/* $OpenBSD: netstat.c,v 1.26 2004/09/29 21:59:28 deraadt Exp $ */ /* $NetBSD: netstat.c,v 1.3 1995/06/18 23:53:07 cgd Exp $ */ /*- * Copyright (c) 1980, 1992, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint #if 0 static char sccsid[] = "@(#)netstat.c 8.1 (Berkeley) 6/6/93"; #endif static char rcsid[] = "$OpenBSD: netstat.c,v 1.26 2004/09/29 21:59:28 deraadt Exp $"; #endif /* not lint */ /* * netstat */ #include <sys/param.h> #include <sys/socket.h> #include <sys/socketvar.h> #include <sys/mbuf.h> #include <sys/protosw.h> #include <netinet/in.h> #include <net/route.h> #include <netinet/in_systm.h> #include <netinet/ip.h> #include <netinet/in_pcb.h> #include <netinet/ip_icmp.h> #include <netinet/icmp_var.h> #include <netinet/ip_var.h> #include <netinet/tcp.h> #include <netinet/tcpip.h> #include <netinet/tcp_seq.h> #define TCPSTATES #include <netinet/tcp_fsm.h> #include <netinet/tcp_timer.h> #include <netinet/tcp_var.h> #include <netinet/tcp_debug.h> #include <netinet/udp.h> #include <netinet/udp_var.h> #include <arpa/inet.h> #include <netdb.h> #include <stdlib.h> #include <string.h> #include <err.h> #include <nlist.h> #include <paths.h> #include "systat.h" #include "extern.h" static void enter(struct inpcb *, struct socket *, int, char *); static const char *inetname(struct in_addr); static void inetprint(struct in_addr *, int, char *); static const char *inet6name(struct in6_addr *); static void inet6print(struct in6_addr *, int, char *); #define streq(a,b) (strcmp(a,b)==0) #define YMAX(w) ((w)->_maxy-1) WINDOW * opennetstat(void) { sethostent(1); setnetent(1); return (subwin(stdscr, LINES-5-1, 0, 5, 0)); } struct netinfo { struct netinfo *nif_forw, *nif_prev; int nif_family; short nif_line; /* line on screen */ short nif_seen; /* 0 when not present in list */ short nif_flags; #define NIF_LACHG 0x1 /* local address changed */ #define NIF_FACHG 0x2 /* foreign address changed */ short nif_state; /* tcp state */ char *nif_proto; /* protocol */ struct in_addr nif_laddr; /* local address */ struct in6_addr nif_laddr6; /* local address */ long nif_lport; /* local port */ struct in_addr nif_faddr; /* foreign address */ struct in6_addr nif_faddr6; /* foreign address */ long nif_fport; /* foreign port */ long nif_rcvcc; /* rcv buffer character count */ long nif_sndcc; /* snd buffer character count */ }; static struct { struct netinfo *nif_forw, *nif_prev; } netcb; static int aflag = 0; static int lastrow = 1; void closenetstat(WINDOW *w) { struct netinfo *p; endhostent(); endnetent(); p = (struct netinfo *)netcb.nif_forw; while (p != (struct netinfo *)&netcb) { if (p->nif_line != -1) lastrow--; p->nif_line = -1; p = p->nif_forw; } if (w != NULL) { wclear(w); wrefresh(w); delwin(w); } } static struct nlist namelist[] = { #define X_TCBTABLE 0 /* no sysctl */ { "_tcbtable" }, #define X_UDBTABLE 1 /* no sysctl */ { "_udbtable" }, { "" }, }; int initnetstat(void) { int ret; if ((ret = kvm_nlist(kd, namelist)) == -1) errx(1, "%s", kvm_geterr(kd)); else if (ret) nlisterr(namelist); if (namelist[X_TCBTABLE].n_value == 0) { error("No symbols in namelist"); return(0); } netcb.nif_forw = netcb.nif_prev = (struct netinfo *)&netcb; protos = TCP|UDP; return(1); } void fetchnetstat(void) { struct inpcbtable pcbtable; struct inpcb *head, *prev, *next; struct netinfo *p; struct inpcb inpcb; struct socket sockb; struct tcpcb tcpcb; void *off; int istcp; if (namelist[X_TCBTABLE].n_value == 0) return; for (p = netcb.nif_forw; p != (struct netinfo *)&netcb; p = p->nif_forw) p->nif_seen = 0; if (protos&TCP) { off = NPTR(X_TCBTABLE); istcp = 1; } else if (protos&UDP) { off = NPTR(X_UDBTABLE); istcp = 0; } else { error("No protocols to display"); return; } again: KREAD(off, &pcbtable, sizeof (struct inpcbtable)); prev = head = (struct inpcb *)&((struct inpcbtable *)off)->inpt_queue; next = pcbtable.inpt_queue.cqh_first; while (next != head) { KREAD(next, &inpcb, sizeof (inpcb)); if (inpcb.inp_queue.cqe_prev != prev) { printf("prev = %p, head = %p, next = %p, inpcb...prev = %p\n", prev, head, next, inpcb.inp_queue.cqe_prev); p = netcb.nif_forw; for (; p != (struct netinfo *)&netcb; p = p->nif_forw) p->nif_seen = 1; error("Kernel state in transition"); return; } prev = next; next = inpcb.inp_queue.cqe_next; if (inpcb.inp_flags & INP_IPV6) continue; if (!aflag) { if (!(inpcb.inp_flags & INP_IPV6) && inet_lnaof(inpcb.inp_laddr) == INADDR_ANY) continue; if ((inpcb.inp_flags & INP_IPV6) && IN6_IS_ADDR_UNSPECIFIED(&inpcb.inp_laddr6)) continue; } if (nhosts && !checkhost(&inpcb)) continue; if (nports && !checkport(&inpcb)) continue; KREAD(inpcb.inp_socket, &sockb, sizeof (sockb)); if (istcp) { KREAD(inpcb.inp_ppcb, &tcpcb, sizeof (tcpcb)); enter(&inpcb, &sockb, tcpcb.t_state, "tcp"); } else enter(&inpcb, &sockb, 0, "udp"); } if (istcp && (protos&UDP)) { istcp = 0; off = NPTR(X_UDBTABLE); goto again; } } static void enter(struct inpcb *inp, struct socket *so, int state, char *proto) { struct netinfo *p; /* * Only take exact matches, any sockets with * previously unbound addresses will be deleted * below in the display routine because they * will appear as ``not seen'' in the kernel * data structures. */ for (p = netcb.nif_forw; p != (struct netinfo *)&netcb; p = p->nif_forw) { if (p->nif_family == AF_INET && (inp->inp_flags & INP_IPV6)) continue; if (p->nif_family == AF_INET6 && !(inp->inp_flags & INP_IPV6)) continue; if (!streq(proto, p->nif_proto)) continue; if (p->nif_family == AF_INET) { if (p->nif_lport != inp->inp_lport || p->nif_laddr.s_addr != inp->inp_laddr.s_addr) continue; if (p->nif_faddr.s_addr == inp->inp_faddr.s_addr && p->nif_fport == inp->inp_fport) break; } else if (p->nif_family == AF_INET6) { if (p->nif_lport != inp->inp_lport || !IN6_ARE_ADDR_EQUAL(&p->nif_laddr6, &inp->inp_laddr6)) continue; if (IN6_ARE_ADDR_EQUAL(&p->nif_faddr6, &inp->inp_faddr6) && p->nif_fport == inp->inp_fport) break; } else continue; } if (p == (struct netinfo *)&netcb) { if ((p = malloc(sizeof(*p))) == NULL) { error("Out of memory"); return; } p->nif_prev = (struct netinfo *)&netcb; p->nif_forw = netcb.nif_forw; netcb.nif_forw->nif_prev = p; netcb.nif_forw = p; p->nif_line = -1; p->nif_lport = inp->inp_lport; p->nif_fport = inp->inp_fport; p->nif_proto = proto; p->nif_flags = NIF_LACHG|NIF_FACHG; if (inp->inp_flags & INP_IPV6) { p->nif_laddr6 = inp->inp_laddr6; p->nif_faddr6 = inp->inp_faddr6; p->nif_family = AF_INET6; } else { p->nif_laddr = inp->inp_laddr; p->nif_faddr = inp->inp_faddr; p->nif_family = AF_INET; } } p->nif_rcvcc = so->so_rcv.sb_cc; p->nif_sndcc = so->so_snd.sb_cc; p->nif_state = state; p->nif_seen = 1; } /* column locations */ #define LADDR 0 #define FADDR LADDR+23 #define PROTO FADDR+23 #define RCVCC PROTO+6 #define SNDCC RCVCC+7 #define STATE SNDCC+7 void labelnetstat(void) { if (namelist[X_TCBTABLE].n_type == 0) return; wmove(wnd, 0, 0); wclrtobot(wnd); mvwaddstr(wnd, 0, LADDR, "Local Address"); mvwaddstr(wnd, 0, FADDR, "Foreign Address"); mvwaddstr(wnd, 0, PROTO, "Proto"); mvwaddstr(wnd, 0, RCVCC, "Recv-Q"); mvwaddstr(wnd, 0, SNDCC, "Send-Q"); mvwaddstr(wnd, 0, STATE, "(state)"); } void shownetstat(void) { struct netinfo *p, *q; /* * First, delete any connections that have gone * away and adjust the position of connections * below to reflect the deleted line. */ p = netcb.nif_forw; while (p != (struct netinfo *)&netcb) { if (p->nif_line == -1 || p->nif_seen) { p = p->nif_forw; continue; } wmove(wnd, p->nif_line, 0); wdeleteln(wnd); q = netcb.nif_forw; for (; q != (struct netinfo *)&netcb; q = q->nif_forw) if (q != p && q->nif_line > p->nif_line) { q->nif_line--; /* this shouldn't be necessary */ q->nif_flags |= NIF_LACHG|NIF_FACHG; } lastrow--; q = p->nif_forw; p->nif_prev->nif_forw = p->nif_forw; p->nif_forw->nif_prev = p->nif_prev; free(p); p = q; } /* * Update existing connections and add new ones. */ for (p = netcb.nif_forw; p != (struct netinfo *)&netcb; p = p->nif_forw) { if (p->nif_line == -1) { /* * Add a new entry if possible. */ if (lastrow > YMAX(wnd)) continue; p->nif_line = lastrow++; p->nif_flags |= NIF_LACHG|NIF_FACHG; } if (p->nif_flags & NIF_LACHG) { wmove(wnd, p->nif_line, LADDR); switch (p->nif_family) { case AF_INET: inetprint(&p->nif_laddr, p->nif_lport, p->nif_proto); break; case AF_INET6: inet6print(&p->nif_laddr6, p->nif_lport, p->nif_proto); break; } p->nif_flags &= ~NIF_LACHG; } if (p->nif_flags & NIF_FACHG) { wmove(wnd, p->nif_line, FADDR); switch (p->nif_family) { case AF_INET: inetprint(&p->nif_faddr, p->nif_fport, p->nif_proto); break; case AF_INET6: inet6print(&p->nif_faddr6, p->nif_fport, p->nif_proto); break; } p->nif_flags &= ~NIF_FACHG; } mvwaddstr(wnd, p->nif_line, PROTO, p->nif_proto); if (p->nif_family == AF_INET6) waddstr(wnd, "6"); mvwprintw(wnd, p->nif_line, RCVCC, "%6d", p->nif_rcvcc); mvwprintw(wnd, p->nif_line, SNDCC, "%6d", p->nif_sndcc); if (streq(p->nif_proto, "tcp")) { if (p->nif_state < 0 || p->nif_state >= TCP_NSTATES) mvwprintw(wnd, p->nif_line, STATE, "%d", p->nif_state); else mvwaddstr(wnd, p->nif_line, STATE, tcpstates[p->nif_state]); } wclrtoeol(wnd); } if (lastrow < YMAX(wnd)) { wmove(wnd, lastrow, 0); wclrtobot(wnd); wmove(wnd, YMAX(wnd), 0); wdeleteln(wnd); /* XXX */ } } /* * Pretty print an Internet address (net address + port). * If the nflag was specified, use numbers instead of names. */ static void inetprint(struct in_addr *in, int port, char *proto) { struct servent *sp = 0; char line[80], *cp; snprintf(line, sizeof line, "%.*s.", 16, inetname(*in)); cp = strchr(line, '\0'); if (!nflag && port) sp = getservbyport(port, proto); if (sp || port == 0) snprintf(cp, sizeof line - strlen(cp), "%.8s", sp ? sp->s_name : "*"); else snprintf(cp, sizeof line - strlen(cp), "%d", ntohs((u_short)port)); /* pad to full column to clear any garbage */ cp = strchr(line, '\0'); while (cp - line < 22 && cp - line < sizeof line-1) *cp++ = ' '; *cp = '\0'; waddstr(wnd, line); } static void inet6print(struct in6_addr *in6, int port, char *proto) { struct servent *sp = 0; char line[80], *cp; snprintf(line, sizeof line, "%.*s.", 16, inet6name(in6)); cp = strchr(line, '\0'); if (!nflag && port) sp = getservbyport(port, proto); if (sp || port == 0) snprintf(cp, sizeof line - strlen(cp), "%.8s", sp ? sp->s_name : "*"); else snprintf(cp, sizeof line - strlen(cp), "%d", ntohs((u_short)port)); /* pad to full column to clear any garbage */ cp = strchr(line, '\0'); while (cp - line < 22 && cp - line < sizeof line-1) *cp++ = ' '; *cp = '\0'; waddstr(wnd, line); } /* * Construct an Internet address representation. * If the nflag has been supplied, give * numeric value, otherwise try for symbolic name. */ static const char * inetname(struct in_addr in) { char *cp = 0; static char line[50]; struct hostent *hp; struct netent *np; if (!nflag && in.s_addr != INADDR_ANY) { int net = inet_netof(in); int lna = inet_lnaof(in); if (lna == INADDR_ANY) { np = getnetbyaddr(net, AF_INET); if (np) cp = np->n_name; } if (cp == 0) { hp = gethostbyaddr((char *)&in, sizeof (in), AF_INET); if (hp) cp = hp->h_name; } } if (in.s_addr == INADDR_ANY) { strlcpy(line, "*", sizeof line); } else if (cp) { strlcpy(line, cp, sizeof line); } else { in.s_addr = ntohl(in.s_addr); #define C(x) ((x) & 0xff) snprintf(line, sizeof line, "%u.%u.%u.%u", C(in.s_addr >> 24), C(in.s_addr >> 16), C(in.s_addr >> 8), C(in.s_addr)); } return (line); } static const char * inet6name(struct in6_addr *in6) { static char line[NI_MAXHOST]; struct sockaddr_in6 sin6; int flags; flags = nflag ? NI_NUMERICHOST : 0; if (IN6_IS_ADDR_UNSPECIFIED(in6)) return "*"; memset(&sin6, 0, sizeof(sin6)); sin6.sin6_family = AF_INET6; sin6.sin6_len = sizeof(struct sockaddr_in6); sin6.sin6_addr = *in6; if (getnameinfo((struct sockaddr *)&sin6, sin6.sin6_len, line, sizeof(line), NULL, 0, flags) == 0) return line; return "?"; } int cmdnetstat(char *cmd, char *args) { struct netinfo *p; if (prefix(cmd, "all")) { aflag = !aflag; goto fixup; } if (prefix(cmd, "numbers") || prefix(cmd, "names")) { int new; new = prefix(cmd, "numbers"); if (new == nflag) return (1); p = netcb.nif_forw; for (; p != (struct netinfo *)&netcb; p = p->nif_forw) { if (p->nif_line == -1) continue; p->nif_flags |= NIF_LACHG|NIF_FACHG; } nflag = new; wclear(wnd); labelnetstat(); goto redisplay; } if (!netcmd(cmd, args)) return (0); fixup: fetchnetstat(); redisplay: shownetstat(); refresh(); return (1); }