2 * ss.c "sockstat", socket statistics
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
17 #include <sys/ioctl.h>
18 #include <sys/socket.h>
20 #include <netinet/in.h>
24 #include <arpa/inet.h>
34 #include "libnetlink.h"
35 #include "namespace.h"
38 #include <linux/tcp.h>
39 #include <linux/sock_diag.h>
40 #include <linux/inet_diag.h>
41 #include <linux/unix_diag.h>
42 #include <linux/netdevice.h> /* for MAX_ADDR_LEN */
43 #include <linux/filter.h>
44 #include <linux/packet_diag.h>
45 #include <linux/netlink_diag.h>
46 #include <linux/sctp.h>
47 #include <linux/vm_sockets_diag.h>
49 #define MAGIC_SEQ 123456
51 #define DIAG_REQUEST(_req, _r) \
53 struct nlmsghdr nlh; \
57 .nlmsg_type = SOCK_DIAG_BY_FAMILY, \
58 .nlmsg_flags = NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST,\
59 .nlmsg_seq = MAGIC_SEQ, \
60 .nlmsg_len = sizeof(_req), \
65 #include <selinux/selinux.h>
67 /* Stubs for SELinux functions */
68 static int is_selinux_enabled(void)
73 static int getpidcon(pid_t pid
, char **context
)
79 static int getfilecon(char *path
, char **context
)
85 static int security_get_initial_context(char *name
, char **context
)
93 int resolve_services
= 1;
94 int preferred_family
= AF_UNSPEC
;
112 static const char *TCP_PROTO
= "tcp";
113 static const char *SCTP_PROTO
= "sctp";
114 static const char *UDP_PROTO
= "udp";
115 static const char *RAW_PROTO
= "raw";
116 static const char *dg_proto
;
135 #define PACKET_DBM ((1<<PACKET_DG_DB)|(1<<PACKET_R_DB))
136 #define UNIX_DBM ((1<<UNIX_DG_DB)|(1<<UNIX_ST_DB)|(1<<UNIX_SQ_DB))
137 #define ALL_DB ((1<<MAX_DB)-1)
138 #define INET_L4_DBM ((1<<TCP_DB)|(1<<UDP_DB)|(1<<DCCP_DB)|(1<<SCTP_DB))
139 #define INET_DBM (INET_L4_DBM | (1<<RAW_DB))
140 #define VSOCK_DBM ((1<<VSOCK_ST_DB)|(1<<VSOCK_DG_DB))
159 SCTP_STATE_CLOSED
= 0,
160 SCTP_STATE_COOKIE_WAIT
= 1,
161 SCTP_STATE_COOKIE_ECHOED
= 2,
162 SCTP_STATE_ESTABLISHED
= 3,
163 SCTP_STATE_SHUTDOWN_PENDING
= 4,
164 SCTP_STATE_SHUTDOWN_SENT
= 5,
165 SCTP_STATE_SHUTDOWN_RECEIVED
= 6,
166 SCTP_STATE_SHUTDOWN_ACK_SENT
= 7,
169 #define SS_ALL ((1 << SS_MAX) - 1)
170 #define SS_CONN (SS_ALL & ~((1<<SS_LISTEN)|(1<<SS_CLOSE)|(1<<SS_TIME_WAIT)|(1<<SS_SYN_RECV)))
172 #include "ssfilter.h"
182 #define FAMILY_MASK(family) ((uint64_t)1 << (family))
184 static const struct filter default_dbs
[MAX_DB
] = {
187 .families
= FAMILY_MASK(AF_INET
) | FAMILY_MASK(AF_INET6
),
191 .families
= FAMILY_MASK(AF_INET
) | FAMILY_MASK(AF_INET6
),
194 .states
= (1 << SS_ESTABLISHED
),
195 .families
= FAMILY_MASK(AF_INET
) | FAMILY_MASK(AF_INET6
),
198 .states
= (1 << SS_ESTABLISHED
),
199 .families
= FAMILY_MASK(AF_INET
) | FAMILY_MASK(AF_INET6
),
202 .states
= (1 << SS_CLOSE
),
203 .families
= FAMILY_MASK(AF_UNIX
),
207 .families
= FAMILY_MASK(AF_UNIX
),
211 .families
= FAMILY_MASK(AF_UNIX
),
214 .states
= (1 << SS_CLOSE
),
215 .families
= FAMILY_MASK(AF_PACKET
),
218 .states
= (1 << SS_CLOSE
),
219 .families
= FAMILY_MASK(AF_PACKET
),
222 .states
= (1 << SS_CLOSE
),
223 .families
= FAMILY_MASK(AF_NETLINK
),
227 .families
= FAMILY_MASK(AF_INET
) | FAMILY_MASK(AF_INET6
),
231 .families
= FAMILY_MASK(AF_VSOCK
),
235 .families
= FAMILY_MASK(AF_VSOCK
),
239 static const struct filter default_afs
[AF_MAX
] = {
254 .states
= (1 << SS_CLOSE
),
257 .dbs
= (1 << NETLINK_DB
),
258 .states
= (1 << SS_CLOSE
),
266 static int do_default
= 1;
267 static struct filter current_filter
;
269 static void filter_db_set(struct filter
*f
, int db
)
271 f
->states
|= default_dbs
[db
].states
;
276 static void filter_af_set(struct filter
*f
, int af
)
278 f
->states
|= default_afs
[af
].states
;
279 f
->families
|= FAMILY_MASK(af
);
281 preferred_family
= af
;
284 static int filter_af_get(struct filter
*f
, int af
)
286 return !!(f
->families
& FAMILY_MASK(af
));
289 static void filter_default_dbs(struct filter
*f
)
291 filter_db_set(f
, UDP_DB
);
292 filter_db_set(f
, DCCP_DB
);
293 filter_db_set(f
, TCP_DB
);
294 filter_db_set(f
, RAW_DB
);
295 filter_db_set(f
, UNIX_ST_DB
);
296 filter_db_set(f
, UNIX_DG_DB
);
297 filter_db_set(f
, UNIX_SQ_DB
);
298 filter_db_set(f
, PACKET_R_DB
);
299 filter_db_set(f
, PACKET_DG_DB
);
300 filter_db_set(f
, NETLINK_DB
);
301 filter_db_set(f
, SCTP_DB
);
302 filter_db_set(f
, VSOCK_ST_DB
);
303 filter_db_set(f
, VSOCK_DG_DB
);
306 static void filter_states_set(struct filter
*f
, int states
)
312 static void filter_merge_defaults(struct filter
*f
)
317 for (db
= 0; db
< MAX_DB
; db
++) {
318 if (!(f
->dbs
& (1 << db
)))
321 if (!(default_dbs
[db
].families
& f
->families
))
322 f
->families
|= default_dbs
[db
].families
;
324 for (af
= 0; af
< AF_MAX
; af
++) {
325 if (!(f
->families
& FAMILY_MASK(af
)))
328 if (!(default_afs
[af
].dbs
& f
->dbs
))
329 f
->dbs
|= default_afs
[af
].dbs
;
333 static FILE *generic_proc_open(const char *env
, const char *name
)
335 const char *p
= getenv(env
);
339 p
= getenv("PROC_ROOT") ? : "/proc";
340 snprintf(store
, sizeof(store
)-1, "%s/%s", p
, name
);
344 return fopen(p
, "r");
346 #define net_tcp_open() generic_proc_open("PROC_NET_TCP", "net/tcp")
347 #define net_tcp6_open() generic_proc_open("PROC_NET_TCP6", "net/tcp6")
348 #define net_udp_open() generic_proc_open("PROC_NET_UDP", "net/udp")
349 #define net_udp6_open() generic_proc_open("PROC_NET_UDP6", "net/udp6")
350 #define net_raw_open() generic_proc_open("PROC_NET_RAW", "net/raw")
351 #define net_raw6_open() generic_proc_open("PROC_NET_RAW6", "net/raw6")
352 #define net_unix_open() generic_proc_open("PROC_NET_UNIX", "net/unix")
353 #define net_packet_open() generic_proc_open("PROC_NET_PACKET", \
355 #define net_netlink_open() generic_proc_open("PROC_NET_NETLINK", \
357 #define slabinfo_open() generic_proc_open("PROC_SLABINFO", "slabinfo")
358 #define net_sockstat_open() generic_proc_open("PROC_NET_SOCKSTAT", \
360 #define net_sockstat6_open() generic_proc_open("PROC_NET_SOCKSTAT6", \
362 #define net_snmp_open() generic_proc_open("PROC_NET_SNMP", "net/snmp")
363 #define ephemeral_ports_open() generic_proc_open("PROC_IP_LOCAL_PORT_RANGE", \
364 "sys/net/ipv4/ip_local_port_range")
367 struct user_ent
*next
;
376 #define USER_ENT_HASH_SIZE 256
377 struct user_ent
*user_ent_hash
[USER_ENT_HASH_SIZE
];
379 static int user_ent_hashfn(unsigned int ino
)
381 int val
= (ino
>> 24) ^ (ino
>> 16) ^ (ino
>> 8) ^ ino
;
383 return val
& (USER_ENT_HASH_SIZE
- 1);
386 static void user_ent_add(unsigned int ino
, char *process
,
391 struct user_ent
*p
, **pp
;
393 p
= malloc(sizeof(struct user_ent
));
395 fprintf(stderr
, "ss: failed to malloc buffer\n");
402 p
->process
= strdup(process
);
403 p
->process_ctx
= strdup(proc_ctx
);
404 p
->socket_ctx
= strdup(sock_ctx
);
406 pp
= &user_ent_hash
[user_ent_hashfn(ino
)];
411 static void user_ent_destroy(void)
413 struct user_ent
*p
, *p_next
;
416 while (cnt
!= USER_ENT_HASH_SIZE
) {
417 p
= user_ent_hash
[cnt
];
420 free(p
->process_ctx
);
430 static void user_ent_hash_build(void)
432 const char *root
= getenv("PROC_ROOT") ? : "/proc/";
439 const char *no_ctx
= "unavailable";
440 static int user_ent_hash_build_init
;
442 /* If show_users & show_proc_ctx set only do this once */
443 if (user_ent_hash_build_init
!= 0)
446 user_ent_hash_build_init
= 1;
448 strlcpy(name
, root
, sizeof(name
));
450 if (strlen(name
) == 0 || name
[strlen(name
)-1] != '/')
453 nameoff
= strlen(name
);
459 while ((d
= readdir(dir
)) != NULL
) {
467 if (sscanf(d
->d_name
, "%d%c", &pid
, &crap
) != 1)
470 if (getpidcon(pid
, &pid_context
) != 0)
471 pid_context
= strdup(no_ctx
);
473 snprintf(name
+ nameoff
, sizeof(name
) - nameoff
, "%d/fd/", pid
);
475 if ((dir1
= opendir(name
)) == NULL
) {
483 while ((d1
= readdir(dir1
)) != NULL
) {
484 const char *pattern
= "socket:[";
491 if (sscanf(d1
->d_name
, "%d%c", &fd
, &crap
) != 1)
494 snprintf(name
+pos
, sizeof(name
) - pos
, "%d", fd
);
496 link_len
= readlink(name
, lnk
, sizeof(lnk
)-1);
499 lnk
[link_len
] = '\0';
501 if (strncmp(lnk
, pattern
, strlen(pattern
)))
504 sscanf(lnk
, "socket:[%u]", &ino
);
506 snprintf(tmp
, sizeof(tmp
), "%s/%d/fd/%s",
507 root
, pid
, d1
->d_name
);
509 if (getfilecon(tmp
, &sock_context
) <= 0)
510 sock_context
= strdup(no_ctx
);
515 snprintf(tmp
, sizeof(tmp
), "%s/%d/stat",
517 if ((fp
= fopen(tmp
, "r")) != NULL
) {
518 if (fscanf(fp
, "%*d (%[^)])", p
) < 1)
523 user_ent_add(ino
, p
, pid
, fd
,
524 pid_context
, sock_context
);
539 #define ENTRY_BUF_SIZE 512
540 static int find_entry(unsigned int ino
, char **buf
, int type
)
546 int len
, new_buf_len
;
553 p
= user_ent_hash
[user_ent_hashfn(ino
)];
560 ptr
= *buf
+ buf_used
;
563 len
= snprintf(ptr
, buf_len
- buf_used
,
564 "(\"%s\",pid=%d,fd=%d),",
565 p
->process
, p
->pid
, p
->fd
);
568 len
= snprintf(ptr
, buf_len
- buf_used
,
569 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d),",
571 p
->process_ctx
, p
->fd
);
574 len
= snprintf(ptr
, buf_len
- buf_used
,
575 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d,sock_ctx=%s),",
577 p
->process_ctx
, p
->fd
,
581 fprintf(stderr
, "ss: invalid type: %d\n", type
);
585 if (len
< 0 || len
>= buf_len
- buf_used
) {
586 new_buf_len
= buf_len
+ ENTRY_BUF_SIZE
;
587 new_buf
= realloc(*buf
, new_buf_len
);
589 fprintf(stderr
, "ss: failed to malloc buffer\n");
593 buf_len
= new_buf_len
;
605 ptr
= *buf
+ buf_used
;
611 /* Get stats from slab */
621 static struct slabstat slabstat
;
623 static int get_slabstat(struct slabstat
*s
)
628 static int slabstat_valid
;
629 static const char * const slabstat_ids
[] = {
640 memset(s
, 0, sizeof(*s
));
642 fp
= slabinfo_open();
646 cnt
= sizeof(*s
)/sizeof(int);
648 if (!fgets(buf
, sizeof(buf
), fp
)) {
652 while (fgets(buf
, sizeof(buf
), fp
) != NULL
) {
655 for (i
= 0; i
< ARRAY_SIZE(slabstat_ids
); i
++) {
656 if (memcmp(buf
, slabstat_ids
[i
], strlen(slabstat_ids
[i
])) == 0) {
657 sscanf(buf
, "%*s%d", ((int *)s
) + i
);
672 static unsigned long long cookie_sk_get(const uint32_t *cookie
)
674 return (((unsigned long long)cookie
[1] << 31) << 1) | cookie
[0];
677 static const char *sctp_sstate_name
[] = {
678 [SCTP_STATE_CLOSED
] = "CLOSED",
679 [SCTP_STATE_COOKIE_WAIT
] = "COOKIE_WAIT",
680 [SCTP_STATE_COOKIE_ECHOED
] = "COOKIE_ECHOED",
681 [SCTP_STATE_ESTABLISHED
] = "ESTAB",
682 [SCTP_STATE_SHUTDOWN_PENDING
] = "SHUTDOWN_PENDING",
683 [SCTP_STATE_SHUTDOWN_SENT
] = "SHUTDOWN_SENT",
684 [SCTP_STATE_SHUTDOWN_RECEIVED
] = "SHUTDOWN_RECEIVED",
685 [SCTP_STATE_SHUTDOWN_ACK_SENT
] = "ACK_SENT",
689 struct sockstat
*next
;
703 unsigned long long sk
;
710 unsigned int ce_state
;
720 unsigned int timeout
;
723 double rto
, ato
, rtt
, rttvar
;
724 int qack
, ssthresh
, backoff
;
732 unsigned int lastsnd
;
733 unsigned int lastrcv
;
734 unsigned int lastack
;
736 double pacing_rate_max
;
737 double delivery_rate
;
738 unsigned long long bytes_acked
;
739 unsigned long long bytes_received
;
740 unsigned int segs_out
;
741 unsigned int segs_in
;
742 unsigned int data_segs_out
;
743 unsigned int data_segs_in
;
744 unsigned int unacked
;
745 unsigned int retrans
;
746 unsigned int retrans_total
;
749 unsigned int fackets
;
750 unsigned int reordering
;
751 unsigned int not_sent
;
755 unsigned long long busy_time
;
756 unsigned long long rwnd_limited
;
757 unsigned long long sndbuf_limited
;
761 bool has_ecnseen_opt
;
762 bool has_fastopen_opt
;
765 struct dctcpstat
*dctcp
;
766 struct tcp_bbr_info
*bbr_info
;
769 /* SCTP assocs share the same inode number with their parent endpoint. So if we
770 * have seen the inode number before, it must be an assoc instead of the next
772 static bool is_sctp_assoc(struct sockstat
*s
, const char *sock_name
)
774 if (strcmp(sock_name
, "sctp"))
776 if (!sctp_ino
|| sctp_ino
!= s
->ino
)
781 static const char *unix_netid_name(int type
)
794 static const char *proto_name(int protocol
)
814 static const char *vsock_netid_name(int type
)
826 static void sock_state_print(struct sockstat
*s
)
828 const char *sock_name
;
829 static const char * const sstate_name
[] = {
831 [SS_ESTABLISHED
] = "ESTAB",
832 [SS_SYN_SENT
] = "SYN-SENT",
833 [SS_SYN_RECV
] = "SYN-RECV",
834 [SS_FIN_WAIT1
] = "FIN-WAIT-1",
835 [SS_FIN_WAIT2
] = "FIN-WAIT-2",
836 [SS_TIME_WAIT
] = "TIME-WAIT",
837 [SS_CLOSE
] = "UNCONN",
838 [SS_CLOSE_WAIT
] = "CLOSE-WAIT",
839 [SS_LAST_ACK
] = "LAST-ACK",
840 [SS_LISTEN
] = "LISTEN",
841 [SS_CLOSING
] = "CLOSING",
844 switch (s
->local
.family
) {
846 sock_name
= unix_netid_name(s
->type
);
850 sock_name
= proto_name(s
->type
);
853 sock_name
= s
->type
== SOCK_RAW
? "p_raw" : "p_dgr";
859 sock_name
= vsock_netid_name(s
->type
);
862 sock_name
= "unknown";
866 printf("%-*s ", netid_width
,
867 is_sctp_assoc(s
, sock_name
) ? "" : sock_name
);
869 if (is_sctp_assoc(s
, sock_name
))
870 printf("`- %-*s ", state_width
- 3,
871 sctp_sstate_name
[s
->state
]);
873 printf("%-*s ", state_width
, sstate_name
[s
->state
]);
876 printf("%-6d %-6d ", s
->rq
, s
->wq
);
879 static void sock_details_print(struct sockstat
*s
)
882 printf(" uid:%u", s
->uid
);
884 printf(" ino:%u", s
->ino
);
885 printf(" sk:%llx", s
->sk
);
888 printf(" fwmark:0x%x", s
->mark
);
891 static void sock_addr_print_width(int addr_len
, const char *addr
, char *delim
,
892 int port_len
, const char *port
, const char *ifname
)
895 printf("%*s%%%s%s%-*s ", addr_len
, addr
, ifname
, delim
,
898 printf("%*s%s%-*s ", addr_len
, addr
, delim
, port_len
, port
);
902 static void sock_addr_print(const char *addr
, char *delim
, const char *port
,
905 sock_addr_print_width(addr_width
, addr
, delim
, serv_width
, port
, ifname
);
908 static const char *print_ms_timer(unsigned int timeout
)
911 int secs
, msecs
, minutes
;
916 msecs
= timeout
%1000;
920 snprintf(buf
, sizeof(buf
)-16, "%dmin", minutes
);
927 sprintf(buf
+strlen(buf
), "%d%s", secs
, msecs
? "." : "sec");
930 sprintf(buf
+strlen(buf
), "%03dms", msecs
);
941 struct scache
*rlist
;
943 static void init_service_resolver(void)
946 FILE *fp
= popen("/usr/sbin/rpcinfo -p 2>/dev/null", "r");
951 if (!fgets(buf
, sizeof(buf
), fp
)) {
955 while (fgets(buf
, sizeof(buf
), fp
) != NULL
) {
956 unsigned int progn
, port
;
957 char proto
[128], prog
[128] = "rpc.";
960 if (sscanf(buf
, "%u %*d %s %u %s",
961 &progn
, proto
, &port
, prog
+4) != 4)
964 if (!(c
= malloc(sizeof(*c
))))
968 c
->name
= strdup(prog
);
969 if (strcmp(proto
, TCP_PROTO
) == 0)
970 c
->proto
= TCP_PROTO
;
971 else if (strcmp(proto
, UDP_PROTO
) == 0)
972 c
->proto
= UDP_PROTO
;
973 else if (strcmp(proto
, SCTP_PROTO
) == 0)
974 c
->proto
= SCTP_PROTO
;
983 /* Even do not try default linux ephemeral port ranges:
984 * default /etc/services contains so much of useless crap
985 * wouldbe "allocated" to this area that resolution
986 * is really harmful. I shrug each time when seeing
987 * "socks" or "cfinger" in dumps.
989 static int is_ephemeral(int port
)
991 static int min
= 0, max
;
994 FILE *f
= ephemeral_ports_open();
996 if (!f
|| fscanf(f
, "%d %d", &min
, &max
) < 2) {
1003 return port
>= min
&& port
<= max
;
1007 static const char *__resolve_service(int port
)
1011 for (c
= rlist
; c
; c
= c
->next
) {
1012 if (c
->port
== port
&& c
->proto
== dg_proto
)
1016 if (!is_ephemeral(port
)) {
1017 static int notfirst
;
1024 se
= getservbyport(htons(port
), dg_proto
);
1032 #define SCACHE_BUCKETS 1024
1033 static struct scache
*cache_htab
[SCACHE_BUCKETS
];
1035 static const char *resolve_service(int port
)
1037 static char buf
[128];
1048 if (!resolve_services
)
1051 if (dg_proto
== RAW_PROTO
)
1052 return inet_proto_n2a(port
, buf
, sizeof(buf
));
1055 hash
= (port
^(((unsigned long)dg_proto
)>>2)) % SCACHE_BUCKETS
;
1057 for (c
= cache_htab
[hash
]; c
; c
= c
->next
) {
1058 if (c
->port
== port
&& c
->proto
== dg_proto
)
1062 c
= malloc(sizeof(*c
));
1065 res
= __resolve_service(port
);
1067 c
->name
= res
? strdup(res
) : NULL
;
1068 c
->proto
= dg_proto
;
1069 c
->next
= cache_htab
[hash
];
1070 cache_htab
[hash
] = c
;
1077 sprintf(buf
, "%u", port
);
1081 static void inet_addr_print(const inet_prefix
*a
, int port
,
1082 unsigned int ifindex
, bool v6only
)
1085 const char *ap
= buf
;
1086 int est_len
= addr_width
;
1087 const char *ifname
= NULL
;
1089 if (a
->family
== AF_INET
) {
1090 ap
= format_host(AF_INET
, 4, a
->data
);
1093 !memcmp(a
->data
, &in6addr_any
, sizeof(in6addr_any
))) {
1097 ap
= format_host(a
->family
, 16, a
->data
);
1099 /* Numeric IPv6 addresses should be bracketed */
1100 if (strchr(ap
, ':')) {
1101 snprintf(buf
, sizeof(buf
),
1106 est_len
= strlen(ap
);
1107 if (est_len
<= addr_width
)
1108 est_len
= addr_width
;
1110 est_len
= addr_width
+ ((est_len
-addr_width
+3)/4)*4;
1115 ifname
= ll_index_to_name(ifindex
);
1116 est_len
-= strlen(ifname
) + 1; /* +1 for percent char */
1121 sock_addr_print_width(est_len
, ap
, ":", serv_width
, resolve_service(port
),
1131 struct aafilter
*next
;
1134 static int inet2_addr_match(const inet_prefix
*a
, const inet_prefix
*p
,
1137 if (!inet_addr_match(a
, p
, plen
))
1140 /* Cursed "v4 mapped" addresses: v4 mapped socket matches
1141 * pure IPv4 rule, but v4-mapped rule selects only v4-mapped
1143 if (p
->family
== AF_INET
&& a
->family
== AF_INET6
) {
1144 if (a
->data
[0] == 0 && a
->data
[1] == 0 &&
1145 a
->data
[2] == htonl(0xffff)) {
1146 inet_prefix tmp
= *a
;
1148 tmp
.data
[0] = a
->data
[3];
1149 return inet_addr_match(&tmp
, p
, plen
);
1155 static int unix_match(const inet_prefix
*a
, const inet_prefix
*p
)
1157 char *addr
, *pattern
;
1159 memcpy(&addr
, a
->data
, sizeof(addr
));
1160 memcpy(&pattern
, p
->data
, sizeof(pattern
));
1161 if (pattern
== NULL
)
1165 return !fnmatch(pattern
, addr
, 0);
1168 static int run_ssfilter(struct ssfilter
*f
, struct sockstat
*s
)
1173 if (s
->local
.family
== AF_UNIX
) {
1176 memcpy(&p
, s
->local
.data
, sizeof(p
));
1177 return p
== NULL
|| (p
[0] == '@' && strlen(p
) == 6 &&
1178 strspn(p
+1, "0123456789abcdef") == 5);
1180 if (s
->local
.family
== AF_PACKET
)
1181 return s
->lport
== 0 && s
->local
.data
[0] == 0;
1182 if (s
->local
.family
== AF_NETLINK
)
1183 return s
->lport
< 0;
1184 if (s
->local
.family
== AF_VSOCK
)
1185 return s
->lport
> 1023;
1187 return is_ephemeral(s
->lport
);
1191 struct aafilter
*a
= (void *)f
->pred
;
1193 if (a
->addr
.family
== AF_UNIX
)
1194 return unix_match(&s
->remote
, &a
->addr
);
1195 if (a
->port
!= -1 && a
->port
!= s
->rport
)
1197 if (a
->addr
.bitlen
) {
1199 if (!inet2_addr_match(&s
->remote
, &a
->addr
, a
->addr
.bitlen
))
1201 } while ((a
= a
->next
) != NULL
);
1208 struct aafilter
*a
= (void *)f
->pred
;
1210 if (a
->addr
.family
== AF_UNIX
)
1211 return unix_match(&s
->local
, &a
->addr
);
1212 if (a
->port
!= -1 && a
->port
!= s
->lport
)
1214 if (a
->addr
.bitlen
) {
1216 if (!inet2_addr_match(&s
->local
, &a
->addr
, a
->addr
.bitlen
))
1218 } while ((a
= a
->next
) != NULL
);
1225 struct aafilter
*a
= (void *)f
->pred
;
1227 return s
->rport
>= a
->port
;
1231 struct aafilter
*a
= (void *)f
->pred
;
1233 return s
->rport
<= a
->port
;
1237 struct aafilter
*a
= (void *)f
->pred
;
1239 return s
->lport
>= a
->port
;
1243 struct aafilter
*a
= (void *)f
->pred
;
1245 return s
->lport
<= a
->port
;
1249 struct aafilter
*a
= (void *)f
->pred
;
1251 return s
->iface
== a
->iface
;
1255 struct aafilter
*a
= (void *)f
->pred
;
1257 return (s
->mark
& a
->mask
) == a
->mark
;
1259 /* Yup. It is recursion. Sorry. */
1261 return run_ssfilter(f
->pred
, s
) && run_ssfilter(f
->post
, s
);
1263 return run_ssfilter(f
->pred
, s
) || run_ssfilter(f
->post
, s
);
1265 return !run_ssfilter(f
->pred
, s
);
1271 /* Relocate external jumps by reloc. */
1272 static void ssfilter_patch(char *a
, int len
, int reloc
)
1275 struct inet_diag_bc_op
*op
= (struct inet_diag_bc_op
*)a
;
1277 if (op
->no
== len
+4)
1286 static int ssfilter_bytecompile(struct ssfilter
*f
, char **bytecode
)
1291 if (!(*bytecode
= malloc(4))) abort();
1292 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_AUTO
, 4, 8 };
1298 struct aafilter
*a
= (void *)f
->pred
;
1301 int code
= (f
->type
== SSF_DCOND
? INET_DIAG_BC_D_COND
: INET_DIAG_BC_S_COND
);
1304 for (b
= a
; b
; b
= b
->next
) {
1305 len
+= 4 + sizeof(struct inet_diag_hostcond
);
1306 if (a
->addr
.family
== AF_INET6
)
1313 if (!(ptr
= malloc(len
))) abort();
1315 for (b
= a
; b
; b
= b
->next
) {
1316 struct inet_diag_bc_op
*op
= (struct inet_diag_bc_op
*)ptr
;
1317 int alen
= (a
->addr
.family
== AF_INET6
? 16 : 4);
1318 int oplen
= alen
+ 4 + sizeof(struct inet_diag_hostcond
);
1319 struct inet_diag_hostcond
*cond
= (struct inet_diag_hostcond
*)(ptr
+4);
1321 *op
= (struct inet_diag_bc_op
){ code
, oplen
, oplen
+4 };
1322 cond
->family
= a
->addr
.family
;
1323 cond
->port
= a
->port
;
1324 cond
->prefix_len
= a
->addr
.bitlen
;
1325 memcpy(cond
->addr
, a
->addr
.data
, alen
);
1328 op
= (struct inet_diag_bc_op
*)ptr
;
1329 *op
= (struct inet_diag_bc_op
){ INET_DIAG_BC_JMP
, 4, len
- (ptr
-*bytecode
)};
1333 return ptr
- *bytecode
;
1337 struct aafilter
*x
= (void *)f
->pred
;
1339 if (!(*bytecode
= malloc(8))) abort();
1340 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_D_GE
, 8, 12 };
1341 ((struct inet_diag_bc_op
*)*bytecode
)[1] = (struct inet_diag_bc_op
){ 0, 0, x
->port
};
1346 struct aafilter
*x
= (void *)f
->pred
;
1348 if (!(*bytecode
= malloc(8))) abort();
1349 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_D_LE
, 8, 12 };
1350 ((struct inet_diag_bc_op
*)*bytecode
)[1] = (struct inet_diag_bc_op
){ 0, 0, x
->port
};
1355 struct aafilter
*x
= (void *)f
->pred
;
1357 if (!(*bytecode
= malloc(8))) abort();
1358 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_S_GE
, 8, 12 };
1359 ((struct inet_diag_bc_op
*)*bytecode
)[1] = (struct inet_diag_bc_op
){ 0, 0, x
->port
};
1364 struct aafilter
*x
= (void *)f
->pred
;
1366 if (!(*bytecode
= malloc(8))) abort();
1367 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_S_LE
, 8, 12 };
1368 ((struct inet_diag_bc_op
*)*bytecode
)[1] = (struct inet_diag_bc_op
){ 0, 0, x
->port
};
1374 char *a1
= NULL
, *a2
= NULL
, *a
;
1377 l1
= ssfilter_bytecompile(f
->pred
, &a1
);
1378 l2
= ssfilter_bytecompile(f
->post
, &a2
);
1384 if (!(a
= malloc(l1
+l2
))) abort();
1386 memcpy(a
+l1
, a2
, l2
);
1388 ssfilter_patch(a
, l1
, l2
);
1394 char *a1
= NULL
, *a2
= NULL
, *a
;
1397 l1
= ssfilter_bytecompile(f
->pred
, &a1
);
1398 l2
= ssfilter_bytecompile(f
->post
, &a2
);
1404 if (!(a
= malloc(l1
+l2
+4))) abort();
1406 memcpy(a
+l1
+4, a2
, l2
);
1408 *(struct inet_diag_bc_op
*)(a
+l1
) = (struct inet_diag_bc_op
){ INET_DIAG_BC_JMP
, 4, l2
+4 };
1414 char *a1
= NULL
, *a
;
1417 l1
= ssfilter_bytecompile(f
->pred
, &a1
);
1422 if (!(a
= malloc(l1
+4))) abort();
1425 *(struct inet_diag_bc_op
*)(a
+l1
) = (struct inet_diag_bc_op
){ INET_DIAG_BC_JMP
, 4, 8 };
1431 /* bytecompile for SSF_DEVCOND not supported yet */
1436 struct aafilter
*a
= (void *)f
->pred
;
1438 struct inet_diag_bc_op op
;
1439 struct inet_diag_markcond cond
;
1441 int inslen
= sizeof(struct instr
);
1443 if (!(*bytecode
= malloc(inslen
))) abort();
1444 ((struct instr
*)*bytecode
)[0] = (struct instr
) {
1445 { INET_DIAG_BC_MARK_COND
, inslen
, inslen
+ 4 },
1446 { a
->mark
, a
->mask
},
1456 static int remember_he(struct aafilter
*a
, struct hostent
*he
)
1458 char **ptr
= he
->h_addr_list
;
1462 if (he
->h_addrtype
== AF_INET
)
1464 else if (he
->h_addrtype
== AF_INET6
)
1470 struct aafilter
*b
= a
;
1472 if (a
->addr
.bitlen
) {
1473 if ((b
= malloc(sizeof(*b
))) == NULL
)
1478 memcpy(b
->addr
.data
, *ptr
, len
);
1479 b
->addr
.bytelen
= len
;
1480 b
->addr
.bitlen
= len
*8;
1481 b
->addr
.family
= he
->h_addrtype
;
1488 static int get_dns_host(struct aafilter
*a
, const char *addr
, int fam
)
1490 static int notfirst
;
1499 he
= gethostbyname2(addr
, fam
== AF_UNSPEC
? AF_INET
: fam
);
1501 cnt
= remember_he(a
, he
);
1502 if (fam
== AF_UNSPEC
) {
1503 he
= gethostbyname2(addr
, AF_INET6
);
1505 cnt
+= remember_he(a
, he
);
1510 static int xll_initted
;
1512 static void xll_init(void)
1514 struct rtnl_handle rth
;
1516 if (rtnl_open(&rth
, 0) < 0)
1524 static const char *xll_index_to_name(int index
)
1528 return ll_index_to_name(index
);
1531 static int xll_name_to_index(const char *dev
)
1535 return ll_name_to_index(dev
);
1538 void *parse_devcond(char *name
)
1540 struct aafilter a
= { .iface
= 0 };
1541 struct aafilter
*res
;
1543 a
.iface
= xll_name_to_index(name
);
1548 n
= strtoul(name
, &end
, 0);
1549 if (!end
|| end
== name
|| *end
|| n
> UINT_MAX
)
1555 res
= malloc(sizeof(*res
));
1561 static void vsock_set_inet_prefix(inet_prefix
*a
, __u32 cid
)
1564 .bytelen
= sizeof(cid
),
1567 memcpy(a
->data
, &cid
, sizeof(cid
));
1570 void *parse_hostcond(char *addr
, bool is_port
)
1573 struct aafilter a
= { .port
= -1 };
1574 struct aafilter
*res
;
1575 int fam
= preferred_family
;
1576 struct filter
*f
= ¤t_filter
;
1578 if (fam
== AF_UNIX
|| strncmp(addr
, "unix:", 5) == 0) {
1581 a
.addr
.family
= AF_UNIX
;
1582 if (strncmp(addr
, "unix:", 5) == 0)
1585 a
.addr
.bitlen
= 8*strlen(p
);
1586 memcpy(a
.addr
.data
, &p
, sizeof(p
));
1591 if (fam
== AF_PACKET
|| strncmp(addr
, "link:", 5) == 0) {
1592 a
.addr
.family
= AF_PACKET
;
1594 if (strncmp(addr
, "link:", 5) == 0)
1596 port
= strchr(addr
, ':');
1599 if (port
[1] && strcmp(port
+1, "*")) {
1600 if (get_integer(&a
.port
, port
+1, 0)) {
1601 if ((a
.port
= xll_name_to_index(port
+1)) <= 0)
1606 if (addr
[0] && strcmp(addr
, "*")) {
1610 if (ll_proto_a2n(&tmp
, addr
))
1612 a
.addr
.data
[0] = ntohs(tmp
);
1618 if (fam
== AF_NETLINK
|| strncmp(addr
, "netlink:", 8) == 0) {
1619 a
.addr
.family
= AF_NETLINK
;
1621 if (strncmp(addr
, "netlink:", 8) == 0)
1623 port
= strchr(addr
, ':');
1626 if (port
[1] && strcmp(port
+1, "*")) {
1627 if (get_integer(&a
.port
, port
+1, 0)) {
1628 if (strcmp(port
+1, "kernel") == 0)
1635 if (addr
[0] && strcmp(addr
, "*")) {
1637 if (nl_proto_a2n(&a
.addr
.data
[0], addr
) == -1)
1644 if (fam
== AF_VSOCK
|| strncmp(addr
, "vsock:", 6) == 0) {
1645 __u32 cid
= ~(__u32
)0;
1647 a
.addr
.family
= AF_VSOCK
;
1648 if (strncmp(addr
, "vsock:", 6) == 0)
1654 port
= strchr(addr
, ':');
1661 if (port
&& strcmp(port
, "*") &&
1662 get_u32((__u32
*)&a
.port
, port
, 0))
1665 if (addr
[0] && strcmp(addr
, "*")) {
1667 if (get_u32(&cid
, addr
, 0))
1670 vsock_set_inet_prefix(&a
.addr
, cid
);
1675 if (fam
== AF_INET
|| !strncmp(addr
, "inet:", 5)) {
1677 if (!strncmp(addr
, "inet:", 5))
1679 } else if (fam
== AF_INET6
|| !strncmp(addr
, "inet6:", 6)) {
1681 if (!strncmp(addr
, "inet6:", 6))
1685 /* URL-like literal [] */
1686 if (addr
[0] == '[') {
1688 if ((port
= strchr(addr
, ']')) == NULL
)
1691 } else if (addr
[0] == '*') {
1694 port
= strrchr(strchr(addr
, '/') ? : addr
, ':');
1700 if (port
&& *port
) {
1704 if (*port
&& *port
!= '*') {
1705 if (get_integer(&a
.port
, port
, 0)) {
1706 struct servent
*se1
= NULL
;
1707 struct servent
*se2
= NULL
;
1709 if (current_filter
.dbs
&(1<<UDP_DB
))
1710 se1
= getservbyname(port
, UDP_PROTO
);
1711 if (current_filter
.dbs
&(1<<TCP_DB
))
1712 se2
= getservbyname(port
, TCP_PROTO
);
1713 if (se1
&& se2
&& se1
->s_port
!= se2
->s_port
) {
1714 fprintf(stderr
, "Error: ambiguous port \"%s\".\n", port
);
1720 a
.port
= ntohs(se1
->s_port
);
1724 for (s
= rlist
; s
; s
= s
->next
) {
1725 if ((s
->proto
== UDP_PROTO
&&
1726 (current_filter
.dbs
&(1<<UDP_DB
))) ||
1727 (s
->proto
== TCP_PROTO
&&
1728 (current_filter
.dbs
&(1<<TCP_DB
)))) {
1729 if (s
->name
&& strcmp(s
->name
, port
) == 0) {
1730 if (a
.port
> 0 && a
.port
!= s
->port
) {
1731 fprintf(stderr
, "Error: ambiguous port \"%s\".\n", port
);
1739 fprintf(stderr
, "Error: \"%s\" does not look like a port.\n", port
);
1746 if (!is_port
&& *addr
&& *addr
!= '*') {
1747 if (get_prefix_1(&a
.addr
, addr
, fam
)) {
1748 if (get_dns_host(&a
, addr
, fam
)) {
1749 fprintf(stderr
, "Error: an inet prefix is expected rather than \"%s\".\n", addr
);
1756 if (fam
!= AF_UNSPEC
) {
1757 int states
= f
->states
;
1759 filter_af_set(f
, fam
);
1760 filter_states_set(f
, states
);
1763 res
= malloc(sizeof(*res
));
1765 memcpy(res
, &a
, sizeof(a
));
1769 void *parse_markmask(const char *markmask
)
1771 struct aafilter a
, *res
;
1773 if (strchr(markmask
, '/')) {
1774 if (sscanf(markmask
, "%i/%i", &a
.mark
, &a
.mask
) != 2)
1777 a
.mask
= 0xffffffff;
1778 if (sscanf(markmask
, "%i", &a
.mark
) != 1)
1782 res
= malloc(sizeof(*res
));
1784 memcpy(res
, &a
, sizeof(a
));
1788 static void proc_ctx_print(struct sockstat
*s
)
1792 if (show_proc_ctx
|| show_sock_ctx
) {
1793 if (find_entry(s
->ino
, &buf
,
1794 (show_proc_ctx
& show_sock_ctx
) ?
1795 PROC_SOCK_CTX
: PROC_CTX
) > 0) {
1796 printf(" users:(%s)", buf
);
1799 } else if (show_users
) {
1800 if (find_entry(s
->ino
, &buf
, USERS
) > 0) {
1801 printf(" users:(%s)", buf
);
1807 static void inet_stats_print(struct sockstat
*s
, bool v6only
)
1809 sock_state_print(s
);
1811 inet_addr_print(&s
->local
, s
->lport
, s
->iface
, v6only
);
1812 inet_addr_print(&s
->remote
, s
->rport
, 0, v6only
);
1817 static int proc_parse_inet_addr(char *loc
, char *rem
, int family
, struct
1820 s
->local
.family
= s
->remote
.family
= family
;
1821 if (family
== AF_INET
) {
1822 sscanf(loc
, "%x:%x", s
->local
.data
, (unsigned *)&s
->lport
);
1823 sscanf(rem
, "%x:%x", s
->remote
.data
, (unsigned *)&s
->rport
);
1824 s
->local
.bytelen
= s
->remote
.bytelen
= 4;
1827 sscanf(loc
, "%08x%08x%08x%08x:%x",
1833 sscanf(rem
, "%08x%08x%08x%08x:%x",
1839 s
->local
.bytelen
= s
->remote
.bytelen
= 16;
1845 static int proc_inet_split_line(char *line
, char **loc
, char **rem
, char **data
)
1849 if ((p
= strchr(line
, ':')) == NULL
)
1853 if ((p
= strchr(*loc
, ':')) == NULL
)
1858 if ((p
= strchr(*rem
, ':')) == NULL
)
1866 static char *sprint_bw(char *buf
, double bw
)
1869 sprintf(buf
, "%.1fM", bw
/ 1000000.);
1870 else if (bw
> 1000.)
1871 sprintf(buf
, "%.1fK", bw
/ 1000.);
1873 sprintf(buf
, "%g", bw
);
1878 static void sctp_stats_print(struct sctp_info
*s
)
1881 printf(" tag:%x", s
->sctpi_tag
);
1883 printf(" state:%s", sctp_sstate_name
[s
->sctpi_state
]);
1885 printf(" rwnd:%d", s
->sctpi_rwnd
);
1886 if (s
->sctpi_unackdata
)
1887 printf(" unackdata:%d", s
->sctpi_unackdata
);
1888 if (s
->sctpi_penddata
)
1889 printf(" penddata:%d", s
->sctpi_penddata
);
1890 if (s
->sctpi_instrms
)
1891 printf(" instrms:%d", s
->sctpi_instrms
);
1892 if (s
->sctpi_outstrms
)
1893 printf(" outstrms:%d", s
->sctpi_outstrms
);
1894 if (s
->sctpi_inqueue
)
1895 printf(" inqueue:%d", s
->sctpi_inqueue
);
1896 if (s
->sctpi_outqueue
)
1897 printf(" outqueue:%d", s
->sctpi_outqueue
);
1898 if (s
->sctpi_overall_error
)
1899 printf(" overerr:%d", s
->sctpi_overall_error
);
1900 if (s
->sctpi_max_burst
)
1901 printf(" maxburst:%d", s
->sctpi_max_burst
);
1902 if (s
->sctpi_maxseg
)
1903 printf(" maxseg:%d", s
->sctpi_maxseg
);
1904 if (s
->sctpi_peer_rwnd
)
1905 printf(" prwnd:%d", s
->sctpi_peer_rwnd
);
1906 if (s
->sctpi_peer_tag
)
1907 printf(" ptag:%x", s
->sctpi_peer_tag
);
1908 if (s
->sctpi_peer_capable
)
1909 printf(" pcapable:%d", s
->sctpi_peer_capable
);
1910 if (s
->sctpi_peer_sack
)
1911 printf(" psack:%d", s
->sctpi_peer_sack
);
1912 if (s
->sctpi_s_autoclose
)
1913 printf(" autoclose:%d", s
->sctpi_s_autoclose
);
1914 if (s
->sctpi_s_adaptation_ind
)
1915 printf(" adapind:%d", s
->sctpi_s_adaptation_ind
);
1916 if (s
->sctpi_s_pd_point
)
1917 printf(" pdpoint:%d", s
->sctpi_s_pd_point
);
1918 if (s
->sctpi_s_nodelay
)
1919 printf(" nodealy:%d", s
->sctpi_s_nodelay
);
1920 if (s
->sctpi_s_disable_fragments
)
1921 printf(" nofrag:%d", s
->sctpi_s_disable_fragments
);
1922 if (s
->sctpi_s_v4mapped
)
1923 printf(" v4mapped:%d", s
->sctpi_s_v4mapped
);
1924 if (s
->sctpi_s_frag_interleave
)
1925 printf(" fraginl:%d", s
->sctpi_s_frag_interleave
);
1928 static void tcp_stats_print(struct tcpstat
*s
)
1934 if (s
->has_sack_opt
)
1938 if (s
->has_ecnseen_opt
)
1940 if (s
->has_fastopen_opt
)
1941 printf(" fastopen");
1943 printf(" %s", s
->cong_alg
);
1944 if (s
->has_wscale_opt
)
1945 printf(" wscale:%d,%d", s
->snd_wscale
, s
->rcv_wscale
);
1947 printf(" rto:%g", s
->rto
);
1949 printf(" backoff:%u", s
->backoff
);
1951 printf(" rtt:%g/%g", s
->rtt
, s
->rttvar
);
1953 printf(" ato:%g", s
->ato
);
1956 printf(" qack:%d", s
->qack
);
1961 printf(" mss:%d", s
->mss
);
1963 printf(" rcvmss:%d", s
->rcv_mss
);
1965 printf(" advmss:%d", s
->advmss
);
1967 printf(" cwnd:%u", s
->cwnd
);
1969 printf(" ssthresh:%d", s
->ssthresh
);
1972 printf(" bytes_acked:%llu", s
->bytes_acked
);
1973 if (s
->bytes_received
)
1974 printf(" bytes_received:%llu", s
->bytes_received
);
1976 printf(" segs_out:%u", s
->segs_out
);
1978 printf(" segs_in:%u", s
->segs_in
);
1979 if (s
->data_segs_out
)
1980 printf(" data_segs_out:%u", s
->data_segs_out
);
1981 if (s
->data_segs_in
)
1982 printf(" data_segs_in:%u", s
->data_segs_in
);
1984 if (s
->dctcp
&& s
->dctcp
->enabled
) {
1985 struct dctcpstat
*dctcp
= s
->dctcp
;
1987 printf(" dctcp:(ce_state:%u,alpha:%u,ab_ecn:%u,ab_tot:%u)",
1988 dctcp
->ce_state
, dctcp
->alpha
, dctcp
->ab_ecn
,
1990 } else if (s
->dctcp
) {
1991 printf(" dctcp:fallback_mode");
1997 bw
= s
->bbr_info
->bbr_bw_hi
;
1999 bw
|= s
->bbr_info
->bbr_bw_lo
;
2001 printf(" bbr:(bw:%sbps,mrtt:%g",
2002 sprint_bw(b1
, bw
* 8.0),
2003 (double)s
->bbr_info
->bbr_min_rtt
/ 1000.0);
2004 if (s
->bbr_info
->bbr_pacing_gain
)
2005 printf(",pacing_gain:%g",
2006 (double)s
->bbr_info
->bbr_pacing_gain
/ 256.0);
2007 if (s
->bbr_info
->bbr_cwnd_gain
)
2008 printf(",cwnd_gain:%g",
2009 (double)s
->bbr_info
->bbr_cwnd_gain
/ 256.0);
2014 printf(" send %sbps", sprint_bw(b1
, s
->send_bps
));
2016 printf(" lastsnd:%u", s
->lastsnd
);
2018 printf(" lastrcv:%u", s
->lastrcv
);
2020 printf(" lastack:%u", s
->lastack
);
2022 if (s
->pacing_rate
) {
2023 printf(" pacing_rate %sbps", sprint_bw(b1
, s
->pacing_rate
));
2024 if (s
->pacing_rate_max
)
2025 printf("/%sbps", sprint_bw(b1
,
2026 s
->pacing_rate_max
));
2029 if (s
->delivery_rate
)
2030 printf(" delivery_rate %sbps", sprint_bw(b1
, s
->delivery_rate
));
2032 printf(" app_limited");
2035 printf(" busy:%llums", s
->busy_time
/ 1000);
2036 if (s
->rwnd_limited
)
2037 printf(" rwnd_limited:%llums(%.1f%%)",
2038 s
->rwnd_limited
/ 1000,
2039 100.0 * s
->rwnd_limited
/ s
->busy_time
);
2040 if (s
->sndbuf_limited
)
2041 printf(" sndbuf_limited:%llums(%.1f%%)",
2042 s
->sndbuf_limited
/ 1000,
2043 100.0 * s
->sndbuf_limited
/ s
->busy_time
);
2047 printf(" unacked:%u", s
->unacked
);
2048 if (s
->retrans
|| s
->retrans_total
)
2049 printf(" retrans:%u/%u", s
->retrans
, s
->retrans_total
);
2051 printf(" lost:%u", s
->lost
);
2052 if (s
->sacked
&& s
->ss
.state
!= SS_LISTEN
)
2053 printf(" sacked:%u", s
->sacked
);
2055 printf(" fackets:%u", s
->fackets
);
2056 if (s
->reordering
!= 3)
2057 printf(" reordering:%d", s
->reordering
);
2059 printf(" rcv_rtt:%g", s
->rcv_rtt
);
2061 printf(" rcv_space:%d", s
->rcv_space
);
2063 printf(" notsent:%u", s
->not_sent
);
2065 printf(" minrtt:%g", s
->min_rtt
);
2068 static void tcp_timer_print(struct tcpstat
*s
)
2070 static const char * const tmr_name
[] = {
2082 printf(" timer:(%s,%s,%d)",
2084 print_ms_timer(s
->timeout
),
2089 static void sctp_timer_print(struct tcpstat
*s
)
2092 printf(" timer:(T3_RTX,%s,%d)",
2093 print_ms_timer(s
->timeout
), s
->retrans
);
2096 static int tcp_show_line(char *line
, const struct filter
*f
, int family
)
2098 int rto
= 0, ato
= 0;
2099 struct tcpstat s
= {};
2100 char *loc
, *rem
, *data
;
2103 int hz
= get_user_hz();
2105 if (proc_inet_split_line(line
, &loc
, &rem
, &data
))
2108 int state
= (data
[1] >= 'A') ? (data
[1] - 'A' + 10) : (data
[1] - '0');
2110 if (!(f
->states
& (1 << state
)))
2113 proc_parse_inet_addr(loc
, rem
, family
, &s
.ss
);
2115 if (f
->f
&& run_ssfilter(f
->f
, &s
.ss
) == 0)
2119 n
= sscanf(data
, "%x %x:%x %x:%x %x %d %d %u %d %llx %d %d %d %u %d %[^\n]\n",
2120 &s
.ss
.state
, &s
.ss
.wq
, &s
.ss
.rq
,
2121 &s
.timer
, &s
.timeout
, &s
.retrans
, &s
.ss
.uid
, &s
.probes
,
2122 &s
.ss
.ino
, &s
.ss
.refcnt
, &s
.ss
.sk
, &rto
, &ato
, &s
.qack
, &s
.cwnd
,
2135 s
.retrans
= s
.timer
!= 1 ? s
.probes
: s
.retrans
;
2136 s
.timeout
= (s
.timeout
* 1000 + hz
- 1) / hz
;
2137 s
.ato
= (double)ato
/ hz
;
2139 s
.rto
= (double)rto
;
2140 s
.ssthresh
= s
.ssthresh
== -1 ? 0 : s
.ssthresh
;
2141 s
.rto
= s
.rto
!= 3 * hz
? s
.rto
/ hz
: 0;
2142 s
.ss
.type
= IPPROTO_TCP
;
2144 inet_stats_print(&s
.ss
, false);
2147 tcp_timer_print(&s
);
2150 sock_details_print(&s
.ss
);
2152 printf(" opt:\"%s\"", opt
);
2156 tcp_stats_print(&s
);
2162 static int generic_record_read(FILE *fp
,
2163 int (*worker
)(char*, const struct filter
*, int),
2164 const struct filter
*f
, int fam
)
2169 if (fgets(line
, sizeof(line
), fp
) == NULL
)
2172 while (fgets(line
, sizeof(line
), fp
) != NULL
) {
2173 int n
= strlen(line
);
2175 if (n
== 0 || line
[n
-1] != '\n') {
2181 if (worker(line
, f
, fam
) < 0)
2186 return ferror(fp
) ? -1 : 0;
2189 static void print_skmeminfo(struct rtattr
*tb
[], int attrtype
)
2191 const __u32
*skmeminfo
;
2193 if (!tb
[attrtype
]) {
2194 if (attrtype
== INET_DIAG_SKMEMINFO
) {
2195 if (!tb
[INET_DIAG_MEMINFO
])
2198 const struct inet_diag_meminfo
*minfo
=
2199 RTA_DATA(tb
[INET_DIAG_MEMINFO
]);
2201 printf(" mem:(r%u,w%u,f%u,t%u)",
2210 skmeminfo
= RTA_DATA(tb
[attrtype
]);
2212 printf(" skmem:(r%u,rb%u,t%u,tb%u,f%u,w%u,o%u",
2213 skmeminfo
[SK_MEMINFO_RMEM_ALLOC
],
2214 skmeminfo
[SK_MEMINFO_RCVBUF
],
2215 skmeminfo
[SK_MEMINFO_WMEM_ALLOC
],
2216 skmeminfo
[SK_MEMINFO_SNDBUF
],
2217 skmeminfo
[SK_MEMINFO_FWD_ALLOC
],
2218 skmeminfo
[SK_MEMINFO_WMEM_QUEUED
],
2219 skmeminfo
[SK_MEMINFO_OPTMEM
]);
2221 if (RTA_PAYLOAD(tb
[attrtype
]) >=
2222 (SK_MEMINFO_BACKLOG
+ 1) * sizeof(__u32
))
2223 printf(",bl%u", skmeminfo
[SK_MEMINFO_BACKLOG
]);
2225 if (RTA_PAYLOAD(tb
[attrtype
]) >=
2226 (SK_MEMINFO_DROPS
+ 1) * sizeof(__u32
))
2227 printf(",d%u", skmeminfo
[SK_MEMINFO_DROPS
]);
2232 static void print_md5sig(struct tcp_diag_md5sig
*sig
)
2235 format_host(sig
->tcpm_family
,
2236 sig
->tcpm_family
== AF_INET6
? 16 : 4,
2238 sig
->tcpm_prefixlen
);
2239 print_escape_buf(sig
->tcpm_key
, sig
->tcpm_keylen
, " ,");
2242 #define TCPI_HAS_OPT(info, opt) !!(info->tcpi_options & (opt))
2244 static void tcp_show_info(const struct nlmsghdr
*nlh
, struct inet_diag_msg
*r
,
2245 struct rtattr
*tb
[])
2248 struct tcpstat s
= {};
2250 s
.ss
.state
= r
->idiag_state
;
2252 print_skmeminfo(tb
, INET_DIAG_SKMEMINFO
);
2254 if (tb
[INET_DIAG_INFO
]) {
2255 struct tcp_info
*info
;
2256 int len
= RTA_PAYLOAD(tb
[INET_DIAG_INFO
]);
2258 /* workaround for older kernels with less fields */
2259 if (len
< sizeof(*info
)) {
2260 info
= alloca(sizeof(*info
));
2261 memcpy(info
, RTA_DATA(tb
[INET_DIAG_INFO
]), len
);
2262 memset((char *)info
+ len
, 0, sizeof(*info
) - len
);
2264 info
= RTA_DATA(tb
[INET_DIAG_INFO
]);
2267 s
.has_ts_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_TIMESTAMPS
);
2268 s
.has_sack_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_SACK
);
2269 s
.has_ecn_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_ECN
);
2270 s
.has_ecnseen_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_ECN_SEEN
);
2271 s
.has_fastopen_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_SYN_DATA
);
2274 if (tb
[INET_DIAG_CONG
])
2276 rta_getattr_str(tb
[INET_DIAG_CONG
]),
2277 sizeof(s
.cong_alg
) - 1);
2279 if (TCPI_HAS_OPT(info
, TCPI_OPT_WSCALE
)) {
2280 s
.has_wscale_opt
= true;
2281 s
.snd_wscale
= info
->tcpi_snd_wscale
;
2282 s
.rcv_wscale
= info
->tcpi_rcv_wscale
;
2285 if (info
->tcpi_rto
&& info
->tcpi_rto
!= 3000000)
2286 s
.rto
= (double)info
->tcpi_rto
/ 1000;
2288 s
.backoff
= info
->tcpi_backoff
;
2289 s
.rtt
= (double)info
->tcpi_rtt
/ 1000;
2290 s
.rttvar
= (double)info
->tcpi_rttvar
/ 1000;
2291 s
.ato
= (double)info
->tcpi_ato
/ 1000;
2292 s
.mss
= info
->tcpi_snd_mss
;
2293 s
.rcv_mss
= info
->tcpi_rcv_mss
;
2294 s
.advmss
= info
->tcpi_advmss
;
2295 s
.rcv_space
= info
->tcpi_rcv_space
;
2296 s
.rcv_rtt
= (double)info
->tcpi_rcv_rtt
/ 1000;
2297 s
.lastsnd
= info
->tcpi_last_data_sent
;
2298 s
.lastrcv
= info
->tcpi_last_data_recv
;
2299 s
.lastack
= info
->tcpi_last_ack_recv
;
2300 s
.unacked
= info
->tcpi_unacked
;
2301 s
.retrans
= info
->tcpi_retrans
;
2302 s
.retrans_total
= info
->tcpi_total_retrans
;
2303 s
.lost
= info
->tcpi_lost
;
2304 s
.sacked
= info
->tcpi_sacked
;
2305 s
.fackets
= info
->tcpi_fackets
;
2306 s
.reordering
= info
->tcpi_reordering
;
2307 s
.rcv_space
= info
->tcpi_rcv_space
;
2308 s
.cwnd
= info
->tcpi_snd_cwnd
;
2310 if (info
->tcpi_snd_ssthresh
< 0xFFFF)
2311 s
.ssthresh
= info
->tcpi_snd_ssthresh
;
2313 rtt
= (double) info
->tcpi_rtt
;
2314 if (tb
[INET_DIAG_VEGASINFO
]) {
2315 const struct tcpvegas_info
*vinfo
2316 = RTA_DATA(tb
[INET_DIAG_VEGASINFO
]);
2318 if (vinfo
->tcpv_enabled
&&
2319 vinfo
->tcpv_rtt
&& vinfo
->tcpv_rtt
!= 0x7fffffff)
2320 rtt
= vinfo
->tcpv_rtt
;
2323 if (tb
[INET_DIAG_DCTCPINFO
]) {
2324 struct dctcpstat
*dctcp
= malloc(sizeof(struct
2327 const struct tcp_dctcp_info
*dinfo
2328 = RTA_DATA(tb
[INET_DIAG_DCTCPINFO
]);
2330 dctcp
->enabled
= !!dinfo
->dctcp_enabled
;
2331 dctcp
->ce_state
= dinfo
->dctcp_ce_state
;
2332 dctcp
->alpha
= dinfo
->dctcp_alpha
;
2333 dctcp
->ab_ecn
= dinfo
->dctcp_ab_ecn
;
2334 dctcp
->ab_tot
= dinfo
->dctcp_ab_tot
;
2338 if (tb
[INET_DIAG_BBRINFO
]) {
2339 const void *bbr_info
= RTA_DATA(tb
[INET_DIAG_BBRINFO
]);
2340 int len
= min(RTA_PAYLOAD(tb
[INET_DIAG_BBRINFO
]),
2341 sizeof(*s
.bbr_info
));
2343 s
.bbr_info
= calloc(1, sizeof(*s
.bbr_info
));
2344 if (s
.bbr_info
&& bbr_info
)
2345 memcpy(s
.bbr_info
, bbr_info
, len
);
2348 if (rtt
> 0 && info
->tcpi_snd_mss
&& info
->tcpi_snd_cwnd
) {
2349 s
.send_bps
= (double) info
->tcpi_snd_cwnd
*
2350 (double)info
->tcpi_snd_mss
* 8000000. / rtt
;
2353 if (info
->tcpi_pacing_rate
&&
2354 info
->tcpi_pacing_rate
!= ~0ULL) {
2355 s
.pacing_rate
= info
->tcpi_pacing_rate
* 8.;
2357 if (info
->tcpi_max_pacing_rate
&&
2358 info
->tcpi_max_pacing_rate
!= ~0ULL)
2359 s
.pacing_rate_max
= info
->tcpi_max_pacing_rate
* 8.;
2361 s
.bytes_acked
= info
->tcpi_bytes_acked
;
2362 s
.bytes_received
= info
->tcpi_bytes_received
;
2363 s
.segs_out
= info
->tcpi_segs_out
;
2364 s
.segs_in
= info
->tcpi_segs_in
;
2365 s
.data_segs_out
= info
->tcpi_data_segs_out
;
2366 s
.data_segs_in
= info
->tcpi_data_segs_in
;
2367 s
.not_sent
= info
->tcpi_notsent_bytes
;
2368 if (info
->tcpi_min_rtt
&& info
->tcpi_min_rtt
!= ~0U)
2369 s
.min_rtt
= (double) info
->tcpi_min_rtt
/ 1000;
2370 s
.delivery_rate
= info
->tcpi_delivery_rate
* 8.;
2371 s
.app_limited
= info
->tcpi_delivery_rate_app_limited
;
2372 s
.busy_time
= info
->tcpi_busy_time
;
2373 s
.rwnd_limited
= info
->tcpi_rwnd_limited
;
2374 s
.sndbuf_limited
= info
->tcpi_sndbuf_limited
;
2375 tcp_stats_print(&s
);
2379 if (tb
[INET_DIAG_MD5SIG
]) {
2380 struct tcp_diag_md5sig
*sig
= RTA_DATA(tb
[INET_DIAG_MD5SIG
]);
2381 int len
= RTA_PAYLOAD(tb
[INET_DIAG_MD5SIG
]);
2383 printf(" md5keys:");
2384 print_md5sig(sig
++);
2385 for (len
-= sizeof(*sig
); len
> 0; len
-= sizeof(*sig
)) {
2387 print_md5sig(sig
++);
2392 static const char *format_host_sa(struct sockaddr_storage
*sa
)
2395 struct sockaddr_in sin
;
2396 struct sockaddr_in6 sin6
;
2397 } *saddr
= (void *)sa
;
2399 switch (sa
->ss_family
) {
2401 return format_host(AF_INET
, 4, &saddr
->sin
.sin_addr
);
2403 return format_host(AF_INET6
, 16, &saddr
->sin6
.sin6_addr
);
2409 static void sctp_show_info(const struct nlmsghdr
*nlh
, struct inet_diag_msg
*r
,
2410 struct rtattr
*tb
[])
2412 struct sockaddr_storage
*sa
;
2415 print_skmeminfo(tb
, INET_DIAG_SKMEMINFO
);
2417 if (tb
[INET_DIAG_LOCALS
]) {
2418 len
= RTA_PAYLOAD(tb
[INET_DIAG_LOCALS
]);
2419 sa
= RTA_DATA(tb
[INET_DIAG_LOCALS
]);
2421 printf("locals:%s", format_host_sa(sa
));
2422 for (sa
++, len
-= sizeof(*sa
); len
> 0; sa
++, len
-= sizeof(*sa
))
2423 printf(",%s", format_host_sa(sa
));
2426 if (tb
[INET_DIAG_PEERS
]) {
2427 len
= RTA_PAYLOAD(tb
[INET_DIAG_PEERS
]);
2428 sa
= RTA_DATA(tb
[INET_DIAG_PEERS
]);
2430 printf(" peers:%s", format_host_sa(sa
));
2431 for (sa
++, len
-= sizeof(*sa
); len
> 0; sa
++, len
-= sizeof(*sa
))
2432 printf(",%s", format_host_sa(sa
));
2434 if (tb
[INET_DIAG_INFO
]) {
2435 struct sctp_info
*info
;
2436 len
= RTA_PAYLOAD(tb
[INET_DIAG_INFO
]);
2438 /* workaround for older kernels with less fields */
2439 if (len
< sizeof(*info
)) {
2440 info
= alloca(sizeof(*info
));
2441 memcpy(info
, RTA_DATA(tb
[INET_DIAG_INFO
]), len
);
2442 memset((char *)info
+ len
, 0, sizeof(*info
) - len
);
2444 info
= RTA_DATA(tb
[INET_DIAG_INFO
]);
2446 sctp_stats_print(info
);
2450 static void parse_diag_msg(struct nlmsghdr
*nlh
, struct sockstat
*s
)
2452 struct rtattr
*tb
[INET_DIAG_MAX
+1];
2453 struct inet_diag_msg
*r
= NLMSG_DATA(nlh
);
2455 parse_rtattr(tb
, INET_DIAG_MAX
, (struct rtattr
*)(r
+1),
2456 nlh
->nlmsg_len
- NLMSG_LENGTH(sizeof(*r
)));
2458 s
->state
= r
->idiag_state
;
2459 s
->local
.family
= s
->remote
.family
= r
->idiag_family
;
2460 s
->lport
= ntohs(r
->id
.idiag_sport
);
2461 s
->rport
= ntohs(r
->id
.idiag_dport
);
2462 s
->wq
= r
->idiag_wqueue
;
2463 s
->rq
= r
->idiag_rqueue
;
2464 s
->ino
= r
->idiag_inode
;
2465 s
->uid
= r
->idiag_uid
;
2466 s
->iface
= r
->id
.idiag_if
;
2467 s
->sk
= cookie_sk_get(&r
->id
.idiag_cookie
[0]);
2470 if (tb
[INET_DIAG_MARK
])
2471 s
->mark
= rta_getattr_u32(tb
[INET_DIAG_MARK
]);
2472 if (tb
[INET_DIAG_PROTOCOL
])
2473 s
->raw_prot
= rta_getattr_u8(tb
[INET_DIAG_PROTOCOL
]);
2477 if (s
->local
.family
== AF_INET
)
2478 s
->local
.bytelen
= s
->remote
.bytelen
= 4;
2480 s
->local
.bytelen
= s
->remote
.bytelen
= 16;
2482 memcpy(s
->local
.data
, r
->id
.idiag_src
, s
->local
.bytelen
);
2483 memcpy(s
->remote
.data
, r
->id
.idiag_dst
, s
->local
.bytelen
);
2486 static int inet_show_sock(struct nlmsghdr
*nlh
,
2489 struct rtattr
*tb
[INET_DIAG_MAX
+1];
2490 struct inet_diag_msg
*r
= NLMSG_DATA(nlh
);
2491 unsigned char v6only
= 0;
2493 parse_rtattr(tb
, INET_DIAG_MAX
, (struct rtattr
*)(r
+1),
2494 nlh
->nlmsg_len
- NLMSG_LENGTH(sizeof(*r
)));
2496 if (tb
[INET_DIAG_PROTOCOL
])
2497 s
->type
= rta_getattr_u8(tb
[INET_DIAG_PROTOCOL
]);
2499 if (s
->local
.family
== AF_INET6
&& tb
[INET_DIAG_SKV6ONLY
])
2500 v6only
= rta_getattr_u8(tb
[INET_DIAG_SKV6ONLY
]);
2502 inet_stats_print(s
, v6only
);
2505 struct tcpstat t
= {};
2507 t
.timer
= r
->idiag_timer
;
2508 t
.timeout
= r
->idiag_expires
;
2509 t
.retrans
= r
->idiag_retrans
;
2510 if (s
->type
== IPPROTO_SCTP
)
2511 sctp_timer_print(&t
);
2513 tcp_timer_print(&t
);
2517 sock_details_print(s
);
2518 if (s
->local
.family
== AF_INET6
&& tb
[INET_DIAG_SKV6ONLY
])
2519 printf(" v6only:%u", v6only
);
2521 if (tb
[INET_DIAG_SHUTDOWN
]) {
2524 mask
= rta_getattr_u8(tb
[INET_DIAG_SHUTDOWN
]);
2525 printf(" %c-%c", mask
& 1 ? '-' : '<', mask
& 2 ? '-' : '>');
2529 if (show_mem
|| (show_tcpinfo
&& s
->type
!= IPPROTO_UDP
)) {
2531 if (s
->type
== IPPROTO_SCTP
)
2532 sctp_show_info(nlh
, r
, tb
);
2534 tcp_show_info(nlh
, r
, tb
);
2542 static int tcpdiag_send(int fd
, int protocol
, struct filter
*f
)
2544 struct sockaddr_nl nladdr
= { .nl_family
= AF_NETLINK
};
2546 struct nlmsghdr nlh
;
2547 struct inet_diag_req r
;
2549 .nlh
.nlmsg_len
= sizeof(req
),
2550 .nlh
.nlmsg_flags
= NLM_F_ROOT
| NLM_F_MATCH
| NLM_F_REQUEST
,
2551 .nlh
.nlmsg_seq
= MAGIC_SEQ
,
2552 .r
.idiag_family
= AF_INET
,
2553 .r
.idiag_states
= f
->states
,
2559 struct iovec iov
[3];
2562 if (protocol
== IPPROTO_UDP
)
2565 if (protocol
== IPPROTO_TCP
)
2566 req
.nlh
.nlmsg_type
= TCPDIAG_GETSOCK
;
2568 req
.nlh
.nlmsg_type
= DCCPDIAG_GETSOCK
;
2570 req
.r
.idiag_ext
|= (1<<(INET_DIAG_MEMINFO
-1));
2571 req
.r
.idiag_ext
|= (1<<(INET_DIAG_SKMEMINFO
-1));
2575 req
.r
.idiag_ext
|= (1<<(INET_DIAG_INFO
-1));
2576 req
.r
.idiag_ext
|= (1<<(INET_DIAG_VEGASINFO
-1));
2577 req
.r
.idiag_ext
|= (1<<(INET_DIAG_CONG
-1));
2580 iov
[0] = (struct iovec
){
2582 .iov_len
= sizeof(req
)
2585 bclen
= ssfilter_bytecompile(f
->f
, &bc
);
2587 rta
.rta_type
= INET_DIAG_REQ_BYTECODE
;
2588 rta
.rta_len
= RTA_LENGTH(bclen
);
2589 iov
[1] = (struct iovec
){ &rta
, sizeof(rta
) };
2590 iov
[2] = (struct iovec
){ bc
, bclen
};
2591 req
.nlh
.nlmsg_len
+= RTA_LENGTH(bclen
);
2596 msg
= (struct msghdr
) {
2597 .msg_name
= (void *)&nladdr
,
2598 .msg_namelen
= sizeof(nladdr
),
2600 .msg_iovlen
= iovlen
,
2603 if (sendmsg(fd
, &msg
, 0) < 0) {
2611 static int sockdiag_send(int family
, int fd
, int protocol
, struct filter
*f
)
2613 struct sockaddr_nl nladdr
= { .nl_family
= AF_NETLINK
};
2614 DIAG_REQUEST(req
, struct inet_diag_req_v2 r
);
2619 struct iovec iov
[3];
2622 if (family
== PF_UNSPEC
)
2623 return tcpdiag_send(fd
, protocol
, f
);
2625 memset(&req
.r
, 0, sizeof(req
.r
));
2626 req
.r
.sdiag_family
= family
;
2627 req
.r
.sdiag_protocol
= protocol
;
2628 req
.r
.idiag_states
= f
->states
;
2630 req
.r
.idiag_ext
|= (1<<(INET_DIAG_MEMINFO
-1));
2631 req
.r
.idiag_ext
|= (1<<(INET_DIAG_SKMEMINFO
-1));
2635 req
.r
.idiag_ext
|= (1<<(INET_DIAG_INFO
-1));
2636 req
.r
.idiag_ext
|= (1<<(INET_DIAG_VEGASINFO
-1));
2637 req
.r
.idiag_ext
|= (1<<(INET_DIAG_CONG
-1));
2640 iov
[0] = (struct iovec
){
2642 .iov_len
= sizeof(req
)
2645 bclen
= ssfilter_bytecompile(f
->f
, &bc
);
2647 rta
.rta_type
= INET_DIAG_REQ_BYTECODE
;
2648 rta
.rta_len
= RTA_LENGTH(bclen
);
2649 iov
[1] = (struct iovec
){ &rta
, sizeof(rta
) };
2650 iov
[2] = (struct iovec
){ bc
, bclen
};
2651 req
.nlh
.nlmsg_len
+= RTA_LENGTH(bclen
);
2656 msg
= (struct msghdr
) {
2657 .msg_name
= (void *)&nladdr
,
2658 .msg_namelen
= sizeof(nladdr
),
2660 .msg_iovlen
= iovlen
,
2663 if (sendmsg(fd
, &msg
, 0) < 0) {
2671 struct inet_diag_arg
{
2674 struct rtnl_handle
*rth
;
2677 static int kill_inet_sock(struct nlmsghdr
*h
, void *arg
, struct sockstat
*s
)
2679 struct inet_diag_msg
*d
= NLMSG_DATA(h
);
2680 struct inet_diag_arg
*diag_arg
= arg
;
2681 struct rtnl_handle
*rth
= diag_arg
->rth
;
2683 DIAG_REQUEST(req
, struct inet_diag_req_v2 r
);
2685 req
.nlh
.nlmsg_type
= SOCK_DESTROY
;
2686 req
.nlh
.nlmsg_flags
= NLM_F_REQUEST
| NLM_F_ACK
;
2687 req
.nlh
.nlmsg_seq
= ++rth
->seq
;
2688 req
.r
.sdiag_family
= d
->idiag_family
;
2689 req
.r
.sdiag_protocol
= diag_arg
->protocol
;
2692 if (diag_arg
->protocol
== IPPROTO_RAW
) {
2693 struct inet_diag_req_raw
*raw
= (void *)&req
.r
;
2695 BUILD_BUG_ON(sizeof(req
.r
) != sizeof(*raw
));
2696 raw
->sdiag_raw_protocol
= s
->raw_prot
;
2699 return rtnl_talk(rth
, &req
.nlh
, NULL
, 0);
2702 static int show_one_inet_sock(const struct sockaddr_nl
*addr
,
2703 struct nlmsghdr
*h
, void *arg
)
2706 struct inet_diag_arg
*diag_arg
= arg
;
2707 struct inet_diag_msg
*r
= NLMSG_DATA(h
);
2708 struct sockstat s
= {};
2710 if (!(diag_arg
->f
->families
& FAMILY_MASK(r
->idiag_family
)))
2713 parse_diag_msg(h
, &s
);
2714 s
.type
= diag_arg
->protocol
;
2716 if (diag_arg
->f
->f
&& run_ssfilter(diag_arg
->f
->f
, &s
) == 0)
2719 if (diag_arg
->f
->kill
&& kill_inet_sock(h
, arg
, &s
) != 0) {
2720 if (errno
== EOPNOTSUPP
|| errno
== ENOENT
) {
2721 /* Socket can't be closed, or is already closed. */
2724 perror("SOCK_DESTROY answers");
2729 err
= inet_show_sock(h
, &s
);
2736 static int inet_show_netlink(struct filter
*f
, FILE *dump_fp
, int protocol
)
2739 struct rtnl_handle rth
, rth2
;
2740 int family
= PF_INET
;
2741 struct inet_diag_arg arg
= { .f
= f
, .protocol
= protocol
};
2743 if (rtnl_open_byproto(&rth
, 0, NETLINK_SOCK_DIAG
))
2747 if (rtnl_open_byproto(&rth2
, 0, NETLINK_SOCK_DIAG
)) {
2754 rth
.dump
= MAGIC_SEQ
;
2755 rth
.dump_fp
= dump_fp
;
2756 if (preferred_family
== PF_INET6
)
2760 if ((err
= sockdiag_send(family
, rth
.fd
, protocol
, f
)))
2763 if ((err
= rtnl_dump_filter(&rth
, show_one_inet_sock
, &arg
))) {
2764 if (family
!= PF_UNSPEC
) {
2770 if (family
== PF_INET
&& preferred_family
!= PF_INET
) {
2778 rtnl_close(arg
.rth
);
2782 static int tcp_show_netlink_file(struct filter
*f
)
2788 if ((fp
= fopen(getenv("TCPDIAG_FILE"), "r")) == NULL
) {
2789 perror("fopen($TCPDIAG_FILE)");
2795 struct nlmsghdr
*h
= (struct nlmsghdr
*)buf
;
2796 struct sockstat s
= {};
2798 status
= fread(buf
, 1, sizeof(*h
), fp
);
2800 perror("Reading header from $TCPDIAG_FILE");
2803 if (status
!= sizeof(*h
)) {
2804 perror("Unexpected EOF reading $TCPDIAG_FILE");
2808 status
= fread(h
+1, 1, NLMSG_ALIGN(h
->nlmsg_len
-sizeof(*h
)), fp
);
2811 perror("Reading $TCPDIAG_FILE");
2814 if (status
+ sizeof(*h
) < h
->nlmsg_len
) {
2815 perror("Unexpected EOF reading $TCPDIAG_FILE");
2819 /* The only legal exit point */
2820 if (h
->nlmsg_type
== NLMSG_DONE
) {
2825 if (h
->nlmsg_type
== NLMSG_ERROR
) {
2826 struct nlmsgerr
*err
= (struct nlmsgerr
*)NLMSG_DATA(h
);
2828 if (h
->nlmsg_len
< NLMSG_LENGTH(sizeof(struct nlmsgerr
))) {
2829 fprintf(stderr
, "ERROR truncated\n");
2831 errno
= -err
->error
;
2832 perror("TCPDIAG answered");
2837 parse_diag_msg(h
, &s
);
2838 s
.type
= IPPROTO_TCP
;
2840 if (f
&& f
->f
&& run_ssfilter(f
->f
, &s
) == 0)
2843 err2
= inet_show_sock(h
, &s
);
2854 static int tcp_show(struct filter
*f
)
2858 int bufsize
= 64*1024;
2860 if (!filter_af_get(f
, AF_INET
) && !filter_af_get(f
, AF_INET6
))
2863 dg_proto
= TCP_PROTO
;
2865 if (getenv("TCPDIAG_FILE"))
2866 return tcp_show_netlink_file(f
);
2868 if (!getenv("PROC_NET_TCP") && !getenv("PROC_ROOT")
2869 && inet_show_netlink(f
, NULL
, IPPROTO_TCP
) == 0)
2872 /* Sigh... We have to parse /proc/net/tcp... */
2875 /* Estimate amount of sockets and try to allocate
2876 * huge buffer to read all the table at one read.
2877 * Limit it by 16MB though. The assumption is: as soon as
2878 * kernel was able to hold information about N connections,
2879 * it is able to give us some memory for snapshot.
2882 get_slabstat(&slabstat
);
2884 int guess
= slabstat
.socks
+slabstat
.tcp_syns
;
2886 if (f
->states
&(1<<SS_TIME_WAIT
))
2887 guess
+= slabstat
.tcp_tws
;
2888 if (guess
> (16*1024*1024)/128)
2889 guess
= (16*1024*1024)/128;
2891 if (guess
> bufsize
)
2894 while (bufsize
>= 64*1024) {
2895 if ((buf
= malloc(bufsize
)) != NULL
)
2904 if (f
->families
& FAMILY_MASK(AF_INET
)) {
2905 if ((fp
= net_tcp_open()) == NULL
)
2908 setbuffer(fp
, buf
, bufsize
);
2909 if (generic_record_read(fp
, tcp_show_line
, f
, AF_INET
))
2914 if ((f
->families
& FAMILY_MASK(AF_INET6
)) &&
2915 (fp
= net_tcp6_open()) != NULL
) {
2916 setbuffer(fp
, buf
, bufsize
);
2917 if (generic_record_read(fp
, tcp_show_line
, f
, AF_INET6
))
2927 int saved_errno
= errno
;
2932 errno
= saved_errno
;
2937 static int dccp_show(struct filter
*f
)
2939 if (!filter_af_get(f
, AF_INET
) && !filter_af_get(f
, AF_INET6
))
2942 if (!getenv("PROC_NET_DCCP") && !getenv("PROC_ROOT")
2943 && inet_show_netlink(f
, NULL
, IPPROTO_DCCP
) == 0)
2949 static int sctp_show(struct filter
*f
)
2951 if (!filter_af_get(f
, AF_INET
) && !filter_af_get(f
, AF_INET6
))
2954 if (!getenv("PROC_NET_SCTP") && !getenv("PROC_ROOT")
2955 && inet_show_netlink(f
, NULL
, IPPROTO_SCTP
) == 0)
2961 static int dgram_show_line(char *line
, const struct filter
*f
, int family
)
2963 struct sockstat s
= {};
2964 char *loc
, *rem
, *data
;
2968 if (proc_inet_split_line(line
, &loc
, &rem
, &data
))
2971 int state
= (data
[1] >= 'A') ? (data
[1] - 'A' + 10) : (data
[1] - '0');
2973 if (!(f
->states
& (1 << state
)))
2976 proc_parse_inet_addr(loc
, rem
, family
, &s
);
2978 if (f
->f
&& run_ssfilter(f
->f
, &s
) == 0)
2982 n
= sscanf(data
, "%x %x:%x %*x:%*x %*x %d %*d %u %d %llx %[^\n]\n",
2983 &s
.state
, &s
.wq
, &s
.rq
,
2985 &s
.refcnt
, &s
.sk
, opt
);
2990 s
.type
= dg_proto
== UDP_PROTO
? IPPROTO_UDP
: 0;
2991 inet_stats_print(&s
, false);
2993 if (show_details
&& opt
[0])
2994 printf(" opt:\"%s\"", opt
);
3000 static int udp_show(struct filter
*f
)
3004 if (!filter_af_get(f
, AF_INET
) && !filter_af_get(f
, AF_INET6
))
3007 dg_proto
= UDP_PROTO
;
3009 if (!getenv("PROC_NET_UDP") && !getenv("PROC_ROOT")
3010 && inet_show_netlink(f
, NULL
, IPPROTO_UDP
) == 0)
3013 if (f
->families
&FAMILY_MASK(AF_INET
)) {
3014 if ((fp
= net_udp_open()) == NULL
)
3016 if (generic_record_read(fp
, dgram_show_line
, f
, AF_INET
))
3021 if ((f
->families
&FAMILY_MASK(AF_INET6
)) &&
3022 (fp
= net_udp6_open()) != NULL
) {
3023 if (generic_record_read(fp
, dgram_show_line
, f
, AF_INET6
))
3031 int saved_errno
= errno
;
3035 errno
= saved_errno
;
3040 static int raw_show(struct filter
*f
)
3044 if (!filter_af_get(f
, AF_INET
) && !filter_af_get(f
, AF_INET6
))
3047 dg_proto
= RAW_PROTO
;
3049 if (!getenv("PROC_NET_RAW") && !getenv("PROC_ROOT") &&
3050 inet_show_netlink(f
, NULL
, IPPROTO_RAW
) == 0)
3053 if (f
->families
&FAMILY_MASK(AF_INET
)) {
3054 if ((fp
= net_raw_open()) == NULL
)
3056 if (generic_record_read(fp
, dgram_show_line
, f
, AF_INET
))
3061 if ((f
->families
&FAMILY_MASK(AF_INET6
)) &&
3062 (fp
= net_raw6_open()) != NULL
) {
3063 if (generic_record_read(fp
, dgram_show_line
, f
, AF_INET6
))
3071 int saved_errno
= errno
;
3075 errno
= saved_errno
;
3080 #define MAX_UNIX_REMEMBER (1024*1024/sizeof(struct sockstat))
3082 static void unix_list_drop_first(struct sockstat
**list
)
3084 struct sockstat
*s
= *list
;
3086 (*list
) = (*list
)->next
;
3091 static bool unix_type_skip(struct sockstat
*s
, struct filter
*f
)
3093 if (s
->type
== SOCK_STREAM
&& !(f
->dbs
&(1<<UNIX_ST_DB
)))
3095 if (s
->type
== SOCK_DGRAM
&& !(f
->dbs
&(1<<UNIX_DG_DB
)))
3097 if (s
->type
== SOCK_SEQPACKET
&& !(f
->dbs
&(1<<UNIX_SQ_DB
)))
3102 static void unix_stats_print(struct sockstat
*s
, struct filter
*f
)
3104 char port_name
[30] = {};
3106 sock_state_print(s
);
3108 sock_addr_print(s
->name
?: "*", " ",
3109 int_to_str(s
->lport
, port_name
), NULL
);
3110 sock_addr_print(s
->peer_name
?: "*", " ",
3111 int_to_str(s
->rport
, port_name
), NULL
);
3116 static int unix_show_sock(const struct sockaddr_nl
*addr
, struct nlmsghdr
*nlh
,
3119 struct filter
*f
= (struct filter
*)arg
;
3120 struct unix_diag_msg
*r
= NLMSG_DATA(nlh
);
3121 struct rtattr
*tb
[UNIX_DIAG_MAX
+1];
3123 struct sockstat stat
= { .name
= "*", .peer_name
= "*" };
3125 parse_rtattr(tb
, UNIX_DIAG_MAX
, (struct rtattr
*)(r
+1),
3126 nlh
->nlmsg_len
- NLMSG_LENGTH(sizeof(*r
)));
3128 stat
.type
= r
->udiag_type
;
3129 stat
.state
= r
->udiag_state
;
3130 stat
.ino
= stat
.lport
= r
->udiag_ino
;
3131 stat
.local
.family
= stat
.remote
.family
= AF_UNIX
;
3133 if (unix_type_skip(&stat
, f
))
3136 if (tb
[UNIX_DIAG_RQLEN
]) {
3137 struct unix_diag_rqlen
*rql
= RTA_DATA(tb
[UNIX_DIAG_RQLEN
]);
3139 stat
.rq
= rql
->udiag_rqueue
;
3140 stat
.wq
= rql
->udiag_wqueue
;
3142 if (tb
[UNIX_DIAG_NAME
]) {
3143 int len
= RTA_PAYLOAD(tb
[UNIX_DIAG_NAME
]);
3145 memcpy(name
, RTA_DATA(tb
[UNIX_DIAG_NAME
]), len
);
3147 if (name
[0] == '\0') {
3149 for (i
= 0; i
< len
; i
++)
3150 if (name
[i
] == '\0')
3153 stat
.name
= &name
[0];
3154 memcpy(stat
.local
.data
, &stat
.name
, sizeof(stat
.name
));
3156 if (tb
[UNIX_DIAG_PEER
])
3157 stat
.rport
= rta_getattr_u32(tb
[UNIX_DIAG_PEER
]);
3159 if (f
->f
&& run_ssfilter(f
->f
, &stat
) == 0)
3162 unix_stats_print(&stat
, f
);
3165 print_skmeminfo(tb
, UNIX_DIAG_MEMINFO
);
3167 if (tb
[UNIX_DIAG_SHUTDOWN
]) {
3170 mask
= rta_getattr_u8(tb
[UNIX_DIAG_SHUTDOWN
]);
3171 printf(" %c-%c", mask
& 1 ? '-' : '<', mask
& 2 ? '-' : '>');
3179 static int handle_netlink_request(struct filter
*f
, struct nlmsghdr
*req
,
3180 size_t size
, rtnl_filter_t show_one_sock
)
3183 struct rtnl_handle rth
;
3185 if (rtnl_open_byproto(&rth
, 0, NETLINK_SOCK_DIAG
))
3188 rth
.dump
= MAGIC_SEQ
;
3190 if (rtnl_send(&rth
, req
, size
) < 0)
3193 if (rtnl_dump_filter(&rth
, show_one_sock
, f
))
3202 static int unix_show_netlink(struct filter
*f
)
3204 DIAG_REQUEST(req
, struct unix_diag_req r
);
3206 req
.r
.sdiag_family
= AF_UNIX
;
3207 req
.r
.udiag_states
= f
->states
;
3208 req
.r
.udiag_show
= UDIAG_SHOW_NAME
| UDIAG_SHOW_PEER
| UDIAG_SHOW_RQLEN
;
3210 req
.r
.udiag_show
|= UDIAG_SHOW_MEMINFO
;
3212 return handle_netlink_request(f
, &req
.nlh
, sizeof(req
), unix_show_sock
);
3215 static int unix_show(struct filter
*f
)
3222 struct sockstat
*list
= NULL
;
3223 const int unix_state_map
[] = { SS_CLOSE
, SS_SYN_SENT
,
3224 SS_ESTABLISHED
, SS_CLOSING
};
3226 if (!filter_af_get(f
, AF_UNIX
))
3229 if (!getenv("PROC_NET_UNIX") && !getenv("PROC_ROOT")
3230 && unix_show_netlink(f
) == 0)
3233 if ((fp
= net_unix_open()) == NULL
)
3235 if (!fgets(buf
, sizeof(buf
), fp
)) {
3240 if (memcmp(buf
, "Peer", 4) == 0)
3244 while (fgets(buf
, sizeof(buf
), fp
)) {
3245 struct sockstat
*u
, **insp
;
3248 if (!(u
= calloc(1, sizeof(*u
))))
3251 if (sscanf(buf
, "%x: %x %x %x %x %x %d %s",
3252 &u
->rport
, &u
->rq
, &u
->wq
, &flags
, &u
->type
,
3253 &u
->state
, &u
->ino
, name
) < 8)
3257 u
->local
.family
= u
->remote
.family
= AF_UNIX
;
3259 if (flags
& (1 << 16)) {
3260 u
->state
= SS_LISTEN
;
3261 } else if (u
->state
> 0 &&
3262 u
->state
<= ARRAY_SIZE(unix_state_map
)) {
3263 u
->state
= unix_state_map
[u
->state
-1];
3264 if (u
->type
== SOCK_DGRAM
&& u
->state
== SS_CLOSE
&& u
->rport
)
3265 u
->state
= SS_ESTABLISHED
;
3267 if (unix_type_skip(u
, f
) ||
3268 !(f
->states
& (1 << u
->state
))) {
3280 u
->name
= strdup(name
);
3290 for (p
= list
; p
; p
= p
->next
) {
3291 if (u
->rport
== p
->lport
)
3297 u
->peer_name
= p
->name
? : "*";
3301 struct sockstat st
= {
3302 .local
.family
= AF_UNIX
,
3303 .remote
.family
= AF_UNIX
,
3306 memcpy(st
.local
.data
, &u
->name
, sizeof(u
->name
));
3307 if (strcmp(u
->peer_name
, "*"))
3308 memcpy(st
.remote
.data
, &u
->peer_name
,
3309 sizeof(u
->peer_name
));
3310 if (run_ssfilter(f
->f
, &st
) == 0) {
3319 if (u
->type
< (*insp
)->type
||
3320 (u
->type
== (*insp
)->type
&&
3321 u
->ino
< (*insp
)->ino
))
3323 insp
= &(*insp
)->next
;
3328 if (++cnt
> MAX_UNIX_REMEMBER
) {
3330 unix_stats_print(list
, f
);
3333 unix_list_drop_first(&list
);
3340 unix_stats_print(list
, f
);
3343 unix_list_drop_first(&list
);
3349 static int packet_stats_print(struct sockstat
*s
, const struct filter
*f
)
3351 const char *addr
, *port
;
3354 s
->local
.family
= s
->remote
.family
= AF_PACKET
;
3357 s
->local
.data
[0] = s
->prot
;
3358 if (run_ssfilter(f
->f
, s
) == 0)
3362 sock_state_print(s
);
3367 addr
= ll_proto_n2a(htons(s
->prot
), ll_name
, sizeof(ll_name
));
3372 port
= xll_index_to_name(s
->iface
);
3374 sock_addr_print(addr
, ":", port
, NULL
);
3375 sock_addr_print("", "*", "", NULL
);
3380 sock_details_print(s
);
3385 static void packet_show_ring(struct packet_diag_ring
*ring
)
3387 printf("blk_size:%d", ring
->pdr_block_size
);
3388 printf(",blk_nr:%d", ring
->pdr_block_nr
);
3389 printf(",frm_size:%d", ring
->pdr_frame_size
);
3390 printf(",frm_nr:%d", ring
->pdr_frame_nr
);
3391 printf(",tmo:%d", ring
->pdr_retire_tmo
);
3392 printf(",features:0x%x", ring
->pdr_features
);
3395 static int packet_show_sock(const struct sockaddr_nl
*addr
,
3396 struct nlmsghdr
*nlh
, void *arg
)
3398 const struct filter
*f
= arg
;
3399 struct packet_diag_msg
*r
= NLMSG_DATA(nlh
);
3400 struct packet_diag_info
*pinfo
= NULL
;
3401 struct packet_diag_ring
*ring_rx
= NULL
, *ring_tx
= NULL
;
3402 struct rtattr
*tb
[PACKET_DIAG_MAX
+1];
3403 struct sockstat stat
= {};
3404 uint32_t fanout
= 0;
3405 bool has_fanout
= false;
3407 parse_rtattr(tb
, PACKET_DIAG_MAX
, (struct rtattr
*)(r
+1),
3408 nlh
->nlmsg_len
- NLMSG_LENGTH(sizeof(*r
)));
3410 /* use /proc/net/packet if all info are not available */
3411 if (!tb
[PACKET_DIAG_MEMINFO
])
3414 stat
.type
= r
->pdiag_type
;
3415 stat
.prot
= r
->pdiag_num
;
3416 stat
.ino
= r
->pdiag_ino
;
3417 stat
.state
= SS_CLOSE
;
3418 stat
.sk
= cookie_sk_get(&r
->pdiag_cookie
[0]);
3420 if (tb
[PACKET_DIAG_MEMINFO
]) {
3421 __u32
*skmeminfo
= RTA_DATA(tb
[PACKET_DIAG_MEMINFO
]);
3423 stat
.rq
= skmeminfo
[SK_MEMINFO_RMEM_ALLOC
];
3426 if (tb
[PACKET_DIAG_INFO
]) {
3427 pinfo
= RTA_DATA(tb
[PACKET_DIAG_INFO
]);
3428 stat
.lport
= stat
.iface
= pinfo
->pdi_index
;
3431 if (tb
[PACKET_DIAG_UID
])
3432 stat
.uid
= rta_getattr_u32(tb
[PACKET_DIAG_UID
]);
3434 if (tb
[PACKET_DIAG_RX_RING
])
3435 ring_rx
= RTA_DATA(tb
[PACKET_DIAG_RX_RING
]);
3437 if (tb
[PACKET_DIAG_TX_RING
])
3438 ring_tx
= RTA_DATA(tb
[PACKET_DIAG_TX_RING
]);
3440 if (tb
[PACKET_DIAG_FANOUT
]) {
3442 fanout
= rta_getattr_u32(tb
[PACKET_DIAG_FANOUT
]);
3445 if (packet_stats_print(&stat
, f
))
3450 printf("\n\tver:%d", pinfo
->pdi_version
);
3451 printf(" cpy_thresh:%d", pinfo
->pdi_copy_thresh
);
3453 if (pinfo
->pdi_flags
& PDI_RUNNING
)
3455 if (pinfo
->pdi_flags
& PDI_AUXDATA
)
3457 if (pinfo
->pdi_flags
& PDI_ORIGDEV
)
3459 if (pinfo
->pdi_flags
& PDI_VNETHDR
)
3461 if (pinfo
->pdi_flags
& PDI_LOSS
)
3463 if (!pinfo
->pdi_flags
)
3468 printf("\n\tring_rx(");
3469 packet_show_ring(ring_rx
);
3473 printf("\n\tring_tx(");
3474 packet_show_ring(ring_tx
);
3478 uint16_t type
= (fanout
>> 16) & 0xffff;
3480 printf("\n\tfanout(");
3481 printf("id:%d,", fanout
& 0xffff);
3497 printf("0x%x", type
);
3503 if (show_bpf
&& tb
[PACKET_DIAG_FILTER
]) {
3504 struct sock_filter
*fil
=
3505 RTA_DATA(tb
[PACKET_DIAG_FILTER
]);
3506 int num
= RTA_PAYLOAD(tb
[PACKET_DIAG_FILTER
]) /
3507 sizeof(struct sock_filter
);
3509 printf("\n\tbpf filter (%d): ", num
);
3511 printf(" 0x%02x %u %u %u,",
3512 fil
->code
, fil
->jt
, fil
->jf
, fil
->k
);
3521 static int packet_show_netlink(struct filter
*f
)
3523 DIAG_REQUEST(req
, struct packet_diag_req r
);
3525 req
.r
.sdiag_family
= AF_PACKET
;
3526 req
.r
.pdiag_show
= PACKET_SHOW_INFO
| PACKET_SHOW_MEMINFO
|
3527 PACKET_SHOW_FILTER
| PACKET_SHOW_RING_CFG
| PACKET_SHOW_FANOUT
;
3529 return handle_netlink_request(f
, &req
.nlh
, sizeof(req
), packet_show_sock
);
3532 static int packet_show_line(char *buf
, const struct filter
*f
, int fam
)
3534 unsigned long long sk
;
3535 struct sockstat stat
= {};
3536 int type
, prot
, iface
, state
, rq
, uid
, ino
;
3538 sscanf(buf
, "%llx %*d %d %x %d %d %u %u %u",
3540 &type
, &prot
, &iface
, &state
,
3543 if (stat
.type
== SOCK_RAW
&& !(f
->dbs
&(1<<PACKET_R_DB
)))
3545 if (stat
.type
== SOCK_DGRAM
&& !(f
->dbs
&(1<<PACKET_DG_DB
)))
3550 stat
.lport
= stat
.iface
= iface
;
3555 stat
.state
= SS_CLOSE
;
3557 if (packet_stats_print(&stat
, f
))
3564 static int packet_show(struct filter
*f
)
3569 if (!filter_af_get(f
, AF_PACKET
) || !(f
->states
& (1 << SS_CLOSE
)))
3572 if (!getenv("PROC_NET_PACKET") && !getenv("PROC_ROOT") &&
3573 packet_show_netlink(f
) == 0)
3576 if ((fp
= net_packet_open()) == NULL
)
3578 if (generic_record_read(fp
, packet_show_line
, f
, AF_PACKET
))
3585 static int netlink_show_one(struct filter
*f
,
3586 int prot
, int pid
, unsigned int groups
,
3587 int state
, int dst_pid
, unsigned int dst_group
,
3589 unsigned long long sk
, unsigned long long cb
)
3591 struct sockstat st
= {
3595 .local
.family
= AF_NETLINK
,
3596 .remote
.family
= AF_NETLINK
,
3599 SPRINT_BUF(prot_buf
) = {};
3600 const char *prot_name
;
3601 char procname
[64] = {};
3606 st
.local
.data
[0] = prot
;
3607 if (run_ssfilter(f
->f
, &st
) == 0)
3611 sock_state_print(&st
);
3613 if (resolve_services
)
3614 prot_name
= nl_proto_n2a(prot
, prot_buf
, sizeof(prot_buf
));
3616 prot_name
= int_to_str(prot
, prot_buf
);
3620 } else if (resolve_services
) {
3625 strncpy(procname
, "kernel", 6);
3626 } else if (pid
> 0) {
3629 snprintf(procname
, sizeof(procname
), "%s/%d/stat",
3630 getenv("PROC_ROOT") ? : "/proc", pid
);
3631 if ((fp
= fopen(procname
, "r")) != NULL
) {
3632 if (fscanf(fp
, "%*d (%[^)])", procname
) == 1) {
3633 snprintf(procname
+strlen(procname
),
3634 sizeof(procname
)-strlen(procname
),
3642 int_to_str(pid
, procname
);
3644 int_to_str(pid
, procname
);
3647 sock_addr_print(prot_name
, ":", procname
, NULL
);
3649 if (state
== NETLINK_CONNECTED
) {
3650 char dst_group_buf
[30];
3651 char dst_pid_buf
[30];
3653 sock_addr_print(int_to_str(dst_group
, dst_group_buf
), ":",
3654 int_to_str(dst_pid
, dst_pid_buf
), NULL
);
3656 sock_addr_print("", "*", "", NULL
);
3659 char *pid_context
= NULL
;
3661 if (show_proc_ctx
) {
3662 /* The pid value will either be:
3663 * 0 if destination kernel - show kernel initial context.
3664 * A valid process pid - use getpidcon.
3665 * A unique value allocated by the kernel or netlink user
3666 * to the process - show context as "not available".
3669 security_get_initial_context("kernel", &pid_context
);
3671 getpidcon(pid
, &pid_context
);
3673 if (pid_context
!= NULL
) {
3674 printf("proc_ctx=%-*s ", serv_width
, pid_context
);
3677 printf("proc_ctx=%-*s ", serv_width
, "unavailable");
3682 printf(" sk=%llx cb=%llx groups=0x%08x", sk
, cb
, groups
);
3689 static int netlink_show_sock(const struct sockaddr_nl
*addr
,
3690 struct nlmsghdr
*nlh
, void *arg
)
3692 struct filter
*f
= (struct filter
*)arg
;
3693 struct netlink_diag_msg
*r
= NLMSG_DATA(nlh
);
3694 struct rtattr
*tb
[NETLINK_DIAG_MAX
+1];
3696 unsigned long groups
= 0;
3698 parse_rtattr(tb
, NETLINK_DIAG_MAX
, (struct rtattr
*)(r
+1),
3699 nlh
->nlmsg_len
- NLMSG_LENGTH(sizeof(*r
)));
3701 if (tb
[NETLINK_DIAG_GROUPS
] && RTA_PAYLOAD(tb
[NETLINK_DIAG_GROUPS
]))
3702 groups
= *(unsigned long *) RTA_DATA(tb
[NETLINK_DIAG_GROUPS
]);
3704 if (tb
[NETLINK_DIAG_MEMINFO
]) {
3705 const __u32
*skmeminfo
;
3707 skmeminfo
= RTA_DATA(tb
[NETLINK_DIAG_MEMINFO
]);
3709 rq
= skmeminfo
[SK_MEMINFO_RMEM_ALLOC
];
3710 wq
= skmeminfo
[SK_MEMINFO_WMEM_ALLOC
];
3713 if (netlink_show_one(f
, r
->ndiag_protocol
, r
->ndiag_portid
, groups
,
3714 r
->ndiag_state
, r
->ndiag_dst_portid
, r
->ndiag_dst_group
,
3721 print_skmeminfo(tb
, NETLINK_DIAG_MEMINFO
);
3728 static int netlink_show_netlink(struct filter
*f
)
3730 DIAG_REQUEST(req
, struct netlink_diag_req r
);
3732 req
.r
.sdiag_family
= AF_NETLINK
;
3733 req
.r
.sdiag_protocol
= NDIAG_PROTO_ALL
;
3734 req
.r
.ndiag_show
= NDIAG_SHOW_GROUPS
| NDIAG_SHOW_MEMINFO
;
3736 return handle_netlink_request(f
, &req
.nlh
, sizeof(req
), netlink_show_sock
);
3739 static int netlink_show(struct filter
*f
)
3744 unsigned int groups
;
3746 unsigned long long sk
, cb
;
3748 if (!filter_af_get(f
, AF_NETLINK
) || !(f
->states
& (1 << SS_CLOSE
)))
3751 if (!getenv("PROC_NET_NETLINK") && !getenv("PROC_ROOT") &&
3752 netlink_show_netlink(f
) == 0)
3755 if ((fp
= net_netlink_open()) == NULL
)
3757 if (!fgets(buf
, sizeof(buf
), fp
)) {
3762 while (fgets(buf
, sizeof(buf
), fp
)) {
3763 sscanf(buf
, "%llx %d %d %x %d %d %llx %d",
3765 &prot
, &pid
, &groups
, &rq
, &wq
, &cb
, &rc
);
3767 netlink_show_one(f
, prot
, pid
, groups
, 0, 0, 0, rq
, wq
, sk
, cb
);
3774 static bool vsock_type_skip(struct sockstat
*s
, struct filter
*f
)
3776 if (s
->type
== SOCK_STREAM
&& !(f
->dbs
& (1 << VSOCK_ST_DB
)))
3778 if (s
->type
== SOCK_DGRAM
&& !(f
->dbs
& (1 << VSOCK_DG_DB
)))
3783 static void vsock_addr_print(inet_prefix
*a
, __u32 port
)
3785 char cid_str
[sizeof("4294967295")];
3786 char port_str
[sizeof("4294967295")];
3789 memcpy(&cid
, a
->data
, sizeof(cid
));
3791 if (cid
== ~(__u32
)0)
3792 snprintf(cid_str
, sizeof(cid_str
), "*");
3794 snprintf(cid_str
, sizeof(cid_str
), "%u", cid
);
3796 if (port
== ~(__u32
)0)
3797 snprintf(port_str
, sizeof(port_str
), "*");
3799 snprintf(port_str
, sizeof(port_str
), "%u", port
);
3801 sock_addr_print(cid_str
, ":", port_str
, NULL
);
3804 static void vsock_stats_print(struct sockstat
*s
, struct filter
*f
)
3806 sock_state_print(s
);
3808 vsock_addr_print(&s
->local
, s
->lport
);
3809 vsock_addr_print(&s
->remote
, s
->rport
);
3816 static int vsock_show_sock(const struct sockaddr_nl
*addr
,
3817 struct nlmsghdr
*nlh
, void *arg
)
3819 struct filter
*f
= (struct filter
*)arg
;
3820 struct vsock_diag_msg
*r
= NLMSG_DATA(nlh
);
3821 struct sockstat stat
= {
3822 .type
= r
->vdiag_type
,
3823 .lport
= r
->vdiag_src_port
,
3824 .rport
= r
->vdiag_dst_port
,
3825 .state
= r
->vdiag_state
,
3826 .ino
= r
->vdiag_ino
,
3829 vsock_set_inet_prefix(&stat
.local
, r
->vdiag_src_cid
);
3830 vsock_set_inet_prefix(&stat
.remote
, r
->vdiag_dst_cid
);
3832 if (vsock_type_skip(&stat
, f
))
3835 if (f
->f
&& run_ssfilter(f
->f
, &stat
) == 0)
3838 vsock_stats_print(&stat
, f
);
3843 static int vsock_show(struct filter
*f
)
3845 DIAG_REQUEST(req
, struct vsock_diag_req r
);
3847 if (!filter_af_get(f
, AF_VSOCK
))
3850 req
.r
.sdiag_family
= AF_VSOCK
;
3851 req
.r
.vdiag_states
= f
->states
;
3853 return handle_netlink_request(f
, &req
.nlh
, sizeof(req
), vsock_show_sock
);
3856 struct sock_diag_msg
{
3860 static int generic_show_sock(const struct sockaddr_nl
*addr
,
3861 struct nlmsghdr
*nlh
, void *arg
)
3863 struct sock_diag_msg
*r
= NLMSG_DATA(nlh
);
3864 struct inet_diag_arg inet_arg
= { .f
= arg
, .protocol
= IPPROTO_MAX
};
3866 switch (r
->sdiag_family
) {
3869 return show_one_inet_sock(addr
, nlh
, &inet_arg
);
3871 return unix_show_sock(addr
, nlh
, arg
);
3873 return packet_show_sock(addr
, nlh
, arg
);
3875 return netlink_show_sock(addr
, nlh
, arg
);
3877 return vsock_show_sock(addr
, nlh
, arg
);
3883 static int handle_follow_request(struct filter
*f
)
3887 struct rtnl_handle rth
;
3889 if (f
->families
& FAMILY_MASK(AF_INET
) && f
->dbs
& (1 << TCP_DB
))
3890 groups
|= 1 << (SKNLGRP_INET_TCP_DESTROY
- 1);
3891 if (f
->families
& FAMILY_MASK(AF_INET
) && f
->dbs
& (1 << UDP_DB
))
3892 groups
|= 1 << (SKNLGRP_INET_UDP_DESTROY
- 1);
3893 if (f
->families
& FAMILY_MASK(AF_INET6
) && f
->dbs
& (1 << TCP_DB
))
3894 groups
|= 1 << (SKNLGRP_INET6_TCP_DESTROY
- 1);
3895 if (f
->families
& FAMILY_MASK(AF_INET6
) && f
->dbs
& (1 << UDP_DB
))
3896 groups
|= 1 << (SKNLGRP_INET6_UDP_DESTROY
- 1);
3901 if (rtnl_open_byproto(&rth
, groups
, NETLINK_SOCK_DIAG
))
3905 rth
.local
.nl_pid
= 0;
3907 if (rtnl_dump_filter(&rth
, generic_show_sock
, f
))
3914 static int get_snmp_int(char *proto
, char *key
, int *result
)
3918 int protolen
= strlen(proto
);
3919 int keylen
= strlen(key
);
3923 if ((fp
= net_snmp_open()) == NULL
)
3926 while (fgets(buf
, sizeof(buf
), fp
) != NULL
) {
3930 if (memcmp(buf
, proto
, protolen
))
3932 while ((p
= strchr(p
, ' ')) != NULL
) {
3935 if (memcmp(p
, key
, keylen
) == 0 &&
3936 (p
[keylen
] == ' ' || p
[keylen
] == '\n'))
3939 if (fgets(buf
, sizeof(buf
), fp
) == NULL
)
3941 if (memcmp(buf
, proto
, protolen
))
3944 while ((p
= strchr(p
, ' ')) != NULL
) {
3947 sscanf(p
, "%d", result
);
3960 /* Get stats from sockstat */
3980 static void get_sockstat_line(char *line
, struct ssummary
*s
)
3982 char id
[256], rem
[256];
3984 if (sscanf(line
, "%[^ ] %[^\n]\n", id
, rem
) != 2)
3987 if (strcmp(id
, "sockets:") == 0)
3988 sscanf(rem
, "%*s%d", &s
->socks
);
3989 else if (strcmp(id
, "UDP:") == 0)
3990 sscanf(rem
, "%*s%d", &s
->udp4
);
3991 else if (strcmp(id
, "UDP6:") == 0)
3992 sscanf(rem
, "%*s%d", &s
->udp6
);
3993 else if (strcmp(id
, "RAW:") == 0)
3994 sscanf(rem
, "%*s%d", &s
->raw4
);
3995 else if (strcmp(id
, "RAW6:") == 0)
3996 sscanf(rem
, "%*s%d", &s
->raw6
);
3997 else if (strcmp(id
, "TCP6:") == 0)
3998 sscanf(rem
, "%*s%d", &s
->tcp6_hashed
);
3999 else if (strcmp(id
, "FRAG:") == 0)
4000 sscanf(rem
, "%*s%d%*s%d", &s
->frag4
, &s
->frag4_mem
);
4001 else if (strcmp(id
, "FRAG6:") == 0)
4002 sscanf(rem
, "%*s%d%*s%d", &s
->frag6
, &s
->frag6_mem
);
4003 else if (strcmp(id
, "TCP:") == 0)
4004 sscanf(rem
, "%*s%d%*s%d%*s%d%*s%d%*s%d",
4006 &s
->tcp_orphans
, &s
->tcp_tws
, &s
->tcp_total
, &s
->tcp_mem
);
4009 static int get_sockstat(struct ssummary
*s
)
4014 memset(s
, 0, sizeof(*s
));
4016 if ((fp
= net_sockstat_open()) == NULL
)
4018 while (fgets(buf
, sizeof(buf
), fp
) != NULL
)
4019 get_sockstat_line(buf
, s
);
4022 if ((fp
= net_sockstat6_open()) == NULL
)
4024 while (fgets(buf
, sizeof(buf
), fp
) != NULL
)
4025 get_sockstat_line(buf
, s
);
4031 static int print_summary(void)
4036 if (get_sockstat(&s
) < 0)
4037 perror("ss: get_sockstat");
4038 if (get_snmp_int("Tcp:", "CurrEstab", &tcp_estab
) < 0)
4039 perror("ss: get_snmpstat");
4041 get_slabstat(&slabstat
);
4043 printf("Total: %d (kernel %d)\n", s
.socks
, slabstat
.socks
);
4045 printf("TCP: %d (estab %d, closed %d, orphaned %d, synrecv %d, timewait %d/%d), ports %d\n",
4046 s
.tcp_total
+ slabstat
.tcp_syns
+ s
.tcp_tws
,
4048 s
.tcp_total
- (s
.tcp4_hashed
+s
.tcp6_hashed
-s
.tcp_tws
),
4051 s
.tcp_tws
, slabstat
.tcp_tws
,
4056 printf("Transport Total IP IPv6\n");
4057 printf("* %-9d %-9s %-9s\n", slabstat
.socks
, "-", "-");
4058 printf("RAW %-9d %-9d %-9d\n", s
.raw4
+s
.raw6
, s
.raw4
, s
.raw6
);
4059 printf("UDP %-9d %-9d %-9d\n", s
.udp4
+s
.udp6
, s
.udp4
, s
.udp6
);
4060 printf("TCP %-9d %-9d %-9d\n", s
.tcp4_hashed
+s
.tcp6_hashed
, s
.tcp4_hashed
, s
.tcp6_hashed
);
4061 printf("INET %-9d %-9d %-9d\n",
4062 s
.raw4
+s
.udp4
+s
.tcp4_hashed
+
4063 s
.raw6
+s
.udp6
+s
.tcp6_hashed
,
4064 s
.raw4
+s
.udp4
+s
.tcp4_hashed
,
4065 s
.raw6
+s
.udp6
+s
.tcp6_hashed
);
4066 printf("FRAG %-9d %-9d %-9d\n", s
.frag4
+s
.frag6
, s
.frag4
, s
.frag6
);
4073 static void _usage(FILE *dest
)
4076 "Usage: ss [ OPTIONS ]\n"
4077 " ss [ OPTIONS ] [ FILTER ]\n"
4078 " -h, --help this message\n"
4079 " -V, --version output version information\n"
4080 " -n, --numeric don't resolve service names\n"
4081 " -r, --resolve resolve host names\n"
4082 " -a, --all display all sockets\n"
4083 " -l, --listening display listening sockets\n"
4084 " -o, --options show timer information\n"
4085 " -e, --extended show detailed socket information\n"
4086 " -m, --memory show socket memory usage\n"
4087 " -p, --processes show process using socket\n"
4088 " -i, --info show internal TCP information\n"
4089 " -s, --summary show socket usage summary\n"
4090 " -b, --bpf show bpf filter socket information\n"
4091 " -E, --events continually display sockets as they are destroyed\n"
4092 " -Z, --context display process SELinux security contexts\n"
4093 " -z, --contexts display process and socket SELinux security contexts\n"
4094 " -N, --net switch to the specified network namespace name\n"
4096 " -4, --ipv4 display only IP version 4 sockets\n"
4097 " -6, --ipv6 display only IP version 6 sockets\n"
4098 " -0, --packet display PACKET sockets\n"
4099 " -t, --tcp display only TCP sockets\n"
4100 " -S, --sctp display only SCTP sockets\n"
4101 " -u, --udp display only UDP sockets\n"
4102 " -d, --dccp display only DCCP sockets\n"
4103 " -w, --raw display only RAW sockets\n"
4104 " -x, --unix display only Unix domain sockets\n"
4105 " --vsock display only vsock sockets\n"
4106 " -f, --family=FAMILY display sockets of type FAMILY\n"
4107 " FAMILY := {inet|inet6|link|unix|netlink|vsock|help}\n"
4109 " -K, --kill forcibly close sockets, display what was closed\n"
4110 " -H, --no-header Suppress header line\n"
4112 " -A, --query=QUERY, --socket=QUERY\n"
4113 " QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram}[,QUERY]\n"
4115 " -D, --diag=FILE Dump raw information about TCP sockets to FILE\n"
4116 " -F, --filter=FILE read filter information from FILE\n"
4117 " FILTER := [ state STATE-FILTER ] [ EXPRESSION ]\n"
4118 " STATE-FILTER := {all|connected|synchronized|bucket|big|TCP-STATES}\n"
4119 " TCP-STATES := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|closed|close-wait|last-ack|listening|closing}\n"
4120 " connected := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
4121 " synchronized := {established|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
4122 " bucket := {syn-recv|time-wait}\n"
4123 " big := {established|syn-sent|fin-wait-{1,2}|closed|close-wait|last-ack|listening|closing}\n"
4127 static void help(void) __attribute__((noreturn
));
4128 static void help(void)
4134 static void usage(void) __attribute__((noreturn
));
4135 static void usage(void)
4142 static int scan_state(const char *state
)
4144 static const char * const sstate_namel
[] = {
4146 [SS_ESTABLISHED
] = "established",
4147 [SS_SYN_SENT
] = "syn-sent",
4148 [SS_SYN_RECV
] = "syn-recv",
4149 [SS_FIN_WAIT1
] = "fin-wait-1",
4150 [SS_FIN_WAIT2
] = "fin-wait-2",
4151 [SS_TIME_WAIT
] = "time-wait",
4152 [SS_CLOSE
] = "unconnected",
4153 [SS_CLOSE_WAIT
] = "close-wait",
4154 [SS_LAST_ACK
] = "last-ack",
4155 [SS_LISTEN
] = "listening",
4156 [SS_CLOSING
] = "closing",
4160 if (strcasecmp(state
, "close") == 0 ||
4161 strcasecmp(state
, "closed") == 0)
4162 return (1<<SS_CLOSE
);
4163 if (strcasecmp(state
, "syn-rcv") == 0)
4164 return (1<<SS_SYN_RECV
);
4165 if (strcasecmp(state
, "established") == 0)
4166 return (1<<SS_ESTABLISHED
);
4167 if (strcasecmp(state
, "all") == 0)
4169 if (strcasecmp(state
, "connected") == 0)
4170 return SS_ALL
& ~((1<<SS_CLOSE
)|(1<<SS_LISTEN
));
4171 if (strcasecmp(state
, "synchronized") == 0)
4172 return SS_ALL
& ~((1<<SS_CLOSE
)|(1<<SS_LISTEN
)|(1<<SS_SYN_SENT
));
4173 if (strcasecmp(state
, "bucket") == 0)
4174 return (1<<SS_SYN_RECV
)|(1<<SS_TIME_WAIT
);
4175 if (strcasecmp(state
, "big") == 0)
4176 return SS_ALL
& ~((1<<SS_SYN_RECV
)|(1<<SS_TIME_WAIT
));
4177 for (i
= 0; i
< SS_MAX
; i
++) {
4178 if (strcasecmp(state
, sstate_namel
[i
]) == 0)
4182 fprintf(stderr
, "ss: wrong state name: %s\n", state
);
4186 /* Values 'v' and 'V' are already used so a non-character is used */
4187 #define OPT_VSOCK 256
4189 static const struct option long_opts
[] = {
4190 { "numeric", 0, 0, 'n' },
4191 { "resolve", 0, 0, 'r' },
4192 { "options", 0, 0, 'o' },
4193 { "extended", 0, 0, 'e' },
4194 { "memory", 0, 0, 'm' },
4195 { "info", 0, 0, 'i' },
4196 { "processes", 0, 0, 'p' },
4197 { "bpf", 0, 0, 'b' },
4198 { "events", 0, 0, 'E' },
4199 { "dccp", 0, 0, 'd' },
4200 { "tcp", 0, 0, 't' },
4201 { "sctp", 0, 0, 'S' },
4202 { "udp", 0, 0, 'u' },
4203 { "raw", 0, 0, 'w' },
4204 { "unix", 0, 0, 'x' },
4205 { "vsock", 0, 0, OPT_VSOCK
},
4206 { "all", 0, 0, 'a' },
4207 { "listening", 0, 0, 'l' },
4208 { "ipv4", 0, 0, '4' },
4209 { "ipv6", 0, 0, '6' },
4210 { "packet", 0, 0, '0' },
4211 { "family", 1, 0, 'f' },
4212 { "socket", 1, 0, 'A' },
4213 { "query", 1, 0, 'A' },
4214 { "summary", 0, 0, 's' },
4215 { "diag", 1, 0, 'D' },
4216 { "filter", 1, 0, 'F' },
4217 { "version", 0, 0, 'V' },
4218 { "help", 0, 0, 'h' },
4219 { "context", 0, 0, 'Z' },
4220 { "contexts", 0, 0, 'z' },
4221 { "net", 1, 0, 'N' },
4222 { "kill", 0, 0, 'K' },
4223 { "no-header", 0, 0, 'H' },
4228 int main(int argc
, char *argv
[])
4233 const char *dump_tcpdiag
= NULL
;
4234 FILE *filter_fp
= NULL
;
4236 int state_filter
= 0;
4237 int addrp_width
, screen_width
= 80;
4239 while ((ch
= getopt_long(argc
, argv
,
4240 "dhaletuwxnro460spbEf:miA:D:F:vVzZN:KHS",
4241 long_opts
, NULL
)) != EOF
) {
4244 resolve_services
= 0;
4264 user_ent_hash_build();
4274 filter_db_set(¤t_filter
, DCCP_DB
);
4277 filter_db_set(¤t_filter
, TCP_DB
);
4280 filter_db_set(¤t_filter
, SCTP_DB
);
4283 filter_db_set(¤t_filter
, UDP_DB
);
4286 filter_db_set(¤t_filter
, RAW_DB
);
4289 filter_af_set(¤t_filter
, AF_UNIX
);
4292 filter_af_set(¤t_filter
, AF_VSOCK
);
4295 state_filter
= SS_ALL
;
4298 state_filter
= (1 << SS_LISTEN
) | (1 << SS_CLOSE
);
4301 filter_af_set(¤t_filter
, AF_INET
);
4304 filter_af_set(¤t_filter
, AF_INET6
);
4307 filter_af_set(¤t_filter
, AF_PACKET
);
4310 if (strcmp(optarg
, "inet") == 0)
4311 filter_af_set(¤t_filter
, AF_INET
);
4312 else if (strcmp(optarg
, "inet6") == 0)
4313 filter_af_set(¤t_filter
, AF_INET6
);
4314 else if (strcmp(optarg
, "link") == 0)
4315 filter_af_set(¤t_filter
, AF_PACKET
);
4316 else if (strcmp(optarg
, "unix") == 0)
4317 filter_af_set(¤t_filter
, AF_UNIX
);
4318 else if (strcmp(optarg
, "netlink") == 0)
4319 filter_af_set(¤t_filter
, AF_NETLINK
);
4320 else if (strcmp(optarg
, "vsock") == 0)
4321 filter_af_set(¤t_filter
, AF_VSOCK
);
4322 else if (strcmp(optarg
, "help") == 0)
4325 fprintf(stderr
, "ss: \"%s\" is invalid family\n",
4335 current_filter
.dbs
= 0;
4336 state_filter
= state_filter
?
4337 state_filter
: SS_CONN
;
4343 if ((p1
= strchr(p
, ',')) != NULL
)
4345 if (strcmp(p
, "all") == 0) {
4346 filter_default_dbs(¤t_filter
);
4347 } else if (strcmp(p
, "inet") == 0) {
4348 filter_db_set(¤t_filter
, UDP_DB
);
4349 filter_db_set(¤t_filter
, DCCP_DB
);
4350 filter_db_set(¤t_filter
, TCP_DB
);
4351 filter_db_set(¤t_filter
, SCTP_DB
);
4352 filter_db_set(¤t_filter
, RAW_DB
);
4353 } else if (strcmp(p
, "udp") == 0) {
4354 filter_db_set(¤t_filter
, UDP_DB
);
4355 } else if (strcmp(p
, "dccp") == 0) {
4356 filter_db_set(¤t_filter
, DCCP_DB
);
4357 } else if (strcmp(p
, "tcp") == 0) {
4358 filter_db_set(¤t_filter
, TCP_DB
);
4359 } else if (strcmp(p
, "sctp") == 0) {
4360 filter_db_set(¤t_filter
, SCTP_DB
);
4361 } else if (strcmp(p
, "raw") == 0) {
4362 filter_db_set(¤t_filter
, RAW_DB
);
4363 } else if (strcmp(p
, "unix") == 0) {
4364 filter_db_set(¤t_filter
, UNIX_ST_DB
);
4365 filter_db_set(¤t_filter
, UNIX_DG_DB
);
4366 filter_db_set(¤t_filter
, UNIX_SQ_DB
);
4367 } else if (strcasecmp(p
, "unix_stream") == 0 ||
4368 strcmp(p
, "u_str") == 0) {
4369 filter_db_set(¤t_filter
, UNIX_ST_DB
);
4370 } else if (strcasecmp(p
, "unix_dgram") == 0 ||
4371 strcmp(p
, "u_dgr") == 0) {
4372 filter_db_set(¤t_filter
, UNIX_DG_DB
);
4373 } else if (strcasecmp(p
, "unix_seqpacket") == 0 ||
4374 strcmp(p
, "u_seq") == 0) {
4375 filter_db_set(¤t_filter
, UNIX_SQ_DB
);
4376 } else if (strcmp(p
, "packet") == 0) {
4377 filter_db_set(¤t_filter
, PACKET_R_DB
);
4378 filter_db_set(¤t_filter
, PACKET_DG_DB
);
4379 } else if (strcmp(p
, "packet_raw") == 0 ||
4380 strcmp(p
, "p_raw") == 0) {
4381 filter_db_set(¤t_filter
, PACKET_R_DB
);
4382 } else if (strcmp(p
, "packet_dgram") == 0 ||
4383 strcmp(p
, "p_dgr") == 0) {
4384 filter_db_set(¤t_filter
, PACKET_DG_DB
);
4385 } else if (strcmp(p
, "netlink") == 0) {
4386 filter_db_set(¤t_filter
, NETLINK_DB
);
4387 } else if (strcmp(p
, "vsock") == 0) {
4388 filter_db_set(¤t_filter
, VSOCK_ST_DB
);
4389 filter_db_set(¤t_filter
, VSOCK_DG_DB
);
4390 } else if (strcmp(p
, "vsock_stream") == 0 ||
4391 strcmp(p
, "v_str") == 0) {
4392 filter_db_set(¤t_filter
, VSOCK_ST_DB
);
4393 } else if (strcmp(p
, "vsock_dgram") == 0 ||
4394 strcmp(p
, "v_dgr") == 0) {
4395 filter_db_set(¤t_filter
, VSOCK_DG_DB
);
4397 fprintf(stderr
, "ss: \"%s\" is illegal socket table id\n", p
);
4408 dump_tcpdiag
= optarg
;
4412 fprintf(stderr
, "More than one filter file\n");
4415 if (optarg
[0] == '-')
4418 filter_fp
= fopen(optarg
, "r");
4420 perror("fopen filter file");
4426 printf("ss utility, iproute2-ss%s\n", SNAPSHOT
);
4432 if (is_selinux_enabled() <= 0) {
4433 fprintf(stderr
, "ss: SELinux is not enabled.\n");
4437 user_ent_hash_build();
4440 if (netns_switch(optarg
))
4444 current_filter
.kill
= 1;
4462 if (do_default
&& argc
== 0)
4467 if (strcmp(*argv
, "state") == 0) {
4471 state_filter
|= scan_state(*argv
);
4473 } else if (strcmp(*argv
, "exclude") == 0 ||
4474 strcmp(*argv
, "excl") == 0) {
4477 state_filter
= SS_ALL
;
4478 state_filter
&= ~scan_state(*argv
);
4487 state_filter
= state_filter
? state_filter
: SS_CONN
;
4488 filter_default_dbs(¤t_filter
);
4491 filter_states_set(¤t_filter
, state_filter
);
4492 filter_merge_defaults(¤t_filter
);
4494 if (resolve_services
&& resolve_hosts
&&
4495 (current_filter
.dbs
& (UNIX_DBM
|INET_L4_DBM
)))
4496 init_service_resolver();
4498 if (current_filter
.dbs
== 0) {
4499 fprintf(stderr
, "ss: no socket tables to show with such filter.\n");
4502 if (current_filter
.families
== 0) {
4503 fprintf(stderr
, "ss: no families to show with such filter.\n");
4506 if (current_filter
.states
== 0) {
4507 fprintf(stderr
, "ss: no socket states to show with such filter.\n");
4512 FILE *dump_fp
= stdout
;
4514 if (!(current_filter
.dbs
& (1<<TCP_DB
))) {
4515 fprintf(stderr
, "ss: tcpdiag dump requested and no tcp in filter.\n");
4518 if (dump_tcpdiag
[0] != '-') {
4519 dump_fp
= fopen(dump_tcpdiag
, "w");
4520 if (!dump_tcpdiag
) {
4521 perror("fopen dump file");
4525 inet_show_netlink(¤t_filter
, dump_fp
, IPPROTO_TCP
);
4530 if (ssfilter_parse(¤t_filter
.f
, argc
, argv
, filter_fp
))
4534 if (current_filter
.dbs
&(current_filter
.dbs
-1))
4538 if (current_filter
.states
&(current_filter
.states
-1))
4541 if (isatty(STDOUT_FILENO
)) {
4544 if (ioctl(STDOUT_FILENO
, TIOCGWINSZ
, &w
) != -1) {
4546 screen_width
= w
.ws_col
;
4550 addrp_width
= screen_width
;
4551 addrp_width
-= netid_width
+1;
4552 addrp_width
-= state_width
+1;
4555 if (addrp_width
&1) {
4558 else if (state_width
)
4565 serv_width
= resolve_services
? 7 : 5;
4567 if (addrp_width
< 15+serv_width
+1)
4568 addrp_width
= 15+serv_width
+1;
4570 addr_width
= addrp_width
- serv_width
- 1;
4574 printf("%-*s ", netid_width
, "Netid");
4576 printf("%-*s ", state_width
, "State");
4577 printf("%-6s %-6s ", "Recv-Q", "Send-Q");
4580 /* Make enough space for the local/remote port field */
4585 printf("%*s:%-*s %*s:%-*s\n",
4586 addr_width
, "Local Address", serv_width
, "Port",
4587 addr_width
, "Peer Address", serv_width
, "Port");
4593 exit(handle_follow_request(¤t_filter
));
4595 if (current_filter
.dbs
& (1<<NETLINK_DB
))
4596 netlink_show(¤t_filter
);
4597 if (current_filter
.dbs
& PACKET_DBM
)
4598 packet_show(¤t_filter
);
4599 if (current_filter
.dbs
& UNIX_DBM
)
4600 unix_show(¤t_filter
);
4601 if (current_filter
.dbs
& (1<<RAW_DB
))
4602 raw_show(¤t_filter
);
4603 if (current_filter
.dbs
& (1<<UDP_DB
))
4604 udp_show(¤t_filter
);
4605 if (current_filter
.dbs
& (1<<TCP_DB
))
4606 tcp_show(¤t_filter
);
4607 if (current_filter
.dbs
& (1<<DCCP_DB
))
4608 dccp_show(¤t_filter
);
4609 if (current_filter
.dbs
& (1<<SCTP_DB
))
4610 sctp_show(¤t_filter
);
4611 if (current_filter
.dbs
& VSOCK_DBM
)
4612 vsock_show(¤t_filter
);
4614 if (show_users
|| show_proc_ctx
|| show_sock_ctx
)