Annotation of src/usr.bin/netstat/main.c, Revision 1.99
1.99 ! guenther 1: /* $OpenBSD: main.c,v 1.98 2013/11/20 21:34:25 deraadt Exp $ */
1.2 deraadt 2: /* $NetBSD: main.c,v 1.9 1996/05/07 02:55:02 thorpej Exp $ */
1.1 deraadt 3:
4: /*
5: * Copyright (c) 1983, 1988, 1993
6: * Regents of the University of California. All rights reserved.
7: *
8: * Redistribution and use in source and binary forms, with or without
9: * modification, are permitted provided that the following conditions
10: * are met:
11: * 1. Redistributions of source code must retain the above copyright
12: * notice, this list of conditions and the following disclaimer.
13: * 2. Redistributions in binary form must reproduce the above copyright
14: * notice, this list of conditions and the following disclaimer in the
15: * documentation and/or other materials provided with the distribution.
1.36 millert 16: * 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 17: * may be used to endorse or promote products derived from this software
18: * without specific prior written permission.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30: * SUCH DAMAGE.
31: */
32:
33: #include <sys/param.h>
34: #include <sys/protosw.h>
35: #include <sys/socket.h>
1.86 claudio 36: #include <sys/sysctl.h>
1.1 deraadt 37:
1.68 claudio 38: #include <net/route.h>
1.1 deraadt 39: #include <netinet/in.h>
40:
41: #include <ctype.h>
1.61 djm 42: #include <err.h>
1.1 deraadt 43: #include <errno.h>
1.96 guenther 44: #include <fcntl.h>
1.1 deraadt 45: #include <kvm.h>
46: #include <limits.h>
47: #include <netdb.h>
48: #include <nlist.h>
49: #include <paths.h>
50: #include <stdio.h>
51: #include <stdlib.h>
52: #include <string.h>
53: #include <unistd.h>
54: #include "netstat.h"
55:
56: struct nlist nl[] = {
1.71 deraadt 57: #define N_TCBTABLE 0
1.1 deraadt 58: { "_tcbtable" },
1.71 deraadt 59: #define N_UDBTABLE 1
1.1 deraadt 60: { "_udbtable" },
1.71 deraadt 61:
1.99 ! guenther 62: #define N_MFCHASHTBL 2
1.1 deraadt 63: { "_mfchashtbl" },
1.99 ! guenther 64: #define N_MFCHASH 3
1.1 deraadt 65: { "_mfchash" },
1.99 ! guenther 66: #define N_VIFTABLE 4
1.1 deraadt 67: { "_viftable" },
1.71 deraadt 68:
1.99 ! guenther 69: #define N_MF6CTABLE 5
1.19 itojun 70: { "_mf6ctable" },
1.99 ! guenther 71: #define N_MIF6TABLE 6
1.19 itojun 72: { "_mif6table" },
1.71 deraadt 73:
1.99 ! guenther 74: #define N_RTREE 7
1.71 deraadt 75: { "_rt_tables"},
1.99 ! guenther 76: #define N_RTMASK 8
1.71 deraadt 77: { "_mask_rnhead" },
1.99 ! guenther 78: #define N_AF2RTAFIDX 9
1.71 deraadt 79: { "_af2rtafidx" },
1.99 ! guenther 80: #define N_RTBLIDMAX 10
1.71 deraadt 81: { "_rtbl_id_max" },
82:
1.99 ! guenther 83: #define N_RAWIPTABLE 11
1.40 markus 84: { "_rawcbtable" },
1.99 ! guenther 85: #define N_RAWIP6TABLE 12
1.40 markus 86: { "_rawin6pcbtable" },
1.99 ! guenther 87: #define N_DIVBTABLE 13
1.80 michele 88: { "_divbtable" },
1.99 ! guenther 89: #define N_DIVB6TABLE 14
1.81 michele 90: { "_divb6table" },
1.71 deraadt 91:
1.87 bluhm 92: { "" }
1.1 deraadt 93: };
94:
95: struct protox {
1.87 bluhm 96: u_char pr_index; /* index into nlist of cb head */
1.90 mikeb 97: void (*pr_cblocks)(u_long, char *, int, u_int, u_long);
1.87 bluhm 98: /* control blocks printing routine */
99: void (*pr_stats)(char *); /* statistics printing routine */
100: char *pr_name; /* well-known name */
1.1 deraadt 101: } protox[] = {
1.87 bluhm 102: { N_TCBTABLE, protopr, tcp_stats, "tcp" },
103: { N_UDBTABLE, protopr, udp_stats, "udp" },
104: { N_RAWIPTABLE, protopr, ip_stats, "ip" },
105: { N_DIVBTABLE, protopr, div_stats, "divert" },
106: { -1, NULL, icmp_stats, "icmp" },
107: { -1, NULL, igmp_stats, "igmp" },
108: { -1, NULL, ah_stats, "ah" },
109: { -1, NULL, esp_stats, "esp" },
110: { -1, NULL, ipip_stats, "ipencap" },
111: { -1, NULL, etherip_stats, "etherip" },
112: { -1, NULL, ipcomp_stats, "ipcomp" },
113: { -1, NULL, carp_stats, "carp" },
114: { -1, NULL, pfsync_stats, "pfsync" },
115: { -1, NULL, pim_stats, "pim" },
116: { -1, NULL, pflow_stats, "pflow" },
117: { -1, NULL, NULL, NULL }
1.1 deraadt 118: };
119:
1.19 itojun 120: struct protox ip6protox[] = {
1.87 bluhm 121: { N_TCBTABLE, protopr, NULL, "tcp" },
122: { N_UDBTABLE, protopr, NULL, "udp" },
123: { N_RAWIP6TABLE,protopr, ip6_stats, "ip6" },
124: { N_DIVB6TABLE, protopr, div6_stats, "divert6" },
125: { -1, NULL, icmp6_stats, "icmp6" },
126: { -1, NULL, pim6_stats, "pim6" },
127: { -1, NULL, rip6_stats, "rip6" },
128: { -1, NULL, NULL, NULL }
1.19 itojun 129: };
130:
1.34 deraadt 131: struct protox *protoprotox[] = {
1.89 henning 132: protox, ip6protox, NULL
1.34 deraadt 133: };
1.1 deraadt 134:
1.90 mikeb 135: static void printproto(struct protox *, char *, int, u_int, u_long);
1.30 millert 136: static void usage(void);
137: static struct protox *name2protox(char *);
138: static struct protox *knownname(char *);
1.86 claudio 139: u_int gettable(const char *);
140:
1.95 deraadt 141: int hideroot;
1.1 deraadt 142:
143: kvm_t *kvmd;
144:
145: int
1.34 deraadt 146: main(int argc, char *argv[])
1.1 deraadt 147: {
148: extern char *optarg;
149: extern int optind;
1.68 claudio 150: const char *errstr;
1.28 mpech 151: struct protoent *p;
152: struct protox *tp = NULL; /* for printing cblocks & stats */
1.1 deraadt 153: int ch;
1.59 markus 154: char *nlistf = NULL, *memf = NULL, *ep;
1.1 deraadt 155: char buf[_POSIX2_LINE_MAX];
1.61 djm 156: gid_t gid;
1.59 markus 157: u_long pcbaddr = 0;
1.91 mikeb 158: u_int tableid;
1.86 claudio 159: int Tflag = 0;
1.82 tedu 160: int repeatcount = 0;
1.96 guenther 161: int need_nlist;
1.95 deraadt 162:
163: hideroot = getuid();
1.1 deraadt 164:
165: af = AF_UNSPEC;
1.91 mikeb 166: tableid = getrtable();
1.1 deraadt 167:
1.88 jsing 168: while ((ch = getopt(argc, argv,
1.93 tedu 169: "AaBbc:dFf:ghI:ilM:mN:np:P:qrsT:tuvW:w:")) != -1)
1.31 deraadt 170: switch (ch) {
1.1 deraadt 171: case 'A':
172: Aflag = 1;
173: break;
174: case 'a':
175: aflag = 1;
1.24 camield 176: break;
1.88 jsing 177: case 'B':
178: Bflag = 1;
179: break;
1.24 camield 180: case 'b':
181: bflag = 1;
1.1 deraadt 182: break;
1.82 tedu 183: case 'c':
184: repeatcount = strtonum(optarg, 1, INT_MAX, &errstr);
185: break;
1.1 deraadt 186: case 'd':
187: dflag = 1;
1.64 pyr 188: break;
189: case 'F':
190: Fflag = 1;
1.1 deraadt 191: break;
192: case 'f':
1.4 mickey 193: if (strcmp(optarg, "inet") == 0)
1.1 deraadt 194: af = AF_INET;
1.19 itojun 195: else if (strcmp(optarg, "inet6") == 0)
196: af = AF_INET6;
1.7 kstailey 197: else if (strcmp(optarg, "local") == 0)
198: af = AF_LOCAL;
1.1 deraadt 199: else if (strcmp(optarg, "unix") == 0)
200: af = AF_UNIX;
1.10 angelos 201: else if (strcmp(optarg, "encap") == 0)
1.16 angelos 202: af = PF_KEY;
1.75 claudio 203: else if (strcmp(optarg, "mpls") == 0)
204: af = AF_MPLS;
1.76 gollo 205: else if (strcmp(optarg, "pflow") == 0)
206: af = PF_PFLOW;
1.63 claudio 207: else if (strcmp(optarg, "mask") == 0)
208: af = 0xff;
1.1 deraadt 209: else {
210: (void)fprintf(stderr,
211: "%s: %s: unknown address family\n",
1.2 deraadt 212: __progname, optarg);
1.1 deraadt 213: exit(1);
214: }
215: break;
216: case 'g':
217: gflag = 1;
1.93 tedu 218: break;
219: case 'h':
220: hflag = 1;
1.1 deraadt 221: break;
1.2 deraadt 222: case 'I':
1.1 deraadt 223: iflag = 1;
1.2 deraadt 224: interface = optarg;
1.1 deraadt 225: break;
226: case 'i':
227: iflag = 1;
228: break;
1.19 itojun 229: case 'l':
230: lflag = 1;
231: break;
1.1 deraadt 232: case 'M':
233: memf = optarg;
234: break;
235: case 'm':
236: mflag = 1;
237: break;
238: case 'N':
239: nlistf = optarg;
240: break;
241: case 'n':
242: nflag = 1;
243: break;
244: case 'p':
245: if ((tp = name2protox(optarg)) == NULL) {
246: (void)fprintf(stderr,
1.42 jmc 247: "%s: %s: unknown protocol\n",
1.2 deraadt 248: __progname, optarg);
1.1 deraadt 249: exit(1);
250: }
251: pflag = 1;
1.27 brian 252: break;
1.59 markus 253: case 'P':
254: errno = 0;
255: pcbaddr = strtoul(optarg, &ep, 16);
256: if (optarg[0] == '\0' || *ep != '\0' ||
257: errno == ERANGE) {
258: (void)fprintf(stderr,
259: "%s: %s: invalid PCB address\n",
260: __progname, optarg);
261: exit(1);
262: }
263: Pflag = 1;
264: break;
1.27 brian 265: case 'q':
266: qflag = 1;
1.1 deraadt 267: break;
268: case 'r':
269: rflag = 1;
1.46 cedric 270: break;
1.1 deraadt 271: case 's':
272: ++sflag;
273: break;
1.68 claudio 274: case 'T':
1.86 claudio 275: Tflag = 1;
276: tableid = gettable(optarg);
1.68 claudio 277: break;
1.1 deraadt 278: case 't':
279: tflag = 1;
280: break;
281: case 'u':
282: af = AF_UNIX;
1.13 peter 283: break;
284: case 'v':
285: vflag = 1;
1.1 deraadt 286: break;
1.56 reyk 287: case 'W':
288: Wflag = 1;
289: interface = optarg;
290: break;
1.1 deraadt 291: case 'w':
292: interval = atoi(optarg);
293: iflag = 1;
294: break;
295: case '?':
296: default:
297: usage();
298: }
299: argv += optind;
300: argc -= optind;
301:
1.33 deraadt 302: /*
1.56 reyk 303: * Show per-interface statistics which don't need access to
304: * kernel memory (they're using IOCTLs)
305: */
306: if (Wflag) {
307: if (interface == NULL)
308: usage();
309: net80211_ifstats(interface);
310: exit(0);
311: }
312:
1.84 lum 313: #define BACKWARD_COMPATIBILITY
314: #ifdef BACKWARD_COMPATIBILITY
315: if (*argv) {
1.98 deraadt 316: if (isdigit((unsigned char)**argv)) {
1.84 lum 317: interval = atoi(*argv);
318: if (interval <= 0)
319: usage();
320: ++argv;
321: iflag = 1;
322: }
323: if (*argv) {
324: nlistf = *argv;
325: if (*++argv)
326: memf = *argv;
327: }
328: }
329: #endif
330:
1.96 guenther 331: need_nlist = !mflag && (pflag || nlistf != NULL || memf != NULL ||
332: (!iflag && !sflag && (rflag ? Aflag :
333: (gflag || af != AF_UNIX || Pflag))));
334:
1.56 reyk 335: /*
1.33 deraadt 336: * Discard setgid privileges if not the running kernel so that bad
337: * guys can't print interesting stuff from kernel memory.
1.59 markus 338: * Dumping PCB info is also restricted.
1.33 deraadt 339: */
1.61 djm 340: gid = getgid();
341: if (nlistf != NULL || memf != NULL || Pflag)
342: if (setresgid(gid, gid, gid) == -1)
343: err(1, "setresgid");
1.73 claudio 344:
1.96 guenther 345: if ((kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY |
346: (need_nlist ? 0 : KVM_NO_FILES), buf)) == NULL) {
1.78 deraadt 347: fprintf(stderr, "%s: kvm_openfiles: %s\n", __progname, buf);
1.33 deraadt 348: exit(1);
349: }
1.61 djm 350:
351: if (nlistf == NULL && memf == NULL && !Pflag)
352: if (setresgid(gid, gid, gid) == -1)
353: err(1, "setresgid");
1.14 deraadt 354:
1.96 guenther 355: if (need_nlist && (kvm_nlist(kvmd, nl) < 0 || nl[0].n_type == 0)) {
1.1 deraadt 356: if (nlistf)
1.2 deraadt 357: fprintf(stderr, "%s: %s: no namelist\n", __progname,
358: nlistf);
1.1 deraadt 359: else
1.2 deraadt 360: fprintf(stderr, "%s: no namelist\n", __progname);
1.1 deraadt 361: exit(1);
362: }
363: if (mflag) {
1.70 deraadt 364: mbpr();
1.1 deraadt 365: exit(0);
366: }
367: if (pflag) {
1.90 mikeb 368: printproto(tp, tp->pr_name, af, tableid, pcbaddr);
1.1 deraadt 369: exit(0);
370: }
371: /*
372: * Keep file descriptors open to avoid overhead
373: * of open/close on each call to get* routines.
374: */
375: sethostent(1);
376: setnetent(1);
1.71 deraadt 377:
1.1 deraadt 378: if (iflag) {
1.82 tedu 379: intpr(interval, repeatcount);
1.1 deraadt 380: exit(0);
381: }
382: if (rflag) {
383: if (sflag)
1.73 claudio 384: rt_stats();
385: else if (Aflag || nlistf != NULL || memf != NULL)
1.63 claudio 386: routepr(nl[N_RTREE].n_value, nl[N_RTMASK].n_value,
1.79 claudio 387: nl[N_AF2RTAFIDX].n_value, nl[N_RTBLIDMAX].n_value,
388: tableid);
1.73 claudio 389: else
1.92 mikeb 390: p_rttables(af, tableid);
1.1 deraadt 391: exit(0);
392: }
393: if (gflag) {
1.19 itojun 394: if (sflag) {
395: if (af == AF_INET || af == AF_UNSPEC)
1.71 deraadt 396: mrt_stats();
1.19 itojun 397: if (af == AF_INET6 || af == AF_UNSPEC)
1.71 deraadt 398: mrt6_stats();
1.70 deraadt 399: } else {
1.19 itojun 400: if (af == AF_INET || af == AF_UNSPEC)
1.71 deraadt 401: mroutepr(nl[N_MFCHASHTBL].n_value,
1.19 itojun 402: nl[N_MFCHASH].n_value,
403: nl[N_VIFTABLE].n_value);
404: if (af == AF_INET6 || af == AF_UNSPEC)
1.71 deraadt 405: mroute6pr(nl[N_MF6CTABLE].n_value,
1.19 itojun 406: nl[N_MIF6TABLE].n_value);
407: }
1.1 deraadt 408: exit(0);
409: }
410: if (af == AF_INET || af == AF_UNSPEC) {
411: setprotoent(1);
412: setservent(1);
413: /* ugh, this is O(MN) ... why do we do this? */
1.11 millert 414: while ((p = getprotoent())) {
1.1 deraadt 415: for (tp = protox; tp->pr_name; tp++)
416: if (strcmp(tp->pr_name, p->p_name) == 0)
417: break;
1.71 deraadt 418: if (tp->pr_name == 0)
1.1 deraadt 419: continue;
1.90 mikeb 420: printproto(tp, p->p_name, AF_INET, tableid, pcbaddr);
1.1 deraadt 421: }
422: endprotoent();
1.76 gollo 423: }
424: if (af == PF_PFLOW || af == AF_UNSPEC) {
425: tp = name2protox("pflow");
1.90 mikeb 426: printproto(tp, tp->pr_name, af, tableid, pcbaddr);
1.1 deraadt 427: }
1.19 itojun 428: if (af == AF_INET6 || af == AF_UNSPEC)
429: for (tp = ip6protox; tp->pr_name; tp++)
1.90 mikeb 430: printproto(tp, tp->pr_name, AF_INET6, tableid,
431: pcbaddr);
1.1 deraadt 432: if ((af == AF_UNIX || af == AF_UNSPEC) && !sflag)
1.96 guenther 433: unixpr(kvmd, pcbaddr);
1.1 deraadt 434: exit(0);
435: }
436:
437: /*
438: * Print out protocol statistics or control blocks (per sflag).
439: * If the interface was not specifically requested, and the symbol
440: * is not in the namelist, ignore this one.
441: */
442: static void
1.90 mikeb 443: printproto(struct protox *tp, char *name, int af, u_int tableid,
444: u_long pcbaddr)
1.1 deraadt 445: {
446: if (sflag) {
1.71 deraadt 447: if (tp->pr_stats != NULL)
448: (*tp->pr_stats)(name);
1.1 deraadt 449: } else {
1.71 deraadt 450: u_char i = tp->pr_index;
451: if (tp->pr_cblocks != NULL &&
452: i < sizeof(nl) / sizeof(nl[0]) &&
453: (nl[i].n_value || af != AF_UNSPEC))
1.90 mikeb 454: (*tp->pr_cblocks)(nl[i].n_value, name, af, tableid,
455: pcbaddr);
1.1 deraadt 456: }
457: }
458:
459: /*
460: * Read kernel memory, return 0 on success.
461: */
462: int
1.53 jaredy 463: kread(u_long addr, void *buf, int size)
1.1 deraadt 464: {
465:
466: if (kvm_read(kvmd, addr, buf, size) != size) {
1.2 deraadt 467: (void)fprintf(stderr, "%s: %s\n", __progname,
1.1 deraadt 468: kvm_geterr(kvmd));
469: return (-1);
470: }
471: return (0);
472: }
473:
474: char *
1.77 claudio 475: plural(u_int64_t n)
1.1 deraadt 476: {
477: return (n != 1 ? "s" : "");
478: }
479:
480: char *
1.77 claudio 481: plurales(u_int64_t n)
1.1 deraadt 482: {
483: return (n != 1 ? "es" : "");
484: }
485:
486: /*
487: * Find the protox for the given "well-known" name.
488: */
489: static struct protox *
1.34 deraadt 490: knownname(char *name)
1.1 deraadt 491: {
492: struct protox **tpp, *tp;
493:
494: for (tpp = protoprotox; *tpp; tpp++)
495: for (tp = *tpp; tp->pr_name; tp++)
496: if (strcmp(tp->pr_name, name) == 0)
497: return (tp);
498: return (NULL);
499: }
500:
501: /*
502: * Find the protox corresponding to name.
503: */
504: static struct protox *
1.34 deraadt 505: name2protox(char *name)
1.1 deraadt 506: {
507: struct protox *tp;
508: char **alias; /* alias from p->aliases */
509: struct protoent *p;
510:
511: /*
512: * Try to find the name in the list of "well-known" names. If that
513: * fails, check if name is an alias for an Internet protocol.
514: */
1.11 millert 515: if ((tp = knownname(name)))
1.1 deraadt 516: return (tp);
517:
518: setprotoent(1); /* make protocol lookup cheaper */
1.11 millert 519: while ((p = getprotoent())) {
1.1 deraadt 520: /* assert: name not same as p->name */
521: for (alias = p->p_aliases; *alias; alias++)
522: if (strcmp(name, *alias) == 0) {
523: endprotoent();
524: return (knownname(p->p_name));
525: }
526: }
527: endprotoent();
528: return (NULL);
529: }
530:
531: static void
1.34 deraadt 532: usage(void)
1.1 deraadt 533: {
534: (void)fprintf(stderr,
1.88 jsing 535: "usage: %s [-AaBn] [-f address_family] [-M core] [-N system]\n"
1.69 sobrado 536: " %s [-bdFgilmnqrstu] [-f address_family] [-M core] [-N system]\n"
537: " [-T tableid]\n"
1.94 tedu 538: " %s [-bdhn] [-c count] [-I interface] [-M core] [-N system] [-w wait]\n"
1.87 bluhm 539: " %s [-v] [-M core] [-N system] -P pcbaddr\n"
1.60 jaredy 540: " %s [-s] [-M core] [-N system] [-p protocol]\n"
541: " %s [-a] [-f address_family] [-i | -I interface]\n"
542: " %s [-W interface]\n",
543: __progname, __progname, __progname, __progname,
544: __progname, __progname, __progname);
1.1 deraadt 545: exit(1);
546: }
1.86 claudio 547:
548: u_int
549: gettable(const char *s)
550: {
551: const char *errstr;
552: struct rt_tableinfo info;
553: int mib[6];
554: size_t len;
555: u_int tableid;
556:
557: tableid = strtonum(s, 0, RT_TABLEID_MAX, &errstr);
558: if (errstr)
559: errx(1, "invalid table id: %s", errstr);
560:
561: mib[0] = CTL_NET;
562: mib[1] = AF_ROUTE;
563: mib[2] = 0;
564: mib[3] = 0;
565: mib[4] = NET_RT_TABLE;
566: mib[5] = tableid;
567:
568: len = sizeof(info);
569: if (sysctl(mib, 6, &info, &len, NULL, 0) == -1)
1.97 deraadt 570: err(1, "routing table %d", tableid);
1.86 claudio 571:
572: return (tableid);
573: }