From: mpi <mpi@openbsd.org>
Date: Tue, 28 Aug 2018 15:17:56 +0000 (+0000)
Subject: Display per-TDB counters in verbose mode.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=7fc6e3f06dd0e43d868f837091c4e7ca2b8cdffc;p=openbsd

Display per-TDB counters in verbose mode.

ok sthen@
---

diff --git a/sbin/ipsecctl/pfkdump.c b/sbin/ipsecctl/pfkdump.c
index 4343b3e4a9f..77fd8182552 100644
--- a/sbin/ipsecctl/pfkdump.c
+++ b/sbin/ipsecctl/pfkdump.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfkdump.c,v 1.47 2018/07/10 09:35:27 mpi Exp $	*/
+/*	$OpenBSD: pfkdump.c,v 1.48 2018/08/28 15:17:56 mpi Exp $	*/
 
 /*
  * Copyright (c) 2003 Markus Friedl.  All rights reserved.
@@ -28,6 +28,7 @@
 #include <sys/time.h>
 #include <sys/sysctl.h>
 #include <sys/queue.h>
+
 #include <net/pfkeyv2.h>
 #include <netinet/ip_ipsp.h>
 #include <netdb.h>
@@ -41,26 +42,27 @@
 #include "ipsecctl.h"
 #include "pfkey.h"
 
-static void	print_proto(struct sadb_ext *, struct sadb_msg *);
-static void	print_flow(struct sadb_ext *, struct sadb_msg *);
-static void	print_supp(struct sadb_ext *, struct sadb_msg *);
-static void	print_prop(struct sadb_ext *, struct sadb_msg *);
-static void	print_sens(struct sadb_ext *, struct sadb_msg *);
-static void	print_spir(struct sadb_ext *, struct sadb_msg *);
-static void	print_policy(struct sadb_ext *, struct sadb_msg *);
-static void	print_sa(struct sadb_ext *, struct sadb_msg *);
-static void	print_addr(struct sadb_ext *, struct sadb_msg *);
-static void	print_key(struct sadb_ext *, struct sadb_msg *);
-static void	print_life(struct sadb_ext *, struct sadb_msg *);
-static void	print_ident(struct sadb_ext *, struct sadb_msg *);
-static void	print_udpenc(struct sadb_ext *, struct sadb_msg *);
-static void	print_tag(struct sadb_ext *, struct sadb_msg *);
-static void	print_tap(struct sadb_ext *, struct sadb_msg *);
-static void	print_satype(struct sadb_ext *, struct sadb_msg *);
+static void	print_proto(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_flow(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_supp(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_prop(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_sens(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_spir(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_policy(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_sa(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_addr(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_key(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_life(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_ident(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_udpenc(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_tag(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_tap(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_satype(struct sadb_ext *, struct sadb_msg *, int);
+static void	print_counter(struct sadb_ext *, struct sadb_msg *, int);
 
 static struct idname *lookup(struct idname *, u_int32_t);
 static char    *lookup_name(struct idname *, u_int32_t);
-static void	print_ext(struct sadb_ext *, struct sadb_msg *);
+static void	print_ext(struct sadb_ext *, struct sadb_msg *, int);
 
 void		pfkey_print_raw(u_int8_t *, ssize_t);
 static char	*print_flags(uint32_t);
@@ -70,7 +72,7 @@ struct sadb_ext *extensions[SADB_EXT_MAX + 1];
 struct idname {
 	u_int32_t id;
 	char *name;
-	void (*func)(struct sadb_ext *, struct sadb_msg *);
+	void (*func)(struct sadb_ext *, struct sadb_msg *, int);
 };
 
 struct idname ext_types[] = {
@@ -106,6 +108,7 @@ struct idname ext_types[] = {
 	{ SADB_X_EXT_TAG,		"tag",			print_tag },
 	{ SADB_X_EXT_TAP,		"tap",			print_tap },
 	{ SADB_X_EXT_SATYPE2,		"satype2",		print_satype },
+	{ SADB_X_EXT_COUNTER,		"counter",		print_counter },
 	{ 0,				NULL,			NULL }
 };
 
@@ -235,7 +238,7 @@ lookup_name(struct idname *tab, u_int32_t id)
 }
 
 static void
-print_ext(struct sadb_ext *ext, struct sadb_msg *msg)
+print_ext(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct idname *entry;
 
@@ -246,7 +249,7 @@ print_ext(struct sadb_ext *ext, struct sadb_msg *msg)
 	}
 	printf("\t%s: ", entry->name);
 	if (entry->func != NULL)
-		(*entry->func)(ext, msg);
+		(*entry->func)(ext, msg, opts);
 	else
 		printf("type %u len %u",
 		    ext->sadb_ext_type, ext->sadb_ext_len);
@@ -281,7 +284,7 @@ print_flags(uint32_t flags)
 }
 
 static void
-print_sa(struct sadb_ext *ext, struct sadb_msg *msg)
+print_sa(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_sa *sa = (struct sadb_sa *)ext;
 
@@ -301,7 +304,7 @@ print_sa(struct sadb_ext *ext, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_addr(struct sadb_ext *ext, struct sadb_msg *msg)
+print_addr(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_address *addr = (struct sadb_address *)ext;
 	struct sockaddr *sa;
@@ -333,7 +336,7 @@ print_addr(struct sadb_ext *ext, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_key(struct sadb_ext *ext, struct sadb_msg *msg)
+print_key(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_key *key = (struct sadb_key *)ext;
 	u_int8_t *data;
@@ -349,7 +352,7 @@ print_key(struct sadb_ext *ext, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_life(struct sadb_ext *ext, struct sadb_msg *msg)
+print_life(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_lifetime *life = (struct sadb_lifetime *)ext;
 
@@ -361,7 +364,7 @@ print_life(struct sadb_ext *ext, struct sadb_msg *msg)
 }
 
 static void
-print_proto(struct sadb_ext *ext, struct sadb_msg *msg)
+print_proto(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_protocol *proto = (struct sadb_protocol *)ext;
 
@@ -377,7 +380,7 @@ print_proto(struct sadb_ext *ext, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_flow(struct sadb_ext *ext, struct sadb_msg *msg)
+print_flow(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_protocol *proto = (struct sadb_protocol *)ext;
 	char *dir = "unknown";
@@ -395,7 +398,7 @@ print_flow(struct sadb_ext *ext, struct sadb_msg *msg)
 }
 
 static void
-print_tag(struct sadb_ext *ext, struct sadb_msg *msg)
+print_tag(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_x_tag *stag = (struct sadb_x_tag *)ext;
 	char *p;
@@ -405,7 +408,7 @@ print_tag(struct sadb_ext *ext, struct sadb_msg *msg)
 }
 
 static void
-print_tap(struct sadb_ext *ext, struct sadb_msg *msg)
+print_tap(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_x_tap *stap = (struct sadb_x_tap *)ext;
 
@@ -413,13 +416,35 @@ print_tap(struct sadb_ext *ext, struct sadb_msg *msg)
 }
 
 static void
-print_satype(struct sadb_ext *ext, struct sadb_msg *msg)
+print_satype(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_protocol *proto = (struct sadb_protocol *)ext;
 
 	printf("type %s", lookup_name(sa_types, proto->sadb_protocol_proto));
 }
 
+static void
+print_counter(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
+{
+	struct sadb_x_counter *scnt = (struct sadb_x_counter *)ext;
+
+	printf("\n");
+
+#define plural(n) ((n) != 1 ? "s" : "")
+#define p(f, m) if (scnt->f || opts & IPSECCTL_OPT_VERBOSE2) \
+	printf(m, scnt->f, plural(scnt->f))
+	p(sadb_x_counter_ipackets, "\t\t%llu input packet%s\n");
+	p(sadb_x_counter_opackets, "\t\t%llu output packet%s\n");
+	p(sadb_x_counter_ibytes, "\t\t%llu input byte%s\n");
+	p(sadb_x_counter_obytes, "\t\t%llu output byte%s\n");
+	p(sadb_x_counter_idecompbytes, "\t\t%llu input byte%s, decompressed\n");
+	p(sadb_x_counter_ouncompbytes,"\t\t%llu output byte%s, uncompressed\n");
+	p(sadb_x_counter_idrops, "\t\t%llu packet%s dropped on input\n");
+	p(sadb_x_counter_odrops, "\t\t%llu packet%s dropped on output\n");
+#undef p
+#undef plural
+}
+
 static char *
 alg_by_ext(u_int8_t ext_type, u_int8_t id)
 {
@@ -445,7 +470,7 @@ print_alg(struct sadb_alg *alg, u_int8_t ext_type)
 
 /* ARGSUSED1 */
 static void
-print_supp(struct sadb_ext *ext, struct sadb_msg *msg)
+print_supp(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_supported *supported = (struct sadb_supported *)ext;
 	struct sadb_alg *alg;
@@ -465,7 +490,7 @@ print_supp(struct sadb_ext *ext, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_comb(struct sadb_comb *comb, struct sadb_msg *msg)
+print_comb(struct sadb_comb *comb, struct sadb_msg *msg, int opts)
 {
 	printf("\t\tauth %s min %u max %u\n"
 	    "\t\tenc %s min %u max %u\n"
@@ -493,7 +518,7 @@ print_comb(struct sadb_comb *comb, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_prop(struct sadb_ext *ext, struct sadb_msg *msg)
+print_prop(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_prop *prop = (struct sadb_prop *)ext;
 	struct sadb_comb *comb;
@@ -503,12 +528,12 @@ print_prop(struct sadb_ext *ext, struct sadb_msg *msg)
 	    (size_t)((u_int8_t *)comb - (u_int8_t *)ext) <
 	    ext->sadb_ext_len * PFKEYV2_CHUNK;
 	    comb++)
-		print_comb(comb, msg);
+		print_comb(comb, msg, opts);
 }
 
 /* ARGSUSED1 */
 static void
-print_sens(struct sadb_ext *ext, struct sadb_msg *msg)
+print_sens(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_sens *sens = (struct sadb_sens *)ext;
 
@@ -520,7 +545,7 @@ print_sens(struct sadb_ext *ext, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_spir(struct sadb_ext *ext, struct sadb_msg *msg)
+print_spir(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_spirange *spirange = (struct sadb_spirange *)ext;
 
@@ -530,7 +555,7 @@ print_spir(struct sadb_ext *ext, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_ident(struct sadb_ext *ext, struct sadb_msg *msg)
+print_ident(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_ident *ident = (struct sadb_ident *)ext;
 
@@ -541,7 +566,7 @@ print_ident(struct sadb_ext *ext, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_policy(struct sadb_ext *ext, struct sadb_msg *msg)
+print_policy(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_x_policy *x_policy = (struct sadb_x_policy *)ext;
 
@@ -550,7 +575,7 @@ print_policy(struct sadb_ext *ext, struct sadb_msg *msg)
 
 /* ARGSUSED1 */
 static void
-print_udpenc(struct sadb_ext *ext, struct sadb_msg *msg)
+print_udpenc(struct sadb_ext *ext, struct sadb_msg *msg, int opts)
 {
 	struct sadb_x_udpencap *x_udpencap = (struct sadb_x_udpencap *)ext;
 
@@ -832,7 +857,7 @@ pfkey_print_sa(struct sadb_msg *msg, int opts)
 	if (opts & IPSECCTL_OPT_VERBOSE) {
 		for (i = 0; i <= SADB_EXT_MAX; i++)
 			if (extensions[i])
-				print_ext(extensions[i], msg);
+				print_ext(extensions[i], msg, opts);
 	}
 	fflush(stdout);
 }
@@ -856,7 +881,7 @@ pfkey_monitor_sa(struct sadb_msg *msg, int opts)
 		    strerror(msg->sadb_msg_errno));
 	for (i = 0; i <= SADB_EXT_MAX; i++)
 		if (extensions[i])
-			print_ext(extensions[i], msg);
+			print_ext(extensions[i], msg, opts);
 	fflush(stdout);
 }