Annotation of src/usr.bin/netstat/main.c, Revision 1.72
1.72 ! deraadt 1: /* $OpenBSD: main.c,v 1.71 2007/12/14 18:35:46 deraadt Exp $ */
1.2 deraadt 2: /* $NetBSD: main.c,v 1.9 1996/05/07 02:55:02 thorpej Exp $ */
1.1 deraadt 3:
4: /*
5: * Copyright (c) 1983, 1988, 1993
6: * Regents of the University of California. All rights reserved.
7: *
8: * Redistribution and use in source and binary forms, with or without
9: * modification, are permitted provided that the following conditions
10: * are met:
11: * 1. Redistributions of source code must retain the above copyright
12: * notice, this list of conditions and the following disclaimer.
13: * 2. Redistributions in binary form must reproduce the above copyright
14: * notice, this list of conditions and the following disclaimer in the
15: * documentation and/or other materials provided with the distribution.
1.36 millert 16: * 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 17: * may be used to endorse or promote products derived from this software
18: * without specific prior written permission.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30: * SUCH DAMAGE.
31: */
32:
33: #include <sys/param.h>
34: #include <sys/file.h>
35: #include <sys/protosw.h>
36: #include <sys/socket.h>
37:
1.68 claudio 38: #include <net/route.h>
1.1 deraadt 39: #include <netinet/in.h>
40:
41: #include <ctype.h>
1.61 djm 42: #include <err.h>
1.1 deraadt 43: #include <errno.h>
44: #include <kvm.h>
45: #include <limits.h>
46: #include <netdb.h>
47: #include <nlist.h>
48: #include <paths.h>
49: #include <stdio.h>
50: #include <stdlib.h>
51: #include <string.h>
52: #include <unistd.h>
53: #include "netstat.h"
54:
55: struct nlist nl[] = {
1.71 deraadt 56: #define N_TCBTABLE 0
1.1 deraadt 57: { "_tcbtable" },
1.71 deraadt 58: #define N_UDBTABLE 1
1.1 deraadt 59: { "_udbtable" },
1.71 deraadt 60: #define N_DDPCB 2
61: { "_ddpcb"},
62: #define N_IFNET 3
1.1 deraadt 63: { "_ifnet" },
1.71 deraadt 64: #define N_UNIXSW 4
1.1 deraadt 65: { "_unixsw" },
1.71 deraadt 66:
67: #define N_MFCHASHTBL 5
1.1 deraadt 68: { "_mfchashtbl" },
1.71 deraadt 69: #define N_MFCHASH 6
1.1 deraadt 70: { "_mfchash" },
1.71 deraadt 71: #define N_VIFTABLE 7
1.1 deraadt 72: { "_viftable" },
1.71 deraadt 73:
74: #define N_MF6CTABLE 8
1.19 itojun 75: { "_mf6ctable" },
1.71 deraadt 76: #define N_MIF6TABLE 9
1.19 itojun 77: { "_mif6table" },
1.71 deraadt 78:
79: #define N_RTREE 10
80: { "_rt_tables"},
81: #define N_RTMASK 11
82: { "_mask_rnhead" },
83: #define N_AF2RTAFIDX 12
84: { "_af2rtafidx" },
85: #define N_RTBLIDMAX 13
86: { "_rtbl_id_max" },
87:
88: #define N_RAWIPTABLE 14
1.40 markus 89: { "_rawcbtable" },
1.71 deraadt 90: #define N_RAWIP6TABLE 15
1.40 markus 91: { "_rawin6pcbtable" },
1.71 deraadt 92:
93: #define N_RTSTAT 16
94: { "_rtstat" },
95:
1.55 deraadt 96: { ""}
1.1 deraadt 97: };
98:
99: struct protox {
1.38 deraadt 100: u_char pr_index; /* index into nlist of cb head */
101: void (*pr_cblocks)(u_long, char *); /* control blocks printing routine */
1.71 deraadt 102: void (*pr_stats)(char *); /* statistics printing routine */
1.59 markus 103: void (*pr_dump)(u_long); /* pcb printing routine */
1.38 deraadt 104: char *pr_name; /* well-known name */
1.1 deraadt 105: } protox[] = {
1.71 deraadt 106: { N_TCBTABLE, protopr, tcp_stats, tcp_dump, "tcp" },
107: { N_UDBTABLE, protopr, udp_stats, NULL, "udp" },
108: { N_RAWIPTABLE, protopr, ip_stats, NULL, "ip" },
109: { -1, NULL, icmp_stats, NULL, "icmp" },
110: { -1, NULL, igmp_stats, NULL, "igmp" },
111: { -1, NULL, ah_stats, NULL, "ah" },
112: { -1, NULL, esp_stats, NULL, "esp" },
113: { -1, NULL, ipip_stats, NULL, "ipencap" },
114: { -1, NULL, etherip_stats, NULL, "etherip" },
115: { -1, NULL, ipcomp_stats, NULL, "ipcomp" },
116: { -1, NULL, carp_stats, NULL, "carp" },
117: { -1, NULL, pfsync_stats, NULL, "pfsync" },
118: { -1, NULL, pim_stats, NULL, "pim" },
119: { -1, NULL, NULL, NULL, NULL }
1.1 deraadt 120: };
121:
1.19 itojun 122: struct protox ip6protox[] = {
1.71 deraadt 123: { N_TCBTABLE, ip6protopr, NULL, tcp_dump, "tcp" },
124: { N_UDBTABLE, ip6protopr, NULL, NULL, "udp" },
125: { N_RAWIP6TABLE,ip6protopr, ip6_stats, NULL, "ip6" },
126: { -1, NULL, icmp6_stats, NULL, "icmp6" },
127: { -1, NULL, pim6_stats, NULL, "pim6" },
128: { -1, NULL, rip6_stats, NULL, "rip6" },
129: { -1, NULL, NULL, NULL, NULL }
1.19 itojun 130: };
131:
1.12 denny 132: struct protox atalkprotox[] = {
1.71 deraadt 133: { N_DDPCB, atalkprotopr, ddp_stats, NULL, "ddp" },
134: { -1, NULL, NULL, NULL, NULL }
1.12 denny 135: };
136:
1.34 deraadt 137: struct protox *protoprotox[] = {
1.66 henning 138: protox, ip6protox, atalkprotox, NULL
1.34 deraadt 139: };
1.1 deraadt 140:
1.30 millert 141: static void printproto(struct protox *, char *);
142: static void usage(void);
143: static struct protox *name2protox(char *);
144: static struct protox *knownname(char *);
1.1 deraadt 145:
146: kvm_t *kvmd;
147:
148: int
1.34 deraadt 149: main(int argc, char *argv[])
1.1 deraadt 150: {
151: extern char *optarg;
152: extern int optind;
1.68 claudio 153: const char *errstr;
1.28 mpech 154: struct protoent *p;
155: struct protox *tp = NULL; /* for printing cblocks & stats */
1.1 deraadt 156: int ch;
1.59 markus 157: char *nlistf = NULL, *memf = NULL, *ep;
1.1 deraadt 158: char buf[_POSIX2_LINE_MAX];
1.61 djm 159: gid_t gid;
1.59 markus 160: u_long pcbaddr = 0;
1.68 claudio 161: u_int tableid = 0;
1.1 deraadt 162:
163: af = AF_UNSPEC;
164:
1.68 claudio 165: while ((ch = getopt(argc, argv, "AabdFf:gI:ilM:mN:np:P:qrsT:tuvW:w:")) != -1)
1.31 deraadt 166: switch (ch) {
1.1 deraadt 167: case 'A':
168: Aflag = 1;
169: break;
170: case 'a':
171: aflag = 1;
1.24 camield 172: break;
173: case 'b':
174: bflag = 1;
1.1 deraadt 175: break;
176: case 'd':
177: dflag = 1;
1.64 pyr 178: break;
179: case 'F':
180: Fflag = 1;
1.1 deraadt 181: break;
182: case 'f':
1.4 mickey 183: if (strcmp(optarg, "inet") == 0)
1.1 deraadt 184: af = AF_INET;
1.19 itojun 185: else if (strcmp(optarg, "inet6") == 0)
186: af = AF_INET6;
1.7 kstailey 187: else if (strcmp(optarg, "local") == 0)
188: af = AF_LOCAL;
1.1 deraadt 189: else if (strcmp(optarg, "unix") == 0)
190: af = AF_UNIX;
1.10 angelos 191: else if (strcmp(optarg, "encap") == 0)
1.16 angelos 192: af = PF_KEY;
1.12 denny 193: else if (strcmp(optarg, "atalk") == 0)
194: af = AF_APPLETALK;
1.63 claudio 195: else if (strcmp(optarg, "mask") == 0)
196: af = 0xff;
1.1 deraadt 197: else {
198: (void)fprintf(stderr,
199: "%s: %s: unknown address family\n",
1.2 deraadt 200: __progname, optarg);
1.1 deraadt 201: exit(1);
202: }
203: break;
204: case 'g':
205: gflag = 1;
206: break;
1.2 deraadt 207: case 'I':
1.1 deraadt 208: iflag = 1;
1.2 deraadt 209: interface = optarg;
1.1 deraadt 210: break;
211: case 'i':
212: iflag = 1;
213: break;
1.19 itojun 214: case 'l':
215: lflag = 1;
216: break;
1.1 deraadt 217: case 'M':
218: memf = optarg;
219: break;
220: case 'm':
221: mflag = 1;
222: break;
223: case 'N':
224: nlistf = optarg;
225: break;
226: case 'n':
227: nflag = 1;
228: break;
229: case 'p':
230: if ((tp = name2protox(optarg)) == NULL) {
231: (void)fprintf(stderr,
1.42 jmc 232: "%s: %s: unknown protocol\n",
1.2 deraadt 233: __progname, optarg);
1.1 deraadt 234: exit(1);
235: }
236: pflag = 1;
1.27 brian 237: break;
1.59 markus 238: case 'P':
239: errno = 0;
240: pcbaddr = strtoul(optarg, &ep, 16);
241: if (optarg[0] == '\0' || *ep != '\0' ||
242: errno == ERANGE) {
243: (void)fprintf(stderr,
244: "%s: %s: invalid PCB address\n",
245: __progname, optarg);
246: exit(1);
247: }
248: Pflag = 1;
249: break;
1.27 brian 250: case 'q':
251: qflag = 1;
1.1 deraadt 252: break;
253: case 'r':
254: rflag = 1;
1.46 cedric 255: break;
1.1 deraadt 256: case 's':
257: ++sflag;
258: break;
1.68 claudio 259: case 'T':
260: tableid = strtonum(optarg, 0, RT_TABLEID_MAX, &errstr);
261: if (errstr)
262: errx(1, "invalid table id: %s", errstr);
263: break;
1.1 deraadt 264: case 't':
265: tflag = 1;
266: break;
267: case 'u':
268: af = AF_UNIX;
1.13 peter 269: break;
270: case 'v':
271: vflag = 1;
1.1 deraadt 272: break;
1.56 reyk 273: case 'W':
274: Wflag = 1;
275: interface = optarg;
276: break;
1.1 deraadt 277: case 'w':
278: interval = atoi(optarg);
279: iflag = 1;
280: break;
281: case '?':
282: default:
283: usage();
284: }
285: argv += optind;
286: argc -= optind;
287:
1.33 deraadt 288: /*
1.56 reyk 289: * Show per-interface statistics which don't need access to
290: * kernel memory (they're using IOCTLs)
291: */
292: if (Wflag) {
293: if (interface == NULL)
294: usage();
295: net80211_ifstats(interface);
296: exit(0);
297: }
298:
299: /*
1.33 deraadt 300: * Discard setgid privileges if not the running kernel so that bad
301: * guys can't print interesting stuff from kernel memory.
1.59 markus 302: * Dumping PCB info is also restricted.
1.33 deraadt 303: */
1.61 djm 304: gid = getgid();
305: if (nlistf != NULL || memf != NULL || Pflag)
306: if (setresgid(gid, gid, gid) == -1)
307: err(1, "setresgid");
1.62 claudio 308: if (nlistf == NULL && memf == NULL && rflag && !Aflag) {
309: /* printing the routing table no longer needs kvm */
310: if (setresgid(gid, gid, gid) == -1)
311: err(1, "setresgid");
312: if (sflag)
313: rt_stats(1, 0);
314: else
1.68 claudio 315: p_rttables(af, tableid);
1.62 claudio 316: exit(0);
317: }
1.33 deraadt 318: if ((kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY,
319: buf)) == NULL) {
320: fprintf(stderr, "%s: kvm_open: %s\n", __progname, buf);
321: exit(1);
322: }
1.61 djm 323:
324: if (nlistf == NULL && memf == NULL && !Pflag)
325: if (setresgid(gid, gid, gid) == -1)
326: err(1, "setresgid");
1.33 deraadt 327:
1.1 deraadt 328: #define BACKWARD_COMPATIBILITY
329: #ifdef BACKWARD_COMPATIBILITY
330: if (*argv) {
331: if (isdigit(**argv)) {
332: interval = atoi(*argv);
333: if (interval <= 0)
334: usage();
335: ++argv;
336: iflag = 1;
337: }
338: if (*argv) {
339: nlistf = *argv;
340: if (*++argv)
341: memf = *argv;
342: }
343: }
344: #endif
1.14 deraadt 345:
1.1 deraadt 346: if (kvm_nlist(kvmd, nl) < 0 || nl[0].n_type == 0) {
347: if (nlistf)
1.2 deraadt 348: fprintf(stderr, "%s: %s: no namelist\n", __progname,
349: nlistf);
1.1 deraadt 350: else
1.2 deraadt 351: fprintf(stderr, "%s: no namelist\n", __progname);
1.1 deraadt 352: exit(1);
353: }
354: if (mflag) {
1.70 deraadt 355: mbpr();
1.1 deraadt 356: exit(0);
357: }
358: if (pflag) {
1.45 markus 359: printproto(tp, tp->pr_name);
1.59 markus 360: exit(0);
361: }
362: if (Pflag) {
363: if (tp == NULL && (tp = name2protox("tcp")) == NULL) {
364: (void)fprintf(stderr,
365: "%s: %s: unknown protocol\n",
366: __progname, "tcp");
367: exit(1);
368: }
369: if (tp->pr_dump)
370: (tp->pr_dump)(pcbaddr);
1.1 deraadt 371: exit(0);
372: }
373: /*
374: * Keep file descriptors open to avoid overhead
375: * of open/close on each call to get* routines.
376: */
377: sethostent(1);
378: setnetent(1);
1.71 deraadt 379:
1.1 deraadt 380: if (iflag) {
381: intpr(interval, nl[N_IFNET].n_value);
382: exit(0);
383: }
384: if (rflag) {
385: if (sflag)
1.62 claudio 386: rt_stats(0, nl[N_RTSTAT].n_value);
1.1 deraadt 387: else
1.63 claudio 388: routepr(nl[N_RTREE].n_value, nl[N_RTMASK].n_value,
389: nl[N_AF2RTAFIDX].n_value, nl[N_RTBLIDMAX].n_value);
1.1 deraadt 390: exit(0);
391: }
392: if (gflag) {
1.19 itojun 393: if (sflag) {
394: if (af == AF_INET || af == AF_UNSPEC)
1.71 deraadt 395: mrt_stats();
1.19 itojun 396: if (af == AF_INET6 || af == AF_UNSPEC)
1.71 deraadt 397: mrt6_stats();
1.70 deraadt 398: } else {
1.19 itojun 399: if (af == AF_INET || af == AF_UNSPEC)
1.71 deraadt 400: mroutepr(nl[N_MFCHASHTBL].n_value,
1.19 itojun 401: nl[N_MFCHASH].n_value,
402: nl[N_VIFTABLE].n_value);
403: if (af == AF_INET6 || af == AF_UNSPEC)
1.71 deraadt 404: mroute6pr(nl[N_MF6CTABLE].n_value,
1.19 itojun 405: nl[N_MIF6TABLE].n_value);
406: }
1.1 deraadt 407: exit(0);
408: }
409: if (af == AF_INET || af == AF_UNSPEC) {
410: setprotoent(1);
411: setservent(1);
412: /* ugh, this is O(MN) ... why do we do this? */
1.11 millert 413: while ((p = getprotoent())) {
1.1 deraadt 414: for (tp = protox; tp->pr_name; tp++)
415: if (strcmp(tp->pr_name, p->p_name) == 0)
416: break;
1.71 deraadt 417: if (tp->pr_name == 0)
1.1 deraadt 418: continue;
419: printproto(tp, p->p_name);
420: }
421: endprotoent();
422: }
1.19 itojun 423: if (af == AF_INET6 || af == AF_UNSPEC)
424: for (tp = ip6protox; tp->pr_name; tp++)
425: printproto(tp, tp->pr_name);
1.1 deraadt 426: if ((af == AF_UNIX || af == AF_UNSPEC) && !sflag)
427: unixpr(nl[N_UNIXSW].n_value);
1.12 denny 428: if (af == AF_APPLETALK || af == AF_UNSPEC)
429: for (tp = atalkprotox; tp->pr_name; tp++)
430: printproto(tp, tp->pr_name);
1.1 deraadt 431: exit(0);
432: }
433:
434: /*
435: * Print out protocol statistics or control blocks (per sflag).
436: * If the interface was not specifically requested, and the symbol
437: * is not in the namelist, ignore this one.
438: */
439: static void
1.34 deraadt 440: printproto(struct protox *tp, char *name)
1.1 deraadt 441: {
442: if (sflag) {
1.71 deraadt 443: if (tp->pr_stats != NULL)
444: (*tp->pr_stats)(name);
1.1 deraadt 445: } else {
1.71 deraadt 446: u_char i = tp->pr_index;
447: if (tp->pr_cblocks != NULL &&
448: i < sizeof(nl) / sizeof(nl[0]) &&
449: (nl[i].n_value || af != AF_UNSPEC))
450: (*tp->pr_cblocks)(nl[i].n_value, name);
1.1 deraadt 451: }
452: }
453:
454: /*
455: * Read kernel memory, return 0 on success.
456: */
457: int
1.53 jaredy 458: kread(u_long addr, void *buf, int size)
1.1 deraadt 459: {
460:
461: if (kvm_read(kvmd, addr, buf, size) != size) {
1.2 deraadt 462: (void)fprintf(stderr, "%s: %s\n", __progname,
1.1 deraadt 463: kvm_geterr(kvmd));
464: return (-1);
465: }
466: return (0);
467: }
468:
469: char *
1.34 deraadt 470: plural(int n)
1.1 deraadt 471: {
472: return (n != 1 ? "s" : "");
473: }
474:
475: char *
1.34 deraadt 476: plurales(int n)
1.1 deraadt 477: {
478: return (n != 1 ? "es" : "");
479: }
480:
481: /*
482: * Find the protox for the given "well-known" name.
483: */
484: static struct protox *
1.34 deraadt 485: knownname(char *name)
1.1 deraadt 486: {
487: struct protox **tpp, *tp;
488:
489: for (tpp = protoprotox; *tpp; tpp++)
490: for (tp = *tpp; tp->pr_name; tp++)
491: if (strcmp(tp->pr_name, name) == 0)
492: return (tp);
493: return (NULL);
494: }
495:
496: /*
497: * Find the protox corresponding to name.
498: */
499: static struct protox *
1.34 deraadt 500: name2protox(char *name)
1.1 deraadt 501: {
502: struct protox *tp;
503: char **alias; /* alias from p->aliases */
504: struct protoent *p;
505:
506: /*
507: * Try to find the name in the list of "well-known" names. If that
508: * fails, check if name is an alias for an Internet protocol.
509: */
1.11 millert 510: if ((tp = knownname(name)))
1.1 deraadt 511: return (tp);
512:
513: setprotoent(1); /* make protocol lookup cheaper */
1.11 millert 514: while ((p = getprotoent())) {
1.1 deraadt 515: /* assert: name not same as p->name */
516: for (alias = p->p_aliases; *alias; alias++)
517: if (strcmp(name, *alias) == 0) {
518: endprotoent();
519: return (knownname(p->p_name));
520: }
521: }
522: endprotoent();
523: return (NULL);
524: }
525:
526: static void
1.34 deraadt 527: usage(void)
1.1 deraadt 528: {
529: (void)fprintf(stderr,
1.60 jaredy 530: "usage: %s [-Aan] [-f address_family] [-M core] [-N system]\n"
1.69 sobrado 531: " %s [-bdFgilmnqrstu] [-f address_family] [-M core] [-N system]\n"
532: " [-T tableid]\n"
1.60 jaredy 533: " %s [-bdn] [-I interface] [-M core] [-N system] [-w wait]\n"
534: " %s [-M core] [-N system] -P pcbaddr\n"
535: " %s [-s] [-M core] [-N system] [-p protocol]\n"
536: " %s [-a] [-f address_family] [-i | -I interface]\n"
537: " %s [-W interface]\n",
538: __progname, __progname, __progname, __progname,
539: __progname, __progname, __progname);
1.1 deraadt 540: exit(1);
541: }