vici: Report interface IDs
authorTobias Brunner <tobias@strongswan.org>
Tue, 12 Feb 2019 11:13:41 +0000 (12:13 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 4 Apr 2019 07:31:38 +0000 (09:31 +0200)
src/libcharon/plugins/vici/README.md
src/libcharon/plugins/vici/vici_query.c

index 5bd8c17..2b0b7c2 100644 (file)
@@ -813,6 +813,8 @@ command.
                                        mark-mask-in = <hex encoded inbound Netfilter mark mask>
                                        mark-out = <hex encoded outbound Netfilter mark value>
                                        mark-mask-out = <hex encoded outbound Netfilter mark mask>
+                                       if-id-in = <hex encoded inbound XFRM interface ID>
+                                       if-id-out = <hex encoded outbound XFRM interface ID>
                                        encr-alg = <ESP encryption algorithm name, if any>
                                        encr-keysize = <ESP encryption key size, if applicable>
                                        integ-alg = <ESP or AH integrity algorithm name, if any>
index d7b61ca..e00c1d8 100644 (file)
@@ -155,6 +155,7 @@ static void list_child(private_vici_query_t *this, vici_builder_t *b,
 {
        time_t t;
        uint64_t bytes, packets;
+       uint32_t if_id;
        uint16_t alg, ks;
        proposal_t *proposal;
        enumerator_t *enumerator;
@@ -185,6 +186,16 @@ static void list_child(private_vici_query_t *this, vici_builder_t *b,
                }
                add_mark(b, child->get_mark(child, TRUE), "mark-in", "mark-mask-in");
                add_mark(b, child->get_mark(child, FALSE), "mark-out", "mark-mask-out");
+               if_id = child->get_if_id(child, TRUE);
+               if (if_id)
+               {
+                       b->add_kv(b, "if-id-in", "%.8x", if_id);
+               }
+               if_id = child->get_if_id(child, FALSE);
+               if (if_id)
+               {
+                       b->add_kv(b, "if-id-out", "%.8x", if_id);
+               }
                proposal = child->get_proposal(child);
                if (proposal)
                {