1 /* $OpenBSD: inet.c,v 1.169 2020/12/23 22:20:18 bluhm Exp $ */ 2 /* $NetBSD: inet.c,v 1.14 1995/10/03 21:42:37 thorpej Exp $ */ 3 4 /* 5 * Copyright (c) 1983, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include <sys/queue.h> 34 #include <sys/select.h> 35 #include <sys/socket.h> 36 #include <sys/socketvar.h> 37 #include <sys/domain.h> 38 #include <sys/protosw.h> 39 #include <sys/sysctl.h> 40 #define _KERNEL 41 #include <sys/file.h> 42 #undef _KERNEL 43 44 #include <net/route.h> 45 #include <netinet/in.h> 46 #include <netinet/ip.h> 47 #include <netinet/in_pcb.h> 48 #include <netinet/ip_icmp.h> 49 #include <netinet/icmp_var.h> 50 #include <netinet/igmp_var.h> 51 #include <netinet/ip_var.h> 52 #include <netinet/tcp.h> 53 #include <netinet/tcp_seq.h> 54 #define TCPSTATES 55 #include <netinet/tcp_fsm.h> 56 #include <netinet/tcp_timer.h> 57 #include <netinet/tcp_var.h> 58 #include <netinet/udp.h> 59 #include <netinet/udp_var.h> 60 #include <netinet/ip_ipsp.h> 61 #include <netinet/ip_ah.h> 62 #include <netinet/ip_esp.h> 63 #include <netinet/ip_ipip.h> 64 #include <netinet/ip_ipcomp.h> 65 #include <netinet/ip_ether.h> 66 #include <netinet/ip_carp.h> 67 #include <netinet/ip_divert.h> 68 #include <net/if.h> 69 #include <net/pfvar.h> 70 #include <net/if_pfsync.h> 71 #include <net/if_pflow.h> 72 73 #include <rpc/rpc.h> 74 #include <rpc/pmap_prot.h> 75 #include <rpc/pmap_clnt.h> 76 77 #include <arpa/inet.h> 78 #include <err.h> 79 #include <limits.h> 80 #include <netdb.h> 81 #include <stdio.h> 82 #include <string.h> 83 #include <unistd.h> 84 #include <stdlib.h> 85 #include <errno.h> 86 #include "netstat.h" 87 88 struct inpcb inpcb; 89 struct tcpcb tcpcb; 90 struct socket sockb; 91 92 char *inetname(struct in_addr *); 93 void inetprint(struct in_addr *, in_port_t, const char *, int); 94 char *inet6name(struct in6_addr *); 95 void sosplice_dump(u_long); 96 void sockbuf_dump(struct sockbuf *, const char *); 97 void protosw_dump(u_long, u_long); 98 void domain_dump(u_long, u_long, short); 99 void inpcb_dump(u_long, short, int); 100 void tcpcb_dump(u_long); 101 int kf_comp(const void *, const void *); 102 103 int type_map[] = { -1, 2, 3, 1, 4, 5 }; 104 105 int 106 kf_comp(const void *a, const void *b) 107 { 108 const struct kinfo_file *ka = a, *kb = b; 109 110 if (ka->so_family != kb->so_family) { 111 /* AF_INET < AF_INET6 < AF_LOCAL */ 112 if (ka->so_family == AF_INET) 113 return (-1); 114 if (ka->so_family == AF_LOCAL) 115 return (1); 116 if (kb->so_family == AF_LOCAL) 117 return (-1); 118 return (1); 119 } 120 if (ka->so_family == AF_LOCAL) { 121 if (type_map[ka->so_type] < type_map[kb->so_type]) 122 return (-1); 123 if (type_map[ka->so_type] > type_map[kb->so_type]) 124 return (1); 125 } else if (ka->so_family == AF_INET || ka->so_family == AF_INET6) { 126 if (ka->so_protocol < kb->so_protocol) 127 return (-1); 128 if (ka->so_protocol > kb->so_protocol) 129 return (1); 130 if (ka->so_type == SOCK_DGRAM || ka->so_type == SOCK_STREAM) { 131 /* order sockets by remote port desc */ 132 if (ka->inp_fport > kb->inp_fport) 133 return (-1); 134 if (ka->inp_fport < kb->inp_fport) 135 return (1); 136 } else if (ka->so_type == SOCK_RAW) { 137 if (ka->inp_proto > kb->inp_proto) 138 return (-1); 139 if (ka->inp_proto < kb->inp_proto) 140 return (1); 141 } 142 } 143 return (0); 144 } 145 146 void 147 protopr(kvm_t *kvmd, u_long pcbaddr, u_int tableid, int proto) 148 { 149 struct kinfo_file *kf; 150 int i, fcnt; 151 152 kf = kvm_getfiles(kvmd, KERN_FILE_BYFILE, DTYPE_SOCKET, 153 sizeof(*kf), &fcnt); 154 if (kf == NULL) { 155 printf("Out of memory (file table).\n"); 156 return; 157 } 158 159 /* sort sockets by AF and type */ 160 qsort(kf, fcnt, sizeof(*kf), kf_comp); 161 162 for (i = 0; i < fcnt; i++) { 163 if (Pflag) { 164 switch (kf[i].so_family) { 165 case AF_INET: 166 case AF_INET6: 167 /* 168 * XXX at the moment fstat returns the pointer 169 * to the so_pcb or for tcp sockets the tcpcb 170 * pointer (inp_ppcb) so check both. 171 */ 172 if (pcbaddr == kf[i].so_pcb) { 173 inpcb_dump(kf[i].so_pcb, 174 kf[i].so_protocol, 175 kf[i].so_family); 176 return; 177 } else if (pcbaddr == kf[i].inp_ppcb && 178 kf[i].so_protocol == IPPROTO_TCP) { 179 if (vflag) 180 inpcb_dump(kf[i].so_pcb, 181 kf[i].so_protocol, 182 kf[i].so_family); 183 else 184 tcpcb_dump(kf[i].inp_ppcb); 185 return; 186 } 187 break; 188 case AF_UNIX: 189 if (pcbaddr == kf[i].so_pcb) { 190 unpcb_dump(pcbaddr); 191 return; 192 } 193 break; 194 } 195 continue; 196 } 197 if (kf[i].so_family == AF_LOCAL && (kf[i].so_pcb != 0 || 198 kf[i].unp_path[0] != '\0')) 199 if ((af == AF_LOCAL || af == AF_UNSPEC) && !proto) 200 unixdomainpr(&kf[i]); 201 if (kf[i].so_family == AF_INET && kf[i].so_pcb != 0 && 202 kf[i].inp_rtableid == tableid) 203 if (af == AF_INET || af == AF_UNSPEC) 204 netdomainpr(&kf[i], proto); 205 if (kf[i].so_family == AF_INET6 && kf[i].so_pcb != 0 && 206 kf[i].inp_rtableid == tableid) 207 if (af == AF_INET6 || af == AF_UNSPEC) 208 netdomainpr(&kf[i], proto); 209 } 210 } 211 212 /* 213 * Print a summary of connections related to an Internet 214 * protocol. For TCP, also give state of connection. 215 * Listening processes (aflag) are suppressed unless the 216 * -a (all) flag is specified. 217 */ 218 void 219 netdomainpr(struct kinfo_file *kf, int proto) 220 { 221 static int af = 0, type = 0; 222 struct in_addr laddr, faddr; 223 struct in6_addr laddr6, faddr6; 224 const char *name, *name6; 225 int addrlen = 22; 226 int isany = 0; 227 int istcp = 0; 228 int isudp = 0; 229 int isip6 = 0; 230 231 /* XXX should fix kinfo_file instead but not now */ 232 if (kf->so_pcb == -1) 233 kf->so_pcb = 0; 234 235 switch (proto) { 236 case IPPROTO_TCP: 237 case IPPROTO_UDP: 238 case IPPROTO_DIVERT: 239 if (kf->so_protocol != proto) 240 return; 241 break; 242 case IPPROTO_IPV4: 243 if (kf->so_type != SOCK_RAW || kf->so_family != AF_INET) 244 return; 245 break; 246 case IPPROTO_IPV6: 247 if (kf->so_type != SOCK_RAW || kf->so_family != AF_INET6) 248 return; 249 break; 250 } 251 252 /* make in_addr6 access a bit easier */ 253 #define s6_addr32 __u6_addr.__u6_addr32 254 laddr.s_addr = kf->inp_laddru[0]; 255 laddr6.s6_addr32[0] = kf->inp_laddru[0]; 256 laddr6.s6_addr32[1] = kf->inp_laddru[1]; 257 laddr6.s6_addr32[2] = kf->inp_laddru[2]; 258 laddr6.s6_addr32[3] = kf->inp_laddru[3]; 259 260 faddr.s_addr = kf->inp_faddru[0]; 261 faddr6.s6_addr32[0] = kf->inp_faddru[0]; 262 faddr6.s6_addr32[1] = kf->inp_faddru[1]; 263 faddr6.s6_addr32[2] = kf->inp_faddru[2]; 264 faddr6.s6_addr32[3] = kf->inp_faddru[3]; 265 #undef s6_addr32 266 267 switch (kf->so_family) { 268 case AF_INET: 269 isany = faddr.s_addr == INADDR_ANY; 270 break; 271 case AF_INET6: 272 isany = IN6_IS_ADDR_UNSPECIFIED(&faddr6); 273 isip6 = 1; 274 break; 275 } 276 277 switch (kf->so_protocol) { 278 case IPPROTO_TCP: 279 name = "tcp"; 280 name6 = "tcp6"; 281 istcp = 1; 282 break; 283 case IPPROTO_UDP: 284 name = "udp"; 285 name6 = "udp6"; 286 isudp = 1; 287 break; 288 case IPPROTO_DIVERT: 289 name = "divert"; 290 name6 = "divert6"; 291 break; 292 default: 293 name = "ip"; 294 name6 = "ip6"; 295 break; 296 } 297 298 /* filter listening sockets out unless -a is set */ 299 if (!(aflag || lflag) && istcp && kf->t_state <= TCPS_LISTEN) 300 return; 301 else if (!(aflag || lflag) && isany) 302 return; 303 304 /* when -l is set, show only listening sockets */ 305 if (!aflag && lflag && istcp && 306 kf->t_state != TCPS_LISTEN) 307 return; 308 if (!aflag && lflag && isudp && 309 (kf->inp_lport == 0 || kf->inp_fport != 0)) 310 return; 311 312 if (af != kf->so_family || type != kf->so_type) { 313 af = kf->so_family; 314 type = kf->so_type; 315 printf("Active Internet connections"); 316 if (aflag) 317 printf(" (including servers)"); 318 else if (lflag && (istcp || isudp)) 319 printf(" (only servers)"); 320 putchar('\n'); 321 if (Aflag) { 322 addrlen = 18; 323 printf("%-*.*s ", PLEN, PLEN, "PCB"); 324 } 325 printf("%-7.7s %-6.6s %-6.6s ", 326 "Proto", "Recv-Q", "Send-Q"); 327 if (Bflag && istcp) 328 printf("%-6.6s %-6.6s %-6.6s ", 329 "Recv-W", "Send-W", "Cgst-W"); 330 printf(" %-*.*s %-*.*s%s\n", 331 addrlen, addrlen, "Local Address", 332 addrlen, addrlen, "Foreign Address", 333 istcp ? " TCP-State" : type == SOCK_RAW ? " IP-Proto" : ""); 334 } 335 336 if (Aflag) 337 printf("%#*llx%s ", FAKE_PTR(kf->so_protocol == IPPROTO_TCP ? 338 kf->inp_ppcb : kf->so_pcb)); 339 340 printf("%-7.7s %6llu %6llu ", 341 isip6 ? name6: name, kf->so_rcv_cc, kf->so_snd_cc); 342 if (Bflag && istcp) 343 printf("%6llu %6llu %6llu ", kf->t_rcv_wnd, kf->t_snd_wnd, 344 (kf->t_state == TCPS_ESTABLISHED) ? 345 kf->t_snd_cwnd : 0); 346 347 if (isip6) { 348 inet6print(&laddr6, kf->inp_lport, name); 349 inet6print(&faddr6, kf->inp_fport, name); 350 } else { 351 inetprint(&laddr, kf->inp_lport, name, 1); 352 inetprint(&faddr, kf->inp_fport, name, 0); 353 } 354 if (istcp) { 355 if (kf->t_state >= TCP_NSTATES) 356 printf(" %u", kf->t_state); 357 else 358 printf(" %s", tcpstates[kf->t_state]); 359 } else if (kf->so_type == SOCK_RAW) { 360 printf(" %u", kf->inp_proto); 361 } 362 putchar('\n'); 363 } 364 365 /* 366 * Dump TCP statistics structure. 367 */ 368 void 369 tcp_stats(char *name) 370 { 371 struct tcpstat tcpstat; 372 int mib[] = { CTL_NET, PF_INET, IPPROTO_TCP, TCPCTL_STATS }; 373 size_t len = sizeof(tcpstat); 374 375 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 376 &tcpstat, &len, NULL, 0) == -1) { 377 if (errno != ENOPROTOOPT) 378 warn("%s", name); 379 return; 380 } 381 382 printf("%s:\n", name); 383 #define p(f, m) if (tcpstat.f || sflag <= 1) \ 384 printf(m, tcpstat.f, plural(tcpstat.f)) 385 #define p1(f, m) if (tcpstat.f || sflag <= 1) \ 386 printf(m, tcpstat.f) 387 #define p2(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 388 printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2, plural(tcpstat.f2)) 389 #define p2a(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 390 printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2) 391 #define p2b(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ 392 printf(m, tcpstat.f1, tcpstat.f2) 393 #define p2bys(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ 394 printf(m, tcpstat.f1, pluralys(tcpstat.f1), tcpstat.f2) 395 #define pes(f, m) if (tcpstat.f || sflag <= 1) \ 396 printf(m, tcpstat.f, plurales(tcpstat.f)) 397 #define pys(f, m) if (tcpstat.f || sflag <= 1) \ 398 printf(m, tcpstat.f, pluralys(tcpstat.f)) 399 400 p(tcps_sndtotal, "\t%u packet%s sent\n"); 401 p2(tcps_sndpack,tcps_sndbyte, 402 "\t\t%u data packet%s (%llu byte%s)\n"); 403 p2(tcps_sndrexmitpack, tcps_sndrexmitbyte, 404 "\t\t%u data packet%s (%llu byte%s) retransmitted\n"); 405 p(tcps_sndrexmitfast, "\t\t%llu fast retransmitted packet%s\n"); 406 p2a(tcps_sndacks, tcps_delack, 407 "\t\t%u ack-only packet%s (%u delayed)\n"); 408 p(tcps_sndurg, "\t\t%u URG only packet%s\n"); 409 p(tcps_sndprobe, "\t\t%u window probe packet%s\n"); 410 p(tcps_sndwinup, "\t\t%u window update packet%s\n"); 411 p(tcps_sndctrl, "\t\t%u control packet%s\n"); 412 p(tcps_outswcsum, "\t\t%u packet%s software-checksummed\n"); 413 p(tcps_rcvtotal, "\t%u packet%s received\n"); 414 p2(tcps_rcvackpack, tcps_rcvackbyte, "\t\t%u ack%s (for %llu byte%s)\n"); 415 p(tcps_rcvdupack, "\t\t%u duplicate ack%s\n"); 416 p(tcps_rcvacktoomuch, "\t\t%u ack%s for unsent data\n"); 417 p(tcps_rcvacktooold, "\t\t%u ack%s for old data\n"); 418 p2(tcps_rcvpack, tcps_rcvbyte, 419 "\t\t%u packet%s (%llu byte%s) received in-sequence\n"); 420 p2(tcps_rcvduppack, tcps_rcvdupbyte, 421 "\t\t%u completely duplicate packet%s (%llu byte%s)\n"); 422 p(tcps_pawsdrop, "\t\t%u old duplicate packet%s\n"); 423 p2(tcps_rcvpartduppack, tcps_rcvpartdupbyte, 424 "\t\t%u packet%s with some duplicate data (%llu byte%s duplicated)\n"); 425 p2(tcps_rcvoopack, tcps_rcvoobyte, 426 "\t\t%u out-of-order packet%s (%llu byte%s)\n"); 427 p2(tcps_rcvpackafterwin, tcps_rcvbyteafterwin, 428 "\t\t%u packet%s (%llu byte%s) of data after window\n"); 429 p(tcps_rcvwinprobe, "\t\t%u window probe%s\n"); 430 p(tcps_rcvwinupd, "\t\t%u window update packet%s\n"); 431 p(tcps_rcvafterclose, "\t\t%u packet%s received after close\n"); 432 p(tcps_rcvbadsum, "\t\t%u discarded for bad checksum%s\n"); 433 p(tcps_rcvbadoff, "\t\t%u discarded for bad header offset field%s\n"); 434 p1(tcps_rcvshort, "\t\t%u discarded because packet too short\n"); 435 p1(tcps_rcvnosec, "\t\t%u discarded for missing IPsec protection\n"); 436 p1(tcps_rcvmemdrop, "\t\t%u discarded due to memory shortage\n"); 437 p(tcps_inswcsum, "\t\t%u packet%s software-checksummed\n"); 438 p(tcps_rcvbadsig, "\t\t%u bad/missing md5 checksum%s\n"); 439 p(tcps_rcvgoodsig, "\t\t%llu good md5 checksum%s\n"); 440 p(tcps_connattempt, "\t%u connection request%s\n"); 441 p(tcps_accepts, "\t%u connection accept%s\n"); 442 p(tcps_connects, "\t%u connection%s established (including accepts)\n"); 443 p2(tcps_closed, tcps_drops, 444 "\t%u connection%s closed (including %u drop%s)\n"); 445 p(tcps_conndrained, "\t%llu connection%s drained\n"); 446 p(tcps_conndrops, "\t%u embryonic connection%s dropped\n"); 447 p2(tcps_rttupdated, tcps_segstimed, 448 "\t%u segment%s updated rtt (of %u attempt%s)\n"); 449 p(tcps_rexmttimeo, "\t%u retransmit timeout%s\n"); 450 p(tcps_timeoutdrop, "\t\t%u connection%s dropped by rexmit timeout\n"); 451 p(tcps_persisttimeo, "\t%u persist timeout%s\n"); 452 p(tcps_keeptimeo, "\t%u keepalive timeout%s\n"); 453 p(tcps_keepprobe, "\t\t%u keepalive probe%s sent\n"); 454 p(tcps_keepdrops, "\t\t%u connection%s dropped by keepalive\n"); 455 p(tcps_predack, "\t%u correct ACK header prediction%s\n"); 456 p(tcps_preddat, "\t%u correct data packet header prediction%s\n"); 457 pes(tcps_pcbhashmiss, "\t%u PCB cache miss%s\n"); 458 p1(tcps_noport, "\t%u dropped due to no socket\n"); 459 460 p(tcps_ecn_accepts, "\t%u ECN connection%s accepted\n"); 461 p(tcps_ecn_rcvece, "\t\t%u ECE packet%s received\n"); 462 p(tcps_ecn_rcvcwr, "\t\t%u CWR packet%s received\n"); 463 p(tcps_ecn_rcvce, "\t\t%u CE packet%s received\n"); 464 p(tcps_ecn_sndect, "\t\t%u ECT packet%s sent\n"); 465 p(tcps_ecn_sndece, "\t\t%u ECE packet%s sent\n"); 466 p(tcps_ecn_sndcwr, "\t\t%u CWR packet%s sent\n"); 467 p1(tcps_cwr_frecovery, "\t\t\tcwr by fastrecovery: %u\n"); 468 p1(tcps_cwr_timeout, "\t\t\tcwr by timeout: %u\n"); 469 p1(tcps_cwr_ecn, "\t\t\tcwr by ecn: %u\n"); 470 471 p(tcps_badsyn, "\t%u bad connection attempt%s\n"); 472 p(tcps_dropsyn, "\t%u SYN packet%s dropped due to queue or memory full\n"); 473 pys(tcps_sc_added, "\t%llu SYN cache entr%s added\n"); 474 p(tcps_sc_collisions, "\t\t%llu hash collision%s\n"); 475 p1(tcps_sc_completed, "\t\t%llu completed\n"); 476 p1(tcps_sc_aborted, "\t\t%llu aborted (no space to build PCB)\n"); 477 p1(tcps_sc_timed_out, "\t\t%llu timed out\n"); 478 p1(tcps_sc_overflowed, "\t\t%llu dropped due to overflow\n"); 479 p1(tcps_sc_bucketoverflow, "\t\t%llu dropped due to bucket overflow\n"); 480 p1(tcps_sc_reset, "\t\t%llu dropped due to RST\n"); 481 p1(tcps_sc_unreach, "\t\t%llu dropped due to ICMP unreachable\n"); 482 p(tcps_sc_retransmitted, "\t%llu SYN,ACK%s retransmitted\n"); 483 p(tcps_sc_dupesyn, "\t%llu duplicate SYN%s received for entries " 484 "already in the cache\n"); 485 p(tcps_sc_dropped, "\t%llu SYN%s dropped (no route or no space)\n"); 486 p(tcps_sc_seedrandom, "\t%llu SYN cache seed%s with new random\n"); 487 p1(tcps_sc_hash_size, "\t%llu hash bucket array size in current " 488 "SYN cache\n"); 489 p2bys(tcps_sc_entry_count, tcps_sc_entry_limit, 490 "\t%llu entr%s in current SYN cache, limit is %llu\n"); 491 p2b(tcps_sc_bucket_maxlen, tcps_sc_bucket_limit, 492 "\t%llu longest bucket length in current SYN cache, limit is %llu\n"); 493 p(tcps_sc_uses_left, "\t%llu use%s of current SYN cache left\n"); 494 495 p(tcps_sack_recovery_episode, "\t%llu SACK recovery episode%s\n"); 496 p(tcps_sack_rexmits, 497 "\t\t%llu segment rexmit%s in SACK recovery episodes\n"); 498 p(tcps_sack_rexmit_bytes, 499 "\t\t%llu byte rexmit%s in SACK recovery episodes\n"); 500 p(tcps_sack_rcv_opts, "\t%llu SACK option%s received\n"); 501 p(tcps_sack_snd_opts, "\t%llu SACK option%s sent\n"); 502 p(tcps_sack_drop_opts, "\t%llu SACK option%s dropped\n"); 503 504 #undef p 505 #undef p1 506 #undef p2 507 #undef p2a 508 #undef p2b 509 #undef p2bys 510 #undef pes 511 #undef pys 512 } 513 514 /* 515 * Dump UDP statistics structure. 516 */ 517 void 518 udp_stats(char *name) 519 { 520 struct udpstat udpstat; 521 u_long delivered; 522 int mib[] = { CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_STATS }; 523 size_t len = sizeof(udpstat); 524 525 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 526 &udpstat, &len, NULL, 0) == -1) { 527 if (errno != ENOPROTOOPT) 528 warn("%s", name); 529 return; 530 } 531 532 printf("%s:\n", name); 533 #define p(f, m) if (udpstat.f || sflag <= 1) \ 534 printf(m, udpstat.f, plural(udpstat.f)) 535 #define p1(f, m) if (udpstat.f || sflag <= 1) \ 536 printf(m, udpstat.f) 537 538 p(udps_ipackets, "\t%lu datagram%s received\n"); 539 p1(udps_hdrops, "\t%lu with incomplete header\n"); 540 p1(udps_badlen, "\t%lu with bad data length field\n"); 541 p1(udps_badsum, "\t%lu with bad checksum\n"); 542 p1(udps_nosum, "\t%lu with no checksum\n"); 543 p(udps_inswcsum, "\t%lu input packet%s software-checksummed\n"); 544 p(udps_outswcsum, "\t%lu output packet%s software-checksummed\n"); 545 p1(udps_noport, "\t%lu dropped due to no socket\n"); 546 p(udps_noportbcast, "\t%lu broadcast/multicast datagram%s dropped due to no socket\n"); 547 p1(udps_nosec, "\t%lu dropped due to missing IPsec protection\n"); 548 p1(udps_fullsock, "\t%lu dropped due to full socket buffers\n"); 549 delivered = udpstat.udps_ipackets - udpstat.udps_hdrops - 550 udpstat.udps_badlen - udpstat.udps_badsum - 551 udpstat.udps_noport - udpstat.udps_noportbcast - 552 udpstat.udps_fullsock; 553 if (delivered || sflag <= 1) 554 printf("\t%lu delivered\n", delivered); 555 p(udps_opackets, "\t%lu datagram%s output\n"); 556 p1(udps_pcbhashmiss, "\t%lu missed PCB cache\n"); 557 #undef p 558 #undef p1 559 } 560 561 /* 562 * Dump IP statistics structure. 563 */ 564 void 565 ip_stats(char *name) 566 { 567 struct ipstat ipstat; 568 int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_STATS }; 569 size_t len = sizeof(ipstat); 570 571 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 572 &ipstat, &len, NULL, 0) == -1) { 573 if (errno != ENOPROTOOPT) 574 warn("%s", name); 575 return; 576 } 577 578 printf("%s:\n", name); 579 #define p(f, m) if (ipstat.f || sflag <= 1) \ 580 printf(m, ipstat.f, plural(ipstat.f)) 581 #define p1(f, m) if (ipstat.f || sflag <= 1) \ 582 printf(m, ipstat.f) 583 584 p(ips_total, "\t%lu total packet%s received\n"); 585 p(ips_badsum, "\t%lu bad header checksum%s\n"); 586 p1(ips_toosmall, "\t%lu with size smaller than minimum\n"); 587 p1(ips_tooshort, "\t%lu with data size < data length\n"); 588 p1(ips_badhlen, "\t%lu with header length < data size\n"); 589 p1(ips_badlen, "\t%lu with data length < header length\n"); 590 p1(ips_badoptions, "\t%lu with bad options\n"); 591 p1(ips_badvers, "\t%lu with incorrect version number\n"); 592 p(ips_fragments, "\t%lu fragment%s received\n"); 593 p(ips_fragdropped, "\t%lu fragment%s dropped (duplicates or out of space)\n"); 594 p(ips_badfrags, "\t%lu malformed fragment%s dropped\n"); 595 p(ips_fragtimeout, "\t%lu fragment%s dropped after timeout\n"); 596 p(ips_reassembled, "\t%lu packet%s reassembled ok\n"); 597 p(ips_delivered, "\t%lu packet%s for this host\n"); 598 p(ips_noproto, "\t%lu packet%s for unknown/unsupported protocol\n"); 599 p(ips_forward, "\t%lu packet%s forwarded\n"); 600 p(ips_cantforward, "\t%lu packet%s not forwardable\n"); 601 p(ips_redirectsent, "\t%lu redirect%s sent\n"); 602 p(ips_localout, "\t%lu packet%s sent from this host\n"); 603 p(ips_rawout, "\t%lu packet%s sent with fabricated ip header\n"); 604 p(ips_odropped, "\t%lu output packet%s dropped due to no bufs, etc.\n"); 605 p(ips_noroute, "\t%lu output packet%s discarded due to no route\n"); 606 p(ips_fragmented, "\t%lu output datagram%s fragmented\n"); 607 p(ips_ofragments, "\t%lu fragment%s created\n"); 608 p(ips_cantfrag, "\t%lu datagram%s that can't be fragmented\n"); 609 p1(ips_rcvmemdrop, "\t%lu fragment floods\n"); 610 p(ips_toolong, "\t%lu packet%s with ip length > max ip packet size\n"); 611 p(ips_nogif, "\t%lu tunneling packet%s that can't find gif\n"); 612 p(ips_badaddr, "\t%lu datagram%s with bad address in header\n"); 613 p(ips_inswcsum, "\t%lu input datagram%s software-checksummed\n"); 614 p(ips_outswcsum, "\t%lu output datagram%s software-checksummed\n"); 615 p(ips_notmember, "\t%lu multicast packet%s which we don't join\n"); 616 p(ips_wrongif, "\t%lu packet%s received on wrong interface\n"); 617 #undef p 618 #undef p1 619 } 620 621 /* 622 * Dump DIVERT statistics structure. 623 */ 624 void 625 div_stats(char *name) 626 { 627 struct divstat divstat; 628 int mib[] = { CTL_NET, PF_INET, IPPROTO_DIVERT, DIVERTCTL_STATS }; 629 size_t len = sizeof(divstat); 630 631 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 632 &divstat, &len, NULL, 0) == -1) { 633 if (errno != ENOPROTOOPT) 634 warn("%s", name); 635 return; 636 } 637 638 printf("%s:\n", name); 639 #define p(f, m) if (divstat.f || sflag <= 1) \ 640 printf(m, divstat.f, plural(divstat.f)) 641 #define p1(f, m) if (divstat.f || sflag <= 1) \ 642 printf(m, divstat.f) 643 p(divs_ipackets, "\t%lu total packet%s received\n"); 644 p1(divs_noport, "\t%lu dropped due to no socket\n"); 645 p1(divs_fullsock, "\t%lu dropped due to full socket buffers\n"); 646 p(divs_opackets, "\t%lu packet%s output\n"); 647 p1(divs_errors, "\t%lu errors\n"); 648 #undef p 649 #undef p1 650 } 651 652 static char *icmpnames[ICMP_MAXTYPE + 1] = { 653 "echo reply", 654 "#1", 655 "#2", 656 "destination unreachable", 657 "source quench", 658 "routing redirect", 659 "#6", 660 "#7", 661 "echo", 662 "router advertisement", 663 "router solicitation", 664 "time exceeded", 665 "parameter problem", 666 "time stamp", 667 "time stamp reply", 668 "information request", 669 "information request reply", 670 "address mask request", 671 "address mask reply", 672 "#19", 673 "#20", 674 "#21", 675 "#22", 676 "#23", 677 "#24", 678 "#25", 679 "#26", 680 "#27", 681 "#28", 682 "#29", 683 "traceroute", 684 "data conversion error", 685 "mobile host redirect", 686 "IPv6 where-are-you", 687 "IPv6 i-am-here", 688 "mobile registration request", 689 "mobile registration reply", 690 "#37", 691 "#38", 692 "SKIP", 693 "Photuris", 694 }; 695 696 /* 697 * Dump ICMP statistics. 698 */ 699 void 700 icmp_stats(char *name) 701 { 702 struct icmpstat icmpstat; 703 int i, first; 704 int mib[] = { CTL_NET, PF_INET, IPPROTO_ICMP, ICMPCTL_STATS }; 705 size_t len = sizeof(icmpstat); 706 707 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 708 &icmpstat, &len, NULL, 0) == -1) { 709 if (errno != ENOPROTOOPT) 710 warn("%s", name); 711 return; 712 } 713 714 printf("%s:\n", name); 715 #define p(f, m) if (icmpstat.f || sflag <= 1) \ 716 printf(m, icmpstat.f, plural(icmpstat.f)) 717 718 p(icps_error, "\t%lu call%s to icmp_error\n"); 719 p(icps_oldicmp, 720 "\t%lu error%s not generated because old message was icmp\n"); 721 p(icps_toofreq, 722 "\t%lu error%s not generated because of rate limitation\n"); 723 724 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 725 if (icmpstat.icps_outhist[i] != 0) { 726 if (first) { 727 printf("\tOutput packet histogram:\n"); 728 first = 0; 729 } 730 if (icmpnames[i]) 731 printf("\t\t%s:", icmpnames[i]); 732 else 733 printf("\t\t#%d:", i); 734 printf(" %lu\n", icmpstat.icps_outhist[i]); 735 } 736 p(icps_badcode, "\t%lu message%s with bad code fields\n"); 737 p(icps_tooshort, "\t%lu message%s < minimum length\n"); 738 p(icps_checksum, "\t%lu bad checksum%s\n"); 739 p(icps_badlen, "\t%lu message%s with bad length\n"); 740 p(icps_bmcastecho, "\t%lu echo request%s to broadcast/multicast " 741 "rejected\n"); 742 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 743 if (icmpstat.icps_inhist[i] != 0) { 744 if (first) { 745 printf("\tInput packet histogram:\n"); 746 first = 0; 747 } 748 if (icmpnames[i]) 749 printf("\t\t%s:", icmpnames[i]); 750 else 751 printf("\t\t#%d:", i); 752 printf(" %lu\n", icmpstat.icps_inhist[i]); 753 } 754 p(icps_reflect, "\t%lu message response%s generated\n"); 755 #undef p 756 } 757 758 /* 759 * Dump IGMP statistics structure. 760 */ 761 void 762 igmp_stats(char *name) 763 { 764 struct igmpstat igmpstat; 765 int mib[] = { CTL_NET, PF_INET, IPPROTO_IGMP, IGMPCTL_STATS }; 766 size_t len = sizeof(igmpstat); 767 768 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 769 &igmpstat, &len, NULL, 0) == -1) { 770 if (errno != ENOPROTOOPT) 771 warn("%s", name); 772 return; 773 } 774 775 printf("%s:\n", name); 776 #define p(f, m) if (igmpstat.f || sflag <= 1) \ 777 printf(m, igmpstat.f, plural(igmpstat.f)) 778 #define py(f, m) if (igmpstat.f || sflag <= 1) \ 779 printf(m, igmpstat.f, igmpstat.f != 1 ? "ies" : "y") 780 781 p(igps_rcv_total, "\t%lu message%s received\n"); 782 p(igps_rcv_tooshort, "\t%lu message%s received with too few bytes\n"); 783 p(igps_rcv_badsum, "\t%lu message%s received with bad checksum\n"); 784 py(igps_rcv_queries, "\t%lu membership quer%s received\n"); 785 py(igps_rcv_badqueries, "\t%lu membership quer%s received with invalid field(s)\n"); 786 p(igps_rcv_reports, "\t%lu membership report%s received\n"); 787 p(igps_rcv_badreports, "\t%lu membership report%s received with invalid field(s)\n"); 788 p(igps_rcv_ourreports, "\t%lu membership report%s received for groups to which we belong\n"); 789 p(igps_snd_reports, "\t%lu membership report%s sent\n"); 790 #undef p 791 #undef py 792 } 793 794 struct rpcnams { 795 struct rpcnams *next; 796 in_port_t port; 797 int proto; 798 char *rpcname; 799 }; 800 801 static char * 802 getrpcportnam(in_port_t port, int proto) 803 { 804 struct sockaddr_in server_addr; 805 struct hostent *hp; 806 static struct pmaplist *head; 807 int socket = RPC_ANYSOCK; 808 struct timeval minutetimeout; 809 CLIENT *client; 810 struct rpcent *rpc; 811 static int first; 812 static struct rpcnams *rpcn; 813 struct rpcnams *n; 814 char num[20]; 815 816 if (first == 0) { 817 first = 1; 818 memset(&server_addr, 0, sizeof server_addr); 819 server_addr.sin_family = AF_INET; 820 if ((hp = gethostbyname("localhost")) != NULL) 821 memmove((caddr_t)&server_addr.sin_addr, hp->h_addr, 822 hp->h_length); 823 else 824 (void) inet_aton("0.0.0.0", &server_addr.sin_addr); 825 826 minutetimeout.tv_sec = 60; 827 minutetimeout.tv_usec = 0; 828 server_addr.sin_port = htons(PMAPPORT); 829 if ((client = clnttcp_create(&server_addr, PMAPPROG, 830 PMAPVERS, &socket, 50, 500)) == NULL) 831 return (NULL); 832 if (clnt_call(client, PMAPPROC_DUMP, xdr_void, NULL, 833 xdr_pmaplist, &head, minutetimeout) != RPC_SUCCESS) { 834 clnt_destroy(client); 835 return (NULL); 836 } 837 for (; head != NULL; head = head->pml_next) { 838 n = malloc(sizeof(struct rpcnams)); 839 if (n == NULL) 840 continue; 841 n->next = rpcn; 842 rpcn = n; 843 n->port = head->pml_map.pm_port; 844 n->proto = head->pml_map.pm_prot; 845 846 rpc = getrpcbynumber(head->pml_map.pm_prog); 847 if (rpc) 848 n->rpcname = strdup(rpc->r_name); 849 else { 850 snprintf(num, sizeof num, "%ld", 851 head->pml_map.pm_prog); 852 n->rpcname = strdup(num); 853 } 854 } 855 clnt_destroy(client); 856 } 857 858 for (n = rpcn; n; n = n->next) 859 if (n->port == port && n->proto == proto) 860 return (n->rpcname); 861 return (NULL); 862 } 863 864 /* 865 * Pretty print an Internet address (net address + port). 866 * If the nflag was specified, use numbers instead of names. 867 */ 868 void 869 inetprint(struct in_addr *in, in_port_t port, const char *proto, int local) 870 { 871 struct servent *sp = 0; 872 char line[80], *cp, *nam; 873 int width; 874 875 snprintf(line, sizeof line, "%.*s.", (Aflag && !nflag) ? 12 : 16, 876 inetname(in)); 877 cp = strchr(line, '\0'); 878 if (!nflag && port) 879 sp = getservbyport((int)port, proto); 880 if (sp || port == 0) 881 snprintf(cp, line + sizeof line - cp, "%.8s", 882 sp ? sp->s_name : "*"); 883 else if (local && !nflag && (nam = getrpcportnam(ntohs(port), 884 (strcmp(proto, "tcp") == 0 ? IPPROTO_TCP : IPPROTO_UDP)))) 885 snprintf(cp, line + sizeof line - cp, "%d[%.8s]", 886 ntohs(port), nam); 887 else 888 snprintf(cp, line + sizeof line - cp, "%d", ntohs(port)); 889 width = Aflag ? 18 : 22; 890 printf(" %-*.*s", width, width, line); 891 } 892 893 /* 894 * Construct an Internet address representation. 895 * If the nflag has been supplied, give 896 * numeric value, otherwise try for symbolic name. 897 */ 898 char * 899 inetname(struct in_addr *inp) 900 { 901 char *cp; 902 static char line[50]; 903 struct hostent *hp; 904 static char domain[HOST_NAME_MAX+1]; 905 static int first = 1; 906 907 if (first && !nflag) { 908 first = 0; 909 if (gethostname(domain, sizeof(domain)) == 0 && 910 (cp = strchr(domain, '.'))) 911 (void) strlcpy(domain, cp + 1, sizeof domain); 912 else 913 domain[0] = '\0'; 914 } 915 cp = NULL; 916 if (!nflag && inp->s_addr != INADDR_ANY) { 917 hp = gethostbyaddr((char *)inp, sizeof (*inp), AF_INET); 918 if (hp) { 919 if ((cp = strchr(hp->h_name, '.')) && 920 !strcmp(cp + 1, domain)) 921 *cp = '\0'; 922 cp = hp->h_name; 923 } 924 } 925 if (inp->s_addr == INADDR_ANY) 926 snprintf(line, sizeof line, "*"); 927 else if (cp) 928 snprintf(line, sizeof line, "%s", cp); 929 else { 930 inp->s_addr = ntohl(inp->s_addr); 931 #define C(x) ((x) & 0xff) 932 snprintf(line, sizeof line, "%u.%u.%u.%u", 933 C(inp->s_addr >> 24), C(inp->s_addr >> 16), 934 C(inp->s_addr >> 8), C(inp->s_addr)); 935 } 936 return (line); 937 } 938 939 /* 940 * Dump AH statistics structure. 941 */ 942 void 943 ah_stats(char *name) 944 { 945 struct ahstat ahstat; 946 int mib[] = { CTL_NET, PF_INET, IPPROTO_AH, AHCTL_STATS }; 947 size_t len = sizeof(ahstat); 948 949 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 950 &ahstat, &len, NULL, 0) == -1) { 951 if (errno != ENOPROTOOPT) 952 warn("%s", name); 953 return; 954 } 955 956 printf("%s:\n", name); 957 #define p(f, m) if (ahstat.f || sflag <= 1) \ 958 printf(m, ahstat.f, plural(ahstat.f)) 959 #define p1(f, m) if (ahstat.f || sflag <= 1) \ 960 printf(m, ahstat.f) 961 962 p1(ahs_input, "\t%llu input AH packets\n"); 963 p1(ahs_output, "\t%llu output AH packets\n"); 964 p(ahs_nopf, "\t%llu packet%s from unsupported protocol families\n"); 965 p(ahs_hdrops, "\t%llu packet%s shorter than header shows\n"); 966 p(ahs_pdrops, "\t%llu packet%s dropped due to policy\n"); 967 p(ahs_notdb, "\t%llu packet%s for which no TDB was found\n"); 968 p(ahs_badkcr, "\t%llu input packet%s that failed to be processed\n"); 969 p(ahs_badauth, "\t%llu packet%s that failed verification received\n"); 970 p(ahs_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 971 p(ahs_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 972 p(ahs_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 973 p(ahs_replay, "\t%llu possibly replayed packet%s received\n"); 974 p(ahs_badauthl, "\t%llu packet%s with bad authenticator length received\n"); 975 p(ahs_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 976 p(ahs_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 977 p(ahs_crypto, "\t%llu packet%s that failed crypto processing\n"); 978 p(ahs_outfail, "\t%llu output packet%s could not be sent\n"); 979 p(ahs_ibytes, "\t%llu input byte%s\n"); 980 p(ahs_obytes, "\t%llu output byte%s\n"); 981 982 #undef p 983 #undef p1 984 } 985 986 /* 987 * Dump etherip statistics structure. 988 */ 989 void 990 etherip_stats(char *name) 991 { 992 struct etheripstat etheripstat; 993 int mib[] = { CTL_NET, PF_INET, IPPROTO_ETHERIP, ETHERIPCTL_STATS }; 994 size_t len = sizeof(etheripstat); 995 996 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 997 ðeripstat, &len, NULL, 0) == -1) { 998 if (errno != ENOPROTOOPT) 999 warn("%s", name); 1000 return; 1001 } 1002 1003 printf("%s:\n", name); 1004 #define p(f, m) if (etheripstat.f || sflag <= 1) \ 1005 printf(m, etheripstat.f, plural(etheripstat.f)) 1006 1007 p(etherips_hdrops, "\t%llu packet%s shorter than header shows\n"); 1008 p(etherips_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1009 p(etherips_noifdrops, "\t%llu packet%s were dropped because of no interface/bridge information\n"); 1010 p(etherips_pdrops, "\t%llu packet%s dropped due to policy\n"); 1011 p(etherips_adrops, "\t%llu packet%s dropped for other reasons\n"); 1012 p(etherips_ipackets, "\t%llu input ethernet-in-IP packet%s\n"); 1013 p(etherips_opackets, "\t%llu output ethernet-in-IP packet%s\n"); 1014 p(etherips_ibytes, "\t%llu input byte%s\n"); 1015 p(etherips_obytes, "\t%llu output byte%s\n"); 1016 #undef p 1017 } 1018 1019 /* 1020 * Dump IPsec statistics structure. 1021 */ 1022 void 1023 ipsec_stats(char *name) 1024 { 1025 struct ipsecstat ipsecstat; 1026 int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IPSEC_STATS }; 1027 size_t len = sizeof(ipsecstat); 1028 1029 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1030 &ipsecstat, &len, NULL, 0) == -1) { 1031 if (errno != ENOPROTOOPT) 1032 warn("%s", name); 1033 return; 1034 } 1035 1036 printf("%s:\n", name); 1037 #define p(f, m) if (ipsecstat.f || sflag <= 1) \ 1038 printf(m, ipsecstat.f, plural(ipsecstat.f)) 1039 p(ipsec_ipackets, "\t%llu input IPsec packet%s\n"); 1040 p(ipsec_opackets, "\t%llu output IPsec packet%s\n"); 1041 p(ipsec_ibytes, "\t%llu input byte%s\n"); 1042 p(ipsec_obytes, "\t%llu output byte%s\n"); 1043 p(ipsec_idecompbytes, "\t%llu input byte%s, decompressed\n"); 1044 p(ipsec_ouncompbytes, "\t%llu output byte%s, uncompressed\n"); 1045 p(ipsec_idrops, "\t%llu packet%s dropped on input\n"); 1046 p(ipsec_odrops, "\t%llu packet%s dropped on output\n"); 1047 p(ipsec_crypto, "\t%llu packet%s that failed crypto processing\n"); 1048 p(ipsec_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1049 p(ipsec_notdb, "\t%llu packet%s for which no TDB was found\n"); 1050 #undef p 1051 } 1052 1053 /* 1054 * Dump ESP statistics structure. 1055 */ 1056 void 1057 esp_stats(char *name) 1058 { 1059 struct espstat espstat; 1060 int mib[] = { CTL_NET, PF_INET, IPPROTO_ESP, ESPCTL_STATS }; 1061 size_t len = sizeof(espstat); 1062 1063 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1064 &espstat, &len, NULL, 0) == -1) { 1065 if (errno != ENOPROTOOPT) 1066 warn("%s", name); 1067 return; 1068 } 1069 1070 printf("%s:\n", name); 1071 #define p(f, m) if (espstat.f || sflag <= 1) \ 1072 printf(m, espstat.f, plural(espstat.f)) 1073 1074 p(esps_input, "\t%llu input ESP packet%s\n"); 1075 p(esps_output, "\t%llu output ESP packet%s\n"); 1076 p(esps_nopf, "\t%llu packet%s from unsupported protocol families\n"); 1077 p(esps_hdrops, "\t%llu packet%s shorter than header shows\n"); 1078 p(esps_pdrops, "\t%llu packet%s dropped due to policy\n"); 1079 p(esps_notdb, "\t%llu packet%s for which no TDB was found\n"); 1080 p(esps_badkcr, "\t%llu input packet%s that failed to be processed\n"); 1081 p(esps_badenc, "\t%llu packet%s with bad encryption received\n"); 1082 p(esps_badauth, "\t%llu packet%s that failed verification received\n"); 1083 p(esps_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1084 p(esps_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1085 p(esps_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 1086 p(esps_replay, "\t%llu possibly replayed packet%s received\n"); 1087 p(esps_badilen, "\t%llu packet%s with bad payload size or padding received\n"); 1088 p(esps_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 1089 p(esps_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 1090 p(esps_crypto, "\t%llu packet%s that failed crypto processing\n"); 1091 p(esps_outfail, "\t%llu output packet%s could not be sent\n"); 1092 p(esps_udpencin, "\t%llu input UDP encapsulated ESP packet%s\n"); 1093 p(esps_udpencout, "\t%llu output UDP encapsulated ESP packet%s\n"); 1094 p(esps_udpinval, "\t%llu UDP packet%s for non-encapsulating TDB received\n"); 1095 p(esps_udpneeded, "\t%llu raw ESP packet%s for encapsulating TDB received\n"); 1096 p(esps_ibytes, "\t%llu input byte%s\n"); 1097 p(esps_obytes, "\t%llu output byte%s\n"); 1098 1099 #undef p 1100 } 1101 1102 /* 1103 * Dump IP-in-IP statistics structure. 1104 */ 1105 void 1106 ipip_stats(char *name) 1107 { 1108 struct ipipstat ipipstat; 1109 int mib[] = { CTL_NET, PF_INET, IPPROTO_IPIP, IPIPCTL_STATS }; 1110 size_t len = sizeof(ipipstat); 1111 1112 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1113 &ipipstat, &len, NULL, 0) == -1) { 1114 if (errno != ENOPROTOOPT) 1115 warn("%s", name); 1116 return; 1117 } 1118 1119 printf("%s:\n", name); 1120 #define p(f, m) if (ipipstat.f || sflag <= 1) \ 1121 printf(m, ipipstat.f, plural(ipipstat.f)) 1122 1123 p(ipips_ipackets, "\t%llu total input packet%s\n"); 1124 p(ipips_opackets, "\t%llu total output packet%s\n"); 1125 p(ipips_hdrops, "\t%llu packet%s shorter than header shows\n"); 1126 p(ipips_pdrops, "\t%llu packet%s dropped due to policy\n"); 1127 p(ipips_spoof, "\t%llu packet%s with possibly spoofed local addresses\n"); 1128 p(ipips_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1129 p(ipips_ibytes, "\t%llu input byte%s\n"); 1130 p(ipips_obytes, "\t%llu output byte%s\n"); 1131 p(ipips_family, "\t%llu protocol family mismatche%s\n"); 1132 p(ipips_unspec, "\t%llu attempt%s to use tunnel with unspecified endpoint(s)\n"); 1133 #undef p 1134 } 1135 1136 /* 1137 * Dump CARP statistics structure. 1138 */ 1139 void 1140 carp_stats(char *name) 1141 { 1142 struct carpstats carpstat; 1143 int mib[] = { CTL_NET, PF_INET, IPPROTO_CARP, CARPCTL_STATS }; 1144 size_t len = sizeof(carpstat); 1145 1146 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1147 &carpstat, &len, NULL, 0) == -1) { 1148 if (errno != ENOPROTOOPT) 1149 warn("%s", name); 1150 return; 1151 } 1152 1153 printf("%s:\n", name); 1154 #define p(f, m) if (carpstat.f || sflag <= 1) \ 1155 printf(m, carpstat.f, plural(carpstat.f)) 1156 #define p2(f, m) if (carpstat.f || sflag <= 1) \ 1157 printf(m, carpstat.f) 1158 1159 p(carps_ipackets, "\t%llu packet%s received (IPv4)\n"); 1160 p(carps_ipackets6, "\t%llu packet%s received (IPv6)\n"); 1161 p(carps_badif, "\t\t%llu packet%s discarded for bad interface\n"); 1162 p(carps_badttl, "\t\t%llu packet%s discarded for wrong TTL\n"); 1163 p(carps_hdrops, "\t\t%llu packet%s shorter than header\n"); 1164 p(carps_badsum, "\t\t%llu discarded for bad checksum%s\n"); 1165 p(carps_badver, "\t\t%llu discarded packet%s with a bad version\n"); 1166 p2(carps_badlen, "\t\t%llu discarded because packet too short\n"); 1167 p2(carps_badauth, "\t\t%llu discarded for bad authentication\n"); 1168 p2(carps_badvhid, "\t\t%llu discarded for unknown vhid\n"); 1169 p2(carps_badaddrs, "\t\t%llu discarded because of a bad address list\n"); 1170 p(carps_opackets, "\t%llu packet%s sent (IPv4)\n"); 1171 p(carps_opackets6, "\t%llu packet%s sent (IPv6)\n"); 1172 p2(carps_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1173 p(carps_preempt, "\t%llu transition%s to master\n"); 1174 #undef p 1175 #undef p2 1176 } 1177 1178 /* 1179 * Dump pfsync statistics structure. 1180 */ 1181 void 1182 pfsync_stats(char *name) 1183 { 1184 struct pfsyncstats pfsyncstat; 1185 int mib[] = { CTL_NET, PF_INET, IPPROTO_PFSYNC, PFSYNCCTL_STATS }; 1186 size_t len = sizeof(pfsyncstat); 1187 1188 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1189 &pfsyncstat, &len, NULL, 0) == -1) { 1190 if (errno != ENOPROTOOPT) 1191 warn("%s", name); 1192 return; 1193 } 1194 1195 printf("%s:\n", name); 1196 #define p(f, m) if (pfsyncstat.f || sflag <= 1) \ 1197 printf(m, pfsyncstat.f, plural(pfsyncstat.f)) 1198 #define p2(f, m) if (pfsyncstat.f || sflag <= 1) \ 1199 printf(m, pfsyncstat.f) 1200 1201 p(pfsyncs_ipackets, "\t%llu packet%s received (IPv4)\n"); 1202 p(pfsyncs_ipackets6, "\t%llu packet%s received (IPv6)\n"); 1203 p(pfsyncs_badif, "\t\t%llu packet%s discarded for bad interface\n"); 1204 p(pfsyncs_badttl, "\t\t%llu packet%s discarded for bad ttl\n"); 1205 p(pfsyncs_hdrops, "\t\t%llu packet%s shorter than header\n"); 1206 p(pfsyncs_badver, "\t\t%llu packet%s discarded for bad version\n"); 1207 p(pfsyncs_badauth, "\t\t%llu packet%s discarded for bad HMAC\n"); 1208 p(pfsyncs_badact,"\t\t%llu packet%s discarded for bad action\n"); 1209 p(pfsyncs_badlen, "\t\t%llu packet%s discarded for short packet\n"); 1210 p(pfsyncs_badval, "\t\t%llu state%s discarded for bad values\n"); 1211 p(pfsyncs_stale, "\t\t%llu stale state%s\n"); 1212 p(pfsyncs_badstate, "\t\t%llu failed state lookup/insert%s\n"); 1213 p(pfsyncs_opackets, "\t%llu packet%s sent (IPv4)\n"); 1214 p(pfsyncs_opackets6, "\t%llu packet%s sent (IPv6)\n"); 1215 p2(pfsyncs_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1216 p2(pfsyncs_oerrors, "\t\t%llu send error\n"); 1217 #undef p 1218 #undef p2 1219 } 1220 1221 /* 1222 * Dump pflow statistics structure. 1223 */ 1224 void 1225 pflow_stats(char *name) 1226 { 1227 struct pflowstats flowstats; 1228 int mib[] = { CTL_NET, PF_PFLOW, NET_PFLOW_STATS }; 1229 size_t len = sizeof(struct pflowstats); 1230 1231 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), &flowstats, &len, 1232 NULL, 0) == -1) { 1233 if (errno != ENOPROTOOPT) 1234 warn("%s", name); 1235 return; 1236 } 1237 1238 printf("%s:\n", name); 1239 #define p(f, m) if (flowstats.f || sflag <= 1) \ 1240 printf(m, flowstats.f, plural(flowstats.f)) 1241 #define p2(f, m) if (flowstats.f || sflag <= 1) \ 1242 printf(m, flowstats.f) 1243 1244 p(pflow_flows, "\t%llu flow%s sent\n"); 1245 p(pflow_packets, "\t%llu packet%s sent\n"); 1246 p2(pflow_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1247 p2(pflow_oerrors, "\t\t%llu send error\n"); 1248 #undef p 1249 #undef p2 1250 } 1251 1252 /* 1253 * Dump IPCOMP statistics structure. 1254 */ 1255 void 1256 ipcomp_stats(char *name) 1257 { 1258 struct ipcompstat ipcompstat; 1259 int mib[] = { CTL_NET, PF_INET, IPPROTO_IPCOMP, IPCOMPCTL_STATS }; 1260 size_t len = sizeof(ipcompstat); 1261 1262 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1263 &ipcompstat, &len, NULL, 0) == -1) { 1264 if (errno != ENOPROTOOPT) 1265 warn("%s", name); 1266 return; 1267 } 1268 1269 printf("%s:\n", name); 1270 #define p(f, m) if (ipcompstat.f || sflag <= 1) \ 1271 printf(m, ipcompstat.f, plural(ipcompstat.f)) 1272 1273 p(ipcomps_input, "\t%llu input IPCOMP packet%s\n"); 1274 p(ipcomps_output, "\t%llu output IPCOMP packet%s\n"); 1275 p(ipcomps_nopf, "\t%llu packet%s from unsupported protocol families\n"); 1276 p(ipcomps_hdrops, "\t%llu packet%s shorter than header shows\n"); 1277 p(ipcomps_pdrops, "\t%llu packet%s dropped due to policy\n"); 1278 p(ipcomps_notdb, "\t%llu packet%s for which no TDB was found\n"); 1279 p(ipcomps_badkcr, "\t%llu input packet%s that failed to be processed\n"); 1280 p(ipcomps_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1281 p(ipcomps_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1282 p(ipcomps_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 1283 p(ipcomps_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 1284 p(ipcomps_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 1285 p(ipcomps_crypto, "\t%llu packet%s that failed (de)compression processing\n"); 1286 p(ipcomps_outfail, "\t%llu output packet%s could not be sent\n"); 1287 p(ipcomps_minlen, "\t%llu packet%s less than minimum compression length\n"); 1288 p(ipcomps_ibytes, "\t%llu input byte%s\n"); 1289 p(ipcomps_obytes, "\t%llu output byte%s\n"); 1290 1291 #undef p 1292 } 1293 1294 /* 1295 * Dump the contents of a socket structure 1296 */ 1297 void 1298 socket_dump(u_long off) 1299 { 1300 struct socket so; 1301 1302 if (off == 0) 1303 return; 1304 kread(off, &so, sizeof(so)); 1305 1306 #define p(fmt, v, sep) printf(#v " " fmt sep, so.v); 1307 #define pp(fmt, v, sep) printf(#v " " fmt sep, so.v); 1308 printf("socket %#lx\n ", off); 1309 p("%#.4x", so_type, "\n "); 1310 p("%#.4x", so_options, "\n "); 1311 p("%d", so_linger, "\n "); 1312 p("%#.4x", so_state, "\n "); 1313 pp("%p", so_pcb, ", "); 1314 pp("%p", so_proto, ", "); 1315 pp("%p", so_head, "\n "); 1316 p("%d", so_q0len, ", "); 1317 p("%d", so_qlen, ", "); 1318 p("%d", so_qlimit, "\n "); 1319 p("%d", so_timeo, "\n "); 1320 p("%u", so_error, "\n "); 1321 p("%p", so_sigio.sir_sigio, "\n "); 1322 p("%lu", so_oobmark, "\n "); 1323 if (so.so_sp) 1324 sosplice_dump((u_long)so.so_sp); 1325 sockbuf_dump(&so.so_rcv, "so_rcv"); 1326 sockbuf_dump(&so.so_snd, "so_snd"); 1327 p("%u", so_euid, ", "); 1328 p("%u", so_ruid, ", "); 1329 p("%u", so_egid, ", "); 1330 p("%u", so_rgid, "\n "); 1331 p("%d", so_cpid, "\n"); 1332 #undef p 1333 #undef pp 1334 1335 protosw_dump((u_long)so.so_proto, (u_long)so.so_pcb); 1336 } 1337 1338 /* 1339 * Dump the contents of a struct sosplice 1340 */ 1341 void 1342 sosplice_dump(u_long off) 1343 { 1344 struct sosplice ssp; 1345 1346 if (off == 0) 1347 return; 1348 kread(off, &ssp, sizeof(ssp)); 1349 1350 #define p(fmt, v, sep) printf(#v " " fmt sep, ssp.v); 1351 #define pll(fmt, v, sep) printf(#v " " fmt sep, (long long) ssp.v); 1352 #define pp(fmt, v, sep) printf(#v " " fmt sep, ssp.v); 1353 pp("%p", ssp_socket, ", "); 1354 pp("%p", ssp_soback, "\n "); 1355 p("%lld", ssp_len, ", "); 1356 p("%lld", ssp_max, ", "); 1357 pll("%lld", ssp_idletv.tv_sec, ", "); 1358 p("%ld", ssp_idletv.tv_usec, "\n "); 1359 #undef p 1360 #undef pll 1361 #undef pp 1362 } 1363 1364 /* 1365 * Dump the contents of a socket buffer 1366 */ 1367 void 1368 sockbuf_dump(struct sockbuf *sb, const char *name) 1369 { 1370 #define p(fmt, v, sep) printf(#v " " fmt sep, sb->v); 1371 printf("%s ", name); 1372 p("%lu", sb_cc, ", "); 1373 p("%lu", sb_datacc, ", "); 1374 p("%lu", sb_hiwat, ", "); 1375 p("%lu", sb_wat, "\n "); 1376 printf("%s ", name); 1377 p("%lu", sb_mbcnt, ", "); 1378 p("%lu", sb_mbmax, ", "); 1379 p("%ld", sb_lowat, "\n "); 1380 printf("%s ", name); 1381 p("%#.8x", sb_flagsintr, ", "); 1382 p("%#.4x", sb_flags, ", "); 1383 p("%llu", sb_timeo_nsecs, "\n "); 1384 #undef p 1385 } 1386 1387 /* 1388 * Dump the contents of a protosw structure 1389 */ 1390 void 1391 protosw_dump(u_long off, u_long pcb) 1392 { 1393 struct protosw proto; 1394 1395 if (off == 0) 1396 return; 1397 kread(off, &proto, sizeof(proto)); 1398 1399 #define p(fmt, v, sep) printf(#v " " fmt sep, proto.v); 1400 #define pp(fmt, v, sep) printf(#v " " fmt sep, proto.v); 1401 printf("protosw %#lx\n ", off); 1402 p("%#.4x", pr_type, "\n "); 1403 pp("%p", pr_domain, "\n "); 1404 p("%d", pr_protocol, "\n "); 1405 p("%#.4x", pr_flags, "\n"); 1406 #undef p 1407 #undef pp 1408 1409 domain_dump((u_long)proto.pr_domain, pcb, proto.pr_protocol); 1410 } 1411 1412 /* 1413 * Dump the contents of a domain structure 1414 */ 1415 void 1416 domain_dump(u_long off, u_long pcb, short protocol) 1417 { 1418 struct domain dom; 1419 char name[256]; 1420 1421 if (off == 0) 1422 return; 1423 kread(off, &dom, sizeof(dom)); 1424 kread((u_long)dom.dom_name, name, sizeof(name)); 1425 1426 #define p(fmt, v, sep) printf(#v " " fmt sep, dom.v); 1427 printf("domain %#lx\n ", off); 1428 p("%d", dom_family, "\n "); 1429 printf("dom_name %.*s\n", (int)sizeof(name), name); 1430 #undef p 1431 } 1432 1433 /* 1434 * Dump the contents of a internet PCB 1435 */ 1436 void 1437 inpcb_dump(u_long off, short protocol, int af) 1438 { 1439 struct inpcb inp; 1440 char faddr[256], laddr[256], raddr[256]; 1441 1442 if (off == 0) 1443 return; 1444 kread(off, &inp, sizeof(inp)); 1445 1446 if (vflag) 1447 socket_dump((u_long)inp.inp_socket); 1448 1449 switch (af) { 1450 case AF_INET: 1451 inet_ntop(af, &inp.inp_faddr, faddr, sizeof(faddr)); 1452 inet_ntop(af, &inp.inp_laddr, laddr, sizeof(laddr)); 1453 inet_ntop(af, &((struct sockaddr_in *) 1454 (&inp.inp_route.ro_dst))->sin_addr, raddr, sizeof(raddr)); 1455 break; 1456 case AF_INET6: 1457 inet_ntop(af, &inp.inp_faddr6, faddr, sizeof(faddr)); 1458 inet_ntop(af, &inp.inp_laddr6, laddr, sizeof(laddr)); 1459 inet_ntop(af, &inp.inp_route6.ro_dst.sin6_addr, 1460 raddr, sizeof(raddr)); 1461 break; 1462 default: 1463 faddr[0] = laddr[0] = '\0'; 1464 } 1465 1466 #define p(fmt, v, sep) printf(#v " " fmt sep, inp.v); 1467 #define pp(fmt, v, sep) printf(#v " " fmt sep, inp.v); 1468 printf("inpcb %#lx\n ", off); 1469 pp("%p", inp_table, "\n "); 1470 printf("inp_faddru %s, inp_laddru %s\n ", faddr, laddr); 1471 HTONS(inp.inp_fport); 1472 HTONS(inp.inp_lport); 1473 p("%u", inp_fport, ", "); 1474 p("%u", inp_lport, "\n "); 1475 pp("%p", inp_socket, ", "); 1476 pp("%p", inp_ppcb, "\n "); 1477 pp("%p", inp_route.ro_rt, ", "); 1478 printf("ro_dst %s\n ", raddr); 1479 p("%#.8x", inp_flags, "\n "); 1480 p("%d", inp_hops, "\n "); 1481 p("%u", inp_seclevel[0], ", "); 1482 p("%u", inp_seclevel[1], ", "); 1483 p("%u", inp_seclevel[2], ", "); 1484 p("%u", inp_seclevel[3], "\n "); 1485 p("%u", inp_ip_minttl, "\n "); 1486 p("%d", inp_cksum6, "\n "); 1487 pp("%p", inp_icmp6filt, "\n "); 1488 pp("%p", inp_pf_sk, "\n "); 1489 p("%u", inp_rtableid, "\n "); 1490 p("%d", inp_pipex, "\n"); 1491 #undef p 1492 #undef pp 1493 1494 switch (protocol) { 1495 case IPPROTO_TCP: 1496 tcpcb_dump((u_long)inp.inp_ppcb); 1497 break; 1498 } 1499 } 1500 1501 /* 1502 * Dump the contents of a TCP PCB 1503 */ 1504 void 1505 tcpcb_dump(u_long off) 1506 { 1507 struct tcpcb tcpcb; 1508 1509 if (off == 0) 1510 return; 1511 kread(off, (char *)&tcpcb, sizeof (tcpcb)); 1512 1513 #define p(fmt, v, sep) printf(#v " " fmt sep, tcpcb.v); 1514 #define pp(fmt, v, sep) printf(#v " " fmt sep, tcpcb.v); 1515 printf("tcpcb %#lx\n ", off); 1516 pp("%p", t_inpcb, "\n "); 1517 p("%d", t_state, ""); 1518 if (tcpcb.t_state >= 0 && tcpcb.t_state < TCP_NSTATES) 1519 printf(" (%s)", tcpstates[tcpcb.t_state]); 1520 printf("\n "); 1521 p("%d", t_rxtshift, ", "); 1522 p("%d", t_rxtcur, ", "); 1523 p("%d", t_dupacks, "\n "); 1524 p("%u", t_maxseg, ", "); 1525 p("%u", t_maxopd, ", "); 1526 p("%u", t_peermss, "\n "); 1527 p("0x%x", t_flags, ", "); 1528 p("%u", t_force, "\n "); 1529 p("%u", iss, "\n "); 1530 p("%u", snd_una, ", "); 1531 p("%u", snd_nxt, ", "); 1532 p("%u", snd_up, "\n "); 1533 p("%u", snd_wl1, ", "); 1534 p("%u", snd_wl2, ", "); 1535 p("%lu", snd_wnd, "\n "); 1536 p("%d", sack_enable, ", "); 1537 p("%d", snd_numholes, ", "); 1538 p("%u", snd_last, "\n "); 1539 p("%u", irs, "\n "); 1540 p("%u", rcv_nxt, ", "); 1541 p("%u", rcv_up, ", "); 1542 p("%lu", rcv_wnd, "\n "); 1543 p("%u", rcv_lastsack, "\n "); 1544 p("%d", rcv_numsacks, "\n "); 1545 p("%u", rcv_adv, ", "); 1546 p("%u", snd_max, "\n "); 1547 p("%lu", snd_cwnd, ", "); 1548 p("%lu", snd_ssthresh, ", "); 1549 p("%lu", max_sndwnd, "\n "); 1550 p("%u", t_rcvtime, ", "); 1551 p("%u", t_rtttime, ", "); 1552 p("%u", t_rtseq, "\n "); 1553 p("%u", t_srtt, ", "); 1554 p("%u", t_rttvar, ", "); 1555 p("%u", t_rttmin, "\n "); 1556 p("%u", t_oobflags, ", "); 1557 p("%u", t_iobc, "\n "); 1558 p("%u", t_softerror, "\n "); 1559 p("%u", snd_scale, ", "); 1560 p("%u", rcv_scale, ", "); 1561 p("%u", request_r_scale, ", "); 1562 p("%u", requested_s_scale, "\n "); 1563 p("%u", ts_recent, ", "); 1564 p("%u", ts_recent_age, "\n "); 1565 p("%u", last_ack_sent, "\n "); 1566 HTONS(tcpcb.t_pmtud_ip_len); 1567 HTONS(tcpcb.t_pmtud_nextmtu); 1568 p("%u", t_pmtud_mss_acked, ", "); 1569 p("%u", t_pmtud_mtu_sent, "\n "); 1570 p("%u", t_pmtud_nextmtu, ", "); 1571 p("%u", t_pmtud_ip_len, ", "); 1572 p("%u", t_pmtud_ip_hl, "\n "); 1573 p("%u", t_pmtud_th_seq, "\n "); 1574 p("%u", pf, "\n"); 1575 #undef p 1576 #undef pp 1577 } 1578