/* *INDENT-ON* */
static void
-ipsec_sa_show_all (vlib_main_t * vm, ipsec_main_t * im)
+ipsec_sa_show_all (vlib_main_t * vm, ipsec_main_t * im, u8 detail)
{
u32 sai;
/* *INDENT-OFF* */
pool_foreach_index (sai, im->sad, ({
- vlib_cli_output(vm, "%U", format_ipsec_sa, sai, IPSEC_FORMAT_BRIEF);
+ vlib_cli_output(vm, "%U", format_ipsec_sa, sai,
+ (detail ? IPSEC_FORMAT_DETAIL : IPSEC_FORMAT_BRIEF));
}));
/* *INDENT-ON* */
}
{
ipsec_main_t *im = &ipsec_main;
- ipsec_sa_show_all (vm, im);
+ ipsec_sa_show_all (vm, im, 0);
ipsec_spd_show_all (vm, im);
ipsec_spd_bindings_show_all (vm, im);
ipsec_tunnel_show_all (vm, im);
{
ipsec_main_t *im = &ipsec_main;
u32 sai = ~0;
+ u8 detail = 0;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "%u", &sai))
;
+ if (unformat (input, "detail"))
+ detail = 1;
else
break;
}
if (~0 == sai)
- ipsec_sa_show_all (vm, im);
+ ipsec_sa_show_all (vm, im, detail);
else
vlib_cli_output (vm, "%U", format_ipsec_sa, sai, IPSEC_FORMAT_DETAIL);
};
/* *INDENT-ON* */
+static clib_error_t *
+ipsec_tun_protect_hash_show (vlib_main_t * vm,
+ unformat_input_t * input,
+ vlib_cli_command_t * cmd)
+{
+ ipsec_main_t *im = &ipsec_main;
+
+ {
+ ipsec_tun_lkup_result_t value;
+ ipsec4_tunnel_key_t key;
+
+ vlib_cli_output (vm, "IPv4:");
+
+ /* *INDENT-OFF* */
+ hash_foreach(key.as_u64, value.as_u64, im->tun4_protect_by_key,
+ ({
+ vlib_cli_output (vm, " %U", format_ipsec4_tunnel_key, &key);
+ vlib_cli_output (vm, " tun:%d sa:%d", value.tun_index, value.sa_index);
+ }));
+ /* *INDENT-ON* */
+ }
+
+ {
+ ipsec_tun_lkup_result_t value;
+ ipsec6_tunnel_key_t *key;
+
+ vlib_cli_output (vm, "IPv6:");
+
+ /* *INDENT-OFF* */
+ hash_foreach_mem(key, value.as_u64, im->tun6_protect_by_key,
+ ({
+ vlib_cli_output (vm, " %U", format_ipsec6_tunnel_key, key);
+ vlib_cli_output (vm, " tun:%d sa:%d", value.tun_index, value.sa_index);
+ }));
+ /* *INDENT-ON* */
+ }
+
+ return NULL;
+}
+
+/**
+ * show IPSEC tunnel protection hash tables
+ */
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (ipsec_tun_protect_hash_show_node, static) =
+{
+ .path = "show ipsec protect-hash",
+ .function = ipsec_tun_protect_hash_show,
+ .short_help = "show ipsec protect-hash",
+};
+/* *INDENT-ON* */
+
clib_error_t *
ipsec_cli_init (vlib_main_t * vm)
{