pfkey.c revision 200420
1/* $NetBSD: inet.c,v 1.35.2.1 1999/04/29 14:57:08 perry Exp $ */ 2/* $KAME: ipsec.c,v 1.25 2001/03/12 09:04:39 itojun Exp $ */ 3/*- 4 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31/*- 32 * Copyright (c) 1983, 1988, 1993 33 * The Regents of the University of California. All rights reserved. 34 * 35 * Redistribution and use in source and binary forms, with or without 36 * modification, are permitted provided that the following conditions 37 * are met: 38 * 1. Redistributions of source code must retain the above copyright 39 * notice, this list of conditions and the following disclaimer. 40 * 2. Redistributions in binary form must reproduce the above copyright 41 * notice, this list of conditions and the following disclaimer in the 42 * documentation and/or other materials provided with the distribution. 43 * 3. All advertising materials mentioning features or use of this software 44 * must display the following acknowledgement: 45 * This product includes software developed by the University of 46 * California, Berkeley and its contributors. 47 * 4. Neither the name of the University nor the names of its contributors 48 * may be used to endorse or promote products derived from this software 49 * without specific prior written permission. 50 * 51 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 54 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 55 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 56 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 57 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 61 * SUCH DAMAGE. 62 */ 63 64#if 0 65#ifndef lint 66static char sccsid[] = "@(#)inet.c 8.5 (Berkeley) 5/24/95"; 67#endif /* not lint */ 68#endif 69 70#include <sys/cdefs.h> 71__FBSDID("$FreeBSD: head/usr.bin/netstat/pfkey.c 200420 2009-12-11 23:35:38Z delphij $"); 72 73#include <sys/param.h> 74#include <sys/queue.h> 75#include <sys/socket.h> 76#include <sys/socketvar.h> 77 78#include <netinet/in.h> 79 80#ifdef IPSEC 81#include <netipsec/keysock.h> 82#endif 83 84#include <stdint.h> 85#include <stdio.h> 86#include "netstat.h" 87 88#ifdef IPSEC 89 90static const char *pfkey_msgtypenames[] = { 91 "reserved", "getspi", "update", "add", "delete", 92 "get", "acquire", "register", "expire", "flush", 93 "dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd", 94 "x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush", 95 "x_spdsetidx", "x_spdexpire", "x_spddelete2" 96}; 97 98static const char *pfkey_msgtype_names (int); 99 100 101static const char * 102pfkey_msgtype_names(int x) 103{ 104 const int max = 105 sizeof(pfkey_msgtypenames)/sizeof(pfkey_msgtypenames[0]); 106 static char buf[20]; 107 108 if (x < max && pfkey_msgtypenames[x]) 109 return pfkey_msgtypenames[x]; 110 snprintf(buf, sizeof(buf), "#%d", x); 111 return buf; 112} 113 114void 115pfkey_stats(u_long off, const char *name, int family __unused, 116 int proto __unused) 117{ 118 struct pfkeystat pfkeystat; 119 unsigned first, type; 120 121 if (off == 0) 122 return; 123 printf ("%s:\n", name); 124 kread(off, (char *)&pfkeystat, sizeof(pfkeystat)); 125 126#define p(f, m) if (pfkeystat.f || sflag <= 1) \ 127 printf(m, (uintmax_t)pfkeystat.f, plural(pfkeystat.f)) 128 129 /* userland -> kernel */ 130 p(out_total, "\t%ju request%s sent from userland\n"); 131 p(out_bytes, "\t%ju byte%s sent from userland\n"); 132 for (first = 1, type = 0; 133 type < sizeof(pfkeystat.out_msgtype)/sizeof(pfkeystat.out_msgtype[0]); 134 type++) { 135 if (pfkeystat.out_msgtype[type] <= 0) 136 continue; 137 if (first) { 138 printf("\thistogram by message type:\n"); 139 first = 0; 140 } 141 printf("\t\t%s: %ju\n", pfkey_msgtype_names(type), 142 (uintmax_t)pfkeystat.out_msgtype[type]); 143 } 144 p(out_invlen, "\t%ju message%s with invalid length field\n"); 145 p(out_invver, "\t%ju message%s with invalid version field\n"); 146 p(out_invmsgtype, "\t%ju message%s with invalid message type field\n"); 147 p(out_tooshort, "\t%ju message%s too short\n"); 148 p(out_nomem, "\t%ju message%s with memory allocation failure\n"); 149 p(out_dupext, "\t%ju message%s with duplicate extension\n"); 150 p(out_invexttype, "\t%ju message%s with invalid extension type\n"); 151 p(out_invsatype, "\t%ju message%s with invalid sa type\n"); 152 p(out_invaddr, "\t%ju message%s with invalid address extension\n"); 153 154 /* kernel -> userland */ 155 p(in_total, "\t%ju request%s sent to userland\n"); 156 p(in_bytes, "\t%ju byte%s sent to userland\n"); 157 for (first = 1, type = 0; 158 type < sizeof(pfkeystat.in_msgtype)/sizeof(pfkeystat.in_msgtype[0]); 159 type++) { 160 if (pfkeystat.in_msgtype[type] <= 0) 161 continue; 162 if (first) { 163 printf("\thistogram by message type:\n"); 164 first = 0; 165 } 166 printf("\t\t%s: %ju\n", pfkey_msgtype_names(type), 167 (uintmax_t)pfkeystat.in_msgtype[type]); 168 } 169 p(in_msgtarget[KEY_SENDUP_ONE], 170 "\t%ju message%s toward single socket\n"); 171 p(in_msgtarget[KEY_SENDUP_ALL], 172 "\t%ju message%s toward all sockets\n"); 173 p(in_msgtarget[KEY_SENDUP_REGISTERED], 174 "\t%ju message%s toward registered sockets\n"); 175 p(in_nomem, "\t%ju message%s with memory allocation failure\n"); 176#undef p 177} 178#endif /* IPSEC */ 179