1 /* $NetBSD: pfkey.c,v 1.5 2022/09/02 06:25:43 msaitoh Exp $ */
2 /* $KAME: ipsec.c,v 1.33 2003/07/25 09:54:32 itojun Exp $ */
3
4 /*
5 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 /*
34 * Copyright (c) 1983, 1988, 1993
35 * The Regents of the University of California. All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. Neither the name of the University nor the names of its contributors
46 * may be used to endorse or promote products derived from this software
47 * without specific prior written permission.
48 *
49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59 * SUCH DAMAGE.
60 */
61
62 #include <sys/cdefs.h>
63 #ifndef lint
64 #if 0
65 static char sccsid[] = "from: @(#)inet.c 8.4 (Berkeley) 4/20/94";
66 #else
67 #ifdef __NetBSD__
68 __RCSID("$NetBSD: pfkey.c,v 1.5 2022/09/02 06:25:43 msaitoh Exp $");
69 #endif
70 #endif
71 #endif /* not lint */
72
73 #include <sys/param.h>
74 #include <sys/queue.h>
75 #include <sys/socket.h>
76 #include <sys/sysctl.h>
77
78 #ifdef IPSEC
79 #include <netipsec/keysock.h>
80 #endif
81
82 #include <err.h>
83 #include <errno.h>
84 #include <stdio.h>
85 #include <string.h>
86 #include <unistd.h>
87 #include "netstat.h"
88 #include "prog_ops.h"
89
90 #ifdef IPSEC
91
92 static const char *pfkey_msgtypenames[] = {
93 "reserved", "getspi", "update", "add", "delete",
94 "get", "acquire", "register", "expire", "flush",
95 "dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd",
96 "x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush",
97 "x_spdsetidx", "x_spdexpire", "x_spddelete2"
98 };
99
100 static const char *pfkey_msgtype_names(int);
101
102 static const char *
pfkey_msgtype_names(int x)103 pfkey_msgtype_names(int x)
104 {
105 const int max =
106 sizeof(pfkey_msgtypenames)/sizeof(pfkey_msgtypenames[0]);
107 static char buf[20];
108
109 if (x < max && pfkey_msgtypenames[x])
110 return pfkey_msgtypenames[x];
111 snprintf(buf, sizeof(buf), "#%d", x);
112 return buf;
113 }
114
115 void
pfkey_stats(u_long off,const char * name)116 pfkey_stats(u_long off, const char *name)
117 {
118 uint64_t pfkeystat[PFKEY_NSTATS];
119 int first, type;
120
121 if (use_sysctl) {
122 size_t size = sizeof(pfkeystat);
123
124 if (prog_sysctlbyname("net.key.stats", pfkeystat, &size,
125 NULL, 0) == -1 && errno != ENOMEM)
126 return;
127 } else {
128 warnx("%s stats not available via KVM.", name);
129 return;
130 }
131
132 printf ("%s:\n", name);
133
134 #define p(f, m) if (pfkeystat[f] || sflag <= 1) \
135 printf(m, (unsigned long long)pfkeystat[f], plural(pfkeystat[f]))
136
137 /* userland -> kernel */
138 p(PFKEY_STAT_OUT_TOTAL, "\t%llu request%s sent from userland\n");
139 p(PFKEY_STAT_OUT_BYTES, "\t%llu byte%s sent from userland\n");
140 for (first = 1, type = 0; type < 256; type++) {
141 if (pfkeystat[PFKEY_STAT_OUT_MSGTYPE + type] == 0)
142 continue;
143 if (first) {
144 printf("\thistogram by message type:\n");
145 first = 0;
146 }
147 printf("\t\t%s: %llu\n", pfkey_msgtype_names(type),
148 (unsigned long long)pfkeystat[PFKEY_STAT_OUT_MSGTYPE + type]);
149 }
150 p(PFKEY_STAT_OUT_INVLEN,
151 "\t%llu message%s with invalid length field\n");
152 p(PFKEY_STAT_OUT_INVVER,
153 "\t%llu message%s with invalid version field\n");
154 p(PFKEY_STAT_OUT_INVMSGTYPE,
155 "\t%llu message%s with invalid message type field\n");
156 p(PFKEY_STAT_OUT_TOOSHORT,
157 "\t%llu message%s too short\n");
158 p(PFKEY_STAT_OUT_NOMEM,
159 "\t%llu message%s with memory allocation failure\n");
160 p(PFKEY_STAT_OUT_DUPEXT,
161 "\t%llu message%s with duplicate extension\n");
162 p(PFKEY_STAT_OUT_INVEXTTYPE,
163 "\t%llu message%s with invalid extension type\n");
164 p(PFKEY_STAT_OUT_INVSATYPE,
165 "\t%llu message%s with invalid sa type\n");
166 p(PFKEY_STAT_OUT_INVADDR,
167 "\t%llu message%s with invalid address extension\n");
168
169 /* kernel -> userland */
170 p(PFKEY_STAT_IN_TOTAL, "\t%llu request%s sent to userland\n");
171 p(PFKEY_STAT_IN_BYTES, "\t%llu byte%s sent to userland\n");
172 for (first = 1, type = 0; type < 256; type++) {
173 if (pfkeystat[PFKEY_STAT_IN_MSGTYPE + type] == 0)
174 continue;
175 if (first) {
176 printf("\thistogram by message type:\n");
177 first = 0;
178 }
179 printf("\t\t%s: %llu\n", pfkey_msgtype_names(type),
180 (unsigned long long)pfkeystat[PFKEY_STAT_IN_MSGTYPE + type]);
181 }
182 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_ONE,
183 "\t%llu message%s toward single socket\n");
184 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_ALL,
185 "\t%llu message%s toward all sockets\n");
186 p(PFKEY_STAT_IN_MSGTARGET + KEY_SENDUP_REGISTERED,
187 "\t%llu message%s toward registered sockets\n");
188 p(PFKEY_STAT_IN_NOMEM,
189 "\t%llu message%s with memory allocation failure\n");
190 #undef p
191 }
192 #endif /*IPSEC*/
193