1 /* 2 * Copyright (c) 1983, 1988, 1993 3 * Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #ifndef lint 35 char const copyright[] = 36 "@(#) Copyright (c) 1983, 1988, 1993\n\ 37 Regents of the University of California. All rights reserved.\n"; 38 #endif /* not lint */ 39 40 #if 0 41 #ifndef lint 42 static char sccsid[] = "@(#)main.c 8.4 (Berkeley) 3/1/94"; 43 #endif /* not lint */ 44 #endif 45 46 #include <sys/cdefs.h> 47 __FBSDID("$FreeBSD$"); 48 49 #include <sys/param.h> 50 #include <sys/file.h> 51 #include <sys/protosw.h> 52 #include <sys/socket.h> 53 54 #include <netinet/in.h> 55 56 #include <netgraph/ng_socket.h> 57 58 #include <ctype.h> 59 #include <err.h> 60 #include <errno.h> 61 #include <kvm.h> 62 #include <limits.h> 63 #include <netdb.h> 64 #include <nlist.h> 65 #include <paths.h> 66 #include <stdio.h> 67 #include <stdlib.h> 68 #include <string.h> 69 #include <unistd.h> 70 #include "netstat.h" 71 72 static struct nlist nl[] = { 73 #define N_IFNET 0 74 { "_ifnet" }, 75 #define N_RTSTAT 1 76 { "_rtstat" }, 77 #define N_RTREE 2 78 { "_rt_tables"}, 79 #define N_MRTSTAT 3 80 { "_mrtstat" }, 81 #define N_MFCTABLE 4 82 { "_mfctable" }, 83 #define N_VIFTABLE 5 84 { "_viftable" }, 85 #define N_IPX 6 86 { "_ipxpcb_list"}, 87 #define N_IPXSTAT 7 88 { "_ipxstat"}, 89 #define N_SPXSTAT 8 90 { "_spx_istat"}, 91 #define N_DDPSTAT 9 92 { "_ddpstat"}, 93 #define N_DDPCB 10 94 { "_ddpcb"}, 95 #define N_NGSOCKS 11 96 { "_ngsocklist"}, 97 #define N_IP6STAT 12 98 { "_ip6stat" }, 99 #define N_ICMP6STAT 13 100 { "_icmp6stat" }, 101 #define N_IPSECSTAT 14 102 { "_ipsecstat" }, 103 #define N_IPSEC6STAT 15 104 { "_ipsec6stat" }, 105 #define N_PIM6STAT 16 106 { "_pim6stat" }, 107 #define N_MRT6STAT 17 108 { "_mrt6stat" }, 109 #define N_MF6CTABLE 18 110 { "_mf6ctable" }, 111 #define N_MIF6TABLE 19 112 { "_mif6table" }, 113 #define N_PFKEYSTAT 20 114 { "_pfkeystat" }, 115 #define N_MBSTAT 21 116 { "_mbstat" }, 117 #define N_MBTYPES 22 118 { "_mbtypes" }, 119 #define N_NMBCLUSTERS 23 120 { "_nmbclusters" }, 121 #define N_NMBUFS 24 122 { "_nmbufs" }, 123 #define N_MBHI 25 124 { "_mbuf_hiwm" }, 125 #define N_CLHI 26 126 { "_clust_hiwm" }, 127 #define N_NCPUS 27 128 { "_smp_cpus" }, 129 #define N_PAGESZ 28 130 { "_pagesize" }, 131 #define N_MBPSTAT 29 132 { "_mb_statpcpu" }, 133 #define N_RTTRASH 30 134 { "_rttrash" }, 135 #define N_MBLO 31 136 { "_mbuf_lowm" }, 137 #define N_CLLO 32 138 { "_clust_lowm" }, 139 #define N_CARPSTAT 33 140 { "_carpstats" }, 141 #define N_PFSYNCSTAT 34 142 { "_pfsyncstats" }, 143 { "" }, 144 }; 145 146 struct protox { 147 u_char pr_index; /* index into nlist of cb head */ 148 u_char pr_sindex; /* index into nlist of stat block */ 149 u_char pr_wanted; /* 1 if wanted, 0 otherwise */ 150 void (*pr_cblocks)(u_long, const char *, int); 151 /* control blocks printing routine */ 152 void (*pr_stats)(u_long, const char *, int); 153 /* statistics printing routine */ 154 void (*pr_istats)(char *); /* per/if statistics printing routine */ 155 const char *pr_name; /* well-known name */ 156 u_long pr_usesysctl; /* non-zero if we use sysctl, not kvm */ 157 } protox[] = { 158 { -1, -1, 1, protopr, 159 tcp_stats, NULL, "tcp", IPPROTO_TCP }, 160 { -1, -1, 1, protopr, 161 udp_stats, NULL, "udp", IPPROTO_UDP }, 162 { -1, -1, 1, protopr, 163 NULL, NULL, "divert",IPPROTO_DIVERT }, 164 { -1, -1, 1, protopr, 165 ip_stats, NULL, "ip", IPPROTO_RAW }, 166 { -1, -1, 1, protopr, 167 icmp_stats, NULL, "icmp", IPPROTO_ICMP }, 168 { -1, -1, 1, protopr, 169 igmp_stats, NULL, "igmp", IPPROTO_IGMP }, 170 #ifdef IPSEC 171 { -1, N_IPSECSTAT, 1, NULL, 172 ipsec_stats, NULL, "ipsec", 0}, 173 #endif 174 { -1, -1, 1, protopr, 175 pim_stats, NULL, "pim", IPPROTO_PIM }, 176 { -1, N_CARPSTAT, 1, 0, 177 carp_stats, NULL, "carp", 0}, 178 { -1, -1, 1, NULL, 179 pfsync_stats, NULL, "pfsync", 1}, 180 { -1, -1, 0, NULL, 181 NULL, NULL, NULL, 0 } 182 }; 183 184 #ifdef INET6 185 struct protox ip6protox[] = { 186 { -1, -1, 1, protopr, 187 tcp_stats, NULL, "tcp", IPPROTO_TCP }, 188 { -1, -1, 1, protopr, 189 udp_stats, NULL, "udp", IPPROTO_UDP }, 190 { -1, N_IP6STAT, 1, protopr, 191 ip6_stats, ip6_ifstats, "ip6", IPPROTO_RAW }, 192 { -1, N_ICMP6STAT, 1, protopr, 193 icmp6_stats, icmp6_ifstats, "icmp6",IPPROTO_ICMPV6 }, 194 #ifdef IPSEC 195 { -1, N_IPSEC6STAT, 1, NULL, 196 ipsec_stats, NULL, "ipsec6",0 }, 197 #endif 198 #ifdef notyet 199 { -1, N_PIM6STAT, 1, NULL, 200 pim6_stats, NULL, "pim6", 0 }, 201 #endif 202 { -1, -1, 1, NULL, 203 rip6_stats, NULL, "rip6", 0 }, 204 { -1, -1, 0, NULL, 205 NULL, NULL, NULL, 0 } 206 }; 207 #endif /*INET6*/ 208 209 #ifdef IPSEC 210 struct protox pfkeyprotox[] = { 211 { -1, N_PFKEYSTAT, 1, NULL, 212 pfkey_stats, NULL, "pfkey", 0 }, 213 { -1, -1, 0, NULL, 214 NULL, NULL, NULL, 0 } 215 }; 216 #endif 217 218 struct protox atalkprotox[] = { 219 { N_DDPCB, N_DDPSTAT, 1, atalkprotopr, 220 ddp_stats, NULL, "ddp", 0 }, 221 { -1, -1, 0, NULL, 222 NULL, NULL, NULL, 0 } 223 }; 224 225 struct protox netgraphprotox[] = { 226 { N_NGSOCKS, -1, 1, netgraphprotopr, 227 NULL, NULL, "ctrl", 0 }, 228 { N_NGSOCKS, -1, 1, netgraphprotopr, 229 NULL, NULL, "data", 0 }, 230 { -1, -1, 0, NULL, 231 NULL, NULL, NULL, 0 } 232 }; 233 234 #ifdef IPX 235 struct protox ipxprotox[] = { 236 { N_IPX, N_IPXSTAT, 1, ipxprotopr, 237 ipx_stats, NULL, "ipx", 0 }, 238 { N_IPX, N_SPXSTAT, 1, ipxprotopr, 239 spx_stats, NULL, "spx", 0 }, 240 { -1, -1, 0, NULL, 241 NULL, NULL, 0, 0 } 242 }; 243 #endif 244 245 struct protox *protoprotox[] = { 246 protox, 247 #ifdef INET6 248 ip6protox, 249 #endif 250 #ifdef IPSEC 251 pfkeyprotox, 252 #endif 253 #ifdef IPX 254 ipxprotox, 255 #endif 256 atalkprotox, NULL }; 257 258 const char *pluralies(int); 259 static void printproto(struct protox *, const char *); 260 static void usage(void); 261 static struct protox *name2protox(char *); 262 static struct protox *knownname(char *); 263 264 static kvm_t *kvmd; 265 static char *nlistf = NULL, *memf = NULL; 266 267 int Aflag; /* show addresses of protocol control block */ 268 int aflag; /* show all sockets (including servers) */ 269 int Bflag; /* show information about bpf consumers */ 270 int bflag; /* show i/f total bytes in/out */ 271 int dflag; /* show i/f dropped packets */ 272 int gflag; /* show group (multicast) routing or stats */ 273 int hflag; /* show counters in human readable format */ 274 int iflag; /* show interfaces */ 275 int Lflag; /* show size of listen queues */ 276 int mflag; /* show memory stats */ 277 int numeric_addr; /* show addresses numerically */ 278 int numeric_port; /* show ports numerically */ 279 static int pflag; /* show given protocol */ 280 int rflag; /* show routing tables (or routing stats) */ 281 int sflag; /* show protocol statistics */ 282 int tflag; /* show i/f watchdog timers */ 283 int Wflag; /* wide display */ 284 int zflag; /* zero stats */ 285 286 int interval; /* repeat interval for i/f stats */ 287 288 char *interface; /* desired i/f for stats, or NULL for all i/fs */ 289 int unit; /* unit number for above */ 290 291 int af; /* address family */ 292 293 int 294 main(int argc, char *argv[]) 295 { 296 struct protox *tp = NULL; /* for printing cblocks & stats */ 297 int ch; 298 299 af = AF_UNSPEC; 300 301 while ((ch = getopt(argc, argv, "AaBbdf:ghI:iLlM:mN:np:rSstuWw:z")) != -1) 302 switch(ch) { 303 case 'A': 304 Aflag = 1; 305 break; 306 case 'a': 307 aflag = 1; 308 break; 309 case 'B': 310 Bflag = 1; 311 break; 312 case 'b': 313 bflag = 1; 314 break; 315 case 'd': 316 dflag = 1; 317 break; 318 case 'f': 319 if (strcmp(optarg, "ipx") == 0) 320 af = AF_IPX; 321 else if (strcmp(optarg, "inet") == 0) 322 af = AF_INET; 323 #ifdef INET6 324 else if (strcmp(optarg, "inet6") == 0) 325 af = AF_INET6; 326 #endif 327 #ifdef IPSEC 328 else if (strcmp(optarg, "pfkey") == 0) 329 af = PF_KEY; 330 #endif 331 else if (strcmp(optarg, "unix") == 0) 332 af = AF_UNIX; 333 else if (strcmp(optarg, "atalk") == 0) 334 af = AF_APPLETALK; 335 else if (strcmp(optarg, "ng") == 0 336 || strcmp(optarg, "netgraph") == 0) 337 af = AF_NETGRAPH; 338 else if (strcmp(optarg, "link") == 0) 339 af = AF_LINK; 340 else { 341 errx(1, "%s: unknown address family", optarg); 342 } 343 break; 344 case 'g': 345 gflag = 1; 346 break; 347 case 'h': 348 hflag = 1; 349 break; 350 case 'I': { 351 char *cp; 352 353 iflag = 1; 354 for (cp = interface = optarg; isalpha(*cp); cp++) 355 continue; 356 unit = atoi(cp); 357 break; 358 } 359 case 'i': 360 iflag = 1; 361 break; 362 case 'L': 363 Lflag = 1; 364 break; 365 case 'M': 366 memf = optarg; 367 break; 368 case 'm': 369 mflag = 1; 370 break; 371 case 'N': 372 nlistf = optarg; 373 break; 374 case 'n': 375 numeric_addr = numeric_port = 1; 376 break; 377 case 'p': 378 if ((tp = name2protox(optarg)) == NULL) { 379 errx(1, 380 "%s: unknown or uninstrumented protocol", 381 optarg); 382 } 383 pflag = 1; 384 break; 385 case 'r': 386 rflag = 1; 387 break; 388 case 's': 389 ++sflag; 390 break; 391 case 'S': 392 numeric_addr = 1; 393 break; 394 case 't': 395 tflag = 1; 396 break; 397 case 'u': 398 af = AF_UNIX; 399 break; 400 case 'W': 401 case 'l': 402 Wflag = 1; 403 break; 404 case 'w': 405 interval = atoi(optarg); 406 iflag = 1; 407 break; 408 case 'z': 409 zflag = 1; 410 break; 411 case '?': 412 default: 413 usage(); 414 } 415 argv += optind; 416 argc -= optind; 417 418 #define BACKWARD_COMPATIBILITY 419 #ifdef BACKWARD_COMPATIBILITY 420 if (*argv) { 421 if (isdigit(**argv)) { 422 interval = atoi(*argv); 423 if (interval <= 0) 424 usage(); 425 ++argv; 426 iflag = 1; 427 } 428 if (*argv) { 429 nlistf = *argv; 430 if (*++argv) 431 memf = *argv; 432 } 433 } 434 #endif 435 436 /* 437 * Discard setgid privileges if not the running kernel so that bad 438 * guys can't print interesting stuff from kernel memory. 439 */ 440 if (nlistf != NULL || memf != NULL) 441 setgid(getgid()); 442 443 if (Bflag) { 444 bpf_stats(interface); 445 exit(0); 446 } 447 if (mflag) { 448 if (memf != NULL) { 449 if (kread(0, 0, 0) == 0) 450 mbpr(kvmd, nl[N_MBSTAT].n_value); 451 } else 452 mbpr(NULL, 0); 453 exit(0); 454 } 455 #if 0 456 /* 457 * Keep file descriptors open to avoid overhead 458 * of open/close on each call to get* routines. 459 */ 460 sethostent(1); 461 setnetent(1); 462 #else 463 /* 464 * This does not make sense any more with DNS being default over 465 * the files. Doing a setXXXXent(1) causes a tcp connection to be 466 * used for the queries, which is slower. 467 */ 468 #endif 469 if (iflag && !sflag) { 470 kread(0, 0, 0); 471 intpr(interval, nl[N_IFNET].n_value, NULL); 472 exit(0); 473 } 474 if (rflag) { 475 kread(0, 0, 0); 476 if (sflag) 477 rt_stats(nl[N_RTSTAT].n_value, nl[N_RTTRASH].n_value); 478 else 479 routepr(nl[N_RTREE].n_value); 480 exit(0); 481 } 482 if (gflag) { 483 kread(0, 0, 0); 484 if (sflag) { 485 if (af == AF_INET || af == AF_UNSPEC) 486 mrt_stats(nl[N_MRTSTAT].n_value); 487 #ifdef INET6 488 if (af == AF_INET6 || af == AF_UNSPEC) 489 mrt6_stats(nl[N_MRT6STAT].n_value); 490 #endif 491 } else { 492 if (af == AF_INET || af == AF_UNSPEC) 493 mroutepr(nl[N_MFCTABLE].n_value, 494 nl[N_VIFTABLE].n_value); 495 #ifdef INET6 496 if (af == AF_INET6 || af == AF_UNSPEC) 497 mroute6pr(nl[N_MF6CTABLE].n_value, 498 nl[N_MIF6TABLE].n_value); 499 #endif 500 } 501 ifmalist_dump(); 502 exit(0); 503 } 504 505 kread(0, 0, 0); 506 if (tp) { 507 printproto(tp, tp->pr_name); 508 exit(0); 509 } 510 if (af == AF_INET || af == AF_UNSPEC) 511 for (tp = protox; tp->pr_name; tp++) 512 printproto(tp, tp->pr_name); 513 #ifdef INET6 514 if (af == AF_INET6 || af == AF_UNSPEC) 515 for (tp = ip6protox; tp->pr_name; tp++) 516 printproto(tp, tp->pr_name); 517 #endif /*INET6*/ 518 #ifdef IPSEC 519 if (af == PF_KEY || af == AF_UNSPEC) 520 for (tp = pfkeyprotox; tp->pr_name; tp++) 521 printproto(tp, tp->pr_name); 522 #endif /*IPSEC*/ 523 #ifdef IPX 524 if (af == AF_IPX || af == AF_UNSPEC) { 525 kread(0, 0, 0); 526 for (tp = ipxprotox; tp->pr_name; tp++) 527 printproto(tp, tp->pr_name); 528 } 529 #endif /* IPX */ 530 if (af == AF_APPLETALK || af == AF_UNSPEC) 531 for (tp = atalkprotox; tp->pr_name; tp++) 532 printproto(tp, tp->pr_name); 533 if (af == AF_NETGRAPH || af == AF_UNSPEC) 534 for (tp = netgraphprotox; tp->pr_name; tp++) 535 printproto(tp, tp->pr_name); 536 if ((af == AF_UNIX || af == AF_UNSPEC) && !Lflag && !sflag) 537 unixpr(); 538 exit(0); 539 } 540 541 /* 542 * Print out protocol statistics or control blocks (per sflag). 543 * If the interface was not specifically requested, and the symbol 544 * is not in the namelist, ignore this one. 545 */ 546 static void 547 printproto(tp, name) 548 struct protox *tp; 549 const char *name; 550 { 551 void (*pr)(u_long, const char *, int); 552 u_long off; 553 554 if (sflag) { 555 if (iflag) { 556 if (tp->pr_istats) 557 intpr(interval, nl[N_IFNET].n_value, 558 tp->pr_istats); 559 else if (pflag) 560 printf("%s: no per-interface stats routine\n", 561 tp->pr_name); 562 return; 563 } 564 else { 565 pr = tp->pr_stats; 566 if (!pr) { 567 if (pflag) 568 printf("%s: no stats routine\n", 569 tp->pr_name); 570 return; 571 } 572 off = tp->pr_usesysctl ? tp->pr_usesysctl 573 : nl[tp->pr_sindex].n_value; 574 } 575 } else { 576 pr = tp->pr_cblocks; 577 if (!pr) { 578 if (pflag) 579 printf("%s: no PCB routine\n", tp->pr_name); 580 return; 581 } 582 off = tp->pr_usesysctl ? tp->pr_usesysctl 583 : nl[tp->pr_index].n_value; 584 } 585 if (pr != NULL && (off || af != AF_UNSPEC)) 586 (*pr)(off, name, af); 587 } 588 589 /* 590 * Read kernel memory, return 0 on success. 591 */ 592 int 593 kread(u_long addr, char *buf, int size) 594 { 595 if (kvmd == 0) { 596 /* 597 * XXX. 598 */ 599 kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, buf); 600 setgid(getgid()); 601 if (kvmd != NULL) { 602 if (kvm_nlist(kvmd, nl) < 0) { 603 if(nlistf) 604 errx(1, "%s: kvm_nlist: %s", nlistf, 605 kvm_geterr(kvmd)); 606 else 607 errx(1, "kvm_nlist: %s", kvm_geterr(kvmd)); 608 } 609 610 if (nl[0].n_type == 0) { 611 if(nlistf) 612 errx(1, "%s: no namelist", nlistf); 613 else 614 errx(1, "no namelist"); 615 } 616 } else { 617 warnx("kvm not available"); 618 return(-1); 619 } 620 } 621 if (!buf) 622 return (0); 623 if (kvm_read(kvmd, addr, buf, size) != size) { 624 warnx("%s", kvm_geterr(kvmd)); 625 return (-1); 626 } 627 return (0); 628 } 629 630 const char * 631 plural(int n) 632 { 633 return (n != 1 ? "s" : ""); 634 } 635 636 const char * 637 plurales(int n) 638 { 639 return (n != 1 ? "es" : ""); 640 } 641 642 const char * 643 pluralies(int n) 644 { 645 return (n != 1 ? "ies" : "y"); 646 } 647 648 /* 649 * Find the protox for the given "well-known" name. 650 */ 651 static struct protox * 652 knownname(char *name) 653 { 654 struct protox **tpp, *tp; 655 656 for (tpp = protoprotox; *tpp; tpp++) 657 for (tp = *tpp; tp->pr_name; tp++) 658 if (strcmp(tp->pr_name, name) == 0) 659 return (tp); 660 return (NULL); 661 } 662 663 /* 664 * Find the protox corresponding to name. 665 */ 666 static struct protox * 667 name2protox(char *name) 668 { 669 struct protox *tp; 670 char **alias; /* alias from p->aliases */ 671 struct protoent *p; 672 673 /* 674 * Try to find the name in the list of "well-known" names. If that 675 * fails, check if name is an alias for an Internet protocol. 676 */ 677 if ((tp = knownname(name)) != NULL) 678 return (tp); 679 680 setprotoent(1); /* make protocol lookup cheaper */ 681 while ((p = getprotoent()) != NULL) { 682 /* assert: name not same as p->name */ 683 for (alias = p->p_aliases; *alias; alias++) 684 if (strcmp(name, *alias) == 0) { 685 endprotoent(); 686 return (knownname(p->p_name)); 687 } 688 } 689 endprotoent(); 690 return (NULL); 691 } 692 693 static void 694 usage(void) 695 { 696 (void)fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n", 697 "usage: netstat [-AaLnSW] [-f protocol_family | -p protocol]\n" 698 " [-M core] [-N system]", 699 " netstat -i | -I interface [-abdhnt] [-f address_family]\n" 700 " [-M core] [-N system]", 701 " netstat -w wait [-I interface] [-d] [-M core] [-N system]", 702 " netstat -s [-s] [-z] [-f protocol_family | -p protocol] [-M core]", 703 " netstat -i | -I interface -s [-f protocol_family | -p protocol]\n" 704 " [-M core] [-N system]", 705 " netstat -m [-M core] [-N system]", 706 " netstat -B [ -I interface]", 707 " netstat -r [-AenW] [-f address_family] [-M core] [-N system]", 708 " netstat -rs [-s] [-M core] [-N system]", 709 " netstat -g [-W] [-f address_family] [-M core] [-N system]", 710 " netstat -gs [-s] [-f address_family] [-M core] [-N system]"); 711 exit(1); 712 } 713