2 * ss.c "sockstat", socket statistics
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
17 #include <sys/ioctl.h>
18 #include <sys/socket.h>
20 #include <netinet/in.h>
24 #include <arpa/inet.h>
33 #include "libnetlink.h"
34 #include "namespace.h"
37 #include <linux/tcp.h>
38 #include <linux/sock_diag.h>
39 #include <linux/inet_diag.h>
40 #include <linux/unix_diag.h>
41 #include <linux/netdevice.h> /* for MAX_ADDR_LEN */
42 #include <linux/filter.h>
43 #include <linux/packet_diag.h>
44 #include <linux/netlink_diag.h>
46 #define MAGIC_SEQ 123456
48 #define DIAG_REQUEST(_req, _r) \
50 struct nlmsghdr nlh; \
54 .nlmsg_type = SOCK_DIAG_BY_FAMILY, \
55 .nlmsg_flags = NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST,\
56 .nlmsg_seq = MAGIC_SEQ, \
57 .nlmsg_len = sizeof(_req), \
62 #include <selinux/selinux.h>
64 /* Stubs for SELinux functions */
65 static int is_selinux_enabled(void)
70 static int getpidcon(pid_t pid
, char **context
)
76 static int getfilecon(char *path
, char **context
)
82 static int security_get_initial_context(char *name
, char **context
)
89 int resolve_hosts
= 0;
90 int resolve_services
= 1;
91 int preferred_family
= AF_UNSPEC
;
98 int show_proc_ctx
= 0;
99 int show_sock_ctx
= 0;
100 /* If show_users & show_proc_ctx only do user_ent_hash_build() once */
101 int user_ent_hash_build_init
= 0;
102 int follow_events
= 0;
111 static const char *TCP_PROTO
= "tcp";
112 static const char *UDP_PROTO
= "udp";
113 static const char *RAW_PROTO
= "raw";
114 static const char *dg_proto
= NULL
;
131 #define PACKET_DBM ((1<<PACKET_DG_DB)|(1<<PACKET_R_DB))
132 #define UNIX_DBM ((1<<UNIX_DG_DB)|(1<<UNIX_ST_DB)|(1<<UNIX_SQ_DB))
133 #define ALL_DB ((1<<MAX_DB)-1)
134 #define INET_DBM ((1<<TCP_DB)|(1<<UDP_DB)|(1<<DCCP_DB)|(1<<RAW_DB))
152 #define SS_ALL ((1 << SS_MAX) - 1)
153 #define SS_CONN (SS_ALL & ~((1<<SS_LISTEN)|(1<<SS_CLOSE)|(1<<SS_TIME_WAIT)|(1<<SS_SYN_RECV)))
155 #include "ssfilter.h"
165 static const struct filter default_dbs
[MAX_DB
] = {
168 .families
= (1 << AF_INET
) | (1 << AF_INET6
),
172 .families
= (1 << AF_INET
) | (1 << AF_INET6
),
175 .states
= (1 << SS_ESTABLISHED
),
176 .families
= (1 << AF_INET
) | (1 << AF_INET6
),
179 .states
= (1 << SS_ESTABLISHED
),
180 .families
= (1 << AF_INET
) | (1 << AF_INET6
),
183 .states
= (1 << SS_CLOSE
),
184 .families
= (1 << AF_UNIX
),
188 .families
= (1 << AF_UNIX
),
192 .families
= (1 << AF_UNIX
),
195 .states
= (1 << SS_CLOSE
),
196 .families
= (1 << AF_PACKET
),
199 .states
= (1 << SS_CLOSE
),
200 .families
= (1 << AF_PACKET
),
203 .states
= (1 << SS_CLOSE
),
204 .families
= (1 << AF_NETLINK
),
208 static const struct filter default_afs
[AF_MAX
] = {
223 .states
= (1 << SS_CLOSE
),
226 .dbs
= (1 << NETLINK_DB
),
227 .states
= (1 << SS_CLOSE
),
231 static int do_default
= 1;
232 static struct filter current_filter
;
234 static void filter_db_set(struct filter
*f
, int db
)
236 f
->states
|= default_dbs
[db
].states
;
241 static void filter_af_set(struct filter
*f
, int af
)
243 f
->states
|= default_afs
[af
].states
;
244 f
->families
|= 1 << af
;
246 preferred_family
= af
;
249 static int filter_af_get(struct filter
*f
, int af
)
251 return f
->families
& (1 << af
);
254 static void filter_default_dbs(struct filter
*f
)
256 filter_db_set(f
, UDP_DB
);
257 filter_db_set(f
, DCCP_DB
);
258 filter_db_set(f
, TCP_DB
);
259 filter_db_set(f
, RAW_DB
);
260 filter_db_set(f
, UNIX_ST_DB
);
261 filter_db_set(f
, UNIX_DG_DB
);
262 filter_db_set(f
, UNIX_SQ_DB
);
263 filter_db_set(f
, PACKET_R_DB
);
264 filter_db_set(f
, PACKET_DG_DB
);
265 filter_db_set(f
, NETLINK_DB
);
268 static void filter_states_set(struct filter
*f
, int states
)
271 f
->states
= (f
->states
| states
) & states
;
274 static void filter_merge_defaults(struct filter
*f
)
279 for (db
= 0; db
< MAX_DB
; db
++) {
280 if (!(f
->dbs
& (1 << db
)))
283 if (!(default_dbs
[db
].families
& f
->families
))
284 f
->families
|= default_dbs
[db
].families
;
286 for (af
= 0; af
< AF_MAX
; af
++) {
287 if (!(f
->families
& (1 << af
)))
290 if (!(default_afs
[af
].dbs
& f
->dbs
))
291 f
->dbs
|= default_afs
[af
].dbs
;
295 static FILE *generic_proc_open(const char *env
, const char *name
)
297 const char *p
= getenv(env
);
301 p
= getenv("PROC_ROOT") ? : "/proc";
302 snprintf(store
, sizeof(store
)-1, "%s/%s", p
, name
);
306 return fopen(p
, "r");
309 static FILE *net_tcp_open(void)
311 return generic_proc_open("PROC_NET_TCP", "net/tcp");
314 static FILE *net_tcp6_open(void)
316 return generic_proc_open("PROC_NET_TCP6", "net/tcp6");
319 static FILE *net_udp_open(void)
321 return generic_proc_open("PROC_NET_UDP", "net/udp");
324 static FILE *net_udp6_open(void)
326 return generic_proc_open("PROC_NET_UDP6", "net/udp6");
329 static FILE *net_raw_open(void)
331 return generic_proc_open("PROC_NET_RAW", "net/raw");
334 static FILE *net_raw6_open(void)
336 return generic_proc_open("PROC_NET_RAW6", "net/raw6");
339 static FILE *net_unix_open(void)
341 return generic_proc_open("PROC_NET_UNIX", "net/unix");
344 static FILE *net_packet_open(void)
346 return generic_proc_open("PROC_NET_PACKET", "net/packet");
349 static FILE *net_netlink_open(void)
351 return generic_proc_open("PROC_NET_NETLINK", "net/netlink");
354 static FILE *slabinfo_open(void)
356 return generic_proc_open("PROC_SLABINFO", "slabinfo");
359 static FILE *net_sockstat_open(void)
361 return generic_proc_open("PROC_NET_SOCKSTAT", "net/sockstat");
364 static FILE *net_sockstat6_open(void)
366 return generic_proc_open("PROC_NET_SOCKSTAT6", "net/sockstat6");
369 static FILE *net_snmp_open(void)
371 return generic_proc_open("PROC_NET_SNMP", "net/snmp");
374 static FILE *ephemeral_ports_open(void)
376 return generic_proc_open("PROC_IP_LOCAL_PORT_RANGE", "sys/net/ipv4/ip_local_port_range");
380 struct user_ent
*next
;
389 #define USER_ENT_HASH_SIZE 256
390 struct user_ent
*user_ent_hash
[USER_ENT_HASH_SIZE
];
392 static int user_ent_hashfn(unsigned int ino
)
394 int val
= (ino
>> 24) ^ (ino
>> 16) ^ (ino
>> 8) ^ ino
;
396 return val
& (USER_ENT_HASH_SIZE
- 1);
399 static void user_ent_add(unsigned int ino
, char *process
,
404 struct user_ent
*p
, **pp
;
406 p
= malloc(sizeof(struct user_ent
));
408 fprintf(stderr
, "ss: failed to malloc buffer\n");
415 p
->process
= strdup(process
);
416 p
->process_ctx
= strdup(proc_ctx
);
417 p
->socket_ctx
= strdup(sock_ctx
);
419 pp
= &user_ent_hash
[user_ent_hashfn(ino
)];
424 static void user_ent_destroy(void)
426 struct user_ent
*p
, *p_next
;
429 while (cnt
!= USER_ENT_HASH_SIZE
) {
430 p
= user_ent_hash
[cnt
];
433 free(p
->process_ctx
);
443 static void user_ent_hash_build(void)
445 const char *root
= getenv("PROC_ROOT") ? : "/proc/";
452 const char *no_ctx
= "unavailable";
454 /* If show_users & show_proc_ctx set only do this once */
455 if (user_ent_hash_build_init
!= 0)
458 user_ent_hash_build_init
= 1;
460 strncpy(name
, root
, sizeof(name
)-1);
461 name
[sizeof(name
)-1] = 0;
463 if (strlen(name
) == 0 || name
[strlen(name
)-1] != '/')
466 nameoff
= strlen(name
);
472 while ((d
= readdir(dir
)) != NULL
) {
480 if (sscanf(d
->d_name
, "%d%c", &pid
, &crap
) != 1)
483 if (getpidcon(pid
, &pid_context
) != 0)
484 pid_context
= strdup(no_ctx
);
486 snprintf(name
+ nameoff
, sizeof(name
) - nameoff
, "%d/fd/", pid
);
488 if ((dir1
= opendir(name
)) == NULL
) {
496 while ((d1
= readdir(dir1
)) != NULL
) {
497 const char *pattern
= "socket:[";
504 if (sscanf(d1
->d_name
, "%d%c", &fd
, &crap
) != 1)
507 snprintf(name
+pos
, sizeof(name
) - pos
, "%d", fd
);
509 link_len
= readlink(name
, lnk
, sizeof(lnk
)-1);
512 lnk
[link_len
] = '\0';
514 if (strncmp(lnk
, pattern
, strlen(pattern
)))
517 sscanf(lnk
, "socket:[%u]", &ino
);
519 snprintf(tmp
, sizeof(tmp
), "%s/%d/fd/%s",
520 root
, pid
, d1
->d_name
);
522 if (getfilecon(tmp
, &sock_context
) <= 0)
523 sock_context
= strdup(no_ctx
);
528 snprintf(tmp
, sizeof(tmp
), "%s/%d/stat",
530 if ((fp
= fopen(tmp
, "r")) != NULL
) {
531 if (fscanf(fp
, "%*d (%[^)])", p
) < 1)
536 user_ent_add(ino
, p
, pid
, fd
,
537 pid_context
, sock_context
);
552 #define ENTRY_BUF_SIZE 512
553 static int find_entry(unsigned ino
, char **buf
, int type
)
559 int len
, new_buf_len
;
566 p
= user_ent_hash
[user_ent_hashfn(ino
)];
573 ptr
= *buf
+ buf_used
;
576 len
= snprintf(ptr
, buf_len
- buf_used
,
577 "(\"%s\",pid=%d,fd=%d),",
578 p
->process
, p
->pid
, p
->fd
);
581 len
= snprintf(ptr
, buf_len
- buf_used
,
582 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d),",
584 p
->process_ctx
, p
->fd
);
587 len
= snprintf(ptr
, buf_len
- buf_used
,
588 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d,sock_ctx=%s),",
590 p
->process_ctx
, p
->fd
,
594 fprintf(stderr
, "ss: invalid type: %d\n", type
);
598 if (len
< 0 || len
>= buf_len
- buf_used
) {
599 new_buf_len
= buf_len
+ ENTRY_BUF_SIZE
;
600 new_buf
= realloc(*buf
, new_buf_len
);
602 fprintf(stderr
, "ss: failed to malloc buffer\n");
606 buf_len
= new_buf_len
;
618 ptr
= *buf
+ buf_used
;
624 /* Get stats from slab */
635 static struct slabstat slabstat
;
637 static const char *slabstat_ids
[] =
646 static int get_slabstat(struct slabstat
*s
)
651 static int slabstat_valid
;
656 memset(s
, 0, sizeof(*s
));
658 fp
= slabinfo_open();
662 cnt
= sizeof(*s
)/sizeof(int);
664 if (!fgets(buf
, sizeof(buf
), fp
)) {
668 while(fgets(buf
, sizeof(buf
), fp
) != NULL
) {
670 for (i
=0; i
<sizeof(slabstat_ids
)/sizeof(slabstat_ids
[0]); i
++) {
671 if (memcmp(buf
, slabstat_ids
[i
], strlen(slabstat_ids
[i
])) == 0) {
672 sscanf(buf
, "%*s%d", ((int *)s
) + i
);
687 static unsigned long long cookie_sk_get(const uint32_t *cookie
)
689 return (((unsigned long long)cookie
[1] << 31) << 1) | cookie
[0];
692 static const char *sstate_name
[] = {
694 [SS_ESTABLISHED
] = "ESTAB",
695 [SS_SYN_SENT
] = "SYN-SENT",
696 [SS_SYN_RECV
] = "SYN-RECV",
697 [SS_FIN_WAIT1
] = "FIN-WAIT-1",
698 [SS_FIN_WAIT2
] = "FIN-WAIT-2",
699 [SS_TIME_WAIT
] = "TIME-WAIT",
700 [SS_CLOSE
] = "UNCONN",
701 [SS_CLOSE_WAIT
] = "CLOSE-WAIT",
702 [SS_LAST_ACK
] = "LAST-ACK",
703 [SS_LISTEN
] = "LISTEN",
704 [SS_CLOSING
] = "CLOSING",
707 static const char *sstate_namel
[] = {
709 [SS_ESTABLISHED
] = "established",
710 [SS_SYN_SENT
] = "syn-sent",
711 [SS_SYN_RECV
] = "syn-recv",
712 [SS_FIN_WAIT1
] = "fin-wait-1",
713 [SS_FIN_WAIT2
] = "fin-wait-2",
714 [SS_TIME_WAIT
] = "time-wait",
715 [SS_CLOSE
] = "unconnected",
716 [SS_CLOSE_WAIT
] = "close-wait",
717 [SS_LAST_ACK
] = "last-ack",
718 [SS_LISTEN
] = "listening",
719 [SS_CLOSING
] = "closing",
724 struct sockstat
*next
;
737 unsigned long long sk
;
744 unsigned int ce_state
;
758 double rto
, ato
, rtt
, rttvar
;
759 int qack
, cwnd
, ssthresh
, backoff
;
764 unsigned int lastsnd
;
765 unsigned int lastrcv
;
766 unsigned int lastack
;
768 double pacing_rate_max
;
769 unsigned long long bytes_acked
;
770 unsigned long long bytes_received
;
771 unsigned int segs_out
;
772 unsigned int segs_in
;
773 unsigned int unacked
;
774 unsigned int retrans
;
775 unsigned int retrans_total
;
778 unsigned int fackets
;
779 unsigned int reordering
;
785 bool has_ecnseen_opt
;
786 bool has_fastopen_opt
;
788 struct dctcpstat
*dctcp
;
791 static void sock_state_print(struct sockstat
*s
, const char *sock_name
)
794 printf("%-*s ", netid_width
, sock_name
);
796 printf("%-*s ", state_width
, sstate_name
[s
->state
]);
798 printf("%-6d %-6d ", s
->rq
, s
->wq
);
801 static void sock_details_print(struct sockstat
*s
)
804 printf(" uid:%u", s
->uid
);
806 printf(" ino:%u", s
->ino
);
807 printf(" sk:%llx", s
->sk
);
810 static void sock_addr_print_width(int addr_len
, const char *addr
, char *delim
,
811 int port_len
, const char *port
, const char *ifname
)
814 printf("%*s%%%s%s%-*s ", addr_len
, addr
, ifname
, delim
,
818 printf("%*s%s%-*s ", addr_len
, addr
, delim
, port_len
, port
);
822 static void sock_addr_print(const char *addr
, char *delim
, const char *port
,
825 sock_addr_print_width(addr_width
, addr
, delim
, serv_width
, port
, ifname
);
828 static const char *tmr_name
[] = {
837 static const char *print_ms_timer(int timeout
)
840 int secs
, msecs
, minutes
;
846 msecs
= timeout
%1000;
850 snprintf(buf
, sizeof(buf
)-16, "%dmin", minutes
);
857 sprintf(buf
+strlen(buf
), "%d%s", secs
, msecs
? "." : "sec");
860 sprintf(buf
+strlen(buf
), "%03dms", msecs
);
871 struct scache
*rlist
;
873 static void init_service_resolver(void)
876 FILE *fp
= popen("/usr/sbin/rpcinfo -p 2>/dev/null", "r");
881 if (!fgets(buf
, sizeof(buf
), fp
)) {
885 while (fgets(buf
, sizeof(buf
), fp
) != NULL
) {
886 unsigned int progn
, port
;
887 char proto
[128], prog
[128] = "rpc.";
890 if (sscanf(buf
, "%u %*d %s %u %s",
891 &progn
, proto
, &port
, prog
+4) != 4)
894 if (!(c
= malloc(sizeof(*c
))))
898 c
->name
= strdup(prog
);
899 if (strcmp(proto
, TCP_PROTO
) == 0)
900 c
->proto
= TCP_PROTO
;
901 else if (strcmp(proto
, UDP_PROTO
) == 0)
902 c
->proto
= UDP_PROTO
;
911 /* Even do not try default linux ephemeral port ranges:
912 * default /etc/services contains so much of useless crap
913 * wouldbe "allocated" to this area that resolution
914 * is really harmful. I shrug each time when seeing
915 * "socks" or "cfinger" in dumps.
917 static int is_ephemeral(int port
)
919 static int min
= 0, max
= 0;
922 FILE *f
= ephemeral_ports_open();
923 if (!f
|| fscanf(f
, "%d %d", &min
, &max
) < 2) {
930 return port
>= min
&& port
<= max
;
934 static const char *__resolve_service(int port
)
938 for (c
= rlist
; c
; c
= c
->next
) {
939 if (c
->port
== port
&& c
->proto
== dg_proto
)
943 if (!is_ephemeral(port
)) {
950 se
= getservbyport(htons(port
), dg_proto
);
958 #define SCACHE_BUCKETS 1024
959 static struct scache
*cache_htab
[SCACHE_BUCKETS
];
961 static const char *resolve_service(int port
)
963 static char buf
[128];
974 if (!resolve_services
)
977 if (dg_proto
== RAW_PROTO
)
978 return inet_proto_n2a(port
, buf
, sizeof(buf
));
981 hash
= (port
^(((unsigned long)dg_proto
)>>2)) % SCACHE_BUCKETS
;
983 for (c
= cache_htab
[hash
]; c
; c
= c
->next
) {
984 if (c
->port
== port
&& c
->proto
== dg_proto
)
988 c
= malloc(sizeof(*c
));
991 res
= __resolve_service(port
);
993 c
->name
= res
? strdup(res
) : NULL
;
995 c
->next
= cache_htab
[hash
];
996 cache_htab
[hash
] = c
;
1003 sprintf(buf
, "%u", port
);
1007 static void inet_addr_print(const inet_prefix
*a
, int port
, unsigned int ifindex
)
1010 const char *ap
= buf
;
1011 int est_len
= addr_width
;
1012 const char *ifname
= NULL
;
1014 if (a
->family
== AF_INET
) {
1015 if (a
->data
[0] == 0) {
1019 ap
= format_host(AF_INET
, 4, a
->data
, buf
, sizeof(buf
));
1022 ap
= format_host(a
->family
, 16, a
->data
, buf
, sizeof(buf
));
1023 est_len
= strlen(ap
);
1024 if (est_len
<= addr_width
)
1025 est_len
= addr_width
;
1027 est_len
= addr_width
+ ((est_len
-addr_width
+3)/4)*4;
1031 ifname
= ll_index_to_name(ifindex
);
1032 est_len
-= strlen(ifname
) + 1; /* +1 for percent char */
1037 sock_addr_print_width(est_len
, ap
, ":", serv_width
, resolve_service(port
),
1045 struct aafilter
*next
;
1048 static int inet2_addr_match(const inet_prefix
*a
, const inet_prefix
*p
,
1051 if (!inet_addr_match(a
, p
, plen
))
1054 /* Cursed "v4 mapped" addresses: v4 mapped socket matches
1055 * pure IPv4 rule, but v4-mapped rule selects only v4-mapped
1057 if (p
->family
== AF_INET
&& a
->family
== AF_INET6
) {
1058 if (a
->data
[0] == 0 && a
->data
[1] == 0 &&
1059 a
->data
[2] == htonl(0xffff)) {
1060 inet_prefix tmp
= *a
;
1061 tmp
.data
[0] = a
->data
[3];
1062 return inet_addr_match(&tmp
, p
, plen
);
1068 static int unix_match(const inet_prefix
*a
, const inet_prefix
*p
)
1070 char *addr
, *pattern
;
1071 memcpy(&addr
, a
->data
, sizeof(addr
));
1072 memcpy(&pattern
, p
->data
, sizeof(pattern
));
1073 if (pattern
== NULL
)
1077 return !fnmatch(pattern
, addr
, 0);
1080 static int run_ssfilter(struct ssfilter
*f
, struct sockstat
*s
)
1085 if (s
->local
.family
== AF_UNIX
) {
1087 memcpy(&p
, s
->local
.data
, sizeof(p
));
1088 return p
== NULL
|| (p
[0] == '@' && strlen(p
) == 6 &&
1089 strspn(p
+1, "0123456789abcdef") == 5);
1091 if (s
->local
.family
== AF_PACKET
)
1092 return s
->lport
== 0 && s
->local
.data
[0] == 0;
1093 if (s
->local
.family
== AF_NETLINK
)
1094 return s
->lport
< 0;
1096 return is_ephemeral(s
->lport
);
1100 struct aafilter
*a
= (void*)f
->pred
;
1101 if (a
->addr
.family
== AF_UNIX
)
1102 return unix_match(&s
->remote
, &a
->addr
);
1103 if (a
->port
!= -1 && a
->port
!= s
->rport
)
1105 if (a
->addr
.bitlen
) {
1107 if (!inet2_addr_match(&s
->remote
, &a
->addr
, a
->addr
.bitlen
))
1109 } while ((a
= a
->next
) != NULL
);
1116 struct aafilter
*a
= (void*)f
->pred
;
1117 if (a
->addr
.family
== AF_UNIX
)
1118 return unix_match(&s
->local
, &a
->addr
);
1119 if (a
->port
!= -1 && a
->port
!= s
->lport
)
1121 if (a
->addr
.bitlen
) {
1123 if (!inet2_addr_match(&s
->local
, &a
->addr
, a
->addr
.bitlen
))
1125 } while ((a
= a
->next
) != NULL
);
1132 struct aafilter
*a
= (void*)f
->pred
;
1133 return s
->rport
>= a
->port
;
1137 struct aafilter
*a
= (void*)f
->pred
;
1138 return s
->rport
<= a
->port
;
1142 struct aafilter
*a
= (void*)f
->pred
;
1143 return s
->lport
>= a
->port
;
1147 struct aafilter
*a
= (void*)f
->pred
;
1148 return s
->lport
<= a
->port
;
1151 /* Yup. It is recursion. Sorry. */
1153 return run_ssfilter(f
->pred
, s
) && run_ssfilter(f
->post
, s
);
1155 return run_ssfilter(f
->pred
, s
) || run_ssfilter(f
->post
, s
);
1157 return !run_ssfilter(f
->pred
, s
);
1163 /* Relocate external jumps by reloc. */
1164 static void ssfilter_patch(char *a
, int len
, int reloc
)
1167 struct inet_diag_bc_op
*op
= (struct inet_diag_bc_op
*)a
;
1168 if (op
->no
== len
+4)
1177 static int ssfilter_bytecompile(struct ssfilter
*f
, char **bytecode
)
1182 if (!(*bytecode
=malloc(4))) abort();
1183 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_AUTO
, 4, 8 };
1189 struct aafilter
*a
= (void*)f
->pred
;
1192 int code
= (f
->type
== SSF_DCOND
? INET_DIAG_BC_D_COND
: INET_DIAG_BC_S_COND
);
1195 for (b
=a
; b
; b
=b
->next
) {
1196 len
+= 4 + sizeof(struct inet_diag_hostcond
);
1197 if (a
->addr
.family
== AF_INET6
)
1204 if (!(ptr
= malloc(len
))) abort();
1206 for (b
=a
; b
; b
=b
->next
) {
1207 struct inet_diag_bc_op
*op
= (struct inet_diag_bc_op
*)ptr
;
1208 int alen
= (a
->addr
.family
== AF_INET6
? 16 : 4);
1209 int oplen
= alen
+ 4 + sizeof(struct inet_diag_hostcond
);
1210 struct inet_diag_hostcond
*cond
= (struct inet_diag_hostcond
*)(ptr
+4);
1212 *op
= (struct inet_diag_bc_op
){ code
, oplen
, oplen
+4 };
1213 cond
->family
= a
->addr
.family
;
1214 cond
->port
= a
->port
;
1215 cond
->prefix_len
= a
->addr
.bitlen
;
1216 memcpy(cond
->addr
, a
->addr
.data
, alen
);
1219 op
= (struct inet_diag_bc_op
*)ptr
;
1220 *op
= (struct inet_diag_bc_op
){ INET_DIAG_BC_JMP
, 4, len
- (ptr
-*bytecode
)};
1224 return ptr
- *bytecode
;
1228 struct aafilter
*x
= (void*)f
->pred
;
1229 if (!(*bytecode
=malloc(8))) abort();
1230 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_D_GE
, 8, 12 };
1231 ((struct inet_diag_bc_op
*)*bytecode
)[1] = (struct inet_diag_bc_op
){ 0, 0, x
->port
};
1236 struct aafilter
*x
= (void*)f
->pred
;
1237 if (!(*bytecode
=malloc(8))) abort();
1238 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_D_LE
, 8, 12 };
1239 ((struct inet_diag_bc_op
*)*bytecode
)[1] = (struct inet_diag_bc_op
){ 0, 0, x
->port
};
1244 struct aafilter
*x
= (void*)f
->pred
;
1245 if (!(*bytecode
=malloc(8))) abort();
1246 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_S_GE
, 8, 12 };
1247 ((struct inet_diag_bc_op
*)*bytecode
)[1] = (struct inet_diag_bc_op
){ 0, 0, x
->port
};
1252 struct aafilter
*x
= (void*)f
->pred
;
1253 if (!(*bytecode
=malloc(8))) abort();
1254 ((struct inet_diag_bc_op
*)*bytecode
)[0] = (struct inet_diag_bc_op
){ INET_DIAG_BC_S_LE
, 8, 12 };
1255 ((struct inet_diag_bc_op
*)*bytecode
)[1] = (struct inet_diag_bc_op
){ 0, 0, x
->port
};
1263 l1
= ssfilter_bytecompile(f
->pred
, &a1
);
1264 l2
= ssfilter_bytecompile(f
->post
, &a2
);
1265 if (!(a
= malloc(l1
+l2
))) abort();
1267 memcpy(a
+l1
, a2
, l2
);
1269 ssfilter_patch(a
, l1
, l2
);
1277 l1
= ssfilter_bytecompile(f
->pred
, &a1
);
1278 l2
= ssfilter_bytecompile(f
->post
, &a2
);
1279 if (!(a
= malloc(l1
+l2
+4))) abort();
1281 memcpy(a
+l1
+4, a2
, l2
);
1283 *(struct inet_diag_bc_op
*)(a
+l1
) = (struct inet_diag_bc_op
){ INET_DIAG_BC_JMP
, 4, l2
+4 };
1291 l1
= ssfilter_bytecompile(f
->pred
, &a1
);
1292 if (!(a
= malloc(l1
+4))) abort();
1295 *(struct inet_diag_bc_op
*)(a
+l1
) = (struct inet_diag_bc_op
){ INET_DIAG_BC_JMP
, 4, 8 };
1304 static int remember_he(struct aafilter
*a
, struct hostent
*he
)
1306 char **ptr
= he
->h_addr_list
;
1310 if (he
->h_addrtype
== AF_INET
)
1312 else if (he
->h_addrtype
== AF_INET6
)
1318 struct aafilter
*b
= a
;
1319 if (a
->addr
.bitlen
) {
1320 if ((b
= malloc(sizeof(*b
))) == NULL
)
1326 memcpy(b
->addr
.data
, *ptr
, len
);
1327 b
->addr
.bytelen
= len
;
1328 b
->addr
.bitlen
= len
*8;
1329 b
->addr
.family
= he
->h_addrtype
;
1336 static int get_dns_host(struct aafilter
*a
, const char *addr
, int fam
)
1338 static int notfirst
;
1347 he
= gethostbyname2(addr
, fam
== AF_UNSPEC
? AF_INET
: fam
);
1349 cnt
= remember_he(a
, he
);
1350 if (fam
== AF_UNSPEC
) {
1351 he
= gethostbyname2(addr
, AF_INET6
);
1353 cnt
+= remember_he(a
, he
);
1358 static int xll_initted
= 0;
1360 static void xll_init(void)
1362 struct rtnl_handle rth
;
1363 if (rtnl_open(&rth
, 0) < 0)
1371 static const char *xll_index_to_name(int index
)
1375 return ll_index_to_name(index
);
1378 static int xll_name_to_index(const char *dev
)
1382 return ll_name_to_index(dev
);
1385 void *parse_hostcond(char *addr
, bool is_port
)
1388 struct aafilter a
= { .port
= -1 };
1389 struct aafilter
*res
;
1390 int fam
= preferred_family
;
1391 struct filter
*f
= ¤t_filter
;
1393 if (fam
== AF_UNIX
|| strncmp(addr
, "unix:", 5) == 0) {
1395 a
.addr
.family
= AF_UNIX
;
1396 if (strncmp(addr
, "unix:", 5) == 0)
1399 a
.addr
.bitlen
= 8*strlen(p
);
1400 memcpy(a
.addr
.data
, &p
, sizeof(p
));
1405 if (fam
== AF_PACKET
|| strncmp(addr
, "link:", 5) == 0) {
1406 a
.addr
.family
= AF_PACKET
;
1408 if (strncmp(addr
, "link:", 5) == 0)
1410 port
= strchr(addr
, ':');
1413 if (port
[1] && strcmp(port
+1, "*")) {
1414 if (get_integer(&a
.port
, port
+1, 0)) {
1415 if ((a
.port
= xll_name_to_index(port
+1)) <= 0)
1420 if (addr
[0] && strcmp(addr
, "*")) {
1423 if (ll_proto_a2n(&tmp
, addr
))
1425 a
.addr
.data
[0] = ntohs(tmp
);
1431 if (fam
== AF_NETLINK
|| strncmp(addr
, "netlink:", 8) == 0) {
1432 a
.addr
.family
= AF_NETLINK
;
1434 if (strncmp(addr
, "netlink:", 8) == 0)
1436 port
= strchr(addr
, ':');
1439 if (port
[1] && strcmp(port
+1, "*")) {
1440 if (get_integer(&a
.port
, port
+1, 0)) {
1441 if (strcmp(port
+1, "kernel") == 0)
1448 if (addr
[0] && strcmp(addr
, "*")) {
1450 if (nl_proto_a2n(&a
.addr
.data
[0], addr
) == -1)
1457 if (fam
== AF_INET
|| !strncmp(addr
, "inet:", 5)) {
1459 if (!strncmp(addr
, "inet:", 5))
1461 } else if (fam
== AF_INET6
|| !strncmp(addr
, "inet6:", 6)) {
1463 if (!strncmp(addr
, "inet6:", 6))
1467 /* URL-like literal [] */
1468 if (addr
[0] == '[') {
1470 if ((port
= strchr(addr
, ']')) == NULL
)
1473 } else if (addr
[0] == '*') {
1476 port
= strrchr(strchr(addr
, '/') ? : addr
, ':');
1482 if (port
&& *port
) {
1486 if (*port
&& *port
!= '*') {
1487 if (get_integer(&a
.port
, port
, 0)) {
1488 struct servent
*se1
= NULL
;
1489 struct servent
*se2
= NULL
;
1490 if (current_filter
.dbs
&(1<<UDP_DB
))
1491 se1
= getservbyname(port
, UDP_PROTO
);
1492 if (current_filter
.dbs
&(1<<TCP_DB
))
1493 se2
= getservbyname(port
, TCP_PROTO
);
1494 if (se1
&& se2
&& se1
->s_port
!= se2
->s_port
) {
1495 fprintf(stderr
, "Error: ambiguous port \"%s\".\n", port
);
1501 a
.port
= ntohs(se1
->s_port
);
1504 for (s
= rlist
; s
; s
= s
->next
) {
1505 if ((s
->proto
== UDP_PROTO
&&
1506 (current_filter
.dbs
&(1<<UDP_DB
))) ||
1507 (s
->proto
== TCP_PROTO
&&
1508 (current_filter
.dbs
&(1<<TCP_DB
)))) {
1509 if (s
->name
&& strcmp(s
->name
, port
) == 0) {
1510 if (a
.port
> 0 && a
.port
!= s
->port
) {
1511 fprintf(stderr
, "Error: ambiguous port \"%s\".\n", port
);
1519 fprintf(stderr
, "Error: \"%s\" does not look like a port.\n", port
);
1526 if (!is_port
&& addr
&& *addr
&& *addr
!= '*') {
1527 if (get_prefix_1(&a
.addr
, addr
, fam
)) {
1528 if (get_dns_host(&a
, addr
, fam
)) {
1529 fprintf(stderr
, "Error: an inet prefix is expected rather than \"%s\".\n", addr
);
1536 if (fam
!= AF_UNSPEC
) {
1538 filter_af_set(f
, fam
);
1539 filter_states_set(f
, 0);
1542 res
= malloc(sizeof(*res
));
1544 memcpy(res
, &a
, sizeof(a
));
1548 static char *proto_name(int protocol
)
1564 static void inet_stats_print(struct sockstat
*s
, int protocol
)
1568 sock_state_print(s
, proto_name(protocol
));
1570 inet_addr_print(&s
->local
, s
->lport
, s
->iface
);
1571 inet_addr_print(&s
->remote
, s
->rport
, 0);
1573 if (show_proc_ctx
|| show_sock_ctx
) {
1574 if (find_entry(s
->ino
, &buf
,
1575 (show_proc_ctx
& show_sock_ctx
) ?
1576 PROC_SOCK_CTX
: PROC_CTX
) > 0) {
1577 printf(" users:(%s)", buf
);
1580 } else if (show_users
) {
1581 if (find_entry(s
->ino
, &buf
, USERS
) > 0) {
1582 printf(" users:(%s)", buf
);
1588 static int proc_parse_inet_addr(char *loc
, char *rem
, int family
, struct
1591 s
->local
.family
= s
->remote
.family
= family
;
1592 if (family
== AF_INET
) {
1593 sscanf(loc
, "%x:%x", s
->local
.data
, (unsigned*)&s
->lport
);
1594 sscanf(rem
, "%x:%x", s
->remote
.data
, (unsigned*)&s
->rport
);
1595 s
->local
.bytelen
= s
->remote
.bytelen
= 4;
1598 sscanf(loc
, "%08x%08x%08x%08x:%x",
1604 sscanf(rem
, "%08x%08x%08x%08x:%x",
1610 s
->local
.bytelen
= s
->remote
.bytelen
= 16;
1616 static int proc_inet_split_line(char *line
, char **loc
, char **rem
, char **data
)
1620 if ((p
= strchr(line
, ':')) == NULL
)
1624 if ((p
= strchr(*loc
, ':')) == NULL
)
1629 if ((p
= strchr(*rem
, ':')) == NULL
)
1637 static char *sprint_bw(char *buf
, double bw
)
1640 sprintf(buf
,"%.1fM", bw
/ 1000000.);
1641 else if (bw
> 1000.)
1642 sprintf(buf
,"%.1fK", bw
/ 1000.);
1644 sprintf(buf
, "%g", bw
);
1649 static void tcp_stats_print(struct tcpstat
*s
)
1655 if (s
->has_sack_opt
)
1659 if (s
->has_ecnseen_opt
)
1661 if (s
->has_fastopen_opt
)
1662 printf(" fastopen");
1664 printf(" %s", s
->cong_alg
);
1665 if (s
->has_wscale_opt
)
1666 printf(" wscale:%d,%d", s
->snd_wscale
, s
->rcv_wscale
);
1668 printf(" rto:%g", s
->rto
);
1670 printf(" backoff:%u", s
->backoff
);
1672 printf(" rtt:%g/%g", s
->rtt
, s
->rttvar
);
1674 printf(" ato:%g", s
->ato
);
1677 printf(" qack:%d", s
->qack
);
1682 printf(" mss:%d", s
->mss
);
1684 printf(" cwnd:%d", s
->cwnd
);
1686 printf(" ssthresh:%d", s
->ssthresh
);
1689 printf(" bytes_acked:%llu", s
->bytes_acked
);
1690 if (s
->bytes_received
)
1691 printf(" bytes_received:%llu", s
->bytes_received
);
1693 printf(" segs_out:%u", s
->segs_out
);
1695 printf(" segs_in:%u", s
->segs_in
);
1697 if (s
->dctcp
&& s
->dctcp
->enabled
) {
1698 struct dctcpstat
*dctcp
= s
->dctcp
;
1700 printf(" dctcp:(ce_state:%u,alpha:%u,ab_ecn:%u,ab_tot:%u)",
1701 dctcp
->ce_state
, dctcp
->alpha
, dctcp
->ab_ecn
,
1703 } else if (s
->dctcp
) {
1704 printf(" dctcp:fallback_mode");
1708 printf(" send %sbps", sprint_bw(b1
, s
->send_bps
));
1710 printf(" lastsnd:%u", s
->lastsnd
);
1712 printf(" lastrcv:%u", s
->lastrcv
);
1714 printf(" lastack:%u", s
->lastack
);
1716 if (s
->pacing_rate
) {
1717 printf(" pacing_rate %sbps", sprint_bw(b1
, s
->pacing_rate
));
1718 if (s
->pacing_rate_max
)
1719 printf("/%sbps", sprint_bw(b1
,
1720 s
->pacing_rate_max
));
1724 printf(" unacked:%u", s
->unacked
);
1725 if (s
->retrans
|| s
->retrans_total
)
1726 printf(" retrans:%u/%u", s
->retrans
, s
->retrans_total
);
1728 printf(" lost:%u", s
->lost
);
1729 if (s
->sacked
&& s
->ss
.state
!= SS_LISTEN
)
1730 printf(" sacked:%u", s
->sacked
);
1732 printf(" fackets:%u", s
->fackets
);
1733 if (s
->reordering
!= 3)
1734 printf(" reordering:%d", s
->reordering
);
1736 printf(" rcv_rtt:%g", s
->rcv_rtt
);
1738 printf(" rcv_space:%d", s
->rcv_space
);
1741 static void tcp_timer_print(struct tcpstat
*s
)
1746 printf(" timer:(%s,%s,%d)",
1748 print_ms_timer(s
->timeout
),
1753 static int tcp_show_line(char *line
, const struct filter
*f
, int family
)
1755 int rto
= 0, ato
= 0;
1756 struct tcpstat s
= {};
1757 char *loc
, *rem
, *data
;
1760 int hz
= get_user_hz();
1762 if (proc_inet_split_line(line
, &loc
, &rem
, &data
))
1765 int state
= (data
[1] >= 'A') ? (data
[1] - 'A' + 10) : (data
[1] - '0');
1766 if (!(f
->states
& (1 << state
)))
1769 proc_parse_inet_addr(loc
, rem
, family
, &s
.ss
);
1771 if (f
->f
&& run_ssfilter(f
->f
, &s
.ss
) == 0)
1775 n
= sscanf(data
, "%x %x:%x %x:%x %x %d %d %u %d %llx %d %d %d %d %d %[^\n]\n",
1776 &s
.ss
.state
, &s
.ss
.wq
, &s
.ss
.rq
,
1777 &s
.timer
, &s
.timeout
, &s
.retrans
, &s
.ss
.uid
, &s
.probes
,
1778 &s
.ss
.ino
, &s
.ss
.refcnt
, &s
.ss
.sk
, &rto
, &ato
, &s
.qack
, &s
.cwnd
,
1791 s
.retrans
= s
.timer
!= 1 ? s
.probes
: s
.retrans
;
1792 s
.timeout
= (s
.timeout
* 1000 + hz
- 1) / hz
;
1793 s
.ato
= (double)ato
/ hz
;
1795 s
.rto
= (double)rto
;
1796 s
.ssthresh
= s
.ssthresh
== -1 ? 0 : s
.ssthresh
;
1797 s
.rto
= s
.rto
!= 3 * hz
? s
.rto
/ hz
: 0;
1799 inet_stats_print(&s
.ss
, IPPROTO_TCP
);
1802 tcp_timer_print(&s
);
1805 sock_details_print(&s
.ss
);
1807 printf(" opt:\"%s\"", opt
);
1811 tcp_stats_print(&s
);
1817 static int generic_record_read(FILE *fp
,
1818 int (*worker
)(char*, const struct filter
*, int),
1819 const struct filter
*f
, int fam
)
1824 if (fgets(line
, sizeof(line
), fp
) == NULL
)
1827 while (fgets(line
, sizeof(line
), fp
) != NULL
) {
1828 int n
= strlen(line
);
1829 if (n
== 0 || line
[n
-1] != '\n') {
1835 if (worker(line
, f
, fam
) < 0)
1840 return ferror(fp
) ? -1 : 0;
1843 static void print_skmeminfo(struct rtattr
*tb
[], int attrtype
)
1845 const __u32
*skmeminfo
;
1847 if (!tb
[attrtype
]) {
1848 if (attrtype
== INET_DIAG_SKMEMINFO
) {
1849 if (!tb
[INET_DIAG_MEMINFO
])
1852 const struct inet_diag_meminfo
*minfo
=
1853 RTA_DATA(tb
[INET_DIAG_MEMINFO
]);
1855 printf(" mem:(r%u,w%u,f%u,t%u)",
1864 skmeminfo
= RTA_DATA(tb
[attrtype
]);
1866 printf(" skmem:(r%u,rb%u,t%u,tb%u,f%u,w%u,o%u",
1867 skmeminfo
[SK_MEMINFO_RMEM_ALLOC
],
1868 skmeminfo
[SK_MEMINFO_RCVBUF
],
1869 skmeminfo
[SK_MEMINFO_WMEM_ALLOC
],
1870 skmeminfo
[SK_MEMINFO_SNDBUF
],
1871 skmeminfo
[SK_MEMINFO_FWD_ALLOC
],
1872 skmeminfo
[SK_MEMINFO_WMEM_QUEUED
],
1873 skmeminfo
[SK_MEMINFO_OPTMEM
]);
1875 if (RTA_PAYLOAD(tb
[attrtype
]) >=
1876 (SK_MEMINFO_BACKLOG
+ 1) * sizeof(__u32
))
1877 printf(",bl%u", skmeminfo
[SK_MEMINFO_BACKLOG
]);
1882 #define TCPI_HAS_OPT(info, opt) !!(info->tcpi_options & (opt))
1884 static void tcp_show_info(const struct nlmsghdr
*nlh
, struct inet_diag_msg
*r
,
1885 struct rtattr
*tb
[])
1888 struct tcpstat s
= {};
1890 s
.ss
.state
= r
->idiag_state
;
1892 print_skmeminfo(tb
, INET_DIAG_SKMEMINFO
);
1894 if (tb
[INET_DIAG_INFO
]) {
1895 struct tcp_info
*info
;
1896 int len
= RTA_PAYLOAD(tb
[INET_DIAG_INFO
]);
1898 /* workaround for older kernels with less fields */
1899 if (len
< sizeof(*info
)) {
1900 info
= alloca(sizeof(*info
));
1901 memcpy(info
, RTA_DATA(tb
[INET_DIAG_INFO
]), len
);
1902 memset((char *)info
+ len
, 0, sizeof(*info
) - len
);
1904 info
= RTA_DATA(tb
[INET_DIAG_INFO
]);
1907 s
.has_ts_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_TIMESTAMPS
);
1908 s
.has_sack_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_SACK
);
1909 s
.has_ecn_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_ECN
);
1910 s
.has_ecnseen_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_ECN_SEEN
);
1911 s
.has_fastopen_opt
= TCPI_HAS_OPT(info
, TCPI_OPT_SYN_DATA
);
1914 if (tb
[INET_DIAG_CONG
])
1916 rta_getattr_str(tb
[INET_DIAG_CONG
]),
1917 sizeof(s
.cong_alg
) - 1);
1919 if (TCPI_HAS_OPT(info
, TCPI_OPT_WSCALE
)) {
1920 s
.has_wscale_opt
= true;
1921 s
.snd_wscale
= info
->tcpi_snd_wscale
;
1922 s
.rcv_wscale
= info
->tcpi_rcv_wscale
;
1925 if (info
->tcpi_rto
&& info
->tcpi_rto
!= 3000000)
1926 s
.rto
= (double)info
->tcpi_rto
/ 1000;
1928 s
.backoff
= info
->tcpi_backoff
;
1929 s
.rtt
= (double)info
->tcpi_rtt
/ 1000;
1930 s
.rttvar
= (double)info
->tcpi_rttvar
/ 1000;
1931 s
.ato
= (double)info
->tcpi_ato
/ 1000;
1932 s
.mss
= info
->tcpi_snd_mss
;
1933 s
.rcv_space
= info
->tcpi_rcv_space
;
1934 s
.rcv_rtt
= (double)info
->tcpi_rcv_rtt
/ 1000;
1935 s
.lastsnd
= info
->tcpi_last_data_sent
;
1936 s
.lastrcv
= info
->tcpi_last_data_recv
;
1937 s
.lastack
= info
->tcpi_last_ack_recv
;
1938 s
.unacked
= info
->tcpi_unacked
;
1939 s
.retrans
= info
->tcpi_retrans
;
1940 s
.retrans_total
= info
->tcpi_total_retrans
;
1941 s
.lost
= info
->tcpi_lost
;
1942 s
.sacked
= info
->tcpi_sacked
;
1943 s
.reordering
= info
->tcpi_reordering
;
1944 s
.rcv_space
= info
->tcpi_rcv_space
;
1945 s
.cwnd
= info
->tcpi_snd_cwnd
;
1947 if (info
->tcpi_snd_ssthresh
< 0xFFFF)
1948 s
.ssthresh
= info
->tcpi_snd_ssthresh
;
1950 rtt
= (double) info
->tcpi_rtt
;
1951 if (tb
[INET_DIAG_VEGASINFO
]) {
1952 const struct tcpvegas_info
*vinfo
1953 = RTA_DATA(tb
[INET_DIAG_VEGASINFO
]);
1955 if (vinfo
->tcpv_enabled
&&
1956 vinfo
->tcpv_rtt
&& vinfo
->tcpv_rtt
!= 0x7fffffff)
1957 rtt
= vinfo
->tcpv_rtt
;
1960 if (tb
[INET_DIAG_DCTCPINFO
]) {
1961 struct dctcpstat
*dctcp
= malloc(sizeof(struct
1964 const struct tcp_dctcp_info
*dinfo
1965 = RTA_DATA(tb
[INET_DIAG_DCTCPINFO
]);
1967 dctcp
->enabled
= !!dinfo
->dctcp_enabled
;
1968 dctcp
->ce_state
= dinfo
->dctcp_ce_state
;
1969 dctcp
->alpha
= dinfo
->dctcp_alpha
;
1970 dctcp
->ab_ecn
= dinfo
->dctcp_ab_ecn
;
1971 dctcp
->ab_tot
= dinfo
->dctcp_ab_tot
;
1975 if (rtt
> 0 && info
->tcpi_snd_mss
&& info
->tcpi_snd_cwnd
) {
1976 s
.send_bps
= (double) info
->tcpi_snd_cwnd
*
1977 (double)info
->tcpi_snd_mss
* 8000000. / rtt
;
1980 if (info
->tcpi_pacing_rate
&&
1981 info
->tcpi_pacing_rate
!= ~0ULL) {
1982 s
.pacing_rate
= info
->tcpi_pacing_rate
* 8.;
1984 if (info
->tcpi_max_pacing_rate
&&
1985 info
->tcpi_max_pacing_rate
!= ~0ULL)
1986 s
.pacing_rate_max
= info
->tcpi_max_pacing_rate
* 8.;
1988 s
.bytes_acked
= info
->tcpi_bytes_acked
;
1989 s
.bytes_received
= info
->tcpi_bytes_received
;
1990 s
.segs_out
= info
->tcpi_segs_out
;
1991 s
.segs_in
= info
->tcpi_segs_in
;
1992 tcp_stats_print(&s
);
1997 static int inet_show_sock(struct nlmsghdr
*nlh
, struct filter
*f
, int protocol
)
1999 struct rtattr
* tb
[INET_DIAG_MAX
+1];
2000 struct inet_diag_msg
*r
= NLMSG_DATA(nlh
);
2001 struct sockstat s
= {};
2003 parse_rtattr(tb
, INET_DIAG_MAX
, (struct rtattr
*)(r
+1),
2004 nlh
->nlmsg_len
- NLMSG_LENGTH(sizeof(*r
)));
2006 s
.state
= r
->idiag_state
;
2007 s
.local
.family
= s
.remote
.family
= r
->idiag_family
;
2008 s
.lport
= ntohs(r
->id
.idiag_sport
);
2009 s
.rport
= ntohs(r
->id
.idiag_dport
);
2010 s
.wq
= r
->idiag_wqueue
;
2011 s
.rq
= r
->idiag_rqueue
;
2012 s
.ino
= r
->idiag_inode
;
2013 s
.uid
= r
->idiag_uid
;
2014 s
.iface
= r
->id
.idiag_if
;
2015 s
.sk
= cookie_sk_get(&r
->id
.idiag_cookie
[0]);
2017 if (s
.local
.family
== AF_INET
) {
2018 s
.local
.bytelen
= s
.remote
.bytelen
= 4;
2020 s
.local
.bytelen
= s
.remote
.bytelen
= 16;
2023 memcpy(s
.local
.data
, r
->id
.idiag_src
, s
.local
.bytelen
);
2024 memcpy(s
.remote
.data
, r
->id
.idiag_dst
, s
.local
.bytelen
);
2026 if (f
&& f
->f
&& run_ssfilter(f
->f
, &s
) == 0)
2029 if (tb
[INET_DIAG_PROTOCOL
])
2030 protocol
= *(__u8
*)RTA_DATA(tb
[INET_DIAG_PROTOCOL
]);
2032 inet_stats_print(&s
, protocol
);
2035 struct tcpstat t
= {};
2037 t
.timer
= r
->idiag_timer
;
2038 t
.timeout
= r
->idiag_expires
;
2039 t
.retrans
= r
->idiag_retrans
;
2040 tcp_timer_print(&t
);
2044 sock_details_print(&s
);
2045 if (s
.local
.family
== AF_INET6
&& tb
[INET_DIAG_SKV6ONLY
]) {
2046 unsigned char v6only
;
2047 v6only
= *(__u8
*)RTA_DATA(tb
[INET_DIAG_SKV6ONLY
]);
2048 printf(" v6only:%u", v6only
);
2050 if (tb
[INET_DIAG_SHUTDOWN
]) {
2052 mask
= *(__u8
*)RTA_DATA(tb
[INET_DIAG_SHUTDOWN
]);
2053 printf(" %c-%c", mask
& 1 ? '-' : '<', mask
& 2 ? '-' : '>');
2057 if (show_mem
|| show_tcpinfo
) {
2059 tcp_show_info(nlh
, r
, tb
);
2066 static int tcpdiag_send(int fd
, int protocol
, struct filter
*f
)
2068 struct sockaddr_nl nladdr
;
2070 struct nlmsghdr nlh
;
2071 struct inet_diag_req r
;
2077 struct iovec iov
[3];
2079 if (protocol
== IPPROTO_UDP
)
2082 memset(&nladdr
, 0, sizeof(nladdr
));
2083 nladdr
.nl_family
= AF_NETLINK
;
2085 req
.nlh
.nlmsg_len
= sizeof(req
);
2086 if (protocol
== IPPROTO_TCP
)
2087 req
.nlh
.nlmsg_type
= TCPDIAG_GETSOCK
;
2089 req
.nlh
.nlmsg_type
= DCCPDIAG_GETSOCK
;
2090 req
.nlh
.nlmsg_flags
= NLM_F_ROOT
|NLM_F_MATCH
|NLM_F_REQUEST
;
2091 req
.nlh
.nlmsg_pid
= 0;
2092 req
.nlh
.nlmsg_seq
= MAGIC_SEQ
;
2093 memset(&req
.r
, 0, sizeof(req
.r
));
2094 req
.r
.idiag_family
= AF_INET
;
2095 req
.r
.idiag_states
= f
->states
;
2097 req
.r
.idiag_ext
|= (1<<(INET_DIAG_MEMINFO
-1));
2098 req
.r
.idiag_ext
|= (1<<(INET_DIAG_SKMEMINFO
-1));
2102 req
.r
.idiag_ext
|= (1<<(INET_DIAG_INFO
-1));
2103 req
.r
.idiag_ext
|= (1<<(INET_DIAG_VEGASINFO
-1));
2104 req
.r
.idiag_ext
|= (1<<(INET_DIAG_CONG
-1));
2107 iov
[0] = (struct iovec
){
2109 .iov_len
= sizeof(req
)
2112 bclen
= ssfilter_bytecompile(f
->f
, &bc
);
2113 rta
.rta_type
= INET_DIAG_REQ_BYTECODE
;
2114 rta
.rta_len
= RTA_LENGTH(bclen
);
2115 iov
[1] = (struct iovec
){ &rta
, sizeof(rta
) };
2116 iov
[2] = (struct iovec
){ bc
, bclen
};
2117 req
.nlh
.nlmsg_len
+= RTA_LENGTH(bclen
);
2120 msg
= (struct msghdr
) {
2121 .msg_name
= (void*)&nladdr
,
2122 .msg_namelen
= sizeof(nladdr
),
2124 .msg_iovlen
= f
->f
? 3 : 1,
2127 if (sendmsg(fd
, &msg
, 0) < 0) {
2135 static int sockdiag_send(int family
, int fd
, int protocol
, struct filter
*f
)
2137 struct sockaddr_nl nladdr
;
2138 DIAG_REQUEST(req
, struct inet_diag_req_v2 r
);
2143 struct iovec iov
[3];
2145 if (family
== PF_UNSPEC
)
2146 return tcpdiag_send(fd
, protocol
, f
);
2148 memset(&nladdr
, 0, sizeof(nladdr
));
2149 nladdr
.nl_family
= AF_NETLINK
;
2151 memset(&req
.r
, 0, sizeof(req
.r
));
2152 req
.r
.sdiag_family
= family
;
2153 req
.r
.sdiag_protocol
= protocol
;
2154 req
.r
.idiag_states
= f
->states
;
2156 req
.r
.idiag_ext
|= (1<<(INET_DIAG_MEMINFO
-1));
2157 req
.r
.idiag_ext
|= (1<<(INET_DIAG_SKMEMINFO
-1));
2161 req
.r
.idiag_ext
|= (1<<(INET_DIAG_INFO
-1));
2162 req
.r
.idiag_ext
|= (1<<(INET_DIAG_VEGASINFO
-1));
2163 req
.r
.idiag_ext
|= (1<<(INET_DIAG_CONG
-1));
2166 iov
[0] = (struct iovec
){
2168 .iov_len
= sizeof(req
)
2171 bclen
= ssfilter_bytecompile(f
->f
, &bc
);
2172 rta
.rta_type
= INET_DIAG_REQ_BYTECODE
;
2173 rta
.rta_len
= RTA_LENGTH(bclen
);
2174 iov
[1] = (struct iovec
){ &rta
, sizeof(rta
) };
2175 iov
[2] = (struct iovec
){ bc
, bclen
};
2176 req
.nlh
.nlmsg_len
+= RTA_LENGTH(bclen
);
2179 msg
= (struct msghdr
) {
2180 .msg_name
= (void*)&nladdr
,
2181 .msg_namelen
= sizeof(nladdr
),
2183 .msg_iovlen
= f
->f
? 3 : 1,
2186 if (sendmsg(fd
, &msg
, 0) < 0) {
2194 struct inet_diag_arg
{
2199 static int show_one_inet_sock(const struct sockaddr_nl
*addr
,
2200 struct nlmsghdr
*h
, void *arg
)
2203 struct inet_diag_arg
*diag_arg
= arg
;
2204 struct inet_diag_msg
*r
= NLMSG_DATA(h
);
2206 if (!(diag_arg
->f
->families
& (1 << r
->idiag_family
)))
2208 if ((err
= inet_show_sock(h
, diag_arg
->f
, diag_arg
->protocol
)) < 0)
2214 static int inet_show_netlink(struct filter
*f
, FILE *dump_fp
, int protocol
)
2217 struct rtnl_handle rth
;
2218 int family
= PF_INET
;
2219 struct inet_diag_arg arg
= { .f
= f
, .protocol
= protocol
};
2221 if (rtnl_open_byproto(&rth
, 0, NETLINK_SOCK_DIAG
))
2223 rth
.dump
= MAGIC_SEQ
;
2224 rth
.dump_fp
= dump_fp
;
2225 if (preferred_family
== PF_INET6
)
2229 if ((err
= sockdiag_send(family
, rth
.fd
, protocol
, f
)))
2232 if ((err
= rtnl_dump_filter(&rth
, show_one_inet_sock
, &arg
))) {
2233 if (family
!= PF_UNSPEC
) {
2239 if (family
== PF_INET
&& preferred_family
!= PF_INET
) {
2249 static int tcp_show_netlink_file(struct filter
*f
)
2254 if ((fp
= fopen(getenv("TCPDIAG_FILE"), "r")) == NULL
) {
2255 perror("fopen($TCPDIAG_FILE)");
2261 struct nlmsghdr
*h
= (struct nlmsghdr
*)buf
;
2263 status
= fread(buf
, 1, sizeof(*h
), fp
);
2265 perror("Reading header from $TCPDIAG_FILE");
2268 if (status
!= sizeof(*h
)) {
2269 perror("Unexpected EOF reading $TCPDIAG_FILE");
2273 status
= fread(h
+1, 1, NLMSG_ALIGN(h
->nlmsg_len
-sizeof(*h
)), fp
);
2276 perror("Reading $TCPDIAG_FILE");
2279 if (status
+ sizeof(*h
) < h
->nlmsg_len
) {
2280 perror("Unexpected EOF reading $TCPDIAG_FILE");
2284 /* The only legal exit point */
2285 if (h
->nlmsg_type
== NLMSG_DONE
)
2288 if (h
->nlmsg_type
== NLMSG_ERROR
) {
2289 struct nlmsgerr
*err
= (struct nlmsgerr
*)NLMSG_DATA(h
);
2290 if (h
->nlmsg_len
< NLMSG_LENGTH(sizeof(struct nlmsgerr
))) {
2291 fprintf(stderr
, "ERROR truncated\n");
2293 errno
= -err
->error
;
2294 perror("TCPDIAG answered");
2299 err
= inet_show_sock(h
, f
, IPPROTO_TCP
);
2305 static int tcp_show(struct filter
*f
, int socktype
)
2309 int bufsize
= 64*1024;
2311 if (!filter_af_get(f
, AF_INET
) && !filter_af_get(f
, AF_INET6
))
2314 dg_proto
= TCP_PROTO
;
2316 if (getenv("TCPDIAG_FILE"))
2317 return tcp_show_netlink_file(f
);
2319 if (!getenv("PROC_NET_TCP") && !getenv("PROC_ROOT")
2320 && inet_show_netlink(f
, NULL
, socktype
) == 0)
2323 /* Sigh... We have to parse /proc/net/tcp... */
2326 /* Estimate amount of sockets and try to allocate
2327 * huge buffer to read all the table at one read.
2328 * Limit it by 16MB though. The assumption is: as soon as
2329 * kernel was able to hold information about N connections,
2330 * it is able to give us some memory for snapshot.
2333 get_slabstat(&slabstat
);
2335 int guess
= slabstat
.socks
+slabstat
.tcp_syns
;
2336 if (f
->states
&(1<<SS_TIME_WAIT
))
2337 guess
+= slabstat
.tcp_tws
;
2338 if (guess
> (16*1024*1024)/128)
2339 guess
= (16*1024*1024)/128;
2341 if (guess
> bufsize
)
2344 while (bufsize
>= 64*1024) {
2345 if ((buf
= malloc(bufsize
)) != NULL
)
2354 if (f
->families
& (1<<AF_INET
)) {
2355 if ((fp
= net_tcp_open()) == NULL
)
2358 setbuffer(fp
, buf
, bufsize
);
2359 if (generic_record_read(fp
, tcp_show_line
, f
, AF_INET
))
2364 if ((f
->families
& (1<<AF_INET6
)) &&
2365 (fp
= net_tcp6_open()) != NULL
) {
2366 setbuffer(fp
, buf
, bufsize
);
2367 if (generic_record_read(fp
, tcp_show_line
, f
, AF_INET6
))
2377 int saved_errno
= errno
;
2381 errno
= saved_errno
;
2387 static int dgram_show_line(char *line
, const struct filter
*f
, int family
)
2389 struct sockstat s
= {};
2390 char *loc
, *rem
, *data
;
2394 if (proc_inet_split_line(line
, &loc
, &rem
, &data
))
2397 int state
= (data
[1] >= 'A') ? (data
[1] - 'A' + 10) : (data
[1] - '0');
2398 if (!(f
->states
& (1 << state
)))
2401 proc_parse_inet_addr(loc
, rem
, family
, &s
);
2403 if (f
->f
&& run_ssfilter(f
->f
, &s
) == 0)
2407 n
= sscanf(data
, "%x %x:%x %*x:%*x %*x %d %*d %u %d %llx %[^\n]\n",
2408 &s
.state
, &s
.wq
, &s
.rq
,
2410 &s
.refcnt
, &s
.sk
, opt
);
2415 inet_stats_print(&s
, dg_proto
== UDP_PROTO
? IPPROTO_UDP
: 0);
2417 if (show_details
&& opt
[0])
2418 printf(" opt:\"%s\"", opt
);
2424 static int udp_show(struct filter
*f
)
2428 if (!filter_af_get(f
, AF_INET
) && !filter_af_get(f
, AF_INET6
))
2431 dg_proto
= UDP_PROTO
;
2433 if (!getenv("PROC_NET_UDP") && !getenv("PROC_ROOT")
2434 && inet_show_netlink(f
, NULL
, IPPROTO_UDP
) == 0)
2437 if (f
->families
&(1<<AF_INET
)) {
2438 if ((fp
= net_udp_open()) == NULL
)
2440 if (generic_record_read(fp
, dgram_show_line
, f
, AF_INET
))
2445 if ((f
->families
&(1<<AF_INET6
)) &&
2446 (fp
= net_udp6_open()) != NULL
) {
2447 if (generic_record_read(fp
, dgram_show_line
, f
, AF_INET6
))
2455 int saved_errno
= errno
;
2458 errno
= saved_errno
;
2463 static int raw_show(struct filter
*f
)
2467 if (!filter_af_get(f
, AF_INET
) && !filter_af_get(f
, AF_INET6
))
2470 dg_proto
= RAW_PROTO
;
2472 if (f
->families
&(1<<AF_INET
)) {
2473 if ((fp
= net_raw_open()) == NULL
)
2475 if (generic_record_read(fp
, dgram_show_line
, f
, AF_INET
))
2480 if ((f
->families
&(1<<AF_INET6
)) &&
2481 (fp
= net_raw6_open()) != NULL
) {
2482 if (generic_record_read(fp
, dgram_show_line
, f
, AF_INET6
))
2490 int saved_errno
= errno
;
2493 errno
= saved_errno
;
2498 int unix_state_map
[] = { SS_CLOSE
, SS_SYN_SENT
,
2499 SS_ESTABLISHED
, SS_CLOSING
};
2501 #define MAX_UNIX_REMEMBER (1024*1024/sizeof(struct sockstat))
2503 static void unix_list_free(struct sockstat
*list
)
2506 struct sockstat
*s
= list
;
2514 static const char *unix_netid_name(int type
)
2522 case SOCK_SEQPACKET
:
2533 static bool unix_type_skip(struct sockstat
*s
, struct filter
*f
)
2535 if (s
->type
== SOCK_STREAM
&& !(f
->dbs
&(1<<UNIX_ST_DB
)))
2537 if (s
->type
== SOCK_DGRAM
&& !(f
->dbs
&(1<<UNIX_DG_DB
)))
2539 if (s
->type
== SOCK_SEQPACKET
&& !(f
->dbs
&(1<<UNIX_SQ_DB
)))
2544 static bool unix_use_proc(void)
2546 return getenv("PROC_NET_UNIX") || getenv("PROC_ROOT");
2549 static void unix_stats_print(struct sockstat
*list
, struct filter
*f
)
2553 char *ctx_buf
= NULL
;
2554 bool use_proc
= unix_use_proc();
2555 char port_name
[30] = {};
2557 for (s
= list
; s
; s
= s
->next
) {
2558 if (!(f
->states
& (1 << s
->state
)))
2560 if (unix_type_skip(s
, f
))
2565 peer
= s
->peer_name
;
2567 if (s
->rport
&& use_proc
) {
2570 for (p
= list
; p
; p
= p
->next
) {
2571 if (s
->rport
== p
->lport
)
2578 peer
= p
->name
? : "*";
2582 if (use_proc
&& f
->f
) {
2584 st
.local
.family
= AF_UNIX
;
2585 st
.remote
.family
= AF_UNIX
;
2586 memcpy(st
.local
.data
, &s
->name
, sizeof(s
->name
));
2587 if (strcmp(peer
, "*") == 0)
2588 memset(st
.remote
.data
, 0, sizeof(peer
));
2590 memcpy(st
.remote
.data
, &peer
, sizeof(peer
));
2591 if (run_ssfilter(f
->f
, &st
) == 0)
2595 sock_state_print(s
, unix_netid_name(s
->type
));
2597 sock_addr_print(s
->name
?: "*", " ",
2598 int_to_str(s
->lport
, port_name
), NULL
);
2599 sock_addr_print(peer
, " ", int_to_str(s
->rport
, port_name
),
2602 if (show_proc_ctx
|| show_sock_ctx
) {
2603 if (find_entry(s
->ino
, &ctx_buf
,
2604 (show_proc_ctx
& show_sock_ctx
) ?
2605 PROC_SOCK_CTX
: PROC_CTX
) > 0) {
2606 printf(" users:(%s)", ctx_buf
);
2609 } else if (show_users
) {
2610 if (find_entry(s
->ino
, &ctx_buf
, USERS
) > 0) {
2611 printf(" users:(%s)", ctx_buf
);
2619 static int unix_show_sock(const struct sockaddr_nl
*addr
, struct nlmsghdr
*nlh
,
2622 struct filter
*f
= (struct filter
*)arg
;
2623 struct unix_diag_msg
*r
= NLMSG_DATA(nlh
);
2624 struct rtattr
*tb
[UNIX_DIAG_MAX
+1];
2626 struct sockstat stat
= { .name
= "*", .peer_name
= "*" };
2628 parse_rtattr(tb
, UNIX_DIAG_MAX
, (struct rtattr
*)(r
+1),
2629 nlh
->nlmsg_len
- NLMSG_LENGTH(sizeof(*r
)));
2631 stat
.type
= r
->udiag_type
;
2632 stat
.state
= r
->udiag_state
;
2633 stat
.ino
= stat
.lport
= r
->udiag_ino
;
2634 stat
.local
.family
= stat
.remote
.family
= AF_UNIX
;
2636 if (unix_type_skip(&stat
, f
))
2639 if (tb
[UNIX_DIAG_RQLEN
]) {
2640 struct unix_diag_rqlen
*rql
= RTA_DATA(tb
[UNIX_DIAG_RQLEN
]);
2641 stat
.rq
= rql
->udiag_rqueue
;
2642 stat
.wq
= rql
->udiag_wqueue
;
2644 if (tb
[UNIX_DIAG_NAME
]) {
2645 int len
= RTA_PAYLOAD(tb
[UNIX_DIAG_NAME
]);
2647 memcpy(name
, RTA_DATA(tb
[UNIX_DIAG_NAME
]), len
);
2649 if (name
[0] == '\0')
2651 stat
.name
= &name
[0];
2652 memcpy(stat
.local
.data
, &stat
.name
, sizeof(stat
.name
));
2654 if (tb
[UNIX_DIAG_PEER
])
2655 stat
.rport
= rta_getattr_u32(tb
[UNIX_DIAG_PEER
]);
2657 if (f
->f
&& run_ssfilter(f
->f
, &stat
) == 0)
2660 unix_stats_print(&stat
, f
);
2664 print_skmeminfo(tb
, UNIX_DIAG_MEMINFO
);
2667 if (tb
[UNIX_DIAG_SHUTDOWN
]) {
2669 mask
= *(__u8
*)RTA_DATA(tb
[UNIX_DIAG_SHUTDOWN
]);
2670 printf(" %c-%c", mask
& 1 ? '-' : '<', mask
& 2 ? '-' : '>');
2673 if (show_mem
|| show_details
)
2679 static int handle_netlink_request(struct filter
*f
, struct nlmsghdr
*req
,
2680 size_t size
, rtnl_filter_t show_one_sock
)
2683 struct rtnl_handle rth
;
2685 if (rtnl_open_byproto(&rth
, 0, NETLINK_SOCK_DIAG
))
2688 rth
.dump
= MAGIC_SEQ
;
2690 if (rtnl_send(&rth
, req
, size
) < 0)
2693 if (rtnl_dump_filter(&rth
, show_one_sock
, f
))
2702 static int unix_show_netlink(struct filter
*f
)
2704 DIAG_REQUEST(req
, struct unix_diag_req r
);
2706 req
.r
.sdiag_family
= AF_UNIX
;
2707 req
.r
.udiag_states
= f
->states
;
2708 req
.r
.udiag_show
= UDIAG_SHOW_NAME
| UDIAG_SHOW_PEER
| UDIAG_SHOW_RQLEN
;
2710 req
.r
.udiag_show
|= UDIAG_SHOW_MEMINFO
;
2712 return handle_netlink_request(f
, &req
.nlh
, sizeof(req
), unix_show_sock
);
2715 static int unix_show(struct filter
*f
)
2722 struct sockstat
*list
= NULL
;
2724 if (!filter_af_get(f
, AF_UNIX
))
2727 if (!unix_use_proc() && unix_show_netlink(f
) == 0)
2730 if ((fp
= net_unix_open()) == NULL
)
2732 if (!fgets(buf
, sizeof(buf
)-1, fp
)) {
2737 if (memcmp(buf
, "Peer", 4) == 0)
2741 while (fgets(buf
, sizeof(buf
)-1, fp
)) {
2742 struct sockstat
*u
, **insp
;
2745 if (!(u
= calloc(1, sizeof(*u
))))
2748 u
->peer_name
= NULL
;
2750 if (sscanf(buf
, "%x: %x %x %x %x %x %d %s",
2751 &u
->rport
, &u
->rq
, &u
->wq
, &flags
, &u
->type
,
2752 &u
->state
, &u
->ino
, name
) < 8)
2756 u
->local
.family
= u
->remote
.family
= AF_UNIX
;
2758 if (flags
& (1 << 16)) {
2759 u
->state
= SS_LISTEN
;
2761 u
->state
= unix_state_map
[u
->state
-1];
2762 if (u
->type
== SOCK_DGRAM
&& u
->state
== SS_CLOSE
&& u
->rport
)
2763 u
->state
= SS_ESTABLISHED
;
2774 if (u
->type
< (*insp
)->type
||
2775 (u
->type
== (*insp
)->type
&&
2776 u
->ino
< (*insp
)->ino
))
2778 insp
= &(*insp
)->next
;
2784 if ((u
->name
= malloc(strlen(name
)+1)) == NULL
)
2786 strcpy(u
->name
, name
);
2788 if (++cnt
> MAX_UNIX_REMEMBER
) {
2789 unix_stats_print(list
, f
);
2790 unix_list_free(list
);
2797 unix_stats_print(list
, f
);
2798 unix_list_free(list
);
2806 static int packet_stats_print(struct sockstat
*s
, const struct filter
*f
)
2809 const char *addr
, *port
;
2813 s
->local
.family
= AF_PACKET
;
2814 s
->remote
.family
= AF_PACKET
;
2815 s
->local
.data
[0] = s
->prot
;
2816 if (run_ssfilter(f
->f
, s
) == 0)
2820 sock_state_print(s
, s
->type
== SOCK_RAW
? "p_raw" : "p_dgr");
2825 addr
= ll_proto_n2a(htons(s
->prot
), ll_name
, sizeof(ll_name
));
2830 port
= xll_index_to_name(s
->iface
);
2832 sock_addr_print(addr
, ":", port
, NULL
);
2833 sock_addr_print("", "*", "", NULL
);
2835 if (show_proc_ctx
|| show_sock_ctx
) {
2836 if (find_entry(s
->ino
, &buf
,
2837 (show_proc_ctx
& show_sock_ctx
) ?
2838 PROC_SOCK_CTX
: PROC_CTX
) > 0) {
2839 printf(" users:(%s)", buf
);
2842 } else if (show_users
) {
2843 if (find_entry(s
->ino
, &buf
, USERS
) > 0) {
2844 printf(" users:(%s)", buf
);
2850 sock_details_print(s
);
2855 static void packet_show_ring(struct packet_diag_ring
*ring
)
2857 printf("blk_size:%d", ring
->pdr_block_size
);
2858 printf(",blk_nr:%d", ring
->pdr_block_nr
);
2859 printf(",frm_size:%d", ring
->pdr_frame_size
);
2860 printf(",frm_nr:%d", ring
->pdr_frame_nr
);
2861 printf(",tmo:%d", ring
->pdr_retire_tmo
);
2862 printf(",features:0x%x", ring
->pdr_features
);
2865 static int packet_show_sock(const struct sockaddr_nl
*addr
,
2866 struct nlmsghdr
*nlh
, void *arg
)
2868 const struct filter
*f
= arg
;
2869 struct packet_diag_msg
*r
= NLMSG_DATA(nlh
);
2870 struct packet_diag_info
*pinfo
= NULL
;
2871 struct packet_diag_ring
*ring_rx
= NULL
, *ring_tx
= NULL
;
2872 struct rtattr
*tb
[PACKET_DIAG_MAX
+1];
2873 struct sockstat stat
= {};
2874 uint32_t fanout
= 0;
2875 bool has_fanout
= false;
2877 parse_rtattr(tb
, PACKET_DIAG_MAX
, (struct rtattr
*)(r
+1),
2878 nlh
->nlmsg_len
- NLMSG_LENGTH(sizeof(*r
)));
2880 /* use /proc/net/packet if all info are not available */
2881 if (!tb
[PACKET_DIAG_MEMINFO
])
2884 stat
.type
= r
->pdiag_type
;
2885 stat
.prot
= r
->pdiag_num
;
2886 stat
.ino
= r
->pdiag_ino
;
2887 stat
.state
= SS_CLOSE
;
2888 stat
.sk
= cookie_sk_get(&r
->pdiag_cookie
[0]);
2890 if (tb
[PACKET_DIAG_MEMINFO
]) {
2891 __u32
*skmeminfo
= RTA_DATA(tb
[PACKET_DIAG_MEMINFO
]);
2892 stat
.rq
= skmeminfo
[SK_MEMINFO_RMEM_ALLOC
];
2895 if (tb
[PACKET_DIAG_INFO
]) {
2896 pinfo
= RTA_DATA(tb
[PACKET_DIAG_INFO
]);
2897 stat
.lport
= stat
.iface
= pinfo
->pdi_index
;
2900 if (tb
[PACKET_DIAG_UID
])
2901 stat
.uid
= *(__u32
*)RTA_DATA(tb
[PACKET_DIAG_UID
]);
2903 if (tb
[PACKET_DIAG_RX_RING
])
2904 ring_rx
= RTA_DATA(tb
[PACKET_DIAG_RX_RING
]);
2906 if (tb
[PACKET_DIAG_TX_RING
])
2907 ring_tx
= RTA_DATA(tb
[PACKET_DIAG_TX_RING
]);
2909 if (tb
[PACKET_DIAG_FANOUT
]) {
2911 fanout
= *(uint32_t *)RTA_DATA(tb
[PACKET_DIAG_FANOUT
]);
2914 if (packet_stats_print(&stat
, f
))
2919 printf("\n\tver:%d", pinfo
->pdi_version
);
2920 printf(" cpy_thresh:%d", pinfo
->pdi_copy_thresh
);
2922 if (pinfo
->pdi_flags
& PDI_RUNNING
)
2924 if (pinfo
->pdi_flags
& PDI_AUXDATA
)
2926 if (pinfo
->pdi_flags
& PDI_ORIGDEV
)
2928 if (pinfo
->pdi_flags
& PDI_VNETHDR
)
2930 if (pinfo
->pdi_flags
& PDI_LOSS
)
2932 if (!pinfo
->pdi_flags
)
2937 printf("\n\tring_rx(");
2938 packet_show_ring(ring_rx
);
2942 printf("\n\tring_tx(");
2943 packet_show_ring(ring_tx
);
2947 uint16_t type
= (fanout
>> 16) & 0xffff;
2949 printf("\n\tfanout(");
2950 printf("id:%d,", fanout
& 0xffff);
2966 printf("0x%x", type
);
2972 if (show_bpf
&& tb
[PACKET_DIAG_FILTER
]) {
2973 struct sock_filter
*fil
=
2974 RTA_DATA(tb
[PACKET_DIAG_FILTER
]);
2975 int num
= RTA_PAYLOAD(tb
[PACKET_DIAG_FILTER
]) /
2976 sizeof(struct sock_filter
);
2978 printf("\n\tbpf filter (%d): ", num
);
2980 printf(" 0x%02x %u %u %u,",
2981 fil
->code
, fil
->jt
, fil
->jf
, fil
->k
);
2990 static int packet_show_netlink(struct filter
*f
)
2992 DIAG_REQUEST(req
, struct packet_diag_req r
);
2994 req
.r
.sdiag_family
= AF_PACKET
;
2995 req
.r
.pdiag_show
= PACKET_SHOW_INFO
| PACKET_SHOW_MEMINFO
|
2996 PACKET_SHOW_FILTER
| PACKET_SHOW_RING_CFG
| PACKET_SHOW_FANOUT
;
2998 return handle_netlink_request(f
, &req
.nlh
, sizeof(req
), packet_show_sock
);
3001 static int packet_show_line(char *buf
, const struct filter
*f
, int fam
)
3003 unsigned long long sk
;
3004 struct sockstat stat
= {};
3005 int type
, prot
, iface
, state
, rq
, uid
, ino
;
3007 sscanf(buf
, "%llx %*d %d %x %d %d %u %u %u",
3009 &type
, &prot
, &iface
, &state
,
3012 if (stat
.type
== SOCK_RAW
&& !(f
->dbs
&(1<<PACKET_R_DB
)))
3014 if (stat
.type
== SOCK_DGRAM
&& !(f
->dbs
&(1<<PACKET_DG_DB
)))
3019 stat
.lport
= stat
.iface
= iface
;
3024 stat
.state
= SS_CLOSE
;
3026 if (packet_stats_print(&stat
, f
))
3033 static int packet_show(struct filter
*f
)
3038 if (!filter_af_get(f
, AF_PACKET
) || !(f
->states
& (1 << SS_CLOSE
)))
3041 if (!getenv("PROC_NET_PACKET") && !getenv("PROC_ROOT") &&
3042 packet_show_netlink(f
) == 0)
3045 if ((fp
= net_packet_open()) == NULL
)
3047 if (generic_record_read(fp
, packet_show_line
, f
, AF_PACKET
))
3054 static int netlink_show_one(struct filter
*f
,
3055 int prot
, int pid
, unsigned groups
,
3056 int state
, int dst_pid
, unsigned dst_group
,
3058 unsigned long long sk
, unsigned long long cb
)
3061 SPRINT_BUF(prot_buf
) = {};
3062 const char *prot_name
;
3063 char procname
[64] = {};
3065 st
.state
= SS_CLOSE
;
3070 st
.local
.family
= AF_NETLINK
;
3071 st
.remote
.family
= AF_NETLINK
;
3074 st
.local
.data
[0] = prot
;
3075 if (run_ssfilter(f
->f
, &st
) == 0)
3079 sock_state_print(&st
, "nl");
3081 if (resolve_services
)
3082 prot_name
= nl_proto_n2a(prot
, prot_buf
, sizeof(prot_buf
));
3084 prot_name
= int_to_str(prot
, prot_buf
);
3088 } else if (resolve_services
) {
3092 strncpy(procname
, "kernel", 6);
3093 } else if (pid
> 0) {
3095 snprintf(procname
, sizeof(procname
), "%s/%d/stat",
3096 getenv("PROC_ROOT") ? : "/proc", pid
);
3097 if ((fp
= fopen(procname
, "r")) != NULL
) {
3098 if (fscanf(fp
, "%*d (%[^)])", procname
) == 1) {
3099 snprintf(procname
+strlen(procname
),
3100 sizeof(procname
)-strlen(procname
),
3108 int_to_str(pid
, procname
);
3110 int_to_str(pid
, procname
);
3113 sock_addr_print(prot_name
, ":", procname
, NULL
);
3115 if (state
== NETLINK_CONNECTED
) {
3116 char dst_group_buf
[30];
3117 char dst_pid_buf
[30];
3118 sock_addr_print(int_to_str(dst_group
, dst_group_buf
), ":",
3119 int_to_str(dst_pid
, dst_pid_buf
), NULL
);
3121 sock_addr_print("", "*", "", NULL
);
3124 char *pid_context
= NULL
;
3125 if (show_proc_ctx
) {
3126 /* The pid value will either be:
3127 * 0 if destination kernel - show kernel initial context.
3128 * A valid process pid - use getpidcon.
3129 * A unique value allocated by the kernel or netlink user
3130 * to the process - show context as "not available".
3133 security_get_initial_context("kernel", &pid_context
);
3135 getpidcon(pid
, &pid_context
);
3137 if (pid_context
!= NULL
) {
3138 printf("proc_ctx=%-*s ", serv_width
, pid_context
);
3141 printf("proc_ctx=%-*s ", serv_width
, "unavailable");
3146 printf(" sk=%llx cb=%llx groups=0x%08x", sk
, cb
, groups
);
3153 static int netlink_show_sock(const struct sockaddr_nl
*addr
,
3154 struct nlmsghdr
*nlh
, void *arg
)
3156 struct filter
*f
= (struct filter
*)arg
;
3157 struct netlink_diag_msg
*r
= NLMSG_DATA(nlh
);
3158 struct rtattr
*tb
[NETLINK_DIAG_MAX
+1];
3160 unsigned long groups
= 0;
3162 parse_rtattr(tb
, NETLINK_DIAG_MAX
, (struct rtattr
*)(r
+1),
3163 nlh
->nlmsg_len
- NLMSG_LENGTH(sizeof(*r
)));
3165 if (tb
[NETLINK_DIAG_GROUPS
] && RTA_PAYLOAD(tb
[NETLINK_DIAG_GROUPS
]))
3166 groups
= *(unsigned long *) RTA_DATA(tb
[NETLINK_DIAG_GROUPS
]);
3168 if (tb
[NETLINK_DIAG_MEMINFO
]) {
3169 const __u32
*skmeminfo
;
3170 skmeminfo
= RTA_DATA(tb
[NETLINK_DIAG_MEMINFO
]);
3172 rq
= skmeminfo
[SK_MEMINFO_RMEM_ALLOC
];
3173 wq
= skmeminfo
[SK_MEMINFO_WMEM_ALLOC
];
3176 if (netlink_show_one(f
, r
->ndiag_protocol
, r
->ndiag_portid
, groups
,
3177 r
->ndiag_state
, r
->ndiag_dst_portid
, r
->ndiag_dst_group
,
3184 print_skmeminfo(tb
, NETLINK_DIAG_MEMINFO
);
3191 static int netlink_show_netlink(struct filter
*f
)
3193 DIAG_REQUEST(req
, struct netlink_diag_req r
);
3195 req
.r
.sdiag_family
= AF_NETLINK
;
3196 req
.r
.sdiag_protocol
= NDIAG_PROTO_ALL
;
3197 req
.r
.ndiag_show
= NDIAG_SHOW_GROUPS
| NDIAG_SHOW_MEMINFO
;
3199 return handle_netlink_request(f
, &req
.nlh
, sizeof(req
), netlink_show_sock
);
3202 static int netlink_show(struct filter
*f
)
3209 unsigned long long sk
, cb
;
3211 if (!filter_af_get(f
, AF_NETLINK
) || !(f
->states
& (1 << SS_CLOSE
)))
3214 if (!getenv("PROC_NET_NETLINK") && !getenv("PROC_ROOT") &&
3215 netlink_show_netlink(f
) == 0)
3218 if ((fp
= net_netlink_open()) == NULL
)
3220 if (!fgets(buf
, sizeof(buf
)-1, fp
)) {
3225 while (fgets(buf
, sizeof(buf
)-1, fp
)) {
3226 sscanf(buf
, "%llx %d %d %x %d %d %llx %d",
3228 &prot
, &pid
, &groups
, &rq
, &wq
, &cb
, &rc
);
3230 netlink_show_one(f
, prot
, pid
, groups
, 0, 0, 0, rq
, wq
, sk
, cb
);
3237 struct sock_diag_msg
{
3241 static int generic_show_sock(const struct sockaddr_nl
*addr
,
3242 struct nlmsghdr
*nlh
, void *arg
)
3244 struct sock_diag_msg
*r
= NLMSG_DATA(nlh
);
3245 struct inet_diag_arg inet_arg
= { .f
= arg
, .protocol
= IPPROTO_MAX
};
3247 switch (r
->sdiag_family
) {
3250 return show_one_inet_sock(addr
, nlh
, &inet_arg
);
3252 return unix_show_sock(addr
, nlh
, arg
);
3254 return packet_show_sock(addr
, nlh
, arg
);
3256 return netlink_show_sock(addr
, nlh
, arg
);
3262 static int handle_follow_request(struct filter
*f
)
3266 struct rtnl_handle rth
;
3268 if (f
->families
& (1 << AF_INET
) && f
->dbs
& (1 << TCP_DB
))
3269 groups
|= 1 << (SKNLGRP_INET_TCP_DESTROY
- 1);
3270 if (f
->families
& (1 << AF_INET
) && f
->dbs
& (1 << UDP_DB
))
3271 groups
|= 1 << (SKNLGRP_INET_UDP_DESTROY
- 1);
3272 if (f
->families
& (1 << AF_INET6
) && f
->dbs
& (1 << TCP_DB
))
3273 groups
|= 1 << (SKNLGRP_INET6_TCP_DESTROY
- 1);
3274 if (f
->families
& (1 << AF_INET6
) && f
->dbs
& (1 << UDP_DB
))
3275 groups
|= 1 << (SKNLGRP_INET6_UDP_DESTROY
- 1);
3280 if (rtnl_open_byproto(&rth
, groups
, NETLINK_SOCK_DIAG
))
3284 rth
.local
.nl_pid
= 0;
3286 if (rtnl_dump_filter(&rth
, generic_show_sock
, f
))
3300 static int get_snmp_int(char *proto
, char *key
, int *result
)
3304 int protolen
= strlen(proto
);
3305 int keylen
= strlen(key
);
3309 if ((fp
= net_snmp_open()) == NULL
)
3312 while (fgets(buf
, sizeof(buf
), fp
) != NULL
) {
3315 if (memcmp(buf
, proto
, protolen
))
3317 while ((p
= strchr(p
, ' ')) != NULL
) {
3320 if (memcmp(p
, key
, keylen
) == 0 &&
3321 (p
[keylen
] == ' ' || p
[keylen
] == '\n'))
3324 if (fgets(buf
, sizeof(buf
), fp
) == NULL
)
3326 if (memcmp(buf
, proto
, protolen
))
3329 while ((p
= strchr(p
, ' ')) != NULL
) {
3332 sscanf(p
, "%d", result
);
3345 /* Get stats from sockstat */
3366 static void get_sockstat_line(char *line
, struct ssummary
*s
)
3368 char id
[256], rem
[256];
3370 if (sscanf(line
, "%[^ ] %[^\n]\n", id
, rem
) != 2)
3373 if (strcmp(id
, "sockets:") == 0)
3374 sscanf(rem
, "%*s%d", &s
->socks
);
3375 else if (strcmp(id
, "UDP:") == 0)
3376 sscanf(rem
, "%*s%d", &s
->udp4
);
3377 else if (strcmp(id
, "UDP6:") == 0)
3378 sscanf(rem
, "%*s%d", &s
->udp6
);
3379 else if (strcmp(id
, "RAW:") == 0)
3380 sscanf(rem
, "%*s%d", &s
->raw4
);
3381 else if (strcmp(id
, "RAW6:") == 0)
3382 sscanf(rem
, "%*s%d", &s
->raw6
);
3383 else if (strcmp(id
, "TCP6:") == 0)
3384 sscanf(rem
, "%*s%d", &s
->tcp6_hashed
);
3385 else if (strcmp(id
, "FRAG:") == 0)
3386 sscanf(rem
, "%*s%d%*s%d", &s
->frag4
, &s
->frag4_mem
);
3387 else if (strcmp(id
, "FRAG6:") == 0)
3388 sscanf(rem
, "%*s%d%*s%d", &s
->frag6
, &s
->frag6_mem
);
3389 else if (strcmp(id
, "TCP:") == 0)
3390 sscanf(rem
, "%*s%d%*s%d%*s%d%*s%d%*s%d",
3392 &s
->tcp_orphans
, &s
->tcp_tws
, &s
->tcp_total
, &s
->tcp_mem
);
3395 static int get_sockstat(struct ssummary
*s
)
3400 memset(s
, 0, sizeof(*s
));
3402 if ((fp
= net_sockstat_open()) == NULL
)
3404 while(fgets(buf
, sizeof(buf
), fp
) != NULL
)
3405 get_sockstat_line(buf
, s
);
3408 if ((fp
= net_sockstat6_open()) == NULL
)
3410 while(fgets(buf
, sizeof(buf
), fp
) != NULL
)
3411 get_sockstat_line(buf
, s
);
3417 static int print_summary(void)
3422 if (get_sockstat(&s
) < 0)
3423 perror("ss: get_sockstat");
3424 if (get_snmp_int("Tcp:", "CurrEstab", &sn
.tcp_estab
) < 0)
3425 perror("ss: get_snmpstat");
3427 get_slabstat(&slabstat
);
3429 printf("Total: %d (kernel %d)\n", s
.socks
, slabstat
.socks
);
3431 printf("TCP: %d (estab %d, closed %d, orphaned %d, synrecv %d, timewait %d/%d), ports %d\n",
3432 s
.tcp_total
+ slabstat
.tcp_syns
+ s
.tcp_tws
,
3434 s
.tcp_total
- (s
.tcp4_hashed
+s
.tcp6_hashed
-s
.tcp_tws
),
3437 s
.tcp_tws
, slabstat
.tcp_tws
,
3442 printf("Transport Total IP IPv6\n");
3443 printf("* %-9d %-9s %-9s\n", slabstat
.socks
, "-", "-");
3444 printf("RAW %-9d %-9d %-9d\n", s
.raw4
+s
.raw6
, s
.raw4
, s
.raw6
);
3445 printf("UDP %-9d %-9d %-9d\n", s
.udp4
+s
.udp6
, s
.udp4
, s
.udp6
);
3446 printf("TCP %-9d %-9d %-9d\n", s
.tcp4_hashed
+s
.tcp6_hashed
, s
.tcp4_hashed
, s
.tcp6_hashed
);
3447 printf("INET %-9d %-9d %-9d\n",
3448 s
.raw4
+s
.udp4
+s
.tcp4_hashed
+
3449 s
.raw6
+s
.udp6
+s
.tcp6_hashed
,
3450 s
.raw4
+s
.udp4
+s
.tcp4_hashed
,
3451 s
.raw6
+s
.udp6
+s
.tcp6_hashed
);
3452 printf("FRAG %-9d %-9d %-9d\n", s
.frag4
+s
.frag6
, s
.frag4
, s
.frag6
);
3459 static void _usage(FILE *dest
)
3462 "Usage: ss [ OPTIONS ]\n"
3463 " ss [ OPTIONS ] [ FILTER ]\n"
3464 " -h, --help this message\n"
3465 " -V, --version output version information\n"
3466 " -n, --numeric don't resolve service names\n"
3467 " -r, --resolve resolve host names\n"
3468 " -a, --all display all sockets\n"
3469 " -l, --listening display listening sockets\n"
3470 " -o, --options show timer information\n"
3471 " -e, --extended show detailed socket information\n"
3472 " -m, --memory show socket memory usage\n"
3473 " -p, --processes show process using socket\n"
3474 " -i, --info show internal TCP information\n"
3475 " -s, --summary show socket usage summary\n"
3476 " -b, --bpf show bpf filter socket information\n"
3477 " -E, --events continually display sockets as they are destroyed\n"
3478 " -Z, --context display process SELinux security contexts\n"
3479 " -z, --contexts display process and socket SELinux security contexts\n"
3480 " -N, --net switch to the specified network namespace name\n"
3482 " -4, --ipv4 display only IP version 4 sockets\n"
3483 " -6, --ipv6 display only IP version 6 sockets\n"
3484 " -0, --packet display PACKET sockets\n"
3485 " -t, --tcp display only TCP sockets\n"
3486 " -u, --udp display only UDP sockets\n"
3487 " -d, --dccp display only DCCP sockets\n"
3488 " -w, --raw display only RAW sockets\n"
3489 " -x, --unix display only Unix domain sockets\n"
3490 " -f, --family=FAMILY display sockets of type FAMILY\n"
3492 " -A, --query=QUERY, --socket=QUERY\n"
3493 " QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink}[,QUERY]\n"
3495 " -D, --diag=FILE Dump raw information about TCP sockets to FILE\n"
3496 " -F, --filter=FILE read filter information from FILE\n"
3497 " FILTER := [ state STATE-FILTER ] [ EXPRESSION ]\n"
3498 " STATE-FILTER := {all|connected|synchronized|bucket|big|TCP-STATES}\n"
3499 " TCP-STATES := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|closed|close-wait|last-ack|listen|closing}\n"
3500 " connected := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
3501 " synchronized := {established|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
3502 " bucket := {syn-recv|time-wait}\n"
3503 " big := {established|syn-sent|fin-wait-{1,2}|closed|close-wait|last-ack|listen|closing}\n"
3507 static void help(void) __attribute__((noreturn
));
3508 static void help(void)
3514 static void usage(void) __attribute__((noreturn
));
3515 static void usage(void)
3522 static int scan_state(const char *state
)
3525 if (strcasecmp(state
, "close") == 0 ||
3526 strcasecmp(state
, "closed") == 0)
3527 return (1<<SS_CLOSE
);
3528 if (strcasecmp(state
, "syn-rcv") == 0)
3529 return (1<<SS_SYN_RECV
);
3530 if (strcasecmp(state
, "established") == 0)
3531 return (1<<SS_ESTABLISHED
);
3532 if (strcasecmp(state
, "all") == 0)
3534 if (strcasecmp(state
, "connected") == 0)
3535 return SS_ALL
& ~((1<<SS_CLOSE
)|(1<<SS_LISTEN
));
3536 if (strcasecmp(state
, "synchronized") == 0)
3537 return SS_ALL
& ~((1<<SS_CLOSE
)|(1<<SS_LISTEN
)|(1<<SS_SYN_SENT
));
3538 if (strcasecmp(state
, "bucket") == 0)
3539 return (1<<SS_SYN_RECV
)|(1<<SS_TIME_WAIT
);
3540 if (strcasecmp(state
, "big") == 0)
3541 return SS_ALL
& ~((1<<SS_SYN_RECV
)|(1<<SS_TIME_WAIT
));
3542 for (i
=0; i
<SS_MAX
; i
++) {
3543 if (strcasecmp(state
, sstate_namel
[i
]) == 0)
3547 fprintf(stderr
, "ss: wrong state name: %s\n", state
);
3551 static const struct option long_opts
[] = {
3552 { "numeric", 0, 0, 'n' },
3553 { "resolve", 0, 0, 'r' },
3554 { "options", 0, 0, 'o' },
3555 { "extended", 0, 0, 'e' },
3556 { "memory", 0, 0, 'm' },
3557 { "info", 0, 0, 'i' },
3558 { "processes", 0, 0, 'p' },
3559 { "bpf", 0, 0, 'b' },
3560 { "events", 0, 0, 'E' },
3561 { "dccp", 0, 0, 'd' },
3562 { "tcp", 0, 0, 't' },
3563 { "udp", 0, 0, 'u' },
3564 { "raw", 0, 0, 'w' },
3565 { "unix", 0, 0, 'x' },
3566 { "all", 0, 0, 'a' },
3567 { "listening", 0, 0, 'l' },
3568 { "ipv4", 0, 0, '4' },
3569 { "ipv6", 0, 0, '6' },
3570 { "packet", 0, 0, '0' },
3571 { "family", 1, 0, 'f' },
3572 { "socket", 1, 0, 'A' },
3573 { "query", 1, 0, 'A' },
3574 { "summary", 0, 0, 's' },
3575 { "diag", 1, 0, 'D' },
3576 { "filter", 1, 0, 'F' },
3577 { "version", 0, 0, 'V' },
3578 { "help", 0, 0, 'h' },
3579 { "context", 0, 0, 'Z' },
3580 { "contexts", 0, 0, 'z' },
3581 { "net", 1, 0, 'N' },
3586 int main(int argc
, char *argv
[])
3591 const char *dump_tcpdiag
= NULL
;
3592 FILE *filter_fp
= NULL
;
3594 int state_filter
= 0;
3596 while ((ch
= getopt_long(argc
, argv
, "dhaletuwxnro460spbEf:miA:D:F:vVzZN:",
3597 long_opts
, NULL
)) != EOF
) {
3600 resolve_services
= 0;
3620 user_ent_hash_build();
3630 filter_db_set(¤t_filter
, DCCP_DB
);
3633 filter_db_set(¤t_filter
, TCP_DB
);
3636 filter_db_set(¤t_filter
, UDP_DB
);
3639 filter_db_set(¤t_filter
, RAW_DB
);
3642 filter_af_set(¤t_filter
, AF_UNIX
);
3645 state_filter
= SS_ALL
;
3648 state_filter
= (1 << SS_LISTEN
) | (1 << SS_CLOSE
);
3651 filter_af_set(¤t_filter
, AF_INET
);
3654 filter_af_set(¤t_filter
, AF_INET6
);
3657 filter_af_set(¤t_filter
, AF_PACKET
);
3660 if (strcmp(optarg
, "inet") == 0)
3661 filter_af_set(¤t_filter
, AF_INET
);
3662 else if (strcmp(optarg
, "inet6") == 0)
3663 filter_af_set(¤t_filter
, AF_INET6
);
3664 else if (strcmp(optarg
, "link") == 0)
3665 filter_af_set(¤t_filter
, AF_PACKET
);
3666 else if (strcmp(optarg
, "unix") == 0)
3667 filter_af_set(¤t_filter
, AF_UNIX
);
3668 else if (strcmp(optarg
, "netlink") == 0)
3669 filter_af_set(¤t_filter
, AF_NETLINK
);
3670 else if (strcmp(optarg
, "help") == 0)
3673 fprintf(stderr
, "ss: \"%s\" is invalid family\n",
3682 current_filter
.dbs
= 0;
3683 state_filter
= state_filter
?
3684 state_filter
: SS_CONN
;
3690 if ((p1
= strchr(p
, ',')) != NULL
)
3692 if (strcmp(p
, "all") == 0) {
3693 filter_default_dbs(¤t_filter
);
3694 } else if (strcmp(p
, "inet") == 0) {
3695 filter_db_set(¤t_filter
, UDP_DB
);
3696 filter_db_set(¤t_filter
, DCCP_DB
);
3697 filter_db_set(¤t_filter
, TCP_DB
);
3698 filter_db_set(¤t_filter
, RAW_DB
);
3699 } else if (strcmp(p
, "udp") == 0) {
3700 filter_db_set(¤t_filter
, UDP_DB
);
3701 } else if (strcmp(p
, "dccp") == 0) {
3702 filter_db_set(¤t_filter
, DCCP_DB
);
3703 } else if (strcmp(p
, "tcp") == 0) {
3704 filter_db_set(¤t_filter
, TCP_DB
);
3705 } else if (strcmp(p
, "raw") == 0) {
3706 filter_db_set(¤t_filter
, RAW_DB
);
3707 } else if (strcmp(p
, "unix") == 0) {
3708 filter_db_set(¤t_filter
, UNIX_ST_DB
);
3709 filter_db_set(¤t_filter
, UNIX_DG_DB
);
3710 filter_db_set(¤t_filter
, UNIX_SQ_DB
);
3711 } else if (strcasecmp(p
, "unix_stream") == 0 ||
3712 strcmp(p
, "u_str") == 0) {
3713 filter_db_set(¤t_filter
, UNIX_ST_DB
);
3714 } else if (strcasecmp(p
, "unix_dgram") == 0 ||
3715 strcmp(p
, "u_dgr") == 0) {
3716 filter_db_set(¤t_filter
, UNIX_DG_DB
);
3717 } else if (strcasecmp(p
, "unix_seqpacket") == 0 ||
3718 strcmp(p
, "u_seq") == 0) {
3719 filter_db_set(¤t_filter
, UNIX_SQ_DB
);
3720 } else if (strcmp(p
, "packet") == 0) {
3721 filter_db_set(¤t_filter
, PACKET_R_DB
);
3722 filter_db_set(¤t_filter
, PACKET_DG_DB
);
3723 } else if (strcmp(p
, "packet_raw") == 0 ||
3724 strcmp(p
, "p_raw") == 0) {
3725 filter_db_set(¤t_filter
, PACKET_R_DB
);
3726 } else if (strcmp(p
, "packet_dgram") == 0 ||
3727 strcmp(p
, "p_dgr") == 0) {
3728 filter_db_set(¤t_filter
, PACKET_DG_DB
);
3729 } else if (strcmp(p
, "netlink") == 0) {
3730 filter_db_set(¤t_filter
, NETLINK_DB
);
3732 fprintf(stderr
, "ss: \"%s\" is illegal socket table id\n", p
);
3743 dump_tcpdiag
= optarg
;
3747 fprintf(stderr
, "More than one filter file\n");
3750 if (optarg
[0] == '-')
3753 filter_fp
= fopen(optarg
, "r");
3755 perror("fopen filter file");
3761 printf("ss utility, iproute2-ss%s\n", SNAPSHOT
);
3766 if (is_selinux_enabled() <= 0) {
3767 fprintf(stderr
, "ss: SELinux is not enabled.\n");
3771 user_ent_hash_build();
3774 if (netns_switch(optarg
))
3790 if (do_default
&& argc
== 0)
3795 if (strcmp(*argv
, "state") == 0) {
3799 state_filter
|= scan_state(*argv
);
3801 } else if (strcmp(*argv
, "exclude") == 0 ||
3802 strcmp(*argv
, "excl") == 0) {
3805 state_filter
= SS_ALL
;
3806 state_filter
&= ~scan_state(*argv
);
3815 state_filter
= state_filter
? state_filter
: SS_CONN
;
3816 filter_default_dbs(¤t_filter
);
3819 filter_states_set(¤t_filter
, state_filter
);
3820 filter_merge_defaults(¤t_filter
);
3822 if (resolve_services
&& resolve_hosts
&&
3823 (current_filter
.dbs
&(UNIX_DBM
|(1<<TCP_DB
)|(1<<UDP_DB
)|(1<<DCCP_DB
))))
3824 init_service_resolver();
3827 if (current_filter
.dbs
== 0) {
3828 fprintf(stderr
, "ss: no socket tables to show with such filter.\n");
3831 if (current_filter
.families
== 0) {
3832 fprintf(stderr
, "ss: no families to show with such filter.\n");
3835 if (current_filter
.states
== 0) {
3836 fprintf(stderr
, "ss: no socket states to show with such filter.\n");
3841 FILE *dump_fp
= stdout
;
3842 if (!(current_filter
.dbs
& (1<<TCP_DB
))) {
3843 fprintf(stderr
, "ss: tcpdiag dump requested and no tcp in filter.\n");
3846 if (dump_tcpdiag
[0] != '-') {
3847 dump_fp
= fopen(dump_tcpdiag
, "w");
3848 if (!dump_tcpdiag
) {
3849 perror("fopen dump file");
3853 inet_show_netlink(¤t_filter
, dump_fp
, IPPROTO_TCP
);
3858 if (ssfilter_parse(¤t_filter
.f
, argc
, argv
, filter_fp
))
3862 if (current_filter
.dbs
&(current_filter
.dbs
-1))
3866 if (current_filter
.states
&(current_filter
.states
-1))
3870 if (isatty(STDOUT_FILENO
)) {
3873 if (ioctl(STDOUT_FILENO
, TIOCGWINSZ
, &w
) != -1) {
3875 screen_width
= w
.ws_col
;
3879 addrp_width
= screen_width
;
3880 addrp_width
-= netid_width
+1;
3881 addrp_width
-= state_width
+1;
3884 if (addrp_width
&1) {
3887 else if (state_width
)
3894 serv_width
= resolve_services
? 7 : 5;
3896 if (addrp_width
< 15+serv_width
+1)
3897 addrp_width
= 15+serv_width
+1;
3899 addr_width
= addrp_width
- serv_width
- 1;
3902 printf("%-*s ", netid_width
, "Netid");
3904 printf("%-*s ", state_width
, "State");
3905 printf("%-6s %-6s ", "Recv-Q", "Send-Q");
3907 /* Make enough space for the local/remote port field */
3911 printf("%*s:%-*s %*s:%-*s\n",
3912 addr_width
, "Local Address", serv_width
, "Port",
3913 addr_width
, "Peer Address", serv_width
, "Port");
3918 exit(handle_follow_request(¤t_filter
));
3920 if (current_filter
.dbs
& (1<<NETLINK_DB
))
3921 netlink_show(¤t_filter
);
3922 if (current_filter
.dbs
& PACKET_DBM
)
3923 packet_show(¤t_filter
);
3924 if (current_filter
.dbs
& UNIX_DBM
)
3925 unix_show(¤t_filter
);
3926 if (current_filter
.dbs
& (1<<RAW_DB
))
3927 raw_show(¤t_filter
);
3928 if (current_filter
.dbs
& (1<<UDP_DB
))
3929 udp_show(¤t_filter
);
3930 if (current_filter
.dbs
& (1<<TCP_DB
))
3931 tcp_show(¤t_filter
, IPPROTO_TCP
);
3932 if (current_filter
.dbs
& (1<<DCCP_DB
))
3933 tcp_show(¤t_filter
, IPPROTO_DCCP
);
3935 if (show_users
|| show_proc_ctx
|| show_sock_ctx
)