Import patch iproute-xfrm.3

2004/07/14 00:35:49-07:00 net[shemminger]!shemminger Import patch iproute-xfrm.2 2004/07/14 00:35:49-07:00 net[shemminger]!shemminger Import patch iproute2-xfrm.1 (Logical change 1.58)
2004-07-30 20:26:15 +00:00 · 2004-07-30 20:26:15 +00:00 · ad273962a1
parent 9e566a46f2
commit ad273962a1
2 changed files with 119 additions and 77 deletions
--- a/ip/ipxfrm.c
+++ b/ip/ipxfrm.c
@ -91,6 +91,23 @@ const char *strxf_share(__u8 share)
 	return str;
 }

+const char *strxf_proto(__u8 proto)
+{
+	static char buf[32];
+	struct protoent *pp;
+	const char *p;
+
+	pp = getprotobynumber(proto);
+	if (pp)
+		p = pp->p_name;
+	else {
+		sprintf(buf, "%d", proto);
+		p = buf;
+	}
+
+	return p;
+}
+
 void xfrm_id_info_print(xfrm_address_t *saddr, struct xfrm_id *id,
 			__u8 mode, __u32 reqid, __u16 family, FILE *fp,
 			const char *prefix)
@ -105,10 +122,10 @@ void xfrm_id_info_print(xfrm_address_t *saddr, struct xfrm_id *id,
 		fprintf(fp, prefix);

 	memset(abuf, '\0', sizeof(abuf));
-	fprintf(fp, "%s ", rt_addr_n2a(family, sizeof(*saddr),
+	fprintf(fp, "src %s ", rt_addr_n2a(family, sizeof(*saddr),
 					   saddr, abuf, sizeof(abuf)));
 	memset(abuf, '\0', sizeof(abuf));
-	fprintf(fp, "%s\n", rt_addr_n2a(family, sizeof(id->daddr),
+	fprintf(fp, "dst %s\n", rt_addr_n2a(family, sizeof(id->daddr),
 					    &id->daddr, abuf, sizeof(abuf)));

 	if (prefix)
@ -122,30 +139,20 @@ void xfrm_id_info_print(xfrm_address_t *saddr, struct xfrm_id *id,
 		sprintf(pbuf, "%d", id->proto);
 		p = pbuf;
 	}
+	fprintf(fp, "proto %s ", p);

-	switch (id->proto) {
-	case IPPROTO_ESP:
-	case IPPROTO_AH:
-	case IPPROTO_COMP:
-		fprintf(fp, "%s ", p);
-		break;
-	default:
-		fprintf(fp, "unspec(%s)", p);
-		break;
-	}
-
-	switch (id->proto) {
-	case IPPROTO_ESP:
-	case IPPROTO_AH:
-	case IPPROTO_COMP:
-	default:
 	spi = ntohl(id->spi);
-		fprintf(fp, "spi %d(0x%08x) ", spi, spi);
-		break;
-	}
+	fprintf(fp, "spi %u", spi);
+	if (show_stats > 0)
+		fprintf(fp, "(0x%08x)", spi);
+	fprintf(fp, " ");

-	fprintf(fp, "reqid %d ", reqid);
-	fprintf(fp, "%s\n", (mode ? "tunnel" : "transport"));
+	fprintf(fp, "reqid %u", reqid);
+	if (show_stats > 0)
+		fprintf(fp, "(0x%08x)", reqid);
+	fprintf(fp, " ");
+
+	fprintf(fp, "mode %s\n", (mode ? "tunnel" : "transport"));
 }

 static const char *strxf_limit(__u64 limit)
@ -279,16 +286,14 @@ void xfrm_selector_print(struct xfrm_selector *sel, __u16 family,
 		fprintf(fp, prefix);

 	memset(abuf, '\0', sizeof(abuf));
-	fprintf(fp, "%s/%d[%u]", rt_addr_n2a(f, sizeof(sel->saddr),
-					     &sel->saddr,
-					     abuf, sizeof(abuf)),
-		sel->prefixlen_s, sel->sport);
+	fprintf(fp, "src %s/%d ", rt_addr_n2a(f, sizeof(sel->saddr),
+					      &sel->saddr, abuf, sizeof(abuf)),
+		sel->prefixlen_s);

 	memset(abuf, '\0', sizeof(abuf));
-	fprintf(fp, " %s/%d[%u]", rt_addr_n2a(f, sizeof(sel->daddr),
-					      &sel->daddr,
-					      abuf, sizeof(abuf)),
-		sel->prefixlen_d, sel->dport);
+	fprintf(fp, "dst %s/%d", rt_addr_n2a(f, sizeof(sel->daddr),
+					      &sel->daddr, abuf, sizeof(abuf)),
+		sel->prefixlen_d);

 	fprintf(fp, "\n");

@ -296,7 +301,8 @@ void xfrm_selector_print(struct xfrm_selector *sel, __u16 family,
 		fprintf(fp, prefix);
 	fprintf(fp, "\t");

-	fprintf(fp, "upspec %u ", sel->proto);
+	fprintf(fp, "upspec proto %u ", sel->proto);
+	fprintf(fp, "sport %u dport %u ", sel->sport, sel->dport);

 	if (sel->ifindex > 0) {
 		char buf[IF_NAMESIZE];
@ -304,9 +310,9 @@ void xfrm_selector_print(struct xfrm_selector *sel, __u16 family,
 		memset(buf, '\0', sizeof(buf));
 		if_indextoname(sel->ifindex, buf);
 		fprintf(fp, "dev %s ", buf);
-	} else
-		fprintf(fp, "dev (none) ");
+	}

+	if (show_stats > 0)
 		fprintf(fp, "uid %u", sel->user);
 	fprintf(fp, "\n");
 }
@ -367,35 +373,41 @@ static void xfrm_tmpl_print(struct xfrm_user_tmpl *tmpls, int ntmpls,
 			    __u16 family, FILE *fp, const char *prefix)
 {
 	char buf[32];
-	const char *p = NULL;
 	int i;

-	if (prefix) {
-		strcpy(buf, prefix);
-		strcat(buf, "  ");
-	} else
-		strcpy(buf, "  ");
-	p = buf;
-
 	for (i = 0; i < ntmpls; i++) {
 		struct xfrm_user_tmpl *tmpl = &tmpls[i];

 		if (prefix)
 			fprintf(fp, prefix);
-		fprintf(fp, "tmpl-%d:\n", i+1);
-		xfrm_id_info_print(&tmpl->saddr, &tmpl->id, tmpl->mode,
-				   tmpl->reqid, family, fp, p);

-		fprintf(fp, p);
+		fprintf(fp, "tmpl");
+		xfrm_id_info_print(&tmpl->saddr, &tmpl->id, tmpl->mode,
+				   tmpl->reqid, family, fp, prefix);
+
+		fprintf(fp, prefix);
 		fprintf(fp, "\t");
-		fprintf(fp, "level %s ", ((tmpl->optional == 0) ? "required" :
-					  (tmpl->optional == 1) ? "use" :
-					  "unknown-level"));
+		fprintf(fp, "level ");
+		switch (tmpl->optional) {
+		case 0:
+			fprintf(fp, "required");
+			break;
+		case 1:
+			fprintf(fp, "use");
+			break;
+		default:
+			fprintf(fp, "%d", tmpl->optional);
+			break;
+		}
+		fprintf(fp, " ");
+
+		if (show_stats > 0) {
 			fprintf(fp, "share %s ", strxf_share(tmpl->share));
 			fprintf(fp, "algo-mask:");
 			fprintf(fp, "E=%s, ", strxf_mask(tmpl->ealgos));
 			fprintf(fp, "A=%s, ", strxf_mask(tmpl->aalgos));
 			fprintf(fp, "C=%s", strxf_mask(tmpl->calgos));
+		}
 		fprintf(fp, "\n");
 	}
 }
@ -413,17 +425,17 @@ void xfrm_xfrma_print(struct rtattr *tb[], int ntb, __u16 family,
 		case XFRMA_ALG_CRYPT:
 			if (prefix)
 				fprintf(fp, prefix);
-			xfrm_algo_print((struct xfrm_algo *)data, fp, "E:");
+			xfrm_algo_print((struct xfrm_algo *)data, fp, "algo E ");
 			break;
 		case XFRMA_ALG_AUTH:
 			if (prefix)
 				fprintf(fp, prefix);
-			xfrm_algo_print((struct xfrm_algo *)data, fp, "A:");
+			xfrm_algo_print((struct xfrm_algo *)data, fp, "algo A ");
 			break;
 		case XFRMA_ALG_COMP:
 			if (prefix)
 				fprintf(fp, prefix);
-			xfrm_algo_print((struct xfrm_algo *)data, fp, "C:");
+			xfrm_algo_print((struct xfrm_algo *)data, fp, "algo C ");
 			break;
 		case XFRMA_ENCAP:
 			if (prefix)
@ -793,13 +805,12 @@ int do_xfrm(int argc, char **argv)
 	if (argc < 1)
 		usage();

-	if (strcmp(*argv, "state") == 0 ||
-	    strcmp(*argv, "sa") == 0) {
+	if (matches(*argv, "state") == 0 ||
+	    matches(*argv, "sa") == 0) {
 		return do_xfrm_state(argc-1, argv+1);
-	} else if (strcmp(*argv, "policy") == 0 ||
-		   strcmp(*argv, "pol") == 0) {
+	} else if (matches(*argv, "policy") == 0)
 		return do_xfrm_policy(argc-1, argv+1);
-	} else if (strcmp(*argv, "help") == 0) {
+	else if (matches(*argv, "help") == 0) {
 		usage();
 		fprintf(stderr, "xfrm Object \"%s\" is unknown.\n", *argv);
 		exit(-1);
--- a/ip/xfrm_policy.c
+++ b/ip/xfrm_policy.c
@ -55,7 +55,6 @@ static void usage(void)
 {
 	fprintf(stderr, "Usage: ip xfrm policy { add | update } dir DIR sel SELECTOR [ index INDEX ] \n");
 	fprintf(stderr, "        [ action ACTION ] [ priority PRIORITY ] [ LIMIT-LIST ] [ TMPL-LIST ]\n");
-	fprintf(stderr, "        [ sel SELECTOR | index INDEX ] [ TMPL-LIST ]\n");
 	fprintf(stderr, "Usage: ip xfrm policy { delete | get } dir DIR [ sel SELECTOR | index INDEX ]\n");
 	fprintf(stderr, "Usage: ip xfrm policy { flush | list } [ dir DIR ] [ sel SELECTOR ]\n");
 	fprintf(stderr, "        [ index INDEX ] [ action ACTION ] [ priority PRIORITY ]\n");
@ -75,11 +74,16 @@ static void usage(void)
 	fprintf(stderr, "LIMIT := [ [time-soft|time-hard|time-use-soft|time-use-hard] SECONDS ] |\n");
 	fprintf(stderr, "         [ [byte-soft|byte-hard] SIZE ] | [ [packet-soft|packet-hard] NUMBER ]\n");

-	fprintf(stderr, "TMPL-LIST := [ TMPL-LIST ] | [ tmpl TMPL ] | [ tmpl remain ](change only)\n");
+	fprintf(stderr, "TMPL-LIST := [ TMPL-LIST ] | [ tmpl TMPL ]\n");
 	fprintf(stderr, "TMPL := ID [ mode MODE ] [ reqid REQID ] [ level LEVEL ]\n");
 	fprintf(stderr, "ID := [ src ADDR ] [ dst ADDR ] [ proto XFRM_PROTO ] [ spi SPI ]\n");

-	fprintf(stderr, "XFRM_PROTO := [ esp | ah | ipcomp ]\n");
+	//fprintf(stderr, "XFRM_PROTO := [ esp | ah | ipcomp ]\n");
+	fprintf(stderr, "XFRM_PROTO := [ ");
+	fprintf(stderr, "%s | ", strxf_proto(IPPROTO_ESP));
+	fprintf(stderr, "%s | ", strxf_proto(IPPROTO_AH));
+	fprintf(stderr, "%s", strxf_proto(IPPROTO_COMP));
+	fprintf(stderr, " ]\n");

 	fprintf(stderr, "MODE := [ transport | tunnel ](default=transport)\n");
 	//fprintf(stderr, "REQID - number(default=0)\n");
@ -358,20 +362,47 @@ int xfrm_policy_print(struct sockaddr_nl *who, struct nlmsghdr *n, void *arg)
 	if (n->nlmsg_type == XFRM_MSG_DELPOLICY)
 		fprintf(fp, "Deleted ");

+	fprintf(fp, "sel ");
 	xfrm_selector_print(&xpinfo->sel, preferred_family, fp, NULL);

 	fprintf(fp, "\t");
-	fprintf(fp, "%s ", (xpinfo->dir == XFRM_POLICY_IN ? "in " :
-			    xpinfo->dir == XFRM_POLICY_OUT ? "out" :
-			    xpinfo->dir == XFRM_POLICY_FWD ? "fwd" :
-			    "unknown-dir"));
-	fprintf(fp, "%s ", (xpinfo->action == XFRM_POLICY_ALLOW ? "allow" :
-			   xpinfo->action == XFRM_POLICY_BLOCK ? "block" :
-			   "unknown-action"));
+	fprintf(fp, "dir ");
+	switch (xpinfo->dir) {
+	case XFRM_POLICY_IN:
+		fprintf(fp, "in");
+		break;
+	case XFRM_POLICY_OUT:
+		fprintf(fp, "out");
+		break;
+	case XFRM_POLICY_FWD:
+		fprintf(fp, "fwd");
+		break;
+	default:
+		fprintf(fp, "%d", xpinfo->dir);
+		break;
+	}
+	fprintf(fp, " ");
+
+	fprintf(fp, "action ");
+	switch (xpinfo->action) {
+	case XFRM_POLICY_ALLOW:
+		fprintf(fp, "allow");
+		break;
+	case XFRM_POLICY_BLOCK:
+		fprintf(fp, "block");
+		break;
+	default:
+		fprintf(fp, "%d", xpinfo->action);
+		break;
+	}
+	fprintf(fp, " ");
+
 	fprintf(fp, "index %u ", xpinfo->index);
 	fprintf(fp, "priority %u ", xpinfo->priority);
+	if (show_stats > 0) {
 		fprintf(fp, "share %s ", strxf_share(xpinfo->share));
 		fprintf(fp, "flags 0x%s", strxf_flags(xpinfo->flags));
+	}
 	fprintf(fp, "\n");

 	if (show_stats > 0)