^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) .. SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) ==================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) XFRM proc - /proc/net/xfrm_* files
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) ==================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) Masahide NAKAMURA <nakam@linux-ipv6.org>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) Transformation Statistics
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) -------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) The xfrm_proc code is a set of statistics showing numbers of packets
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) dropped by the transformation code and why. These counters are defined
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) as part of the linux private MIB. These counters can be viewed in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) /proc/net/xfrm_stat.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) Inbound errors
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) ~~~~~~~~~~~~~~
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) XfrmInError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) All errors which is not matched others
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) XfrmInBufferError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) No buffer is left
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) XfrmInHdrError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) Header error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) XfrmInNoStates:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) No state is found
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) i.e. Either inbound SPI, address, or IPsec protocol at SA is wrong
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) XfrmInStateProtoError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) Transformation protocol specific error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) e.g. SA key is wrong
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) XfrmInStateModeError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) Transformation mode specific error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) XfrmInStateSeqError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) Sequence error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) i.e. Sequence number is out of window
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) XfrmInStateExpired:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) State is expired
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) XfrmInStateMismatch:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) State has mismatch option
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) e.g. UDP encapsulation type is mismatch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) XfrmInStateInvalid:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) State is invalid
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) XfrmInTmplMismatch:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) No matching template for states
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) e.g. Inbound SAs are correct but SP rule is wrong
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) XfrmInNoPols:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) No policy is found for states
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) e.g. Inbound SAs are correct but no SP is found
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) XfrmInPolBlock:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) Policy discards
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) XfrmInPolError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) Policy error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) XfrmAcquireError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) State hasn't been fully acquired before use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) XfrmFwdHdrError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) Forward routing of a packet is not allowed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) Outbound errors
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) ~~~~~~~~~~~~~~~
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) XfrmOutError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) All errors which is not matched others
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) XfrmOutBundleGenError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) Bundle generation error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) XfrmOutBundleCheckError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) Bundle check error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) XfrmOutNoStates:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) No state is found
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) XfrmOutStateProtoError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) Transformation protocol specific error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) XfrmOutStateModeError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) Transformation mode specific error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) XfrmOutStateSeqError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) Sequence error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) i.e. Sequence number overflow
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) XfrmOutStateExpired:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) State is expired
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) XfrmOutPolBlock:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) Policy discards
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) XfrmOutPolDead:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) Policy is dead
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) XfrmOutPolError:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) Policy error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) XfrmOutStateInvalid:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) State is invalid, perhaps expired
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags