1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1983, 1988, 1993
5 * Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <sys/param.h>
33 #include <sys/file.h>
34 #ifdef JAIL
35 #include <sys/jail.h>
36 #endif
37 #include <sys/protosw.h>
38 #include <sys/socket.h>
39 #include <sys/socketvar.h>
40 #include <sys/sysctl.h>
41
42 #include <netinet/in.h>
43
44 #ifdef NETGRAPH
45 #include <netgraph/ng_socket.h>
46 #endif
47
48 #include <ctype.h>
49 #include <errno.h>
50 #ifdef JAIL
51 #include <jail.h>
52 #endif
53 #include <kvm.h>
54 #include <limits.h>
55 #include <netdb.h>
56 #include <nlist.h>
57 #include <paths.h>
58 #include <stdint.h>
59 #include <stdio.h>
60 #include <stdlib.h>
61 #include <stdbool.h>
62 #include <string.h>
63 #include <sysexits.h>
64 #include <unistd.h>
65 #include "netstat.h"
66 #include "nl_defs.h"
67 #include <libxo/xo.h>
68
69 static struct protox {
70 int pr_index; /* index into nlist of cb head */
71 int pr_sindex; /* index into nlist of stat block */
72 u_char pr_wanted; /* 1 if wanted, 0 otherwise */
73 void (*pr_cblocks)(u_long, const char *, int, int);
74 /* control blocks printing routine */
75 void (*pr_stats)(u_long, const char *, int, int);
76 /* statistics printing routine */
77 void (*pr_istats)(char *); /* per/if statistics printing routine */
78 const char *pr_name; /* well-known name */
79 int pr_usesysctl; /* non-zero if we use sysctl, not kvm */
80 int pr_protocol;
81 } protox[] = {
82 { -1 , N_TCPSTAT, 1, protopr,
83 tcp_stats, NULL, "tcp", 1, IPPROTO_TCP },
84 { -1 , N_UDPSTAT, 1, protopr,
85 udp_stats, NULL, "udp", 1, IPPROTO_UDP },
86 #ifdef SCTP
87 { -1, N_SCTPSTAT, 1, sctp_protopr,
88 sctp_stats, NULL, "sctp", 1, IPPROTO_SCTP },
89 #endif
90 #ifdef SDP
91 { -1, -1, 1, protopr,
92 NULL, NULL, "sdp", 1, IPPROTO_TCP },
93 #endif
94 { -1 , -1, 1, protopr,
95 divert_stats, NULL, "divert", 1, 0 },
96 { -1 , N_IPSTAT, 1, protopr,
97 ip_stats, NULL, "ip", 1, IPPROTO_RAW },
98 { -1 , N_ICMPSTAT, 1, protopr,
99 icmp_stats, NULL, "icmp", 1, IPPROTO_ICMP },
100 { -1 , N_IGMPSTAT, 1, protopr,
101 igmp_stats, NULL, "igmp", 1, IPPROTO_IGMP },
102 #ifdef IPSEC
103 { -1, N_IPSEC4STAT, 1, NULL, /* keep as compat */
104 ipsec_stats, NULL, "ipsec", 1, 0},
105 { -1, N_AHSTAT, 1, NULL,
106 ah_stats, NULL, "ah", 1, 0},
107 { -1, N_ESPSTAT, 1, NULL,
108 esp_stats, NULL, "esp", 1, 0},
109 { -1, N_IPCOMPSTAT, 1, NULL,
110 ipcomp_stats, NULL, "ipcomp", 1, 0},
111 #endif
112 { -1 , N_PIMSTAT, 1, protopr,
113 pim_stats, NULL, "pim", 1, IPPROTO_PIM },
114 { -1, N_CARPSTATS, 1, NULL,
115 carp_stats, NULL, "carp", 1, 0 },
116 #ifdef PF
117 { -1, N_PFSYNCSTATS, 1, NULL,
118 pfsync_stats, NULL, "pfsync", 1, 0 },
119 { -1, N_PFLOWSTATS, 1, NULL,
120 pflow_stats, NULL, "pflow", 1, 0 },
121 #endif
122 { -1, N_ARPSTAT, 1, NULL,
123 arp_stats, NULL, "arp", 1, 0 },
124 { -1, -1, 0, NULL,
125 NULL, NULL, NULL, 0, 0 }
126 };
127
128 #ifdef INET6
129 static struct protox ip6protox[] = {
130 { -1 , N_TCPSTAT, 1, protopr,
131 tcp_stats, NULL, "tcp", 1, IPPROTO_TCP },
132 { -1 , N_UDPSTAT, 1, protopr,
133 udp_stats, NULL, "udp", 1, IPPROTO_UDP },
134 { -1 , N_IP6STAT, 1, protopr,
135 ip6_stats, ip6_ifstats, "ip6", 1, IPPROTO_RAW },
136 { -1 , N_ICMP6STAT, 1, protopr,
137 icmp6_stats, icmp6_ifstats, "icmp6", 1, IPPROTO_ICMPV6 },
138 #ifdef SDP
139 { -1, -1, 1, protopr,
140 NULL, NULL, "sdp", 1, IPPROTO_TCP },
141 #endif
142 #ifdef IPSEC
143 { -1, N_IPSEC6STAT, 1, NULL,
144 ipsec_stats, NULL, "ipsec6", 1, 0 },
145 #endif
146 #ifdef notyet
147 { -1, N_PIM6STAT, 1, NULL,
148 pim6_stats, NULL, "pim6", 1, 0 },
149 #endif
150 { -1, N_RIP6STAT, 1, NULL,
151 rip6_stats, NULL, "rip6", 1, 0 },
152 { -1, -1, 0, NULL,
153 NULL, NULL, NULL, 0, 0 }
154 };
155 #endif /*INET6*/
156
157 #ifdef IPSEC
158 static struct protox pfkeyprotox[] = {
159 { -1, N_PFKEYSTAT, 1, NULL,
160 pfkey_stats, NULL, "pfkey", 0, 0 },
161 { -1, -1, 0, NULL,
162 NULL, NULL, NULL, 0, 0 }
163 };
164 #endif
165
166 #ifdef NETGRAPH
167 static struct protox netgraphprotox[] = {
168 { N_NGSOCKLIST, -1, 1, netgraphprotopr,
169 NULL, NULL, "ctrl", 0, 0 },
170 { N_NGSOCKLIST, -1, 1, netgraphprotopr,
171 NULL, NULL, "data", 0, 0 },
172 { -1, -1, 0, NULL,
173 NULL, NULL, NULL, 0, 0 }
174 };
175 #endif
176
177 static struct protox *protoprotox[] = {
178 protox,
179 #ifdef INET6
180 ip6protox,
181 #endif
182 #ifdef IPSEC
183 pfkeyprotox,
184 #endif
185 NULL };
186
187 static void printproto(struct protox *, const char *, bool *);
188 static void usage(void) __dead2;
189 static struct protox *name2protox(const char *);
190 static struct protox *knownname(const char *);
191
192 static int kresolve_list(struct nlist *_nl);
193
194 static kvm_t *kvmd;
195 static char *nlistf = NULL, *memf = NULL;
196
197 int Aflag; /* show addresses of protocol control block */
198 int aflag; /* show all sockets (including servers) */
199 static int Bflag; /* show information about bpf consumers */
200 int bflag; /* show i/f total bytes in/out */
201 int cflag; /* show TCP congestion control stack */
202 int Cflag; /* show congestion control algo and vars */
203 int dflag; /* show i/f dropped packets */
204 int gflag; /* show group (multicast) routing or stats */
205 int hflag; /* show counters in human readable format */
206 int iflag; /* show interfaces */
207 int Lflag; /* show size of listen queues */
208 int mflag; /* show memory stats */
209 int noutputs = 0; /* how much outputs before we exit */
210 int numeric_addr; /* show addresses numerically */
211 int numeric_port; /* show ports numerically */
212 int Oflag; /* show nhgrp objects*/
213 int oflag; /* show nexthop objects*/
214 int Pflag; /* show TCP log ID */
215 static int pflag; /* show given protocol */
216 static int Qflag; /* show netisr information */
217 int rflag; /* show routing tables (or routing stats) */
218 int Rflag; /* show flow / RSS statistics */
219 int sflag; /* show protocol statistics */
220 int Wflag; /* wide display */
221 int Tflag; /* TCP Information */
222 int xflag; /* extra information, includes all socket buffer info */
223 int zflag; /* zero stats */
224
225 int interval; /* repeat interval for i/f stats */
226
227 char *interface; /* desired i/f for stats, or NULL for all i/fs */
228 int unit; /* unit number for above */
229 #ifdef JAIL
230 char *jail_name; /* desired jail to operate in */
231 #endif
232
233 static int af; /* address family */
234 int live; /* true if we are examining a live system */
235
236 int
main(int argc,char * argv[])237 main(int argc, char *argv[])
238 {
239 struct protox *tp = NULL; /* for printing cblocks & stats */
240 int ch;
241 int fib = -1;
242 char *endptr;
243 bool first = true;
244 #ifdef JAIL
245 int jid;
246 #endif
247
248 af = AF_UNSPEC;
249
250 argc = xo_parse_args(argc, argv);
251 if (argc < 0)
252 exit(EXIT_FAILURE);
253
254 while ((ch = getopt(argc, argv, "46AaBbCcdF:f:ghI:ij:LlM:mN:nOoPp:Qq:RrSTsuWw:xz"))
255 != -1)
256 switch(ch) {
257 case '4':
258 #ifdef INET
259 af = AF_INET;
260 #else
261 xo_errx(EX_UNAVAILABLE, "IPv4 support is not compiled in");
262 #endif
263 break;
264 case '6':
265 #ifdef INET6
266 af = AF_INET6;
267 #else
268 xo_errx(EX_UNAVAILABLE, "IPv6 support is not compiled in");
269 #endif
270 break;
271 case 'A':
272 Aflag = 1;
273 break;
274 case 'a':
275 aflag = 1;
276 break;
277 case 'B':
278 Bflag = 1;
279 break;
280 case 'b':
281 bflag = 1;
282 break;
283 case 'c':
284 cflag = 1;
285 break;
286 case 'C':
287 Cflag = 1;
288 break;
289 case 'd':
290 dflag = 1;
291 break;
292 case 'F':
293 fib = strtol(optarg, &endptr, 0);
294 if (*endptr != '\0' ||
295 (fib == 0 && (errno == EINVAL || errno == ERANGE)))
296 xo_errx(EX_DATAERR, "%s: invalid fib", optarg);
297 break;
298 case 'f':
299 if (strcmp(optarg, "inet") == 0)
300 af = AF_INET;
301 #ifdef INET6
302 else if (strcmp(optarg, "inet6") == 0)
303 af = AF_INET6;
304 #endif
305 #ifdef IPSEC
306 else if (strcmp(optarg, "pfkey") == 0)
307 af = PF_KEY;
308 #endif
309 else if (strcmp(optarg, "unix") == 0 ||
310 strcmp(optarg, "local") == 0)
311 af = AF_UNIX;
312 #ifdef NETGRAPH
313 else if (strcmp(optarg, "ng") == 0
314 || strcmp(optarg, "netgraph") == 0)
315 af = AF_NETGRAPH;
316 #endif
317 else if (strcmp(optarg, "link") == 0)
318 af = AF_LINK;
319 else {
320 xo_errx(EX_DATAERR, "%s: unknown address family",
321 optarg);
322 }
323 break;
324 case 'g':
325 gflag = 1;
326 break;
327 case 'h':
328 hflag = 1;
329 break;
330 case 'I': {
331 char *cp;
332
333 iflag = 1;
334 for (cp = interface = optarg; isalpha(*cp); cp++)
335 continue;
336 unit = atoi(cp);
337 break;
338 }
339 case 'i':
340 iflag = 1;
341 break;
342 case 'j':
343 #ifdef JAIL
344 if (optarg == NULL)
345 usage();
346 jail_name = optarg;
347 #else
348 xo_errx(EX_UNAVAILABLE, "Jail support is not compiled in");
349 #endif
350 break;
351 case 'L':
352 Lflag = 1;
353 break;
354 case 'M':
355 memf = optarg;
356 break;
357 case 'm':
358 mflag = 1;
359 break;
360 case 'N':
361 nlistf = optarg;
362 break;
363 case 'n':
364 numeric_addr = numeric_port = 1;
365 break;
366 case 'o':
367 oflag = 1;
368 break;
369 case 'O':
370 Oflag = 1;
371 break;
372 case 'P':
373 Pflag = 1;
374 break;
375 case 'p':
376 if ((tp = name2protox(optarg)) == NULL) {
377 xo_errx(EX_DATAERR, "%s: unknown or uninstrumented "
378 "protocol", optarg);
379 }
380 pflag = 1;
381 break;
382 case 'Q':
383 Qflag = 1;
384 break;
385 case 'q':
386 noutputs = atoi(optarg);
387 if (noutputs != 0)
388 noutputs++;
389 break;
390 case 'r':
391 rflag = 1;
392 break;
393 case 'R':
394 Rflag = 1;
395 break;
396 case 's':
397 ++sflag;
398 break;
399 case 'S':
400 numeric_addr = 1;
401 break;
402 case 'u':
403 af = AF_UNIX;
404 break;
405 case 'W':
406 case 'l':
407 Wflag = 1;
408 break;
409 case 'w':
410 interval = atoi(optarg);
411 iflag = 1;
412 break;
413 case 'T':
414 Tflag = 1;
415 break;
416 case 'x':
417 xflag = 1;
418 break;
419 case 'z':
420 zflag = 1;
421 break;
422 case '?':
423 default:
424 usage();
425 }
426 argv += optind;
427 argc -= optind;
428
429 #define BACKWARD_COMPATIBILITY
430 #ifdef BACKWARD_COMPATIBILITY
431 if (*argv) {
432 if (isdigit(**argv)) {
433 interval = atoi(*argv);
434 if (interval <= 0)
435 usage();
436 ++argv;
437 iflag = 1;
438 }
439 if (*argv) {
440 nlistf = *argv;
441 if (*++argv)
442 memf = *argv;
443 }
444 }
445 #endif
446
447 #ifdef JAIL
448 if (jail_name != NULL) {
449 jid = jail_getid(jail_name);
450 if (jid == -1)
451 xo_errx(EX_UNAVAILABLE, "Jail not found");
452 if (jail_attach(jid) != 0)
453 xo_errx(EX_UNAVAILABLE, "Cannot attach to jail");
454 }
455 #endif
456
457 /*
458 * Discard setgid privileges if not the running kernel so that bad
459 * guys can't print interesting stuff from kernel memory.
460 */
461 live = (nlistf == NULL && memf == NULL);
462 if (!live) {
463 if (setgid(getgid()) != 0)
464 xo_err(EX_OSERR, "setgid");
465 /* Load all necessary kvm symbols */
466 kresolve_list(nl);
467 }
468
469 if (xflag && Tflag)
470 xo_errx(EX_USAGE, "-x and -T are incompatible, pick one.");
471
472 if (Bflag) {
473 if (!live)
474 usage();
475 bpf_stats(interface);
476 if (xo_finish() < 0)
477 xo_err(EX_IOERR, "stdout");
478 exit(EX_OK);
479 }
480 if (mflag) {
481 if (!live) {
482 if (kread(0, NULL, 0) == 0)
483 mbpr(kvmd, nl[N_SFSTAT].n_value);
484 } else
485 mbpr(NULL, 0);
486 if (xo_finish() < 0)
487 xo_err(EX_IOERR, "stdout");
488 exit(EX_OK);
489 }
490 if (Qflag) {
491 if (!live) {
492 if (kread(0, NULL, 0) == 0)
493 netisr_stats();
494 } else
495 netisr_stats();
496 if (xo_finish() < 0)
497 xo_err(EX_IOERR, "stdout");
498 exit(EX_OK);
499 }
500 #if 0
501 /*
502 * Keep file descriptors open to avoid overhead
503 * of open/close on each call to get* routines.
504 */
505 sethostent(1);
506 setnetent(1);
507 #else
508 /*
509 * This does not make sense any more with DNS being default over
510 * the files. Doing a setXXXXent(1) causes a tcp connection to be
511 * used for the queries, which is slower.
512 */
513 #endif
514 if (iflag && !sflag) {
515 xo_open_container("statistics");
516 xo_set_version(NETSTAT_XO_VERSION);
517 intpr(NULL, af);
518 xo_close_container("statistics");
519 if (xo_finish() < 0)
520 xo_err(EX_IOERR, "stdout");
521 exit(EX_OK);
522 }
523 if (rflag) {
524 xo_open_container("statistics");
525 xo_set_version(NETSTAT_XO_VERSION);
526 if (sflag)
527 rt_stats();
528 else
529 routepr(fib, af);
530 xo_close_container("statistics");
531 if (xo_finish() < 0)
532 xo_err(EX_IOERR, "stdout");
533 exit(EX_OK);
534 }
535 if (oflag) {
536 xo_open_container("statistics");
537 xo_set_version(NETSTAT_XO_VERSION);
538 nhops_print(fib, af);
539 xo_close_container("statistics");
540 if (xo_finish() < 0)
541 xo_err(EX_IOERR, "stdout");
542 exit(EX_OK);
543 }
544 if (Oflag) {
545 xo_open_container("statistics");
546 xo_set_version(NETSTAT_XO_VERSION);
547 nhgrp_print(fib, af);
548 xo_close_container("statistics");
549 if (xo_finish() < 0)
550 xo_err(EX_IOERR, "stdout");
551 exit(EX_OK);
552 }
553
554
555
556 if (gflag) {
557 xo_open_container("statistics");
558 xo_set_version(NETSTAT_XO_VERSION);
559 if (sflag) {
560 if (af == AF_INET || af == AF_UNSPEC)
561 mrt_stats();
562 #ifdef INET6
563 if (af == AF_INET6 || af == AF_UNSPEC)
564 mrt6_stats();
565 #endif
566 } else {
567 if (af == AF_INET || af == AF_UNSPEC)
568 mroutepr();
569 #ifdef INET6
570 if (af == AF_INET6 || af == AF_UNSPEC)
571 mroute6pr();
572 #endif
573 }
574 xo_close_container("statistics");
575 if (xo_finish() < 0)
576 xo_err(EX_IOERR, "stdout");
577 exit(EX_OK);
578 }
579
580 if (tp) {
581 xo_open_container("statistics");
582 xo_set_version(NETSTAT_XO_VERSION);
583 printproto(tp, tp->pr_name, &first);
584 if (!first)
585 xo_close_list("socket");
586 xo_close_container("statistics");
587 if (xo_finish() < 0)
588 xo_err(EX_IOERR, "stdout");
589 exit(EX_OK);
590 }
591
592 xo_open_container("statistics");
593 xo_set_version(NETSTAT_XO_VERSION);
594 if (af == AF_INET || af == AF_UNSPEC)
595 for (tp = protox; tp->pr_name; tp++)
596 printproto(tp, tp->pr_name, &first);
597 #ifdef INET6
598 if (af == AF_INET6 || af == AF_UNSPEC)
599 for (tp = ip6protox; tp->pr_name; tp++)
600 printproto(tp, tp->pr_name, &first);
601 #endif /*INET6*/
602 #ifdef IPSEC
603 if (af == PF_KEY || af == AF_UNSPEC)
604 for (tp = pfkeyprotox; tp->pr_name; tp++)
605 printproto(tp, tp->pr_name, &first);
606 #endif /*IPSEC*/
607 #ifdef NETGRAPH
608 if (af == AF_NETGRAPH || af == AF_UNSPEC)
609 for (tp = netgraphprotox; tp->pr_name; tp++)
610 printproto(tp, tp->pr_name, &first);
611 #endif /* NETGRAPH */
612 if ((af == AF_UNIX || af == AF_UNSPEC) && !sflag)
613 unixpr(nl[N_UNP_COUNT].n_value, nl[N_UNP_GENCNT].n_value,
614 nl[N_UNP_DHEAD].n_value, nl[N_UNP_SHEAD].n_value,
615 nl[N_UNP_SPHEAD].n_value, &first);
616
617 if (!first)
618 xo_close_list("socket");
619 xo_close_container("statistics");
620 if (xo_finish() < 0)
621 xo_err(EX_IOERR, "stdout");
622 exit(EX_OK);
623 }
624
625 static int
fetch_stats_internal(const char * sysctlname,u_long off,void * stats,size_t len,kreadfn_t kreadfn,int zero)626 fetch_stats_internal(const char *sysctlname, u_long off, void *stats,
627 size_t len, kreadfn_t kreadfn, int zero)
628 {
629 int error;
630
631 if (live) {
632 memset(stats, 0, len);
633 if (zero)
634 error = sysctlbyname(sysctlname, NULL, NULL, stats,
635 len);
636 else
637 error = sysctlbyname(sysctlname, stats, &len, NULL, 0);
638 if (error == -1 && errno != ENOENT)
639 xo_warn("sysctl %s", sysctlname);
640 } else {
641 if (off == 0)
642 return (1);
643 error = kreadfn(off, stats, len);
644 }
645 return (error);
646 }
647
648 int
fetch_stats(const char * sysctlname,u_long off,void * stats,size_t len,kreadfn_t kreadfn)649 fetch_stats(const char *sysctlname, u_long off, void *stats,
650 size_t len, kreadfn_t kreadfn)
651 {
652
653 return (fetch_stats_internal(sysctlname, off, stats, len, kreadfn,
654 zflag));
655 }
656
657 int
fetch_stats_ro(const char * sysctlname,u_long off,void * stats,size_t len,kreadfn_t kreadfn)658 fetch_stats_ro(const char *sysctlname, u_long off, void *stats,
659 size_t len, kreadfn_t kreadfn)
660 {
661
662 return (fetch_stats_internal(sysctlname, off, stats, len, kreadfn, 0));
663 }
664
665 /*
666 * Print out protocol statistics or control blocks (per sflag).
667 * If the interface was not specifically requested, and the symbol
668 * is not in the namelist, ignore this one.
669 */
670 static void
printproto(struct protox * tp,const char * name,bool * first)671 printproto(struct protox *tp, const char *name, bool *first)
672 {
673 void (*pr)(u_long, const char *, int, int);
674 u_long off;
675 bool doingdblocks = false;
676
677 if (sflag) {
678 if (iflag) {
679 if (tp->pr_istats)
680 intpr(tp->pr_istats, af);
681 else if (pflag)
682 xo_message("%s: no per-interface stats routine",
683 tp->pr_name);
684 return;
685 } else {
686 pr = tp->pr_stats;
687 if (!pr) {
688 if (pflag)
689 xo_message("%s: no stats routine",
690 tp->pr_name);
691 return;
692 }
693 if (tp->pr_usesysctl && live)
694 off = 0;
695 else if (tp->pr_sindex < 0) {
696 if (pflag)
697 xo_message("%s: stats routine doesn't "
698 "work on cores", tp->pr_name);
699 return;
700 } else
701 off = nl[tp->pr_sindex].n_value;
702 }
703 } else {
704 doingdblocks = true;
705 pr = tp->pr_cblocks;
706 if (!pr) {
707 if (pflag)
708 xo_message("%s: no PCB routine", tp->pr_name);
709 return;
710 }
711 if (tp->pr_usesysctl && live)
712 off = 0;
713 else if (tp->pr_index < 0) {
714 if (pflag)
715 xo_message("%s: PCB routine doesn't work on "
716 "cores", tp->pr_name);
717 return;
718 } else
719 off = nl[tp->pr_index].n_value;
720 }
721 if (pr != NULL && (off || (live && tp->pr_usesysctl) ||
722 af != AF_UNSPEC)) {
723 if (doingdblocks && *first) {
724 xo_open_list("socket");
725 *first = false;
726 }
727
728 (*pr)(off, name, af, tp->pr_protocol);
729 }
730 }
731
732 static int
kvmd_init(void)733 kvmd_init(void)
734 {
735 char errbuf[_POSIX2_LINE_MAX];
736
737 if (kvmd != NULL)
738 return (0);
739
740 kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf);
741 if (setgid(getgid()) != 0)
742 xo_err(EX_OSERR, "setgid");
743
744 if (kvmd == NULL) {
745 xo_warnx("kvm not available: %s", errbuf);
746 return (-1);
747 }
748
749 return (0);
750 }
751
752 /*
753 * Resolve symbol list, return 0 on success.
754 */
755 static int
kresolve_list(struct nlist * _nl)756 kresolve_list(struct nlist *_nl)
757 {
758
759 if ((kvmd == NULL) && (kvmd_init() != 0))
760 return (-1);
761
762 if (_nl[0].n_type != 0)
763 return (0);
764
765 if (kvm_nlist(kvmd, _nl) < 0) {
766 if (nlistf)
767 xo_errx(EX_UNAVAILABLE, "%s: kvm_nlist: %s", nlistf,
768 kvm_geterr(kvmd));
769 else
770 xo_errx(EX_UNAVAILABLE, "kvm_nlist: %s", kvm_geterr(kvmd));
771 }
772
773 return (0);
774 }
775
776 /*
777 * Wrapper of kvm_dpcpu_setcpu().
778 */
779 void
kset_dpcpu(u_int cpuid)780 kset_dpcpu(u_int cpuid)
781 {
782
783 if ((kvmd == NULL) && (kvmd_init() != 0))
784 xo_errx(EX_UNAVAILABLE, "%s: kvm is not available", __func__);
785
786 if (kvm_dpcpu_setcpu(kvmd, cpuid) < 0)
787 xo_errx(EX_UNAVAILABLE, "%s: kvm_dpcpu_setcpu(%u): %s", __func__,
788 cpuid, kvm_geterr(kvmd));
789 return;
790 }
791
792 /*
793 * Read kernel memory, return 0 on success.
794 */
795 int
kread(u_long addr,void * buf,size_t size)796 kread(u_long addr, void *buf, size_t size)
797 {
798
799 if (kvmd_init() < 0)
800 return (-1);
801
802 if (!buf)
803 return (0);
804 if (kvm_read(kvmd, addr, buf, size) != (ssize_t)size) {
805 xo_warnx("%s", kvm_geterr(kvmd));
806 return (-1);
807 }
808 return (0);
809 }
810
811 /*
812 * Read single counter(9).
813 */
814 uint64_t
kread_counter(u_long addr)815 kread_counter(u_long addr)
816 {
817
818 if (kvmd_init() < 0)
819 return (-1);
820
821 return (kvm_counter_u64_fetch(kvmd, addr));
822 }
823
824 /*
825 * Read an array of N counters in kernel memory into array of N uint64_t's.
826 */
827 int
kread_counters(u_long addr,void * buf,size_t size)828 kread_counters(u_long addr, void *buf, size_t size)
829 {
830 uint64_t *c;
831 u_long *counters;
832 size_t i, n;
833
834 if (kvmd_init() < 0)
835 return (-1);
836
837 if (size % sizeof(uint64_t) != 0) {
838 xo_warnx("kread_counters: invalid counter set size");
839 return (-1);
840 }
841
842 n = size / sizeof(uint64_t);
843 if ((counters = malloc(n * sizeof(u_long))) == NULL)
844 xo_err(EX_OSERR, "malloc");
845 if (kread(addr, counters, n * sizeof(u_long)) < 0) {
846 free(counters);
847 return (-1);
848 }
849
850 c = buf;
851 for (i = 0; i < n; i++)
852 c[i] = kvm_counter_u64_fetch(kvmd, counters[i]);
853
854 free(counters);
855 return (0);
856 }
857
858 const char *
plural(uintmax_t n)859 plural(uintmax_t n)
860 {
861 return (n != 1 ? "s" : "");
862 }
863
864 const char *
plurales(uintmax_t n)865 plurales(uintmax_t n)
866 {
867 return (n != 1 ? "es" : "");
868 }
869
870 const char *
pluralies(uintmax_t n)871 pluralies(uintmax_t n)
872 {
873 return (n != 1 ? "ies" : "y");
874 }
875
876 /*
877 * Find the protox for the given "well-known" name.
878 */
879 static struct protox *
knownname(const char * name)880 knownname(const char *name)
881 {
882 struct protox **tpp, *tp;
883
884 for (tpp = protoprotox; *tpp; tpp++)
885 for (tp = *tpp; tp->pr_name; tp++)
886 if (strcmp(tp->pr_name, name) == 0)
887 return (tp);
888 return (NULL);
889 }
890
891 /*
892 * Find the protox corresponding to name.
893 */
894 static struct protox *
name2protox(const char * name)895 name2protox(const char *name)
896 {
897 struct protox *tp;
898 char **alias; /* alias from p->aliases */
899 struct protoent *p;
900
901 /*
902 * Try to find the name in the list of "well-known" names. If that
903 * fails, check if name is an alias for an Internet protocol.
904 */
905 if ((tp = knownname(name)) != NULL)
906 return (tp);
907
908 setprotoent(1); /* make protocol lookup cheaper */
909 while ((p = getprotoent()) != NULL) {
910 /* assert: name not same as p->name */
911 for (alias = p->p_aliases; *alias; alias++)
912 if (strcmp(name, *alias) == 0) {
913 endprotoent();
914 return (knownname(p->p_name));
915 }
916 }
917 endprotoent();
918 return (NULL);
919 }
920
921 static void
usage(void)922 usage(void)
923 {
924 xo_error("%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n",
925 "usage: netstat [-j jail] [-46AaCcLnRSTWx] [-f protocol_family | -p protocol]\n"
926 " [-M core] [-N system]",
927 " netstat [-j jail] -i | -I interface [-46abdhnW] [-f address_family]\n"
928 " [-M core] [-N system]",
929 " netstat [-j jail] -w wait [-I interface] [-46d] [-M core] [-N system]\n"
930 " [-q howmany]",
931 " netstat [-j jail] -s [-46sz] [-f protocol_family | -p protocol]\n"
932 " [-M core] [-N system]",
933 " netstat [-j jail] -i | -I interface -s [-46s]\n"
934 " [-f protocol_family | -p protocol] [-M core] [-N system]",
935 " netstat [-j jail] -m [-M core] [-N system]",
936 " netstat [-j jail] -B [-z] [-I interface]",
937 " netstat [-j jail] -r [-46AnW] [-F fibnum] [-f address_family]\n"
938 " [-M core] [-N system]",
939 " netstat [-j jail] -rs [-s] [-M core] [-N system]",
940 " netstat [-j jail] -g [-46W] [-f address_family] [-M core] [-N system]",
941 " netstat [-j jail] -gs [-46s] [-f address_family] [-M core] [-N system]",
942 " netstat [-j jail] -Q");
943 exit(EX_USAGE);
944 }
945