xref: /freebsd/usr.bin/sockstat/sockstat.c (revision 96474d2a3fa895fb9636183403fc8ca7ccf60216)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2002 Dag-Erling Coïdan Smørgrav
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer
12  *    in this position and unchanged.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. The name of the author may not be used to endorse or promote products
17  *    derived from this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
33 
34 #include <sys/param.h>
35 #include <sys/file.h>
36 #include <sys/socket.h>
37 #include <sys/socketvar.h>
38 #include <sys/sysctl.h>
39 #include <sys/jail.h>
40 #include <sys/user.h>
41 
42 #include <sys/un.h>
43 #define	_WANT_UNPCB
44 #include <sys/unpcb.h>
45 
46 #include <net/route.h>
47 
48 #include <netinet/in.h>
49 #include <netinet/in_pcb.h>
50 #include <netinet/sctp.h>
51 #include <netinet/tcp.h>
52 #define TCPSTATES /* load state names */
53 #include <netinet/tcp_fsm.h>
54 #include <netinet/tcp_seq.h>
55 #include <netinet/tcp_var.h>
56 #include <arpa/inet.h>
57 
58 #include <ctype.h>
59 #include <err.h>
60 #include <errno.h>
61 #include <jail.h>
62 #include <netdb.h>
63 #include <pwd.h>
64 #include <stdarg.h>
65 #include <stdio.h>
66 #include <stdlib.h>
67 #include <string.h>
68 #include <unistd.h>
69 
70 #define	sstosin(ss)	((struct sockaddr_in *)(ss))
71 #define	sstosin6(ss)	((struct sockaddr_in6 *)(ss))
72 #define	sstosun(ss)	((struct sockaddr_un *)(ss))
73 #define	sstosa(ss)	((struct sockaddr *)(ss))
74 
75 static int	 opt_4;		/* Show IPv4 sockets */
76 static int	 opt_6;		/* Show IPv6 sockets */
77 static int	 opt_C;		/* Show congestion control */
78 static int	 opt_c;		/* Show connected sockets */
79 static int	 opt_j;		/* Show specified jail */
80 static int	 opt_L;		/* Don't show IPv4 or IPv6 loopback sockets */
81 static int	 opt_l;		/* Show listening sockets */
82 static int	 opt_q;		/* Don't show header */
83 static int	 opt_S;		/* Show protocol stack if applicable */
84 static int	 opt_s;		/* Show protocol state if applicable */
85 static int	 opt_U;		/* Show remote UDP encapsulation port number */
86 static int	 opt_u;		/* Show Unix domain sockets */
87 static int	 opt_v;		/* Verbose mode */
88 static int	 opt_w;		/* Wide print area for addresses */
89 
90 /*
91  * Default protocols to use if no -P was defined.
92  */
93 static const char *default_protos[] = {"sctp", "tcp", "udp", "divert" };
94 static size_t	   default_numprotos = nitems(default_protos);
95 
96 static int	*protos;	/* protocols to use */
97 static size_t	 numprotos;	/* allocated size of protos[] */
98 
99 static int	*ports;
100 
101 #define	INT_BIT (sizeof(int)*CHAR_BIT)
102 #define	SET_PORT(p) do { ports[p / INT_BIT] |= 1 << (p % INT_BIT); } while (0)
103 #define	CHK_PORT(p) (ports[p / INT_BIT] & (1 << (p % INT_BIT)))
104 
105 struct addr {
106 	struct sockaddr_storage address;
107 	unsigned int encaps_port;
108 	int state;
109 	struct addr *next;
110 };
111 
112 struct sock {
113 	kvaddr_t socket;
114 	kvaddr_t pcb;
115 	int shown;
116 	int vflag;
117 	int family;
118 	int proto;
119 	int state;
120 	const char *protoname;
121 	char stack[TCP_FUNCTION_NAME_LEN_MAX];
122 	char cc[TCP_CA_NAME_MAX];
123 	struct addr *laddr;
124 	struct addr *faddr;
125 	struct sock *next;
126 };
127 
128 #define	HASHSIZE 1009
129 static struct sock *sockhash[HASHSIZE];
130 
131 static struct xfile *xfiles;
132 static int nxfiles;
133 
134 static int
135 xprintf(const char *fmt, ...)
136 {
137 	va_list ap;
138 	int len;
139 
140 	va_start(ap, fmt);
141 	len = vprintf(fmt, ap);
142 	va_end(ap);
143 	if (len < 0)
144 		err(1, "printf()");
145 	return (len);
146 }
147 
148 static int
149 get_proto_type(const char *proto)
150 {
151 	struct protoent *pent;
152 
153 	if (strlen(proto) == 0)
154 		return (0);
155 	pent = getprotobyname(proto);
156 	if (pent == NULL) {
157 		warn("getprotobyname");
158 		return (-1);
159 	}
160 	return (pent->p_proto);
161 }
162 
163 static void
164 init_protos(int num)
165 {
166 	int proto_count = 0;
167 
168 	if (num > 0) {
169 		proto_count = num;
170 	} else {
171 		/* Find the maximum number of possible protocols. */
172 		while (getprotoent() != NULL)
173 			proto_count++;
174 		endprotoent();
175 	}
176 
177 	if ((protos = malloc(sizeof(int) * proto_count)) == NULL)
178 		err(1, "malloc");
179 	numprotos = proto_count;
180 }
181 
182 static int
183 parse_protos(char *protospec)
184 {
185 	char *prot;
186 	int proto_type, proto_index;
187 
188 	if (protospec == NULL)
189 		return (-1);
190 
191 	init_protos(0);
192 	proto_index = 0;
193 	while ((prot = strsep(&protospec, ",")) != NULL) {
194 		if (strlen(prot) == 0)
195 			continue;
196 		proto_type = get_proto_type(prot);
197 		if (proto_type != -1)
198 			protos[proto_index++] = proto_type;
199 	}
200 	numprotos = proto_index;
201 	return (proto_index);
202 }
203 
204 static void
205 parse_ports(const char *portspec)
206 {
207 	const char *p, *q;
208 	int port, end;
209 
210 	if (ports == NULL)
211 		if ((ports = calloc(65536 / INT_BIT, sizeof(int))) == NULL)
212 			err(1, "calloc()");
213 	p = portspec;
214 	while (*p != '\0') {
215 		if (!isdigit(*p))
216 			errx(1, "syntax error in port range");
217 		for (q = p; *q != '\0' && isdigit(*q); ++q)
218 			/* nothing */ ;
219 		for (port = 0; p < q; ++p)
220 			port = port * 10 + digittoint(*p);
221 		if (port < 0 || port > 65535)
222 			errx(1, "invalid port number");
223 		SET_PORT(port);
224 		switch (*p) {
225 		case '-':
226 			++p;
227 			break;
228 		case ',':
229 			++p;
230 			/* fall through */
231 		case '\0':
232 		default:
233 			continue;
234 		}
235 		for (q = p; *q != '\0' && isdigit(*q); ++q)
236 			/* nothing */ ;
237 		for (end = 0; p < q; ++p)
238 			end = end * 10 + digittoint(*p);
239 		if (end < port || end > 65535)
240 			errx(1, "invalid port number");
241 		while (port++ < end)
242 			SET_PORT(port);
243 		if (*p == ',')
244 			++p;
245 	}
246 }
247 
248 static void
249 sockaddr(struct sockaddr_storage *ss, int af, void *addr, int port)
250 {
251 	struct sockaddr_in *sin4;
252 	struct sockaddr_in6 *sin6;
253 
254 	bzero(ss, sizeof(*ss));
255 	switch (af) {
256 	case AF_INET:
257 		sin4 = sstosin(ss);
258 		sin4->sin_len = sizeof(*sin4);
259 		sin4->sin_family = af;
260 		sin4->sin_port = port;
261 		sin4->sin_addr = *(struct in_addr *)addr;
262 		break;
263 	case AF_INET6:
264 		sin6 = sstosin6(ss);
265 		sin6->sin6_len = sizeof(*sin6);
266 		sin6->sin6_family = af;
267 		sin6->sin6_port = port;
268 		sin6->sin6_addr = *(struct in6_addr *)addr;
269 #define	s6_addr16	__u6_addr.__u6_addr16
270 		if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
271 			sin6->sin6_scope_id =
272 			    ntohs(sin6->sin6_addr.s6_addr16[1]);
273 			sin6->sin6_addr.s6_addr16[1] = 0;
274 		}
275 		break;
276 	default:
277 		abort();
278 	}
279 }
280 
281 static void
282 free_socket(struct sock *sock)
283 {
284 	struct addr *cur, *next;
285 
286 	cur = sock->laddr;
287 	while (cur != NULL) {
288 		next = cur->next;
289 		free(cur);
290 		cur = next;
291 	}
292 	cur = sock->faddr;
293 	while (cur != NULL) {
294 		next = cur->next;
295 		free(cur);
296 		cur = next;
297 	}
298 	free(sock);
299 }
300 
301 static void
302 gather_sctp(void)
303 {
304 	struct sock *sock;
305 	struct addr *laddr, *prev_laddr, *faddr, *prev_faddr;
306 	struct xsctp_inpcb *xinpcb;
307 	struct xsctp_tcb *xstcb;
308 	struct xsctp_raddr *xraddr;
309 	struct xsctp_laddr *xladdr;
310 	const char *varname;
311 	size_t len, offset;
312 	char *buf;
313 	int hash, vflag;
314 	int no_stcb, local_all_loopback, foreign_all_loopback;
315 
316 	vflag = 0;
317 	if (opt_4)
318 		vflag |= INP_IPV4;
319 	if (opt_6)
320 		vflag |= INP_IPV6;
321 
322 	varname = "net.inet.sctp.assoclist";
323 	if (sysctlbyname(varname, 0, &len, 0, 0) < 0) {
324 		if (errno != ENOENT)
325 			err(1, "sysctlbyname()");
326 		return;
327 	}
328 	if ((buf = (char *)malloc(len)) == NULL) {
329 		err(1, "malloc()");
330 		return;
331 	}
332 	if (sysctlbyname(varname, buf, &len, 0, 0) < 0) {
333 		err(1, "sysctlbyname()");
334 		free(buf);
335 		return;
336 	}
337 	xinpcb = (struct xsctp_inpcb *)(void *)buf;
338 	offset = sizeof(struct xsctp_inpcb);
339 	while ((offset < len) && (xinpcb->last == 0)) {
340 		if ((sock = calloc(1, sizeof *sock)) == NULL)
341 			err(1, "malloc()");
342 		sock->socket = xinpcb->socket;
343 		sock->proto = IPPROTO_SCTP;
344 		sock->protoname = "sctp";
345 		if (xinpcb->maxqlen == 0)
346 			sock->state = SCTP_CLOSED;
347 		else
348 			sock->state = SCTP_LISTEN;
349 		if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
350 			sock->family = AF_INET6;
351 			/*
352 			 * Currently there is no way to distinguish between
353 			 * IPv6 only sockets or dual family sockets.
354 			 * So mark it as dual socket.
355 			 */
356 			sock->vflag = INP_IPV6 | INP_IPV4;
357 		} else {
358 			sock->family = AF_INET;
359 			sock->vflag = INP_IPV4;
360 		}
361 		prev_laddr = NULL;
362 		local_all_loopback = 1;
363 		while (offset < len) {
364 			xladdr = (struct xsctp_laddr *)(void *)(buf + offset);
365 			offset += sizeof(struct xsctp_laddr);
366 			if (xladdr->last == 1)
367 				break;
368 			if ((laddr = calloc(1, sizeof(struct addr))) == NULL)
369 				err(1, "malloc()");
370 			switch (xladdr->address.sa.sa_family) {
371 			case AF_INET:
372 #define	__IN_IS_ADDR_LOOPBACK(pina) \
373 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
374 				if (!__IN_IS_ADDR_LOOPBACK(
375 				    &xladdr->address.sin.sin_addr))
376 					local_all_loopback = 0;
377 #undef	__IN_IS_ADDR_LOOPBACK
378 				sockaddr(&laddr->address, AF_INET,
379 				    &xladdr->address.sin.sin_addr,
380 				    htons(xinpcb->local_port));
381 				break;
382 			case AF_INET6:
383 				if (!IN6_IS_ADDR_LOOPBACK(
384 				    &xladdr->address.sin6.sin6_addr))
385 					local_all_loopback = 0;
386 				sockaddr(&laddr->address, AF_INET6,
387 				    &xladdr->address.sin6.sin6_addr,
388 				    htons(xinpcb->local_port));
389 				break;
390 			default:
391 				errx(1, "address family %d not supported",
392 				    xladdr->address.sa.sa_family);
393 			}
394 			laddr->next = NULL;
395 			if (prev_laddr == NULL)
396 				sock->laddr = laddr;
397 			else
398 				prev_laddr->next = laddr;
399 			prev_laddr = laddr;
400 		}
401 		if (sock->laddr == NULL) {
402 			if ((sock->laddr =
403 			    calloc(1, sizeof(struct addr))) == NULL)
404 				err(1, "malloc()");
405 			sock->laddr->address.ss_family = sock->family;
406 			if (sock->family == AF_INET)
407 				sock->laddr->address.ss_len =
408 				    sizeof(struct sockaddr_in);
409 			else
410 				sock->laddr->address.ss_len =
411 				    sizeof(struct sockaddr_in6);
412 			local_all_loopback = 0;
413 		}
414 		if ((sock->faddr = calloc(1, sizeof(struct addr))) == NULL)
415 			err(1, "malloc()");
416 		sock->faddr->address.ss_family = sock->family;
417 		if (sock->family == AF_INET)
418 			sock->faddr->address.ss_len =
419 			    sizeof(struct sockaddr_in);
420 		else
421 			sock->faddr->address.ss_len =
422 			    sizeof(struct sockaddr_in6);
423 		no_stcb = 1;
424 		while (offset < len) {
425 			xstcb = (struct xsctp_tcb *)(void *)(buf + offset);
426 			offset += sizeof(struct xsctp_tcb);
427 			if (no_stcb) {
428 				if (opt_l && (sock->vflag & vflag) &&
429 				    (!opt_L || !local_all_loopback) &&
430 				    ((xinpcb->flags & SCTP_PCB_FLAGS_UDPTYPE) ||
431 				     (xstcb->last == 1))) {
432 					hash = (int)((uintptr_t)sock->socket %
433 					    HASHSIZE);
434 					sock->next = sockhash[hash];
435 					sockhash[hash] = sock;
436 				} else {
437 					free_socket(sock);
438 				}
439 			}
440 			if (xstcb->last == 1)
441 				break;
442 			no_stcb = 0;
443 			if (opt_c) {
444 				if ((sock = calloc(1, sizeof *sock)) == NULL)
445 					err(1, "malloc()");
446 				sock->socket = xinpcb->socket;
447 				sock->proto = IPPROTO_SCTP;
448 				sock->protoname = "sctp";
449 				sock->state = (int)xstcb->state;
450 				if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
451 					sock->family = AF_INET6;
452 				/*
453 				 * Currently there is no way to distinguish
454 				 * between IPv6 only sockets or dual family
455 				 *  sockets. So mark it as dual socket.
456 				 */
457 					sock->vflag = INP_IPV6 | INP_IPV4;
458 				} else {
459 					sock->family = AF_INET;
460 					sock->vflag = INP_IPV4;
461 				}
462 			}
463 			prev_laddr = NULL;
464 			local_all_loopback = 1;
465 			while (offset < len) {
466 				xladdr = (struct xsctp_laddr *)(void *)(buf +
467 				    offset);
468 				offset += sizeof(struct xsctp_laddr);
469 				if (xladdr->last == 1)
470 					break;
471 				if (!opt_c)
472 					continue;
473 				laddr = calloc(1, sizeof(struct addr));
474 				if (laddr == NULL)
475 					err(1, "malloc()");
476 				switch (xladdr->address.sa.sa_family) {
477 				case AF_INET:
478 #define	__IN_IS_ADDR_LOOPBACK(pina) \
479 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
480 					if (!__IN_IS_ADDR_LOOPBACK(
481 					    &xladdr->address.sin.sin_addr))
482 						local_all_loopback = 0;
483 #undef	__IN_IS_ADDR_LOOPBACK
484 					sockaddr(&laddr->address, AF_INET,
485 					    &xladdr->address.sin.sin_addr,
486 					    htons(xstcb->local_port));
487 					break;
488 				case AF_INET6:
489 					if (!IN6_IS_ADDR_LOOPBACK(
490 					    &xladdr->address.sin6.sin6_addr))
491 						local_all_loopback = 0;
492 					sockaddr(&laddr->address, AF_INET6,
493 					    &xladdr->address.sin6.sin6_addr,
494 					    htons(xstcb->local_port));
495 					break;
496 				default:
497 					errx(1,
498 					    "address family %d not supported",
499 					    xladdr->address.sa.sa_family);
500 				}
501 				laddr->next = NULL;
502 				if (prev_laddr == NULL)
503 					sock->laddr = laddr;
504 				else
505 					prev_laddr->next = laddr;
506 				prev_laddr = laddr;
507 			}
508 			prev_faddr = NULL;
509 			foreign_all_loopback = 1;
510 			while (offset < len) {
511 				xraddr = (struct xsctp_raddr *)(void *)(buf +
512 				    offset);
513 				offset += sizeof(struct xsctp_raddr);
514 				if (xraddr->last == 1)
515 					break;
516 				if (!opt_c)
517 					continue;
518 				faddr = calloc(1, sizeof(struct addr));
519 				if (faddr == NULL)
520 					err(1, "malloc()");
521 				switch (xraddr->address.sa.sa_family) {
522 				case AF_INET:
523 #define	__IN_IS_ADDR_LOOPBACK(pina) \
524 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
525 					if (!__IN_IS_ADDR_LOOPBACK(
526 					    &xraddr->address.sin.sin_addr))
527 						foreign_all_loopback = 0;
528 #undef	__IN_IS_ADDR_LOOPBACK
529 					sockaddr(&faddr->address, AF_INET,
530 					    &xraddr->address.sin.sin_addr,
531 					    htons(xstcb->remote_port));
532 					break;
533 				case AF_INET6:
534 					if (!IN6_IS_ADDR_LOOPBACK(
535 					    &xraddr->address.sin6.sin6_addr))
536 						foreign_all_loopback = 0;
537 					sockaddr(&faddr->address, AF_INET6,
538 					    &xraddr->address.sin6.sin6_addr,
539 					    htons(xstcb->remote_port));
540 					break;
541 				default:
542 					errx(1,
543 					    "address family %d not supported",
544 					    xraddr->address.sa.sa_family);
545 				}
546 				faddr->encaps_port = xraddr->encaps_port;
547 				faddr->state = xraddr->state;
548 				faddr->next = NULL;
549 				if (prev_faddr == NULL)
550 					sock->faddr = faddr;
551 				else
552 					prev_faddr->next = faddr;
553 				prev_faddr = faddr;
554 			}
555 			if (opt_c) {
556 				if ((sock->vflag & vflag) &&
557 				    (!opt_L ||
558 				     !(local_all_loopback ||
559 				     foreign_all_loopback))) {
560 					hash = (int)((uintptr_t)sock->socket %
561 					    HASHSIZE);
562 					sock->next = sockhash[hash];
563 					sockhash[hash] = sock;
564 				} else {
565 					free_socket(sock);
566 				}
567 			}
568 		}
569 		xinpcb = (struct xsctp_inpcb *)(void *)(buf + offset);
570 		offset += sizeof(struct xsctp_inpcb);
571 	}
572 	free(buf);
573 }
574 
575 static void
576 gather_inet(int proto)
577 {
578 	struct xinpgen *xig, *exig;
579 	struct xinpcb *xip;
580 	struct xtcpcb *xtp = NULL;
581 	struct xsocket *so;
582 	struct sock *sock;
583 	struct addr *laddr, *faddr;
584 	const char *varname, *protoname;
585 	size_t len, bufsize;
586 	void *buf;
587 	int hash, retry, vflag;
588 
589 	vflag = 0;
590 	if (opt_4)
591 		vflag |= INP_IPV4;
592 	if (opt_6)
593 		vflag |= INP_IPV6;
594 
595 	switch (proto) {
596 	case IPPROTO_TCP:
597 		varname = "net.inet.tcp.pcblist";
598 		protoname = "tcp";
599 		break;
600 	case IPPROTO_UDP:
601 		varname = "net.inet.udp.pcblist";
602 		protoname = "udp";
603 		break;
604 	case IPPROTO_DIVERT:
605 		varname = "net.inet.divert.pcblist";
606 		protoname = "div";
607 		break;
608 	default:
609 		errx(1, "protocol %d not supported", proto);
610 	}
611 
612 	buf = NULL;
613 	bufsize = 8192;
614 	retry = 5;
615 	do {
616 		for (;;) {
617 			if ((buf = realloc(buf, bufsize)) == NULL)
618 				err(1, "realloc()");
619 			len = bufsize;
620 			if (sysctlbyname(varname, buf, &len, NULL, 0) == 0)
621 				break;
622 			if (errno == ENOENT)
623 				goto out;
624 			if (errno != ENOMEM || len != bufsize)
625 				err(1, "sysctlbyname()");
626 			bufsize *= 2;
627 		}
628 		xig = (struct xinpgen *)buf;
629 		exig = (struct xinpgen *)(void *)
630 		    ((char *)buf + len - sizeof *exig);
631 		if (xig->xig_len != sizeof *xig ||
632 		    exig->xig_len != sizeof *exig)
633 			errx(1, "struct xinpgen size mismatch");
634 	} while (xig->xig_gen != exig->xig_gen && retry--);
635 
636 	if (xig->xig_gen != exig->xig_gen && opt_v)
637 		warnx("warning: data may be inconsistent");
638 
639 	for (;;) {
640 		xig = (struct xinpgen *)(void *)((char *)xig + xig->xig_len);
641 		if (xig >= exig)
642 			break;
643 		switch (proto) {
644 		case IPPROTO_TCP:
645 			xtp = (struct xtcpcb *)xig;
646 			xip = &xtp->xt_inp;
647 			if (xtp->xt_len != sizeof(*xtp)) {
648 				warnx("struct xtcpcb size mismatch");
649 				goto out;
650 			}
651 			protoname = xtp->t_flags & TF_TOE ? "toe" : "tcp";
652 			break;
653 		case IPPROTO_UDP:
654 		case IPPROTO_DIVERT:
655 			xip = (struct xinpcb *)xig;
656 			if (xip->xi_len != sizeof(*xip)) {
657 				warnx("struct xinpcb size mismatch");
658 				goto out;
659 			}
660 			break;
661 		default:
662 			errx(1, "protocol %d not supported", proto);
663 		}
664 		so = &xip->xi_socket;
665 		if ((xip->inp_vflag & vflag) == 0)
666 			continue;
667 		if (xip->inp_vflag & INP_IPV4) {
668 			if ((xip->inp_fport == 0 && !opt_l) ||
669 			    (xip->inp_fport != 0 && !opt_c))
670 				continue;
671 #define	__IN_IS_ADDR_LOOPBACK(pina) \
672 	((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
673 			if (opt_L &&
674 			    (__IN_IS_ADDR_LOOPBACK(&xip->inp_faddr) ||
675 			     __IN_IS_ADDR_LOOPBACK(&xip->inp_laddr)))
676 				continue;
677 #undef	__IN_IS_ADDR_LOOPBACK
678 		} else if (xip->inp_vflag & INP_IPV6) {
679 			if ((xip->inp_fport == 0 && !opt_l) ||
680 			    (xip->inp_fport != 0 && !opt_c))
681 				continue;
682 			if (opt_L &&
683 			    (IN6_IS_ADDR_LOOPBACK(&xip->in6p_faddr) ||
684 			     IN6_IS_ADDR_LOOPBACK(&xip->in6p_laddr)))
685 				continue;
686 		} else {
687 			if (opt_v)
688 				warnx("invalid vflag 0x%x", xip->inp_vflag);
689 			continue;
690 		}
691 		if ((sock = calloc(1, sizeof(*sock))) == NULL)
692 			err(1, "malloc()");
693 		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
694 			err(1, "malloc()");
695 		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
696 			err(1, "malloc()");
697 		sock->socket = so->xso_so;
698 		sock->proto = proto;
699 		if (xip->inp_vflag & INP_IPV4) {
700 			sock->family = AF_INET;
701 			sockaddr(&laddr->address, sock->family,
702 			    &xip->inp_laddr, xip->inp_lport);
703 			sockaddr(&faddr->address, sock->family,
704 			    &xip->inp_faddr, xip->inp_fport);
705 		} else if (xip->inp_vflag & INP_IPV6) {
706 			sock->family = AF_INET6;
707 			sockaddr(&laddr->address, sock->family,
708 			    &xip->in6p_laddr, xip->inp_lport);
709 			sockaddr(&faddr->address, sock->family,
710 			    &xip->in6p_faddr, xip->inp_fport);
711 		}
712 		laddr->next = NULL;
713 		faddr->next = NULL;
714 		sock->laddr = laddr;
715 		sock->faddr = faddr;
716 		sock->vflag = xip->inp_vflag;
717 		if (proto == IPPROTO_TCP) {
718 			sock->state = xtp->t_state;
719 			memcpy(sock->stack, xtp->xt_stack,
720 			    TCP_FUNCTION_NAME_LEN_MAX);
721 			memcpy(sock->cc, xtp->xt_cc, TCP_CA_NAME_MAX);
722 		}
723 		sock->protoname = protoname;
724 		hash = (int)((uintptr_t)sock->socket % HASHSIZE);
725 		sock->next = sockhash[hash];
726 		sockhash[hash] = sock;
727 	}
728 out:
729 	free(buf);
730 }
731 
732 static void
733 gather_unix(int proto)
734 {
735 	struct xunpgen *xug, *exug;
736 	struct xunpcb *xup;
737 	struct sock *sock;
738 	struct addr *laddr, *faddr;
739 	const char *varname, *protoname;
740 	size_t len, bufsize;
741 	void *buf;
742 	int hash, retry;
743 
744 	switch (proto) {
745 	case SOCK_STREAM:
746 		varname = "net.local.stream.pcblist";
747 		protoname = "stream";
748 		break;
749 	case SOCK_DGRAM:
750 		varname = "net.local.dgram.pcblist";
751 		protoname = "dgram";
752 		break;
753 	case SOCK_SEQPACKET:
754 		varname = "net.local.seqpacket.pcblist";
755 		protoname = "seqpac";
756 		break;
757 	default:
758 		abort();
759 	}
760 	buf = NULL;
761 	bufsize = 8192;
762 	retry = 5;
763 	do {
764 		for (;;) {
765 			if ((buf = realloc(buf, bufsize)) == NULL)
766 				err(1, "realloc()");
767 			len = bufsize;
768 			if (sysctlbyname(varname, buf, &len, NULL, 0) == 0)
769 				break;
770 			if (errno != ENOMEM || len != bufsize)
771 				err(1, "sysctlbyname()");
772 			bufsize *= 2;
773 		}
774 		xug = (struct xunpgen *)buf;
775 		exug = (struct xunpgen *)(void *)
776 		    ((char *)buf + len - sizeof(*exug));
777 		if (xug->xug_len != sizeof(*xug) ||
778 		    exug->xug_len != sizeof(*exug)) {
779 			warnx("struct xinpgen size mismatch");
780 			goto out;
781 		}
782 	} while (xug->xug_gen != exug->xug_gen && retry--);
783 
784 	if (xug->xug_gen != exug->xug_gen && opt_v)
785 		warnx("warning: data may be inconsistent");
786 
787 	for (;;) {
788 		xug = (struct xunpgen *)(void *)((char *)xug + xug->xug_len);
789 		if (xug >= exug)
790 			break;
791 		xup = (struct xunpcb *)xug;
792 		if (xup->xu_len != sizeof(*xup)) {
793 			warnx("struct xunpcb size mismatch");
794 			goto out;
795 		}
796 		if ((xup->unp_conn == 0 && !opt_l) ||
797 		    (xup->unp_conn != 0 && !opt_c))
798 			continue;
799 		if ((sock = calloc(1, sizeof(*sock))) == NULL)
800 			err(1, "malloc()");
801 		if ((laddr = calloc(1, sizeof *laddr)) == NULL)
802 			err(1, "malloc()");
803 		if ((faddr = calloc(1, sizeof *faddr)) == NULL)
804 			err(1, "malloc()");
805 		sock->socket = xup->xu_socket.xso_so;
806 		sock->pcb = xup->xu_unpp;
807 		sock->proto = proto;
808 		sock->family = AF_UNIX;
809 		sock->protoname = protoname;
810 		if (xup->xu_addr.sun_family == AF_UNIX)
811 			laddr->address =
812 			    *(struct sockaddr_storage *)(void *)&xup->xu_addr;
813 		else if (xup->unp_conn != 0)
814 			*(kvaddr_t*)&(faddr->address) = xup->unp_conn;
815 		laddr->next = NULL;
816 		faddr->next = NULL;
817 		sock->laddr = laddr;
818 		sock->faddr = faddr;
819 		hash = (int)((uintptr_t)sock->socket % HASHSIZE);
820 		sock->next = sockhash[hash];
821 		sockhash[hash] = sock;
822 	}
823 out:
824 	free(buf);
825 }
826 
827 static void
828 getfiles(void)
829 {
830 	size_t len, olen;
831 
832 	olen = len = sizeof(*xfiles);
833 	if ((xfiles = malloc(len)) == NULL)
834 		err(1, "malloc()");
835 	while (sysctlbyname("kern.file", xfiles, &len, 0, 0) == -1) {
836 		if (errno != ENOMEM || len != olen)
837 			err(1, "sysctlbyname()");
838 		olen = len *= 2;
839 		if ((xfiles = realloc(xfiles, len)) == NULL)
840 			err(1, "realloc()");
841 	}
842 	if (len > 0 && xfiles->xf_size != sizeof(*xfiles))
843 		errx(1, "struct xfile size mismatch");
844 	nxfiles = len / sizeof(*xfiles);
845 }
846 
847 static int
848 printaddr(struct sockaddr_storage *ss)
849 {
850 	struct sockaddr_un *sun;
851 	char addrstr[NI_MAXHOST] = { '\0', '\0' };
852 	int error, off, port = 0;
853 
854 	switch (ss->ss_family) {
855 	case AF_INET:
856 		if (inet_lnaof(sstosin(ss)->sin_addr) == INADDR_ANY)
857 			addrstr[0] = '*';
858 		port = ntohs(sstosin(ss)->sin_port);
859 		break;
860 	case AF_INET6:
861 		if (IN6_IS_ADDR_UNSPECIFIED(&sstosin6(ss)->sin6_addr))
862 			addrstr[0] = '*';
863 		port = ntohs(sstosin6(ss)->sin6_port);
864 		break;
865 	case AF_UNIX:
866 		sun = sstosun(ss);
867 		off = (int)((char *)&sun->sun_path - (char *)sun);
868 		return (xprintf("%.*s", sun->sun_len - off, sun->sun_path));
869 	}
870 	if (addrstr[0] == '\0') {
871 		error = getnameinfo(sstosa(ss), ss->ss_len, addrstr,
872 		    sizeof(addrstr), NULL, 0, NI_NUMERICHOST);
873 		if (error)
874 			errx(1, "getnameinfo()");
875 	}
876 	if (port == 0)
877 		return xprintf("%s:*", addrstr);
878 	else
879 		return xprintf("%s:%d", addrstr, port);
880 }
881 
882 static const char *
883 getprocname(pid_t pid)
884 {
885 	static struct kinfo_proc proc;
886 	size_t len;
887 	int mib[4];
888 
889 	mib[0] = CTL_KERN;
890 	mib[1] = KERN_PROC;
891 	mib[2] = KERN_PROC_PID;
892 	mib[3] = (int)pid;
893 	len = sizeof(proc);
894 	if (sysctl(mib, nitems(mib), &proc, &len, NULL, 0) == -1) {
895 		/* Do not warn if the process exits before we get its name. */
896 		if (errno != ESRCH)
897 			warn("sysctl()");
898 		return ("??");
899 	}
900 	return (proc.ki_comm);
901 }
902 
903 static int
904 getprocjid(pid_t pid)
905 {
906 	static struct kinfo_proc proc;
907 	size_t len;
908 	int mib[4];
909 
910 	mib[0] = CTL_KERN;
911 	mib[1] = KERN_PROC;
912 	mib[2] = KERN_PROC_PID;
913 	mib[3] = (int)pid;
914 	len = sizeof(proc);
915 	if (sysctl(mib, nitems(mib), &proc, &len, NULL, 0) == -1) {
916 		/* Do not warn if the process exits before we get its jid. */
917 		if (errno != ESRCH)
918 			warn("sysctl()");
919 		return (-1);
920 	}
921 	return (proc.ki_jid);
922 }
923 
924 static int
925 check_ports(struct sock *s)
926 {
927 	int port;
928 	struct addr *addr;
929 
930 	if (ports == NULL)
931 		return (1);
932 	if ((s->family != AF_INET) && (s->family != AF_INET6))
933 		return (1);
934 	for (addr = s->laddr; addr != NULL; addr = addr->next) {
935 		if (s->family == AF_INET)
936 			port = ntohs(sstosin(&addr->address)->sin_port);
937 		else
938 			port = ntohs(sstosin6(&addr->address)->sin6_port);
939 		if (CHK_PORT(port))
940 			return (1);
941 	}
942 	for (addr = s->faddr; addr != NULL; addr = addr->next) {
943 		if (s->family == AF_INET)
944 			port = ntohs(sstosin(&addr->address)->sin_port);
945 		else
946 			port = ntohs(sstosin6(&addr->address)->sin6_port);
947 		if (CHK_PORT(port))
948 			return (1);
949 	}
950 	return (0);
951 }
952 
953 static const char *
954 sctp_conn_state(int state)
955 {
956 	switch (state) {
957 	case SCTP_CLOSED:
958 		return "CLOSED";
959 		break;
960 	case SCTP_BOUND:
961 		return "BOUND";
962 		break;
963 	case SCTP_LISTEN:
964 		return "LISTEN";
965 		break;
966 	case SCTP_COOKIE_WAIT:
967 		return "COOKIE_WAIT";
968 		break;
969 	case SCTP_COOKIE_ECHOED:
970 		return "COOKIE_ECHOED";
971 		break;
972 	case SCTP_ESTABLISHED:
973 		return "ESTABLISHED";
974 		break;
975 	case SCTP_SHUTDOWN_SENT:
976 		return "SHUTDOWN_SENT";
977 		break;
978 	case SCTP_SHUTDOWN_RECEIVED:
979 		return "SHUTDOWN_RECEIVED";
980 		break;
981 	case SCTP_SHUTDOWN_ACK_SENT:
982 		return "SHUTDOWN_ACK_SENT";
983 		break;
984 	case SCTP_SHUTDOWN_PENDING:
985 		return "SHUTDOWN_PENDING";
986 		break;
987 	default:
988 		return "UNKNOWN";
989 		break;
990 	}
991 }
992 
993 static const char *
994 sctp_path_state(int state)
995 {
996 	switch (state) {
997 	case SCTP_UNCONFIRMED:
998 		return "UNCONFIRMED";
999 		break;
1000 	case SCTP_ACTIVE:
1001 		return "ACTIVE";
1002 		break;
1003 	case SCTP_INACTIVE:
1004 		return "INACTIVE";
1005 		break;
1006 	default:
1007 		return "UNKNOWN";
1008 		break;
1009 	}
1010 }
1011 
1012 static void
1013 displaysock(struct sock *s, int pos)
1014 {
1015 	kvaddr_t p;
1016 	int hash, first, offset;
1017 	struct addr *laddr, *faddr;
1018 	struct sock *s_tmp;
1019 
1020 	while (pos < 29)
1021 		pos += xprintf(" ");
1022 	pos += xprintf("%s", s->protoname);
1023 	if (s->vflag & INP_IPV4)
1024 		pos += xprintf("4");
1025 	if (s->vflag & INP_IPV6)
1026 		pos += xprintf("6");
1027 	if (s->vflag & (INP_IPV4 | INP_IPV6))
1028 		pos += xprintf(" ");
1029 	laddr = s->laddr;
1030 	faddr = s->faddr;
1031 	first = 1;
1032 	while (laddr != NULL || faddr != NULL) {
1033 		offset = 36;
1034 		while (pos < offset)
1035 			pos += xprintf(" ");
1036 		switch (s->family) {
1037 		case AF_INET:
1038 		case AF_INET6:
1039 			if (laddr != NULL) {
1040 				pos += printaddr(&laddr->address);
1041 				if (s->family == AF_INET6 && pos >= 58)
1042 					pos += xprintf(" ");
1043 			}
1044 			offset += opt_w ? 46 : 22;
1045 			while (pos < offset)
1046 				pos += xprintf(" ");
1047 			if (faddr != NULL)
1048 				pos += printaddr(&faddr->address);
1049 			offset += opt_w ? 46 : 22;
1050 			break;
1051 		case AF_UNIX:
1052 			if ((laddr == NULL) || (faddr == NULL))
1053 				errx(1, "laddr = %p or faddr = %p is NULL",
1054 				    (void *)laddr, (void *)faddr);
1055 			/* server */
1056 			if (laddr->address.ss_len > 0) {
1057 				pos += printaddr(&laddr->address);
1058 				break;
1059 			}
1060 			/* client */
1061 			p = *(kvaddr_t*)&(faddr->address);
1062 			if (p == 0) {
1063 				pos += xprintf("(not connected)");
1064 				offset += opt_w ? 92 : 44;
1065 				break;
1066 			}
1067 			pos += xprintf("-> ");
1068 			for (hash = 0; hash < HASHSIZE; ++hash) {
1069 				for (s_tmp = sockhash[hash];
1070 				    s_tmp != NULL;
1071 				    s_tmp = s_tmp->next)
1072 					if (s_tmp->pcb == p)
1073 						break;
1074 				if (s_tmp != NULL)
1075 					break;
1076 			}
1077 			if (s_tmp == NULL || s_tmp->laddr == NULL ||
1078 			    s_tmp->laddr->address.ss_len == 0)
1079 				pos += xprintf("??");
1080 			else
1081 				pos += printaddr(&s_tmp->laddr->address);
1082 			offset += opt_w ? 92 : 44;
1083 			break;
1084 		default:
1085 			abort();
1086 		}
1087 		if (opt_U) {
1088 			if (faddr != NULL &&
1089 			    s->proto == IPPROTO_SCTP &&
1090 			    s->state != SCTP_CLOSED &&
1091 			    s->state != SCTP_BOUND &&
1092 			    s->state != SCTP_LISTEN) {
1093 				while (pos < offset)
1094 					pos += xprintf(" ");
1095 				pos += xprintf("%u",
1096 				    ntohs(faddr->encaps_port));
1097 			}
1098 			offset += 7;
1099 		}
1100 		if (opt_s) {
1101 			if (faddr != NULL &&
1102 			    s->proto == IPPROTO_SCTP &&
1103 			    s->state != SCTP_CLOSED &&
1104 			    s->state != SCTP_BOUND &&
1105 			    s->state != SCTP_LISTEN) {
1106 				while (pos < offset)
1107 					pos += xprintf(" ");
1108 				pos += xprintf("%s",
1109 				    sctp_path_state(faddr->state));
1110 			}
1111 			offset += 13;
1112 		}
1113 		if (first) {
1114 			if (opt_s) {
1115 				if (s->proto == IPPROTO_SCTP ||
1116 				    s->proto == IPPROTO_TCP) {
1117 					while (pos < offset)
1118 						pos += xprintf(" ");
1119 					switch (s->proto) {
1120 					case IPPROTO_SCTP:
1121 						pos += xprintf("%s",
1122 						    sctp_conn_state(s->state));
1123 						break;
1124 					case IPPROTO_TCP:
1125 						if (s->state >= 0 &&
1126 						    s->state < TCP_NSTATES)
1127 							pos += xprintf("%s",
1128 							    tcpstates[s->state]);
1129 						else
1130 							pos += xprintf("?");
1131 						break;
1132 					}
1133 				}
1134 				offset += 13;
1135 			}
1136 			if (opt_S) {
1137 				if (s->proto == IPPROTO_TCP) {
1138 					while (pos < offset)
1139 						pos += xprintf(" ");
1140 					pos += xprintf("%.*s",
1141 					    TCP_FUNCTION_NAME_LEN_MAX,
1142 					    s->stack);
1143 				}
1144 				offset += TCP_FUNCTION_NAME_LEN_MAX + 1;
1145 			}
1146 			if (opt_C) {
1147 				if (s->proto == IPPROTO_TCP) {
1148 					while (pos < offset)
1149 						pos += xprintf(" ");
1150 					xprintf("%.*s", TCP_CA_NAME_MAX, s->cc);
1151 				}
1152 				offset += TCP_CA_NAME_MAX + 1;
1153 			}
1154 		}
1155 		if (laddr != NULL)
1156 			laddr = laddr->next;
1157 		if (faddr != NULL)
1158 			faddr = faddr->next;
1159 		if ((laddr != NULL) || (faddr != NULL)) {
1160 			xprintf("\n");
1161 			pos = 0;
1162 		}
1163 		first = 0;
1164 	}
1165 	xprintf("\n");
1166 }
1167 
1168 static void
1169 display(void)
1170 {
1171 	struct passwd *pwd;
1172 	struct xfile *xf;
1173 	struct sock *s;
1174 	int hash, n, pos;
1175 
1176 	if (opt_q != 1) {
1177 		printf("%-8s %-10s %-5s %-2s %-6s %-*s %-*s",
1178 		    "USER", "COMMAND", "PID", "FD", "PROTO",
1179 		    opt_w ? 45 : 21, "LOCAL ADDRESS",
1180 		    opt_w ? 45 : 21, "FOREIGN ADDRESS");
1181 		if (opt_U)
1182 			printf(" %-6s", "ENCAPS");
1183 		if (opt_s) {
1184 			printf(" %-12s", "PATH STATE");
1185 			printf(" %-12s", "CONN STATE");
1186 		}
1187 		if (opt_S)
1188 			printf(" %-*.*s", TCP_FUNCTION_NAME_LEN_MAX,
1189 			    TCP_FUNCTION_NAME_LEN_MAX, "STACK");
1190 		if (opt_C)
1191 			printf(" %-.*s", TCP_CA_NAME_MAX, "CC");
1192 		printf("\n");
1193 	}
1194 	setpassent(1);
1195 	for (xf = xfiles, n = 0; n < nxfiles; ++n, ++xf) {
1196 		if (xf->xf_data == 0)
1197 			continue;
1198 		if (opt_j >= 0 && opt_j != getprocjid(xf->xf_pid))
1199 			continue;
1200 		hash = (int)((uintptr_t)xf->xf_data % HASHSIZE);
1201 		for (s = sockhash[hash]; s != NULL; s = s->next) {
1202 			if (s->socket != xf->xf_data)
1203 				continue;
1204 			if (!check_ports(s))
1205 				continue;
1206 			s->shown = 1;
1207 			pos = 0;
1208 			if ((pwd = getpwuid(xf->xf_uid)) == NULL)
1209 				pos += xprintf("%lu ", (u_long)xf->xf_uid);
1210 			else
1211 				pos += xprintf("%s ", pwd->pw_name);
1212 			while (pos < 9)
1213 				pos += xprintf(" ");
1214 			pos += xprintf("%.10s", getprocname(xf->xf_pid));
1215 			while (pos < 20)
1216 				pos += xprintf(" ");
1217 			pos += xprintf("%lu ", (u_long)xf->xf_pid);
1218 			while (pos < 26)
1219 				pos += xprintf(" ");
1220 			pos += xprintf("%d ", xf->xf_fd);
1221 			displaysock(s, pos);
1222 		}
1223 	}
1224 	if (opt_j >= 0)
1225 		return;
1226 	for (hash = 0; hash < HASHSIZE; hash++) {
1227 		for (s = sockhash[hash]; s != NULL; s = s->next) {
1228 			if (s->shown)
1229 				continue;
1230 			if (!check_ports(s))
1231 				continue;
1232 			pos = 0;
1233 			pos += xprintf("%-8s %-10s %-5s %-2s ",
1234 			    "?", "?", "?", "?");
1235 			displaysock(s, pos);
1236 		}
1237 	}
1238 }
1239 
1240 static int
1241 set_default_protos(void)
1242 {
1243 	struct protoent *prot;
1244 	const char *pname;
1245 	size_t pindex;
1246 
1247 	init_protos(default_numprotos);
1248 
1249 	for (pindex = 0; pindex < default_numprotos; pindex++) {
1250 		pname = default_protos[pindex];
1251 		prot = getprotobyname(pname);
1252 		if (prot == NULL)
1253 			err(1, "getprotobyname: %s", pname);
1254 		protos[pindex] = prot->p_proto;
1255 	}
1256 	numprotos = pindex;
1257 	return (pindex);
1258 }
1259 
1260 /*
1261  * Return the vnet property of the jail, or -1 on error.
1262  */
1263 static int
1264 jail_getvnet(int jid)
1265 {
1266 	struct iovec jiov[6];
1267 	int vnet;
1268 
1269 	vnet = -1;
1270 	jiov[0].iov_base = __DECONST(char *, "jid");
1271 	jiov[0].iov_len = sizeof("jid");
1272 	jiov[1].iov_base = &jid;
1273 	jiov[1].iov_len = sizeof(jid);
1274 	jiov[2].iov_base = __DECONST(char *, "vnet");
1275 	jiov[2].iov_len = sizeof("vnet");
1276 	jiov[3].iov_base = &vnet;
1277 	jiov[3].iov_len = sizeof(vnet);
1278 	jiov[4].iov_base = __DECONST(char *, "errmsg");
1279 	jiov[4].iov_len = sizeof("errmsg");
1280 	jiov[5].iov_base = jail_errmsg;
1281 	jiov[5].iov_len = JAIL_ERRMSGLEN;
1282 	jail_errmsg[0] = '\0';
1283 	if (jail_get(jiov, nitems(jiov), 0) < 0) {
1284 		if (!jail_errmsg[0])
1285 			snprintf(jail_errmsg, JAIL_ERRMSGLEN,
1286 			    "jail_get: %s", strerror(errno));
1287 		return (-1);
1288 	}
1289 	return (vnet);
1290 }
1291 
1292 static void
1293 usage(void)
1294 {
1295 	fprintf(stderr,
1296 	    "usage: sockstat [-46cLlSsUuvw] [-j jid] [-p ports] [-P protocols]\n");
1297 	exit(1);
1298 }
1299 
1300 int
1301 main(int argc, char *argv[])
1302 {
1303 	int protos_defined = -1;
1304 	int o, i;
1305 
1306 	opt_j = -1;
1307 	while ((o = getopt(argc, argv, "46Ccj:Llp:P:qSsUuvw")) != -1)
1308 		switch (o) {
1309 		case '4':
1310 			opt_4 = 1;
1311 			break;
1312 		case '6':
1313 			opt_6 = 1;
1314 			break;
1315 		case 'C':
1316 			opt_C = 1;
1317 			break;
1318 		case 'c':
1319 			opt_c = 1;
1320 			break;
1321 		case 'j':
1322 			opt_j = jail_getid(optarg);
1323 			if (opt_j < 0)
1324 				errx(1, "%s", jail_errmsg);
1325 			break;
1326 		case 'L':
1327 			opt_L = 1;
1328 			break;
1329 		case 'l':
1330 			opt_l = 1;
1331 			break;
1332 		case 'p':
1333 			parse_ports(optarg);
1334 			break;
1335 		case 'P':
1336 			protos_defined = parse_protos(optarg);
1337 			break;
1338 		case 'q':
1339 			opt_q = 1;
1340 			break;
1341 		case 'S':
1342 			opt_S = 1;
1343 			break;
1344 		case 's':
1345 			opt_s = 1;
1346 			break;
1347 		case 'U':
1348 			opt_U = 1;
1349 			break;
1350 		case 'u':
1351 			opt_u = 1;
1352 			break;
1353 		case 'v':
1354 			++opt_v;
1355 			break;
1356 		case 'w':
1357 			opt_w = 1;
1358 			break;
1359 		default:
1360 			usage();
1361 		}
1362 
1363 	argc -= optind;
1364 	argv += optind;
1365 
1366 	if (argc > 0)
1367 		usage();
1368 
1369 	if (opt_j > 0) {
1370 		switch (jail_getvnet(opt_j)) {
1371 		case -1:
1372 			errx(2, "%s", jail_errmsg);
1373 		case JAIL_SYS_NEW:
1374 			if (jail_attach(opt_j) < 0)
1375 				errx(3, "%s", jail_errmsg);
1376 			/* Set back to -1 for normal output in vnet jail. */
1377 			opt_j = -1;
1378 			break;
1379 		default:
1380 			break;
1381 		}
1382 	}
1383 
1384 	if ((!opt_4 && !opt_6) && protos_defined != -1)
1385 		opt_4 = opt_6 = 1;
1386 	if (!opt_4 && !opt_6 && !opt_u)
1387 		opt_4 = opt_6 = opt_u = 1;
1388 	if ((opt_4 || opt_6) && protos_defined == -1)
1389 		protos_defined = set_default_protos();
1390 	if (!opt_c && !opt_l)
1391 		opt_c = opt_l = 1;
1392 
1393 	if (opt_4 || opt_6) {
1394 		for (i = 0; i < protos_defined; i++)
1395 			if (protos[i] == IPPROTO_SCTP)
1396 				gather_sctp();
1397 			else
1398 				gather_inet(protos[i]);
1399 	}
1400 
1401 	if (opt_u || (protos_defined == -1 && !opt_4 && !opt_6)) {
1402 		gather_unix(SOCK_STREAM);
1403 		gather_unix(SOCK_DGRAM);
1404 		gather_unix(SOCK_SEQPACKET);
1405 	}
1406 	getfiles();
1407 	display();
1408 	exit(0);
1409 }
1410