xref: /freebsd/usr.bin/sockstat/sockstat.c (revision bfb5947bb1e92b08b07a817bd9d8e7f438115e8a)
1ca007d91SDag-Erling Smørgrav /*-
21de7b4b8SPedro F. Giffuni  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
31de7b4b8SPedro F. Giffuni  *
4fb2ad9d3SUlrich Spörlein  * Copyright (c) 2002 Dag-Erling Coïdan Smørgrav
5ca007d91SDag-Erling Smørgrav  * All rights reserved.
6ca007d91SDag-Erling Smørgrav  *
7ca007d91SDag-Erling Smørgrav  * Redistribution and use in source and binary forms, with or without
8ca007d91SDag-Erling Smørgrav  * modification, are permitted provided that the following conditions
9ca007d91SDag-Erling Smørgrav  * are met:
10ca007d91SDag-Erling Smørgrav  * 1. Redistributions of source code must retain the above copyright
11ca007d91SDag-Erling Smørgrav  *    notice, this list of conditions and the following disclaimer
12ca007d91SDag-Erling Smørgrav  *    in this position and unchanged.
13ca007d91SDag-Erling Smørgrav  * 2. Redistributions in binary form must reproduce the above copyright
14ca007d91SDag-Erling Smørgrav  *    notice, this list of conditions and the following disclaimer in the
15ca007d91SDag-Erling Smørgrav  *    documentation and/or other materials provided with the distribution.
16ca007d91SDag-Erling Smørgrav  * 3. The name of the author may not be used to endorse or promote products
17ca007d91SDag-Erling Smørgrav  *    derived from this software without specific prior written permission.
18ca007d91SDag-Erling Smørgrav  *
19ca007d91SDag-Erling Smørgrav  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20ca007d91SDag-Erling Smørgrav  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21ca007d91SDag-Erling Smørgrav  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22ca007d91SDag-Erling Smørgrav  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23ca007d91SDag-Erling Smørgrav  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24ca007d91SDag-Erling Smørgrav  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25ca007d91SDag-Erling Smørgrav  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26ca007d91SDag-Erling Smørgrav  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27ca007d91SDag-Erling Smørgrav  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28ca007d91SDag-Erling Smørgrav  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29ca007d91SDag-Erling Smørgrav  */
30ca007d91SDag-Erling Smørgrav 
31ca007d91SDag-Erling Smørgrav #include <sys/cdefs.h>
32ca007d91SDag-Erling Smørgrav __FBSDID("$FreeBSD$");
33ca007d91SDag-Erling Smørgrav 
34ca007d91SDag-Erling Smørgrav #include <sys/param.h>
35f1cd4902SRyan Moeller #include <sys/file.h>
36ca007d91SDag-Erling Smørgrav #include <sys/socket.h>
37ca007d91SDag-Erling Smørgrav #include <sys/socketvar.h>
38ca007d91SDag-Erling Smørgrav #include <sys/sysctl.h>
39f1cd4902SRyan Moeller #include <sys/jail.h>
40ca007d91SDag-Erling Smørgrav #include <sys/user.h>
41ca007d91SDag-Erling Smørgrav 
42ca007d91SDag-Erling Smørgrav #include <sys/un.h>
430e229f34SGleb Smirnoff #define	_WANT_UNPCB
44ca007d91SDag-Erling Smørgrav #include <sys/unpcb.h>
45ca007d91SDag-Erling Smørgrav 
4602bd9db0SDag-Erling Smørgrav #include <net/route.h>
4702bd9db0SDag-Erling Smørgrav 
48ca007d91SDag-Erling Smørgrav #include <netinet/in.h>
49ca007d91SDag-Erling Smørgrav #include <netinet/in_pcb.h>
50d5b4aa90SMichael Tuexen #include <netinet/sctp.h>
51ca007d91SDag-Erling Smørgrav #include <netinet/tcp.h>
527a5642b3SDag-Erling Smørgrav #define TCPSTATES /* load state names */
537a5642b3SDag-Erling Smørgrav #include <netinet/tcp_fsm.h>
54ca007d91SDag-Erling Smørgrav #include <netinet/tcp_seq.h>
55ca007d91SDag-Erling Smørgrav #include <netinet/tcp_var.h>
56ca007d91SDag-Erling Smørgrav #include <arpa/inet.h>
57ca007d91SDag-Erling Smørgrav 
58c5a2d8c5SRyan Moeller #include <capsicum_helpers.h>
59ca007d91SDag-Erling Smørgrav #include <ctype.h>
60ca007d91SDag-Erling Smørgrav #include <err.h>
61ca007d91SDag-Erling Smørgrav #include <errno.h>
62de68a320SJamie Gritton #include <jail.h>
63ca007d91SDag-Erling Smørgrav #include <netdb.h>
64ca007d91SDag-Erling Smørgrav #include <pwd.h>
65ca007d91SDag-Erling Smørgrav #include <stdarg.h>
66ca007d91SDag-Erling Smørgrav #include <stdio.h>
67ca007d91SDag-Erling Smørgrav #include <stdlib.h>
68ca007d91SDag-Erling Smørgrav #include <string.h>
69ca007d91SDag-Erling Smørgrav #include <unistd.h>
70ca007d91SDag-Erling Smørgrav 
71c5a2d8c5SRyan Moeller #include <libcasper.h>
72c5a2d8c5SRyan Moeller #include <casper/cap_net.h>
73c5a2d8c5SRyan Moeller #include <casper/cap_netdb.h>
74c5a2d8c5SRyan Moeller #include <casper/cap_sysctl.h>
75c5a2d8c5SRyan Moeller 
76b8e20e2dSHiroki Sato #define	sstosin(ss)	((struct sockaddr_in *)(ss))
77b8e20e2dSHiroki Sato #define	sstosin6(ss)	((struct sockaddr_in6 *)(ss))
78b8e20e2dSHiroki Sato #define	sstosun(ss)	((struct sockaddr_un *)(ss))
79b8e20e2dSHiroki Sato #define	sstosa(ss)	((struct sockaddr *)(ss))
80b8e20e2dSHiroki Sato 
81ca007d91SDag-Erling Smørgrav static int	 opt_4;		/* Show IPv4 sockets */
82ca007d91SDag-Erling Smørgrav static int	 opt_6;		/* Show IPv6 sockets */
832ac089d0SMichael Tuexen static int	 opt_C;		/* Show congestion control */
84ca007d91SDag-Erling Smørgrav static int	 opt_c;		/* Show connected sockets */
8500feaafdSAndrew Thompson static int	 opt_j;		/* Show specified jail */
869b6ca892SBruce M Simpson static int	 opt_L;		/* Don't show IPv4 or IPv6 loopback sockets */
87ca007d91SDag-Erling Smørgrav static int	 opt_l;		/* Show listening sockets */
88ccdd2b2bSAlexander Motin static int	 opt_n;		/* Don't resolve UIDs to user names */
89ee0afaa9SEmmanuel Vadot static int	 opt_q;		/* Don't show header */
90e5cccc35SMichael Tuexen static int	 opt_S;		/* Show protocol stack if applicable */
917a5642b3SDag-Erling Smørgrav static int	 opt_s;		/* Show protocol state if applicable */
9249b836f2SMichael Tuexen static int	 opt_U;		/* Show remote UDP encapsulation port number */
93ca007d91SDag-Erling Smørgrav static int	 opt_u;		/* Show Unix domain sockets */
94ca007d91SDag-Erling Smørgrav static int	 opt_v;		/* Verbose mode */
9583f60cb2SMichael Tuexen static int	 opt_w;		/* Wide print area for addresses */
96ca007d91SDag-Erling Smørgrav 
971f3d67aaSGiorgos Keramidas /*
981f3d67aaSGiorgos Keramidas  * Default protocols to use if no -P was defined.
991f3d67aaSGiorgos Keramidas  */
100d5b4aa90SMichael Tuexen static const char *default_protos[] = {"sctp", "tcp", "udp", "divert" };
101b8e20e2dSHiroki Sato static size_t	   default_numprotos = nitems(default_protos);
1021f3d67aaSGiorgos Keramidas 
1031f3d67aaSGiorgos Keramidas static int	*protos;	/* protocols to use */
1041f3d67aaSGiorgos Keramidas static size_t	 numprotos;	/* allocated size of protos[] */
1051f3d67aaSGiorgos Keramidas 
106ca007d91SDag-Erling Smørgrav static int	*ports;
107ca007d91SDag-Erling Smørgrav 
108ca007d91SDag-Erling Smørgrav #define	INT_BIT (sizeof(int)*CHAR_BIT)
109ca007d91SDag-Erling Smørgrav #define	SET_PORT(p) do { ports[p / INT_BIT] |= 1 << (p % INT_BIT); } while (0)
110ca007d91SDag-Erling Smørgrav #define	CHK_PORT(p) (ports[p / INT_BIT] & (1 << (p % INT_BIT)))
111ca007d91SDag-Erling Smørgrav 
112e6f718c7SMichael Tuexen struct addr {
113e6f718c7SMichael Tuexen 	struct sockaddr_storage address;
11449b836f2SMichael Tuexen 	unsigned int encaps_port;
115e389705eSMichael Tuexen 	int state;
116e6f718c7SMichael Tuexen 	struct addr *next;
117e6f718c7SMichael Tuexen };
118e6f718c7SMichael Tuexen 
119ca007d91SDag-Erling Smørgrav struct sock {
120f38b68aeSBrooks Davis 	kvaddr_t socket;
121f38b68aeSBrooks Davis 	kvaddr_t pcb;
12261149f8dSJilles Tjoelker 	int shown;
123ca007d91SDag-Erling Smørgrav 	int vflag;
124ca007d91SDag-Erling Smørgrav 	int family;
125ca007d91SDag-Erling Smørgrav 	int proto;
1267a5642b3SDag-Erling Smørgrav 	int state;
127ca007d91SDag-Erling Smørgrav 	const char *protoname;
128e5cccc35SMichael Tuexen 	char stack[TCP_FUNCTION_NAME_LEN_MAX];
1292ac089d0SMichael Tuexen 	char cc[TCP_CA_NAME_MAX];
130e6f718c7SMichael Tuexen 	struct addr *laddr;
131e6f718c7SMichael Tuexen 	struct addr *faddr;
132ca007d91SDag-Erling Smørgrav 	struct sock *next;
133ca007d91SDag-Erling Smørgrav };
134ca007d91SDag-Erling Smørgrav 
135ca007d91SDag-Erling Smørgrav #define	HASHSIZE 1009
136ca007d91SDag-Erling Smørgrav static struct sock *sockhash[HASHSIZE];
137ca007d91SDag-Erling Smørgrav 
138ca007d91SDag-Erling Smørgrav static struct xfile *xfiles;
139ca007d91SDag-Erling Smørgrav static int nxfiles;
140ca007d91SDag-Erling Smørgrav 
141c5a2d8c5SRyan Moeller static cap_channel_t *capnet;
142c5a2d8c5SRyan Moeller static cap_channel_t *capnetdb;
143c5a2d8c5SRyan Moeller static cap_channel_t *capsysctl;
144c5a2d8c5SRyan Moeller 
145ca007d91SDag-Erling Smørgrav static int
146ca007d91SDag-Erling Smørgrav xprintf(const char *fmt, ...)
147ca007d91SDag-Erling Smørgrav {
148ca007d91SDag-Erling Smørgrav 	va_list ap;
149ca007d91SDag-Erling Smørgrav 	int len;
150ca007d91SDag-Erling Smørgrav 
151ca007d91SDag-Erling Smørgrav 	va_start(ap, fmt);
152ca007d91SDag-Erling Smørgrav 	len = vprintf(fmt, ap);
153ca007d91SDag-Erling Smørgrav 	va_end(ap);
154ca007d91SDag-Erling Smørgrav 	if (len < 0)
155ca007d91SDag-Erling Smørgrav 		err(1, "printf()");
156ca007d91SDag-Erling Smørgrav 	return (len);
157ca007d91SDag-Erling Smørgrav }
158ca007d91SDag-Erling Smørgrav 
1591f3d67aaSGiorgos Keramidas static int
1601f3d67aaSGiorgos Keramidas get_proto_type(const char *proto)
1611f3d67aaSGiorgos Keramidas {
1621f3d67aaSGiorgos Keramidas 	struct protoent *pent;
1631f3d67aaSGiorgos Keramidas 
1641f3d67aaSGiorgos Keramidas 	if (strlen(proto) == 0)
1651f3d67aaSGiorgos Keramidas 		return (0);
166*bfb5947bSMariusz Zaborski 	if (capnetdb != NULL)
167c5a2d8c5SRyan Moeller 		pent = cap_getprotobyname(capnetdb, proto);
168*bfb5947bSMariusz Zaborski 	else
169*bfb5947bSMariusz Zaborski 		pent = getprotobyname(proto);
1701f3d67aaSGiorgos Keramidas 	if (pent == NULL) {
171c5a2d8c5SRyan Moeller 		warn("cap_getprotobyname");
1721f3d67aaSGiorgos Keramidas 		return (-1);
1731f3d67aaSGiorgos Keramidas 	}
1741f3d67aaSGiorgos Keramidas 	return (pent->p_proto);
1751f3d67aaSGiorgos Keramidas }
1761f3d67aaSGiorgos Keramidas 
177b8e20e2dSHiroki Sato static void
178b8e20e2dSHiroki Sato init_protos(int num)
1791f3d67aaSGiorgos Keramidas {
1801f3d67aaSGiorgos Keramidas 	int proto_count = 0;
1811f3d67aaSGiorgos Keramidas 
1821f3d67aaSGiorgos Keramidas 	if (num > 0) {
1831f3d67aaSGiorgos Keramidas 		proto_count = num;
1841f3d67aaSGiorgos Keramidas 	} else {
1851f3d67aaSGiorgos Keramidas 		/* Find the maximum number of possible protocols. */
1861f3d67aaSGiorgos Keramidas 		while (getprotoent() != NULL)
1871f3d67aaSGiorgos Keramidas 			proto_count++;
1881f3d67aaSGiorgos Keramidas 		endprotoent();
1891f3d67aaSGiorgos Keramidas 	}
1901f3d67aaSGiorgos Keramidas 
1911f3d67aaSGiorgos Keramidas 	if ((protos = malloc(sizeof(int) * proto_count)) == NULL)
1921f3d67aaSGiorgos Keramidas 		err(1, "malloc");
1931f3d67aaSGiorgos Keramidas 	numprotos = proto_count;
1941f3d67aaSGiorgos Keramidas }
1951f3d67aaSGiorgos Keramidas 
1961f3d67aaSGiorgos Keramidas static int
1971f3d67aaSGiorgos Keramidas parse_protos(char *protospec)
1981f3d67aaSGiorgos Keramidas {
1991f3d67aaSGiorgos Keramidas 	char *prot;
2001f3d67aaSGiorgos Keramidas 	int proto_type, proto_index;
2011f3d67aaSGiorgos Keramidas 
2021f3d67aaSGiorgos Keramidas 	if (protospec == NULL)
2031f3d67aaSGiorgos Keramidas 		return (-1);
2041f3d67aaSGiorgos Keramidas 
2051f3d67aaSGiorgos Keramidas 	init_protos(0);
2061f3d67aaSGiorgos Keramidas 	proto_index = 0;
207b8e20e2dSHiroki Sato 	while ((prot = strsep(&protospec, ",")) != NULL) {
2081f3d67aaSGiorgos Keramidas 		if (strlen(prot) == 0)
2091f3d67aaSGiorgos Keramidas 			continue;
2101f3d67aaSGiorgos Keramidas 		proto_type = get_proto_type(prot);
2111f3d67aaSGiorgos Keramidas 		if (proto_type != -1)
2121f3d67aaSGiorgos Keramidas 			protos[proto_index++] = proto_type;
2131f3d67aaSGiorgos Keramidas 	}
2141f3d67aaSGiorgos Keramidas 	numprotos = proto_index;
2151f3d67aaSGiorgos Keramidas 	return (proto_index);
2161f3d67aaSGiorgos Keramidas }
2171f3d67aaSGiorgos Keramidas 
218ca007d91SDag-Erling Smørgrav static void
219ca007d91SDag-Erling Smørgrav parse_ports(const char *portspec)
220ca007d91SDag-Erling Smørgrav {
221ca007d91SDag-Erling Smørgrav 	const char *p, *q;
222ca007d91SDag-Erling Smørgrav 	int port, end;
223ca007d91SDag-Erling Smørgrav 
224ca007d91SDag-Erling Smørgrav 	if (ports == NULL)
2259efed1e6SRobert Drehmel 		if ((ports = calloc(65536 / INT_BIT, sizeof(int))) == NULL)
226ca007d91SDag-Erling Smørgrav 			err(1, "calloc()");
227ca007d91SDag-Erling Smørgrav 	p = portspec;
228ca007d91SDag-Erling Smørgrav 	while (*p != '\0') {
229ca007d91SDag-Erling Smørgrav 		if (!isdigit(*p))
230ca007d91SDag-Erling Smørgrav 			errx(1, "syntax error in port range");
231ca007d91SDag-Erling Smørgrav 		for (q = p; *q != '\0' && isdigit(*q); ++q)
232ca007d91SDag-Erling Smørgrav 			/* nothing */ ;
233ca007d91SDag-Erling Smørgrav 		for (port = 0; p < q; ++p)
234ca007d91SDag-Erling Smørgrav 			port = port * 10 + digittoint(*p);
235ca007d91SDag-Erling Smørgrav 		if (port < 0 || port > 65535)
236ca007d91SDag-Erling Smørgrav 			errx(1, "invalid port number");
237ca007d91SDag-Erling Smørgrav 		SET_PORT(port);
238ca007d91SDag-Erling Smørgrav 		switch (*p) {
239ca007d91SDag-Erling Smørgrav 		case '-':
240ca007d91SDag-Erling Smørgrav 			++p;
241ca007d91SDag-Erling Smørgrav 			break;
242ca007d91SDag-Erling Smørgrav 		case ',':
243ca007d91SDag-Erling Smørgrav 			++p;
244ca007d91SDag-Erling Smørgrav 			/* fall through */
245ca007d91SDag-Erling Smørgrav 		case '\0':
246ca007d91SDag-Erling Smørgrav 		default:
247ca007d91SDag-Erling Smørgrav 			continue;
248ca007d91SDag-Erling Smørgrav 		}
249ca007d91SDag-Erling Smørgrav 		for (q = p; *q != '\0' && isdigit(*q); ++q)
250ca007d91SDag-Erling Smørgrav 			/* nothing */ ;
251ca007d91SDag-Erling Smørgrav 		for (end = 0; p < q; ++p)
252ca007d91SDag-Erling Smørgrav 			end = end * 10 + digittoint(*p);
253ca007d91SDag-Erling Smørgrav 		if (end < port || end > 65535)
254ca007d91SDag-Erling Smørgrav 			errx(1, "invalid port number");
255ca007d91SDag-Erling Smørgrav 		while (port++ < end)
256ca007d91SDag-Erling Smørgrav 			SET_PORT(port);
257ca007d91SDag-Erling Smørgrav 		if (*p == ',')
258ca007d91SDag-Erling Smørgrav 			++p;
259ca007d91SDag-Erling Smørgrav 	}
260ca007d91SDag-Erling Smørgrav }
261ca007d91SDag-Erling Smørgrav 
262ca007d91SDag-Erling Smørgrav static void
263b8e20e2dSHiroki Sato sockaddr(struct sockaddr_storage *ss, int af, void *addr, int port)
264ca007d91SDag-Erling Smørgrav {
265ca007d91SDag-Erling Smørgrav 	struct sockaddr_in *sin4;
266ca007d91SDag-Erling Smørgrav 	struct sockaddr_in6 *sin6;
267ca007d91SDag-Erling Smørgrav 
268b8e20e2dSHiroki Sato 	bzero(ss, sizeof(*ss));
269ca007d91SDag-Erling Smørgrav 	switch (af) {
270ca007d91SDag-Erling Smørgrav 	case AF_INET:
271b8e20e2dSHiroki Sato 		sin4 = sstosin(ss);
272b8e20e2dSHiroki Sato 		sin4->sin_len = sizeof(*sin4);
273ca007d91SDag-Erling Smørgrav 		sin4->sin_family = af;
274ca007d91SDag-Erling Smørgrav 		sin4->sin_port = port;
275ca007d91SDag-Erling Smørgrav 		sin4->sin_addr = *(struct in_addr *)addr;
276ca007d91SDag-Erling Smørgrav 		break;
277ca007d91SDag-Erling Smørgrav 	case AF_INET6:
278b8e20e2dSHiroki Sato 		sin6 = sstosin6(ss);
279b8e20e2dSHiroki Sato 		sin6->sin6_len = sizeof(*sin6);
280ca007d91SDag-Erling Smørgrav 		sin6->sin6_family = af;
281ca007d91SDag-Erling Smørgrav 		sin6->sin6_port = port;
282ca007d91SDag-Erling Smørgrav 		sin6->sin6_addr = *(struct in6_addr *)addr;
283b8e20e2dSHiroki Sato #define	s6_addr16	__u6_addr.__u6_addr16
284b8e20e2dSHiroki Sato 		if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
285b8e20e2dSHiroki Sato 			sin6->sin6_scope_id =
286b8e20e2dSHiroki Sato 			    ntohs(sin6->sin6_addr.s6_addr16[1]);
287b8e20e2dSHiroki Sato 			sin6->sin6_addr.s6_addr16[1] = 0;
288b8e20e2dSHiroki Sato 		}
289ca007d91SDag-Erling Smørgrav 		break;
290ca007d91SDag-Erling Smørgrav 	default:
291ca007d91SDag-Erling Smørgrav 		abort();
292ca007d91SDag-Erling Smørgrav 	}
293ca007d91SDag-Erling Smørgrav }
294ca007d91SDag-Erling Smørgrav 
295ca007d91SDag-Erling Smørgrav static void
296bedcf91dSMichael Tuexen free_socket(struct sock *sock)
297bedcf91dSMichael Tuexen {
298bedcf91dSMichael Tuexen 	struct addr *cur, *next;
299bedcf91dSMichael Tuexen 
300bedcf91dSMichael Tuexen 	cur = sock->laddr;
301bedcf91dSMichael Tuexen 	while (cur != NULL) {
302bedcf91dSMichael Tuexen 		next = cur->next;
303bedcf91dSMichael Tuexen 		free(cur);
304bedcf91dSMichael Tuexen 		cur = next;
305bedcf91dSMichael Tuexen 	}
306bedcf91dSMichael Tuexen 	cur = sock->faddr;
307bedcf91dSMichael Tuexen 	while (cur != NULL) {
308bedcf91dSMichael Tuexen 		next = cur->next;
309bedcf91dSMichael Tuexen 		free(cur);
310bedcf91dSMichael Tuexen 		cur = next;
311bedcf91dSMichael Tuexen 	}
312bedcf91dSMichael Tuexen 	free(sock);
313bedcf91dSMichael Tuexen }
314bedcf91dSMichael Tuexen 
315bedcf91dSMichael Tuexen static void
316d5b4aa90SMichael Tuexen gather_sctp(void)
317d5b4aa90SMichael Tuexen {
318d5b4aa90SMichael Tuexen 	struct sock *sock;
319d5b4aa90SMichael Tuexen 	struct addr *laddr, *prev_laddr, *faddr, *prev_faddr;
320d5b4aa90SMichael Tuexen 	struct xsctp_inpcb *xinpcb;
321d5b4aa90SMichael Tuexen 	struct xsctp_tcb *xstcb;
322d5b4aa90SMichael Tuexen 	struct xsctp_raddr *xraddr;
323d5b4aa90SMichael Tuexen 	struct xsctp_laddr *xladdr;
324d5b4aa90SMichael Tuexen 	const char *varname;
325d5b4aa90SMichael Tuexen 	size_t len, offset;
326d5b4aa90SMichael Tuexen 	char *buf;
327d5b4aa90SMichael Tuexen 	int hash, vflag;
328d5b4aa90SMichael Tuexen 	int no_stcb, local_all_loopback, foreign_all_loopback;
329d5b4aa90SMichael Tuexen 
330d5b4aa90SMichael Tuexen 	vflag = 0;
331d5b4aa90SMichael Tuexen 	if (opt_4)
332d5b4aa90SMichael Tuexen 		vflag |= INP_IPV4;
333d5b4aa90SMichael Tuexen 	if (opt_6)
334d5b4aa90SMichael Tuexen 		vflag |= INP_IPV6;
335d5b4aa90SMichael Tuexen 
336d5b4aa90SMichael Tuexen 	varname = "net.inet.sctp.assoclist";
337c5a2d8c5SRyan Moeller 	if (cap_sysctlbyname(capsysctl, varname, 0, &len, 0, 0) < 0) {
338d5b4aa90SMichael Tuexen 		if (errno != ENOENT)
339c5a2d8c5SRyan Moeller 			err(1, "cap_sysctlbyname()");
340d5b4aa90SMichael Tuexen 		return;
341d5b4aa90SMichael Tuexen 	}
342d5b4aa90SMichael Tuexen 	if ((buf = (char *)malloc(len)) == NULL) {
343d5b4aa90SMichael Tuexen 		err(1, "malloc()");
344d5b4aa90SMichael Tuexen 		return;
345d5b4aa90SMichael Tuexen 	}
346c5a2d8c5SRyan Moeller 	if (cap_sysctlbyname(capsysctl, varname, buf, &len, 0, 0) < 0) {
347c5a2d8c5SRyan Moeller 		err(1, "cap_sysctlbyname()");
348d5b4aa90SMichael Tuexen 		free(buf);
349d5b4aa90SMichael Tuexen 		return;
350d5b4aa90SMichael Tuexen 	}
351d5b4aa90SMichael Tuexen 	xinpcb = (struct xsctp_inpcb *)(void *)buf;
352d5b4aa90SMichael Tuexen 	offset = sizeof(struct xsctp_inpcb);
353d5b4aa90SMichael Tuexen 	while ((offset < len) && (xinpcb->last == 0)) {
354d5b4aa90SMichael Tuexen 		if ((sock = calloc(1, sizeof *sock)) == NULL)
355d5b4aa90SMichael Tuexen 			err(1, "malloc()");
356d5b4aa90SMichael Tuexen 		sock->socket = xinpcb->socket;
357d5b4aa90SMichael Tuexen 		sock->proto = IPPROTO_SCTP;
358d5b4aa90SMichael Tuexen 		sock->protoname = "sctp";
359c1eb13c7SMichael Tuexen 		if (xinpcb->maxqlen == 0)
3606414db1bSMichael Tuexen 			sock->state = SCTP_CLOSED;
3616414db1bSMichael Tuexen 		else
3626414db1bSMichael Tuexen 			sock->state = SCTP_LISTEN;
363d5b4aa90SMichael Tuexen 		if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
364d5b4aa90SMichael Tuexen 			sock->family = AF_INET6;
365edc9c7fcSMichael Tuexen 			/*
366edc9c7fcSMichael Tuexen 			 * Currently there is no way to distinguish between
367edc9c7fcSMichael Tuexen 			 * IPv6 only sockets or dual family sockets.
368edc9c7fcSMichael Tuexen 			 * So mark it as dual socket.
369edc9c7fcSMichael Tuexen 			 */
370edc9c7fcSMichael Tuexen 			sock->vflag = INP_IPV6 | INP_IPV4;
371d5b4aa90SMichael Tuexen 		} else {
372d5b4aa90SMichael Tuexen 			sock->family = AF_INET;
373d5b4aa90SMichael Tuexen 			sock->vflag = INP_IPV4;
374d5b4aa90SMichael Tuexen 		}
375d5b4aa90SMichael Tuexen 		prev_laddr = NULL;
376d5b4aa90SMichael Tuexen 		local_all_loopback = 1;
377d5b4aa90SMichael Tuexen 		while (offset < len) {
378d5b4aa90SMichael Tuexen 			xladdr = (struct xsctp_laddr *)(void *)(buf + offset);
379d5b4aa90SMichael Tuexen 			offset += sizeof(struct xsctp_laddr);
380d5b4aa90SMichael Tuexen 			if (xladdr->last == 1)
381d5b4aa90SMichael Tuexen 				break;
382d5b4aa90SMichael Tuexen 			if ((laddr = calloc(1, sizeof(struct addr))) == NULL)
383d5b4aa90SMichael Tuexen 				err(1, "malloc()");
384d5b4aa90SMichael Tuexen 			switch (xladdr->address.sa.sa_family) {
385d5b4aa90SMichael Tuexen 			case AF_INET:
386d5b4aa90SMichael Tuexen #define	__IN_IS_ADDR_LOOPBACK(pina) \
387d5b4aa90SMichael Tuexen 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
38827569d01SRenato Botelho 				if (!__IN_IS_ADDR_LOOPBACK(
38927569d01SRenato Botelho 				    &xladdr->address.sin.sin_addr))
390d5b4aa90SMichael Tuexen 					local_all_loopback = 0;
391d5b4aa90SMichael Tuexen #undef	__IN_IS_ADDR_LOOPBACK
39227569d01SRenato Botelho 				sockaddr(&laddr->address, AF_INET,
393d5b4aa90SMichael Tuexen 				    &xladdr->address.sin.sin_addr,
394d5b4aa90SMichael Tuexen 				    htons(xinpcb->local_port));
395d5b4aa90SMichael Tuexen 				break;
396d5b4aa90SMichael Tuexen 			case AF_INET6:
39727569d01SRenato Botelho 				if (!IN6_IS_ADDR_LOOPBACK(
39827569d01SRenato Botelho 				    &xladdr->address.sin6.sin6_addr))
399d5b4aa90SMichael Tuexen 					local_all_loopback = 0;
40027569d01SRenato Botelho 				sockaddr(&laddr->address, AF_INET6,
401d5b4aa90SMichael Tuexen 				    &xladdr->address.sin6.sin6_addr,
402d5b4aa90SMichael Tuexen 				    htons(xinpcb->local_port));
403d5b4aa90SMichael Tuexen 				break;
404d5b4aa90SMichael Tuexen 			default:
405463a577bSEitan Adler 				errx(1, "address family %d not supported",
406d5b4aa90SMichael Tuexen 				    xladdr->address.sa.sa_family);
407d5b4aa90SMichael Tuexen 			}
408d5b4aa90SMichael Tuexen 			laddr->next = NULL;
409d5b4aa90SMichael Tuexen 			if (prev_laddr == NULL)
410d5b4aa90SMichael Tuexen 				sock->laddr = laddr;
411d5b4aa90SMichael Tuexen 			else
412d5b4aa90SMichael Tuexen 				prev_laddr->next = laddr;
413d5b4aa90SMichael Tuexen 			prev_laddr = laddr;
414d5b4aa90SMichael Tuexen 		}
415d5b4aa90SMichael Tuexen 		if (sock->laddr == NULL) {
41627569d01SRenato Botelho 			if ((sock->laddr =
41727569d01SRenato Botelho 			    calloc(1, sizeof(struct addr))) == NULL)
418d5b4aa90SMichael Tuexen 				err(1, "malloc()");
419d5b4aa90SMichael Tuexen 			sock->laddr->address.ss_family = sock->family;
420d5b4aa90SMichael Tuexen 			if (sock->family == AF_INET)
42127569d01SRenato Botelho 				sock->laddr->address.ss_len =
42227569d01SRenato Botelho 				    sizeof(struct sockaddr_in);
423d5b4aa90SMichael Tuexen 			else
42427569d01SRenato Botelho 				sock->laddr->address.ss_len =
42527569d01SRenato Botelho 				    sizeof(struct sockaddr_in6);
426d5b4aa90SMichael Tuexen 			local_all_loopback = 0;
427d5b4aa90SMichael Tuexen 		}
428d5b4aa90SMichael Tuexen 		if ((sock->faddr = calloc(1, sizeof(struct addr))) == NULL)
429d5b4aa90SMichael Tuexen 			err(1, "malloc()");
430d5b4aa90SMichael Tuexen 		sock->faddr->address.ss_family = sock->family;
431d5b4aa90SMichael Tuexen 		if (sock->family == AF_INET)
43227569d01SRenato Botelho 			sock->faddr->address.ss_len =
43327569d01SRenato Botelho 			    sizeof(struct sockaddr_in);
434d5b4aa90SMichael Tuexen 		else
43527569d01SRenato Botelho 			sock->faddr->address.ss_len =
43627569d01SRenato Botelho 			    sizeof(struct sockaddr_in6);
437d5b4aa90SMichael Tuexen 		no_stcb = 1;
438d5b4aa90SMichael Tuexen 		while (offset < len) {
439d5b4aa90SMichael Tuexen 			xstcb = (struct xsctp_tcb *)(void *)(buf + offset);
440d5b4aa90SMichael Tuexen 			offset += sizeof(struct xsctp_tcb);
441bedcf91dSMichael Tuexen 			if (no_stcb) {
44227569d01SRenato Botelho 				if (opt_l && (sock->vflag & vflag) &&
443d5b4aa90SMichael Tuexen 				    (!opt_L || !local_all_loopback) &&
444d5b4aa90SMichael Tuexen 				    ((xinpcb->flags & SCTP_PCB_FLAGS_UDPTYPE) ||
445d5b4aa90SMichael Tuexen 				     (xstcb->last == 1))) {
44627569d01SRenato Botelho 					hash = (int)((uintptr_t)sock->socket %
44727569d01SRenato Botelho 					    HASHSIZE);
448d5b4aa90SMichael Tuexen 					sock->next = sockhash[hash];
449d5b4aa90SMichael Tuexen 					sockhash[hash] = sock;
450bedcf91dSMichael Tuexen 				} else {
451bedcf91dSMichael Tuexen 					free_socket(sock);
452bedcf91dSMichael Tuexen 				}
453d5b4aa90SMichael Tuexen 			}
454d5b4aa90SMichael Tuexen 			if (xstcb->last == 1)
455d5b4aa90SMichael Tuexen 				break;
456d5b4aa90SMichael Tuexen 			no_stcb = 0;
457d5b4aa90SMichael Tuexen 			if (opt_c) {
458d5b4aa90SMichael Tuexen 				if ((sock = calloc(1, sizeof *sock)) == NULL)
459d5b4aa90SMichael Tuexen 					err(1, "malloc()");
460d5b4aa90SMichael Tuexen 				sock->socket = xinpcb->socket;
461d5b4aa90SMichael Tuexen 				sock->proto = IPPROTO_SCTP;
462d5b4aa90SMichael Tuexen 				sock->protoname = "sctp";
4636414db1bSMichael Tuexen 				sock->state = (int)xstcb->state;
464d5b4aa90SMichael Tuexen 				if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
465d5b4aa90SMichael Tuexen 					sock->family = AF_INET6;
466edc9c7fcSMichael Tuexen 				/*
467edc9c7fcSMichael Tuexen 				 * Currently there is no way to distinguish
468edc9c7fcSMichael Tuexen 				 * between IPv6 only sockets or dual family
469edc9c7fcSMichael Tuexen 				 *  sockets. So mark it as dual socket.
470edc9c7fcSMichael Tuexen 				 */
471edc9c7fcSMichael Tuexen 					sock->vflag = INP_IPV6 | INP_IPV4;
472d5b4aa90SMichael Tuexen 				} else {
473d5b4aa90SMichael Tuexen 					sock->family = AF_INET;
474d5b4aa90SMichael Tuexen 					sock->vflag = INP_IPV4;
475d5b4aa90SMichael Tuexen 				}
476d5b4aa90SMichael Tuexen 			}
477d5b4aa90SMichael Tuexen 			prev_laddr = NULL;
478d5b4aa90SMichael Tuexen 			local_all_loopback = 1;
479d5b4aa90SMichael Tuexen 			while (offset < len) {
48027569d01SRenato Botelho 				xladdr = (struct xsctp_laddr *)(void *)(buf +
48127569d01SRenato Botelho 				    offset);
482d5b4aa90SMichael Tuexen 				offset += sizeof(struct xsctp_laddr);
483d5b4aa90SMichael Tuexen 				if (xladdr->last == 1)
484d5b4aa90SMichael Tuexen 					break;
485d5b4aa90SMichael Tuexen 				if (!opt_c)
486d5b4aa90SMichael Tuexen 					continue;
48727569d01SRenato Botelho 				laddr = calloc(1, sizeof(struct addr));
48827569d01SRenato Botelho 				if (laddr == NULL)
489d5b4aa90SMichael Tuexen 					err(1, "malloc()");
490d5b4aa90SMichael Tuexen 				switch (xladdr->address.sa.sa_family) {
491d5b4aa90SMichael Tuexen 				case AF_INET:
492d5b4aa90SMichael Tuexen #define	__IN_IS_ADDR_LOOPBACK(pina) \
493d5b4aa90SMichael Tuexen 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
49427569d01SRenato Botelho 					if (!__IN_IS_ADDR_LOOPBACK(
49527569d01SRenato Botelho 					    &xladdr->address.sin.sin_addr))
496d5b4aa90SMichael Tuexen 						local_all_loopback = 0;
497d5b4aa90SMichael Tuexen #undef	__IN_IS_ADDR_LOOPBACK
49827569d01SRenato Botelho 					sockaddr(&laddr->address, AF_INET,
499d5b4aa90SMichael Tuexen 					    &xladdr->address.sin.sin_addr,
500d5b4aa90SMichael Tuexen 					    htons(xstcb->local_port));
501d5b4aa90SMichael Tuexen 					break;
502d5b4aa90SMichael Tuexen 				case AF_INET6:
50327569d01SRenato Botelho 					if (!IN6_IS_ADDR_LOOPBACK(
50427569d01SRenato Botelho 					    &xladdr->address.sin6.sin6_addr))
505d5b4aa90SMichael Tuexen 						local_all_loopback = 0;
50627569d01SRenato Botelho 					sockaddr(&laddr->address, AF_INET6,
507d5b4aa90SMichael Tuexen 					    &xladdr->address.sin6.sin6_addr,
508d5b4aa90SMichael Tuexen 					    htons(xstcb->local_port));
509d5b4aa90SMichael Tuexen 					break;
510d5b4aa90SMichael Tuexen 				default:
51127569d01SRenato Botelho 					errx(1,
51227569d01SRenato Botelho 					    "address family %d not supported",
513d5b4aa90SMichael Tuexen 					    xladdr->address.sa.sa_family);
514d5b4aa90SMichael Tuexen 				}
515d5b4aa90SMichael Tuexen 				laddr->next = NULL;
516d5b4aa90SMichael Tuexen 				if (prev_laddr == NULL)
517d5b4aa90SMichael Tuexen 					sock->laddr = laddr;
518d5b4aa90SMichael Tuexen 				else
519d5b4aa90SMichael Tuexen 					prev_laddr->next = laddr;
520d5b4aa90SMichael Tuexen 				prev_laddr = laddr;
521d5b4aa90SMichael Tuexen 			}
522d5b4aa90SMichael Tuexen 			prev_faddr = NULL;
523d5b4aa90SMichael Tuexen 			foreign_all_loopback = 1;
524d5b4aa90SMichael Tuexen 			while (offset < len) {
52527569d01SRenato Botelho 				xraddr = (struct xsctp_raddr *)(void *)(buf +
52627569d01SRenato Botelho 				    offset);
527d5b4aa90SMichael Tuexen 				offset += sizeof(struct xsctp_raddr);
528d5b4aa90SMichael Tuexen 				if (xraddr->last == 1)
529d5b4aa90SMichael Tuexen 					break;
530d5b4aa90SMichael Tuexen 				if (!opt_c)
531d5b4aa90SMichael Tuexen 					continue;
53227569d01SRenato Botelho 				faddr = calloc(1, sizeof(struct addr));
53327569d01SRenato Botelho 				if (faddr == NULL)
534d5b4aa90SMichael Tuexen 					err(1, "malloc()");
535d5b4aa90SMichael Tuexen 				switch (xraddr->address.sa.sa_family) {
536d5b4aa90SMichael Tuexen 				case AF_INET:
537d5b4aa90SMichael Tuexen #define	__IN_IS_ADDR_LOOPBACK(pina) \
538d5b4aa90SMichael Tuexen 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
53927569d01SRenato Botelho 					if (!__IN_IS_ADDR_LOOPBACK(
54027569d01SRenato Botelho 					    &xraddr->address.sin.sin_addr))
541d5b4aa90SMichael Tuexen 						foreign_all_loopback = 0;
542d5b4aa90SMichael Tuexen #undef	__IN_IS_ADDR_LOOPBACK
54327569d01SRenato Botelho 					sockaddr(&faddr->address, AF_INET,
544d5b4aa90SMichael Tuexen 					    &xraddr->address.sin.sin_addr,
545d5b4aa90SMichael Tuexen 					    htons(xstcb->remote_port));
546d5b4aa90SMichael Tuexen 					break;
547d5b4aa90SMichael Tuexen 				case AF_INET6:
54827569d01SRenato Botelho 					if (!IN6_IS_ADDR_LOOPBACK(
54927569d01SRenato Botelho 					    &xraddr->address.sin6.sin6_addr))
550d5b4aa90SMichael Tuexen 						foreign_all_loopback = 0;
55127569d01SRenato Botelho 					sockaddr(&faddr->address, AF_INET6,
552d5b4aa90SMichael Tuexen 					    &xraddr->address.sin6.sin6_addr,
553d5b4aa90SMichael Tuexen 					    htons(xstcb->remote_port));
554d5b4aa90SMichael Tuexen 					break;
555d5b4aa90SMichael Tuexen 				default:
55627569d01SRenato Botelho 					errx(1,
55727569d01SRenato Botelho 					    "address family %d not supported",
558d5b4aa90SMichael Tuexen 					    xraddr->address.sa.sa_family);
559d5b4aa90SMichael Tuexen 				}
56049b836f2SMichael Tuexen 				faddr->encaps_port = xraddr->encaps_port;
561e389705eSMichael Tuexen 				faddr->state = xraddr->state;
562d5b4aa90SMichael Tuexen 				faddr->next = NULL;
563d5b4aa90SMichael Tuexen 				if (prev_faddr == NULL)
564d5b4aa90SMichael Tuexen 					sock->faddr = faddr;
565d5b4aa90SMichael Tuexen 				else
566d5b4aa90SMichael Tuexen 					prev_faddr->next = faddr;
567d5b4aa90SMichael Tuexen 				prev_faddr = faddr;
568d5b4aa90SMichael Tuexen 			}
569bedcf91dSMichael Tuexen 			if (opt_c) {
570edc9c7fcSMichael Tuexen 				if ((sock->vflag & vflag) &&
571edc9c7fcSMichael Tuexen 				    (!opt_L ||
57227569d01SRenato Botelho 				     !(local_all_loopback ||
57327569d01SRenato Botelho 				     foreign_all_loopback))) {
57427569d01SRenato Botelho 					hash = (int)((uintptr_t)sock->socket %
57527569d01SRenato Botelho 					    HASHSIZE);
576d5b4aa90SMichael Tuexen 					sock->next = sockhash[hash];
577d5b4aa90SMichael Tuexen 					sockhash[hash] = sock;
578bedcf91dSMichael Tuexen 				} else {
579bedcf91dSMichael Tuexen 					free_socket(sock);
580bedcf91dSMichael Tuexen 				}
581d5b4aa90SMichael Tuexen 			}
582d5b4aa90SMichael Tuexen 		}
583d5b4aa90SMichael Tuexen 		xinpcb = (struct xsctp_inpcb *)(void *)(buf + offset);
584d5b4aa90SMichael Tuexen 		offset += sizeof(struct xsctp_inpcb);
585d5b4aa90SMichael Tuexen 	}
586d5b4aa90SMichael Tuexen 	free(buf);
587d5b4aa90SMichael Tuexen }
588d5b4aa90SMichael Tuexen 
589d5b4aa90SMichael Tuexen static void
590ca007d91SDag-Erling Smørgrav gather_inet(int proto)
591ca007d91SDag-Erling Smørgrav {
592ca007d91SDag-Erling Smørgrav 	struct xinpgen *xig, *exig;
593ca007d91SDag-Erling Smørgrav 	struct xinpcb *xip;
594bf40d2caSGleb Smirnoff 	struct xtcpcb *xtp = NULL;
595ca007d91SDag-Erling Smørgrav 	struct xsocket *so;
596ca007d91SDag-Erling Smørgrav 	struct sock *sock;
597e6f718c7SMichael Tuexen 	struct addr *laddr, *faddr;
598ca007d91SDag-Erling Smørgrav 	const char *varname, *protoname;
599ca007d91SDag-Erling Smørgrav 	size_t len, bufsize;
600ca007d91SDag-Erling Smørgrav 	void *buf;
6016eb1d5baSMichael Tuexen 	int hash, retry, vflag;
602ca007d91SDag-Erling Smørgrav 
6036eb1d5baSMichael Tuexen 	vflag = 0;
604ca007d91SDag-Erling Smørgrav 	if (opt_4)
605ca007d91SDag-Erling Smørgrav 		vflag |= INP_IPV4;
606ca007d91SDag-Erling Smørgrav 	if (opt_6)
607ca007d91SDag-Erling Smørgrav 		vflag |= INP_IPV6;
608ca007d91SDag-Erling Smørgrav 
609ca007d91SDag-Erling Smørgrav 	switch (proto) {
610ca007d91SDag-Erling Smørgrav 	case IPPROTO_TCP:
611ca007d91SDag-Erling Smørgrav 		varname = "net.inet.tcp.pcblist";
612ca007d91SDag-Erling Smørgrav 		protoname = "tcp";
613ca007d91SDag-Erling Smørgrav 		break;
614ca007d91SDag-Erling Smørgrav 	case IPPROTO_UDP:
615ca007d91SDag-Erling Smørgrav 		varname = "net.inet.udp.pcblist";
616ca007d91SDag-Erling Smørgrav 		protoname = "udp";
617ca007d91SDag-Erling Smørgrav 		break;
6182cfbdf89SRuslan Ermilov 	case IPPROTO_DIVERT:
6192cfbdf89SRuslan Ermilov 		varname = "net.inet.divert.pcblist";
6202cfbdf89SRuslan Ermilov 		protoname = "div";
6212cfbdf89SRuslan Ermilov 		break;
622ca007d91SDag-Erling Smørgrav 	default:
6231f3d67aaSGiorgos Keramidas 		errx(1, "protocol %d not supported", proto);
624ca007d91SDag-Erling Smørgrav 	}
625ca007d91SDag-Erling Smørgrav 
626ca007d91SDag-Erling Smørgrav 	buf = NULL;
627ca007d91SDag-Erling Smørgrav 	bufsize = 8192;
628ca007d91SDag-Erling Smørgrav 	retry = 5;
629ca007d91SDag-Erling Smørgrav 	do {
630ca007d91SDag-Erling Smørgrav 		for (;;) {
631ca007d91SDag-Erling Smørgrav 			if ((buf = realloc(buf, bufsize)) == NULL)
632ca007d91SDag-Erling Smørgrav 				err(1, "realloc()");
633ca007d91SDag-Erling Smørgrav 			len = bufsize;
634c5a2d8c5SRyan Moeller 			if (cap_sysctlbyname(capsysctl, varname, buf, &len,
635c5a2d8c5SRyan Moeller 			    NULL, 0) == 0)
636ca007d91SDag-Erling Smørgrav 				break;
6374b2a3d41SRuslan Ermilov 			if (errno == ENOENT)
6384b2a3d41SRuslan Ermilov 				goto out;
639003e7e49SMikolaj Golub 			if (errno != ENOMEM || len != bufsize)
640c5a2d8c5SRyan Moeller 				err(1, "cap_sysctlbyname()");
641ca007d91SDag-Erling Smørgrav 			bufsize *= 2;
642ca007d91SDag-Erling Smørgrav 		}
643ca007d91SDag-Erling Smørgrav 		xig = (struct xinpgen *)buf;
6446dbe8d53SRobert Drehmel 		exig = (struct xinpgen *)(void *)
6456dbe8d53SRobert Drehmel 		    ((char *)buf + len - sizeof *exig);
646ca007d91SDag-Erling Smørgrav 		if (xig->xig_len != sizeof *xig ||
647ca007d91SDag-Erling Smørgrav 		    exig->xig_len != sizeof *exig)
648ca007d91SDag-Erling Smørgrav 			errx(1, "struct xinpgen size mismatch");
649ca007d91SDag-Erling Smørgrav 	} while (xig->xig_gen != exig->xig_gen && retry--);
650ca007d91SDag-Erling Smørgrav 
651ca007d91SDag-Erling Smørgrav 	if (xig->xig_gen != exig->xig_gen && opt_v)
652ca007d91SDag-Erling Smørgrav 		warnx("warning: data may be inconsistent");
653ca007d91SDag-Erling Smørgrav 
654ca007d91SDag-Erling Smørgrav 	for (;;) {
6556dbe8d53SRobert Drehmel 		xig = (struct xinpgen *)(void *)((char *)xig + xig->xig_len);
656ca007d91SDag-Erling Smørgrav 		if (xig >= exig)
657ca007d91SDag-Erling Smørgrav 			break;
658ca007d91SDag-Erling Smørgrav 		switch (proto) {
659ca007d91SDag-Erling Smørgrav 		case IPPROTO_TCP:
660cc65eb4eSGleb Smirnoff 			xtp = (struct xtcpcb *)xig;
661cc65eb4eSGleb Smirnoff 			xip = &xtp->xt_inp;
662b8e20e2dSHiroki Sato 			if (xtp->xt_len != sizeof(*xtp)) {
663ca007d91SDag-Erling Smørgrav 				warnx("struct xtcpcb size mismatch");
664ca007d91SDag-Erling Smørgrav 				goto out;
665ca007d91SDag-Erling Smørgrav 			}
666cc65eb4eSGleb Smirnoff 			protoname = xtp->t_flags & TF_TOE ? "toe" : "tcp";
667ca007d91SDag-Erling Smørgrav 			break;
668ca007d91SDag-Erling Smørgrav 		case IPPROTO_UDP:
6692cfbdf89SRuslan Ermilov 		case IPPROTO_DIVERT:
670cc65eb4eSGleb Smirnoff 			xip = (struct xinpcb *)xig;
671b8e20e2dSHiroki Sato 			if (xip->xi_len != sizeof(*xip)) {
672ca007d91SDag-Erling Smørgrav 				warnx("struct xinpcb size mismatch");
673ca007d91SDag-Erling Smørgrav 				goto out;
674ca007d91SDag-Erling Smørgrav 			}
675ca007d91SDag-Erling Smørgrav 			break;
676ca007d91SDag-Erling Smørgrav 		default:
6771f3d67aaSGiorgos Keramidas 			errx(1, "protocol %d not supported", proto);
678ca007d91SDag-Erling Smørgrav 		}
679cc65eb4eSGleb Smirnoff 		so = &xip->xi_socket;
680cc65eb4eSGleb Smirnoff 		if ((xip->inp_vflag & vflag) == 0)
681ca007d91SDag-Erling Smørgrav 			continue;
682cc65eb4eSGleb Smirnoff 		if (xip->inp_vflag & INP_IPV4) {
683cc65eb4eSGleb Smirnoff 			if ((xip->inp_fport == 0 && !opt_l) ||
684cc65eb4eSGleb Smirnoff 			    (xip->inp_fport != 0 && !opt_c))
6851e6690e5SDag-Erling Smørgrav 				continue;
6869b6ca892SBruce M Simpson #define	__IN_IS_ADDR_LOOPBACK(pina) \
6879b6ca892SBruce M Simpson 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
6889b6ca892SBruce M Simpson 			if (opt_L &&
689cc65eb4eSGleb Smirnoff 			    (__IN_IS_ADDR_LOOPBACK(&xip->inp_faddr) ||
690cc65eb4eSGleb Smirnoff 			     __IN_IS_ADDR_LOOPBACK(&xip->inp_laddr)))
6919b6ca892SBruce M Simpson 				continue;
6929b6ca892SBruce M Simpson #undef	__IN_IS_ADDR_LOOPBACK
693cc65eb4eSGleb Smirnoff 		} else if (xip->inp_vflag & INP_IPV6) {
694cc65eb4eSGleb Smirnoff 			if ((xip->inp_fport == 0 && !opt_l) ||
695cc65eb4eSGleb Smirnoff 			    (xip->inp_fport != 0 && !opt_c))
6961e6690e5SDag-Erling Smørgrav 				continue;
6979b6ca892SBruce M Simpson 			if (opt_L &&
698cc65eb4eSGleb Smirnoff 			    (IN6_IS_ADDR_LOOPBACK(&xip->in6p_faddr) ||
699cc65eb4eSGleb Smirnoff 			     IN6_IS_ADDR_LOOPBACK(&xip->in6p_laddr)))
7009b6ca892SBruce M Simpson 				continue;
7011e6690e5SDag-Erling Smørgrav 		} else {
7021e6690e5SDag-Erling Smørgrav 			if (opt_v)
703cc65eb4eSGleb Smirnoff 				warnx("invalid vflag 0x%x", xip->inp_vflag);
7041e6690e5SDag-Erling Smørgrav 			continue;
7051e6690e5SDag-Erling Smørgrav 		}
706b8e20e2dSHiroki Sato 		if ((sock = calloc(1, sizeof(*sock))) == NULL)
707ca007d91SDag-Erling Smørgrav 			err(1, "malloc()");
708e6f718c7SMichael Tuexen 		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
709e6f718c7SMichael Tuexen 			err(1, "malloc()");
710e6f718c7SMichael Tuexen 		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
711e6f718c7SMichael Tuexen 			err(1, "malloc()");
712ca007d91SDag-Erling Smørgrav 		sock->socket = so->xso_so;
713ca007d91SDag-Erling Smørgrav 		sock->proto = proto;
714cc65eb4eSGleb Smirnoff 		if (xip->inp_vflag & INP_IPV4) {
715ca007d91SDag-Erling Smørgrav 			sock->family = AF_INET;
716e6f718c7SMichael Tuexen 			sockaddr(&laddr->address, sock->family,
717cc65eb4eSGleb Smirnoff 			    &xip->inp_laddr, xip->inp_lport);
718e6f718c7SMichael Tuexen 			sockaddr(&faddr->address, sock->family,
719cc65eb4eSGleb Smirnoff 			    &xip->inp_faddr, xip->inp_fport);
720cc65eb4eSGleb Smirnoff 		} else if (xip->inp_vflag & INP_IPV6) {
721ca007d91SDag-Erling Smørgrav 			sock->family = AF_INET6;
722e6f718c7SMichael Tuexen 			sockaddr(&laddr->address, sock->family,
723cc65eb4eSGleb Smirnoff 			    &xip->in6p_laddr, xip->inp_lport);
724e6f718c7SMichael Tuexen 			sockaddr(&faddr->address, sock->family,
725cc65eb4eSGleb Smirnoff 			    &xip->in6p_faddr, xip->inp_fport);
726ca007d91SDag-Erling Smørgrav 		}
7279e644c23SMichael Tuexen 		if (proto == IPPROTO_TCP)
7289e644c23SMichael Tuexen 			faddr->encaps_port = xtp->xt_encaps_port;
729e6f718c7SMichael Tuexen 		laddr->next = NULL;
730e6f718c7SMichael Tuexen 		faddr->next = NULL;
731e6f718c7SMichael Tuexen 		sock->laddr = laddr;
732e6f718c7SMichael Tuexen 		sock->faddr = faddr;
733cc65eb4eSGleb Smirnoff 		sock->vflag = xip->inp_vflag;
734e5cccc35SMichael Tuexen 		if (proto == IPPROTO_TCP) {
735cc65eb4eSGleb Smirnoff 			sock->state = xtp->t_state;
736e5cccc35SMichael Tuexen 			memcpy(sock->stack, xtp->xt_stack,
737e5cccc35SMichael Tuexen 			    TCP_FUNCTION_NAME_LEN_MAX);
7382ac089d0SMichael Tuexen 			memcpy(sock->cc, xtp->xt_cc, TCP_CA_NAME_MAX);
739e5cccc35SMichael Tuexen 		}
740ca007d91SDag-Erling Smørgrav 		sock->protoname = protoname;
741ca007d91SDag-Erling Smørgrav 		hash = (int)((uintptr_t)sock->socket % HASHSIZE);
742ca007d91SDag-Erling Smørgrav 		sock->next = sockhash[hash];
743ca007d91SDag-Erling Smørgrav 		sockhash[hash] = sock;
744ca007d91SDag-Erling Smørgrav 	}
745ca007d91SDag-Erling Smørgrav out:
746ca007d91SDag-Erling Smørgrav 	free(buf);
747ca007d91SDag-Erling Smørgrav }
748ca007d91SDag-Erling Smørgrav 
749ca007d91SDag-Erling Smørgrav static void
750ca007d91SDag-Erling Smørgrav gather_unix(int proto)
751ca007d91SDag-Erling Smørgrav {
752ca007d91SDag-Erling Smørgrav 	struct xunpgen *xug, *exug;
753ca007d91SDag-Erling Smørgrav 	struct xunpcb *xup;
754ca007d91SDag-Erling Smørgrav 	struct sock *sock;
755e6f718c7SMichael Tuexen 	struct addr *laddr, *faddr;
756ca007d91SDag-Erling Smørgrav 	const char *varname, *protoname;
757ca007d91SDag-Erling Smørgrav 	size_t len, bufsize;
758ca007d91SDag-Erling Smørgrav 	void *buf;
759ca007d91SDag-Erling Smørgrav 	int hash, retry;
760ca007d91SDag-Erling Smørgrav 
761ca007d91SDag-Erling Smørgrav 	switch (proto) {
762ca007d91SDag-Erling Smørgrav 	case SOCK_STREAM:
763ca007d91SDag-Erling Smørgrav 		varname = "net.local.stream.pcblist";
764ca007d91SDag-Erling Smørgrav 		protoname = "stream";
765ca007d91SDag-Erling Smørgrav 		break;
766ca007d91SDag-Erling Smørgrav 	case SOCK_DGRAM:
767ca007d91SDag-Erling Smørgrav 		varname = "net.local.dgram.pcblist";
768ca007d91SDag-Erling Smørgrav 		protoname = "dgram";
769ca007d91SDag-Erling Smørgrav 		break;
770b8e20e2dSHiroki Sato 	case SOCK_SEQPACKET:
771b8e20e2dSHiroki Sato 		varname = "net.local.seqpacket.pcblist";
772b8e20e2dSHiroki Sato 		protoname = "seqpac";
773b8e20e2dSHiroki Sato 		break;
774ca007d91SDag-Erling Smørgrav 	default:
775ca007d91SDag-Erling Smørgrav 		abort();
776ca007d91SDag-Erling Smørgrav 	}
777ca007d91SDag-Erling Smørgrav 	buf = NULL;
778ca007d91SDag-Erling Smørgrav 	bufsize = 8192;
779ca007d91SDag-Erling Smørgrav 	retry = 5;
780ca007d91SDag-Erling Smørgrav 	do {
781ca007d91SDag-Erling Smørgrav 		for (;;) {
782ca007d91SDag-Erling Smørgrav 			if ((buf = realloc(buf, bufsize)) == NULL)
783ca007d91SDag-Erling Smørgrav 				err(1, "realloc()");
784ca007d91SDag-Erling Smørgrav 			len = bufsize;
785c5a2d8c5SRyan Moeller 			if (cap_sysctlbyname(capsysctl, varname, buf, &len,
786c5a2d8c5SRyan Moeller 			    NULL, 0) == 0)
787ca007d91SDag-Erling Smørgrav 				break;
788003e7e49SMikolaj Golub 			if (errno != ENOMEM || len != bufsize)
789c5a2d8c5SRyan Moeller 				err(1, "cap_sysctlbyname()");
790ca007d91SDag-Erling Smørgrav 			bufsize *= 2;
791ca007d91SDag-Erling Smørgrav 		}
792ca007d91SDag-Erling Smørgrav 		xug = (struct xunpgen *)buf;
7936dbe8d53SRobert Drehmel 		exug = (struct xunpgen *)(void *)
794b8e20e2dSHiroki Sato 		    ((char *)buf + len - sizeof(*exug));
795b8e20e2dSHiroki Sato 		if (xug->xug_len != sizeof(*xug) ||
796b8e20e2dSHiroki Sato 		    exug->xug_len != sizeof(*exug)) {
797ca007d91SDag-Erling Smørgrav 			warnx("struct xinpgen size mismatch");
798ca007d91SDag-Erling Smørgrav 			goto out;
799ca007d91SDag-Erling Smørgrav 		}
800ca007d91SDag-Erling Smørgrav 	} while (xug->xug_gen != exug->xug_gen && retry--);
801ca007d91SDag-Erling Smørgrav 
802ca007d91SDag-Erling Smørgrav 	if (xug->xug_gen != exug->xug_gen && opt_v)
803ca007d91SDag-Erling Smørgrav 		warnx("warning: data may be inconsistent");
804ca007d91SDag-Erling Smørgrav 
805ca007d91SDag-Erling Smørgrav 	for (;;) {
8066dbe8d53SRobert Drehmel 		xug = (struct xunpgen *)(void *)((char *)xug + xug->xug_len);
807ca007d91SDag-Erling Smørgrav 		if (xug >= exug)
808ca007d91SDag-Erling Smørgrav 			break;
809ca007d91SDag-Erling Smørgrav 		xup = (struct xunpcb *)xug;
810b8e20e2dSHiroki Sato 		if (xup->xu_len != sizeof(*xup)) {
811ca007d91SDag-Erling Smørgrav 			warnx("struct xunpcb size mismatch");
812ca007d91SDag-Erling Smørgrav 			goto out;
813ca007d91SDag-Erling Smørgrav 		}
814f38b68aeSBrooks Davis 		if ((xup->unp_conn == 0 && !opt_l) ||
815f38b68aeSBrooks Davis 		    (xup->unp_conn != 0 && !opt_c))
8161e6690e5SDag-Erling Smørgrav 			continue;
817b8e20e2dSHiroki Sato 		if ((sock = calloc(1, sizeof(*sock))) == NULL)
818ca007d91SDag-Erling Smørgrav 			err(1, "malloc()");
819e6f718c7SMichael Tuexen 		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
820e6f718c7SMichael Tuexen 			err(1, "malloc()");
821e6f718c7SMichael Tuexen 		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
822e6f718c7SMichael Tuexen 			err(1, "malloc()");
823ca007d91SDag-Erling Smørgrav 		sock->socket = xup->xu_socket.xso_so;
824ca007d91SDag-Erling Smørgrav 		sock->pcb = xup->xu_unpp;
825ca007d91SDag-Erling Smørgrav 		sock->proto = proto;
826ca007d91SDag-Erling Smørgrav 		sock->family = AF_UNIX;
827ca007d91SDag-Erling Smørgrav 		sock->protoname = protoname;
8280e229f34SGleb Smirnoff 		if (xup->xu_addr.sun_family == AF_UNIX)
829e6f718c7SMichael Tuexen 			laddr->address =
8306dbe8d53SRobert Drehmel 			    *(struct sockaddr_storage *)(void *)&xup->xu_addr;
831f38b68aeSBrooks Davis 		else if (xup->unp_conn != 0)
832f38b68aeSBrooks Davis 			*(kvaddr_t*)&(faddr->address) = xup->unp_conn;
833e6f718c7SMichael Tuexen 		laddr->next = NULL;
834e6f718c7SMichael Tuexen 		faddr->next = NULL;
835e6f718c7SMichael Tuexen 		sock->laddr = laddr;
836e6f718c7SMichael Tuexen 		sock->faddr = faddr;
837ca007d91SDag-Erling Smørgrav 		hash = (int)((uintptr_t)sock->socket % HASHSIZE);
838ca007d91SDag-Erling Smørgrav 		sock->next = sockhash[hash];
839ca007d91SDag-Erling Smørgrav 		sockhash[hash] = sock;
840ca007d91SDag-Erling Smørgrav 	}
841ca007d91SDag-Erling Smørgrav out:
842ca007d91SDag-Erling Smørgrav 	free(buf);
843ca007d91SDag-Erling Smørgrav }
844ca007d91SDag-Erling Smørgrav 
845ca007d91SDag-Erling Smørgrav static void
846ca007d91SDag-Erling Smørgrav getfiles(void)
847ca007d91SDag-Erling Smørgrav {
848003e7e49SMikolaj Golub 	size_t len, olen;
849ca007d91SDag-Erling Smørgrav 
850b8e20e2dSHiroki Sato 	olen = len = sizeof(*xfiles);
851003e7e49SMikolaj Golub 	if ((xfiles = malloc(len)) == NULL)
852ca007d91SDag-Erling Smørgrav 		err(1, "malloc()");
853c5a2d8c5SRyan Moeller 	while (cap_sysctlbyname(capsysctl, "kern.file", xfiles, &len, 0, 0)
854c5a2d8c5SRyan Moeller 	    == -1) {
855003e7e49SMikolaj Golub 		if (errno != ENOMEM || len != olen)
856c5a2d8c5SRyan Moeller 			err(1, "cap_sysctlbyname()");
857003e7e49SMikolaj Golub 		olen = len *= 2;
858ca007d91SDag-Erling Smørgrav 		if ((xfiles = realloc(xfiles, len)) == NULL)
859ca007d91SDag-Erling Smørgrav 			err(1, "realloc()");
860ca007d91SDag-Erling Smørgrav 	}
861b8e20e2dSHiroki Sato 	if (len > 0 && xfiles->xf_size != sizeof(*xfiles))
862ca007d91SDag-Erling Smørgrav 		errx(1, "struct xfile size mismatch");
863b8e20e2dSHiroki Sato 	nxfiles = len / sizeof(*xfiles);
864ca007d91SDag-Erling Smørgrav }
865ca007d91SDag-Erling Smørgrav 
866ca007d91SDag-Erling Smørgrav static int
867baa7f281SMichael Tuexen printaddr(struct sockaddr_storage *ss)
868ca007d91SDag-Erling Smørgrav {
869ca007d91SDag-Erling Smørgrav 	struct sockaddr_un *sun;
870b8e20e2dSHiroki Sato 	char addrstr[NI_MAXHOST] = { '\0', '\0' };
871b8e20e2dSHiroki Sato 	int error, off, port = 0;
872ca007d91SDag-Erling Smørgrav 
873baa7f281SMichael Tuexen 	switch (ss->ss_family) {
874ca007d91SDag-Erling Smørgrav 	case AF_INET:
875b8e20e2dSHiroki Sato 		if (inet_lnaof(sstosin(ss)->sin_addr) == INADDR_ANY)
876ca007d91SDag-Erling Smørgrav 			addrstr[0] = '*';
877b8e20e2dSHiroki Sato 		port = ntohs(sstosin(ss)->sin_port);
878ca007d91SDag-Erling Smørgrav 		break;
879ca007d91SDag-Erling Smørgrav 	case AF_INET6:
880b8e20e2dSHiroki Sato 		if (IN6_IS_ADDR_UNSPECIFIED(&sstosin6(ss)->sin6_addr))
881ca007d91SDag-Erling Smørgrav 			addrstr[0] = '*';
882b8e20e2dSHiroki Sato 		port = ntohs(sstosin6(ss)->sin6_port);
883ca007d91SDag-Erling Smørgrav 		break;
884ca007d91SDag-Erling Smørgrav 	case AF_UNIX:
885b8e20e2dSHiroki Sato 		sun = sstosun(ss);
886ca007d91SDag-Erling Smørgrav 		off = (int)((char *)&sun->sun_path - (char *)sun);
887ca007d91SDag-Erling Smørgrav 		return (xprintf("%.*s", sun->sun_len - off, sun->sun_path));
888ca007d91SDag-Erling Smørgrav 	}
889b8e20e2dSHiroki Sato 	if (addrstr[0] == '\0') {
890c5a2d8c5SRyan Moeller 		error = cap_getnameinfo(capnet, sstosa(ss), ss->ss_len,
891c5a2d8c5SRyan Moeller 		    addrstr, sizeof(addrstr), NULL, 0, NI_NUMERICHOST);
892b8e20e2dSHiroki Sato 		if (error)
893c5a2d8c5SRyan Moeller 			errx(1, "cap_getnameinfo()");
894b8e20e2dSHiroki Sato 	}
895ca007d91SDag-Erling Smørgrav 	if (port == 0)
896ca007d91SDag-Erling Smørgrav 		return xprintf("%s:*", addrstr);
897ca007d91SDag-Erling Smørgrav 	else
898ca007d91SDag-Erling Smørgrav 		return xprintf("%s:%d", addrstr, port);
899ca007d91SDag-Erling Smørgrav }
900ca007d91SDag-Erling Smørgrav 
901ca007d91SDag-Erling Smørgrav static const char *
902ca007d91SDag-Erling Smørgrav getprocname(pid_t pid)
903ca007d91SDag-Erling Smørgrav {
904ca007d91SDag-Erling Smørgrav 	static struct kinfo_proc proc;
905ca007d91SDag-Erling Smørgrav 	size_t len;
906ca007d91SDag-Erling Smørgrav 	int mib[4];
907ca007d91SDag-Erling Smørgrav 
908ca007d91SDag-Erling Smørgrav 	mib[0] = CTL_KERN;
909ca007d91SDag-Erling Smørgrav 	mib[1] = KERN_PROC;
910ca007d91SDag-Erling Smørgrav 	mib[2] = KERN_PROC_PID;
911ca007d91SDag-Erling Smørgrav 	mib[3] = (int)pid;
912b8e20e2dSHiroki Sato 	len = sizeof(proc);
913c5a2d8c5SRyan Moeller 	if (cap_sysctl(capsysctl, mib, nitems(mib), &proc, &len, NULL, 0)
914c5a2d8c5SRyan Moeller 	    == -1) {
91548c513e0SMaxim Konovalov 		/* Do not warn if the process exits before we get its name. */
91648c513e0SMaxim Konovalov 		if (errno != ESRCH)
917c5a2d8c5SRyan Moeller 			warn("cap_sysctl()");
918ca007d91SDag-Erling Smørgrav 		return ("??");
919ca007d91SDag-Erling Smørgrav 	}
920f487a6a8SEd Maste 	return (proc.ki_comm);
921ca007d91SDag-Erling Smørgrav }
922ca007d91SDag-Erling Smørgrav 
923ae94787dSMaxime Henrion static int
92400feaafdSAndrew Thompson getprocjid(pid_t pid)
92500feaafdSAndrew Thompson {
92600feaafdSAndrew Thompson 	static struct kinfo_proc proc;
92700feaafdSAndrew Thompson 	size_t len;
92800feaafdSAndrew Thompson 	int mib[4];
92900feaafdSAndrew Thompson 
93000feaafdSAndrew Thompson 	mib[0] = CTL_KERN;
93100feaafdSAndrew Thompson 	mib[1] = KERN_PROC;
93200feaafdSAndrew Thompson 	mib[2] = KERN_PROC_PID;
93300feaafdSAndrew Thompson 	mib[3] = (int)pid;
934b8e20e2dSHiroki Sato 	len = sizeof(proc);
935c5a2d8c5SRyan Moeller 	if (cap_sysctl(capsysctl, mib, nitems(mib), &proc, &len, NULL, 0)
936c5a2d8c5SRyan Moeller 	    == -1) {
93700feaafdSAndrew Thompson 		/* Do not warn if the process exits before we get its jid. */
93800feaafdSAndrew Thompson 		if (errno != ESRCH)
939c5a2d8c5SRyan Moeller 			warn("cap_sysctl()");
94000feaafdSAndrew Thompson 		return (-1);
94100feaafdSAndrew Thompson 	}
94200feaafdSAndrew Thompson 	return (proc.ki_jid);
94300feaafdSAndrew Thompson }
94400feaafdSAndrew Thompson 
94500feaafdSAndrew Thompson static int
946ae94787dSMaxime Henrion check_ports(struct sock *s)
947ae94787dSMaxime Henrion {
948ae94787dSMaxime Henrion 	int port;
949e6f718c7SMichael Tuexen 	struct addr *addr;
950ae94787dSMaxime Henrion 
951ae94787dSMaxime Henrion 	if (ports == NULL)
952ae94787dSMaxime Henrion 		return (1);
953ae94787dSMaxime Henrion 	if ((s->family != AF_INET) && (s->family != AF_INET6))
954ae94787dSMaxime Henrion 		return (1);
955e6f718c7SMichael Tuexen 	for (addr = s->laddr; addr != NULL; addr = addr->next) {
956b8e20e2dSHiroki Sato 		if (s->family == AF_INET)
957b8e20e2dSHiroki Sato 			port = ntohs(sstosin(&addr->address)->sin_port);
958ae94787dSMaxime Henrion 		else
959b8e20e2dSHiroki Sato 			port = ntohs(sstosin6(&addr->address)->sin6_port);
960ae94787dSMaxime Henrion 		if (CHK_PORT(port))
961ae94787dSMaxime Henrion 			return (1);
962e6f718c7SMichael Tuexen 	}
963e6f718c7SMichael Tuexen 	for (addr = s->faddr; addr != NULL; addr = addr->next) {
964b8e20e2dSHiroki Sato 		if (s->family == AF_INET)
965b8e20e2dSHiroki Sato 			port = ntohs(sstosin(&addr->address)->sin_port);
966ae94787dSMaxime Henrion 		else
967b8e20e2dSHiroki Sato 			port = ntohs(sstosin6(&addr->address)->sin6_port);
968ae94787dSMaxime Henrion 		if (CHK_PORT(port))
969ae94787dSMaxime Henrion 			return (1);
970e6f718c7SMichael Tuexen 	}
971ae94787dSMaxime Henrion 	return (0);
972ae94787dSMaxime Henrion }
973ae94787dSMaxime Henrion 
9746414db1bSMichael Tuexen static const char *
975e389705eSMichael Tuexen sctp_conn_state(int state)
9766414db1bSMichael Tuexen {
9776414db1bSMichael Tuexen 	switch (state) {
9786414db1bSMichael Tuexen 	case SCTP_CLOSED:
9796414db1bSMichael Tuexen 		return "CLOSED";
9806414db1bSMichael Tuexen 		break;
9816414db1bSMichael Tuexen 	case SCTP_BOUND:
9826414db1bSMichael Tuexen 		return "BOUND";
9836414db1bSMichael Tuexen 		break;
9846414db1bSMichael Tuexen 	case SCTP_LISTEN:
9856414db1bSMichael Tuexen 		return "LISTEN";
9866414db1bSMichael Tuexen 		break;
9876414db1bSMichael Tuexen 	case SCTP_COOKIE_WAIT:
9886414db1bSMichael Tuexen 		return "COOKIE_WAIT";
9896414db1bSMichael Tuexen 		break;
9906414db1bSMichael Tuexen 	case SCTP_COOKIE_ECHOED:
9916414db1bSMichael Tuexen 		return "COOKIE_ECHOED";
9926414db1bSMichael Tuexen 		break;
9936414db1bSMichael Tuexen 	case SCTP_ESTABLISHED:
9946414db1bSMichael Tuexen 		return "ESTABLISHED";
9956414db1bSMichael Tuexen 		break;
9966414db1bSMichael Tuexen 	case SCTP_SHUTDOWN_SENT:
9976414db1bSMichael Tuexen 		return "SHUTDOWN_SENT";
9986414db1bSMichael Tuexen 		break;
9996414db1bSMichael Tuexen 	case SCTP_SHUTDOWN_RECEIVED:
10006414db1bSMichael Tuexen 		return "SHUTDOWN_RECEIVED";
10016414db1bSMichael Tuexen 		break;
10026414db1bSMichael Tuexen 	case SCTP_SHUTDOWN_ACK_SENT:
10036414db1bSMichael Tuexen 		return "SHUTDOWN_ACK_SENT";
10046414db1bSMichael Tuexen 		break;
10056414db1bSMichael Tuexen 	case SCTP_SHUTDOWN_PENDING:
10066414db1bSMichael Tuexen 		return "SHUTDOWN_PENDING";
10076414db1bSMichael Tuexen 		break;
10086414db1bSMichael Tuexen 	default:
10096414db1bSMichael Tuexen 		return "UNKNOWN";
10106414db1bSMichael Tuexen 		break;
10116414db1bSMichael Tuexen 	}
10126414db1bSMichael Tuexen }
10136414db1bSMichael Tuexen 
1014e389705eSMichael Tuexen static const char *
1015e389705eSMichael Tuexen sctp_path_state(int state)
1016e389705eSMichael Tuexen {
1017e389705eSMichael Tuexen 	switch (state) {
1018e389705eSMichael Tuexen 	case SCTP_UNCONFIRMED:
1019e389705eSMichael Tuexen 		return "UNCONFIRMED";
1020e389705eSMichael Tuexen 		break;
1021e389705eSMichael Tuexen 	case SCTP_ACTIVE:
1022e389705eSMichael Tuexen 		return "ACTIVE";
1023e389705eSMichael Tuexen 		break;
1024e389705eSMichael Tuexen 	case SCTP_INACTIVE:
1025e389705eSMichael Tuexen 		return "INACTIVE";
1026e389705eSMichael Tuexen 		break;
1027e389705eSMichael Tuexen 	default:
1028e389705eSMichael Tuexen 		return "UNKNOWN";
1029e389705eSMichael Tuexen 		break;
1030e389705eSMichael Tuexen 	}
1031e389705eSMichael Tuexen }
1032e389705eSMichael Tuexen 
1033ca007d91SDag-Erling Smørgrav static void
103461149f8dSJilles Tjoelker displaysock(struct sock *s, int pos)
1035ca007d91SDag-Erling Smørgrav {
1036f38b68aeSBrooks Davis 	kvaddr_t p;
103749b836f2SMichael Tuexen 	int hash, first, offset;
1038e6f718c7SMichael Tuexen 	struct addr *laddr, *faddr;
103981091202SMichael Tuexen 	struct sock *s_tmp;
1040ca007d91SDag-Erling Smørgrav 
1041ca007d91SDag-Erling Smørgrav 	while (pos < 29)
1042ca007d91SDag-Erling Smørgrav 		pos += xprintf(" ");
1043ca007d91SDag-Erling Smørgrav 	pos += xprintf("%s", s->protoname);
1044ca007d91SDag-Erling Smørgrav 	if (s->vflag & INP_IPV4)
1045ca007d91SDag-Erling Smørgrav 		pos += xprintf("4");
1046ca007d91SDag-Erling Smørgrav 	if (s->vflag & INP_IPV6)
1047ca007d91SDag-Erling Smørgrav 		pos += xprintf("6");
1048edc9c7fcSMichael Tuexen 	if (s->vflag & (INP_IPV4 | INP_IPV6))
1049edc9c7fcSMichael Tuexen 		pos += xprintf(" ");
1050e6f718c7SMichael Tuexen 	laddr = s->laddr;
1051e6f718c7SMichael Tuexen 	faddr = s->faddr;
10524e13a5b0SMichael Tuexen 	first = 1;
1053e6f718c7SMichael Tuexen 	while (laddr != NULL || faddr != NULL) {
105483f60cb2SMichael Tuexen 		offset = 36;
105583f60cb2SMichael Tuexen 		while (pos < offset)
1056ca007d91SDag-Erling Smørgrav 			pos += xprintf(" ");
1057ca007d91SDag-Erling Smørgrav 		switch (s->family) {
1058ca007d91SDag-Erling Smørgrav 		case AF_INET:
1059ca007d91SDag-Erling Smørgrav 		case AF_INET6:
1060e6f718c7SMichael Tuexen 			if (laddr != NULL) {
1061e6f718c7SMichael Tuexen 				pos += printaddr(&laddr->address);
106209bbda21SMaxim Konovalov 				if (s->family == AF_INET6 && pos >= 58)
106309bbda21SMaxim Konovalov 					pos += xprintf(" ");
1064e6f718c7SMichael Tuexen 			}
106583f60cb2SMichael Tuexen 			offset += opt_w ? 46 : 22;
106683f60cb2SMichael Tuexen 			while (pos < offset)
1067ca007d91SDag-Erling Smørgrav 				pos += xprintf(" ");
1068e6f718c7SMichael Tuexen 			if (faddr != NULL)
1069e6f718c7SMichael Tuexen 				pos += printaddr(&faddr->address);
107083f60cb2SMichael Tuexen 			offset += opt_w ? 46 : 22;
1071ca007d91SDag-Erling Smørgrav 			break;
1072ca007d91SDag-Erling Smørgrav 		case AF_UNIX:
1073e6f718c7SMichael Tuexen 			if ((laddr == NULL) || (faddr == NULL))
1074e6f718c7SMichael Tuexen 				errx(1, "laddr = %p or faddr = %p is NULL",
1075e6f718c7SMichael Tuexen 				    (void *)laddr, (void *)faddr);
1076ca007d91SDag-Erling Smørgrav 			/* server */
1077e6f718c7SMichael Tuexen 			if (laddr->address.ss_len > 0) {
1078e6f718c7SMichael Tuexen 				pos += printaddr(&laddr->address);
1079ca007d91SDag-Erling Smørgrav 				break;
1080ca007d91SDag-Erling Smørgrav 			}
1081ca007d91SDag-Erling Smørgrav 			/* client */
1082f38b68aeSBrooks Davis 			p = *(kvaddr_t*)&(faddr->address);
1083f38b68aeSBrooks Davis 			if (p == 0) {
1084b4eb37c6SJohn-Mark Gurney 				pos += xprintf("(not connected)");
108583f60cb2SMichael Tuexen 				offset += opt_w ? 92 : 44;
1086b4eb37c6SJohn-Mark Gurney 				break;
1087b4eb37c6SJohn-Mark Gurney 			}
1088b4eb37c6SJohn-Mark Gurney 			pos += xprintf("-> ");
1089ca007d91SDag-Erling Smørgrav 			for (hash = 0; hash < HASHSIZE; ++hash) {
109081091202SMichael Tuexen 				for (s_tmp = sockhash[hash];
109181091202SMichael Tuexen 				    s_tmp != NULL;
109281091202SMichael Tuexen 				    s_tmp = s_tmp->next)
109381091202SMichael Tuexen 					if (s_tmp->pcb == p)
1094ca007d91SDag-Erling Smørgrav 						break;
109581091202SMichael Tuexen 				if (s_tmp != NULL)
1096ca007d91SDag-Erling Smørgrav 					break;
1097ca007d91SDag-Erling Smørgrav 			}
109827569d01SRenato Botelho 			if (s_tmp == NULL || s_tmp->laddr == NULL ||
109981091202SMichael Tuexen 			    s_tmp->laddr->address.ss_len == 0)
1100ca007d91SDag-Erling Smørgrav 				pos += xprintf("??");
1101ca007d91SDag-Erling Smørgrav 			else
110281091202SMichael Tuexen 				pos += printaddr(&s_tmp->laddr->address);
110383f60cb2SMichael Tuexen 			offset += opt_w ? 92 : 44;
1104ca007d91SDag-Erling Smørgrav 			break;
1105ca007d91SDag-Erling Smørgrav 		default:
1106ca007d91SDag-Erling Smørgrav 			abort();
1107ca007d91SDag-Erling Smørgrav 		}
110849b836f2SMichael Tuexen 		if (opt_U) {
110949b836f2SMichael Tuexen 			if (faddr != NULL &&
11109e644c23SMichael Tuexen 			    ((s->proto == IPPROTO_SCTP &&
111149b836f2SMichael Tuexen 			      s->state != SCTP_CLOSED &&
111249b836f2SMichael Tuexen 			      s->state != SCTP_BOUND &&
11139e644c23SMichael Tuexen 			      s->state != SCTP_LISTEN) ||
11149e644c23SMichael Tuexen 			     (s->proto == IPPROTO_TCP &&
11159e644c23SMichael Tuexen 			      s->state != TCPS_CLOSED &&
11169e644c23SMichael Tuexen 			      s->state != TCPS_LISTEN))) {
111749b836f2SMichael Tuexen 				while (pos < offset)
111849b836f2SMichael Tuexen 					pos += xprintf(" ");
111949b836f2SMichael Tuexen 				pos += xprintf("%u",
112049b836f2SMichael Tuexen 				    ntohs(faddr->encaps_port));
112149b836f2SMichael Tuexen 			}
112249b836f2SMichael Tuexen 			offset += 7;
112349b836f2SMichael Tuexen 		}
1124e389705eSMichael Tuexen 		if (opt_s) {
1125e389705eSMichael Tuexen 			if (faddr != NULL &&
1126e389705eSMichael Tuexen 			    s->proto == IPPROTO_SCTP &&
1127e389705eSMichael Tuexen 			    s->state != SCTP_CLOSED &&
1128e389705eSMichael Tuexen 			    s->state != SCTP_BOUND &&
1129e389705eSMichael Tuexen 			    s->state != SCTP_LISTEN) {
1130e389705eSMichael Tuexen 				while (pos < offset)
1131e389705eSMichael Tuexen 					pos += xprintf(" ");
1132e389705eSMichael Tuexen 				pos += xprintf("%s",
1133e389705eSMichael Tuexen 				    sctp_path_state(faddr->state));
1134e389705eSMichael Tuexen 			}
1135e389705eSMichael Tuexen 			offset += 13;
1136e389705eSMichael Tuexen 		}
1137e5cccc35SMichael Tuexen 		if (first) {
113849b836f2SMichael Tuexen 			if (opt_s) {
113949b836f2SMichael Tuexen 				if (s->proto == IPPROTO_SCTP ||
114049b836f2SMichael Tuexen 				    s->proto == IPPROTO_TCP) {
114149b836f2SMichael Tuexen 					while (pos < offset)
11424e13a5b0SMichael Tuexen 						pos += xprintf(" ");
11436414db1bSMichael Tuexen 					switch (s->proto) {
11446414db1bSMichael Tuexen 					case IPPROTO_SCTP:
1145e5cccc35SMichael Tuexen 						pos += xprintf("%s",
1146e389705eSMichael Tuexen 						    sctp_conn_state(s->state));
11476414db1bSMichael Tuexen 						break;
11486414db1bSMichael Tuexen 					case IPPROTO_TCP:
1149e5cccc35SMichael Tuexen 						if (s->state >= 0 &&
1150e5cccc35SMichael Tuexen 						    s->state < TCP_NSTATES)
115149b836f2SMichael Tuexen 							pos += xprintf("%s",
1152e5cccc35SMichael Tuexen 							    tcpstates[s->state]);
11534e13a5b0SMichael Tuexen 						else
11544e13a5b0SMichael Tuexen 							pos += xprintf("?");
11556414db1bSMichael Tuexen 						break;
11566414db1bSMichael Tuexen 					}
11574e13a5b0SMichael Tuexen 				}
115849b836f2SMichael Tuexen 				offset += 13;
115949b836f2SMichael Tuexen 			}
11602ac089d0SMichael Tuexen 			if (opt_S) {
11612ac089d0SMichael Tuexen 				if (s->proto == IPPROTO_TCP) {
116249b836f2SMichael Tuexen 					while (pos < offset)
1163e5cccc35SMichael Tuexen 						pos += xprintf(" ");
11642ac089d0SMichael Tuexen 					pos += xprintf("%.*s",
11652ac089d0SMichael Tuexen 					    TCP_FUNCTION_NAME_LEN_MAX,
1166e5cccc35SMichael Tuexen 					    s->stack);
1167e5cccc35SMichael Tuexen 				}
11682ac089d0SMichael Tuexen 				offset += TCP_FUNCTION_NAME_LEN_MAX + 1;
11692ac089d0SMichael Tuexen 			}
11702ac089d0SMichael Tuexen 			if (opt_C) {
11712ac089d0SMichael Tuexen 				if (s->proto == IPPROTO_TCP) {
11722ac089d0SMichael Tuexen 					while (pos < offset)
11732ac089d0SMichael Tuexen 						pos += xprintf(" ");
11742ac089d0SMichael Tuexen 					xprintf("%.*s", TCP_CA_NAME_MAX, s->cc);
11752ac089d0SMichael Tuexen 				}
11762ac089d0SMichael Tuexen 				offset += TCP_CA_NAME_MAX + 1;
11772ac089d0SMichael Tuexen 			}
1178e5cccc35SMichael Tuexen 		}
1179e6f718c7SMichael Tuexen 		if (laddr != NULL)
1180e6f718c7SMichael Tuexen 			laddr = laddr->next;
1181e6f718c7SMichael Tuexen 		if (faddr != NULL)
1182e6f718c7SMichael Tuexen 			faddr = faddr->next;
1183e6f718c7SMichael Tuexen 		if ((laddr != NULL) || (faddr != NULL)) {
1184e6f718c7SMichael Tuexen 			xprintf("\n");
1185e6f718c7SMichael Tuexen 			pos = 0;
1186e6f718c7SMichael Tuexen 		}
11874e13a5b0SMichael Tuexen 		first = 0;
1188e6f718c7SMichael Tuexen 	}
11894e13a5b0SMichael Tuexen 	xprintf("\n");
1190ca007d91SDag-Erling Smørgrav }
119161149f8dSJilles Tjoelker 
119261149f8dSJilles Tjoelker static void
119361149f8dSJilles Tjoelker display(void)
119461149f8dSJilles Tjoelker {
119561149f8dSJilles Tjoelker 	struct passwd *pwd;
119661149f8dSJilles Tjoelker 	struct xfile *xf;
119761149f8dSJilles Tjoelker 	struct sock *s;
119861149f8dSJilles Tjoelker 	int hash, n, pos;
119961149f8dSJilles Tjoelker 
1200ee0afaa9SEmmanuel Vadot 	if (opt_q != 1) {
120183f60cb2SMichael Tuexen 		printf("%-8s %-10s %-5s %-2s %-6s %-*s %-*s",
120261149f8dSJilles Tjoelker 		    "USER", "COMMAND", "PID", "FD", "PROTO",
120383f60cb2SMichael Tuexen 		    opt_w ? 45 : 21, "LOCAL ADDRESS",
120483f60cb2SMichael Tuexen 		    opt_w ? 45 : 21, "FOREIGN ADDRESS");
120549b836f2SMichael Tuexen 		if (opt_U)
120649b836f2SMichael Tuexen 			printf(" %-6s", "ENCAPS");
1207e389705eSMichael Tuexen 		if (opt_s) {
1208e389705eSMichael Tuexen 			printf(" %-12s", "PATH STATE");
1209e389705eSMichael Tuexen 			printf(" %-12s", "CONN STATE");
1210e389705eSMichael Tuexen 		}
1211e5cccc35SMichael Tuexen 		if (opt_S)
12122ac089d0SMichael Tuexen 			printf(" %-*.*s", TCP_FUNCTION_NAME_LEN_MAX,
12132ac089d0SMichael Tuexen 			    TCP_FUNCTION_NAME_LEN_MAX, "STACK");
12142ac089d0SMichael Tuexen 		if (opt_C)
12152ac089d0SMichael Tuexen 			printf(" %-.*s", TCP_CA_NAME_MAX, "CC");
12167a5642b3SDag-Erling Smørgrav 		printf("\n");
1217ee0afaa9SEmmanuel Vadot 	}
121861149f8dSJilles Tjoelker 	setpassent(1);
121961149f8dSJilles Tjoelker 	for (xf = xfiles, n = 0; n < nxfiles; ++n, ++xf) {
1220f38b68aeSBrooks Davis 		if (xf->xf_data == 0)
122161149f8dSJilles Tjoelker 			continue;
122200feaafdSAndrew Thompson 		if (opt_j >= 0 && opt_j != getprocjid(xf->xf_pid))
122300feaafdSAndrew Thompson 			continue;
122461149f8dSJilles Tjoelker 		hash = (int)((uintptr_t)xf->xf_data % HASHSIZE);
12257e80c6b0SMichael Tuexen 		for (s = sockhash[hash]; s != NULL; s = s->next) {
1226f38b68aeSBrooks Davis 			if (s->socket != xf->xf_data)
122761149f8dSJilles Tjoelker 				continue;
122861149f8dSJilles Tjoelker 			if (!check_ports(s))
122961149f8dSJilles Tjoelker 				continue;
123061149f8dSJilles Tjoelker 			s->shown = 1;
123161149f8dSJilles Tjoelker 			pos = 0;
1232ccdd2b2bSAlexander Motin 			if (opt_n || (pwd = getpwuid(xf->xf_uid)) == NULL)
123361149f8dSJilles Tjoelker 				pos += xprintf("%lu ", (u_long)xf->xf_uid);
123461149f8dSJilles Tjoelker 			else
123561149f8dSJilles Tjoelker 				pos += xprintf("%s ", pwd->pw_name);
123661149f8dSJilles Tjoelker 			while (pos < 9)
123761149f8dSJilles Tjoelker 				pos += xprintf(" ");
123861149f8dSJilles Tjoelker 			pos += xprintf("%.10s", getprocname(xf->xf_pid));
123961149f8dSJilles Tjoelker 			while (pos < 20)
124061149f8dSJilles Tjoelker 				pos += xprintf(" ");
124161149f8dSJilles Tjoelker 			pos += xprintf("%lu ", (u_long)xf->xf_pid);
124261149f8dSJilles Tjoelker 			while (pos < 26)
124361149f8dSJilles Tjoelker 				pos += xprintf(" ");
124461149f8dSJilles Tjoelker 			pos += xprintf("%d ", xf->xf_fd);
124561149f8dSJilles Tjoelker 			displaysock(s, pos);
124661149f8dSJilles Tjoelker 		}
12477e80c6b0SMichael Tuexen 	}
124800feaafdSAndrew Thompson 	if (opt_j >= 0)
124900feaafdSAndrew Thompson 		return;
125061149f8dSJilles Tjoelker 	for (hash = 0; hash < HASHSIZE; hash++) {
125161149f8dSJilles Tjoelker 		for (s = sockhash[hash]; s != NULL; s = s->next) {
125261149f8dSJilles Tjoelker 			if (s->shown)
125361149f8dSJilles Tjoelker 				continue;
125461149f8dSJilles Tjoelker 			if (!check_ports(s))
125561149f8dSJilles Tjoelker 				continue;
125661149f8dSJilles Tjoelker 			pos = 0;
125761149f8dSJilles Tjoelker 			pos += xprintf("%-8s %-10s %-5s %-2s ",
125861149f8dSJilles Tjoelker 			    "?", "?", "?", "?");
125961149f8dSJilles Tjoelker 			displaysock(s, pos);
126061149f8dSJilles Tjoelker 		}
126161149f8dSJilles Tjoelker 	}
1262ca007d91SDag-Erling Smørgrav }
1263ca007d91SDag-Erling Smørgrav 
1264f1cd4902SRyan Moeller static int
1265f1cd4902SRyan Moeller set_default_protos(void)
12661f3d67aaSGiorgos Keramidas {
12671f3d67aaSGiorgos Keramidas 	struct protoent *prot;
12681f3d67aaSGiorgos Keramidas 	const char *pname;
12691f3d67aaSGiorgos Keramidas 	size_t pindex;
12701f3d67aaSGiorgos Keramidas 
12711f3d67aaSGiorgos Keramidas 	init_protos(default_numprotos);
12721f3d67aaSGiorgos Keramidas 
12731f3d67aaSGiorgos Keramidas 	for (pindex = 0; pindex < default_numprotos; pindex++) {
12741f3d67aaSGiorgos Keramidas 		pname = default_protos[pindex];
1275c5a2d8c5SRyan Moeller 		prot = cap_getprotobyname(capnetdb, pname);
12761f3d67aaSGiorgos Keramidas 		if (prot == NULL)
1277c5a2d8c5SRyan Moeller 			err(1, "cap_getprotobyname: %s", pname);
12781f3d67aaSGiorgos Keramidas 		protos[pindex] = prot->p_proto;
12791f3d67aaSGiorgos Keramidas 	}
12801f3d67aaSGiorgos Keramidas 	numprotos = pindex;
12811f3d67aaSGiorgos Keramidas 	return (pindex);
12821f3d67aaSGiorgos Keramidas }
12831f3d67aaSGiorgos Keramidas 
1284f1cd4902SRyan Moeller /*
1285f1cd4902SRyan Moeller  * Return the vnet property of the jail, or -1 on error.
1286f1cd4902SRyan Moeller  */
1287f1cd4902SRyan Moeller static int
1288f1cd4902SRyan Moeller jail_getvnet(int jid)
1289f1cd4902SRyan Moeller {
1290f1cd4902SRyan Moeller 	struct iovec jiov[6];
1291f1cd4902SRyan Moeller 	int vnet;
1292f1cd4902SRyan Moeller 
1293f1cd4902SRyan Moeller 	vnet = -1;
1294f1cd4902SRyan Moeller 	jiov[0].iov_base = __DECONST(char *, "jid");
1295f1cd4902SRyan Moeller 	jiov[0].iov_len = sizeof("jid");
1296f1cd4902SRyan Moeller 	jiov[1].iov_base = &jid;
1297f1cd4902SRyan Moeller 	jiov[1].iov_len = sizeof(jid);
1298f1cd4902SRyan Moeller 	jiov[2].iov_base = __DECONST(char *, "vnet");
1299f1cd4902SRyan Moeller 	jiov[2].iov_len = sizeof("vnet");
1300f1cd4902SRyan Moeller 	jiov[3].iov_base = &vnet;
1301f1cd4902SRyan Moeller 	jiov[3].iov_len = sizeof(vnet);
1302f1cd4902SRyan Moeller 	jiov[4].iov_base = __DECONST(char *, "errmsg");
1303f1cd4902SRyan Moeller 	jiov[4].iov_len = sizeof("errmsg");
1304f1cd4902SRyan Moeller 	jiov[5].iov_base = jail_errmsg;
1305f1cd4902SRyan Moeller 	jiov[5].iov_len = JAIL_ERRMSGLEN;
1306f1cd4902SRyan Moeller 	jail_errmsg[0] = '\0';
1307f1cd4902SRyan Moeller 	if (jail_get(jiov, nitems(jiov), 0) < 0) {
1308f1cd4902SRyan Moeller 		if (!jail_errmsg[0])
1309f1cd4902SRyan Moeller 			snprintf(jail_errmsg, JAIL_ERRMSGLEN,
1310f1cd4902SRyan Moeller 			    "jail_get: %s", strerror(errno));
1311f1cd4902SRyan Moeller 		return (-1);
1312f1cd4902SRyan Moeller 	}
1313f1cd4902SRyan Moeller 	return (vnet);
1314f1cd4902SRyan Moeller }
1315f1cd4902SRyan Moeller 
1316ca007d91SDag-Erling Smørgrav static void
1317ca007d91SDag-Erling Smørgrav usage(void)
1318ca007d91SDag-Erling Smørgrav {
13191f3d67aaSGiorgos Keramidas 	fprintf(stderr,
132083f60cb2SMichael Tuexen 	    "usage: sockstat [-46cLlSsUuvw] [-j jid] [-p ports] [-P protocols]\n");
1321ca007d91SDag-Erling Smørgrav 	exit(1);
1322ca007d91SDag-Erling Smørgrav }
1323ca007d91SDag-Erling Smørgrav 
1324ca007d91SDag-Erling Smørgrav int
1325ca007d91SDag-Erling Smørgrav main(int argc, char *argv[])
1326ca007d91SDag-Erling Smørgrav {
1327c5a2d8c5SRyan Moeller 	cap_channel_t *capcas;
1328c5a2d8c5SRyan Moeller 	cap_net_limit_t *limit;
13291f3d67aaSGiorgos Keramidas 	int protos_defined = -1;
13301f3d67aaSGiorgos Keramidas 	int o, i;
1331ca007d91SDag-Erling Smørgrav 
133200feaafdSAndrew Thompson 	opt_j = -1;
1333ccdd2b2bSAlexander Motin 	while ((o = getopt(argc, argv, "46Ccj:Llnp:P:qSsUuvw")) != -1)
1334ca007d91SDag-Erling Smørgrav 		switch (o) {
1335ca007d91SDag-Erling Smørgrav 		case '4':
1336ca007d91SDag-Erling Smørgrav 			opt_4 = 1;
1337ca007d91SDag-Erling Smørgrav 			break;
1338ca007d91SDag-Erling Smørgrav 		case '6':
1339ca007d91SDag-Erling Smørgrav 			opt_6 = 1;
1340ca007d91SDag-Erling Smørgrav 			break;
13412ac089d0SMichael Tuexen 		case 'C':
13422ac089d0SMichael Tuexen 			opt_C = 1;
13432ac089d0SMichael Tuexen 			break;
1344ca007d91SDag-Erling Smørgrav 		case 'c':
1345ca007d91SDag-Erling Smørgrav 			opt_c = 1;
1346ca007d91SDag-Erling Smørgrav 			break;
134700feaafdSAndrew Thompson 		case 'j':
1348de68a320SJamie Gritton 			opt_j = jail_getid(optarg);
1349de68a320SJamie Gritton 			if (opt_j < 0)
1350de68a320SJamie Gritton 				errx(1, "%s", jail_errmsg);
135100feaafdSAndrew Thompson 			break;
13529b6ca892SBruce M Simpson 		case 'L':
13539b6ca892SBruce M Simpson 			opt_L = 1;
13549b6ca892SBruce M Simpson 			break;
1355ca007d91SDag-Erling Smørgrav 		case 'l':
1356ca007d91SDag-Erling Smørgrav 			opt_l = 1;
1357ca007d91SDag-Erling Smørgrav 			break;
1358ccdd2b2bSAlexander Motin 		case 'n':
1359ccdd2b2bSAlexander Motin 			opt_n = 1;
1360ccdd2b2bSAlexander Motin 			break;
1361ca007d91SDag-Erling Smørgrav 		case 'p':
1362ca007d91SDag-Erling Smørgrav 			parse_ports(optarg);
1363ca007d91SDag-Erling Smørgrav 			break;
13641f3d67aaSGiorgos Keramidas 		case 'P':
13651f3d67aaSGiorgos Keramidas 			protos_defined = parse_protos(optarg);
13661f3d67aaSGiorgos Keramidas 			break;
1367ee0afaa9SEmmanuel Vadot 		case 'q':
1368ee0afaa9SEmmanuel Vadot 			opt_q = 1;
136962de7037SEmmanuel Vadot 			break;
1370e5cccc35SMichael Tuexen 		case 'S':
1371e5cccc35SMichael Tuexen 			opt_S = 1;
1372e5cccc35SMichael Tuexen 			break;
13737a5642b3SDag-Erling Smørgrav 		case 's':
13747a5642b3SDag-Erling Smørgrav 			opt_s = 1;
13757a5642b3SDag-Erling Smørgrav 			break;
137649b836f2SMichael Tuexen 		case 'U':
137749b836f2SMichael Tuexen 			opt_U = 1;
137849b836f2SMichael Tuexen 			break;
1379ca007d91SDag-Erling Smørgrav 		case 'u':
1380ca007d91SDag-Erling Smørgrav 			opt_u = 1;
1381ca007d91SDag-Erling Smørgrav 			break;
1382ca007d91SDag-Erling Smørgrav 		case 'v':
1383ca007d91SDag-Erling Smørgrav 			++opt_v;
1384ca007d91SDag-Erling Smørgrav 			break;
138583f60cb2SMichael Tuexen 		case 'w':
138683f60cb2SMichael Tuexen 			opt_w = 1;
138783f60cb2SMichael Tuexen 			break;
1388ca007d91SDag-Erling Smørgrav 		default:
1389ca007d91SDag-Erling Smørgrav 			usage();
1390ca007d91SDag-Erling Smørgrav 		}
1391ca007d91SDag-Erling Smørgrav 
1392ca007d91SDag-Erling Smørgrav 	argc -= optind;
1393ca007d91SDag-Erling Smørgrav 	argv += optind;
1394ca007d91SDag-Erling Smørgrav 
1395ca007d91SDag-Erling Smørgrav 	if (argc > 0)
1396ca007d91SDag-Erling Smørgrav 		usage();
1397ca007d91SDag-Erling Smørgrav 
1398f1cd4902SRyan Moeller 	if (opt_j > 0) {
1399f1cd4902SRyan Moeller 		switch (jail_getvnet(opt_j)) {
1400f1cd4902SRyan Moeller 		case -1:
1401f1cd4902SRyan Moeller 			errx(2, "%s", jail_errmsg);
1402f1cd4902SRyan Moeller 		case JAIL_SYS_NEW:
1403f1cd4902SRyan Moeller 			if (jail_attach(opt_j) < 0)
1404ae37905bSRyan Moeller 				err(3, "jail_attach()");
1405f1cd4902SRyan Moeller 			/* Set back to -1 for normal output in vnet jail. */
1406f1cd4902SRyan Moeller 			opt_j = -1;
1407f1cd4902SRyan Moeller 			break;
1408f1cd4902SRyan Moeller 		default:
1409f1cd4902SRyan Moeller 			break;
1410f1cd4902SRyan Moeller 		}
1411f1cd4902SRyan Moeller 	}
1412f1cd4902SRyan Moeller 
1413c5a2d8c5SRyan Moeller 	capcas = cap_init();
1414c5a2d8c5SRyan Moeller 	if (capcas == NULL)
1415c5a2d8c5SRyan Moeller 		err(1, "Unable to contact Casper");
1416c5a2d8c5SRyan Moeller 	if (caph_enter_casper() < 0)
1417c5a2d8c5SRyan Moeller 		err(1, "Unable to enter capability mode");
1418c5a2d8c5SRyan Moeller 	capnet = cap_service_open(capcas, "system.net");
1419c5a2d8c5SRyan Moeller 	if (capnet == NULL)
1420c5a2d8c5SRyan Moeller 		err(1, "Unable to open system.net service");
1421c5a2d8c5SRyan Moeller 	capnetdb = cap_service_open(capcas, "system.netdb");
1422c5a2d8c5SRyan Moeller 	if (capnetdb == NULL)
1423c5a2d8c5SRyan Moeller 		err(1, "Unable to open system.netdb service");
1424c5a2d8c5SRyan Moeller 	capsysctl = cap_service_open(capcas, "system.sysctl");
1425c5a2d8c5SRyan Moeller 	if (capsysctl == NULL)
1426c5a2d8c5SRyan Moeller 		err(1, "Unable to open system.sysctl service");
1427c5a2d8c5SRyan Moeller 	cap_close(capcas);
1428c5a2d8c5SRyan Moeller 	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
1429c5a2d8c5SRyan Moeller 	if (limit == NULL)
1430c5a2d8c5SRyan Moeller 		err(1, "Unable to init cap_net limits");
1431c5a2d8c5SRyan Moeller 	if (cap_net_limit(limit) < 0)
1432c5a2d8c5SRyan Moeller 		err(1, "Unable to apply limits");
1433c5a2d8c5SRyan Moeller 
1434d2d77d2aSGiorgos Keramidas 	if ((!opt_4 && !opt_6) && protos_defined != -1)
14351f3d67aaSGiorgos Keramidas 		opt_4 = opt_6 = 1;
1436d2d77d2aSGiorgos Keramidas 	if (!opt_4 && !opt_6 && !opt_u)
1437d2d77d2aSGiorgos Keramidas 		opt_4 = opt_6 = opt_u = 1;
1438d2d77d2aSGiorgos Keramidas 	if ((opt_4 || opt_6) && protos_defined == -1)
1439d2d77d2aSGiorgos Keramidas 		protos_defined = set_default_protos();
1440ca007d91SDag-Erling Smørgrav 	if (!opt_c && !opt_l)
1441ca007d91SDag-Erling Smørgrav 		opt_c = opt_l = 1;
1442ca007d91SDag-Erling Smørgrav 
1443ca007d91SDag-Erling Smørgrav 	if (opt_4 || opt_6) {
14441f3d67aaSGiorgos Keramidas 		for (i = 0; i < protos_defined; i++)
1445d5b4aa90SMichael Tuexen 			if (protos[i] == IPPROTO_SCTP)
1446d5b4aa90SMichael Tuexen 				gather_sctp();
1447d5b4aa90SMichael Tuexen 			else
14481f3d67aaSGiorgos Keramidas 				gather_inet(protos[i]);
1449ca007d91SDag-Erling Smørgrav 	}
14501f3d67aaSGiorgos Keramidas 
14511f3d67aaSGiorgos Keramidas 	if (opt_u || (protos_defined == -1 && !opt_4 && !opt_6)) {
1452ca007d91SDag-Erling Smørgrav 		gather_unix(SOCK_STREAM);
1453ca007d91SDag-Erling Smørgrav 		gather_unix(SOCK_DGRAM);
1454b8e20e2dSHiroki Sato 		gather_unix(SOCK_SEQPACKET);
1455ca007d91SDag-Erling Smørgrav 	}
1456ca007d91SDag-Erling Smørgrav 	getfiles();
1457ca007d91SDag-Erling Smørgrav 	display();
1458ca007d91SDag-Erling Smørgrav 	exit(0);
1459ca007d91SDag-Erling Smørgrav }
1460