1 /* $OpenBSD: inet.c,v 1.168 2020/01/15 14:02:37 mpi Exp $ */ 2 /* $NetBSD: inet.c,v 1.14 1995/10/03 21:42:37 thorpej Exp $ */ 3 4 /* 5 * Copyright (c) 1983, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include <sys/queue.h> 34 #include <sys/select.h> 35 #include <sys/socket.h> 36 #include <sys/socketvar.h> 37 #include <sys/domain.h> 38 #include <sys/protosw.h> 39 #include <sys/sysctl.h> 40 #define _KERNEL 41 #include <sys/file.h> 42 #undef _KERNEL 43 44 #include <net/route.h> 45 #include <netinet/in.h> 46 #include <netinet/ip.h> 47 #include <netinet/in_pcb.h> 48 #include <netinet/ip_icmp.h> 49 #include <netinet/icmp_var.h> 50 #include <netinet/igmp_var.h> 51 #include <netinet/ip_var.h> 52 #include <netinet/tcp.h> 53 #include <netinet/tcp_seq.h> 54 #define TCPSTATES 55 #include <netinet/tcp_fsm.h> 56 #include <netinet/tcp_timer.h> 57 #include <netinet/tcp_var.h> 58 #include <netinet/udp.h> 59 #include <netinet/udp_var.h> 60 #include <netinet/ip_ipsp.h> 61 #include <netinet/ip_ah.h> 62 #include <netinet/ip_esp.h> 63 #include <netinet/ip_ipip.h> 64 #include <netinet/ip_ipcomp.h> 65 #include <netinet/ip_ether.h> 66 #include <netinet/ip_carp.h> 67 #include <netinet/ip_divert.h> 68 #include <net/if.h> 69 #include <net/pfvar.h> 70 #include <net/if_pfsync.h> 71 #include <net/if_pflow.h> 72 73 #include <rpc/rpc.h> 74 #include <rpc/pmap_prot.h> 75 #include <rpc/pmap_clnt.h> 76 77 #include <arpa/inet.h> 78 #include <err.h> 79 #include <limits.h> 80 #include <netdb.h> 81 #include <stdio.h> 82 #include <string.h> 83 #include <unistd.h> 84 #include <stdlib.h> 85 #include <errno.h> 86 #include "netstat.h" 87 88 struct inpcb inpcb; 89 struct tcpcb tcpcb; 90 struct socket sockb; 91 92 char *inetname(struct in_addr *); 93 void inetprint(struct in_addr *, in_port_t, const char *, int); 94 char *inet6name(struct in6_addr *); 95 void sosplice_dump(u_long); 96 void sockbuf_dump(struct sockbuf *, const char *); 97 void protosw_dump(u_long, u_long); 98 void domain_dump(u_long, u_long, short); 99 void inpcb_dump(u_long, short, int); 100 void tcpcb_dump(u_long); 101 int kf_comp(const void *, const void *); 102 103 int type_map[] = { -1, 2, 3, 1, 4, 5 }; 104 105 int 106 kf_comp(const void *a, const void *b) 107 { 108 const struct kinfo_file *ka = a, *kb = b; 109 110 if (ka->so_family != kb->so_family) { 111 /* AF_INET < AF_INET6 < AF_LOCAL */ 112 if (ka->so_family == AF_INET) 113 return (-1); 114 if (ka->so_family == AF_LOCAL) 115 return (1); 116 if (kb->so_family == AF_LOCAL) 117 return (-1); 118 return (1); 119 } 120 if (ka->so_family == AF_LOCAL) { 121 if (type_map[ka->so_type] < type_map[kb->so_type]) 122 return (-1); 123 if (type_map[ka->so_type] > type_map[kb->so_type]) 124 return (1); 125 } else if (ka->so_family == AF_INET || ka->so_family == AF_INET6) { 126 if (ka->so_protocol < kb->so_protocol) 127 return (-1); 128 if (ka->so_protocol > kb->so_protocol) 129 return (1); 130 if (ka->so_type == SOCK_DGRAM || ka->so_type == SOCK_STREAM) { 131 /* order sockets by remote port desc */ 132 if (ka->inp_fport > kb->inp_fport) 133 return (-1); 134 if (ka->inp_fport < kb->inp_fport) 135 return (1); 136 } else if (ka->so_type == SOCK_RAW) { 137 if (ka->inp_proto > kb->inp_proto) 138 return (-1); 139 if (ka->inp_proto < kb->inp_proto) 140 return (1); 141 } 142 } 143 return (0); 144 } 145 146 void 147 protopr(kvm_t *kvmd, u_long pcbaddr, u_int tableid, int proto) 148 { 149 struct kinfo_file *kf; 150 int i, fcnt; 151 152 kf = kvm_getfiles(kvmd, KERN_FILE_BYFILE, DTYPE_SOCKET, 153 sizeof(*kf), &fcnt); 154 if (kf == NULL) { 155 printf("Out of memory (file table).\n"); 156 return; 157 } 158 159 /* sort sockets by AF and type */ 160 qsort(kf, fcnt, sizeof(*kf), kf_comp); 161 162 for (i = 0; i < fcnt; i++) { 163 if (Pflag) { 164 switch (kf[i].so_family) { 165 case AF_INET: 166 case AF_INET6: 167 /* 168 * XXX at the moment fstat returns the pointer 169 * to the so_pcb or for tcp sockets the tcpcb 170 * pointer (inp_ppcb) so check both. 171 */ 172 if (pcbaddr == kf[i].so_pcb) { 173 inpcb_dump(kf[i].so_pcb, 174 kf[i].so_protocol, 175 kf[i].so_family); 176 return; 177 } else if (pcbaddr == kf[i].inp_ppcb && 178 kf[i].so_protocol == IPPROTO_TCP) { 179 if (vflag) 180 inpcb_dump(kf[i].so_pcb, 181 kf[i].so_protocol, 182 kf[i].so_family); 183 else 184 tcpcb_dump(kf[i].inp_ppcb); 185 return; 186 } 187 break; 188 case AF_UNIX: 189 if (pcbaddr == kf[i].so_pcb) { 190 unpcb_dump(pcbaddr); 191 return; 192 } 193 break; 194 } 195 continue; 196 } 197 if (kf[i].so_family == AF_LOCAL && (kf[i].so_pcb != 0 || 198 kf[i].unp_path[0] != '\0')) 199 if ((af == AF_LOCAL || af == AF_UNSPEC) && !proto) 200 unixdomainpr(&kf[i]); 201 if (kf[i].so_family == AF_INET && kf[i].so_pcb != 0 && 202 kf[i].inp_rtableid == tableid) 203 if (af == AF_INET || af == AF_UNSPEC) 204 netdomainpr(&kf[i], proto); 205 if (kf[i].so_family == AF_INET6 && kf[i].so_pcb != 0 && 206 kf[i].inp_rtableid == tableid) 207 if (af == AF_INET6 || af == AF_UNSPEC) 208 netdomainpr(&kf[i], proto); 209 } 210 } 211 212 /* 213 * Print a summary of connections related to an Internet 214 * protocol. For TCP, also give state of connection. 215 * Listening processes (aflag) are suppressed unless the 216 * -a (all) flag is specified. 217 */ 218 void 219 netdomainpr(struct kinfo_file *kf, int proto) 220 { 221 static int af = 0, type = 0; 222 struct in_addr laddr, faddr; 223 struct in6_addr laddr6, faddr6; 224 const char *name, *name6; 225 int addrlen = 22; 226 int isany = 0; 227 int istcp = 0; 228 int isudp = 0; 229 int isip6 = 0; 230 231 /* XXX should fix kinfo_file instead but not now */ 232 if (kf->so_pcb == -1) 233 kf->so_pcb = 0; 234 235 switch (proto) { 236 case IPPROTO_TCP: 237 case IPPROTO_UDP: 238 case IPPROTO_DIVERT: 239 if (kf->so_protocol != proto) 240 return; 241 break; 242 case IPPROTO_IPV4: 243 if (kf->so_type != SOCK_RAW || kf->so_family != AF_INET) 244 return; 245 break; 246 case IPPROTO_IPV6: 247 if (kf->so_type != SOCK_RAW || kf->so_family != AF_INET6) 248 return; 249 break; 250 } 251 252 /* make in_addr6 access a bit easier */ 253 #define s6_addr32 __u6_addr.__u6_addr32 254 laddr.s_addr = kf->inp_laddru[0]; 255 laddr6.s6_addr32[0] = kf->inp_laddru[0]; 256 laddr6.s6_addr32[1] = kf->inp_laddru[1]; 257 laddr6.s6_addr32[2] = kf->inp_laddru[2]; 258 laddr6.s6_addr32[3] = kf->inp_laddru[3]; 259 260 faddr.s_addr = kf->inp_faddru[0]; 261 faddr6.s6_addr32[0] = kf->inp_faddru[0]; 262 faddr6.s6_addr32[1] = kf->inp_faddru[1]; 263 faddr6.s6_addr32[2] = kf->inp_faddru[2]; 264 faddr6.s6_addr32[3] = kf->inp_faddru[3]; 265 #undef s6_addr32 266 267 switch (kf->so_family) { 268 case AF_INET: 269 isany = faddr.s_addr == INADDR_ANY; 270 break; 271 case AF_INET6: 272 isany = IN6_IS_ADDR_UNSPECIFIED(&faddr6); 273 isip6 = 1; 274 break; 275 } 276 277 switch (kf->so_protocol) { 278 case IPPROTO_TCP: 279 name = "tcp"; 280 name6 = "tcp6"; 281 istcp = 1; 282 break; 283 case IPPROTO_UDP: 284 name = "udp"; 285 name6 = "udp6"; 286 isudp = 1; 287 break; 288 case IPPROTO_DIVERT: 289 name = "divert"; 290 name6 = "divert6"; 291 break; 292 default: 293 name = "ip"; 294 name6 = "ip6"; 295 break; 296 } 297 298 /* filter listening sockets out unless -a is set */ 299 if (!(aflag || lflag) && istcp && kf->t_state <= TCPS_LISTEN) 300 return; 301 else if (!(aflag || lflag) && isany) 302 return; 303 304 /* when -l is set, show only listening sockets */ 305 if (!aflag && lflag && istcp && 306 kf->t_state != TCPS_LISTEN) 307 return; 308 if (!aflag && lflag && isudp && 309 (kf->inp_lport == 0 || kf->inp_fport != 0)) 310 return; 311 312 if (af != kf->so_family || type != kf->so_type) { 313 af = kf->so_family; 314 type = kf->so_type; 315 printf("Active Internet connections"); 316 if (aflag) 317 printf(" (including servers)"); 318 else if (lflag && (istcp || isudp)) 319 printf(" (only servers)"); 320 putchar('\n'); 321 if (Aflag) { 322 addrlen = 18; 323 printf("%-*.*s ", PLEN, PLEN, "PCB"); 324 } 325 printf("%-7.7s %-6.6s %-6.6s ", 326 "Proto", "Recv-Q", "Send-Q"); 327 if (Bflag && istcp) 328 printf("%-6.6s %-6.6s %-6.6s ", 329 "Recv-W", "Send-W", "Cgst-W"); 330 printf(" %-*.*s %-*.*s %s\n", 331 addrlen, addrlen, "Local Address", 332 addrlen, addrlen, "Foreign Address", "(state)"); 333 } 334 335 if (Aflag) 336 printf("%#*llx%s ", FAKE_PTR(kf->so_protocol == IPPROTO_TCP ? 337 kf->inp_ppcb : kf->so_pcb)); 338 339 printf("%-7.7s %6llu %6llu ", 340 isip6 ? name6: name, kf->so_rcv_cc, kf->so_snd_cc); 341 if (Bflag && istcp) 342 printf("%6llu %6llu %6llu ", kf->t_rcv_wnd, kf->t_snd_wnd, 343 (kf->t_state == TCPS_ESTABLISHED) ? 344 kf->t_snd_cwnd : 0); 345 346 if (isip6) { 347 inet6print(&laddr6, kf->inp_lport, name); 348 inet6print(&faddr6, kf->inp_fport, name); 349 } else { 350 inetprint(&laddr, kf->inp_lport, name, 1); 351 inetprint(&faddr, kf->inp_fport, name, 0); 352 } 353 if (istcp) { 354 if (kf->t_state >= TCP_NSTATES) 355 printf(" %u", kf->t_state); 356 else 357 printf(" %s", tcpstates[kf->t_state]); 358 } else if (kf->so_type == SOCK_RAW) { 359 printf(" %u", kf->inp_proto); 360 } 361 putchar('\n'); 362 } 363 364 /* 365 * Dump TCP statistics structure. 366 */ 367 void 368 tcp_stats(char *name) 369 { 370 struct tcpstat tcpstat; 371 int mib[] = { CTL_NET, PF_INET, IPPROTO_TCP, TCPCTL_STATS }; 372 size_t len = sizeof(tcpstat); 373 374 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 375 &tcpstat, &len, NULL, 0) == -1) { 376 if (errno != ENOPROTOOPT) 377 warn("%s", name); 378 return; 379 } 380 381 printf("%s:\n", name); 382 #define p(f, m) if (tcpstat.f || sflag <= 1) \ 383 printf(m, tcpstat.f, plural(tcpstat.f)) 384 #define p1(f, m) if (tcpstat.f || sflag <= 1) \ 385 printf(m, tcpstat.f) 386 #define p2(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 387 printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2, plural(tcpstat.f2)) 388 #define p2a(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ 389 printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2) 390 #define p2b(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ 391 printf(m, tcpstat.f1, tcpstat.f2) 392 #define p2bys(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ 393 printf(m, tcpstat.f1, pluralys(tcpstat.f1), tcpstat.f2) 394 #define pes(f, m) if (tcpstat.f || sflag <= 1) \ 395 printf(m, tcpstat.f, plurales(tcpstat.f)) 396 #define pys(f, m) if (tcpstat.f || sflag <= 1) \ 397 printf(m, tcpstat.f, pluralys(tcpstat.f)) 398 399 p(tcps_sndtotal, "\t%u packet%s sent\n"); 400 p2(tcps_sndpack,tcps_sndbyte, 401 "\t\t%u data packet%s (%llu byte%s)\n"); 402 p2(tcps_sndrexmitpack, tcps_sndrexmitbyte, 403 "\t\t%u data packet%s (%llu byte%s) retransmitted\n"); 404 p(tcps_sndrexmitfast, "\t\t%llu fast retransmitted packet%s\n"); 405 p2a(tcps_sndacks, tcps_delack, 406 "\t\t%u ack-only packet%s (%u delayed)\n"); 407 p(tcps_sndurg, "\t\t%u URG only packet%s\n"); 408 p(tcps_sndprobe, "\t\t%u window probe packet%s\n"); 409 p(tcps_sndwinup, "\t\t%u window update packet%s\n"); 410 p(tcps_sndctrl, "\t\t%u control packet%s\n"); 411 p(tcps_outswcsum, "\t\t%u packet%s software-checksummed\n"); 412 p(tcps_rcvtotal, "\t%u packet%s received\n"); 413 p2(tcps_rcvackpack, tcps_rcvackbyte, "\t\t%u ack%s (for %llu byte%s)\n"); 414 p(tcps_rcvdupack, "\t\t%u duplicate ack%s\n"); 415 p(tcps_rcvacktoomuch, "\t\t%u ack%s for unsent data\n"); 416 p(tcps_rcvacktooold, "\t\t%u ack%s for old data\n"); 417 p2(tcps_rcvpack, tcps_rcvbyte, 418 "\t\t%u packet%s (%llu byte%s) received in-sequence\n"); 419 p2(tcps_rcvduppack, tcps_rcvdupbyte, 420 "\t\t%u completely duplicate packet%s (%llu byte%s)\n"); 421 p(tcps_pawsdrop, "\t\t%u old duplicate packet%s\n"); 422 p2(tcps_rcvpartduppack, tcps_rcvpartdupbyte, 423 "\t\t%u packet%s with some duplicate data (%llu byte%s duplicated)\n"); 424 p2(tcps_rcvoopack, tcps_rcvoobyte, 425 "\t\t%u out-of-order packet%s (%llu byte%s)\n"); 426 p2(tcps_rcvpackafterwin, tcps_rcvbyteafterwin, 427 "\t\t%u packet%s (%llu byte%s) of data after window\n"); 428 p(tcps_rcvwinprobe, "\t\t%u window probe%s\n"); 429 p(tcps_rcvwinupd, "\t\t%u window update packet%s\n"); 430 p(tcps_rcvafterclose, "\t\t%u packet%s received after close\n"); 431 p(tcps_rcvbadsum, "\t\t%u discarded for bad checksum%s\n"); 432 p(tcps_rcvbadoff, "\t\t%u discarded for bad header offset field%s\n"); 433 p1(tcps_rcvshort, "\t\t%u discarded because packet too short\n"); 434 p1(tcps_rcvnosec, "\t\t%u discarded for missing IPsec protection\n"); 435 p1(tcps_rcvmemdrop, "\t\t%u discarded due to memory shortage\n"); 436 p(tcps_inswcsum, "\t\t%u packet%s software-checksummed\n"); 437 p(tcps_rcvbadsig, "\t\t%u bad/missing md5 checksum%s\n"); 438 p(tcps_rcvgoodsig, "\t\t%llu good md5 checksum%s\n"); 439 p(tcps_connattempt, "\t%u connection request%s\n"); 440 p(tcps_accepts, "\t%u connection accept%s\n"); 441 p(tcps_connects, "\t%u connection%s established (including accepts)\n"); 442 p2(tcps_closed, tcps_drops, 443 "\t%u connection%s closed (including %u drop%s)\n"); 444 p(tcps_conndrained, "\t%llu connection%s drained\n"); 445 p(tcps_conndrops, "\t%u embryonic connection%s dropped\n"); 446 p2(tcps_rttupdated, tcps_segstimed, 447 "\t%u segment%s updated rtt (of %u attempt%s)\n"); 448 p(tcps_rexmttimeo, "\t%u retransmit timeout%s\n"); 449 p(tcps_timeoutdrop, "\t\t%u connection%s dropped by rexmit timeout\n"); 450 p(tcps_persisttimeo, "\t%u persist timeout%s\n"); 451 p(tcps_keeptimeo, "\t%u keepalive timeout%s\n"); 452 p(tcps_keepprobe, "\t\t%u keepalive probe%s sent\n"); 453 p(tcps_keepdrops, "\t\t%u connection%s dropped by keepalive\n"); 454 p(tcps_predack, "\t%u correct ACK header prediction%s\n"); 455 p(tcps_preddat, "\t%u correct data packet header prediction%s\n"); 456 pes(tcps_pcbhashmiss, "\t%u PCB cache miss%s\n"); 457 p1(tcps_noport, "\t%u dropped due to no socket\n"); 458 459 p(tcps_ecn_accepts, "\t%u ECN connection%s accepted\n"); 460 p(tcps_ecn_rcvece, "\t\t%u ECE packet%s received\n"); 461 p(tcps_ecn_rcvcwr, "\t\t%u CWR packet%s received\n"); 462 p(tcps_ecn_rcvce, "\t\t%u CE packet%s received\n"); 463 p(tcps_ecn_sndect, "\t\t%u ECT packet%s sent\n"); 464 p(tcps_ecn_sndece, "\t\t%u ECE packet%s sent\n"); 465 p(tcps_ecn_sndcwr, "\t\t%u CWR packet%s sent\n"); 466 p1(tcps_cwr_frecovery, "\t\t\tcwr by fastrecovery: %u\n"); 467 p1(tcps_cwr_timeout, "\t\t\tcwr by timeout: %u\n"); 468 p1(tcps_cwr_ecn, "\t\t\tcwr by ecn: %u\n"); 469 470 p(tcps_badsyn, "\t%u bad connection attempt%s\n"); 471 p(tcps_dropsyn, "\t%u SYN packet%s dropped due to queue or memory full\n"); 472 pys(tcps_sc_added, "\t%llu SYN cache entr%s added\n"); 473 p(tcps_sc_collisions, "\t\t%llu hash collision%s\n"); 474 p1(tcps_sc_completed, "\t\t%llu completed\n"); 475 p1(tcps_sc_aborted, "\t\t%llu aborted (no space to build PCB)\n"); 476 p1(tcps_sc_timed_out, "\t\t%llu timed out\n"); 477 p1(tcps_sc_overflowed, "\t\t%llu dropped due to overflow\n"); 478 p1(tcps_sc_bucketoverflow, "\t\t%llu dropped due to bucket overflow\n"); 479 p1(tcps_sc_reset, "\t\t%llu dropped due to RST\n"); 480 p1(tcps_sc_unreach, "\t\t%llu dropped due to ICMP unreachable\n"); 481 p(tcps_sc_retransmitted, "\t%llu SYN,ACK%s retransmitted\n"); 482 p(tcps_sc_dupesyn, "\t%llu duplicate SYN%s received for entries " 483 "already in the cache\n"); 484 p(tcps_sc_dropped, "\t%llu SYN%s dropped (no route or no space)\n"); 485 p(tcps_sc_seedrandom, "\t%llu SYN cache seed%s with new random\n"); 486 p1(tcps_sc_hash_size, "\t%llu hash bucket array size in current " 487 "SYN cache\n"); 488 p2bys(tcps_sc_entry_count, tcps_sc_entry_limit, 489 "\t%llu entr%s in current SYN cache, limit is %llu\n"); 490 p2b(tcps_sc_bucket_maxlen, tcps_sc_bucket_limit, 491 "\t%llu longest bucket length in current SYN cache, limit is %llu\n"); 492 p(tcps_sc_uses_left, "\t%llu use%s of current SYN cache left\n"); 493 494 p(tcps_sack_recovery_episode, "\t%llu SACK recovery episode%s\n"); 495 p(tcps_sack_rexmits, 496 "\t\t%llu segment rexmit%s in SACK recovery episodes\n"); 497 p(tcps_sack_rexmit_bytes, 498 "\t\t%llu byte rexmit%s in SACK recovery episodes\n"); 499 p(tcps_sack_rcv_opts, "\t%llu SACK option%s received\n"); 500 p(tcps_sack_snd_opts, "\t%llu SACK option%s sent\n"); 501 p(tcps_sack_drop_opts, "\t%llu SACK option%s dropped\n"); 502 503 #undef p 504 #undef p1 505 #undef p2 506 #undef p2a 507 #undef p2b 508 #undef p2bys 509 #undef pes 510 #undef pys 511 } 512 513 /* 514 * Dump UDP statistics structure. 515 */ 516 void 517 udp_stats(char *name) 518 { 519 struct udpstat udpstat; 520 u_long delivered; 521 int mib[] = { CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_STATS }; 522 size_t len = sizeof(udpstat); 523 524 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 525 &udpstat, &len, NULL, 0) == -1) { 526 if (errno != ENOPROTOOPT) 527 warn("%s", name); 528 return; 529 } 530 531 printf("%s:\n", name); 532 #define p(f, m) if (udpstat.f || sflag <= 1) \ 533 printf(m, udpstat.f, plural(udpstat.f)) 534 #define p1(f, m) if (udpstat.f || sflag <= 1) \ 535 printf(m, udpstat.f) 536 537 p(udps_ipackets, "\t%lu datagram%s received\n"); 538 p1(udps_hdrops, "\t%lu with incomplete header\n"); 539 p1(udps_badlen, "\t%lu with bad data length field\n"); 540 p1(udps_badsum, "\t%lu with bad checksum\n"); 541 p1(udps_nosum, "\t%lu with no checksum\n"); 542 p(udps_inswcsum, "\t%lu input packet%s software-checksummed\n"); 543 p(udps_outswcsum, "\t%lu output packet%s software-checksummed\n"); 544 p1(udps_noport, "\t%lu dropped due to no socket\n"); 545 p(udps_noportbcast, "\t%lu broadcast/multicast datagram%s dropped due to no socket\n"); 546 p1(udps_nosec, "\t%lu dropped due to missing IPsec protection\n"); 547 p1(udps_fullsock, "\t%lu dropped due to full socket buffers\n"); 548 delivered = udpstat.udps_ipackets - udpstat.udps_hdrops - 549 udpstat.udps_badlen - udpstat.udps_badsum - 550 udpstat.udps_noport - udpstat.udps_noportbcast - 551 udpstat.udps_fullsock; 552 if (delivered || sflag <= 1) 553 printf("\t%lu delivered\n", delivered); 554 p(udps_opackets, "\t%lu datagram%s output\n"); 555 p1(udps_pcbhashmiss, "\t%lu missed PCB cache\n"); 556 #undef p 557 #undef p1 558 } 559 560 /* 561 * Dump IP statistics structure. 562 */ 563 void 564 ip_stats(char *name) 565 { 566 struct ipstat ipstat; 567 int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_STATS }; 568 size_t len = sizeof(ipstat); 569 570 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 571 &ipstat, &len, NULL, 0) == -1) { 572 if (errno != ENOPROTOOPT) 573 warn("%s", name); 574 return; 575 } 576 577 printf("%s:\n", name); 578 #define p(f, m) if (ipstat.f || sflag <= 1) \ 579 printf(m, ipstat.f, plural(ipstat.f)) 580 #define p1(f, m) if (ipstat.f || sflag <= 1) \ 581 printf(m, ipstat.f) 582 583 p(ips_total, "\t%lu total packet%s received\n"); 584 p(ips_badsum, "\t%lu bad header checksum%s\n"); 585 p1(ips_toosmall, "\t%lu with size smaller than minimum\n"); 586 p1(ips_tooshort, "\t%lu with data size < data length\n"); 587 p1(ips_badhlen, "\t%lu with header length < data size\n"); 588 p1(ips_badlen, "\t%lu with data length < header length\n"); 589 p1(ips_badoptions, "\t%lu with bad options\n"); 590 p1(ips_badvers, "\t%lu with incorrect version number\n"); 591 p(ips_fragments, "\t%lu fragment%s received\n"); 592 p(ips_fragdropped, "\t%lu fragment%s dropped (duplicates or out of space)\n"); 593 p(ips_badfrags, "\t%lu malformed fragment%s dropped\n"); 594 p(ips_fragtimeout, "\t%lu fragment%s dropped after timeout\n"); 595 p(ips_reassembled, "\t%lu packet%s reassembled ok\n"); 596 p(ips_delivered, "\t%lu packet%s for this host\n"); 597 p(ips_noproto, "\t%lu packet%s for unknown/unsupported protocol\n"); 598 p(ips_forward, "\t%lu packet%s forwarded\n"); 599 p(ips_cantforward, "\t%lu packet%s not forwardable\n"); 600 p(ips_redirectsent, "\t%lu redirect%s sent\n"); 601 p(ips_localout, "\t%lu packet%s sent from this host\n"); 602 p(ips_rawout, "\t%lu packet%s sent with fabricated ip header\n"); 603 p(ips_odropped, "\t%lu output packet%s dropped due to no bufs, etc.\n"); 604 p(ips_noroute, "\t%lu output packet%s discarded due to no route\n"); 605 p(ips_fragmented, "\t%lu output datagram%s fragmented\n"); 606 p(ips_ofragments, "\t%lu fragment%s created\n"); 607 p(ips_cantfrag, "\t%lu datagram%s that can't be fragmented\n"); 608 p1(ips_rcvmemdrop, "\t%lu fragment floods\n"); 609 p(ips_toolong, "\t%lu packet%s with ip length > max ip packet size\n"); 610 p(ips_nogif, "\t%lu tunneling packet%s that can't find gif\n"); 611 p(ips_badaddr, "\t%lu datagram%s with bad address in header\n"); 612 p(ips_inswcsum, "\t%lu input datagram%s software-checksummed\n"); 613 p(ips_outswcsum, "\t%lu output datagram%s software-checksummed\n"); 614 p(ips_notmember, "\t%lu multicast packet%s which we don't join\n"); 615 p(ips_wrongif, "\t%lu packet%s received on wrong interface\n"); 616 #undef p 617 #undef p1 618 } 619 620 /* 621 * Dump DIVERT statistics structure. 622 */ 623 void 624 div_stats(char *name) 625 { 626 struct divstat divstat; 627 int mib[] = { CTL_NET, PF_INET, IPPROTO_DIVERT, DIVERTCTL_STATS }; 628 size_t len = sizeof(divstat); 629 630 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 631 &divstat, &len, NULL, 0) == -1) { 632 if (errno != ENOPROTOOPT) 633 warn("%s", name); 634 return; 635 } 636 637 printf("%s:\n", name); 638 #define p(f, m) if (divstat.f || sflag <= 1) \ 639 printf(m, divstat.f, plural(divstat.f)) 640 #define p1(f, m) if (divstat.f || sflag <= 1) \ 641 printf(m, divstat.f) 642 p(divs_ipackets, "\t%lu total packet%s received\n"); 643 p1(divs_noport, "\t%lu dropped due to no socket\n"); 644 p1(divs_fullsock, "\t%lu dropped due to full socket buffers\n"); 645 p(divs_opackets, "\t%lu packet%s output\n"); 646 p1(divs_errors, "\t%lu errors\n"); 647 #undef p 648 #undef p1 649 } 650 651 static char *icmpnames[ICMP_MAXTYPE + 1] = { 652 "echo reply", 653 "#1", 654 "#2", 655 "destination unreachable", 656 "source quench", 657 "routing redirect", 658 "#6", 659 "#7", 660 "echo", 661 "router advertisement", 662 "router solicitation", 663 "time exceeded", 664 "parameter problem", 665 "time stamp", 666 "time stamp reply", 667 "information request", 668 "information request reply", 669 "address mask request", 670 "address mask reply", 671 "#19", 672 "#20", 673 "#21", 674 "#22", 675 "#23", 676 "#24", 677 "#25", 678 "#26", 679 "#27", 680 "#28", 681 "#29", 682 "traceroute", 683 "data conversion error", 684 "mobile host redirect", 685 "IPv6 where-are-you", 686 "IPv6 i-am-here", 687 "mobile registration request", 688 "mobile registration reply", 689 "#37", 690 "#38", 691 "SKIP", 692 "Photuris", 693 }; 694 695 /* 696 * Dump ICMP statistics. 697 */ 698 void 699 icmp_stats(char *name) 700 { 701 struct icmpstat icmpstat; 702 int i, first; 703 int mib[] = { CTL_NET, PF_INET, IPPROTO_ICMP, ICMPCTL_STATS }; 704 size_t len = sizeof(icmpstat); 705 706 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 707 &icmpstat, &len, NULL, 0) == -1) { 708 if (errno != ENOPROTOOPT) 709 warn("%s", name); 710 return; 711 } 712 713 printf("%s:\n", name); 714 #define p(f, m) if (icmpstat.f || sflag <= 1) \ 715 printf(m, icmpstat.f, plural(icmpstat.f)) 716 717 p(icps_error, "\t%lu call%s to icmp_error\n"); 718 p(icps_oldicmp, 719 "\t%lu error%s not generated because old message was icmp\n"); 720 p(icps_toofreq, 721 "\t%lu error%s not generated because of rate limitation\n"); 722 723 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 724 if (icmpstat.icps_outhist[i] != 0) { 725 if (first) { 726 printf("\tOutput packet histogram:\n"); 727 first = 0; 728 } 729 if (icmpnames[i]) 730 printf("\t\t%s:", icmpnames[i]); 731 else 732 printf("\t\t#%d:", i); 733 printf(" %lu\n", icmpstat.icps_outhist[i]); 734 } 735 p(icps_badcode, "\t%lu message%s with bad code fields\n"); 736 p(icps_tooshort, "\t%lu message%s < minimum length\n"); 737 p(icps_checksum, "\t%lu bad checksum%s\n"); 738 p(icps_badlen, "\t%lu message%s with bad length\n"); 739 p(icps_bmcastecho, "\t%lu echo request%s to broadcast/multicast " 740 "rejected\n"); 741 for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++) 742 if (icmpstat.icps_inhist[i] != 0) { 743 if (first) { 744 printf("\tInput packet histogram:\n"); 745 first = 0; 746 } 747 if (icmpnames[i]) 748 printf("\t\t%s:", icmpnames[i]); 749 else 750 printf("\t\t#%d:", i); 751 printf(" %lu\n", icmpstat.icps_inhist[i]); 752 } 753 p(icps_reflect, "\t%lu message response%s generated\n"); 754 #undef p 755 } 756 757 /* 758 * Dump IGMP statistics structure. 759 */ 760 void 761 igmp_stats(char *name) 762 { 763 struct igmpstat igmpstat; 764 int mib[] = { CTL_NET, PF_INET, IPPROTO_IGMP, IGMPCTL_STATS }; 765 size_t len = sizeof(igmpstat); 766 767 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 768 &igmpstat, &len, NULL, 0) == -1) { 769 if (errno != ENOPROTOOPT) 770 warn("%s", name); 771 return; 772 } 773 774 printf("%s:\n", name); 775 #define p(f, m) if (igmpstat.f || sflag <= 1) \ 776 printf(m, igmpstat.f, plural(igmpstat.f)) 777 #define py(f, m) if (igmpstat.f || sflag <= 1) \ 778 printf(m, igmpstat.f, igmpstat.f != 1 ? "ies" : "y") 779 780 p(igps_rcv_total, "\t%lu message%s received\n"); 781 p(igps_rcv_tooshort, "\t%lu message%s received with too few bytes\n"); 782 p(igps_rcv_badsum, "\t%lu message%s received with bad checksum\n"); 783 py(igps_rcv_queries, "\t%lu membership quer%s received\n"); 784 py(igps_rcv_badqueries, "\t%lu membership quer%s received with invalid field(s)\n"); 785 p(igps_rcv_reports, "\t%lu membership report%s received\n"); 786 p(igps_rcv_badreports, "\t%lu membership report%s received with invalid field(s)\n"); 787 p(igps_rcv_ourreports, "\t%lu membership report%s received for groups to which we belong\n"); 788 p(igps_snd_reports, "\t%lu membership report%s sent\n"); 789 #undef p 790 #undef py 791 } 792 793 struct rpcnams { 794 struct rpcnams *next; 795 in_port_t port; 796 int proto; 797 char *rpcname; 798 }; 799 800 static char * 801 getrpcportnam(in_port_t port, int proto) 802 { 803 struct sockaddr_in server_addr; 804 struct hostent *hp; 805 static struct pmaplist *head; 806 int socket = RPC_ANYSOCK; 807 struct timeval minutetimeout; 808 CLIENT *client; 809 struct rpcent *rpc; 810 static int first; 811 static struct rpcnams *rpcn; 812 struct rpcnams *n; 813 char num[20]; 814 815 if (first == 0) { 816 first = 1; 817 memset(&server_addr, 0, sizeof server_addr); 818 server_addr.sin_family = AF_INET; 819 if ((hp = gethostbyname("localhost")) != NULL) 820 memmove((caddr_t)&server_addr.sin_addr, hp->h_addr, 821 hp->h_length); 822 else 823 (void) inet_aton("0.0.0.0", &server_addr.sin_addr); 824 825 minutetimeout.tv_sec = 60; 826 minutetimeout.tv_usec = 0; 827 server_addr.sin_port = htons(PMAPPORT); 828 if ((client = clnttcp_create(&server_addr, PMAPPROG, 829 PMAPVERS, &socket, 50, 500)) == NULL) 830 return (NULL); 831 if (clnt_call(client, PMAPPROC_DUMP, xdr_void, NULL, 832 xdr_pmaplist, &head, minutetimeout) != RPC_SUCCESS) { 833 clnt_destroy(client); 834 return (NULL); 835 } 836 for (; head != NULL; head = head->pml_next) { 837 n = malloc(sizeof(struct rpcnams)); 838 if (n == NULL) 839 continue; 840 n->next = rpcn; 841 rpcn = n; 842 n->port = head->pml_map.pm_port; 843 n->proto = head->pml_map.pm_prot; 844 845 rpc = getrpcbynumber(head->pml_map.pm_prog); 846 if (rpc) 847 n->rpcname = strdup(rpc->r_name); 848 else { 849 snprintf(num, sizeof num, "%ld", 850 head->pml_map.pm_prog); 851 n->rpcname = strdup(num); 852 } 853 } 854 clnt_destroy(client); 855 } 856 857 for (n = rpcn; n; n = n->next) 858 if (n->port == port && n->proto == proto) 859 return (n->rpcname); 860 return (NULL); 861 } 862 863 /* 864 * Pretty print an Internet address (net address + port). 865 * If the nflag was specified, use numbers instead of names. 866 */ 867 void 868 inetprint(struct in_addr *in, in_port_t port, const char *proto, int local) 869 { 870 struct servent *sp = 0; 871 char line[80], *cp, *nam; 872 int width; 873 874 snprintf(line, sizeof line, "%.*s.", (Aflag && !nflag) ? 12 : 16, 875 inetname(in)); 876 cp = strchr(line, '\0'); 877 if (!nflag && port) 878 sp = getservbyport((int)port, proto); 879 if (sp || port == 0) 880 snprintf(cp, line + sizeof line - cp, "%.8s", 881 sp ? sp->s_name : "*"); 882 else if (local && !nflag && (nam = getrpcportnam(ntohs(port), 883 (strcmp(proto, "tcp") == 0 ? IPPROTO_TCP : IPPROTO_UDP)))) 884 snprintf(cp, line + sizeof line - cp, "%d[%.8s]", 885 ntohs(port), nam); 886 else 887 snprintf(cp, line + sizeof line - cp, "%d", ntohs(port)); 888 width = Aflag ? 18 : 22; 889 printf(" %-*.*s", width, width, line); 890 } 891 892 /* 893 * Construct an Internet address representation. 894 * If the nflag has been supplied, give 895 * numeric value, otherwise try for symbolic name. 896 */ 897 char * 898 inetname(struct in_addr *inp) 899 { 900 char *cp; 901 static char line[50]; 902 struct hostent *hp; 903 static char domain[HOST_NAME_MAX+1]; 904 static int first = 1; 905 906 if (first && !nflag) { 907 first = 0; 908 if (gethostname(domain, sizeof(domain)) == 0 && 909 (cp = strchr(domain, '.'))) 910 (void) strlcpy(domain, cp + 1, sizeof domain); 911 else 912 domain[0] = '\0'; 913 } 914 cp = NULL; 915 if (!nflag && inp->s_addr != INADDR_ANY) { 916 hp = gethostbyaddr((char *)inp, sizeof (*inp), AF_INET); 917 if (hp) { 918 if ((cp = strchr(hp->h_name, '.')) && 919 !strcmp(cp + 1, domain)) 920 *cp = '\0'; 921 cp = hp->h_name; 922 } 923 } 924 if (inp->s_addr == INADDR_ANY) 925 snprintf(line, sizeof line, "*"); 926 else if (cp) 927 snprintf(line, sizeof line, "%s", cp); 928 else { 929 inp->s_addr = ntohl(inp->s_addr); 930 #define C(x) ((x) & 0xff) 931 snprintf(line, sizeof line, "%u.%u.%u.%u", 932 C(inp->s_addr >> 24), C(inp->s_addr >> 16), 933 C(inp->s_addr >> 8), C(inp->s_addr)); 934 } 935 return (line); 936 } 937 938 /* 939 * Dump AH statistics structure. 940 */ 941 void 942 ah_stats(char *name) 943 { 944 struct ahstat ahstat; 945 int mib[] = { CTL_NET, PF_INET, IPPROTO_AH, AHCTL_STATS }; 946 size_t len = sizeof(ahstat); 947 948 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 949 &ahstat, &len, NULL, 0) == -1) { 950 if (errno != ENOPROTOOPT) 951 warn("%s", name); 952 return; 953 } 954 955 printf("%s:\n", name); 956 #define p(f, m) if (ahstat.f || sflag <= 1) \ 957 printf(m, ahstat.f, plural(ahstat.f)) 958 #define p1(f, m) if (ahstat.f || sflag <= 1) \ 959 printf(m, ahstat.f) 960 961 p1(ahs_input, "\t%llu input AH packets\n"); 962 p1(ahs_output, "\t%llu output AH packets\n"); 963 p(ahs_nopf, "\t%llu packet%s from unsupported protocol families\n"); 964 p(ahs_hdrops, "\t%llu packet%s shorter than header shows\n"); 965 p(ahs_pdrops, "\t%llu packet%s dropped due to policy\n"); 966 p(ahs_notdb, "\t%llu packet%s for which no TDB was found\n"); 967 p(ahs_badkcr, "\t%llu input packet%s that failed to be processed\n"); 968 p(ahs_badauth, "\t%llu packet%s that failed verification received\n"); 969 p(ahs_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 970 p(ahs_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 971 p(ahs_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 972 p(ahs_replay, "\t%llu possibly replayed packet%s received\n"); 973 p(ahs_badauthl, "\t%llu packet%s with bad authenticator length received\n"); 974 p(ahs_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 975 p(ahs_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 976 p(ahs_crypto, "\t%llu packet%s that failed crypto processing\n"); 977 p(ahs_outfail, "\t%llu output packet%s could not be sent\n"); 978 p(ahs_ibytes, "\t%llu input byte%s\n"); 979 p(ahs_obytes, "\t%llu output byte%s\n"); 980 981 #undef p 982 #undef p1 983 } 984 985 /* 986 * Dump etherip statistics structure. 987 */ 988 void 989 etherip_stats(char *name) 990 { 991 struct etheripstat etheripstat; 992 int mib[] = { CTL_NET, PF_INET, IPPROTO_ETHERIP, ETHERIPCTL_STATS }; 993 size_t len = sizeof(etheripstat); 994 995 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 996 ðeripstat, &len, NULL, 0) == -1) { 997 if (errno != ENOPROTOOPT) 998 warn("%s", name); 999 return; 1000 } 1001 1002 printf("%s:\n", name); 1003 #define p(f, m) if (etheripstat.f || sflag <= 1) \ 1004 printf(m, etheripstat.f, plural(etheripstat.f)) 1005 1006 p(etherips_hdrops, "\t%llu packet%s shorter than header shows\n"); 1007 p(etherips_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1008 p(etherips_noifdrops, "\t%llu packet%s were dropped because of no interface/bridge information\n"); 1009 p(etherips_pdrops, "\t%llu packet%s dropped due to policy\n"); 1010 p(etherips_adrops, "\t%llu packet%s dropped for other reasons\n"); 1011 p(etherips_ipackets, "\t%llu input ethernet-in-IP packet%s\n"); 1012 p(etherips_opackets, "\t%llu output ethernet-in-IP packet%s\n"); 1013 p(etherips_ibytes, "\t%llu input byte%s\n"); 1014 p(etherips_obytes, "\t%llu output byte%s\n"); 1015 #undef p 1016 } 1017 1018 /* 1019 * Dump IPsec statistics structure. 1020 */ 1021 void 1022 ipsec_stats(char *name) 1023 { 1024 struct ipsecstat ipsecstat; 1025 int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IPSEC_STATS }; 1026 size_t len = sizeof(ipsecstat); 1027 1028 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1029 &ipsecstat, &len, NULL, 0) == -1) { 1030 if (errno != ENOPROTOOPT) 1031 warn("%s", name); 1032 return; 1033 } 1034 1035 printf("%s:\n", name); 1036 #define p(f, m) if (ipsecstat.f || sflag <= 1) \ 1037 printf(m, ipsecstat.f, plural(ipsecstat.f)) 1038 p(ipsec_ipackets, "\t%llu input IPsec packet%s\n"); 1039 p(ipsec_opackets, "\t%llu output IPsec packet%s\n"); 1040 p(ipsec_ibytes, "\t%llu input byte%s\n"); 1041 p(ipsec_obytes, "\t%llu output byte%s\n"); 1042 p(ipsec_idecompbytes, "\t%llu input byte%s, decompressed\n"); 1043 p(ipsec_ouncompbytes, "\t%llu output byte%s, uncompressed\n"); 1044 p(ipsec_idrops, "\t%llu packet%s dropped on input\n"); 1045 p(ipsec_odrops, "\t%llu packet%s dropped on output\n"); 1046 p(ipsec_crypto, "\t%llu packet%s that failed crypto processing\n"); 1047 p(ipsec_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1048 p(ipsec_notdb, "\t%llu packet%s for which no TDB was found\n"); 1049 #undef p 1050 } 1051 1052 /* 1053 * Dump ESP statistics structure. 1054 */ 1055 void 1056 esp_stats(char *name) 1057 { 1058 struct espstat espstat; 1059 int mib[] = { CTL_NET, PF_INET, IPPROTO_ESP, ESPCTL_STATS }; 1060 size_t len = sizeof(espstat); 1061 1062 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1063 &espstat, &len, NULL, 0) == -1) { 1064 if (errno != ENOPROTOOPT) 1065 warn("%s", name); 1066 return; 1067 } 1068 1069 printf("%s:\n", name); 1070 #define p(f, m) if (espstat.f || sflag <= 1) \ 1071 printf(m, espstat.f, plural(espstat.f)) 1072 1073 p(esps_input, "\t%llu input ESP packet%s\n"); 1074 p(esps_output, "\t%llu output ESP packet%s\n"); 1075 p(esps_nopf, "\t%llu packet%s from unsupported protocol families\n"); 1076 p(esps_hdrops, "\t%llu packet%s shorter than header shows\n"); 1077 p(esps_pdrops, "\t%llu packet%s dropped due to policy\n"); 1078 p(esps_notdb, "\t%llu packet%s for which no TDB was found\n"); 1079 p(esps_badkcr, "\t%llu input packet%s that failed to be processed\n"); 1080 p(esps_badenc, "\t%llu packet%s with bad encryption received\n"); 1081 p(esps_badauth, "\t%llu packet%s that failed verification received\n"); 1082 p(esps_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1083 p(esps_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1084 p(esps_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 1085 p(esps_replay, "\t%llu possibly replayed packet%s received\n"); 1086 p(esps_badilen, "\t%llu packet%s with bad payload size or padding received\n"); 1087 p(esps_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 1088 p(esps_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 1089 p(esps_crypto, "\t%llu packet%s that failed crypto processing\n"); 1090 p(esps_outfail, "\t%llu output packet%s could not be sent\n"); 1091 p(esps_udpencin, "\t%llu input UDP encapsulated ESP packet%s\n"); 1092 p(esps_udpencout, "\t%llu output UDP encapsulated ESP packet%s\n"); 1093 p(esps_udpinval, "\t%llu UDP packet%s for non-encapsulating TDB received\n"); 1094 p(esps_udpneeded, "\t%llu raw ESP packet%s for encapsulating TDB received\n"); 1095 p(esps_ibytes, "\t%llu input byte%s\n"); 1096 p(esps_obytes, "\t%llu output byte%s\n"); 1097 1098 #undef p 1099 } 1100 1101 /* 1102 * Dump IP-in-IP statistics structure. 1103 */ 1104 void 1105 ipip_stats(char *name) 1106 { 1107 struct ipipstat ipipstat; 1108 int mib[] = { CTL_NET, PF_INET, IPPROTO_IPIP, IPIPCTL_STATS }; 1109 size_t len = sizeof(ipipstat); 1110 1111 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1112 &ipipstat, &len, NULL, 0) == -1) { 1113 if (errno != ENOPROTOOPT) 1114 warn("%s", name); 1115 return; 1116 } 1117 1118 printf("%s:\n", name); 1119 #define p(f, m) if (ipipstat.f || sflag <= 1) \ 1120 printf(m, ipipstat.f, plural(ipipstat.f)) 1121 1122 p(ipips_ipackets, "\t%llu total input packet%s\n"); 1123 p(ipips_opackets, "\t%llu total output packet%s\n"); 1124 p(ipips_hdrops, "\t%llu packet%s shorter than header shows\n"); 1125 p(ipips_pdrops, "\t%llu packet%s dropped due to policy\n"); 1126 p(ipips_spoof, "\t%llu packet%s with possibly spoofed local addresses\n"); 1127 p(ipips_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1128 p(ipips_ibytes, "\t%llu input byte%s\n"); 1129 p(ipips_obytes, "\t%llu output byte%s\n"); 1130 p(ipips_family, "\t%llu protocol family mismatche%s\n"); 1131 p(ipips_unspec, "\t%llu attempt%s to use tunnel with unspecified endpoint(s)\n"); 1132 #undef p 1133 } 1134 1135 /* 1136 * Dump CARP statistics structure. 1137 */ 1138 void 1139 carp_stats(char *name) 1140 { 1141 struct carpstats carpstat; 1142 int mib[] = { CTL_NET, PF_INET, IPPROTO_CARP, CARPCTL_STATS }; 1143 size_t len = sizeof(carpstat); 1144 1145 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1146 &carpstat, &len, NULL, 0) == -1) { 1147 if (errno != ENOPROTOOPT) 1148 warn("%s", name); 1149 return; 1150 } 1151 1152 printf("%s:\n", name); 1153 #define p(f, m) if (carpstat.f || sflag <= 1) \ 1154 printf(m, carpstat.f, plural(carpstat.f)) 1155 #define p2(f, m) if (carpstat.f || sflag <= 1) \ 1156 printf(m, carpstat.f) 1157 1158 p(carps_ipackets, "\t%llu packet%s received (IPv4)\n"); 1159 p(carps_ipackets6, "\t%llu packet%s received (IPv6)\n"); 1160 p(carps_badif, "\t\t%llu packet%s discarded for bad interface\n"); 1161 p(carps_badttl, "\t\t%llu packet%s discarded for wrong TTL\n"); 1162 p(carps_hdrops, "\t\t%llu packet%s shorter than header\n"); 1163 p(carps_badsum, "\t\t%llu discarded for bad checksum%s\n"); 1164 p(carps_badver, "\t\t%llu discarded packet%s with a bad version\n"); 1165 p2(carps_badlen, "\t\t%llu discarded because packet too short\n"); 1166 p2(carps_badauth, "\t\t%llu discarded for bad authentication\n"); 1167 p2(carps_badvhid, "\t\t%llu discarded for unknown vhid\n"); 1168 p2(carps_badaddrs, "\t\t%llu discarded because of a bad address list\n"); 1169 p(carps_opackets, "\t%llu packet%s sent (IPv4)\n"); 1170 p(carps_opackets6, "\t%llu packet%s sent (IPv6)\n"); 1171 p2(carps_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1172 p(carps_preempt, "\t%llu transition%s to master\n"); 1173 #undef p 1174 #undef p2 1175 } 1176 1177 /* 1178 * Dump pfsync statistics structure. 1179 */ 1180 void 1181 pfsync_stats(char *name) 1182 { 1183 struct pfsyncstats pfsyncstat; 1184 int mib[] = { CTL_NET, PF_INET, IPPROTO_PFSYNC, PFSYNCCTL_STATS }; 1185 size_t len = sizeof(pfsyncstat); 1186 1187 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1188 &pfsyncstat, &len, NULL, 0) == -1) { 1189 if (errno != ENOPROTOOPT) 1190 warn("%s", name); 1191 return; 1192 } 1193 1194 printf("%s:\n", name); 1195 #define p(f, m) if (pfsyncstat.f || sflag <= 1) \ 1196 printf(m, pfsyncstat.f, plural(pfsyncstat.f)) 1197 #define p2(f, m) if (pfsyncstat.f || sflag <= 1) \ 1198 printf(m, pfsyncstat.f) 1199 1200 p(pfsyncs_ipackets, "\t%llu packet%s received (IPv4)\n"); 1201 p(pfsyncs_ipackets6, "\t%llu packet%s received (IPv6)\n"); 1202 p(pfsyncs_badif, "\t\t%llu packet%s discarded for bad interface\n"); 1203 p(pfsyncs_badttl, "\t\t%llu packet%s discarded for bad ttl\n"); 1204 p(pfsyncs_hdrops, "\t\t%llu packet%s shorter than header\n"); 1205 p(pfsyncs_badver, "\t\t%llu packet%s discarded for bad version\n"); 1206 p(pfsyncs_badauth, "\t\t%llu packet%s discarded for bad HMAC\n"); 1207 p(pfsyncs_badact,"\t\t%llu packet%s discarded for bad action\n"); 1208 p(pfsyncs_badlen, "\t\t%llu packet%s discarded for short packet\n"); 1209 p(pfsyncs_badval, "\t\t%llu state%s discarded for bad values\n"); 1210 p(pfsyncs_stale, "\t\t%llu stale state%s\n"); 1211 p(pfsyncs_badstate, "\t\t%llu failed state lookup/insert%s\n"); 1212 p(pfsyncs_opackets, "\t%llu packet%s sent (IPv4)\n"); 1213 p(pfsyncs_opackets6, "\t%llu packet%s sent (IPv6)\n"); 1214 p2(pfsyncs_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1215 p2(pfsyncs_oerrors, "\t\t%llu send error\n"); 1216 #undef p 1217 #undef p2 1218 } 1219 1220 /* 1221 * Dump pflow statistics structure. 1222 */ 1223 void 1224 pflow_stats(char *name) 1225 { 1226 struct pflowstats flowstats; 1227 int mib[] = { CTL_NET, PF_PFLOW, NET_PFLOW_STATS }; 1228 size_t len = sizeof(struct pflowstats); 1229 1230 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), &flowstats, &len, 1231 NULL, 0) == -1) { 1232 if (errno != ENOPROTOOPT) 1233 warn("%s", name); 1234 return; 1235 } 1236 1237 printf("%s:\n", name); 1238 #define p(f, m) if (flowstats.f || sflag <= 1) \ 1239 printf(m, flowstats.f, plural(flowstats.f)) 1240 #define p2(f, m) if (flowstats.f || sflag <= 1) \ 1241 printf(m, flowstats.f) 1242 1243 p(pflow_flows, "\t%llu flow%s sent\n"); 1244 p(pflow_packets, "\t%llu packet%s sent\n"); 1245 p2(pflow_onomem, "\t\t%llu send failed due to mbuf memory error\n"); 1246 p2(pflow_oerrors, "\t\t%llu send error\n"); 1247 #undef p 1248 #undef p2 1249 } 1250 1251 /* 1252 * Dump IPCOMP statistics structure. 1253 */ 1254 void 1255 ipcomp_stats(char *name) 1256 { 1257 struct ipcompstat ipcompstat; 1258 int mib[] = { CTL_NET, PF_INET, IPPROTO_IPCOMP, IPCOMPCTL_STATS }; 1259 size_t len = sizeof(ipcompstat); 1260 1261 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), 1262 &ipcompstat, &len, NULL, 0) == -1) { 1263 if (errno != ENOPROTOOPT) 1264 warn("%s", name); 1265 return; 1266 } 1267 1268 printf("%s:\n", name); 1269 #define p(f, m) if (ipcompstat.f || sflag <= 1) \ 1270 printf(m, ipcompstat.f, plural(ipcompstat.f)) 1271 1272 p(ipcomps_input, "\t%llu input IPCOMP packet%s\n"); 1273 p(ipcomps_output, "\t%llu output IPCOMP packet%s\n"); 1274 p(ipcomps_nopf, "\t%llu packet%s from unsupported protocol families\n"); 1275 p(ipcomps_hdrops, "\t%llu packet%s shorter than header shows\n"); 1276 p(ipcomps_pdrops, "\t%llu packet%s dropped due to policy\n"); 1277 p(ipcomps_notdb, "\t%llu packet%s for which no TDB was found\n"); 1278 p(ipcomps_badkcr, "\t%llu input packet%s that failed to be processed\n"); 1279 p(ipcomps_noxform, "\t%llu packet%s for which no XFORM was set in TDB received\n"); 1280 p(ipcomps_qfull, "\t%llu packet%s were dropped due to full output queue\n"); 1281 p(ipcomps_wrap, "\t%llu packet%s where counter wrapping was detected\n"); 1282 p(ipcomps_invalid, "\t%llu packet%s attempted to use an invalid TDB\n"); 1283 p(ipcomps_toobig, "\t%llu packet%s got larger than max IP packet size\n"); 1284 p(ipcomps_crypto, "\t%llu packet%s that failed (de)compression processing\n"); 1285 p(ipcomps_outfail, "\t%llu output packet%s could not be sent\n"); 1286 p(ipcomps_minlen, "\t%llu packet%s less than minimum compression length\n"); 1287 p(ipcomps_ibytes, "\t%llu input byte%s\n"); 1288 p(ipcomps_obytes, "\t%llu output byte%s\n"); 1289 1290 #undef p 1291 } 1292 1293 /* 1294 * Dump the contents of a socket structure 1295 */ 1296 void 1297 socket_dump(u_long off) 1298 { 1299 struct socket so; 1300 1301 if (off == 0) 1302 return; 1303 kread(off, &so, sizeof(so)); 1304 1305 #define p(fmt, v, sep) printf(#v " " fmt sep, so.v); 1306 #define pp(fmt, v, sep) printf(#v " " fmt sep, so.v); 1307 printf("socket %#lx\n ", off); 1308 p("%#.4x", so_type, "\n "); 1309 p("%#.4x", so_options, "\n "); 1310 p("%d", so_linger, "\n "); 1311 p("%#.4x", so_state, "\n "); 1312 pp("%p", so_pcb, ", "); 1313 pp("%p", so_proto, ", "); 1314 pp("%p", so_head, "\n "); 1315 p("%d", so_q0len, ", "); 1316 p("%d", so_qlen, ", "); 1317 p("%d", so_qlimit, "\n "); 1318 p("%d", so_timeo, "\n "); 1319 p("%u", so_error, "\n "); 1320 p("%p", so_sigio.sir_sigio, "\n "); 1321 p("%lu", so_oobmark, "\n "); 1322 if (so.so_sp) 1323 sosplice_dump((u_long)so.so_sp); 1324 sockbuf_dump(&so.so_rcv, "so_rcv"); 1325 sockbuf_dump(&so.so_snd, "so_snd"); 1326 p("%u", so_euid, ", "); 1327 p("%u", so_ruid, ", "); 1328 p("%u", so_egid, ", "); 1329 p("%u", so_rgid, "\n "); 1330 p("%d", so_cpid, "\n"); 1331 #undef p 1332 #undef pp 1333 1334 protosw_dump((u_long)so.so_proto, (u_long)so.so_pcb); 1335 } 1336 1337 /* 1338 * Dump the contents of a struct sosplice 1339 */ 1340 void 1341 sosplice_dump(u_long off) 1342 { 1343 struct sosplice ssp; 1344 1345 if (off == 0) 1346 return; 1347 kread(off, &ssp, sizeof(ssp)); 1348 1349 #define p(fmt, v, sep) printf(#v " " fmt sep, ssp.v); 1350 #define pll(fmt, v, sep) printf(#v " " fmt sep, (long long) ssp.v); 1351 #define pp(fmt, v, sep) printf(#v " " fmt sep, ssp.v); 1352 pp("%p", ssp_socket, ", "); 1353 pp("%p", ssp_soback, "\n "); 1354 p("%lld", ssp_len, ", "); 1355 p("%lld", ssp_max, ", "); 1356 pll("%lld", ssp_idletv.tv_sec, ", "); 1357 p("%ld", ssp_idletv.tv_usec, "\n "); 1358 #undef p 1359 #undef pll 1360 #undef pp 1361 } 1362 1363 /* 1364 * Dump the contents of a socket buffer 1365 */ 1366 void 1367 sockbuf_dump(struct sockbuf *sb, const char *name) 1368 { 1369 #define p(fmt, v, sep) printf(#v " " fmt sep, sb->v); 1370 printf("%s ", name); 1371 p("%lu", sb_cc, ", "); 1372 p("%lu", sb_datacc, ", "); 1373 p("%lu", sb_hiwat, ", "); 1374 p("%lu", sb_wat, "\n "); 1375 printf("%s ", name); 1376 p("%lu", sb_mbcnt, ", "); 1377 p("%lu", sb_mbmax, ", "); 1378 p("%ld", sb_lowat, "\n "); 1379 printf("%s ", name); 1380 p("%#.8x", sb_flagsintr, ", "); 1381 p("%#.4x", sb_flags, ", "); 1382 p("%llu", sb_timeo_nsecs, "\n "); 1383 #undef p 1384 } 1385 1386 /* 1387 * Dump the contents of a protosw structure 1388 */ 1389 void 1390 protosw_dump(u_long off, u_long pcb) 1391 { 1392 struct protosw proto; 1393 1394 if (off == 0) 1395 return; 1396 kread(off, &proto, sizeof(proto)); 1397 1398 #define p(fmt, v, sep) printf(#v " " fmt sep, proto.v); 1399 #define pp(fmt, v, sep) printf(#v " " fmt sep, proto.v); 1400 printf("protosw %#lx\n ", off); 1401 p("%#.4x", pr_type, "\n "); 1402 pp("%p", pr_domain, "\n "); 1403 p("%d", pr_protocol, "\n "); 1404 p("%#.4x", pr_flags, "\n"); 1405 #undef p 1406 #undef pp 1407 1408 domain_dump((u_long)proto.pr_domain, pcb, proto.pr_protocol); 1409 } 1410 1411 /* 1412 * Dump the contents of a domain structure 1413 */ 1414 void 1415 domain_dump(u_long off, u_long pcb, short protocol) 1416 { 1417 struct domain dom; 1418 char name[256]; 1419 1420 if (off == 0) 1421 return; 1422 kread(off, &dom, sizeof(dom)); 1423 kread((u_long)dom.dom_name, name, sizeof(name)); 1424 1425 #define p(fmt, v, sep) printf(#v " " fmt sep, dom.v); 1426 printf("domain %#lx\n ", off); 1427 p("%d", dom_family, "\n "); 1428 printf("dom_name %.*s\n", (int)sizeof(name), name); 1429 #undef p 1430 } 1431 1432 /* 1433 * Dump the contents of a internet PCB 1434 */ 1435 void 1436 inpcb_dump(u_long off, short protocol, int af) 1437 { 1438 struct inpcb inp; 1439 char faddr[256], laddr[256], raddr[256]; 1440 1441 if (off == 0) 1442 return; 1443 kread(off, &inp, sizeof(inp)); 1444 1445 if (vflag) 1446 socket_dump((u_long)inp.inp_socket); 1447 1448 switch (af) { 1449 case AF_INET: 1450 inet_ntop(af, &inp.inp_faddr, faddr, sizeof(faddr)); 1451 inet_ntop(af, &inp.inp_laddr, laddr, sizeof(laddr)); 1452 inet_ntop(af, &((struct sockaddr_in *) 1453 (&inp.inp_route.ro_dst))->sin_addr, raddr, sizeof(raddr)); 1454 break; 1455 case AF_INET6: 1456 inet_ntop(af, &inp.inp_faddr6, faddr, sizeof(faddr)); 1457 inet_ntop(af, &inp.inp_laddr6, laddr, sizeof(laddr)); 1458 inet_ntop(af, &inp.inp_route6.ro_dst.sin6_addr, 1459 raddr, sizeof(raddr)); 1460 break; 1461 default: 1462 faddr[0] = laddr[0] = '\0'; 1463 } 1464 1465 #define p(fmt, v, sep) printf(#v " " fmt sep, inp.v); 1466 #define pp(fmt, v, sep) printf(#v " " fmt sep, inp.v); 1467 printf("inpcb %#lx\n ", off); 1468 pp("%p", inp_table, "\n "); 1469 printf("inp_faddru %s, inp_laddru %s\n ", faddr, laddr); 1470 HTONS(inp.inp_fport); 1471 HTONS(inp.inp_lport); 1472 p("%u", inp_fport, ", "); 1473 p("%u", inp_lport, "\n "); 1474 pp("%p", inp_socket, ", "); 1475 pp("%p", inp_ppcb, "\n "); 1476 pp("%p", inp_route.ro_rt, ", "); 1477 printf("ro_dst %s\n ", raddr); 1478 p("%#.8x", inp_flags, "\n "); 1479 p("%d", inp_hops, "\n "); 1480 p("%u", inp_seclevel[0], ", "); 1481 p("%u", inp_seclevel[1], ", "); 1482 p("%u", inp_seclevel[2], ", "); 1483 p("%u", inp_seclevel[3], "\n "); 1484 p("%u", inp_ip_minttl, "\n "); 1485 p("%d", inp_cksum6, "\n "); 1486 pp("%p", inp_icmp6filt, "\n "); 1487 pp("%p", inp_pf_sk, "\n "); 1488 p("%u", inp_rtableid, "\n "); 1489 p("%d", inp_pipex, "\n"); 1490 #undef p 1491 #undef pp 1492 1493 switch (protocol) { 1494 case IPPROTO_TCP: 1495 tcpcb_dump((u_long)inp.inp_ppcb); 1496 break; 1497 } 1498 } 1499 1500 /* 1501 * Dump the contents of a TCP PCB 1502 */ 1503 void 1504 tcpcb_dump(u_long off) 1505 { 1506 struct tcpcb tcpcb; 1507 1508 if (off == 0) 1509 return; 1510 kread(off, (char *)&tcpcb, sizeof (tcpcb)); 1511 1512 #define p(fmt, v, sep) printf(#v " " fmt sep, tcpcb.v); 1513 #define pp(fmt, v, sep) printf(#v " " fmt sep, tcpcb.v); 1514 printf("tcpcb %#lx\n ", off); 1515 pp("%p", t_inpcb, "\n "); 1516 p("%d", t_state, ""); 1517 if (tcpcb.t_state >= 0 && tcpcb.t_state < TCP_NSTATES) 1518 printf(" (%s)", tcpstates[tcpcb.t_state]); 1519 printf("\n "); 1520 p("%d", t_rxtshift, ", "); 1521 p("%d", t_rxtcur, ", "); 1522 p("%d", t_dupacks, "\n "); 1523 p("%u", t_maxseg, ", "); 1524 p("%u", t_maxopd, ", "); 1525 p("%u", t_peermss, "\n "); 1526 p("0x%x", t_flags, ", "); 1527 p("%u", t_force, "\n "); 1528 p("%u", iss, "\n "); 1529 p("%u", snd_una, ", "); 1530 p("%u", snd_nxt, ", "); 1531 p("%u", snd_up, "\n "); 1532 p("%u", snd_wl1, ", "); 1533 p("%u", snd_wl2, ", "); 1534 p("%lu", snd_wnd, "\n "); 1535 p("%d", sack_enable, ", "); 1536 p("%d", snd_numholes, ", "); 1537 p("%u", snd_last, "\n "); 1538 p("%u", irs, "\n "); 1539 p("%u", rcv_nxt, ", "); 1540 p("%u", rcv_up, ", "); 1541 p("%lu", rcv_wnd, "\n "); 1542 p("%u", rcv_lastsack, "\n "); 1543 p("%d", rcv_numsacks, "\n "); 1544 p("%u", rcv_adv, ", "); 1545 p("%u", snd_max, "\n "); 1546 p("%lu", snd_cwnd, ", "); 1547 p("%lu", snd_ssthresh, ", "); 1548 p("%lu", max_sndwnd, "\n "); 1549 p("%u", t_rcvtime, ", "); 1550 p("%u", t_rtttime, ", "); 1551 p("%u", t_rtseq, "\n "); 1552 p("%u", t_srtt, ", "); 1553 p("%u", t_rttvar, ", "); 1554 p("%u", t_rttmin, "\n "); 1555 p("%u", t_oobflags, ", "); 1556 p("%u", t_iobc, "\n "); 1557 p("%u", t_softerror, "\n "); 1558 p("%u", snd_scale, ", "); 1559 p("%u", rcv_scale, ", "); 1560 p("%u", request_r_scale, ", "); 1561 p("%u", requested_s_scale, "\n "); 1562 p("%u", ts_recent, ", "); 1563 p("%u", ts_recent_age, "\n "); 1564 p("%u", last_ack_sent, "\n "); 1565 HTONS(tcpcb.t_pmtud_ip_len); 1566 HTONS(tcpcb.t_pmtud_nextmtu); 1567 p("%u", t_pmtud_mss_acked, ", "); 1568 p("%u", t_pmtud_mtu_sent, "\n "); 1569 p("%u", t_pmtud_nextmtu, ", "); 1570 p("%u", t_pmtud_ip_len, ", "); 1571 p("%u", t_pmtud_ip_hl, "\n "); 1572 p("%u", t_pmtud_th_seq, "\n "); 1573 p("%u", pf, "\n"); 1574 #undef p 1575 #undef pp 1576 } 1577