diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2015-09-21 13:42:11 +0300 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2017-11-20 10:45:02 +0200 |
| commit | b08bc3334aa09841438123ce3ddd7f535350cb24 (patch) | |
| tree | e90307b8746875b4056e320718ff3087f3fca4ef | |
| parent | 40790461360e930ffda5dce9e020e15d9ccfdd7a (diff) | |
| download | strongswan-tteras-release.tar.bz2 strongswan-tteras-release.tar.xz | |
vici: add support for individual sa state changestteras-release
Useful for monitoring and tracking full SA.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
| -rw-r--r-- | src/libcharon/plugins/vici/vici_query.c | 105 |
1 files changed, 105 insertions, 0 deletions
diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c index 6a2d9d3dc..36802fcc4 100644 --- a/src/libcharon/plugins/vici/vici_query.c +++ b/src/libcharon/plugins/vici/vici_query.c @@ -1607,8 +1607,16 @@ static void manage_commands(private_vici_query_t *this, bool reg) this->dispatcher->manage_event(this->dispatcher, "list-cert", reg); this->dispatcher->manage_event(this->dispatcher, "ike-updown", reg); this->dispatcher->manage_event(this->dispatcher, "ike-rekey", reg); + this->dispatcher->manage_event(this->dispatcher, "ike-state-established", reg); + this->dispatcher->manage_event(this->dispatcher, "ike-state-destroying", reg); this->dispatcher->manage_event(this->dispatcher, "child-updown", reg); this->dispatcher->manage_event(this->dispatcher, "child-rekey", reg); + this->dispatcher->manage_event(this->dispatcher, "child-state-installing", reg); + this->dispatcher->manage_event(this->dispatcher, "child-state-installed", reg); + this->dispatcher->manage_event(this->dispatcher, "child-state-updating", reg); + this->dispatcher->manage_event(this->dispatcher, "child-state-rekeying", reg); + this->dispatcher->manage_event(this->dispatcher, "child-state-rekeyed", reg); + this->dispatcher->manage_event(this->dispatcher, "child-state-destroying", reg); manage_command(this, "list-sas", list_sas, reg); manage_command(this, "list-policies", list_policies, reg); manage_command(this, "list-conns", list_conns, reg); @@ -1679,6 +1687,45 @@ METHOD(listener_t, ike_rekey, bool, return TRUE; } +METHOD(listener_t, ike_state_change, bool, + private_vici_query_t *this, ike_sa_t *ike_sa, ike_sa_state_t state) +{ + char *event; + vici_builder_t *b; + time_t now; + + switch (state) + { + case IKE_ESTABLISHED: + event = "ike-state-established"; + break; + case IKE_DESTROYING: + event = "ike-state-destroying"; + break; + default: + return TRUE; + } + + if (!this->dispatcher->has_event_listeners(this->dispatcher, event)) + { + return TRUE; + } + + now = time_monotonic(NULL); + + b = vici_builder_create(); + b->begin_section(b, ike_sa->get_name(ike_sa)); + list_ike(this, b, ike_sa, now, state != IKE_DESTROYING); + b->begin_section(b, "child-sas"); + b->end_section(b); + b->end_section(b); + + this->dispatcher->raise_event(this->dispatcher, + event, 0, b->finalize(b)); + + return TRUE; +} + METHOD(listener_t, child_updown, bool, private_vici_query_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa, bool up) { @@ -1754,6 +1801,62 @@ METHOD(listener_t, child_rekey, bool, return TRUE; } +METHOD(listener_t, child_state_change, bool, + private_vici_query_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa, child_sa_state_t state) +{ + char *event; + vici_builder_t *b; + time_t now; + + switch (state) + { + case CHILD_INSTALLING: + event = "child-state-installing"; + break; + case CHILD_INSTALLED: + event = "child-state-installed"; + break; + case CHILD_UPDATING: + event = "child-state-updating"; + break; + case CHILD_REKEYING: + event = "child-state-rekeying"; + break; + case CHILD_REKEYED: + event = "child-state-rekeyed"; + break; + case CHILD_DESTROYING: + event = "child-state-destroying"; + break; + default: + return TRUE; + } + + if (!this->dispatcher->has_event_listeners(this->dispatcher, event)) + { + return TRUE; + } + + now = time_monotonic(NULL); + + b = vici_builder_create(); + b->begin_section(b, ike_sa->get_name(ike_sa)); + list_ike(this, b, ike_sa, now, state != CHILD_DESTROYING); + b->begin_section(b, "child-sas"); + + b->begin_section(b, child_sa->get_name(child_sa)); + list_child(this, b, child_sa, now); + b->end_section(b); + + b->end_section(b); + b->end_section(b); + + this->dispatcher->raise_event(this->dispatcher, + event, 0, b->finalize(b)); + + return TRUE; +} + METHOD(vici_query_t, destroy, void, private_vici_query_t *this) { @@ -1773,8 +1876,10 @@ vici_query_t *vici_query_create(vici_dispatcher_t *dispatcher) .listener = { .ike_updown = _ike_updown, .ike_rekey = _ike_rekey, + .ike_state_change = _ike_state_change, .child_updown = _child_updown, .child_rekey = _child_rekey, + .child_state_change = _child_state_change, }, .destroy = _destroy, }, |