1 /* $OpenBSD: inet.c,v 1.174 2022/08/12 14:49:15 bluhm Exp $ */ 2 /* $NetBSD: inet.c,v 1.14 1995/10/03 21:42:37 thorpej Exp $ */ 3 4 /* 5 * Copyright (c) 1983, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include <sys/queue.h> 34 #include <sys/socket.h> 35 #include <sys/socketvar.h> 36 #include <sys/domain.h> 37 #include <sys/protosw.h> 38 #include <sys/sysctl.h> 39 #define _KERNEL 40 #include <sys/file.h> 41 #undef _KERNEL 42 43 #include <net/route.h> 44 #include <netinet/in.h> 45 #include <netinet/ip.h> 46 #include <netinet/in_pcb.h> 47 #include <netinet/ip_icmp.h> 48 #include <netinet/icmp_var.h> 49 #include <netinet/igmp_var.h> 50 #include <netinet/ip_var.h> 51 #include <netinet/tcp.h> 52 #include <netinet/tcp_seq.h> 53 #define TCPSTATES 54 #include <netinet/tcp_fsm.h> 55 #include <netinet/tcp_timer.h> 56 #include <netinet/tcp_var.h> 57 #include <netinet/udp.h> 58 #include <netinet/udp_var.h> 59 #include <netinet/ip_ipsp.h> 60 #include <netinet/ip_ah.h> 61 #include <netinet/ip_esp.h> 62 #include <netinet/ip_ipip.h> 63 #include <netinet/ip_ipcomp.h> 64 #include <netinet/ip_ether.h> 65 #include <netinet/ip_carp.h> 66 #include <netinet/ip_divert.h> 67 #include <net/if.h> 68 #include <net/pfvar.h> 69 #include <net/if_pfsync.h> 70 #include <net/if_pflow.h> 71 72 #include <rpc/rpc.h> 73 #include <rpc/pmap_prot.h> 74 #include <rpc/pmap_clnt.h> 75 76 #include <arpa/inet.h> 77 #include <err.h> 78 #include <limits.h> 79 #include <netdb.h> 80 #include <stdio.h> 81 #include <string.h> 82 #include <unistd.h> 83 #include <stdlib.h> 84 #include <errno.h> 85 #include "netstat.h" 86 87 struct inpcb inpcb; 88 struct tcpcb tcpcb; 89 90 char *inetname(struct in_addr *); 91 void inetprint(struct in_addr *, in_port_t, const char *, int); 92 char *inet6name(struct in6_addr *); 93 void sosplice_dump(u_long); 94 void sockbuf_dump(struct sockbuf *, const char *); 95 void protosw_dump(u_long, u_long); 96 void domain_dump(u_long, u_long, short); 97 void inpcb_dump(u_long, short, int); 98 void tcpcb_dump(u_long); 99 int kf_comp(const void *, const void *); 100 101 int type_map[] = { -1, 2, 3, 1, 4, 5 }; 102 103 int 104 kf_comp(const void *a, const void *b) 105 { 106 const struct kinfo_file *ka = a, *kb = b; 107 108 if (ka->so_family != kb->so_family) { 109 /* AF_INET < AF_INET6 < AF_LOCAL */ 110 if (ka->so_family == AF_INET) 111 return (-1); 112 if (ka->so_family == AF_LOCAL) 113 return (1); 114 if (kb->so_family == AF_LOCAL) 115 return (-1); 116 return (1); 117 } 118 if (ka->so_family == AF_LOCAL) { 119 if (type_map[ka->so_type] < type_map[kb->so_type]) 120 return (-1); 121 if (type_map[ka->so_type] > type_map[kb->so_type]) 122 return (1); 123 } else if (ka->so_family == AF_INET || ka->so_family == AF_INET6) { 124 if (ka->so_protocol < kb->so_protocol) 125 return (-1); 126 if (ka->so_protocol > kb->so_protocol) 127 return (1); 128 if (ka->so_type == SOCK_DGRAM || ka->so_type == SOCK_STREAM) { 129 /* order sockets by remote port desc */ 130 if (ka->inp_fport > kb->inp_fport) 131 return (-1); 132 if (ka->inp_fport < kb->inp_fport) 133 return (1); 134 } else if (ka->so_type == SOCK_RAW) { 135 if (ka->inp_proto > kb->inp_proto) 136 return (-1); 137 if (ka->inp_proto < kb->inp_proto) 138 return (1); 139 } 140 } 141 return (0); 142 } 143 144 void 145 protopr(kvm_t *kvmd, u_long pcbaddr, u_int tableid, int proto) 146 { 147 struct kinfo_file *kf; 148 int i, fcnt; 149 150 kf = kvm_getfiles(kvmd, KERN_FILE_BYFILE, DTYPE_SOCKET, 151 sizeof(*kf), &fcnt); 152 if (kf == NULL) { 153 printf("Out of memory (file table).\n"); 154 return; 155 } 156 157 /* sort sockets by AF and type */ 158 qsort(kf, fcnt, sizeof(*kf), kf_comp); 159 160 for (i = 0; i < fcnt; i++) { 161 if (Pflag) { 162 switch (kf[i].so_family) { 163 case AF_INET: 164 case AF_INET6: 165 /* 166 * XXX at the moment fstat returns the pointer 167 * to the so_pcb or for tcp sockets the tcpcb 168 * pointer (inp_ppcb) so check both. 169 */ 170 if (pcbaddr == kf[i].so_pcb) { 171 inpcb_dump(kf[i].so_pcb, 172 kf[i].so_protocol, 173 kf[i].so_family); 174 return; 175 } else if (pcbaddr == kf[i].inp_ppcb && 176 kf[i].so_protocol == IPPROTO_TCP) { 177 if (vflag) 178 inpcb_dump(kf[i].so_pcb, 179 kf[i].so_protocol, 180 kf[i].so_family); 181 else 182 tcpcb_dump(kf[i].inp_ppcb); 183 return; 184 } 185 break; 186 case AF_UNIX: 187 if (pcbaddr == kf[i].so_pcb) { 188 unpcb_dump(pcbaddr); 189 return; 190 } 191 break; 192 } 193 continue; 194 } 195 if (kf[i].so_family == AF_LOCAL && (kf[i].so_pcb != 0 || 196 kf[i].unp_path[0] != '\0')) 197 if ((af == AF_LOCAL || af == AF_UNSPEC) && !proto) 198 unixdomainpr(&kf[i]); 199 if (kf[i].so_family == AF_INET && kf[i].so_pcb != 0 && 200 kf[i].inp_rtableid == tableid) 201 if (af == AF_INET || af == AF_UNSPEC) 202 netdomainpr(&kf[i], proto); 203 if (kf[i].so_family == AF_INET6 && kf[i].so_pcb != 0 && 204 kf[i].inp_rtableid == tableid) 205 if (af == AF_INET6 || af == AF_UNSPEC) 206 netdomainpr(&kf[i], proto); 207 } 208 } 209 210 /* 211 * Print a summary of connections related to an Internet 212 * protocol. For TCP, also give state of connection. 213 * Listening processes (aflag) are suppressed unless the 214 * -a (all) flag is specified. 215 */ 216 void 217 netdomainpr(struct kinfo_file *kf, int proto) 218 { 219 static int af = 0, type = 0; 220 struct in_addr laddr, faddr; 221 struct in6_addr laddr6, faddr6; 222 const char *name, *name6; 223 int addrlen = 22; 224 int isany = 0; 225 int istcp = 0; 226 int isudp = 0; 227 int isip6 = 0; 228 229 /* XXX should fix kinfo_file instead but not now */ 230 if (kf->so_pcb == -1) 231 kf->so_pcb = 0; 232 233 switch (proto) { 234 case IPPROTO_TCP: 235 case IPPROTO_UDP: 236 case IPPROTO_DIVERT: 237 if (kf->so_protocol != proto) 238 return; 239 break; 240 case IPPROTO_IPV4: 241 if (kf->so_type != SOCK_RAW || kf->so_family != AF_INET) 242 return; 243 break; 244 case IPPROTO_IPV6: 245 if (kf->so_type != SOCK_RAW || kf->so_family != AF_INET6) 246 return; 247 break; 248 } 249 250 /* make in_addr6 access a bit easier */ 251 #define s6_addr32 __u6_addr.__u6_addr32 252 laddr.s_addr = kf->inp_laddru[0]; 253 laddr6.s6_addr32[0] = kf->inp_laddru[0]; 254 laddr6.s6_addr32[1] = kf->inp_laddru[1]; 255 laddr6.s6_addr32[2] = kf->inp_laddru[2]; 256 laddr6.s6_addr32[3] = kf->inp_laddru[3]; 257 258 faddr.s_addr = kf->inp_faddru[0]; 259 faddr6.s6_addr32[0] = kf->inp_faddru[0]; 260 faddr6.s6_addr32[1] = kf->inp_faddru[1]; 261 faddr6.s6_addr32[2] = kf->inp_faddru[2]; 262 faddr6.s6_addr32[3] = kf->inp_faddru[3]; 263 #undef s6_addr32 264 265 switch (kf->so_family) { 266 case AF_INET: 267 isany = faddr.s_addr == INADDR_ANY; 268 break; 269 case AF_INET6: 270 isany = IN6_IS_ADDR_UNSPECIFIED(&faddr6); 271 isip6 = 1; 272 break; 273 } 274 275 switch (kf->so_protocol) { 276 case IPPROTO_TCP: 277 name = "tcp"; 278 name6 = "tcp6"; 279 istcp = 1; 280 break; 281 case IPPROTO_UDP: 282 name = "udp"; 283 name6 = "udp6"; 284 isudp = 1; 285 break; 286 case IPPROTO_DIVERT: 287 name = "divert"; 288 name6 = "divert6"; 289 break; 290 default: 291 name = "ip"; 292 name6 = "ip6"; 293 break; 294 } 295 296 /* filter listening sockets out unless -a is set */ 297 if (!(aflag || lflag) && istcp && kf->t_state <= TCPS_LISTEN) 298 return; 299 else if (!(aflag || lflag) && isany) 300 return; 301 302 /* when -l is set, show only listening sockets */ 303 if (!aflag && lflag && istcp && 304 kf->t_state != TCPS_LISTEN) 305 return; 306 if (!aflag && lflag && isudp && 307 (kf->inp_lport == 0 || kf->inp_fport != 0)) 308 return; 309 310 if (af != kf->so_family || type != kf->so_type) { 311 af = kf->so_family; 312 type = kf->so_type; 313 printf("Active Internet connections"); 314 if (aflag) 315 printf(" (including servers)"); 316 else if (lflag && (istcp || isudp)) 317 printf(" (only servers)"); 318 putchar('\n'); 319 if (Aflag) { 320 addrlen = 18; 321 printf("%-*.*s ", PLEN, PLEN, "PCB"); 322 } 323 printf("%-7.7s %-6.6s %-6.6s ", 324 "Proto", "Recv-Q", "Send-Q"); 325 if (Bflag && istcp) 326 printf("%-6.6s %-6.6s %-6.6s ", 327 "Recv-W", "Send-W", "Cgst-W"); 328 printf(" %-*.*s %-*.*s%s\n", 329 addrlen, addrlen, "Local Address", 330 addrlen, addrlen, "Foreign Address", 331 istcp ? " TCP-State" : type == SOCK_RAW ? " IP-Proto" : ""); 332 } 333 334 if (Aflag) 335 printf("%#*llx%s ", FAKE_PTR(kf->so_protocol == IPPROTO_TCP ? 336 kf->inp_ppcb : kf->so_pcb)); 337 338 printf("%-7.7s %6llu %6llu ", 339 isip6 ? name6: name, kf->so_rcv_cc, kf->so_snd_cc); 340 if (Bflag && istcp) 341 printf("%6llu %6llu %6llu ", kf->t_rcv_wnd, kf->t_snd_wnd, 342 (kf->t_state == TCPS_ESTABLISHED) ? 343 kf->t_snd_cwnd : 0); 344 345 if (isip6) { 346 inet6print(&laddr6, kf->inp_lport, name); 347 inet6print(&faddr6, kf->inp_fport, name); 348 } else { 349 inetprint(&laddr, kf->inp_lport, name, 1); 350 inetprint(&faddr, kf->inp_fport, name, 0); 351 } 352 if (istcp) { 353 if (kf->t_state >= TCP_NSTATES) 354 printf(" %u", kf->t_state); 355 else 356 printf(" %s", tcpstates[kf->t_state]); 357 } else if (kf->so_type == SOCK_RAW) { 358 printf(" %u", kf->inp_proto); 359 } 360 putchar('\n'); 361 } 362 363 /* 364 * Dump TCP statistics structure. 365 */ 366 void 367 tcp_stats(char *name) 368 { 369 struct tcpstat tcpstat; 370 int mib[] = { CTL_NET, PF_INET, IPPROTO_TCP, TCPCTL_STATS }; 371 size_t len = sizeof(tcpstat); 372 373 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 374 &tcpstat, &len, NULL, 0) == -1) { 375 if (errno != ENOPROTOOPT) 376 warn("%s", name); 377 return; 378 } 379 380 printf("%s:\n", name); 381 #define p(f, m) if (tcpstat.f || sflag <= 1) \ 382 printf(m, tcpstat.f, plural(tcpstat.f)) 383 #define p1(f, m) if (tcpstat.f || sflag <= 1) \ 384 printf(m, tcpstat.f) 385 #define p2(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 386 printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2, plural(tcpstat.f2)) 387 #define p2a(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 388 printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2) 389 #define p2b(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ 390 printf(m, tcpstat.f1, tcpstat.f2) 391 #define p2bys(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ 392 printf(m, tcpstat.f1, pluralys(tcpstat.f1), tcpstat.f2) 393 #define pes(f, m) if (tcpstat.f || sflag <= 1) \ 394 printf(m, tcpstat.f, plurales(tcpstat.f)) 395 #define pys(f, m) if (tcpstat.f || sflag <= 1) \ 396 printf(m, tcpstat.f, pluralys(tcpstat.f)) 397 398 p(tcps_sndtotal, "\t%u packet%s sent\n"); 399 p2(tcps_sndpack,tcps_sndbyte, 400 "\t\t%u data packet%s (%llu byte%s)\n"); 401 p2(tcps_sndrexmitpack, tcps_sndrexmitbyte, 402 "\t\t%u data packet%s (%llu byte%s) retransmitted\n"); 403 p(tcps_sndrexmitfast, "\t\t%llu fast retransmitted packet%s\n"); 404 p2a(tcps_sndacks, tcps_delack, 405 "\t\t%u ack-only packet%s (%u delayed)\n"); 406 p(tcps_sndurg, "\t\t%u URG only packet%s\n"); 407 p(tcps_sndprobe, "\t\t%u window probe packet%s\n"); 408 p(tcps_sndwinup, "\t\t%u window update packet%s\n"); 409 p(tcps_sndctrl, "\t\t%u control packet%s\n"); 410 p(tcps_outswcsum, "\t\t%u packet%s software-checksummed\n"); 411 p(tcps_rcvtotal, "\t%u packet%s received\n"); 412 p2(tcps_rcvackpack, tcps_rcvackbyte, "\t\t%u ack%s (for %llu byte%s)\n"); 413 p(tcps_rcvdupack, "\t\t%u duplicate ack%s\n"); 414 p(tcps_rcvacktoomuch, "\t\t%u ack%s for unsent data\n"); 415 p(tcps_rcvacktooold, "\t\t%u ack%s for old data\n"); 416 p2(tcps_rcvpack, tcps_rcvbyte, 417 "\t\t%u packet%s (%llu byte%s) received in-sequence\n"); 418 p2(tcps_rcvduppack, tcps_rcvdupbyte, 419 "\t\t%u completely duplicate packet%s (%llu byte%s)\n"); 420 p(tcps_pawsdrop, "\t\t%u old duplicate packet%s\n"); 421 p2(tcps_rcvpartduppack, tcps_rcvpartdupbyte, 422 "\t\t%u packet%s with some duplicate data (%llu byte%s duplicated)\n"); 423 p2(tcps_rcvoopack, tcps_rcvoobyte, 424 "\t\t%u out-of-order packet%s (%llu byte%s)\n"); 425 p2(tcps_rcvpackafterwin, tcps_rcvbyteafterwin, 426 "\t\t%u packet%s (%llu byte%s) of data after window\n"); 427 p(tcps_rcvwinprobe, "\t\t%u window probe%s\n"); 428 p(tcps_rcvwinupd, "\t\t%u window update packet%s\n"); 429 p(tcps_rcvafterclose, "\t\t%u packet%s received after close\n"); 430 p(tcps_rcvbadsum, "\t\t%u discarded for bad checksum%s\n"); 431 p(tcps_rcvbadoff, "\t\t%u discarded for bad header offset field%s\n"); 432 p1(tcps_rcvshort, "\t\t%u discarded because packet too short\n"); 433 p1(tcps_rcvnosec, "\t\t%u discarded for missing IPsec protection\n"); 434 p1(tcps_rcvmemdrop, "\t\t%u discarded due to memory shortage\n"); 435 p(tcps_inswcsum, "\t\t%u packet%s software-checksummed\n"); 436 p(tcps_rcvbadsig, "\t\t%u bad/missing md5 checksum%s\n"); 437 p(tcps_rcvgoodsig, "\t\t%llu good md5 checksum%s\n"); 438 p(tcps_connattempt, "\t%u connection request%s\n"); 439 p(tcps_accepts, "\t%u connection accept%s\n"); 440 p(tcps_connects, "\t%u connection%s established (including accepts)\n"); 441 p2(tcps_closed, tcps_drops, 442 "\t%u connection%s closed (including %u drop%s)\n"); 443 p(tcps_conndrained, "\t%llu connection%s drained\n"); 444 p(tcps_conndrops, "\t%u embryonic connection%s dropped\n"); 445 p2(tcps_rttupdated, tcps_segstimed, 446 "\t%u segment%s updated rtt (of %u attempt%s)\n"); 447 p(tcps_rexmttimeo, "\t%u retransmit timeout%s\n"); 448 p(tcps_timeoutdrop, "\t\t%u connection%s dropped by rexmit timeout\n"); 449 p(tcps_persisttimeo, "\t%u persist timeout%s\n"); 450 p(tcps_keeptimeo, "\t%u keepalive timeout%s\n"); 451 p(tcps_keepprobe, "\t\t%u keepalive probe%s sent\n"); 452 p(tcps_keepdrops, "\t\t%u connection%s dropped by keepalive\n"); 453 p(tcps_predack, "\t%u correct ACK header prediction%s\n"); 454 p(tcps_preddat, "\t%u correct data packet header prediction%s\n"); 455 pes(tcps_pcbhashmiss, "\t%u PCB cache miss%s\n"); 456 p1(tcps_noport, "\t%u dropped due to no socket\n"); 457 458 p(tcps_ecn_accepts, "\t%u ECN connection%s accepted\n"); 459 p(tcps_ecn_rcvece, "\t\t%u ECE packet%s received\n"); 460 p(tcps_ecn_rcvcwr, "\t\t%u CWR packet%s received\n"); 461 p(tcps_ecn_rcvce, "\t\t%u CE packet%s received\n"); 462 p(tcps_ecn_sndect, "\t\t%u ECT packet%s sent\n"); 463 p(tcps_ecn_sndece, "\t\t%u ECE packet%s sent\n"); 464 p(tcps_ecn_sndcwr, "\t\t%u CWR packet%s sent\n"); 465 p1(tcps_cwr_frecovery, "\t\t\tcwr by fastrecovery: %u\n"); 466 p1(tcps_cwr_timeout, "\t\t\tcwr by timeout: %u\n"); 467 p1(tcps_cwr_ecn, "\t\t\tcwr by ecn: %u\n"); 468 469 p(tcps_badsyn, "\t%u bad connection attempt%s\n"); 470 p(tcps_dropsyn, "\t%u SYN packet%s dropped due to queue or memory full\n"); 471 pys(tcps_sc_added, "\t%llu SYN cache entr%s added\n"); 472 p(tcps_sc_collisions, "\t\t%llu hash collision%s\n"); 473 p1(tcps_sc_completed, "\t\t%llu completed\n"); 474 p1(tcps_sc_aborted, "\t\t%llu aborted (no space to build PCB)\n"); 475 p1(tcps_sc_timed_out, "\t\t%llu timed out\n"); 476 p1(tcps_sc_overflowed, "\t\t%llu dropped due to overflow\n"); 477 p1(tcps_sc_bucketoverflow, "\t\t%llu dropped due to bucket overflow\n"); 478 p1(tcps_sc_reset, "\t\t%llu dropped due to RST\n"); 479 p1(tcps_sc_unreach, "\t\t%llu dropped due to ICMP unreachable\n"); 480 p(tcps_sc_retransmitted, "\t%llu SYN,ACK%s retransmitted\n"); 481 p(tcps_sc_dupesyn, "\t%llu duplicate SYN%s received for entries " 482 "already in the cache\n"); 483 p(tcps_sc_dropped, "\t%llu SYN%s dropped (no route or no space)\n"); 484 p(tcps_sc_seedrandom, "\t%llu SYN cache seed%s with new random\n"); 485 p1(tcps_sc_hash_size, "\t%llu hash bucket array size in current " 486 "SYN cache\n"); 487 p2bys(tcps_sc_entry_count, tcps_sc_entry_limit, 488 "\t%llu entr%s in current SYN cache, limit is %llu\n"); 489 p2b(tcps_sc_bucket_maxlen, tcps_sc_bucket_limit, 490 "\t%llu longest bucket length in current SYN cache, limit is %llu\n"); 491 p(tcps_sc_uses_left, "\t%llu use%s of current SYN cache left\n"); 492 493 p(tcps_sack_recovery_episode, "\t%llu SACK recovery episode%s\n"); 494 p(tcps_sack_rexmits, 495 "\t\t%llu segment rexmit%s in SACK recovery episodes\n"); 496 p(tcps_sack_rexmit_bytes, 497 "\t\t%llu byte rexmit%s in SACK recovery episodes\n"); 498 p(tcps_sack_rcv_opts, "\t%llu SACK option%s received\n"); 499 p(tcps_sack_snd_opts, "\t%llu SACK option%s sent\n"); 500 p(tcps_sack_drop_opts, "\t%llu SACK option%s dropped\n"); 501 502 #undef p 503 #undef p1 504 #undef p2 505 #undef p2a 506 #undef p2b 507 #undef p2bys 508 #undef pes 509 #undef pys 510 } 511 512 /* 513 * Dump UDP statistics structure. 514 */ 515 void 516 udp_stats(char *name) 517 { 518 struct udpstat udpstat; 519 u_long delivered; 520 int mib[] = { CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_STATS }; 521 size_t len = sizeof(udpstat); 522 523 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 524 &udpstat, &len, NULL, 0) == -1) { 525 if (errno != ENOPROTOOPT) 526 warn("%s", name); 527 return; 528 } 529 530 printf("%s:\n", name); 531 #define p(f, m) if (udpstat.f || sflag <= 1) \ 532 printf(m, udpstat.f, plural(udpstat.f)) 533 #define p1(f, m) if (udpstat.f || sflag <= 1) \ 534 printf(m, udpstat.f) 535 536 p(udps_ipackets, "\t%lu datagram%s received\n"); 537 p1(udps_hdrops, "\t%lu with incomplete header\n"); 538 p1(udps_badlen, "\t%lu with bad data length field\n"); 539 p1(udps_badsum, "\t%lu with bad checksum\n"); 540 p1(udps_nosum, "\t%lu with no checksum\n"); 541 p(udps_inswcsum, "\t%lu input packet%s software-checksummed\n"); 542 p(udps_outswcsum, "\t%lu output packet%s software-checksummed\n"); 543 p1(udps_noport, "\t%lu dropped due to no socket\n"); 544 p(udps_noportbcast, "\t%lu broadcast/multicast datagram%s dropped due to no socket\n"); 545 p1(udps_nosec, "\t%lu dropped due to missing IPsec protection\n"); 546 p1(udps_fullsock, "\t%lu dropped due to full socket buffers\n"); 547 delivered = udpstat.udps_ipackets - udpstat.udps_hdrops - 548 udpstat.udps_badlen - udpstat.udps_badsum - 549 udpstat.udps_noport - udpstat.udps_noportbcast - 550 udpstat.udps_fullsock; 551 if (delivered || sflag <= 1) 552 printf("\t%lu delivered\n", delivered); 553 p(udps_opackets, "\t%lu datagram%s output\n"); 554 p1(udps_pcbhashmiss, "\t%lu missed PCB cache\n"); 555 #undef p 556 #undef p1 557 } 558 559 /* 560 * Dump IP statistics structure. 561 */ 562 void 563 ip_stats(char *name) 564 { 565 struct ipstat ipstat; 566 int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_STATS }; 567 size_t len = sizeof(ipstat); 568 569 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 570 &ipstat, &len, NULL, 0) == -1) { 571 if (errno != ENOPROTOOPT) 572 warn("%s", name); 573 return; 574 } 575 576 printf("%s:\n", name); 577 #define p(f, m) if (ipstat.f || sflag <= 1) \ 578 printf(m, ipstat.f, plural(ipstat.f)) 579 #define p1(f, m) if (ipstat.f || sflag <= 1) \ 580 printf(m, ipstat.f) 581 582 p(ips_total, "\t%lu total packet%s received\n"); 583 p(ips_badsum, "\t%lu bad header checksum%s\n"); 584 p1(ips_toosmall, "\t%lu with size smaller than minimum\n"); 585 p1(ips_tooshort, "\t%lu with data size < data length\n"); 586 p1(ips_badhlen, "\t%lu with header length < data size\n"); 587 p1(ips_badlen, "\t%lu with data length < header length\n"); 588 p1(ips_badoptions, "\t%lu with bad options\n"); 589 p1(ips_badvers, "\t%lu with incorrect version number\n"); 590 p(ips_fragments, "\t%lu fragment%s received\n"); 591 p(ips_fragdropped, "\t%lu fragment%s dropped (duplicates or out of space)\n"); 592 p(ips_badfrags, "\t%lu malformed fragment%s dropped\n"); 593 p(ips_fragtimeout, "\t%lu fragment%s dropped after timeout\n"); 594 p(ips_reassembled, "\t%lu packet%s reassembled ok\n"); 595 p(ips_delivered, "\t%lu packet%s for this host\n"); 596 p(ips_noproto, "\t%lu packet%s for unknown/unsupported protocol\n"); 597 p(ips_forward, "\t%lu packet%s forwarded\n"); 598 p(ips_cantforward, "\t%lu packet%s not forwardable\n"); 599 p(ips_redirectsent, "\t%lu redirect%s sent\n"); 600 p(ips_localout, "\t%lu packet%s sent from this host\n"); 601 p(ips_rawout, "\t%lu packet%s sent with fabricated ip header\n"); 602 p(ips_odropped, "\t%lu output packet%s dropped due to no bufs, etc.\n"); 603 p(ips_noroute, "\t%lu output packet%s discarded due to no route\n"); 604 p(ips_fragmented, "\t%lu output datagram%s fragmented\n"); 605 p(ips_ofragments, "\t%lu fragment%s created\n"); 606 p(ips_cantfrag, "\t%lu datagram%s that can't be fragmented\n"); 607 p1(ips_rcvmemdrop, "\t%lu fragment floods\n"); 608 p(ips_toolong, "\t%lu packet%s with ip length > max ip packet size\n"); 609 p(ips_nogif, "\t%lu tunneling packet%s that can't find gif\n"); 610 p(ips_badaddr, "\t%lu datagram%s with bad address in header\n"); 611 p(ips_inswcsum, "\t%lu input datagram%s software-checksummed\n"); 612 p(ips_outswcsum, "\t%lu output datagram%s software-checksummed\n"); 613 p(ips_notmember, "\t%lu multicast packet%s which we don't join\n"); 614 p(ips_wrongif, "\t%lu packet%s received on wrong interface\n"); 615 p(ips_idropped, "\t%lu input packet%s dropped due to no bufs, etc.\n"); 616 #undef p 617 #undef p1 618 } 619 620 /* 621 * Dump DIVERT statistics structure. 622 */ 623 void 624 div_stats(char *name) 625 { 626 struct divstat divstat; 627 int mib[] = { CTL_NET, PF_INET, IPPROTO_DIVERT, DIVERTCTL_STATS }; 628 size_t len = sizeof(divstat); 629 630 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 631 &divstat, &len, NULL, 0) == -1) { 632 if (errno != ENOPROTOOPT) 633 warn("%s", name); 634 return; 635 } 636 637 printf("%s:\n", name); 638 #define p(f, m) if (divstat.f || sflag <= 1) \ 639 printf(m, divstat.f, plural(divstat.f)) 640 #define p1(f, m) if (divstat.f || sflag <= 1) \ 641 printf(m, divstat.f) 642 p(divs_ipackets, "\t%lu total packet%s received\n"); 643 p1(divs_noport, "\t%lu dropped due to no socket\n"); 644 p1(divs_fullsock, "\t%lu dropped due to full socket buffers\n"); 645 p(divs_opackets, "\t%lu packet%s output\n"); 646 p1(divs_errors, "\t%lu errors\n"); 647 #undef p 648 #undef p1 649 } 650 651 static char *icmpnames[ICMP_MAXTYPE + 1] = { 652 "echo reply", 653 "#1", 654 "#2", 655 "destination unreachable", 656 "source quench", 657 "routing redirect", 658 "#6", 659 "#7", 660 "echo", 661 "router advertisement", 662 "router solicitation", 663 "time exceeded", 664 "parameter problem", 665 "time stamp", 666 "time stamp reply", 667 "information request", 668 "information request reply", 669 "address mask request", 670 "address mask reply", 671 "#19", 672 "#20", 673 "#21", 674 "#22", 675 "#23", 676 "#24", 677 "#25", 678 "#26", 679 "#27", 680 "#28", 681 "#29", 682 "traceroute", 683 "data conversion error", 684 "mobile host redirect", 685 "IPv6 where-are-you", 686 "IPv6 i-am-here", 687 "mobile registration request", 688 "mobile registration reply", 689 "#37", 690 "#38", 691 "SKIP", 692 "Photuris", 693 }; 694 695 /* 696 * Dump ICMP statistics. 697 */ 698 void 699 icmp_stats(char *name) 700 { 701 struct icmpstat icmpstat; 702 int i, first; 703 int mib[] = { CTL_NET, PF_INET, IPPROTO_ICMP, ICMPCTL_STATS }; 704 size_t len = sizeof(icmpstat); 705 706 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 707 &icmpstat, &len, NULL, 0) == -1) { 708 if (errno != ENOPROTOOPT) 709 warn("%s", name); 710 return; 711 } 712 713 printf("%s:\n", name); 714 #define p(f, m) if (icmpstat.f || sflag <= 1) \ 715 printf(m, icmpstat.f, plural(icmpstat.f)) 716 717 p(icps_error, "\t%lu call%s to icmp_error\n"); 718 p(icps_oldicmp, 719 "\t%lu error%s not generated because old message was icmp\n"); 720 p(icps_toofreq, 721 "\t%lu error%s not generated because of rate limitation\n"); 722 723 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 724 if (icmpstat.icps_outhist[i] != 0) { 725 if (first) { 726 printf("\tOutput packet histogram:\n"); 727 first = 0; 728 } 729 if (icmpnames[i]) 730 printf("\t\t%s:", icmpnames[i]); 731 else 732 printf("\t\t#%d:", i); 733 printf(" %lu\n", icmpstat.icps_outhist[i]); 734 } 735 p(icps_badcode, "\t%lu message%s with bad code fields\n"); 736 p(icps_tooshort, "\t%lu message%s < minimum length\n"); 737 p(icps_checksum, "\t%lu bad checksum%s\n"); 738 p(icps_badlen, "\t%lu message%s with bad length\n"); 739 p(icps_bmcastecho, "\t%lu echo request%s to broadcast/multicast " 740 "rejected\n"); 741 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 742 if (icmpstat.icps_inhist[i] != 0) { 743 if (first) { 744 printf("\tInput packet histogram:\n"); 745 first = 0; 746 } 747 if (icmpnames[i]) 748 printf("\t\t%s:", icmpnames[i]); 749 else 750 printf("\t\t#%d:", i); 751 printf(" %lu\n", icmpstat.icps_inhist[i]); 752 } 753 p(icps_reflect, "\t%lu message response%s generated\n"); 754 #undef p 755 } 756 757 /* 758 * Dump IGMP statistics structure. 759 */ 760 void 761 igmp_stats(char *name) 762 { 763 struct igmpstat igmpstat; 764 int mib[] = { CTL_NET, PF_INET, IPPROTO_IGMP, IGMPCTL_STATS }; 765 size_t len = sizeof(igmpstat); 766 767 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 768 &igmpstat, &len, NULL, 0) == -1) { 769 if (errno != ENOPROTOOPT) 770 warn("%s", name); 771 return; 772 } 773 774 printf("%s:\n", name); 775 #define p(f, m) if (igmpstat.f || sflag <= 1) \ 776 printf(m, igmpstat.f, plural(igmpstat.f)) 777 #define py(f, m) if (igmpstat.f || sflag <= 1) \ 778 printf(m, igmpstat.f, igmpstat.f != 1 ? "ies" : "y") 779 780 p(igps_rcv_total, "\t%lu message%s received\n"); 781 p(igps_rcv_tooshort, "\t%lu message%s received with too few bytes\n"); 782 p(igps_rcv_badsum, "\t%lu message%s received with bad checksum\n"); 783 py(igps_rcv_queries, "\t%lu membership quer%s received\n"); 784 py(igps_rcv_badqueries, "\t%lu membership quer%s received with invalid field(s)\n"); 785 p(igps_rcv_reports, "\t%lu membership report%s received\n"); 786 p(igps_rcv_badreports, "\t%lu membership report%s received with invalid field(s)\n"); 787 p(igps_rcv_ourreports, "\t%lu membership report%s received for groups to which we belong\n"); 788 p(igps_snd_reports, "\t%lu membership report%s sent\n"); 789 #undef p 790 #undef py 791 } 792 793 struct rpcnams { 794 struct rpcnams *next; 795 in_port_t port; 796 int proto; 797 char *rpcname; 798 }; 799 800 static char * 801 getrpcportnam(in_port_t port, int proto) 802 { 803 struct sockaddr_in server_addr; 804 struct hostent *hp; 805 static struct pmaplist *head; 806 int socket = RPC_ANYSOCK; 807 struct timeval minutetimeout; 808 CLIENT *client; 809 struct rpcent *rpc; 810 static int first; 811 static struct rpcnams *rpcn; 812 struct rpcnams *n; 813 char num[20]; 814 815 if (first == 0) { 816 first = 1; 817 memset(&server_addr, 0, sizeof server_addr); 818 server_addr.sin_family = AF_INET; 819 if ((hp = gethostbyname("localhost")) != NULL) 820 memmove((caddr_t)&server_addr.sin_addr, hp->h_addr, 821 hp->h_length); 822 else 823 (void) inet_aton("0.0.0.0", &server_addr.sin_addr); 824 825 minutetimeout.tv_sec = 60; 826 minutetimeout.tv_usec = 0; 827 server_addr.sin_port = htons(PMAPPORT); 828 if ((client = clnttcp_create(&server_addr, PMAPPROG, 829 PMAPVERS, &socket, 50, 500)) == NULL) 830 return (NULL); 831 if (clnt_call(client, PMAPPROC_DUMP, xdr_void, NULL, 832 xdr_pmaplist, &head, minutetimeout) != RPC_SUCCESS) { 833 clnt_destroy(client); 834 return (NULL); 835 } 836 for (; head != NULL; head = head->pml_next) { 837 n = malloc(sizeof(struct rpcnams)); 838 if (n == NULL) 839 continue; 840 n->next = rpcn; 841 rpcn = n; 842 n->port = head->pml_map.pm_port; 843 n->proto = head->pml_map.pm_prot; 844 845 rpc = getrpcbynumber(head->pml_map.pm_prog); 846 if (rpc) 847 n->rpcname = strdup(rpc->r_name); 848 else { 849 snprintf(num, sizeof num, "%ld", 850 head->pml_map.pm_prog); 851 n->rpcname = strdup(num); 852 } 853 } 854 clnt_destroy(client); 855 } 856 857 for (n = rpcn; n; n = n->next) 858 if (n->port == port && n->proto == proto) 859 return (n->rpcname); 860 return (NULL); 861 } 862 863 /* 864 * Pretty print an Internet address (net address + port). 865 * If the nflag was specified, use numbers instead of names. 866 */ 867 void 868 inetprint(struct in_addr *in, in_port_t port, const char *proto, int local) 869 { 870 struct servent *sp = 0; 871 char line[80], *cp, *nam; 872 int width; 873 874 snprintf(line, sizeof line, "%.*s.", (Aflag && !nflag) ? 12 : 16, 875 inetname(in)); 876 cp = strchr(line, '\0'); 877 if (!nflag && port) 878 sp = getservbyport((int)port, proto); 879 if (sp || port == 0) 880 snprintf(cp, line + sizeof line - cp, "%.8s", 881 sp ? sp->s_name : "*"); 882 else if (local && !nflag && (nam = getrpcportnam(ntohs(port), 883 (strcmp(proto, "tcp") == 0 ? IPPROTO_TCP : IPPROTO_UDP)))) 884 snprintf(cp, line + sizeof line - cp, "%d[%.8s]", 885 ntohs(port), nam); 886 else 887 snprintf(cp, line + sizeof line - cp, "%d", ntohs(port)); 888 width = Aflag ? 18 : 22; 889 printf(" %-*.*s", width, width, line); 890 } 891 892 /* 893 * Construct an Internet address representation. 894 * If the nflag has been supplied, give 895 * numeric value, otherwise try for symbolic name. 896 */ 897 char * 898 inetname(struct in_addr *inp) 899 { 900 char *cp; 901 static char line[50]; 902 struct hostent *hp; 903 static char domain[HOST_NAME_MAX+1]; 904 static int first = 1; 905 906 if (first && !nflag) { 907 first = 0; 908 if (gethostname(domain, sizeof(domain)) == 0 && 909 (cp = strchr(domain, '.'))) 910 (void) strlcpy(domain, cp + 1, sizeof domain); 911 else 912 domain[0] = '\0'; 913 } 914 cp = NULL; 915 if (!nflag && inp->s_addr != INADDR_ANY) { 916 hp = gethostbyaddr((char *)inp, sizeof (*inp), AF_INET); 917 if (hp) { 918 if ((cp = strchr(hp->h_name, '.')) && 919 !strcmp(cp + 1, domain)) 920 *cp = '\0'; 921 cp = hp->h_name; 922 } 923 } 924 if (inp->s_addr == INADDR_ANY) 925 snprintf(line, sizeof line, "*"); 926 else if (cp) 927 snprintf(line, sizeof line, "%s", cp); 928 else { 929 inp->s_addr = ntohl(inp->s_addr); 930 #define C(x) ((x) & 0xff) 931 snprintf(line, sizeof line, "%u.%u.%u.%u", 932 C(inp->s_addr >> 24), C(inp->s_addr >> 16), 933 C(inp->s_addr >> 8), C(inp->s_addr)); 934 } 935 return (line); 936 } 937 938 /* 939 * Dump AH statistics structure. 940 */ 941 void 942 ah_stats(char *name) 943 { 944 struct ahstat ahstat; 945 int mib[] = { CTL_NET, PF_INET, IPPROTO_AH, AHCTL_STATS }; 946 size_t len = sizeof(ahstat); 947 948 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 949 &ahstat, &len, NULL, 0) == -1) { 950 if (errno != ENOPROTOOPT) 951 warn("%s", name); 952 return; 953 } 954 955 printf("%s:\n", name); 956 #define p(f, m) if (ahstat.f || sflag <= 1) \ 957 printf(m, ahstat.f, plural(ahstat.f)) 958 #define p1(f, m) if (ahstat.f || sflag <= 1) \ 959 printf(m, ahstat.f) 960 961 p1(ahs_input, "\t%llu input AH packets\n"); 962 p1(ahs_output, "\t%llu output AH packets\n"); 963 p(ahs_nopf, "\t%llu packet%s from unsupported protocol families\n"); 964 p(ahs_hdrops, "\t%llu packet%s shorter than header shows\n"); 965 p(ahs_pdrops, "\t%llu packet%s dropped due to policy\n"); 966 p(ahs_notdb, "\t%llu packet%s for which no TDB was found\n"); 967 p(ahs_badkcr, "\t%llu input packet%s that failed to be processed\n"); 968 p(ahs_badauth, "\t%llu packet%s that failed verification received\n"); 969 p(ahs_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 970 p(ahs_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 971 p(ahs_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 972 p(ahs_replay, "\t%llu possibly replayed packet%s received\n"); 973 p(ahs_badauthl, "\t%llu packet%s with bad authenticator length received\n"); 974 p(ahs_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 975 p(ahs_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 976 p(ahs_crypto, "\t%llu packet%s that failed crypto processing\n"); 977 p(ahs_outfail, "\t%llu output packet%s could not be sent\n"); 978 p(ahs_ibytes, "\t%llu input byte%s\n"); 979 p(ahs_obytes, "\t%llu output byte%s\n"); 980 981 #undef p 982 #undef p1 983 } 984 985 /* 986 * Dump etherip statistics structure. 987 */ 988 void 989 etherip_stats(char *name) 990 { 991 struct etheripstat etheripstat; 992 int mib[] = { CTL_NET, PF_INET, IPPROTO_ETHERIP, ETHERIPCTL_STATS }; 993 size_t len = sizeof(etheripstat); 994 995 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 996 ðeripstat, &len, NULL, 0) == -1) { 997 if (errno != ENOPROTOOPT) 998 warn("%s", name); 999 return; 1000 } 1001 1002 printf("%s:\n", name); 1003 #define p(f, m) if (etheripstat.f || sflag <= 1) \ 1004 printf(m, etheripstat.f, plural(etheripstat.f)) 1005 1006 p(etherips_hdrops, "\t%llu packet%s shorter than header shows\n"); 1007 p(etherips_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1008 p(etherips_noifdrops, "\t%llu packet%s were dropped because of no interface/bridge information\n"); 1009 p(etherips_pdrops, "\t%llu packet%s dropped due to policy\n"); 1010 p(etherips_adrops, "\t%llu packet%s dropped for other reasons\n"); 1011 p(etherips_ipackets, "\t%llu input ethernet-in-IP packet%s\n"); 1012 p(etherips_opackets, "\t%llu output ethernet-in-IP packet%s\n"); 1013 p(etherips_ibytes, "\t%llu input byte%s\n"); 1014 p(etherips_obytes, "\t%llu output byte%s\n"); 1015 #undef p 1016 } 1017 1018 /* 1019 * Dump IPsec statistics structure. 1020 */ 1021 void 1022 ipsec_stats(char *name) 1023 { 1024 struct ipsecstat ipsecstat; 1025 int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IPSEC_STATS }; 1026 size_t len = sizeof(ipsecstat); 1027 1028 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1029 &ipsecstat, &len, NULL, 0) == -1) { 1030 if (errno != ENOPROTOOPT) 1031 warn("%s", name); 1032 return; 1033 } 1034 1035 printf("%s:\n", name); 1036 #define p(f, m) if (ipsecstat.f || sflag <= 1) \ 1037 printf(m, ipsecstat.f, plural(ipsecstat.f)) 1038 p(ipsec_ipackets, "\t%llu input IPsec packet%s\n"); 1039 p(ipsec_opackets, "\t%llu output IPsec packet%s\n"); 1040 p(ipsec_ibytes, "\t%llu input byte%s\n"); 1041 p(ipsec_obytes, "\t%llu output byte%s\n"); 1042 p(ipsec_idecompbytes, "\t%llu input byte%s, decompressed\n"); 1043 p(ipsec_ouncompbytes, "\t%llu output byte%s, uncompressed\n"); 1044 p(ipsec_idrops, "\t%llu packet%s dropped on input\n"); 1045 p(ipsec_odrops, "\t%llu packet%s dropped on output\n"); 1046 p(ipsec_crypto, "\t%llu packet%s that failed crypto processing\n"); 1047 p(ipsec_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1048 p(ipsec_notdb, "\t%llu packet%s for which no TDB was found\n"); 1049 p(ipsec_exctdb, "\t%llu TDB%s with hardlimit excess\n"); 1050 #undef p 1051 } 1052 1053 /* 1054 * Dump ESP statistics structure. 1055 */ 1056 void 1057 esp_stats(char *name) 1058 { 1059 struct espstat espstat; 1060 int mib[] = { CTL_NET, PF_INET, IPPROTO_ESP, ESPCTL_STATS }; 1061 size_t len = sizeof(espstat); 1062 1063 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1064 &espstat, &len, NULL, 0) == -1) { 1065 if (errno != ENOPROTOOPT) 1066 warn("%s", name); 1067 return; 1068 } 1069 1070 printf("%s:\n", name); 1071 #define p(f, m) if (espstat.f || sflag <= 1) \ 1072 printf(m, espstat.f, plural(espstat.f)) 1073 1074 p(esps_input, "\t%llu input ESP packet%s\n"); 1075 p(esps_output, "\t%llu output ESP packet%s\n"); 1076 p(esps_nopf, "\t%llu packet%s from unsupported protocol families\n"); 1077 p(esps_hdrops, "\t%llu packet%s shorter than header shows\n"); 1078 p(esps_pdrops, "\t%llu packet%s dropped due to policy\n"); 1079 p(esps_notdb, "\t%llu packet%s for which no TDB was found\n"); 1080 p(esps_badkcr, "\t%llu input packet%s that failed to be processed\n"); 1081 p(esps_badenc, "\t%llu packet%s with bad encryption received\n"); 1082 p(esps_badauth, "\t%llu packet%s that failed verification received\n"); 1083 p(esps_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1084 p(esps_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1085 p(esps_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 1086 p(esps_replay, "\t%llu possibly replayed packet%s received\n"); 1087 p(esps_badilen, "\t%llu packet%s with bad payload size or padding received\n"); 1088 p(esps_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 1089 p(esps_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 1090 p(esps_crypto, "\t%llu packet%s that failed crypto processing\n"); 1091 p(esps_outfail, "\t%llu output packet%s could not be sent\n"); 1092 p(esps_udpencin, "\t%llu input UDP encapsulated ESP packet%s\n"); 1093 p(esps_udpencout, "\t%llu output UDP encapsulated ESP packet%s\n"); 1094 p(esps_udpinval, "\t%llu UDP packet%s for non-encapsulating TDB received\n"); 1095 p(esps_udpneeded, "\t%llu raw ESP packet%s for encapsulating TDB received\n"); 1096 p(esps_ibytes, "\t%llu input byte%s\n"); 1097 p(esps_obytes, "\t%llu output byte%s\n"); 1098 1099 #undef p 1100 } 1101 1102 /* 1103 * Dump IP-in-IP statistics structure. 1104 */ 1105 void 1106 ipip_stats(char *name) 1107 { 1108 struct ipipstat ipipstat; 1109 int mib[] = { CTL_NET, PF_INET, IPPROTO_IPIP, IPIPCTL_STATS }; 1110 size_t len = sizeof(ipipstat); 1111 1112 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1113 &ipipstat, &len, NULL, 0) == -1) { 1114 if (errno != ENOPROTOOPT) 1115 warn("%s", name); 1116 return; 1117 } 1118 1119 printf("%s:\n", name); 1120 #define p(f, m) if (ipipstat.f || sflag <= 1) \ 1121 printf(m, ipipstat.f, plural(ipipstat.f)) 1122 1123 p(ipips_ipackets, "\t%llu total input packet%s\n"); 1124 p(ipips_opackets, "\t%llu total output packet%s\n"); 1125 p(ipips_hdrops, "\t%llu packet%s shorter than header shows\n"); 1126 p(ipips_pdrops, "\t%llu packet%s dropped due to policy\n"); 1127 p(ipips_spoof, "\t%llu packet%s with possibly spoofed local addresses\n"); 1128 p(ipips_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1129 p(ipips_ibytes, "\t%llu input byte%s\n"); 1130 p(ipips_obytes, "\t%llu output byte%s\n"); 1131 p(ipips_family, "\t%llu protocol family mismatche%s\n"); 1132 p(ipips_unspec, "\t%llu attempt%s to use tunnel with unspecified endpoint(s)\n"); 1133 #undef p 1134 } 1135 1136 /* 1137 * Dump CARP statistics structure. 1138 */ 1139 void 1140 carp_stats(char *name) 1141 { 1142 struct carpstats carpstat; 1143 int mib[] = { CTL_NET, PF_INET, IPPROTO_CARP, CARPCTL_STATS }; 1144 size_t len = sizeof(carpstat); 1145 1146 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1147 &carpstat, &len, NULL, 0) == -1) { 1148 if (errno != ENOPROTOOPT) 1149 warn("%s", name); 1150 return; 1151 } 1152 1153 printf("%s:\n", name); 1154 #define p(f, m) if (carpstat.f || sflag <= 1) \ 1155 printf(m, carpstat.f, plural(carpstat.f)) 1156 #define p2(f, m) if (carpstat.f || sflag <= 1) \ 1157 printf(m, carpstat.f) 1158 1159 p(carps_ipackets, "\t%llu packet%s received (IPv4)\n"); 1160 p(carps_ipackets6, "\t%llu packet%s received (IPv6)\n"); 1161 p(carps_badif, "\t\t%llu packet%s discarded for bad interface\n"); 1162 p(carps_badttl, "\t\t%llu packet%s discarded for wrong TTL\n"); 1163 p(carps_hdrops, "\t\t%llu packet%s shorter than header\n"); 1164 p(carps_badsum, "\t\t%llu discarded for bad checksum%s\n"); 1165 p(carps_badver, "\t\t%llu discarded packet%s with a bad version\n"); 1166 p2(carps_badlen, "\t\t%llu discarded because packet too short\n"); 1167 p2(carps_badauth, "\t\t%llu discarded for bad authentication\n"); 1168 p2(carps_badvhid, "\t\t%llu discarded for unknown vhid\n"); 1169 p2(carps_badaddrs, "\t\t%llu discarded because of a bad address list\n"); 1170 p(carps_opackets, "\t%llu packet%s sent (IPv4)\n"); 1171 p(carps_opackets6, "\t%llu packet%s sent (IPv6)\n"); 1172 p2(carps_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1173 p(carps_preempt, "\t%llu transition%s to master\n"); 1174 #undef p 1175 #undef p2 1176 } 1177 1178 /* 1179 * Dump pfsync statistics structure. 1180 */ 1181 void 1182 pfsync_stats(char *name) 1183 { 1184 struct pfsyncstats pfsyncstat; 1185 int mib[] = { CTL_NET, PF_INET, IPPROTO_PFSYNC, PFSYNCCTL_STATS }; 1186 size_t len = sizeof(pfsyncstat); 1187 1188 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1189 &pfsyncstat, &len, NULL, 0) == -1) { 1190 if (errno != ENOPROTOOPT) 1191 warn("%s", name); 1192 return; 1193 } 1194 1195 printf("%s:\n", name); 1196 #define p(f, m) if (pfsyncstat.f || sflag <= 1) \ 1197 printf(m, pfsyncstat.f, plural(pfsyncstat.f)) 1198 #define p2(f, m) if (pfsyncstat.f || sflag <= 1) \ 1199 printf(m, pfsyncstat.f) 1200 1201 p(pfsyncs_ipackets, "\t%llu packet%s received (IPv4)\n"); 1202 p(pfsyncs_ipackets6, "\t%llu packet%s received (IPv6)\n"); 1203 p(pfsyncs_badif, "\t\t%llu packet%s discarded for bad interface\n"); 1204 p(pfsyncs_badttl, "\t\t%llu packet%s discarded for bad ttl\n"); 1205 p(pfsyncs_hdrops, "\t\t%llu packet%s shorter than header\n"); 1206 p(pfsyncs_badver, "\t\t%llu packet%s discarded for bad version\n"); 1207 p(pfsyncs_badauth, "\t\t%llu packet%s discarded for bad HMAC\n"); 1208 p(pfsyncs_badact,"\t\t%llu packet%s discarded for bad action\n"); 1209 p(pfsyncs_badlen, "\t\t%llu packet%s discarded for short packet\n"); 1210 p(pfsyncs_badval, "\t\t%llu state%s discarded for bad values\n"); 1211 p(pfsyncs_stale, "\t\t%llu stale state%s\n"); 1212 p(pfsyncs_badstate, "\t\t%llu failed state lookup/insert%s\n"); 1213 p(pfsyncs_opackets, "\t%llu packet%s sent (IPv4)\n"); 1214 p(pfsyncs_opackets6, "\t%llu packet%s sent (IPv6)\n"); 1215 p2(pfsyncs_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1216 p2(pfsyncs_oerrors, "\t\t%llu send error\n"); 1217 #undef p 1218 #undef p2 1219 } 1220 1221 /* 1222 * Dump pflow statistics structure. 1223 */ 1224 void 1225 pflow_stats(char *name) 1226 { 1227 struct pflowstats flowstats; 1228 int mib[] = { CTL_NET, PF_PFLOW, NET_PFLOW_STATS }; 1229 size_t len = sizeof(struct pflowstats); 1230 1231 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), &flowstats, &len, 1232 NULL, 0) == -1) { 1233 if (errno != ENOPROTOOPT) 1234 warn("%s", name); 1235 return; 1236 } 1237 1238 printf("%s:\n", name); 1239 #define p(f, m) if (flowstats.f || sflag <= 1) \ 1240 printf(m, flowstats.f, plural(flowstats.f)) 1241 #define p2(f, m) if (flowstats.f || sflag <= 1) \ 1242 printf(m, flowstats.f) 1243 1244 p(pflow_flows, "\t%llu flow%s sent\n"); 1245 p(pflow_packets, "\t%llu packet%s sent\n"); 1246 p2(pflow_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1247 p2(pflow_oerrors, "\t\t%llu send error\n"); 1248 #undef p 1249 #undef p2 1250 } 1251 1252 /* 1253 * Dump IPCOMP statistics structure. 1254 */ 1255 void 1256 ipcomp_stats(char *name) 1257 { 1258 struct ipcompstat ipcompstat; 1259 int mib[] = { CTL_NET, PF_INET, IPPROTO_IPCOMP, IPCOMPCTL_STATS }; 1260 size_t len = sizeof(ipcompstat); 1261 1262 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1263 &ipcompstat, &len, NULL, 0) == -1) { 1264 if (errno != ENOPROTOOPT) 1265 warn("%s", name); 1266 return; 1267 } 1268 1269 printf("%s:\n", name); 1270 #define p(f, m) if (ipcompstat.f || sflag <= 1) \ 1271 printf(m, ipcompstat.f, plural(ipcompstat.f)) 1272 1273 p(ipcomps_input, "\t%llu input IPCOMP packet%s\n"); 1274 p(ipcomps_output, "\t%llu output IPCOMP packet%s\n"); 1275 p(ipcomps_nopf, "\t%llu packet%s from unsupported protocol families\n"); 1276 p(ipcomps_hdrops, "\t%llu packet%s shorter than header shows\n"); 1277 p(ipcomps_pdrops, "\t%llu packet%s dropped due to policy\n"); 1278 p(ipcomps_notdb, "\t%llu packet%s for which no TDB was found\n"); 1279 p(ipcomps_badkcr, "\t%llu input packet%s that failed to be processed\n"); 1280 p(ipcomps_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1281 p(ipcomps_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1282 p(ipcomps_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 1283 p(ipcomps_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 1284 p(ipcomps_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 1285 p(ipcomps_crypto, "\t%llu packet%s that failed (de)compression processing\n"); 1286 p(ipcomps_outfail, "\t%llu output packet%s could not be sent\n"); 1287 p(ipcomps_minlen, "\t%llu packet%s less than minimum compression length\n"); 1288 p(ipcomps_ibytes, "\t%llu input byte%s\n"); 1289 p(ipcomps_obytes, "\t%llu output byte%s\n"); 1290 1291 #undef p 1292 } 1293 1294 /* 1295 * Dump the contents of a socket structure 1296 */ 1297 void 1298 socket_dump(u_long off) 1299 { 1300 struct socket so; 1301 1302 if (off == 0) 1303 return; 1304 kread(off, &so, sizeof(so)); 1305 1306 #define p(fmt, v, sep) printf(#v " " fmt sep, so.v); 1307 #define pp(fmt, v, sep) printf(#v " " fmt sep, so.v); 1308 printf("socket %#lx\n ", off); 1309 p("%#.4x", so_type, "\n "); 1310 p("%#.4x", so_options, "\n "); 1311 p("%d", so_linger, "\n "); 1312 p("%#.4x", so_state, "\n "); 1313 pp("%p", so_pcb, ", "); 1314 pp("%p", so_proto, ", "); 1315 pp("%p", so_head, "\n "); 1316 p("%d", so_q0len, ", "); 1317 p("%d", so_qlen, ", "); 1318 p("%d", so_qlimit, "\n "); 1319 p("%d", so_timeo, "\n "); 1320 p("%u", so_error, "\n "); 1321 p("%p", so_sigio.sir_sigio, "\n "); 1322 p("%lu", so_oobmark, "\n "); 1323 if (so.so_sp) 1324 sosplice_dump((u_long)so.so_sp); 1325 sockbuf_dump(&so.so_rcv, "so_rcv"); 1326 sockbuf_dump(&so.so_snd, "so_snd"); 1327 p("%u", so_euid, ", "); 1328 p("%u", so_ruid, ", "); 1329 p("%u", so_egid, ", "); 1330 p("%u", so_rgid, "\n "); 1331 p("%d", so_cpid, "\n"); 1332 #undef p 1333 #undef pp 1334 1335 protosw_dump((u_long)so.so_proto, (u_long)so.so_pcb); 1336 } 1337 1338 /* 1339 * Dump the contents of a struct sosplice 1340 */ 1341 void 1342 sosplice_dump(u_long off) 1343 { 1344 struct sosplice ssp; 1345 1346 if (off == 0) 1347 return; 1348 kread(off, &ssp, sizeof(ssp)); 1349 1350 #define p(fmt, v, sep) printf(#v " " fmt sep, ssp.v); 1351 #define pll(fmt, v, sep) printf(#v " " fmt sep, (long long) ssp.v); 1352 #define pp(fmt, v, sep) printf(#v " " fmt sep, ssp.v); 1353 pp("%p", ssp_socket, ", "); 1354 pp("%p", ssp_soback, "\n "); 1355 p("%lld", ssp_len, ", "); 1356 p("%lld", ssp_max, ", "); 1357 pll("%lld", ssp_idletv.tv_sec, ", "); 1358 p("%ld", ssp_idletv.tv_usec, "\n "); 1359 #undef p 1360 #undef pll 1361 #undef pp 1362 } 1363 1364 /* 1365 * Dump the contents of a socket buffer 1366 */ 1367 void 1368 sockbuf_dump(struct sockbuf *sb, const char *name) 1369 { 1370 #define p(fmt, v, sep) printf(#v " " fmt sep, sb->v); 1371 printf("%s ", name); 1372 p("%lu", sb_cc, ", "); 1373 p("%lu", sb_datacc, ", "); 1374 p("%lu", sb_hiwat, ", "); 1375 p("%lu", sb_wat, "\n "); 1376 printf("%s ", name); 1377 p("%lu", sb_mbcnt, ", "); 1378 p("%lu", sb_mbmax, ", "); 1379 p("%ld", sb_lowat, "\n "); 1380 printf("%s ", name); 1381 p("%#.4x", sb_flags, ", "); 1382 p("%llu", sb_timeo_nsecs, "\n "); 1383 #undef p 1384 } 1385 1386 /* 1387 * Dump the contents of a protosw structure 1388 */ 1389 void 1390 protosw_dump(u_long off, u_long pcb) 1391 { 1392 struct protosw proto; 1393 1394 if (off == 0) 1395 return; 1396 kread(off, &proto, sizeof(proto)); 1397 1398 #define p(fmt, v, sep) printf(#v " " fmt sep, proto.v); 1399 #define pp(fmt, v, sep) printf(#v " " fmt sep, proto.v); 1400 printf("protosw %#lx\n ", off); 1401 p("%#.4x", pr_type, "\n "); 1402 pp("%p", pr_domain, "\n "); 1403 p("%d", pr_protocol, "\n "); 1404 p("%#.4x", pr_flags, "\n"); 1405 #undef p 1406 #undef pp 1407 1408 domain_dump((u_long)proto.pr_domain, pcb, proto.pr_protocol); 1409 } 1410 1411 /* 1412 * Dump the contents of a domain structure 1413 */ 1414 void 1415 domain_dump(u_long off, u_long pcb, short protocol) 1416 { 1417 struct domain dom; 1418 char name[256]; 1419 1420 if (off == 0) 1421 return; 1422 kread(off, &dom, sizeof(dom)); 1423 kread((u_long)dom.dom_name, name, sizeof(name)); 1424 1425 #define p(fmt, v, sep) printf(#v " " fmt sep, dom.v); 1426 printf("domain %#lx\n ", off); 1427 p("%d", dom_family, "\n "); 1428 printf("dom_name %.*s\n", (int)sizeof(name), name); 1429 #undef p 1430 } 1431 1432 /* 1433 * Dump the contents of a internet PCB 1434 */ 1435 void 1436 inpcb_dump(u_long off, short protocol, int af) 1437 { 1438 struct inpcb inp; 1439 char faddr[256], laddr[256], raddr[256]; 1440 1441 if (off == 0) 1442 return; 1443 kread(off, &inp, sizeof(inp)); 1444 1445 if (vflag) 1446 socket_dump((u_long)inp.inp_socket); 1447 1448 switch (af) { 1449 case AF_INET: 1450 inet_ntop(af, &inp.inp_faddr, faddr, sizeof(faddr)); 1451 inet_ntop(af, &inp.inp_laddr, laddr, sizeof(laddr)); 1452 inet_ntop(af, &((struct sockaddr_in *) 1453 (&inp.inp_route.ro_dst))->sin_addr, raddr, sizeof(raddr)); 1454 break; 1455 case AF_INET6: 1456 inet_ntop(af, &inp.inp_faddr6, faddr, sizeof(faddr)); 1457 inet_ntop(af, &inp.inp_laddr6, laddr, sizeof(laddr)); 1458 inet_ntop(af, &inp.inp_route6.ro_dst.sin6_addr, 1459 raddr, sizeof(raddr)); 1460 break; 1461 default: 1462 faddr[0] = laddr[0] = '\0'; 1463 } 1464 1465 #define p(fmt, v, sep) printf(#v " " fmt sep, inp.v); 1466 #define pp(fmt, v, sep) printf(#v " " fmt sep, inp.v); 1467 printf("inpcb %#lx\n ", off); 1468 pp("%p", inp_table, "\n "); 1469 printf("inp_faddru %s, inp_laddru %s\n ", faddr, laddr); 1470 HTONS(inp.inp_fport); 1471 HTONS(inp.inp_lport); 1472 p("%u", inp_fport, ", "); 1473 p("%u", inp_lport, "\n "); 1474 pp("%p", inp_socket, ", "); 1475 pp("%p", inp_ppcb, "\n "); 1476 pp("%p", inp_route.ro_rt, ", "); 1477 printf("ro_dst %s\n ", raddr); 1478 p("%#.8x", inp_flags, "\n "); 1479 p("%d", inp_hops, "\n "); 1480 p("%u", inp_seclevel[0], ", "); 1481 p("%u", inp_seclevel[1], ", "); 1482 p("%u", inp_seclevel[2], ", "); 1483 p("%u", inp_seclevel[3], "\n "); 1484 p("%u", inp_ip_minttl, "\n "); 1485 p("%d", inp_cksum6, "\n "); 1486 pp("%p", inp_icmp6filt, "\n "); 1487 pp("%p", inp_pf_sk, "\n "); 1488 p("%u", inp_rtableid, "\n "); 1489 p("%d", inp_pipex, "\n"); 1490 #undef p 1491 #undef pp 1492 1493 switch (protocol) { 1494 case IPPROTO_TCP: 1495 tcpcb_dump((u_long)inp.inp_ppcb); 1496 break; 1497 } 1498 } 1499 1500 /* 1501 * Dump the contents of a TCP PCB 1502 */ 1503 void 1504 tcpcb_dump(u_long off) 1505 { 1506 struct tcpcb tcpcb; 1507 1508 if (off == 0) 1509 return; 1510 kread(off, (char *)&tcpcb, sizeof (tcpcb)); 1511 1512 #define p(fmt, v, sep) printf(#v " " fmt sep, tcpcb.v); 1513 #define pp(fmt, v, sep) printf(#v " " fmt sep, tcpcb.v); 1514 printf("tcpcb %#lx\n ", off); 1515 pp("%p", t_inpcb, "\n "); 1516 p("%d", t_state, ""); 1517 if (tcpcb.t_state >= 0 && tcpcb.t_state < TCP_NSTATES) 1518 printf(" (%s)", tcpstates[tcpcb.t_state]); 1519 printf("\n "); 1520 p("%d", t_rxtshift, ", "); 1521 p("%d", t_rxtcur, ", "); 1522 p("%d", t_dupacks, "\n "); 1523 p("%u", t_maxseg, ", "); 1524 p("%u", t_maxopd, ", "); 1525 p("%u", t_peermss, "\n "); 1526 p("0x%x", t_flags, ", "); 1527 p("%u", t_force, "\n "); 1528 p("%u", iss, "\n "); 1529 p("%u", snd_una, ", "); 1530 p("%u", snd_nxt, ", "); 1531 p("%u", snd_up, "\n "); 1532 p("%u", snd_wl1, ", "); 1533 p("%u", snd_wl2, ", "); 1534 p("%lu", snd_wnd, "\n "); 1535 p("%d", sack_enable, ", "); 1536 p("%d", snd_numholes, ", "); 1537 p("%u", snd_last, "\n "); 1538 p("%u", irs, "\n "); 1539 p("%u", rcv_nxt, ", "); 1540 p("%u", rcv_up, ", "); 1541 p("%lu", rcv_wnd, "\n "); 1542 p("%u", rcv_lastsack, "\n "); 1543 p("%d", rcv_numsacks, "\n "); 1544 p("%u", rcv_adv, ", "); 1545 p("%u", snd_max, "\n "); 1546 p("%lu", snd_cwnd, ", "); 1547 p("%lu", snd_ssthresh, ", "); 1548 p("%lu", max_sndwnd, "\n "); 1549 p("%u", t_rcvtime, ", "); 1550 p("%u", t_rtttime, ", "); 1551 p("%u", t_rtseq, "\n "); 1552 p("%u", t_srtt, ", "); 1553 p("%u", t_rttvar, ", "); 1554 p("%u", t_rttmin, "\n "); 1555 p("%u", t_oobflags, ", "); 1556 p("%u", t_iobc, "\n "); 1557 p("%u", t_softerror, "\n "); 1558 p("%u", snd_scale, ", "); 1559 p("%u", rcv_scale, ", "); 1560 p("%u", request_r_scale, ", "); 1561 p("%u", requested_s_scale, "\n "); 1562 p("%u", ts_recent, ", "); 1563 p("%u", ts_recent_age, "\n "); 1564 p("%u", last_ack_sent, "\n "); 1565 HTONS(tcpcb.t_pmtud_ip_len); 1566 HTONS(tcpcb.t_pmtud_nextmtu); 1567 p("%u", t_pmtud_mss_acked, ", "); 1568 p("%u", t_pmtud_mtu_sent, "\n "); 1569 p("%u", t_pmtud_nextmtu, ", "); 1570 p("%u", t_pmtud_ip_len, ", "); 1571 p("%u", t_pmtud_ip_hl, "\n "); 1572 p("%u", t_pmtud_th_seq, "\n "); 1573 p("%u", pf, "\n"); 1574 #undef p 1575 #undef pp 1576 } 1577