]> git.proxmox.com Git - mirror_iproute2.git/blob - misc/ss.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ss: Fix filter expression parser
[mirror_iproute2.git] / misc / ss.c
1 /*
2 * ss.c "sockstat", socket statistics
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
10 */
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <unistd.h>
15 #include <syslog.h>
16 #include <fcntl.h>
17 #include <sys/ioctl.h>
18 #include <sys/socket.h>
19 #include <sys/uio.h>
20 #include <netinet/in.h>
21 #include <string.h>
22 #include <errno.h>
23 #include <netdb.h>
24 #include <arpa/inet.h>
25 #include <dirent.h>
26 #include <fnmatch.h>
27 #include <getopt.h>
28 #include <stdbool.h>
29
30 #include "utils.h"
31 #include "rt_names.h"
32 #include "ll_map.h"
33 #include "libnetlink.h"
34 #include "namespace.h"
35 #include "SNAPSHOT.h"
36
37 #include <linux/tcp.h>
38 #include <linux/sock_diag.h>
39 #include <linux/inet_diag.h>
40 #include <linux/unix_diag.h>
41 #include <linux/netdevice.h> /* for MAX_ADDR_LEN */
42 #include <linux/filter.h>
43 #include <linux/packet_diag.h>
44 #include <linux/netlink_diag.h>
45
46 #define MAGIC_SEQ 123456
47
48 #define DIAG_REQUEST(_req, _r) \
49 struct { \
50 struct nlmsghdr nlh; \
51 _r; \
52 } _req = { \
53 .nlh = { \
54 .nlmsg_type = SOCK_DIAG_BY_FAMILY, \
55 .nlmsg_flags = NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST,\
56 .nlmsg_seq = MAGIC_SEQ, \
57 .nlmsg_len = sizeof(_req), \
58 }, \
59 }
60
61 #if HAVE_SELINUX
62 #include <selinux/selinux.h>
63 #else
64 /* Stubs for SELinux functions */
65 static int is_selinux_enabled(void)
66 {
67 return -1;
68 }
69
70 static int getpidcon(pid_t pid, char **context)
71 {
72 *context = NULL;
73 return -1;
74 }
75
76 static int getfilecon(char *path, char **context)
77 {
78 *context = NULL;
79 return -1;
80 }
81
82 static int security_get_initial_context(char *name, char **context)
83 {
84 *context = NULL;
85 return -1;
86 }
87 #endif
88
89 int resolve_hosts = 0;
90 int resolve_services = 1;
91 int preferred_family = AF_UNSPEC;
92 int show_options = 0;
93 int show_details = 0;
94 int show_users = 0;
95 int show_mem = 0;
96 int show_tcpinfo = 0;
97 int show_bpf = 0;
98 int show_proc_ctx = 0;
99 int show_sock_ctx = 0;
100 /* If show_users & show_proc_ctx only do user_ent_hash_build() once */
101 int user_ent_hash_build_init = 0;
102
103 int netid_width;
104 int state_width;
105 int addrp_width;
106 int addr_width;
107 int serv_width;
108 int screen_width;
109
110 static const char *TCP_PROTO = "tcp";
111 static const char *UDP_PROTO = "udp";
112 static const char *RAW_PROTO = "raw";
113 static const char *dg_proto = NULL;
114
115 enum
116 {
117 TCP_DB,
118 DCCP_DB,
119 UDP_DB,
120 RAW_DB,
121 UNIX_DG_DB,
122 UNIX_ST_DB,
123 UNIX_SQ_DB,
124 PACKET_DG_DB,
125 PACKET_R_DB,
126 NETLINK_DB,
127 MAX_DB
128 };
129
130 #define PACKET_DBM ((1<<PACKET_DG_DB)|(1<<PACKET_R_DB))
131 #define UNIX_DBM ((1<<UNIX_DG_DB)|(1<<UNIX_ST_DB)|(1<<UNIX_SQ_DB))
132 #define ALL_DB ((1<<MAX_DB)-1)
133 #define INET_DBM ((1<<TCP_DB)|(1<<UDP_DB)|(1<<DCCP_DB)|(1<<RAW_DB))
134
135 enum {
136 SS_UNKNOWN,
137 SS_ESTABLISHED,
138 SS_SYN_SENT,
139 SS_SYN_RECV,
140 SS_FIN_WAIT1,
141 SS_FIN_WAIT2,
142 SS_TIME_WAIT,
143 SS_CLOSE,
144 SS_CLOSE_WAIT,
145 SS_LAST_ACK,
146 SS_LISTEN,
147 SS_CLOSING,
148 SS_MAX
149 };
150
151 #define SS_ALL ((1 << SS_MAX) - 1)
152 #define SS_CONN (SS_ALL & ~((1<<SS_LISTEN)|(1<<SS_CLOSE)|(1<<SS_TIME_WAIT)|(1<<SS_SYN_RECV)))
153
154 #include "ssfilter.h"
155
156 struct filter
157 {
158 int dbs;
159 int states;
160 int families;
161 struct ssfilter *f;
162 };
163
164 static const struct filter default_dbs[MAX_DB] = {
165 [TCP_DB] = {
166 .states = SS_CONN,
167 .families = (1 << AF_INET) | (1 << AF_INET6),
168 },
169 [DCCP_DB] = {
170 .states = SS_CONN,
171 .families = (1 << AF_INET) | (1 << AF_INET6),
172 },
173 [UDP_DB] = {
174 .states = (1 << SS_ESTABLISHED),
175 .families = (1 << AF_INET) | (1 << AF_INET6),
176 },
177 [RAW_DB] = {
178 .states = (1 << SS_ESTABLISHED),
179 .families = (1 << AF_INET) | (1 << AF_INET6),
180 },
181 [UNIX_DG_DB] = {
182 .states = (1 << SS_CLOSE),
183 .families = (1 << AF_UNIX),
184 },
185 [UNIX_ST_DB] = {
186 .states = SS_CONN,
187 .families = (1 << AF_UNIX),
188 },
189 [UNIX_SQ_DB] = {
190 .states = SS_CONN,
191 .families = (1 << AF_UNIX),
192 },
193 [PACKET_DG_DB] = {
194 .states = (1 << SS_CLOSE),
195 .families = (1 << AF_PACKET),
196 },
197 [PACKET_R_DB] = {
198 .states = (1 << SS_CLOSE),
199 .families = (1 << AF_PACKET),
200 },
201 [NETLINK_DB] = {
202 .states = (1 << SS_CLOSE),
203 .families = (1 << AF_NETLINK),
204 },
205 };
206
207 static const struct filter default_afs[AF_MAX] = {
208 [AF_INET] = {
209 .dbs = INET_DBM,
210 .states = SS_CONN,
211 },
212 [AF_INET6] = {
213 .dbs = INET_DBM,
214 .states = SS_CONN,
215 },
216 [AF_UNIX] = {
217 .dbs = UNIX_DBM,
218 .states = SS_CONN,
219 },
220 [AF_PACKET] = {
221 .dbs = PACKET_DBM,
222 .states = (1 << SS_CLOSE),
223 },
224 [AF_NETLINK] = {
225 .dbs = (1 << NETLINK_DB),
226 .states = (1 << SS_CLOSE),
227 },
228 };
229
230 static int do_default = 1;
231 static struct filter current_filter;
232
233 static void filter_db_set(struct filter *f, int db)
234 {
235 f->states |= default_dbs[db].states;
236 f->families |= default_dbs[db].families;
237 f->dbs |= 1 << db;
238 do_default = 0;
239 }
240
241 static void filter_af_set(struct filter *f, int af)
242 {
243 f->dbs |= default_afs[af].dbs;
244 f->states |= default_afs[af].states;
245 f->families |= 1 << af;
246 do_default = 0;
247 preferred_family = af;
248 }
249
250 static int filter_af_get(struct filter *f, int af)
251 {
252 return f->families & (1 << af);
253 }
254
255 static void filter_default_dbs(struct filter *f)
256 {
257 filter_db_set(f, UDP_DB);
258 filter_db_set(f, DCCP_DB);
259 filter_db_set(f, TCP_DB);
260 filter_db_set(f, RAW_DB);
261 filter_db_set(f, UNIX_ST_DB);
262 filter_db_set(f, UNIX_DG_DB);
263 filter_db_set(f, UNIX_SQ_DB);
264 filter_db_set(f, PACKET_R_DB);
265 filter_db_set(f, PACKET_DG_DB);
266 filter_db_set(f, NETLINK_DB);
267 }
268
269 static void filter_merge(struct filter *af, struct filter *dbf, int states)
270 {
271 if (af->families)
272 af->families = (af->families | dbf->families) & af->families;
273 else
274 af->families = dbf->families;
275
276 if (dbf->dbs)
277 af->dbs = (af->dbs | dbf->dbs) & dbf->dbs;
278
279 if (dbf->states)
280 af->states = (af->states | dbf->states) & dbf->states;
281
282 if (states)
283 af->states = (af->states | states) & states;
284 }
285
286 static FILE *generic_proc_open(const char *env, const char *name)
287 {
288 const char *p = getenv(env);
289 char store[128];
290
291 if (!p) {
292 p = getenv("PROC_ROOT") ? : "/proc";
293 snprintf(store, sizeof(store)-1, "%s/%s", p, name);
294 p = store;
295 }
296
297 return fopen(p, "r");
298 }
299
300 static FILE *net_tcp_open(void)
301 {
302 return generic_proc_open("PROC_NET_TCP", "net/tcp");
303 }
304
305 static FILE *net_tcp6_open(void)
306 {
307 return generic_proc_open("PROC_NET_TCP6", "net/tcp6");
308 }
309
310 static FILE *net_udp_open(void)
311 {
312 return generic_proc_open("PROC_NET_UDP", "net/udp");
313 }
314
315 static FILE *net_udp6_open(void)
316 {
317 return generic_proc_open("PROC_NET_UDP6", "net/udp6");
318 }
319
320 static FILE *net_raw_open(void)
321 {
322 return generic_proc_open("PROC_NET_RAW", "net/raw");
323 }
324
325 static FILE *net_raw6_open(void)
326 {
327 return generic_proc_open("PROC_NET_RAW6", "net/raw6");
328 }
329
330 static FILE *net_unix_open(void)
331 {
332 return generic_proc_open("PROC_NET_UNIX", "net/unix");
333 }
334
335 static FILE *net_packet_open(void)
336 {
337 return generic_proc_open("PROC_NET_PACKET", "net/packet");
338 }
339
340 static FILE *net_netlink_open(void)
341 {
342 return generic_proc_open("PROC_NET_NETLINK", "net/netlink");
343 }
344
345 static FILE *slabinfo_open(void)
346 {
347 return generic_proc_open("PROC_SLABINFO", "slabinfo");
348 }
349
350 static FILE *net_sockstat_open(void)
351 {
352 return generic_proc_open("PROC_NET_SOCKSTAT", "net/sockstat");
353 }
354
355 static FILE *net_sockstat6_open(void)
356 {
357 return generic_proc_open("PROC_NET_SOCKSTAT6", "net/sockstat6");
358 }
359
360 static FILE *net_snmp_open(void)
361 {
362 return generic_proc_open("PROC_NET_SNMP", "net/snmp");
363 }
364
365 static FILE *ephemeral_ports_open(void)
366 {
367 return generic_proc_open("PROC_IP_LOCAL_PORT_RANGE", "sys/net/ipv4/ip_local_port_range");
368 }
369
370 struct user_ent {
371 struct user_ent *next;
372 unsigned int ino;
373 int pid;
374 int fd;
375 char *process;
376 char *process_ctx;
377 char *socket_ctx;
378 };
379
380 #define USER_ENT_HASH_SIZE 256
381 struct user_ent *user_ent_hash[USER_ENT_HASH_SIZE];
382
383 static int user_ent_hashfn(unsigned int ino)
384 {
385 int val = (ino >> 24) ^ (ino >> 16) ^ (ino >> 8) ^ ino;
386
387 return val & (USER_ENT_HASH_SIZE - 1);
388 }
389
390 static void user_ent_add(unsigned int ino, char *process,
391 int pid, int fd,
392 char *proc_ctx,
393 char *sock_ctx)
394 {
395 struct user_ent *p, **pp;
396
397 p = malloc(sizeof(struct user_ent));
398 if (!p) {
399 fprintf(stderr, "ss: failed to malloc buffer\n");
400 abort();
401 }
402 p->next = NULL;
403 p->ino = ino;
404 p->pid = pid;
405 p->fd = fd;
406 p->process = strdup(process);
407 p->process_ctx = strdup(proc_ctx);
408 p->socket_ctx = strdup(sock_ctx);
409
410 pp = &user_ent_hash[user_ent_hashfn(ino)];
411 p->next = *pp;
412 *pp = p;
413 }
414
415 static void user_ent_destroy(void)
416 {
417 struct user_ent *p, *p_next;
418 int cnt = 0;
419
420 while (cnt != USER_ENT_HASH_SIZE) {
421 p = user_ent_hash[cnt];
422 while (p) {
423 free(p->process);
424 free(p->process_ctx);
425 free(p->socket_ctx);
426 p_next = p->next;
427 free(p);
428 p = p_next;
429 }
430 cnt++;
431 }
432 }
433
434 static void user_ent_hash_build(void)
435 {
436 const char *root = getenv("PROC_ROOT") ? : "/proc/";
437 struct dirent *d;
438 char name[1024];
439 int nameoff;
440 DIR *dir;
441 char *pid_context;
442 char *sock_context;
443 const char *no_ctx = "unavailable";
444
445 /* If show_users & show_proc_ctx set only do this once */
446 if (user_ent_hash_build_init != 0)
447 return;
448
449 user_ent_hash_build_init = 1;
450
451 strcpy(name, root);
452 if (strlen(name) == 0 || name[strlen(name)-1] != '/')
453 strcat(name, "/");
454
455 nameoff = strlen(name);
456
457 dir = opendir(name);
458 if (!dir)
459 return;
460
461 while ((d = readdir(dir)) != NULL) {
462 struct dirent *d1;
463 char process[16];
464 char *p;
465 int pid, pos;
466 DIR *dir1;
467 char crap;
468
469 if (sscanf(d->d_name, "%d%c", &pid, &crap) != 1)
470 continue;
471
472 if (getpidcon(pid, &pid_context) != 0)
473 pid_context = strdup(no_ctx);
474
475 sprintf(name + nameoff, "%d/fd/", pid);
476 pos = strlen(name);
477 if ((dir1 = opendir(name)) == NULL)
478 continue;
479
480 process[0] = '\0';
481 p = process;
482
483 while ((d1 = readdir(dir1)) != NULL) {
484 const char *pattern = "socket:[";
485 unsigned int ino;
486 char lnk[64];
487 int fd;
488 ssize_t link_len;
489 char tmp[1024];
490
491 if (sscanf(d1->d_name, "%d%c", &fd, &crap) != 1)
492 continue;
493
494 sprintf(name+pos, "%d", fd);
495
496 link_len = readlink(name, lnk, sizeof(lnk)-1);
497 if (link_len == -1)
498 continue;
499 lnk[link_len] = '\0';
500
501 if (strncmp(lnk, pattern, strlen(pattern)))
502 continue;
503
504 sscanf(lnk, "socket:[%u]", &ino);
505
506 snprintf(tmp, sizeof(tmp), "%s/%d/fd/%s",
507 root, pid, d1->d_name);
508
509 if (getfilecon(tmp, &sock_context) <= 0)
510 sock_context = strdup(no_ctx);
511
512 if (*p == '\0') {
513 FILE *fp;
514
515 snprintf(tmp, sizeof(tmp), "%s/%d/stat",
516 root, pid);
517 if ((fp = fopen(tmp, "r")) != NULL) {
518 fscanf(fp, "%*d (%[^)])", p);
519 fclose(fp);
520 }
521 }
522 user_ent_add(ino, p, pid, fd,
523 pid_context, sock_context);
524 free(sock_context);
525 }
526 free(pid_context);
527 closedir(dir1);
528 }
529 closedir(dir);
530 }
531
532 enum entry_types {
533 USERS,
534 PROC_CTX,
535 PROC_SOCK_CTX
536 };
537
538 #define ENTRY_BUF_SIZE 512
539 static int find_entry(unsigned ino, char **buf, int type)
540 {
541 struct user_ent *p;
542 int cnt = 0;
543 char *ptr;
544 char **new_buf = buf;
545 int len, new_buf_len;
546 int buf_used = 0;
547 int buf_len = 0;
548
549 if (!ino)
550 return 0;
551
552 p = user_ent_hash[user_ent_hashfn(ino)];
553 ptr = *buf = NULL;
554 while (p) {
555 if (p->ino != ino)
556 goto next;
557
558 while (1) {
559 ptr = *buf + buf_used;
560 switch (type) {
561 case USERS:
562 len = snprintf(ptr, buf_len - buf_used,
563 "(\"%s\",pid=%d,fd=%d),",
564 p->process, p->pid, p->fd);
565 break;
566 case PROC_CTX:
567 len = snprintf(ptr, buf_len - buf_used,
568 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d),",
569 p->process, p->pid,
570 p->process_ctx, p->fd);
571 break;
572 case PROC_SOCK_CTX:
573 len = snprintf(ptr, buf_len - buf_used,
574 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d,sock_ctx=%s),",
575 p->process, p->pid,
576 p->process_ctx, p->fd,
577 p->socket_ctx);
578 break;
579 default:
580 fprintf(stderr, "ss: invalid type: %d\n", type);
581 abort();
582 }
583
584 if (len < 0 || len >= buf_len - buf_used) {
585 new_buf_len = buf_len + ENTRY_BUF_SIZE;
586 *new_buf = realloc(*buf, new_buf_len);
587 if (!new_buf) {
588 fprintf(stderr, "ss: failed to malloc buffer\n");
589 abort();
590 }
591 **buf = **new_buf;
592 buf_len = new_buf_len;
593 continue;
594 } else {
595 buf_used += len;
596 break;
597 }
598 }
599 cnt++;
600 next:
601 p = p->next;
602 }
603 if (buf_used) {
604 ptr = *buf + buf_used;
605 ptr[-1] = '\0';
606 }
607 return cnt;
608 }
609
610 /* Get stats from slab */
611
612 struct slabstat
613 {
614 int socks;
615 int tcp_ports;
616 int tcp_tws;
617 int tcp_syns;
618 int skbs;
619 };
620
621 struct slabstat slabstat;
622
623 static const char *slabstat_ids[] =
624 {
625 "sock",
626 "tcp_bind_bucket",
627 "tcp_tw_bucket",
628 "tcp_open_request",
629 "skbuff_head_cache",
630 };
631
632 static int get_slabstat(struct slabstat *s)
633 {
634 char buf[256];
635 FILE *fp;
636 int cnt;
637
638 memset(s, 0, sizeof(*s));
639
640 fp = slabinfo_open();
641 if (!fp)
642 return -1;
643
644 cnt = sizeof(*s)/sizeof(int);
645
646 fgets(buf, sizeof(buf), fp);
647 while(fgets(buf, sizeof(buf), fp) != NULL) {
648 int i;
649 for (i=0; i<sizeof(slabstat_ids)/sizeof(slabstat_ids[0]); i++) {
650 if (memcmp(buf, slabstat_ids[i], strlen(slabstat_ids[i])) == 0) {
651 sscanf(buf, "%*s%d", ((int *)s) + i);
652 cnt--;
653 break;
654 }
655 }
656 if (cnt <= 0)
657 break;
658 }
659
660 fclose(fp);
661 return 0;
662 }
663
664 static const char *sstate_name[] = {
665 "UNKNOWN",
666 [SS_ESTABLISHED] = "ESTAB",
667 [SS_SYN_SENT] = "SYN-SENT",
668 [SS_SYN_RECV] = "SYN-RECV",
669 [SS_FIN_WAIT1] = "FIN-WAIT-1",
670 [SS_FIN_WAIT2] = "FIN-WAIT-2",
671 [SS_TIME_WAIT] = "TIME-WAIT",
672 [SS_CLOSE] = "UNCONN",
673 [SS_CLOSE_WAIT] = "CLOSE-WAIT",
674 [SS_LAST_ACK] = "LAST-ACK",
675 [SS_LISTEN] = "LISTEN",
676 [SS_CLOSING] = "CLOSING",
677 };
678
679 static const char *sstate_namel[] = {
680 "UNKNOWN",
681 [SS_ESTABLISHED] = "established",
682 [SS_SYN_SENT] = "syn-sent",
683 [SS_SYN_RECV] = "syn-recv",
684 [SS_FIN_WAIT1] = "fin-wait-1",
685 [SS_FIN_WAIT2] = "fin-wait-2",
686 [SS_TIME_WAIT] = "time-wait",
687 [SS_CLOSE] = "unconnected",
688 [SS_CLOSE_WAIT] = "close-wait",
689 [SS_LAST_ACK] = "last-ack",
690 [SS_LISTEN] = "listening",
691 [SS_CLOSING] = "closing",
692 };
693
694 struct dctcpstat
695 {
696 unsigned int ce_state;
697 unsigned int alpha;
698 unsigned int ab_ecn;
699 unsigned int ab_tot;
700 bool enabled;
701 };
702
703 struct tcpstat
704 {
705 inet_prefix local;
706 inet_prefix remote;
707 int lport;
708 int rport;
709 int state;
710 int rq, wq;
711 unsigned ino;
712 unsigned uid;
713 int refcnt;
714 unsigned int iface;
715 unsigned long long sk;
716 int timer;
717 int timeout;
718 int probes;
719 char *cong_alg;
720 double rto, ato, rtt, rttvar;
721 int qack, cwnd, ssthresh, backoff;
722 double send_bps;
723 int snd_wscale;
724 int rcv_wscale;
725 int mss;
726 unsigned int lastsnd;
727 unsigned int lastrcv;
728 unsigned int lastack;
729 double pacing_rate;
730 double pacing_rate_max;
731 unsigned int unacked;
732 unsigned int retrans;
733 unsigned int retrans_total;
734 unsigned int lost;
735 unsigned int sacked;
736 unsigned int fackets;
737 unsigned int reordering;
738 double rcv_rtt;
739 int rcv_space;
740 bool has_ts_opt;
741 bool has_sack_opt;
742 bool has_ecn_opt;
743 bool has_ecnseen_opt;
744 bool has_fastopen_opt;
745 bool has_wscale_opt;
746 struct dctcpstat *dctcp;
747 };
748
749 static const char *tmr_name[] = {
750 "off",
751 "on",
752 "keepalive",
753 "timewait",
754 "persist",
755 "unknown"
756 };
757
758 static const char *print_ms_timer(int timeout)
759 {
760 static char buf[64];
761 int secs, msecs, minutes;
762 if (timeout < 0)
763 timeout = 0;
764 secs = timeout/1000;
765 minutes = secs/60;
766 secs = secs%60;
767 msecs = timeout%1000;
768 buf[0] = 0;
769 if (minutes) {
770 msecs = 0;
771 snprintf(buf, sizeof(buf)-16, "%dmin", minutes);
772 if (minutes > 9)
773 secs = 0;
774 }
775 if (secs) {
776 if (secs > 9)
777 msecs = 0;
778 sprintf(buf+strlen(buf), "%d%s", secs, msecs ? "." : "sec");
779 }
780 if (msecs)
781 sprintf(buf+strlen(buf), "%03dms", msecs);
782 return buf;
783 }
784
785 struct scache
786 {
787 struct scache *next;
788 int port;
789 char *name;
790 const char *proto;
791 };
792
793 struct scache *rlist;
794
795 static void init_service_resolver(void)
796 {
797 char buf[128];
798 FILE *fp = popen("/usr/sbin/rpcinfo -p 2>/dev/null", "r");
799 if (fp) {
800 fgets(buf, sizeof(buf), fp);
801 while (fgets(buf, sizeof(buf), fp) != NULL) {
802 unsigned int progn, port;
803 char proto[128], prog[128];
804 if (sscanf(buf, "%u %*d %s %u %s", &progn, proto,
805 &port, prog+4) == 4) {
806 struct scache *c = malloc(sizeof(*c));
807 if (c) {
808 c->port = port;
809 memcpy(prog, "rpc.", 4);
810 c->name = strdup(prog);
811 if (strcmp(proto, TCP_PROTO) == 0)
812 c->proto = TCP_PROTO;
813 else if (strcmp(proto, UDP_PROTO) == 0)
814 c->proto = UDP_PROTO;
815 else
816 c->proto = NULL;
817 c->next = rlist;
818 rlist = c;
819 }
820 }
821 }
822 pclose(fp);
823 }
824 }
825
826 static int ip_local_port_min, ip_local_port_max;
827
828 /* Even do not try default linux ephemeral port ranges:
829 * default /etc/services contains so much of useless crap
830 * wouldbe "allocated" to this area that resolution
831 * is really harmful. I shrug each time when seeing
832 * "socks" or "cfinger" in dumps.
833 */
834 static int is_ephemeral(int port)
835 {
836 if (!ip_local_port_min) {
837 FILE *f = ephemeral_ports_open();
838 if (f) {
839 fscanf(f, "%d %d",
840 &ip_local_port_min, &ip_local_port_max);
841 fclose(f);
842 } else {
843 ip_local_port_min = 1024;
844 ip_local_port_max = 4999;
845 }
846 }
847
848 return (port >= ip_local_port_min && port<= ip_local_port_max);
849 }
850
851
852 static const char *__resolve_service(int port)
853 {
854 struct scache *c;
855
856 for (c = rlist; c; c = c->next) {
857 if (c->port == port && c->proto == dg_proto)
858 return c->name;
859 }
860
861 if (!is_ephemeral(port)) {
862 static int notfirst;
863 struct servent *se;
864 if (!notfirst) {
865 setservent(1);
866 notfirst = 1;
867 }
868 se = getservbyport(htons(port), dg_proto);
869 if (se)
870 return se->s_name;
871 }
872
873 return NULL;
874 }
875
876
877 static const char *resolve_service(int port)
878 {
879 static char buf[128];
880 static struct scache cache[256];
881
882 if (port == 0) {
883 buf[0] = '*';
884 buf[1] = 0;
885 return buf;
886 }
887
888 if (resolve_services) {
889 if (dg_proto == RAW_PROTO) {
890 return inet_proto_n2a(port, buf, sizeof(buf));
891 } else {
892 struct scache *c;
893 const char *res;
894 int hash = (port^(((unsigned long)dg_proto)>>2))&255;
895
896 for (c = &cache[hash]; c; c = c->next) {
897 if (c->port == port &&
898 c->proto == dg_proto) {
899 if (c->name)
900 return c->name;
901 goto do_numeric;
902 }
903 }
904
905 if ((res = __resolve_service(port)) != NULL) {
906 if ((c = malloc(sizeof(*c))) == NULL)
907 goto do_numeric;
908 } else {
909 c = &cache[hash];
910 if (c->name)
911 free(c->name);
912 }
913 c->port = port;
914 c->name = NULL;
915 c->proto = dg_proto;
916 if (res) {
917 c->name = strdup(res);
918 c->next = cache[hash].next;
919 cache[hash].next = c;
920 }
921 if (c->name)
922 return c->name;
923 }
924 }
925
926 do_numeric:
927 sprintf(buf, "%u", port);
928 return buf;
929 }
930
931 static void formatted_print(const inet_prefix *a, int port, unsigned int ifindex)
932 {
933 char buf[1024];
934 const char *ap = buf;
935 int est_len;
936
937 est_len = addr_width;
938
939 if (a->family == AF_INET) {
940 if (a->data[0] == 0) {
941 buf[0] = '*';
942 buf[1] = 0;
943 } else {
944 ap = format_host(AF_INET, 4, a->data, buf, sizeof(buf));
945 }
946 } else {
947 ap = format_host(a->family, 16, a->data, buf, sizeof(buf));
948 est_len = strlen(ap);
949 if (est_len <= addr_width)
950 est_len = addr_width;
951 else
952 est_len = addr_width + ((est_len-addr_width+3)/4)*4;
953 }
954 if (ifindex) {
955 const char *ifname = ll_index_to_name(ifindex);
956 const int len = strlen(ifname) + 1; /* +1 for percent char */
957
958 printf("%*s%%%s:%-*s ", est_len - len, ap, ifname, serv_width,
959 resolve_service(port));
960 } else
961 printf("%*s:%-*s ", est_len, ap, serv_width, resolve_service(port));
962 }
963
964 struct aafilter
965 {
966 inet_prefix addr;
967 int port;
968 struct aafilter *next;
969 };
970
971 static int inet2_addr_match(const inet_prefix *a, const inet_prefix *p,
972 int plen)
973 {
974 if (!inet_addr_match(a, p, plen))
975 return 0;
976
977 /* Cursed "v4 mapped" addresses: v4 mapped socket matches
978 * pure IPv4 rule, but v4-mapped rule selects only v4-mapped
979 * sockets. Fair? */
980 if (p->family == AF_INET && a->family == AF_INET6) {
981 if (a->data[0] == 0 && a->data[1] == 0 &&
982 a->data[2] == htonl(0xffff)) {
983 inet_prefix tmp = *a;
984 tmp.data[0] = a->data[3];
985 return inet_addr_match(&tmp, p, plen);
986 }
987 }
988 return 1;
989 }
990
991 static int unix_match(const inet_prefix *a, const inet_prefix *p)
992 {
993 char *addr, *pattern;
994 memcpy(&addr, a->data, sizeof(addr));
995 memcpy(&pattern, p->data, sizeof(pattern));
996 if (pattern == NULL)
997 return 1;
998 if (addr == NULL)
999 addr = "";
1000 return !fnmatch(pattern, addr, 0);
1001 }
1002
1003 static int run_ssfilter(struct ssfilter *f, struct tcpstat *s)
1004 {
1005 switch (f->type) {
1006 case SSF_S_AUTO:
1007 {
1008 static int low, high=65535;
1009
1010 if (s->local.family == AF_UNIX) {
1011 char *p;
1012 memcpy(&p, s->local.data, sizeof(p));
1013 return p == NULL || (p[0] == '@' && strlen(p) == 6 &&
1014 strspn(p+1, "0123456789abcdef") == 5);
1015 }
1016 if (s->local.family == AF_PACKET)
1017 return s->lport == 0 && s->local.data == 0;
1018 if (s->local.family == AF_NETLINK)
1019 return s->lport < 0;
1020
1021 if (!low) {
1022 FILE *fp = ephemeral_ports_open();
1023 if (fp) {
1024 fscanf(fp, "%d%d", &low, &high);
1025 fclose(fp);
1026 }
1027 }
1028 return s->lport >= low && s->lport <= high;
1029 }
1030 case SSF_DCOND:
1031 {
1032 struct aafilter *a = (void*)f->pred;
1033 if (a->addr.family == AF_UNIX)
1034 return unix_match(&s->remote, &a->addr);
1035 if (a->port != -1 && a->port != s->rport)
1036 return 0;
1037 if (a->addr.bitlen) {
1038 do {
1039 if (!inet2_addr_match(&s->remote, &a->addr, a->addr.bitlen))
1040 return 1;
1041 } while ((a = a->next) != NULL);
1042 return 0;
1043 }
1044 return 1;
1045 }
1046 case SSF_SCOND:
1047 {
1048 struct aafilter *a = (void*)f->pred;
1049 if (a->addr.family == AF_UNIX)
1050 return unix_match(&s->local, &a->addr);
1051 if (a->port != -1 && a->port != s->lport)
1052 return 0;
1053 if (a->addr.bitlen) {
1054 do {
1055 if (!inet2_addr_match(&s->local, &a->addr, a->addr.bitlen))
1056 return 1;
1057 } while ((a = a->next) != NULL);
1058 return 0;
1059 }
1060 return 1;
1061 }
1062 case SSF_D_GE:
1063 {
1064 struct aafilter *a = (void*)f->pred;
1065 return s->rport >= a->port;
1066 }
1067 case SSF_D_LE:
1068 {
1069 struct aafilter *a = (void*)f->pred;
1070 return s->rport <= a->port;
1071 }
1072 case SSF_S_GE:
1073 {
1074 struct aafilter *a = (void*)f->pred;
1075 return s->lport >= a->port;
1076 }
1077 case SSF_S_LE:
1078 {
1079 struct aafilter *a = (void*)f->pred;
1080 return s->lport <= a->port;
1081 }
1082
1083 /* Yup. It is recursion. Sorry. */
1084 case SSF_AND:
1085 return run_ssfilter(f->pred, s) && run_ssfilter(f->post, s);
1086 case SSF_OR:
1087 return run_ssfilter(f->pred, s) || run_ssfilter(f->post, s);
1088 case SSF_NOT:
1089 return !run_ssfilter(f->pred, s);
1090 default:
1091 abort();
1092 }
1093 }
1094
1095 /* Relocate external jumps by reloc. */
1096 static void ssfilter_patch(char *a, int len, int reloc)
1097 {
1098 while (len > 0) {
1099 struct inet_diag_bc_op *op = (struct inet_diag_bc_op*)a;
1100 if (op->no == len+4)
1101 op->no += reloc;
1102 len -= op->yes;
1103 a += op->yes;
1104 }
1105 if (len < 0)
1106 abort();
1107 }
1108
1109 static int ssfilter_bytecompile(struct ssfilter *f, char **bytecode)
1110 {
1111 switch (f->type) {
1112 case SSF_S_AUTO:
1113 {
1114 if (!(*bytecode=malloc(4))) abort();
1115 ((struct inet_diag_bc_op*)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_AUTO, 4, 8 };
1116 return 4;
1117 }
1118 case SSF_DCOND:
1119 case SSF_SCOND:
1120 {
1121 struct aafilter *a = (void*)f->pred;
1122 struct aafilter *b;
1123 char *ptr;
1124 int code = (f->type == SSF_DCOND ? INET_DIAG_BC_D_COND : INET_DIAG_BC_S_COND);
1125 int len = 0;
1126
1127 for (b=a; b; b=b->next) {
1128 len += 4 + sizeof(struct inet_diag_hostcond);
1129 if (a->addr.family == AF_INET6)
1130 len += 16;
1131 else
1132 len += 4;
1133 if (b->next)
1134 len += 4;
1135 }
1136 if (!(ptr = malloc(len))) abort();
1137 *bytecode = ptr;
1138 for (b=a; b; b=b->next) {
1139 struct inet_diag_bc_op *op = (struct inet_diag_bc_op *)ptr;
1140 int alen = (a->addr.family == AF_INET6 ? 16 : 4);
1141 int oplen = alen + 4 + sizeof(struct inet_diag_hostcond);
1142 struct inet_diag_hostcond *cond = (struct inet_diag_hostcond*)(ptr+4);
1143
1144 *op = (struct inet_diag_bc_op){ code, oplen, oplen+4 };
1145 cond->family = a->addr.family;
1146 cond->port = a->port;
1147 cond->prefix_len = a->addr.bitlen;
1148 memcpy(cond->addr, a->addr.data, alen);
1149 ptr += oplen;
1150 if (b->next) {
1151 op = (struct inet_diag_bc_op *)ptr;
1152 *op = (struct inet_diag_bc_op){ INET_DIAG_BC_JMP, 4, len - (ptr-*bytecode)};
1153 ptr += 4;
1154 }
1155 }
1156 return ptr - *bytecode;
1157 }
1158 case SSF_D_GE:
1159 {
1160 struct aafilter *x = (void*)f->pred;
1161 if (!(*bytecode=malloc(8))) abort();
1162 ((struct inet_diag_bc_op*)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_D_GE, 8, 12 };
1163 ((struct inet_diag_bc_op*)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1164 return 8;
1165 }
1166 case SSF_D_LE:
1167 {
1168 struct aafilter *x = (void*)f->pred;
1169 if (!(*bytecode=malloc(8))) abort();
1170 ((struct inet_diag_bc_op*)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_D_LE, 8, 12 };
1171 ((struct inet_diag_bc_op*)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1172 return 8;
1173 }
1174 case SSF_S_GE:
1175 {
1176 struct aafilter *x = (void*)f->pred;
1177 if (!(*bytecode=malloc(8))) abort();
1178 ((struct inet_diag_bc_op*)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_S_GE, 8, 12 };
1179 ((struct inet_diag_bc_op*)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1180 return 8;
1181 }
1182 case SSF_S_LE:
1183 {
1184 struct aafilter *x = (void*)f->pred;
1185 if (!(*bytecode=malloc(8))) abort();
1186 ((struct inet_diag_bc_op*)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_S_LE, 8, 12 };
1187 ((struct inet_diag_bc_op*)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1188 return 8;
1189 }
1190
1191 case SSF_AND:
1192 {
1193 char *a1, *a2, *a;
1194 int l1, l2;
1195 l1 = ssfilter_bytecompile(f->pred, &a1);
1196 l2 = ssfilter_bytecompile(f->post, &a2);
1197 if (!(a = malloc(l1+l2))) abort();
1198 memcpy(a, a1, l1);
1199 memcpy(a+l1, a2, l2);
1200 free(a1); free(a2);
1201 ssfilter_patch(a, l1, l2);
1202 *bytecode = a;
1203 return l1+l2;
1204 }
1205 case SSF_OR:
1206 {
1207 char *a1, *a2, *a;
1208 int l1, l2;
1209 l1 = ssfilter_bytecompile(f->pred, &a1);
1210 l2 = ssfilter_bytecompile(f->post, &a2);
1211 if (!(a = malloc(l1+l2+4))) abort();
1212 memcpy(a, a1, l1);
1213 memcpy(a+l1+4, a2, l2);
1214 free(a1); free(a2);
1215 *(struct inet_diag_bc_op*)(a+l1) = (struct inet_diag_bc_op){ INET_DIAG_BC_JMP, 4, l2+4 };
1216 *bytecode = a;
1217 return l1+l2+4;
1218 }
1219 case SSF_NOT:
1220 {
1221 char *a1, *a;
1222 int l1;
1223 l1 = ssfilter_bytecompile(f->pred, &a1);
1224 if (!(a = malloc(l1+4))) abort();
1225 memcpy(a, a1, l1);
1226 free(a1);
1227 *(struct inet_diag_bc_op*)(a+l1) = (struct inet_diag_bc_op){ INET_DIAG_BC_JMP, 4, 8 };
1228 *bytecode = a;
1229 return l1+4;
1230 }
1231 default:
1232 abort();
1233 }
1234 }
1235
1236 static int remember_he(struct aafilter *a, struct hostent *he)
1237 {
1238 char **ptr = he->h_addr_list;
1239 int cnt = 0;
1240 int len;
1241
1242 if (he->h_addrtype == AF_INET)
1243 len = 4;
1244 else if (he->h_addrtype == AF_INET6)
1245 len = 16;
1246 else
1247 return 0;
1248
1249 while (*ptr) {
1250 struct aafilter *b = a;
1251 if (a->addr.bitlen) {
1252 if ((b = malloc(sizeof(*b))) == NULL)
1253 return cnt;
1254 *b = *a;
1255 b->next = a->next;
1256 a->next = b;
1257 }
1258 memcpy(b->addr.data, *ptr, len);
1259 b->addr.bytelen = len;
1260 b->addr.bitlen = len*8;
1261 b->addr.family = he->h_addrtype;
1262 ptr++;
1263 cnt++;
1264 }
1265 return cnt;
1266 }
1267
1268 static int get_dns_host(struct aafilter *a, const char *addr, int fam)
1269 {
1270 static int notfirst;
1271 int cnt = 0;
1272 struct hostent *he;
1273
1274 a->addr.bitlen = 0;
1275 if (!notfirst) {
1276 sethostent(1);
1277 notfirst = 1;
1278 }
1279 he = gethostbyname2(addr, fam == AF_UNSPEC ? AF_INET : fam);
1280 if (he)
1281 cnt = remember_he(a, he);
1282 if (fam == AF_UNSPEC) {
1283 he = gethostbyname2(addr, AF_INET6);
1284 if (he)
1285 cnt += remember_he(a, he);
1286 }
1287 return !cnt;
1288 }
1289
1290 static int xll_initted = 0;
1291
1292 static void xll_init(void)
1293 {
1294 struct rtnl_handle rth;
1295 if (rtnl_open(&rth, 0) < 0)
1296 exit(1);
1297
1298 ll_init_map(&rth);
1299 rtnl_close(&rth);
1300 xll_initted = 1;
1301 }
1302
1303 static const char *xll_index_to_name(int index)
1304 {
1305 if (!xll_initted)
1306 xll_init();
1307 return ll_index_to_name(index);
1308 }
1309
1310 static int xll_name_to_index(const char *dev)
1311 {
1312 if (!xll_initted)
1313 xll_init();
1314 return ll_name_to_index(dev);
1315 }
1316
1317 void *parse_hostcond(char *addr)
1318 {
1319 char *port = NULL;
1320 struct aafilter a = { .port = -1 };
1321 struct aafilter *res;
1322 int fam = preferred_family;
1323 struct filter *f = &current_filter;
1324
1325 if (fam == AF_UNIX || strncmp(addr, "unix:", 5) == 0) {
1326 char *p;
1327 a.addr.family = AF_UNIX;
1328 if (strncmp(addr, "unix:", 5) == 0)
1329 addr+=5;
1330 p = strdup(addr);
1331 a.addr.bitlen = 8*strlen(p);
1332 memcpy(a.addr.data, &p, sizeof(p));
1333 fam = AF_UNIX;
1334 goto out;
1335 }
1336
1337 if (fam == AF_PACKET || strncmp(addr, "link:", 5) == 0) {
1338 a.addr.family = AF_PACKET;
1339 a.addr.bitlen = 0;
1340 if (strncmp(addr, "link:", 5) == 0)
1341 addr+=5;
1342 port = strchr(addr, ':');
1343 if (port) {
1344 *port = 0;
1345 if (port[1] && strcmp(port+1, "*")) {
1346 if (get_integer(&a.port, port+1, 0)) {
1347 if ((a.port = xll_name_to_index(port+1)) <= 0)
1348 return NULL;
1349 }
1350 }
1351 }
1352 if (addr[0] && strcmp(addr, "*")) {
1353 unsigned short tmp;
1354 a.addr.bitlen = 32;
1355 if (ll_proto_a2n(&tmp, addr))
1356 return NULL;
1357 a.addr.data[0] = ntohs(tmp);
1358 }
1359 fam = AF_PACKET;
1360 goto out;
1361 }
1362
1363 if (fam == AF_NETLINK || strncmp(addr, "netlink:", 8) == 0) {
1364 a.addr.family = AF_NETLINK;
1365 a.addr.bitlen = 0;
1366 if (strncmp(addr, "netlink:", 8) == 0)
1367 addr+=8;
1368 port = strchr(addr, ':');
1369 if (port) {
1370 *port = 0;
1371 if (port[1] && strcmp(port+1, "*")) {
1372 if (get_integer(&a.port, port+1, 0)) {
1373 if (strcmp(port+1, "kernel") == 0)
1374 a.port = 0;
1375 else
1376 return NULL;
1377 }
1378 }
1379 }
1380 if (addr[0] && strcmp(addr, "*")) {
1381 a.addr.bitlen = 32;
1382 if (nl_proto_a2n(&a.addr.data[0], addr) == -1)
1383 return NULL;
1384 }
1385 fam = AF_NETLINK;
1386 goto out;
1387 }
1388
1389 if (fam == AF_INET || !strncmp(addr, "inet:", 5)) {
1390 fam = AF_INET;
1391 if (!strncmp(addr, "inet:", 5))
1392 addr += 5;
1393 } else if (fam == AF_INET6 || !strncmp(addr, "inet6:", 6)) {
1394 fam = AF_INET6;
1395 if (!strncmp(addr, "inet6:", 6))
1396 addr += 6;
1397 }
1398
1399 /* URL-like literal [] */
1400 if (addr[0] == '[') {
1401 addr++;
1402 if ((port = strchr(addr, ']')) == NULL)
1403 return NULL;
1404 *port++ = 0;
1405 } else if (addr[0] == '*') {
1406 port = addr+1;
1407 } else {
1408 port = strrchr(strchr(addr, '/') ? : addr, ':');
1409 }
1410 if (port && *port) {
1411 if (*port != ':')
1412 return NULL;
1413 *port++ = 0;
1414 if (*port && *port != '*') {
1415 if (get_integer(&a.port, port, 0)) {
1416 struct servent *se1 = NULL;
1417 struct servent *se2 = NULL;
1418 if (current_filter.dbs&(1<<UDP_DB))
1419 se1 = getservbyname(port, UDP_PROTO);
1420 if (current_filter.dbs&(1<<TCP_DB))
1421 se2 = getservbyname(port, TCP_PROTO);
1422 if (se1 && se2 && se1->s_port != se2->s_port) {
1423 fprintf(stderr, "Error: ambiguous port \"%s\".\n", port);
1424 return NULL;
1425 }
1426 if (!se1)
1427 se1 = se2;
1428 if (se1) {
1429 a.port = ntohs(se1->s_port);
1430 } else {
1431 struct scache *s;
1432 for (s = rlist; s; s = s->next) {
1433 if ((s->proto == UDP_PROTO &&
1434 (current_filter.dbs&(1<<UDP_DB))) ||
1435 (s->proto == TCP_PROTO &&
1436 (current_filter.dbs&(1<<TCP_DB)))) {
1437 if (s->name && strcmp(s->name, port) == 0) {
1438 if (a.port > 0 && a.port != s->port) {
1439 fprintf(stderr, "Error: ambiguous port \"%s\".\n", port);
1440 return NULL;
1441 }
1442 a.port = s->port;
1443 }
1444 }
1445 }
1446 if (a.port <= 0) {
1447 fprintf(stderr, "Error: \"%s\" does not look like a port.\n", port);
1448 return NULL;
1449 }
1450 }
1451 }
1452 }
1453 }
1454 if (addr && *addr && *addr != '*') {
1455 if (get_prefix_1(&a.addr, addr, fam)) {
1456 if (get_dns_host(&a, addr, fam)) {
1457 fprintf(stderr, "Error: an inet prefix is expected rather than \"%s\".\n", addr);
1458 return NULL;
1459 }
1460 }
1461 }
1462
1463 out:
1464 if (fam != AF_UNSPEC) {
1465 f->families = 0;
1466 filter_af_set(f, fam);
1467 filter_merge(f, f, 0);
1468 }
1469
1470 res = malloc(sizeof(*res));
1471 if (res)
1472 memcpy(res, &a, sizeof(a));
1473 return res;
1474 }
1475
1476 static char *proto_name(int protocol)
1477 {
1478 switch (protocol) {
1479 case IPPROTO_UDP:
1480 return "udp";
1481 case IPPROTO_TCP:
1482 return "tcp";
1483 case IPPROTO_DCCP:
1484 return "dccp";
1485 }
1486
1487 return "???";
1488 }
1489
1490 static void inet_stats_print(struct tcpstat *s, int protocol)
1491 {
1492 char *buf = NULL;
1493
1494 if (netid_width)
1495 printf("%-*s ", netid_width, proto_name(protocol));
1496 if (state_width)
1497 printf("%-*s ", state_width, sstate_name[s->state]);
1498
1499 printf("%-6d %-6d ", s->rq, s->wq);
1500
1501 formatted_print(&s->local, s->lport, s->iface);
1502 formatted_print(&s->remote, s->rport, 0);
1503
1504 if (show_options) {
1505 if (s->timer) {
1506 if (s->timer > 4)
1507 s->timer = 5;
1508 printf(" timer:(%s,%s,%d)",
1509 tmr_name[s->timer],
1510 print_ms_timer(s->timeout),
1511 s->retrans);
1512 }
1513 }
1514
1515 if (show_proc_ctx || show_sock_ctx) {
1516 if (find_entry(s->ino, &buf,
1517 (show_proc_ctx & show_sock_ctx) ?
1518 PROC_SOCK_CTX : PROC_CTX) > 0) {
1519 printf(" users:(%s)", buf);
1520 free(buf);
1521 }
1522 } else if (show_users) {
1523 if (find_entry(s->ino, &buf, USERS) > 0) {
1524 printf(" users:(%s)", buf);
1525 free(buf);
1526 }
1527 }
1528 }
1529
1530 static int proc_parse_inet_addr(char *loc, char *rem, int family, struct tcpstat *s)
1531 {
1532 s->local.family = s->remote.family = family;
1533 if (family == AF_INET) {
1534 sscanf(loc, "%x:%x", s->local.data, (unsigned*)&s->lport);
1535 sscanf(rem, "%x:%x", s->remote.data, (unsigned*)&s->rport);
1536 s->local.bytelen = s->remote.bytelen = 4;
1537 return 0;
1538 } else {
1539 sscanf(loc, "%08x%08x%08x%08x:%x",
1540 s->local.data,
1541 s->local.data + 1,
1542 s->local.data + 2,
1543 s->local.data + 3,
1544 &s->lport);
1545 sscanf(rem, "%08x%08x%08x%08x:%x",
1546 s->remote.data,
1547 s->remote.data + 1,
1548 s->remote.data + 2,
1549 s->remote.data + 3,
1550 &s->rport);
1551 s->local.bytelen = s->remote.bytelen = 16;
1552 return 0;
1553 }
1554 return -1;
1555 }
1556
1557 static int proc_inet_split_line(char *line, char **loc, char **rem, char **data)
1558 {
1559 char *p;
1560
1561 if ((p = strchr(line, ':')) == NULL)
1562 return -1;
1563
1564 *loc = p+2;
1565 if ((p = strchr(*loc, ':')) == NULL)
1566 return -1;
1567
1568 p[5] = 0;
1569 *rem = p+6;
1570 if ((p = strchr(*rem, ':')) == NULL)
1571 return -1;
1572
1573 p[5] = 0;
1574 *data = p+6;
1575 return 0;
1576 }
1577
1578 static char *sprint_bw(char *buf, double bw)
1579 {
1580 if (bw > 1000000.)
1581 sprintf(buf,"%.1fM", bw / 1000000.);
1582 else if (bw > 1000.)
1583 sprintf(buf,"%.1fK", bw / 1000.);
1584 else
1585 sprintf(buf, "%g", bw);
1586
1587 return buf;
1588 }
1589
1590 static void tcp_stats_print(struct tcpstat *s)
1591 {
1592 char b1[64];
1593
1594 if (s->has_ts_opt)
1595 printf(" ts");
1596 if (s->has_sack_opt)
1597 printf(" sack");
1598 if (s->has_ecn_opt)
1599 printf(" ecn");
1600 if (s->has_ecnseen_opt)
1601 printf(" ecnseen");
1602 if (s->has_fastopen_opt)
1603 printf(" fastopen");
1604 if (s->cong_alg)
1605 printf(" %s", s->cong_alg);
1606 if (s->has_wscale_opt)
1607 printf(" wscale:%d,%d", s->snd_wscale, s->rcv_wscale);
1608 if (s->rto)
1609 printf(" rto:%g", s->rto);
1610 if (s->backoff)
1611 printf(" backoff:%u", s->backoff);
1612 if (s->rtt)
1613 printf(" rtt:%g/%g", s->rtt, s->rttvar);
1614 if (s->ato)
1615 printf(" ato:%g", s->ato);
1616
1617 if (s->qack)
1618 printf(" qack:%d", s->qack);
1619 if (s->qack & 1)
1620 printf(" bidir");
1621
1622 if (s->mss)
1623 printf(" mss:%d", s->mss);
1624 if (s->cwnd && s->cwnd != 2)
1625 printf(" cwnd:%d", s->cwnd);
1626 if (s->ssthresh)
1627 printf(" ssthresh:%d", s->ssthresh);
1628
1629 if (s->dctcp && s->dctcp->enabled) {
1630 struct dctcpstat *dctcp = s->dctcp;
1631
1632 printf(" ce_state %u alpha %u ab_ecn %u ab_tot %u",
1633 dctcp->ce_state, dctcp->alpha, dctcp->ab_ecn,
1634 dctcp->ab_tot);
1635 } else if (s->dctcp) {
1636 printf(" fallback_mode");
1637 }
1638
1639 if (s->send_bps)
1640 printf(" send %sbps", sprint_bw(b1, s->send_bps));
1641 if (s->lastsnd)
1642 printf(" lastsnd:%u", s->lastsnd);
1643 if (s->lastrcv)
1644 printf(" lastrcv:%u", s->lastrcv);
1645 if (s->lastack)
1646 printf(" lastack:%u", s->lastack);
1647
1648 if (s->pacing_rate) {
1649 printf(" pacing_rate %sbps", sprint_bw(b1, s->pacing_rate));
1650 if (s->pacing_rate_max)
1651 printf("/%sbps", sprint_bw(b1,
1652 s->pacing_rate_max));
1653 }
1654
1655 if (s->unacked)
1656 printf(" unacked:%u", s->unacked);
1657 if (s->retrans || s->retrans_total)
1658 printf(" retrans:%u/%u", s->retrans, s->retrans_total);
1659 if (s->lost)
1660 printf(" lost:%u", s->lost);
1661 if (s->sacked && s->state != SS_LISTEN)
1662 printf(" sacked:%u", s->sacked);
1663 if (s->fackets)
1664 printf(" fackets:%u", s->fackets);
1665 if (s->reordering != 3)
1666 printf(" reordering:%d", s->reordering);
1667 if (s->rcv_rtt)
1668 printf(" rcv_rtt:%g", s->rcv_rtt);
1669 if (s->rcv_space)
1670 printf(" rcv_space:%d", s->rcv_space);
1671 }
1672
1673 static int tcp_show_line(char *line, const struct filter *f, int family)
1674 {
1675 int rto = 0, ato = 0;
1676 struct tcpstat s = {};
1677 char *loc, *rem, *data;
1678 char opt[256];
1679 int n;
1680 int hz = get_user_hz();
1681
1682 if (proc_inet_split_line(line, &loc, &rem, &data))
1683 return -1;
1684
1685 int state = (data[1] >= 'A') ? (data[1] - 'A' + 10) : (data[1] - '0');
1686 if (!(f->states & (1 << state)))
1687 return 0;
1688
1689 proc_parse_inet_addr(loc, rem, family, &s);
1690
1691 if (f->f && run_ssfilter(f->f, &s) == 0)
1692 return 0;
1693
1694 opt[0] = 0;
1695 n = sscanf(data, "%x %x:%x %x:%x %x %d %d %u %d %llx %d %d %d %d %d %[^\n]\n",
1696 &s.state, &s.wq, &s.rq,
1697 &s.timer, &s.timeout, &s.retrans, &s.uid, &s.probes, &s.ino,
1698 &s.refcnt, &s.sk, &rto, &ato, &s.qack,
1699 &s.cwnd, &s.ssthresh, opt);
1700
1701 if (n < 17)
1702 opt[0] = 0;
1703
1704 if (n < 12) {
1705 rto = 0;
1706 s.cwnd = 2;
1707 s.ssthresh = -1;
1708 ato = s.qack = 0;
1709 }
1710
1711 s.retrans = s.timer != 1 ? s.probes : s.retrans;
1712 s.timeout = (s.timeout * 1000 + hz - 1) / hz;
1713 s.ato = (double)ato / hz;
1714 s.qack /= 2;
1715 s.rto = (double)rto;
1716 s.ssthresh = s.ssthresh == -1 ? 0 : s.ssthresh;
1717 s.rto = s.rto != 3 * hz ? s.rto / hz : 0;
1718
1719 inet_stats_print(&s, IPPROTO_TCP);
1720
1721 if (show_details) {
1722 if (s.uid)
1723 printf(" uid:%u", (unsigned)s.uid);
1724 printf(" ino:%u", s.ino);
1725 printf(" sk:%llx", s.sk);
1726 if (opt[0])
1727 printf(" opt:\"%s\"", opt);
1728 }
1729
1730 if (show_tcpinfo)
1731 tcp_stats_print(&s);
1732
1733 printf("\n");
1734 return 0;
1735 }
1736
1737 static int generic_record_read(FILE *fp,
1738 int (*worker)(char*, const struct filter *, int),
1739 const struct filter *f, int fam)
1740 {
1741 char line[256];
1742
1743 /* skip header */
1744 if (fgets(line, sizeof(line), fp) == NULL)
1745 goto outerr;
1746
1747 while (fgets(line, sizeof(line), fp) != NULL) {
1748 int n = strlen(line);
1749 if (n == 0 || line[n-1] != '\n') {
1750 errno = -EINVAL;
1751 return -1;
1752 }
1753 line[n-1] = 0;
1754
1755 if (worker(line, f, fam) < 0)
1756 return 0;
1757 }
1758 outerr:
1759
1760 return ferror(fp) ? -1 : 0;
1761 }
1762
1763 static void print_skmeminfo(struct rtattr *tb[], int attrtype)
1764 {
1765 const __u32 *skmeminfo;
1766
1767 if (!tb[attrtype]) {
1768 if (attrtype == INET_DIAG_SKMEMINFO) {
1769 if (!tb[INET_DIAG_MEMINFO])
1770 return;
1771
1772 const struct inet_diag_meminfo *minfo =
1773 RTA_DATA(tb[INET_DIAG_MEMINFO]);
1774
1775 printf(" mem:(r%u,w%u,f%u,t%u)",
1776 minfo->idiag_rmem,
1777 minfo->idiag_wmem,
1778 minfo->idiag_fmem,
1779 minfo->idiag_tmem);
1780 }
1781 return;
1782 }
1783
1784 skmeminfo = RTA_DATA(tb[attrtype]);
1785
1786 printf(" skmem:(r%u,rb%u,t%u,tb%u,f%u,w%u,o%u",
1787 skmeminfo[SK_MEMINFO_RMEM_ALLOC],
1788 skmeminfo[SK_MEMINFO_RCVBUF],
1789 skmeminfo[SK_MEMINFO_WMEM_ALLOC],
1790 skmeminfo[SK_MEMINFO_SNDBUF],
1791 skmeminfo[SK_MEMINFO_FWD_ALLOC],
1792 skmeminfo[SK_MEMINFO_WMEM_QUEUED],
1793 skmeminfo[SK_MEMINFO_OPTMEM]);
1794
1795 if (RTA_PAYLOAD(tb[attrtype]) >=
1796 (SK_MEMINFO_BACKLOG + 1) * sizeof(__u32))
1797 printf(",bl%u", skmeminfo[SK_MEMINFO_BACKLOG]);
1798
1799 printf(")");
1800 }
1801
1802 #define TCPI_HAS_OPT(info, opt) !!(info->tcpi_options & (opt))
1803
1804 static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
1805 struct rtattr *tb[])
1806 {
1807 double rtt = 0;
1808 struct tcpstat s = {};
1809
1810 print_skmeminfo(tb, INET_DIAG_SKMEMINFO);
1811
1812 if (tb[INET_DIAG_INFO]) {
1813 struct tcp_info *info;
1814 int len = RTA_PAYLOAD(tb[INET_DIAG_INFO]);
1815
1816 /* workaround for older kernels with less fields */
1817 if (len < sizeof(*info)) {
1818 info = alloca(sizeof(*info));
1819 memset(info, 0, sizeof(*info));
1820 memcpy(info, RTA_DATA(tb[INET_DIAG_INFO]), len);
1821 } else
1822 info = RTA_DATA(tb[INET_DIAG_INFO]);
1823
1824 if (show_options) {
1825 s.has_ts_opt = TCPI_HAS_OPT(info, TCPI_OPT_TIMESTAMPS);
1826 s.has_sack_opt = TCPI_HAS_OPT(info, TCPI_OPT_SACK);
1827 s.has_ecn_opt = TCPI_HAS_OPT(info, TCPI_OPT_ECN);
1828 s.has_ecnseen_opt = TCPI_HAS_OPT(info, TCPI_OPT_ECN_SEEN);
1829 s.has_fastopen_opt = TCPI_HAS_OPT(info, TCPI_OPT_SYN_DATA);
1830 }
1831
1832 if (tb[INET_DIAG_CONG]) {
1833 const char *cong_attr = rta_getattr_str(tb[INET_DIAG_CONG]);
1834 s.cong_alg = malloc(strlen(cong_attr + 1));
1835 strcpy(s.cong_alg, cong_attr);
1836 }
1837
1838 if (TCPI_HAS_OPT(info, TCPI_OPT_WSCALE)) {
1839 s.has_wscale_opt = true;
1840 s.snd_wscale = info->tcpi_snd_wscale;
1841 s.rcv_wscale = info->tcpi_rcv_wscale;
1842 }
1843
1844 if (info->tcpi_rto && info->tcpi_rto != 3000000)
1845 s.rto = (double)info->tcpi_rto / 1000;
1846
1847 s.backoff = info->tcpi_backoff;
1848 s.rtt = (double)info->tcpi_rtt / 1000;
1849 s.rttvar = (double)info->tcpi_rttvar / 1000;
1850 s.ato = (double)info->tcpi_rttvar / 1000;
1851 s.mss = info->tcpi_snd_mss;
1852 s.rcv_space = info->tcpi_rcv_space;
1853 s.rcv_rtt = (double)info->tcpi_rcv_rtt / 1000;
1854 s.lastsnd = info->tcpi_last_data_sent;
1855 s.lastrcv = info->tcpi_last_data_recv;
1856 s.lastack = info->tcpi_last_ack_recv;
1857 s.unacked = info->tcpi_unacked;
1858 s.retrans = info->tcpi_retrans;
1859 s.retrans_total = info->tcpi_total_retrans;
1860 s.lost = info->tcpi_lost;
1861 s.sacked = info->tcpi_sacked;
1862 s.reordering = info->tcpi_reordering;
1863 s.rcv_space = info->tcpi_rcv_space;
1864 s.cwnd = info->tcpi_snd_cwnd;
1865
1866 if (info->tcpi_snd_ssthresh < 0xFFFF)
1867 s.ssthresh = info->tcpi_snd_ssthresh;
1868
1869 rtt = (double) info->tcpi_rtt;
1870 if (tb[INET_DIAG_VEGASINFO]) {
1871 const struct tcpvegas_info *vinfo
1872 = RTA_DATA(tb[INET_DIAG_VEGASINFO]);
1873
1874 if (vinfo->tcpv_enabled &&
1875 vinfo->tcpv_rtt && vinfo->tcpv_rtt != 0x7fffffff)
1876 rtt = vinfo->tcpv_rtt;
1877 }
1878
1879 if (tb[INET_DIAG_DCTCPINFO]) {
1880 struct dctcpstat *dctcp = malloc(sizeof(struct
1881 dctcpstat));
1882
1883 const struct tcp_dctcp_info *dinfo
1884 = RTA_DATA(tb[INET_DIAG_DCTCPINFO]);
1885
1886 dctcp->enabled = !!dinfo->dctcp_enabled;
1887 dctcp->ce_state = dinfo->dctcp_ce_state;
1888 dctcp->alpha = dinfo->dctcp_alpha;
1889 dctcp->ab_ecn = dinfo->dctcp_ab_ecn;
1890 dctcp->ab_tot = dinfo->dctcp_ab_tot;
1891 s.dctcp = dctcp;
1892 }
1893
1894 if (rtt > 0 && info->tcpi_snd_mss && info->tcpi_snd_cwnd) {
1895 s.send_bps = (double) info->tcpi_snd_cwnd *
1896 (double)info->tcpi_snd_mss * 8000000. / rtt;
1897 }
1898
1899 if (info->tcpi_pacing_rate &&
1900 info->tcpi_pacing_rate != ~0ULL) {
1901 s.pacing_rate = info->tcpi_pacing_rate * 8.;
1902
1903 if (info->tcpi_max_pacing_rate &&
1904 info->tcpi_max_pacing_rate != ~0ULL)
1905 s.pacing_rate_max = info->tcpi_max_pacing_rate * 8.;
1906 }
1907 tcp_stats_print(&s);
1908 if (s.dctcp)
1909 free(s.dctcp);
1910 if (s.cong_alg)
1911 free(s.cong_alg);
1912 }
1913 }
1914
1915 static int inet_show_sock(struct nlmsghdr *nlh, struct filter *f, int protocol)
1916 {
1917 struct rtattr * tb[INET_DIAG_MAX+1];
1918 struct inet_diag_msg *r = NLMSG_DATA(nlh);
1919 struct tcpstat s = {};
1920
1921 parse_rtattr(tb, INET_DIAG_MAX, (struct rtattr*)(r+1),
1922 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
1923
1924 s.state = r->idiag_state;
1925 s.local.family = s.remote.family = r->idiag_family;
1926 s.lport = ntohs(r->id.idiag_sport);
1927 s.rport = ntohs(r->id.idiag_dport);
1928 s.wq = r->idiag_wqueue;
1929 s.rq = r->idiag_rqueue;
1930 s.timer = r->idiag_timer;
1931 s.timeout = r->idiag_expires;
1932 s.retrans = r->idiag_retrans;
1933 s.ino = r->idiag_inode;
1934 s.uid = r->idiag_uid;
1935 s.iface = r->id.idiag_if;
1936
1937 if (s.local.family == AF_INET) {
1938 s.local.bytelen = s.remote.bytelen = 4;
1939 } else {
1940 s.local.bytelen = s.remote.bytelen = 16;
1941 }
1942
1943 memcpy(s.local.data, r->id.idiag_src, s.local.bytelen);
1944 memcpy(s.remote.data, r->id.idiag_dst, s.local.bytelen);
1945
1946 if (f && f->f && run_ssfilter(f->f, &s) == 0)
1947 return 0;
1948
1949 inet_stats_print(&s, protocol);
1950
1951 if (show_details) {
1952 if (r->idiag_uid)
1953 printf(" uid:%u", (unsigned)r->idiag_uid);
1954 printf(" ino:%u", r->idiag_inode);
1955 printf(" sk:");
1956 if (r->id.idiag_cookie[1] != 0)
1957 printf("%08x", r->id.idiag_cookie[1]);
1958 printf("%08x", r->id.idiag_cookie[0]);
1959 if (tb[INET_DIAG_SHUTDOWN]) {
1960 unsigned char mask;
1961 mask = *(__u8 *)RTA_DATA(tb[INET_DIAG_SHUTDOWN]);
1962 printf(" %c-%c", mask & 1 ? '-' : '<', mask & 2 ? '-' : '>');
1963 }
1964 }
1965
1966 if (show_mem || show_tcpinfo) {
1967 printf("\n\t");
1968 tcp_show_info(nlh, r, tb);
1969 }
1970
1971 printf("\n");
1972 return 0;
1973 }
1974
1975 static int tcpdiag_send(int fd, int protocol, struct filter *f)
1976 {
1977 struct sockaddr_nl nladdr;
1978 struct {
1979 struct nlmsghdr nlh;
1980 struct inet_diag_req r;
1981 } req;
1982 char *bc = NULL;
1983 int bclen;
1984 struct msghdr msg;
1985 struct rtattr rta;
1986 struct iovec iov[3];
1987
1988 if (protocol == IPPROTO_UDP)
1989 return -1;
1990
1991 memset(&nladdr, 0, sizeof(nladdr));
1992 nladdr.nl_family = AF_NETLINK;
1993
1994 req.nlh.nlmsg_len = sizeof(req);
1995 if (protocol == IPPROTO_TCP)
1996 req.nlh.nlmsg_type = TCPDIAG_GETSOCK;
1997 else
1998 req.nlh.nlmsg_type = DCCPDIAG_GETSOCK;
1999 req.nlh.nlmsg_flags = NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST;
2000 req.nlh.nlmsg_pid = 0;
2001 req.nlh.nlmsg_seq = MAGIC_SEQ;
2002 memset(&req.r, 0, sizeof(req.r));
2003 req.r.idiag_family = AF_INET;
2004 req.r.idiag_states = f->states;
2005 if (show_mem) {
2006 req.r.idiag_ext |= (1<<(INET_DIAG_MEMINFO-1));
2007 req.r.idiag_ext |= (1<<(INET_DIAG_SKMEMINFO-1));
2008 }
2009
2010 if (show_tcpinfo) {
2011 req.r.idiag_ext |= (1<<(INET_DIAG_INFO-1));
2012 req.r.idiag_ext |= (1<<(INET_DIAG_VEGASINFO-1));
2013 req.r.idiag_ext |= (1<<(INET_DIAG_CONG-1));
2014 }
2015
2016 iov[0] = (struct iovec){
2017 .iov_base = &req,
2018 .iov_len = sizeof(req)
2019 };
2020 if (f->f) {
2021 bclen = ssfilter_bytecompile(f->f, &bc);
2022 rta.rta_type = INET_DIAG_REQ_BYTECODE;
2023 rta.rta_len = RTA_LENGTH(bclen);
2024 iov[1] = (struct iovec){ &rta, sizeof(rta) };
2025 iov[2] = (struct iovec){ bc, bclen };
2026 req.nlh.nlmsg_len += RTA_LENGTH(bclen);
2027 }
2028
2029 msg = (struct msghdr) {
2030 .msg_name = (void*)&nladdr,
2031 .msg_namelen = sizeof(nladdr),
2032 .msg_iov = iov,
2033 .msg_iovlen = f->f ? 3 : 1,
2034 };
2035
2036 if (sendmsg(fd, &msg, 0) < 0) {
2037 close(fd);
2038 return -1;
2039 }
2040
2041 return 0;
2042 }
2043
2044 static int sockdiag_send(int family, int fd, int protocol, struct filter *f)
2045 {
2046 struct sockaddr_nl nladdr;
2047 DIAG_REQUEST(req, struct inet_diag_req_v2 r);
2048 char *bc = NULL;
2049 int bclen;
2050 struct msghdr msg;
2051 struct rtattr rta;
2052 struct iovec iov[3];
2053
2054 if (family == PF_UNSPEC)
2055 return tcpdiag_send(fd, protocol, f);
2056
2057 memset(&nladdr, 0, sizeof(nladdr));
2058 nladdr.nl_family = AF_NETLINK;
2059
2060 memset(&req.r, 0, sizeof(req.r));
2061 req.r.sdiag_family = family;
2062 req.r.sdiag_protocol = protocol;
2063 req.r.idiag_states = f->states;
2064 if (show_mem) {
2065 req.r.idiag_ext |= (1<<(INET_DIAG_MEMINFO-1));
2066 req.r.idiag_ext |= (1<<(INET_DIAG_SKMEMINFO-1));
2067 }
2068
2069 if (show_tcpinfo) {
2070 req.r.idiag_ext |= (1<<(INET_DIAG_INFO-1));
2071 req.r.idiag_ext |= (1<<(INET_DIAG_VEGASINFO-1));
2072 req.r.idiag_ext |= (1<<(INET_DIAG_CONG-1));
2073 }
2074
2075 iov[0] = (struct iovec){
2076 .iov_base = &req,
2077 .iov_len = sizeof(req)
2078 };
2079 if (f->f) {
2080 bclen = ssfilter_bytecompile(f->f, &bc);
2081 rta.rta_type = INET_DIAG_REQ_BYTECODE;
2082 rta.rta_len = RTA_LENGTH(bclen);
2083 iov[1] = (struct iovec){ &rta, sizeof(rta) };
2084 iov[2] = (struct iovec){ bc, bclen };
2085 req.nlh.nlmsg_len += RTA_LENGTH(bclen);
2086 }
2087
2088 msg = (struct msghdr) {
2089 .msg_name = (void*)&nladdr,
2090 .msg_namelen = sizeof(nladdr),
2091 .msg_iov = iov,
2092 .msg_iovlen = f->f ? 3 : 1,
2093 };
2094
2095 if (sendmsg(fd, &msg, 0) < 0) {
2096 close(fd);
2097 return -1;
2098 }
2099
2100 return 0;
2101 }
2102
2103 struct inet_diag_arg {
2104 struct filter *f;
2105 int protocol;
2106 };
2107
2108 static int show_one_inet_sock(const struct sockaddr_nl *addr,
2109 struct nlmsghdr *h, void *arg)
2110 {
2111 int err;
2112 struct inet_diag_arg *diag_arg = arg;
2113 struct inet_diag_msg *r = NLMSG_DATA(h);
2114
2115 if (!(diag_arg->f->families & (1 << r->idiag_family)))
2116 return 0;
2117 if ((err = inet_show_sock(h, NULL, diag_arg->protocol)) < 0)
2118 return err;
2119
2120 return 0;
2121 }
2122
2123 static int inet_show_netlink(struct filter *f, FILE *dump_fp, int protocol)
2124 {
2125 int err = 0;
2126 struct rtnl_handle rth;
2127 int family = PF_INET;
2128 struct inet_diag_arg arg = { .f = f, .protocol = protocol };
2129
2130 if (rtnl_open_byproto(&rth, 0, NETLINK_SOCK_DIAG))
2131 return -1;
2132 rth.dump = MAGIC_SEQ;
2133 rth.dump_fp = dump_fp;
2134
2135 again:
2136 if ((err = sockdiag_send(family, rth.fd, protocol, f)))
2137 goto Exit;
2138
2139 if ((err = rtnl_dump_filter(&rth, show_one_inet_sock, &arg))) {
2140 if (family != PF_UNSPEC) {
2141 family = PF_UNSPEC;
2142 goto again;
2143 }
2144 goto Exit;
2145 }
2146 if (family == PF_INET) {
2147 family = PF_INET6;
2148 goto again;
2149 }
2150
2151 Exit:
2152 rtnl_close(&rth);
2153 return err;
2154 }
2155
2156 static int tcp_show_netlink_file(struct filter *f)
2157 {
2158 FILE *fp;
2159 char buf[16384];
2160
2161 if ((fp = fopen(getenv("TCPDIAG_FILE"), "r")) == NULL) {
2162 perror("fopen($TCPDIAG_FILE)");
2163 return -1;
2164 }
2165
2166 while (1) {
2167 int status, err;
2168 struct nlmsghdr *h = (struct nlmsghdr*)buf;
2169
2170 status = fread(buf, 1, sizeof(*h), fp);
2171 if (status < 0) {
2172 perror("Reading header from $TCPDIAG_FILE");
2173 return -1;
2174 }
2175 if (status != sizeof(*h)) {
2176 perror("Unexpected EOF reading $TCPDIAG_FILE");
2177 return -1;
2178 }
2179
2180 status = fread(h+1, 1, NLMSG_ALIGN(h->nlmsg_len-sizeof(*h)), fp);
2181
2182 if (status < 0) {
2183 perror("Reading $TCPDIAG_FILE");
2184 return -1;
2185 }
2186 if (status + sizeof(*h) < h->nlmsg_len) {
2187 perror("Unexpected EOF reading $TCPDIAG_FILE");
2188 return -1;
2189 }
2190
2191 /* The only legal exit point */
2192 if (h->nlmsg_type == NLMSG_DONE)
2193 return 0;
2194
2195 if (h->nlmsg_type == NLMSG_ERROR) {
2196 struct nlmsgerr *err = (struct nlmsgerr*)NLMSG_DATA(h);
2197 if (h->nlmsg_len < NLMSG_LENGTH(sizeof(struct nlmsgerr))) {
2198 fprintf(stderr, "ERROR truncated\n");
2199 } else {
2200 errno = -err->error;
2201 perror("TCPDIAG answered");
2202 }
2203 return -1;
2204 }
2205
2206 err = inet_show_sock(h, f, IPPROTO_TCP);
2207 if (err < 0)
2208 return err;
2209 }
2210 }
2211
2212 static int tcp_show(struct filter *f, int socktype)
2213 {
2214 FILE *fp = NULL;
2215 char *buf = NULL;
2216 int bufsize = 64*1024;
2217
2218 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
2219 return 0;
2220
2221 dg_proto = TCP_PROTO;
2222
2223 if (getenv("TCPDIAG_FILE"))
2224 return tcp_show_netlink_file(f);
2225
2226 if (!getenv("PROC_NET_TCP") && !getenv("PROC_ROOT")
2227 && inet_show_netlink(f, NULL, socktype) == 0)
2228 return 0;
2229
2230 /* Sigh... We have to parse /proc/net/tcp... */
2231
2232
2233 /* Estimate amount of sockets and try to allocate
2234 * huge buffer to read all the table at one read.
2235 * Limit it by 16MB though. The assumption is: as soon as
2236 * kernel was able to hold information about N connections,
2237 * it is able to give us some memory for snapshot.
2238 */
2239 if (1) {
2240 int guess = slabstat.socks+slabstat.tcp_syns;
2241 if (f->states&(1<<SS_TIME_WAIT))
2242 guess += slabstat.tcp_tws;
2243 if (guess > (16*1024*1024)/128)
2244 guess = (16*1024*1024)/128;
2245 guess *= 128;
2246 if (guess > bufsize)
2247 bufsize = guess;
2248 }
2249 while (bufsize >= 64*1024) {
2250 if ((buf = malloc(bufsize)) != NULL)
2251 break;
2252 bufsize /= 2;
2253 }
2254 if (buf == NULL) {
2255 errno = ENOMEM;
2256 return -1;
2257 }
2258
2259 if (f->families & (1<<AF_INET)) {
2260 if ((fp = net_tcp_open()) == NULL)
2261 goto outerr;
2262
2263 setbuffer(fp, buf, bufsize);
2264 if (generic_record_read(fp, tcp_show_line, f, AF_INET))
2265 goto outerr;
2266 fclose(fp);
2267 }
2268
2269 if ((f->families & (1<<AF_INET6)) &&
2270 (fp = net_tcp6_open()) != NULL) {
2271 setbuffer(fp, buf, bufsize);
2272 if (generic_record_read(fp, tcp_show_line, f, AF_INET6))
2273 goto outerr;
2274 fclose(fp);
2275 }
2276
2277 free(buf);
2278 return 0;
2279
2280 outerr:
2281 do {
2282 int saved_errno = errno;
2283 if (buf)
2284 free(buf);
2285 if (fp)
2286 fclose(fp);
2287 errno = saved_errno;
2288 return -1;
2289 } while (0);
2290 }
2291
2292
2293 static int dgram_show_line(char *line, const struct filter *f, int family)
2294 {
2295 struct tcpstat s = {};
2296 char *loc, *rem, *data;
2297 char opt[256];
2298 int n;
2299
2300 if (proc_inet_split_line(line, &loc, &rem, &data))
2301 return -1;
2302
2303 int state = (data[1] >= 'A') ? (data[1] - 'A' + 10) : (data[1] - '0');
2304 if (!(f->states & (1 << state)))
2305 return 0;
2306
2307 proc_parse_inet_addr(loc, rem, family, &s);
2308
2309 if (f->f && run_ssfilter(f->f, &s) == 0)
2310 return 0;
2311
2312 opt[0] = 0;
2313 n = sscanf(data, "%x %x:%x %*x:%*x %*x %d %*d %u %d %llx %[^\n]\n",
2314 &s.state, &s.wq, &s.rq,
2315 &s.uid, &s.ino,
2316 &s.refcnt, &s.sk, opt);
2317
2318 if (n < 9)
2319 opt[0] = 0;
2320
2321 inet_stats_print(&s, IPPROTO_UDP);
2322
2323 if (show_details) {
2324 if (s.uid)
2325 printf(" uid=%u", (unsigned)s.uid);
2326 printf(" ino=%u", s.ino);
2327 printf(" sk=%llx", s.sk);
2328 if (opt[0])
2329 printf(" opt:\"%s\"", opt);
2330 }
2331
2332 printf("\n");
2333 return 0;
2334 }
2335
2336 static int udp_show(struct filter *f)
2337 {
2338 FILE *fp = NULL;
2339
2340 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
2341 return 0;
2342
2343 dg_proto = UDP_PROTO;
2344
2345 if (!getenv("PROC_NET_UDP") && !getenv("PROC_ROOT")
2346 && inet_show_netlink(f, NULL, IPPROTO_UDP) == 0)
2347 return 0;
2348
2349 if (f->families&(1<<AF_INET)) {
2350 if ((fp = net_udp_open()) == NULL)
2351 goto outerr;
2352 if (generic_record_read(fp, dgram_show_line, f, AF_INET))
2353 goto outerr;
2354 fclose(fp);
2355 }
2356
2357 if ((f->families&(1<<AF_INET6)) &&
2358 (fp = net_udp6_open()) != NULL) {
2359 if (generic_record_read(fp, dgram_show_line, f, AF_INET6))
2360 goto outerr;
2361 fclose(fp);
2362 }
2363 return 0;
2364
2365 outerr:
2366 do {
2367 int saved_errno = errno;
2368 if (fp)
2369 fclose(fp);
2370 errno = saved_errno;
2371 return -1;
2372 } while (0);
2373 }
2374
2375 static int raw_show(struct filter *f)
2376 {
2377 FILE *fp = NULL;
2378
2379 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
2380 return 0;
2381
2382 dg_proto = RAW_PROTO;
2383
2384 if (f->families&(1<<AF_INET)) {
2385 if ((fp = net_raw_open()) == NULL)
2386 goto outerr;
2387 if (generic_record_read(fp, dgram_show_line, f, AF_INET))
2388 goto outerr;
2389 fclose(fp);
2390 }
2391
2392 if ((f->families&(1<<AF_INET6)) &&
2393 (fp = net_raw6_open()) != NULL) {
2394 if (generic_record_read(fp, dgram_show_line, f, AF_INET6))
2395 goto outerr;
2396 fclose(fp);
2397 }
2398 return 0;
2399
2400 outerr:
2401 do {
2402 int saved_errno = errno;
2403 if (fp)
2404 fclose(fp);
2405 errno = saved_errno;
2406 return -1;
2407 } while (0);
2408 }
2409
2410 struct unixstat
2411 {
2412 struct unixstat *next;
2413 int ino;
2414 int peer;
2415 char *peer_name;
2416 int rq;
2417 int wq;
2418 int state;
2419 int type;
2420 char *name;
2421 };
2422
2423 int unix_state_map[] = { SS_CLOSE, SS_SYN_SENT,
2424 SS_ESTABLISHED, SS_CLOSING };
2425
2426 #define MAX_UNIX_REMEMBER (1024*1024/sizeof(struct unixstat))
2427
2428 static void unix_list_free(struct unixstat *list)
2429 {
2430 while (list) {
2431 struct unixstat *s = list;
2432 list = list->next;
2433 if (s->name)
2434 free(s->name);
2435 free(s);
2436 }
2437 }
2438
2439 static const char *unix_netid_name(int type)
2440 {
2441 const char *netid;
2442
2443 switch (type) {
2444 case SOCK_STREAM:
2445 netid = "u_str";
2446 break;
2447 case SOCK_SEQPACKET:
2448 netid = "u_seq";
2449 break;
2450 case SOCK_DGRAM:
2451 default:
2452 netid = "u_dgr";
2453 break;
2454 }
2455 return netid;
2456 }
2457
2458 static bool unix_type_skip(struct unixstat *s, struct filter *f)
2459 {
2460 if (s->type == SOCK_STREAM && !(f->dbs&(1<<UNIX_ST_DB)))
2461 return true;
2462 if (s->type == SOCK_DGRAM && !(f->dbs&(1<<UNIX_DG_DB)))
2463 return true;
2464 if (s->type == SOCK_SEQPACKET && !(f->dbs&(1<<UNIX_SQ_DB)))
2465 return true;
2466 return false;
2467 }
2468
2469 static void unix_stats_print(struct unixstat *list, struct filter *f)
2470 {
2471 struct unixstat *s;
2472 char *peer;
2473
2474 for (s = list; s; s = s->next) {
2475 if (!(f->states & (1<<s->state)))
2476 continue;
2477 if (unix_type_skip(s, f))
2478 continue;
2479
2480 peer = "*";
2481 if (s->peer_name)
2482 peer = s->peer_name;
2483
2484 if (s->peer && !s->peer_name) {
2485 struct unixstat *p;
2486 for (p = list; p; p = p->next) {
2487 if (s->peer == p->ino)
2488 break;
2489 }
2490 if (!p) {
2491 peer = "?";
2492 } else {
2493 peer = p->name ? : "*";
2494 }
2495 }
2496
2497 if (f->f) {
2498 struct tcpstat tst;
2499 tst.local.family = AF_UNIX;
2500 tst.remote.family = AF_UNIX;
2501 memcpy(tst.local.data, &s->name, sizeof(s->name));
2502 if (strcmp(peer, "*") == 0)
2503 memset(tst.remote.data, 0, sizeof(peer));
2504 else
2505 memcpy(tst.remote.data, &peer, sizeof(peer));
2506 if (run_ssfilter(f->f, &tst) == 0)
2507 continue;
2508 }
2509
2510 if (netid_width)
2511 printf("%-*s ", netid_width,
2512 unix_netid_name(s->type));
2513 if (state_width)
2514 printf("%-*s ", state_width, sstate_name[s->state]);
2515 printf("%-6d %-6d ", s->rq, s->wq);
2516 printf("%*s %-*d %*s %-*d",
2517 addr_width, s->name ? : "*", serv_width, s->ino,
2518 addr_width, peer, serv_width, s->peer);
2519 char *buf = NULL;
2520
2521 if (show_proc_ctx || show_sock_ctx) {
2522 if (find_entry(s->ino, &buf,
2523 (show_proc_ctx & show_sock_ctx) ?
2524 PROC_SOCK_CTX : PROC_CTX) > 0) {
2525 printf(" users:(%s)", buf);
2526 free(buf);
2527 }
2528 } else if (show_users) {
2529 if (find_entry(s->ino, &buf, USERS) > 0) {
2530 printf(" users:(%s)", buf);
2531 free(buf);
2532 }
2533 }
2534 printf("\n");
2535 }
2536 }
2537
2538 static int unix_show_sock(const struct sockaddr_nl *addr, struct nlmsghdr *nlh,
2539 void *arg)
2540 {
2541 struct filter *f = (struct filter *)arg;
2542 struct unix_diag_msg *r = NLMSG_DATA(nlh);
2543 struct rtattr *tb[UNIX_DIAG_MAX+1];
2544 char name[128];
2545 struct unixstat stat = { .name = "*" , .peer_name = "*" };
2546
2547 parse_rtattr(tb, UNIX_DIAG_MAX, (struct rtattr*)(r+1),
2548 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
2549
2550 stat.type = r->udiag_type;
2551 stat.state = r->udiag_state;
2552 stat.ino = r->udiag_ino;
2553
2554 if (unix_type_skip(&stat, f))
2555 return 0;
2556
2557 if (tb[UNIX_DIAG_RQLEN]) {
2558 struct unix_diag_rqlen *rql = RTA_DATA(tb[UNIX_DIAG_RQLEN]);
2559 stat.rq = rql->udiag_rqueue;
2560 stat.wq = rql->udiag_wqueue;
2561 }
2562 if (tb[UNIX_DIAG_NAME]) {
2563 int len = RTA_PAYLOAD(tb[UNIX_DIAG_NAME]);
2564
2565 memcpy(name, RTA_DATA(tb[UNIX_DIAG_NAME]), len);
2566 name[len] = '\0';
2567 if (name[0] == '\0')
2568 name[0] = '@';
2569 stat.name = &name[0];
2570 }
2571 if (tb[UNIX_DIAG_PEER])
2572 stat.peer = rta_getattr_u32(tb[UNIX_DIAG_PEER]);
2573
2574 unix_stats_print(&stat, f);
2575
2576 if (show_mem) {
2577 printf("\t");
2578 print_skmeminfo(tb, UNIX_DIAG_MEMINFO);
2579 }
2580 if (show_details) {
2581 if (tb[UNIX_DIAG_SHUTDOWN]) {
2582 unsigned char mask;
2583 mask = *(__u8 *)RTA_DATA(tb[UNIX_DIAG_SHUTDOWN]);
2584 printf(" %c-%c", mask & 1 ? '-' : '<', mask & 2 ? '-' : '>');
2585 }
2586 }
2587 if (show_mem || show_details)
2588 printf("\n");
2589 return 0;
2590 }
2591
2592 static int handle_netlink_request(struct filter *f, struct nlmsghdr *req,
2593 size_t size, rtnl_filter_t show_one_sock)
2594 {
2595 int ret = -1;
2596 struct rtnl_handle rth;
2597
2598 if (rtnl_open_byproto(&rth, 0, NETLINK_SOCK_DIAG))
2599 return -1;
2600
2601 rth.dump = MAGIC_SEQ;
2602
2603 if (rtnl_send(&rth, req, size) < 0)
2604 goto Exit;
2605
2606 if (rtnl_dump_filter(&rth, show_one_sock, f))
2607 goto Exit;
2608
2609 ret = 0;
2610 Exit:
2611 rtnl_close(&rth);
2612 return ret;
2613 }
2614
2615 static int unix_show_netlink(struct filter *f)
2616 {
2617 DIAG_REQUEST(req, struct unix_diag_req r);
2618
2619 req.r.sdiag_family = AF_UNIX;
2620 req.r.udiag_states = f->states;
2621 req.r.udiag_show = UDIAG_SHOW_NAME | UDIAG_SHOW_PEER | UDIAG_SHOW_RQLEN;
2622 if (show_mem)
2623 req.r.udiag_show |= UDIAG_SHOW_MEMINFO;
2624
2625 return handle_netlink_request(f, &req.nlh, sizeof(req), unix_show_sock);
2626 }
2627
2628 static int unix_show(struct filter *f)
2629 {
2630 FILE *fp;
2631 char buf[256];
2632 char name[128];
2633 int newformat = 0;
2634 int cnt;
2635 struct unixstat *list = NULL;
2636
2637 if (!filter_af_get(f, AF_UNIX))
2638 return 0;
2639
2640 if (!getenv("PROC_NET_UNIX") && !getenv("PROC_ROOT")
2641 && unix_show_netlink(f) == 0)
2642 return 0;
2643
2644 if ((fp = net_unix_open()) == NULL)
2645 return -1;
2646 fgets(buf, sizeof(buf)-1, fp);
2647
2648 if (memcmp(buf, "Peer", 4) == 0)
2649 newformat = 1;
2650 cnt = 0;
2651
2652 while (fgets(buf, sizeof(buf)-1, fp)) {
2653 struct unixstat *u, **insp;
2654 int flags;
2655
2656 if (!(u = malloc(sizeof(*u))))
2657 break;
2658 u->name = NULL;
2659 u->peer_name = NULL;
2660
2661 if (sscanf(buf, "%x: %x %x %x %x %x %d %s",
2662 &u->peer, &u->rq, &u->wq, &flags, &u->type,
2663 &u->state, &u->ino, name) < 8)
2664 name[0] = 0;
2665
2666 if (flags&(1<<16)) {
2667 u->state = SS_LISTEN;
2668 } else {
2669 u->state = unix_state_map[u->state-1];
2670 if (u->type == SOCK_DGRAM &&
2671 u->state == SS_CLOSE &&
2672 u->peer)
2673 u->state = SS_ESTABLISHED;
2674 }
2675
2676 if (!newformat) {
2677 u->peer = 0;
2678 u->rq = 0;
2679 u->wq = 0;
2680 }
2681
2682 insp = &list;
2683 while (*insp) {
2684 if (u->type < (*insp)->type ||
2685 (u->type == (*insp)->type &&
2686 u->ino < (*insp)->ino))
2687 break;
2688 insp = &(*insp)->next;
2689 }
2690 u->next = *insp;
2691 *insp = u;
2692
2693 if (name[0]) {
2694 if ((u->name = malloc(strlen(name)+1)) == NULL)
2695 break;
2696 strcpy(u->name, name);
2697 }
2698 if (++cnt > MAX_UNIX_REMEMBER) {
2699 unix_stats_print(list, f);
2700 unix_list_free(list);
2701 list = NULL;
2702 cnt = 0;
2703 }
2704 }
2705 fclose(fp);
2706 if (list) {
2707 unix_stats_print(list, f);
2708 unix_list_free(list);
2709 list = NULL;
2710 cnt = 0;
2711 }
2712
2713 return 0;
2714 }
2715
2716 struct pktstat {
2717 uint8_t type;
2718 uint16_t prot;
2719 uint32_t iface;
2720 int state;
2721 uint32_t rq;
2722 uid_t uid;
2723 ino_t ino;
2724 };
2725
2726 static int packet_stats_print(struct pktstat *s, const struct filter *f)
2727 {
2728 char *buf = NULL;
2729
2730 if (f->f) {
2731 struct tcpstat tst;
2732 tst.local.family = AF_PACKET;
2733 tst.remote.family = AF_PACKET;
2734 tst.rport = 0;
2735 tst.lport = s->iface;
2736 tst.local.data[0] = s->prot;
2737 tst.remote.data[0] = 0;
2738 if (run_ssfilter(f->f, &tst) == 0)
2739 return 1;
2740 }
2741
2742 if (netid_width)
2743 printf("%-*s ", netid_width,
2744 s->type == SOCK_RAW ? "p_raw" : "p_dgr");
2745 if (state_width)
2746 printf("%-*s ", state_width, "UNCONN");
2747
2748 printf("%-6d %-6d ", s->rq, 0);
2749 if (s->prot == 3) {
2750 printf("%*s:", addr_width, "*");
2751 } else {
2752 char tb[16];
2753 printf("%*s:", addr_width,
2754 ll_proto_n2a(htons(s->prot), tb, sizeof(tb)));
2755 }
2756 if (s->iface == 0) {
2757 printf("%-*s ", serv_width, "*");
2758 } else {
2759 printf("%-*s ", serv_width, xll_index_to_name(s->iface));
2760 }
2761
2762 printf("%*s*%-*s", addr_width, "", serv_width, "");
2763
2764 if (show_proc_ctx || show_sock_ctx) {
2765 if (find_entry(s->ino, &buf,
2766 (show_proc_ctx & show_sock_ctx) ?
2767 PROC_SOCK_CTX : PROC_CTX) > 0) {
2768 printf(" users:(%s)", buf);
2769 free(buf);
2770 }
2771 } else if (show_users) {
2772 if (find_entry(s->ino, &buf, USERS) > 0) {
2773 printf(" users:(%s)", buf);
2774 free(buf);
2775 }
2776 }
2777
2778 return 0;
2779 }
2780
2781 static int packet_show_sock(const struct sockaddr_nl *addr,
2782 struct nlmsghdr *nlh, void *arg)
2783 {
2784 const struct filter *f = arg;
2785 struct packet_diag_msg *r = NLMSG_DATA(nlh);
2786 struct rtattr *tb[PACKET_DIAG_MAX+1];
2787 struct pktstat stat = {};
2788
2789 parse_rtattr(tb, PACKET_DIAG_MAX, (struct rtattr*)(r+1),
2790 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
2791
2792 /* use /proc/net/packet if all info are not available */
2793 if (!tb[PACKET_DIAG_MEMINFO])
2794 return -1;
2795
2796 stat.type = r->pdiag_type;
2797 stat.prot = r->pdiag_num;
2798 stat.ino = r->pdiag_ino;
2799
2800 if (tb[PACKET_DIAG_MEMINFO]) {
2801 __u32 *skmeminfo = RTA_DATA(tb[PACKET_DIAG_MEMINFO]);
2802 stat.rq = skmeminfo[SK_MEMINFO_RMEM_ALLOC];
2803 }
2804
2805 if (tb[PACKET_DIAG_INFO]) {
2806 struct packet_diag_info *pinfo = RTA_DATA(tb[PACKET_DIAG_INFO]);
2807 stat.iface = pinfo->pdi_index;
2808 }
2809
2810 if (packet_stats_print(&stat, f))
2811 return 0;
2812
2813 if (show_details) {
2814 __u32 uid = 0;
2815
2816 if (tb[PACKET_DIAG_UID])
2817 uid = *(__u32 *)RTA_DATA(tb[PACKET_DIAG_UID]);
2818
2819 printf(" ino=%u uid=%u sk=", r->pdiag_ino, uid);
2820 if (r->pdiag_cookie[1] != 0)
2821 printf("%08x", r->pdiag_cookie[1]);
2822 printf("%08x", r->pdiag_cookie[0]);
2823 }
2824
2825 if (show_bpf && tb[PACKET_DIAG_FILTER]) {
2826 struct sock_filter *fil =
2827 RTA_DATA(tb[PACKET_DIAG_FILTER]);
2828 int num = RTA_PAYLOAD(tb[PACKET_DIAG_FILTER]) /
2829 sizeof(struct sock_filter);
2830
2831 printf("\n\tbpf filter (%d): ", num);
2832 while (num) {
2833 printf(" 0x%02x %u %u %u,",
2834 fil->code, fil->jt, fil->jf, fil->k);
2835 num--;
2836 fil++;
2837 }
2838 }
2839 printf("\n");
2840 return 0;
2841 }
2842
2843 static int packet_show_netlink(struct filter *f)
2844 {
2845 DIAG_REQUEST(req, struct packet_diag_req r);
2846
2847 req.r.sdiag_family = AF_PACKET;
2848 req.r.pdiag_show = PACKET_SHOW_INFO | PACKET_SHOW_MEMINFO | PACKET_SHOW_FILTER;
2849
2850 return handle_netlink_request(f, &req.nlh, sizeof(req), packet_show_sock);
2851 }
2852
2853 static int packet_show_line(char *buf, const struct filter *f, int fam)
2854 {
2855 unsigned long long sk;
2856 struct pktstat stat = {};
2857 int type, prot, iface, state, rq, uid, ino;
2858
2859 sscanf(buf, "%llx %*d %d %x %d %d %u %u %u",
2860 &sk,
2861 &type, &prot, &iface, &state,
2862 &rq, &uid, &ino);
2863
2864 if (stat.type == SOCK_RAW && !(f->dbs&(1<<PACKET_R_DB)))
2865 return 0;
2866 if (stat.type == SOCK_DGRAM && !(f->dbs&(1<<PACKET_DG_DB)))
2867 return 0;
2868
2869 stat.type = type;
2870 stat.prot = prot;
2871 stat.iface = iface;
2872 stat.state = state;
2873 stat.rq = rq;
2874 stat.uid = uid;
2875 stat.ino = ino;
2876 if (packet_stats_print(&stat, f))
2877 return 0;
2878
2879 if (show_details) {
2880 printf(" ino=%u uid=%u sk=%llx", ino, uid, sk);
2881 }
2882 printf("\n");
2883 return 0;
2884 }
2885
2886 static int packet_show(struct filter *f)
2887 {
2888 FILE *fp;
2889
2890 if (!filter_af_get(f, AF_PACKET) || !(f->states & (1 << SS_CLOSE)))
2891 return 0;
2892
2893 if (!getenv("PROC_NET_PACKET") && !getenv("PROC_ROOT") &&
2894 packet_show_netlink(f) == 0)
2895 return 0;
2896
2897 if ((fp = net_packet_open()) == NULL)
2898 return -1;
2899 if (generic_record_read(fp, packet_show_line, f, AF_PACKET))
2900 return -1;
2901
2902 return 0;
2903 }
2904
2905 static void netlink_show_one(struct filter *f,
2906 int prot, int pid, unsigned groups,
2907 int state, int dst_pid, unsigned dst_group,
2908 int rq, int wq,
2909 unsigned long long sk, unsigned long long cb)
2910 {
2911 SPRINT_BUF(prot_name);
2912
2913 if (f->f) {
2914 struct tcpstat tst;
2915 tst.local.family = AF_NETLINK;
2916 tst.remote.family = AF_NETLINK;
2917 tst.rport = -1;
2918 tst.lport = pid;
2919 tst.local.data[0] = prot;
2920 tst.remote.data[0] = 0;
2921 if (run_ssfilter(f->f, &tst) == 0)
2922 return;
2923 }
2924
2925 if (netid_width)
2926 printf("%-*s ", netid_width, "nl");
2927 if (state_width)
2928 printf("%-*s ", state_width, "UNCONN");
2929 printf("%-6d %-6d ", rq, wq);
2930
2931 if (resolve_services) {
2932 printf("%*s:", addr_width, nl_proto_n2a(prot, prot_name,
2933 sizeof(prot_name)));
2934 } else {
2935 printf("%*d:", addr_width, prot);
2936 }
2937
2938 if (pid == -1) {
2939 printf("%-*s ", serv_width, "*");
2940 } else if (resolve_services) {
2941 int done = 0;
2942 if (!pid) {
2943 done = 1;
2944 printf("%-*s ", serv_width, "kernel");
2945 } else if (pid > 0) {
2946 char procname[64];
2947 FILE *fp;
2948 sprintf(procname, "%s/%d/stat",
2949 getenv("PROC_ROOT") ? : "/proc", pid);
2950 if ((fp = fopen(procname, "r")) != NULL) {
2951 if (fscanf(fp, "%*d (%[^)])", procname) == 1) {
2952 sprintf(procname+strlen(procname), "/%d", pid);
2953 printf("%-*s ", serv_width, procname);
2954 done = 1;
2955 }
2956 fclose(fp);
2957 }
2958 }
2959 if (!done)
2960 printf("%-*d ", serv_width, pid);
2961 } else {
2962 printf("%-*d ", serv_width, pid);
2963 }
2964
2965 if (state == NETLINK_CONNECTED) {
2966 printf("%*d:%-*d",
2967 addr_width, dst_group, serv_width, dst_pid);
2968 } else {
2969 printf("%*s*%-*s",
2970 addr_width, "", serv_width, "");
2971 }
2972
2973 char *pid_context = NULL;
2974 if (show_proc_ctx) {
2975 /* The pid value will either be:
2976 * 0 if destination kernel - show kernel initial context.
2977 * A valid process pid - use getpidcon.
2978 * A unique value allocated by the kernel or netlink user
2979 * to the process - show context as "not available".
2980 */
2981 if (!pid)
2982 security_get_initial_context("kernel", &pid_context);
2983 else if (pid > 0)
2984 getpidcon(pid, &pid_context);
2985
2986 if (pid_context != NULL) {
2987 printf("proc_ctx=%-*s ", serv_width, pid_context);
2988 free(pid_context);
2989 } else {
2990 printf("proc_ctx=%-*s ", serv_width, "unavailable");
2991 }
2992 }
2993
2994 if (show_details) {
2995 printf(" sk=%llx cb=%llx groups=0x%08x", sk, cb, groups);
2996 }
2997 printf("\n");
2998
2999 return;
3000 }
3001
3002 static int netlink_show_sock(const struct sockaddr_nl *addr,
3003 struct nlmsghdr *nlh, void *arg)
3004 {
3005 struct filter *f = (struct filter *)arg;
3006 struct netlink_diag_msg *r = NLMSG_DATA(nlh);
3007 struct rtattr *tb[NETLINK_DIAG_MAX+1];
3008 int rq = 0, wq = 0;
3009 unsigned long groups = 0;
3010
3011 parse_rtattr(tb, NETLINK_DIAG_MAX, (struct rtattr*)(r+1),
3012 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
3013
3014 if (tb[NETLINK_DIAG_GROUPS] && RTA_PAYLOAD(tb[NETLINK_DIAG_GROUPS]))
3015 groups = *(unsigned long *) RTA_DATA(tb[NETLINK_DIAG_GROUPS]);
3016
3017 if (tb[NETLINK_DIAG_MEMINFO]) {
3018 const __u32 *skmeminfo;
3019 skmeminfo = RTA_DATA(tb[NETLINK_DIAG_MEMINFO]);
3020
3021 rq = skmeminfo[SK_MEMINFO_RMEM_ALLOC];
3022 wq = skmeminfo[SK_MEMINFO_WMEM_ALLOC];
3023 }
3024
3025 netlink_show_one(f, r->ndiag_protocol, r->ndiag_portid, groups,
3026 r->ndiag_state, r->ndiag_dst_portid, r->ndiag_dst_group,
3027 rq, wq, 0, 0);
3028
3029 if (show_mem) {
3030 printf("\t");
3031 print_skmeminfo(tb, NETLINK_DIAG_MEMINFO);
3032 printf("\n");
3033 }
3034
3035 return 0;
3036 }
3037
3038 static int netlink_show_netlink(struct filter *f)
3039 {
3040 DIAG_REQUEST(req, struct netlink_diag_req r);
3041
3042 req.r.sdiag_family = AF_NETLINK;
3043 req.r.sdiag_protocol = NDIAG_PROTO_ALL;
3044 req.r.ndiag_show = NDIAG_SHOW_GROUPS | NDIAG_SHOW_MEMINFO;
3045
3046 return handle_netlink_request(f, &req.nlh, sizeof(req), netlink_show_sock);
3047 }
3048
3049 static int netlink_show(struct filter *f)
3050 {
3051 FILE *fp;
3052 char buf[256];
3053 int prot, pid;
3054 unsigned groups;
3055 int rq, wq, rc;
3056 unsigned long long sk, cb;
3057
3058 if (!filter_af_get(f, AF_NETLINK) || !(f->states & (1 << SS_CLOSE)))
3059 return 0;
3060
3061 if (!getenv("PROC_NET_NETLINK") && !getenv("PROC_ROOT") &&
3062 netlink_show_netlink(f) == 0)
3063 return 0;
3064
3065 if ((fp = net_netlink_open()) == NULL)
3066 return -1;
3067 fgets(buf, sizeof(buf)-1, fp);
3068
3069 while (fgets(buf, sizeof(buf)-1, fp)) {
3070 sscanf(buf, "%llx %d %d %x %d %d %llx %d",
3071 &sk,
3072 &prot, &pid, &groups, &rq, &wq, &cb, &rc);
3073
3074 netlink_show_one(f, prot, pid, groups, 0, 0, 0, rq, wq, sk, cb);
3075 }
3076
3077 return 0;
3078 }
3079
3080 struct snmpstat
3081 {
3082 int tcp_estab;
3083 };
3084
3085 static int get_snmp_int(char *proto, char *key, int *result)
3086 {
3087 char buf[1024];
3088 FILE *fp;
3089 int protolen = strlen(proto);
3090 int keylen = strlen(key);
3091
3092 *result = 0;
3093
3094 if ((fp = net_snmp_open()) == NULL)
3095 return -1;
3096
3097 while (fgets(buf, sizeof(buf), fp) != NULL) {
3098 char *p = buf;
3099 int pos = 0;
3100 if (memcmp(buf, proto, protolen))
3101 continue;
3102 while ((p = strchr(p, ' ')) != NULL) {
3103 pos++;
3104 p++;
3105 if (memcmp(p, key, keylen) == 0 &&
3106 (p[keylen] == ' ' || p[keylen] == '\n'))
3107 break;
3108 }
3109 if (fgets(buf, sizeof(buf), fp) == NULL)
3110 break;
3111 if (memcmp(buf, proto, protolen))
3112 break;
3113 p = buf;
3114 while ((p = strchr(p, ' ')) != NULL) {
3115 p++;
3116 if (--pos == 0) {
3117 sscanf(p, "%d", result);
3118 fclose(fp);
3119 return 0;
3120 }
3121 }
3122 }
3123
3124 fclose(fp);
3125 errno = ESRCH;
3126 return -1;
3127 }
3128
3129
3130 /* Get stats from sockstat */
3131
3132 struct sockstat
3133 {
3134 int socks;
3135 int tcp_mem;
3136 int tcp_total;
3137 int tcp_orphans;
3138 int tcp_tws;
3139 int tcp4_hashed;
3140 int udp4;
3141 int raw4;
3142 int frag4;
3143 int frag4_mem;
3144 int tcp6_hashed;
3145 int udp6;
3146 int raw6;
3147 int frag6;
3148 int frag6_mem;
3149 };
3150
3151 static void get_sockstat_line(char *line, struct sockstat *s)
3152 {
3153 char id[256], rem[256];
3154
3155 if (sscanf(line, "%[^ ] %[^\n]\n", id, rem) != 2)
3156 return;
3157
3158 if (strcmp(id, "sockets:") == 0)
3159 sscanf(rem, "%*s%d", &s->socks);
3160 else if (strcmp(id, "UDP:") == 0)
3161 sscanf(rem, "%*s%d", &s->udp4);
3162 else if (strcmp(id, "UDP6:") == 0)
3163 sscanf(rem, "%*s%d", &s->udp6);
3164 else if (strcmp(id, "RAW:") == 0)
3165 sscanf(rem, "%*s%d", &s->raw4);
3166 else if (strcmp(id, "RAW6:") == 0)
3167 sscanf(rem, "%*s%d", &s->raw6);
3168 else if (strcmp(id, "TCP6:") == 0)
3169 sscanf(rem, "%*s%d", &s->tcp6_hashed);
3170 else if (strcmp(id, "FRAG:") == 0)
3171 sscanf(rem, "%*s%d%*s%d", &s->frag4, &s->frag4_mem);
3172 else if (strcmp(id, "FRAG6:") == 0)
3173 sscanf(rem, "%*s%d%*s%d", &s->frag6, &s->frag6_mem);
3174 else if (strcmp(id, "TCP:") == 0)
3175 sscanf(rem, "%*s%d%*s%d%*s%d%*s%d%*s%d",
3176 &s->tcp4_hashed,
3177 &s->tcp_orphans, &s->tcp_tws, &s->tcp_total, &s->tcp_mem);
3178 }
3179
3180 static int get_sockstat(struct sockstat *s)
3181 {
3182 char buf[256];
3183 FILE *fp;
3184
3185 memset(s, 0, sizeof(*s));
3186
3187 if ((fp = net_sockstat_open()) == NULL)
3188 return -1;
3189 while(fgets(buf, sizeof(buf), fp) != NULL)
3190 get_sockstat_line(buf, s);
3191 fclose(fp);
3192
3193 if ((fp = net_sockstat6_open()) == NULL)
3194 return 0;
3195 while(fgets(buf, sizeof(buf), fp) != NULL)
3196 get_sockstat_line(buf, s);
3197 fclose(fp);
3198
3199 return 0;
3200 }
3201
3202 static int print_summary(void)
3203 {
3204 struct sockstat s;
3205 struct snmpstat sn;
3206
3207 if (get_sockstat(&s) < 0)
3208 perror("ss: get_sockstat");
3209 if (get_snmp_int("Tcp:", "CurrEstab", &sn.tcp_estab) < 0)
3210 perror("ss: get_snmpstat");
3211
3212 printf("Total: %d (kernel %d)\n", s.socks, slabstat.socks);
3213
3214 printf("TCP: %d (estab %d, closed %d, orphaned %d, synrecv %d, timewait %d/%d), ports %d\n",
3215 s.tcp_total + slabstat.tcp_syns + s.tcp_tws,
3216 sn.tcp_estab,
3217 s.tcp_total - (s.tcp4_hashed+s.tcp6_hashed-s.tcp_tws),
3218 s.tcp_orphans,
3219 slabstat.tcp_syns,
3220 s.tcp_tws, slabstat.tcp_tws,
3221 slabstat.tcp_ports
3222 );
3223
3224 printf("\n");
3225 printf("Transport Total IP IPv6\n");
3226 printf("* %-9d %-9s %-9s\n", slabstat.socks, "-", "-");
3227 printf("RAW %-9d %-9d %-9d\n", s.raw4+s.raw6, s.raw4, s.raw6);
3228 printf("UDP %-9d %-9d %-9d\n", s.udp4+s.udp6, s.udp4, s.udp6);
3229 printf("TCP %-9d %-9d %-9d\n", s.tcp4_hashed+s.tcp6_hashed, s.tcp4_hashed, s.tcp6_hashed);
3230 printf("INET %-9d %-9d %-9d\n",
3231 s.raw4+s.udp4+s.tcp4_hashed+
3232 s.raw6+s.udp6+s.tcp6_hashed,
3233 s.raw4+s.udp4+s.tcp4_hashed,
3234 s.raw6+s.udp6+s.tcp6_hashed);
3235 printf("FRAG %-9d %-9d %-9d\n", s.frag4+s.frag6, s.frag4, s.frag6);
3236
3237 printf("\n");
3238
3239 return 0;
3240 }
3241
3242 static void _usage(FILE *dest)
3243 {
3244 fprintf(dest,
3245 "Usage: ss [ OPTIONS ]\n"
3246 " ss [ OPTIONS ] [ FILTER ]\n"
3247 " -h, --help this message\n"
3248 " -V, --version output version information\n"
3249 " -n, --numeric don't resolve service names\n"
3250 " -r, --resolve resolve host names\n"
3251 " -a, --all display all sockets\n"
3252 " -l, --listening display listening sockets\n"
3253 " -o, --options show timer information\n"
3254 " -e, --extended show detailed socket information\n"
3255 " -m, --memory show socket memory usage\n"
3256 " -p, --processes show process using socket\n"
3257 " -i, --info show internal TCP information\n"
3258 " -s, --summary show socket usage summary\n"
3259 " -b, --bpf show bpf filter socket information\n"
3260 " -Z, --context display process SELinux security contexts\n"
3261 " -z, --contexts display process and socket SELinux security contexts\n"
3262 " -N, --net switch to the specified network namespace name\n"
3263 "\n"
3264 " -4, --ipv4 display only IP version 4 sockets\n"
3265 " -6, --ipv6 display only IP version 6 sockets\n"
3266 " -0, --packet display PACKET sockets\n"
3267 " -t, --tcp display only TCP sockets\n"
3268 " -u, --udp display only UDP sockets\n"
3269 " -d, --dccp display only DCCP sockets\n"
3270 " -w, --raw display only RAW sockets\n"
3271 " -x, --unix display only Unix domain sockets\n"
3272 " -f, --family=FAMILY display sockets of type FAMILY\n"
3273 "\n"
3274 " -A, --query=QUERY, --socket=QUERY\n"
3275 " QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink}[,QUERY]\n"
3276 "\n"
3277 " -D, --diag=FILE Dump raw information about TCP sockets to FILE\n"
3278 " -F, --filter=FILE read filter information from FILE\n"
3279 " FILTER := [ state STATE-FILTER ] [ EXPRESSION ]\n"
3280 " STATE-FILTER := {all|connected|synchronized|bucket|big|TCP-STATES}\n"
3281 " TCP-STATES := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|closed|close-wait|last-ack|listen|closing}\n"
3282 " connected := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
3283 " synchronized := {established|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
3284 " bucket := {syn-recv|time-wait}\n"
3285 " big := {established|syn-sent|fin-wait-{1,2}|closed|close-wait|last-ack|listen|closing}\n"
3286 );
3287 }
3288
3289 static void help(void) __attribute__((noreturn));
3290 static void help(void)
3291 {
3292 _usage(stdout);
3293 exit(0);
3294 }
3295
3296 static void usage(void) __attribute__((noreturn));
3297 static void usage(void)
3298 {
3299 _usage(stderr);
3300 exit(-1);
3301 }
3302
3303
3304 static int scan_state(const char *state)
3305 {
3306 int i;
3307 if (strcasecmp(state, "close") == 0 ||
3308 strcasecmp(state, "closed") == 0)
3309 return (1<<SS_CLOSE);
3310 if (strcasecmp(state, "syn-rcv") == 0)
3311 return (1<<SS_SYN_RECV);
3312 if (strcasecmp(state, "established") == 0)
3313 return (1<<SS_ESTABLISHED);
3314 if (strcasecmp(state, "all") == 0)
3315 return SS_ALL;
3316 if (strcasecmp(state, "connected") == 0)
3317 return SS_ALL & ~((1<<SS_CLOSE)|(1<<SS_LISTEN));
3318 if (strcasecmp(state, "synchronized") == 0)
3319 return SS_ALL & ~((1<<SS_CLOSE)|(1<<SS_LISTEN)|(1<<SS_SYN_SENT));
3320 if (strcasecmp(state, "bucket") == 0)
3321 return (1<<SS_SYN_RECV)|(1<<SS_TIME_WAIT);
3322 if (strcasecmp(state, "big") == 0)
3323 return SS_ALL & ~((1<<SS_SYN_RECV)|(1<<SS_TIME_WAIT));
3324 for (i=0; i<SS_MAX; i++) {
3325 if (strcasecmp(state, sstate_namel[i]) == 0)
3326 return (1<<i);
3327 }
3328
3329 fprintf(stderr, "ss: wrong state name: %s\n", state);
3330 exit(-1);
3331 }
3332
3333 static const struct option long_opts[] = {
3334 { "numeric", 0, 0, 'n' },
3335 { "resolve", 0, 0, 'r' },
3336 { "options", 0, 0, 'o' },
3337 { "extended", 0, 0, 'e' },
3338 { "memory", 0, 0, 'm' },
3339 { "info", 0, 0, 'i' },
3340 { "processes", 0, 0, 'p' },
3341 { "bpf", 0, 0, 'b' },
3342 { "dccp", 0, 0, 'd' },
3343 { "tcp", 0, 0, 't' },
3344 { "udp", 0, 0, 'u' },
3345 { "raw", 0, 0, 'w' },
3346 { "unix", 0, 0, 'x' },
3347 { "all", 0, 0, 'a' },
3348 { "listening", 0, 0, 'l' },
3349 { "ipv4", 0, 0, '4' },
3350 { "ipv6", 0, 0, '6' },
3351 { "packet", 0, 0, '0' },
3352 { "family", 1, 0, 'f' },
3353 { "socket", 1, 0, 'A' },
3354 { "query", 1, 0, 'A' },
3355 { "summary", 0, 0, 's' },
3356 { "diag", 1, 0, 'D' },
3357 { "filter", 1, 0, 'F' },
3358 { "version", 0, 0, 'V' },
3359 { "help", 0, 0, 'h' },
3360 { "context", 0, 0, 'Z' },
3361 { "contexts", 0, 0, 'z' },
3362 { "net", 1, 0, 'N' },
3363 { 0 }
3364
3365 };
3366
3367 int main(int argc, char *argv[])
3368 {
3369 int saw_states = 0;
3370 int saw_query = 0;
3371 int do_summary = 0;
3372 const char *dump_tcpdiag = NULL;
3373 FILE *filter_fp = NULL;
3374 int ch;
3375 struct filter dbs_filter = {};
3376 int state_filter = 0;
3377
3378 while ((ch = getopt_long(argc, argv, "dhaletuwxnro460spbf:miA:D:F:vVzZN:",
3379 long_opts, NULL)) != EOF) {
3380 switch(ch) {
3381 case 'n':
3382 resolve_services = 0;
3383 break;
3384 case 'r':
3385 resolve_hosts = 1;
3386 break;
3387 case 'o':
3388 show_options = 1;
3389 break;
3390 case 'e':
3391 show_options = 1;
3392 show_details++;
3393 break;
3394 case 'm':
3395 show_mem = 1;
3396 break;
3397 case 'i':
3398 show_tcpinfo = 1;
3399 break;
3400 case 'p':
3401 show_users++;
3402 user_ent_hash_build();
3403 break;
3404 case 'b':
3405 show_options = 1;
3406 show_bpf++;
3407 break;
3408 case 'd':
3409 filter_db_set(&dbs_filter, DCCP_DB);
3410 break;
3411 case 't':
3412 filter_db_set(&dbs_filter, TCP_DB);
3413 break;
3414 case 'u':
3415 filter_db_set(&dbs_filter, UDP_DB);
3416 break;
3417 case 'w':
3418 filter_db_set(&dbs_filter, RAW_DB);
3419 break;
3420 case 'x':
3421 filter_af_set(&current_filter, AF_UNIX);
3422 break;
3423 case 'a':
3424 state_filter = SS_ALL;
3425 break;
3426 case 'l':
3427 state_filter = (1 << SS_LISTEN) | (1 << SS_CLOSE);
3428 break;
3429 case '4':
3430 filter_af_set(&current_filter, AF_INET);
3431 break;
3432 case '6':
3433 filter_af_set(&current_filter, AF_INET6);
3434 break;
3435 case '0':
3436 filter_af_set(&current_filter, AF_PACKET);
3437 break;
3438 case 'f':
3439 if (strcmp(optarg, "inet") == 0)
3440 filter_af_set(&current_filter, AF_INET);
3441 else if (strcmp(optarg, "inet6") == 0)
3442 filter_af_set(&current_filter, AF_INET6);
3443 else if (strcmp(optarg, "link") == 0)
3444 filter_af_set(&current_filter, AF_PACKET);
3445 else if (strcmp(optarg, "unix") == 0)
3446 filter_af_set(&current_filter, AF_UNIX);
3447 else if (strcmp(optarg, "netlink") == 0)
3448 filter_af_set(&current_filter, AF_NETLINK);
3449 else if (strcmp(optarg, "help") == 0)
3450 help();
3451 else {
3452 fprintf(stderr, "ss: \"%s\" is invalid family\n",
3453 optarg);
3454 usage();
3455 }
3456 break;
3457 case 'A':
3458 {
3459 char *p, *p1;
3460 if (!saw_query) {
3461 current_filter.dbs = 0;
3462 saw_query = 1;
3463 do_default = 0;
3464 }
3465 p = p1 = optarg;
3466 do {
3467 if ((p1 = strchr(p, ',')) != NULL)
3468 *p1 = 0;
3469 if (strcmp(p, "all") == 0) {
3470 filter_default_dbs(&dbs_filter);
3471 } else if (strcmp(p, "inet") == 0) {
3472 filter_db_set(&dbs_filter, UDP_DB);
3473 filter_db_set(&dbs_filter, DCCP_DB);
3474 filter_db_set(&dbs_filter, TCP_DB);
3475 filter_db_set(&dbs_filter, RAW_DB);
3476 } else if (strcmp(p, "udp") == 0) {
3477 filter_db_set(&dbs_filter, UDP_DB);
3478 } else if (strcmp(p, "dccp") == 0) {
3479 filter_db_set(&dbs_filter, DCCP_DB);
3480 } else if (strcmp(p, "tcp") == 0) {
3481 filter_db_set(&dbs_filter, TCP_DB);
3482 } else if (strcmp(p, "raw") == 0) {
3483 filter_db_set(&dbs_filter, RAW_DB);
3484 } else if (strcmp(p, "unix") == 0) {
3485 filter_db_set(&dbs_filter, UNIX_ST_DB);
3486 filter_db_set(&dbs_filter, UNIX_DG_DB);
3487 filter_db_set(&dbs_filter, UNIX_SQ_DB);
3488 } else if (strcasecmp(p, "unix_stream") == 0 ||
3489 strcmp(p, "u_str") == 0) {
3490 filter_db_set(&dbs_filter, UNIX_ST_DB);
3491 } else if (strcasecmp(p, "unix_dgram") == 0 ||
3492 strcmp(p, "u_dgr") == 0) {
3493 filter_db_set(&dbs_filter, UNIX_DG_DB);
3494 } else if (strcasecmp(p, "unix_seqpacket") == 0 ||
3495 strcmp(p, "u_seq") == 0) {
3496 filter_db_set(&dbs_filter, UNIX_SQ_DB);
3497 } else if (strcmp(p, "packet") == 0) {
3498 filter_db_set(&dbs_filter, PACKET_R_DB);
3499 filter_db_set(&dbs_filter, PACKET_DG_DB);
3500 } else if (strcmp(p, "packet_raw") == 0 ||
3501 strcmp(p, "p_raw") == 0) {
3502 filter_db_set(&dbs_filter, PACKET_R_DB);
3503 } else if (strcmp(p, "packet_dgram") == 0 ||
3504 strcmp(p, "p_dgr") == 0) {
3505 filter_db_set(&dbs_filter, PACKET_DG_DB);
3506 } else if (strcmp(p, "netlink") == 0) {
3507 filter_db_set(&dbs_filter, NETLINK_DB);
3508 } else {
3509 fprintf(stderr, "ss: \"%s\" is illegal socket table id\n", p);
3510 usage();
3511 }
3512 p = p1 + 1;
3513 } while (p1);
3514 break;
3515 }
3516 case 's':
3517 do_summary = 1;
3518 break;
3519 case 'D':
3520 dump_tcpdiag = optarg;
3521 break;
3522 case 'F':
3523 if (filter_fp) {
3524 fprintf(stderr, "More than one filter file\n");
3525 exit(-1);
3526 }
3527 if (optarg[0] == '-')
3528 filter_fp = stdin;
3529 else
3530 filter_fp = fopen(optarg, "r");
3531 if (!filter_fp) {
3532 perror("fopen filter file");
3533 exit(-1);
3534 }
3535 break;
3536 case 'v':
3537 case 'V':
3538 printf("ss utility, iproute2-ss%s\n", SNAPSHOT);
3539 exit(0);
3540 case 'z':
3541 show_sock_ctx++;
3542 case 'Z':
3543 if (is_selinux_enabled() <= 0) {
3544 fprintf(stderr, "ss: SELinux is not enabled.\n");
3545 exit(1);
3546 }
3547 show_proc_ctx++;
3548 user_ent_hash_build();
3549 break;
3550 case 'N':
3551 if (netns_switch(optarg))
3552 exit(1);
3553 break;
3554 case 'h':
3555 case '?':
3556 help();
3557 default:
3558 usage();
3559 }
3560 }
3561
3562 argc -= optind;
3563 argv += optind;
3564
3565 get_slabstat(&slabstat);
3566
3567 if (do_summary) {
3568 print_summary();
3569 if (do_default && argc == 0)
3570 exit(0);
3571 }
3572
3573 /* Now parse filter... */
3574 if (argc == 0 && filter_fp) {
3575 if (ssfilter_parse(&current_filter.f, 0, NULL, filter_fp))
3576 usage();
3577 }
3578
3579 while (argc > 0) {
3580 if (strcmp(*argv, "state") == 0) {
3581 NEXT_ARG();
3582 if (!saw_states)
3583 state_filter = 0;
3584 state_filter |= scan_state(*argv);
3585 saw_states = 1;
3586 } else if (strcmp(*argv, "exclude") == 0 ||
3587 strcmp(*argv, "excl") == 0) {
3588 NEXT_ARG();
3589 if (!saw_states)
3590 state_filter = SS_ALL;
3591 state_filter &= ~scan_state(*argv);
3592 saw_states = 1;
3593 } else {
3594 break;
3595 }
3596 argc--; argv++;
3597 }
3598
3599 if (do_default) {
3600 state_filter = state_filter ? state_filter : SS_CONN;
3601 filter_default_dbs(&current_filter);
3602 filter_merge(&current_filter, &current_filter, state_filter);
3603 } else {
3604 filter_merge(&current_filter, &dbs_filter, state_filter);
3605 }
3606
3607 if (resolve_services && resolve_hosts &&
3608 (current_filter.dbs&(UNIX_DBM|(1<<TCP_DB)|(1<<UDP_DB)|(1<<DCCP_DB))))
3609 init_service_resolver();
3610
3611
3612 if (current_filter.dbs == 0) {
3613 fprintf(stderr, "ss: no socket tables to show with such filter.\n");
3614 exit(0);
3615 }
3616 if (current_filter.families == 0) {
3617 fprintf(stderr, "ss: no families to show with such filter.\n");
3618 exit(0);
3619 }
3620 if (current_filter.states == 0) {
3621 fprintf(stderr, "ss: no socket states to show with such filter.\n");
3622 exit(0);
3623 }
3624
3625 if (dump_tcpdiag) {
3626 FILE *dump_fp = stdout;
3627 if (!(current_filter.dbs & (1<<TCP_DB))) {
3628 fprintf(stderr, "ss: tcpdiag dump requested and no tcp in filter.\n");
3629 exit(0);
3630 }
3631 if (dump_tcpdiag[0] != '-') {
3632 dump_fp = fopen(dump_tcpdiag, "w");
3633 if (!dump_tcpdiag) {
3634 perror("fopen dump file");
3635 exit(-1);
3636 }
3637 }
3638 inet_show_netlink(&current_filter, dump_fp, IPPROTO_TCP);
3639 fflush(dump_fp);
3640 exit(0);
3641 }
3642
3643 if (ssfilter_parse(&current_filter.f, argc, argv, filter_fp))
3644 usage();
3645
3646 netid_width = 0;
3647 if (current_filter.dbs&(current_filter.dbs-1))
3648 netid_width = 5;
3649
3650 state_width = 0;
3651 if (current_filter.states&(current_filter.states-1))
3652 state_width = 10;
3653
3654 screen_width = 80;
3655 if (isatty(STDOUT_FILENO)) {
3656 struct winsize w;
3657
3658 if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1) {
3659 if (w.ws_col > 0)
3660 screen_width = w.ws_col;
3661 }
3662 }
3663
3664 addrp_width = screen_width;
3665 addrp_width -= netid_width+1;
3666 addrp_width -= state_width+1;
3667 addrp_width -= 14;
3668
3669 if (addrp_width&1) {
3670 if (netid_width)
3671 netid_width++;
3672 else if (state_width)
3673 state_width++;
3674 }
3675
3676 addrp_width /= 2;
3677 addrp_width--;
3678
3679 serv_width = resolve_services ? 7 : 5;
3680
3681 if (addrp_width < 15+serv_width+1)
3682 addrp_width = 15+serv_width+1;
3683
3684 addr_width = addrp_width - serv_width - 1;
3685
3686 if (netid_width)
3687 printf("%-*s ", netid_width, "Netid");
3688 if (state_width)
3689 printf("%-*s ", state_width, "State");
3690 printf("%-6s %-6s ", "Recv-Q", "Send-Q");
3691
3692 /* Make enough space for the local/remote port field */
3693 addr_width -= 13;
3694 serv_width += 13;
3695
3696 printf("%*s:%-*s %*s:%-*s\n",
3697 addr_width, "Local Address", serv_width, "Port",
3698 addr_width, "Peer Address", serv_width, "Port");
3699
3700 fflush(stdout);
3701
3702 if (current_filter.dbs & (1<<NETLINK_DB))
3703 netlink_show(&current_filter);
3704 if (current_filter.dbs & PACKET_DBM)
3705 packet_show(&current_filter);
3706 if (current_filter.dbs & UNIX_DBM)
3707 unix_show(&current_filter);
3708 if (current_filter.dbs & (1<<RAW_DB))
3709 raw_show(&current_filter);
3710 if (current_filter.dbs & (1<<UDP_DB))
3711 udp_show(&current_filter);
3712 if (current_filter.dbs & (1<<TCP_DB))
3713 tcp_show(&current_filter, IPPROTO_TCP);
3714 if (current_filter.dbs & (1<<DCCP_DB))
3715 tcp_show(&current_filter, IPPROTO_DCCP);
3716
3717 if (show_users || show_proc_ctx || show_sock_ctx)
3718 user_ent_destroy();
3719
3720 return 0;
3721 }
Upstream mirror of iproute2