pfkey.c revision 175061
1/* $NetBSD: inet.c,v 1.35.2.1 1999/04/29 14:57:08 perry Exp $ */ 2/* $KAME: ipsec.c,v 1.25 2001/03/12 09:04:39 itojun Exp $ */ 3/*- 4 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31/*- 32 * Copyright (c) 1983, 1988, 1993 33 * The Regents of the University of California. All rights reserved. 34 * 35 * Redistribution and use in source and binary forms, with or without 36 * modification, are permitted provided that the following conditions 37 * are met: 38 * 1. Redistributions of source code must retain the above copyright 39 * notice, this list of conditions and the following disclaimer. 40 * 2. Redistributions in binary form must reproduce the above copyright 41 * notice, this list of conditions and the following disclaimer in the 42 * documentation and/or other materials provided with the distribution. 43 * 3. All advertising materials mentioning features or use of this software 44 * must display the following acknowledgement: 45 * This product includes software developed by the University of 46 * California, Berkeley and its contributors. 47 * 4. Neither the name of the University nor the names of its contributors 48 * may be used to endorse or promote products derived from this software 49 * without specific prior written permission. 50 * 51 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 54 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 55 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 56 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 57 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 61 * SUCH DAMAGE. 62 */ 63 64#if 0 65#ifndef lint 66static char sccsid[] = "@(#)inet.c 8.5 (Berkeley) 5/24/95"; 67#endif /* not lint */ 68#endif 69 70#include <sys/cdefs.h> 71__FBSDID("$FreeBSD: head/usr.bin/netstat/pfkey.c 175061 2008-01-02 23:26:11Z obrien $"); 72 73#include <sys/param.h> 74#include <sys/queue.h> 75#include <sys/socket.h> 76#include <sys/socketvar.h> 77 78#include <netinet/in.h> 79 80#ifdef IPSEC 81#include <netipsec/keysock.h> 82#endif 83 84#include <stdint.h> 85#include <stdio.h> 86#include <string.h> 87#include <unistd.h> 88#include "netstat.h" 89 90#ifdef IPSEC 91 92static const char *pfkey_msgtypenames[] = { 93 "reserved", "getspi", "update", "add", "delete", 94 "get", "acquire", "register", "expire", "flush", 95 "dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd", 96 "x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush", 97 "x_spdsetidx", "x_spdexpire", "x_spddelete2" 98}; 99 100static const char *pfkey_msgtype_names (int); 101 102 103static const char * 104pfkey_msgtype_names(int x) 105{ 106 const int max = 107 sizeof(pfkey_msgtypenames)/sizeof(pfkey_msgtypenames[0]); 108 static char buf[20]; 109 110 if (x < max && pfkey_msgtypenames[x]) 111 return pfkey_msgtypenames[x]; 112 snprintf(buf, sizeof(buf), "#%d", x); 113 return buf; 114} 115 116void 117pfkey_stats(u_long off, const char *name, int family __unused, 118 int proto __unused) 119{ 120 struct pfkeystat pfkeystat; 121 unsigned first, type; 122 123 if (off == 0) 124 return; 125 printf ("%s:\n", name); 126 kread(off, (char *)&pfkeystat, sizeof(pfkeystat)); 127 128#define p(f, m) if (pfkeystat.f || sflag <= 1) \ 129 printf(m, (uintmax_t)pfkeystat.f, plural(pfkeystat.f)) 130 131 /* userland -> kernel */ 132 p(out_total, "\t%ju request%s sent from userland\n"); 133 p(out_bytes, "\t%ju byte%s sent from userland\n"); 134 for (first = 1, type = 0; 135 type < sizeof(pfkeystat.out_msgtype)/sizeof(pfkeystat.out_msgtype[0]); 136 type++) { 137 if (pfkeystat.out_msgtype[type] <= 0) 138 continue; 139 if (first) { 140 printf("\thistogram by message type:\n"); 141 first = 0; 142 } 143 printf("\t\t%s: %ju\n", pfkey_msgtype_names(type), 144 (uintmax_t)pfkeystat.out_msgtype[type]); 145 } 146 p(out_invlen, "\t%ju message%s with invalid length field\n"); 147 p(out_invver, "\t%ju message%s with invalid version field\n"); 148 p(out_invmsgtype, "\t%ju message%s with invalid message type field\n"); 149 p(out_tooshort, "\t%ju message%s too short\n"); 150 p(out_nomem, "\t%ju message%s with memory allocation failure\n"); 151 p(out_dupext, "\t%ju message%s with duplicate extension\n"); 152 p(out_invexttype, "\t%ju message%s with invalid extension type\n"); 153 p(out_invsatype, "\t%ju message%s with invalid sa type\n"); 154 p(out_invaddr, "\t%ju message%s with invalid address extension\n"); 155 156 /* kernel -> userland */ 157 p(in_total, "\t%ju request%s sent to userland\n"); 158 p(in_bytes, "\t%ju byte%s sent to userland\n"); 159 for (first = 1, type = 0; 160 type < sizeof(pfkeystat.in_msgtype)/sizeof(pfkeystat.in_msgtype[0]); 161 type++) { 162 if (pfkeystat.in_msgtype[type] <= 0) 163 continue; 164 if (first) { 165 printf("\thistogram by message type:\n"); 166 first = 0; 167 } 168 printf("\t\t%s: %ju\n", pfkey_msgtype_names(type), 169 (uintmax_t)pfkeystat.in_msgtype[type]); 170 } 171 p(in_msgtarget[KEY_SENDUP_ONE], 172 "\t%ju message%s toward single socket\n"); 173 p(in_msgtarget[KEY_SENDUP_ALL], 174 "\t%ju message%s toward all sockets\n"); 175 p(in_msgtarget[KEY_SENDUP_REGISTERED], 176 "\t%ju message%s toward registered sockets\n"); 177 p(in_nomem, "\t%ju message%s with memory allocation failure\n"); 178#undef p 179} 180#endif /* IPSEC */ 181