xref: /freebsd/usr.bin/sockstat/sockstat.c (revision 76afb20c58adb296f09857aed214b91464242264)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2002 Dag-Erling Coïdan Smørgrav
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer
12  *    in this position and unchanged.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. The name of the author may not be used to endorse or promote products
17  *    derived from this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
33 
34 #include <sys/param.h>
35 #include <sys/socket.h>
36 #include <sys/socketvar.h>
37 #include <sys/sysctl.h>
38 #include <sys/file.h>
39 #include <sys/user.h>
40 
41 #include <sys/un.h>
42 #define	_WANT_UNPCB
43 #include <sys/unpcb.h>
44 
45 #include <net/route.h>
46 
47 #include <netinet/in.h>
48 #include <netinet/in_pcb.h>
49 #include <netinet/sctp.h>
50 #include <netinet/tcp.h>
51 #define TCPSTATES /* load state names */
52 #include <netinet/tcp_fsm.h>
53 #include <netinet/tcp_seq.h>
54 #include <netinet/tcp_var.h>
55 #include <arpa/inet.h>
56 
57 #include <ctype.h>
58 #include <err.h>
59 #include <errno.h>
60 #include <jail.h>
61 #include <netdb.h>
62 #include <pwd.h>
63 #include <stdarg.h>
64 #include <stdio.h>
65 #include <stdlib.h>
66 #include <string.h>
67 #include <unistd.h>
68 
69 #define	sstosin(ss)	((struct sockaddr_in *)(ss))
70 #define	sstosin6(ss)	((struct sockaddr_in6 *)(ss))
71 #define	sstosun(ss)	((struct sockaddr_un *)(ss))
72 #define	sstosa(ss)	((struct sockaddr *)(ss))
73 
74 static int	 opt_4;		/* Show IPv4 sockets */
75 static int	 opt_6;		/* Show IPv6 sockets */
76 static int	 opt_c;		/* Show connected sockets */
77 static int	 opt_j;		/* Show specified jail */
78 static int	 opt_L;		/* Don't show IPv4 or IPv6 loopback sockets */
79 static int	 opt_l;		/* Show listening sockets */
80 static int	 opt_q;		/* Don't show header */
81 static int	 opt_S;		/* Show protocol stack if applicable */
82 static int	 opt_s;		/* Show protocol state if applicable */
83 static int	 opt_U;		/* Show remote UDP encapsulation port number */
84 static int	 opt_u;		/* Show Unix domain sockets */
85 static int	 opt_v;		/* Verbose mode */
86 static int	 opt_w;		/* Wide print area for addresses */
87 
88 /*
89  * Default protocols to use if no -P was defined.
90  */
91 static const char *default_protos[] = {"sctp", "tcp", "udp", "divert" };
92 static size_t	   default_numprotos = nitems(default_protos);
93 
94 static int	*protos;	/* protocols to use */
95 static size_t	 numprotos;	/* allocated size of protos[] */
96 
97 static int	*ports;
98 
99 #define	INT_BIT (sizeof(int)*CHAR_BIT)
100 #define	SET_PORT(p) do { ports[p / INT_BIT] |= 1 << (p % INT_BIT); } while (0)
101 #define	CHK_PORT(p) (ports[p / INT_BIT] & (1 << (p % INT_BIT)))
102 
103 struct addr {
104 	struct sockaddr_storage address;
105 	unsigned int encaps_port;
106 	int state;
107 	struct addr *next;
108 };
109 
110 struct sock {
111 	kvaddr_t socket;
112 	kvaddr_t pcb;
113 	int shown;
114 	int vflag;
115 	int family;
116 	int proto;
117 	int state;
118 	const char *protoname;
119 	char stack[TCP_FUNCTION_NAME_LEN_MAX];
120 	struct addr *laddr;
121 	struct addr *faddr;
122 	struct sock *next;
123 };
124 
125 #define	HASHSIZE 1009
126 static struct sock *sockhash[HASHSIZE];
127 
128 static struct xfile *xfiles;
129 static int nxfiles;
130 
131 static int
132 xprintf(const char *fmt, ...)
133 {
134 	va_list ap;
135 	int len;
136 
137 	va_start(ap, fmt);
138 	len = vprintf(fmt, ap);
139 	va_end(ap);
140 	if (len < 0)
141 		err(1, "printf()");
142 	return (len);
143 }
144 
145 static int
146 get_proto_type(const char *proto)
147 {
148 	struct protoent *pent;
149 
150 	if (strlen(proto) == 0)
151 		return (0);
152 	pent = getprotobyname(proto);
153 	if (pent == NULL) {
154 		warn("getprotobyname");
155 		return (-1);
156 	}
157 	return (pent->p_proto);
158 }
159 
160 static void
161 init_protos(int num)
162 {
163 	int proto_count = 0;
164 
165 	if (num > 0) {
166 		proto_count = num;
167 	} else {
168 		/* Find the maximum number of possible protocols. */
169 		while (getprotoent() != NULL)
170 			proto_count++;
171 		endprotoent();
172 	}
173 
174 	if ((protos = malloc(sizeof(int) * proto_count)) == NULL)
175 		err(1, "malloc");
176 	numprotos = proto_count;
177 }
178 
179 static int
180 parse_protos(char *protospec)
181 {
182 	char *prot;
183 	int proto_type, proto_index;
184 
185 	if (protospec == NULL)
186 		return (-1);
187 
188 	init_protos(0);
189 	proto_index = 0;
190 	while ((prot = strsep(&protospec, ",")) != NULL) {
191 		if (strlen(prot) == 0)
192 			continue;
193 		proto_type = get_proto_type(prot);
194 		if (proto_type != -1)
195 			protos[proto_index++] = proto_type;
196 	}
197 	numprotos = proto_index;
198 	return (proto_index);
199 }
200 
201 static void
202 parse_ports(const char *portspec)
203 {
204 	const char *p, *q;
205 	int port, end;
206 
207 	if (ports == NULL)
208 		if ((ports = calloc(65536 / INT_BIT, sizeof(int))) == NULL)
209 			err(1, "calloc()");
210 	p = portspec;
211 	while (*p != '\0') {
212 		if (!isdigit(*p))
213 			errx(1, "syntax error in port range");
214 		for (q = p; *q != '\0' && isdigit(*q); ++q)
215 			/* nothing */ ;
216 		for (port = 0; p < q; ++p)
217 			port = port * 10 + digittoint(*p);
218 		if (port < 0 || port > 65535)
219 			errx(1, "invalid port number");
220 		SET_PORT(port);
221 		switch (*p) {
222 		case '-':
223 			++p;
224 			break;
225 		case ',':
226 			++p;
227 			/* fall through */
228 		case '\0':
229 		default:
230 			continue;
231 		}
232 		for (q = p; *q != '\0' && isdigit(*q); ++q)
233 			/* nothing */ ;
234 		for (end = 0; p < q; ++p)
235 			end = end * 10 + digittoint(*p);
236 		if (end < port || end > 65535)
237 			errx(1, "invalid port number");
238 		while (port++ < end)
239 			SET_PORT(port);
240 		if (*p == ',')
241 			++p;
242 	}
243 }
244 
245 static void
246 sockaddr(struct sockaddr_storage *ss, int af, void *addr, int port)
247 {
248 	struct sockaddr_in *sin4;
249 	struct sockaddr_in6 *sin6;
250 
251 	bzero(ss, sizeof(*ss));
252 	switch (af) {
253 	case AF_INET:
254 		sin4 = sstosin(ss);
255 		sin4->sin_len = sizeof(*sin4);
256 		sin4->sin_family = af;
257 		sin4->sin_port = port;
258 		sin4->sin_addr = *(struct in_addr *)addr;
259 		break;
260 	case AF_INET6:
261 		sin6 = sstosin6(ss);
262 		sin6->sin6_len = sizeof(*sin6);
263 		sin6->sin6_family = af;
264 		sin6->sin6_port = port;
265 		sin6->sin6_addr = *(struct in6_addr *)addr;
266 #define	s6_addr16	__u6_addr.__u6_addr16
267 		if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
268 			sin6->sin6_scope_id =
269 			    ntohs(sin6->sin6_addr.s6_addr16[1]);
270 			sin6->sin6_addr.s6_addr16[1] = 0;
271 		}
272 		break;
273 	default:
274 		abort();
275 	}
276 }
277 
278 static void
279 free_socket(struct sock *sock)
280 {
281 	struct addr *cur, *next;
282 
283 	cur = sock->laddr;
284 	while (cur != NULL) {
285 		next = cur->next;
286 		free(cur);
287 		cur = next;
288 	}
289 	cur = sock->faddr;
290 	while (cur != NULL) {
291 		next = cur->next;
292 		free(cur);
293 		cur = next;
294 	}
295 	free(sock);
296 }
297 
298 static void
299 gather_sctp(void)
300 {
301 	struct sock *sock;
302 	struct addr *laddr, *prev_laddr, *faddr, *prev_faddr;
303 	struct xsctp_inpcb *xinpcb;
304 	struct xsctp_tcb *xstcb;
305 	struct xsctp_raddr *xraddr;
306 	struct xsctp_laddr *xladdr;
307 	const char *varname;
308 	size_t len, offset;
309 	char *buf;
310 	int hash, vflag;
311 	int no_stcb, local_all_loopback, foreign_all_loopback;
312 
313 	vflag = 0;
314 	if (opt_4)
315 		vflag |= INP_IPV4;
316 	if (opt_6)
317 		vflag |= INP_IPV6;
318 
319 	varname = "net.inet.sctp.assoclist";
320 	if (sysctlbyname(varname, 0, &len, 0, 0) < 0) {
321 		if (errno != ENOENT)
322 			err(1, "sysctlbyname()");
323 		return;
324 	}
325 	if ((buf = (char *)malloc(len)) == NULL) {
326 		err(1, "malloc()");
327 		return;
328 	}
329 	if (sysctlbyname(varname, buf, &len, 0, 0) < 0) {
330 		err(1, "sysctlbyname()");
331 		free(buf);
332 		return;
333 	}
334 	xinpcb = (struct xsctp_inpcb *)(void *)buf;
335 	offset = sizeof(struct xsctp_inpcb);
336 	while ((offset < len) && (xinpcb->last == 0)) {
337 		if ((sock = calloc(1, sizeof *sock)) == NULL)
338 			err(1, "malloc()");
339 		sock->socket = xinpcb->socket;
340 		sock->proto = IPPROTO_SCTP;
341 		sock->protoname = "sctp";
342 		if (xinpcb->maxqlen == 0)
343 			sock->state = SCTP_CLOSED;
344 		else
345 			sock->state = SCTP_LISTEN;
346 		if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
347 			sock->family = AF_INET6;
348 			/*
349 			 * Currently there is no way to distinguish between
350 			 * IPv6 only sockets or dual family sockets.
351 			 * So mark it as dual socket.
352 			 */
353 			sock->vflag = INP_IPV6 | INP_IPV4;
354 		} else {
355 			sock->family = AF_INET;
356 			sock->vflag = INP_IPV4;
357 		}
358 		prev_laddr = NULL;
359 		local_all_loopback = 1;
360 		while (offset < len) {
361 			xladdr = (struct xsctp_laddr *)(void *)(buf + offset);
362 			offset += sizeof(struct xsctp_laddr);
363 			if (xladdr->last == 1)
364 				break;
365 			if ((laddr = calloc(1, sizeof(struct addr))) == NULL)
366 				err(1, "malloc()");
367 			switch (xladdr->address.sa.sa_family) {
368 			case AF_INET:
369 #define	__IN_IS_ADDR_LOOPBACK(pina) \
370 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
371 				if (!__IN_IS_ADDR_LOOPBACK(
372 				    &xladdr->address.sin.sin_addr))
373 					local_all_loopback = 0;
374 #undef	__IN_IS_ADDR_LOOPBACK
375 				sockaddr(&laddr->address, AF_INET,
376 				    &xladdr->address.sin.sin_addr,
377 				    htons(xinpcb->local_port));
378 				break;
379 			case AF_INET6:
380 				if (!IN6_IS_ADDR_LOOPBACK(
381 				    &xladdr->address.sin6.sin6_addr))
382 					local_all_loopback = 0;
383 				sockaddr(&laddr->address, AF_INET6,
384 				    &xladdr->address.sin6.sin6_addr,
385 				    htons(xinpcb->local_port));
386 				break;
387 			default:
388 				errx(1, "address family %d not supported",
389 				    xladdr->address.sa.sa_family);
390 			}
391 			laddr->next = NULL;
392 			if (prev_laddr == NULL)
393 				sock->laddr = laddr;
394 			else
395 				prev_laddr->next = laddr;
396 			prev_laddr = laddr;
397 		}
398 		if (sock->laddr == NULL) {
399 			if ((sock->laddr =
400 			    calloc(1, sizeof(struct addr))) == NULL)
401 				err(1, "malloc()");
402 			sock->laddr->address.ss_family = sock->family;
403 			if (sock->family == AF_INET)
404 				sock->laddr->address.ss_len =
405 				    sizeof(struct sockaddr_in);
406 			else
407 				sock->laddr->address.ss_len =
408 				    sizeof(struct sockaddr_in6);
409 			local_all_loopback = 0;
410 		}
411 		if ((sock->faddr = calloc(1, sizeof(struct addr))) == NULL)
412 			err(1, "malloc()");
413 		sock->faddr->address.ss_family = sock->family;
414 		if (sock->family == AF_INET)
415 			sock->faddr->address.ss_len =
416 			    sizeof(struct sockaddr_in);
417 		else
418 			sock->faddr->address.ss_len =
419 			    sizeof(struct sockaddr_in6);
420 		no_stcb = 1;
421 		while (offset < len) {
422 			xstcb = (struct xsctp_tcb *)(void *)(buf + offset);
423 			offset += sizeof(struct xsctp_tcb);
424 			if (no_stcb) {
425 				if (opt_l && (sock->vflag & vflag) &&
426 				    (!opt_L || !local_all_loopback) &&
427 				    ((xinpcb->flags & SCTP_PCB_FLAGS_UDPTYPE) ||
428 				     (xstcb->last == 1))) {
429 					hash = (int)((uintptr_t)sock->socket %
430 					    HASHSIZE);
431 					sock->next = sockhash[hash];
432 					sockhash[hash] = sock;
433 				} else {
434 					free_socket(sock);
435 				}
436 			}
437 			if (xstcb->last == 1)
438 				break;
439 			no_stcb = 0;
440 			if (opt_c) {
441 				if ((sock = calloc(1, sizeof *sock)) == NULL)
442 					err(1, "malloc()");
443 				sock->socket = xinpcb->socket;
444 				sock->proto = IPPROTO_SCTP;
445 				sock->protoname = "sctp";
446 				sock->state = (int)xstcb->state;
447 				if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
448 					sock->family = AF_INET6;
449 				/*
450 				 * Currently there is no way to distinguish
451 				 * between IPv6 only sockets or dual family
452 				 *  sockets. So mark it as dual socket.
453 				 */
454 					sock->vflag = INP_IPV6 | INP_IPV4;
455 				} else {
456 					sock->family = AF_INET;
457 					sock->vflag = INP_IPV4;
458 				}
459 			}
460 			prev_laddr = NULL;
461 			local_all_loopback = 1;
462 			while (offset < len) {
463 				xladdr = (struct xsctp_laddr *)(void *)(buf +
464 				    offset);
465 				offset += sizeof(struct xsctp_laddr);
466 				if (xladdr->last == 1)
467 					break;
468 				if (!opt_c)
469 					continue;
470 				laddr = calloc(1, sizeof(struct addr));
471 				if (laddr == NULL)
472 					err(1, "malloc()");
473 				switch (xladdr->address.sa.sa_family) {
474 				case AF_INET:
475 #define	__IN_IS_ADDR_LOOPBACK(pina) \
476 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
477 					if (!__IN_IS_ADDR_LOOPBACK(
478 					    &xladdr->address.sin.sin_addr))
479 						local_all_loopback = 0;
480 #undef	__IN_IS_ADDR_LOOPBACK
481 					sockaddr(&laddr->address, AF_INET,
482 					    &xladdr->address.sin.sin_addr,
483 					    htons(xstcb->local_port));
484 					break;
485 				case AF_INET6:
486 					if (!IN6_IS_ADDR_LOOPBACK(
487 					    &xladdr->address.sin6.sin6_addr))
488 						local_all_loopback = 0;
489 					sockaddr(&laddr->address, AF_INET6,
490 					    &xladdr->address.sin6.sin6_addr,
491 					    htons(xstcb->local_port));
492 					break;
493 				default:
494 					errx(1,
495 					    "address family %d not supported",
496 					    xladdr->address.sa.sa_family);
497 				}
498 				laddr->next = NULL;
499 				if (prev_laddr == NULL)
500 					sock->laddr = laddr;
501 				else
502 					prev_laddr->next = laddr;
503 				prev_laddr = laddr;
504 			}
505 			prev_faddr = NULL;
506 			foreign_all_loopback = 1;
507 			while (offset < len) {
508 				xraddr = (struct xsctp_raddr *)(void *)(buf +
509 				    offset);
510 				offset += sizeof(struct xsctp_raddr);
511 				if (xraddr->last == 1)
512 					break;
513 				if (!opt_c)
514 					continue;
515 				faddr = calloc(1, sizeof(struct addr));
516 				if (faddr == NULL)
517 					err(1, "malloc()");
518 				switch (xraddr->address.sa.sa_family) {
519 				case AF_INET:
520 #define	__IN_IS_ADDR_LOOPBACK(pina) \
521 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
522 					if (!__IN_IS_ADDR_LOOPBACK(
523 					    &xraddr->address.sin.sin_addr))
524 						foreign_all_loopback = 0;
525 #undef	__IN_IS_ADDR_LOOPBACK
526 					sockaddr(&faddr->address, AF_INET,
527 					    &xraddr->address.sin.sin_addr,
528 					    htons(xstcb->remote_port));
529 					break;
530 				case AF_INET6:
531 					if (!IN6_IS_ADDR_LOOPBACK(
532 					    &xraddr->address.sin6.sin6_addr))
533 						foreign_all_loopback = 0;
534 					sockaddr(&faddr->address, AF_INET6,
535 					    &xraddr->address.sin6.sin6_addr,
536 					    htons(xstcb->remote_port));
537 					break;
538 				default:
539 					errx(1,
540 					    "address family %d not supported",
541 					    xraddr->address.sa.sa_family);
542 				}
543 				faddr->encaps_port = xraddr->encaps_port;
544 				faddr->state = xraddr->state;
545 				faddr->next = NULL;
546 				if (prev_faddr == NULL)
547 					sock->faddr = faddr;
548 				else
549 					prev_faddr->next = faddr;
550 				prev_faddr = faddr;
551 			}
552 			if (opt_c) {
553 				if ((sock->vflag & vflag) &&
554 				    (!opt_L ||
555 				     !(local_all_loopback ||
556 				     foreign_all_loopback))) {
557 					hash = (int)((uintptr_t)sock->socket %
558 					    HASHSIZE);
559 					sock->next = sockhash[hash];
560 					sockhash[hash] = sock;
561 				} else {
562 					free_socket(sock);
563 				}
564 			}
565 		}
566 		xinpcb = (struct xsctp_inpcb *)(void *)(buf + offset);
567 		offset += sizeof(struct xsctp_inpcb);
568 	}
569 	free(buf);
570 }
571 
572 static void
573 gather_inet(int proto)
574 {
575 	struct xinpgen *xig, *exig;
576 	struct xinpcb *xip;
577 	struct xtcpcb *xtp = NULL;
578 	struct xsocket *so;
579 	struct sock *sock;
580 	struct addr *laddr, *faddr;
581 	const char *varname, *protoname;
582 	size_t len, bufsize;
583 	void *buf;
584 	int hash, retry, vflag;
585 
586 	vflag = 0;
587 	if (opt_4)
588 		vflag |= INP_IPV4;
589 	if (opt_6)
590 		vflag |= INP_IPV6;
591 
592 	switch (proto) {
593 	case IPPROTO_TCP:
594 		varname = "net.inet.tcp.pcblist";
595 		protoname = "tcp";
596 		break;
597 	case IPPROTO_UDP:
598 		varname = "net.inet.udp.pcblist";
599 		protoname = "udp";
600 		break;
601 	case IPPROTO_DIVERT:
602 		varname = "net.inet.divert.pcblist";
603 		protoname = "div";
604 		break;
605 	default:
606 		errx(1, "protocol %d not supported", proto);
607 	}
608 
609 	buf = NULL;
610 	bufsize = 8192;
611 	retry = 5;
612 	do {
613 		for (;;) {
614 			if ((buf = realloc(buf, bufsize)) == NULL)
615 				err(1, "realloc()");
616 			len = bufsize;
617 			if (sysctlbyname(varname, buf, &len, NULL, 0) == 0)
618 				break;
619 			if (errno == ENOENT)
620 				goto out;
621 			if (errno != ENOMEM || len != bufsize)
622 				err(1, "sysctlbyname()");
623 			bufsize *= 2;
624 		}
625 		xig = (struct xinpgen *)buf;
626 		exig = (struct xinpgen *)(void *)
627 		    ((char *)buf + len - sizeof *exig);
628 		if (xig->xig_len != sizeof *xig ||
629 		    exig->xig_len != sizeof *exig)
630 			errx(1, "struct xinpgen size mismatch");
631 	} while (xig->xig_gen != exig->xig_gen && retry--);
632 
633 	if (xig->xig_gen != exig->xig_gen && opt_v)
634 		warnx("warning: data may be inconsistent");
635 
636 	for (;;) {
637 		xig = (struct xinpgen *)(void *)((char *)xig + xig->xig_len);
638 		if (xig >= exig)
639 			break;
640 		switch (proto) {
641 		case IPPROTO_TCP:
642 			xtp = (struct xtcpcb *)xig;
643 			xip = &xtp->xt_inp;
644 			if (xtp->xt_len != sizeof(*xtp)) {
645 				warnx("struct xtcpcb size mismatch");
646 				goto out;
647 			}
648 			protoname = xtp->t_flags & TF_TOE ? "toe" : "tcp";
649 			break;
650 		case IPPROTO_UDP:
651 		case IPPROTO_DIVERT:
652 			xip = (struct xinpcb *)xig;
653 			if (xip->xi_len != sizeof(*xip)) {
654 				warnx("struct xinpcb size mismatch");
655 				goto out;
656 			}
657 			break;
658 		default:
659 			errx(1, "protocol %d not supported", proto);
660 		}
661 		so = &xip->xi_socket;
662 		if ((xip->inp_vflag & vflag) == 0)
663 			continue;
664 		if (xip->inp_vflag & INP_IPV4) {
665 			if ((xip->inp_fport == 0 && !opt_l) ||
666 			    (xip->inp_fport != 0 && !opt_c))
667 				continue;
668 #define	__IN_IS_ADDR_LOOPBACK(pina) \
669 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
670 			if (opt_L &&
671 			    (__IN_IS_ADDR_LOOPBACK(&xip->inp_faddr) ||
672 			     __IN_IS_ADDR_LOOPBACK(&xip->inp_laddr)))
673 				continue;
674 #undef	__IN_IS_ADDR_LOOPBACK
675 		} else if (xip->inp_vflag & INP_IPV6) {
676 			if ((xip->inp_fport == 0 && !opt_l) ||
677 			    (xip->inp_fport != 0 && !opt_c))
678 				continue;
679 			if (opt_L &&
680 			    (IN6_IS_ADDR_LOOPBACK(&xip->in6p_faddr) ||
681 			     IN6_IS_ADDR_LOOPBACK(&xip->in6p_laddr)))
682 				continue;
683 		} else {
684 			if (opt_v)
685 				warnx("invalid vflag 0x%x", xip->inp_vflag);
686 			continue;
687 		}
688 		if ((sock = calloc(1, sizeof(*sock))) == NULL)
689 			err(1, "malloc()");
690 		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
691 			err(1, "malloc()");
692 		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
693 			err(1, "malloc()");
694 		sock->socket = so->xso_so;
695 		sock->proto = proto;
696 		if (xip->inp_vflag & INP_IPV4) {
697 			sock->family = AF_INET;
698 			sockaddr(&laddr->address, sock->family,
699 			    &xip->inp_laddr, xip->inp_lport);
700 			sockaddr(&faddr->address, sock->family,
701 			    &xip->inp_faddr, xip->inp_fport);
702 		} else if (xip->inp_vflag & INP_IPV6) {
703 			sock->family = AF_INET6;
704 			sockaddr(&laddr->address, sock->family,
705 			    &xip->in6p_laddr, xip->inp_lport);
706 			sockaddr(&faddr->address, sock->family,
707 			    &xip->in6p_faddr, xip->inp_fport);
708 		}
709 		laddr->next = NULL;
710 		faddr->next = NULL;
711 		sock->laddr = laddr;
712 		sock->faddr = faddr;
713 		sock->vflag = xip->inp_vflag;
714 		if (proto == IPPROTO_TCP) {
715 			sock->state = xtp->t_state;
716 			memcpy(sock->stack, xtp->xt_stack,
717 			    TCP_FUNCTION_NAME_LEN_MAX);
718 		}
719 		sock->protoname = protoname;
720 		hash = (int)((uintptr_t)sock->socket % HASHSIZE);
721 		sock->next = sockhash[hash];
722 		sockhash[hash] = sock;
723 	}
724 out:
725 	free(buf);
726 }
727 
728 static void
729 gather_unix(int proto)
730 {
731 	struct xunpgen *xug, *exug;
732 	struct xunpcb *xup;
733 	struct sock *sock;
734 	struct addr *laddr, *faddr;
735 	const char *varname, *protoname;
736 	size_t len, bufsize;
737 	void *buf;
738 	int hash, retry;
739 
740 	switch (proto) {
741 	case SOCK_STREAM:
742 		varname = "net.local.stream.pcblist";
743 		protoname = "stream";
744 		break;
745 	case SOCK_DGRAM:
746 		varname = "net.local.dgram.pcblist";
747 		protoname = "dgram";
748 		break;
749 	case SOCK_SEQPACKET:
750 		varname = "net.local.seqpacket.pcblist";
751 		protoname = "seqpac";
752 		break;
753 	default:
754 		abort();
755 	}
756 	buf = NULL;
757 	bufsize = 8192;
758 	retry = 5;
759 	do {
760 		for (;;) {
761 			if ((buf = realloc(buf, bufsize)) == NULL)
762 				err(1, "realloc()");
763 			len = bufsize;
764 			if (sysctlbyname(varname, buf, &len, NULL, 0) == 0)
765 				break;
766 			if (errno != ENOMEM || len != bufsize)
767 				err(1, "sysctlbyname()");
768 			bufsize *= 2;
769 		}
770 		xug = (struct xunpgen *)buf;
771 		exug = (struct xunpgen *)(void *)
772 		    ((char *)buf + len - sizeof(*exug));
773 		if (xug->xug_len != sizeof(*xug) ||
774 		    exug->xug_len != sizeof(*exug)) {
775 			warnx("struct xinpgen size mismatch");
776 			goto out;
777 		}
778 	} while (xug->xug_gen != exug->xug_gen && retry--);
779 
780 	if (xug->xug_gen != exug->xug_gen && opt_v)
781 		warnx("warning: data may be inconsistent");
782 
783 	for (;;) {
784 		xug = (struct xunpgen *)(void *)((char *)xug + xug->xug_len);
785 		if (xug >= exug)
786 			break;
787 		xup = (struct xunpcb *)xug;
788 		if (xup->xu_len != sizeof(*xup)) {
789 			warnx("struct xunpcb size mismatch");
790 			goto out;
791 		}
792 		if ((xup->unp_conn == 0 && !opt_l) ||
793 		    (xup->unp_conn != 0 && !opt_c))
794 			continue;
795 		if ((sock = calloc(1, sizeof(*sock))) == NULL)
796 			err(1, "malloc()");
797 		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
798 			err(1, "malloc()");
799 		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
800 			err(1, "malloc()");
801 		sock->socket = xup->xu_socket.xso_so;
802 		sock->pcb = xup->xu_unpp;
803 		sock->proto = proto;
804 		sock->family = AF_UNIX;
805 		sock->protoname = protoname;
806 		if (xup->xu_addr.sun_family == AF_UNIX)
807 			laddr->address =
808 			    *(struct sockaddr_storage *)(void *)&xup->xu_addr;
809 		else if (xup->unp_conn != 0)
810 			*(kvaddr_t*)&(faddr->address) = xup->unp_conn;
811 		laddr->next = NULL;
812 		faddr->next = NULL;
813 		sock->laddr = laddr;
814 		sock->faddr = faddr;
815 		hash = (int)((uintptr_t)sock->socket % HASHSIZE);
816 		sock->next = sockhash[hash];
817 		sockhash[hash] = sock;
818 	}
819 out:
820 	free(buf);
821 }
822 
823 static void
824 getfiles(void)
825 {
826 	size_t len, olen;
827 
828 	olen = len = sizeof(*xfiles);
829 	if ((xfiles = malloc(len)) == NULL)
830 		err(1, "malloc()");
831 	while (sysctlbyname("kern.file", xfiles, &len, 0, 0) == -1) {
832 		if (errno != ENOMEM || len != olen)
833 			err(1, "sysctlbyname()");
834 		olen = len *= 2;
835 		if ((xfiles = realloc(xfiles, len)) == NULL)
836 			err(1, "realloc()");
837 	}
838 	if (len > 0 && xfiles->xf_size != sizeof(*xfiles))
839 		errx(1, "struct xfile size mismatch");
840 	nxfiles = len / sizeof(*xfiles);
841 }
842 
843 static int
844 printaddr(struct sockaddr_storage *ss)
845 {
846 	struct sockaddr_un *sun;
847 	char addrstr[NI_MAXHOST] = { '\0', '\0' };
848 	int error, off, port = 0;
849 
850 	switch (ss->ss_family) {
851 	case AF_INET:
852 		if (inet_lnaof(sstosin(ss)->sin_addr) == INADDR_ANY)
853 			addrstr[0] = '*';
854 		port = ntohs(sstosin(ss)->sin_port);
855 		break;
856 	case AF_INET6:
857 		if (IN6_IS_ADDR_UNSPECIFIED(&sstosin6(ss)->sin6_addr))
858 			addrstr[0] = '*';
859 		port = ntohs(sstosin6(ss)->sin6_port);
860 		break;
861 	case AF_UNIX:
862 		sun = sstosun(ss);
863 		off = (int)((char *)&sun->sun_path - (char *)sun);
864 		return (xprintf("%.*s", sun->sun_len - off, sun->sun_path));
865 	}
866 	if (addrstr[0] == '\0') {
867 		error = getnameinfo(sstosa(ss), ss->ss_len, addrstr,
868 		    sizeof(addrstr), NULL, 0, NI_NUMERICHOST);
869 		if (error)
870 			errx(1, "getnameinfo()");
871 	}
872 	if (port == 0)
873 		return xprintf("%s:*", addrstr);
874 	else
875 		return xprintf("%s:%d", addrstr, port);
876 }
877 
878 static const char *
879 getprocname(pid_t pid)
880 {
881 	static struct kinfo_proc proc;
882 	size_t len;
883 	int mib[4];
884 
885 	mib[0] = CTL_KERN;
886 	mib[1] = KERN_PROC;
887 	mib[2] = KERN_PROC_PID;
888 	mib[3] = (int)pid;
889 	len = sizeof(proc);
890 	if (sysctl(mib, nitems(mib), &proc, &len, NULL, 0) == -1) {
891 		/* Do not warn if the process exits before we get its name. */
892 		if (errno != ESRCH)
893 			warn("sysctl()");
894 		return ("??");
895 	}
896 	return (proc.ki_comm);
897 }
898 
899 static int
900 getprocjid(pid_t pid)
901 {
902 	static struct kinfo_proc proc;
903 	size_t len;
904 	int mib[4];
905 
906 	mib[0] = CTL_KERN;
907 	mib[1] = KERN_PROC;
908 	mib[2] = KERN_PROC_PID;
909 	mib[3] = (int)pid;
910 	len = sizeof(proc);
911 	if (sysctl(mib, nitems(mib), &proc, &len, NULL, 0) == -1) {
912 		/* Do not warn if the process exits before we get its jid. */
913 		if (errno != ESRCH)
914 			warn("sysctl()");
915 		return (-1);
916 	}
917 	return (proc.ki_jid);
918 }
919 
920 static int
921 check_ports(struct sock *s)
922 {
923 	int port;
924 	struct addr *addr;
925 
926 	if (ports == NULL)
927 		return (1);
928 	if ((s->family != AF_INET) && (s->family != AF_INET6))
929 		return (1);
930 	for (addr = s->laddr; addr != NULL; addr = addr->next) {
931 		if (s->family == AF_INET)
932 			port = ntohs(sstosin(&addr->address)->sin_port);
933 		else
934 			port = ntohs(sstosin6(&addr->address)->sin6_port);
935 		if (CHK_PORT(port))
936 			return (1);
937 	}
938 	for (addr = s->faddr; addr != NULL; addr = addr->next) {
939 		if (s->family == AF_INET)
940 			port = ntohs(sstosin(&addr->address)->sin_port);
941 		else
942 			port = ntohs(sstosin6(&addr->address)->sin6_port);
943 		if (CHK_PORT(port))
944 			return (1);
945 	}
946 	return (0);
947 }
948 
949 static const char *
950 sctp_conn_state(int state)
951 {
952 	switch (state) {
953 	case SCTP_CLOSED:
954 		return "CLOSED";
955 		break;
956 	case SCTP_BOUND:
957 		return "BOUND";
958 		break;
959 	case SCTP_LISTEN:
960 		return "LISTEN";
961 		break;
962 	case SCTP_COOKIE_WAIT:
963 		return "COOKIE_WAIT";
964 		break;
965 	case SCTP_COOKIE_ECHOED:
966 		return "COOKIE_ECHOED";
967 		break;
968 	case SCTP_ESTABLISHED:
969 		return "ESTABLISHED";
970 		break;
971 	case SCTP_SHUTDOWN_SENT:
972 		return "SHUTDOWN_SENT";
973 		break;
974 	case SCTP_SHUTDOWN_RECEIVED:
975 		return "SHUTDOWN_RECEIVED";
976 		break;
977 	case SCTP_SHUTDOWN_ACK_SENT:
978 		return "SHUTDOWN_ACK_SENT";
979 		break;
980 	case SCTP_SHUTDOWN_PENDING:
981 		return "SHUTDOWN_PENDING";
982 		break;
983 	default:
984 		return "UNKNOWN";
985 		break;
986 	}
987 }
988 
989 static const char *
990 sctp_path_state(int state)
991 {
992 	switch (state) {
993 	case SCTP_UNCONFIRMED:
994 		return "UNCONFIRMED";
995 		break;
996 	case SCTP_ACTIVE:
997 		return "ACTIVE";
998 		break;
999 	case SCTP_INACTIVE:
1000 		return "INACTIVE";
1001 		break;
1002 	default:
1003 		return "UNKNOWN";
1004 		break;
1005 	}
1006 }
1007 
1008 static void
1009 displaysock(struct sock *s, int pos)
1010 {
1011 	kvaddr_t p;
1012 	int hash, first, offset;
1013 	struct addr *laddr, *faddr;
1014 	struct sock *s_tmp;
1015 
1016 	while (pos < 29)
1017 		pos += xprintf(" ");
1018 	pos += xprintf("%s", s->protoname);
1019 	if (s->vflag & INP_IPV4)
1020 		pos += xprintf("4");
1021 	if (s->vflag & INP_IPV6)
1022 		pos += xprintf("6");
1023 	if (s->vflag & (INP_IPV4 | INP_IPV6))
1024 		pos += xprintf(" ");
1025 	laddr = s->laddr;
1026 	faddr = s->faddr;
1027 	first = 1;
1028 	while (laddr != NULL || faddr != NULL) {
1029 		offset = 36;
1030 		while (pos < offset)
1031 			pos += xprintf(" ");
1032 		switch (s->family) {
1033 		case AF_INET:
1034 		case AF_INET6:
1035 			if (laddr != NULL) {
1036 				pos += printaddr(&laddr->address);
1037 				if (s->family == AF_INET6 && pos >= 58)
1038 					pos += xprintf(" ");
1039 			}
1040 			offset += opt_w ? 46 : 22;
1041 			while (pos < offset)
1042 				pos += xprintf(" ");
1043 			if (faddr != NULL)
1044 				pos += printaddr(&faddr->address);
1045 			offset += opt_w ? 46 : 22;
1046 			break;
1047 		case AF_UNIX:
1048 			if ((laddr == NULL) || (faddr == NULL))
1049 				errx(1, "laddr = %p or faddr = %p is NULL",
1050 				    (void *)laddr, (void *)faddr);
1051 			/* server */
1052 			if (laddr->address.ss_len > 0) {
1053 				pos += printaddr(&laddr->address);
1054 				break;
1055 			}
1056 			/* client */
1057 			p = *(kvaddr_t*)&(faddr->address);
1058 			if (p == 0) {
1059 				pos += xprintf("(not connected)");
1060 				offset += opt_w ? 92 : 44;
1061 				break;
1062 			}
1063 			pos += xprintf("-> ");
1064 			for (hash = 0; hash < HASHSIZE; ++hash) {
1065 				for (s_tmp = sockhash[hash];
1066 				    s_tmp != NULL;
1067 				    s_tmp = s_tmp->next)
1068 					if (s_tmp->pcb == p)
1069 						break;
1070 				if (s_tmp != NULL)
1071 					break;
1072 			}
1073 			if (s_tmp == NULL || s_tmp->laddr == NULL ||
1074 			    s_tmp->laddr->address.ss_len == 0)
1075 				pos += xprintf("??");
1076 			else
1077 				pos += printaddr(&s_tmp->laddr->address);
1078 			offset += opt_w ? 92 : 44;
1079 			break;
1080 		default:
1081 			abort();
1082 		}
1083 		if (opt_U) {
1084 			if (faddr != NULL &&
1085 			    s->proto == IPPROTO_SCTP &&
1086 			    s->state != SCTP_CLOSED &&
1087 			    s->state != SCTP_BOUND &&
1088 			    s->state != SCTP_LISTEN) {
1089 				while (pos < offset)
1090 					pos += xprintf(" ");
1091 				pos += xprintf("%u",
1092 				    ntohs(faddr->encaps_port));
1093 			}
1094 			offset += 7;
1095 		}
1096 		if (opt_s) {
1097 			if (faddr != NULL &&
1098 			    s->proto == IPPROTO_SCTP &&
1099 			    s->state != SCTP_CLOSED &&
1100 			    s->state != SCTP_BOUND &&
1101 			    s->state != SCTP_LISTEN) {
1102 				while (pos < offset)
1103 					pos += xprintf(" ");
1104 				pos += xprintf("%s",
1105 				    sctp_path_state(faddr->state));
1106 			}
1107 			offset += 13;
1108 		}
1109 		if (first) {
1110 			if (opt_s) {
1111 				if (s->proto == IPPROTO_SCTP ||
1112 				    s->proto == IPPROTO_TCP) {
1113 					while (pos < offset)
1114 						pos += xprintf(" ");
1115 					switch (s->proto) {
1116 					case IPPROTO_SCTP:
1117 						pos += xprintf("%s",
1118 						    sctp_conn_state(s->state));
1119 						break;
1120 					case IPPROTO_TCP:
1121 						if (s->state >= 0 &&
1122 						    s->state < TCP_NSTATES)
1123 							pos += xprintf("%s",
1124 							    tcpstates[s->state]);
1125 						else
1126 							pos += xprintf("?");
1127 						break;
1128 					}
1129 				}
1130 				offset += 13;
1131 			}
1132 			if (opt_S && s->proto == IPPROTO_TCP) {
1133 				while (pos < offset)
1134 					pos += xprintf(" ");
1135 				xprintf("%.*s", TCP_FUNCTION_NAME_LEN_MAX,
1136 				    s->stack);
1137 			}
1138 		}
1139 		if (laddr != NULL)
1140 			laddr = laddr->next;
1141 		if (faddr != NULL)
1142 			faddr = faddr->next;
1143 		if ((laddr != NULL) || (faddr != NULL)) {
1144 			xprintf("\n");
1145 			pos = 0;
1146 		}
1147 		first = 0;
1148 	}
1149 	xprintf("\n");
1150 }
1151 
1152 static void
1153 display(void)
1154 {
1155 	struct passwd *pwd;
1156 	struct xfile *xf;
1157 	struct sock *s;
1158 	int hash, n, pos;
1159 
1160 	if (opt_q != 1) {
1161 		printf("%-8s %-10s %-5s %-2s %-6s %-*s %-*s",
1162 		    "USER", "COMMAND", "PID", "FD", "PROTO",
1163 		    opt_w ? 45 : 21, "LOCAL ADDRESS",
1164 		    opt_w ? 45 : 21, "FOREIGN ADDRESS");
1165 		if (opt_U)
1166 			printf(" %-6s", "ENCAPS");
1167 		if (opt_s) {
1168 			printf(" %-12s", "PATH STATE");
1169 			printf(" %-12s", "CONN STATE");
1170 		}
1171 		if (opt_S)
1172 			printf(" %.*s", TCP_FUNCTION_NAME_LEN_MAX, "STACK");
1173 		printf("\n");
1174 	}
1175 	setpassent(1);
1176 	for (xf = xfiles, n = 0; n < nxfiles; ++n, ++xf) {
1177 		if (xf->xf_data == 0)
1178 			continue;
1179 		if (opt_j >= 0 && opt_j != getprocjid(xf->xf_pid))
1180 			continue;
1181 		hash = (int)((uintptr_t)xf->xf_data % HASHSIZE);
1182 		for (s = sockhash[hash]; s != NULL; s = s->next) {
1183 			if (s->socket != xf->xf_data)
1184 				continue;
1185 			if (!check_ports(s))
1186 				continue;
1187 			s->shown = 1;
1188 			pos = 0;
1189 			if ((pwd = getpwuid(xf->xf_uid)) == NULL)
1190 				pos += xprintf("%lu ", (u_long)xf->xf_uid);
1191 			else
1192 				pos += xprintf("%s ", pwd->pw_name);
1193 			while (pos < 9)
1194 				pos += xprintf(" ");
1195 			pos += xprintf("%.10s", getprocname(xf->xf_pid));
1196 			while (pos < 20)
1197 				pos += xprintf(" ");
1198 			pos += xprintf("%lu ", (u_long)xf->xf_pid);
1199 			while (pos < 26)
1200 				pos += xprintf(" ");
1201 			pos += xprintf("%d ", xf->xf_fd);
1202 			displaysock(s, pos);
1203 		}
1204 	}
1205 	if (opt_j >= 0)
1206 		return;
1207 	for (hash = 0; hash < HASHSIZE; hash++) {
1208 		for (s = sockhash[hash]; s != NULL; s = s->next) {
1209 			if (s->shown)
1210 				continue;
1211 			if (!check_ports(s))
1212 				continue;
1213 			pos = 0;
1214 			pos += xprintf("%-8s %-10s %-5s %-2s ",
1215 			    "?", "?", "?", "?");
1216 			displaysock(s, pos);
1217 		}
1218 	}
1219 }
1220 
1221 static int set_default_protos(void)
1222 {
1223 	struct protoent *prot;
1224 	const char *pname;
1225 	size_t pindex;
1226 
1227 	init_protos(default_numprotos);
1228 
1229 	for (pindex = 0; pindex < default_numprotos; pindex++) {
1230 		pname = default_protos[pindex];
1231 		prot = getprotobyname(pname);
1232 		if (prot == NULL)
1233 			err(1, "getprotobyname: %s", pname);
1234 		protos[pindex] = prot->p_proto;
1235 	}
1236 	numprotos = pindex;
1237 	return (pindex);
1238 }
1239 
1240 static void
1241 usage(void)
1242 {
1243 	fprintf(stderr,
1244 	    "usage: sockstat [-46cLlSsUuvw] [-j jid] [-p ports] [-P protocols]\n");
1245 	exit(1);
1246 }
1247 
1248 int
1249 main(int argc, char *argv[])
1250 {
1251 	int protos_defined = -1;
1252 	int o, i;
1253 
1254 	opt_j = -1;
1255 	while ((o = getopt(argc, argv, "46cj:Llp:P:qSsUuvw")) != -1)
1256 		switch (o) {
1257 		case '4':
1258 			opt_4 = 1;
1259 			break;
1260 		case '6':
1261 			opt_6 = 1;
1262 			break;
1263 		case 'c':
1264 			opt_c = 1;
1265 			break;
1266 		case 'j':
1267 			opt_j = jail_getid(optarg);
1268 			if (opt_j < 0)
1269 				errx(1, "%s", jail_errmsg);
1270 			break;
1271 		case 'L':
1272 			opt_L = 1;
1273 			break;
1274 		case 'l':
1275 			opt_l = 1;
1276 			break;
1277 		case 'p':
1278 			parse_ports(optarg);
1279 			break;
1280 		case 'P':
1281 			protos_defined = parse_protos(optarg);
1282 			break;
1283 		case 'q':
1284 			opt_q = 1;
1285 			break;
1286 		case 'S':
1287 			opt_S = 1;
1288 			break;
1289 		case 's':
1290 			opt_s = 1;
1291 			break;
1292 		case 'U':
1293 			opt_U = 1;
1294 			break;
1295 		case 'u':
1296 			opt_u = 1;
1297 			break;
1298 		case 'v':
1299 			++opt_v;
1300 			break;
1301 		case 'w':
1302 			opt_w = 1;
1303 			break;
1304 		default:
1305 			usage();
1306 		}
1307 
1308 	argc -= optind;
1309 	argv += optind;
1310 
1311 	if (argc > 0)
1312 		usage();
1313 
1314 	if ((!opt_4 && !opt_6) && protos_defined != -1)
1315 		opt_4 = opt_6 = 1;
1316 	if (!opt_4 && !opt_6 && !opt_u)
1317 		opt_4 = opt_6 = opt_u = 1;
1318 	if ((opt_4 || opt_6) && protos_defined == -1)
1319 		protos_defined = set_default_protos();
1320 	if (!opt_c && !opt_l)
1321 		opt_c = opt_l = 1;
1322 
1323 	if (opt_4 || opt_6) {
1324 		for (i = 0; i < protos_defined; i++)
1325 			if (protos[i] == IPPROTO_SCTP)
1326 				gather_sctp();
1327 			else
1328 				gather_inet(protos[i]);
1329 	}
1330 
1331 	if (opt_u || (protos_defined == -1 && !opt_4 && !opt_6)) {
1332 		gather_unix(SOCK_STREAM);
1333 		gather_unix(SOCK_DGRAM);
1334 		gather_unix(SOCK_SEQPACKET);
1335 	}
1336 	getfiles();
1337 	display();
1338 	exit(0);
1339 }
1340