vici: Include the Netfilter marks in listed CHILD_SAs
This commit is contained in:
parent
22f08609f1
commit
0b4e539cb3
|
@ -689,6 +689,10 @@ command.
|
|||
spi-out = <hex encoded outbound SPI>
|
||||
cpi-in = <hex encoded inbound CPI, if using compression>
|
||||
cpi-out = <hex encoded outbound CPI, if using compression>
|
||||
mark-in = <hex encoded inbound Netfilter mark value>
|
||||
mark-mask-in = <hex encoded inbound Netfilter mark mask>
|
||||
mark-out = <hex encoded outbound Netfilter mark value>
|
||||
mark-mask-out = <hex encoded outbound Netfilter mark mask>
|
||||
encr-alg = <ESP encryption algorithm name, if any>
|
||||
encr-keysize = <ESP encryption key size, if applicable>
|
||||
integ-alg = <ESP or AH integrity algorithm name, if any>
|
||||
|
|
|
@ -79,6 +79,19 @@ struct private_vici_query_t {
|
|||
time_t uptime;
|
||||
};
|
||||
|
||||
static void add_mark(vici_builder_t *b, mark_t mark,
|
||||
char *label, char *mask_label)
|
||||
{
|
||||
if (mark.value | mark.mask)
|
||||
{
|
||||
b->add_kv(b, label, "%.8x", mark.value);
|
||||
if (~mark.mask)
|
||||
{
|
||||
b->add_kv(b, mask_label, "%.8x", mark.mask);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* List details of a CHILD_SA
|
||||
*/
|
||||
|
@ -114,6 +127,8 @@ static void list_child(private_vici_query_t *this, vici_builder_t *b,
|
|||
b->add_kv(b, "cpi-in", "%.4x", ntohs(child->get_cpi(child, TRUE)));
|
||||
b->add_kv(b, "cpi-out", "%.4x", ntohs(child->get_cpi(child, FALSE)));
|
||||
}
|
||||
add_mark(b, child->get_mark(child, TRUE), "mark-in", "mark-mask-in");
|
||||
add_mark(b, child->get_mark(child, FALSE), "mark-out", "mark-mask-out");
|
||||
proposal = child->get_proposal(child);
|
||||
if (proposal)
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue