[strongSwan] Question on DPD

Venumadhav Josyula vjosyula at gmail.com
Thu Jan 17 15:44:08 CET 2019


But in the background traffic health check messages over ipsec is happening.

On Thu, 17 Jan 2019 at 20:11, Venumadhav Josyula <vjosyula at gmail.com> wrote:

> get_use_time -> get_usebytes, the implementation of it libcharon is as
> shown below snippet.
> 1) if bytes, packets are both zero, is the below code correct ?
> 2) here if they { *bytes, *packets } are '0' for both not calling
> update_usebytes in code below won't cause dpd to be triggered inspite of
> traffic.
> thanks,
> Regards
> Venu
>
> METHOD(child_sa_t, get_usestats, void,
>
> 676
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L676>
>
>     private_child_sa_t *this, bool inbound,
>
> 677
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L677>
>
>     time_t *time, uint64_t *bytes, uint64_t *packets)
>
> 678
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L678>
>
> {
>
> 679
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L679>
>
>     if ((!bytes && !packets) || update_usebytes(this, inbound) != FAILED)
>
> 680
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L680>
>
>     {
>
> 681
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L681>
>
>         /* there was traffic since last update or the kernel interface
>
> 682
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L682>
>
>          * does not support querying the number of usebytes.
>
> 683
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L683>
>
>          */
>
> 684
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L684>
>
>         if (time)
>
> 685
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L685>
>
>         {
>
> 686
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L686>
>
>             if (!update_usetime(this, inbound) && !bytes && !packets)
>
> 687
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L687>
>
>             {
>
> 688
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L688>
>
>                 /* if policy query did not yield a usetime, query SAs instead */
>
> 689
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L689>
>
>                 update_usebytes(this, inbound);
>
> 690
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L690>
>
>             }
>
> 691
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L691>
>
>         }
>
> 692
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L692>
>
>     }
>
> 693
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L693>
>
>     if (time)
>
> 694
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L694>
>
>     {
>
> 695
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L695>
>
>         *time = inbound ? this->my_usetime : this->other_usetime;
>
> 696
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L696>
>
>     }
>
> 697
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L697>
>
>     if (bytes)
>
> 698
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L698>
>
>     {
>
> 699
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L699>
>
>         *bytes = inbound ? this->my_usebytes : this->other_usebytes;
>
> 700
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L700>
>
>     }
>
> 701
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L701>
>
>     if (packets)
>
> 702
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L702>
>
>     {
>
> 703
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L703>
>
>         *packets = inbound ? this->my_usepackets : this->other_usepackets;
>
> 704
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L704>
>
>     }
>
> 705
> <https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libcharon/sa/child_sa.c#L705>
>
> }
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190117/4c44514a/attachment-0001.html>


More information about the Users mailing list