1 /* $NetBSD: pfkey.c,v 1.1 2012/01/06 14:21:16 drochner Exp $ */ 2 /* $KAME: ipsec.c,v 1.33 2003/07/25 09:54:32 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1983, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 */ 61 62 #include <sys/cdefs.h> 63 #ifndef lint 64 #if 0 65 static char sccsid[] = "from: @(#)inet.c 8.4 (Berkeley) 4/20/94"; 66 #else 67 #ifdef __NetBSD__ 68 __RCSID("$NetBSD: pfkey.c,v 1.1 2012/01/06 14:21:16 drochner Exp $"); 69 #endif 70 #endif 71 #endif /* not lint */ 72 73 #include <sys/param.h> 74 #include <sys/queue.h> 75 #include <sys/socket.h> 76 #include <sys/sysctl.h> 77 78 #ifdef IPSEC 79 #include <netipsec/keysock.h> 80 #endif 81 82 #include <err.h> 83 #include <stdio.h> 84 #include <string.h> 85 #include <unistd.h> 86 #include "netstat.h" 87 88 #ifdef IPSEC 89 90 static const char *pfkey_msgtypenames[] = { 91 "reserved", "getspi", "update", "add", "delete", 92 "get", "acquire", "register", "expire", "flush", 93 "dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd", 94 "x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush", 95 "x_spdsetidx", "x_spdexpire", "x_spddelete2" 96 }; 97 98 static const char *pfkey_msgtype_names(int); 99 100 static const char * 101 pfkey_msgtype_names(int x) 102 { 103 const int max = 104 sizeof(pfkey_msgtypenames)/sizeof(pfkey_msgtypenames[0]); 105 static char buf[20]; 106 107 if (x < max && pfkey_msgtypenames[x]) 108 return pfkey_msgtypenames[x]; 109 snprintf(buf, sizeof(buf), "#%d", x); 110 return buf; 111 } 112 113 void 114 pfkey_stats(u_long off, const char *name) 115 { 116 uint64_t pfkeystat[PFKEY_NSTATS]; 117 int first, type; 118 119 if (use_sysctl) { 120 size_t size = sizeof(pfkeystat); 121 122 if (sysctlbyname("net.key.stats", pfkeystat, &size, 123 NULL, 0) == -1) 124 return; 125 } else { 126 warnx("%s stats not available via KVM.", name); 127 return; 128 } 129 130 printf ("%s:\n", name); 131 132 #define p(f, m) if (pfkeystat[f] || sflag <= 1) \ 133 printf(m, (unsigned long long)pfkeystat[f], plural(pfkeystat[f])) 134 135 /* userland -> kernel */ 136 p(PFKEY_STAT_OUT_TOTAL, "\t%llu request%s sent from userland\n"); 137 p(PFKEY_STAT_OUT_BYTES, "\t%llu byte%s sent from userland\n"); 138 for (first = 1, type = 0; type < 256; type++) { 139 if (pfkeystat[PFKEY_STAT_OUT_MSGTYPE + type] == 0) 140 continue; 141 if (first) { 142 printf("\thistogram by message type:\n"); 143 first = 0; 144 } 145 printf("\t\t%s: %llu\n", pfkey_msgtype_names(type), 146 (unsigned long long)pfkeystat[PFKEY_STAT_OUT_MSGTYPE + type]); 147 } 148 p(PFKEY_STAT_OUT_INVLEN, "\t%llu message%s with invalid length field\n"); 149 p(PFKEY_STAT_OUT_INVVER, "\t%llu message%s with invalid version field\n"); 150 p(PFKEY_STAT_OUT_INVMSGTYPE, "\t%llu message%s with invalid message type field\n"); 151 p(PFKEY_STAT_OUT_TOOSHORT, "\t%llu message%s too short\n"); 152 p(PFKEY_STAT_OUT_NOMEM, "\t%llu message%s with memory allocation failure\n"); 153 p(PFKEY_STAT_OUT_DUPEXT, "\t%llu message%s with duplicate extension\n"); 154 p(PFKEY_STAT_OUT_INVEXTTYPE, "\t%llu message%s with invalid extension type\n"); 155 p(PFKEY_STAT_OUT_INVSATYPE, "\t%llu message%s with invalid sa type\n"); 156 p(PFKEY_STAT_OUT_INVADDR, "\t%llu message%s with invalid address extension\n"); 157 158 /* kernel -> userland */ 159 p(PFKEY_STAT_IN_TOTAL, "\t%llu request%s sent to userland\n"); 160 p(PFKEY_STAT_IN_BYTES, "\t%llu byte%s sent to userland\n"); 161 for (first = 1, type = 0; type < 256; type++) { 162 if (pfkeystat[PFKEY_STAT_IN_MSGTYPE + type] == 0) 163 continue; 164 if (first) { 165 printf("\thistogram by message type:\n"); 166 first = 0; 167 } 168 printf("\t\t%s: %llu\n", pfkey_msgtype_names(type), 169 (unsigned long long)pfkeystat[PFKEY_STAT_IN_MSGTYPE + type]); 170 } 171 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_ONE, 172 "\t%llu message%s toward single socket\n"); 173 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_ALL, 174 "\t%llu message%s toward all sockets\n"); 175 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_REGISTERED, 176 "\t%llu message%s toward registered sockets\n"); 177 p(PFKEY_STAT_IN_NOMEM, "\t%llu message%s with memory allocation failure\n"); 178 #undef p 179 } 180 #endif /*IPSEC*/ 181