Annotation of src/usr.bin/netstat/inet.c, Revision 1.69
1.69 ! mcbride 1: /* $OpenBSD: inet.c,v 1.68 2003/09/04 20:05:19 tedu Exp $ */
1.1 deraadt 2: /* $NetBSD: inet.c,v 1.14 1995/10/03 21:42:37 thorpej Exp $ */
3:
4: /*
5: * Copyright (c) 1983, 1988, 1993
6: * The Regents of the University of California. All rights reserved.
7: *
8: * Redistribution and use in source and binary forms, with or without
9: * modification, are permitted provided that the following conditions
10: * are met:
11: * 1. Redistributions of source code must retain the above copyright
12: * notice, this list of conditions and the following disclaimer.
13: * 2. Redistributions in binary form must reproduce the above copyright
14: * notice, this list of conditions and the following disclaimer in the
15: * documentation and/or other materials provided with the distribution.
1.65 millert 16: * 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 17: * may be used to endorse or promote products derived from this software
18: * without specific prior written permission.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30: * SUCH DAMAGE.
31: */
32:
33: #ifndef lint
34: #if 0
35: static char sccsid[] = "from: @(#)inet.c 8.4 (Berkeley) 4/20/94";
36: #else
1.69 ! mcbride 37: static char *rcsid = "$OpenBSD: inet.c,v 1.68 2003/09/04 20:05:19 tedu Exp $";
1.1 deraadt 38: #endif
39: #endif /* not lint */
40:
41: #include <sys/param.h>
42: #include <sys/queue.h>
43: #include <sys/socket.h>
44: #include <sys/socketvar.h>
45: #include <sys/mbuf.h>
46: #include <sys/protosw.h>
47:
48: #include <net/route.h>
49: #include <netinet/in.h>
50: #include <netinet/in_systm.h>
51: #include <netinet/ip.h>
52: #include <netinet/in_pcb.h>
53: #include <netinet/ip_icmp.h>
54: #include <netinet/icmp_var.h>
55: #include <netinet/igmp_var.h>
56: #include <netinet/ip_var.h>
57: #include <netinet/tcp.h>
58: #include <netinet/tcpip.h>
59: #include <netinet/tcp_seq.h>
60: #define TCPSTATES
61: #include <netinet/tcp_fsm.h>
62: #include <netinet/tcp_timer.h>
63: #include <netinet/tcp_var.h>
64: #include <netinet/tcp_debug.h>
65: #include <netinet/udp.h>
66: #include <netinet/udp_var.h>
1.30 angelos 67: #include <netinet/ip_ipsp.h>
1.10 angelos 68: #include <netinet/ip_ah.h>
69: #include <netinet/ip_esp.h>
1.45 angelos 70: #include <netinet/ip_ipip.h>
1.52 angelos 71: #include <netinet/ip_ipcomp.h>
1.34 angelos 72: #include <netinet/ip_ether.h>
1.69 ! mcbride 73: #include <netinet/ip_carp.h>
1.1 deraadt 74:
75: #include <arpa/inet.h>
1.18 millert 76: #include <limits.h>
1.1 deraadt 77: #include <netdb.h>
78: #include <stdio.h>
79: #include <string.h>
80: #include <unistd.h>
1.14 dgregor 81: #include <stdlib.h>
1.1 deraadt 82: #include "netstat.h"
83:
1.5 deraadt 84: #include <rpc/rpc.h>
85: #include <rpc/pmap_prot.h>
86: #include <rpc/pmap_clnt.h>
87:
1.1 deraadt 88: struct inpcb inpcb;
89: struct tcpcb tcpcb;
90: struct socket sockb;
91:
1.56 millert 92: static void protopr0(u_long, char *, int);
1.48 itojun 93:
1.56 millert 94: char *inetname(struct in_addr *);
1.63 deraadt 95: void inetprint(struct in_addr *, in_port_t, char *, int);
1.38 itojun 96: #ifdef INET6
1.56 millert 97: char *inet6name(struct in6_addr *);
98: void inet6print(struct in6_addr *, int, char *, int);
1.38 itojun 99: #endif
1.1 deraadt 100:
101: /*
102: * Print a summary of connections related to an Internet
103: * protocol. For TCP, also give state of connection.
104: * Listening processes (aflag) are suppressed unless the
105: * -a (all) flag is specified.
106: */
107: void
1.63 deraadt 108: protopr(u_long off, char *name)
1.1 deraadt 109: {
1.48 itojun 110: protopr0(off, name, AF_INET);
111: }
112:
113: #ifdef INET6
114: void
1.63 deraadt 115: ip6protopr(u_long off, char *name)
1.48 itojun 116: {
117: protopr0(off, name, AF_INET6);
118: }
119: #endif
120:
121: static void
1.63 deraadt 122: protopr0(u_long off, char *name, int af)
1.48 itojun 123: {
1.1 deraadt 124: struct inpcbtable table;
1.54 mpech 125: struct inpcb *head, *next, *prev;
1.1 deraadt 126: struct inpcb inpcb;
127: int istcp;
1.54 mpech 128: int first = 1;
1.38 itojun 129: char *name0;
130: char namebuf[20];
1.1 deraadt 131:
1.38 itojun 132: name0 = name;
1.1 deraadt 133: if (off == 0)
134: return;
135: istcp = strcmp(name, "tcp") == 0;
136: kread(off, (char *)&table, sizeof table);
137: prev = head =
138: (struct inpcb *)&((struct inpcbtable *)off)->inpt_queue.cqh_first;
139: next = table.inpt_queue.cqh_first;
140:
141: while (next != head) {
142: kread((u_long)next, (char *)&inpcb, sizeof inpcb);
143: if (inpcb.inp_queue.cqe_prev != prev) {
144: printf("???\n");
145: break;
146: }
147: prev = next;
148: next = inpcb.inp_queue.cqe_next;
1.48 itojun 149:
150: switch (af) {
151: case AF_INET:
152: if ((inpcb.inp_flags & INP_IPV6) != 0)
153: continue;
154: break;
155: case AF_INET6:
156: if ((inpcb.inp_flags & INP_IPV6) == 0)
157: continue;
158: break;
159: default:
160: break;
161: }
1.1 deraadt 162:
163: if (!aflag &&
164: inet_lnaof(inpcb.inp_laddr) == INADDR_ANY)
165: continue;
166: kread((u_long)inpcb.inp_socket, (char *)&sockb, sizeof (sockb));
167: if (istcp) {
168: kread((u_long)inpcb.inp_ppcb,
169: (char *)&tcpcb, sizeof (tcpcb));
170: }
171: if (first) {
172: printf("Active Internet connections");
173: if (aflag)
174: printf(" (including servers)");
175: putchar('\n');
176: if (Aflag)
1.29 deraadt 177: printf("%-*.*s %-5.5s %-6.6s %-6.6s %-18.18s %-18.18s %s\n",
1.18 millert 178: PLEN, PLEN, "PCB", "Proto", "Recv-Q",
1.29 deraadt 179: "Send-Q", "Local Address",
180: "Foreign Address", "(state)");
1.18 millert 181: else
182: printf("%-5.5s %-6.6s %-6.6s %-22.22s %-22.22s %s\n",
183: "Proto", "Recv-Q", "Send-Q",
184: "Local Address", "Foreign Address",
185: "(state)");
1.1 deraadt 186: first = 0;
187: }
1.38 itojun 188: if (Aflag) {
1.1 deraadt 189: if (istcp)
1.18 millert 190: printf("%*p ", PLEN, inpcb.inp_ppcb);
1.1 deraadt 191: else
1.18 millert 192: printf("%*p ", PLEN, prev);
1.38 itojun 193: }
194: #ifdef INET6
195: if (inpcb.inp_flags & INP_IPV6) {
1.60 deraadt 196: strlcpy(namebuf, name0, sizeof namebuf);
197: strlcat(namebuf, "6", sizeof namebuf);
1.38 itojun 198: name = namebuf;
199: } else
200: name = name0;
201: #endif
1.16 millert 202: printf("%-5.5s %6ld %6ld ", name, sockb.so_rcv.sb_cc,
1.63 deraadt 203: sockb.so_snd.sb_cc);
1.38 itojun 204: #ifdef INET6
205: if (inpcb.inp_flags & INP_IPV6) {
206: inet6print(&inpcb.inp_laddr6, (int)inpcb.inp_lport,
1.63 deraadt 207: name, 1);
1.38 itojun 208: inet6print(&inpcb.inp_faddr6, (int)inpcb.inp_fport,
1.63 deraadt 209: name, 0);
1.38 itojun 210: } else
211: #endif
212: {
213: inetprint(&inpcb.inp_laddr, (int)inpcb.inp_lport,
1.63 deraadt 214: name, 1);
1.38 itojun 215: inetprint(&inpcb.inp_faddr, (int)inpcb.inp_fport,
1.63 deraadt 216: name, 0);
1.38 itojun 217: }
1.1 deraadt 218: if (istcp) {
219: if (tcpcb.t_state < 0 || tcpcb.t_state >= TCP_NSTATES)
220: printf(" %d", tcpcb.t_state);
221: else
222: printf(" %s", tcpstates[tcpcb.t_state]);
223: }
224: putchar('\n');
225: }
226: }
227:
228: /*
229: * Dump TCP statistics structure.
230: */
231: void
1.63 deraadt 232: tcp_stats(u_long off, char *name)
1.1 deraadt 233: {
234: struct tcpstat tcpstat;
235:
236: if (off == 0)
237: return;
1.63 deraadt 238: printf("%s:\n", name);
1.1 deraadt 239: kread(off, (char *)&tcpstat, sizeof (tcpstat));
240:
241: #define p(f, m) if (tcpstat.f || sflag <= 1) \
1.60 deraadt 242: printf(m, tcpstat.f, plural(tcpstat.f))
1.38 itojun 243: #define p1(f, m) if (tcpstat.f || sflag <= 1) \
1.60 deraadt 244: printf(m, tcpstat.f)
1.1 deraadt 245: #define p2(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \
1.60 deraadt 246: printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2, plural(tcpstat.f2))
1.38 itojun 247: #define p2a(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \
1.60 deraadt 248: printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2)
1.1 deraadt 249: #define p3(f, m) if (tcpstat.f || sflag <= 1) \
1.60 deraadt 250: printf(m, tcpstat.f, plurales(tcpstat.f))
1.1 deraadt 251:
1.38 itojun 252: p(tcps_sndtotal, "\t%u packet%s sent\n");
1.1 deraadt 253: p2(tcps_sndpack,tcps_sndbyte,
1.60 deraadt 254: "\t\t%u data packet%s (%qd byte%s)\n");
1.1 deraadt 255: p2(tcps_sndrexmitpack, tcps_sndrexmitbyte,
1.60 deraadt 256: "\t\t%u data packet%s (%qd byte%s) retransmitted\n");
1.26 provos 257: p(tcps_sndrexmitfast, "\t\t%qd fast retransmitted packet%s\n");
1.38 itojun 258: p2a(tcps_sndacks, tcps_delack,
1.60 deraadt 259: "\t\t%u ack-only packet%s (%u delayed)\n");
1.38 itojun 260: p(tcps_sndurg, "\t\t%u URG only packet%s\n");
261: p(tcps_sndprobe, "\t\t%u window probe packet%s\n");
262: p(tcps_sndwinup, "\t\t%u window update packet%s\n");
263: p(tcps_sndctrl, "\t\t%u control packet%s\n");
1.50 angelos 264: p(tcps_outhwcsum, "\t\t%u packet%s hardware-checksummed\n");
1.38 itojun 265: p(tcps_rcvtotal, "\t%u packet%s received\n");
266: p2(tcps_rcvackpack, tcps_rcvackbyte, "\t\t%u ack%s (for %qd byte%s)\n");
267: p(tcps_rcvdupack, "\t\t%u duplicate ack%s\n");
268: p(tcps_rcvacktoomuch, "\t\t%u ack%s for unsent data\n");
1.1 deraadt 269: p2(tcps_rcvpack, tcps_rcvbyte,
1.60 deraadt 270: "\t\t%u packet%s (%qu byte%s) received in-sequence\n");
1.1 deraadt 271: p2(tcps_rcvduppack, tcps_rcvdupbyte,
1.60 deraadt 272: "\t\t%u completely duplicate packet%s (%qd byte%s)\n");
1.38 itojun 273: p(tcps_pawsdrop, "\t\t%u old duplicate packet%s\n");
1.1 deraadt 274: p2(tcps_rcvpartduppack, tcps_rcvpartdupbyte,
1.62 jsyn 275: "\t\t%u packet%s with some duplicate data (%qd byte%s duplicated)\n");
1.1 deraadt 276: p2(tcps_rcvoopack, tcps_rcvoobyte,
1.60 deraadt 277: "\t\t%u out-of-order packet%s (%qd byte%s)\n");
1.1 deraadt 278: p2(tcps_rcvpackafterwin, tcps_rcvbyteafterwin,
1.60 deraadt 279: "\t\t%u packet%s (%qd byte%s) of data after window\n");
1.38 itojun 280: p(tcps_rcvwinprobe, "\t\t%u window probe%s\n");
281: p(tcps_rcvwinupd, "\t\t%u window update packet%s\n");
282: p(tcps_rcvafterclose, "\t\t%u packet%s received after close\n");
283: p(tcps_rcvbadsum, "\t\t%u discarded for bad checksum%s\n");
284: p(tcps_rcvbadoff, "\t\t%u discarded for bad header offset field%s\n");
285: p1(tcps_rcvshort, "\t\t%u discarded because packet too short\n");
1.58 miod 286: p1(tcps_rcvnosec, "\t\t%u discarded for missing IPsec protection\n");
1.50 angelos 287: p(tcps_inhwcsum, "\t\t%u packet%s hardware-checksummed\n");
1.38 itojun 288: p(tcps_connattempt, "\t%u connection request%s\n");
289: p(tcps_accepts, "\t%u connection accept%s\n");
290: p(tcps_connects, "\t%u connection%s established (including accepts)\n");
1.1 deraadt 291: p2(tcps_closed, tcps_drops,
1.60 deraadt 292: "\t%u connection%s closed (including %u drop%s)\n");
1.38 itojun 293: p(tcps_conndrops, "\t%u embryonic connection%s dropped\n");
1.1 deraadt 294: p2(tcps_rttupdated, tcps_segstimed,
1.60 deraadt 295: "\t%u segment%s updated rtt (of %u attempt%s)\n");
1.38 itojun 296: p(tcps_rexmttimeo, "\t%u retransmit timeout%s\n");
297: p(tcps_timeoutdrop, "\t\t%u connection%s dropped by rexmit timeout\n");
298: p(tcps_persisttimeo, "\t%u persist timeout%s\n");
299: p(tcps_keeptimeo, "\t%u keepalive timeout%s\n");
300: p(tcps_keepprobe, "\t\t%u keepalive probe%s sent\n");
301: p(tcps_keepdrops, "\t\t%u connection%s dropped by keepalive\n");
302: p(tcps_predack, "\t%u correct ACK header prediction%s\n");
303: p(tcps_preddat, "\t%u correct data packet header prediction%s\n");
304: p3(tcps_pcbhashmiss, "\t%u PCB cache miss%s\n");
305: p(tcps_badsyn, "\t%u SYN packet%s received with same src/dst address/port\n");
1.59 kjc 306:
307: p(tcps_ecn_accepts, "\t%u ECN connection%s accepted\n");
308: p(tcps_ecn_rcvece, "\t\t%u ECE packet%s received\n");
309: p(tcps_ecn_rcvcwr, "\t\t%u CWR packet%s received\n");
310: p(tcps_ecn_rcvce, "\t\t%u CE packet%s received\n");
311: p(tcps_ecn_sndect, "\t\t%u ECT packet%s sent\n");
312: p(tcps_ecn_sndece, "\t\t%u ECE packet%s sent\n");
313: p(tcps_ecn_sndcwr, "\t\t%u CWR packet%s sent\n");
314: p1(tcps_cwr_frecovery, "\t\t\tcwr by fastrecovery: %u\n");
315: p1(tcps_cwr_timeout, "\t\t\tcwr by timeout: %u\n");
316: p1(tcps_cwr_ecn, "\t\t\tcwr by ecn: %u\n");
317:
1.1 deraadt 318: #undef p
1.38 itojun 319: #undef p1
1.1 deraadt 320: #undef p2
1.38 itojun 321: #undef p2a
1.1 deraadt 322: #undef p3
323: }
324:
325: /*
326: * Dump UDP statistics structure.
327: */
328: void
1.63 deraadt 329: udp_stats(u_long off, char *name)
1.1 deraadt 330: {
331: struct udpstat udpstat;
332: u_long delivered;
333:
334: if (off == 0)
335: return;
336: kread(off, (char *)&udpstat, sizeof (udpstat));
337: printf("%s:\n", name);
338: #define p(f, m) if (udpstat.f || sflag <= 1) \
1.60 deraadt 339: printf(m, udpstat.f, plural(udpstat.f))
1.38 itojun 340: #define p1(f, m) if (udpstat.f || sflag <= 1) \
1.60 deraadt 341: printf(m, udpstat.f)
342:
1.16 millert 343: p(udps_ipackets, "\t%lu datagram%s received\n");
1.38 itojun 344: p1(udps_hdrops, "\t%lu with incomplete header\n");
345: p1(udps_badlen, "\t%lu with bad data length field\n");
346: p1(udps_badsum, "\t%lu with bad checksum\n");
347: p1(udps_nosum, "\t%lu with no checksum\n");
1.50 angelos 348: p(udps_inhwcsum, "\t%lu input packet%s hardware-checksummed\n");
349: p(udps_outhwcsum, "\t%lu output packet%s hardware-checksummed\n");
1.38 itojun 350: p1(udps_noport, "\t%lu dropped due to no socket\n");
1.16 millert 351: p(udps_noportbcast, "\t%lu broadcast/multicast datagram%s dropped due to no socket\n");
1.58 miod 352: p1(udps_nosec, "\t%lu dropped due to missing IPsec protection\n");
1.38 itojun 353: p1(udps_fullsock, "\t%lu dropped due to full socket buffers\n");
1.60 deraadt 354: delivered = udpstat.udps_ipackets - udpstat.udps_hdrops -
355: udpstat.udps_badlen - udpstat.udps_badsum -
356: udpstat.udps_noport - udpstat.udps_noportbcast -
357: udpstat.udps_fullsock;
1.1 deraadt 358: if (delivered || sflag <= 1)
1.16 millert 359: printf("\t%lu delivered\n", delivered);
360: p(udps_opackets, "\t%lu datagram%s output\n");
1.38 itojun 361: p1(udps_pcbhashmiss, "\t%lu missed PCB cache\n");
1.1 deraadt 362: #undef p
1.38 itojun 363: #undef p1
1.1 deraadt 364: }
365:
366: /*
367: * Dump IP statistics structure.
368: */
369: void
1.63 deraadt 370: ip_stats(u_long off, char *name)
1.1 deraadt 371: {
372: struct ipstat ipstat;
373:
374: if (off == 0)
375: return;
376: kread(off, (char *)&ipstat, sizeof (ipstat));
377: printf("%s:\n", name);
378:
379: #define p(f, m) if (ipstat.f || sflag <= 1) \
1.60 deraadt 380: printf(m, ipstat.f, plural(ipstat.f))
1.38 itojun 381: #define p1(f, m) if (ipstat.f || sflag <= 1) \
1.60 deraadt 382: printf(m, ipstat.f)
1.1 deraadt 383:
1.16 millert 384: p(ips_total, "\t%lu total packet%s received\n");
385: p(ips_badsum, "\t%lu bad header checksum%s\n");
1.38 itojun 386: p1(ips_toosmall, "\t%lu with size smaller than minimum\n");
387: p1(ips_tooshort, "\t%lu with data size < data length\n");
388: p1(ips_badhlen, "\t%lu with header length < data size\n");
389: p1(ips_badlen, "\t%lu with data length < header length\n");
390: p1(ips_badoptions, "\t%lu with bad options\n");
391: p1(ips_badvers, "\t%lu with incorrect version number\n");
1.16 millert 392: p(ips_fragments, "\t%lu fragment%s received\n");
1.62 jsyn 393: p(ips_fragdropped, "\t%lu fragment%s dropped (duplicates or out of space)\n");
1.16 millert 394: p(ips_badfrags, "\t%lu malformed fragment%s dropped\n");
395: p(ips_fragtimeout, "\t%lu fragment%s dropped after timeout\n");
396: p(ips_reassembled, "\t%lu packet%s reassembled ok\n");
397: p(ips_delivered, "\t%lu packet%s for this host\n");
398: p(ips_noproto, "\t%lu packet%s for unknown/unsupported protocol\n");
399: p(ips_forward, "\t%lu packet%s forwarded\n");
400: p(ips_cantforward, "\t%lu packet%s not forwardable\n");
401: p(ips_redirectsent, "\t%lu redirect%s sent\n");
402: p(ips_localout, "\t%lu packet%s sent from this host\n");
403: p(ips_rawout, "\t%lu packet%s sent with fabricated ip header\n");
404: p(ips_odropped, "\t%lu output packet%s dropped due to no bufs, etc.\n");
405: p(ips_noroute, "\t%lu output packet%s discarded due to no route\n");
406: p(ips_fragmented, "\t%lu output datagram%s fragmented\n");
407: p(ips_ofragments, "\t%lu fragment%s created\n");
408: p(ips_cantfrag, "\t%lu datagram%s that can't be fragmented\n");
1.38 itojun 409: p1(ips_rcvmemdrop, "\t%lu fragment floods\n");
1.42 itojun 410: p(ips_toolong, "\t%lu packet%s with ip length > max ip packet size\n");
411: p(ips_nogif, "\t%lu tunneling packet%s that can't find gif\n");
1.49 itojun 412: p(ips_badaddr, "\t%lu datagram%s with bad address in header\n");
1.50 angelos 413: p(ips_inhwcsum, "\t%lu input datagram%s checksum-processed by hardware\n");
414: p(ips_outhwcsum, "\t%lu output datagram%s checksum-processed by hardware\n");
1.1 deraadt 415: #undef p
1.38 itojun 416: #undef p1
1.1 deraadt 417: }
418:
1.68 tedu 419: static char *icmpnames[ICMP_MAXTYPE + 1] = {
1.1 deraadt 420: "echo reply",
421: "#1",
422: "#2",
423: "destination unreachable",
424: "source quench",
425: "routing redirect",
426: "#6",
427: "#7",
428: "echo",
1.9 deraadt 429: "router advertisement",
430: "router solicitation",
1.1 deraadt 431: "time exceeded",
432: "parameter problem",
433: "time stamp",
434: "time stamp reply",
435: "information request",
436: "information request reply",
437: "address mask request",
438: "address mask reply",
1.68 tedu 439: "#19",
440: "#20",
441: "#21",
442: "#22",
443: "#23",
444: "#24",
445: "#25",
446: "#26",
447: "#27",
448: "#28",
449: "#29",
450: "traceroute",
451: "data conversion error",
452: "mobile host redirect",
453: "IPv6 where-are-you",
454: "IPv6 i-am-here",
455: "mobile registration request",
456: "mobile registration reply",
457: "#37",
458: "#38",
459: "SKIP",
460: "Photuris",
1.1 deraadt 461: };
462:
463: /*
464: * Dump ICMP statistics.
465: */
466: void
1.63 deraadt 467: icmp_stats(u_long off, char *name)
1.1 deraadt 468: {
469: struct icmpstat icmpstat;
1.54 mpech 470: int i, first;
1.1 deraadt 471:
472: if (off == 0)
473: return;
474: kread(off, (char *)&icmpstat, sizeof (icmpstat));
475: printf("%s:\n", name);
476:
477: #define p(f, m) if (icmpstat.f || sflag <= 1) \
1.60 deraadt 478: printf(m, icmpstat.f, plural(icmpstat.f))
1.1 deraadt 479:
1.16 millert 480: p(icps_error, "\t%lu call%s to icmp_error\n");
1.1 deraadt 481: p(icps_oldicmp,
1.61 aaron 482: "\t%lu error%s not generated because old message was icmp\n");
1.1 deraadt 483: for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++)
484: if (icmpstat.icps_outhist[i] != 0) {
485: if (first) {
1.43 itojun 486: printf("\tOutput packet histogram:\n");
1.1 deraadt 487: first = 0;
488: }
1.68 tedu 489: if (icmpnames[i])
490: printf("\t\t%s:", icmpnames[i]);
491: else
492: printf("\t\t#%d:", i);
493: printf(" %lu\n", icmpstat.icps_outhist[i]);
1.1 deraadt 494: }
1.16 millert 495: p(icps_badcode, "\t%lu message%s with bad code fields\n");
496: p(icps_tooshort, "\t%lu message%s < minimum length\n");
497: p(icps_checksum, "\t%lu bad checksum%s\n");
498: p(icps_badlen, "\t%lu message%s with bad length\n");
1.1 deraadt 499: for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++)
500: if (icmpstat.icps_inhist[i] != 0) {
501: if (first) {
1.43 itojun 502: printf("\tInput packet histogram:\n");
1.1 deraadt 503: first = 0;
504: }
1.68 tedu 505: if (icmpnames[i])
506: printf("\t\t%s:", icmpnames[i]);
507: else
508: printf("\t\t#%d:", i);
509: printf(" %lu\n", icmpstat.icps_inhist[i]);
1.1 deraadt 510: }
1.16 millert 511: p(icps_reflect, "\t%lu message response%s generated\n");
1.1 deraadt 512: #undef p
513: }
514:
515: /*
516: * Dump IGMP statistics structure.
517: */
518: void
1.63 deraadt 519: igmp_stats(u_long off, char *name)
1.1 deraadt 520: {
521: struct igmpstat igmpstat;
522:
523: if (off == 0)
524: return;
525: kread(off, (char *)&igmpstat, sizeof (igmpstat));
526: printf("%s:\n", name);
527:
528: #define p(f, m) if (igmpstat.f || sflag <= 1) \
1.60 deraadt 529: printf(m, igmpstat.f, plural(igmpstat.f))
1.1 deraadt 530: #define py(f, m) if (igmpstat.f || sflag <= 1) \
1.60 deraadt 531: printf(m, igmpstat.f, igmpstat.f != 1 ? "ies" : "y")
532:
1.16 millert 533: p(igps_rcv_total, "\t%lu message%s received\n");
1.55 mickey 534: p(igps_rcv_tooshort, "\t%lu message%s received with too few bytes\n");
535: p(igps_rcv_badsum, "\t%lu message%s received with bad checksum\n");
536: py(igps_rcv_queries, "\t%lu membership quer%s received\n");
537: py(igps_rcv_badqueries, "\t%lu membership quer%s received with invalid field(s)\n");
538: p(igps_rcv_reports, "\t%lu membership report%s received\n");
539: p(igps_rcv_badreports, "\t%lu membership report%s received with invalid field(s)\n");
540: p(igps_rcv_ourreports, "\t%lu membership report%s received for groups to which we belong\n");
541: p(igps_snd_reports, "\t%lu membership report%s sent\n");
1.1 deraadt 542: #undef p
543: #undef py
544: }
545:
1.5 deraadt 546: struct rpcnams {
547: struct rpcnams *next;
1.16 millert 548: in_port_t port;
1.21 deraadt 549: int proto;
1.5 deraadt 550: char *rpcname;
551: };
552:
1.66 deraadt 553: static char *
1.63 deraadt 554: getrpcportnam(in_port_t port, int proto)
1.5 deraadt 555: {
556: struct sockaddr_in server_addr;
1.54 mpech 557: struct hostent *hp;
1.5 deraadt 558: static struct pmaplist *head;
559: int socket = RPC_ANYSOCK;
560: struct timeval minutetimeout;
1.54 mpech 561: CLIENT *client;
1.5 deraadt 562: struct rpcent *rpc;
563: static int first;
564: static struct rpcnams *rpcn;
565: struct rpcnams *n;
1.23 deraadt 566: char num[20];
1.55 mickey 567:
1.5 deraadt 568: if (first == 0) {
569: first = 1;
1.7 deraadt 570: memset((char *)&server_addr, 0, sizeof server_addr);
1.5 deraadt 571: server_addr.sin_family = AF_INET;
572: if ((hp = gethostbyname("localhost")) != NULL)
1.7 deraadt 573: memmove((caddr_t)&server_addr.sin_addr, hp->h_addr,
1.5 deraadt 574: hp->h_length);
575: else
576: (void) inet_aton("0.0.0.0", &server_addr.sin_addr);
577:
578: minutetimeout.tv_sec = 60;
579: minutetimeout.tv_usec = 0;
580: server_addr.sin_port = htons(PMAPPORT);
581: if ((client = clnttcp_create(&server_addr, PMAPPROG,
1.7 deraadt 582: PMAPVERS, &socket, 50, 500)) == NULL)
583: return (NULL);
1.5 deraadt 584: if (clnt_call(client, PMAPPROC_DUMP, xdr_void, NULL,
1.8 deraadt 585: xdr_pmaplist, &head, minutetimeout) != RPC_SUCCESS) {
1.7 deraadt 586: clnt_destroy(client);
587: return (NULL);
1.5 deraadt 588: }
589: for (; head != NULL; head = head->pml_next) {
590: n = (struct rpcnams *)malloc(sizeof(struct rpcnams));
591: if (n == NULL)
592: continue;
593: n->next = rpcn;
594: rpcn = n;
595: n->port = head->pml_map.pm_port;
1.21 deraadt 596: n->proto = head->pml_map.pm_prot;
1.5 deraadt 597:
598: rpc = getrpcbynumber(head->pml_map.pm_prog);
599: if (rpc)
600: n->rpcname = strdup(rpc->r_name);
601: else {
1.23 deraadt 602: snprintf(num, sizeof num, "%ld",
603: head->pml_map.pm_prog);
1.5 deraadt 604: n->rpcname = strdup(num);
605: }
606: }
607: clnt_destroy(client);
608: }
609:
610: for (n = rpcn; n; n = n->next)
1.21 deraadt 611: if (n->port == port && n->proto == proto)
1.5 deraadt 612: return (n->rpcname);
613: return (NULL);
614: }
615:
1.1 deraadt 616: /*
617: * Pretty print an Internet address (net address + port).
618: * If the nflag was specified, use numbers instead of names.
619: */
620: void
1.63 deraadt 621: inetprint(struct in_addr *in, in_port_t port, char *proto, int local)
1.1 deraadt 622: {
623: struct servent *sp = 0;
1.5 deraadt 624: char line[80], *cp, *nam;
1.1 deraadt 625: int width;
626:
1.23 deraadt 627: snprintf(line, sizeof line, "%.*s.", (Aflag && !nflag) ? 12 : 16,
628: inetname(in));
1.4 millert 629: cp = strchr(line, '\0');
1.1 deraadt 630: if (!nflag && port)
631: sp = getservbyport((int)port, proto);
632: if (sp || port == 0)
1.23 deraadt 633: snprintf(cp, line + sizeof line - cp, "%.8s",
634: sp ? sp->s_name : "*");
1.21 deraadt 635: else if (local && !nflag && (nam = getrpcportnam(ntohs(port),
636: (strcmp(proto, "tcp") == 0 ? IPPROTO_TCP : IPPROTO_UDP))))
1.23 deraadt 637: snprintf(cp, line + sizeof line - cp, "%d[%.8s]",
638: ntohs(port), nam);
1.1 deraadt 639: else
1.23 deraadt 640: snprintf(cp, line + sizeof line - cp, "%d", ntohs(port));
1.1 deraadt 641: width = Aflag ? 18 : 22;
642: printf(" %-*.*s", width, width, line);
643: }
644:
645: /*
646: * Construct an Internet address representation.
647: * If the nflag has been supplied, give
648: * numeric value, otherwise try for symbolic name.
649: */
650: char *
1.63 deraadt 651: inetname(struct in_addr *inp)
1.1 deraadt 652: {
1.54 mpech 653: char *cp;
1.1 deraadt 654: static char line[50];
655: struct hostent *hp;
656: struct netent *np;
1.57 mpech 657: static char domain[MAXHOSTNAMELEN];
1.1 deraadt 658: static int first = 1;
659:
660: if (first && !nflag) {
661: first = 0;
1.57 mpech 662: if (gethostname(domain, sizeof(domain)) == 0 &&
1.4 millert 663: (cp = strchr(domain, '.')))
1.60 deraadt 664: (void) strlcpy(domain, cp + 1, sizeof domain);
1.1 deraadt 665: else
1.60 deraadt 666: domain[0] = '\0';
1.1 deraadt 667: }
668: cp = 0;
669: if (!nflag && inp->s_addr != INADDR_ANY) {
670: int net = inet_netof(*inp);
671: int lna = inet_lnaof(*inp);
672:
673: if (lna == INADDR_ANY) {
674: np = getnetbyaddr(net, AF_INET);
675: if (np)
676: cp = np->n_name;
677: }
678: if (cp == 0) {
679: hp = gethostbyaddr((char *)inp, sizeof (*inp), AF_INET);
680: if (hp) {
1.4 millert 681: if ((cp = strchr(hp->h_name, '.')) &&
1.1 deraadt 682: !strcmp(cp + 1, domain))
683: *cp = 0;
684: cp = hp->h_name;
685: }
686: }
687: }
688: if (inp->s_addr == INADDR_ANY)
1.23 deraadt 689: snprintf(line, sizeof line, "*");
1.1 deraadt 690: else if (cp)
1.23 deraadt 691: snprintf(line, sizeof line, "%s", cp);
1.1 deraadt 692: else {
693: inp->s_addr = ntohl(inp->s_addr);
694: #define C(x) ((x) & 0xff)
1.23 deraadt 695: snprintf(line, sizeof line, "%u.%u.%u.%u",
696: C(inp->s_addr >> 24), C(inp->s_addr >> 16),
697: C(inp->s_addr >> 8), C(inp->s_addr));
1.1 deraadt 698: }
699: return (line);
1.10 angelos 700: }
701:
702: /*
703: * Dump AH statistics structure.
704: */
705: void
1.63 deraadt 706: ah_stats(u_long off, char *name)
1.10 angelos 707: {
1.55 mickey 708: struct ahstat ahstat;
1.10 angelos 709:
1.55 mickey 710: if (off == 0)
711: return;
712: kread(off, (char *)&ahstat, sizeof (ahstat));
713: printf("%s:\n", name);
1.10 angelos 714:
715: #define p(f, m) if (ahstat.f || sflag <= 1) \
1.60 deraadt 716: printf(m, ahstat.f, plural(ahstat.f))
1.38 itojun 717: #define p1(f, m) if (ahstat.f || sflag <= 1) \
1.60 deraadt 718: printf(m, ahstat.f)
1.10 angelos 719:
1.38 itojun 720: p1(ahs_input, "\t%u input AH packets\n");
721: p1(ahs_output, "\t%u output AH packets\n");
1.55 mickey 722: p(ahs_nopf, "\t%u packet%s from unsupported protocol families\n");
723: p(ahs_hdrops, "\t%u packet%s shorter than header shows\n");
724: p(ahs_pdrops, "\t%u packet%s dropped due to policy\n");
725: p(ahs_notdb, "\t%u packet%s for which no TDB was found\n");
726: p(ahs_badkcr, "\t%u input packet%s that failed to be processed\n");
727: p(ahs_badauth, "\t%u packet%s that failed verification received\n");
728: p(ahs_noxform, "\t%u packet%s for which no XFORM was set in TDB received\n");
729: p(ahs_qfull, "\t%u packet%s were dropped due to full output queue\n");
730: p(ahs_wrap, "\t%u packet%s where counter wrapping was detected\n");
731: p(ahs_replay, "\t%u possibly replayed packet%s received\n");
732: p(ahs_badauthl, "\t%u packet%s with bad authenticator length received\n");
1.62 jsyn 733: p(ahs_invalid, "\t%u packet%s attempted to use an invalid TDB\n");
1.25 niklas 734: p(ahs_toobig, "\t%u packet%s got larger than max IP packet size\n");
1.46 angelos 735: p(ahs_crypto, "\t%u packet%s that failed crypto processing\n");
1.20 angelos 736: p(ahs_ibytes, "\t%qu input byte%s\n");
737: p(ahs_obytes, "\t%qu output byte%s\n");
738:
1.34 angelos 739: #undef p
1.38 itojun 740: #undef p1
1.34 angelos 741: }
742:
743: /*
744: * Dump etherip statistics structure.
745: */
746: void
1.63 deraadt 747: etherip_stats(u_long off, char *name)
1.34 angelos 748: {
1.55 mickey 749: struct etheripstat etheripstat;
1.34 angelos 750:
1.55 mickey 751: if (off == 0)
752: return;
753: kread(off, (char *)ðeripstat, sizeof (etheripstat));
754: printf("%s:\n", name);
1.34 angelos 755:
756: #define p(f, m) if (etheripstat.f || sflag <= 1) \
1.60 deraadt 757: printf(m, etheripstat.f, plural(etheripstat.f))
1.34 angelos 758:
1.53 brian 759: p(etherip_hdrops, "\t%u packet%s shorter than header shows\n");
760: p(etherip_qfull, "\t%u packet%s were dropped due to full output queue\n");
1.34 angelos 761: p(etherip_noifdrops, "\t%u packet%s were dropped because of no interface/bridge information\n");
1.53 brian 762: p(etherip_pdrops, "\t%u packet%s dropped due to policy\n");
763: p(etherip_adrops, "\t%u packet%s dropped for other reasons\n");
764: p(etherip_ipackets, "\t%u input ethernet-in-IP packet%s\n");
765: p(etherip_opackets, "\t%u output ethernet-in-IP packet%s\n");
1.34 angelos 766: p(etherip_ibytes, "\t%qu input byte%s\n");
767: p(etherip_obytes, "\t%qu output byte%s\n");
1.10 angelos 768: #undef p
769: }
770:
771: /*
772: * Dump ESP statistics structure.
773: */
774: void
1.63 deraadt 775: esp_stats(u_long off, char *name)
1.10 angelos 776: {
1.55 mickey 777: struct espstat espstat;
1.10 angelos 778:
1.55 mickey 779: if (off == 0)
780: return;
781: kread(off, (char *)&espstat, sizeof (espstat));
782: printf("%s:\n", name);
1.10 angelos 783:
784: #define p(f, m) if (espstat.f || sflag <= 1) \
1.60 deraadt 785: printf(m, espstat.f, plural(espstat.f))
1.10 angelos 786:
1.38 itojun 787: p(esps_input, "\t%u input ESP packet%s\n");
788: p(esps_output, "\t%u output ESP packet%s\n");
1.55 mickey 789: p(esps_nopf, "\t%u packet%s from unsupported protocol families\n");
790: p(esps_hdrops, "\t%u packet%s shorter than header shows\n");
791: p(esps_pdrops, "\t%u packet%s dropped due to policy\n");
792: p(esps_notdb, "\t%u packet%s for which no TDB was found\n");
793: p(esps_badkcr, "\t%u input packet%s that failed to be processed\n");
794: p(esps_badenc, "\t%u packet%s with bad encryption received\n");
795: p(esps_badauth, "\t%u packet%s that failed verification received\n");
796: p(esps_noxform, "\t%u packet%s for which no XFORM was set in TDB received\n");
797: p(esps_qfull, "\t%u packet%s were dropped due to full output queue\n");
798: p(esps_wrap, "\t%u packet%s where counter wrapping was detected\n");
799: p(esps_replay, "\t%u possibly replayed packet%s received\n");
800: p(esps_badilen, "\t%u packet%s with bad payload size or padding received\n");
1.62 jsyn 801: p(esps_invalid, "\t%u packet%s attempted to use an invalid TDB\n");
1.25 niklas 802: p(esps_toobig, "\t%u packet%s got larger than max IP packet size\n");
1.46 angelos 803: p(esps_crypto, "\t%u packet%s that failed crypto processing\n");
1.20 angelos 804: p(esps_ibytes, "\t%qu input byte%s\n");
805: p(esps_obytes, "\t%qu output byte%s\n");
1.10 angelos 806:
807: #undef p
808: }
809:
810: /*
1.67 deraadt 811: * Dump IP-in-IP statistics structure.
1.10 angelos 812: */
813: void
1.63 deraadt 814: ipip_stats(u_long off, char *name)
1.10 angelos 815: {
1.55 mickey 816: struct ipipstat ipipstat;
1.10 angelos 817:
1.55 mickey 818: if (off == 0)
819: return;
820: kread(off, (char *)&ipipstat, sizeof (ipipstat));
821: printf("%s:\n", name);
1.10 angelos 822:
1.45 angelos 823: #define p(f, m) if (ipipstat.f || sflag <= 1) \
1.60 deraadt 824: printf(m, ipipstat.f, plural(ipipstat.f))
1.10 angelos 825:
1.55 mickey 826: p(ipips_ipackets, "\t%u total input packet%s\n");
827: p(ipips_opackets, "\t%u total output packet%s\n");
828: p(ipips_hdrops, "\t%u packet%s shorter than header shows\n");
829: p(ipips_pdrops, "\t%u packet%s dropped due to policy\n");
830: p(ipips_spoof, "\t%u packet%s with possibly spoofed local addresses\n");
831: p(ipips_qfull, "\t%u packet%s were dropped due to full output queue\n");
1.45 angelos 832: p(ipips_ibytes, "\t%qu input byte%s\n");
833: p(ipips_obytes, "\t%qu output byte%s\n");
1.63 deraadt 834: p(ipips_family, "\t%u protocol family mismatche%s\n");
835: p(ipips_unspec, "\t%u attempt%s to use tunnel with unspecified endpoint(s)\n");
1.69 ! mcbride 836: #undef p
! 837: }
! 838:
! 839: /*
! 840: * Dump CARP statistics structure.
! 841: */
! 842: void
! 843: carp_stats(u_long off, char *name)
! 844: {
! 845: struct carpstats carpstat;
! 846:
! 847: if (off == 0)
! 848: return;
! 849: kread(off, (char *)&carpstat, sizeof(carpstat));
! 850: printf("%s:\n", name);
! 851:
! 852: #define p(f, m) if (carpstat.f || sflag <= 1) \
! 853: printf(m, carpstat.f, plural(carpstat.f))
! 854: #define p2(f, m) if (carpstat.f || sflag <= 1) \
! 855: printf(m, carpstat.f)
! 856:
! 857: p(carps_ipackets, "\t%u packet%s received\n");
! 858: p(carps_hdrops, "\t\t%u packet%s shorter than header\n");
! 859: p(carps_badsum, "\t\t%u discarded for bad checksum%s\n");
! 860: p(carps_badver, "\t\t%u discarded packet%s with a bad version\n");
! 861: p2(carps_badlen, "\t\t%u discarded because packet too short\n");
! 862: p2(carps_badauth, "\t\t%u discarded for bad authentication\n");
! 863: p2(carps_badvhid, "\t\t%u discarded for bad vhid\n");
! 864: p2(carps_badaddrs, "\t\t%u discarded because of a bad address list\n");
! 865: p(carps_opackets, "\t%u packet%s sent\n");
! 866: #if notyet
! 867: p(carps_ostates, "\t\t%s state update%s sent\n");
! 868: #endif
1.51 jjbg 869: #undef p
870: }
871:
872: /*
873: * Dump IPCOMP statistics structure.
874: */
875: void
1.63 deraadt 876: ipcomp_stats(u_long off, char *name)
1.51 jjbg 877: {
878: struct ipcompstat ipcompstat;
879:
880: if (off == 0)
881: return;
882: kread(off, (char *)&ipcompstat, sizeof (ipcompstat));
883: printf("%s:\n", name);
884:
885: #define p(f, m) if (ipcompstat.f || sflag <= 1) \
1.60 deraadt 886: printf(m, ipcompstat.f, plural(ipcompstat.f))
1.51 jjbg 887:
888: p(ipcomps_input, "\t%u input IPCOMP packet%s\n");
889: p(ipcomps_output, "\t%u output IPCOMP packet%s\n");
890: p(ipcomps_nopf, "\t%u packet%s from unsupported protocol families\n");
891: p(ipcomps_hdrops, "\t%u packet%s shorter than header shows\n");
892: p(ipcomps_pdrops, "\t%u packet%s dropped due to policy\n");
893: p(ipcomps_notdb, "\t%u packet%s for which no TDB was found\n");
894: p(ipcomps_badkcr, "\t%u input packet%s that failed to be processed\n");
1.55 mickey 895: p(ipcomps_noxform, "\t%u packet%s for which no XFORM was set in TDB received\n");
1.51 jjbg 896: p(ipcomps_qfull, "\t%u packet%s were dropped due to full output queue\n");
897: p(ipcomps_wrap, "\t%u packet%s where counter wrapping was detected\n");
1.62 jsyn 898: p(ipcomps_invalid, "\t%u packet%s attempted to use an invalid TDB\n");
1.51 jjbg 899: p(ipcomps_toobig, "\t%u packet%s got larger than max IP packet size\n");
900: p(ipcomps_crypto, "\t%u packet%s that failed (de)compression processing\n");
1.64 jason 901: p(ipcomps_minlen, "\t%u packet%s less than minimum compression length\n");
1.51 jjbg 902: p(ipcomps_ibytes, "\t%qu input byte%s\n");
903: p(ipcomps_obytes, "\t%qu output byte%s\n");
904:
1.10 angelos 905: #undef p
1.1 deraadt 906: }