From owner-p4-projects@FreeBSD.ORG Thu Jul 30 20:40:02 2009 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 3009110656C8; Thu, 30 Jul 2009 20:39:59 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 656D3106566C for ; Thu, 30 Jul 2009 20:39:59 +0000 (UTC) (envelope-from pgj@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 530BB8FC12 for ; Thu, 30 Jul 2009 20:39:59 +0000 (UTC) (envelope-from pgj@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n6UKdxXh021004 for ; Thu, 30 Jul 2009 20:39:59 GMT (envelope-from pgj@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n6UKdxM9021002 for perforce@freebsd.org; Thu, 30 Jul 2009 20:39:59 GMT (envelope-from pgj@FreeBSD.org) Date: Thu, 30 Jul 2009 20:39:59 GMT Message-Id: <200907302039.n6UKdxM9021002@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to pgj@FreeBSD.org using -f From: Gabor Pali To: Perforce Change Reviews Cc: Subject: PERFORCE change 166835 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2009 20:40:03 -0000 http://perforce.freebsd.org/chv.cgi?CH=166835 Change 166835 by pgj@petymeg-current on 2009/07/30 20:39:52 Add support for pfkey statistics. Affected files ... .. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/Makefile#16 edit .. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat.h#49 edit .. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_internal.h#46 edit .. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_stat.c#16 edit .. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_util.c#54 edit Differences ... ==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/Makefile#16 (text+ko) ==== @@ -21,6 +21,7 @@ WITHOUT_MAN= yes CFLAGS+=-DSCTP +CFLAGS+=-DIPSEC .if ${MK_INET6_SUPPORT} != "no" CFLAGS+= -DINET6 ==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat.h#49 (text+ko) ==== @@ -32,6 +32,10 @@ #include #include +#ifdef IPSEC +#include +#endif + #define NETSTAT_MAXCALLER 16 #define SOCKTYPE_MAXNAME 32 @@ -80,6 +84,10 @@ #define NETSTAT_BPF_ASYNC 0x10 /* packet reception should generate signal */ #define NETSTAT_BPF_LOCKED 0x20 /* descriptor is locked */ +/* pfkey: */ +#define NETSTAT_PFKEY_IN_MSGTYPE_MAX 256 +#define NETSTAT_PFKEY_OUT_MSGTYPE_MAX 256 + /* Enum for TCP states: */ enum tcp_state { @@ -114,6 +122,12 @@ bpfdir_MAX, }; +enum pfkey_msgtarget { + pfkey_Sendup_One = KEY_SENDUP_ONE, + pfkey_Sendup_All = KEY_SENDUP_ALL, + pfkey_Sendup_Registered = KEY_SENDUP_REGISTERED, +}; + enum stat { stat_TCP = 0, stat_UDP, @@ -136,6 +150,9 @@ stat_SPX, #endif stat_pfsync, +#ifdef IPSEC + stat_pfkey, +#endif stat_MAX, stat_Invalid, }; @@ -184,6 +201,9 @@ struct spx_stat; #endif struct pfsync_stat; +#ifdef IPSEC +struct pfkey_stat; +#endif __BEGIN_DECLS const char *netstat_strerror(int); @@ -900,4 +920,29 @@ u_int64_t netstat_pfsyncs_get_opackets6(const struct pfsync_stat *); u_int64_t netstat_pfsyncs_get_onomem(const struct pfsync_stat *); u_int64_t netstat_pfsyncs_get_oerrors(const struct pfsync_stat *); + +#ifdef IPSEC +const struct pfkey_stat *netstat_get_pfkeystats(const struct stat_type *); +const char *netstat_pfkey_msgtype_name(int); + +u_int64_t netstat_pfkeys_get_out_total(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_bytes(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_msgtype(const struct pfkey_stat *, int); +u_int64_t netstat_pfkeys_get_out_invlen(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_invver(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_invmsgtype(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_tooshort(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_nomem(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_dupext(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_invexttype(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_invsatype(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_out_invaddr(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_in_total(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_in_bytes(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_in_msgtype(const struct pfkey_stat *, int); +u_int64_t netstat_pfkeys_get_in_msgtarget(const struct pfkey_stat *, + enum pfkey_msgtarget); +u_int64_t netstat_pfkeys_get_in_nomem(const struct pfkey_stat *); +u_int64_t netstat_pfkeys_get_sockerr(const struct pfkey_stat *); +#endif /* !IPSEC */ #endif /* !_NETSTAT_H_ */ ==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_internal.h#46 (text+ko) ==== @@ -65,6 +65,9 @@ #endif #include #include +#ifdef IPSEC +#include +#endif #include "netstat.h" @@ -368,6 +371,12 @@ struct pfsyncstats s; }; +#ifdef IPSEC +struct pfkey_stat { + struct pfkeystat s; +}; +#endif + /* Timestamp type. */ struct timestamp_type { u_int32_t ts_sec; ==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_stat.c#16 (text+ko) ==== @@ -86,6 +86,9 @@ { SPXSTAT_VERSION, "net.ipx.spx.stats", "_spx_istat" }, #endif { PFSYNCSTAT_VERSION, "net.inet.pfsync.stats", "_pfsyncstats" }, +#ifdef IPSEC + { PFKEYSTAT_VERSION, "net.key.stats", "_pfkeystat" }, +#endif }; int ==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_util.c#54 (text+ko) ==== @@ -1256,6 +1256,12 @@ return (0); \ } +#define STATS_ACCXE(returns, stats, f1, f2, enty) \ +returns \ +netstat_##stats##s_get_##f1(const struct stats##_stat *a, enum enty i) \ +{ \ + return (a->s.f2[i]); \ +} #define TCP_ACC(field) \ @@ -1865,6 +1871,39 @@ PFSYNC_ACC(oerrors); #undef PFSYNC_ACC +#ifdef IPSEC +#define PFKEY_ACC(field) \ + STATS_ACCX(u_int64_t,pfkey,field,field) + +#define PFKEY_ACCA(field,size) \ + STATS_ACCXA(u_int64_t,pfkey,field,field,size) + +#define PFKEY_ACCE(field,size) \ + STATS_ACCXE(u_int64_t,pfkey,field,field,pfkey_msgtarget) + +STATS_GET(pfkey,pfkey); +PFKEY_ACC(out_total); +PFKEY_ACC(out_bytes); +PFKEY_ACCA(out_msgtype,256); +PFKEY_ACC(out_invlen); +PFKEY_ACC(out_invver); +PFKEY_ACC(out_invmsgtype); +PFKEY_ACC(out_tooshort); +PFKEY_ACC(out_nomem); +PFKEY_ACC(out_dupext); +PFKEY_ACC(out_invexttype); +PFKEY_ACC(out_invsatype); +PFKEY_ACC(out_invaddr); +PFKEY_ACC(in_total); +PFKEY_ACC(in_bytes); +PFKEY_ACCA(in_msgtype,256); +PFKEY_ACCE(in_msgtarget,pfkey_msgtarget); +PFKEY_ACC(in_nomem); +PFKEY_ACC(sockerr); +#undef PFKEY_ACC +#undef PFKEY_ACCA +#endif /* !IPSEC */ + static const char *icmpnames[ICMP_MAXTYPE + 1] = { "echo reply", /* RFC 792 */ "#1", @@ -2189,6 +2228,25 @@ return (NULL); } +static const char *pfkey_msgtypenames[] = { + "reserved", "getspi", "update", "add", "delete", + "get", "acquire", "register", "expire", "flush", + "dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd", + "x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush", + "x_spdsetidx", "x_spdexpire", "x_spddelete2" +}; + +const char * +netstat_pfkey_msgtype_name(int x) +{ + static char buf[20]; + + if (x < SizeOf(pfkey_msgtypenames) && pfkey_msgtypenames[x]) + return pfkey_msgtypenames[x]; + snprintf(buf, sizeof(buf), "#%d", x); + return buf; +} + const char * routename(in_addr_t in, int numeric) {