xref: /freebsd/usr.sbin/flowctl/flowctl.c (revision 68d75eff68281c1b445e3010bb975eae07aac225)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2004-2005 Gleb Smirnoff <glebius@FreeBSD.org>
5  * Copyright (c) 2001-2003 Roman V. Palagin <romanp@unshadow.net>
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * $SourceForge: flowctl.c,v 1.15 2004/08/31 20:24:58 glebius Exp $
30  */
31 
32 #ifndef lint
33 static const char rcs_id[] =
34     "@(#) $FreeBSD$";
35 #endif
36 
37 #include <sys/types.h>
38 #include <sys/time.h>
39 #include <sys/socket.h>
40 #include <sys/queue.h>
41 
42 #include <net/if.h>
43 #include <netinet/in.h>
44 
45 #include <arpa/inet.h>
46 
47 #include <err.h>
48 #include <stdio.h>
49 #include <stdlib.h>
50 #include <string.h>
51 #include <sysexits.h>
52 #include <unistd.h>
53 
54 #include <netgraph.h>
55 #include <netgraph/netflow/ng_netflow.h>
56 
57 #define	CISCO_SH_FLOW_HEADER	"SrcIf         SrcIPaddress    " \
58 "DstIf         DstIPaddress    Pr SrcP DstP  Pkts\n"
59 #define	CISCO_SH_FLOW	"%-13s %-15s %-13s %-15s %2u %4.4x %4.4x %6lu\n"
60 
61 /* human-readable IPv4 header */
62 #define	CISCO_SH_FLOW_HHEADER	"SrcIf         SrcIPaddress    " \
63 "DstIf         DstIPaddress    Proto  SrcPort  DstPort     Pkts\n"
64 #define	CISCO_SH_FLOW_H	"%-13s %-15s %-13s %-15s %5u %8d %8d %8lu\n"
65 
66 #define	CISCO_SH_FLOW6_HEADER	"SrcIf         SrcIPaddress                   " \
67 "DstIf         DstIPaddress                   Pr SrcP DstP  Pkts\n"
68 #define	CISCO_SH_FLOW6		"%-13s %-30s %-13s %-30s %2u %4.4x %4.4x %6lu\n"
69 
70 /* Human-readable IPv6 headers */
71 #define	CISCO_SH_FLOW6_HHEADER	"SrcIf         SrcIPaddress                         " \
72 "DstIf         DstIPaddress                         Proto  SrcPort  DstPort     Pkts\n"
73 #define	CISCO_SH_FLOW6_H	"%-13s %-36s %-13s %-36s %5u %8d %8d %8lu\n"
74 
75 #define	CISCO_SH_VERB_FLOW_HEADER "SrcIf          SrcIPaddress    " \
76 "DstIf          DstIPaddress    Pr TOS Flgs  Pkts\n" \
77 "Port Msk AS                    Port Msk AS    NextHop              B/Pk  Active\n"
78 
79 #define	CISCO_SH_VERB_FLOW "%-14s %-15s %-14s %-15s %2u %3x %4x %6lu\n" \
80 	"%4.4x /%-2u %-5u                 %4.4x /%-2u %-5u %-15s %9u %8u\n\n"
81 
82 #define	CISCO_SH_VERB_FLOW6_HEADER "SrcIf          SrcIPaddress                   " \
83 "DstIf          DstIPaddress                   Pr TOS Flgs  Pkts\n" \
84 "Port Msk AS                    Port Msk AS    NextHop                             B/Pk  Active\n"
85 
86 #define	CISCO_SH_VERB_FLOW6 "%-14s %-30s %-14s %-30s %2u %3x %4x %6lu\n" \
87 	"%4.4x /%-2u %-5u                 %4.4x /%-2u %-5u %-30s %9u %8u\n\n"
88 #ifdef INET
89 static void flow_cache_print(struct ngnf_show_header *resp);
90 static void flow_cache_print_verbose(struct ngnf_show_header *resp);
91 #endif
92 #ifdef INET6
93 static void flow_cache_print6(struct ngnf_show_header *resp);
94 static void flow_cache_print6_verbose(struct ngnf_show_header *resp);
95 #endif
96 static void ctl_show(int, char **);
97 #if defined(INET) || defined(INET6)
98 static void do_show(int, void (*func)(struct ngnf_show_header *));
99 #endif
100 static void help(void);
101 static void execute_command(int, char **);
102 
103 struct ip_ctl_cmd {
104 	char	*cmd_name;
105 	void	(*cmd_func)(int argc, char **argv);
106 };
107 
108 struct ip_ctl_cmd cmds[] = {
109     {"show",	ctl_show},
110     {NULL,	NULL},
111 };
112 
113 int	cs, human = 0;
114 char	*ng_path;
115 
116 int
117 main(int argc, char **argv)
118 {
119 	int c;
120 	char sname[NG_NODESIZ];
121 	int rcvbuf = SORCVBUF_SIZE;
122 
123 	/* parse options */
124 	while ((c = getopt(argc, argv, "d:")) != -1) {
125 		switch (c) {
126 		case 'd':	/* set libnetgraph debug level. */
127 			NgSetDebug(atoi(optarg));
128 			break;
129 		}
130 	}
131 
132 	argc -= optind;
133 	argv += optind;
134 	ng_path = argv[0];
135 	if (ng_path == NULL || (strlen(ng_path) > NG_PATHSIZ))
136 		help();
137 	argc--;
138 	argv++;
139 
140 	/* create control socket. */
141 	snprintf(sname, sizeof(sname), "flowctl%i", getpid());
142 
143 	if (NgMkSockNode(sname, &cs, NULL) == -1)
144 		err(1, "NgMkSockNode");
145 
146 	/* set receive buffer size */
147 	if (setsockopt(cs, SOL_SOCKET, SO_RCVBUF, &rcvbuf, sizeof(int)) == -1)
148 		err(1, "setsockopt(SOL_SOCKET, SO_RCVBUF)");
149 
150 	/* parse and execute command */
151 	execute_command(argc, argv);
152 
153 	close(cs);
154 
155 	exit(0);
156 }
157 
158 static void
159 execute_command(int argc, char **argv)
160 {
161 	int cindex = -1;
162 	int i;
163 
164 	if (!argc)
165 		help();
166 	for (i = 0; cmds[i].cmd_name != NULL; i++)
167 		if (!strncmp(argv[0], cmds[i].cmd_name, strlen(argv[0]))) {
168 			if (cindex != -1)
169 				errx(1, "ambiguous command: %s", argv[0]);
170 			cindex = i;
171 		}
172 	if (cindex == -1)
173 		errx(1, "bad command: %s", argv[0]);
174 	argc--;
175 	argv++;
176 	(*cmds[cindex].cmd_func)(argc, argv);
177 }
178 
179 static void
180 ctl_show(int argc, char **argv)
181 {
182 	int ipv4, ipv6, verbose = 0;
183 
184 	ipv4 = feature_present("inet");
185 	ipv6 = feature_present("inet6");
186 
187 	if (argc > 0 && !strncmp(argv[0], "ipv4", 4)) {
188 		ipv6 = 0;
189 		argc--;
190 		argv++;
191 	}
192 	if (argc > 0 && !strncmp(argv[0], "ipv6", 4)) {
193 		ipv4 = 0;
194 		argc--;
195 		argv++;
196 	}
197 
198 	if (argc > 0 && !strncmp(argv[0], "verbose", strlen(argv[0])))
199 		verbose = 1;
200 
201 	if (argc > 0 && !strncmp(argv[0], "human", strlen(argv[0])))
202 		human = 1;
203 
204 #ifdef INET
205 	if (ipv4) {
206 		if (verbose)
207 			do_show(4, &flow_cache_print_verbose);
208 		else
209 			do_show(4, &flow_cache_print);
210 	}
211 #endif
212 
213 #ifdef INET6
214 	if (ipv6) {
215 		if (verbose)
216 			do_show(6, &flow_cache_print6_verbose);
217 		else
218 			do_show(6, &flow_cache_print6);
219 	}
220 #endif
221 }
222 
223 #if defined(INET) || defined(INET6)
224 static void
225 do_show(int version, void (*func)(struct ngnf_show_header *))
226 {
227 	char buf[SORCVBUF_SIZE];
228 	struct ng_mesg *ng_mesg;
229 	struct ngnf_show_header req, *resp;
230 	int token, nread;
231 
232 	ng_mesg = (struct ng_mesg *)buf;
233 	req.version = version;
234 	req.hash_id = req.list_id = 0;
235 
236 	for (;;) {
237 		/* request set of accounting records */
238 		token = NgSendMsg(cs, ng_path, NGM_NETFLOW_COOKIE,
239 		    NGM_NETFLOW_SHOW, (void *)&req, sizeof(req));
240 		if (token == -1)
241 			err(1, "NgSendMsg(NGM_NETFLOW_SHOW)");
242 
243 		/* read reply */
244 		nread = NgRecvMsg(cs, ng_mesg, SORCVBUF_SIZE, NULL);
245 		if (nread == -1)
246 			err(1, "NgRecvMsg() failed");
247 
248 		if (ng_mesg->header.token != token)
249 			err(1, "NgRecvMsg(NGM_NETFLOW_SHOW): token mismatch");
250 
251 		resp = (struct ngnf_show_header *)ng_mesg->data;
252 		if ((ng_mesg->header.arglen < (sizeof(*resp))) ||
253 		    (ng_mesg->header.arglen < (sizeof(*resp) +
254 		    (resp->nentries * sizeof(struct flow_entry_data)))))
255 			err(1, "NgRecvMsg(NGM_NETFLOW_SHOW): arglen too small");
256 
257 		(*func)(resp);
258 
259 		if (resp->hash_id != 0)
260 			req.hash_id = resp->hash_id;
261 		else
262 			break;
263 		req.list_id = resp->list_id;
264 	}
265 }
266 #endif
267 
268 #ifdef INET
269 static void
270 flow_cache_print(struct ngnf_show_header *resp)
271 {
272 	struct flow_entry_data *fle;
273 	char src[INET_ADDRSTRLEN], dst[INET_ADDRSTRLEN];
274 	char src_if[IFNAMSIZ], dst_if[IFNAMSIZ];
275 	int i;
276 
277 	if (resp->version != 4)
278 		errx(EX_SOFTWARE, "%s: version mismatch: %u",
279 		    __func__, resp->version);
280 
281 	if (resp->nentries > 0)
282 		printf(human ? CISCO_SH_FLOW_HHEADER : CISCO_SH_FLOW_HEADER);
283 
284 	fle = (struct flow_entry_data *)(resp + 1);
285 	for (i = 0; i < resp->nentries; i++, fle++) {
286 		inet_ntop(AF_INET, &fle->r.r_src, src, sizeof(src));
287 		inet_ntop(AF_INET, &fle->r.r_dst, dst, sizeof(dst));
288 		printf(human ? CISCO_SH_FLOW_H : CISCO_SH_FLOW,
289 			if_indextoname(fle->fle_i_ifx, src_if),
290 			src,
291 			if_indextoname(fle->fle_o_ifx, dst_if),
292 			dst,
293 			fle->r.r_ip_p,
294 			ntohs(fle->r.r_sport),
295 			ntohs(fle->r.r_dport),
296 			fle->packets);
297 
298 	}
299 }
300 #endif
301 
302 #ifdef INET6
303 static void
304 flow_cache_print6(struct ngnf_show_header *resp)
305 {
306 	struct flow6_entry_data *fle6;
307 	char src6[INET6_ADDRSTRLEN], dst6[INET6_ADDRSTRLEN];
308 	char src_if[IFNAMSIZ], dst_if[IFNAMSIZ];
309 	int i;
310 
311 	if (resp->version != 6)
312 		errx(EX_SOFTWARE, "%s: version mismatch: %u",
313 		    __func__, resp->version);
314 
315 	if (resp->nentries > 0)
316 		printf(human ? CISCO_SH_FLOW6_HHEADER : CISCO_SH_FLOW6_HEADER);
317 
318 	fle6 = (struct flow6_entry_data *)(resp + 1);
319 	for (i = 0; i < resp->nentries; i++, fle6++) {
320 		inet_ntop(AF_INET6, &fle6->r.src.r_src6, src6, sizeof(src6));
321 		inet_ntop(AF_INET6, &fle6->r.dst.r_dst6, dst6, sizeof(dst6));
322 		printf(human ? CISCO_SH_FLOW6_H : CISCO_SH_FLOW6,
323 			if_indextoname(fle6->fle_i_ifx, src_if),
324 			src6,
325 			if_indextoname(fle6->fle_o_ifx, dst_if),
326 			dst6,
327 			fle6->r.r_ip_p,
328 			ntohs(fle6->r.r_sport),
329 			ntohs(fle6->r.r_dport),
330 			fle6->packets);
331 
332 	}
333 }
334 #endif
335 
336 #ifdef INET
337 static void
338 flow_cache_print_verbose(struct ngnf_show_header *resp)
339 {
340 	struct flow_entry_data *fle;
341 	char src[INET_ADDRSTRLEN], dst[INET_ADDRSTRLEN], next[INET_ADDRSTRLEN];
342 	char src_if[IFNAMSIZ], dst_if[IFNAMSIZ];
343 	int i;
344 
345 	if (resp->version != 4)
346 		errx(EX_SOFTWARE, "%s: version mismatch: %u",
347 		    __func__, resp->version);
348 
349 	printf(CISCO_SH_VERB_FLOW_HEADER);
350 
351 	fle = (struct flow_entry_data *)(resp + 1);
352 	for (i = 0; i < resp->nentries; i++, fle++) {
353 		inet_ntop(AF_INET, &fle->r.r_src, src, sizeof(src));
354 		inet_ntop(AF_INET, &fle->r.r_dst, dst, sizeof(dst));
355 		inet_ntop(AF_INET, &fle->next_hop, next, sizeof(next));
356 		printf(CISCO_SH_VERB_FLOW,
357 			if_indextoname(fle->fle_i_ifx, src_if),
358 			src,
359 			if_indextoname(fle->fle_o_ifx, dst_if),
360 			dst,
361 			fle->r.r_ip_p,
362 			fle->r.r_tos,
363 			fle->tcp_flags,
364 			fle->packets,
365 			ntohs(fle->r.r_sport),
366 			fle->src_mask,
367 			0,
368 			ntohs(fle->r.r_dport),
369 			fle->dst_mask,
370 			0,
371 			next,
372 			(u_int)(fle->bytes / fle->packets),
373 			0);
374 
375 	}
376 }
377 #endif
378 
379 #ifdef INET6
380 static void
381 flow_cache_print6_verbose(struct ngnf_show_header *resp)
382 {
383 	struct flow6_entry_data *fle6;
384 	char src6[INET6_ADDRSTRLEN], dst6[INET6_ADDRSTRLEN], next6[INET6_ADDRSTRLEN];
385 	char src_if[IFNAMSIZ], dst_if[IFNAMSIZ];
386 	int i;
387 
388 	if (resp->version != 6)
389 		errx(EX_SOFTWARE, "%s: version mismatch: %u",
390 		    __func__, resp->version);
391 
392 	printf(CISCO_SH_VERB_FLOW6_HEADER);
393 
394 	fle6 = (struct flow6_entry_data *)(resp + 1);
395 	for (i = 0; i < resp->nentries; i++, fle6++) {
396 		inet_ntop(AF_INET6, &fle6->r.src.r_src6, src6, sizeof(src6));
397 		inet_ntop(AF_INET6, &fle6->r.dst.r_dst6, dst6, sizeof(dst6));
398 		inet_ntop(AF_INET6, &fle6->n.next_hop6, next6, sizeof(next6));
399 		printf(CISCO_SH_VERB_FLOW6,
400 			if_indextoname(fle6->fle_i_ifx, src_if),
401 			src6,
402 			if_indextoname(fle6->fle_o_ifx, dst_if),
403 			dst6,
404 			fle6->r.r_ip_p,
405 			fle6->r.r_tos,
406 			fle6->tcp_flags,
407 			fle6->packets,
408 			ntohs(fle6->r.r_sport),
409 			fle6->src_mask,
410 			0,
411 			ntohs(fle6->r.r_dport),
412 			fle6->dst_mask,
413 			0,
414 			next6,
415 			(u_int)(fle6->bytes / fle6->packets),
416 			0);
417 	}
418 }
419 #endif
420 
421 static void
422 help(void)
423 {
424 	extern char *__progname;
425 
426 	fprintf(stderr, "usage: %s [-d level] nodename command\n", __progname);
427 	exit (0);
428 }
429