mirror of
https://github.com/strongswan/strongswan.git
synced 2025-10-06 00:00:47 -04:00
vici: list-conn reports DPD settings and swanctl displays them
This commit is contained in:
Andreas Steffen
parent
ac140220c4
commit
4eaf08c35b
@ -774,7 +774,7 @@ CALLBACK(list_conns, vici_message_t*,
|
||||
ike_cfg_t *ike_cfg;
|
||||
child_cfg_t *child_cfg;
|
||||
char *ike, *str, *interface;
|
||||
uint32_t manual_prio;
|
||||
uint32_t manual_prio, dpd_delay, dpd_timeout;
|
||||
linked_list_t *list;
|
||||
traffic_selector_t *ts;
|
||||
lifetime_cfg_t *lft;
|
||||
@ -825,6 +825,18 @@ CALLBACK(list_conns, vici_message_t*,
|
||||
b->add_kv(b, "unique", "%N", unique_policy_names,
|
||||
peer_cfg->get_unique_policy(peer_cfg));
|
||||
|
||||
dpd_delay = peer_cfg->get_dpd(peer_cfg);
|
||||
if (dpd_delay)
|
||||
{
|
||||
b->add_kv(b, "dpd_delay", "%u", dpd_delay);
|
||||
}
|
||||
|
||||
dpd_timeout = peer_cfg->get_dpd_timeout(peer_cfg);
|
||||
if (dpd_timeout)
|
||||
{
|
||||
b->add_kv(b, "dpd_timeout", "%u", dpd_timeout);
|
||||
}
|
||||
|
||||
build_auth_cfgs(peer_cfg, TRUE, b);
|
||||
build_auth_cfgs(peer_cfg, FALSE, b);
|
||||
|
||||
@ -843,6 +855,9 @@ CALLBACK(list_conns, vici_message_t*,
|
||||
b->add_kv(b, "rekey_packets", "%"PRIu64, lft->packets.rekey);
|
||||
free(lft);
|
||||
|
||||
b->add_kv(b, "dpd_action", "%N", action_names,
|
||||
child_cfg->get_dpd_action(child_cfg));
|
||||
|
||||
b->begin_list(b, "local-ts");
|
||||
list = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
|
||||
selectors = list->create_enumerator(list);
|
||||
|
||||
@ -84,8 +84,8 @@ CALLBACK(children_sn, int,
|
||||
{
|
||||
hashtable_t *child;
|
||||
char *mode, *interface, *priority;
|
||||
char *rekey_time, *rekey_bytes, *rekey_packets;
|
||||
bool no_time, no_bytes, no_packets, or = FALSE;
|
||||
char *rekey_time, *rekey_bytes, *rekey_packets, *dpd_action, *dpd_delay;
|
||||
bool no_time, no_bytes, no_packets, no_dpd, or = FALSE;
|
||||
int ret;
|
||||
|
||||
child = hashtable_create(hashtable_hash_str, hashtable_equals_str, 1);
|
||||
@ -98,14 +98,18 @@ CALLBACK(children_sn, int,
|
||||
rekey_time = child->get(child, "rekey_time");
|
||||
rekey_bytes = child->get(child, "rekey_bytes");
|
||||
rekey_packets = child->get(child, "rekey_packets");
|
||||
dpd_action = child->get(child, "dpd_action");
|
||||
dpd_delay = ike->get(ike, "dpd_delay");
|
||||
|
||||
no_time = streq(rekey_time, "0");
|
||||
no_bytes = streq(rekey_bytes, "0");
|
||||
no_packets = streq(rekey_packets, "0");
|
||||
no_dpd = streq(dpd_delay, "0");
|
||||
|
||||
if (strcaseeq(mode, "PASS") || strcaseeq(mode, "DROP") ||
|
||||
(no_time && no_bytes && no_packets))
|
||||
{
|
||||
printf("no rekeying\n");
|
||||
printf("no rekeying");
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -124,8 +128,12 @@ CALLBACK(children_sn, int,
|
||||
{
|
||||
printf("%s %s packets", or ? " or" : "", rekey_packets);
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
if (!no_dpd)
|
||||
{
|
||||
printf(", dpd action is %s", dpd_action);
|
||||
}
|
||||
printf("\n");
|
||||
|
||||
printf(" local: %s\n", child->get(child, "local-ts"));
|
||||
printf(" remote: %s\n", child->get(child, "remote-ts"));
|
||||
@ -153,7 +161,7 @@ CALLBACK(conn_sn, int,
|
||||
|
||||
if (streq(name, "children"))
|
||||
{
|
||||
return vici_parse_cb(res, children_sn, NULL, NULL, NULL);
|
||||
return vici_parse_cb(res, children_sn, NULL, NULL, ike);
|
||||
}
|
||||
if (strpfx(name, "local") || strpfx(name, "remote"))
|
||||
{
|
||||
@ -225,11 +233,17 @@ CALLBACK(conn_list, int,
|
||||
CALLBACK(conns, int,
|
||||
void *null, vici_res_t *res, char *name)
|
||||
{
|
||||
char *version, *reauth_time, *rekey_time;
|
||||
int ret;
|
||||
char *version, *reauth_time, *rekey_time, *dpd_delay;
|
||||
hashtable_t *ike;
|
||||
|
||||
version = vici_find_str(res, "", "%s.version", name);
|
||||
reauth_time = vici_find_str(res, "", "%s.reauth_time", name);
|
||||
rekey_time = vici_find_str(res, "", "%s.rekey_time", name);
|
||||
reauth_time = vici_find_str(res, "0", "%s.reauth_time", name);
|
||||
rekey_time = vici_find_str(res, "0", "%s.rekey_time", name);
|
||||
dpd_delay = vici_find_str(res, "0", "%s.dpd_delay", name);
|
||||
|
||||
ike = hashtable_create(hashtable_hash_str, hashtable_equals_str, 1);
|
||||
free(ike->put(ike,"dpd_delay", strdup(dpd_delay)));
|
||||
|
||||
printf("%s: %s, ", name, version);
|
||||
if (streq(version, "IKEv1"))
|
||||
@ -247,22 +261,26 @@ CALLBACK(conns, int,
|
||||
{
|
||||
printf("reauthentication every %ss", reauth_time);
|
||||
}
|
||||
if (streq(version, "IKEv1"))
|
||||
{
|
||||
printf("\n");
|
||||
}
|
||||
else
|
||||
if (!streq(version, "IKEv1"))
|
||||
{
|
||||
if (streq(rekey_time, "0"))
|
||||
{
|
||||
printf(", no rekeying\n");
|
||||
printf(", no rekeying");
|
||||
}
|
||||
else
|
||||
{
|
||||
printf(", rekeying every %ss\n", rekey_time);
|
||||
printf(", rekeying every %ss", rekey_time);
|
||||
}
|
||||
}
|
||||
return vici_parse_cb(res, conn_sn, NULL, conn_list, NULL);
|
||||
if (!streq(dpd_delay, "0"))
|
||||
{
|
||||
printf(", dpd delay %ss", dpd_delay);
|
||||
}
|
||||
printf("\n");
|
||||
|
||||
ret = vici_parse_cb(res, conn_sn, NULL, conn_list, ike);
|
||||
free_hashtable(ike);
|
||||
return ret;
|
||||
}
|
||||
|
||||
CALLBACK(list_cb, void,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user