summaryrefslogtreecommitdiff
path: root/sbin/sysctl
diff options
context:
space:
mode:
authorAngelos D. Keromytis <angelos@cvs.openbsd.org>1997-07-15 00:38:16 +0000
committerAngelos D. Keromytis <angelos@cvs.openbsd.org>1997-07-15 00:38:16 +0000
commit25cd5ae9fcfc1df67e3f8ae81ad01e57b6184942 (patch)
tree2cb4ad223c18be2309d9c54ade97d599b23f42c8 /sbin/sysctl
parent01b9cd8197607807bcfcf13d3a660c9ee170492f (diff)
sysctl for PF_ENCAP.
Diffstat (limited to 'sbin/sysctl')
-rw-r--r--sbin/sysctl/sysctl.83
-rw-r--r--sbin/sysctl/sysctl.c97
2 files changed, 79 insertions, 21 deletions
diff --git a/sbin/sysctl/sysctl.8 b/sbin/sysctl/sysctl.8
index fa0511b8646..9ffc0ea4fd7 100644
--- a/sbin/sysctl/sysctl.8
+++ b/sbin/sysctl/sysctl.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: sysctl.8,v 1.9 1997/06/14 21:37:11 mickey Exp $
+.\" $OpenBSD: sysctl.8,v 1.10 1997/07/15 00:38:14 angelos Exp $
.\" $NetBSD: sysctl.8,v 1.4 1995/09/30 07:12:49 thorpej Exp $
.\"
.\" Copyright (c) 1993
@@ -159,6 +159,7 @@ privilege can change the value.
.It net.inet.udp.checksum integer yes
.It net.ipx.ipx.recvspace integer yes
.It net.ipx.ipx.sendspace integer yes
+.It net.ipsec.encap.encdebug integer yes
.It debug.syncprt integer yes
.It debug.busyprt integer yes
.It debug.doclusterread integer yes
diff --git a/sbin/sysctl/sysctl.c b/sbin/sysctl/sysctl.c
index 91e93393cec..5812842bb17 100644
--- a/sbin/sysctl/sysctl.c
+++ b/sbin/sysctl/sysctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sysctl.c,v 1.11 1997/06/28 07:05:34 deraadt Exp $ */
+/* $OpenBSD: sysctl.c,v 1.12 1997/07/15 00:38:15 angelos Exp $ */
/* $NetBSD: sysctl.c,v 1.9 1995/09/30 07:12:50 thorpej Exp $ */
/*
@@ -44,7 +44,7 @@ static char copyright[] =
#if 0
static char sccsid[] = "@(#)sysctl.c 8.1 (Berkeley) 6/6/93";
#else
-static char *rcsid = "$OpenBSD: sysctl.c,v 1.11 1997/06/28 07:05:34 deraadt Exp $";
+static char *rcsid = "$OpenBSD: sysctl.c,v 1.12 1997/07/15 00:38:15 angelos Exp $";
#endif
#endif /* not lint */
@@ -73,6 +73,8 @@ static char *rcsid = "$OpenBSD: sysctl.c,v 1.11 1997/06/28 07:05:34 deraadt Exp
#include <netipx/spx_var.h>
#include <ddb/db_var.h>
#include <dev/rndvar.h>
+#include <net/encap.h>
+#include <netinet/ip_ipsp.h>
#include <errno.h>
#include <stdio.h>
@@ -133,6 +135,7 @@ void parse __P(( char *string, int flags));
void listall __P((char *prefix, struct list *lp));
int findname __P((char *string, char *level, char **bufp, struct list *namelist));
int sysctl_inet __P((char *string, char **bufpp, int mib[], int flags, int *typep));
+int sysctl_ipsec __P((char *string, char **bufpp, int mib[], int flags, int *typep));
int sysctl_ipx __P((char *string, char **bufpp, int mib[], int flags, int *typep));
int sysctl_fs __P((char *string, char **bufpp, int mib[], int flags, int *typep));
@@ -355,6 +358,12 @@ parse(string, flags)
break;
return;
}
+ if (mib[1] == PF_ENCAP) {
+ len = sysctl_ipsec(string, &bufp, mib, flags, &type);
+ if (len >= 0)
+ break;
+ return;
+ }
if (flags == 0)
return;
fprintf(stderr, "Use netstat to view %s information\n", string);
@@ -578,6 +587,54 @@ sysctl_fs(string, bufpp, mib, flags, typep)
return (3);
}
+struct ctlname encapname[] = ENCAPCTL_NAMES;
+struct ctlname ipsecname[] = CTL_IPSEC_NAMES;
+struct list ipseclist = { ipsecname, IPSECCTL_MAXID };
+struct list ipsecvars[] = {
+ { encapname, ENCAPCTL_MAXID },
+};
+
+/*
+ * handle ipsec requests
+ */
+int
+sysctl_ipsec(string, bufpp, mib, flags, typep)
+ char *string;
+ char **bufpp;
+ int mib[];
+ int flags;
+ int *typep;
+{
+ struct list *lp;
+ int indx;
+
+ if (*bufpp == NULL) {
+ listall(string, &ipseclist);
+ return (-1);
+ }
+ if ((indx = findname(string, "third", bufpp, &ipseclist)) == -1)
+ return (-1);
+ mib[2] = indx;
+ if (indx <= IPSECCTL_MAXID && ipsecvars[indx].list != NULL)
+ lp = &ipsecvars[indx];
+ else if (!flags)
+ return (-1);
+ else {
+ fprintf(stderr, "%s: no variables defined for this protocol\n",
+ string);
+ return (-1);
+ }
+ if (*bufpp == NULL) {
+ listall(string, lp);
+ return (-1);
+ }
+ if ((indx = findname(string, "fourth", bufpp, lp)) == -1)
+ return (-1);
+ mib[3] = indx;
+ *typep = lp->list[indx].ctl_type;
+ return (4);
+}
+
struct ctlname inetname[] = CTL_IPPROTO_NAMES;
struct ctlname ipname[] = IPCTL_NAMES;
struct ctlname icmpname[] = ICMPCTL_NAMES;
@@ -585,24 +642,24 @@ struct ctlname tcpname[] = TCPCTL_NAMES;
struct ctlname udpname[] = UDPCTL_NAMES;
struct list inetlist = { inetname, IPPROTO_MAXID };
struct list inetvars[] = {
- { ipname, IPCTL_MAXID }, /* ip */
- { icmpname, ICMPCTL_MAXID }, /* icmp */
- { 0, 0 }, /* igmp */
- { 0, 0 }, /* ggmp */
- { 0, 0 },
- { 0, 0 },
- { tcpname, TCPCTL_MAXID }, /* tcp */
- { 0, 0 },
- { 0, 0 }, /* egp */
- { 0, 0 },
- { 0, 0 },
- { 0, 0 },
- { 0, 0 }, /* pup */
- { 0, 0 },
- { 0, 0 },
- { 0, 0 },
- { 0, 0 },
- { udpname, UDPCTL_MAXID }, /* udp */
+ { ipname, IPCTL_MAXID }, /* ip */
+ { icmpname, ICMPCTL_MAXID }, /* icmp */
+ { 0, 0 }, /* igmp */
+ { 0, 0 }, /* ggmp */
+ { 0, 0 },
+ { 0, 0 },
+ { tcpname, TCPCTL_MAXID }, /* tcp */
+ { 0, 0 },
+ { 0, 0 }, /* egp */
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 }, /* pup */
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+ { udpname, UDPCTL_MAXID }, /* udp */
};
/*