static int xfrm_report_print(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) { FILE *fp = (FILE *)arg; struct xfrm_user_report *xrep = NLMSG_DATA(n); int len = n->nlmsg_len; struct rtattr *tb[XFRMA_MAX+1]; __u16 family; len -= NLMSG_LENGTH(sizeof(*xrep)); if (len < 0) { fprintf(stderr, "BUG: wrong nlmsg len %d\n", len); return -1; } family = xrep->sel.family; if (family == AF_UNSPEC) family = preferred_family; fprintf(fp, "report "); fprintf(fp, "proto %s ", strxf_xfrmproto(xrep->proto)); fprintf(fp, "%s", _SL_); xfrm_selector_print(&xrep->sel, family, fp, " sel "); parse_rtattr(tb, XFRMA_MAX, XFRMREP_RTA(xrep), len); xfrm_xfrma_print(tb, family, fp, " "); if (oneline) fprintf(fp, "\n"); return 0; }
static int xfrm_acquire_print(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) { FILE *fp = (FILE*)arg; struct xfrm_user_acquire *xacq = NLMSG_DATA(n); int len = n->nlmsg_len; struct rtattr * tb[XFRMA_MAX+1]; __u16 family; len -= NLMSG_LENGTH(sizeof(*xacq)); if (len < 0) { fprintf(stderr, "BUG: wrong nlmsg len %d\n", len); return -1; } parse_rtattr(tb, XFRMA_MAX, XFRMACQ_RTA(xacq), len); family = xacq->sel.family; if (family == AF_UNSPEC) family = xacq->policy.sel.family; if (family == AF_UNSPEC) family = preferred_family; fprintf(fp, "acquire "); fprintf(fp, "proto %s ", strxf_xfrmproto(xacq->id.proto)); if (show_stats > 0 || xacq->id.spi) { __u32 spi = ntohl(xacq->id.spi); fprintf(fp, "spi 0x%08x", spi); if (show_stats > 0) fprintf(fp, "(%u)", spi); fprintf(fp, " "); } fprintf(fp, "%s", _SL_); xfrm_selector_print(&xacq->sel, family, fp, " sel "); xfrm_policy_info_print(&xacq->policy, tb, fp, " ", " policy "); if (show_stats > 0) fprintf(fp, " seq 0x%08u ", xacq->seq); if (show_stats > 0) { fprintf(fp, "%s-mask %s ", strxf_algotype(XFRMA_ALG_CRYPT), strxf_mask32(xacq->ealgos)); fprintf(fp, "%s-mask %s ", strxf_algotype(XFRMA_ALG_AUTH), strxf_mask32(xacq->aalgos)); fprintf(fp, "%s-mask %s", strxf_algotype(XFRMA_ALG_COMP), strxf_mask32(xacq->calgos)); } fprintf(fp, "%s", _SL_); if (oneline) fprintf(fp, "\n"); fflush(fp); return 0; }
void xfrm_policy_info_print(struct xfrm_userpolicy_info *xpinfo, struct rtattr *tb[], FILE *fp, const char *prefix, const char *title) { char buf[STRBUF_SIZE]; memset(buf, '\0', sizeof(buf)); xfrm_selector_print(&xpinfo->sel, preferred_family, fp, title); if (prefix) STRBUF_CAT(buf, prefix); STRBUF_CAT(buf, "\t"); fprintf(fp, buf); fprintf(fp, "dir "); switch (xpinfo->dir) { case XFRM_POLICY_IN: fprintf(fp, "in"); break; case XFRM_POLICY_OUT: fprintf(fp, "out"); break; case XFRM_POLICY_FWD: fprintf(fp, "fwd"); break; default: fprintf(fp, "%u", xpinfo->dir); break; } fprintf(fp, " "); switch (xpinfo->action) { case XFRM_POLICY_ALLOW: if (show_stats > 0) fprintf(fp, "action allow "); break; case XFRM_POLICY_BLOCK: fprintf(fp, "action block "); break; default: fprintf(fp, "action %u ", xpinfo->action); break; } if (show_stats) fprintf(fp, "index %u ", xpinfo->index); fprintf(fp, "priority %u ", xpinfo->priority); if (show_stats > 0) { fprintf(fp, "share %s ", strxf_share(xpinfo->share)); fprintf(fp, "flag 0x%s", strxf_mask8(xpinfo->flags)); } fprintf(fp, "%s", _SL_); if (show_stats > 0) xfrm_lifetime_print(&xpinfo->lft, &xpinfo->curlft, fp, buf); xfrm_xfrma_print(tb, xpinfo->sel.family, fp, buf); }
void xfrm_state_info_print(struct xfrm_usersa_info *xsinfo, struct rtattr *tb[], FILE *fp, const char *prefix, const char *title) { char buf[STRBUF_SIZE]; int force_spi = xfrm_xfrmproto_is_ipsec(xsinfo->id.proto); memset(buf, '\0', sizeof(buf)); xfrm_id_info_print(&xsinfo->saddr, &xsinfo->id, xsinfo->mode, xsinfo->reqid, xsinfo->family, force_spi, fp, prefix, title); if (prefix) STRBUF_CAT(buf, prefix); STRBUF_CAT(buf, "\t"); fputs(buf, fp); fprintf(fp, "replay-window %u ", xsinfo->replay_window); if (show_stats > 0) fprintf(fp, "seq 0x%08u ", xsinfo->seq); if (show_stats > 0 || xsinfo->flags) { __u8 flags = xsinfo->flags; fprintf(fp, "flag "); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_NOECN, "noecn"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_DECAP_DSCP, "decap-dscp"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_NOPMTUDISC, "nopmtudisc"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_WILDRECV, "wildrecv"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_ICMP, "icmp"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_AF_UNSPEC, "af-unspec"); if (flags) fprintf(fp, "%x", flags); } if (show_stats > 0) fprintf(fp, " (0x%s)", strxf_mask8(xsinfo->flags)); fprintf(fp, "%s", _SL_); xfrm_xfrma_print(tb, xsinfo->family, fp, buf); if (!xfrm_selector_iszero(&xsinfo->sel)) { char sbuf[STRBUF_SIZE]; memcpy(sbuf, buf, sizeof(sbuf)); STRBUF_CAT(sbuf, "sel "); xfrm_selector_print(&xsinfo->sel, xsinfo->family, fp, sbuf); } if (show_stats > 0) { xfrm_lifetime_print(&xsinfo->lft, &xsinfo->curlft, fp, buf); xfrm_stats_print(&xsinfo->stats, fp, buf); } }
static int parse_reply (struct nl_msg *msg, void *arg) { struct nlmsghdr *n = nlmsg_hdr (msg); struct nlattr *tb[XFRMA_MAX + 1]; struct xfrm_userpolicy_info *xpinfo = NULL; if (n->nlmsg_type != XFRM_MSG_NEWPOLICY) { g_warning ("msg type %d not NEWPOLICY", n->nlmsg_type); return NL_SKIP; } /* Netlink message header is followed by 'struct xfrm_userpolicy_info' and * then the attributes. */ if (!nlmsg_valid_hdr (n, sizeof (struct xfrm_userpolicy_info))) { g_warning ("msg too short"); return -NLE_MSG_TOOSHORT; } xpinfo = nlmsg_data (n); if (nla_parse (tb, XFRMA_MAX, nlmsg_attrdata (n, sizeof (struct xfrm_userpolicy_info)), nlmsg_attrlen (n, sizeof (struct xfrm_userpolicy_info)), NULL) < 0) { g_warning ("failed to parse attributes"); return NL_SKIP; } if (tb[XFRMA_TMPL]) { int attrlen = nla_len (tb[XFRMA_TMPL]); struct xfrm_user_tmpl *list = nla_data (tb[XFRMA_TMPL]); int i; xfrm_selector_print (&xpinfo->sel); for (i = 0; i < attrlen / sizeof (struct xfrm_user_tmpl); i++) { struct xfrm_user_tmpl *tmpl = &list[i]; char buf[INET6_ADDRSTRLEN]; g_print (" tmpl "); inet_ntop (tmpl->family, (gpointer) &tmpl->saddr, buf, sizeof (buf)); g_print ("src %s ", buf); inet_ntop (tmpl->family, &tmpl->id.daddr, buf, sizeof (buf)); g_print ("dst %s\n", buf); } } return NL_OK; }
void xfrm_state_info_print(struct xfrm_usersa_info *xsinfo, struct rtattr *tb[], FILE *fp, const char *prefix, const char *title) { char buf[STRBUF_SIZE]; memset(buf, '\0', sizeof(buf)); xfrm_id_info_print(&xsinfo->saddr, &xsinfo->id, xsinfo->mode, xsinfo->reqid, xsinfo->family, 1, fp, prefix, title); if (prefix) STRBUF_CAT(buf, prefix); STRBUF_CAT(buf, "\t"); fprintf(fp, buf); fprintf(fp, "replay-window %u ", xsinfo->replay_window); if (show_stats > 0) fprintf(fp, "seq 0x%08u ", xsinfo->seq); if (show_stats > 0 || xsinfo->flags) { __u8 flags = xsinfo->flags; fprintf(fp, "flag "); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_NOECN, "noecn"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_DECAP_DSCP, "decap-dscp"); if (flags) fprintf(fp, "%x", flags); if (show_stats > 0) fprintf(fp, " (0x%s)", strxf_mask8(flags)); } fprintf(fp, "%s", _SL_); xfrm_xfrma_print(tb, xsinfo->family, fp, buf); if (!xfrm_selector_iszero(&xsinfo->sel)) { char sbuf[STRBUF_SIZE]; memcpy(sbuf, buf, sizeof(sbuf)); STRBUF_CAT(sbuf, "sel "); xfrm_selector_print(&xsinfo->sel, xsinfo->family, fp, sbuf); } if (show_stats > 0) { xfrm_lifetime_print(&xsinfo->lft, &xsinfo->curlft, fp, buf); xfrm_stats_print(&xsinfo->stats, fp, buf); } }
void xfrm_policy_info_print(struct xfrm_userpolicy_info *xpinfo, struct rtattr *tb[], FILE *fp, const char *prefix, const char *title) { char buf[STRBUF_SIZE]; memset(buf, '\0', sizeof(buf)); xfrm_selector_print(&xpinfo->sel, preferred_family, fp, title); if (prefix) STRBUF_CAT(buf, prefix); STRBUF_CAT(buf, "\t"); fputs(buf, fp); fprintf(fp, "dir "); switch (xpinfo->dir) { case XFRM_POLICY_IN: fprintf(fp, "in"); break; case XFRM_POLICY_OUT: fprintf(fp, "out"); break; case XFRM_POLICY_FWD: fprintf(fp, "fwd"); break; default: fprintf(fp, "%u", xpinfo->dir); break; } fprintf(fp, " "); switch (xpinfo->action) { case XFRM_POLICY_ALLOW: if (show_stats > 0) fprintf(fp, "action allow "); break; case XFRM_POLICY_BLOCK: fprintf(fp, "action block "); break; default: fprintf(fp, "action %u ", xpinfo->action); break; } if (show_stats) fprintf(fp, "index %u ", xpinfo->index); fprintf(fp, "priority %u ", xpinfo->priority); if (tb[XFRMA_POLICY_TYPE]) { struct xfrm_userpolicy_type *upt; fprintf(fp, "ptype "); if (RTA_PAYLOAD(tb[XFRMA_POLICY_TYPE]) < sizeof(*upt)) fprintf(fp, "(ERROR truncated)"); upt = (struct xfrm_userpolicy_type *)RTA_DATA(tb[XFRMA_POLICY_TYPE]); fprintf(fp, "%s ", strxf_ptype(upt->type)); } if (show_stats > 0) fprintf(fp, "share %s ", strxf_share(xpinfo->share)); if (show_stats > 0 || xpinfo->flags) { __u8 flags = xpinfo->flags; fprintf(fp, "flag "); XFRM_FLAG_PRINT(fp, flags, XFRM_POLICY_LOCALOK, "localok"); if (flags) fprintf(fp, "%x", flags); } if (show_stats > 0) fprintf(fp, " (0x%s)", strxf_mask8(xpinfo->flags)); fprintf(fp, "%s", _SL_); if (show_stats > 0) xfrm_lifetime_print(&xpinfo->lft, &xpinfo->curlft, fp, buf); xfrm_xfrma_print(tb, xpinfo->sel.family, fp, buf); }
void xfrm_state_info_print(struct xfrm_usersa_info *xsinfo, struct rtattr *tb[], FILE *fp, const char *prefix, const char *title) { char buf[STRBUF_SIZE]; int force_spi = xfrm_xfrmproto_is_ipsec(xsinfo->id.proto); memset(buf, '\0', sizeof(buf)); xfrm_id_info_print(&xsinfo->saddr, &xsinfo->id, xsinfo->mode, xsinfo->reqid, xsinfo->family, force_spi, fp, prefix, title); if (prefix) STRBUF_CAT(buf, prefix); STRBUF_CAT(buf, "\t"); fputs(buf, fp); fprintf(fp, "replay-window %u ", xsinfo->replay_window); if (show_stats > 0) fprintf(fp, "seq 0x%08u ", xsinfo->seq); if (show_stats > 0 || xsinfo->flags) { __u8 flags = xsinfo->flags; fprintf(fp, "flag "); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_NOECN, "noecn"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_DECAP_DSCP, "decap-dscp"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_NOPMTUDISC, "nopmtudisc"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_WILDRECV, "wildrecv"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_ICMP, "icmp"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_AF_UNSPEC, "af-unspec"); XFRM_FLAG_PRINT(fp, flags, XFRM_STATE_ALIGN4, "align4"); if (flags) fprintf(fp, "%x", flags); } if (show_stats > 0 && tb[XFRMA_SA_EXTRA_FLAGS]) { __u32 extra_flags = *(__u32 *)RTA_DATA(tb[XFRMA_SA_EXTRA_FLAGS]); fprintf(fp, "extra_flag "); XFRM_FLAG_PRINT(fp, extra_flags, XFRM_SA_XFLAG_DONT_ENCAP_DSCP, "dont-encap-dscp"); if (extra_flags) fprintf(fp, "%x", extra_flags); } if (show_stats > 0) fprintf(fp, " (0x%s)", strxf_mask8(xsinfo->flags)); fprintf(fp, "%s", _SL_); xfrm_xfrma_print(tb, xsinfo->family, fp, buf); if (!xfrm_selector_iszero(&xsinfo->sel)) { char sbuf[STRBUF_SIZE]; memcpy(sbuf, buf, sizeof(sbuf)); STRBUF_CAT(sbuf, "sel "); xfrm_selector_print(&xsinfo->sel, xsinfo->family, fp, sbuf); } if (show_stats > 0) { xfrm_lifetime_print(&xsinfo->lft, &xsinfo->curlft, fp, buf); xfrm_stats_print(&xsinfo->stats, fp, buf); } if (tb[XFRMA_SEC_CTX]) { struct xfrm_user_sec_ctx *sctx; fprintf(fp, "\tsecurity context "); if (RTA_PAYLOAD(tb[XFRMA_SEC_CTX]) < sizeof(*sctx)) fprintf(fp, "(ERROR truncated)"); sctx = (struct xfrm_user_sec_ctx *)RTA_DATA(tb[XFRMA_SEC_CTX]); fprintf(fp, "%s %s", (char *)(sctx + 1), _SL_); } }