Annotation of src/usr.bin/netstat/inet.c, Revision 1.51
1.51 ! jjbg 1: /* $OpenBSD: inet.c,v 1.50 2001/06/23 06:09:09 angelos Exp $ */
1.1 deraadt 2: /* $NetBSD: inet.c,v 1.14 1995/10/03 21:42:37 thorpej Exp $ */
3:
4: /*
5: * Copyright (c) 1983, 1988, 1993
6: * The Regents of the University of California. All rights reserved.
7: *
8: * Redistribution and use in source and binary forms, with or without
9: * modification, are permitted provided that the following conditions
10: * are met:
11: * 1. Redistributions of source code must retain the above copyright
12: * notice, this list of conditions and the following disclaimer.
13: * 2. Redistributions in binary form must reproduce the above copyright
14: * notice, this list of conditions and the following disclaimer in the
15: * documentation and/or other materials provided with the distribution.
16: * 3. All advertising materials mentioning features or use of this software
17: * must display the following acknowledgement:
18: * This product includes software developed by the University of
19: * California, Berkeley and its contributors.
20: * 4. Neither the name of the University nor the names of its contributors
21: * may be used to endorse or promote products derived from this software
22: * without specific prior written permission.
23: *
24: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34: * SUCH DAMAGE.
35: */
36:
37: #ifndef lint
38: #if 0
39: static char sccsid[] = "from: @(#)inet.c 8.4 (Berkeley) 4/20/94";
40: #else
1.51 ! jjbg 41: static char *rcsid = "$OpenBSD: inet.c,v 1.50 2001/06/23 06:09:09 angelos Exp $";
1.1 deraadt 42: #endif
43: #endif /* not lint */
44:
45: #include <sys/param.h>
46: #include <sys/queue.h>
47: #include <sys/socket.h>
48: #include <sys/socketvar.h>
49: #include <sys/mbuf.h>
50: #include <sys/protosw.h>
51:
52: #include <net/route.h>
53: #include <netinet/in.h>
54: #include <netinet/in_systm.h>
55: #include <netinet/ip.h>
56: #include <netinet/in_pcb.h>
57: #include <netinet/ip_icmp.h>
58: #include <netinet/icmp_var.h>
59: #include <netinet/igmp_var.h>
60: #include <netinet/ip_var.h>
61: #include <netinet/tcp.h>
62: #include <netinet/tcpip.h>
63: #include <netinet/tcp_seq.h>
64: #define TCPSTATES
65: #include <netinet/tcp_fsm.h>
66: #include <netinet/tcp_timer.h>
67: #include <netinet/tcp_var.h>
68: #include <netinet/tcp_debug.h>
69: #include <netinet/udp.h>
70: #include <netinet/udp_var.h>
1.30 angelos 71: #include <netinet/ip_ipsp.h>
1.10 angelos 72: #include <netinet/ip_ah.h>
73: #include <netinet/ip_esp.h>
1.45 angelos 74: #include <netinet/ip_ipip.h>
1.34 angelos 75: #include <netinet/ip_ether.h>
1.1 deraadt 76:
77: #include <arpa/inet.h>
1.18 millert 78: #include <limits.h>
1.1 deraadt 79: #include <netdb.h>
80: #include <stdio.h>
81: #include <string.h>
82: #include <unistd.h>
1.14 dgregor 83: #include <stdlib.h>
1.1 deraadt 84: #include "netstat.h"
85:
1.5 deraadt 86: #include <rpc/rpc.h>
87: #include <rpc/pmap_prot.h>
88: #include <rpc/pmap_clnt.h>
89:
1.1 deraadt 90: struct inpcb inpcb;
91: struct tcpcb tcpcb;
92: struct socket sockb;
93:
1.48 itojun 94: static void protopr0 __P((u_long, char *, int));
95:
1.1 deraadt 96: char *inetname __P((struct in_addr *));
1.5 deraadt 97: void inetprint __P((struct in_addr *, int, char *, int));
1.38 itojun 98: #ifdef INET6
99: char *inet6name __P((struct in6_addr *));
100: void inet6print __P((struct in6_addr *, int, char *, int));
101: #endif
1.1 deraadt 102:
103: /*
104: * Print a summary of connections related to an Internet
105: * protocol. For TCP, also give state of connection.
106: * Listening processes (aflag) are suppressed unless the
107: * -a (all) flag is specified.
108: */
109: void
110: protopr(off, name)
111: u_long off;
112: char *name;
113: {
1.48 itojun 114: protopr0(off, name, AF_INET);
115: }
116:
117: #ifdef INET6
118: void
119: ip6protopr(off, name)
120: u_long off;
121: char *name;
122: {
123: protopr0(off, name, AF_INET6);
124: }
125: #endif
126:
127: static void
128: protopr0(off, name, af)
129: u_long off;
130: char *name;
131: int af;
132: {
1.1 deraadt 133: struct inpcbtable table;
134: register struct inpcb *head, *next, *prev;
135: struct inpcb inpcb;
136: int istcp;
137: static int first = 1;
1.38 itojun 138: char *name0;
139: char namebuf[20];
1.1 deraadt 140:
1.38 itojun 141: name0 = name;
1.1 deraadt 142: if (off == 0)
143: return;
144: istcp = strcmp(name, "tcp") == 0;
145: kread(off, (char *)&table, sizeof table);
146: prev = head =
147: (struct inpcb *)&((struct inpcbtable *)off)->inpt_queue.cqh_first;
148: next = table.inpt_queue.cqh_first;
149:
150: while (next != head) {
151: kread((u_long)next, (char *)&inpcb, sizeof inpcb);
152: if (inpcb.inp_queue.cqe_prev != prev) {
153: printf("???\n");
154: break;
155: }
156: prev = next;
157: next = inpcb.inp_queue.cqe_next;
1.48 itojun 158:
159: switch (af) {
160: case AF_INET:
161: if ((inpcb.inp_flags & INP_IPV6) != 0)
162: continue;
163: break;
164: case AF_INET6:
165: if ((inpcb.inp_flags & INP_IPV6) == 0)
166: continue;
167: break;
168: default:
169: break;
170: }
1.1 deraadt 171:
172: if (!aflag &&
173: inet_lnaof(inpcb.inp_laddr) == INADDR_ANY)
174: continue;
175: kread((u_long)inpcb.inp_socket, (char *)&sockb, sizeof (sockb));
176: if (istcp) {
177: kread((u_long)inpcb.inp_ppcb,
178: (char *)&tcpcb, sizeof (tcpcb));
179: }
180: if (first) {
181: printf("Active Internet connections");
182: if (aflag)
183: printf(" (including servers)");
184: putchar('\n');
185: if (Aflag)
1.29 deraadt 186: printf("%-*.*s %-5.5s %-6.6s %-6.6s %-18.18s %-18.18s %s\n",
1.18 millert 187: PLEN, PLEN, "PCB", "Proto", "Recv-Q",
1.29 deraadt 188: "Send-Q", "Local Address",
189: "Foreign Address", "(state)");
1.18 millert 190: else
191: printf("%-5.5s %-6.6s %-6.6s %-22.22s %-22.22s %s\n",
192: "Proto", "Recv-Q", "Send-Q",
193: "Local Address", "Foreign Address",
194: "(state)");
1.1 deraadt 195: first = 0;
196: }
1.38 itojun 197: if (Aflag) {
1.1 deraadt 198: if (istcp)
1.18 millert 199: printf("%*p ", PLEN, inpcb.inp_ppcb);
1.1 deraadt 200: else
1.18 millert 201: printf("%*p ", PLEN, prev);
1.38 itojun 202: }
203: #ifdef INET6
204: if (inpcb.inp_flags & INP_IPV6) {
205: strcpy(namebuf, name0);
206: strcat(namebuf, "6");
207: name = namebuf;
208: } else
209: name = name0;
210: #endif
1.16 millert 211: printf("%-5.5s %6ld %6ld ", name, sockb.so_rcv.sb_cc,
1.1 deraadt 212: sockb.so_snd.sb_cc);
1.38 itojun 213: #ifdef INET6
214: if (inpcb.inp_flags & INP_IPV6) {
215: inet6print(&inpcb.inp_laddr6, (int)inpcb.inp_lport,
216: name, 1);
217: inet6print(&inpcb.inp_faddr6, (int)inpcb.inp_fport,
218: name, 0);
219: } else
220: #endif
221: {
222: inetprint(&inpcb.inp_laddr, (int)inpcb.inp_lport,
223: name, 1);
224: inetprint(&inpcb.inp_faddr, (int)inpcb.inp_fport,
225: name, 0);
226: }
1.1 deraadt 227: if (istcp) {
228: if (tcpcb.t_state < 0 || tcpcb.t_state >= TCP_NSTATES)
229: printf(" %d", tcpcb.t_state);
230: else
231: printf(" %s", tcpstates[tcpcb.t_state]);
232: }
233: putchar('\n');
234: }
235: }
236:
237: /*
238: * Dump TCP statistics structure.
239: */
240: void
241: tcp_stats(off, name)
242: u_long off;
243: char *name;
244: {
245: struct tcpstat tcpstat;
246:
247: if (off == 0)
248: return;
249: printf ("%s:\n", name);
250: kread(off, (char *)&tcpstat, sizeof (tcpstat));
251:
252: #define p(f, m) if (tcpstat.f || sflag <= 1) \
253: printf(m, tcpstat.f, plural(tcpstat.f))
1.38 itojun 254: #define p1(f, m) if (tcpstat.f || sflag <= 1) \
255: printf(m, tcpstat.f)
1.1 deraadt 256: #define p2(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \
257: printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2, plural(tcpstat.f2))
1.38 itojun 258: #define p2a(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \
259: printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2)
1.1 deraadt 260: #define p3(f, m) if (tcpstat.f || sflag <= 1) \
261: printf(m, tcpstat.f, plurales(tcpstat.f))
262:
1.38 itojun 263: p(tcps_sndtotal, "\t%u packet%s sent\n");
1.1 deraadt 264: p2(tcps_sndpack,tcps_sndbyte,
1.38 itojun 265: "\t\t%u data packet%s (%qd byte%s)\n");
1.1 deraadt 266: p2(tcps_sndrexmitpack, tcps_sndrexmitbyte,
1.38 itojun 267: "\t\t%u data packet%s (%qd byte%s) retransmitted\n");
1.26 provos 268: p(tcps_sndrexmitfast, "\t\t%qd fast retransmitted packet%s\n");
1.38 itojun 269: p2a(tcps_sndacks, tcps_delack,
270: "\t\t%u ack-only packet%s (%u delayed)\n");
271: p(tcps_sndurg, "\t\t%u URG only packet%s\n");
272: p(tcps_sndprobe, "\t\t%u window probe packet%s\n");
273: p(tcps_sndwinup, "\t\t%u window update packet%s\n");
274: p(tcps_sndctrl, "\t\t%u control packet%s\n");
1.50 angelos 275: p(tcps_outhwcsum, "\t\t%u packet%s hardware-checksummed\n");
1.38 itojun 276: p(tcps_rcvtotal, "\t%u packet%s received\n");
277: p2(tcps_rcvackpack, tcps_rcvackbyte, "\t\t%u ack%s (for %qd byte%s)\n");
278: p(tcps_rcvdupack, "\t\t%u duplicate ack%s\n");
279: p(tcps_rcvacktoomuch, "\t\t%u ack%s for unsent data\n");
1.1 deraadt 280: p2(tcps_rcvpack, tcps_rcvbyte,
1.38 itojun 281: "\t\t%u packet%s (%qu byte%s) received in-sequence\n");
1.1 deraadt 282: p2(tcps_rcvduppack, tcps_rcvdupbyte,
1.38 itojun 283: "\t\t%u completely duplicate packet%s (%qd byte%s)\n");
284: p(tcps_pawsdrop, "\t\t%u old duplicate packet%s\n");
1.1 deraadt 285: p2(tcps_rcvpartduppack, tcps_rcvpartdupbyte,
1.38 itojun 286: "\t\t%u packet%s with some dup. data (%qd byte%s duped)\n");
1.1 deraadt 287: p2(tcps_rcvoopack, tcps_rcvoobyte,
1.38 itojun 288: "\t\t%u out-of-order packet%s (%qd byte%s)\n");
1.1 deraadt 289: p2(tcps_rcvpackafterwin, tcps_rcvbyteafterwin,
1.38 itojun 290: "\t\t%u packet%s (%qd byte%s) of data after window\n");
291: p(tcps_rcvwinprobe, "\t\t%u window probe%s\n");
292: p(tcps_rcvwinupd, "\t\t%u window update packet%s\n");
293: p(tcps_rcvafterclose, "\t\t%u packet%s received after close\n");
294: p(tcps_rcvbadsum, "\t\t%u discarded for bad checksum%s\n");
295: p(tcps_rcvbadoff, "\t\t%u discarded for bad header offset field%s\n");
296: p1(tcps_rcvshort, "\t\t%u discarded because packet too short\n");
297: p1(tcps_rcvnosec, "\t\t%u discarded for missing IPSec protection\n");
1.50 angelos 298: p(tcps_inhwcsum, "\t\t%u packet%s hardware-checksummed\n");
1.38 itojun 299: p(tcps_connattempt, "\t%u connection request%s\n");
300: p(tcps_accepts, "\t%u connection accept%s\n");
301: p(tcps_connects, "\t%u connection%s established (including accepts)\n");
1.1 deraadt 302: p2(tcps_closed, tcps_drops,
1.38 itojun 303: "\t%u connection%s closed (including %u drop%s)\n");
304: p(tcps_conndrops, "\t%u embryonic connection%s dropped\n");
1.1 deraadt 305: p2(tcps_rttupdated, tcps_segstimed,
1.38 itojun 306: "\t%u segment%s updated rtt (of %u attempt%s)\n");
307: p(tcps_rexmttimeo, "\t%u retransmit timeout%s\n");
308: p(tcps_timeoutdrop, "\t\t%u connection%s dropped by rexmit timeout\n");
309: p(tcps_persisttimeo, "\t%u persist timeout%s\n");
310: p(tcps_keeptimeo, "\t%u keepalive timeout%s\n");
311: p(tcps_keepprobe, "\t\t%u keepalive probe%s sent\n");
312: p(tcps_keepdrops, "\t\t%u connection%s dropped by keepalive\n");
313: p(tcps_predack, "\t%u correct ACK header prediction%s\n");
314: p(tcps_preddat, "\t%u correct data packet header prediction%s\n");
315: p3(tcps_pcbhashmiss, "\t%u PCB cache miss%s\n");
316: p(tcps_badsyn, "\t%u SYN packet%s received with same src/dst address/port\n");
1.1 deraadt 317: #undef p
1.38 itojun 318: #undef p1
1.1 deraadt 319: #undef p2
1.38 itojun 320: #undef p2a
1.1 deraadt 321: #undef p3
322: }
323:
324: /*
325: * Dump UDP statistics structure.
326: */
327: void
328: udp_stats(off, name)
329: u_long off;
330: char *name;
331: {
332: struct udpstat udpstat;
333: u_long delivered;
334:
335: if (off == 0)
336: return;
337: kread(off, (char *)&udpstat, sizeof (udpstat));
338: printf("%s:\n", name);
339: #define p(f, m) if (udpstat.f || sflag <= 1) \
340: printf(m, udpstat.f, plural(udpstat.f))
1.38 itojun 341: #define p1(f, m) if (udpstat.f || sflag <= 1) \
342: printf(m, udpstat.f)
1.16 millert 343: p(udps_ipackets, "\t%lu datagram%s received\n");
1.38 itojun 344: p1(udps_hdrops, "\t%lu with incomplete header\n");
345: p1(udps_badlen, "\t%lu with bad data length field\n");
346: p1(udps_badsum, "\t%lu with bad checksum\n");
347: p1(udps_nosum, "\t%lu with no checksum\n");
1.50 angelos 348: p(udps_inhwcsum, "\t%lu input packet%s hardware-checksummed\n");
349: p(udps_outhwcsum, "\t%lu output packet%s hardware-checksummed\n");
1.38 itojun 350: p1(udps_noport, "\t%lu dropped due to no socket\n");
1.16 millert 351: p(udps_noportbcast, "\t%lu broadcast/multicast datagram%s dropped due to no socket\n");
1.38 itojun 352: p1(udps_nosec, "\t%lu dropped due to missing IPSec protection\n");
353: p1(udps_fullsock, "\t%lu dropped due to full socket buffers\n");
1.1 deraadt 354: delivered = udpstat.udps_ipackets -
355: udpstat.udps_hdrops -
356: udpstat.udps_badlen -
357: udpstat.udps_badsum -
358: udpstat.udps_noport -
359: udpstat.udps_noportbcast -
360: udpstat.udps_fullsock;
361: if (delivered || sflag <= 1)
1.16 millert 362: printf("\t%lu delivered\n", delivered);
363: p(udps_opackets, "\t%lu datagram%s output\n");
1.38 itojun 364: p1(udps_pcbhashmiss, "\t%lu missed PCB cache\n");
1.1 deraadt 365: #undef p
1.38 itojun 366: #undef p1
1.1 deraadt 367: }
368:
369: /*
370: * Dump IP statistics structure.
371: */
372: void
373: ip_stats(off, name)
374: u_long off;
375: char *name;
376: {
377: struct ipstat ipstat;
378:
379: if (off == 0)
380: return;
381: kread(off, (char *)&ipstat, sizeof (ipstat));
382: printf("%s:\n", name);
383:
384: #define p(f, m) if (ipstat.f || sflag <= 1) \
385: printf(m, ipstat.f, plural(ipstat.f))
1.38 itojun 386: #define p1(f, m) if (ipstat.f || sflag <= 1) \
387: printf(m, ipstat.f)
1.1 deraadt 388:
1.16 millert 389: p(ips_total, "\t%lu total packet%s received\n");
390: p(ips_badsum, "\t%lu bad header checksum%s\n");
1.38 itojun 391: p1(ips_toosmall, "\t%lu with size smaller than minimum\n");
392: p1(ips_tooshort, "\t%lu with data size < data length\n");
393: p1(ips_badhlen, "\t%lu with header length < data size\n");
394: p1(ips_badlen, "\t%lu with data length < header length\n");
395: p1(ips_badoptions, "\t%lu with bad options\n");
396: p1(ips_badvers, "\t%lu with incorrect version number\n");
1.16 millert 397: p(ips_fragments, "\t%lu fragment%s received\n");
398: p(ips_fragdropped, "\t%lu fragment%s dropped (dup or out of space)\n");
399: p(ips_badfrags, "\t%lu malformed fragment%s dropped\n");
400: p(ips_fragtimeout, "\t%lu fragment%s dropped after timeout\n");
401: p(ips_reassembled, "\t%lu packet%s reassembled ok\n");
402: p(ips_delivered, "\t%lu packet%s for this host\n");
403: p(ips_noproto, "\t%lu packet%s for unknown/unsupported protocol\n");
404: p(ips_forward, "\t%lu packet%s forwarded\n");
405: p(ips_cantforward, "\t%lu packet%s not forwardable\n");
406: p(ips_redirectsent, "\t%lu redirect%s sent\n");
407: p(ips_localout, "\t%lu packet%s sent from this host\n");
408: p(ips_rawout, "\t%lu packet%s sent with fabricated ip header\n");
409: p(ips_odropped, "\t%lu output packet%s dropped due to no bufs, etc.\n");
410: p(ips_noroute, "\t%lu output packet%s discarded due to no route\n");
411: p(ips_fragmented, "\t%lu output datagram%s fragmented\n");
412: p(ips_ofragments, "\t%lu fragment%s created\n");
413: p(ips_cantfrag, "\t%lu datagram%s that can't be fragmented\n");
1.38 itojun 414: p1(ips_rcvmemdrop, "\t%lu fragment floods\n");
1.42 itojun 415: p(ips_toolong, "\t%lu packet%s with ip length > max ip packet size\n");
416: p(ips_nogif, "\t%lu tunneling packet%s that can't find gif\n");
1.49 itojun 417: p(ips_badaddr, "\t%lu datagram%s with bad address in header\n");
1.50 angelos 418: p(ips_inhwcsum, "\t%lu input datagram%s checksum-processed by hardware\n");
419: p(ips_outhwcsum, "\t%lu output datagram%s checksum-processed by hardware\n");
1.1 deraadt 420: #undef p
1.38 itojun 421: #undef p1
1.1 deraadt 422: }
423:
424: static char *icmpnames[] = {
425: "echo reply",
426: "#1",
427: "#2",
428: "destination unreachable",
429: "source quench",
430: "routing redirect",
431: "#6",
432: "#7",
433: "echo",
1.9 deraadt 434: "router advertisement",
435: "router solicitation",
1.1 deraadt 436: "time exceeded",
437: "parameter problem",
438: "time stamp",
439: "time stamp reply",
440: "information request",
441: "information request reply",
442: "address mask request",
443: "address mask reply",
444: };
445:
446: /*
447: * Dump ICMP statistics.
448: */
449: void
450: icmp_stats(off, name)
451: u_long off;
452: char *name;
453: {
454: struct icmpstat icmpstat;
455: register int i, first;
456:
457: if (off == 0)
458: return;
459: kread(off, (char *)&icmpstat, sizeof (icmpstat));
460: printf("%s:\n", name);
461:
462: #define p(f, m) if (icmpstat.f || sflag <= 1) \
463: printf(m, icmpstat.f, plural(icmpstat.f))
464:
1.16 millert 465: p(icps_error, "\t%lu call%s to icmp_error\n");
1.1 deraadt 466: p(icps_oldicmp,
1.16 millert 467: "\t%lu error%s not generated 'cuz old message was icmp\n");
1.1 deraadt 468: for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++)
469: if (icmpstat.icps_outhist[i] != 0) {
470: if (first) {
1.43 itojun 471: printf("\tOutput packet histogram:\n");
1.1 deraadt 472: first = 0;
473: }
1.16 millert 474: printf("\t\t%s: %lu\n", icmpnames[i],
1.1 deraadt 475: icmpstat.icps_outhist[i]);
476: }
1.16 millert 477: p(icps_badcode, "\t%lu message%s with bad code fields\n");
478: p(icps_tooshort, "\t%lu message%s < minimum length\n");
479: p(icps_checksum, "\t%lu bad checksum%s\n");
480: p(icps_badlen, "\t%lu message%s with bad length\n");
1.1 deraadt 481: for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++)
482: if (icmpstat.icps_inhist[i] != 0) {
483: if (first) {
1.43 itojun 484: printf("\tInput packet histogram:\n");
1.1 deraadt 485: first = 0;
486: }
1.16 millert 487: printf("\t\t%s: %lu\n", icmpnames[i],
1.1 deraadt 488: icmpstat.icps_inhist[i]);
489: }
1.16 millert 490: p(icps_reflect, "\t%lu message response%s generated\n");
1.1 deraadt 491: #undef p
492: }
493:
494: /*
495: * Dump IGMP statistics structure.
496: */
497: void
498: igmp_stats(off, name)
499: u_long off;
500: char *name;
501: {
502: struct igmpstat igmpstat;
503:
504: if (off == 0)
505: return;
506: kread(off, (char *)&igmpstat, sizeof (igmpstat));
507: printf("%s:\n", name);
508:
509: #define p(f, m) if (igmpstat.f || sflag <= 1) \
510: printf(m, igmpstat.f, plural(igmpstat.f))
511: #define py(f, m) if (igmpstat.f || sflag <= 1) \
512: printf(m, igmpstat.f, igmpstat.f != 1 ? "ies" : "y")
1.16 millert 513: p(igps_rcv_total, "\t%lu message%s received\n");
514: p(igps_rcv_tooshort, "\t%lu message%s received with too few bytes\n");
515: p(igps_rcv_badsum, "\t%lu message%s received with bad checksum\n");
516: py(igps_rcv_queries, "\t%lu membership quer%s received\n");
517: py(igps_rcv_badqueries, "\t%lu membership quer%s received with invalid field(s)\n");
518: p(igps_rcv_reports, "\t%lu membership report%s received\n");
519: p(igps_rcv_badreports, "\t%lu membership report%s received with invalid field(s)\n");
520: p(igps_rcv_ourreports, "\t%lu membership report%s received for groups to which we belong\n");
521: p(igps_snd_reports, "\t%lu membership report%s sent\n");
1.1 deraadt 522: #undef p
523: #undef py
524: }
525:
1.5 deraadt 526: struct rpcnams {
527: struct rpcnams *next;
1.16 millert 528: in_port_t port;
1.21 deraadt 529: int proto;
1.5 deraadt 530: char *rpcname;
531: };
532:
533: char *
1.21 deraadt 534: getrpcportnam(port, proto)
1.16 millert 535: in_port_t port;
1.21 deraadt 536: int proto;
1.5 deraadt 537: {
538: struct sockaddr_in server_addr;
539: register struct hostent *hp;
540: static struct pmaplist *head;
541: int socket = RPC_ANYSOCK;
542: struct timeval minutetimeout;
543: register CLIENT *client;
544: struct rpcent *rpc;
545: static int first;
546: static struct rpcnams *rpcn;
547: struct rpcnams *n;
1.23 deraadt 548: char num[20];
1.5 deraadt 549:
550: if (first == 0) {
551: first = 1;
1.7 deraadt 552: memset((char *)&server_addr, 0, sizeof server_addr);
1.5 deraadt 553: server_addr.sin_family = AF_INET;
554: if ((hp = gethostbyname("localhost")) != NULL)
1.7 deraadt 555: memmove((caddr_t)&server_addr.sin_addr, hp->h_addr,
1.5 deraadt 556: hp->h_length);
557: else
558: (void) inet_aton("0.0.0.0", &server_addr.sin_addr);
559:
560: minutetimeout.tv_sec = 60;
561: minutetimeout.tv_usec = 0;
562: server_addr.sin_port = htons(PMAPPORT);
563: if ((client = clnttcp_create(&server_addr, PMAPPROG,
1.7 deraadt 564: PMAPVERS, &socket, 50, 500)) == NULL)
565: return (NULL);
1.5 deraadt 566: if (clnt_call(client, PMAPPROC_DUMP, xdr_void, NULL,
1.8 deraadt 567: xdr_pmaplist, &head, minutetimeout) != RPC_SUCCESS) {
1.7 deraadt 568: clnt_destroy(client);
569: return (NULL);
1.5 deraadt 570: }
571: for (; head != NULL; head = head->pml_next) {
572: n = (struct rpcnams *)malloc(sizeof(struct rpcnams));
573: if (n == NULL)
574: continue;
575: n->next = rpcn;
576: rpcn = n;
577: n->port = head->pml_map.pm_port;
1.21 deraadt 578: n->proto = head->pml_map.pm_prot;
1.5 deraadt 579:
580: rpc = getrpcbynumber(head->pml_map.pm_prog);
581: if (rpc)
582: n->rpcname = strdup(rpc->r_name);
583: else {
1.23 deraadt 584: snprintf(num, sizeof num, "%ld",
585: head->pml_map.pm_prog);
1.5 deraadt 586: n->rpcname = strdup(num);
587: }
588: }
589: clnt_destroy(client);
590: }
591:
592: for (n = rpcn; n; n = n->next)
1.21 deraadt 593: if (n->port == port && n->proto == proto)
1.5 deraadt 594: return (n->rpcname);
595: return (NULL);
596: }
597:
1.1 deraadt 598: /*
599: * Pretty print an Internet address (net address + port).
600: * If the nflag was specified, use numbers instead of names.
601: */
602: void
1.5 deraadt 603: inetprint(in, port, proto, local)
1.1 deraadt 604: register struct in_addr *in;
1.16 millert 605: in_port_t port;
1.1 deraadt 606: char *proto;
1.5 deraadt 607: int local;
1.1 deraadt 608: {
609: struct servent *sp = 0;
1.5 deraadt 610: char line[80], *cp, *nam;
1.1 deraadt 611: int width;
612:
1.23 deraadt 613: snprintf(line, sizeof line, "%.*s.", (Aflag && !nflag) ? 12 : 16,
614: inetname(in));
1.4 millert 615: cp = strchr(line, '\0');
1.1 deraadt 616: if (!nflag && port)
617: sp = getservbyport((int)port, proto);
618: if (sp || port == 0)
1.23 deraadt 619: snprintf(cp, line + sizeof line - cp, "%.8s",
620: sp ? sp->s_name : "*");
1.21 deraadt 621: else if (local && !nflag && (nam = getrpcportnam(ntohs(port),
622: (strcmp(proto, "tcp") == 0 ? IPPROTO_TCP : IPPROTO_UDP))))
1.23 deraadt 623: snprintf(cp, line + sizeof line - cp, "%d[%.8s]",
624: ntohs(port), nam);
1.1 deraadt 625: else
1.23 deraadt 626: snprintf(cp, line + sizeof line - cp, "%d", ntohs(port));
1.1 deraadt 627: width = Aflag ? 18 : 22;
628: printf(" %-*.*s", width, width, line);
629: }
630:
631: /*
632: * Construct an Internet address representation.
633: * If the nflag has been supplied, give
634: * numeric value, otherwise try for symbolic name.
635: */
636: char *
637: inetname(inp)
638: struct in_addr *inp;
639: {
640: register char *cp;
641: static char line[50];
642: struct hostent *hp;
643: struct netent *np;
644: static char domain[MAXHOSTNAMELEN + 1];
645: static int first = 1;
646:
647: if (first && !nflag) {
648: first = 0;
649: if (gethostname(domain, MAXHOSTNAMELEN) == 0 &&
1.4 millert 650: (cp = strchr(domain, '.')))
1.1 deraadt 651: (void) strcpy(domain, cp + 1);
652: else
653: domain[0] = 0;
654: }
655: cp = 0;
656: if (!nflag && inp->s_addr != INADDR_ANY) {
657: int net = inet_netof(*inp);
658: int lna = inet_lnaof(*inp);
659:
660: if (lna == INADDR_ANY) {
661: np = getnetbyaddr(net, AF_INET);
662: if (np)
663: cp = np->n_name;
664: }
665: if (cp == 0) {
666: hp = gethostbyaddr((char *)inp, sizeof (*inp), AF_INET);
667: if (hp) {
1.4 millert 668: if ((cp = strchr(hp->h_name, '.')) &&
1.1 deraadt 669: !strcmp(cp + 1, domain))
670: *cp = 0;
671: cp = hp->h_name;
672: }
673: }
674: }
675: if (inp->s_addr == INADDR_ANY)
1.23 deraadt 676: snprintf(line, sizeof line, "*");
1.1 deraadt 677: else if (cp)
1.23 deraadt 678: snprintf(line, sizeof line, "%s", cp);
1.1 deraadt 679: else {
680: inp->s_addr = ntohl(inp->s_addr);
681: #define C(x) ((x) & 0xff)
1.23 deraadt 682: snprintf(line, sizeof line, "%u.%u.%u.%u",
683: C(inp->s_addr >> 24), C(inp->s_addr >> 16),
684: C(inp->s_addr >> 8), C(inp->s_addr));
1.1 deraadt 685: }
686: return (line);
1.10 angelos 687: }
688:
689: /*
690: * Dump AH statistics structure.
691: */
692: void
693: ah_stats(off, name)
694: u_long off;
695: char *name;
696: {
697: struct ahstat ahstat;
698:
699: if (off == 0)
700: return;
701: kread(off, (char *)&ahstat, sizeof (ahstat));
702: printf("%s:\n", name);
703:
704: #define p(f, m) if (ahstat.f || sflag <= 1) \
705: printf(m, ahstat.f, plural(ahstat.f))
1.38 itojun 706: #define p1(f, m) if (ahstat.f || sflag <= 1) \
707: printf(m, ahstat.f)
1.10 angelos 708:
1.38 itojun 709: p1(ahs_input, "\t%u input AH packets\n");
710: p1(ahs_output, "\t%u output AH packets\n");
1.44 angelos 711: p(ahs_nopf, "\t%u packet%s from unsupported protocol families\n");
1.10 angelos 712: p(ahs_hdrops, "\t%u packet%s shorter than header shows\n");
1.33 niklas 713: p(ahs_pdrops, "\t%u packet%s dropped due to policy\n");
1.10 angelos 714: p(ahs_notdb, "\t%u packet%s for which no TDB was found\n");
715: p(ahs_badkcr, "\t%u input packet%s that failed to be processed\n");
716: p(ahs_badauth, "\t%u packet%s that failed verification received\n");
717: p(ahs_noxform, "\t%u packet%s for which no XFORM was set in TDB received\n");
1.19 provos 718: p(ahs_qfull, "\t%u packet%s were dropped due to full output queue\n");
1.10 angelos 719: p(ahs_wrap, "\t%u packet%s where counter wrapping was detected\n");
720: p(ahs_replay, "\t%u possibly replayed packet%s received\n");
721: p(ahs_badauthl, "\t%u packet%s with bad authenticator length received\n");
1.15 provos 722: p(ahs_invalid, "\t%u packet%s attempted to use an invalid tdb\n");
1.25 niklas 723: p(ahs_toobig, "\t%u packet%s got larger than max IP packet size\n");
1.46 angelos 724: p(ahs_crypto, "\t%u packet%s that failed crypto processing\n");
1.20 angelos 725: p(ahs_ibytes, "\t%qu input byte%s\n");
726: p(ahs_obytes, "\t%qu output byte%s\n");
727:
1.34 angelos 728: #undef p
1.38 itojun 729: #undef p1
1.34 angelos 730: }
731:
732: /*
733: * Dump etherip statistics structure.
734: */
735: void
736: etherip_stats(off, name)
737: u_long off;
738: char *name;
739: {
740: struct etheripstat etheripstat;
741:
742:
743: if (off == 0)
744: return;
745: kread(off, (char *)ðeripstat, sizeof (etheripstat));
746: printf("%s:\n", name);
747:
748: #define p(f, m) if (etheripstat.f || sflag <= 1) \
749: printf(m, etheripstat.f, plural(etheripstat.f))
750:
751:
752: p(etherip_hdrops, "\t%u packet%s shorter than header shows\n");
753: p(etherip_qfull, "\t%u packet%s were dropped due to full output queue\n");
754: p(etherip_noifdrops, "\t%u packet%s were dropped because of no interface/bridge information\n");
755: p(etherip_pdrops, "\t%u packet%s dropped due to policy\n");
756: p(etherip_adrops, "\t%u packet%s dropped for other reasons\n");
757: p(etherip_ipackets, "\t%u input ethernet-in-IP packets\n");
758: p(etherip_opackets, "\t%u output ethernet-in-IP packets\n");
759: p(etherip_ibytes, "\t%qu input byte%s\n");
760: p(etherip_obytes, "\t%qu output byte%s\n");
1.10 angelos 761: #undef p
762: }
763:
764: /*
765: * Dump ESP statistics structure.
766: */
767: void
768: esp_stats(off, name)
769: u_long off;
770: char *name;
771: {
772: struct espstat espstat;
773:
1.20 angelos 774:
1.10 angelos 775: if (off == 0)
776: return;
777: kread(off, (char *)&espstat, sizeof (espstat));
778: printf("%s:\n", name);
779:
780: #define p(f, m) if (espstat.f || sflag <= 1) \
781: printf(m, espstat.f, plural(espstat.f))
782:
1.38 itojun 783: p(esps_input, "\t%u input ESP packet%s\n");
784: p(esps_output, "\t%u output ESP packet%s\n");
1.44 angelos 785: p(esps_nopf, "\t%u packet%s from unsupported protocol families\n");
1.10 angelos 786: p(esps_hdrops, "\t%u packet%s shorter than header shows\n");
1.33 niklas 787: p(esps_pdrops, "\t%u packet%s dropped due to policy\n");
1.10 angelos 788: p(esps_notdb, "\t%u packet%s for which no TDB was found\n");
789: p(esps_badkcr, "\t%u input packet%s that failed to be processed\n");
1.37 niklas 790: p(esps_badenc, "\t%u packet%s with bad encryption received\n");
1.10 angelos 791: p(esps_badauth, "\t%u packet%s that failed verification received\n");
792: p(esps_noxform, "\t%u packet%s for which no XFORM was set in TDB received\n");
1.19 provos 793: p(esps_qfull, "\t%u packet%s were dropped due to full output queue\n");
1.10 angelos 794: p(esps_wrap, "\t%u packet%s where counter wrapping was detected\n");
795: p(esps_replay, "\t%u possibly replayed packet%s received\n");
1.47 angelos 796: p(esps_badilen, "\t%u packet%s with bad payload size or padding received\n");
1.15 provos 797: p(esps_invalid, "\t%u packet%s attempted to use an invalid tdb\n");
1.25 niklas 798: p(esps_toobig, "\t%u packet%s got larger than max IP packet size\n");
1.46 angelos 799: p(esps_crypto, "\t%u packet%s that failed crypto processing\n");
1.20 angelos 800: p(esps_ibytes, "\t%qu input byte%s\n");
801: p(esps_obytes, "\t%qu output byte%s\n");
1.10 angelos 802:
803: #undef p
804: }
805:
806: /*
807: * Dump ESP statistics structure.
808: */
809: void
1.45 angelos 810: ipip_stats(off, name)
1.10 angelos 811: u_long off;
812: char *name;
813: {
1.45 angelos 814: struct ipipstat ipipstat;
1.10 angelos 815:
816: if (off == 0)
817: return;
1.45 angelos 818: kread(off, (char *)&ipipstat, sizeof (ipipstat));
1.10 angelos 819: printf("%s:\n", name);
820:
1.45 angelos 821: #define p(f, m) if (ipipstat.f || sflag <= 1) \
822: printf(m, ipipstat.f, plural(ipipstat.f))
1.10 angelos 823:
1.45 angelos 824: p(ipips_ipackets, "\t%u total input packet%s\n");
825: p(ipips_opackets, "\t%u total output packet%s\n");
826: p(ipips_hdrops, "\t%u packet%s shorter than header shows\n");
827: p(ipips_pdrops, "\t%u packet%s dropped due to policy\n");
828: p(ipips_spoof, "\t%u packet%s with possibly spoofed local addresses\n");
829: p(ipips_qfull, "\t%u packet%s were dropped due to full output queue\n");
830: p(ipips_ibytes, "\t%qu input byte%s\n");
831: p(ipips_obytes, "\t%qu output byte%s\n");
832: p(ipips_family, "\t%u protocol family mismatches\n");
833: p(ipips_unspec, "\t%u attempts to use tunnel with unspecified endpoint(s)\n");
1.51 ! jjbg 834: #undef p
! 835: }
! 836:
! 837: /*
! 838: * Dump IPCOMP statistics structure.
! 839: */
! 840: void
! 841: ipcomp_stats(off, name)
! 842: u_long off;
! 843: char *name;
! 844: {
! 845: struct ipcompstat ipcompstat;
! 846:
! 847:
! 848: if (off == 0)
! 849: return;
! 850: kread(off, (char *)&ipcompstat, sizeof (ipcompstat));
! 851: printf("%s:\n", name);
! 852:
! 853: #define p(f, m) if (ipcompstat.f || sflag <= 1) \
! 854: printf(m, ipcompstat.f, plural(ipcompstat.f))
! 855:
! 856: p(ipcomps_input, "\t%u input IPCOMP packet%s\n");
! 857: p(ipcomps_output, "\t%u output IPCOMP packet%s\n");
! 858: p(ipcomps_nopf, "\t%u packet%s from unsupported protocol families\n");
! 859: p(ipcomps_hdrops, "\t%u packet%s shorter than header shows\n");
! 860: p(ipcomps_pdrops, "\t%u packet%s dropped due to policy\n");
! 861: p(ipcomps_notdb, "\t%u packet%s for which no TDB was found\n");
! 862: p(ipcomps_badkcr, "\t%u input packet%s that failed to be processed\n");
! 863: p(ipcomps_badenc, "\t%u packet%s with bad compression received\n");
! 864: p(ipcomps_badauth, "\t%u packet%s that failed verification received\n");
! 865: p(ipcomps_noxform, "\t%u packet%s for which no XFORM was set in TDB received\n");
! 866: p(ipcomps_qfull, "\t%u packet%s were dropped due to full output queue\n");
! 867: p(ipcomps_wrap, "\t%u packet%s where counter wrapping was detected\n");
! 868: p(ipcomps_replay, "\t%u possibly replayed packet%s received\n");
! 869: p(ipcomps_badilen, "\t%u packet%s with bad payload size or padding received\n");
! 870: p(ipcomps_invalid, "\t%u packet%s attempted to use an invalid tdb\n");
! 871: p(ipcomps_toobig, "\t%u packet%s got larger than max IP packet size\n");
! 872: p(ipcomps_crypto, "\t%u packet%s that failed (de)compression processing\n");
! 873: p(ipcomps_ibytes, "\t%qu input byte%s\n");
! 874: p(ipcomps_obytes, "\t%qu output byte%s\n");
! 875:
1.10 angelos 876: #undef p
1.1 deraadt 877: }