main.c revision 148744
1/* 2 * Copyright (c) 1983, 1988, 1993 3 * Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#ifndef lint 35char const copyright[] = 36"@(#) Copyright (c) 1983, 1988, 1993\n\ 37 Regents of the University of California. All rights reserved.\n"; 38#endif /* not lint */ 39 40#if 0 41#ifndef lint 42static char sccsid[] = "@(#)main.c 8.4 (Berkeley) 3/1/94"; 43#endif /* not lint */ 44#endif 45 46#include <sys/cdefs.h> 47__FBSDID("$FreeBSD: head/usr.bin/netstat/main.c 148744 2005-08-05 18:45:49Z phk $"); 48 49#include <sys/param.h> 50#include <sys/file.h> 51#include <sys/protosw.h> 52#include <sys/socket.h> 53 54#include <netinet/in.h> 55 56#include <netgraph/ng_socket.h> 57 58#include <ctype.h> 59#include <err.h> 60#include <errno.h> 61#include <kvm.h> 62#include <limits.h> 63#include <netdb.h> 64#include <nlist.h> 65#include <paths.h> 66#include <stdio.h> 67#include <stdlib.h> 68#include <string.h> 69#include <unistd.h> 70#include "netstat.h" 71 72static struct nlist nl[] = { 73#define N_IFNET 0 74 { "_ifnet" }, 75#define N_RTSTAT 1 76 { "_rtstat" }, 77#define N_RTREE 2 78 { "_rt_tables"}, 79#define N_MRTSTAT 3 80 { "_mrtstat" }, 81#define N_MFCTABLE 4 82 { "_mfctable" }, 83#define N_VIFTABLE 5 84 { "_viftable" }, 85#define N_IPX 6 86 { "_ipxpcb_list"}, 87#define N_IPXSTAT 7 88 { "_ipxstat"}, 89#define N_SPXSTAT 8 90 { "_spx_istat"}, 91#define N_DDPSTAT 9 92 { "_ddpstat"}, 93#define N_DDPCB 10 94 { "_ddpcb"}, 95#define N_NGSOCKS 11 96 { "_ngsocklist"}, 97#define N_IP6STAT 12 98 { "_ip6stat" }, 99#define N_ICMP6STAT 13 100 { "_icmp6stat" }, 101#define N_IPSECSTAT 14 102 { "_ipsecstat" }, 103#define N_IPSEC6STAT 15 104 { "_ipsec6stat" }, 105#define N_PIM6STAT 16 106 { "_pim6stat" }, 107#define N_MRT6STAT 17 108 { "_mrt6stat" }, 109#define N_MF6CTABLE 18 110 { "_mf6ctable" }, 111#define N_MIF6TABLE 19 112 { "_mif6table" }, 113#define N_PFKEYSTAT 20 114 { "_pfkeystat" }, 115#define N_MBSTAT 21 116 { "_mbstat" }, 117#define N_MBTYPES 22 118 { "_mbtypes" }, 119#define N_NMBCLUSTERS 23 120 { "_nmbclusters" }, 121#define N_NMBUFS 24 122 { "_nmbufs" }, 123#define N_MBHI 25 124 { "_mbuf_hiwm" }, 125#define N_CLHI 26 126 { "_clust_hiwm" }, 127#define N_NCPUS 27 128 { "_smp_cpus" }, 129#define N_PAGESZ 28 130 { "_pagesize" }, 131#define N_MBPSTAT 29 132 { "_mb_statpcpu" }, 133#define N_RTTRASH 30 134 { "_rttrash" }, 135#define N_MBLO 31 136 { "_mbuf_lowm" }, 137#define N_CLLO 32 138 { "_clust_lowm" }, 139#define N_CARPSTAT 33 140 { "_carpstats" }, 141#define N_PFSYNCSTAT 34 142 { "_pfsyncstats" }, 143 { "" }, 144}; 145 146struct protox { 147 u_char pr_index; /* index into nlist of cb head */ 148 u_char pr_sindex; /* index into nlist of stat block */ 149 u_char pr_wanted; /* 1 if wanted, 0 otherwise */ 150 void (*pr_cblocks)(u_long, const char *, int); 151 /* control blocks printing routine */ 152 void (*pr_stats)(u_long, const char *, int); 153 /* statistics printing routine */ 154 void (*pr_istats)(char *); /* per/if statistics printing routine */ 155 const char *pr_name; /* well-known name */ 156 u_long pr_usesysctl; /* non-zero if we use sysctl, not kvm */ 157} protox[] = { 158 { -1, -1, 1, protopr, 159 tcp_stats, NULL, "tcp", IPPROTO_TCP }, 160 { -1, -1, 1, protopr, 161 udp_stats, NULL, "udp", IPPROTO_UDP }, 162 { -1, -1, 1, protopr, 163 NULL, NULL, "divert",IPPROTO_DIVERT }, 164 { -1, -1, 1, protopr, 165 ip_stats, NULL, "ip", IPPROTO_RAW }, 166 { -1, -1, 1, protopr, 167 icmp_stats, NULL, "icmp", IPPROTO_ICMP }, 168 { -1, -1, 1, protopr, 169 igmp_stats, NULL, "igmp", IPPROTO_IGMP }, 170#ifdef IPSEC 171 { -1, N_IPSECSTAT, 1, NULL, 172 ipsec_stats, NULL, "ipsec", 0}, 173#endif 174 { -1, -1, 1, NULL, 175 bdg_stats, NULL, "bdg", 1 /* bridging... */ }, 176 { -1, -1, 1, protopr, 177 pim_stats, NULL, "pim", IPPROTO_PIM }, 178 { -1, N_CARPSTAT, 1, 0, 179 carp_stats, NULL, "carp", 0}, 180 { -1, -1, 1, NULL, 181 pfsync_stats, NULL, "pfsync", 1}, 182 { -1, -1, 0, NULL, 183 NULL, NULL, NULL, 0 } 184}; 185 186#ifdef INET6 187struct protox ip6protox[] = { 188 { -1, -1, 1, protopr, 189 tcp_stats, NULL, "tcp", IPPROTO_TCP }, 190 { -1, -1, 1, protopr, 191 udp_stats, NULL, "udp", IPPROTO_UDP }, 192 { -1, N_IP6STAT, 1, protopr, 193 ip6_stats, ip6_ifstats, "ip6", IPPROTO_RAW }, 194 { -1, N_ICMP6STAT, 1, protopr, 195 icmp6_stats, icmp6_ifstats, "icmp6",IPPROTO_ICMPV6 }, 196#ifdef IPSEC 197 { -1, N_IPSEC6STAT, 1, NULL, 198 ipsec_stats, NULL, "ipsec6",0 }, 199#endif 200#ifdef notyet 201 { -1, N_PIM6STAT, 1, NULL, 202 pim6_stats, NULL, "pim6", 0 }, 203#endif 204 { -1, -1, 1, NULL, 205 rip6_stats, NULL, "rip6", 0 }, 206 { -1, -1, 1, NULL, 207 bdg_stats, NULL, "bdg", 1 /* bridging... */ }, 208 { -1, -1, 0, NULL, 209 NULL, NULL, NULL, 0 } 210}; 211#endif /*INET6*/ 212 213#ifdef IPSEC 214struct protox pfkeyprotox[] = { 215 { -1, N_PFKEYSTAT, 1, NULL, 216 pfkey_stats, NULL, "pfkey", 0 }, 217 { -1, -1, 0, NULL, 218 NULL, NULL, NULL, 0 } 219}; 220#endif 221 222struct protox atalkprotox[] = { 223 { N_DDPCB, N_DDPSTAT, 1, atalkprotopr, 224 ddp_stats, NULL, "ddp", 0 }, 225 { -1, -1, 0, NULL, 226 NULL, NULL, NULL, 0 } 227}; 228 229struct protox netgraphprotox[] = { 230 { N_NGSOCKS, -1, 1, netgraphprotopr, 231 NULL, NULL, "ctrl", 0 }, 232 { N_NGSOCKS, -1, 1, netgraphprotopr, 233 NULL, NULL, "data", 0 }, 234 { -1, -1, 0, NULL, 235 NULL, NULL, NULL, 0 } 236}; 237 238#ifdef IPX 239struct protox ipxprotox[] = { 240 { N_IPX, N_IPXSTAT, 1, ipxprotopr, 241 ipx_stats, NULL, "ipx", 0 }, 242 { N_IPX, N_SPXSTAT, 1, ipxprotopr, 243 spx_stats, NULL, "spx", 0 }, 244 { -1, -1, 0, NULL, 245 NULL, NULL, 0, 0 } 246}; 247#endif 248 249struct protox *protoprotox[] = { 250 protox, 251#ifdef INET6 252 ip6protox, 253#endif 254#ifdef IPSEC 255 pfkeyprotox, 256#endif 257#ifdef IPX 258 ipxprotox, 259#endif 260 atalkprotox, NULL }; 261 262const char *pluralies(int); 263static void printproto(struct protox *, const char *); 264static void usage(void); 265static struct protox *name2protox(char *); 266static struct protox *knownname(char *); 267 268static kvm_t *kvmd; 269static char *nlistf = NULL, *memf = NULL; 270 271int Aflag; /* show addresses of protocol control block */ 272int aflag; /* show all sockets (including servers) */ 273int bflag; /* show i/f total bytes in/out */ 274int dflag; /* show i/f dropped packets */ 275int gflag; /* show group (multicast) routing or stats */ 276int iflag; /* show interfaces */ 277int Lflag; /* show size of listen queues */ 278int mflag; /* show memory stats */ 279int numeric_addr; /* show addresses numerically */ 280int numeric_port; /* show ports numerically */ 281static int pflag; /* show given protocol */ 282int rflag; /* show routing tables (or routing stats) */ 283int sflag; /* show protocol statistics */ 284int tflag; /* show i/f watchdog timers */ 285int Wflag; /* wide display */ 286int zflag; /* zero stats */ 287 288int interval; /* repeat interval for i/f stats */ 289 290char *interface; /* desired i/f for stats, or NULL for all i/fs */ 291int unit; /* unit number for above */ 292 293int af; /* address family */ 294 295int 296main(int argc, char *argv[]) 297{ 298 struct protox *tp = NULL; /* for printing cblocks & stats */ 299 int ch; 300 301 af = AF_UNSPEC; 302 303 while ((ch = getopt(argc, argv, "Aabdf:gI:iLlM:mN:np:rSstuWw:z")) != -1) 304 switch(ch) { 305 case 'A': 306 Aflag = 1; 307 break; 308 case 'a': 309 aflag = 1; 310 break; 311 case 'b': 312 bflag = 1; 313 break; 314 case 'd': 315 dflag = 1; 316 break; 317 case 'f': 318 if (strcmp(optarg, "ipx") == 0) 319 af = AF_IPX; 320 else if (strcmp(optarg, "inet") == 0) 321 af = AF_INET; 322#ifdef INET6 323 else if (strcmp(optarg, "inet6") == 0) 324 af = AF_INET6; 325#endif /*INET6*/ 326#ifdef INET6 327 else if (strcmp(optarg, "pfkey") == 0) 328 af = PF_KEY; 329#endif /*INET6*/ 330 else if (strcmp(optarg, "unix") == 0) 331 af = AF_UNIX; 332 else if (strcmp(optarg, "atalk") == 0) 333 af = AF_APPLETALK; 334 else if (strcmp(optarg, "ng") == 0 335 || strcmp(optarg, "netgraph") == 0) 336 af = AF_NETGRAPH; 337 else if (strcmp(optarg, "link") == 0) 338 af = AF_LINK; 339 else { 340 errx(1, "%s: unknown address family", optarg); 341 } 342 break; 343 case 'g': 344 gflag = 1; 345 break; 346 case 'I': { 347 char *cp; 348 349 iflag = 1; 350 for (cp = interface = optarg; isalpha(*cp); cp++) 351 continue; 352 unit = atoi(cp); 353 break; 354 } 355 case 'i': 356 iflag = 1; 357 break; 358 case 'L': 359 Lflag = 1; 360 break; 361 case 'M': 362 memf = optarg; 363 break; 364 case 'm': 365 mflag = 1; 366 break; 367 case 'N': 368 nlistf = optarg; 369 break; 370 case 'n': 371 numeric_addr = numeric_port = 1; 372 break; 373 case 'p': 374 if ((tp = name2protox(optarg)) == NULL) { 375 errx(1, 376 "%s: unknown or uninstrumented protocol", 377 optarg); 378 } 379 pflag = 1; 380 break; 381 case 'r': 382 rflag = 1; 383 break; 384 case 's': 385 ++sflag; 386 break; 387 case 'S': 388 numeric_addr = 1; 389 break; 390 case 't': 391 tflag = 1; 392 break; 393 case 'u': 394 af = AF_UNIX; 395 break; 396 case 'W': 397 case 'l': 398 Wflag = 1; 399 break; 400 case 'w': 401 interval = atoi(optarg); 402 iflag = 1; 403 break; 404 case 'z': 405 zflag = 1; 406 break; 407 case '?': 408 default: 409 usage(); 410 } 411 argv += optind; 412 argc -= optind; 413 414#define BACKWARD_COMPATIBILITY 415#ifdef BACKWARD_COMPATIBILITY 416 if (*argv) { 417 if (isdigit(**argv)) { 418 interval = atoi(*argv); 419 if (interval <= 0) 420 usage(); 421 ++argv; 422 iflag = 1; 423 } 424 if (*argv) { 425 nlistf = *argv; 426 if (*++argv) 427 memf = *argv; 428 } 429 } 430#endif 431 432 /* 433 * Discard setgid privileges if not the running kernel so that bad 434 * guys can't print interesting stuff from kernel memory. 435 */ 436 if (nlistf != NULL || memf != NULL) 437 setgid(getgid()); 438 439 if (mflag) { 440 if (memf != NULL) { 441 if (kread(0, 0, 0) == 0) 442 mbpr(nl[N_MBSTAT].n_value, 443 nl[N_MBTYPES].n_value, 444 nl[N_NMBCLUSTERS].n_value, 445 nl[N_NMBUFS].n_value, 446 nl[N_MBHI].n_value, 447 nl[N_CLHI].n_value, 448 nl[N_MBLO].n_value, 449 nl[N_CLLO].n_value, 450 nl[N_NCPUS].n_value, 451 nl[N_PAGESZ].n_value, 452 nl[N_MBPSTAT].n_value); 453 } else 454 mbpr(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); 455 exit(0); 456 } 457#if 0 458 /* 459 * Keep file descriptors open to avoid overhead 460 * of open/close on each call to get* routines. 461 */ 462 sethostent(1); 463 setnetent(1); 464#else 465 /* 466 * This does not make sense any more with DNS being default over 467 * the files. Doing a setXXXXent(1) causes a tcp connection to be 468 * used for the queries, which is slower. 469 */ 470#endif 471 if (iflag && !sflag) { 472 kread(0, 0, 0); 473 intpr(interval, nl[N_IFNET].n_value, NULL); 474 exit(0); 475 } 476 if (rflag) { 477 kread(0, 0, 0); 478 if (sflag) 479 rt_stats(nl[N_RTSTAT].n_value, nl[N_RTTRASH].n_value); 480 else 481 routepr(nl[N_RTREE].n_value); 482 exit(0); 483 } 484 if (gflag) { 485 kread(0, 0, 0); 486 if (sflag) { 487 if (af == AF_INET || af == AF_UNSPEC) 488 mrt_stats(nl[N_MRTSTAT].n_value); 489#ifdef INET6 490 if (af == AF_INET6 || af == AF_UNSPEC) 491 mrt6_stats(nl[N_MRT6STAT].n_value); 492#endif 493 } else { 494 if (af == AF_INET || af == AF_UNSPEC) 495 mroutepr(nl[N_MFCTABLE].n_value, 496 nl[N_VIFTABLE].n_value); 497#ifdef INET6 498 if (af == AF_INET6 || af == AF_UNSPEC) 499 mroute6pr(nl[N_MF6CTABLE].n_value, 500 nl[N_MIF6TABLE].n_value); 501#endif 502 } 503 ifmalist_dump(); 504 exit(0); 505 } 506 507 kread(0, 0, 0); 508 if (tp) { 509 printproto(tp, tp->pr_name); 510 exit(0); 511 } 512 if (af == AF_INET || af == AF_UNSPEC) 513 for (tp = protox; tp->pr_name; tp++) 514 printproto(tp, tp->pr_name); 515#ifdef INET6 516 if (af == AF_INET6 || af == AF_UNSPEC) 517 for (tp = ip6protox; tp->pr_name; tp++) 518 printproto(tp, tp->pr_name); 519#endif /*INET6*/ 520#ifdef IPSEC 521 if (af == PF_KEY || af == AF_UNSPEC) 522 for (tp = pfkeyprotox; tp->pr_name; tp++) 523 printproto(tp, tp->pr_name); 524#endif /*IPSEC*/ 525#ifdef IPX 526 if (af == AF_IPX || af == AF_UNSPEC) { 527 kread(0, 0, 0); 528 for (tp = ipxprotox; tp->pr_name; tp++) 529 printproto(tp, tp->pr_name); 530 } 531#endif /* IPX */ 532 if (af == AF_APPLETALK || af == AF_UNSPEC) 533 for (tp = atalkprotox; tp->pr_name; tp++) 534 printproto(tp, tp->pr_name); 535 if (af == AF_NETGRAPH || af == AF_UNSPEC) 536 for (tp = netgraphprotox; tp->pr_name; tp++) 537 printproto(tp, tp->pr_name); 538 if ((af == AF_UNIX || af == AF_UNSPEC) && !Lflag && !sflag) 539 unixpr(); 540 exit(0); 541} 542 543/* 544 * Print out protocol statistics or control blocks (per sflag). 545 * If the interface was not specifically requested, and the symbol 546 * is not in the namelist, ignore this one. 547 */ 548static void 549printproto(tp, name) 550 struct protox *tp; 551 const char *name; 552{ 553 void (*pr)(u_long, const char *, int); 554 u_long off; 555 556 if (sflag) { 557 if (iflag) { 558 if (tp->pr_istats) 559 intpr(interval, nl[N_IFNET].n_value, 560 tp->pr_istats); 561 else if (pflag) 562 printf("%s: no per-interface stats routine\n", 563 tp->pr_name); 564 return; 565 } 566 else { 567 pr = tp->pr_stats; 568 if (!pr) { 569 if (pflag) 570 printf("%s: no stats routine\n", 571 tp->pr_name); 572 return; 573 } 574 off = tp->pr_usesysctl ? tp->pr_usesysctl 575 : nl[tp->pr_sindex].n_value; 576 } 577 } else { 578 pr = tp->pr_cblocks; 579 if (!pr) { 580 if (pflag) 581 printf("%s: no PCB routine\n", tp->pr_name); 582 return; 583 } 584 off = tp->pr_usesysctl ? tp->pr_usesysctl 585 : nl[tp->pr_index].n_value; 586 } 587 if (pr != NULL && (off || af != AF_UNSPEC)) 588 (*pr)(off, name, af); 589} 590 591/* 592 * Read kernel memory, return 0 on success. 593 */ 594int 595kread(u_long addr, char *buf, int size) 596{ 597 if (kvmd == 0) { 598 /* 599 * XXX. 600 */ 601 kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, buf); 602 setgid(getgid()); 603 if (kvmd != NULL) { 604 if (kvm_nlist(kvmd, nl) < 0) { 605 if(nlistf) 606 errx(1, "%s: kvm_nlist: %s", nlistf, 607 kvm_geterr(kvmd)); 608 else 609 errx(1, "kvm_nlist: %s", kvm_geterr(kvmd)); 610 } 611 612 if (nl[0].n_type == 0) { 613 if(nlistf) 614 errx(1, "%s: no namelist", nlistf); 615 else 616 errx(1, "no namelist"); 617 } 618 } else { 619 warnx("kvm not available"); 620 return(-1); 621 } 622 } 623 if (!buf) 624 return (0); 625 if (kvm_read(kvmd, addr, buf, size) != size) { 626 warnx("%s", kvm_geterr(kvmd)); 627 return (-1); 628 } 629 return (0); 630} 631 632const char * 633plural(int n) 634{ 635 return (n != 1 ? "s" : ""); 636} 637 638const char * 639plurales(int n) 640{ 641 return (n != 1 ? "es" : ""); 642} 643 644const char * 645pluralies(int n) 646{ 647 return (n != 1 ? "ies" : "y"); 648} 649 650/* 651 * Find the protox for the given "well-known" name. 652 */ 653static struct protox * 654knownname(char *name) 655{ 656 struct protox **tpp, *tp; 657 658 for (tpp = protoprotox; *tpp; tpp++) 659 for (tp = *tpp; tp->pr_name; tp++) 660 if (strcmp(tp->pr_name, name) == 0) 661 return (tp); 662 return (NULL); 663} 664 665/* 666 * Find the protox corresponding to name. 667 */ 668static struct protox * 669name2protox(char *name) 670{ 671 struct protox *tp; 672 char **alias; /* alias from p->aliases */ 673 struct protoent *p; 674 675 /* 676 * Try to find the name in the list of "well-known" names. If that 677 * fails, check if name is an alias for an Internet protocol. 678 */ 679 if ((tp = knownname(name)) != NULL) 680 return (tp); 681 682 setprotoent(1); /* make protocol lookup cheaper */ 683 while ((p = getprotoent()) != NULL) { 684 /* assert: name not same as p->name */ 685 for (alias = p->p_aliases; *alias; alias++) 686 if (strcmp(name, *alias) == 0) { 687 endprotoent(); 688 return (knownname(p->p_name)); 689 } 690 } 691 endprotoent(); 692 return (NULL); 693} 694 695static void 696usage(void) 697{ 698 (void)fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n", 699"usage: netstat [-AaLnSW] [-f protocol_family | -p protocol]\n" 700" [-M core] [-N system]", 701" netstat -i | -I interface [-abdnt] [-f address_family]\n" 702" [-M core] [-N system]", 703" netstat -w wait [-I interface] [-d] [-M core] [-N system]", 704" netstat -s [-s] [-z] [-f protocol_family | -p protocol] [-M core]", 705" netstat -i | -I interface -s [-f protocol_family | -p protocol]\n" 706" [-M core] [-N system]", 707" netstat -m [-M core] [-N system]", 708" netstat -r [-AenW] [-f address_family] [-M core] [-N system]", 709" netstat -rs [-s] [-M core] [-N system]", 710" netstat -g [-W] [-f address_family] [-M core] [-N system]", 711" netstat -gs [-s] [-f address_family] [-M core] [-N system]"); 712 exit(1); 713} 714