1 /* $NetBSD: inet.c,v 1.38 1999/11/19 10:44:33 bouyer Exp $ */ 2 3 /* 4 * Copyright (c) 1983, 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by the University of 18 * California, Berkeley and its contributors. 19 * 4. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 #ifndef lint 38 #if 0 39 static char sccsid[] = "from: @(#)inet.c 8.4 (Berkeley) 4/20/94"; 40 #else 41 __RCSID("$NetBSD: inet.c,v 1.38 1999/11/19 10:44:33 bouyer Exp $"); 42 #endif 43 #endif /* not lint */ 44 45 #include <sys/param.h> 46 #include <sys/queue.h> 47 #include <sys/socket.h> 48 #include <sys/socketvar.h> 49 #include <sys/mbuf.h> 50 #include <sys/protosw.h> 51 52 #include <net/route.h> 53 #include <netinet/in.h> 54 #include <netinet/in_systm.h> 55 #include <netinet/ip.h> 56 #include <netinet/in_pcb.h> 57 #include <netinet/ip_icmp.h> 58 59 #ifdef INET6 60 #include <netinet/ip6.h> 61 #endif 62 63 #include <netinet/icmp_var.h> 64 #include <netinet/igmp_var.h> 65 #include <netinet/ip_var.h> 66 #include <netinet/tcp.h> 67 #include <netinet/tcpip.h> 68 #include <netinet/tcp_seq.h> 69 #define TCPSTATES 70 #include <netinet/tcp_fsm.h> 71 #define TCPTIMERS 72 #include <netinet/tcp_timer.h> 73 #include <netinet/tcp_var.h> 74 #include <netinet/tcp_debug.h> 75 #include <netinet/udp.h> 76 #include <netinet/udp_var.h> 77 #ifdef IPSEC 78 #include <netinet6/ipsec.h> 79 #endif 80 81 #include <arpa/inet.h> 82 #include <netdb.h> 83 #include <stdio.h> 84 #include <string.h> 85 #include <unistd.h> 86 #include "netstat.h" 87 88 struct inpcb inpcb; 89 struct tcpcb tcpcb; 90 struct socket sockb; 91 92 char *inetname __P((struct in_addr *)); 93 void inetprint __P((struct in_addr *, u_int16_t, const char *, int)); 94 95 /* 96 * Print a summary of connections related to an Internet 97 * protocol. For TCP, also give state of connection. 98 * Listening processes (aflag) are suppressed unless the 99 * -a (all) flag is specified. 100 */ 101 static int width; 102 103 void 104 protopr(off, name) 105 u_long off; 106 char *name; 107 { 108 struct inpcbtable table; 109 struct inpcb *head, *next, *prev; 110 struct inpcb inpcb; 111 int istcp, compact; 112 static int first = 1; 113 static char *shorttcpstates[] = { 114 "CLOSED", "LISTEN", "SYNSEN", "SYSRCV", 115 "ESTABL", "CLWAIT", "FWAIT1", "CLOSNG", 116 "LASTAK", "FWAIT2", "TMWAIT", 117 }; 118 119 if (off == 0) 120 return; 121 istcp = strcmp(name, "tcp") == 0; 122 kread(off, (char *)&table, sizeof table); 123 prev = head = 124 (struct inpcb *)&((struct inpcbtable *)off)->inpt_queue.cqh_first; 125 next = table.inpt_queue.cqh_first; 126 127 compact = 0; 128 if (Aflag) { 129 if (!nflag) 130 width = 18; 131 else { 132 width = 21; 133 compact = 1; 134 } 135 } else 136 width = 22; 137 while (next != head) { 138 kread((u_long)next, (char *)&inpcb, sizeof inpcb); 139 if (inpcb.inp_queue.cqe_prev != prev) { 140 printf("???\n"); 141 break; 142 } 143 prev = next; 144 next = inpcb.inp_queue.cqe_next; 145 146 if (!aflag && 147 inet_lnaof(inpcb.inp_laddr) == INADDR_ANY) 148 continue; 149 kread((u_long)inpcb.inp_socket, (char *)&sockb, sizeof (sockb)); 150 if (istcp) { 151 kread((u_long)inpcb.inp_ppcb, 152 (char *)&tcpcb, sizeof (tcpcb)); 153 } 154 if (first) { 155 printf("Active Internet connections"); 156 if (aflag) 157 printf(" (including servers)"); 158 putchar('\n'); 159 if (Aflag) 160 printf("%-8.8s ", "PCB"); 161 printf("%-5.5s %-6.6s %-6.6s %s%-*.*s %-*.*s %s\n", 162 "Proto", "Recv-Q", "Send-Q", 163 compact ? "" : " ", 164 width, width, "Local Address", 165 width, width, "Foreign Address", "State"); 166 first = 0; 167 } 168 if (Aflag) { 169 if (istcp) 170 printf("%8lx ", (u_long) inpcb.inp_ppcb); 171 else 172 printf("%8lx ", (u_long) prev); 173 } 174 printf("%-5.5s %6ld %6ld%s", name, sockb.so_rcv.sb_cc, 175 sockb.so_snd.sb_cc, compact ? "" : " "); 176 if (nflag) { 177 inetprint(&inpcb.inp_laddr, inpcb.inp_lport, name, 1); 178 inetprint(&inpcb.inp_faddr, inpcb.inp_fport, name, 1); 179 } else if (inpcb.inp_flags & INP_ANONPORT) { 180 inetprint(&inpcb.inp_laddr, inpcb.inp_lport, name, 1); 181 inetprint(&inpcb.inp_faddr, inpcb.inp_fport, name, 0); 182 } else { 183 inetprint(&inpcb.inp_laddr, inpcb.inp_lport, name, 0); 184 inetprint(&inpcb.inp_faddr, inpcb.inp_fport, name, 185 inpcb.inp_lport != inpcb.inp_fport); 186 } 187 if (istcp) { 188 if (tcpcb.t_state < 0 || tcpcb.t_state >= TCP_NSTATES) 189 printf(" %d", tcpcb.t_state); 190 else 191 printf(" %s", compact ? 192 shorttcpstates[tcpcb.t_state] : 193 tcpstates[tcpcb.t_state]); 194 } 195 putchar('\n'); 196 } 197 } 198 199 /* 200 * Dump TCP statistics structure. 201 */ 202 void 203 tcp_stats(off, name) 204 u_long off; 205 char *name; 206 { 207 struct tcpstat tcpstat; 208 209 if (off == 0) 210 return; 211 printf ("%s:\n", name); 212 kread(off, (char *)&tcpstat, sizeof (tcpstat)); 213 214 #define ps(f, m) if (tcpstat.f || sflag <= 1) \ 215 printf(m, (unsigned long long)tcpstat.f) 216 #define p(f, m) if (tcpstat.f || sflag <= 1) \ 217 printf(m, (unsigned long long)tcpstat.f, plural(tcpstat.f)) 218 #define p2(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 219 printf(m, (unsigned long long)tcpstat.f1, plural(tcpstat.f1), \ 220 (unsigned long long)tcpstat.f2, plural(tcpstat.f2)) 221 #define p2s(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 222 printf(m, (unsigned long long)tcpstat.f1, plural(tcpstat.f1), \ 223 (unsigned long long)tcpstat.f2) 224 #define p3(f, m) if (tcpstat.f || sflag <= 1) \ 225 printf(m, (unsigned long long)tcpstat.f, plurales(tcpstat.f)) 226 227 p(tcps_sndtotal, "\t%llu packet%s sent\n"); 228 p2(tcps_sndpack,tcps_sndbyte, 229 "\t\t%llu data packet%s (%llu byte%s)\n"); 230 p2(tcps_sndrexmitpack, tcps_sndrexmitbyte, 231 "\t\t%llu data packet%s (%llu byte%s) retransmitted\n"); 232 p2s(tcps_sndacks, tcps_delack, 233 "\t\t%llu ack-only packet%s (%llu delayed)\n"); 234 p(tcps_sndurg, "\t\t%llu URG only packet%s\n"); 235 p(tcps_sndprobe, "\t\t%llu window probe packet%s\n"); 236 p(tcps_sndwinup, "\t\t%llu window update packet%s\n"); 237 p(tcps_sndctrl, "\t\t%llu control packet%s\n"); 238 p(tcps_rcvtotal, "\t%llu packet%s received\n"); 239 p2(tcps_rcvackpack, tcps_rcvackbyte, 240 "\t\t%llu ack%s (for %llu byte%s)\n"); 241 p(tcps_rcvdupack, "\t\t%llu duplicate ack%s\n"); 242 p(tcps_rcvacktoomuch, "\t\t%llu ack%s for unsent data\n"); 243 p2(tcps_rcvpack, tcps_rcvbyte, 244 "\t\t%llu packet%s (%llu byte%s) received in-sequence\n"); 245 p2(tcps_rcvduppack, tcps_rcvdupbyte, 246 "\t\t%llu completely duplicate packet%s (%llu byte%s)\n"); 247 p(tcps_pawsdrop, "\t\t%llu old duplicate packet%s\n"); 248 p2(tcps_rcvpartduppack, tcps_rcvpartdupbyte, 249 "\t\t%llu packet%s with some dup. data (%llu byte%s duped)\n"); 250 p2(tcps_rcvoopack, tcps_rcvoobyte, 251 "\t\t%llu out-of-order packet%s (%llu byte%s)\n"); 252 p2(tcps_rcvpackafterwin, tcps_rcvbyteafterwin, 253 "\t\t%llu packet%s (%llu byte%s) of data after window\n"); 254 p(tcps_rcvwinprobe, "\t\t%llu window probe%s\n"); 255 p(tcps_rcvwinupd, "\t\t%llu window update packet%s\n"); 256 p(tcps_rcvafterclose, "\t\t%llu packet%s received after close\n"); 257 p(tcps_rcvbadsum, "\t\t%llu discarded for bad checksum%s\n"); 258 p(tcps_rcvbadoff, "\t\t%llu discarded for bad header offset field%s\n"); 259 ps(tcps_rcvshort, "\t\t%llu discarded because packet too short\n"); 260 p(tcps_connattempt, "\t%llu connection request%s\n"); 261 p(tcps_accepts, "\t%llu connection accept%s\n"); 262 p(tcps_connects, 263 "\t%llu connection%s established (including accepts)\n"); 264 p2(tcps_closed, tcps_drops, 265 "\t%llu connection%s closed (including %llu drop%s)\n"); 266 p(tcps_conndrops, "\t%llu embryonic connection%s dropped\n"); 267 p2(tcps_rttupdated, tcps_segstimed, 268 "\t%llu segment%s updated rtt (of %llu attempt%s)\n"); 269 p(tcps_rexmttimeo, "\t%llu retransmit timeout%s\n"); 270 p(tcps_timeoutdrop, 271 "\t\t%llu connection%s dropped by rexmit timeout\n"); 272 p2(tcps_persisttimeo, tcps_persistdrops, 273 "\t%llu persist timeout%s (resulting in %llu dropped " 274 "connection%s)\n"); 275 p(tcps_keeptimeo, "\t%llu keepalive timeout%s\n"); 276 p(tcps_keepprobe, "\t\t%llu keepalive probe%s sent\n"); 277 p(tcps_keepdrops, "\t\t%llu connection%s dropped by keepalive\n"); 278 p(tcps_predack, "\t%llu correct ACK header prediction%s\n"); 279 p(tcps_preddat, "\t%llu correct data packet header prediction%s\n"); 280 p3(tcps_pcbhashmiss, "\t%llu PCB hash miss%s\n"); 281 ps(tcps_noport, "\t%llu dropped due to no socket\n"); 282 p(tcps_connsdrained, "\t%llu connection%s drained due to memory " 283 "shortage\n"); 284 285 p(tcps_badsyn, "\t%llu bad connection attempt%s\n"); 286 ps(tcps_sc_added, "\t%llu SYN cache entries added\n"); 287 p(tcps_sc_collisions, "\t\t%llu hash collision%s\n"); 288 ps(tcps_sc_completed, "\t\t%llu completed\n"); 289 ps(tcps_sc_aborted, "\t\t%llu aborted (no space to build PCB)\n"); 290 ps(tcps_sc_timed_out, "\t\t%llu timed out\n"); 291 ps(tcps_sc_overflowed, "\t\t%llu dropped due to overflow\n"); 292 ps(tcps_sc_bucketoverflow, "\t\t%llu dropped due to bucket overflow\n"); 293 ps(tcps_sc_reset, "\t\t%llu dropped due to RST\n"); 294 ps(tcps_sc_unreach, "\t\t%llu dropped due to ICMP unreachable\n"); 295 p(tcps_sc_retransmitted, "\t%llu SYN,ACK%s retransmitted\n"); 296 p(tcps_sc_dupesyn, "\t%llu duplicate SYN%s received for entries " 297 "already in the cache\n"); 298 p(tcps_sc_dropped, "\t%llu SYN%s dropped (no route or no space)\n"); 299 300 #undef p 301 #undef ps 302 #undef p2 303 #undef p2s 304 #undef p3 305 } 306 307 /* 308 * Dump UDP statistics structure. 309 */ 310 void 311 udp_stats(off, name) 312 u_long off; 313 char *name; 314 { 315 struct udpstat udpstat; 316 u_quad_t delivered; 317 318 if (off == 0) 319 return; 320 printf("%s:\n", name); 321 kread(off, (char *)&udpstat, sizeof (udpstat)); 322 323 #define ps(f, m) if (udpstat.f || sflag <= 1) \ 324 printf(m, (unsigned long long)udpstat.f) 325 #define p(f, m) if (udpstat.f || sflag <= 1) \ 326 printf(m, (unsigned long long)udpstat.f, plural(udpstat.f)) 327 #define p3(f, m) if (udpstat.f || sflag <= 1) \ 328 printf(m, (unsigned long long)udpstat.f, plurales(udpstat.f)) 329 330 p(udps_ipackets, "\t%llu datagram%s received\n"); 331 ps(udps_hdrops, "\t%llu with incomplete header\n"); 332 ps(udps_badlen, "\t%llu with bad data length field\n"); 333 ps(udps_badsum, "\t%llu with bad checksum\n"); 334 ps(udps_noport, "\t%llu dropped due to no socket\n"); 335 p(udps_noportbcast, "\t%llu broadcast/multicast datagram%s dropped due to no socket\n"); 336 ps(udps_fullsock, "\t%llu dropped due to full socket buffers\n"); 337 delivered = udpstat.udps_ipackets - 338 udpstat.udps_hdrops - 339 udpstat.udps_badlen - 340 udpstat.udps_badsum - 341 udpstat.udps_noport - 342 udpstat.udps_noportbcast - 343 udpstat.udps_fullsock; 344 if (delivered || sflag <= 1) 345 printf("\t%llu delivered\n", (unsigned long long)delivered); 346 p3(udps_pcbhashmiss, "\t%llu PCB hash miss%s\n"); 347 p(udps_opackets, "\t%llu datagram%s output\n"); 348 349 #undef ps 350 #undef p 351 #undef p3 352 } 353 354 /* 355 * Dump IP statistics structure. 356 */ 357 void 358 ip_stats(off, name) 359 u_long off; 360 char *name; 361 { 362 struct ipstat ipstat; 363 364 if (off == 0) 365 return; 366 kread(off, (char *)&ipstat, sizeof (ipstat)); 367 printf("%s:\n", name); 368 369 #define ps(f, m) if (ipstat.f || sflag <= 1) \ 370 printf(m, (unsigned long long)ipstat.f) 371 #define p(f, m) if (ipstat.f || sflag <= 1) \ 372 printf(m, (unsigned long long)ipstat.f, plural(ipstat.f)) 373 374 p(ips_total, "\t%llu total packet%s received\n"); 375 p(ips_badsum, "\t%llu bad header checksum%s\n"); 376 ps(ips_toosmall, "\t%llu with size smaller than minimum\n"); 377 ps(ips_tooshort, "\t%llu with data size < data length\n"); 378 ps(ips_toolong, "\t%llu with length > max ip packet size\n"); 379 ps(ips_badhlen, "\t%llu with header length < data size\n"); 380 ps(ips_badlen, "\t%llu with data length < header length\n"); 381 ps(ips_badoptions, "\t%llu with bad options\n"); 382 ps(ips_badvers, "\t%llu with incorrect version number\n"); 383 p(ips_fragments, "\t%llu fragment%s received"); 384 p(ips_fragdropped, "\t%llu fragment%s dropped (dup or out of space)\n"); 385 p(ips_badfrags, "\t%llu malformed fragment%s dropped\n"); 386 p(ips_fragtimeout, "\t%llu fragment%s dropped after timeout\n"); 387 p(ips_reassembled, "\t%llu packet%s reassembled ok\n"); 388 p(ips_delivered, "\t%llu packet%s for this host\n"); 389 p(ips_noproto, "\t%llu packet%s for unknown/unsupported protocol\n"); 390 p(ips_forward, "\t%llu packet%s forwarded"); 391 p(ips_fastforward, " (%llu packet%s fast forwarded)"); 392 if (ipstat.ips_forward || sflag <= 1) 393 putchar('\n'); 394 p(ips_cantforward, "\t%llu packet%s not forwardable\n"); 395 p(ips_redirectsent, "\t%llu redirect%s sent\n"); 396 p(ips_localout, "\t%llu packet%s sent from this host\n"); 397 p(ips_rawout, "\t%llu packet%s sent with fabricated ip header\n"); 398 p(ips_odropped, "\t%llu output packet%s dropped due to no bufs, etc.\n"); 399 p(ips_noroute, "\t%llu output packet%s discarded due to no route\n"); 400 p(ips_fragmented, "\t%llu output datagram%s fragmented\n"); 401 p(ips_ofragments, "\t%llu fragment%s created\n"); 402 p(ips_cantfrag, "\t%llu datagram%s that can't be fragmented\n"); 403 #undef ps 404 #undef p 405 } 406 407 static char *icmpnames[] = { 408 "echo reply", 409 "#1", 410 "#2", 411 "destination unreachable", 412 "source quench", 413 "routing redirect", 414 "#6", 415 "#7", 416 "echo", 417 "#9", 418 "#10", 419 "time exceeded", 420 "parameter problem", 421 "time stamp", 422 "time stamp reply", 423 "information request", 424 "information request reply", 425 "address mask request", 426 "address mask reply", 427 }; 428 429 /* 430 * Dump ICMP statistics. 431 */ 432 void 433 icmp_stats(off, name) 434 u_long off; 435 char *name; 436 { 437 struct icmpstat icmpstat; 438 int i, first; 439 440 if (off == 0) 441 return; 442 kread(off, (char *)&icmpstat, sizeof (icmpstat)); 443 printf("%s:\n", name); 444 445 #define p(f, m) if (icmpstat.f || sflag <= 1) \ 446 printf(m, (unsigned long long)icmpstat.f, plural(icmpstat.f)) 447 448 p(icps_error, "\t%llu call%s to icmp_error\n"); 449 p(icps_oldicmp, 450 "\t%llu error%s not generated because old message was icmp\n"); 451 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 452 if (icmpstat.icps_outhist[i] != 0) { 453 if (first) { 454 printf("\tOutput histogram:\n"); 455 first = 0; 456 } 457 printf("\t\t%s: %llu\n", icmpnames[i], 458 (unsigned long long)icmpstat.icps_outhist[i]); 459 } 460 p(icps_badcode, "\t%llu message%s with bad code fields\n"); 461 p(icps_tooshort, "\t%llu message%s < minimum length\n"); 462 p(icps_checksum, "\t%llu bad checksum%s\n"); 463 p(icps_badlen, "\t%llu message%s with bad length\n"); 464 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 465 if (icmpstat.icps_inhist[i] != 0) { 466 if (first) { 467 printf("\tInput histogram:\n"); 468 first = 0; 469 } 470 printf("\t\t%s: %llu\n", icmpnames[i], 471 (unsigned long long)icmpstat.icps_inhist[i]); 472 } 473 p(icps_reflect, "\t%llu message response%s generated\n"); 474 #undef p 475 } 476 477 /* 478 * Dump IGMP statistics structure. 479 */ 480 void 481 igmp_stats(off, name) 482 u_long off; 483 char *name; 484 { 485 struct igmpstat igmpstat; 486 487 if (off == 0) 488 return; 489 kread(off, (char *)&igmpstat, sizeof (igmpstat)); 490 printf("%s:\n", name); 491 492 #define p(f, m) if (igmpstat.f || sflag <= 1) \ 493 printf(m, (unsigned long long)igmpstat.f, plural(igmpstat.f)) 494 #define py(f, m) if (igmpstat.f || sflag <= 1) \ 495 printf(m, (unsigned long long)igmpstat.f, igmpstat.f != 1 ? "ies" : "y") 496 p(igps_rcv_total, "\t%llu message%s received\n"); 497 p(igps_rcv_tooshort, "\t%llu message%s received with too few bytes\n"); 498 p(igps_rcv_badsum, "\t%llu message%s received with bad checksum\n"); 499 py(igps_rcv_queries, "\t%llu membership quer%s received\n"); 500 py(igps_rcv_badqueries, "\t%llu membership quer%s received with invalid field(s)\n"); 501 p(igps_rcv_reports, "\t%llu membership report%s received\n"); 502 p(igps_rcv_badreports, "\t%llu membership report%s received with invalid field(s)\n"); 503 p(igps_rcv_ourreports, "\t%llu membership report%s received for groups to which we belong\n"); 504 p(igps_snd_reports, "\t%llu membership report%s sent\n"); 505 #undef p 506 #undef py 507 } 508 509 #ifdef IPSEC 510 static char *ipsec_ahnames[] = { 511 "none", 512 "hmac MD5", 513 "hmac SHA1", 514 "keyed MD5", 515 "keyed SHA1", 516 "null", 517 }; 518 519 static char *ipsec_espnames[] = { 520 "none", 521 "DES CBC", 522 "3DES CBC", 523 "simple", 524 "blowfish CBC", 525 "CAST128 CBC", 526 "DES derived IV", 527 }; 528 529 /* 530 * Dump IPSEC statistics structure. 531 */ 532 void 533 ipsec_stats(off, name) 534 u_long off; 535 char *name; 536 { 537 struct ipsecstat ipsecstat; 538 int first, proto; 539 540 if (off == 0) 541 return; 542 printf ("%s:\n", name); 543 kread(off, (char *)&ipsecstat, sizeof (ipsecstat)); 544 545 #define p(f, m) if (ipsecstat.f || sflag <= 1) \ 546 printf(m, (unsigned long long)ipsecstat.f, plural(ipsecstat.f)) 547 548 p(in_success, "\t%llu inbound packet%s processed successfully\n"); 549 p(in_polvio, "\t%llu inbound packet%s violated process security " 550 "policy\n"); 551 p(in_nosa, "\t%llu inbound packet%s with no SA available\n"); 552 p(in_inval, 553 "\t%llu inbound packet%s failed processing due to EINVAL\n"); 554 p(in_badspi, "\t%llu inbound packet%s failed getting SPI\n"); 555 p(in_ahreplay, "\t%llu inbound packet%s failed on AH replay check\n"); 556 p(in_espreplay, "\t%llu inbound packet%s failed on ESP replay check\n"); 557 p(in_ahauthsucc, "\t%llu inbound packet%s considered authentic\n"); 558 p(in_ahauthfail, "\t%llu inbound packet%s failed on authentication\n"); 559 for (first = 1, proto = 0; proto < SADB_AALG_MAX; proto++) { 560 if (ipsecstat.in_ahhist[proto] <= 0) 561 continue; 562 if (first) { 563 printf("\tAH input histogram:\n"); 564 first = 0; 565 } 566 printf("\t\t%s: %llu\n", 567 ipsec_ahnames[proto], 568 (unsigned long long)ipsecstat.in_ahhist[proto]); 569 } 570 for (first = 1, proto = 0; proto < SADB_EALG_MAX; proto++) { 571 if (ipsecstat.in_esphist[proto] <= 0) 572 continue; 573 if (first) { 574 printf("\tESP input histogram:\n"); 575 first = 0; 576 } 577 printf("\t\t%s: %llu\n", ipsec_espnames[proto], 578 (unsigned long long)ipsecstat.in_esphist[proto]); 579 } 580 581 p(out_success, "\t%llu outbound packet%s processed successfully\n"); 582 p(out_polvio, "\t%llu outbound packet%s violated process security " 583 "policy\n"); 584 p(out_nosa, "\t%llu outbound packet%s with no SA available\n"); 585 p(out_inval, "\t%llu outbound packet%s failed processing due to " 586 "EINVAL\n"); 587 p(out_noroute, "\t%llu outbound packet%s with no route\n"); 588 for (first = 1, proto = 0; proto < SADB_AALG_MAX; proto++) { 589 if (ipsecstat.out_ahhist[proto] <= 0) 590 continue; 591 if (first) { 592 printf("\tAH output histogram:\n"); 593 first = 0; 594 } 595 printf("\t\t%s: %llu\n", ipsec_ahnames[proto], 596 (unsigned long long)ipsecstat.out_ahhist[proto]); 597 } 598 for (first = 1, proto = 0; proto < SADB_EALG_MAX; proto++) { 599 if (ipsecstat.out_esphist[proto] <= 0) 600 continue; 601 if (first) { 602 printf("\tESP output histogram:\n"); 603 first = 0; 604 } 605 printf("\t\t%s: %llu\n", ipsec_espnames[proto], 606 (unsigned long long)ipsecstat.out_esphist[proto]); 607 } 608 #undef p 609 } 610 #endif /*IPSEC*/ 611 612 /* 613 * Pretty print an Internet address (net address + port). 614 * If the nflag was specified, use numbers instead of names. 615 */ 616 void 617 inetprint(in, port, proto, numeric) 618 struct in_addr *in; 619 u_int16_t port; 620 const char *proto; 621 int numeric; 622 { 623 struct servent *sp = 0; 624 char line[80], *cp; 625 size_t space; 626 627 (void)snprintf(line, sizeof line, "%.*s.", 628 (Aflag && !nflag) ? 12 : 16, inetname(in)); 629 cp = strchr(line, '\0'); 630 if (!numeric && port) 631 sp = getservbyport((int)port, proto); 632 space = sizeof line - (cp-line); 633 if (sp || port == 0) 634 (void)snprintf(cp, space, "%.8s", sp ? sp->s_name : "*"); 635 else 636 (void)snprintf(cp, space, "%u", ntohs(port)); 637 (void)printf(" %-*.*s", width, width, line); 638 } 639 640 /* 641 * Construct an Internet address representation. 642 * If the nflag has been supplied, give 643 * numeric value, otherwise try for symbolic name. 644 */ 645 char * 646 inetname(inp) 647 struct in_addr *inp; 648 { 649 char *cp; 650 static char line[50]; 651 struct hostent *hp; 652 struct netent *np; 653 static char domain[MAXHOSTNAMELEN + 1]; 654 static int first = 1; 655 656 if (first && !nflag) { 657 first = 0; 658 if (gethostname(domain, sizeof domain) == 0) { 659 domain[sizeof(domain) - 1] = '\0'; 660 if ((cp = strchr(domain, '.'))) 661 (void) strcpy(domain, cp + 1); 662 else 663 domain[0] = 0; 664 } else 665 domain[0] = 0; 666 } 667 cp = 0; 668 if (!nflag && inp->s_addr != INADDR_ANY) { 669 int net = inet_netof(*inp); 670 int lna = inet_lnaof(*inp); 671 672 if (lna == INADDR_ANY) { 673 np = getnetbyaddr(net, AF_INET); 674 if (np) 675 cp = np->n_name; 676 } 677 if (cp == 0) { 678 hp = gethostbyaddr((char *)inp, sizeof (*inp), AF_INET); 679 if (hp) { 680 if ((cp = strchr(hp->h_name, '.')) && 681 !strcmp(cp + 1, domain)) 682 *cp = 0; 683 cp = hp->h_name; 684 } 685 } 686 } 687 if (inp->s_addr == INADDR_ANY) 688 strncpy(line, "*", sizeof line); 689 else if (cp) 690 strncpy(line, cp, sizeof line); 691 else { 692 inp->s_addr = ntohl(inp->s_addr); 693 #define C(x) ((x) & 0xff) 694 (void)snprintf(line, sizeof line, "%u.%u.%u.%u", 695 C(inp->s_addr >> 24), C(inp->s_addr >> 16), 696 C(inp->s_addr >> 8), C(inp->s_addr)); 697 #undef C 698 } 699 line[sizeof(line) - 1] = '\0'; 700 return (line); 701 } 702 703 /* 704 * Dump the contents of a TCP PCB. 705 */ 706 void 707 tcp_dump(pcbaddr) 708 u_long pcbaddr; 709 { 710 struct tcpcb tcpcb; 711 int i; 712 713 kread(pcbaddr, (char *)&tcpcb, sizeof(tcpcb)); 714 715 printf("TCP Protocol Control Block at 0x%08lx:\n\n", pcbaddr); 716 717 printf("Timers:\n"); 718 for (i = 0; i < TCPT_NTIMERS; i++) 719 printf("\t%s: %u", tcptimers[i], tcpcb.t_timer[i]); 720 printf("\n\n"); 721 722 if (tcpcb.t_state < 0 || tcpcb.t_state >= TCP_NSTATES) 723 printf("State: %d", tcpcb.t_state); 724 else 725 printf("State: %s", tcpstates[tcpcb.t_state]); 726 printf(", flags 0x%x, inpcb 0x%lx\n\n", tcpcb.t_flags, 727 (u_long)tcpcb.t_inpcb); 728 729 printf("rxtshift %d, rxtcur %d, dupacks %d\n", tcpcb.t_rxtshift, 730 tcpcb.t_rxtcur, tcpcb.t_dupacks); 731 printf("peermss %u, ourmss %u, segsz %u\n\n", tcpcb.t_peermss, 732 tcpcb.t_ourmss, tcpcb.t_segsz); 733 734 printf("snd_una %u, snd_nxt %u, snd_up %u\n", 735 tcpcb.snd_una, tcpcb.snd_nxt, tcpcb.snd_up); 736 printf("snd_wl1 %u, snd_wl2 %u, iss %u, snd_wnd %lu\n\n", 737 tcpcb.snd_wl1, tcpcb.snd_wl2, tcpcb.iss, tcpcb.snd_wnd); 738 739 printf("rcv_wnd %lu, rcv_nxt %u, rcv_up %u, irs %u\n\n", 740 tcpcb.rcv_wnd, tcpcb.rcv_nxt, tcpcb.rcv_up, tcpcb.irs); 741 742 printf("rcv_adv %u, snd_max %u, snd_cwnd %lu, snd_ssthresh %lu\n", 743 tcpcb.rcv_adv, tcpcb.snd_max, tcpcb.snd_cwnd, tcpcb.snd_ssthresh); 744 745 printf("idle %d, rtt %d, rtseq %u, srtt %d, rttvar %d, rttmin %d, " 746 "max_sndwnd %lu\n\n", tcpcb.t_idle, tcpcb.t_rtt, tcpcb.t_rtseq, 747 tcpcb.t_srtt, tcpcb.t_rttvar, tcpcb.t_rttmin, tcpcb.max_sndwnd); 748 749 printf("oobflags %d, iobc %d, softerror %d\n\n", tcpcb.t_oobflags, 750 tcpcb.t_iobc, tcpcb.t_softerror); 751 752 printf("snd_scale %d, rcv_scale %d, req_r_scale %d, req_s_scale %d\n", 753 tcpcb.snd_scale, tcpcb.rcv_scale, tcpcb.request_r_scale, 754 tcpcb.requested_s_scale); 755 printf("ts_recent %u, ts_regent_age %d, last_ack_sent %u\n", 756 tcpcb.ts_recent, tcpcb.ts_recent_age, tcpcb.last_ack_sent); 757 } 758