From b08967d6d8b9377ac5cf375113c345b9b52d4f49 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Mon, 23 Sep 2013 12:10:07 +0200 Subject: libipsec: Support usage statistics and query_sa() on IPsec SAs --- src/libipsec/ipsec_processor.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'src/libipsec/ipsec_processor.c') diff --git a/src/libipsec/ipsec_processor.c b/src/libipsec/ipsec_processor.c index eae2ed2f1..ee297a34b 100644 --- a/src/libipsec/ipsec_processor.c +++ b/src/libipsec/ipsec_processor.c @@ -91,6 +91,7 @@ static void deliver_inbound(private_ipsec_processor_t *this, static job_requeue_t process_inbound(private_ipsec_processor_t *this) { esp_packet_t *packet; + ip_packet_t *ip_packet; ipsec_sa_t *sa; u_int8_t next_header; u_int32_t spi, reqid; @@ -126,6 +127,8 @@ static job_requeue_t process_inbound(private_ipsec_processor_t *this) packet->destroy(packet); return JOB_REQUEUE_DIRECT; } + ip_packet = packet->get_payload(packet); + sa->update_usestats(sa, ip_packet->get_encoding(ip_packet).len); reqid = sa->get_reqid(sa); ipsec->sas->checkin(ipsec->sas, sa); @@ -136,13 +139,11 @@ static job_requeue_t process_inbound(private_ipsec_processor_t *this) case IPPROTO_IPV6: { ipsec_policy_t *policy; - ip_packet_t *ip_packet; - ip_packet = packet->get_payload(packet); policy = ipsec->policies->find_by_packet(ipsec->policies, ip_packet, TRUE, reqid); if (policy) - { /* TODO-IPSEC: update policy/sa stats? */ + { deliver_inbound(this, packet); policy->destroy(policy); break; @@ -225,7 +226,7 @@ static job_requeue_t process_outbound(private_ipsec_processor_t *this) policy->destroy(policy); return JOB_REQUEUE_DIRECT; } - /* TODO-IPSEC: update policy/sa counters? */ + sa->update_usestats(sa, packet->get_encoding(packet).len); ipsec->sas->checkin(ipsec->sas, sa); policy->destroy(policy); send_outbound(this, esp_packet); -- cgit v1.2.3