1 /* $OpenBSD: route.c,v 1.82 2008/09/15 20:13:10 claudio Exp $ */ 2 /* $NetBSD: route.c,v 1.15 1996/05/07 02:55:06 thorpej Exp $ */ 3 4 /* 5 * Copyright (c) 1983, 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include <sys/param.h> 34 #include <sys/protosw.h> 35 #include <sys/socket.h> 36 #include <sys/mbuf.h> 37 38 #include <net/if.h> 39 #include <net/if_dl.h> 40 #include <net/if_types.h> 41 #define _KERNEL 42 #include <net/route.h> 43 #undef _KERNEL 44 #include <netinet/in.h> 45 #include <arpa/inet.h> 46 47 #include <sys/sysctl.h> 48 49 #include <err.h> 50 #include <limits.h> 51 #include <netdb.h> 52 #include <stdio.h> 53 #include <stdlib.h> 54 #include <string.h> 55 #include <unistd.h> 56 57 #ifndef INET 58 #define INET 59 #endif 60 61 #include <netinet/ip_ipsp.h> 62 #include "netstat.h" 63 64 #define kget(p, d) (kread((u_long)(p), &(d), sizeof (d))) 65 66 /* alignment constraint for routing socket */ 67 #define ROUNDUP(a) \ 68 ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) 69 #define ADVANCE(x, n) (x += ROUNDUP((n)->sa_len)) 70 71 struct radix_node_head ***rt_head; 72 struct radix_node_head ***rnt; 73 struct radix_node_head *rt_tables[AF_MAX+1]; /* provides enough space */ 74 u_int8_t af2rtafidx[AF_MAX+1]; 75 76 static union { 77 struct sockaddr u_sa; 78 u_int32_t u_data[64]; 79 int u_dummy; /* force word-alignment */ 80 } pt_u; 81 82 int do_rtent = 0; 83 struct rtentry rtentry; 84 struct radix_node rnode; 85 struct radix_mask rmask; 86 87 static struct sockaddr *kgetsa(struct sockaddr *); 88 static void p_tree(struct radix_node *); 89 static void p_rtnode(void); 90 static void p_rtflags(u_char); 91 static void p_krtentry(struct rtentry *); 92 static void encap_print(struct rtentry *); 93 94 /* 95 * Print routing tables. 96 */ 97 void 98 routepr(u_long rtree, u_long mtree, u_long af2idx, u_long rtbl_id_max) 99 { 100 struct radix_node_head *rnh, head; 101 int i, idxmax = 0; 102 u_int rtidxmax; 103 104 printf("Routing tables\n"); 105 106 if (rtree == 0 || af2idx == 0) { 107 printf("rt_tables: symbol not in namelist\n"); 108 return; 109 } 110 111 kget(rtree, rt_head); 112 kget(rtbl_id_max, rtidxmax); 113 kget(af2idx, af2rtafidx); 114 115 for (i = 0; i <= AF_MAX; i++) { 116 if (af2rtafidx[i] > idxmax) 117 idxmax = af2rtafidx[i]; 118 } 119 120 if ((rnt = calloc(rtidxmax + 1, sizeof(struct radix_node_head **))) == 121 NULL) 122 err(1, NULL); 123 124 kread((u_long)rt_head, rnt, (rtidxmax + 1) * 125 sizeof(struct radix_node_head **)); 126 kread((u_long)rnt[0], rt_tables, (idxmax + 1) * sizeof(rnh)); 127 128 for (i = 0; i <= AF_MAX; i++) { 129 if (i == AF_UNSPEC) { 130 if (Aflag && (af == AF_UNSPEC || af == 0xff)) { 131 kget(mtree, rnh); 132 kget(rnh, head); 133 printf("Netmasks:\n"); 134 p_tree(head.rnh_treetop); 135 } 136 continue; 137 } 138 if (af2rtafidx[i] == 0) 139 /* no table for this AF */ 140 continue; 141 if ((rnh = rt_tables[af2rtafidx[i]]) == 0) 142 continue; 143 kget(rnh, head); 144 if (af == AF_UNSPEC || af == i) { 145 pr_family(i); 146 do_rtent = 1; 147 pr_rthdr(i, Aflag); 148 p_tree(head.rnh_treetop); 149 } 150 } 151 } 152 153 static struct sockaddr * 154 kgetsa(struct sockaddr *dst) 155 { 156 157 kget(dst, pt_u.u_sa); 158 if (pt_u.u_sa.sa_len > sizeof (pt_u.u_sa)) 159 kread((u_long)dst, pt_u.u_data, pt_u.u_sa.sa_len); 160 return (&pt_u.u_sa); 161 } 162 163 static void 164 p_tree(struct radix_node *rn) 165 { 166 167 again: 168 kget(rn, rnode); 169 if (rnode.rn_b < 0) { 170 if (Aflag) 171 printf("%-16p ", rn); 172 if (rnode.rn_flags & RNF_ROOT) { 173 if (Aflag) 174 printf("(root node)%s", 175 rnode.rn_dupedkey ? " =>\n" : "\n"); 176 } else if (do_rtent) { 177 kget(rn, rtentry); 178 p_krtentry(&rtentry); 179 if (Aflag) 180 p_rtnode(); 181 } else { 182 p_sockaddr(kgetsa((struct sockaddr *)rnode.rn_key), 183 0, 0, 44); 184 putchar('\n'); 185 } 186 if ((rn = rnode.rn_dupedkey)) 187 goto again; 188 } else { 189 if (Aflag && do_rtent) { 190 printf("%-16p ", rn); 191 p_rtnode(); 192 } 193 rn = rnode.rn_r; 194 p_tree(rnode.rn_l); 195 p_tree(rn); 196 } 197 } 198 199 static void 200 p_rtflags(u_char flags) 201 { 202 putchar('<'); 203 if (flags & RNF_NORMAL) 204 putchar('N'); 205 if (flags & RNF_ROOT) 206 putchar('R'); 207 if (flags & RNF_ACTIVE) 208 putchar('A'); 209 if (flags & ~(RNF_NORMAL | RNF_ROOT | RNF_ACTIVE)) 210 printf("/0x%02x", flags); 211 putchar('>'); 212 } 213 214 char nbuf[25]; 215 216 static void 217 p_rtnode(void) 218 { 219 struct radix_mask *rm = rnode.rn_mklist; 220 221 if (rnode.rn_b < 0) { 222 snprintf(nbuf, sizeof nbuf, " => %p", rnode.rn_dupedkey); 223 printf("\t (%p)%s", rnode.rn_p, 224 rnode.rn_dupedkey ? nbuf : ""); 225 if (rnode.rn_mask) { 226 printf(" mask "); 227 p_sockaddr(kgetsa((struct sockaddr *)rnode.rn_mask), 228 0, 0, -1); 229 } else if (rm == 0) { 230 putchar('\n'); 231 return; 232 } 233 } else { 234 snprintf(nbuf, sizeof nbuf, "(%d)", rnode.rn_b); 235 printf("%6.6s (%p) %16p : %16p", nbuf, rnode.rn_p, rnode.rn_l, 236 rnode.rn_r); 237 } 238 239 putchar(' '); 240 p_rtflags(rnode.rn_flags); 241 242 while (rm) { 243 kget(rm, rmask); 244 snprintf(nbuf, sizeof nbuf, " %d refs, ", rmask.rm_refs); 245 printf(" mk = %16p {(%d),%s", 246 rm, -1 - rmask.rm_b, rmask.rm_refs ? nbuf : " "); 247 p_rtflags(rmask.rm_flags); 248 printf(", "); 249 if (rmask.rm_flags & RNF_NORMAL) { 250 struct radix_node rnode_aux; 251 252 printf("leaf = %p ", rmask.rm_leaf); 253 kget(rmask.rm_leaf, rnode_aux); 254 p_sockaddr(kgetsa((struct sockaddr *)rnode_aux.rn_mask), 255 0, 0, -1); 256 } else 257 p_sockaddr(kgetsa((struct sockaddr *)rmask.rm_mask), 258 0, 0, -1); 259 putchar('}'); 260 if ((rm = rmask.rm_mklist)) 261 printf(" ->"); 262 } 263 putchar('\n'); 264 } 265 266 static void 267 p_krtentry(struct rtentry *rt) 268 { 269 static struct ifnet ifnet, *lastif; 270 struct sockaddr_storage sock1, sock2; 271 struct sockaddr *sa = (struct sockaddr *)&sock1; 272 struct sockaddr *mask = (struct sockaddr *)&sock2; 273 274 bcopy(kgetsa(rt_key(rt)), sa, sizeof(struct sockaddr)); 275 if (sa->sa_len > sizeof(struct sockaddr)) 276 bcopy(kgetsa(rt_key(rt)), sa, sa->sa_len); 277 278 if (sa->sa_family == PF_KEY) { 279 encap_print(rt); 280 return; 281 } 282 283 if (rt_mask(rt)) { 284 bcopy(kgetsa(rt_mask(rt)), mask, sizeof(struct sockaddr)); 285 if (sa->sa_len > sizeof(struct sockaddr)) 286 bcopy(kgetsa(rt_mask(rt)), mask, sa->sa_len); 287 } else 288 mask = 0; 289 290 p_addr(sa, mask, rt->rt_flags); 291 p_gwaddr(kgetsa(rt->rt_gateway), sa->sa_family); 292 p_flags(rt->rt_flags, "%-6.6s "); 293 printf("%5u %8ld ", rt->rt_refcnt, rt->rt_use); 294 if (rt->rt_rmx.rmx_mtu) 295 printf("%5u ", rt->rt_rmx.rmx_mtu); 296 else 297 printf("%5s ", "-"); 298 putchar((rt->rt_rmx.rmx_locks & RTV_MTU) ? 'L' : ' '); 299 printf(" %2d", rt->rt_priority & RTP_MASK); 300 301 if (rt->rt_ifp) { 302 if (rt->rt_ifp != lastif) { 303 kget(rt->rt_ifp, ifnet); 304 lastif = rt->rt_ifp; 305 } 306 printf(" %.16s%s", ifnet.if_xname, 307 rt->rt_nodes[0].rn_dupedkey ? " =>" : ""); 308 } 309 putchar('\n'); 310 if (vflag) 311 printf("\texpire %10u%c\n", 312 rt->rt_rmx.rmx_expire, 313 (rt->rt_rmx.rmx_locks & RTV_EXPIRE) ? 'L' : ' '); 314 } 315 316 /* 317 * Print routing statistics 318 */ 319 void 320 rt_stats(void) 321 { 322 struct rtstat rtstat; 323 int mib[6]; 324 size_t size; 325 326 mib[0] = CTL_NET; 327 mib[1] = PF_ROUTE; 328 mib[2] = 0; 329 mib[3] = 0; 330 mib[4] = NET_RT_STATS; 331 mib[5] = 0; 332 size = sizeof (rtstat); 333 334 if (sysctl(mib, 6, &rtstat, &size, NULL, 0) < 0) { 335 perror("sysctl of routing table statistics"); 336 exit(1); 337 } 338 339 printf("routing:\n"); 340 printf("\t%u bad routing redirect%s\n", 341 rtstat.rts_badredirect, plural(rtstat.rts_badredirect)); 342 printf("\t%u dynamically created route%s\n", 343 rtstat.rts_dynamic, plural(rtstat.rts_dynamic)); 344 printf("\t%u new gateway%s due to redirects\n", 345 rtstat.rts_newgateway, plural(rtstat.rts_newgateway)); 346 printf("\t%u destination%s found unreachable\n", 347 rtstat.rts_unreach, plural(rtstat.rts_unreach)); 348 printf("\t%u use%s of a wildcard route\n", 349 rtstat.rts_wildcard, plural(rtstat.rts_wildcard)); 350 } 351 352 static void 353 encap_print(struct rtentry *rt) 354 { 355 struct sockaddr_encap sen1, sen2, sen3; 356 struct ipsec_policy ipo; 357 struct sockaddr_in6 s61, s62; 358 359 bcopy(kgetsa(rt_key(rt)), &sen1, sizeof(sen1)); 360 bcopy(kgetsa(rt_mask(rt)), &sen2, sizeof(sen2)); 361 bcopy(kgetsa(rt->rt_gateway), &sen3, sizeof(sen3)); 362 363 if (sen1.sen_type == SENT_IP4) { 364 printf("%-18s %-5u ", netname4(sen1.sen_ip_src.s_addr, 365 sen2.sen_ip_src.s_addr), ntohs(sen1.sen_sport)); 366 printf("%-18s %-5u %-5u ", netname4(sen1.sen_ip_dst.s_addr, 367 sen2.sen_ip_dst.s_addr), 368 ntohs(sen1.sen_dport), sen1.sen_proto); 369 } 370 371 if (sen1.sen_type == SENT_IP6) { 372 bzero(&s61, sizeof(s61)); 373 bzero(&s62, sizeof(s62)); 374 s61.sin6_family = s62.sin6_family = AF_INET6; 375 s61.sin6_len = s62.sin6_len = sizeof(s61); 376 bcopy(&sen1.sen_ip6_src, &s61.sin6_addr, sizeof(struct in6_addr)); 377 #ifdef __KAME__ 378 if (IN6_IS_ADDR_LINKLOCAL(&s61.sin6_addr) || 379 IN6_IS_ADDR_MC_LINKLOCAL(&s61.sin6_addr) || 380 IN6_IS_ADDR_MC_INTFACELOCAL(&s61.sin6_addr)) { 381 s61.sin6_scope_id = 382 ((u_int16_t)s61.sin6_addr.s6_addr[2] << 8) | 383 s61.sin6_addr.s6_addr[3]; 384 s61.sin6_addr.s6_addr[2] = s61.sin6_addr.s6_addr[3] = 0; 385 } 386 #endif 387 bcopy(&sen2.sen_ip6_src, &s62.sin6_addr, sizeof(struct in6_addr)); 388 #ifdef __KAME__ 389 if (IN6_IS_ADDR_LINKLOCAL(&s62.sin6_addr) || 390 IN6_IS_ADDR_MC_LINKLOCAL(&s62.sin6_addr) || 391 IN6_IS_ADDR_MC_INTFACELOCAL(&s62.sin6_addr)) { 392 s62.sin6_scope_id = 393 ((u_int16_t)s62.sin6_addr.s6_addr[2] << 8) | 394 s62.sin6_addr.s6_addr[3]; 395 s62.sin6_addr.s6_addr[2] = s62.sin6_addr.s6_addr[3] = 0; 396 } 397 #endif 398 399 printf("%-42s %-5u ", netname6(&s61, &s62), 400 ntohs(sen1.sen_ip6_sport)); 401 402 bzero(&s61, sizeof(s61)); 403 bzero(&s62, sizeof(s62)); 404 s61.sin6_family = s62.sin6_family = AF_INET6; 405 s61.sin6_len = s62.sin6_len = sizeof(s61); 406 bcopy(&sen1.sen_ip6_dst, &s61.sin6_addr, sizeof(struct in6_addr)); 407 #ifdef __KAME__ 408 if (IN6_IS_ADDR_LINKLOCAL(&s61.sin6_addr) || 409 IN6_IS_ADDR_MC_LINKLOCAL(&s61.sin6_addr) || 410 IN6_IS_ADDR_MC_INTFACELOCAL(&s61.sin6_addr)) { 411 s61.sin6_scope_id = 412 ((u_int16_t)s61.sin6_addr.s6_addr[2] << 8) | 413 s61.sin6_addr.s6_addr[3]; 414 s61.sin6_addr.s6_addr[2] = s61.sin6_addr.s6_addr[3] = 0; 415 } 416 #endif 417 bcopy(&sen2.sen_ip6_dst, &s62.sin6_addr, sizeof(struct in6_addr)); 418 #ifdef __KAME__ 419 if (IN6_IS_ADDR_LINKLOCAL(&s62.sin6_addr) || 420 IN6_IS_ADDR_MC_LINKLOCAL(&s62.sin6_addr) || 421 IN6_IS_ADDR_MC_INTFACELOCAL(&s62.sin6_addr)) { 422 s62.sin6_scope_id = 423 ((u_int16_t)s62.sin6_addr.s6_addr[2] << 8) | 424 s62.sin6_addr.s6_addr[3]; 425 s62.sin6_addr.s6_addr[2] = s62.sin6_addr.s6_addr[3] = 0; 426 } 427 #endif 428 429 printf("%-42s %-5u %-5u ", netname6(&s61, &s62), 430 ntohs(sen1.sen_ip6_dport), sen1.sen_ip6_proto); 431 } 432 433 if (sen3.sen_type == SENT_IPSP) { 434 char hostn[NI_MAXHOST]; 435 436 kget(sen3.sen_ipsp, ipo); 437 438 if (getnameinfo(&ipo.ipo_dst.sa, ipo.ipo_dst.sa.sa_len, 439 hostn, NI_MAXHOST, NULL, 0, NI_NUMERICHOST) != 0) 440 strlcpy (hostn, "none", NI_MAXHOST); 441 442 printf("%s", hostn); 443 printf("/%-u", ipo.ipo_sproto); 444 445 switch (ipo.ipo_type) { 446 case IPSP_IPSEC_REQUIRE: 447 printf("/require"); 448 break; 449 case IPSP_IPSEC_ACQUIRE: 450 printf("/acquire"); 451 break; 452 case IPSP_IPSEC_USE: 453 printf("/use"); 454 break; 455 case IPSP_IPSEC_DONTACQ: 456 printf("/dontacq"); 457 break; 458 case IPSP_PERMIT: 459 printf("/bypass"); 460 break; 461 case IPSP_DENY: 462 printf("/deny"); 463 break; 464 default: 465 printf("/<unknown type!>"); 466 break; 467 } 468 469 if ((ipo.ipo_addr.sen_type == SENT_IP4 && 470 ipo.ipo_addr.sen_direction == IPSP_DIRECTION_IN) || 471 (ipo.ipo_addr.sen_type == SENT_IP6 && 472 ipo.ipo_addr.sen_ip6_direction == IPSP_DIRECTION_IN)) 473 printf("/in\n"); 474 else if ((ipo.ipo_addr.sen_type == SENT_IP4 && 475 ipo.ipo_addr.sen_direction == IPSP_DIRECTION_OUT) || 476 (ipo.ipo_addr.sen_type == SENT_IP6 && 477 ipo.ipo_addr.sen_ip6_direction == IPSP_DIRECTION_OUT)) 478 printf("/out\n"); 479 else 480 printf("/<unknown>\n"); 481 } 482 } 483