diff options
author | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-11-10 14:49:50 +0000 |
---|---|---|
committer | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-11-10 14:49:50 +0000 |
commit | ecd3743a3bca6af666ecbc40f22288e454d80564 (patch) | |
tree | cc0d062af35211300d07b344ec642558b42f4a01 | |
parent | 83f01ed72a350e5bf86484eeb4410b043770af62 (diff) |
When using -vv, also show grouped SAs.
-rw-r--r-- | sbin/ipsecctl/ipsecctl.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/sbin/ipsecctl/ipsecctl.c b/sbin/ipsecctl/ipsecctl.c index a2ac727ff6b..1a8b14e145a 100644 --- a/sbin/ipsecctl/ipsecctl.c +++ b/sbin/ipsecctl/ipsecctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsecctl.c,v 1.62 2006/11/01 03:12:14 mcbride Exp $ */ +/* $OpenBSD: ipsecctl.c,v 1.63 2006/11/10 14:49:49 hshoexer Exp $ */ /* * Copyright (c) 2004, 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org> * @@ -51,6 +51,7 @@ void ipsecctl_print_port(u_int16_t, const char *); void ipsecctl_print_key(struct ipsec_key *); void ipsecctl_print_flow(struct ipsec_rule *, int); void ipsecctl_print_sa(struct ipsec_rule *, int); +void ipsecctl_print_sagroup(struct ipsec_rule *, int); int ipsecctl_flush(int); void ipsecctl_get_rules(struct ipsecctl *); void ipsecctl_print_title(char *); @@ -397,6 +398,21 @@ ipsecctl_print_sa(struct ipsec_rule *r, int opts) } void +ipsecctl_print_sagroup(struct ipsec_rule *r, int opts) +{ + if (!(opts & IPSECCTL_OPT_VERBOSE2)) + return; + + printf("[group %s to ", satype[r->proto]); + ipsecctl_print_addr(r->dst); + printf(" spi 0x%08x with %s to ", r->spi, satype[r->proto2]); + ipsecctl_print_addr(r->dst2); + printf(" spi 0x%08x", r->spi2); + + printf("]\n"); +} + +void ipsecctl_print_rule(struct ipsec_rule *r, int opts) { if (opts & IPSECCTL_OPT_VERBOSE2) @@ -408,6 +424,8 @@ ipsecctl_print_rule(struct ipsec_rule *r, int opts) ipsecctl_print_sa(r, opts); if (r->type & RULE_IKE) ike_print_config(r, opts); + if (r->type & RULE_GROUP) + ipsecctl_print_sagroup(r, opts); } int |