From owner-p4-projects@FreeBSD.ORG  Thu Jul 30 22:34:06 2009
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 3AC891065743; Thu, 30 Jul 2009 22:34:05 +0000 (UTC)
Delivered-To: perforce@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9CBF4106568C
	for <perforce@FreeBSD.org>; Thu, 30 Jul 2009 22:34:04 +0000 (UTC)
	(envelope-from pgj@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 8A6598FC26
	for <perforce@FreeBSD.org>; Thu, 30 Jul 2009 22:34:04 +0000 (UTC)
	(envelope-from pgj@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n6UMY4us041231
	for <perforce@FreeBSD.org>; Thu, 30 Jul 2009 22:34:04 GMT
	(envelope-from pgj@FreeBSD.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n6UMY47h041229
	for perforce@freebsd.org; Thu, 30 Jul 2009 22:34:04 GMT
	(envelope-from pgj@FreeBSD.org)
Date: Thu, 30 Jul 2009 22:34:04 GMT
Message-Id: <200907302234.n6UMY47h041229@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	pgj@FreeBSD.org using -f
From: Gabor Pali <pgj@FreeBSD.org>
To: Perforce Change Reviews <perforce@FreeBSD.org>
Cc: 
Subject: PERFORCE change 166842 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2009 22:34:06 -0000

http://perforce.freebsd.org/chv.cgi?CH=166842

Change 166842 by pgj@petymeg-current on 2009/07/30 22:34:04

	Add support for AH statistics.

Affected files ...

.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat.h#51 edit
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_internal.h#48 edit
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_stat.c#18 edit
.. //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_util.c#56 edit

Differences ...

==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat.h#51 (text+ko) ====

@@ -89,8 +89,10 @@
 #define	NETSTAT_PFKEY_IN_MSGTYPE_MAX	256
 #define NETSTAT_PFKEY_OUT_MSGTYPE_MAX	256
 
-/* ESP: */
+/* IPsec: */
 #define NETSTAT_ESP_HIST_MAX		ESP_ALG_MAX
+#define NETSTAT_AH_HIST_MAX		AH_ALG_MAX
+
 
 /* Enum for TCP states: */
 enum tcp_state {
@@ -156,6 +158,7 @@
 #ifdef IPSEC
     stat_pfkey,
     stat_ESP,
+    stat_AH,
 #endif
     stat_MAX,
     stat_Invalid,
@@ -208,6 +211,7 @@
 #ifdef IPSEC
 struct pfkey_stat;
 struct esp_stat;
+struct ah_stat;
 #endif
 
 __BEGIN_DECLS
@@ -974,5 +978,29 @@
 u_int32_t   netstat_esps_get_crypto(const struct esp_stat *);
 u_int32_t   netstat_esps_get_tunnel(const struct esp_stat *);
 u_int32_t   netstat_esps_get_hist(const struct esp_stat *, int);
+
+const struct ah_stat	*netstat_get_ahstats(const struct stat_type *);
+const char  *netstat_ipsec_ahname(int);
+
+u_int32_t   netstat_ahs_get_hdrops(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_nopf(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_notdb(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_badkcr(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_badauth(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_noxform(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_qfull(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_wrap(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_replay(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_badauthl(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_input(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_output(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_invalid(const struct ah_stat *);
+u_int64_t   netstat_ahs_get_ibytes(const struct ah_stat *);
+u_int64_t   netstat_ahs_get_obytes(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_toobig(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_pdrops(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_crypto(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_tunnel(const struct ah_stat *);
+u_int32_t   netstat_ahs_get_hist(const struct ah_stat *, int);
 #endif /* !IPSEC */
 #endif /* !_NETSTAT_H_ */

==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_internal.h#48 (text+ko) ====

@@ -68,6 +68,7 @@
 #ifdef IPSEC
 #include <netipsec/keysock.h>
 #include <netipsec/esp_var.h>
+#include <netipsec/ah_var.h>
 #endif
 
 #include "netstat.h"
@@ -380,6 +381,10 @@
 struct esp_stat {
 	struct espstat s;
 };
+
+struct ah_stat {
+	struct ahstat s;
+};
 #endif
 
 /* Timestamp type. */

==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_stat.c#18 (text+ko) ====

@@ -89,6 +89,7 @@
 #ifdef IPSEC
 	{ PFKEYSTAT_VERSION, "net.key.stats", "_pfkeystat" },
 	{ ESPSTAT_VERSION, "net.inet.esp.stats", "_espstat" },
+	{ AHSTAT_VERSION, "net.inet.ah.stats", "_ahstat" },
 #endif
 };
 

==== //depot/projects/soc2009/pgj_libstat/src/lib/libnetstat/netstat_util.c#56 (text+ko) ====

@@ -1938,6 +1938,40 @@
 #undef ESP_ACC
 #undef ESP_ACC64
 #undef ESP_ACCA
+
+#define AH_ACC(field) \
+    STATS_ACCX(u_int32_t,ah,field,ahs_##field)
+
+#define AH_ACC64(field) \
+    STATS_ACCX(u_int64_t,ah,field,ahs_##field)
+
+#define AH_ACCA(field,size) \
+    STATS_ACCXA(u_int32_t,ah,field,ahs_##field,size)
+
+STATS_GET(ah,AH);
+AH_ACC(hdrops);
+AH_ACC(nopf);
+AH_ACC(notdb);
+AH_ACC(badkcr);
+AH_ACC(badauth);
+AH_ACC(noxform);
+AH_ACC(qfull);
+AH_ACC(wrap);
+AH_ACC(replay);
+AH_ACC(badauthl);
+AH_ACC(input);
+AH_ACC(output);
+AH_ACC(invalid);
+AH_ACC64(ibytes);
+AH_ACC64(obytes);
+AH_ACC(toobig);
+AH_ACC(pdrops);
+AH_ACC(crypto);
+AH_ACC(tunnel);
+AH_ACCA(hist,AH_ALG_MAX);
+#undef AH_ACC
+#undef AH_ACC64
+#undef AH_ACCA
 #endif /* !IPSEC */
 
 static	const char *icmpnames[ICMP_MAXTYPE + 1] = {
@@ -2299,6 +2333,31 @@
 	{ -1, NULL },
 };
 
+static struct val2str ipsec_ahnames[] = {
+	{ SADB_AALG_NONE, "none" },
+	{ SADB_AALG_MD5HMAC, "hmac-md5" },
+	{ SADB_AALG_SHA1HMAC, "hmac-sha1" },
+	{ SADB_X_AALG_MD5, "md5" },
+	{ SADB_X_AALG_SHA, "sha" },
+	{ SADB_X_AALG_NULL, "null" },
+#ifdef SADB_X_AALG_SHA2_256
+	{ SADB_X_AALG_SHA2_256, "hmac-sha2-256" },
+#endif
+#ifdef SADB_X_AALG_SHA2_384
+	{ SADB_X_AALG_SHA2_512, "hmac-sha2-384" },
+#endif
+#ifdef SADB_X_AALG_SHA2_512
+	{ SADB_X_AALG_SHA2_512, "hmac-sha2-512" },
+#endif
+#ifdef SADB_X_AALG_RIPEMD160HMAC
+	{ SADB_X_AALG_RIPEMD160HMAC, "hmac-ripemd160" },
+#endif
+#ifdef SADB_X_AALG_AES_XCBC_MAC
+	{ SADB_X_AALG_AES_XCBC_MAC, "aes-xcbc-mac" },
+#endif
+	{ -1, NULL },
+};
+
 const char *
 resolve_val2str_name(int proto, const struct val2str *name)
 {
@@ -2324,6 +2383,12 @@
 }
 
 const char *
+netstat_ipsec_ahname(int proto)
+{
+	return (resolve_val2str_name(proto, ipsec_ahnames));
+}
+
+const char *
 routename(in_addr_t in, int numeric)
 {
 	char *cp;