]> git.proxmox.com Git - mirror_iproute2.git/blob - misc/ss.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'master' into net-next
[mirror_iproute2.git] / misc / ss.c
1 /*
2 * ss.c "sockstat", socket statistics
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
10 */
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <unistd.h>
15 #include <syslog.h>
16 #include <fcntl.h>
17 #include <sys/ioctl.h>
18 #include <sys/socket.h>
19 #include <sys/uio.h>
20 #include <netinet/in.h>
21 #include <string.h>
22 #include <errno.h>
23 #include <netdb.h>
24 #include <arpa/inet.h>
25 #include <dirent.h>
26 #include <fnmatch.h>
27 #include <getopt.h>
28 #include <stdbool.h>
29 #include <limits.h>
30
31 #include "utils.h"
32 #include "rt_names.h"
33 #include "ll_map.h"
34 #include "libnetlink.h"
35 #include "namespace.h"
36 #include "SNAPSHOT.h"
37
38 #include <linux/tcp.h>
39 #include <linux/sock_diag.h>
40 #include <linux/inet_diag.h>
41 #include <linux/unix_diag.h>
42 #include <linux/netdevice.h> /* for MAX_ADDR_LEN */
43 #include <linux/filter.h>
44 #include <linux/packet_diag.h>
45 #include <linux/netlink_diag.h>
46 #include <linux/sctp.h>
47 #include <linux/vm_sockets_diag.h>
48
49 #define MAGIC_SEQ 123456
50
51 #define DIAG_REQUEST(_req, _r) \
52 struct { \
53 struct nlmsghdr nlh; \
54 _r; \
55 } _req = { \
56 .nlh = { \
57 .nlmsg_type = SOCK_DIAG_BY_FAMILY, \
58 .nlmsg_flags = NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST,\
59 .nlmsg_seq = MAGIC_SEQ, \
60 .nlmsg_len = sizeof(_req), \
61 }, \
62 }
63
64 #if HAVE_SELINUX
65 #include <selinux/selinux.h>
66 #else
67 /* Stubs for SELinux functions */
68 static int is_selinux_enabled(void)
69 {
70 return -1;
71 }
72
73 static int getpidcon(pid_t pid, char **context)
74 {
75 *context = NULL;
76 return -1;
77 }
78
79 static int getfilecon(char *path, char **context)
80 {
81 *context = NULL;
82 return -1;
83 }
84
85 static int security_get_initial_context(char *name, char **context)
86 {
87 *context = NULL;
88 return -1;
89 }
90 #endif
91
92 int resolve_hosts;
93 int resolve_services = 1;
94 int preferred_family = AF_UNSPEC;
95 int show_options;
96 int show_details;
97 int show_users;
98 int show_mem;
99 int show_tcpinfo;
100 int show_bpf;
101 int show_proc_ctx;
102 int show_sock_ctx;
103 int show_header = 1;
104 int follow_events;
105 int sctp_ino;
106
107 int netid_width;
108 int state_width;
109 int addr_width;
110 int serv_width;
111
112 static const char *TCP_PROTO = "tcp";
113 static const char *SCTP_PROTO = "sctp";
114 static const char *UDP_PROTO = "udp";
115 static const char *RAW_PROTO = "raw";
116 static const char *dg_proto;
117
118 enum {
119 TCP_DB,
120 DCCP_DB,
121 UDP_DB,
122 RAW_DB,
123 UNIX_DG_DB,
124 UNIX_ST_DB,
125 UNIX_SQ_DB,
126 PACKET_DG_DB,
127 PACKET_R_DB,
128 NETLINK_DB,
129 SCTP_DB,
130 VSOCK_ST_DB,
131 VSOCK_DG_DB,
132 MAX_DB
133 };
134
135 #define PACKET_DBM ((1<<PACKET_DG_DB)|(1<<PACKET_R_DB))
136 #define UNIX_DBM ((1<<UNIX_DG_DB)|(1<<UNIX_ST_DB)|(1<<UNIX_SQ_DB))
137 #define ALL_DB ((1<<MAX_DB)-1)
138 #define INET_L4_DBM ((1<<TCP_DB)|(1<<UDP_DB)|(1<<DCCP_DB)|(1<<SCTP_DB))
139 #define INET_DBM (INET_L4_DBM | (1<<RAW_DB))
140 #define VSOCK_DBM ((1<<VSOCK_ST_DB)|(1<<VSOCK_DG_DB))
141
142 enum {
143 SS_UNKNOWN,
144 SS_ESTABLISHED,
145 SS_SYN_SENT,
146 SS_SYN_RECV,
147 SS_FIN_WAIT1,
148 SS_FIN_WAIT2,
149 SS_TIME_WAIT,
150 SS_CLOSE,
151 SS_CLOSE_WAIT,
152 SS_LAST_ACK,
153 SS_LISTEN,
154 SS_CLOSING,
155 SS_MAX
156 };
157
158 enum {
159 SCTP_STATE_CLOSED = 0,
160 SCTP_STATE_COOKIE_WAIT = 1,
161 SCTP_STATE_COOKIE_ECHOED = 2,
162 SCTP_STATE_ESTABLISHED = 3,
163 SCTP_STATE_SHUTDOWN_PENDING = 4,
164 SCTP_STATE_SHUTDOWN_SENT = 5,
165 SCTP_STATE_SHUTDOWN_RECEIVED = 6,
166 SCTP_STATE_SHUTDOWN_ACK_SENT = 7,
167 };
168
169 #define SS_ALL ((1 << SS_MAX) - 1)
170 #define SS_CONN (SS_ALL & ~((1<<SS_LISTEN)|(1<<SS_CLOSE)|(1<<SS_TIME_WAIT)|(1<<SS_SYN_RECV)))
171
172 #include "ssfilter.h"
173
174 struct filter {
175 int dbs;
176 int states;
177 uint64_t families;
178 struct ssfilter *f;
179 bool kill;
180 };
181
182 #define FAMILY_MASK(family) ((uint64_t)1 << (family))
183
184 static const struct filter default_dbs[MAX_DB] = {
185 [TCP_DB] = {
186 .states = SS_CONN,
187 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
188 },
189 [DCCP_DB] = {
190 .states = SS_CONN,
191 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
192 },
193 [UDP_DB] = {
194 .states = (1 << SS_ESTABLISHED),
195 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
196 },
197 [RAW_DB] = {
198 .states = (1 << SS_ESTABLISHED),
199 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
200 },
201 [UNIX_DG_DB] = {
202 .states = (1 << SS_CLOSE),
203 .families = FAMILY_MASK(AF_UNIX),
204 },
205 [UNIX_ST_DB] = {
206 .states = SS_CONN,
207 .families = FAMILY_MASK(AF_UNIX),
208 },
209 [UNIX_SQ_DB] = {
210 .states = SS_CONN,
211 .families = FAMILY_MASK(AF_UNIX),
212 },
213 [PACKET_DG_DB] = {
214 .states = (1 << SS_CLOSE),
215 .families = FAMILY_MASK(AF_PACKET),
216 },
217 [PACKET_R_DB] = {
218 .states = (1 << SS_CLOSE),
219 .families = FAMILY_MASK(AF_PACKET),
220 },
221 [NETLINK_DB] = {
222 .states = (1 << SS_CLOSE),
223 .families = FAMILY_MASK(AF_NETLINK),
224 },
225 [SCTP_DB] = {
226 .states = SS_CONN,
227 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
228 },
229 [VSOCK_ST_DB] = {
230 .states = SS_CONN,
231 .families = FAMILY_MASK(AF_VSOCK),
232 },
233 [VSOCK_DG_DB] = {
234 .states = SS_CONN,
235 .families = FAMILY_MASK(AF_VSOCK),
236 },
237 };
238
239 static const struct filter default_afs[AF_MAX] = {
240 [AF_INET] = {
241 .dbs = INET_DBM,
242 .states = SS_CONN,
243 },
244 [AF_INET6] = {
245 .dbs = INET_DBM,
246 .states = SS_CONN,
247 },
248 [AF_UNIX] = {
249 .dbs = UNIX_DBM,
250 .states = SS_CONN,
251 },
252 [AF_PACKET] = {
253 .dbs = PACKET_DBM,
254 .states = (1 << SS_CLOSE),
255 },
256 [AF_NETLINK] = {
257 .dbs = (1 << NETLINK_DB),
258 .states = (1 << SS_CLOSE),
259 },
260 [AF_VSOCK] = {
261 .dbs = VSOCK_DBM,
262 .states = SS_CONN,
263 },
264 };
265
266 static int do_default = 1;
267 static struct filter current_filter;
268
269 static void filter_db_set(struct filter *f, int db)
270 {
271 f->states |= default_dbs[db].states;
272 f->dbs |= 1 << db;
273 do_default = 0;
274 }
275
276 static void filter_af_set(struct filter *f, int af)
277 {
278 f->states |= default_afs[af].states;
279 f->families |= FAMILY_MASK(af);
280 do_default = 0;
281 preferred_family = af;
282 }
283
284 static int filter_af_get(struct filter *f, int af)
285 {
286 return !!(f->families & FAMILY_MASK(af));
287 }
288
289 static void filter_default_dbs(struct filter *f)
290 {
291 filter_db_set(f, UDP_DB);
292 filter_db_set(f, DCCP_DB);
293 filter_db_set(f, TCP_DB);
294 filter_db_set(f, RAW_DB);
295 filter_db_set(f, UNIX_ST_DB);
296 filter_db_set(f, UNIX_DG_DB);
297 filter_db_set(f, UNIX_SQ_DB);
298 filter_db_set(f, PACKET_R_DB);
299 filter_db_set(f, PACKET_DG_DB);
300 filter_db_set(f, NETLINK_DB);
301 filter_db_set(f, SCTP_DB);
302 filter_db_set(f, VSOCK_ST_DB);
303 filter_db_set(f, VSOCK_DG_DB);
304 }
305
306 static void filter_states_set(struct filter *f, int states)
307 {
308 if (states)
309 f->states = states;
310 }
311
312 static void filter_merge_defaults(struct filter *f)
313 {
314 int db;
315 int af;
316
317 for (db = 0; db < MAX_DB; db++) {
318 if (!(f->dbs & (1 << db)))
319 continue;
320
321 if (!(default_dbs[db].families & f->families))
322 f->families |= default_dbs[db].families;
323 }
324 for (af = 0; af < AF_MAX; af++) {
325 if (!(f->families & FAMILY_MASK(af)))
326 continue;
327
328 if (!(default_afs[af].dbs & f->dbs))
329 f->dbs |= default_afs[af].dbs;
330 }
331 }
332
333 static FILE *generic_proc_open(const char *env, const char *name)
334 {
335 const char *p = getenv(env);
336 char store[128];
337
338 if (!p) {
339 p = getenv("PROC_ROOT") ? : "/proc";
340 snprintf(store, sizeof(store)-1, "%s/%s", p, name);
341 p = store;
342 }
343
344 return fopen(p, "r");
345 }
346 #define net_tcp_open() generic_proc_open("PROC_NET_TCP", "net/tcp")
347 #define net_tcp6_open() generic_proc_open("PROC_NET_TCP6", "net/tcp6")
348 #define net_udp_open() generic_proc_open("PROC_NET_UDP", "net/udp")
349 #define net_udp6_open() generic_proc_open("PROC_NET_UDP6", "net/udp6")
350 #define net_raw_open() generic_proc_open("PROC_NET_RAW", "net/raw")
351 #define net_raw6_open() generic_proc_open("PROC_NET_RAW6", "net/raw6")
352 #define net_unix_open() generic_proc_open("PROC_NET_UNIX", "net/unix")
353 #define net_packet_open() generic_proc_open("PROC_NET_PACKET", \
354 "net/packet")
355 #define net_netlink_open() generic_proc_open("PROC_NET_NETLINK", \
356 "net/netlink")
357 #define slabinfo_open() generic_proc_open("PROC_SLABINFO", "slabinfo")
358 #define net_sockstat_open() generic_proc_open("PROC_NET_SOCKSTAT", \
359 "net/sockstat")
360 #define net_sockstat6_open() generic_proc_open("PROC_NET_SOCKSTAT6", \
361 "net/sockstat6")
362 #define net_snmp_open() generic_proc_open("PROC_NET_SNMP", "net/snmp")
363 #define ephemeral_ports_open() generic_proc_open("PROC_IP_LOCAL_PORT_RANGE", \
364 "sys/net/ipv4/ip_local_port_range")
365
366 struct user_ent {
367 struct user_ent *next;
368 unsigned int ino;
369 int pid;
370 int fd;
371 char *process;
372 char *process_ctx;
373 char *socket_ctx;
374 };
375
376 #define USER_ENT_HASH_SIZE 256
377 struct user_ent *user_ent_hash[USER_ENT_HASH_SIZE];
378
379 static int user_ent_hashfn(unsigned int ino)
380 {
381 int val = (ino >> 24) ^ (ino >> 16) ^ (ino >> 8) ^ ino;
382
383 return val & (USER_ENT_HASH_SIZE - 1);
384 }
385
386 static void user_ent_add(unsigned int ino, char *process,
387 int pid, int fd,
388 char *proc_ctx,
389 char *sock_ctx)
390 {
391 struct user_ent *p, **pp;
392
393 p = malloc(sizeof(struct user_ent));
394 if (!p) {
395 fprintf(stderr, "ss: failed to malloc buffer\n");
396 abort();
397 }
398 p->next = NULL;
399 p->ino = ino;
400 p->pid = pid;
401 p->fd = fd;
402 p->process = strdup(process);
403 p->process_ctx = strdup(proc_ctx);
404 p->socket_ctx = strdup(sock_ctx);
405
406 pp = &user_ent_hash[user_ent_hashfn(ino)];
407 p->next = *pp;
408 *pp = p;
409 }
410
411 static void user_ent_destroy(void)
412 {
413 struct user_ent *p, *p_next;
414 int cnt = 0;
415
416 while (cnt != USER_ENT_HASH_SIZE) {
417 p = user_ent_hash[cnt];
418 while (p) {
419 free(p->process);
420 free(p->process_ctx);
421 free(p->socket_ctx);
422 p_next = p->next;
423 free(p);
424 p = p_next;
425 }
426 cnt++;
427 }
428 }
429
430 static void user_ent_hash_build(void)
431 {
432 const char *root = getenv("PROC_ROOT") ? : "/proc/";
433 struct dirent *d;
434 char name[1024];
435 int nameoff;
436 DIR *dir;
437 char *pid_context;
438 char *sock_context;
439 const char *no_ctx = "unavailable";
440 static int user_ent_hash_build_init;
441
442 /* If show_users & show_proc_ctx set only do this once */
443 if (user_ent_hash_build_init != 0)
444 return;
445
446 user_ent_hash_build_init = 1;
447
448 strlcpy(name, root, sizeof(name));
449
450 if (strlen(name) == 0 || name[strlen(name)-1] != '/')
451 strcat(name, "/");
452
453 nameoff = strlen(name);
454
455 dir = opendir(name);
456 if (!dir)
457 return;
458
459 while ((d = readdir(dir)) != NULL) {
460 struct dirent *d1;
461 char process[16];
462 char *p;
463 int pid, pos;
464 DIR *dir1;
465 char crap;
466
467 if (sscanf(d->d_name, "%d%c", &pid, &crap) != 1)
468 continue;
469
470 if (getpidcon(pid, &pid_context) != 0)
471 pid_context = strdup(no_ctx);
472
473 snprintf(name + nameoff, sizeof(name) - nameoff, "%d/fd/", pid);
474 pos = strlen(name);
475 if ((dir1 = opendir(name)) == NULL) {
476 free(pid_context);
477 continue;
478 }
479
480 process[0] = '\0';
481 p = process;
482
483 while ((d1 = readdir(dir1)) != NULL) {
484 const char *pattern = "socket:[";
485 unsigned int ino;
486 char lnk[64];
487 int fd;
488 ssize_t link_len;
489 char tmp[1024];
490
491 if (sscanf(d1->d_name, "%d%c", &fd, &crap) != 1)
492 continue;
493
494 snprintf(name+pos, sizeof(name) - pos, "%d", fd);
495
496 link_len = readlink(name, lnk, sizeof(lnk)-1);
497 if (link_len == -1)
498 continue;
499 lnk[link_len] = '\0';
500
501 if (strncmp(lnk, pattern, strlen(pattern)))
502 continue;
503
504 sscanf(lnk, "socket:[%u]", &ino);
505
506 snprintf(tmp, sizeof(tmp), "%s/%d/fd/%s",
507 root, pid, d1->d_name);
508
509 if (getfilecon(tmp, &sock_context) <= 0)
510 sock_context = strdup(no_ctx);
511
512 if (*p == '\0') {
513 FILE *fp;
514
515 snprintf(tmp, sizeof(tmp), "%s/%d/stat",
516 root, pid);
517 if ((fp = fopen(tmp, "r")) != NULL) {
518 if (fscanf(fp, "%*d (%[^)])", p) < 1)
519 ; /* ignore */
520 fclose(fp);
521 }
522 }
523 user_ent_add(ino, p, pid, fd,
524 pid_context, sock_context);
525 free(sock_context);
526 }
527 free(pid_context);
528 closedir(dir1);
529 }
530 closedir(dir);
531 }
532
533 enum entry_types {
534 USERS,
535 PROC_CTX,
536 PROC_SOCK_CTX
537 };
538
539 #define ENTRY_BUF_SIZE 512
540 static int find_entry(unsigned int ino, char **buf, int type)
541 {
542 struct user_ent *p;
543 int cnt = 0;
544 char *ptr;
545 char *new_buf;
546 int len, new_buf_len;
547 int buf_used = 0;
548 int buf_len = 0;
549
550 if (!ino)
551 return 0;
552
553 p = user_ent_hash[user_ent_hashfn(ino)];
554 ptr = *buf = NULL;
555 while (p) {
556 if (p->ino != ino)
557 goto next;
558
559 while (1) {
560 ptr = *buf + buf_used;
561 switch (type) {
562 case USERS:
563 len = snprintf(ptr, buf_len - buf_used,
564 "(\"%s\",pid=%d,fd=%d),",
565 p->process, p->pid, p->fd);
566 break;
567 case PROC_CTX:
568 len = snprintf(ptr, buf_len - buf_used,
569 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d),",
570 p->process, p->pid,
571 p->process_ctx, p->fd);
572 break;
573 case PROC_SOCK_CTX:
574 len = snprintf(ptr, buf_len - buf_used,
575 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d,sock_ctx=%s),",
576 p->process, p->pid,
577 p->process_ctx, p->fd,
578 p->socket_ctx);
579 break;
580 default:
581 fprintf(stderr, "ss: invalid type: %d\n", type);
582 abort();
583 }
584
585 if (len < 0 || len >= buf_len - buf_used) {
586 new_buf_len = buf_len + ENTRY_BUF_SIZE;
587 new_buf = realloc(*buf, new_buf_len);
588 if (!new_buf) {
589 fprintf(stderr, "ss: failed to malloc buffer\n");
590 abort();
591 }
592 *buf = new_buf;
593 buf_len = new_buf_len;
594 continue;
595 } else {
596 buf_used += len;
597 break;
598 }
599 }
600 cnt++;
601 next:
602 p = p->next;
603 }
604 if (buf_used) {
605 ptr = *buf + buf_used;
606 ptr[-1] = '\0';
607 }
608 return cnt;
609 }
610
611 /* Get stats from slab */
612
613 struct slabstat {
614 int socks;
615 int tcp_ports;
616 int tcp_tws;
617 int tcp_syns;
618 int skbs;
619 };
620
621 static struct slabstat slabstat;
622
623 static int get_slabstat(struct slabstat *s)
624 {
625 char buf[256];
626 FILE *fp;
627 int cnt;
628 static int slabstat_valid;
629 static const char * const slabstat_ids[] = {
630 "sock",
631 "tcp_bind_bucket",
632 "tcp_tw_bucket",
633 "tcp_open_request",
634 "skbuff_head_cache",
635 };
636
637 if (slabstat_valid)
638 return 0;
639
640 memset(s, 0, sizeof(*s));
641
642 fp = slabinfo_open();
643 if (!fp)
644 return -1;
645
646 cnt = sizeof(*s)/sizeof(int);
647
648 if (!fgets(buf, sizeof(buf), fp)) {
649 fclose(fp);
650 return -1;
651 }
652 while (fgets(buf, sizeof(buf), fp) != NULL) {
653 int i;
654
655 for (i = 0; i < ARRAY_SIZE(slabstat_ids); i++) {
656 if (memcmp(buf, slabstat_ids[i], strlen(slabstat_ids[i])) == 0) {
657 sscanf(buf, "%*s%d", ((int *)s) + i);
658 cnt--;
659 break;
660 }
661 }
662 if (cnt <= 0)
663 break;
664 }
665
666 slabstat_valid = 1;
667
668 fclose(fp);
669 return 0;
670 }
671
672 static unsigned long long cookie_sk_get(const uint32_t *cookie)
673 {
674 return (((unsigned long long)cookie[1] << 31) << 1) | cookie[0];
675 }
676
677 static const char *sctp_sstate_name[] = {
678 [SCTP_STATE_CLOSED] = "CLOSED",
679 [SCTP_STATE_COOKIE_WAIT] = "COOKIE_WAIT",
680 [SCTP_STATE_COOKIE_ECHOED] = "COOKIE_ECHOED",
681 [SCTP_STATE_ESTABLISHED] = "ESTAB",
682 [SCTP_STATE_SHUTDOWN_PENDING] = "SHUTDOWN_PENDING",
683 [SCTP_STATE_SHUTDOWN_SENT] = "SHUTDOWN_SENT",
684 [SCTP_STATE_SHUTDOWN_RECEIVED] = "SHUTDOWN_RECEIVED",
685 [SCTP_STATE_SHUTDOWN_ACK_SENT] = "ACK_SENT",
686 };
687
688 struct sockstat {
689 struct sockstat *next;
690 unsigned int type;
691 uint16_t prot;
692 uint16_t raw_prot;
693 inet_prefix local;
694 inet_prefix remote;
695 int lport;
696 int rport;
697 int state;
698 int rq, wq;
699 unsigned int ino;
700 unsigned int uid;
701 int refcnt;
702 unsigned int iface;
703 unsigned long long sk;
704 char *name;
705 char *peer_name;
706 __u32 mark;
707 };
708
709 struct dctcpstat {
710 unsigned int ce_state;
711 unsigned int alpha;
712 unsigned int ab_ecn;
713 unsigned int ab_tot;
714 bool enabled;
715 };
716
717 struct tcpstat {
718 struct sockstat ss;
719 unsigned int timer;
720 unsigned int timeout;
721 int probes;
722 char cong_alg[16];
723 double rto, ato, rtt, rttvar;
724 int qack, ssthresh, backoff;
725 double send_bps;
726 int snd_wscale;
727 int rcv_wscale;
728 int mss;
729 int rcv_mss;
730 int advmss;
731 unsigned int cwnd;
732 unsigned int lastsnd;
733 unsigned int lastrcv;
734 unsigned int lastack;
735 double pacing_rate;
736 double pacing_rate_max;
737 double delivery_rate;
738 unsigned long long bytes_acked;
739 unsigned long long bytes_received;
740 unsigned int segs_out;
741 unsigned int segs_in;
742 unsigned int data_segs_out;
743 unsigned int data_segs_in;
744 unsigned int unacked;
745 unsigned int retrans;
746 unsigned int retrans_total;
747 unsigned int lost;
748 unsigned int sacked;
749 unsigned int fackets;
750 unsigned int reordering;
751 unsigned int not_sent;
752 double rcv_rtt;
753 double min_rtt;
754 int rcv_space;
755 unsigned long long busy_time;
756 unsigned long long rwnd_limited;
757 unsigned long long sndbuf_limited;
758 bool has_ts_opt;
759 bool has_sack_opt;
760 bool has_ecn_opt;
761 bool has_ecnseen_opt;
762 bool has_fastopen_opt;
763 bool has_wscale_opt;
764 bool app_limited;
765 struct dctcpstat *dctcp;
766 struct tcp_bbr_info *bbr_info;
767 };
768
769 /* SCTP assocs share the same inode number with their parent endpoint. So if we
770 * have seen the inode number before, it must be an assoc instead of the next
771 * endpoint. */
772 static bool is_sctp_assoc(struct sockstat *s, const char *sock_name)
773 {
774 if (strcmp(sock_name, "sctp"))
775 return false;
776 if (!sctp_ino || sctp_ino != s->ino)
777 return false;
778 return true;
779 }
780
781 static const char *unix_netid_name(int type)
782 {
783 switch (type) {
784 case SOCK_STREAM:
785 return "u_str";
786 case SOCK_SEQPACKET:
787 return "u_seq";
788 case SOCK_DGRAM:
789 default:
790 return "u_dgr";
791 }
792 }
793
794 static const char *proto_name(int protocol)
795 {
796 switch (protocol) {
797 case 0:
798 return "raw";
799 case IPPROTO_UDP:
800 return "udp";
801 case IPPROTO_TCP:
802 return "tcp";
803 case IPPROTO_SCTP:
804 return "sctp";
805 case IPPROTO_DCCP:
806 return "dccp";
807 case IPPROTO_ICMPV6:
808 return "icmp6";
809 }
810
811 return "???";
812 }
813
814 static const char *vsock_netid_name(int type)
815 {
816 switch (type) {
817 case SOCK_STREAM:
818 return "v_str";
819 case SOCK_DGRAM:
820 return "v_dgr";
821 default:
822 return "???";
823 }
824 }
825
826 static void sock_state_print(struct sockstat *s)
827 {
828 const char *sock_name;
829 static const char * const sstate_name[] = {
830 "UNKNOWN",
831 [SS_ESTABLISHED] = "ESTAB",
832 [SS_SYN_SENT] = "SYN-SENT",
833 [SS_SYN_RECV] = "SYN-RECV",
834 [SS_FIN_WAIT1] = "FIN-WAIT-1",
835 [SS_FIN_WAIT2] = "FIN-WAIT-2",
836 [SS_TIME_WAIT] = "TIME-WAIT",
837 [SS_CLOSE] = "UNCONN",
838 [SS_CLOSE_WAIT] = "CLOSE-WAIT",
839 [SS_LAST_ACK] = "LAST-ACK",
840 [SS_LISTEN] = "LISTEN",
841 [SS_CLOSING] = "CLOSING",
842 };
843
844 switch (s->local.family) {
845 case AF_UNIX:
846 sock_name = unix_netid_name(s->type);
847 break;
848 case AF_INET:
849 case AF_INET6:
850 sock_name = proto_name(s->type);
851 break;
852 case AF_PACKET:
853 sock_name = s->type == SOCK_RAW ? "p_raw" : "p_dgr";
854 break;
855 case AF_NETLINK:
856 sock_name = "nl";
857 break;
858 case AF_VSOCK:
859 sock_name = vsock_netid_name(s->type);
860 break;
861 default:
862 sock_name = "unknown";
863 }
864
865 if (netid_width)
866 printf("%-*s ", netid_width,
867 is_sctp_assoc(s, sock_name) ? "" : sock_name);
868 if (state_width) {
869 if (is_sctp_assoc(s, sock_name))
870 printf("`- %-*s ", state_width - 3,
871 sctp_sstate_name[s->state]);
872 else
873 printf("%-*s ", state_width, sstate_name[s->state]);
874 }
875
876 printf("%-6d %-6d ", s->rq, s->wq);
877 }
878
879 static void sock_details_print(struct sockstat *s)
880 {
881 if (s->uid)
882 printf(" uid:%u", s->uid);
883
884 printf(" ino:%u", s->ino);
885 printf(" sk:%llx", s->sk);
886
887 if (s->mark)
888 printf(" fwmark:0x%x", s->mark);
889 }
890
891 static void sock_addr_print_width(int addr_len, const char *addr, char *delim,
892 int port_len, const char *port, const char *ifname)
893 {
894 if (ifname) {
895 printf("%*s%%%s%s%-*s ", addr_len, addr, ifname, delim,
896 port_len, port);
897 } else {
898 printf("%*s%s%-*s ", addr_len, addr, delim, port_len, port);
899 }
900 }
901
902 static void sock_addr_print(const char *addr, char *delim, const char *port,
903 const char *ifname)
904 {
905 sock_addr_print_width(addr_width, addr, delim, serv_width, port, ifname);
906 }
907
908 static const char *print_ms_timer(unsigned int timeout)
909 {
910 static char buf[64];
911 int secs, msecs, minutes;
912
913 secs = timeout/1000;
914 minutes = secs/60;
915 secs = secs%60;
916 msecs = timeout%1000;
917 buf[0] = 0;
918 if (minutes) {
919 msecs = 0;
920 snprintf(buf, sizeof(buf)-16, "%dmin", minutes);
921 if (minutes > 9)
922 secs = 0;
923 }
924 if (secs) {
925 if (secs > 9)
926 msecs = 0;
927 sprintf(buf+strlen(buf), "%d%s", secs, msecs ? "." : "sec");
928 }
929 if (msecs)
930 sprintf(buf+strlen(buf), "%03dms", msecs);
931 return buf;
932 }
933
934 struct scache {
935 struct scache *next;
936 int port;
937 char *name;
938 const char *proto;
939 };
940
941 struct scache *rlist;
942
943 static void init_service_resolver(void)
944 {
945 char buf[128];
946 FILE *fp = popen("/usr/sbin/rpcinfo -p 2>/dev/null", "r");
947
948 if (!fp)
949 return;
950
951 if (!fgets(buf, sizeof(buf), fp)) {
952 pclose(fp);
953 return;
954 }
955 while (fgets(buf, sizeof(buf), fp) != NULL) {
956 unsigned int progn, port;
957 char proto[128], prog[128] = "rpc.";
958 struct scache *c;
959
960 if (sscanf(buf, "%u %*d %s %u %s",
961 &progn, proto, &port, prog+4) != 4)
962 continue;
963
964 if (!(c = malloc(sizeof(*c))))
965 continue;
966
967 c->port = port;
968 c->name = strdup(prog);
969 if (strcmp(proto, TCP_PROTO) == 0)
970 c->proto = TCP_PROTO;
971 else if (strcmp(proto, UDP_PROTO) == 0)
972 c->proto = UDP_PROTO;
973 else if (strcmp(proto, SCTP_PROTO) == 0)
974 c->proto = SCTP_PROTO;
975 else
976 c->proto = NULL;
977 c->next = rlist;
978 rlist = c;
979 }
980 pclose(fp);
981 }
982
983 /* Even do not try default linux ephemeral port ranges:
984 * default /etc/services contains so much of useless crap
985 * wouldbe "allocated" to this area that resolution
986 * is really harmful. I shrug each time when seeing
987 * "socks" or "cfinger" in dumps.
988 */
989 static int is_ephemeral(int port)
990 {
991 static int min = 0, max;
992
993 if (!min) {
994 FILE *f = ephemeral_ports_open();
995
996 if (!f || fscanf(f, "%d %d", &min, &max) < 2) {
997 min = 1024;
998 max = 4999;
999 }
1000 if (f)
1001 fclose(f);
1002 }
1003 return port >= min && port <= max;
1004 }
1005
1006
1007 static const char *__resolve_service(int port)
1008 {
1009 struct scache *c;
1010
1011 for (c = rlist; c; c = c->next) {
1012 if (c->port == port && c->proto == dg_proto)
1013 return c->name;
1014 }
1015
1016 if (!is_ephemeral(port)) {
1017 static int notfirst;
1018 struct servent *se;
1019
1020 if (!notfirst) {
1021 setservent(1);
1022 notfirst = 1;
1023 }
1024 se = getservbyport(htons(port), dg_proto);
1025 if (se)
1026 return se->s_name;
1027 }
1028
1029 return NULL;
1030 }
1031
1032 #define SCACHE_BUCKETS 1024
1033 static struct scache *cache_htab[SCACHE_BUCKETS];
1034
1035 static const char *resolve_service(int port)
1036 {
1037 static char buf[128];
1038 struct scache *c;
1039 const char *res;
1040 int hash;
1041
1042 if (port == 0) {
1043 buf[0] = '*';
1044 buf[1] = 0;
1045 return buf;
1046 }
1047
1048 if (!resolve_services)
1049 goto do_numeric;
1050
1051 if (dg_proto == RAW_PROTO)
1052 return inet_proto_n2a(port, buf, sizeof(buf));
1053
1054
1055 hash = (port^(((unsigned long)dg_proto)>>2)) % SCACHE_BUCKETS;
1056
1057 for (c = cache_htab[hash]; c; c = c->next) {
1058 if (c->port == port && c->proto == dg_proto)
1059 goto do_cache;
1060 }
1061
1062 c = malloc(sizeof(*c));
1063 if (!c)
1064 goto do_numeric;
1065 res = __resolve_service(port);
1066 c->port = port;
1067 c->name = res ? strdup(res) : NULL;
1068 c->proto = dg_proto;
1069 c->next = cache_htab[hash];
1070 cache_htab[hash] = c;
1071
1072 do_cache:
1073 if (c->name)
1074 return c->name;
1075
1076 do_numeric:
1077 sprintf(buf, "%u", port);
1078 return buf;
1079 }
1080
1081 static void inet_addr_print(const inet_prefix *a, int port,
1082 unsigned int ifindex, bool v6only)
1083 {
1084 char buf[1024];
1085 const char *ap = buf;
1086 int est_len = addr_width;
1087 const char *ifname = NULL;
1088
1089 if (a->family == AF_INET) {
1090 ap = format_host(AF_INET, 4, a->data);
1091 } else {
1092 if (!v6only &&
1093 !memcmp(a->data, &in6addr_any, sizeof(in6addr_any))) {
1094 buf[0] = '*';
1095 buf[1] = 0;
1096 } else {
1097 ap = format_host(a->family, 16, a->data);
1098
1099 /* Numeric IPv6 addresses should be bracketed */
1100 if (strchr(ap, ':')) {
1101 snprintf(buf, sizeof(buf),
1102 "[%s]", ap);
1103 ap = buf;
1104 }
1105
1106 est_len = strlen(ap);
1107 if (est_len <= addr_width)
1108 est_len = addr_width;
1109 else
1110 est_len = addr_width + ((est_len-addr_width+3)/4)*4;
1111 }
1112 }
1113
1114 if (ifindex) {
1115 ifname = ll_index_to_name(ifindex);
1116 est_len -= strlen(ifname) + 1; /* +1 for percent char */
1117 if (est_len < 0)
1118 est_len = 0;
1119 }
1120
1121 sock_addr_print_width(est_len, ap, ":", serv_width, resolve_service(port),
1122 ifname);
1123 }
1124
1125 struct aafilter {
1126 inet_prefix addr;
1127 int port;
1128 unsigned int iface;
1129 __u32 mark;
1130 __u32 mask;
1131 struct aafilter *next;
1132 };
1133
1134 static int inet2_addr_match(const inet_prefix *a, const inet_prefix *p,
1135 int plen)
1136 {
1137 if (!inet_addr_match(a, p, plen))
1138 return 0;
1139
1140 /* Cursed "v4 mapped" addresses: v4 mapped socket matches
1141 * pure IPv4 rule, but v4-mapped rule selects only v4-mapped
1142 * sockets. Fair? */
1143 if (p->family == AF_INET && a->family == AF_INET6) {
1144 if (a->data[0] == 0 && a->data[1] == 0 &&
1145 a->data[2] == htonl(0xffff)) {
1146 inet_prefix tmp = *a;
1147
1148 tmp.data[0] = a->data[3];
1149 return inet_addr_match(&tmp, p, plen);
1150 }
1151 }
1152 return 1;
1153 }
1154
1155 static int unix_match(const inet_prefix *a, const inet_prefix *p)
1156 {
1157 char *addr, *pattern;
1158
1159 memcpy(&addr, a->data, sizeof(addr));
1160 memcpy(&pattern, p->data, sizeof(pattern));
1161 if (pattern == NULL)
1162 return 1;
1163 if (addr == NULL)
1164 addr = "";
1165 return !fnmatch(pattern, addr, 0);
1166 }
1167
1168 static int run_ssfilter(struct ssfilter *f, struct sockstat *s)
1169 {
1170 switch (f->type) {
1171 case SSF_S_AUTO:
1172 {
1173 if (s->local.family == AF_UNIX) {
1174 char *p;
1175
1176 memcpy(&p, s->local.data, sizeof(p));
1177 return p == NULL || (p[0] == '@' && strlen(p) == 6 &&
1178 strspn(p+1, "0123456789abcdef") == 5);
1179 }
1180 if (s->local.family == AF_PACKET)
1181 return s->lport == 0 && s->local.data[0] == 0;
1182 if (s->local.family == AF_NETLINK)
1183 return s->lport < 0;
1184 if (s->local.family == AF_VSOCK)
1185 return s->lport > 1023;
1186
1187 return is_ephemeral(s->lport);
1188 }
1189 case SSF_DCOND:
1190 {
1191 struct aafilter *a = (void *)f->pred;
1192
1193 if (a->addr.family == AF_UNIX)
1194 return unix_match(&s->remote, &a->addr);
1195 if (a->port != -1 && a->port != s->rport)
1196 return 0;
1197 if (a->addr.bitlen) {
1198 do {
1199 if (!inet2_addr_match(&s->remote, &a->addr, a->addr.bitlen))
1200 return 1;
1201 } while ((a = a->next) != NULL);
1202 return 0;
1203 }
1204 return 1;
1205 }
1206 case SSF_SCOND:
1207 {
1208 struct aafilter *a = (void *)f->pred;
1209
1210 if (a->addr.family == AF_UNIX)
1211 return unix_match(&s->local, &a->addr);
1212 if (a->port != -1 && a->port != s->lport)
1213 return 0;
1214 if (a->addr.bitlen) {
1215 do {
1216 if (!inet2_addr_match(&s->local, &a->addr, a->addr.bitlen))
1217 return 1;
1218 } while ((a = a->next) != NULL);
1219 return 0;
1220 }
1221 return 1;
1222 }
1223 case SSF_D_GE:
1224 {
1225 struct aafilter *a = (void *)f->pred;
1226
1227 return s->rport >= a->port;
1228 }
1229 case SSF_D_LE:
1230 {
1231 struct aafilter *a = (void *)f->pred;
1232
1233 return s->rport <= a->port;
1234 }
1235 case SSF_S_GE:
1236 {
1237 struct aafilter *a = (void *)f->pred;
1238
1239 return s->lport >= a->port;
1240 }
1241 case SSF_S_LE:
1242 {
1243 struct aafilter *a = (void *)f->pred;
1244
1245 return s->lport <= a->port;
1246 }
1247 case SSF_DEVCOND:
1248 {
1249 struct aafilter *a = (void *)f->pred;
1250
1251 return s->iface == a->iface;
1252 }
1253 case SSF_MARKMASK:
1254 {
1255 struct aafilter *a = (void *)f->pred;
1256
1257 return (s->mark & a->mask) == a->mark;
1258 }
1259 /* Yup. It is recursion. Sorry. */
1260 case SSF_AND:
1261 return run_ssfilter(f->pred, s) && run_ssfilter(f->post, s);
1262 case SSF_OR:
1263 return run_ssfilter(f->pred, s) || run_ssfilter(f->post, s);
1264 case SSF_NOT:
1265 return !run_ssfilter(f->pred, s);
1266 default:
1267 abort();
1268 }
1269 }
1270
1271 /* Relocate external jumps by reloc. */
1272 static void ssfilter_patch(char *a, int len, int reloc)
1273 {
1274 while (len > 0) {
1275 struct inet_diag_bc_op *op = (struct inet_diag_bc_op *)a;
1276
1277 if (op->no == len+4)
1278 op->no += reloc;
1279 len -= op->yes;
1280 a += op->yes;
1281 }
1282 if (len < 0)
1283 abort();
1284 }
1285
1286 static int ssfilter_bytecompile(struct ssfilter *f, char **bytecode)
1287 {
1288 switch (f->type) {
1289 case SSF_S_AUTO:
1290 {
1291 if (!(*bytecode = malloc(4))) abort();
1292 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_AUTO, 4, 8 };
1293 return 4;
1294 }
1295 case SSF_DCOND:
1296 case SSF_SCOND:
1297 {
1298 struct aafilter *a = (void *)f->pred;
1299 struct aafilter *b;
1300 char *ptr;
1301 int code = (f->type == SSF_DCOND ? INET_DIAG_BC_D_COND : INET_DIAG_BC_S_COND);
1302 int len = 0;
1303
1304 for (b = a; b; b = b->next) {
1305 len += 4 + sizeof(struct inet_diag_hostcond);
1306 if (a->addr.family == AF_INET6)
1307 len += 16;
1308 else
1309 len += 4;
1310 if (b->next)
1311 len += 4;
1312 }
1313 if (!(ptr = malloc(len))) abort();
1314 *bytecode = ptr;
1315 for (b = a; b; b = b->next) {
1316 struct inet_diag_bc_op *op = (struct inet_diag_bc_op *)ptr;
1317 int alen = (a->addr.family == AF_INET6 ? 16 : 4);
1318 int oplen = alen + 4 + sizeof(struct inet_diag_hostcond);
1319 struct inet_diag_hostcond *cond = (struct inet_diag_hostcond *)(ptr+4);
1320
1321 *op = (struct inet_diag_bc_op){ code, oplen, oplen+4 };
1322 cond->family = a->addr.family;
1323 cond->port = a->port;
1324 cond->prefix_len = a->addr.bitlen;
1325 memcpy(cond->addr, a->addr.data, alen);
1326 ptr += oplen;
1327 if (b->next) {
1328 op = (struct inet_diag_bc_op *)ptr;
1329 *op = (struct inet_diag_bc_op){ INET_DIAG_BC_JMP, 4, len - (ptr-*bytecode)};
1330 ptr += 4;
1331 }
1332 }
1333 return ptr - *bytecode;
1334 }
1335 case SSF_D_GE:
1336 {
1337 struct aafilter *x = (void *)f->pred;
1338
1339 if (!(*bytecode = malloc(8))) abort();
1340 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_D_GE, 8, 12 };
1341 ((struct inet_diag_bc_op *)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1342 return 8;
1343 }
1344 case SSF_D_LE:
1345 {
1346 struct aafilter *x = (void *)f->pred;
1347
1348 if (!(*bytecode = malloc(8))) abort();
1349 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_D_LE, 8, 12 };
1350 ((struct inet_diag_bc_op *)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1351 return 8;
1352 }
1353 case SSF_S_GE:
1354 {
1355 struct aafilter *x = (void *)f->pred;
1356
1357 if (!(*bytecode = malloc(8))) abort();
1358 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_S_GE, 8, 12 };
1359 ((struct inet_diag_bc_op *)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1360 return 8;
1361 }
1362 case SSF_S_LE:
1363 {
1364 struct aafilter *x = (void *)f->pred;
1365
1366 if (!(*bytecode = malloc(8))) abort();
1367 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_S_LE, 8, 12 };
1368 ((struct inet_diag_bc_op *)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1369 return 8;
1370 }
1371
1372 case SSF_AND:
1373 {
1374 char *a1 = NULL, *a2 = NULL, *a;
1375 int l1, l2;
1376
1377 l1 = ssfilter_bytecompile(f->pred, &a1);
1378 l2 = ssfilter_bytecompile(f->post, &a2);
1379 if (!l1 || !l2) {
1380 free(a1);
1381 free(a2);
1382 return 0;
1383 }
1384 if (!(a = malloc(l1+l2))) abort();
1385 memcpy(a, a1, l1);
1386 memcpy(a+l1, a2, l2);
1387 free(a1); free(a2);
1388 ssfilter_patch(a, l1, l2);
1389 *bytecode = a;
1390 return l1+l2;
1391 }
1392 case SSF_OR:
1393 {
1394 char *a1 = NULL, *a2 = NULL, *a;
1395 int l1, l2;
1396
1397 l1 = ssfilter_bytecompile(f->pred, &a1);
1398 l2 = ssfilter_bytecompile(f->post, &a2);
1399 if (!l1 || !l2) {
1400 free(a1);
1401 free(a2);
1402 return 0;
1403 }
1404 if (!(a = malloc(l1+l2+4))) abort();
1405 memcpy(a, a1, l1);
1406 memcpy(a+l1+4, a2, l2);
1407 free(a1); free(a2);
1408 *(struct inet_diag_bc_op *)(a+l1) = (struct inet_diag_bc_op){ INET_DIAG_BC_JMP, 4, l2+4 };
1409 *bytecode = a;
1410 return l1+l2+4;
1411 }
1412 case SSF_NOT:
1413 {
1414 char *a1 = NULL, *a;
1415 int l1;
1416
1417 l1 = ssfilter_bytecompile(f->pred, &a1);
1418 if (!l1) {
1419 free(a1);
1420 return 0;
1421 }
1422 if (!(a = malloc(l1+4))) abort();
1423 memcpy(a, a1, l1);
1424 free(a1);
1425 *(struct inet_diag_bc_op *)(a+l1) = (struct inet_diag_bc_op){ INET_DIAG_BC_JMP, 4, 8 };
1426 *bytecode = a;
1427 return l1+4;
1428 }
1429 case SSF_DEVCOND:
1430 {
1431 /* bytecompile for SSF_DEVCOND not supported yet */
1432 return 0;
1433 }
1434 case SSF_MARKMASK:
1435 {
1436 struct aafilter *a = (void *)f->pred;
1437 struct instr {
1438 struct inet_diag_bc_op op;
1439 struct inet_diag_markcond cond;
1440 };
1441 int inslen = sizeof(struct instr);
1442
1443 if (!(*bytecode = malloc(inslen))) abort();
1444 ((struct instr *)*bytecode)[0] = (struct instr) {
1445 { INET_DIAG_BC_MARK_COND, inslen, inslen + 4 },
1446 { a->mark, a->mask},
1447 };
1448
1449 return inslen;
1450 }
1451 default:
1452 abort();
1453 }
1454 }
1455
1456 static int remember_he(struct aafilter *a, struct hostent *he)
1457 {
1458 char **ptr = he->h_addr_list;
1459 int cnt = 0;
1460 int len;
1461
1462 if (he->h_addrtype == AF_INET)
1463 len = 4;
1464 else if (he->h_addrtype == AF_INET6)
1465 len = 16;
1466 else
1467 return 0;
1468
1469 while (*ptr) {
1470 struct aafilter *b = a;
1471
1472 if (a->addr.bitlen) {
1473 if ((b = malloc(sizeof(*b))) == NULL)
1474 return cnt;
1475 *b = *a;
1476 a->next = b;
1477 }
1478 memcpy(b->addr.data, *ptr, len);
1479 b->addr.bytelen = len;
1480 b->addr.bitlen = len*8;
1481 b->addr.family = he->h_addrtype;
1482 ptr++;
1483 cnt++;
1484 }
1485 return cnt;
1486 }
1487
1488 static int get_dns_host(struct aafilter *a, const char *addr, int fam)
1489 {
1490 static int notfirst;
1491 int cnt = 0;
1492 struct hostent *he;
1493
1494 a->addr.bitlen = 0;
1495 if (!notfirst) {
1496 sethostent(1);
1497 notfirst = 1;
1498 }
1499 he = gethostbyname2(addr, fam == AF_UNSPEC ? AF_INET : fam);
1500 if (he)
1501 cnt = remember_he(a, he);
1502 if (fam == AF_UNSPEC) {
1503 he = gethostbyname2(addr, AF_INET6);
1504 if (he)
1505 cnt += remember_he(a, he);
1506 }
1507 return !cnt;
1508 }
1509
1510 static int xll_initted;
1511
1512 static void xll_init(void)
1513 {
1514 struct rtnl_handle rth;
1515
1516 if (rtnl_open(&rth, 0) < 0)
1517 exit(1);
1518
1519 ll_init_map(&rth);
1520 rtnl_close(&rth);
1521 xll_initted = 1;
1522 }
1523
1524 static const char *xll_index_to_name(int index)
1525 {
1526 if (!xll_initted)
1527 xll_init();
1528 return ll_index_to_name(index);
1529 }
1530
1531 static int xll_name_to_index(const char *dev)
1532 {
1533 if (!xll_initted)
1534 xll_init();
1535 return ll_name_to_index(dev);
1536 }
1537
1538 void *parse_devcond(char *name)
1539 {
1540 struct aafilter a = { .iface = 0 };
1541 struct aafilter *res;
1542
1543 a.iface = xll_name_to_index(name);
1544 if (a.iface == 0) {
1545 char *end;
1546 unsigned long n;
1547
1548 n = strtoul(name, &end, 0);
1549 if (!end || end == name || *end || n > UINT_MAX)
1550 return NULL;
1551
1552 a.iface = n;
1553 }
1554
1555 res = malloc(sizeof(*res));
1556 *res = a;
1557
1558 return res;
1559 }
1560
1561 static void vsock_set_inet_prefix(inet_prefix *a, __u32 cid)
1562 {
1563 *a = (inet_prefix){
1564 .bytelen = sizeof(cid),
1565 .family = AF_VSOCK,
1566 };
1567 memcpy(a->data, &cid, sizeof(cid));
1568 }
1569
1570 void *parse_hostcond(char *addr, bool is_port)
1571 {
1572 char *port = NULL;
1573 struct aafilter a = { .port = -1 };
1574 struct aafilter *res;
1575 int fam = preferred_family;
1576 struct filter *f = &current_filter;
1577
1578 if (fam == AF_UNIX || strncmp(addr, "unix:", 5) == 0) {
1579 char *p;
1580
1581 a.addr.family = AF_UNIX;
1582 if (strncmp(addr, "unix:", 5) == 0)
1583 addr += 5;
1584 p = strdup(addr);
1585 a.addr.bitlen = 8*strlen(p);
1586 memcpy(a.addr.data, &p, sizeof(p));
1587 fam = AF_UNIX;
1588 goto out;
1589 }
1590
1591 if (fam == AF_PACKET || strncmp(addr, "link:", 5) == 0) {
1592 a.addr.family = AF_PACKET;
1593 a.addr.bitlen = 0;
1594 if (strncmp(addr, "link:", 5) == 0)
1595 addr += 5;
1596 port = strchr(addr, ':');
1597 if (port) {
1598 *port = 0;
1599 if (port[1] && strcmp(port+1, "*")) {
1600 if (get_integer(&a.port, port+1, 0)) {
1601 if ((a.port = xll_name_to_index(port+1)) <= 0)
1602 return NULL;
1603 }
1604 }
1605 }
1606 if (addr[0] && strcmp(addr, "*")) {
1607 unsigned short tmp;
1608
1609 a.addr.bitlen = 32;
1610 if (ll_proto_a2n(&tmp, addr))
1611 return NULL;
1612 a.addr.data[0] = ntohs(tmp);
1613 }
1614 fam = AF_PACKET;
1615 goto out;
1616 }
1617
1618 if (fam == AF_NETLINK || strncmp(addr, "netlink:", 8) == 0) {
1619 a.addr.family = AF_NETLINK;
1620 a.addr.bitlen = 0;
1621 if (strncmp(addr, "netlink:", 8) == 0)
1622 addr += 8;
1623 port = strchr(addr, ':');
1624 if (port) {
1625 *port = 0;
1626 if (port[1] && strcmp(port+1, "*")) {
1627 if (get_integer(&a.port, port+1, 0)) {
1628 if (strcmp(port+1, "kernel") == 0)
1629 a.port = 0;
1630 else
1631 return NULL;
1632 }
1633 }
1634 }
1635 if (addr[0] && strcmp(addr, "*")) {
1636 a.addr.bitlen = 32;
1637 if (nl_proto_a2n(&a.addr.data[0], addr) == -1)
1638 return NULL;
1639 }
1640 fam = AF_NETLINK;
1641 goto out;
1642 }
1643
1644 if (fam == AF_VSOCK || strncmp(addr, "vsock:", 6) == 0) {
1645 __u32 cid = ~(__u32)0;
1646
1647 a.addr.family = AF_VSOCK;
1648 if (strncmp(addr, "vsock:", 6) == 0)
1649 addr += 6;
1650
1651 if (is_port)
1652 port = addr;
1653 else {
1654 port = strchr(addr, ':');
1655 if (port) {
1656 *port = '\0';
1657 port++;
1658 }
1659 }
1660
1661 if (port && strcmp(port, "*") &&
1662 get_u32((__u32 *)&a.port, port, 0))
1663 return NULL;
1664
1665 if (addr[0] && strcmp(addr, "*")) {
1666 a.addr.bitlen = 32;
1667 if (get_u32(&cid, addr, 0))
1668 return NULL;
1669 }
1670 vsock_set_inet_prefix(&a.addr, cid);
1671 fam = AF_VSOCK;
1672 goto out;
1673 }
1674
1675 if (fam == AF_INET || !strncmp(addr, "inet:", 5)) {
1676 fam = AF_INET;
1677 if (!strncmp(addr, "inet:", 5))
1678 addr += 5;
1679 } else if (fam == AF_INET6 || !strncmp(addr, "inet6:", 6)) {
1680 fam = AF_INET6;
1681 if (!strncmp(addr, "inet6:", 6))
1682 addr += 6;
1683 }
1684
1685 /* URL-like literal [] */
1686 if (addr[0] == '[') {
1687 addr++;
1688 if ((port = strchr(addr, ']')) == NULL)
1689 return NULL;
1690 *port++ = 0;
1691 } else if (addr[0] == '*') {
1692 port = addr+1;
1693 } else {
1694 port = strrchr(strchr(addr, '/') ? : addr, ':');
1695 }
1696
1697 if (is_port)
1698 port = addr;
1699
1700 if (port && *port) {
1701 if (*port == ':')
1702 *port++ = 0;
1703
1704 if (*port && *port != '*') {
1705 if (get_integer(&a.port, port, 0)) {
1706 struct servent *se1 = NULL;
1707 struct servent *se2 = NULL;
1708
1709 if (current_filter.dbs&(1<<UDP_DB))
1710 se1 = getservbyname(port, UDP_PROTO);
1711 if (current_filter.dbs&(1<<TCP_DB))
1712 se2 = getservbyname(port, TCP_PROTO);
1713 if (se1 && se2 && se1->s_port != se2->s_port) {
1714 fprintf(stderr, "Error: ambiguous port \"%s\".\n", port);
1715 return NULL;
1716 }
1717 if (!se1)
1718 se1 = se2;
1719 if (se1) {
1720 a.port = ntohs(se1->s_port);
1721 } else {
1722 struct scache *s;
1723
1724 for (s = rlist; s; s = s->next) {
1725 if ((s->proto == UDP_PROTO &&
1726 (current_filter.dbs&(1<<UDP_DB))) ||
1727 (s->proto == TCP_PROTO &&
1728 (current_filter.dbs&(1<<TCP_DB)))) {
1729 if (s->name && strcmp(s->name, port) == 0) {
1730 if (a.port > 0 && a.port != s->port) {
1731 fprintf(stderr, "Error: ambiguous port \"%s\".\n", port);
1732 return NULL;
1733 }
1734 a.port = s->port;
1735 }
1736 }
1737 }
1738 if (a.port <= 0) {
1739 fprintf(stderr, "Error: \"%s\" does not look like a port.\n", port);
1740 return NULL;
1741 }
1742 }
1743 }
1744 }
1745 }
1746 if (!is_port && *addr && *addr != '*') {
1747 if (get_prefix_1(&a.addr, addr, fam)) {
1748 if (get_dns_host(&a, addr, fam)) {
1749 fprintf(stderr, "Error: an inet prefix is expected rather than \"%s\".\n", addr);
1750 return NULL;
1751 }
1752 }
1753 }
1754
1755 out:
1756 if (fam != AF_UNSPEC) {
1757 int states = f->states;
1758 f->families = 0;
1759 filter_af_set(f, fam);
1760 filter_states_set(f, states);
1761 }
1762
1763 res = malloc(sizeof(*res));
1764 if (res)
1765 memcpy(res, &a, sizeof(a));
1766 return res;
1767 }
1768
1769 void *parse_markmask(const char *markmask)
1770 {
1771 struct aafilter a, *res;
1772
1773 if (strchr(markmask, '/')) {
1774 if (sscanf(markmask, "%i/%i", &a.mark, &a.mask) != 2)
1775 return NULL;
1776 } else {
1777 a.mask = 0xffffffff;
1778 if (sscanf(markmask, "%i", &a.mark) != 1)
1779 return NULL;
1780 }
1781
1782 res = malloc(sizeof(*res));
1783 if (res)
1784 memcpy(res, &a, sizeof(a));
1785 return res;
1786 }
1787
1788 static void proc_ctx_print(struct sockstat *s)
1789 {
1790 char *buf;
1791
1792 if (show_proc_ctx || show_sock_ctx) {
1793 if (find_entry(s->ino, &buf,
1794 (show_proc_ctx & show_sock_ctx) ?
1795 PROC_SOCK_CTX : PROC_CTX) > 0) {
1796 printf(" users:(%s)", buf);
1797 free(buf);
1798 }
1799 } else if (show_users) {
1800 if (find_entry(s->ino, &buf, USERS) > 0) {
1801 printf(" users:(%s)", buf);
1802 free(buf);
1803 }
1804 }
1805 }
1806
1807 static void inet_stats_print(struct sockstat *s, bool v6only)
1808 {
1809 sock_state_print(s);
1810
1811 inet_addr_print(&s->local, s->lport, s->iface, v6only);
1812 inet_addr_print(&s->remote, s->rport, 0, v6only);
1813
1814 proc_ctx_print(s);
1815 }
1816
1817 static int proc_parse_inet_addr(char *loc, char *rem, int family, struct
1818 sockstat * s)
1819 {
1820 s->local.family = s->remote.family = family;
1821 if (family == AF_INET) {
1822 sscanf(loc, "%x:%x", s->local.data, (unsigned *)&s->lport);
1823 sscanf(rem, "%x:%x", s->remote.data, (unsigned *)&s->rport);
1824 s->local.bytelen = s->remote.bytelen = 4;
1825 return 0;
1826 } else {
1827 sscanf(loc, "%08x%08x%08x%08x:%x",
1828 s->local.data,
1829 s->local.data + 1,
1830 s->local.data + 2,
1831 s->local.data + 3,
1832 &s->lport);
1833 sscanf(rem, "%08x%08x%08x%08x:%x",
1834 s->remote.data,
1835 s->remote.data + 1,
1836 s->remote.data + 2,
1837 s->remote.data + 3,
1838 &s->rport);
1839 s->local.bytelen = s->remote.bytelen = 16;
1840 return 0;
1841 }
1842 return -1;
1843 }
1844
1845 static int proc_inet_split_line(char *line, char **loc, char **rem, char **data)
1846 {
1847 char *p;
1848
1849 if ((p = strchr(line, ':')) == NULL)
1850 return -1;
1851
1852 *loc = p+2;
1853 if ((p = strchr(*loc, ':')) == NULL)
1854 return -1;
1855
1856 p[5] = 0;
1857 *rem = p+6;
1858 if ((p = strchr(*rem, ':')) == NULL)
1859 return -1;
1860
1861 p[5] = 0;
1862 *data = p+6;
1863 return 0;
1864 }
1865
1866 static char *sprint_bw(char *buf, double bw)
1867 {
1868 if (bw > 1000000.)
1869 sprintf(buf, "%.1fM", bw / 1000000.);
1870 else if (bw > 1000.)
1871 sprintf(buf, "%.1fK", bw / 1000.);
1872 else
1873 sprintf(buf, "%g", bw);
1874
1875 return buf;
1876 }
1877
1878 static void sctp_stats_print(struct sctp_info *s)
1879 {
1880 if (s->sctpi_tag)
1881 printf(" tag:%x", s->sctpi_tag);
1882 if (s->sctpi_state)
1883 printf(" state:%s", sctp_sstate_name[s->sctpi_state]);
1884 if (s->sctpi_rwnd)
1885 printf(" rwnd:%d", s->sctpi_rwnd);
1886 if (s->sctpi_unackdata)
1887 printf(" unackdata:%d", s->sctpi_unackdata);
1888 if (s->sctpi_penddata)
1889 printf(" penddata:%d", s->sctpi_penddata);
1890 if (s->sctpi_instrms)
1891 printf(" instrms:%d", s->sctpi_instrms);
1892 if (s->sctpi_outstrms)
1893 printf(" outstrms:%d", s->sctpi_outstrms);
1894 if (s->sctpi_inqueue)
1895 printf(" inqueue:%d", s->sctpi_inqueue);
1896 if (s->sctpi_outqueue)
1897 printf(" outqueue:%d", s->sctpi_outqueue);
1898 if (s->sctpi_overall_error)
1899 printf(" overerr:%d", s->sctpi_overall_error);
1900 if (s->sctpi_max_burst)
1901 printf(" maxburst:%d", s->sctpi_max_burst);
1902 if (s->sctpi_maxseg)
1903 printf(" maxseg:%d", s->sctpi_maxseg);
1904 if (s->sctpi_peer_rwnd)
1905 printf(" prwnd:%d", s->sctpi_peer_rwnd);
1906 if (s->sctpi_peer_tag)
1907 printf(" ptag:%x", s->sctpi_peer_tag);
1908 if (s->sctpi_peer_capable)
1909 printf(" pcapable:%d", s->sctpi_peer_capable);
1910 if (s->sctpi_peer_sack)
1911 printf(" psack:%d", s->sctpi_peer_sack);
1912 if (s->sctpi_s_autoclose)
1913 printf(" autoclose:%d", s->sctpi_s_autoclose);
1914 if (s->sctpi_s_adaptation_ind)
1915 printf(" adapind:%d", s->sctpi_s_adaptation_ind);
1916 if (s->sctpi_s_pd_point)
1917 printf(" pdpoint:%d", s->sctpi_s_pd_point);
1918 if (s->sctpi_s_nodelay)
1919 printf(" nodealy:%d", s->sctpi_s_nodelay);
1920 if (s->sctpi_s_disable_fragments)
1921 printf(" nofrag:%d", s->sctpi_s_disable_fragments);
1922 if (s->sctpi_s_v4mapped)
1923 printf(" v4mapped:%d", s->sctpi_s_v4mapped);
1924 if (s->sctpi_s_frag_interleave)
1925 printf(" fraginl:%d", s->sctpi_s_frag_interleave);
1926 }
1927
1928 static void tcp_stats_print(struct tcpstat *s)
1929 {
1930 char b1[64];
1931
1932 if (s->has_ts_opt)
1933 printf(" ts");
1934 if (s->has_sack_opt)
1935 printf(" sack");
1936 if (s->has_ecn_opt)
1937 printf(" ecn");
1938 if (s->has_ecnseen_opt)
1939 printf(" ecnseen");
1940 if (s->has_fastopen_opt)
1941 printf(" fastopen");
1942 if (s->cong_alg[0])
1943 printf(" %s", s->cong_alg);
1944 if (s->has_wscale_opt)
1945 printf(" wscale:%d,%d", s->snd_wscale, s->rcv_wscale);
1946 if (s->rto)
1947 printf(" rto:%g", s->rto);
1948 if (s->backoff)
1949 printf(" backoff:%u", s->backoff);
1950 if (s->rtt)
1951 printf(" rtt:%g/%g", s->rtt, s->rttvar);
1952 if (s->ato)
1953 printf(" ato:%g", s->ato);
1954
1955 if (s->qack)
1956 printf(" qack:%d", s->qack);
1957 if (s->qack & 1)
1958 printf(" bidir");
1959
1960 if (s->mss)
1961 printf(" mss:%d", s->mss);
1962 if (s->rcv_mss)
1963 printf(" rcvmss:%d", s->rcv_mss);
1964 if (s->advmss)
1965 printf(" advmss:%d", s->advmss);
1966 if (s->cwnd)
1967 printf(" cwnd:%u", s->cwnd);
1968 if (s->ssthresh)
1969 printf(" ssthresh:%d", s->ssthresh);
1970
1971 if (s->bytes_acked)
1972 printf(" bytes_acked:%llu", s->bytes_acked);
1973 if (s->bytes_received)
1974 printf(" bytes_received:%llu", s->bytes_received);
1975 if (s->segs_out)
1976 printf(" segs_out:%u", s->segs_out);
1977 if (s->segs_in)
1978 printf(" segs_in:%u", s->segs_in);
1979 if (s->data_segs_out)
1980 printf(" data_segs_out:%u", s->data_segs_out);
1981 if (s->data_segs_in)
1982 printf(" data_segs_in:%u", s->data_segs_in);
1983
1984 if (s->dctcp && s->dctcp->enabled) {
1985 struct dctcpstat *dctcp = s->dctcp;
1986
1987 printf(" dctcp:(ce_state:%u,alpha:%u,ab_ecn:%u,ab_tot:%u)",
1988 dctcp->ce_state, dctcp->alpha, dctcp->ab_ecn,
1989 dctcp->ab_tot);
1990 } else if (s->dctcp) {
1991 printf(" dctcp:fallback_mode");
1992 }
1993
1994 if (s->bbr_info) {
1995 __u64 bw;
1996
1997 bw = s->bbr_info->bbr_bw_hi;
1998 bw <<= 32;
1999 bw |= s->bbr_info->bbr_bw_lo;
2000
2001 printf(" bbr:(bw:%sbps,mrtt:%g",
2002 sprint_bw(b1, bw * 8.0),
2003 (double)s->bbr_info->bbr_min_rtt / 1000.0);
2004 if (s->bbr_info->bbr_pacing_gain)
2005 printf(",pacing_gain:%g",
2006 (double)s->bbr_info->bbr_pacing_gain / 256.0);
2007 if (s->bbr_info->bbr_cwnd_gain)
2008 printf(",cwnd_gain:%g",
2009 (double)s->bbr_info->bbr_cwnd_gain / 256.0);
2010 printf(")");
2011 }
2012
2013 if (s->send_bps)
2014 printf(" send %sbps", sprint_bw(b1, s->send_bps));
2015 if (s->lastsnd)
2016 printf(" lastsnd:%u", s->lastsnd);
2017 if (s->lastrcv)
2018 printf(" lastrcv:%u", s->lastrcv);
2019 if (s->lastack)
2020 printf(" lastack:%u", s->lastack);
2021
2022 if (s->pacing_rate) {
2023 printf(" pacing_rate %sbps", sprint_bw(b1, s->pacing_rate));
2024 if (s->pacing_rate_max)
2025 printf("/%sbps", sprint_bw(b1,
2026 s->pacing_rate_max));
2027 }
2028
2029 if (s->delivery_rate)
2030 printf(" delivery_rate %sbps", sprint_bw(b1, s->delivery_rate));
2031 if (s->app_limited)
2032 printf(" app_limited");
2033
2034 if (s->busy_time) {
2035 printf(" busy:%llums", s->busy_time / 1000);
2036 if (s->rwnd_limited)
2037 printf(" rwnd_limited:%llums(%.1f%%)",
2038 s->rwnd_limited / 1000,
2039 100.0 * s->rwnd_limited / s->busy_time);
2040 if (s->sndbuf_limited)
2041 printf(" sndbuf_limited:%llums(%.1f%%)",
2042 s->sndbuf_limited / 1000,
2043 100.0 * s->sndbuf_limited / s->busy_time);
2044 }
2045
2046 if (s->unacked)
2047 printf(" unacked:%u", s->unacked);
2048 if (s->retrans || s->retrans_total)
2049 printf(" retrans:%u/%u", s->retrans, s->retrans_total);
2050 if (s->lost)
2051 printf(" lost:%u", s->lost);
2052 if (s->sacked && s->ss.state != SS_LISTEN)
2053 printf(" sacked:%u", s->sacked);
2054 if (s->fackets)
2055 printf(" fackets:%u", s->fackets);
2056 if (s->reordering != 3)
2057 printf(" reordering:%d", s->reordering);
2058 if (s->rcv_rtt)
2059 printf(" rcv_rtt:%g", s->rcv_rtt);
2060 if (s->rcv_space)
2061 printf(" rcv_space:%d", s->rcv_space);
2062 if (s->not_sent)
2063 printf(" notsent:%u", s->not_sent);
2064 if (s->min_rtt)
2065 printf(" minrtt:%g", s->min_rtt);
2066 }
2067
2068 static void tcp_timer_print(struct tcpstat *s)
2069 {
2070 static const char * const tmr_name[] = {
2071 "off",
2072 "on",
2073 "keepalive",
2074 "timewait",
2075 "persist",
2076 "unknown"
2077 };
2078
2079 if (s->timer) {
2080 if (s->timer > 4)
2081 s->timer = 5;
2082 printf(" timer:(%s,%s,%d)",
2083 tmr_name[s->timer],
2084 print_ms_timer(s->timeout),
2085 s->retrans);
2086 }
2087 }
2088
2089 static void sctp_timer_print(struct tcpstat *s)
2090 {
2091 if (s->timer)
2092 printf(" timer:(T3_RTX,%s,%d)",
2093 print_ms_timer(s->timeout), s->retrans);
2094 }
2095
2096 static int tcp_show_line(char *line, const struct filter *f, int family)
2097 {
2098 int rto = 0, ato = 0;
2099 struct tcpstat s = {};
2100 char *loc, *rem, *data;
2101 char opt[256];
2102 int n;
2103 int hz = get_user_hz();
2104
2105 if (proc_inet_split_line(line, &loc, &rem, &data))
2106 return -1;
2107
2108 int state = (data[1] >= 'A') ? (data[1] - 'A' + 10) : (data[1] - '0');
2109
2110 if (!(f->states & (1 << state)))
2111 return 0;
2112
2113 proc_parse_inet_addr(loc, rem, family, &s.ss);
2114
2115 if (f->f && run_ssfilter(f->f, &s.ss) == 0)
2116 return 0;
2117
2118 opt[0] = 0;
2119 n = sscanf(data, "%x %x:%x %x:%x %x %d %d %u %d %llx %d %d %d %u %d %[^\n]\n",
2120 &s.ss.state, &s.ss.wq, &s.ss.rq,
2121 &s.timer, &s.timeout, &s.retrans, &s.ss.uid, &s.probes,
2122 &s.ss.ino, &s.ss.refcnt, &s.ss.sk, &rto, &ato, &s.qack, &s.cwnd,
2123 &s.ssthresh, opt);
2124
2125 if (n < 17)
2126 opt[0] = 0;
2127
2128 if (n < 12) {
2129 rto = 0;
2130 s.cwnd = 2;
2131 s.ssthresh = -1;
2132 ato = s.qack = 0;
2133 }
2134
2135 s.retrans = s.timer != 1 ? s.probes : s.retrans;
2136 s.timeout = (s.timeout * 1000 + hz - 1) / hz;
2137 s.ato = (double)ato / hz;
2138 s.qack /= 2;
2139 s.rto = (double)rto;
2140 s.ssthresh = s.ssthresh == -1 ? 0 : s.ssthresh;
2141 s.rto = s.rto != 3 * hz ? s.rto / hz : 0;
2142 s.ss.type = IPPROTO_TCP;
2143
2144 inet_stats_print(&s.ss, false);
2145
2146 if (show_options)
2147 tcp_timer_print(&s);
2148
2149 if (show_details) {
2150 sock_details_print(&s.ss);
2151 if (opt[0])
2152 printf(" opt:\"%s\"", opt);
2153 }
2154
2155 if (show_tcpinfo)
2156 tcp_stats_print(&s);
2157
2158 printf("\n");
2159 return 0;
2160 }
2161
2162 static int generic_record_read(FILE *fp,
2163 int (*worker)(char*, const struct filter *, int),
2164 const struct filter *f, int fam)
2165 {
2166 char line[256];
2167
2168 /* skip header */
2169 if (fgets(line, sizeof(line), fp) == NULL)
2170 goto outerr;
2171
2172 while (fgets(line, sizeof(line), fp) != NULL) {
2173 int n = strlen(line);
2174
2175 if (n == 0 || line[n-1] != '\n') {
2176 errno = -EINVAL;
2177 return -1;
2178 }
2179 line[n-1] = 0;
2180
2181 if (worker(line, f, fam) < 0)
2182 return 0;
2183 }
2184 outerr:
2185
2186 return ferror(fp) ? -1 : 0;
2187 }
2188
2189 static void print_skmeminfo(struct rtattr *tb[], int attrtype)
2190 {
2191 const __u32 *skmeminfo;
2192
2193 if (!tb[attrtype]) {
2194 if (attrtype == INET_DIAG_SKMEMINFO) {
2195 if (!tb[INET_DIAG_MEMINFO])
2196 return;
2197
2198 const struct inet_diag_meminfo *minfo =
2199 RTA_DATA(tb[INET_DIAG_MEMINFO]);
2200
2201 printf(" mem:(r%u,w%u,f%u,t%u)",
2202 minfo->idiag_rmem,
2203 minfo->idiag_wmem,
2204 minfo->idiag_fmem,
2205 minfo->idiag_tmem);
2206 }
2207 return;
2208 }
2209
2210 skmeminfo = RTA_DATA(tb[attrtype]);
2211
2212 printf(" skmem:(r%u,rb%u,t%u,tb%u,f%u,w%u,o%u",
2213 skmeminfo[SK_MEMINFO_RMEM_ALLOC],
2214 skmeminfo[SK_MEMINFO_RCVBUF],
2215 skmeminfo[SK_MEMINFO_WMEM_ALLOC],
2216 skmeminfo[SK_MEMINFO_SNDBUF],
2217 skmeminfo[SK_MEMINFO_FWD_ALLOC],
2218 skmeminfo[SK_MEMINFO_WMEM_QUEUED],
2219 skmeminfo[SK_MEMINFO_OPTMEM]);
2220
2221 if (RTA_PAYLOAD(tb[attrtype]) >=
2222 (SK_MEMINFO_BACKLOG + 1) * sizeof(__u32))
2223 printf(",bl%u", skmeminfo[SK_MEMINFO_BACKLOG]);
2224
2225 if (RTA_PAYLOAD(tb[attrtype]) >=
2226 (SK_MEMINFO_DROPS + 1) * sizeof(__u32))
2227 printf(",d%u", skmeminfo[SK_MEMINFO_DROPS]);
2228
2229 printf(")");
2230 }
2231
2232 static void print_md5sig(struct tcp_diag_md5sig *sig)
2233 {
2234 printf("%s/%d=",
2235 format_host(sig->tcpm_family,
2236 sig->tcpm_family == AF_INET6 ? 16 : 4,
2237 &sig->tcpm_addr),
2238 sig->tcpm_prefixlen);
2239 print_escape_buf(sig->tcpm_key, sig->tcpm_keylen, " ,");
2240 }
2241
2242 #define TCPI_HAS_OPT(info, opt) !!(info->tcpi_options & (opt))
2243
2244 static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
2245 struct rtattr *tb[])
2246 {
2247 double rtt = 0;
2248 struct tcpstat s = {};
2249
2250 s.ss.state = r->idiag_state;
2251
2252 print_skmeminfo(tb, INET_DIAG_SKMEMINFO);
2253
2254 if (tb[INET_DIAG_INFO]) {
2255 struct tcp_info *info;
2256 int len = RTA_PAYLOAD(tb[INET_DIAG_INFO]);
2257
2258 /* workaround for older kernels with less fields */
2259 if (len < sizeof(*info)) {
2260 info = alloca(sizeof(*info));
2261 memcpy(info, RTA_DATA(tb[INET_DIAG_INFO]), len);
2262 memset((char *)info + len, 0, sizeof(*info) - len);
2263 } else
2264 info = RTA_DATA(tb[INET_DIAG_INFO]);
2265
2266 if (show_options) {
2267 s.has_ts_opt = TCPI_HAS_OPT(info, TCPI_OPT_TIMESTAMPS);
2268 s.has_sack_opt = TCPI_HAS_OPT(info, TCPI_OPT_SACK);
2269 s.has_ecn_opt = TCPI_HAS_OPT(info, TCPI_OPT_ECN);
2270 s.has_ecnseen_opt = TCPI_HAS_OPT(info, TCPI_OPT_ECN_SEEN);
2271 s.has_fastopen_opt = TCPI_HAS_OPT(info, TCPI_OPT_SYN_DATA);
2272 }
2273
2274 if (tb[INET_DIAG_CONG])
2275 strncpy(s.cong_alg,
2276 rta_getattr_str(tb[INET_DIAG_CONG]),
2277 sizeof(s.cong_alg) - 1);
2278
2279 if (TCPI_HAS_OPT(info, TCPI_OPT_WSCALE)) {
2280 s.has_wscale_opt = true;
2281 s.snd_wscale = info->tcpi_snd_wscale;
2282 s.rcv_wscale = info->tcpi_rcv_wscale;
2283 }
2284
2285 if (info->tcpi_rto && info->tcpi_rto != 3000000)
2286 s.rto = (double)info->tcpi_rto / 1000;
2287
2288 s.backoff = info->tcpi_backoff;
2289 s.rtt = (double)info->tcpi_rtt / 1000;
2290 s.rttvar = (double)info->tcpi_rttvar / 1000;
2291 s.ato = (double)info->tcpi_ato / 1000;
2292 s.mss = info->tcpi_snd_mss;
2293 s.rcv_mss = info->tcpi_rcv_mss;
2294 s.advmss = info->tcpi_advmss;
2295 s.rcv_space = info->tcpi_rcv_space;
2296 s.rcv_rtt = (double)info->tcpi_rcv_rtt / 1000;
2297 s.lastsnd = info->tcpi_last_data_sent;
2298 s.lastrcv = info->tcpi_last_data_recv;
2299 s.lastack = info->tcpi_last_ack_recv;
2300 s.unacked = info->tcpi_unacked;
2301 s.retrans = info->tcpi_retrans;
2302 s.retrans_total = info->tcpi_total_retrans;
2303 s.lost = info->tcpi_lost;
2304 s.sacked = info->tcpi_sacked;
2305 s.fackets = info->tcpi_fackets;
2306 s.reordering = info->tcpi_reordering;
2307 s.rcv_space = info->tcpi_rcv_space;
2308 s.cwnd = info->tcpi_snd_cwnd;
2309
2310 if (info->tcpi_snd_ssthresh < 0xFFFF)
2311 s.ssthresh = info->tcpi_snd_ssthresh;
2312
2313 rtt = (double) info->tcpi_rtt;
2314 if (tb[INET_DIAG_VEGASINFO]) {
2315 const struct tcpvegas_info *vinfo
2316 = RTA_DATA(tb[INET_DIAG_VEGASINFO]);
2317
2318 if (vinfo->tcpv_enabled &&
2319 vinfo->tcpv_rtt && vinfo->tcpv_rtt != 0x7fffffff)
2320 rtt = vinfo->tcpv_rtt;
2321 }
2322
2323 if (tb[INET_DIAG_DCTCPINFO]) {
2324 struct dctcpstat *dctcp = malloc(sizeof(struct
2325 dctcpstat));
2326
2327 const struct tcp_dctcp_info *dinfo
2328 = RTA_DATA(tb[INET_DIAG_DCTCPINFO]);
2329
2330 dctcp->enabled = !!dinfo->dctcp_enabled;
2331 dctcp->ce_state = dinfo->dctcp_ce_state;
2332 dctcp->alpha = dinfo->dctcp_alpha;
2333 dctcp->ab_ecn = dinfo->dctcp_ab_ecn;
2334 dctcp->ab_tot = dinfo->dctcp_ab_tot;
2335 s.dctcp = dctcp;
2336 }
2337
2338 if (tb[INET_DIAG_BBRINFO]) {
2339 const void *bbr_info = RTA_DATA(tb[INET_DIAG_BBRINFO]);
2340 int len = min(RTA_PAYLOAD(tb[INET_DIAG_BBRINFO]),
2341 sizeof(*s.bbr_info));
2342
2343 s.bbr_info = calloc(1, sizeof(*s.bbr_info));
2344 if (s.bbr_info && bbr_info)
2345 memcpy(s.bbr_info, bbr_info, len);
2346 }
2347
2348 if (rtt > 0 && info->tcpi_snd_mss && info->tcpi_snd_cwnd) {
2349 s.send_bps = (double) info->tcpi_snd_cwnd *
2350 (double)info->tcpi_snd_mss * 8000000. / rtt;
2351 }
2352
2353 if (info->tcpi_pacing_rate &&
2354 info->tcpi_pacing_rate != ~0ULL) {
2355 s.pacing_rate = info->tcpi_pacing_rate * 8.;
2356
2357 if (info->tcpi_max_pacing_rate &&
2358 info->tcpi_max_pacing_rate != ~0ULL)
2359 s.pacing_rate_max = info->tcpi_max_pacing_rate * 8.;
2360 }
2361 s.bytes_acked = info->tcpi_bytes_acked;
2362 s.bytes_received = info->tcpi_bytes_received;
2363 s.segs_out = info->tcpi_segs_out;
2364 s.segs_in = info->tcpi_segs_in;
2365 s.data_segs_out = info->tcpi_data_segs_out;
2366 s.data_segs_in = info->tcpi_data_segs_in;
2367 s.not_sent = info->tcpi_notsent_bytes;
2368 if (info->tcpi_min_rtt && info->tcpi_min_rtt != ~0U)
2369 s.min_rtt = (double) info->tcpi_min_rtt / 1000;
2370 s.delivery_rate = info->tcpi_delivery_rate * 8.;
2371 s.app_limited = info->tcpi_delivery_rate_app_limited;
2372 s.busy_time = info->tcpi_busy_time;
2373 s.rwnd_limited = info->tcpi_rwnd_limited;
2374 s.sndbuf_limited = info->tcpi_sndbuf_limited;
2375 tcp_stats_print(&s);
2376 free(s.dctcp);
2377 free(s.bbr_info);
2378 }
2379 if (tb[INET_DIAG_MD5SIG]) {
2380 struct tcp_diag_md5sig *sig = RTA_DATA(tb[INET_DIAG_MD5SIG]);
2381 int len = RTA_PAYLOAD(tb[INET_DIAG_MD5SIG]);
2382
2383 printf(" md5keys:");
2384 print_md5sig(sig++);
2385 for (len -= sizeof(*sig); len > 0; len -= sizeof(*sig)) {
2386 printf(",");
2387 print_md5sig(sig++);
2388 }
2389 }
2390 }
2391
2392 static const char *format_host_sa(struct sockaddr_storage *sa)
2393 {
2394 union {
2395 struct sockaddr_in sin;
2396 struct sockaddr_in6 sin6;
2397 } *saddr = (void *)sa;
2398
2399 switch (sa->ss_family) {
2400 case AF_INET:
2401 return format_host(AF_INET, 4, &saddr->sin.sin_addr);
2402 case AF_INET6:
2403 return format_host(AF_INET6, 16, &saddr->sin6.sin6_addr);
2404 default:
2405 return "";
2406 }
2407 }
2408
2409 static void sctp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
2410 struct rtattr *tb[])
2411 {
2412 struct sockaddr_storage *sa;
2413 int len;
2414
2415 print_skmeminfo(tb, INET_DIAG_SKMEMINFO);
2416
2417 if (tb[INET_DIAG_LOCALS]) {
2418 len = RTA_PAYLOAD(tb[INET_DIAG_LOCALS]);
2419 sa = RTA_DATA(tb[INET_DIAG_LOCALS]);
2420
2421 printf("locals:%s", format_host_sa(sa));
2422 for (sa++, len -= sizeof(*sa); len > 0; sa++, len -= sizeof(*sa))
2423 printf(",%s", format_host_sa(sa));
2424
2425 }
2426 if (tb[INET_DIAG_PEERS]) {
2427 len = RTA_PAYLOAD(tb[INET_DIAG_PEERS]);
2428 sa = RTA_DATA(tb[INET_DIAG_PEERS]);
2429
2430 printf(" peers:%s", format_host_sa(sa));
2431 for (sa++, len -= sizeof(*sa); len > 0; sa++, len -= sizeof(*sa))
2432 printf(",%s", format_host_sa(sa));
2433 }
2434 if (tb[INET_DIAG_INFO]) {
2435 struct sctp_info *info;
2436 len = RTA_PAYLOAD(tb[INET_DIAG_INFO]);
2437
2438 /* workaround for older kernels with less fields */
2439 if (len < sizeof(*info)) {
2440 info = alloca(sizeof(*info));
2441 memcpy(info, RTA_DATA(tb[INET_DIAG_INFO]), len);
2442 memset((char *)info + len, 0, sizeof(*info) - len);
2443 } else
2444 info = RTA_DATA(tb[INET_DIAG_INFO]);
2445
2446 sctp_stats_print(info);
2447 }
2448 }
2449
2450 static void parse_diag_msg(struct nlmsghdr *nlh, struct sockstat *s)
2451 {
2452 struct rtattr *tb[INET_DIAG_MAX+1];
2453 struct inet_diag_msg *r = NLMSG_DATA(nlh);
2454
2455 parse_rtattr(tb, INET_DIAG_MAX, (struct rtattr *)(r+1),
2456 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
2457
2458 s->state = r->idiag_state;
2459 s->local.family = s->remote.family = r->idiag_family;
2460 s->lport = ntohs(r->id.idiag_sport);
2461 s->rport = ntohs(r->id.idiag_dport);
2462 s->wq = r->idiag_wqueue;
2463 s->rq = r->idiag_rqueue;
2464 s->ino = r->idiag_inode;
2465 s->uid = r->idiag_uid;
2466 s->iface = r->id.idiag_if;
2467 s->sk = cookie_sk_get(&r->id.idiag_cookie[0]);
2468
2469 s->mark = 0;
2470 if (tb[INET_DIAG_MARK])
2471 s->mark = rta_getattr_u32(tb[INET_DIAG_MARK]);
2472 if (tb[INET_DIAG_PROTOCOL])
2473 s->raw_prot = rta_getattr_u8(tb[INET_DIAG_PROTOCOL]);
2474 else
2475 s->raw_prot = 0;
2476
2477 if (s->local.family == AF_INET)
2478 s->local.bytelen = s->remote.bytelen = 4;
2479 else
2480 s->local.bytelen = s->remote.bytelen = 16;
2481
2482 memcpy(s->local.data, r->id.idiag_src, s->local.bytelen);
2483 memcpy(s->remote.data, r->id.idiag_dst, s->local.bytelen);
2484 }
2485
2486 static int inet_show_sock(struct nlmsghdr *nlh,
2487 struct sockstat *s)
2488 {
2489 struct rtattr *tb[INET_DIAG_MAX+1];
2490 struct inet_diag_msg *r = NLMSG_DATA(nlh);
2491 unsigned char v6only = 0;
2492
2493 parse_rtattr(tb, INET_DIAG_MAX, (struct rtattr *)(r+1),
2494 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
2495
2496 if (tb[INET_DIAG_PROTOCOL])
2497 s->type = rta_getattr_u8(tb[INET_DIAG_PROTOCOL]);
2498
2499 if (s->local.family == AF_INET6 && tb[INET_DIAG_SKV6ONLY])
2500 v6only = rta_getattr_u8(tb[INET_DIAG_SKV6ONLY]);
2501
2502 inet_stats_print(s, v6only);
2503
2504 if (show_options) {
2505 struct tcpstat t = {};
2506
2507 t.timer = r->idiag_timer;
2508 t.timeout = r->idiag_expires;
2509 t.retrans = r->idiag_retrans;
2510 if (s->type == IPPROTO_SCTP)
2511 sctp_timer_print(&t);
2512 else
2513 tcp_timer_print(&t);
2514 }
2515
2516 if (show_details) {
2517 sock_details_print(s);
2518 if (s->local.family == AF_INET6 && tb[INET_DIAG_SKV6ONLY])
2519 printf(" v6only:%u", v6only);
2520
2521 if (tb[INET_DIAG_SHUTDOWN]) {
2522 unsigned char mask;
2523
2524 mask = rta_getattr_u8(tb[INET_DIAG_SHUTDOWN]);
2525 printf(" %c-%c", mask & 1 ? '-' : '<', mask & 2 ? '-' : '>');
2526 }
2527 }
2528
2529 if (show_mem || (show_tcpinfo && s->type != IPPROTO_UDP)) {
2530 printf("\n\t");
2531 if (s->type == IPPROTO_SCTP)
2532 sctp_show_info(nlh, r, tb);
2533 else
2534 tcp_show_info(nlh, r, tb);
2535 }
2536 sctp_ino = s->ino;
2537
2538 printf("\n");
2539 return 0;
2540 }
2541
2542 static int tcpdiag_send(int fd, int protocol, struct filter *f)
2543 {
2544 struct sockaddr_nl nladdr = { .nl_family = AF_NETLINK };
2545 struct {
2546 struct nlmsghdr nlh;
2547 struct inet_diag_req r;
2548 } req = {
2549 .nlh.nlmsg_len = sizeof(req),
2550 .nlh.nlmsg_flags = NLM_F_ROOT | NLM_F_MATCH | NLM_F_REQUEST,
2551 .nlh.nlmsg_seq = MAGIC_SEQ,
2552 .r.idiag_family = AF_INET,
2553 .r.idiag_states = f->states,
2554 };
2555 char *bc = NULL;
2556 int bclen;
2557 struct msghdr msg;
2558 struct rtattr rta;
2559 struct iovec iov[3];
2560 int iovlen = 1;
2561
2562 if (protocol == IPPROTO_UDP)
2563 return -1;
2564
2565 if (protocol == IPPROTO_TCP)
2566 req.nlh.nlmsg_type = TCPDIAG_GETSOCK;
2567 else
2568 req.nlh.nlmsg_type = DCCPDIAG_GETSOCK;
2569 if (show_mem) {
2570 req.r.idiag_ext |= (1<<(INET_DIAG_MEMINFO-1));
2571 req.r.idiag_ext |= (1<<(INET_DIAG_SKMEMINFO-1));
2572 }
2573
2574 if (show_tcpinfo) {
2575 req.r.idiag_ext |= (1<<(INET_DIAG_INFO-1));
2576 req.r.idiag_ext |= (1<<(INET_DIAG_VEGASINFO-1));
2577 req.r.idiag_ext |= (1<<(INET_DIAG_CONG-1));
2578 }
2579
2580 iov[0] = (struct iovec){
2581 .iov_base = &req,
2582 .iov_len = sizeof(req)
2583 };
2584 if (f->f) {
2585 bclen = ssfilter_bytecompile(f->f, &bc);
2586 if (bclen) {
2587 rta.rta_type = INET_DIAG_REQ_BYTECODE;
2588 rta.rta_len = RTA_LENGTH(bclen);
2589 iov[1] = (struct iovec){ &rta, sizeof(rta) };
2590 iov[2] = (struct iovec){ bc, bclen };
2591 req.nlh.nlmsg_len += RTA_LENGTH(bclen);
2592 iovlen = 3;
2593 }
2594 }
2595
2596 msg = (struct msghdr) {
2597 .msg_name = (void *)&nladdr,
2598 .msg_namelen = sizeof(nladdr),
2599 .msg_iov = iov,
2600 .msg_iovlen = iovlen,
2601 };
2602
2603 if (sendmsg(fd, &msg, 0) < 0) {
2604 close(fd);
2605 return -1;
2606 }
2607
2608 return 0;
2609 }
2610
2611 static int sockdiag_send(int family, int fd, int protocol, struct filter *f)
2612 {
2613 struct sockaddr_nl nladdr = { .nl_family = AF_NETLINK };
2614 DIAG_REQUEST(req, struct inet_diag_req_v2 r);
2615 char *bc = NULL;
2616 int bclen;
2617 struct msghdr msg;
2618 struct rtattr rta;
2619 struct iovec iov[3];
2620 int iovlen = 1;
2621
2622 if (family == PF_UNSPEC)
2623 return tcpdiag_send(fd, protocol, f);
2624
2625 memset(&req.r, 0, sizeof(req.r));
2626 req.r.sdiag_family = family;
2627 req.r.sdiag_protocol = protocol;
2628 req.r.idiag_states = f->states;
2629 if (show_mem) {
2630 req.r.idiag_ext |= (1<<(INET_DIAG_MEMINFO-1));
2631 req.r.idiag_ext |= (1<<(INET_DIAG_SKMEMINFO-1));
2632 }
2633
2634 if (show_tcpinfo) {
2635 req.r.idiag_ext |= (1<<(INET_DIAG_INFO-1));
2636 req.r.idiag_ext |= (1<<(INET_DIAG_VEGASINFO-1));
2637 req.r.idiag_ext |= (1<<(INET_DIAG_CONG-1));
2638 }
2639
2640 iov[0] = (struct iovec){
2641 .iov_base = &req,
2642 .iov_len = sizeof(req)
2643 };
2644 if (f->f) {
2645 bclen = ssfilter_bytecompile(f->f, &bc);
2646 if (bclen) {
2647 rta.rta_type = INET_DIAG_REQ_BYTECODE;
2648 rta.rta_len = RTA_LENGTH(bclen);
2649 iov[1] = (struct iovec){ &rta, sizeof(rta) };
2650 iov[2] = (struct iovec){ bc, bclen };
2651 req.nlh.nlmsg_len += RTA_LENGTH(bclen);
2652 iovlen = 3;
2653 }
2654 }
2655
2656 msg = (struct msghdr) {
2657 .msg_name = (void *)&nladdr,
2658 .msg_namelen = sizeof(nladdr),
2659 .msg_iov = iov,
2660 .msg_iovlen = iovlen,
2661 };
2662
2663 if (sendmsg(fd, &msg, 0) < 0) {
2664 close(fd);
2665 return -1;
2666 }
2667
2668 return 0;
2669 }
2670
2671 struct inet_diag_arg {
2672 struct filter *f;
2673 int protocol;
2674 struct rtnl_handle *rth;
2675 };
2676
2677 static int kill_inet_sock(struct nlmsghdr *h, void *arg, struct sockstat *s)
2678 {
2679 struct inet_diag_msg *d = NLMSG_DATA(h);
2680 struct inet_diag_arg *diag_arg = arg;
2681 struct rtnl_handle *rth = diag_arg->rth;
2682
2683 DIAG_REQUEST(req, struct inet_diag_req_v2 r);
2684
2685 req.nlh.nlmsg_type = SOCK_DESTROY;
2686 req.nlh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
2687 req.nlh.nlmsg_seq = ++rth->seq;
2688 req.r.sdiag_family = d->idiag_family;
2689 req.r.sdiag_protocol = diag_arg->protocol;
2690 req.r.id = d->id;
2691
2692 if (diag_arg->protocol == IPPROTO_RAW) {
2693 struct inet_diag_req_raw *raw = (void *)&req.r;
2694
2695 BUILD_BUG_ON(sizeof(req.r) != sizeof(*raw));
2696 raw->sdiag_raw_protocol = s->raw_prot;
2697 }
2698
2699 return rtnl_talk(rth, &req.nlh, NULL, 0);
2700 }
2701
2702 static int show_one_inet_sock(const struct sockaddr_nl *addr,
2703 struct nlmsghdr *h, void *arg)
2704 {
2705 int err;
2706 struct inet_diag_arg *diag_arg = arg;
2707 struct inet_diag_msg *r = NLMSG_DATA(h);
2708 struct sockstat s = {};
2709
2710 if (!(diag_arg->f->families & FAMILY_MASK(r->idiag_family)))
2711 return 0;
2712
2713 parse_diag_msg(h, &s);
2714 s.type = diag_arg->protocol;
2715
2716 if (diag_arg->f->f && run_ssfilter(diag_arg->f->f, &s) == 0)
2717 return 0;
2718
2719 if (diag_arg->f->kill && kill_inet_sock(h, arg, &s) != 0) {
2720 if (errno == EOPNOTSUPP || errno == ENOENT) {
2721 /* Socket can't be closed, or is already closed. */
2722 return 0;
2723 } else {
2724 perror("SOCK_DESTROY answers");
2725 return -1;
2726 }
2727 }
2728
2729 err = inet_show_sock(h, &s);
2730 if (err < 0)
2731 return err;
2732
2733 return 0;
2734 }
2735
2736 static int inet_show_netlink(struct filter *f, FILE *dump_fp, int protocol)
2737 {
2738 int err = 0;
2739 struct rtnl_handle rth, rth2;
2740 int family = PF_INET;
2741 struct inet_diag_arg arg = { .f = f, .protocol = protocol };
2742
2743 if (rtnl_open_byproto(&rth, 0, NETLINK_SOCK_DIAG))
2744 return -1;
2745
2746 if (f->kill) {
2747 if (rtnl_open_byproto(&rth2, 0, NETLINK_SOCK_DIAG)) {
2748 rtnl_close(&rth);
2749 return -1;
2750 }
2751 arg.rth = &rth2;
2752 }
2753
2754 rth.dump = MAGIC_SEQ;
2755 rth.dump_fp = dump_fp;
2756 if (preferred_family == PF_INET6)
2757 family = PF_INET6;
2758
2759 again:
2760 if ((err = sockdiag_send(family, rth.fd, protocol, f)))
2761 goto Exit;
2762
2763 if ((err = rtnl_dump_filter(&rth, show_one_inet_sock, &arg))) {
2764 if (family != PF_UNSPEC) {
2765 family = PF_UNSPEC;
2766 goto again;
2767 }
2768 goto Exit;
2769 }
2770 if (family == PF_INET && preferred_family != PF_INET) {
2771 family = PF_INET6;
2772 goto again;
2773 }
2774
2775 Exit:
2776 rtnl_close(&rth);
2777 if (arg.rth)
2778 rtnl_close(arg.rth);
2779 return err;
2780 }
2781
2782 static int tcp_show_netlink_file(struct filter *f)
2783 {
2784 FILE *fp;
2785 char buf[16384];
2786 int err = -1;
2787
2788 if ((fp = fopen(getenv("TCPDIAG_FILE"), "r")) == NULL) {
2789 perror("fopen($TCPDIAG_FILE)");
2790 return err;
2791 }
2792
2793 while (1) {
2794 int status, err2;
2795 struct nlmsghdr *h = (struct nlmsghdr *)buf;
2796 struct sockstat s = {};
2797
2798 status = fread(buf, 1, sizeof(*h), fp);
2799 if (status < 0) {
2800 perror("Reading header from $TCPDIAG_FILE");
2801 break;
2802 }
2803 if (status != sizeof(*h)) {
2804 perror("Unexpected EOF reading $TCPDIAG_FILE");
2805 break;
2806 }
2807
2808 status = fread(h+1, 1, NLMSG_ALIGN(h->nlmsg_len-sizeof(*h)), fp);
2809
2810 if (status < 0) {
2811 perror("Reading $TCPDIAG_FILE");
2812 break;
2813 }
2814 if (status + sizeof(*h) < h->nlmsg_len) {
2815 perror("Unexpected EOF reading $TCPDIAG_FILE");
2816 break;
2817 }
2818
2819 /* The only legal exit point */
2820 if (h->nlmsg_type == NLMSG_DONE) {
2821 err = 0;
2822 break;
2823 }
2824
2825 if (h->nlmsg_type == NLMSG_ERROR) {
2826 struct nlmsgerr *err = (struct nlmsgerr *)NLMSG_DATA(h);
2827
2828 if (h->nlmsg_len < NLMSG_LENGTH(sizeof(struct nlmsgerr))) {
2829 fprintf(stderr, "ERROR truncated\n");
2830 } else {
2831 errno = -err->error;
2832 perror("TCPDIAG answered");
2833 }
2834 break;
2835 }
2836
2837 parse_diag_msg(h, &s);
2838 s.type = IPPROTO_TCP;
2839
2840 if (f && f->f && run_ssfilter(f->f, &s) == 0)
2841 continue;
2842
2843 err2 = inet_show_sock(h, &s);
2844 if (err2 < 0) {
2845 err = err2;
2846 break;
2847 }
2848 }
2849
2850 fclose(fp);
2851 return err;
2852 }
2853
2854 static int tcp_show(struct filter *f)
2855 {
2856 FILE *fp = NULL;
2857 char *buf = NULL;
2858 int bufsize = 64*1024;
2859
2860 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
2861 return 0;
2862
2863 dg_proto = TCP_PROTO;
2864
2865 if (getenv("TCPDIAG_FILE"))
2866 return tcp_show_netlink_file(f);
2867
2868 if (!getenv("PROC_NET_TCP") && !getenv("PROC_ROOT")
2869 && inet_show_netlink(f, NULL, IPPROTO_TCP) == 0)
2870 return 0;
2871
2872 /* Sigh... We have to parse /proc/net/tcp... */
2873
2874
2875 /* Estimate amount of sockets and try to allocate
2876 * huge buffer to read all the table at one read.
2877 * Limit it by 16MB though. The assumption is: as soon as
2878 * kernel was able to hold information about N connections,
2879 * it is able to give us some memory for snapshot.
2880 */
2881 if (1) {
2882 get_slabstat(&slabstat);
2883
2884 int guess = slabstat.socks+slabstat.tcp_syns;
2885
2886 if (f->states&(1<<SS_TIME_WAIT))
2887 guess += slabstat.tcp_tws;
2888 if (guess > (16*1024*1024)/128)
2889 guess = (16*1024*1024)/128;
2890 guess *= 128;
2891 if (guess > bufsize)
2892 bufsize = guess;
2893 }
2894 while (bufsize >= 64*1024) {
2895 if ((buf = malloc(bufsize)) != NULL)
2896 break;
2897 bufsize /= 2;
2898 }
2899 if (buf == NULL) {
2900 errno = ENOMEM;
2901 return -1;
2902 }
2903
2904 if (f->families & FAMILY_MASK(AF_INET)) {
2905 if ((fp = net_tcp_open()) == NULL)
2906 goto outerr;
2907
2908 setbuffer(fp, buf, bufsize);
2909 if (generic_record_read(fp, tcp_show_line, f, AF_INET))
2910 goto outerr;
2911 fclose(fp);
2912 }
2913
2914 if ((f->families & FAMILY_MASK(AF_INET6)) &&
2915 (fp = net_tcp6_open()) != NULL) {
2916 setbuffer(fp, buf, bufsize);
2917 if (generic_record_read(fp, tcp_show_line, f, AF_INET6))
2918 goto outerr;
2919 fclose(fp);
2920 }
2921
2922 free(buf);
2923 return 0;
2924
2925 outerr:
2926 do {
2927 int saved_errno = errno;
2928
2929 free(buf);
2930 if (fp)
2931 fclose(fp);
2932 errno = saved_errno;
2933 return -1;
2934 } while (0);
2935 }
2936
2937 static int dccp_show(struct filter *f)
2938 {
2939 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
2940 return 0;
2941
2942 if (!getenv("PROC_NET_DCCP") && !getenv("PROC_ROOT")
2943 && inet_show_netlink(f, NULL, IPPROTO_DCCP) == 0)
2944 return 0;
2945
2946 return 0;
2947 }
2948
2949 static int sctp_show(struct filter *f)
2950 {
2951 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
2952 return 0;
2953
2954 if (!getenv("PROC_NET_SCTP") && !getenv("PROC_ROOT")
2955 && inet_show_netlink(f, NULL, IPPROTO_SCTP) == 0)
2956 return 0;
2957
2958 return 0;
2959 }
2960
2961 static int dgram_show_line(char *line, const struct filter *f, int family)
2962 {
2963 struct sockstat s = {};
2964 char *loc, *rem, *data;
2965 char opt[256];
2966 int n;
2967
2968 if (proc_inet_split_line(line, &loc, &rem, &data))
2969 return -1;
2970
2971 int state = (data[1] >= 'A') ? (data[1] - 'A' + 10) : (data[1] - '0');
2972
2973 if (!(f->states & (1 << state)))
2974 return 0;
2975
2976 proc_parse_inet_addr(loc, rem, family, &s);
2977
2978 if (f->f && run_ssfilter(f->f, &s) == 0)
2979 return 0;
2980
2981 opt[0] = 0;
2982 n = sscanf(data, "%x %x:%x %*x:%*x %*x %d %*d %u %d %llx %[^\n]\n",
2983 &s.state, &s.wq, &s.rq,
2984 &s.uid, &s.ino,
2985 &s.refcnt, &s.sk, opt);
2986
2987 if (n < 9)
2988 opt[0] = 0;
2989
2990 s.type = dg_proto == UDP_PROTO ? IPPROTO_UDP : 0;
2991 inet_stats_print(&s, false);
2992
2993 if (show_details && opt[0])
2994 printf(" opt:\"%s\"", opt);
2995
2996 printf("\n");
2997 return 0;
2998 }
2999
3000 static int udp_show(struct filter *f)
3001 {
3002 FILE *fp = NULL;
3003
3004 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
3005 return 0;
3006
3007 dg_proto = UDP_PROTO;
3008
3009 if (!getenv("PROC_NET_UDP") && !getenv("PROC_ROOT")
3010 && inet_show_netlink(f, NULL, IPPROTO_UDP) == 0)
3011 return 0;
3012
3013 if (f->families&FAMILY_MASK(AF_INET)) {
3014 if ((fp = net_udp_open()) == NULL)
3015 goto outerr;
3016 if (generic_record_read(fp, dgram_show_line, f, AF_INET))
3017 goto outerr;
3018 fclose(fp);
3019 }
3020
3021 if ((f->families&FAMILY_MASK(AF_INET6)) &&
3022 (fp = net_udp6_open()) != NULL) {
3023 if (generic_record_read(fp, dgram_show_line, f, AF_INET6))
3024 goto outerr;
3025 fclose(fp);
3026 }
3027 return 0;
3028
3029 outerr:
3030 do {
3031 int saved_errno = errno;
3032
3033 if (fp)
3034 fclose(fp);
3035 errno = saved_errno;
3036 return -1;
3037 } while (0);
3038 }
3039
3040 static int raw_show(struct filter *f)
3041 {
3042 FILE *fp = NULL;
3043
3044 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
3045 return 0;
3046
3047 dg_proto = RAW_PROTO;
3048
3049 if (!getenv("PROC_NET_RAW") && !getenv("PROC_ROOT") &&
3050 inet_show_netlink(f, NULL, IPPROTO_RAW) == 0)
3051 return 0;
3052
3053 if (f->families&FAMILY_MASK(AF_INET)) {
3054 if ((fp = net_raw_open()) == NULL)
3055 goto outerr;
3056 if (generic_record_read(fp, dgram_show_line, f, AF_INET))
3057 goto outerr;
3058 fclose(fp);
3059 }
3060
3061 if ((f->families&FAMILY_MASK(AF_INET6)) &&
3062 (fp = net_raw6_open()) != NULL) {
3063 if (generic_record_read(fp, dgram_show_line, f, AF_INET6))
3064 goto outerr;
3065 fclose(fp);
3066 }
3067 return 0;
3068
3069 outerr:
3070 do {
3071 int saved_errno = errno;
3072
3073 if (fp)
3074 fclose(fp);
3075 errno = saved_errno;
3076 return -1;
3077 } while (0);
3078 }
3079
3080 #define MAX_UNIX_REMEMBER (1024*1024/sizeof(struct sockstat))
3081
3082 static void unix_list_drop_first(struct sockstat **list)
3083 {
3084 struct sockstat *s = *list;
3085
3086 (*list) = (*list)->next;
3087 free(s->name);
3088 free(s);
3089 }
3090
3091 static bool unix_type_skip(struct sockstat *s, struct filter *f)
3092 {
3093 if (s->type == SOCK_STREAM && !(f->dbs&(1<<UNIX_ST_DB)))
3094 return true;
3095 if (s->type == SOCK_DGRAM && !(f->dbs&(1<<UNIX_DG_DB)))
3096 return true;
3097 if (s->type == SOCK_SEQPACKET && !(f->dbs&(1<<UNIX_SQ_DB)))
3098 return true;
3099 return false;
3100 }
3101
3102 static void unix_stats_print(struct sockstat *s, struct filter *f)
3103 {
3104 char port_name[30] = {};
3105
3106 sock_state_print(s);
3107
3108 sock_addr_print(s->name ?: "*", " ",
3109 int_to_str(s->lport, port_name), NULL);
3110 sock_addr_print(s->peer_name ?: "*", " ",
3111 int_to_str(s->rport, port_name), NULL);
3112
3113 proc_ctx_print(s);
3114 }
3115
3116 static int unix_show_sock(const struct sockaddr_nl *addr, struct nlmsghdr *nlh,
3117 void *arg)
3118 {
3119 struct filter *f = (struct filter *)arg;
3120 struct unix_diag_msg *r = NLMSG_DATA(nlh);
3121 struct rtattr *tb[UNIX_DIAG_MAX+1];
3122 char name[128];
3123 struct sockstat stat = { .name = "*", .peer_name = "*" };
3124
3125 parse_rtattr(tb, UNIX_DIAG_MAX, (struct rtattr *)(r+1),
3126 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
3127
3128 stat.type = r->udiag_type;
3129 stat.state = r->udiag_state;
3130 stat.ino = stat.lport = r->udiag_ino;
3131 stat.local.family = stat.remote.family = AF_UNIX;
3132
3133 if (unix_type_skip(&stat, f))
3134 return 0;
3135
3136 if (tb[UNIX_DIAG_RQLEN]) {
3137 struct unix_diag_rqlen *rql = RTA_DATA(tb[UNIX_DIAG_RQLEN]);
3138
3139 stat.rq = rql->udiag_rqueue;
3140 stat.wq = rql->udiag_wqueue;
3141 }
3142 if (tb[UNIX_DIAG_NAME]) {
3143 int len = RTA_PAYLOAD(tb[UNIX_DIAG_NAME]);
3144
3145 memcpy(name, RTA_DATA(tb[UNIX_DIAG_NAME]), len);
3146 name[len] = '\0';
3147 if (name[0] == '\0') {
3148 int i;
3149 for (i = 0; i < len; i++)
3150 if (name[i] == '\0')
3151 name[i] = '@';
3152 }
3153 stat.name = &name[0];
3154 memcpy(stat.local.data, &stat.name, sizeof(stat.name));
3155 }
3156 if (tb[UNIX_DIAG_PEER])
3157 stat.rport = rta_getattr_u32(tb[UNIX_DIAG_PEER]);
3158
3159 if (f->f && run_ssfilter(f->f, &stat) == 0)
3160 return 0;
3161
3162 unix_stats_print(&stat, f);
3163
3164 if (show_mem)
3165 print_skmeminfo(tb, UNIX_DIAG_MEMINFO);
3166 if (show_details) {
3167 if (tb[UNIX_DIAG_SHUTDOWN]) {
3168 unsigned char mask;
3169
3170 mask = rta_getattr_u8(tb[UNIX_DIAG_SHUTDOWN]);
3171 printf(" %c-%c", mask & 1 ? '-' : '<', mask & 2 ? '-' : '>');
3172 }
3173 }
3174 printf("\n");
3175
3176 return 0;
3177 }
3178
3179 static int handle_netlink_request(struct filter *f, struct nlmsghdr *req,
3180 size_t size, rtnl_filter_t show_one_sock)
3181 {
3182 int ret = -1;
3183 struct rtnl_handle rth;
3184
3185 if (rtnl_open_byproto(&rth, 0, NETLINK_SOCK_DIAG))
3186 return -1;
3187
3188 rth.dump = MAGIC_SEQ;
3189
3190 if (rtnl_send(&rth, req, size) < 0)
3191 goto Exit;
3192
3193 if (rtnl_dump_filter(&rth, show_one_sock, f))
3194 goto Exit;
3195
3196 ret = 0;
3197 Exit:
3198 rtnl_close(&rth);
3199 return ret;
3200 }
3201
3202 static int unix_show_netlink(struct filter *f)
3203 {
3204 DIAG_REQUEST(req, struct unix_diag_req r);
3205
3206 req.r.sdiag_family = AF_UNIX;
3207 req.r.udiag_states = f->states;
3208 req.r.udiag_show = UDIAG_SHOW_NAME | UDIAG_SHOW_PEER | UDIAG_SHOW_RQLEN;
3209 if (show_mem)
3210 req.r.udiag_show |= UDIAG_SHOW_MEMINFO;
3211
3212 return handle_netlink_request(f, &req.nlh, sizeof(req), unix_show_sock);
3213 }
3214
3215 static int unix_show(struct filter *f)
3216 {
3217 FILE *fp;
3218 char buf[256];
3219 char name[128];
3220 int newformat = 0;
3221 int cnt;
3222 struct sockstat *list = NULL;
3223 const int unix_state_map[] = { SS_CLOSE, SS_SYN_SENT,
3224 SS_ESTABLISHED, SS_CLOSING };
3225
3226 if (!filter_af_get(f, AF_UNIX))
3227 return 0;
3228
3229 if (!getenv("PROC_NET_UNIX") && !getenv("PROC_ROOT")
3230 && unix_show_netlink(f) == 0)
3231 return 0;
3232
3233 if ((fp = net_unix_open()) == NULL)
3234 return -1;
3235 if (!fgets(buf, sizeof(buf), fp)) {
3236 fclose(fp);
3237 return -1;
3238 }
3239
3240 if (memcmp(buf, "Peer", 4) == 0)
3241 newformat = 1;
3242 cnt = 0;
3243
3244 while (fgets(buf, sizeof(buf), fp)) {
3245 struct sockstat *u, **insp;
3246 int flags;
3247
3248 if (!(u = calloc(1, sizeof(*u))))
3249 break;
3250
3251 if (sscanf(buf, "%x: %x %x %x %x %x %d %s",
3252 &u->rport, &u->rq, &u->wq, &flags, &u->type,
3253 &u->state, &u->ino, name) < 8)
3254 name[0] = 0;
3255
3256 u->lport = u->ino;
3257 u->local.family = u->remote.family = AF_UNIX;
3258
3259 if (flags & (1 << 16)) {
3260 u->state = SS_LISTEN;
3261 } else if (u->state > 0 &&
3262 u->state <= ARRAY_SIZE(unix_state_map)) {
3263 u->state = unix_state_map[u->state-1];
3264 if (u->type == SOCK_DGRAM && u->state == SS_CLOSE && u->rport)
3265 u->state = SS_ESTABLISHED;
3266 }
3267 if (unix_type_skip(u, f) ||
3268 !(f->states & (1 << u->state))) {
3269 free(u);
3270 continue;
3271 }
3272
3273 if (!newformat) {
3274 u->rport = 0;
3275 u->rq = 0;
3276 u->wq = 0;
3277 }
3278
3279 if (name[0]) {
3280 u->name = strdup(name);
3281 if (!u->name) {
3282 free(u);
3283 break;
3284 }
3285 }
3286
3287 if (u->rport) {
3288 struct sockstat *p;
3289
3290 for (p = list; p; p = p->next) {
3291 if (u->rport == p->lport)
3292 break;
3293 }
3294 if (!p)
3295 u->peer_name = "?";
3296 else
3297 u->peer_name = p->name ? : "*";
3298 }
3299
3300 if (f->f) {
3301 struct sockstat st = {
3302 .local.family = AF_UNIX,
3303 .remote.family = AF_UNIX,
3304 };
3305
3306 memcpy(st.local.data, &u->name, sizeof(u->name));
3307 if (strcmp(u->peer_name, "*"))
3308 memcpy(st.remote.data, &u->peer_name,
3309 sizeof(u->peer_name));
3310 if (run_ssfilter(f->f, &st) == 0) {
3311 free(u->name);
3312 free(u);
3313 continue;
3314 }
3315 }
3316
3317 insp = &list;
3318 while (*insp) {
3319 if (u->type < (*insp)->type ||
3320 (u->type == (*insp)->type &&
3321 u->ino < (*insp)->ino))
3322 break;
3323 insp = &(*insp)->next;
3324 }
3325 u->next = *insp;
3326 *insp = u;
3327
3328 if (++cnt > MAX_UNIX_REMEMBER) {
3329 while (list) {
3330 unix_stats_print(list, f);
3331 printf("\n");
3332
3333 unix_list_drop_first(&list);
3334 }
3335 cnt = 0;
3336 }
3337 }
3338 fclose(fp);
3339 while (list) {
3340 unix_stats_print(list, f);
3341 printf("\n");
3342
3343 unix_list_drop_first(&list);
3344 }
3345
3346 return 0;
3347 }
3348
3349 static int packet_stats_print(struct sockstat *s, const struct filter *f)
3350 {
3351 const char *addr, *port;
3352 char ll_name[16];
3353
3354 s->local.family = s->remote.family = AF_PACKET;
3355
3356 if (f->f) {
3357 s->local.data[0] = s->prot;
3358 if (run_ssfilter(f->f, s) == 0)
3359 return 1;
3360 }
3361
3362 sock_state_print(s);
3363
3364 if (s->prot == 3)
3365 addr = "*";
3366 else
3367 addr = ll_proto_n2a(htons(s->prot), ll_name, sizeof(ll_name));
3368
3369 if (s->iface == 0)
3370 port = "*";
3371 else
3372 port = xll_index_to_name(s->iface);
3373
3374 sock_addr_print(addr, ":", port, NULL);
3375 sock_addr_print("", "*", "", NULL);
3376
3377 proc_ctx_print(s);
3378
3379 if (show_details)
3380 sock_details_print(s);
3381
3382 return 0;
3383 }
3384
3385 static void packet_show_ring(struct packet_diag_ring *ring)
3386 {
3387 printf("blk_size:%d", ring->pdr_block_size);
3388 printf(",blk_nr:%d", ring->pdr_block_nr);
3389 printf(",frm_size:%d", ring->pdr_frame_size);
3390 printf(",frm_nr:%d", ring->pdr_frame_nr);
3391 printf(",tmo:%d", ring->pdr_retire_tmo);
3392 printf(",features:0x%x", ring->pdr_features);
3393 }
3394
3395 static int packet_show_sock(const struct sockaddr_nl *addr,
3396 struct nlmsghdr *nlh, void *arg)
3397 {
3398 const struct filter *f = arg;
3399 struct packet_diag_msg *r = NLMSG_DATA(nlh);
3400 struct packet_diag_info *pinfo = NULL;
3401 struct packet_diag_ring *ring_rx = NULL, *ring_tx = NULL;
3402 struct rtattr *tb[PACKET_DIAG_MAX+1];
3403 struct sockstat stat = {};
3404 uint32_t fanout = 0;
3405 bool has_fanout = false;
3406
3407 parse_rtattr(tb, PACKET_DIAG_MAX, (struct rtattr *)(r+1),
3408 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
3409
3410 /* use /proc/net/packet if all info are not available */
3411 if (!tb[PACKET_DIAG_MEMINFO])
3412 return -1;
3413
3414 stat.type = r->pdiag_type;
3415 stat.prot = r->pdiag_num;
3416 stat.ino = r->pdiag_ino;
3417 stat.state = SS_CLOSE;
3418 stat.sk = cookie_sk_get(&r->pdiag_cookie[0]);
3419
3420 if (tb[PACKET_DIAG_MEMINFO]) {
3421 __u32 *skmeminfo = RTA_DATA(tb[PACKET_DIAG_MEMINFO]);
3422
3423 stat.rq = skmeminfo[SK_MEMINFO_RMEM_ALLOC];
3424 }
3425
3426 if (tb[PACKET_DIAG_INFO]) {
3427 pinfo = RTA_DATA(tb[PACKET_DIAG_INFO]);
3428 stat.lport = stat.iface = pinfo->pdi_index;
3429 }
3430
3431 if (tb[PACKET_DIAG_UID])
3432 stat.uid = rta_getattr_u32(tb[PACKET_DIAG_UID]);
3433
3434 if (tb[PACKET_DIAG_RX_RING])
3435 ring_rx = RTA_DATA(tb[PACKET_DIAG_RX_RING]);
3436
3437 if (tb[PACKET_DIAG_TX_RING])
3438 ring_tx = RTA_DATA(tb[PACKET_DIAG_TX_RING]);
3439
3440 if (tb[PACKET_DIAG_FANOUT]) {
3441 has_fanout = true;
3442 fanout = rta_getattr_u32(tb[PACKET_DIAG_FANOUT]);
3443 }
3444
3445 if (packet_stats_print(&stat, f))
3446 return 0;
3447
3448 if (show_details) {
3449 if (pinfo) {
3450 printf("\n\tver:%d", pinfo->pdi_version);
3451 printf(" cpy_thresh:%d", pinfo->pdi_copy_thresh);
3452 printf(" flags( ");
3453 if (pinfo->pdi_flags & PDI_RUNNING)
3454 printf("running");
3455 if (pinfo->pdi_flags & PDI_AUXDATA)
3456 printf(" auxdata");
3457 if (pinfo->pdi_flags & PDI_ORIGDEV)
3458 printf(" origdev");
3459 if (pinfo->pdi_flags & PDI_VNETHDR)
3460 printf(" vnethdr");
3461 if (pinfo->pdi_flags & PDI_LOSS)
3462 printf(" loss");
3463 if (!pinfo->pdi_flags)
3464 printf("0");
3465 printf(" )");
3466 }
3467 if (ring_rx) {
3468 printf("\n\tring_rx(");
3469 packet_show_ring(ring_rx);
3470 printf(")");
3471 }
3472 if (ring_tx) {
3473 printf("\n\tring_tx(");
3474 packet_show_ring(ring_tx);
3475 printf(")");
3476 }
3477 if (has_fanout) {
3478 uint16_t type = (fanout >> 16) & 0xffff;
3479
3480 printf("\n\tfanout(");
3481 printf("id:%d,", fanout & 0xffff);
3482 printf("type:");
3483
3484 if (type == 0)
3485 printf("hash");
3486 else if (type == 1)
3487 printf("lb");
3488 else if (type == 2)
3489 printf("cpu");
3490 else if (type == 3)
3491 printf("roll");
3492 else if (type == 4)
3493 printf("random");
3494 else if (type == 5)
3495 printf("qm");
3496 else
3497 printf("0x%x", type);
3498
3499 printf(")");
3500 }
3501 }
3502
3503 if (show_bpf && tb[PACKET_DIAG_FILTER]) {
3504 struct sock_filter *fil =
3505 RTA_DATA(tb[PACKET_DIAG_FILTER]);
3506 int num = RTA_PAYLOAD(tb[PACKET_DIAG_FILTER]) /
3507 sizeof(struct sock_filter);
3508
3509 printf("\n\tbpf filter (%d): ", num);
3510 while (num) {
3511 printf(" 0x%02x %u %u %u,",
3512 fil->code, fil->jt, fil->jf, fil->k);
3513 num--;
3514 fil++;
3515 }
3516 }
3517 printf("\n");
3518 return 0;
3519 }
3520
3521 static int packet_show_netlink(struct filter *f)
3522 {
3523 DIAG_REQUEST(req, struct packet_diag_req r);
3524
3525 req.r.sdiag_family = AF_PACKET;
3526 req.r.pdiag_show = PACKET_SHOW_INFO | PACKET_SHOW_MEMINFO |
3527 PACKET_SHOW_FILTER | PACKET_SHOW_RING_CFG | PACKET_SHOW_FANOUT;
3528
3529 return handle_netlink_request(f, &req.nlh, sizeof(req), packet_show_sock);
3530 }
3531
3532 static int packet_show_line(char *buf, const struct filter *f, int fam)
3533 {
3534 unsigned long long sk;
3535 struct sockstat stat = {};
3536 int type, prot, iface, state, rq, uid, ino;
3537
3538 sscanf(buf, "%llx %*d %d %x %d %d %u %u %u",
3539 &sk,
3540 &type, &prot, &iface, &state,
3541 &rq, &uid, &ino);
3542
3543 if (stat.type == SOCK_RAW && !(f->dbs&(1<<PACKET_R_DB)))
3544 return 0;
3545 if (stat.type == SOCK_DGRAM && !(f->dbs&(1<<PACKET_DG_DB)))
3546 return 0;
3547
3548 stat.type = type;
3549 stat.prot = prot;
3550 stat.lport = stat.iface = iface;
3551 stat.state = state;
3552 stat.rq = rq;
3553 stat.uid = uid;
3554 stat.ino = ino;
3555 stat.state = SS_CLOSE;
3556
3557 if (packet_stats_print(&stat, f))
3558 return 0;
3559
3560 printf("\n");
3561 return 0;
3562 }
3563
3564 static int packet_show(struct filter *f)
3565 {
3566 FILE *fp;
3567 int rc = 0;
3568
3569 if (!filter_af_get(f, AF_PACKET) || !(f->states & (1 << SS_CLOSE)))
3570 return 0;
3571
3572 if (!getenv("PROC_NET_PACKET") && !getenv("PROC_ROOT") &&
3573 packet_show_netlink(f) == 0)
3574 return 0;
3575
3576 if ((fp = net_packet_open()) == NULL)
3577 return -1;
3578 if (generic_record_read(fp, packet_show_line, f, AF_PACKET))
3579 rc = -1;
3580
3581 fclose(fp);
3582 return rc;
3583 }
3584
3585 static int netlink_show_one(struct filter *f,
3586 int prot, int pid, unsigned int groups,
3587 int state, int dst_pid, unsigned int dst_group,
3588 int rq, int wq,
3589 unsigned long long sk, unsigned long long cb)
3590 {
3591 struct sockstat st = {
3592 .state = SS_CLOSE,
3593 .rq = rq,
3594 .wq = wq,
3595 .local.family = AF_NETLINK,
3596 .remote.family = AF_NETLINK,
3597 };
3598
3599 SPRINT_BUF(prot_buf) = {};
3600 const char *prot_name;
3601 char procname[64] = {};
3602
3603 if (f->f) {
3604 st.rport = -1;
3605 st.lport = pid;
3606 st.local.data[0] = prot;
3607 if (run_ssfilter(f->f, &st) == 0)
3608 return 1;
3609 }
3610
3611 sock_state_print(&st);
3612
3613 if (resolve_services)
3614 prot_name = nl_proto_n2a(prot, prot_buf, sizeof(prot_buf));
3615 else
3616 prot_name = int_to_str(prot, prot_buf);
3617
3618 if (pid == -1) {
3619 procname[0] = '*';
3620 } else if (resolve_services) {
3621 int done = 0;
3622
3623 if (!pid) {
3624 done = 1;
3625 strncpy(procname, "kernel", 6);
3626 } else if (pid > 0) {
3627 FILE *fp;
3628
3629 snprintf(procname, sizeof(procname), "%s/%d/stat",
3630 getenv("PROC_ROOT") ? : "/proc", pid);
3631 if ((fp = fopen(procname, "r")) != NULL) {
3632 if (fscanf(fp, "%*d (%[^)])", procname) == 1) {
3633 snprintf(procname+strlen(procname),
3634 sizeof(procname)-strlen(procname),
3635 "/%d", pid);
3636 done = 1;
3637 }
3638 fclose(fp);
3639 }
3640 }
3641 if (!done)
3642 int_to_str(pid, procname);
3643 } else {
3644 int_to_str(pid, procname);
3645 }
3646
3647 sock_addr_print(prot_name, ":", procname, NULL);
3648
3649 if (state == NETLINK_CONNECTED) {
3650 char dst_group_buf[30];
3651 char dst_pid_buf[30];
3652
3653 sock_addr_print(int_to_str(dst_group, dst_group_buf), ":",
3654 int_to_str(dst_pid, dst_pid_buf), NULL);
3655 } else {
3656 sock_addr_print("", "*", "", NULL);
3657 }
3658
3659 char *pid_context = NULL;
3660
3661 if (show_proc_ctx) {
3662 /* The pid value will either be:
3663 * 0 if destination kernel - show kernel initial context.
3664 * A valid process pid - use getpidcon.
3665 * A unique value allocated by the kernel or netlink user
3666 * to the process - show context as "not available".
3667 */
3668 if (!pid)
3669 security_get_initial_context("kernel", &pid_context);
3670 else if (pid > 0)
3671 getpidcon(pid, &pid_context);
3672
3673 if (pid_context != NULL) {
3674 printf("proc_ctx=%-*s ", serv_width, pid_context);
3675 free(pid_context);
3676 } else {
3677 printf("proc_ctx=%-*s ", serv_width, "unavailable");
3678 }
3679 }
3680
3681 if (show_details) {
3682 printf(" sk=%llx cb=%llx groups=0x%08x", sk, cb, groups);
3683 }
3684 printf("\n");
3685
3686 return 0;
3687 }
3688
3689 static int netlink_show_sock(const struct sockaddr_nl *addr,
3690 struct nlmsghdr *nlh, void *arg)
3691 {
3692 struct filter *f = (struct filter *)arg;
3693 struct netlink_diag_msg *r = NLMSG_DATA(nlh);
3694 struct rtattr *tb[NETLINK_DIAG_MAX+1];
3695 int rq = 0, wq = 0;
3696 unsigned long groups = 0;
3697
3698 parse_rtattr(tb, NETLINK_DIAG_MAX, (struct rtattr *)(r+1),
3699 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
3700
3701 if (tb[NETLINK_DIAG_GROUPS] && RTA_PAYLOAD(tb[NETLINK_DIAG_GROUPS]))
3702 groups = *(unsigned long *) RTA_DATA(tb[NETLINK_DIAG_GROUPS]);
3703
3704 if (tb[NETLINK_DIAG_MEMINFO]) {
3705 const __u32 *skmeminfo;
3706
3707 skmeminfo = RTA_DATA(tb[NETLINK_DIAG_MEMINFO]);
3708
3709 rq = skmeminfo[SK_MEMINFO_RMEM_ALLOC];
3710 wq = skmeminfo[SK_MEMINFO_WMEM_ALLOC];
3711 }
3712
3713 if (netlink_show_one(f, r->ndiag_protocol, r->ndiag_portid, groups,
3714 r->ndiag_state, r->ndiag_dst_portid, r->ndiag_dst_group,
3715 rq, wq, 0, 0)) {
3716 return 0;
3717 }
3718
3719 if (show_mem) {
3720 printf("\t");
3721 print_skmeminfo(tb, NETLINK_DIAG_MEMINFO);
3722 printf("\n");
3723 }
3724
3725 return 0;
3726 }
3727
3728 static int netlink_show_netlink(struct filter *f)
3729 {
3730 DIAG_REQUEST(req, struct netlink_diag_req r);
3731
3732 req.r.sdiag_family = AF_NETLINK;
3733 req.r.sdiag_protocol = NDIAG_PROTO_ALL;
3734 req.r.ndiag_show = NDIAG_SHOW_GROUPS | NDIAG_SHOW_MEMINFO;
3735
3736 return handle_netlink_request(f, &req.nlh, sizeof(req), netlink_show_sock);
3737 }
3738
3739 static int netlink_show(struct filter *f)
3740 {
3741 FILE *fp;
3742 char buf[256];
3743 int prot, pid;
3744 unsigned int groups;
3745 int rq, wq, rc;
3746 unsigned long long sk, cb;
3747
3748 if (!filter_af_get(f, AF_NETLINK) || !(f->states & (1 << SS_CLOSE)))
3749 return 0;
3750
3751 if (!getenv("PROC_NET_NETLINK") && !getenv("PROC_ROOT") &&
3752 netlink_show_netlink(f) == 0)
3753 return 0;
3754
3755 if ((fp = net_netlink_open()) == NULL)
3756 return -1;
3757 if (!fgets(buf, sizeof(buf), fp)) {
3758 fclose(fp);
3759 return -1;
3760 }
3761
3762 while (fgets(buf, sizeof(buf), fp)) {
3763 sscanf(buf, "%llx %d %d %x %d %d %llx %d",
3764 &sk,
3765 &prot, &pid, &groups, &rq, &wq, &cb, &rc);
3766
3767 netlink_show_one(f, prot, pid, groups, 0, 0, 0, rq, wq, sk, cb);
3768 }
3769
3770 fclose(fp);
3771 return 0;
3772 }
3773
3774 static bool vsock_type_skip(struct sockstat *s, struct filter *f)
3775 {
3776 if (s->type == SOCK_STREAM && !(f->dbs & (1 << VSOCK_ST_DB)))
3777 return true;
3778 if (s->type == SOCK_DGRAM && !(f->dbs & (1 << VSOCK_DG_DB)))
3779 return true;
3780 return false;
3781 }
3782
3783 static void vsock_addr_print(inet_prefix *a, __u32 port)
3784 {
3785 char cid_str[sizeof("4294967295")];
3786 char port_str[sizeof("4294967295")];
3787 __u32 cid;
3788
3789 memcpy(&cid, a->data, sizeof(cid));
3790
3791 if (cid == ~(__u32)0)
3792 snprintf(cid_str, sizeof(cid_str), "*");
3793 else
3794 snprintf(cid_str, sizeof(cid_str), "%u", cid);
3795
3796 if (port == ~(__u32)0)
3797 snprintf(port_str, sizeof(port_str), "*");
3798 else
3799 snprintf(port_str, sizeof(port_str), "%u", port);
3800
3801 sock_addr_print(cid_str, ":", port_str, NULL);
3802 }
3803
3804 static void vsock_stats_print(struct sockstat *s, struct filter *f)
3805 {
3806 sock_state_print(s);
3807
3808 vsock_addr_print(&s->local, s->lport);
3809 vsock_addr_print(&s->remote, s->rport);
3810
3811 proc_ctx_print(s);
3812
3813 printf("\n");
3814 }
3815
3816 static int vsock_show_sock(const struct sockaddr_nl *addr,
3817 struct nlmsghdr *nlh, void *arg)
3818 {
3819 struct filter *f = (struct filter *)arg;
3820 struct vsock_diag_msg *r = NLMSG_DATA(nlh);
3821 struct sockstat stat = {
3822 .type = r->vdiag_type,
3823 .lport = r->vdiag_src_port,
3824 .rport = r->vdiag_dst_port,
3825 .state = r->vdiag_state,
3826 .ino = r->vdiag_ino,
3827 };
3828
3829 vsock_set_inet_prefix(&stat.local, r->vdiag_src_cid);
3830 vsock_set_inet_prefix(&stat.remote, r->vdiag_dst_cid);
3831
3832 if (vsock_type_skip(&stat, f))
3833 return 0;
3834
3835 if (f->f && run_ssfilter(f->f, &stat) == 0)
3836 return 0;
3837
3838 vsock_stats_print(&stat, f);
3839
3840 return 0;
3841 }
3842
3843 static int vsock_show(struct filter *f)
3844 {
3845 DIAG_REQUEST(req, struct vsock_diag_req r);
3846
3847 if (!filter_af_get(f, AF_VSOCK))
3848 return 0;
3849
3850 req.r.sdiag_family = AF_VSOCK;
3851 req.r.vdiag_states = f->states;
3852
3853 return handle_netlink_request(f, &req.nlh, sizeof(req), vsock_show_sock);
3854 }
3855
3856 struct sock_diag_msg {
3857 __u8 sdiag_family;
3858 };
3859
3860 static int generic_show_sock(const struct sockaddr_nl *addr,
3861 struct nlmsghdr *nlh, void *arg)
3862 {
3863 struct sock_diag_msg *r = NLMSG_DATA(nlh);
3864 struct inet_diag_arg inet_arg = { .f = arg, .protocol = IPPROTO_MAX };
3865
3866 switch (r->sdiag_family) {
3867 case AF_INET:
3868 case AF_INET6:
3869 return show_one_inet_sock(addr, nlh, &inet_arg);
3870 case AF_UNIX:
3871 return unix_show_sock(addr, nlh, arg);
3872 case AF_PACKET:
3873 return packet_show_sock(addr, nlh, arg);
3874 case AF_NETLINK:
3875 return netlink_show_sock(addr, nlh, arg);
3876 case AF_VSOCK:
3877 return vsock_show_sock(addr, nlh, arg);
3878 default:
3879 return -1;
3880 }
3881 }
3882
3883 static int handle_follow_request(struct filter *f)
3884 {
3885 int ret = 0;
3886 int groups = 0;
3887 struct rtnl_handle rth;
3888
3889 if (f->families & FAMILY_MASK(AF_INET) && f->dbs & (1 << TCP_DB))
3890 groups |= 1 << (SKNLGRP_INET_TCP_DESTROY - 1);
3891 if (f->families & FAMILY_MASK(AF_INET) && f->dbs & (1 << UDP_DB))
3892 groups |= 1 << (SKNLGRP_INET_UDP_DESTROY - 1);
3893 if (f->families & FAMILY_MASK(AF_INET6) && f->dbs & (1 << TCP_DB))
3894 groups |= 1 << (SKNLGRP_INET6_TCP_DESTROY - 1);
3895 if (f->families & FAMILY_MASK(AF_INET6) && f->dbs & (1 << UDP_DB))
3896 groups |= 1 << (SKNLGRP_INET6_UDP_DESTROY - 1);
3897
3898 if (groups == 0)
3899 return -1;
3900
3901 if (rtnl_open_byproto(&rth, groups, NETLINK_SOCK_DIAG))
3902 return -1;
3903
3904 rth.dump = 0;
3905 rth.local.nl_pid = 0;
3906
3907 if (rtnl_dump_filter(&rth, generic_show_sock, f))
3908 ret = -1;
3909
3910 rtnl_close(&rth);
3911 return ret;
3912 }
3913
3914 static int get_snmp_int(char *proto, char *key, int *result)
3915 {
3916 char buf[1024];
3917 FILE *fp;
3918 int protolen = strlen(proto);
3919 int keylen = strlen(key);
3920
3921 *result = 0;
3922
3923 if ((fp = net_snmp_open()) == NULL)
3924 return -1;
3925
3926 while (fgets(buf, sizeof(buf), fp) != NULL) {
3927 char *p = buf;
3928 int pos = 0;
3929
3930 if (memcmp(buf, proto, protolen))
3931 continue;
3932 while ((p = strchr(p, ' ')) != NULL) {
3933 pos++;
3934 p++;
3935 if (memcmp(p, key, keylen) == 0 &&
3936 (p[keylen] == ' ' || p[keylen] == '\n'))
3937 break;
3938 }
3939 if (fgets(buf, sizeof(buf), fp) == NULL)
3940 break;
3941 if (memcmp(buf, proto, protolen))
3942 break;
3943 p = buf;
3944 while ((p = strchr(p, ' ')) != NULL) {
3945 p++;
3946 if (--pos == 0) {
3947 sscanf(p, "%d", result);
3948 fclose(fp);
3949 return 0;
3950 }
3951 }
3952 }
3953
3954 fclose(fp);
3955 errno = ESRCH;
3956 return -1;
3957 }
3958
3959
3960 /* Get stats from sockstat */
3961
3962 struct ssummary {
3963 int socks;
3964 int tcp_mem;
3965 int tcp_total;
3966 int tcp_orphans;
3967 int tcp_tws;
3968 int tcp4_hashed;
3969 int udp4;
3970 int raw4;
3971 int frag4;
3972 int frag4_mem;
3973 int tcp6_hashed;
3974 int udp6;
3975 int raw6;
3976 int frag6;
3977 int frag6_mem;
3978 };
3979
3980 static void get_sockstat_line(char *line, struct ssummary *s)
3981 {
3982 char id[256], rem[256];
3983
3984 if (sscanf(line, "%[^ ] %[^\n]\n", id, rem) != 2)
3985 return;
3986
3987 if (strcmp(id, "sockets:") == 0)
3988 sscanf(rem, "%*s%d", &s->socks);
3989 else if (strcmp(id, "UDP:") == 0)
3990 sscanf(rem, "%*s%d", &s->udp4);
3991 else if (strcmp(id, "UDP6:") == 0)
3992 sscanf(rem, "%*s%d", &s->udp6);
3993 else if (strcmp(id, "RAW:") == 0)
3994 sscanf(rem, "%*s%d", &s->raw4);
3995 else if (strcmp(id, "RAW6:") == 0)
3996 sscanf(rem, "%*s%d", &s->raw6);
3997 else if (strcmp(id, "TCP6:") == 0)
3998 sscanf(rem, "%*s%d", &s->tcp6_hashed);
3999 else if (strcmp(id, "FRAG:") == 0)
4000 sscanf(rem, "%*s%d%*s%d", &s->frag4, &s->frag4_mem);
4001 else if (strcmp(id, "FRAG6:") == 0)
4002 sscanf(rem, "%*s%d%*s%d", &s->frag6, &s->frag6_mem);
4003 else if (strcmp(id, "TCP:") == 0)
4004 sscanf(rem, "%*s%d%*s%d%*s%d%*s%d%*s%d",
4005 &s->tcp4_hashed,
4006 &s->tcp_orphans, &s->tcp_tws, &s->tcp_total, &s->tcp_mem);
4007 }
4008
4009 static int get_sockstat(struct ssummary *s)
4010 {
4011 char buf[256];
4012 FILE *fp;
4013
4014 memset(s, 0, sizeof(*s));
4015
4016 if ((fp = net_sockstat_open()) == NULL)
4017 return -1;
4018 while (fgets(buf, sizeof(buf), fp) != NULL)
4019 get_sockstat_line(buf, s);
4020 fclose(fp);
4021
4022 if ((fp = net_sockstat6_open()) == NULL)
4023 return 0;
4024 while (fgets(buf, sizeof(buf), fp) != NULL)
4025 get_sockstat_line(buf, s);
4026 fclose(fp);
4027
4028 return 0;
4029 }
4030
4031 static int print_summary(void)
4032 {
4033 struct ssummary s;
4034 int tcp_estab;
4035
4036 if (get_sockstat(&s) < 0)
4037 perror("ss: get_sockstat");
4038 if (get_snmp_int("Tcp:", "CurrEstab", &tcp_estab) < 0)
4039 perror("ss: get_snmpstat");
4040
4041 get_slabstat(&slabstat);
4042
4043 printf("Total: %d (kernel %d)\n", s.socks, slabstat.socks);
4044
4045 printf("TCP: %d (estab %d, closed %d, orphaned %d, synrecv %d, timewait %d/%d), ports %d\n",
4046 s.tcp_total + slabstat.tcp_syns + s.tcp_tws,
4047 tcp_estab,
4048 s.tcp_total - (s.tcp4_hashed+s.tcp6_hashed-s.tcp_tws),
4049 s.tcp_orphans,
4050 slabstat.tcp_syns,
4051 s.tcp_tws, slabstat.tcp_tws,
4052 slabstat.tcp_ports
4053 );
4054
4055 printf("\n");
4056 printf("Transport Total IP IPv6\n");
4057 printf("* %-9d %-9s %-9s\n", slabstat.socks, "-", "-");
4058 printf("RAW %-9d %-9d %-9d\n", s.raw4+s.raw6, s.raw4, s.raw6);
4059 printf("UDP %-9d %-9d %-9d\n", s.udp4+s.udp6, s.udp4, s.udp6);
4060 printf("TCP %-9d %-9d %-9d\n", s.tcp4_hashed+s.tcp6_hashed, s.tcp4_hashed, s.tcp6_hashed);
4061 printf("INET %-9d %-9d %-9d\n",
4062 s.raw4+s.udp4+s.tcp4_hashed+
4063 s.raw6+s.udp6+s.tcp6_hashed,
4064 s.raw4+s.udp4+s.tcp4_hashed,
4065 s.raw6+s.udp6+s.tcp6_hashed);
4066 printf("FRAG %-9d %-9d %-9d\n", s.frag4+s.frag6, s.frag4, s.frag6);
4067
4068 printf("\n");
4069
4070 return 0;
4071 }
4072
4073 static void _usage(FILE *dest)
4074 {
4075 fprintf(dest,
4076 "Usage: ss [ OPTIONS ]\n"
4077 " ss [ OPTIONS ] [ FILTER ]\n"
4078 " -h, --help this message\n"
4079 " -V, --version output version information\n"
4080 " -n, --numeric don't resolve service names\n"
4081 " -r, --resolve resolve host names\n"
4082 " -a, --all display all sockets\n"
4083 " -l, --listening display listening sockets\n"
4084 " -o, --options show timer information\n"
4085 " -e, --extended show detailed socket information\n"
4086 " -m, --memory show socket memory usage\n"
4087 " -p, --processes show process using socket\n"
4088 " -i, --info show internal TCP information\n"
4089 " -s, --summary show socket usage summary\n"
4090 " -b, --bpf show bpf filter socket information\n"
4091 " -E, --events continually display sockets as they are destroyed\n"
4092 " -Z, --context display process SELinux security contexts\n"
4093 " -z, --contexts display process and socket SELinux security contexts\n"
4094 " -N, --net switch to the specified network namespace name\n"
4095 "\n"
4096 " -4, --ipv4 display only IP version 4 sockets\n"
4097 " -6, --ipv6 display only IP version 6 sockets\n"
4098 " -0, --packet display PACKET sockets\n"
4099 " -t, --tcp display only TCP sockets\n"
4100 " -S, --sctp display only SCTP sockets\n"
4101 " -u, --udp display only UDP sockets\n"
4102 " -d, --dccp display only DCCP sockets\n"
4103 " -w, --raw display only RAW sockets\n"
4104 " -x, --unix display only Unix domain sockets\n"
4105 " --vsock display only vsock sockets\n"
4106 " -f, --family=FAMILY display sockets of type FAMILY\n"
4107 " FAMILY := {inet|inet6|link|unix|netlink|vsock|help}\n"
4108 "\n"
4109 " -K, --kill forcibly close sockets, display what was closed\n"
4110 " -H, --no-header Suppress header line\n"
4111 "\n"
4112 " -A, --query=QUERY, --socket=QUERY\n"
4113 " QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram}[,QUERY]\n"
4114 "\n"
4115 " -D, --diag=FILE Dump raw information about TCP sockets to FILE\n"
4116 " -F, --filter=FILE read filter information from FILE\n"
4117 " FILTER := [ state STATE-FILTER ] [ EXPRESSION ]\n"
4118 " STATE-FILTER := {all|connected|synchronized|bucket|big|TCP-STATES}\n"
4119 " TCP-STATES := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|closed|close-wait|last-ack|listening|closing}\n"
4120 " connected := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
4121 " synchronized := {established|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
4122 " bucket := {syn-recv|time-wait}\n"
4123 " big := {established|syn-sent|fin-wait-{1,2}|closed|close-wait|last-ack|listening|closing}\n"
4124 );
4125 }
4126
4127 static void help(void) __attribute__((noreturn));
4128 static void help(void)
4129 {
4130 _usage(stdout);
4131 exit(0);
4132 }
4133
4134 static void usage(void) __attribute__((noreturn));
4135 static void usage(void)
4136 {
4137 _usage(stderr);
4138 exit(-1);
4139 }
4140
4141
4142 static int scan_state(const char *state)
4143 {
4144 static const char * const sstate_namel[] = {
4145 "UNKNOWN",
4146 [SS_ESTABLISHED] = "established",
4147 [SS_SYN_SENT] = "syn-sent",
4148 [SS_SYN_RECV] = "syn-recv",
4149 [SS_FIN_WAIT1] = "fin-wait-1",
4150 [SS_FIN_WAIT2] = "fin-wait-2",
4151 [SS_TIME_WAIT] = "time-wait",
4152 [SS_CLOSE] = "unconnected",
4153 [SS_CLOSE_WAIT] = "close-wait",
4154 [SS_LAST_ACK] = "last-ack",
4155 [SS_LISTEN] = "listening",
4156 [SS_CLOSING] = "closing",
4157 };
4158 int i;
4159
4160 if (strcasecmp(state, "close") == 0 ||
4161 strcasecmp(state, "closed") == 0)
4162 return (1<<SS_CLOSE);
4163 if (strcasecmp(state, "syn-rcv") == 0)
4164 return (1<<SS_SYN_RECV);
4165 if (strcasecmp(state, "established") == 0)
4166 return (1<<SS_ESTABLISHED);
4167 if (strcasecmp(state, "all") == 0)
4168 return SS_ALL;
4169 if (strcasecmp(state, "connected") == 0)
4170 return SS_ALL & ~((1<<SS_CLOSE)|(1<<SS_LISTEN));
4171 if (strcasecmp(state, "synchronized") == 0)
4172 return SS_ALL & ~((1<<SS_CLOSE)|(1<<SS_LISTEN)|(1<<SS_SYN_SENT));
4173 if (strcasecmp(state, "bucket") == 0)
4174 return (1<<SS_SYN_RECV)|(1<<SS_TIME_WAIT);
4175 if (strcasecmp(state, "big") == 0)
4176 return SS_ALL & ~((1<<SS_SYN_RECV)|(1<<SS_TIME_WAIT));
4177 for (i = 0; i < SS_MAX; i++) {
4178 if (strcasecmp(state, sstate_namel[i]) == 0)
4179 return (1<<i);
4180 }
4181
4182 fprintf(stderr, "ss: wrong state name: %s\n", state);
4183 exit(-1);
4184 }
4185
4186 /* Values 'v' and 'V' are already used so a non-character is used */
4187 #define OPT_VSOCK 256
4188
4189 static const struct option long_opts[] = {
4190 { "numeric", 0, 0, 'n' },
4191 { "resolve", 0, 0, 'r' },
4192 { "options", 0, 0, 'o' },
4193 { "extended", 0, 0, 'e' },
4194 { "memory", 0, 0, 'm' },
4195 { "info", 0, 0, 'i' },
4196 { "processes", 0, 0, 'p' },
4197 { "bpf", 0, 0, 'b' },
4198 { "events", 0, 0, 'E' },
4199 { "dccp", 0, 0, 'd' },
4200 { "tcp", 0, 0, 't' },
4201 { "sctp", 0, 0, 'S' },
4202 { "udp", 0, 0, 'u' },
4203 { "raw", 0, 0, 'w' },
4204 { "unix", 0, 0, 'x' },
4205 { "vsock", 0, 0, OPT_VSOCK },
4206 { "all", 0, 0, 'a' },
4207 { "listening", 0, 0, 'l' },
4208 { "ipv4", 0, 0, '4' },
4209 { "ipv6", 0, 0, '6' },
4210 { "packet", 0, 0, '0' },
4211 { "family", 1, 0, 'f' },
4212 { "socket", 1, 0, 'A' },
4213 { "query", 1, 0, 'A' },
4214 { "summary", 0, 0, 's' },
4215 { "diag", 1, 0, 'D' },
4216 { "filter", 1, 0, 'F' },
4217 { "version", 0, 0, 'V' },
4218 { "help", 0, 0, 'h' },
4219 { "context", 0, 0, 'Z' },
4220 { "contexts", 0, 0, 'z' },
4221 { "net", 1, 0, 'N' },
4222 { "kill", 0, 0, 'K' },
4223 { "no-header", 0, 0, 'H' },
4224 { 0 }
4225
4226 };
4227
4228 int main(int argc, char *argv[])
4229 {
4230 int saw_states = 0;
4231 int saw_query = 0;
4232 int do_summary = 0;
4233 const char *dump_tcpdiag = NULL;
4234 FILE *filter_fp = NULL;
4235 int ch;
4236 int state_filter = 0;
4237 int addrp_width, screen_width = 80;
4238
4239 while ((ch = getopt_long(argc, argv,
4240 "dhaletuwxnro460spbEf:miA:D:F:vVzZN:KHS",
4241 long_opts, NULL)) != EOF) {
4242 switch (ch) {
4243 case 'n':
4244 resolve_services = 0;
4245 break;
4246 case 'r':
4247 resolve_hosts = 1;
4248 break;
4249 case 'o':
4250 show_options = 1;
4251 break;
4252 case 'e':
4253 show_options = 1;
4254 show_details++;
4255 break;
4256 case 'm':
4257 show_mem = 1;
4258 break;
4259 case 'i':
4260 show_tcpinfo = 1;
4261 break;
4262 case 'p':
4263 show_users++;
4264 user_ent_hash_build();
4265 break;
4266 case 'b':
4267 show_options = 1;
4268 show_bpf++;
4269 break;
4270 case 'E':
4271 follow_events = 1;
4272 break;
4273 case 'd':
4274 filter_db_set(&current_filter, DCCP_DB);
4275 break;
4276 case 't':
4277 filter_db_set(&current_filter, TCP_DB);
4278 break;
4279 case 'S':
4280 filter_db_set(&current_filter, SCTP_DB);
4281 break;
4282 case 'u':
4283 filter_db_set(&current_filter, UDP_DB);
4284 break;
4285 case 'w':
4286 filter_db_set(&current_filter, RAW_DB);
4287 break;
4288 case 'x':
4289 filter_af_set(&current_filter, AF_UNIX);
4290 break;
4291 case OPT_VSOCK:
4292 filter_af_set(&current_filter, AF_VSOCK);
4293 break;
4294 case 'a':
4295 state_filter = SS_ALL;
4296 break;
4297 case 'l':
4298 state_filter = (1 << SS_LISTEN) | (1 << SS_CLOSE);
4299 break;
4300 case '4':
4301 filter_af_set(&current_filter, AF_INET);
4302 break;
4303 case '6':
4304 filter_af_set(&current_filter, AF_INET6);
4305 break;
4306 case '0':
4307 filter_af_set(&current_filter, AF_PACKET);
4308 break;
4309 case 'f':
4310 if (strcmp(optarg, "inet") == 0)
4311 filter_af_set(&current_filter, AF_INET);
4312 else if (strcmp(optarg, "inet6") == 0)
4313 filter_af_set(&current_filter, AF_INET6);
4314 else if (strcmp(optarg, "link") == 0)
4315 filter_af_set(&current_filter, AF_PACKET);
4316 else if (strcmp(optarg, "unix") == 0)
4317 filter_af_set(&current_filter, AF_UNIX);
4318 else if (strcmp(optarg, "netlink") == 0)
4319 filter_af_set(&current_filter, AF_NETLINK);
4320 else if (strcmp(optarg, "vsock") == 0)
4321 filter_af_set(&current_filter, AF_VSOCK);
4322 else if (strcmp(optarg, "help") == 0)
4323 help();
4324 else {
4325 fprintf(stderr, "ss: \"%s\" is invalid family\n",
4326 optarg);
4327 usage();
4328 }
4329 break;
4330 case 'A':
4331 {
4332 char *p, *p1;
4333
4334 if (!saw_query) {
4335 current_filter.dbs = 0;
4336 state_filter = state_filter ?
4337 state_filter : SS_CONN;
4338 saw_query = 1;
4339 do_default = 0;
4340 }
4341 p = p1 = optarg;
4342 do {
4343 if ((p1 = strchr(p, ',')) != NULL)
4344 *p1 = 0;
4345 if (strcmp(p, "all") == 0) {
4346 filter_default_dbs(&current_filter);
4347 } else if (strcmp(p, "inet") == 0) {
4348 filter_db_set(&current_filter, UDP_DB);
4349 filter_db_set(&current_filter, DCCP_DB);
4350 filter_db_set(&current_filter, TCP_DB);
4351 filter_db_set(&current_filter, SCTP_DB);
4352 filter_db_set(&current_filter, RAW_DB);
4353 } else if (strcmp(p, "udp") == 0) {
4354 filter_db_set(&current_filter, UDP_DB);
4355 } else if (strcmp(p, "dccp") == 0) {
4356 filter_db_set(&current_filter, DCCP_DB);
4357 } else if (strcmp(p, "tcp") == 0) {
4358 filter_db_set(&current_filter, TCP_DB);
4359 } else if (strcmp(p, "sctp") == 0) {
4360 filter_db_set(&current_filter, SCTP_DB);
4361 } else if (strcmp(p, "raw") == 0) {
4362 filter_db_set(&current_filter, RAW_DB);
4363 } else if (strcmp(p, "unix") == 0) {
4364 filter_db_set(&current_filter, UNIX_ST_DB);
4365 filter_db_set(&current_filter, UNIX_DG_DB);
4366 filter_db_set(&current_filter, UNIX_SQ_DB);
4367 } else if (strcasecmp(p, "unix_stream") == 0 ||
4368 strcmp(p, "u_str") == 0) {
4369 filter_db_set(&current_filter, UNIX_ST_DB);
4370 } else if (strcasecmp(p, "unix_dgram") == 0 ||
4371 strcmp(p, "u_dgr") == 0) {
4372 filter_db_set(&current_filter, UNIX_DG_DB);
4373 } else if (strcasecmp(p, "unix_seqpacket") == 0 ||
4374 strcmp(p, "u_seq") == 0) {
4375 filter_db_set(&current_filter, UNIX_SQ_DB);
4376 } else if (strcmp(p, "packet") == 0) {
4377 filter_db_set(&current_filter, PACKET_R_DB);
4378 filter_db_set(&current_filter, PACKET_DG_DB);
4379 } else if (strcmp(p, "packet_raw") == 0 ||
4380 strcmp(p, "p_raw") == 0) {
4381 filter_db_set(&current_filter, PACKET_R_DB);
4382 } else if (strcmp(p, "packet_dgram") == 0 ||
4383 strcmp(p, "p_dgr") == 0) {
4384 filter_db_set(&current_filter, PACKET_DG_DB);
4385 } else if (strcmp(p, "netlink") == 0) {
4386 filter_db_set(&current_filter, NETLINK_DB);
4387 } else if (strcmp(p, "vsock") == 0) {
4388 filter_db_set(&current_filter, VSOCK_ST_DB);
4389 filter_db_set(&current_filter, VSOCK_DG_DB);
4390 } else if (strcmp(p, "vsock_stream") == 0 ||
4391 strcmp(p, "v_str") == 0) {
4392 filter_db_set(&current_filter, VSOCK_ST_DB);
4393 } else if (strcmp(p, "vsock_dgram") == 0 ||
4394 strcmp(p, "v_dgr") == 0) {
4395 filter_db_set(&current_filter, VSOCK_DG_DB);
4396 } else {
4397 fprintf(stderr, "ss: \"%s\" is illegal socket table id\n", p);
4398 usage();
4399 }
4400 p = p1 + 1;
4401 } while (p1);
4402 break;
4403 }
4404 case 's':
4405 do_summary = 1;
4406 break;
4407 case 'D':
4408 dump_tcpdiag = optarg;
4409 break;
4410 case 'F':
4411 if (filter_fp) {
4412 fprintf(stderr, "More than one filter file\n");
4413 exit(-1);
4414 }
4415 if (optarg[0] == '-')
4416 filter_fp = stdin;
4417 else
4418 filter_fp = fopen(optarg, "r");
4419 if (!filter_fp) {
4420 perror("fopen filter file");
4421 exit(-1);
4422 }
4423 break;
4424 case 'v':
4425 case 'V':
4426 printf("ss utility, iproute2-ss%s\n", SNAPSHOT);
4427 exit(0);
4428 case 'z':
4429 show_sock_ctx++;
4430 /* fall through */
4431 case 'Z':
4432 if (is_selinux_enabled() <= 0) {
4433 fprintf(stderr, "ss: SELinux is not enabled.\n");
4434 exit(1);
4435 }
4436 show_proc_ctx++;
4437 user_ent_hash_build();
4438 break;
4439 case 'N':
4440 if (netns_switch(optarg))
4441 exit(1);
4442 break;
4443 case 'K':
4444 current_filter.kill = 1;
4445 break;
4446 case 'H':
4447 show_header = 0;
4448 break;
4449 case 'h':
4450 help();
4451 case '?':
4452 default:
4453 usage();
4454 }
4455 }
4456
4457 argc -= optind;
4458 argv += optind;
4459
4460 if (do_summary) {
4461 print_summary();
4462 if (do_default && argc == 0)
4463 exit(0);
4464 }
4465
4466 while (argc > 0) {
4467 if (strcmp(*argv, "state") == 0) {
4468 NEXT_ARG();
4469 if (!saw_states)
4470 state_filter = 0;
4471 state_filter |= scan_state(*argv);
4472 saw_states = 1;
4473 } else if (strcmp(*argv, "exclude") == 0 ||
4474 strcmp(*argv, "excl") == 0) {
4475 NEXT_ARG();
4476 if (!saw_states)
4477 state_filter = SS_ALL;
4478 state_filter &= ~scan_state(*argv);
4479 saw_states = 1;
4480 } else {
4481 break;
4482 }
4483 argc--; argv++;
4484 }
4485
4486 if (do_default) {
4487 state_filter = state_filter ? state_filter : SS_CONN;
4488 filter_default_dbs(&current_filter);
4489 }
4490
4491 filter_states_set(&current_filter, state_filter);
4492 filter_merge_defaults(&current_filter);
4493
4494 if (resolve_services && resolve_hosts &&
4495 (current_filter.dbs & (UNIX_DBM|INET_L4_DBM)))
4496 init_service_resolver();
4497
4498 if (current_filter.dbs == 0) {
4499 fprintf(stderr, "ss: no socket tables to show with such filter.\n");
4500 exit(0);
4501 }
4502 if (current_filter.families == 0) {
4503 fprintf(stderr, "ss: no families to show with such filter.\n");
4504 exit(0);
4505 }
4506 if (current_filter.states == 0) {
4507 fprintf(stderr, "ss: no socket states to show with such filter.\n");
4508 exit(0);
4509 }
4510
4511 if (dump_tcpdiag) {
4512 FILE *dump_fp = stdout;
4513
4514 if (!(current_filter.dbs & (1<<TCP_DB))) {
4515 fprintf(stderr, "ss: tcpdiag dump requested and no tcp in filter.\n");
4516 exit(0);
4517 }
4518 if (dump_tcpdiag[0] != '-') {
4519 dump_fp = fopen(dump_tcpdiag, "w");
4520 if (!dump_tcpdiag) {
4521 perror("fopen dump file");
4522 exit(-1);
4523 }
4524 }
4525 inet_show_netlink(&current_filter, dump_fp, IPPROTO_TCP);
4526 fflush(dump_fp);
4527 exit(0);
4528 }
4529
4530 if (ssfilter_parse(&current_filter.f, argc, argv, filter_fp))
4531 usage();
4532
4533 netid_width = 0;
4534 if (current_filter.dbs&(current_filter.dbs-1))
4535 netid_width = 5;
4536
4537 state_width = 0;
4538 if (current_filter.states&(current_filter.states-1))
4539 state_width = 10;
4540
4541 if (isatty(STDOUT_FILENO)) {
4542 struct winsize w;
4543
4544 if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1) {
4545 if (w.ws_col > 0)
4546 screen_width = w.ws_col;
4547 }
4548 }
4549
4550 addrp_width = screen_width;
4551 addrp_width -= netid_width+1;
4552 addrp_width -= state_width+1;
4553 addrp_width -= 14;
4554
4555 if (addrp_width&1) {
4556 if (netid_width)
4557 netid_width++;
4558 else if (state_width)
4559 state_width++;
4560 }
4561
4562 addrp_width /= 2;
4563 addrp_width--;
4564
4565 serv_width = resolve_services ? 7 : 5;
4566
4567 if (addrp_width < 15+serv_width+1)
4568 addrp_width = 15+serv_width+1;
4569
4570 addr_width = addrp_width - serv_width - 1;
4571
4572 if (show_header) {
4573 if (netid_width)
4574 printf("%-*s ", netid_width, "Netid");
4575 if (state_width)
4576 printf("%-*s ", state_width, "State");
4577 printf("%-6s %-6s ", "Recv-Q", "Send-Q");
4578 }
4579
4580 /* Make enough space for the local/remote port field */
4581 addr_width -= 13;
4582 serv_width += 13;
4583
4584 if (show_header) {
4585 printf("%*s:%-*s %*s:%-*s\n",
4586 addr_width, "Local Address", serv_width, "Port",
4587 addr_width, "Peer Address", serv_width, "Port");
4588 }
4589
4590 fflush(stdout);
4591
4592 if (follow_events)
4593 exit(handle_follow_request(&current_filter));
4594
4595 if (current_filter.dbs & (1<<NETLINK_DB))
4596 netlink_show(&current_filter);
4597 if (current_filter.dbs & PACKET_DBM)
4598 packet_show(&current_filter);
4599 if (current_filter.dbs & UNIX_DBM)
4600 unix_show(&current_filter);
4601 if (current_filter.dbs & (1<<RAW_DB))
4602 raw_show(&current_filter);
4603 if (current_filter.dbs & (1<<UDP_DB))
4604 udp_show(&current_filter);
4605 if (current_filter.dbs & (1<<TCP_DB))
4606 tcp_show(&current_filter);
4607 if (current_filter.dbs & (1<<DCCP_DB))
4608 dccp_show(&current_filter);
4609 if (current_filter.dbs & (1<<SCTP_DB))
4610 sctp_show(&current_filter);
4611 if (current_filter.dbs & VSOCK_DBM)
4612 vsock_show(&current_filter);
4613
4614 if (show_users || show_proc_ctx || show_sock_ctx)
4615 user_ent_destroy();
4616
4617 return 0;
4618 }
Upstream mirror of iproute2