svn commit: r311973 - projects/ipsec/sys/netipsec
Andrey V. Elsukov
ae at FreeBSD.org
Thu Jan 12 09:38:15 UTC 2017
Author: ae
Date: Thu Jan 12 09:38:14 2017
New Revision: 311973
URL: https://svnweb.freebsd.org/changeset/base/311973
Log:
Add kdebug_secnatt() to print NAT-T information for SA.
Modified:
projects/ipsec/sys/netipsec/key_debug.c
Modified: projects/ipsec/sys/netipsec/key_debug.c
==============================================================================
--- projects/ipsec/sys/netipsec/key_debug.c Thu Jan 12 09:01:14 2017 (r311972)
+++ projects/ipsec/sys/netipsec/key_debug.c Thu Jan 12 09:38:14 2017 (r311973)
@@ -696,6 +696,21 @@ kdebug_secreplay(struct secreplay *rpl)
printf(" }\n");
}
+static void
+kdebug_secnatt(struct secnatt *natt)
+{
+ char buf[IPSEC_ADDRSTRLEN];
+
+ IPSEC_ASSERT(natt != NULL, ("null natt"));
+ printf(" natt{ sport=%u dport=%u ", ntohs(natt->sport),
+ ntohs(natt->dport));
+ if (natt->flags & IPSEC_NATT_F_OAI)
+ printf("oai=%s ", ipsec_address(&natt->oai, buf, sizeof(buf)));
+ if (natt->flags & IPSEC_NATT_F_OAR)
+ printf("oar=%s ", ipsec_address(&natt->oar, buf, sizeof(buf)));
+ printf("}\n");
+}
+
void
kdebug_secasv(struct secasvar *sav)
{
@@ -729,6 +744,8 @@ kdebug_secasv(struct secasvar *sav)
if (sav->key_enc != NULL)
KEYDBG(DUMP,
kdebug_sadb_key((struct sadb_ext *)sav->key_enc));
+ if (sav->natt != NULL)
+ kdebug_secnatt(sav->natt);
if (sav->replay != NULL) {
KEYDBG(DUMP,
SECASVAR_LOCK(sav);
More information about the svn-src-projects
mailing list