src - OpenBSD base system

diff options


context:
space:
mode:

author	Reyk Floeter <reyk@cvs.openbsd.org>	2015-02-06 03:22:01 +0000
committer	Reyk Floeter <reyk@cvs.openbsd.org>	2015-02-06 03:22:01 +0000
commit	01d4d73c049c5a5352463f69843a549758f8642f (patch)
tree	27cc621a699244eb22360d2c856a9568f9d2f9a3
parent	24d7e945c8550ee888200128a61e7415479dad74 (diff)

Remove route/netstat -f encap in favor of ipsecctl -s flow.

OK deraadt@

Diffstat

-rw-r--r--

sbin/route/keywords.h

-rw-r--r--

sbin/route/keywords.sh

-rw-r--r--

sbin/route/route.8

-rw-r--r--

sbin/route/route.c

-rw-r--r--

sbin/route/show.c

233

-rw-r--r--

usr.bin/netstat/Makefile

-rw-r--r--

usr.bin/netstat/main.c

-rw-r--r--

usr.bin/netstat/netstat.1

-rw-r--r--

usr.bin/netstat/route.c

137

-rw-r--r--

usr.bin/netstat/show.c

233

10 files changed, 14 insertions, 621 deletions

diff --git a/sbin/route/keywords.h b/sbin/route/keywords.h
index 79e1baa14a2..61749896682 100644
--- a/sbin/route/keywords.h
+++ b/sbin/route/keywords.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: keywords.h,v 1.28 2014/01/22 06:23:37 claudio Exp $ */

+/* $OpenBSD: keywords.h,v 1.29 2015/02/06 03:22:00 reyk Exp $ */

/* WARNING! This file was generated by keywords.sh */

@@ -15,7 +15,6 @@ enum {

K_CLONING,

K_DELETE,

K_DST,

- K_ENCAP,

K_EXEC,

K_EXPIRE,

K_FLUSH,

@@ -72,7 +71,6 @@ struct keytab keywords[] = {

{ "cloning", K_CLONING },

{ "delete", K_DELETE },

{ "dst", K_DST },

- { "encap", K_ENCAP },

{ "exec", K_EXEC },

{ "expire", K_EXPIRE },

{ "flush", K_FLUSH },

diff --git a/sbin/route/keywords.sh b/sbin/route/keywords.sh
index 66459d88c12..db99593dbc6 100644
--- a/sbin/route/keywords.sh
+++ b/sbin/route/keywords.sh

@@ -1,5 +1,5 @@

#!/bin/sh

-# $OpenBSD: keywords.sh,v 1.26 2014/01/22 06:23:37 claudio Exp $

+# $OpenBSD: keywords.sh,v 1.27 2015/02/06 03:22:00 reyk Exp $

# $NetBSD: keywords.sh,v 1.2 1996/11/15 18:57:21 gwr Exp $

# @(#)keywords 8.2 (Berkeley) 3/19/94

@@ -16,7 +16,6 @@ change

cloning

delete

dst

-encap

exec

expire

flush

diff --git a/sbin/route/route.8 b/sbin/route/route.8
index 012df2292e6..d867e872a52 100644
--- a/sbin/route/route.8
+++ b/sbin/route/route.8

@@ -1,4 +1,4 @@

-.\" $OpenBSD: route.8,v 1.73 2014/02/26 21:10:03 claudio Exp $

+.\" $OpenBSD: route.8,v 1.74 2015/02/06 03:22:00 reyk Exp $

.\" $NetBSD: route.8,v 1.6 1995/03/18 15:00:13 cgd Exp $

.\"

@@ -30,7 +30,7 @@

.\"

.\" @(#)route.8 8.3 (Berkeley) 3/19/94

.\"

-.Dd $Mdocdate: February 26 2014 $

+.Dd $Mdocdate: February 6 2015 $

.Dt ROUTE 8

.Os

.Sh NAME

@@ -296,10 +296,6 @@ Internet Protocol version 4 (IPv4) addresses

Internet Protocol version 6 (IPv6) addresses

(see

.Xr ip6 4 )

-.It Fl encap

-IPsec

-(see

-.Xr ipsec 4 )

.It Fl link

Hardware (link-level) addresses

.It Fl mpls

diff --git a/sbin/route/route.c b/sbin/route/route.c
index 621852a70b1..c3607844622 100644
--- a/sbin/route/route.c
+++ b/sbin/route/route.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: route.c,v 1.171 2015/01/16 06:40:00 deraadt Exp $ */

+/* $OpenBSD: route.c,v 1.172 2015/02/06 03:22:00 reyk Exp $ */

/* $NetBSD: route.c,v 1.16 1996/04/15 18:27:05 cgd Exp $ */

@@ -679,9 +679,6 @@ show(int argc, char *argv[])

case K_MPLS:

af = AF_MPLS;

break;

- case K_ENCAP:

- af = PF_KEY;

- break;

case K_GATEWAY:

Fflag = 1;

break;

diff --git a/sbin/route/show.c b/sbin/route/show.c
index 576f6ef41f7..c2971056b44 100644
--- a/sbin/route/show.c
+++ b/sbin/route/show.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: show.c,v 1.97 2015/01/16 06:40:00 deraadt Exp $ */

+/* $OpenBSD: show.c,v 1.98 2015/02/06 03:22:00 reyk Exp $ */

/* $NetBSD: show.c,v 1.1 1996/11/15 18:01:41 gwr Exp $ */

@@ -36,11 +36,9 @@

#include <net/if.h>

#include <net/if_dl.h>

#include <net/if_types.h>

-#include <net/pfkeyv2.h>

#include <net/route.h>

#include <netinet/in.h>

#include <netinet/if_ether.h>

-#include <netinet/ip_ipsp.h>

#include <netmpls/mpls.h>

#include <arpa/inet.h>

@@ -64,8 +62,6 @@ char *label_print(struct sockaddr *);

((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))

#define ADVANCE(x, n) (x += ROUNDUP((n)->sa_len))

-#define PFKEYV2_CHUNK sizeof(u_int64_t)

* Definitions for showing gateway flags.

@@ -101,11 +97,7 @@ static const struct bits bits[] = {

int WID_DST(int);

void pr_rthdr(int);

void p_rtentry(struct rt_msghdr *);

-void p_pfkentry(struct sadb_msg *);

void pr_family(int);

-void p_encap(struct sockaddr *, struct sockaddr *, int);

-void p_protocol(struct sadb_protocol *, struct sockaddr *, struct

- sadb_protocol *, int);

void p_sockaddr(struct sockaddr *, struct sockaddr *, int, int);

void p_sockaddr_mpls(struct sockaddr *, struct sockaddr *, int, int);

void p_flags(int, char *);

@@ -113,7 +105,6 @@ char *routename4(in_addr_t);

char *routename6(struct sockaddr_in6 *);

char *netname4(in_addr_t, struct sockaddr_in *);

char *netname6(struct sockaddr_in6 *, struct sockaddr_in6 *);

-void index_pfk(struct sadb_msg *, void **);

* Print routing tables.

@@ -122,7 +113,6 @@ void

p_rttables(int af, u_int tableid, int hastable)

{

struct rt_msghdr *rtm;

- struct sadb_msg *msg;

char *buf = NULL, *next, *lim = NULL;

size_t needed;

int mib[7], mcnt;

@@ -171,47 +161,6 @@ p_rttables(int af, u_int tableid, int hastable)

free(buf);

buf = NULL;

}

- if (af != 0 && af != PF_KEY)

- return;

- mib[0] = CTL_NET;

- mib[1] = PF_KEY;

- mib[2] = PF_KEY_V2;

- mib[3] = NET_KEY_SPD_DUMP;

- mib[4] = mib[5] = 0;

- while (1) {

- if (sysctl(mib, 4, NULL, &needed, NULL, 0) == -1) {

- if (errno == ENOPROTOOPT)

- return;

- err(1, "spd-sysctl-estimate");

- }

- if (needed == 0)

- break;

- if ((buf = realloc(buf, needed)) == NULL)

- err(1, NULL);

- if (sysctl(mib, 4, buf, &needed, NULL, 0) == -1) {

- if (errno == ENOMEM)

- continue;

- err(1,"sysctl of spd");

- }

- lim = buf + needed;

- break;

- }

- if (buf) {

- printf("\nEncap:\n");

- for (next = buf; next < lim; next += msg->sadb_msg_len *

- PFKEYV2_CHUNK) {

- msg = (struct sadb_msg *)next;

- if (msg->sadb_msg_len == 0)

- break;

- p_pfkentry(msg);

- }

- free(buf);

- buf = NULL;

- }

}

@@ -351,53 +300,6 @@ p_rtentry(struct rt_msghdr *rtm)

}

- * Print a pfkey/encap entry.

- */

-void

-p_pfkentry(struct sadb_msg *msg)

- static int old = 0;

- struct sadb_address *saddr;

- struct sadb_protocol *sap, *saft;

- struct sockaddr *sa, *mask;

- void *headers[SADB_EXT_MAX + 1];

- if (!old) {

- pr_rthdr(PF_KEY);

- old++;

- }

- bzero(headers, sizeof(headers));

- index_pfk(msg, headers);

- /* These are always set */

- saddr = headers[SADB_X_EXT_SRC_FLOW];

- sa = (struct sockaddr *)(saddr + 1);

- saddr = headers[SADB_X_EXT_SRC_MASK];

- mask = (struct sockaddr *)(saddr + 1);

- p_encap(sa, mask, WID_DST(sa->sa_family));

- /* These are always set, too. */

- saddr = headers[SADB_X_EXT_DST_FLOW];

- sa = (struct sockaddr *)(saddr + 1);

- saddr = headers[SADB_X_EXT_DST_MASK];

- mask = (struct sockaddr *)(saddr + 1);

- p_encap(sa, mask, WID_DST(sa->sa_family));

- /* Bypass and deny flows do not set SADB_EXT_ADDRESS_DST! */

- sap = headers[SADB_X_EXT_PROTOCOL];

- saft = headers[SADB_X_EXT_FLOW_TYPE];

- saddr = headers[SADB_EXT_ADDRESS_DST];

- if (saddr)

- sa = (struct sockaddr *)(saddr + 1);

- else

- sa = NULL;

- p_protocol(sap, sa, saft, msg->sadb_msg_satype);

- printf("\n");

-/*

* Print address family header before a section of the routing table.

void

@@ -429,97 +331,6 @@ pr_family(int af)

}

void

-p_encap(struct sockaddr *sa, struct sockaddr *mask, int width)

- char *cp;

- unsigned short port = 0;

- if (mask)

- cp = netname(sa, mask);

- else

- cp = routename(sa);

- switch (sa->sa_family) {

- case AF_INET:

- port = ntohs(((struct sockaddr_in *)sa)->sin_port);

- break;

- case AF_INET6:

- port = ntohs(((struct sockaddr_in6 *)sa)->sin6_port);

- break;

- }

- if (width < 0)

- printf("%s", cp);

- else {

- if (nflag)

- printf("%-*s %-5u ", width, cp, port);

- else

- printf("%-*.*s %-5u ", width, width, cp, port);

- }

-void

-p_protocol(struct sadb_protocol *sap, struct sockaddr *sa, struct sadb_protocol

- *saft, int proto)

- printf("%-6u", sap->sadb_protocol_proto);

- if (sa)

- p_sockaddr(sa, NULL, 0, -1);

- else

- printf("none");

- switch (proto) {

- case SADB_SATYPE_ESP:

- printf("/esp");

- break;

- case SADB_SATYPE_AH:

- printf("/ah");

- break;

- case SADB_X_SATYPE_IPCOMP:

- printf("/ipcomp");

- break;

- case SADB_X_SATYPE_IPIP:

- printf("/ipip");

- break;

- default:

- printf("/<unknown>");

- }

- switch(saft->sadb_protocol_proto) {

- case SADB_X_FLOW_TYPE_USE:

- printf("/use");

- break;

- case SADB_X_FLOW_TYPE_REQUIRE:

- printf("/require");

- break;

- case SADB_X_FLOW_TYPE_ACQUIRE:

- printf("/acquire");

- break;

- case SADB_X_FLOW_TYPE_DENY:

- printf("/deny");

- break;

- case SADB_X_FLOW_TYPE_BYPASS:

- printf("/bypass");

- break;

- case SADB_X_FLOW_TYPE_DONTACQ:

- printf("/dontacq");

- break;

- default:

- printf("/<unknown type>");

- }

- switch(saft->sadb_protocol_direction) {

- case IPSP_DIRECTION_IN:

- printf("/in");

- break;

- case IPSP_DIRECTION_OUT:

- printf("/out");

- break;

- default:

- printf("/<unknown>");

- }

-void

p_sockaddr(struct sockaddr *sa, struct sockaddr *mask, int flags, int width)

{

char *cp;

@@ -937,45 +748,3 @@ label_print(struct sockaddr *sa)

return (line);

}

-void

-index_pfk(struct sadb_msg *msg, void **headers)

- struct sadb_ext *ext;

- for (ext = (struct sadb_ext *)(msg + 1);

- (size_t)((u_int8_t *)ext - (u_int8_t *)msg) <

- msg->sadb_msg_len * PFKEYV2_CHUNK && ext->sadb_ext_len > 0;

- ext = (struct sadb_ext *)((u_int8_t *)ext +

- ext->sadb_ext_len * PFKEYV2_CHUNK)) {

- switch (ext->sadb_ext_type) {

- case SADB_EXT_ADDRESS_SRC:

- headers[SADB_EXT_ADDRESS_SRC] = (void *)ext;

- break;

- case SADB_EXT_ADDRESS_DST:

- headers[SADB_EXT_ADDRESS_DST] = (void *)ext;

- break;

- case SADB_X_EXT_PROTOCOL:

- headers[SADB_X_EXT_PROTOCOL] = (void *)ext;

- break;

- case SADB_X_EXT_SRC_FLOW:

- headers[SADB_X_EXT_SRC_FLOW] = (void *)ext;

- break;

- case SADB_X_EXT_DST_FLOW:

- headers[SADB_X_EXT_DST_FLOW] = (void *)ext;

- break;

- case SADB_X_EXT_SRC_MASK:

- headers[SADB_X_EXT_SRC_MASK] = (void *)ext;

- break;

- case SADB_X_EXT_DST_MASK:

- headers[SADB_X_EXT_DST_MASK] = (void *)ext;

- break;

- case SADB_X_EXT_FLOW_TYPE:

- headers[SADB_X_EXT_FLOW_TYPE] = (void *)ext;

- break;

- default:

- /* Ignore. */

- break;

- }

diff --git a/usr.bin/netstat/Makefile b/usr.bin/netstat/Makefile
index a94e38650a4..a6d505aa8f6 100644
--- a/usr.bin/netstat/Makefile
+++ b/usr.bin/netstat/Makefile

@@ -1,4 +1,4 @@

-# $OpenBSD: Makefile,v 1.21 2012/08/22 00:11:57 tedu Exp $

+# $OpenBSD: Makefile,v 1.22 2015/02/06 03:22:00 reyk Exp $

PROG= netstat

SRCS= if.c inet.c inet6.c main.c mbuf.c mroute.c route.c \

@@ -7,5 +7,6 @@ BINGRP= kmem

BINMODE=2555

LDADD= -lkvm -lutil

DPADD= ${LIBKVM} ${LIBUTIL}

+CFLAGS= -Wall

.include <bsd.prog.mk>

diff --git a/usr.bin/netstat/main.c b/usr.bin/netstat/main.c
index 5b0eb1f0bec..5465352a87f 100644
--- a/usr.bin/netstat/main.c
+++ b/usr.bin/netstat/main.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: main.c,v 1.103 2015/01/16 06:40:10 deraadt Exp $ */

+/* $OpenBSD: main.c,v 1.104 2015/02/06 03:22:00 reyk Exp $ */

/* $NetBSD: main.c,v 1.9 1996/05/07 02:55:02 thorpej Exp $ */

@@ -200,8 +200,6 @@ main(int argc, char *argv[])

af = AF_LOCAL;

else if (strcmp(optarg, "unix") == 0)

af = AF_UNIX;

- else if (strcmp(optarg, "encap") == 0)

- af = PF_KEY;

else if (strcmp(optarg, "mpls") == 0)

af = AF_MPLS;

else if (strcmp(optarg, "pflow") == 0)

diff --git a/usr.bin/netstat/netstat.1 b/usr.bin/netstat/netstat.1
index 30992709276..cbc0c033167 100644
--- a/usr.bin/netstat/netstat.1
+++ b/usr.bin/netstat/netstat.1

@@ -1,4 +1,4 @@

-.\" $OpenBSD: netstat.1,v 1.72 2014/10/23 16:45:57 schwarze Exp $

+.\" $OpenBSD: netstat.1,v 1.73 2015/02/06 03:22:00 reyk Exp $

.\" $NetBSD: netstat.1,v 1.11 1995/10/03 21:42:43 thorpej Exp $

.\"

@@ -30,7 +30,7 @@

.\"

.\" from: @(#)netstat.1 8.8 (Berkeley) 4/18/94

.\"

-.Dd $Mdocdate: October 23 2014 $

+.Dd $Mdocdate: February 6 2015 $

.Dt NETSTAT 1

.Os

.Sh NAME

@@ -156,7 +156,6 @@ of the specified

The following address families are recognized:

.Bl -column "Address Family" "AF_APPLETA" "Description" -offset indent

.It Sy "Address Family" Ta Sy "Constant" Ta Sy "Description"

-.It "encap" Ta Dv "PF_KEY" Ta "IPsec"

.It "inet" Ta Dv "AF_INET" Ta "IP Version 4"

.It "inet6" Ta Dv "AF_INET6" Ta "IP Version 6"

.It "local" Ta Dv "AF_LOCAL" Ta "Local to Host (i.e., pipes)"

diff --git a/usr.bin/netstat/route.c b/usr.bin/netstat/route.c
index 6b8bcb8ff65..a3aea57ef3c 100644
--- a/usr.bin/netstat/route.c
+++ b/usr.bin/netstat/route.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: route.c,v 1.96 2015/01/19 16:49:04 deraadt Exp $ */

+/* $OpenBSD: route.c,v 1.97 2015/02/06 03:22:00 reyk Exp $ */

/* $NetBSD: route.c,v 1.15 1996/05/07 02:55:06 thorpej Exp $ */

@@ -83,7 +83,6 @@ static void p_tree(struct radix_node *);

static void p_rtnode(void);

static void p_rtflags(u_char);

static void p_krtentry(struct rtentry *);

-static void encap_print(struct rtentry *);

* Print routing tables.

@@ -279,7 +278,7 @@ p_krtentry(struct rtentry *rt)

bcopy(kgetsa(rt_key(rt)), sa, sa->sa_len);

if (sa->sa_family == PF_KEY) {

- encap_print(rt);

+ /* Ignore PF_KEY entries */

return;

}

@@ -351,135 +350,3 @@ rt_stats(void)

printf("\t%u use%s of a wildcard route\n",

rtstat.rts_wildcard, plural(rtstat.rts_wildcard));

}

-static void

-encap_print(struct rtentry *rt)

- struct sockaddr_encap sen1, sen2, sen3;

- struct ipsec_policy ipo;

- struct sockaddr_in6 s61, s62;

- bcopy(kgetsa(rt_key(rt)), &sen1, sizeof(sen1));

- bcopy(kgetsa(rt_mask(rt)), &sen2, sizeof(sen2));

- bcopy(kgetsa(rt->rt_gateway), &sen3, sizeof(sen3));

- if (sen1.sen_type == SENT_IP4) {

- printf("%-18s %-5u ", netname4(sen1.sen_ip_src.s_addr,

- sen2.sen_ip_src.s_addr), ntohs(sen1.sen_sport));

- printf("%-18s %-5u %-5u ", netname4(sen1.sen_ip_dst.s_addr,

- sen2.sen_ip_dst.s_addr),

- ntohs(sen1.sen_dport), sen1.sen_proto);

- }

- if (sen1.sen_type == SENT_IP6) {

- bzero(&s61, sizeof(s61));

- bzero(&s62, sizeof(s62));

- s61.sin6_family = s62.sin6_family = AF_INET6;

- s61.sin6_len = s62.sin6_len = sizeof(s61);

- bcopy(&sen1.sen_ip6_src, &s61.sin6_addr, sizeof(struct in6_addr));

-#ifdef __KAME__

- if (IN6_IS_ADDR_LINKLOCAL(&s61.sin6_addr) ||

- IN6_IS_ADDR_MC_LINKLOCAL(&s61.sin6_addr) ||

- IN6_IS_ADDR_MC_INTFACELOCAL(&s61.sin6_addr)) {

- s61.sin6_scope_id =

- ((u_int16_t)s61.sin6_addr.s6_addr[2] << 8) |

- s61.sin6_addr.s6_addr[3];

- s61.sin6_addr.s6_addr[2] = s61.sin6_addr.s6_addr[3] = 0;

- }

-#endif

- bcopy(&sen2.sen_ip6_src, &s62.sin6_addr, sizeof(struct in6_addr));

-#ifdef __KAME__

- if (IN6_IS_ADDR_LINKLOCAL(&s62.sin6_addr) ||

- IN6_IS_ADDR_MC_LINKLOCAL(&s62.sin6_addr) ||

- IN6_IS_ADDR_MC_INTFACELOCAL(&s62.sin6_addr)) {

- s62.sin6_scope_id =

- ((u_int16_t)s62.sin6_addr.s6_addr[2] << 8) |

- s62.sin6_addr.s6_addr[3];

- s62.sin6_addr.s6_addr[2] = s62.sin6_addr.s6_addr[3] = 0;

- }

-#endif

- printf("%-42s %-5u ", netname6(&s61, &s62),

- ntohs(sen1.sen_ip6_sport));

- bzero(&s61, sizeof(s61));

- bzero(&s62, sizeof(s62));

- s61.sin6_family = s62.sin6_family = AF_INET6;

- s61.sin6_len = s62.sin6_len = sizeof(s61);

- bcopy(&sen1.sen_ip6_dst, &s61.sin6_addr, sizeof(struct in6_addr));

-#ifdef __KAME__

- if (IN6_IS_ADDR_LINKLOCAL(&s61.sin6_addr) ||

- IN6_IS_ADDR_MC_LINKLOCAL(&s61.sin6_addr) ||

- IN6_IS_ADDR_MC_INTFACELOCAL(&s61.sin6_addr)) {

- s61.sin6_scope_id =

- ((u_int16_t)s61.sin6_addr.s6_addr[2] << 8) |

- s61.sin6_addr.s6_addr[3];

- s61.sin6_addr.s6_addr[2] = s61.sin6_addr.s6_addr[3] = 0;

- }

-#endif

- bcopy(&sen2.sen_ip6_dst, &s62.sin6_addr, sizeof(struct in6_addr));

-#ifdef __KAME__

- if (IN6_IS_ADDR_LINKLOCAL(&s62.sin6_addr) ||

- IN6_IS_ADDR_MC_LINKLOCAL(&s62.sin6_addr) ||

- IN6_IS_ADDR_MC_INTFACELOCAL(&s62.sin6_addr)) {

- s62.sin6_scope_id =

- ((u_int16_t)s62.sin6_addr.s6_addr[2] << 8) |

- s62.sin6_addr.s6_addr[3];

- s62.sin6_addr.s6_addr[2] = s62.sin6_addr.s6_addr[3] = 0;

- }

-#endif

- printf("%-42s %-5u %-5u ", netname6(&s61, &s62),

- ntohs(sen1.sen_ip6_dport), sen1.sen_ip6_proto);

- }

- if (sen3.sen_type == SENT_IPSP) {

- char hostn[NI_MAXHOST];

- kread((u_long)sen3.sen_ipsp, &ipo, sizeof(ipo));

- if (getnameinfo(&ipo.ipo_dst.sa, ipo.ipo_dst.sa.sa_len,

- hostn, NI_MAXHOST, NULL, 0, NI_NUMERICHOST) != 0)

- strlcpy (hostn, "none", NI_MAXHOST);

- printf("%s", hostn);

- printf("/%-u", ipo.ipo_sproto);

- switch (ipo.ipo_type) {

- case IPSP_IPSEC_REQUIRE:

- printf("/require");

- break;

- case IPSP_IPSEC_ACQUIRE:

- printf("/acquire");

- break;

- case IPSP_IPSEC_USE:

- printf("/use");

- break;

- case IPSP_IPSEC_DONTACQ:

- printf("/dontacq");

- break;

- case IPSP_PERMIT:

- printf("/bypass");

- break;

- case IPSP_DENY:

- printf("/deny");

- break;

- default:

- printf("/<unknown type!>");

- break;

- }

- if ((ipo.ipo_addr.sen_type == SENT_IP4 &&

- ipo.ipo_addr.sen_direction == IPSP_DIRECTION_IN) ||

- (ipo.ipo_addr.sen_type == SENT_IP6 &&

- ipo.ipo_addr.sen_ip6_direction == IPSP_DIRECTION_IN))

- printf("/in\n");

- else if ((ipo.ipo_addr.sen_type == SENT_IP4 &&

- ipo.ipo_addr.sen_direction == IPSP_DIRECTION_OUT) ||

- (ipo.ipo_addr.sen_type == SENT_IP6 &&

- ipo.ipo_addr.sen_ip6_direction == IPSP_DIRECTION_OUT))

- printf("/out\n");

- else

- printf("/<unknown>\n");

- }

diff --git a/usr.bin/netstat/show.c b/usr.bin/netstat/show.c
index 8099bfcb182..ae539f97a14 100644
--- a/usr.bin/netstat/show.c
+++ b/usr.bin/netstat/show.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: show.c,v 1.44 2015/01/16 06:40:10 deraadt Exp $ */

+/* $OpenBSD: show.c,v 1.45 2015/02/06 03:22:00 reyk Exp $ */

/* $NetBSD: show.c,v 1.1 1996/11/15 18:01:41 gwr Exp $ */

@@ -36,11 +36,9 @@

#include <net/if.h>

#include <net/if_dl.h>

#include <net/if_types.h>

-#include <net/pfkeyv2.h>

#include <net/route.h>

#include <netinet/in.h>

#include <netinet/if_ether.h>

-#include <netinet/ip_ipsp.h>

#include <netmpls/mpls.h>

#include <arpa/inet.h>

@@ -64,8 +62,6 @@ char *label_print(struct sockaddr *);

((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))

#define ADVANCE(x, n) (x += ROUNDUP((n)->sa_len))

-#define PFKEYV2_CHUNK sizeof(u_int64_t)

* Definitions for showing gateway flags.

@@ -100,17 +96,12 @@ static const struct bits bits[] = {

int WID_DST(int);

void p_rtentry(struct rt_msghdr *);

-void p_pfkentry(struct sadb_msg *);

void pr_family(int);

-void p_encap(struct sockaddr *, struct sockaddr *, int);

-void p_protocol(struct sadb_protocol *, struct sockaddr *, struct

- sadb_protocol *, int);

void p_sockaddr(struct sockaddr *, struct sockaddr *, int, int);

void p_sockaddr_mpls(struct sockaddr *, struct sockaddr *, int, int);

void p_flags(int, char *);

char *routename4(in_addr_t);

char *routename6(struct sockaddr_in6 *);

-void index_pfk(struct sadb_msg *, void **);

* Print routing tables.

@@ -119,7 +110,6 @@ void

p_rttables(int af, u_int tableid)

{

struct rt_msghdr *rtm;

- struct sadb_msg *msg;

char *buf = NULL, *next, *lim = NULL;

size_t needed;

int mib[7], mcnt;

@@ -164,47 +154,6 @@ p_rttables(int af, u_int tableid)

free(buf);

buf = NULL;

}

- if (af != 0 && af != PF_KEY)

- return;

- mib[0] = CTL_NET;

- mib[1] = PF_KEY;

- mib[2] = PF_KEY_V2;

- mib[3] = NET_KEY_SPD_DUMP;

- mib[4] = mib[5] = 0;

- while (1) {

- if (sysctl(mib, 4, NULL, &needed, NULL, 0) == -1) {

- if (errno == ENOPROTOOPT)

- return;

- err(1, "spd-sysctl-estimate");

- }

- if (needed == 0)

- break;

- if ((buf = realloc(buf, needed)) == NULL)

- err(1, NULL);

- if (sysctl(mib, 4, buf, &needed, NULL, 0) == -1) {

- if (errno == ENOMEM)

- continue;

- err(1,"sysctl of spd");

- }

- lim = buf + needed;

- break;

- }

- if (buf) {

- printf("\nEncap:\n");

- for (next = buf; next < lim; next += msg->sadb_msg_len *

- PFKEYV2_CHUNK) {

- msg = (struct sadb_msg *)next;

- if (msg->sadb_msg_len == 0)

- break;

- p_pfkentry(msg);

- }

- free(buf);

- buf = NULL;

- }

}

@@ -335,53 +284,6 @@ p_rtentry(struct rt_msghdr *rtm)

}

- * Print a pfkey/encap entry.

- */

-void

-p_pfkentry(struct sadb_msg *msg)

- static int old = 0;

- struct sadb_address *saddr;

- struct sadb_protocol *sap, *saft;

- struct sockaddr *sa, *mask;

- void *headers[SADB_EXT_MAX + 1];

- if (!old) {

- pr_rthdr(PF_KEY, 0);

- old++;

- }

- bzero(headers, sizeof(headers));

- index_pfk(msg, headers);

- /* These are always set */

- saddr = headers[SADB_X_EXT_SRC_FLOW];

- sa = (struct sockaddr *)(saddr + 1);

- saddr = headers[SADB_X_EXT_SRC_MASK];

- mask = (struct sockaddr *)(saddr + 1);

- p_encap(sa, mask, WID_DST(sa->sa_family));

- /* These are always set, too. */

- saddr = headers[SADB_X_EXT_DST_FLOW];

- sa = (struct sockaddr *)(saddr + 1);

- saddr = headers[SADB_X_EXT_DST_MASK];

- mask = (struct sockaddr *)(saddr + 1);

- p_encap(sa, mask, WID_DST(sa->sa_family));

- /* Bypass and deny flows do not set SADB_EXT_ADDRESS_DST! */

- sap = headers[SADB_X_EXT_PROTOCOL];

- saft = headers[SADB_X_EXT_FLOW_TYPE];

- saddr = headers[SADB_EXT_ADDRESS_DST];

- if (saddr)

- sa = (struct sockaddr *)(saddr + 1);

- else

- sa = NULL;

- p_protocol(sap, sa, saft, msg->sadb_msg_satype);

- printf("\n");

-/*

* Print address family header before a section of the routing table.

void

@@ -425,97 +327,6 @@ p_gwaddr(struct sockaddr *sa, int af)

}

void

-p_encap(struct sockaddr *sa, struct sockaddr *mask, int width)

- char *cp;

- unsigned short port = 0;

- if (mask)

- cp = netname(sa, mask);

- else

- cp = routename(sa);

- switch (sa->sa_family) {

- case AF_INET:

- port = ntohs(((struct sockaddr_in *)sa)->sin_port);

- break;

- case AF_INET6:

- port = ntohs(((struct sockaddr_in6 *)sa)->sin6_port);

- break;

- }

- if (width < 0)

- printf("%s", cp);

- else {

- if (nflag)

- printf("%-*s %-5u ", width, cp, port);

- else

- printf("%-*.*s %-5u ", width, width, cp, port);

- }

-void

-p_protocol(struct sadb_protocol *sap, struct sockaddr *sa, struct sadb_protocol

- *saft, int proto)

- printf("%-6u", sap->sadb_protocol_proto);

- if (sa)

- p_sockaddr(sa, NULL, 0, -1);

- else

- printf("none");

- switch (proto) {

- case SADB_SATYPE_ESP:

- printf("/esp");

- break;

- case SADB_SATYPE_AH:

- printf("/ah");

- break;

- case SADB_X_SATYPE_IPCOMP:

- printf("/ipcomp");

- break;

- case SADB_X_SATYPE_IPIP:

- printf("/ipip");

- break;

- default:

- printf("/<unknown>");

- }

- switch(saft->sadb_protocol_proto) {

- case SADB_X_FLOW_TYPE_USE:

- printf("/use");

- break;

- case SADB_X_FLOW_TYPE_REQUIRE:

- printf("/require");

- break;

- case SADB_X_FLOW_TYPE_ACQUIRE:

- printf("/acquire");

- break;

- case SADB_X_FLOW_TYPE_DENY:

- printf("/deny");

- break;

- case SADB_X_FLOW_TYPE_BYPASS:

- printf("/bypass");

- break;

- case SADB_X_FLOW_TYPE_DONTACQ:

- printf("/dontacq");

- break;

- default:

- printf("/<unknown type>");

- }

- switch(saft->sadb_protocol_direction) {

- case IPSP_DIRECTION_IN:

- printf("/in");

- break;

- case IPSP_DIRECTION_OUT:

- printf("/out");

- break;

- default:

- printf("/<unknown>");

- }

-void

p_sockaddr(struct sockaddr *sa, struct sockaddr *mask, int flags, int width)

{

char *cp;

@@ -925,45 +736,3 @@ label_print(struct sockaddr *sa)

return (line);

}

-void

-index_pfk(struct sadb_msg *msg, void **headers)

- struct sadb_ext *ext;

- for (ext = (struct sadb_ext *)(msg + 1);

- (size_t)((u_int8_t *)ext - (u_int8_t *)msg) <

- msg->sadb_msg_len * PFKEYV2_CHUNK && ext->sadb_ext_len > 0;

- ext = (struct sadb_ext *)((u_int8_t *)ext +

- ext->sadb_ext_len * PFKEYV2_CHUNK)) {

- switch (ext->sadb_ext_type) {

- case SADB_EXT_ADDRESS_SRC:

- headers[SADB_EXT_ADDRESS_SRC] = (void *)ext;

- break;

- case SADB_EXT_ADDRESS_DST:

- headers[SADB_EXT_ADDRESS_DST] = (void *)ext;

- break;

- case SADB_X_EXT_PROTOCOL:

- headers[SADB_X_EXT_PROTOCOL] = (void *)ext;

- break;

- case SADB_X_EXT_SRC_FLOW:

- headers[SADB_X_EXT_SRC_FLOW] = (void *)ext;

- break;

- case SADB_X_EXT_DST_FLOW:

- headers[SADB_X_EXT_DST_FLOW] = (void *)ext;

- break;

- case SADB_X_EXT_SRC_MASK:

- headers[SADB_X_EXT_SRC_MASK] = (void *)ext;

- break;

- case SADB_X_EXT_DST_MASK:

- headers[SADB_X_EXT_DST_MASK] = (void *)ext;

- break;

- case SADB_X_EXT_FLOW_TYPE:

- headers[SADB_X_EXT_FLOW_TYPE] = (void *)ext;

- break;

- default:

- /* Ignore. */

- break;

- }