Gitiles
Code Review Sign In
gerrit.nordix.org / fdio / vpp / 3d0ef26a0285b9baa486c91b2e6609125a2bc651 / . / src / vnet / ipsec / ipsec_format.c
blob: cbd67239680e4eace785612930cf366f0b0c102b [file] [log] [blame]
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1/*
2 * decap.c : IPSec tunnel support
3 *
4 * Copyright (c) 2015 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18#include <vnet/vnet.h>
19#include <vnet/api_errno.h>
20#include <vnet/ip/ip.h>
21#include <vnet/interface.h>
22
23#include <vnet/ipsec/ipsec.h>
24
25u8 *
26format_ipsec_policy_action (u8 * s, va_list * args)
27{
28 u32 i = va_arg (*args, u32);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]29 char *t = 0;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]30
31 switch (i)
32 {
33#define _(v,f,str) case IPSEC_POLICY_ACTION_##f: t = str; break;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]34 foreach_ipsec_policy_action
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]35#undef _
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]36 default:
37 s = format (s, "unknown");
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]38 }
39 s = format (s, "%s", t);
40 return s;
41}
42
43uword
44unformat_ipsec_policy_action (unformat_input_t * input, va_list * args)
45{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]46 u32 *r = va_arg (*args, u32 *);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]47
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]48 if (0);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]49#define _(v,f,s) else if (unformat (input, s)) *r = IPSEC_POLICY_ACTION_##f;
50 foreach_ipsec_policy_action
51#undef _
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]52 else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]53 return 0;
54 return 1;
55}
56
57u8 *
58format_ipsec_crypto_alg (u8 * s, va_list * args)
59{
60 u32 i = va_arg (*args, u32);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]61 u8 *t = 0;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]62
63 switch (i)
64 {
65#define _(v,f,str) case IPSEC_CRYPTO_ALG_##f: t = (u8 *) str; break;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]66 foreach_ipsec_crypto_alg
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]67#undef _
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]68 default:
69 s = format (s, "unknown");
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]70 }
71 s = format (s, "%s", t);
72 return s;
73}
74
75uword
76unformat_ipsec_crypto_alg (unformat_input_t * input, va_list * args)
77{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]78 u32 *r = va_arg (*args, u32 *);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]79
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]80 if (0);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]81#define _(v,f,s) else if (unformat (input, s)) *r = IPSEC_CRYPTO_ALG_##f;
82 foreach_ipsec_crypto_alg
83#undef _
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]84 else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]85 return 0;
86 return 1;
87}
88
89u8 *
90format_ipsec_integ_alg (u8 * s, va_list * args)
91{
92 u32 i = va_arg (*args, u32);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]93 u8 *t = 0;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]94
95 switch (i)
96 {
97#define _(v,f,str) case IPSEC_INTEG_ALG_##f: t = (u8 *) str; break;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]98 foreach_ipsec_integ_alg
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]99#undef _
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]100 default:
101 s = format (s, "unknown");
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]102 }
103 s = format (s, "%s", t);
104 return s;
105}
106
107uword
108unformat_ipsec_integ_alg (unformat_input_t * input, va_list * args)
109{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]110 u32 *r = va_arg (*args, u32 *);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]111
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]112 if (0);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]113#define _(v,f,s) else if (unformat (input, s)) *r = IPSEC_INTEG_ALG_##f;
114 foreach_ipsec_integ_alg
115#undef _
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]116 else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]117 return 0;
118 return 1;
119}
120
121u8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]122format_ipsec_replay_window (u8 * s, va_list * args)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]123{
124 u64 w = va_arg (*args, u64);
125 u8 i;
126
127 for (i = 0; i < 64; i++)
128 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]129 s = format (s, "%u", w & (1ULL << i) ? 1 : 0);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]130 }
131
132 return s;
133}
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]134
Neale Rannsa09c1ff2019-02-04 01:10:30 -0800[diff] [blame]135u8 *
136format_ipsec_policy (u8 * s, va_list * args)
137{
138 u32 pi = va_arg (*args, u32);
139 ipsec_main_t *im = &ipsec_main;
140 ipsec_policy_t *p;
141 vlib_counter_t counts;
142
143 p = pool_elt_at_index (im->policies, pi);
144
145 s = format (s, " [%d] priority %d action %U protocol ",
146 pi, p->priority, format_ipsec_policy_action, p->policy);
147 if (p->protocol)
148 {
149 s = format (s, "%U", format_ip_protocol, p->protocol);
150 }
151 else
152 {
153 s = format (s, "any");
154 }
155 if (p->policy == IPSEC_POLICY_ACTION_PROTECT)
156 {
157 s = format (s, " sa %u", p->sa_id);
158 }
159 if (p->is_ipv6)
160 {
161 s = format (s, "\n local addr range %U - %U port range %u - %u",
162 format_ip6_address, &p->laddr.start.ip6,
163 format_ip6_address, &p->laddr.stop.ip6,
164 p->lport.start, p->lport.stop);
165 s = format (s, "\n remote addr range %U - %U port range %u - %u",
166 format_ip6_address, &p->raddr.start.ip6,
167 format_ip6_address, &p->raddr.stop.ip6,
168 p->rport.start, p->rport.stop);
169 }
170 else
171 {
172 s = format (s, "\n local addr range %U - %U port range %u - %u",
173 format_ip4_address, &p->laddr.start.ip4,
174 format_ip4_address, &p->laddr.stop.ip4,
175 p->lport.start, p->lport.stop);
176 s = format (s, "\n remote addr range %U - %U port range %u - %u",
177 format_ip4_address, &p->raddr.start.ip4,
178 format_ip4_address, &p->raddr.stop.ip4,
179 p->rport.start, p->rport.stop);
180 }
181 vlib_get_combined_counter (&ipsec_spd_policy_counters, pi, &counts);
182 s = format (s, "\n packets %u bytes %u", counts.packets, counts.bytes);
183
184 return (s);
185}
186
187u8 *
188format_ipsec_spd (u8 * s, va_list * args)
189{
190 u32 si = va_arg (*args, u32);
191 ipsec_main_t *im = &ipsec_main;
192 ipsec_spd_t *spd;
193 u32 *i;
194
195 spd = pool_elt_at_index (im->spds, si);
196
197 s = format (s, "spd %u", spd->id);
198
199#define _(v, n) \
200 s = format (s, "\n %s:", n); \
201 vec_foreach(i, spd->policies[IPSEC_SPD_POLICY_##v]) \
202 { \
203 s = format (s, "\n %U", format_ipsec_policy, *i); \
204 }
205 foreach_ipsec_spd_policy_type;
206#undef _
207
208 return (s);
209}
210
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]211/*
212 * fd.io coding-style-patch-verification: ON
213 *
214 * Local Variables:
215 * eval: (c-set-style "gnu")
216 * End:
217 */