diff options
author | Martin Pieuchot <mpi@cvs.openbsd.org> | 2018-08-28 15:15:03 +0000 |
---|---|---|
committer | Martin Pieuchot <mpi@cvs.openbsd.org> | 2018-08-28 15:15:03 +0000 |
commit | 9a69e5e5080fd0727e7e2c1579a9b61513fc89ce (patch) | |
tree | 377f95fb32957c43286f01c4e6b79445531edbc9 /sys/netinet/ip_ipsp.h | |
parent | d217ce25e4d00cfe24084a832ee88ced2533e308 (diff) |
Add per-TDB counters and a new SADB extension to export them to
userland.
Inputs from markus@, ok sthen@
Diffstat (limited to 'sys/netinet/ip_ipsp.h')
-rw-r--r-- | sys/netinet/ip_ipsp.h | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h index ba8652e7773..49c9d661d57 100644 --- a/sys/netinet/ip_ipsp.h +++ b/sys/netinet/ip_ipsp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipsp.h,v 1.192 2018/07/12 15:51:50 mpi Exp $ */ +/* $OpenBSD: ip_ipsp.h,v 1.193 2018/08/28 15:15:02 mpi Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr), @@ -122,6 +122,8 @@ struct sockaddr_encap { #define IPSP_DIRECTION_OUT 0x2 struct ipsecstat { + uint64_t ipsec_tunnels; /* Number of active tunnels */ + uint64_t ipsec_prevtunnels; /* Past number of tunnels */ uint64_t ipsec_ipackets; /* Input IPsec packets */ uint64_t ipsec_opackets; /* Output IPsec packets */ uint64_t ipsec_ibytes; /* Input bytes */ @@ -135,6 +137,17 @@ struct ipsecstat { uint64_t ipsec_noxform; /* Crypto error */ }; +struct tdb_data { + uint64_t tdd_ipackets; /* Input IPsec packets */ + uint64_t tdd_opackets; /* Output IPsec packets */ + uint64_t tdd_ibytes; /* Input bytes */ + uint64_t tdd_obytes; /* Output bytes */ + uint64_t tdd_idrops; /* Dropped on input */ + uint64_t tdd_odrops; /* Dropped on output */ + uint64_t tdd_idecompbytes; /* Input bytes, decompressed */ + uint64_t tdd_ouncompbytes; /* Output bytes, uncompressed */ +}; + #ifdef _KERNEL #include <sys/timeout.h> @@ -144,6 +157,8 @@ struct ipsecstat { #include <sys/percpu.h> enum ipsec_counters { + ipsec_tunnels, + ipsec_prevtunnels, ipsec_ipackets, ipsec_opackets, ipsec_ibytes, @@ -167,6 +182,12 @@ ipsecstat_inc(enum ipsec_counters c) } static inline void +ipsecstat_dec(enum ipsec_counters c) +{ + counters_dec(ipseccounters, c); +} + +static inline void ipsecstat_add(enum ipsec_counters c, uint64_t v) { counters_add(ipseccounters, c, v); @@ -350,6 +371,7 @@ struct tdb { /* tunnel descriptor block */ u_int64_t tdb_last_used; /* When was this SA last used */ u_int64_t tdb_last_marked;/* Last SKIPCRYPTO status change */ + struct tdb_data tdb_data; /* stats about this TDB */ u_int64_t tdb_cryptoid; /* Crypto session ID */ u_int32_t tdb_spi; /* SPI */ @@ -394,6 +416,14 @@ struct tdb { /* tunnel descriptor block */ TAILQ_HEAD(tdb_policy_head, ipsec_policy) tdb_policy_head; TAILQ_ENTRY(tdb) tdb_sync_entry; }; +#define tdb_ipackets tdb_data.tdd_ipackets +#define tdb_opackets tdb_data.tdd_opackets +#define tdb_ibytes tdb_data.tdd_ibytes +#define tdb_obytes tdb_data.tdd_obytes +#define tdb_idrops tdb_data.tdd_idrops +#define tdb_odrops tdb_data.tdd_odrops +#define tdb_idecompbytes tdb_data.tdd_idecompbytes +#define tdb_ouncompbytes tdb_data.tdd_ouncompbytes struct tdb_ident { |