pfkey.c revision 175061 
1/*	$NetBSD: inet.c,v 1.35.2.1 1999/04/29 14:57:08 perry Exp $	*/
2/*	$KAME: ipsec.c,v 1.25 2001/03/12 09:04:39 itojun Exp $	*/
3/*-
4 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 *    may be used to endorse or promote products derived from this software
17 *    without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31/*-
32 * Copyright (c) 1983, 1988, 1993
33 *	The Regents of the University of California.  All rights reserved.
34 *
35 * Redistribution and use in source and binary forms, with or without
36 * modification, are permitted provided that the following conditions
37 * are met:
38 * 1. Redistributions of source code must retain the above copyright
39 *    notice, this list of conditions and the following disclaimer.
40 * 2. Redistributions in binary form must reproduce the above copyright
41 *    notice, this list of conditions and the following disclaimer in the
42 *    documentation and/or other materials provided with the distribution.
43 * 3. All advertising materials mentioning features or use of this software
44 *    must display the following acknowledgement:
45 *	This product includes software developed by the University of
46 *	California, Berkeley and its contributors.
47 * 4. Neither the name of the University nor the names of its contributors
48 *    may be used to endorse or promote products derived from this software
49 *    without specific prior written permission.
50 *
51 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
54 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
55 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
56 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
57 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
61 * SUCH DAMAGE.
62 */
63
64#if 0
65#ifndef lint
66static char sccsid[] = "@(#)inet.c	8.5 (Berkeley) 5/24/95";
67#endif /* not lint */
68#endif
69
70#include <sys/cdefs.h>
71__FBSDID("$FreeBSD: head/usr.bin/netstat/pfkey.c 175061 2008-01-02 23:26:11Z obrien $");
72
73#include <sys/param.h>
74#include <sys/queue.h>
75#include <sys/socket.h>
76#include <sys/socketvar.h>
77
78#include <netinet/in.h>
79
80#ifdef IPSEC
81#include <netipsec/keysock.h>
82#endif
83
84#include <stdint.h>
85#include <stdio.h>
86#include <string.h>
87#include <unistd.h>
88#include "netstat.h"
89
90#ifdef IPSEC
91
92static const char *pfkey_msgtypenames[] = {
93	"reserved", "getspi", "update", "add", "delete",
94	"get", "acquire", "register", "expire", "flush",
95	"dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd",
96	"x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush",
97	"x_spdsetidx", "x_spdexpire", "x_spddelete2"
98};
99
100static const char *pfkey_msgtype_names (int);
101
102
103static const char *
104pfkey_msgtype_names(int x)
105{
106	const int max =
107	    sizeof(pfkey_msgtypenames)/sizeof(pfkey_msgtypenames[0]);
108	static char buf[20];
109
110	if (x < max && pfkey_msgtypenames[x])
111		return pfkey_msgtypenames[x];
112	snprintf(buf, sizeof(buf), "#%d", x);
113	return buf;
114}
115
116void
117pfkey_stats(u_long off, const char *name, int family __unused,
118    int proto __unused)
119{
120	struct pfkeystat pfkeystat;
121	unsigned first, type;
122
123	if (off == 0)
124		return;
125	printf ("%s:\n", name);
126	kread(off, (char *)&pfkeystat, sizeof(pfkeystat));
127
128#define	p(f, m) if (pfkeystat.f || sflag <= 1) \
129    printf(m, (uintmax_t)pfkeystat.f, plural(pfkeystat.f))
130
131	/* userland -> kernel */
132	p(out_total, "\t%ju request%s sent from userland\n");
133	p(out_bytes, "\t%ju byte%s sent from userland\n");
134	for (first = 1, type = 0;
135	     type < sizeof(pfkeystat.out_msgtype)/sizeof(pfkeystat.out_msgtype[0]);
136	     type++) {
137		if (pfkeystat.out_msgtype[type] <= 0)
138			continue;
139		if (first) {
140			printf("\thistogram by message type:\n");
141			first = 0;
142		}
143		printf("\t\t%s: %ju\n", pfkey_msgtype_names(type),
144			(uintmax_t)pfkeystat.out_msgtype[type]);
145	}
146	p(out_invlen, "\t%ju message%s with invalid length field\n");
147	p(out_invver, "\t%ju message%s with invalid version field\n");
148	p(out_invmsgtype, "\t%ju message%s with invalid message type field\n");
149	p(out_tooshort, "\t%ju message%s too short\n");
150	p(out_nomem, "\t%ju message%s with memory allocation failure\n");
151	p(out_dupext, "\t%ju message%s with duplicate extension\n");
152	p(out_invexttype, "\t%ju message%s with invalid extension type\n");
153	p(out_invsatype, "\t%ju message%s with invalid sa type\n");
154	p(out_invaddr, "\t%ju message%s with invalid address extension\n");
155
156	/* kernel -> userland */
157	p(in_total, "\t%ju request%s sent to userland\n");
158	p(in_bytes, "\t%ju byte%s sent to userland\n");
159	for (first = 1, type = 0;
160	     type < sizeof(pfkeystat.in_msgtype)/sizeof(pfkeystat.in_msgtype[0]);
161	     type++) {
162		if (pfkeystat.in_msgtype[type] <= 0)
163			continue;
164		if (first) {
165			printf("\thistogram by message type:\n");
166			first = 0;
167		}
168		printf("\t\t%s: %ju\n", pfkey_msgtype_names(type),
169			(uintmax_t)pfkeystat.in_msgtype[type]);
170	}
171	p(in_msgtarget[KEY_SENDUP_ONE],
172	    "\t%ju message%s toward single socket\n");
173	p(in_msgtarget[KEY_SENDUP_ALL],
174	    "\t%ju message%s toward all sockets\n");
175	p(in_msgtarget[KEY_SENDUP_REGISTERED],
176	    "\t%ju message%s toward registered sockets\n");
177	p(in_nomem, "\t%ju message%s with memory allocation failure\n");
178#undef p
179}
180#endif /* IPSEC */
181