1/* $FreeBSD: head/sys/netipsec/ipsec.h 253081 2013-07-09 09:32:06Z ae $ */ |
2/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */ 3 4/*- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 202 unchanged lines hidden (view full) --- 212 * for kernel use. 213 * Note that this id doesn't identify SA 214 * by only itself. 215 */ 216#define IPSEC_REPLAYWSIZE 32 217 218/* statistics for ipsec processing */ 219struct ipsecstat { |
220 uint64_t in_success; /* succeeded inbound process */ 221 uint64_t in_polvio; |
222 /* security policy violation for inbound process */ |
223 uint64_t in_nosa; /* inbound SA is unavailable */ 224 uint64_t in_inval; /* inbound processing failed due to EINVAL */ 225 uint64_t in_nomem; /* inbound processing failed due to ENOBUFS */ 226 uint64_t in_badspi; /* failed getting a SPI */ 227 uint64_t in_ahreplay; /* AH replay check failed */ 228 uint64_t in_espreplay; /* ESP replay check failed */ 229 uint64_t in_ahauthsucc; /* AH authentication success */ 230 uint64_t in_ahauthfail; /* AH authentication failure */ 231 uint64_t in_espauthsucc; /* ESP authentication success */ 232 uint64_t in_espauthfail; /* ESP authentication failure */ 233 uint64_t in_esphist[256]; 234 uint64_t in_ahhist[256]; 235 uint64_t in_comphist[256]; 236 uint64_t out_success; /* succeeded outbound process */ 237 uint64_t out_polvio; |
238 /* security policy violation for outbound process */ |
239 uint64_t out_nosa; /* outbound SA is unavailable */ 240 uint64_t out_inval; /* outbound process failed due to EINVAL */ 241 uint64_t out_nomem; /* inbound processing failed due to ENOBUFS */ 242 uint64_t out_noroute; /* there is no route */ 243 uint64_t out_esphist[256]; 244 uint64_t out_ahhist[256]; 245 uint64_t out_comphist[256]; |
246 |
247 uint64_t spdcachelookup; 248 uint64_t spdcachemiss; |
249 |
250 uint64_t ips_in_polvio; /* input: sec policy violation */ 251 uint64_t ips_out_polvio; /* output: sec policy violation */ 252 uint64_t ips_out_nosa; /* output: SA unavailable */ 253 uint64_t ips_out_nomem; /* output: no memory available */ 254 uint64_t ips_out_noroute; /* output: no route available */ 255 uint64_t ips_out_inval; /* output: generic error */ 256 uint64_t ips_out_bundlesa; /* output: bundled SA processed */ 257 uint64_t ips_mbcoalesced; /* mbufs coalesced during clone */ 258 uint64_t ips_clcoalesced; /* clusters coalesced during clone */ 259 uint64_t ips_clcopied; /* clusters copied during clone */ 260 uint64_t ips_mbinserted; /* mbufs inserted during makespace */ |
261 /* 262 * Temporary statistics for performance analysis. 263 */ 264 /* See where ESP/AH/IPCOMP header land in mbuf on input */ |
265 uint64_t ips_input_front; 266 uint64_t ips_input_middle; 267 uint64_t ips_input_end; |
268}; 269 270/* 271 * Definitions for IPsec & Key sysctl operations. 272 */ 273/* 274 * Names for IPsec & Key sysctl objects 275 */ --- 183 unchanged lines hidden --- |