1*234aa446SGeorge V. Neville-Neil#!/usr/sbin/dtrace -s 2*234aa446SGeorge V. Neville-Neil/* 3*234aa446SGeorge V. Neville-Neil * Copyright (c) 2015 George V. Neville-Neil 4*234aa446SGeorge V. Neville-Neil * All rights reserved. 5*234aa446SGeorge V. Neville-Neil * 6*234aa446SGeorge V. Neville-Neil * Redistribution and use in source and binary forms, with or without 7*234aa446SGeorge V. Neville-Neil * modification, are permitted provided that the following conditions 8*234aa446SGeorge V. Neville-Neil * are met: 9*234aa446SGeorge V. Neville-Neil * 1. Redistributions of source code must retain the above copyright 10*234aa446SGeorge V. Neville-Neil * notice, this list of conditions and the following disclaimer. 11*234aa446SGeorge V. Neville-Neil * 2. Redistributions in binary form must reproduce the above copyright 12*234aa446SGeorge V. Neville-Neil * notice, this list of conditions and the following disclaimer in the 13*234aa446SGeorge V. Neville-Neil * documentation and/or other materials provided with the distribution. 14*234aa446SGeorge V. Neville-Neil * 15*234aa446SGeorge V. Neville-Neil * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16*234aa446SGeorge V. Neville-Neil * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17*234aa446SGeorge V. Neville-Neil * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18*234aa446SGeorge V. Neville-Neil * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19*234aa446SGeorge V. Neville-Neil * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20*234aa446SGeorge V. Neville-Neil * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21*234aa446SGeorge V. Neville-Neil * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22*234aa446SGeorge V. Neville-Neil * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23*234aa446SGeorge V. Neville-Neil * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24*234aa446SGeorge V. Neville-Neil * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25*234aa446SGeorge V. Neville-Neil * SUCH DAMAGE. 26*234aa446SGeorge V. Neville-Neil * 27*234aa446SGeorge V. Neville-Neil * The tcptrack D script shows various information about TCP 28*234aa446SGeorge V. Neville-Neil * connections including acceptance and refusal of inbound and 29*234aa446SGeorge V. Neville-Neil * outbound connections as well as state changes. 30*234aa446SGeorge V. Neville-Neil * 31*234aa446SGeorge V. Neville-Neil * Usage: tcptrack 32*234aa446SGeorge V. Neville-Neil */ 33*234aa446SGeorge V. Neville-Neil 34*234aa446SGeorge V. Neville-Neil#pragma D option quiet 35*234aa446SGeorge V. Neville-Neiltcp:kernel::accept-established 36*234aa446SGeorge V. Neville-Neil{ 37*234aa446SGeorge V. Neville-Neil printf("Accept connection from %s:%d\tto %s:%d\n", 38*234aa446SGeorge V. Neville-Neil args[2]->ip_saddr, 39*234aa446SGeorge V. Neville-Neil args[4]->tcp_sport, 40*234aa446SGeorge V. Neville-Neil args[2]->ip_daddr, 41*234aa446SGeorge V. Neville-Neil args[4]->tcp_dport); 42*234aa446SGeorge V. Neville-Neil 43*234aa446SGeorge V. Neville-Neil} 44*234aa446SGeorge V. Neville-Neil 45*234aa446SGeorge V. Neville-Neiltcp:kernel::accept-refused 46*234aa446SGeorge V. Neville-Neil{ 47*234aa446SGeorge V. Neville-Neil printf("Refused connection from %s:%d\tto %s:%d\n", 48*234aa446SGeorge V. Neville-Neil args[2]->ip_daddr, 49*234aa446SGeorge V. Neville-Neil args[4]->tcp_dport, 50*234aa446SGeorge V. Neville-Neil args[2]->ip_saddr, 51*234aa446SGeorge V. Neville-Neil args[4]->tcp_sport); 52*234aa446SGeorge V. Neville-Neil 53*234aa446SGeorge V. Neville-Neil} 54*234aa446SGeorge V. Neville-Neil 55*234aa446SGeorge V. Neville-Neiltcp:kernel::connect-established 56*234aa446SGeorge V. Neville-Neil{ 57*234aa446SGeorge V. Neville-Neil printf("Connection established to %s:%d from %s:%d\n", 58*234aa446SGeorge V. Neville-Neil args[2]->ip_saddr, 59*234aa446SGeorge V. Neville-Neil args[4]->tcp_sport, 60*234aa446SGeorge V. Neville-Neil args[2]->ip_daddr, 61*234aa446SGeorge V. Neville-Neil args[4]->tcp_dport); 62*234aa446SGeorge V. Neville-Neil 63*234aa446SGeorge V. Neville-Neil} 64*234aa446SGeorge V. Neville-Neil 65*234aa446SGeorge V. Neville-Neiltcp:kernel::connect-refused 66*234aa446SGeorge V. Neville-Neil{ 67*234aa446SGeorge V. Neville-Neil printf("Connection refused by %s:%d from %s:%d\n", 68*234aa446SGeorge V. Neville-Neil args[2]->ip_saddr, 69*234aa446SGeorge V. Neville-Neil args[4]->tcp_sport, 70*234aa446SGeorge V. Neville-Neil args[2]->ip_daddr, 71*234aa446SGeorge V. Neville-Neil args[4]->tcp_dport); 72*234aa446SGeorge V. Neville-Neil} 73*234aa446SGeorge V. Neville-Neil 74*234aa446SGeorge V. Neville-Neiltcp:kernel::state-change 75*234aa446SGeorge V. Neville-Neil{ 76*234aa446SGeorge V. Neville-Neil newstate = args[3]->tcps_state; 77*234aa446SGeorge V. Neville-Neil oldstate = args[5]->tcps_state; 78*234aa446SGeorge V. Neville-Neil printf("State changed from %s\t\t%s\n", tcp_state_string[oldstate], 79*234aa446SGeorge V. Neville-Neil tcp_state_string[newstate]); 80*234aa446SGeorge V. Neville-Neil} 81*234aa446SGeorge V. Neville-Neil 82