xref: /freebsd/usr.bin/netstat/pfkey.c (revision 55141f2c8991b2a6adbf30bb0fe3e6cbc303f06d)
1 /*	$NetBSD: inet.c,v 1.35.2.1 1999/04/29 14:57:08 perry Exp $	*/
2 /*	$KAME: ipsec.c,v 1.25 2001/03/12 09:04:39 itojun Exp $	*/
3 /*-
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. Neither the name of the project nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 /*-
34  * Copyright (c) 1983, 1988, 1993
35  *	The Regents of the University of California.  All rights reserved.
36  *
37  * Redistribution and use in source and binary forms, with or without
38  * modification, are permitted provided that the following conditions
39  * are met:
40  * 1. Redistributions of source code must retain the above copyright
41  *    notice, this list of conditions and the following disclaimer.
42  * 2. Redistributions in binary form must reproduce the above copyright
43  *    notice, this list of conditions and the following disclaimer in the
44  *    documentation and/or other materials provided with the distribution.
45  * 3. Neither the name of the University nor the names of its contributors
46  *    may be used to endorse or promote products derived from this software
47  *    without specific prior written permission.
48  *
49  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
50  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
52  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
53  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
54  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
55  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
57  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
58  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59  * SUCH DAMAGE.
60  */
61 
62 #if 0
63 #ifndef lint
64 static char sccsid[] = "@(#)inet.c	8.5 (Berkeley) 5/24/95";
65 #endif /* not lint */
66 #endif
67 
68 #include <sys/cdefs.h>
69 #include <sys/param.h>
70 #include <sys/queue.h>
71 #include <sys/socket.h>
72 #include <sys/socketvar.h>
73 
74 #include <netinet/in.h>
75 
76 #ifdef IPSEC
77 #include <netipsec/keysock.h>
78 #endif
79 
80 #include <stdint.h>
81 #include <stdio.h>
82 #include <string.h>
83 #include <unistd.h>
84 #include <stdbool.h>
85 #include <libxo/xo.h>
86 #include "netstat.h"
87 
88 #ifdef IPSEC
89 
90 static const char *pfkey_msgtypenames[] = {
91 	"reserved", "getspi", "update", "add", "delete",
92 	"get", "acquire", "register", "expire", "flush",
93 	"dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd",
94 	"x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush",
95 	"x_spdsetidx", "x_spdexpire", "x_spddelete2"
96 };
97 
98 static const char *pfkey_msgtype_names (int);
99 
100 
101 static const char *
102 pfkey_msgtype_names(int x)
103 {
104 	const int max = nitems(pfkey_msgtypenames);
105 	static char buf[20];
106 
107 	if (x < max && pfkey_msgtypenames[x])
108 		return pfkey_msgtypenames[x];
109 	snprintf(buf, sizeof(buf), "#%d", x);
110 	return buf;
111 }
112 
113 void
114 pfkey_stats(u_long off, const char *name, int family __unused,
115     int proto __unused)
116 {
117 	struct pfkeystat pfkeystat;
118 	unsigned first, type;
119 
120 	if (off == 0)
121 		return;
122 	xo_emit("{T:/%s}:\n", name);
123 	xo_open_container(name);
124 	kread_counters(off, (char *)&pfkeystat, sizeof(pfkeystat));
125 
126 #define	p(f, m) if (pfkeystat.f || sflag <= 1) \
127 	xo_emit(m, (uintmax_t)pfkeystat.f, plural(pfkeystat.f))
128 
129 	/* userland -> kernel */
130 	p(out_total, "\t{:sent-requests/%ju} "
131 	    "{N:/request%s sent from userland}\n");
132 	p(out_bytes, "\t{:sent-bytes/%ju} "
133 	    "{N:/byte%s sent from userland}\n");
134 	for (first = 1, type = 0;
135 	    type<sizeof(pfkeystat.out_msgtype)/sizeof(pfkeystat.out_msgtype[0]);
136 	    type++) {
137 		if (pfkeystat.out_msgtype[type] <= 0)
138 			continue;
139 		if (first) {
140 			xo_open_list("output-histogram");
141 			xo_emit("\t{T:histogram by message type}:\n");
142 			first = 0;
143 		}
144 		xo_open_instance("output-histogram");
145 		xo_emit("\t\t{k::type/%s}: {:count/%ju}\n",
146 		    pfkey_msgtype_names(type),
147 		    (uintmax_t)pfkeystat.out_msgtype[type]);
148 		xo_close_instance("output-histogram");
149 	}
150 	if (!first)
151 		xo_close_list("output-histogram");
152 
153 	p(out_invlen, "\t{:dropped-bad-length/%ju} "
154 	    "{N:/message%s with invalid length field}\n");
155 	p(out_invver, "\t{:dropped-bad-version/%ju} "
156 	    "{N:/message%s with invalid version field}\n");
157 	p(out_invmsgtype, "\t{:dropped-bad-type/%ju} "
158 	    "{N:/message%s with invalid message type field}\n");
159 	p(out_tooshort, "\t{:dropped-too-short/%ju} "
160 	    "{N:/message%s too short}\n");
161 	p(out_nomem, "\t{:dropped-no-memory/%ju} "
162 	    "{N:/message%s with memory allocation failure}\n");
163 	p(out_dupext, "\t{:dropped-duplicate-extension/%ju} "
164 	    "{N:/message%s with duplicate extension}\n");
165 	p(out_invexttype, "\t{:dropped-bad-extension/%ju} "
166 	    "{N:/message%s with invalid extension type}\n");
167 	p(out_invsatype, "\t{:dropped-bad-sa-type/%ju} "
168 	    "{N:/message%s with invalid sa type}\n");
169 	p(out_invaddr, "\t{:dropped-bad-address-extension/%ju} "
170 	    "{N:/message%s with invalid address extension}\n");
171 
172 	/* kernel -> userland */
173 	p(in_total, "\t{:received-requests/%ju} "
174 	    "{N:/request%s sent to userland}\n");
175 	p(in_bytes, "\t{:received-bytes/%ju} "
176 	    "{N:/byte%s sent to userland}\n");
177 	for (first = 1, type = 0;
178 	    type < sizeof(pfkeystat.in_msgtype)/sizeof(pfkeystat.in_msgtype[0]);
179 	    type++) {
180 		if (pfkeystat.in_msgtype[type] <= 0)
181 			continue;
182 		if (first) {
183 			xo_open_list("input-histogram");
184 			xo_emit("\t{T:histogram by message type}:\n");
185 			first = 0;
186 		}
187 		xo_open_instance("input-histogram");
188 		xo_emit("\t\t{k:type/%s}: {:count/%ju}\n",
189 		    pfkey_msgtype_names(type),
190 		    (uintmax_t)pfkeystat.in_msgtype[type]);
191 		xo_close_instance("input-histogram");
192 	}
193 	if (!first)
194 		xo_close_list("input-histogram");
195 	p(in_msgtarget[KEY_SENDUP_ONE], "\t{:received-one-socket/%ju} "
196 	    "{N:/message%s toward single socket}\n");
197 	p(in_msgtarget[KEY_SENDUP_ALL], "\t{:received-all-sockets/%ju} "
198 	    "{N:/message%s toward all sockets}\n");
199 	p(in_msgtarget[KEY_SENDUP_REGISTERED],
200 	    "\t{:received-registered-sockets/%ju} "
201 	    "{N:/message%s toward registered sockets}\n");
202 	p(in_nomem, "\t{:discarded-no-memory/%ju} "
203 	    "{N:/message%s with memory allocation failure}\n");
204 #undef p
205 	xo_close_container(name);
206 }
207 #endif /* IPSEC */
208