diff options
| author | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2012-06-29 15:01:08 +0000 |
|---|---|---|
| committer | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2012-06-29 15:01:08 +0000 |
| commit | e91992f52a22a0dab6b9b41462ff1cef325170a0 (patch) | |
| tree | 0a8da5d849bca7deebfd8ac909baf67155f2d33a /sbin | |
| parent | 1b047c0a705eb03c70912339bdc1e73ea765c248 (diff) | |
Print esn flag when dumping SAs with ESN enabled
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/ipsecctl/ipsecctl.c | 6 | ||||
| -rw-r--r-- | sbin/ipsecctl/ipsecctl.h | 3 | ||||
| -rw-r--r-- | sbin/ipsecctl/pfkdump.c | 3 |
3 files changed, 8 insertions, 4 deletions
diff --git a/sbin/ipsecctl/ipsecctl.c b/sbin/ipsecctl/ipsecctl.c index feff5c074ff..17f047ef145 100644 --- a/sbin/ipsecctl/ipsecctl.c +++ b/sbin/ipsecctl/ipsecctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsecctl.c,v 1.75 2011/11/08 16:49:32 jmc Exp $ */ +/* $OpenBSD: ipsecctl.c,v 1.76 2012/06/29 15:01:07 mikeb Exp $ */ /* * Copyright (c) 2004, 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org> * @@ -360,13 +360,15 @@ void ipsecctl_print_sa(struct ipsec_rule *r, int opts) { printf("%s ", satype[r->satype]); - /* tunnel/transport is only meaningful esp/ah/ipcomp */ + /* tunnel/transport is only meaningful for esp/ah/ipcomp */ if (r->satype != IPSEC_TCPMD5 && r->satype != IPSEC_IPIP) printf("%s ", tmode[r->tmode]); printf("from "); ipsecctl_print_addr(r->src); printf(" to "); ipsecctl_print_addr(r->dst); + if (r->esn) + printf(" esn"); printf(" spi 0x%08x", r->spi); if (r->satype != IPSEC_TCPMD5) { diff --git a/sbin/ipsecctl/ipsecctl.h b/sbin/ipsecctl/ipsecctl.h index 00463217733..97bea69ee67 100644 --- a/sbin/ipsecctl/ipsecctl.h +++ b/sbin/ipsecctl/ipsecctl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsecctl.h,v 1.62 2011/11/08 13:26:06 henning Exp $ */ +/* $OpenBSD: ipsecctl.h,v 1.63 2012/06/29 15:01:07 mikeb Exp $ */ /* * Copyright (c) 2004, 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org> * @@ -203,6 +203,7 @@ struct ipsec_rule { u_int8_t ikemode; u_int8_t p1ie; u_int8_t p2ie; + u_int8_t esn; u_int16_t sport; u_int16_t dport; u_int32_t spi; diff --git a/sbin/ipsecctl/pfkdump.c b/sbin/ipsecctl/pfkdump.c index cf8a72785d1..2c3a668e942 100644 --- a/sbin/ipsecctl/pfkdump.c +++ b/sbin/ipsecctl/pfkdump.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkdump.c,v 1.30 2011/04/13 11:31:27 markus Exp $ */ +/* $OpenBSD: pfkdump.c,v 1.31 2012/06/29 15:01:07 mikeb Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. @@ -637,6 +637,7 @@ pfkey_print_sa(struct sadb_msg *msg, int opts) r.tmode = (msg->sadb_msg_satype != SADB_X_SATYPE_TCPSIGNATURE) && (sa->sadb_sa_flags & SADB_X_SAFLAGS_TUNNEL) ? IPSEC_TUNNEL : IPSEC_TRANSPORT; + r.esn = sa->sadb_sa_flags & SADB_X_SAFLAGS_ESN ? 1 : 0; r.spi = ntohl(sa->sadb_sa_spi); switch (msg->sadb_msg_satype) { |