summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthew Smith <mgsmith@netgate.com>2020-04-02 07:45:49 -0500
committerNeale Ranns <nranns@cisco.com>2020-04-02 17:28:24 +0000
commit48d32b43c534c9f52d37b047dbcbc30a8882b52a (patch)
tree96c405216e10bff552daced2a38d0edcfcb63d58
parentc35f3e835b4078fedabc1ff5013bc4727f533e16 (diff)
ipsec: provide stat index in sa details
Type: improvement When IPsec SAs are dumped, include the index that can be used to find byte & packet counters for the SA in the stat segment. Removed the field total_data_size from the details since it was not being populated and put the stat index field in its place. Change-Id: If73efc230542a11944551b6e710b57b575450da3 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
-rw-r--r--src/vat/api_format.c5
-rw-r--r--src/vnet/ipsec/ipsec.api6
-rw-r--r--src/vnet/ipsec/ipsec_api.c2
3 files changed, 8 insertions, 5 deletions
diff --git a/src/vat/api_format.c b/src/vat/api_format.c
index 803daafac19..a84a67e75ba 100644
--- a/src/vat/api_format.c
+++ b/src/vat/api_format.c
@@ -13804,7 +13804,7 @@ vl_api_ipsec_sa_details_t_handler (vl_api_ipsec_sa_details_t * mp)
"crypto_key %U integ_alg %u integ_key %U flags %x "
"tunnel_src_addr %U tunnel_dst_addr %U "
"salt %u seq_outbound %lu last_seq_inbound %lu "
- "replay_window %lu\n",
+ "replay_window %lu stat_index %u\n",
ntohl (mp->entry.sad_id),
ntohl (mp->sw_if_index),
ntohl (mp->entry.spi),
@@ -13818,7 +13818,7 @@ vl_api_ipsec_sa_details_t_handler (vl_api_ipsec_sa_details_t * mp)
&mp->entry.tunnel_dst, ntohl (mp->salt),
clib_net_to_host_u64 (mp->seq_outbound),
clib_net_to_host_u64 (mp->last_seq_inbound),
- clib_net_to_host_u64 (mp->replay_window));
+ clib_net_to_host_u64 (mp->replay_window), ntohl (mp->stat_index));
}
#define vl_api_ipsec_sa_details_t_endian vl_noop_handler
@@ -13866,6 +13866,7 @@ static void vl_api_ipsec_sa_details_t_handler_json
vat_json_object_add_address (node, "dst", &mp->entry.tunnel_dst);
vat_json_object_add_uint (node, "replay_window",
clib_net_to_host_u64 (mp->replay_window));
+ vat_json_object_add_uint (node, "stat_index", ntohl (mp->stat_index));
}
static int
diff --git a/src/vnet/ipsec/ipsec.api b/src/vnet/ipsec/ipsec.api
index 3f8913fe26e..dee9144dda1 100644
--- a/src/vnet/ipsec/ipsec.api
+++ b/src/vnet/ipsec/ipsec.api
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-option version = "3.0.1";
+option version = "3.0.2";
import "vnet/ipsec/ipsec_types.api";
import "vnet/interface_types.api";
@@ -414,7 +414,7 @@ define ipsec_sa_dump {
@param last_seq - highest sequence number received inbound
@param last_seq_hi - high 32 bits of highest ESN received inbound
@param replay_window - bit map of seq nums received relative to last_seq if using anti-replay
- @param total_data_size - total bytes sent or received
+ @param stat_index - index for the SA in the stats segment @ /net/ipsec/sa
@param udp_encap - 1 if UDP encap enabled, 0 otherwise
*/
define ipsec_sa_details {
@@ -427,7 +427,7 @@ define ipsec_sa_details {
u64 last_seq_inbound;
u64 replay_window;
- u64 total_data_size;
+ u32 stat_index;
};
/** \brief Set new SA on IPsec interface
diff --git a/src/vnet/ipsec/ipsec_api.c b/src/vnet/ipsec/ipsec_api.c
index ded6e70bb20..4a55a29c288 100644
--- a/src/vnet/ipsec/ipsec_api.c
+++ b/src/vnet/ipsec/ipsec_api.c
@@ -827,6 +827,8 @@ send_ipsec_sa_details (ipsec_sa_t * sa, void *arg)
if (ipsec_sa_is_set_USE_ANTI_REPLAY (sa))
mp->replay_window = clib_host_to_net_u64 (sa->replay_window);
+ mp->stat_index = clib_host_to_net_u32 (sa->stat_index);
+
vl_api_send_msg (ctx->reg, (u8 *) mp);
return (WALK_CONTINUE);