1 /* $OpenBSD: inet.c,v 1.171 2021/01/26 18:22:35 deraadt Exp $ */ 2 /* $NetBSD: inet.c,v 1.14 1995/10/03 21:42:37 thorpej Exp $ */ 3 4 /* 5 * Copyright (c) 1983, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include <sys/queue.h> 34 #include <sys/select.h> 35 #include <sys/socket.h> 36 #include <sys/socketvar.h> 37 #include <sys/domain.h> 38 #include <sys/protosw.h> 39 #include <sys/sysctl.h> 40 #define _KERNEL 41 #include <sys/file.h> 42 #undef _KERNEL 43 44 #include <net/route.h> 45 #include <netinet/in.h> 46 #include <netinet/ip.h> 47 #include <netinet/in_pcb.h> 48 #include <netinet/ip_icmp.h> 49 #include <netinet/icmp_var.h> 50 #include <netinet/igmp_var.h> 51 #include <netinet/ip_var.h> 52 #include <netinet/tcp.h> 53 #include <netinet/tcp_seq.h> 54 #define TCPSTATES 55 #include <netinet/tcp_fsm.h> 56 #include <netinet/tcp_timer.h> 57 #include <netinet/tcp_var.h> 58 #include <netinet/udp.h> 59 #include <netinet/udp_var.h> 60 #include <netinet/ip_ipsp.h> 61 #include <netinet/ip_ah.h> 62 #include <netinet/ip_esp.h> 63 #include <netinet/ip_ipip.h> 64 #include <netinet/ip_ipcomp.h> 65 #include <netinet/ip_ether.h> 66 #include <netinet/ip_carp.h> 67 #include <netinet/ip_divert.h> 68 #include <net/if.h> 69 #include <net/pfvar.h> 70 #include <net/if_pfsync.h> 71 #include <net/if_pflow.h> 72 73 #include <rpc/rpc.h> 74 #include <rpc/pmap_prot.h> 75 #include <rpc/pmap_clnt.h> 76 77 #include <arpa/inet.h> 78 #include <err.h> 79 #include <limits.h> 80 #include <netdb.h> 81 #include <stdio.h> 82 #include <string.h> 83 #include <unistd.h> 84 #include <stdlib.h> 85 #include <errno.h> 86 #include "netstat.h" 87 88 struct inpcb inpcb; 89 struct tcpcb tcpcb; 90 91 char *inetname(struct in_addr *); 92 void inetprint(struct in_addr *, in_port_t, const char *, int); 93 char *inet6name(struct in6_addr *); 94 void sosplice_dump(u_long); 95 void sockbuf_dump(struct sockbuf *, const char *); 96 void protosw_dump(u_long, u_long); 97 void domain_dump(u_long, u_long, short); 98 void inpcb_dump(u_long, short, int); 99 void tcpcb_dump(u_long); 100 int kf_comp(const void *, const void *); 101 102 int type_map[] = { -1, 2, 3, 1, 4, 5 }; 103 104 int 105 kf_comp(const void *a, const void *b) 106 { 107 const struct kinfo_file *ka = a, *kb = b; 108 109 if (ka->so_family != kb->so_family) { 110 /* AF_INET < AF_INET6 < AF_LOCAL */ 111 if (ka->so_family == AF_INET) 112 return (-1); 113 if (ka->so_family == AF_LOCAL) 114 return (1); 115 if (kb->so_family == AF_LOCAL) 116 return (-1); 117 return (1); 118 } 119 if (ka->so_family == AF_LOCAL) { 120 if (type_map[ka->so_type] < type_map[kb->so_type]) 121 return (-1); 122 if (type_map[ka->so_type] > type_map[kb->so_type]) 123 return (1); 124 } else if (ka->so_family == AF_INET || ka->so_family == AF_INET6) { 125 if (ka->so_protocol < kb->so_protocol) 126 return (-1); 127 if (ka->so_protocol > kb->so_protocol) 128 return (1); 129 if (ka->so_type == SOCK_DGRAM || ka->so_type == SOCK_STREAM) { 130 /* order sockets by remote port desc */ 131 if (ka->inp_fport > kb->inp_fport) 132 return (-1); 133 if (ka->inp_fport < kb->inp_fport) 134 return (1); 135 } else if (ka->so_type == SOCK_RAW) { 136 if (ka->inp_proto > kb->inp_proto) 137 return (-1); 138 if (ka->inp_proto < kb->inp_proto) 139 return (1); 140 } 141 } 142 return (0); 143 } 144 145 void 146 protopr(kvm_t *kvmd, u_long pcbaddr, u_int tableid, int proto) 147 { 148 struct kinfo_file *kf; 149 int i, fcnt; 150 151 kf = kvm_getfiles(kvmd, KERN_FILE_BYFILE, DTYPE_SOCKET, 152 sizeof(*kf), &fcnt); 153 if (kf == NULL) { 154 printf("Out of memory (file table).\n"); 155 return; 156 } 157 158 /* sort sockets by AF and type */ 159 qsort(kf, fcnt, sizeof(*kf), kf_comp); 160 161 for (i = 0; i < fcnt; i++) { 162 if (Pflag) { 163 switch (kf[i].so_family) { 164 case AF_INET: 165 case AF_INET6: 166 /* 167 * XXX at the moment fstat returns the pointer 168 * to the so_pcb or for tcp sockets the tcpcb 169 * pointer (inp_ppcb) so check both. 170 */ 171 if (pcbaddr == kf[i].so_pcb) { 172 inpcb_dump(kf[i].so_pcb, 173 kf[i].so_protocol, 174 kf[i].so_family); 175 return; 176 } else if (pcbaddr == kf[i].inp_ppcb && 177 kf[i].so_protocol == IPPROTO_TCP) { 178 if (vflag) 179 inpcb_dump(kf[i].so_pcb, 180 kf[i].so_protocol, 181 kf[i].so_family); 182 else 183 tcpcb_dump(kf[i].inp_ppcb); 184 return; 185 } 186 break; 187 case AF_UNIX: 188 if (pcbaddr == kf[i].so_pcb) { 189 unpcb_dump(pcbaddr); 190 return; 191 } 192 break; 193 } 194 continue; 195 } 196 if (kf[i].so_family == AF_LOCAL && (kf[i].so_pcb != 0 || 197 kf[i].unp_path[0] != '\0')) 198 if ((af == AF_LOCAL || af == AF_UNSPEC) && !proto) 199 unixdomainpr(&kf[i]); 200 if (kf[i].so_family == AF_INET && kf[i].so_pcb != 0 && 201 kf[i].inp_rtableid == tableid) 202 if (af == AF_INET || af == AF_UNSPEC) 203 netdomainpr(&kf[i], proto); 204 if (kf[i].so_family == AF_INET6 && kf[i].so_pcb != 0 && 205 kf[i].inp_rtableid == tableid) 206 if (af == AF_INET6 || af == AF_UNSPEC) 207 netdomainpr(&kf[i], proto); 208 } 209 } 210 211 /* 212 * Print a summary of connections related to an Internet 213 * protocol. For TCP, also give state of connection. 214 * Listening processes (aflag) are suppressed unless the 215 * -a (all) flag is specified. 216 */ 217 void 218 netdomainpr(struct kinfo_file *kf, int proto) 219 { 220 static int af = 0, type = 0; 221 struct in_addr laddr, faddr; 222 struct in6_addr laddr6, faddr6; 223 const char *name, *name6; 224 int addrlen = 22; 225 int isany = 0; 226 int istcp = 0; 227 int isudp = 0; 228 int isip6 = 0; 229 230 /* XXX should fix kinfo_file instead but not now */ 231 if (kf->so_pcb == -1) 232 kf->so_pcb = 0; 233 234 switch (proto) { 235 case IPPROTO_TCP: 236 case IPPROTO_UDP: 237 case IPPROTO_DIVERT: 238 if (kf->so_protocol != proto) 239 return; 240 break; 241 case IPPROTO_IPV4: 242 if (kf->so_type != SOCK_RAW || kf->so_family != AF_INET) 243 return; 244 break; 245 case IPPROTO_IPV6: 246 if (kf->so_type != SOCK_RAW || kf->so_family != AF_INET6) 247 return; 248 break; 249 } 250 251 /* make in_addr6 access a bit easier */ 252 #define s6_addr32 __u6_addr.__u6_addr32 253 laddr.s_addr = kf->inp_laddru[0]; 254 laddr6.s6_addr32[0] = kf->inp_laddru[0]; 255 laddr6.s6_addr32[1] = kf->inp_laddru[1]; 256 laddr6.s6_addr32[2] = kf->inp_laddru[2]; 257 laddr6.s6_addr32[3] = kf->inp_laddru[3]; 258 259 faddr.s_addr = kf->inp_faddru[0]; 260 faddr6.s6_addr32[0] = kf->inp_faddru[0]; 261 faddr6.s6_addr32[1] = kf->inp_faddru[1]; 262 faddr6.s6_addr32[2] = kf->inp_faddru[2]; 263 faddr6.s6_addr32[3] = kf->inp_faddru[3]; 264 #undef s6_addr32 265 266 switch (kf->so_family) { 267 case AF_INET: 268 isany = faddr.s_addr == INADDR_ANY; 269 break; 270 case AF_INET6: 271 isany = IN6_IS_ADDR_UNSPECIFIED(&faddr6); 272 isip6 = 1; 273 break; 274 } 275 276 switch (kf->so_protocol) { 277 case IPPROTO_TCP: 278 name = "tcp"; 279 name6 = "tcp6"; 280 istcp = 1; 281 break; 282 case IPPROTO_UDP: 283 name = "udp"; 284 name6 = "udp6"; 285 isudp = 1; 286 break; 287 case IPPROTO_DIVERT: 288 name = "divert"; 289 name6 = "divert6"; 290 break; 291 default: 292 name = "ip"; 293 name6 = "ip6"; 294 break; 295 } 296 297 /* filter listening sockets out unless -a is set */ 298 if (!(aflag || lflag) && istcp && kf->t_state <= TCPS_LISTEN) 299 return; 300 else if (!(aflag || lflag) && isany) 301 return; 302 303 /* when -l is set, show only listening sockets */ 304 if (!aflag && lflag && istcp && 305 kf->t_state != TCPS_LISTEN) 306 return; 307 if (!aflag && lflag && isudp && 308 (kf->inp_lport == 0 || kf->inp_fport != 0)) 309 return; 310 311 if (af != kf->so_family || type != kf->so_type) { 312 af = kf->so_family; 313 type = kf->so_type; 314 printf("Active Internet connections"); 315 if (aflag) 316 printf(" (including servers)"); 317 else if (lflag && (istcp || isudp)) 318 printf(" (only servers)"); 319 putchar('\n'); 320 if (Aflag) { 321 addrlen = 18; 322 printf("%-*.*s ", PLEN, PLEN, "PCB"); 323 } 324 printf("%-7.7s %-6.6s %-6.6s ", 325 "Proto", "Recv-Q", "Send-Q"); 326 if (Bflag && istcp) 327 printf("%-6.6s %-6.6s %-6.6s ", 328 "Recv-W", "Send-W", "Cgst-W"); 329 printf(" %-*.*s %-*.*s%s\n", 330 addrlen, addrlen, "Local Address", 331 addrlen, addrlen, "Foreign Address", 332 istcp ? " TCP-State" : type == SOCK_RAW ? " IP-Proto" : ""); 333 } 334 335 if (Aflag) 336 printf("%#*llx%s ", FAKE_PTR(kf->so_protocol == IPPROTO_TCP ? 337 kf->inp_ppcb : kf->so_pcb)); 338 339 printf("%-7.7s %6llu %6llu ", 340 isip6 ? name6: name, kf->so_rcv_cc, kf->so_snd_cc); 341 if (Bflag && istcp) 342 printf("%6llu %6llu %6llu ", kf->t_rcv_wnd, kf->t_snd_wnd, 343 (kf->t_state == TCPS_ESTABLISHED) ? 344 kf->t_snd_cwnd : 0); 345 346 if (isip6) { 347 inet6print(&laddr6, kf->inp_lport, name); 348 inet6print(&faddr6, kf->inp_fport, name); 349 } else { 350 inetprint(&laddr, kf->inp_lport, name, 1); 351 inetprint(&faddr, kf->inp_fport, name, 0); 352 } 353 if (istcp) { 354 if (kf->t_state >= TCP_NSTATES) 355 printf(" %u", kf->t_state); 356 else 357 printf(" %s", tcpstates[kf->t_state]); 358 } else if (kf->so_type == SOCK_RAW) { 359 printf(" %u", kf->inp_proto); 360 } 361 putchar('\n'); 362 } 363 364 /* 365 * Dump TCP statistics structure. 366 */ 367 void 368 tcp_stats(char *name) 369 { 370 struct tcpstat tcpstat; 371 int mib[] = { CTL_NET, PF_INET, IPPROTO_TCP, TCPCTL_STATS }; 372 size_t len = sizeof(tcpstat); 373 374 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 375 &tcpstat, &len, NULL, 0) == -1) { 376 if (errno != ENOPROTOOPT) 377 warn("%s", name); 378 return; 379 } 380 381 printf("%s:\n", name); 382 #define p(f, m) if (tcpstat.f || sflag <= 1) \ 383 printf(m, tcpstat.f, plural(tcpstat.f)) 384 #define p1(f, m) if (tcpstat.f || sflag <= 1) \ 385 printf(m, tcpstat.f) 386 #define p2(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 387 printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2, plural(tcpstat.f2)) 388 #define p2a(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 389 printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2) 390 #define p2b(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ 391 printf(m, tcpstat.f1, tcpstat.f2) 392 #define p2bys(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ 393 printf(m, tcpstat.f1, pluralys(tcpstat.f1), tcpstat.f2) 394 #define pes(f, m) if (tcpstat.f || sflag <= 1) \ 395 printf(m, tcpstat.f, plurales(tcpstat.f)) 396 #define pys(f, m) if (tcpstat.f || sflag <= 1) \ 397 printf(m, tcpstat.f, pluralys(tcpstat.f)) 398 399 p(tcps_sndtotal, "\t%u packet%s sent\n"); 400 p2(tcps_sndpack,tcps_sndbyte, 401 "\t\t%u data packet%s (%llu byte%s)\n"); 402 p2(tcps_sndrexmitpack, tcps_sndrexmitbyte, 403 "\t\t%u data packet%s (%llu byte%s) retransmitted\n"); 404 p(tcps_sndrexmitfast, "\t\t%llu fast retransmitted packet%s\n"); 405 p2a(tcps_sndacks, tcps_delack, 406 "\t\t%u ack-only packet%s (%u delayed)\n"); 407 p(tcps_sndurg, "\t\t%u URG only packet%s\n"); 408 p(tcps_sndprobe, "\t\t%u window probe packet%s\n"); 409 p(tcps_sndwinup, "\t\t%u window update packet%s\n"); 410 p(tcps_sndctrl, "\t\t%u control packet%s\n"); 411 p(tcps_outswcsum, "\t\t%u packet%s software-checksummed\n"); 412 p(tcps_rcvtotal, "\t%u packet%s received\n"); 413 p2(tcps_rcvackpack, tcps_rcvackbyte, "\t\t%u ack%s (for %llu byte%s)\n"); 414 p(tcps_rcvdupack, "\t\t%u duplicate ack%s\n"); 415 p(tcps_rcvacktoomuch, "\t\t%u ack%s for unsent data\n"); 416 p(tcps_rcvacktooold, "\t\t%u ack%s for old data\n"); 417 p2(tcps_rcvpack, tcps_rcvbyte, 418 "\t\t%u packet%s (%llu byte%s) received in-sequence\n"); 419 p2(tcps_rcvduppack, tcps_rcvdupbyte, 420 "\t\t%u completely duplicate packet%s (%llu byte%s)\n"); 421 p(tcps_pawsdrop, "\t\t%u old duplicate packet%s\n"); 422 p2(tcps_rcvpartduppack, tcps_rcvpartdupbyte, 423 "\t\t%u packet%s with some duplicate data (%llu byte%s duplicated)\n"); 424 p2(tcps_rcvoopack, tcps_rcvoobyte, 425 "\t\t%u out-of-order packet%s (%llu byte%s)\n"); 426 p2(tcps_rcvpackafterwin, tcps_rcvbyteafterwin, 427 "\t\t%u packet%s (%llu byte%s) of data after window\n"); 428 p(tcps_rcvwinprobe, "\t\t%u window probe%s\n"); 429 p(tcps_rcvwinupd, "\t\t%u window update packet%s\n"); 430 p(tcps_rcvafterclose, "\t\t%u packet%s received after close\n"); 431 p(tcps_rcvbadsum, "\t\t%u discarded for bad checksum%s\n"); 432 p(tcps_rcvbadoff, "\t\t%u discarded for bad header offset field%s\n"); 433 p1(tcps_rcvshort, "\t\t%u discarded because packet too short\n"); 434 p1(tcps_rcvnosec, "\t\t%u discarded for missing IPsec protection\n"); 435 p1(tcps_rcvmemdrop, "\t\t%u discarded due to memory shortage\n"); 436 p(tcps_inswcsum, "\t\t%u packet%s software-checksummed\n"); 437 p(tcps_rcvbadsig, "\t\t%u bad/missing md5 checksum%s\n"); 438 p(tcps_rcvgoodsig, "\t\t%llu good md5 checksum%s\n"); 439 p(tcps_connattempt, "\t%u connection request%s\n"); 440 p(tcps_accepts, "\t%u connection accept%s\n"); 441 p(tcps_connects, "\t%u connection%s established (including accepts)\n"); 442 p2(tcps_closed, tcps_drops, 443 "\t%u connection%s closed (including %u drop%s)\n"); 444 p(tcps_conndrained, "\t%llu connection%s drained\n"); 445 p(tcps_conndrops, "\t%u embryonic connection%s dropped\n"); 446 p2(tcps_rttupdated, tcps_segstimed, 447 "\t%u segment%s updated rtt (of %u attempt%s)\n"); 448 p(tcps_rexmttimeo, "\t%u retransmit timeout%s\n"); 449 p(tcps_timeoutdrop, "\t\t%u connection%s dropped by rexmit timeout\n"); 450 p(tcps_persisttimeo, "\t%u persist timeout%s\n"); 451 p(tcps_keeptimeo, "\t%u keepalive timeout%s\n"); 452 p(tcps_keepprobe, "\t\t%u keepalive probe%s sent\n"); 453 p(tcps_keepdrops, "\t\t%u connection%s dropped by keepalive\n"); 454 p(tcps_predack, "\t%u correct ACK header prediction%s\n"); 455 p(tcps_preddat, "\t%u correct data packet header prediction%s\n"); 456 pes(tcps_pcbhashmiss, "\t%u PCB cache miss%s\n"); 457 p1(tcps_noport, "\t%u dropped due to no socket\n"); 458 459 p(tcps_ecn_accepts, "\t%u ECN connection%s accepted\n"); 460 p(tcps_ecn_rcvece, "\t\t%u ECE packet%s received\n"); 461 p(tcps_ecn_rcvcwr, "\t\t%u CWR packet%s received\n"); 462 p(tcps_ecn_rcvce, "\t\t%u CE packet%s received\n"); 463 p(tcps_ecn_sndect, "\t\t%u ECT packet%s sent\n"); 464 p(tcps_ecn_sndece, "\t\t%u ECE packet%s sent\n"); 465 p(tcps_ecn_sndcwr, "\t\t%u CWR packet%s sent\n"); 466 p1(tcps_cwr_frecovery, "\t\t\tcwr by fastrecovery: %u\n"); 467 p1(tcps_cwr_timeout, "\t\t\tcwr by timeout: %u\n"); 468 p1(tcps_cwr_ecn, "\t\t\tcwr by ecn: %u\n"); 469 470 p(tcps_badsyn, "\t%u bad connection attempt%s\n"); 471 p(tcps_dropsyn, "\t%u SYN packet%s dropped due to queue or memory full\n"); 472 pys(tcps_sc_added, "\t%llu SYN cache entr%s added\n"); 473 p(tcps_sc_collisions, "\t\t%llu hash collision%s\n"); 474 p1(tcps_sc_completed, "\t\t%llu completed\n"); 475 p1(tcps_sc_aborted, "\t\t%llu aborted (no space to build PCB)\n"); 476 p1(tcps_sc_timed_out, "\t\t%llu timed out\n"); 477 p1(tcps_sc_overflowed, "\t\t%llu dropped due to overflow\n"); 478 p1(tcps_sc_bucketoverflow, "\t\t%llu dropped due to bucket overflow\n"); 479 p1(tcps_sc_reset, "\t\t%llu dropped due to RST\n"); 480 p1(tcps_sc_unreach, "\t\t%llu dropped due to ICMP unreachable\n"); 481 p(tcps_sc_retransmitted, "\t%llu SYN,ACK%s retransmitted\n"); 482 p(tcps_sc_dupesyn, "\t%llu duplicate SYN%s received for entries " 483 "already in the cache\n"); 484 p(tcps_sc_dropped, "\t%llu SYN%s dropped (no route or no space)\n"); 485 p(tcps_sc_seedrandom, "\t%llu SYN cache seed%s with new random\n"); 486 p1(tcps_sc_hash_size, "\t%llu hash bucket array size in current " 487 "SYN cache\n"); 488 p2bys(tcps_sc_entry_count, tcps_sc_entry_limit, 489 "\t%llu entr%s in current SYN cache, limit is %llu\n"); 490 p2b(tcps_sc_bucket_maxlen, tcps_sc_bucket_limit, 491 "\t%llu longest bucket length in current SYN cache, limit is %llu\n"); 492 p(tcps_sc_uses_left, "\t%llu use%s of current SYN cache left\n"); 493 494 p(tcps_sack_recovery_episode, "\t%llu SACK recovery episode%s\n"); 495 p(tcps_sack_rexmits, 496 "\t\t%llu segment rexmit%s in SACK recovery episodes\n"); 497 p(tcps_sack_rexmit_bytes, 498 "\t\t%llu byte rexmit%s in SACK recovery episodes\n"); 499 p(tcps_sack_rcv_opts, "\t%llu SACK option%s received\n"); 500 p(tcps_sack_snd_opts, "\t%llu SACK option%s sent\n"); 501 p(tcps_sack_drop_opts, "\t%llu SACK option%s dropped\n"); 502 503 #undef p 504 #undef p1 505 #undef p2 506 #undef p2a 507 #undef p2b 508 #undef p2bys 509 #undef pes 510 #undef pys 511 } 512 513 /* 514 * Dump UDP statistics structure. 515 */ 516 void 517 udp_stats(char *name) 518 { 519 struct udpstat udpstat; 520 u_long delivered; 521 int mib[] = { CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_STATS }; 522 size_t len = sizeof(udpstat); 523 524 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 525 &udpstat, &len, NULL, 0) == -1) { 526 if (errno != ENOPROTOOPT) 527 warn("%s", name); 528 return; 529 } 530 531 printf("%s:\n", name); 532 #define p(f, m) if (udpstat.f || sflag <= 1) \ 533 printf(m, udpstat.f, plural(udpstat.f)) 534 #define p1(f, m) if (udpstat.f || sflag <= 1) \ 535 printf(m, udpstat.f) 536 537 p(udps_ipackets, "\t%lu datagram%s received\n"); 538 p1(udps_hdrops, "\t%lu with incomplete header\n"); 539 p1(udps_badlen, "\t%lu with bad data length field\n"); 540 p1(udps_badsum, "\t%lu with bad checksum\n"); 541 p1(udps_nosum, "\t%lu with no checksum\n"); 542 p(udps_inswcsum, "\t%lu input packet%s software-checksummed\n"); 543 p(udps_outswcsum, "\t%lu output packet%s software-checksummed\n"); 544 p1(udps_noport, "\t%lu dropped due to no socket\n"); 545 p(udps_noportbcast, "\t%lu broadcast/multicast datagram%s dropped due to no socket\n"); 546 p1(udps_nosec, "\t%lu dropped due to missing IPsec protection\n"); 547 p1(udps_fullsock, "\t%lu dropped due to full socket buffers\n"); 548 delivered = udpstat.udps_ipackets - udpstat.udps_hdrops - 549 udpstat.udps_badlen - udpstat.udps_badsum - 550 udpstat.udps_noport - udpstat.udps_noportbcast - 551 udpstat.udps_fullsock; 552 if (delivered || sflag <= 1) 553 printf("\t%lu delivered\n", delivered); 554 p(udps_opackets, "\t%lu datagram%s output\n"); 555 p1(udps_pcbhashmiss, "\t%lu missed PCB cache\n"); 556 #undef p 557 #undef p1 558 } 559 560 /* 561 * Dump IP statistics structure. 562 */ 563 void 564 ip_stats(char *name) 565 { 566 struct ipstat ipstat; 567 int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_STATS }; 568 size_t len = sizeof(ipstat); 569 570 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 571 &ipstat, &len, NULL, 0) == -1) { 572 if (errno != ENOPROTOOPT) 573 warn("%s", name); 574 return; 575 } 576 577 printf("%s:\n", name); 578 #define p(f, m) if (ipstat.f || sflag <= 1) \ 579 printf(m, ipstat.f, plural(ipstat.f)) 580 #define p1(f, m) if (ipstat.f || sflag <= 1) \ 581 printf(m, ipstat.f) 582 583 p(ips_total, "\t%lu total packet%s received\n"); 584 p(ips_badsum, "\t%lu bad header checksum%s\n"); 585 p1(ips_toosmall, "\t%lu with size smaller than minimum\n"); 586 p1(ips_tooshort, "\t%lu with data size < data length\n"); 587 p1(ips_badhlen, "\t%lu with header length < data size\n"); 588 p1(ips_badlen, "\t%lu with data length < header length\n"); 589 p1(ips_badoptions, "\t%lu with bad options\n"); 590 p1(ips_badvers, "\t%lu with incorrect version number\n"); 591 p(ips_fragments, "\t%lu fragment%s received\n"); 592 p(ips_fragdropped, "\t%lu fragment%s dropped (duplicates or out of space)\n"); 593 p(ips_badfrags, "\t%lu malformed fragment%s dropped\n"); 594 p(ips_fragtimeout, "\t%lu fragment%s dropped after timeout\n"); 595 p(ips_reassembled, "\t%lu packet%s reassembled ok\n"); 596 p(ips_delivered, "\t%lu packet%s for this host\n"); 597 p(ips_noproto, "\t%lu packet%s for unknown/unsupported protocol\n"); 598 p(ips_forward, "\t%lu packet%s forwarded\n"); 599 p(ips_cantforward, "\t%lu packet%s not forwardable\n"); 600 p(ips_redirectsent, "\t%lu redirect%s sent\n"); 601 p(ips_localout, "\t%lu packet%s sent from this host\n"); 602 p(ips_rawout, "\t%lu packet%s sent with fabricated ip header\n"); 603 p(ips_odropped, "\t%lu output packet%s dropped due to no bufs, etc.\n"); 604 p(ips_noroute, "\t%lu output packet%s discarded due to no route\n"); 605 p(ips_fragmented, "\t%lu output datagram%s fragmented\n"); 606 p(ips_ofragments, "\t%lu fragment%s created\n"); 607 p(ips_cantfrag, "\t%lu datagram%s that can't be fragmented\n"); 608 p1(ips_rcvmemdrop, "\t%lu fragment floods\n"); 609 p(ips_toolong, "\t%lu packet%s with ip length > max ip packet size\n"); 610 p(ips_nogif, "\t%lu tunneling packet%s that can't find gif\n"); 611 p(ips_badaddr, "\t%lu datagram%s with bad address in header\n"); 612 p(ips_inswcsum, "\t%lu input datagram%s software-checksummed\n"); 613 p(ips_outswcsum, "\t%lu output datagram%s software-checksummed\n"); 614 p(ips_notmember, "\t%lu multicast packet%s which we don't join\n"); 615 p(ips_wrongif, "\t%lu packet%s received on wrong interface\n"); 616 #undef p 617 #undef p1 618 } 619 620 /* 621 * Dump DIVERT statistics structure. 622 */ 623 void 624 div_stats(char *name) 625 { 626 struct divstat divstat; 627 int mib[] = { CTL_NET, PF_INET, IPPROTO_DIVERT, DIVERTCTL_STATS }; 628 size_t len = sizeof(divstat); 629 630 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 631 &divstat, &len, NULL, 0) == -1) { 632 if (errno != ENOPROTOOPT) 633 warn("%s", name); 634 return; 635 } 636 637 printf("%s:\n", name); 638 #define p(f, m) if (divstat.f || sflag <= 1) \ 639 printf(m, divstat.f, plural(divstat.f)) 640 #define p1(f, m) if (divstat.f || sflag <= 1) \ 641 printf(m, divstat.f) 642 p(divs_ipackets, "\t%lu total packet%s received\n"); 643 p1(divs_noport, "\t%lu dropped due to no socket\n"); 644 p1(divs_fullsock, "\t%lu dropped due to full socket buffers\n"); 645 p(divs_opackets, "\t%lu packet%s output\n"); 646 p1(divs_errors, "\t%lu errors\n"); 647 #undef p 648 #undef p1 649 } 650 651 static char *icmpnames[ICMP_MAXTYPE + 1] = { 652 "echo reply", 653 "#1", 654 "#2", 655 "destination unreachable", 656 "source quench", 657 "routing redirect", 658 "#6", 659 "#7", 660 "echo", 661 "router advertisement", 662 "router solicitation", 663 "time exceeded", 664 "parameter problem", 665 "time stamp", 666 "time stamp reply", 667 "information request", 668 "information request reply", 669 "address mask request", 670 "address mask reply", 671 "#19", 672 "#20", 673 "#21", 674 "#22", 675 "#23", 676 "#24", 677 "#25", 678 "#26", 679 "#27", 680 "#28", 681 "#29", 682 "traceroute", 683 "data conversion error", 684 "mobile host redirect", 685 "IPv6 where-are-you", 686 "IPv6 i-am-here", 687 "mobile registration request", 688 "mobile registration reply", 689 "#37", 690 "#38", 691 "SKIP", 692 "Photuris", 693 }; 694 695 /* 696 * Dump ICMP statistics. 697 */ 698 void 699 icmp_stats(char *name) 700 { 701 struct icmpstat icmpstat; 702 int i, first; 703 int mib[] = { CTL_NET, PF_INET, IPPROTO_ICMP, ICMPCTL_STATS }; 704 size_t len = sizeof(icmpstat); 705 706 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 707 &icmpstat, &len, NULL, 0) == -1) { 708 if (errno != ENOPROTOOPT) 709 warn("%s", name); 710 return; 711 } 712 713 printf("%s:\n", name); 714 #define p(f, m) if (icmpstat.f || sflag <= 1) \ 715 printf(m, icmpstat.f, plural(icmpstat.f)) 716 717 p(icps_error, "\t%lu call%s to icmp_error\n"); 718 p(icps_oldicmp, 719 "\t%lu error%s not generated because old message was icmp\n"); 720 p(icps_toofreq, 721 "\t%lu error%s not generated because of rate limitation\n"); 722 723 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 724 if (icmpstat.icps_outhist[i] != 0) { 725 if (first) { 726 printf("\tOutput packet histogram:\n"); 727 first = 0; 728 } 729 if (icmpnames[i]) 730 printf("\t\t%s:", icmpnames[i]); 731 else 732 printf("\t\t#%d:", i); 733 printf(" %lu\n", icmpstat.icps_outhist[i]); 734 } 735 p(icps_badcode, "\t%lu message%s with bad code fields\n"); 736 p(icps_tooshort, "\t%lu message%s < minimum length\n"); 737 p(icps_checksum, "\t%lu bad checksum%s\n"); 738 p(icps_badlen, "\t%lu message%s with bad length\n"); 739 p(icps_bmcastecho, "\t%lu echo request%s to broadcast/multicast " 740 "rejected\n"); 741 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 742 if (icmpstat.icps_inhist[i] != 0) { 743 if (first) { 744 printf("\tInput packet histogram:\n"); 745 first = 0; 746 } 747 if (icmpnames[i]) 748 printf("\t\t%s:", icmpnames[i]); 749 else 750 printf("\t\t#%d:", i); 751 printf(" %lu\n", icmpstat.icps_inhist[i]); 752 } 753 p(icps_reflect, "\t%lu message response%s generated\n"); 754 #undef p 755 } 756 757 /* 758 * Dump IGMP statistics structure. 759 */ 760 void 761 igmp_stats(char *name) 762 { 763 struct igmpstat igmpstat; 764 int mib[] = { CTL_NET, PF_INET, IPPROTO_IGMP, IGMPCTL_STATS }; 765 size_t len = sizeof(igmpstat); 766 767 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 768 &igmpstat, &len, NULL, 0) == -1) { 769 if (errno != ENOPROTOOPT) 770 warn("%s", name); 771 return; 772 } 773 774 printf("%s:\n", name); 775 #define p(f, m) if (igmpstat.f || sflag <= 1) \ 776 printf(m, igmpstat.f, plural(igmpstat.f)) 777 #define py(f, m) if (igmpstat.f || sflag <= 1) \ 778 printf(m, igmpstat.f, igmpstat.f != 1 ? "ies" : "y") 779 780 p(igps_rcv_total, "\t%lu message%s received\n"); 781 p(igps_rcv_tooshort, "\t%lu message%s received with too few bytes\n"); 782 p(igps_rcv_badsum, "\t%lu message%s received with bad checksum\n"); 783 py(igps_rcv_queries, "\t%lu membership quer%s received\n"); 784 py(igps_rcv_badqueries, "\t%lu membership quer%s received with invalid field(s)\n"); 785 p(igps_rcv_reports, "\t%lu membership report%s received\n"); 786 p(igps_rcv_badreports, "\t%lu membership report%s received with invalid field(s)\n"); 787 p(igps_rcv_ourreports, "\t%lu membership report%s received for groups to which we belong\n"); 788 p(igps_snd_reports, "\t%lu membership report%s sent\n"); 789 #undef p 790 #undef py 791 } 792 793 struct rpcnams { 794 struct rpcnams *next; 795 in_port_t port; 796 int proto; 797 char *rpcname; 798 }; 799 800 static char * 801 getrpcportnam(in_port_t port, int proto) 802 { 803 struct sockaddr_in server_addr; 804 struct hostent *hp; 805 static struct pmaplist *head; 806 int socket = RPC_ANYSOCK; 807 struct timeval minutetimeout; 808 CLIENT *client; 809 struct rpcent *rpc; 810 static int first; 811 static struct rpcnams *rpcn; 812 struct rpcnams *n; 813 char num[20]; 814 815 if (first == 0) { 816 first = 1; 817 memset(&server_addr, 0, sizeof server_addr); 818 server_addr.sin_family = AF_INET; 819 if ((hp = gethostbyname("localhost")) != NULL) 820 memmove((caddr_t)&server_addr.sin_addr, hp->h_addr, 821 hp->h_length); 822 else 823 (void) inet_aton("0.0.0.0", &server_addr.sin_addr); 824 825 minutetimeout.tv_sec = 60; 826 minutetimeout.tv_usec = 0; 827 server_addr.sin_port = htons(PMAPPORT); 828 if ((client = clnttcp_create(&server_addr, PMAPPROG, 829 PMAPVERS, &socket, 50, 500)) == NULL) 830 return (NULL); 831 if (clnt_call(client, PMAPPROC_DUMP, xdr_void, NULL, 832 xdr_pmaplist, &head, minutetimeout) != RPC_SUCCESS) { 833 clnt_destroy(client); 834 return (NULL); 835 } 836 for (; head != NULL; head = head->pml_next) { 837 n = malloc(sizeof(struct rpcnams)); 838 if (n == NULL) 839 continue; 840 n->next = rpcn; 841 rpcn = n; 842 n->port = head->pml_map.pm_port; 843 n->proto = head->pml_map.pm_prot; 844 845 rpc = getrpcbynumber(head->pml_map.pm_prog); 846 if (rpc) 847 n->rpcname = strdup(rpc->r_name); 848 else { 849 snprintf(num, sizeof num, "%ld", 850 head->pml_map.pm_prog); 851 n->rpcname = strdup(num); 852 } 853 } 854 clnt_destroy(client); 855 } 856 857 for (n = rpcn; n; n = n->next) 858 if (n->port == port && n->proto == proto) 859 return (n->rpcname); 860 return (NULL); 861 } 862 863 /* 864 * Pretty print an Internet address (net address + port). 865 * If the nflag was specified, use numbers instead of names. 866 */ 867 void 868 inetprint(struct in_addr *in, in_port_t port, const char *proto, int local) 869 { 870 struct servent *sp = 0; 871 char line[80], *cp, *nam; 872 int width; 873 874 snprintf(line, sizeof line, "%.*s.", (Aflag && !nflag) ? 12 : 16, 875 inetname(in)); 876 cp = strchr(line, '\0'); 877 if (!nflag && port) 878 sp = getservbyport((int)port, proto); 879 if (sp || port == 0) 880 snprintf(cp, line + sizeof line - cp, "%.8s", 881 sp ? sp->s_name : "*"); 882 else if (local && !nflag && (nam = getrpcportnam(ntohs(port), 883 (strcmp(proto, "tcp") == 0 ? IPPROTO_TCP : IPPROTO_UDP)))) 884 snprintf(cp, line + sizeof line - cp, "%d[%.8s]", 885 ntohs(port), nam); 886 else 887 snprintf(cp, line + sizeof line - cp, "%d", ntohs(port)); 888 width = Aflag ? 18 : 22; 889 printf(" %-*.*s", width, width, line); 890 } 891 892 /* 893 * Construct an Internet address representation. 894 * If the nflag has been supplied, give 895 * numeric value, otherwise try for symbolic name. 896 */ 897 char * 898 inetname(struct in_addr *inp) 899 { 900 char *cp; 901 static char line[50]; 902 struct hostent *hp; 903 static char domain[HOST_NAME_MAX+1]; 904 static int first = 1; 905 906 if (first && !nflag) { 907 first = 0; 908 if (gethostname(domain, sizeof(domain)) == 0 && 909 (cp = strchr(domain, '.'))) 910 (void) strlcpy(domain, cp + 1, sizeof domain); 911 else 912 domain[0] = '\0'; 913 } 914 cp = NULL; 915 if (!nflag && inp->s_addr != INADDR_ANY) { 916 hp = gethostbyaddr((char *)inp, sizeof (*inp), AF_INET); 917 if (hp) { 918 if ((cp = strchr(hp->h_name, '.')) && 919 !strcmp(cp + 1, domain)) 920 *cp = '\0'; 921 cp = hp->h_name; 922 } 923 } 924 if (inp->s_addr == INADDR_ANY) 925 snprintf(line, sizeof line, "*"); 926 else if (cp) 927 snprintf(line, sizeof line, "%s", cp); 928 else { 929 inp->s_addr = ntohl(inp->s_addr); 930 #define C(x) ((x) & 0xff) 931 snprintf(line, sizeof line, "%u.%u.%u.%u", 932 C(inp->s_addr >> 24), C(inp->s_addr >> 16), 933 C(inp->s_addr >> 8), C(inp->s_addr)); 934 } 935 return (line); 936 } 937 938 /* 939 * Dump AH statistics structure. 940 */ 941 void 942 ah_stats(char *name) 943 { 944 struct ahstat ahstat; 945 int mib[] = { CTL_NET, PF_INET, IPPROTO_AH, AHCTL_STATS }; 946 size_t len = sizeof(ahstat); 947 948 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 949 &ahstat, &len, NULL, 0) == -1) { 950 if (errno != ENOPROTOOPT) 951 warn("%s", name); 952 return; 953 } 954 955 printf("%s:\n", name); 956 #define p(f, m) if (ahstat.f || sflag <= 1) \ 957 printf(m, ahstat.f, plural(ahstat.f)) 958 #define p1(f, m) if (ahstat.f || sflag <= 1) \ 959 printf(m, ahstat.f) 960 961 p1(ahs_input, "\t%llu input AH packets\n"); 962 p1(ahs_output, "\t%llu output AH packets\n"); 963 p(ahs_nopf, "\t%llu packet%s from unsupported protocol families\n"); 964 p(ahs_hdrops, "\t%llu packet%s shorter than header shows\n"); 965 p(ahs_pdrops, "\t%llu packet%s dropped due to policy\n"); 966 p(ahs_notdb, "\t%llu packet%s for which no TDB was found\n"); 967 p(ahs_badkcr, "\t%llu input packet%s that failed to be processed\n"); 968 p(ahs_badauth, "\t%llu packet%s that failed verification received\n"); 969 p(ahs_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 970 p(ahs_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 971 p(ahs_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 972 p(ahs_replay, "\t%llu possibly replayed packet%s received\n"); 973 p(ahs_badauthl, "\t%llu packet%s with bad authenticator length received\n"); 974 p(ahs_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 975 p(ahs_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 976 p(ahs_crypto, "\t%llu packet%s that failed crypto processing\n"); 977 p(ahs_outfail, "\t%llu output packet%s could not be sent\n"); 978 p(ahs_ibytes, "\t%llu input byte%s\n"); 979 p(ahs_obytes, "\t%llu output byte%s\n"); 980 981 #undef p 982 #undef p1 983 } 984 985 /* 986 * Dump etherip statistics structure. 987 */ 988 void 989 etherip_stats(char *name) 990 { 991 struct etheripstat etheripstat; 992 int mib[] = { CTL_NET, PF_INET, IPPROTO_ETHERIP, ETHERIPCTL_STATS }; 993 size_t len = sizeof(etheripstat); 994 995 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 996 ðeripstat, &len, NULL, 0) == -1) { 997 if (errno != ENOPROTOOPT) 998 warn("%s", name); 999 return; 1000 } 1001 1002 printf("%s:\n", name); 1003 #define p(f, m) if (etheripstat.f || sflag <= 1) \ 1004 printf(m, etheripstat.f, plural(etheripstat.f)) 1005 1006 p(etherips_hdrops, "\t%llu packet%s shorter than header shows\n"); 1007 p(etherips_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1008 p(etherips_noifdrops, "\t%llu packet%s were dropped because of no interface/bridge information\n"); 1009 p(etherips_pdrops, "\t%llu packet%s dropped due to policy\n"); 1010 p(etherips_adrops, "\t%llu packet%s dropped for other reasons\n"); 1011 p(etherips_ipackets, "\t%llu input ethernet-in-IP packet%s\n"); 1012 p(etherips_opackets, "\t%llu output ethernet-in-IP packet%s\n"); 1013 p(etherips_ibytes, "\t%llu input byte%s\n"); 1014 p(etherips_obytes, "\t%llu output byte%s\n"); 1015 #undef p 1016 } 1017 1018 /* 1019 * Dump IPsec statistics structure. 1020 */ 1021 void 1022 ipsec_stats(char *name) 1023 { 1024 struct ipsecstat ipsecstat; 1025 int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IPSEC_STATS }; 1026 size_t len = sizeof(ipsecstat); 1027 1028 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1029 &ipsecstat, &len, NULL, 0) == -1) { 1030 if (errno != ENOPROTOOPT) 1031 warn("%s", name); 1032 return; 1033 } 1034 1035 printf("%s:\n", name); 1036 #define p(f, m) if (ipsecstat.f || sflag <= 1) \ 1037 printf(m, ipsecstat.f, plural(ipsecstat.f)) 1038 p(ipsec_ipackets, "\t%llu input IPsec packet%s\n"); 1039 p(ipsec_opackets, "\t%llu output IPsec packet%s\n"); 1040 p(ipsec_ibytes, "\t%llu input byte%s\n"); 1041 p(ipsec_obytes, "\t%llu output byte%s\n"); 1042 p(ipsec_idecompbytes, "\t%llu input byte%s, decompressed\n"); 1043 p(ipsec_ouncompbytes, "\t%llu output byte%s, uncompressed\n"); 1044 p(ipsec_idrops, "\t%llu packet%s dropped on input\n"); 1045 p(ipsec_odrops, "\t%llu packet%s dropped on output\n"); 1046 p(ipsec_crypto, "\t%llu packet%s that failed crypto processing\n"); 1047 p(ipsec_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1048 p(ipsec_notdb, "\t%llu packet%s for which no TDB was found\n"); 1049 #undef p 1050 } 1051 1052 /* 1053 * Dump ESP statistics structure. 1054 */ 1055 void 1056 esp_stats(char *name) 1057 { 1058 struct espstat espstat; 1059 int mib[] = { CTL_NET, PF_INET, IPPROTO_ESP, ESPCTL_STATS }; 1060 size_t len = sizeof(espstat); 1061 1062 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1063 &espstat, &len, NULL, 0) == -1) { 1064 if (errno != ENOPROTOOPT) 1065 warn("%s", name); 1066 return; 1067 } 1068 1069 printf("%s:\n", name); 1070 #define p(f, m) if (espstat.f || sflag <= 1) \ 1071 printf(m, espstat.f, plural(espstat.f)) 1072 1073 p(esps_input, "\t%llu input ESP packet%s\n"); 1074 p(esps_output, "\t%llu output ESP packet%s\n"); 1075 p(esps_nopf, "\t%llu packet%s from unsupported protocol families\n"); 1076 p(esps_hdrops, "\t%llu packet%s shorter than header shows\n"); 1077 p(esps_pdrops, "\t%llu packet%s dropped due to policy\n"); 1078 p(esps_notdb, "\t%llu packet%s for which no TDB was found\n"); 1079 p(esps_badkcr, "\t%llu input packet%s that failed to be processed\n"); 1080 p(esps_badenc, "\t%llu packet%s with bad encryption received\n"); 1081 p(esps_badauth, "\t%llu packet%s that failed verification received\n"); 1082 p(esps_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1083 p(esps_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1084 p(esps_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 1085 p(esps_replay, "\t%llu possibly replayed packet%s received\n"); 1086 p(esps_badilen, "\t%llu packet%s with bad payload size or padding received\n"); 1087 p(esps_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 1088 p(esps_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 1089 p(esps_crypto, "\t%llu packet%s that failed crypto processing\n"); 1090 p(esps_outfail, "\t%llu output packet%s could not be sent\n"); 1091 p(esps_udpencin, "\t%llu input UDP encapsulated ESP packet%s\n"); 1092 p(esps_udpencout, "\t%llu output UDP encapsulated ESP packet%s\n"); 1093 p(esps_udpinval, "\t%llu UDP packet%s for non-encapsulating TDB received\n"); 1094 p(esps_udpneeded, "\t%llu raw ESP packet%s for encapsulating TDB received\n"); 1095 p(esps_ibytes, "\t%llu input byte%s\n"); 1096 p(esps_obytes, "\t%llu output byte%s\n"); 1097 1098 #undef p 1099 } 1100 1101 /* 1102 * Dump IP-in-IP statistics structure. 1103 */ 1104 void 1105 ipip_stats(char *name) 1106 { 1107 struct ipipstat ipipstat; 1108 int mib[] = { CTL_NET, PF_INET, IPPROTO_IPIP, IPIPCTL_STATS }; 1109 size_t len = sizeof(ipipstat); 1110 1111 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1112 &ipipstat, &len, NULL, 0) == -1) { 1113 if (errno != ENOPROTOOPT) 1114 warn("%s", name); 1115 return; 1116 } 1117 1118 printf("%s:\n", name); 1119 #define p(f, m) if (ipipstat.f || sflag <= 1) \ 1120 printf(m, ipipstat.f, plural(ipipstat.f)) 1121 1122 p(ipips_ipackets, "\t%llu total input packet%s\n"); 1123 p(ipips_opackets, "\t%llu total output packet%s\n"); 1124 p(ipips_hdrops, "\t%llu packet%s shorter than header shows\n"); 1125 p(ipips_pdrops, "\t%llu packet%s dropped due to policy\n"); 1126 p(ipips_spoof, "\t%llu packet%s with possibly spoofed local addresses\n"); 1127 p(ipips_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1128 p(ipips_ibytes, "\t%llu input byte%s\n"); 1129 p(ipips_obytes, "\t%llu output byte%s\n"); 1130 p(ipips_family, "\t%llu protocol family mismatche%s\n"); 1131 p(ipips_unspec, "\t%llu attempt%s to use tunnel with unspecified endpoint(s)\n"); 1132 #undef p 1133 } 1134 1135 /* 1136 * Dump CARP statistics structure. 1137 */ 1138 void 1139 carp_stats(char *name) 1140 { 1141 struct carpstats carpstat; 1142 int mib[] = { CTL_NET, PF_INET, IPPROTO_CARP, CARPCTL_STATS }; 1143 size_t len = sizeof(carpstat); 1144 1145 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1146 &carpstat, &len, NULL, 0) == -1) { 1147 if (errno != ENOPROTOOPT) 1148 warn("%s", name); 1149 return; 1150 } 1151 1152 printf("%s:\n", name); 1153 #define p(f, m) if (carpstat.f || sflag <= 1) \ 1154 printf(m, carpstat.f, plural(carpstat.f)) 1155 #define p2(f, m) if (carpstat.f || sflag <= 1) \ 1156 printf(m, carpstat.f) 1157 1158 p(carps_ipackets, "\t%llu packet%s received (IPv4)\n"); 1159 p(carps_ipackets6, "\t%llu packet%s received (IPv6)\n"); 1160 p(carps_badif, "\t\t%llu packet%s discarded for bad interface\n"); 1161 p(carps_badttl, "\t\t%llu packet%s discarded for wrong TTL\n"); 1162 p(carps_hdrops, "\t\t%llu packet%s shorter than header\n"); 1163 p(carps_badsum, "\t\t%llu discarded for bad checksum%s\n"); 1164 p(carps_badver, "\t\t%llu discarded packet%s with a bad version\n"); 1165 p2(carps_badlen, "\t\t%llu discarded because packet too short\n"); 1166 p2(carps_badauth, "\t\t%llu discarded for bad authentication\n"); 1167 p2(carps_badvhid, "\t\t%llu discarded for unknown vhid\n"); 1168 p2(carps_badaddrs, "\t\t%llu discarded because of a bad address list\n"); 1169 p(carps_opackets, "\t%llu packet%s sent (IPv4)\n"); 1170 p(carps_opackets6, "\t%llu packet%s sent (IPv6)\n"); 1171 p2(carps_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1172 p(carps_preempt, "\t%llu transition%s to master\n"); 1173 #undef p 1174 #undef p2 1175 } 1176 1177 /* 1178 * Dump pfsync statistics structure. 1179 */ 1180 void 1181 pfsync_stats(char *name) 1182 { 1183 struct pfsyncstats pfsyncstat; 1184 int mib[] = { CTL_NET, PF_INET, IPPROTO_PFSYNC, PFSYNCCTL_STATS }; 1185 size_t len = sizeof(pfsyncstat); 1186 1187 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1188 &pfsyncstat, &len, NULL, 0) == -1) { 1189 if (errno != ENOPROTOOPT) 1190 warn("%s", name); 1191 return; 1192 } 1193 1194 printf("%s:\n", name); 1195 #define p(f, m) if (pfsyncstat.f || sflag <= 1) \ 1196 printf(m, pfsyncstat.f, plural(pfsyncstat.f)) 1197 #define p2(f, m) if (pfsyncstat.f || sflag <= 1) \ 1198 printf(m, pfsyncstat.f) 1199 1200 p(pfsyncs_ipackets, "\t%llu packet%s received (IPv4)\n"); 1201 p(pfsyncs_ipackets6, "\t%llu packet%s received (IPv6)\n"); 1202 p(pfsyncs_badif, "\t\t%llu packet%s discarded for bad interface\n"); 1203 p(pfsyncs_badttl, "\t\t%llu packet%s discarded for bad ttl\n"); 1204 p(pfsyncs_hdrops, "\t\t%llu packet%s shorter than header\n"); 1205 p(pfsyncs_badver, "\t\t%llu packet%s discarded for bad version\n"); 1206 p(pfsyncs_badauth, "\t\t%llu packet%s discarded for bad HMAC\n"); 1207 p(pfsyncs_badact,"\t\t%llu packet%s discarded for bad action\n"); 1208 p(pfsyncs_badlen, "\t\t%llu packet%s discarded for short packet\n"); 1209 p(pfsyncs_badval, "\t\t%llu state%s discarded for bad values\n"); 1210 p(pfsyncs_stale, "\t\t%llu stale state%s\n"); 1211 p(pfsyncs_badstate, "\t\t%llu failed state lookup/insert%s\n"); 1212 p(pfsyncs_opackets, "\t%llu packet%s sent (IPv4)\n"); 1213 p(pfsyncs_opackets6, "\t%llu packet%s sent (IPv6)\n"); 1214 p2(pfsyncs_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1215 p2(pfsyncs_oerrors, "\t\t%llu send error\n"); 1216 #undef p 1217 #undef p2 1218 } 1219 1220 /* 1221 * Dump pflow statistics structure. 1222 */ 1223 void 1224 pflow_stats(char *name) 1225 { 1226 struct pflowstats flowstats; 1227 int mib[] = { CTL_NET, PF_PFLOW, NET_PFLOW_STATS }; 1228 size_t len = sizeof(struct pflowstats); 1229 1230 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), &flowstats, &len, 1231 NULL, 0) == -1) { 1232 if (errno != ENOPROTOOPT) 1233 warn("%s", name); 1234 return; 1235 } 1236 1237 printf("%s:\n", name); 1238 #define p(f, m) if (flowstats.f || sflag <= 1) \ 1239 printf(m, flowstats.f, plural(flowstats.f)) 1240 #define p2(f, m) if (flowstats.f || sflag <= 1) \ 1241 printf(m, flowstats.f) 1242 1243 p(pflow_flows, "\t%llu flow%s sent\n"); 1244 p(pflow_packets, "\t%llu packet%s sent\n"); 1245 p2(pflow_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1246 p2(pflow_oerrors, "\t\t%llu send error\n"); 1247 #undef p 1248 #undef p2 1249 } 1250 1251 /* 1252 * Dump IPCOMP statistics structure. 1253 */ 1254 void 1255 ipcomp_stats(char *name) 1256 { 1257 struct ipcompstat ipcompstat; 1258 int mib[] = { CTL_NET, PF_INET, IPPROTO_IPCOMP, IPCOMPCTL_STATS }; 1259 size_t len = sizeof(ipcompstat); 1260 1261 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1262 &ipcompstat, &len, NULL, 0) == -1) { 1263 if (errno != ENOPROTOOPT) 1264 warn("%s", name); 1265 return; 1266 } 1267 1268 printf("%s:\n", name); 1269 #define p(f, m) if (ipcompstat.f || sflag <= 1) \ 1270 printf(m, ipcompstat.f, plural(ipcompstat.f)) 1271 1272 p(ipcomps_input, "\t%llu input IPCOMP packet%s\n"); 1273 p(ipcomps_output, "\t%llu output IPCOMP packet%s\n"); 1274 p(ipcomps_nopf, "\t%llu packet%s from unsupported protocol families\n"); 1275 p(ipcomps_hdrops, "\t%llu packet%s shorter than header shows\n"); 1276 p(ipcomps_pdrops, "\t%llu packet%s dropped due to policy\n"); 1277 p(ipcomps_notdb, "\t%llu packet%s for which no TDB was found\n"); 1278 p(ipcomps_badkcr, "\t%llu input packet%s that failed to be processed\n"); 1279 p(ipcomps_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1280 p(ipcomps_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1281 p(ipcomps_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 1282 p(ipcomps_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 1283 p(ipcomps_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 1284 p(ipcomps_crypto, "\t%llu packet%s that failed (de)compression processing\n"); 1285 p(ipcomps_outfail, "\t%llu output packet%s could not be sent\n"); 1286 p(ipcomps_minlen, "\t%llu packet%s less than minimum compression length\n"); 1287 p(ipcomps_ibytes, "\t%llu input byte%s\n"); 1288 p(ipcomps_obytes, "\t%llu output byte%s\n"); 1289 1290 #undef p 1291 } 1292 1293 /* 1294 * Dump the contents of a socket structure 1295 */ 1296 void 1297 socket_dump(u_long off) 1298 { 1299 struct socket so; 1300 1301 if (off == 0) 1302 return; 1303 kread(off, &so, sizeof(so)); 1304 1305 #define p(fmt, v, sep) printf(#v " " fmt sep, so.v); 1306 #define pp(fmt, v, sep) printf(#v " " fmt sep, so.v); 1307 printf("socket %#lx\n ", off); 1308 p("%#.4x", so_type, "\n "); 1309 p("%#.4x", so_options, "\n "); 1310 p("%d", so_linger, "\n "); 1311 p("%#.4x", so_state, "\n "); 1312 pp("%p", so_pcb, ", "); 1313 pp("%p", so_proto, ", "); 1314 pp("%p", so_head, "\n "); 1315 p("%d", so_q0len, ", "); 1316 p("%d", so_qlen, ", "); 1317 p("%d", so_qlimit, "\n "); 1318 p("%d", so_timeo, "\n "); 1319 p("%u", so_error, "\n "); 1320 p("%p", so_sigio.sir_sigio, "\n "); 1321 p("%lu", so_oobmark, "\n "); 1322 if (so.so_sp) 1323 sosplice_dump((u_long)so.so_sp); 1324 sockbuf_dump(&so.so_rcv, "so_rcv"); 1325 sockbuf_dump(&so.so_snd, "so_snd"); 1326 p("%u", so_euid, ", "); 1327 p("%u", so_ruid, ", "); 1328 p("%u", so_egid, ", "); 1329 p("%u", so_rgid, "\n "); 1330 p("%d", so_cpid, "\n"); 1331 #undef p 1332 #undef pp 1333 1334 protosw_dump((u_long)so.so_proto, (u_long)so.so_pcb); 1335 } 1336 1337 /* 1338 * Dump the contents of a struct sosplice 1339 */ 1340 void 1341 sosplice_dump(u_long off) 1342 { 1343 struct sosplice ssp; 1344 1345 if (off == 0) 1346 return; 1347 kread(off, &ssp, sizeof(ssp)); 1348 1349 #define p(fmt, v, sep) printf(#v " " fmt sep, ssp.v); 1350 #define pll(fmt, v, sep) printf(#v " " fmt sep, (long long) ssp.v); 1351 #define pp(fmt, v, sep) printf(#v " " fmt sep, ssp.v); 1352 pp("%p", ssp_socket, ", "); 1353 pp("%p", ssp_soback, "\n "); 1354 p("%lld", ssp_len, ", "); 1355 p("%lld", ssp_max, ", "); 1356 pll("%lld", ssp_idletv.tv_sec, ", "); 1357 p("%ld", ssp_idletv.tv_usec, "\n "); 1358 #undef p 1359 #undef pll 1360 #undef pp 1361 } 1362 1363 /* 1364 * Dump the contents of a socket buffer 1365 */ 1366 void 1367 sockbuf_dump(struct sockbuf *sb, const char *name) 1368 { 1369 #define p(fmt, v, sep) printf(#v " " fmt sep, sb->v); 1370 printf("%s ", name); 1371 p("%lu", sb_cc, ", "); 1372 p("%lu", sb_datacc, ", "); 1373 p("%lu", sb_hiwat, ", "); 1374 p("%lu", sb_wat, "\n "); 1375 printf("%s ", name); 1376 p("%lu", sb_mbcnt, ", "); 1377 p("%lu", sb_mbmax, ", "); 1378 p("%ld", sb_lowat, "\n "); 1379 printf("%s ", name); 1380 p("%#.4x", sb_flags, ", "); 1381 p("%llu", sb_timeo_nsecs, "\n "); 1382 #undef p 1383 } 1384 1385 /* 1386 * Dump the contents of a protosw structure 1387 */ 1388 void 1389 protosw_dump(u_long off, u_long pcb) 1390 { 1391 struct protosw proto; 1392 1393 if (off == 0) 1394 return; 1395 kread(off, &proto, sizeof(proto)); 1396 1397 #define p(fmt, v, sep) printf(#v " " fmt sep, proto.v); 1398 #define pp(fmt, v, sep) printf(#v " " fmt sep, proto.v); 1399 printf("protosw %#lx\n ", off); 1400 p("%#.4x", pr_type, "\n "); 1401 pp("%p", pr_domain, "\n "); 1402 p("%d", pr_protocol, "\n "); 1403 p("%#.4x", pr_flags, "\n"); 1404 #undef p 1405 #undef pp 1406 1407 domain_dump((u_long)proto.pr_domain, pcb, proto.pr_protocol); 1408 } 1409 1410 /* 1411 * Dump the contents of a domain structure 1412 */ 1413 void 1414 domain_dump(u_long off, u_long pcb, short protocol) 1415 { 1416 struct domain dom; 1417 char name[256]; 1418 1419 if (off == 0) 1420 return; 1421 kread(off, &dom, sizeof(dom)); 1422 kread((u_long)dom.dom_name, name, sizeof(name)); 1423 1424 #define p(fmt, v, sep) printf(#v " " fmt sep, dom.v); 1425 printf("domain %#lx\n ", off); 1426 p("%d", dom_family, "\n "); 1427 printf("dom_name %.*s\n", (int)sizeof(name), name); 1428 #undef p 1429 } 1430 1431 /* 1432 * Dump the contents of a internet PCB 1433 */ 1434 void 1435 inpcb_dump(u_long off, short protocol, int af) 1436 { 1437 struct inpcb inp; 1438 char faddr[256], laddr[256], raddr[256]; 1439 1440 if (off == 0) 1441 return; 1442 kread(off, &inp, sizeof(inp)); 1443 1444 if (vflag) 1445 socket_dump((u_long)inp.inp_socket); 1446 1447 switch (af) { 1448 case AF_INET: 1449 inet_ntop(af, &inp.inp_faddr, faddr, sizeof(faddr)); 1450 inet_ntop(af, &inp.inp_laddr, laddr, sizeof(laddr)); 1451 inet_ntop(af, &((struct sockaddr_in *) 1452 (&inp.inp_route.ro_dst))->sin_addr, raddr, sizeof(raddr)); 1453 break; 1454 case AF_INET6: 1455 inet_ntop(af, &inp.inp_faddr6, faddr, sizeof(faddr)); 1456 inet_ntop(af, &inp.inp_laddr6, laddr, sizeof(laddr)); 1457 inet_ntop(af, &inp.inp_route6.ro_dst.sin6_addr, 1458 raddr, sizeof(raddr)); 1459 break; 1460 default: 1461 faddr[0] = laddr[0] = '\0'; 1462 } 1463 1464 #define p(fmt, v, sep) printf(#v " " fmt sep, inp.v); 1465 #define pp(fmt, v, sep) printf(#v " " fmt sep, inp.v); 1466 printf("inpcb %#lx\n ", off); 1467 pp("%p", inp_table, "\n "); 1468 printf("inp_faddru %s, inp_laddru %s\n ", faddr, laddr); 1469 HTONS(inp.inp_fport); 1470 HTONS(inp.inp_lport); 1471 p("%u", inp_fport, ", "); 1472 p("%u", inp_lport, "\n "); 1473 pp("%p", inp_socket, ", "); 1474 pp("%p", inp_ppcb, "\n "); 1475 pp("%p", inp_route.ro_rt, ", "); 1476 printf("ro_dst %s\n ", raddr); 1477 p("%#.8x", inp_flags, "\n "); 1478 p("%d", inp_hops, "\n "); 1479 p("%u", inp_seclevel[0], ", "); 1480 p("%u", inp_seclevel[1], ", "); 1481 p("%u", inp_seclevel[2], ", "); 1482 p("%u", inp_seclevel[3], "\n "); 1483 p("%u", inp_ip_minttl, "\n "); 1484 p("%d", inp_cksum6, "\n "); 1485 pp("%p", inp_icmp6filt, "\n "); 1486 pp("%p", inp_pf_sk, "\n "); 1487 p("%u", inp_rtableid, "\n "); 1488 p("%d", inp_pipex, "\n"); 1489 #undef p 1490 #undef pp 1491 1492 switch (protocol) { 1493 case IPPROTO_TCP: 1494 tcpcb_dump((u_long)inp.inp_ppcb); 1495 break; 1496 } 1497 } 1498 1499 /* 1500 * Dump the contents of a TCP PCB 1501 */ 1502 void 1503 tcpcb_dump(u_long off) 1504 { 1505 struct tcpcb tcpcb; 1506 1507 if (off == 0) 1508 return; 1509 kread(off, (char *)&tcpcb, sizeof (tcpcb)); 1510 1511 #define p(fmt, v, sep) printf(#v " " fmt sep, tcpcb.v); 1512 #define pp(fmt, v, sep) printf(#v " " fmt sep, tcpcb.v); 1513 printf("tcpcb %#lx\n ", off); 1514 pp("%p", t_inpcb, "\n "); 1515 p("%d", t_state, ""); 1516 if (tcpcb.t_state >= 0 && tcpcb.t_state < TCP_NSTATES) 1517 printf(" (%s)", tcpstates[tcpcb.t_state]); 1518 printf("\n "); 1519 p("%d", t_rxtshift, ", "); 1520 p("%d", t_rxtcur, ", "); 1521 p("%d", t_dupacks, "\n "); 1522 p("%u", t_maxseg, ", "); 1523 p("%u", t_maxopd, ", "); 1524 p("%u", t_peermss, "\n "); 1525 p("0x%x", t_flags, ", "); 1526 p("%u", t_force, "\n "); 1527 p("%u", iss, "\n "); 1528 p("%u", snd_una, ", "); 1529 p("%u", snd_nxt, ", "); 1530 p("%u", snd_up, "\n "); 1531 p("%u", snd_wl1, ", "); 1532 p("%u", snd_wl2, ", "); 1533 p("%lu", snd_wnd, "\n "); 1534 p("%d", sack_enable, ", "); 1535 p("%d", snd_numholes, ", "); 1536 p("%u", snd_last, "\n "); 1537 p("%u", irs, "\n "); 1538 p("%u", rcv_nxt, ", "); 1539 p("%u", rcv_up, ", "); 1540 p("%lu", rcv_wnd, "\n "); 1541 p("%u", rcv_lastsack, "\n "); 1542 p("%d", rcv_numsacks, "\n "); 1543 p("%u", rcv_adv, ", "); 1544 p("%u", snd_max, "\n "); 1545 p("%lu", snd_cwnd, ", "); 1546 p("%lu", snd_ssthresh, ", "); 1547 p("%lu", max_sndwnd, "\n "); 1548 p("%u", t_rcvtime, ", "); 1549 p("%u", t_rtttime, ", "); 1550 p("%u", t_rtseq, "\n "); 1551 p("%u", t_srtt, ", "); 1552 p("%u", t_rttvar, ", "); 1553 p("%u", t_rttmin, "\n "); 1554 p("%u", t_oobflags, ", "); 1555 p("%u", t_iobc, "\n "); 1556 p("%u", t_softerror, "\n "); 1557 p("%u", snd_scale, ", "); 1558 p("%u", rcv_scale, ", "); 1559 p("%u", request_r_scale, ", "); 1560 p("%u", requested_s_scale, "\n "); 1561 p("%u", ts_recent, ", "); 1562 p("%u", ts_recent_age, "\n "); 1563 p("%u", last_ack_sent, "\n "); 1564 HTONS(tcpcb.t_pmtud_ip_len); 1565 HTONS(tcpcb.t_pmtud_nextmtu); 1566 p("%u", t_pmtud_mss_acked, ", "); 1567 p("%u", t_pmtud_mtu_sent, "\n "); 1568 p("%u", t_pmtud_nextmtu, ", "); 1569 p("%u", t_pmtud_ip_len, ", "); 1570 p("%u", t_pmtud_ip_hl, "\n "); 1571 p("%u", t_pmtud_th_seq, "\n "); 1572 p("%u", pf, "\n"); 1573 #undef p 1574 #undef pp 1575 } 1576