[XFRM]: Define packet dropping statistics.

XFRM proc - /proc/net/xfrm_* files

==================================

Masahide NAKAMURA <nakam@linux-ipv6.org>

Transformation Statistics

-------------------------

xfrm_proc is a statistics shown factor dropped by transformation

for developer.

It is a counter designed from current transformation source code

and defined like linux private MIB.

Inbound statistics

~~~~~~~~~~~~~~~~~~

XfrmInError:

	All errors which is not matched others

XfrmInBufferError:

	No buffer is left

XfrmInHdrError:

	Header error

XfrmInNoStates:

	No state is found

	i.e. Either inbound SPI, address, or IPsec protocol at SA is wrong

XfrmInStateProtoError:

	Transformation protocol specific error

	e.g. SA key is wrong

XfrmInStateModeError:

	Transformation mode specific error

XfrmInSeqOutOfWindow:

	Sequence out of window

XfrmInStateExpired:

	State is expired

XfrmInStateMismatch:

	State has mismatch option

	e.g. UDP encapsulation type is mismatch

XfrmInStateInvalid:

	State is invalid

XfrmInTmplMismatch:

	No matching template for states

	e.g. Inbound SAs are correct but SP rule is wrong

XfrmInNoPols:

	No policy is found for states

	e.g. Inbound SAs are correct but no SP is found

XfrmInPolBlock:

	Policy discards

XfrmInPolError:

	Policy error

Outbound errors

~~~~~~~~~~~~~~~

XfrmOutError:

	All errors which is not matched others

XfrmOutBundleGenError:

	Bundle generation error

XfrmOutBundleCheckError:

	Bundle check error

XfrmOutNoStates:

	No state is found

XfrmOutStateProtoError:

	Transformation protocol specific error

XfrmOutStateModeError:

	Transformation mode specific error

	e.g. Outer header space is not enough

XfrmOutStateExpired:

	State is expired

XfrmOutPolBlock:

	Policy discards

XfrmOutPolDead:

	Policy is dead

XfrmOutPolError:

	Policy error

	__LINUX_MIB_MAX

};

/* linux Xfrm mib definitions */

enum

{

	LINUX_MIB_XFRMNUM = 0,

	LINUX_MIB_XFRMINERROR,			/* XfrmInError */

	LINUX_MIB_XFRMINBUFFERERROR,		/* XfrmInBufferError */

	LINUX_MIB_XFRMINHDRERROR,		/* XfrmInHdrError */

	LINUX_MIB_XFRMINNOSTATES,		/* XfrmInNoStates */

	LINUX_MIB_XFRMINSTATEPROTOERROR,	/* XfrmInStateProtoError */

	LINUX_MIB_XFRMINSTATEMODEERROR,		/* XfrmInStateModeError */

	LINUX_MIB_XFRMINSEQOUTOFWINDOW,		/* XfrmInSeqOutOfWindow */

	LINUX_MIB_XFRMINSTATEEXPIRED,		/* XfrmInStateExpired */

	LINUX_MIB_XFRMINSTATEMISMATCH,		/* XfrmInStateMismatch */

	LINUX_MIB_XFRMINSTATEINVALID,		/* XfrmInStateInvalid */

	LINUX_MIB_XFRMINTMPLMISMATCH,		/* XfrmInTmplMismatch */

	LINUX_MIB_XFRMINNOPOLS,			/* XfrmInNoPols */

	LINUX_MIB_XFRMINPOLBLOCK,		/* XfrmInPolBlock */

	LINUX_MIB_XFRMINPOLERROR,		/* XfrmInPolError */

	LINUX_MIB_XFRMOUTERROR,			/* XfrmOutError */

	LINUX_MIB_XFRMOUTBUNDLEGENERROR,	/* XfrmOutBundleGenError */

	LINUX_MIB_XFRMOUTBUNDLECHECKERROR,	/* XfrmOutBundleCheckError */

	LINUX_MIB_XFRMOUTNOSTATES,		/* XfrmOutNoStates */

	LINUX_MIB_XFRMOUTSTATEPROTOERROR,	/* XfrmOutStateProtoError */

	LINUX_MIB_XFRMOUTSTATEMODEERROR,	/* XfrmOutStateModeError */

	LINUX_MIB_XFRMOUTSTATEEXPIRED,		/* XfrmOutStateExpired */

	LINUX_MIB_XFRMOUTPOLBLOCK,		/* XfrmOutPolBlock */

	LINUX_MIB_XFRMOUTPOLDEAD,		/* XfrmOutPolDead */

	LINUX_MIB_XFRMOUTPOLERROR,		/* XfrmOutPolError */

	__LINUX_MIB_XFRMMAX

};

#endif	/* _LINUX_SNMP_H */

	unsigned long	mibs[LINUX_MIB_MAX];

};

/* Linux Xfrm */

#define LINUX_MIB_XFRMMAX	__LINUX_MIB_XFRMMAX

struct linux_xfrm_mib {

	unsigned long	mibs[LINUX_MIB_XFRMMAX];

};

/* 

 * FIXME: On x86 and some other CPUs the split into user and softirq parts

#include <net/route.h>

#include <net/ipv6.h>

#include <net/ip6_fib.h>

#ifdef CONFIG_XFRM_STATISTICS

#include <net/snmp.h>

#endif

#define XFRM_PROTO_ESP		50

#define XFRM_PROTO_AH		51

#define MODULE_ALIAS_XFRM_TYPE(family, proto) \

	MODULE_ALIAS("xfrm-type-" __stringify(family) "-" __stringify(proto))

#ifdef CONFIG_XFRM_STATISTICS

DECLARE_SNMP_STAT(struct linux_xfrm_mib, xfrm_statistics);

#define XFRM_INC_STATS(field)		SNMP_INC_STATS(xfrm_statistics, field)

#define XFRM_INC_STATS_BH(field)	SNMP_INC_STATS_BH(xfrm_statistics, field)

#define XFRM_INC_STATS_USER(field) 	SNMP_INC_STATS_USER(xfrm_statistics, field)

#else

#define XFRM_INC_STATS(field)

#define XFRM_INC_STATS_BH(field)

#define XFRM_INC_STATS_USER(field)

#endif

extern struct sock *xfrm_nl;

extern u32 sysctl_xfrm_aevent_etime;

extern u32 sysctl_xfrm_aevent_rseqth;

}

#endif

#ifdef CONFIG_XFRM_STATISTICS

extern int xfrm_proc_init(void);

#endif

extern int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*), void *);

extern struct xfrm_state *xfrm_state_alloc(void);

extern struct xfrm_state *xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, 

obj-$(CONFIG_XFRM) := xfrm_policy.o xfrm_state.o xfrm_hash.o \

		      xfrm_input.o xfrm_output.o xfrm_algo.o

obj-$(CONFIG_XFRM_STATISTICS) += xfrm_proc.o

obj-$(CONFIG_XFRM_USER) += xfrm_user.o