Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.sbin/sysctl IPv6/IPsec sysctl MIB support.
details: https://anonhg.NetBSD.org/src/rev/e8703bb8cff2
branches: trunk
changeset: 474254:e8703bb8cff2
user: itojun <itojun%NetBSD.org@localhost>
date: Fri Jul 02 08:58:21 1999 +0000
description:
IPv6/IPsec sysctl MIB support.
diffstat:
usr.sbin/sysctl/Makefile | 5 +-
usr.sbin/sysctl/sysctl.8 | 69 ++++++++++++++-
usr.sbin/sysctl/sysctl.c | 220 +++++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 286 insertions(+), 8 deletions(-)
diffs (truncated from 397 to 300 lines):
diff -r 8cfefd027da5 -r e8703bb8cff2 usr.sbin/sysctl/Makefile
--- a/usr.sbin/sysctl/Makefile Fri Jul 02 08:46:47 1999 +0000
+++ b/usr.sbin/sysctl/Makefile Fri Jul 02 08:58:21 1999 +0000
@@ -1,7 +1,10 @@
-# $NetBSD: Makefile,v 1.5 1998/03/05 14:02:00 christos Exp $
+# $NetBSD: Makefile,v 1.6 1999/07/02 08:58:21 itojun Exp $
# @(#)Makefile 8.1 (Berkeley) 6/6/93
PROG= sysctl
MAN= sysctl.8
+CFLAGS+=-DINET6 -DIPSEC
+#CFLAGS+=-DTCP6
+
.include <bsd.prog.mk>
diff -r 8cfefd027da5 -r e8703bb8cff2 usr.sbin/sysctl/sysctl.8
--- a/usr.sbin/sysctl/sysctl.8 Fri Jul 02 08:46:47 1999 +0000
+++ b/usr.sbin/sysctl/sysctl.8 Fri Jul 02 08:58:21 1999 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: sysctl.8,v 1.29 1999/05/23 20:33:51 ad Exp $
+.\" $NetBSD: sysctl.8,v 1.30 1999/07/02 08:58:22 itojun Exp $
.\"
.\" Copyright (c) 1993
.\" The Regents of the University of California. All rights reserved.
@@ -100,7 +100,7 @@
.Xr sysctl 3 .
The changeable column indicates whether a process with appropriate
privilege can change the value.
-.Bl -column net.inet.ip.forwardingxxxxxx integerxxx
+.Bl -column net.inet6.tcp6.syn_cache_intervalxxxxxx integerxxx
.It Sy Name Type Changeable
.It kern.ostype string no
.It kern.osrelease string no
@@ -184,6 +184,71 @@
.It net.inet.udp.checksum integer yes
.It net.inet.udp.sendspace integer yes
.It net.inet.udp.recvspace integer yes
+.It net.inet.ipsec.def_policy integer yes
+.It net.inet.ipsec.esp_trans_deflev integer yes
+.It net.inet.ipsec.esp_net_deflev integer yes
+.It net.inet.ipsec.ah_trans_deflev integer yes
+.It net.inet.ipsec.ah_net_deflev integer yes
+.It net.inet.ipsec.inbound_call_ike integer yes
+.It net.inet.ipsec.ah_cleartos integer yes
+.It net.inet.ipsec.ah_offsetmask integer yes
+.It net.inet.ipsec.dfbit integer yes
+.It net.inet.ipsec.ecn integer yes
+.It net.inet6.tcp6.mssdflt integer yes
+.It net.inet6.tcp6.do_rfc1323 integer yes
+.It net.inet6.tcp6.keepidle integer yes
+.It net.inet6.tcp6.keepinterval integer yes
+.It net.inet6.tcp6.keepcount integer yes
+.It net.inet6.tcp6.maxpersistidle integer yes
+.It net.inet6.tcp6.sendspace integer yes
+.It net.inet6.tcp6.recvspace integer yes
+.It net.inet6.tcp6.conntimeo integer yes
+.It net.inet6.tcp6.pmtu integer yes
+.It net.inet6.tcp6.pmtu_expire integer yes
+.It net.inet6.tcp6.pmtu_probe integer yes
+.It net.inet6.tcp6.43maxseg integer yes
+.It net.inet6.tcp6.syn_cache_limit integer yes
+.It net.inet6.tcp6.syn_bucket_limit integer yes
+.It net.inet6.tcp6.syn_cache_interval integer yes
+.It net.inet6.udp6.sendmax integer yes
+.It net.inet6.udp6.recvspace integer yes
+.It net.inet6.ip6.forwarding integer yes
+.It net.inet6.ip6.redirect integer yes
+.It net.inet6.ip6.hlim integer yes
+.It net.inet6.ip6.maxfragpackets integer yes
+.It net.inet6.ip6.accept_rtadv integer yes
+.It net.inet6.ip6.keepfaith integer yes
+.It net.inet6.ip6.log_interval integer yes
+.It net.inet6.ip6.hdrnestlimit integer yes
+.It net.inet6.ip6.dad_count integer yes
+.It net.inet6.ip6.auto_flowlabel integer yes
+.It net.inet6.ip6.defmcasthlim integer yes
+.It net.inet6.ip6.gif_hlim integer yes
+.It net.inet6.ip6.kame_version string no
+.It net.inet6.ipsec6.def_policy integer yes
+.It net.inet6.ipsec6.esp_trans_deflev integer yes
+.It net.inet6.ipsec6.esp_net_deflev integer yes
+.It net.inet6.ipsec6.ah_trans_deflev integer yes
+.It net.inet6.ipsec6.ah_net_deflev integer yes
+.It net.inet6.ipsec6.inbound_call_ike integer yes
+.It net.inet6.ipsec6.ecn integer yes
+.It net.inet6.icmp6.rediraccept integer yes
+.It net.inet6.icmp6.redirtimeout integer yes
+.It net.inet6.icmp6.errratelimit integer yes
+.It net.inet6.icmp6.nd6_prune integer yes
+.It net.inet6.icmp6.nd6_delay integer yes
+.It net.inet6.icmp6.nd6_umaxtries integer yes
+.It net.inet6.icmp6.nd6_mmaxtries integer yes
+.It net.inet6.icmp6.nd6_useloopback integer yes
+.It net.inet6.icmp6.nd6_proxyall integer yes
+.It net.key.debug integer yes
+.It net.key.spi_try integer yes
+.It net.key.spi_min_value integer yes
+.It net.key.spi_max_value integer yes
+.It net.key.random_int integer yes
+.It net.key.kill_int integer yes
+.It net.key.acq_exp_int integer yes
+.It net.key.acq_maxtime integer yes
.It hw.machine string no
.It hw.model string no
.It hw.ncpu integer no
diff -r 8cfefd027da5 -r e8703bb8cff2 usr.sbin/sysctl/sysctl.c
--- a/usr.sbin/sysctl/sysctl.c Fri Jul 02 08:46:47 1999 +0000
+++ b/usr.sbin/sysctl/sysctl.c Fri Jul 02 08:58:21 1999 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: sysctl.c,v 1.19 1999/04/26 22:13:52 thorpej Exp $ */
+/* $NetBSD: sysctl.c,v 1.20 1999/07/02 08:58:22 itojun Exp $ */
/*
* Copyright (c) 1993
@@ -44,7 +44,7 @@
#if 0
static char sccsid[] = "@(#)sysctl.c 8.1 (Berkeley) 6/6/93";
#else
-__RCSID("$NetBSD: sysctl.c,v 1.19 1999/04/26 22:13:52 thorpej Exp $");
+__RCSID("$NetBSD: sysctl.c,v 1.20 1999/07/02 08:58:22 itojun Exp $");
#endif
#endif /* not lint */
@@ -79,6 +79,27 @@
#include <netinet/tcp_timer.h>
#include <netinet/tcp_var.h>
+#ifdef INET6
+#include <netinet6/in6_systm.h>
+#include <netinet6/ip6.h>
+#include <netinet6/icmp6.h>
+#include <netinet6/ip6_var.h>
+#include <netinet6/udp6.h>
+#include <netinet6/udp6_var.h>
+#ifdef TCP6
+#include <netinet6/tcp6.h>
+#include <netinet6/tcp6_timer.h>
+#include <netinet6/tcp6_var.h>
+#endif
+#include <netinet6/pim6_var.h>
+#endif /* INET6 */
+
+#ifdef IPSEC
+#include <net/route.h>
+#include <netinet6/ipsec.h>
+#include <netkey/key_var.h>
+#endif /* IPSEC */
+
#include <err.h>
#include <ctype.h>
#include <errno.h>
@@ -138,6 +159,12 @@
static void parse __P((char *, int));
static void debuginit __P((void));
static int sysctl_inet __P((char *, char **, int[], int, int *));
+#ifdef INET6
+static int sysctl_inet6 __P((char *, char **, int[], int, int *));
+#endif
+#ifdef IPSEC
+static int sysctl_key __P((char *, char **, int[], int, int *));
+#endif
static int sysctl_vfs __P((char *, char **, int[], int, int *));
static int sysctl_vfsgen __P((char *, char **, int[], int, int *));
static int sysctl_mbuf __P((char *, char **, int[], int, int *));
@@ -344,6 +371,22 @@
break;
return;
}
+#ifdef INET6
+ else if (mib[1] == PF_INET6) {
+ len = sysctl_inet6(string, &bufp, mib, flags, &type);
+ if (len >= 0)
+ break;
+ return;
+ }
+#endif /* INET6 */
+#ifdef IPSEC
+ else if (mib[1] == PF_KEY) {
+ len = sysctl_key(string, &bufp, mib, flags, &type);
+ if (len >= 0)
+ break;
+ return;
+ }
+#endif /* IPSEC */
if (flags == 0)
return;
warnx("Use netstat to view %s information", string);
@@ -539,9 +582,12 @@
struct ctlname icmpname[] = ICMPCTL_NAMES;
struct ctlname tcpname[] = TCPCTL_NAMES;
struct ctlname udpname[] = UDPCTL_NAMES;
+#ifdef IPSEC
+struct ctlname ipsecname[] = IPSECCTL_NAMES;
+#endif
struct list inetlist = { inetname, IPPROTO_MAXID };
struct list inetvars[] = {
- { ipname, IPCTL_MAXID }, /* ip */
+/*0*/ { ipname, IPCTL_MAXID }, /* ip */
{ icmpname, ICMPCTL_MAXID }, /* icmp */
{ 0, 0 }, /* igmp */
{ 0, 0 }, /* ggmp */
@@ -551,7 +597,7 @@
{ 0, 0 },
{ 0, 0 }, /* egp */
{ 0, 0 },
- { 0, 0 },
+/*10*/ { 0, 0 },
{ 0, 0 },
{ 0, 0 }, /* pup */
{ 0, 0 },
@@ -559,6 +605,29 @@
{ 0, 0 },
{ 0, 0 },
{ udpname, UDPCTL_MAXID }, /* udp */
+ { 0, 0 },
+ { 0, 0 },
+/*20*/ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 }, /* idp */
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+/*30*/ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+/*40*/ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+#ifdef IPSEC
+ { ipsecname, IPSECCTL_MAXID }, /* esp - for backward compatibility */
+ { ipsecname, IPSECCTL_MAXID }, /* ah */
+#else
+ { 0, 0 },
+ { 0, 0 },
+#endif
};
/*
@@ -582,7 +651,7 @@
if ((indx = findname(string, "third", bufpp, &inetlist)) == -1)
return (-1);
mib[2] = indx;
- if (indx <= IPPROTO_UDP && inetvars[indx].list != NULL)
+ if (indx <= IPPROTO_MAXID && inetvars[indx].list != NULL)
lp = &inetvars[indx];
else if (!flags)
return (-1);
@@ -601,6 +670,147 @@
return (4);
}
+#ifdef INET6
+struct ctlname inet6name[] = CTL_IPV6PROTO_NAMES;
+struct ctlname ip6name[] = IPV6CTL_NAMES;
+struct ctlname icmp6name[] = ICMPV6CTL_NAMES;
+#ifdef TCP6
+struct ctlname tcp6name[] = TCP6CTL_NAMES;
+#endif
+struct ctlname udp6name[] = UDP6CTL_NAMES;
+struct ctlname pim6name[] = PIMCTL_NAMES;
+struct ctlname ipsec6name[] = IPSEC6CTL_NAMES;
+struct list inet6list = { inet6name, IPV6PROTO_MAXID };
+struct list inet6vars[] = {
+/*0*/ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+ { 0, 0 },
+#ifdef TCP6
+ { tcp6name, TCP6CTL_MAXID }, /* tcp6 */
+#else
+ { 0, 0 },
+#endif
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+/*10*/ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+ { udp6name, UDP6CTL_MAXID }, /* udp6 */
+ { 0, 0 },
+ { 0, 0 },
+/*20*/ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+/*30*/ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+/*40*/ { 0, 0 },
+ { ip6name, IPV6CTL_MAXID }, /* ipv6 */
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 },
+ { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 }, { 0, 0 },
+#ifdef IPSEC
+/*50*/ { ipsec6name, IPSECCTL_MAXID }, /* esp6 - for backward compatibility */
+ { ipsec6name, IPSECCTL_MAXID }, /* ah6 */
+#else
+ { 0, 0 },
+ { 0, 0 },
+#endif
+ { 0, 0 },
+ { 0, 0 },
Home |
Main Index |
Thread Index |
Old Index