src - OpenBSD base system

diff options


context:
space:
mode:

author	Reyk Floeter <reyk@cvs.openbsd.org>	2015-02-06 03:22:01 +0000
committer	Reyk Floeter <reyk@cvs.openbsd.org>	2015-02-06 03:22:01 +0000
commit	01d4d73c049c5a5352463f69843a549758f8642f (patch)
tree	27cc621a699244eb22360d2c856a9568f9d2f9a3 /sbin
parent	24d7e945c8550ee888200128a61e7415479dad74 (diff)

Remove route/netstat -f encap in favor of ipsecctl -s flow.

OK deraadt@

Diffstat (limited to 'sbin')

-rw-r--r--

sbin/route/keywords.h

-rw-r--r--

sbin/route/keywords.sh

-rw-r--r--

sbin/route/route.8

-rw-r--r--

sbin/route/route.c

-rw-r--r--

sbin/route/show.c

233

5 files changed, 6 insertions, 247 deletions

diff --git a/sbin/route/keywords.h b/sbin/route/keywords.h
index 79e1baa14a2..61749896682 100644
--- a/sbin/route/keywords.h
+++ b/sbin/route/keywords.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: keywords.h,v 1.28 2014/01/22 06:23:37 claudio Exp $ */

+/* $OpenBSD: keywords.h,v 1.29 2015/02/06 03:22:00 reyk Exp $ */

/* WARNING! This file was generated by keywords.sh */

@@ -15,7 +15,6 @@ enum {

K_CLONING,

K_DELETE,

K_DST,

- K_ENCAP,

K_EXEC,

K_EXPIRE,

K_FLUSH,

@@ -72,7 +71,6 @@ struct keytab keywords[] = {

{ "cloning", K_CLONING },

{ "delete", K_DELETE },

{ "dst", K_DST },

- { "encap", K_ENCAP },

{ "exec", K_EXEC },

{ "expire", K_EXPIRE },

{ "flush", K_FLUSH },

diff --git a/sbin/route/keywords.sh b/sbin/route/keywords.sh
index 66459d88c12..db99593dbc6 100644
--- a/sbin/route/keywords.sh
+++ b/sbin/route/keywords.sh

@@ -1,5 +1,5 @@

#!/bin/sh

-# $OpenBSD: keywords.sh,v 1.26 2014/01/22 06:23:37 claudio Exp $

+# $OpenBSD: keywords.sh,v 1.27 2015/02/06 03:22:00 reyk Exp $

# $NetBSD: keywords.sh,v 1.2 1996/11/15 18:57:21 gwr Exp $

# @(#)keywords 8.2 (Berkeley) 3/19/94

@@ -16,7 +16,6 @@ change

cloning

delete

dst

-encap

exec

expire

flush

diff --git a/sbin/route/route.8 b/sbin/route/route.8
index 012df2292e6..d867e872a52 100644
--- a/sbin/route/route.8
+++ b/sbin/route/route.8

@@ -1,4 +1,4 @@

-.\" $OpenBSD: route.8,v 1.73 2014/02/26 21:10:03 claudio Exp $

+.\" $OpenBSD: route.8,v 1.74 2015/02/06 03:22:00 reyk Exp $

.\" $NetBSD: route.8,v 1.6 1995/03/18 15:00:13 cgd Exp $

.\"

@@ -30,7 +30,7 @@

.\"

.\" @(#)route.8 8.3 (Berkeley) 3/19/94

.\"

-.Dd $Mdocdate: February 26 2014 $

+.Dd $Mdocdate: February 6 2015 $

.Dt ROUTE 8

.Os

.Sh NAME

@@ -296,10 +296,6 @@ Internet Protocol version 4 (IPv4) addresses

Internet Protocol version 6 (IPv6) addresses

(see

.Xr ip6 4 )

-.It Fl encap

-IPsec

-(see

-.Xr ipsec 4 )

.It Fl link

Hardware (link-level) addresses

.It Fl mpls

diff --git a/sbin/route/route.c b/sbin/route/route.c
index 621852a70b1..c3607844622 100644
--- a/sbin/route/route.c
+++ b/sbin/route/route.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: route.c,v 1.171 2015/01/16 06:40:00 deraadt Exp $ */

+/* $OpenBSD: route.c,v 1.172 2015/02/06 03:22:00 reyk Exp $ */

/* $NetBSD: route.c,v 1.16 1996/04/15 18:27:05 cgd Exp $ */

@@ -679,9 +679,6 @@ show(int argc, char *argv[])

case K_MPLS:

af = AF_MPLS;

break;

- case K_ENCAP:

- af = PF_KEY;

- break;

case K_GATEWAY:

Fflag = 1;

break;

diff --git a/sbin/route/show.c b/sbin/route/show.c
index 576f6ef41f7..c2971056b44 100644
--- a/sbin/route/show.c
+++ b/sbin/route/show.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: show.c,v 1.97 2015/01/16 06:40:00 deraadt Exp $ */

+/* $OpenBSD: show.c,v 1.98 2015/02/06 03:22:00 reyk Exp $ */

/* $NetBSD: show.c,v 1.1 1996/11/15 18:01:41 gwr Exp $ */

@@ -36,11 +36,9 @@

#include <net/if.h>

#include <net/if_dl.h>

#include <net/if_types.h>

-#include <net/pfkeyv2.h>

#include <net/route.h>

#include <netinet/in.h>

#include <netinet/if_ether.h>

-#include <netinet/ip_ipsp.h>

#include <netmpls/mpls.h>

#include <arpa/inet.h>

@@ -64,8 +62,6 @@ char *label_print(struct sockaddr *);

((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))

#define ADVANCE(x, n) (x += ROUNDUP((n)->sa_len))

-#define PFKEYV2_CHUNK sizeof(u_int64_t)

* Definitions for showing gateway flags.

@@ -101,11 +97,7 @@ static const struct bits bits[] = {

int WID_DST(int);

void pr_rthdr(int);

void p_rtentry(struct rt_msghdr *);

-void p_pfkentry(struct sadb_msg *);

void pr_family(int);

-void p_encap(struct sockaddr *, struct sockaddr *, int);

-void p_protocol(struct sadb_protocol *, struct sockaddr *, struct

- sadb_protocol *, int);

void p_sockaddr(struct sockaddr *, struct sockaddr *, int, int);

void p_sockaddr_mpls(struct sockaddr *, struct sockaddr *, int, int);

void p_flags(int, char *);

@@ -113,7 +105,6 @@ char *routename4(in_addr_t);

char *routename6(struct sockaddr_in6 *);

char *netname4(in_addr_t, struct sockaddr_in *);

char *netname6(struct sockaddr_in6 *, struct sockaddr_in6 *);

-void index_pfk(struct sadb_msg *, void **);

* Print routing tables.

@@ -122,7 +113,6 @@ void

p_rttables(int af, u_int tableid, int hastable)

{

struct rt_msghdr *rtm;

- struct sadb_msg *msg;

char *buf = NULL, *next, *lim = NULL;

size_t needed;

int mib[7], mcnt;

@@ -171,47 +161,6 @@ p_rttables(int af, u_int tableid, int hastable)

free(buf);

buf = NULL;

}

- if (af != 0 && af != PF_KEY)

- return;

- mib[0] = CTL_NET;

- mib[1] = PF_KEY;

- mib[2] = PF_KEY_V2;

- mib[3] = NET_KEY_SPD_DUMP;

- mib[4] = mib[5] = 0;

- while (1) {

- if (sysctl(mib, 4, NULL, &needed, NULL, 0) == -1) {

- if (errno == ENOPROTOOPT)

- return;

- err(1, "spd-sysctl-estimate");

- }

- if (needed == 0)

- break;

- if ((buf = realloc(buf, needed)) == NULL)

- err(1, NULL);

- if (sysctl(mib, 4, buf, &needed, NULL, 0) == -1) {

- if (errno == ENOMEM)

- continue;

- err(1,"sysctl of spd");

- }

- lim = buf + needed;

- break;

- }

- if (buf) {

- printf("\nEncap:\n");

- for (next = buf; next < lim; next += msg->sadb_msg_len *

- PFKEYV2_CHUNK) {

- msg = (struct sadb_msg *)next;

- if (msg->sadb_msg_len == 0)

- break;

- p_pfkentry(msg);

- }

- free(buf);

- buf = NULL;

- }

}

@@ -351,53 +300,6 @@ p_rtentry(struct rt_msghdr *rtm)

}

- * Print a pfkey/encap entry.

- */

-void

-p_pfkentry(struct sadb_msg *msg)

- static int old = 0;

- struct sadb_address *saddr;

- struct sadb_protocol *sap, *saft;

- struct sockaddr *sa, *mask;

- void *headers[SADB_EXT_MAX + 1];

- if (!old) {

- pr_rthdr(PF_KEY);

- old++;

- }

- bzero(headers, sizeof(headers));

- index_pfk(msg, headers);

- /* These are always set */

- saddr = headers[SADB_X_EXT_SRC_FLOW];

- sa = (struct sockaddr *)(saddr + 1);

- saddr = headers[SADB_X_EXT_SRC_MASK];

- mask = (struct sockaddr *)(saddr + 1);

- p_encap(sa, mask, WID_DST(sa->sa_family));

- /* These are always set, too. */

- saddr = headers[SADB_X_EXT_DST_FLOW];

- sa = (struct sockaddr *)(saddr + 1);

- saddr = headers[SADB_X_EXT_DST_MASK];

- mask = (struct sockaddr *)(saddr + 1);

- p_encap(sa, mask, WID_DST(sa->sa_family));

- /* Bypass and deny flows do not set SADB_EXT_ADDRESS_DST! */

- sap = headers[SADB_X_EXT_PROTOCOL];

- saft = headers[SADB_X_EXT_FLOW_TYPE];

- saddr = headers[SADB_EXT_ADDRESS_DST];

- if (saddr)

- sa = (struct sockaddr *)(saddr + 1);

- else

- sa = NULL;

- p_protocol(sap, sa, saft, msg->sadb_msg_satype);

- printf("\n");

-/*

* Print address family header before a section of the routing table.

void

@@ -429,97 +331,6 @@ pr_family(int af)

}

void

-p_encap(struct sockaddr *sa, struct sockaddr *mask, int width)

- char *cp;

- unsigned short port = 0;

- if (mask)

- cp = netname(sa, mask);

- else

- cp = routename(sa);

- switch (sa->sa_family) {

- case AF_INET:

- port = ntohs(((struct sockaddr_in *)sa)->sin_port);

- break;

- case AF_INET6:

- port = ntohs(((struct sockaddr_in6 *)sa)->sin6_port);

- break;

- }

- if (width < 0)

- printf("%s", cp);

- else {

- if (nflag)

- printf("%-*s %-5u ", width, cp, port);

- else

- printf("%-*.*s %-5u ", width, width, cp, port);

- }

-void

-p_protocol(struct sadb_protocol *sap, struct sockaddr *sa, struct sadb_protocol

- *saft, int proto)

- printf("%-6u", sap->sadb_protocol_proto);

- if (sa)

- p_sockaddr(sa, NULL, 0, -1);

- else

- printf("none");

- switch (proto) {

- case SADB_SATYPE_ESP:

- printf("/esp");

- break;

- case SADB_SATYPE_AH:

- printf("/ah");

- break;

- case SADB_X_SATYPE_IPCOMP:

- printf("/ipcomp");

- break;

- case SADB_X_SATYPE_IPIP:

- printf("/ipip");

- break;

- default:

- printf("/<unknown>");

- }

- switch(saft->sadb_protocol_proto) {

- case SADB_X_FLOW_TYPE_USE:

- printf("/use");

- break;

- case SADB_X_FLOW_TYPE_REQUIRE:

- printf("/require");

- break;

- case SADB_X_FLOW_TYPE_ACQUIRE:

- printf("/acquire");

- break;

- case SADB_X_FLOW_TYPE_DENY:

- printf("/deny");

- break;

- case SADB_X_FLOW_TYPE_BYPASS:

- printf("/bypass");

- break;

- case SADB_X_FLOW_TYPE_DONTACQ:

- printf("/dontacq");

- break;

- default:

- printf("/<unknown type>");

- }

- switch(saft->sadb_protocol_direction) {

- case IPSP_DIRECTION_IN:

- printf("/in");

- break;

- case IPSP_DIRECTION_OUT:

- printf("/out");

- break;

- default:

- printf("/<unknown>");

- }

-void

p_sockaddr(struct sockaddr *sa, struct sockaddr *mask, int flags, int width)

{

char *cp;

@@ -937,45 +748,3 @@ label_print(struct sockaddr *sa)

return (line);

}

-void

-index_pfk(struct sadb_msg *msg, void **headers)

- struct sadb_ext *ext;

- for (ext = (struct sadb_ext *)(msg + 1);

- (size_t)((u_int8_t *)ext - (u_int8_t *)msg) <

- msg->sadb_msg_len * PFKEYV2_CHUNK && ext->sadb_ext_len > 0;

- ext = (struct sadb_ext *)((u_int8_t *)ext +

- ext->sadb_ext_len * PFKEYV2_CHUNK)) {

- switch (ext->sadb_ext_type) {

- case SADB_EXT_ADDRESS_SRC:

- headers[SADB_EXT_ADDRESS_SRC] = (void *)ext;

- break;

- case SADB_EXT_ADDRESS_DST:

- headers[SADB_EXT_ADDRESS_DST] = (void *)ext;

- break;

- case SADB_X_EXT_PROTOCOL:

- headers[SADB_X_EXT_PROTOCOL] = (void *)ext;

- break;

- case SADB_X_EXT_SRC_FLOW:

- headers[SADB_X_EXT_SRC_FLOW] = (void *)ext;

- break;

- case SADB_X_EXT_DST_FLOW:

- headers[SADB_X_EXT_DST_FLOW] = (void *)ext;

- break;

- case SADB_X_EXT_SRC_MASK:

- headers[SADB_X_EXT_SRC_MASK] = (void *)ext;

- break;

- case SADB_X_EXT_DST_MASK:

- headers[SADB_X_EXT_DST_MASK] = (void *)ext;

- break;

- case SADB_X_EXT_FLOW_TYPE:

- headers[SADB_X_EXT_FLOW_TYPE] = (void *)ext;

- break;

- default:

- /* Ignore. */

- break;

- }