR, "\t%llu message%s with invalid address extension\n"); 158 159 /* kernel -> userland */ 160 p(PFKEY_STAT_IN_TOTAL, "\t%llu request%s sent to userland\n"); 161 p(PFKEY_STAT_IN_BYTES, "\t%llu byte%s sent to userland\n"); 162 for (first = 1, type = 0; type < 256; type++) { 163 if (pfkeystat[PFKEY_STAT_IN_MSGTYPE + type] == 0) 164 continue; 165 if (first) { 166 printf("\thistogram by message type:\n"); 167 first = 0; 168 } 169 printf("\t\t%s: %llu\n", pfkey_msgtype_names(type), 170 (unsigned long long)pfkeystat[PFKEY_STAT_IN_MSGTYPE + type]); 171 } 172 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_ONE, 173 "\t%llu message%s toward single socket\n"); 174 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_ALL, 175 "\t%llu message%s toward all sockets\n"); 176 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_REGISTERED, 177 "\t%llu message%s toward registered sockets\n"); 178 p(PFKEY_STAT_IN_NOMEM, "\t%llu message%s with memory allocation failure\n"); 179 #undef p 180 } 181 #endif /*IPSEC*/ 182
Indexes created Wed Oct 01 15:09:59 GMT 2025