xref: /freebsd/usr.bin/systat/netstat.c (revision 5bb3134a8c21cb87b30e135ef168483f0333dabb)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1980, 1992, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. Neither the name of the University nor the names of its contributors
16  *    may be used to endorse or promote products derived from this software
17  *    without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  */
31 
32 #include <sys/cdefs.h>
33 
34 __FBSDID("$FreeBSD$");
35 
36 #ifdef lint
37 static const char sccsid[] = "@(#)netstat.c	8.1 (Berkeley) 6/6/93";
38 #endif
39 
40 /*
41  * netstat
42  */
43 #include <sys/param.h>
44 #include <sys/queue.h>
45 #include <sys/socket.h>
46 #define	_WANT_SOCKET
47 #include <sys/socketvar.h>
48 #include <sys/protosw.h>
49 
50 #include <netinet/in.h>
51 #include <arpa/inet.h>
52 #include <net/route.h>
53 #include <netinet/in_systm.h>
54 #include <netinet/ip.h>
55 #ifdef INET6
56 #include <netinet/ip6.h>
57 #endif
58 #define	_WANT_INPCB
59 #include <netinet/in_pcb.h>
60 #include <netinet/ip_icmp.h>
61 #include <netinet/icmp_var.h>
62 #include <netinet/ip_var.h>
63 #include <netinet/tcp.h>
64 #include <netinet/tcpip.h>
65 #include <netinet/tcp_seq.h>
66 #define TCPSTATES
67 #include <netinet/tcp_fsm.h>
68 #include <netinet/tcp_timer.h>
69 #define	_WANT_TCPCB
70 #include <netinet/tcp_var.h>
71 #include <netinet/tcp_debug.h>
72 #include <netinet/udp.h>
73 #include <netinet/udp_var.h>
74 
75 #include <netdb.h>
76 #include <nlist.h>
77 #include <paths.h>
78 #include <stdlib.h>
79 #include <string.h>
80 
81 #include "systat.h"
82 #include "extern.h"
83 
84 static struct netinfo *enter(struct in_conninfo *, uint8_t, int, const char *);
85 static void enter_kvm(struct inpcb *, struct socket *, int, const char *);
86 static void enter_sysctl(struct xinpcb *, struct xsocket *, int, const char *);
87 static void fetchnetstat_kvm(void);
88 static void fetchnetstat_sysctl(void);
89 static char *inetname(struct sockaddr *);
90 static void inetprint(struct sockaddr *, const char *);
91 
92 #define	streq(a,b)	(strcmp(a,b)==0)
93 #define	YMAX(w)		(getmaxy(w)-2)
94 
95 WINDOW *
96 opennetstat(void)
97 {
98 	sethostent(1);
99 	setnetent(1);
100 	return (subwin(stdscr, LINES-3-1, 0, MAINWIN_ROW, 0));
101 }
102 
103 struct netinfo {
104 	TAILQ_ENTRY(netinfo) chain;
105 	short	ni_line;		/* line on screen */
106 	short	ni_seen;		/* 0 when not present in list */
107 	short	ni_flags;
108 #define	NIF_LACHG	0x1		/* local address changed */
109 #define	NIF_FACHG	0x2		/* foreign address changed */
110 	short	ni_state;		/* tcp state */
111 	const char	*ni_proto;		/* protocol */
112 	struct sockaddr_storage ni_lsa;	/* local address */
113 	struct sockaddr_storage	ni_fsa;	/* foreign address */
114 	u_int	ni_rcvcc;		/* rcv buffer character count */
115 	u_int	ni_sndcc;		/* snd buffer character count */
116 };
117 
118 static TAILQ_HEAD(netinfohead, netinfo) netcb = TAILQ_HEAD_INITIALIZER(netcb);
119 
120 static	int aflag = 0;
121 static	int nflag = 0;
122 static	int lastrow = 1;
123 
124 void
125 closenetstat(WINDOW *w)
126 {
127 	struct netinfo *p;
128 
129 	endhostent();
130 	endnetent();
131 	TAILQ_FOREACH(p, &netcb, chain) {
132 		if (p->ni_line != -1)
133 			lastrow--;
134 		p->ni_line = -1;
135 	}
136 	if (w != NULL) {
137 		wclear(w);
138 		wrefresh(w);
139 		delwin(w);
140 	}
141 }
142 
143 static const char *miblist[] = {
144 	"net.inet.tcp.pcblist",
145 	"net.inet.udp.pcblist"
146 };
147 
148 static char tcb[] = "tcb", udb[] = "udb";
149 
150 struct nlist namelist[] = {
151 #define	X_TCB	0
152 	{ .n_name = tcb },
153 #define	X_UDB	1
154 	{ .n_name = udb },
155 	{ .n_name = NULL },
156 };
157 
158 int
159 initnetstat(void)
160 {
161 	protos = TCP|UDP;
162 	return(1);
163 }
164 
165 void
166 fetchnetstat(void)
167 {
168 	if (use_kvm)
169 		fetchnetstat_kvm();
170 	else
171 		fetchnetstat_sysctl();
172 }
173 
174 static void
175 fetchnetstat_kvm(void)
176 {
177 	struct inpcb *next;
178 	struct netinfo *p;
179 	struct inpcbhead head;
180 	struct inpcb inpcb;
181 	struct socket sockb;
182 	struct tcpcb tcpcb;
183 	void *off;
184 	int istcp;
185 
186 	if (namelist[X_TCB].n_value == 0)
187 		return;
188 	TAILQ_FOREACH(p, &netcb, chain)
189 		p->ni_seen = 0;
190 	if (protos&TCP) {
191 		off = NPTR(X_TCB);
192 		istcp = 1;
193 	}
194 	else if (protos&UDP) {
195 		off = NPTR(X_UDB);
196 		istcp = 0;
197 	}
198 	else {
199 		error("No protocols to display");
200 		return;
201 	}
202 again:
203 	KREAD(off, &head, sizeof (struct inpcbhead));
204 	LIST_FOREACH(next, &head, inp_list) {
205 		KREAD(next, &inpcb, sizeof (inpcb));
206 		next = &inpcb;
207 		if (!aflag) {
208 			if (inpcb.inp_vflag & INP_IPV4) {
209 				if (inpcb.inp_laddr.s_addr == INADDR_ANY)
210 					continue;
211 			}
212 #ifdef INET6
213 			else if (inpcb.inp_vflag & INP_IPV6) {
214 				if (memcmp(&inpcb.in6p_laddr,
215 				    &in6addr_any, sizeof(in6addr_any)) == 0)
216 					continue;
217 			}
218 #endif
219 		}
220 		if (nhosts && !checkhost(&inpcb.inp_inc))
221 			continue;
222 		if (nports && !checkport(&inpcb.inp_inc))
223 			continue;
224 		if (istcp) {
225 			if (inpcb.inp_flags & INP_TIMEWAIT) {
226 				bzero(&sockb, sizeof(sockb));
227 				enter_kvm(&inpcb, &sockb, TCPS_TIME_WAIT,
228 					 "tcp");
229 			} else {
230 				KREAD(inpcb.inp_socket, &sockb,
231 					sizeof (sockb));
232 				KREAD(inpcb.inp_ppcb, &tcpcb, sizeof (tcpcb));
233 				enter_kvm(&inpcb, &sockb, tcpcb.t_state,
234 					"tcp");
235 			}
236 		} else
237 			enter_kvm(&inpcb, &sockb, 0, "udp");
238 	}
239 	if (istcp && (protos&UDP)) {
240 		istcp = 0;
241 		off = NPTR(X_UDB);
242 		goto again;
243 	}
244 }
245 
246 static void
247 fetchnetstat_sysctl(void)
248 {
249 	struct netinfo *p;
250 	int idx;
251 	struct xinpgen *inpg;
252 	char *cur, *end;
253 	struct xinpcb *xip = NULL;
254 	struct xtcpcb *xtp = NULL;
255 	int plen;
256 	size_t lsz;
257 
258 	TAILQ_FOREACH(p, &netcb, chain)
259 		p->ni_seen = 0;
260 	if (protos&TCP) {
261 		idx = 0;
262 	} else if (protos&UDP) {
263 		idx = 1;
264 	} else {
265 		error("No protocols to display");
266 		return;
267 	}
268 
269 	for (;idx < 2; idx++) {
270 		if (idx == 1 && !(protos&UDP))
271 			break;
272 		inpg = (struct xinpgen *)sysctl_dynread(miblist[idx], &lsz);
273 		if (inpg == NULL) {
274 			error("sysctl(%s...) failed", miblist[idx]);
275 			continue;
276 		}
277 		/*
278 		 * We currently do no require a consistent pcb list.
279 		 * Try to be robust in case of struct size changes
280 		 */
281 		cur = ((char *)inpg) + inpg->xig_len;
282 		/* There is also a trailing struct xinpgen */
283 		end = ((char *)inpg) + lsz - inpg->xig_len;
284 		if (end <= cur) {
285 			free(inpg);
286 			continue;
287 		}
288 		if (idx == 0) { /* TCP */
289 			xtp = (struct xtcpcb *)cur;
290 			plen = xtp->xt_len;
291 		} else {
292 			xip = (struct xinpcb *)cur;
293 			plen = xip->xi_len;
294 		}
295 		while (cur + plen <= end) {
296 			if (idx == 0) { /* TCP */
297 				xtp = (struct xtcpcb *)cur;
298 				xip = &xtp->xt_inp;
299 			} else {
300 				xip = (struct xinpcb *)cur;
301 			}
302 			cur += plen;
303 
304 			if (!aflag) {
305 				if (xip->inp_vflag & INP_IPV4) {
306 					if (xip->inp_laddr.s_addr == INADDR_ANY)
307 						continue;
308 				}
309 #ifdef INET6
310 				else if (xip->inp_vflag & INP_IPV6) {
311 					if (memcmp(&xip->in6p_laddr,
312 					    &in6addr_any, sizeof(in6addr_any))
313 					    == 0)
314 						continue;
315 				}
316 #endif
317 			}
318 			if (nhosts && !checkhost(&xip->inp_inc))
319 				continue;
320 			if (nports && !checkport(&xip->inp_inc))
321 				continue;
322 			if (idx == 0)
323 				enter_sysctl(xip, &xip->xi_socket,
324 				    xtp->t_state, "tcp");
325 			else
326 				enter_sysctl(xip, &xip->xi_socket, 0, "udp");
327 		}
328 		free(inpg);
329 	}
330 }
331 
332 static void
333 enter_kvm(struct inpcb *inp, struct socket *so, int state, const char *proto)
334 {
335 	struct netinfo *p;
336 
337 	if ((p = enter(&inp->inp_inc, inp->inp_vflag, state, proto)) != NULL) {
338 		p->ni_rcvcc = so->so_rcv.sb_ccc;
339 		p->ni_sndcc = so->so_snd.sb_ccc;
340 	}
341 }
342 
343 static void
344 enter_sysctl(struct xinpcb *xip, struct xsocket *so, int state,
345     const char *proto)
346 {
347 	struct netinfo *p;
348 
349 	if ((p = enter(&xip->inp_inc, xip->inp_vflag, state, proto)) != NULL) {
350 		p->ni_rcvcc = so->so_rcv.sb_cc;
351 		p->ni_sndcc = so->so_snd.sb_cc;
352 	}
353 }
354 
355 static struct netinfo *
356 enter(struct in_conninfo *inc, uint8_t vflag, int state, const char *proto)
357 {
358 	struct netinfo *p;
359 	struct sockaddr_storage lsa, fsa;
360 	struct sockaddr_in *sa4;
361 #ifdef INET6
362 	struct sockaddr_in6 *sa6;
363 #endif
364 
365 	memset(&lsa, 0, sizeof(lsa));
366 	memset(&fsa, 0, sizeof(fsa));
367 	if (vflag & INP_IPV4) {
368 		sa4 = (struct sockaddr_in *)&lsa;
369 		sa4->sin_addr = inc->inc_laddr;
370 		sa4->sin_port = inc->inc_lport;
371 		sa4->sin_family = AF_INET;
372 		sa4->sin_len = sizeof(struct sockaddr_in);
373 
374 		sa4 = (struct sockaddr_in *)&fsa;
375 		sa4->sin_addr = inc->inc_faddr;
376 		sa4->sin_port = inc->inc_fport;
377 		sa4->sin_family = AF_INET;
378 		sa4->sin_len = sizeof(struct sockaddr_in);
379 	}
380 #ifdef INET6
381 	else if (vflag & INP_IPV6) {
382 		sa6 = (struct sockaddr_in6 *)&lsa;
383 		memcpy(&sa6->sin6_addr, &inc->inc6_laddr,
384 		    sizeof(struct in6_addr));
385 		sa6->sin6_port = inc->inc_lport;
386 		sa6->sin6_family = AF_INET6;
387 		sa6->sin6_len = sizeof(struct sockaddr_in6);
388 
389 		sa6 = (struct sockaddr_in6 *)&fsa;
390 		memcpy(&sa6->sin6_addr, &inc->inc6_faddr,
391 		    sizeof(struct in6_addr));
392 		sa6->sin6_port = inc->inc_fport;
393 		sa6->sin6_family = AF_INET6;
394 		sa6->sin6_len = sizeof(struct sockaddr_in6);
395 	}
396 #endif
397 	else
398 		return NULL;
399 
400 	/*
401 	 * Only take exact matches, any sockets with
402 	 * previously unbound addresses will be deleted
403 	 * below in the display routine because they
404 	 * will appear as ``not seen'' in the kernel
405 	 * data structures.
406 	 */
407 	TAILQ_FOREACH(p, &netcb, chain) {
408 		if (!streq(proto, p->ni_proto))
409 			continue;
410 		if (p->ni_lsa.ss_family != lsa.ss_family ||
411 		    memcmp(&p->ni_lsa, &lsa, lsa.ss_len) != 0)
412 			continue;
413 		if (p->ni_fsa.ss_family == fsa.ss_family &&
414 		    memcmp(&p->ni_fsa, &fsa, fsa.ss_len) == 0)
415 			break;
416 	}
417 	if (p == NULL) {
418 		if ((p = malloc(sizeof(*p))) == NULL) {
419 			error("Out of memory");
420 			return NULL;
421 		}
422 		TAILQ_INSERT_HEAD(&netcb, p, chain);
423 		p->ni_line = -1;
424 		memcpy(&p->ni_lsa, &lsa, lsa.ss_len);
425 		memcpy(&p->ni_fsa, &fsa, fsa.ss_len);
426 		p->ni_proto = strdup(proto);
427 		p->ni_flags = NIF_LACHG|NIF_FACHG;
428 	}
429 	p->ni_state = state;
430 	p->ni_seen = 1;
431 	return p;
432 }
433 
434 /* column locations */
435 #define	LADDR	0
436 #define	FADDR	LADDR+23
437 #define	PROTO	FADDR+23
438 #define	RCVCC	PROTO+6
439 #define	SNDCC	RCVCC+7
440 #define	STATE	SNDCC+7
441 
442 void
443 labelnetstat(void)
444 {
445 	if (use_kvm && namelist[X_TCB].n_type == 0)
446 		return;
447 	wmove(wnd, 0, 0); wclrtobot(wnd);
448 	mvwaddstr(wnd, 0, LADDR, "Local Address");
449 	mvwaddstr(wnd, 0, FADDR, "Foreign Address");
450 	mvwaddstr(wnd, 0, PROTO, "Proto");
451 	mvwaddstr(wnd, 0, RCVCC, "Recv-Q");
452 	mvwaddstr(wnd, 0, SNDCC, "Send-Q");
453 	mvwaddstr(wnd, 0, STATE, "(state)");
454 }
455 
456 void
457 shownetstat(void)
458 {
459 	struct netinfo *p, *q;
460 	char proto[6];
461 	const char *family = "";
462 
463 	/*
464 	 * First, delete any connections that have gone
465 	 * away and adjust the position of connections
466 	 * below to reflect the deleted line.
467 	 */
468 	p = TAILQ_FIRST(&netcb);
469 	while (p != NULL) {
470 		if (p->ni_line == -1 || p->ni_seen) {
471 			p = TAILQ_NEXT(p, chain);
472 			continue;
473 		}
474 		wmove(wnd, p->ni_line, 0); wdeleteln(wnd);
475 		TAILQ_FOREACH(q, &netcb, chain)
476 			if (q != p && q->ni_line > p->ni_line) {
477 				q->ni_line--;
478 				/* this shouldn't be necessary */
479 				q->ni_flags |= NIF_LACHG|NIF_FACHG;
480 			}
481 		lastrow--;
482 		q = TAILQ_NEXT(p, chain);
483 		TAILQ_REMOVE(&netcb, p, chain);
484 		free(p);
485 		p = q;
486 	}
487 	/*
488 	 * Update existing connections and add new ones.
489 	 */
490 	TAILQ_FOREACH(p, &netcb, chain) {
491 		if (p->ni_line == -1) {
492 			/*
493 			 * Add a new entry if possible.
494 			 */
495 			if (lastrow > YMAX(wnd))
496 				continue;
497 			p->ni_line = lastrow++;
498 			p->ni_flags |= NIF_LACHG|NIF_FACHG;
499 		}
500 		if (p->ni_flags & NIF_LACHG) {
501 			wmove(wnd, p->ni_line, LADDR);
502 			inetprint((struct sockaddr *)&p->ni_lsa, p->ni_proto);
503 			p->ni_flags &= ~NIF_LACHG;
504 		}
505 		if (p->ni_flags & NIF_FACHG) {
506 			wmove(wnd, p->ni_line, FADDR);
507 			inetprint((struct sockaddr *)&p->ni_fsa, p->ni_proto);
508 			p->ni_flags &= ~NIF_FACHG;
509 		}
510 #ifdef INET6
511 		family = (p->ni_lsa.ss_family == AF_INET) ? "4" : "6";
512 #endif
513 		snprintf(proto, sizeof(proto), "%s%s", p->ni_proto, family);
514 		mvwaddstr(wnd, p->ni_line, PROTO, proto);
515 		mvwprintw(wnd, p->ni_line, RCVCC, "%6u", p->ni_rcvcc);
516 		mvwprintw(wnd, p->ni_line, SNDCC, "%6u", p->ni_sndcc);
517 		if (streq(p->ni_proto, "tcp")) {
518 			if (p->ni_state < 0 || p->ni_state >= TCP_NSTATES)
519 				mvwprintw(wnd, p->ni_line, STATE, "%d",
520 				    p->ni_state);
521 			else
522 				mvwaddstr(wnd, p->ni_line, STATE,
523 				    tcpstates[p->ni_state]);
524 		}
525 		wclrtoeol(wnd);
526 	}
527 	if (lastrow < YMAX(wnd)) {
528 		wmove(wnd, lastrow, 0); wclrtobot(wnd);
529 		wmove(wnd, YMAX(wnd), 0); wdeleteln(wnd);	/* XXX */
530 	}
531 }
532 
533 /*
534  * Pretty print an Internet address (net address + port).
535  * If the nflag was specified, use numbers instead of names.
536  */
537 static void
538 inetprint(struct sockaddr *sa, const char *proto)
539 {
540 	struct servent *sp = 0;
541 	char line[80], *cp;
542 	int port;
543 
544 	switch (sa->sa_family) {
545 	case AF_INET:
546 		port = ((struct sockaddr_in *)sa)->sin_port;
547 		break;
548 #ifdef INET6
549 	case AF_INET6:
550 		port = ((struct sockaddr_in6 *)sa)->sin6_port;
551 		break;
552 #endif
553 	default:
554 		port = 0;
555 		break;
556 	}
557 	snprintf(line, sizeof(line), "%.*s.", 16, inetname(sa));
558 	cp = strchr(line, '\0');
559 	if (!nflag && port)
560 		sp = getservbyport(port, proto);
561 	if (sp || port == 0)
562 		snprintf(cp, sizeof(line) - (cp - line), "%.8s",
563 		    sp ? sp->s_name : "*");
564 	else
565 		snprintf(cp, sizeof(line) - (cp - line), "%d",
566 		    ntohs((u_short)port));
567 	/* pad to full column to clear any garbage */
568 	cp = strchr(line, '\0');
569 	while (cp - line < 22)
570 		*cp++ = ' ';
571 	line[22] = '\0';
572 	waddstr(wnd, line);
573 }
574 
575 /*
576  * Construct an Internet address representation.
577  * If the nflag has been supplied, give
578  * numeric value, otherwise try for symbolic name.
579  */
580 static char *
581 inetname(struct sockaddr *sa)
582 {
583 	char *cp = 0;
584 	static char line[NI_MAXHOST];
585 	struct hostent *hp;
586 	struct in_addr in;
587 
588 #ifdef INET6
589 	if (sa->sa_family == AF_INET6) {
590 		if (memcmp(&((struct sockaddr_in6 *)sa)->sin6_addr,
591 		    &in6addr_any, sizeof(in6addr_any)) == 0)
592 			strcpy(line, "*");
593 		else
594 			getnameinfo(sa, sa->sa_len, line, sizeof(line), NULL, 0,
595 			    nflag ? NI_NUMERICHOST : 0);
596 		return (line);
597 	}
598 #endif
599 
600 	in = ((struct sockaddr_in *)sa)->sin_addr;
601 	if (!nflag && in.s_addr != INADDR_ANY) {
602 		hp = gethostbyaddr((char *)&in, sizeof (in), AF_INET);
603 		if (hp)
604 			cp = hp->h_name;
605 	}
606 	if (in.s_addr == INADDR_ANY)
607 		strcpy(line, "*");
608 	else if (cp)
609 		snprintf(line, sizeof(line), "%s", cp);
610 	else {
611 		in.s_addr = ntohl(in.s_addr);
612 #define C(x)	((x) & 0xff)
613 		snprintf(line, sizeof(line), "%u.%u.%u.%u", C(in.s_addr >> 24),
614 			C(in.s_addr >> 16), C(in.s_addr >> 8), C(in.s_addr));
615 	}
616 	return (line);
617 }
618 
619 int
620 cmdnetstat(const char *cmd, const char *args)
621 {
622 	if (prefix(cmd, "all")) {
623 		aflag = !aflag;
624 		goto fixup;
625 	}
626 	if  (prefix(cmd, "numbers") || prefix(cmd, "names")) {
627 		struct netinfo *p;
628 		int new;
629 
630 		new = prefix(cmd, "numbers");
631 		if (new == nflag)
632 			return (1);
633 		TAILQ_FOREACH(p, &netcb, chain) {
634 			if (p->ni_line == -1)
635 				continue;
636 			p->ni_flags |= NIF_LACHG|NIF_FACHG;
637 		}
638 		nflag = new;
639 		goto redisplay;
640 	}
641 	if (!netcmd(cmd, args))
642 		return (0);
643 fixup:
644 	fetchnetstat();
645 redisplay:
646 	shownetstat();
647 	refresh();
648 	return (1);
649 }
650