1#!/usr/sbin/dtrace -s
2/*
3 * Copyright (c) 2015 George V. Neville-Neil
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 *    notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 *
27 * $FreeBSD$
28 *
29 * The tcptrack D script shows various information about TCP
30 * connections including acceptance and refusal of inbound and
31 * outbound connections as well as state changes.
32 *
33 * Usage: tcptrack
34 */
35
36#pragma D option quiet
37tcp:kernel::accept-established
38{
39	printf("Accept connection from %s:%d\tto %s:%d\n",
40		       args[2]->ip_saddr,
41		       args[4]->tcp_sport,
42		       args[2]->ip_daddr,
43		       args[4]->tcp_dport);
44
45}
46
47tcp:kernel::accept-refused
48{
49	printf("Refused connection from %s:%d\tto %s:%d\n", 
50		       args[2]->ip_daddr,
51		       args[4]->tcp_dport,
52		       args[2]->ip_saddr,
53		       args[4]->tcp_sport);
54
55}
56
57tcp:kernel::connect-established
58{
59	printf("Connection established to %s:%d from %s:%d\n",
60		       args[2]->ip_saddr,
61		       args[4]->tcp_sport,
62		       args[2]->ip_daddr,
63		       args[4]->tcp_dport);
64
65}
66
67tcp:kernel::connect-refused
68{
69	printf("Connection refused by %s:%d from %s:%d\n", 
70		       args[2]->ip_saddr,
71		       args[4]->tcp_sport,
72		       args[2]->ip_daddr,
73		       args[4]->tcp_dport);
74}
75
76tcp:kernel::state-change
77{
78	newstate = args[3]->tcps_state;
79	oldstate = args[5]->tcps_state;
80	printf("State changed from %s\t\t%s\n", tcp_state_string[oldstate],
81				     tcp_state_string[newstate]);
82}
83
84