diff options
author | Martin Pieuchot <mpi@cvs.openbsd.org> | 2018-08-28 15:15:03 +0000 |
---|---|---|
committer | Martin Pieuchot <mpi@cvs.openbsd.org> | 2018-08-28 15:15:03 +0000 |
commit | 9a69e5e5080fd0727e7e2c1579a9b61513fc89ce (patch) | |
tree | 377f95fb32957c43286f01c4e6b79445531edbc9 /sys/net | |
parent | d217ce25e4d00cfe24084a832ee88ced2533e308 (diff) |
Add per-TDB counters and a new SADB extension to export them to
userland.
Inputs from markus@, ok sthen@
Diffstat (limited to 'sys/net')
-rw-r--r-- | sys/net/pfkeyv2.c | 8 | ||||
-rw-r--r-- | sys/net/pfkeyv2.h | 19 | ||||
-rw-r--r-- | sys/net/pfkeyv2_convert.c | 21 |
3 files changed, 43 insertions, 5 deletions
diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c index cba1d67b9fb..10ebbf985a8 100644 --- a/sys/net/pfkeyv2.c +++ b/sys/net/pfkeyv2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2.c,v 1.189 2018/07/10 20:28:34 claudio Exp $ */ +/* $OpenBSD: pfkeyv2.c,v 1.190 2018/08/28 15:15:02 mpi Exp $ */ /* * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 @@ -793,7 +793,8 @@ pfkeyv2_get(struct tdb *sa, void **headers, void **buffer, int *lenp) void *p; /* Find how much space we need */ - i = sizeof(struct sadb_sa) + sizeof(struct sadb_lifetime); + i = sizeof(struct sadb_sa) + sizeof(struct sadb_lifetime) + + sizeof(struct sadb_x_counter); if (sa->tdb_soft_allocations || sa->tdb_soft_bytes || sa->tdb_soft_timeout || sa->tdb_soft_first_use) @@ -955,6 +956,9 @@ pfkeyv2_get(struct tdb *sa, void **headers, void **buffer, int *lenp) } #endif + headers[SADB_X_EXT_COUNTER] = p; + export_counter(&p, sa); + rval = 0; ret: diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h index 5b801950967..7c5d9a62eaf 100644 --- a/sys/net/pfkeyv2.h +++ b/sys/net/pfkeyv2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2.h,v 1.79 2017/11/20 10:56:51 mpi Exp $ */ +/* $OpenBSD: pfkeyv2.h,v 1.80 2018/08/28 15:15:02 mpi Exp $ */ /* * @(#)COPYRIGHT 1.1 (NRL) January 1998 * @@ -218,6 +218,19 @@ struct sadb_x_tap { u_int32_t sadb_x_tap_unit; }; +struct sadb_x_counter { + uint16_t sadb_x_counter_len; + uint16_t sadb_x_counter_exttype; + uint64_t sadb_x_counter_ipackets; /* Input IPsec packets */ + uint64_t sadb_x_counter_opackets; /* Output IPsec packets */ + uint64_t sadb_x_counter_ibytes; /* Input bytes */ + uint64_t sadb_x_counter_obytes; /* Output bytes */ + uint64_t sadb_x_counter_idrops; /* Dropped on input */ + uint64_t sadb_x_counter_odrops; /* Dropped on output */ + uint64_t sadb_x_counter_idecompbytes; /* Input bytes, decompressed */ + uint64_t sadb_x_counter_ouncompbytes; /* Output bytes, uncompressed */ +}; + #ifdef _KERNEL #define SADB_X_GETSPROTO(x) \ ( (x) == SADB_SATYPE_AH ? IPPROTO_AH :\ @@ -262,7 +275,8 @@ struct sadb_x_tap { #define SADB_X_EXT_TAG 33 #define SADB_X_EXT_TAP 34 #define SADB_X_EXT_SATYPE2 35 -#define SADB_EXT_MAX 35 +#define SADB_X_EXT_COUNTER 36 +#define SADB_EXT_MAX 36 /* Fix pfkeyv2.c struct pfkeyv2_socket if SATYPE_MAX > 31 */ #define SADB_SATYPE_UNSPEC 0 @@ -396,6 +410,7 @@ void export_udpencap(void **, struct tdb *); void export_tag(void **, struct tdb *); void export_tap(void **, struct tdb *); void export_satype(void **, struct tdb *); +void export_counter(void **, struct tdb *); void import_address(struct sockaddr *, struct sadb_address *); void import_identities(struct ipsec_ids **, int, struct sadb_ident *, diff --git a/sys/net/pfkeyv2_convert.c b/sys/net/pfkeyv2_convert.c index 3656994ff19..dff1984b60b 100644 --- a/sys/net/pfkeyv2_convert.c +++ b/sys/net/pfkeyv2_convert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2_convert.c,v 1.63 2018/01/11 16:02:31 bluhm Exp $ */ +/* $OpenBSD: pfkeyv2_convert.c,v 1.64 2018/08/28 15:15:02 mpi Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@keromytis.org) * @@ -898,3 +898,22 @@ export_satype(void **p, struct tdb *tdb) sab->sadb_protocol_proto = tdb->tdb_satype; *p += sizeof(struct sadb_protocol); } + +void +export_counter(void **p, struct tdb *tdb) +{ + struct sadb_x_counter *scnt = (struct sadb_x_counter *)*p; + + scnt->sadb_x_counter_len = + sizeof(struct sadb_x_counter) / sizeof(uint64_t); + scnt->sadb_x_counter_exttype = SADB_X_EXT_COUNTER; + scnt->sadb_x_counter_ipackets = tdb->tdb_ipackets; + scnt->sadb_x_counter_opackets = tdb->tdb_opackets; + scnt->sadb_x_counter_ibytes = tdb->tdb_ibytes; + scnt->sadb_x_counter_obytes = tdb->tdb_obytes; + scnt->sadb_x_counter_idrops = tdb->tdb_idrops; + scnt->sadb_x_counter_odrops = tdb->tdb_odrops; + scnt->sadb_x_counter_idecompbytes = tdb->tdb_idecompbytes; + scnt->sadb_x_counter_ouncompbytes = tdb->tdb_ouncompbytes; + *p += sizeof(struct sadb_x_counter); +} |