summaryrefslogtreecommitdiffstats
path: root/usr.bin/netstat/ipsec.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.bin/netstat/ipsec.c')
-rw-r--r--usr.bin/netstat/ipsec.c152
1 files changed, 68 insertions, 84 deletions
diff --git a/usr.bin/netstat/ipsec.c b/usr.bin/netstat/ipsec.c
index 7b16f57..ad3c092 100644
--- a/usr.bin/netstat/ipsec.c
+++ b/usr.bin/netstat/ipsec.c
@@ -274,7 +274,7 @@ ipsec_stats(u_long off, const char *name, int af1 __unused, int proto __unused)
}
-static void ipsec_hist_new(const u_int32_t *hist, size_t histmax,
+static void ipsec_hist_new(const uint64_t *hist, size_t histmax,
const struct val2str *name, const char *title);
static void print_ahstats(const struct ahstat *ahstat);
static void print_espstats(const struct espstat *espstat);
@@ -284,7 +284,7 @@ static void print_ipcompstats(const struct ipcompstat *ipcompstat);
* Dump IPSEC statistics structure.
*/
static void
-ipsec_hist_new(const u_int32_t *hist, size_t histmax,
+ipsec_hist_new(const uint64_t *hist, size_t histmax,
const struct val2str *name, const char *title)
{
int first;
@@ -304,10 +304,11 @@ ipsec_hist_new(const u_int32_t *hist, size_t histmax,
break;
}
if (p && p->str) {
- printf("\t\t%s: %u\n", p->str, hist[proto]);
+ printf("\t\t%s: %ju\n", p->str,
+ (uintmax_t)hist[proto]);
} else {
- printf("\t\t#%lu: %u\n", (unsigned long)proto,
- hist[proto]);
+ printf("\t\t#%lu: %ju\n", (unsigned long)proto,
+ (uintmax_t)hist[proto]);
}
}
}
@@ -315,36 +316,33 @@ ipsec_hist_new(const u_int32_t *hist, size_t histmax,
static void
print_ahstats(const struct ahstat *ahstat)
{
-#define p32(f, m) if (ahstat->f || sflag <= 1) \
- printf("\t%u" m, (unsigned int)ahstat->f, plural(ahstat->f))
-#define p64(f, m) if (ahstat->f || sflag <= 1) \
+#define p(f, m) if (ahstat->f || sflag <= 1) \
printf("\t%ju" m, (uintmax_t)ahstat->f, plural(ahstat->f))
#define hist(f, n, t) \
ipsec_hist_new((f), sizeof(f)/sizeof(f[0]), (n), (t));
- p32(ahs_hdrops, " packet%s shorter than header shows\n");
- p32(ahs_nopf, " packet%s dropped; protocol family not supported\n");
- p32(ahs_notdb, " packet%s dropped; no TDB\n");
- p32(ahs_badkcr, " packet%s dropped; bad KCR\n");
- p32(ahs_qfull, " packet%s dropped; queue full\n");
- p32(ahs_noxform, " packet%s dropped; no transform\n");
- p32(ahs_wrap, " replay counter wrap%s\n");
- p32(ahs_badauth, " packet%s dropped; bad authentication detected\n");
- p32(ahs_badauthl, " packet%s dropped; bad authentication length\n");
- p32(ahs_replay, " possible replay packet%s detected\n");
- p32(ahs_input, " packet%s in\n");
- p32(ahs_output, " packet%s out\n");
- p32(ahs_invalid, " packet%s dropped; invalid TDB\n");
- p64(ahs_ibytes, " byte%s in\n");
- p64(ahs_obytes, " byte%s out\n");
- p32(ahs_toobig, " packet%s dropped; larger than IP_MAXPACKET\n");
- p32(ahs_pdrops, " packet%s blocked due to policy\n");
- p32(ahs_crypto, " crypto processing failure%s\n");
- p32(ahs_tunnel, " tunnel sanity check failure%s\n");
+ p(ahs_hdrops, " packet%s shorter than header shows\n");
+ p(ahs_nopf, " packet%s dropped; protocol family not supported\n");
+ p(ahs_notdb, " packet%s dropped; no TDB\n");
+ p(ahs_badkcr, " packet%s dropped; bad KCR\n");
+ p(ahs_qfull, " packet%s dropped; queue full\n");
+ p(ahs_noxform, " packet%s dropped; no transform\n");
+ p(ahs_wrap, " replay counter wrap%s\n");
+ p(ahs_badauth, " packet%s dropped; bad authentication detected\n");
+ p(ahs_badauthl, " packet%s dropped; bad authentication length\n");
+ p(ahs_replay, " possible replay packet%s detected\n");
+ p(ahs_input, " packet%s in\n");
+ p(ahs_output, " packet%s out\n");
+ p(ahs_invalid, " packet%s dropped; invalid TDB\n");
+ p(ahs_ibytes, " byte%s in\n");
+ p(ahs_obytes, " byte%s out\n");
+ p(ahs_toobig, " packet%s dropped; larger than IP_MAXPACKET\n");
+ p(ahs_pdrops, " packet%s blocked due to policy\n");
+ p(ahs_crypto, " crypto processing failure%s\n");
+ p(ahs_tunnel, " tunnel sanity check failure%s\n");
hist(ahstat->ahs_hist, ipsec_ahnames, "AH output");
-#undef p32
-#undef p64
+#undef p
#undef hist
}
@@ -364,37 +362,34 @@ ah_stats(u_long off, const char *name, int family __unused, int proto __unused)
static void
print_espstats(const struct espstat *espstat)
{
-#define p32(f, m) if (espstat->f || sflag <= 1) \
- printf("\t%u" m, (unsigned int)espstat->f, plural(espstat->f))
-#define p64(f, m) if (espstat->f || sflag <= 1) \
+#define p(f, m) if (espstat->f || sflag <= 1) \
printf("\t%ju" m, (uintmax_t)espstat->f, plural(espstat->f))
#define hist(f, n, t) \
ipsec_hist_new((f), sizeof(f)/sizeof(f[0]), (n), (t));
- p32(esps_hdrops, " packet%s shorter than header shows\n");
- p32(esps_nopf, " packet%s dropped; protocol family not supported\n");
- p32(esps_notdb, " packet%s dropped; no TDB\n");
- p32(esps_badkcr, " packet%s dropped; bad KCR\n");
- p32(esps_qfull, " packet%s dropped; queue full\n");
- p32(esps_noxform, " packet%s dropped; no transform\n");
- p32(esps_badilen, " packet%s dropped; bad ilen\n");
- p32(esps_wrap, " replay counter wrap%s\n");
- p32(esps_badenc, " packet%s dropped; bad encryption detected\n");
- p32(esps_badauth, " packet%s dropped; bad authentication detected\n");
- p32(esps_replay, " possible replay packet%s detected\n");
- p32(esps_input, " packet%s in\n");
- p32(esps_output, " packet%s out\n");
- p32(esps_invalid, " packet%s dropped; invalid TDB\n");
- p64(esps_ibytes, " byte%s in\n");
- p64(esps_obytes, " byte%s out\n");
- p32(esps_toobig, " packet%s dropped; larger than IP_MAXPACKET\n");
- p32(esps_pdrops, " packet%s blocked due to policy\n");
- p32(esps_crypto, " crypto processing failure%s\n");
- p32(esps_tunnel, " tunnel sanity check failure%s\n");
+ p(esps_hdrops, " packet%s shorter than header shows\n");
+ p(esps_nopf, " packet%s dropped; protocol family not supported\n");
+ p(esps_notdb, " packet%s dropped; no TDB\n");
+ p(esps_badkcr, " packet%s dropped; bad KCR\n");
+ p(esps_qfull, " packet%s dropped; queue full\n");
+ p(esps_noxform, " packet%s dropped; no transform\n");
+ p(esps_badilen, " packet%s dropped; bad ilen\n");
+ p(esps_wrap, " replay counter wrap%s\n");
+ p(esps_badenc, " packet%s dropped; bad encryption detected\n");
+ p(esps_badauth, " packet%s dropped; bad authentication detected\n");
+ p(esps_replay, " possible replay packet%s detected\n");
+ p(esps_input, " packet%s in\n");
+ p(esps_output, " packet%s out\n");
+ p(esps_invalid, " packet%s dropped; invalid TDB\n");
+ p(esps_ibytes, " byte%s in\n");
+ p(esps_obytes, " byte%s out\n");
+ p(esps_toobig, " packet%s dropped; larger than IP_MAXPACKET\n");
+ p(esps_pdrops, " packet%s blocked due to policy\n");
+ p(esps_crypto, " crypto processing failure%s\n");
+ p(esps_tunnel, " tunnel sanity check failure%s\n");
hist(espstat->esps_hist, ipsec_espnames, "ESP output");
-#undef p32
-#undef p64
+#undef p
#undef hist
}
@@ -414,42 +409,31 @@ esp_stats(u_long off, const char *name, int family __unused, int proto __unused)
static void
print_ipcompstats(const struct ipcompstat *ipcompstat)
{
- uint32_t version;
-#define p32(f, m) if (ipcompstat->f || sflag <= 1) \
- printf("\t%u" m, (unsigned int)ipcompstat->f, plural(ipcompstat->f))
-#define p64(f, m) if (ipcompstat->f || sflag <= 1) \
+#define p(f, m) if (ipcompstat->f || sflag <= 1) \
printf("\t%ju" m, (uintmax_t)ipcompstat->f, plural(ipcompstat->f))
#define hist(f, n, t) \
ipsec_hist_new((f), sizeof(f)/sizeof(f[0]), (n), (t));
-#ifndef IPCOMPSTAT_VERSION
- version = 0;
-#else
- version = ipcompstat->version;
-#endif
- p32(ipcomps_hdrops, " packet%s shorter than header shows\n");
- p32(ipcomps_nopf, " packet%s dropped; protocol family not supported\n");
- p32(ipcomps_notdb, " packet%s dropped; no TDB\n");
- p32(ipcomps_badkcr, " packet%s dropped; bad KCR\n");
- p32(ipcomps_qfull, " packet%s dropped; queue full\n");
- p32(ipcomps_noxform, " packet%s dropped; no transform\n");
- p32(ipcomps_wrap, " replay counter wrap%s\n");
- p32(ipcomps_input, " packet%s in\n");
- p32(ipcomps_output, " packet%s out\n");
- p32(ipcomps_invalid, " packet%s dropped; invalid TDB\n");
- p64(ipcomps_ibytes, " byte%s in\n");
- p64(ipcomps_obytes, " byte%s out\n");
- p32(ipcomps_toobig, " packet%s dropped; larger than IP_MAXPACKET\n");
- p32(ipcomps_pdrops, " packet%s blocked due to policy\n");
- p32(ipcomps_crypto, " crypto processing failure%s\n");
+ p(ipcomps_hdrops, " packet%s shorter than header shows\n");
+ p(ipcomps_nopf, " packet%s dropped; protocol family not supported\n");
+ p(ipcomps_notdb, " packet%s dropped; no TDB\n");
+ p(ipcomps_badkcr, " packet%s dropped; bad KCR\n");
+ p(ipcomps_qfull, " packet%s dropped; queue full\n");
+ p(ipcomps_noxform, " packet%s dropped; no transform\n");
+ p(ipcomps_wrap, " replay counter wrap%s\n");
+ p(ipcomps_input, " packet%s in\n");
+ p(ipcomps_output, " packet%s out\n");
+ p(ipcomps_invalid, " packet%s dropped; invalid TDB\n");
+ p(ipcomps_ibytes, " byte%s in\n");
+ p(ipcomps_obytes, " byte%s out\n");
+ p(ipcomps_toobig, " packet%s dropped; larger than IP_MAXPACKET\n");
+ p(ipcomps_pdrops, " packet%s blocked due to policy\n");
+ p(ipcomps_crypto, " crypto processing failure%s\n");
hist(ipcompstat->ipcomps_hist, ipsec_compnames, "COMP output");
- if (version >= 1) {
- p32(ipcomps_threshold, " packet%s sent uncompressed; size < compr. algo. threshold\n");
- p32(ipcomps_uncompr, " packet%s sent uncompressed; compression was useless\n");
- }
+ p(ipcomps_threshold, " packet%s sent uncompressed; size < compr. algo. threshold\n");
+ p(ipcomps_uncompr, " packet%s sent uncompressed; compression was useless\n");
-#undef p32
-#undef p64
+#undef p
#undef hist
}
OpenPOWER on IntegriCloud