{ "inClosed", KSTAT_DATA_UINT32, 0 },
{ "rttUpdate", KSTAT_DATA_UINT32, 0 },
{ "rttNoUpdate", KSTAT_DATA_UINT32, 0 },
{ "timRetrans", KSTAT_DATA_UINT32, 0 },
{ "timRetransDrop", KSTAT_DATA_UINT32, 0 },
{ "timKeepalive", KSTAT_DATA_UINT32, 0 },
{ "timKeepaliveProbe", KSTAT_DATA_UINT32, 0 },
{ "timKeepaliveDrop", KSTAT_DATA_UINT32, 0 },
{ "listenDrop", KSTAT_DATA_UINT32, 0 },
{ "listenDropQ0", KSTAT_DATA_UINT32, 0 },
{ "halfOpenDrop", KSTAT_DATA_UINT32, 0 },
{ "outSackRetransSegs", KSTAT_DATA_UINT32, 0 },
{ "connTableSize6", KSTAT_DATA_INT32, 0 }
};
ksp = kstat_create_netstack(TCP_MOD_NAME, stackid, TCP_MOD_NAME, "mib2",
KSTAT_TYPE_NAMED, NUM_OF_FIELDS(tcp_named_kstat_t), 0, stackid);
if (ksp == NULL)
return (NULL);
template.rtoAlgorithm.value.ui32 = 4;
template.maxConn.value.i32 = -1;
bcopy(&template, ksp->ks_data, sizeof (template));
ksp->ks_update = tcp_kstat_update;
ksp->ks_private = (void *)(uintptr_t)stackid;
/*
* If this is an exclusive netstack for a local zone, the global zone
* should still be able to read the kstat.
*/
/*
* Initialize drop facility kstats.
*/
void
ip_drop_init(ipsec_stack_t *ipss)
{
ipss->ipsec_ip_drop_kstat = kstat_create_netstack("ip", 0, "ipdrop",
"net", KSTAT_TYPE_NAMED,
sizeof (struct ip_dropstats) / sizeof (kstat_named_t),
KSTAT_FLAG_PERSISTENT, ipss->ipsec_netstack->netstack_stackid);
if (ipss->ipsec_ip_drop_kstat == NULL ||
ipss->ipsec_ip_drop_kstat->ks_data == NULL)
return;
/*
* Note: here ipss->ipsec_ip_drop_types is initialized, however,
* if the previous kstat_create_netstack failed, it will remain
* NULL. Note this is done for all stack instances, so it *could*
* be NULL. Hence a non-NULL checking is added where
* ipss->ipsec_ip_drop_types is used. This checking is hidden in
* the DROPPER macro.
*/
ipss->ipsec_ip_drop_types = ipss->ipsec_ip_drop_kstat->ks_data;
/* TCP IPsec drop statistics. */
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_tcp_clear,
"tcp_clear", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_tcp_secure,
"tcp_secure", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_tcp_mismatch,
"tcp_mismatch", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_tcp_ipsec_alloc,
"tcp_ipsec_alloc", KSTAT_DATA_UINT64);
/* SADB-specific drop statistics. */
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_sadb_inlarval_timeout,
"sadb_inlarval_timeout", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_sadb_inlarval_replace,
"sadb_inlarval_replace", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_sadb_inidle_overflow,
"sadb_inidle_overflow", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_sadb_inidle_timeout,
"sadb_inidle_timeout", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_sadb_acquire_nomem,
"sadb_acquire_nomem", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_sadb_acquire_toofull,
"sadb_acquire_toofull", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_sadb_acquire_timeout,
"sadb_acquire_timeout", KSTAT_DATA_UINT64);
/* SPD drop statistics. */
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_ahesp_diffid,
"spd_ahesp_diffid", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_loopback_mismatch,
"spd_loopback_mismatch", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_explicit,
"spd_explicit", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_got_secure,
"spd_got_secure", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_got_clear,
"spd_got_clear", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_bad_ahalg,
"spd_bad_ahalg", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_got_ah,
"spd_got_ah", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_bad_espealg,
"spd_bad_espealg", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_bad_espaalg,
"spd_bad_espaalg", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_got_esp,
"spd_got_esp", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_got_selfencap,
"spd_got_selfencap", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_bad_selfencap,
"spd_bad_selfencap", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_nomem,
"spd_nomem", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_ah_badid,
"spd_ah_badid", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_ah_innermismatch,
"spd_ah_innermismatch", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_esp_innermismatch,
"spd_esp_innermismatch", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_esp_badid,
"spd_esp_badid", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_no_policy,
"spd_no_policy", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_malformed_packet,
"spd_malformed_packet", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_malformed_frag,
"spd_malformed_frag", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_overlap_frag,
"spd_overlap_frag", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_evil_frag,
"spd_evil_frag", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_spd_max_frags,
"spd_max_frags", KSTAT_DATA_UINT64);
/* ESP-specific drop statistics. */
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_nomem,
"esp_nomem", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_no_sa,
"esp_no_sa", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_early_replay,
"esp_early_replay", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_replay,
"esp_replay", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_bytes_expire,
"esp_bytes_expire", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_bad_padlen,
"esp_bad_padlen", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_bad_padding,
"esp_bad_padding", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_bad_auth,
"esp_bad_auth", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_crypto_failed,
"esp_crypto_failed", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_icmp,
"esp_icmp", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_nat_t_ipsec,
"esp_nat_t_ipsec", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_nat_t_ka,
"esp_nat_t_ka", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_esp_iv_wrap,
"esp_iv_wrap", KSTAT_DATA_UINT64);
/* AH-specific drop statistics. */
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_nomem,
"ah_nomem", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_bad_v6_hdrs,
"ah_bad_v6_hdrs", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_bad_v4_opts,
"ah_bad_v4_opts", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_no_sa,
"ah_no_sa", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_bad_length,
"ah_bad_length", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_bad_auth,
"ah_bad_auth", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_crypto_failed,
"ah_crypto_failed", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_early_replay,
"ah_early_replay", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_replay,
"ah_replay", KSTAT_DATA_UINT64);
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ah_bytes_expire,
"ah_bytes_expire", KSTAT_DATA_UINT64);
/* IP-specific drop statistics. */
kstat_named_init(&ipss->ipsec_ip_drop_types->ipds_ip_ipsec_not_loaded,
"ip_ipsec_not_loaded", KSTAT_DATA_UINT64);
kstat_install(ipss->ipsec_ip_drop_kstat);
}
