#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/uio.h>
+#include <sys/sysmacros.h>
#include <netinet/in.h>
#include <string.h>
#include <errno.h>
#include <limits.h>
#include <stdarg.h>
+#include "ss_util.h"
#include "utils.h"
#include "rt_names.h"
#include "ll_map.h"
#include "libnetlink.h"
#include "namespace.h"
#include "SNAPSHOT.h"
+#include "rt_names.h"
+#include "cg_map.h"
#include <linux/tcp.h>
-#include <linux/sock_diag.h>
-#include <linux/inet_diag.h>
#include <linux/unix_diag.h>
#include <linux/netdevice.h> /* for MAX_ADDR_LEN */
#include <linux/filter.h>
+#include <linux/xdp_diag.h>
#include <linux/packet_diag.h>
#include <linux/netlink_diag.h>
#include <linux/sctp.h>
#include <linux/vm_sockets_diag.h>
+#include <linux/net.h>
+#include <linux/tipc.h>
+#include <linux/tipc_netlink.h>
+#include <linux/tipc_sockets_diag.h>
+#include <linux/tls.h>
+#include <linux/mptcp.h>
+
+/* AF_VSOCK/PF_VSOCK is only provided since glibc 2.18 */
+#ifndef PF_VSOCK
+#define PF_VSOCK 40
+#endif
+#ifndef AF_VSOCK
+#define AF_VSOCK PF_VSOCK
+#endif
-#define MAGIC_SEQ 123456
-#define BUF_CHUNK (1024 * 1024)
+#define BUF_CHUNK (1024 * 1024) /* Buffer chunk allocation size */
+#define BUF_CHUNKS_MAX 5 /* Maximum number of allocated buffer chunks */
#define LEN_ALIGN(x) (((x) + 1) & ~1)
-#define DIAG_REQUEST(_req, _r) \
- struct { \
- struct nlmsghdr nlh; \
- _r; \
- } _req = { \
- .nlh = { \
- .nlmsg_type = SOCK_DIAG_BY_FAMILY, \
- .nlmsg_flags = NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST,\
- .nlmsg_seq = MAGIC_SEQ, \
- .nlmsg_len = sizeof(_req), \
- }, \
- }
-
#if HAVE_SELINUX
#include <selinux/selinux.h>
#else
}
#endif
-int resolve_services = 1;
int preferred_family = AF_UNSPEC;
-int show_options;
+static int show_options;
int show_details;
-int show_users;
-int show_mem;
-int show_tcpinfo;
-int show_bpf;
-int show_proc_ctx;
-int show_sock_ctx;
-int show_header = 1;
-int follow_events;
-int sctp_ino;
+static int show_users;
+static int show_mem;
+static int show_tcpinfo;
+static int show_bpf;
+static int show_proc_ctx;
+static int show_sock_ctx;
+static int show_header = 1;
+static int follow_events;
+static int sctp_ino;
+static int show_tipcinfo;
+static int show_tos;
+static int show_cgroup;
+int oneline;
enum col_id {
COL_NETID,
COL_RADDR,
COL_RSERV,
COL_EXT,
+ COL_PROC,
COL_MAX
};
{ ALIGN_LEFT, "Port", "", 0, 0, 0 },
{ ALIGN_RIGHT, "Peer Address:", " ", 0, 0, 0 },
{ ALIGN_LEFT, "Port", "", 0, 0, 0 },
+ { ALIGN_LEFT, "Process", "", 0, 0, 0 },
{ ALIGN_LEFT, "", "", 0, 0, 0 },
};
struct buf_token *cur; /* Position of current token in chunk */
struct buf_chunk *head; /* First chunk */
struct buf_chunk *tail; /* Current chunk */
+ int chunks; /* Number of allocated chunks */
} buffer;
static const char *TCP_PROTO = "tcp";
SCTP_DB,
VSOCK_ST_DB,
VSOCK_DG_DB,
+ TIPC_DB,
+ XDP_DB,
MAX_DB
};
#define SS_ALL ((1 << SS_MAX) - 1)
#define SS_CONN (SS_ALL & ~((1<<SS_LISTEN)|(1<<SS_CLOSE)|(1<<SS_TIME_WAIT)|(1<<SS_SYN_RECV)))
+#define TIPC_SS_CONN ((1<<SS_ESTABLISHED)|(1<<SS_LISTEN)|(1<<SS_CLOSE))
#include "ssfilter.h"
uint64_t families;
struct ssfilter *f;
bool kill;
+ struct rtnl_handle *rth_for_killing;
};
#define FAMILY_MASK(family) ((uint64_t)1 << (family))
.states = SS_CONN,
.families = FAMILY_MASK(AF_VSOCK),
},
+ [TIPC_DB] = {
+ .states = TIPC_SS_CONN,
+ .families = FAMILY_MASK(AF_TIPC),
+ },
+ [XDP_DB] = {
+ .states = (1 << SS_CLOSE),
+ .families = FAMILY_MASK(AF_XDP),
+ },
};
static const struct filter default_afs[AF_MAX] = {
.dbs = VSOCK_DBM,
.states = SS_CONN,
},
+ [AF_TIPC] = {
+ .dbs = (1 << TIPC_DB),
+ .states = TIPC_SS_CONN,
+ },
+ [AF_XDP] = {
+ .dbs = (1 << XDP_DB),
+ .states = (1 << SS_CLOSE),
+ },
};
static int do_default = 1;
static struct filter current_filter;
-static void filter_db_set(struct filter *f, int db)
+static void filter_db_set(struct filter *f, int db, bool enable)
{
- f->states |= default_dbs[db].states;
- f->dbs |= 1 << db;
+ if (enable) {
+ f->states |= default_dbs[db].states;
+ f->dbs |= 1 << db;
+ } else {
+ f->dbs &= ~(1 << db);
+ }
do_default = 0;
}
+static int filter_db_parse(struct filter *f, const char *s)
+{
+ const struct {
+ const char *name;
+ int dbs[MAX_DB + 1];
+ } db_name_tbl[] = {
+#define ENTRY(name, ...) { #name, { __VA_ARGS__, MAX_DB } }
+ ENTRY(all, UDP_DB, DCCP_DB, TCP_DB, RAW_DB,
+ UNIX_ST_DB, UNIX_DG_DB, UNIX_SQ_DB,
+ PACKET_R_DB, PACKET_DG_DB, NETLINK_DB,
+ SCTP_DB, VSOCK_ST_DB, VSOCK_DG_DB, XDP_DB),
+ ENTRY(inet, UDP_DB, DCCP_DB, TCP_DB, SCTP_DB, RAW_DB),
+ ENTRY(udp, UDP_DB),
+ ENTRY(dccp, DCCP_DB),
+ ENTRY(tcp, TCP_DB),
+ ENTRY(sctp, SCTP_DB),
+ ENTRY(raw, RAW_DB),
+ ENTRY(unix, UNIX_ST_DB, UNIX_DG_DB, UNIX_SQ_DB),
+ ENTRY(unix_stream, UNIX_ST_DB),
+ ENTRY(u_str, UNIX_ST_DB), /* alias for unix_stream */
+ ENTRY(unix_dgram, UNIX_DG_DB),
+ ENTRY(u_dgr, UNIX_DG_DB), /* alias for unix_dgram */
+ ENTRY(unix_seqpacket, UNIX_SQ_DB),
+ ENTRY(u_seq, UNIX_SQ_DB), /* alias for unix_seqpacket */
+ ENTRY(packet, PACKET_R_DB, PACKET_DG_DB),
+ ENTRY(packet_raw, PACKET_R_DB),
+ ENTRY(p_raw, PACKET_R_DB), /* alias for packet_raw */
+ ENTRY(packet_dgram, PACKET_DG_DB),
+ ENTRY(p_dgr, PACKET_DG_DB), /* alias for packet_dgram */
+ ENTRY(netlink, NETLINK_DB),
+ ENTRY(vsock, VSOCK_ST_DB, VSOCK_DG_DB),
+ ENTRY(vsock_stream, VSOCK_ST_DB),
+ ENTRY(v_str, VSOCK_ST_DB), /* alias for vsock_stream */
+ ENTRY(vsock_dgram, VSOCK_DG_DB),
+ ENTRY(v_dgr, VSOCK_DG_DB), /* alias for vsock_dgram */
+ ENTRY(xdp, XDP_DB),
+#undef ENTRY
+ };
+ bool enable = true;
+ unsigned int i;
+ const int *dbp;
+
+ if (s[0] == '!') {
+ enable = false;
+ s++;
+ }
+ for (i = 0; i < ARRAY_SIZE(db_name_tbl); i++) {
+ if (strcmp(s, db_name_tbl[i].name))
+ continue;
+ for (dbp = db_name_tbl[i].dbs; *dbp != MAX_DB; dbp++)
+ filter_db_set(f, *dbp, enable);
+ return 0;
+ }
+ return -1;
+}
+
static void filter_af_set(struct filter *f, int af)
{
f->states |= default_afs[af].states;
return !!(f->families & FAMILY_MASK(af));
}
-static void filter_default_dbs(struct filter *f)
-{
- filter_db_set(f, UDP_DB);
- filter_db_set(f, DCCP_DB);
- filter_db_set(f, TCP_DB);
- filter_db_set(f, RAW_DB);
- filter_db_set(f, UNIX_ST_DB);
- filter_db_set(f, UNIX_DG_DB);
- filter_db_set(f, UNIX_SQ_DB);
- filter_db_set(f, PACKET_R_DB);
- filter_db_set(f, PACKET_DG_DB);
- filter_db_set(f, NETLINK_DB);
- filter_db_set(f, SCTP_DB);
- filter_db_set(f, VSOCK_ST_DB);
- filter_db_set(f, VSOCK_DG_DB);
-}
-
static void filter_states_set(struct filter *f, int states)
{
if (states)
"net/packet")
#define net_netlink_open() generic_proc_open("PROC_NET_NETLINK", \
"net/netlink")
-#define slabinfo_open() generic_proc_open("PROC_SLABINFO", "slabinfo")
#define net_sockstat_open() generic_proc_open("PROC_NET_SOCKSTAT", \
"net/sockstat")
#define net_sockstat6_open() generic_proc_open("PROC_NET_SOCKSTAT6", \
};
#define USER_ENT_HASH_SIZE 256
-struct user_ent *user_ent_hash[USER_ENT_HASH_SIZE];
+static struct user_ent *user_ent_hash[USER_ENT_HASH_SIZE];
static int user_ent_hashfn(unsigned int ino)
{
return cnt;
}
-/* Get stats from slab */
-
-struct slabstat {
- int socks;
- int tcp_ports;
- int tcp_tws;
- int tcp_syns;
- int skbs;
-};
-
-static struct slabstat slabstat;
-
-static int get_slabstat(struct slabstat *s)
-{
- char buf[256];
- FILE *fp;
- int cnt;
- static int slabstat_valid;
- static const char * const slabstat_ids[] = {
- "sock",
- "tcp_bind_bucket",
- "tcp_tw_bucket",
- "tcp_open_request",
- "skbuff_head_cache",
- };
-
- if (slabstat_valid)
- return 0;
-
- memset(s, 0, sizeof(*s));
-
- fp = slabinfo_open();
- if (!fp)
- return -1;
-
- cnt = sizeof(*s)/sizeof(int);
-
- if (!fgets(buf, sizeof(buf), fp)) {
- fclose(fp);
- return -1;
- }
- while (fgets(buf, sizeof(buf), fp) != NULL) {
- int i;
-
- for (i = 0; i < ARRAY_SIZE(slabstat_ids); i++) {
- if (memcmp(buf, slabstat_ids[i], strlen(slabstat_ids[i])) == 0) {
- sscanf(buf, "%*s%d", ((int *)s) + i);
- cnt--;
- break;
- }
- }
- if (cnt <= 0)
- break;
- }
-
- slabstat_valid = 1;
-
- fclose(fp);
- return 0;
-}
-
static unsigned long long cookie_sk_get(const uint32_t *cookie)
{
return (((unsigned long long)cookie[1] << 31) << 1) | cookie[0];
[SCTP_STATE_SHUTDOWN_ACK_SENT] = "ACK_SENT",
};
+static const char * const stype_nameg[] = {
+ "UNKNOWN",
+ [SOCK_STREAM] = "STREAM",
+ [SOCK_DGRAM] = "DGRAM",
+ [SOCK_RDM] = "RDM",
+ [SOCK_SEQPACKET] = "SEQPACKET",
+};
+
struct sockstat {
struct sockstat *next;
unsigned int type;
char *name;
char *peer_name;
__u32 mark;
+ __u64 cgroup_id;
};
struct dctcpstat {
unsigned int fackets;
unsigned int reordering;
unsigned int not_sent;
+ unsigned int delivered;
+ unsigned int delivered_ce;
+ unsigned int dsack_dups;
+ unsigned int reord_seen;
double rcv_rtt;
double min_rtt;
int rcv_space;
unsigned long long busy_time;
unsigned long long rwnd_limited;
unsigned long long sndbuf_limited;
+ unsigned long long bytes_sent;
+ unsigned long long bytes_retrans;
bool has_ts_opt;
bool has_sack_opt;
bool has_ecn_opt;
}
}
+static const char *tipc_netid_name(int type)
+{
+ switch (type) {
+ case SOCK_STREAM:
+ return "ti_st";
+ case SOCK_DGRAM:
+ return "ti_dg";
+ case SOCK_RDM:
+ return "ti_rd";
+ case SOCK_SEQPACKET:
+ return "ti_sq";
+ default:
+ return "???";
+ }
+}
+
/* Allocate and initialize a new buffer chunk */
static struct buf_chunk *buf_chunk_new(void)
{
new->end = buffer.cur->data;
+ buffer.chunks++;
+
return new;
}
}
/* Append content to buffer as part of the current field */
+__attribute__((format(printf, 1, 2)))
static void out(const char *fmt, ...)
{
struct column *f = current_field;
return f - columns == COL_MAX - 1;
}
-static void field_next(void)
-{
- field_flush(current_field);
-
- if (field_is_last(current_field))
- current_field = columns;
- else
- current_field++;
-}
-
-/* Walk through fields and flush them until we reach the desired one */
-static void field_set(enum col_id id)
-{
- while (id != current_field - columns)
- field_next();
-}
-
-/* Print header for all non-empty columns */
-static void print_header(void)
-{
- while (!field_is_last(current_field)) {
- if (!current_field->disabled)
- out(current_field->header);
- field_next();
- }
-}
-
/* Get the next available token in the buffer starting from the current token */
static struct buf_token *buf_token_next(struct buf_token *cur)
{
free(tmp);
}
buffer.head = NULL;
+ buffer.chunks = 0;
+}
+
+/* Get current screen width, returns -1 if TIOCGWINSZ fails */
+static int render_screen_width(void)
+{
+ int width = -1;
+
+ if (isatty(STDOUT_FILENO)) {
+ struct winsize w;
+
+ if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1) {
+ if (w.ws_col > 0)
+ width = w.ws_col;
+ }
+ }
+
+ return width;
}
/* Calculate column width from contents length. If columns don't fit on one
* aligned across lines. Available screen space is equally spread between fields
* as additional spacing.
*/
-static void render_calc_width(int screen_width)
+static void render_calc_width(void)
{
- int first, len = 0, linecols = 0;
+ int screen_width, first, len = 0, linecols = 0;
struct column *c, *eol = columns - 1;
+ bool compact_output = false;
+
+ screen_width = render_screen_width();
+ if (screen_width == -1) {
+ screen_width = INT_MAX;
+ compact_output = true;
+ }
/* First pass: set width for each column to measured content length */
for (first = 1, c = columns; c - columns < COL_MAX; c++) {
first = 0;
}
+ if (compact_output) {
+ /* Compact output, skip extending columns. */
+ return;
+ }
+
/* Second pass: find out newlines and distribute available spacing */
for (c = columns; c - columns < COL_MAX; c++) {
int pad, spacing, rem, last;
}
/* Render buffered output with spacing and delimiters, then free up buffers */
-static void render(int screen_width)
+static void render(void)
{
- struct buf_token *token = (struct buf_token *)buffer.head->data;
+ struct buf_token *token;
int printed, line_started = 0;
struct column *f;
+ if (!buffer.head)
+ return;
+
+ token = (struct buf_token *)buffer.head->data;
+
/* Ensure end alignment of last token, it wasn't necessarily flushed */
buffer.tail->end += buffer.cur->len % 2;
- render_calc_width(screen_width);
+ render_calc_width();
/* Rewind and replay */
buffer.tail = buffer.head;
while (token) {
/* Print left delimiter only if we already started a line */
if (line_started++)
- printed = printf("%s", current_field->ldelim);
+ printed = printf("%s", f->ldelim);
else
printed = 0;
token = buf_token_next(token);
}
+ /* Deal with final end-of-line when the last non-empty field printed
+ * is not the last field.
+ */
+ if (line_started)
+ printf("\n");
buf_free_all();
+ current_field = columns;
+}
+
+/* Move to next field, and render buffer if we reached the maximum number of
+ * chunks, at the last field in a line.
+ */
+static void field_next(void)
+{
+ if (field_is_last(current_field) && buffer.chunks >= BUF_CHUNKS_MAX) {
+ render();
+ return;
+ }
+
+ field_flush(current_field);
+ if (field_is_last(current_field))
+ current_field = columns;
+ else
+ current_field++;
+}
+
+/* Walk through fields and flush them until we reach the desired one */
+static void field_set(enum col_id id)
+{
+ while (id != current_field - columns)
+ field_next();
+}
+
+/* Print header for all non-empty columns */
+static void print_header(void)
+{
+ while (!field_is_last(current_field)) {
+ if (!current_field->disabled)
+ out("%s", current_field->header);
+ field_next();
+ }
}
static void sock_state_print(struct sockstat *s)
case AF_NETLINK:
sock_name = "nl";
break;
+ case AF_TIPC:
+ sock_name = tipc_netid_name(s->type);
+ break;
case AF_VSOCK:
sock_name = vsock_netid_name(s->type);
break;
+ case AF_XDP:
+ sock_name = "xdp";
+ break;
default:
sock_name = "unknown";
}
if (s->mark)
out(" fwmark:0x%x", s->mark);
+
+ if (s->cgroup_id)
+ out(" cgroup:%s", cg_id_to_path(s->cgroup_id));
}
static void sock_addr_print(const char *addr, char *delim, const char *port,
const char *proto;
};
-struct scache *rlist;
+static struct scache *rlist;
static void init_service_resolver(void)
{
return buf;
}
- if (!resolve_services)
+ if (numeric)
goto do_numeric;
if (dg_proto == RAW_PROTO)
unsigned int iface;
__u32 mark;
__u32 mask;
+ __u64 cgroup_id;
struct aafilter *next;
};
return 1;
if (addr == NULL)
addr = "";
- return !fnmatch(pattern, addr, 0);
+ return !fnmatch(pattern, addr, FNM_CASEFOLD);
}
static int run_ssfilter(struct ssfilter *f, struct sockstat *s)
struct aafilter *a = (void *)f->pred;
return (s->mark & a->mask) == a->mark;
+ }
+ case SSF_CGROUPCOND:
+ {
+ struct aafilter *a = (void *)f->pred;
+
+ return s->cgroup_id == a->cgroup_id;
}
/* Yup. It is recursion. Sorry. */
case SSF_AND:
{ a->mark, a->mask},
};
+ return inslen;
+ }
+ case SSF_CGROUPCOND:
+ {
+ struct aafilter *a = (void *)f->pred;
+ struct instr {
+ struct inet_diag_bc_op op;
+ __u64 cgroup_id;
+ } __attribute__((packed));
+ int inslen = sizeof(struct instr);
+
+ if (!(*bytecode = malloc(inslen))) abort();
+ ((struct instr *)*bytecode)[0] = (struct instr) {
+ { INET_DIAG_BC_CGROUP_COND, inslen, inslen + 4 },
+ a->cgroup_id,
+ };
+
return inslen;
}
default:
return res;
}
+void *parse_cgroupcond(const char *path)
+{
+ struct aafilter *res;
+ __u64 id;
+
+ id = get_cgroup2_id(path);
+ if (!id)
+ return NULL;
+
+ res = malloc(sizeof(*res));
+ if (res)
+ res->cgroup_id = id;
+
+ return res;
+}
+
static void proc_ctx_print(struct sockstat *s)
{
char *buf;
return 0;
}
+/*
+ * Display bandwidth in standard units
+ * See: https://en.wikipedia.org/wiki/Data-rate_units
+ * bw is in bits per second
+ */
static char *sprint_bw(char *buf, double bw)
{
- if (bw > 1000000.)
- sprintf(buf, "%.1fM", bw / 1000000.);
- else if (bw > 1000.)
- sprintf(buf, "%.1fK", bw / 1000.);
+ if (numeric)
+ sprintf(buf, "%.0f", bw);
+ else if (bw >= 1e12)
+ sprintf(buf, "%.3gT", bw / 1e12);
+ else if (bw >= 1e9)
+ sprintf(buf, "%.3gG", bw / 1e9);
+ else if (bw >= 1e6)
+ sprintf(buf, "%.3gM", bw / 1e6);
+ else if (bw >= 1e3)
+ sprintf(buf, "%.3gk", bw / 1e3);
else
sprintf(buf, "%g", bw);
if (s->sctpi_s_pd_point)
out(" pdpoint:%d", s->sctpi_s_pd_point);
if (s->sctpi_s_nodelay)
- out(" nodealy:%d", s->sctpi_s_nodelay);
+ out(" nodelay:%d", s->sctpi_s_nodelay);
if (s->sctpi_s_disable_fragments)
out(" nofrag:%d", s->sctpi_s_disable_fragments);
if (s->sctpi_s_v4mapped)
if (s->ssthresh)
out(" ssthresh:%d", s->ssthresh);
+ if (s->bytes_sent)
+ out(" bytes_sent:%llu", s->bytes_sent);
+ if (s->bytes_retrans)
+ out(" bytes_retrans:%llu", s->bytes_retrans);
if (s->bytes_acked)
out(" bytes_acked:%llu", s->bytes_acked);
if (s->bytes_received)
if (s->delivery_rate)
out(" delivery_rate %sbps", sprint_bw(b1, s->delivery_rate));
+ if (s->delivered)
+ out(" delivered:%u", s->delivered);
+ if (s->delivered_ce)
+ out(" delivered_ce:%u", s->delivered_ce);
if (s->app_limited)
out(" app_limited");
out(" lost:%u", s->lost);
if (s->sacked && s->ss.state != SS_LISTEN)
out(" sacked:%u", s->sacked);
+ if (s->dsack_dups)
+ out(" dsack_dups:%u", s->dsack_dups);
if (s->fackets)
out(" fackets:%u", s->fackets);
if (s->reordering != 3)
out(" reordering:%d", s->reordering);
+ if (s->reord_seen)
+ out(" reord_seen:%d", s->reord_seen);
if (s->rcv_rtt)
out(" rcv_rtt:%g", s->rcv_rtt);
if (s->rcv_space)
print_escape_buf(sig->tcpm_key, sig->tcpm_keylen, " ,");
}
+static void tcp_tls_version(struct rtattr *attr)
+{
+ u_int16_t val;
+
+ if (!attr)
+ return;
+ val = rta_getattr_u16(attr);
+
+ switch (val) {
+ case TLS_1_2_VERSION:
+ out(" version: 1.2");
+ break;
+ case TLS_1_3_VERSION:
+ out(" version: 1.3");
+ break;
+ default:
+ out(" version: unknown(%hu)", val);
+ break;
+ }
+}
+
+static void tcp_tls_cipher(struct rtattr *attr)
+{
+ u_int16_t val;
+
+ if (!attr)
+ return;
+ val = rta_getattr_u16(attr);
+
+ switch (val) {
+ case TLS_CIPHER_AES_GCM_128:
+ out(" cipher: aes-gcm-128");
+ break;
+ case TLS_CIPHER_AES_GCM_256:
+ out(" cipher: aes-gcm-256");
+ break;
+ }
+}
+
+static void tcp_tls_conf(const char *name, struct rtattr *attr)
+{
+ u_int16_t val;
+
+ if (!attr)
+ return;
+ val = rta_getattr_u16(attr);
+
+ switch (val) {
+ case TLS_CONF_BASE:
+ out(" %s: none", name);
+ break;
+ case TLS_CONF_SW:
+ out(" %s: sw", name);
+ break;
+ case TLS_CONF_HW:
+ out(" %s: hw", name);
+ break;
+ case TLS_CONF_HW_RECORD:
+ out(" %s: hw-record", name);
+ break;
+ default:
+ out(" %s: unknown(%hu)", name, val);
+ break;
+ }
+}
+
+static void mptcp_subflow_info(struct rtattr *tb[])
+{
+ u_int32_t flags = 0;
+
+ if (tb[MPTCP_SUBFLOW_ATTR_FLAGS]) {
+ char caps[32 + 1] = { 0 }, *cap = &caps[0];
+
+ flags = rta_getattr_u32(tb[MPTCP_SUBFLOW_ATTR_FLAGS]);
+
+ if (flags & MPTCP_SUBFLOW_FLAG_MCAP_REM)
+ *cap++ = 'M';
+ if (flags & MPTCP_SUBFLOW_FLAG_MCAP_LOC)
+ *cap++ = 'm';
+ if (flags & MPTCP_SUBFLOW_FLAG_JOIN_REM)
+ *cap++ = 'J';
+ if (flags & MPTCP_SUBFLOW_FLAG_JOIN_LOC)
+ *cap++ = 'j';
+ if (flags & MPTCP_SUBFLOW_FLAG_BKUP_REM)
+ *cap++ = 'B';
+ if (flags & MPTCP_SUBFLOW_FLAG_BKUP_LOC)
+ *cap++ = 'b';
+ if (flags & MPTCP_SUBFLOW_FLAG_FULLY_ESTABLISHED)
+ *cap++ = 'e';
+ if (flags & MPTCP_SUBFLOW_FLAG_CONNECTED)
+ *cap++ = 'c';
+ if (flags & MPTCP_SUBFLOW_FLAG_MAPVALID)
+ *cap++ = 'v';
+ if (flags)
+ out(" flags:%s", caps);
+ }
+ if (tb[MPTCP_SUBFLOW_ATTR_TOKEN_REM] &&
+ tb[MPTCP_SUBFLOW_ATTR_TOKEN_LOC] &&
+ tb[MPTCP_SUBFLOW_ATTR_ID_REM] &&
+ tb[MPTCP_SUBFLOW_ATTR_ID_LOC])
+ out(" token:%04x(id:%hhu)/%04x(id:%hhu)",
+ rta_getattr_u32(tb[MPTCP_SUBFLOW_ATTR_TOKEN_REM]),
+ rta_getattr_u8(tb[MPTCP_SUBFLOW_ATTR_ID_REM]),
+ rta_getattr_u32(tb[MPTCP_SUBFLOW_ATTR_TOKEN_LOC]),
+ rta_getattr_u8(tb[MPTCP_SUBFLOW_ATTR_ID_LOC]));
+ if (tb[MPTCP_SUBFLOW_ATTR_MAP_SEQ])
+ out(" seq:%llx",
+ rta_getattr_u64(tb[MPTCP_SUBFLOW_ATTR_MAP_SEQ]));
+ if (tb[MPTCP_SUBFLOW_ATTR_MAP_SFSEQ])
+ out(" sfseq:%x",
+ rta_getattr_u32(tb[MPTCP_SUBFLOW_ATTR_MAP_SFSEQ]));
+ if (tb[MPTCP_SUBFLOW_ATTR_SSN_OFFSET])
+ out(" ssnoff:%x",
+ rta_getattr_u32(tb[MPTCP_SUBFLOW_ATTR_SSN_OFFSET]));
+ if (tb[MPTCP_SUBFLOW_ATTR_MAP_DATALEN])
+ out(" maplen:%x",
+ rta_getattr_u32(tb[MPTCP_SUBFLOW_ATTR_MAP_DATALEN]));
+}
+
#define TCPI_HAS_OPT(info, opt) !!(info->tcpi_options & (opt))
static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
s.busy_time = info->tcpi_busy_time;
s.rwnd_limited = info->tcpi_rwnd_limited;
s.sndbuf_limited = info->tcpi_sndbuf_limited;
+ s.delivered = info->tcpi_delivered;
+ s.delivered_ce = info->tcpi_delivered_ce;
+ s.dsack_dups = info->tcpi_dsack_dups;
+ s.reord_seen = info->tcpi_reord_seen;
+ s.bytes_sent = info->tcpi_bytes_sent;
+ s.bytes_retrans = info->tcpi_bytes_retrans;
tcp_stats_print(&s);
free(s.dctcp);
free(s.bbr_info);
print_md5sig(sig++);
}
}
+ if (tb[INET_DIAG_ULP_INFO]) {
+ struct rtattr *ulpinfo[INET_ULP_INFO_MAX + 1] = { 0 };
+
+ parse_rtattr_nested(ulpinfo, INET_ULP_INFO_MAX,
+ tb[INET_DIAG_ULP_INFO]);
+
+ if (ulpinfo[INET_ULP_INFO_NAME])
+ out(" tcp-ulp-%s",
+ rta_getattr_str(ulpinfo[INET_ULP_INFO_NAME]));
+
+ if (ulpinfo[INET_ULP_INFO_TLS]) {
+ struct rtattr *tlsinfo[TLS_INFO_MAX + 1] = { 0 };
+
+ parse_rtattr_nested(tlsinfo, TLS_INFO_MAX,
+ ulpinfo[INET_ULP_INFO_TLS]);
+
+ tcp_tls_version(tlsinfo[TLS_INFO_VERSION]);
+ tcp_tls_cipher(tlsinfo[TLS_INFO_CIPHER]);
+ tcp_tls_conf("rxconf", tlsinfo[TLS_INFO_RXCONF]);
+ tcp_tls_conf("txconf", tlsinfo[TLS_INFO_TXCONF]);
+ }
+ if (ulpinfo[INET_ULP_INFO_MPTCP]) {
+ struct rtattr *sfinfo[MPTCP_SUBFLOW_ATTR_MAX + 1] =
+ { 0 };
+
+ parse_rtattr_nested(sfinfo, MPTCP_SUBFLOW_ATTR_MAX,
+ ulpinfo[INET_ULP_INFO_MPTCP]);
+ mptcp_subflow_info(sfinfo);
+ }
+ }
}
static const char *format_host_sa(struct sockaddr_storage *sa)
len = RTA_PAYLOAD(tb[INET_DIAG_LOCALS]);
sa = RTA_DATA(tb[INET_DIAG_LOCALS]);
- out("locals:%s", format_host_sa(sa));
+ out(" locals:%s", format_host_sa(sa));
for (sa++, len -= sizeof(*sa); len > 0; sa++, len -= sizeof(*sa))
out(",%s", format_host_sa(sa));
s->mark = 0;
if (tb[INET_DIAG_MARK])
s->mark = rta_getattr_u32(tb[INET_DIAG_MARK]);
+ s->cgroup_id = 0;
+ if (tb[INET_DIAG_CGROUP_ID])
+ s->cgroup_id = rta_getattr_u64(tb[INET_DIAG_CGROUP_ID]);
if (tb[INET_DIAG_PROTOCOL])
s->raw_prot = rta_getattr_u8(tb[INET_DIAG_PROTOCOL]);
else
}
}
+ if (show_tos) {
+ if (tb[INET_DIAG_TOS])
+ out(" tos:%#x", rta_getattr_u8(tb[INET_DIAG_TOS]));
+ if (tb[INET_DIAG_TCLASS])
+ out(" tclass:%#x", rta_getattr_u8(tb[INET_DIAG_TCLASS]));
+ if (tb[INET_DIAG_CLASS_ID])
+ out(" class_id:%#x", rta_getattr_u32(tb[INET_DIAG_CLASS_ID]));
+ }
+
+ if (show_cgroup) {
+ if (tb[INET_DIAG_CGROUP_ID])
+ out(" cgroup:%s", cg_id_to_path(rta_getattr_u64(tb[INET_DIAG_CGROUP_ID])));
+ }
+
if (show_mem || (show_tcpinfo && s->type != IPPROTO_UDP)) {
- out("\n\t");
+ if (!oneline)
+ out("\n\t");
if (s->type == IPPROTO_SCTP)
sctp_show_info(nlh, r, tb);
else
req.r.idiag_ext |= (1<<(INET_DIAG_CONG-1));
}
+ if (show_tos) {
+ req.r.idiag_ext |= (1<<(INET_DIAG_TOS-1));
+ req.r.idiag_ext |= (1<<(INET_DIAG_TCLASS-1));
+ }
+
iov[0] = (struct iovec){
.iov_base = &req,
.iov_len = sizeof(req)
req.r.idiag_ext |= (1<<(INET_DIAG_CONG-1));
}
+ if (show_tos) {
+ req.r.idiag_ext |= (1<<(INET_DIAG_TOS-1));
+ req.r.idiag_ext |= (1<<(INET_DIAG_TCLASS-1));
+ }
+
iov[0] = (struct iovec){
.iov_base = &req,
.iov_len = sizeof(req)
return rtnl_talk(rth, &req.nlh, NULL);
}
-static int show_one_inet_sock(const struct sockaddr_nl *addr,
- struct nlmsghdr *h, void *arg)
+static int show_one_inet_sock(struct nlmsghdr *h, void *arg)
{
int err;
struct inet_diag_arg *diag_arg = arg;
}
while (1) {
- int status, err2;
+ int err2;
+ size_t status, nitems;
struct nlmsghdr *h = (struct nlmsghdr *)buf;
struct sockstat s = {};
status = fread(buf, 1, sizeof(*h), fp);
- if (status < 0) {
- perror("Reading header from $TCPDIAG_FILE");
- break;
- }
if (status != sizeof(*h)) {
- perror("Unexpected EOF reading $TCPDIAG_FILE");
+ if (ferror(fp))
+ perror("Reading header from $TCPDIAG_FILE");
+ if (feof(fp))
+ fprintf(stderr, "Unexpected EOF reading $TCPDIAG_FILE");
break;
}
- status = fread(h+1, 1, NLMSG_ALIGN(h->nlmsg_len-sizeof(*h)), fp);
+ nitems = NLMSG_ALIGN(h->nlmsg_len - sizeof(*h));
+ status = fread(h+1, 1, nitems, fp);
- if (status < 0) {
- perror("Reading $TCPDIAG_FILE");
- break;
- }
- if (status + sizeof(*h) < h->nlmsg_len) {
- perror("Unexpected EOF reading $TCPDIAG_FILE");
+ if (status != nitems) {
+ if (ferror(fp))
+ perror("Reading $TCPDIAG_FILE");
+ if (feof(fp))
+ fprintf(stderr, "Unexpected EOF reading $TCPDIAG_FILE");
break;
}
{
FILE *fp = NULL;
char *buf = NULL;
- int bufsize = 64*1024;
+ int bufsize = 1024*1024;
if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
return 0;
return 0;
/* Sigh... We have to parse /proc/net/tcp... */
-
-
- /* Estimate amount of sockets and try to allocate
- * huge buffer to read all the table at one read.
- * Limit it by 16MB though. The assumption is: as soon as
- * kernel was able to hold information about N connections,
- * it is able to give us some memory for snapshot.
- */
- if (1) {
- get_slabstat(&slabstat);
-
- int guess = slabstat.socks+slabstat.tcp_syns;
-
- if (f->states&(1<<SS_TIME_WAIT))
- guess += slabstat.tcp_tws;
- if (guess > (16*1024*1024)/128)
- guess = (16*1024*1024)/128;
- guess *= 128;
- if (guess > bufsize)
- bufsize = guess;
- }
while (bufsize >= 64*1024) {
if ((buf = malloc(bufsize)) != NULL)
break;
proc_ctx_print(s);
}
-static int unix_show_sock(const struct sockaddr_nl *addr, struct nlmsghdr *nlh,
- void *arg)
+static int unix_show_sock(struct nlmsghdr *nlh, void *arg)
{
struct filter *f = (struct filter *)arg;
struct unix_diag_msg *r = NLMSG_DATA(nlh);
out(" %c-%c",
mask & 1 ? '-' : '<', mask & 2 ? '-' : '>');
}
+ if (tb[UNIX_DIAG_VFS]) {
+ struct unix_diag_vfs *uv = RTA_DATA(tb[UNIX_DIAG_VFS]);
+
+ out(" ino:%u dev:%u/%u", uv->udiag_vfs_ino, major(uv->udiag_vfs_dev),
+ minor(uv->udiag_vfs_dev));
+ }
+ if (tb[UNIX_DIAG_ICONS]) {
+ int len = RTA_PAYLOAD(tb[UNIX_DIAG_ICONS]);
+ __u32 *peers = RTA_DATA(tb[UNIX_DIAG_ICONS]);
+ int i;
+
+ out(" peers:");
+ for (i = 0; i < len / sizeof(__u32); i++)
+ out(" %u", peers[i]);
+ }
}
return 0;
req.r.udiag_show = UDIAG_SHOW_NAME | UDIAG_SHOW_PEER | UDIAG_SHOW_RQLEN;
if (show_mem)
req.r.udiag_show |= UDIAG_SHOW_MEMINFO;
+ if (show_details)
+ req.r.udiag_show |= UDIAG_SHOW_VFS | UDIAG_SHOW_ICONS;
return handle_netlink_request(f, &req.nlh, sizeof(req), unix_show_sock);
}
out(",features:0x%x", ring->pdr_features);
}
-static int packet_show_sock(const struct sockaddr_nl *addr,
- struct nlmsghdr *nlh, void *arg)
+static int packet_show_sock(struct nlmsghdr *nlh, void *arg)
{
const struct filter *f = arg;
struct packet_diag_msg *r = NLMSG_DATA(nlh);
if (show_details) {
if (pinfo) {
- out("\n\tver:%d", pinfo->pdi_version);
+ if (oneline)
+ out(" ver:%d", pinfo->pdi_version);
+ else
+ out("\n\tver:%d", pinfo->pdi_version);
out(" cpy_thresh:%d", pinfo->pdi_copy_thresh);
out(" flags( ");
if (pinfo->pdi_flags & PDI_RUNNING)
out(" )");
}
if (ring_rx) {
- out("\n\tring_rx(");
+ if (oneline)
+ out(" ring_rx(");
+ else
+ out("\n\tring_rx(");
packet_show_ring(ring_rx);
out(")");
}
if (ring_tx) {
- out("\n\tring_tx(");
+ if (oneline)
+ out(" ring_tx(");
+ else
+ out("\n\tring_tx(");
packet_show_ring(ring_tx);
out(")");
}
if (has_fanout) {
uint16_t type = (fanout >> 16) & 0xffff;
- out("\n\tfanout(");
+ if (oneline)
+ out(" fanout(");
+ else
+ out("\n\tfanout(");
out("id:%d,", fanout & 0xffff);
out("type:");
int num = RTA_PAYLOAD(tb[PACKET_DIAG_FILTER]) /
sizeof(struct sock_filter);
- out("\n\tbpf filter (%d): ", num);
+ if (oneline)
+ out(" bpf filter (%d): ", num);
+ else
+ out("\n\tbpf filter (%d): ", num);
while (num) {
out(" 0x%02x %u %u %u,",
fil->code, fil->jt, fil->jf, fil->k);
fil++;
}
}
+
+ if (show_mem)
+ print_skmeminfo(tb, PACKET_DIAG_MEMINFO);
return 0;
}
return rc;
}
+static int xdp_stats_print(struct sockstat *s, const struct filter *f)
+{
+ const char *addr, *port;
+ char q_str[16];
+
+ s->local.family = s->remote.family = AF_XDP;
+
+ if (f->f) {
+ if (run_ssfilter(f->f, s) == 0)
+ return 1;
+ }
+
+ sock_state_print(s);
+
+ if (s->iface) {
+ addr = xll_index_to_name(s->iface);
+ snprintf(q_str, sizeof(q_str), "q%d", s->lport);
+ port = q_str;
+ sock_addr_print(addr, ":", port, NULL);
+ } else {
+ sock_addr_print("", "*", "", NULL);
+ }
+
+ sock_addr_print("", "*", "", NULL);
+
+ proc_ctx_print(s);
+
+ if (show_details)
+ sock_details_print(s);
+
+ return 0;
+}
+
+static void xdp_show_ring(const char *name, struct xdp_diag_ring *ring)
+{
+ if (oneline)
+ out(" %s(", name);
+ else
+ out("\n\t%s(", name);
+ out("entries:%u", ring->entries);
+ out(")");
+}
+
+static void xdp_show_umem(struct xdp_diag_umem *umem, struct xdp_diag_ring *fr,
+ struct xdp_diag_ring *cr)
+{
+ if (oneline)
+ out(" tumem(");
+ else
+ out("\n\tumem(");
+ out("id:%u", umem->id);
+ out(",size:%llu", umem->size);
+ out(",num_pages:%u", umem->num_pages);
+ out(",chunk_size:%u", umem->chunk_size);
+ out(",headroom:%u", umem->headroom);
+ out(",ifindex:%u", umem->ifindex);
+ out(",qid:%u", umem->queue_id);
+ out(",zc:%u", umem->flags & XDP_DU_F_ZEROCOPY);
+ out(",refs:%u", umem->refs);
+ out(")");
+
+ if (fr)
+ xdp_show_ring("fr", fr);
+ if (cr)
+ xdp_show_ring("cr", cr);
+}
+
+static int xdp_show_sock(struct nlmsghdr *nlh, void *arg)
+{
+ struct xdp_diag_ring *rx = NULL, *tx = NULL, *fr = NULL, *cr = NULL;
+ struct xdp_diag_msg *msg = NLMSG_DATA(nlh);
+ struct rtattr *tb[XDP_DIAG_MAX + 1];
+ struct xdp_diag_info *info = NULL;
+ struct xdp_diag_umem *umem = NULL;
+ const struct filter *f = arg;
+ struct sockstat stat = {};
+
+ parse_rtattr(tb, XDP_DIAG_MAX, (struct rtattr *)(msg + 1),
+ nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*msg)));
+
+ stat.type = msg->xdiag_type;
+ stat.ino = msg->xdiag_ino;
+ stat.state = SS_CLOSE;
+ stat.sk = cookie_sk_get(&msg->xdiag_cookie[0]);
+
+ if (tb[XDP_DIAG_INFO]) {
+ info = RTA_DATA(tb[XDP_DIAG_INFO]);
+ stat.iface = info->ifindex;
+ stat.lport = info->queue_id;
+ }
+
+ if (tb[XDP_DIAG_UID])
+ stat.uid = rta_getattr_u32(tb[XDP_DIAG_UID]);
+ if (tb[XDP_DIAG_RX_RING])
+ rx = RTA_DATA(tb[XDP_DIAG_RX_RING]);
+ if (tb[XDP_DIAG_TX_RING])
+ tx = RTA_DATA(tb[XDP_DIAG_TX_RING]);
+ if (tb[XDP_DIAG_UMEM])
+ umem = RTA_DATA(tb[XDP_DIAG_UMEM]);
+ if (tb[XDP_DIAG_UMEM_FILL_RING])
+ fr = RTA_DATA(tb[XDP_DIAG_UMEM_FILL_RING]);
+ if (tb[XDP_DIAG_UMEM_COMPLETION_RING])
+ cr = RTA_DATA(tb[XDP_DIAG_UMEM_COMPLETION_RING]);
+ if (tb[XDP_DIAG_MEMINFO]) {
+ __u32 *skmeminfo = RTA_DATA(tb[XDP_DIAG_MEMINFO]);
+
+ stat.rq = skmeminfo[SK_MEMINFO_RMEM_ALLOC];
+ }
+
+ if (xdp_stats_print(&stat, f))
+ return 0;
+
+ if (show_details) {
+ if (rx)
+ xdp_show_ring("rx", rx);
+ if (tx)
+ xdp_show_ring("tx", tx);
+ if (umem)
+ xdp_show_umem(umem, fr, cr);
+ }
+
+ if (show_mem)
+ print_skmeminfo(tb, XDP_DIAG_MEMINFO); // really?
+
+
+ return 0;
+}
+
+static int xdp_show(struct filter *f)
+{
+ DIAG_REQUEST(req, struct xdp_diag_req r);
+
+ if (!filter_af_get(f, AF_XDP) || !(f->states & (1 << SS_CLOSE)))
+ return 0;
+
+ req.r.sdiag_family = AF_XDP;
+ req.r.xdiag_show = XDP_SHOW_INFO | XDP_SHOW_RING_CFG | XDP_SHOW_UMEM |
+ XDP_SHOW_MEMINFO;
+
+ return handle_netlink_request(f, &req.nlh, sizeof(req), xdp_show_sock);
+}
+
static int netlink_show_one(struct filter *f,
int prot, int pid, unsigned int groups,
int state, int dst_pid, unsigned int dst_group,
sock_state_print(&st);
- if (resolve_services)
- prot_name = nl_proto_n2a(prot, prot_buf, sizeof(prot_buf));
- else
- prot_name = int_to_str(prot, prot_buf);
+ prot_name = nl_proto_n2a(prot, prot_buf, sizeof(prot_buf));
if (pid == -1) {
procname[0] = '*';
- } else if (resolve_services) {
+ } else if (!numeric) {
int done = 0;
if (!pid) {
done = 1;
- strncpy(procname, "kernel", 6);
+ strncpy(procname, "kernel", 7);
} else if (pid > 0) {
FILE *fp;
return 0;
}
-static int netlink_show_sock(const struct sockaddr_nl *addr,
- struct nlmsghdr *nlh, void *arg)
+static int netlink_show_sock(struct nlmsghdr *nlh, void *arg)
{
struct filter *f = (struct filter *)arg;
struct netlink_diag_msg *r = NLMSG_DATA(nlh);
proc_ctx_print(s);
}
-static int vsock_show_sock(const struct sockaddr_nl *addr,
- struct nlmsghdr *nlh, void *arg)
+static int vsock_show_sock(struct nlmsghdr *nlh, void *arg)
{
struct filter *f = (struct filter *)arg;
struct vsock_diag_msg *r = NLMSG_DATA(nlh);
return handle_netlink_request(f, &req.nlh, sizeof(req), vsock_show_sock);
}
+static void tipc_sock_addr_print(struct rtattr *net_addr, struct rtattr *id)
+{
+ uint32_t node = rta_getattr_u32(net_addr);
+ uint32_t identity = rta_getattr_u32(id);
+
+ SPRINT_BUF(addr) = {};
+ SPRINT_BUF(port) = {};
+
+ sprintf(addr, "%u", node);
+ sprintf(port, "%u", identity);
+ sock_addr_print(addr, ":", port, NULL);
+
+}
+
+static int tipc_show_sock(struct nlmsghdr *nlh, void *arg)
+{
+ struct rtattr *stat[TIPC_NLA_SOCK_STAT_MAX + 1] = {};
+ struct rtattr *attrs[TIPC_NLA_SOCK_MAX + 1] = {};
+ struct rtattr *con[TIPC_NLA_CON_MAX + 1] = {};
+ struct rtattr *info[TIPC_NLA_MAX + 1] = {};
+ struct rtattr *msg_ref;
+ struct sockstat ss = {};
+
+ parse_rtattr(info, TIPC_NLA_MAX, NLMSG_DATA(nlh),
+ NLMSG_PAYLOAD(nlh, 0));
+
+ if (!info[TIPC_NLA_SOCK])
+ return 0;
+
+ msg_ref = info[TIPC_NLA_SOCK];
+ parse_rtattr(attrs, TIPC_NLA_SOCK_MAX, RTA_DATA(msg_ref),
+ RTA_PAYLOAD(msg_ref));
+
+ msg_ref = attrs[TIPC_NLA_SOCK_STAT];
+ parse_rtattr(stat, TIPC_NLA_SOCK_STAT_MAX,
+ RTA_DATA(msg_ref), RTA_PAYLOAD(msg_ref));
+
+
+ ss.local.family = AF_TIPC;
+ ss.type = rta_getattr_u32(attrs[TIPC_NLA_SOCK_TYPE]);
+ ss.state = rta_getattr_u32(attrs[TIPC_NLA_SOCK_TIPC_STATE]);
+ ss.uid = rta_getattr_u32(attrs[TIPC_NLA_SOCK_UID]);
+ ss.ino = rta_getattr_u32(attrs[TIPC_NLA_SOCK_INO]);
+ ss.rq = rta_getattr_u32(stat[TIPC_NLA_SOCK_STAT_RCVQ]);
+ ss.wq = rta_getattr_u32(stat[TIPC_NLA_SOCK_STAT_SENDQ]);
+ ss.sk = rta_getattr_u64(attrs[TIPC_NLA_SOCK_COOKIE]);
+
+ sock_state_print (&ss);
+
+ tipc_sock_addr_print(attrs[TIPC_NLA_SOCK_ADDR],
+ attrs[TIPC_NLA_SOCK_REF]);
+
+ msg_ref = attrs[TIPC_NLA_SOCK_CON];
+ if (msg_ref) {
+ parse_rtattr(con, TIPC_NLA_CON_MAX,
+ RTA_DATA(msg_ref), RTA_PAYLOAD(msg_ref));
+
+ tipc_sock_addr_print(con[TIPC_NLA_CON_NODE],
+ con[TIPC_NLA_CON_SOCK]);
+ } else
+ sock_addr_print("", "-", "", NULL);
+
+ if (show_details)
+ sock_details_print(&ss);
+
+ proc_ctx_print(&ss);
+
+ if (show_tipcinfo) {
+ if (oneline)
+ out(" type:%s", stype_nameg[ss.type]);
+ else
+ out("\n type:%s", stype_nameg[ss.type]);
+ out(" cong:%s ",
+ stat[TIPC_NLA_SOCK_STAT_LINK_CONG] ? "link" :
+ stat[TIPC_NLA_SOCK_STAT_CONN_CONG] ? "conn" : "none");
+ out(" drop:%d ",
+ rta_getattr_u32(stat[TIPC_NLA_SOCK_STAT_DROP]));
+
+ if (attrs[TIPC_NLA_SOCK_HAS_PUBL])
+ out(" publ");
+
+ if (con[TIPC_NLA_CON_FLAG])
+ out(" via {%u,%u} ",
+ rta_getattr_u32(con[TIPC_NLA_CON_TYPE]),
+ rta_getattr_u32(con[TIPC_NLA_CON_INST]));
+ }
+
+ return 0;
+}
+
+static int tipc_show(struct filter *f)
+{
+ DIAG_REQUEST(req, struct tipc_sock_diag_req r);
+
+ memset(&req.r, 0, sizeof(req.r));
+ req.r.sdiag_family = AF_TIPC;
+ req.r.tidiag_states = f->states;
+
+ return handle_netlink_request(f, &req.nlh, sizeof(req), tipc_show_sock);
+}
+
struct sock_diag_msg {
__u8 sdiag_family;
};
-static int generic_show_sock(const struct sockaddr_nl *addr,
- struct nlmsghdr *nlh, void *arg)
+static int generic_show_sock(struct nlmsghdr *nlh, void *arg)
{
struct sock_diag_msg *r = NLMSG_DATA(nlh);
struct inet_diag_arg inet_arg = { .f = arg, .protocol = IPPROTO_MAX };
+ int ret;
switch (r->sdiag_family) {
case AF_INET:
case AF_INET6:
- return show_one_inet_sock(addr, nlh, &inet_arg);
+ inet_arg.rth = inet_arg.f->rth_for_killing;
+ ret = show_one_inet_sock(nlh, &inet_arg);
+ break;
case AF_UNIX:
- return unix_show_sock(addr, nlh, arg);
+ ret = unix_show_sock(nlh, arg);
+ break;
case AF_PACKET:
- return packet_show_sock(addr, nlh, arg);
+ ret = packet_show_sock(nlh, arg);
+ break;
case AF_NETLINK:
- return netlink_show_sock(addr, nlh, arg);
+ ret = netlink_show_sock(nlh, arg);
+ break;
case AF_VSOCK:
- return vsock_show_sock(addr, nlh, arg);
+ ret = vsock_show_sock(nlh, arg);
+ break;
+ case AF_XDP:
+ ret = xdp_show_sock(nlh, arg);
+ break;
default:
- return -1;
+ ret = -1;
}
+
+ render();
+
+ return ret;
}
static int handle_follow_request(struct filter *f)
{
int ret = 0;
int groups = 0;
- struct rtnl_handle rth;
+ struct rtnl_handle rth, rth2;
if (f->families & FAMILY_MASK(AF_INET) && f->dbs & (1 << TCP_DB))
groups |= 1 << (SKNLGRP_INET_TCP_DESTROY - 1);
rth.dump = 0;
rth.local.nl_pid = 0;
+ if (f->kill) {
+ if (rtnl_open_byproto(&rth2, groups, NETLINK_SOCK_DIAG)) {
+ rtnl_close(&rth);
+ return -1;
+ }
+ f->rth_for_killing = &rth2;
+ }
+
if (rtnl_dump_filter(&rth, generic_show_sock, f))
ret = -1;
rtnl_close(&rth);
+ if (f->rth_for_killing)
+ rtnl_close(f->rth_for_killing);
return ret;
}
if (get_snmp_int("Tcp:", "CurrEstab", &tcp_estab) < 0)
perror("ss: get_snmpstat");
- get_slabstat(&slabstat);
-
- printf("Total: %d (kernel %d)\n", s.socks, slabstat.socks);
+ printf("Total: %d\n", s.socks);
- printf("TCP: %d (estab %d, closed %d, orphaned %d, synrecv %d, timewait %d/%d), ports %d\n",
- s.tcp_total + slabstat.tcp_syns + s.tcp_tws,
- tcp_estab,
- s.tcp_total - (s.tcp4_hashed+s.tcp6_hashed-s.tcp_tws),
- s.tcp_orphans,
- slabstat.tcp_syns,
- s.tcp_tws, slabstat.tcp_tws,
- slabstat.tcp_ports
- );
+ printf("TCP: %d (estab %d, closed %d, orphaned %d, timewait %d)\n",
+ s.tcp_total + s.tcp_tws, tcp_estab,
+ s.tcp_total - (s.tcp4_hashed + s.tcp6_hashed - s.tcp_tws),
+ s.tcp_orphans, s.tcp_tws);
printf("\n");
printf("Transport Total IP IPv6\n");
- printf("* %-9d %-9s %-9s\n", slabstat.socks, "-", "-");
printf("RAW %-9d %-9d %-9d\n", s.raw4+s.raw6, s.raw4, s.raw6);
printf("UDP %-9d %-9d %-9d\n", s.udp4+s.udp6, s.udp4, s.udp6);
printf("TCP %-9d %-9d %-9d\n", s.tcp4_hashed+s.tcp6_hashed, s.tcp4_hashed, s.tcp6_hashed);
" -m, --memory show socket memory usage\n"
" -p, --processes show process using socket\n"
" -i, --info show internal TCP information\n"
+" --tipcinfo show internal tipc socket information\n"
" -s, --summary show socket usage summary\n"
+" --tos show tos and priority information\n"
+" --cgroup show cgroup information\n"
" -b, --bpf show bpf filter socket information\n"
" -E, --events continually display sockets as they are destroyed\n"
" -Z, --context display process SELinux security contexts\n"
" -d, --dccp display only DCCP sockets\n"
" -w, --raw display only RAW sockets\n"
" -x, --unix display only Unix domain sockets\n"
+" --tipc display only TIPC sockets\n"
" --vsock display only vsock sockets\n"
" -f, --family=FAMILY display sockets of type FAMILY\n"
-" FAMILY := {inet|inet6|link|unix|netlink|vsock|help}\n"
+" FAMILY := {inet|inet6|link|unix|netlink|vsock|tipc|xdp|help}\n"
"\n"
" -K, --kill forcibly close sockets, display what was closed\n"
" -H, --no-header Suppress header line\n"
+" -O, --oneline socket's data printed on a single line\n"
"\n"
" -A, --query=QUERY, --socket=QUERY\n"
-" QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram}[,QUERY]\n"
+" QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram|tipc}[,QUERY]\n"
"\n"
" -D, --diag=FILE Dump raw information about TCP sockets to FILE\n"
" -F, --filter=FILE read filter information from FILE\n"
/* Values 'v' and 'V' are already used so a non-character is used */
#define OPT_VSOCK 256
+/* Values of 't' are already used so a non-character is used */
+#define OPT_TIPCSOCK 257
+#define OPT_TIPCINFO 258
+
+#define OPT_TOS 259
+
+/* Values of 'x' are already used so a non-character is used */
+#define OPT_XDPSOCK 260
+
+#define OPT_CGROUP 261
+
static const struct option long_opts[] = {
{ "numeric", 0, 0, 'n' },
{ "resolve", 0, 0, 'r' },
{ "udp", 0, 0, 'u' },
{ "raw", 0, 0, 'w' },
{ "unix", 0, 0, 'x' },
+ { "tipc", 0, 0, OPT_TIPCSOCK},
{ "vsock", 0, 0, OPT_VSOCK },
{ "all", 0, 0, 'a' },
{ "listening", 0, 0, 'l' },
{ "context", 0, 0, 'Z' },
{ "contexts", 0, 0, 'z' },
{ "net", 1, 0, 'N' },
+ { "tipcinfo", 0, 0, OPT_TIPCINFO},
+ { "tos", 0, 0, OPT_TOS },
+ { "cgroup", 0, 0, OPT_CGROUP },
{ "kill", 0, 0, 'K' },
{ "no-header", 0, 0, 'H' },
+ { "xdp", 0, 0, OPT_XDPSOCK},
+ { "oneline", 0, 0, 'O' },
{ 0 }
};
FILE *filter_fp = NULL;
int ch;
int state_filter = 0;
- int screen_width = 80;
while ((ch = getopt_long(argc, argv,
- "dhaletuwxnro460spbEf:miA:D:F:vVzZN:KHS",
+ "dhaletuwxnro460spbEf:miA:D:F:vVzZN:KHSO",
long_opts, NULL)) != EOF) {
switch (ch) {
case 'n':
- resolve_services = 0;
+ numeric = 1;
break;
case 'r':
resolve_hosts = 1;
follow_events = 1;
break;
case 'd':
- filter_db_set(¤t_filter, DCCP_DB);
+ filter_db_set(¤t_filter, DCCP_DB, true);
break;
case 't':
- filter_db_set(¤t_filter, TCP_DB);
+ filter_db_set(¤t_filter, TCP_DB, true);
break;
case 'S':
- filter_db_set(¤t_filter, SCTP_DB);
+ filter_db_set(¤t_filter, SCTP_DB, true);
break;
case 'u':
- filter_db_set(¤t_filter, UDP_DB);
+ filter_db_set(¤t_filter, UDP_DB, true);
break;
case 'w':
- filter_db_set(¤t_filter, RAW_DB);
+ filter_db_set(¤t_filter, RAW_DB, true);
break;
case 'x':
filter_af_set(¤t_filter, AF_UNIX);
case OPT_VSOCK:
filter_af_set(¤t_filter, AF_VSOCK);
break;
+ case OPT_TIPCSOCK:
+ filter_af_set(¤t_filter, AF_TIPC);
+ break;
case 'a':
state_filter = SS_ALL;
break;
case '0':
filter_af_set(¤t_filter, AF_PACKET);
break;
+ case OPT_XDPSOCK:
+ filter_af_set(¤t_filter, AF_XDP);
+ break;
case 'f':
if (strcmp(optarg, "inet") == 0)
filter_af_set(¤t_filter, AF_INET);
filter_af_set(¤t_filter, AF_UNIX);
else if (strcmp(optarg, "netlink") == 0)
filter_af_set(¤t_filter, AF_NETLINK);
+ else if (strcmp(optarg, "tipc") == 0)
+ filter_af_set(¤t_filter, AF_TIPC);
else if (strcmp(optarg, "vsock") == 0)
filter_af_set(¤t_filter, AF_VSOCK);
+ else if (strcmp(optarg, "xdp") == 0)
+ filter_af_set(¤t_filter, AF_XDP);
else if (strcmp(optarg, "help") == 0)
help();
else {
do {
if ((p1 = strchr(p, ',')) != NULL)
*p1 = 0;
- if (strcmp(p, "all") == 0) {
- filter_default_dbs(¤t_filter);
- } else if (strcmp(p, "inet") == 0) {
- filter_db_set(¤t_filter, UDP_DB);
- filter_db_set(¤t_filter, DCCP_DB);
- filter_db_set(¤t_filter, TCP_DB);
- filter_db_set(¤t_filter, SCTP_DB);
- filter_db_set(¤t_filter, RAW_DB);
- } else if (strcmp(p, "udp") == 0) {
- filter_db_set(¤t_filter, UDP_DB);
- } else if (strcmp(p, "dccp") == 0) {
- filter_db_set(¤t_filter, DCCP_DB);
- } else if (strcmp(p, "tcp") == 0) {
- filter_db_set(¤t_filter, TCP_DB);
- } else if (strcmp(p, "sctp") == 0) {
- filter_db_set(¤t_filter, SCTP_DB);
- } else if (strcmp(p, "raw") == 0) {
- filter_db_set(¤t_filter, RAW_DB);
- } else if (strcmp(p, "unix") == 0) {
- filter_db_set(¤t_filter, UNIX_ST_DB);
- filter_db_set(¤t_filter, UNIX_DG_DB);
- filter_db_set(¤t_filter, UNIX_SQ_DB);
- } else if (strcasecmp(p, "unix_stream") == 0 ||
- strcmp(p, "u_str") == 0) {
- filter_db_set(¤t_filter, UNIX_ST_DB);
- } else if (strcasecmp(p, "unix_dgram") == 0 ||
- strcmp(p, "u_dgr") == 0) {
- filter_db_set(¤t_filter, UNIX_DG_DB);
- } else if (strcasecmp(p, "unix_seqpacket") == 0 ||
- strcmp(p, "u_seq") == 0) {
- filter_db_set(¤t_filter, UNIX_SQ_DB);
- } else if (strcmp(p, "packet") == 0) {
- filter_db_set(¤t_filter, PACKET_R_DB);
- filter_db_set(¤t_filter, PACKET_DG_DB);
- } else if (strcmp(p, "packet_raw") == 0 ||
- strcmp(p, "p_raw") == 0) {
- filter_db_set(¤t_filter, PACKET_R_DB);
- } else if (strcmp(p, "packet_dgram") == 0 ||
- strcmp(p, "p_dgr") == 0) {
- filter_db_set(¤t_filter, PACKET_DG_DB);
- } else if (strcmp(p, "netlink") == 0) {
- filter_db_set(¤t_filter, NETLINK_DB);
- } else if (strcmp(p, "vsock") == 0) {
- filter_db_set(¤t_filter, VSOCK_ST_DB);
- filter_db_set(¤t_filter, VSOCK_DG_DB);
- } else if (strcmp(p, "vsock_stream") == 0 ||
- strcmp(p, "v_str") == 0) {
- filter_db_set(¤t_filter, VSOCK_ST_DB);
- } else if (strcmp(p, "vsock_dgram") == 0 ||
- strcmp(p, "v_dgr") == 0) {
- filter_db_set(¤t_filter, VSOCK_DG_DB);
- } else {
+ if (filter_db_parse(¤t_filter, p)) {
fprintf(stderr, "ss: \"%s\" is illegal socket table id\n", p);
usage();
}
if (netns_switch(optarg))
exit(1);
break;
+ case OPT_TIPCINFO:
+ show_tipcinfo = 1;
+ break;
+ case OPT_TOS:
+ show_tos = 1;
+ break;
+ case OPT_CGROUP:
+ show_cgroup = 1;
+ break;
case 'K':
current_filter.kill = 1;
break;
case 'H':
show_header = 0;
break;
+ case 'O':
+ oneline = 1;
+ break;
case 'h':
help();
case '?':
if (do_default) {
state_filter = state_filter ? state_filter : SS_CONN;
- filter_default_dbs(¤t_filter);
+ filter_db_parse(¤t_filter, "all");
}
filter_states_set(¤t_filter, state_filter);
filter_merge_defaults(¤t_filter);
- if (resolve_services && resolve_hosts &&
+ if (!numeric && resolve_hosts &&
(current_filter.dbs & (UNIX_DBM|INET_L4_DBM)))
init_service_resolver();
if (!(current_filter.states & (current_filter.states - 1)))
columns[COL_STATE].disabled = 1;
- if (isatty(STDOUT_FILENO)) {
- struct winsize w;
-
- if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1) {
- if (w.ws_col > 0)
- screen_width = w.ws_col;
- }
- }
-
if (show_header)
print_header();
sctp_show(¤t_filter);
if (current_filter.dbs & VSOCK_DBM)
vsock_show(¤t_filter);
+ if (current_filter.dbs & (1<<TIPC_DB))
+ tipc_show(¤t_filter);
+ if (current_filter.dbs & (1<<XDP_DB))
+ xdp_show(¤t_filter);
if (show_users || show_proc_ctx || show_sock_ctx)
user_ent_destroy();
- render(screen_width);
+ render();
return 0;
}