1/* $NetBSD: pfkey.c,v 1.5 2022/09/02 06:25:43 msaitoh Exp $ */ 2/* $KAME: ipsec.c,v 1.33 2003/07/25 09:54:32 itojun Exp $ */ 3 4/* 5 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33/* 34 * Copyright (c) 1983, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 */ 61 62#include <sys/cdefs.h> 63#ifndef lint 64#if 0 65static char sccsid[] = "from: @(#)inet.c 8.4 (Berkeley) 4/20/94"; 66#else 67#ifdef __NetBSD__ 68__RCSID("$NetBSD: pfkey.c,v 1.5 2022/09/02 06:25:43 msaitoh Exp $"); 69#endif 70#endif 71#endif /* not lint */ 72 73#include <sys/param.h> 74#include <sys/queue.h> 75#include <sys/socket.h> 76#include <sys/sysctl.h> 77 78#ifdef IPSEC 79#include <netipsec/keysock.h> 80#endif 81 82#include <err.h> 83#include <errno.h> 84#include <stdio.h> 85#include <string.h> 86#include <unistd.h> 87#include "netstat.h" 88#include "prog_ops.h" 89 90#ifdef IPSEC 91 92static const char *pfkey_msgtypenames[] = { 93 "reserved", "getspi", "update", "add", "delete", 94 "get", "acquire", "register", "expire", "flush", 95 "dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd", 96 "x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush", 97 "x_spdsetidx", "x_spdexpire", "x_spddelete2" 98}; 99 100static const char *pfkey_msgtype_names(int); 101 102static const char * 103pfkey_msgtype_names(int x) 104{ 105 const int max = 106 sizeof(pfkey_msgtypenames)/sizeof(pfkey_msgtypenames[0]); 107 static char buf[20]; 108 109 if (x < max && pfkey_msgtypenames[x]) 110 return pfkey_msgtypenames[x]; 111 snprintf(buf, sizeof(buf), "#%d", x); 112 return buf; 113} 114 115void 116pfkey_stats(u_long off, const char *name) 117{ 118 uint64_t pfkeystat[PFKEY_NSTATS]; 119 int first, type; 120 121 if (use_sysctl) { 122 size_t size = sizeof(pfkeystat); 123 124 if (prog_sysctlbyname("net.key.stats", pfkeystat, &size, 125 NULL, 0) == -1 && errno != ENOMEM) 126 return; 127 } else { 128 warnx("%s stats not available via KVM.", name); 129 return; 130 } 131 132 printf ("%s:\n", name); 133 134#define p(f, m) if (pfkeystat[f] || sflag <= 1) \ 135 printf(m, (unsigned long long)pfkeystat[f], plural(pfkeystat[f])) 136 137 /* userland -> kernel */ 138 p(PFKEY_STAT_OUT_TOTAL, "\t%llu request%s sent from userland\n"); 139 p(PFKEY_STAT_OUT_BYTES, "\t%llu byte%s sent from userland\n"); 140 for (first = 1, type = 0; type < 256; type++) { 141 if (pfkeystat[PFKEY_STAT_OUT_MSGTYPE + type] == 0) 142 continue; 143 if (first) { 144 printf("\thistogram by message type:\n"); 145 first = 0; 146 } 147 printf("\t\t%s: %llu\n", pfkey_msgtype_names(type), 148 (unsigned long long)pfkeystat[PFKEY_STAT_OUT_MSGTYPE + type]); 149 } 150 p(PFKEY_STAT_OUT_INVLEN, 151 "\t%llu message%s with invalid length field\n"); 152 p(PFKEY_STAT_OUT_INVVER, 153 "\t%llu message%s with invalid version field\n"); 154 p(PFKEY_STAT_OUT_INVMSGTYPE, 155 "\t%llu message%s with invalid message type field\n"); 156 p(PFKEY_STAT_OUT_TOOSHORT, 157 "\t%llu message%s too short\n"); 158 p(PFKEY_STAT_OUT_NOMEM, 159 "\t%llu message%s with memory allocation failure\n"); 160 p(PFKEY_STAT_OUT_DUPEXT, 161 "\t%llu message%s with duplicate extension\n"); 162 p(PFKEY_STAT_OUT_INVEXTTYPE, 163 "\t%llu message%s with invalid extension type\n"); 164 p(PFKEY_STAT_OUT_INVSATYPE, 165 "\t%llu message%s with invalid sa type\n"); 166 p(PFKEY_STAT_OUT_INVADDR, 167 "\t%llu message%s with invalid address extension\n"); 168 169 /* kernel -> userland */ 170 p(PFKEY_STAT_IN_TOTAL, "\t%llu request%s sent to userland\n"); 171 p(PFKEY_STAT_IN_BYTES, "\t%llu byte%s sent to userland\n"); 172 for (first = 1, type = 0; type < 256; type++) { 173 if (pfkeystat[PFKEY_STAT_IN_MSGTYPE + type] == 0) 174 continue; 175 if (first) { 176 printf("\thistogram by message type:\n"); 177 first = 0; 178 } 179 printf("\t\t%s: %llu\n", pfkey_msgtype_names(type), 180 (unsigned long long)pfkeystat[PFKEY_STAT_IN_MSGTYPE + type]); 181 } 182 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_ONE, 183 "\t%llu message%s toward single socket\n"); 184 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_ALL, 185 "\t%llu message%s toward all sockets\n"); 186 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_REGISTERED, 187 "\t%llu message%s toward registered sockets\n"); 188 p(PFKEY_STAT_IN_NOMEM, 189 "\t%llu message%s with memory allocation failure\n"); 190#undef p 191} 192#endif /*IPSEC*/ 193