]> git.proxmox.com Git - mirror_iproute2.git/blob - misc/ss.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
use print_{,h}hu instead of print_uint when format specifier is %{,h}hu
[mirror_iproute2.git] / misc / ss.c
1 /*
2 * ss.c "sockstat", socket statistics
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
10 */
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <unistd.h>
15 #include <fcntl.h>
16 #include <sys/ioctl.h>
17 #include <sys/socket.h>
18 #include <sys/uio.h>
19 #include <sys/sysmacros.h>
20 #include <netinet/in.h>
21 #include <string.h>
22 #include <errno.h>
23 #include <netdb.h>
24 #include <arpa/inet.h>
25 #include <dirent.h>
26 #include <fnmatch.h>
27 #include <getopt.h>
28 #include <stdbool.h>
29 #include <limits.h>
30 #include <stdarg.h>
31
32 #include "utils.h"
33 #include "rt_names.h"
34 #include "ll_map.h"
35 #include "libnetlink.h"
36 #include "namespace.h"
37 #include "SNAPSHOT.h"
38
39 #include <linux/tcp.h>
40 #include <linux/sock_diag.h>
41 #include <linux/inet_diag.h>
42 #include <linux/unix_diag.h>
43 #include <linux/netdevice.h> /* for MAX_ADDR_LEN */
44 #include <linux/filter.h>
45 #include <linux/xdp_diag.h>
46 #include <linux/packet_diag.h>
47 #include <linux/netlink_diag.h>
48 #include <linux/sctp.h>
49 #include <linux/vm_sockets_diag.h>
50 #include <linux/net.h>
51 #include <linux/tipc.h>
52 #include <linux/tipc_netlink.h>
53 #include <linux/tipc_sockets_diag.h>
54
55 #define MAGIC_SEQ 123456
56 #define BUF_CHUNK (1024 * 1024)
57 #define LEN_ALIGN(x) (((x) + 1) & ~1)
58
59 #define DIAG_REQUEST(_req, _r) \
60 struct { \
61 struct nlmsghdr nlh; \
62 _r; \
63 } _req = { \
64 .nlh = { \
65 .nlmsg_type = SOCK_DIAG_BY_FAMILY, \
66 .nlmsg_flags = NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST,\
67 .nlmsg_seq = MAGIC_SEQ, \
68 .nlmsg_len = sizeof(_req), \
69 }, \
70 }
71
72 #if HAVE_SELINUX
73 #include <selinux/selinux.h>
74 #else
75 /* Stubs for SELinux functions */
76 static int is_selinux_enabled(void)
77 {
78 return -1;
79 }
80
81 static int getpidcon(pid_t pid, char **context)
82 {
83 *context = NULL;
84 return -1;
85 }
86
87 static int getfilecon(char *path, char **context)
88 {
89 *context = NULL;
90 return -1;
91 }
92
93 static int security_get_initial_context(char *name, char **context)
94 {
95 *context = NULL;
96 return -1;
97 }
98 #endif
99
100 static int resolve_services = 1;
101 int preferred_family = AF_UNSPEC;
102 static int show_options;
103 int show_details;
104 static int show_users;
105 static int show_mem;
106 static int show_tcpinfo;
107 static int show_bpf;
108 static int show_proc_ctx;
109 static int show_sock_ctx;
110 static int show_header = 1;
111 static int follow_events;
112 static int sctp_ino;
113 static int show_tipcinfo;
114
115 enum col_id {
116 COL_NETID,
117 COL_STATE,
118 COL_RECVQ,
119 COL_SENDQ,
120 COL_ADDR,
121 COL_SERV,
122 COL_RADDR,
123 COL_RSERV,
124 COL_EXT,
125 COL_MAX
126 };
127
128 enum col_align {
129 ALIGN_LEFT,
130 ALIGN_CENTER,
131 ALIGN_RIGHT
132 };
133
134 struct column {
135 const enum col_align align;
136 const char *header;
137 const char *ldelim;
138 int disabled;
139 int width; /* Calculated, including additional layout spacing */
140 int max_len; /* Measured maximum field length in this column */
141 };
142
143 static struct column columns[] = {
144 { ALIGN_LEFT, "Netid", "", 0, 0, 0 },
145 { ALIGN_LEFT, "State", " ", 0, 0, 0 },
146 { ALIGN_LEFT, "Recv-Q", " ", 0, 0, 0 },
147 { ALIGN_LEFT, "Send-Q", " ", 0, 0, 0 },
148 { ALIGN_RIGHT, "Local Address:", " ", 0, 0, 0 },
149 { ALIGN_LEFT, "Port", "", 0, 0, 0 },
150 { ALIGN_RIGHT, "Peer Address:", " ", 0, 0, 0 },
151 { ALIGN_LEFT, "Port", "", 0, 0, 0 },
152 { ALIGN_LEFT, "", "", 0, 0, 0 },
153 };
154
155 static struct column *current_field = columns;
156
157 /* Output buffer: chained chunks of BUF_CHUNK bytes. Each field is written to
158 * the buffer as a variable size token. A token consists of a 16 bits length
159 * field, followed by a string which is not NULL-terminated.
160 *
161 * A new chunk is allocated and linked when the current chunk doesn't have
162 * enough room to store the current token as a whole.
163 */
164 struct buf_chunk {
165 struct buf_chunk *next; /* Next chained chunk */
166 char *end; /* Current end of content */
167 char data[0];
168 };
169
170 struct buf_token {
171 uint16_t len; /* Data length, excluding length descriptor */
172 char data[0];
173 };
174
175 static struct {
176 struct buf_token *cur; /* Position of current token in chunk */
177 struct buf_chunk *head; /* First chunk */
178 struct buf_chunk *tail; /* Current chunk */
179 } buffer;
180
181 static const char *TCP_PROTO = "tcp";
182 static const char *SCTP_PROTO = "sctp";
183 static const char *UDP_PROTO = "udp";
184 static const char *RAW_PROTO = "raw";
185 static const char *dg_proto;
186
187 enum {
188 TCP_DB,
189 DCCP_DB,
190 UDP_DB,
191 RAW_DB,
192 UNIX_DG_DB,
193 UNIX_ST_DB,
194 UNIX_SQ_DB,
195 PACKET_DG_DB,
196 PACKET_R_DB,
197 NETLINK_DB,
198 SCTP_DB,
199 VSOCK_ST_DB,
200 VSOCK_DG_DB,
201 TIPC_DB,
202 XDP_DB,
203 MAX_DB
204 };
205
206 #define PACKET_DBM ((1<<PACKET_DG_DB)|(1<<PACKET_R_DB))
207 #define UNIX_DBM ((1<<UNIX_DG_DB)|(1<<UNIX_ST_DB)|(1<<UNIX_SQ_DB))
208 #define ALL_DB ((1<<MAX_DB)-1)
209 #define INET_L4_DBM ((1<<TCP_DB)|(1<<UDP_DB)|(1<<DCCP_DB)|(1<<SCTP_DB))
210 #define INET_DBM (INET_L4_DBM | (1<<RAW_DB))
211 #define VSOCK_DBM ((1<<VSOCK_ST_DB)|(1<<VSOCK_DG_DB))
212
213 enum {
214 SS_UNKNOWN,
215 SS_ESTABLISHED,
216 SS_SYN_SENT,
217 SS_SYN_RECV,
218 SS_FIN_WAIT1,
219 SS_FIN_WAIT2,
220 SS_TIME_WAIT,
221 SS_CLOSE,
222 SS_CLOSE_WAIT,
223 SS_LAST_ACK,
224 SS_LISTEN,
225 SS_CLOSING,
226 SS_MAX
227 };
228
229 enum {
230 SCTP_STATE_CLOSED = 0,
231 SCTP_STATE_COOKIE_WAIT = 1,
232 SCTP_STATE_COOKIE_ECHOED = 2,
233 SCTP_STATE_ESTABLISHED = 3,
234 SCTP_STATE_SHUTDOWN_PENDING = 4,
235 SCTP_STATE_SHUTDOWN_SENT = 5,
236 SCTP_STATE_SHUTDOWN_RECEIVED = 6,
237 SCTP_STATE_SHUTDOWN_ACK_SENT = 7,
238 };
239
240 #define SS_ALL ((1 << SS_MAX) - 1)
241 #define SS_CONN (SS_ALL & ~((1<<SS_LISTEN)|(1<<SS_CLOSE)|(1<<SS_TIME_WAIT)|(1<<SS_SYN_RECV)))
242 #define TIPC_SS_CONN ((1<<SS_ESTABLISHED)|(1<<SS_LISTEN)|(1<<SS_CLOSE))
243
244 #include "ssfilter.h"
245
246 struct filter {
247 int dbs;
248 int states;
249 uint64_t families;
250 struct ssfilter *f;
251 bool kill;
252 struct rtnl_handle *rth_for_killing;
253 };
254
255 #define FAMILY_MASK(family) ((uint64_t)1 << (family))
256
257 static const struct filter default_dbs[MAX_DB] = {
258 [TCP_DB] = {
259 .states = SS_CONN,
260 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
261 },
262 [DCCP_DB] = {
263 .states = SS_CONN,
264 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
265 },
266 [UDP_DB] = {
267 .states = (1 << SS_ESTABLISHED),
268 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
269 },
270 [RAW_DB] = {
271 .states = (1 << SS_ESTABLISHED),
272 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
273 },
274 [UNIX_DG_DB] = {
275 .states = (1 << SS_CLOSE),
276 .families = FAMILY_MASK(AF_UNIX),
277 },
278 [UNIX_ST_DB] = {
279 .states = SS_CONN,
280 .families = FAMILY_MASK(AF_UNIX),
281 },
282 [UNIX_SQ_DB] = {
283 .states = SS_CONN,
284 .families = FAMILY_MASK(AF_UNIX),
285 },
286 [PACKET_DG_DB] = {
287 .states = (1 << SS_CLOSE),
288 .families = FAMILY_MASK(AF_PACKET),
289 },
290 [PACKET_R_DB] = {
291 .states = (1 << SS_CLOSE),
292 .families = FAMILY_MASK(AF_PACKET),
293 },
294 [NETLINK_DB] = {
295 .states = (1 << SS_CLOSE),
296 .families = FAMILY_MASK(AF_NETLINK),
297 },
298 [SCTP_DB] = {
299 .states = SS_CONN,
300 .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),
301 },
302 [VSOCK_ST_DB] = {
303 .states = SS_CONN,
304 .families = FAMILY_MASK(AF_VSOCK),
305 },
306 [VSOCK_DG_DB] = {
307 .states = SS_CONN,
308 .families = FAMILY_MASK(AF_VSOCK),
309 },
310 [TIPC_DB] = {
311 .states = TIPC_SS_CONN,
312 .families = FAMILY_MASK(AF_TIPC),
313 },
314 [XDP_DB] = {
315 .states = (1 << SS_CLOSE),
316 .families = FAMILY_MASK(AF_XDP),
317 },
318 };
319
320 static const struct filter default_afs[AF_MAX] = {
321 [AF_INET] = {
322 .dbs = INET_DBM,
323 .states = SS_CONN,
324 },
325 [AF_INET6] = {
326 .dbs = INET_DBM,
327 .states = SS_CONN,
328 },
329 [AF_UNIX] = {
330 .dbs = UNIX_DBM,
331 .states = SS_CONN,
332 },
333 [AF_PACKET] = {
334 .dbs = PACKET_DBM,
335 .states = (1 << SS_CLOSE),
336 },
337 [AF_NETLINK] = {
338 .dbs = (1 << NETLINK_DB),
339 .states = (1 << SS_CLOSE),
340 },
341 [AF_VSOCK] = {
342 .dbs = VSOCK_DBM,
343 .states = SS_CONN,
344 },
345 [AF_TIPC] = {
346 .dbs = (1 << TIPC_DB),
347 .states = TIPC_SS_CONN,
348 },
349 [AF_XDP] = {
350 .dbs = (1 << XDP_DB),
351 .states = (1 << SS_CLOSE),
352 },
353 };
354
355 static int do_default = 1;
356 static struct filter current_filter;
357
358 static void filter_db_set(struct filter *f, int db, bool enable)
359 {
360 if (enable) {
361 f->states |= default_dbs[db].states;
362 f->dbs |= 1 << db;
363 } else {
364 f->dbs &= ~(1 << db);
365 }
366 do_default = 0;
367 }
368
369 static int filter_db_parse(struct filter *f, const char *s)
370 {
371 const struct {
372 const char *name;
373 int dbs[MAX_DB + 1];
374 } db_name_tbl[] = {
375 #define ENTRY(name, ...) { #name, { __VA_ARGS__, MAX_DB } }
376 ENTRY(all, UDP_DB, DCCP_DB, TCP_DB, RAW_DB,
377 UNIX_ST_DB, UNIX_DG_DB, UNIX_SQ_DB,
378 PACKET_R_DB, PACKET_DG_DB, NETLINK_DB,
379 SCTP_DB, VSOCK_ST_DB, VSOCK_DG_DB, XDP_DB),
380 ENTRY(inet, UDP_DB, DCCP_DB, TCP_DB, SCTP_DB, RAW_DB),
381 ENTRY(udp, UDP_DB),
382 ENTRY(dccp, DCCP_DB),
383 ENTRY(tcp, TCP_DB),
384 ENTRY(sctp, SCTP_DB),
385 ENTRY(raw, RAW_DB),
386 ENTRY(unix, UNIX_ST_DB, UNIX_DG_DB, UNIX_SQ_DB),
387 ENTRY(unix_stream, UNIX_ST_DB),
388 ENTRY(u_str, UNIX_ST_DB), /* alias for unix_stream */
389 ENTRY(unix_dgram, UNIX_DG_DB),
390 ENTRY(u_dgr, UNIX_DG_DB), /* alias for unix_dgram */
391 ENTRY(unix_seqpacket, UNIX_SQ_DB),
392 ENTRY(u_seq, UNIX_SQ_DB), /* alias for unix_seqpacket */
393 ENTRY(packet, PACKET_R_DB, PACKET_DG_DB),
394 ENTRY(packet_raw, PACKET_R_DB),
395 ENTRY(p_raw, PACKET_R_DB), /* alias for packet_raw */
396 ENTRY(packet_dgram, PACKET_DG_DB),
397 ENTRY(p_dgr, PACKET_DG_DB), /* alias for packet_dgram */
398 ENTRY(netlink, NETLINK_DB),
399 ENTRY(vsock, VSOCK_ST_DB, VSOCK_DG_DB),
400 ENTRY(vsock_stream, VSOCK_ST_DB),
401 ENTRY(v_str, VSOCK_ST_DB), /* alias for vsock_stream */
402 ENTRY(vsock_dgram, VSOCK_DG_DB),
403 ENTRY(v_dgr, VSOCK_DG_DB), /* alias for vsock_dgram */
404 ENTRY(xdp, XDP_DB),
405 #undef ENTRY
406 };
407 bool enable = true;
408 unsigned int i;
409 const int *dbp;
410
411 if (s[0] == '!') {
412 enable = false;
413 s++;
414 }
415 for (i = 0; i < ARRAY_SIZE(db_name_tbl); i++) {
416 if (strcmp(s, db_name_tbl[i].name))
417 continue;
418 for (dbp = db_name_tbl[i].dbs; *dbp != MAX_DB; dbp++)
419 filter_db_set(f, *dbp, enable);
420 return 0;
421 }
422 return -1;
423 }
424
425 static void filter_af_set(struct filter *f, int af)
426 {
427 f->states |= default_afs[af].states;
428 f->families |= FAMILY_MASK(af);
429 do_default = 0;
430 preferred_family = af;
431 }
432
433 static int filter_af_get(struct filter *f, int af)
434 {
435 return !!(f->families & FAMILY_MASK(af));
436 }
437
438 static void filter_states_set(struct filter *f, int states)
439 {
440 if (states)
441 f->states = states;
442 }
443
444 static void filter_merge_defaults(struct filter *f)
445 {
446 int db;
447 int af;
448
449 for (db = 0; db < MAX_DB; db++) {
450 if (!(f->dbs & (1 << db)))
451 continue;
452
453 if (!(default_dbs[db].families & f->families))
454 f->families |= default_dbs[db].families;
455 }
456 for (af = 0; af < AF_MAX; af++) {
457 if (!(f->families & FAMILY_MASK(af)))
458 continue;
459
460 if (!(default_afs[af].dbs & f->dbs))
461 f->dbs |= default_afs[af].dbs;
462 }
463 }
464
465 static FILE *generic_proc_open(const char *env, const char *name)
466 {
467 const char *p = getenv(env);
468 char store[128];
469
470 if (!p) {
471 p = getenv("PROC_ROOT") ? : "/proc";
472 snprintf(store, sizeof(store)-1, "%s/%s", p, name);
473 p = store;
474 }
475
476 return fopen(p, "r");
477 }
478 #define net_tcp_open() generic_proc_open("PROC_NET_TCP", "net/tcp")
479 #define net_tcp6_open() generic_proc_open("PROC_NET_TCP6", "net/tcp6")
480 #define net_udp_open() generic_proc_open("PROC_NET_UDP", "net/udp")
481 #define net_udp6_open() generic_proc_open("PROC_NET_UDP6", "net/udp6")
482 #define net_raw_open() generic_proc_open("PROC_NET_RAW", "net/raw")
483 #define net_raw6_open() generic_proc_open("PROC_NET_RAW6", "net/raw6")
484 #define net_unix_open() generic_proc_open("PROC_NET_UNIX", "net/unix")
485 #define net_packet_open() generic_proc_open("PROC_NET_PACKET", \
486 "net/packet")
487 #define net_netlink_open() generic_proc_open("PROC_NET_NETLINK", \
488 "net/netlink")
489 #define net_sockstat_open() generic_proc_open("PROC_NET_SOCKSTAT", \
490 "net/sockstat")
491 #define net_sockstat6_open() generic_proc_open("PROC_NET_SOCKSTAT6", \
492 "net/sockstat6")
493 #define net_snmp_open() generic_proc_open("PROC_NET_SNMP", "net/snmp")
494 #define ephemeral_ports_open() generic_proc_open("PROC_IP_LOCAL_PORT_RANGE", \
495 "sys/net/ipv4/ip_local_port_range")
496
497 struct user_ent {
498 struct user_ent *next;
499 unsigned int ino;
500 int pid;
501 int fd;
502 char *process;
503 char *process_ctx;
504 char *socket_ctx;
505 };
506
507 #define USER_ENT_HASH_SIZE 256
508 static struct user_ent *user_ent_hash[USER_ENT_HASH_SIZE];
509
510 static int user_ent_hashfn(unsigned int ino)
511 {
512 int val = (ino >> 24) ^ (ino >> 16) ^ (ino >> 8) ^ ino;
513
514 return val & (USER_ENT_HASH_SIZE - 1);
515 }
516
517 static void user_ent_add(unsigned int ino, char *process,
518 int pid, int fd,
519 char *proc_ctx,
520 char *sock_ctx)
521 {
522 struct user_ent *p, **pp;
523
524 p = malloc(sizeof(struct user_ent));
525 if (!p) {
526 fprintf(stderr, "ss: failed to malloc buffer\n");
527 abort();
528 }
529 p->next = NULL;
530 p->ino = ino;
531 p->pid = pid;
532 p->fd = fd;
533 p->process = strdup(process);
534 p->process_ctx = strdup(proc_ctx);
535 p->socket_ctx = strdup(sock_ctx);
536
537 pp = &user_ent_hash[user_ent_hashfn(ino)];
538 p->next = *pp;
539 *pp = p;
540 }
541
542 static void user_ent_destroy(void)
543 {
544 struct user_ent *p, *p_next;
545 int cnt = 0;
546
547 while (cnt != USER_ENT_HASH_SIZE) {
548 p = user_ent_hash[cnt];
549 while (p) {
550 free(p->process);
551 free(p->process_ctx);
552 free(p->socket_ctx);
553 p_next = p->next;
554 free(p);
555 p = p_next;
556 }
557 cnt++;
558 }
559 }
560
561 static void user_ent_hash_build(void)
562 {
563 const char *root = getenv("PROC_ROOT") ? : "/proc/";
564 struct dirent *d;
565 char name[1024];
566 int nameoff;
567 DIR *dir;
568 char *pid_context;
569 char *sock_context;
570 const char *no_ctx = "unavailable";
571 static int user_ent_hash_build_init;
572
573 /* If show_users & show_proc_ctx set only do this once */
574 if (user_ent_hash_build_init != 0)
575 return;
576
577 user_ent_hash_build_init = 1;
578
579 strlcpy(name, root, sizeof(name));
580
581 if (strlen(name) == 0 || name[strlen(name)-1] != '/')
582 strcat(name, "/");
583
584 nameoff = strlen(name);
585
586 dir = opendir(name);
587 if (!dir)
588 return;
589
590 while ((d = readdir(dir)) != NULL) {
591 struct dirent *d1;
592 char process[16];
593 char *p;
594 int pid, pos;
595 DIR *dir1;
596 char crap;
597
598 if (sscanf(d->d_name, "%d%c", &pid, &crap) != 1)
599 continue;
600
601 if (getpidcon(pid, &pid_context) != 0)
602 pid_context = strdup(no_ctx);
603
604 snprintf(name + nameoff, sizeof(name) - nameoff, "%d/fd/", pid);
605 pos = strlen(name);
606 if ((dir1 = opendir(name)) == NULL) {
607 free(pid_context);
608 continue;
609 }
610
611 process[0] = '\0';
612 p = process;
613
614 while ((d1 = readdir(dir1)) != NULL) {
615 const char *pattern = "socket:[";
616 unsigned int ino;
617 char lnk[64];
618 int fd;
619 ssize_t link_len;
620 char tmp[1024];
621
622 if (sscanf(d1->d_name, "%d%c", &fd, &crap) != 1)
623 continue;
624
625 snprintf(name+pos, sizeof(name) - pos, "%d", fd);
626
627 link_len = readlink(name, lnk, sizeof(lnk)-1);
628 if (link_len == -1)
629 continue;
630 lnk[link_len] = '\0';
631
632 if (strncmp(lnk, pattern, strlen(pattern)))
633 continue;
634
635 sscanf(lnk, "socket:[%u]", &ino);
636
637 snprintf(tmp, sizeof(tmp), "%s/%d/fd/%s",
638 root, pid, d1->d_name);
639
640 if (getfilecon(tmp, &sock_context) <= 0)
641 sock_context = strdup(no_ctx);
642
643 if (*p == '\0') {
644 FILE *fp;
645
646 snprintf(tmp, sizeof(tmp), "%s/%d/stat",
647 root, pid);
648 if ((fp = fopen(tmp, "r")) != NULL) {
649 if (fscanf(fp, "%*d (%[^)])", p) < 1)
650 ; /* ignore */
651 fclose(fp);
652 }
653 }
654 user_ent_add(ino, p, pid, fd,
655 pid_context, sock_context);
656 free(sock_context);
657 }
658 free(pid_context);
659 closedir(dir1);
660 }
661 closedir(dir);
662 }
663
664 enum entry_types {
665 USERS,
666 PROC_CTX,
667 PROC_SOCK_CTX
668 };
669
670 #define ENTRY_BUF_SIZE 512
671 static int find_entry(unsigned int ino, char **buf, int type)
672 {
673 struct user_ent *p;
674 int cnt = 0;
675 char *ptr;
676 char *new_buf;
677 int len, new_buf_len;
678 int buf_used = 0;
679 int buf_len = 0;
680
681 if (!ino)
682 return 0;
683
684 p = user_ent_hash[user_ent_hashfn(ino)];
685 ptr = *buf = NULL;
686 while (p) {
687 if (p->ino != ino)
688 goto next;
689
690 while (1) {
691 ptr = *buf + buf_used;
692 switch (type) {
693 case USERS:
694 len = snprintf(ptr, buf_len - buf_used,
695 "(\"%s\",pid=%d,fd=%d),",
696 p->process, p->pid, p->fd);
697 break;
698 case PROC_CTX:
699 len = snprintf(ptr, buf_len - buf_used,
700 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d),",
701 p->process, p->pid,
702 p->process_ctx, p->fd);
703 break;
704 case PROC_SOCK_CTX:
705 len = snprintf(ptr, buf_len - buf_used,
706 "(\"%s\",pid=%d,proc_ctx=%s,fd=%d,sock_ctx=%s),",
707 p->process, p->pid,
708 p->process_ctx, p->fd,
709 p->socket_ctx);
710 break;
711 default:
712 fprintf(stderr, "ss: invalid type: %d\n", type);
713 abort();
714 }
715
716 if (len < 0 || len >= buf_len - buf_used) {
717 new_buf_len = buf_len + ENTRY_BUF_SIZE;
718 new_buf = realloc(*buf, new_buf_len);
719 if (!new_buf) {
720 fprintf(stderr, "ss: failed to malloc buffer\n");
721 abort();
722 }
723 *buf = new_buf;
724 buf_len = new_buf_len;
725 continue;
726 } else {
727 buf_used += len;
728 break;
729 }
730 }
731 cnt++;
732 next:
733 p = p->next;
734 }
735 if (buf_used) {
736 ptr = *buf + buf_used;
737 ptr[-1] = '\0';
738 }
739 return cnt;
740 }
741
742 static unsigned long long cookie_sk_get(const uint32_t *cookie)
743 {
744 return (((unsigned long long)cookie[1] << 31) << 1) | cookie[0];
745 }
746
747 static const char *sctp_sstate_name[] = {
748 [SCTP_STATE_CLOSED] = "CLOSED",
749 [SCTP_STATE_COOKIE_WAIT] = "COOKIE_WAIT",
750 [SCTP_STATE_COOKIE_ECHOED] = "COOKIE_ECHOED",
751 [SCTP_STATE_ESTABLISHED] = "ESTAB",
752 [SCTP_STATE_SHUTDOWN_PENDING] = "SHUTDOWN_PENDING",
753 [SCTP_STATE_SHUTDOWN_SENT] = "SHUTDOWN_SENT",
754 [SCTP_STATE_SHUTDOWN_RECEIVED] = "SHUTDOWN_RECEIVED",
755 [SCTP_STATE_SHUTDOWN_ACK_SENT] = "ACK_SENT",
756 };
757
758 static const char * const stype_nameg[] = {
759 "UNKNOWN",
760 [SOCK_STREAM] = "STREAM",
761 [SOCK_DGRAM] = "DGRAM",
762 [SOCK_RDM] = "RDM",
763 [SOCK_SEQPACKET] = "SEQPACKET",
764 };
765
766 struct sockstat {
767 struct sockstat *next;
768 unsigned int type;
769 uint16_t prot;
770 uint16_t raw_prot;
771 inet_prefix local;
772 inet_prefix remote;
773 int lport;
774 int rport;
775 int state;
776 int rq, wq;
777 unsigned int ino;
778 unsigned int uid;
779 int refcnt;
780 unsigned int iface;
781 unsigned long long sk;
782 char *name;
783 char *peer_name;
784 __u32 mark;
785 };
786
787 struct dctcpstat {
788 unsigned int ce_state;
789 unsigned int alpha;
790 unsigned int ab_ecn;
791 unsigned int ab_tot;
792 bool enabled;
793 };
794
795 struct tcpstat {
796 struct sockstat ss;
797 unsigned int timer;
798 unsigned int timeout;
799 int probes;
800 char cong_alg[16];
801 double rto, ato, rtt, rttvar;
802 int qack, ssthresh, backoff;
803 double send_bps;
804 int snd_wscale;
805 int rcv_wscale;
806 int mss;
807 int rcv_mss;
808 int advmss;
809 unsigned int pmtu;
810 unsigned int cwnd;
811 unsigned int lastsnd;
812 unsigned int lastrcv;
813 unsigned int lastack;
814 double pacing_rate;
815 double pacing_rate_max;
816 double delivery_rate;
817 unsigned long long bytes_acked;
818 unsigned long long bytes_received;
819 unsigned int segs_out;
820 unsigned int segs_in;
821 unsigned int data_segs_out;
822 unsigned int data_segs_in;
823 unsigned int unacked;
824 unsigned int retrans;
825 unsigned int retrans_total;
826 unsigned int lost;
827 unsigned int sacked;
828 unsigned int fackets;
829 unsigned int reordering;
830 unsigned int not_sent;
831 unsigned int delivered;
832 unsigned int delivered_ce;
833 unsigned int dsack_dups;
834 unsigned int reord_seen;
835 double rcv_rtt;
836 double min_rtt;
837 int rcv_space;
838 unsigned int rcv_ssthresh;
839 unsigned long long busy_time;
840 unsigned long long rwnd_limited;
841 unsigned long long sndbuf_limited;
842 unsigned long long bytes_sent;
843 unsigned long long bytes_retrans;
844 bool has_ts_opt;
845 bool has_sack_opt;
846 bool has_ecn_opt;
847 bool has_ecnseen_opt;
848 bool has_fastopen_opt;
849 bool has_wscale_opt;
850 bool app_limited;
851 struct dctcpstat *dctcp;
852 struct tcp_bbr_info *bbr_info;
853 };
854
855 /* SCTP assocs share the same inode number with their parent endpoint. So if we
856 * have seen the inode number before, it must be an assoc instead of the next
857 * endpoint. */
858 static bool is_sctp_assoc(struct sockstat *s, const char *sock_name)
859 {
860 if (strcmp(sock_name, "sctp"))
861 return false;
862 if (!sctp_ino || sctp_ino != s->ino)
863 return false;
864 return true;
865 }
866
867 static const char *unix_netid_name(int type)
868 {
869 switch (type) {
870 case SOCK_STREAM:
871 return "u_str";
872 case SOCK_SEQPACKET:
873 return "u_seq";
874 case SOCK_DGRAM:
875 default:
876 return "u_dgr";
877 }
878 }
879
880 static const char *proto_name(int protocol)
881 {
882 switch (protocol) {
883 case 0:
884 return "raw";
885 case IPPROTO_UDP:
886 return "udp";
887 case IPPROTO_TCP:
888 return "tcp";
889 case IPPROTO_SCTP:
890 return "sctp";
891 case IPPROTO_DCCP:
892 return "dccp";
893 case IPPROTO_ICMPV6:
894 return "icmp6";
895 }
896
897 return "???";
898 }
899
900 static const char *vsock_netid_name(int type)
901 {
902 switch (type) {
903 case SOCK_STREAM:
904 return "v_str";
905 case SOCK_DGRAM:
906 return "v_dgr";
907 default:
908 return "???";
909 }
910 }
911
912 static const char *tipc_netid_name(int type)
913 {
914 switch (type) {
915 case SOCK_STREAM:
916 return "ti_st";
917 case SOCK_DGRAM:
918 return "ti_dg";
919 case SOCK_RDM:
920 return "ti_rd";
921 case SOCK_SEQPACKET:
922 return "ti_sq";
923 default:
924 return "???";
925 }
926 }
927
928 /* Allocate and initialize a new buffer chunk */
929 static struct buf_chunk *buf_chunk_new(void)
930 {
931 struct buf_chunk *new = malloc(BUF_CHUNK);
932
933 if (!new)
934 abort();
935
936 new->next = NULL;
937
938 /* This is also the last block */
939 buffer.tail = new;
940
941 /* Next token will be stored at the beginning of chunk data area, and
942 * its initial length is zero.
943 */
944 buffer.cur = (struct buf_token *)new->data;
945 buffer.cur->len = 0;
946
947 new->end = buffer.cur->data;
948
949 return new;
950 }
951
952 /* Return available tail room in given chunk */
953 static int buf_chunk_avail(struct buf_chunk *chunk)
954 {
955 return BUF_CHUNK - offsetof(struct buf_chunk, data) -
956 (chunk->end - chunk->data);
957 }
958
959 /* Update end pointer and token length, link new chunk if we hit the end of the
960 * current one. Return -EAGAIN if we got a new chunk, caller has to print again.
961 */
962 static int buf_update(int len)
963 {
964 struct buf_chunk *chunk = buffer.tail;
965 struct buf_token *t = buffer.cur;
966
967 /* Claim success if new content fits in the current chunk, and anyway
968 * if this is the first token in the chunk: in the latter case,
969 * allocating a new chunk won't help, so we'll just cut the output.
970 */
971 if ((len < buf_chunk_avail(chunk) && len != -1 /* glibc < 2.0.6 */) ||
972 t == (struct buf_token *)chunk->data) {
973 len = min(len, buf_chunk_avail(chunk));
974
975 /* Total field length can't exceed 2^16 bytes, cut as needed */
976 len = min(len, USHRT_MAX - t->len);
977
978 chunk->end += len;
979 t->len += len;
980 return 0;
981 }
982
983 /* Content truncated, time to allocate more */
984 chunk->next = buf_chunk_new();
985
986 /* Copy current token over to new chunk, including length descriptor */
987 memcpy(chunk->next->data, t, sizeof(t->len) + t->len);
988 chunk->next->end += t->len;
989
990 /* Discard partially written field in old chunk */
991 chunk->end -= t->len + sizeof(t->len);
992
993 return -EAGAIN;
994 }
995
996 /* Append content to buffer as part of the current field */
997 __attribute__((format(printf, 1, 2)))
998 static void out(const char *fmt, ...)
999 {
1000 struct column *f = current_field;
1001 va_list args;
1002 char *pos;
1003 int len;
1004
1005 if (f->disabled)
1006 return;
1007
1008 if (!buffer.head)
1009 buffer.head = buf_chunk_new();
1010
1011 again: /* Append to buffer: if we have a new chunk, print again */
1012
1013 pos = buffer.cur->data + buffer.cur->len;
1014 va_start(args, fmt);
1015
1016 /* Limit to tail room. If we hit the limit, buf_update() will tell us */
1017 len = vsnprintf(pos, buf_chunk_avail(buffer.tail), fmt, args);
1018 va_end(args);
1019
1020 if (buf_update(len))
1021 goto again;
1022 }
1023
1024 static int print_left_spacing(struct column *f, int stored, int printed)
1025 {
1026 int s;
1027
1028 if (!f->width || f->align == ALIGN_LEFT)
1029 return 0;
1030
1031 s = f->width - stored - printed;
1032 if (f->align == ALIGN_CENTER)
1033 /* If count of total spacing is odd, shift right by one */
1034 s = (s + 1) / 2;
1035
1036 if (s > 0)
1037 return printf("%*c", s, ' ');
1038
1039 return 0;
1040 }
1041
1042 static void print_right_spacing(struct column *f, int printed)
1043 {
1044 int s;
1045
1046 if (!f->width || f->align == ALIGN_RIGHT)
1047 return;
1048
1049 s = f->width - printed;
1050 if (f->align == ALIGN_CENTER)
1051 s /= 2;
1052
1053 if (s > 0)
1054 printf("%*c", s, ' ');
1055 }
1056
1057 /* Done with field: update buffer pointer, start new token after current one */
1058 static void field_flush(struct column *f)
1059 {
1060 struct buf_chunk *chunk;
1061 unsigned int pad;
1062
1063 if (f->disabled)
1064 return;
1065
1066 chunk = buffer.tail;
1067 pad = buffer.cur->len % 2;
1068
1069 if (buffer.cur->len > f->max_len)
1070 f->max_len = buffer.cur->len;
1071
1072 /* We need a new chunk if we can't store the next length descriptor.
1073 * Mind the gap between end of previous token and next aligned position
1074 * for length descriptor.
1075 */
1076 if (buf_chunk_avail(chunk) - pad < sizeof(buffer.cur->len)) {
1077 chunk->end += pad;
1078 chunk->next = buf_chunk_new();
1079 return;
1080 }
1081
1082 buffer.cur = (struct buf_token *)(buffer.cur->data +
1083 LEN_ALIGN(buffer.cur->len));
1084 buffer.cur->len = 0;
1085 buffer.tail->end = buffer.cur->data;
1086 }
1087
1088 static int field_is_last(struct column *f)
1089 {
1090 return f - columns == COL_MAX - 1;
1091 }
1092
1093 static void field_next(void)
1094 {
1095 field_flush(current_field);
1096
1097 if (field_is_last(current_field))
1098 current_field = columns;
1099 else
1100 current_field++;
1101 }
1102
1103 /* Walk through fields and flush them until we reach the desired one */
1104 static void field_set(enum col_id id)
1105 {
1106 while (id != current_field - columns)
1107 field_next();
1108 }
1109
1110 /* Print header for all non-empty columns */
1111 static void print_header(void)
1112 {
1113 while (!field_is_last(current_field)) {
1114 if (!current_field->disabled)
1115 out("%s", current_field->header);
1116 field_next();
1117 }
1118 }
1119
1120 /* Get the next available token in the buffer starting from the current token */
1121 static struct buf_token *buf_token_next(struct buf_token *cur)
1122 {
1123 struct buf_chunk *chunk = buffer.tail;
1124
1125 /* If we reached the end of chunk contents, get token from next chunk */
1126 if (cur->data + LEN_ALIGN(cur->len) == chunk->end) {
1127 buffer.tail = chunk = chunk->next;
1128 return chunk ? (struct buf_token *)chunk->data : NULL;
1129 }
1130
1131 return (struct buf_token *)(cur->data + LEN_ALIGN(cur->len));
1132 }
1133
1134 /* Free up all allocated buffer chunks */
1135 static void buf_free_all(void)
1136 {
1137 struct buf_chunk *tmp;
1138
1139 for (buffer.tail = buffer.head; buffer.tail; ) {
1140 tmp = buffer.tail;
1141 buffer.tail = buffer.tail->next;
1142 free(tmp);
1143 }
1144 buffer.head = NULL;
1145 }
1146
1147 /* Get current screen width, default to 80 columns if TIOCGWINSZ fails */
1148 static int render_screen_width(void)
1149 {
1150 int width = 80;
1151
1152 if (isatty(STDOUT_FILENO)) {
1153 struct winsize w;
1154
1155 if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1) {
1156 if (w.ws_col > 0)
1157 width = w.ws_col;
1158 }
1159 }
1160
1161 return width;
1162 }
1163
1164 /* Calculate column width from contents length. If columns don't fit on one
1165 * line, break them into the least possible amount of lines and keep them
1166 * aligned across lines. Available screen space is equally spread between fields
1167 * as additional spacing.
1168 */
1169 static void render_calc_width(void)
1170 {
1171 int screen_width = render_screen_width();
1172 struct column *c, *eol = columns - 1;
1173 int first, len = 0, linecols = 0;
1174
1175 /* First pass: set width for each column to measured content length */
1176 for (first = 1, c = columns; c - columns < COL_MAX; c++) {
1177 if (c->disabled)
1178 continue;
1179
1180 if (!first && c->max_len)
1181 c->width = c->max_len + strlen(c->ldelim);
1182 else
1183 c->width = c->max_len;
1184
1185 /* But don't exceed screen size. If we exceed the screen size
1186 * for even a single field, it will just start on a line of its
1187 * own and then naturally wrap.
1188 */
1189 c->width = min(c->width, screen_width);
1190
1191 if (c->width)
1192 first = 0;
1193 }
1194
1195 /* Second pass: find out newlines and distribute available spacing */
1196 for (c = columns; c - columns < COL_MAX; c++) {
1197 int pad, spacing, rem, last;
1198 struct column *tmp;
1199
1200 if (!c->width)
1201 continue;
1202
1203 linecols++;
1204 len += c->width;
1205
1206 for (last = 1, tmp = c + 1; tmp - columns < COL_MAX; tmp++) {
1207 if (tmp->width) {
1208 last = 0;
1209 break;
1210 }
1211 }
1212
1213 if (!last && len < screen_width) {
1214 /* Columns fit on screen so far, nothing to do yet */
1215 continue;
1216 }
1217
1218 if (len == screen_width) {
1219 /* Exact fit, just start with new line */
1220 goto newline;
1221 }
1222
1223 if (len > screen_width) {
1224 /* Screen width exceeded: go back one column */
1225 len -= c->width;
1226 c--;
1227 linecols--;
1228 }
1229
1230 /* Distribute remaining space to columns on this line */
1231 pad = screen_width - len;
1232 spacing = pad / linecols;
1233 rem = pad % linecols;
1234 for (tmp = c; tmp > eol; tmp--) {
1235 if (!tmp->width)
1236 continue;
1237
1238 tmp->width += spacing;
1239 if (rem) {
1240 tmp->width++;
1241 rem--;
1242 }
1243 }
1244
1245 newline:
1246 /* Line break: reset line counters, mark end-of-line */
1247 eol = c;
1248 len = 0;
1249 linecols = 0;
1250 }
1251 }
1252
1253 /* Render buffered output with spacing and delimiters, then free up buffers */
1254 static void render(void)
1255 {
1256 struct buf_token *token;
1257 int printed, line_started = 0;
1258 struct column *f;
1259
1260 if (!buffer.head)
1261 return;
1262
1263 token = (struct buf_token *)buffer.head->data;
1264
1265 /* Ensure end alignment of last token, it wasn't necessarily flushed */
1266 buffer.tail->end += buffer.cur->len % 2;
1267
1268 render_calc_width();
1269
1270 /* Rewind and replay */
1271 buffer.tail = buffer.head;
1272
1273 f = columns;
1274 while (!f->width)
1275 f++;
1276
1277 while (token) {
1278 /* Print left delimiter only if we already started a line */
1279 if (line_started++)
1280 printed = printf("%s", f->ldelim);
1281 else
1282 printed = 0;
1283
1284 /* Print field content from token data with spacing */
1285 printed += print_left_spacing(f, token->len, printed);
1286 printed += fwrite(token->data, 1, token->len, stdout);
1287 print_right_spacing(f, printed);
1288
1289 /* Go to next non-empty field, deal with end-of-line */
1290 do {
1291 if (field_is_last(f)) {
1292 printf("\n");
1293 f = columns;
1294 line_started = 0;
1295 } else {
1296 f++;
1297 }
1298 } while (f->disabled);
1299
1300 token = buf_token_next(token);
1301 }
1302
1303 buf_free_all();
1304 current_field = columns;
1305 }
1306
1307 static void sock_state_print(struct sockstat *s)
1308 {
1309 const char *sock_name;
1310 static const char * const sstate_name[] = {
1311 "UNKNOWN",
1312 [SS_ESTABLISHED] = "ESTAB",
1313 [SS_SYN_SENT] = "SYN-SENT",
1314 [SS_SYN_RECV] = "SYN-RECV",
1315 [SS_FIN_WAIT1] = "FIN-WAIT-1",
1316 [SS_FIN_WAIT2] = "FIN-WAIT-2",
1317 [SS_TIME_WAIT] = "TIME-WAIT",
1318 [SS_CLOSE] = "UNCONN",
1319 [SS_CLOSE_WAIT] = "CLOSE-WAIT",
1320 [SS_LAST_ACK] = "LAST-ACK",
1321 [SS_LISTEN] = "LISTEN",
1322 [SS_CLOSING] = "CLOSING",
1323 };
1324
1325 switch (s->local.family) {
1326 case AF_UNIX:
1327 sock_name = unix_netid_name(s->type);
1328 break;
1329 case AF_INET:
1330 case AF_INET6:
1331 sock_name = proto_name(s->type);
1332 break;
1333 case AF_PACKET:
1334 sock_name = s->type == SOCK_RAW ? "p_raw" : "p_dgr";
1335 break;
1336 case AF_NETLINK:
1337 sock_name = "nl";
1338 break;
1339 case AF_TIPC:
1340 sock_name = tipc_netid_name(s->type);
1341 break;
1342 case AF_VSOCK:
1343 sock_name = vsock_netid_name(s->type);
1344 break;
1345 case AF_XDP:
1346 sock_name = "xdp";
1347 break;
1348 default:
1349 sock_name = "unknown";
1350 }
1351
1352 if (is_sctp_assoc(s, sock_name)) {
1353 field_set(COL_STATE); /* Empty Netid field */
1354 out("`- %s", sctp_sstate_name[s->state]);
1355 } else {
1356 field_set(COL_NETID);
1357 out("%s", sock_name);
1358 field_set(COL_STATE);
1359 out("%s", sstate_name[s->state]);
1360 }
1361
1362 field_set(COL_RECVQ);
1363 out("%-6d", s->rq);
1364 field_set(COL_SENDQ);
1365 out("%-6d", s->wq);
1366 field_set(COL_ADDR);
1367 }
1368
1369 static void sock_details_print(struct sockstat *s)
1370 {
1371 if (s->uid)
1372 out(" uid:%u", s->uid);
1373
1374 out(" ino:%u", s->ino);
1375 out(" sk:%llx", s->sk);
1376
1377 if (s->mark)
1378 out(" fwmark:0x%x", s->mark);
1379 }
1380
1381 static void sock_addr_print(const char *addr, char *delim, const char *port,
1382 const char *ifname)
1383 {
1384 if (ifname)
1385 out("%s" "%%" "%s%s", addr, ifname, delim);
1386 else
1387 out("%s%s", addr, delim);
1388
1389 field_next();
1390 out("%s", port);
1391 field_next();
1392 }
1393
1394 static const char *print_ms_timer(unsigned int timeout)
1395 {
1396 static char buf[64];
1397 int secs, msecs, minutes;
1398
1399 secs = timeout/1000;
1400 minutes = secs/60;
1401 secs = secs%60;
1402 msecs = timeout%1000;
1403 buf[0] = 0;
1404 if (minutes) {
1405 msecs = 0;
1406 snprintf(buf, sizeof(buf)-16, "%dmin", minutes);
1407 if (minutes > 9)
1408 secs = 0;
1409 }
1410 if (secs) {
1411 if (secs > 9)
1412 msecs = 0;
1413 sprintf(buf+strlen(buf), "%d%s", secs, msecs ? "." : "sec");
1414 }
1415 if (msecs)
1416 sprintf(buf+strlen(buf), "%03dms", msecs);
1417 return buf;
1418 }
1419
1420 struct scache {
1421 struct scache *next;
1422 int port;
1423 char *name;
1424 const char *proto;
1425 };
1426
1427 static struct scache *rlist;
1428
1429 static void init_service_resolver(void)
1430 {
1431 char buf[128];
1432 FILE *fp = popen("/usr/sbin/rpcinfo -p 2>/dev/null", "r");
1433
1434 if (!fp)
1435 return;
1436
1437 if (!fgets(buf, sizeof(buf), fp)) {
1438 pclose(fp);
1439 return;
1440 }
1441 while (fgets(buf, sizeof(buf), fp) != NULL) {
1442 unsigned int progn, port;
1443 char proto[128], prog[128] = "rpc.";
1444 struct scache *c;
1445
1446 if (sscanf(buf, "%u %*d %s %u %s",
1447 &progn, proto, &port, prog+4) != 4)
1448 continue;
1449
1450 if (!(c = malloc(sizeof(*c))))
1451 continue;
1452
1453 c->port = port;
1454 c->name = strdup(prog);
1455 if (strcmp(proto, TCP_PROTO) == 0)
1456 c->proto = TCP_PROTO;
1457 else if (strcmp(proto, UDP_PROTO) == 0)
1458 c->proto = UDP_PROTO;
1459 else if (strcmp(proto, SCTP_PROTO) == 0)
1460 c->proto = SCTP_PROTO;
1461 else
1462 c->proto = NULL;
1463 c->next = rlist;
1464 rlist = c;
1465 }
1466 pclose(fp);
1467 }
1468
1469 /* Even do not try default linux ephemeral port ranges:
1470 * default /etc/services contains so much of useless crap
1471 * wouldbe "allocated" to this area that resolution
1472 * is really harmful. I shrug each time when seeing
1473 * "socks" or "cfinger" in dumps.
1474 */
1475 static int is_ephemeral(int port)
1476 {
1477 static int min = 0, max;
1478
1479 if (!min) {
1480 FILE *f = ephemeral_ports_open();
1481
1482 if (!f || fscanf(f, "%d %d", &min, &max) < 2) {
1483 min = 1024;
1484 max = 4999;
1485 }
1486 if (f)
1487 fclose(f);
1488 }
1489 return port >= min && port <= max;
1490 }
1491
1492
1493 static const char *__resolve_service(int port)
1494 {
1495 struct scache *c;
1496
1497 for (c = rlist; c; c = c->next) {
1498 if (c->port == port && c->proto == dg_proto)
1499 return c->name;
1500 }
1501
1502 if (!is_ephemeral(port)) {
1503 static int notfirst;
1504 struct servent *se;
1505
1506 if (!notfirst) {
1507 setservent(1);
1508 notfirst = 1;
1509 }
1510 se = getservbyport(htons(port), dg_proto);
1511 if (se)
1512 return se->s_name;
1513 }
1514
1515 return NULL;
1516 }
1517
1518 #define SCACHE_BUCKETS 1024
1519 static struct scache *cache_htab[SCACHE_BUCKETS];
1520
1521 static const char *resolve_service(int port)
1522 {
1523 static char buf[128];
1524 struct scache *c;
1525 const char *res;
1526 int hash;
1527
1528 if (port == 0) {
1529 buf[0] = '*';
1530 buf[1] = 0;
1531 return buf;
1532 }
1533
1534 if (!resolve_services)
1535 goto do_numeric;
1536
1537 if (dg_proto == RAW_PROTO)
1538 return inet_proto_n2a(port, buf, sizeof(buf));
1539
1540
1541 hash = (port^(((unsigned long)dg_proto)>>2)) % SCACHE_BUCKETS;
1542
1543 for (c = cache_htab[hash]; c; c = c->next) {
1544 if (c->port == port && c->proto == dg_proto)
1545 goto do_cache;
1546 }
1547
1548 c = malloc(sizeof(*c));
1549 if (!c)
1550 goto do_numeric;
1551 res = __resolve_service(port);
1552 c->port = port;
1553 c->name = res ? strdup(res) : NULL;
1554 c->proto = dg_proto;
1555 c->next = cache_htab[hash];
1556 cache_htab[hash] = c;
1557
1558 do_cache:
1559 if (c->name)
1560 return c->name;
1561
1562 do_numeric:
1563 sprintf(buf, "%u", port);
1564 return buf;
1565 }
1566
1567 static void inet_addr_print(const inet_prefix *a, int port,
1568 unsigned int ifindex, bool v6only)
1569 {
1570 char buf[1024];
1571 const char *ap = buf;
1572 const char *ifname = NULL;
1573
1574 if (a->family == AF_INET) {
1575 ap = format_host(AF_INET, 4, a->data);
1576 } else {
1577 if (!v6only &&
1578 !memcmp(a->data, &in6addr_any, sizeof(in6addr_any))) {
1579 buf[0] = '*';
1580 buf[1] = 0;
1581 } else {
1582 ap = format_host(a->family, 16, a->data);
1583
1584 /* Numeric IPv6 addresses should be bracketed */
1585 if (strchr(ap, ':')) {
1586 snprintf(buf, sizeof(buf),
1587 "[%s]", ap);
1588 ap = buf;
1589 }
1590 }
1591 }
1592
1593 if (ifindex)
1594 ifname = ll_index_to_name(ifindex);
1595
1596 sock_addr_print(ap, ":", resolve_service(port), ifname);
1597 }
1598
1599 struct aafilter {
1600 inet_prefix addr;
1601 int port;
1602 unsigned int iface;
1603 __u32 mark;
1604 __u32 mask;
1605 struct aafilter *next;
1606 };
1607
1608 static int inet2_addr_match(const inet_prefix *a, const inet_prefix *p,
1609 int plen)
1610 {
1611 if (!inet_addr_match(a, p, plen))
1612 return 0;
1613
1614 /* Cursed "v4 mapped" addresses: v4 mapped socket matches
1615 * pure IPv4 rule, but v4-mapped rule selects only v4-mapped
1616 * sockets. Fair? */
1617 if (p->family == AF_INET && a->family == AF_INET6) {
1618 if (a->data[0] == 0 && a->data[1] == 0 &&
1619 a->data[2] == htonl(0xffff)) {
1620 inet_prefix tmp = *a;
1621
1622 tmp.data[0] = a->data[3];
1623 return inet_addr_match(&tmp, p, plen);
1624 }
1625 }
1626 return 1;
1627 }
1628
1629 static int unix_match(const inet_prefix *a, const inet_prefix *p)
1630 {
1631 char *addr, *pattern;
1632
1633 memcpy(&addr, a->data, sizeof(addr));
1634 memcpy(&pattern, p->data, sizeof(pattern));
1635 if (pattern == NULL)
1636 return 1;
1637 if (addr == NULL)
1638 addr = "";
1639 return !fnmatch(pattern, addr, 0);
1640 }
1641
1642 static int run_ssfilter(struct ssfilter *f, struct sockstat *s)
1643 {
1644 switch (f->type) {
1645 case SSF_S_AUTO:
1646 {
1647 if (s->local.family == AF_UNIX) {
1648 char *p;
1649
1650 memcpy(&p, s->local.data, sizeof(p));
1651 return p == NULL || (p[0] == '@' && strlen(p) == 6 &&
1652 strspn(p+1, "0123456789abcdef") == 5);
1653 }
1654 if (s->local.family == AF_PACKET)
1655 return s->lport == 0 && s->local.data[0] == 0;
1656 if (s->local.family == AF_NETLINK)
1657 return s->lport < 0;
1658 if (s->local.family == AF_VSOCK)
1659 return s->lport > 1023;
1660
1661 return is_ephemeral(s->lport);
1662 }
1663 case SSF_DCOND:
1664 {
1665 struct aafilter *a = (void *)f->pred;
1666
1667 if (a->addr.family == AF_UNIX)
1668 return unix_match(&s->remote, &a->addr);
1669 if (a->port != -1 && a->port != s->rport)
1670 return 0;
1671 if (a->addr.bitlen) {
1672 do {
1673 if (!inet2_addr_match(&s->remote, &a->addr, a->addr.bitlen))
1674 return 1;
1675 } while ((a = a->next) != NULL);
1676 return 0;
1677 }
1678 return 1;
1679 }
1680 case SSF_SCOND:
1681 {
1682 struct aafilter *a = (void *)f->pred;
1683
1684 if (a->addr.family == AF_UNIX)
1685 return unix_match(&s->local, &a->addr);
1686 if (a->port != -1 && a->port != s->lport)
1687 return 0;
1688 if (a->addr.bitlen) {
1689 do {
1690 if (!inet2_addr_match(&s->local, &a->addr, a->addr.bitlen))
1691 return 1;
1692 } while ((a = a->next) != NULL);
1693 return 0;
1694 }
1695 return 1;
1696 }
1697 case SSF_D_GE:
1698 {
1699 struct aafilter *a = (void *)f->pred;
1700
1701 return s->rport >= a->port;
1702 }
1703 case SSF_D_LE:
1704 {
1705 struct aafilter *a = (void *)f->pred;
1706
1707 return s->rport <= a->port;
1708 }
1709 case SSF_S_GE:
1710 {
1711 struct aafilter *a = (void *)f->pred;
1712
1713 return s->lport >= a->port;
1714 }
1715 case SSF_S_LE:
1716 {
1717 struct aafilter *a = (void *)f->pred;
1718
1719 return s->lport <= a->port;
1720 }
1721 case SSF_DEVCOND:
1722 {
1723 struct aafilter *a = (void *)f->pred;
1724
1725 return s->iface == a->iface;
1726 }
1727 case SSF_MARKMASK:
1728 {
1729 struct aafilter *a = (void *)f->pred;
1730
1731 return (s->mark & a->mask) == a->mark;
1732 }
1733 /* Yup. It is recursion. Sorry. */
1734 case SSF_AND:
1735 return run_ssfilter(f->pred, s) && run_ssfilter(f->post, s);
1736 case SSF_OR:
1737 return run_ssfilter(f->pred, s) || run_ssfilter(f->post, s);
1738 case SSF_NOT:
1739 return !run_ssfilter(f->pred, s);
1740 default:
1741 abort();
1742 }
1743 }
1744
1745 /* Relocate external jumps by reloc. */
1746 static void ssfilter_patch(char *a, int len, int reloc)
1747 {
1748 while (len > 0) {
1749 struct inet_diag_bc_op *op = (struct inet_diag_bc_op *)a;
1750
1751 if (op->no == len+4)
1752 op->no += reloc;
1753 len -= op->yes;
1754 a += op->yes;
1755 }
1756 if (len < 0)
1757 abort();
1758 }
1759
1760 static int ssfilter_bytecompile(struct ssfilter *f, char **bytecode)
1761 {
1762 switch (f->type) {
1763 case SSF_S_AUTO:
1764 {
1765 if (!(*bytecode = malloc(4))) abort();
1766 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_AUTO, 4, 8 };
1767 return 4;
1768 }
1769 case SSF_DCOND:
1770 case SSF_SCOND:
1771 {
1772 struct aafilter *a = (void *)f->pred;
1773 struct aafilter *b;
1774 char *ptr;
1775 int code = (f->type == SSF_DCOND ? INET_DIAG_BC_D_COND : INET_DIAG_BC_S_COND);
1776 int len = 0;
1777
1778 for (b = a; b; b = b->next) {
1779 len += 4 + sizeof(struct inet_diag_hostcond);
1780 if (a->addr.family == AF_INET6)
1781 len += 16;
1782 else
1783 len += 4;
1784 if (b->next)
1785 len += 4;
1786 }
1787 if (!(ptr = malloc(len))) abort();
1788 *bytecode = ptr;
1789 for (b = a; b; b = b->next) {
1790 struct inet_diag_bc_op *op = (struct inet_diag_bc_op *)ptr;
1791 int alen = (a->addr.family == AF_INET6 ? 16 : 4);
1792 int oplen = alen + 4 + sizeof(struct inet_diag_hostcond);
1793 struct inet_diag_hostcond *cond = (struct inet_diag_hostcond *)(ptr+4);
1794
1795 *op = (struct inet_diag_bc_op){ code, oplen, oplen+4 };
1796 cond->family = a->addr.family;
1797 cond->port = a->port;
1798 cond->prefix_len = a->addr.bitlen;
1799 memcpy(cond->addr, a->addr.data, alen);
1800 ptr += oplen;
1801 if (b->next) {
1802 op = (struct inet_diag_bc_op *)ptr;
1803 *op = (struct inet_diag_bc_op){ INET_DIAG_BC_JMP, 4, len - (ptr-*bytecode)};
1804 ptr += 4;
1805 }
1806 }
1807 return ptr - *bytecode;
1808 }
1809 case SSF_D_GE:
1810 {
1811 struct aafilter *x = (void *)f->pred;
1812
1813 if (!(*bytecode = malloc(8))) abort();
1814 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_D_GE, 8, 12 };
1815 ((struct inet_diag_bc_op *)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1816 return 8;
1817 }
1818 case SSF_D_LE:
1819 {
1820 struct aafilter *x = (void *)f->pred;
1821
1822 if (!(*bytecode = malloc(8))) abort();
1823 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_D_LE, 8, 12 };
1824 ((struct inet_diag_bc_op *)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1825 return 8;
1826 }
1827 case SSF_S_GE:
1828 {
1829 struct aafilter *x = (void *)f->pred;
1830
1831 if (!(*bytecode = malloc(8))) abort();
1832 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_S_GE, 8, 12 };
1833 ((struct inet_diag_bc_op *)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1834 return 8;
1835 }
1836 case SSF_S_LE:
1837 {
1838 struct aafilter *x = (void *)f->pred;
1839
1840 if (!(*bytecode = malloc(8))) abort();
1841 ((struct inet_diag_bc_op *)*bytecode)[0] = (struct inet_diag_bc_op){ INET_DIAG_BC_S_LE, 8, 12 };
1842 ((struct inet_diag_bc_op *)*bytecode)[1] = (struct inet_diag_bc_op){ 0, 0, x->port };
1843 return 8;
1844 }
1845
1846 case SSF_AND:
1847 {
1848 char *a1 = NULL, *a2 = NULL, *a;
1849 int l1, l2;
1850
1851 l1 = ssfilter_bytecompile(f->pred, &a1);
1852 l2 = ssfilter_bytecompile(f->post, &a2);
1853 if (!l1 || !l2) {
1854 free(a1);
1855 free(a2);
1856 return 0;
1857 }
1858 if (!(a = malloc(l1+l2))) abort();
1859 memcpy(a, a1, l1);
1860 memcpy(a+l1, a2, l2);
1861 free(a1); free(a2);
1862 ssfilter_patch(a, l1, l2);
1863 *bytecode = a;
1864 return l1+l2;
1865 }
1866 case SSF_OR:
1867 {
1868 char *a1 = NULL, *a2 = NULL, *a;
1869 int l1, l2;
1870
1871 l1 = ssfilter_bytecompile(f->pred, &a1);
1872 l2 = ssfilter_bytecompile(f->post, &a2);
1873 if (!l1 || !l2) {
1874 free(a1);
1875 free(a2);
1876 return 0;
1877 }
1878 if (!(a = malloc(l1+l2+4))) abort();
1879 memcpy(a, a1, l1);
1880 memcpy(a+l1+4, a2, l2);
1881 free(a1); free(a2);
1882 *(struct inet_diag_bc_op *)(a+l1) = (struct inet_diag_bc_op){ INET_DIAG_BC_JMP, 4, l2+4 };
1883 *bytecode = a;
1884 return l1+l2+4;
1885 }
1886 case SSF_NOT:
1887 {
1888 char *a1 = NULL, *a;
1889 int l1;
1890
1891 l1 = ssfilter_bytecompile(f->pred, &a1);
1892 if (!l1) {
1893 free(a1);
1894 return 0;
1895 }
1896 if (!(a = malloc(l1+4))) abort();
1897 memcpy(a, a1, l1);
1898 free(a1);
1899 *(struct inet_diag_bc_op *)(a+l1) = (struct inet_diag_bc_op){ INET_DIAG_BC_JMP, 4, 8 };
1900 *bytecode = a;
1901 return l1+4;
1902 }
1903 case SSF_DEVCOND:
1904 {
1905 /* bytecompile for SSF_DEVCOND not supported yet */
1906 return 0;
1907 }
1908 case SSF_MARKMASK:
1909 {
1910 struct aafilter *a = (void *)f->pred;
1911 struct instr {
1912 struct inet_diag_bc_op op;
1913 struct inet_diag_markcond cond;
1914 };
1915 int inslen = sizeof(struct instr);
1916
1917 if (!(*bytecode = malloc(inslen))) abort();
1918 ((struct instr *)*bytecode)[0] = (struct instr) {
1919 { INET_DIAG_BC_MARK_COND, inslen, inslen + 4 },
1920 { a->mark, a->mask},
1921 };
1922
1923 return inslen;
1924 }
1925 default:
1926 abort();
1927 }
1928 }
1929
1930 static int remember_he(struct aafilter *a, struct hostent *he)
1931 {
1932 char **ptr = he->h_addr_list;
1933 int cnt = 0;
1934 int len;
1935
1936 if (he->h_addrtype == AF_INET)
1937 len = 4;
1938 else if (he->h_addrtype == AF_INET6)
1939 len = 16;
1940 else
1941 return 0;
1942
1943 while (*ptr) {
1944 struct aafilter *b = a;
1945
1946 if (a->addr.bitlen) {
1947 if ((b = malloc(sizeof(*b))) == NULL)
1948 return cnt;
1949 *b = *a;
1950 a->next = b;
1951 }
1952 memcpy(b->addr.data, *ptr, len);
1953 b->addr.bytelen = len;
1954 b->addr.bitlen = len*8;
1955 b->addr.family = he->h_addrtype;
1956 ptr++;
1957 cnt++;
1958 }
1959 return cnt;
1960 }
1961
1962 static int get_dns_host(struct aafilter *a, const char *addr, int fam)
1963 {
1964 static int notfirst;
1965 int cnt = 0;
1966 struct hostent *he;
1967
1968 a->addr.bitlen = 0;
1969 if (!notfirst) {
1970 sethostent(1);
1971 notfirst = 1;
1972 }
1973 he = gethostbyname2(addr, fam == AF_UNSPEC ? AF_INET : fam);
1974 if (he)
1975 cnt = remember_he(a, he);
1976 if (fam == AF_UNSPEC) {
1977 he = gethostbyname2(addr, AF_INET6);
1978 if (he)
1979 cnt += remember_he(a, he);
1980 }
1981 return !cnt;
1982 }
1983
1984 static int xll_initted;
1985
1986 static void xll_init(void)
1987 {
1988 struct rtnl_handle rth;
1989
1990 if (rtnl_open(&rth, 0) < 0)
1991 exit(1);
1992
1993 ll_init_map(&rth);
1994 rtnl_close(&rth);
1995 xll_initted = 1;
1996 }
1997
1998 static const char *xll_index_to_name(int index)
1999 {
2000 if (!xll_initted)
2001 xll_init();
2002 return ll_index_to_name(index);
2003 }
2004
2005 static int xll_name_to_index(const char *dev)
2006 {
2007 if (!xll_initted)
2008 xll_init();
2009 return ll_name_to_index(dev);
2010 }
2011
2012 void *parse_devcond(char *name)
2013 {
2014 struct aafilter a = { .iface = 0 };
2015 struct aafilter *res;
2016
2017 a.iface = xll_name_to_index(name);
2018 if (a.iface == 0) {
2019 char *end;
2020 unsigned long n;
2021
2022 n = strtoul(name, &end, 0);
2023 if (!end || end == name || *end || n > UINT_MAX)
2024 return NULL;
2025
2026 a.iface = n;
2027 }
2028
2029 res = malloc(sizeof(*res));
2030 *res = a;
2031
2032 return res;
2033 }
2034
2035 static void vsock_set_inet_prefix(inet_prefix *a, __u32 cid)
2036 {
2037 *a = (inet_prefix){
2038 .bytelen = sizeof(cid),
2039 .family = AF_VSOCK,
2040 };
2041 memcpy(a->data, &cid, sizeof(cid));
2042 }
2043
2044 void *parse_hostcond(char *addr, bool is_port)
2045 {
2046 char *port = NULL;
2047 struct aafilter a = { .port = -1 };
2048 struct aafilter *res;
2049 int fam = preferred_family;
2050 struct filter *f = &current_filter;
2051
2052 if (fam == AF_UNIX || strncmp(addr, "unix:", 5) == 0) {
2053 char *p;
2054
2055 a.addr.family = AF_UNIX;
2056 if (strncmp(addr, "unix:", 5) == 0)
2057 addr += 5;
2058 p = strdup(addr);
2059 a.addr.bitlen = 8*strlen(p);
2060 memcpy(a.addr.data, &p, sizeof(p));
2061 fam = AF_UNIX;
2062 goto out;
2063 }
2064
2065 if (fam == AF_PACKET || strncmp(addr, "link:", 5) == 0) {
2066 a.addr.family = AF_PACKET;
2067 a.addr.bitlen = 0;
2068 if (strncmp(addr, "link:", 5) == 0)
2069 addr += 5;
2070 port = strchr(addr, ':');
2071 if (port) {
2072 *port = 0;
2073 if (port[1] && strcmp(port+1, "*")) {
2074 if (get_integer(&a.port, port+1, 0)) {
2075 if ((a.port = xll_name_to_index(port+1)) <= 0)
2076 return NULL;
2077 }
2078 }
2079 }
2080 if (addr[0] && strcmp(addr, "*")) {
2081 unsigned short tmp;
2082
2083 a.addr.bitlen = 32;
2084 if (ll_proto_a2n(&tmp, addr))
2085 return NULL;
2086 a.addr.data[0] = ntohs(tmp);
2087 }
2088 fam = AF_PACKET;
2089 goto out;
2090 }
2091
2092 if (fam == AF_NETLINK || strncmp(addr, "netlink:", 8) == 0) {
2093 a.addr.family = AF_NETLINK;
2094 a.addr.bitlen = 0;
2095 if (strncmp(addr, "netlink:", 8) == 0)
2096 addr += 8;
2097 port = strchr(addr, ':');
2098 if (port) {
2099 *port = 0;
2100 if (port[1] && strcmp(port+1, "*")) {
2101 if (get_integer(&a.port, port+1, 0)) {
2102 if (strcmp(port+1, "kernel") == 0)
2103 a.port = 0;
2104 else
2105 return NULL;
2106 }
2107 }
2108 }
2109 if (addr[0] && strcmp(addr, "*")) {
2110 a.addr.bitlen = 32;
2111 if (nl_proto_a2n(&a.addr.data[0], addr) == -1)
2112 return NULL;
2113 }
2114 fam = AF_NETLINK;
2115 goto out;
2116 }
2117
2118 if (fam == AF_VSOCK || strncmp(addr, "vsock:", 6) == 0) {
2119 __u32 cid = ~(__u32)0;
2120
2121 a.addr.family = AF_VSOCK;
2122 if (strncmp(addr, "vsock:", 6) == 0)
2123 addr += 6;
2124
2125 if (is_port)
2126 port = addr;
2127 else {
2128 port = strchr(addr, ':');
2129 if (port) {
2130 *port = '\0';
2131 port++;
2132 }
2133 }
2134
2135 if (port && strcmp(port, "*") &&
2136 get_u32((__u32 *)&a.port, port, 0))
2137 return NULL;
2138
2139 if (addr[0] && strcmp(addr, "*")) {
2140 a.addr.bitlen = 32;
2141 if (get_u32(&cid, addr, 0))
2142 return NULL;
2143 }
2144 vsock_set_inet_prefix(&a.addr, cid);
2145 fam = AF_VSOCK;
2146 goto out;
2147 }
2148
2149 if (fam == AF_INET || !strncmp(addr, "inet:", 5)) {
2150 fam = AF_INET;
2151 if (!strncmp(addr, "inet:", 5))
2152 addr += 5;
2153 } else if (fam == AF_INET6 || !strncmp(addr, "inet6:", 6)) {
2154 fam = AF_INET6;
2155 if (!strncmp(addr, "inet6:", 6))
2156 addr += 6;
2157 }
2158
2159 /* URL-like literal [] */
2160 if (addr[0] == '[') {
2161 addr++;
2162 if ((port = strchr(addr, ']')) == NULL)
2163 return NULL;
2164 *port++ = 0;
2165 } else if (addr[0] == '*') {
2166 port = addr+1;
2167 } else {
2168 port = strrchr(strchr(addr, '/') ? : addr, ':');
2169 }
2170
2171 if (is_port)
2172 port = addr;
2173
2174 if (port && *port) {
2175 if (*port == ':')
2176 *port++ = 0;
2177
2178 if (*port && *port != '*') {
2179 if (get_integer(&a.port, port, 0)) {
2180 struct servent *se1 = NULL;
2181 struct servent *se2 = NULL;
2182
2183 if (current_filter.dbs&(1<<UDP_DB))
2184 se1 = getservbyname(port, UDP_PROTO);
2185 if (current_filter.dbs&(1<<TCP_DB))
2186 se2 = getservbyname(port, TCP_PROTO);
2187 if (se1 && se2 && se1->s_port != se2->s_port) {
2188 fprintf(stderr, "Error: ambiguous port \"%s\".\n", port);
2189 return NULL;
2190 }
2191 if (!se1)
2192 se1 = se2;
2193 if (se1) {
2194 a.port = ntohs(se1->s_port);
2195 } else {
2196 struct scache *s;
2197
2198 for (s = rlist; s; s = s->next) {
2199 if ((s->proto == UDP_PROTO &&
2200 (current_filter.dbs&(1<<UDP_DB))) ||
2201 (s->proto == TCP_PROTO &&
2202 (current_filter.dbs&(1<<TCP_DB)))) {
2203 if (s->name && strcmp(s->name, port) == 0) {
2204 if (a.port > 0 && a.port != s->port) {
2205 fprintf(stderr, "Error: ambiguous port \"%s\".\n", port);
2206 return NULL;
2207 }
2208 a.port = s->port;
2209 }
2210 }
2211 }
2212 if (a.port <= 0) {
2213 fprintf(stderr, "Error: \"%s\" does not look like a port.\n", port);
2214 return NULL;
2215 }
2216 }
2217 }
2218 }
2219 }
2220 if (!is_port && *addr && *addr != '*') {
2221 if (get_prefix_1(&a.addr, addr, fam)) {
2222 if (get_dns_host(&a, addr, fam)) {
2223 fprintf(stderr, "Error: an inet prefix is expected rather than \"%s\".\n", addr);
2224 return NULL;
2225 }
2226 }
2227 }
2228
2229 out:
2230 if (fam != AF_UNSPEC) {
2231 int states = f->states;
2232 f->families = 0;
2233 filter_af_set(f, fam);
2234 filter_states_set(f, states);
2235 }
2236
2237 res = malloc(sizeof(*res));
2238 if (res)
2239 memcpy(res, &a, sizeof(a));
2240 return res;
2241 }
2242
2243 void *parse_markmask(const char *markmask)
2244 {
2245 struct aafilter a, *res;
2246
2247 if (strchr(markmask, '/')) {
2248 if (sscanf(markmask, "%i/%i", &a.mark, &a.mask) != 2)
2249 return NULL;
2250 } else {
2251 a.mask = 0xffffffff;
2252 if (sscanf(markmask, "%i", &a.mark) != 1)
2253 return NULL;
2254 }
2255
2256 res = malloc(sizeof(*res));
2257 if (res)
2258 memcpy(res, &a, sizeof(a));
2259 return res;
2260 }
2261
2262 static void proc_ctx_print(struct sockstat *s)
2263 {
2264 char *buf;
2265
2266 if (show_proc_ctx || show_sock_ctx) {
2267 if (find_entry(s->ino, &buf,
2268 (show_proc_ctx & show_sock_ctx) ?
2269 PROC_SOCK_CTX : PROC_CTX) > 0) {
2270 out(" users:(%s)", buf);
2271 free(buf);
2272 }
2273 } else if (show_users) {
2274 if (find_entry(s->ino, &buf, USERS) > 0) {
2275 out(" users:(%s)", buf);
2276 free(buf);
2277 }
2278 }
2279 }
2280
2281 static void inet_stats_print(struct sockstat *s, bool v6only)
2282 {
2283 sock_state_print(s);
2284
2285 inet_addr_print(&s->local, s->lport, s->iface, v6only);
2286 inet_addr_print(&s->remote, s->rport, 0, v6only);
2287
2288 proc_ctx_print(s);
2289 }
2290
2291 static int proc_parse_inet_addr(char *loc, char *rem, int family, struct
2292 sockstat * s)
2293 {
2294 s->local.family = s->remote.family = family;
2295 if (family == AF_INET) {
2296 sscanf(loc, "%x:%x", s->local.data, (unsigned *)&s->lport);
2297 sscanf(rem, "%x:%x", s->remote.data, (unsigned *)&s->rport);
2298 s->local.bytelen = s->remote.bytelen = 4;
2299 return 0;
2300 } else {
2301 sscanf(loc, "%08x%08x%08x%08x:%x",
2302 s->local.data,
2303 s->local.data + 1,
2304 s->local.data + 2,
2305 s->local.data + 3,
2306 &s->lport);
2307 sscanf(rem, "%08x%08x%08x%08x:%x",
2308 s->remote.data,
2309 s->remote.data + 1,
2310 s->remote.data + 2,
2311 s->remote.data + 3,
2312 &s->rport);
2313 s->local.bytelen = s->remote.bytelen = 16;
2314 return 0;
2315 }
2316 return -1;
2317 }
2318
2319 static int proc_inet_split_line(char *line, char **loc, char **rem, char **data)
2320 {
2321 char *p;
2322
2323 if ((p = strchr(line, ':')) == NULL)
2324 return -1;
2325
2326 *loc = p+2;
2327 if ((p = strchr(*loc, ':')) == NULL)
2328 return -1;
2329
2330 p[5] = 0;
2331 *rem = p+6;
2332 if ((p = strchr(*rem, ':')) == NULL)
2333 return -1;
2334
2335 p[5] = 0;
2336 *data = p+6;
2337 return 0;
2338 }
2339
2340 static char *sprint_bw(char *buf, double bw)
2341 {
2342 if (bw > 1000000.)
2343 sprintf(buf, "%.1fM", bw / 1000000.);
2344 else if (bw > 1000.)
2345 sprintf(buf, "%.1fK", bw / 1000.);
2346 else
2347 sprintf(buf, "%g", bw);
2348
2349 return buf;
2350 }
2351
2352 static void sctp_stats_print(struct sctp_info *s)
2353 {
2354 if (s->sctpi_tag)
2355 out(" tag:%x", s->sctpi_tag);
2356 if (s->sctpi_state)
2357 out(" state:%s", sctp_sstate_name[s->sctpi_state]);
2358 if (s->sctpi_rwnd)
2359 out(" rwnd:%d", s->sctpi_rwnd);
2360 if (s->sctpi_unackdata)
2361 out(" unackdata:%d", s->sctpi_unackdata);
2362 if (s->sctpi_penddata)
2363 out(" penddata:%d", s->sctpi_penddata);
2364 if (s->sctpi_instrms)
2365 out(" instrms:%d", s->sctpi_instrms);
2366 if (s->sctpi_outstrms)
2367 out(" outstrms:%d", s->sctpi_outstrms);
2368 if (s->sctpi_inqueue)
2369 out(" inqueue:%d", s->sctpi_inqueue);
2370 if (s->sctpi_outqueue)
2371 out(" outqueue:%d", s->sctpi_outqueue);
2372 if (s->sctpi_overall_error)
2373 out(" overerr:%d", s->sctpi_overall_error);
2374 if (s->sctpi_max_burst)
2375 out(" maxburst:%d", s->sctpi_max_burst);
2376 if (s->sctpi_maxseg)
2377 out(" maxseg:%d", s->sctpi_maxseg);
2378 if (s->sctpi_peer_rwnd)
2379 out(" prwnd:%d", s->sctpi_peer_rwnd);
2380 if (s->sctpi_peer_tag)
2381 out(" ptag:%x", s->sctpi_peer_tag);
2382 if (s->sctpi_peer_capable)
2383 out(" pcapable:%d", s->sctpi_peer_capable);
2384 if (s->sctpi_peer_sack)
2385 out(" psack:%d", s->sctpi_peer_sack);
2386 if (s->sctpi_s_autoclose)
2387 out(" autoclose:%d", s->sctpi_s_autoclose);
2388 if (s->sctpi_s_adaptation_ind)
2389 out(" adapind:%d", s->sctpi_s_adaptation_ind);
2390 if (s->sctpi_s_pd_point)
2391 out(" pdpoint:%d", s->sctpi_s_pd_point);
2392 if (s->sctpi_s_nodelay)
2393 out(" nodealy:%d", s->sctpi_s_nodelay);
2394 if (s->sctpi_s_disable_fragments)
2395 out(" nofrag:%d", s->sctpi_s_disable_fragments);
2396 if (s->sctpi_s_v4mapped)
2397 out(" v4mapped:%d", s->sctpi_s_v4mapped);
2398 if (s->sctpi_s_frag_interleave)
2399 out(" fraginl:%d", s->sctpi_s_frag_interleave);
2400 }
2401
2402 static void tcp_stats_print(struct tcpstat *s)
2403 {
2404 char b1[64];
2405
2406 if (s->has_ts_opt)
2407 out(" ts");
2408 if (s->has_sack_opt)
2409 out(" sack");
2410 if (s->has_ecn_opt)
2411 out(" ecn");
2412 if (s->has_ecnseen_opt)
2413 out(" ecnseen");
2414 if (s->has_fastopen_opt)
2415 out(" fastopen");
2416 if (s->cong_alg[0])
2417 out(" %s", s->cong_alg);
2418 if (s->has_wscale_opt)
2419 out(" wscale:%d,%d", s->snd_wscale, s->rcv_wscale);
2420 if (s->rto)
2421 out(" rto:%g", s->rto);
2422 if (s->backoff)
2423 out(" backoff:%u", s->backoff);
2424 if (s->rtt)
2425 out(" rtt:%g/%g", s->rtt, s->rttvar);
2426 if (s->ato)
2427 out(" ato:%g", s->ato);
2428
2429 if (s->qack)
2430 out(" qack:%d", s->qack);
2431 if (s->qack & 1)
2432 out(" bidir");
2433
2434 if (s->mss)
2435 out(" mss:%d", s->mss);
2436 if (s->pmtu)
2437 out(" pmtu:%u", s->pmtu);
2438 if (s->rcv_mss)
2439 out(" rcvmss:%d", s->rcv_mss);
2440 if (s->advmss)
2441 out(" advmss:%d", s->advmss);
2442 if (s->cwnd)
2443 out(" cwnd:%u", s->cwnd);
2444 if (s->ssthresh)
2445 out(" ssthresh:%d", s->ssthresh);
2446
2447 if (s->bytes_sent)
2448 out(" bytes_sent:%llu", s->bytes_sent);
2449 if (s->bytes_retrans)
2450 out(" bytes_retrans:%llu", s->bytes_retrans);
2451 if (s->bytes_acked)
2452 out(" bytes_acked:%llu", s->bytes_acked);
2453 if (s->bytes_received)
2454 out(" bytes_received:%llu", s->bytes_received);
2455 if (s->segs_out)
2456 out(" segs_out:%u", s->segs_out);
2457 if (s->segs_in)
2458 out(" segs_in:%u", s->segs_in);
2459 if (s->data_segs_out)
2460 out(" data_segs_out:%u", s->data_segs_out);
2461 if (s->data_segs_in)
2462 out(" data_segs_in:%u", s->data_segs_in);
2463
2464 if (s->dctcp && s->dctcp->enabled) {
2465 struct dctcpstat *dctcp = s->dctcp;
2466
2467 out(" dctcp:(ce_state:%u,alpha:%u,ab_ecn:%u,ab_tot:%u)",
2468 dctcp->ce_state, dctcp->alpha, dctcp->ab_ecn,
2469 dctcp->ab_tot);
2470 } else if (s->dctcp) {
2471 out(" dctcp:fallback_mode");
2472 }
2473
2474 if (s->bbr_info) {
2475 __u64 bw;
2476
2477 bw = s->bbr_info->bbr_bw_hi;
2478 bw <<= 32;
2479 bw |= s->bbr_info->bbr_bw_lo;
2480
2481 out(" bbr:(bw:%sbps,mrtt:%g",
2482 sprint_bw(b1, bw * 8.0),
2483 (double)s->bbr_info->bbr_min_rtt / 1000.0);
2484 if (s->bbr_info->bbr_pacing_gain)
2485 out(",pacing_gain:%g",
2486 (double)s->bbr_info->bbr_pacing_gain / 256.0);
2487 if (s->bbr_info->bbr_cwnd_gain)
2488 out(",cwnd_gain:%g",
2489 (double)s->bbr_info->bbr_cwnd_gain / 256.0);
2490 out(")");
2491 }
2492
2493 if (s->send_bps)
2494 out(" send %sbps", sprint_bw(b1, s->send_bps));
2495 if (s->lastsnd)
2496 out(" lastsnd:%u", s->lastsnd);
2497 if (s->lastrcv)
2498 out(" lastrcv:%u", s->lastrcv);
2499 if (s->lastack)
2500 out(" lastack:%u", s->lastack);
2501
2502 if (s->pacing_rate) {
2503 out(" pacing_rate %sbps", sprint_bw(b1, s->pacing_rate));
2504 if (s->pacing_rate_max)
2505 out("/%sbps", sprint_bw(b1, s->pacing_rate_max));
2506 }
2507
2508 if (s->delivery_rate)
2509 out(" delivery_rate %sbps", sprint_bw(b1, s->delivery_rate));
2510 if (s->delivered)
2511 out(" delivered:%u", s->delivered);
2512 if (s->delivered_ce)
2513 out(" delivered_ce:%u", s->delivered_ce);
2514 if (s->app_limited)
2515 out(" app_limited");
2516
2517 if (s->busy_time) {
2518 out(" busy:%llums", s->busy_time / 1000);
2519 if (s->rwnd_limited)
2520 out(" rwnd_limited:%llums(%.1f%%)",
2521 s->rwnd_limited / 1000,
2522 100.0 * s->rwnd_limited / s->busy_time);
2523 if (s->sndbuf_limited)
2524 out(" sndbuf_limited:%llums(%.1f%%)",
2525 s->sndbuf_limited / 1000,
2526 100.0 * s->sndbuf_limited / s->busy_time);
2527 }
2528
2529 if (s->unacked)
2530 out(" unacked:%u", s->unacked);
2531 if (s->retrans || s->retrans_total)
2532 out(" retrans:%u/%u", s->retrans, s->retrans_total);
2533 if (s->lost)
2534 out(" lost:%u", s->lost);
2535 if (s->sacked && s->ss.state != SS_LISTEN)
2536 out(" sacked:%u", s->sacked);
2537 if (s->dsack_dups)
2538 out(" dsack_dups:%u", s->dsack_dups);
2539 if (s->fackets)
2540 out(" fackets:%u", s->fackets);
2541 if (s->reordering != 3)
2542 out(" reordering:%d", s->reordering);
2543 if (s->reord_seen)
2544 out(" reord_seen:%d", s->reord_seen);
2545 if (s->rcv_rtt)
2546 out(" rcv_rtt:%g", s->rcv_rtt);
2547 if (s->rcv_space)
2548 out(" rcv_space:%d", s->rcv_space);
2549 if (s->rcv_ssthresh)
2550 out(" rcv_ssthresh:%u", s->rcv_ssthresh);
2551 if (s->not_sent)
2552 out(" notsent:%u", s->not_sent);
2553 if (s->min_rtt)
2554 out(" minrtt:%g", s->min_rtt);
2555 }
2556
2557 static void tcp_timer_print(struct tcpstat *s)
2558 {
2559 static const char * const tmr_name[] = {
2560 "off",
2561 "on",
2562 "keepalive",
2563 "timewait",
2564 "persist",
2565 "unknown"
2566 };
2567
2568 if (s->timer) {
2569 if (s->timer > 4)
2570 s->timer = 5;
2571 out(" timer:(%s,%s,%d)",
2572 tmr_name[s->timer],
2573 print_ms_timer(s->timeout),
2574 s->retrans);
2575 }
2576 }
2577
2578 static void sctp_timer_print(struct tcpstat *s)
2579 {
2580 if (s->timer)
2581 out(" timer:(T3_RTX,%s,%d)",
2582 print_ms_timer(s->timeout), s->retrans);
2583 }
2584
2585 static int tcp_show_line(char *line, const struct filter *f, int family)
2586 {
2587 int rto = 0, ato = 0;
2588 struct tcpstat s = {};
2589 char *loc, *rem, *data;
2590 char opt[256];
2591 int n;
2592 int hz = get_user_hz();
2593
2594 if (proc_inet_split_line(line, &loc, &rem, &data))
2595 return -1;
2596
2597 int state = (data[1] >= 'A') ? (data[1] - 'A' + 10) : (data[1] - '0');
2598
2599 if (!(f->states & (1 << state)))
2600 return 0;
2601
2602 proc_parse_inet_addr(loc, rem, family, &s.ss);
2603
2604 if (f->f && run_ssfilter(f->f, &s.ss) == 0)
2605 return 0;
2606
2607 opt[0] = 0;
2608 n = sscanf(data, "%x %x:%x %x:%x %x %d %d %u %d %llx %d %d %d %u %d %[^\n]\n",
2609 &s.ss.state, &s.ss.wq, &s.ss.rq,
2610 &s.timer, &s.timeout, &s.retrans, &s.ss.uid, &s.probes,
2611 &s.ss.ino, &s.ss.refcnt, &s.ss.sk, &rto, &ato, &s.qack, &s.cwnd,
2612 &s.ssthresh, opt);
2613
2614 if (n < 17)
2615 opt[0] = 0;
2616
2617 if (n < 12) {
2618 rto = 0;
2619 s.cwnd = 2;
2620 s.ssthresh = -1;
2621 ato = s.qack = 0;
2622 }
2623
2624 s.retrans = s.timer != 1 ? s.probes : s.retrans;
2625 s.timeout = (s.timeout * 1000 + hz - 1) / hz;
2626 s.ato = (double)ato / hz;
2627 s.qack /= 2;
2628 s.rto = (double)rto;
2629 s.ssthresh = s.ssthresh == -1 ? 0 : s.ssthresh;
2630 s.rto = s.rto != 3 * hz ? s.rto / hz : 0;
2631 s.ss.type = IPPROTO_TCP;
2632
2633 inet_stats_print(&s.ss, false);
2634
2635 if (show_options)
2636 tcp_timer_print(&s);
2637
2638 if (show_details) {
2639 sock_details_print(&s.ss);
2640 if (opt[0])
2641 out(" opt:\"%s\"", opt);
2642 }
2643
2644 if (show_tcpinfo)
2645 tcp_stats_print(&s);
2646
2647 return 0;
2648 }
2649
2650 static int generic_record_read(FILE *fp,
2651 int (*worker)(char*, const struct filter *, int),
2652 const struct filter *f, int fam)
2653 {
2654 char line[256];
2655
2656 /* skip header */
2657 if (fgets(line, sizeof(line), fp) == NULL)
2658 goto outerr;
2659
2660 while (fgets(line, sizeof(line), fp) != NULL) {
2661 int n = strlen(line);
2662
2663 if (n == 0 || line[n-1] != '\n') {
2664 errno = -EINVAL;
2665 return -1;
2666 }
2667 line[n-1] = 0;
2668
2669 if (worker(line, f, fam) < 0)
2670 return 0;
2671 }
2672 outerr:
2673
2674 return ferror(fp) ? -1 : 0;
2675 }
2676
2677 static void print_skmeminfo(struct rtattr *tb[], int attrtype)
2678 {
2679 const __u32 *skmeminfo;
2680
2681 if (!tb[attrtype]) {
2682 if (attrtype == INET_DIAG_SKMEMINFO) {
2683 if (!tb[INET_DIAG_MEMINFO])
2684 return;
2685
2686 const struct inet_diag_meminfo *minfo =
2687 RTA_DATA(tb[INET_DIAG_MEMINFO]);
2688
2689 out(" mem:(r%u,w%u,f%u,t%u)",
2690 minfo->idiag_rmem,
2691 minfo->idiag_wmem,
2692 minfo->idiag_fmem,
2693 minfo->idiag_tmem);
2694 }
2695 return;
2696 }
2697
2698 skmeminfo = RTA_DATA(tb[attrtype]);
2699
2700 out(" skmem:(r%u,rb%u,t%u,tb%u,f%u,w%u,o%u",
2701 skmeminfo[SK_MEMINFO_RMEM_ALLOC],
2702 skmeminfo[SK_MEMINFO_RCVBUF],
2703 skmeminfo[SK_MEMINFO_WMEM_ALLOC],
2704 skmeminfo[SK_MEMINFO_SNDBUF],
2705 skmeminfo[SK_MEMINFO_FWD_ALLOC],
2706 skmeminfo[SK_MEMINFO_WMEM_QUEUED],
2707 skmeminfo[SK_MEMINFO_OPTMEM]);
2708
2709 if (RTA_PAYLOAD(tb[attrtype]) >=
2710 (SK_MEMINFO_BACKLOG + 1) * sizeof(__u32))
2711 out(",bl%u", skmeminfo[SK_MEMINFO_BACKLOG]);
2712
2713 if (RTA_PAYLOAD(tb[attrtype]) >=
2714 (SK_MEMINFO_DROPS + 1) * sizeof(__u32))
2715 out(",d%u", skmeminfo[SK_MEMINFO_DROPS]);
2716
2717 out(")");
2718 }
2719
2720 static void print_md5sig(struct tcp_diag_md5sig *sig)
2721 {
2722 out("%s/%d=",
2723 format_host(sig->tcpm_family,
2724 sig->tcpm_family == AF_INET6 ? 16 : 4,
2725 &sig->tcpm_addr),
2726 sig->tcpm_prefixlen);
2727 print_escape_buf(sig->tcpm_key, sig->tcpm_keylen, " ,");
2728 }
2729
2730 #define TCPI_HAS_OPT(info, opt) !!(info->tcpi_options & (opt))
2731
2732 static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
2733 struct rtattr *tb[])
2734 {
2735 double rtt = 0;
2736 struct tcpstat s = {};
2737
2738 s.ss.state = r->idiag_state;
2739
2740 print_skmeminfo(tb, INET_DIAG_SKMEMINFO);
2741
2742 if (tb[INET_DIAG_INFO]) {
2743 struct tcp_info *info;
2744 int len = RTA_PAYLOAD(tb[INET_DIAG_INFO]);
2745
2746 /* workaround for older kernels with less fields */
2747 if (len < sizeof(*info)) {
2748 info = alloca(sizeof(*info));
2749 memcpy(info, RTA_DATA(tb[INET_DIAG_INFO]), len);
2750 memset((char *)info + len, 0, sizeof(*info) - len);
2751 } else
2752 info = RTA_DATA(tb[INET_DIAG_INFO]);
2753
2754 if (show_options) {
2755 s.has_ts_opt = TCPI_HAS_OPT(info, TCPI_OPT_TIMESTAMPS);
2756 s.has_sack_opt = TCPI_HAS_OPT(info, TCPI_OPT_SACK);
2757 s.has_ecn_opt = TCPI_HAS_OPT(info, TCPI_OPT_ECN);
2758 s.has_ecnseen_opt = TCPI_HAS_OPT(info, TCPI_OPT_ECN_SEEN);
2759 s.has_fastopen_opt = TCPI_HAS_OPT(info, TCPI_OPT_SYN_DATA);
2760 }
2761
2762 if (tb[INET_DIAG_CONG])
2763 strncpy(s.cong_alg,
2764 rta_getattr_str(tb[INET_DIAG_CONG]),
2765 sizeof(s.cong_alg) - 1);
2766
2767 if (TCPI_HAS_OPT(info, TCPI_OPT_WSCALE)) {
2768 s.has_wscale_opt = true;
2769 s.snd_wscale = info->tcpi_snd_wscale;
2770 s.rcv_wscale = info->tcpi_rcv_wscale;
2771 }
2772
2773 if (info->tcpi_rto && info->tcpi_rto != 3000000)
2774 s.rto = (double)info->tcpi_rto / 1000;
2775
2776 s.backoff = info->tcpi_backoff;
2777 s.rtt = (double)info->tcpi_rtt / 1000;
2778 s.rttvar = (double)info->tcpi_rttvar / 1000;
2779 s.ato = (double)info->tcpi_ato / 1000;
2780 s.mss = info->tcpi_snd_mss;
2781 s.rcv_mss = info->tcpi_rcv_mss;
2782 s.advmss = info->tcpi_advmss;
2783 s.rcv_space = info->tcpi_rcv_space;
2784 s.rcv_rtt = (double)info->tcpi_rcv_rtt / 1000;
2785 s.lastsnd = info->tcpi_last_data_sent;
2786 s.lastrcv = info->tcpi_last_data_recv;
2787 s.lastack = info->tcpi_last_ack_recv;
2788 s.unacked = info->tcpi_unacked;
2789 s.retrans = info->tcpi_retrans;
2790 s.retrans_total = info->tcpi_total_retrans;
2791 s.lost = info->tcpi_lost;
2792 s.sacked = info->tcpi_sacked;
2793 s.fackets = info->tcpi_fackets;
2794 s.reordering = info->tcpi_reordering;
2795 s.rcv_ssthresh = info->tcpi_rcv_ssthresh;
2796 s.cwnd = info->tcpi_snd_cwnd;
2797 s.pmtu = info->tcpi_pmtu;
2798
2799 if (info->tcpi_snd_ssthresh < 0xFFFF)
2800 s.ssthresh = info->tcpi_snd_ssthresh;
2801
2802 rtt = (double) info->tcpi_rtt;
2803 if (tb[INET_DIAG_VEGASINFO]) {
2804 const struct tcpvegas_info *vinfo
2805 = RTA_DATA(tb[INET_DIAG_VEGASINFO]);
2806
2807 if (vinfo->tcpv_enabled &&
2808 vinfo->tcpv_rtt && vinfo->tcpv_rtt != 0x7fffffff)
2809 rtt = vinfo->tcpv_rtt;
2810 }
2811
2812 if (tb[INET_DIAG_DCTCPINFO]) {
2813 struct dctcpstat *dctcp = malloc(sizeof(struct
2814 dctcpstat));
2815
2816 const struct tcp_dctcp_info *dinfo
2817 = RTA_DATA(tb[INET_DIAG_DCTCPINFO]);
2818
2819 dctcp->enabled = !!dinfo->dctcp_enabled;
2820 dctcp->ce_state = dinfo->dctcp_ce_state;
2821 dctcp->alpha = dinfo->dctcp_alpha;
2822 dctcp->ab_ecn = dinfo->dctcp_ab_ecn;
2823 dctcp->ab_tot = dinfo->dctcp_ab_tot;
2824 s.dctcp = dctcp;
2825 }
2826
2827 if (tb[INET_DIAG_BBRINFO]) {
2828 const void *bbr_info = RTA_DATA(tb[INET_DIAG_BBRINFO]);
2829 int len = min(RTA_PAYLOAD(tb[INET_DIAG_BBRINFO]),
2830 sizeof(*s.bbr_info));
2831
2832 s.bbr_info = calloc(1, sizeof(*s.bbr_info));
2833 if (s.bbr_info && bbr_info)
2834 memcpy(s.bbr_info, bbr_info, len);
2835 }
2836
2837 if (rtt > 0 && info->tcpi_snd_mss && info->tcpi_snd_cwnd) {
2838 s.send_bps = (double) info->tcpi_snd_cwnd *
2839 (double)info->tcpi_snd_mss * 8000000. / rtt;
2840 }
2841
2842 if (info->tcpi_pacing_rate &&
2843 info->tcpi_pacing_rate != ~0ULL) {
2844 s.pacing_rate = info->tcpi_pacing_rate * 8.;
2845
2846 if (info->tcpi_max_pacing_rate &&
2847 info->tcpi_max_pacing_rate != ~0ULL)
2848 s.pacing_rate_max = info->tcpi_max_pacing_rate * 8.;
2849 }
2850 s.bytes_acked = info->tcpi_bytes_acked;
2851 s.bytes_received = info->tcpi_bytes_received;
2852 s.segs_out = info->tcpi_segs_out;
2853 s.segs_in = info->tcpi_segs_in;
2854 s.data_segs_out = info->tcpi_data_segs_out;
2855 s.data_segs_in = info->tcpi_data_segs_in;
2856 s.not_sent = info->tcpi_notsent_bytes;
2857 if (info->tcpi_min_rtt && info->tcpi_min_rtt != ~0U)
2858 s.min_rtt = (double) info->tcpi_min_rtt / 1000;
2859 s.delivery_rate = info->tcpi_delivery_rate * 8.;
2860 s.app_limited = info->tcpi_delivery_rate_app_limited;
2861 s.busy_time = info->tcpi_busy_time;
2862 s.rwnd_limited = info->tcpi_rwnd_limited;
2863 s.sndbuf_limited = info->tcpi_sndbuf_limited;
2864 s.delivered = info->tcpi_delivered;
2865 s.delivered_ce = info->tcpi_delivered_ce;
2866 s.dsack_dups = info->tcpi_dsack_dups;
2867 s.reord_seen = info->tcpi_reord_seen;
2868 s.bytes_sent = info->tcpi_bytes_sent;
2869 s.bytes_retrans = info->tcpi_bytes_retrans;
2870 tcp_stats_print(&s);
2871 free(s.dctcp);
2872 free(s.bbr_info);
2873 }
2874 if (tb[INET_DIAG_MD5SIG]) {
2875 struct tcp_diag_md5sig *sig = RTA_DATA(tb[INET_DIAG_MD5SIG]);
2876 int len = RTA_PAYLOAD(tb[INET_DIAG_MD5SIG]);
2877
2878 out(" md5keys:");
2879 print_md5sig(sig++);
2880 for (len -= sizeof(*sig); len > 0; len -= sizeof(*sig)) {
2881 out(",");
2882 print_md5sig(sig++);
2883 }
2884 }
2885 }
2886
2887 static const char *format_host_sa(struct sockaddr_storage *sa)
2888 {
2889 union {
2890 struct sockaddr_in sin;
2891 struct sockaddr_in6 sin6;
2892 } *saddr = (void *)sa;
2893
2894 switch (sa->ss_family) {
2895 case AF_INET:
2896 return format_host(AF_INET, 4, &saddr->sin.sin_addr);
2897 case AF_INET6:
2898 return format_host(AF_INET6, 16, &saddr->sin6.sin6_addr);
2899 default:
2900 return "";
2901 }
2902 }
2903
2904 static void sctp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
2905 struct rtattr *tb[])
2906 {
2907 struct sockaddr_storage *sa;
2908 int len;
2909
2910 print_skmeminfo(tb, INET_DIAG_SKMEMINFO);
2911
2912 if (tb[INET_DIAG_LOCALS]) {
2913 len = RTA_PAYLOAD(tb[INET_DIAG_LOCALS]);
2914 sa = RTA_DATA(tb[INET_DIAG_LOCALS]);
2915
2916 out("locals:%s", format_host_sa(sa));
2917 for (sa++, len -= sizeof(*sa); len > 0; sa++, len -= sizeof(*sa))
2918 out(",%s", format_host_sa(sa));
2919
2920 }
2921 if (tb[INET_DIAG_PEERS]) {
2922 len = RTA_PAYLOAD(tb[INET_DIAG_PEERS]);
2923 sa = RTA_DATA(tb[INET_DIAG_PEERS]);
2924
2925 out(" peers:%s", format_host_sa(sa));
2926 for (sa++, len -= sizeof(*sa); len > 0; sa++, len -= sizeof(*sa))
2927 out(",%s", format_host_sa(sa));
2928 }
2929 if (tb[INET_DIAG_INFO]) {
2930 struct sctp_info *info;
2931 len = RTA_PAYLOAD(tb[INET_DIAG_INFO]);
2932
2933 /* workaround for older kernels with less fields */
2934 if (len < sizeof(*info)) {
2935 info = alloca(sizeof(*info));
2936 memcpy(info, RTA_DATA(tb[INET_DIAG_INFO]), len);
2937 memset((char *)info + len, 0, sizeof(*info) - len);
2938 } else
2939 info = RTA_DATA(tb[INET_DIAG_INFO]);
2940
2941 sctp_stats_print(info);
2942 }
2943 }
2944
2945 static void parse_diag_msg(struct nlmsghdr *nlh, struct sockstat *s)
2946 {
2947 struct rtattr *tb[INET_DIAG_MAX+1];
2948 struct inet_diag_msg *r = NLMSG_DATA(nlh);
2949
2950 parse_rtattr(tb, INET_DIAG_MAX, (struct rtattr *)(r+1),
2951 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
2952
2953 s->state = r->idiag_state;
2954 s->local.family = s->remote.family = r->idiag_family;
2955 s->lport = ntohs(r->id.idiag_sport);
2956 s->rport = ntohs(r->id.idiag_dport);
2957 s->wq = r->idiag_wqueue;
2958 s->rq = r->idiag_rqueue;
2959 s->ino = r->idiag_inode;
2960 s->uid = r->idiag_uid;
2961 s->iface = r->id.idiag_if;
2962 s->sk = cookie_sk_get(&r->id.idiag_cookie[0]);
2963
2964 s->mark = 0;
2965 if (tb[INET_DIAG_MARK])
2966 s->mark = rta_getattr_u32(tb[INET_DIAG_MARK]);
2967 if (tb[INET_DIAG_PROTOCOL])
2968 s->raw_prot = rta_getattr_u8(tb[INET_DIAG_PROTOCOL]);
2969 else
2970 s->raw_prot = 0;
2971
2972 if (s->local.family == AF_INET)
2973 s->local.bytelen = s->remote.bytelen = 4;
2974 else
2975 s->local.bytelen = s->remote.bytelen = 16;
2976
2977 memcpy(s->local.data, r->id.idiag_src, s->local.bytelen);
2978 memcpy(s->remote.data, r->id.idiag_dst, s->local.bytelen);
2979 }
2980
2981 static int inet_show_sock(struct nlmsghdr *nlh,
2982 struct sockstat *s)
2983 {
2984 struct rtattr *tb[INET_DIAG_MAX+1];
2985 struct inet_diag_msg *r = NLMSG_DATA(nlh);
2986 unsigned char v6only = 0;
2987
2988 parse_rtattr(tb, INET_DIAG_MAX, (struct rtattr *)(r+1),
2989 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
2990
2991 if (tb[INET_DIAG_PROTOCOL])
2992 s->type = rta_getattr_u8(tb[INET_DIAG_PROTOCOL]);
2993
2994 if (s->local.family == AF_INET6 && tb[INET_DIAG_SKV6ONLY])
2995 v6only = rta_getattr_u8(tb[INET_DIAG_SKV6ONLY]);
2996
2997 inet_stats_print(s, v6only);
2998
2999 if (show_options) {
3000 struct tcpstat t = {};
3001
3002 t.timer = r->idiag_timer;
3003 t.timeout = r->idiag_expires;
3004 t.retrans = r->idiag_retrans;
3005 if (s->type == IPPROTO_SCTP)
3006 sctp_timer_print(&t);
3007 else
3008 tcp_timer_print(&t);
3009 }
3010
3011 if (show_details) {
3012 sock_details_print(s);
3013 if (s->local.family == AF_INET6 && tb[INET_DIAG_SKV6ONLY])
3014 out(" v6only:%u", v6only);
3015
3016 if (tb[INET_DIAG_SHUTDOWN]) {
3017 unsigned char mask;
3018
3019 mask = rta_getattr_u8(tb[INET_DIAG_SHUTDOWN]);
3020 out(" %c-%c",
3021 mask & 1 ? '-' : '<', mask & 2 ? '-' : '>');
3022 }
3023 }
3024
3025 if (show_mem || (show_tcpinfo && s->type != IPPROTO_UDP)) {
3026 out("\n\t");
3027 if (s->type == IPPROTO_SCTP)
3028 sctp_show_info(nlh, r, tb);
3029 else
3030 tcp_show_info(nlh, r, tb);
3031 }
3032 sctp_ino = s->ino;
3033
3034 return 0;
3035 }
3036
3037 static int tcpdiag_send(int fd, int protocol, struct filter *f)
3038 {
3039 struct sockaddr_nl nladdr = { .nl_family = AF_NETLINK };
3040 struct {
3041 struct nlmsghdr nlh;
3042 struct inet_diag_req r;
3043 } req = {
3044 .nlh.nlmsg_len = sizeof(req),
3045 .nlh.nlmsg_flags = NLM_F_ROOT | NLM_F_MATCH | NLM_F_REQUEST,
3046 .nlh.nlmsg_seq = MAGIC_SEQ,
3047 .r.idiag_family = AF_INET,
3048 .r.idiag_states = f->states,
3049 };
3050 char *bc = NULL;
3051 int bclen;
3052 struct msghdr msg;
3053 struct rtattr rta;
3054 struct iovec iov[3];
3055 int iovlen = 1;
3056
3057 if (protocol == IPPROTO_UDP)
3058 return -1;
3059
3060 if (protocol == IPPROTO_TCP)
3061 req.nlh.nlmsg_type = TCPDIAG_GETSOCK;
3062 else
3063 req.nlh.nlmsg_type = DCCPDIAG_GETSOCK;
3064 if (show_mem) {
3065 req.r.idiag_ext |= (1<<(INET_DIAG_MEMINFO-1));
3066 req.r.idiag_ext |= (1<<(INET_DIAG_SKMEMINFO-1));
3067 }
3068
3069 if (show_tcpinfo) {
3070 req.r.idiag_ext |= (1<<(INET_DIAG_INFO-1));
3071 req.r.idiag_ext |= (1<<(INET_DIAG_VEGASINFO-1));
3072 req.r.idiag_ext |= (1<<(INET_DIAG_CONG-1));
3073 }
3074
3075 iov[0] = (struct iovec){
3076 .iov_base = &req,
3077 .iov_len = sizeof(req)
3078 };
3079 if (f->f) {
3080 bclen = ssfilter_bytecompile(f->f, &bc);
3081 if (bclen) {
3082 rta.rta_type = INET_DIAG_REQ_BYTECODE;
3083 rta.rta_len = RTA_LENGTH(bclen);
3084 iov[1] = (struct iovec){ &rta, sizeof(rta) };
3085 iov[2] = (struct iovec){ bc, bclen };
3086 req.nlh.nlmsg_len += RTA_LENGTH(bclen);
3087 iovlen = 3;
3088 }
3089 }
3090
3091 msg = (struct msghdr) {
3092 .msg_name = (void *)&nladdr,
3093 .msg_namelen = sizeof(nladdr),
3094 .msg_iov = iov,
3095 .msg_iovlen = iovlen,
3096 };
3097
3098 if (sendmsg(fd, &msg, 0) < 0) {
3099 close(fd);
3100 return -1;
3101 }
3102
3103 return 0;
3104 }
3105
3106 static int sockdiag_send(int family, int fd, int protocol, struct filter *f)
3107 {
3108 struct sockaddr_nl nladdr = { .nl_family = AF_NETLINK };
3109 DIAG_REQUEST(req, struct inet_diag_req_v2 r);
3110 char *bc = NULL;
3111 int bclen;
3112 struct msghdr msg;
3113 struct rtattr rta;
3114 struct iovec iov[3];
3115 int iovlen = 1;
3116
3117 if (family == PF_UNSPEC)
3118 return tcpdiag_send(fd, protocol, f);
3119
3120 memset(&req.r, 0, sizeof(req.r));
3121 req.r.sdiag_family = family;
3122 req.r.sdiag_protocol = protocol;
3123 req.r.idiag_states = f->states;
3124 if (show_mem) {
3125 req.r.idiag_ext |= (1<<(INET_DIAG_MEMINFO-1));
3126 req.r.idiag_ext |= (1<<(INET_DIAG_SKMEMINFO-1));
3127 }
3128
3129 if (show_tcpinfo) {
3130 req.r.idiag_ext |= (1<<(INET_DIAG_INFO-1));
3131 req.r.idiag_ext |= (1<<(INET_DIAG_VEGASINFO-1));
3132 req.r.idiag_ext |= (1<<(INET_DIAG_CONG-1));
3133 }
3134
3135 iov[0] = (struct iovec){
3136 .iov_base = &req,
3137 .iov_len = sizeof(req)
3138 };
3139 if (f->f) {
3140 bclen = ssfilter_bytecompile(f->f, &bc);
3141 if (bclen) {
3142 rta.rta_type = INET_DIAG_REQ_BYTECODE;
3143 rta.rta_len = RTA_LENGTH(bclen);
3144 iov[1] = (struct iovec){ &rta, sizeof(rta) };
3145 iov[2] = (struct iovec){ bc, bclen };
3146 req.nlh.nlmsg_len += RTA_LENGTH(bclen);
3147 iovlen = 3;
3148 }
3149 }
3150
3151 msg = (struct msghdr) {
3152 .msg_name = (void *)&nladdr,
3153 .msg_namelen = sizeof(nladdr),
3154 .msg_iov = iov,
3155 .msg_iovlen = iovlen,
3156 };
3157
3158 if (sendmsg(fd, &msg, 0) < 0) {
3159 close(fd);
3160 return -1;
3161 }
3162
3163 return 0;
3164 }
3165
3166 struct inet_diag_arg {
3167 struct filter *f;
3168 int protocol;
3169 struct rtnl_handle *rth;
3170 };
3171
3172 static int kill_inet_sock(struct nlmsghdr *h, void *arg, struct sockstat *s)
3173 {
3174 struct inet_diag_msg *d = NLMSG_DATA(h);
3175 struct inet_diag_arg *diag_arg = arg;
3176 struct rtnl_handle *rth = diag_arg->rth;
3177
3178 DIAG_REQUEST(req, struct inet_diag_req_v2 r);
3179
3180 req.nlh.nlmsg_type = SOCK_DESTROY;
3181 req.nlh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
3182 req.nlh.nlmsg_seq = ++rth->seq;
3183 req.r.sdiag_family = d->idiag_family;
3184 req.r.sdiag_protocol = diag_arg->protocol;
3185 req.r.id = d->id;
3186
3187 if (diag_arg->protocol == IPPROTO_RAW) {
3188 struct inet_diag_req_raw *raw = (void *)&req.r;
3189
3190 BUILD_BUG_ON(sizeof(req.r) != sizeof(*raw));
3191 raw->sdiag_raw_protocol = s->raw_prot;
3192 }
3193
3194 return rtnl_talk(rth, &req.nlh, NULL);
3195 }
3196
3197 static int show_one_inet_sock(struct nlmsghdr *h, void *arg)
3198 {
3199 int err;
3200 struct inet_diag_arg *diag_arg = arg;
3201 struct inet_diag_msg *r = NLMSG_DATA(h);
3202 struct sockstat s = {};
3203
3204 if (!(diag_arg->f->families & FAMILY_MASK(r->idiag_family)))
3205 return 0;
3206
3207 parse_diag_msg(h, &s);
3208 s.type = diag_arg->protocol;
3209
3210 if (diag_arg->f->f && run_ssfilter(diag_arg->f->f, &s) == 0)
3211 return 0;
3212
3213 if (diag_arg->f->kill && kill_inet_sock(h, arg, &s) != 0) {
3214 if (errno == EOPNOTSUPP || errno == ENOENT) {
3215 /* Socket can't be closed, or is already closed. */
3216 return 0;
3217 } else {
3218 perror("SOCK_DESTROY answers");
3219 return -1;
3220 }
3221 }
3222
3223 err = inet_show_sock(h, &s);
3224 if (err < 0)
3225 return err;
3226
3227 return 0;
3228 }
3229
3230 static int inet_show_netlink(struct filter *f, FILE *dump_fp, int protocol)
3231 {
3232 int err = 0;
3233 struct rtnl_handle rth, rth2;
3234 int family = PF_INET;
3235 struct inet_diag_arg arg = { .f = f, .protocol = protocol };
3236
3237 if (rtnl_open_byproto(&rth, 0, NETLINK_SOCK_DIAG))
3238 return -1;
3239
3240 if (f->kill) {
3241 if (rtnl_open_byproto(&rth2, 0, NETLINK_SOCK_DIAG)) {
3242 rtnl_close(&rth);
3243 return -1;
3244 }
3245 arg.rth = &rth2;
3246 }
3247
3248 rth.dump = MAGIC_SEQ;
3249 rth.dump_fp = dump_fp;
3250 if (preferred_family == PF_INET6)
3251 family = PF_INET6;
3252
3253 again:
3254 if ((err = sockdiag_send(family, rth.fd, protocol, f)))
3255 goto Exit;
3256
3257 if ((err = rtnl_dump_filter(&rth, show_one_inet_sock, &arg))) {
3258 if (family != PF_UNSPEC) {
3259 family = PF_UNSPEC;
3260 goto again;
3261 }
3262 goto Exit;
3263 }
3264 if (family == PF_INET && preferred_family != PF_INET) {
3265 family = PF_INET6;
3266 goto again;
3267 }
3268
3269 Exit:
3270 rtnl_close(&rth);
3271 if (arg.rth)
3272 rtnl_close(arg.rth);
3273 return err;
3274 }
3275
3276 static int tcp_show_netlink_file(struct filter *f)
3277 {
3278 FILE *fp;
3279 char buf[16384];
3280 int err = -1;
3281
3282 if ((fp = fopen(getenv("TCPDIAG_FILE"), "r")) == NULL) {
3283 perror("fopen($TCPDIAG_FILE)");
3284 return err;
3285 }
3286
3287 while (1) {
3288 int status, err2;
3289 struct nlmsghdr *h = (struct nlmsghdr *)buf;
3290 struct sockstat s = {};
3291
3292 status = fread(buf, 1, sizeof(*h), fp);
3293 if (status < 0) {
3294 perror("Reading header from $TCPDIAG_FILE");
3295 break;
3296 }
3297 if (status != sizeof(*h)) {
3298 perror("Unexpected EOF reading $TCPDIAG_FILE");
3299 break;
3300 }
3301
3302 status = fread(h+1, 1, NLMSG_ALIGN(h->nlmsg_len-sizeof(*h)), fp);
3303
3304 if (status < 0) {
3305 perror("Reading $TCPDIAG_FILE");
3306 break;
3307 }
3308 if (status + sizeof(*h) < h->nlmsg_len) {
3309 perror("Unexpected EOF reading $TCPDIAG_FILE");
3310 break;
3311 }
3312
3313 /* The only legal exit point */
3314 if (h->nlmsg_type == NLMSG_DONE) {
3315 err = 0;
3316 break;
3317 }
3318
3319 if (h->nlmsg_type == NLMSG_ERROR) {
3320 struct nlmsgerr *err = (struct nlmsgerr *)NLMSG_DATA(h);
3321
3322 if (h->nlmsg_len < NLMSG_LENGTH(sizeof(struct nlmsgerr))) {
3323 fprintf(stderr, "ERROR truncated\n");
3324 } else {
3325 errno = -err->error;
3326 perror("TCPDIAG answered");
3327 }
3328 break;
3329 }
3330
3331 parse_diag_msg(h, &s);
3332 s.type = IPPROTO_TCP;
3333
3334 if (f && f->f && run_ssfilter(f->f, &s) == 0)
3335 continue;
3336
3337 err2 = inet_show_sock(h, &s);
3338 if (err2 < 0) {
3339 err = err2;
3340 break;
3341 }
3342 }
3343
3344 fclose(fp);
3345 return err;
3346 }
3347
3348 static int tcp_show(struct filter *f)
3349 {
3350 FILE *fp = NULL;
3351 char *buf = NULL;
3352 int bufsize = 1024*1024;
3353
3354 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
3355 return 0;
3356
3357 dg_proto = TCP_PROTO;
3358
3359 if (getenv("TCPDIAG_FILE"))
3360 return tcp_show_netlink_file(f);
3361
3362 if (!getenv("PROC_NET_TCP") && !getenv("PROC_ROOT")
3363 && inet_show_netlink(f, NULL, IPPROTO_TCP) == 0)
3364 return 0;
3365
3366 /* Sigh... We have to parse /proc/net/tcp... */
3367 while (bufsize >= 64*1024) {
3368 if ((buf = malloc(bufsize)) != NULL)
3369 break;
3370 bufsize /= 2;
3371 }
3372 if (buf == NULL) {
3373 errno = ENOMEM;
3374 return -1;
3375 }
3376
3377 if (f->families & FAMILY_MASK(AF_INET)) {
3378 if ((fp = net_tcp_open()) == NULL)
3379 goto outerr;
3380
3381 setbuffer(fp, buf, bufsize);
3382 if (generic_record_read(fp, tcp_show_line, f, AF_INET))
3383 goto outerr;
3384 fclose(fp);
3385 }
3386
3387 if ((f->families & FAMILY_MASK(AF_INET6)) &&
3388 (fp = net_tcp6_open()) != NULL) {
3389 setbuffer(fp, buf, bufsize);
3390 if (generic_record_read(fp, tcp_show_line, f, AF_INET6))
3391 goto outerr;
3392 fclose(fp);
3393 }
3394
3395 free(buf);
3396 return 0;
3397
3398 outerr:
3399 do {
3400 int saved_errno = errno;
3401
3402 free(buf);
3403 if (fp)
3404 fclose(fp);
3405 errno = saved_errno;
3406 return -1;
3407 } while (0);
3408 }
3409
3410 static int dccp_show(struct filter *f)
3411 {
3412 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
3413 return 0;
3414
3415 if (!getenv("PROC_NET_DCCP") && !getenv("PROC_ROOT")
3416 && inet_show_netlink(f, NULL, IPPROTO_DCCP) == 0)
3417 return 0;
3418
3419 return 0;
3420 }
3421
3422 static int sctp_show(struct filter *f)
3423 {
3424 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
3425 return 0;
3426
3427 if (!getenv("PROC_NET_SCTP") && !getenv("PROC_ROOT")
3428 && inet_show_netlink(f, NULL, IPPROTO_SCTP) == 0)
3429 return 0;
3430
3431 return 0;
3432 }
3433
3434 static int dgram_show_line(char *line, const struct filter *f, int family)
3435 {
3436 struct sockstat s = {};
3437 char *loc, *rem, *data;
3438 char opt[256];
3439 int n;
3440
3441 if (proc_inet_split_line(line, &loc, &rem, &data))
3442 return -1;
3443
3444 int state = (data[1] >= 'A') ? (data[1] - 'A' + 10) : (data[1] - '0');
3445
3446 if (!(f->states & (1 << state)))
3447 return 0;
3448
3449 proc_parse_inet_addr(loc, rem, family, &s);
3450
3451 if (f->f && run_ssfilter(f->f, &s) == 0)
3452 return 0;
3453
3454 opt[0] = 0;
3455 n = sscanf(data, "%x %x:%x %*x:%*x %*x %d %*d %u %d %llx %[^\n]\n",
3456 &s.state, &s.wq, &s.rq,
3457 &s.uid, &s.ino,
3458 &s.refcnt, &s.sk, opt);
3459
3460 if (n < 9)
3461 opt[0] = 0;
3462
3463 s.type = dg_proto == UDP_PROTO ? IPPROTO_UDP : 0;
3464 inet_stats_print(&s, false);
3465
3466 if (show_details && opt[0])
3467 out(" opt:\"%s\"", opt);
3468
3469 return 0;
3470 }
3471
3472 static int udp_show(struct filter *f)
3473 {
3474 FILE *fp = NULL;
3475
3476 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
3477 return 0;
3478
3479 dg_proto = UDP_PROTO;
3480
3481 if (!getenv("PROC_NET_UDP") && !getenv("PROC_ROOT")
3482 && inet_show_netlink(f, NULL, IPPROTO_UDP) == 0)
3483 return 0;
3484
3485 if (f->families&FAMILY_MASK(AF_INET)) {
3486 if ((fp = net_udp_open()) == NULL)
3487 goto outerr;
3488 if (generic_record_read(fp, dgram_show_line, f, AF_INET))
3489 goto outerr;
3490 fclose(fp);
3491 }
3492
3493 if ((f->families&FAMILY_MASK(AF_INET6)) &&
3494 (fp = net_udp6_open()) != NULL) {
3495 if (generic_record_read(fp, dgram_show_line, f, AF_INET6))
3496 goto outerr;
3497 fclose(fp);
3498 }
3499 return 0;
3500
3501 outerr:
3502 do {
3503 int saved_errno = errno;
3504
3505 if (fp)
3506 fclose(fp);
3507 errno = saved_errno;
3508 return -1;
3509 } while (0);
3510 }
3511
3512 static int raw_show(struct filter *f)
3513 {
3514 FILE *fp = NULL;
3515
3516 if (!filter_af_get(f, AF_INET) && !filter_af_get(f, AF_INET6))
3517 return 0;
3518
3519 dg_proto = RAW_PROTO;
3520
3521 if (!getenv("PROC_NET_RAW") && !getenv("PROC_ROOT") &&
3522 inet_show_netlink(f, NULL, IPPROTO_RAW) == 0)
3523 return 0;
3524
3525 if (f->families&FAMILY_MASK(AF_INET)) {
3526 if ((fp = net_raw_open()) == NULL)
3527 goto outerr;
3528 if (generic_record_read(fp, dgram_show_line, f, AF_INET))
3529 goto outerr;
3530 fclose(fp);
3531 }
3532
3533 if ((f->families&FAMILY_MASK(AF_INET6)) &&
3534 (fp = net_raw6_open()) != NULL) {
3535 if (generic_record_read(fp, dgram_show_line, f, AF_INET6))
3536 goto outerr;
3537 fclose(fp);
3538 }
3539 return 0;
3540
3541 outerr:
3542 do {
3543 int saved_errno = errno;
3544
3545 if (fp)
3546 fclose(fp);
3547 errno = saved_errno;
3548 return -1;
3549 } while (0);
3550 }
3551
3552 #define MAX_UNIX_REMEMBER (1024*1024/sizeof(struct sockstat))
3553
3554 static void unix_list_drop_first(struct sockstat **list)
3555 {
3556 struct sockstat *s = *list;
3557
3558 (*list) = (*list)->next;
3559 free(s->name);
3560 free(s);
3561 }
3562
3563 static bool unix_type_skip(struct sockstat *s, struct filter *f)
3564 {
3565 if (s->type == SOCK_STREAM && !(f->dbs&(1<<UNIX_ST_DB)))
3566 return true;
3567 if (s->type == SOCK_DGRAM && !(f->dbs&(1<<UNIX_DG_DB)))
3568 return true;
3569 if (s->type == SOCK_SEQPACKET && !(f->dbs&(1<<UNIX_SQ_DB)))
3570 return true;
3571 return false;
3572 }
3573
3574 static void unix_stats_print(struct sockstat *s, struct filter *f)
3575 {
3576 char port_name[30] = {};
3577
3578 sock_state_print(s);
3579
3580 sock_addr_print(s->name ?: "*", " ",
3581 int_to_str(s->lport, port_name), NULL);
3582 sock_addr_print(s->peer_name ?: "*", " ",
3583 int_to_str(s->rport, port_name), NULL);
3584
3585 proc_ctx_print(s);
3586 }
3587
3588 static int unix_show_sock(struct nlmsghdr *nlh, void *arg)
3589 {
3590 struct filter *f = (struct filter *)arg;
3591 struct unix_diag_msg *r = NLMSG_DATA(nlh);
3592 struct rtattr *tb[UNIX_DIAG_MAX+1];
3593 char name[128];
3594 struct sockstat stat = { .name = "*", .peer_name = "*" };
3595
3596 parse_rtattr(tb, UNIX_DIAG_MAX, (struct rtattr *)(r+1),
3597 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
3598
3599 stat.type = r->udiag_type;
3600 stat.state = r->udiag_state;
3601 stat.ino = stat.lport = r->udiag_ino;
3602 stat.local.family = stat.remote.family = AF_UNIX;
3603
3604 if (unix_type_skip(&stat, f))
3605 return 0;
3606
3607 if (tb[UNIX_DIAG_RQLEN]) {
3608 struct unix_diag_rqlen *rql = RTA_DATA(tb[UNIX_DIAG_RQLEN]);
3609
3610 stat.rq = rql->udiag_rqueue;
3611 stat.wq = rql->udiag_wqueue;
3612 }
3613 if (tb[UNIX_DIAG_NAME]) {
3614 int len = RTA_PAYLOAD(tb[UNIX_DIAG_NAME]);
3615
3616 memcpy(name, RTA_DATA(tb[UNIX_DIAG_NAME]), len);
3617 name[len] = '\0';
3618 if (name[0] == '\0') {
3619 int i;
3620 for (i = 0; i < len; i++)
3621 if (name[i] == '\0')
3622 name[i] = '@';
3623 }
3624 stat.name = &name[0];
3625 memcpy(stat.local.data, &stat.name, sizeof(stat.name));
3626 }
3627 if (tb[UNIX_DIAG_PEER])
3628 stat.rport = rta_getattr_u32(tb[UNIX_DIAG_PEER]);
3629
3630 if (f->f && run_ssfilter(f->f, &stat) == 0)
3631 return 0;
3632
3633 unix_stats_print(&stat, f);
3634
3635 if (show_mem)
3636 print_skmeminfo(tb, UNIX_DIAG_MEMINFO);
3637 if (show_details) {
3638 if (tb[UNIX_DIAG_SHUTDOWN]) {
3639 unsigned char mask;
3640
3641 mask = rta_getattr_u8(tb[UNIX_DIAG_SHUTDOWN]);
3642 out(" %c-%c",
3643 mask & 1 ? '-' : '<', mask & 2 ? '-' : '>');
3644 }
3645 if (tb[UNIX_DIAG_VFS]) {
3646 struct unix_diag_vfs *uv = RTA_DATA(tb[UNIX_DIAG_VFS]);
3647
3648 out(" ino:%u dev:%u/%u", uv->udiag_vfs_ino, major(uv->udiag_vfs_dev),
3649 minor(uv->udiag_vfs_dev));
3650 }
3651 if (tb[UNIX_DIAG_ICONS]) {
3652 int len = RTA_PAYLOAD(tb[UNIX_DIAG_ICONS]);
3653 __u32 *peers = RTA_DATA(tb[UNIX_DIAG_ICONS]);
3654 int i;
3655
3656 out(" peers:");
3657 for (i = 0; i < len / sizeof(__u32); i++)
3658 out(" %u", peers[i]);
3659 }
3660 }
3661
3662 return 0;
3663 }
3664
3665 static int handle_netlink_request(struct filter *f, struct nlmsghdr *req,
3666 size_t size, rtnl_filter_t show_one_sock)
3667 {
3668 int ret = -1;
3669 struct rtnl_handle rth;
3670
3671 if (rtnl_open_byproto(&rth, 0, NETLINK_SOCK_DIAG))
3672 return -1;
3673
3674 rth.dump = MAGIC_SEQ;
3675
3676 if (rtnl_send(&rth, req, size) < 0)
3677 goto Exit;
3678
3679 if (rtnl_dump_filter(&rth, show_one_sock, f))
3680 goto Exit;
3681
3682 ret = 0;
3683 Exit:
3684 rtnl_close(&rth);
3685 return ret;
3686 }
3687
3688 static int unix_show_netlink(struct filter *f)
3689 {
3690 DIAG_REQUEST(req, struct unix_diag_req r);
3691
3692 req.r.sdiag_family = AF_UNIX;
3693 req.r.udiag_states = f->states;
3694 req.r.udiag_show = UDIAG_SHOW_NAME | UDIAG_SHOW_PEER | UDIAG_SHOW_RQLEN;
3695 if (show_mem)
3696 req.r.udiag_show |= UDIAG_SHOW_MEMINFO;
3697 if (show_details)
3698 req.r.udiag_show |= UDIAG_SHOW_VFS | UDIAG_SHOW_ICONS;
3699
3700 return handle_netlink_request(f, &req.nlh, sizeof(req), unix_show_sock);
3701 }
3702
3703 static int unix_show(struct filter *f)
3704 {
3705 FILE *fp;
3706 char buf[256];
3707 char name[128];
3708 int newformat = 0;
3709 int cnt;
3710 struct sockstat *list = NULL;
3711 const int unix_state_map[] = { SS_CLOSE, SS_SYN_SENT,
3712 SS_ESTABLISHED, SS_CLOSING };
3713
3714 if (!filter_af_get(f, AF_UNIX))
3715 return 0;
3716
3717 if (!getenv("PROC_NET_UNIX") && !getenv("PROC_ROOT")
3718 && unix_show_netlink(f) == 0)
3719 return 0;
3720
3721 if ((fp = net_unix_open()) == NULL)
3722 return -1;
3723 if (!fgets(buf, sizeof(buf), fp)) {
3724 fclose(fp);
3725 return -1;
3726 }
3727
3728 if (memcmp(buf, "Peer", 4) == 0)
3729 newformat = 1;
3730 cnt = 0;
3731
3732 while (fgets(buf, sizeof(buf), fp)) {
3733 struct sockstat *u, **insp;
3734 int flags;
3735
3736 if (!(u = calloc(1, sizeof(*u))))
3737 break;
3738
3739 if (sscanf(buf, "%x: %x %x %x %x %x %d %s",
3740 &u->rport, &u->rq, &u->wq, &flags, &u->type,
3741 &u->state, &u->ino, name) < 8)
3742 name[0] = 0;
3743
3744 u->lport = u->ino;
3745 u->local.family = u->remote.family = AF_UNIX;
3746
3747 if (flags & (1 << 16)) {
3748 u->state = SS_LISTEN;
3749 } else if (u->state > 0 &&
3750 u->state <= ARRAY_SIZE(unix_state_map)) {
3751 u->state = unix_state_map[u->state-1];
3752 if (u->type == SOCK_DGRAM && u->state == SS_CLOSE && u->rport)
3753 u->state = SS_ESTABLISHED;
3754 }
3755 if (unix_type_skip(u, f) ||
3756 !(f->states & (1 << u->state))) {
3757 free(u);
3758 continue;
3759 }
3760
3761 if (!newformat) {
3762 u->rport = 0;
3763 u->rq = 0;
3764 u->wq = 0;
3765 }
3766
3767 if (name[0]) {
3768 u->name = strdup(name);
3769 if (!u->name) {
3770 free(u);
3771 break;
3772 }
3773 }
3774
3775 if (u->rport) {
3776 struct sockstat *p;
3777
3778 for (p = list; p; p = p->next) {
3779 if (u->rport == p->lport)
3780 break;
3781 }
3782 if (!p)
3783 u->peer_name = "?";
3784 else
3785 u->peer_name = p->name ? : "*";
3786 }
3787
3788 if (f->f) {
3789 struct sockstat st = {
3790 .local.family = AF_UNIX,
3791 .remote.family = AF_UNIX,
3792 };
3793
3794 memcpy(st.local.data, &u->name, sizeof(u->name));
3795 /* when parsing the old format rport is set to 0 and
3796 * therefore peer_name remains NULL
3797 */
3798 if (u->peer_name && strcmp(u->peer_name, "*"))
3799 memcpy(st.remote.data, &u->peer_name,
3800 sizeof(u->peer_name));
3801 if (run_ssfilter(f->f, &st) == 0) {
3802 free(u->name);
3803 free(u);
3804 continue;
3805 }
3806 }
3807
3808 insp = &list;
3809 while (*insp) {
3810 if (u->type < (*insp)->type ||
3811 (u->type == (*insp)->type &&
3812 u->ino < (*insp)->ino))
3813 break;
3814 insp = &(*insp)->next;
3815 }
3816 u->next = *insp;
3817 *insp = u;
3818
3819 if (++cnt > MAX_UNIX_REMEMBER) {
3820 while (list) {
3821 unix_stats_print(list, f);
3822 unix_list_drop_first(&list);
3823 }
3824 cnt = 0;
3825 }
3826 }
3827 fclose(fp);
3828 while (list) {
3829 unix_stats_print(list, f);
3830 unix_list_drop_first(&list);
3831 }
3832
3833 return 0;
3834 }
3835
3836 static int packet_stats_print(struct sockstat *s, const struct filter *f)
3837 {
3838 const char *addr, *port;
3839 char ll_name[16];
3840
3841 s->local.family = s->remote.family = AF_PACKET;
3842
3843 if (f->f) {
3844 s->local.data[0] = s->prot;
3845 if (run_ssfilter(f->f, s) == 0)
3846 return 1;
3847 }
3848
3849 sock_state_print(s);
3850
3851 if (s->prot == 3)
3852 addr = "*";
3853 else
3854 addr = ll_proto_n2a(htons(s->prot), ll_name, sizeof(ll_name));
3855
3856 if (s->iface == 0)
3857 port = "*";
3858 else
3859 port = xll_index_to_name(s->iface);
3860
3861 sock_addr_print(addr, ":", port, NULL);
3862 sock_addr_print("", "*", "", NULL);
3863
3864 proc_ctx_print(s);
3865
3866 if (show_details)
3867 sock_details_print(s);
3868
3869 return 0;
3870 }
3871
3872 static void packet_show_ring(struct packet_diag_ring *ring)
3873 {
3874 out("blk_size:%d", ring->pdr_block_size);
3875 out(",blk_nr:%d", ring->pdr_block_nr);
3876 out(",frm_size:%d", ring->pdr_frame_size);
3877 out(",frm_nr:%d", ring->pdr_frame_nr);
3878 out(",tmo:%d", ring->pdr_retire_tmo);
3879 out(",features:0x%x", ring->pdr_features);
3880 }
3881
3882 static int packet_show_sock(struct nlmsghdr *nlh, void *arg)
3883 {
3884 const struct filter *f = arg;
3885 struct packet_diag_msg *r = NLMSG_DATA(nlh);
3886 struct packet_diag_info *pinfo = NULL;
3887 struct packet_diag_ring *ring_rx = NULL, *ring_tx = NULL;
3888 struct rtattr *tb[PACKET_DIAG_MAX+1];
3889 struct sockstat stat = {};
3890 uint32_t fanout = 0;
3891 bool has_fanout = false;
3892
3893 parse_rtattr(tb, PACKET_DIAG_MAX, (struct rtattr *)(r+1),
3894 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
3895
3896 /* use /proc/net/packet if all info are not available */
3897 if (!tb[PACKET_DIAG_MEMINFO])
3898 return -1;
3899
3900 stat.type = r->pdiag_type;
3901 stat.prot = r->pdiag_num;
3902 stat.ino = r->pdiag_ino;
3903 stat.state = SS_CLOSE;
3904 stat.sk = cookie_sk_get(&r->pdiag_cookie[0]);
3905
3906 if (tb[PACKET_DIAG_MEMINFO]) {
3907 __u32 *skmeminfo = RTA_DATA(tb[PACKET_DIAG_MEMINFO]);
3908
3909 stat.rq = skmeminfo[SK_MEMINFO_RMEM_ALLOC];
3910 }
3911
3912 if (tb[PACKET_DIAG_INFO]) {
3913 pinfo = RTA_DATA(tb[PACKET_DIAG_INFO]);
3914 stat.lport = stat.iface = pinfo->pdi_index;
3915 }
3916
3917 if (tb[PACKET_DIAG_UID])
3918 stat.uid = rta_getattr_u32(tb[PACKET_DIAG_UID]);
3919
3920 if (tb[PACKET_DIAG_RX_RING])
3921 ring_rx = RTA_DATA(tb[PACKET_DIAG_RX_RING]);
3922
3923 if (tb[PACKET_DIAG_TX_RING])
3924 ring_tx = RTA_DATA(tb[PACKET_DIAG_TX_RING]);
3925
3926 if (tb[PACKET_DIAG_FANOUT]) {
3927 has_fanout = true;
3928 fanout = rta_getattr_u32(tb[PACKET_DIAG_FANOUT]);
3929 }
3930
3931 if (packet_stats_print(&stat, f))
3932 return 0;
3933
3934 if (show_details) {
3935 if (pinfo) {
3936 out("\n\tver:%d", pinfo->pdi_version);
3937 out(" cpy_thresh:%d", pinfo->pdi_copy_thresh);
3938 out(" flags( ");
3939 if (pinfo->pdi_flags & PDI_RUNNING)
3940 out("running");
3941 if (pinfo->pdi_flags & PDI_AUXDATA)
3942 out(" auxdata");
3943 if (pinfo->pdi_flags & PDI_ORIGDEV)
3944 out(" origdev");
3945 if (pinfo->pdi_flags & PDI_VNETHDR)
3946 out(" vnethdr");
3947 if (pinfo->pdi_flags & PDI_LOSS)
3948 out(" loss");
3949 if (!pinfo->pdi_flags)
3950 out("0");
3951 out(" )");
3952 }
3953 if (ring_rx) {
3954 out("\n\tring_rx(");
3955 packet_show_ring(ring_rx);
3956 out(")");
3957 }
3958 if (ring_tx) {
3959 out("\n\tring_tx(");
3960 packet_show_ring(ring_tx);
3961 out(")");
3962 }
3963 if (has_fanout) {
3964 uint16_t type = (fanout >> 16) & 0xffff;
3965
3966 out("\n\tfanout(");
3967 out("id:%d,", fanout & 0xffff);
3968 out("type:");
3969
3970 if (type == 0)
3971 out("hash");
3972 else if (type == 1)
3973 out("lb");
3974 else if (type == 2)
3975 out("cpu");
3976 else if (type == 3)
3977 out("roll");
3978 else if (type == 4)
3979 out("random");
3980 else if (type == 5)
3981 out("qm");
3982 else
3983 out("0x%x", type);
3984
3985 out(")");
3986 }
3987 }
3988
3989 if (show_bpf && tb[PACKET_DIAG_FILTER]) {
3990 struct sock_filter *fil =
3991 RTA_DATA(tb[PACKET_DIAG_FILTER]);
3992 int num = RTA_PAYLOAD(tb[PACKET_DIAG_FILTER]) /
3993 sizeof(struct sock_filter);
3994
3995 out("\n\tbpf filter (%d): ", num);
3996 while (num) {
3997 out(" 0x%02x %u %u %u,",
3998 fil->code, fil->jt, fil->jf, fil->k);
3999 num--;
4000 fil++;
4001 }
4002 }
4003
4004 if (show_mem)
4005 print_skmeminfo(tb, PACKET_DIAG_MEMINFO);
4006 return 0;
4007 }
4008
4009 static int packet_show_netlink(struct filter *f)
4010 {
4011 DIAG_REQUEST(req, struct packet_diag_req r);
4012
4013 req.r.sdiag_family = AF_PACKET;
4014 req.r.pdiag_show = PACKET_SHOW_INFO | PACKET_SHOW_MEMINFO |
4015 PACKET_SHOW_FILTER | PACKET_SHOW_RING_CFG | PACKET_SHOW_FANOUT;
4016
4017 return handle_netlink_request(f, &req.nlh, sizeof(req), packet_show_sock);
4018 }
4019
4020 static int packet_show_line(char *buf, const struct filter *f, int fam)
4021 {
4022 unsigned long long sk;
4023 struct sockstat stat = {};
4024 int type, prot, iface, state, rq, uid, ino;
4025
4026 sscanf(buf, "%llx %*d %d %x %d %d %u %u %u",
4027 &sk,
4028 &type, &prot, &iface, &state,
4029 &rq, &uid, &ino);
4030
4031 if (stat.type == SOCK_RAW && !(f->dbs&(1<<PACKET_R_DB)))
4032 return 0;
4033 if (stat.type == SOCK_DGRAM && !(f->dbs&(1<<PACKET_DG_DB)))
4034 return 0;
4035
4036 stat.type = type;
4037 stat.prot = prot;
4038 stat.lport = stat.iface = iface;
4039 stat.state = state;
4040 stat.rq = rq;
4041 stat.uid = uid;
4042 stat.ino = ino;
4043 stat.state = SS_CLOSE;
4044
4045 if (packet_stats_print(&stat, f))
4046 return 0;
4047
4048 return 0;
4049 }
4050
4051 static int packet_show(struct filter *f)
4052 {
4053 FILE *fp;
4054 int rc = 0;
4055
4056 if (!filter_af_get(f, AF_PACKET) || !(f->states & (1 << SS_CLOSE)))
4057 return 0;
4058
4059 if (!getenv("PROC_NET_PACKET") && !getenv("PROC_ROOT") &&
4060 packet_show_netlink(f) == 0)
4061 return 0;
4062
4063 if ((fp = net_packet_open()) == NULL)
4064 return -1;
4065 if (generic_record_read(fp, packet_show_line, f, AF_PACKET))
4066 rc = -1;
4067
4068 fclose(fp);
4069 return rc;
4070 }
4071
4072 static int xdp_stats_print(struct sockstat *s, const struct filter *f)
4073 {
4074 const char *addr, *port;
4075 char q_str[16];
4076
4077 s->local.family = s->remote.family = AF_XDP;
4078
4079 if (f->f) {
4080 if (run_ssfilter(f->f, s) == 0)
4081 return 1;
4082 }
4083
4084 sock_state_print(s);
4085
4086 if (s->iface) {
4087 addr = xll_index_to_name(s->iface);
4088 snprintf(q_str, sizeof(q_str), "q%d", s->lport);
4089 port = q_str;
4090 sock_addr_print(addr, ":", port, NULL);
4091 } else {
4092 sock_addr_print("", "*", "", NULL);
4093 }
4094
4095 sock_addr_print("", "*", "", NULL);
4096
4097 proc_ctx_print(s);
4098
4099 if (show_details)
4100 sock_details_print(s);
4101
4102 return 0;
4103 }
4104
4105 static void xdp_show_ring(const char *name, struct xdp_diag_ring *ring)
4106 {
4107 out("\n\t%s(", name);
4108 out("entries:%u", ring->entries);
4109 out(")");
4110 }
4111
4112 static void xdp_show_umem(struct xdp_diag_umem *umem, struct xdp_diag_ring *fr,
4113 struct xdp_diag_ring *cr)
4114 {
4115 out("\n\tumem(");
4116 out("id:%u", umem->id);
4117 out(",size:%llu", umem->size);
4118 out(",num_pages:%u", umem->num_pages);
4119 out(",chunk_size:%u", umem->chunk_size);
4120 out(",headroom:%u", umem->headroom);
4121 out(",ifindex:%u", umem->ifindex);
4122 out(",qid:%u", umem->queue_id);
4123 out(",zc:%u", umem->flags & XDP_DU_F_ZEROCOPY);
4124 out(",refs:%u", umem->refs);
4125 out(")");
4126
4127 if (fr)
4128 xdp_show_ring("fr", fr);
4129 if (cr)
4130 xdp_show_ring("cr", cr);
4131 }
4132
4133 static int xdp_show_sock(struct nlmsghdr *nlh, void *arg)
4134 {
4135 struct xdp_diag_ring *rx = NULL, *tx = NULL, *fr = NULL, *cr = NULL;
4136 struct xdp_diag_msg *msg = NLMSG_DATA(nlh);
4137 struct rtattr *tb[XDP_DIAG_MAX + 1];
4138 struct xdp_diag_info *info = NULL;
4139 struct xdp_diag_umem *umem = NULL;
4140 const struct filter *f = arg;
4141 struct sockstat stat = {};
4142
4143 parse_rtattr(tb, XDP_DIAG_MAX, (struct rtattr *)(msg + 1),
4144 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*msg)));
4145
4146 stat.type = msg->xdiag_type;
4147 stat.ino = msg->xdiag_ino;
4148 stat.state = SS_CLOSE;
4149 stat.sk = cookie_sk_get(&msg->xdiag_cookie[0]);
4150
4151 if (tb[XDP_DIAG_INFO]) {
4152 info = RTA_DATA(tb[XDP_DIAG_INFO]);
4153 stat.iface = info->ifindex;
4154 stat.lport = info->queue_id;
4155 }
4156
4157 if (tb[XDP_DIAG_UID])
4158 stat.uid = rta_getattr_u32(tb[XDP_DIAG_UID]);
4159 if (tb[XDP_DIAG_RX_RING])
4160 rx = RTA_DATA(tb[XDP_DIAG_RX_RING]);
4161 if (tb[XDP_DIAG_TX_RING])
4162 tx = RTA_DATA(tb[XDP_DIAG_TX_RING]);
4163 if (tb[XDP_DIAG_UMEM])
4164 umem = RTA_DATA(tb[XDP_DIAG_UMEM]);
4165 if (tb[XDP_DIAG_UMEM_FILL_RING])
4166 fr = RTA_DATA(tb[XDP_DIAG_UMEM_FILL_RING]);
4167 if (tb[XDP_DIAG_UMEM_COMPLETION_RING])
4168 cr = RTA_DATA(tb[XDP_DIAG_UMEM_COMPLETION_RING]);
4169 if (tb[XDP_DIAG_MEMINFO]) {
4170 __u32 *skmeminfo = RTA_DATA(tb[XDP_DIAG_MEMINFO]);
4171
4172 stat.rq = skmeminfo[SK_MEMINFO_RMEM_ALLOC];
4173 }
4174
4175 if (xdp_stats_print(&stat, f))
4176 return 0;
4177
4178 if (show_details) {
4179 if (rx)
4180 xdp_show_ring("rx", rx);
4181 if (tx)
4182 xdp_show_ring("tx", tx);
4183 if (umem)
4184 xdp_show_umem(umem, fr, cr);
4185 }
4186
4187 if (show_mem)
4188 print_skmeminfo(tb, XDP_DIAG_MEMINFO); // really?
4189
4190
4191 return 0;
4192 }
4193
4194 static int xdp_show(struct filter *f)
4195 {
4196 DIAG_REQUEST(req, struct xdp_diag_req r);
4197
4198 if (!filter_af_get(f, AF_XDP) || !(f->states & (1 << SS_CLOSE)))
4199 return 0;
4200
4201 req.r.sdiag_family = AF_XDP;
4202 req.r.xdiag_show = XDP_SHOW_INFO | XDP_SHOW_RING_CFG | XDP_SHOW_UMEM |
4203 XDP_SHOW_MEMINFO;
4204
4205 return handle_netlink_request(f, &req.nlh, sizeof(req), xdp_show_sock);
4206 }
4207
4208 static int netlink_show_one(struct filter *f,
4209 int prot, int pid, unsigned int groups,
4210 int state, int dst_pid, unsigned int dst_group,
4211 int rq, int wq,
4212 unsigned long long sk, unsigned long long cb)
4213 {
4214 struct sockstat st = {
4215 .state = SS_CLOSE,
4216 .rq = rq,
4217 .wq = wq,
4218 .local.family = AF_NETLINK,
4219 .remote.family = AF_NETLINK,
4220 };
4221
4222 SPRINT_BUF(prot_buf) = {};
4223 const char *prot_name;
4224 char procname[64] = {};
4225
4226 if (f->f) {
4227 st.rport = -1;
4228 st.lport = pid;
4229 st.local.data[0] = prot;
4230 if (run_ssfilter(f->f, &st) == 0)
4231 return 1;
4232 }
4233
4234 sock_state_print(&st);
4235
4236 if (resolve_services)
4237 prot_name = nl_proto_n2a(prot, prot_buf, sizeof(prot_buf));
4238 else
4239 prot_name = int_to_str(prot, prot_buf);
4240
4241 if (pid == -1) {
4242 procname[0] = '*';
4243 } else if (resolve_services) {
4244 int done = 0;
4245
4246 if (!pid) {
4247 done = 1;
4248 strncpy(procname, "kernel", 7);
4249 } else if (pid > 0) {
4250 FILE *fp;
4251
4252 snprintf(procname, sizeof(procname), "%s/%d/stat",
4253 getenv("PROC_ROOT") ? : "/proc", pid);
4254 if ((fp = fopen(procname, "r")) != NULL) {
4255 if (fscanf(fp, "%*d (%[^)])", procname) == 1) {
4256 snprintf(procname+strlen(procname),
4257 sizeof(procname)-strlen(procname),
4258 "/%d", pid);
4259 done = 1;
4260 }
4261 fclose(fp);
4262 }
4263 }
4264 if (!done)
4265 int_to_str(pid, procname);
4266 } else {
4267 int_to_str(pid, procname);
4268 }
4269
4270 sock_addr_print(prot_name, ":", procname, NULL);
4271
4272 if (state == NETLINK_CONNECTED) {
4273 char dst_group_buf[30];
4274 char dst_pid_buf[30];
4275
4276 sock_addr_print(int_to_str(dst_group, dst_group_buf), ":",
4277 int_to_str(dst_pid, dst_pid_buf), NULL);
4278 } else {
4279 sock_addr_print("", "*", "", NULL);
4280 }
4281
4282 char *pid_context = NULL;
4283
4284 if (show_proc_ctx) {
4285 /* The pid value will either be:
4286 * 0 if destination kernel - show kernel initial context.
4287 * A valid process pid - use getpidcon.
4288 * A unique value allocated by the kernel or netlink user
4289 * to the process - show context as "not available".
4290 */
4291 if (!pid)
4292 security_get_initial_context("kernel", &pid_context);
4293 else if (pid > 0)
4294 getpidcon(pid, &pid_context);
4295
4296 out(" proc_ctx=%s", pid_context ? : "unavailable");
4297 free(pid_context);
4298 }
4299
4300 if (show_details) {
4301 out(" sk=%llx cb=%llx groups=0x%08x", sk, cb, groups);
4302 }
4303
4304 return 0;
4305 }
4306
4307 static int netlink_show_sock(struct nlmsghdr *nlh, void *arg)
4308 {
4309 struct filter *f = (struct filter *)arg;
4310 struct netlink_diag_msg *r = NLMSG_DATA(nlh);
4311 struct rtattr *tb[NETLINK_DIAG_MAX+1];
4312 int rq = 0, wq = 0;
4313 unsigned long groups = 0;
4314
4315 parse_rtattr(tb, NETLINK_DIAG_MAX, (struct rtattr *)(r+1),
4316 nlh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
4317
4318 if (tb[NETLINK_DIAG_GROUPS] && RTA_PAYLOAD(tb[NETLINK_DIAG_GROUPS]))
4319 groups = *(unsigned long *) RTA_DATA(tb[NETLINK_DIAG_GROUPS]);
4320
4321 if (tb[NETLINK_DIAG_MEMINFO]) {
4322 const __u32 *skmeminfo;
4323
4324 skmeminfo = RTA_DATA(tb[NETLINK_DIAG_MEMINFO]);
4325
4326 rq = skmeminfo[SK_MEMINFO_RMEM_ALLOC];
4327 wq = skmeminfo[SK_MEMINFO_WMEM_ALLOC];
4328 }
4329
4330 if (netlink_show_one(f, r->ndiag_protocol, r->ndiag_portid, groups,
4331 r->ndiag_state, r->ndiag_dst_portid, r->ndiag_dst_group,
4332 rq, wq, 0, 0)) {
4333 return 0;
4334 }
4335
4336 if (show_mem) {
4337 out("\t");
4338 print_skmeminfo(tb, NETLINK_DIAG_MEMINFO);
4339 }
4340
4341 return 0;
4342 }
4343
4344 static int netlink_show_netlink(struct filter *f)
4345 {
4346 DIAG_REQUEST(req, struct netlink_diag_req r);
4347
4348 req.r.sdiag_family = AF_NETLINK;
4349 req.r.sdiag_protocol = NDIAG_PROTO_ALL;
4350 req.r.ndiag_show = NDIAG_SHOW_GROUPS | NDIAG_SHOW_MEMINFO;
4351
4352 return handle_netlink_request(f, &req.nlh, sizeof(req), netlink_show_sock);
4353 }
4354
4355 static int netlink_show(struct filter *f)
4356 {
4357 FILE *fp;
4358 char buf[256];
4359 int prot, pid;
4360 unsigned int groups;
4361 int rq, wq, rc;
4362 unsigned long long sk, cb;
4363
4364 if (!filter_af_get(f, AF_NETLINK) || !(f->states & (1 << SS_CLOSE)))
4365 return 0;
4366
4367 if (!getenv("PROC_NET_NETLINK") && !getenv("PROC_ROOT") &&
4368 netlink_show_netlink(f) == 0)
4369 return 0;
4370
4371 if ((fp = net_netlink_open()) == NULL)
4372 return -1;
4373 if (!fgets(buf, sizeof(buf), fp)) {
4374 fclose(fp);
4375 return -1;
4376 }
4377
4378 while (fgets(buf, sizeof(buf), fp)) {
4379 sscanf(buf, "%llx %d %d %x %d %d %llx %d",
4380 &sk,
4381 &prot, &pid, &groups, &rq, &wq, &cb, &rc);
4382
4383 netlink_show_one(f, prot, pid, groups, 0, 0, 0, rq, wq, sk, cb);
4384 }
4385
4386 fclose(fp);
4387 return 0;
4388 }
4389
4390 static bool vsock_type_skip(struct sockstat *s, struct filter *f)
4391 {
4392 if (s->type == SOCK_STREAM && !(f->dbs & (1 << VSOCK_ST_DB)))
4393 return true;
4394 if (s->type == SOCK_DGRAM && !(f->dbs & (1 << VSOCK_DG_DB)))
4395 return true;
4396 return false;
4397 }
4398
4399 static void vsock_addr_print(inet_prefix *a, __u32 port)
4400 {
4401 char cid_str[sizeof("4294967295")];
4402 char port_str[sizeof("4294967295")];
4403 __u32 cid;
4404
4405 memcpy(&cid, a->data, sizeof(cid));
4406
4407 if (cid == ~(__u32)0)
4408 snprintf(cid_str, sizeof(cid_str), "*");
4409 else
4410 snprintf(cid_str, sizeof(cid_str), "%u", cid);
4411
4412 if (port == ~(__u32)0)
4413 snprintf(port_str, sizeof(port_str), "*");
4414 else
4415 snprintf(port_str, sizeof(port_str), "%u", port);
4416
4417 sock_addr_print(cid_str, ":", port_str, NULL);
4418 }
4419
4420 static void vsock_stats_print(struct sockstat *s, struct filter *f)
4421 {
4422 sock_state_print(s);
4423
4424 vsock_addr_print(&s->local, s->lport);
4425 vsock_addr_print(&s->remote, s->rport);
4426
4427 proc_ctx_print(s);
4428 }
4429
4430 static int vsock_show_sock(struct nlmsghdr *nlh, void *arg)
4431 {
4432 struct filter *f = (struct filter *)arg;
4433 struct vsock_diag_msg *r = NLMSG_DATA(nlh);
4434 struct sockstat stat = {
4435 .type = r->vdiag_type,
4436 .lport = r->vdiag_src_port,
4437 .rport = r->vdiag_dst_port,
4438 .state = r->vdiag_state,
4439 .ino = r->vdiag_ino,
4440 };
4441
4442 vsock_set_inet_prefix(&stat.local, r->vdiag_src_cid);
4443 vsock_set_inet_prefix(&stat.remote, r->vdiag_dst_cid);
4444
4445 if (vsock_type_skip(&stat, f))
4446 return 0;
4447
4448 if (f->f && run_ssfilter(f->f, &stat) == 0)
4449 return 0;
4450
4451 vsock_stats_print(&stat, f);
4452
4453 return 0;
4454 }
4455
4456 static int vsock_show(struct filter *f)
4457 {
4458 DIAG_REQUEST(req, struct vsock_diag_req r);
4459
4460 if (!filter_af_get(f, AF_VSOCK))
4461 return 0;
4462
4463 req.r.sdiag_family = AF_VSOCK;
4464 req.r.vdiag_states = f->states;
4465
4466 return handle_netlink_request(f, &req.nlh, sizeof(req), vsock_show_sock);
4467 }
4468
4469 static void tipc_sock_addr_print(struct rtattr *net_addr, struct rtattr *id)
4470 {
4471 uint32_t node = rta_getattr_u32(net_addr);
4472 uint32_t identity = rta_getattr_u32(id);
4473
4474 SPRINT_BUF(addr) = {};
4475 SPRINT_BUF(port) = {};
4476
4477 sprintf(addr, "%u", node);
4478 sprintf(port, "%u", identity);
4479 sock_addr_print(addr, ":", port, NULL);
4480
4481 }
4482
4483 static int tipc_show_sock(struct nlmsghdr *nlh, void *arg)
4484 {
4485 struct rtattr *stat[TIPC_NLA_SOCK_STAT_MAX + 1] = {};
4486 struct rtattr *attrs[TIPC_NLA_SOCK_MAX + 1] = {};
4487 struct rtattr *con[TIPC_NLA_CON_MAX + 1] = {};
4488 struct rtattr *info[TIPC_NLA_MAX + 1] = {};
4489 struct rtattr *msg_ref;
4490 struct sockstat ss = {};
4491
4492 parse_rtattr(info, TIPC_NLA_MAX, NLMSG_DATA(nlh),
4493 NLMSG_PAYLOAD(nlh, 0));
4494
4495 if (!info[TIPC_NLA_SOCK])
4496 return 0;
4497
4498 msg_ref = info[TIPC_NLA_SOCK];
4499 parse_rtattr(attrs, TIPC_NLA_SOCK_MAX, RTA_DATA(msg_ref),
4500 RTA_PAYLOAD(msg_ref));
4501
4502 msg_ref = attrs[TIPC_NLA_SOCK_STAT];
4503 parse_rtattr(stat, TIPC_NLA_SOCK_STAT_MAX,
4504 RTA_DATA(msg_ref), RTA_PAYLOAD(msg_ref));
4505
4506
4507 ss.local.family = AF_TIPC;
4508 ss.type = rta_getattr_u32(attrs[TIPC_NLA_SOCK_TYPE]);
4509 ss.state = rta_getattr_u32(attrs[TIPC_NLA_SOCK_TIPC_STATE]);
4510 ss.uid = rta_getattr_u32(attrs[TIPC_NLA_SOCK_UID]);
4511 ss.ino = rta_getattr_u32(attrs[TIPC_NLA_SOCK_INO]);
4512 ss.rq = rta_getattr_u32(stat[TIPC_NLA_SOCK_STAT_RCVQ]);
4513 ss.wq = rta_getattr_u32(stat[TIPC_NLA_SOCK_STAT_SENDQ]);
4514 ss.sk = rta_getattr_u64(attrs[TIPC_NLA_SOCK_COOKIE]);
4515
4516 sock_state_print (&ss);
4517
4518 tipc_sock_addr_print(attrs[TIPC_NLA_SOCK_ADDR],
4519 attrs[TIPC_NLA_SOCK_REF]);
4520
4521 msg_ref = attrs[TIPC_NLA_SOCK_CON];
4522 if (msg_ref) {
4523 parse_rtattr(con, TIPC_NLA_CON_MAX,
4524 RTA_DATA(msg_ref), RTA_PAYLOAD(msg_ref));
4525
4526 tipc_sock_addr_print(con[TIPC_NLA_CON_NODE],
4527 con[TIPC_NLA_CON_SOCK]);
4528 } else
4529 sock_addr_print("", "-", "", NULL);
4530
4531 if (show_details)
4532 sock_details_print(&ss);
4533
4534 proc_ctx_print(&ss);
4535
4536 if (show_tipcinfo) {
4537 out("\n type:%s", stype_nameg[ss.type]);
4538 out(" cong:%s ",
4539 stat[TIPC_NLA_SOCK_STAT_LINK_CONG] ? "link" :
4540 stat[TIPC_NLA_SOCK_STAT_CONN_CONG] ? "conn" : "none");
4541 out(" drop:%d ",
4542 rta_getattr_u32(stat[TIPC_NLA_SOCK_STAT_DROP]));
4543
4544 if (attrs[TIPC_NLA_SOCK_HAS_PUBL])
4545 out(" publ");
4546
4547 if (con[TIPC_NLA_CON_FLAG])
4548 out(" via {%u,%u} ",
4549 rta_getattr_u32(con[TIPC_NLA_CON_TYPE]),
4550 rta_getattr_u32(con[TIPC_NLA_CON_INST]));
4551 }
4552
4553 return 0;
4554 }
4555
4556 static int tipc_show(struct filter *f)
4557 {
4558 DIAG_REQUEST(req, struct tipc_sock_diag_req r);
4559
4560 memset(&req.r, 0, sizeof(req.r));
4561 req.r.sdiag_family = AF_TIPC;
4562 req.r.tidiag_states = f->states;
4563
4564 return handle_netlink_request(f, &req.nlh, sizeof(req), tipc_show_sock);
4565 }
4566
4567 struct sock_diag_msg {
4568 __u8 sdiag_family;
4569 };
4570
4571 static int generic_show_sock(struct nlmsghdr *nlh, void *arg)
4572 {
4573 struct sock_diag_msg *r = NLMSG_DATA(nlh);
4574 struct inet_diag_arg inet_arg = { .f = arg, .protocol = IPPROTO_MAX };
4575 int ret;
4576
4577 switch (r->sdiag_family) {
4578 case AF_INET:
4579 case AF_INET6:
4580 inet_arg.rth = inet_arg.f->rth_for_killing;
4581 ret = show_one_inet_sock(nlh, &inet_arg);
4582 break;
4583 case AF_UNIX:
4584 ret = unix_show_sock(nlh, arg);
4585 break;
4586 case AF_PACKET:
4587 ret = packet_show_sock(nlh, arg);
4588 break;
4589 case AF_NETLINK:
4590 ret = netlink_show_sock(nlh, arg);
4591 break;
4592 case AF_VSOCK:
4593 ret = vsock_show_sock(nlh, arg);
4594 break;
4595 case AF_XDP:
4596 ret = xdp_show_sock(nlh, arg);
4597 break;
4598 default:
4599 ret = -1;
4600 }
4601
4602 render();
4603
4604 return ret;
4605 }
4606
4607 static int handle_follow_request(struct filter *f)
4608 {
4609 int ret = 0;
4610 int groups = 0;
4611 struct rtnl_handle rth, rth2;
4612
4613 if (f->families & FAMILY_MASK(AF_INET) && f->dbs & (1 << TCP_DB))
4614 groups |= 1 << (SKNLGRP_INET_TCP_DESTROY - 1);
4615 if (f->families & FAMILY_MASK(AF_INET) && f->dbs & (1 << UDP_DB))
4616 groups |= 1 << (SKNLGRP_INET_UDP_DESTROY - 1);
4617 if (f->families & FAMILY_MASK(AF_INET6) && f->dbs & (1 << TCP_DB))
4618 groups |= 1 << (SKNLGRP_INET6_TCP_DESTROY - 1);
4619 if (f->families & FAMILY_MASK(AF_INET6) && f->dbs & (1 << UDP_DB))
4620 groups |= 1 << (SKNLGRP_INET6_UDP_DESTROY - 1);
4621
4622 if (groups == 0)
4623 return -1;
4624
4625 if (rtnl_open_byproto(&rth, groups, NETLINK_SOCK_DIAG))
4626 return -1;
4627
4628 rth.dump = 0;
4629 rth.local.nl_pid = 0;
4630
4631 if (f->kill) {
4632 if (rtnl_open_byproto(&rth2, groups, NETLINK_SOCK_DIAG)) {
4633 rtnl_close(&rth);
4634 return -1;
4635 }
4636 f->rth_for_killing = &rth2;
4637 }
4638
4639 if (rtnl_dump_filter(&rth, generic_show_sock, f))
4640 ret = -1;
4641
4642 rtnl_close(&rth);
4643 if (f->rth_for_killing)
4644 rtnl_close(f->rth_for_killing);
4645 return ret;
4646 }
4647
4648 static int get_snmp_int(char *proto, char *key, int *result)
4649 {
4650 char buf[1024];
4651 FILE *fp;
4652 int protolen = strlen(proto);
4653 int keylen = strlen(key);
4654
4655 *result = 0;
4656
4657 if ((fp = net_snmp_open()) == NULL)
4658 return -1;
4659
4660 while (fgets(buf, sizeof(buf), fp) != NULL) {
4661 char *p = buf;
4662 int pos = 0;
4663
4664 if (memcmp(buf, proto, protolen))
4665 continue;
4666 while ((p = strchr(p, ' ')) != NULL) {
4667 pos++;
4668 p++;
4669 if (memcmp(p, key, keylen) == 0 &&
4670 (p[keylen] == ' ' || p[keylen] == '\n'))
4671 break;
4672 }
4673 if (fgets(buf, sizeof(buf), fp) == NULL)
4674 break;
4675 if (memcmp(buf, proto, protolen))
4676 break;
4677 p = buf;
4678 while ((p = strchr(p, ' ')) != NULL) {
4679 p++;
4680 if (--pos == 0) {
4681 sscanf(p, "%d", result);
4682 fclose(fp);
4683 return 0;
4684 }
4685 }
4686 }
4687
4688 fclose(fp);
4689 errno = ESRCH;
4690 return -1;
4691 }
4692
4693
4694 /* Get stats from sockstat */
4695
4696 struct ssummary {
4697 int socks;
4698 int tcp_mem;
4699 int tcp_total;
4700 int tcp_orphans;
4701 int tcp_tws;
4702 int tcp4_hashed;
4703 int udp4;
4704 int raw4;
4705 int frag4;
4706 int frag4_mem;
4707 int tcp6_hashed;
4708 int udp6;
4709 int raw6;
4710 int frag6;
4711 int frag6_mem;
4712 };
4713
4714 static void get_sockstat_line(char *line, struct ssummary *s)
4715 {
4716 char id[256], rem[256];
4717
4718 if (sscanf(line, "%[^ ] %[^\n]\n", id, rem) != 2)
4719 return;
4720
4721 if (strcmp(id, "sockets:") == 0)
4722 sscanf(rem, "%*s%d", &s->socks);
4723 else if (strcmp(id, "UDP:") == 0)
4724 sscanf(rem, "%*s%d", &s->udp4);
4725 else if (strcmp(id, "UDP6:") == 0)
4726 sscanf(rem, "%*s%d", &s->udp6);
4727 else if (strcmp(id, "RAW:") == 0)
4728 sscanf(rem, "%*s%d", &s->raw4);
4729 else if (strcmp(id, "RAW6:") == 0)
4730 sscanf(rem, "%*s%d", &s->raw6);
4731 else if (strcmp(id, "TCP6:") == 0)
4732 sscanf(rem, "%*s%d", &s->tcp6_hashed);
4733 else if (strcmp(id, "FRAG:") == 0)
4734 sscanf(rem, "%*s%d%*s%d", &s->frag4, &s->frag4_mem);
4735 else if (strcmp(id, "FRAG6:") == 0)
4736 sscanf(rem, "%*s%d%*s%d", &s->frag6, &s->frag6_mem);
4737 else if (strcmp(id, "TCP:") == 0)
4738 sscanf(rem, "%*s%d%*s%d%*s%d%*s%d%*s%d",
4739 &s->tcp4_hashed,
4740 &s->tcp_orphans, &s->tcp_tws, &s->tcp_total, &s->tcp_mem);
4741 }
4742
4743 static int get_sockstat(struct ssummary *s)
4744 {
4745 char buf[256];
4746 FILE *fp;
4747
4748 memset(s, 0, sizeof(*s));
4749
4750 if ((fp = net_sockstat_open()) == NULL)
4751 return -1;
4752 while (fgets(buf, sizeof(buf), fp) != NULL)
4753 get_sockstat_line(buf, s);
4754 fclose(fp);
4755
4756 if ((fp = net_sockstat6_open()) == NULL)
4757 return 0;
4758 while (fgets(buf, sizeof(buf), fp) != NULL)
4759 get_sockstat_line(buf, s);
4760 fclose(fp);
4761
4762 return 0;
4763 }
4764
4765 static int print_summary(void)
4766 {
4767 struct ssummary s;
4768 int tcp_estab;
4769
4770 if (get_sockstat(&s) < 0)
4771 perror("ss: get_sockstat");
4772 if (get_snmp_int("Tcp:", "CurrEstab", &tcp_estab) < 0)
4773 perror("ss: get_snmpstat");
4774
4775 printf("Total: %d\n", s.socks);
4776
4777 printf("TCP: %d (estab %d, closed %d, orphaned %d, timewait %d)\n",
4778 s.tcp_total + s.tcp_tws, tcp_estab,
4779 s.tcp_total - (s.tcp4_hashed + s.tcp6_hashed - s.tcp_tws),
4780 s.tcp_orphans, s.tcp_tws);
4781
4782 printf("\n");
4783 printf("Transport Total IP IPv6\n");
4784 printf("RAW %-9d %-9d %-9d\n", s.raw4+s.raw6, s.raw4, s.raw6);
4785 printf("UDP %-9d %-9d %-9d\n", s.udp4+s.udp6, s.udp4, s.udp6);
4786 printf("TCP %-9d %-9d %-9d\n", s.tcp4_hashed+s.tcp6_hashed, s.tcp4_hashed, s.tcp6_hashed);
4787 printf("INET %-9d %-9d %-9d\n",
4788 s.raw4+s.udp4+s.tcp4_hashed+
4789 s.raw6+s.udp6+s.tcp6_hashed,
4790 s.raw4+s.udp4+s.tcp4_hashed,
4791 s.raw6+s.udp6+s.tcp6_hashed);
4792 printf("FRAG %-9d %-9d %-9d\n", s.frag4+s.frag6, s.frag4, s.frag6);
4793
4794 printf("\n");
4795
4796 return 0;
4797 }
4798
4799 static void _usage(FILE *dest)
4800 {
4801 fprintf(dest,
4802 "Usage: ss [ OPTIONS ]\n"
4803 " ss [ OPTIONS ] [ FILTER ]\n"
4804 " -h, --help this message\n"
4805 " -V, --version output version information\n"
4806 " -n, --numeric don't resolve service names\n"
4807 " -r, --resolve resolve host names\n"
4808 " -a, --all display all sockets\n"
4809 " -l, --listening display listening sockets\n"
4810 " -o, --options show timer information\n"
4811 " -e, --extended show detailed socket information\n"
4812 " -m, --memory show socket memory usage\n"
4813 " -p, --processes show process using socket\n"
4814 " -i, --info show internal TCP information\n"
4815 " --tipcinfo show internal tipc socket information\n"
4816 " -s, --summary show socket usage summary\n"
4817 " -b, --bpf show bpf filter socket information\n"
4818 " -E, --events continually display sockets as they are destroyed\n"
4819 " -Z, --context display process SELinux security contexts\n"
4820 " -z, --contexts display process and socket SELinux security contexts\n"
4821 " -N, --net switch to the specified network namespace name\n"
4822 "\n"
4823 " -4, --ipv4 display only IP version 4 sockets\n"
4824 " -6, --ipv6 display only IP version 6 sockets\n"
4825 " -0, --packet display PACKET sockets\n"
4826 " -t, --tcp display only TCP sockets\n"
4827 " -S, --sctp display only SCTP sockets\n"
4828 " -u, --udp display only UDP sockets\n"
4829 " -d, --dccp display only DCCP sockets\n"
4830 " -w, --raw display only RAW sockets\n"
4831 " -x, --unix display only Unix domain sockets\n"
4832 " --tipc display only TIPC sockets\n"
4833 " --vsock display only vsock sockets\n"
4834 " -f, --family=FAMILY display sockets of type FAMILY\n"
4835 " FAMILY := {inet|inet6|link|unix|netlink|vsock|tipc|xdp|help}\n"
4836 "\n"
4837 " -K, --kill forcibly close sockets, display what was closed\n"
4838 " -H, --no-header Suppress header line\n"
4839 "\n"
4840 " -A, --query=QUERY, --socket=QUERY\n"
4841 " QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram|tipc}[,QUERY]\n"
4842 "\n"
4843 " -D, --diag=FILE Dump raw information about TCP sockets to FILE\n"
4844 " -F, --filter=FILE read filter information from FILE\n"
4845 " FILTER := [ state STATE-FILTER ] [ EXPRESSION ]\n"
4846 " STATE-FILTER := {all|connected|synchronized|bucket|big|TCP-STATES}\n"
4847 " TCP-STATES := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|closed|close-wait|last-ack|listening|closing}\n"
4848 " connected := {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
4849 " synchronized := {established|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}\n"
4850 " bucket := {syn-recv|time-wait}\n"
4851 " big := {established|syn-sent|fin-wait-{1,2}|closed|close-wait|last-ack|listening|closing}\n"
4852 );
4853 }
4854
4855 static void help(void) __attribute__((noreturn));
4856 static void help(void)
4857 {
4858 _usage(stdout);
4859 exit(0);
4860 }
4861
4862 static void usage(void) __attribute__((noreturn));
4863 static void usage(void)
4864 {
4865 _usage(stderr);
4866 exit(-1);
4867 }
4868
4869
4870 static int scan_state(const char *state)
4871 {
4872 static const char * const sstate_namel[] = {
4873 "UNKNOWN",
4874 [SS_ESTABLISHED] = "established",
4875 [SS_SYN_SENT] = "syn-sent",
4876 [SS_SYN_RECV] = "syn-recv",
4877 [SS_FIN_WAIT1] = "fin-wait-1",
4878 [SS_FIN_WAIT2] = "fin-wait-2",
4879 [SS_TIME_WAIT] = "time-wait",
4880 [SS_CLOSE] = "unconnected",
4881 [SS_CLOSE_WAIT] = "close-wait",
4882 [SS_LAST_ACK] = "last-ack",
4883 [SS_LISTEN] = "listening",
4884 [SS_CLOSING] = "closing",
4885 };
4886 int i;
4887
4888 if (strcasecmp(state, "close") == 0 ||
4889 strcasecmp(state, "closed") == 0)
4890 return (1<<SS_CLOSE);
4891 if (strcasecmp(state, "syn-rcv") == 0)
4892 return (1<<SS_SYN_RECV);
4893 if (strcasecmp(state, "established") == 0)
4894 return (1<<SS_ESTABLISHED);
4895 if (strcasecmp(state, "all") == 0)
4896 return SS_ALL;
4897 if (strcasecmp(state, "connected") == 0)
4898 return SS_ALL & ~((1<<SS_CLOSE)|(1<<SS_LISTEN));
4899 if (strcasecmp(state, "synchronized") == 0)
4900 return SS_ALL & ~((1<<SS_CLOSE)|(1<<SS_LISTEN)|(1<<SS_SYN_SENT));
4901 if (strcasecmp(state, "bucket") == 0)
4902 return (1<<SS_SYN_RECV)|(1<<SS_TIME_WAIT);
4903 if (strcasecmp(state, "big") == 0)
4904 return SS_ALL & ~((1<<SS_SYN_RECV)|(1<<SS_TIME_WAIT));
4905 for (i = 0; i < SS_MAX; i++) {
4906 if (strcasecmp(state, sstate_namel[i]) == 0)
4907 return (1<<i);
4908 }
4909
4910 fprintf(stderr, "ss: wrong state name: %s\n", state);
4911 exit(-1);
4912 }
4913
4914 /* Values 'v' and 'V' are already used so a non-character is used */
4915 #define OPT_VSOCK 256
4916
4917 /* Values of 't' are already used so a non-character is used */
4918 #define OPT_TIPCSOCK 257
4919 #define OPT_TIPCINFO 258
4920
4921 /* Values of 'x' are already used so a non-character is used */
4922 #define OPT_XDPSOCK 259
4923
4924 static const struct option long_opts[] = {
4925 { "numeric", 0, 0, 'n' },
4926 { "resolve", 0, 0, 'r' },
4927 { "options", 0, 0, 'o' },
4928 { "extended", 0, 0, 'e' },
4929 { "memory", 0, 0, 'm' },
4930 { "info", 0, 0, 'i' },
4931 { "processes", 0, 0, 'p' },
4932 { "bpf", 0, 0, 'b' },
4933 { "events", 0, 0, 'E' },
4934 { "dccp", 0, 0, 'd' },
4935 { "tcp", 0, 0, 't' },
4936 { "sctp", 0, 0, 'S' },
4937 { "udp", 0, 0, 'u' },
4938 { "raw", 0, 0, 'w' },
4939 { "unix", 0, 0, 'x' },
4940 { "tipc", 0, 0, OPT_TIPCSOCK},
4941 { "vsock", 0, 0, OPT_VSOCK },
4942 { "all", 0, 0, 'a' },
4943 { "listening", 0, 0, 'l' },
4944 { "ipv4", 0, 0, '4' },
4945 { "ipv6", 0, 0, '6' },
4946 { "packet", 0, 0, '0' },
4947 { "family", 1, 0, 'f' },
4948 { "socket", 1, 0, 'A' },
4949 { "query", 1, 0, 'A' },
4950 { "summary", 0, 0, 's' },
4951 { "diag", 1, 0, 'D' },
4952 { "filter", 1, 0, 'F' },
4953 { "version", 0, 0, 'V' },
4954 { "help", 0, 0, 'h' },
4955 { "context", 0, 0, 'Z' },
4956 { "contexts", 0, 0, 'z' },
4957 { "net", 1, 0, 'N' },
4958 { "tipcinfo", 0, 0, OPT_TIPCINFO},
4959 { "kill", 0, 0, 'K' },
4960 { "no-header", 0, 0, 'H' },
4961 { "xdp", 0, 0, OPT_XDPSOCK},
4962 { 0 }
4963
4964 };
4965
4966 int main(int argc, char *argv[])
4967 {
4968 int saw_states = 0;
4969 int saw_query = 0;
4970 int do_summary = 0;
4971 const char *dump_tcpdiag = NULL;
4972 FILE *filter_fp = NULL;
4973 int ch;
4974 int state_filter = 0;
4975
4976 while ((ch = getopt_long(argc, argv,
4977 "dhaletuwxnro460spbEf:miA:D:F:vVzZN:KHS",
4978 long_opts, NULL)) != EOF) {
4979 switch (ch) {
4980 case 'n':
4981 resolve_services = 0;
4982 break;
4983 case 'r':
4984 resolve_hosts = 1;
4985 break;
4986 case 'o':
4987 show_options = 1;
4988 break;
4989 case 'e':
4990 show_options = 1;
4991 show_details++;
4992 break;
4993 case 'm':
4994 show_mem = 1;
4995 break;
4996 case 'i':
4997 show_tcpinfo = 1;
4998 break;
4999 case 'p':
5000 show_users++;
5001 user_ent_hash_build();
5002 break;
5003 case 'b':
5004 show_options = 1;
5005 show_bpf++;
5006 break;
5007 case 'E':
5008 follow_events = 1;
5009 break;
5010 case 'd':
5011 filter_db_set(&current_filter, DCCP_DB, true);
5012 break;
5013 case 't':
5014 filter_db_set(&current_filter, TCP_DB, true);
5015 break;
5016 case 'S':
5017 filter_db_set(&current_filter, SCTP_DB, true);
5018 break;
5019 case 'u':
5020 filter_db_set(&current_filter, UDP_DB, true);
5021 break;
5022 case 'w':
5023 filter_db_set(&current_filter, RAW_DB, true);
5024 break;
5025 case 'x':
5026 filter_af_set(&current_filter, AF_UNIX);
5027 break;
5028 case OPT_VSOCK:
5029 filter_af_set(&current_filter, AF_VSOCK);
5030 break;
5031 case OPT_TIPCSOCK:
5032 filter_af_set(&current_filter, AF_TIPC);
5033 break;
5034 case 'a':
5035 state_filter = SS_ALL;
5036 break;
5037 case 'l':
5038 state_filter = (1 << SS_LISTEN) | (1 << SS_CLOSE);
5039 break;
5040 case '4':
5041 filter_af_set(&current_filter, AF_INET);
5042 break;
5043 case '6':
5044 filter_af_set(&current_filter, AF_INET6);
5045 break;
5046 case '0':
5047 filter_af_set(&current_filter, AF_PACKET);
5048 break;
5049 case OPT_XDPSOCK:
5050 filter_af_set(&current_filter, AF_XDP);
5051 break;
5052 case 'f':
5053 if (strcmp(optarg, "inet") == 0)
5054 filter_af_set(&current_filter, AF_INET);
5055 else if (strcmp(optarg, "inet6") == 0)
5056 filter_af_set(&current_filter, AF_INET6);
5057 else if (strcmp(optarg, "link") == 0)
5058 filter_af_set(&current_filter, AF_PACKET);
5059 else if (strcmp(optarg, "unix") == 0)
5060 filter_af_set(&current_filter, AF_UNIX);
5061 else if (strcmp(optarg, "netlink") == 0)
5062 filter_af_set(&current_filter, AF_NETLINK);
5063 else if (strcmp(optarg, "tipc") == 0)
5064 filter_af_set(&current_filter, AF_TIPC);
5065 else if (strcmp(optarg, "vsock") == 0)
5066 filter_af_set(&current_filter, AF_VSOCK);
5067 else if (strcmp(optarg, "xdp") == 0)
5068 filter_af_set(&current_filter, AF_XDP);
5069 else if (strcmp(optarg, "help") == 0)
5070 help();
5071 else {
5072 fprintf(stderr, "ss: \"%s\" is invalid family\n",
5073 optarg);
5074 usage();
5075 }
5076 break;
5077 case 'A':
5078 {
5079 char *p, *p1;
5080
5081 if (!saw_query) {
5082 current_filter.dbs = 0;
5083 state_filter = state_filter ?
5084 state_filter : SS_CONN;
5085 saw_query = 1;
5086 do_default = 0;
5087 }
5088 p = p1 = optarg;
5089 do {
5090 if ((p1 = strchr(p, ',')) != NULL)
5091 *p1 = 0;
5092 if (filter_db_parse(&current_filter, p)) {
5093 fprintf(stderr, "ss: \"%s\" is illegal socket table id\n", p);
5094 usage();
5095 }
5096 p = p1 + 1;
5097 } while (p1);
5098 break;
5099 }
5100 case 's':
5101 do_summary = 1;
5102 break;
5103 case 'D':
5104 dump_tcpdiag = optarg;
5105 break;
5106 case 'F':
5107 if (filter_fp) {
5108 fprintf(stderr, "More than one filter file\n");
5109 exit(-1);
5110 }
5111 if (optarg[0] == '-')
5112 filter_fp = stdin;
5113 else
5114 filter_fp = fopen(optarg, "r");
5115 if (!filter_fp) {
5116 perror("fopen filter file");
5117 exit(-1);
5118 }
5119 break;
5120 case 'v':
5121 case 'V':
5122 printf("ss utility, iproute2-ss%s\n", SNAPSHOT);
5123 exit(0);
5124 case 'z':
5125 show_sock_ctx++;
5126 /* fall through */
5127 case 'Z':
5128 if (is_selinux_enabled() <= 0) {
5129 fprintf(stderr, "ss: SELinux is not enabled.\n");
5130 exit(1);
5131 }
5132 show_proc_ctx++;
5133 user_ent_hash_build();
5134 break;
5135 case 'N':
5136 if (netns_switch(optarg))
5137 exit(1);
5138 break;
5139 case OPT_TIPCINFO:
5140 show_tipcinfo = 1;
5141 break;
5142 case 'K':
5143 current_filter.kill = 1;
5144 break;
5145 case 'H':
5146 show_header = 0;
5147 break;
5148 case 'h':
5149 help();
5150 case '?':
5151 default:
5152 usage();
5153 }
5154 }
5155
5156 argc -= optind;
5157 argv += optind;
5158
5159 if (do_summary) {
5160 print_summary();
5161 if (do_default && argc == 0)
5162 exit(0);
5163 }
5164
5165 while (argc > 0) {
5166 if (strcmp(*argv, "state") == 0) {
5167 NEXT_ARG();
5168 if (!saw_states)
5169 state_filter = 0;
5170 state_filter |= scan_state(*argv);
5171 saw_states = 1;
5172 } else if (strcmp(*argv, "exclude") == 0 ||
5173 strcmp(*argv, "excl") == 0) {
5174 NEXT_ARG();
5175 if (!saw_states)
5176 state_filter = SS_ALL;
5177 state_filter &= ~scan_state(*argv);
5178 saw_states = 1;
5179 } else {
5180 break;
5181 }
5182 argc--; argv++;
5183 }
5184
5185 if (do_default) {
5186 state_filter = state_filter ? state_filter : SS_CONN;
5187 filter_db_parse(&current_filter, "all");
5188 }
5189
5190 filter_states_set(&current_filter, state_filter);
5191 filter_merge_defaults(&current_filter);
5192
5193 if (resolve_services && resolve_hosts &&
5194 (current_filter.dbs & (UNIX_DBM|INET_L4_DBM)))
5195 init_service_resolver();
5196
5197 if (current_filter.dbs == 0) {
5198 fprintf(stderr, "ss: no socket tables to show with such filter.\n");
5199 exit(0);
5200 }
5201 if (current_filter.families == 0) {
5202 fprintf(stderr, "ss: no families to show with such filter.\n");
5203 exit(0);
5204 }
5205 if (current_filter.states == 0) {
5206 fprintf(stderr, "ss: no socket states to show with such filter.\n");
5207 exit(0);
5208 }
5209
5210 if (dump_tcpdiag) {
5211 FILE *dump_fp = stdout;
5212
5213 if (!(current_filter.dbs & (1<<TCP_DB))) {
5214 fprintf(stderr, "ss: tcpdiag dump requested and no tcp in filter.\n");
5215 exit(0);
5216 }
5217 if (dump_tcpdiag[0] != '-') {
5218 dump_fp = fopen(dump_tcpdiag, "w");
5219 if (!dump_tcpdiag) {
5220 perror("fopen dump file");
5221 exit(-1);
5222 }
5223 }
5224 inet_show_netlink(&current_filter, dump_fp, IPPROTO_TCP);
5225 fflush(dump_fp);
5226 exit(0);
5227 }
5228
5229 if (ssfilter_parse(&current_filter.f, argc, argv, filter_fp))
5230 usage();
5231
5232 if (!(current_filter.dbs & (current_filter.dbs - 1)))
5233 columns[COL_NETID].disabled = 1;
5234
5235 if (!(current_filter.states & (current_filter.states - 1)))
5236 columns[COL_STATE].disabled = 1;
5237
5238 if (show_header)
5239 print_header();
5240
5241 fflush(stdout);
5242
5243 if (follow_events)
5244 exit(handle_follow_request(&current_filter));
5245
5246 if (current_filter.dbs & (1<<NETLINK_DB))
5247 netlink_show(&current_filter);
5248 if (current_filter.dbs & PACKET_DBM)
5249 packet_show(&current_filter);
5250 if (current_filter.dbs & UNIX_DBM)
5251 unix_show(&current_filter);
5252 if (current_filter.dbs & (1<<RAW_DB))
5253 raw_show(&current_filter);
5254 if (current_filter.dbs & (1<<UDP_DB))
5255 udp_show(&current_filter);
5256 if (current_filter.dbs & (1<<TCP_DB))
5257 tcp_show(&current_filter);
5258 if (current_filter.dbs & (1<<DCCP_DB))
5259 dccp_show(&current_filter);
5260 if (current_filter.dbs & (1<<SCTP_DB))
5261 sctp_show(&current_filter);
5262 if (current_filter.dbs & VSOCK_DBM)
5263 vsock_show(&current_filter);
5264 if (current_filter.dbs & (1<<TIPC_DB))
5265 tipc_show(&current_filter);
5266 if (current_filter.dbs & (1<<XDP_DB))
5267 xdp_show(&current_filter);
5268
5269 if (show_users || show_proc_ctx || show_sock_ctx)
5270 user_ent_destroy();
5271
5272 render();
5273
5274 return 0;
5275 }
Upstream mirror of iproute2