2002-07-31 12:32:03 +00:00
|
|
|
/*-
|
2017-11-27 15:37:16 +00:00
|
|
|
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
|
|
|
|
*
|
2011-12-30 10:59:15 +00:00
|
|
|
* Copyright (c) 2002 Dag-Erling Coïdan Smørgrav
|
2002-07-31 12:32:03 +00:00
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer
|
|
|
|
* in this position and unchanged.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. The name of the author may not be used to endorse or promote products
|
|
|
|
* derived from this software without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
|
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
|
|
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <sys/cdefs.h>
|
|
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
|
|
|
|
#include <sys/param.h>
|
2020-04-26 20:55:11 +00:00
|
|
|
#include <sys/file.h>
|
2002-07-31 12:32:03 +00:00
|
|
|
#include <sys/socket.h>
|
|
|
|
#include <sys/socketvar.h>
|
|
|
|
#include <sys/sysctl.h>
|
2020-04-26 20:55:11 +00:00
|
|
|
#include <sys/jail.h>
|
2002-07-31 12:32:03 +00:00
|
|
|
#include <sys/user.h>
|
2022-07-07 05:19:08 +00:00
|
|
|
#include <sys/queue.h>
|
|
|
|
#include <sys/tree.h>
|
2002-07-31 12:32:03 +00:00
|
|
|
|
|
|
|
#include <sys/un.h>
|
|
|
|
#include <sys/unpcb.h>
|
|
|
|
|
2002-08-01 16:49:31 +00:00
|
|
|
#include <net/route.h>
|
|
|
|
|
2002-07-31 12:32:03 +00:00
|
|
|
#include <netinet/in.h>
|
|
|
|
#include <netinet/in_pcb.h>
|
2015-06-13 20:11:02 +00:00
|
|
|
#include <netinet/sctp.h>
|
2002-07-31 12:32:03 +00:00
|
|
|
#include <netinet/tcp.h>
|
2015-07-16 13:09:21 +00:00
|
|
|
#define TCPSTATES /* load state names */
|
|
|
|
#include <netinet/tcp_fsm.h>
|
2002-07-31 12:32:03 +00:00
|
|
|
#include <netinet/tcp_seq.h>
|
|
|
|
#include <netinet/tcp_var.h>
|
|
|
|
#include <arpa/inet.h>
|
|
|
|
|
2021-03-26 19:42:19 +00:00
|
|
|
#include <capsicum_helpers.h>
|
2002-07-31 12:32:03 +00:00
|
|
|
#include <ctype.h>
|
|
|
|
#include <err.h>
|
|
|
|
#include <errno.h>
|
2022-02-01 14:37:03 +00:00
|
|
|
#include <inttypes.h>
|
2018-07-03 23:47:20 +00:00
|
|
|
#include <jail.h>
|
2002-07-31 12:32:03 +00:00
|
|
|
#include <netdb.h>
|
|
|
|
#include <pwd.h>
|
|
|
|
#include <stdarg.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
|
2021-03-26 19:42:19 +00:00
|
|
|
#include <libcasper.h>
|
|
|
|
#include <casper/cap_net.h>
|
|
|
|
#include <casper/cap_netdb.h>
|
2021-06-18 16:06:03 +00:00
|
|
|
#include <casper/cap_pwd.h>
|
2021-03-26 19:42:19 +00:00
|
|
|
#include <casper/cap_sysctl.h>
|
|
|
|
|
2015-06-20 08:59:50 +00:00
|
|
|
#define sstosin(ss) ((struct sockaddr_in *)(ss))
|
|
|
|
#define sstosin6(ss) ((struct sockaddr_in6 *)(ss))
|
|
|
|
#define sstosun(ss) ((struct sockaddr_un *)(ss))
|
|
|
|
#define sstosa(ss) ((struct sockaddr *)(ss))
|
|
|
|
|
2002-07-31 12:32:03 +00:00
|
|
|
static int opt_4; /* Show IPv4 sockets */
|
|
|
|
static int opt_6; /* Show IPv6 sockets */
|
2020-09-13 09:12:25 +00:00
|
|
|
static int opt_C; /* Show congestion control */
|
2002-07-31 12:32:03 +00:00
|
|
|
static int opt_c; /* Show connected sockets */
|
2022-02-01 14:37:03 +00:00
|
|
|
static int opt_i; /* Show inp_gencnt */
|
2012-05-24 01:31:10 +00:00
|
|
|
static int opt_j; /* Show specified jail */
|
2008-05-19 11:32:44 +00:00
|
|
|
static int opt_L; /* Don't show IPv4 or IPv6 loopback sockets */
|
2002-07-31 12:32:03 +00:00
|
|
|
static int opt_l; /* Show listening sockets */
|
2020-12-30 18:40:37 +00:00
|
|
|
static int opt_n; /* Don't resolve UIDs to user names */
|
2018-01-23 13:03:47 +00:00
|
|
|
static int opt_q; /* Don't show header */
|
2017-09-12 13:34:43 +00:00
|
|
|
static int opt_S; /* Show protocol stack if applicable */
|
2015-07-16 13:09:21 +00:00
|
|
|
static int opt_s; /* Show protocol state if applicable */
|
2017-09-12 21:07:48 +00:00
|
|
|
static int opt_U; /* Show remote UDP encapsulation port number */
|
2002-07-31 12:32:03 +00:00
|
|
|
static int opt_u; /* Show Unix domain sockets */
|
|
|
|
static int opt_v; /* Verbose mode */
|
2017-09-13 06:57:52 +00:00
|
|
|
static int opt_w; /* Wide print area for addresses */
|
2002-07-31 12:32:03 +00:00
|
|
|
|
2006-11-11 22:11:54 +00:00
|
|
|
/*
|
|
|
|
* Default protocols to use if no -P was defined.
|
|
|
|
*/
|
2015-06-13 20:11:02 +00:00
|
|
|
static const char *default_protos[] = {"sctp", "tcp", "udp", "divert" };
|
2015-06-20 08:59:50 +00:00
|
|
|
static size_t default_numprotos = nitems(default_protos);
|
2006-11-11 22:11:54 +00:00
|
|
|
|
|
|
|
static int *protos; /* protocols to use */
|
|
|
|
static size_t numprotos; /* allocated size of protos[] */
|
|
|
|
|
2002-07-31 12:32:03 +00:00
|
|
|
static int *ports;
|
|
|
|
|
2017-02-21 12:37:59 +00:00
|
|
|
#define INT_BIT (sizeof(int)*CHAR_BIT)
|
|
|
|
#define SET_PORT(p) do { ports[p / INT_BIT] |= 1 << (p % INT_BIT); } while (0)
|
|
|
|
#define CHK_PORT(p) (ports[p / INT_BIT] & (1 << (p % INT_BIT)))
|
2002-07-31 12:32:03 +00:00
|
|
|
|
2015-06-13 20:05:20 +00:00
|
|
|
struct addr {
|
2022-07-07 05:19:08 +00:00
|
|
|
union {
|
|
|
|
struct sockaddr_storage address;
|
|
|
|
struct { /* unix(4) faddr */
|
|
|
|
kvaddr_t conn;
|
|
|
|
kvaddr_t firstref;
|
|
|
|
kvaddr_t nextref;
|
|
|
|
};
|
|
|
|
};
|
2017-09-12 21:07:48 +00:00
|
|
|
unsigned int encaps_port;
|
2017-09-12 21:36:13 +00:00
|
|
|
int state;
|
2015-06-13 20:05:20 +00:00
|
|
|
struct addr *next;
|
|
|
|
};
|
|
|
|
|
2002-07-31 12:32:03 +00:00
|
|
|
struct sock {
|
2022-07-07 05:19:08 +00:00
|
|
|
union {
|
|
|
|
RB_ENTRY(sock) socket_tree; /* tree of pcbs with socket */
|
|
|
|
SLIST_ENTRY(sock) socket_list; /* list of pcbs w/o socket */
|
|
|
|
};
|
|
|
|
RB_ENTRY(sock) pcb_tree;
|
2018-07-05 13:13:48 +00:00
|
|
|
kvaddr_t socket;
|
|
|
|
kvaddr_t pcb;
|
2022-02-01 14:37:03 +00:00
|
|
|
uint64_t inp_gencnt;
|
2012-01-24 21:33:34 +00:00
|
|
|
int shown;
|
2002-07-31 12:32:03 +00:00
|
|
|
int vflag;
|
|
|
|
int family;
|
|
|
|
int proto;
|
2015-07-16 13:09:21 +00:00
|
|
|
int state;
|
2002-07-31 12:32:03 +00:00
|
|
|
const char *protoname;
|
2017-09-12 13:34:43 +00:00
|
|
|
char stack[TCP_FUNCTION_NAME_LEN_MAX];
|
2020-09-13 09:12:25 +00:00
|
|
|
char cc[TCP_CA_NAME_MAX];
|
2015-06-13 20:05:20 +00:00
|
|
|
struct addr *laddr;
|
|
|
|
struct addr *faddr;
|
2002-07-31 12:32:03 +00:00
|
|
|
};
|
|
|
|
|
2022-07-07 05:19:08 +00:00
|
|
|
static RB_HEAD(socks_t, sock) socks = RB_INITIALIZER(&socks);
|
|
|
|
static int64_t
|
|
|
|
socket_compare(const struct sock *a, const struct sock *b)
|
|
|
|
{
|
|
|
|
return ((int64_t)(a->socket/2 - b->socket/2));
|
|
|
|
}
|
|
|
|
RB_GENERATE_STATIC(socks_t, sock, socket_tree, socket_compare);
|
|
|
|
|
|
|
|
static RB_HEAD(pcbs_t, sock) pcbs = RB_INITIALIZER(&pcbs);
|
|
|
|
static int64_t
|
|
|
|
pcb_compare(const struct sock *a, const struct sock *b)
|
|
|
|
{
|
|
|
|
return ((int64_t)(a->pcb/2 - b->pcb/2));
|
|
|
|
}
|
|
|
|
RB_GENERATE_STATIC(pcbs_t, sock, pcb_tree, pcb_compare);
|
|
|
|
|
|
|
|
static SLIST_HEAD(, sock) nosocks = SLIST_HEAD_INITIALIZER(&nosocks);
|
2002-07-31 12:32:03 +00:00
|
|
|
|
2022-07-07 05:19:08 +00:00
|
|
|
struct file {
|
|
|
|
RB_ENTRY(file) file_tree;
|
|
|
|
kvaddr_t xf_data;
|
|
|
|
pid_t xf_pid;
|
|
|
|
uid_t xf_uid;
|
|
|
|
int xf_fd;
|
|
|
|
};
|
|
|
|
|
|
|
|
static RB_HEAD(files_t, file) ftree = RB_INITIALIZER(&ftree);
|
|
|
|
static int64_t
|
|
|
|
file_compare(const struct file *a, const struct file *b)
|
|
|
|
{
|
|
|
|
return ((int64_t)(a->xf_data/2 - b->xf_data/2));
|
|
|
|
}
|
|
|
|
RB_GENERATE_STATIC(files_t, file, file_tree, file_compare);
|
|
|
|
|
|
|
|
static struct file *files;
|
|
|
|
static int nfiles;
|
2002-07-31 12:32:03 +00:00
|
|
|
|
2021-03-26 19:42:19 +00:00
|
|
|
static cap_channel_t *capnet;
|
|
|
|
static cap_channel_t *capnetdb;
|
|
|
|
static cap_channel_t *capsysctl;
|
2021-06-18 16:06:03 +00:00
|
|
|
static cap_channel_t *cappwd;
|
2021-03-26 19:42:19 +00:00
|
|
|
|
2002-07-31 12:32:03 +00:00
|
|
|
static int
|
|
|
|
xprintf(const char *fmt, ...)
|
|
|
|
{
|
|
|
|
va_list ap;
|
|
|
|
int len;
|
|
|
|
|
|
|
|
va_start(ap, fmt);
|
|
|
|
len = vprintf(fmt, ap);
|
|
|
|
va_end(ap);
|
|
|
|
if (len < 0)
|
|
|
|
err(1, "printf()");
|
|
|
|
return (len);
|
|
|
|
}
|
|
|
|
|
2022-05-30 10:54:53 +00:00
|
|
|
static bool
|
|
|
|
_check_ksize(size_t received_size, size_t expected_size, const char *struct_name)
|
|
|
|
{
|
|
|
|
if (received_size != expected_size) {
|
|
|
|
warnx("%s size mismatch: expected %zd, received %zd",
|
|
|
|
struct_name, expected_size, received_size);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
#define check_ksize(_sz, _struct) (_check_ksize(_sz, sizeof(_struct), #_struct))
|
|
|
|
|
|
|
|
static void
|
|
|
|
_enforce_ksize(size_t received_size, size_t expected_size, const char *struct_name)
|
|
|
|
{
|
|
|
|
if (received_size != expected_size) {
|
|
|
|
errx(1, "fatal: struct %s size mismatch: expected %zd, received %zd",
|
|
|
|
struct_name, expected_size, received_size);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#define enforce_ksize(_sz, _struct) (_enforce_ksize(_sz, sizeof(_struct), #_struct))
|
|
|
|
|
2006-11-11 22:11:54 +00:00
|
|
|
static int
|
|
|
|
get_proto_type(const char *proto)
|
|
|
|
{
|
|
|
|
struct protoent *pent;
|
|
|
|
|
|
|
|
if (strlen(proto) == 0)
|
|
|
|
return (0);
|
2021-06-18 16:03:16 +00:00
|
|
|
if (capnetdb != NULL)
|
|
|
|
pent = cap_getprotobyname(capnetdb, proto);
|
|
|
|
else
|
|
|
|
pent = getprotobyname(proto);
|
2006-11-11 22:11:54 +00:00
|
|
|
if (pent == NULL) {
|
2021-03-26 19:42:19 +00:00
|
|
|
warn("cap_getprotobyname");
|
2006-11-11 22:11:54 +00:00
|
|
|
return (-1);
|
|
|
|
}
|
|
|
|
return (pent->p_proto);
|
|
|
|
}
|
|
|
|
|
2015-06-20 08:59:50 +00:00
|
|
|
static void
|
|
|
|
init_protos(int num)
|
2006-11-11 22:11:54 +00:00
|
|
|
{
|
|
|
|
int proto_count = 0;
|
|
|
|
|
|
|
|
if (num > 0) {
|
|
|
|
proto_count = num;
|
|
|
|
} else {
|
|
|
|
/* Find the maximum number of possible protocols. */
|
|
|
|
while (getprotoent() != NULL)
|
|
|
|
proto_count++;
|
|
|
|
endprotoent();
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((protos = malloc(sizeof(int) * proto_count)) == NULL)
|
|
|
|
err(1, "malloc");
|
|
|
|
numprotos = proto_count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
parse_protos(char *protospec)
|
|
|
|
{
|
|
|
|
char *prot;
|
|
|
|
int proto_type, proto_index;
|
|
|
|
|
|
|
|
if (protospec == NULL)
|
|
|
|
return (-1);
|
|
|
|
|
|
|
|
init_protos(0);
|
|
|
|
proto_index = 0;
|
2015-06-20 08:59:50 +00:00
|
|
|
while ((prot = strsep(&protospec, ",")) != NULL) {
|
2006-11-11 22:11:54 +00:00
|
|
|
if (strlen(prot) == 0)
|
|
|
|
continue;
|
|
|
|
proto_type = get_proto_type(prot);
|
|
|
|
if (proto_type != -1)
|
|
|
|
protos[proto_index++] = proto_type;
|
|
|
|
}
|
|
|
|
numprotos = proto_index;
|
|
|
|
return (proto_index);
|
|
|
|
}
|
|
|
|
|
2002-07-31 12:32:03 +00:00
|
|
|
static void
|
|
|
|
parse_ports(const char *portspec)
|
|
|
|
{
|
|
|
|
const char *p, *q;
|
|
|
|
int port, end;
|
|
|
|
|
|
|
|
if (ports == NULL)
|
2003-05-09 09:11:27 +00:00
|
|
|
if ((ports = calloc(65536 / INT_BIT, sizeof(int))) == NULL)
|
2002-07-31 12:32:03 +00:00
|
|
|
err(1, "calloc()");
|
|
|
|
p = portspec;
|
|
|
|
while (*p != '\0') {
|
|
|
|
if (!isdigit(*p))
|
|
|
|
errx(1, "syntax error in port range");
|
|
|
|
for (q = p; *q != '\0' && isdigit(*q); ++q)
|
|
|
|
/* nothing */ ;
|
|
|
|
for (port = 0; p < q; ++p)
|
|
|
|
port = port * 10 + digittoint(*p);
|
|
|
|
if (port < 0 || port > 65535)
|
|
|
|
errx(1, "invalid port number");
|
|
|
|
SET_PORT(port);
|
|
|
|
switch (*p) {
|
|
|
|
case '-':
|
|
|
|
++p;
|
|
|
|
break;
|
|
|
|
case ',':
|
|
|
|
++p;
|
|
|
|
/* fall through */
|
|
|
|
case '\0':
|
|
|
|
default:
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
for (q = p; *q != '\0' && isdigit(*q); ++q)
|
|
|
|
/* nothing */ ;
|
|
|
|
for (end = 0; p < q; ++p)
|
|
|
|
end = end * 10 + digittoint(*p);
|
|
|
|
if (end < port || end > 65535)
|
|
|
|
errx(1, "invalid port number");
|
|
|
|
while (port++ < end)
|
|
|
|
SET_PORT(port);
|
|
|
|
if (*p == ',')
|
|
|
|
++p;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
2015-06-20 08:59:50 +00:00
|
|
|
sockaddr(struct sockaddr_storage *ss, int af, void *addr, int port)
|
2002-07-31 12:32:03 +00:00
|
|
|
{
|
|
|
|
struct sockaddr_in *sin4;
|
|
|
|
struct sockaddr_in6 *sin6;
|
|
|
|
|
2015-06-20 08:59:50 +00:00
|
|
|
bzero(ss, sizeof(*ss));
|
2002-07-31 12:32:03 +00:00
|
|
|
switch (af) {
|
|
|
|
case AF_INET:
|
2015-06-20 08:59:50 +00:00
|
|
|
sin4 = sstosin(ss);
|
|
|
|
sin4->sin_len = sizeof(*sin4);
|
2002-07-31 12:32:03 +00:00
|
|
|
sin4->sin_family = af;
|
|
|
|
sin4->sin_port = port;
|
|
|
|
sin4->sin_addr = *(struct in_addr *)addr;
|
|
|
|
break;
|
|
|
|
case AF_INET6:
|
2015-06-20 08:59:50 +00:00
|
|
|
sin6 = sstosin6(ss);
|
|
|
|
sin6->sin6_len = sizeof(*sin6);
|
2002-07-31 12:32:03 +00:00
|
|
|
sin6->sin6_family = af;
|
|
|
|
sin6->sin6_port = port;
|
|
|
|
sin6->sin6_addr = *(struct in6_addr *)addr;
|
2015-06-20 08:59:50 +00:00
|
|
|
#define s6_addr16 __u6_addr.__u6_addr16
|
|
|
|
if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
|
|
|
|
sin6->sin6_scope_id =
|
|
|
|
ntohs(sin6->sin6_addr.s6_addr16[1]);
|
|
|
|
sin6->sin6_addr.s6_addr16[1] = 0;
|
|
|
|
}
|
2002-07-31 12:32:03 +00:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
abort();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-06-19 19:36:29 +00:00
|
|
|
static void
|
|
|
|
free_socket(struct sock *sock)
|
|
|
|
{
|
|
|
|
struct addr *cur, *next;
|
|
|
|
|
|
|
|
cur = sock->laddr;
|
|
|
|
while (cur != NULL) {
|
|
|
|
next = cur->next;
|
|
|
|
free(cur);
|
|
|
|
cur = next;
|
|
|
|
}
|
|
|
|
cur = sock->faddr;
|
|
|
|
while (cur != NULL) {
|
|
|
|
next = cur->next;
|
|
|
|
free(cur);
|
|
|
|
cur = next;
|
|
|
|
}
|
|
|
|
free(sock);
|
|
|
|
}
|
|
|
|
|
2015-06-13 20:11:02 +00:00
|
|
|
static void
|
|
|
|
gather_sctp(void)
|
|
|
|
{
|
|
|
|
struct sock *sock;
|
|
|
|
struct addr *laddr, *prev_laddr, *faddr, *prev_faddr;
|
|
|
|
struct xsctp_inpcb *xinpcb;
|
|
|
|
struct xsctp_tcb *xstcb;
|
|
|
|
struct xsctp_raddr *xraddr;
|
|
|
|
struct xsctp_laddr *xladdr;
|
|
|
|
const char *varname;
|
|
|
|
size_t len, offset;
|
|
|
|
char *buf;
|
2022-07-07 05:19:08 +00:00
|
|
|
int vflag;
|
2015-06-13 20:11:02 +00:00
|
|
|
int no_stcb, local_all_loopback, foreign_all_loopback;
|
|
|
|
|
|
|
|
vflag = 0;
|
|
|
|
if (opt_4)
|
|
|
|
vflag |= INP_IPV4;
|
|
|
|
if (opt_6)
|
|
|
|
vflag |= INP_IPV6;
|
|
|
|
|
|
|
|
varname = "net.inet.sctp.assoclist";
|
2021-03-26 19:42:19 +00:00
|
|
|
if (cap_sysctlbyname(capsysctl, varname, 0, &len, 0, 0) < 0) {
|
2015-06-13 20:11:02 +00:00
|
|
|
if (errno != ENOENT)
|
2021-03-26 19:42:19 +00:00
|
|
|
err(1, "cap_sysctlbyname()");
|
2015-06-13 20:11:02 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
if ((buf = (char *)malloc(len)) == NULL) {
|
|
|
|
err(1, "malloc()");
|
|
|
|
return;
|
|
|
|
}
|
2021-03-26 19:42:19 +00:00
|
|
|
if (cap_sysctlbyname(capsysctl, varname, buf, &len, 0, 0) < 0) {
|
|
|
|
err(1, "cap_sysctlbyname()");
|
2015-06-13 20:11:02 +00:00
|
|
|
free(buf);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
xinpcb = (struct xsctp_inpcb *)(void *)buf;
|
|
|
|
offset = sizeof(struct xsctp_inpcb);
|
|
|
|
while ((offset < len) && (xinpcb->last == 0)) {
|
|
|
|
if ((sock = calloc(1, sizeof *sock)) == NULL)
|
|
|
|
err(1, "malloc()");
|
|
|
|
sock->socket = xinpcb->socket;
|
|
|
|
sock->proto = IPPROTO_SCTP;
|
|
|
|
sock->protoname = "sctp";
|
2015-08-29 09:10:52 +00:00
|
|
|
if (xinpcb->maxqlen == 0)
|
2015-08-26 23:45:06 +00:00
|
|
|
sock->state = SCTP_CLOSED;
|
|
|
|
else
|
|
|
|
sock->state = SCTP_LISTEN;
|
2015-06-13 20:11:02 +00:00
|
|
|
if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
|
|
|
|
sock->family = AF_INET6;
|
2016-06-25 12:46:18 +00:00
|
|
|
/*
|
|
|
|
* Currently there is no way to distinguish between
|
|
|
|
* IPv6 only sockets or dual family sockets.
|
|
|
|
* So mark it as dual socket.
|
|
|
|
*/
|
|
|
|
sock->vflag = INP_IPV6 | INP_IPV4;
|
2015-06-13 20:11:02 +00:00
|
|
|
} else {
|
|
|
|
sock->family = AF_INET;
|
|
|
|
sock->vflag = INP_IPV4;
|
|
|
|
}
|
|
|
|
prev_laddr = NULL;
|
|
|
|
local_all_loopback = 1;
|
|
|
|
while (offset < len) {
|
|
|
|
xladdr = (struct xsctp_laddr *)(void *)(buf + offset);
|
|
|
|
offset += sizeof(struct xsctp_laddr);
|
|
|
|
if (xladdr->last == 1)
|
|
|
|
break;
|
|
|
|
if ((laddr = calloc(1, sizeof(struct addr))) == NULL)
|
|
|
|
err(1, "malloc()");
|
|
|
|
switch (xladdr->address.sa.sa_family) {
|
|
|
|
case AF_INET:
|
2017-02-21 12:37:59 +00:00
|
|
|
#define __IN_IS_ADDR_LOOPBACK(pina) \
|
2015-06-13 20:11:02 +00:00
|
|
|
((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
|
2017-02-21 12:37:59 +00:00
|
|
|
if (!__IN_IS_ADDR_LOOPBACK(
|
|
|
|
&xladdr->address.sin.sin_addr))
|
2015-06-13 20:11:02 +00:00
|
|
|
local_all_loopback = 0;
|
2017-02-21 12:37:59 +00:00
|
|
|
#undef __IN_IS_ADDR_LOOPBACK
|
|
|
|
sockaddr(&laddr->address, AF_INET,
|
|
|
|
&xladdr->address.sin.sin_addr,
|
|
|
|
htons(xinpcb->local_port));
|
2015-06-13 20:11:02 +00:00
|
|
|
break;
|
|
|
|
case AF_INET6:
|
2017-02-21 12:37:59 +00:00
|
|
|
if (!IN6_IS_ADDR_LOOPBACK(
|
|
|
|
&xladdr->address.sin6.sin6_addr))
|
2015-06-13 20:11:02 +00:00
|
|
|
local_all_loopback = 0;
|
2017-02-21 12:37:59 +00:00
|
|
|
sockaddr(&laddr->address, AF_INET6,
|
|
|
|
&xladdr->address.sin6.sin6_addr,
|
|
|
|
htons(xinpcb->local_port));
|
2015-06-13 20:11:02 +00:00
|
|
|
break;
|
|
|
|
default:
|
2015-10-21 05:37:09 +00:00
|
|
|
errx(1, "address family %d not supported",
|
2017-02-21 12:37:59 +00:00
|
|
|
xladdr->address.sa.sa_family);
|
2015-06-13 20:11:02 +00:00
|
|
|
}
|
|
|
|
laddr->next = NULL;
|
|
|
|
if (prev_laddr == NULL)
|
|
|
|
sock->laddr = laddr;
|
|
|
|
else
|
|
|
|
prev_laddr->next = laddr;
|
|
|
|
prev_laddr = laddr;
|
|
|
|
}
|
|
|
|
if (sock->laddr == NULL) {
|
2017-02-21 12:37:59 +00:00
|
|
|
if ((sock->laddr =
|
|
|
|
calloc(1, sizeof(struct addr))) == NULL)
|
2015-06-13 20:11:02 +00:00
|
|
|
err(1, "malloc()");
|
|
|
|
sock->laddr->address.ss_family = sock->family;
|
|
|
|
if (sock->family == AF_INET)
|
2017-02-21 12:37:59 +00:00
|
|
|
sock->laddr->address.ss_len =
|
|
|
|
sizeof(struct sockaddr_in);
|
2015-06-13 20:11:02 +00:00
|
|
|
else
|
2017-02-21 12:37:59 +00:00
|
|
|
sock->laddr->address.ss_len =
|
|
|
|
sizeof(struct sockaddr_in6);
|
2015-06-13 20:11:02 +00:00
|
|
|
local_all_loopback = 0;
|
|
|
|
}
|
|
|
|
if ((sock->faddr = calloc(1, sizeof(struct addr))) == NULL)
|
|
|
|
err(1, "malloc()");
|
|
|
|
sock->faddr->address.ss_family = sock->family;
|
|
|
|
if (sock->family == AF_INET)
|
2017-02-21 12:37:59 +00:00
|
|
|
sock->faddr->address.ss_len =
|
|
|
|
sizeof(struct sockaddr_in);
|
2015-06-13 20:11:02 +00:00
|
|
|
else
|
2017-02-21 12:37:59 +00:00
|
|
|
sock->faddr->address.ss_len =
|
|
|
|
sizeof(struct sockaddr_in6);
|
2015-06-13 20:11:02 +00:00
|
|
|
no_stcb = 1;
|
|
|
|
while (offset < len) {
|
|
|
|
xstcb = (struct xsctp_tcb *)(void *)(buf + offset);
|
|
|
|
offset += sizeof(struct xsctp_tcb);
|
2015-06-19 19:36:29 +00:00
|
|
|
if (no_stcb) {
|
2017-02-21 12:37:59 +00:00
|
|
|
if (opt_l && (sock->vflag & vflag) &&
|
2015-06-19 19:36:29 +00:00
|
|
|
(!opt_L || !local_all_loopback) &&
|
|
|
|
((xinpcb->flags & SCTP_PCB_FLAGS_UDPTYPE) ||
|
|
|
|
(xstcb->last == 1))) {
|
2022-07-07 05:19:08 +00:00
|
|
|
RB_INSERT(socks_t, &socks, sock);
|
2015-06-19 19:36:29 +00:00
|
|
|
} else {
|
|
|
|
free_socket(sock);
|
|
|
|
}
|
2015-06-13 20:11:02 +00:00
|
|
|
}
|
|
|
|
if (xstcb->last == 1)
|
|
|
|
break;
|
|
|
|
no_stcb = 0;
|
|
|
|
if (opt_c) {
|
|
|
|
if ((sock = calloc(1, sizeof *sock)) == NULL)
|
|
|
|
err(1, "malloc()");
|
|
|
|
sock->socket = xinpcb->socket;
|
|
|
|
sock->proto = IPPROTO_SCTP;
|
|
|
|
sock->protoname = "sctp";
|
2015-08-26 23:45:06 +00:00
|
|
|
sock->state = (int)xstcb->state;
|
2015-06-13 20:11:02 +00:00
|
|
|
if (xinpcb->flags & SCTP_PCB_FLAGS_BOUND_V6) {
|
|
|
|
sock->family = AF_INET6;
|
2016-06-25 12:46:18 +00:00
|
|
|
/*
|
|
|
|
* Currently there is no way to distinguish
|
|
|
|
* between IPv6 only sockets or dual family
|
|
|
|
* sockets. So mark it as dual socket.
|
|
|
|
*/
|
|
|
|
sock->vflag = INP_IPV6 | INP_IPV4;
|
2015-06-13 20:11:02 +00:00
|
|
|
} else {
|
|
|
|
sock->family = AF_INET;
|
|
|
|
sock->vflag = INP_IPV4;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
prev_laddr = NULL;
|
|
|
|
local_all_loopback = 1;
|
|
|
|
while (offset < len) {
|
2017-02-21 12:37:59 +00:00
|
|
|
xladdr = (struct xsctp_laddr *)(void *)(buf +
|
|
|
|
offset);
|
2015-06-13 20:11:02 +00:00
|
|
|
offset += sizeof(struct xsctp_laddr);
|
|
|
|
if (xladdr->last == 1)
|
|
|
|
break;
|
|
|
|
if (!opt_c)
|
|
|
|
continue;
|
2017-02-21 12:37:59 +00:00
|
|
|
laddr = calloc(1, sizeof(struct addr));
|
|
|
|
if (laddr == NULL)
|
2015-06-13 20:11:02 +00:00
|
|
|
err(1, "malloc()");
|
|
|
|
switch (xladdr->address.sa.sa_family) {
|
|
|
|
case AF_INET:
|
2017-02-21 12:37:59 +00:00
|
|
|
#define __IN_IS_ADDR_LOOPBACK(pina) \
|
2015-06-13 20:11:02 +00:00
|
|
|
((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
|
2017-02-21 12:37:59 +00:00
|
|
|
if (!__IN_IS_ADDR_LOOPBACK(
|
|
|
|
&xladdr->address.sin.sin_addr))
|
2015-06-13 20:11:02 +00:00
|
|
|
local_all_loopback = 0;
|
2017-02-21 12:37:59 +00:00
|
|
|
#undef __IN_IS_ADDR_LOOPBACK
|
|
|
|
sockaddr(&laddr->address, AF_INET,
|
|
|
|
&xladdr->address.sin.sin_addr,
|
|
|
|
htons(xstcb->local_port));
|
2015-06-13 20:11:02 +00:00
|
|
|
break;
|
|
|
|
case AF_INET6:
|
2017-02-21 12:37:59 +00:00
|
|
|
if (!IN6_IS_ADDR_LOOPBACK(
|
|
|
|
&xladdr->address.sin6.sin6_addr))
|
2015-06-13 20:11:02 +00:00
|
|
|
local_all_loopback = 0;
|
2017-02-21 12:37:59 +00:00
|
|
|
sockaddr(&laddr->address, AF_INET6,
|
|
|
|
&xladdr->address.sin6.sin6_addr,
|
|
|
|
htons(xstcb->local_port));
|
2015-06-13 20:11:02 +00:00
|
|
|
break;
|
|
|
|
default:
|
2017-02-21 12:37:59 +00:00
|
|
|
errx(1,
|
|
|
|
"address family %d not supported",
|
|
|
|
xladdr->address.sa.sa_family);
|
2015-06-13 20:11:02 +00:00
|
|
|
}
|
|
|
|
laddr->next = NULL;
|
|
|
|
if (prev_laddr == NULL)
|
|
|
|
sock->laddr = laddr;
|
|
|
|
else
|
|
|
|
prev_laddr->next = laddr;
|
|
|
|
prev_laddr = laddr;
|
|
|
|
}
|
|
|
|
prev_faddr = NULL;
|
|
|
|
foreign_all_loopback = 1;
|
|
|
|
while (offset < len) {
|
2017-02-21 12:37:59 +00:00
|
|
|
xraddr = (struct xsctp_raddr *)(void *)(buf +
|
|
|
|
offset);
|
2015-06-13 20:11:02 +00:00
|
|
|
offset += sizeof(struct xsctp_raddr);
|
|
|
|
if (xraddr->last == 1)
|
|
|
|
break;
|
|
|
|
if (!opt_c)
|
|
|
|
continue;
|
2017-02-21 12:37:59 +00:00
|
|
|
faddr = calloc(1, sizeof(struct addr));
|
|
|
|
if (faddr == NULL)
|
2015-06-13 20:11:02 +00:00
|
|
|
err(1, "malloc()");
|
|
|
|
switch (xraddr->address.sa.sa_family) {
|
|
|
|
case AF_INET:
|
2017-02-21 12:37:59 +00:00
|
|
|
#define __IN_IS_ADDR_LOOPBACK(pina) \
|
2015-06-13 20:11:02 +00:00
|
|
|
((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
|
2017-02-21 12:37:59 +00:00
|
|
|
if (!__IN_IS_ADDR_LOOPBACK(
|
|
|
|
&xraddr->address.sin.sin_addr))
|
2015-06-13 20:11:02 +00:00
|
|
|
foreign_all_loopback = 0;
|
2017-02-21 12:37:59 +00:00
|
|
|
#undef __IN_IS_ADDR_LOOPBACK
|
|
|
|
sockaddr(&faddr->address, AF_INET,
|
|
|
|
&xraddr->address.sin.sin_addr,
|
|
|
|
htons(xstcb->remote_port));
|
2015-06-13 20:11:02 +00:00
|
|
|
break;
|
|
|
|
case AF_INET6:
|
2017-02-21 12:37:59 +00:00
|
|
|
if (!IN6_IS_ADDR_LOOPBACK(
|
|
|
|
&xraddr->address.sin6.sin6_addr))
|
2015-06-13 20:11:02 +00:00
|
|
|
foreign_all_loopback = 0;
|
2017-02-21 12:37:59 +00:00
|
|
|
sockaddr(&faddr->address, AF_INET6,
|
|
|
|
&xraddr->address.sin6.sin6_addr,
|
|
|
|
htons(xstcb->remote_port));
|
2015-06-13 20:11:02 +00:00
|
|
|
break;
|
|
|
|
default:
|
2017-02-21 12:37:59 +00:00
|
|
|
errx(1,
|
|
|
|
"address family %d not supported",
|
|
|
|
xraddr->address.sa.sa_family);
|
2015-06-13 20:11:02 +00:00
|
|
|
}
|
2017-09-15 20:46:51 +00:00
|
|
|
faddr->encaps_port = xraddr->encaps_port;
|
2017-09-12 21:36:13 +00:00
|
|
|
faddr->state = xraddr->state;
|
2015-06-13 20:11:02 +00:00
|
|
|
faddr->next = NULL;
|
|
|
|
if (prev_faddr == NULL)
|
|
|
|
sock->faddr = faddr;
|
|
|
|
else
|
|
|
|
prev_faddr->next = faddr;
|
|
|
|
prev_faddr = faddr;
|
|
|
|
}
|
2015-06-19 19:36:29 +00:00
|
|
|
if (opt_c) {
|
2016-06-25 12:46:18 +00:00
|
|
|
if ((sock->vflag & vflag) &&
|
|
|
|
(!opt_L ||
|
2017-02-21 12:37:59 +00:00
|
|
|
!(local_all_loopback ||
|
|
|
|
foreign_all_loopback))) {
|
2022-07-07 05:19:08 +00:00
|
|
|
RB_INSERT(socks_t, &socks, sock);
|
2015-06-19 19:36:29 +00:00
|
|
|
} else {
|
|
|
|
free_socket(sock);
|
|
|
|
}
|
2015-06-13 20:11:02 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
xinpcb = (struct xsctp_inpcb *)(void *)(buf + offset);
|
|
|
|
offset += sizeof(struct xsctp_inpcb);
|
|
|
|
}
|
|
|
|
free(buf);
|
|
|
|
}
|
|
|
|
|
2002-07-31 12:32:03 +00:00
|
|
|
static void
|
|
|
|
gather_inet(int proto)
|
|
|
|
{
|
|
|
|
struct xinpgen *xig, *exig;
|
|
|
|
struct xinpcb *xip;
|
2017-03-21 08:57:20 +00:00
|
|
|
struct xtcpcb *xtp = NULL;
|
2002-07-31 12:32:03 +00:00
|
|
|
struct xsocket *so;
|
|
|
|
struct sock *sock;
|
2015-06-13 20:05:20 +00:00
|
|
|
struct addr *laddr, *faddr;
|
2002-07-31 12:32:03 +00:00
|
|
|
const char *varname, *protoname;
|
|
|
|
size_t len, bufsize;
|
|
|
|
void *buf;
|
2022-07-07 05:19:08 +00:00
|
|
|
int retry, vflag;
|
2002-07-31 12:32:03 +00:00
|
|
|
|
2015-08-26 22:52:18 +00:00
|
|
|
vflag = 0;
|
2002-07-31 12:32:03 +00:00
|
|
|
if (opt_4)
|
|
|
|
vflag |= INP_IPV4;
|
|
|
|
if (opt_6)
|
|
|
|
vflag |= INP_IPV6;
|
|
|
|
|
|
|
|
switch (proto) {
|
|
|
|
case IPPROTO_TCP:
|
|
|
|
varname = "net.inet.tcp.pcblist";
|
|
|
|
protoname = "tcp";
|
|
|
|
break;
|
|
|
|
case IPPROTO_UDP:
|
|
|
|
varname = "net.inet.udp.pcblist";
|
|
|
|
protoname = "udp";
|
|
|
|
break;
|
2004-12-05 14:17:14 +00:00
|
|
|
case IPPROTO_DIVERT:
|
|
|
|
varname = "net.inet.divert.pcblist";
|
|
|
|
protoname = "div";
|
|
|
|
break;
|
2002-07-31 12:32:03 +00:00
|
|
|
default:
|
2006-11-11 22:11:54 +00:00
|
|
|
errx(1, "protocol %d not supported", proto);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
buf = NULL;
|
|
|
|
bufsize = 8192;
|
|
|
|
retry = 5;
|
|
|
|
do {
|
|
|
|
for (;;) {
|
|
|
|
if ((buf = realloc(buf, bufsize)) == NULL)
|
|
|
|
err(1, "realloc()");
|
|
|
|
len = bufsize;
|
2021-03-26 19:42:19 +00:00
|
|
|
if (cap_sysctlbyname(capsysctl, varname, buf, &len,
|
|
|
|
NULL, 0) == 0)
|
2002-07-31 12:32:03 +00:00
|
|
|
break;
|
2004-12-06 09:28:05 +00:00
|
|
|
if (errno == ENOENT)
|
|
|
|
goto out;
|
2012-02-01 18:03:21 +00:00
|
|
|
if (errno != ENOMEM || len != bufsize)
|
2021-03-26 19:42:19 +00:00
|
|
|
err(1, "cap_sysctlbyname()");
|
2002-07-31 12:32:03 +00:00
|
|
|
bufsize *= 2;
|
|
|
|
}
|
|
|
|
xig = (struct xinpgen *)buf;
|
2002-08-02 11:57:59 +00:00
|
|
|
exig = (struct xinpgen *)(void *)
|
|
|
|
((char *)buf + len - sizeof *exig);
|
2022-05-30 10:54:53 +00:00
|
|
|
enforce_ksize(xig->xig_len, struct xinpgen);
|
|
|
|
enforce_ksize(exig->xig_len, struct xinpgen);
|
2002-07-31 12:32:03 +00:00
|
|
|
} while (xig->xig_gen != exig->xig_gen && retry--);
|
|
|
|
|
|
|
|
if (xig->xig_gen != exig->xig_gen && opt_v)
|
|
|
|
warnx("warning: data may be inconsistent");
|
|
|
|
|
|
|
|
for (;;) {
|
2002-08-02 11:57:59 +00:00
|
|
|
xig = (struct xinpgen *)(void *)((char *)xig + xig->xig_len);
|
2002-07-31 12:32:03 +00:00
|
|
|
if (xig >= exig)
|
|
|
|
break;
|
|
|
|
switch (proto) {
|
|
|
|
case IPPROTO_TCP:
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
xtp = (struct xtcpcb *)xig;
|
|
|
|
xip = &xtp->xt_inp;
|
2022-05-30 10:54:53 +00:00
|
|
|
if (!check_ksize(xtp->xt_len, struct xtcpcb))
|
2002-07-31 12:32:03 +00:00
|
|
|
goto out;
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
protoname = xtp->t_flags & TF_TOE ? "toe" : "tcp";
|
2002-07-31 12:32:03 +00:00
|
|
|
break;
|
|
|
|
case IPPROTO_UDP:
|
2004-12-05 14:17:14 +00:00
|
|
|
case IPPROTO_DIVERT:
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
xip = (struct xinpcb *)xig;
|
2022-05-30 10:54:53 +00:00
|
|
|
if (!check_ksize(xip->xi_len, struct xinpcb))
|
2002-07-31 12:32:03 +00:00
|
|
|
goto out;
|
|
|
|
break;
|
|
|
|
default:
|
2006-11-11 22:11:54 +00:00
|
|
|
errx(1, "protocol %d not supported", proto);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
so = &xip->xi_socket;
|
|
|
|
if ((xip->inp_vflag & vflag) == 0)
|
2002-07-31 12:32:03 +00:00
|
|
|
continue;
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
if (xip->inp_vflag & INP_IPV4) {
|
|
|
|
if ((xip->inp_fport == 0 && !opt_l) ||
|
|
|
|
(xip->inp_fport != 0 && !opt_c))
|
2002-08-01 11:02:30 +00:00
|
|
|
continue;
|
2017-02-21 12:37:59 +00:00
|
|
|
#define __IN_IS_ADDR_LOOPBACK(pina) \
|
2008-05-19 11:32:44 +00:00
|
|
|
((ntohl((pina)->s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
|
|
|
|
if (opt_L &&
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
(__IN_IS_ADDR_LOOPBACK(&xip->inp_faddr) ||
|
|
|
|
__IN_IS_ADDR_LOOPBACK(&xip->inp_laddr)))
|
2008-05-19 11:32:44 +00:00
|
|
|
continue;
|
2017-02-21 12:37:59 +00:00
|
|
|
#undef __IN_IS_ADDR_LOOPBACK
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
} else if (xip->inp_vflag & INP_IPV6) {
|
|
|
|
if ((xip->inp_fport == 0 && !opt_l) ||
|
|
|
|
(xip->inp_fport != 0 && !opt_c))
|
2002-08-01 11:02:30 +00:00
|
|
|
continue;
|
2008-05-19 11:32:44 +00:00
|
|
|
if (opt_L &&
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
(IN6_IS_ADDR_LOOPBACK(&xip->in6p_faddr) ||
|
|
|
|
IN6_IS_ADDR_LOOPBACK(&xip->in6p_laddr)))
|
2008-05-19 11:32:44 +00:00
|
|
|
continue;
|
2002-08-01 11:02:30 +00:00
|
|
|
} else {
|
|
|
|
if (opt_v)
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
warnx("invalid vflag 0x%x", xip->inp_vflag);
|
2002-08-01 11:02:30 +00:00
|
|
|
continue;
|
|
|
|
}
|
2015-06-20 08:59:50 +00:00
|
|
|
if ((sock = calloc(1, sizeof(*sock))) == NULL)
|
2002-07-31 12:32:03 +00:00
|
|
|
err(1, "malloc()");
|
2015-06-13 20:05:20 +00:00
|
|
|
if ((laddr = calloc(1, sizeof *laddr)) == NULL)
|
|
|
|
err(1, "malloc()");
|
|
|
|
if ((faddr = calloc(1, sizeof *faddr)) == NULL)
|
|
|
|
err(1, "malloc()");
|
2002-07-31 12:32:03 +00:00
|
|
|
sock->socket = so->xso_so;
|
|
|
|
sock->proto = proto;
|
2022-02-01 14:37:03 +00:00
|
|
|
sock->inp_gencnt = xip->inp_gencnt;
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
if (xip->inp_vflag & INP_IPV4) {
|
2002-07-31 12:32:03 +00:00
|
|
|
sock->family = AF_INET;
|
2015-06-13 20:05:20 +00:00
|
|
|
sockaddr(&laddr->address, sock->family,
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
&xip->inp_laddr, xip->inp_lport);
|
2015-06-13 20:05:20 +00:00
|
|
|
sockaddr(&faddr->address, sock->family,
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
&xip->inp_faddr, xip->inp_fport);
|
|
|
|
} else if (xip->inp_vflag & INP_IPV6) {
|
2002-07-31 12:32:03 +00:00
|
|
|
sock->family = AF_INET6;
|
2015-06-13 20:05:20 +00:00
|
|
|
sockaddr(&laddr->address, sock->family,
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
&xip->in6p_laddr, xip->inp_lport);
|
2015-06-13 20:05:20 +00:00
|
|
|
sockaddr(&faddr->address, sock->family,
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
&xip->in6p_faddr, xip->inp_fport);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
2021-04-18 14:08:08 +00:00
|
|
|
if (proto == IPPROTO_TCP)
|
|
|
|
faddr->encaps_port = xtp->xt_encaps_port;
|
2015-06-13 20:05:20 +00:00
|
|
|
laddr->next = NULL;
|
|
|
|
faddr->next = NULL;
|
|
|
|
sock->laddr = laddr;
|
|
|
|
sock->faddr = faddr;
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
sock->vflag = xip->inp_vflag;
|
2017-09-12 13:34:43 +00:00
|
|
|
if (proto == IPPROTO_TCP) {
|
Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
2017-03-21 06:39:49 +00:00
|
|
|
sock->state = xtp->t_state;
|
2017-09-12 13:34:43 +00:00
|
|
|
memcpy(sock->stack, xtp->xt_stack,
|
|
|
|
TCP_FUNCTION_NAME_LEN_MAX);
|
2020-09-13 09:12:25 +00:00
|
|
|
memcpy(sock->cc, xtp->xt_cc, TCP_CA_NAME_MAX);
|
2017-09-12 13:34:43 +00:00
|
|
|
}
|
2002-07-31 12:32:03 +00:00
|
|
|
sock->protoname = protoname;
|
2022-07-07 05:19:08 +00:00
|
|
|
if (sock->socket != 0)
|
|
|
|
RB_INSERT(socks_t, &socks, sock);
|
|
|
|
else
|
|
|
|
SLIST_INSERT_HEAD(&nosocks, sock, socket_list);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
|
|
|
out:
|
|
|
|
free(buf);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
gather_unix(int proto)
|
|
|
|
{
|
|
|
|
struct xunpgen *xug, *exug;
|
|
|
|
struct xunpcb *xup;
|
|
|
|
struct sock *sock;
|
2015-06-13 20:05:20 +00:00
|
|
|
struct addr *laddr, *faddr;
|
2002-07-31 12:32:03 +00:00
|
|
|
const char *varname, *protoname;
|
|
|
|
size_t len, bufsize;
|
|
|
|
void *buf;
|
2022-07-07 05:19:08 +00:00
|
|
|
int retry;
|
2002-07-31 12:32:03 +00:00
|
|
|
|
|
|
|
switch (proto) {
|
|
|
|
case SOCK_STREAM:
|
|
|
|
varname = "net.local.stream.pcblist";
|
|
|
|
protoname = "stream";
|
|
|
|
break;
|
|
|
|
case SOCK_DGRAM:
|
|
|
|
varname = "net.local.dgram.pcblist";
|
|
|
|
protoname = "dgram";
|
|
|
|
break;
|
2015-06-20 08:59:50 +00:00
|
|
|
case SOCK_SEQPACKET:
|
|
|
|
varname = "net.local.seqpacket.pcblist";
|
|
|
|
protoname = "seqpac";
|
|
|
|
break;
|
2002-07-31 12:32:03 +00:00
|
|
|
default:
|
|
|
|
abort();
|
|
|
|
}
|
|
|
|
buf = NULL;
|
|
|
|
bufsize = 8192;
|
|
|
|
retry = 5;
|
|
|
|
do {
|
|
|
|
for (;;) {
|
|
|
|
if ((buf = realloc(buf, bufsize)) == NULL)
|
|
|
|
err(1, "realloc()");
|
|
|
|
len = bufsize;
|
2021-03-26 19:42:19 +00:00
|
|
|
if (cap_sysctlbyname(capsysctl, varname, buf, &len,
|
|
|
|
NULL, 0) == 0)
|
2002-07-31 12:32:03 +00:00
|
|
|
break;
|
2012-02-01 18:03:21 +00:00
|
|
|
if (errno != ENOMEM || len != bufsize)
|
2021-03-26 19:42:19 +00:00
|
|
|
err(1, "cap_sysctlbyname()");
|
2002-07-31 12:32:03 +00:00
|
|
|
bufsize *= 2;
|
|
|
|
}
|
|
|
|
xug = (struct xunpgen *)buf;
|
2002-08-02 11:57:59 +00:00
|
|
|
exug = (struct xunpgen *)(void *)
|
2015-06-20 08:59:50 +00:00
|
|
|
((char *)buf + len - sizeof(*exug));
|
2022-05-30 10:54:53 +00:00
|
|
|
if (!check_ksize(xug->xug_len, struct xunpgen) ||
|
|
|
|
!check_ksize(exug->xug_len, struct xunpgen))
|
2002-07-31 12:32:03 +00:00
|
|
|
goto out;
|
|
|
|
} while (xug->xug_gen != exug->xug_gen && retry--);
|
|
|
|
|
|
|
|
if (xug->xug_gen != exug->xug_gen && opt_v)
|
|
|
|
warnx("warning: data may be inconsistent");
|
|
|
|
|
|
|
|
for (;;) {
|
2002-08-02 11:57:59 +00:00
|
|
|
xug = (struct xunpgen *)(void *)((char *)xug + xug->xug_len);
|
2002-07-31 12:32:03 +00:00
|
|
|
if (xug >= exug)
|
|
|
|
break;
|
|
|
|
xup = (struct xunpcb *)xug;
|
2022-05-30 10:54:53 +00:00
|
|
|
if (!check_ksize(xup->xu_len, struct xunpcb))
|
2002-07-31 12:32:03 +00:00
|
|
|
goto out;
|
2018-07-05 13:13:48 +00:00
|
|
|
if ((xup->unp_conn == 0 && !opt_l) ||
|
|
|
|
(xup->unp_conn != 0 && !opt_c))
|
2002-08-01 11:02:30 +00:00
|
|
|
continue;
|
2015-06-20 08:59:50 +00:00
|
|
|
if ((sock = calloc(1, sizeof(*sock))) == NULL)
|
2002-07-31 12:32:03 +00:00
|
|
|
err(1, "malloc()");
|
2015-06-13 20:05:20 +00:00
|
|
|
if ((laddr = calloc(1, sizeof *laddr)) == NULL)
|
|
|
|
err(1, "malloc()");
|
|
|
|
if ((faddr = calloc(1, sizeof *faddr)) == NULL)
|
|
|
|
err(1, "malloc()");
|
2002-07-31 12:32:03 +00:00
|
|
|
sock->socket = xup->xu_socket.xso_so;
|
|
|
|
sock->pcb = xup->xu_unpp;
|
|
|
|
sock->proto = proto;
|
|
|
|
sock->family = AF_UNIX;
|
|
|
|
sock->protoname = protoname;
|
2017-10-02 23:29:56 +00:00
|
|
|
if (xup->xu_addr.sun_family == AF_UNIX)
|
2015-06-13 20:05:20 +00:00
|
|
|
laddr->address =
|
2002-08-02 11:57:59 +00:00
|
|
|
*(struct sockaddr_storage *)(void *)&xup->xu_addr;
|
2022-07-07 05:19:08 +00:00
|
|
|
faddr->conn = xup->unp_conn;
|
|
|
|
faddr->firstref = xup->xu_firstref;
|
|
|
|
faddr->nextref = xup->xu_nextref;
|
2015-06-13 20:05:20 +00:00
|
|
|
laddr->next = NULL;
|
|
|
|
faddr->next = NULL;
|
|
|
|
sock->laddr = laddr;
|
|
|
|
sock->faddr = faddr;
|
2022-07-07 05:19:08 +00:00
|
|
|
RB_INSERT(socks_t, &socks, sock);
|
|
|
|
RB_INSERT(pcbs_t, &pcbs, sock);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
|
|
|
out:
|
|
|
|
free(buf);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
getfiles(void)
|
|
|
|
{
|
2022-07-07 05:19:08 +00:00
|
|
|
struct xfile *xfiles;
|
2012-02-01 18:03:21 +00:00
|
|
|
size_t len, olen;
|
2002-07-31 12:32:03 +00:00
|
|
|
|
2015-06-20 08:59:50 +00:00
|
|
|
olen = len = sizeof(*xfiles);
|
2012-02-01 18:03:21 +00:00
|
|
|
if ((xfiles = malloc(len)) == NULL)
|
2002-07-31 12:32:03 +00:00
|
|
|
err(1, "malloc()");
|
2021-03-26 19:42:19 +00:00
|
|
|
while (cap_sysctlbyname(capsysctl, "kern.file", xfiles, &len, 0, 0)
|
|
|
|
== -1) {
|
2012-02-01 18:03:21 +00:00
|
|
|
if (errno != ENOMEM || len != olen)
|
2021-03-26 19:42:19 +00:00
|
|
|
err(1, "cap_sysctlbyname()");
|
2012-02-01 18:03:21 +00:00
|
|
|
olen = len *= 2;
|
2002-07-31 12:32:03 +00:00
|
|
|
if ((xfiles = realloc(xfiles, len)) == NULL)
|
|
|
|
err(1, "realloc()");
|
|
|
|
}
|
2022-05-30 10:54:53 +00:00
|
|
|
if (len > 0)
|
|
|
|
enforce_ksize(xfiles->xf_size, struct xfile);
|
2022-07-07 05:19:08 +00:00
|
|
|
nfiles = len / sizeof(*xfiles);
|
|
|
|
|
|
|
|
if ((files = malloc(nfiles * sizeof(struct file))) == NULL)
|
|
|
|
err(1, "malloc()");
|
|
|
|
|
|
|
|
for (int i = 0; i < nfiles; i++) {
|
|
|
|
files[i].xf_data = xfiles[i].xf_data;
|
|
|
|
files[i].xf_pid = xfiles[i].xf_pid;
|
|
|
|
files[i].xf_uid = xfiles[i].xf_uid;
|
|
|
|
files[i].xf_fd = xfiles[i].xf_fd;
|
|
|
|
RB_INSERT(files_t, &ftree, &files[i]);
|
|
|
|
}
|
|
|
|
|
|
|
|
free(xfiles);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2015-06-13 19:56:04 +00:00
|
|
|
printaddr(struct sockaddr_storage *ss)
|
2002-07-31 12:32:03 +00:00
|
|
|
{
|
|
|
|
struct sockaddr_un *sun;
|
2015-06-20 08:59:50 +00:00
|
|
|
char addrstr[NI_MAXHOST] = { '\0', '\0' };
|
|
|
|
int error, off, port = 0;
|
2002-07-31 12:32:03 +00:00
|
|
|
|
2015-06-13 19:56:04 +00:00
|
|
|
switch (ss->ss_family) {
|
2002-07-31 12:32:03 +00:00
|
|
|
case AF_INET:
|
2021-10-27 03:12:24 +00:00
|
|
|
if (sstosin(ss)->sin_addr.s_addr == INADDR_ANY)
|
2002-07-31 12:32:03 +00:00
|
|
|
addrstr[0] = '*';
|
2015-06-20 08:59:50 +00:00
|
|
|
port = ntohs(sstosin(ss)->sin_port);
|
2002-07-31 12:32:03 +00:00
|
|
|
break;
|
|
|
|
case AF_INET6:
|
2015-06-20 08:59:50 +00:00
|
|
|
if (IN6_IS_ADDR_UNSPECIFIED(&sstosin6(ss)->sin6_addr))
|
2002-07-31 12:32:03 +00:00
|
|
|
addrstr[0] = '*';
|
2015-06-20 08:59:50 +00:00
|
|
|
port = ntohs(sstosin6(ss)->sin6_port);
|
2002-07-31 12:32:03 +00:00
|
|
|
break;
|
|
|
|
case AF_UNIX:
|
2015-06-20 08:59:50 +00:00
|
|
|
sun = sstosun(ss);
|
2002-07-31 12:32:03 +00:00
|
|
|
off = (int)((char *)&sun->sun_path - (char *)sun);
|
|
|
|
return (xprintf("%.*s", sun->sun_len - off, sun->sun_path));
|
|
|
|
}
|
2015-06-20 08:59:50 +00:00
|
|
|
if (addrstr[0] == '\0') {
|
2021-03-26 19:42:19 +00:00
|
|
|
error = cap_getnameinfo(capnet, sstosa(ss), ss->ss_len,
|
|
|
|
addrstr, sizeof(addrstr), NULL, 0, NI_NUMERICHOST);
|
2015-06-20 08:59:50 +00:00
|
|
|
if (error)
|
2021-03-26 19:42:19 +00:00
|
|
|
errx(1, "cap_getnameinfo()");
|
2015-06-20 08:59:50 +00:00
|
|
|
}
|
2002-07-31 12:32:03 +00:00
|
|
|
if (port == 0)
|
|
|
|
return xprintf("%s:*", addrstr);
|
|
|
|
else
|
|
|
|
return xprintf("%s:%d", addrstr, port);
|
|
|
|
}
|
|
|
|
|
|
|
|
static const char *
|
|
|
|
getprocname(pid_t pid)
|
|
|
|
{
|
|
|
|
static struct kinfo_proc proc;
|
|
|
|
size_t len;
|
|
|
|
int mib[4];
|
|
|
|
|
|
|
|
mib[0] = CTL_KERN;
|
|
|
|
mib[1] = KERN_PROC;
|
|
|
|
mib[2] = KERN_PROC_PID;
|
|
|
|
mib[3] = (int)pid;
|
2015-06-20 08:59:50 +00:00
|
|
|
len = sizeof(proc);
|
2021-03-26 19:42:19 +00:00
|
|
|
if (cap_sysctl(capsysctl, mib, nitems(mib), &proc, &len, NULL, 0)
|
|
|
|
== -1) {
|
2007-06-16 20:24:55 +00:00
|
|
|
/* Do not warn if the process exits before we get its name. */
|
|
|
|
if (errno != ESRCH)
|
2021-03-26 19:42:19 +00:00
|
|
|
warn("cap_sysctl()");
|
2002-07-31 12:32:03 +00:00
|
|
|
return ("??");
|
|
|
|
}
|
2007-03-22 17:47:58 +00:00
|
|
|
return (proc.ki_comm);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
|
|
|
|
2012-05-24 01:31:10 +00:00
|
|
|
static int
|
|
|
|
getprocjid(pid_t pid)
|
|
|
|
{
|
|
|
|
static struct kinfo_proc proc;
|
|
|
|
size_t len;
|
|
|
|
int mib[4];
|
|
|
|
|
|
|
|
mib[0] = CTL_KERN;
|
|
|
|
mib[1] = KERN_PROC;
|
|
|
|
mib[2] = KERN_PROC_PID;
|
|
|
|
mib[3] = (int)pid;
|
2015-06-20 08:59:50 +00:00
|
|
|
len = sizeof(proc);
|
2021-03-26 19:42:19 +00:00
|
|
|
if (cap_sysctl(capsysctl, mib, nitems(mib), &proc, &len, NULL, 0)
|
|
|
|
== -1) {
|
2012-05-24 01:31:10 +00:00
|
|
|
/* Do not warn if the process exits before we get its jid. */
|
|
|
|
if (errno != ESRCH)
|
2021-03-26 19:42:19 +00:00
|
|
|
warn("cap_sysctl()");
|
2012-05-24 01:31:10 +00:00
|
|
|
return (-1);
|
|
|
|
}
|
|
|
|
return (proc.ki_jid);
|
|
|
|
}
|
|
|
|
|
2003-06-07 14:36:49 +00:00
|
|
|
static int
|
|
|
|
check_ports(struct sock *s)
|
|
|
|
{
|
|
|
|
int port;
|
2015-06-13 20:05:20 +00:00
|
|
|
struct addr *addr;
|
2003-06-07 14:36:49 +00:00
|
|
|
|
|
|
|
if (ports == NULL)
|
|
|
|
return (1);
|
|
|
|
if ((s->family != AF_INET) && (s->family != AF_INET6))
|
|
|
|
return (1);
|
2015-06-13 20:05:20 +00:00
|
|
|
for (addr = s->laddr; addr != NULL; addr = addr->next) {
|
2015-06-20 08:59:50 +00:00
|
|
|
if (s->family == AF_INET)
|
|
|
|
port = ntohs(sstosin(&addr->address)->sin_port);
|
2015-06-13 20:05:20 +00:00
|
|
|
else
|
2015-06-20 08:59:50 +00:00
|
|
|
port = ntohs(sstosin6(&addr->address)->sin6_port);
|
2015-06-13 20:05:20 +00:00
|
|
|
if (CHK_PORT(port))
|
|
|
|
return (1);
|
|
|
|
}
|
|
|
|
for (addr = s->faddr; addr != NULL; addr = addr->next) {
|
2015-06-20 08:59:50 +00:00
|
|
|
if (s->family == AF_INET)
|
|
|
|
port = ntohs(sstosin(&addr->address)->sin_port);
|
2015-06-13 20:05:20 +00:00
|
|
|
else
|
2015-06-20 08:59:50 +00:00
|
|
|
port = ntohs(sstosin6(&addr->address)->sin6_port);
|
2015-06-13 20:05:20 +00:00
|
|
|
if (CHK_PORT(port))
|
|
|
|
return (1);
|
|
|
|
}
|
2003-06-07 14:36:49 +00:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
2015-08-26 23:45:06 +00:00
|
|
|
static const char *
|
2017-09-12 21:36:13 +00:00
|
|
|
sctp_conn_state(int state)
|
2015-08-26 23:45:06 +00:00
|
|
|
{
|
|
|
|
switch (state) {
|
|
|
|
case SCTP_CLOSED:
|
|
|
|
return "CLOSED";
|
|
|
|
break;
|
|
|
|
case SCTP_BOUND:
|
|
|
|
return "BOUND";
|
|
|
|
break;
|
|
|
|
case SCTP_LISTEN:
|
|
|
|
return "LISTEN";
|
|
|
|
break;
|
|
|
|
case SCTP_COOKIE_WAIT:
|
|
|
|
return "COOKIE_WAIT";
|
|
|
|
break;
|
|
|
|
case SCTP_COOKIE_ECHOED:
|
|
|
|
return "COOKIE_ECHOED";
|
|
|
|
break;
|
|
|
|
case SCTP_ESTABLISHED:
|
|
|
|
return "ESTABLISHED";
|
|
|
|
break;
|
|
|
|
case SCTP_SHUTDOWN_SENT:
|
|
|
|
return "SHUTDOWN_SENT";
|
|
|
|
break;
|
|
|
|
case SCTP_SHUTDOWN_RECEIVED:
|
|
|
|
return "SHUTDOWN_RECEIVED";
|
|
|
|
break;
|
|
|
|
case SCTP_SHUTDOWN_ACK_SENT:
|
|
|
|
return "SHUTDOWN_ACK_SENT";
|
|
|
|
break;
|
|
|
|
case SCTP_SHUTDOWN_PENDING:
|
|
|
|
return "SHUTDOWN_PENDING";
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
return "UNKNOWN";
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-09-12 21:36:13 +00:00
|
|
|
static const char *
|
|
|
|
sctp_path_state(int state)
|
|
|
|
{
|
|
|
|
switch (state) {
|
|
|
|
case SCTP_UNCONFIRMED:
|
|
|
|
return "UNCONFIRMED";
|
|
|
|
break;
|
|
|
|
case SCTP_ACTIVE:
|
|
|
|
return "ACTIVE";
|
|
|
|
break;
|
|
|
|
case SCTP_INACTIVE:
|
|
|
|
return "INACTIVE";
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
return "UNKNOWN";
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-01-24 21:33:34 +00:00
|
|
|
static void
|
|
|
|
displaysock(struct sock *s, int pos)
|
|
|
|
{
|
2022-07-07 05:19:08 +00:00
|
|
|
int first, offset;
|
2015-06-13 20:05:20 +00:00
|
|
|
struct addr *laddr, *faddr;
|
2012-01-24 21:33:34 +00:00
|
|
|
|
2022-07-07 05:19:08 +00:00
|
|
|
while (pos < 30)
|
2012-01-24 21:33:34 +00:00
|
|
|
pos += xprintf(" ");
|
|
|
|
pos += xprintf("%s", s->protoname);
|
|
|
|
if (s->vflag & INP_IPV4)
|
2016-06-25 12:46:18 +00:00
|
|
|
pos += xprintf("4");
|
2012-01-24 21:33:34 +00:00
|
|
|
if (s->vflag & INP_IPV6)
|
2016-06-25 12:46:18 +00:00
|
|
|
pos += xprintf("6");
|
|
|
|
if (s->vflag & (INP_IPV4 | INP_IPV6))
|
|
|
|
pos += xprintf(" ");
|
2015-06-13 20:05:20 +00:00
|
|
|
laddr = s->laddr;
|
|
|
|
faddr = s->faddr;
|
2015-08-26 22:50:53 +00:00
|
|
|
first = 1;
|
2015-06-13 20:05:20 +00:00
|
|
|
while (laddr != NULL || faddr != NULL) {
|
2022-07-07 05:19:08 +00:00
|
|
|
offset = 37;
|
2017-09-13 06:57:52 +00:00
|
|
|
while (pos < offset)
|
2012-01-24 21:33:34 +00:00
|
|
|
pos += xprintf(" ");
|
2015-06-13 20:05:20 +00:00
|
|
|
switch (s->family) {
|
|
|
|
case AF_INET:
|
|
|
|
case AF_INET6:
|
|
|
|
if (laddr != NULL) {
|
|
|
|
pos += printaddr(&laddr->address);
|
|
|
|
if (s->family == AF_INET6 && pos >= 58)
|
|
|
|
pos += xprintf(" ");
|
|
|
|
}
|
2017-09-13 06:57:52 +00:00
|
|
|
offset += opt_w ? 46 : 22;
|
|
|
|
while (pos < offset)
|
2015-06-13 20:05:20 +00:00
|
|
|
pos += xprintf(" ");
|
|
|
|
if (faddr != NULL)
|
|
|
|
pos += printaddr(&faddr->address);
|
2017-09-13 06:57:52 +00:00
|
|
|
offset += opt_w ? 46 : 22;
|
2012-01-24 21:33:34 +00:00
|
|
|
break;
|
2015-06-13 20:05:20 +00:00
|
|
|
case AF_UNIX:
|
|
|
|
if ((laddr == NULL) || (faddr == NULL))
|
|
|
|
errx(1, "laddr = %p or faddr = %p is NULL",
|
2017-02-21 12:37:59 +00:00
|
|
|
(void *)laddr, (void *)faddr);
|
2022-07-07 05:19:08 +00:00
|
|
|
if (laddr->address.ss_len == 0 && faddr->conn == 0) {
|
2015-06-13 20:05:20 +00:00
|
|
|
pos += xprintf("(not connected)");
|
2017-09-13 06:57:52 +00:00
|
|
|
offset += opt_w ? 92 : 44;
|
2015-06-13 20:05:20 +00:00
|
|
|
break;
|
|
|
|
}
|
2022-07-07 05:19:08 +00:00
|
|
|
/* Local bind(2) address, if any. */
|
|
|
|
if (laddr->address.ss_len > 0)
|
|
|
|
pos += printaddr(&laddr->address);
|
|
|
|
/* Remote peer we connect(2) to, if any. */
|
|
|
|
if (faddr->conn != 0) {
|
|
|
|
struct sock *p;
|
|
|
|
|
|
|
|
pos += xprintf("%s-> ",
|
|
|
|
laddr->address.ss_len > 0 ? " " : "");
|
|
|
|
p = RB_FIND(pcbs_t, &pcbs,
|
|
|
|
&(struct sock){ .pcb = faddr->conn });
|
|
|
|
if (__predict_false(p == NULL)) {
|
|
|
|
/* XXGL: can this happen at all? */
|
|
|
|
pos += xprintf("??");
|
|
|
|
} else if (p->laddr->address.ss_len == 0) {
|
|
|
|
struct file *f;
|
|
|
|
|
|
|
|
f = RB_FIND(files_t, &ftree,
|
|
|
|
&(struct file){ .xf_data =
|
|
|
|
p->socket });
|
|
|
|
pos += xprintf("[%lu %d]",
|
|
|
|
(u_long)f->xf_pid, f->xf_fd);
|
|
|
|
} else
|
|
|
|
pos += printaddr(&p->laddr->address);
|
|
|
|
}
|
|
|
|
/* Remote peer(s) connect(2)ed to us, if any. */
|
|
|
|
if (faddr->firstref != 0) {
|
|
|
|
struct sock *p;
|
|
|
|
struct file *f;
|
|
|
|
kvaddr_t ref = faddr->firstref;
|
|
|
|
bool fref = true;
|
|
|
|
|
|
|
|
pos += xprintf(" <- ");
|
|
|
|
|
|
|
|
while ((p = RB_FIND(pcbs_t, &pcbs,
|
|
|
|
&(struct sock){ .pcb = ref })) != 0) {
|
|
|
|
f = RB_FIND(files_t, &ftree,
|
|
|
|
&(struct file){ .xf_data =
|
|
|
|
p->socket });
|
|
|
|
pos += xprintf("%s[%lu %d]",
|
|
|
|
fref ? "" : ",",
|
|
|
|
(u_long)f->xf_pid, f->xf_fd);
|
|
|
|
ref = p->faddr->nextref;
|
|
|
|
fref = false;
|
|
|
|
}
|
|
|
|
}
|
2017-09-13 06:57:52 +00:00
|
|
|
offset += opt_w ? 92 : 44;
|
2012-01-24 21:33:34 +00:00
|
|
|
break;
|
2015-06-13 20:05:20 +00:00
|
|
|
default:
|
|
|
|
abort();
|
2012-01-24 21:33:34 +00:00
|
|
|
}
|
2022-02-01 14:37:03 +00:00
|
|
|
if (opt_i) {
|
|
|
|
if (s->proto == IPPROTO_TCP ||
|
|
|
|
s->proto == IPPROTO_UDP) {
|
|
|
|
while (pos < offset)
|
|
|
|
pos += xprintf(" ");
|
|
|
|
pos += xprintf("%" PRIu64, s->inp_gencnt);
|
|
|
|
}
|
|
|
|
offset += 9;
|
|
|
|
}
|
2017-09-12 21:07:48 +00:00
|
|
|
if (opt_U) {
|
|
|
|
if (faddr != NULL &&
|
2021-04-18 14:08:08 +00:00
|
|
|
((s->proto == IPPROTO_SCTP &&
|
|
|
|
s->state != SCTP_CLOSED &&
|
|
|
|
s->state != SCTP_BOUND &&
|
|
|
|
s->state != SCTP_LISTEN) ||
|
|
|
|
(s->proto == IPPROTO_TCP &&
|
|
|
|
s->state != TCPS_CLOSED &&
|
|
|
|
s->state != TCPS_LISTEN))) {
|
2017-09-12 21:07:48 +00:00
|
|
|
while (pos < offset)
|
2017-09-12 13:34:43 +00:00
|
|
|
pos += xprintf(" ");
|
2017-09-12 21:07:48 +00:00
|
|
|
pos += xprintf("%u",
|
|
|
|
ntohs(faddr->encaps_port));
|
|
|
|
}
|
|
|
|
offset += 7;
|
|
|
|
}
|
2017-09-12 21:36:13 +00:00
|
|
|
if (opt_s) {
|
|
|
|
if (faddr != NULL &&
|
|
|
|
s->proto == IPPROTO_SCTP &&
|
|
|
|
s->state != SCTP_CLOSED &&
|
|
|
|
s->state != SCTP_BOUND &&
|
|
|
|
s->state != SCTP_LISTEN) {
|
|
|
|
while (pos < offset)
|
|
|
|
pos += xprintf(" ");
|
|
|
|
pos += xprintf("%s",
|
|
|
|
sctp_path_state(faddr->state));
|
|
|
|
}
|
|
|
|
offset += 13;
|
|
|
|
}
|
2017-09-12 21:07:48 +00:00
|
|
|
if (first) {
|
|
|
|
if (opt_s) {
|
|
|
|
if (s->proto == IPPROTO_SCTP ||
|
|
|
|
s->proto == IPPROTO_TCP) {
|
|
|
|
while (pos < offset)
|
|
|
|
pos += xprintf(" ");
|
|
|
|
switch (s->proto) {
|
|
|
|
case IPPROTO_SCTP:
|
|
|
|
pos += xprintf("%s",
|
2017-09-12 21:36:13 +00:00
|
|
|
sctp_conn_state(s->state));
|
2017-09-12 21:07:48 +00:00
|
|
|
break;
|
|
|
|
case IPPROTO_TCP:
|
|
|
|
if (s->state >= 0 &&
|
|
|
|
s->state < TCP_NSTATES)
|
|
|
|
pos += xprintf("%s",
|
|
|
|
tcpstates[s->state]);
|
|
|
|
else
|
|
|
|
pos += xprintf("?");
|
|
|
|
break;
|
|
|
|
}
|
2017-09-12 13:34:43 +00:00
|
|
|
}
|
2017-09-12 21:07:48 +00:00
|
|
|
offset += 13;
|
2017-09-12 13:34:43 +00:00
|
|
|
}
|
2020-09-13 09:12:25 +00:00
|
|
|
if (opt_S) {
|
|
|
|
if (s->proto == IPPROTO_TCP) {
|
|
|
|
while (pos < offset)
|
|
|
|
pos += xprintf(" ");
|
|
|
|
pos += xprintf("%.*s",
|
|
|
|
TCP_FUNCTION_NAME_LEN_MAX,
|
|
|
|
s->stack);
|
|
|
|
}
|
|
|
|
offset += TCP_FUNCTION_NAME_LEN_MAX + 1;
|
|
|
|
}
|
|
|
|
if (opt_C) {
|
|
|
|
if (s->proto == IPPROTO_TCP) {
|
|
|
|
while (pos < offset)
|
|
|
|
pos += xprintf(" ");
|
|
|
|
xprintf("%.*s", TCP_CA_NAME_MAX, s->cc);
|
|
|
|
}
|
|
|
|
offset += TCP_CA_NAME_MAX + 1;
|
2015-08-26 23:45:06 +00:00
|
|
|
}
|
2015-08-26 22:50:53 +00:00
|
|
|
}
|
2015-06-13 20:05:20 +00:00
|
|
|
if (laddr != NULL)
|
|
|
|
laddr = laddr->next;
|
|
|
|
if (faddr != NULL)
|
|
|
|
faddr = faddr->next;
|
|
|
|
if ((laddr != NULL) || (faddr != NULL)) {
|
|
|
|
xprintf("\n");
|
|
|
|
pos = 0;
|
2012-01-24 21:33:34 +00:00
|
|
|
}
|
2015-08-26 22:50:53 +00:00
|
|
|
first = 0;
|
2012-01-24 21:33:34 +00:00
|
|
|
}
|
2015-08-26 22:50:53 +00:00
|
|
|
xprintf("\n");
|
2012-01-24 21:33:34 +00:00
|
|
|
}
|
|
|
|
|
2002-07-31 12:32:03 +00:00
|
|
|
static void
|
|
|
|
display(void)
|
|
|
|
{
|
|
|
|
struct passwd *pwd;
|
2022-07-07 05:19:08 +00:00
|
|
|
struct file *xf;
|
2002-07-31 12:32:03 +00:00
|
|
|
struct sock *s;
|
2022-07-07 05:19:08 +00:00
|
|
|
int n, pos;
|
2002-07-31 12:32:03 +00:00
|
|
|
|
2018-01-23 13:03:47 +00:00
|
|
|
if (opt_q != 1) {
|
2022-07-07 05:19:08 +00:00
|
|
|
printf("%-8s %-10s %-5s %-3s %-6s %-*s %-*s",
|
2018-01-23 13:03:47 +00:00
|
|
|
"USER", "COMMAND", "PID", "FD", "PROTO",
|
|
|
|
opt_w ? 45 : 21, "LOCAL ADDRESS",
|
|
|
|
opt_w ? 45 : 21, "FOREIGN ADDRESS");
|
2022-02-01 14:37:03 +00:00
|
|
|
if (opt_i)
|
|
|
|
printf(" %-8s", "ID");
|
2018-01-23 13:03:47 +00:00
|
|
|
if (opt_U)
|
|
|
|
printf(" %-6s", "ENCAPS");
|
|
|
|
if (opt_s) {
|
|
|
|
printf(" %-12s", "PATH STATE");
|
|
|
|
printf(" %-12s", "CONN STATE");
|
|
|
|
}
|
|
|
|
if (opt_S)
|
2020-09-13 09:12:25 +00:00
|
|
|
printf(" %-*.*s", TCP_FUNCTION_NAME_LEN_MAX,
|
|
|
|
TCP_FUNCTION_NAME_LEN_MAX, "STACK");
|
|
|
|
if (opt_C)
|
|
|
|
printf(" %-.*s", TCP_CA_NAME_MAX, "CC");
|
2018-01-23 13:03:47 +00:00
|
|
|
printf("\n");
|
2017-09-12 21:36:13 +00:00
|
|
|
}
|
2021-06-18 16:06:03 +00:00
|
|
|
cap_setpassent(cappwd, 1);
|
2022-07-07 05:19:08 +00:00
|
|
|
for (xf = files, n = 0; n < nfiles; ++n, ++xf) {
|
2018-07-05 13:13:48 +00:00
|
|
|
if (xf->xf_data == 0)
|
2004-08-25 16:36:17 +00:00
|
|
|
continue;
|
2012-05-24 01:31:10 +00:00
|
|
|
if (opt_j >= 0 && opt_j != getprocjid(xf->xf_pid))
|
|
|
|
continue;
|
2022-07-07 05:19:08 +00:00
|
|
|
s = RB_FIND(socks_t, &socks,
|
|
|
|
&(struct sock){ .socket = xf->xf_data});
|
|
|
|
if (s != NULL && check_ports(s)) {
|
2015-06-13 20:01:54 +00:00
|
|
|
s->shown = 1;
|
|
|
|
pos = 0;
|
2021-06-18 16:06:03 +00:00
|
|
|
if (opt_n ||
|
|
|
|
(pwd = cap_getpwuid(cappwd, xf->xf_uid)) == NULL)
|
2015-06-13 20:01:54 +00:00
|
|
|
pos += xprintf("%lu ", (u_long)xf->xf_uid);
|
|
|
|
else
|
|
|
|
pos += xprintf("%s ", pwd->pw_name);
|
|
|
|
while (pos < 9)
|
|
|
|
pos += xprintf(" ");
|
|
|
|
pos += xprintf("%.10s", getprocname(xf->xf_pid));
|
|
|
|
while (pos < 20)
|
|
|
|
pos += xprintf(" ");
|
2022-07-07 05:19:08 +00:00
|
|
|
pos += xprintf("%5lu ", (u_long)xf->xf_pid);
|
2015-06-13 20:01:54 +00:00
|
|
|
while (pos < 26)
|
|
|
|
pos += xprintf(" ");
|
2022-07-07 05:19:08 +00:00
|
|
|
pos += xprintf("%-3d ", xf->xf_fd);
|
2015-06-13 20:01:54 +00:00
|
|
|
displaysock(s, pos);
|
|
|
|
}
|
2012-01-24 21:33:34 +00:00
|
|
|
}
|
2012-05-24 01:31:10 +00:00
|
|
|
if (opt_j >= 0)
|
|
|
|
return;
|
2022-07-07 05:19:08 +00:00
|
|
|
SLIST_FOREACH(s, &nosocks, socket_list) {
|
|
|
|
if (!check_ports(s))
|
|
|
|
continue;
|
|
|
|
pos = xprintf("%-8s %-10s %-5s %-2s ",
|
|
|
|
"?", "?", "?", "?");
|
|
|
|
displaysock(s, pos);
|
|
|
|
}
|
|
|
|
RB_FOREACH(s, socks_t, &socks) {
|
|
|
|
if (s->shown)
|
|
|
|
continue;
|
|
|
|
if (!check_ports(s))
|
|
|
|
continue;
|
|
|
|
pos = xprintf("%-8s %-10s %-5s %-2s ",
|
|
|
|
"?", "?", "?", "?");
|
|
|
|
displaysock(s, pos);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-04-26 20:55:11 +00:00
|
|
|
static int
|
|
|
|
set_default_protos(void)
|
2006-11-11 22:11:54 +00:00
|
|
|
{
|
|
|
|
struct protoent *prot;
|
|
|
|
const char *pname;
|
|
|
|
size_t pindex;
|
|
|
|
|
|
|
|
init_protos(default_numprotos);
|
|
|
|
|
|
|
|
for (pindex = 0; pindex < default_numprotos; pindex++) {
|
|
|
|
pname = default_protos[pindex];
|
2021-03-26 19:42:19 +00:00
|
|
|
prot = cap_getprotobyname(capnetdb, pname);
|
2006-11-11 22:11:54 +00:00
|
|
|
if (prot == NULL)
|
2021-03-26 19:42:19 +00:00
|
|
|
err(1, "cap_getprotobyname: %s", pname);
|
2006-11-11 22:11:54 +00:00
|
|
|
protos[pindex] = prot->p_proto;
|
|
|
|
}
|
|
|
|
numprotos = pindex;
|
|
|
|
return (pindex);
|
|
|
|
}
|
|
|
|
|
2020-04-26 20:55:11 +00:00
|
|
|
/*
|
|
|
|
* Return the vnet property of the jail, or -1 on error.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
jail_getvnet(int jid)
|
|
|
|
{
|
|
|
|
struct iovec jiov[6];
|
|
|
|
int vnet;
|
2021-10-19 16:47:54 +00:00
|
|
|
size_t len = sizeof(vnet);
|
|
|
|
|
|
|
|
if (sysctlbyname("kern.features.vimage", &vnet, &len, NULL, 0) != 0)
|
|
|
|
return (0);
|
2020-04-26 20:55:11 +00:00
|
|
|
|
|
|
|
vnet = -1;
|
|
|
|
jiov[0].iov_base = __DECONST(char *, "jid");
|
|
|
|
jiov[0].iov_len = sizeof("jid");
|
|
|
|
jiov[1].iov_base = &jid;
|
|
|
|
jiov[1].iov_len = sizeof(jid);
|
|
|
|
jiov[2].iov_base = __DECONST(char *, "vnet");
|
|
|
|
jiov[2].iov_len = sizeof("vnet");
|
|
|
|
jiov[3].iov_base = &vnet;
|
|
|
|
jiov[3].iov_len = sizeof(vnet);
|
|
|
|
jiov[4].iov_base = __DECONST(char *, "errmsg");
|
|
|
|
jiov[4].iov_len = sizeof("errmsg");
|
|
|
|
jiov[5].iov_base = jail_errmsg;
|
|
|
|
jiov[5].iov_len = JAIL_ERRMSGLEN;
|
|
|
|
jail_errmsg[0] = '\0';
|
|
|
|
if (jail_get(jiov, nitems(jiov), 0) < 0) {
|
|
|
|
if (!jail_errmsg[0])
|
|
|
|
snprintf(jail_errmsg, JAIL_ERRMSGLEN,
|
|
|
|
"jail_get: %s", strerror(errno));
|
|
|
|
return (-1);
|
|
|
|
}
|
|
|
|
return (vnet);
|
|
|
|
}
|
|
|
|
|
2002-07-31 12:32:03 +00:00
|
|
|
static void
|
|
|
|
usage(void)
|
|
|
|
{
|
2006-11-11 22:11:54 +00:00
|
|
|
fprintf(stderr,
|
2022-02-01 14:44:57 +00:00
|
|
|
"usage: sockstat [-46CciLlnqSsUuvw] [-j jid] [-p ports] [-P protocols]\n");
|
2002-07-31 12:32:03 +00:00
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
main(int argc, char *argv[])
|
|
|
|
{
|
2021-03-26 19:42:19 +00:00
|
|
|
cap_channel_t *capcas;
|
|
|
|
cap_net_limit_t *limit;
|
2021-06-18 16:06:03 +00:00
|
|
|
const char *pwdcmds[] = { "setpassent", "getpwuid" };
|
|
|
|
const char *pwdfields[] = { "pw_name" };
|
2006-11-11 22:11:54 +00:00
|
|
|
int protos_defined = -1;
|
|
|
|
int o, i;
|
2002-07-31 12:32:03 +00:00
|
|
|
|
2012-05-24 01:31:10 +00:00
|
|
|
opt_j = -1;
|
2022-02-01 14:37:03 +00:00
|
|
|
while ((o = getopt(argc, argv, "46Ccij:Llnp:P:qSsUuvw")) != -1)
|
2002-07-31 12:32:03 +00:00
|
|
|
switch (o) {
|
|
|
|
case '4':
|
|
|
|
opt_4 = 1;
|
|
|
|
break;
|
|
|
|
case '6':
|
|
|
|
opt_6 = 1;
|
|
|
|
break;
|
2020-09-13 09:12:25 +00:00
|
|
|
case 'C':
|
|
|
|
opt_C = 1;
|
|
|
|
break;
|
2002-07-31 12:32:03 +00:00
|
|
|
case 'c':
|
|
|
|
opt_c = 1;
|
|
|
|
break;
|
2022-02-01 14:37:03 +00:00
|
|
|
case 'i':
|
|
|
|
opt_i = 1;
|
|
|
|
break;
|
2012-05-24 01:31:10 +00:00
|
|
|
case 'j':
|
2018-07-03 23:47:20 +00:00
|
|
|
opt_j = jail_getid(optarg);
|
|
|
|
if (opt_j < 0)
|
2021-10-19 16:46:41 +00:00
|
|
|
errx(1, "jail_getid: %s", jail_errmsg);
|
2012-05-24 01:31:10 +00:00
|
|
|
break;
|
2008-05-19 11:32:44 +00:00
|
|
|
case 'L':
|
|
|
|
opt_L = 1;
|
|
|
|
break;
|
2002-07-31 12:32:03 +00:00
|
|
|
case 'l':
|
|
|
|
opt_l = 1;
|
|
|
|
break;
|
2020-12-30 18:40:37 +00:00
|
|
|
case 'n':
|
|
|
|
opt_n = 1;
|
|
|
|
break;
|
2002-07-31 12:32:03 +00:00
|
|
|
case 'p':
|
|
|
|
parse_ports(optarg);
|
|
|
|
break;
|
2006-11-11 22:11:54 +00:00
|
|
|
case 'P':
|
|
|
|
protos_defined = parse_protos(optarg);
|
|
|
|
break;
|
2018-01-23 13:03:47 +00:00
|
|
|
case 'q':
|
|
|
|
opt_q = 1;
|
2018-01-23 14:33:19 +00:00
|
|
|
break;
|
2017-09-12 13:34:43 +00:00
|
|
|
case 'S':
|
|
|
|
opt_S = 1;
|
|
|
|
break;
|
2015-07-16 13:09:21 +00:00
|
|
|
case 's':
|
|
|
|
opt_s = 1;
|
|
|
|
break;
|
2017-09-12 21:07:48 +00:00
|
|
|
case 'U':
|
|
|
|
opt_U = 1;
|
|
|
|
break;
|
2002-07-31 12:32:03 +00:00
|
|
|
case 'u':
|
|
|
|
opt_u = 1;
|
|
|
|
break;
|
|
|
|
case 'v':
|
|
|
|
++opt_v;
|
|
|
|
break;
|
2017-09-13 06:57:52 +00:00
|
|
|
case 'w':
|
|
|
|
opt_w = 1;
|
|
|
|
break;
|
2002-07-31 12:32:03 +00:00
|
|
|
default:
|
|
|
|
usage();
|
|
|
|
}
|
|
|
|
|
|
|
|
argc -= optind;
|
|
|
|
argv += optind;
|
|
|
|
|
|
|
|
if (argc > 0)
|
|
|
|
usage();
|
|
|
|
|
2020-04-26 20:55:11 +00:00
|
|
|
if (opt_j > 0) {
|
|
|
|
switch (jail_getvnet(opt_j)) {
|
|
|
|
case -1:
|
2021-10-19 16:46:41 +00:00
|
|
|
errx(2, "jail_getvnet: %s", jail_errmsg);
|
2020-04-26 20:55:11 +00:00
|
|
|
case JAIL_SYS_NEW:
|
|
|
|
if (jail_attach(opt_j) < 0)
|
2020-10-24 22:36:20 +00:00
|
|
|
err(3, "jail_attach()");
|
2020-04-26 20:55:11 +00:00
|
|
|
/* Set back to -1 for normal output in vnet jail. */
|
|
|
|
opt_j = -1;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-03-26 19:42:19 +00:00
|
|
|
capcas = cap_init();
|
|
|
|
if (capcas == NULL)
|
|
|
|
err(1, "Unable to contact Casper");
|
|
|
|
if (caph_enter_casper() < 0)
|
|
|
|
err(1, "Unable to enter capability mode");
|
|
|
|
capnet = cap_service_open(capcas, "system.net");
|
|
|
|
if (capnet == NULL)
|
|
|
|
err(1, "Unable to open system.net service");
|
|
|
|
capnetdb = cap_service_open(capcas, "system.netdb");
|
|
|
|
if (capnetdb == NULL)
|
|
|
|
err(1, "Unable to open system.netdb service");
|
|
|
|
capsysctl = cap_service_open(capcas, "system.sysctl");
|
|
|
|
if (capsysctl == NULL)
|
|
|
|
err(1, "Unable to open system.sysctl service");
|
2021-06-18 16:06:03 +00:00
|
|
|
cappwd = cap_service_open(capcas, "system.pwd");
|
|
|
|
if (cappwd == NULL)
|
|
|
|
err(1, "Unable to open system.pwd service");
|
2021-03-26 19:42:19 +00:00
|
|
|
cap_close(capcas);
|
|
|
|
limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
|
|
|
|
if (limit == NULL)
|
|
|
|
err(1, "Unable to init cap_net limits");
|
|
|
|
if (cap_net_limit(limit) < 0)
|
|
|
|
err(1, "Unable to apply limits");
|
2021-06-18 16:06:03 +00:00
|
|
|
if (cap_pwd_limit_cmds(cappwd, pwdcmds, nitems(pwdcmds)) < 0)
|
|
|
|
err(1, "Unable to apply pwd commands limits");
|
|
|
|
if (cap_pwd_limit_fields(cappwd, pwdfields, nitems(pwdfields)) < 0)
|
|
|
|
err(1, "Unable to apply pwd commands limits");
|
2021-03-26 19:42:19 +00:00
|
|
|
|
2006-11-12 19:03:39 +00:00
|
|
|
if ((!opt_4 && !opt_6) && protos_defined != -1)
|
2006-11-11 22:11:54 +00:00
|
|
|
opt_4 = opt_6 = 1;
|
2006-11-12 19:03:39 +00:00
|
|
|
if (!opt_4 && !opt_6 && !opt_u)
|
|
|
|
opt_4 = opt_6 = opt_u = 1;
|
|
|
|
if ((opt_4 || opt_6) && protos_defined == -1)
|
|
|
|
protos_defined = set_default_protos();
|
2002-07-31 12:32:03 +00:00
|
|
|
if (!opt_c && !opt_l)
|
|
|
|
opt_c = opt_l = 1;
|
|
|
|
|
|
|
|
if (opt_4 || opt_6) {
|
2006-11-11 22:11:54 +00:00
|
|
|
for (i = 0; i < protos_defined; i++)
|
2015-06-13 20:11:02 +00:00
|
|
|
if (protos[i] == IPPROTO_SCTP)
|
|
|
|
gather_sctp();
|
|
|
|
else
|
|
|
|
gather_inet(protos[i]);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
2006-11-11 22:11:54 +00:00
|
|
|
|
|
|
|
if (opt_u || (protos_defined == -1 && !opt_4 && !opt_6)) {
|
2002-07-31 12:32:03 +00:00
|
|
|
gather_unix(SOCK_STREAM);
|
|
|
|
gather_unix(SOCK_DGRAM);
|
2015-06-20 08:59:50 +00:00
|
|
|
gather_unix(SOCK_SEQPACKET);
|
2002-07-31 12:32:03 +00:00
|
|
|
}
|
|
|
|
getfiles();
|
|
|
|
display();
|
|
|
|
exit(0);
|
|
|
|
}
|