[iproute2] XFRM: using flush message type

(Logical change 1.83)

[iproute2] XFRM: using flush message type
(Logical change 1.83)
bd641cd6 · org[shemminger]!nakam · f91ab714 · bd641cd6 · bd641cd6 · bd641cd6
Commit bd641cd6 authored Sep 28, 2004 by org[shemminger]!nakam
Show whitespace changes
Inline Side-by-side

Showing with 73 additions and 5 deletions

include/utils.h include/utils.h +3 -0

ip/xfrm_policy.c ip/xfrm_policy.c +33 -2

ip/xfrm_state.c ip/xfrm_state.c +37 -3

No files found.
--- a/include/utils.h
+++ b/include/utils.h
@@ -25,6 +25,9 @@ extern char * _SL_;
 #ifndef IPPROTO_COMP
 #define IPPROTO_COMP	108
 #endif
+#ifndef IPSEC_PROTO_ANY
+#define IPSEC_PROTO_ANY	255
+#endif
 #define SPRINT_BSIZE 64
 #define SPRINT_BUF(x)	char x[SPRINT_BSIZE]

--- a/ip/xfrm_policy.c
+++ b/ip/xfrm_policy.c
@@ -683,6 +683,33 @@ static int xfrm_policy_list_or_flush(int argc, char **argv, int flush)
 	exit(0);
 }
+static int xfrm_policy_flush_all(void)
+{
+	struct rtnl_handle rth;
+	struct {
+		struct nlmsghdr	n;
+	} req;
+	memset(&req, 0, sizeof(req));
+	req.n.nlmsg_len = NLMSG_LENGTH(0); /* nlmsg data is nothing */
+	req.n.nlmsg_flags = NLM_F_REQUEST;
+	req.n.nlmsg_type = XFRM_MSG_FLUSHPOLICY;
+	if (rtnl_open_byproto(&rth, 0, NETLINK_XFRM) < 0)
+		exit(1);
+	if (show_stats > 1)
+		fprintf(stderr, "Flush all\n");
+	if (rtnl_talk(&rth, &req.n, 0, 0, NULL, NULL, NULL) < 0)
+		exit(2);
+	rtnl_close(&rth);
+	return 0;
+}
 int do_xfrm_policy(int argc, char **argv)
 {
 	if (argc < 1)
@@ -701,8 +728,12 @@ int do_xfrm_policy(int argc, char **argv)
 		return xfrm_policy_list_or_flush(argc-1, argv+1, 0);
 	if (matches(*argv, "get") == 0)
 		return xfrm_policy_get(argc-1, argv+1);
-	if (matches(*argv, "flush") == 0)
+	if (matches(*argv, "flush") == 0) {
+		if (argc-1 < 1)
+			return xfrm_policy_flush_all();
+		else
 			return xfrm_policy_list_or_flush(argc-1, argv+1, 1);
+	}
 	if (matches(*argv, "help") == 0)
 		usage();
 	fprintf(stderr, "Command \"%s\" is unknown, try \"ip xfrm policy help\".\n", *argv);

--- a/ip/xfrm_state.c
+++ b/ip/xfrm_state.c
@@ -568,6 +568,7 @@ static int xfrm_state_list_or_flush(int argc, char **argv, int flush)
 	char *idp = NULL;
 	struct rtnl_handle rth;
+	if(argc > 0)
 		filter.use = 1;
 	filter.xsinfo.family = preferred_family;
@@ -666,6 +667,35 @@ static int xfrm_state_list_or_flush(int argc, char **argv, int flush)
 	exit(0);
 }
+static int xfrm_state_flush_all(void)
+{
+	struct rtnl_handle rth;
+	struct {
+		struct nlmsghdr			n;
+		struct xfrm_usersa_flush	xsf;
+	} req;
+	memset(&req, 0, sizeof(req));
+	req.n.nlmsg_len = NLMSG_LENGTH(sizeof(req.xsf));
+	req.n.nlmsg_flags = NLM_F_REQUEST;
+	req.n.nlmsg_type = XFRM_MSG_FLUSHSA;
+	req.xsf.proto = IPSEC_PROTO_ANY;
+	if (rtnl_open_byproto(&rth, 0, NETLINK_XFRM) < 0)
+		exit(1);
+	if (show_stats > 1)
+		fprintf(stderr, "Flush all\n");
+	if (rtnl_talk(&rth, &req.n, 0, 0, NULL, NULL, NULL) < 0)
+		exit(2);
+	rtnl_close(&rth);
+	return 0;
+}
 int do_xfrm_state(int argc, char **argv)
 {
 	if (argc < 1)
@@ -684,8 +714,12 @@ int do_xfrm_state(int argc, char **argv)
 		return xfrm_state_list_or_flush(argc-1, argv+1, 0);
 	if (matches(*argv, "get") == 0)
 		return xfrm_state_get_or_delete(argc-1, argv+1, 0);
-	if (matches(*argv, "flush") == 0)
+	if (matches(*argv, "flush") == 0) {
+		if (argc-1 < 1)
+			return xfrm_state_flush_all();
+		else
 			return xfrm_state_list_or_flush(argc-1, argv+1, 1);
+	}
 	if (matches(*argv, "help") == 0)
 		usage();
 	fprintf(stderr, "Command \"%s\" is unknown, try \"ip xfrm state help\".\n", *argv);