ipdrop.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2004 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <inet/ipsec_info.h>
/*
* Packet drop facility.
*/
struct ip_dropstats *ip_drop_types;
/*
* Initialize drop facility kstats.
*/
void
ip_drop_init(void)
{
if (ip_drop_kstat == NULL)
return;
/* TCP IPsec drop statistics. */
/* SADB-specific drop statistics. */
"sadb_inlarval_timeout", KSTAT_DATA_UINT64);
"sadb_inlarval_replace", KSTAT_DATA_UINT64);
"sadb_acquire_nomem", KSTAT_DATA_UINT64);
"sadb_acquire_toofull", KSTAT_DATA_UINT64);
"sadb_acquire_timeout", KSTAT_DATA_UINT64);
/* SPD drop statistics. */
"spd_loopback_mismatch", KSTAT_DATA_UINT64);
/* ESP-specific drop statistics. */
/* AH-specific drop statistics. */
/* IP-specific drop statistics. */
}
void
ip_drop_destroy(void)
{
}
/*
* Register a packet dropper.
*/
void
{
"ip_drop_register: ipdropper %s already registered with %s",
return;
}
/* Assume that name is reasonable in length. This isn't user-land. */
}
/*
* Un-register a packet dropper.
*/
void
{
}
/*
* Actually drop a packet. Many things could happen here, but at the least,
* the packet will be freemsg()ed.
*/
/* ARGSUSED */
void
{
/*
* Return immediately - NULL packets should not affect any
* statistics.
*/
return;
}
/*
* If not, it's some other sort of M_CTL to be freed.
* For now, treat it like an ordinary packet.
*/
}
}
/* Reality checks */
"ip_drop_packet: inbound packet with IPSEC_OUT");
"ip_drop_packet: outbound packet with IPSEC_IN");
/* At this point, mp always points to the data. */
/*
* Can't make the assertion yet - It could be an inbound ICMP
* message, which is M_CTL but with data in it.
*/
/* ASSERT(mp->b_datap->db_type == M_DATA); */
/* Increment the bean counter, if available. */
case KSTAT_DATA_INT32:
break;
case KSTAT_DATA_UINT32:
break;
case KSTAT_DATA_INT64:
break;
case KSTAT_DATA_UINT64:
break;
/* Other types we can't handle for now. */
}
/* TODO? Copy out kstat name for use in logging. */
}
/* TODO: log the packet details if logging is called for. */
/* TODO: queue the packet onto a snoop-friendly queue. */
/* If I haven't queued the packet or some such nonsense, free it. */
}