ubuntu-linux-kernel/Documentation/networking/xfrm_proc.txt

75 lines
1.8 KiB
Plaintext

XFRM proc - /proc/net/xfrm_* files
==================================
Masahide NAKAMURA <nakam@linux-ipv6.org>
Transformation Statistics
-------------------------
xfrm_proc is a statistics shown factor dropped by transformation
for developer.
It is a counter designed from current transformation source code
and defined like linux private MIB.
Inbound statistics
~~~~~~~~~~~~~~~~~~
XfrmInError:
All errors which is not matched others
XfrmInBufferError:
No buffer is left
XfrmInHdrError:
Header error
XfrmInNoStates:
No state is found
i.e. Either inbound SPI, address, or IPsec protocol at SA is wrong
XfrmInStateProtoError:
Transformation protocol specific error
e.g. SA key is wrong
XfrmInStateModeError:
Transformation mode specific error
XfrmInStateSeqError:
Sequence error
i.e. Sequence number is out of window
XfrmInStateExpired:
State is expired
XfrmInStateMismatch:
State has mismatch option
e.g. UDP encapsulation type is mismatch
XfrmInStateInvalid:
State is invalid
XfrmInTmplMismatch:
No matching template for states
e.g. Inbound SAs are correct but SP rule is wrong
XfrmInNoPols:
No policy is found for states
e.g. Inbound SAs are correct but no SP is found
XfrmInPolBlock:
Policy discards
XfrmInPolError:
Policy error
Outbound errors
~~~~~~~~~~~~~~~
XfrmOutError:
All errors which is not matched others
XfrmOutBundleGenError:
Bundle generation error
XfrmOutBundleCheckError:
Bundle check error
XfrmOutNoStates:
No state is found
XfrmOutStateProtoError:
Transformation protocol specific error
XfrmOutStateModeError:
Transformation mode specific error
XfrmOutStateSeqError:
Sequence error
i.e. Sequence number overflow
XfrmOutStateExpired:
State is expired
XfrmOutPolBlock:
Policy discards
XfrmOutPolDead:
Policy is dead
XfrmOutPolError:
Policy error